diff --git a/cmd/main.go b/cmd/main.go index fb4b3f8b..b7abbf3f 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -119,12 +119,6 @@ func main() { zap.Level(zapcore.Level(-ctrlConfig.LogLevel)), )) - styraToken, err1 := config.TokenFromConfig(ctrlConfig) - if err1 != nil { - log.Error(err1, "Unable to load styra token") - exit(err1) - } - options := config.OptionsFromConfig(ctrlConfig, scheme) if ctrlConfig.Sentry != nil { @@ -183,27 +177,6 @@ func main() { } } - var styraClient styra.ClientInterface - if ctrlConfig.EnableStyraReconciliation { - roles := make([]styra.Role, len(ctrlConfig.SystemUserRoles)) - for i, role := range ctrlConfig.SystemUserRoles { - roles[i] = styra.Role(role) - } - - styraHostURL := strings.TrimSuffix(ctrlConfig.Styra.Address, "/") - styraClient = styra.New(styraHostURL, styraToken) - - if err := configureExporter( - styraClient, ctrlConfig.DecisionsExporter, configv2alpha2.ExporterConfigTypeDecisions); err != nil { - log.Error(err, fmt.Sprintf("unable to configure %s", configv2alpha2.ExporterConfigTypeDecisions)) - } - - if err := configureExporter( - styraClient, ctrlConfig.ActivityExporter, configv2alpha2.ExporterConfigTypeActivity); err != nil { - log.Error(err, fmt.Sprintf("unable to configure %s", configv2alpha2.ExporterConfigTypeActivity)) - } - } - // System Controller systemReadyMetric := prometheus.NewGaugeVec( prometheus.GaugeOpts{ @@ -267,10 +240,6 @@ func main() { r1.S3 = s3Client } - if ctrlConfig.EnableStyraReconciliation { - r1.Styra = styraClient - } - if ctrlConfig.NotificationWebhooks != nil { r1.WebhookClient = webhook.New( ctrlConfig.NotificationWebhooks.SystemDatasourceChanged, @@ -302,7 +271,6 @@ func main() { Client: mgr.GetClient(), Scheme: mgr.GetScheme(), Config: ctrlConfig, - Styra: styraClient, } if ctrlConfig.EnableOPAControlPlaneReconciliation || ctrlConfig.EnableOPAControlPlaneReconciliationTestData { diff --git a/internal/config/config.go b/internal/config/config.go index 33ae1007..08686a14 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -70,21 +70,12 @@ func OptionsFromConfig(cfg *v2alpha2.ProjectConfig, scheme *runtime.Scheme) mana } // TokenFromConfig returns the Styra DAS api token directly from "styra.token" -// in the config or using the "styra.tokenSecretPath" to retrieve it fra a secret func TokenFromConfig(cfg *v2alpha2.ProjectConfig) (string, error) { - if cfg.Styra.Token != "" { - return cfg.Styra.Token, nil + if cfg.OPAControlPlaneConfig.Token != "" { + return cfg.OPAControlPlaneConfig.Token, nil } - if cfg.Styra.TokenSecretPath != "" { - styraURLBytes, err := os.ReadFile(cfg.Styra.TokenSecretPath) - if err != nil { - return "", errors.Wrapf(err, "Could not ready Styra token from TokenSecretPath: %s", cfg.Styra.TokenSecretPath) - } - return string(styraURLBytes), nil - } - - return "", errors.New("No token or tokenSecretPath defined in the config") + return "", errors.New("No token defined in the config") } func deserialize(data []byte, scheme *runtime.Scheme) (*v2alpha2.ProjectConfig, error) { diff --git a/pkg/ocp/bundles.go b/pkg/ocp/bundles.go index 1ae6d8b5..30c135fd 100644 --- a/pkg/ocp/bundles.go +++ b/pkg/ocp/bundles.go @@ -18,6 +18,7 @@ package ocp import ( "context" + "fmt" "io" "net/http" "path" @@ -89,7 +90,14 @@ type PutBundleResponse struct { // PutBundle calls the PUT /v1/bundles/{name} endpoint in the OCP API. func (c *Client) PutBundle(ctx context.Context, bundle *PutBundleRequest) (err error) { - res, err := c.request(ctx, http.MethodPut, path.Join(endpointV1Bundles, bundle.Name), bundle, nil) + var headers map[string]string + if c.token != "" { + headers = map[string]string{ + "Authorization": fmt.Sprintf("Bearer %s", c.token), + } + } + + res, err := c.request(ctx, http.MethodPut, path.Join(endpointV1Bundles, bundle.Name), bundle, headers) if err != nil { return err } @@ -115,7 +123,14 @@ func (c *Client) PutBundle(ctx context.Context, bundle *PutBundleRequest) (err e // DeleteBundle calls the DELETE /v1/bundles/{name} endpoint in the OCP API. func (c *Client) DeleteBundle(ctx context.Context, name string) (err error) { - res, err := c.request(ctx, http.MethodDelete, path.Join(endpointV1Bundles, name), nil, nil) + var headers map[string]string + if c.token != "" { + headers = map[string]string{ + "Authorization": fmt.Sprintf("Bearer %s", c.token), + } + } + + res, err := c.request(ctx, http.MethodDelete, path.Join(endpointV1Bundles, name), nil, headers) if err != nil { return err } diff --git a/pkg/ocp/sources.go b/pkg/ocp/sources.go index 351cfcdc..7b23c477 100644 --- a/pkg/ocp/sources.go +++ b/pkg/ocp/sources.go @@ -136,7 +136,14 @@ func ToRequirements(sources []string) []Requirement { // GetSource calls the GET /v1/sources/{id} endpoint in the OCP API. func (c *Client) GetSource(ctx context.Context, path string) (resp *GetSourceResponse, err error) { - res, err := c.request(ctx, http.MethodGet, fmt.Sprintf("%s/%s", endpointV1Sources, path), nil, nil) + var headers map[string]string + if c.token != "" { + headers = map[string]string{ + "Authorization": fmt.Sprintf("Bearer %s", c.token), + } + } + + res, err := c.request(ctx, http.MethodGet, fmt.Sprintf("%s/%s", endpointV1Sources, path), headers, nil) if err != nil { return nil, errors.Wrap(err, "could not get source from OCP") } @@ -177,7 +184,14 @@ func (c *Client) PutSource( id string, request *PutSourceRequest, ) (resp *PutSourceResponse, err error) { - res, err := c.request(ctx, http.MethodPut, fmt.Sprintf("%s/%s", endpointV1Sources, id), request, nil) + var headers map[string]string + if c.token != "" { + headers = map[string]string{ + "Authorization": fmt.Sprintf("Bearer %s", c.token), + } + } + + res, err := c.request(ctx, http.MethodPut, fmt.Sprintf("%s/%s", endpointV1Sources, id), request, headers) if err != nil { return nil, errors.Wrap(err, "PutSource: could not call OCP") } @@ -208,7 +222,14 @@ func (c *Client) PutSource( // DeleteSource calls the DELETE /v1/sources/{name} endpoint in the OCP API. func (c *Client) DeleteSource(ctx context.Context, id string) (err error) { - res, err := c.request(ctx, http.MethodDelete, fmt.Sprintf("%s/%s", endpointV1Sources, id), nil, nil) + var headers map[string]string + if c.token != "" { + headers = map[string]string{ + "Authorization": fmt.Sprintf("Bearer %s", c.token), + } + } + + res, err := c.request(ctx, http.MethodDelete, fmt.Sprintf("%s/%s", endpointV1Sources, id), nil, headers) if err != nil { return err }