mvp working creation of proxy provider
This commit is contained in:
@@ -17,10 +17,14 @@ limitations under the License.
|
||||
package main
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"flag"
|
||||
"net/url"
|
||||
"os"
|
||||
"time"
|
||||
|
||||
"gitea.t000-n.de/t.behrendt/authentik-kubernetes-operator/pkg/signals"
|
||||
authentikapi "goauthentik.io/api/v3"
|
||||
kubeinformers "k8s.io/client-go/informers"
|
||||
"k8s.io/client-go/kubernetes"
|
||||
"k8s.io/client-go/tools/clientcmd"
|
||||
@@ -58,23 +62,29 @@ func main() {
|
||||
klog.FlushAndExit(klog.ExitFlushTimeout, 1)
|
||||
}
|
||||
|
||||
operatorClient, err := clientset.NewForConfig(cfg)
|
||||
proxyProviderClient, err := clientset.NewForConfig(cfg)
|
||||
if err != nil {
|
||||
logger.Error(err, "Error building kubernetes clientset")
|
||||
logger.Error(err, "Error building proxy provider clientset")
|
||||
klog.FlushAndExit(klog.ExitFlushTimeout, 1)
|
||||
}
|
||||
|
||||
authentikClient, err := newAuthentikAPIClient(os.Getenv("AUTENTIK_HOST"), os.Getenv("AUTENTIK_TOKEN"))
|
||||
if err != nil {
|
||||
logger.Error(err, "Error building Authentik API client")
|
||||
klog.FlushAndExit(klog.ExitFlushTimeout, 1)
|
||||
}
|
||||
|
||||
kubeInformerFactory := kubeinformers.NewSharedInformerFactory(kubeClient, time.Second*30)
|
||||
operatorInformerFactory := informers.NewSharedInformerFactory(operatorClient, time.Second*30)
|
||||
proxyProviderInformerFactory := informers.NewSharedInformerFactory(proxyProviderClient, time.Second*30)
|
||||
|
||||
controller := NewController(ctx, kubeClient, operatorClient,
|
||||
controller := NewController(ctx, kubeClient, proxyProviderClient, authentikClient,
|
||||
kubeInformerFactory.Apps().V1().Deployments(),
|
||||
operatorInformerFactory.Proxyprovider().V1().ProxyProviders())
|
||||
proxyProviderInformerFactory.Proxyprovider().V1().ProxyProviders())
|
||||
|
||||
// notice that there is no need to run Start methods in a separate goroutine. (i.e. go kubeInformerFactory.Start(ctx.done())
|
||||
// Start method is non-blocking and runs all registered informers in a dedicated goroutine.
|
||||
kubeInformerFactory.Start(ctx.Done())
|
||||
operatorInformerFactory.Start(ctx.Done())
|
||||
proxyProviderInformerFactory.Start(ctx.Done())
|
||||
|
||||
if err = controller.Run(ctx, 2); err != nil {
|
||||
logger.Error(err, "Error running controller")
|
||||
@@ -86,3 +96,27 @@ func init() {
|
||||
flag.StringVar(&kubeconfig, "kubeconfig", "", "Path to a kubeconfig. Only required if out-of-cluster.")
|
||||
flag.StringVar(&masterURL, "master", "", "The address of the Kubernetes API server. Overrides any value in kubeconfig. Only required if out-of-cluster.")
|
||||
}
|
||||
|
||||
// newAuthentikAPIClient builds the OpenAPI-generated goauthentik client when AUTENTIK_HOST is set.
|
||||
func newAuthentikAPIClient(host, token string) (*authentikapi.APIClient, error) {
|
||||
if host == "" {
|
||||
return nil, errors.New("authentik host is not set")
|
||||
}
|
||||
cfg := authentikapi.NewConfiguration()
|
||||
if u, err := url.Parse(host); err == nil && u.Host != "" {
|
||||
cfg.Scheme = u.Scheme
|
||||
if cfg.Scheme == "" {
|
||||
cfg.Scheme = "https"
|
||||
}
|
||||
cfg.Host = u.Host
|
||||
} else {
|
||||
cfg.Scheme = "https"
|
||||
cfg.Host = host
|
||||
}
|
||||
if token == "" {
|
||||
return nil, errors.New("authentik token is not set")
|
||||
}
|
||||
cfg.AddDefaultHeader("Authorization", "Bearer "+token)
|
||||
|
||||
return authentikapi.NewAPIClient(cfg), nil
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user