-
Notifications
You must be signed in to change notification settings - Fork 84
/
config.go
140 lines (118 loc) · 5.65 KB
/
config.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
package config
import (
"strings"
"time"
"github.com/kyma-incubator/compass/components/director/pkg/credloader"
"github.com/kyma-incubator/compass/components/director/pkg/persistence"
"github.com/pkg/errors"
"github.com/tidwall/gjson"
pkgconfig "github.com/kyma-incubator/compass/components/director/pkg/config"
"github.com/kyma-incubator/compass/components/director/pkg/log"
)
// TenantInfo contains necessary configuration for determining the CMP tenant info
type TenantInfo struct {
Endpoint string `envconfig:"APP_TENANT_INFO_ENDPOINT,default=localhost:8080/v1/info"`
RequestTimeout time.Duration `envconfig:"APP_TENANT_INFO_REQUEST_TIMEOUT,default=30s"`
InsecureSkipVerify bool `envconfig:"APP_TENANT_INFO_INSECURE_SKIP_VERIFY,default=false"`
}
// Config contains necessary configurations for the instance-creator to operate
type Config struct {
APIRootPath string `envconfig:"APP_API_ROOT_PATH,default=/instance-creator"`
APITenantMappingsEndpoint string `envconfig:"API_TENANT_MAPPINGS_ENDPOINT,default=/v1/tenantMappings/{tenant-id}"`
Address string `envconfig:"APP_ADDRESS,default=localhost:8080"`
SkipSSLValidation bool `envconfig:"APP_HTTP_CLIENT_SKIP_SSL_VALIDATION,default=false"`
JWKSEndpoint string `envconfig:"APP_JWKS_ENDPOINT,default=file://hack/default-jwks.json"`
ServerTimeout time.Duration `envconfig:"APP_SERVER_TIMEOUT,default=110s"`
ClientTimeout time.Duration `envconfig:"APP_CLIENT_TIMEOUT,default=105s"`
AuthorizationHeaderKey string `envconfig:"APP_AUTHORIZATION_HEADER_KEY,default=Authorization"`
AllowJWTSigningNone bool `envconfig:"APP_ALLOW_JWT_SIGNING_NONE,default=false"`
SMInstancesSecretPath string `envconfig:"APP_SM_INSTANCES_SECRET_PATH"`
InstanceClientIDPath string `envconfig:"APP_SM_INSTANCE_CLIENT_ID_PATH"`
InstanceSMURLPath string `envconfig:"APP_SM_INSTANCE_SM_URL_PATH"`
InstanceTokenURLPath string `envconfig:"APP_SM_INSTANCE_TOKEN_URL_PATH"`
InstanceAppNamePath string `envconfig:"APP_SM_INSTANCE_APP_NAME_PATH"`
InstanceCertificatePath string `envconfig:"APP_SM_INSTANCE_CERTIFICATE_PATH"`
InstanceCertificateKeyPath string `envconfig:"APP_SM_INSTANCE_CERTIFICATE_KEY_PATH"`
ExternalClientCertSecretName string `envconfig:"APP_EXTERNAL_CLIENT_CERT_SECRET_NAME"`
OAuthTokenPath string `envconfig:"APP_SM_INSTANCE_OAUTH_TOKEN_PATH"`
RegionToInstanceConfig map[string]InstanceConfig `envconfig:"-"`
SMClientTimeout time.Duration `envconfig:"APP_SM_CLIENT_TIMEOUT,default=30s"`
CertLoaderConfig credloader.CertConfig
Ticker time.Duration `envconfig:"APP_SM_ASYNC_API_TICKER,default=3s"`
Timeout time.Duration `envconfig:"APP_SM_ASYNC_API_TIMEOUT,default=30s"`
Log log.Config
TenantInfo TenantInfo
Database persistence.DatabaseConfig
}
// InstanceConfig is a service instance config
type InstanceConfig struct {
ClientID string
SMURL string
TokenURL string
AppName string
Certificate string
CertificateKey string
}
// PrepareConfiguration loads credentials for each region
func (c *Config) PrepareConfiguration() error {
if err := c.MapInstanceConfigs(); err != nil {
return errors.Wrap(err, "while building region instances credentials")
}
return nil
}
// MapInstanceConfigs parses the InstanceConfigs json string to map with key: region name and value: InstanceConfig for the instance in the region
func (c *Config) MapInstanceConfigs() error {
secretData, err := pkgconfig.ReadConfigFile(c.SMInstancesSecretPath)
if err != nil {
return errors.Wrapf(err, "while getting SM instances secret")
}
bindingsMap, err := pkgconfig.ParseConfigToJSONMap(secretData)
if err != nil {
return err
}
c.RegionToInstanceConfig = make(map[string]InstanceConfig)
for region, config := range bindingsMap {
i := InstanceConfig{
ClientID: gjson.Get(config.String(), c.InstanceClientIDPath).String(),
SMURL: gjson.Get(config.String(), c.InstanceSMURLPath).String(),
TokenURL: gjson.Get(config.String(), c.InstanceTokenURLPath).String(),
AppName: gjson.Get(config.String(), c.InstanceAppNamePath).String(),
Certificate: gjson.Get(config.String(), c.InstanceCertificatePath).String(),
CertificateKey: gjson.Get(config.String(), c.InstanceCertificateKeyPath).String(),
}
if err := i.validate(); err != nil {
c.RegionToInstanceConfig = nil
return errors.Wrapf(err, "while validating instance for region: %q", region)
}
c.RegionToInstanceConfig[region] = i
}
return nil
}
// validate checks if all required fields are populated.
// In the end, the error message is aggregated by joining all error messages.
func (i *InstanceConfig) validate() error {
errorMessages := make([]string, 0)
if i.ClientID == "" {
errorMessages = append(errorMessages, "Client ID is missing")
}
if i.SMURL == "" {
errorMessages = append(errorMessages, "SM TokenURL is missing")
}
if i.TokenURL == "" {
errorMessages = append(errorMessages, "TokenURL is missing")
}
if i.AppName == "" {
errorMessages = append(errorMessages, "App Name is missing")
}
if i.Certificate == "" {
errorMessages = append(errorMessages, "Certificate is missing")
}
if i.CertificateKey == "" {
errorMessages = append(errorMessages, "Certificate Key is missing")
}
errorMsg := strings.Join(errorMessages, ", ")
if errorMsg != "" {
return errors.New(errorMsg)
}
return nil
}