Skip to content

Commit e209b63

Browse files
author
Moritz Clasmeier
committed
wip
1 parent 07c418a commit e209b63

24 files changed

Lines changed: 1273 additions & 1314 deletions

cmd/deploy.go

Lines changed: 293 additions & 141 deletions
Large diffs are not rendered by default.

cmd/main.go

Lines changed: 11 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -5,28 +5,18 @@ import (
55

66
"github.com/fatih/color"
77
"github.com/spf13/cobra"
8+
"github.com/stackrox/roxie/internal/deployer"
89
)
910

1011
var (
1112
// Global flags
12-
verbose bool
13-
earlyReadiness bool
14-
olm bool
15-
konflux bool
16-
deployOperator bool
17-
portForwarding bool
18-
pauseReconciliation bool
19-
overrideFile string
20-
overrideSetExpressions []string
21-
exposure string
22-
resources string
23-
shell string
24-
envrc string
25-
singleNamespace bool
26-
tag string
27-
featureFlags []string
28-
centralWait string
29-
securedClusterWait string
13+
verbose bool
14+
shell string
15+
envrc string
16+
dryRun bool
17+
18+
// We need this set up before command line flags are parsed.
19+
deploySettings = deployer.NewConfig()
3020
)
3121

3222
func main() {
@@ -48,9 +38,9 @@ Red Hat Advanced Cluster Security (ACS) on any Kubernetes/OpenShift cluster.`,
4838

4939
func init() {
5040
rootCmd.PersistentFlags().BoolVarP(&verbose, "verbose", "v", false, "Enable verbose output (show CRs)")
51-
rootCmd.PersistentFlags().BoolVar(&earlyReadiness, "early-readiness", true, "Only wait for essential workloads (central/sensor) to be ready")
52-
rootCmd.AddCommand(newDeployCmd())
53-
rootCmd.AddCommand(newTeardownCmd())
41+
rootCmd.PersistentFlags().BoolVar(&dryRun, "dry-run", false, "Do not actually modify cluster")
42+
rootCmd.AddCommand(newDeployCmd(&deploySettings))
43+
rootCmd.AddCommand(newTeardownCmd(&deploySettings))
5444
rootCmd.AddCommand(newVersionCmd())
5545
rootCmd.AddCommand(newEnvCmd())
5646
rootCmd.AddCommand(newLogsCmd())

cmd/subshell.go

Lines changed: 19 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@ import (
1111
"github.com/stackrox/roxie/internal/deployer"
1212
"github.com/stackrox/roxie/internal/env"
1313
"github.com/stackrox/roxie/internal/logger"
14+
"github.com/stackrox/roxie/internal/types"
1415
)
1516

1617
func spawnSubshell(d *deployer.Deployer, log *logger.Logger) error {
@@ -29,45 +30,44 @@ func spawnSubshell(d *deployer.Deployer, log *logger.Logger) error {
2930

3031
env := os.Environ()
3132

32-
endpoint, password, caCertFile, kubeContext, exposure := d.GetDeploymentInfo()
33+
centralDeploymentInfo := d.GetCentralDeploymentInfo()
3334

34-
if endpoint != "" {
35-
env = append(env, fmt.Sprintf("API_ENDPOINT=%s", endpoint))
36-
env = append(env, fmt.Sprintf("ROX_ENDPOINT=%s", endpoint))
37-
env = append(env, fmt.Sprintf("ROX_BASE_URL=https://%s", endpoint))
35+
if centralDeploymentInfo.Endpoint != "" {
36+
env = append(env, fmt.Sprintf("API_ENDPOINT=%s", centralDeploymentInfo.Endpoint))
37+
env = append(env, fmt.Sprintf("ROX_ENDPOINT=%s", centralDeploymentInfo.Endpoint))
38+
env = append(env, fmt.Sprintf("ROX_BASE_URL=https://%s", centralDeploymentInfo.Endpoint))
3839
}
3940

40-
if password != "" {
41-
env = append(env, fmt.Sprintf("ROX_ADMIN_PASSWORD=%s", password))
41+
if centralDeploymentInfo.Password != "" {
42+
env = append(env, fmt.Sprintf("ROX_ADMIN_PASSWORD=%s", centralDeploymentInfo.Password))
4243
}
4344

44-
if caCertFile != "" {
45-
env = append(env, fmt.Sprintf("ROX_CA_CERT_FILE=%s", caCertFile))
45+
if centralDeploymentInfo.CACertFile != "" {
46+
env = append(env, fmt.Sprintf("ROX_CA_CERT_FILE=%s", centralDeploymentInfo.CACertFile))
4647
}
4748

4849
env = append(env, fmt.Sprintf("ROX_USERNAME=%s", deployer.AdminUsername))
4950
env = append(env, "ROXIE_SHELL=1")
50-
env = append(env, fmt.Sprintf("name=acs@%s", kubeContext))
51+
env = append(env, fmt.Sprintf("name=acs@%s", centralDeploymentInfo.KubeContext))
5152

5253
haproxyAvailable := isHAProxyAvailable()
5354

5455
var haproxyCmd *exec.Cmd
5556
var haproxyConfigPath string
56-
var haproxyStarted bool
5757

58-
if haproxyAvailable && endpoint != "" && caCertFile != "" {
58+
if haproxyAvailable && centralDeploymentInfo.Endpoint != "" && centralDeploymentInfo.CACertFile != "" {
5959
var err error
60-
haproxyCmd, haproxyConfigPath, err = startHAProxy(endpoint, caCertFile, log)
60+
haproxyCmd, haproxyConfigPath, err = startHAProxy(centralDeploymentInfo.Endpoint, centralDeploymentInfo.CACertFile, log)
6161
if err != nil {
6262
log.Warningf("Failed to start HAProxy: %v", err)
6363
} else {
6464
env = append(env, fmt.Sprintf("ROXIE_HAPROXY_CFG_FILE=%s", haproxyConfigPath))
65-
haproxyStarted = true
65+
centralDeploymentInfo.HAProxyStarted = true
6666
defer cleanupHAProxy(haproxyCmd, haproxyConfigPath)
6767
}
6868
}
6969

70-
printBanner(endpoint, exposure, haproxyAvailable, haproxyStarted)
70+
printBanner(centralDeploymentInfo)
7171

7272
shellCmd := exec.Command(shellPath, "-i")
7373
shellCmd.Env = env
@@ -171,7 +171,7 @@ func isHAProxyAvailable() bool {
171171
return err == nil
172172
}
173173

174-
func printBanner(endpoint, exposure string, haproxyAvailable, haproxyStarted bool) {
174+
func printBanner(centralDeploymentInfo deployer.CentralDeploymentInfo) {
175175
cyan := color.New(color.FgCyan, color.Bold)
176176
cyan.Println("\n[roxie] Entering a subshell with ACS environment variables set.")
177177
cyan.Println("[roxie]")
@@ -181,10 +181,10 @@ func printBanner(endpoint, exposure string, haproxyAvailable, haproxyStarted boo
181181
cyan.Println("[roxie] * roxcurl /v1/clusters")
182182
cyan.Println("[roxie]")
183183

184-
if haproxyStarted {
184+
if centralDeploymentInfo.HAProxyStarted {
185185
cyan.Println("[roxie] Central UI: http://localhost:8080 (username: admin, password: see $ROX_ADMIN_PASSWORD)")
186-
} else if exposure != "none" && exposure != "" {
187-
cyan.Printf("[roxie] Central UI: https://%s", endpoint)
186+
} else if centralDeploymentInfo.Exposure != types.ExposureNone {
187+
cyan.Printf("[roxie] Central UI: https://%s", centralDeploymentInfo.Endpoint)
188188
} else if !env.RunningInRoxieContainer {
189189
cyan.Println("[roxie] Note: Installing haproxy enables automatic HTTP access to Central at http://localhost:8080")
190190
}

cmd/teardown.go

Lines changed: 15 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@ package main
33
import (
44
"context"
55
"fmt"
6+
"os"
67
"time"
78

89
"github.com/spf13/cobra"
@@ -12,7 +13,7 @@ import (
1213
"github.com/stackrox/roxie/internal/logger"
1314
)
1415

15-
func newTeardownCmd() *cobra.Command {
16+
func newTeardownCmd(settings *deployer.Config) *cobra.Command {
1617
cmd := &cobra.Command{
1718
Use: "teardown [component]",
1819
Short: "Teardown ACS components",
@@ -22,7 +23,13 @@ func newTeardownCmd() *cobra.Command {
2223
RunE: runTeardown,
2324
}
2425

25-
cmd.Flags().BoolVar(&singleNamespace, "single-namespace", false, "Deploy all components in a single namespace ('stackrox' by default)")
26+
cmd.Flags().Var(newConfigShortCut(settings, "bool", func(yamlValue string, settings *deployer.Config) error {
27+
// FIXME: make it so that it doesn't require an arg.
28+
settings.Central.Namespace = sharedNamespace
29+
settings.SecuredCluster.Namespace = sharedNamespace
30+
return nil
31+
},
32+
), "single-namespace", "Deploy all components in a single namespace ('stackrox')")
2633

2734
return cmd
2835
}
@@ -40,13 +47,18 @@ func runTeardown(cmd *cobra.Command, args []string) error {
4047

4148
log.Infof("Tearing down %s", components)
4249

50+
if dryRun {
51+
log.Infof("Existing because of enabled dry-run mode.")
52+
os.Exit(0)
53+
}
54+
4355
d, err := deployer.New(log)
4456
if err != nil {
4557
return fmt.Errorf("failed to create deployer: %w", err)
4658
}
4759
defer d.Cleanup()
4860

49-
d.SetSingleNamespace(singleNamespace)
61+
d.SetConfig(deploySettings)
5062

5163
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Minute)
5264
defer cancel()

go.mod

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,10 +6,12 @@ require (
66
github.com/fatih/color v1.16.0
77
github.com/google/go-containerregistry v0.21.0
88
github.com/spf13/cobra v1.10.2
9+
github.com/spf13/pflag v1.0.9
910
github.com/stretchr/testify v1.11.1
1011
golang.org/x/term v0.38.0
1112
gopkg.in/yaml.v3 v3.0.1
1213
k8s.io/apimachinery v0.35.3
14+
k8s.io/utils v0.0.0-20251002143259-bc988d571ff4
1315
)
1416

1517
require (
@@ -32,7 +34,6 @@ require (
3234
github.com/opencontainers/image-spec v1.1.1 // indirect
3335
github.com/pmezard/go-difflib v1.0.0 // indirect
3436
github.com/sirupsen/logrus v1.9.3 // indirect
35-
github.com/spf13/pflag v1.0.9 // indirect
3637
github.com/vbatts/tar-split v0.12.2 // indirect
3738
github.com/x448/float16 v0.8.4 // indirect
3839
go.yaml.in/yaml/v2 v2.4.3 // indirect
@@ -43,7 +44,6 @@ require (
4344
gopkg.in/inf.v0 v0.9.1 // indirect
4445
k8s.io/klog/v2 v2.130.1 // indirect
4546
k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 // indirect
46-
k8s.io/utils v0.0.0-20251002143259-bc988d571ff4 // indirect
4747
sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect
4848
sigs.k8s.io/randfill v1.0.0 // indirect
4949
sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect

0 commit comments

Comments
 (0)