func (a *SAuth) signInWithCredentials() (*signinResponse, error) {
login := models.Login{
Identifier: a.Settings.Username,
Password: a.Settings.Password,
}
if a.Settings.Username == "" || a.Settings.Password == "" {
username, password, err := a.Prompts.UsernamePassword()
if err != nil {
return nil, err
}
login = models.Login{
Identifier: username,
Password: password,
}
}
b, err := json.Marshal(login)
if err != nil {
return nil, err
}
headers := httpclient.GetHeaders(a.Settings.SessionToken, a.Settings.Version, a.Settings.Pod, a.Settings.UsersID)
resp, statusCode, err := httpclient.Post(b, fmt.Sprintf("%s%s/auth/signin", a.Settings.AuthHost, a.Settings.AuthHostVersion), headers)
if err != nil {
return nil, err
}
signinResp := &signinResponse{}
return signinResp, httpclient.ConvertResp(resp, statusCode, signinResp)
}
func (f *SFiles) Create(svcID, filePath, name, mode string) (*models.ServiceFile, error) {
b, err := ioutil.ReadFile(filePath)
if err != nil {
return nil, err
}
sf := models.ServiceFile{
Contents: string(b),
GID: 0,
Mode: mode,
Name: name,
UID: 0,
EnableDownload: true,
}
body, err := json.Marshal(sf)
if err != nil {
return nil, err
}
headers := httpclient.GetHeaders(f.Settings.SessionToken, f.Settings.Version, f.Settings.Pod, f.Settings.UsersID)
resp, statusCode, err := httpclient.Post(body, fmt.Sprintf("%s%s/environments/%s/services/%s/files", f.Settings.PaasHost, f.Settings.PaasHostVersion, f.Settings.EnvironmentID, svcID), headers)
if err != nil {
return nil, err
}
var svcFile models.ServiceFile
err = httpclient.ConvertResp(resp, statusCode, &svcFile)
if err != nil {
return nil, err
}
return &svcFile, nil
}
// Set adds a new environment variables or updates the value of an existing
// environment variables. Any changes to environment variables will not take
// effect until the service is redeployed by pushing new code or via
// `catalyze redeploy`.
func (v *SVars) Set(svcID string, envVarsMap map[string]string) error {
b, err := json.Marshal(envVarsMap)
if err != nil {
return err
}
headers := httpclient.GetHeaders(v.Settings.SessionToken, v.Settings.Version, v.Settings.Pod, v.Settings.UsersID)
resp, statusCode, err := httpclient.Post(b, fmt.Sprintf("%s%s/environments/%s/services/%s/env", v.Settings.PaasHost, v.Settings.PaasHostVersion, v.Settings.EnvironmentID, svcID), headers)
if err != nil {
return err
}
return httpclient.ConvertResp(resp, statusCode, nil)
}
func (w *SWorker) Update(svcID string, workers *models.Workers) error {
b, err := json.Marshal(workers)
if err != nil {
return err
}
headers := httpclient.GetHeaders(w.Settings.SessionToken, w.Settings.Version, w.Settings.Pod, w.Settings.UsersID)
resp, statusCode, err := httpclient.Post(b, fmt.Sprintf("%s%s/environments/%s/services/%s/workers", w.Settings.PaasHost, w.Settings.PaasHostVersion, w.Settings.EnvironmentID, svcID), headers)
if err != nil {
return err
}
return httpclient.ConvertResp(resp, statusCode, nil)
}
func (a *SAuth) signInWithKey() (*signinResponse, error) {
body := struct {
PublicKey string `json:"publicKey"`
Signature string `json:"signature"`
}{}
bytes, err := ioutil.ReadFile(a.Settings.PrivateKeyPath)
if err != nil {
return nil, err
}
block, _ := pem.Decode(bytes)
if block == nil {
return nil, errors.New("Private key is not PEM-encoded")
}
bytes = block.Bytes
if x509.IsEncryptedPEMBlock(block) {
passphrase := a.Prompts.KeyPassphrase(a.Settings.PrivateKeyPath)
bytes, err = x509.DecryptPEMBlock(block, []byte(passphrase))
if err != nil {
return nil, err
}
}
privateKey, err := x509.ParsePKCS1PrivateKey(bytes)
if err != nil {
return nil, err
}
publicKey, err := ioutil.ReadFile(a.Settings.PrivateKeyPath + ".pub")
if err != nil {
return nil, err
}
body.PublicKey = string(publicKey)
headers := httpclient.GetHeaders(a.Settings.SessionToken, a.Settings.Version, a.Settings.Pod, a.Settings.UsersID)
message := fmt.Sprintf("%s&%s", headers["X-Request-Nonce"][0], headers["X-Request-Timestamp"][0])
hashedMessage := sha256.Sum256([]byte(message))
signature, err := privateKey.Sign(rand.Reader, hashedMessage[:], crypto.SHA256)
if err != nil {
return nil, err
}
body.Signature = base64.StdEncoding.EncodeToString(signature)
b, err := json.Marshal(body)
if err != nil {
return nil, err
}
resp, statusCode, err := httpclient.Post(b, fmt.Sprintf("%s%s/auth/signin/key", a.Settings.AuthHost, a.Settings.AuthHostVersion), headers)
if err != nil {
return nil, err
}
signinResp := &signinResponse{}
return signinResp, httpclient.ConvertResp(resp, statusCode, signinResp)
}
func (i *SInvites) Accept(inviteCode string) (string, error) {
headers := httpclient.GetHeaders(i.Settings.SessionToken, i.Settings.Version, i.Settings.Pod, i.Settings.UsersID)
resp, statusCode, err := httpclient.Post(nil, fmt.Sprintf("%s%s/orgs/accept-invite/%s", i.Settings.AuthHost, i.Settings.AuthHostVersion, inviteCode), headers)
if err != nil {
return "", err
}
var org map[string]string
err = httpclient.ConvertResp(resp, statusCode, &org)
if err != nil {
return "", err
}
return org["orgID"], nil
}
func (c *SConsole) RetrieveTokens(jobID string, service *models.Service) (*models.ConsoleCredentials, error) {
headers := httpclient.GetHeaders(c.Settings.SessionToken, c.Settings.Version, c.Settings.Pod, c.Settings.UsersID)
resp, statusCode, err := httpclient.Post(nil, fmt.Sprintf("%s%s/environments/%s/services/%s/jobs/%s/console-token", c.Settings.PaasHost, c.Settings.PaasHostVersion, c.Settings.EnvironmentID, service.ID, jobID), headers)
if err != nil {
return nil, err
}
var credentials models.ConsoleCredentials
err = httpclient.ConvertResp(resp, statusCode, &credentials)
if err != nil {
return nil, err
}
return &credentials, nil
}
// Backup creates a new backup
func (d *SDb) Backup(service *models.Service) (*models.Job, error) {
headers := httpclient.GetHeaders(d.Settings.SessionToken, d.Settings.Version, d.Settings.Pod, d.Settings.UsersID)
resp, statusCode, err := httpclient.Post(nil, fmt.Sprintf("%s%s/environments/%s/services/%s/backup", d.Settings.PaasHost, d.Settings.PaasHostVersion, d.Settings.EnvironmentID, service.ID), headers)
if err != nil {
return nil, err
}
var job models.Job
err = httpclient.ConvertResp(resp, statusCode, &job)
if err != nil {
return nil, err
}
return &job, nil
}
// Run executes a rake task. This is only applicable for ruby-based
// applications.
func (r *SRake) Run(taskName, svcID string) error {
rakeTask := map[string]string{
"command": taskName,
}
b, err := json.Marshal(rakeTask)
if err != nil {
return err
}
headers := httpclient.GetHeaders(r.Settings.SessionToken, r.Settings.Version, r.Settings.Pod, r.Settings.UsersID)
resp, statusCode, err := httpclient.Post(b, fmt.Sprintf("%s%s/environments/%s/services/%s/rake", r.Settings.PaasHost, r.Settings.PaasHostVersion, r.Settings.EnvironmentID, svcID), headers)
if err != nil {
return err
}
return httpclient.ConvertResp(resp, statusCode, nil)
}
// Send invites a user by email to the associated environment. They do
// not need a Dashboard account prior to inviting them, but they must have a
// Dashboard account in order to accept the invitation.
func (i *SInvites) Send(email string, role int) error {
inv := models.PostInvite{
Email: email,
Role: role,
LinkTemplate: fmt.Sprintf("%s/accept-invite?code={inviteCode}", i.Settings.AccountsHost),
}
b, err := json.Marshal(inv)
if err != nil {
return err
}
headers := httpclient.GetHeaders(i.Settings.SessionToken, i.Settings.Version, i.Settings.Pod, i.Settings.UsersID)
resp, statusCode, err := httpclient.Post(b, fmt.Sprintf("%s%s/orgs/%s/invites", i.Settings.AuthHost, i.Settings.AuthHostVersion, i.Settings.OrgID), headers)
if err != nil {
return err
}
return httpclient.ConvertResp(resp, statusCode, nil)
}
// Add adds a new public key to the authenticated user's account
func (d *SDeployKeys) Add(name, keyType, key, svcID string) error {
deployKey := models.DeployKey{
Key: key,
Name: name,
Type: keyType,
}
b, err := json.Marshal(deployKey)
if err != nil {
return err
}
headers := httpclient.GetHeaders(d.Settings.SessionToken, d.Settings.Version, d.Settings.Pod, d.Settings.UsersID)
resp, statusCode, err := httpclient.Post(b, fmt.Sprintf("%s%s/environments/%s/services/%s/ssh_keys", d.Settings.PaasHost, d.Settings.PaasHostVersion, d.Settings.EnvironmentID, svcID), headers)
if err != nil {
return err
}
return httpclient.ConvertResp(resp, statusCode, nil)
}
func (a *SAuth) mfaSignin(mfaID string, preferredMode string) (*models.User, error) {
token := a.Prompts.OTP(preferredMode)
headers := httpclient.GetHeaders(a.Settings.SessionToken, a.Settings.Version, a.Settings.Pod, a.Settings.UsersID)
b, err := json.Marshal(struct {
OTP string `json:"otp"`
}{OTP: token})
if err != nil {
return nil, err
}
resp, statusCode, err := httpclient.Post(b, fmt.Sprintf("%s%s/auth/signin/mfa/%s", a.Settings.AuthHost, a.Settings.AuthHostVersion, mfaID), headers)
user := &models.User{}
err = httpclient.ConvertResp(resp, statusCode, user)
if err != nil {
return nil, err
}
return user, err
}
func (c *SCerts) Create(hostname, pubKey, privKey, svcID string) error {
cert := models.Cert{
Name: hostname,
PubKey: pubKey,
PrivKey: privKey,
}
b, err := json.Marshal(cert)
if err != nil {
return err
}
headers := httpclient.GetHeaders(c.Settings.SessionToken, c.Settings.Version, c.Settings.Pod, c.Settings.UsersID)
resp, statusCode, err := httpclient.Post(b, fmt.Sprintf("%s%s/environments/%s/services/%s/certs", c.Settings.PaasHost, c.Settings.PaasHostVersion, c.Settings.EnvironmentID, svcID), headers)
if err != nil {
return err
}
return httpclient.ConvertResp(resp, statusCode, nil)
}
func (j *SJobs) Deploy(redeploy bool, releaseName, target, svcID string) error {
var params = []string{}
if releaseName != "" {
params = append(params, fmt.Sprintf("release=%s", releaseName))
}
if redeploy {
params = append(params, "redeploy=true")
}
if target != "" {
params = append(params, fmt.Sprintf("target=%s", target))
}
headers := httpclient.GetHeaders(j.Settings.SessionToken, j.Settings.Version, j.Settings.Pod, j.Settings.UsersID)
resp, statusCode, err := httpclient.Post(nil, fmt.Sprintf("%s%s/environments/%s/services/%s/deploy?%s", j.Settings.PaasHost, j.Settings.PaasHostVersion, j.Settings.EnvironmentID, svcID, strings.Join(params, "&")), headers)
if err != nil {
return err
}
return httpclient.ConvertResp(resp, statusCode, nil)
}
// Add adds a new public key to the authenticated user's account
func (k *SKeys) Add(name, publicKey string) error {
body, err := json.Marshal(models.UserKey{
Key: publicKey,
Name: name,
})
if err != nil {
return err
}
headers := httpclient.GetHeaders(k.Settings.SessionToken, k.Settings.Version, k.Settings.Pod, k.Settings.UsersID)
resp, status, err := httpclient.Post(body, fmt.Sprintf("%s%s/keys", k.Settings.AuthHost, k.Settings.AuthHostVersion), headers)
if err != nil {
return err
}
if httpclient.IsError(status) {
return httpclient.ConvertError(resp, status)
}
return nil
}
func (c *SConsole) Request(command string, service *models.Service) (*models.Job, error) {
console := map[string]string{}
if command != "" {
console["command"] = command
}
b, err := json.Marshal(console)
if err != nil {
return nil, err
}
headers := httpclient.GetHeaders(c.Settings.SessionToken, c.Settings.Version, c.Settings.Pod, c.Settings.UsersID)
resp, statusCode, err := httpclient.Post(b, fmt.Sprintf("%s%s/environments/%s/services/%s/console", c.Settings.PaasHost, c.Settings.PaasHostVersion, c.Settings.EnvironmentID, service.ID), headers)
if err != nil {
return nil, err
}
var job models.Job
err = httpclient.ConvertResp(resp, statusCode, &job)
if err != nil {
return nil, err
}
return &job, nil
}
func (s *SSites) Create(name, cert, upstreamServiceID, svcID string, siteValues map[string]interface{}) (*models.Site, error) {
site := models.Site{
Name: name,
Cert: cert,
UpstreamService: upstreamServiceID,
SiteValues: siteValues,
}
b, err := json.Marshal(site)
if err != nil {
return nil, err
}
headers := httpclient.GetHeaders(s.Settings.SessionToken, s.Settings.Version, s.Settings.Pod, s.Settings.UsersID)
resp, statusCode, err := httpclient.Post(b, fmt.Sprintf("%s%s/environments/%s/services/%s/sites", s.Settings.PaasHost, s.Settings.PaasHostVersion, s.Settings.EnvironmentID, svcID), headers)
if err != nil {
return nil, err
}
var createdSite models.Site
err = httpclient.ConvertResp(resp, statusCode, &createdSite)
if err != nil {
return nil, err
}
return &createdSite, nil
}
// Import imports data into a database service. The import is accomplished
// by encrypting the file locally, requesting a location that it can be uploaded
// to, then uploads the file. Once uploaded an automated service processes the
// file and acts according to the given parameters.
//
// The type of file that should be imported depends on the database. For
// PostgreSQL and MySQL, this should be a single `.sql` file. For Mongo, this
// should be a single tar'ed, gzipped archive (`.tar.gz`) of the database dump
// that you want to import.
func (d *SDb) Import(filePath, mongoCollection, mongoDatabase string, service *models.Service) (*models.Job, error) {
key := make([]byte, crypto.KeySize)
iv := make([]byte, crypto.IVSize)
rand.Read(key)
rand.Read(iv)
logrus.Println("Encrypting...")
encrFilePath, err := d.Crypto.EncryptFile(filePath, key, iv)
if err != nil {
return nil, err
}
defer os.Remove(encrFilePath)
options := map[string]string{}
if mongoCollection != "" {
options["databaseCollection"] = mongoCollection
}
if mongoDatabase != "" {
options["database"] = mongoDatabase
}
logrus.Println("Uploading...")
tempURL, err := d.TempUploadURL(service)
if err != nil {
return nil, err
}
encrFile, err := os.Open(encrFilePath)
if err != nil {
return nil, err
}
defer encrFile.Close()
u, err := url.Parse(tempURL.URL)
if err != nil {
return nil, err
}
svc := s3.New(session.New(&aws.Config{Region: aws.String("us-east-1"), Credentials: credentials.AnonymousCredentials}))
req, _ := svc.PutObjectRequest(&s3.PutObjectInput{
Bucket: aws.String(strings.Split(u.Host, ".")[0]),
Key: aws.String(strings.TrimLeft(u.Path, "/")),
Body: encrFile,
})
req.HTTPRequest.URL.RawQuery = u.RawQuery
err = req.Send()
if err != nil {
return nil, err
}
importParams := map[string]interface{}{}
for key, value := range options {
importParams[key] = value
}
importParams["filename"] = strings.TrimLeft(u.Path, "/")
importParams["encryptionKey"] = string(d.Crypto.Hex(key, crypto.KeySize*2))
importParams["encryptionIV"] = string(d.Crypto.Hex(iv, crypto.IVSize*2))
importParams["dropDatabase"] = false
b, err := json.Marshal(importParams)
if err != nil {
return nil, err
}
headers := httpclient.GetHeaders(d.Settings.SessionToken, d.Settings.Version, d.Settings.Pod, d.Settings.UsersID)
resp, statusCode, err := httpclient.Post(b, fmt.Sprintf("%s%s/environments/%s/services/%s/import", d.Settings.PaasHost, d.Settings.PaasHostVersion, d.Settings.EnvironmentID, service.ID), headers)
if err != nil {
return nil, err
}
var job models.Job
err = httpclient.ConvertResp(resp, statusCode, &job)
if err != nil {
return nil, err
}
return &job, nil
}
