-
Notifications
You must be signed in to change notification settings - Fork 28
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: point the integs at a remote trustification server
Fixes #401 Setting the TRUST_URL env var to a remote trustification server triggers the integs to be run against it. If it's set, other env vars will be required: TRUST_USER_ID -- the client id of the user TRUST_MANAGER_ID -- the client id of the manager TRUST_SECRET -- the secret is assumed to be the same for user & mgr If KAFKA_BOOTSTRAP_SERVERS is set, its value will be used to configure the event bus. Otherwise, SQS is assumed and valid AWS credentials will be required. Signed-off-by: Jim Crossley <jim@crossleys.org>
- Loading branch information
1 parent
5ea4712
commit 918c159
Showing
7 changed files
with
130 additions
and
40 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,69 @@ | ||
use reqwest::Url; | ||
use serde_json::Value; | ||
use trustification_event_bus::{EventBusConfig, EventBusType}; | ||
|
||
use crate::{create_provider, create_provider_context, ProviderContext}; | ||
|
||
#[derive(Default)] | ||
pub struct Config { | ||
pub spog: Option<Url>, | ||
pub bombastic: Option<Url>, | ||
pub vexination: Option<Url>, | ||
issuer: String, | ||
user: String, | ||
manager: String, | ||
secret: String, | ||
} | ||
|
||
impl Config { | ||
pub async fn new() -> Self { | ||
let _ = env_logger::try_init(); | ||
match std::env::var("TRUST_URL") { | ||
Ok(base) => { | ||
let url = Url::parse(&base) | ||
.expect(&format!("Invalid TRUST_URL: '{base}'")) | ||
.join("/endpoints/backend.json") | ||
.unwrap(); | ||
let endpoints: Value = reqwest::get(url) | ||
.await | ||
.expect("Missing backend endpoints") | ||
.json() | ||
.await | ||
.unwrap(); | ||
Config { | ||
spog: endpoints["url"].as_str().map(Url::parse).unwrap().ok(), | ||
bombastic: endpoints["bombastic"].as_str().map(Url::parse).unwrap().ok(), | ||
vexination: endpoints["vexination"].as_str().map(Url::parse).unwrap().ok(), | ||
issuer: endpoints["oidc"]["issuer"].as_str().unwrap().to_string(), | ||
user: std::env::var("TRUST_USER_ID").expect("TRUST_USER_ID is required"), | ||
manager: std::env::var("TRUST_MANAGER_ID").expect("TRUST_MANAGER_ID is required"), | ||
secret: std::env::var("TRUST_SECRET").expect("TRUST_SECRET is required"), | ||
} | ||
} | ||
_ => Config::default(), | ||
} | ||
} | ||
|
||
pub async fn provider(&self) -> ProviderContext { | ||
match self.spog { | ||
Some(_) => ProviderContext { | ||
provider_user: create_provider(&self.user, &self.secret, &self.issuer).await, | ||
provider_manager: create_provider(&self.manager, &self.secret, &self.issuer).await, | ||
}, | ||
_ => create_provider_context().await, | ||
} | ||
} | ||
|
||
pub fn events(&self) -> EventBusConfig { | ||
match std::env::var("KAFKA_BOOTSTRAP_SERVERS") { | ||
Ok(v) => EventBusConfig { | ||
event_bus: EventBusType::Kafka, | ||
kafka_bootstrap_servers: v, | ||
}, | ||
_ => EventBusConfig { | ||
event_bus: EventBusType::Sqs, | ||
kafka_bootstrap_servers: String::new(), | ||
}, | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,5 @@ | ||
mod bom; | ||
mod config; | ||
mod provider; | ||
mod spog; | ||
mod vex; | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters