github.com/argoproj/argo-cd/v3@v3.2.1/server/settings/settings.go (about)

     1  package settings
     2  
     3  import (
     4  	"context"
     5  	"fmt"
     6  
     7  	"github.com/golang/protobuf/ptypes/empty"
     8  	"sigs.k8s.io/yaml"
     9  
    10  	"github.com/argoproj/argo-cd/v3/reposerver/apiclient"
    11  	utilio "github.com/argoproj/argo-cd/v3/util/io"
    12  
    13  	sessionmgr "github.com/argoproj/argo-cd/v3/util/session"
    14  
    15  	settingspkg "github.com/argoproj/argo-cd/v3/pkg/apiclient/settings"
    16  	"github.com/argoproj/argo-cd/v3/pkg/apis/application/v1alpha1"
    17  	"github.com/argoproj/argo-cd/v3/util/settings"
    18  )
    19  
    20  // Server provides a Settings service
    21  type Server struct {
    22  	mgr                       *settings.SettingsManager
    23  	repoClient                apiclient.Clientset
    24  	authenticator             Authenticator
    25  	disableAuth               bool
    26  	appsInAnyNamespaceEnabled bool
    27  	hydratorEnabled           bool
    28  }
    29  
    30  type Authenticator interface {
    31  	Authenticate(ctx context.Context) (context.Context, error)
    32  }
    33  
    34  // NewServer returns a new instance of the Settings service
    35  func NewServer(mgr *settings.SettingsManager, repoClient apiclient.Clientset, authenticator Authenticator, disableAuth, appsInAnyNamespaceEnabled bool, hydratorEnabled bool) *Server {
    36  	return &Server{mgr: mgr, repoClient: repoClient, authenticator: authenticator, disableAuth: disableAuth, appsInAnyNamespaceEnabled: appsInAnyNamespaceEnabled, hydratorEnabled: hydratorEnabled}
    37  }
    38  
    39  // Get returns Argo CD settings
    40  func (s *Server) Get(ctx context.Context, _ *settingspkg.SettingsQuery) (*settingspkg.Settings, error) {
    41  	resourceOverrides, err := s.mgr.GetResourceOverrides()
    42  	if err != nil {
    43  		return nil, err
    44  	}
    45  	overrides := make(map[string]*v1alpha1.ResourceOverride)
    46  	for k := range resourceOverrides {
    47  		val := resourceOverrides[k]
    48  		overrides[k] = &val
    49  	}
    50  	appInstanceLabelKey, err := s.mgr.GetAppInstanceLabelKey()
    51  	if err != nil {
    52  		return nil, err
    53  	}
    54  	argoCDSettings, err := s.mgr.GetSettings()
    55  	if err != nil {
    56  		return nil, err
    57  	}
    58  	gaSettings, err := s.mgr.GetGoogleAnalytics()
    59  	if err != nil {
    60  		return nil, err
    61  	}
    62  	help, err := s.mgr.GetHelp()
    63  	if err != nil {
    64  		return nil, err
    65  	}
    66  	userLoginsDisabled := true
    67  	accounts, err := s.mgr.GetAccounts()
    68  	if err != nil {
    69  		return nil, err
    70  	}
    71  	for _, account := range accounts {
    72  		if account.Enabled && account.HasCapability(settings.AccountCapabilityLogin) {
    73  			userLoginsDisabled = false
    74  			break
    75  		}
    76  	}
    77  
    78  	kustomizeSettings, err := s.mgr.GetKustomizeSettings()
    79  	if err != nil {
    80  		return nil, err
    81  	}
    82  	var kustomizeVersions []string
    83  	for i := range kustomizeSettings.Versions {
    84  		kustomizeVersions = append(kustomizeVersions, kustomizeSettings.Versions[i].Name)
    85  	}
    86  
    87  	trackingMethod, err := s.mgr.GetTrackingMethod()
    88  	if err != nil {
    89  		return nil, err
    90  	}
    91  
    92  	installationID, err := s.mgr.GetInstallationID()
    93  	if err != nil {
    94  		return nil, err
    95  	}
    96  
    97  	set := settingspkg.Settings{
    98  		URL:                argoCDSettings.URL,
    99  		AdditionalURLs:     argoCDSettings.AdditionalURLs,
   100  		AppLabelKey:        appInstanceLabelKey,
   101  		ResourceOverrides:  overrides,
   102  		StatusBadgeEnabled: argoCDSettings.StatusBadgeEnabled,
   103  		StatusBadgeRootUrl: argoCDSettings.StatusBadgeRootUrl,
   104  		KustomizeOptions: &v1alpha1.KustomizeOptions{
   105  			BuildOptions: argoCDSettings.KustomizeBuildOptions,
   106  		},
   107  		GoogleAnalytics: &settingspkg.GoogleAnalyticsConfig{
   108  			TrackingID:     gaSettings.TrackingID,
   109  			AnonymizeUsers: gaSettings.AnonymizeUsers,
   110  		},
   111  		Help: &settingspkg.Help{
   112  			ChatUrl:    help.ChatURL,
   113  			ChatText:   help.ChatText,
   114  			BinaryUrls: help.BinaryURLs,
   115  		},
   116  		UserLoginsDisabled:        userLoginsDisabled,
   117  		KustomizeVersions:         kustomizeVersions,
   118  		UiCssURL:                  argoCDSettings.UiCssURL,
   119  		TrackingMethod:            trackingMethod,
   120  		InstallationID:            installationID,
   121  		ExecEnabled:               argoCDSettings.ExecEnabled,
   122  		AppsInAnyNamespaceEnabled: s.appsInAnyNamespaceEnabled,
   123  		ImpersonationEnabled:      argoCDSettings.ImpersonationEnabled,
   124  		HydratorEnabled:           s.hydratorEnabled,
   125  	}
   126  
   127  	if sessionmgr.LoggedIn(ctx) || s.disableAuth {
   128  		set.UiBannerContent = argoCDSettings.UiBannerContent
   129  		set.UiBannerURL = argoCDSettings.UiBannerURL
   130  		set.UiBannerPermanent = argoCDSettings.UiBannerPermanent
   131  		set.UiBannerPosition = argoCDSettings.UiBannerPosition
   132  		set.ControllerNamespace = s.mgr.GetNamespace()
   133  	}
   134  	if sessionmgr.LoggedIn(ctx) {
   135  		set.PasswordPattern = argoCDSettings.PasswordPattern
   136  	}
   137  	if argoCDSettings.DexConfig != "" {
   138  		var cfg settingspkg.DexConfig
   139  		err = yaml.Unmarshal([]byte(argoCDSettings.DexConfig), &cfg)
   140  		if err == nil {
   141  			set.DexConfig = &cfg
   142  		}
   143  	}
   144  	if oidcConfig := argoCDSettings.OIDCConfig(); oidcConfig != nil {
   145  		set.OIDCConfig = &settingspkg.OIDCConfig{
   146  			Name:                     oidcConfig.Name,
   147  			Issuer:                   oidcConfig.Issuer,
   148  			ClientID:                 oidcConfig.ClientID,
   149  			CLIClientID:              oidcConfig.CLIClientID,
   150  			Scopes:                   oidcConfig.RequestedScopes,
   151  			EnablePKCEAuthentication: oidcConfig.EnablePKCEAuthentication,
   152  		}
   153  		if len(argoCDSettings.OIDCConfig().RequestedIDTokenClaims) > 0 {
   154  			set.OIDCConfig.IDTokenClaims = argoCDSettings.OIDCConfig().RequestedIDTokenClaims
   155  		}
   156  	}
   157  	return &set, nil
   158  }
   159  
   160  // GetPlugins returns a list of plugins
   161  func (s *Server) GetPlugins(ctx context.Context, _ *settingspkg.SettingsQuery) (*settingspkg.SettingsPluginsResponse, error) {
   162  	plugins, err := s.plugins(ctx)
   163  	if err != nil {
   164  		return nil, err
   165  	}
   166  	return &settingspkg.SettingsPluginsResponse{Plugins: plugins}, nil
   167  }
   168  
   169  func (s *Server) plugins(ctx context.Context) ([]*settingspkg.Plugin, error) {
   170  	closer, client, err := s.repoClient.NewRepoServerClient()
   171  	if err != nil {
   172  		return nil, fmt.Errorf("error creating repo server client: %w", err)
   173  	}
   174  	defer utilio.Close(closer)
   175  
   176  	pluginList, err := client.ListPlugins(ctx, &empty.Empty{})
   177  	if err != nil {
   178  		return nil, fmt.Errorf("failed to list sidecar plugins from reposerver: %w", err)
   179  	}
   180  
   181  	var out []*settingspkg.Plugin
   182  	if pluginList != nil && len(pluginList.Items) > 0 {
   183  		for _, p := range pluginList.Items {
   184  			out = append(out, &settingspkg.Plugin{Name: p.Name})
   185  		}
   186  	}
   187  
   188  	return out, nil
   189  }
   190  
   191  // AuthFuncOverride disables authentication for settings service
   192  func (s *Server) AuthFuncOverride(ctx context.Context, fullMethodName string) (context.Context, error) {
   193  	ctx, err := s.authenticator.Authenticate(ctx)
   194  	if fullMethodName == "/cluster.SettingsService/Get" {
   195  		// SettingsService/Get API is used by login page.
   196  		// This authenticates the user, but ignores any error, so that we have claims populated
   197  		err = nil
   198  	}
   199  	return ctx, err
   200  }