Add openshift-integrated-oauth-server command #21987

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged

openshift-merge-robot merged 4 commits into openshift:master from enj:enj/i/osin_server_binary

Feb 28, 2019

cmd/hypershift/main.go

-Original file line number
+Diff line change
@@ Expand Up / @@ -8,8 +8,6 @@ import ( @@
     	"runtime"
     	"time"
-    	"github.com/openshift/origin/pkg/cmd/openshift-osinserver"
     	"github.com/spf13/cobra"
     	"github.com/spf13/pflag"
@@ Expand All / @@ -21,6 +19,7 @@ import ( @@
     	"github.com/openshift/origin/pkg/cmd/openshift-apiserver"
     	"github.com/openshift/origin/pkg/cmd/openshift-controller-manager"
     	"github.com/openshift/origin/pkg/cmd/openshift-etcd"
+    	"github.com/openshift/origin/pkg/cmd/openshift-integrated-oauth-server"
     	"github.com/openshift/origin/pkg/cmd/openshift-kube-apiserver"
     	"github.com/openshift/origin/pkg/cmd/openshift-network-controller"
     	"github.com/openshift/origin/pkg/version"
@@ Expand Down Expand Up @@
     	startOpenShiftNetworkController := openshift_network_controller.NewOpenShiftNetworkControllerCommand(openshift_network_controller.RecommendedStartNetworkControllerName, "hypershift", os.Stdout, os.Stderr)
     	cmd.AddCommand(startOpenShiftNetworkController)
-    	startOsin := openshift_osinserver.NewOpenShiftOsinServer(os.Stdout, os.Stderr, stopCh)
+    	startOsin := openshift_integrated_oauth_server.NewOsinServer(os.Stdout, os.Stderr, stopCh)
+    	startOsin.Use = "openshift-osinserver"
     	startOsin.Deprecated = "will be removed in 4.0"
     	startOsin.Hidden = true
     	cmd.AddCommand(startOsin)
@@ Expand Down @@

cmd/openshift-integrated-oauth-server/OWNERS

-Original file line number
+Diff line change
@@ -0,0 +1,7 @@
+    reviewers:
+      - enj
+      - ericavonb
+      - mrogers950
+      - stlaz
+    approvers:
+      - enj

cmd/openshift-integrated-oauth-server/main.go

-Original file line number
+Diff line change
@@ -0,0 +1,61 @@
+    package main
+    import (
+    	goflag "flag"
+    	"fmt"
+    	"math/rand"
+    	"os"
+    	"runtime"
+    	"time"
+    	"github.com/spf13/cobra"
+    	"github.com/spf13/pflag"
+    	genericapiserver "k8s.io/apiserver/pkg/server"
+    	utilflag "k8s.io/apiserver/pkg/util/flag"
+    	"k8s.io/apiserver/pkg/util/logs"
+    	"github.com/openshift/library-go/pkg/serviceability"
+    	"github.com/openshift/origin/pkg/cmd/openshift-integrated-oauth-server"
+    	"github.com/openshift/origin/pkg/version"
+    )
+    func main() {
+    	stopCh := genericapiserver.SetupSignalHandler()
+    	rand.Seed(time.Now().UTC().UnixNano())
+    	pflag.CommandLine.SetNormalizeFunc(utilflag.WordSepNormalizeFunc)
+    	pflag.CommandLine.AddGoFlagSet(goflag.CommandLine)
+    	logs.InitLogs()
+    	defer logs.FlushLogs()
+    	defer serviceability.BehaviorOnPanic(os.Getenv("OPENSHIFT_ON_PANIC"), version.Get())()
+    	defer serviceability.Profile(os.Getenv("OPENSHIFT_PROFILE")).Stop()
+    	if len(os.Getenv("GOMAXPROCS")) == 0 {
+    		runtime.GOMAXPROCS(runtime.NumCPU())
+    	}
+    	command := NewOpenshiftIntegratedOAuthServerCommand(stopCh)
+    	if err := command.Execute(); err != nil {
+    		fmt.Fprintf(os.Stderr, "%v\n", err)
+    		os.Exit(1)
+    	}
+    }
+    func NewOpenshiftIntegratedOAuthServerCommand(stopCh <-chan struct{}) *cobra.Command {
+    	cmd := &cobra.Command{
+    		Use:   "openshift-integrated-oauth-server",
+    		Short: "Command for the OpenShift integrated OAuth server",
+    		Run: func(cmd *cobra.Command, args []string) {
+    			cmd.Help()
+    			os.Exit(1)
+    		},
+    	}
+    	startOsin := openshift_integrated_oauth_server.NewOsinServer(os.Stdout, os.Stderr, stopCh)
+    	cmd.AddCommand(startOsin)
+    	return cmd
+    }

hack/import-restrictions.json

-Original file line number
+Diff line change
@@ Expand Up / @@ -151,6 +151,7 @@ @@
           "github.com/openshift/origin/pkg/apiserver/authentication/oauth",
           "github.com/openshift/origin/pkg/oauth/apis/oauth/validation",
+          "github.com/openshift/origin/pkg/cmd/openshift-integrated-oauth-server",
           "github.com/openshift/origin/pkg/cmd/openshift-kube-apiserver/openshiftkubeapiserver",
           "github.com/openshift/origin/pkg/cmd/server/origin",
           "github.com/openshift/origin/pkg/cmd/server/apis/config/validation",
@@ Expand Down @@

hack/lib/constants.sh

-Original file line number
+Diff line change
@@ Expand Up / @@ -39,6 +39,7 @@ readonly OS_IMAGE_COMPILE_TARGETS_LINUX=( @@
       cmd/openshift-sdn
       cmd/openshift-tests
       cmd/openshift
+      cmd/openshift-integrated-oauth-server
       vendor/k8s.io/kubernetes/cmd/hyperkube
     )
     readonly OS_SCRATCH_IMAGE_COMPILE_TARGETS_LINUX=(
@@ Expand Down @@

pkg/cmd/openshift-integrated-oauth-server/OWNERS

-Original file line number
+Diff line change
@@ -0,0 +1,7 @@
+    reviewers:
+      - enj
+      - ericavonb
+      - mrogers950
+      - stlaz
+    approvers:
+      - enj

pkg/cmd/openshift-osinserver/cmd.go → .../openshift-integrated-oauth-server/cmd.go

-Original file line number
+Diff line change
@@ -1,12 +1,12 @@
-    package openshift_osinserver
+    package openshift_integrated_oauth_server
     import (
+    	"encoding/json"
     	"errors"
     	"fmt"
     	"io"
     	"io/ioutil"
     	"os"
-    	"path"
     	"github.com/golang/glog"
     	"github.com/spf13/cobra"
@@ Expand All / @@ -15,29 +15,24 @@ import ( @@
     	"k8s.io/apimachinery/pkg/runtime"
     	"k8s.io/apimachinery/pkg/runtime/serializer"
     	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
-    	"k8s.io/client-go/tools/clientcmd/api"
     	"k8s.io/kubernetes/pkg/api/legacyscheme"
     	kcmdutil "k8s.io/kubernetes/pkg/kubectl/cmd/util"
     	configv1 "github.com/openshift/api/config/v1"
-    	kubecontrolplanev1 "github.com/openshift/api/kubecontrolplane/v1"
     	osinv1 "github.com/openshift/api/osin/v1"
-    	"github.com/openshift/library-go/pkg/config/helpers"
     	"github.com/openshift/library-go/pkg/serviceability"
     	"github.com/openshift/origin/pkg/api/legacy"
-    	"github.com/openshift/origin/pkg/cmd/openshift-kube-apiserver/configdefault"
-    	"github.com/openshift/origin/pkg/configconversion"
     )
-    type OpenShiftOsinServer struct {
+    type OsinServer struct {
     	ConfigFile string
     }
-    func NewOpenShiftOsinServer(out, errout io.Writer, stopCh <-chan struct{}) *cobra.Command {
-    	options := &OpenShiftOsinServer{}
+    func NewOsinServer(out, errout io.Writer, stopCh <-chan struct{}) *cobra.Command {
+    	options := &OsinServer{}
     	cmd := &cobra.Command{
-    		Use:   "openshift-osinserver",
+    		Use:   "osinserver",
     		Short: "Launch OpenShift osin server",
     		Run: func(c *cobra.Command, args []string) {
     			legacy.InstallInternalLegacyAll(legacyscheme.Scheme)
@@ Expand Down Expand Up @@
     	return cmd
     }
-    func (o *OpenShiftOsinServer) Validate() error {
+    func (o *OsinServer) Validate() error {
     	if len(o.ConfigFile) == 0 {
     		return errors.New("--config is required for this command")
     	}
     	return nil
     }
-    func (o *OpenShiftOsinServer) RunOsinServer(stopCh <-chan struct{}) error {
-    	// try to decode into our new types first.  right now there is no validation, no file path resolution.  this unsticks the operator to start.
-    	// TODO add those things
+    func (o *OsinServer) RunOsinServer(stopCh <-chan struct{}) error {
     	configContent, err := ioutil.ReadFile(o.ConfigFile)
     	if err != nil {
     		return err
     	}
     	// TODO this probably needs to be updated to a container inside openshift/api/osin/v1
     	scheme := runtime.NewScheme()
-    	utilruntime.Must(kubecontrolplanev1.Install(scheme))
+    	utilruntime.Must(osinv1.Install(scheme))
     	codecs := serializer.NewCodecFactory(scheme)
-    	obj, err := runtime.Decode(codecs.UniversalDecoder(kubecontrolplanev1.GroupVersion, configv1.GroupVersion, osinv1.GroupVersion), configContent)
+    	obj, err := runtime.Decode(codecs.UniversalDecoder(osinv1.GroupVersion, configv1.GroupVersion), configContent)
     	if err != nil {
-    		return err
-    	}
-    	// Resolve relative to CWD
-    	absoluteConfigFile, err := api.MakeAbs(o.ConfigFile, "")
-    	if err != nil {
-    		return err
+    		// TODO drop this code once we remove the hypershift path
+    		obj = &osinv1.OsinServerConfig{}
+    		if jsonErr := json.Unmarshal(configContent, obj); jsonErr != nil {
+    			glog.Errorf("osin config parse error: %v", jsonErr)
+    			return err
+    		}
+    		// return err
     	}
-    	configFileLocation := path.Dir(absoluteConfigFile)
-    	// TODO this is our pretend OsinServerConfig
-    	config := obj.(*kubecontrolplanev1.KubeAPIServerConfig)
-    	if err := helpers.ResolvePaths(configconversion.GetKubeAPIServerConfigFileReferences(config), configFileLocation); err != nil {
-    		return err
+    	config, ok := obj.(*osinv1.OsinServerConfig)
+    	if !ok {
+    		return fmt.Errorf("expected OsinServerConfig, got %T", config)
     	}
-    	configdefault.SetRecommendedKubeAPIServerConfigDefaults(config)
-    	return RunOpenShiftOsinServer(config, stopCh)
+    	return RunOsinServer(config, stopCh)
     }

pkg/cmd/openshift-osinserver/server.go → ...enshift-integrated-oauth-server/server.go

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -1,12 +1,12 @@
  
    package openshift_osinserver

    package openshift_integrated_oauth_server

    import (

    	"errors"

    	genericapiserver "k8s.io/apiserver/pkg/server"

    	"k8s.io/kubernetes/pkg/api/legacyscheme"

    	kubecontrolplanev1 "github.com/openshift/api/kubecontrolplane/v1"

    	osinv1 "github.com/openshift/api/osin/v1"

    	"github.com/openshift/library-go/pkg/config/helpers"

    	"github.com/openshift/origin/pkg/cmd/openshift-apiserver/openshiftapiserver/configprocessing"

    	"github.com/openshift/origin/pkg/oauthserver/oauthserver"

    @@ -15,8 +15,8 @@ import (
  
    	_ "k8s.io/kubernetes/pkg/client/metrics/prometheus"

    )

    func RunOpenShiftOsinServer(osinConfig *kubecontrolplanev1.KubeAPIServerConfig, stopCh <-chan struct{}) error {

    	if osinConfig == nil || osinConfig.OAuthConfig == nil {

    func RunOsinServer(osinConfig *osinv1.OsinServerConfig, stopCh <-chan struct{}) error {

    	if osinConfig == nil {

    		return errors.New("osin server requires non-empty oauthConfig")

    	}

    @@ -35,7 +35,7 @@ func RunOpenShiftOsinServer(osinConfig *kubecontrolplanev1.KubeAPIServerConfig,
  
    	return oauthServer.GenericAPIServer.PrepareRun().Run(stopCh)

    }

    func newOAuthServerConfig(osinConfig *kubecontrolplanev1.KubeAPIServerConfig) (*oauthserver.OAuthServerConfig, error) {

    func newOAuthServerConfig(osinConfig *osinv1.OsinServerConfig) (*oauthserver.OAuthServerConfig, error) {

    	genericConfig := genericapiserver.NewRecommendedConfig(legacyscheme.Codecs)

    	servingOptions, err := configprocessing.ToServingOptions(osinConfig.ServingInfo)

    @@ -52,7 +52,7 @@ func newOAuthServerConfig(osinConfig *kubecontrolplanev1.KubeAPIServerConfig) (*
  
    		return nil, err

    	}

    	oauthServerConfig, err := oauthserver.NewOAuthServerConfig(*osinConfig.OAuthConfig, kubeClientConfig)

    	oauthServerConfig, err := oauthserver.NewOAuthServerConfig(osinConfig.OAuthConfig, kubeClientConfig)

    	if err != nil {

    		return nil, err

    	}

pkg/oauthserver/oauthserver/auth.go

-Original file line number
+Diff line change
@@ Expand Up @@
     	)
     	server.Install(mux, urls.OpenShiftOAuthAPIPrefix)
-    	tokenRequestEndpoints := tokenrequest.NewEndpoints(c.ExtraOAuthConfig.Options.MasterPublicURL, openShiftLogoutPrefix, c.getOsinOAuthClient, c.ExtraOAuthConfig.OAuthAccessTokenClient)
+    	loginURL := c.ExtraOAuthConfig.Options.LoginURL
+    	if len(loginURL) == 0 {
+    		loginURL = c.ExtraOAuthConfig.Options.MasterPublicURL
+    	}
+    	tokenRequestEndpoints := tokenrequest.NewEndpoints(loginURL, openShiftLogoutPrefix, c.getOsinOAuthClient, c.ExtraOAuthConfig.OAuthAccessTokenClient)
     	tokenRequestEndpoints.Install(mux, urls.OpenShiftOAuthAPIPrefix)
     	if session := c.ExtraOAuthConfig.SessionAuth; session != nil {
@@ Expand Down @@

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add openshift-integrated-oauth-server command #21987

Uh oh!

Diff view

Diff view

There are no files selected for viewing

Uh oh!

Uh oh!

Uh oh!