Rename config resource for CORS allowed hosts.

Makefile

@@ -36,12 +36,12 @@ push-all-images: push-session-manager push-training-portal \
 build-core-images: build-session-manager build-training-portal \
   build-base-environment build-docker-registry build-pause-container \
   build-secrets-manager build-tunnel-manager build-image-cache \
-  build-assets-server
+  build-assets-server build-lookup-service
 
 push-core-images: push-session-manager push-training-portal \
   push-base-environment push-docker-registry push-pause-container \
   push-secrets-manager push-tunnel-manager push-image-cache \
-  push-assets-server
+  push-assets-server push-lookup-service
 
 build-session-manager:
 	docker build --progress plain --platform $(DOCKER_PLATFORM) -t $(IMAGE_REPOSITORY)/educates-session-manager:$(PACKAGE_VERSION) session-manager

carvel-packages/installer/bundle/config/ytt/_ytt_lib/packages/educates/_ytt_lib/lookup-service/upstream/clusterroles.yaml

@@ -40,7 +40,7 @@ rules:
   - apiGroups:
       - lookup.educates.dev
     resources:
-      - browserconfigs
+      - corsconfigs
       - clusterconfigs
       - clientconfigs
       - tenantconfigs

carvel-packages/installer/bundle/config/ytt/_ytt_lib/packages/educates/_ytt_lib/lookup-service/upstream/crd-browserconfig.yaml → carvel-packages/installer/bundle/config/ytt/_ytt_lib/packages/educates/_ytt_lib/lookup-service/upstream/crd-corsconfig.yaml

@@ -1,14 +1,14 @@
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
-  name: browserconfigs.lookup.educates.dev
+  name: corsconfigs.lookup.educates.dev
 spec:
   scope: Namespaced
   group: lookup.educates.dev
   names:
-    plural: browserconfigs
-    singular: browserconfig
-    kind: BrowserConfig
+    plural: corsconfigs
+    singular: corsconfig
+    kind: CORSConfig
     categories:
       - educates-lookup
   versions:

lookup-service/service/caches/browserconfig.py → lookup-service/service/caches/corsconfig.py

@@ -5,7 +5,7 @@
 
 
 @dataclass
-class BrowserConfig:
+class CORSConfig:
     """Configuration object for remote access config."""
 
     name: str

lookup-service/service/caches/databases.py

@@ -4,24 +4,24 @@
 from typing import TYPE_CHECKING, Dict, List
 
 if TYPE_CHECKING:
-    from .browserconfig import BrowserConfig
+    from .corsconfig import CORSConfig
     from .clientconfig import ClientConfig
     from .clusterconfig import ClusterConfig
     from .tenantconfig import TenantConfig
 
 
 @dataclass
-class BrowserDatabase:
-    """Database for storing remote access configuration. Configs are stored in a
+class CORSDatabase:
+    """Database for storing CORS configuration. Configs are stored in a
     dictionary with the resource name as the key and the access configuration
     object as the value."""
 
-    configs: Dict[str, "BrowserConfig"]
+    configs: Dict[str, "CORSConfig"]
 
     def __init__(self) -> None:
         self.configs = {}
 
-    def update_config(self, config: "BrowserConfig") -> None:
+    def update_config(self, config: "CORSConfig") -> None:
         """Update the config in the database. If the config does not exist in
         the database, it will be added."""
 
@@ -32,12 +32,12 @@ def remove_config(self, name: str) -> None:
 
         self.configs.pop(name, None)
 
-    def get_configs(self) -> List["BrowserConfig"]:
+    def get_configs(self) -> List["CORSConfig"]:
         """Retrieve a list of configs from the database."""
 
         return list(self.configs.values())
 
-    def get_config(self, name: str) -> "BrowserConfig":
+    def get_config(self, name: str) -> "CORSConfig":
         """Retrieve a config from the database by name."""
 
         return self.configs.get(name)
@@ -155,7 +155,7 @@ def get_cluster(self, name: str) -> "ClusterConfig":
 
 # Create the database instances.
 
-browser_database = BrowserDatabase()
+cors_database = CORSDatabase()
 client_database = ClientDatabase()
 tenant_database = TenantDatabase()
 cluster_database = ClusterDatabase()

lookup-service/service/handlers/browserconfigs.py → lookup-service/service/handlers/corsconfigs.py

@@ -5,17 +5,17 @@
 
 import kopf
 
-from ..caches.browserconfig import BrowserConfig
+from ..caches.corsconfig import CORSConfig
 from ..helpers.objects import xgetattr
 from ..service import ServiceState
 
 logger = logging.getLogger("educates")
 
 
-@kopf.on.resume("browserconfigs.lookup.educates.dev")
-@kopf.on.create("browserconfigs.lookup.educates.dev")
-@kopf.on.update("browserconfigs.lookup.educates.dev")
-def browserconfigs_update(
+@kopf.on.resume("corsconfigs.lookup.educates.dev")
+@kopf.on.create("corsconfigs.lookup.educates.dev")
+@kopf.on.update("corsconfigs.lookup.educates.dev")
+def corsconfigs_update(
     name: str, meta: kopf.Meta, spec: kopf.Spec, memo: ServiceState, reason: str, **_
 ) -> Dict[str, Any]:
     """Add the access configuration to the client database."""
@@ -32,10 +32,10 @@ def browserconfigs_update(
         generation,
     )
 
-    browser_database = memo.browser_database
+    cors_database = memo.cors_database
 
-    browser_database.update_config(
-        BrowserConfig(
+    cors_database.update_config(
+        CORSConfig(
             name=config_name,
             allowed_origins=allowed_origins,
         )
@@ -44,18 +44,18 @@ def browserconfigs_update(
     return {}
 
 
-@kopf.on.delete("browserconfigs.lookup.educates.dev")
-def browserconfigs_delete(name: str, meta: kopf.Meta, memo: ServiceState, **_) -> None:
+@kopf.on.delete("corsconfigs.lookup.educates.dev")
+def corsconfigs_delete(name: str, meta: kopf.Meta, memo: ServiceState, **_) -> None:
     """Remove the access configuration from the client database."""
 
     generation = meta["generation"]
 
-    browser_database = memo.browser_database
+    cors_database = memo.cors_database
 
     config_name = name
 
     logger.info(
         "Discard client configuration %r with generation %s.", config_name, generation
     )
 
-    browser_database.remove_client(config_name)
+    cors_database.remove_client(config_name)

lookup-service/service/main.py

@@ -12,8 +12,8 @@
 import kopf
 import pykube
 
-from .caches.databases import browser_database, client_database, cluster_database, tenant_database
-from .handlers import browserconfigs as _  # pylint: disable=unused-import
+from .caches.databases import cors_database, client_database, cluster_database, tenant_database
+from .handlers import corsconfigs as _  # pylint: disable=unused-import
 from .handlers import clientconfigs as _  # pylint: disable=unused-import
 from .handlers import clusterconfigs as _  # pylint: disable=unused-import
 from .handlers import tenantconfigs as _  # pylint: disable=unused-import
@@ -126,7 +126,7 @@ async def cleanup_fn(**_) -> None:
 # server threads.
 
 service_state = ServiceState(
-    browser_database=browser_database,
+    cors_database=cors_database,
     client_database=client_database,
     tenant_database=tenant_database,
     cluster_database=cluster_database,

lookup-service/service/routes/authnz.py

@@ -39,11 +39,11 @@ async def cors_allow_origin(
     # request and only allow it if it is in the list of allowed origins.
 
     service_state = request.app["service_state"]
-    browser_database = service_state.browser_database
+    cors_database = service_state.cors_database
 
     allowed_origins = []
 
-    for browser_config in browser_database.get_configs():
+    for browser_config in cors_database.get_configs():
         allowed_origins.extend(browser_config.allowed_origins)
 
     request_origin = request.headers.get("Origin") or ""

lookup-service/service/service.py

@@ -3,7 +3,7 @@
 from dataclasses import dataclass
 
 from .caches.databases import (
-    BrowserDatabase,
+    CORSDatabase,
     ClientDatabase,
     TenantDatabase,
     ClusterDatabase,
@@ -14,7 +14,7 @@
 class ServiceState:
     """Custom operator context object for the service."""
 
-    browser_database: BrowserDatabase
+    cors_database: CORSDatabase
     client_database: ClientDatabase
     tenant_database: TenantDatabase
     cluster_database: ClusterDatabase

lookup-service/testing/browserconfigs.yaml → lookup-service/testing/corsconfigs.yaml

@@ -1,5 +1,5 @@
 apiVersion: lookup.educates.dev/v1beta1
-kind: BrowserConfig
+kind: CORSConfig
 metadata:
   name: access-1
   namespace: educates-config