-
Notifications
You must be signed in to change notification settings - Fork 42
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Extend enterprise install to also create the license secret #118
Conversation
Signed-off-by: Taylor Thornton <taylor@upbound.io>
go.mod
Outdated
github.com/upbound/up-sdk-go v0.1.0 | ||
golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d | ||
helm.sh/helm/v3 v3.6.3 | ||
helm.sh/helm/v3 v3.6.1-0.20210719095234-663c5698878c |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is pinned to workaround: helm/helm@663c569 not being in a non-rc version that go.mod will pull.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actually it looks like 3.7.0
was released today. I'll try using that version.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@hasheddan this should answer #118 (comment).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@tnthornton sorry I am not sure I follow why the commit you referenced is needed for the changes in this PR?
Signed-off-by: Taylor Thornton <taylor@upbound.io>
Signed-off-by: Taylor Thornton <taylor@upbound.io>
d2a3754
to
c65072a
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for this great work @tnthornton! A few questions / comments below :)
k8s.io/apimachinery v0.21.0 | ||
k8s.io/cli-runtime v0.21.0 | ||
k8s.io/client-go v0.21.0 | ||
helm.sh/helm/v3 v3.7.0 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don’t think this will cause any issues, and I like staying up to date with latest release, but was there something in this PR that required a bump?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@tnthornton I removed the backport-0.4
label as this one should just go into main
.
Signed-off-by: Taylor Thornton <taylor@upbound.io>
6c33a80
to
64118f4
Compare
With the latest changes: *[enterprise-install-auth][~/codez/up]$ go run ./cmd/... enterprise install --repo registry.upbound.io/enterprise-dev v0.0.0-119.g7bd3967 --key-version-override v0.0.0 --org-id enterprise-dev --dmv http://localhost:8080
License ID: <OMITTED>
Token:
up: error: unable to build kubernetes objects from release manifest: [unable to recognize "": no matches for kind "Certificate" in version "cert-manager.io/v1alpha2", unable to recognize "": no matches for kind "Issuer" in version "cert-manager.io/v1alpha2"]
exit status 1 *[enterprise-install-auth][~/codez/up]$ go run ./cmd/... enterprise install --repo registry.upbound.io/enterprise-dev v0.0.0-119.g7bd3967 --skip-license
License ID: <OMITTED>
Token:
up: error: unable to build kubernetes objects from release manifest: [unable to recognize "": no matches for kind "Certificate" in version "cert-manager.io/v1alpha2", unable to recognize "": no matches for kind "Issuer" in version "cert-manager.io/v1alpha2"]
exit status 1 |
cmd/up/enterprise/install.go
Outdated
|
||
Version string `arg:"" help:"Enterprise version to install."` | ||
|
||
Repo *url.URL `hidden:"" env:"ENTERPRISE_REPO" default:"registry.upbound.io/enterprise" help:"Set repo for enterprise."` | ||
LicenseSecretName string `default:"upbound-enterprise-license" help:"Name of secret that will be populated with license data."` | ||
SkipLicense bool `hidden:"" help:"Skip providing a license for enteprise install"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nitpick for consistency:
SkipLicense bool `hidden:"" help:"Skip providing a license for enteprise install"` | |
SkipLicense bool `hidden:"" help:"Skip providing a license for enteprise install."` |
internal/license/dmv.go
Outdated
} | ||
|
||
// NewProvider constructs a new dmv provider | ||
func NewProvider(modifiers ...ProviderModifierFn) Provider { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Prefer returning *dmv
internal/auth/registry.go
Outdated
} | ||
} | ||
|
||
func (u *upboundRegistry) GetToken(ctx context.Context) (Response, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would typically return a pointer here (nil
in error case)
func (u *upboundRegistry) GetToken(ctx context.Context) (Response, error) { | |
func (u *upboundRegistry) GetToken(ctx context.Context) (*Response, error) { |
internal/license/dmv.go
Outdated
} | ||
} | ||
|
||
func (d *dmv) GetAccessKey(ctx context.Context, token, version string) (Response, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same comment about returning *Response
here
cmd/up/enterprise/install.go
Outdated
secret, | ||
metav1.UpdateOptions{}, | ||
); err != nil { | ||
return errors.Wrap(err, errCreateLicenseSecret) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this will end up getting double wrapped by caller -- You also could likely skip this check and return errors.Wrap
of err
below as I believe it returns nil
if error is nil
.
e9b5f12
to
e1aa08a
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice work @tnthornton! 🚀
e1aa08a
to
8336bfd
Compare
add version overrides for dev Signed-off-by: Taylor Thornton <taylor@upbound.io>
8336bfd
to
4d4e081
Compare
Description of your changes
Add functionality to query Upbound Registry to authenticate the license request, prior to retrieving the License access key and signature from DMV.
Once we have the license access key, a new secret is created in the target namespace to enable license checks for enterprise.
Fixes #115
I have:
make reviewable
to ensure this PR is ready for review.backport release-x.y
labels to auto-backport this PR, as appropriate.How has this code been tested