Merge pull request #2270 from wansir/ldap

fix: synchronize users to LDAP

cmd/controller-manager/app/controllers.go

@@ -48,6 +48,7 @@ import (
 	"kubesphere.io/kubesphere/pkg/informers"
 	"kubesphere.io/kubesphere/pkg/simple/client/devops"
 	"kubesphere.io/kubesphere/pkg/simple/client/k8s"
+	ldapclient "kubesphere.io/kubesphere/pkg/simple/client/ldap"
 	"kubesphere.io/kubesphere/pkg/simple/client/openpitrix"
 	"kubesphere.io/kubesphere/pkg/simple/client/s3"
 	"sigs.k8s.io/controller-runtime/pkg/manager"
@@ -60,6 +61,7 @@ func addControllers(
 	informerFactory informers.InformerFactory,
 	devopsClient devops.Interface,
 	s3Client s3.Interface,
+	ldapClient ldapclient.Interface,
 	openpitrixClient openpitrix.Client,
 	multiClusterEnabled bool,
 	networkPolicyEnabled bool,
@@ -207,8 +209,8 @@ func addControllers(
 	}
 
 	userController := user.NewController(client.Kubernetes(), client.KubeSphere(), client.Config(),
-		kubesphereInformer.Iam().V1alpha2().Users(),
-		fedUserCache, fedUserCacheController, kubernetesInformer.Core().V1().ConfigMaps(), multiClusterEnabled)
+		kubesphereInformer.Iam().V1alpha2().Users(), fedUserCache, fedUserCacheController,
+		kubernetesInformer.Core().V1().ConfigMaps(), ldapClient, multiClusterEnabled)
 
 	csrController := certificatesigningrequest.NewController(client.Kubernetes(), kubernetesInformer.Certificates().V1beta1().CertificateSigningRequests(),
 		kubernetesInformer.Core().V1().ConfigMaps(), client.Config())

cmd/controller-manager/app/options/options.go

@@ -8,6 +8,7 @@ import (
 	"k8s.io/klog"
 	"kubesphere.io/kubesphere/pkg/simple/client/devops/jenkins"
 	"kubesphere.io/kubesphere/pkg/simple/client/k8s"
+	ldapclient "kubesphere.io/kubesphere/pkg/simple/client/ldap"
 	"kubesphere.io/kubesphere/pkg/simple/client/multicluster"
 	"kubesphere.io/kubesphere/pkg/simple/client/network"
 	"kubesphere.io/kubesphere/pkg/simple/client/openpitrix"
@@ -21,6 +22,7 @@ type KubeSphereControllerManagerOptions struct {
 	KubernetesOptions   *k8s.KubernetesOptions
 	DevopsOptions       *jenkins.Options
 	S3Options           *s3.Options
+	LdapOptions         *ldapclient.Options
 	OpenPitrixOptions   *openpitrix.Options
 	NetworkOptions      *network.Options
 	MultiClusterOptions *multicluster.Options
@@ -35,6 +37,7 @@ func NewKubeSphereControllerManagerOptions() *KubeSphereControllerManagerOptions
 		KubernetesOptions:   k8s.NewKubernetesOptions(),
 		DevopsOptions:       jenkins.NewDevopsOptions(),
 		S3Options:           s3.NewS3Options(),
+		LdapOptions:         ldapclient.NewOptions(),
 		OpenPitrixOptions:   openpitrix.NewOptions(),
 		NetworkOptions:      network.NewNetworkOptions(),
 		MultiClusterOptions: multicluster.NewOptions(),
@@ -57,6 +60,7 @@ func (s *KubeSphereControllerManagerOptions) Flags() cliflag.NamedFlagSets {
 	s.KubernetesOptions.AddFlags(fss.FlagSet("kubernetes"), s.KubernetesOptions)
 	s.DevopsOptions.AddFlags(fss.FlagSet("devops"), s.DevopsOptions)
 	s.S3Options.AddFlags(fss.FlagSet("s3"), s.S3Options)
+	s.LdapOptions.AddFlags(fss.FlagSet("ldap"), s.LdapOptions)
 	s.OpenPitrixOptions.AddFlags(fss.FlagSet("openpitrix"), s.OpenPitrixOptions)
 	s.NetworkOptions.AddFlags(fss.FlagSet("network"), s.NetworkOptions)
 	s.MultiClusterOptions.AddFlags(fss.FlagSet("multicluster"), s.MultiClusterOptions)
@@ -92,6 +96,7 @@ func (s *KubeSphereControllerManagerOptions) Validate() []error {
 	errs = append(errs, s.S3Options.Validate()...)
 	errs = append(errs, s.OpenPitrixOptions.Validate()...)
 	errs = append(errs, s.NetworkOptions.Validate()...)
+	errs = append(errs, s.LdapOptions.Validate()...)
 	return errs
 }
 

cmd/controller-manager/app/server.go

@@ -40,6 +40,7 @@ import (
 	"kubesphere.io/kubesphere/pkg/simple/client/devops"
 	"kubesphere.io/kubesphere/pkg/simple/client/devops/jenkins"
 	"kubesphere.io/kubesphere/pkg/simple/client/k8s"
+	ldapclient "kubesphere.io/kubesphere/pkg/simple/client/ldap"
 	"kubesphere.io/kubesphere/pkg/simple/client/openpitrix"
 	"kubesphere.io/kubesphere/pkg/simple/client/s3"
 	"kubesphere.io/kubesphere/pkg/utils/term"
@@ -58,6 +59,7 @@ func NewControllerManagerCommand() *cobra.Command {
 			KubernetesOptions:   conf.KubernetesOptions,
 			DevopsOptions:       conf.DevopsOptions,
 			S3Options:           conf.S3Options,
+			LdapOptions:         conf.LdapOptions,
 			OpenPitrixOptions:   conf.OpenPitrixOptions,
 			NetworkOptions:      conf.NetworkOptions,
 			MultiClusterOptions: conf.MultiClusterOptions,
@@ -114,6 +116,22 @@ func Run(s *options.KubeSphereControllerManagerOptions, stopCh <-chan struct{})
 		}
 	}
 
+	var ldapClient ldapclient.Interface
+	if s.LdapOptions == nil || len(s.LdapOptions.Host) == 0 {
+		klog.Errorf("Failed to create devops client invalid ldap options")
+		return err
+	}
+
+	if s.LdapOptions.Host == ldapclient.FAKE_HOST {
+		ldapClient = ldapclient.NewSimpleLdap()
+	} else {
+		ldapClient, err = ldapclient.NewLdapClient(s.LdapOptions, stopCh)
+		if err != nil {
+			klog.Errorf("Failed to create ldap client %v", err)
+			return err
+		}
+	}
+
 	var openpitrixClient openpitrix.Client
 	if s.OpenPitrixOptions != nil && !s.OpenPitrixOptions.IsEmpty() {
 		openpitrixClient, err = openpitrix.NewClient(s.OpenPitrixOptions)
@@ -160,7 +178,8 @@ func Run(s *options.KubeSphereControllerManagerOptions, stopCh <-chan struct{})
 
 		// TODO(jeff): refactor config with CRD
 		servicemeshEnabled := s.ServiceMeshOptions != nil && len(s.ServiceMeshOptions.IstioPilotHost) != 0
-		if err = addControllers(mgr, kubernetesClient, informerFactory, devopsClient, s3Client, openpitrixClient, s.MultiClusterOptions.Enable, s.NetworkOptions.EnableNetworkPolicy, servicemeshEnabled, stopCh); err != nil {
+		if err = addControllers(mgr, kubernetesClient, informerFactory, devopsClient, s3Client, ldapClient, openpitrixClient,
+			s.MultiClusterOptions.Enable, s.NetworkOptions.EnableNetworkPolicy, servicemeshEnabled, stopCh); err != nil {
 			klog.Fatalf("unable to register controllers to the manager: %v", err)
 		}