Skip to content

Commit 31326ec

Browse files
authored
feat: add authentication to nats trigger (#3467)
Signed-off-by: Tom Bojer <[email protected]>
1 parent 82e0668 commit 31326ec

File tree

9 files changed

+955
-820
lines changed

9 files changed

+955
-820
lines changed

api/jsonschema/schema.json

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2785,6 +2785,10 @@
27852785
"io.argoproj.events.v1alpha1.NATSTrigger": {
27862786
"description": "NATSTrigger refers to the specification of the NATS trigger.",
27872787
"properties": {
2788+
"auth": {
2789+
"$ref": "#/definitions/io.argoproj.events.v1alpha1.NATSAuth",
2790+
"description": "AuthInformation"
2791+
},
27882792
"parameters": {
27892793
"items": {
27902794
"$ref": "#/definitions/io.argoproj.events.v1alpha1.TriggerParameter"

api/openapi-spec/swagger.json

Lines changed: 4 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

docs/APIs.md

Lines changed: 22 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12845,7 +12845,8 @@ NATSAuth
1284512845
<p>
1284612846

1284712847
(<em>Appears on:</em>
12848-
<a href="#argoproj.io/v1alpha1.NATSEventsSource">NATSEventsSource</a>)
12848+
<a href="#argoproj.io/v1alpha1.NATSEventsSource">NATSEventsSource</a>,
12849+
<a href="#argoproj.io/v1alpha1.NATSTrigger">NATSTrigger</a>)
1284912850
</p>
1285012851

1285112852
<p>
@@ -13526,6 +13527,26 @@ TLS configuration for the NATS producer.
1352613527

1352713528
</tr>
1352813529

13530+
<tr>
13531+
13532+
<td>
13533+
13534+
<code>auth</code></br> <em> <a href="#argoproj.io/v1alpha1.NATSAuth">
13535+
NATSAuth </a> </em>
13536+
</td>
13537+
13538+
<td>
13539+
13540+
<em>(Optional)</em>
13541+
<p>
13542+
13543+
AuthInformation
13544+
</p>
13545+
13546+
</td>
13547+
13548+
</tr>
13549+
1352913550
</tbody>
1353013551

1353113552
</table>

pkg/apis/events/v1alpha1/generated.pb.go

Lines changed: 865 additions & 812 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

pkg/apis/events/v1alpha1/generated.proto

Lines changed: 4 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

pkg/apis/events/v1alpha1/openapi_generated.go

Lines changed: 7 additions & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

pkg/apis/events/v1alpha1/sensor_types.go

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -632,6 +632,9 @@ type NATSTrigger struct {
632632
// TLS configuration for the NATS producer.
633633
// +optional
634634
TLS *TLSConfig `json:"tls,omitempty" protobuf:"bytes,5,opt,name=tls"`
635+
// AuthInformation
636+
// +optional
637+
Auth *NATSAuth `json:"auth,omitempty" protobuf:"bytes,6,opt,name=auth"`
635638
}
636639

637640
// CustomTrigger refers to the specification of the custom trigger.

pkg/apis/events/v1alpha1/zz_generated.deepcopy.go

Lines changed: 5 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

pkg/sensors/triggers/nats/nats.go

Lines changed: 41 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -48,20 +48,55 @@ func NewNATSTrigger(sensor *v1alpha1.Sensor, trigger *v1alpha1.Trigger, natsConn
4848
conn, ok := natsConnections.Load(trigger.Template.Name)
4949
if !ok {
5050
var err error
51-
opts := natslib.GetDefaultOptions()
52-
opts.Url = natstrigger.URL
51+
52+
var opt []natslib.Option
5353

5454
if natstrigger.TLS != nil {
5555
tlsConfig, err := sharedutil.GetTLSConfig(natstrigger.TLS)
5656
if err != nil {
5757
return nil, fmt.Errorf("failed to get the tls configuration, %w", err)
5858
}
59-
tlsConfig.InsecureSkipVerify = true
60-
opts.Secure = true
61-
opts.TLSConfig = tlsConfig
59+
opt = append(opt, natslib.Secure(tlsConfig))
60+
}
61+
62+
if natstrigger.Auth != nil {
63+
switch {
64+
case natstrigger.Auth.Basic != nil:
65+
username, err := sharedutil.GetSecretFromVolume(natstrigger.Auth.Basic.Username)
66+
if err != nil {
67+
return nil, err
68+
}
69+
password, err := sharedutil.GetSecretFromVolume(natstrigger.Auth.Basic.Password)
70+
if err != nil {
71+
return nil, err
72+
}
73+
opt = append(opt, natslib.UserInfo(username, password))
74+
case natstrigger.Auth.Token != nil:
75+
token, err := sharedutil.GetSecretFromVolume(natstrigger.Auth.Token)
76+
if err != nil {
77+
return nil, err
78+
}
79+
opt = append(opt, natslib.Token(token))
80+
case natstrigger.Auth.NKey != nil:
81+
nkeyFile, err := sharedutil.GetSecretVolumePath(natstrigger.Auth.NKey)
82+
if err != nil {
83+
return nil, err
84+
}
85+
o, err := natslib.NkeyOptionFromSeed(nkeyFile)
86+
if err != nil {
87+
return nil, fmt.Errorf("failed to get NKey, %w", err)
88+
}
89+
opt = append(opt, o)
90+
case natstrigger.Auth.Credential != nil:
91+
cFile, err := sharedutil.GetSecretVolumePath(natstrigger.Auth.Credential)
92+
if err != nil {
93+
return nil, err
94+
}
95+
opt = append(opt, natslib.UserCredentials(cFile))
96+
}
6297
}
6398

64-
conn, err = opts.Connect()
99+
conn, err = natslib.Connect(natstrigger.URL, opt...)
65100
if err != nil {
66101
return nil, err
67102
}

0 commit comments

Comments
 (0)