Version v0.1.9

Bunch of fixes to interact with the new world of authn/authz, then making everything scoped to an explicit organization.
unikorn-cloud · Mar 19, 2024 · 7786f37 · 7786f37
1 parent ed7bcc0
commit 7786f37
Show file tree

Hide file tree

Showing 13 changed files with 769 additions and 948 deletions.
diff --git a/charts/unikorn/Chart.yaml b/charts/unikorn/Chart.yaml
@@ -4,7 +4,7 @@ description: A Helm chart for deploying Unikorn
 
 type: application
 
-version: v0.1.8
-appVersion: v0.1.8
+version: v0.1.9
+appVersion: v0.1.9
 
 icon: https://raw.githubusercontent.com/unikorn-cloud/unikorn/main/icons/default.png
diff --git a/go.mod b/go.mod
@@ -13,7 +13,7 @@ require (
 	github.com/prometheus/client_golang v1.18.0
 	github.com/spdx/tools-golang v0.5.3
 	github.com/spf13/pflag v1.0.5
-	github.com/unikorn-cloud/core v0.1.10
+	github.com/unikorn-cloud/core v0.1.12
 	go.opentelemetry.io/otel v1.24.0
 	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.22.0
 	go.opentelemetry.io/otel/sdk v1.22.0

diff --git a/go.sum b/go.sum
@@ -305,14 +305,8 @@ github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS
 github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08=
 github.com/ugorji/go/codec v1.2.12 h1:9LC83zGrHhuUA9l16C9AHXAqEV/2wBQ4nkvumAE65EE=
 github.com/ugorji/go/codec v1.2.12/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg=
-github.com/unikorn-cloud/core v0.1.7 h1:I2Xu9gYlRnkG0TjY+qbTIWY+kHCv76mCOVFkLL1dsaY=
-github.com/unikorn-cloud/core v0.1.7/go.mod h1:G45rJ0e5LOdoFcD9C00wSuhe/AMeBC+tczmQSsS+0/Q=
-github.com/unikorn-cloud/core v0.1.8 h1:JJAfUgCP2hAAAMcfWjE0hmyDOmlg9fxNlWSyJs7gT3k=
-github.com/unikorn-cloud/core v0.1.8/go.mod h1:G45rJ0e5LOdoFcD9C00wSuhe/AMeBC+tczmQSsS+0/Q=
-github.com/unikorn-cloud/core v0.1.9 h1:XGgq0WXbfjXVc7WKG8rVhotNtNaIV1uEZ5hDxQXq7D8=
-github.com/unikorn-cloud/core v0.1.9/go.mod h1:G45rJ0e5LOdoFcD9C00wSuhe/AMeBC+tczmQSsS+0/Q=
-github.com/unikorn-cloud/core v0.1.10 h1:8D5+CSbBi0ziutAoaWnQq/t1mtfV0IQ1uD6Dg7HfAqY=
-github.com/unikorn-cloud/core v0.1.10/go.mod h1:G45rJ0e5LOdoFcD9C00wSuhe/AMeBC+tczmQSsS+0/Q=
+github.com/unikorn-cloud/core v0.1.12 h1:I78A9dNMCMtth1WGrEEPhktyNOtQ33W52TIRuw2R4XA=
+github.com/unikorn-cloud/core v0.1.12/go.mod h1:G45rJ0e5LOdoFcD9C00wSuhe/AMeBC+tczmQSsS+0/Q=
 github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
 github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
 github.com/valyala/fasttemplate v1.2.2 h1:lxLXG0uE3Qnshl9QyaK6XJxMXlQZELvChBOCmQD0Loo=

diff --git a/pkg/server/generated/client.go b/pkg/server/generated/client.go
diff --git a/pkg/server/generated/router.go b/pkg/server/generated/router.go
diff --git a/pkg/server/generated/schema.go b/pkg/server/generated/schema.go
diff --git a/pkg/server/generated/types.go b/pkg/server/generated/types.go
diff --git a/pkg/server/handler/cluster/client.go b/pkg/server/handler/cluster/client.go
@@ -83,12 +83,12 @@ func NewClient(client client.Client, options *Options) *Client {
 }
 
 // List returns all clusters owned by the implicit control plane.
-func (c *Client) List(ctx context.Context) ([]*generated.KubernetesCluster, error) {
+func (c *Client) List(ctx context.Context, organizationName string) ([]*generated.KubernetesCluster, error) {
 	selector := labels.NewSelector()
 
 	// TODO: a super-admin isn't scoped to a single organization!
 	// TODO: RBAC - filter projects based on user membership here.
-	organization, err := organization.NewClient(c.client).GetMetadata(ctx)
+	organization, err := organization.NewClient(c.client).GetMetadata(ctx, organizationName)
 	if err != nil {
 		return nil, err
 	}
@@ -136,8 +136,8 @@ func (c *Client) get(ctx context.Context, namespace, name string) (*unikornv1.Ku
 }
 
 // GetKubeconfig returns the kubernetes configuation associated with a cluster.
-func (c *Client) GetKubeconfig(ctx context.Context, projectName generated.ProjectNameParameter, name generated.ClusterNameParameter) ([]byte, error) {
-	project, err := project.NewClient(c.client).GetMetadata(ctx, projectName)
+func (c *Client) GetKubeconfig(ctx context.Context, organizationName, projectName, name string) ([]byte, error) {
+	project, err := project.NewClient(c.client).GetMetadata(ctx, organizationName, projectName)
 	if err != nil {
 		return nil, err
 	}
@@ -213,8 +213,8 @@ func (c *Client) createServerGroup(ctx context.Context, provider *openstack.Open
 */
 
 // Create creates the implicit cluster indentified by the JTW claims.
-func (c *Client) Create(ctx context.Context, projectName generated.ProjectNameParameter, options *generated.KubernetesCluster) error {
-	project, err := project.NewClient(c.client).GetMetadata(ctx, projectName)
+func (c *Client) Create(ctx context.Context, organizationName, projectName string, options *generated.KubernetesCluster) error {
+	project, err := project.NewClient(c.client).GetMetadata(ctx, organizationName, projectName)
 	if err != nil {
 		return err
 	}
@@ -226,7 +226,7 @@ func (c *Client) Create(ctx context.Context, projectName generated.ProjectNamePa
 		clusterManagerName = *options.ClusterManager
 	}
 
-	if _, err := clustermanager.NewClient(c.client).GetOrCreateMetadata(ctx, project.Name, clusterManagerName); err != nil {
+	if _, err := clustermanager.NewClient(c.client).GetOrCreateMetadata(ctx, organizationName, project.Name, clusterManagerName); err != nil {
 		return err
 	}
 
@@ -261,8 +261,8 @@ func (c *Client) Create(ctx context.Context, projectName generated.ProjectNamePa
 }
 
 // Delete deletes the implicit cluster indentified by the JTW claims.
-func (c *Client) Delete(ctx context.Context, projectName generated.ProjectNameParameter, name generated.ClusterNameParameter) error {
-	project, err := project.NewClient(c.client).GetMetadata(ctx, projectName)
+func (c *Client) Delete(ctx context.Context, organizationName, projectName, name string) error {
+	project, err := project.NewClient(c.client).GetMetadata(ctx, organizationName, projectName)
 	if err != nil {
 		return err
 	}
@@ -290,8 +290,8 @@ func (c *Client) Delete(ctx context.Context, projectName generated.ProjectNamePa
 }
 
 // Update implements read/modify/write for the cluster.
-func (c *Client) Update(ctx context.Context, projectName generated.ProjectNameParameter, name generated.ClusterNameParameter, request *generated.KubernetesCluster) error {
-	project, err := project.NewClient(c.client).GetMetadata(ctx, projectName)
+func (c *Client) Update(ctx context.Context, organizationName, projectName, name string, request *generated.KubernetesCluster) error {
+	project, err := project.NewClient(c.client).GetMetadata(ctx, organizationName, projectName)
 	if err != nil {
 		return err
 	}

diff --git a/pkg/server/handler/clustermanager/client.go b/pkg/server/handler/clustermanager/client.go
@@ -84,7 +84,7 @@ var (
 
 // provisionDefaultClusterManager is called when a cluster creation call is made and the
 // control plane does not exist.
-func (c *Client) provisionDefaultClusterManager(ctx context.Context, projectName, name string) error {
+func (c *Client) provisionDefaultClusterManager(ctx context.Context, organizationName, projectName, name string) error {
 	log := log.FromContext(ctx)
 
 	log.Info("creating implicit control plane", "name", name)
@@ -96,16 +96,16 @@ func (c *Client) provisionDefaultClusterManager(ctx context.Context, projectName
 		Name: name,
 	}
 
-	if err := c.Create(ctx, projectName, defaultClusterManager); err != nil {
+	if err := c.Create(ctx, organizationName, projectName, defaultClusterManager); err != nil {
 		return err
 	}
 
 	return nil
 }
 
 // GetMetadata retrieves the control plane metadata.
-func (c *Client) GetMetadata(ctx context.Context, projectName, name string) (*Meta, error) {
-	project, err := project.NewClient(c.client).GetMetadata(ctx, projectName)
+func (c *Client) GetMetadata(ctx context.Context, organizationName, projectName, name string) (*Meta, error) {
+	project, err := project.NewClient(c.client).GetMetadata(ctx, organizationName, projectName)
 	if err != nil {
 		return nil, err
 	}
@@ -124,8 +124,8 @@ func (c *Client) GetMetadata(ctx context.Context, projectName, name string) (*Me
 	return metadata, nil
 }
 
-func (c *Client) GetOrCreateMetadata(ctx context.Context, projectName, name string) (*Meta, error) {
-	project, err := project.NewClient(c.client).GetMetadata(ctx, projectName)
+func (c *Client) GetOrCreateMetadata(ctx context.Context, organizationName, projectName, name string) (*Meta, error) {
+	project, err := project.NewClient(c.client).GetMetadata(ctx, organizationName, projectName)
 	if err != nil {
 		return nil, err
 	}
@@ -136,7 +136,7 @@ func (c *Client) GetOrCreateMetadata(ctx context.Context, projectName, name stri
 			return nil, err
 		}
 
-		if err := c.provisionDefaultClusterManager(ctx, projectName, name); err != nil {
+		if err := c.provisionDefaultClusterManager(ctx, organizationName, projectName, name); err != nil {
 			return nil, err
 		}
 	}
@@ -234,12 +234,12 @@ func (c *Client) convertList(in *unikornv1.ClusterManagerList) ([]*generated.Clu
 }
 
 // List returns all control planes.
-func (c *Client) List(ctx context.Context) ([]*generated.ClusterManager, error) {
+func (c *Client) List(ctx context.Context, organizationName string) ([]*generated.ClusterManager, error) {
 	selector := labels.NewSelector()
 
 	// TODO: a super-admin isn't scoped to a single organization!
 	// TODO: RBAC - filter projects based on user membership here.
-	organization, err := organization.NewClient(c.client).GetMetadata(ctx)
+	organization, err := organization.NewClient(c.client).GetMetadata(ctx, organizationName)
 	if err != nil {
 		return nil, err
 	}
@@ -341,8 +341,8 @@ func (c *Client) generate(ctx context.Context, project *project.Meta, parameters
 }
 
 // Create creates a control plane.
-func (c *Client) Create(ctx context.Context, projectName generated.ProjectNameParameter, request *generated.ClusterManager) error {
-	project, err := project.NewClient(c.client).GetMetadata(ctx, projectName)
+func (c *Client) Create(ctx context.Context, organizationName, projectName string, request *generated.ClusterManager) error {
+	project, err := project.NewClient(c.client).GetMetadata(ctx, organizationName, projectName)
 	if err != nil {
 		return err
 	}
@@ -369,8 +369,8 @@ func (c *Client) Create(ctx context.Context, projectName generated.ProjectNamePa
 }
 
 // Delete deletes the control plane.
-func (c *Client) Delete(ctx context.Context, projectName generated.ProjectNameParameter, name generated.ClusterManagerNameParameter) error {
-	project, err := project.NewClient(c.client).GetMetadata(ctx, projectName)
+func (c *Client) Delete(ctx context.Context, organizationName, projectName, name string) error {
+	project, err := project.NewClient(c.client).GetMetadata(ctx, organizationName, projectName)
 	if err != nil {
 		return err
 	}
@@ -398,8 +398,8 @@ func (c *Client) Delete(ctx context.Context, projectName generated.ProjectNamePa
 }
 
 // Update implements read/modify/write for the control plane.
-func (c *Client) Update(ctx context.Context, projectName generated.ProjectNameParameter, name generated.ClusterManagerNameParameter, request *generated.ClusterManager) error {
-	project, err := project.NewClient(c.client).GetMetadata(ctx, projectName)
+func (c *Client) Update(ctx context.Context, organizationName, projectName, name string, request *generated.ClusterManager) error {
+	project, err := project.NewClient(c.client).GetMetadata(ctx, organizationName, projectName)
 	if err != nil {
 		return err
 	}