Merge branch 'cli' into 'main'

Merge server and cli binaries into one

See merge request gitlab-org/software-supply-chain-security/authorization/authzd!8

5 files changed, 32 insertions, 43 deletions

diff --git a/Cargo.toml b/Cargo.toml
index 7c4ae3d0..c99f5625 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -5,10 +5,6 @@ edition = "2024"
 
 [[bin]]
 name = "authzd"
-path = "src/main.rs"
-
-[[bin]]
-name = "cli"
 path = "src/bin/cli.rs"
 
 [lib]
diff --git a/Makefile b/Makefile
index 1c1bff8d..82d6f5a7 100644
--- a/Makefile
+++ b/Makefile
@@ -1,5 +1,4 @@
 AUTHZD_BIN := bin/authzd
-CLI_BIN := bin/cli
 GIT_BRANCH := $(shell git rev-parse --abbrev-ref HEAD | sed 's/\//_/g')
 PROJECT_NAME := $(shell basename $(shell pwd))
 IMAGE_TAG := $(PROJECT_NAME):$(GIT_BRANCH)
@@ -19,12 +18,8 @@ $(AUTHZD_BIN): $(shell find src -name "*.rs" 2>/dev/null) Cargo.toml
 	@cargo build --bin authzd --offline
 	@cp target/debug/authzd bin/authzd
 
-$(CLI_BIN): $(shell find src -name "*.rs" 2>/dev/null) Cargo.toml
-	@cargo build --bin cli --offline
-	@cp target/debug/cli bin/cli
-
 # Cargo targets
-build: $(AUTHZD_BIN) $(CLI_BIN)
+build: $(AUTHZD_BIN)
 
 check:
 	@cargo check
@@ -36,7 +31,7 @@ run: build
 	@minit
 
 clean:
-	@rm -f $(AUTHZD_BIN) $(CLI_BIN)
+	@rm -f $(AUTHZD_BIN)
 	@cargo clean
 
 fmt:
@@ -76,10 +71,10 @@ check-gitlab-token:
 		exit 1; \
 	fi
 
-staging-entities: $(CLI_BIN) check-gitlab-token
-	@$(CLI_BIN) generate --host https://staging.gitlab.com --project authorization/sparkle/team --output etc/authzd/staging.gitlab.com/authorization/sparkle/team/entities.json
+staging-entities: $(AUTHZD_BIN) check-gitlab-token
+	@$(AUTHZD_BIN) generate --host https://staging.gitlab.com --project authorization/sparkle/team --output etc/authzd/staging.gitlab.com/authorization/sparkle/team/entities.json
 
-production-entities: $(CLI_BIN) check-gitlab-token
-	@$(CLI_BIN) generate --project gitlab-org/gitlab --output etc/authzd/gitlab.com/gitlab-org/gitlab/entities.json
-	@$(CLI_BIN) generate --project gitlab-org/software-supply-chain-security/authorization/authzd --output etc/authzd/gitlab.com/gitlab-org/software-supply-chain-security/authorization/authzd/entities.json
-	@$(CLI_BIN) generate --project gitlab-org/software-supply-chain-security/authorization/sparkled --output etc/authzd/gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/entities.json
+production-entities: $(AUTHZD_BIN) check-gitlab-token
+	@$(AUTHZD_BIN) generate --project gitlab-org/gitlab --output etc/authzd/gitlab.com/gitlab-org/gitlab/entities.json
+	@$(AUTHZD_BIN) generate --project gitlab-org/software-supply-chain-security/authorization/authzd --output etc/authzd/gitlab.com/gitlab-org/software-supply-chain-security/authorization/authzd/entities.json
+	@$(AUTHZD_BIN) generate --project gitlab-org/software-supply-chain-security/authorization/sparkled --output etc/authzd/gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/entities.json
diff --git a/Procfile b/Procfile
index 8062bf67..39bbbeaf 100644
--- a/Procfile
+++ b/Procfile
@@ -1,2 +1,2 @@
-authzd: ./bin/authzd
+authzd: ./bin/authzd server
 envoy: ./bin/envoy -c ./etc/envoy/envoy.yaml --base-id 1 --log-level warn --component-log-level admin:warn,connection:warn,grpc:warn,http:warn,http2:warn,router:warn,upstream:warn
diff --git a/src/bin/cli.rs b/src/bin/cli.rs
index fc70ae82..6f089353 100644
--- a/src/bin/cli.rs
+++ b/src/bin/cli.rs
@@ -38,6 +38,11 @@ enum Commands {
         )]
         host: String,
     },
+    Server {
+        /// Address to bind to
+        #[arg(short, long, env = "BIND_ADDR", default_value = "127.0.0.1:50051")]
+        addr: String,
+    },
 }
 
 #[tokio::main]
@@ -63,6 +68,24 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
                 output
             );
         }
+        Commands::Server { addr } => {
+            tracing_subscriber::fmt()
+                .json()
+                .with_max_level(tracing::Level::INFO)
+                .with_current_span(true)
+                .with_span_list(true)
+                .with_target(true)
+                .with_thread_ids(true)
+                .with_thread_names(true)
+                .with_file(true)
+                .with_line_number(true)
+                .init();
+
+            tracing::info!(address = %addr, "Starting authorization server");
+            authzd::authorization::Server::new(authzd::authorization::CedarAuthorizer::default())?
+                .serve(addr.parse().unwrap())
+                .await?;
+        }
     }
 
     Ok(())
diff --git a/src/main.rs b/src/main.rs
deleted file mode 100644
index add0d88d..00000000
--- a/src/main.rs
+++ /dev/null
@@ -1,25 +0,0 @@
-#[tokio::main]
-async fn main() -> Result<(), Box<dyn std::error::Error>> {
-    tracing_subscriber::fmt()
-        .json()
-        .with_max_level(tracing::Level::INFO)
-        .with_current_span(true)
-        .with_span_list(true)
-        .with_target(true)
-        .with_thread_ids(true)
-        .with_thread_names(true)
-        .with_file(true)
-        .with_line_number(true)
-        .init();
-
-    let addr = std::env::var("BIND_ADDR")
-        .unwrap_or_else(|_| "127.0.0.1:50051".to_string())
-        .parse()?;
-
-    tracing::info!(address = %addr, "Starting authorization server");
-    let cedar = authzd::authorization::CedarAuthorizer::default();
-    let server = authzd::authorization::Server::new(cedar)?;
-    server.serve(addr).await?;
-
-    Ok(())
-}