From 15df700b27a98ce556400e39aab17298049c7f23 Mon Sep 17 00:00:00 2001 From: Benedikt Kulmann Date: Wed, 11 Nov 2020 17:12:14 +0100 Subject: [PATCH 1/2] Move default configs to root level --- ocis/pkg/command/accounts.go | 7 ++++++ ocis/pkg/command/ocs.go | 9 +++++--- ocis/pkg/command/proxy.go | 4 ++-- ocis/pkg/command/settings.go | 4 ++-- ocis/pkg/config/config.go | 18 ++++++++++----- ocis/pkg/flagset/flagset.go | 45 +++++++++++++++++++++--------------- 6 files changed, 55 insertions(+), 32 deletions(-) diff --git a/ocis/pkg/command/accounts.go b/ocis/pkg/command/accounts.go index b46a1f9b85f..8bb986be90d 100644 --- a/ocis/pkg/command/accounts.go +++ b/ocis/pkg/command/accounts.go @@ -44,6 +44,13 @@ func configureAccounts(cfg *config.Config) *svcconfig.Config { cfg.Accounts.Log.Color = cfg.Log.Color cfg.Accounts.Server.Version = version.String + // TODO: we need tracing on the accounts service as well. when we have it, apply default config from OCIS here. + + if cfg.TokenManager.JWTSecret != "" { + cfg.Accounts.TokenManager.JWTSecret = cfg.TokenManager.JWTSecret + cfg.Accounts.Repo.CS3.JWTSecret = cfg.TokenManager.JWTSecret + } + return cfg.Accounts } diff --git a/ocis/pkg/command/ocs.go b/ocis/pkg/command/ocs.go index e576c086c09..8209162ec46 100644 --- a/ocis/pkg/command/ocs.go +++ b/ocis/pkg/command/ocs.go @@ -4,12 +4,12 @@ package command import ( "github.com/micro/cli/v2" + "github.com/owncloud/ocis/ocis/pkg/config" + "github.com/owncloud/ocis/ocis/pkg/register" "github.com/owncloud/ocis/ocis/pkg/version" "github.com/owncloud/ocis/ocs/pkg/command" svcconfig "github.com/owncloud/ocis/ocs/pkg/config" "github.com/owncloud/ocis/ocs/pkg/flagset" - "github.com/owncloud/ocis/ocis/pkg/config" - "github.com/owncloud/ocis/ocis/pkg/register" ) // OCSCommand is the entrypoint for the ocs command. @@ -48,10 +48,13 @@ func configureOCS(cfg *config.Config) *svcconfig.Config { cfg.OCS.Tracing.Service = cfg.Tracing.Service } + if cfg.TokenManager.JWTSecret != "" { + cfg.OCS.TokenManager.JWTSecret = cfg.TokenManager.JWTSecret + } + return cfg.OCS } func init() { register.AddCommand(OCSCommand) } - diff --git a/ocis/pkg/command/proxy.go b/ocis/pkg/command/proxy.go index 8422a39e107..4c19599b44f 100644 --- a/ocis/pkg/command/proxy.go +++ b/ocis/pkg/command/proxy.go @@ -48,8 +48,8 @@ func configureProxy(cfg *config.Config) *svcconfig.Config { cfg.Proxy.Tracing.Service = cfg.Tracing.Service } - if cfg.Storage.Reva.JWTSecret != "" { - cfg.Proxy.TokenManager.JWTSecret = cfg.Storage.Reva.JWTSecret + if cfg.TokenManager.JWTSecret != "" { + cfg.Proxy.TokenManager.JWTSecret = cfg.TokenManager.JWTSecret } return cfg.Proxy diff --git a/ocis/pkg/command/settings.go b/ocis/pkg/command/settings.go index df1af102be5..dd16225e686 100644 --- a/ocis/pkg/command/settings.go +++ b/ocis/pkg/command/settings.go @@ -48,8 +48,8 @@ func configureSettings(cfg *config.Config) *svcconfig.Config { cfg.Settings.Tracing.Service = cfg.Tracing.Service } - if cfg.Storage.Reva.JWTSecret != "" { - cfg.Settings.TokenManager.JWTSecret = cfg.Storage.Reva.JWTSecret + if cfg.TokenManager.JWTSecret != "" { + cfg.Settings.TokenManager.JWTSecret = cfg.TokenManager.JWTSecret } return cfg.Settings diff --git a/ocis/pkg/config/config.go b/ocis/pkg/config/config.go index 339eefe00a4..fa32ad29fd8 100644 --- a/ocis/pkg/config/config.go +++ b/ocis/pkg/config/config.go @@ -53,14 +53,20 @@ type Tracing struct { Service string } +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string +} + // Config combines all available configuration parts. type Config struct { - File string - Log Log - Debug Debug - HTTP HTTP - GRPC GRPC - Tracing Tracing + File string + Log Log + Debug Debug + HTTP HTTP + GRPC GRPC + Tracing Tracing + TokenManager TokenManager Accounts *accounts.Config Graph *graph.Config diff --git a/ocis/pkg/flagset/flagset.go b/ocis/pkg/flagset/flagset.go index ac0ffa2e52c..517b59e4c2f 100644 --- a/ocis/pkg/flagset/flagset.go +++ b/ocis/pkg/flagset/flagset.go @@ -36,25 +36,6 @@ func RootWithConfig(cfg *config.Config) []cli.Flag { EnvVars: []string{"OCIS_LOG_COLOR"}, Destination: &cfg.Log.Color, }, - } -} - -// HealthWithConfig applies cfg to the root flagset -func HealthWithConfig(cfg *config.Config) []cli.Flag { - return []cli.Flag{ - &cli.StringFlag{ - Name: "debug-addr", - Value: "0.0.0.0:9010", - Usage: "Address to debug endpoint", - EnvVars: []string{"OCIS_DEBUG_ADDR"}, - Destination: &cfg.Debug.Addr, - }, - } -} - -// ServerWithConfig applies cfg to the root flagset -func ServerWithConfig(cfg *config.Config) []cli.Flag { - return []cli.Flag{ &cli.BoolFlag{ Name: "tracing-enabled", Usage: "Enable sending traces", @@ -89,6 +70,32 @@ func ServerWithConfig(cfg *config.Config) []cli.Flag { EnvVars: []string{"OCIS_TRACING_SERVICE"}, Destination: &cfg.Tracing.Service, }, + &cli.StringFlag{ + Name: "jwt-secret", + Value: "Pive-Fumkiu4", + Usage: "Used to dismantle the access token, should equal reva's jwt-secret", + EnvVars: []string{"OCIS_JWT_SECRET"}, + Destination: &cfg.TokenManager.JWTSecret, + }, + } +} + +// HealthWithConfig applies cfg to the root flagset +func HealthWithConfig(cfg *config.Config) []cli.Flag { + return []cli.Flag{ + &cli.StringFlag{ + Name: "debug-addr", + Value: "0.0.0.0:9010", + Usage: "Address to debug endpoint", + EnvVars: []string{"OCIS_DEBUG_ADDR"}, + Destination: &cfg.Debug.Addr, + }, + } +} + +// ServerWithConfig applies cfg to the root flagset +func ServerWithConfig(cfg *config.Config) []cli.Flag { + return []cli.Flag{ &cli.StringFlag{ Name: "debug-addr", Value: "0.0.0.0:9010", From 295b9451235c171372aaedd5d02db4fc88ea87df Mon Sep 17 00:00:00 2001 From: Benedikt Kulmann Date: Wed, 11 Nov 2020 17:14:54 +0100 Subject: [PATCH 2/2] Changelog --- changelog/unreleased/ocis-root-config.md | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 changelog/unreleased/ocis-root-config.md diff --git a/changelog/unreleased/ocis-root-config.md b/changelog/unreleased/ocis-root-config.md new file mode 100644 index 00000000000..4261d2bd77a --- /dev/null +++ b/changelog/unreleased/ocis-root-config.md @@ -0,0 +1,7 @@ +Change: Move ocis default config to root level + +Tags: ocis + +We moved the tracing config to the `root` flagset so that they are parsed on all commands. We also introduced a `JWTSecret` flag in the root flagset, in order to apply a common default JWTSecret to all services that have one. + +https://github.com/owncloud/ocis/pull/842