From cbc324d0319a3804ef26782f9e95d1a79ec71297 Mon Sep 17 00:00:00 2001 From: Erik Kristensen Date: Thu, 30 Nov 2023 16:52:26 -0700 Subject: [PATCH] initial commit of fides controller codebase and branding :sunrise: --- .github/workflows/docs.yml | 60 --------- .github/workflows/release.yml | 2 +- .goreleaser.yml | 30 ++--- Dockerfile | 14 +- Makefile | 8 -- README.md | 90 ++----------- cosign.pub | 4 +- docs/index.md | 72 ---------- go.mod | 42 +++++- go.sum | 148 +++++++++++++++++++-- main.go | 4 +- mkdocs.yml | 35 ----- pkg/apiserver/handlers.go | 19 --- pkg/apiserver/server.go | 60 --------- pkg/commands/apiserver/apiserver.go | 34 ----- pkg/commands/controllers/controllers.go | 86 ++++++++++++ pkg/commands/example/example.go | 25 ---- pkg/commands/global/global.go | 68 ++++++++++ pkg/common/version.go | 6 +- pkg/controller/controller.go | 169 ++++++++++++++++++++++++ pkg/types/types.go | 49 +++++++ 21 files changed, 583 insertions(+), 442 deletions(-) delete mode 100644 .github/workflows/docs.yml delete mode 100644 Makefile delete mode 100644 docs/index.md delete mode 100644 mkdocs.yml delete mode 100644 pkg/apiserver/handlers.go delete mode 100644 pkg/apiserver/server.go delete mode 100644 pkg/commands/apiserver/apiserver.go create mode 100644 pkg/commands/controllers/controllers.go delete mode 100644 pkg/commands/example/example.go create mode 100644 pkg/commands/global/global.go create mode 100644 pkg/controller/controller.go create mode 100644 pkg/types/types.go diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml deleted file mode 100644 index 9a16bd2..0000000 --- a/.github/workflows/docs.yml +++ /dev/null @@ -1,60 +0,0 @@ -name: docs - -on: - workflow_dispatch: - push: - branches: - - main - paths: - - docs/** - -# Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages -permissions: - contents: read - pages: write - id-token: write - -# Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued. -# However, do NOT cancel in-progress runs as we want to allow these production deployments to complete. -concurrency: - group: "pages" - cancel-in-progress: false - -jobs: - deploy: - runs-on: ubuntu-latest - environment: - name: github-pages - url: ${{ steps.deployment.outputs.page_url }} - steps: - - uses: actions/checkout@v3 - - name: setup pages - uses: actions/configure-pages@v3 - - name: setup python - uses: actions/setup-python@v4 - with: - python-version: 3.x - - name: setup cache - run: | - echo "cache_id=$(date --utc '+%V')" >> $GITHUB_ENV - - name: handle cache - uses: actions/cache@v3 - with: - key: mkdocs-material-${{ env.cache_id }} - path: .cache - restore-keys: | - mkdocs-material- - - name: install mkdocs material - run: | - pip install mkdocs-material - - name: run mkdocs material - run: | - mkdocs build - - name: upload artifact - uses: actions/upload-pages-artifact@v1 - with: - # Upload entire repository - path: public/ - - name: deploy to GitHub Pages - id: deployment - uses: actions/deploy-pages@v2 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ddb4156..aac8580 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -76,7 +76,7 @@ jobs: - name: push docker images (for branches) if: github.ref == 'refs/heads/main' || github.event.pull_request.base.ref == 'main' run: | - docker images --format "{{.Repository}}:{{.Tag}}" | grep "ekristen/go-project-template" | xargs -L1 docker push + docker images --format "{{.Repository}}:{{.Tag}}" | grep "ekristen/fides-controller" | xargs -L1 docker push - name: upload artifacts if: github.event.pull_request.base.ref == 'main' uses: actions/upload-artifact@v3 diff --git a/.goreleaser.yml b/.goreleaser.yml index e14de12..811b81e 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -1,10 +1,10 @@ release: github: owner: ekristen - name: go-project-template + name: fides prerelease: auto builds: - - id: go-project-template + - id: fides goos: - linux - darwin @@ -19,24 +19,24 @@ builds: - -X '{{ .ModulePath }}/pkg/common.VERSION={{ .Tag }}' - -X '{{ .ModulePath }}/pkg/common.COMMIT={{ .Commit }}' archives: - - id: go-project-template + - id: fides builds: - - go-project-template + - fides name_template: "{{ .ProjectName }}-v{{ .Version }}-{{ .Os }}-{{ .Arch }}{{ .Arm }}" format_overrides: - goos: windows format: zip dockers: - - id: go-project-template + - id: fides ids: - - go-project-template + - fides use: buildx goos: linux goarch: amd64 dockerfile: Dockerfile image_templates: - - ghcr.io/ekristen/go-project-template:v{{ .Version }} - - ghcr.io/ekristen/go-project-template:{{ replace .Branch "/" "-" }}-{{ .ShortCommit }}-{{ .Timestamp }} + - ghcr.io/ekristen/fides:v{{ .Version }} + - ghcr.io/ekristen/fides:{{ replace .Branch "/" "-" }}-{{ .ShortCommit }}-{{ .Timestamp }} build_flag_templates: - "--target=goreleaser" - "--pull" @@ -51,23 +51,11 @@ signs: stdin: "{{ .Env.COSIGN_PASSWORD }}" args: ["sign-blob", "--yes", "--tlog-upload=false", "--key=cosign.key", "--output-signature=${signature}", "${artifact}"] artifacts: all - #- ids: - # - template - # cmd: cosign - # signature: "${artifact}.sig" - # certificate: "${artifact}.pem" - # args: ["sign-blob", "--yes", "--oidc-issuer=https://token.actions.githubusercontent.com", "--output-certificate=${certificate}", "--output-signature=${signature}", "${artifact}"] - # artifacts: all docker_signs: - ids: # Sign With Password - - go-project-template + - fides artifacts: all stdin: "{{ .Env.COSIGN_PASSWORD }}" - #- ids: - # - template - # artifacts: all - # cmd: cosign - # args: ["sign", "--yes", "--oidc-issuer=https://token.actions.githubusercontent.com", "--output-certificate=${certificate}", "--output-signature=${signature}", "${artifact}"] checksum: name_template: "checksums.txt" snapshot: diff --git a/Dockerfile b/Dockerfile index 1501f40..debf449 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,7 +2,7 @@ FROM debian:bullseye-slim as base RUN apt-get update && apt-get install -y ca-certificates && rm -rf /var/lib/apt/lists/* -RUN useradd -r -u 999 -d /home/go-project-template go-project-template +RUN useradd -r -u 999 -d /home/fides fides FROM ghcr.io/acorn-io/images-mirror/golang:1.21 AS build COPY / /src @@ -10,12 +10,14 @@ WORKDIR /src RUN \ --mount=type=cache,target=/go/pkg \ --mount=type=cache,target=/root/.cache/go-build \ - go build -o bin/go-project-template main.go + go build -o bin/fides main.go FROM base AS goreleaser -COPY go-project-template /usr/local/bin/go-project-template -USER go-project-template +COPY fides /usr/local/bin/fides +USER fides FROM base -COPY --from=build /src/bin/go-project-template /usr/local/bin/go-project-template -USER go-project-template \ No newline at end of file +ENTRYPOINT ["/usr/local/bin/fides"] +CMD ["controller"] +COPY --from=build /src/bin/fides /usr/local/bin/fides +USER fides \ No newline at end of file diff --git a/Makefile b/Makefile deleted file mode 100644 index 2d28495..0000000 --- a/Makefile +++ /dev/null @@ -1,8 +0,0 @@ -docs-build: - docker run --rm -it -p 8000:8000 -v ${PWD}:/docs squidfunk/mkdocs-material build - -docs-serve: - docker run --rm -it -p 8000:8000 -v ${PWD}:/docs squidfunk/mkdocs-material - -docs-seed: - cp README.md docs/index.md \ No newline at end of file diff --git a/README.md b/README.md index 32401dc..633dc7a 100644 --- a/README.md +++ b/README.md @@ -1,86 +1,18 @@ -# Go Project Template +# Fides -This is an opinionated go project template to use as a starting point for new projects. +Fides is the Greek Goddess of Trust. -## Features +[Check out Fides on the web](https://fides.ekristen.dev) -- Builds with [GoReleaser](https://goreleaser.com) - - Automated with GitHub Actions - - Signed with Cosign (providing you generate a private key) -- Linting with [golangci-lint](https://golangci-lint.run/) - - Automated with GitHub Actions -- Builds with Docker - - While designed to use goreleaser, you can still just run `docker build` -- Opinionated Layout - - Never use `internal/` folder - - Everything is under `pkg/` folder -- Automatic Dependency Management with [Renovate](https://github.com/renovatebot/renovate) -- Automatic Releases with [Release Drafter](https://github.com/release-drafter/release-drafter) -- Documentation with Material for MkDocs -- API Server Example - - Uses Gorilla Mux (yes it's been archived, still the best option) -- Stubbed out Go Tests - - They are not comprehensive +## Overview -### Opinionated Decisions +Fides is currently a SaaS solution that provides a simple way to make unmanaged and non-public kubernetes +clusters more useful with AWS and potentially other cloud providers. -- Uses `init` functions for registering commands globally. - - This allows for multiple `main` package files to be written and include different commands. - - Allows the command code to remain isolated from each other and a simple import to include the command. +It's initial focus is on making it easy to expose the Service Account OIDC information from a cluster non-managed or +even a private non-public cluster. This allows you to use the Service Account Tokens to authenticate to AWS roles. -## Building +This code repository serves as the bug tracker for the Fides project. Fides is currently in Alpha as a SaaS project. +What code is and can be open sourced is here. The rest is in a private repository, if it makes sense to open source +more I will. -The following will build binaries in snapshot order. - -```console -goreleaser --clean --snapshot -``` - -## Configure - -1. Rename Repository -2. Generate Cosign Keys -3. Update `.goreleaser.yml`, search/replace go-project-template with new project name, adjust GitHub owner -4. Update `main.go`, -5. Update `go.mod`, rename go project (using IDE is best so renames happen across all files) - -### Signing - -1. Create a password - - Recommend exporting in environment as `COSIGN_PASSWORD` using something like [direnv](http://direnv.net) -2. Generate cosign keys `cosign generate-key-pair` -3. Create GitHub Action Secrets - - `COSIGN_KEY` -> populate with cosign.key value - - `COSIGN_PASSWORD` -> populate with password from step 1 - -### Releases - -In order for Release Drafter and GoReleaser to work properly you have to create a PAT to run Release Drafter -so it's actions against the repository can trigger other workflows. Unfortunately there is no way to trigger -a workflow from a workflow if both are run by the automatically generated GitHub Actions secret. - -1. Create PAT that has write contents permissions to the repository -2. Create GitHub Action Secret - - `RELEASE_DRAFTER_SECRET` -> populated with PAT from step 1 -3. Done - -## Documentation - -The project is built to have the documentation right alongside the code in the `docs/` directory leveraging Mkdocs Material. - -In the root of the project exists mkdocs.yml which drives the configuration for the documentation. - -This README.md is currently copied to `docs/index.md` and the documentation is automatically published to the GitHub -pages location for this repository using a GitHub Action workflow. It does not use the `gh-pages` branch. - -### Running Locally - -```console -make docs-serve -``` - -OR (if you have docker) - -```console -docker run --rm -it -p 8000:8000 -v ${PWD}:/docs squidfunk/mkdocs-material -``` diff --git a/cosign.pub b/cosign.pub index 2ad2ce6..b2fae64 100644 --- a/cosign.pub +++ b/cosign.pub @@ -1,4 +1,4 @@ -----BEGIN PUBLIC KEY----- -MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAESLcBYyo9DKPEq23UYkXOG7RRqhwn -/boYGgxL7bRUwLSd7tTTimzNrU9RwQNvaCEhPZDSk7cXLuxvbvOUIyVCyQ== +MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAENkS9PGp5A7DqPQ6podoUozG9KtwC +WxUFXtKE9JVKo/8Rqs4i6ekhhaYiJs4pHJ7PEj2WLSIAjr4yZLkLNgH/rw== -----END PUBLIC KEY----- diff --git a/docs/index.md b/docs/index.md deleted file mode 100644 index 8603f4b..0000000 --- a/docs/index.md +++ /dev/null @@ -1,72 +0,0 @@ -# Go Project Template - -This is an opinionated go project template to use as a starting point for new projects. - -## Features - -- Builds with [GoReleaser](https://goreleaser.com) - - Automated with GitHub Actions - - Signed with Cosign (providing you generate a private key) -- Builds with Docker - - While designed to use goreleaser, you can still just run `docker build` -- Opinionated Layout - - Never use `internal/` folder - - Everything is under `pkg/` folder -- Automatic Dependency Management with [Renovate](https://github.com/renovatebot/renovate) -- Automatic Releases with [Release Drafter](https://github.com/release-drafter/release-drafter) -- Documentation with Material for MkDocs -- API Server Example - - Uses Gorilla Mux (yes it's been archived, still the best option) -- Stubbed out Go Tests - - They are not comprehensive - -## Building - -The following will build binaries in snapshot order. - -```console -goreleaser --clean --snapshot -``` - -## Configure - -1. Rename Repository -2. Generate Cosign Keys -3. Update `.goreleaser.yml` -4. Update `main.go` - -### Signing - -1. Create a password - - Recommend exporting in environment as `COSIGN_PASSWORD` -2. Generate cosign keys -3. Create GitHub Action Secrets - - `COSIGN_KEY` -> populate with cosign.key value - - `COSIGN_PASSWORD` -> populate with password from step 1 - -#### Generate Keypair - -```console -cosign generate-key-pair -``` - -## Documentation - -The project is built to have the documentation right alongside the code in the `docs/` directory leveraging Mkdocs Material. - -In the root of the project exists mkdocs.yml which drives the configuration for the documentation. - -This README.md is currently copied to `docs/index.md` and the documentation is automatically published to the GitHub -pages location for this repository using a GitHub Action workflow. It does not use the `gh-pages` branch. - -### Running Locally - -```console -make docs-serve -``` - -OR (if you have docker) - -```console -docker run --rm -it -p 8000:8000 -v ${PWD}:/docs squidfunk/mkdocs-material -``` \ No newline at end of file diff --git a/go.mod b/go.mod index 75b65ef..b97e5b1 100644 --- a/go.mod +++ b/go.mod @@ -1,21 +1,57 @@ -module github.com/ekristen/go-project-template +module github.com/ekristen/fides go 1.19 require ( - github.com/gorilla/mux v1.8.1 github.com/rancher/wrangler v1.1.1 github.com/sirupsen/logrus v1.9.3 github.com/stretchr/testify v1.8.4 github.com/urfave/cli/v2 v2.25.7 + k8s.io/apimachinery v0.28.4 + k8s.io/client-go v0.28.4 ) require ( github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect github.com/davecgh/go-spew v1.1.1 // indirect + github.com/emicklei/go-restful/v3 v3.9.0 // indirect + github.com/go-logr/logr v1.2.4 // indirect + github.com/go-openapi/jsonpointer v0.19.6 // indirect + github.com/go-openapi/jsonreference v0.20.2 // indirect + github.com/go-openapi/swag v0.22.3 // indirect + github.com/gogo/protobuf v1.3.2 // indirect + github.com/golang/protobuf v1.5.3 // indirect + github.com/google/gnostic-models v0.6.8 // indirect + github.com/google/go-cmp v0.5.9 // indirect + github.com/google/gofuzz v1.2.0 // indirect + github.com/google/uuid v1.3.0 // indirect + github.com/imdario/mergo v0.3.12 // indirect + github.com/josharian/intern v1.0.0 // indirect + github.com/json-iterator/go v1.1.12 // indirect + github.com/mailru/easyjson v0.7.7 // indirect + github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect + github.com/modern-go/reflect2 v1.0.2 // indirect + github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect + github.com/spf13/pflag v1.0.5 // indirect github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect - golang.org/x/sys v0.5.0 // indirect + golang.org/x/net v0.17.0 // indirect + golang.org/x/oauth2 v0.8.0 // indirect + golang.org/x/sys v0.13.0 // indirect + golang.org/x/term v0.13.0 // indirect + golang.org/x/text v0.13.0 // indirect + golang.org/x/time v0.3.0 // indirect + google.golang.org/appengine v1.6.7 // indirect + google.golang.org/protobuf v1.31.0 // indirect + gopkg.in/inf.v0 v0.9.1 // indirect + gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect + k8s.io/api v0.28.4 // indirect + k8s.io/klog/v2 v2.100.1 // indirect + k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 // indirect + k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 // indirect + sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect + sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect + sigs.k8s.io/yaml v1.3.0 // indirect ) diff --git a/go.sum b/go.sum index e30b5dd..23ff4c3 100644 --- a/go.sum +++ b/go.sum @@ -1,43 +1,167 @@ github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI= -github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= -github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY= -github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ= +github.com/emicklei/go-restful/v3 v3.9.0 h1:XwGDlfxEnQZzuopoqxwSEllNcCOM9DhhFyhFIIGKwxE= +github.com/emicklei/go-restful/v3 v3.9.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84= +github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= +github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= +github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE= +github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs= +github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE= +github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= +github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= +github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= +github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= +github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= +github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= +github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= +github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= +github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= +github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg= +github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= +github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= +github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= +github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= +github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= +github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= +github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec= +github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= +github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU= +github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= +github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= +github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= +github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= +github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= +github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= +github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= +github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= +github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= +github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= +github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= +github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= +github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= +github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= +github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= +github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= +github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= +github.com/onsi/ginkgo/v2 v2.9.4 h1:xR7vG4IXt5RWx6FfIjyAtsoMAtnc3C/rFXBBd2AjZwE= +github.com/onsi/gomega v1.27.6 h1:ENqfyGeS5AX/rlXDd/ETokDz93u0YufY1Pgxuy/PvWE= +github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/rancher/wrangler v1.1.1 h1:wmqUwqc2M7ADfXnBCJTFkTB5ZREWpD78rnZMzmxwMvM= github.com/rancher/wrangler v1.1.1/go.mod h1:ioVbKupzcBOdzsl55MvEDN0R1wdGggj8iNCYGFI5JvM= +github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= +github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= +github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -github.com/urfave/cli/v2 v2.25.5 h1:d0NIAyhh5shGscroL7ek/Ya9QYQE0KNabJgiUinIQkc= -github.com/urfave/cli/v2 v2.25.5/go.mod h1:GHupkWPMM0M/sj1a2b4wUrWBPzazNrIjouW6fmdJLxc= -github.com/urfave/cli/v2 v2.25.6 h1:yuSkgDSZfH3L1CjF2/5fNNg2KbM47pY2EvjBq4ESQnU= -github.com/urfave/cli/v2 v2.25.6/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ= github.com/urfave/cli/v2 v2.25.7 h1:VAzn5oq403l5pHjc4OhD54+XGO9cdKVL/7lDjF+iKUs= github.com/urfave/cli/v2 v2.25.7/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ= github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 h1:bAn7/zixMGCfxrRTfdpNzjtPYqr8smhKouy9mxVdGPU= github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8= +github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= +golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= +golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= +golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= +golang.org/x/oauth2 v0.8.0 h1:6dkIjl3j3LtZ/O3sTgZTMsLKSftL/B8Zgq4huOIIUu8= +golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE= +golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= +golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= +golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= +golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= +golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= +golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.8.0 h1:vSDcovVPld282ceKgDimkRSC8kpaH1dgyc9UMzlt84Y= +golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= +google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= +google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= +google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= +google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= +google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= +gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= +gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= +gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= +gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +k8s.io/api v0.28.4 h1:8ZBrLjwosLl/NYgv1P7EQLqoO8MGQApnbgH8tu3BMzY= +k8s.io/api v0.28.4/go.mod h1:axWTGrY88s/5YE+JSt4uUi6NMM+gur1en2REMR7IRj0= +k8s.io/apimachinery v0.28.4 h1:zOSJe1mc+GxuMnFzD4Z/U1wst50X28ZNsn5bhgIIao8= +k8s.io/apimachinery v0.28.4/go.mod h1:wI37ncBvfAoswfq626yPTe6Bz1c22L7uaJ8dho83mgg= +k8s.io/client-go v0.28.4 h1:Np5ocjlZcTrkyRJ3+T3PkXDpe4UpatQxj85+xjaD2wY= +k8s.io/client-go v0.28.4/go.mod h1:0VDZFpgoZfelyP5Wqu0/r/TRYcLYuJ2U1KEeoaPa1N4= +k8s.io/klog/v2 v2.100.1 h1:7WCHKK6K8fNhTqfBhISHQ97KrnJNFZMcQvKp7gP/tmg= +k8s.io/klog/v2 v2.100.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= +k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 h1:LyMgNKD2P8Wn1iAwQU5OhxCKlKJy0sHc+PcDwFB24dQ= +k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9/go.mod h1:wZK2AVp1uHCp4VamDVgBP2COHZjqD1T68Rf0CM3YjSM= +k8s.io/utils v0.0.0-20230406110748-d93618cff8a2 h1:qY1Ad8PODbnymg2pRbkyMT/ylpTrCM8P2RJ0yroCyIk= +k8s.io/utils v0.0.0-20230406110748-d93618cff8a2/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= +sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= +sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= +sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= +sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo= +sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8= diff --git a/main.go b/main.go index 1aafa87..69ab4e5 100644 --- a/main.go +++ b/main.go @@ -8,7 +8,7 @@ import ( "github.com/sirupsen/logrus" "github.com/urfave/cli/v2" - "github.com/ekristen/go-project-template/pkg/common" + "github.com/ekristen/fides/pkg/common" ) func main() { @@ -29,7 +29,7 @@ func main() { app.Authors = []*cli.Author{ { Name: "Erik Kristensen", - Email: "erik@erikkristensen", + Email: "erik@ekristen.dev", }, } diff --git a/mkdocs.yml b/mkdocs.yml deleted file mode 100644 index 3f0e871..0000000 --- a/mkdocs.yml +++ /dev/null @@ -1,35 +0,0 @@ -site_name: Go Project Template -site_url: https://ekristen.github.io/go-project-template -repo_name: ekristen/go-project-template -repo_url: https://github.com/ekristen/go-project-template -edit_uri: "" - -site_dir: public - -# Configuration -theme: - name: material - language: en - palette: - primary: blue - accent: indigo - features: - - navigation.sections - -# Plugins -plugins: - - search - -# Extensions -markdown_extensions: - - admonition - - pymdownx.highlight - - pymdownx.superfences - - pymdownx.tabbed: - alternate_style: true - - toc: - permalink: true - -# Page tree -nav: - - Home: index.md diff --git a/pkg/apiserver/handlers.go b/pkg/apiserver/handlers.go deleted file mode 100644 index e185ff5..0000000 --- a/pkg/apiserver/handlers.go +++ /dev/null @@ -1,19 +0,0 @@ -package apiserver - -import ( - "fmt" - "net/http" - - "github.com/sirupsen/logrus" - - "github.com/ekristen/go-project-template/pkg/common" -) - -func RootHandler(w http.ResponseWriter, r *http.Request) { - data := fmt.Sprintf(`{"name":%q,"version":%q}`, common.AppVersion.Name, common.AppVersion.Summary) - - w.WriteHeader(200) - if _, err := w.Write([]byte(data)); err != nil { - logrus.WithError(err).Warn("unable to write to response") - } -} diff --git a/pkg/apiserver/server.go b/pkg/apiserver/server.go deleted file mode 100644 index bab8e1f..0000000 --- a/pkg/apiserver/server.go +++ /dev/null @@ -1,60 +0,0 @@ -package apiserver - -import ( - "context" - "fmt" - "net/http" - "time" - - "github.com/gorilla/mux" - "github.com/sirupsen/logrus" -) - -type Options struct { - Port int - - Log *logrus.Entry -} - -func RunServer(ctx context.Context, opts *Options) error { - if opts.Log == nil { - opts.Log = logrus.WithField("component", "api-server") - } else { - opts.Log = opts.Log.WithField("component", "api-server") - } - - router := mux.NewRouter().StrictSlash(true) - router.Path("/").HandlerFunc(RootHandler) - - // Below this point is where the server is started and graceful shutdown occurs. - - srv := &http.Server{ - Addr: fmt.Sprintf(":%d", opts.Port), - Handler: router, - ReadTimeout: 1 * time.Second, - WriteTimeout: 1 * time.Second, - IdleTimeout: 30 * time.Second, - ReadHeaderTimeout: 2 * time.Second, - } - - go func() { - if err := srv.ListenAndServe(); err != nil && err != http.ErrServerClosed { - opts.Log.Fatalf("listen: %s\n", err) - } - }() - opts.Log.WithField("port", opts.Port).Info("starting api server") - - <-ctx.Done() - - opts.Log.Info("shutting down api server") - - ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second) - defer cancel() - - if err := srv.Shutdown(ctx); err != nil { - opts.Log.WithError(err).Error("unable to shutdown the api server gracefully") - return err - } - - return nil -} diff --git a/pkg/commands/apiserver/apiserver.go b/pkg/commands/apiserver/apiserver.go deleted file mode 100644 index 627136d..0000000 --- a/pkg/commands/apiserver/apiserver.go +++ /dev/null @@ -1,34 +0,0 @@ -package apiserver - -import ( - "github.com/ekristen/go-project-template/pkg/apiserver" - "github.com/ekristen/go-project-template/pkg/common" - "github.com/urfave/cli/v2" -) - -func Execute(c *cli.Context) error { - return apiserver.RunServer(c.Context, &apiserver.Options{ - Port: c.Int("port"), - }) -} - -func init() { - flags := []cli.Flag{ - &cli.IntFlag{ - Name: "port", - Aliases: []string{"p"}, - Value: 4242, - }, - } - - cmd := &cli.Command{ - Name: "api-server", - Usage: "api-server", - Description: "api-server", - Before: common.Before, - Flags: append(common.Flags(), flags...), - Action: Execute, - } - - common.RegisterCommand(cmd) -} diff --git a/pkg/commands/controllers/controllers.go b/pkg/commands/controllers/controllers.go new file mode 100644 index 0000000..0f46103 --- /dev/null +++ b/pkg/commands/controllers/controllers.go @@ -0,0 +1,86 @@ +package controllers + +import ( + "fmt" + "github.com/ekristen/fides/pkg/commands/global" + "github.com/ekristen/fides/pkg/common" + "github.com/ekristen/fides/pkg/controller" + "github.com/urfave/cli/v2" +) + +func Execute(c *cli.Context) error { + if !c.Bool("agree-tos") { + return fmt.Errorf("you must agree to the terms of service to use this, you can do this with --agree-tos") + } + + // TODO: check for cluster values + + cfg := oidc.Config{ + KubeConfigPath: c.String("kubeconfig"), + Namespace: c.String("namespace"), + Lockname: c.String("lockname"), + BaseURL: c.String("base-url"), + SecretName: c.String("secret-name"), + ClusterKey: c.String("cluster-key"), + ClusterName: c.String("cluster-name"), + ClusterID: c.String("cluster-id"), + } + + return oidc.NewController(c.Context, cfg) +} + +func init() { + flags := []cli.Flag{ + &cli.BoolFlag{ + Name: "agree-tos", + Usage: "Agree to the Terms of Service https://fides.ekristen.dev/terms, by using this option you agree.", + }, + &cli.StringFlag{ + Name: "namespace", + Usage: "namespace for fides", + Value: "fides-system", + }, + &cli.StringFlag{ + Name: "secret-name", + Usage: "custom name for the fides secret", + Value: "fides", + }, + &cli.StringFlag{ + Name: "metrics-port", + Value: "0.0.0.0:9997", + }, + &cli.StringFlag{ + Name: "lockname", + Value: "fides-controller", + Hidden: true, + }, + &cli.StringFlag{ + Name: "base-url", + Value: "https://fides.ekristen.dev", + Hidden: true, + }, + &cli.StringFlag{ + Name: "cluster-key", + EnvVars: []string{"FIDES_CLUSTER_KEY"}, + }, + &cli.StringFlag{ + Name: "cluster-name", + EnvVars: []string{"FIDES_CLUSTER_NAME"}, + }, + &cli.StringFlag{ + Name: "cluster-id", + EnvVars: []string{"FIDES_CLUSTER_ID"}, + }, + } + + cliCmd := &cli.Command{ + Name: "controller", + Aliases: []string{"controllers"}, + Usage: "launches the fides controller", + Flags: append(flags, global.Flags()...), + Before: global.Before, + Action: Execute, + } + + common.RegisterCommand(cliCmd) +} diff --git a/pkg/commands/example/example.go b/pkg/commands/example/example.go deleted file mode 100644 index 0c3df0e..0000000 --- a/pkg/commands/example/example.go +++ /dev/null @@ -1,25 +0,0 @@ -package example - -import ( - "github.com/ekristen/go-project-template/pkg/common" - "github.com/sirupsen/logrus" - "github.com/urfave/cli/v2" -) - -func Execute(c *cli.Context) error { - logrus.Info("example called") - return nil -} - -func init() { - cmd := &cli.Command{ - Name: "example", - Usage: "example", - Description: `example command for the go-project-template`, - Before: common.Before, - Flags: common.Flags(), - Action: Execute, - } - - common.RegisterCommand(cmd) -} diff --git a/pkg/commands/global/global.go b/pkg/commands/global/global.go new file mode 100644 index 0000000..7efb089 --- /dev/null +++ b/pkg/commands/global/global.go @@ -0,0 +1,68 @@ +package global + +import ( + "fmt" + "path" + "runtime" + + "github.com/sirupsen/logrus" + "github.com/urfave/cli/v2" +) + +func Flags() []cli.Flag { + globalFlags := []cli.Flag{ + &cli.StringFlag{ + Name: "log-level", + Usage: "Log Level", + Aliases: []string{"l"}, + EnvVars: []string{"LOGLEVEL"}, + Value: "info", + }, + &cli.BoolFlag{ + Name: "log-caller", + Usage: "log the caller (aka line number and file)", + }, + &cli.BoolFlag{ + Name: "log-disable-color", + Usage: "disable log coloring", + }, + &cli.BoolFlag{ + Name: "log-full-timestamp", + Usage: "force log output to always show full timestamp", + }, + } + + return globalFlags +} + +func Before(c *cli.Context) error { + formatter := &logrus.TextFormatter{ + DisableColors: c.Bool("log-disable-color"), + FullTimestamp: c.Bool("log-full-timestamp"), + } + + if c.Bool("log-caller") { + logrus.SetReportCaller(true) + + formatter.CallerPrettyfier = func(f *runtime.Frame) (string, string) { + return "", fmt.Sprintf("%s:%d", path.Base(f.File), f.Line) + } + } + + logrus.SetFormatter(formatter) + + switch c.String("log-level") { + case "trace": + logrus.SetLevel(logrus.TraceLevel) + case "debug": + logrus.SetLevel(logrus.DebugLevel) + case "info": + logrus.SetLevel(logrus.InfoLevel) + case "warn": + logrus.SetLevel(logrus.WarnLevel) + case "error": + logrus.SetLevel(logrus.ErrorLevel) + } + + return nil +} diff --git a/pkg/common/version.go b/pkg/common/version.go index cc3bcac..35ba7d0 100644 --- a/pkg/common/version.go +++ b/pkg/common/version.go @@ -1,16 +1,16 @@ package common // NAME of the App -var NAME = "go-project-template" +var NAME = "fides" // SUMMARY of the Version -var SUMMARY = "v1.0.0" +var SUMMARY = "v0.1.0" // BRANCH of the Version var BRANCH = "dev" // VERSION of Release -var VERSION = "1.0.0" +var VERSION = "0.1.0" var COMMIT = "dirty" diff --git a/pkg/controller/controller.go b/pkg/controller/controller.go new file mode 100644 index 0000000..51e8c75 --- /dev/null +++ b/pkg/controller/controller.go @@ -0,0 +1,169 @@ +package oidc + +import ( + "bytes" + "context" + "encoding/json" + "fmt" + "github.com/rancher/wrangler/pkg/kubeconfig" + "github.com/rancher/wrangler/pkg/leader" + "github.com/sirupsen/logrus" + "io" + "io/ioutil" + "k8s.io/apimachinery/pkg/apis/meta/v1" + apitypes "k8s.io/apimachinery/pkg/types" + "k8s.io/client-go/kubernetes" + "net/http" + "time" + + "github.com/ekristen/fides/pkg/types" +) + +type Config struct { + KubeConfigPath string + Namespace string + Lockname string + BaseURL string + SecretName string + ClusterKey string + ClusterName string + ClusterID string +} + +func NewController(ctx context.Context, config Config) error { + cfg, err := kubeconfig.GetNonInteractiveClientConfig(config.KubeConfigPath).ClientConfig() + if err != nil { + return err + } + + kube, err := kubernetes.NewForConfig(cfg) + if err != nil { + return err + } + + leader.RunOrDie(ctx, config.Namespace, config.Lockname, kube, func(ctx context.Context) { + logrus.Info("started sync daemon") + + go func() { + err := sync(ctx, kube, config) + if err != nil { + logrus.WithError(err).Fatal("unable to sync") + } + }() + + <-ctx.Done() + }) + + return nil +} + +func sync(ctx context.Context, kube *kubernetes.Clientset, config Config) error { + logrus.Info("sync called") + + ks, err := kube.CoreV1().Namespaces().Get(ctx, "kube-system", v1.GetOptions{}) + if err != nil { + return err + } + + firstTicker := time.NewTicker(1 * time.Second) + ticker := time.NewTicker(30 * time.Second) + for { + select { + case <-firstTicker.C: + if err := doSync(ctx, kube, config, ks.GetUID()); err != nil { + logrus.WithError(err).Error("unable to perform sync") + } + firstTicker.Stop() + case <-ticker.C: + if err := doSync(ctx, kube, config, ks.GetUID()); err != nil { + logrus.WithError(err).Error("unable to perform sync") + } + case <-ctx.Done(): + return nil + } + } +} + +func doSync(ctx context.Context, kube *kubernetes.Clientset, config Config, uid apitypes.UID) error { + logrus.Info("running doSync") + + resConfig := kube.RESTClient().Get().AbsPath("/.well-known/openid-configuration").Do(ctx) + configData, err := resConfig.Raw() + if err != nil { + logrus.WithError(err).Fatal("unable to retrieve raw data") + return err + } + + resJWKs := kube.RESTClient().Get().AbsPath("/openid/v1/jwks").Do(ctx) + jwkData, err := resJWKs.Raw() + if err != nil { + logrus.WithError(err).Fatal("unable to retrieve raw data") + return err + } + + var wellKnown types.OpenIDConfiguration + if err := json.Unmarshal(configData, &wellKnown); err != nil { + return err + } + + var jwks types.JWKS + if err := json.Unmarshal(jwkData, &jwks); err != nil { + return err + } + + reg := types.ClusterPutRequest{ + UID: string(uid), + OIDConfig: wellKnown, + JWKS: jwks, + } + + b := new(bytes.Buffer) + if err := json.NewEncoder(b).Encode(reg); err != nil { + return err + } + + req, err := http.NewRequest(http.MethodPut, fmt.Sprintf("%s/api/v1/clusters/%s", config.BaseURL, config.ClusterID), b) + if err != nil { + return err + } + + if config.ClusterKey != "" { + // existing cluster token to http request + req.Header.Add("x-cluster-key", config.ClusterKey) + } + + client := http.Client{ + Timeout: 30 * time.Second, + } + + res, err := client.Do(req) + if err != nil { + return err + } + defer func(Body io.ReadCloser) { + err := Body.Close() + if err != nil { + logrus.WithError(err).Error("unable to close body") + } + }(res.Body) + + if res.StatusCode == 200 { + logrus.Info("cluster updated successfully") + } else { + data, err := ioutil.ReadAll(res.Body) + if err != nil { + logrus.WithError(err).Error("unable to read body") + return err + } + + var resp types.Response + if err := json.Unmarshal(data, &resp); err != nil { + logrus.WithError(err).Error("unable to parse response") + return err + } + + logrus.WithError(fmt.Errorf(resp.Error)).Error("an error occurred updating the cluster information") + } + + return nil +} diff --git a/pkg/types/types.go b/pkg/types/types.go new file mode 100644 index 0000000..718a468 --- /dev/null +++ b/pkg/types/types.go @@ -0,0 +1,49 @@ +package types + +type ClusterPutRequest struct { + ID string `path:"id"` + UID string `json:"uid"` + JWKS JWKS `json:"jwks"` + OIDConfig OpenIDConfiguration `json:"oid_config"` +} + +type OpenIDConfiguration struct { + Issuer string `json:"issuer"` + JwksUri string `json:"jwks_uri"` + ResponseTypesSupported []string `json:"response_types_supported"` + SubjectTypesSupported []string `json:"subject_types_supported"` + IDTokenSigningAlgValuesSupported []string `json:"id_token_signing_alg_values_supported"` +} + +type JWKS struct { + Keys []JWK `json:"keys"` +} + +type JWK struct { + Use string `json:"use"` + Kty string `json:"kty"` + Kid string `json:"kid" gorm:"uniqueIndex:idx_cluster_key"` + Alg string `json:"alg"` + N string `json:"n"` + E string `json:"e"` +} + +type ErrorResponse struct { + Error string `json:"error"` +} + +type MetadataResponse struct { + Count int `json:"count"` +} + +type DataResponse struct { + Success bool `json:"success,omitempty"` + Data *interface{} `json:"data,omitempty"` +} + +type Response struct { + ErrorResponse + DataResponse + + Metadata *MetadataResponse `json:"metadata,omitempty"` +}