k2hr3-api 1.0.7 → 1.0.10

package/ChangeLog

@@ -1,3 +1,21 @@
+k2hr3-api (1.0.10) unstable; urgency=low
+
+  * Bumpup version number for npm package
+
+ -- Takeshi Nakatani <ggtakec@gmail.com>  Mon, 13 Jun 2022 15:36:23 +0900
+
+k2hr3-api (1.0.9) unstable; urgency=low
+
+  * Bumpup version number for npm package
+
+ -- Takeshi Nakatani <ggtakec@gmail.com>  Mon, 13 Jun 2022 13:58:05 +0900
+
+k2hr3-api (1.0.8) unstable; urgency=low
+
+  * Added some host information for adding to Role member - #56
+
+ -- Takeshi Nakatani <ggtakec@gmail.com>  Mon, 13 Jun 2022 09:52:47 +0900
+
 k2hr3-api (1.0.7) unstable; urgency=low
 
   * Bumpup version number for npm package

package/lib/basicipcheck.js

@@ -34,13 +34,15 @@ var r3logger	= require('./dbglogging');
 //---------------------------------------------------------
 // ipdata:		IP address information
 //				{
-//					ip:		ip,			-> ip address string
-//					cuk:	cuk,		-> cuk string					(not use)
-//					port:	port,		-> port number or *				(not use)
-//					extra:	string		-> 'openstack-auto-v1' or etc	(not use)
-//					tag:	string		-> null or string				(not use)
-//					key:	string		-> this ip address yrn full path(not use)
-//					alive: 	boolean		-> true or false
+//					ip:			ip,		-> ip address string
+//					cuk:		cuk,	-> cuk string					(not use)
+//					port:		port,	-> port number or *				(not use)
+//					extra:		string	-> 'openstack-auto-v1' or etc	(not use)
+//					tag:		string	-> null or string				(not use)
+//					inboundip:	ip,		-> inbound ip address			(not use)
+//					outboundip:	ip,		-> outbound ip address			(not use)
+//					key:		string	-> this ip address yrn full path(not use)
+//					alive: 		boolean	-> true or false
 //				}
 //
 function checkAddressAliveByPing(ipdata, chkipconfig, callback)
@@ -103,13 +105,15 @@ function checkAddressAliveByPing(ipdata, chkipconfig, callback)
 //---------------------------------------------------------
 // ipdata:		IP address information
 //				{
-//					ip:		ip,			-> ip address string
-//					cuk:	cuk,		-> cuk string					(not use)
-//					port:	port,		-> port number or *				(not use)
-//					extra:	string		-> 'openstack-auto-v1' or etc	(not use)
-//					tag:	string		-> null or string				(not use)
-//					key:	string		-> this ip address yrn full path(not use)
-//					alive: 	boolean		-> true or false
+//					ip:			ip,		-> ip address string
+//					cuk:		cuk,	-> cuk string					(not use)
+//					port:		port,	-> port number or *				(not use)
+//					extra:		string	-> 'openstack-auto-v1' or etc	(not use)
+//					tag:		string	-> null or string				(not use)
+//					inboundip:	ip,		-> inbound ip address			(not use)
+//					outboundip:	ip,		-> outbound ip address			(not use)
+//					key:		string	-> this ip address yrn full path(not use)
+//					alive: 		boolean	-> true or false
 //				}
 //
 function checkAddressAlive(ipdata, chkipconfig, callback)
@@ -199,6 +203,8 @@ function checkAddressAlive(ipdata, chkipconfig, callback)
 //					cuk:			<string>,			-> cuk string								(not use)
 //					port:			<number or *>,		-> port number or *							(not use)
 //					extra:			<string>,			-> 'openstack-auto-v1' or etc				(not use)
+//					inboundip:		<string>,			-> inbound ip address						(not use)
+//					outboundip:		<string>,			-> outbound ip address						(not use)
 //					tag:			<string>,			-> null or string							(not use)
 //					key:			<string>,			-> this ip address yrn full path			(not use)
 //					alive: 			<boolean>			-> true or false
@@ -286,6 +292,8 @@ function checkAddressesAliveParallel(ipdatas, start, chkipconfig, callback)
 //					port:			<number or *>,		-> port number or *							(not use)
 //					extra:			<string>,			-> 'openstack-auto-v1' or etc				(not use)
 //					tag:			<string>,			-> null or string							(not use)
+//					inboundip:		<string>,			-> inbound ip address						(not use)
+//					outboundip:		<string>,			-> outbound ip address						(not use)
 //					key:			<string>,			-> this ip address yrn full path			(not use)
 //					alive: 			<boolean>			-> true or false
 //				}, ...]

package/lib/k2hr3dkc.js

@@ -99,6 +99,8 @@ var	is_allow_dummy_tenant = !(apiConf.isConfirmTenantForService());
 //									cuk:		container unique key(or null/undefined)
 //									extra:		string(or null/undefined)
 //									tag:		string(or null/undefined)
+//									inboundip:	ip address string(or null/undefined)
+//									outboundip:	ip address string(or null/undefined)
 //								  }
 //					(3) array	= [ object, object, ...]
 //
@@ -111,6 +113,8 @@ var	is_allow_dummy_tenant = !(apiConf.isConfirmTenantForService());
 //							cuk:		"any string"		(if not specify, the value is null or undefined)
 //							extra:		"explain, etc"		(if not specify, the value is null or undefined)
 //							tag:		"tag string"		(if not specify, the value is null or undefined)
+//							inboundip:	"192.168.1.1"		(if not specify, the value is null or undefined)
+//							outboundip:	"192.168.1.1"		(if not specify, the value is null or undefined)
 //						},
 //						....
 //					]
@@ -143,6 +147,8 @@ function getSafeHosts(input_info)
 				result	= result.concat(tmp);
 			}
 		}else{
+			var	host_info;
+
 			// A case of object
 			if(apiutil.isSafeString(input_info.ip) && apiutil.isIpAddressString(input_info.ip)){
 				ipaddr	= input_info.ip;
@@ -162,13 +168,24 @@ function getSafeHosts(input_info)
 			if(apiutil.isSafeString(input_info.tag)){
 				tag		= input_info.tag;
 			}
+
 			// add to array(if hostname and ip address is existed, push two array)
 			if(apiutil.isSafeString(ipaddr)){
-				result.push({ip: ipaddr, hostname: null, port: portnum, cuk: cuk, extra: extra, tag: tag});
+				host_info = {ip: ipaddr, hostname: null, port: portnum, cuk: cuk, extra: extra, tag: tag};
 			}
 			if(apiutil.isSafeString(hostname)){
-				result.push({ip: null, hostname: hostname, port: portnum, cuk: cuk, extra: extra, tag: tag});
+				host_info = {ip: null, hostname: hostname, port: portnum, cuk: cuk, extra: extra, tag: tag};
+			}
+
+			// optional keys
+			if(apiutil.isSafeString(input_info.inboundip) && apiutil.isIpAddressString(input_info.inboundip)){
+				host_info.inboundip = input_info.inboundip;
+			}
+			if(apiutil.isSafeString(input_info.outboundip) && apiutil.isIpAddressString(input_info.outboundip)){
+				host_info.outboundip = input_info.outboundip;
 			}
+
+			result.push(host_info);
 		}
 	}else{
 		// A case of one host name(or ip address)
@@ -2900,6 +2917,8 @@ function rawRemoveComprehensionByNewTenants(user, tenant_list)
 //								cuk:		"any string"		(if not specify, the value is null or undefined)
 //								extra:		"explain, etc"		(if not specify, the value is null or undefined)
 //								tag:		"tag string"		(if not specify, the value is null or undefined)
+//								inboundip:	"192.168.1.1"		(if not specify, the value is null or undefined)
+//								outboundip:	"192.168.1.1"		(if not specify, the value is null or undefined)
 //							}
 //
 // [NOTE]				:	if parent role key does not have this role key, set role key
@@ -3667,11 +3686,11 @@ function rawRemoveRoleSubkeyParentKey(dkcobj_permanent, current_key, role_top_ke
 //				aliases:	array								<--- only not expand
 //				hosts: {										<--- only not expand
 //					'hostnames': [								hostname array or empty array
-//						<hostname> <port> <cuk> <extra> <tag>,	(if any port, port is *)
+//						<hostname> <port> <cuk> <extra> <tag> <inboundip> <outboundip>,		(if any port, port is *)
 //						...
 //					],
 //					'ips': [									ip address array or empty array
-//						<ip address> <port> <cuk> <extra> <tag>,(if any port, port is *)
+//						<ip address> <port> <cuk> <extra> <tag> <inboundip> <outboundip>,	(if any port, port is *)
 //						...
 //					]
 //				}
@@ -3732,11 +3751,11 @@ function rawGetRole(role, is_expand)
 //					aliases:	array								<--- only not expand
 //					hosts: {										<--- only not expand
 //						'hostnames': [								hostname array or empty array
-//							<hostname> <port> <cuk> <extra> <tag>,	(if any port, port is *)
+//							<hostname> <port> <cuk> <extra> <tag> <inboundip> <outboundip>,		(if any port, port is *)
 //							...
 //						],
 //						'ips': [									ip address array or empty array
-//							<ip address> <port> <cuk> <extra> <tag>,(if any port, port is *)
+//							<ip address> <port> <cuk> <extra> <tag> <inboundip> <outboundip>,	(if any port, port is *)
 //							...
 //						]
 //					}
@@ -3870,6 +3889,8 @@ function rawGetRoles(dkcobj_permanent, role, roledata, is_expand, checked_roles,
 // cuk				:	container unique key(undefined, null means any)
 // extra			:	extra data
 // tag				:	tag data
+// inboundip		:	inbound ip address(optional)
+// outboundip		:	outbound ip address(optional)
 //
 // [NOTE]
 // Please specify either hostname or ip.
@@ -3879,7 +3900,7 @@ function rawGetRoles(dkcobj_permanent, role, roledata, is_expand, checked_roles,
 // the host is added to tenant role under service.
 // The service name can be allowed undefined and null.
 //
-function rawAddHost(tenant, role, service, hostname, ip, port, cuk, extra, tag)
+function rawAddHost(tenant, role, service, hostname, ip, port, cuk, extra, tag, inboundip, outboundip)
 {
 	var	resobj = {result: true, message: null};
 
@@ -3917,6 +3938,26 @@ function rawAddHost(tenant, role, service, hostname, ip, port, cuk, extra, tag)
 	}else{
 		service			= null;
 	}
+	if(apiutil.isSafeString(inboundip)){
+		if(!apiutil.isIpAddressString(inboundip)){
+			resobj.result	= false;
+			resobj.message	= 'inbound ip address is not ignore ip address string: ' + inboundip;
+			r3logger.elog(resobj.message);
+			return resobj;
+		}
+	}else{
+		inboundip		= null;
+	}
+	if(apiutil.isSafeString(outboundip)){
+		if(!apiutil.isIpAddressString(outboundip)){
+			resobj.result	= false;
+			resobj.message	= 'outbound ip address is not ignore ip address string: ' + outboundip;
+			r3logger.elog(resobj.message);
+			return resobj;
+		}
+	}else{
+		outboundip		= null;
+	}
 
 	// check role name is only name or full yrn path
 	var	keys		= r3keys(null, tenant, service);
@@ -4011,6 +4052,14 @@ function rawAddHost(tenant, role, service, hostname, ip, port, cuk, extra, tag)
 						tag:		apiutil.getSafeString(tag)
 					  };
 			/* eslint-enable indent, no-mixed-spaces-and-tabs */
+
+			// add optional keys
+			if(apiutil.isSafeString(inboundip)){
+				onehost.inboundip = inboundip;
+			}
+			if(apiutil.isSafeString(outboundip)){
+				onehost.outboundip = outboundip;
+			}
 			hostarr.push(onehost);
 		}
 	}
@@ -4026,6 +4075,14 @@ function rawAddHost(tenant, role, service, hostname, ip, port, cuk, extra, tag)
 						tag:		apiutil.getSafeString(tag)
 					  };
 			/* eslint-enable indent, no-mixed-spaces-and-tabs */
+
+			// add optional keys
+			if(apiutil.isSafeString(inboundip)){
+				onehost.inboundip = inboundip;
+			}
+			if(apiutil.isSafeString(outboundip)){
+				onehost.outboundip = outboundip;
+			}
 			hostarr.push(onehost);
 		}
 	}
@@ -4064,6 +4121,8 @@ function rawAddHost(tenant, role, service, hostname, ip, port, cuk, extra, tag)
 //							cuk:		"any string"		(if not specify, the value is null or undefined)
 //							extra:		"explain, etc"		(if not specify, the value is null or undefined)
 //							tag:		"tag string"		(if not specify, the value is null or undefined)
+//							inboundip:	"192.168.1.1"		(if not specify, the value is null or undefined)
+//							outboundip:	"192.168.1.1"		(if not specify, the value is null or undefined)
 //						}
 //
 // [NOTE]
@@ -5300,13 +5359,15 @@ function rawRemoveIpsByCuk(cuk, host, remove_under_role)
 //		error:						-> null or Error object(if error)
 //		data: [						-> data array includes ip address etc
 //			{
-//				ip:		ip,			-> ip address string
-//				port:	port,		-> port number or *
-//				cuk:	cuk,		-> cuk string
-//				extra:	string		-> 'openstack-auto-v1' or 'k8s-auto-v1'
-//				tag:	string		-> tag string
-//				key:	string		-> this ip address yrn full path
-//				alive: 	true		-> always true
+//				ip:			ip,		-> ip address string
+//				port:		port,	-> port number or *
+//				cuk:		cuk,	-> cuk string
+//				extra:		string,	-> 'openstack-auto-v1' or 'k8s-auto-v1'
+//				tag:		string,	-> tag string
+//				inboundip:	ip,		-> inbound ip address
+//				outboundip:	ip,		-> outbound ip address
+//				key:		string,	-> this ip address yrn full path
+//				alive: 		true	-> always true
 //			},
 //			.
 //			.
@@ -5412,6 +5473,14 @@ function rawGetAllIpDatasByCuk(extra)
 			host_info.key	= cuk_subkeys[cnt2];
 			host_info.alive	= true;
 
+			// Add optional keys
+			if(!apiutil.isSafeString(ipvalue.inboundip) && apiutil.isIpAddressString(ipvalue.inboundip)){
+				host_info.inboundip = apiutil.getSafeString(ipvalue.inboundip);
+			}
+			if(!apiutil.isSafeString(ipvalue.outboundip) && apiutil.isIpAddressString(ipvalue.outboundip)){
+				host_info.outboundip = apiutil.getSafeString(ipvalue.outboundip);
+			}
+
 			if(!is_openstack){
 				host_info[keys.K8S_NAMESPACE_INCUK_KEY]		= apiutil.getSafeString(ipvalue[keys.K8S_NAMESPACE_INCUK_KEY]);
 				host_info[keys.K8S_SA_INCUK_KEY]			= apiutil.getSafeString(ipvalue[keys.K8S_SA_INCUK_KEY]);
@@ -5608,13 +5677,16 @@ function rawRemoveIpAddressWithCuk(ipdatas, pendingsec, logger)
 //	[
 //		{
 //			'host_normal':	'<hostname(ip)>{:<port>}'						if any port, port value is empty
-//			'host_all':		'<hostname(ip)> <port> <cuk> <extra> <tag>'		if any port, port is *
+//			'host_all':		'<hostname(ip)> <port> <cuk> <extra> <tag> <inboundip> <outboundip>'
+//																			if any port, port is *
 //			'detail_key':	'<hostname(ip)>,<port>,<cuk>'					if any port, port is 0
 //			'detail':		{
 //								'host':					<string>			hostanme or IP address string
 //								'port':					<number>			port number(if any, set 0)
 //								'extra':				<string>			'k8s-auto-v1' or 'openstack-auto-v1' or undefined(if it does not exist)
 //								'tag':					<string>			tag string            (or undefined if it does not exist)
+//								'inboundip':			<string>			inbound ip address    (or undefined if it does not exist)
+//								'outboundip':			<string>			outbound ip address   (or undefined if it does not exist)
 //								'cuk':					<string>			cuk string            (or undefined if it does not exist)
 //								'k8s_namespace':        <string>			namespace on k8s      (or undefined unless registering from k8s)
 //								'k8s_service_account':  <string>			service account on k8s(or undefined unless registering from k8s)
@@ -5681,12 +5753,14 @@ function rawGetRoleHostListsEx(dkcobj_permanent, keylist, is_hostname)
 				r3logger.wlog('could not get key(' + JSON.stringify(keylist[cnt]) + ') value, so skip this.');
 				continue;
 			}
-			detailval			= JSON.parse(detailval);
-			var	detail_host		= (is_hostname ? (apiutil.isSafeString(detailval.hostname) ? detailval.hostname : null) : (apiutil.isSafeString(detailval.ip) ? detailval.ip : null));
-			var	detail_port		= (rawIsPortAny(detailval.port) ? 0 : parseInt(detailval.port));
-			var	detail_cuk		= (apiutil.isSafeString(detailval.cuk) ? detailval.cuk : null);
-			var	detail_extra	= (apiutil.isSafeString(detailval.extra) ? detailval.extra : null);
-			var	detail_tag		= (apiutil.isSafeString(detailval.tag) ? detailval.tag : null);
+			detailval				= JSON.parse(detailval);
+			var	detail_host			= (is_hostname ? (apiutil.isSafeString(detailval.hostname) ? detailval.hostname : null) : (apiutil.isSafeString(detailval.ip) ? detailval.ip : null));
+			var	detail_port			= (rawIsPortAny(detailval.port) ? 0 : parseInt(detailval.port));
+			var	detail_cuk			= (apiutil.isSafeString(detailval.cuk) ? detailval.cuk : null);
+			var	detail_extra		= (apiutil.isSafeString(detailval.extra) ? detailval.extra : null);
+			var	detail_tag			= (apiutil.isSafeString(detailval.tag) ? detailval.tag : null);
+			var	detail_inboundip	= (apiutil.isSafeString(detailval.inboundip) && apiutil.isIpAddressString(detailval.inboundip) ? detailval.inboundip : null);
+			var	detail_outboundip	= (apiutil.isSafeString(detailval.outboundip) && apiutil.isIpAddressString(detailval.outboundip) ? detailval.outboundip : null);
 
 			// check the consistency of both values
 			if(host !== detail_host || port !== detail_port || cuk !== detail_cuk){
@@ -5711,10 +5785,17 @@ function rawGetRoleHostListsEx(dkcobj_permanent, keylist, is_hostname)
 				if(apiutil.isSafeString(detailval[keys.K8S_CONTAINERID_INCUK_KEY])){k8s_details[keys.K8S_CONTAINERID_INCUK_KEY]	= detailval[keys.K8S_CONTAINERID_INCUK_KEY];}
 			}
 
+			// make parts of host_all
+			var	host_all_ext	= (null === detail_outboundip	? '' : detail_outboundip);
+			host_all_ext		= (null === detail_inboundip	? '' : detail_inboundip)	+ keys.VALUE_HOST_SEP + host_all_ext;
+			host_all_ext		= (null === detail_tag			? '' : detail_tag)			+ keys.VALUE_HOST_SEP + host_all_ext.trimEnd();
+			host_all_ext		= (null === extra				? '' : extra)				+ keys.VALUE_HOST_SEP + host_all_ext.trimEnd();
+			host_all_ext		= host_all_ext.trim();
+
 			// make one result object
 			var	onehost			= {};
 			onehost.host_normal	= host + (is_any_port ? '' : (keys.VALUE_HOST_REGSEP + String(port)));
-			onehost.host_all	= host + keys.VALUE_HOST_SEP + (is_any_port ? keys.VALUE_ANY_PORT : String(port)) + keys.VALUE_HOST_SEP + (null === cuk ? '' : cuk) + (null === extra ? (null === detail_tag ? '' : keys.VALUE_HOST_SEP) : (keys.VALUE_HOST_SEP + extra)) + (null === detail_tag ? '' : (keys.VALUE_HOST_SEP + detail_tag));
+			onehost.host_all	= host + keys.VALUE_HOST_SEP + (is_any_port ? keys.VALUE_ANY_PORT : String(port)) + keys.VALUE_HOST_SEP + (null === cuk ? '' : cuk) + (apiutil.isSafeString(host_all_ext) ? (keys.VALUE_HOST_SEP + host_all_ext) : '');
 			onehost.detail_key	= host + keys.VALUE_HOST_DETAILSEP + (is_any_port ? '0' : String(port)) + keys.VALUE_HOST_DETAILSEP + (null === cuk ? '' : cuk);
 			onehost.detail		= k8s_details;
 			onehost.detail.host	= host;
@@ -5723,6 +5804,13 @@ function rawGetRoleHostListsEx(dkcobj_permanent, keylist, is_hostname)
 			onehost.detail.tag	= detail_tag;
 			onehost.detail.cuk	= cuk;
 
+			if(apiutil.isSafeString(detail_inboundip)){
+				onehost.detail.inboundip = detail_inboundip;
+			}
+			if(apiutil.isSafeString(detail_outboundip)){
+				onehost.detail.outboundip = detail_outboundip;
+			}
+
 			// add result
 			resultarr.push(onehost);
 		}
@@ -5755,11 +5843,11 @@ function rawGetRoleHostListsEx(dkcobj_permanent, keylist, is_hostname)
 //		},
 //		'all': {									all information
 //			'hostnames': [								hostname array or empty array
-//				'<hostname> <port> <cuk> <extra>',		(if any port, port is *)
+//				'<hostname> <port> <cuk> <extra> <tag> <inboundip> <outboundip>',		(if any port, port is *)
 //				...
 //			],
 //			'ips': [									ip address array or empty array
-//				'<ip address> <port> <cuk> <extra>',	(if any port, port is *)
+//				'<ip address> <port> <cuk> <extra> <tag> <inboundip> <outboundip>',		(if any port, port is *)
 //				...
 //			]
 //		},
@@ -5771,6 +5859,8 @@ function rawGetRoleHostListsEx(dkcobj_permanent, keylist, is_hostname)
 //					'extra':				<string>			'k8s-auto-v1' or 'openstack-auto-v1' or undefined(if it does not exist)
 //					'tag':					<string>			tag string            (or undefined if it does not exist)
 //					'cuk':					<string>			cuk string            (or undefined if it does not exist)
+//					'inboundip':			<string>			inbound ip address    (or undefined if it does not exist)
+//					'outboundip':			<string>			outbound ip address   (or undefined if it does not exist)
 //					'k8s_namespace':        <string>			namespace on k8s      (or undefined unless registering from k8s)
 //					'k8s_service_account':  <string>			service account on k8s(or undefined unless registering from k8s)
 //					'k8s_node_name':        <string>			node name on k8s      (or undefined unless registering from k8s)
@@ -5972,6 +6062,8 @@ function rawGetRoleHostLists(dkcobj_permanent, role_key, is_expand, base_role_to
 //												port:		port
 //												cuk:		cuk
 //												extra:		extra
+//												inboundip:	inbound ip address
+//												outboundip:	outbound ip address
 //												tag:		tag
 //											},
 //											...
@@ -6091,6 +6183,8 @@ function rawFindHost(tenant, service, role, hostname, ip, port, cuk, is_strict)
 //								cuk:		container unique key
 //								extra:		extra
 //								tag:		tag
+//								inboundip:	inbound ip address
+//								outboundip:	outbound ip address
 //							},
 //							...
 //						]
@@ -6232,6 +6326,8 @@ function rawFindRoleHost(dkcobj_permanent, role_key, hostname, ip, port, cuk, is
 //							cuk:		container unique key
 //							extra:		extra
 //							tag:		tag
+//							inboundip:	inbound ip address
+//							outboundip:	outbound ip address
 //						},
 //						...
 //					]
@@ -6319,6 +6415,14 @@ function rawMatchHost(dkcobj_permanent, key_array, target, port, cuk, is_strict)
 		hostobj.tag			= apiutil.isSafeString(host_value.tag)						? host_value.tag		: null;
 		hostobj.hostname	= apiutil.isSafeString(host_value.hostname)					? host_value.hostname	: null;
 		hostobj.ip			= apiutil.isSafeString(host_value.ip)						? host_value.ip			: null;
+
+		if(apiutil.isSafeString(host_value.inboundip) && apiutil.isIpAddressString(host_value.inboundip)){
+			hostobj.inboundip = host_value.inboundip;
+		}
+		if(apiutil.isSafeString(host_value.outboundip) && apiutil.isIpAddressString(host_value.outboundip)){
+			hostobj.outboundip = host_value.outboundip;
+		}
+
 		var	host_or_ip		= apiutil.isSafeString(matches[4])							? matches[4]			: null;
 
 		// check in target
@@ -10982,11 +11086,11 @@ exports.clearRoleAlias = function(user, tenant, role)
 //				aliases:	array								<--- only not expand
 //				hosts: {										<--- only not expand
 //					'hostnames': [								hostname array or empty array
-//						<hostname> <port> <cuk> <extra> <tag>,	(if any port, port is *)
+//						<hostname> <port> <cuk> <extra> <tag> <inboundip> <outboundip>,		(if any port, port is *)
 //						...
 //					],
 //					'ips': [									ip address array or empty array
-//						<ip address> <port> <cuk> <extra> <tag>,(if any port, port is *)
+//						<ip address> <port> <cuk> <extra> <tag> <inboundip> <outboundip>,	(if any port, port is *)
 //						...
 //					]
 //				}
@@ -11002,13 +11106,13 @@ exports.getRole = function(role, is_expand)
 	return rawGetRole(role, is_expand);
 };
 
-exports.addHost = function(tenant, role, hostname, ip, port, cuk, extra, tag)
+exports.addHost = function(tenant, role, hostname, ip, port, cuk, extra, tag, inboundip, outboundip)
 {
 	// [NOTE]
 	// Now do not set hosts to role under service.
 	// But if need to set hosts to it, you can set role as full yrn role path.
 	//
-	return rawAddHost(tenant, role, null, hostname, ip, port, cuk, extra, tag);
+	return rawAddHost(tenant, role, null, hostname, ip, port, cuk, extra, tag, inboundip, outboundip);
 };
 
 exports.removeHost = function(tenant, role, target, tg_port, tg_cuk, req_ip, req_port, req_cuk)

package/package.json

@@ -1,15 +1,15 @@
 {
   "name": "k2hr3-api",
-  "version": "1.0.7",
+  "version": "1.0.10",
   "dependencies": {
-    "@kubernetes/client-node": "^0.15.1",
-    "body-parser": "^1.19.0",
-    "config": "^3.3.6",
-    "cookie-parser": "~1.4.5",
+    "@kubernetes/client-node": "^0.16.3",
+    "body-parser": "^1.20.0",
+    "config": "^3.3.7",
+    "cookie-parser": "~1.4.6",
     "dateformat": "^4.6.3",
-    "debug": "~4.3.2",
-    "express": "^4.17.1",
-    "jose": "^3.19.0",
+    "debug": "~4.3.4",
+    "express": "^4.18.1",
+    "jose": "^4.8.1",
     "k2hdkc": "^1.0.2",
     "morgan": "~1.10.0",
     "rotating-file-stream": "^2.1.6"
@@ -28,10 +28,10 @@
     "test": "test"
   },
   "devDependencies": {
-    "chai": "^4.3.4",
+    "chai": "^4.3.6",
     "chai-http": "^4.3.0",
-    "eslint": "^7.32.0",
-    "mocha": "^9.1.3",
+    "eslint": "^8.17.0",
+    "mocha": "^10.0.0",
     "nyc": "^15.1.0",
     "publish-please": "^5.5.2"
   },

package/routes/role.js

@@ -560,6 +560,10 @@ function putRole(req, res, next)										// eslint-disable-line no-unused-vars
 //																extra is any string including Control code, allowed null and '' for  this value.
 //			"tag":			<string data>					=>	key is "yrn:yahoo:<service>::<tenant>:role:<role>/hosts/..."
 //																tag is any string including Control code, allowed null and '' for  this value.
+//			"inboundip":	<ip address>					=>	key is "yrn:yahoo:<service>::<tenant>:role:<role>/hosts/..."
+//																inboundip is set ip address string. if you do not use proxy/gateway/bridge/etc, you do not need to set this key.
+//			"outboundip":	<ip address>					=>	key is "yrn:yahoo:<service>::<tenant>:role:<role>/hosts/..."
+//																outboundip is set ip address string. if you do not use proxy/gateway/bridge/etc, you do not need to set this key.
 //		}
 //		"clear_hostname":	<true/false>
 //		"clear_ips":		<true/false>
@@ -568,11 +572,13 @@ function putRole(req, res, next)										// eslint-disable-line no-unused-vars
 //	{
 //		"host":	[											=>	specified host as Array(only POST request has this type)
 //			{
-//				"host":		<hostname / ip address>
-//				"port":		<port number>
-//				"cuk":		<container unique key>
-//				"extra":	<extra string data>
-//				"tag":		<string data>
+//				"host":			<hostname / ip address>
+//				"port":			<port number>
+//				"cuk":			<container unique key>
+//				"extra":		<extra string data>
+//				"tag":			<string data>
+//				"inboundip":	<ip address>
+//				"outboundip":	<ip address>
 //			}
 //			...
 //		]
@@ -592,6 +598,10 @@ function putRole(req, res, next)										// eslint-disable-line no-unused-vars
 //																extra is any string including Control code, allowed null and '' for  this value.
 //			"tag":			<string data>					=>	key is "yrn:yahoo:<service>::<tenant>:role:<role>/hosts/..."
 //																tag is any string including Control code, allowed null and '' for  this value.
+//			"inboundip":	<ip address>					=>	key is "yrn:yahoo:<service>::<tenant>:role:<role>/hosts/..."
+//																inboundip is set ip address string. if you do not use proxy/gateway/bridge/etc, you do not need to set this key.
+//			"outboundip":	<ip address>					=>	key is "yrn:yahoo:<service>::<tenant>:role:<role>/hosts/..."
+//																outboundip is set ip address string. if you do not use proxy/gateway/bridge/etc, you do not need to set this key.
 //		}
 //	}
 //
@@ -671,6 +681,7 @@ function postRoleHost(role, req, res, next)								// eslint-disable-line no-unu
 	var	cuk;
 	var	extra;
 	var	tag;
+	var	host_info;
 	if(!is_host_req){
 		//
 		// request from user token
@@ -745,25 +756,63 @@ function postRoleHost(role, req, res, next)								// eslint-disable-line no-unu
 				tag = apiutil.getSafeString(hostArray[cnt].tag);
 			}
 
-			// set to array
+			// set base host information
 			if(null !== tg_host){
-				hostnameArray.push({
+				host_info = {
 					ip:			null,
 					hostname:	tg_host,
 					port:		port,
 					cuk:		cuk,
 					extra:		extra,
 					tag:		tag
-				});
+				};
 			}else{	// null !== tg_ip
-				ipArray.push({
+				host_info = {
 					ip:			tg_ip,
 					hostname:	null,
 					port:		port, 
 					cuk:		cuk,
 					extra:		extra,
 					tag:		tag
-				});
+				};
+			}
+
+			// set optional keys
+			if(apiutil.isSafeString(hostArray[cnt].inboundip)){
+				if(!apiutil.isIpAddressString(hostArray[cnt].inboundip)){
+					/* eslint-disable indent, no-mixed-spaces-and-tabs */
+					result = {
+								result: 	false,
+								message:	'POST request has inbound ip address which is not ignore ip address string: ' + JSON.stringify(hostArray[cnt].inboundip)
+							 };
+					/* eslint-enable indent, no-mixed-spaces-and-tabs */
+					r3logger.elog(result.message);
+					resutil.errResponse(req, res, 400, result);				// 400: Bad Request
+					return;
+				}
+				host_info.inboundip = apiutil.getSafeString(hostArray[cnt].inboundip);
+			}
+
+			if(apiutil.isSafeString(hostArray[cnt].outboundip)){
+				if(!apiutil.isIpAddressString(hostArray[cnt].outboundip)){
+					/* eslint-disable indent, no-mixed-spaces-and-tabs */
+					result = {
+								result: 	false,
+								message:	'POST request has outbound ip address which is not ignore ip address string: ' + JSON.stringify(hostArray[cnt].outboundip)
+							 };
+					/* eslint-enable indent, no-mixed-spaces-and-tabs */
+					r3logger.elog(result.message);
+					resutil.errResponse(req, res, 400, result);				// 400: Bad Request
+					return;
+				}
+				host_info.outboundip = apiutil.getSafeString(hostArray[cnt].outboundip);
+			}
+
+			// push array
+			if(null !== tg_host){
+				hostnameArray.push(host_info);
+			}else{	// null !== tg_ip
+				ipArray.push(host_info);
 			}
 		}
 		if(apiutil.isEmptyArray(hostnameArray)){
@@ -849,10 +898,44 @@ function postRoleHost(role, req, res, next)								// eslint-disable-line no-unu
 			}
 		}
 
+		// inboundip(optional)
+		var	inboundip = null;
+		if(apiutil.isSafeString(req.body.host.inboundip)){
+			if(!apiutil.isIpAddressString(req.body.host.inboundip)){
+				/* eslint-disable indent, no-mixed-spaces-and-tabs */
+				result = {
+							result: 	false,
+							message:	'POST request has inbound ip address which is not ignore ip address string: ' + JSON.stringify(req.body.host.inboundip)
+						 };
+				/* eslint-enable indent, no-mixed-spaces-and-tabs */
+				r3logger.elog(result.message);
+				resutil.errResponse(req, res, 400, result);				// 400: Bad Request
+				return;
+			}
+			inboundip = apiutil.getSafeString(req.body.host.inboundip);
+		}
+
+		// outboundip(optional)
+		var	outboundip = null;
+		if(apiutil.isSafeString(req.body.host.outboundip)){
+			if(!apiutil.isIpAddressString(req.body.host.outboundip)){
+				/* eslint-disable indent, no-mixed-spaces-and-tabs */
+				result = {
+							result: 	false,
+							message:	'POST request has outbound ip address which is not ignore ip address string: ' + JSON.stringify(req.body.host.outboundip)
+						 };
+				/* eslint-enable indent, no-mixed-spaces-and-tabs */
+				r3logger.elog(result.message);
+				resutil.errResponse(req, res, 400, result);				// 400: Bad Request
+				return;
+			}
+			outboundip = apiutil.getSafeString(req.body.host.outboundip);
+		}
+
 		//
 		// Add ip address ---> Role Token or User Token
 		//
-		result = k2hr3.addHost(token_info.tenant, name, null, ip, port, cuk, extra, tag);
+		result = k2hr3.addHost(token_info.tenant, name, null, ip, port, cuk, extra, tag, inboundip, outboundip);
 	}
 
 	//------------------------------
@@ -905,6 +988,10 @@ function postRoleHost(role, req, res, next)								// eslint-disable-line no-unu
 //	"tag":			<string data>					=>	key is "yrn:yahoo:<service>::<tenant>:role:<role>/hosts/..."
 //														This value must be encoded by JSON.
 //														tag is any string including Control code, allowed null and '' for  this value.
+//	"inboundip":	<ip address>					=>	key is "yrn:yahoo:<service>::<tenant>:role:<role>/hosts/..."
+//														inboundip is set ip address string. if you do not use proxy/gateway/bridge/etc, you do not need to set this key.
+//	"outboundip":	<ip address>					=>	key is "yrn:yahoo:<service>::<tenant>:role:<role>/hosts/..."
+//														outboundip is set ip address string. if you do not use proxy/gateway/bridge/etc, you do not need to set this key.
 //
 // [RoleToken] url argument
 //	"port":			<port number>					=>	key is "yrn:yahoo:<service>::<tenant>:role:<role>/hosts/ip/<ip port cuk>"
@@ -918,6 +1005,10 @@ function postRoleHost(role, req, res, next)								// eslint-disable-line no-unu
 //	"tag":			<string data>					=>	key is "yrn:yahoo:<service>::<tenant>:role:<role>/hosts/..."
 //														This value must be encoded by JSON.
 //														tag is any string including Control code, allowed null and '' for  this value.
+//	"inboundip":	<ip address>					=>	key is "yrn:yahoo:<service>::<tenant>:role:<role>/hosts/..."
+//														inboundip is set ip address string. if you do not use proxy/gateway/bridge/etc, you do not need to set this key.
+//	"outboundip":	<ip address>					=>	key is "yrn:yahoo:<service>::<tenant>:role:<role>/hosts/..."
+//														outboundip is set ip address string. if you do not use proxy/gateway/bridge/etc, you do not need to set this key.
 //
 // [NOTE]
 // This API only set(add/create) host into role. Ether hostname or ip address must be specified.
@@ -1079,9 +1170,45 @@ function putRoleHost(role, req, res, next)								// eslint-disable-line no-unus
 		tag		= null;
 	}
 
-	// make host information
+	// make base host information
 	var	host_info = { ip: ip, hostname: hostname, port: port, cuk: cuk, extra: extra, tag: tag };
 
+	// set inboundip(optional)
+	var inboundip = null;
+	if(apiutil.isSafeString(req.query.inboundip)){
+		if(!apiutil.isIpAddressString(req.query.inboundip)){
+			/* eslint-disable indent, no-mixed-spaces-and-tabs */
+			result = {
+						result: 	false,
+						message:	'PUT request has inbound ip address which is not ignore ip address string: ' + JSON.stringify(req.query.inboundip)
+					 };
+			/* eslint-enable indent, no-mixed-spaces-and-tabs */
+			r3logger.elog(result.message);
+			resutil.errResponse(req, res, 400, result);				// 400: Bad Request
+			return;
+		}
+		inboundip			= apiutil.getSafeString(req.query.inboundip);
+		host_info.inboundip	= inboundip;
+	}
+
+	// set outboundip(optional)
+	var outboundip = null;
+	if(apiutil.isSafeString(req.query.outboundip)){
+		if(!apiutil.isIpAddressString(req.query.outboundip)){
+			/* eslint-disable indent, no-mixed-spaces-and-tabs */
+			result = {
+						result: 	false,
+						message:	'PUT request has outbound ip address which is not ignore ip address string: ' + JSON.stringify(req.query.outboundip)
+					 };
+			/* eslint-enable indent, no-mixed-spaces-and-tabs */
+			r3logger.elog(result.message);
+			resutil.errResponse(req, res, 400, result);				// 400: Bad Request
+			return;
+		}
+		outboundip			= apiutil.getSafeString(req.query.outboundip);
+		host_info.outboundip= outboundip;
+	}
+
 	//------------------------------
 	// add host to role
 	//------------------------------
@@ -1094,7 +1221,7 @@ function putRoleHost(role, req, res, next)								// eslint-disable-line no-unus
 		}
 	}else{
 		// Add ip address ---> Role Token or User Token
-		result = k2hr3.addHost(token_info.tenant, name, null, ip, port, cuk, extra, tag);
+		result = k2hr3.addHost(token_info.tenant, name, null, ip, port, cuk, extra, tag, inboundip, outboundip);
 	}
 	if(!apiutil.isSafeEntity(result) || !apiutil.isSafeEntity(result.result) || false === result.result){
 		if(!apiutil.isSafeEntity(result)){

package/test/manual_role_postput.js

@@ -146,7 +146,7 @@ function postV1Role(method, token, name, policies, alias)
 	req.end();
 }
 
-function postV1RoleHost(method, is_user_token, token, name, target_host, port, cuk, extra, tag)
+function postV1RoleHost(method, is_user_token, token, name, target_host, port, cuk, extra, tag, inboundip, outboundip)
 {
 	/* eslint-disable indent, no-mixed-spaces-and-tabs */
 	var	strbody		= '';
@@ -172,6 +172,13 @@ function postV1RoleHost(method, is_user_token, token, name, target_host, port, c
 		host_info.extra				= extra;
 		host_info.tag				= tag;
 
+		if(apiutil.isSafeString(inboundip)){		// not need to check ip address
+			host_info.inboundip		= inboundip;
+		}
+		if(apiutil.isSafeString(outboundip)){		// not need to check ip address
+			host_info.outboundip	= outboundip;
+		}
+
 		var	body					= {	'host': host_info };
 
 		strbody						= JSON.stringify(body);
@@ -208,6 +215,17 @@ function postV1RoleHost(method, is_user_token, token, name, target_host, port, c
 			urlarg		+= JSON.stringify(tag);				// if tag is existing, it includes control codes, so it is converted to JSON.
 			already_set	= true;
 		}
+		if(apiutil.isSafeString(inboundip)){				// not need to check ip address
+			urlarg		+= already_set ? '&inboundip=' : '?inboundip=';
+			urlarg		+= inboundip;
+			already_set	= true;
+		}
+		if(apiutil.isSafeString(outboundip)){				// not need to check ip address
+			urlarg		+= already_set ? '&outboundip=' : '?outboundip=';
+			urlarg		+= outboundip;
+			already_set	= true;
+		}
+
 		headers['Content-Length']	= 0;
 		options.headers				= headers;
 		options.path				= '/v1/role/' + name + encodeURI(urlarg);
@@ -425,25 +443,51 @@ function inputHostType(method)
 									_tag = tag;
 								}
 
-								if(!_is_user_token){
-									// run
-									postV1RoleHost(_method, _is_user_token, _token, _name, null, _port, _cuk, _extra, _tag);
-								}else{
-
-									cliutil.getConsoleInput('     Host(specify hostname or ip address)             : ', true, false, function(isbreak, target_host)
+								cliutil.getConsoleInput('     Inbound IP address - null or string              : ', true, false, function(isbreak, inbound)
+								{
+									if(isbreak){
+										process.exit(0);
+									}
+									var	_inbound;
+									if('' === apiutil.getSafeString(inbound) || apiutil.compareCaseString('null', apiutil.getSafeString(inbound))){
+										_inbound = null;
+									}else{
+										_inbound = inbound;
+									}
+
+									cliutil.getConsoleInput('     Outbound IP address - null or string             : ', true, false, function(isbreak, outbound)
 									{
 										if(isbreak){
 											process.exit(0);
 										}
-										if(!apiutil.isSafeString(target_host)){
-											process.exit(0);
+										var	_outbound;
+										if('' === apiutil.getSafeString(outbound) || apiutil.compareCaseString('null', apiutil.getSafeString(outbound))){
+											_outbound = null;
+										}else{
+											_outbound = outbound;
 										}
-										var	_target_host = target_host;
 
-										// run
-										postV1RoleHost(_method, _is_user_token, _token, _name, _target_host, _port, _cuk, _extra, _tag);
+										if(!_is_user_token){
+											// run
+											postV1RoleHost(_method, _is_user_token, _token, _name, null, _port, _cuk, _extra, _tag, _inbound, _outbound);
+										}else{
+
+											cliutil.getConsoleInput('     Host(specify hostname or ip address)             : ', true, false, function(isbreak, target_host)
+											{
+												if(isbreak){
+													process.exit(0);
+												}
+												if(!apiutil.isSafeString(target_host)){
+													process.exit(0);
+												}
+												var	_target_host = target_host;
+
+												// run
+												postV1RoleHost(_method, _is_user_token, _token, _name, _target_host, _port, _cuk, _extra, _tag, _inbound, _outbound);
+											});
+										}
 									});
-								}
+								});
 							});
 						});
 					});