Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / f078f46a2a60c774e50b2e22cf8cfd9f3a81754f / . / core / installer / server / dodo-app / server.go
blob: 858afa8906e86ee68636d8329029ae6cdff53570 [file] [log] [blame]
gio59946282024-10-07 12:55:51 +0400[diff] [blame]1package dodoapp
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]2
3import (
gio94904702024-07-26 16:58:34 +0400[diff] [blame]4 "bytes"
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]5 "context"
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]6 "embed"
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]7 "encoding/json"
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]8 "errors"
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]9 "fmt"
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]10 "html/template"
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]11 "io"
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]12 "io/fs"
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]13 "net/http"
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]14 "slices"
giof078f462024-10-14 09:07:33 +0400[diff] [blame^]15 "sort"
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]16 "strconv"
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]17 "strings"
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]18 "sync"
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]19 "time"
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]20
Davit Tabidzea5ea5092024-08-01 15:28:09 +0400[diff] [blame]21 "golang.org/x/crypto/bcrypt"
22 "golang.org/x/exp/rand"
23
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]24 "github.com/giolekva/pcloud/core/installer"
gio59946282024-10-07 12:55:51 +0400[diff] [blame]25 "github.com/giolekva/pcloud/core/installer/server"
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]26 "github.com/giolekva/pcloud/core/installer/soft"
gio43b0f422024-08-21 10:40:13 +0400[diff] [blame]27 "github.com/giolekva/pcloud/core/installer/tasks"
gio33059762024-07-05 13:19:07 +0400[diff] [blame]28
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]29 "cuelang.org/go/cue"
gio33059762024-07-05 13:19:07 +0400[diff] [blame]30 "github.com/gorilla/mux"
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]31 "github.com/gorilla/securecookie"
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]32)
33
gio59946282024-10-07 12:55:51 +0400[diff] [blame]34//go:embed templates/*
35var templates embed.FS
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]36
gio59946282024-10-07 12:55:51 +0400[diff] [blame]37//go:embed all:app-templates
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]38var appTmplsFS embed.FS
39
gio59946282024-10-07 12:55:51 +0400[diff] [blame]40//go:embed static/*
41var staticAssets embed.FS
42
43//go:embed static/schemas/app.schema.json
gioc81a8472024-09-24 13:06:19 +0200[diff] [blame]44var dodoAppJsonSchema []byte
45
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]46const (
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]47 ConfigRepoName = "config"
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]48 appConfigsFile = "/apps.json"
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]49 loginPath = "/login"
50 logoutPath = "/logout"
gio59946282024-10-07 12:55:51 +0400[diff] [blame]51 staticPath = "/static/"
gioc81a8472024-09-24 13:06:19 +0200[diff] [blame]52 schemasPath = "/schemas/"
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]53 apiPublicData = "/api/public-data"
54 apiCreateApp = "/api/apps"
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]55 sessionCookie = "dodo-app-session"
56 userCtx = "user"
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]57 initCommitMsg = "init"
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]58)
59
gio59946282024-10-07 12:55:51 +0400[diff] [blame]60type tmplts struct {
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]61 index *template.Template
62 appStatus *template.Template
63 commitStatus *template.Template
gio183e8342024-08-20 06:01:24 +0400[diff] [blame]64 logs *template.Template
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]65}
66
gio59946282024-10-07 12:55:51 +0400[diff] [blame]67func parseTemplates(fs embed.FS) (tmplts, error) {
68 base, err := template.ParseFS(fs, "templates/base.html")
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]69 if err != nil {
gio59946282024-10-07 12:55:51 +0400[diff] [blame]70 return tmplts{}, err
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]71 }
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]72 parse := func(path string) (*template.Template, error) {
73 if b, err := base.Clone(); err != nil {
74 return nil, err
75 } else {
76 return b.ParseFS(fs, path)
77 }
78 }
gio59946282024-10-07 12:55:51 +0400[diff] [blame]79 index, err := parse("templates/index.html")
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]80 if err != nil {
gio59946282024-10-07 12:55:51 +0400[diff] [blame]81 return tmplts{}, err
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]82 }
gio59946282024-10-07 12:55:51 +0400[diff] [blame]83 appStatus, err := parse("templates/app_status.html")
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]84 if err != nil {
gio59946282024-10-07 12:55:51 +0400[diff] [blame]85 return tmplts{}, err
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]86 }
gio59946282024-10-07 12:55:51 +0400[diff] [blame]87 commitStatus, err := parse("templates/commit_status.html")
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]88 if err != nil {
gio59946282024-10-07 12:55:51 +0400[diff] [blame]89 return tmplts{}, err
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]90 }
gio59946282024-10-07 12:55:51 +0400[diff] [blame]91 logs, err := parse("templates/logs.html")
gio183e8342024-08-20 06:01:24 +0400[diff] [blame]92 if err != nil {
gio59946282024-10-07 12:55:51 +0400[diff] [blame]93 return tmplts{}, err
gio183e8342024-08-20 06:01:24 +0400[diff] [blame]94 }
gio59946282024-10-07 12:55:51 +0400[diff] [blame]95 return tmplts{index, appStatus, commitStatus, logs}, nil
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]96}
97
gio59946282024-10-07 12:55:51 +0400[diff] [blame]98type Server struct {
giocb34ad22024-07-11 08:01:13 +0400[diff] [blame]99 l sync.Locker
100 st Store
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]101 nf NetworkFilter
102 ug UserGetter
giocb34ad22024-07-11 08:01:13 +0400[diff] [blame]103 port int
104 apiPort int
105 self string
gioc81a8472024-09-24 13:06:19 +0200[diff] [blame]106 selfPublic string
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]107 repoPublicAddr string
giocb34ad22024-07-11 08:01:13 +0400[diff] [blame]108 sshKey string
109 gitRepoPublicKey string
110 client soft.Client
111 namespace string
112 envAppManagerAddr string
113 env installer.EnvConfig
114 nsc installer.NamespaceCreator
115 jc installer.JobCreator
gio864b4332024-09-05 13:56:47 +0400[diff] [blame]116 vpnKeyGen installer.VPNAPIClient
giof6ad2982024-08-23 17:42:49 +0400[diff] [blame]117 cnc installer.ClusterNetworkConfigurator
giocb34ad22024-07-11 08:01:13 +0400[diff] [blame]118 workers map[string]map[string]struct{}
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]119 appConfigs map[string]appConfig
gio59946282024-10-07 12:55:51 +0400[diff] [blame]120 tmplts tmplts
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]121 appTmpls AppTmplStore
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]122 external bool
123 fetchUsersAddr string
gio43b0f422024-08-21 10:40:13 +0400[diff] [blame]124 reconciler tasks.Reconciler
gio183e8342024-08-20 06:01:24 +0400[diff] [blame]125 logs map[string]string
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]126}
127
128type appConfig struct {
129 Namespace string `json:"namespace"`
130 Network string `json:"network"`
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]131}
132
gio33059762024-07-05 13:19:07 +0400[diff] [blame]133// TODO(gio): Initialize appNs on startup
gio59946282024-10-07 12:55:51 +0400[diff] [blame]134func NewServer(
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]135 st Store,
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]136 nf NetworkFilter,
137 ug UserGetter,
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]138 port int,
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]139 apiPort int,
gio33059762024-07-05 13:19:07 +0400[diff] [blame]140 self string,
gioc81a8472024-09-24 13:06:19 +0200[diff] [blame]141 selfPublic string,
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]142 repoPublicAddr string,
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]143 sshKey string,
gio33059762024-07-05 13:19:07 +0400[diff] [blame]144 gitRepoPublicKey string,
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]145 client soft.Client,
146 namespace string,
giocb34ad22024-07-11 08:01:13 +0400[diff] [blame]147 envAppManagerAddr string,
gio33059762024-07-05 13:19:07 +0400[diff] [blame]148 nsc installer.NamespaceCreator,
giof8843412024-05-22 16:38:05 +0400[diff] [blame]149 jc installer.JobCreator,
gio864b4332024-09-05 13:56:47 +0400[diff] [blame]150 vpnKeyGen installer.VPNAPIClient,
giof6ad2982024-08-23 17:42:49 +0400[diff] [blame]151 cnc installer.ClusterNetworkConfigurator,
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]152 env installer.EnvConfig,
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]153 external bool,
154 fetchUsersAddr string,
gio43b0f422024-08-21 10:40:13 +0400[diff] [blame]155 reconciler tasks.Reconciler,
gio59946282024-10-07 12:55:51 +0400[diff] [blame]156) (*Server, error) {
157 tmplts, err := parseTemplates(templates)
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]158 if err != nil {
159 return nil, err
160 }
gio5e4d1a72024-10-09 15:25:29 +0400[diff] [blame]161 apps, err := fs.Sub(appTmplsFS, "app-templates")
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]162 if err != nil {
163 return nil, err
164 }
165 appTmpls, err := NewAppTmplStoreFS(apps)
166 if err != nil {
167 return nil, err
168 }
gio59946282024-10-07 12:55:51 +0400[diff] [blame]169 s := &Server{
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]170 &sync.Mutex{},
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]171 st,
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]172 nf,
173 ug,
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]174 port,
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]175 apiPort,
gio33059762024-07-05 13:19:07 +0400[diff] [blame]176 self,
gioc81a8472024-09-24 13:06:19 +0200[diff] [blame]177 selfPublic,
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]178 repoPublicAddr,
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]179 sshKey,
gio33059762024-07-05 13:19:07 +0400[diff] [blame]180 gitRepoPublicKey,
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]181 client,
182 namespace,
giocb34ad22024-07-11 08:01:13 +0400[diff] [blame]183 envAppManagerAddr,
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]184 env,
gio33059762024-07-05 13:19:07 +0400[diff] [blame]185 nsc,
giof8843412024-05-22 16:38:05 +0400[diff] [blame]186 jc,
gio36b23b32024-08-25 12:20:54 +0400[diff] [blame]187 vpnKeyGen,
giof6ad2982024-08-23 17:42:49 +0400[diff] [blame]188 cnc,
gio266c04f2024-07-03 14:18:45 +0400[diff] [blame]189 map[string]map[string]struct{}{},
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]190 map[string]appConfig{},
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]191 tmplts,
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]192 appTmpls,
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]193 external,
194 fetchUsersAddr,
gio43b0f422024-08-21 10:40:13 +0400[diff] [blame]195 reconciler,
gio183e8342024-08-20 06:01:24 +0400[diff] [blame]196 map[string]string{},
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]197 }
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]198 config, err := client.GetRepo(ConfigRepoName)
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]199 if err != nil {
200 return nil, err
201 }
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]202 r, err := config.Reader(appConfigsFile)
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]203 if err == nil {
204 defer r.Close()
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]205 if err := json.NewDecoder(r).Decode(&s.appConfigs); err != nil {
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]206 return nil, err
207 }
208 } else if !errors.Is(err, fs.ErrNotExist) {
209 return nil, err
210 }
211 return s, nil
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]212}
213
gio59946282024-10-07 12:55:51 +0400[diff] [blame]214func (s *Server) getAppConfig(app, branch string) appConfig {
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]215 return s.appConfigs[fmt.Sprintf("%s-%s", app, branch)]
216}
217
gio59946282024-10-07 12:55:51 +0400[diff] [blame]218func (s *Server) setAppConfig(app, branch string, cfg appConfig) {
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]219 s.appConfigs[fmt.Sprintf("%s-%s", app, branch)] = cfg
220}
221
gio59946282024-10-07 12:55:51 +0400[diff] [blame]222func (s *Server) Start() error {
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]223 // if err := s.client.DisableKeyless(); err != nil {
224 // return err
225 // }
226 // if err := s.client.DisableAnonAccess(); err != nil {
227 // return err
228 // }
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]229 e := make(chan error)
230 go func() {
231 r := mux.NewRouter()
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]232 r.Use(s.mwAuth)
gioc81a8472024-09-24 13:06:19 +0200[diff] [blame]233 r.HandleFunc(schemasPath+"app.schema.json", s.handleSchema).Methods(http.MethodGet)
gio59946282024-10-07 12:55:51 +0400[diff] [blame]234 r.PathPrefix(staticPath).Handler(server.NewCachingHandler(http.FileServer(http.FS(staticAssets))))
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]235 r.HandleFunc(logoutPath, s.handleLogout).Methods(http.MethodGet)
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]236 r.HandleFunc(apiPublicData, s.handleAPIPublicData)
237 r.HandleFunc(apiCreateApp, s.handleAPICreateApp).Methods(http.MethodPost)
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]238 r.HandleFunc("/{app-name}"+loginPath, s.handleLoginForm).Methods(http.MethodGet)
239 r.HandleFunc("/{app-name}"+loginPath, s.handleLogin).Methods(http.MethodPost)
gio183e8342024-08-20 06:01:24 +0400[diff] [blame]240 r.HandleFunc("/{app-name}/logs", s.handleAppLogs).Methods(http.MethodGet)
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]241 r.HandleFunc("/{app-name}/{hash}", s.handleAppCommit).Methods(http.MethodGet)
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]242 r.HandleFunc("/{app-name}/dev-branch/create", s.handleCreateDevBranch).Methods(http.MethodPost)
243 r.HandleFunc("/{app-name}/branch/{branch}", s.handleAppStatus).Methods(http.MethodGet)
gio5887caa2024-10-03 15:07:23 +0400[diff] [blame]244 r.HandleFunc("/{app-name}/branch/{branch}/delete", s.handleBranchDelete).Methods(http.MethodPost)
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]245 r.HandleFunc("/{app-name}", s.handleAppStatus).Methods(http.MethodGet)
gio5887caa2024-10-03 15:07:23 +0400[diff] [blame]246 r.HandleFunc("/{app-name}/delete", s.handleAppDelete).Methods(http.MethodPost)
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]247 r.HandleFunc("/", s.handleStatus).Methods(http.MethodGet)
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]248 r.HandleFunc("/", s.handleCreateApp).Methods(http.MethodPost)
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]249 e <- http.ListenAndServe(fmt.Sprintf(":%d", s.port), r)
250 }()
251 go func() {
252 r := mux.NewRouter()
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]253 r.HandleFunc("/update", s.handleAPIUpdate)
254 r.HandleFunc("/api/apps/{app-name}/workers", s.handleAPIRegisterWorker).Methods(http.MethodPost)
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]255 r.HandleFunc("/api/add-public-key", s.handleAPIAddPublicKey).Methods(http.MethodPost)
giocfb228c2024-09-06 15:44:31 +0400[diff] [blame]256 r.HandleFunc("/api/apps/{app-name}/branch/{branch}/env-profile", s.handleBranchEnvProfile).Methods(http.MethodGet)
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]257 if !s.external {
258 r.HandleFunc("/api/sync-users", s.handleAPISyncUsers).Methods(http.MethodGet)
259 }
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]260 e <- http.ListenAndServe(fmt.Sprintf(":%d", s.apiPort), r)
261 }()
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]262 if !s.external {
263 go func() {
264 s.syncUsers()
Davit Tabidzea5ea5092024-08-01 15:28:09 +0400[diff] [blame]265 for {
266 delay := time.Duration(rand.Intn(60)+60) * time.Second
267 time.Sleep(delay)
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]268 s.syncUsers()
269 }
270 }()
271 }
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]272 return <-e
273}
274
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]275type UserGetter interface {
276 Get(r *http.Request) string
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]277 Encode(w http.ResponseWriter, user string) error
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]278}
279
280type externalUserGetter struct {
281 sc *securecookie.SecureCookie
282}
283
284func NewExternalUserGetter() UserGetter {
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]285 return &externalUserGetter{securecookie.New(
286 securecookie.GenerateRandomKey(64),
287 securecookie.GenerateRandomKey(32),
288 )}
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]289}
290
291func (ug *externalUserGetter) Get(r *http.Request) string {
292 cookie, err := r.Cookie(sessionCookie)
293 if err != nil {
294 return ""
295 }
296 var user string
297 if err := ug.sc.Decode(sessionCookie, cookie.Value, &user); err != nil {
298 return ""
299 }
300 return user
301}
302
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]303func (ug *externalUserGetter) Encode(w http.ResponseWriter, user string) error {
304 if encoded, err := ug.sc.Encode(sessionCookie, user); err == nil {
305 cookie := &http.Cookie{
306 Name: sessionCookie,
307 Value: encoded,
308 Path: "/",
309 Secure: true,
310 HttpOnly: true,
311 }
312 http.SetCookie(w, cookie)
313 return nil
314 } else {
315 return err
316 }
317}
318
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]319type internalUserGetter struct{}
320
321func NewInternalUserGetter() UserGetter {
322 return internalUserGetter{}
323}
324
325func (ug internalUserGetter) Get(r *http.Request) string {
giodd213152024-09-27 11:26:59 +0200[diff] [blame]326 return r.Header.Get("X-Forwarded-User")
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]327}
328
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]329func (ug internalUserGetter) Encode(w http.ResponseWriter, user string) error {
330 return nil
331}
332
gio59946282024-10-07 12:55:51 +0400[diff] [blame]333func (s *Server) mwAuth(next http.Handler) http.Handler {
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]334 return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]335 if strings.HasSuffix(r.URL.Path, loginPath) ||
336 strings.HasPrefix(r.URL.Path, logoutPath) ||
337 strings.HasPrefix(r.URL.Path, staticPath) ||
gioc81a8472024-09-24 13:06:19 +0200[diff] [blame]338 strings.HasPrefix(r.URL.Path, schemasPath) ||
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]339 strings.HasPrefix(r.URL.Path, apiPublicData) ||
340 strings.HasPrefix(r.URL.Path, apiCreateApp) {
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]341 next.ServeHTTP(w, r)
342 return
343 }
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]344 user := s.ug.Get(r)
345 if user == "" {
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]346 vars := mux.Vars(r)
347 appName, ok := vars["app-name"]
348 if !ok || appName == "" {
349 http.Error(w, "missing app-name", http.StatusBadRequest)
350 return
351 }
352 http.Redirect(w, r, fmt.Sprintf("/%s%s", appName, loginPath), http.StatusSeeOther)
353 return
354 }
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]355 next.ServeHTTP(w, r.WithContext(context.WithValue(r.Context(), userCtx, user)))
356 })
357}
358
gio59946282024-10-07 12:55:51 +0400[diff] [blame]359func (s *Server) handleSchema(w http.ResponseWriter, r *http.Request) {
gioc81a8472024-09-24 13:06:19 +0200[diff] [blame]360 w.Header().Set("Content-Type", "application/schema+json")
361 w.Write(dodoAppJsonSchema)
362}
363
gio59946282024-10-07 12:55:51 +0400[diff] [blame]364func (s *Server) handleLogout(w http.ResponseWriter, r *http.Request) {
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]365 // TODO(gio): move to UserGetter
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]366 http.SetCookie(w, &http.Cookie{
367 Name: sessionCookie,
368 Value: "",
369 Path: "/",
370 HttpOnly: true,
371 Secure: true,
372 })
373 http.Redirect(w, r, "/", http.StatusSeeOther)
374}
375
gio59946282024-10-07 12:55:51 +0400[diff] [blame]376func (s *Server) handleLoginForm(w http.ResponseWriter, r *http.Request) {
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]377 vars := mux.Vars(r)
378 appName, ok := vars["app-name"]
379 if !ok || appName == "" {
380 http.Error(w, "missing app-name", http.StatusBadRequest)
381 return
382 }
383 fmt.Fprint(w, `
384<!DOCTYPE html>
385<html lang='en'>
386 <head>
387 <title>dodo: app - login</title>
388 <meta charset='utf-8'>
389 </head>
390 <body>
391 <form action="" method="POST">
392 <input type="password" placeholder="Password" name="password" required />
393 <button type="submit">Login</button>
394 </form>
395 </body>
396</html>
397`)
398}
399
gio59946282024-10-07 12:55:51 +0400[diff] [blame]400func (s *Server) handleLogin(w http.ResponseWriter, r *http.Request) {
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]401 vars := mux.Vars(r)
402 appName, ok := vars["app-name"]
403 if !ok || appName == "" {
404 http.Error(w, "missing app-name", http.StatusBadRequest)
405 return
406 }
407 password := r.FormValue("password")
408 if password == "" {
409 http.Error(w, "missing password", http.StatusBadRequest)
410 return
411 }
412 user, err := s.st.GetAppOwner(appName)
413 if err != nil {
414 http.Error(w, err.Error(), http.StatusInternalServerError)
415 return
416 }
417 hashed, err := s.st.GetUserPassword(user)
418 if err != nil {
419 http.Error(w, err.Error(), http.StatusInternalServerError)
420 return
421 }
422 if err := bcrypt.CompareHashAndPassword(hashed, []byte(password)); err != nil {
423 http.Redirect(w, r, r.URL.Path, http.StatusSeeOther)
424 return
425 }
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]426 if err := s.ug.Encode(w, user); err != nil {
427 http.Error(w, err.Error(), http.StatusInternalServerError)
428 return
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]429 }
430 http.Redirect(w, r, fmt.Sprintf("/%s", appName), http.StatusSeeOther)
431}
432
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]433type navItem struct {
434 Name string
435 Address string
436}
437
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]438type statusData struct {
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]439 Navigation []navItem
440 Apps []string
441 Networks []installer.Network
442 Types []string
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]443}
444
gio59946282024-10-07 12:55:51 +0400[diff] [blame]445func (s *Server) handleStatus(w http.ResponseWriter, r *http.Request) {
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]446 user := r.Context().Value(userCtx)
447 if user == nil {
448 http.Error(w, "unauthorized", http.StatusUnauthorized)
449 return
450 }
451 apps, err := s.st.GetUserApps(user.(string))
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]452 if err != nil {
453 http.Error(w, err.Error(), http.StatusInternalServerError)
454 return
455 }
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]456 networks, err := s.getNetworks(user.(string))
457 if err != nil {
458 http.Error(w, err.Error(), http.StatusInternalServerError)
459 return
460 }
giob54db242024-07-30 18:49:33 +0400[diff] [blame]461 var types []string
462 for _, t := range s.appTmpls.Types() {
463 types = append(types, strings.Replace(t, "-", ":", 1))
464 }
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]465 n := []navItem{navItem{"Home", "/"}}
466 data := statusData{n, apps, networks, types}
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]467 if err := s.tmplts.index.Execute(w, data); err != nil {
468 http.Error(w, err.Error(), http.StatusInternalServerError)
469 return
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]470 }
471}
472
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]473type appStatusData struct {
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]474 Navigation []navItem
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]475 Name string
gio5887caa2024-10-03 15:07:23 +0400[diff] [blame]476 Branch string
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]477 GitCloneCommand string
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]478 Commits []CommitMeta
gio183e8342024-08-20 06:01:24 +0400[diff] [blame]479 LastCommit resourceData
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]480 Branches []string
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]481}
482
gio59946282024-10-07 12:55:51 +0400[diff] [blame]483func (s *Server) handleAppStatus(w http.ResponseWriter, r *http.Request) {
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]484 vars := mux.Vars(r)
485 appName, ok := vars["app-name"]
486 if !ok || appName == "" {
487 http.Error(w, "missing app-name", http.StatusBadRequest)
488 return
489 }
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]490 branch, ok := vars["branch"]
491 if !ok || branch == "" {
492 branch = "master"
493 }
gio94904702024-07-26 16:58:34 +0400[diff] [blame]494 u := r.Context().Value(userCtx)
495 if u == nil {
496 http.Error(w, "unauthorized", http.StatusUnauthorized)
497 return
498 }
499 user, ok := u.(string)
500 if !ok {
501 http.Error(w, "could not get user", http.StatusInternalServerError)
502 return
503 }
504 owner, err := s.st.GetAppOwner(appName)
505 if err != nil {
506 http.Error(w, err.Error(), http.StatusInternalServerError)
507 return
508 }
509 if owner != user {
510 http.Error(w, "unauthorized", http.StatusUnauthorized)
511 return
512 }
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]513 commits, err := s.st.GetCommitHistory(appName, branch)
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]514 if err != nil {
515 http.Error(w, err.Error(), http.StatusInternalServerError)
516 return
517 }
gio183e8342024-08-20 06:01:24 +0400[diff] [blame]518 var lastCommitResources resourceData
519 if len(commits) > 0 {
520 lastCommit, err := s.st.GetCommit(commits[len(commits)-1].Hash)
521 if err != nil {
522 http.Error(w, err.Error(), http.StatusInternalServerError)
523 return
524 }
525 r, err := extractResourceData(lastCommit.Resources.Helm)
526 if err != nil {
527 http.Error(w, err.Error(), http.StatusInternalServerError)
528 return
529 }
530 lastCommitResources = r
531 }
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]532 branches, err := s.st.GetBranches(appName)
533 if err != nil {
534 http.Error(w, err.Error(), http.StatusInternalServerError)
535 return
536 }
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]537 data := appStatusData{
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]538 Navigation: []navItem{
539 navItem{"Home", "/"},
540 navItem{appName, "/" + appName},
541 },
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]542 Name: appName,
gio5887caa2024-10-03 15:07:23 +0400[diff] [blame]543 Branch: branch,
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]544 GitCloneCommand: fmt.Sprintf("git clone %s/%s\n\n\n", s.repoPublicAddr, appName),
545 Commits: commits,
gio183e8342024-08-20 06:01:24 +0400[diff] [blame]546 LastCommit: lastCommitResources,
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]547 Branches: branches,
548 }
549 if branch != "master" {
550 data.Navigation = append(data.Navigation, navItem{branch, fmt.Sprintf("/%s/branch/%s", appName, branch)})
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]551 }
552 if err := s.tmplts.appStatus.Execute(w, data); err != nil {
553 http.Error(w, err.Error(), http.StatusInternalServerError)
554 return
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]555 }
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]556}
557
giocfb228c2024-09-06 15:44:31 +0400[diff] [blame]558type appEnv struct {
559 Profile string `json:"envProfile"`
560}
561
gio59946282024-10-07 12:55:51 +0400[diff] [blame]562func (s *Server) handleBranchEnvProfile(w http.ResponseWriter, r *http.Request) {
giocfb228c2024-09-06 15:44:31 +0400[diff] [blame]563 vars := mux.Vars(r)
564 appName, ok := vars["app-name"]
565 if !ok || appName == "" {
566 http.Error(w, "missing app-name", http.StatusBadRequest)
567 return
568 }
569 branch, ok := vars["branch"]
570 if !ok || branch == "" {
571 branch = "master"
572 }
573 info, err := s.st.GetLastCommitInfo(appName, branch)
574 if err != nil {
575 http.Error(w, err.Error(), http.StatusInternalServerError)
576 return
577 }
578 var e appEnv
579 if err := json.NewDecoder(bytes.NewReader(info.Resources.RenderedRaw)).Decode(&e); err != nil {
580 http.Error(w, err.Error(), http.StatusInternalServerError)
581 return
582 }
583 fmt.Fprintln(w, e.Profile)
584}
585
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]586type volume struct {
587 Name string
588 Size string
589}
590
591type postgresql struct {
592 Name string
593 Version string
594 Volume string
595}
596
597type ingress struct {
giof078f462024-10-14 09:07:33 +0400[diff] [blame^]598 Name string
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]599 Host string
giof078f462024-10-14 09:07:33 +0400[diff] [blame^]600 Home string
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]601}
602
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]603type vm struct {
604 Name string
605 User string
606 CPUCores int
607 Memory string
608}
609
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]610type resourceData struct {
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]611 Volume []volume
612 PostgreSQL []postgresql
613 Ingress []ingress
614 VirtualMachine []vm
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]615}
616
617type commitStatusData struct {
618 Navigation []navItem
619 AppName string
620 Commit Commit
621 Resources resourceData
622}
623
gio59946282024-10-07 12:55:51 +0400[diff] [blame]624func (s *Server) handleAppCommit(w http.ResponseWriter, r *http.Request) {
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]625 vars := mux.Vars(r)
626 appName, ok := vars["app-name"]
627 if !ok || appName == "" {
628 http.Error(w, "missing app-name", http.StatusBadRequest)
629 return
630 }
631 hash, ok := vars["hash"]
632 if !ok || appName == "" {
633 http.Error(w, "missing app-name", http.StatusBadRequest)
634 return
635 }
636 u := r.Context().Value(userCtx)
637 if u == nil {
638 http.Error(w, "unauthorized", http.StatusUnauthorized)
639 return
640 }
641 user, ok := u.(string)
642 if !ok {
643 http.Error(w, "could not get user", http.StatusInternalServerError)
644 return
645 }
646 owner, err := s.st.GetAppOwner(appName)
647 if err != nil {
648 http.Error(w, err.Error(), http.StatusInternalServerError)
649 return
650 }
651 if owner != user {
652 http.Error(w, "unauthorized", http.StatusUnauthorized)
653 return
654 }
655 commit, err := s.st.GetCommit(hash)
656 if err != nil {
657 // TODO(gio): not-found ?
658 http.Error(w, err.Error(), http.StatusInternalServerError)
659 return
660 }
661 var res strings.Builder
662 if err := json.NewEncoder(&res).Encode(commit.Resources.Helm); err != nil {
663 http.Error(w, err.Error(), http.StatusInternalServerError)
664 return
665 }
666 resData, err := extractResourceData(commit.Resources.Helm)
667 if err != nil {
668 http.Error(w, err.Error(), http.StatusInternalServerError)
669 return
670 }
671 data := commitStatusData{
672 Navigation: []navItem{
673 navItem{"Home", "/"},
674 navItem{appName, "/" + appName},
675 navItem{hash, "/" + appName + "/" + hash},
676 },
677 AppName: appName,
678 Commit: commit,
679 Resources: resData,
680 }
681 if err := s.tmplts.commitStatus.Execute(w, data); err != nil {
682 http.Error(w, err.Error(), http.StatusInternalServerError)
683 return
684 }
685}
686
gio183e8342024-08-20 06:01:24 +0400[diff] [blame]687type logData struct {
688 Navigation []navItem
689 AppName string
690 Logs template.HTML
691}
692
gio59946282024-10-07 12:55:51 +0400[diff] [blame]693func (s *Server) handleAppLogs(w http.ResponseWriter, r *http.Request) {
gio183e8342024-08-20 06:01:24 +0400[diff] [blame]694 vars := mux.Vars(r)
695 appName, ok := vars["app-name"]
696 if !ok || appName == "" {
697 http.Error(w, "missing app-name", http.StatusBadRequest)
698 return
699 }
700 u := r.Context().Value(userCtx)
701 if u == nil {
702 http.Error(w, "unauthorized", http.StatusUnauthorized)
703 return
704 }
705 user, ok := u.(string)
706 if !ok {
707 http.Error(w, "could not get user", http.StatusInternalServerError)
708 return
709 }
710 owner, err := s.st.GetAppOwner(appName)
711 if err != nil {
712 http.Error(w, err.Error(), http.StatusInternalServerError)
713 return
714 }
715 if owner != user {
716 http.Error(w, "unauthorized", http.StatusUnauthorized)
717 return
718 }
719 data := logData{
720 Navigation: []navItem{
721 navItem{"Home", "/"},
722 navItem{appName, "/" + appName},
723 navItem{"Logs", "/" + appName + "/logs"},
724 },
725 AppName: appName,
726 Logs: template.HTML(strings.ReplaceAll(s.logs[appName], "\n", "<br/>")),
727 }
728 if err := s.tmplts.logs.Execute(w, data); err != nil {
729 fmt.Println(err)
730 http.Error(w, err.Error(), http.StatusInternalServerError)
731 return
732 }
733}
734
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]735type apiUpdateReq struct {
gio266c04f2024-07-03 14:18:45 +0400[diff] [blame]736 Ref string `json:"ref"`
737 Repository struct {
738 Name string `json:"name"`
739 } `json:"repository"`
gioe2e31e12024-08-18 08:20:56 +0400[diff] [blame]740 After string `json:"after"`
741 Commits []struct {
742 Id string `json:"id"`
743 Message string `json:"message"`
744 } `json:"commits"`
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]745}
746
gio59946282024-10-07 12:55:51 +0400[diff] [blame]747func (s *Server) handleAPIUpdate(w http.ResponseWriter, r *http.Request) {
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]748 fmt.Println("update")
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]749 var req apiUpdateReq
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]750 var contents strings.Builder
751 io.Copy(&contents, r.Body)
752 c := contents.String()
753 fmt.Println(c)
754 if err := json.NewDecoder(strings.NewReader(c)).Decode(&req); err != nil {
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]755 http.Error(w, err.Error(), http.StatusBadRequest)
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]756 return
757 }
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]758 if strings.HasPrefix(req.Ref, "refs/heads/dodo_") || req.Repository.Name == ConfigRepoName {
759 return
760 }
761 branch, ok := strings.CutPrefix(req.Ref, "refs/heads/")
762 if !ok {
763 http.Error(w, "invalid branch", http.StatusBadRequest)
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]764 return
765 }
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]766 // TODO(gio): Create commit record on app init as well
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]767 go func() {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]768 owner, err := s.st.GetAppOwner(req.Repository.Name)
769 if err != nil {
770 return
771 }
772 networks, err := s.getNetworks(owner)
giocb34ad22024-07-11 08:01:13 +0400[diff] [blame]773 if err != nil {
774 return
775 }
giof15b9da2024-09-19 06:59:16 +0400[diff] [blame]776 // TODO(gio): get only available ones by owner
777 clusters, err := s.getClusters()
778 if err != nil {
779 return
780 }
gio94904702024-07-26 16:58:34 +0400[diff] [blame]781 apps := installer.NewInMemoryAppRepository(installer.CreateAllApps())
782 instanceAppStatus, err := installer.FindEnvApp(apps, "dodo-app-instance-status")
783 if err != nil {
784 return
785 }
gioe2e31e12024-08-18 08:20:56 +0400[diff] [blame]786 found := false
787 commitMsg := ""
788 for _, c := range req.Commits {
789 if c.Id == req.After {
790 found = true
791 commitMsg = c.Message
792 break
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]793 }
794 }
gioe2e31e12024-08-18 08:20:56 +0400[diff] [blame]795 if !found {
796 fmt.Printf("Error: could not find commit message")
797 return
798 }
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]799 s.l.Lock()
800 defer s.l.Unlock()
giof15b9da2024-09-19 06:59:16 +0400[diff] [blame]801 resources, err := s.updateDodoApp(instanceAppStatus, req.Repository.Name, branch, s.getAppConfig(req.Repository.Name, branch).Namespace, networks, clusters, owner)
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]802 if err = s.createCommit(req.Repository.Name, branch, req.After, commitMsg, err, resources); err != nil {
gio12e887d2024-08-18 16:09:47 +0400[diff] [blame]803 fmt.Printf("Error: %s\n", err.Error())
gioe2e31e12024-08-18 08:20:56 +0400[diff] [blame]804 return
805 }
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]806 for addr, _ := range s.workers[req.Repository.Name] {
807 go func() {
808 // TODO(gio): make port configurable
809 http.Get(fmt.Sprintf("http://%s/update", addr))
810 }()
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]811 }
812 }()
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]813}
814
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]815type apiRegisterWorkerReq struct {
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]816 Address string `json:"address"`
gio183e8342024-08-20 06:01:24 +0400[diff] [blame]817 Logs string `json:"logs"`
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]818}
819
gio59946282024-10-07 12:55:51 +0400[diff] [blame]820func (s *Server) handleAPIRegisterWorker(w http.ResponseWriter, r *http.Request) {
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]821 // TODO(gio): lock
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]822 vars := mux.Vars(r)
823 appName, ok := vars["app-name"]
824 if !ok || appName == "" {
825 http.Error(w, "missing app-name", http.StatusBadRequest)
826 return
827 }
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]828 var req apiRegisterWorkerReq
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]829 if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
830 http.Error(w, err.Error(), http.StatusInternalServerError)
831 return
832 }
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]833 if _, ok := s.workers[appName]; !ok {
834 s.workers[appName] = map[string]struct{}{}
gio266c04f2024-07-03 14:18:45 +0400[diff] [blame]835 }
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]836 s.workers[appName][req.Address] = struct{}{}
gio183e8342024-08-20 06:01:24 +0400[diff] [blame]837 s.logs[appName] = req.Logs
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]838}
839
gio59946282024-10-07 12:55:51 +0400[diff] [blame]840func (s *Server) handleCreateApp(w http.ResponseWriter, r *http.Request) {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]841 u := r.Context().Value(userCtx)
842 if u == nil {
843 http.Error(w, "unauthorized", http.StatusUnauthorized)
844 return
845 }
846 user, ok := u.(string)
847 if !ok {
848 http.Error(w, "could not get user", http.StatusInternalServerError)
849 return
850 }
851 network := r.FormValue("network")
852 if network == "" {
853 http.Error(w, "missing network", http.StatusBadRequest)
854 return
855 }
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]856 subdomain := r.FormValue("subdomain")
857 if subdomain == "" {
858 http.Error(w, "missing subdomain", http.StatusBadRequest)
859 return
860 }
861 appType := r.FormValue("type")
862 if appType == "" {
863 http.Error(w, "missing type", http.StatusBadRequest)
864 return
865 }
gio5cc6afc2024-10-06 09:33:44 +0400[diff] [blame]866 appName := r.FormValue("name")
867 var err error
868 if appName == "" {
869 g := installer.NewFixedLengthRandomNameGenerator(3)
870 appName, err = g.Generate()
871 }
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]872 if err != nil {
873 http.Error(w, err.Error(), http.StatusInternalServerError)
874 return
875 }
876 if ok, err := s.client.UserExists(user); err != nil {
877 http.Error(w, err.Error(), http.StatusInternalServerError)
878 return
879 } else if !ok {
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]880 http.Error(w, "user sync has not finished, please try again in few minutes", http.StatusFailedDependency)
881 return
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]882 }
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]883 if err := s.st.CreateUser(user, nil, network); err != nil && !errors.Is(err, ErrorAlreadyExists) {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]884 http.Error(w, err.Error(), http.StatusInternalServerError)
885 return
886 }
887 if err := s.st.CreateApp(appName, user); err != nil {
888 http.Error(w, err.Error(), http.StatusInternalServerError)
889 return
890 }
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]891 if err := s.createApp(user, appName, appType, network, subdomain); err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]892 http.Error(w, err.Error(), http.StatusInternalServerError)
893 return
894 }
895 http.Redirect(w, r, fmt.Sprintf("/%s", appName), http.StatusSeeOther)
896}
897
gio59946282024-10-07 12:55:51 +0400[diff] [blame]898func (s *Server) handleCreateDevBranch(w http.ResponseWriter, r *http.Request) {
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]899 u := r.Context().Value(userCtx)
900 if u == nil {
901 http.Error(w, "unauthorized", http.StatusUnauthorized)
902 return
903 }
904 user, ok := u.(string)
905 if !ok {
906 http.Error(w, "could not get user", http.StatusInternalServerError)
907 return
908 }
909 vars := mux.Vars(r)
910 appName, ok := vars["app-name"]
911 if !ok || appName == "" {
912 http.Error(w, "missing app-name", http.StatusBadRequest)
913 return
914 }
915 branch := r.FormValue("branch")
916 if branch == "" {
gio5887caa2024-10-03 15:07:23 +0400[diff] [blame]917 http.Error(w, "missing branch", http.StatusBadRequest)
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]918 return
919 }
920 if err := s.createDevBranch(appName, "master", branch, user); err != nil {
921 http.Error(w, err.Error(), http.StatusInternalServerError)
922 return
923 }
924 http.Redirect(w, r, fmt.Sprintf("/%s/branch/%s", appName, branch), http.StatusSeeOther)
925}
926
gio59946282024-10-07 12:55:51 +0400[diff] [blame]927func (s *Server) handleBranchDelete(w http.ResponseWriter, r *http.Request) {
gio5887caa2024-10-03 15:07:23 +0400[diff] [blame]928 u := r.Context().Value(userCtx)
929 if u == nil {
930 http.Error(w, "unauthorized", http.StatusUnauthorized)
931 return
932 }
933 vars := mux.Vars(r)
934 appName, ok := vars["app-name"]
935 if !ok || appName == "" {
936 http.Error(w, "missing app-name", http.StatusBadRequest)
937 return
938 }
939 branch, ok := vars["branch"]
940 if !ok || branch == "" {
941 http.Error(w, "missing branch", http.StatusBadRequest)
942 return
943 }
944 if err := s.deleteBranch(appName, branch); err != nil {
945 http.Error(w, err.Error(), http.StatusInternalServerError)
946 return
947 }
948 http.Redirect(w, r, fmt.Sprintf("/%s", appName), http.StatusSeeOther)
949}
950
gio59946282024-10-07 12:55:51 +0400[diff] [blame]951func (s *Server) handleAppDelete(w http.ResponseWriter, r *http.Request) {
gio5887caa2024-10-03 15:07:23 +0400[diff] [blame]952 u := r.Context().Value(userCtx)
953 if u == nil {
954 http.Error(w, "unauthorized", http.StatusUnauthorized)
955 return
956 }
957 vars := mux.Vars(r)
958 appName, ok := vars["app-name"]
959 if !ok || appName == "" {
960 http.Error(w, "missing app-name", http.StatusBadRequest)
961 return
962 }
963 if err := s.deleteApp(appName); err != nil {
964 http.Error(w, err.Error(), http.StatusInternalServerError)
965 return
966 }
gioe44c1512024-10-06 14:13:55 +0400[diff] [blame]967 http.Redirect(w, r, "/", http.StatusSeeOther)
gio5887caa2024-10-03 15:07:23 +0400[diff] [blame]968}
969
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]970type apiCreateAppReq struct {
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]971 AppType string `json:"type"`
gio33059762024-07-05 13:19:07 +0400[diff] [blame]972 AdminPublicKey string `json:"adminPublicKey"`
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]973 Network string `json:"network"`
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]974 Subdomain string `json:"subdomain"`
gio33059762024-07-05 13:19:07 +0400[diff] [blame]975}
976
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]977type apiCreateAppResp struct {
978 AppName string `json:"appName"`
979 Password string `json:"password"`
gio33059762024-07-05 13:19:07 +0400[diff] [blame]980}
981
gio59946282024-10-07 12:55:51 +0400[diff] [blame]982func (s *Server) handleAPICreateApp(w http.ResponseWriter, r *http.Request) {
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]983 w.Header().Set("Access-Control-Allow-Origin", "*")
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]984 var req apiCreateAppReq
gio33059762024-07-05 13:19:07 +0400[diff] [blame]985 if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
986 http.Error(w, err.Error(), http.StatusBadRequest)
987 return
988 }
989 g := installer.NewFixedLengthRandomNameGenerator(3)
990 appName, err := g.Generate()
991 if err != nil {
992 http.Error(w, err.Error(), http.StatusInternalServerError)
993 return
994 }
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]995 user, err := s.client.FindUser(req.AdminPublicKey)
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]996 if err != nil {
gio33059762024-07-05 13:19:07 +0400[diff] [blame]997 http.Error(w, err.Error(), http.StatusInternalServerError)
998 return
999 }
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1000 if user != "" {
1001 http.Error(w, "public key already registered", http.StatusBadRequest)
1002 return
1003 }
1004 user = appName
1005 if err := s.client.AddUser(user, req.AdminPublicKey); err != nil {
1006 http.Error(w, err.Error(), http.StatusInternalServerError)
1007 return
1008 }
1009 password := generatePassword()
1010 hashed, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
1011 if err != nil {
1012 http.Error(w, err.Error(), http.StatusInternalServerError)
1013 return
1014 }
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]1015 if err := s.st.CreateUser(user, hashed, req.Network); err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1016 http.Error(w, err.Error(), http.StatusInternalServerError)
1017 return
1018 }
1019 if err := s.st.CreateApp(appName, user); err != nil {
1020 http.Error(w, err.Error(), http.StatusInternalServerError)
1021 return
1022 }
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]1023 if err := s.createApp(user, appName, req.AppType, req.Network, req.Subdomain); err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1024 http.Error(w, err.Error(), http.StatusInternalServerError)
1025 return
1026 }
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]1027 resp := apiCreateAppResp{
1028 AppName: appName,
1029 Password: password,
1030 }
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1031 if err := json.NewEncoder(w).Encode(resp); err != nil {
1032 http.Error(w, err.Error(), http.StatusInternalServerError)
1033 return
1034 }
1035}
1036
gio59946282024-10-07 12:55:51 +0400[diff] [blame]1037func (s *Server) isNetworkUseAllowed(network string) bool {
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]1038 if !s.external {
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]1039 return true
1040 }
1041 for _, cfg := range s.appConfigs {
1042 if strings.ToLower(cfg.Network) == network {
1043 return false
1044 }
1045 }
1046 return true
1047}
1048
gio59946282024-10-07 12:55:51 +0400[diff] [blame]1049func (s *Server) createApp(user, appName, appType, network, subdomain string) error {
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]1050 s.l.Lock()
1051 defer s.l.Unlock()
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1052 fmt.Printf("Creating app: %s\n", appName)
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]1053 network = strings.ToLower(network)
1054 if !s.isNetworkUseAllowed(network) {
1055 return fmt.Errorf("network already used: %s", network)
1056 }
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1057 if ok, err := s.client.RepoExists(appName); err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1058 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1059 } else if ok {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1060 return nil
gioa60f0de2024-07-08 10:49:48 +0400[diff] [blame]1061 }
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]1062 networks, err := s.getNetworks(user)
1063 if err != nil {
1064 return err
1065 }
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]1066 n, ok := installer.NetworkMap(networks)[network]
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]1067 if !ok {
1068 return fmt.Errorf("network not found: %s\n", network)
1069 }
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1070 if err := s.client.AddRepository(appName); err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1071 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1072 }
1073 appRepo, err := s.client.GetRepo(appName)
1074 if err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1075 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1076 }
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1077 files, err := s.renderAppConfigTemplate(appType, n, subdomain)
1078 if err != nil {
1079 return err
1080 }
1081 return s.createAppForBranch(appRepo, appName, "master", user, network, files)
1082}
1083
gio59946282024-10-07 12:55:51 +0400[diff] [blame]1084func (s *Server) createDevBranch(appName, fromBranch, toBranch, user string) error {
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1085 s.l.Lock()
1086 defer s.l.Unlock()
1087 fmt.Printf("Creating dev branch app: %s %s %s\n", appName, fromBranch, toBranch)
1088 appRepo, err := s.client.GetRepoBranch(appName, fromBranch)
1089 if err != nil {
1090 return err
1091 }
gioc81a8472024-09-24 13:06:19 +0200[diff] [blame]1092 appCfg, err := soft.ReadFile(appRepo, "app.json")
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1093 if err != nil {
1094 return err
1095 }
1096 network, branchCfg, err := createDevBranchAppConfig(appCfg, toBranch, user)
1097 if err != nil {
1098 return err
1099 }
gioc81a8472024-09-24 13:06:19 +0200[diff] [blame]1100 return s.createAppForBranch(appRepo, appName, toBranch, user, network, map[string][]byte{"app.json": branchCfg})
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1101}
1102
gio59946282024-10-07 12:55:51 +0400[diff] [blame]1103func (s *Server) deleteBranch(appName string, branch string) error {
gio5887caa2024-10-03 15:07:23 +0400[diff] [blame]1104 appBranch := fmt.Sprintf("dodo_%s", branch)
1105 hf := installer.NewGitHelmFetcher()
1106 if err := func() error {
1107 repo, err := s.client.GetRepoBranch(appName, appBranch)
1108 if err != nil {
1109 return err
1110 }
1111 m, err := installer.NewAppManager(repo, s.nsc, s.jc, hf, s.vpnKeyGen, s.cnc, "/.dodo")
1112 if err != nil {
1113 return err
1114 }
1115 return m.Remove("app")
1116 }(); err != nil {
1117 return err
1118 }
1119 configRepo, err := s.client.GetRepo(ConfigRepoName)
1120 if err != nil {
1121 return err
1122 }
1123 m, err := installer.NewAppManager(configRepo, s.nsc, s.jc, hf, s.vpnKeyGen, s.cnc, "/")
1124 if err != nil {
1125 return err
1126 }
1127 appPath := fmt.Sprintf("%s/%s", appName, branch)
gio829b1b72024-10-05 21:50:56 +0400[diff] [blame]1128 if err := m.Remove(appPath); err != nil {
gio5887caa2024-10-03 15:07:23 +0400[diff] [blame]1129 return err
1130 }
1131 if err := s.client.DeleteRepoBranch(appName, appBranch); err != nil {
1132 return err
1133 }
1134 if branch != "master" {
gioe44c1512024-10-06 14:13:55 +0400[diff] [blame]1135 if err := s.client.DeleteRepoBranch(appName, branch); err != nil {
1136 return err
1137 }
gio5887caa2024-10-03 15:07:23 +0400[diff] [blame]1138 }
gioe44c1512024-10-06 14:13:55 +0400[diff] [blame]1139 return s.st.DeleteBranch(appName, branch)
gio5887caa2024-10-03 15:07:23 +0400[diff] [blame]1140}
1141
gio59946282024-10-07 12:55:51 +0400[diff] [blame]1142func (s *Server) deleteApp(appName string) error {
gio5887caa2024-10-03 15:07:23 +0400[diff] [blame]1143 configRepo, err := s.client.GetRepo(ConfigRepoName)
1144 if err != nil {
1145 return err
1146 }
1147 branches, err := configRepo.ListDir(fmt.Sprintf("/%s", appName))
1148 if err != nil {
1149 return err
1150 }
1151 for _, b := range branches {
1152 if !b.IsDir() || strings.HasPrefix(b.Name(), "dodo_") {
1153 continue
1154 }
1155 if err := s.deleteBranch(appName, b.Name()); err != nil {
1156 return err
1157 }
1158 }
gioe44c1512024-10-06 14:13:55 +0400[diff] [blame]1159 if err := s.client.DeleteRepo(appName); err != nil {
1160 return err
1161 }
1162 return s.st.DeleteApp(appName)
gio5887caa2024-10-03 15:07:23 +0400[diff] [blame]1163}
1164
gio59946282024-10-07 12:55:51 +0400[diff] [blame]1165func (s *Server) createAppForBranch(
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1166 repo soft.RepoIO,
1167 appName string,
1168 branch string,
1169 user string,
1170 network string,
1171 files map[string][]byte,
1172) error {
1173 commit, err := repo.Do(func(fs soft.RepoFS) (string, error) {
1174 for path, contents := range files {
1175 if err := soft.WriteFile(fs, path, string(contents)); err != nil {
1176 return "", err
1177 }
1178 }
1179 return "init", nil
1180 }, soft.WithCommitToBranch(branch))
1181 if err != nil {
1182 return err
1183 }
1184 networks, err := s.getNetworks(user)
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1185 if err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1186 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1187 }
giof15b9da2024-09-19 06:59:16 +0400[diff] [blame]1188 // TODO(gio): get only available ones by owner
1189 clusters, err := s.getClusters()
1190 if err != nil {
1191 return err
1192 }
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1193 apps := installer.NewInMemoryAppRepository(installer.CreateAllApps())
gio94904702024-07-26 16:58:34 +0400[diff] [blame]1194 instanceApp, err := installer.FindEnvApp(apps, "dodo-app-instance")
1195 if err != nil {
1196 return err
1197 }
1198 instanceAppStatus, err := installer.FindEnvApp(apps, "dodo-app-instance-status")
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1199 if err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1200 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1201 }
1202 suffixGen := installer.NewFixedLengthRandomSuffixGenerator(3)
1203 suffix, err := suffixGen.Generate()
1204 if err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1205 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1206 }
gio94904702024-07-26 16:58:34 +0400[diff] [blame]1207 namespace := fmt.Sprintf("%s%s%s", s.env.NamespacePrefix, instanceApp.Namespace(), suffix)
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1208 s.setAppConfig(appName, branch, appConfig{namespace, network})
giof15b9da2024-09-19 06:59:16 +0400[diff] [blame]1209 resources, err := s.updateDodoApp(instanceAppStatus, appName, branch, namespace, networks, clusters, user)
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1210 if err != nil {
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1211 fmt.Printf("Error: %s\n", err.Error())
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1212 return err
1213 }
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1214 if err = s.createCommit(appName, branch, commit, initCommitMsg, err, resources); err != nil {
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1215 fmt.Printf("Error: %s\n", err.Error())
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1216 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1217 }
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]1218 configRepo, err := s.client.GetRepo(ConfigRepoName)
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1219 if err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1220 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1221 }
1222 hf := installer.NewGitHelmFetcher()
giof6ad2982024-08-23 17:42:49 +0400[diff] [blame]1223 m, err := installer.NewAppManager(configRepo, s.nsc, s.jc, hf, s.vpnKeyGen, s.cnc, "/")
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1224 if err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1225 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1226 }
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1227 appPath := fmt.Sprintf("/%s/%s", appName, branch)
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1228 _, err = configRepo.Do(func(fs soft.RepoFS) (string, error) {
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]1229 w, err := fs.Writer(appConfigsFile)
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]1230 if err != nil {
1231 return "", err
1232 }
1233 defer w.Close()
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]1234 if err := json.NewEncoder(w).Encode(s.appConfigs); err != nil {
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]1235 return "", err
1236 }
1237 if _, err := m.Install(
gio94904702024-07-26 16:58:34 +0400[diff] [blame]1238 instanceApp,
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]1239 appName,
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1240 appPath,
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]1241 namespace,
1242 map[string]any{
1243 "repoAddr": s.client.GetRepoAddress(appName),
1244 "repoHost": strings.Split(s.client.Address(), ":")[0],
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1245 "branch": fmt.Sprintf("dodo_%s", branch),
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]1246 "gitRepoPublicKey": s.gitRepoPublicKey,
1247 },
1248 installer.WithConfig(&s.env),
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]1249 installer.WithNoNetworks(),
gio9d66f322024-07-06 13:45:10 +0400[diff] [blame]1250 installer.WithNoPublish(),
1251 installer.WithNoLock(),
1252 ); err != nil {
1253 return "", err
1254 }
1255 return fmt.Sprintf("Installed app: %s", appName), nil
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1256 })
1257 if err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1258 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1259 }
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1260 return s.initAppACLs(m, appPath, appName, branch, user)
1261}
1262
gio59946282024-10-07 12:55:51 +0400[diff] [blame]1263func (s *Server) initAppACLs(m *installer.AppManager, path, appName, branch, user string) error {
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1264 cfg, err := m.GetInstance(path)
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1265 if err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1266 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1267 }
1268 fluxKeys, ok := cfg.Input["fluxKeys"]
1269 if !ok {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1270 return fmt.Errorf("Fluxcd keys not found")
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1271 }
1272 fluxPublicKey, ok := fluxKeys.(map[string]any)["public"]
1273 if !ok {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1274 return fmt.Errorf("Fluxcd keys not found")
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1275 }
1276 if ok, err := s.client.UserExists("fluxcd"); err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1277 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1278 } else if ok {
1279 if err := s.client.AddPublicKey("fluxcd", fluxPublicKey.(string)); err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1280 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1281 }
1282 } else {
1283 if err := s.client.AddUser("fluxcd", fluxPublicKey.(string)); err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1284 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1285 }
1286 }
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1287 if branch != "master" {
1288 return nil
1289 }
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1290 if err := s.client.AddReadOnlyCollaborator(appName, "fluxcd"); err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1291 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1292 }
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1293 if err := s.client.AddReadWriteCollaborator(appName, user); err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1294 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1295 }
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1296 if err := s.client.AddWebhook(appName, fmt.Sprintf("http://%s/update", s.self), "--active=true", "--events=push", "--content-type=json"); err != nil {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1297 return err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1298 }
gio2ccb6e32024-08-15 12:01:33 +0400[diff] [blame]1299 if !s.external {
1300 go func() {
1301 users, err := s.client.GetAllUsers()
1302 if err != nil {
1303 fmt.Println(err)
1304 return
1305 }
1306 for _, user := range users {
1307 // TODO(gio): fluxcd should have only read access
1308 if err := s.client.AddReadWriteCollaborator(appName, user); err != nil {
1309 fmt.Println(err)
1310 }
1311 }
1312 }()
1313 }
gio43b0f422024-08-21 10:40:13 +0400[diff] [blame]1314 ctx, _ := context.WithTimeout(context.Background(), 2*time.Minute)
1315 go s.reconciler.Reconcile(ctx, s.namespace, "config")
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1316 return nil
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1317}
1318
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]1319type apiAddAdminKeyReq struct {
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1320 User string `json:"user"`
1321 PublicKey string `json:"publicKey"`
gio70be3e52024-06-26 18:27:19 +0400[diff] [blame]1322}
1323
gio59946282024-10-07 12:55:51 +0400[diff] [blame]1324func (s *Server) handleAPIAddPublicKey(w http.ResponseWriter, r *http.Request) {
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]1325 var req apiAddAdminKeyReq
gio70be3e52024-06-26 18:27:19 +0400[diff] [blame]1326 if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
1327 http.Error(w, err.Error(), http.StatusBadRequest)
1328 return
1329 }
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1330 if req.User == "" {
1331 http.Error(w, "invalid user", http.StatusBadRequest)
1332 return
1333 }
1334 if req.PublicKey == "" {
1335 http.Error(w, "invalid public key", http.StatusBadRequest)
1336 return
1337 }
1338 if err := s.client.AddPublicKey(req.User, req.PublicKey); err != nil {
gio70be3e52024-06-26 18:27:19 +0400[diff] [blame]1339 http.Error(w, err.Error(), http.StatusInternalServerError)
1340 return
1341 }
1342}
1343
gio94904702024-07-26 16:58:34 +0400[diff] [blame]1344type dodoAppRendered struct {
1345 App struct {
1346 Ingress struct {
1347 Network string `json:"network"`
1348 Subdomain string `json:"subdomain"`
1349 } `json:"ingress"`
1350 } `json:"app"`
1351 Input struct {
1352 AppId string `json:"appId"`
1353 } `json:"input"`
1354}
1355
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1356// TODO(gio): must not require owner, now we need it to bootstrap dev vm.
gio59946282024-10-07 12:55:51 +0400[diff] [blame]1357func (s *Server) updateDodoApp(
gio43b0f422024-08-21 10:40:13 +0400[diff] [blame]1358 appStatus installer.EnvApp,
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1359 name string,
1360 branch string,
1361 namespace string,
gio43b0f422024-08-21 10:40:13 +0400[diff] [blame]1362 networks []installer.Network,
giof15b9da2024-09-19 06:59:16 +0400[diff] [blame]1363 clusters []installer.Cluster,
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1364 owner string,
gio43b0f422024-08-21 10:40:13 +0400[diff] [blame]1365) (installer.ReleaseResources, error) {
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1366 repo, err := s.client.GetRepoBranch(name, branch)
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]1367 if err != nil {
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1368 return installer.ReleaseResources{}, err
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]1369 }
giof8843412024-05-22 16:38:05 +0400[diff] [blame]1370 hf := installer.NewGitHelmFetcher()
giof6ad2982024-08-23 17:42:49 +0400[diff] [blame]1371 m, err := installer.NewAppManager(repo, s.nsc, s.jc, hf, s.vpnKeyGen, s.cnc, "/.dodo")
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]1372 if err != nil {
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1373 return installer.ReleaseResources{}, err
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]1374 }
gioc81a8472024-09-24 13:06:19 +0200[diff] [blame]1375 appCfg, err := soft.ReadFile(repo, "app.json")
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]1376 if err != nil {
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1377 return installer.ReleaseResources{}, err
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]1378 }
1379 app, err := installer.NewDodoApp(appCfg)
1380 if err != nil {
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1381 return installer.ReleaseResources{}, err
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]1382 }
giof8843412024-05-22 16:38:05 +0400[diff] [blame]1383 lg := installer.GitRepositoryLocalChartGenerator{"app", namespace}
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1384 var ret installer.ReleaseResources
1385 if _, err := repo.Do(func(r soft.RepoFS) (string, error) {
1386 ret, err = m.Install(
gio94904702024-07-26 16:58:34 +0400[diff] [blame]1387 app,
1388 "app",
1389 "/.dodo/app",
1390 namespace,
1391 map[string]any{
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1392 "repoAddr": repo.FullAddress(),
1393 "repoPublicAddr": s.repoPublicAddr,
1394 "managerAddr": fmt.Sprintf("http://%s", s.self),
1395 "appId": name,
1396 "branch": branch,
1397 "sshPrivateKey": s.sshKey,
1398 "username": owner,
gio94904702024-07-26 16:58:34 +0400[diff] [blame]1399 },
1400 installer.WithNoPull(),
1401 installer.WithNoPublish(),
1402 installer.WithConfig(&s.env),
1403 installer.WithNetworks(networks),
giof15b9da2024-09-19 06:59:16 +0400[diff] [blame]1404 installer.WithClusters(clusters),
gio94904702024-07-26 16:58:34 +0400[diff] [blame]1405 installer.WithLocalChartGenerator(lg),
1406 installer.WithNoLock(),
1407 )
1408 if err != nil {
1409 return "", err
1410 }
1411 var rendered dodoAppRendered
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1412 if err := json.NewDecoder(bytes.NewReader(ret.RenderedRaw)).Decode(&rendered); err != nil {
gio94904702024-07-26 16:58:34 +0400[diff] [blame]1413 return "", nil
1414 }
1415 if _, err := m.Install(
1416 appStatus,
1417 "status",
1418 "/.dodo/status",
1419 s.namespace,
1420 map[string]any{
1421 "appName": rendered.Input.AppId,
1422 "network": rendered.App.Ingress.Network,
1423 "appSubdomain": rendered.App.Ingress.Subdomain,
1424 },
1425 installer.WithNoPull(),
1426 installer.WithNoPublish(),
1427 installer.WithConfig(&s.env),
1428 installer.WithNetworks(networks),
giof15b9da2024-09-19 06:59:16 +0400[diff] [blame]1429 installer.WithClusters(clusters),
gio94904702024-07-26 16:58:34 +0400[diff] [blame]1430 installer.WithLocalChartGenerator(lg),
1431 installer.WithNoLock(),
1432 ); err != nil {
1433 return "", err
1434 }
1435 return "install app", nil
1436 },
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1437 soft.WithCommitToBranch(fmt.Sprintf("dodo_%s", branch)),
gio94904702024-07-26 16:58:34 +0400[diff] [blame]1438 soft.WithForce(),
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1439 ); err != nil {
1440 return installer.ReleaseResources{}, err
1441 }
gio43b0f422024-08-21 10:40:13 +0400[diff] [blame]1442 ctx, _ := context.WithTimeout(context.Background(), 2*time.Minute)
1443 go s.reconciler.Reconcile(ctx, namespace, "app")
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1444 return ret, nil
gio0eaf2712024-04-14 13:08:46 +0400[diff] [blame]1445}
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1446
gio59946282024-10-07 12:55:51 +0400[diff] [blame]1447func (s *Server) renderAppConfigTemplate(appType string, network installer.Network, subdomain string) (map[string][]byte, error) {
giob54db242024-07-30 18:49:33 +0400[diff] [blame]1448 appType = strings.Replace(appType, ":", "-", 1)
gio5e49bb62024-07-20 10:43:19 +0400[diff] [blame]1449 appTmpl, err := s.appTmpls.Find(appType)
1450 if err != nil {
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1451 return nil, err
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1452 }
giod99b2bd2024-10-09 18:29:15 +0400[diff] [blame]1453 return appTmpl.Render(fmt.Sprintf("%s/schemas/app.schema.json", s.selfPublic), network, subdomain)
gio33059762024-07-05 13:19:07 +0400[diff] [blame]1454}
gio81246f02024-07-10 12:02:15 +0400[diff] [blame]1455
1456func generatePassword() string {
1457 return "foo"
1458}
giocb34ad22024-07-11 08:01:13 +0400[diff] [blame]1459
gio59946282024-10-07 12:55:51 +0400[diff] [blame]1460func (s *Server) getNetworks(user string) ([]installer.Network, error) {
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]1461 addr := fmt.Sprintf("%s/api/networks", s.envAppManagerAddr)
giocb34ad22024-07-11 08:01:13 +0400[diff] [blame]1462 resp, err := http.Get(addr)
1463 if err != nil {
1464 return nil, err
1465 }
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]1466 networks := []installer.Network{}
1467 if json.NewDecoder(resp.Body).Decode(&networks); err != nil {
giocb34ad22024-07-11 08:01:13 +0400[diff] [blame]1468 return nil, err
1469 }
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1470 return s.nf.Filter(user, networks)
1471}
1472
gio59946282024-10-07 12:55:51 +0400[diff] [blame]1473func (s *Server) getClusters() ([]installer.Cluster, error) {
giof15b9da2024-09-19 06:59:16 +0400[diff] [blame]1474 addr := fmt.Sprintf("%s/api/clusters", s.envAppManagerAddr)
1475 resp, err := http.Get(addr)
1476 if err != nil {
1477 return nil, err
1478 }
1479 clusters := []installer.Cluster{}
1480 if json.NewDecoder(resp.Body).Decode(&clusters); err != nil {
1481 return nil, err
1482 }
1483 fmt.Printf("CLUSTERS %+v\n", clusters)
1484 return clusters, nil
1485}
1486
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]1487type publicNetworkData struct {
1488 Name string `json:"name"`
1489 Domain string `json:"domain"`
1490}
1491
1492type publicData struct {
1493 Networks []publicNetworkData `json:"networks"`
1494 Types []string `json:"types"`
1495}
1496
gio59946282024-10-07 12:55:51 +0400[diff] [blame]1497func (s *Server) handleAPIPublicData(w http.ResponseWriter, r *http.Request) {
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]1498 w.Header().Set("Access-Control-Allow-Origin", "*")
1499 s.l.Lock()
1500 defer s.l.Unlock()
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]1501 networks, err := s.getNetworks("")
1502 if err != nil {
1503 http.Error(w, err.Error(), http.StatusInternalServerError)
1504 return
1505 }
1506 var ret publicData
1507 for _, n := range networks {
giod8ab4f52024-07-26 16:58:34 +0400[diff] [blame]1508 if s.isNetworkUseAllowed(strings.ToLower(n.Name)) {
1509 ret.Networks = append(ret.Networks, publicNetworkData{n.Name, n.Domain})
1510 }
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]1511 }
1512 for _, t := range s.appTmpls.Types() {
giob54db242024-07-30 18:49:33 +0400[diff] [blame]1513 ret.Types = append(ret.Types, strings.Replace(t, "-", ":", 1))
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]1514 }
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]1515 if err := json.NewEncoder(w).Encode(ret); err != nil {
1516 http.Error(w, err.Error(), http.StatusInternalServerError)
1517 return
1518 }
1519}
1520
gio59946282024-10-07 12:55:51 +0400[diff] [blame]1521func (s *Server) createCommit(name, branch, hash, message string, err error, resources installer.ReleaseResources) error {
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1522 if err != nil {
1523 fmt.Printf("Error: %s\n", err.Error())
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1524 if err := s.st.CreateCommit(name, branch, hash, message, "FAILED", err.Error(), nil); err != nil {
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1525 fmt.Printf("Error: %s\n", err.Error())
1526 return err
1527 }
1528 return err
1529 }
1530 var resB bytes.Buffer
1531 if err := json.NewEncoder(&resB).Encode(resources); err != nil {
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1532 if err := s.st.CreateCommit(name, branch, hash, message, "FAILED", err.Error(), nil); err != nil {
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1533 fmt.Printf("Error: %s\n", err.Error())
1534 return err
1535 }
1536 return err
1537 }
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1538 if err := s.st.CreateCommit(name, branch, hash, message, "OK", "", resB.Bytes()); err != nil {
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1539 fmt.Printf("Error: %s\n", err.Error())
1540 return err
1541 }
1542 return nil
1543}
1544
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1545func pickNetwork(networks []installer.Network, network string) []installer.Network {
1546 for _, n := range networks {
1547 if n.Name == network {
1548 return []installer.Network{n}
1549 }
1550 }
1551 return []installer.Network{}
1552}
1553
1554type NetworkFilter interface {
1555 Filter(user string, networks []installer.Network) ([]installer.Network, error)
1556}
1557
1558type noNetworkFilter struct{}
1559
1560func NewNoNetworkFilter() NetworkFilter {
1561 return noNetworkFilter{}
1562}
1563
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]1564func (f noNetworkFilter) Filter(user string, networks []installer.Network) ([]installer.Network, error) {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1565 return networks, nil
1566}
1567
1568type filterByOwner struct {
1569 st Store
1570}
1571
1572func NewNetworkFilterByOwner(st Store) NetworkFilter {
1573 return &filterByOwner{st}
1574}
1575
1576func (f *filterByOwner) Filter(user string, networks []installer.Network) ([]installer.Network, error) {
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]1577 if user == "" {
1578 return networks, nil
1579 }
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1580 network, err := f.st.GetUserNetwork(user)
1581 if err != nil {
1582 return nil, err
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]1583 }
1584 ret := []installer.Network{}
1585 for _, n := range networks {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1586 if n.Name == network {
gio23bdc1b2024-07-11 16:07:47 +0400[diff] [blame]1587 ret = append(ret, n)
1588 }
1589 }
giocb34ad22024-07-11 08:01:13 +0400[diff] [blame]1590 return ret, nil
1591}
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1592
1593type allowListFilter struct {
1594 allowed []string
1595}
1596
1597func NewAllowListFilter(allowed []string) NetworkFilter {
1598 return &allowListFilter{allowed}
1599}
1600
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]1601func (f *allowListFilter) Filter(user string, networks []installer.Network) ([]installer.Network, error) {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1602 ret := []installer.Network{}
1603 for _, n := range networks {
1604 if slices.Contains(f.allowed, n.Name) {
1605 ret = append(ret, n)
1606 }
1607 }
1608 return ret, nil
1609}
1610
1611type combinedNetworkFilter struct {
1612 filters []NetworkFilter
1613}
1614
1615func NewCombinedFilter(filters ...NetworkFilter) NetworkFilter {
1616 return &combinedNetworkFilter{filters}
1617}
1618
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]1619func (f *combinedNetworkFilter) Filter(user string, networks []installer.Network) ([]installer.Network, error) {
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1620 ret := networks
1621 var err error
1622 for _, f := range f.filters {
gio8fae3af2024-07-25 13:43:31 +0400[diff] [blame]1623 ret, err = f.Filter(user, ret)
gio11617ac2024-07-15 16:09:04 +0400[diff] [blame]1624 if err != nil {
1625 return nil, err
1626 }
1627 }
1628 return ret, nil
1629}
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]1630
1631type user struct {
1632 Username string `json:"username"`
1633 Email string `json:"email"`
1634 SSHPublicKeys []string `json:"sshPublicKeys,omitempty"`
1635}
1636
gio59946282024-10-07 12:55:51 +0400[diff] [blame]1637func (s *Server) handleAPISyncUsers(_ http.ResponseWriter, _ *http.Request) {
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]1638 go s.syncUsers()
1639}
1640
gio59946282024-10-07 12:55:51 +0400[diff] [blame]1641func (s *Server) syncUsers() {
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]1642 if s.external {
1643 panic("MUST NOT REACH!")
1644 }
1645 resp, err := http.Get(fmt.Sprintf("%s?selfAddress=%s/api/sync-users", s.fetchUsersAddr, s.self))
1646 if err != nil {
1647 return
1648 }
1649 users := []user{}
1650 if err := json.NewDecoder(resp.Body).Decode(&users); err != nil {
1651 fmt.Println(err)
1652 return
1653 }
Davit Tabidzea5ea5092024-08-01 15:28:09 +0400[diff] [blame]1654 validUsernames := make(map[string]user)
1655 for _, u := range users {
1656 validUsernames[u.Username] = u
1657 }
1658 allClientUsers, err := s.client.GetAllUsers()
1659 if err != nil {
1660 fmt.Println(err)
1661 return
1662 }
1663 keyToUser := make(map[string]string)
1664 for _, clientUser := range allClientUsers {
Davit Tabidze4aaa27b2024-08-05 20:23:50 +0400[diff] [blame]1665 if clientUser == "admin" || clientUser == "fluxcd" {
1666 continue
1667 }
Davit Tabidzea5ea5092024-08-01 15:28:09 +0400[diff] [blame]1668 userData, ok := validUsernames[clientUser]
1669 if !ok {
1670 if err := s.client.RemoveUser(clientUser); err != nil {
1671 fmt.Println(err)
1672 return
1673 }
1674 } else {
1675 existingKeys, err := s.client.GetUserPublicKeys(clientUser)
1676 if err != nil {
1677 fmt.Println(err)
1678 return
1679 }
1680 for _, existingKey := range existingKeys {
Davit Tabidze4aaa27b2024-08-05 20:23:50 +0400[diff] [blame]1681 cleanKey := soft.CleanKey(existingKey)
Davit Tabidzea5ea5092024-08-01 15:28:09 +0400[diff] [blame]1682 keyOk := slices.ContainsFunc(userData.SSHPublicKeys, func(key string) bool {
Davit Tabidze4aaa27b2024-08-05 20:23:50 +0400[diff] [blame]1683 return cleanKey == soft.CleanKey(key)
Davit Tabidzea5ea5092024-08-01 15:28:09 +0400[diff] [blame]1684 })
1685 if !keyOk {
1686 if err := s.client.RemovePublicKey(clientUser, existingKey); err != nil {
1687 fmt.Println(err)
1688 }
1689 } else {
1690 keyToUser[cleanKey] = clientUser
1691 }
1692 }
1693 }
1694 }
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]1695 for _, u := range users {
Davit Tabidze4aaa27b2024-08-05 20:23:50 +0400[diff] [blame]1696 if err := s.st.CreateUser(u.Username, nil, ""); err != nil && !errors.Is(err, ErrorAlreadyExists) {
1697 fmt.Println(err)
1698 return
1699 }
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]1700 if len(u.SSHPublicKeys) == 0 {
1701 continue
1702 }
Davit Tabidzea5ea5092024-08-01 15:28:09 +0400[diff] [blame]1703 ok, err := s.client.UserExists(u.Username)
1704 if err != nil {
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]1705 fmt.Println(err)
1706 return
Davit Tabidzea5ea5092024-08-01 15:28:09 +0400[diff] [blame]1707 }
1708 if !ok {
1709 if err := s.client.AddUser(u.Username, u.SSHPublicKeys[0]); err != nil {
1710 fmt.Println(err)
1711 return
1712 }
1713 } else {
1714 for _, key := range u.SSHPublicKeys {
Davit Tabidze4aaa27b2024-08-05 20:23:50 +0400[diff] [blame]1715 cleanKey := soft.CleanKey(key)
1716 if user, ok := keyToUser[cleanKey]; ok {
1717 if u.Username != user {
1718 panic("MUST NOT REACH! IMPOSSIBLE KEY USER RECORD")
1719 }
1720 continue
Davit Tabidzea5ea5092024-08-01 15:28:09 +0400[diff] [blame]1721 }
Davit Tabidze4aaa27b2024-08-05 20:23:50 +0400[diff] [blame]1722 if err := s.client.AddPublicKey(u.Username, cleanKey); err != nil {
Davit Tabidzea5ea5092024-08-01 15:28:09 +0400[diff] [blame]1723 fmt.Println(err)
1724 return
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]1725 }
1726 }
1727 }
1728 }
1729 repos, err := s.client.GetAllRepos()
1730 if err != nil {
1731 return
1732 }
1733 for _, r := range repos {
1734 if r == ConfigRepoName {
1735 continue
1736 }
1737 for _, u := range users {
1738 if err := s.client.AddReadWriteCollaborator(r, u.Username); err != nil {
1739 fmt.Println(err)
Davit Tabidze4aaa27b2024-08-05 20:23:50 +0400[diff] [blame]1740 continue
giocafd4e62024-07-31 10:53:40 +0400[diff] [blame]1741 }
1742 }
1743 }
1744}
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1745
1746func extractResourceData(resources []installer.Resource) (resourceData, error) {
1747 var ret resourceData
1748 for _, r := range resources {
1749 t, ok := r.Annotations["dodo.cloud/resource-type"]
1750 if !ok {
1751 continue
1752 }
giof078f462024-10-14 09:07:33 +0400[diff] [blame^]1753 internal, ok := r.Annotations["dodo.cloud/internal"]
1754 if ok && strings.ToLower(internal) == "true" {
1755 continue
1756 }
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1757 switch t {
1758 case "volume":
1759 name, ok := r.Annotations["dodo.cloud/resource.volume.name"]
1760 if !ok {
1761 return resourceData{}, fmt.Errorf("no name")
1762 }
1763 size, ok := r.Annotations["dodo.cloud/resource.volume.size"]
1764 if !ok {
1765 return resourceData{}, fmt.Errorf("no size")
1766 }
1767 ret.Volume = append(ret.Volume, volume{name, size})
1768 case "postgresql":
1769 name, ok := r.Annotations["dodo.cloud/resource.postgresql.name"]
1770 if !ok {
1771 return resourceData{}, fmt.Errorf("no name")
1772 }
1773 version, ok := r.Annotations["dodo.cloud/resource.postgresql.version"]
1774 if !ok {
1775 return resourceData{}, fmt.Errorf("no version")
1776 }
1777 volume, ok := r.Annotations["dodo.cloud/resource.postgresql.volume"]
1778 if !ok {
1779 return resourceData{}, fmt.Errorf("no volume")
1780 }
1781 ret.PostgreSQL = append(ret.PostgreSQL, postgresql{name, version, volume})
1782 case "ingress":
giof078f462024-10-14 09:07:33 +0400[diff] [blame^]1783 name, ok := r.Annotations["dodo.cloud/resource.ingress.name"]
1784 if !ok {
1785 return resourceData{}, fmt.Errorf("no name")
1786 }
1787 home, ok := r.Annotations["dodo.cloud/resource.ingress.home"]
1788 if !ok {
1789 home = ""
1790 }
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1791 host, ok := r.Annotations["dodo.cloud/resource.ingress.host"]
1792 if !ok {
1793 return resourceData{}, fmt.Errorf("no host")
1794 }
giof078f462024-10-14 09:07:33 +0400[diff] [blame^]1795 ret.Ingress = append(ret.Ingress, ingress{name, host, home})
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1796 case "virtual-machine":
1797 name, ok := r.Annotations["dodo.cloud/resource.virtual-machine.name"]
1798 if !ok {
1799 return resourceData{}, fmt.Errorf("no name")
1800 }
1801 user, ok := r.Annotations["dodo.cloud/resource.virtual-machine.user"]
1802 if !ok {
1803 return resourceData{}, fmt.Errorf("no user")
1804 }
1805 cpuCoresS, ok := r.Annotations["dodo.cloud/resource.virtual-machine.cpu-cores"]
1806 if !ok {
1807 return resourceData{}, fmt.Errorf("no cpu cores")
1808 }
1809 cpuCores, err := strconv.Atoi(cpuCoresS)
1810 if err != nil {
1811 return resourceData{}, fmt.Errorf("invalid cpu cores: %s", cpuCoresS)
1812 }
1813 memory, ok := r.Annotations["dodo.cloud/resource.virtual-machine.memory"]
1814 if !ok {
1815 return resourceData{}, fmt.Errorf("no memory")
1816 }
1817 ret.VirtualMachine = append(ret.VirtualMachine, vm{name, user, cpuCores, memory})
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1818 default:
1819 fmt.Printf("Unknown resource: %+v\n", r.Annotations)
1820 }
1821 }
giof078f462024-10-14 09:07:33 +0400[diff] [blame^]1822 sort.Slice(ret.Ingress, func(i, j int) bool {
1823 return strings.Compare(ret.Ingress[i].Name, ret.Ingress[j].Name) < 0
1824 })
giob4a3a192024-08-19 09:55:47 +0400[diff] [blame]1825 return ret, nil
1826}
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1827
1828func createDevBranchAppConfig(from []byte, branch, username string) (string, []byte, error) {
gioc81a8472024-09-24 13:06:19 +0200[diff] [blame]1829 cfg, err := installer.ParseCueAppConfig(installer.CueAppData{
1830 "app.cue": from,
1831 })
gio7fbd4ad2024-08-27 10:06:39 +0400[diff] [blame]1832 if err != nil {
1833 return "", nil, err
1834 }
1835 if err := cfg.Err(); err != nil {
1836 return "", nil, err
1837 }
1838 if err := cfg.Validate(); err != nil {
1839 return "", nil, err
1840 }
1841 subdomain := cfg.LookupPath(cue.ParsePath("app.ingress.subdomain"))
1842 if err := subdomain.Err(); err != nil {
1843 return "", nil, err
1844 }
1845 subdomainStr, err := subdomain.String()
1846 network := cfg.LookupPath(cue.ParsePath("app.ingress.network"))
1847 if err := network.Err(); err != nil {
1848 return "", nil, err
1849 }
1850 networkStr, err := network.String()
1851 if err != nil {
1852 return "", nil, err
1853 }
1854 newCfg := map[string]any{}
1855 if err := cfg.Decode(&newCfg); err != nil {
1856 return "", nil, err
1857 }
1858 app, ok := newCfg["app"].(map[string]any)
1859 if !ok {
1860 return "", nil, fmt.Errorf("not a map")
1861 }
1862 app["ingress"].(map[string]any)["subdomain"] = fmt.Sprintf("%s-%s", branch, subdomainStr)
1863 app["dev"] = map[string]any{
1864 "enabled": true,
1865 "username": username,
1866 }
1867 buf, err := json.MarshalIndent(newCfg, "", "\t")
1868 if err != nil {
1869 return "", nil, err
1870 }
1871 return networkStr, buf, nil
1872}