uffizzi_core 0.4.2 → 0.6.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c77ce0a84cac9c658e95ca303c65b90bed161bdd6c588c18a126dab2e58175ab
-  data.tar.gz: b8c916fd4b1beaf5354d1e4dda147e38d5b4431e7ec0feea880cf36041a445d4
+  metadata.gz: 5db1e654767dd515b19f3848fe63f6f0c194ac998f705bc78327b10ccf0cb401
+  data.tar.gz: 1743714525d2fd0e149bd16c4c7f6ec8a08c56d51cbec9df7ff559491c0712e5
 SHA512:
-  metadata.gz: 0f1d7cc3cea3c4fda4615d67d8606bd122997ed96260f595358d5942c58222a3c38814466d7c3c6b7005eeaec77cb81bc48436bcff1c73228c0b6354d2897c49
-  data.tar.gz: f9ca337c51fffd381a7c53744e59e60917ecd541fafd63cd94b5a5618dd5f32eab8f70cc6fbe6c153765eb47dbb9011875b5a45efd5882794fc5d6616e10076c
+  metadata.gz: 1df17b138ba1bfca50b4b30d68012c80d2d38cf1a4ff0374d3a10ebd711eb6aa8e2aa0d62dc5652c9178ea83b7543981332d023a22e45aa409b3dbeed40c7314
+  data.tar.gz: 36da046695524c28f9f8d9c101d906ef32018f79f9240ce2ee10c71a7d12a7b19dbe7d182a0a867ce47d27119074a665dbb5cefd9259092325dbd1b5a323e7e2

data/app/clients/uffizzi_core/docker_hub_client.rb

@@ -43,34 +43,6 @@ class UffizziCore::DockerHubClient
     RequestResult.new(result: response.body)
   end
 
-  def get_webhooks(slug:, registry:)
-    url = BASE_URL + "/v2/repositories/#{slug}/webhook_pipeline/"
-
-    response = connection.get(url, { registry: registry, page_size: 100 }) do |request|
-      request.headers['Authorization'] = "JWT #{jwt}"
-    end
-
-    RequestResult.new(status: response.status, result: response.body)
-  end
-
-  def create_webhook(slug:, name:, expect_final_callback:, webhooks:)
-    raise NotAuthorizedError if !authentificated?
-
-    url = BASE_URL + "/v2/repositories/#{slug}/webhook_pipeline/"
-
-    params = {
-      name: name,
-      expect_final_callback: expect_final_callback,
-      webhooks: webhooks,
-    }
-
-    response = connection.post(url, params) do |request|
-      request.headers['Authorization'] = "JWT #{jwt}"
-    end
-
-    RequestResult.new(status: response.status, result: response.body)
-  end
-
   def accounts
     raise NotAuthorizedError if !authentificated?
 
@@ -115,16 +87,6 @@ class UffizziCore::DockerHubClient
     RequestResult.new(result: response.body)
   end
 
-  def send_webhook_answer(url, params)
-    conn = Faraday.new do |c|
-      c.request(:json)
-      c.adapter(Faraday.default_adapter)
-    end
-    response = conn.post(url, params)
-
-    RequestResult.quiet.new(result: response.body)
-  end
-
   def authentificated?
     jwt.present?
   end

data/app/controllers/concerns/uffizzi_core/dependency_injection_concern.rb

@@ -7,10 +7,12 @@ module UffizziCore::DependencyInjectionConcern
     UffizziCore::UserAccessService.new(module_class(:rbac))
   end
 
-  def build_parser_module
-    return unless module_exists?(:github)
+  def find_build_parser_module
+    module_class(:build_parser)
+  end
 
-    module_class(:github)
+  def find_volume_parser_module
+    module_class(:volume_parser)
   end
 
   def password_protection_module

data/app/forms/uffizzi_core/api/cli/v1/compose_file/cli_form.rb

@@ -8,6 +8,7 @@ class UffizziCore::Api::Cli::V1::ComposeFile::CliForm
   attribute :compose_dependencies, Array
   attribute :compose_repositories, Array
   attribute :content, String
+  attribute :source_kind, Symbol
 
   validates :content, presence: true
 

data/app/services/uffizzi_core/compose_file/builders/container_builder_service.rb

@@ -19,7 +19,7 @@ class UffizziCore::ComposeFile::Builders::ContainerBuilderService
     secrets = container_data[:secrets] || []
     container_name = container_data[:container_name]
     healthcheck_data = container_data[:healthcheck] || {}
-    volumes = container_data[:volumes] || []
+    volumes_data = container_data[:volumes] || []
 
     env_file_dependencies = UffizziCore::ComposeFile::GithubDependenciesService.env_file_dependencies_for_container(compose_dependencies,
                                                                                                                     container_name)
@@ -46,7 +46,7 @@ class UffizziCore::ComposeFile::Builders::ContainerBuilderService
       service_name: container_name,
       name: container_name,
       healthcheck: healthcheck_data,
-      volumes: volumes,
+      volumes: volumes_data,
     }
   end
   # rubocop:enable Metrics/PerceivedComplexity

data/app/services/uffizzi_core/compose_file/parsers/services/image_parser_service.rb

@@ -5,9 +5,8 @@ class UffizziCore::ComposeFile::Parsers::Services::ImageParserService
     def parse(value)
       return {} if value.blank?
 
-      parse_error = UffizziCore::ComposeFile::ParseError, I18n.t('compose.invalid_image_value', value: value)
-      image_path, tag = get_image_path_and_tag(value, parse_error)
-      raise parse_error if image_path.blank?
+      image_path, tag = get_image_path_and_tag(value)
+      raise_parse_error(value) if image_path.blank?
 
       tag = Settings.compose.default_tag if tag.blank?
 
@@ -27,7 +26,11 @@ class UffizziCore::ComposeFile::Parsers::Services::ImageParserService
 
     private
 
-    def get_image_path_and_tag(value, parse_error)
+    def raise_parse_error(value)
+      raise UffizziCore::ComposeFile::ParseError, I18n.t('compose.invalid_image_value', value: value)
+    end
+
+    def get_image_path_and_tag(value)
       image_path_parts = value.downcase.split(':')
       case image_path_parts.size
       when 1
@@ -40,18 +43,18 @@ class UffizziCore::ComposeFile::Parsers::Services::ImageParserService
         elsif tag_pattern.match?(value)
           [image_path_parts[0], image_path_parts[1]]
         else
-          raise parse_error
+          raise_parse_error(value)
         end
       when 3
         ["#{image_path_parts[0]}:#{image_path_parts[1]}", image_path_parts[2]]
       else
-        raise parse_error
+        raise_parse_error(value)
       end
     end
 
     def url?(image_path)
       uri = URI(add_https_if_needed(image_path))
-      uri.host.present? && uri.host =~ /\w+\.(\w+\.)*\w+/ && uri.path.present?
+      uri.host.present? && uri.host =~ /(localhost(:\d+)?|\w+\.(\w+\.)*\w+)/ && uri.path.present?
     rescue URI::InvalidURIError
       false
     end

data/app/services/uffizzi_core/compose_file/parsers/services/{volumes_service.rb → volumes_parser_service.rb}

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-class UffizziCore::ComposeFile::Parsers::Services::VolumesService
+class UffizziCore::ComposeFile::Parsers::Services::VolumesParserService
   HOST_VOLUME_TYPE = :host
   NAMED_VOLUME_TYPE = :named
   ANONYMOUS_VOLUME_TYPE = :anonymous
@@ -8,15 +8,15 @@ class UffizziCore::ComposeFile::Parsers::Services::VolumesService
   READ_WRITE_OPTION = 'rw'
 
   class << self
-    def parse(volumes, named_volumes_names, service_name)
+    def parse(volumes, volumes_payload)
       return [] if volumes.blank?
 
       volumes.map do |volume|
         volume_data = case volume
                       when String
-                        process_short_syntax(volume, named_volumes_names, service_name)
+                        process_short_syntax(volume, volumes_payload)
                       when Hash
-                        process_long_syntax(volume, named_volumes_names, service_name)
+                        process_long_syntax(volume, volumes_payload)
                       else
                         raise UffizziCore::ComposeFile::ParseError, I18n.t('compose.invalid_type', option: :volumes)
         end
@@ -27,48 +27,49 @@ class UffizziCore::ComposeFile::Parsers::Services::VolumesService
 
     private
 
-    def process_short_syntax(volume_data, named_volumes_names, service_name)
+    def process_short_syntax(volume_data, volumes_payload)
       volume_parts = volume_data.split(':').map(&:strip)
-      has_read_only = volume_parts.include?(READONLY_OPTION)
+      read_only = volume_parts.last.to_s.downcase == READONLY_OPTION
       part1, part2 = volume_parts
       source_path = part1
       target_path = [READONLY_OPTION, READ_WRITE_OPTION].include?(part2.to_s.downcase) ? nil : part2
 
       raise UffizziCore::ComposeFile::ParseError, I18n.t('compose.volume_prop_is_required', prop_name: 'source') if source_path.blank?
 
-      volume_type = volume_type(source_path, target_path)
-
-      check_named_volume_existence(source_path, target_path, named_volumes_names, service_name) if volume_type == NAMED_VOLUME_TYPE
-
-      {
-        source: source_path,
-        target: target_path,
-        type: volume_type,
-        read_only: has_read_only,
-      }
+      build_volume_attributes(source_path, target_path, read_only, volumes_payload)
     end
 
-    def process_long_syntax(volume_data, named_volumes_names, service_name)
+    def process_long_syntax(volume_data, volumes_payload)
       source_path = volume_data['source'].to_s.strip
       target_path = volume_data['target'].to_s.strip
-      has_read_only = volume_data['read_only'].present?
+      read_only = volume_data['read_only'].present?
 
       raise UffizziCore::ComposeFile::ParseError, I18n.t('compose.volume_prop_is_required', prop_name: 'source') if source_path.blank?
       raise UffizziCore::ComposeFile::ParseError, I18n.t('compose.volume_prop_is_required', prop_name: 'target') if target_path.blank?
 
-      volume_type = volume_type(source_path, target_path)
+      build_volume_attributes(source_path, target_path, read_only, volumes_payload)
+    end
 
-      check_named_volume_existence(source_path, target_path, named_volumes_names, service_name) if volume_type == NAMED_VOLUME_TYPE
+    def build_volume_attributes(source_path, target_path, read_only, params = {})
+      volume_type = build_volume_type(source_path, target_path)
+
+      if volume_type == NAMED_VOLUME_TYPE
+        validate_named_volume(source_path, target_path, params[:named_volumes_names], params[:service_name])
+      end
+
+      if volume_type == ANONYMOUS_VOLUME_TYPE
+        validate_anonymous_volume(source_path)
+      end
 
       {
         source: source_path,
         target: target_path,
         type: volume_type,
-        read_only: has_read_only,
+        read_only: read_only,
       }
     end
 
-    def volume_type(source_path, target_path)
+    def build_volume_type(source_path, target_path)
       if path?(source_path) && path?(target_path)
         raise UffizziCore::ComposeFile::ParseError, I18n.t('compose.volume_type_not_supported', type: HOST_VOLUME_TYPE)
       end
@@ -83,12 +84,26 @@ class UffizziCore::ComposeFile::Parsers::Services::VolumesService
       /^(\/|\.\/|~\/)/.match?(path)
     end
 
-    def check_named_volume_existence(source_path, target_path, named_volumes_names, service_name)
+    def validate_named_volume(source_path, target_path, named_volumes_names, service_name)
+      if path_has_only_root?(target_path)
+        raise UffizziCore::ComposeFile::ParseError, I18n.t('compose.invalid_volume_destination', spec: "#{source_path}:#{target_path}")
+      end
+
       return if named_volumes_names.include?(source_path)
 
       raise UffizziCore::ComposeFile::ParseError, I18n.t('compose.named_volume_not_exists', source_path: source_path,
                                                                                             target_path: target_path,
                                                                                             service_name: service_name)
     end
+
+    def validate_anonymous_volume(path)
+      if path_has_only_root?(path)
+        raise UffizziCore::ComposeFile::ParseError, I18n.t('compose.invalid_volume_destination', spec: path)
+      end
+    end
+
+    def path_has_only_root?(path)
+      path.size == 1 && path.include?('/')
+    end
   end
 end

data/app/services/uffizzi_core/compose_file/parsers/services_parser_service.rb

@@ -51,9 +51,9 @@ class UffizziCore::ComposeFile::Parsers::ServicesParserService
                                     when :'x-uffizzi-continuous-preview', :'x-uffizzi-continuous-previews'
                                       UffizziCore::ComposeFile::Parsers::ContinuousPreviewParserService.parse(value)
                                     when :volumes
-                                      UffizziCore::ComposeFile::Parsers::Services::VolumesService.parse(value,
-                                                                                                        global_named_volume_names,
-                                                                                                        service_name)
+                                      parse_volumes(value, named_volumes_names: global_named_volume_names,
+                                                           service_name: service_name,
+                                                           compose_payload: compose_payload)
         end
       end
 
@@ -63,9 +63,19 @@ class UffizziCore::ComposeFile::Parsers::ServicesParserService
     end
 
     def check_and_parse_build_option(value, compose_payload)
+      build_parser_module = find_build_parser_module
+
       raise UffizziCore::ComposeFile::ParseError, I18n.t('compose.not_implemented', option: :build) unless build_parser_module
 
       build_parser_module.parse(value, compose_payload)
     end
+
+    def parse_volumes(value, volumes_payload)
+      volume_parser_module = find_volume_parser_module
+
+      return UffizziCore::ComposeFile::Parsers::Services::VolumesParserService.parse(value, volumes_payload) unless volume_parser_module
+
+      volume_parser_module.parse(value, volumes_payload)
+    end
   end
 end

data/app/services/uffizzi_core/deployment_service.rb

@@ -23,7 +23,6 @@ class UffizziCore::DeploymentService
         update_subdomain!(deployment_form)
 
         UffizziCore::Deployment::CreateJob.perform_async(deployment_form.id)
-        UffizziCore::Deployment::CreateWebhooksJob.perform_async(deployment_form.id)
       end
 
       deployment_form
@@ -208,28 +207,6 @@ class UffizziCore::DeploymentService
       deployment.save!
     end
 
-    def create_webhooks(deployment)
-      credential = deployment.project.account.credentials.docker_hub.active.first
-
-      if !deployment.containers.with_docker_hub_repo.exists? || !credential.present?
-        Rails.logger.info("DEPLOYMENT_PROCESS deployment_id=#{deployment.id} create_webhooks no dockerhub containers or credential")
-        return
-      end
-
-      accounts = UffizziCore::DockerHubService.accounts(credential)
-
-      deployment.containers.with_docker_hub_repo.find_each do |container|
-        if !accounts.include?(container.repo.namespace)
-          logger_message = "DEPLOYMENT_PROCESS deployment_id=#{deployment.id} no namespace(#{container.repo.namespace})
-          in accounts(#{accounts.inspect})"
-          Rails.logger.info(logger_message)
-          next
-        end
-
-        UffizziCore::Credential::DockerHub::CreateWebhookJob.perform_async(credential.id, container.image, deployment.id)
-      end
-    end
-
     def pull_request_payload_present?(deployment)
       deployment.continuous_preview_payload.present? && deployment.continuous_preview_payload['pull_request'].present?
     end

data/app/services/uffizzi_core/docker_hub_service.rb

@@ -1,44 +1,7 @@
 # frozen_string_literal: true
 
 class UffizziCore::DockerHubService
-  HOOK_NAME = 'Uffizzi OpenSource Deploy Webhook'
-  HOOK_URL = "#{Settings.app.host}api/cli/v1/webhooks/docker_hub"
-  REGISTRY = 'registry-1.docker.io'
-
   class << self
-    def create_webhook(credential, image)
-      client = user_client(credential)
-
-      webhooks_response = client.get_webhooks(slug: image, registry: REGISTRY)
-      Rails.logger.info("DockerHubService create_webhook get_webhooks_response=#{webhooks_response.inspect}")
-
-      return false if webhooks_response.status != 200
-
-      webhooks = webhooks_response.result['results']
-
-      webhook = webhooks.detect { |hook| hook['name'] == HOOK_NAME }
-
-      return true if !webhook.nil?
-
-      params = {
-        slug: image,
-        name: HOOK_NAME,
-        expect_final_callback: false,
-        webhooks: [{ name: HOOK_NAME, hook_url: HOOK_URL, registry: REGISTRY }],
-      }
-
-      response = client.create_webhook(params)
-
-      Rails.logger.info("DockerHubService create_webhook create_webhook_response=#{response.inspect} params=#{params.inspect}")
-
-      response.status == 201
-    end
-
-    def send_webhook_answer(callback_url)
-      params = { state: 'success', description: 'Successfully deployed to Uffizzi' }
-      public_docker_hub_client.send_webhook_answer(callback_url, params)
-    end
-
     def accounts(credential)
       client = user_client(credential)
       response = client.accounts

data/config/locales/en.yml

@@ -66,6 +66,7 @@ en:
     volume_invalid_name: "Volumes value '%{name}' does not match any of the regexes: '^[a-zA-Z0-9._-]+$'"
     volume_type_not_supported: Volumes with type '%{type}' does not supported
     named_volume_not_exists: Named volume '%{source_path}:%{target_path}' is used in service '%{service_name}' but no declaration was found in the volumes section.
+    invalid_volume_destination: Invalid volume specification '%{spec}' destination can't be '/'
   secrets:
     duplicates_exists: Secret with key %{secrets} already exist.
     invalid_key_length: A secret key must be no longer than 256 characters.

data/config/routes.rb

@@ -7,14 +7,6 @@ UffizziCore::Engine.routes.draw do
   namespace :api, defaults: { format: :json } do
     namespace :cli do
       namespace :v1 do
-        resource :webhooks, only: [] do
-          post :docker_hub
-          post :github
-          post :azure
-          post :amazon
-          post :google
-        end
-
         resources :projects, only: ['index', 'show', 'create', 'destroy'], param: :slug do
           scope module: :projects do
             resource :compose_file, only: ['show', 'create', 'destroy']

data/lib/uffizzi_core/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module UffizziCore
-  VERSION = '0.4.2'
+  VERSION = '0.6.1'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: uffizzi_core
 version: !ruby/object:Gem::Version
-  version: 0.4.2
+  version: 0.6.1
 platform: ruby
 authors:
 - Josh Thurman
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-08-10 00:00:00.000000000 Z
+date: 2022-08-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aasm
@@ -754,11 +754,9 @@ files:
 - app/jobs/uffizzi_core/activity_item/docker/update_digest_job.rb
 - app/jobs/uffizzi_core/application_job.rb
 - app/jobs/uffizzi_core/config_file/apply_job.rb
-- app/jobs/uffizzi_core/credential/docker_hub/create_webhook_job.rb
 - app/jobs/uffizzi_core/deployment/create_credential_job.rb
 - app/jobs/uffizzi_core/deployment/create_credentials_job.rb
 - app/jobs/uffizzi_core/deployment/create_job.rb
-- app/jobs/uffizzi_core/deployment/create_webhooks_job.rb
 - app/jobs/uffizzi_core/deployment/delete_credential_job.rb
 - app/jobs/uffizzi_core/deployment/delete_job.rb
 - app/jobs/uffizzi_core/deployment/deploy_containers_job.rb
@@ -920,7 +918,7 @@ files:
 - app/services/uffizzi_core/compose_file/parsers/services/healthcheck_parser_service.rb
 - app/services/uffizzi_core/compose_file/parsers/services/image_parser_service.rb
 - app/services/uffizzi_core/compose_file/parsers/services/secrets_parser_service.rb
-- app/services/uffizzi_core/compose_file/parsers/services/volumes_service.rb
+- app/services/uffizzi_core/compose_file/parsers/services/volumes_parser_service.rb
 - app/services/uffizzi_core/compose_file/parsers/services_parser_service.rb
 - app/services/uffizzi_core/compose_file/parsers/variables_parser_service.rb
 - app/services/uffizzi_core/compose_file/parsers/volumes_parser_service.rb

data/app/jobs/uffizzi_core/credential/docker_hub/create_webhook_job.rb

@@ -1,15 +0,0 @@
-# frozen_string_literal: true
-
-class UffizziCore::Credential::DockerHub::CreateWebhookJob < UffizziCore::ApplicationJob
-  sidekiq_options queue: :accounts, retry: 5
-
-  def perform(credential_id, image, deployment_id = nil)
-    if deployment_id.present?
-      Rails.logger.info("DEPLOYMENT_PROCESS deployment_id=#{deployment_id} DockerHub CreateWebhooksJob")
-    end
-
-    credential = UffizziCore::Credential.find(credential_id)
-
-    UffizziCore::DockerHubService.create_webhook(credential, image)
-  end
-end

data/app/jobs/uffizzi_core/deployment/create_webhooks_job.rb

@@ -1,13 +0,0 @@
-# frozen_string_literal: true
-
-class UffizziCore::Deployment::CreateWebhooksJob < UffizziCore::ApplicationJob
-  sidekiq_options queue: :deployments, retry: 5
-
-  def perform(id)
-    Rails.logger.info("DEPLOYMENT_PROCESS deployment_id=#{id} CreateWebhooksJob")
-
-    deployment = UffizziCore::Deployment.find(id)
-
-    UffizziCore::DeploymentService.create_webhooks(deployment)
-  end
-end