Skip to content

Commit

Permalink
consul-k8s CLI - hcp self-managed clusters - fix the required environ…
Browse files Browse the repository at this point in the history
…ment variables that should just default to production settings
  • Loading branch information
jmurret committed Oct 6, 2022
1 parent dfd2f48 commit 1f04f3a
Show file tree
Hide file tree
Showing 6 changed files with 180 additions and 39 deletions.
23 changes: 5 additions & 18 deletions cli/cmd/install/install.go
Original file line number Diff line number Diff line change
Expand Up @@ -64,12 +64,6 @@ const (

flagNameHCPResourceID = "hcp-resource-id"

envHCPClientID = "HCP_CLIENT_ID"
envHCPClientSecret = "HCP_CLIENT_SECRET"
envHCPAuthURL = "HCP_AUTH_URL"
envHCPAPIHost = "HCP_API_HOST"
envHCPScadaAddress = "HCP_SCADA_ADDRESS"

flagNameDemo = "demo"
defaultDemo = false
)
Expand Down Expand Up @@ -603,12 +597,12 @@ func (c *Command) validateFlags(args []string) error {
}

if c.flagPreset == preset.PresetCloud {
clientID := os.Getenv(envHCPClientID)
clientSecret := os.Getenv(envHCPClientSecret)
clientID := os.Getenv(preset.EnvHCPClientID)
clientSecret := os.Getenv(preset.EnvHCPClientSecret)
if clientID == "" {
return fmt.Errorf("When '%s' is specified as the preset, the '%s' environment variable must also be set", preset.PresetCloud, envHCPClientID)
return fmt.Errorf("When '%s' is specified as the preset, the '%s' environment variable must also be set", preset.PresetCloud, preset.EnvHCPClientID)
} else if clientSecret == "" {
return fmt.Errorf("When '%s' is specified as the preset, the '%s' environment variable must also be set", preset.PresetCloud, envHCPClientSecret)
return fmt.Errorf("When '%s' is specified as the preset, the '%s' environment variable must also be set", preset.PresetCloud, preset.EnvHCPClientSecret)
} else if c.flagNameHCPResourceID == "" {
return fmt.Errorf("When '%s' is specified as the preset, the '%s' flag must also be provided", preset.PresetCloud, flagNameHCPResourceID)
}
Expand Down Expand Up @@ -649,14 +643,7 @@ func (c *Command) checkValidEnterprise(secretName string) error {
// implements the Preset interface. If the string is not recognized an error is
// returned.
func (c *Command) getPreset(name string) (preset.Preset, error) {
hcpConfig := &preset.HCPConfig{
ResourceID: c.flagNameHCPResourceID,
ClientID: os.Getenv(envHCPClientID),
ClientSecret: os.Getenv(envHCPClientSecret),
AuthURL: os.Getenv(envHCPAuthURL),
APIHostname: os.Getenv(envHCPAPIHost),
ScadaAddress: os.Getenv(envHCPScadaAddress),
}
hcpConfig := preset.GetHCPPresetFromEnv(c.flagNameHCPResourceID)
getPresetConfig := &preset.GetPresetConfig{
Name: name,
CloudPreset: &preset.CloudPreset{
Expand Down
17 changes: 5 additions & 12 deletions cli/cmd/upgrade/upgrade.go
Original file line number Diff line number Diff line change
Expand Up @@ -57,9 +57,6 @@ const (

flagNameHCPResourceID = "hcp-resource-id"

envHCPClientID = "HCP_CLIENT_ID"
envHCPClientSecret = "HCP_CLIENT_SECRET"

consulDemoChartPath = "demo"
)

Expand Down Expand Up @@ -442,12 +439,12 @@ func (c *Command) validateFlags(args []string) error {
}

if c.flagPreset == preset.PresetCloud {
clientID := os.Getenv(envHCPClientID)
clientSecret := os.Getenv(envHCPClientSecret)
clientID := os.Getenv(preset.EnvHCPClientID)
clientSecret := os.Getenv(preset.EnvHCPClientSecret)
if clientID == "" {
return fmt.Errorf("When '%s' is specified as the preset, the '%s' environment variable must also be set", preset.PresetCloud, envHCPClientID)
return fmt.Errorf("When '%s' is specified as the preset, the '%s' environment variable must also be set", preset.PresetCloud, preset.EnvHCPClientID)
} else if clientSecret == "" {
return fmt.Errorf("When '%s' is specified as the preset, the '%s' environment variable must also be set", preset.PresetCloud, envHCPClientSecret)
return fmt.Errorf("When '%s' is specified as the preset, the '%s' environment variable must also be set", preset.PresetCloud, preset.EnvHCPClientSecret)
} else if c.flagNameHCPResourceID == "" {
return fmt.Errorf("When '%s' is specified as the preset, the '%s' flag must also be provided", preset.PresetCloud, flagNameHCPResourceID)
}
Expand Down Expand Up @@ -526,11 +523,7 @@ func (c *Command) createUILogger() func(string, ...interface{}) {
// implements the Preset interface. If the string is not recognized an error is
// returned.
func (c *Command) getPreset(name string, namespace string) (preset.Preset, error) {
hcpConfig := &preset.HCPConfig{
ResourceID: c.flagNameHCPResourceID,
ClientID: os.Getenv(envHCPClientID),
ClientSecret: os.Getenv(envHCPClientSecret),
}
hcpConfig := preset.GetHCPPresetFromEnv(c.flagNameHCPResourceID)
getPresetConfig := &preset.GetPresetConfig{
Name: name,
CloudPreset: &preset.CloudPreset{
Expand Down
16 changes: 13 additions & 3 deletions cli/preset/cloud_preset.go
Original file line number Diff line number Diff line change
Expand Up @@ -302,10 +302,20 @@ func (i *CloudPreset) saveServerHCPConfigSecret(config *CloudBootstrapConfig) er
secretKeyHCPClientID: []byte(config.HCPConfig.ClientID),
secretKeyHCPClientSecret: []byte(config.HCPConfig.ClientSecret),
secretKeyHCPResourceID: []byte(config.HCPConfig.ResourceID),
secretKeyHCPAuthURL: []byte(config.HCPConfig.AuthURL),
secretKeyHCPAPIHostname: []byte(config.HCPConfig.APIHostname),
secretKeyHCPScadaAddress: []byte(config.HCPConfig.ScadaAddress),
}

if config.HCPConfig.AuthURL != "" {
data[secretKeyHCPAuthURL] = []byte(config.HCPConfig.AuthURL)
}

if config.HCPConfig.APIHostname != "" {
data[secretKeyHCPAPIHostname] = []byte(config.HCPConfig.APIHostname)
}

if config.HCPConfig.ScadaAddress != "" {
data[secretKeyHCPScadaAddress] = []byte(config.HCPConfig.ScadaAddress)
}

if err := i.saveSecret(secretNameHCPConfig, data, corev1.SecretTypeOpaque); err != nil {
return err
}
Expand Down
45 changes: 39 additions & 6 deletions cli/preset/cloud_preset_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -126,8 +126,8 @@ func TestGetValueMap(t *testing.T) {
testCases := []struct {
description string
installer *CloudPreset
expectedConfig *CloudBootstrapConfig
postProcessingFunc func()
requireCheck func()
}{
{
"Should save secrets when SkipSavingSecrets is false.",
Expand All @@ -139,10 +139,12 @@ func TestGetValueMap(t *testing.T) {
HTTPClient: hcpMockServer.Client(),
Context: context.Background(),
},
bsConfig,
func() {
deleteSecrets(k8s)
},
func() {
checkAllSecretsWereSaved(t, k8s, bsConfig)
},
},
{
"Should not save secrets when SkipSavingSecrets is true.",
Expand All @@ -155,10 +157,41 @@ func TestGetValueMap(t *testing.T) {
HTTPClient: hcpMockServer.Client(),
Context: context.Background(),
},
bsConfig,
func() {
deleteSecrets(k8s)
},
func() {
checkAllSecretsWereSaved(t, k8s, bsConfig)
},
},
{
"Should not save save api-hostname, scada-address, or auth-url keys as empty strings if they are not configured.",
&CloudPreset{
HCPConfig: &HCPConfig{
ResourceID: hcpResourceID,
ClientID: hcpClientID,
ClientSecret: hcpClientSecret,
},
KubernetesClient: k8s,
KubernetesNamespace: namespace,
UI: terminal.NewBasicUI(context.Background()),
SkipSavingSecrets: false,
HTTPClient: hcpMockServer.Client(),
Context: context.Background(),
},
func() {
deleteSecrets(k8s)
},
func() {
hcpConfigSecret, err := k8s.CoreV1().Secrets(namespace).Get(context.Background(), secretNameHCPConfig, metav1.GetOptions{})
require.NoError(t, err)
require.Equal(t, bsConfig.HCPConfig.ClientID, string(hcpConfigSecret.Data[secretKeyHCPClientID]))
require.Equal(t, bsConfig.HCPConfig.ClientSecret, string(hcpConfigSecret.Data[secretKeyHCPClientSecret]))
require.Equal(t, bsConfig.HCPConfig.ResourceID, string(hcpConfigSecret.Data[secretKeyHCPResourceID]))
require.Nil(t, hcpConfigSecret.Data[secretKeyHCPAuthURL])
require.Nil(t, hcpConfigSecret.Data[secretKeyHCPScadaAddress])
require.Nil(t, hcpConfigSecret.Data[secretKeyHCPAPIHostname])
},
},
}

Expand All @@ -170,7 +203,7 @@ func TestGetValueMap(t *testing.T) {
if tc.installer.SkipSavingSecrets {
checkSecretsWereNotSaved(k8s)
} else {
checkSecretsWereSaved(t, k8s, bsConfig)
tc.requireCheck()
}
tc.postProcessingFunc()
})
Expand Down Expand Up @@ -310,7 +343,7 @@ func TestSaveSecretsFromBootstrapConfig(t *testing.T) {
require.Equal(t, expectedSecretNameServerCA, secretNameServerCA)
require.Equal(t, expectedSecretNameServerCert, secretNameServerCert)

checkSecretsWereSaved(t, k8s, validBootstrapConfig)
checkAllSecretsWereSaved(t, k8s, validBootstrapConfig)

}
tc.postProcessingFunc()
Expand Down Expand Up @@ -390,7 +423,7 @@ func deleteSecrets(k8sClient kubernetes.Interface) {
k8sClient.CoreV1().Secrets(namespace).Delete(context.Background(), expectedSecretNameServerCA, metav1.DeleteOptions{})
}

func checkSecretsWereSaved(t require.TestingT, k8s kubernetes.Interface, expectedConfig *CloudBootstrapConfig) {
func checkAllSecretsWereSaved(t require.TestingT, k8s kubernetes.Interface, expectedConfig *CloudBootstrapConfig) {

// Check that namespace is created
_, err := k8s.CoreV1().Namespaces().Get(context.Background(), namespace, metav1.GetOptions{})
Expand Down
40 changes: 40 additions & 0 deletions cli/preset/preset.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,19 @@ package preset

import (
"fmt"
"os"
)

const (
PresetSecure = "secure"
PresetQuickstart = "quickstart"
PresetCloud = "cloud"

EnvHCPClientID = "HCP_CLIENT_ID"
EnvHCPClientSecret = "HCP_CLIENT_SECRET"
EnvHCPAuthURL = "HCP_AUTH_URL"
EnvHCPAPIHost = "HCP_API_HOST"
EnvHCPScadaAddress = "HCP_SCADA_ADDRESS"
)

// Presets is a list of all the available presets for use with CLI's install
Expand Down Expand Up @@ -42,3 +49,36 @@ func GetPreset(config *GetPresetConfig) (Preset, error) {
}
return nil, fmt.Errorf("'%s' is not a valid preset", config.Name)
}

func GetHCPPresetFromEnv(resourceID string) *HCPConfig {
hcpConfig := &HCPConfig{
ResourceID: resourceID,
}

// Read clientID from environment
if clientID, ok := os.LookupEnv(EnvHCPClientID); ok {
hcpConfig.ClientID = clientID
}

// Read clientSecret from environment
if clientSecret, ok := os.LookupEnv(EnvHCPClientSecret); ok {
hcpConfig.ClientSecret = clientSecret
}

// Read authURL from environment
if authURL, ok := os.LookupEnv(EnvHCPAuthURL); ok {
hcpConfig.AuthURL = authURL
}

// Read apiHost from environment
if apiHost, ok := os.LookupEnv(EnvHCPAPIHost); ok {
hcpConfig.APIHostname = apiHost
}

// Read scadaAddress from environment
if scadaAddress, ok := os.LookupEnv(EnvHCPScadaAddress); ok {
hcpConfig.ScadaAddress = scadaAddress
}

return hcpConfig
}
78 changes: 78 additions & 0 deletions cli/preset/preset_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
package preset

import (
"os"
"testing"

"github.com/stretchr/testify/require"
)

func TestGetHCPPresetFromEnv(t *testing.T) {
const (
scadaAddress = "scada-address"
clientID = "client-id"
clientSecret = "client-secret"
apiHost = "api-host"
authURL = "auth-url"
resourceID = "resource-id"
)

testCases := []struct {
description string
resourceID string
preProcessingFunc func()
postProcessingFunc func()
expectedPreset *HCPConfig
}{
{
"Should populate properties in addition to resourceID on HCPConfig when environment variables are set.",
resourceID,
func() {
os.Setenv(EnvHCPClientID, clientID)
os.Setenv(EnvHCPClientSecret, clientSecret)
os.Setenv(EnvHCPAPIHost, apiHost)
os.Setenv(EnvHCPAuthURL, authURL)
os.Setenv(EnvHCPScadaAddress, scadaAddress)
},
func() {
os.Unsetenv(EnvHCPClientID)
os.Unsetenv(EnvHCPClientSecret)
os.Unsetenv(EnvHCPAPIHost)
os.Unsetenv(EnvHCPAuthURL)
os.Unsetenv(EnvHCPScadaAddress)
},
&HCPConfig{
ResourceID: resourceID,
ClientID: clientID,
ClientSecret: clientSecret,
AuthURL: authURL,
APIHostname: apiHost,
ScadaAddress: scadaAddress,
},
},
{
"Should only populate resourceID on HCPConfig when environment variables are not set.",
resourceID,
func() {
os.Unsetenv(EnvHCPClientID)
os.Unsetenv(EnvHCPClientSecret)
os.Unsetenv(EnvHCPAPIHost)
os.Unsetenv(EnvHCPAuthURL)
os.Unsetenv(EnvHCPScadaAddress)
},
func() {},
&HCPConfig{
ResourceID: resourceID,
},
},
}

for _, testCase := range testCases {
testCase.preProcessingFunc()
defer testCase.postProcessingFunc()
t.Run(testCase.description, func(t *testing.T) {
hcpPreset := GetHCPPresetFromEnv(testCase.resourceID)
require.Equal(t, testCase.expectedPreset, hcpPreset)
})
}
}

0 comments on commit 1f04f3a

Please sign in to comment.