Skip to content

Commit

Permalink
vcluster license initalization / loader refactor (#2320)
Browse files Browse the repository at this point in the history
* adjust license pro functions to the changes made in the vcluster-pro refactor

Signed-off-by: Paweł Bojanowski <[email protected]>

* return error from license.Init

Signed-off-by: Paweł Bojanowski <[email protected]>

* refactor: use delegate for platform authentication

---------

Signed-off-by: Paweł Bojanowski <[email protected]>
Co-authored-by: Fabian Kramm <[email protected]>
  • Loading branch information
hidalgopl and FabianKramm authored Dec 10, 2024
1 parent 4f11a08 commit 1484731
Show file tree
Hide file tree
Showing 5 changed files with 54 additions and 32 deletions.
22 changes: 8 additions & 14 deletions cmd/vcluster/cmd/start.go
Original file line number Diff line number Diff line change
Expand Up @@ -81,34 +81,28 @@ func ExecuteStart(ctx context.Context, options *StartOptions) error {
}()

// initialize feature gate from environment
err = pro.LicenseInit(ctx, vConfig)
if err != nil {
return fmt.Errorf("init license: %w", err)
}

// set features for plugins to recognize
plugin.DefaultManager.SetProFeatures(pro.LicenseFeatures())

// connect to vCluster platform if configured
startPlatformServersAndControllers, err := pro.ConnectToPlatform(ctx, vConfig)
if err != nil {
return fmt.Errorf("connect to platform: %w", err)
if err := pro.LicenseInit(ctx, vConfig); err != nil {
return fmt.Errorf("license init: %w", err)
}

err = setup.Initialize(ctx, vConfig)
if err != nil {
return fmt.Errorf("initialize: %w", err)
}

// set features for plugins to recognize
plugin.DefaultManager.SetProFeatures(pro.LicenseFeatures())

// build controller context
controllerCtx, err := setup.NewControllerContext(ctx, vConfig)
if err != nil {
return fmt.Errorf("create controller context: %w", err)
}

err = startPlatformServersAndControllers(controllerCtx.VirtualManager)
// start license loader
err = pro.LicenseStart(controllerCtx)
if err != nil {
return fmt.Errorf("start platform controllers: %w", err)
return fmt.Errorf("start license loader: %w", err)
}

// start integrations
Expand Down
36 changes: 36 additions & 0 deletions pkg/authentication/platformauthenticator/platformauthenticator.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
package platformauthenticator

import (
"net/http"
"sync"

"k8s.io/apiserver/pkg/authentication/authenticator"
)

var Default = &PlatformAuthenticator{}

var _ authenticator.Request = &PlatformAuthenticator{}

type PlatformAuthenticator struct {
m sync.RWMutex

delegate authenticator.Request
}

func (p *PlatformAuthenticator) SetDelegate(delegate authenticator.Request) {
p.m.Lock()
defer p.m.Unlock()

p.delegate = delegate
}

func (p *PlatformAuthenticator) AuthenticateRequest(req *http.Request) (*authenticator.Response, bool, error) {
p.m.RLock()
defer p.m.RUnlock()

if p.delegate == nil {
return nil, false, nil
}

return p.delegate.AuthenticateRequest(req)
}
10 changes: 8 additions & 2 deletions pkg/pro/license.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,14 +4,20 @@ import (
"context"

"github.com/loft-sh/vcluster/pkg/config"
"github.com/loft-sh/vcluster/pkg/syncer/synccontext"
)

// LicenseInit is used to initialize the license reader
// LicenseInit is used to initialize the license loader
var LicenseInit = func(_ context.Context, _ *config.VirtualClusterConfig) error {
return nil
}

// LicenseFeatures is used to retrieve all enabled features
// LicenseStart is used to start license loader
var LicenseStart = func(_ *synccontext.ControllerContext) error {
return nil
}

// LicenseFeatures returns a map of featureName: enabled / disabled
var LicenseFeatures = func() map[string]bool {
return make(map[string]bool)
}
12 changes: 0 additions & 12 deletions pkg/pro/platform.go

This file was deleted.

6 changes: 2 additions & 4 deletions pkg/server/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ import (
"time"

"github.com/loft-sh/vcluster/pkg/authentication/delegatingauthenticator"
"github.com/loft-sh/vcluster/pkg/authentication/platformauthenticator"
"github.com/loft-sh/vcluster/pkg/authorization/allowall"
"github.com/loft-sh/vcluster/pkg/authorization/delegatingauthorizer"
"github.com/loft-sh/vcluster/pkg/authorization/impersonationauthorizer"
Expand Down Expand Up @@ -52,9 +53,6 @@ import (
"sigs.k8s.io/controller-runtime/pkg/client"
)

// ExtraAuthenticators are extra authenticators that should be added to the server
var ExtraAuthenticators []authenticator.Request

// Server is a http.Handler which proxies Kubernetes APIs to remote API server.
type Server struct {
uncachedVirtualClient client.Client
Expand Down Expand Up @@ -232,7 +230,7 @@ func (s *Server) ServeOnListenerTLS(address string, port int, stopChan <-chan st
// 3. last is the certificate authenticator
authenticators := []authenticator.Request{}
authenticators = append(authenticators, delegatingauthenticator.New(s.uncachedVirtualClient))
authenticators = append(authenticators, ExtraAuthenticators...)
authenticators = append(authenticators, platformauthenticator.Default)
authenticators = append(authenticators, serverConfig.Authentication.Authenticator)
serverConfig.Authentication.Authenticator = unionauthentication.NewFailOnError(authenticators...)

Expand Down

0 comments on commit 1484731

Please sign in to comment.