diff --git a/api/server.go b/api/server.go index e5300c2..055b77d 100644 --- a/api/server.go +++ b/api/server.go @@ -6,27 +6,30 @@ import ( "os" "github.com/ant0ine/go-json-rest/rest" - "github.com/cloud66/habitus/build" + "github.com/cloud66/habitus/configuration" + "github.com/cloud66/habitus/secrets" ) var ( - VERSION string = "dev" + VERSION string = "dev" ) - type Server struct { - Builder *build.Builder + Conf *configuration.Server + secretProviders map[string]secrets.SecretProvider } func (s *Server) StartServer(version string) error { VERSION = version secret_api := rest.NewApi() - if s.Builder.Conf.UseAuthenticatedSecretServer { + s.secretProviders = secrets.GetProviders() + + if s.Conf.UseAuthenticatedSecretServer { secret_api.Use(&rest.AuthBasicMiddleware{ Realm: "Habitus secret service", Authenticator: func(userId string, password string) bool { - if userId == s.Builder.Conf.AuthenticatedSecretServerUser && password == s.Builder.Conf.AuthenticatedSecretServerPassword { + if userId == s.Conf.AuthenticatedSecretServerUser && password == s.Conf.AuthenticatedSecretServerPassword { return true } return false @@ -34,7 +37,6 @@ func (s *Server) StartServer(version string) error { }) } - router, err := rest.MakeRouter( // system &rest.Route{"GET", "/v1/ping", s.ping}, @@ -51,11 +53,11 @@ func (s *Server) StartServer(version string) error { secret_api.SetApp(router) go func() { - s.Builder.Conf.Logger.Infof("Starting API on %d", s.Builder.Conf.ApiPort) + s.Conf.Logger.Infof("Starting API on %d", s.Conf.ApiPort) // 192.168.99.1 - if err := http.ListenAndServe(fmt.Sprintf("%s:%d", s.Builder.Conf.ApiBinding, s.Builder.Conf.ApiPort), secret_api.MakeHandler()); err != nil { - s.Builder.Conf.Logger.Errorf("Failed to start API %s", err.Error()) + if err := http.ListenAndServe(fmt.Sprintf("%s:%d", s.Conf.ApiBinding, s.Conf.ApiPort), secret_api.MakeHandler()); err != nil { + s.Conf.Logger.Errorf("Failed to start API %s", err.Error()) os.Exit(2) } @@ -74,7 +76,7 @@ func (a *Server) version(w rest.ResponseWriter, r *rest.Request) { func (a *Server) serveSecret(w rest.ResponseWriter, r *rest.Request) { // get the provider - provider := a.Builder.Build.SecretProviders[r.PathParam("type")] + provider := a.secretProviders[r.PathParam("type")] result, err := provider.GetSecret(r.PathParam("name")) if err != nil { rest.Error(w, err.Error(), http.StatusBadRequest) diff --git a/build.yml b/build.yml index 043d8b8..936d27d 100644 --- a/build.yml +++ b/build.yml @@ -13,4 +13,9 @@ build: dockerfile: Dockerfile.crosscompile artifacts: # copy all the artifacts from the compiled folder - - /usr/local/go/src/github.com/cloud66/habitus/compiled:. \ No newline at end of file + - /usr/local/go/src/github.com/cloud66/habitus/compiled:. + server: + name: server + depends_on: + - crosscompile + dockerfile: Dockerfile.server diff --git a/build/manifest.go b/build/manifest.go index b1ad7ca..e9df9a3 100644 --- a/build/manifest.go +++ b/build/manifest.go @@ -134,10 +134,8 @@ func LoadBuildFromFile(config *configuration.Config) (*Manifest, error) { func (n *namespace) convertToBuild(version string) (*Manifest, error) { manifest := Manifest{ - SecretProviders: make(map[string]secrets.SecretProvider), + SecretProviders: secrets.GetProviders(), } - manifest.SecretProviders["file"] = &secrets.FileProvider{} - manifest.SecretProviders["env"] = &secrets.EnvProvider{} manifest.IsPrivileged = false manifest.Steps = []Step{} diff --git a/configuration/config.go b/configuration/config.go index ecb0823..15a5ef4 100644 --- a/configuration/config.go +++ b/configuration/config.go @@ -14,39 +14,44 @@ type TupleItem struct { type TupleArray []TupleItem -// Config stores application configurations -type Config struct { - Buildfile string - Workdir string - NoCache bool - SuppressOutput bool - RmTmpContainers bool - ForceRmTmpContainer bool - UniqueID string - Logger logging.Logger - DockerHost string - DockerCert string - EnvVars TupleArray - BuildArgs TupleArray - KeepSteps bool - KeepArtifacts bool - Network string - NoSquash bool - NoPruneRmImages bool - UseTLS bool - UseStatForPermissions bool - FroceRmImages bool - ApiPort int +type Server struct { ApiBinding string - SecretService bool - AllowAfterBuildCommands bool - SecretProviders string - DockerMemory string - DockerCPUSetCPUs string - DockerCPUShares int - UseAuthenticatedSecretServer bool - AuthenticatedSecretServerPassword string + ApiPort int AuthenticatedSecretServerUser string + AuthenticatedSecretServerPassword string + Logger logging.Logger + UseAuthenticatedSecretServer bool +} + +// Config stores application configurations +type Config struct { + Server + Buildfile string + Workdir string + NoCache bool + SuppressOutput bool + RmTmpContainers bool + ForceRmTmpContainer bool + UniqueID string + Logger logging.Logger + DockerHost string + DockerCert string + EnvVars TupleArray + BuildArgs TupleArray + KeepSteps bool + KeepArtifacts bool + Network string + NoSquash bool + NoPruneRmImages bool + UseTLS bool + UseStatForPermissions bool + FroceRmImages bool + SecretService bool + AllowAfterBuildCommands bool + SecretProviders string + DockerMemory string + DockerCPUSetCPUs string + DockerCPUShares int } func (i *TupleArray) String() string { diff --git a/main.go b/main.go index a0d8f6a..699b8ac 100644 --- a/main.go +++ b/main.go @@ -145,8 +145,9 @@ func main() { if config.SecretService { // start the API - secret_service := &api.Server{Builder: b} - err = secret_service.StartServer(VERSION) + // TODO Wrap this into a docker-container in case of -containerize-server + server := &api.Server{Conf: &b.Conf.Server} + err = server.StartServer(VERSION) if err != nil { log.Fatalf("Cannot start API server due to %s", err.Error()) os.Exit(2) diff --git a/secrets/get_providers.go b/secrets/get_providers.go new file mode 100644 index 0000000..ece7242 --- /dev/null +++ b/secrets/get_providers.go @@ -0,0 +1,8 @@ +package secrets + +func GetProviders() map[string]SecretProvider { + return map[string]SecretProvider{ + "file": &FileProvider{}, + "env": &EnvProvider{}, + } +}