diff --git a/changelog/unreleased/ocis-root-config.md b/changelog/unreleased/ocis-root-config.md new file mode 100644 index 000000000..4261d2bd7 --- /dev/null +++ b/changelog/unreleased/ocis-root-config.md @@ -0,0 +1,7 @@ +Change: Move ocis default config to root level + +Tags: ocis + +We moved the tracing config to the `root` flagset so that they are parsed on all commands. We also introduced a `JWTSecret` flag in the root flagset, in order to apply a common default JWTSecret to all services that have one. + +https://github.com/owncloud/ocis/pull/842 diff --git a/ocis/pkg/command/accounts.go b/ocis/pkg/command/accounts.go index b46a1f9b8..8bb986be9 100644 --- a/ocis/pkg/command/accounts.go +++ b/ocis/pkg/command/accounts.go @@ -44,6 +44,13 @@ func configureAccounts(cfg *config.Config) *svcconfig.Config { cfg.Accounts.Log.Color = cfg.Log.Color cfg.Accounts.Server.Version = version.String + // TODO: we need tracing on the accounts service as well. when we have it, apply default config from OCIS here. + + if cfg.TokenManager.JWTSecret != "" { + cfg.Accounts.TokenManager.JWTSecret = cfg.TokenManager.JWTSecret + cfg.Accounts.Repo.CS3.JWTSecret = cfg.TokenManager.JWTSecret + } + return cfg.Accounts } diff --git a/ocis/pkg/command/ocs.go b/ocis/pkg/command/ocs.go index e576c086c..8209162ec 100644 --- a/ocis/pkg/command/ocs.go +++ b/ocis/pkg/command/ocs.go @@ -4,12 +4,12 @@ package command import ( "github.com/micro/cli/v2" + "github.com/owncloud/ocis/ocis/pkg/config" + "github.com/owncloud/ocis/ocis/pkg/register" "github.com/owncloud/ocis/ocis/pkg/version" "github.com/owncloud/ocis/ocs/pkg/command" svcconfig "github.com/owncloud/ocis/ocs/pkg/config" "github.com/owncloud/ocis/ocs/pkg/flagset" - "github.com/owncloud/ocis/ocis/pkg/config" - "github.com/owncloud/ocis/ocis/pkg/register" ) // OCSCommand is the entrypoint for the ocs command. @@ -48,10 +48,13 @@ func configureOCS(cfg *config.Config) *svcconfig.Config { cfg.OCS.Tracing.Service = cfg.Tracing.Service } + if cfg.TokenManager.JWTSecret != "" { + cfg.OCS.TokenManager.JWTSecret = cfg.TokenManager.JWTSecret + } + return cfg.OCS } func init() { register.AddCommand(OCSCommand) } - diff --git a/ocis/pkg/command/proxy.go b/ocis/pkg/command/proxy.go index 8422a39e1..4c19599b4 100644 --- a/ocis/pkg/command/proxy.go +++ b/ocis/pkg/command/proxy.go @@ -48,8 +48,8 @@ func configureProxy(cfg *config.Config) *svcconfig.Config { cfg.Proxy.Tracing.Service = cfg.Tracing.Service } - if cfg.Storage.Reva.JWTSecret != "" { - cfg.Proxy.TokenManager.JWTSecret = cfg.Storage.Reva.JWTSecret + if cfg.TokenManager.JWTSecret != "" { + cfg.Proxy.TokenManager.JWTSecret = cfg.TokenManager.JWTSecret } return cfg.Proxy diff --git a/ocis/pkg/command/settings.go b/ocis/pkg/command/settings.go index df1af102b..dd16225e6 100644 --- a/ocis/pkg/command/settings.go +++ b/ocis/pkg/command/settings.go @@ -48,8 +48,8 @@ func configureSettings(cfg *config.Config) *svcconfig.Config { cfg.Settings.Tracing.Service = cfg.Tracing.Service } - if cfg.Storage.Reva.JWTSecret != "" { - cfg.Settings.TokenManager.JWTSecret = cfg.Storage.Reva.JWTSecret + if cfg.TokenManager.JWTSecret != "" { + cfg.Settings.TokenManager.JWTSecret = cfg.TokenManager.JWTSecret } return cfg.Settings diff --git a/ocis/pkg/config/config.go b/ocis/pkg/config/config.go index 2a6ce09ce..50f2d802c 100644 --- a/ocis/pkg/config/config.go +++ b/ocis/pkg/config/config.go @@ -53,6 +53,11 @@ type Tracing struct { Service string } +// TokenManager is the config for using the reva token manager +type TokenManager struct { + JWTSecret string +} + // Config combines all available configuration parts. type Config struct { File string @@ -62,6 +67,7 @@ type Config struct { HTTP HTTP GRPC GRPC Tracing Tracing + TokenManager TokenManager Accounts *accounts.Config Graph *graph.Config diff --git a/ocis/pkg/flagset/flagset.go b/ocis/pkg/flagset/flagset.go index e3a8229f1..517b59e4c 100644 --- a/ocis/pkg/flagset/flagset.go +++ b/ocis/pkg/flagset/flagset.go @@ -36,31 +36,6 @@ func RootWithConfig(cfg *config.Config) []cli.Flag { EnvVars: []string{"OCIS_LOG_COLOR"}, Destination: &cfg.Log.Color, }, - } -} - -// HealthWithConfig applies cfg to the root flagset -func HealthWithConfig(cfg *config.Config) []cli.Flag { - return []cli.Flag{ - &cli.StringFlag{ - Name: "debug-addr", - Value: "0.0.0.0:9010", - Usage: "Address to debug endpoint", - EnvVars: []string{"OCIS_DEBUG_ADDR"}, - Destination: &cfg.Debug.Addr, - }, - } -} - -// ServerWithConfig applies cfg to the root flagset -func ServerWithConfig(cfg *config.Config) []cli.Flag { - return []cli.Flag{ - &cli.StringFlag{ - Name: "registry", - Usage: "Enable sending traces", - EnvVars: []string{"OCIS_REGISTRY"}, - Destination: &cfg.Registry, - }, &cli.BoolFlag{ Name: "tracing-enabled", Usage: "Enable sending traces", @@ -95,6 +70,32 @@ func ServerWithConfig(cfg *config.Config) []cli.Flag { EnvVars: []string{"OCIS_TRACING_SERVICE"}, Destination: &cfg.Tracing.Service, }, + &cli.StringFlag{ + Name: "jwt-secret", + Value: "Pive-Fumkiu4", + Usage: "Used to dismantle the access token, should equal reva's jwt-secret", + EnvVars: []string{"OCIS_JWT_SECRET"}, + Destination: &cfg.TokenManager.JWTSecret, + }, + } +} + +// HealthWithConfig applies cfg to the root flagset +func HealthWithConfig(cfg *config.Config) []cli.Flag { + return []cli.Flag{ + &cli.StringFlag{ + Name: "debug-addr", + Value: "0.0.0.0:9010", + Usage: "Address to debug endpoint", + EnvVars: []string{"OCIS_DEBUG_ADDR"}, + Destination: &cfg.Debug.Addr, + }, + } +} + +// ServerWithConfig applies cfg to the root flagset +func ServerWithConfig(cfg *config.Config) []cli.Flag { + return []cli.Flag{ &cli.StringFlag{ Name: "debug-addr", Value: "0.0.0.0:9010",