fixup! fixup! fixup! Merge branch 'main' into fix_adding_org_same_id_twice

2025-08-12 04:07:31 +00:00 · 2025-07-02 15:36:04 +02:00
parent 726c1d15b2 8c39779533
commit 9178e49f69
449 changed files with 41328 additions and 119 deletions
--- a/cmd/setup/03.go
+++ b/cmd/setup/03.go
@@ -20,12 +20,13 @@ import (
 )

 type FirstInstance struct {
-	InstanceName    string
-	DefaultLanguage language.Tag
-	Org             command.InstanceOrgSetup
-	MachineKeyPath  string
-	PatPath         string
-	Features        *command.InstanceFeatures
+	InstanceName       string
+	DefaultLanguage    language.Tag
+	Org                command.InstanceOrgSetup
+	MachineKeyPath     string
+	PatPath            string
+	LoginClientPatPath string
+	Features           *command.InstanceFeatures

 	Skip bool

@@ -121,16 +122,18 @@ func (mig *FirstInstance) Execute(ctx context.Context, _ eventstore.Event) error
 		}
 	}

-	_, token, key, _, err := cmd.SetUpInstance(ctx, &mig.instanceSetup)
+	_, token, key, loginClientToken, _, err := cmd.SetUpInstance(ctx, &mig.instanceSetup)
 	if err != nil {
 		return err
 	}
-	if mig.instanceSetup.Org.Machine != nil &&
+	if (mig.instanceSetup.Org.Machine != nil &&
 		((mig.instanceSetup.Org.Machine.Pat != nil && token == "") ||
-			(mig.instanceSetup.Org.Machine.MachineKey != nil && key == nil)) {
+			(mig.instanceSetup.Org.Machine.MachineKey != nil && key == nil))) ||
+		(mig.instanceSetup.Org.LoginClient != nil &&
+			(mig.instanceSetup.Org.LoginClient.Pat != nil && loginClientToken == "")) {
 		return err
 	}
-	return mig.outputMachineAuthentication(key, token)
+	return mig.outputMachineAuthentication(key, token, loginClientToken)
 }

 func (mig *FirstInstance) verifyEncryptionKeys(ctx context.Context) (*crypto_db.Database, error) {
@@ -150,7 +153,7 @@ func (mig *FirstInstance) verifyEncryptionKeys(ctx context.Context) (*crypto_db.
 	return keyStorage, nil
 }

-func (mig *FirstInstance) outputMachineAuthentication(key *command.MachineKey, token string) error {
+func (mig *FirstInstance) outputMachineAuthentication(key *command.MachineKey, token, loginClientToken string) error {
 	if key != nil {
 		keyDetails, err := key.Detail()
 		if err != nil {
@@ -165,6 +168,11 @@ func (mig *FirstInstance) outputMachineAuthentication(key *command.MachineKey, t
 			return err
 		}
 	}
+	if loginClientToken != "" {
+		if err := outputStdoutOrPath(mig.LoginClientPatPath, loginClientToken); err != nil {
+			return err
+		}
+	}
 	return nil
 }

--- a/cmd/setup/60.go
+++ b/cmd/setup/60.go
@@ -0,0 +1,27 @@
+package setup
+
+import (
+	"context"
+	_ "embed"
+
+	"github.com/zitadel/zitadel/internal/eventstore"
+	"github.com/zitadel/zitadel/internal/serviceping"
+	"github.com/zitadel/zitadel/internal/v2/system"
+)
+
+type GenerateSystemID struct {
+	eventstore *eventstore.Eventstore
+}
+
+func (mig *GenerateSystemID) Execute(ctx context.Context, _ eventstore.Event) error {
+	id, err := serviceping.GenerateSystemID()
+	if err != nil {
+		return err
+	}
+	_, err = mig.eventstore.Push(ctx, system.NewIDGeneratedEvent(ctx, id))
+	return err
+}
+
+func (mig *GenerateSystemID) String() string {
+	return "60_generate_system_id"
+}
--- a/cmd/setup/config.go
+++ b/cmd/setup/config.go
@@ -156,6 +156,7 @@ type Steps struct {
 	s57CreateResourceCounts                 *CreateResourceCounts
 	s58ReplaceLoginNames3View               *ReplaceLoginNames3View
 	s59SetupWebkeys                         *SetupWebkeys
+	s60GenerateSystemID                     *GenerateSystemID
 	s61AddUIDniqueConstraintsForOrgs        *AddIDUniqueConstraintsForOrgs
 }

--- a/cmd/setup/setup.go
+++ b/cmd/setup/setup.go
@@ -217,6 +217,7 @@ func Setup(ctx context.Context, config *Config, steps *Steps, masterKey string)
 	steps.s56IDPTemplate6SAMLFederatedLogout = &IDPTemplate6SAMLFederatedLogout{dbClient: dbClient}
 	steps.s57CreateResourceCounts = &CreateResourceCounts{dbClient: dbClient}
 	steps.s58ReplaceLoginNames3View = &ReplaceLoginNames3View{dbClient: dbClient}
+	steps.s60GenerateSystemID = &GenerateSystemID{eventstore: eventstoreClient}
 	steps.s61AddUIDniqueConstraintsForOrgs = &AddIDUniqueConstraintsForOrgs{eventstore: eventstoreClient, dbClient: dbClient}

 	err = projection.Create(ctx, dbClient, eventstoreClient, config.Projections, nil, nil, nil)
@@ -265,6 +266,7 @@ func Setup(ctx context.Context, config *Config, steps *Steps, masterKey string)
 		steps.s56IDPTemplate6SAMLFederatedLogout,
 		steps.s57CreateResourceCounts,
 		steps.s58ReplaceLoginNames3View,
+		steps.s60GenerateSystemID,
 		steps.s61AddUIDniqueConstraintsForOrgs,
 	} {
 		setupErr = executeMigration(ctx, eventstoreClient, step, "migration failed")
--- a/cmd/setup/steps.yaml
+++ b/cmd/setup/steps.yaml
@@ -6,6 +6,7 @@ FirstInstance:
  MachineKeyPath: # ZITADEL_FIRSTINSTANCE_MACHINEKEYPATH
  # The personal access token from the section FirstInstance.Org.Machine.Pat is written to the PatPath.
  PatPath: # ZITADEL_FIRSTINSTANCE_PATPATH
+  LoginClientPatPath: # ZITADEL_FIRSTINSTANCE_LOGINCLIENTPATPATH
  InstanceName: ZITADEL # ZITADEL_FIRSTINSTANCE_INSTANCENAME
  DefaultLanguage: en # ZITADEL_FIRSTINSTANCE_DEFAULTLANGUAGE
  Org:
@@ -46,6 +47,13 @@ FirstInstance:
      Pat:
        # date format: 2023-01-01T00:00:00Z
        ExpirationDate: # ZITADEL_FIRSTINSTANCE_ORG_MACHINE_PAT_EXPIRATIONDATE
+    LoginClient:
+      Machine:
+        Username: # ZITADEL_FIRSTINSTANCE_ORG_LOGINCLIENT_MACHINE_USERNAME
+        Name: # ZITADEL_FIRSTINSTANCE_ORG_LOGINCLIENT_MACHINE_NAME
+      Pat:
+        # date format: 2023-01-01T00:00:00Z
+        ExpirationDate: # ZITADEL_FIRSTINSTANCE_ORG_LOGINCLIENT_PAT_EXPIRATIONDATE

 CorrectCreationDate:
  FailAfter: 5m # ZITADEL_CORRECTCREATIONDATE_FAILAFTER