Skip to content

Commit 251608d

Browse files
1gtmtamalsaha
andauthored
[cherry-pick] Update license verifier to v0.8.0 (#360)
/cherry-pick Signed-off-by: Tamal Saha <tamal@appscode.com> Co-authored-by: Tamal Saha <tamal@appscode.com>
1 parent 2c41000 commit 251608d

File tree

9 files changed

+54
-31
lines changed

9 files changed

+54
-31
lines changed

go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ require (
88
github.com/onsi/gomega v1.10.4 // indirect
99
github.com/sergi/go-diff v1.1.0 // indirect
1010
github.com/spf13/cobra v1.1.1
11-
go.bytebuilders.dev/license-verifier/kubernetes v0.7.1
11+
go.bytebuilders.dev/license-verifier/kubernetes v0.8.0
1212
gomodules.xyz/x v0.0.0-20201105065653-91c568df6331
1313
k8s.io/api v0.18.9
1414
k8s.io/apimachinery v0.18.9

go.sum

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -580,10 +580,10 @@ github.com/yudai/golcs v0.0.0-20170316035057-ecda9a501e82 h1:BHyfKlQyqbsFN5p3Ifn
580580
github.com/yudai/golcs v0.0.0-20170316035057-ecda9a501e82/go.mod h1:lgjkn3NuSvDfVJdfcVVdX+jpBxNmX4rDAzaS45IcYoM=
581581
github.com/yudai/pp v2.0.1+incompatible h1:Q4//iY4pNF6yPLZIigmvcl7k/bPgrcTPIFIcmawg5bI=
582582
github.com/yudai/pp v2.0.1+incompatible/go.mod h1:PuxR/8QJ7cyCkFp/aUDS+JY727OFEZkTdatxwunjIkc=
583-
go.bytebuilders.dev/license-verifier v0.7.1 h1:ea2HO0Qfu/Li6lR5ZFs0E0uPDwFW4NZGszX5NSRhLio=
584-
go.bytebuilders.dev/license-verifier v0.7.1/go.mod h1:N7fJxdaBJQ9seOGFg+trJQ3eWwy/ga6YZi0wlvdDQi0=
585-
go.bytebuilders.dev/license-verifier/kubernetes v0.7.1 h1:JogI0Y+MQRIdQd0fH9uFtJuimrOgwThAbl9mfxyF0DM=
586-
go.bytebuilders.dev/license-verifier/kubernetes v0.7.1/go.mod h1:92LIvidYIGntnkUJJKjRH3s6qdgyiHRZFeBd14Efl3c=
583+
go.bytebuilders.dev/license-verifier v0.8.0 h1:lLnz+v65UuHcpMuWRiINDOI+HmwETNehtjm44+dauMo=
584+
go.bytebuilders.dev/license-verifier v0.8.0/go.mod h1:N7fJxdaBJQ9seOGFg+trJQ3eWwy/ga6YZi0wlvdDQi0=
585+
go.bytebuilders.dev/license-verifier/kubernetes v0.8.0 h1:RyXeFcib/Mr6dwyeSCkvpX8u+696CWXnH3FYXCEYdxs=
586+
go.bytebuilders.dev/license-verifier/kubernetes v0.8.0/go.mod h1:xyLTXiI5SEefYKQSNq/ozFpJChwb2Xp+8x4SMJ9180Q=
587587
go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
588588
go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
589589
go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738/go.mod h1:dnLIgRNXwCJa5e+c6mIZCrds/GIG4ncV9HhK5PX7jPg=

vendor/go.bytebuilders.dev/license-verifier/apis/licenses/v1alpha1/types.go

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,8 @@ type License struct {
2727
metav1.TypeMeta `json:",inline,omitempty"`
2828

2929
Issuer string `json:"issuer,omitempty"` // byte.builders
30-
Products []string `json:"products,omitempty"`
30+
Features []string `json:"features,omitempty"`
31+
PlanName string `json:"planName,omitempty"`
3132
Clusters []string `json:"clusters,omitempty"` // cluster_id ?
3233
User *User `json:"user,omitempty"`
3334
NotBefore *metav1.Time `json:"notBefore,omitempty"` // start of subscription start

vendor/go.bytebuilders.dev/license-verifier/apis/licenses/v1alpha1/zz_generated.deepcopy.go

Lines changed: 2 additions & 2 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/go.bytebuilders.dev/license-verifier/info/lib.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@ var (
2525
ProductOwnerName string
2626
ProductOwnerUID string
2727

28-
ProductName string
28+
ProductName string // This has been renamed to Features
2929
ProductUID string
3030
)
3131

vendor/go.bytebuilders.dev/license-verifier/kubernetes/go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ go 1.14
44

55
require (
66
github.com/gogo/protobuf v1.3.1
7-
go.bytebuilders.dev/license-verifier v0.7.1
7+
go.bytebuilders.dev/license-verifier v0.8.0
88
k8s.io/api v0.18.9
99
k8s.io/apimachinery v0.18.9
1010
k8s.io/apiserver v0.18.9

vendor/go.bytebuilders.dev/license-verifier/kubernetes/lib.go

Lines changed: 17 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -73,8 +73,8 @@ func NewLicenseEnforcer(config *rest.Config, licenseFile string) *LicenseEnforce
7373
licenseFile: licenseFile,
7474
config: config,
7575
opts: &verifier.Options{
76-
CACert: []byte(info.LicenseCA),
77-
ProductName: info.ProductName,
76+
CACert: []byte(info.LicenseCA),
77+
Features: info.ProductName,
7878
},
7979
}
8080
}
@@ -110,9 +110,15 @@ func (le *LicenseEnforcer) podName() (string, error) {
110110

111111
func (le *LicenseEnforcer) handleLicenseVerificationFailure(licenseErr error) error {
112112
// Send interrupt so that all go-routines shut-down gracefully
113+
// https://pracucci.com/graceful-shutdown-of-kubernetes-pods.html
114+
// https://linuxhandbook.com/sigterm-vs-sigkill/
115+
// https://pracucci.com/graceful-shutdown-of-kubernetes-pods.html
113116
//nolint:errcheck
114117
defer func() {
115-
_ = syscall.Kill(syscall.Getpid(), syscall.SIGINT)
118+
// Need to send signal twice because
119+
// we catch the first INT/TERM signal
120+
// ref: https://github.com/kubernetes/apiserver/blob/8d97c871d91c75b81b8b4c438f4dd1eaa7f35052/pkg/server/signal.go#L47-L51
121+
_ = syscall.Kill(syscall.Getpid(), syscall.SIGTERM)
116122
time.Sleep(30 * time.Second)
117123
_ = syscall.Kill(syscall.Getpid(), syscall.SIGKILL)
118124
}()
@@ -220,8 +226,8 @@ func VerifyLicensePeriodically(config *rest.Config, licenseFile string, stopCh <
220226
licenseFile: licenseFile,
221227
config: config,
222228
opts: &verifier.Options{
223-
CACert: []byte(info.LicenseCA),
224-
ProductName: info.ProductName,
229+
CACert: []byte(info.LicenseCA),
230+
Features: info.ProductName,
225231
},
226232
}
227233
// Create Kubernetes client
@@ -271,8 +277,8 @@ func CheckLicenseFile(config *rest.Config, licenseFile string) error {
271277
licenseFile: licenseFile,
272278
config: config,
273279
opts: &verifier.Options{
274-
CACert: []byte(info.LicenseCA),
275-
ProductName: info.ProductName,
280+
CACert: []byte(info.LicenseCA),
281+
Features: info.ProductName,
276282
},
277283
}
278284
// Create Kubernetes client
@@ -299,8 +305,8 @@ func CheckLicenseFile(config *rest.Config, licenseFile string) error {
299305
return nil
300306
}
301307

302-
// CheckLicenseEndpoint verifies whether the provided api server has a valid license is valid for products.
303-
func CheckLicenseEndpoint(config *rest.Config, apiServiceName string, products []string) error {
308+
// CheckLicenseEndpoint verifies whether the provided api server has a valid license is valid for features.
309+
func CheckLicenseEndpoint(config *rest.Config, apiServiceName string, features []string) error {
304310
aggrClient, err := clientset.NewForConfig(config)
305311
if err != nil {
306312
return err
@@ -350,8 +356,8 @@ func CheckLicenseEndpoint(config *rest.Config, apiServiceName string, products [
350356
return fmt.Errorf("license %s is not active, status: %s, reason: %s", license.ID, license.Status, license.Reason)
351357
}
352358

353-
if !sets.NewString(license.Products...).HasAny(products...) {
354-
return fmt.Errorf("license %s is not valid for products %q", license.ID, strings.Join(products, ","))
359+
if !sets.NewString(license.Features...).HasAny(features...) {
360+
return fmt.Errorf("license %s is not valid for products %q", license.ID, strings.Join(features, ","))
355361
}
356362
return nil
357363
}

vendor/go.bytebuilders.dev/license-verifier/lib.go

Lines changed: 24 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -31,10 +31,10 @@ import (
3131
)
3232

3333
type Options struct {
34-
ClusterUID string `json:"clusterUID"`
35-
ProductName string `json:"productName"`
36-
CACert []byte `json:"caCert,omitempty"`
37-
License []byte `json:"license"`
34+
ClusterUID string `json:"clusterUID"`
35+
Features string `json:"features"`
36+
CACert []byte `json:"caCert,omitempty"`
37+
License []byte `json:"license"`
3838
}
3939

4040
func VerifyLicense(opts *Options) (v1alpha1.License, error) {
@@ -84,7 +84,23 @@ func VerifyLicense(opts *Options) (v1alpha1.License, error) {
8484
NotBefore: &metav1.Time{Time: cert.NotBefore},
8585
NotAfter: &metav1.Time{Time: cert.NotAfter},
8686
ID: cert.SerialNumber.String(),
87-
Products: cert.Subject.Organization,
87+
Features: cert.Subject.Organization,
88+
}
89+
if len(cert.Subject.OrganizationalUnit) > 0 {
90+
license.PlanName = cert.Subject.OrganizationalUnit[0]
91+
} else {
92+
// old certificate, so plan name auto detected from feature
93+
// ref: https://github.com/appscode/offline-license-server/blob/v0.0.20/pkg/server/constants.go#L50-L59
94+
features := sets.NewString(cert.Subject.Organization...)
95+
if features.Has("kubedb-enterprise") {
96+
license.PlanName = "kubedb-enterprise"
97+
} else if features.Has("kubedb-community") {
98+
license.PlanName = "kubedb-community"
99+
} else if features.Has("stash-enterprise") {
100+
license.PlanName = "stash-enterprise"
101+
} else if features.Has("stash-community") {
102+
license.PlanName = "stash-community"
103+
}
88104
}
89105

90106
var user *v1alpha1.User
@@ -127,11 +143,11 @@ func VerifyLicense(opts *Options) (v1alpha1.License, error) {
127143
license.Reason = e2.Error()
128144
return license, e2
129145
}
130-
products := strings.FieldsFunc(opts.ProductName, func(r rune) bool {
146+
features := strings.FieldsFunc(opts.Features, func(r rune) bool {
131147
return unicode.IsSpace(r) || r == ',' || r == ';'
132148
})
133-
if !sets.NewString(cert.Subject.Organization...).HasAny(products...) {
134-
e2 := fmt.Errorf("license was not issued for %s", opts.ProductName)
149+
if !sets.NewString(cert.Subject.Organization...).HasAny(features...) {
150+
e2 := fmt.Errorf("license was not issued for %s", opts.Features)
135151
license.Status = v1alpha1.LicenseExpired
136152
license.Reason = e2.Error()
137153
return license, e2

vendor/modules.txt

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -131,12 +131,12 @@ github.com/yudai/gojsondiff
131131
github.com/yudai/gojsondiff/formatter
132132
# github.com/yudai/golcs v0.0.0-20170316035057-ecda9a501e82
133133
github.com/yudai/golcs
134-
# go.bytebuilders.dev/license-verifier v0.7.1
134+
# go.bytebuilders.dev/license-verifier v0.8.0
135135
go.bytebuilders.dev/license-verifier
136136
go.bytebuilders.dev/license-verifier/apis/licenses
137137
go.bytebuilders.dev/license-verifier/apis/licenses/v1alpha1
138138
go.bytebuilders.dev/license-verifier/info
139-
# go.bytebuilders.dev/license-verifier/kubernetes v0.7.1
139+
# go.bytebuilders.dev/license-verifier/kubernetes v0.8.0
140140
go.bytebuilders.dev/license-verifier/kubernetes
141141
# golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9
142142
golang.org/x/crypto/ssh/terminal

0 commit comments

Comments
 (0)