uffizzi-core 0.1.12

data/app/controllers/uffizzi_core/api/cli/v1/projects/deployments_controller.rb

@@ -0,0 +1,179 @@
+# frozen_string_literal: true
+
+# @resource Deployment
+
+class UffizziCore::Api::Cli::V1::Projects::DeploymentsController < UffizziCore::Api::Cli::V1::Projects::ApplicationController
+  before_action :authorize_uffizzi_core_api_cli_v1_projects_deployments
+
+  # Get a list of active deployements for a project
+  #
+  # @path [GET] /api/cli/v1/projects/{project_slug}/deployments
+  #
+  # @parameter project_slug(required,path) [string] The project slug
+  #
+  # @response [Array<Deployment>] 200 OK
+  # @response 401 Not authorized
+  def index
+    respond_with deployments
+  end
+
+  # Get deployment information by id
+  #
+  # @path [GET] /api/cli/v1/projects/{project_slug}/deployments/{id}
+  #
+  # @parameter project_slug(required,path) [string] The project slug
+  #
+  # @response [Deployment] 200 OK
+  # @response [object<errors: object<title: string>>] 404 Not found
+  # @response 401 Not authorized
+  def show
+    respond_with deployment
+  end
+
+  # Create a deployment from a compose file
+  #
+  # @path [POST] /api/cli/v1/projects/{project_slug}/deployments
+  #
+  # @parameter project_slug(required,path) [string] The project slug
+  # @parameter params(required,body)   [object<
+  #    compose_file: object<path: string, source: string, content: string>,
+  #    dependencies: Array<object<path: string, source: string, content: string>>>]
+  #
+  # @response [Deployment] 201 OK
+  # @response [object<errors: object<state: string>>] 422 Unprocessable Entity
+  # @response [object<errors: object<title: string>>] 404 Not found
+  # @response 401 Not authorized
+  def create
+    compose_file, errors = find_or_create_compose_file
+    return render_invalid_file if compose_file.invalid_file?
+    return render_errors(errors) if errors.present?
+
+    errors = check_credentials(compose_file)
+    return render_errors(errors) if errors.present?
+
+    deployment = UffizziCore::DeploymentService.create_from_compose(compose_file, resource_project, current_user)
+
+    respond_with deployment
+  end
+
+  # Update the deployment with new compose file
+  #
+  # @path [PUT] /api/cli/v1/projects/{project_slug}/deployments/{id}"
+  #
+  # @parameter project_slug(required,path) [string] The project slug
+  # @parameter params(required,body)   [object<
+  #    compose_file: object<path: string, source: string, content: string>,
+  #    dependencies: Array<object<path: string, source: string, content: string>>>]
+  #
+  # @response [Deployment] 201 OK
+  # @response [object<errors: object<state: string>>] 422 Unprocessable Entity
+  # @response [object<errors: object<title: string>>] 404 Not found
+  # @response 401 Not authorized
+  def update
+    compose_file, errors = create_temporary_compose_file
+    return render_invalid_file if compose_file.invalid_file?
+    return render_errors(errors) if errors.present?
+
+    errors = check_credentials(compose_file)
+    return render_errors(errors) if errors.present?
+
+    deployment_id = params[:id]
+    deployment = UffizziCore::DeploymentService.update_from_compose(compose_file, resource_project, current_user, deployment_id)
+
+    respond_with deployment
+  end
+
+  # @path [POST] /api/cli/v1/projects/{project_slug}/deployments/{id}/deploy_containers
+  #
+  # @parameter project_slug(required,path) [string] The project slug
+  # @parameter id(required,path) [string] The id of the deployment
+  #
+  # @response 204 No Content
+  # @response [object<errors: object<title: string>>] 404 Not found
+  # @response 401 Not authorized
+  def deploy_containers
+    deployment = resource_project.deployments.active.find(params[:id])
+
+    deployment.update(deployed_by: current_user)
+
+    resource_project.config_files.by_deployment(deployment).each do |config_file|
+      UffizziCore::ConfigFile::ApplyJob.perform_async(deployment.id, config_file.id)
+    end
+
+    UffizziCore::Deployment::DeployContainersJob.perform_async(deployment.id)
+  end
+
+  # Disable deployment by id
+  #
+  # @path [DELETE] /api/cli/v1/projects/{project_slug}/deployments/{id}
+  #
+  # @parameter project_slug(required,path) [string] The project slug
+  #
+  # @response 204 No Content
+  # @response 401 Not authorized
+  def destroy
+    UffizziCore::DeploymentService.disable!(deployment)
+
+    head :no_content
+  end
+
+  private
+
+  def deployment
+    @deployment ||= deployments.find(params[:id])
+  end
+
+  def find_or_create_compose_file
+    existing_compose_file = resource_project.compose_file
+    if compose_file_params.present?
+      create_temporary_compose_file
+    else
+      raise ActiveRecord::RecordNotFound if existing_compose_file.blank?
+
+      errors = []
+      [existing_compose_file, errors]
+    end
+  end
+
+  def create_temporary_compose_file
+    create_params = {
+      project: resource_project,
+      user: current_user,
+      compose_file_params: compose_file_params,
+      dependencies: dependencies_params[:dependencies] || [],
+    }
+
+    kind = UffizziCore::ComposeFile.kind.temporary
+    UffizziCore::ComposeFileService.create(create_params, kind)
+  end
+
+  def check_credentials(compose_file)
+    credentials = resource_project.account.credentials
+    check_credentials_form = UffizziCore::Api::Cli::V1::ComposeFile::CheckCredentialsForm.new
+    check_credentials_form.compose_file = compose_file
+    check_credentials_form.credentials = credentials
+    return check_credentials_form.errors if check_credentials_form.invalid?
+
+    nil
+  end
+
+  def deployments
+    @deployments ||= resource_project.deployments.existed
+  end
+
+  def deployment_params
+    params.required(:deployment)
+  end
+
+  def compose_file_params
+    params[:compose_file]
+  end
+
+  def dependencies_params
+    params.permit(dependencies: [:name, :path, :source, :content])
+  end
+
+  def render_invalid_file
+    render json: { errors: { state: ['Invalid compose file'] } }, status: :unprocessable_entity
+  end
+end

data/app/controllers/uffizzi_core/api/cli/v1/projects/secrets_controller.rb

@@ -0,0 +1,61 @@
+# frozen_string_literal: true
+
+# @resource Project/Secrets
+class UffizziCore::Api::Cli::V1::Projects::SecretsController < UffizziCore::Api::Cli::V1::Projects::ApplicationController
+  before_action :authorize_uffizzi_core_api_cli_v1_projects_secrets
+
+  # Get secrets for the project
+  #
+  # @path [GET] /api/cli/v1/projects/{project_slug}/secrets
+  # @parameter project_slug(required,path) [string]
+  # @response [object<secrets: Array<object<name: string, created_at: date, updated_at: date>>>] 200 OK
+  # @response 401 Not authorized
+  def index
+    respond_with resource_project.secrets, root: :secrets
+  end
+
+  # Add secret to project
+  #
+  # @path [POST] /api/cli/v1/projects/{project_slug}/secrets/bulk_create
+  # @parameter project_slug(required,path) [string]
+  # @parameter secrets(required,body) [object<secrets: Array<object <name: string, value: string>>>]
+  # @response [object<secrets: Array<object<name: string, created_at: date, updated_at: date>>>] 201 Created
+  # @response 422 A compose file already exists for this project
+  # @response 401 Not authorized
+  def bulk_create
+    secrets_form = UffizziCore::Api::Cli::V1::Secret::BulkAssignForm.new
+    secrets_form.secrets = resource_project.secrets
+    secrets_form.assign_secrets(secrets_params)
+    return respond_with secrets_form unless secrets_form.valid?
+
+    resource_project.secrets.replace(secrets_form.secrets)
+
+    UffizziCore::ProjectService.update_compose_secrets(resource_project)
+
+    respond_with resource_project.secrets, root: :secrets
+  end
+
+  # Delete a secret from project by secret name
+  #
+  # @path [DELETE] /api/cli/v1/projects/{project_slug}/secrets/{secret_name}
+  # @parameter project_slug(required,path) [string]
+  # @response [Project] 200 OK
+  # @response 404
+  # @response 401 Not authorized
+  def destroy
+    secret_name = CGI.unescape(params[:id])
+    secret = resource_project.secrets.find_by!(name: secret_name)
+
+    UffizziCore::ProjectService.update_compose_secret_errors(resource_project, secret)
+
+    secret.destroy
+
+    head :no_content
+  end
+
+  private
+
+  def secrets_params
+    params.require(:secrets)
+  end
+end

data/app/controllers/uffizzi_core/api/cli/v1/projects_controller.rb

@@ -0,0 +1,85 @@
+# frozen_string_literal: true
+
+# @resource Project
+
+class UffizziCore::Api::Cli::V1::ProjectsController < UffizziCore::Api::Cli::V1::ApplicationController
+  before_action :authorize_uffizzi_core_api_cli_v1_projects
+
+  # Get projects of current user
+  #
+  # @path [GET] /api/cli/v1/projects
+  #
+  # @response [object<projects: Array<object<slug: string, name: string>> >] 200 OK
+  # @response 401 Not authorized
+  def index
+    projects = current_user.projects.active.order(updated_at: :desc)
+
+    respond_with projects, each_serializer: UffizziCore::Api::Cli::V1::ShortProjectSerializer
+  end
+
+  # Get a project by slug
+  #
+  # @path [GET] /api/cli/v1/projects/{slug}
+  #
+  # @response <object< project: Project>> 200 OK
+  # @response 404 Not Found
+  # @response 401 Not authorized
+  def show
+    project = current_user.projects.find_by!(slug: params[:slug])
+
+    respond_with project
+  end
+
+  # Create a project
+  #
+  # @path [POST] /api/cli/v1/projects
+  # @parameter params(required,body) [object<name: string, slug: string, description: string>]
+  #
+  # @response <object< project: Project>> 200 OK
+  # @response 404 Not Found
+  # @response 401 Not authorized
+  # @response [object<errors: object<password: string >>] 422 Unprocessable entity
+
+  def create
+    project_form = UffizziCore::Api::Cli::V1::Project::CreateForm.new(project_params)
+    project_form.account = current_user.organizational_account
+
+    if project_form.save
+      current_membership = current_user.memberships.find_by(account: current_user.organizational_account)
+      user_projects = []
+
+      if current_membership.developer?
+        user_projects << { project: project_form, user: current_user, role: UffizziCore::UserProject.role.developer }
+      end
+
+      current_user.organizational_account.memberships.where(role: UffizziCore::Membership.role.admin).map do |membership|
+        user_projects << { project: project_form, user: membership.user, role: UffizziCore::UserProject.role.admin }
+      end
+
+      UffizziCore::UserProject.create!(user_projects)
+    end
+
+    respond_with project_form
+  end
+
+  # Delete a project
+  #
+  # @path [DELETE] /api/cli/v1/projects/{slug}
+  #
+  # @response 204 No content
+  # @response 404 Not Found
+  # @response 401 Not authorized
+
+  def destroy
+    project = current_user.organizational_account.active_projects.find_by!(slug: params[:slug])
+    project.disable!
+
+    head :no_content
+  end
+
+  private
+
+  def project_params
+    params.require(:project)
+  end
+end

data/app/controllers/uffizzi_core/api/cli/v1/sessions_controller.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+# @resource Uffizzi
+
+class UffizziCore::Api::Cli::V1::SessionsController < UffizziCore::Api::Cli::V1::ApplicationController
+  skip_before_action :authenticate_request!, only: [:create]
+
+  # Create session
+  #
+  # @path [POST] /api/cli/v1/session
+  #
+  # @parameter user(required,body)   [object<email: string, password: string >]
+  # @response [object<user: object<accounts: Array<object<id: integer, state: string>> >>] 201 Created successfully
+  # @response [object<errors: object<password: string >>] 422 Unprocessable entity
+  def create
+    session_form = UffizziCore::Api::Cli::V1::SessionCreateForm.new(session_params)
+
+    if session_form.valid?
+      sign_in(session_form.user)
+
+      return respond_with session_form.user
+    end
+
+    respond_with session_form
+  end
+
+  # Destroy session
+  #
+  # @path [DELETE] /api/cli/v1/session
+  #
+  # @response 204 No Content
+  def destroy
+    sign_out
+
+    head :no_content
+  end
+
+  private
+
+  def session_params
+    params.require(:user).permit(:email, :password)
+  end
+end

data/app/controllers/uffizzi_core/application_controller.rb

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+
+class UffizziCore::ApplicationController < ActionController::Base
+  include Pundit
+  include UffizziCore::ResponseService
+  include UffizziCore::AuthManagement
+  include UffizziCore::AuthorizationConcern
+  include UffizziCore::DependencyInjectionConcern
+
+  DEFAULT_PAGE = 1
+  DEFAULT_PER_PAGE = 20
+
+  protect_from_forgery with: :exception
+  rescue_from ActiveRecord::RecordNotFound, with: :render_not_found
+  RESCUABLE_EXCEPTIONS = [RuntimeError, TypeError, NameError, ArgumentError, SyntaxError].freeze
+  rescue_from *RESCUABLE_EXCEPTIONS do |exception|
+    render_server_error(exception)
+  end
+
+  before_action :authenticate_request!
+  skip_before_action :verify_authenticity_token
+  respond_to :json
+
+  def policy_context
+    UffizziCore::BaseContext.new(current_user, user_access_module, params)
+  end
+
+  def self.responder
+    UffizziCore::JsonResponder
+  end
+
+  def render_not_found
+    render json: { errors: { title: ['Resource Not Found'] } }, status: :not_found
+  end
+
+  def render_server_error(error)
+    render json: { errors: { title: [error] } }, status: :internal_server_error
+  end
+
+  def render_errors(errors)
+    json = { errors: errors }
+
+    render json: json, status: :unprocessable_entity
+  end
+
+  def q_param
+    params[:q] || ActionController::Parameters.new
+  end
+
+  def page
+    params[:page] || DEFAULT_PAGE
+  end
+
+  def per_page
+    params[:per_page] || DEFAULT_PER_PAGE
+  end
+end

data/app/errors/uffizzi_core/compose_file/build_error.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+class UffizziCore::ComposeFile::BuildError < StandardError
+end

data/app/errors/uffizzi_core/compose_file/credential_error.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+class UffizziCore::ComposeFile::CredentialError < StandardError
+end

data/app/errors/uffizzi_core/compose_file/parse_error.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+class UffizziCore::ComposeFile::ParseError < StandardError
+end

data/app/errors/uffizzi_core/compose_file/secrets_error.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+class UffizziCore::ComposeFile::SecretsError < StandardError
+end

data/app/errors/uffizzi_core/deployment/image_pull_error.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+class UffizziCore::Deployment::ImagePullError < StandardError
+  attr_reader :deployment_id
+
+  def initialize(deployment_id)
+    super
+    @deployment_id = deployment_id
+  end
+end

data/app/errors/uffizzi_core/deployment_not_found_error.rb

@@ -0,0 +1,10 @@
+# frozen_string_literal: true
+
+class UffizziCore::DeploymentNotFoundError < StandardError
+  attr_reader :deployment_id
+
+  def initialize(deployment_id)
+    super
+    @deployment_id = deployment_id
+  end
+end

data/app/forms/uffizzi_core/api/cli/v1/account/credential/check_credential_form.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::Account::Credential::CheckCredentialForm
+  include UffizziCore::ApplicationFormWithoutActiveRecord
+
+  attribute :type
+  attribute :account
+
+  validate :credential_exists?
+
+  private
+
+  def credential_exists?
+    errors.add(:type, 'Credential of that type already exist.') if account.credentials.by_type(type).exists?
+  end
+end

data/app/forms/uffizzi_core/api/cli/v1/account/credential/create_form.rb

@@ -0,0 +1,26 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::Account::Credential::CreateForm < UffizziCore::Credential
+  include UffizziCore::ApplicationForm
+
+  permit :type, :registry_url, :username, :password
+
+  validates :password, presence: { message: :password_blank }
+  validate :check_registry_url, if: -> { errors[:password].empty? }
+  validate :check_credential_correctness, if: -> { errors[:password].empty? }
+  validate :credential_exists?, if: -> { errors[:password].empty? }
+
+  private
+
+  def check_registry_url
+    errors.add(:registry_url, :invalid_scheme) if URI.parse(registry_url).scheme.nil?
+  end
+
+  def check_credential_correctness
+    errors.add(:username, :incorrect) unless UffizziCore::CredentialService.correct_credentials?(self)
+  end
+
+  def credential_exists?
+    errors.add(:type, :exist) if account.credentials.by_type(type).exists?
+  end
+end

data/app/forms/uffizzi_core/api/cli/v1/compose_file/check_credentials_form.rb

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::ComposeFile::CheckCredentialsForm
+  include UffizziCore::ApplicationFormWithoutActiveRecord
+
+  attribute :compose_file
+  attribute :credentials
+
+  validate :check_containers_credentials
+
+  private
+
+  def check_containers_credentials
+    compose_content = Base64.decode64(compose_file.content)
+    compose_data = UffizziCore::ComposeFileService.parse(compose_content)
+
+    UffizziCore::ComposeFileService.containers_credentials(compose_data, credentials)
+  rescue UffizziCore::ComposeFile::CredentialError => e
+    errors.add(:credentials, e.message)
+  end
+end

data/app/forms/uffizzi_core/api/cli/v1/compose_file/cli_form.rb

@@ -0,0 +1,22 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::ComposeFile::CliForm
+  include UffizziCore::ApplicationFormWithoutActiveRecord
+
+  attribute :compose_content_data, Hash
+  attribute :compose_data, Hash
+  attribute :compose_dependencies, Array
+  attribute :compose_repositories, Array
+  attribute :content, String
+
+  validates :content, presence: true
+
+  validate :check_compose_parsed_data, if: -> { errors[:content].empty? }
+
+  def check_compose_parsed_data
+    compose_content = Base64.decode64(content)
+    self.compose_data = UffizziCore::ComposeFileService.parse(compose_content)
+  rescue UffizziCore::ComposeFile::ParseError => e
+    errors.add(:content, e.message)
+  end
+end

data/app/forms/uffizzi_core/api/cli/v1/compose_file/create_form.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::ComposeFile::CreateForm < UffizziCore::ComposeFile
+  include UffizziCore::ApplicationForm
+
+  permit :source, :path, :content
+
+  validates :source, presence: true
+  validates :source, uniqueness: { scope: :project_id, message: 'A compose file with the same source already exists for this project' },
+                     if: -> { kind.main? }
+  validates :path, presence: true
+  validates :content, presence: true
+end

data/app/forms/uffizzi_core/api/cli/v1/compose_file/template_form.rb

@@ -0,0 +1,44 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::ComposeFile::TemplateForm
+  include UffizziCore::ApplicationFormWithoutActiveRecord
+
+  SECRETS_ERROR_KEY = 'secret_variables'
+  TEMPLATE_BUILD_ERROR_KEY = 'template_build_error'
+
+  attribute :credentials
+  attribute :project, UffizziCore::Project
+  attribute :user, UffizziCore::User
+  attribute :compose_data, Hash
+  attribute :source, String
+  attribute :template_attributes, Hash
+  attribute :template_build_error, String
+  attribute :compose_dependencies, Array
+  attribute :compose_repositories, Array
+
+  validate :check_template_attributes
+
+  def assign_template_attributes!
+    self.template_attributes = UffizziCore::ComposeFileService.build_template_attributes(
+      compose_data,
+      source,
+      credentials,
+      project,
+      compose_dependencies,
+      compose_repositories,
+    )
+  rescue StandardError => e
+    self.template_build_error = e
+  end
+
+  private
+
+  def check_template_attributes
+    case template_build_error
+    when UffizziCore::ComposeFile::SecretsError
+      errors.add(SECRETS_ERROR_KEY, template_build_error.message)
+    when UffizziCore::ComposeFile::BuildError
+      errors.add(TEMPLATE_BUILD_ERROR_KEY, template_build_error.message)
+    end
+  end
+end

data/app/forms/uffizzi_core/api/cli/v1/compose_file/update_form.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::ComposeFile::UpdateForm < UffizziCore::ComposeFile
+  include UffizziCore::ApplicationForm
+
+  permit :content, :source, :path
+
+  validates :content, presence: true
+end

data/app/forms/uffizzi_core/api/cli/v1/config_file/create_form.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::ConfigFile::CreateForm < UffizziCore::ConfigFile
+  include UffizziCore::ApplicationForm
+
+  permit :filename, :kind, :payload
+
+  validates :filename, presence: true
+  validates :kind, presence: true
+  validates :payload, presence: true
+end