Add organizationAdmin

[ZITADOPER-1]
2024-05-20 19:45:14 -05:00
parent c143e6dca3
commit 430d4a7383
6 changed files with 154 additions and 151 deletions
--- a/src/internal/controller/zitadelcluster_controller.go
+++ b/src/internal/controller/zitadelcluster_controller.go
@@ -27,7 +27,6 @@ import (
 	"time"

 	zitadelv1alpha1 "bitbucket.org/topmanage-software-engineering/zitadel-k8s-operator/src/api/v1alpha1"
-	"bitbucket.org/topmanage-software-engineering/zitadel-k8s-operator/src/pkg/admin"
 	builder "bitbucket.org/topmanage-software-engineering/zitadel-k8s-operator/src/pkg/builder"
 	condition "bitbucket.org/topmanage-software-engineering/zitadel-k8s-operator/src/pkg/condition"
 	"bitbucket.org/topmanage-software-engineering/zitadel-k8s-operator/src/pkg/configuration"
@@ -40,13 +39,10 @@ import (
 	systemapiaccount "bitbucket.org/topmanage-software-engineering/zitadel-k8s-operator/src/pkg/systemapi"
 	zitadelClient "bitbucket.org/topmanage-software-engineering/zitadel-k8s-operator/src/pkg/zitadel"
 	"github.com/hashicorp/go-multierror"
-	"github.com/zitadel/zitadel-go/v2/pkg/client/middleware"
 	"github.com/zitadel/zitadel-go/v2/pkg/client/system"
 	adm "github.com/zitadel/zitadel-go/v2/pkg/client/zitadel/admin"
 	authn "github.com/zitadel/zitadel-go/v2/pkg/client/zitadel/authn"
-	"github.com/zitadel/zitadel-go/v2/pkg/client/zitadel/management"
 	pb "github.com/zitadel/zitadel-go/v2/pkg/client/zitadel/system"
-	"github.com/zitadel/zitadel-go/v2/pkg/client/zitadel/user"
 	appsv1 "k8s.io/api/apps/v1"
 	batchv1 "k8s.io/api/batch/v1"
 	corev1 "k8s.io/api/core/v1"
@@ -153,10 +149,6 @@ func (r *ZitadelClusterReconciler) Reconcile(ctx context.Context, req ctrl.Reque
 			Name:      "DefaultInstance",
 			Reconcile: r.reconcileDefaultInstance,
 		},
-		{
-			Name:      "DefaultOrgManifest",
-			Reconcile: r.reconcileOrgManifest,
-		},
 		{
 			Name:      "SMTPConfig",
 			Reconcile: r.reconcileSMTPConfig,
@@ -165,14 +157,6 @@ func (r *ZitadelClusterReconciler) Reconcile(ctx context.Context, req ctrl.Reque
 			Name:      "DomainPolicyConfig",
 			Reconcile: r.reconcileDomainPolicy,
 		},
-		{
-			Name:      "InitialAdminSecret",
-			Reconcile: r.reconcileInitialAdminPassword,
-		},
-		{
-			Name:      "InitialAdmin",
-			Reconcile: r.reconcileInitialHumanUser,
-		},
 	}

 	for _, p := range phases {
@@ -461,31 +445,6 @@ func (r *ZitadelClusterReconciler) reconcileDefaultInstance(ctx context.Context,
 	return ctrl.Result{}, nil
 }

-func (r *ZitadelClusterReconciler) reconcileOrgManifest(ctx context.Context, zitadel *zitadelv1alpha1.ZitadelCluster) (ctrl.Result, error) {
-	key := types.NamespacedName{
-		Name:      zitadel.Spec.FirstOrgName,
-		Namespace: zitadel.Namespace,
-	}
-	desiredOrganization, err := r.Builder.BuildOrganization(builder.OrganizationOpts{
-		Key:     key,
-		Zitadel: zitadel,
-	}, zitadel)
-	if err != nil {
-		return ctrl.Result{}, fmt.Errorf("error building default organization: %v", err)
-	}
-
-	var existingOrganization zitadelv1alpha1.Organization
-	if err := r.Get(ctx, key, &existingOrganization); err != nil {
-		if !errors.IsNotFound(err) {
-			return ctrl.Result{}, fmt.Errorf("error getting Organization: %v", err)
-		}
-		if err := r.Create(ctx, desiredOrganization); err != nil {
-			return ctrl.Result{}, fmt.Errorf("error creating Organization: %v", err)
-		}
-	}
-	return ctrl.Result{}, nil
-}
-
 func (r *ZitadelClusterReconciler) reconcileSMTPConfig(ctx context.Context, zitadel *zitadelv1alpha1.ZitadelCluster) (ctrl.Result, error) {
 	adminClient, err := zitadelClient.NewAdminClient(ctx, zitadel, *r.RefResolver)
 	if err != nil {
@@ -575,115 +534,6 @@ func (r *ZitadelClusterReconciler) reconcileDomainPolicy(ctx context.Context, zi
 	return ctrl.Result{}, nil
 }

-func (r *ZitadelClusterReconciler) reconcileInitialAdminPassword(ctx context.Context, zitadel *zitadelv1alpha1.ZitadelCluster) (ctrl.Result, error) {
-	secretName := admin.AdminPasswordSecretName(zitadel)
-	key := types.NamespacedName{
-		Name:      secretName,
-		Namespace: zitadel.Namespace,
-	}
-	_, err := r.SecretReconciler.ReconcileRandomPassword(ctx, key, admin.Key, zitadel)
-
-	if err != nil {
-		return ctrl.Result{}, err
-	}
-	return ctrl.Result{}, nil
-}
-
-func (r *ZitadelClusterReconciler) reconcileInitialHumanUser(ctx context.Context, zitadel *zitadelv1alpha1.ZitadelCluster) (ctrl.Result, error) {
-	managementClient, err := zitadelClient.NewClient(ctx, zitadel, *r.RefResolver)
-	if err != nil {
-		return ctrl.Result{}, err
-	}
-	defer managementClient.Connection.Close()
-
-	secretName := admin.AdminPasswordSecretName(zitadel)
-	key := types.NamespacedName{
-		Name:      secretName,
-		Namespace: zitadel.Namespace,
-	}
-	password, err := r.SecretReconciler.ReconcileRandomPassword(ctx, key, admin.Key, zitadel)
-	if err != nil {
-		return ctrl.Result{}, err
-	}
-
-	org, err := managementClient.GetMyOrg(ctx, &management.GetMyOrgRequest{})
-	if err != nil {
-		return ctrl.Result{}, fmt.Errorf("Error getting org: %v", err)
-	}
-	adminUser, err := managementClient.GetUserByLoginNameGlobal(ctx, &management.GetUserByLoginNameGlobalRequest{
-		LoginName: strings.ToLower(fmt.Sprintf("%s@%s.%s", admin.AccountName, zitadel.Spec.FirstOrgName, zitadel.Spec.Host)),
-	})
-	if err != nil {
-		if !strings.Contains(err.Error(), "could not be found") {
-			return ctrl.Result{}, fmt.Errorf("Error getting admin user: %v", err)
-		}
-	}
-	var userid string
-	if adminUser == nil {
-		resp, err := managementClient.AddHumanUser(middleware.SetOrgID(ctx, org.Org.Id), &management.AddHumanUserRequest{
-			UserName: admin.AccountName,
-			Profile: &management.AddHumanUserRequest_Profile{
-				FirstName:         admin.AccountName,
-				LastName:          admin.AccountName,
-				NickName:          admin.AccountName,
-				DisplayName:       admin.AccountName,
-				Gender:            user.Gender_GENDER_DIVERSE,
-				PreferredLanguage: "en",
-			},
-			InitialPassword: password,
-			Email: &management.AddHumanUserRequest_Email{
-				Email:           "dev@topmanage.com",
-				IsEmailVerified: true,
-			},
-		})
-		userid = resp.UserId
-		if err != nil {
-			return ctrl.Result{}, fmt.Errorf("Error adding human user: %v", err)
-		}
-		{
-			if _, err := managementClient.AddOrgMember(middleware.SetOrgID(ctx, org.Org.Id), &management.AddOrgMemberRequest{
-				UserId: userid,
-				Roles: []string{
-					"ORG_OWNER",
-				},
-			}); err != nil {
-				if !strings.Contains(err.Error(), "Errors.Org.Member.RolesNotChanged") {
-					return ctrl.Result{}, fmt.Errorf("Error adding org member: %v", err)
-				}
-			}
-		}
-	} else {
-		userid = adminUser.User.Id
-	}
-
-	{
-		if _, err := managementClient.SetHumanPassword(middleware.SetOrgID(ctx, org.Org.Id), &management.SetHumanPasswordRequest{
-			UserId:           userid,
-			Password:         password,
-			NoChangeRequired: true,
-		}); err != nil {
-			return ctrl.Result{}, fmt.Errorf("Error setting password for member: %v", err)
-		}
-	}
-	{
-		if _, err := managementClient.UpdateOrgMember(middleware.SetOrgID(ctx, org.Org.Id), &management.UpdateOrgMemberRequest{
-			UserId: userid,
-			Roles: []string{
-				"ORG_OWNER",
-			},
-		}); err != nil {
-			if !strings.Contains(err.Error(), "Errors.Org.Member.RolesNotChanged") {
-				return ctrl.Result{}, fmt.Errorf("Error updating org member: %v", err)
-			}
-		}
-
-	}
-
-	patch := client.MergeFrom(zitadel.DeepCopy())
-	zitadel.Status.InitialAdminId = userid
-	return ctrl.Result{}, r.Status().Patch(ctx, zitadel, patch)
-}
-
 func GetIssuer(zitadel *zitadelv1alpha1.ZitadelCluster) string {
 	scheme := "http"
 	if zitadel.Spec.ExternalSecure {