uffizzi_core 0.1.3 → 0.1.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/app/clients/uffizzi_core/docker_hub_client.rb +2 -0
- data/app/clients/uffizzi_core/github_container_registry_client/request_result.rb +7 -0
- data/app/clients/uffizzi_core/github_container_registry_client.rb +52 -0
- data/app/controllers/concerns/uffizzi_core/dependency_injection_concern.rb +2 -2
- data/app/controllers/uffizzi_core/api/cli/v1/account/credentials_controller.rb +45 -9
- data/app/controllers/uffizzi_core/api/cli/v1/projects/compose_files_controller.rb +2 -2
- data/app/controllers/uffizzi_core/api/cli/v1/projects/deployments/application_controller.rb +1 -1
- data/app/controllers/uffizzi_core/api/cli/v1/projects/deployments_controller.rb +41 -10
- data/app/controllers/uffizzi_core/api/cli/v1/projects/secrets_controller.rb +18 -26
- data/app/controllers/uffizzi_core/application_controller.rb +9 -3
- data/app/errors/uffizzi_core/deployment/image_pull_error.rb +10 -0
- data/app/forms/uffizzi_core/api/cli/v1/account/credential/check_credential_form.rb +16 -0
- data/app/forms/uffizzi_core/api/cli/v1/account/credential/create_form.rb +1 -1
- data/app/forms/uffizzi_core/api/cli/v1/compose_file/check_credentials_form.rb +2 -2
- data/app/forms/uffizzi_core/api/cli/v1/compose_file/cli_form.rb +1 -18
- data/app/forms/uffizzi_core/api/cli/v1/compose_file/template_form.rb +1 -1
- data/app/forms/uffizzi_core/api/cli/v1/deployment/update_form.rb +90 -0
- data/app/forms/uffizzi_core/api/cli/v1/project/update_form.rb +1 -31
- data/app/forms/uffizzi_core/api/cli/v1/secret/bulk_assign_form.rb +39 -0
- data/app/jobs/uffizzi_core/deployment/manage_deploy_activity_item_job.rb +22 -3
- data/app/lib/uffizzi_core/rbac/user_access_service.rb +12 -14
- data/app/models/uffizzi_core/account.rb +1 -19
- data/app/models/uffizzi_core/activity_item.rb +1 -6
- data/app/models/uffizzi_core/build.rb +1 -1
- data/app/models/uffizzi_core/comment.rb +1 -1
- data/app/models/uffizzi_core/compose_file.rb +1 -1
- data/app/models/uffizzi_core/config_file.rb +1 -1
- data/app/models/uffizzi_core/container.rb +1 -1
- data/app/models/uffizzi_core/container_config_file.rb +1 -1
- data/app/models/uffizzi_core/coupon.rb +1 -1
- data/app/models/uffizzi_core/credential/github_container_registry.rb +4 -0
- data/app/models/uffizzi_core/credential.rb +3 -6
- data/app/models/uffizzi_core/deployment.rb +11 -2
- data/app/models/uffizzi_core/event.rb +1 -1
- data/app/models/uffizzi_core/invitation.rb +1 -1
- data/app/models/uffizzi_core/membership.rb +1 -1
- data/app/models/uffizzi_core/payment.rb +1 -1
- data/app/models/uffizzi_core/price.rb +1 -1
- data/app/models/uffizzi_core/product.rb +1 -1
- data/app/models/uffizzi_core/project.rb +5 -11
- data/app/models/uffizzi_core/rating.rb +1 -1
- data/app/models/uffizzi_core/repo/github_container_registry.rb +4 -0
- data/app/models/uffizzi_core/repo.rb +1 -11
- data/app/models/uffizzi_core/role.rb +2 -2
- data/app/models/uffizzi_core/secret.rb +9 -0
- data/app/models/uffizzi_core/template.rb +1 -1
- data/app/models/uffizzi_core/user.rb +1 -1
- data/app/models/uffizzi_core/user_project.rb +1 -1
- data/app/policies/uffizzi_core/api/cli/v1/account/credentials_policy.rb +8 -0
- data/app/policies/uffizzi_core/api/cli/v1/projects/deployments_policy.rb +4 -0
- data/app/repositories/uffizzi_core/credential_repo.rb +17 -22
- data/app/repositories/uffizzi_core/deployment_repo.rb +1 -0
- data/app/serializers/uffizzi_core/api/cli/v1/projects/deployment_serializer/container_serializer.rb +8 -0
- data/app/serializers/uffizzi_core/api/cli/v1/projects/secret_serializer.rb +5 -0
- data/app/serializers/uffizzi_core/controller/apply_config_file/config_file_serializer.rb +5 -0
- data/app/serializers/uffizzi_core/controller/create_credential/credential_serializer.rb +7 -3
- data/app/serializers/uffizzi_core/controller/deploy_containers/container_serializer/container_config_file_serializer/config_file_serializer.rb +8 -0
- data/app/serializers/uffizzi_core/controller/deploy_containers/container_serializer/container_config_file_serializer.rb +7 -0
- data/app/serializers/uffizzi_core/controller/deploy_containers/container_serializer.rb +4 -3
- data/app/services/uffizzi_core/activity_item_service.rb +16 -26
- data/app/services/uffizzi_core/compose_file/builders/container_builder_service.rb +11 -18
- data/app/services/uffizzi_core/compose_file/container_service.rb +13 -9
- data/app/services/uffizzi_core/compose_file/dependencies_service.rb +1 -0
- data/app/services/uffizzi_core/compose_file/services_options_service.rb +2 -2
- data/app/services/uffizzi_core/compose_file_service.rb +148 -0
- data/app/services/uffizzi_core/container_service.rb +1 -16
- data/app/services/uffizzi_core/controller_service.rb +7 -1
- data/app/services/uffizzi_core/credential_service.rb +2 -2
- data/app/services/uffizzi_core/deployment_service.rb +28 -7
- data/app/services/uffizzi_core/github_container_registry/credential_service.rb +24 -0
- data/app/services/uffizzi_core/manage_activity_items_service.rb +4 -19
- data/app/services/uffizzi_core/repo_service.rb +2 -137
- data/app/services/uffizzi_core/user_generator_service.rb +78 -0
- data/config/locales/en.activerecord.yml +5 -0
- data/config/locales/en.yml +4 -1
- data/config/routes.rb +6 -2
- data/db/migrate/20220309110201_remove_secrets_from_projects.rb +7 -0
- data/db/migrate/20220310110150_create_project_secrets.rb +14 -0
- data/db/migrate/20220329123323_rename_project_secrets_to_secrets.rb +7 -0
- data/db/migrate/20220329124542_add_resource_to_secrets.rb +7 -0
- data/db/migrate/20220329143241_remove_project_ref_from_secrets.rb +7 -0
- data/lib/tasks/uffizzi_core_tasks.rake +5 -0
- data/lib/uffizzi_core/engine.rb +35 -0
- data/lib/uffizzi_core/version.rb +1 -1
- data/lib/uffizzi_core.rb +1 -30
- data/swagger/v1/swagger.json +220 -11
- metadata +40 -21
- data/app/clients/uffizzi_core/github/app_client.rb +0 -19
- data/app/clients/uffizzi_core/github/installation_client.rb +0 -11
- data/app/clients/uffizzi_core/github/user_client.rb +0 -51
- data/app/errors/uffizzi_core/compose_file/not_found_error.rb +0 -4
- data/app/forms/uffizzi_core/api/cli/v1/project/delete_secret_form.rb +0 -27
- data/app/jobs/uffizzi_core/deployment/send_github_preview_message_job.rb +0 -13
- data/app/services/uffizzi_core/cli/compose_file_service.rb +0 -203
- data/app/services/uffizzi_core/compose_file/builders/github_repo_builder_service.rb +0 -59
- data/app/services/uffizzi_core/compose_file/services_options/build_service.rb +0 -93
- data/app/services/uffizzi_core/compose_file/update_service.rb +0 -29
- data/app/services/uffizzi_core/github/app_service.rb +0 -51
- data/app/services/uffizzi_core/github/credential_service.rb +0 -124
- data/app/services/uffizzi_core/github/message_service.rb +0 -20
- data/app/services/uffizzi_core/github_service.rb +0 -28
- data/app/services/uffizzi_core/user_access_service.rb +0 -14
@@ -1,10 +1,29 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
class UffizziCore::Deployment::ManageDeployActivityItemJob < UffizziCore::ApplicationJob
|
4
|
-
sidekiq_options queue: :deployments, retry:
|
4
|
+
sidekiq_options queue: :deployments, retry: 3
|
5
5
|
|
6
|
-
|
7
|
-
|
6
|
+
sidekiq_retry_in do |count, exception|
|
7
|
+
case exception
|
8
|
+
when UffizziCore::Deployment::ImagePullError
|
9
|
+
Rails.logger.info("DEPLOYMENT_PROCESS ManageDeployActivityItemJob retry deployment_id=#{exception.deployment_id} count=#{count}")
|
10
|
+
15.seconds
|
11
|
+
end
|
12
|
+
end
|
13
|
+
|
14
|
+
sidekiq_retries_exhausted do |msg, exception|
|
15
|
+
case exception
|
16
|
+
when UffizziCore::Deployment::ImagePullError
|
17
|
+
Rails.logger.info("DEPLOYMENT_PROCESS ManageDeployActivityItemJob exhausted #{msg.inspect} #{exception.inspect}")
|
18
|
+
|
19
|
+
activity_item_id = msg['args'].first
|
20
|
+
activity_item = UffizziCore::ActivityItem.find(activity_item_id)
|
21
|
+
UffizziCore::ActivityItemService.fail_deployment!(activity_item)
|
22
|
+
end
|
23
|
+
end
|
24
|
+
|
25
|
+
def perform(activity_item_id)
|
26
|
+
activity_item = UffizziCore::ActivityItem.find(activity_item_id)
|
8
27
|
container = activity_item.container
|
9
28
|
|
10
29
|
if container.disabled?
|
@@ -1,21 +1,19 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
end
|
3
|
+
class UffizziCore::Rbac::UserAccessService
|
4
|
+
def admin_access_to_account?(_user, _account)
|
5
|
+
true
|
6
|
+
end
|
8
7
|
|
9
|
-
|
10
|
-
|
11
|
-
|
8
|
+
def any_access_to_account?(_user, _account)
|
9
|
+
true
|
10
|
+
end
|
12
11
|
|
13
|
-
|
14
|
-
|
15
|
-
|
12
|
+
def admin_or_developer_access_to_project?(_user, _project)
|
13
|
+
true
|
14
|
+
end
|
16
15
|
|
17
|
-
|
18
|
-
|
19
|
-
end
|
16
|
+
def any_access_to_project?(_user, _project)
|
17
|
+
true
|
20
18
|
end
|
21
19
|
end
|
@@ -5,7 +5,7 @@ class UffizziCore::Account < UffizziCore::ApplicationRecord
|
|
5
5
|
include UffizziCore::StateMachineConcern
|
6
6
|
extend Enumerize
|
7
7
|
|
8
|
-
self.table_name =
|
8
|
+
self.table_name = Rails.application.config.uffizzi_core[:table_names][:accounts]
|
9
9
|
|
10
10
|
enumerize :kind, in: [:personal, :organizational], scope: true, predicates: true
|
11
11
|
validates :kind, presence: true
|
@@ -68,32 +68,14 @@ class UffizziCore::Account < UffizziCore::ApplicationRecord
|
|
68
68
|
update(payment_issue_at: DateTime.current)
|
69
69
|
end
|
70
70
|
|
71
|
-
def can_create_new_resources?
|
72
|
-
return active? if Settings.features.stripe_enabled
|
73
|
-
|
74
|
-
true
|
75
|
-
end
|
76
|
-
|
77
71
|
def active_projects
|
78
72
|
projects.active
|
79
73
|
end
|
80
74
|
|
81
|
-
def disable_paid_deployments
|
82
|
-
deployments.active.where('kind != ?', UffizziCore::Deployment.kind.free).each(&:disable!)
|
83
|
-
end
|
84
|
-
|
85
75
|
def disable_projects
|
86
76
|
active_projects.each(&:disable_deployments)
|
87
77
|
end
|
88
78
|
|
89
|
-
def any_paid_projects?
|
90
|
-
projects.any?(&:any_paid_deployments?)
|
91
|
-
end
|
92
|
-
|
93
|
-
def cards
|
94
|
-
StripeService.cards(self)
|
95
|
-
end
|
96
|
-
|
97
79
|
# This method is deprecated. Don't use it.
|
98
80
|
def user
|
99
81
|
users.find_by(memberships: { role: UffizziCore::Membership.role.admin })
|
@@ -21,7 +21,7 @@
|
|
21
21
|
class UffizziCore::ActivityItem < UffizziCore::ApplicationRecord
|
22
22
|
include UffizziCore::ActivityItemRepo
|
23
23
|
|
24
|
-
self.table_name =
|
24
|
+
self.table_name = Rails.application.config.uffizzi_core[:table_names][:activity_items]
|
25
25
|
|
26
26
|
belongs_to :deployment
|
27
27
|
belongs_to :container
|
@@ -37,10 +37,6 @@ class UffizziCore::ActivityItem < UffizziCore::ApplicationRecord
|
|
37
37
|
where(type: UffizziCore::ActivityItem::Github.name)
|
38
38
|
}
|
39
39
|
|
40
|
-
def github?
|
41
|
-
type == UffizziCore::ActivityItem::Github.name
|
42
|
-
end
|
43
|
-
|
44
40
|
def docker?
|
45
41
|
type == UffizziCore::ActivityItem::Docker.name
|
46
42
|
end
|
@@ -50,7 +46,6 @@ class UffizziCore::ActivityItem < UffizziCore::ApplicationRecord
|
|
50
46
|
end
|
51
47
|
|
52
48
|
def full_image
|
53
|
-
return "#{image}:#{branch}" if github?
|
54
49
|
return "#{image}:#{tag}" if docker?
|
55
50
|
|
56
51
|
''
|
@@ -3,7 +3,7 @@
|
|
3
3
|
class UffizziCore::Comment < UffizziCore::ApplicationRecord
|
4
4
|
include UffizziCore::CommentRepo
|
5
5
|
|
6
|
-
self.table_name =
|
6
|
+
self.table_name = Rails.application.config.uffizzi_core[:table_names][:comments]
|
7
7
|
|
8
8
|
has_ancestry(cache_depth: true)
|
9
9
|
MAX_DEPTH_LEVEL = 1
|
@@ -14,7 +14,7 @@ class UffizziCore::ComposeFile < UffizziCore::ApplicationRecord
|
|
14
14
|
include AASM
|
15
15
|
extend Enumerize
|
16
16
|
|
17
|
-
self.table_name =
|
17
|
+
self.table_name = Rails.application.config.uffizzi_core[:table_names][:compose_files]
|
18
18
|
|
19
19
|
belongs_to :project
|
20
20
|
belongs_to :added_by, class_name: UffizziCore::User.name, foreign_key: :added_by_id, optional: true
|
@@ -11,7 +11,7 @@ class UffizziCore::ConfigFile < UffizziCore::ApplicationRecord
|
|
11
11
|
include UffizziCore::ConfigFileRepo
|
12
12
|
extend Enumerize
|
13
13
|
|
14
|
-
self.table_name =
|
14
|
+
self.table_name = Rails.application.config.uffizzi_core[:table_names][:config_files]
|
15
15
|
|
16
16
|
belongs_to :project
|
17
17
|
belongs_to :added_by, class_name: UffizziCore::User.name, foreign_key: :added_by_id, optional: true
|
@@ -17,7 +17,7 @@ class UffizziCore::Container < UffizziCore::ApplicationRecord
|
|
17
17
|
include UffizziCore::StateMachineConcern
|
18
18
|
extend Enumerize
|
19
19
|
|
20
|
-
self.table_name =
|
20
|
+
self.table_name = Rails.application.config.uffizzi_core[:table_names][:containers]
|
21
21
|
|
22
22
|
enumerize :kind, in: [:internal, :user], predicates: true
|
23
23
|
|
@@ -1,7 +1,7 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
class UffizziCore::ContainerConfigFile < UffizziCore::ApplicationRecord
|
4
|
-
self.table_name =
|
4
|
+
self.table_name = Rails.application.config.uffizzi_core[:table_names][:container_config_files]
|
5
5
|
|
6
6
|
belongs_to :container
|
7
7
|
belongs_to :config_file
|
@@ -4,7 +4,7 @@ class UffizziCore::Credential < UffizziCore::ApplicationRecord
|
|
4
4
|
include AASM
|
5
5
|
include UffizziCore::CredentialRepo
|
6
6
|
|
7
|
-
self.table_name =
|
7
|
+
self.table_name = Rails.application.config.uffizzi_core[:table_names][:credentials]
|
8
8
|
|
9
9
|
belongs_to :account
|
10
10
|
|
@@ -26,8 +26,8 @@ class UffizziCore::Credential < UffizziCore::ApplicationRecord
|
|
26
26
|
end
|
27
27
|
end
|
28
28
|
|
29
|
-
def
|
30
|
-
type == UffizziCore::Credential::
|
29
|
+
def github_container_registry?
|
30
|
+
type == UffizziCore::Credential::GithubContainerRegistry.name
|
31
31
|
end
|
32
32
|
|
33
33
|
def docker_hub?
|
@@ -54,11 +54,8 @@ class UffizziCore::Credential < UffizziCore::ApplicationRecord
|
|
54
54
|
containers = deployment.containers
|
55
55
|
attributes = { continuously_deploy: UffizziCore::Container::STATE_DISABLED }
|
56
56
|
|
57
|
-
containers.with_github_repo.update_all(attributes) if github?
|
58
57
|
containers.with_docker_hub_repo.update_all(attributes) if docker_hub?
|
59
58
|
end
|
60
59
|
end
|
61
|
-
|
62
|
-
UffizziCore::Credential::RemoveInstallationJob.perform_async(provider_ref) if github?
|
63
60
|
end
|
64
61
|
end
|
@@ -25,7 +25,7 @@ class UffizziCore::Deployment < UffizziCore::ApplicationRecord
|
|
25
25
|
include UffizziCore::DeploymentRepo
|
26
26
|
extend Enumerize
|
27
27
|
|
28
|
-
self.table_name =
|
28
|
+
self.table_name = Rails.application.config.uffizzi_core[:table_names][:deployments]
|
29
29
|
|
30
30
|
enumerize :kind, in: [:standard, :performance, :enterprise, :free], predicates: true, default: :standard
|
31
31
|
|
@@ -55,14 +55,19 @@ class UffizziCore::Deployment < UffizziCore::ApplicationRecord
|
|
55
55
|
|
56
56
|
aasm(:state) do
|
57
57
|
state :active, initial: true
|
58
|
+
state :failed
|
58
59
|
state :disabled
|
59
60
|
|
60
61
|
event :activate do
|
61
62
|
transitions from: [:disabled], to: :active
|
62
63
|
end
|
63
64
|
|
65
|
+
event :fail, after: :after_fail do
|
66
|
+
transitions from: [:active], to: :failed
|
67
|
+
end
|
68
|
+
|
64
69
|
event :disable, after: :after_disable do
|
65
|
-
transitions from: [:active], to: :disabled
|
70
|
+
transitions from: [:active, :failed], to: :disabled
|
66
71
|
end
|
67
72
|
end
|
68
73
|
|
@@ -70,6 +75,10 @@ class UffizziCore::Deployment < UffizziCore::ApplicationRecord
|
|
70
75
|
clean
|
71
76
|
end
|
72
77
|
|
78
|
+
def after_fail
|
79
|
+
active_containers.each(&:disable!)
|
80
|
+
end
|
81
|
+
|
73
82
|
def clean
|
74
83
|
active_containers.each(&:disable!)
|
75
84
|
UffizziCore::Deployment::DeleteJob.perform_async(id)
|
@@ -4,7 +4,7 @@ class UffizziCore::Event < UffizziCore::ApplicationRecord
|
|
4
4
|
include UffizziCore::EventRepo
|
5
5
|
extend Enumerize
|
6
6
|
|
7
|
-
self.table_name =
|
7
|
+
self.table_name = Rails.application.config.uffizzi_core[:table_names][:events]
|
8
8
|
|
9
9
|
enumerize :state, in: [:queued, :successful, :deployed, :failed, :building, :timeout, :cancelled, :deploying], predicates: true,
|
10
10
|
scope: true
|
@@ -5,7 +5,7 @@ class UffizziCore::Invitation < UffizziCore::ApplicationRecord
|
|
5
5
|
include UffizziCore::StateMachineConcern
|
6
6
|
extend Enumerize
|
7
7
|
|
8
|
-
self.table_name =
|
8
|
+
self.table_name = Rails.application.config.uffizzi_core[:table_names][:invitations]
|
9
9
|
|
10
10
|
enumerize :role, in: [:admin, :developer, :viewer], predicates: true
|
11
11
|
|
@@ -4,7 +4,7 @@ class UffizziCore::Membership < UffizziCore::ApplicationRecord
|
|
4
4
|
include UffizziCore::MembershipRepo
|
5
5
|
extend Enumerize
|
6
6
|
|
7
|
-
self.table_name =
|
7
|
+
self.table_name = Rails.application.config.uffizzi_core[:table_names][:memberships]
|
8
8
|
|
9
9
|
enumerize :role, in: [:admin, :developer, :viewer], predicates: true
|
10
10
|
validates :role, presence: true
|
@@ -3,7 +3,7 @@
|
|
3
3
|
class UffizziCore::Product < UffizziCore::ApplicationRecord
|
4
4
|
include UffizziCore::ProductRepo
|
5
5
|
|
6
|
-
self.table_name =
|
6
|
+
self.table_name = Rails.application.config.uffizzi_core[:table_names][:products]
|
7
7
|
|
8
8
|
has_one :price, dependent: :destroy
|
9
9
|
|
@@ -8,7 +8,7 @@ class UffizziCore::Project < UffizziCore::ApplicationRecord
|
|
8
8
|
include UffizziCore::StateMachineConcern
|
9
9
|
include UffizziCore::ProjectRepo
|
10
10
|
|
11
|
-
self.table_name =
|
11
|
+
self.table_name = Rails.application.config.uffizzi_core[:table_names][:projects]
|
12
12
|
|
13
13
|
belongs_to :account
|
14
14
|
|
@@ -21,9 +21,9 @@ class UffizziCore::Project < UffizziCore::ApplicationRecord
|
|
21
21
|
has_many :templates, dependent: :destroy
|
22
22
|
has_many :credentials, through: :account
|
23
23
|
has_many :compose_files, dependent: :destroy
|
24
|
+
has_many :secrets, dependent: :destroy, as: :resource
|
24
25
|
|
25
26
|
validates :name, presence: true, uniqueness: { scope: :account }
|
26
|
-
validates :secrets, 'uffizzi_core/environment_variable_list': true, allow_nil: true
|
27
27
|
|
28
28
|
aasm(:state) do
|
29
29
|
state :active, initial: true
|
@@ -38,14 +38,6 @@ class UffizziCore::Project < UffizziCore::ApplicationRecord
|
|
38
38
|
end
|
39
39
|
end
|
40
40
|
|
41
|
-
def any_paid_deployments?
|
42
|
-
!all_deployments_free?
|
43
|
-
end
|
44
|
-
|
45
|
-
def all_deployments_free?
|
46
|
-
active_deployments.all?(&:free?)
|
47
|
-
end
|
48
|
-
|
49
41
|
def after_disable
|
50
42
|
update(name: "#{name} deleted #{DateTime.current.strftime('%H:%M:%S-%m%d%Y')}")
|
51
43
|
update(slug: "#{slug} deleted #{DateTime.current.strftime('%H:%M:%S-%m%d%Y')}")
|
@@ -57,7 +49,9 @@ class UffizziCore::Project < UffizziCore::ApplicationRecord
|
|
57
49
|
end
|
58
50
|
|
59
51
|
def disable_deployments
|
60
|
-
active_deployments.each
|
52
|
+
active_deployments.each do |deployment|
|
53
|
+
UffizziCore::DeploymentService.disable!(deployment)
|
54
|
+
end
|
61
55
|
end
|
62
56
|
|
63
57
|
def compose_file
|
@@ -4,7 +4,7 @@ class UffizziCore::Repo < UffizziCore::ApplicationRecord
|
|
4
4
|
extend Enumerize
|
5
5
|
include UffizziCore::RepoRepo
|
6
6
|
|
7
|
-
self.table_name =
|
7
|
+
self.table_name = Rails.application.config.uffizzi_core[:table_names][:repos]
|
8
8
|
|
9
9
|
enumerize :kind, in: [:buildpacks18, :dockerfile, :dotnet, :gatsby, :barestatic], predicates: true
|
10
10
|
|
@@ -15,10 +15,6 @@ class UffizziCore::Repo < UffizziCore::ApplicationRecord
|
|
15
15
|
validates :dockerfile_path, presence: true, if: :dockerfile?
|
16
16
|
validates :delete_preview_after, numericality: { greater_than: 0, only_integer: true }, allow_nil: true
|
17
17
|
|
18
|
-
def github?
|
19
|
-
type == UffizziCore::Repo::Github.name
|
20
|
-
end
|
21
|
-
|
22
18
|
def docker_hub?
|
23
19
|
type == UffizziCore::Repo::DockerHub.name
|
24
20
|
end
|
@@ -30,10 +26,4 @@ class UffizziCore::Repo < UffizziCore::ApplicationRecord
|
|
30
26
|
def google?
|
31
27
|
type == UffizziCore::Repo::Google.name
|
32
28
|
end
|
33
|
-
|
34
|
-
def url
|
35
|
-
return unless github?
|
36
|
-
|
37
|
-
['https://github.com', namespace, name].join('/')
|
38
|
-
end
|
39
29
|
end
|
@@ -1,9 +1,9 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
class UffizziCore::Role < UffizziCore::ApplicationRecord
|
4
|
-
self.table_name =
|
4
|
+
self.table_name = Rails.application.config.uffizzi_core[:table_names][:roles]
|
5
5
|
|
6
|
-
has_and_belongs_to_many :users, join_table:
|
6
|
+
has_and_belongs_to_many :users, join_table: Rails.application.config.uffizzi_core[:table_names][:users_roles]
|
7
7
|
|
8
8
|
belongs_to :resource,
|
9
9
|
polymorphic: true,
|
@@ -0,0 +1,9 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
class UffizziCore::Secret < ApplicationRecord
|
4
|
+
self.table_name = Rails.application.config.uffizzi_core[:table_names][:secrets]
|
5
|
+
|
6
|
+
belongs_to :resource, polymorphic: true
|
7
|
+
|
8
|
+
validates :name, presence: true, uniqueness: { scope: :resource }
|
9
|
+
end
|
@@ -4,7 +4,7 @@ class UffizziCore::Template < UffizziCore::ApplicationRecord
|
|
4
4
|
include UffizziCore::TemplateRepo
|
5
5
|
extend Enumerize
|
6
6
|
|
7
|
-
self.table_name =
|
7
|
+
self.table_name = Rails.application.config.uffizzi_core[:table_names][:templates]
|
8
8
|
|
9
9
|
belongs_to :added_by, class_name: UffizziCore::User.name, foreign_key: :added_by_id
|
10
10
|
belongs_to :project, touch: true
|
@@ -3,7 +3,7 @@
|
|
3
3
|
class UffizziCore::UserProject < UffizziCore::ApplicationRecord
|
4
4
|
extend Enumerize
|
5
5
|
|
6
|
-
self.table_name =
|
6
|
+
self.table_name = Rails.application.config.uffizzi_core[:table_names][:user_projects]
|
7
7
|
|
8
8
|
enumerize :role, in: [:admin, :developer, :viewer], predicates: true
|
9
9
|
validates :role, presence: true
|
@@ -1,10 +1,18 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
3
|
class UffizziCore::Api::Cli::V1::Account::CredentialsPolicy < UffizziCore::ApplicationPolicy
|
4
|
+
def index?
|
5
|
+
context.user_access_module.admin_access_to_account?(context.user, context.account)
|
6
|
+
end
|
7
|
+
|
4
8
|
def create?
|
5
9
|
context.user_access_module.admin_access_to_account?(context.user, context.account)
|
6
10
|
end
|
7
11
|
|
12
|
+
def check_credential?
|
13
|
+
context.user_access_module.admin_access_to_account?(context.user, context.account)
|
14
|
+
end
|
15
|
+
|
8
16
|
def destroy?
|
9
17
|
context.user_access_module.admin_access_to_account?(context.user, context.account)
|
10
18
|
end
|
@@ -13,6 +13,10 @@ class UffizziCore::Api::Cli::V1::Projects::DeploymentsPolicy < UffizziCore::Appl
|
|
13
13
|
context.user_access_module.admin_or_developer_access_to_project?(context.user, context.project)
|
14
14
|
end
|
15
15
|
|
16
|
+
def update?
|
17
|
+
context.user_access_module.admin_or_developer_access_to_project?(context.user, context.project)
|
18
|
+
end
|
19
|
+
|
16
20
|
def destroy?
|
17
21
|
context.user_access_module.admin_or_developer_access_to_project?(context.user, context.project)
|
18
22
|
end
|
@@ -4,33 +4,28 @@ module UffizziCore::CredentialRepo
|
|
4
4
|
extend ActiveSupport::Concern
|
5
5
|
|
6
6
|
included do
|
7
|
-
scope :
|
8
|
-
where(type: UffizziCore::Credential::DockerHub.name)
|
9
|
-
}
|
7
|
+
scope :by_type, ->(type) { where(type: type) }
|
10
8
|
|
11
|
-
scope :
|
12
|
-
where(type: UffizziCore::Credential::Github.name)
|
13
|
-
}
|
9
|
+
scope :docker_hub, -> { by_type(UffizziCore::Credential::DockerHub.name) }
|
14
10
|
|
15
|
-
scope :
|
16
|
-
where(type: UffizziCore::Credential::Azure.name)
|
17
|
-
}
|
11
|
+
scope :github, -> { by_type(UffizziCore::Credential::Github.name) }
|
18
12
|
|
19
|
-
scope :
|
20
|
-
where(type: UffizziCore::Credential::Google.name)
|
21
|
-
}
|
13
|
+
scope :azure, -> { by_type(UffizziCore::Credential::Azure.name) }
|
22
14
|
|
23
|
-
scope :
|
24
|
-
|
25
|
-
|
26
|
-
UffizziCore::Credential::Azure.name,
|
27
|
-
UffizziCore::Credential::Google.name,
|
28
|
-
UffizziCore::Credential::Amazon.name,
|
29
|
-
])
|
30
|
-
}
|
15
|
+
scope :google, -> { by_type(UffizziCore::Credential::Google.name) }
|
16
|
+
|
17
|
+
scope :amazon, -> { by_type(UffizziCore::Credential::Amazon.name) }
|
31
18
|
|
32
|
-
scope :
|
33
|
-
|
19
|
+
scope :github_container_registry, -> { by_type(UffizziCore::Credential::GithubContainerRegistry.name) }
|
20
|
+
|
21
|
+
scope :deployable, -> {
|
22
|
+
by_type([
|
23
|
+
UffizziCore::Credential::DockerHub.name,
|
24
|
+
UffizziCore::Credential::Azure.name,
|
25
|
+
UffizziCore::Credential::Google.name,
|
26
|
+
UffizziCore::Credential::Amazon.name,
|
27
|
+
UffizziCore::Credential::GithubContainerRegistry.name,
|
28
|
+
])
|
34
29
|
}
|
35
30
|
end
|
36
31
|
end
|
@@ -19,5 +19,6 @@ module UffizziCore::DeploymentRepo
|
|
19
19
|
scope :with_containers, ->(source, image, tag) {
|
20
20
|
includes(containers: :repo).where(containers: { image: image, tag: tag, repos: { type: source } })
|
21
21
|
}
|
22
|
+
scope :existed, -> { where(state: [:active, :failed]) }
|
22
23
|
end
|
23
24
|
end
|
data/app/serializers/uffizzi_core/api/cli/v1/projects/deployment_serializer/container_serializer.rb
CHANGED
@@ -20,4 +20,12 @@ class UffizziCore::Api::Cli::V1::Projects::DeploymentSerializer::ContainerSerial
|
|
20
20
|
:repo_id,
|
21
21
|
:continuously_deploy,
|
22
22
|
:receive_incoming_requests
|
23
|
+
|
24
|
+
def secret_variables
|
25
|
+
return unless object.secret_variables.present?
|
26
|
+
|
27
|
+
object.secret_variables.map do |var|
|
28
|
+
{ name: var['name'], value: anonymize(var['value']) }
|
29
|
+
end
|
30
|
+
end
|
23
31
|
end
|
@@ -10,8 +10,12 @@ class UffizziCore::Controller::CreateCredential::CredentialSerializer < UffizziC
|
|
10
10
|
end
|
11
11
|
|
12
12
|
def password
|
13
|
-
|
14
|
-
|
15
|
-
object.
|
13
|
+
if object.amazon?
|
14
|
+
UffizziCore::Amazon::CredentialService.access_token(object)
|
15
|
+
elsif object.github_container_registry?
|
16
|
+
UffizziCore::GithubContainerRegistry::CredentialService.access_token(object, instance_options[:image])
|
17
|
+
else
|
18
|
+
object.password
|
19
|
+
end
|
16
20
|
end
|
17
21
|
end
|
@@ -0,0 +1,8 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
# rubocop:disable Metrics/LineLength
|
4
|
+
class UffizziCore::Controller::DeployContainers::ContainerSerializer::ContainerConfigFileSerializer::ConfigFileSerializer < UffizziCore::BaseSerializer
|
5
|
+
# rubocop:enable Metrics/LineLength
|
6
|
+
|
7
|
+
attributes :id, :filename, :kind, :payload
|
8
|
+
end
|