feat(cli): setup (#3267)

* commander

* commander

* selber!

* move to packages

* fix(errors): implement Is interface

* test: command

* test: commands

* add init steps

* setup tenant

* add default step yaml

* possibility to set password

* merge v2 into v2-commander

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: search query builder can filter events in memory

* fix: filters for add member

* fix(setup): add `ExternalSecure` to config

* chore: name iam to instance

* fix: matching

* remove unsued func

* base url

* base url

* test(command): filter funcs

* test: commands

* fix: rename orgiampolicy to domain policy

* start from init

* commands

* config

* fix indexes and add constraints

* fixes

* fix: merge conflicts

* fix: protos

* fix: md files

* setup

* add deprecated org iam policy again

* typo

* fix search query

* fix filter

* Apply suggestions from code review

* remove custom org from org setup

* add todos for verification

* change apps creation

* simplify package structure

* fix error

* move preparation helper for tests

* fix unique constraints

* fix config mapping in setup

* fix error handling in encryption_keys.go

* fix projection config

* fix query from old views to projection

* fix setup of mgmt api

* set iam project and fix instance projection

* imports

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>

internal/domain/application_oauth.go

@@ -19,15 +19,24 @@ type oAuthApplication interface {
 
 //ClientID random_number@projectname (eg. 495894098234@zitadel)
 func SetNewClientID(a oAuthApplication, idGenerator id.Generator, project *Project) error {
-	rndID, err := idGenerator.Next()
+	clientID, err := NewClientID(idGenerator, project.Name)
 	if err != nil {
 		return err
 	}
 
-	a.setClientID(fmt.Sprintf("%v@%v", rndID, strings.ReplaceAll(strings.ToLower(project.Name), " ", "_")))
+	a.setClientID(clientID)
 	return nil
 }
 
+func NewClientID(idGenerator id.Generator, projectName string) (string, error) {
+	rndID, err := idGenerator.Next()
+	if err != nil {
+		return "", err
+	}
+
+	return fmt.Sprintf("%s@%s", rndID, strings.ReplaceAll(strings.ToLower(projectName), " ", "_")), nil
+}
+
 func SetNewClientSecretIfNeeded(a oAuthApplication, generator crypto.Generator) (string, error) {
 	if !a.requiresClientSecret() {
 		return "", nil

internal/domain/human_email.go

@@ -1,13 +1,14 @@
 package domain
 
 import (
-	"github.com/caos/zitadel/internal/crypto"
-	es_models "github.com/caos/zitadel/internal/eventstore/v1/models"
 	"regexp"
 	"time"
+
+	"github.com/caos/zitadel/internal/crypto"
+	es_models "github.com/caos/zitadel/internal/eventstore/v1/models"
 )
 
-var emailRegex = regexp.MustCompile("^[a-zA-Z0-9.!#$%&'*+\\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$")
+var EmailRegex = regexp.MustCompile("^[a-zA-Z0-9.!#$%&'*+\\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$")
 
 type Email struct {
 	es_models.ObjectRoot
@@ -24,7 +25,7 @@ type EmailCode struct {
 }
 
 func (e *Email) IsValid() bool {
-	return e.EmailAddress != "" && emailRegex.MatchString(e.EmailAddress)
+	return e.EmailAddress != "" && EmailRegex.MatchString(e.EmailAddress)
 }
 
 func NewEmailCode(emailGenerator crypto.Generator) (*EmailCode, error) {

internal/domain/org.go

@@ -15,7 +15,7 @@ type Org struct {
 }
 
 func (o *Org) IsValid() bool {
-	return o.Name != ""
+	return o != nil && o.Name != ""
 }
 
 func (o *Org) AddIAMDomain(iamDomain string) {

internal/domain/project.go

@@ -30,8 +30,14 @@ const (
 	PrivateLabelingSettingUnspecified PrivateLabelingSetting = iota
 	PrivateLabelingSettingEnforceProjectResourceOwnerPolicy
 	PrivateLabelingSettingAllowLoginUserResourceOwnerPolicy
+
+	privateLabelingSettingMax
 )
 
+func (s PrivateLabelingSetting) Valid() bool {
+	return s >= PrivateLabelingSettingUnspecified && s < privateLabelingSettingMax
+}
+
 func (o *Project) IsValid() bool {
 	return o.Name != ""
 }