uffizzi_core 0.1.3

data/app/clients/uffizzi_core/github/user_client.rb

@@ -0,0 +1,51 @@
+# frozen_string_literal: true
+
+class UffizziCore::Github::UserClient
+  PER_PAGE = 100
+
+  def initialize(access_token, per_page = PER_PAGE)
+    @client = Octokit::Client.new(access_token: access_token, per_page: per_page)
+  end
+
+  def contents?(repository_id, params)
+    @client.contents?(repository_id, params)
+  end
+
+  def contents(repository_id, options)
+    @client.contents(repository_id, options)
+  end
+
+  def user_installations
+    response = @client.find_user_installations
+
+    response[:installations]
+  end
+
+  def installation_repositories(installation_id, repo_attributes)
+    response = @client.find_installation_repositories_for_user(installation_id, repo_attributes)
+
+    response[:repositories]
+  end
+
+  def branch(repository_id, branch)
+    @client.branch(repository_id, branch)
+  end
+
+  def commit(repository_id, commit_sha)
+    response = @client.commit(repository_id, commit_sha)
+
+    response[:commit]
+  end
+
+  def branches(repository_id)
+    @client.branches(repository_id)
+  end
+
+  def repo(repository_id)
+    @client.repo(repository_id)
+  end
+
+  def search_repositories(query)
+    @client.search_repositories(query)
+  end
+end

data/app/clients/uffizzi_core/google_registry_client/request_result.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+class UffizziCore::GoogleRegistryClient::RequestResult < Hashie::Mash
+  disable_warnings :key
+end

data/app/clients/uffizzi_core/google_registry_client.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+class UffizziCore::GoogleRegistryClient
+  attr_accessor :connection, :token, :registry_url
+
+  def initialize(registry_url:, username:, password:)
+    @registry_url = registry_url
+    @connection = build_connection(registry_url, username, password)
+    @token = access_token&.result&.token
+  end
+
+  def manifests(image:, tag:)
+    url = "/v2/#{image}/manifests/#{tag}"
+    response = connection.get(url)
+
+    RequestResult.quiet.new(result: response.body, headers: response.headers)
+  end
+
+  def access_token
+    service = URI.parse(registry_url).hostname
+    url = "/v2/token?service=#{service}"
+
+    response = connection.get(url, {})
+
+    RequestResult.new(result: response.body)
+  end
+
+  def authentificated?
+    token.present?
+  end
+
+  private
+
+  def build_connection(registry_url, username, password)
+    Faraday.new(registry_url) do |conn|
+      conn.request(:basic_auth, username, password)
+      conn.request(:json)
+      conn.response(:json)
+      conn.adapter(Faraday.default_adapter)
+    end
+  end
+end

data/app/contexts/uffizzi_core/base_context.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+class UffizziCore::BaseContext
+  attr_reader :user, :user_access_module, :params, :account
+
+  def initialize(user, user_access_module, params)
+    @user = user
+    @user_access_module = user_access_module
+    @account = user.organizational_account
+    @params = params
+  end
+end

data/app/contexts/uffizzi_core/project_context.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+class UffizziCore::ProjectContext
+  attr_reader :user, :user_access_module, :project, :account, :params
+
+  def initialize(user, user_access_module, project, params)
+    @user = user
+    @user_access_module = user_access_module
+    @account = user.organizational_account
+    @project = project
+    @params = params
+  end
+end

data/app/contexts/uffizzi_core/webhooks_context.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+class UffizziCore::WebhooksContext
+  attr_reader :request
+
+  def initialize(request)
+    @request = request
+  end
+end

data/app/controllers/concerns/uffizzi_core/auth_management.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+module UffizziCore::AuthManagement
+  def sign_in(user)
+    session[:user_id] = user.id
+  end
+
+  def sign_out
+    session[:user_id] = @current_user = nil
+  end
+
+  def signed_in?
+    session[:user_id].present? && current_user.present?
+  end
+
+  def current_user
+    @current_user ||= UffizziCore::User.find_by(id: session[:user_id])
+  end
+
+  def authenticate_request!
+    current_user ? true : head(:unauthorized)
+  end
+end

data/app/controllers/concerns/uffizzi_core/authorization_concern.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+module UffizziCore::AuthorizationConcern
+  extend ActiveSupport::Concern
+
+  included do
+    before_action :init_authorize
+  end
+
+  def init_authorize
+    return unless self.class.ancestors.include?(UffizziCore::ApplicationController)
+
+    self.class.send(:define_method, policy_method_name) { send(:authorize, policy_method_params) }
+  end
+
+  def pundit_user
+    policy_context
+  end
+
+  private
+
+  def policy_method_name
+    [:authorize, policy_name].join('_')
+  end
+
+  def policy_name
+    controller_class = self.class.to_s
+
+    controller_class.gsub(/::|Controller/, '').underscore
+  end
+
+  def policy_method_params
+    controller_class = self.class.to_s
+
+    params = controller_class.gsub(/Controller/, '').split('::')
+    params.map(&:underscore).map(&:downcase).map(&:to_sym)
+  end
+end

data/app/controllers/concerns/uffizzi_core/dependency_injection_concern.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module UffizziCore::DependencyInjectionConcern
+  def user_access_module
+    return unless module_exists?(:rbac)
+
+    UffizziCore::UserAccessService.new(module_class(:rbac))
+  end
+
+  private
+
+  def module_exists?(module_name)
+    module_class(module_name).present?
+  end
+
+  def module_class(module_name)
+    UffizziCore.dependencies[module_name]&.constantize
+  end
+end

data/app/controllers/uffizzi_core/api/cli/v1/account/application_controller.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::Account::ApplicationController < UffizziCore::Api::Cli::V1::ApplicationController
+  def resource_account
+    @resource_account ||= current_user.organizational_account
+  end
+end

data/app/controllers/uffizzi_core/api/cli/v1/account/credentials_controller.rb

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+
+# @resource Account/Credential
+class UffizziCore::Api::Cli::V1::Account::CredentialsController < UffizziCore::Api::Cli::V1::Account::ApplicationController
+  before_action :authorize_uffizzi_core_api_cli_v1_account_credentials
+
+  # rubocop:disable Layout/LineLength
+  # Create account credential
+  #
+  # @path [POST] /api/cli/v1/account/credentials
+  #
+  # @parameter credential(required,body) [object<username:string, password: string, type:string>]
+  # @response [object<id:integer, username:string, password:string, type:string, state:string>] 201 Created successfully
+  # @response [object<errors>] 422 Unprocessable entity
+  #
+  # @example
+  #    type can be one of UffizziCore::Credential::Amazon, UffizziCore::Credential::Azure, UffizziCore::Credential::DockerHub, UffizziCore::Credential::Google
+  # rubocop:enable Layout/LineLength
+  def create
+    credential_form = UffizziCore::Api::Cli::V1::Account::Credential::CreateForm.new
+    credential_form.assign_attributes(credential_params)
+    credential_form.account = resource_account
+    credential_form.registry_url = Settings.docker_hub.registry_url if credential_form.docker_hub?
+    if credential_form.google?
+      credential_form.registry_url = Settings.google.registry_url
+      credential_form.username = '_json_key'
+    end
+    credential_form.activate
+
+    if credential_form.save
+      UffizziCore::Account::CreateCredentialJob.perform_async(credential_form.id)
+    end
+
+    respond_with credential_form
+  end
+
+  # Delete account credential
+  #
+  # @path [DELETE] /api/cli/v1/account/credentials/{type}
+  #
+  # @parameter type(required,path) [string] Type of the credential
+  # @response 204 No Content
+  # @response 401 Not authorized
+  # @response [object<errors: object<title: string>>] 404 Not found
+  def destroy
+    credential = resource_account.credentials.find_by!(type: params[:type])
+    credential.destroy
+  end
+
+  private
+
+  def credential_params
+    params.require(:credential)
+  end
+end

data/app/controllers/uffizzi_core/api/cli/v1/application_controller.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::ApplicationController < UffizziCore::ApplicationController
+  before_action :authenticate_request!
+end

data/app/controllers/uffizzi_core/api/cli/v1/projects/application_controller.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::Projects::ApplicationController < UffizziCore::Api::Cli::V1::ApplicationController
+  def resource_project
+    @resource_project ||= current_user.projects.find_by!(slug: params[:project_slug])
+  end
+
+  def policy_context
+    UffizziCore::ProjectContext.new(current_user, user_access_module, resource_project, params)
+  end
+end

data/app/controllers/uffizzi_core/api/cli/v1/projects/compose_files_controller.rb

@@ -0,0 +1,93 @@
+# frozen_string_literal: true
+
+# @resource ComposeFile
+class UffizziCore::Api::Cli::V1::Projects::ComposeFilesController < UffizziCore::Api::Cli::V1::Projects::ApplicationController
+  before_action :authorize_uffizzi_core_api_cli_v1_projects_compose_files
+
+  # Get the compose file for the project
+  #
+  # @path [GET] /api/cli/v1/projects/{project_slug}/compose_file
+  #
+  # @parameter project_slug(required,path) [string] The project slug
+  #
+  # @response [ComposeFile] 200 OK
+  # @response 401 Not authorized
+  # @response [object<errors: object<title: string>>] 404 Not found
+  def show
+    respond_with compose_file
+  end
+
+  # Create a compose file for the project
+  #
+  # @path [POST] /api/cli/v1/projects/{project_slug}/compose_file
+  #
+  # @parameter project_slug(required,path) [string] The project slug
+  # @parameter params(required,body) [object <
+  #    compose_file: object<path: string, source: string, content: string>,
+  #    dependencies: Array<object<path: string, source: string, content: string>>>]
+  #
+  # @response [ComposeFile] 201 OK
+  # @response 422 A compose file already exists for this project
+  # @response [ComposeFile] 422 Invalid compose file
+  # @response 401 Not authorized
+  def create
+    params = {
+      project: resource_project,
+      user: current_user,
+      compose_file_params: compose_file_params,
+      dependencies: dependencies_params[:dependencies] || [],
+    }
+
+    compose_file_form, errors = create_or_update_compose_file(params)
+    return render_errors(errors) if errors.present?
+
+    respond_with compose_file_form
+  end
+
+  # Delete the compose file for the project
+  #
+  # @path [DELETE] /api/cli/v1/projects/{project_slug}/compose_file
+  #
+  # @parameter project_slug(required,path) [string] The project slug
+  #
+  # @response 204 No Content
+  # @response 401 Not authorized
+  def destroy
+    compose_file.destroy
+
+    head :no_content
+  end
+
+  private
+
+  def compose_file
+    compose_file = resource_project.compose_file
+    raise ActiveRecord::RecordNotFound if compose_file.blank?
+
+    compose_file
+  end
+
+  def compose_file_params
+    params.require(:compose_file)
+  end
+
+  def dependencies_params
+    params.permit(dependencies: [:name, :path, :source, :content])
+  end
+
+  def create_or_update_compose_file(params)
+    existing_compose_file = resource_project.compose_file
+    if existing_compose_file.present?
+      UffizziCore::Cli::ComposeFileService.update(existing_compose_file, params)
+    else
+      kind = UffizziCore::ComposeFile.kind.main
+      UffizziCore::Cli::ComposeFileService.create(params, kind)
+    end
+  end
+
+  def render_errors(errors)
+    json = { errors: errors }
+
+    render json: json, status: :unprocessable_entity
+  end
+end

data/app/controllers/uffizzi_core/api/cli/v1/projects/deployments/activity_items_controller.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::Projects::Deployments::ActivityItemsController <
+  UffizziCore::Api::Cli::V1::Projects::Deployments::ApplicationController
+  before_action :authorize_uffizzi_core_api_cli_v1_projects_deployments_activity_items
+
+  # Get activity items for a deployment
+  #
+  # @path [GET] /api/cli/v1/projects/{project_slug}/deployment/{deployment_id}/actiivity_items
+  #
+  # @parameter project_slug(required,path) [string] The project slug
+  # @parameter deployment_d(required,path) [integer] The id of the deployment
+  #
+  # @response [ActivtyItem] 200 OK
+  # @response 401 Not authorized
+  # @response 404 Not found
+  def index
+    activity_items = resource_deployment
+      .activity_items
+      .page(page)
+      .per(per_page)
+      .order(updated_at: :desc)
+      .ransack(q_param)
+      .result
+
+    meta = meta(activity_items)
+    activity_items = activity_items.map do |activity_item|
+      UffizziCore::Api::Cli::V1::Projects::Deployments::ActivityItemSerializer.new(activity_item).as_json
+    end
+
+    render json: {
+      activity_items: activity_items,
+      meta: meta,
+    }
+  end
+end

data/app/controllers/uffizzi_core/api/cli/v1/projects/deployments/application_controller.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::Projects::Deployments::ApplicationController < UffizziCore::Api::Cli::V1::Projects::ApplicationController
+  def resource_deployment
+    @resource_deployment ||= resource_project.deployments.find(params[:deployment_id])
+  end
+end

data/app/controllers/uffizzi_core/api/cli/v1/projects/deployments/containers/application_controller.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::Projects::Deployments::Containers::ApplicationController <
+  UffizziCore::Api::Cli::V1::Projects::Deployments::ApplicationController
+  def resource_container
+    @resource_container ||= resource_deployment.active_containers.find_by!(name: params[:container_name])
+  end
+end

data/app/controllers/uffizzi_core/api/cli/v1/projects/deployments/containers/logs_controller.rb

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+# @resource Project/Deployment/Container/Log
+
+class UffizziCore::Api::Cli::V1::Projects::Deployments::Containers::LogsController <
+  UffizziCore::Api::Cli::V1::Projects::Deployments::Containers::ApplicationController
+  # @path [GET] /api/cli/v1/projects/{project_slug}/deployments/{deployment_id}/containers/{container_name}/logs
+  #
+  # @parameter project_slug(required,path) [string] The slug of the project
+  # @parameter deployment_id(required,path) [integer] The id of the deployment
+  # @parameter container_name(required,path) [integer] The name of the container
+  #
+  # @response [object <logs: Array<object<insert_id: string, payload: string>>>] 200 OK
+  # @response [object<errors: object<title: string>>] 404 Not found
+  # @response 401 Not authorized
+  def index
+    response = UffizziCore::LogsService.fetch_container_logs(resource_container, logs_params)
+
+    render json: response
+  end
+
+  private
+
+  def logs_params
+    params.permit(:limit)
+  end
+end

data/app/controllers/uffizzi_core/api/cli/v1/projects/deployments/containers_controller.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+# @resource Container
+
+class UffizziCore::Api::Cli::V1::Projects::Deployments::ContainersController <
+  UffizziCore::Api::Cli::V1::Projects::Deployments::ApplicationController
+  before_action :authorize_uffizzi_core_api_cli_v1_projects_deployments_containers
+
+  # Get a list of container services for a deployment
+  #
+  # @path [GET] /api/cli/v1/projects/{project_slug}/deployments/{deployment_id}/containers
+  #
+  # @parameter project_slug(required,path) [string] The project slug
+  # @parameter deployment_id(required,path) [integer] The id of the deployment
+  #
+  # @response [Container] 200 OK
+  # @response 401 Not authorized
+  # @response 404 Not found
+  def index
+    containers = resource_deployment.containers.active
+
+    respond_with containers
+  end
+end

data/app/controllers/uffizzi_core/api/cli/v1/projects/deployments/events_controller.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+# @resource Event
+class UffizziCore::Api::Cli::V1::Projects::Deployments::EventsController <
+  UffizziCore::Api::Cli::V1::Projects::Deployments::ApplicationController
+  before_action :authorize_uffizzi_core_api_cli_v1_projects_deployments_events
+
+  # Get the events associated with deployment
+  #
+  # @path [GET] /api/cli/v1/projects/{project_slug}/deployments/{deployment_id}/events
+  #
+  # @parameter project_slug(required,path) [string] The project_slug for the project
+  # @parameter deployment_id(required,path) [integer] The id of the deployment
+  #
+  # @response [object<
+  #   events: Array<object
+  #     <first_timestamp: string, last_timestamp: string, reason: string, message: string>
+  #   > >] 200 OK
+  #
+  # @response 401 Not authorized
+  # @response 404 Not found
+  def index
+    response = UffizziCore::ControllerService.fetch_deployment_events(resource_deployment)
+
+    events = { events: response }
+
+    render json: events
+  end
+end

data/app/controllers/uffizzi_core/api/cli/v1/projects/deployments_controller.rb

@@ -0,0 +1,148 @@
+# frozen_string_literal: true
+
+# @resource Deployment
+
+class UffizziCore::Api::Cli::V1::Projects::DeploymentsController < UffizziCore::Api::Cli::V1::Projects::ApplicationController
+  before_action :authorize_uffizzi_core_api_cli_v1_projects_deployments
+
+  # Get a list of active deployements for a project
+  #
+  # @path [GET] /api/cli/v1/projects/{project_slug}/deployments
+  #
+  # @parameter project_slug(required,path) [string] The project slug
+  #
+  # @response [Array<Deployment>] 200 OK
+  # @response 401 Not authorized
+  def index
+    respond_with deployments
+  end
+
+  # Get deployment information by id
+  #
+  # @path [GET] /api/cli/v1/projects/{project_slug}/deployments/{id}
+  #
+  # @parameter project_slug(required,path) [string] The project slug
+  #
+  # @response [Deployment] 200 OK
+  # @response [object<errors: object<title: string>>] 404 Not found
+  # @response 401 Not authorized
+  def show
+    respond_with deployment
+  end
+
+  # Create a deployment from a compose file
+  #
+  # @path [POST] /api/cli/v1/projects/{project_slug}/deployments
+  #
+  # @parameter project_slug(required,path) [string] The project slug
+  # @parameter params(required,body)   [object<
+  #    compose_file: object<path: string, source: string, content: string>,
+  #    dependencies: Array<object<path: string, source: string, content: string>>>]
+  #
+  # @response [Deployment] 201 OK
+  # @response [object<errors: object<state: string>>] 422 Unprocessable Entity
+  # @response [object<errors: object<title: string>>] 404 Not found
+  # @response 401 Not authorized
+  def create
+    compose_file, errors = find_or_create_compose_file
+    return render_invalid_file if compose_file.invalid_file?
+    return render_errors(errors) if errors.present?
+
+    errors = check_credentials(compose_file)
+    return render_errors(errors) if errors.present?
+
+    deployment = UffizziCore::DeploymentService.create_from_compose(compose_file, resource_project, current_user)
+
+    respond_with deployment
+  end
+
+  # @path [POST] /api/cli/v1/projects/{project_slug}/deployments/{id}/deploy_containers
+  #
+  # @parameter project_slug(required,path) [string] The project slug
+  # @parameter id(required,path) [string] The id of the deployment
+  #
+  # @response 204 No Content
+  # @response [object<errors: object<title: string>>] 404 Not found
+  # @response 401 Not authorized
+  def deploy_containers
+    deployment = resource_project.deployments.active.find(params[:id])
+
+    deployment.update(deployed_by: current_user)
+
+    resource_project.config_files.by_deployment(deployment).each do |config_file|
+      UffizziCore::ConfigFile::ApplyJob.perform_async(deployment.id, config_file.id)
+    end
+
+    UffizziCore::Deployment::DeployContainersJob.perform_async(deployment.id)
+  end
+
+  # Disable deployment by id
+  #
+  # @path [DELETE] /api/cli/v1/projects/{project_slug}/deployments/{id}
+  #
+  # @parameter project_slug(required,path) [string] The project slug
+  #
+  # @response 204 No Content
+  # @response 401 Not authorized
+  def destroy
+    UffizziCore::DeploymentService.disable!(deployment)
+
+    head :no_content
+  end
+
+  private
+
+  def deployment
+    @deployment ||= deployments.find(params[:id])
+  end
+
+  def find_or_create_compose_file
+    existing_compose_file = resource_project.compose_file
+    if compose_file_params.present?
+      create_params = {
+        project: resource_project,
+        user: current_user,
+        compose_file_params: compose_file_params,
+        dependencies: dependencies_params[:dependencies] || [],
+      }
+
+      kind = UffizziCore::ComposeFile.kind.temporary
+      UffizziCore::Cli::ComposeFileService.create(create_params, kind)
+    else
+      raise ActiveRecord::RecordNotFound if existing_compose_file.blank?
+
+      errors = []
+      [existing_compose_file, errors]
+    end
+  end
+
+  def check_credentials(compose_file)
+    credentials = resource_project.account.credentials
+    check_credentials_form = UffizziCore::Api::Cli::V1::ComposeFile::CheckCredentialsForm.new
+    check_credentials_form.compose_file = compose_file
+    check_credentials_form.credentials = credentials
+    return check_credentials_form.errors if check_credentials_form.invalid?
+
+    nil
+  end
+
+  def deployments
+    @deployments ||= resource_project.deployments.active
+  end
+
+  def deployment_params
+    params.required(:deployment)
+  end
+
+  def compose_file_params
+    params[:compose_file]
+  end
+
+  def dependencies_params
+    params.permit(dependencies: [:name, :path, :source, :content])
+  end
+
+  def render_invalid_file
+    render json: { errors: { state: ['Invalid compose file'] } }, status: :unprocessable_entity
+  end
+end