[installer]: allow Installer to specify licensor type

Defaults to "gitpod" and allows "replicated". This is defined by the secret
gitpod-io · Feb 22, 2022 · 7f0a309 · 7f0a309
1 parent 5d85a2d
commit 7f0a309
Show file tree

Hide file tree

Showing 3 changed files with 73 additions and 18 deletions.
diff --git a/install/installer/pkg/components/server/deployment.go b/install/installer/pkg/components/server/deployment.go
@@ -13,6 +13,7 @@ import (
 	"github.com/gitpod-io/gitpod/installer/pkg/common"
 	wsmanager "github.com/gitpod-io/gitpod/installer/pkg/components/ws-manager"
 	wsmanagerbridge "github.com/gitpod-io/gitpod/installer/pkg/components/ws-manager-bridge"
+	configv1 "github.com/gitpod-io/gitpod/installer/pkg/config/v1"
 
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
@@ -53,7 +54,6 @@ func deployment(ctx *common.RenderContext) ([]runtime.Object, error) {
 			Name:      "gitpod-license-key",
 			MountPath: licenseFilePath,
 			SubPath:   "license",
-			ReadOnly:  true,
 		})
 	}
 
@@ -164,22 +164,47 @@ func deployment(ctx *common.RenderContext) ([]runtime.Object, error) {
 								common.TracingEnv(ctx),
 								common.AnalyticsEnv(&ctx.Config),
 								common.MessageBusEnv(&ctx.Config),
-								[]corev1.EnvVar{{
-									Name:  "CONFIG_PATH",
-									Value: "/config/config.json",
-								}, {
-									Name:  "IDE_CONFIG_PATH",
-									Value: "/ide-config/config.json",
-								}, {
-									Name:  "NODE_ENV",
-									Value: "production", // todo(sje): will we need to change this?
-								}, {
-									Name:  "SHLVL",
-									Value: "1",
-								}, {
-									Name:  "WSMAN_CFG_MANAGERS",
-									Value: wsmanCfgManager,
-								}},
+								[]corev1.EnvVar{
+									{
+										Name:  "CONFIG_PATH",
+										Value: "/config/config.json",
+									},
+									func() corev1.EnvVar {
+										envvar := corev1.EnvVar{
+											Name: "GITPOD_LICENSE_TYPE",
+										}
+
+										if ctx.Config.License == nil {
+											envvar.Value = string(configv1.LicensorTypeGitpod)
+										} else {
+											envvar.ValueFrom = &corev1.EnvVarSource{
+												SecretKeyRef: &corev1.SecretKeySelector{
+													LocalObjectReference: corev1.LocalObjectReference{Name: ctx.Config.License.Name},
+													Key:                  "type",
+													Optional:             pointer.Bool(true),
+												},
+											}
+										}
+
+										return envvar
+									}(),
+									{
+										Name:  "IDE_CONFIG_PATH",
+										Value: "/ide-config/config.json",
+									},
+									{
+										Name:  "NODE_ENV",
+										Value: "production", // todo(sje): will we need to change this?
+									},
+									{
+										Name:  "SHLVL",
+										Value: "1",
+									},
+									{
+										Name:  "WSMAN_CFG_MANAGERS",
+										Value: wsmanCfgManager,
+									},
+								},
 							),
 							// todo(sje): conditionally add github-app-cert-secret in
 							// todo(sje): do we need to cater for serverContainer.volumeMounts from values.yaml?

diff --git a/install/installer/pkg/config/v1/config.go b/install/installer/pkg/config/v1/config.go
@@ -229,6 +229,13 @@ type Workspace struct {
 	Templates *WorkspaceTemplates `json:"templates,omitempty"`
 }
 
+type LicensorType string
+
+const (
+	LicensorTypeGitpod     LicensorType = "gitpod"
+	LicensorTypeReplicated LicensorType = "replicated"
+)
+
 type FSShiftMethod string
 
 const (

diff --git a/install/installer/pkg/config/v1/validation.go b/install/installer/pkg/config/v1/validation.go
@@ -41,6 +41,11 @@ var FSShiftMethodList = map[FSShiftMethod]struct{}{
 	FSShiftShiftFS: {},
 }
 
+var LicensorTypeList = map[LicensorType]struct{}{
+	LicensorTypeGitpod:     {},
+	LicensorTypeReplicated: {},
+}
+
 // LoadValidationFuncs load custom validation functions for this version of the config API
 func (v version) LoadValidationFuncs(validate *validator.Validate) error {
 	funcs := map[string]validator.Func{
@@ -120,7 +125,25 @@ func (v version) ClusterValidation(rcfg interface{}) cluster.ValidationChecks {
 
 	if cfg.License != nil {
 		secretName := cfg.License.Name
-		res = append(res, cluster.CheckSecret(secretName, cluster.CheckSecretRequiredData("license")))
+		licensorKey := "type"
+		res = append(res, cluster.CheckSecret(secretName, cluster.CheckSecretRequiredData("license"), cluster.CheckSecretRecommendedData(licensorKey), cluster.CheckSecretRule(func(s *corev1.Secret) ([]cluster.ValidationError, error) {
+			errors := make([]cluster.ValidationError, 0)
+
+			licensor := LicensorType(s.Data[licensorKey])
+			if licensor != "" {
+				// This field is optional, so blank is valid
+				_, ok := LicensorTypeList[licensor]
+
+				if !ok {
+					errors = append(errors, cluster.ValidationError{
+						Message: fmt.Sprintf("Secret '%s' has invalid license type '%s'", secretName, licensor),
+						Type:    cluster.ValidationStatusError,
+					})
+				}
+			}
+
+			return errors, nil
+		})))
 	}
 
 	if len(cfg.AuthProviders) > 0 {