feat: System api (#3461)

* feat: start system api * feat: remove auth * feat: change gitignore * feat: run system api * feat: remove clear view form admin api * feat: search instances * feat: add instance * fix: set primary domain * Update .gitignore * fix: add instance * fix: add instance * fix: handle errors * fix: handle instance name * fix: test Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2025-10-27 15:11:00 +00:00 · 2022-04-21 12:37:39 +02:00
parent a7816a43b1
commit 3d5891eb11
40 changed files with 1216 additions and 485 deletions
--- a/cmd/admin/setup/03.go
+++ b/cmd/admin/setup/03.go
@@ -24,6 +24,8 @@ type DefaultInstance struct {
 	domain            string
 	defaults          systemdefaults.SystemDefaults
 	zitadelRoles      []authz.RoleMapping
+	baseURL           string
+	externalSecure    bool
 }

 func (mig *DefaultInstance) Execute(ctx context.Context) error {
@@ -45,7 +47,8 @@ func (mig *DefaultInstance) Execute(ctx context.Context) error {
 		mig.zitadelRoles,
 		nil,
 		nil,
-		webauthn_helper.Config{},
+		//TODO: Livio will fix this, but it ZITADEL doesn't run without this
+		webauthn_helper.Config{DisplayName: "HELLO LIVIO", ID: "RPID"},
 		nil,
 		nil,
 		nil,
@@ -54,8 +57,12 @@ func (mig *DefaultInstance) Execute(ctx context.Context) error {
 		nil,
 		nil)

+	if err != nil {
+		return err
+	}
 	ctx = authz.WithRequestedDomain(ctx, mig.domain)
-	_, err = cmd.SetUpInstance(ctx, &mig.InstanceSetup)
+
+	_, _, err = cmd.SetUpInstance(ctx, &mig.InstanceSetup, mig.externalSecure, mig.baseURL)
 	return err
 }

--- a/cmd/admin/setup/config.go
+++ b/cmd/admin/setup/config.go
@@ -4,6 +4,7 @@ import (
 	"bytes"

 	"github.com/caos/logging"
+	"github.com/caos/zitadel/internal/command"
 	"github.com/mitchellh/mapstructure"
 	"github.com/spf13/viper"

@@ -15,20 +16,27 @@ import (
 )

 type Config struct {
-	Database       database.Config
-	SystemDefaults systemdefaults.SystemDefaults
-	InternalAuthZ  authz.Config
-	ExternalPort   uint16
-	ExternalDomain string
-	ExternalSecure bool
-	Log            *logging.Config
-	EncryptionKeys *encryptionKeyConfig
+	Database        database.Config
+	SystemDefaults  systemdefaults.SystemDefaults
+	InternalAuthZ   authz.Config
+	ExternalPort    uint16
+	ExternalDomain  string
+	ExternalSecure  bool
+	Log             *logging.Config
+	EncryptionKeys  *encryptionKeyConfig
+	DefaultInstance command.InstanceSetup
 }

 func MustNewConfig(v *viper.Viper) *Config {
 	config := new(Config)
-	err := v.Unmarshal(config)
-	logging.OnError(err).Fatal("unable to read config")
+	err := v.Unmarshal(config,
+		viper.DecodeHook(mapstructure.ComposeDecodeHookFunc(
+			hook.Base64ToBytesHookFunc(),
+			hook.TagToLanguageHookFunc(),
+			mapstructure.StringToTimeDurationHookFunc(),
+			mapstructure.StringToSliceHookFunc(","),
+		)),
+	)

 	err = config.Log.SetLogger()
 	logging.OnError(err).Fatal("unable to set logger")
--- a/cmd/admin/setup/setup.go
+++ b/cmd/admin/setup/setup.go
@@ -51,6 +51,12 @@ func Setup(config *Config, steps *Steps, masterKey string) {
 	steps.s1ProjectionTable = &ProjectionTable{dbClient: dbClient}
 	steps.s2AssetsTable = &AssetTable{dbClient: dbClient}

+	instanceSetup := config.DefaultInstance
+	instanceSetup.InstanceName = steps.S3DefaultInstance.InstanceSetup.InstanceName
+	instanceSetup.CustomDomain = steps.S3DefaultInstance.InstanceSetup.CustomDomain
+	instanceSetup.Org = steps.S3DefaultInstance.InstanceSetup.Org
+	steps.S3DefaultInstance.InstanceSetup = instanceSetup
+
 	steps.S3DefaultInstance.InstanceSetup.Org.Human.Email.Address = strings.TrimSpace(steps.S3DefaultInstance.InstanceSetup.Org.Human.Email.Address)
 	if steps.S3DefaultInstance.InstanceSetup.Org.Human.Email.Address == "" {
 		steps.S3DefaultInstance.InstanceSetup.Org.Human.Email.Address = "admin@" + config.ExternalDomain
@@ -63,13 +69,14 @@ func Setup(config *Config, steps *Steps, masterKey string) {
 	steps.S3DefaultInstance.domain = config.ExternalDomain
 	steps.S3DefaultInstance.zitadelRoles = config.InternalAuthZ.RolePermissionMappings
 	steps.S3DefaultInstance.userEncryptionKey = config.EncryptionKeys.User
-	steps.S3DefaultInstance.InstanceSetup.Zitadel.IsDevMode = !config.ExternalSecure
-	steps.S3DefaultInstance.InstanceSetup.Zitadel.BaseURL = http_util.BuildHTTP(config.ExternalDomain, config.ExternalPort, config.ExternalSecure)
-	steps.S3DefaultInstance.InstanceSetup.Zitadel.IsDevMode = !config.ExternalSecure
-	steps.S3DefaultInstance.InstanceSetup.Zitadel.BaseURL = http_util.BuildHTTP(config.ExternalDomain, config.ExternalPort, config.ExternalSecure)
+	steps.S3DefaultInstance.externalSecure = config.ExternalSecure
+	steps.S3DefaultInstance.baseURL = http_util.BuildHTTP(config.ExternalDomain, config.ExternalPort, config.ExternalSecure)

 	ctx := context.Background()
-	migration.Migrate(ctx, eventstoreClient, steps.s1ProjectionTable)
-	migration.Migrate(ctx, eventstoreClient, steps.s2AssetsTable)
-	migration.Migrate(ctx, eventstoreClient, steps.S3DefaultInstance)
+	err = migration.Migrate(ctx, eventstoreClient, steps.s1ProjectionTable)
+	logging.OnError(err).Fatal("unable to migrate step 1")
+	err = migration.Migrate(ctx, eventstoreClient, steps.s2AssetsTable)
+	logging.OnError(err).Fatal("unable to migrate step 3")
+	err = migration.Migrate(ctx, eventstoreClient, steps.S3DefaultInstance)
+	logging.OnError(err).Fatal("unable to migrate step 4")
 }
--- a/cmd/admin/setup/steps.yaml
+++ b/cmd/admin/setup/steps.yaml