From e98c6f41db21952ece303f9aeeebf6ca118f30ac Mon Sep 17 00:00:00 2001 From: Gergely Brautigam <182850+Skarlso@users.noreply.github.com> Date: Fri, 14 Jun 2024 10:57:05 +0200 Subject: [PATCH] added Tilt environment for easier testing --- Dockerfile | 2 +- README.md | 4 +++ Tiltfile | 54 ++++++++++++++++++++++++++++++++ cmd/root.go | 3 +- deploy/templates/deployment.yaml | 8 +++-- pkg/server/server.go | 6 ++++ tilt.dockerfile | 7 +++++ 7 files changed, 79 insertions(+), 5 deletions(-) create mode 100644 Tiltfile create mode 100644 tilt.dockerfile diff --git a/Dockerfile b/Dockerfile index f4d1496..410bc27 100644 --- a/Dockerfile +++ b/Dockerfile @@ -14,4 +14,4 @@ COPY --from=build --chown=65532:65532 /workspace/state/ ./state/ EXPOSE 9998 ENV CGO_ENABLED=1 ENV BW_SECRETS_MANAGER_STATE_PATH='/state' -ENTRYPOINT [ "/bitwarden-sdk-server" ] +ENTRYPOINT [ "/bitwarden-sdk-server", "serve" ] diff --git a/README.md b/README.md index 23b4fae..c83ca97 100644 --- a/README.md +++ b/README.md @@ -5,3 +5,7 @@ This repository contains a simple REST wrapper for the Bitwarden Rust SDK # TODO Provide installation instructions in case it's installed separately from ESO. + +# Testing + +To run Tilt install https://github.com/FiloSottile/homebrew-musl-cross. This uses musl-cc to build and link. diff --git a/Tiltfile b/Tiltfile new file mode 100644 index 0000000..51d0a57 --- /dev/null +++ b/Tiltfile @@ -0,0 +1,54 @@ +# -*- mode: Python -*- + +kubectl_cmd = "kubectl" + +# verify kubectl command exists +if str(local("command -v " + kubectl_cmd + " || true", quiet = True)) == "": + fail("Required command '" + kubectl_cmd + "' not found in PATH") + +load('ext://namespace', 'namespace_yaml') +k8s_yaml(namespace_yaml('external-secrets'), allow_duplicates=True) +install = helm('deploy', namespace = 'external-secrets', set = 'image.tls.enabled=False') + +# Apply the updated yaml to the cluster. +k8s_yaml(install, allow_duplicates = True) + +load('ext://restart_process', 'docker_build_with_restart') + +# enable hot reloading by doing the following: +# - locally build the whole project +# - create a docker imagine using tilt's hot-swap wrapper +# - push that container to the local tilt registry +local_resource( + 'external-secret-binary', + "CC=x86_64-linux-musl-gcc GOOS=linux GOARCH=amd64 CGO_LDFLAGS='-lm' CGO_ENABLED=1 go build -ldflags '-linkmode external -extldflags -static' -o bin/bitwarden-sdk-server main.go", + deps = [ + "main.go", + "go.mod", + "go.sum", + "cmd", + "pkg", + ], +) + + +# Build the docker image for our controller. We use a specific Dockerfile +# since tilt can't run on a scratch container. +# `only` here is important, otherwise, the container will get updated +# on _any_ file change. We only want to monitor the binary. +# If debugging is enabled, we switch to a different docker file using +# the delve port. +entrypoint = ['/bitwarden-sdk-server', 'serve'] +dockerfile = 'tilt.dockerfile' +docker_build_with_restart( + 'ghcr.io/external-secrets/bitwarden-sdk-server', + '.', + dockerfile = dockerfile, + entrypoint = entrypoint, + only=[ + './bin', + ], + live_update = [ + sync('./bin/bitwarden-sdk-server', '/bitwarden-sdk-server'), + ], +) diff --git a/cmd/root.go b/cmd/root.go index edc4a4c..0e12841 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -55,8 +55,7 @@ func runServeCmd(_ *cobra.Command, _ []string) error { svr := server.NewServer(rootArgs.server) go func() { if err := svr.Run(context.Background()); err != nil { - slog.Error("failed to start server", "error", err) - os.Exit(1) + slog.Error("server stopped", "error", err) } }() diff --git a/deploy/templates/deployment.yaml b/deploy/templates/deployment.yaml index e5955b2..1952cea 100644 --- a/deploy/templates/deployment.yaml +++ b/deploy/templates/deployment.yaml @@ -27,6 +27,10 @@ spec: {{- toYaml .Values.podSecurityContext | nindent 8 }} containers: - name: {{ .Chart.Name }} + {{- if not .Values.image.tls.enabled }} + args: + - --insecure + {{- end }} securityContext: {{- toYaml .Values.securityContext | nindent 12 }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" @@ -41,11 +45,11 @@ spec: protocol: TCP livenessProbe: httpGet: - path: / + path: /live port: http readinessProbe: httpGet: - path: / + path: /ready port: http resources: {{- toYaml .Values.resources | nindent 12 }} diff --git a/pkg/server/server.go b/pkg/server/server.go index 0089409..dfe3098 100644 --- a/pkg/server/server.go +++ b/pkg/server/server.go @@ -52,6 +52,12 @@ func NewServer(cfg Config) *Server { func (s *Server) Run(_ context.Context) error { r := chi.NewRouter() r.Use(middleware.Logger) + r.Get("/ready", func(w http.ResponseWriter, r *http.Request) { + _, _ = w.Write([]byte("ready")) + }) + r.Get("/live", func(w http.ResponseWriter, r *http.Request) { + _, _ = w.Write([]byte("live")) + }) r.Get(api+"/secret", func(w http.ResponseWriter, r *http.Request) { bitwarden.GetSecret() _, _ = w.Write([]byte("welcome")) diff --git a/tilt.dockerfile b/tilt.dockerfile new file mode 100644 index 0000000..76abfa4 --- /dev/null +++ b/tilt.dockerfile @@ -0,0 +1,7 @@ +FROM alpine@sha256:77726ef6b57ddf65bb551896826ec38bc3e53f75cdde31354fbffb4f25238ebd +WORKDIR / +COPY ./bin/bitwarden-sdk-server /bitwarden-sdk-server + +ENV CGO_ENABLED=1 +ENV BW_SECRETS_MANAGER_STATE_PATH='/state' +ENTRYPOINT ["/bitwarden-sdk-server", "serve", "--insecure"]