forked from rancher/rancher
-
Notifications
You must be signed in to change notification settings - Fork 0
/
authconfig_data.go
88 lines (73 loc) · 2.56 KB
/
authconfig_data.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
package app
import (
"github.com/rancher/rancher/pkg/auth/providers/activedirectory"
"github.com/rancher/rancher/pkg/auth/providers/azure"
"github.com/rancher/rancher/pkg/auth/providers/github"
"github.com/rancher/rancher/pkg/auth/providers/ldap"
localprovider "github.com/rancher/rancher/pkg/auth/providers/local"
"github.com/rancher/rancher/pkg/auth/providers/saml"
"github.com/rancher/rancher/pkg/namespace"
"github.com/rancher/types/apis/management.cattle.io/v3"
"github.com/rancher/types/client/management/v3"
"github.com/rancher/types/config"
corev1 "k8s.io/api/core/v1"
apierrors "k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/apis/meta/v1"
)
func addAuthConfigs(management *config.ManagementContext) error {
if err := addAuthConfig(github.Name, client.GithubConfigType, false, management); err != nil {
return err
}
if err := addAuthConfig(activedirectory.Name, client.ActiveDirectoryConfigType, false, management); err != nil {
return err
}
if err := addAuthConfig(azure.Name, client.AzureADConfigType, false, management); err != nil {
return err
}
if err := addAuthConfig(ldap.OpenLdapName, client.OpenLdapConfigType, false, management); err != nil {
return err
}
if err := addAuthConfig(ldap.FreeIpaName, client.FreeIpaConfigType, false, management); err != nil {
return err
}
if err := addAuthConfig(saml.PingName, client.PingConfigType, false, management); err != nil {
return err
}
if err := addAuthConfig(saml.ADFSName, client.ADFSConfigType, false, management); err != nil {
return err
}
if err := addAuthConfig(saml.KeyCloakName, client.KeyCloakConfigType, false, management); err != nil {
return err
}
if err := addAuthConfig(saml.OKTAName, client.OKTAConfigType, false, management); err != nil {
return err
}
if err := createMgmtNamespace(management); err != nil {
return err
}
return addAuthConfig(localprovider.Name, client.LocalConfigType, true, management)
}
func addAuthConfig(name, aType string, enabled bool, management *config.ManagementContext) error {
_, err := management.Management.AuthConfigs("").ObjectClient().Create(&v3.AuthConfig{
ObjectMeta: v1.ObjectMeta{
Name: name,
},
Type: aType,
Enabled: enabled,
})
if err != nil && !apierrors.IsAlreadyExists(err) {
return err
}
return nil
}
func createMgmtNamespace(management *config.ManagementContext) error {
_, err := management.Core.Namespaces("").Create(&corev1.Namespace{
ObjectMeta: v1.ObjectMeta{
Name: namespace.GlobalNamespace,
},
})
if err != nil && !apierrors.IsAlreadyExists(err) {
return err
}
return nil
}