From 5b7e2adc8ad45ac9e75469773eaa19ec454a31e1 Mon Sep 17 00:00:00 2001 From: nxtcoder17 Date: Mon, 27 May 2024 18:51:42 +0530 Subject: [PATCH] feat(infra): global vpn support with loadbalancer - fixes BYOK cluster deletion - patches Cluster Endpoint for both kloudlite clusters (with NodePorts), and BYOK clusters (with LoadBalancer) --- .../infra/global-vpn-devices.graphql.yml | 2 +- apps/infra/internal/domain/byok-clusters.go | 42 ++++--------- apps/infra/internal/domain/clusters.go | 12 ++-- .../domain/global-vpn-cluster-connection.go | 49 ++++++++++----- .../internal/domain/global-vpn-devices.go | 7 ++- .../global-vpn-kloudlite-device.yml.tpl | 63 +++++-------------- apps/infra/internal/domain/templates/types.go | 1 + .../field-constants/generated_constants.go | 55 ++++++++-------- apps/infra/internal/env/env.go | 3 +- go.mod | 2 +- go.sum | 2 + pkg/errors/types.go | 22 +++++++ 12 files changed, 126 insertions(+), 134 deletions(-) create mode 100644 pkg/errors/types.go diff --git a/.tools/nvim/__http__/infra/global-vpn-devices.graphql.yml b/.tools/nvim/__http__/infra/global-vpn-devices.graphql.yml index 89bdbbbc6..8ad5c102c 100644 --- a/.tools/nvim/__http__/infra/global-vpn-devices.graphql.yml +++ b/.tools/nvim/__http__/infra/global-vpn-devices.graphql.yml @@ -1,7 +1,7 @@ --- global: gvpn: "default" - deviceName: "kloudlite-platform-device" + deviceName: "kloudlite-global-vpn-device" # deviceName: "second-device" --- label: "Create GlobalVPN Device" diff --git a/apps/infra/internal/domain/byok-clusters.go b/apps/infra/internal/domain/byok-clusters.go index 02ae6c249..844b515ab 100644 --- a/apps/infra/internal/domain/byok-clusters.go +++ b/apps/infra/internal/domain/byok-clusters.go @@ -67,6 +67,10 @@ func (d *domain) CreateBYOKCluster(ctx InfraContext, cluster entities.BYOKCluste cluster.GlobalVPN = DefaultGlobalVPNName } + if _, err := d.ensureGlobalVPN(ctx, cluster.GlobalVPN); err != nil { + return nil, errors.NewE(err) + } + ctoken, err := d.generateClusterToken(ctx, cluster.Name) if err != nil { return nil, errors.NewE(err) @@ -76,21 +80,12 @@ func (d *domain) CreateBYOKCluster(ctx InfraContext, cluster entities.BYOKCluste cluster.MessageQueueTopicName = common.GetTenantClusterMessagingTopic(ctx.AccountName, cluster.Name) - gvpn, err := d.ensureGlobalVPN(ctx, cluster.GlobalVPN) + gvpnConn, err := d.ensureGlobalVPNConnection(ctx, cluster.Name, cluster.GlobalVPN, cluster.ClusterPublicEndpoint) if err != nil { return nil, errors.NewE(err) } - clusterSvcCIDR, err := d.claimNextClusterSvcCIDR(ctx, cluster.Name, gvpn.Name) - if err != nil { - return nil, err - } - - if _, err := d.ensureGlobalVPNConnection(ctx, cluster.Name, clusterSvcCIDR, cluster.GlobalVPN, cluster.ClusterPublicEndpoint); err != nil { - return nil, errors.NewE(err) - } - - cluster.ClusterSvcCIDR = clusterSvcCIDR + cluster.ClusterSvcCIDR = gvpnConn.ClusterSvcCIDR existing, err := d.clusterRepo.FindOne(ctx, repos.Filter{ fields.MetadataName: cluster.Name, @@ -178,8 +173,8 @@ func (d *domain) GetBYOKClusterSetupInstructions(ctx InfraContext, name string) } return []string{ - fmt.Sprintf(`helm repo add kloudlite https://kloudlite.github.io/helm-charts`), - fmt.Sprintf(`helm repo update kloudlite`), + `helm repo add kloudlite https://kloudlite.github.io/helm-charts`, + `helm repo update kloudlite`, fmt.Sprintf(`helm upgrade --install kloudlite --namespace kloudlite --create-namespace kloudlite/kloudlite-agent --version %s --set accountName="%s" --set clusterName="%s" --set clusterToken="%s" --set messageOfficeGRPCAddr="%s" --set byok.enabled=true --set helmCharts.ingressNginx.enabled=true --set helmCharts.certManager.enabled=true`, d.env.KloudliteRelease, ctx.AccountName, name, cluster.ClusterToken, d.env.MessageOfficeExternalGrpcAddr), }, nil } @@ -203,29 +198,14 @@ func (d *domain) DeleteBYOKCluster(ctx InfraContext, name string) error { return errors.NewE(err) } - if err := d.byokClusterRepo.DeleteOne(ctx, entities.UniqueBYOKClusterFilter(ctx.AccountName, name)); err != nil { - return errors.NewE(err) - } - if cluster.GlobalVPN != "" { if err := d.deleteGlobalVPNConnection(ctx, cluster.Name, cluster.GlobalVPN); err != nil { return errors.NewE(err) } - if err := d.claimClusterSvcCIDRRepo.DeleteOne(ctx, repos.Filter{ - fc.ClaimClusterSvcCIDRClaimedByCluster: cluster.Name, - fc.AccountName: ctx.AccountName, - fc.ClaimClusterSvcCIDRGlobalVPNName: cluster.GlobalVPN, - }); err != nil { - return errors.NewE(err) - } + } - if _, err := d.freeClusterSvcCIDRRepo.Create(ctx, &entities.FreeClusterSvcCIDR{ - AccountName: ctx.AccountName, - GlobalVPNName: cluster.GlobalVPN, - ClusterSvcCIDR: cluster.ClusterSvcCIDR, - }); err != nil { - return errors.NewE(err) - } + if err := d.byokClusterRepo.DeleteOne(ctx, entities.UniqueBYOKClusterFilter(ctx.AccountName, name)); err != nil { + return errors.NewE(err) } return nil diff --git a/apps/infra/internal/domain/clusters.go b/apps/infra/internal/domain/clusters.go index 5aa38fc9f..9acf26203 100644 --- a/apps/infra/internal/domain/clusters.go +++ b/apps/infra/internal/domain/clusters.go @@ -138,8 +138,7 @@ func (d *domain) CreateCluster(ctx InfraContext, cluster entities.Cluster) (*ent cluster.GlobalVPN = fn.New(DefaultGlobalVPNName) } - gvpn, err := d.ensureGlobalVPN(ctx, *cluster.GlobalVPN) - if err != nil { + if _, err := d.ensureGlobalVPN(ctx, *cluster.GlobalVPN); err != nil { return nil, errors.NewE(err) } @@ -336,16 +335,12 @@ func (d *domain) CreateCluster(ctx InfraContext, cluster entities.Cluster) (*ent cluster.Spec.AccountName = ctx.AccountName cluster.SyncStatus = t.GenSyncStatus(t.SyncActionApply, 0) - clusterSvcCIDR, err := d.claimNextClusterSvcCIDR(ctx, cluster.Name, gvpn.Name) + gvpnConn, err := d.ensureGlobalVPNConnection(ctx, cluster.Name, *cluster.GlobalVPN, cluster.Spec.PublicDNSHost) if err != nil { - return nil, err - } - - if _, err := d.ensureGlobalVPNConnection(ctx, cluster.Name, clusterSvcCIDR, *cluster.GlobalVPN, cluster.Spec.PublicDNSHost); err != nil { return nil, errors.NewE(err) } - cluster.Spec.ClusterServiceCIDR = clusterSvcCIDR + cluster.Spec.ClusterServiceCIDR = gvpnConn.ClusterSvcCIDR if err := d.k8sClient.ValidateObject(ctx, &cluster.Cluster); err != nil { return nil, errors.NewE(err) @@ -409,6 +404,7 @@ func (d *domain) syncKloudliteDeviceOnCluster(ctx InfraContext, gvpnName string) Namespace: accNs, WgConfig: wgConfig, KubeReverseProxyImage: d.env.GlobalVPNKubeReverseProxyImage, + AuthzToken: d.env.GlobalVPNKubeReverseProxyAuthzToken, }) if err != nil { return err diff --git a/apps/infra/internal/domain/global-vpn-cluster-connection.go b/apps/infra/internal/domain/global-vpn-cluster-connection.go index db3441bc0..46392d446 100644 --- a/apps/infra/internal/domain/global-vpn-cluster-connection.go +++ b/apps/infra/internal/domain/global-vpn-cluster-connection.go @@ -25,7 +25,7 @@ const ( kloudliteGlobalVPNDeviceMethod = "kloudlite-global-vpn-device" ) -func (d *domain) getGlobalVPNConnectionPeers(vpns []*entities.GlobalVPNConnection) ([]wgv1.Peer, error) { +func (d *domain) getGlobalVPNConnectionPeers(ctx InfraContext, vpns []*entities.GlobalVPNConnection) ([]wgv1.Peer, error) { peers := make([]wgv1.Peer, 0, len(vpns)) for _, c := range vpns { if c.ParsedWgParams != nil { @@ -33,17 +33,27 @@ func (d *domain) getGlobalVPNConnectionPeers(vpns []*entities.GlobalVPNConnectio continue } - if c.ParsedWgParams.NodePort == nil { + // if c.ParsedWgParams.NodePort == nil { + // d.logger.Infof("nodeport not available for gvpn %s", c.Name) + // continue + // } + if c.ParsedWgParams.PublicGatewayPort == nil || c.ParsedWgParams.PublicGatewayHosts == nil { d.logger.Infof("nodeport not available for gvpn %s", c.Name) continue } + endpoint := fmt.Sprintf("%s:%s", c.ClusterPublicEndpoint, *c.ParsedWgParams.PublicGatewayPort) + if d.isBYOKCluster(ctx, c.ClusterName) { + endpoint = fmt.Sprintf("%s:%s", *c.ParsedWgParams.PublicGatewayHosts, *c.ParsedWgParams.PublicGatewayPort) + } + peers = append(peers, wgv1.Peer{ ClusterName: c.ClusterName, IP: c.ParsedWgParams.IP, PublicKey: c.ParsedWgParams.WgPublicKey, - Endpoint: fmt.Sprintf("%s:%s", c.ClusterPublicEndpoint, *c.ParsedWgParams.NodePort), - AllowedIPs: []string{c.ClusterSvcCIDR}, + // Endpoint: fmt.Sprintf("%s:%s", c.ClusterPublicEndpoint, *c.ParsedWgParams.NodePort), + Endpoint: endpoint, + AllowedIPs: []string{c.ClusterSvcCIDR}, }) } } @@ -66,7 +76,7 @@ func (d *domain) reconGlobalVPNConnections(ctx InfraContext, vpnName string) err return errors.NewE(err) } - peers, err := d.getGlobalVPNConnectionPeers(vpns) + peers, err := d.getGlobalVPNConnectionPeers(ctx, vpns) if err != nil { return err } @@ -181,6 +191,13 @@ func (d *domain) createGlobalVPNConnection(ctx InfraContext, gvpnConn entities.G gvpnConn.SyncStatus = t.GenSyncStatus(t.SyncActionApply, 0) + clusterSvcCIDR, err := d.claimNextClusterSvcCIDR(ctx, gvpnConn.ClusterName, gvpn.Name) + if err != nil { + return nil, err + } + + gvpnConn.ClusterSvcCIDR = clusterSvcCIDR + gvpnDevice, err := d.createGlobalVPNDevice(ctx, entities.GlobalVPNDevice{ ObjectMeta: metav1.ObjectMeta{ Name: fmt.Sprintf("cluster-gateway-%s", gvpnConn.ClusterName), @@ -211,26 +228,25 @@ func (d *domain) createGlobalVPNConnection(ctx InfraContext, gvpnConn entities.G } func (d *domain) deleteGlobalVPNConnection(ctx InfraContext, clusterName string, gvpnName string) error { - gvpnConn, err := d.gvpnConnRepo.FindOne(ctx, repos.Filter{ - fields.AccountName: ctx.AccountName, - fields.ClusterName: clusterName, - fields.MetadataName: gvpnName, - }) + gv, err := d.findGlobalVPNConnection(ctx, clusterName, gvpnName) if err != nil { - return errors.NewE(err) + if !errors.OfType[errors.ErrNotFound](err) { + return errors.NewE(err) + } } - if gvpnConn == nil { - return errors.Newf("no global vpn connection with name (%s) not found, for cluster (%s)", gvpnName, clusterName) + + if err := d.deleteGlobalVPNDevice(ctx, gvpnName, gv.DeviceRef.Name); err != nil { + return errors.NewE(err) } - if err := d.deleteGlobalVPNDevice(ctx, gvpnName, gvpnConn.DeviceRef.Name); err != nil { + if err := d.gvpnConnRepo.DeleteById(ctx, gv.Id); err != nil { return errors.NewE(err) } return nil } -func (d *domain) ensureGlobalVPNConnection(ctx InfraContext, clusterName string, clusterSvcCIDR string, groupName string, clusterPublicEndpoint string) (*entities.GlobalVPNConnection, error) { +func (d *domain) ensureGlobalVPNConnection(ctx InfraContext, clusterName string, groupName string, clusterPublicEndpoint string) (*entities.GlobalVPNConnection, error) { gvpn, err := d.gvpnConnRepo.FindOne(ctx, repos.Filter{ fields.AccountName: ctx.AccountName, fields.ClusterName: clusterName, @@ -269,7 +285,6 @@ func (d *domain) ensureGlobalVPNConnection(ctx InfraContext, clusterName string, AccountName: ctx.AccountName, ClusterName: clusterName, ClusterPublicEndpoint: clusterPublicEndpoint, - ClusterSvcCIDR: clusterSvcCIDR, ParsedWgParams: nil, }) } @@ -326,7 +341,7 @@ func (d *domain) OnGlobalVPNConnectionDeleteMessage(ctx InfraContext, clusterNam return errors.NewE(err) } - if currRecord.DeviceRef.Name != "" { + if currRecord != nil && currRecord.DeviceRef.Name != "" { if err := d.deleteGlobalVPNDevice(ctx, currRecord.GlobalVPNName, currRecord.DeviceRef.Name); err != nil { return errors.NewE(err) } diff --git a/apps/infra/internal/domain/global-vpn-devices.go b/apps/infra/internal/domain/global-vpn-devices.go index 2a555faaf..c490c543e 100644 --- a/apps/infra/internal/domain/global-vpn-devices.go +++ b/apps/infra/internal/domain/global-vpn-devices.go @@ -81,6 +81,9 @@ func (d *domain) UpdateGlobalVPNDevice(ctx InfraContext, device entities.GlobalV func (d *domain) deleteGlobalVPNDevice(ctx InfraContext, gvpn string, deviceName string) error { device, err := d.findGlobalVPNDevice(ctx, gvpn, deviceName) if err != nil { + if errors.OfType[errors.ErrNotFound](err) { + return nil + } return err } @@ -234,7 +237,7 @@ func (d *domain) getGlobalVPNDeviceWgConfig(ctx InfraContext, gvpn string, gvpnD return "", err } - gvpnConnPeers, err := d.getGlobalVPNConnectionPeers(gvpnConns) + gvpnConnPeers, err := d.getGlobalVPNConnectionPeers(ctx, gvpnConns) if err != nil { return "", err } @@ -304,7 +307,7 @@ func (d *domain) findGlobalVPNDevice(ctx InfraContext, gvpn string, gvpnDevice s } if device == nil { - return nil, errors.Newf("no global vpn device (name=%s) found", gvpnDevice) + return nil, errors.ErrNotFound{Message: fmt.Sprintf("no global vpn device with name=%s", gvpnDevice)} } return device, nil } diff --git a/apps/infra/internal/domain/templates/global-vpn-kloudlite-device.yml.tpl b/apps/infra/internal/domain/templates/global-vpn-kloudlite-device.yml.tpl index 8a6683beb..e0b48d281 100644 --- a/apps/infra/internal/domain/templates/global-vpn-kloudlite-device.yml.tpl +++ b/apps/infra/internal/domain/templates/global-vpn-kloudlite-device.yml.tpl @@ -40,71 +40,42 @@ spec: "secret-ref": "{{.WgConfig | b64enc | sha256sum}}" spec: initContainers: - - name: init - image: busybox:1.32.0 - command: - - sh - - -c - - sysctl -w net.ipv4.ip_forward=1 && sysctl -w net.ipv4.conf.all.forwarding=1 - securityContext: - privileged: true - capabilities: - add: - - NET_ADMIN - - SYS_MODULE - - containers: - image: linuxserver/wireguard - imagePullPolicy: Always + imagePullPolicy: IfNotPresent name: wg - resources: - limits: - cpu: 80m - memory: 100Mi - requests: - cpu: 50m - memory: 75Mi + {{- /* resources: */}} + {{- /* limits: */}} + {{- /* cpu: 80m */}} + {{- /* memory: 100Mi */}} + {{- /* requests: */}} + {{- /* cpu: 50m */}} + {{- /* memory: 75Mi */}} securityContext: capabilities: add: - NET_ADMIN - - SYS_MODULE - privileged: true + {{- /* - SYS_MODULE */}} + {{- /* privileged: true */}} + command: + - wg-quick + - up + - wg0 volumeMounts: - mountPath: /config/wg_confs/wg0.conf name: wg-config subPath: wg0.conf terminationMessagePath: /dev/termination-log terminationMessagePolicy: File - - {{- /* - name: debug */}} - {{- /* image: ghcr.io/kloudlite/hub/socat:latest */}} - {{- /* imagePullPolicy: Always */}} - {{- /* resources: */}} - {{- /* limits: */}} - {{- /* cpu: 100m */}} - {{- /* memory: 100Mi */}} - {{- /* requests: */}} - {{- /* cpu: 100m */}} - {{- /* memory: 100Mi - {{- /* command: */}} - {{- /* - sh */}} - {{- /* - -c */}} - {{- /* - |+ */}} - {{- /* (socat -dd tcp4-listen:8080,fork,reuseaddr tcp4:kubectl-proxy.{{.Namespace}}.svc.example-test.local:8080 2>&1 | grep -iE --line-buffered 'listening|exiting') & */}} - {{- /* pid=$! */}} - {{- /**/}} - {{- /* trap "kill -9 $pid" EXIT SIGINT SIGTERM */}} - {{- /* wait $pid */}} - + containers: - name: kube-reverse-proxy image: {{.KubeReverseProxyImage}} args: - --addr - ":8080" - --proxy-addr - # this %s will be replaced with real cluster name by reverse proxy - {{ printf "kubectl-proxy.kloudlite.svc.{{.CLUSTER_NAME}}.local:8080" }} + - "--authz" + - {{.AuthzToken}} imagePullPolicy: "IfNotPresent" resources: limits: diff --git a/apps/infra/internal/domain/templates/types.go b/apps/infra/internal/domain/templates/types.go index 0a14d320a..9915ec6af 100644 --- a/apps/infra/internal/domain/templates/types.go +++ b/apps/infra/internal/domain/templates/types.go @@ -6,4 +6,5 @@ type GVPNKloudliteDeviceTemplateVars struct { WgConfig string KubeReverseProxyImage string + AuthzToken string } diff --git a/apps/infra/internal/entities/field-constants/generated_constants.go b/apps/infra/internal/entities/field-constants/generated_constants.go index 18c9ecb9e..a812c9d96 100644 --- a/apps/infra/internal/entities/field-constants/generated_constants.go +++ b/apps/infra/internal/entities/field-constants/generated_constants.go @@ -231,33 +231,34 @@ const ( // constant vars generated for struct GlobalVPNConnection const ( - GlobalVPNConnectionClusterPublicEndpoint = "clusterPublicEndpoint" - GlobalVPNConnectionClusterSvcCIDR = "clusterSvcCIDR" - GlobalVPNConnectionDeviceRef = "deviceRef" - GlobalVPNConnectionDeviceRefIpAddr = "deviceRef.ipAddr" - GlobalVPNConnectionDeviceRefName = "deviceRef.name" - GlobalVPNConnectionGlobalVPNName = "globalVPNName" - GlobalVPNConnectionParsedWgParams = "parsedWgParams" - GlobalVPNConnectionParsedWgParamsDnsServer = "parsedWgParams.dnsServer" - GlobalVPNConnectionParsedWgParamsIp = "parsedWgParams.ip" - GlobalVPNConnectionParsedWgParamsNodeport = "parsedWgParams.nodeport" - GlobalVPNConnectionParsedWgParamsVirtualCidr = "parsedWgParams.virtualCidr" - GlobalVPNConnectionParsedWgParamsWgPrivateKey = "parsedWgParams.wg_private_key" - GlobalVPNConnectionParsedWgParamsWgPublicKey = "parsedWgParams.wg_public_key" - GlobalVPNConnectionSpec = "spec" - GlobalVPNConnectionSpecAgentsResources = "spec.agentsResources" - GlobalVPNConnectionSpecAgentsResourcesClaims = "spec.agentsResources.claims" - GlobalVPNConnectionSpecAgentsResourcesLimits = "spec.agentsResources.limits" - GlobalVPNConnectionSpecAgentsResourcesRequests = "spec.agentsResources.requests" - GlobalVPNConnectionSpecGatewayResources = "spec.gatewayResources" - GlobalVPNConnectionSpecGatewayResourcesClaims = "spec.gatewayResources.claims" - GlobalVPNConnectionSpecGatewayResourcesLimits = "spec.gatewayResources.limits" - GlobalVPNConnectionSpecGatewayResourcesRequests = "spec.gatewayResources.requests" - GlobalVPNConnectionSpecPeers = "spec.peers" - GlobalVPNConnectionSpecWg = "spec.wg" - GlobalVPNConnectionSpecWgName = "spec.wg.name" - GlobalVPNConnectionSpecWgNamespace = "spec.wg.namespace" - GlobalVPNConnectionSpecWgInterface = "spec.wgInterface" + GlobalVPNConnectionClusterPublicEndpoint = "clusterPublicEndpoint" + GlobalVPNConnectionClusterSvcCIDR = "clusterSvcCIDR" + GlobalVPNConnectionDeviceRef = "deviceRef" + GlobalVPNConnectionDeviceRefIpAddr = "deviceRef.ipAddr" + GlobalVPNConnectionDeviceRefName = "deviceRef.name" + GlobalVPNConnectionGlobalVPNName = "globalVPNName" + GlobalVPNConnectionParsedWgParams = "parsedWgParams" + GlobalVPNConnectionParsedWgParamsDnsServer = "parsedWgParams.dnsServer" + GlobalVPNConnectionParsedWgParamsIp = "parsedWgParams.ip" + GlobalVPNConnectionParsedWgParamsPublicGatewayHosts = "parsedWgParams.publicGatewayHosts" + GlobalVPNConnectionParsedWgParamsPublicGatewayPort = "parsedWgParams.publicGatewayPort" + GlobalVPNConnectionParsedWgParamsVirtualCidr = "parsedWgParams.virtualCidr" + GlobalVPNConnectionParsedWgParamsWgPrivateKey = "parsedWgParams.wg_private_key" + GlobalVPNConnectionParsedWgParamsWgPublicKey = "parsedWgParams.wg_public_key" + GlobalVPNConnectionSpec = "spec" + GlobalVPNConnectionSpecAgentsResources = "spec.agentsResources" + GlobalVPNConnectionSpecAgentsResourcesClaims = "spec.agentsResources.claims" + GlobalVPNConnectionSpecAgentsResourcesLimits = "spec.agentsResources.limits" + GlobalVPNConnectionSpecAgentsResourcesRequests = "spec.agentsResources.requests" + GlobalVPNConnectionSpecGatewayResources = "spec.gatewayResources" + GlobalVPNConnectionSpecGatewayResourcesClaims = "spec.gatewayResources.claims" + GlobalVPNConnectionSpecGatewayResourcesLimits = "spec.gatewayResources.limits" + GlobalVPNConnectionSpecGatewayResourcesRequests = "spec.gatewayResources.requests" + GlobalVPNConnectionSpecPeers = "spec.peers" + GlobalVPNConnectionSpecWg = "spec.wg" + GlobalVPNConnectionSpecWgName = "spec.wg.name" + GlobalVPNConnectionSpecWgNamespace = "spec.wg.namespace" + GlobalVPNConnectionSpecWgInterface = "spec.wgInterface" ) // constant vars generated for struct GlobalVPNDevice diff --git a/apps/infra/internal/env/env.go b/apps/infra/internal/env/env.go index bc49f815e..20f5fdcc8 100644 --- a/apps/infra/internal/env/env.go +++ b/apps/infra/internal/env/env.go @@ -51,7 +51,8 @@ type Env struct { IsDev bool KubernetesApiProxy string `env:"KUBERNETES_API_PROXY"` - GlobalVPNKubeReverseProxyImage string `env:"GLOBAL_VPN_KUBE_REVERSE_PROXY_IMAGE" required:"true"` + GlobalVPNKubeReverseProxyImage string `env:"GLOBAL_VPN_KUBE_REVERSE_PROXY_IMAGE" required:"true"` + GlobalVPNKubeReverseProxyAuthzToken string `env:"GLOBAL_VPN_KUBE_REVERSE_PROXY_AUTHZ_TOKEN" required:"true"` } func LoadEnv() (*Env, error) { diff --git a/go.mod b/go.mod index 3435525e9..b74e94603 100644 --- a/go.mod +++ b/go.mod @@ -42,7 +42,7 @@ require ( require ( github.com/kloudlite/container-registry-authorizer v0.0.0-20231021122509-161dc30fde55 - github.com/kloudlite/operator v1.0.4-0.20240524130112-c32c133c28cc + github.com/kloudlite/operator v1.0.4-0.20240527133630-1d49143c0ba2 github.com/nats-io/nats.go v1.31.0 github.com/onsi/ginkgo/v2 v2.12.0 github.com/onsi/gomega v1.27.10 diff --git a/go.sum b/go.sum index 576244309..70b8d4ebf 100644 --- a/go.sum +++ b/go.sum @@ -163,6 +163,8 @@ github.com/kloudlite/container-registry-authorizer v0.0.0-20231021122509-161dc30 github.com/kloudlite/container-registry-authorizer v0.0.0-20231021122509-161dc30fde55/go.mod h1:GZj3wZmIw/qCciclRhgQTgmGiqe8wxoVzMXQjbOfnbc= github.com/kloudlite/operator v1.0.4-0.20240524130112-c32c133c28cc h1:/A6XGjylgXUyCPq0Yl7PlxOT62YOK46Lu7PHiRUwMqc= github.com/kloudlite/operator v1.0.4-0.20240524130112-c32c133c28cc/go.mod h1:sz3ByFoE3ngJC+ai+BZLP5GAfoeLmgkyBLMEcWv7WcI= +github.com/kloudlite/operator v1.0.4-0.20240527133630-1d49143c0ba2 h1:RimxlSiX2vlXbeTQc12ACQCvGE1Ez2wXUbSZqltC8q0= +github.com/kloudlite/operator v1.0.4-0.20240527133630-1d49143c0ba2/go.mod h1:sz3ByFoE3ngJC+ai+BZLP5GAfoeLmgkyBLMEcWv7WcI= github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= diff --git a/pkg/errors/types.go b/pkg/errors/types.go new file mode 100644 index 000000000..2184eab58 --- /dev/null +++ b/pkg/errors/types.go @@ -0,0 +1,22 @@ +package errors + +import ( + "github.com/pkg/errors" +) + +type ErrNotFound struct { + Message string + error +} + +func (err ErrNotFound) Error() string { + if err.Message != "" { + return err.Message + } + return "not found" +} + +func OfType[T error](err error) bool { + var er T + return errors.As(err, &er) +}