From 1276e4f85ce4ae02b2686deb13874686dbcc87e3 Mon Sep 17 00:00:00 2001 From: Simon Murray Date: Thu, 13 Jun 2024 15:27:40 +0100 Subject: [PATCH] Tweak Client (#76) This works out better with how the servers are initialised for now. --- charts/identity/Chart.yaml | 4 ++-- pkg/client/client.go | 44 ++++++++++++++++++++++---------------- 2 files changed, 27 insertions(+), 21 deletions(-) diff --git a/charts/identity/Chart.yaml b/charts/identity/Chart.yaml index f0d264f1..ded02546 100644 --- a/charts/identity/Chart.yaml +++ b/charts/identity/Chart.yaml @@ -4,7 +4,7 @@ description: A Helm chart for deploying Unikorn's IdP type: application -version: v0.2.7 -appVersion: v0.2.7 +version: v0.2.8 +appVersion: v0.2.8 icon: https://raw.githubusercontent.com/unikorn-cloud/assets/main/images/logos/dark-on-light/icon.png diff --git a/pkg/client/client.go b/pkg/client/client.go index 3f23dab9..01416fb6 100644 --- a/pkg/client/client.go +++ b/pkg/client/client.go @@ -41,6 +41,22 @@ var ( ErrFormatError = errors.New("secret incorrectly formatted") ) +type Options struct { + // host is the identity host name. + host string + // caSecretNamespace tells us where to source the CA secret. + caSecretNamespace string + // caSecretName is the root CA secret of the identity endpoint. + caSecretName string +} + +// AddFlags adds the options to the CLI flags. +func (o *Options) AddFlags(f *pflag.FlagSet) { + f.StringVar(&o.host, "identity-host", "", "Identity endpoint URL.") + f.StringVar(&o.caSecretNamespace, "identity-ca-secret-namespace", "", "Identity endpoint CA certificate secret namespace.") + f.StringVar(&o.caSecretName, "identity-ca-secret-name", "", "Identity endpoint CA certificate secret.") +} + // Client wraps up the raw OpenAPI client with things to make it useable e.g. // authorization and TLS. type Client struct { @@ -48,45 +64,35 @@ type Client struct { client client.Client // namespace is the namespace the client is running in. namespace string - // host is the identity host name. - host string - // caSecretNamespace tells us where to source the CA secret. - caSecretNamespace string - // caSecretName is the root CA secret of the identity endpoint. - caSecretName string + // options allows setting of option from the CLI + options *Options } // New creates a new client. -func New(client client.Client, namespace string) *Client { +func New(client client.Client, namespace string, options *Options) *Client { return &Client{ client: client, namespace: namespace, + options: options, } } -// AddFlags adds the options to the CLI flags. -func (c *Client) AddFlags(f *pflag.FlagSet) { - f.StringVar(&c.host, "identity-host", "", "Identity endpoint URL.") - f.StringVar(&c.caSecretNamespace, "identity-ca-secret-namespace", "", "Identity endpoint CA certificate secret namespace.") - f.StringVar(&c.caSecretName, "identity-ca-secret-name", "", "Identity endpoint CA certificate secret.") -} - // tlsClientConfig abstracts away private TLS CAs or self signed certificates. func (c *Client) tlsClientConfig(ctx context.Context) (*tls.Config, error) { - if c.caSecretName == "" { + if c.options.caSecretName == "" { //nolint:nilnil return nil, nil } namespace := c.namespace - if c.caSecretNamespace != "" { - namespace = c.caSecretNamespace + if c.options.caSecretNamespace != "" { + namespace = c.options.caSecretNamespace } secret := &corev1.Secret{} - if err := c.client.Get(ctx, client.ObjectKey{Namespace: namespace, Name: c.caSecretName}, secret); err != nil { + if err := c.client.Get(ctx, client.ObjectKey{Namespace: namespace, Name: c.options.caSecretName}, secret); err != nil { return nil, err } @@ -149,7 +155,7 @@ func (c *Client) Client(ctx context.Context) (*openapi.ClientWithResponses, erro return nil, err } - client, err := openapi.NewClientWithResponses(c.host, openapi.WithHTTPClient(httpClient), openapi.WithRequestEditorFn(accessTokenInjector)) + client, err := openapi.NewClientWithResponses(c.options.host, openapi.WithHTTPClient(httpClient), openapi.WithRequestEditorFn(accessTokenInjector)) if err != nil { return nil, err }