Extend enterprise install to also create the license secret #118
Conversation
Signed-off-by: Taylor Thornton <taylor@upbound.io>
|
|
go.mod
Outdated
| github.com/upbound/up-sdk-go v0.1.0 | ||
| golang.org/x/term v0.0.0-20210220032956-6a3ed077a48d | ||
| helm.sh/helm/v3 v3.6.3 | ||
| helm.sh/helm/v3 v3.6.1-0.20210719095234-663c5698878c |
There was a problem hiding this comment.
This is pinned to workaround: helm/helm@663c569 not being in a non-rc version that go.mod will pull.
There was a problem hiding this comment.
Actually it looks like 3.7.0 was released today. I'll try using that version.
There was a problem hiding this comment.
@hasheddan this should answer #118 (comment).
There was a problem hiding this comment.
@tnthornton sorry I am not sure I follow why the commit you referenced is needed for the changes in this PR?
Signed-off-by: Taylor Thornton <taylor@upbound.io>
Signed-off-by: Taylor Thornton <taylor@upbound.io>
tnthornton
force-pushed
the
enterprise-install-auth
branch
from
d2a3754
to
c65072a
Compare
There was a problem hiding this comment.
Thanks for this great work @tnthornton! A few questions / comments below :)
| k8s.io/apimachinery v0.21.0 | ||
| k8s.io/cli-runtime v0.21.0 | ||
| k8s.io/client-go v0.21.0 | ||
| helm.sh/helm/v3 v3.7.0 |
There was a problem hiding this comment.
I don’t think this will cause any issues, and I like staying up to date with latest release, but was there something in this PR that required a bump?
There was a problem hiding this comment.
@tnthornton I removed the backport-0.4 label as this one should just go into main.
Signed-off-by: Taylor Thornton <taylor@upbound.io>
tnthornton
force-pushed
the
enterprise-install-auth
branch
from
6c33a80
to
64118f4
Compare
|
With the latest changes: *[enterprise-install-auth][~/codez/up]$ go run ./cmd/... enterprise install --repo registry.upbound.io/enterprise-dev v0.0.0-119.g7bd3967 --key-version-override v0.0.0 --org-id enterprise-dev --dmv http://localhost:8080
License ID: <OMITTED>
Token:
up: error: unable to build kubernetes objects from release manifest: [unable to recognize "": no matches for kind "Certificate" in version "cert-manager.io/v1alpha2", unable to recognize "": no matches for kind "Issuer" in version "cert-manager.io/v1alpha2"]
exit status 1*[enterprise-install-auth][~/codez/up]$ go run ./cmd/... enterprise install --repo registry.upbound.io/enterprise-dev v0.0.0-119.g7bd3967 --skip-license
License ID: <OMITTED>
Token:
up: error: unable to build kubernetes objects from release manifest: [unable to recognize "": no matches for kind "Certificate" in version "cert-manager.io/v1alpha2", unable to recognize "": no matches for kind "Issuer" in version "cert-manager.io/v1alpha2"]
exit status 1 |
cmd/up/enterprise/install.go
Outdated
|
|
||
| Version string `arg:"" help:"Enterprise version to install."` | ||
|
|
||
| Repo *url.URL `hidden:"" env:"ENTERPRISE_REPO" default:"registry.upbound.io/enterprise" help:"Set repo for enterprise."` | ||
| LicenseSecretName string `default:"upbound-enterprise-license" help:"Name of secret that will be populated with license data."` | ||
| SkipLicense bool `hidden:"" help:"Skip providing a license for enteprise install"` |
There was a problem hiding this comment.
nitpick for consistency:
| SkipLicense bool `hidden:"" help:"Skip providing a license for enteprise install"` | |
| SkipLicense bool `hidden:"" help:"Skip providing a license for enteprise install."` |
internal/license/dmv.go
Outdated
| } | ||
|
|
||
| // NewProvider constructs a new dmv provider | ||
| func NewProvider(modifiers ...ProviderModifierFn) Provider { |
internal/auth/registry.go
Outdated
| } | ||
| } | ||
|
|
||
| func (u *upboundRegistry) GetToken(ctx context.Context) (Response, error) { |
There was a problem hiding this comment.
I would typically return a pointer here (nil in error case)
| func (u *upboundRegistry) GetToken(ctx context.Context) (Response, error) { | |
| func (u *upboundRegistry) GetToken(ctx context.Context) (*Response, error) { |
internal/license/dmv.go
Outdated
| } | ||
| } | ||
|
|
||
| func (d *dmv) GetAccessKey(ctx context.Context, token, version string) (Response, error) { |
There was a problem hiding this comment.
Same comment about returning *Response here
cmd/up/enterprise/install.go
Outdated
| secret, | ||
| metav1.UpdateOptions{}, | ||
| ); err != nil { | ||
| return errors.Wrap(err, errCreateLicenseSecret) |
There was a problem hiding this comment.
I think this will end up getting double wrapped by caller -- You also could likely skip this check and return errors.Wrap of err below as I believe it returns nil if error is nil.
tnthornton
force-pushed
the
enterprise-install-auth
branch
2 times, most recently
from
e9b5f12
to
e1aa08a
Compare
tnthornton
force-pushed
the
enterprise-install-auth
branch
from
e1aa08a
to
8336bfd
Compare
add version overrides for dev Signed-off-by: Taylor Thornton <taylor@upbound.io>
tnthornton
force-pushed
the
enterprise-install-auth
branch
from
8336bfd
to
4d4e081
Compare
Description of your changes
Add functionality to query Upbound Registry to authenticate the license request, prior to retrieving the License access key and signature from DMV.
Once we have the license access key, a new secret is created in the target namespace to enable license checks for enterprise.
Fixes #115
I have:
make reviewableto ensure this PR is ready for review.backport release-x.ylabels to auto-backport this PR, as appropriate.How has this code been tested