TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-05-05 02:40:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'v2-alpha' into v2-alpha-run-e2e-tests

Browse Source
This commit is contained in:
Elio Bischof 2022-07-18 10:59:17 +02:00
commit 1349e4e6cb
No known key found for this signature in database
GPG Key ID: 7B383FDE4DDBF1BD
32 changed files with 248 additions and 114 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -41,7 +41,7 @@ With ZITADEL you rely on a battle tested, hardened and extensible turnkey soluti
## Get started
### ZITADEL Cloud
### ZITADEL Cloud (SaaS)
The easiest way to get started with ZITADEL is to use our public cloud offering.
Currently ZITADEL V2 Beta is available, head over to [https://zitadel.cloud](https://zitadel.cloud) and create your first ZITADEL instance for free.

7
cmd/start/config.go
View File

@ -22,6 +22,7 @@ import (
"github.com/zitadel/zitadel/internal/database"
"github.com/zitadel/zitadel/internal/query/projection"
static_config "github.com/zitadel/zitadel/internal/static/config"
metrics "github.com/zitadel/zitadel/internal/telemetry/metrics/config"
tracing "github.com/zitadel/zitadel/internal/telemetry/tracing/config"
)
@ -37,6 +38,7 @@ type Config struct {
WebAuthNName string
Database database.Config
Tracing tracing.Config
Metrics metrics.Config
Projections projection.Config
Auth auth_es.Config
Admin admin_es.Config
@ -77,11 +79,16 @@ func MustNewConfig(v *viper.Viper) *Config {
mapstructure.StringToSliceHookFunc(","),
)),
)
logging.OnError(err).Fatal("unable to read config")
err = config.Log.SetLogger()
logging.OnError(err).Fatal("unable to set logger")
err = config.Tracing.NewTracer()
logging.OnError(err).Fatal("unable to set tracer")
err = config.Metrics.NewMeter()
logging.OnError(err).Fatal("unable to set meter")
return config
}

4
deploy/knative/zitadel-knative-service.yaml
View File

@ -7,7 +7,7 @@ spec:
template:
metadata:
annotations:
client.knative.dev/user-image: ghcr.io/zitadel/zitadel:v2.0.0-v2-alpha.33-amd64
client.knative.dev/user-image: ghcr.io/zitadel/zitadel:v2.0.0-v2-alpha.39-amd64
creationTimestamp: null
spec:
containerConcurrency: 0
@ -30,7 +30,7 @@ spec:
value: zitadel.default.127.0.0.1.sslip.io
- name: ZITADEL_S3DEFAULTINSTANCE_CUSTOMDOMAIN
value: zitadel.default.127.0.0.1.sslip.io
image: ghcr.io/zitadel/zitadel:v2.0.0-v2-alpha.33-amd64
image: ghcr.io/zitadel/zitadel:v2.0.0-v2-alpha.39-amd64
name: user-container
ports:
- containerPort: 8080

1
docs/docs/apis/proto/admin.md
View File

@ -3642,6 +3642,7 @@ this is en empty request
| ----- | ---- | ----------- | ----------- |
| org | SetUpOrgRequest.Org | - | message.required: true<br /> |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) user.human | SetUpOrgRequest.Human | oneof field for the user managing the organisation | |
| roles | repeated string | specify Org Member Roles for the provided user (default is ORG_OWNER if roles are empty) | |

23
docs/docs/guides/installation/configure/compose.mdx
View File

@ -1,10 +1,25 @@
import CodeBlock from '@theme/CodeBlock';
import DockerComposeSource from '!!raw-loader!./docker-compose.yaml'
import ExampleZITADELConfigSource from '!!raw-loader!./example-zitadel-config.yaml'
import ExampleZITADELSecretsSource from '!!raw-loader!./example-zitadel-secrets.yaml'
import ExampleZITADELInitStepsSource from '!!raw-loader!./example-zitadel-init-steps.yaml'
The docker compose example mounts the example zitadel configuration files to the ZITADEL container.
By executing the commands below, you will download the following files:
- [docker-compose.yaml](./docker-compose.yaml)
- [example-zitadel-config.yaml](./example-zitadel-config.yaml)
- [example-zitadel-secrets.yaml](./example-zitadel-secrets.yaml)
- [example-zitadel-init-steps.yaml](./example-zitadel-init-steps.yaml)
<details><summary>docker-compose.yaml</summary>
<CodeBlock language="yaml">{DockerComposeSource}</CodeBlock>
</details>
<details><summary>example-zitadel-config.yaml</summary>
<CodeBlock language="yaml">{ExampleZITADELConfigSource}</CodeBlock>
</details>
<details><summary>example-zitadel-secrets.yaml</summary>
<CodeBlock language="yaml">{ExampleZITADELSecretsSource}</CodeBlock>
</details>
<details><summary>example-zitadel-init-steps.yaml</summary>
<CodeBlock language="yaml">{ExampleZITADELInitStepsSource}</CodeBlock>
</details>
```bash
# Download the docker compose example configuration for a secure CockroachDB. For example:

12
docs/docs/guides/installation/configure/configure.mdx
View File

@ -35,13 +35,21 @@ All configuration properties are also configurable via environemnt variables.
Prefix the key with *ZITADEL\_*, uppercase the propery and join sections by an underscore _.
For example, if you want to configure the default ZITADEL IAM admin username and password, make sure the ZITADEL binary runtime has the variables *ZITADEL_S3DEFAULTINSTANCE_ORG_HUMAN_USERNAME* and *ZITADEL_S3DEFAULTINSTANCE_ORG_HUMAN_PASSWORD* set.
## Masterkey
The masterkey is used to AES256-encrypt other generated encryption keys.
It needs to have 32 bytes.
You can pass the masterkey in either of three possible ways to the zitadel binary:
- By value: Use the flag `--masterkey My_Master_Key_Which_Has_32_Bytes`
- By environment variable `ZITADEL_MASTERKEY`: Use the flag `--masterkeyFromEnv`
- By file: Use the flag `--masterkeyFile /path/to/file`
## Passing the configuration
<Tabs
groupId="installation-target"
default="linux"
default="linuxunix"
values={[
{'label': 'Linux', 'value': 'linux'},
{'label': 'Linux and Unix', 'value': 'linuxunix'},
{'label': 'Docker Compose', 'value': 'compose'},
{'label': 'Kubernetes (Helm)', 'value': 'k8s'}

2
docs/docs/guides/installation/configure/docker-compose.yaml
View File

@ -6,7 +6,7 @@ services:
restart: 'always'
networks:
- 'zitadel'
image: 'ghcr.io/zitadel/zitadel:v2.0.0-v2-alpha.33-amd64'
image: 'ghcr.io/zitadel/zitadel:v2.0.0-v2-alpha.39-amd64'
command: 'start-from-init --config /example-zitadel-config.yaml --config /example-zitadel-secrets.yaml --steps /example-zitadel-init-steps.yaml --masterkey "${ZITADEL_MASTERKEY}" --tlsMode disabled'
depends_on:
chown:

13
docs/docs/guides/installation/configure/helm.mdx
View File

@ -1,11 +1,20 @@
import CodeBlock from '@theme/CodeBlock';
import ExampleZITADELValuesSource from '!!raw-loader!./example-zitadel-values.yaml'
import ExampleZITADELValuesSecretsSource from '!!raw-loader!./example-zitadel-values-secrets.yaml'
By default, the chart installs a secure ZITADEL and CockroachDB.
The example files makes an insecure ZITADEL accessible by port forwarding the ZITADEL service to localhost.
For more configuration options, [go to the chart repo descriptions](https://github.com/zitadel/zitadel-charts).
For a secure installation with Docker Compose, [go to the loadbalancing example](/docs/guides/installation/loadbalancing-example)
By executing the commands below, you will download the following files:
- [example-zitadel-values.yaml](./example-zitadel-values.yaml)
- [example-zitadel-values-secrets.yaml](./example-zitadel-values-secrets.yaml)
<details><summary>example-zitadel-values.yaml</summary>
<CodeBlock language="yaml">{ExampleZITADELValuesSource}</CodeBlock>
</details>
<details><summary>example-zitadel-values-secrets.yaml</summary>
<CodeBlock language="yaml">{ExampleZITADELValuesSecretsSource}</CodeBlock>
</details>
```bash
# Download and adjust the example configuration file containing standard configuration

20
docs/docs/guides/installation/configure/linuxunix.mdx
View File

@ -1,9 +1,21 @@
import CodeBlock from '@theme/CodeBlock';
import ExampleZITADELConfigSource from '!!raw-loader!./example-zitadel-config.yaml'
import ExampleZITADELSecretsSource from '!!raw-loader!./example-zitadel-secrets.yaml'
import ExampleZITADELInitStepsSource from '!!raw-loader!./example-zitadel-init-steps.yaml'
### Configure by Files
By executing the commands below, you will download the following files:
- [example-zitadel-config.yaml](./example-zitadel-config.yaml)
- [example-zitadel-secrets.yaml](./example-zitadel-secrets.yaml)
- [example-zitadel-init-steps.yaml](./example-zitadel-init-steps.yaml)
<details><summary>example-zitadel-config.yaml</summary>
<CodeBlock language="yaml">{ExampleZITADELConfigSource}</CodeBlock>
</details>
<details><summary>example-zitadel-secrets.yaml</summary>
<CodeBlock language="yaml">{ExampleZITADELSecretsSource}</CodeBlock>
</details>
<details><summary>example-zitadel-init-steps.yaml</summary>
<CodeBlock language="yaml">{ExampleZITADELInitStepsSource}</CodeBlock>
</details>
```bash
# Download and adjust the example configuration file containing standard configuration
@ -44,5 +56,5 @@ export ZITADEL_S3DEFAULTINSTANCE_ORG_HUMAN_PASSWORD="RootPassword1!"
export ZITADEL_MASTERKEY="$(tr -dc A-Za-z0-9 </dev/urandom | head -c 32)"
# Let the zitadel binary read configuration from environment variables
zitadel admin start-from-init --masterkey "${ZITADEL_MASTERKEY}"
zitadel start-from-init --masterkey "${ZITADEL_MASTERKEY}" --tlsMode disabled
```

2
docs/docs/guides/installation/loadbalancing-example/docker-compose.yaml
View File

@ -15,7 +15,7 @@ services:
restart: 'always'
networks:
- 'zitadel'
image: 'ghcr.io/zitadel/zitadel:v2.0.0-v2-alpha.33-amd64'
image: 'ghcr.io/zitadel/zitadel:v2.0.0-v2-alpha.39-amd64'
command: 'start-from-init --config /example-zitadel-config.yaml --config /example-zitadel-secrets.yaml --steps /example-zitadel-init-steps.yaml --masterkey "${ZITADEL_MASTERKEY}" --tlsMode external'
depends_on:
chown:

28
docs/docs/guides/installation/loadbalancing-example/loadbalancing-example.md → docs/docs/guides/installation/loadbalancing-example/loadbalancing-example.mdx
View File

@ -2,6 +2,13 @@
title: Load Balancing Example
---
import CodeBlock from '@theme/CodeBlock';
import DockerComposeSource from '!!raw-loader!./docker-compose.yaml'
import ExampleTraefikSource from '!!raw-loader!./example-traefik.yaml'
import ExampleZITADELConfigSource from '!!raw-loader!./example-zitadel-config.yaml'
import ExampleZITADELSecretsSource from '!!raw-loader!./example-zitadel-secrets.yaml'
import ExampleZITADELInitStepsSource from '!!raw-loader!./example-zitadel-init-steps.yaml'
With this example configuration, you create a near production environment for ZITADEL with [Docker Compose](https://docs.docker.com/compose/).
The stack consists of three long-running containers:
@ -12,11 +19,22 @@ The stack consists of three long-running containers:
The setup is tested against Docker version 20.10.17 and Docker Compose version v2.2.3
By executing the commands below, you will download the following files:
- [docker-compose.yaml](./docker-compose.yaml)
- [example-traefik.yaml](./example-traefik.yaml)
- [example-zitadel-config.yaml](./example-zitadel-config.yaml)
- [example-zitadel-secrets.yaml](./example-zitadel-secrets.yaml)
- [example-zitadel-init-steps.yaml](./example-zitadel-init-steps.yaml)
<details><summary>docker-compose.yaml</summary>
<CodeBlock language="yaml">{DockerComposeSource}</CodeBlock>
</details>
<details><summary>example-traefik.yaml</summary>
<CodeBlock language="yaml">{ExampleTraefikSource}</CodeBlock>
</details>
<details><summary>example-zitadel-config.yaml</summary>
<CodeBlock language="yaml">{ExampleZITADELConfigSource}</CodeBlock>
</details>
<details><summary>example-zitadel-secrets.yaml</summary>
<CodeBlock language="yaml">{ExampleZITADELSecretsSource}</CodeBlock>
</details>
<details><summary>example-zitadel-init-steps.yaml</summary>
<CodeBlock language="yaml">{ExampleZITADELInitStepsSource}</CodeBlock>
</details>
```bash
# Download the docker compose example configuration. For example:

9
docs/docs/guides/installation/run/compose.mdx
View File

@ -1,6 +1,13 @@
import CodeBlock from '@theme/CodeBlock';
import DockerComposeSource from '!!raw-loader!./docker-compose.yaml'
The setup is tested against Docker version 20.10.17 and Docker Compose version v2.2.3
By executing the commands below, you will download the file [docker-compose.yaml](./docker-compose.yaml)
By executing the commands below, you will download the following file:
<details><summary>docker-compose.yaml</summary>
<CodeBlock language="yaml">{DockerComposeSource}</CodeBlock>
</details>
```bash
# Download the docker compose example configuration. For example:

2
docs/docs/guides/installation/run/docker-compose.yaml
View File

@ -5,7 +5,7 @@ services:
restart: 'always'
networks:
- 'zitadel'
image: 'ghcr.io/zitadel/zitadel:v2.0.0-v2-alpha.33-amd64'
image: 'ghcr.io/zitadel/zitadel:v2.0.0-v2-alpha.39-amd64'
command: 'start-from-init --masterkey "MasterkeyNeedsToHave32Characters" --tlsMode disabled'
environment:
- 'ZITADEL_DATABASE_HOST=db'

26
docs/docs/guides/installation/run/knative.mdx
View File

@ -6,16 +6,16 @@ Follow the [Knative quickstart guide](https://knative.dev/docs/getting-started/q
It is basically 4 commands on Mac:
```bash
#install knative
# Install knative
brew install knative/client/kn
#install knative quickstart sandbox
# Install knative quickstart sandbox
brew install knative-sandbox/kn-plugins/quickstart
#install kind
# Install kind
brew install kind
#install quickstart cluster
# Install quickstart cluster
kn quickstart kind
```
That will get you a ready to go knative/kubernetes environment.
@ -29,13 +29,13 @@ kubectl apply -f https://raw.githubusercontent.com/zitadel/zitadel/v2-alpha/depl
```
## Start ZITADEL with Knative
## Start ZITADEL with Knative
Either use the kn binary...
```bash
# start zitadel
kn service create zitadel \
--image ghcr.io/zitadel/zitadel:v2.0.0-v2-alpha.33-amd64 \
--image ghcr.io/zitadel/zitadel:v2.0.0-v2-alpha.39-amd64 \
--port 8080 \
--env ZITADEL_DATABASE_HOST=cockroachdb \
--env ZITADEL_EXTERNALSECURE=false \
@ -46,15 +46,17 @@ kn service create zitadel \
--arg "start-from-init" --arg "--masterkey" --arg "MasterkeyNeedsToHave32Characters"
```
or use the knative service yaml
... or use the knative service yaml
```bash
kubectl apply -f https://raw.githubusercontent.com/zitadel/zitadel/v2-alpha/deploy/knative/zitadel-knative-service.yaml
```
## Get started with ZIDATEL
## Get started with ZITADEL
Get ZITADEL URL
```bash
#get ZIDATEL URL
kn services list
NAME URL LATEST AGE CONDITIONS READY REASON

10
docs/docs/guides/installation/run/linux.mdx
View File

@ -3,14 +3,16 @@
Download a `cockroach` binary as described [in the CockroachDB docs](https://www.cockroachlabs.com/docs/v22.1/install-cockroachdb).
ZITADEL is tested against CockroachDB v22.1.0 and Ubuntu 20.04.
## Run CockroachDB and ZITADEL
## Run CockroachDB
```bash
# Run a CockroachDB instance
cockroach start-single-node --insecure --background --http-addr :9090
cockroach start-single-node --insecure --background --http-addr :9090 --listen-addr=localhost
```
## Run ZITADEL
```bash
# Download the zitadel binary
curl -s https://api.github.com/repos/zitadel/zitadel/releases/tags/v2.0.0-v2-alpha.24 | grep "browser_download_url.*zitadel_Linux_$(uname -i).tar.gz" | cut -d '"' -f 4 | xargs wget -qO - | sudo tar --extract --gzip --overwrite --directory /usr/local/bin zitadel && sudo chown $(id -u):$(id -g) /usr/local/bin/zitadel
curl -s https://api.github.com/repos/zitadel/zitadel/releases/tags/v2.0.0-v2-alpha.39 | grep "browser_download_url.*zitadel_Linux_$(uname -i).tar.gz" | cut -d '"' -f 4 | xargs wget -qO - | sudo tar --extract --gzip --overwrite --directory /usr/local/bin zitadel && sudo chown $(id -u):$(id -g) /usr/local/bin/zitadel
# Run the zitadel binary
ZITADEL_EXTERNALSECURE=false zitadel start-from-init --masterkey "MasterkeyNeedsToHave32Characters" --tlsMode disabled

4
docs/docs/guides/installation/run/macos.mdx
View File

@ -8,7 +8,7 @@ ZITADEL is tested against CockroachDB v22.1.0.
Run a CockroachDB instance
```bash
cockroach start-single-node --insecure --background --http-addr :9090
cockroach start-single-node --insecure --background --http-addr :9090 --listen-addr=localhost
```
# Download and Install ZITADEL
@ -23,7 +23,7 @@ brew install zitadel/tap/zitadel
```bash
export MY_ARCHITECTURE="arm64 or amd64 depeding on your mac"
curl -s https://api.github.com/repos/zitadel/zitadel/releases/tags/v2.0.0-v2-alpha.24 | grep "browser_download_url.*zitadel_Darwin_${MY_ARCHITECTURE}.tar.gz" | cut -d '"' -f 4 | xargs wget -qO - | sudo tar --extract --gzip --overwrite --directory /usr/local/bin zitadel && sudo chown $(id -u):$(id -g) /usr/local/bin/zitadel
curl -s https://api.github.com/repos/zitadel/zitadel/releases/tags/v2.0.0-v2-alpha.39 | grep "browser_download_url.*zitadel_Darwin_${MY_ARCHITECTURE}.tar.gz" | cut -d '"' -f 4 | xargs wget -qO - | sudo tar --extract --gzip --overwrite --directory /usr/local/bin zitadel && sudo chown $(id -u):$(id -g) /usr/local/bin/zitadel
```
Run ZITADEL

12
docs/docusaurus.config.js
View File

@ -19,7 +19,15 @@ module.exports = {
},
],
themeConfig: {
zoomSelector: ".markdown :not(em) > img",
zoom: {
selector: '.markdown :not(em) > img',
background: {
light: 'rgb(243, 244, 246)',
dark: 'rgb(55, 59, 82)'
},
// options you can specify via https://github.com/francoischalifour/medium-zoom#usage
config: {}
},
announcementBar: {
id: 'documentation',
content:
@ -170,5 +178,5 @@ module.exports = {
},
],
],
plugins: [require.resolve("plugin-image-zoom")],
plugins: [require.resolve("docusaurus-plugin-image-zoom")],
};

2
docs/package.json
View File

@ -82,6 +82,7 @@
"cssnano": "5.1.7",
"cssnano-preset-advanced": "5.3.3",
"dns-packet": "5.3.1",
"docusaurus-plugin-image-zoom": "^0.1.1",
"docusaurus-plugin-plausible": "^0.0.5",
"eastasianwidth": "0.2.0",
"enhanced-resolve": "5.9.3",
@ -139,6 +140,7 @@
"postcss-zindex": "5.1.0",
"prismjs": "1.28.0",
"raw-body": "2.5.1",
"raw-loader": "^4.0.2",
"react": "^17.0.2",
"react-dev-utils": "12.0.1",
"react-dom": "^17.0.2",

17
docs/src/css/custom.css
View File

@ -72,14 +72,14 @@
:root {
--ifm-navbar-background-color: #ffffff;
--ifm-footer-background-color: #f4f4f4;
--ifm-menu-color-background-active: #f2f5ff;
--ifm-menu-color-active: #5469d4;
--ifm-menu-color-background-active: #7E21CE10;
--ifm-menu-color-active: #7E21CE;
--ifm-menu-color-background-hover: #f7fafc;
--ifm-font-color-base: #6b7280;
--ifm-link-color: #5469d4;
--ifm-menu-color: #697386;
--ifm-footer-link-color: #000000;
--ifm-color-primary: #5469d4;
--ifm-color-primary: #7E21CE;
--ifm-color-primary-dark: #4d61cf;
--ifm-color-primary-darker: #4356c9;
--ifm-color-primary-darkest: #3a4cc3; /* 293bb9 */
@ -161,7 +161,7 @@
}
:root[data-theme="dark"] .navbar:not(.navbar-sidebar--show) {
background-color: rgba(31, 41, 55, 0.5019607843137255);
background-color: #15173580;
backdrop-filter: saturate(110%) blur(5px);
}
@ -238,8 +238,8 @@ h2 {
--ifm-menu-color-background-active: #ffffff10;
--ifm-menu-color-active: #ffffff;
--ifm-menu-color-background-hover: #3c405850;
--ifm-font-color-base: #c1c9d2;
--ifm-menu-color: #a3acb9;
--ifm-font-color-base: #DDDDDD;
--ifm-menu-color: #DDDDDD;
--ifm-link-color: #ff2069;
--docsearch-searchbox-background: #454a66;
--docsearch-searchbox-focus-background: #454a66;
@ -258,9 +258,9 @@ h2 {
--ifm-color-primary-lightest: #ff90b4;
--ifm-background-color: #141735;
--ifm-hero-background-color: #0f1022;
--ifm-hero-text-color: var(--ifm-font-color-base);
--ifm-hero-text-color: #ffffff;
--get-started-bg: var(--ifm-font-color-base);
--get-started: #059669;
--get-started: #FF1F69;
--ifm-footer-color: #ffffff50;
--ifm-heading-color: #ffffff;
--ifm-font-color-base: #c1c9d2;
@ -285,7 +285,6 @@ h2 {
--apisystembackground: linear-gradient(40deg, #6E695090, #6E695090);
--apiassetbackground: linear-gradient(40deg, #3c4257, #3c4257);
--overlaycolor: #ffffff15;
--ifm-hero-text-color: #023c2a;
}
.get-started:hover {

17
docs/yarn.lock
View File

@ -3855,6 +3855,13 @@ dns-packet@5.3.1, dns-packet@^5.2.2:
dependencies:
"@leichtgewicht/ip-codec" "^2.0.1"
docusaurus-plugin-image-zoom@^0.1.1:
version "0.1.1"
resolved "https://registry.yarnpkg.com/docusaurus-plugin-image-zoom/-/docusaurus-plugin-image-zoom-0.1.1.tgz#f5e16ae568f7b74e8a357ee67ea7922521f64539"
integrity sha512-cJXo5TKh9OR1gE4B5iS5ovLWYYDFwatqRm00iXFPOaShZG99l5tgkDKgbQPAwSL9wg4I+wz3aMwkOtDhMIpKDQ==
dependencies:
medium-zoom "^1.0.6"
docusaurus-plugin-plausible@^0.0.5:
version "0.0.5"
resolved "https://registry.yarnpkg.com/docusaurus-plugin-plausible/-/docusaurus-plugin-plausible-0.0.5.tgz#d113f7d82c09a3945e88227265b599ba1904bfb9"
@ -5573,7 +5580,7 @@ media-typer@0.3.0:
resolved "https://registry.yarnpkg.com/media-typer/-/media-typer-0.3.0.tgz#8710d7af0aa626f8fffa1ce00168545263255748"
integrity sha1-hxDXrwqmJvj/+hzgAWhUUmMlV0g=
medium-zoom@^1.0.4:
medium-zoom@^1.0.4, medium-zoom@^1.0.6:
version "1.0.6"
resolved "https://registry.yarnpkg.com/medium-zoom/-/medium-zoom-1.0.6.tgz#9247f21ca9313d8bbe9420aca153a410df08d027"
integrity sha512-UdiUWfvz9fZMg1pzf4dcuqA0W079o0mpqbTnOz5ip4VGYX96QjmbM+OgOU/0uOzAytxC0Ny4z+VcYQnhdifimg==
@ -6571,6 +6578,14 @@ raw-body@2.5.1:
iconv-lite "0.4.24"
unpipe "1.0.0"
raw-loader@^4.0.2:
version "4.0.2"
resolved "https://registry.yarnpkg.com/raw-loader/-/raw-loader-4.0.2.tgz#1aac6b7d1ad1501e66efdac1522c73e59a584eb6"
integrity sha512-ZnScIV3ag9A4wPX/ZayxL/jZH+euYb6FcUinPcgiQW0+UBtEv0O6Q3lGd3cqJ+GHH+rksEv3Pj99oxJ3u3VIKA==
dependencies:
loader-utils "^2.0.0"
schema-utils "^3.0.0"
rc@^1.2.8:
version "1.2.8"
resolved "https://registry.yarnpkg.com/rc/-/rc-1.2.8.tgz#cd924bf5200a075b83c188cd6b9e211b7fc0d3ed"

10
internal/api/api.go
View File

@ -17,6 +17,7 @@ import (
http_util "github.com/zitadel/zitadel/internal/api/http"
"github.com/zitadel/zitadel/internal/errors"
"github.com/zitadel/zitadel/internal/query"
"github.com/zitadel/zitadel/internal/telemetry/metrics"
"github.com/zitadel/zitadel/internal/telemetry/tracing"
)
@ -132,6 +133,7 @@ func (a *API) healthHandler() http.Handler {
handler.HandleFunc("/healthz", handleHealth)
handler.HandleFunc("/ready", handleReadiness(checks))
handler.HandleFunc("/validate", handleValidate(checks))
handler.Handle("/metrics", metricsExporter())
return handler
}
@ -175,3 +177,11 @@ func validate(ctx context.Context, validations []ValidationFunction) []error {
}
return errs
}
func metricsExporter() http.Handler {
exporter := metrics.GetExporter()
if exporter == nil {
return http.NotFoundHandler()
}
return exporter
}

1
internal/api/grpc/admin/org.go
View File

@ -66,6 +66,7 @@ func (s *Server) SetUpOrg(ctx context.Context, req *admin_pb.SetUpOrgRequest) (*
Name: req.Org.Name,
CustomDomain: req.Org.Domain,
Human: human,
Roles: req.Roles,
}, userIDs...)
if err != nil {
return nil, err

8
internal/command/org.go
View File

@ -19,6 +19,7 @@ type OrgSetup struct {
Name string
CustomDomain string
Human AddHuman
Roles []string
}
func (c *Commands) SetUpOrg(ctx context.Context, o *OrgSetup, userIDs ...string) (string, *domain.ObjectDetails, error) {
@ -35,10 +36,15 @@ func (c *Commands) SetUpOrg(ctx context.Context, o *OrgSetup, userIDs ...string)
orgAgg := org.NewAggregate(orgID)
userAgg := user_repo.NewAggregate(userID, orgID)
roles := []string{domain.RoleOrgOwner}
if len(o.Roles) > 0 {
roles = o.Roles
}
validations := []preparation.Validation{
AddOrgCommand(ctx, orgAgg, o.Name, userIDs...),
AddHumanCommand(userAgg, &o.Human, c.userPasswordAlg, c.userEncryption),
c.AddOrgMemberCommand(orgAgg, userID, domain.RoleOrgOwner),
c.AddOrgMemberCommand(orgAgg, userID, roles...),
}
if o.CustomDomain != "" {
validations = append(validations, AddOrgDomain(orgAgg, o.CustomDomain))

16
internal/config/options/defaults.yaml
View File

@ -3,6 +3,11 @@ Log:
Formatter:
Format: text
# Exposes metrics on /debug/metrics
Metrics:
# Select type otel (OpenTelemetry) or none (disables collection and endpoint)
Type: otel
# Port ZITADEL will listen on
Port: 8080
# Port ZITADEL is exposed on, it can differ from port e.g. if you proxy the traffic
@ -686,6 +691,17 @@ InternalAuthZ:
- "project.grant.read"
- "project.grant.member.read"
- "project.grant.user.grant.read"
- Role: "ORG_SETTINGS_MANAGER"
Permissions:
- "org.read"
- "org.write"
- "org.member.read"
- "org.idp.read"
- "org.idp.write"
- "org.idp.delete"
- "policy.read"
- "policy.write"
- "policy.delete"
- Role: "ORG_USER_PERMISSION_EDITOR"
Permissions:
- "org.read"

3
internal/query/user.go
View File

@ -295,6 +295,7 @@ var (
func (q *Queries) GetUserByID(ctx context.Context, shouldTriggerBulk bool, userID string, queries ...SearchQuery) (*User, error) {
if shouldTriggerBulk {
projection.UserProjection.TriggerBulk(ctx)
projection.LoginNameProjection.TriggerBulk(ctx)
}
instanceID := authz.GetInstance(ctx).InstanceID()
@ -317,6 +318,7 @@ func (q *Queries) GetUserByID(ctx context.Context, shouldTriggerBulk bool, userI
func (q *Queries) GetUser(ctx context.Context, shouldTriggerBulk bool, queries ...SearchQuery) (*User, error) {
if shouldTriggerBulk {
projection.UserProjection.TriggerBulk(ctx)
projection.LoginNameProjection.TriggerBulk(ctx)
}
instanceID := authz.GetInstance(ctx).InstanceID()
@ -389,6 +391,7 @@ func (q *Queries) GetHumanPhone(ctx context.Context, userID string, queries ...S
func (q *Queries) GeNotifyUser(ctx context.Context, shouldTriggered bool, userID string, queries ...SearchQuery) (*NotifyUser, error) {
if shouldTriggered {
projection.UserProjection.TriggerBulk(ctx)
projection.LoginNameProjection.TriggerBulk(ctx)
}
instanceID := authz.GetInstance(ctx).InstanceID()

57
internal/telemetry/metrics/config/config.go
View File

@ -1,65 +1,30 @@
package config
import (
"encoding/json"
"github.com/zitadel/zitadel/internal/errors"
"github.com/zitadel/zitadel/internal/telemetry/metrics"
"github.com/zitadel/zitadel/internal/telemetry/metrics/otel"
)
type MetricsConfig struct {
type Config struct {
Type string
Config metrics.Config
Config map[string]interface{} `mapstructure:",remain"`
}
var meter = map[string]func() metrics.Config{
"otel": func() metrics.Config { return &otel.Config{} },
"none": func() metrics.Config { return &NoMetrics{} },
"": func() metrics.Config { return &NoMetrics{} },
var meter = map[string]func(map[string]interface{}) error{
"otel": otel.NewTracerFromConfig,
"none": NoMetrics,
"": NoMetrics,
}
func (c *MetricsConfig) UnmarshalJSON(data []byte) error {
var rc struct {
Type string
Config json.RawMessage
}
if err := json.Unmarshal(data, &rc); err != nil {
return errors.ThrowInternal(err, "METER-4M9so", "error parsing config")
}
c.Type = rc.Type
var err error
c.Config, err = newMetricsConfig(c.Type, rc.Config)
if err != nil {
return err
}
return c.Config.NewMetrics()
}
func newMetricsConfig(tracerType string, configData []byte) (metrics.Config, error) {
t, ok := meter[tracerType]
func (c *Config) NewMeter() error {
t, ok := meter[c.Type]
if !ok {
return nil, errors.ThrowInternalf(nil, "METER-3M0ps", "config type %s not supported", tracerType)
return errors.ThrowInternalf(nil, "METER-Dfqsx", "config type %s not supported", c.Type)
}
metricsConfig := t()
if len(configData) == 0 {
return metricsConfig, nil
}
if err := json.Unmarshal(configData, metricsConfig); err != nil {
return nil, errors.ThrowInternal(err, "METER-4M9sf", "Could not read config: %v")
}
return metricsConfig, nil
return t(c.Config)
}
type NoMetrics struct{}
func (_ *NoMetrics) NewMetrics() error {
func NoMetrics(_ map[string]interface{}) error {
return nil
}

4
internal/telemetry/metrics/metrics.go
View File

@ -26,10 +26,6 @@ type Metrics interface {
RegisterValueObserver(name, description string, callbackFunc metric.Int64ObserverFunc) error
}
type Config interface {
NewMetrics() error
}
var M Metrics
func GetExporter() http.Handler {

6
internal/telemetry/metrics/otel/config.go
View File

@ -8,6 +8,12 @@ type Config struct {
MeterName string
}
func NewTracerFromConfig(rawConfig map[string]interface{}) (err error) {
c := new(Config)
c.MeterName, _ = rawConfig["metername"].(string)
return c.NewMetrics()
}
func (c *Config) NewMetrics() (err error) {
metrics.M, err = NewMetrics(c.MeterName)
return err

6
internal/telemetry/metrics/otel/open_telemetry.go
View File

@ -15,6 +15,7 @@ import (
caos_errs "github.com/zitadel/zitadel/internal/errors"
"github.com/zitadel/zitadel/internal/telemetry/metrics"
otel_resource "github.com/zitadel/zitadel/internal/telemetry/otel"
)
type Metrics struct {
@ -26,6 +27,10 @@ type Metrics struct {
}
func NewMetrics(meterName string) (metrics.Metrics, error) {
resource, err := otel_resource.ResourceWithService()
if err != nil {
return nil, err
}
exporter, err := prometheus.New(
prometheus.Config{},
controller.New(
@ -34,6 +39,7 @@ func NewMetrics(meterName string) (metrics.Metrics, error) {
aggregation.CumulativeTemporalitySelector(),
processor.WithMemory(true),
),
controller.WithResource(resource),
),
)
if err != nil {

25
internal/telemetry/otel/resource.go Normal file
View File

@ -0,0 +1,25 @@
package otel
import (
"go.opentelemetry.io/otel/attribute"
"go.opentelemetry.io/otel/sdk/resource"
semconv "go.opentelemetry.io/otel/semconv/v1.7.0"
"github.com/zitadel/zitadel/cmd/build"
)
func ResourceWithService() (*resource.Resource, error) {
attributes := []attribute.KeyValue{
semconv.ServiceNameKey.String("ZITADEL"),
}
if build.Version() != "" {
attributes = append(attributes, semconv.ServiceVersionKey.String(build.Version()))
}
return resource.Merge(
resource.Default(),
resource.NewWithAttributes(
semconv.SchemaURL,
attributes...,
),
)
}

11
internal/telemetry/tracing/otel/open_telemetry.go
View File

@ -6,11 +6,10 @@ import (
"go.opentelemetry.io/otel"
"go.opentelemetry.io/otel/propagation"
"go.opentelemetry.io/otel/sdk/resource"
sdk_trace "go.opentelemetry.io/otel/sdk/trace"
semconv "go.opentelemetry.io/otel/semconv/v1.7.0"
api_trace "go.opentelemetry.io/otel/trace"
otel_resource "github.com/zitadel/zitadel/internal/telemetry/otel"
"github.com/zitadel/zitadel/internal/telemetry/tracing"
)
@ -20,13 +19,7 @@ type Tracer struct {
}
func NewTracer(sampler sdk_trace.Sampler, exporter sdk_trace.SpanExporter) (*Tracer, error) {
resource, err := resource.Merge(
resource.Default(),
resource.NewWithAttributes(
semconv.SchemaURL,
semconv.ServiceNameKey.String("ZITADEL"),
),
)
resource, err := otel_resource.ResourceWithService()
if err != nil {
return nil, err
}

2
proto/zitadel/admin.proto
View File

@ -3099,6 +3099,8 @@ message SetUpOrgRequest {
// oneof field for the user managing the organisation
Human human = 2;
}
// specify Org Member Roles for the provided user (default is ORG_OWNER if roles are empty)
repeated string roles = 3;
}
message SetUpOrgResponse {