From 0fc6a4b093b4898d48890384176b144eba4eafe9 Mon Sep 17 00:00:00 2001 From: Melora Hugues Date: Tue, 28 May 2024 21:47:51 +0200 Subject: [PATCH] Allow using config file as well as env variables --- .envrc | 28 ++-- polyculeconnect/cmd/serve/serve.go | 16 +-- polyculeconnect/config/config.go | 199 ++++++++++++++++---------- polyculeconnect/config/config_test.go | 137 ++++++++++++------ polyculeconnect/config/envvar.go | 26 ---- polyculeconnect/go.mod | 1 + polyculeconnect/go.sum | 2 + 7 files changed, 229 insertions(+), 180 deletions(-) delete mode 100644 polyculeconnect/config/envvar.go diff --git a/.envrc b/.envrc index cc47c63..cb5e78d 100644 --- a/.envrc +++ b/.envrc @@ -1,18 +1,18 @@ # Can be debug,info,warning,error -export LOG_LEVEL=debug +export POLYCULECONNECT_LOG_LEVEL=debug # Can be net,unix -export SERVER_MODE=net -export SERVER_HOST="0.0.0.0" -export SERVER_PORT="5000" -# SERVER_SOCK_PATH = "" +export POLYCULECONNECT_SERVER_MODE=net +export POLYCULECONNECT_SERVER_HOST="0.0.0.0" +export POLYCULECONNECT_SERVER_PORT="5000" +# POLYCULECONNECT_SERVER_SOCK_PATH = "" -export STORAGE_TYPE="sqlite" -export STORAGE_FILEPATH="./build/polyculeconnect.db" -# STORAGE_HOST = "127.0.0.1" -# STORAGE_PORT = "5432" -# STORAGE_DB = "polyculeconnect" -# STORAGE_USER = "polyculeconnect" -# STORAGE_PASSWORD = "polyculeconnect" -# STORAGE_SSL_MODE = "disable" -# STORAGE_SSL_CA_FILE = "" \ No newline at end of file +export POLYCULECONNECT_STORAGE_TYPE="sqlite" +export POLYCULECONNECT_STORAGE_FILEPATH="./build/polyculeconnect.db" +# POLYCULECONNECT_STORAGE_HOST = "127.0.0.1" +# POLYCULECONNECT_STORAGE_PORT = "5432" +# POLYCULECONNECT_STORAGE_DB = "polyculeconnect" +# POLYCULECONNECT_STORAGE_USER = "polyculeconnect" +# POLYCULECONNECT_STORAGE_PASSWORD = "polyculeconnect" +# POLYCULECONNECT_STORAGE_SSL_MODE = "disable" +# POLYCULECONNECT_STORAGE_SSL_CA_FILE = "" \ No newline at end of file diff --git a/polyculeconnect/cmd/serve/serve.go b/polyculeconnect/cmd/serve/serve.go index e572f60..9022dce 100644 --- a/polyculeconnect/cmd/serve/serve.go +++ b/polyculeconnect/cmd/serve/serve.go @@ -47,7 +47,7 @@ func serve() { Theme: "default", }, Storage: storageType, - Issuer: conf.OpenConnectConfig.Issuer, + Issuer: conf.Issuer, SupportedResponseTypes: []string{"code"}, SkipApprovalScreen: false, AllowedOrigins: []string{"*"}, @@ -71,20 +71,6 @@ func serve() { logger.L.Errorf("Failed to add connector for backend RefuseAll to stage: %s", err.Error()) } - for _, backend := range conf.OpenConnectConfig.BackendConfigs { - if err := services.CreateConnector(backend, &dexConf, connectorIDs); err != nil { - logger.L.Errorf("Failed to add connector for backend %q to stage: %s", backend.Name, err.Error()) - continue - } - } - - logger.L.Info("Initializing clients") - for _, client := range conf.OpenConnectConfig.ClientConfigs { - if err := dexConf.Storage.CreateClient(*client); err != nil { - logger.L.Errorf("Failed to add client to storage: %s", err.Error()) - } - } - dexSrv, err := dex_server.NewServer(mainCtx, dexConf) if err != nil { logger.L.Fatalf("Failed to init dex server: %s", err.Error()) diff --git a/polyculeconnect/config/config.go b/polyculeconnect/config/config.go index ad2c7bc..2db5424 100644 --- a/polyculeconnect/config/config.go +++ b/polyculeconnect/config/config.go @@ -8,32 +8,13 @@ import ( "os" "github.com/dexidp/dex/connector/oidc" - "github.com/dexidp/dex/storage" + "github.com/kelseyhightower/envconfig" "github.com/sirupsen/logrus" ) -type envVar string - const ( - varLogLevel envVar = "LOG_LEVEL" - - varServerMode envVar = "SERVER_MODE" - varServerHost envVar = "SERVER_HOST" - varServerPort envVar = "SERVER_PORT" - varServerSocket envVar = "SERVER_SOCK_PATH" - varServerStaticDir envVar = "SERVER_STATIC_DIR" - - varIssuer envVar = "ISSUER" - - varStorageType envVar = "STORAGE_TYPE" - varStorageFile envVar = "STORAGE_FILEPATH" - varStorageHost envVar = "STORAGE_HOST" - varStoragePort envVar = "STORAGE_PORT" - varStorageDB envVar = "STORAGE_DB" - varStorageUser envVar = "STORAGE_USER" - varStoragePassword envVar = "STORAGE_PASSWORD" - varStorageSSLMode envVar = "STORAGE_SSL_MODE" - varStorageSSLCaFile envVar = "STORAGE_SSL_CA_FILE" + envConfigPrefix = "POLYCULECONNECT" + DefaultConfigPath = "/etc/polyculeconnect.json" ) type ListeningMode string @@ -81,40 +62,104 @@ type BackendConfig struct { Local bool `json:"local"` } -// Deprecated: remove when we finally drop the JSON config -type OpenConnectConfig struct { - ClientConfigs []*storage.Client `json:"clients"` - BackendConfigs []*BackendConfig `json:"backends"` - Issuer string `json:"issuer"` +type SSLStorageConfig struct { + Mode string `json:"mode" envconfig:"STORAGE_SSL_MODE"` + CaFile string `json:"ca_file" envconfig:"STORAGE_SSL_CA_FILE"` } type StorageConfig struct { - File string - Host string - Port int - Database string - User string - Password string - Ssl struct { - Mode string - CaFile string - } + File string `envconfig:"STORAGE_PATH"` + Host string `envconfig:"STORAGE_HOST"` + Port int `envconfig:"STORAGE_PORT"` + Database string `envconfig:"STORAGE_DATABASE"` + User string `envconfig:"STORAGE_USER"` + Password string `envconfig:"STORAGE_PASSWORD"` + SSL SSLStorageConfig +} + +type logConfig struct { + Level string `json:"level"` +} + +type serverConfig struct { + Mode string `json:"mode"` + Host string `json:"host"` + Port int `json:"port"` + Sock string `json:"sock"` +} + +type jsonStorageConfig struct { + Type string `json:"type"` + File string `json:"path"` + Host string `json:"host" ` + Port int `json:"port"` + Database string `json:"database" ` + User string `json:"user" ` + Password string `json:"password" ` + SSL SSLStorageConfig `json:"ssl"` } type jsonConf struct { - OpenConnectConfig *OpenConnectConfig `json:"openconnect"` + LogConfig logConfig `json:"log"` + ServerConfig serverConfig `json:"server"` + StorageConfig jsonStorageConfig `json:"storage"` +} + +func (c *jsonConf) initValues(ac *AppConfig) { + c.LogConfig = logConfig{Level: ac.LogLevel.String()} + c.ServerConfig = serverConfig{ + Mode: string(ac.ServerMode), + Host: ac.Host, + Port: ac.Port, + Sock: ac.SockPath, + } + c.StorageConfig = jsonStorageConfig{ + Type: ac.StorageType, + File: ac.StorageConfig.File, + Host: ac.StorageConfig.Host, + Port: ac.StorageConfig.Port, + Database: ac.StorageConfig.Database, + User: ac.StorageConfig.User, + Password: ac.StorageConfig.Password, + SSL: ac.StorageConfig.SSL, + } } type AppConfig struct { - LogLevel logrus.Level - ServerMode ListeningMode - Host string - Port int - SockPath string - StorageType string - StorageConfig *StorageConfig - OpenConnectConfig *OpenConnectConfig - StaticDir string + LogLevel logrus.Level `envconfig:"LOG_LEVEL"` + ServerMode ListeningMode `envconfig:"SERVER_MODE"` + Host string `envconfig:"SERVER_HOST"` + Port int `envconfig:"SERVER_PORT"` + SockPath string `envconfig:"SERVER_SOCK"` + StorageType string `envconfig:"STORAGE_TYPE"` + StorageConfig *StorageConfig + Issuer string + StaticDir string +} + +func defaultConfig() AppConfig { + return AppConfig{ + LogLevel: defaultLogLevel, + ServerMode: defaultServerMode, + Host: defaultServerHost, + Port: defaultServerPort, + SockPath: defaultServerSocket, + StorageType: string(defaultStorageType), + StorageConfig: &StorageConfig{ + File: defaultStorageFile, + Host: defaultStorageHost, + Port: defaultServerPort, + Database: defaultStorageDB, + User: defaultStorageUser, + Password: defaultStoragePassword, + SSL: SSLStorageConfig{ + Mode: defaultStorageSSLMode, + CaFile: defaultStorageSSLCaFile, + }, + }, + Issuer: defaultIssuer, + StaticDir: defaultServerStaticDir, + } } func parseLevel(lvlStr string) logrus.Level { @@ -128,46 +173,36 @@ func parseLevel(lvlStr string) logrus.Level { func (ac *AppConfig) UnmarshalJSON(data []byte) error { var jsonConf jsonConf + jsonConf.initValues(ac) + if err := json.Unmarshal(data, &jsonConf); err != nil { return fmt.Errorf("failed to read JSON: %w", err) } - ac.OpenConnectConfig = jsonConf.OpenConnectConfig - if ac.OpenConnectConfig == nil { - ac.OpenConnectConfig = &OpenConnectConfig{} - } + + ac.LogLevel = parseLevel(jsonConf.LogConfig.Level) + + ac.ServerMode = ListeningMode(jsonConf.ServerConfig.Mode) + ac.Host = jsonConf.ServerConfig.Host + ac.Port = jsonConf.ServerConfig.Port + ac.SockPath = jsonConf.ServerConfig.Sock + + ac.StorageType = jsonConf.StorageConfig.Type + ac.StorageConfig.File = jsonConf.StorageConfig.File + ac.StorageConfig.Host = jsonConf.StorageConfig.Host + ac.StorageConfig.Port = jsonConf.StorageConfig.Port + ac.StorageConfig.Database = jsonConf.StorageConfig.Database + ac.StorageConfig.User = jsonConf.StorageConfig.User + ac.StorageConfig.Password = jsonConf.StorageConfig.Password + ac.StorageConfig.SSL = jsonConf.StorageConfig.SSL return nil } -func (ac *AppConfig) getConfFromEnv() { - ac.LogLevel = parseLevel(getStringFromEnv(varLogLevel, defaultLogLevel.String())) - - ac.ServerMode = ListeningMode(getStringFromEnv(varServerMode, string(defaultServerMode))) - ac.Host = getStringFromEnv(varServerHost, defaultServerHost) - ac.Port = getIntFromEnv(varServerPort, defaultServerPort) - ac.SockPath = getStringFromEnv(varServerSocket, defaultServerSocket) - ac.StaticDir = getStringFromEnv(varServerStaticDir, defaultServerStaticDir) - - ac.StorageType = getStringFromEnv(varStorageType, string(defaultStorageType)) - ac.StorageConfig.Database = getStringFromEnv(varStorageDB, defaultStorageDB) - ac.StorageConfig.File = getStringFromEnv(varStorageFile, defaultStorageFile) - ac.StorageConfig.Host = getStringFromEnv(varStorageHost, defaultStorageHost) - ac.StorageConfig.Port = getIntFromEnv(varStoragePort, defaultStoragePort) - ac.StorageConfig.User = getStringFromEnv(varStorageUser, defaultStorageUser) - ac.StorageConfig.Password = getStringFromEnv(varStoragePassword, defaultStoragePassword) - ac.StorageConfig.Ssl.CaFile = getStringFromEnv(varStorageSSLCaFile, defaultStorageSSLCaFile) - ac.StorageConfig.Ssl.Mode = getStringFromEnv(varStorageSSLMode, defaultStorageSSLMode) - - ac.OpenConnectConfig.Issuer = getStringFromEnv(varIssuer, defaultIssuer) -} - func (ac *AppConfig) RedirectURI() string { - return ac.OpenConnectConfig.Issuer + "/callback" + return ac.Issuer + "/callback" } func New(filepath string) (*AppConfig, error) { - var conf AppConfig - conf.StorageConfig = &StorageConfig{} - conf.OpenConnectConfig = &OpenConnectConfig{} + conf := defaultConfig() content, err := os.ReadFile(filepath) if err != nil { if !errors.Is(err, fs.ErrNotExist) { @@ -178,6 +213,14 @@ func New(filepath string) (*AppConfig, error) { return nil, fmt.Errorf("failed to parse config file: %w", err) } } - conf.getConfFromEnv() + if err := envconfig.Process(envConfigPrefix, &conf); err != nil { + return nil, err + } + if err := envconfig.Process(envConfigPrefix, conf.StorageConfig); err != nil { + return nil, err + } + if err := envconfig.Process(envConfigPrefix, &conf.StorageConfig.SSL); err != nil { + return nil, err + } return &conf, nil } diff --git a/polyculeconnect/config/config_test.go b/polyculeconnect/config/config_test.go index 8787f11..adae3e8 100644 --- a/polyculeconnect/config/config_test.go +++ b/polyculeconnect/config/config_test.go @@ -10,31 +10,6 @@ import ( "github.com/stretchr/testify/require" ) -var defaultConfig = AppConfig{ - LogLevel: defaultLogLevel, - ServerMode: defaultServerMode, - Host: defaultServerHost, - Port: defaultServerPort, - SockPath: defaultServerSocket, - StorageType: string(defaultStorageType), - StaticDir: "./", - StorageConfig: &StorageConfig{ - File: defaultStorageFile, - Host: defaultStorageHost, - Port: defaultStoragePort, - Database: defaultStorageDB, - User: defaultStorageUser, - Password: defaultStoragePassword, - Ssl: struct { - Mode string - CaFile string - }{Mode: defaultStorageSSLMode, CaFile: defaultStorageSSLCaFile}, - }, - OpenConnectConfig: &OpenConnectConfig{ - Issuer: defaultIssuer, - }, -} - func initJson(t *testing.T, content string) string { tmpPath := t.TempDir() confPath := path.Join(tmpPath, "config.json") @@ -53,14 +28,14 @@ func TestDefault(t *testing.T) { t.Run("no file", func(t *testing.T) { conf, err := New("/this/path/does/not/exist") require.NoError(t, err) - assert.Equal(t, defaultConfig, *conf) + assert.Equal(t, defaultConfig(), *conf) }) t.Run("empty config", func(t *testing.T) { confPath := initJson(t, `{}`) conf, err := New(confPath) require.NoError(t, err) - assert.Equal(t, defaultConfig, *conf) + assert.Equal(t, defaultConfig(), *conf) }) } @@ -73,11 +48,54 @@ func TestInvalidJSON(t *testing.T) { assert.ErrorContains(t, err, errMsg) } +func TestJSONConfig(t *testing.T) { + confPath := initJson(t, `{ + "log": {"level":"info"}, + "server": { + "mode": "net", + "host": "0.0.0.0", + "port": 1337 + } +}`) + + conf, err := New(confPath) + require.NoError(t, err) + + assert.Equal(t, ModeNet, conf.ServerMode) + assert.Equal(t, "0.0.0.0", conf.Host) + assert.Equal(t, 1337, conf.Port) +} + +func TestJSONConfigOverriden(t *testing.T) { + confPath := initJson(t, `{ + "log": {"level":"info"}, + "server": { + "mode": "net", + "host": "0.0.0.0", + "port": 1337 + } +}`) + + envVars := map[string]string{ + string("POLYCULECONNECT_SERVER_MODE"): string(ModeUnix), + string("POLYCULECONNECT_SERVER_SOCK"): "/run/polyculeconnect.sock", + } + setEnv(t, envVars) + + conf, err := New(confPath) + require.NoError(t, err) + + assert.Equal(t, ModeUnix, conf.ServerMode) + assert.Equal(t, "0.0.0.0", conf.Host) + assert.Equal(t, 1337, conf.Port) + assert.Equal(t, "/run/polyculeconnect.sock", conf.SockPath) +} + func TestHostNetMode(t *testing.T) { envVars := map[string]string{ - string(varServerMode): string(ModeNet), - string(varServerHost): "127.0.0.1", - string(varServerPort): "8888", + string("POLYCULECONNECT_SERVER_MODE"): string(ModeNet), + string("POLYCULECONNECT_SERVER_HOST"): "127.0.0.1", + string("POLYCULECONNECT_SERVER_PORT"): "8888", } setEnv(t, envVars) @@ -91,8 +109,8 @@ func TestHostNetMode(t *testing.T) { func TestHostSocketMode(t *testing.T) { envVars := map[string]string{ - string(varServerMode): string(ModeUnix), - string(varServerSocket): "/run/polyculeconnect.sock", + string("POLYCULECONNECT_SERVER_MODE"): string(ModeUnix), + string("POLYCULECONNECT_SERVER_SOCK"): "/run/polyculeconnect.sock", } setEnv(t, envVars) @@ -105,7 +123,7 @@ func TestHostSocketMode(t *testing.T) { func TestLogLevel(t *testing.T) { envVars := map[string]string{ - string(varLogLevel): "error", + string("POLYCULECONNECT_LOG_LEVEL"): "error", } setEnv(t, envVars) @@ -115,22 +133,10 @@ func TestLogLevel(t *testing.T) { assert.Equal(t, logrus.ErrorLevel, conf.LogLevel) } -func TestLogLevelInvalidValue(t *testing.T) { - envVars := map[string]string{ - string(varLogLevel): "toto", - } - setEnv(t, envVars) - - conf, err := New("") - require.NoError(t, err) - - assert.Equal(t, logrus.InfoLevel, conf.LogLevel) // if invalid, no error should occur, but info level should be used -} - func TestSqliteConfig(t *testing.T) { envVars := map[string]string{ - string(varStorageType): "sqlite", - string(varStorageFile): "/data/polyculeconnect.db", + string("POLYCULECONNECT_STORAGE_TYPE"): "sqlite", + string("POLYCULECONNECT_STORAGE_PATH"): "/data/polyculeconnect.db", } setEnv(t, envVars) @@ -140,3 +146,40 @@ func TestSqliteConfig(t *testing.T) { assert.Equal(t, string(SQLite), conf.StorageType) assert.Equal(t, "/data/polyculeconnect.db", conf.StorageConfig.File) } + +func TestSqliteConfigJSON(t *testing.T) { + confPath := initJson(t, `{ + "log": {"level":"info"}, + "storage": { + "type": "sqlite", + "path": "/data/polyculeconnect.db" + } + }`) + + conf, err := New(confPath) + require.NoError(t, err) + + assert.Equal(t, string(SQLite), conf.StorageType) + assert.Equal(t, "/data/polyculeconnect.db", conf.StorageConfig.File) +} + +func TestSqliteConfigJSONOverriden(t *testing.T) { + confPath := initJson(t, `{ + "log": {"level":"info"}, + "storage": { + "type": "sqlite", + "path": "/data/polyculeconnect.db" + } + }`) + + envVars := map[string]string{ + string("POLYCULECONNECT_STORAGE_PATH"): "/tmp/polyculeconnect.db", + } + setEnv(t, envVars) + + conf, err := New(confPath) + require.NoError(t, err) + + assert.Equal(t, string(SQLite), conf.StorageType) + assert.Equal(t, "/tmp/polyculeconnect.db", conf.StorageConfig.File) +} diff --git a/polyculeconnect/config/envvar.go b/polyculeconnect/config/envvar.go deleted file mode 100644 index a851edf..0000000 --- a/polyculeconnect/config/envvar.go +++ /dev/null @@ -1,26 +0,0 @@ -package config - -import ( - "os" - "strconv" -) - -func getStringFromEnv(key envVar, defaultValue string) string { - val, ok := os.LookupEnv(string(key)) - if !ok { - return defaultValue - } - return val -} - -func getIntFromEnv(key envVar, defaultValue int) int { - rawVal, ok := os.LookupEnv(string(key)) - if !ok { - return defaultValue - } - val, err := strconv.Atoi(rawVal) - if err != nil { - return defaultValue - } - return val -} diff --git a/polyculeconnect/go.mod b/polyculeconnect/go.mod index b8d20dd..4214398 100644 --- a/polyculeconnect/go.mod +++ b/polyculeconnect/go.mod @@ -4,6 +4,7 @@ go 1.20 require ( github.com/dexidp/dex v0.0.0-20231014000322-089f374d4f3e + github.com/kelseyhightower/envconfig v1.4.0 github.com/prometheus/client_golang v1.17.0 github.com/sirupsen/logrus v1.9.3 github.com/spf13/cobra v1.7.0 diff --git a/polyculeconnect/go.sum b/polyculeconnect/go.sum index eef256e..c60f175 100644 --- a/polyculeconnect/go.sum +++ b/polyculeconnect/go.sum @@ -102,6 +102,8 @@ github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2 github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/jonboulle/clockwork v0.2.2 h1:UOGuzwb1PwsrDAObMuhUnj0p5ULPj8V/xJ7Kx9qUBdQ= github.com/jonboulle/clockwork v0.2.2/go.mod h1:Pkfl5aHPm1nk2H9h0bjmnJD/BcgbGXUBGnn1kMkgxc8= +github.com/kelseyhightower/envconfig v1.4.0 h1:Im6hONhd3pLkfDFsbRgu68RDNkGF1r3dvMUtDTo2cv8= +github.com/kelseyhightower/envconfig v1.4.0/go.mod h1:cccZRl6mQpaq41TPp5QxidR+Sa3axMbJDNb//FQX6Gg= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.0/go.mod h1:640gp4NfQd8pI5XOwp5fnNeVWj67G7CFk/SaSQn7NBk=