infra

module

v0.0.1-0...-4a2c530 Latest Latest Go to latest Published: Nov 12, 2025 License: Apache-2.0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/stackrox/infra

Links

Open Source Insights

README ¶

Infra

🌧️ Automated infrastructure and demo provisioning

Development

Infra (the server) and infractl (the cli) are written in Go, and use gRPC for client-server communication. The UI uses a React/Typescript/Yarn toolchain (see ui/README.md).

While a development workflow can be achieved using a locally installed toolchain, it is also possible to rely on CI. CI will lint, build and push the infra server. And then deploy it to a development cluster created using the production infra deployment. A (comment)[https://github.com/stackrox/infra/pull/711#issuecomment-1270457578] will appear on PRs with more detail.

Debugging

If opened in VS Code, you will find configurations for debugging CLI and Server.

CLI

To debug a CLI command, update the VS Code launch configuration "Debug CLI" with the desired command and update the INFRA_TOKEN value if necessary. You may also point to a different infra server with the --endpoint flag.

Server

To debug the server, you need to fulfil the prerequisites first.

Have an authenticated gcloud CLI and GNU sed installed.
Have your KUBECONFIG point to a cluster where Argo Workflows and the ConfigMaps and Secrets for infra are deployed. This is most easily achieved by connecting to a PR cluster or deploying infra with ENVIRONMENT=<DEVELOPMENT,PRODUCTION> make helm-deploy to a new or local cluster. This cluster will only be used to run workflows.
Run make prepare-local-server-debugging to set the contents of the configuration directory and compile the UI + CLI (for downloads).

Then, you can use the "Debug Server" launch configuration.

Regenerate Go bindings from protos

To regenerate the Go proto bindings, run:

make proto-generated-srcs

Building the server and cli

To compile a server and client binary, run:

make server cli-local

Building or pushing images

GitHub Actions will build and push the infra-server image based on make tag of the most recent commit. Or you can build and push locally if you have the correct tooling installed with:

make image push

Deployment

For additional information on how this service is deployed, please refer to the deployment instructions.

Runbook

For additional information on how to debug and remediate issues with the deployed service, please refer to the runbook instructions.

Directories ¶

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

Path	Synopsis
certifier
cmd
infra-server command
infractl command
infractl/cli Package cli implements the infractl cli ...	Package cli implements the infractl cli ...
infractl/cli/upgrade Package upgrade implements the infractl cli upgrade command.	Package upgrade implements the infractl cli upgrade command.
infractl/cluster/artifacts Package artifacts implements the infractl artifacts command.	Package artifacts implements the infractl artifacts command.
infractl/cluster/create Package create implements the infractl create command.	Package create implements the infractl create command.
infractl/cluster/delete Package delete implements the infractl delete command.	Package delete implements the infractl delete command.
infractl/cluster/get Package get implements the infractl get command.	Package get implements the infractl get command.
infractl/cluster/lifespan Package lifespan implements the infractl lifespan command.	Package lifespan implements the infractl lifespan command.
infractl/cluster/list Package list implements the infractl list command.	Package list implements the infractl list command.
infractl/cluster/logs Package logs implements the infractl logs command.	Package logs implements the infractl logs command.
infractl/cluster/utils Package utils contains methods to validate user input for cluster operations.	Package utils contains methods to validate user input for cluster operations.
infractl/common Package common provides some helper functionality for building command line handlers.	Package common provides some helper functionality for building command line handlers.
infractl/flavor Package flavor implements the infractl flavor ...	Package flavor implements the infractl flavor ...
infractl/flavor/get Package get implements the infractl flavor get command.	Package get implements the infractl flavor get command.
infractl/flavor/list Package list implements the infractl flavor list command.	Package list implements the infractl flavor list command.
infractl/janitor/find Package find implements the infractl janitor find-gcp command.	Package find implements the infractl janitor find-gcp command.
infractl/status Package status implements the infractl status command.	Package status implements the infractl status command.
infractl/status/get Package get implements the infractl status get command.	Package get implements the infractl status get command.
infractl/status/reset Package reset implements the infractl status reset command.	Package reset implements the infractl status reset command.
infractl/status/set Package set implements the infractl status set command.	Package set implements the infractl status set command.
infractl/token Package token implements the infractl token command.	Package token implements the infractl token command.
infractl/version Package version implements the infractl version command.	Package version implements the infractl version command.
infractl/whoami Package whoami implements the infractl whoami command.	Package whoami implements the infractl whoami command.
generated
api/v1 Package v1 is a reverse proxy.	Package v1 is a reverse proxy.
pkg
auth Package auth facilitates an OAuth login/logout flow.	Package auth facilitates an OAuth login/logout flow.
auth/claimrule Package claimrule implements checks for access tokens.	Package claimrule implements checks for access tokens.
bqutil Package bqutil implements a client for BigQuery.	Package bqutil implements a client for BigQuery.
buildinfo Package buildinfo provides information about the built binary and the environment in which it was built.	Package buildinfo provides information about the built binary and the environment in which it was built.
buildinfo/internal Package internal implements version and build information variables.	Package internal implements version and build information variables.
config Package config provides configurability for the entire application.	Package config provides configurability for the entire application.
flavor Package flavor enables the configuration and registration of flavors and their associated Argo workflows.	Package flavor enables the configuration and registration of flavors and their associated Argo workflows.
kube Package kube provides access to the k8s API	Package kube provides access to the k8s API
logging Package logging provides wrappers around zap logging.	Package logging provides wrappers around zap logging.
platform Package platform handles os and arch combinations.	Package platform handles os and arch combinations.
server Package server facilitates running a HTTPS and gRPC server.	Package server facilitates running a HTTPS and gRPC server.
service Package service implements the backend services for the infra server.	Package service implements the backend services for the infra server.
service/cluster Package cluster provides an implementation for the Cluster gRPC service.	Package cluster provides an implementation for the Cluster gRPC service.
service/metrics Package metrics exposes custom metrics for the infra server.	Package metrics exposes custom metrics for the infra server.
service/middleware Package middleware provides functionality for instrumenting and enriching grpc connections.	Package middleware provides functionality for instrumenting and enriching grpc connections.
signer Package signer facilitates the generation of signed GCS URLS.	Package signer facilitates the generation of signed GCS URLS.
slack Package slack handles interfacing with the Slack API.	Package slack handles interfacing with the Slack API.
scripts
local-dev command
test
utils Package utils implements helper functions for the e2e tests.	Package utils implements helper functions for the e2e tests.
utils/mock Package mock implements helpers to mock infractl calls and outputs for tests.	Package mock implements helpers to mock infractl calls and outputs for tests.