Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Start the "login" sequence from "okteto namespace" if needed #919

Merged
merged 1 commit into from
Jun 16, 2020
Merged

Start the "login" sequence from "okteto namespace" if needed #919

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
24 changes: 2 additions & 22 deletions cmd/login.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,6 @@ import (
k8Client "github.com/okteto/okteto/pkg/k8s/client"
"github.com/okteto/okteto/pkg/log"
"github.com/okteto/okteto/pkg/okteto"
"github.com/skratchdot/open-golang/open"
"github.com/spf13/cobra"
)

Expand Down Expand Up @@ -74,7 +73,7 @@ to log in to a Okteto Enterprise instance running at okteto.example.com.
u, err = login.WithToken(ctx, oktetoURL, token)
} else {
log.Debugf("authenticating with the browser")
u, err = withBrowser(ctx, oktetoURL)
u, err = login.WithBrowser(ctx, oktetoURL)
}

if err != nil {
Expand All @@ -90,7 +89,7 @@ to log in to a Okteto Enterprise instance running at okteto.example.com.
log.Success("Logged in as %s @ %s", u.GithubID, oktetoURL)
}

err = namespace.RunNamespace(ctx, "")
err = namespace.RunNamespace(ctx, "", "")
if err != nil {
log.Infof("error fetching your Kubernetes credentials: %s", err)
log.Hint(" Run `okteto namespace` to switch your context and download your Kubernetes credentials.")
Expand All @@ -109,25 +108,6 @@ to log in to a Okteto Enterprise instance running at okteto.example.com.
return cmd
}

func withBrowser(ctx context.Context, oktetoURL string) (*okteto.User, error) {
h, err := login.StartWithBrowser(ctx, oktetoURL)
if err != nil {
log.Infof("couldn't start the login process: %s", err)
return nil, fmt.Errorf("couldn't start the login process, please try again")
}

authorizationURL := h.AuthorizationURL()
fmt.Println("Authentication will continue in your default browser")
if err := open.Start(authorizationURL); err != nil {
log.Errorf("Something went wrong opening your browser: %s\n", err)
}

fmt.Printf("You can also open a browser and navigate to the following address:\n")
fmt.Println(authorizationURL)

return login.EndWithBrowser(ctx, h)
}

func parseURL(u string) (string, error) {
url, err := url.Parse(u)
if err != nil {
Expand Down
2 changes: 1 addition & 1 deletion cmd/namespace/create.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ func executeCreateNamespace(ctx context.Context, namespace string, members *[]st
}
}

if err := RunNamespace(ctx, namespace); err != nil {
if err := RunNamespace(ctx, namespace, ""); err != nil {
return fmt.Errorf("failed to activate your new namespace: %s", err)
}

Expand Down
20 changes: 18 additions & 2 deletions cmd/namespace/namespace.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ import (

//Namespace fetch credentials for a cluster namespace
func Namespace(ctx context.Context) *cobra.Command {
var oktetoURL string
cmd := &cobra.Command{
Use: "namespace [name]",
Short: "Downloads k8s credentials for a namespace",
Expand All @@ -43,16 +44,31 @@ func Namespace(ctx context.Context) *cobra.Command {
return err
}

err := RunNamespace(ctx, namespace)
err := RunNamespace(ctx, namespace, oktetoURL)
analytics.TrackNamespace(err == nil)
return err
},
}
cmd.Flags().StringVarP(&oktetoURL, "url", "u", "", "Okteto URL (optional)")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I find that adding this paramater to namespace makes the command more complicated to use.

anyone that doesn't understand the internal implementation is going to be confused by why this parameter is here.

I've been looking around at other tools, and it seems like the pattern of login being separate from the actions is pretty common. I think it's easier to understand when commands only do one thing.

If you feel strongly about having login here, I'd not have the param and then ask the user for the URL (defaulting to okteto cloud).

Copy link
Contributor

@rlamana rlamana Jun 16, 2020
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see this just as a mere shortcut and it mainly helps reduce the steps to bring users to development from the UI. Currently, the jump from deploy to development takes around 5 - 6 steps when onboarding a new user, back and forth from the UI to the CLI. In the end, the screen to guide users to developments looks like this:

Screenshot 2020-06-16 at 19 38 15

On a big screen, you even have to scroll to see the okteto up which is the main command in this sequence... And I really believe we need to do something to reduce this friction.

Users starting the process from the UI can benefit from copy/pasting the command with all the needed information to start the process. Just like I do when I'm going to clone a Github repo and don't care about the URL, or when configuring a GKE cluster using the gcloud CLI... to name a couple of examples.

I think a good start is to launch the login process whenever it is needed to remove an extra step. In Okteto Cloud this parameter is not even necessary. It will only be needed if you copy/paste the command from the UI in a Okteto Enterprise installation...

So, I do feel strongly about having login here for this reason. I am however open check the idea of prompting the user asking for the URL, like you suggest. But think that this is just optional for the flow initiated from the UI and in Okteto Enterprise.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm also open for ideas to simplify the path to development if you have any.

As you know, I'd even go for a more aggressive simplification: a single command that helps the user all the way from the CLI. Which will mean to automatically log in, switch namespaces, and clone (if needed) before doing the up. But I know you guys are not very fond of this idea...

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@pchico83 @rlamana I don't think that bundling commands is a way to simplify the use of okteto. I think this PR makes the namespace command more complex than before. Bundling commands adds complexity to the surface area of the command too. Now the developer needs to understand that okteto namespace can also login if she's not logged in, so she might want to pass the URL in case she's not.

Pretty much every developer tool I can think of went in the direction of having single use commands, and failing: docker, heroku, terraform, pulumi, snyk. There's no way to pass your credentials during a docker pull, for example. It just fails. These companies and tools have spent a lot of effort and research on this topic, so there's a reason why they went on this direction.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If you want to keep the behavior of prompting for login, that's fine, but I would not expose it via a parameter.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@rberrelleza how would you expose it?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use runs okteto namespace $NAME like today. If the user is not logged in to okteto cloud, it gets a prompt, where we ask if the user wants to login, ask for the URL (defaulting to cloud), and we do the login action and then if successful, the namespace activation.

We can do the same in create/delete namespace. And we should probably mention in all those commands that the action requires an okteto cloud / okteto enterprise account.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@rberrelleza LGTM. @rlamana ?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok, sounds good to me too

return cmd
}

//RunNamespace starts the kubeconfig sequence
func RunNamespace(ctx context.Context, namespace string) error {
func RunNamespace(ctx context.Context, namespace, oktetoURL string) error {
if oktetoURL != "" && okteto.GetURL() != oktetoURL {
u, err := login.WithBrowser(ctx, oktetoURL)
if err != nil {
return err
}
log.Infof("authenticated user %s", u.ID)

if oktetoURL == okteto.CloudURL {
log.Success("Logged in as %s", u.GithubID)
} else {
log.Success("Logged in as %s @ %s", u.GithubID, oktetoURL)
}
}

cred, err := okteto.GetCredentials(ctx, namespace)
if err != nil {
return err
Expand Down
21 changes: 21 additions & 0 deletions pkg/cmd/login/login.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ import (
"github.com/okteto/okteto/pkg/log"
"github.com/okteto/okteto/pkg/model"
"github.com/okteto/okteto/pkg/okteto"
"github.com/skratchdot/open-golang/open"
)

// WithEnvVarIfAvailable authenticates the user with OKTETO_TOKEN value
Expand Down Expand Up @@ -51,6 +52,26 @@ func WithToken(ctx context.Context, url, token string) (*okteto.User, error) {
return okteto.AuthWithToken(ctx, url, token)
}

//WithBrowser authenticates the user with the brower
func WithBrowser(ctx context.Context, oktetoURL string) (*okteto.User, error) {
h, err := StartWithBrowser(ctx, oktetoURL)
if err != nil {
log.Infof("couldn't start the login process: %s", err)
return nil, fmt.Errorf("couldn't start the login process, please try again")
}

authorizationURL := h.AuthorizationURL()
fmt.Println("Authentication will continue in your default browser")
if err := open.Start(authorizationURL); err != nil {
log.Errorf("Something went wrong opening your browser: %s\n", err)
}

fmt.Printf("You can also open a browser and navigate to the following address:\n")
fmt.Println(authorizationURL)

return EndWithBrowser(ctx, h)
}

// StartWithBrowser starts the authentication of the user with the IDP via a browser
func StartWithBrowser(ctx context.Context, url string) (*Handler, error) {
state, err := randToken()
Expand Down