software-engineering/zitadel-k8s-operator
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged in feature/ZITADOPER-5-add-iam_owner-to-firstorg-ad (pull request #7)

Browse Source 
Feature/ZITADOPER-5 add iam owner to firstorg ad
This commit is contained in:
Haim Kortovich
2024-10-31 17:01:45 +00:00
parent 58555164a9 686d4e5e11
commit 8deee2bc82
1 changed files with 35 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
src/internal/controller/organization_controller.go
View File

@@ -25,8 +25,10 @@ import (
zitadelv1alpha1 "bitbucket.org/topmanage-software-engineering/zitadel-k8s-operator/src/api/v1alpha1" zitadelv1alpha1 "bitbucket.org/topmanage-software-engineering/zitadel-k8s-operator/src/api/v1alpha1"
condition "bitbucket.org/topmanage-software-engineering/zitadel-k8s-operator/src/pkg/condition" condition "bitbucket.org/topmanage-software-engineering/zitadel-k8s-operator/src/pkg/condition"
"bitbucket.org/topmanage-software-engineering/zitadel-k8s-operator/src/pkg/controller/zitadel" "bitbucket.org/topmanage-software-engineering/zitadel-k8s-operator/src/pkg/controller/zitadel"
zitadelClient "bitbucket.org/topmanage-software-engineering/zitadel-k8s-operator/src/pkg/zitadel"
"github.com/zitadel/zitadel-go/v2/pkg/client/management" "github.com/zitadel/zitadel-go/v2/pkg/client/management"
"github.com/zitadel/zitadel-go/v2/pkg/client/middleware" "github.com/zitadel/zitadel-go/v2/pkg/client/middleware"
adm "github.com/zitadel/zitadel-go/v2/pkg/client/zitadel/admin"
pb "github.com/zitadel/zitadel-go/v2/pkg/client/zitadel/management" pb "github.com/zitadel/zitadel-go/v2/pkg/client/zitadel/management"
"k8s.io/client-go/util/workqueue" "k8s.io/client-go/util/workqueue"
ctrl "sigs.k8s.io/controller-runtime" ctrl "sigs.k8s.io/controller-runtime"
@@ -150,6 +152,7 @@ func (wr *wrappedOrganizationReconciler) reconcileInitialAdmin(ctx context.Conte
if err != nil { if err != nil {
return err return err
} }
adminUser, err := ztdClient.GetUserByLoginNameGlobal(ctx, &pb.GetUserByLoginNameGlobalRequest{ adminUser, err := ztdClient.GetUserByLoginNameGlobal(ctx, &pb.GetUserByLoginNameGlobalRequest{
LoginName: strings.ToLower(fmt.Sprintf("%s@%s.%s", wr.organization.Spec.OrganizationAdmin.UserName, wr.organization.Name, zitadelCluster.Spec.Host)), LoginName: strings.ToLower(fmt.Sprintf("%s@%s.%s", wr.organization.Spec.OrganizationAdmin.UserName, wr.organization.Name, zitadelCluster.Spec.Host)),
}) })
@@ -188,6 +191,7 @@ func (wr *wrappedOrganizationReconciler) reconcileInitialAdmin(ctx context.Conte
} }
} }
} }
} else { } else {
userid = adminUser.User.Id userid = adminUser.User.Id
} }
@@ -203,6 +207,37 @@ func (wr *wrappedOrganizationReconciler) reconcileInitialAdmin(ctx context.Conte
return fmt.Errorf("Error updating org member: %v", err) return fmt.Errorf("Error updating org member: %v", err)
} }
} }
if zitadelCluster.Spec.FirstOrgName == wr.organization.Name {
adminClient, err := zitadelClient.NewAdminClient(ctx, zitadelCluster, *wr.refResolver)
if err != nil {
return err
}
{
if _, err := adminClient.AddIAMMember(ctx, &adm.AddIAMMemberRequest{
UserId: userid,
Roles: []string{
"IAM_OWNER",
},
}); err != nil {
if !strings.Contains(err.Error(), "Roles have not been changed") && !strings.Contains(err.Error(), "AlreadyExists") {
return fmt.Errorf("Error adding iam member: %v", err)
}
}
}
{
if _, err := adminClient.UpdateIAMMember(ctx, &adm.UpdateIAMMemberRequest{
UserId: userid,
Roles: []string{
"IAM_OWNER",
},
}); err != nil {
if !strings.Contains(err.Error(), "Roles have not been changed") {
return fmt.Errorf("Error updating iam member: %v", err)
}
}
}
}
} }
patch := client.MergeFrom(wr.organization.DeepCopy()) patch := client.MergeFrom(wr.organization.DeepCopy())
wr.organization.Status.AdminId = userid wr.organization.Status.AdminId = userid