Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / dd32bbcf11ff3be729efe7bcc9902761858e2b00 / . / core / installer / welcome / dodo_app.go
blob: bd72aefd23f3bd058c80e5eb5b975da4f18a96be [file] [log] [blame]
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]1package welcome
2
3import (
gio94904702024-07-26 16:58:34 +0400[diff] [blame]4 "bytes"
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]5 "context"
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]6 "embed"
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]7 "encoding/json"
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]8 "errors"
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]9 "fmt"
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]10 "html/template"
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]11 "io"
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]12 "io/fs"
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]13 "net/http"
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]14 "slices"
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]15 "strings"
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]16 "sync"
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]17 "time"
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]18
Davit Tabidzea5ea5092024-08-01 15:28:09 +0400[diff] [blame]19 "golang.org/x/crypto/bcrypt"
20 "golang.org/x/exp/rand"
21
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]22 "github.com/giolekva/pcloud/core/installer"
23 "github.com/giolekva/pcloud/core/installer/soft"
gio43b0f422024-08-21 10:40:13 +0400[diff] [blame]24 "github.com/giolekva/pcloud/core/installer/tasks"
gio33059762024-07-05 13:19:07 +0400[diff] [blame]25
26 "github.com/gorilla/mux"
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]27 "github.com/gorilla/securecookie"
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]28)
29
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]30//go:embed dodo-app-tmpl/*
31var dodoAppTmplFS embed.FS
32
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]33//go:embed all:app-tmpl
34var appTmplsFS embed.FS
35
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]36const (
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]37 ConfigRepoName = "config"
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]38 appConfigsFile = "/apps.json"
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]39 loginPath = "/login"
40 logoutPath = "/logout"
gio1bf00802024-08-17 12:31:41 +0400[diff] [blame]41 staticPath = "/stat/"
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]42 apiPublicData = "/api/public-data"
43 apiCreateApp = "/api/apps"
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]44 sessionCookie = "dodo-app-session"
45 userCtx = "user"
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]46 initCommitMsg = "init"
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]47)
48
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]49type dodoAppTmplts struct {
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]50 index *template.Template
51 appStatus *template.Template
52 commitStatus *template.Template
gio183e8342024-08-20 06:01:24 +0400[diff] [blame]53 logs *template.Template
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]54}
55
56func parseTemplatesDodoApp(fs embed.FS) (dodoAppTmplts, error) {
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]57 base, err := template.ParseFS(fs, "dodo-app-tmpl/base.html")
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]58 if err != nil {
59 return dodoAppTmplts{}, err
60 }
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]61 parse := func(path string) (*template.Template, error) {
62 if b, err := base.Clone(); err != nil {
63 return nil, err
64 } else {
65 return b.ParseFS(fs, path)
66 }
67 }
68 index, err := parse("dodo-app-tmpl/index.html")
69 if err != nil {
70 return dodoAppTmplts{}, err
71 }
72 appStatus, err := parse("dodo-app-tmpl/app_status.html")
73 if err != nil {
74 return dodoAppTmplts{}, err
75 }
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]76 commitStatus, err := parse("dodo-app-tmpl/commit_status.html")
77 if err != nil {
78 return dodoAppTmplts{}, err
79 }
gio183e8342024-08-20 06:01:24 +0400[diff] [blame]80 logs, err := parse("dodo-app-tmpl/logs.html")
81 if err != nil {
82 return dodoAppTmplts{}, err
83 }
84 return dodoAppTmplts{index, appStatus, commitStatus, logs}, nil
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]85}
86
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]87type DodoAppServer struct {
giocb34ad22024-07-11 08:01:13 +0400[diff] [blame]88 l sync.Locker
89 st Store
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]90 nf NetworkFilter
91 ug UserGetter
giocb34ad22024-07-11 08:01:13 +0400[diff] [blame]92 port int
93 apiPort int
94 self string
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]95 repoPublicAddr string
giocb34ad22024-07-11 08:01:13 +0400[diff] [blame]96 sshKey string
97 gitRepoPublicKey string
98 client soft.Client
99 namespace string
100 envAppManagerAddr string
101 env installer.EnvConfig
102 nsc installer.NamespaceCreator
103 jc installer.JobCreator
gio36b23b32024-08-25 12:20:54 +0400[diff] [blame]104 vpnKeyGen installer.VPNAuthKeyGenerator
giocb34ad22024-07-11 08:01:13 +0400[diff] [blame]105 workers map[string]map[string]struct{}
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]106 appConfigs map[string]appConfig
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]107 tmplts dodoAppTmplts
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]108 appTmpls AppTmplStore
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]109 external bool
110 fetchUsersAddr string
gio43b0f422024-08-21 10:40:13 +0400[diff] [blame]111 reconciler tasks.Reconciler
gio183e8342024-08-20 06:01:24 +0400[diff] [blame]112 logs map[string]string
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]113}
114
115type appConfig struct {
116 Namespace string `json:"namespace"`
117 Network string `json:"network"`
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]118}
119
gio33059762024-07-05 13:19:07 +0400[diff] [blame]120// TODO(gio): Initialize appNs on startup
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]121func NewDodoAppServer(
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]122 st Store,
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]123 nf NetworkFilter,
124 ug UserGetter,
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]125 port int,
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]126 apiPort int,
gio33059762024-07-05 13:19:07 +0400[diff] [blame]127 self string,
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]128 repoPublicAddr string,
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]129 sshKey string,
gio33059762024-07-05 13:19:07 +0400[diff] [blame]130 gitRepoPublicKey string,
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]131 client soft.Client,
132 namespace string,
giocb34ad22024-07-11 08:01:13 +0400[diff] [blame]133 envAppManagerAddr string,
gio33059762024-07-05 13:19:07 +0400[diff] [blame]134 nsc installer.NamespaceCreator,
giof8843412024-05-22 16:38:05 +0400[diff] [blame]135 jc installer.JobCreator,
gio36b23b32024-08-25 12:20:54 +0400[diff] [blame]136 vpnKeyGen installer.VPNAuthKeyGenerator,
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]137 env installer.EnvConfig,
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]138 external bool,
139 fetchUsersAddr string,
gio43b0f422024-08-21 10:40:13 +0400[diff] [blame]140 reconciler tasks.Reconciler,
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]141) (*DodoAppServer, error) {
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]142 tmplts, err := parseTemplatesDodoApp(dodoAppTmplFS)
143 if err != nil {
144 return nil, err
145 }
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]146 apps, err := fs.Sub(appTmplsFS, "app-tmpl")
147 if err != nil {
148 return nil, err
149 }
150 appTmpls, err := NewAppTmplStoreFS(apps)
151 if err != nil {
152 return nil, err
153 }
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]154 s := &DodoAppServer{
155 &sync.Mutex{},
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]156 st,
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]157 nf,
158 ug,
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]159 port,
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]160 apiPort,
gio33059762024-07-05 13:19:07 +0400[diff] [blame]161 self,
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]162 repoPublicAddr,
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]163 sshKey,
gio33059762024-07-05 13:19:07 +0400[diff] [blame]164 gitRepoPublicKey,
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]165 client,
166 namespace,
giocb34ad22024-07-11 08:01:13 +0400[diff] [blame]167 envAppManagerAddr,
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]168 env,
gio33059762024-07-05 13:19:07 +0400[diff] [blame]169 nsc,
giof8843412024-05-22 16:38:05 +0400[diff] [blame]170 jc,
gio36b23b32024-08-25 12:20:54 +0400[diff] [blame]171 vpnKeyGen,
gio266c04f2024-07-03 14:18:45 +0400[diff] [blame]172 map[string]map[string]struct{}{},
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]173 map[string]appConfig{},
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]174 tmplts,
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]175 appTmpls,
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]176 external,
177 fetchUsersAddr,
gio43b0f422024-08-21 10:40:13 +0400[diff] [blame]178 reconciler,
gio183e8342024-08-20 06:01:24 +0400[diff] [blame]179 map[string]string{},
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]180 }
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]181 config, err := client.GetRepo(ConfigRepoName)
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]182 if err != nil {
183 return nil, err
184 }
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]185 r, err := config.Reader(appConfigsFile)
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]186 if err == nil {
187 defer r.Close()
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]188 if err := json.NewDecoder(r).Decode(&s.appConfigs); err != nil {
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]189 return nil, err
190 }
191 } else if !errors.Is(err, fs.ErrNotExist) {
192 return nil, err
193 }
194 return s, nil
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]195}
196
197func (s *DodoAppServer) Start() error {
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]198 e := make(chan error)
199 go func() {
200 r := mux.NewRouter()
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]201 r.Use(s.mwAuth)
gio1bf00802024-08-17 12:31:41 +0400[diff] [blame]202 r.PathPrefix(staticPath).Handler(cachingHandler{http.FileServer(http.FS(statAssets))})
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]203 r.HandleFunc(logoutPath, s.handleLogout).Methods(http.MethodGet)
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]204 r.HandleFunc(apiPublicData, s.handleAPIPublicData)
205 r.HandleFunc(apiCreateApp, s.handleAPICreateApp).Methods(http.MethodPost)
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]206 r.HandleFunc("/{app-name}"+loginPath, s.handleLoginForm).Methods(http.MethodGet)
207 r.HandleFunc("/{app-name}"+loginPath, s.handleLogin).Methods(http.MethodPost)
gio183e8342024-08-20 06:01:24 +0400[diff] [blame]208 r.HandleFunc("/{app-name}/logs", s.handleAppLogs).Methods(http.MethodGet)
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]209 r.HandleFunc("/{app-name}/{hash}", s.handleAppCommit).Methods(http.MethodGet)
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]210 r.HandleFunc("/{app-name}", s.handleAppStatus).Methods(http.MethodGet)
211 r.HandleFunc("/", s.handleStatus).Methods(http.MethodGet)
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]212 r.HandleFunc("/", s.handleCreateApp).Methods(http.MethodPost)
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]213 e <- http.ListenAndServe(fmt.Sprintf(":%d", s.port), r)
214 }()
215 go func() {
216 r := mux.NewRouter()
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]217 r.HandleFunc("/update", s.handleAPIUpdate)
218 r.HandleFunc("/api/apps/{app-name}/workers", s.handleAPIRegisterWorker).Methods(http.MethodPost)
219 r.HandleFunc("/api/add-admin-key", s.handleAPIAddAdminKey).Methods(http.MethodPost)
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]220 if !s.external {
221 r.HandleFunc("/api/sync-users", s.handleAPISyncUsers).Methods(http.MethodGet)
222 }
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]223 e <- http.ListenAndServe(fmt.Sprintf(":%d", s.apiPort), r)
224 }()
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]225 if !s.external {
226 go func() {
Davit Tabidzea5ea5092024-08-01 15:28:09 +0400[diff] [blame]227 rand.Seed(uint64(time.Now().UnixNano()))
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]228 s.syncUsers()
Davit Tabidzea5ea5092024-08-01 15:28:09 +0400[diff] [blame]229 for {
230 delay := time.Duration(rand.Intn(60)+60) * time.Second
231 time.Sleep(delay)
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]232 s.syncUsers()
233 }
234 }()
235 }
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]236 return <-e
237}
238
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]239type UserGetter interface {
240 Get(r *http.Request) string
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]241 Encode(w http.ResponseWriter, user string) error
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]242}
243
244type externalUserGetter struct {
245 sc *securecookie.SecureCookie
246}
247
248func NewExternalUserGetter() UserGetter {
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]249 return &externalUserGetter{securecookie.New(
250 securecookie.GenerateRandomKey(64),
251 securecookie.GenerateRandomKey(32),
252 )}
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]253}
254
255func (ug *externalUserGetter) Get(r *http.Request) string {
256 cookie, err := r.Cookie(sessionCookie)
257 if err != nil {
258 return ""
259 }
260 var user string
261 if err := ug.sc.Decode(sessionCookie, cookie.Value, &user); err != nil {
262 return ""
263 }
264 return user
265}
266
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]267func (ug *externalUserGetter) Encode(w http.ResponseWriter, user string) error {
268 if encoded, err := ug.sc.Encode(sessionCookie, user); err == nil {
269 cookie := &http.Cookie{
270 Name: sessionCookie,
271 Value: encoded,
272 Path: "/",
273 Secure: true,
274 HttpOnly: true,
275 }
276 http.SetCookie(w, cookie)
277 return nil
278 } else {
279 return err
280 }
281}
282
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]283type internalUserGetter struct{}
284
285func NewInternalUserGetter() UserGetter {
286 return internalUserGetter{}
287}
288
289func (ug internalUserGetter) Get(r *http.Request) string {
290 return r.Header.Get("X-User")
291}
292
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]293func (ug internalUserGetter) Encode(w http.ResponseWriter, user string) error {
294 return nil
295}
296
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]297func (s *DodoAppServer) mwAuth(next http.Handler) http.Handler {
298 return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]299 if strings.HasSuffix(r.URL.Path, loginPath) ||
300 strings.HasPrefix(r.URL.Path, logoutPath) ||
301 strings.HasPrefix(r.URL.Path, staticPath) ||
302 strings.HasPrefix(r.URL.Path, apiPublicData) ||
303 strings.HasPrefix(r.URL.Path, apiCreateApp) {
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]304 next.ServeHTTP(w, r)
305 return
306 }
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]307 user := s.ug.Get(r)
308 if user == "" {
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]309 vars := mux.Vars(r)
310 appName, ok := vars["app-name"]
311 if !ok || appName == "" {
312 http.Error(w, "missing app-name", http.StatusBadRequest)
313 return
314 }
315 http.Redirect(w, r, fmt.Sprintf("/%s%s", appName, loginPath), http.StatusSeeOther)
316 return
317 }
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]318 next.ServeHTTP(w, r.WithContext(context.WithValue(r.Context(), userCtx, user)))
319 })
320}
321
322func (s *DodoAppServer) handleLogout(w http.ResponseWriter, r *http.Request) {
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]323 // TODO(gio): move to UserGetter
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]324 http.SetCookie(w, &http.Cookie{
325 Name: sessionCookie,
326 Value: "",
327 Path: "/",
328 HttpOnly: true,
329 Secure: true,
330 })
331 http.Redirect(w, r, "/", http.StatusSeeOther)
332}
333
334func (s *DodoAppServer) handleLoginForm(w http.ResponseWriter, r *http.Request) {
335 vars := mux.Vars(r)
336 appName, ok := vars["app-name"]
337 if !ok || appName == "" {
338 http.Error(w, "missing app-name", http.StatusBadRequest)
339 return
340 }
341 fmt.Fprint(w, `
342<!DOCTYPE html>
343<html lang='en'>
344 <head>
345 <title>dodo: app - login</title>
346 <meta charset='utf-8'>
347 </head>
348 <body>
349 <form action="" method="POST">
350 <input type="password" placeholder="Password" name="password" required />
351 <button type="submit">Login</button>
352 </form>
353 </body>
354</html>
355`)
356}
357
358func (s *DodoAppServer) handleLogin(w http.ResponseWriter, r *http.Request) {
359 vars := mux.Vars(r)
360 appName, ok := vars["app-name"]
361 if !ok || appName == "" {
362 http.Error(w, "missing app-name", http.StatusBadRequest)
363 return
364 }
365 password := r.FormValue("password")
366 if password == "" {
367 http.Error(w, "missing password", http.StatusBadRequest)
368 return
369 }
370 user, err := s.st.GetAppOwner(appName)
371 if err != nil {
372 http.Error(w, err.Error(), http.StatusInternalServerError)
373 return
374 }
375 hashed, err := s.st.GetUserPassword(user)
376 if err != nil {
377 http.Error(w, err.Error(), http.StatusInternalServerError)
378 return
379 }
380 if err := bcrypt.CompareHashAndPassword(hashed, []byte(password)); err != nil {
381 http.Redirect(w, r, r.URL.Path, http.StatusSeeOther)
382 return
383 }
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]384 if err := s.ug.Encode(w, user); err != nil {
385 http.Error(w, err.Error(), http.StatusInternalServerError)
386 return
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]387 }
388 http.Redirect(w, r, fmt.Sprintf("/%s", appName), http.StatusSeeOther)
389}
390
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]391type navItem struct {
392 Name string
393 Address string
394}
395
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]396type statusData struct {
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]397 Navigation []navItem
398 Apps []string
399 Networks []installer.Network
400 Types []string
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]401}
402
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]403func (s *DodoAppServer) handleStatus(w http.ResponseWriter, r *http.Request) {
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]404 user := r.Context().Value(userCtx)
405 if user == nil {
406 http.Error(w, "unauthorized", http.StatusUnauthorized)
407 return
408 }
409 apps, err := s.st.GetUserApps(user.(string))
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]410 if err != nil {
411 http.Error(w, err.Error(), http.StatusInternalServerError)
412 return
413 }
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]414 networks, err := s.getNetworks(user.(string))
415 if err != nil {
416 http.Error(w, err.Error(), http.StatusInternalServerError)
417 return
418 }
giob54db242024-07-30 18:49:33 +0400[diff] [blame]419 var types []string
420 for _, t := range s.appTmpls.Types() {
421 types = append(types, strings.Replace(t, "-", ":", 1))
422 }
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]423 n := []navItem{navItem{"Home", "/"}}
424 data := statusData{n, apps, networks, types}
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]425 if err := s.tmplts.index.Execute(w, data); err != nil {
426 http.Error(w, err.Error(), http.StatusInternalServerError)
427 return
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]428 }
429}
430
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]431type appStatusData struct {
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]432 Navigation []navItem
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]433 Name string
434 GitCloneCommand string
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]435 Commits []CommitMeta
gio183e8342024-08-20 06:01:24 +0400[diff] [blame]436 LastCommit resourceData
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]437}
438
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]439func (s *DodoAppServer) handleAppStatus(w http.ResponseWriter, r *http.Request) {
440 vars := mux.Vars(r)
441 appName, ok := vars["app-name"]
442 if !ok || appName == "" {
443 http.Error(w, "missing app-name", http.StatusBadRequest)
444 return
445 }
gio94904702024-07-26 16:58:34 +0400[diff] [blame]446 u := r.Context().Value(userCtx)
447 if u == nil {
448 http.Error(w, "unauthorized", http.StatusUnauthorized)
449 return
450 }
451 user, ok := u.(string)
452 if !ok {
453 http.Error(w, "could not get user", http.StatusInternalServerError)
454 return
455 }
456 owner, err := s.st.GetAppOwner(appName)
457 if err != nil {
458 http.Error(w, err.Error(), http.StatusInternalServerError)
459 return
460 }
461 if owner != user {
462 http.Error(w, "unauthorized", http.StatusUnauthorized)
463 return
464 }
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]465 commits, err := s.st.GetCommitHistory(appName)
466 if err != nil {
467 http.Error(w, err.Error(), http.StatusInternalServerError)
468 return
469 }
gio183e8342024-08-20 06:01:24 +0400[diff] [blame]470 var lastCommitResources resourceData
471 if len(commits) > 0 {
472 lastCommit, err := s.st.GetCommit(commits[len(commits)-1].Hash)
473 if err != nil {
474 http.Error(w, err.Error(), http.StatusInternalServerError)
475 return
476 }
477 r, err := extractResourceData(lastCommit.Resources.Helm)
478 if err != nil {
479 http.Error(w, err.Error(), http.StatusInternalServerError)
480 return
481 }
482 lastCommitResources = r
483 }
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]484 data := appStatusData{
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]485 Navigation: []navItem{
486 navItem{"Home", "/"},
487 navItem{appName, "/" + appName},
488 },
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]489 Name: appName,
490 GitCloneCommand: fmt.Sprintf("git clone %s/%s\n\n\n", s.repoPublicAddr, appName),
491 Commits: commits,
gio183e8342024-08-20 06:01:24 +0400[diff] [blame]492 LastCommit: lastCommitResources,
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]493 }
494 if err := s.tmplts.appStatus.Execute(w, data); err != nil {
495 http.Error(w, err.Error(), http.StatusInternalServerError)
496 return
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]497 }
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]498}
499
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]500type volume struct {
501 Name string
502 Size string
503}
504
505type postgresql struct {
506 Name string
507 Version string
508 Volume string
509}
510
511type ingress struct {
512 Host string
513}
514
515type resourceData struct {
516 Volume []volume
517 PostgreSQL []postgresql
518 Ingress []ingress
519}
520
521type commitStatusData struct {
522 Navigation []navItem
523 AppName string
524 Commit Commit
525 Resources resourceData
526}
527
528func (s *DodoAppServer) handleAppCommit(w http.ResponseWriter, r *http.Request) {
529 vars := mux.Vars(r)
530 appName, ok := vars["app-name"]
531 if !ok || appName == "" {
532 http.Error(w, "missing app-name", http.StatusBadRequest)
533 return
534 }
535 hash, ok := vars["hash"]
536 if !ok || appName == "" {
537 http.Error(w, "missing app-name", http.StatusBadRequest)
538 return
539 }
540 u := r.Context().Value(userCtx)
541 if u == nil {
542 http.Error(w, "unauthorized", http.StatusUnauthorized)
543 return
544 }
545 user, ok := u.(string)
546 if !ok {
547 http.Error(w, "could not get user", http.StatusInternalServerError)
548 return
549 }
550 owner, err := s.st.GetAppOwner(appName)
551 if err != nil {
552 http.Error(w, err.Error(), http.StatusInternalServerError)
553 return
554 }
555 if owner != user {
556 http.Error(w, "unauthorized", http.StatusUnauthorized)
557 return
558 }
559 commit, err := s.st.GetCommit(hash)
560 if err != nil {
561 // TODO(gio): not-found ?
562 http.Error(w, err.Error(), http.StatusInternalServerError)
563 return
564 }
565 var res strings.Builder
566 if err := json.NewEncoder(&res).Encode(commit.Resources.Helm); err != nil {
567 http.Error(w, err.Error(), http.StatusInternalServerError)
568 return
569 }
570 resData, err := extractResourceData(commit.Resources.Helm)
571 if err != nil {
572 http.Error(w, err.Error(), http.StatusInternalServerError)
573 return
574 }
575 data := commitStatusData{
576 Navigation: []navItem{
577 navItem{"Home", "/"},
578 navItem{appName, "/" + appName},
579 navItem{hash, "/" + appName + "/" + hash},
580 },
581 AppName: appName,
582 Commit: commit,
583 Resources: resData,
584 }
585 if err := s.tmplts.commitStatus.Execute(w, data); err != nil {
586 http.Error(w, err.Error(), http.StatusInternalServerError)
587 return
588 }
589}
590
gio183e8342024-08-20 06:01:24 +0400[diff] [blame]591type logData struct {
592 Navigation []navItem
593 AppName string
594 Logs template.HTML
595}
596
597func (s *DodoAppServer) handleAppLogs(w http.ResponseWriter, r *http.Request) {
598 vars := mux.Vars(r)
599 appName, ok := vars["app-name"]
600 if !ok || appName == "" {
601 http.Error(w, "missing app-name", http.StatusBadRequest)
602 return
603 }
604 u := r.Context().Value(userCtx)
605 if u == nil {
606 http.Error(w, "unauthorized", http.StatusUnauthorized)
607 return
608 }
609 user, ok := u.(string)
610 if !ok {
611 http.Error(w, "could not get user", http.StatusInternalServerError)
612 return
613 }
614 owner, err := s.st.GetAppOwner(appName)
615 if err != nil {
616 http.Error(w, err.Error(), http.StatusInternalServerError)
617 return
618 }
619 if owner != user {
620 http.Error(w, "unauthorized", http.StatusUnauthorized)
621 return
622 }
623 data := logData{
624 Navigation: []navItem{
625 navItem{"Home", "/"},
626 navItem{appName, "/" + appName},
627 navItem{"Logs", "/" + appName + "/logs"},
628 },
629 AppName: appName,
630 Logs: template.HTML(strings.ReplaceAll(s.logs[appName], "\n", "<br/>")),
631 }
632 if err := s.tmplts.logs.Execute(w, data); err != nil {
633 fmt.Println(err)
634 http.Error(w, err.Error(), http.StatusInternalServerError)
635 return
636 }
637}
638
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]639type apiUpdateReq struct {
gio266c04f2024-07-03 14:18:45 +0400[diff] [blame]640 Ref string `json:"ref"`
641 Repository struct {
642 Name string `json:"name"`
643 } `json:"repository"`
gioe2e31e12024-08-18 08:20:56 +0400[diff] [blame]644 After string `json:"after"`
645 Commits []struct {
646 Id string `json:"id"`
647 Message string `json:"message"`
648 } `json:"commits"`
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]649}
650
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]651func (s *DodoAppServer) handleAPIUpdate(w http.ResponseWriter, r *http.Request) {
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]652 fmt.Println("update")
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]653 var req apiUpdateReq
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]654 var contents strings.Builder
655 io.Copy(&contents, r.Body)
656 c := contents.String()
657 fmt.Println(c)
658 if err := json.NewDecoder(strings.NewReader(c)).Decode(&req); err != nil {
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]659 http.Error(w, err.Error(), http.StatusBadRequest)
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]660 return
661 }
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]662 if req.Ref != "refs/heads/master" || req.Repository.Name == ConfigRepoName {
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]663 return
664 }
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]665 // TODO(gio): Create commit record on app init as well
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]666 go func() {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]667 owner, err := s.st.GetAppOwner(req.Repository.Name)
668 if err != nil {
669 return
670 }
671 networks, err := s.getNetworks(owner)
giocb34ad22024-07-11 08:01:13 +0400[diff] [blame]672 if err != nil {
673 return
674 }
gio94904702024-07-26 16:58:34 +0400[diff] [blame]675 apps := installer.NewInMemoryAppRepository(installer.CreateAllApps())
676 instanceAppStatus, err := installer.FindEnvApp(apps, "dodo-app-instance-status")
677 if err != nil {
678 return
679 }
gioe2e31e12024-08-18 08:20:56 +0400[diff] [blame]680 found := false
681 commitMsg := ""
682 for _, c := range req.Commits {
683 if c.Id == req.After {
684 found = true
685 commitMsg = c.Message
686 break
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]687 }
688 }
gioe2e31e12024-08-18 08:20:56 +0400[diff] [blame]689 if !found {
690 fmt.Printf("Error: could not find commit message")
691 return
692 }
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]693 resources, err := s.updateDodoApp(instanceAppStatus, req.Repository.Name, s.appConfigs[req.Repository.Name].Namespace, networks)
694 if err = s.createCommit(req.Repository.Name, req.After, commitMsg, err, resources); err != nil {
gio12e887d2024-08-18 16:09:47 +0400[diff] [blame]695 fmt.Printf("Error: %s\n", err.Error())
gioe2e31e12024-08-18 08:20:56 +0400[diff] [blame]696 return
697 }
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]698 for addr, _ := range s.workers[req.Repository.Name] {
699 go func() {
700 // TODO(gio): make port configurable
701 http.Get(fmt.Sprintf("http://%s/update", addr))
702 }()
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]703 }
704 }()
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]705}
706
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]707type apiRegisterWorkerReq struct {
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]708 Address string `json:"address"`
gio183e8342024-08-20 06:01:24 +0400[diff] [blame]709 Logs string `json:"logs"`
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]710}
711
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]712func (s *DodoAppServer) handleAPIRegisterWorker(w http.ResponseWriter, r *http.Request) {
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]713 vars := mux.Vars(r)
714 appName, ok := vars["app-name"]
715 if !ok || appName == "" {
716 http.Error(w, "missing app-name", http.StatusBadRequest)
717 return
718 }
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]719 var req apiRegisterWorkerReq
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]720 if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
721 http.Error(w, err.Error(), http.StatusInternalServerError)
722 return
723 }
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]724 if _, ok := s.workers[appName]; !ok {
725 s.workers[appName] = map[string]struct{}{}
gio266c04f2024-07-03 14:18:45 +0400[diff] [blame]726 }
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]727 s.workers[appName][req.Address] = struct{}{}
gio183e8342024-08-20 06:01:24 +0400[diff] [blame]728 s.logs[appName] = req.Logs
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]729}
730
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]731func (s *DodoAppServer) handleCreateApp(w http.ResponseWriter, r *http.Request) {
732 u := r.Context().Value(userCtx)
733 if u == nil {
734 http.Error(w, "unauthorized", http.StatusUnauthorized)
735 return
736 }
737 user, ok := u.(string)
738 if !ok {
739 http.Error(w, "could not get user", http.StatusInternalServerError)
740 return
741 }
742 network := r.FormValue("network")
743 if network == "" {
744 http.Error(w, "missing network", http.StatusBadRequest)
745 return
746 }
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]747 subdomain := r.FormValue("subdomain")
748 if subdomain == "" {
749 http.Error(w, "missing subdomain", http.StatusBadRequest)
750 return
751 }
752 appType := r.FormValue("type")
753 if appType == "" {
754 http.Error(w, "missing type", http.StatusBadRequest)
755 return
756 }
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]757 g := installer.NewFixedLengthRandomNameGenerator(3)
758 appName, err := g.Generate()
759 if err != nil {
760 http.Error(w, err.Error(), http.StatusInternalServerError)
761 return
762 }
763 if ok, err := s.client.UserExists(user); err != nil {
764 http.Error(w, err.Error(), http.StatusInternalServerError)
765 return
766 } else if !ok {
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]767 http.Error(w, "user sync has not finished, please try again in few minutes", http.StatusFailedDependency)
768 return
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]769 }
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]770 if err := s.st.CreateUser(user, nil, network); err != nil && !errors.Is(err, ErrorAlreadyExists) {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]771 http.Error(w, err.Error(), http.StatusInternalServerError)
772 return
773 }
774 if err := s.st.CreateApp(appName, user); err != nil {
775 http.Error(w, err.Error(), http.StatusInternalServerError)
776 return
777 }
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]778 if err := s.createApp(user, appName, appType, network, subdomain); err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]779 http.Error(w, err.Error(), http.StatusInternalServerError)
780 return
781 }
782 http.Redirect(w, r, fmt.Sprintf("/%s", appName), http.StatusSeeOther)
783}
784
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]785type apiCreateAppReq struct {
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]786 AppType string `json:"type"`
gio33059762024-07-05 13:19:07 +0400[diff] [blame]787 AdminPublicKey string `json:"adminPublicKey"`
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]788 Network string `json:"network"`
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]789 Subdomain string `json:"subdomain"`
gio33059762024-07-05 13:19:07 +0400[diff] [blame]790}
791
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]792type apiCreateAppResp struct {
793 AppName string `json:"appName"`
794 Password string `json:"password"`
gio33059762024-07-05 13:19:07 +0400[diff] [blame]795}
796
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]797func (s *DodoAppServer) handleAPICreateApp(w http.ResponseWriter, r *http.Request) {
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]798 w.Header().Set("Access-Control-Allow-Origin", "*")
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]799 var req apiCreateAppReq
gio33059762024-07-05 13:19:07 +0400[diff] [blame]800 if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
801 http.Error(w, err.Error(), http.StatusBadRequest)
802 return
803 }
804 g := installer.NewFixedLengthRandomNameGenerator(3)
805 appName, err := g.Generate()
806 if err != nil {
807 http.Error(w, err.Error(), http.StatusInternalServerError)
808 return
809 }
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]810 user, err := s.client.FindUser(req.AdminPublicKey)
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]811 if err != nil {
gio33059762024-07-05 13:19:07 +0400[diff] [blame]812 http.Error(w, err.Error(), http.StatusInternalServerError)
813 return
814 }
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]815 if user != "" {
816 http.Error(w, "public key already registered", http.StatusBadRequest)
817 return
818 }
819 user = appName
820 if err := s.client.AddUser(user, req.AdminPublicKey); err != nil {
821 http.Error(w, err.Error(), http.StatusInternalServerError)
822 return
823 }
824 password := generatePassword()
825 hashed, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
826 if err != nil {
827 http.Error(w, err.Error(), http.StatusInternalServerError)
828 return
829 }
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]830 if err := s.st.CreateUser(user, hashed, req.Network); err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]831 http.Error(w, err.Error(), http.StatusInternalServerError)
832 return
833 }
834 if err := s.st.CreateApp(appName, user); err != nil {
835 http.Error(w, err.Error(), http.StatusInternalServerError)
836 return
837 }
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]838 if err := s.createApp(user, appName, req.AppType, req.Network, req.Subdomain); err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]839 http.Error(w, err.Error(), http.StatusInternalServerError)
840 return
841 }
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]842 resp := apiCreateAppResp{
843 AppName: appName,
844 Password: password,
845 }
gio33059762024-07-05 13:19:07 +0400[diff] [blame]846 if err := json.NewEncoder(w).Encode(resp); err != nil {
847 http.Error(w, err.Error(), http.StatusInternalServerError)
848 return
849 }
850}
851
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]852func (s *DodoAppServer) isNetworkUseAllowed(network string) bool {
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]853 if !s.external {
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]854 return true
855 }
856 for _, cfg := range s.appConfigs {
857 if strings.ToLower(cfg.Network) == network {
858 return false
859 }
860 }
861 return true
862}
863
864func (s *DodoAppServer) createApp(user, appName, appType, network, subdomain string) error {
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]865 s.l.Lock()
866 defer s.l.Unlock()
gio33059762024-07-05 13:19:07 +0400[diff] [blame]867 fmt.Printf("Creating app: %s\n", appName)
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]868 network = strings.ToLower(network)
869 if !s.isNetworkUseAllowed(network) {
870 return fmt.Errorf("network already used: %s", network)
871 }
gio33059762024-07-05 13:19:07 +0400[diff] [blame]872 if ok, err := s.client.RepoExists(appName); err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]873 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]874 } else if ok {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]875 return nil
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]876 }
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]877 networks, err := s.getNetworks(user)
878 if err != nil {
879 return err
880 }
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]881 n, ok := installer.NetworkMap(networks)[network]
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]882 if !ok {
883 return fmt.Errorf("network not found: %s\n", network)
884 }
gio33059762024-07-05 13:19:07 +0400[diff] [blame]885 if err := s.client.AddRepository(appName); err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]886 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]887 }
888 appRepo, err := s.client.GetRepo(appName)
889 if err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]890 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]891 }
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]892 commit, err := s.initRepo(appRepo, appType, n, subdomain)
893 if err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]894 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]895 }
896 apps := installer.NewInMemoryAppRepository(installer.CreateAllApps())
gio94904702024-07-26 16:58:34 +0400[diff] [blame]897 instanceApp, err := installer.FindEnvApp(apps, "dodo-app-instance")
898 if err != nil {
899 return err
900 }
901 instanceAppStatus, err := installer.FindEnvApp(apps, "dodo-app-instance-status")
gio33059762024-07-05 13:19:07 +0400[diff] [blame]902 if err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]903 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]904 }
905 suffixGen := installer.NewFixedLengthRandomSuffixGenerator(3)
906 suffix, err := suffixGen.Generate()
907 if err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]908 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]909 }
gio94904702024-07-26 16:58:34 +0400[diff] [blame]910 namespace := fmt.Sprintf("%s%s%s", s.env.NamespacePrefix, instanceApp.Namespace(), suffix)
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]911 s.appConfigs[appName] = appConfig{namespace, network}
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]912 resources, err := s.updateDodoApp(instanceAppStatus, appName, namespace, networks)
913 if err != nil {
914 return err
915 }
916 if err = s.createCommit(appName, commit, initCommitMsg, err, resources); err != nil {
917 fmt.Printf("Error: %s\n", err.Error())
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]918 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]919 }
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]920 configRepo, err := s.client.GetRepo(ConfigRepoName)
gio33059762024-07-05 13:19:07 +0400[diff] [blame]921 if err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]922 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]923 }
924 hf := installer.NewGitHelmFetcher()
gio36b23b32024-08-25 12:20:54 +0400[diff] [blame]925 m, err := installer.NewAppManager(configRepo, s.nsc, s.jc, hf, s.vpnKeyGen, "/")
gio33059762024-07-05 13:19:07 +0400[diff] [blame]926 if err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]927 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]928 }
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]929 _, err = configRepo.Do(func(fs soft.RepoFS) (string, error) {
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]930 w, err := fs.Writer(appConfigsFile)
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]931 if err != nil {
932 return "", err
933 }
934 defer w.Close()
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]935 if err := json.NewEncoder(w).Encode(s.appConfigs); err != nil {
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]936 return "", err
937 }
938 if _, err := m.Install(
gio94904702024-07-26 16:58:34 +0400[diff] [blame]939 instanceApp,
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]940 appName,
941 "/"+appName,
942 namespace,
943 map[string]any{
944 "repoAddr": s.client.GetRepoAddress(appName),
945 "repoHost": strings.Split(s.client.Address(), ":")[0],
946 "gitRepoPublicKey": s.gitRepoPublicKey,
947 },
948 installer.WithConfig(&s.env),
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]949 installer.WithNoNetworks(),
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]950 installer.WithNoPublish(),
951 installer.WithNoLock(),
952 ); err != nil {
953 return "", err
954 }
955 return fmt.Sprintf("Installed app: %s", appName), nil
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]956 })
957 if err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]958 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]959 }
960 cfg, err := m.FindInstance(appName)
961 if err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]962 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]963 }
964 fluxKeys, ok := cfg.Input["fluxKeys"]
965 if !ok {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]966 return fmt.Errorf("Fluxcd keys not found")
gio33059762024-07-05 13:19:07 +0400[diff] [blame]967 }
968 fluxPublicKey, ok := fluxKeys.(map[string]any)["public"]
969 if !ok {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]970 return fmt.Errorf("Fluxcd keys not found")
gio33059762024-07-05 13:19:07 +0400[diff] [blame]971 }
972 if ok, err := s.client.UserExists("fluxcd"); err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]973 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]974 } else if ok {
975 if err := s.client.AddPublicKey("fluxcd", fluxPublicKey.(string)); err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]976 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]977 }
978 } else {
979 if err := s.client.AddUser("fluxcd", fluxPublicKey.(string)); err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]980 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]981 }
982 }
983 if err := s.client.AddReadOnlyCollaborator(appName, "fluxcd"); err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]984 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]985 }
986 if err := s.client.AddWebhook(appName, fmt.Sprintf("http://%s/update", s.self), "--active=true", "--events=push", "--content-type=json"); err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]987 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]988 }
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]989 if err := s.client.AddReadWriteCollaborator(appName, user); err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]990 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]991 }
gio2ccb6e32024-08-15 12:01:33 +0400[diff] [blame]992 if !s.external {
993 go func() {
994 users, err := s.client.GetAllUsers()
995 if err != nil {
996 fmt.Println(err)
997 return
998 }
999 for _, user := range users {
1000 // TODO(gio): fluxcd should have only read access
1001 if err := s.client.AddReadWriteCollaborator(appName, user); err != nil {
1002 fmt.Println(err)
1003 }
1004 }
1005 }()
1006 }
gio43b0f422024-08-21 10:40:13 +0400[diff] [blame]1007 ctx, _ := context.WithTimeout(context.Background(), 2*time.Minute)
1008 go s.reconciler.Reconcile(ctx, s.namespace, "config")
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1009 return nil
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1010}
1011
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]1012type apiAddAdminKeyReq struct {
gio70be3e52024-06-26 18:27:19 +0400[diff] [blame]1013 Public string `json:"public"`
1014}
1015
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]1016func (s *DodoAppServer) handleAPIAddAdminKey(w http.ResponseWriter, r *http.Request) {
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]1017 var req apiAddAdminKeyReq
gio70be3e52024-06-26 18:27:19 +0400[diff] [blame]1018 if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
1019 http.Error(w, err.Error(), http.StatusBadRequest)
1020 return
1021 }
1022 if err := s.client.AddPublicKey("admin", req.Public); err != nil {
1023 http.Error(w, err.Error(), http.StatusInternalServerError)
1024 return
1025 }
1026}
1027
gio94904702024-07-26 16:58:34 +0400[diff] [blame]1028type dodoAppRendered struct {
1029 App struct {
1030 Ingress struct {
1031 Network string `json:"network"`
1032 Subdomain string `json:"subdomain"`
1033 } `json:"ingress"`
1034 } `json:"app"`
1035 Input struct {
1036 AppId string `json:"appId"`
1037 } `json:"input"`
1038}
1039
gio43b0f422024-08-21 10:40:13 +0400[diff] [blame]1040func (s *DodoAppServer) updateDodoApp(
1041 appStatus installer.EnvApp,
1042 name, namespace string,
1043 networks []installer.Network,
1044) (installer.ReleaseResources, error) {
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1045 repo, err := s.client.GetRepo(name)
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]1046 if err != nil {
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1047 return installer.ReleaseResources{}, err
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]1048 }
giof8843412024-05-22 16:38:05 +0400[diff] [blame]1049 hf := installer.NewGitHelmFetcher()
gio36b23b32024-08-25 12:20:54 +0400[diff] [blame]1050 m, err := installer.NewAppManager(repo, s.nsc, s.jc, hf, s.vpnKeyGen, "/.dodo")
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]1051 if err != nil {
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1052 return installer.ReleaseResources{}, err
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]1053 }
1054 appCfg, err := soft.ReadFile(repo, "app.cue")
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]1055 if err != nil {
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1056 return installer.ReleaseResources{}, err
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]1057 }
1058 app, err := installer.NewDodoApp(appCfg)
1059 if err != nil {
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1060 return installer.ReleaseResources{}, err
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]1061 }
giof8843412024-05-22 16:38:05 +0400[diff] [blame]1062 lg := installer.GitRepositoryLocalChartGenerator{"app", namespace}
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1063 var ret installer.ReleaseResources
1064 if _, err := repo.Do(func(r soft.RepoFS) (string, error) {
1065 ret, err = m.Install(
gio94904702024-07-26 16:58:34 +0400[diff] [blame]1066 app,
1067 "app",
1068 "/.dodo/app",
1069 namespace,
1070 map[string]any{
1071 "repoAddr": repo.FullAddress(),
1072 "managerAddr": fmt.Sprintf("http://%s", s.self),
1073 "appId": name,
1074 "sshPrivateKey": s.sshKey,
1075 },
1076 installer.WithNoPull(),
1077 installer.WithNoPublish(),
1078 installer.WithConfig(&s.env),
1079 installer.WithNetworks(networks),
1080 installer.WithLocalChartGenerator(lg),
1081 installer.WithNoLock(),
1082 )
1083 if err != nil {
1084 return "", err
1085 }
1086 var rendered dodoAppRendered
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1087 if err := json.NewDecoder(bytes.NewReader(ret.RenderedRaw)).Decode(&rendered); err != nil {
gio94904702024-07-26 16:58:34 +0400[diff] [blame]1088 return "", nil
1089 }
1090 if _, err := m.Install(
1091 appStatus,
1092 "status",
1093 "/.dodo/status",
1094 s.namespace,
1095 map[string]any{
1096 "appName": rendered.Input.AppId,
1097 "network": rendered.App.Ingress.Network,
1098 "appSubdomain": rendered.App.Ingress.Subdomain,
1099 },
1100 installer.WithNoPull(),
1101 installer.WithNoPublish(),
1102 installer.WithConfig(&s.env),
1103 installer.WithNetworks(networks),
1104 installer.WithLocalChartGenerator(lg),
1105 installer.WithNoLock(),
1106 ); err != nil {
1107 return "", err
1108 }
1109 return "install app", nil
1110 },
1111 soft.WithCommitToBranch("dodo"),
1112 soft.WithForce(),
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1113 ); err != nil {
1114 return installer.ReleaseResources{}, err
1115 }
gio43b0f422024-08-21 10:40:13 +0400[diff] [blame]1116 ctx, _ := context.WithTimeout(context.Background(), 2*time.Minute)
1117 go s.reconciler.Reconcile(ctx, namespace, "app")
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1118 return ret, nil
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]1119}
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1120
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1121func (s *DodoAppServer) initRepo(repo soft.RepoIO, appType string, network installer.Network, subdomain string) (string, error) {
giob54db242024-07-30 18:49:33 +0400[diff] [blame]1122 appType = strings.Replace(appType, ":", "-", 1)
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]1123 appTmpl, err := s.appTmpls.Find(appType)
1124 if err != nil {
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1125 return "", err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1126 }
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1127 return repo.Do(func(fs soft.RepoFS) (string, error) {
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]1128 if err := appTmpl.Render(network, subdomain, repo); err != nil {
1129 return "", err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1130 }
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1131 return initCommitMsg, nil
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1132 })
1133}
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]1134
1135func generatePassword() string {
1136 return "foo"
1137}
giocb34ad22024-07-11 08:01:13 +0400[diff] [blame]1138
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1139func (s *DodoAppServer) getNetworks(user string) ([]installer.Network, error) {
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]1140 addr := fmt.Sprintf("%s/api/networks", s.envAppManagerAddr)
giocb34ad22024-07-11 08:01:13 +0400[diff] [blame]1141 resp, err := http.Get(addr)
1142 if err != nil {
1143 return nil, err
1144 }
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]1145 networks := []installer.Network{}
1146 if json.NewDecoder(resp.Body).Decode(&networks); err != nil {
giocb34ad22024-07-11 08:01:13 +0400[diff] [blame]1147 return nil, err
1148 }
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1149 return s.nf.Filter(user, networks)
1150}
1151
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]1152type publicNetworkData struct {
1153 Name string `json:"name"`
1154 Domain string `json:"domain"`
1155}
1156
1157type publicData struct {
1158 Networks []publicNetworkData `json:"networks"`
1159 Types []string `json:"types"`
1160}
1161
1162func (s *DodoAppServer) handleAPIPublicData(w http.ResponseWriter, r *http.Request) {
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]1163 w.Header().Set("Access-Control-Allow-Origin", "*")
1164 s.l.Lock()
1165 defer s.l.Unlock()
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]1166 networks, err := s.getNetworks("")
1167 if err != nil {
1168 http.Error(w, err.Error(), http.StatusInternalServerError)
1169 return
1170 }
1171 var ret publicData
1172 for _, n := range networks {
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]1173 if s.isNetworkUseAllowed(strings.ToLower(n.Name)) {
1174 ret.Networks = append(ret.Networks, publicNetworkData{n.Name, n.Domain})
1175 }
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]1176 }
1177 for _, t := range s.appTmpls.Types() {
giob54db242024-07-30 18:49:33 +0400[diff] [blame]1178 ret.Types = append(ret.Types, strings.Replace(t, "-", ":", 1))
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]1179 }
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]1180 if err := json.NewEncoder(w).Encode(ret); err != nil {
1181 http.Error(w, err.Error(), http.StatusInternalServerError)
1182 return
1183 }
1184}
1185
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1186func (s *DodoAppServer) createCommit(name, hash, message string, err error, resources installer.ReleaseResources) error {
1187 if err != nil {
1188 fmt.Printf("Error: %s\n", err.Error())
1189 if err := s.st.CreateCommit(name, hash, message, "FAILED", err.Error(), nil); err != nil {
1190 fmt.Printf("Error: %s\n", err.Error())
1191 return err
1192 }
1193 return err
1194 }
1195 var resB bytes.Buffer
1196 if err := json.NewEncoder(&resB).Encode(resources); err != nil {
1197 if err := s.st.CreateCommit(name, hash, message, "FAILED", err.Error(), nil); err != nil {
1198 fmt.Printf("Error: %s\n", err.Error())
1199 return err
1200 }
1201 return err
1202 }
1203 if err := s.st.CreateCommit(name, hash, message, "OK", "", resB.Bytes()); err != nil {
1204 fmt.Printf("Error: %s\n", err.Error())
1205 return err
1206 }
1207 return nil
1208}
1209
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1210func pickNetwork(networks []installer.Network, network string) []installer.Network {
1211 for _, n := range networks {
1212 if n.Name == network {
1213 return []installer.Network{n}
1214 }
1215 }
1216 return []installer.Network{}
1217}
1218
1219type NetworkFilter interface {
1220 Filter(user string, networks []installer.Network) ([]installer.Network, error)
1221}
1222
1223type noNetworkFilter struct{}
1224
1225func NewNoNetworkFilter() NetworkFilter {
1226 return noNetworkFilter{}
1227}
1228
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]1229func (f noNetworkFilter) Filter(user string, networks []installer.Network) ([]installer.Network, error) {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1230 return networks, nil
1231}
1232
1233type filterByOwner struct {
1234 st Store
1235}
1236
1237func NewNetworkFilterByOwner(st Store) NetworkFilter {
1238 return &filterByOwner{st}
1239}
1240
1241func (f *filterByOwner) Filter(user string, networks []installer.Network) ([]installer.Network, error) {
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]1242 if user == "" {
1243 return networks, nil
1244 }
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1245 network, err := f.st.GetUserNetwork(user)
1246 if err != nil {
1247 return nil, err
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]1248 }
1249 ret := []installer.Network{}
1250 for _, n := range networks {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1251 if n.Name == network {
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]1252 ret = append(ret, n)
1253 }
1254 }
giocb34ad22024-07-11 08:01:13 +0400[diff] [blame]1255 return ret, nil
1256}
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1257
1258type allowListFilter struct {
1259 allowed []string
1260}
1261
1262func NewAllowListFilter(allowed []string) NetworkFilter {
1263 return &allowListFilter{allowed}
1264}
1265
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]1266func (f *allowListFilter) Filter(user string, networks []installer.Network) ([]installer.Network, error) {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1267 ret := []installer.Network{}
1268 for _, n := range networks {
1269 if slices.Contains(f.allowed, n.Name) {
1270 ret = append(ret, n)
1271 }
1272 }
1273 return ret, nil
1274}
1275
1276type combinedNetworkFilter struct {
1277 filters []NetworkFilter
1278}
1279
1280func NewCombinedFilter(filters ...NetworkFilter) NetworkFilter {
1281 return &combinedNetworkFilter{filters}
1282}
1283
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]1284func (f *combinedNetworkFilter) Filter(user string, networks []installer.Network) ([]installer.Network, error) {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1285 ret := networks
1286 var err error
1287 for _, f := range f.filters {
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]1288 ret, err = f.Filter(user, ret)
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1289 if err != nil {
1290 return nil, err
1291 }
1292 }
1293 return ret, nil
1294}
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]1295
1296type user struct {
1297 Username string `json:"username"`
1298 Email string `json:"email"`
1299 SSHPublicKeys []string `json:"sshPublicKeys,omitempty"`
1300}
1301
1302func (s *DodoAppServer) handleAPISyncUsers(_ http.ResponseWriter, _ *http.Request) {
1303 go s.syncUsers()
1304}
1305
1306func (s *DodoAppServer) syncUsers() {
1307 if s.external {
1308 panic("MUST NOT REACH!")
1309 }
1310 resp, err := http.Get(fmt.Sprintf("%s?selfAddress=%s/api/sync-users", s.fetchUsersAddr, s.self))
1311 if err != nil {
1312 return
1313 }
1314 users := []user{}
1315 if err := json.NewDecoder(resp.Body).Decode(&users); err != nil {
1316 fmt.Println(err)
1317 return
1318 }
Davit Tabidzea5ea5092024-08-01 15:28:09 +0400[diff] [blame]1319 validUsernames := make(map[string]user)
1320 for _, u := range users {
1321 validUsernames[u.Username] = u
1322 }
1323 allClientUsers, err := s.client.GetAllUsers()
1324 if err != nil {
1325 fmt.Println(err)
1326 return
1327 }
1328 keyToUser := make(map[string]string)
1329 for _, clientUser := range allClientUsers {
Davit Tabidze4aaa27b2024-08-05 20:23:50 +0400[diff] [blame]1330 if clientUser == "admin" || clientUser == "fluxcd" {
1331 continue
1332 }
Davit Tabidzea5ea5092024-08-01 15:28:09 +0400[diff] [blame]1333 userData, ok := validUsernames[clientUser]
1334 if !ok {
1335 if err := s.client.RemoveUser(clientUser); err != nil {
1336 fmt.Println(err)
1337 return
1338 }
1339 } else {
1340 existingKeys, err := s.client.GetUserPublicKeys(clientUser)
1341 if err != nil {
1342 fmt.Println(err)
1343 return
1344 }
1345 for _, existingKey := range existingKeys {
Davit Tabidze4aaa27b2024-08-05 20:23:50 +0400[diff] [blame]1346 cleanKey := soft.CleanKey(existingKey)
Davit Tabidzea5ea5092024-08-01 15:28:09 +0400[diff] [blame]1347 keyOk := slices.ContainsFunc(userData.SSHPublicKeys, func(key string) bool {
Davit Tabidze4aaa27b2024-08-05 20:23:50 +0400[diff] [blame]1348 return cleanKey == soft.CleanKey(key)
Davit Tabidzea5ea5092024-08-01 15:28:09 +0400[diff] [blame]1349 })
1350 if !keyOk {
1351 if err := s.client.RemovePublicKey(clientUser, existingKey); err != nil {
1352 fmt.Println(err)
1353 }
1354 } else {
1355 keyToUser[cleanKey] = clientUser
1356 }
1357 }
1358 }
1359 }
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]1360 for _, u := range users {
Davit Tabidze4aaa27b2024-08-05 20:23:50 +0400[diff] [blame]1361 if err := s.st.CreateUser(u.Username, nil, ""); err != nil && !errors.Is(err, ErrorAlreadyExists) {
1362 fmt.Println(err)
1363 return
1364 }
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]1365 if len(u.SSHPublicKeys) == 0 {
1366 continue
1367 }
Davit Tabidzea5ea5092024-08-01 15:28:09 +0400[diff] [blame]1368 ok, err := s.client.UserExists(u.Username)
1369 if err != nil {
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]1370 fmt.Println(err)
1371 return
Davit Tabidzea5ea5092024-08-01 15:28:09 +0400[diff] [blame]1372 }
1373 if !ok {
1374 if err := s.client.AddUser(u.Username, u.SSHPublicKeys[0]); err != nil {
1375 fmt.Println(err)
1376 return
1377 }
1378 } else {
1379 for _, key := range u.SSHPublicKeys {
Davit Tabidze4aaa27b2024-08-05 20:23:50 +0400[diff] [blame]1380 cleanKey := soft.CleanKey(key)
1381 if user, ok := keyToUser[cleanKey]; ok {
1382 if u.Username != user {
1383 panic("MUST NOT REACH! IMPOSSIBLE KEY USER RECORD")
1384 }
1385 continue
Davit Tabidzea5ea5092024-08-01 15:28:09 +0400[diff] [blame]1386 }
Davit Tabidze4aaa27b2024-08-05 20:23:50 +0400[diff] [blame]1387 if err := s.client.AddPublicKey(u.Username, cleanKey); err != nil {
Davit Tabidzea5ea5092024-08-01 15:28:09 +0400[diff] [blame]1388 fmt.Println(err)
1389 return
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]1390 }
1391 }
1392 }
1393 }
1394 repos, err := s.client.GetAllRepos()
1395 if err != nil {
1396 return
1397 }
1398 for _, r := range repos {
1399 if r == ConfigRepoName {
1400 continue
1401 }
1402 for _, u := range users {
1403 if err := s.client.AddReadWriteCollaborator(r, u.Username); err != nil {
1404 fmt.Println(err)
Davit Tabidze4aaa27b2024-08-05 20:23:50 +0400[diff] [blame]1405 continue
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]1406 }
1407 }
1408 }
1409}
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1410
1411func extractResourceData(resources []installer.Resource) (resourceData, error) {
1412 var ret resourceData
1413 for _, r := range resources {
1414 t, ok := r.Annotations["dodo.cloud/resource-type"]
1415 if !ok {
1416 continue
1417 }
1418 switch t {
1419 case "volume":
1420 name, ok := r.Annotations["dodo.cloud/resource.volume.name"]
1421 if !ok {
1422 return resourceData{}, fmt.Errorf("no name")
1423 }
1424 size, ok := r.Annotations["dodo.cloud/resource.volume.size"]
1425 if !ok {
1426 return resourceData{}, fmt.Errorf("no size")
1427 }
1428 ret.Volume = append(ret.Volume, volume{name, size})
1429 case "postgresql":
1430 name, ok := r.Annotations["dodo.cloud/resource.postgresql.name"]
1431 if !ok {
1432 return resourceData{}, fmt.Errorf("no name")
1433 }
1434 version, ok := r.Annotations["dodo.cloud/resource.postgresql.version"]
1435 if !ok {
1436 return resourceData{}, fmt.Errorf("no version")
1437 }
1438 volume, ok := r.Annotations["dodo.cloud/resource.postgresql.volume"]
1439 if !ok {
1440 return resourceData{}, fmt.Errorf("no volume")
1441 }
1442 ret.PostgreSQL = append(ret.PostgreSQL, postgresql{name, version, volume})
1443 case "ingress":
1444 host, ok := r.Annotations["dodo.cloud/resource.ingress.host"]
1445 if !ok {
1446 return resourceData{}, fmt.Errorf("no host")
1447 }
1448 ret.Ingress = append(ret.Ingress, ingress{host})
1449 default:
1450 fmt.Printf("Unknown resource: %+v\n", r.Annotations)
1451 }
1452 }
1453 return ret, nil
1454}