Introduce keystone based auth & mock missing endpoints

Other miscellaneous improvements added. Change-Id: I007c717c398f12d75693ffdb8c45301367461cfb Signed-off-by: Ruslan Aliev <raliev@mirantis.com>
2024-02-12 19:31:12 -06:00 · 2024-02-12 19:31:12 -06:00 · 7094ac6ace
commit 7094ac6ace
parent 8b6a87059a
6 changed files with 434 additions and 178 deletions
--- a/cmd/wait.go
+++ b/cmd/wait.go
@ -16,8 +16,6 @@ package cmd

 import (
 	"context"
-	"strconv"
-	"time"

 	"github.com/spf13/cobra"
 	"k8s.io/client-go/rest"
@ -42,7 +40,6 @@ func NewWaitCommand(_ config.Factory) *cobra.Command {
 		return k8sConfig
 	}

-	var timeout string
 	p := &waitutil.WaitOptions{
 		RestConfig: getConfig(),
 	}
@ -53,11 +50,6 @@ func NewWaitCommand(_ config.Factory) *cobra.Command {
 		Args:  cobra.ExactArgs(0),
 		RunE: func(cmd *cobra.Command, args []string) error {
 			p.Logger = zap.New(zap.WriteTo(cmd.OutOrStdout()), zap.ConsoleEncoder())
-			intTimeout, err := strconv.Atoi(timeout)
-			if err != nil {
-				return err
-			}
-			p.Timeout = time.Second * time.Duration(intTimeout)
 			return p.Wait(context.Background())
 		},
 	}
@ -66,7 +58,7 @@ func NewWaitCommand(_ config.Factory) *cobra.Command {
 	flags.StringVar(&p.ResourceType, "resource-type", "", "resource type")
 	flags.StringVar(&p.Namespace, "namespace", "", "namespace")
 	flags.StringVar(&p.LabelSelector, "label-selector", "", "label selector")
-	flags.StringVar(&timeout, "timeout", "", "timeout")
+	flags.DurationVar(&p.Timeout, "timeout", 0, "timeout")
 	flags.StringVar(&p.MinReady, "min-ready", "", "min ready")

 	return runCmd
--- a/go.mod
+++ b/go.mod
@ -5,7 +5,8 @@ go 1.20
 require (
 	github.com/gin-gonic/gin v1.9.1
 	github.com/spf13/cobra v1.7.0
-	golang.org/x/sync v0.3.0
+	github.com/spf13/viper v1.18.2
+	golang.org/x/sync v0.5.0
 	k8s.io/api v0.28.4
 	k8s.io/apiextensions-apiserver v0.28.3
 	k8s.io/apimachinery v0.28.4
@ -19,8 +20,9 @@ require (
 require (
 	github.com/bytedance/sonic v1.9.1 // indirect
 	github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311 // indirect
-	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/emicklei/go-restful/v3 v3.11.0 // indirect
+	github.com/fsnotify/fsnotify v1.7.0 // indirect
 	github.com/gabriel-vasile/mimetype v1.4.2 // indirect
 	github.com/gin-contrib/sse v0.1.0 // indirect
 	github.com/go-logr/logr v1.2.4 // indirect
@ -37,35 +39,46 @@ require (
 	github.com/google/gnostic-models v0.6.8 // indirect
 	github.com/google/go-cmp v0.6.0 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
-	github.com/google/uuid v1.3.0 // indirect
+	github.com/google/uuid v1.4.0 // indirect
+	github.com/hashicorp/hcl v1.0.0 // indirect
 	github.com/imdario/mergo v0.3.13 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/klauspost/cpuid/v2 v2.2.4 // indirect
 	github.com/leodido/go-urn v1.2.4 // indirect
+	github.com/magiconair/properties v1.8.7 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/mattn/go-isatty v0.0.19 // indirect
+	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
-	github.com/pelletier/go-toml/v2 v2.0.8 // indirect
+	github.com/pelletier/go-toml/v2 v2.1.0 // indirect
+	github.com/sagikazarmark/locafero v0.4.0 // indirect
+	github.com/sagikazarmark/slog-shim v0.1.0 // indirect
+	github.com/sourcegraph/conc v0.3.0 // indirect
+	github.com/spf13/afero v1.11.0 // indirect
+	github.com/spf13/cast v1.6.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/subosito/gotenv v1.6.0 // indirect
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
 	github.com/ugorji/go/codec v1.2.11 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	go.uber.org/zap v1.25.0 // indirect
 	golang.org/x/arch v0.3.0 // indirect
-	golang.org/x/crypto v0.14.0 // indirect
-	golang.org/x/net v0.17.0 // indirect
-	golang.org/x/oauth2 v0.8.0 // indirect
-	golang.org/x/sys v0.13.0 // indirect
-	golang.org/x/term v0.13.0 // indirect
-	golang.org/x/text v0.13.0 // indirect
-	golang.org/x/time v0.3.0 // indirect
+	golang.org/x/crypto v0.16.0 // indirect
+	golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect
+	golang.org/x/net v0.19.0 // indirect
+	golang.org/x/oauth2 v0.15.0 // indirect
+	golang.org/x/sys v0.15.0 // indirect
+	golang.org/x/term v0.15.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
+	golang.org/x/time v0.5.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/protobuf v1.31.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
+	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	k8s.io/kube-openapi v0.0.0-20230717233707-2695361300d9 // indirect
--- a/go.sum
+++ b/go.sum
@ -9,11 +9,15 @@ github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311/go.mod h1:b583j
 github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
+github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g=
 github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
 github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U=
+github.com/frankban/quicktest v1.14.6 h1:7Xjx+VpznH+oBnejlPUj8oUpdxnVs4f8XU8WnHkI4W8=
+github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA=
+github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
 github.com/gabriel-vasile/mimetype v1.4.2 h1:w5qFW6JKBz9Y393Y4q372O9A7cUSequkh1Q7OhCmWKU=
 github.com/gabriel-vasile/mimetype v1.4.2/go.mod h1:zApsH/mKG4w07erKIaJPFiX0Tsq9BFQgN3qGY5GnNgA=
 github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE=
@ -57,8 +61,10 @@ github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/
 github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
 github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec=
-github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
-github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/google/uuid v1.4.0 h1:MtMxsa51/r9yyhkyLsVeVt0B+BGQZzpQiTQ4eHZ8bc4=
+github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
+github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
 github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk=
 github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg=
 github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
@ -81,10 +87,14 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
 github.com/leodido/go-urn v1.2.4 h1:XlAE/cm/ms7TE/VMVoduSpNBoyc2dOxHs5MZSwAN63Q=
 github.com/leodido/go-urn v1.2.4/go.mod h1:7ZrI8mTSeBSHl/UaRyKQW1qZeMgak41ANeCNaVckg+4=
+github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY=
+github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
 github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0=
 github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
 github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA=
 github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
+github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
+github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
@ -94,19 +104,31 @@ github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq
 github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
 github.com/onsi/ginkgo/v2 v2.11.0 h1:WgqUCUt/lT6yXoQ8Wef0fsNn5cAuMK7+KT9UFRz2tcU=
 github.com/onsi/gomega v1.27.10 h1:naR28SdDFlqrG6kScpT8VWpu1xWY5nJRCF3XaYyBjhI=
-github.com/pelletier/go-toml/v2 v2.0.8 h1:0ctb6s9mE31h0/lhu+J6OPmVeDxJn+kYnJc2jZR9tGQ=
-github.com/pelletier/go-toml/v2 v2.0.8/go.mod h1:vuYfssBdrU2XDZ9bYydBu6t+6a6PYNcZljzZR9VXg+4=
+github.com/pelletier/go-toml/v2 v2.1.0 h1:FnwAJ4oYMvbT/34k9zzHuZNrhlz48GB3/s6at6/MHO4=
+github.com/pelletier/go-toml/v2 v2.1.0/go.mod h1:tJU2Z3ZkXwnxa4DPO899bsyIoywizdUvyaeZurnPPDc=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
-github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
 github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
+github.com/sagikazarmark/locafero v0.4.0 h1:HApY1R9zGo4DBgr7dqsTH/JJxLTTsOt7u6keLGt6kNQ=
+github.com/sagikazarmark/locafero v0.4.0/go.mod h1:Pe1W6UlPYUk/+wc/6KFhbORCfqzgYEpgQ3O5fPuL3H4=
+github.com/sagikazarmark/slog-shim v0.1.0 h1:diDBnUNK9N/354PgrxMywXnAwEr1QZcOr6gto+ugjYE=
+github.com/sagikazarmark/slog-shim v0.1.0/go.mod h1:SrcSrq8aKtyuqEI1uvTDTK1arOWRIczQRv+GVI1AkeQ=
+github.com/sourcegraph/conc v0.3.0 h1:OQTbbt6P72L20UqAkXXuLOj79LfEanQ+YQFNpLA9ySo=
+github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIKqDmF7Mt0=
+github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8=
+github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY=
+github.com/spf13/cast v1.6.0 h1:GEiTHELF+vaR5dhz3VqZfFSzZjYbgeKDpBxQVS4GYJ0=
+github.com/spf13/cast v1.6.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo=
 github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I=
 github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0=
 github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
 github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
+github.com/spf13/viper v1.18.2 h1:LUXCnvUvSM6FXAsj6nnfc8Q2tp1dIgUfY9Kc8GsSOiQ=
+github.com/spf13/viper v1.18.2/go.mod h1:EKmWIqdnk5lOcmR72yw6hS+8OPYcwD0jteitLMVB+yk=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
 github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
@ -116,8 +138,10 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY=
-github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8=
+github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU=
 github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS4MhqMhdFk5YI=
 github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08=
 github.com/ugorji/go/codec v1.2.11 h1:BMaWp1Bb6fHwEtbplGBGJ498wD+LKlNSl25MjdZY4dU=
@ -140,8 +164,10 @@ golang.org/x/arch v0.3.0/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc=
-golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
+golang.org/x/crypto v0.16.0 h1:mMMrFzRSCF0GvB7Ne27XVtVAaXLrPmgPC7/v0tkwHaY=
+golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
+golang.org/x/exp v0.0.0-20230905200255-921286631fa9 h1:GoHiUyI/Tp2nVkLI2mCxVkOjsbSXD66ic0XW0js0R9g=
+golang.org/x/exp v0.0.0-20230905200255-921286631fa9/go.mod h1:S2oDrQGGwySpoQPVqRShND87VCbxmc6bL1Yd2oYrm6k=
 golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
 golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
@ -153,16 +179,16 @@ golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLL
 golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
-golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM=
-golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
-golang.org/x/oauth2 v0.8.0 h1:6dkIjl3j3LtZ/O3sTgZTMsLKSftL/B8Zgq4huOIIUu8=
-golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE=
+golang.org/x/net v0.19.0 h1:zTwKpTd2XuCqf8huc7Fo2iSy+4RHPd10s4KzeTnVr1c=
+golang.org/x/net v0.19.0/go.mod h1:CfAk/cbD4CthTvqiEl8NpboMuiuOYsAr/7NOjZJtv1U=
+golang.org/x/oauth2 v0.15.0 h1:s8pnnxNVzjWyrvYdFUQq5llS1PX2zhPXmccZv99h7uQ=
+golang.org/x/oauth2 v0.15.0/go.mod h1:q48ptWNTY5XWf+JNten23lcvHpLJ0ZSxF5ttTHKVCAM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E=
-golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
+golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE=
+golang.org/x/sync v0.5.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@ -171,25 +197,25 @@ golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220704084225-05e143d24a9e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE=
-golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc=
+golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
-golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek=
-golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U=
+golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4=
+golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
-golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
-golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4=
-golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
+golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk=
+golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
 golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
-golang.org/x/tools v0.9.3 h1:Gn1I8+64MsuTb/HpH+LmQtNas23LhUVr3rYZ0eKuaMM=
+golang.org/x/tools v0.13.0 h1:Iey4qkscZuv0VvIt8E0neZjtPVQFSc870HQ448QgEmQ=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@ -206,6 +232,8 @@ gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntN
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
 gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc=
 gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
+gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA=
+gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
 gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
--- a/pkg/config/config.go
+++ b/pkg/config/config.go
@ -13,32 +13,13 @@
 package config

 import (
-	"fmt"
-	"os"
-	"path/filepath"
-
-	"sigs.k8s.io/yaml"
+	"github.com/spf13/viper"

 	"opendev.org/airship/armada-go/pkg/log"
-	"opendev.org/airship/armada-go/pkg/util"
 )

-// Where possible, json tags match the cli argument names.
-// Top level config objects and all values required for proper functioning are not "omitempty".
-// Any truly optional piece of config is allowed to be omitted.
-
 // Config holds the information required by armada-go commands
-// It is somewhat a superset of what a kubeconfig looks like
-type Config struct {
-	// +optional
-	Kind string `json:"kind,omitempty"`
-
-	// loadedConfigPath is the full path to the location of the config
-	// file from which this config was loaded
-	// +not persisted in file
-	loadedConfigPath string
-	//fileSystem       kustfs.FileSystem
-}
+type Config struct{}

 // Factory is a function which returns ready to use config object and error (if any)
 type Factory func() (*Config, error)
@ -46,124 +27,21 @@ type Factory func() (*Config, error)
 // CreateFactory returns function which creates ready to use Config object
 func CreateFactory(armadaConfigPath *string) Factory {
 	return func() (*Config, error) {
-		cfg := NewEmptyConfig()
-
-		var acp string
-		if armadaConfigPath != nil {
-			acp = *armadaConfigPath
-		}
-
-		cfg.initConfigPath(acp)
-		err := cfg.LoadConfig()
+		err := initConfig()
 		if err != nil {
-			// Should stop armada-go
 			log.Print("Failed to load or initialize config: ", err)
-			CreateConfig(acp, true)
+			return nil, err
 		}
-
-		return cfg, nil
+		return &Config{}, nil
 	}
 }

-// CreateConfig saves default config to the specified path
-func CreateConfig(armadaConfigPath string, overwrite bool) error {
-	cfg := NewConfig()
-	cfg.initConfigPath(armadaConfigPath)
-	return cfg.PersistConfig(overwrite)
-}
-
-// initConfigPath - Initializes loadedConfigPath variable for Config object
-func (c *Config) initConfigPath(armadaConfigPath string) {
-	switch {
-	case armadaConfigPath != "":
-		// The loadedConfigPath may already have been received as a command line argument
-		c.loadedConfigPath = armadaConfigPath
-	case os.Getenv("ARMADA_CONFIG") != "":
-		// Otherwise, we can check if we got the path via ENVIRONMENT variable
-		c.loadedConfigPath = os.Getenv("ARMADA_CONFIG")
-	default:
-		// Otherwise, we'll try putting it in the home directory
-		c.loadedConfigPath = filepath.Join(util.UserHomeDir(), ".armada", "config")
-	}
-}
-
-func (c *Config) LoadConfig() error {
-	// If I can read from the file, load from it
-	// throw an error otherwise
-	data, err := os.ReadFile(c.loadedConfigPath)
-	if err != nil {
+// InitConfig reads an armada config from the default cfg file
+func initConfig() error {
+	viper.SetConfigFile("/etc/armada/armada.conf")
+	viper.SetConfigType("ini")
+	if err := viper.ReadInConfig(); err != nil {
 		return err
 	}
-
-	return yaml.Unmarshal(data, c)
-}
-
-// NewEmptyConfig returns an initialized Config object with no default values
-func NewEmptyConfig() *Config {
-	return &Config{}
-}
-
-// NewConfig returns a newly initialized Config object
-func NewConfig() *Config {
-	return &Config{
-		Kind: "kind",
-		//fileSystem: kustfs.MakeFsInMemory(),
-	}
-}
-
-// ErrConfigFileExists is returned when there is an existing file at specified location
-type ErrConfigFileExists struct {
-	Path string
-}
-
-func (e ErrConfigFileExists) Error() string {
-	return fmt.Sprintf("could not create default config at %s, file already exists", e.Path)
-}
-
-// ToYaml returns a YAML document
-// It serializes the given Config object to a valid YAML document
-func (c *Config) ToYaml() ([]byte, error) {
-	return yaml.Marshal(&c)
-}
-
-// PersistConfig updates the airshipctl config file to match
-// the current Config object.
-// If file did not previously exist, the file will be created.
-// The file will be overwritten if overwrite argument set to true
-func (c *Config) PersistConfig(overwrite bool) error {
-	if _, err := os.Stat(c.loadedConfigPath); err == nil && !overwrite {
-		return ErrConfigFileExists{Path: c.loadedConfigPath}
-	}
-
-	airshipConfigYaml, err := c.ToYaml()
-	if err != nil {
-		return err
-	}
-
-	// WriteFile doesn't create the directory, create it if needed
-	dir := filepath.Dir(c.loadedConfigPath)
-	err = os.MkdirAll(dir, 0755)
-	if err != nil {
-		return err
-	}
-
-	// Change the permission of directory
-	err = os.Chmod(dir, os.FileMode(0755))
-	if err != nil {
-		return err
-	}
-
-	// Write the Airship Config file
-	err = os.WriteFile(c.loadedConfigPath, airshipConfigYaml, 0644)
-	if err != nil {
-		return err
-	}
-
-	// Change the permission of config file
-	err = os.Chmod(c.loadedConfigPath, os.FileMode(0644))
-	if err != nil {
-		return err
-	}
-
 	return nil
 }
--- a/pkg/server/auth.go
+++ b/pkg/server/auth.go
@ -0,0 +1,289 @@
+package server
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"net/http"
+	"strings"
+	"time"
+
+	"github.com/gin-gonic/gin"
+
+	"opendev.org/airship/armada-go/pkg/log"
+)
+
+var Log func(string, ...interface{}) = func(format string, a ...interface{}) {
+	log.Printf(format, a...)
+}
+
+// Cache provides the interface for cache implementations.
+type Cache interface {
+	//Set stores a value with the given ttl
+	Set(key string, value interface{}, ttl time.Duration)
+	//Get retrieves a value previously stored in the cache.
+	//value has to be a pointer to a data structure that matches the type previously given to Set
+	//The return value indicates if a value was found
+	Get(key string, value interface{}) bool
+}
+
+// Auth is the entrypoint for creating the middleware
+type Auth struct {
+	//Keystone v3 endpoint url for validating tokens ( e.g https://some.where:5000/v3)
+	Endpoint string
+	//User-Agent used for all http request by the middleware. Defaults to go-keystone-middleware/1.0
+	UserAgent string
+	//A cache implementation the middleware should use for caching tokens. By default, no caching is performed.
+	TokenCache Cache
+	//How long to cache tokens. Defaults to 5 minutes.
+	CacheTime time.Duration
+
+	//http client to use for requests, default to  &http.Client{ Timeout: 5 * time.Second }
+	Client *http.Client
+}
+
+// New returns a new Auth object initialized with default values
+func New(endpoint string) *Auth {
+	auth := &Auth{Endpoint: endpoint}
+	auth.ensureDefaults()
+	return auth
+}
+
+// Handler returns a http handler for use in a middleware chain.
+func (a *Auth) Handler(h http.Handler) gin.HandlerFunc {
+	a.ensureDefaults()
+	return gin.WrapH(&handler{Auth: a, handler: h})
+}
+
+// Validate a token.
+// This is useful if you don't want to use the http middleware
+func (a *Auth) Validate(authToken string) (*Token, error) {
+	if a.TokenCache != nil {
+		var cachedToken Token
+		if ok := a.TokenCache.Get(authToken, &cachedToken); ok && cachedToken.Valid() {
+			Log("Found valid token in cache")
+			return &cachedToken, nil
+		}
+	}
+
+	req, err := http.NewRequest("GET", a.Endpoint+"/auth/tokens?nocatalog", nil)
+	if err != nil {
+		return nil, err
+	}
+	req.Header.Set("X-Auth-Token", authToken)
+	req.Header.Set("X-Subject-Token", authToken)
+	req.Header.Set("User-Agent", a.UserAgent)
+
+	r, err := a.Client.Do(req)
+	if err != nil {
+		return nil, err
+	}
+	defer r.Body.Close()
+
+	if r.StatusCode >= 400 {
+		return nil, errors.New(r.Status)
+	}
+
+	var resp authResponse
+	if err = json.NewDecoder(r.Body).Decode(&resp); err != nil {
+		return nil, err
+	}
+
+	if e := resp.Error; e != nil {
+		return nil, fmt.Errorf("%s : %s", r.Status, e.Message)
+	}
+	if r.StatusCode != http.StatusOK {
+		return nil, fmt.Errorf("%s", r.Status)
+	}
+	if resp.Token == nil {
+		return nil, errors.New("response didn't contain token context")
+	}
+	if !resp.Token.Valid() {
+		return nil, errors.New("returned token is not valid")
+	}
+
+	if a.TokenCache != nil {
+		ttl := a.CacheTime
+		//The expiry date of the token provides an upper bound on the cache time
+		if expiresIn := resp.Token.ExpiresAt.Sub(time.Now()); expiresIn < a.CacheTime {
+			ttl = expiresIn
+		}
+		a.TokenCache.Set(authToken, *resp.Token, ttl)
+	}
+
+	return resp.Token, nil
+}
+
+func (a *Auth) ensureDefaults() {
+
+	if a.UserAgent == "" {
+		a.UserAgent = "go-keystone-middleware/1.0"
+	}
+
+	if a.CacheTime == 0 {
+		a.CacheTime = 5 * time.Minute
+	}
+
+	if a.Client == nil {
+		a.Client = &http.Client{
+			Timeout: 5 * time.Second,
+		}
+	}
+
+}
+
+type handler struct {
+	*Auth
+	handler http.Handler
+}
+
+func (h *handler) ServeHTTP(_ http.ResponseWriter, req *http.Request) {
+	filterIncomingHeaders(req)
+	req.Header.Set("X-Identity-Status", "Invalid")
+	authToken := req.Header.Get("X-Auth-Token")
+	if authToken == "" {
+		return
+	}
+
+	context, err := h.Auth.Validate(authToken)
+	if err != nil {
+		Log("Failed to validate token: %v", err)
+		return
+	}
+
+	req.Header.Set("X-Identity-Status", "Confirmed")
+	for k, v := range context.headers() {
+		req.Header.Set(k, v)
+	}
+	Log("Auth OK Request validated")
+}
+
+// Domain holds information about the scope of a token
+type Domain struct {
+	ID      string
+	Name    string
+	Enabled bool
+}
+
+// Project contains information about the scope of a token
+type Project struct {
+	ID      string
+	Name    string
+	Enabled bool
+	Domain  Domain
+}
+
+// Token describes the scope of a validated token
+type Token struct {
+	ExpiresAt time.Time `json:"expires_at"`
+	IssuedAt  time.Time `json:"issued_at"`
+	User      struct {
+		ID      string
+		Name    string
+		Email   string
+		Enabled bool
+		Domain  struct {
+			ID   string
+			Name string
+		}
+	}
+	Project *Project
+	Domain  *Domain
+	Roles   []struct {
+		ID   string
+		Name string
+	}
+}
+
+// Valid returns if the token is valid based on the expiration and issue date
+func (t Token) Valid() bool {
+	now := time.Now().Unix()
+	return t.IssuedAt.Unix() <= now && now < t.ExpiresAt.Unix()
+}
+
+type authResponse struct {
+	Error *struct {
+		Code    int
+		Message string
+		Title   string
+	}
+	Token *Token
+}
+
+func (t Token) headers() map[string]string {
+	headers := make(map[string]string)
+	headers["X-User-Id"] = t.User.ID
+	headers["X-User-Name"] = t.User.Name
+	headers["X-User-Domain-Id"] = t.User.Domain.ID
+	headers["X-User-Domain-Name"] = t.User.Domain.Name
+
+	if project := t.Project; project != nil {
+		headers["X-Project-Name"] = project.Name
+		headers["X-Project-Id"] = project.ID
+		headers["X-Project-Domain-Name"] = project.Domain.Name
+		headers["X-Project-Domain-Id"] = project.Domain.ID
+
+	}
+
+	if domain := t.Domain; domain != nil {
+		headers["X-Domain-Id"] = domain.ID
+		headers["X-Domain-Name"] = domain.Name
+	}
+
+	if roles := t.Roles; roles != nil {
+		roleNames := []string{}
+		for _, role := range t.Roles {
+			roleNames = append(roleNames, role.Name)
+		}
+		headers["X-Roles"] = strings.Join(roleNames, ",")
+
+	}
+
+	return headers
+}
+
+func filterIncomingHeaders(req *http.Request) {
+	req.Header.Del("X-Identity-Status")
+	req.Header.Del("X-Service-Identity-Status")
+
+	req.Header.Del("X-Domain-Id")
+	req.Header.Del("X-Service-Domain-Id")
+
+	req.Header.Del("X-Domain-Name")
+	req.Header.Del("X-Service-Domain-Name")
+
+	req.Header.Del("X-Project-Id")
+	req.Header.Del("X-Service-Project-Id")
+
+	req.Header.Del("X-Project-Name")
+	req.Header.Del("X-Service-Project-Name")
+
+	req.Header.Del("X-Project-Domain-Id")
+	req.Header.Del("X-Service-Project-Domain-Id")
+
+	req.Header.Del("X-Project-Domain-Name")
+	req.Header.Del("X-Service-Project-Domain-Name")
+
+	req.Header.Del("X-User-Id")
+	req.Header.Del("X-Service-User-Id")
+
+	req.Header.Del("X-User-Name")
+	req.Header.Del("X-Service-User-Name")
+
+	req.Header.Del("X-User-Domain-Id")
+	req.Header.Del("X-Service-User-Domain-Id")
+
+	req.Header.Del("X-User-Domain-Name")
+	req.Header.Del("X-Service-User-Domain-Name")
+
+	req.Header.Del("X-Roles")
+	req.Header.Del("X-Service-Roles")
+
+	req.Header.Del("X-Service-Catalog")
+
+	//deprecated Headers
+	req.Header.Del("X-Tenant-Id")
+	req.Header.Del("X-Tenant")
+	req.Header.Del("X-User")
+	req.Header.Del("X-Role")
+}
--- a/pkg/server/server.go
+++ b/pkg/server/server.go
@ -15,7 +15,11 @@
 package server

 import (
+	"net/http"
+
 	"github.com/gin-gonic/gin"
+	"github.com/spf13/viper"
+
 	"opendev.org/airship/armada-go/pkg/config"
 	"opendev.org/airship/armada-go/pkg/log"
 )
@ -26,6 +30,52 @@ type RunCommand struct {
 }

 func Apply(c *gin.Context) {
+	if c.GetHeader("X-Identity-Status") == "Confirmed" {
+		c.JSON(200, gin.H{
+			"message": gin.H{
+				"install":   []any{},
+				"upgrade":   []any{},
+				"diff":      []any{},
+				"purge":     []any{},
+				"protected": []any{},
+			},
+		})
+	} else {
+		c.Status(401)
+	}
+}
+
+func Validate(c *gin.Context) {
+	if c.GetHeader("X-Identity-Status") == "Confirmed" {
+		c.JSON(200, gin.H{
+			"kind":       "Status",
+			"apiVersion": "v1.0",
+			"metadata":   gin.H{},
+			"reason":     "Validation",
+			"details":    gin.H{"errorCount": 0, "messageList": []any{}},
+			"status":     "Success",
+			"message":    "Armada validations succeeded",
+		})
+		c.Status(200)
+	} else {
+		c.Status(401)
+	}
+}
+
+func Releases(c *gin.Context) {
+	if c.GetHeader("X-Identity-Status") == "Confirmed" {
+		c.JSON(200, gin.H{
+			"releases": gin.H{
+				"ucp": []string{"clcp-ucp-armada"},
+			},
+		})
+	} else {
+		c.Status(401)
+	}
+}
+
+func Health(c *gin.Context) {
+	c.String(http.StatusOK, "OK")
 }

 // RunE runs the phase
@ -37,6 +87,12 @@ func (c *RunCommand) RunE() error {

 	log.Printf("armada-go server has been started")
 	r := gin.Default()
-	r.GET("/apply", Apply)
+	r.Use(gin.Logger())
+	auth := New(viper.Sub("keystone_authtoken").GetString("auth_url"))
+
+	r.POST("/api/v1.0/apply", auth.Handler(r.Handler()), Apply)
+	r.POST("/api/v1.0/validatedesign", auth.Handler(r.Handler()), Validate)
+	r.GET("/api/v1.0/releases", auth.Handler(r.Handler()), Releases)
+	r.GET("/api/v1.0/health", Health)
 	return r.Run(":8000")
 }