Skip to content

Commit

Permalink
Fix: orgadm locate project & register missing credential abort (#56)
Browse files Browse the repository at this point in the history
* Add flag for locate project, pass correct project for APIKeys

* Fail if credentials are missing
  • Loading branch information
stephen-soltesz authored Nov 21, 2024
1 parent 64cb968 commit 61da00e
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 11 deletions.
14 changes: 10 additions & 4 deletions cmd/orgadm/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,14 +21,16 @@ import (
)

var (
org string
project string
updateTables bool
org string
project string
locateProject string
updateTables bool
)

func init() {
flag.StringVar(&org, "org", "", "Organization name. Must match name assigned by M-Lab")
flag.StringVar(&project, "project", "", "GCP project to create organization resources")
flag.StringVar(&locateProject, "locate-project", "", "GCP project for Locate API")
flag.BoolVar(&updateTables, "update-tables", false, "Allow this org's service account to update table schemas")
}

Expand Down Expand Up @@ -57,7 +59,11 @@ func main() {
d := dnsx.NewManager(dnsiface.NewCloudDNSService(ds), project, dnsname.ProjectZone(project))
ac, err := apikeys.NewClient(ctx)
rtx.Must(err, "failed to create new apikey client")
k := adminx.NewAPIKeys(project, keysiface.NewKeys(ac), nn)
if project == "mlab-autojoin" && locateProject == "" {
locateProject = "mlab-ns"
}
// Local project names are taken from the namer.
k := adminx.NewAPIKeys(locateProject, keysiface.NewKeys(ac), nn)
defer ac.Close()

o := adminx.NewOrg(project, crmiface.NewCRM(project, crm), sa, sm, d, k, updateTables)
Expand Down
14 changes: 7 additions & 7 deletions cmd/register/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -149,14 +149,14 @@ func register() {
err = os.WriteFile(path.Join(*outputPath, annotationFilename), annotationJSON, 0644)
rtx.Must(err, "Failed to write annotation file")

// Service account credentials.
if r.Registration.Credentials != nil {
// TODO(soltesz): abort on nil after deployment.
key, err := base64.StdEncoding.DecodeString(r.Registration.Credentials.ServiceAccountKey)
rtx.Must(err, "Failed to decode service account key")
err = os.WriteFile(path.Join(*outputPath, serviceAccountFilename), key, 0644)
rtx.Must(err, "Failed to write annotation file")
if r.Registration.Credentials == nil {
log.Fatalf("Registration credentials are nil:\n%s", body)
}
// Service account credentials.
key, err := base64.StdEncoding.DecodeString(r.Registration.Credentials.ServiceAccountKey)
rtx.Must(err, "Failed to decode service account key")
err = os.WriteFile(path.Join(*outputPath, serviceAccountFilename), key, 0644)
rtx.Must(err, "Failed to write annotation file")

log.Printf("Registration successful with hostname: %s", r.Registration.Hostname)
registerSuccess.Store(true)
Expand Down

0 comments on commit 61da00e

Please sign in to comment.