feat(cli): setup (#3267)

* commander * commander * selber! * move to packages * fix(errors): implement Is interface * test: command * test: commands * add init steps * setup tenant * add default step yaml * possibility to set password * merge v2 into v2-commander * fix: rename iam command side to instance * fix: rename iam command side to instance * fix: rename iam command side to instance * fix: rename iam command side to instance * fix: search query builder can filter events in memory * fix: filters for add member * fix(setup): add `ExternalSecure` to config * chore: name iam to instance * fix: matching * remove unsued func * base url * base url * test(command): filter funcs * test: commands * fix: rename orgiampolicy to domain policy * start from init * commands * config * fix indexes and add constraints * fixes * fix: merge conflicts * fix: protos * fix: md files * setup * add deprecated org iam policy again * typo * fix search query * fix filter * Apply suggestions from code review * remove custom org from org setup * add todos for verification * change apps creation * simplify package structure * fix error * move preparation helper for tests * fix unique constraints * fix config mapping in setup * fix error handling in encryption_keys.go * fix projection config * fix query from old views to projection * fix setup of mgmt api * set iam project and fix instance projection * imports Co-authored-by: Livio Amstutz <livio.a@gmail.com> Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2025-12-11 00:18:32 +00:00 · 2022-03-28 10:05:09 +02:00
parent 9d4f296c62
commit c5b99274d7
175 changed files with 5213 additions and 2212 deletions
--- a/cmd/admin/setup/01_projection_tables.go
+++ b/cmd/admin/setup/01_projection_tables.go
--- a/cmd/admin/setup/01_sql/adminapi.sql
+++ b/cmd/admin/setup/01_sql/adminapi.sql
@@ -3,27 +3,27 @@ CREATE SCHEMA adminapi;
 CREATE TABLE adminapi.locks (
    locker_id TEXT,
    locked_until TIMESTAMPTZ(3),
-    projection_name TEXT,
+    view_name TEXT,

-    PRIMARY KEY (projection_name)
+    PRIMARY KEY (view_name)
 );

 CREATE TABLE adminapi.current_sequences (
-    projection_name TEXT,
-    aggregate_type TEXT,
+    view_name TEXT,
    current_sequence BIGINT,
-    timestamp TIMESTAMPTZ,
+    event_timestamp TIMESTAMPTZ,
+    last_successful_spooler_run TIMESTAMPTZ,

-    PRIMARY KEY (projection_name, aggregate_type)
+    PRIMARY KEY (view_name)
 );

 CREATE TABLE adminapi.failed_events (
-    projection_name TEXT,
+    view_name TEXT,
    failed_sequence BIGINT,
    failure_count SMALLINT,
-    error TEXT,
+    err_msg TEXT,

-    PRIMARY KEY (projection_name, failed_sequence)
+    PRIMARY KEY (view_name, failed_sequence)
 );

 CREATE TABLE adminapi.styling (
--- a/cmd/admin/setup/01_sql/auth.sql
+++ b/cmd/admin/setup/01_sql/auth.sql
@@ -3,27 +3,27 @@ CREATE SCHEMA auth;
 CREATE TABLE auth.locks (
    locker_id TEXT,
    locked_until TIMESTAMPTZ(3),
-    projection_name TEXT,
+    view_name TEXT,

-    PRIMARY KEY (projection_name)
+    PRIMARY KEY (view_name)
 );

 CREATE TABLE auth.current_sequences (
-    projection_name TEXT,
-    aggregate_type TEXT,
+    view_name TEXT,
    current_sequence BIGINT,
-    timestamp TIMESTAMPTZ,
+    event_timestamp TIMESTAMPTZ,
+    last_successful_spooler_run TIMESTAMPTZ,

-    PRIMARY KEY (projection_name, aggregate_type)
+    PRIMARY KEY (view_name)
 );

 CREATE TABLE auth.failed_events (
-    projection_name TEXT,
+    view_name TEXT,
    failed_sequence BIGINT,
    failure_count SMALLINT,
-    error TEXT,
+    err_msg TEXT,

-    PRIMARY KEY (projection_name, failed_sequence)
+    PRIMARY KEY (view_name, failed_sequence)
 );

 CREATE TABLE auth.users (
--- a/cmd/admin/setup/01_sql/authz.sql
+++ b/cmd/admin/setup/01_sql/authz.sql
@@ -3,27 +3,27 @@ CREATE SCHEMA authz;
 CREATE TABLE authz.locks (
    locker_id TEXT,
    locked_until TIMESTAMPTZ(3),
-    projection_name TEXT,
+    view_name TEXT,

-    PRIMARY KEY (projection_name)
+    PRIMARY KEY (view_name)
 );

 CREATE TABLE authz.current_sequences (
-    projection_name TEXT,
-    aggregate_type TEXT,
+    view_name TEXT,
    current_sequence BIGINT,
-    timestamp TIMESTAMPTZ,
+    event_timestamp TIMESTAMPTZ,
+    last_successful_spooler_run TIMESTAMPTZ,

-    PRIMARY KEY (projection_name, aggregate_type)
+    PRIMARY KEY (view_name)
 );

 CREATE TABLE authz.failed_events (
-    projection_name TEXT,
+    view_name TEXT,
    failed_sequence BIGINT,
    failure_count SMALLINT,
-    error TEXT,
+    err_msg TEXT,

-    PRIMARY KEY (projection_name, failed_sequence)
+    PRIMARY KEY (view_name, failed_sequence)
 );

 CREATE TABLE authz.user_memberships (
--- a/cmd/admin/setup/01_sql/notification.sql
+++ b/cmd/admin/setup/01_sql/notification.sql
@@ -3,27 +3,27 @@ CREATE SCHEMA notification;
 CREATE TABLE notification.locks (
    locker_id TEXT,
    locked_until TIMESTAMPTZ(3),
-    projection_name TEXT,
+    view_name TEXT,

-    PRIMARY KEY (projection_name)
+    PRIMARY KEY (view_name)
 );

 CREATE TABLE notification.current_sequences (
-    projection_name TEXT,
-    aggregate_type TEXT,
+    view_name TEXT,
    current_sequence BIGINT,
-    timestamp TIMESTAMPTZ,
+    event_timestamp TIMESTAMPTZ,
+    last_successful_spooler_run TIMESTAMPTZ,

-    PRIMARY KEY (projection_name, aggregate_type)
+    PRIMARY KEY (view_name)
 );

 CREATE TABLE notification.failed_events (
-    projection_name TEXT,
+    view_name TEXT,
    failed_sequence BIGINT,
    failure_count SMALLINT,
-    error TEXT,
+    err_msg TEXT,

-    PRIMARY KEY (projection_name, failed_sequence)
+    PRIMARY KEY (view_name, failed_sequence)
 );

 CREATE TABLE notification.notify_users (
--- a/cmd/admin/setup/02.go
+++ b/cmd/admin/setup/02.go
@@ -0,0 +1,22 @@
+package setup
+
+import (
+	"context"
+
+	command "github.com/caos/zitadel/internal/command/v2"
+)
+
+type DefaultInstance struct {
+	cmd           *command.Command
+	InstanceSetup command.InstanceSetup
+}
+
+func (mig *DefaultInstance) Execute(ctx context.Context) error {
+	_, err := mig.cmd.SetUpInstance(ctx, &mig.InstanceSetup)
+
+	return err
+}
+
+func (mig *DefaultInstance) String() string {
+	return "02_default_instance"
+}
--- a/cmd/admin/setup/config.go
+++ b/cmd/admin/setup/config.go
@@ -1,13 +1,58 @@
 package setup

 import (
+	"bytes"
+
+	"github.com/caos/logging"
+	"github.com/mitchellh/mapstructure"
+	"github.com/spf13/viper"
+
+	"github.com/caos/zitadel/internal/api/authz"
+	"github.com/caos/zitadel/internal/config/hook"
+	"github.com/caos/zitadel/internal/config/systemdefaults"
 	"github.com/caos/zitadel/internal/database"
 )

 type Config struct {
-	Database database.Config
+	Database       database.Config
+	SystemDefaults systemdefaults.SystemDefaults
+	InternalAuthZ  authz.Config
+	ExternalPort   uint16
+	ExternalDomain string
+	ExternalSecure bool
+	Log            *logging.Config
+}
+
+func MustNewConfig(v *viper.Viper) *Config {
+	config := new(Config)
+	err := v.Unmarshal(config)
+	logging.OnError(err).Fatal("unable to read config")
+
+	err = config.Log.SetLogger()
+	logging.OnError(err).Fatal("unable to set logger")
+
+	return config
 }

 type Steps struct {
 	S1ProjectionTable *ProjectionTable
+	S2DefaultInstance *DefaultInstance
+}
+
+func MustNewSteps(v *viper.Viper) *Steps {
+	v.SetConfigType("yaml")
+	err := v.ReadConfig(bytes.NewBuffer(defaultSteps))
+	logging.OnError(err).Fatal("unable to read setup steps")
+
+	steps := new(Steps)
+	err = v.Unmarshal(steps,
+		viper.DecodeHook(mapstructure.ComposeDecodeHookFunc(
+			hook.Base64ToBytesHookFunc(),
+			hook.TagToLanguageHookFunc(),
+			mapstructure.StringToTimeDurationHookFunc(),
+			mapstructure.StringToSliceHookFunc(","),
+		)),
+	)
+	logging.OnError(err).Fatal("unable to read steps")
+	return steps
 }
--- a/cmd/admin/setup/setup.go
+++ b/cmd/admin/setup/setup.go
@@ -1,7 +1,6 @@
 package setup

 import (
-	"bytes"
 	"context"
 	_ "embed"

@@ -9,6 +8,8 @@ import (
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"

+	http_util "github.com/caos/zitadel/internal/api/http"
+	command "github.com/caos/zitadel/internal/command/v2"
 	"github.com/caos/zitadel/internal/database"
 	"github.com/caos/zitadel/internal/eventstore"
 	"github.com/caos/zitadel/internal/migration"
@@ -27,32 +28,30 @@ func New() *cobra.Command {
 Requirements:
 - cockroachdb`,
 		Run: func(cmd *cobra.Command, args []string) {
-			config := new(Config)
-			err := viper.Unmarshal(config)
-			logging.OnError(err).Fatal("unable to read config")
+			config := MustNewConfig(viper.GetViper())
+			steps := MustNewSteps(viper.New())

-			v := viper.New()
-			v.SetConfigType("yaml")
-			err = v.ReadConfig(bytes.NewBuffer(defaultSteps))
-			logging.OnError(err).Fatal("unable to read setup steps")
-
-			steps := new(Steps)
-			err = v.Unmarshal(steps)
-			logging.OnError(err).Fatal("unable to read steps")
-
-			setup(config, steps)
+			Setup(config, steps)
 		},
 	}
 }

-func setup(config *Config, steps *Steps) {
+func Setup(config *Config, steps *Steps) {
 	dbClient, err := database.Connect(config.Database)
 	logging.OnError(err).Fatal("unable to connect to database")

 	eventstoreClient, err := eventstore.Start(dbClient)
 	logging.OnError(err).Fatal("unable to start eventstore")
+	migration.RegisterMappers(eventstoreClient)

+	cmd := command.New(eventstoreClient, "localhost", config.SystemDefaults)
+
+	steps.S2DefaultInstance.cmd = cmd
 	steps.S1ProjectionTable = &ProjectionTable{dbClient: dbClient}
+	steps.S2DefaultInstance.InstanceSetup.Zitadel.IsDevMode = !config.ExternalSecure
+	steps.S2DefaultInstance.InstanceSetup.Zitadel.BaseURL = http_util.BuildHTTP(config.ExternalDomain, config.ExternalPort, config.ExternalSecure)

-	migration.Migrate(context.Background(), eventstoreClient, steps.S1ProjectionTable)
+	ctx := context.Background()
+	migration.Migrate(ctx, eventstoreClient, steps.S1ProjectionTable)
+	migration.Migrate(ctx, eventstoreClient, steps.S2DefaultInstance)
 }
--- a/cmd/admin/setup/steps.yaml
+++ b/cmd/admin/setup/steps.yaml