Karavan secret created from CLI options #762
diff --git a/karavan-cli/pom.xml b/karavan-cli/pom.xml
index 8663594..e106187 100644
--- a/karavan-cli/pom.xml
+++ b/karavan-cli/pom.xml
@@ -18,6 +18,9 @@
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<kubernetes-client.version>6.3.1</kubernetes-client.version>
<picocli.version>4.7.3</picocli.version>
+ <log4j-version>2.20.0</log4j-version>
+ <slf4j-api-version>2.0.6</slf4j-api-version>
+ <log4j2-version>2.20.0</log4j2-version>
</properties>
<dependencies>
@@ -41,6 +44,27 @@
<artifactId>tekton-client</artifactId>
<version>${kubernetes-client.version}</version>
</dependency>
+ <!-- logging -->
+ <dependency>
+ <groupId>org.slf4j</groupId>
+ <artifactId>slf4j-api</artifactId>
+ <version>${slf4j-api-version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.logging.log4j</groupId>
+ <artifactId>log4j-api</artifactId>
+ <version>${log4j2-version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.logging.log4j</groupId>
+ <artifactId>log4j-core</artifactId>
+ <version>${log4j2-version}</version>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.logging.log4j</groupId>
+ <artifactId>log4j-slf4j2-impl</artifactId>
+ <version>${log4j2-version}</version>
+ </dependency>
</dependencies>
<build>
diff --git a/karavan-cli/src/main/java/org/apache/camel/karavan/cli/CommandUtils.java b/karavan-cli/src/main/java/org/apache/camel/karavan/cli/CommandUtils.java
index d0de379..748d684 100644
--- a/karavan-cli/src/main/java/org/apache/camel/karavan/cli/CommandUtils.java
+++ b/karavan-cli/src/main/java/org/apache/camel/karavan/cli/CommandUtils.java
@@ -18,6 +18,7 @@
import io.fabric8.kubernetes.api.model.*;
import io.fabric8.kubernetes.api.model.apps.Deployment;
+import io.fabric8.kubernetes.api.model.apps.DeploymentCondition;
import io.fabric8.kubernetes.client.KubernetesClient;
import io.fabric8.kubernetes.client.KubernetesClientBuilder;
import io.fabric8.openshift.api.model.operatorhub.v1.Operator;
@@ -72,10 +73,17 @@
// Check secrets
if (!checkKaravanSecrets(config, client)) {
logError("Karavan secrets not found");
- logPoint("Apply secrets before installation");
- System.exit(0);
+
+ // try to create secrets
+ if (!tryToCreateKaravanSecrets(config, client)) {
+ logPoint("Apply secrets before installation");
+ logPoint("Or provide Git, Auth and Image Registry options");
+ System.exit(0);
+ }
+
+ } else {
+ log("Karavan secrets found");
}
- log("Karavan secrets found");
// Create service accounts
createOrReplace(KaravanServiceAccount.getServiceAccount(config), client);
@@ -122,10 +130,31 @@
return secret != null;
}
+ public static boolean tryToCreateKaravanSecrets(KaravanConfig config, KubernetesClient client) {
+ if (config.gitConfigured()) {
+ if ((config.isAuthOidc() && config.oidcConfigured())
+ || (config.isAuthBasic() && config.getMasterPassword() != null && config.getMasterPassword().isEmpty())
+ || (config.getAuth().equals("public"))) {
+ Secret secret = KaravanSecret.getSecret(config);
+ client.resource(secret).createOrReplace();
+ log("\uD83D\uDD11", "Karavan secret created");
+ return true;
+ }
+ }
+ return false;
+ }
+
public static boolean checkReady(KaravanConfig config, KubernetesClient client) {
Deployment deployment = client.apps().deployments().inNamespace(config.getNamespace()).withName(Constants.NAME).get();
+ Integer replicas = deployment.getStatus().getReplicas();
+ Integer ready = deployment.getStatus().getReadyReplicas();
+ Integer available = deployment.getStatus().getAvailableReplicas();
+ Optional<DeploymentCondition> condition = deployment.getStatus().getConditions().stream()
+ .filter(c -> c.getType().equals("Available") && c.getStatus().equals("True")).findFirst();
return deployment.getStatus() != null
- && Objects.equals(deployment.getStatus().getReadyReplicas(), deployment.getStatus().getReplicas());
+ && Objects.equals(replicas, ready)
+ && Objects.equals(replicas, available)
+ && condition.isPresent();
}
private static <T extends HasMetadata> void createOrReplace(T is, KubernetesClient client) {
@@ -159,6 +188,10 @@
return false;
}
+ public static void log(String emoji, String message) {
+ System.out.println(emoji + " " + message);
+ }
+
public static void log(String message) {
System.out.println(getOkMessage(message));
}
diff --git a/karavan-cli/src/main/java/org/apache/camel/karavan/cli/KaravanCli.java b/karavan-cli/src/main/java/org/apache/camel/karavan/cli/KaravanCli.java
index b3e17b0..5760ea9 100644
--- a/karavan-cli/src/main/java/org/apache/camel/karavan/cli/KaravanCli.java
+++ b/karavan-cli/src/main/java/org/apache/camel/karavan/cli/KaravanCli.java
@@ -22,54 +22,89 @@
private String environment;
@CommandLine.Option(names = {"-r", "--runtimes"}, description = "Runtimes: quarkus, spring-boot", defaultValue = Constants.DEFAULT_RUNTIMES)
private String runtimes;
- @CommandLine.Option(names = {"-a", "--authentication", "--auth"}, description = "Authentication: public, basic, oidc", defaultValue = Constants.DEFAULT_AUTH)
+ @CommandLine.Option(names = {"--auth"}, description = "Authentication: public, basic, oidc", defaultValue = Constants.DEFAULT_AUTH)
private String auth;
- @CommandLine.Option(names = {"-np", "--node-port"}, description = "Node port", defaultValue = "0")
+ @CommandLine.Option(names = {"--node-port"}, description = "Node port", defaultValue = "0")
private int nodePort;
- @CommandLine.Option(names = {"-g", "--git-pull"}, description = "Git pull interval. Default: off", defaultValue = "off")
- private String gitPullInterval;
- @CommandLine.Option(names = {"-i", "--instances"}, description = "Instances. Default: 1", defaultValue = "1")
+ @CommandLine.Option(names = {"--instances"}, description = "Instances. Default: 1", defaultValue = "1")
private int instances;
- @CommandLine.Option(names = {"-ir", "--registry"}, description = "Image registry", defaultValue = Constants.DEFAULT_IMAGE_REGISTRY)
- private String imageRegistry;
- @CommandLine.Option(names = {"-bi", "--base-image"}, description = "Base Image", defaultValue = Constants.KARAVAN_IMAGE)
+ @CommandLine.Option(names = {"--base-image"}, description = "Base Image", defaultValue = Constants.KARAVAN_IMAGE)
private String baseImage;
- @CommandLine.Option(names = {"-bbi", "--base-builder-image"}, description = "Base Builder Image", defaultValue = Constants.DEFAULT_BUILD_IMAGE)
+ @CommandLine.Option(names = {"--base-builder-image"}, description = "Base Builder Image", defaultValue = Constants.DEFAULT_BUILD_IMAGE)
private String baseBuilderImage;
- @CommandLine.Option(names = {"-f", "--file"}, description = "YAML file name", defaultValue = "karavan.yaml")
+ @CommandLine.Option(names = {"--file"}, description = "YAML file name", defaultValue = "karavan.yaml")
private String file;
- @CommandLine.Option(names = {"-y", "--yaml"}, description = "Create YAML file. Do not apply")
+ @CommandLine.Option(names = {"--yaml"}, description = "Create YAML file. Do not apply")
private boolean yaml;
- @CommandLine.Option(names = {"-o", "--openshift"}, description = "Create files for OpenShift")
+ @CommandLine.Option(names = {"--openshift"}, description = "Create files for OpenShift")
private boolean isOpenShift;
+ @CommandLine.Option(names = {"--master-password"}, description = "Master password", defaultValue = "karavan")
+ private String masterPassword;
+ @CommandLine.Option(names = {"--oidc-secret"}, description = "OIDC secret")
+ private String oidcSecret;
+ @CommandLine.Option(names = {"--oidc-server-url"}, description = "OIDC server URL")
+ private String oidcServerUrl;
+ @CommandLine.Option(names = {"--oidc-frontend-url"}, description = "OIDC frontend URL")
+ private String oidcFrontendUrl;
+ @CommandLine.Option(names = {"--git-repository"}, description = "Git repository")
+ private String gitRepository;
+ @CommandLine.Option(names = {"--git-username"}, description = "Git username")
+ private String gitUsername;
+ @CommandLine.Option(names = {"--git-password"}, description = "Git password")
+ private String gitPassword;
+ @CommandLine.Option(names = {"--git-branch"}, description = "Git branch", defaultValue = "main")
+ private String gitBranch;
+ @CommandLine.Option(names = {"--git-pull"}, description = "Git pull interval. Default: off", defaultValue = "off")
+ private String gitPullInterval;
+ @CommandLine.Option(names = {"--registry"}, description = "Image registry", defaultValue = Constants.DEFAULT_IMAGE_REGISTRY)
+ private String imageRegistry;
+
+ @CommandLine.Option(names = { "-h", "--help" }, usageHelp = true, description = "Display help")
+ private boolean helpRequested = false;
+
@Override
public Integer call() throws Exception {
- KaravanConfig config = new KaravanConfig(
+ KaravanConfig config = new KaravanConfig (
version,
namespace,
environment,
runtimes,
auth,
nodePort,
- gitPullInterval,
instances,
- imageRegistry,
baseImage,
baseBuilderImage,
isOpenShift,
- new HashMap<>()
+ new HashMap<>(),
+ masterPassword,
+ oidcSecret,
+ oidcServerUrl,
+ oidcFrontendUrl,
+ gitRepository,
+ gitUsername,
+ gitPassword,
+ gitBranch,
+ gitPullInterval,
+ imageRegistry
);
if (yaml) {
Files.writeString(Path.of(file), ResourceUtils.generateResources(config));
} else {
CommandUtils.installKaravan(config);
}
+ System.out.println(masterPassword);
return 0;
}
public static void main(String... args) {
- int exitCode = new CommandLine(new KaravanCli()).execute(args);
+ CommandLine commandLine = new CommandLine(new KaravanCli());
+ commandLine.parseArgs(args);
+ if (commandLine.isUsageHelpRequested()) {
+ commandLine.usage(System.out);
+ System.exit(0);
+ }
+ int exitCode = commandLine.execute(args);
System.exit(exitCode);
}
}
diff --git a/karavan-cli/src/main/java/org/apache/camel/karavan/cli/KaravanConfig.java b/karavan-cli/src/main/java/org/apache/camel/karavan/cli/KaravanConfig.java
index dd1792c..98658e3 100644
--- a/karavan-cli/src/main/java/org/apache/camel/karavan/cli/KaravanConfig.java
+++ b/karavan-cli/src/main/java/org/apache/camel/karavan/cli/KaravanConfig.java
@@ -16,7 +16,10 @@
*/
package org.apache.camel.karavan.cli;
+import picocli.CommandLine;
+
import java.util.Map;
+import java.util.Objects;
public class KaravanConfig {
@@ -26,46 +29,70 @@
private String runtimes;
private String auth;
private int nodePort;
- private String gitPullInterval;
private int instances;
- private String imageRegistry;
private String baseImage;
private String baseBuilderImage;
private boolean isOpenShift;
private Map<String,String> labels;
- public static KaravanConfig getDefault(String version) {
- return new KaravanConfig(
- version,
- Constants.DEFAULT_NAMESPACE,
- Constants.DEFAULT_ENVIRONMENT,
- Constants.DEFAULT_RUNTIMES,
- Constants.DEFAULT_AUTH,
- Constants.DEFAULT_NODE_PORT,
- Constants.DEFAULT_GIT_PULL_INTERVAL,
- Constants.DEFAULT_INSTANCES,
- Constants.DEFAULT_IMAGE_REGISTRY,
- Constants.KARAVAN_IMAGE,
- Constants.DEFAULT_BUILD_IMAGE,
- false,
- ResourceUtils.getLabels(Constants.NAME, version, Map.of())
- );
- }
+ private String masterPassword;
+ private String oidcSecret;
+ private String oidcServerUrl;
+ private String oidcFrontendUrl;
+ private String gitRepository;
+ private String gitUsername;
+ private String gitPassword;
+ private String gitBranch;
+ private String gitPullInterval;
+ private String imageRegistry;
- public KaravanConfig(String version, String namespace, String environment, String runtimes, String auth, int nodePort, String gitPullInterval, int instances, String imageRegistry, String baseImage, String baseBuilderImage, boolean isOpenShift, Map<String, String> labels) {
+ public KaravanConfig(String version, String namespace, String environment, String runtimes, String auth,
+ int nodePort, int instances, String baseImage, String baseBuilderImage, boolean isOpenShift,
+ Map<String, String> labels, String masterPassword, String oidcSecret, String oidcServerUrl,
+ String oidcFrontendUrl, String gitRepository, String gitUsername, String gitPassword,
+ String gitBranch, String gitPullInterval, String imageRegistry) {
this.version = version;
this.namespace = namespace;
this.environment = environment;
this.runtimes = runtimes;
this.auth = auth;
this.nodePort = nodePort;
- this.gitPullInterval = gitPullInterval;
this.instances = instances;
- this.imageRegistry = imageRegistry;
this.baseImage = baseImage;
this.baseBuilderImage = baseBuilderImage;
this.isOpenShift = isOpenShift;
this.labels = labels;
+ this.masterPassword = masterPassword;
+ this.oidcSecret = oidcSecret;
+ this.oidcServerUrl = oidcServerUrl;
+ this.oidcFrontendUrl = oidcFrontendUrl;
+ this.gitRepository = gitRepository;
+ this.gitUsername = gitUsername;
+ this.gitPassword = gitPassword;
+ this.gitBranch = gitBranch;
+ this.gitPullInterval = gitPullInterval;
+ this.imageRegistry = imageRegistry;
+ }
+
+ public boolean gitConfigured() {
+ return gitRepository != null
+ && gitUsername != null
+ && gitPassword != null
+ && gitBranch != null;
+ }
+
+ public boolean oidcConfigured() {
+ return oidcSecret != null
+ && oidcServerUrl != null
+ && oidcFrontendUrl != null;
+ }
+
+ public boolean isAuthOidc() {
+ return Objects.equals(this.auth, "oidc");
+ }
+
+ public boolean isAuthBasic() {
+ return Objects.equals(this.auth, "basic");
}
public String getVersion() {
@@ -171,4 +198,68 @@
public void setLabels(Map<String, String> labels) {
this.labels = labels;
}
+
+ public String getMasterPassword() {
+ return masterPassword;
+ }
+
+ public void setMasterPassword(String masterPassword) {
+ this.masterPassword = masterPassword;
+ }
+
+ public String getOidcSecret() {
+ return oidcSecret;
+ }
+
+ public void setOidcSecret(String oidcSecret) {
+ this.oidcSecret = oidcSecret;
+ }
+
+ public String getOidcServerUrl() {
+ return oidcServerUrl;
+ }
+
+ public void setOidcServerUrl(String oidcServerUrl) {
+ this.oidcServerUrl = oidcServerUrl;
+ }
+
+ public String getOidcFrontendUrl() {
+ return oidcFrontendUrl;
+ }
+
+ public void setOidcFrontendUrl(String oidcFrontendUrl) {
+ this.oidcFrontendUrl = oidcFrontendUrl;
+ }
+
+ public String getGitRepository() {
+ return gitRepository;
+ }
+
+ public void setGitRepository(String gitRepository) {
+ this.gitRepository = gitRepository;
+ }
+
+ public String getGitUsername() {
+ return gitUsername;
+ }
+
+ public void setGitUsername(String gitUsername) {
+ this.gitUsername = gitUsername;
+ }
+
+ public String getGitPassword() {
+ return gitPassword;
+ }
+
+ public void setGitPassword(String gitPassword) {
+ this.gitPassword = gitPassword;
+ }
+
+ public String getGitBranch() {
+ return gitBranch;
+ }
+
+ public void setGitBranch(String gitBranch) {
+ this.gitBranch = gitBranch;
+ }
}
diff --git a/karavan-cli/src/main/java/org/apache/camel/karavan/cli/resources/KaravanSecret.java b/karavan-cli/src/main/java/org/apache/camel/karavan/cli/resources/KaravanSecret.java
new file mode 100644
index 0000000..a7e47fe
--- /dev/null
+++ b/karavan-cli/src/main/java/org/apache/camel/karavan/cli/resources/KaravanSecret.java
@@ -0,0 +1,51 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.karavan.cli.resources;
+
+import io.fabric8.kubernetes.api.model.*;
+import org.apache.camel.karavan.cli.Constants;
+import org.apache.camel.karavan.cli.KaravanConfig;
+import org.apache.camel.karavan.cli.ResourceUtils;
+
+import java.util.Map;
+
+public class KaravanSecret {
+
+ public static Secret getSecret(KaravanConfig config) {
+
+ Map<String, String> secretData = Map.of(
+ "master-password", (config.isAuthBasic() ? config.getMasterPassword() : "xxx"),
+ "oidc-secret", (config.isAuthOidc() ? config.getOidcSecret() : "xxx"),
+ "oidc-server-url", (config.isAuthOidc() ? config.getOidcServerUrl() :"https://localhost/auth/realms/karavan"),
+ "oidc-frontend-url", (config.isAuthOidc() ? config.getOidcFrontendUrl() : "https://localhost/auth"),
+ "git-repository", config.getGitRepository(),
+ "git-password", config.getGitPassword(),
+ "git-username", config.getGitUsername(),
+ "git-branch", config.getGitBranch(),
+ "image-registry", config.getImageRegistry()
+ );
+
+ return new SecretBuilder()
+ .withNewMetadata()
+ .withName(Constants.NAME)
+ .withNamespace(config.getNamespace())
+ .withLabels(ResourceUtils.getLabels(Constants.NAME, config.getVersion(), Map.of()))
+ .endMetadata()
+ .withStringData(secretData)
+ .build();
+ }
+}
