[IAM] add component skeleton

Author: AlexTugarev

components/BUILD.yaml

@@ -37,6 +37,7 @@ packages:
       - components/ee/db-sync:docker
       - components/ee/payment-endpoint:docker
       - components/gitpod-db:docker
+      - components/iam:docker
       - components/ide/code-desktop:docker
       - components/ide/code-desktop:docker-insiders
       - components/ide/code:docker
@@ -109,6 +110,7 @@ packages:
   - name: all-apps
     type: generic
     deps:
+      - components/iam:app
       - components/blobserve:app
       - components/content-service:app
       - components/dashboard:app

components/iam/BUILD.yaml

@@ -0,0 +1,45 @@
+packages:
+  - name: app
+    type: go
+    srcs:
+      - "**/*.go"
+      - "go.mod"
+      - "go.sum"
+    deps:
+      - components/common-go:lib
+      - components/gitpod-protocol/go:lib
+    env:
+      - CGO_ENABLED=0
+      - GOOS=linux
+    config:
+      packaging: app
+      buildCommand: ["go", "build", "-trimpath", "-ldflags", "-buildid= -w -s -X 'github.com/gitpod-io/gitpod/iam/cmd.Version=commit-${__git_commit}'"]
+  - name: docker
+    type: docker
+    deps:
+      - :app
+    argdeps:
+      - imageRepoBase
+    config:
+      buildArgs:
+        VERSION: ${version}
+      dockerfile: leeway.Dockerfile
+      metadata:
+        helm-component: iam
+      image:
+        - ${imageRepoBase}/iam:${version}
+        - ${imageRepoBase}/iam:commit-${__git_commit}
+  - name: lib
+    type: go
+    srcs:
+      - "**/*.go"
+      - "go.mod"
+      - "go.sum"
+    deps:
+      - components/common-go:lib
+      - components/gitpod-protocol/go:lib
+    env:
+      - CGO_ENABLED=0
+      - GOOS=linux
+    config:
+      packaging: library

components/iam/README.md

@@ -0,0 +1,5 @@
+## IAM
+
+The `iam` components hosts OIDC client and other authN+authN related concerns.
+
+TBD

components/iam/cmd/root.go

@@ -0,0 +1,71 @@
+// Copyright (c) 2022 Gitpod GmbH. All rights reserved.
+// Licensed under the GNU Affero General Public License (AGPL).
+// See License-AGPL.txt in the project root for license information.
+
+package cmd
+
+import (
+	"bytes"
+	"context"
+	"encoding/json"
+	"os"
+	"path"
+
+	"github.com/gitpod-io/gitpod/iam/pkg/config"
+
+	"github.com/gitpod-io/gitpod/common-go/log"
+	"github.com/spf13/cobra"
+)
+
+var (
+	// ServiceName is the name we use for tracing/logging
+	ServiceName = "iam"
+	// Version of this service - set during build
+	Version = ""
+)
+
+var rootOpts struct {
+	CfgFile string
+	JsonLog bool
+	Verbose bool
+}
+
+// rootCmd represents the base command when called without any subcommands
+var rootCmd = &cobra.Command{
+	Use:   ServiceName,
+	Short: "Serves IAM services",
+	PersistentPreRun: func(cmd *cobra.Command, args []string) {
+		log.Init(ServiceName, Version, rootOpts.JsonLog, rootOpts.Verbose)
+	},
+}
+
+func Execute() {
+	if err := rootCmd.ExecuteContext(context.Background()); err != nil {
+		log.WithError(err).Error("Failed to execute command.")
+		os.Exit(1)
+	}
+}
+
+func init() {
+	localConfig := path.Join(os.ExpandEnv("GOMOD"), "..", "config.json")
+	rootCmd.PersistentFlags().StringVar(&rootOpts.CfgFile, "config", localConfig, "config file")
+	rootCmd.PersistentFlags().BoolVar(&rootOpts.JsonLog, "json-log", true, "produce JSON log output on verbose level")
+	rootCmd.PersistentFlags().BoolVar(&rootOpts.Verbose, "verbose", false, "Enable verbose JSON logging")
+}
+
+func getConfig() *config.ServiceConfig {
+	ctnt, err := os.ReadFile(rootOpts.CfgFile)
+	if err != nil {
+		log.WithError(err).Fatal("Cannot read configuration. Maybe missing --config?")
+	}
+
+	var cfg config.ServiceConfig
+	dec := json.NewDecoder(bytes.NewReader(ctnt))
+	dec.DisallowUnknownFields()
+	err = dec.Decode(&cfg)
+	if err != nil {
+		log.WithError(err).Fatal("Cannot decode configuration. Maybe missing --config?")
+	}
+
+	return &cfg
+}

components/iam/cmd/run.go

@@ -0,0 +1,28 @@
+// Copyright (c) 2022 Gitpod GmbH. All rights reserved.
+// Licensed under the GNU Affero General Public License (AGPL).
+// See License-AGPL.txt in the project root for license information.
+
+package cmd
+
+import (
+	"github.com/gitpod-io/gitpod/common-go/log"
+	"github.com/gitpod-io/gitpod/iam/pkg/server"
+	"github.com/spf13/cobra"
+)
+
+func init() {
+	rootCmd.AddCommand(runCommand)
+}
+
+var runCommand = &cobra.Command{
+	Use:     "run",
+	Short:   "Starts the service",
+	Version: Version,
+	Run: func(cmd *cobra.Command, args []string) {
+		cfg := getConfig()
+
+		if err := server.Start(log.Log, Version, cfg); err != nil {
+			log.WithError(err).Fatal("cannot start server")
+		}
+	},
+}

components/iam/config.json

@@ -0,0 +1,12 @@
+{
+  "server": {
+    "services": {
+      "grpc": {
+        "address": ":9001"
+      },
+      "http": {
+        "address": ":9002"
+      }
+    }
+  }
+}

components/iam/go.mod

@@ -0,0 +1,48 @@
+module github.com/gitpod-io/gitpod/iam
+
+go 1.19
+
+require (
+	github.com/gitpod-io/gitpod/common-go v0.0.0-00010101000000-000000000000
+	github.com/sirupsen/logrus v1.8.1
+	github.com/spf13/cobra v1.4.0
+)
+
+require (
+	github.com/beorn7/perks v1.0.1 // indirect
+	github.com/cespare/xxhash/v2 v2.1.2 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/golang/protobuf v1.5.2 // indirect
+	github.com/grpc-ecosystem/go-grpc-middleware v1.3.0 // indirect
+	github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 // indirect
+	github.com/hashicorp/golang-lru v0.5.1 // indirect
+	github.com/heptiolabs/healthcheck v0.0.0-20211123025425-613501dd5deb // indirect
+	github.com/inconshreveable/mousetrap v1.0.1 // indirect
+	github.com/kr/text v0.2.0 // indirect
+	github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect
+	github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e // indirect
+	github.com/opentracing/opentracing-go v1.2.0 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/prometheus/client_golang v1.13.0 // indirect
+	github.com/prometheus/client_model v0.2.0 // indirect
+	github.com/prometheus/common v0.37.0 // indirect
+	github.com/prometheus/procfs v0.8.0 // indirect
+	github.com/slok/go-http-metrics v0.10.0 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/stretchr/testify v1.7.0 // indirect
+	golang.org/x/net v0.0.0-20220225172249-27dd8689420f // indirect
+	golang.org/x/sync v0.0.0-20220601150217-0de741cfad7f // indirect
+	golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 // indirect
+	golang.org/x/text v0.3.7 // indirect
+	golang.org/x/time v0.0.0-20220922220347-f3bd1da661af // indirect
+	golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect
+	google.golang.org/genproto v0.0.0-20201019141844-1ed22bb0c154 // indirect
+	google.golang.org/grpc v1.49.0 // indirect
+	google.golang.org/protobuf v1.28.1 // indirect
+	gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f // indirect
+	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
+)
+
+replace github.com/gitpod-io/gitpod/common-go => ../common-go // leeway
+
+replace github.com/gitpod-io/gitpod/gitpod-protocol => ../gitpod-protocol/go // leeway