/go-clouddriver

A rewrite of Spinnaker's Clouddriver microservice in Go.

Primary LanguageGo

go-clouddriver

Development of this repo has moved to https://github.com/homedepot/go-clouddriver

go-clouddriver is a rewrite of Spinnaker's Clouddriver microservice. It aims to fix severe scaling problems and operational concerns when using Clouddriver at production scale.

It changes how clouddriver operates by providing an extended API for account onboarding (no more "dynamic accounts") and removing over-complicated strategies such as Cache All The Stuff in favor of talking directly to APIs.

Currently, go-clouddriver generates its access tokens using arcade, which is meant to be used in tandem with Google's Workload Identity to generate your tokens in a sidecar and make them retrievable through a simple authenticated API.

Getting Started

Testing

Run from the root directory

make tools test

Running Locally

  1. Build
make build
  1. Run
make run

You should see a log like SQL config missing field - defaulting to local sqlite DB. - this is expected when running locally. For production, you should set the env variables DB_HOST, DB_NAME, DB_PASS, and DB_USER.

  1. Create your first Kubernetes provider! go-clouddriver runs on port 7002, so you'll make a POST to localhost:7002/v1/kubernetes/providers.
curl -XPOST localhost:7002/v1/kubernetes/providers -d '{
  "name": "test-provider",
  "host": "https://test-host",
  "caData": "test",
  "permissions": {
    "read": [
      "test-read-group"
    ],
    "write": [
      "test-write-group"
    ]
  }
}' | jq

And you should see the response...

{
  "name": "test-provider",
  "host": "https://test-host",
  "caData": "test",
  "permissions": {
    "read": [
      "test-read-group"
    ],
    "write": [
      "test-write-group"
    ]
  }
}

Running the command again will return a 409 Conflict unless you change the name of the provider.

  1. List your providers by calling the /credentials endpoint.
curl localhost:7002/credentials | jq

Verbose Request Logging

Building go-clouddriver requires a lot of reverse engineering and monitoring incoming requests.

Turn on verbose request logging by setting the environment variable VERBOSE_REQUEST_LOGGING to true. You'll now see helpful request logs.

REQUEST: [2020-09-17T14:26:00Z]
POST /v1/kubernetes/providers HTTP/1.1
Host: localhost:7002
Accept: */*
User-Agent: curl/7.54.0
{
  "name": "test-provider",
  "host": "https://test-host",
  "caData": "test",
  "permissions": {
    "read": [
      "test-read-group"
    ],
    "write": [
      "test-write-group"
    ]
  }
}

[GIN] 2020/09/17 - 10:24:18 | 201 |     5.19472ms |       127.0.0.1 | POST     "/v1/kubernetes/providers"