Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

zero: managed mode controller #4459

Merged
merged 37 commits into from Aug 17, 2023
Merged

zero: managed mode controller #4459

merged 37 commits into from Aug 17, 2023

Conversation

wasaga
Copy link
Contributor

@wasaga wasaga commented Aug 13, 2023
edited

Summary

This is a main managed mode controller for Zero.

If a variable POMERIUM_ZERO_TOKEN is set, Pomerium would enter managed mode.

In development, it additionally accepts

  • CONNECT_SERVER_ENDPOINT
  • CLUSTER_API_ENDPOINT (should be full cluster API URL - i.e. have /cluster/v1 suffix)

The control loop is simple:

  1. fetch bootstrap config
  2. then, run
  • connect service
  • bootstrap config updater
  • resource bundle reconciler
  • pomerium core

Related issues

User Explanation

Checklist

  • reference any related issues
  • updated docs
  • updated unit tests
  • updated UPGRADING.md
  • add appropriate tag (improvement / bug / etc)
  • ready for review

@wasaga
zero: bootstrap config
40efa26
@wasaga
zero: resource bundle reconciler
48c2486
@wasaga
restructure
c7fd5a4
@wasaga
add retry package
2c7955b
@wasaga
Merge branch 'wasaga/zero-retry' into wasaga/zero-resource-bundles-re…
de6d559 
…conciler
@wasaga
use retry package
54369e8
@wasaga
Merge branch 'wasaga/zero-retry' into wasaga/zero-bootstrap-config
47b0f79
@wasaga
use retry package
aa7a187
@wasaga
Merge branch 'wasaga/zero-resource-bundles-reconciler' into wasaga/ze…
2f7ea6c 
…ro-retry-bootstrap-reconciler
@wasaga
zero: managed mode controller
03c047b
@wasaga
add cmd
ae7ffb8
@wasaga
use centralized api
a783f01
@wasaga
Merge branch 'feature/zero' into wasaga/zero-resource-bundles-reconciler
4e59934
@wasaga
use centralied api
01c1784
@wasaga
Merge branch 'feature/zero' into wasaga/zero-controller
426e91d
@wasaga
Merge branch 'wasaga/zero-bootstrap-config' into wasaga/zero-controller
c35c845
@wasaga
Merge branch 'wasaga/zero-resource-bundles-reconciler' into wasaga/ze…
758d610 
…ro-controller
@wasaga
Merge branch 'wasaga/zero-resource-bundles-reconciler' into wasaga/ze…
f3d8bd2 
…ro-retry-bootstrap-reconciler
@wasaga
Merge branch 'wasaga/zero-bootstrap-config' into wasaga/zero-retry-bo…
e1ed614 
…otstrap-reconciler
@wasaga
rm debug log
45556d0
@wasaga
Merge branch 'wasaga/zero-resource-bundles-reconciler' into wasaga/ze…
5a8b111 
…ro-retry-bootstrap-reconciler
@wasaga
Merge branch 'wasaga/zero-retry-bootstrap-reconciler' into wasaga/zer…
e4c1da1 
…o-controller
@wasaga
use centralized api
a2a8c04
@wasaga wasaga marked this pull request as ready for review August 16, 2023 01:53
@wasaga wasaga requested a review from a team as a code owner August 16, 2023 01:53
calebdoxsey
calebdoxsey approved these changes Aug 16, 2023
View reviewed changes
internal/zero/cmd/env_release.go
@@ -0,0 +1,11 @@
//go:build release
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

note: I am not a fan of using build flags in this way. As much as possible I prefer to have the same binary running locally that's run in production.

This is my personal preference and there is nothing that needs to be changed.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm also not a big fan of build tags.

I wanted to make sure the release binary won't be customizable using those dev env variables; what do you feel might be a cleaner way of dealing with that?

@wasaga wasaga changed the base branch from wasaga/zero-retry-bootstrap-reconciler to wasaga/zero-resource-bundles-reconciler August 16, 2023 17:15
Base automatically changed from wasaga/zero-resource-bundles-reconciler to feature/zero August 17, 2023 17:19
@wasaga wasaga merged commit d5ef01d into feature/zero Aug 17, 2023
9 checks passed
@wasaga wasaga deleted the wasaga/zero-controller branch August 17, 2023 18:22
kenjenkins pushed a commit that referenced this pull request Nov 14, 2023
@wasaga @kenjenkins
zero: managed mode controller (#4459)
a78fc6f
kenjenkins pushed a commit that referenced this pull request Nov 15, 2023
@wasaga @kenjenkins
zero: managed mode controller (#4459)
e0236d3
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@calebdoxsey calebdoxsey calebdoxsey approved these changes

@kenjenkins kenjenkins Awaiting requested review from kenjenkins

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@wasaga @calebdoxsey