TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-11 18:17:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

add basic config and change i18n pkg

Browse Source
This commit is contained in:
Livio Amstutz
2020-03-25 07:58:58 +01:00
parent 96b88f5d8c
commit 5cd9ca506a
21 changed files with 515 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

295
cmd/zitadel/authz.yaml Normal file
View File

@@ -0,0 +1,295 @@
AuthZ:
RolePermissionMappings:
- Role: 'IAM_OWNER'
Permissions:
- "org.read"
- "org.write"
- "org.member.read"
- "org.member.write"
- "org.member.delete"
- "user.read"
- "user.write"
- "user.delete"
- "user.grant.read"
- "user.grant.write"
- "policy.read"
- "policy.write"
- "policy.delete"
- "project.read"
- "project.write"
- "project.member.read"
- "project.member.write"
- "project.member.delete"
- "project.role.read"
- "project.role.write"
- "project.role.delete"
- "project.app.read"
- "project.app.write"
- "project.grant.read"
- "project.grant.write"
- "project.grant.member.read"
- "project.grant.member.write"
- "project.grant.member.delete"
- Role: 'ORG_OWNER'
Permissions:
- "org.read"
- "org.write"
- "org.member.read"
- "org.member.write"
- "org.member.delete"
- "user.read"
- "user.write"
- "user.delete"
- "user.grant.read"
- "user.grant.write"
- "policy.read"
- "policy.write"
- "policy.delete"
- "project.read"
- "project.write"
- "project.member.read"
- "project.member.write"
- "project.member.delete"
- "project.role.read"
- "project.role.write"
- "project.role.delete"
- "project.app.read"
- "project.app.write"
- "project.grant.read"
- "project.grant.write"
- "project.grant.member.read"
- "project.grant.member.write"
- "project.grant.member.delete"
- Role: 'ORG_EDITOR'
Permissions:
- "org.read"
- "org.write"
- Role: 'ORG_VIEWER'
Permissions:
- "org.read"
- Role: 'ORG_MEMBER_EDITOR'
Permissions:
- "org.read"
- "org.member.read"
- "org.member.write"
- "org.member.delete"
- Role: 'ORG_MEMBER_VIEWER'
Permissions:
- "org.read"
- "org.member.read"
- Role: 'ORG_PROJECT_CREATOR'
Permissions:
- "project.read:self"
- "project.write"
- Role: 'ORG_PROJECT_EDITOR'
Permissions:
- "project.read"
- "project.write"
- "project.member.read"
- "project.member.write"
- "project.member.delete"
- "project.role.read"
- "project.role.write"
- "project.role.delete"
- "project.app.read"
- "project.app.write"
- "project.grant.read"
- "project.grant.write"
- "project.grant.member.read"
- "project.grant.member.write"
- "project.grant.member.delete"
- Role: 'ORG_PROJECT_VIEWER'
Permissions:
- "project.read"
- "project.member.read"
- "project.role.read"
- "project.app.read"
- "project.grant.read"
- "project.grant.member.read"
- Role: 'ORG_PROJECT_MEMBER_EDITOR'
Permissions:
- "project.read"
- "project.member.read"
- "project.member.write"
- "project.grant.member.delete"
- Role: 'ORG_PROJECT_MEMBER_VIEWER'
Permissions:
- "project.read"
- "project.member.read"
- Role: 'ORG_PROJECT_ROLE_EDITOR'
Permissions:
- "project.read"
- "project.role.read"
- "project.role.write"
- "project.role.delete"
- Role: 'ORG_PROJECT_ROLE_VIEWER'
Permissions:
- "project.read"
- "project.role.read"
- Role: 'ORG_PROJECT_APP_EDITOR'
Permissions:
- "project.read"
- "project.app.read"
- "project.app.write"
- Role: 'ORG_PROJECT_APP_VIEWER'
Permissions:
- "project.read"
- "project.app.read"
- Role: 'ORG_PROJECT_GRANT_EDITOR'
Permissions:
- "project.read"
- "project.grant.read"
- "project.grant.write"
- "project.grant.member.read"
- "project.grant.member.write"
- "project.grant.member.delete"
- Role: 'ORG_PROJECT_GRANT_VIEWER'
Permissions:
- "project.read"
- "project.grant.read"
- Role: 'ORG_PROJECT_GRANT_MEMBER_EDITOR'
Permissions:
- "project.read"
- "project.grant.read"
- "project.grant.member.read"
- "project.grant.member.write"
- "project.grant.member.delete"
- Role: 'ORG_PROJECT_GRANT_MEMBER_VIEWER'
Permissions:
- "project.read"
- "project.grant.read"
- "project.grant.member.read"
- Role: 'ORG_USER_EDITOR'
Permissions:
- "user.read"
- "user.write"
- "user.delete"
- Role: 'ORG_USER_VIEWER'
Permissions:
- "user.read"
- Role: 'ORG_USER_GRANT_EDITOR'
Permissions:
- "user.read"
- "user.grant.read"
- "user.grant.write"
- "project.read"
- Role: 'ORG_USER_GRANT_VIEWER'
Permissions:
- "user.read"
- "user.grant.read"
- Role: 'ORG_POLICY_EDITOR'
Permissions:
- "policy.read"
- "policy.write"
- "policy.delete"
- Role: 'ORG_POLICY_VIEWER'
Permissions:
- "policy.read"
- Role: 'PROJECT_OWNER'
Permissions:
- "project.read"
- "project.write"
- "project.member.read"
- "project.member.write"
- "project.member.delete"
- "project.role.read"
- "project.role.write"
- "project.role.delete"
- "project.app.read"
- "project.app.write"
- "project.grant.read"
- "project.grant.write"
- "project.grant.member.read"
- "project.grant.member.write"
- "project.grant.member.delete"
- "project.user.grant.read"
- "project.user.grant.write"
- "project.user.grant.delete"
- Role: 'PROJECT_MEMBER_EDITOR'
Permissions:
- "project.read"
- "project.member.read"
- "project.member.write"
- "project.member.delete"
- Role: 'PROJECT_MEMBER_VIEWER'
Permissions:
- "project.read"
- "project.member.read"
- Role: 'PROJECT_ROLE_EDITOR'
Permissions:
- "project.read"
- "project.role.read"
- "project.role.write"
- "project.role.delete"
- Role: 'PROJECT_APP_EDITOR'
Permissions:
- "project.read"
- "project.app.read"
- "project.app.write"
- Role: 'PROJECT_APP_VIEWER'
Permissions:
- "project.read"
- "project.app.read"
- Role: 'PROJECT_GRANT_EDITOR'
Permissions:
- "project.read"
- "project.grant.read"
- "project.grant.write"
- Role: 'PROJECT_GRANT_VIEWER'
Permissions:
- "project.read"
- "project.grant.read"
- Role: 'PROJECT_GRANT_MEMBER_EDITOR'
Permissions:
- "project.read"
- "project.grant.read"
- "project.grant.member.read"
- "project.grant.member.write"
- "project.grant.member.delete"
- Role: 'PROJECT_GRANT_MEMBER_VIEWER'
Permissions:
- "project.read"
- "project.grant.read"
- "project.grant.member.read"
- Role: 'PROJECT_USER_GRANT_EDITOR'
Permissions:
- "project.read"
- "project.user.grant.read"
- "project.user.grant.write"
- "project.user.grant.delete"
- Role: 'PROJECT_USER_GRANT_VIEWER'
Permissions:
- "project.read"
- "project.user.grant.read"
- Role: 'PROJECT_GRANT_OWNER'
Permissions:
- "project.read"
- "project.grant.read"
- "project.grant.write"
- "project.grant.member.read"
- "project.grant.member.write"
- "project.grant.member.delete"
- Role: 'PROJECT_GRANT_MEMBER_EDITOR'
Permissions:
- "project.read"
- "project.grant.read"
- "project.grant.member.read"
- "project.grant.member.write"
- "project.grant.member.delete"
- Role: 'PROJECT_GRANT_MEMBER_VIEWER'
Permissions:
- "project.read"
- "project.grant.read"
- "project.grant.member.read"
- Role: 'PROJECT_GRANT_USER_GRANT_EDITOR'
Permissions:
- "project.read"
- "project.grant.read"
- "project.grant.user.grant.read"
- "project.grant.user.grant.write"
- "project.grant.user.grant.delete"
- Role: 'PROJECT_GRANT_USER_GRANT_VIEWER'
Permissions:
- "project.read"
- "project.grant.read"
- "project.grant.user.grant.read"

38
cmd/zitadel/main.go
View File

@@ -6,45 +6,63 @@ import (
"github.com/caos/logging"
authz "github.com/caos/zitadel/internal/api/auth"
"github.com/caos/zitadel/internal/config"
"github.com/caos/zitadel/pkg/admin"
"github.com/caos/zitadel/pkg/auth"
"github.com/caos/zitadel/pkg/eventstore"
"github.com/caos/zitadel/pkg/console"
"github.com/caos/zitadel/pkg/login"
"github.com/caos/zitadel/pkg/management"
)
type Config struct {
Eventstore eventstore.Config
Management management.Config
Auth auth.Config
Admin admin.Config
Mgmt *management.Config
Auth *auth.Config
Login *login.Config
Admin *admin.Config
Console *console.Config
//Log
//Tracing tracing.TracingConfig
AuthZ *authz.Config
}
func main() {
configPath := flag.String("config-file", "/zitadel/config/startup.yaml", "path to the config file")
var configPaths config.ArrayFlags
flag.Var(&configPaths, "config-files", "path to the config files")
managementEnabled := flag.Bool("management", true, "enable management api")
authEnabled := flag.Bool("auth", true, "enable auth api")
loginEnabled := flag.Bool("login", true, "enable login ui")
adminEnabled := flag.Bool("admin", true, "enable admin api")
consoleEnabled := flag.Bool("console", true, "enable console ui")
flag.Parse()
conf := new(Config)
err := config.Read(conf, *configPath)
err := config.Read(conf, configPaths...)
logging.Log("MAIN-FaF2r").OnError(err).Fatal("cannot read config")
ctx := context.Background()
if *managementEnabled {
err = management.Start(ctx, conf.Management)
err = management.Start(ctx, conf.Mgmt, conf.AuthZ)
logging.Log("MAIN-39Nv5").OnError(err).Fatal("error starting management api")
}
if *authEnabled {
err = auth.Start(ctx, conf.Auth)
err = auth.Start(ctx, conf.Auth, conf.AuthZ)
logging.Log("MAIN-x0nD2").OnError(err).Fatal("error starting auth api")
}
if *loginEnabled {
err = login.Start(ctx, conf.Login)
logging.Log("MAIN-53RF2").OnError(err).Fatal("error starting login ui")
}
if *adminEnabled {
err = admin.Start(ctx, conf.Admin)
err = admin.Start(ctx, conf.Admin, conf.AuthZ)
logging.Log("MAIN-0na71").OnError(err).Fatal("error starting admin api")
}
if *consoleEnabled {
err = console.Start(ctx, conf.Console)
logging.Log("MAIN-3Dfuc").OnError(err).Fatal("error starting console ui")
}
<-ctx.Done()
logging.Log("MAIN-s8d2h").Info("stopping zitadel")
}

44
cmd/zitadel/startup.yaml Normal file
View File

@@ -0,0 +1,44 @@
Tracing:
Type: google
Config:
ProjectID: $TRACING_PROJECT_ID
MetricPrefix: ZITADEL-V1
Fraction: 1
Log:
Level: debug
Formatter: text
Mgmt:
API:
GRPC:
ServerPort: 60020
GatewayPort: 60021
SearchLimit: 100
CustomHeaders:
- x-caos-
Auth:
API:
GRPC:
ServerPort: 60050
GatewayPort: 60051
SearchLimit: 100
CustomHeaders:
- x-caos-
Login:
Admin:
API:
GRPC:
ServerPort: 60090
GatewayPort: 60091
SearchLimit: 100
CustomHeaders:
- x-caos-
Console:
Port: '9090'
StaticDir: '/app/console/dist'