Adding Identity fields for node to cloud agent login (#29)
* Adding Identity fields
This commit is contained in:
apluchik
GitHub
Родитель
0ed05acb3c
Коммит
2bd806d6a8
|
|
@ -9,15 +9,29 @@ import (
|
|||
"github.com/microsoft/moc/pkg/errors"
|
||||
"github.com/microsoft/moc/pkg/status"
|
||||
wssdcloudsecurity "github.com/microsoft/moc/rpc/cloudagent/security"
|
||||
wssdcloudcommon "github.com/microsoft/moc/rpc/common"
|
||||
)
|
||||
|
||||
func getIdentity(id *wssdcloudsecurity.Identity) *security.Identity {
|
||||
clitype := security.ExternalClient
|
||||
if id.ClientType == wssdcloudcommon.ClientType_CONTROLPLANE {
|
||||
clitype = security.ControlPlane
|
||||
} else if id.ClientType == wssdcloudcommon.ClientType_NODE {
|
||||
clitype = security.Node
|
||||
}
|
||||
|
||||
return &security.Identity{
|
||||
ID: &id.Id,
|
||||
Name: &id.Name,
|
||||
Token: &id.Token,
|
||||
ID: &id.Id,
|
||||
Name: &id.Name,
|
||||
Token: &id.Token,
|
||||
TokenExpiry: &id.TokenExpiry,
|
||||
Location: &id.LocationName,
|
||||
IdentityProperties: &security.IdentityProperties{
|
||||
Statuses: status.GetStatuses(id.GetStatus()),
|
||||
Statuses: status.GetStatuses(id.GetStatus()),
|
||||
ClientType: clitype,
|
||||
CloudFqdn: &id.CloudFqdn,
|
||||
CloudPort: &id.CloudPort,
|
||||
CloudAuthPort: &id.CloudAuthPort,
|
||||
},
|
||||
}
|
||||
}
|
||||
|
|
@ -26,7 +40,41 @@ func getWssdIdentity(id *security.Identity) (*wssdcloudsecurity.Identity, error)
|
|||
if id.Name == nil {
|
||||
return nil, errors.Wrapf(errors.InvalidInput, "Identity name is missing")
|
||||
}
|
||||
return &wssdcloudsecurity.Identity{
|
||||
|
||||
wssdidentity := &wssdcloudsecurity.Identity{
|
||||
Name: *id.Name,
|
||||
}, nil
|
||||
}
|
||||
|
||||
if id.TokenExpiry != nil {
|
||||
wssdidentity.TokenExpiry = *id.TokenExpiry
|
||||
}
|
||||
|
||||
if id.Location != nil { // WIll need to do error checking if location not set !!!!s
|
||||
wssdidentity.LocationName = *id.Location
|
||||
}
|
||||
|
||||
clitype := wssdcloudcommon.ClientType_EXTERNALCLIENT
|
||||
if id.IdentityProperties != nil {
|
||||
if id.IdentityProperties.ClientType == security.ControlPlane {
|
||||
clitype = wssdcloudcommon.ClientType_CONTROLPLANE
|
||||
} else if id.IdentityProperties.ClientType == security.Node {
|
||||
clitype = wssdcloudcommon.ClientType_NODE
|
||||
}
|
||||
|
||||
if id.IdentityProperties.CloudFqdn != nil {
|
||||
wssdidentity.CloudFqdn = *id.CloudFqdn
|
||||
}
|
||||
|
||||
if id.IdentityProperties.CloudPort != nil {
|
||||
wssdidentity.CloudPort = *id.CloudPort
|
||||
}
|
||||
|
||||
if id.IdentityProperties.CloudAuthPort != nil {
|
||||
wssdidentity.CloudAuthPort = *id.CloudAuthPort
|
||||
}
|
||||
}
|
||||
|
||||
wssdidentity.ClientType = clitype
|
||||
|
||||
return wssdidentity, nil
|
||||
}
|
||||
|
|
|
|||
|
|
@ -10,6 +10,7 @@ import (
|
|||
wssdcloudclient "github.com/microsoft/moc-sdk-for-go/pkg/client"
|
||||
"github.com/microsoft/moc-sdk-for-go/services/security"
|
||||
"github.com/microsoft/moc/pkg/auth"
|
||||
"github.com/microsoft/moc/pkg/errors"
|
||||
wssdcloudsecurity "github.com/microsoft/moc/rpc/cloudagent/security"
|
||||
wssdcloudcommon "github.com/microsoft/moc/rpc/common"
|
||||
log "k8s.io/klog"
|
||||
|
|
@ -44,6 +45,10 @@ func (c *client) Get(ctx context.Context, group, name string) (*[]security.Ident
|
|||
|
||||
// CreateOrUpdate
|
||||
func (c *client) CreateOrUpdate(ctx context.Context, group, name string, sg *security.Identity) (*security.Identity, error) {
|
||||
if sg.Name == nil {
|
||||
return nil, errors.Wrapf(errors.InvalidConfiguration, "Missing Name for Identity")
|
||||
}
|
||||
|
||||
request, err := getIdentityRequest(wssdcloudcommon.Operation_POST, name, sg)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
|
|
|||
|
|
@ -159,6 +159,14 @@ const (
|
|||
StoragePermissionsUpdate StoragePermissions = "update"
|
||||
)
|
||||
|
||||
type ClientType string
|
||||
|
||||
const (
|
||||
ControlPlane ClientType = "ControlPlane"
|
||||
ExternalClient ClientType = "ExternalClient"
|
||||
Node ClientType = "Node"
|
||||
)
|
||||
|
||||
// Permissions permissions the identity has for keys, secrets, certificates and storage.
|
||||
type Permissions struct {
|
||||
// Keys - Permissions to keys
|
||||
|
|
@ -283,6 +291,14 @@ type CertificateRequest struct {
|
|||
type IdentityProperties struct {
|
||||
// State - State
|
||||
Statuses map[string]*string `json:"statuses"`
|
||||
// CloudAgent FQDN
|
||||
CloudFqdn *string `json:"cloudfqdn,omitempty"`
|
||||
// CloudAgent port
|
||||
CloudPort *int32 `json:"cloudport,omitempty"`
|
||||
// CloudAgent authentication port
|
||||
CloudAuthPort *int32 `json:"cloudauthport,omitempty"`
|
||||
// Client type
|
||||
ClientType ClientType `json:"clienttype,omitempty"`
|
||||
}
|
||||
|
||||
// Identity defines the structure of a identity
|
||||
|
|
@ -295,8 +311,12 @@ type Identity struct {
|
|||
Type *string `json:"type,omitempty"`
|
||||
// Token
|
||||
Token *string `json:"token,omitempty"`
|
||||
// Token Expiry
|
||||
TokenExpiry *int64 `json:"tokenexpiry,omitempty"`
|
||||
// Certificate string encoded in base64
|
||||
Certificate *string `json:"certificate,omitempty"`
|
||||
// Location - Resource location
|
||||
Location *string `json:"location,omitempty"`
|
||||
// Tags - Custom resource tags
|
||||
Tags map[string]*string `json:"tags"`
|
||||
// Properties
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче