feat(kuma-cp) dataplane token bound to the DP type (#1069)

Signed-off-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com>
kumahq · Oct 16, 2020 · c8d2277 · c8d2277
1 parent 6c2d373
commit c8d2277
Show file tree

Hide file tree

Showing 32 changed files with 201 additions and 938 deletions.
diff --git a/app/kumactl/cmd/completion/testdata/bash.golden b/app/kumactl/cmd/completion/testdata/bash.golden
@@ -736,6 +736,9 @@ _kumactl_generate_dataplane-token()
     flags+=("--tag=")
     two_word_flags+=("--tag")
     local_nonpersistent_flags+=("--tag=")
+    flags+=("--type=")
+    two_word_flags+=("--type")
+    local_nonpersistent_flags+=("--type=")
     flags+=("--config-file=")
     two_word_flags+=("--config-file")
     flags+=("--log-level=")

diff --git a/app/kumactl/cmd/completion/testdata/zsh.golden b/app/kumactl/cmd/completion/testdata/zsh.golden
@@ -284,6 +284,7 @@ function _kumactl_generate_dataplane-token {
   _arguments \
     '--dataplane[name of the Dataplane]:' \
     '--tag[required tag values for dataplane (split values by comma to provide multiple values)]:' \
+    '--type[type of the Dataplane ("dataplane", "ingress")]:' \
     '--config-file[path to the configuration file to use]:' \
     '--log-level[log level: one of off|info|debug]:' \
     '(-m --mesh)'{-m,--mesh}'[mesh to use]:'

diff --git a/app/kumactl/cmd/generate/generate_dataplane_token.go b/app/kumactl/cmd/generate/generate_dataplane_token.go
@@ -14,6 +14,7 @@ type generateDataplaneTokenContext struct {
 
 	args struct {
 		dataplane string
+		dpType    string
 		tags      map[string]string
 	}
 }
@@ -31,6 +32,9 @@ $ kumactl generate dataplane-token --mesh demo --dataplane demo-01
 Generate token bound by mesh
 $ kumactl generate dataplane-token --mesh demo
 
+Generate Ingress token
+$ kumactl generate dataplane-token --type ingress
+
 Generate token bound by tag
 $ kumactl generate dataplane-token --mesh demo --tag kuma.io/service=web,web-api
 `,
@@ -44,7 +48,7 @@ $ kumactl generate dataplane-token --mesh demo --tag kuma.io/service=web,web-api
 			for k, v := range ctx.args.tags {
 				tags[k] = strings.Split(v, ",")
 			}
-			token, err := client.Generate(ctx.args.dataplane, pctx.Args.Mesh, tags)
+			token, err := client.Generate(ctx.args.dataplane, pctx.Args.Mesh, tags, ctx.args.dpType)
 			if err != nil {
 				return errors.Wrap(err, "failed to generate a dataplane token")
 			}
@@ -53,6 +57,7 @@ $ kumactl generate dataplane-token --mesh demo --tag kuma.io/service=web,web-api
 		},
 	}
 	cmd.Flags().StringVar(&ctx.args.dataplane, "dataplane", "", "name of the Dataplane")
+	cmd.Flags().StringVar(&ctx.args.dpType, "type", "", `type of the Dataplane ("dataplane", "ingress")`)
 	cmd.Flags().StringToStringVar(&ctx.args.tags, "tag", nil, "required tag values for dataplane (split values by comma to provide multiple values)")
 	return cmd
 }
diff --git a/app/kumactl/cmd/generate/generate_dataplane_token_test.go b/app/kumactl/cmd/generate/generate_dataplane_token_test.go
@@ -6,9 +6,11 @@ import (
 	"fmt"
 
 	. "github.com/onsi/ginkgo"
+	. "github.com/onsi/ginkgo/extensions/table"
 	. "github.com/onsi/gomega"
 	"github.com/spf13/cobra"
 
+	mesh_proto "github.com/kumahq/kuma/api/mesh/v1alpha1"
 	"github.com/kumahq/kuma/app/kumactl/cmd"
 	kumactl_cmd "github.com/kumahq/kuma/app/kumactl/pkg/cmd"
 	"github.com/kumahq/kuma/app/kumactl/pkg/tokens"
@@ -24,11 +26,11 @@ type staticDataplaneTokenGenerator struct {
 
 var _ tokens.DataplaneTokenClient = &staticDataplaneTokenGenerator{}
 
-func (s *staticDataplaneTokenGenerator) Generate(name string, mesh string, tags map[string][]string) (string, error) {
+func (s *staticDataplaneTokenGenerator) Generate(name string, mesh string, tags map[string][]string, dpType string) (string, error) {
 	if s.err != nil {
 		return "", s.err
 	}
-	return fmt.Sprintf("token-for-%s-%s", name, mesh), nil
+	return fmt.Sprintf("token-for-%s-%s-%s-%s", name, mesh, mesh_proto.MultiValueTagSetFrom(tags).String(), dpType), nil
 }
 
 var _ = Describe("kumactl generate dataplane-token", func() {
@@ -64,29 +66,31 @@ var _ = Describe("kumactl generate dataplane-token", func() {
 		rootCmd.SetOut(buf)
 	})
 
-	It("should generate a token", func() {
-		// when
-		rootCmd.SetArgs([]string{"generate", "dataplane-token", "--dataplane=example", "--mesh=demo"})
-		err := rootCmd.Execute()
-
-		// then
-		Expect(err).ToNot(HaveOccurred())
-
-		// and
-		Expect(buf.String()).To(Equal("token-for-example-demo"))
-	})
-
-	It("should generate a token for default mesh when it is not specified", func() {
-		// when
-		rootCmd.SetArgs([]string{"generate", "dataplane-token", "--dataplane=example"})
-		err := rootCmd.Execute()
-
-		// then
-		Expect(err).ToNot(HaveOccurred())
-
-		// and
-		Expect(buf.String()).To(Equal("token-for-example-default"))
-	})
+	type testCase struct {
+		args   []string
+		result string
+	}
+	DescribeTable("should generate token",
+		func(given testCase) {
+			// when
+			rootCmd.SetArgs(given.args)
+			err := rootCmd.Execute()
+
+			// then
+			Expect(err).ToNot(HaveOccurred())
+
+			// and
+			Expect(buf.String()).To(Equal(given.result))
+		},
+		Entry("for default mesh when it is not specified", testCase{
+			args:   []string{"generate", "dataplane-token", "--dataplane=example"},
+			result: "token-for-example-default--",
+		}),
+		Entry("for all arguments", testCase{
+			args:   []string{"generate", "dataplane-token", "--mesh=demo", "--dataplane=example", "--type=dataplane", "--tag", "kuma.io/service=web"},
+			result: "token-for-example-demo-kuma.io/service=web-dataplane",
+		}),
+	)
 
 	It("should write error when generating token fails", func() {
 		// setup

diff --git a/app/kumactl/pkg/tokens/client.go b/app/kumactl/pkg/tokens/client.go
@@ -43,7 +43,7 @@ func NewDataplaneTokenClient(address string, config *kumactl_config.Context_Admi
 }
 
 type DataplaneTokenClient interface {
-	Generate(name string, mesh string, tags map[string][]string) (string, error)
+	Generate(name string, mesh string, tags map[string][]string, dpType string) (string, error)
 }
 
 type httpDataplaneTokenClient struct {
@@ -52,11 +52,12 @@ type httpDataplaneTokenClient struct {
 
 var _ DataplaneTokenClient = &httpDataplaneTokenClient{}
 
-func (h *httpDataplaneTokenClient) Generate(name string, mesh string, tags map[string][]string) (string, error) {
+func (h *httpDataplaneTokenClient) Generate(name string, mesh string, tags map[string][]string, dpType string) (string, error) {
 	tokenReq := &types.DataplaneTokenRequest{
 		Name: name,
 		Mesh: mesh,
 		Tags: tags,
+		Type: dpType,
 	}
 	reqBytes, err := json.Marshal(tokenReq)
 	if err != nil {

diff --git a/app/kumactl/pkg/tokens/client_test.go b/app/kumactl/pkg/tokens/client_test.go
@@ -89,12 +89,12 @@ var _ = Describe("Tokens Client", func() {
 
 			// wait for server
 			Eventually(func() error {
-				_, err := client.Generate("example", "default", nil)
+				_, err := client.Generate("example", "default", nil, "dataplane")
 				return err
 			}, "5s", "100ms").ShouldNot(HaveOccurred())
 
 			// when
-			token, err := client.Generate("example", "default", nil)
+			token, err := client.Generate("example", "default", nil, "dataplane")
 
 			// then
 			Expect(err).ToNot(HaveOccurred())
@@ -129,7 +129,7 @@ var _ = Describe("Tokens Client", func() {
 		Expect(err).ToNot(HaveOccurred())
 
 		// when
-		_, err = client.Generate("example", "default", nil)
+		_, err = client.Generate("example", "default", nil, "dataplane")
 
 		// then
 		Expect(err).To(MatchError("unexpected status code 500. Expected 200"))

diff --git a/pkg/sds/auth/common/common_suite_test.go b/pkg/sds/auth/common/common_suite_test.go
diff --git a/pkg/sds/auth/common/identity.go b/pkg/sds/auth/common/identity.go
diff --git a/pkg/sds/auth/common/identity_test.go b/pkg/sds/auth/common/identity_test.go
diff --git a/pkg/sds/auth/credential.go b/pkg/sds/auth/credential.go
diff --git a/pkg/sds/auth/interfaces.go b/pkg/sds/auth/interfaces.go