uffizzi_core 2.2.25 → 2.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 70847fae8bc28249be5879f8496e7436e05079077dc23ad53394d08676158be6
-  data.tar.gz: 2ac3e45d651e069f5e11b69b022efa285c5f0c0f176fb5a17c0bc58c3d4dad88
+  metadata.gz: 065d0c7c4ecaca71f48ed176e3a433a379908220e7923be4604165d2d6760fe7
+  data.tar.gz: e79876e64df2b71896f0a34e40a7c1caf06b788914171a40e35b5feda33674d2
 SHA512:
-  metadata.gz: c128f0afe2384d0763597a9bbc3977748282a454a7d6396680b6f6642f00aa3b6ea32ee0d6c1125846338fec29e8ec02a0bf135d16943a3a2f3ff1f7caf5e797
-  data.tar.gz: 8a0877404587daa608bb636f6500c03578d711ab7cb8e58db97ed9cb663114374cef6f8a619f6dbc9a5c0c0ac3fe4478bf559f53df1c3b6f266d3820f7661f3c
+  metadata.gz: 1415234d2f29321aae904e5467a41108b44f5beb8291e6510a60dc58f72597a535e00a0a1a98d6208844717b7ca0b2c53fe6560a163983583a7ab60cc382d4dc
+  data.tar.gz: c1aea1bd41f011ad430ddd2c5af76d48518a2e4f099cb33615a4f81462a6cfee7777eeb80fef4607263cc403ed93580142db0166779002aa8272910da3d39f0d

data/app/clients/uffizzi_core/controller_client.rb

@@ -82,6 +82,10 @@ class UffizziCore::ControllerClient
     patch("/namespaces/#{namespace}/cluster/#{name}", body)
   end
 
+  def ingresses(namespace:)
+    get("/namespaces/#{namespace}/ingresses")
+  end
+
   private
 
   def get(url, params = {})

data/app/contexts/uffizzi_core/project/cluster_context.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+class UffizziCore::Project::ClusterContext
+  attr_reader :user, :user_access_module, :project, :cluster, :params
+
+  def initialize(user, project, user_access_module, cluster, params)
+    @user = user
+    @user_access_module = user_access_module
+    @project = project
+    @cluster = cluster
+    @params = params
+  end
+end

data/app/controllers/uffizzi_core/api/cli/v1/projects/clusters/application_controller.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::Projects::Clusters::ApplicationController < UffizziCore::Api::Cli::V1::Projects::ApplicationController
+  def resource_cluster
+    @resource_cluster ||= if request_by_admin? || valid_request_from_ci_workflow?
+      active_project_clusters.find_by!(name: params[:cluster_name])
+    else
+      active_project_clusters.deployed_by_user(current_user).find_by!(name: params[:cluster_name])
+    end
+  end
+
+  private
+
+  def active_project_clusters
+    @active_project_clusters ||= resource_project.clusters.enabled
+  end
+
+  def request_by_admin?
+    current_user.admin_access_to_project?(resource_project)
+  end
+
+  def valid_request_from_ci_workflow?
+    ci_module.valid_request_from_ci_workflow?(params)
+  end
+
+  def policy_context
+    UffizziCore::Project::ClusterContext.new(current_user, resource_project, user_access_module, resource_cluster, params)
+  end
+end

data/app/controllers/uffizzi_core/api/cli/v1/projects/clusters/ingresses_controller.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::Projects::Clusters::IngressesController <
+  UffizziCore::Api::Cli::V1::Projects::Clusters::ApplicationController
+  before_action :authorize_uffizzi_core_api_cli_v1_projects_clusters_ingresses
+
+  def index
+    hosts = UffizziCore::ControllerService.ingress_hosts(resource_cluster)
+    user_hosts = UffizziCore::ClusterService.filter_user_ingress_host(resource_cluster, hosts)
+
+    data = {
+      ingresses: user_hosts,
+    }
+
+    respond_with data
+  end
+end

data/app/lib/uffizzi_core/rbac/user_access_service.rb

@@ -21,5 +21,9 @@ module UffizziCore::Rbac::UserAccessService
     def any_access_to_project?(_user, _project)
       true
     end
+
+    def admin_access_to_project?(_user, _project)
+      true
+    end
   end
 end

data/app/policies/uffizzi_core/api/cli/v1/projects/clusters/ingresses_policy.rb

@@ -0,0 +1,9 @@
+# frozen_string_literal: true
+
+class UffizziCore::Api::Cli::V1::Projects::Clusters::IngressesPolicy < UffizziCore::ApplicationPolicy
+  def index?
+    return true if context.user_access_module.admin_access_to_project?(context.user, context.project)
+
+    context.cluster.deployed_by_id == context.user.id
+  end
+end

data/app/services/uffizzi_core/cluster_service.rb

@@ -68,6 +68,10 @@ class UffizziCore::ClusterService
       UffizziCore::Cluster::ManageDeployingJob.perform_in(5.seconds, cluster.id, ++try)
     end
 
+    def filter_user_ingress_host(cluster, ingress_hosts)
+      ingress_hosts.reject { |h| h == cluster.host }
+    end
+
     private
 
     def awake?(cluster)

data/app/services/uffizzi_core/controller_service.rb

@@ -117,6 +117,16 @@ class UffizziCore::ControllerService
       controller_client(cluster).patch_cluster(name: cluster.name, namespace: cluster.namespace, body: body)
     end
 
+    def ingress_hosts(cluster)
+      namespace = cluster.namespace
+
+      ingresses = controller_client(cluster).ingresses(namespace: namespace).result.items
+
+      ingresses.map do |ingress|
+        ingress.spec.rules.map(&:host)
+      end.flatten
+    end
+
     private
 
     def check_any_container_has_public_port(containers)

data/config/routes.rb

@@ -15,6 +15,9 @@ UffizziCore::Engine.routes.draw do
                 put :scale_down
                 put :scale_up
               end
+              scope module: :clusters do
+                resources :ingresses, only: ['index']
+              end
             end
             resources :deployments, only: ['index', 'show', 'create', 'destroy', 'update'] do
               post :deploy_containers, on: :member

data/lib/uffizzi_core/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module UffizziCore
-  VERSION = '2.2.25'
+  VERSION = '2.3.0'
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: uffizzi_core
 version: !ruby/object:Gem::Version
-  version: 2.2.25
+  version: 2.3.0
 platform: ruby
 authors:
 - Josh Thurman
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-10-19 00:00:00.000000000 Z
+date: 2023-10-30 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aasm
@@ -774,6 +774,7 @@ files:
 - app/clients/uffizzi_core/google_registry_client/request_result.rb
 - app/contexts/uffizzi_core/account_context.rb
 - app/contexts/uffizzi_core/base_context.rb
+- app/contexts/uffizzi_core/project/cluster_context.rb
 - app/contexts/uffizzi_core/project_context.rb
 - app/contexts/uffizzi_core/webhooks_context.rb
 - app/controller_modules/uffizzi_core/api/cli/v1/projects/clusters_controller_module.rb
@@ -791,6 +792,8 @@ files:
 - app/controllers/uffizzi_core/api/cli/v1/ci/application_controller.rb
 - app/controllers/uffizzi_core/api/cli/v1/ci/sessions_controller.rb
 - app/controllers/uffizzi_core/api/cli/v1/projects/application_controller.rb
+- app/controllers/uffizzi_core/api/cli/v1/projects/clusters/application_controller.rb
+- app/controllers/uffizzi_core/api/cli/v1/projects/clusters/ingresses_controller.rb
 - app/controllers/uffizzi_core/api/cli/v1/projects/clusters_controller.rb
 - app/controllers/uffizzi_core/api/cli/v1/projects/compose_files_controller.rb
 - app/controllers/uffizzi_core/api/cli/v1/projects/deployments/activity_items_controller.rb
@@ -936,6 +939,7 @@ files:
 - app/policies/uffizzi_core/api/cli/v1/accounts/credentials_policy.rb
 - app/policies/uffizzi_core/api/cli/v1/accounts/projects_policy.rb
 - app/policies/uffizzi_core/api/cli/v1/accounts_policy.rb
+- app/policies/uffizzi_core/api/cli/v1/projects/clusters/ingresses_policy.rb
 - app/policies/uffizzi_core/api/cli/v1/projects/clusters_policy.rb
 - app/policies/uffizzi_core/api/cli/v1/projects/compose_files_policy.rb
 - app/policies/uffizzi_core/api/cli/v1/projects/deployments/activity_items_policy.rb