9ac0452d61
* test: add locak k8s setup Signed-off-by: Saw-jan <saw.jan.grg3e@gmail.com> * chore: move k8s config files Signed-off-by: Saw-jan <saw.jan.grg3e@gmail.com> * fix: add host alias Signed-off-by: Saw-jan <saw.jan.grg3e@gmail.com> * fix: remove unsed dir Signed-off-by: Saw-jan <saw.jan.grg3e@gmail.com> * ci: use script to expose external servers to the cluster Signed-off-by: Saw-jan <saw.jan.grg3e@gmail.com> * ci: expose using existing script Signed-off-by: Saw-jan <saw.jan.grg3e@gmail.com> * docs: add docs Signed-off-by: Saw-jan <saw.jan.grg3e@gmail.com> * docs: refer k8s setup docs Signed-off-by: Saw-jan <saw.jan.grg3e@gmail.com> * ci: specify namespace Signed-off-by: Saw-jan <saw.jan.grg3e@gmail.com> * ci: create namespace Signed-off-by: Saw-jan <saw.jan.grg3e@gmail.com> * docs: fix docs errors Signed-off-by: Saw-jan <saw.jan.grg3e@gmail.com> * test: patch chart template only once Signed-off-by: Saw-jan <saw.jan.grg3e@gmail.com> * docs: add toc and setup cleanup Signed-off-by: Saw-jan <saw.jan.grg3e@gmail.com> * chore: remove deprecated --atomic helm option Signed-off-by: Saw-jan <saw.jan.grg3e@gmail.com> * test: add k8s namespace wrapper option Signed-off-by: Saw-jan <saw.jan.grg3e@gmail.com> * test: fix logs dir permissions Signed-off-by: Saw-jan <saw.jan.grg3e@gmail.com> * docs: update docs Signed-off-by: Saw-jan <saw.jan.grg3e@gmail.com> * test: fix host ip detection Signed-off-by: Saw-jan <saw.jan.grg3e@gmail.com> * docs: add show-logs command and warning for external services Signed-off-by: Saw-jan <saw.jan.grg3e@gmail.com> --------- Signed-off-by: Saw-jan <saw.jan.grg3e@gmail.com>
oCIS Wrapper
The oCIS wrapper is a tool that wraps the oCIS binary and allows to dynamically reconfigure or extend the running instance. This is done by sending JSON payloads with updated environment variables.
When run, ociswrapper starts an API server that exposes some endpoints to re-configure the oCIS server.
Usage
-
Build
make build -
Run
./bin/ociswrapper serve --bin=<path-to-ocis-binary>To check other available options:
./bin/ociswrapper serve --help--bin string Full oCIS binary path (default "/usr/bin/ocis") --url string oCIS server url (default "https://localhost:9200") --retry string Number of retries to start oCIS server (default "5") -p, --port string Wrapper API server port (default "5200") --admin-username string admin username for oCIS server --admin-password string admin password for oCIS server --skip-ocis-run Skip running oCIS server
Access the API server at http://localhost:5200.
Also, see ./bin/ociswrapper help for more information.
API
ociswrapper exposes the following endpoints:
-
PUT /configUpdates the configuration of the running oCIS instance. Body of the request should be a JSON object with the following structure:
{ "ENV_KEY1": "value1", "ENV_KEY2": "value2" }Returns:
200 OK- oCIS is successfully reconfigured400 Bad Request- request body is not a valid JSON object500 Internal Server Error- oCIS server is not running
-
DELETE /rollbackRolls back the configuration to the starting point.
Returns:
200 OK- rollback is successful500 Internal Server Error- oCIS server is not running
-
POST /commandExecutes the provided command on the oCIS server. The body of the request should be a JSON object with the following structure:
{ "command": "<ocis-command>", # without the ocis binary. e.g. "list" }If the command requires user input, the body of the request should be a JSON object with the following structure:
{ "command": "<ocis-command>", "inputs": ["value1"] }Returns:
{ "status": "OK", "exitCode": 0, "message": "<command output>" } OR { "status": "ERROR", "exitCode": <error-exit-code>, "message": "<command output>" }200 OK- command is successfully executed400 Bad Request- request body is not a valid JSON object500 Internal Server Error
-
POST /startStarts the oCIS server.
Returns:
200 OK- oCIS server is started409 Conflict- oCIS server is already running500 Internal Server Error- Unable to start oCIS server
-
POST /stopStops the oCIS server.
Returns:
200 OK- oCIS server is stopped500 Internal Server Error- Unable to stop oCIS server
-
POST /services/{service-name}Restart oCIS instances without specified service and start that service independently (not covered by the oCIS supervisor).
Body of the request should be a JSON object with the following structure:
{ "ENV_KEY1": "value1", "ENV_KEY2": "value2" }⚠️ Note:
You need to set the proper addresses to access the service from other steps in the CI pipeline.
{SERVICE-NAME}_DEBUG_ADDR=0.0.0.0:{DEBUG_PORT}{SERVICE-NAME}_HTTP_ADDR=0.0.0.0:{HTTP_PORT}Returns:
200 OK- oCIS service started successfully400 Bad Request- request body is not a valid JSON object500 Internal Server Error- Failed to start oCIS service audit
-
DELETE /services/{service-name}Stop individually running oCIS service
Returns:
200 OK- oCIS service stopped successfully500 Internal Server Error- Unable to stop oCIS service
-
PATCH /services/{service-name}Updates the configuration of the running service instance. Body of the request should be a JSON object with the following structure:
{ "ENV_KEY1": "value1", "ENV_KEY2": "value2" }Returns:
200 OK- service is successfully reconfigured500 Internal Server Error- service is not running
-
DELETE /services/rollbackStop and rollback all service configurations to the starting point.
Returns:
200 OK- rollback is successful500 Internal Server Error- oCIS server is not running