diff --git a/client/main.go b/client/main.go deleted file mode 100644 index 42758c7fa..000000000 --- a/client/main.go +++ /dev/null @@ -1,89 +0,0 @@ -package client - -import ( - "github.com/packethost/pkg/env" - "github.com/pkg/errors" - "github.com/tinkerbell/tink/protos/workflow" - "go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc" - "google.golang.org/grpc" - "google.golang.org/grpc/credentials" - "google.golang.org/grpc/credentials/insecure" -) - -// gRPC clients. -var ( - WorkflowClient workflow.WorkflowServiceClient -) - -// FullClient aggregates all the gRPC clients available from Tinkerbell Server. -type FullClient struct { - WorkflowClient workflow.WorkflowServiceClient -} - -// NewFullClient returns a FullClient. A structure that contains all the -// clients made available from tink-server. -func NewFullClient(conn grpc.ClientConnInterface) *FullClient { - return &FullClient{ - WorkflowClient: workflow.NewWorkflowServiceClient(conn), - } -} - -func NewClientConn(authority string, tls bool) (*grpc.ClientConn, error) { - var creds grpc.DialOption - if tls { - creds = grpc.WithTransportCredentials(credentials.NewTLS(nil)) - } else { - creds = grpc.WithTransportCredentials(insecure.NewCredentials()) - } - - conn, err := grpc.Dial(authority, - creds, - grpc.WithUnaryInterceptor(otelgrpc.UnaryClientInterceptor()), - grpc.WithStreamInterceptor(otelgrpc.StreamClientInterceptor()), - ) - if err != nil { - return nil, errors.Wrap(err, "connect to tinkerbell server") - } - return conn, nil -} - -// GetConnection returns a gRPC client connection. -func GetConnection() (*grpc.ClientConn, error) { - authority := env.Get("TINKERBELL_GRPC_AUTHORITY") - if authority == "" { - return nil, errors.New("undefined TINKERBELL_GRPC_AUTHORITY") - } - - tls := env.Bool("TINKERBELL_TLS", true) - return NewClientConn(authority, tls) -} - -// Setup : create a connection to server. -func Setup() error { - conn, err := GetConnection() - if err != nil { - return err - } - WorkflowClient = workflow.NewWorkflowServiceClient(conn) - return nil -} - -// TinkWorkflowClient creates a new workflow client. -func TinkWorkflowClient() (workflow.WorkflowServiceClient, error) { - conn, err := GetConnection() - if err != nil { - return nil, err - } - return workflow.NewWorkflowServiceClient(conn), nil -} - -// TinkFullClient creates a new full client. -func TinkFullClient() (FullClient, error) { - conn, err := GetConnection() - if err != nil { - return FullClient{}, err - } - return FullClient{ - WorkflowClient: workflow.NewWorkflowServiceClient(conn), - }, nil -} diff --git a/cmd/tink-server/main.go b/cmd/tink-server/main.go index 3edb35a5e..b124ef824 100644 --- a/cmd/tink-server/main.go +++ b/cmd/tink-server/main.go @@ -15,10 +15,10 @@ import ( "github.com/spf13/cobra" "github.com/spf13/pflag" "github.com/spf13/viper" - grpcserver "github.com/tinkerbell/tink/grpc-server" - httpserver "github.com/tinkerbell/tink/http-server" - "github.com/tinkerbell/tink/metrics" - "github.com/tinkerbell/tink/server" + "github.com/tinkerbell/tink/internal/grpcserver" + "github.com/tinkerbell/tink/internal/httpserver" + "github.com/tinkerbell/tink/internal/server" + "github.com/tinkerbell/tink/internal/tlscert" "google.golang.org/grpc" "google.golang.org/grpc/credentials" ) @@ -30,11 +30,6 @@ var version = "devel" // You can change the configuration via environment variable, or file, or command flags. type DaemonConfig struct { Facility string - PGDatabase string - PGUSer string - PGPassword string - PGSSLMode string - OnlyMigration bool GRPCAuthority string CertDir string HTTPAuthority string @@ -66,7 +61,6 @@ func (c *DaemonConfig) AddFlags(fs *pflag.FlagSet) { func (c *DaemonConfig) PopulateFromLegacyEnvVar() { c.Facility = env.Get("FACILITY", c.Facility) - c.CertDir = env.Get("TINKERBELL_CERTS_DIR", c.CertDir) c.GRPCAuthority = env.Get("TINKERBELL_GRPC_AUTHORITY", c.GRPCAuthority) c.HTTPAuthority = env.Get("TINKERBELL_HTTP_AUTHORITY", c.HTTPAuthority) @@ -110,7 +104,6 @@ func NewRootCommand(config *DaemonConfig, logger log.Logger) *cobra.Command { // the most aggressive way we have to guarantee that // the old way works as before. config.PopulateFromLegacyEnvVar() - metrics.SetupMetrics(config.Facility, logger) logger.Info("starting version " + version) @@ -125,19 +118,20 @@ func NewRootCommand(config *DaemonConfig, logger log.Logger) *cobra.Command { var ( registrar grpcserver.Registrar grpcOpts []grpc.ServerOption - err error ) + if config.TLS { certDir := config.CertDir if certDir == "" { certDir = env.Get("TINKERBELL_CERTS_DIR", filepath.Join("/certs", config.Facility)) } - cert, err := grpcserver.GetCerts(certDir) + cert, err := tlscert.Load(certDir) if err != nil { return err } grpcOpts = append(grpcOpts, grpc.Creds(credentials.NewServerTLSFromCert(cert))) } + switch config.Backend { case backendKubernetes: var err error @@ -153,6 +147,7 @@ func NewRootCommand(config *DaemonConfig, logger log.Logger) *cobra.Command { default: return fmt.Errorf("invalid backend: %s", config.Backend) } + // Start the gRPC server in the background addr, err := grpcserver.SetupGRPC( ctx, @@ -168,7 +163,7 @@ func NewRootCommand(config *DaemonConfig, logger log.Logger) *cobra.Command { httpserver.SetupHTTP(ctx, logger, config.HTTPAuthority, errCh) select { - case err = <-errCh: + case err := <-errCh: logger.Error(err) case sig := <-sigs: logger.With("signal", sig.String()).Info("signal received, stopping servers") diff --git a/cmd/tink-worker/cmd/root.go b/cmd/tink-worker/cmd/root.go index 3c8abdbc1..cf01723de 100644 --- a/cmd/tink-worker/cmd/root.go +++ b/cmd/tink-worker/cmd/root.go @@ -11,8 +11,8 @@ import ( "github.com/spf13/cobra" "github.com/spf13/pflag" "github.com/spf13/viper" - "github.com/tinkerbell/tink/client" "github.com/tinkerbell/tink/cmd/tink-worker/worker" + "github.com/tinkerbell/tink/internal/client" "github.com/tinkerbell/tink/protos/workflow" ) diff --git a/cmd/virtual-worker/cmd/root.go b/cmd/virtual-worker/cmd/root.go index 118c3edb8..86efc0f15 100644 --- a/cmd/virtual-worker/cmd/root.go +++ b/cmd/virtual-worker/cmd/root.go @@ -9,9 +9,9 @@ import ( "github.com/spf13/cobra" "github.com/spf13/pflag" "github.com/spf13/viper" - "github.com/tinkerbell/tink/client" tinkWorker "github.com/tinkerbell/tink/cmd/tink-worker/worker" "github.com/tinkerbell/tink/cmd/virtual-worker/worker" + "github.com/tinkerbell/tink/internal/client" "github.com/tinkerbell/tink/protos/workflow" ) diff --git a/docs/ENVVARS.md b/docs/ENVVARS.md deleted file mode 100644 index 3ca97d41b..000000000 --- a/docs/ENVVARS.md +++ /dev/null @@ -1,35 +0,0 @@ -# Environment Variables - -The follow describes environment variables available to be set when running Tink Server, Tink CLI, or Tink Worker. - -| Name | Type | Service(s) | Description | -| ------------------------------------------------- | ------ | ---------- | --------------------------------------------------------------------------------------------------------------------------------------------- | -| `CAPTURE_ACTION_LOGS=` | bool | worker | capture action container output as part of worker logs | -| `CERTS_DIR=/certs` | string | server | a directory which contains the `bundle.pem` and `server-key.pem` files, for use when running Tink with TLS | -| `DOCKER_REGISTRY=` | string | worker | the docker registry to use for pulling images | -| `EVENTS_TTL=60` | string | server | purges the events in the events table that have passed this TTL in minutes | -| `FACILITY=onprem` | string | clients | location for which the Tink server serves, deprecated in server | -| `GRPC_AUTHORITY=127.0.0.1:42113` | string | server | url of the Tink gRPC server | -| `HTTP_AUTHORITY=127.0.0.1:42114` | string | server | url of the Tink HTTP server | -| `ID=` | string | worker | the id of the workflow to be executed | -| `MAX_FILE_SIZE=` | int | worker | the maximum size in bytes for the Tink worker data file | -| `MAX_RETRIES=` | int | worker | the maximum number of retries for setting up connections and sending status reports to Tink Server | -| `MAX_WORKFLOW_DATA_VERSIONS=` | int | server | maximum number of workflow data versions to be kept in database | -| `ONLY_MIGRATION=true` | bool | server | if set to true, only POSTGRES migrations are executed | -| `PGDATABASE=tinkerbell` | string | server | same as `POSTGRES_DATABASE`, deprecated in server | -| `PGPASSWORD=tink` | string | server | same as `POSTGRES_PASSWORD`, deprecated in server | -| `PGSSLMODE=disable` | string | server | same as `POSTGRES_SSLMODE`, deprecated in server | -| `PGUSER=tink` | string | server | same as `POSTGRES_USER`, deprecated in server | -| `POSTGRES_DATABASE=tinkerbell` | string | server | name of the PostgreSQL database for use in the Tink server | -| `POSTGRES_PASSWORD=tink` | string | server | PostgreSQL password for connecting to the DB | -| `POSTGRES_SSLMODE=disable` | string | server | sets the PostgreSQL SSL priority [docs](https://www.postgresql.org/docs/10/libpq-connect.html#LIBPQ-CONNECT-SSLMODE) | -| `POSTGRES_USER=tink` | string | server | PostgreSQL username for connecting to the DB | -| `REGISTRY_PASSWORD=` | string | worker | the password for the docker registry | -| `REGISTRY_USERNAME=` | string | worker | the username for the docker registry | -| `RETRY_INTERVAL=` | int | worker | the interval in seconds between retries for setting up connections to, querying for workflows from, and sending status reports to Tink Server | -| `TINK_CLI_VERSION="0.0.0"` | string | cli | if set to `0.0.0`, the old get command is used | -| `TINKERBELL_CERTS_DIR=/certs` | string | server | same as `CERTS_DIR`, deprecated in server | -| `TINKERBELL_CERT_URL=http://127.0.0.1:42114/cert` | string | clients | url from which to get a TLS certificate, needed when Tink Server's TLS cert is signed by an unknown certificate authority, ie self-signed | -| `TINKERBELL_GRPC_AUTHORITY=127.0.0.1:42113` | string | all | same as `GRPC_AUTHORITY`, deprecated in server | -| `TINKERBELL_HTTP_AUTHORITY=127.0.0.1:42114` | string | server | same as `HTTP_AUTHORITY`, deprecated in server | -| `TINKERBELL_TLS="true"` | string | all | configures grpc service or client connections for tls vs plaintext | diff --git a/grpc-server/testdata/bundle.pem b/grpc-server/testdata/bundle.pem deleted file mode 100644 index e7130206c..000000000 --- a/grpc-server/testdata/bundle.pem +++ /dev/null @@ -1,32 +0,0 @@ -TEST CERTIFICATE ONLY - NOT FOR REAL USAGE ------BEGIN CERTIFICATE----- -MIIFTzCCAzegAwIBAgIUBviL+dMgIkMf7R8nPspjyb+LcGgwDQYJKoZIhvcNAQEL -BQAwNzENMAsGA1UECgwEQ05DRjETMBEGA1UECwwKVGlua2VyYmVsbDERMA8GA1UE -AwwIdGVzdC1rZXkwHhcNMjIwMzE4MTUyMjIyWhcNMzIwMzE1MTUyMjIyWjA3MQ0w -CwYDVQQKDARDTkNGMRMwEQYDVQQLDApUaW5rZXJiZWxsMREwDwYDVQQDDAh0ZXN0 -LWtleTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALonX7dDury4h569 -ZQlBSUTL5+gdFxKMw0rrMwVxcHDm8Q4t9OlomHZu37Epc91XRfui4YEYglTo3Zzl -36gwkAPcfvGQ0KUtC1nRXs0FNOfvIm+Uv++l8S2B3BVaEABvcdpMQPkyZnKLhssd -0jF7/SFH96fdY8Xmwf0LPHcobjrQGURLU8S7mtLMJUiC0ByDTfTye6cTLFdELqzu -3LYbnT8ZceLOvLDmERJoQEgJxg2Lhr1H2TMmEUDy+svAEEyEUqYIXrPhrfN2wWUY -rIZgUupDOxvpSIzTeo/kHNrI6tbJ3laaz93Xb/0c6v5Wq/B7pViEQr5gPw+Q/h2+ -3padZIwuKAOCZLdILl0gQbUSYJ3CrOTzXBp8k++FLA8Oa8ENG3JzFXZpfsPV4Ovb -T/dulrG3zHXLjEZ/H7oNyvOLV92fJDBguGJEUeRqD8p6bmhcctygGQBBiqaKyxnl -+mGadsDrMWyegm7ua25hHnFgLofzBUEAiXGh1z0XdZAizT/oyPRn2TGAslgedoqK -wcmvOeZp+GVZi9qE8Fbd/cbdcbMWHoVBafSUh3nKiMAWaD8VeB8NKA3p2PK9j0Qn -L73kCyovDI4n9pUkkNv3pWId5DXKDAUyVgC3/ZeIwMj8lKufoG97lUyf4gOJj3xC -6fyZxaZqNk6vrGPJdY8vkF+r4e9NAgMBAAGjUzBRMB0GA1UdDgQWBBRnYKNBhu9S -IEqFqyKeJ8R7hGqagzAfBgNVHSMEGDAWgBRnYKNBhu9SIEqFqyKeJ8R7hGqagzAP -BgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQBybdkX6LoOsHKFBSRE -85yCc/tq5DNA24BAyvLBnHa4oenVt4g+cDT+eZKe/rZlHZwH6CSuWBI3XG0eyxjt -1TNkGtPcPZFHt/xe0x1nFE1XuWtWF9pwzJvJ3fDVd3IwyXoTbQ040jaNC3csVsMV -yLJNPKDT4ULVM76L89Gh/GsuWlJM9ocwfAWmfWTIUnDtJWVDw+TKvli4+IFPVStE -dFqB95AybJ1pI+0OSUioLkvrd+7udFTxn6QaqKGPDOocA+cGkR+oHmV1g72ucPaF -iTeTIT+/rzpGmmdoi1SGNdm+8+0afRHTRCjc14wRXSBDgOLtIk8f6R4lo3ZZY9xO -2PM6h1khWThjt6aEEVWL40dS9we6iIbTlc/auYR97EWMIZnlaHjOg1A4tn/XIlVR -bJ6M1x1eqCQ0bv/VLte671FXuUIgbvu6XIIDv3kW+/YDWKNkiIm2uGvrR/wFMz7r -xqyH0PzVVO9C21nNd09ZFRZM5+SF8N9NavSL2Q7m1RV8E8Boj1kJOAjYmeWYbDFB -hq5CZKXw59+WKga0ETZb3CHA7SXK0S8+8lhHdusXsV4vdgB6jL/hDH6UbFi7cxB9 -mU5Z9/wAcNUR8+UCdiW+ZpK76VFqEgWIZJzhswZ4mXET6nqypYw5XE0s3WUz2+Sh -HFFHJvKS/BrOklUc9AUGFKujZw== ------END CERTIFICATE----- diff --git a/grpc-server/testdata/server-key.pem b/grpc-server/testdata/server-key.pem deleted file mode 100644 index a3efc6182..000000000 --- a/grpc-server/testdata/server-key.pem +++ /dev/null @@ -1,53 +0,0 @@ -TEST PRIVATE KEY ONLY - NOT FOR REAL USAGE ------BEGIN PRIVATE KEY----- -MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQC6J1+3Q7q8uIee -vWUJQUlEy+foHRcSjMNK6zMFcXBw5vEOLfTpaJh2bt+xKXPdV0X7ouGBGIJU6N2c -5d+oMJAD3H7xkNClLQtZ0V7NBTTn7yJvlL/vpfEtgdwVWhAAb3HaTED5MmZyi4bL -HdIxe/0hR/en3WPF5sH9Czx3KG460BlES1PEu5rSzCVIgtAcg0308nunEyxXRC6s -7ty2G50/GXHizryw5hESaEBICcYNi4a9R9kzJhFA8vrLwBBMhFKmCF6z4a3zdsFl -GKyGYFLqQzsb6UiM03qP5BzayOrWyd5Wms/d12/9HOr+Vqvwe6VYhEK+YD8PkP4d -vt6WnWSMLigDgmS3SC5dIEG1EmCdwqzk81wafJPvhSwPDmvBDRtycxV2aX7D1eDr -20/3bpaxt8x1y4xGfx+6Dcrzi1fdnyQwYLhiRFHkag/Kem5oXHLcoBkAQYqmissZ -5fphmnbA6zFsnoJu7mtuYR5xYC6H8wVBAIlxodc9F3WQIs0/6Mj0Z9kxgLJYHnaK -isHJrznmafhlWYvahPBW3f3G3XGzFh6FQWn0lId5yojAFmg/FXgfDSgN6djyvY9E -Jy+95AsqLwyOJ/aVJJDb96ViHeQ1ygwFMlYAt/2XiMDI/JSrn6Bve5VMn+IDiY98 -Qun8mcWmajZOr6xjyXWPL5Bfq+HvTQIDAQABAoICAQCHPeXXIji/tRyqohSOdcUC -W1W/l6rUijmz605lDPZQwCevUooVLS1fFcwkTOZlj2tDlyFYBfNiNtASlhs4eReY -BpCfdcNvzVrqxSansrmuK1kMUbhkJl4i3q6DQKxRdKX1n+KwaQJvA5lJZf/4fYj4 -re1qInjDJZQYABrMwy3aQqeoq0VPr7Cap0AK/yatIGP5qlVVm6NiPyHd96eYElXa -quTHj8Uci/kpM15IN/mQi6a3S0SsWWK9mgnFD2OIA7Z786bB7xrOv59fkF5/Penf -UjrWW1SfI2Fuup6QANpEc+K5br3IASXWcTT01QkTrPECbwyCfTAzYfaMq8fRCsYp -ppzla+F/YOKT2xtNyBj3dYnLyqEoapiL1knzoPlXAfnwu5Nb/YdQrt/AnX25Cga7 -8l3Rk/nMaGtOwv9Wj7HrRMC9a754+ILFWyGYQw8GTww4a4nJ7aXrXQJTh8WYGFRp -hQUbOX3lWT4BVhm2ENQxaqGsB/sDSSMke9dhf7OvBnxtArxDQvFHulWkPQd5idYD -pDFwlgCLCp9USeQp3cwieS1ukMPYVHjx+pgGknUqzEPscjCmqgttOhMRS2f1m2KK -bs4kJBzipwM981qx4WTp2rhXBKbFmSQYR5Rv8vgjzPaaCxg96YH+V+/4Jd5fQtw3 -R9mYa1Xg43FLuiR/brkbIQKCAQEA86qFknjZKIe/5CCwaa5lGXj80fjdJqX1is2v -YJmrw/Kupt7dTS8+6ZQPHj74eGab0gyww5OVWKCsvKWgTdq+qIL9eQBl1v9B7Ckn -aRX6SfMDMbftlzQQYy2redz/X6PJaUggOsHWtNWP2gbKFeeBaZbDOjDCV0xlsThC -9gIp2Yhya1EDcMXod6/FTuEE4oyMwktU6bLxwKv9fu0Oqo7g1Wr9COM4xal1sLhq -FUPpguYhWkKBR8sF/LoOuf18stdcMv/X/194Ry5Bc1TVb9oIDV6E7M8Wamfc5ngh -w5PwRyWqkziBhTOgUgJ9n+frBBV9ieNxPOtnsjxfbyOkXiIs6QKCAQEAw5OYZaTu -g9yXlI70sYVKcF1OMZZ+yY+MgRaDy2if/0Mr2ZGGh4UhBfSXM1oCKYJt+Oxx3v/F -YbSzGDeJ0ZefcOU5RL8jePx3/rn8pSjfCTYGZG0DE3bFdCzbWRdmcgz3RiFHc12V -eKmrIES5rk3Jv78SzrvbMOStU7DNMX82PlVKlZEnVFmGgoOc0xPGN6CNF7RDyCc7 -LJgaKBCWHx8PaSwOpcc+GBoAUXDh//tiUt5sD1vlc7vZKc49EHPZoUtuRbqHfNI9 -zCoKg+yO34A/0L4Syqehind6QVlfMcavtx4mgGA6olR9f6O/kxL9CKZYsjVje+SB -3GFGL6rGhg5gxQKCAQEAgmPXwn/ExTmPaAZOIN9f3net4ransUzRzosutCTHk73D -1CwihHEp21iNloPf9p4B+C8uUBojqx+gD/sZg0/xAr/F4ABkft5tanDDVCqcmwHd -zbc8/tKvikMgJcArMAS3fQ1Joeeke3Rk3CkR7xLJX7V7lyIMfSa2rFUNEBQsTOoF -QIRDsQ9WzOVUUld7g7fugvJI6B4H3DCtIES+umpmyg3MhfsBoFSEVCL7MZH73T5E -zsYT5FUySQFPbBvHpPQ1tFzQOynddUm9YHgfFxG3iV/xBb/zoNEflnzmpH//7jKr -yshMFvl/ayNGElHKo47UdPsu14ipHunLr++Ev5LOMQKCAQBJ05ZMkETlC8lAb/JY -bKtb3SzeNSQpLAHq3LfledojvpR37aIt2AhOOjU1Uj3Ms4qV05NsjXpR1qdgdd6V -ernaIP1MQSa/zfXx9v0yz0naLUWedTQbDdOddi1a5SVr2g8hrwBMwT/iK5IIfUjm -TkDhG9yao3krbLctB2l9zLqKLyIXcZK6GY1YCRyS5T0G1JlOIGMR1BVXURdWlmRE -3TGxDst8sshyyqXiGE2HlrpX89QwvAzSck+Yo1yTsFevtkyrD62DZc2kGx6bDBom -rj/oqUdornyhS1agAn+Xx5ue8UexYCHiEyjInOR9PUa9FCYZJ2QlaW3H5gRbjAii -pBzNAoIBAAP0k83hf8gbIvRbdJayhdRRjF7tK5ad7imp8/LhZqdYpkZG8CvxrGft -R6xc+Hebl3XNJfTrLLyKY7dZt3MmSVKxiEg5+QAh49ih3nCG30A4Uu3Ime4GiKB6 -Twa7UdqSplWsLoXbUV4mPZQCzefUVdlDqYrO57eeSSmRrkJsdJONpjuhnehVVznp -DhNNbvhGhsZarLLwBJ15SmQC0iOR6QVOFjJbgK5Ldpu3QBHDYpRqYMUEHBUkaohM -HwKd3dtQHWJ4QS3VbF9CDs/tnlQH+xn9l/Qwl6WJcypxoKvATgOeJHrMCN4fQIll -Lnmk2S0UPNTJwgZQsKgRGGsrF1v+Hlw= ------END PRIVATE KEY----- diff --git a/internal/client/client.go b/internal/client/client.go new file mode 100644 index 000000000..9c0e6e32e --- /dev/null +++ b/internal/client/client.go @@ -0,0 +1,29 @@ +package client + +import ( + "github.com/pkg/errors" + "go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc" + "google.golang.org/grpc" + "google.golang.org/grpc/credentials" + "google.golang.org/grpc/credentials/insecure" +) + +func NewClientConn(authority string, tls bool) (*grpc.ClientConn, error) { + var creds grpc.DialOption + if tls { + creds = grpc.WithTransportCredentials(credentials.NewTLS(nil)) + } else { + creds = grpc.WithTransportCredentials(insecure.NewCredentials()) + } + + conn, err := grpc.Dial(authority, + creds, + grpc.WithUnaryInterceptor(otelgrpc.UnaryClientInterceptor()), + grpc.WithStreamInterceptor(otelgrpc.StreamClientInterceptor()), + ) + if err != nil { + return nil, errors.Wrap(err, "dial tinkerbell server") + } + + return conn, nil +} diff --git a/pkg/convert/workflow.go b/internal/convert/workflow.go similarity index 98% rename from pkg/convert/workflow.go rename to internal/convert/workflow.go index ccd941aae..fb5289bd2 100644 --- a/pkg/convert/workflow.go +++ b/internal/convert/workflow.go @@ -4,9 +4,9 @@ import ( "fmt" "sort" + "github.com/tinkerbell/tink/internal/workflow" "github.com/tinkerbell/tink/pkg/apis/core/v1alpha1" protoworkflow "github.com/tinkerbell/tink/protos/workflow" - "github.com/tinkerbell/tink/workflow" ) func WorkflowToWorkflowContext(wf *v1alpha1.Workflow) *protoworkflow.WorkflowContext { diff --git a/pkg/convert/workflow_test.go b/internal/convert/workflow_test.go similarity index 98% rename from pkg/convert/workflow_test.go rename to internal/convert/workflow_test.go index 7f1543cd1..5d9c9eca4 100644 --- a/pkg/convert/workflow_test.go +++ b/internal/convert/workflow_test.go @@ -5,15 +5,15 @@ import ( "testing" "github.com/google/go-cmp/cmp" - "github.com/tinkerbell/tink/internal/tests" + "github.com/tinkerbell/tink/internal/testtime" + "github.com/tinkerbell/tink/internal/workflow" "github.com/tinkerbell/tink/pkg/apis/core/v1alpha1" protoworkflow "github.com/tinkerbell/tink/protos/workflow" - "github.com/tinkerbell/tink/workflow" "google.golang.org/protobuf/testing/protocmp" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) -var TestTime = tests.NewFrozenTimeUnix(1637361794) +var TestTime = testtime.NewFrozenTimeUnix(1637361794) func TestWorkflowToWorkflowContext(t *testing.T) { cases := []struct { diff --git a/tests/e2e_test.go b/internal/e2e/e2e_test.go similarity index 99% rename from tests/e2e_test.go rename to internal/e2e/e2e_test.go index e31a9fdb8..749a7c94e 100644 --- a/tests/e2e_test.go +++ b/internal/e2e/e2e_test.go @@ -1,4 +1,4 @@ -package tests_test +package e2e_test import ( "context" @@ -9,9 +9,9 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" - "github.com/tinkerbell/tink/client" "github.com/tinkerbell/tink/cmd/tink-worker/worker" virtWorker "github.com/tinkerbell/tink/cmd/virtual-worker/worker" + "github.com/tinkerbell/tink/internal/client" "github.com/tinkerbell/tink/pkg/apis/core/v1alpha1" pb "github.com/tinkerbell/tink/protos/workflow" "google.golang.org/protobuf/proto" diff --git a/tests/testdata/01/hardware.yaml b/internal/e2e/testdata/01/hardware.yaml similarity index 100% rename from tests/testdata/01/hardware.yaml rename to internal/e2e/testdata/01/hardware.yaml diff --git a/tests/testdata/01/template.yaml b/internal/e2e/testdata/01/template.yaml similarity index 100% rename from tests/testdata/01/template.yaml rename to internal/e2e/testdata/01/template.yaml diff --git a/tests/testdata/01/workflow.yaml b/internal/e2e/testdata/01/workflow.yaml similarity index 100% rename from tests/testdata/01/workflow.yaml rename to internal/e2e/testdata/01/workflow.yaml diff --git a/tests/testdata/02/hardware1.yaml b/internal/e2e/testdata/02/hardware1.yaml similarity index 100% rename from tests/testdata/02/hardware1.yaml rename to internal/e2e/testdata/02/hardware1.yaml diff --git a/tests/testdata/02/template1.yaml b/internal/e2e/testdata/02/template1.yaml similarity index 100% rename from tests/testdata/02/template1.yaml rename to internal/e2e/testdata/02/template1.yaml diff --git a/tests/testdata/02/template2.yaml b/internal/e2e/testdata/02/template2.yaml similarity index 100% rename from tests/testdata/02/template2.yaml rename to internal/e2e/testdata/02/template2.yaml diff --git a/tests/testdata/02/template3.yaml b/internal/e2e/testdata/02/template3.yaml similarity index 100% rename from tests/testdata/02/template3.yaml rename to internal/e2e/testdata/02/template3.yaml diff --git a/tests/testdata/02/workflow1.yaml b/internal/e2e/testdata/02/workflow1.yaml similarity index 100% rename from tests/testdata/02/workflow1.yaml rename to internal/e2e/testdata/02/workflow1.yaml diff --git a/tests/testdata/02/workflow2.yaml b/internal/e2e/testdata/02/workflow2.yaml similarity index 100% rename from tests/testdata/02/workflow2.yaml rename to internal/e2e/testdata/02/workflow2.yaml diff --git a/tests/testdata/02/workflow3.yaml b/internal/e2e/testdata/02/workflow3.yaml similarity index 100% rename from tests/testdata/02/workflow3.yaml rename to internal/e2e/testdata/02/workflow3.yaml diff --git a/tests/tink_suite_test.go b/internal/e2e/tink_suite_test.go similarity index 92% rename from tests/tink_suite_test.go rename to internal/e2e/tink_suite_test.go index 70fad176c..f85992d86 100644 --- a/tests/tink_suite_test.go +++ b/internal/e2e/tink_suite_test.go @@ -1,4 +1,4 @@ -package tests_test +package e2e_test import ( "context" @@ -10,11 +10,11 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" "github.com/packethost/pkg/log" - grpcserver "github.com/tinkerbell/tink/grpc-server" + "github.com/tinkerbell/tink/internal/grpcserver" + "github.com/tinkerbell/tink/internal/server" "github.com/tinkerbell/tink/pkg/apis/core/v1alpha1" "github.com/tinkerbell/tink/pkg/controllers" wfctrl "github.com/tinkerbell/tink/pkg/controllers/workflow" - server "github.com/tinkerbell/tink/server" "k8s.io/client-go/kubernetes/scheme" "sigs.k8s.io/controller-runtime/pkg/client" @@ -46,7 +46,7 @@ var _ = BeforeSuite(func() { // Installs CRDs into cluster By("bootstrapping test environment") testEnv = &envtest.Environment{ - CRDDirectoryPaths: []string{filepath.Join("..", "config", "crd", "bases")}, + CRDDirectoryPaths: []string{filepath.Join("..", "..", "config", "crd", "bases")}, ErrorIfCRDPathMissing: true, } diff --git a/grpc-server/grpc_server.go b/internal/grpcserver/grpc_server.go similarity index 74% rename from grpc-server/grpc_server.go rename to internal/grpcserver/grpc_server.go index 6c05b91cb..888670b15 100644 --- a/grpc-server/grpc_server.go +++ b/internal/grpcserver/grpc_server.go @@ -2,9 +2,7 @@ package grpcserver import ( "context" - "crypto/tls" "net" - "path/filepath" grpc_middleware "github.com/grpc-ecosystem/go-grpc-middleware" grpc_prometheus "github.com/grpc-ecosystem/go-grpc-prometheus" @@ -14,22 +12,6 @@ import ( "google.golang.org/grpc/reflection" ) -// GetCerts returns a TLS certificate. -// An error is returned for any failure. -// -// The public key is expected to be named "bundle.pem" and the private key "server-key.pem". -func GetCerts(certsDir string) (*tls.Certificate, error) { - cert, err := tls.LoadX509KeyPair( - filepath.Join(certsDir, "bundle.pem"), - filepath.Join(certsDir, "server-key.pem"), - ) - if err != nil { - err = errors.Wrap(err, "failed to load TLS files") - return nil, err - } - return &cert, nil -} - // Registrar is an interface for registering APIs on a gRPC server. type Registrar interface { Register(*grpc.Server) diff --git a/http-server/http_server.go b/internal/httpserver/http_server.go similarity index 100% rename from http-server/http_server.go rename to internal/httpserver/http_server.go diff --git a/server/kubernetes_api.go b/internal/server/kubernetes_api.go similarity index 100% rename from server/kubernetes_api.go rename to internal/server/kubernetes_api.go diff --git a/server/kubernetes_api_test.go b/internal/server/kubernetes_api_test.go similarity index 95% rename from server/kubernetes_api_test.go rename to internal/server/kubernetes_api_test.go index 4a072d8f2..186660166 100644 --- a/server/kubernetes_api_test.go +++ b/internal/server/kubernetes_api_test.go @@ -7,12 +7,12 @@ import ( "github.com/google/go-cmp/cmp" "github.com/packethost/pkg/log" - "github.com/tinkerbell/tink/internal/tests" + "github.com/tinkerbell/tink/internal/testtime" "github.com/tinkerbell/tink/pkg/apis/core/v1alpha1" "github.com/tinkerbell/tink/protos/workflow" ) -var TestTime = tests.NewFrozenTimeUnix(1637361793) +var TestTime = testtime.NewFrozenTimeUnix(1637361793) func TestModifyWorkflowState(t *testing.T) { cases := []struct { @@ -424,7 +424,7 @@ func TestModifyWorkflowState(t *testing.T) { nowFunc: TestTime.Now, } gotErr := server.modifyWorkflowState(tc.inputWf, tc.inputWfContext) - tests.CompareErrors(t, gotErr, tc.wantErr) + compareErrors(t, gotErr, tc.wantErr) if tc.want == nil { return } @@ -435,3 +435,19 @@ func TestModifyWorkflowState(t *testing.T) { }) } } + +// compareErrors is a helper function for comparing an error value and a desired error. +func compareErrors(t *testing.T, got, want error) { + t.Helper() + if got != nil { + if want == nil { + t.Fatalf(`Got unexpected error: %v"`, got) + } else if got.Error() != want.Error() { + t.Fatalf(`Got unexpected error: got "%v" wanted "%v"`, got, want) + } + return + } + if got == nil && want != nil { + t.Fatalf("Missing expected error: %v", want) + } +} diff --git a/server/kubernetes_api_workflow.go b/internal/server/kubernetes_api_workflow.go similarity index 99% rename from server/kubernetes_api_workflow.go rename to internal/server/kubernetes_api_workflow.go index ba07f1d6f..9c4109daa 100644 --- a/server/kubernetes_api_workflow.go +++ b/internal/server/kubernetes_api_workflow.go @@ -4,9 +4,9 @@ import ( "context" "github.com/pkg/errors" + "github.com/tinkerbell/tink/internal/convert" "github.com/tinkerbell/tink/pkg/apis/core/v1alpha1" "github.com/tinkerbell/tink/pkg/controllers" - "github.com/tinkerbell/tink/pkg/convert" pb "github.com/tinkerbell/tink/protos/workflow" "google.golang.org/grpc/codes" "google.golang.org/grpc/status" diff --git a/internal/tests/errors.go b/internal/tests/errors.go deleted file mode 100644 index d9e91b064..000000000 --- a/internal/tests/errors.go +++ /dev/null @@ -1,19 +0,0 @@ -package tests - -import "testing" - -// CompareErrors is a helper function for comparing an error value and a desired error. -func CompareErrors(t *testing.T, got, want error) { - t.Helper() - if got != nil { - if want == nil { - t.Fatalf(`Got unexpected error: %v"`, got) - } else if got.Error() != want.Error() { - t.Fatalf(`Got unexpected error: got "%v" wanted "%v"`, got, want) - } - return - } - if got == nil && want != nil { - t.Fatalf("Missing expected error: %v", want) - } -} diff --git a/internal/tests/frozen_time.go b/internal/testtime/frozen_time.go similarity index 99% rename from internal/tests/frozen_time.go rename to internal/testtime/frozen_time.go index 63239f426..70a4268e6 100644 --- a/internal/tests/frozen_time.go +++ b/internal/testtime/frozen_time.go @@ -1,4 +1,4 @@ -package tests +package testtime import ( "time" diff --git a/internal/tests/frozen_time_test.go b/internal/testtime/frozen_time_test.go similarity index 99% rename from internal/tests/frozen_time_test.go rename to internal/testtime/frozen_time_test.go index 156a49640..81aeb1f57 100644 --- a/internal/tests/frozen_time_test.go +++ b/internal/testtime/frozen_time_test.go @@ -1,4 +1,4 @@ -package tests +package testtime import ( "testing" diff --git a/internal/tlscert/tlscert.go b/internal/tlscert/tlscert.go new file mode 100644 index 000000000..396f6d60d --- /dev/null +++ b/internal/tlscert/tlscert.go @@ -0,0 +1,23 @@ +package tlscert + +import ( + "crypto/tls" + "path/filepath" + + "github.com/pkg/errors" +) + +// Load TLS certificate from the given directory. The public key is expected to be named +// "bundle.pem" and the private key "server-key.pem". +func Load(certsDir string) (*tls.Certificate, error) { + cert, err := tls.LoadX509KeyPair( + filepath.Join(certsDir, "bundle.pem"), + filepath.Join(certsDir, "server-key.pem"), + ) + if err != nil { + err = errors.Wrap(err, "failed to load TLS files") + return nil, err + } + + return &cert, nil +} diff --git a/workflow/funcs.go b/internal/workflow/funcs.go similarity index 100% rename from workflow/funcs.go rename to internal/workflow/funcs.go diff --git a/workflow/template_validator.go b/internal/workflow/template_validator.go similarity index 100% rename from workflow/template_validator.go rename to internal/workflow/template_validator.go diff --git a/workflow/template_validator_test.go b/internal/workflow/template_validator_test.go similarity index 100% rename from workflow/template_validator_test.go rename to internal/workflow/template_validator_test.go diff --git a/workflow/types.go b/internal/workflow/types.go similarity index 100% rename from workflow/types.go rename to internal/workflow/types.go diff --git a/metrics/metrics.go b/metrics/metrics.go deleted file mode 100644 index 75b88689f..000000000 --- a/metrics/metrics.go +++ /dev/null @@ -1,136 +0,0 @@ -package metrics - -import ( - "github.com/packethost/pkg/log" - "github.com/prometheus/client_golang/prometheus" - "github.com/prometheus/client_golang/prometheus/promauto" -) - -// Prometheus Metrics. -var ( - CacheDuration prometheus.ObserverVec - CacheErrors *prometheus.CounterVec - CacheHits *prometheus.CounterVec - CacheInFlight *prometheus.GaugeVec - CacheStalls *prometheus.CounterVec - CacheTotals *prometheus.CounterVec - - ingestCount *prometheus.CounterVec - ingestErrors *prometheus.CounterVec - ingestDuration *prometheus.GaugeVec - - WatchMissTotal prometheus.Counter -) - -// SetupMetrics sets the defaults for metrics. -func SetupMetrics(facility string, logger log.Logger) { - curryLabels := prometheus.Labels{ - "service": "tink", - "facility": facility, - } - - CacheDuration = promauto.NewHistogramVec(prometheus.HistogramOpts{ - Name: "cache_ops_duration_seconds", - Help: "Duration of cache operations", - Buckets: prometheus.LinearBuckets(.01, .05, 10), - }, []string{"service", "facility", "method", "op"}).MustCurryWith(curryLabels) - CacheErrors = promauto.NewCounterVec(prometheus.CounterOpts{ - Name: "cache_ops_errors_total", - Help: "Number of cache errors.", - }, []string{"service", "facility", "method", "op"}).MustCurryWith(curryLabels) - CacheHits = promauto.NewCounterVec(prometheus.CounterOpts{ - Name: "cache_hit_total", - Help: "Number of cache hits.", - }, []string{"service", "facility", "method", "op"}).MustCurryWith(curryLabels) - CacheInFlight = promauto.NewGaugeVec(prometheus.GaugeOpts{ - Name: "cache_ops_current_total", - Help: "Number of in flight cache requests.", - }, []string{"service", "facility", "method", "op"}).MustCurryWith(curryLabels) - CacheStalls = promauto.NewCounterVec(prometheus.CounterOpts{ - Name: "cache_stall_total", - Help: "Number of cache stalled due to DB.", - }, []string{"service", "facility", "method", "op"}).MustCurryWith(curryLabels) - CacheTotals = promauto.NewCounterVec(prometheus.CounterOpts{ - Name: "cache_ops_total", - Help: "Number of cache ops.", - }, []string{"service", "facility", "method", "op"}).MustCurryWith(curryLabels) - - logger.Info("initializing label values") - var labels []prometheus.Labels - - labels = []prometheus.Labels{ - {"method": "Push", "op": ""}, - {"method": "Ingest", "op": ""}, - } - initCounterLabels(CacheErrors, labels) - initGaugeLabels(CacheInFlight, labels) - initCounterLabels(CacheStalls, labels) - initCounterLabels(CacheTotals, labels) - labels = []prometheus.Labels{ - {"method": "Push", "op": "insert"}, - {"method": "Push", "op": "delete"}, - } - initObserverLabels(CacheDuration, labels) - initCounterLabels(CacheHits, labels) - - labels = []prometheus.Labels{ - {"method": "ByMAC", "op": "get"}, - {"method": "ByIP", "op": "get"}, - {"method": "ByID", "op": "get"}, - {"method": "All", "op": "get"}, - {"method": "Ingest", "op": ""}, - {"method": "Watch", "op": "get"}, - {"method": "Watch", "op": "push"}, - {"method": "Delete", "op": "delete"}, - } - initCounterLabels(CacheErrors, labels) - initGaugeLabels(CacheInFlight, labels) - initCounterLabels(CacheStalls, labels) - initCounterLabels(CacheTotals, labels) - initObserverLabels(CacheDuration, labels) - initCounterLabels(CacheHits, labels) - - ingestCount = promauto.NewCounterVec(prometheus.CounterOpts{ - Name: "ingest_op_count_total", - Help: "Number of attempts made to ingest facility data.", - }, []string{"service", "facility", "method", "op"}).MustCurryWith(curryLabels) - ingestDuration = promauto.NewGaugeVec(prometheus.GaugeOpts{ - Name: "ingest_op_duration_seconds", - Help: "Duration of successful ingestion actions while attempting to ingest facility data.", - }, []string{"service", "facility", "method", "op"}).MustCurryWith(curryLabels) - ingestErrors = promauto.NewCounterVec(prometheus.CounterOpts{ - Name: "ingest_error_count_total", - Help: "Number of errors occurred attempting to ingest facility data.", - }, []string{"service", "facility", "method", "op"}).MustCurryWith(curryLabels) - labels = []prometheus.Labels{ - {"method": "Ingest", "op": ""}, - {"method": "Ingest", "op": "fetch"}, - {"method": "Ingest", "op": "copy"}, - } - initCounterLabels(ingestCount, labels) - initGaugeLabels(ingestDuration, labels) - initCounterLabels(ingestErrors, labels) - - WatchMissTotal = promauto.NewCounter(prometheus.CounterOpts{ - Name: "watch_miss_count_total", - Help: "Number of missed updates due to a blocked channel.", - }) -} - -func initObserverLabels(m prometheus.ObserverVec, l []prometheus.Labels) { - for _, labels := range l { - m.With(labels) - } -} - -func initGaugeLabels(m *prometheus.GaugeVec, l []prometheus.Labels) { - for _, labels := range l { - m.With(labels) - } -} - -func initCounterLabels(m *prometheus.CounterVec, l []prometheus.Labels) { - for _, labels := range l { - m.With(labels) - } -} diff --git a/pkg/apis/core/v1alpha1/workflow_test.go b/pkg/apis/core/v1alpha1/workflow_test.go index b4081458f..349d58983 100644 --- a/pkg/apis/core/v1alpha1/workflow_test.go +++ b/pkg/apis/core/v1alpha1/workflow_test.go @@ -4,11 +4,11 @@ import ( "testing" "time" - "github.com/tinkerbell/tink/internal/tests" + "github.com/tinkerbell/tink/internal/testtime" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) -var TestNow = tests.NewFrozenTimeUnix(1637361793) +var TestNow = testtime.NewFrozenTimeUnix(1637361793) func TestWorkflowTinkID(t *testing.T) { id := "d2c26e20-97e0-449c-b665-61efa7373f47" diff --git a/pkg/controllers/workflow/controller.go b/pkg/controllers/workflow/controller.go index 99e0135b2..31c4a57a8 100644 --- a/pkg/controllers/workflow/controller.go +++ b/pkg/controllers/workflow/controller.go @@ -6,10 +6,10 @@ import ( "time" "github.com/go-logr/logr" + "github.com/tinkerbell/tink/internal/convert" + "github.com/tinkerbell/tink/internal/workflow" "github.com/tinkerbell/tink/pkg/apis/core/v1alpha1" "github.com/tinkerbell/tink/pkg/controllers" - "github.com/tinkerbell/tink/pkg/convert" - tinkworkflow "github.com/tinkerbell/tink/workflow" "k8s.io/apimachinery/pkg/api/equality" "k8s.io/apimachinery/pkg/api/errors" "knative.dev/pkg/ptr" @@ -115,7 +115,7 @@ func (c *Controller) processNewWorkflow(ctx context.Context, logger logr.Logger, data["Hardware"] = contract } - tinkWf, _, err := tinkworkflow.RenderTemplateHardware(stored.Name, ptr.StringValue(tpl.Spec.Data), data) + tinkWf, _, err := workflow.RenderTemplateHardware(stored.Name, ptr.StringValue(tpl.Spec.Data), data) if err != nil { return reconcile.Result{}, err } diff --git a/pkg/controllers/workflow/controller_test.go b/pkg/controllers/workflow/controller_test.go index 82d4ef8b4..ac3b445ca 100644 --- a/pkg/controllers/workflow/controller_test.go +++ b/pkg/controllers/workflow/controller_test.go @@ -6,7 +6,7 @@ import ( "testing" "github.com/google/go-cmp/cmp" - "github.com/tinkerbell/tink/internal/tests" + "github.com/tinkerbell/tink/internal/testtime" "github.com/tinkerbell/tink/pkg/apis/core/v1alpha1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" @@ -20,7 +20,7 @@ import ( var runtimescheme = runtime.NewScheme() // TestTime is a static time that can be used for testing. -var TestTime = tests.NewFrozenTimeUnix(1637361793) +var TestTime = testtime.NewFrozenTimeUnix(1637361793) func init() { _ = clientgoscheme.AddToScheme(runtimescheme)