This repository has been archived by the owner on Jul 26, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 404
/
index.js
76 lines (67 loc) · 2.35 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
'use strict'
const vault = require('node-vault')
const kube = require('kubernetes-client')
const KubeRequest = require('kubernetes-client/backends/request')
const pino = require('pino')
const yaml = require('js-yaml')
const fs = require('fs')
const path = require('path')
const awsConfig = require('./aws-config')
const azureConfig = require('./azure-config')
const envConfig = require('./environment')
const CustomResourceManager = require('../lib/custom-resource-manager')
const SecretsManagerBackend = require('../lib/backends/secrets-manager-backend')
const SystemManagerBackend = require('../lib/backends/system-manager-backend')
const VaultBackend = require('../lib/backends/vault-backend')
const AzureKeyVaultBackend = require('../lib/backends/azure-keyvault-backend')
// Get document, or throw exception on error
// eslint-disable-next-line security/detect-non-literal-fs-filename
const customResourceManifest = yaml.safeLoad(fs.readFileSync(path.resolve(__dirname, '../crd.yaml'), 'utf8'))
const kubeconfig = new kube.KubeConfig()
kubeconfig.loadFromDefault()
const kubeBackend = new KubeRequest({ kubeconfig })
const kubeClient = new kube.Client({ backend: kubeBackend })
const logger = pino({
serializers: {
err: pino.stdSerializers.err
},
level: envConfig.logLevel
})
const customResourceManager = new CustomResourceManager({
kubeClient,
logger
})
const secretsManagerBackend = new SecretsManagerBackend({
clientFactory: awsConfig.secretsManagerFactory,
assumeRole: awsConfig.assumeRole,
logger
})
const systemManagerBackend = new SystemManagerBackend({
clientFactory: awsConfig.systemManagerFactory,
assumeRole: awsConfig.assumeRole,
logger
})
const vaultClient = vault({ apiVersion: 'v1', endpoint: envConfig.vaultEndpoint })
const vaultBackend = new VaultBackend({ client: vaultClient, logger })
const azureKeyVaultBackend = new AzureKeyVaultBackend({
credential: azureConfig.azureKeyVault(),
logger
})
const backends = {
// when adding a new backend, make sure to change the CRD property too
secretsManager: secretsManagerBackend,
systemManager: systemManagerBackend,
vault: vaultBackend,
azureKeyVault: azureKeyVaultBackend
}
// backwards compatibility
backends.secretManager = secretsManagerBackend
module.exports = {
awsConfig,
backends,
customResourceManager,
customResourceManifest,
...envConfig,
kubeClient,
logger
}