@monokle/synchronizer
v0.14.2
Published
Monokle Cloud synchronizer
Downloads
65
Readme
Monokle Synchronizer
Monokle Synchronizer is a TypeScript library to provide integration with Monokle Cloud in local environments.
This package exposes two main utils - Authenticator
and Synchronizer
which can be used for authenticating with Monokle Cloud and then synchronizing remote policies to local environment.
Authenticator
Authenticator provides a way to authenticate locally with Monokle Cloud. It can be done via device flow or by providing access token. In both scenarios as a result, API token is obtained and stored locally so can be used for further Monokle Cloud API communication (for synchronizing policies).
Login flow
Login is a two step process, where authenticator.login(...)
call initializes login flow and return an object with onDone
promise which gets resolve when user is successfully logged in.
Login via device flow - this is a 2-step process where user needs to navigate ot given URL using a browser to authenticate:
import {createDefaultMonokleAuthenticator} from '@monokle/synchronizer';
const authenticator = createDefaultMonokleAuthenticator();
const loginResponse = await authenticator.login('device code');
console.log(loginResponse.handle);
// The `loginResponse.handle` is an object containing an URL which needs to be shown to users so they can authenticate with it in a browser.
// handle.device_code: string;
// handle.verification_uri_complete: string;
const user = await loginResponse.onDone;
// Returns
// user.isAuthenticated
// user.email
// user.token
Login via access token - this is 1-step process where user should be prompted first for a token and then this token should be passed to login
method:
import {createDefaultMonokleAuthenticator} from '@monokle/synchronizer';
const authenticator = createDefaultMonokleAuthenticator();
const loginResponse = await authenticator.login('token', 'sample user token');
const user = await loginResponse.onDone;
// Returns
// user.isAuthenticated
// user.email
// user.token
On successful login, authenticator
instance emits login
event with object including user data and login method used:
{
method: 'token'
user: {...}
}
IMPORTANT: Keep in mind that User
instance is immutable. To make sure you always have up to date user data, always use authenticator.user
instead of passing around sole User
object.
Logout
import {createDefaultMonokleAuthenticator} from '@monokle/synchronizer';
const authenticator = createDefaultMonokleAuthenticator();
await authenticator.logout();
This emits logout
event.
Token refresh
When using device flow, user token gets expired with time and needs to be refreshed. The recommended way is to always use authenticator.getUser()
method which returns User
but also takes care of refreshing token internally.
import {createDefaultMonokleAuthenticator} from '@monokle/synchronizer';
const authenticator = createDefaultMonokleAuthenticator();
const user = await authenticator.getUser();
Since getUser()
is async, there might be scenarios where it cannot be used to obtain user data. Then authenticator.user
getter should be used. In such scenarios, token refreshing needs to be taken of separately by calling authenticator.refreshToken()
. Since this method will only refresh user token when it is close to being expired it doesn't have any additional surrounding logic and can be called every time before policies synchronization logic.
Synchronizer
Synchronizer is an util to synchronize and get content of remote polices. The simplest way is to use synchronizer.getPolicy()
method. The git repository for which to get policies can be passed both as path to local folder or specifying required git data.
import {createDefaultMonokleSynchronizer} from '@monokle/synchronizer';
const synchronizer = createDefaultMonokleSynchronizer();
// By path
const policy = await authenticator.getPolicy('/home/kubeshope/...');
// By repo data
const policy = await authenticator.getPolicy({
provider: 'github.com',
remote: 'origin',
owner: 'kubeshop',
name: 'monokle-core',
});
console.log(policy);
// {
// valid: boolean; // if policy is valid
// path: string; // full path to local .yaml policy file
// policy: StoragePolicyFormat; // entire policy content as JSON file
// }
Depending on the use case you may use policy JSON directly or pass path
to any other tool (like @monokle/validator
) which can read the file.
The above will only return valid policy if it was synchronized before. Synchronization can be done separately or as a part of getPolicy()
call:
import {createDefaultMonokleSynchronizer} from '@monokle/synchronizer';
const synchronizer = createDefaultMonokleSynchronizer();
// Force policy synchronization by passing `forceRefetch=true` and user access token:
const policy = await authenticator.getPolicy('/home/kubeshope/...', true, authenticator.user.token);
// Or do separate calls like:
await authenticator.synchronize('/home/kubeshope/...', authenticator.user.token);
const policy = await authenticator.getPolicy('/home/kubeshope/...');
Every time policy is synchronized (both via synchronize()
call or getPolicy()
with forceRefetch=true
call), synchronize
event will be emitted with policy object.
Error handling
Most of the Authenticator
and Synchronizer
top level methods will just throw errors when something unexpected happens, so it's a good idea to have some error handling in place.