This commit is contained in:
76
pkg/zitadel/zitadel.go
Normal file
76
pkg/zitadel/zitadel.go
Normal file
@@ -0,0 +1,76 @@
|
||||
package zitadel
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
zitadelv1alpha1 "gitea.corredorconect.com/software-engineering/zitadel-k8s-operator/api/v1alpha1"
|
||||
"gitea.corredorconect.com/software-engineering/zitadel-k8s-operator/pkg/deployment"
|
||||
systemapiaccount "gitea.corredorconect.com/software-engineering/zitadel-k8s-operator/pkg/systemapi"
|
||||
"google.golang.org/grpc"
|
||||
"strings"
|
||||
|
||||
"github.com/zitadel/zitadel-go/v3/pkg/client/zitadel"
|
||||
|
||||
"github.com/zitadel/zitadel-go/v3/pkg/client/system"
|
||||
corev1 "k8s.io/api/core/v1"
|
||||
)
|
||||
|
||||
type MachineKey struct {
|
||||
Type string `json:"type"`
|
||||
KeyID string `json:"keyId"`
|
||||
Key string `json:"key"`
|
||||
UserID string `json:"userId"`
|
||||
}
|
||||
|
||||
func WithAuthority(cluster *zitadelv1alpha1.Cluster) func() zitadel.Option {
|
||||
return func() zitadel.Option {
|
||||
return zitadel.WithDialOptions(grpc.WithAuthority(GetAuthority(cluster)))
|
||||
}
|
||||
}
|
||||
|
||||
func NewSystemClient(ctx context.Context, cluster *zitadelv1alpha1.Cluster, refresolver zitadelv1alpha1.RefResolver) (*system.Client, error) {
|
||||
privateKeyData, err := refresolver.SecretKeyRef(ctx, corev1.SecretKeySelector{LocalObjectReference: corev1.LocalObjectReference{Name: systemapiaccount.SystemAPIAccountName(cluster)}, Key: systemapiaccount.Key}, cluster.Namespace)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
systemClient, err := system.NewClient(ctx, GetIssuer(cluster), GetAPI(cluster),
|
||||
system.JWTProfileFromKey([]byte(strings.TrimSpace(privateKeyData)), systemapiaccount.OwnerName),
|
||||
system.WithInsecure(),
|
||||
)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("Error creating system client: %v", err)
|
||||
}
|
||||
return systemClient, nil
|
||||
}
|
||||
|
||||
func GetAuthority(zitadel *zitadelv1alpha1.Cluster) string {
|
||||
return fmt.Sprintf("%s:%d", zitadel.Spec.Host, zitadel.Spec.ExternalPort)
|
||||
}
|
||||
|
||||
func GetInstanceAuthority(zitadel *zitadelv1alpha1.Instance, cluster *zitadelv1alpha1.Cluster) string {
|
||||
return fmt.Sprintf("%s:%d", zitadel.Spec.CustomDomain, cluster.Spec.ExternalPort)
|
||||
}
|
||||
|
||||
func GetIssuer(zitadel *zitadelv1alpha1.Cluster) string {
|
||||
scheme := "http"
|
||||
if zitadel.Spec.ExternalSecure {
|
||||
scheme = "https"
|
||||
}
|
||||
return fmt.Sprintf("%s://%s", scheme, zitadel.Spec.Host)
|
||||
}
|
||||
|
||||
func GetAPI(zitadel *zitadelv1alpha1.Cluster) string {
|
||||
return fmt.Sprintf("%s:%d", deployment.ServiceFQDN(zitadel.ObjectMeta), deployment.ZitadelPort)
|
||||
}
|
||||
|
||||
func GetAPIHost(zitadel *zitadelv1alpha1.Cluster) string {
|
||||
return fmt.Sprintf("%s", deployment.ServiceFQDN(zitadel.ObjectMeta))
|
||||
}
|
||||
|
||||
func GetAPIPort(zitadel *zitadelv1alpha1.Cluster) string {
|
||||
return fmt.Sprintf("%d", deployment.ZitadelPort)
|
||||
}
|
||||
|
||||
func GetAPIUrl(zitadel *zitadelv1alpha1.Cluster) string {
|
||||
return fmt.Sprintf("http://%s:%d", deployment.ServiceFQDN(zitadel.ObjectMeta), deployment.ZitadelPort)
|
||||
}
|
||||
Reference in New Issue
Block a user