mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-01-21 21:01:04 -05:00
9667dfff58
* all vars have snail_case * make iam schema consistent * infrastructure schema * terraform: update AWS infrastructure module * fix ci * terraform: update AWS infrastructure module * terraform: update AWS IAM module * terraform: update Azure Infrastructure module inputs Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update Azure IAM module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update GCP infrastructure module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update GCP IAM module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update OpenStack Infrastructure module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update QEMU Infrastructure module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform-module: fix input name Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: tidy * cli: ignore whitespace in Terraform variable tests * terraform-module: fix AWS output names * terraform-module: fix output references Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: rename `api_server_cert_sans` * Update terraform/infrastructure/aws/modules/public_private_subnet/variables.tf Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> * fix self-managed * terraform: revert AWS modules output file renaming * terraform: remove duplicate varable declaration * terraform: rename Azure location field * ci: adjust output name in self-managed e2e test * e2e: continuously print output in upgrade test * e2e: write to output variables * cli: migrate IAM variable names * cli: make `location` field optional --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
114 lines
4.0 KiB
Go
114 lines
4.0 KiB
Go
/*
|
|
Copyright (c) Edgeless Systems GmbH
|
|
SPDX-License-Identifier: AGPL-3.0-only
|
|
*/
|
|
|
|
package cmd
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"github.com/edgelesssys/constellation/v2/cli/internal/cloudcmd"
|
|
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
|
|
"github.com/edgelesssys/constellation/v2/internal/config"
|
|
"github.com/edgelesssys/constellation/v2/internal/file"
|
|
"github.com/spf13/cobra"
|
|
"github.com/spf13/pflag"
|
|
)
|
|
|
|
// newIAMCreateAzureCmd returns a new cobra.Command for the iam create azure command.
|
|
func newIAMCreateAzureCmd() *cobra.Command {
|
|
cmd := &cobra.Command{
|
|
Use: "azure",
|
|
Short: "Create IAM configuration on Microsoft Azure for your Constellation cluster",
|
|
Long: "Create IAM configuration on Microsoft Azure for your Constellation cluster.",
|
|
Args: cobra.ExactArgs(0),
|
|
RunE: runIAMCreateAzure,
|
|
}
|
|
|
|
cmd.Flags().String("resourceGroup", "", "name prefix of the two resource groups your cluster / IAM resources will be created in (required)")
|
|
must(cobra.MarkFlagRequired(cmd.Flags(), "resourceGroup"))
|
|
cmd.Flags().String("region", "", "region the resources will be created in, e.g., westus (required)")
|
|
must(cobra.MarkFlagRequired(cmd.Flags(), "region"))
|
|
cmd.Flags().String("servicePrincipal", "", "name of the service principal that will be created (required)")
|
|
must(cobra.MarkFlagRequired(cmd.Flags(), "servicePrincipal"))
|
|
return cmd
|
|
}
|
|
|
|
func runIAMCreateAzure(cmd *cobra.Command, _ []string) error {
|
|
creator := &azureIAMCreator{}
|
|
if err := creator.flags.parse(cmd.Flags()); err != nil {
|
|
return err
|
|
}
|
|
return runIAMCreate(cmd, creator, cloudprovider.Azure)
|
|
}
|
|
|
|
// azureIAMCreateFlags contains the parsed flags of the iam create azure command.
|
|
type azureIAMCreateFlags struct {
|
|
region string
|
|
resourceGroup string
|
|
servicePrincipal string
|
|
}
|
|
|
|
func (f *azureIAMCreateFlags) parse(flags *pflag.FlagSet) error {
|
|
var err error
|
|
f.region, err = flags.GetString("region")
|
|
if err != nil {
|
|
return fmt.Errorf("getting 'region' flag: %w", err)
|
|
}
|
|
f.resourceGroup, err = flags.GetString("resourceGroup")
|
|
if err != nil {
|
|
return fmt.Errorf("getting 'resourceGroup' flag: %w", err)
|
|
}
|
|
f.servicePrincipal, err = flags.GetString("servicePrincipal")
|
|
if err != nil {
|
|
return fmt.Errorf("getting 'servicePrincipal' flag: %w", err)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// azureIAMCreator implements the providerIAMCreator interface for Azure.
|
|
type azureIAMCreator struct {
|
|
flags azureIAMCreateFlags
|
|
}
|
|
|
|
func (c *azureIAMCreator) getIAMConfigOptions() *cloudcmd.IAMConfigOptions {
|
|
return &cloudcmd.IAMConfigOptions{
|
|
Azure: cloudcmd.AzureIAMConfig{
|
|
Location: c.flags.region,
|
|
ResourceGroup: c.flags.resourceGroup,
|
|
ServicePrincipal: c.flags.servicePrincipal,
|
|
},
|
|
}
|
|
}
|
|
|
|
func (c *azureIAMCreator) printConfirmValues(cmd *cobra.Command) {
|
|
cmd.Printf("Region:\t\t\t%s\n", c.flags.region)
|
|
cmd.Printf("Resource Group:\t\t%s\n", c.flags.resourceGroup)
|
|
cmd.Printf("Service Principal:\t%s\n\n", c.flags.servicePrincipal)
|
|
}
|
|
|
|
func (c *azureIAMCreator) printOutputValues(cmd *cobra.Command, iamFile cloudcmd.IAMOutput) {
|
|
cmd.Printf("subscription:\t\t%s\n", iamFile.AzureOutput.SubscriptionID)
|
|
cmd.Printf("tenant:\t\t\t%s\n", iamFile.AzureOutput.TenantID)
|
|
cmd.Printf("location:\t\t%s\n", c.flags.region)
|
|
cmd.Printf("resourceGroup:\t\t%s\n", c.flags.resourceGroup)
|
|
cmd.Printf("userAssignedIdentity:\t%s\n", iamFile.AzureOutput.UAMIID)
|
|
}
|
|
|
|
func (c *azureIAMCreator) writeOutputValuesToConfig(conf *config.Config, iamFile cloudcmd.IAMOutput) {
|
|
conf.Provider.Azure.SubscriptionID = iamFile.AzureOutput.SubscriptionID
|
|
conf.Provider.Azure.TenantID = iamFile.AzureOutput.TenantID
|
|
conf.Provider.Azure.Location = c.flags.region
|
|
conf.Provider.Azure.ResourceGroup = c.flags.resourceGroup
|
|
conf.Provider.Azure.UserAssignedIdentity = iamFile.AzureOutput.UAMIID
|
|
}
|
|
|
|
func (c *azureIAMCreator) parseAndWriteIDFile(_ cloudcmd.IAMOutput, _ file.Handler) error {
|
|
return nil
|
|
}
|
|
|
|
func (c *azureIAMCreator) validateConfigWithFlagCompatibility(conf config.Config) error {
|
|
return validateConfigWithFlagCompatibility(cloudprovider.Azure, conf, c.flags.region)
|
|
}
|