Standardize Source/Destination "type" to "kind" to match roles (#445)

- update references to source/destination type to kind to match roles - output root token on dev build for convenience - update docs - migrate api from source/destination type to kind - add source ID to group to identify its external source of truth
infrahq · Oct 15, 2021 · b78b0db · b78b0db
1 parent 2990cad
commit b78b0db
Show file tree

Hide file tree

Showing 22 changed files with 141 additions and 90 deletions.
diff --git a/.gitignore b/.gitignore
@@ -5,3 +5,6 @@ release
 .env
 .test
 .vscode
+
+# configuration file used during development
+infra.yaml
diff --git a/Makefile b/Makefile
@@ -45,7 +45,7 @@ dev:
 	# get client secret from:
 	# https://dev-02708987-admin.okta.com/admin/app/oidc_client/instance/0oapn0qwiQPiMIyR35d6/#tab-general
 	# create the required secret with:
-	# kubectl create secret generic infra-registry-okta -n infrahq --from-literal=clientSecret=$OKTA_CLIENT_SECRET --from-literal=apiToken=$OKTA_API_TOKEN
+	# kubectl create secret generic infra-registry-okta -n infrahq --from-literal=clientSecret=$$OKTA_CLIENT_SECRET --from-literal=apiToken=$$OKTA_API_TOKEN
 
 	kubectl config use-context docker-desktop
 	docker build . -t infrahq/infra:0.0.0-development
@@ -55,6 +55,8 @@ dev:
 	helm upgrade --install infra-engine ./helm/charts/engine --namespace infrahq --set image.pullPolicy=Never --set image.tag=0.0.0-development --set name=dd --set registry=infra-registry --set apiKey=$$(kubectl get secrets/infra-registry --template={{.data.engineApiKey}} --namespace infrahq | base64 -D) --set service.ports[0].port=8443 --set service.ports[0].name=https --set service.ports[0].targetPort=443
 	kubectl rollout restart deployment/infra-registry --namespace infrahq
 	kubectl rollout restart deployment/infra-engine --namespace infrahq
+	ROOT_TOKEN=$$(kubectl --namespace infrahq get secrets infra-registry -o jsonpath='{.data.rootApiKey}' | base64 -D); \
+    echo Root token is $$ROOT_TOKEN
 
 dev/clean:
 	kubectl config use-context docker-desktop

diff --git a/docs/configuration.md b/docs/configuration.md
@@ -21,7 +21,7 @@ First, create a config file `infra.yaml`:
 
 ```
 sources:
-  - type: okta
+  - kind: okta
     domain: acme.okta.com
     clientId: 0oapn0qwiQPiMIyR35d6
     clientSecret: infra-registry-okta/clientSecret
@@ -47,7 +47,7 @@ helm upgrade infra-registry infrahq/registry -n infrahq --set-file config=./infr
 
 ```yaml
 sources:
-  - type: okta
+  - kind: okta
     domain: acme.okta.com
     clientId: 0oapn0qwiQPiMIyR35d6
     clientSecret: infra-registry-okta/clientSecret

diff --git a/docs/okta.md b/docs/okta.md
@@ -3,7 +3,7 @@
 This guide will walk you through the process of setting up Okta as an identity provider for Infra. At the end of this process you will have updated your Infra configuration with an Okta source that looks something like this:
 ```
 sources:
-  - type: okta
+  - kind: okta
     domain: acme.okta.com
     clientId: 0oapn0qwiQPiMIyR35d6
     clientSecret: infra-registry-okta/clientSecret
@@ -69,7 +69,7 @@ Edit your [Infra configuration](./configuration.md) (e.g. `infra.yaml`) to inclu
 
 ```yaml
 sources:
-  - type: okta
+  - kind: okta
     domain: acme.okta.com
     clientId: 0oapn0qwiQPiMIyR35d6
     clientSecret: infra-registry-okta/clientSecret # <kubernetes secret object name>/<key of the secret>

diff --git a/internal/api/api_destinations.go b/internal/api/api_destinations.go
diff --git a/internal/api/api_sources.go b/internal/api/api_sources.go
diff --git a/internal/api/configuration.go b/internal/api/configuration.go
diff --git a/internal/api/model_group.go b/internal/api/model_group.go
diff --git a/internal/api/response.go b/internal/api/response.go
diff --git a/internal/cmd/list.go b/internal/cmd/list.go
@@ -16,7 +16,7 @@ import (
 type statusRow struct {
 	CurrentlySelected        string `header:"CURRENT"` // * if selected
 	Name                     string `header:"NAME"`
-	Type                     string `header:"TYPE"`
+	Kind                     string `header:"KIND"`
 	Status                   string `header:"STATUS"`
 	Endpoint                 string // don't display in table
 	CertificateAuthorityData []byte // don't display in table
@@ -143,7 +143,7 @@ func newRow(role api.Role, currentContext string) statusRow {
 	if k8s, ok := role.Destination.GetKubernetesOk(); ok {
 		row.Endpoint = k8s.Endpoint
 		row.CertificateAuthorityData = []byte(k8s.Ca)
-		row.Type = "Kubernetes"
+		row.Kind = "Kubernetes"
 	}
 
 	parts := strings.Split(currentContext, ":")

diff --git a/internal/registry/_testdata/infra.yaml b/internal/registry/_testdata/infra.yaml
@@ -1,10 +1,10 @@
 sources:
-  - type: okta
+  - kind: okta
     domain: overwrite.example.com
     clientId: 0oapn0qwiQPiMIyR35d6
     clientSecret: okta-secrets/clientSecret
     apiToken: okta-secrets/apiToken
-  - type: okta
+  - kind: okta
     domain: test.example.com
     clientId: 0oapn0qwiQPiMIyR35d6
     clientSecret: okta-secrets/clientSecret

diff --git a/internal/registry/api.go b/internal/registry/api.go
@@ -321,10 +321,10 @@ func (a *Api) GetGroup(w http.ResponseWriter, r *http.Request) {
 }
 
 func (a *Api) ListSources(w http.ResponseWriter, r *http.Request) {
-	sourceType := r.URL.Query().Get("type")
+	sourceKind := r.URL.Query().Get("kind")
 
 	var sources []Source
-	if err := a.db.Find(&sources, &Source{Type: sourceType}).Error; err != nil {
+	if err := a.db.Find(&sources, &Source{Kind: sourceKind}).Error; err != nil {
 		logging.L.Error(err.Error())
 		sendApiError(w, http.StatusInternalServerError, "could not list sources")
 
@@ -379,10 +379,10 @@ func (a *Api) GetSource(w http.ResponseWriter, r *http.Request) {
 
 func (a *Api) ListDestinations(w http.ResponseWriter, r *http.Request) {
 	destinationName := r.URL.Query().Get("name")
-	destinationType := r.URL.Query().Get("type")
+	destinationKind := r.URL.Query().Get("kind")
 
 	var destinations []Destination
-	if err := a.db.Find(&destinations, &Destination{Name: destinationName, Type: destinationType}).Error; err != nil {
+	if err := a.db.Find(&destinations, &Destination{Name: destinationName, Kind: destinationKind}).Error; err != nil {
 		logging.L.Error(err.Error())
 		sendApiError(w, http.StatusInternalServerError, "could not list destinations")
 
@@ -463,7 +463,7 @@ func (a *Api) CreateDestination(w http.ResponseWriter, r *http.Request) {
 			return result.Error
 		}
 		destination.Name = body.Name
-		destination.Type = DestinationTypeKubernetes
+		destination.Kind = DestinationKindKubernetes
 		destination.KubernetesCa = body.Kubernetes.Ca
 		destination.KubernetesEndpoint = body.Kubernetes.Endpoint
 		return tx.Save(&destination).Error
@@ -787,7 +787,7 @@ func (a *Api) Login(w http.ResponseWriter, r *http.Request) {
 	switch {
 	case body.Okta != nil:
 		var source Source
-		if err := a.db.Where(&Source{Type: SourceTypeOkta, Domain: body.Okta.Domain}).First(&source).Error; err != nil {
+		if err := a.db.Where(&Source{Kind: SourceKindOkta, Domain: body.Okta.Domain}).First(&source).Error; err != nil {
 			logging.L.Debug("Could not retrieve okta source from db: " + err.Error())
 			sendApiError(w, http.StatusBadRequest, "invalid okta login information")
 
@@ -884,7 +884,7 @@ func dbToAPISource(s Source) api.Source {
 		Updated: s.Updated,
 	}
 
-	if s.Type == SourceTypeOkta {
+	if s.Kind == SourceKindOkta {
 		res.Okta = &api.SourceOkta{
 			ClientId: s.ClientId,
 			Domain:   s.Domain,
@@ -902,7 +902,7 @@ func dbToAPIdestination(d Destination) api.Destination {
 		Updated: d.Updated,
 	}
 
-	if d.Type == DestinationTypeKubernetes {
+	if d.Kind == DestinationKindKubernetes {
 		res.Kubernetes = &api.DestinationKubernetes{
 			Ca:       d.KubernetesCa,
 			Endpoint: d.KubernetesEndpoint,
@@ -1003,10 +1003,11 @@ func dbToAPIUser(u User) api.User {
 
 func dbToAPIGroup(g Group) api.Group {
 	res := api.Group{
-		Id:      g.Id,
-		Created: g.Created,
-		Updated: g.Updated,
-		Name:    g.Name,
+		Id:       g.Id,
+		Created:  g.Created,
+		Updated:  g.Updated,
+		Name:     g.Name,
+		SourceID: g.SourceId,
 	}
 
 	for _, u := range g.Users {