Skip to content

Commit 54ac67c

Browse files
committed
refactor: bring identity interface inline with discovery interface
1 parent b37ccf9 commit 54ac67c

File tree

31 files changed

+327
-207
lines changed

31 files changed

+327
-207
lines changed

internal/commands/use/use.go

-3
Original file line numberDiff line numberDiff line change
@@ -220,9 +220,6 @@ func addConfig(cs config.ConfigurationSet, registration *registry.DiscoveryPlugi
220220
if _, err := cs.Bool("set-current", true, "Sets the current context in the kubeconfig to the selected cluster"); err != nil {
221221
return fmt.Errorf("adding set-current config: %w", err)
222222
}
223-
if err := common.AddCommonIdentityConfig(cs); err != nil {
224-
return fmt.Errorf("adding common identity config items: %w", err)
225-
}
226223
if err := common.AddCommonClusterConfig(cs); err != nil {
227224
return fmt.Errorf("adding common cluster config items: %w", err)
228225
}

pkg/app/to.go

-3
Original file line numberDiff line numberDiff line change
@@ -213,9 +213,6 @@ func (a *App) buildConnectToConfig(configFile string, discoveryProvider string,
213213
if err := cs.AddSet(discoCfg); err != nil {
214214
return nil, fmt.Errorf("adding cluster provider config items: %w", err)
215215
}
216-
if err := common.AddCommonIdentityConfig(cs); err != nil {
217-
return nil, fmt.Errorf("adding common identity config items: %w", err)
218-
}
219216
if err := common.AddCommonClusterConfig(cs); err != nil {
220217
return nil, fmt.Errorf("adding common cluster config items: %w", err)
221218
}

pkg/app/use.go

+20-4
Original file line numberDiff line numberDiff line change
@@ -70,10 +70,23 @@ func (a *App) Use(ctx context.Context, input *UseInput) error {
7070
return fmt.Errorf("using identity provider %s: %w", input.IdentityProvider, ErrUnsuportedIdpProtocol)
7171
}
7272

73+
err = identityProvider.CheckPreReqs()
74+
if err != nil {
75+
fmt.Fprintf(os.Stderr, "\033[33m%s\033[0m\n", err.Error())
76+
return fmt.Errorf("checking identity provider pre-reqs: %w", err)
77+
}
78+
7379
err = clusterProvider.CheckPreReqs()
7480
if err != nil {
75-
//TODO: how to report this???
7681
fmt.Fprintf(os.Stderr, "\033[33m%s\033[0m\n", err.Error())
82+
return fmt.Errorf("checking discovery provider pre-reqs: %w", err)
83+
}
84+
85+
if err := identityProvider.Resolve(input.ConfigSet, nil); err != nil {
86+
return fmt.Errorf("resolving identity config items: %w", err)
87+
}
88+
if err := identityProvider.Validate(input.ConfigSet); err != nil {
89+
return fmt.Errorf("validating identity config items: %w", err)
7790
}
7891

7992
authOutput, err := identityProvider.Authenticate(ctx, &identity.AuthenticateInput{
@@ -84,7 +97,10 @@ func (a *App) Use(ctx context.Context, input *UseInput) error {
8497
}
8598

8699
if err := clusterProvider.Resolve(input.ConfigSet, authOutput.Identity); err != nil {
87-
return fmt.Errorf("resolving config items: %w", err)
100+
return fmt.Errorf("resolving discovery config items: %w", err)
101+
}
102+
if err := clusterProvider.Validate(input.ConfigSet); err != nil {
103+
return fmt.Errorf("validating discovery config items: %w", err)
88104
}
89105

90106
if !input.IgnoreAlias {
@@ -153,7 +169,7 @@ func (a *App) Use(ctx context.Context, input *UseInput) error {
153169
return nil
154170
}
155171

156-
func (a *App) discoverCluster(ctx context.Context, clusterProvider discovery.Provider, identity identity.Identity, params *UseInput) (*discovery.Cluster, error) {
172+
func (a *App) discoverCluster(ctx context.Context, clusterProvider discovery.Provider, identity provider.Identity, params *UseInput) (*discovery.Cluster, error) {
157173
a.logger.Infow("discovering clusters", "provider", params.DiscoveryProvider)
158174

159175
discoverOutput, err := clusterProvider.Discover(ctx, &discovery.DiscoverInput{
@@ -177,7 +193,7 @@ func (a *App) discoverCluster(ctx context.Context, clusterProvider discovery.Pro
177193
return cluster, nil
178194
}
179195

180-
func (a *App) getCluster(ctx context.Context, clusterProvider discovery.Provider, identity identity.Identity, params *UseInput) (*discovery.Cluster, error) {
196+
func (a *App) getCluster(ctx context.Context, clusterProvider discovery.Provider, identity provider.Identity, params *UseInput) (*discovery.Cluster, error) {
181197
a.logger.Infow("getting cluster details", "id", *params.ClusterID, "provider", params.DiscoveryProvider)
182198

183199
output, err := clusterProvider.GetCluster(ctx, &discovery.GetClusterInput{

pkg/aws/store.go

+4-4
Original file line numberDiff line numberDiff line change
@@ -21,11 +21,11 @@ import (
2121

2222
"github.com/versent/saml2aws/pkg/awsconfig"
2323

24-
"github.com/fidelity/kconnect/pkg/provider/identity"
24+
"github.com/fidelity/kconnect/pkg/provider"
2525
)
2626

2727
// NewIdentityStore will create a new AWS identity store
28-
func NewIdentityStore(profile, idProviderName string) (identity.Store, error) {
28+
func NewIdentityStore(profile, idProviderName string) (provider.Store, error) {
2929
return &awsIdentityStore{
3030
configProvider: awsconfig.NewSharedCredentials(profile),
3131
idProviderName: idProviderName,
@@ -41,7 +41,7 @@ func (s *awsIdentityStore) CredsExists() (bool, error) {
4141
return s.configProvider.CredsExists()
4242
}
4343

44-
func (s *awsIdentityStore) Save(userID identity.Identity) error {
44+
func (s *awsIdentityStore) Save(userID provider.Identity) error {
4545
awsIdentity, ok := userID.(*Identity)
4646
if !ok {
4747
return fmt.Errorf("expected AWSIdentity but got a %T: %w", userID, ErrUnexpectedIdentity)
@@ -51,7 +51,7 @@ func (s *awsIdentityStore) Save(userID identity.Identity) error {
5151
return s.configProvider.Save(awsCreds)
5252
}
5353

54-
func (s *awsIdentityStore) Load() (identity.Identity, error) {
54+
func (s *awsIdentityStore) Load() (provider.Identity, error) {
5555
creds, err := s.configProvider.Load()
5656
if err != nil {
5757
return nil, fmt.Errorf("loading credentials: %w", err)

pkg/config/validate.go

+42
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,42 @@
1+
/*
2+
Copyright 2021 The kconnect Authors.
3+
4+
Licensed under the Apache License, Version 2.0 (the "License");
5+
you may not use this file except in compliance with the License.
6+
You may obtain a copy of the License at
7+
8+
http://www.apache.org/licenses/LICENSE-2.0
9+
10+
Unless required by applicable law or agreed to in writing, software
11+
distributed under the License is distributed on an "AS IS" BASIS,
12+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+
See the License for the specific language governing permissions and
14+
limitations under the License.
15+
*/
16+
17+
package config
18+
19+
import (
20+
"fmt"
21+
22+
kerrs "github.com/fidelity/kconnect/pkg/errors"
23+
)
24+
25+
const (
26+
requiredFormat = "%s is required"
27+
)
28+
29+
// ValidateRequired will perform a required field validation on the config set
30+
func ValidateRequired(cfg ConfigurationSet) error {
31+
validationErrs := []string{}
32+
for _, item := range cfg.GetAll() {
33+
if item.Required && !item.HasValue() {
34+
validationErrs = append(validationErrs, fmt.Sprintf(requiredFormat, item.Name))
35+
}
36+
}
37+
if len(validationErrs) > 0 {
38+
return kerrs.New(validationErrs)
39+
}
40+
41+
return nil
42+
}

pkg/errors/validation.go

+6
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,12 @@ import (
2121
"strings"
2222
)
2323

24+
func New(errors []string) *ValidationFailed {
25+
return &ValidationFailed{
26+
validationErrors: errors,
27+
}
28+
}
29+
2430
type ValidationFailed struct {
2531
validationErrors []string
2632
}

pkg/plugins/discovery/aws/provider.go

+1-2
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,6 @@ import (
2727
"github.com/fidelity/kconnect/pkg/provider"
2828
"github.com/fidelity/kconnect/pkg/provider/common"
2929
"github.com/fidelity/kconnect/pkg/provider/discovery"
30-
"github.com/fidelity/kconnect/pkg/provider/identity"
3130
"github.com/fidelity/kconnect/pkg/provider/registry"
3231
"github.com/fidelity/kconnect/pkg/utils"
3332
)
@@ -91,7 +90,7 @@ func (p *eksClusterProvider) Name() string {
9190
return ProviderName
9291
}
9392

94-
func (p *eksClusterProvider) setup(cs config.ConfigurationSet, userID identity.Identity) error {
93+
func (p *eksClusterProvider) setup(cs config.ConfigurationSet, userID provider.Identity) error {
9594
cfg := &eksClusteProviderConfig{}
9695
if err := config.Unmarshall(cs, cfg); err != nil {
9796
return fmt.Errorf("unmarshalling config items into eksClusteProviderConfig: %w", err)

pkg/plugins/discovery/aws/resolver.go

+9-2
Original file line numberDiff line numberDiff line change
@@ -19,9 +19,10 @@ package aws
1919
import (
2020
"fmt"
2121

22+
kaws "github.com/fidelity/kconnect/pkg/aws"
2223
"github.com/fidelity/kconnect/pkg/config"
2324
kerrors "github.com/fidelity/kconnect/pkg/errors"
24-
"github.com/fidelity/kconnect/pkg/provider/identity"
25+
"github.com/fidelity/kconnect/pkg/provider"
2526
)
2627

2728
func (p *eksClusterProvider) Validate(cfg config.ConfigurationSet) error {
@@ -42,6 +43,12 @@ func (p *eksClusterProvider) Validate(cfg config.ConfigurationSet) error {
4243

4344
// Resolve will resolve the values for the AWS specific flags that have no value. It will
4445
// query AWS and interactively ask the user for selections.
45-
func (p *eksClusterProvider) Resolve(config config.ConfigurationSet, userID identity.Identity) error {
46+
func (p *eksClusterProvider) Resolve(cfg config.ConfigurationSet, userID provider.Identity) error {
47+
if err := kaws.ResolvePartition(cfg); err != nil {
48+
return fmt.Errorf("resolving partition: %w", err)
49+
}
50+
if err := kaws.ResolveRegion(cfg); err != nil {
51+
return fmt.Errorf("resolving region: %w", err)
52+
}
4653
return nil
4754
}

pkg/plugins/discovery/azure/config.go

+2-2
Original file line numberDiff line numberDiff line change
@@ -29,8 +29,8 @@ import (
2929
azclient "github.com/fidelity/kconnect/pkg/azure/client"
3030
"github.com/fidelity/kconnect/pkg/azure/id"
3131
azid "github.com/fidelity/kconnect/pkg/azure/identity"
32+
"github.com/fidelity/kconnect/pkg/provider"
3233
"github.com/fidelity/kconnect/pkg/provider/discovery"
33-
"github.com/fidelity/kconnect/pkg/provider/identity"
3434
)
3535

3636
const (
@@ -110,7 +110,7 @@ func (p *aksClusterProvider) addKubelogin(cfg *api.Config) {
110110
}
111111
}
112112

113-
func (p *aksClusterProvider) addTokenToAuthProvider(cfg *api.Config, userID identity.Identity) error {
113+
func (p *aksClusterProvider) addTokenToAuthProvider(cfg *api.Config, userID provider.Identity) error {
114114
id, ok := userID.(*azid.ActiveDirectoryIdentity)
115115
if !ok {
116116
return ErrTokenNeedsAD

pkg/plugins/discovery/azure/provider.go

+1-8
Original file line numberDiff line numberDiff line change
@@ -22,15 +22,13 @@ import (
2222
"go.uber.org/zap"
2323

2424
"github.com/Azure/go-autorest/autorest"
25-
"github.com/go-playground/validator/v10"
2625

2726
azid "github.com/fidelity/kconnect/pkg/azure/identity"
2827
"github.com/fidelity/kconnect/pkg/config"
2928
khttp "github.com/fidelity/kconnect/pkg/http"
3029
"github.com/fidelity/kconnect/pkg/provider"
3130
"github.com/fidelity/kconnect/pkg/provider/common"
3231
"github.com/fidelity/kconnect/pkg/provider/discovery"
33-
"github.com/fidelity/kconnect/pkg/provider/identity"
3432
"github.com/fidelity/kconnect/pkg/provider/registry"
3533
"github.com/fidelity/kconnect/pkg/utils"
3634
)
@@ -101,16 +99,11 @@ func (p *aksClusterProvider) Name() string {
10199
return ProviderName
102100
}
103101

104-
func (p *aksClusterProvider) setup(cs config.ConfigurationSet, userID identity.Identity) error {
102+
func (p *aksClusterProvider) setup(cs config.ConfigurationSet, userID provider.Identity) error {
105103
cfg := &aksClusterProviderConfig{}
106104
if err := config.Unmarshall(cs, cfg); err != nil {
107105
return fmt.Errorf("unmarshalling config items into eksClusteProviderConfig: %w", err)
108106
}
109-
validate := validator.New()
110-
if err := validate.Struct(cfg); err != nil {
111-
return fmt.Errorf("validating config struct: %w", err)
112-
}
113-
114107
p.config = cfg
115108

116109
// TODO: should we just return a AuthorizerIdentity from the aad provider?

pkg/plugins/discovery/azure/resolver.go

+2-2
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ import (
2424
"github.com/fidelity/kconnect/pkg/config"
2525
kerrors "github.com/fidelity/kconnect/pkg/errors"
2626
"github.com/fidelity/kconnect/pkg/prompt"
27-
"github.com/fidelity/kconnect/pkg/provider/identity"
27+
"github.com/fidelity/kconnect/pkg/provider"
2828
)
2929

3030
func (p *aksClusterProvider) Validate(cfg config.ConfigurationSet) error {
@@ -45,7 +45,7 @@ func (p *aksClusterProvider) Validate(cfg config.ConfigurationSet) error {
4545

4646
// Resolve will resolve the values for the AWS specific flags that have no value. It will
4747
// query AWS and interactively ask the user for selections.
48-
func (p *aksClusterProvider) Resolve(cfg config.ConfigurationSet, userID identity.Identity) error {
48+
func (p *aksClusterProvider) Resolve(cfg config.ConfigurationSet, userID provider.Identity) error {
4949
if err := p.setup(cfg, userID); err != nil {
5050
return fmt.Errorf("setting up aks provider: %w", err)
5151
}

pkg/plugins/discovery/rancher/provider.go

+1-1
Original file line numberDiff line numberDiff line change
@@ -86,7 +86,7 @@ func (p *rancherClusterProvider) Name() string {
8686
return ProviderName
8787
}
8888

89-
func (p *rancherClusterProvider) setup(cs config.ConfigurationSet, userID identity.Identity) error {
89+
func (p *rancherClusterProvider) setup(cs config.ConfigurationSet, userID provider.Identity) error {
9090
cfg := &rancherClusterProviderConfig{}
9191
if err := config.Unmarshall(cs, cfg); err != nil {
9292
return fmt.Errorf("unmarshalling config items into rancherClusterProviderConfig: %w", err)

pkg/plugins/discovery/rancher/resolver.go

+2-2
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@ import (
2121

2222
"github.com/fidelity/kconnect/pkg/config"
2323
kerrors "github.com/fidelity/kconnect/pkg/errors"
24-
"github.com/fidelity/kconnect/pkg/provider/identity"
24+
"github.com/fidelity/kconnect/pkg/provider"
2525
rshared "github.com/fidelity/kconnect/pkg/rancher"
2626
)
2727

@@ -43,7 +43,7 @@ func (p *rancherClusterProvider) Validate(cfg config.ConfigurationSet) error {
4343

4444
// Resolve will resolve the values for the AWS specific flags that have no value. It will
4545
// query AWS and interactively ask the user for selections.
46-
func (p *rancherClusterProvider) Resolve(cfg config.ConfigurationSet, identity identity.Identity) error {
46+
func (p *rancherClusterProvider) Resolve(cfg config.ConfigurationSet, identity provider.Identity) error {
4747
if err := p.setup(cfg, identity); err != nil {
4848
return fmt.Errorf("setting up rancher provider: %w", err)
4949
}

pkg/plugins/identity/aws/iam/provider.go

+24-9
Original file line numberDiff line numberDiff line change
@@ -85,10 +85,6 @@ func (p *iamIdentityProvider) Authenticate(ctx context.Context, input *identity.
8585
return nil, fmt.Errorf("unmarshalling config into providerConfig: %w", err)
8686
}
8787

88-
if err := p.validateConfig(cfg); err != nil {
89-
return nil, err
90-
}
91-
9288
sess, err := kaws.NewSession(cfg.Region, cfg.Profile, cfg.AccessKey, cfg.SecretKey, cfg.SessionToken)
9389
if err != nil {
9490
return nil, fmt.Errorf("creating aws session: %w", err)
@@ -113,23 +109,42 @@ func (p *iamIdentityProvider) Authenticate(ctx context.Context, input *identity.
113109
}, nil
114110
}
115111

116-
func (p *iamIdentityProvider) validateConfig(cfg *providerConfig) error {
117-
if cfg.Profile != "" && cfg.AccessKey != "" {
112+
// Validate is used to validate the config items and return any errors
113+
func (p *iamIdentityProvider) Validate(cfg config.ConfigurationSet) error {
114+
hasProfile := cfg.ExistsWithValue(kaws.ProfileConfigItem)
115+
hasAccessKey := cfg.ExistsWithValue(kaws.AccessKeyConfigItem)
116+
hasSecretKey := cfg.ExistsWithValue(kaws.SecretKeyConfigItem)
117+
118+
if hasProfile && hasAccessKey {
118119
return ErrProfileWithAccessKey
119120
}
120-
if cfg.Profile != "" && cfg.SecretKey != "" {
121+
if hasProfile && hasSecretKey {
121122
return ErrProfileWithSecretKey
122123
}
123-
if cfg.AccessKey != "" && cfg.SecretKey == "" {
124+
if hasAccessKey && !hasSecretKey {
124125
return ErrAccessAndSecretRequired
125126
}
126-
if cfg.AccessKey == "" && cfg.SecretKey != "" {
127+
if !hasAccessKey && hasSecretKey {
127128
return ErrAccessAndSecretRequired
128129
}
129130

130131
return nil
131132
}
132133

134+
// Resolve will resolve the values for the supplied config items. It will interactively
135+
// resolve the values by asking the user for selections.
136+
func (p *iamIdentityProvider) Resolve(config config.ConfigurationSet, identity provider.Identity) error {
137+
return nil
138+
}
139+
140+
func (p *iamIdentityProvider) ListPreReqs() []*provider.PreReq {
141+
return []*provider.PreReq{}
142+
}
143+
144+
func (p *iamIdentityProvider) CheckPreReqs() error {
145+
return nil
146+
}
147+
133148
// ConfigurationItems will return the configuration items for the intentity plugin based
134149
// of the cluster provider that its being used in conjunction with
135150
func ConfigurationItems(scopeTo string) (config.ConfigurationSet, error) {

0 commit comments

Comments
 (0)