feat(cli): setup (#3267)

* commander * commander * selber! * move to packages * fix(errors): implement Is interface * test: command * test: commands * add init steps * setup tenant * add default step yaml * possibility to set password * merge v2 into v2-commander * fix: rename iam command side to instance * fix: rename iam command side to instance * fix: rename iam command side to instance * fix: rename iam command side to instance * fix: search query builder can filter events in memory * fix: filters for add member * fix(setup): add `ExternalSecure` to config * chore: name iam to instance * fix: matching * remove unsued func * base url * base url * test(command): filter funcs * test: commands * fix: rename orgiampolicy to domain policy * start from init * commands * config * fix indexes and add constraints * fixes * fix: merge conflicts * fix: protos * fix: md files * setup * add deprecated org iam policy again * typo * fix search query * fix filter * Apply suggestions from code review * remove custom org from org setup * add todos for verification * change apps creation * simplify package structure * fix error * move preparation helper for tests * fix unique constraints * fix config mapping in setup * fix error handling in encryption_keys.go * fix projection config * fix query from old views to projection * fix setup of mgmt api * set iam project and fix instance projection * imports Co-authored-by: Livio Amstutz <livio.a@gmail.com> Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2025-12-01 14:54:55 +00:00 · 2022-03-28 10:05:09 +02:00
parent 9d4f296c62
commit c5b99274d7
175 changed files with 5213 additions and 2212 deletions
--- a/cmd/admin/start/config.go
+++ b/cmd/admin/start/config.go
@@ -0,0 +1,66 @@
+package start
+
+import (
+	"github.com/caos/logging"
+	admin_es "github.com/caos/zitadel/internal/admin/repository/eventsourcing"
+	internal_authz "github.com/caos/zitadel/internal/api/authz"
+	"github.com/caos/zitadel/internal/api/http/middleware"
+	"github.com/caos/zitadel/internal/api/oidc"
+	"github.com/caos/zitadel/internal/api/ui/console"
+	"github.com/caos/zitadel/internal/api/ui/login"
+	auth_es "github.com/caos/zitadel/internal/auth/repository/eventsourcing"
+	"github.com/caos/zitadel/internal/authz"
+	"github.com/caos/zitadel/internal/config/systemdefaults"
+	"github.com/caos/zitadel/internal/crypto"
+	"github.com/caos/zitadel/internal/database"
+	"github.com/caos/zitadel/internal/notification"
+	"github.com/caos/zitadel/internal/query/projection"
+	static_config "github.com/caos/zitadel/internal/static/config"
+	"github.com/spf13/viper"
+)
+
+type Config struct {
+	Log             *logging.Config
+	Port            uint16
+	ExternalPort    uint16
+	ExternalDomain  string
+	ExternalSecure  bool
+	Database        database.Config
+	Projections     projection.Config
+	AuthZ           authz.Config
+	Auth            auth_es.Config
+	Admin           admin_es.Config
+	UserAgentCookie *middleware.UserAgentCookieConfig
+	OIDC            oidc.Config
+	Login           login.Config
+	Console         console.Config
+	Notification    notification.Config
+	AssetStorage    static_config.AssetStorageConfig
+	InternalAuthZ   internal_authz.Config
+	SystemDefaults  systemdefaults.SystemDefaults
+	EncryptionKeys  *encryptionKeyConfig
+}
+
+func MustNewConfig(v *viper.Viper) *Config {
+	config := new(Config)
+
+	err := v.Unmarshal(config)
+	logging.OnError(err).Fatal("unable to read config")
+
+	err = config.Log.SetLogger()
+	logging.OnError(err).Fatal("unable to set logger")
+
+	return config
+}
+
+type encryptionKeyConfig struct {
+	DomainVerification   *crypto.KeyConfig
+	IDPConfig            *crypto.KeyConfig
+	OIDC                 *crypto.KeyConfig
+	OTP                  *crypto.KeyConfig
+	SMS                  *crypto.KeyConfig
+	SMTP                 *crypto.KeyConfig
+	User                 *crypto.KeyConfig
+	CSRFCookieKeyID      string
+	UserAgentCookieKeyID string
+}
--- a/cmd/admin/start/encryption_keys.go
+++ b/cmd/admin/start/encryption_keys.go
@@ -35,7 +35,7 @@ type encryptionKeys struct {
 func ensureEncryptionKeys(keyConfig *encryptionKeyConfig, keyStorage crypto.KeyStorage) (*encryptionKeys, error) {
 	keys, err := keyStorage.ReadKeys()
 	if err != nil {
-		return nil, nil
+		return nil, err
 	}
 	if len(keys) == 0 {
 		if err := createDefaultKeys(keyStorage); err != nil {
--- a/cmd/admin/start/flags.go
+++ b/cmd/admin/start/flags.go
@@ -0,0 +1,31 @@
+package start
+
+import (
+	"github.com/spf13/cobra"
+	"github.com/spf13/viper"
+)
+
+func startFlags(cmd *cobra.Command) {
+	bindUint16Flag(cmd, "port", "port to run ZITADEL on")
+	bindStringFlag(cmd, "externalDomain", "domain ZITADEL will be exposed on")
+	bindStringFlag(cmd, "externalPort", "port ZITADEL will be exposed on")
+	bindBoolFlag(cmd, "externalSecure", "if ZITADEL will be served on HTTPS")
+
+	cmd.PersistentFlags().String(flagMasterKey, "", "masterkey for en/decryption keys")
+
+}
+
+func bindStringFlag(cmd *cobra.Command, name, description string) {
+	cmd.PersistentFlags().String(name, viper.GetString(name), description)
+	viper.BindPFlag(name, cmd.PersistentFlags().Lookup(name))
+}
+
+func bindUint16Flag(cmd *cobra.Command, name, description string) {
+	cmd.PersistentFlags().Uint16(name, uint16(viper.GetUint(name)), description)
+	viper.BindPFlag(name, cmd.PersistentFlags().Lookup(name))
+}
+
+func bindBoolFlag(cmd *cobra.Command, name, description string) {
+	cmd.PersistentFlags().Bool(name, viper.GetBool(name), description)
+	viper.BindPFlag(name, cmd.PersistentFlags().Lookup(name))
+}
--- a/cmd/admin/start/start.go
+++ b/cmd/admin/start/start.go
@@ -15,7 +15,6 @@ import (

 	"github.com/caos/logging"
 	"github.com/gorilla/mux"
-	"github.com/mitchellh/mapstructure"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 	"golang.org/x/net/http2"
@@ -37,17 +36,13 @@ import (
 	"github.com/caos/zitadel/internal/authz"
 	authz_repo "github.com/caos/zitadel/internal/authz/repository"
 	"github.com/caos/zitadel/internal/command"
-	"github.com/caos/zitadel/internal/config/systemdefaults"
-	"github.com/caos/zitadel/internal/crypto"
 	cryptoDB "github.com/caos/zitadel/internal/crypto/database"
 	"github.com/caos/zitadel/internal/database"
 	"github.com/caos/zitadel/internal/eventstore"
 	"github.com/caos/zitadel/internal/id"
 	"github.com/caos/zitadel/internal/notification"
 	"github.com/caos/zitadel/internal/query"
-	"github.com/caos/zitadel/internal/query/projection"
 	"github.com/caos/zitadel/internal/static"
-	static_config "github.com/caos/zitadel/internal/static/config"
 	"github.com/caos/zitadel/internal/webauthn"
 	"github.com/caos/zitadel/openapi"
 )
@@ -64,82 +59,19 @@ func New() *cobra.Command {
 Requirements:
 - cockroachdb`,
 		RunE: func(cmd *cobra.Command, args []string) error {
-			config := new(startConfig)
-			err := viper.Unmarshal(config, viper.DecodeHook(mapstructure.ComposeDecodeHookFunc(
-				mapstructure.StringToTimeDurationHookFunc(),
-				mapstructure.StringToSliceHookFunc(":"),
-			)))
-			if err != nil {
-				return err
-			}
-			err = config.Log.SetLogger()
-			if err != nil {
-				return err
-			}
-			masterKey, _ := cmd.Flags().GetString("masterkey")
+			config := MustNewConfig(viper.GetViper())
+			masterKey, _ := cmd.Flags().GetString(flagMasterKey)
+
 			return startZitadel(config, masterKey)
 		},
 	}
-	bindUint16Flag(start, "port", "port to run ZITADEL on")
-	bindStringFlag(start, "externalDomain", "domain ZITADEL will be exposed on")
-	bindStringFlag(start, "externalPort", "port ZITADEL will be exposed on")
-	bindBoolFlag(start, "externalSecure", "if ZITADEL will be served on HTTPS")

-	start.PersistentFlags().String(flagMasterKey, "", "masterkey for en/decryption keys")
+	startFlags(start)

 	return start
 }

-func bindStringFlag(cmd *cobra.Command, name, description string) {
-	cmd.PersistentFlags().String(name, viper.GetString(name), description)
-	viper.BindPFlag(name, cmd.PersistentFlags().Lookup(name))
-}
-
-func bindUint16Flag(cmd *cobra.Command, name, description string) {
-	cmd.PersistentFlags().Uint16(name, uint16(viper.GetUint(name)), description)
-	viper.BindPFlag(name, cmd.PersistentFlags().Lookup(name))
-}
-
-func bindBoolFlag(cmd *cobra.Command, name, description string) {
-	cmd.PersistentFlags().Bool(name, viper.GetBool(name), description)
-	viper.BindPFlag(name, cmd.PersistentFlags().Lookup(name))
-}
-
-type startConfig struct {
-	Log             *logging.Config
-	Port            uint16
-	ExternalPort    uint16
-	ExternalDomain  string
-	ExternalSecure  bool
-	Database        database.Config
-	Projections     projection.Config
-	AuthZ           authz.Config
-	Auth            auth_es.Config
-	Admin           admin_es.Config
-	UserAgentCookie *middleware.UserAgentCookieConfig
-	OIDC            oidc.Config
-	Login           login.Config
-	Console         console.Config
-	Notification    notification.Config
-	AssetStorage    static_config.AssetStorageConfig
-	InternalAuthZ   internal_authz.Config
-	SystemDefaults  systemdefaults.SystemDefaults
-	EncryptionKeys  *encryptionKeyConfig
-}
-
-type encryptionKeyConfig struct {
-	DomainVerification   *crypto.KeyConfig
-	IDPConfig            *crypto.KeyConfig
-	OIDC                 *crypto.KeyConfig
-	OTP                  *crypto.KeyConfig
-	SMS                  *crypto.KeyConfig
-	SMTP                 *crypto.KeyConfig
-	User                 *crypto.KeyConfig
-	CSRFCookieKeyID      string
-	UserAgentCookieKeyID string
-}
-
-func startZitadel(config *startConfig, masterKey string) error {
+func startZitadel(config *Config, masterKey string) error {
 	ctx := context.Background()
 	keyChan := make(chan interface{})

@@ -197,7 +129,7 @@ func startZitadel(config *startConfig, masterKey string) error {
 	return listen(ctx, router, config.Port)
 }

-func startAPIs(ctx context.Context, router *mux.Router, commands *command.Commands, queries *query.Queries, eventstore *eventstore.Eventstore, dbClient *sql.DB, keyChan chan interface{}, config *startConfig, store static.Storage, authZRepo authz_repo.Repository, keys *encryptionKeys) error {
+func startAPIs(ctx context.Context, router *mux.Router, commands *command.Commands, queries *query.Queries, eventstore *eventstore.Eventstore, dbClient *sql.DB, keyChan chan interface{}, config *Config, store static.Storage, authZRepo authz_repo.Repository, keys *encryptionKeys) error {
 	repo := struct {
 		authz_repo.Repository
 		*query.Queries
--- a/cmd/admin/start/start_from_init.go
+++ b/cmd/admin/start/start_from_init.go
@@ -0,0 +1,40 @@
+package start
+
+import (
+	"github.com/caos/logging"
+	"github.com/caos/zitadel/cmd/admin/initialise"
+	"github.com/caos/zitadel/cmd/admin/setup"
+	"github.com/spf13/cobra"
+	"github.com/spf13/viper"
+)
+
+func NewStartFromInit() *cobra.Command {
+	cmd := &cobra.Command{
+		Use:   "start-from-init",
+		Short: "cold starts zitadel",
+		Long: `cold starts ZITADEL.
+First the minimum requirements to start ZITADEL are set up.
+Second the initial events are created.
+Last ZITADEL starts.
+
+Requirements:
+- cockroachdb`,
+		Run: func(cmd *cobra.Command, args []string) {
+			initialise.InitAll(initialise.MustNewConfig(viper.GetViper()))
+
+			setupConfig := setup.MustNewConfig(viper.GetViper())
+			setupSteps := setup.MustNewSteps(viper.New())
+			setup.Setup(setupConfig, setupSteps)
+
+			startConfig := MustNewConfig(viper.GetViper())
+			startMasterKey, _ := cmd.Flags().GetString(flagMasterKey)
+
+			err := startZitadel(startConfig, startMasterKey)
+			logging.OnError(err).Fatal("unable to start zitadel")
+		},
+	}
+
+	startFlags(cmd)
+
+	return cmd
+}