| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298 |
- package loader
- import (
- "errors"
- "fmt"
- "net/http"
- "os"
- "path/filepath"
- "strconv"
- gorillaws "github.com/gorilla/websocket"
- "github.com/porter-dev/api-contracts/generated/go/porter/v1/porterv1connect"
- "github.com/porter-dev/porter/api/server/shared/apierrors/alerter"
- "github.com/porter-dev/porter/api/server/shared/config"
- "github.com/porter-dev/porter/api/server/shared/config/env"
- "github.com/porter-dev/porter/api/server/shared/config/envloader"
- "github.com/porter-dev/porter/api/server/shared/websocket"
- "github.com/porter-dev/porter/internal/adapter"
- "github.com/porter-dev/porter/internal/analytics"
- "github.com/porter-dev/porter/internal/auth/sessionstore"
- "github.com/porter-dev/porter/internal/auth/token"
- "github.com/porter-dev/porter/internal/billing"
- "github.com/porter-dev/porter/internal/helm/urlcache"
- "github.com/porter-dev/porter/internal/integrations/powerdns"
- "github.com/porter-dev/porter/internal/notifier"
- "github.com/porter-dev/porter/internal/notifier/sendgrid"
- "github.com/porter-dev/porter/internal/oauth"
- "github.com/porter-dev/porter/internal/repository/credentials"
- "github.com/porter-dev/porter/internal/repository/gorm"
- "github.com/porter-dev/porter/provisioner/client"
- lr "github.com/porter-dev/porter/pkg/logger"
- pgorm "gorm.io/gorm"
- )
- var (
- InstanceBillingManager billing.BillingManager
- InstanceEnvConf *envloader.EnvConf
- InstanceDB *pgorm.DB
- InstanceCredentialBackend credentials.CredentialStorage
- )
- type EnvConfigLoader struct {
- version string
- }
- func NewEnvLoader(version string) config.ConfigLoader {
- return &EnvConfigLoader{version}
- }
- func sharedInit() {
- var err error
- InstanceEnvConf, _ = envloader.FromEnv()
- InstanceDB, err = adapter.New(InstanceEnvConf.DBConf)
- if err != nil {
- panic(err)
- }
- InstanceBillingManager = &billing.NoopBillingManager{}
- }
- func (e *EnvConfigLoader) LoadConfig() (res *config.Config, err error) {
- // ctx := context.Background()
- envConf := InstanceEnvConf
- sc := envConf.ServerConf
- res = &config.Config{
- Logger: lr.NewConsole(sc.Debug),
- ServerConf: sc,
- DBConf: envConf.DBConf,
- RedisConf: envConf.RedisConf,
- BillingManager: InstanceBillingManager,
- CredentialBackend: InstanceCredentialBackend,
- }
- res.Logger.Info().Msg("Loading MetadataFromConf")
- res.Metadata = config.MetadataFromConf(envConf.ServerConf, e.version)
- res.Logger.Info().Msg("Loaded MetadataFromConf")
- res.DB = InstanceDB
- // res.Logger.Info().Msg("Starting gorm automigrate")
- // err = gorm.AutoMigrate(InstanceDB, sc.Debug)
- // if err != nil {
- // return nil, err
- // }
- // res.Logger.Info().Msg("Completed gorm automigrate")
- var key [32]byte
- for i, b := range []byte(envConf.DBConf.EncryptionKey) {
- key[i] = b
- }
- res.Logger.Info().Msg("Creating new gorm repository")
- res.Repo = gorm.NewRepository(InstanceDB, &key, InstanceCredentialBackend)
- res.Logger.Info().Msg("Created new gorm repository")
- res.Logger.Info().Msg("Creating new session store")
- // create the session store
- res.Store, err = sessionstore.NewStore(
- &sessionstore.NewStoreOpts{
- SessionRepository: res.Repo.Session(),
- CookieSecrets: envConf.ServerConf.CookieSecrets,
- Insecure: envConf.ServerConf.CookieInsecure,
- },
- )
- if err != nil {
- return nil, err
- }
- res.Logger.Info().Msg("Created new session store")
- res.TokenConf = &token.TokenGeneratorConf{
- TokenSecret: envConf.ServerConf.TokenGeneratorSecret,
- }
- res.UserNotifier = ¬ifier.EmptyUserNotifier{}
- if res.Metadata.Email {
- res.Logger.Info().Msg("Creating new user notifier")
- res.UserNotifier = sendgrid.NewUserNotifier(&sendgrid.UserNotifierOpts{
- SharedOpts: &sendgrid.SharedOpts{
- APIKey: envConf.ServerConf.SendgridAPIKey,
- SenderEmail: envConf.ServerConf.SendgridSenderEmail,
- },
- PWResetTemplateID: envConf.ServerConf.SendgridPWResetTemplateID,
- PWGHTemplateID: envConf.ServerConf.SendgridPWGHTemplateID,
- VerifyEmailTemplateID: envConf.ServerConf.SendgridVerifyEmailTemplateID,
- ProjectInviteTemplateID: envConf.ServerConf.SendgridProjectInviteTemplateID,
- })
- res.Logger.Info().Msg("Created new user notifier")
- }
- res.Alerter = alerter.NoOpAlerter{}
- if envConf.ServerConf.SentryDSN != "" {
- res.Logger.Info().Msg("Creating Sentry Alerter")
- res.Alerter, err = alerter.NewSentryAlerter(envConf.ServerConf.SentryDSN, envConf.ServerConf.SentryEnv)
- if err != nil {
- return nil, fmt.Errorf("failed to create new sentry alerter: %w", err)
- }
- res.Logger.Info().Msg("Created Sentry Alerter")
- }
- if sc.DOClientID != "" && sc.DOClientSecret != "" {
- res.Logger.Info().Msg("Creating Digital Ocean client")
- res.DOConf = oauth.NewDigitalOceanClient(&oauth.Config{
- ClientID: sc.DOClientID,
- ClientSecret: sc.DOClientSecret,
- Scopes: []string{"read", "write"},
- BaseURL: sc.ServerURL,
- })
- res.Logger.Info().Msg("Created Digital Ocean client")
- }
- if sc.GoogleClientID != "" && sc.GoogleClientSecret != "" {
- res.Logger.Info().Msg("Creating Google client")
- res.GoogleConf = oauth.NewGoogleClient(&oauth.Config{
- ClientID: sc.GoogleClientID,
- ClientSecret: sc.GoogleClientSecret,
- Scopes: []string{
- "openid",
- "profile",
- "email",
- },
- BaseURL: sc.ServerURL,
- })
- res.Logger.Info().Msg(" Google client")
- }
- // TODO: remove this as part of POR-1055
- if sc.GithubClientID != "" && sc.GithubClientSecret != "" {
- res.Logger.Info().Msg("Creating Github client")
- res.GithubConf = oauth.NewGithubClient(&oauth.Config{
- ClientID: sc.GithubClientID,
- ClientSecret: sc.GithubClientSecret,
- Scopes: []string{"read:user", "user:email"},
- BaseURL: sc.ServerURL,
- })
- res.Logger.Info().Msg("Created Github client")
- }
- if sc.GithubAppClientID != "" &&
- sc.GithubAppClientSecret != "" &&
- sc.GithubAppName != "" &&
- sc.GithubAppWebhookSecret != "" &&
- sc.GithubAppSecretPath != "" &&
- sc.GithubAppID != "" {
- AppID, err := strconv.Atoi(sc.GithubAppID)
- if err != nil {
- return nil, fmt.Errorf("could not read github App ID: %s", err)
- }
- res.GithubAppConf = oauth.NewGithubAppClient(&oauth.Config{
- ClientID: sc.GithubAppClientID,
- ClientSecret: sc.GithubAppClientSecret,
- Scopes: []string{"read:user"},
- BaseURL: sc.ServerURL,
- }, sc.GithubAppName, sc.GithubAppWebhookSecret, sc.GithubAppSecretPath, int64(AppID))
- }
- if sc.SlackClientID != "" && sc.SlackClientSecret != "" {
- res.Logger.Info().Msg("Creating Slack client")
- res.SlackConf = oauth.NewSlackClient(&oauth.Config{
- ClientID: sc.SlackClientID,
- ClientSecret: sc.SlackClientSecret,
- Scopes: []string{
- "incoming-webhook",
- "team:read",
- },
- BaseURL: sc.ServerURL,
- })
- }
- res.Logger.Info().Msg("Created Slack client")
- res.WSUpgrader = &websocket.Upgrader{
- WSUpgrader: &gorillaws.Upgrader{
- ReadBufferSize: 1024,
- WriteBufferSize: 1024,
- CheckOrigin: func(r *http.Request) bool {
- var err error
- defer func() {
- // TODO: this is only used to collect data for removing the `request origin not allowed by Upgrader.CheckOrigin` error
- if err != nil {
- res.Logger.Info().Msgf("error: %s, host: %s, origin: %s, serverURL: %s", err.Error(), r.Host, r.Header.Get("Origin"), sc.ServerURL)
- }
- }()
- return true
- },
- },
- }
- // construct the whitelisted users map
- wlUsers := make(map[uint]uint)
- for _, userID := range sc.WhitelistedUsers {
- wlUsers[userID] = userID
- }
- res.WhitelistedUsers = wlUsers
- res.Logger.Info().Msg("Creating URL Cache")
- res.URLCache = urlcache.Init(sc.DefaultApplicationHelmRepoURL, sc.DefaultAddonHelmRepoURL)
- res.Logger.Info().Msg("Created URL Cache")
- res.Logger.Info().Msg("Creating provisioner service client")
- provClient, err := getProvisionerServiceClient(sc)
- if err == nil && provClient != nil {
- res.ProvisionerClient = provClient
- }
- res.Logger.Info().Msg("Created provisioner service client")
- res.Logger.Info().Msg("Creating analytics client")
- res.AnalyticsClient = analytics.InitializeAnalyticsSegmentClient(sc.SegmentClientKey, res.Logger)
- res.Logger.Info().Msg("Created analytics client")
- if sc.PowerDNSAPIKey != "" && sc.PowerDNSAPIServerURL != "" {
- res.PowerDNSClient = powerdns.NewClient(sc.PowerDNSAPIServerURL, sc.PowerDNSAPIKey, sc.AppRootDomain)
- }
- res.EnableCAPIProvisioner = sc.EnableCAPIProvisioner
- if sc.EnableCAPIProvisioner {
- res.Logger.Info().Msg("Creating CCP client")
- if sc.ClusterControlPlaneAddress == "" {
- return res, errors.New("must provide CLUSTER_CONTROL_PLANE_ADDRESS")
- }
- client := porterv1connect.NewClusterControlPlaneServiceClient(http.DefaultClient, sc.ClusterControlPlaneAddress)
- res.ClusterControlPlaneClient = client
- res.Logger.Info().Msg("Created CCP client")
- }
- return res, nil
- }
- func getProvisionerServiceClient(sc *env.ServerConf) (*client.Client, error) {
- if sc.ProvisionerServerURL != "" && sc.ProvisionerToken != "" {
- baseURL := fmt.Sprintf("%s/api/v1", sc.ProvisionerServerURL)
- pClient, err := client.NewClient(baseURL, sc.ProvisionerToken, 0)
- if err != nil {
- return nil, err
- }
- return pClient, nil
- }
- return nil, fmt.Errorf("required env vars not set for provisioner")
- }
- // createDirectoryRecursively creates a directory and all its parents if they don't exist
- func createDirectoryRecursively(p string) (*os.File, error) {
- if err := os.MkdirAll(filepath.Dir(p), 0o770); err != nil {
- return nil, err
- }
- return os.Create(p)
- }
|
