Exemple #1
0
func deployableApps(u *auth.User, rolesCache map[string]*permission.Role) ([]string, error) {
	var perms []permission.Permission
	for _, roleData := range u.Roles {
		role := rolesCache[roleData.Name]
		if role == nil {
			foundRole, err := permission.FindRole(roleData.Name)
			if err != nil {
				return nil, err
			}
			role = &foundRole
			rolesCache[roleData.Name] = role
		}
		perms = append(perms, role.PermissionsFor(roleData.ContextValue)...)
	}
	contexts := permission.ContextsFromListForPermission(perms, permission.PermAppDeploy)
	if len(contexts) == 0 {
		return nil, nil
	}
	filter := appFilterByContext(contexts, nil)
	apps, err := app.List(filter)
	if err != nil {
		return nil, err
	}
	appNames := make([]string, len(apps))
	for i := range apps {
		appNames[i] = apps[i].GetName()
	}
	return appNames, nil
}
Exemple #2
0
func appList(w http.ResponseWriter, r *http.Request, t auth.Token) error {
	u, err := t.User()
	if err != nil {
		return err
	}
	extra := make([]interface{}, 0, 1)
	filter := &app.Filter{}
	if name := r.URL.Query().Get("name"); name != "" {
		extra = append(extra, fmt.Sprintf("name=%s", name))
		filter.NameMatches = name
	}
	if platform := r.URL.Query().Get("platform"); platform != "" {
		extra = append(extra, fmt.Sprintf("platform=%s", platform))
		filter.Platform = platform
	}
	if teamOwner := r.URL.Query().Get("teamOwner"); teamOwner != "" {
		extra = append(extra, fmt.Sprintf("teamowner=%s", teamOwner))
		filter.TeamOwner = teamOwner
	}
	if owner := r.URL.Query().Get("owner"); owner != "" {
		extra = append(extra, fmt.Sprintf("owner=%s", owner))
		filter.UserOwner = owner
	}
	if pool := r.URL.Query().Get("pool"); pool != "" {
		extra = append(extra, fmt.Sprintf("pool=%s", pool))
		filter.Pool = pool
	}
	locked, _ := strconv.ParseBool(r.URL.Query().Get("locked"))
	if locked {
		extra = append(extra, fmt.Sprintf("locked=%v", locked))
		filter.Locked = true
	}
	if status, ok := r.URL.Query()["status"]; ok {
		extra = append(extra, fmt.Sprintf("status=%s", strings.Join(status, ",")))
		filter.Statuses = status
	}
	rec.Log(u.Email, "app-list", extra...)
	contexts := permission.ContextsForPermission(t, permission.PermAppRead)
	if len(contexts) == 0 {
		w.WriteHeader(http.StatusNoContent)
		return nil
	}
	apps, err := app.List(appFilterByContext(contexts, filter))
	if err != nil {
		return err
	}
	if len(apps) == 0 {
		w.WriteHeader(http.StatusNoContent)
		return nil
	}
	w.Header().Set("Content-Type", "application/json")
	miniApps := make([]miniApp, len(apps))
	for i, app := range apps {
		miniApps[i], err = minifyApp(app)
		if err != nil {
			return err
		}
	}
	return json.NewEncoder(w).Encode(miniApps)
}
Exemple #3
0
func tryRestartAppsByFilter(filter *app.Filter, writer *tsuruIo.SimpleJsonMessageEncoderWriter) {
	apps, err := app.List(filter)
	if err != nil {
		writer.Encode(tsuruIo.SimpleJsonMessage{Error: err.Error()})
		return
	}
	if len(apps) == 0 {
		return
	}
	appNames := make([]string, len(apps))
	for i, a := range apps {
		appNames[i] = a.Name
	}
	sort.Strings(appNames)
	fmt.Fprintf(writer, "Restarting %d applications: [%s]\n", len(apps), strings.Join(appNames, ", "))
	wg := sync.WaitGroup{}
	for i := range apps {
		wg.Add(1)
		go func(i int) {
			defer wg.Done()
			a := apps[i]
			err := a.Restart("", writer)
			if err != nil {
				fmt.Fprintf(writer, "Error: unable to restart %s: %s\n", a.Name, err.Error())
			} else {
				fmt.Fprintf(writer, "App %s successfully restarted\n", a.Name)
			}
		}(i)
	}
	wg.Wait()
}
Exemple #4
0
func appList(w http.ResponseWriter, r *http.Request, t auth.Token) error {
	u, err := t.User()
	if err != nil {
		return err
	}
	name := r.URL.Query().Get("name")
	platform := r.URL.Query().Get("platform")
	teamOwner := r.URL.Query().Get("teamowner")
	owner := r.URL.Query().Get("owner")
	pool := r.URL.Query().Get("pool")
	locked, _ := strconv.ParseBool(r.URL.Query().Get("locked"))
	extra := make([]interface{}, 0, 1)
	filter := &app.Filter{}
	if name != "" {
		extra = append(extra, fmt.Sprintf("name=%s", name))
		filter.Name = name
	}
	if platform != "" {
		extra = append(extra, fmt.Sprintf("platform=%s", platform))
		filter.Platform = platform
	}
	if teamOwner != "" {
		extra = append(extra, fmt.Sprintf("teamowner=%s", teamOwner))
		filter.TeamOwner = teamOwner
	}
	if owner != "" {
		extra = append(extra, fmt.Sprintf("owner=%s", owner))
		filter.UserOwner = owner
	}
	if pool != "" {
		extra = append(extra, fmt.Sprintf("pool=%s", pool))
		filter.Pool = pool
	}
	if locked {
		extra = append(extra, fmt.Sprintf("locked=%v", locked))
		filter.Locked = true
	}
	rec.Log(u.Email, "app-list", extra...)
	apps, err := app.List(u, filter)
	if err != nil {
		return err
	}
	if len(apps) == 0 {
		w.WriteHeader(http.StatusNoContent)
		return nil
	}
	w.Header().Set("Content-Type", "application/json")
	miniApps := make([]miniApp, len(apps))
	for i, app := range apps {
		miniApps[i], err = minifyApp(app)
		if err != nil {
			return err
		}
	}
	return json.NewEncoder(w).Encode(miniApps)
}
Exemple #5
0
func appList(w http.ResponseWriter, r *http.Request, t *auth.Token) error {
	u, err := t.User()
	if err != nil {
		return err
	}
	rec.Log(u.Email, "app-list")
	apps, err := app.List(u)
	if err != nil {
		return err
	}
	if len(apps) == 0 {
		w.WriteHeader(http.StatusNoContent)
		return nil
	}
	return json.NewEncoder(w).Encode(apps)
}
Exemple #6
0
func MigrateImages() error {
	registry, _ := config.GetString("docker:registry")
	if registry != "" {
		registry += "/"
	}
	repoNamespace, err := config.GetString("docker:repository-namespace")
	if err != nil {
		return err
	}
	apps, err := app.List(nil)
	if err != nil {
		return err
	}
	dcluster := mainDockerProvisioner.Cluster()
	for _, app := range apps {
		oldImage := registry + repoNamespace + "/" + app.GetName()
		newImage := registry + repoNamespace + "/app-" + app.GetName()
		containers, _ := mainDockerProvisioner.ListContainers(bson.M{"image": newImage, "appname": app.GetName()})
		if len(containers) > 0 {
			continue
		}
		opts := docker.TagImageOptions{Repo: newImage, Force: true}
		err = dcluster.TagImage(oldImage, opts)
		var baseErr error
		if nodeErr, ok := err.(cluster.DockerNodeError); ok {
			baseErr = nodeErr.BaseError()
		}
		if err != nil {
			if err == storage.ErrNoSuchImage || baseErr == docker.ErrNoSuchImage {
				continue
			}
			return err
		}
		if registry != "" {
			pushOpts := docker.PushImageOptions{Name: newImage, InactivityTimeout: net.StreamInactivityTimeout, RawJSONStream: true}
			err = dcluster.PushImage(pushOpts, mainDockerProvisioner.RegistryAuthConfig())
			if err != nil {
				return err
			}
		}
		err = mainDockerProvisioner.updateContainers(bson.M{"appname": app.GetName()}, bson.M{"$set": bson.M{"image": newImage}})
		if err != nil {
			return err
		}
	}
	return nil
}
Exemple #7
0
// title: app list
// path: /apps
// method: GET
// produce: application/json
// responses:
//   200: List apps
//   204: No content
//   401: Unauthorized
func appList(w http.ResponseWriter, r *http.Request, t auth.Token) error {
	filter := &app.Filter{}
	if name := r.URL.Query().Get("name"); name != "" {
		filter.NameMatches = name
	}
	if platform := r.URL.Query().Get("platform"); platform != "" {
		filter.Platform = platform
	}
	if teamOwner := r.URL.Query().Get("teamOwner"); teamOwner != "" {
		filter.TeamOwner = teamOwner
	}
	if owner := r.URL.Query().Get("owner"); owner != "" {
		filter.UserOwner = owner
	}
	if pool := r.URL.Query().Get("pool"); pool != "" {
		filter.Pool = pool
	}
	locked, _ := strconv.ParseBool(r.URL.Query().Get("locked"))
	if locked {
		filter.Locked = true
	}
	if status, ok := r.URL.Query()["status"]; ok {
		filter.Statuses = status
	}
	contexts := permission.ContextsForPermission(t, permission.PermAppRead)
	if len(contexts) == 0 {
		w.WriteHeader(http.StatusNoContent)
		return nil
	}
	apps, err := app.List(appFilterByContext(contexts, filter))
	if err != nil {
		return err
	}
	if len(apps) == 0 {
		w.WriteHeader(http.StatusNoContent)
		return nil
	}
	w.Header().Set("Content-Type", "application/json")
	miniApps := make([]miniApp, len(apps))
	for i, app := range apps {
		miniApps[i], err = minifyApp(app)
		if err != nil {
			return err
		}
	}
	return json.NewEncoder(w).Encode(miniApps)
}
Exemple #8
0
func Sync(w io.Writer) error {
	var m gandalfManager
	users, err := auth.ListUsers()
	if err != nil {
		return err
	}
	for _, user := range users {
		fmt.Fprintf(w, "Syncing user %q... ", user.Email)
		err = m.CreateUser(user.Email)
		switch err {
		case repository.ErrUserAlreadyExists:
			fmt.Fprintln(w, "already present in Gandalf")
		case nil:
			fmt.Fprintln(w, "OK")
		default:
			return err
		}
	}
	apps, err := app.List(nil, nil)
	if err != nil {
		return err
	}
	for _, app := range apps {
		var users []string
		for _, team := range app.GetTeams() {
			users = append(users, team.Users...)
		}
		fmt.Fprintf(w, "Syncing app %q... ", app.Name)
		err = m.CreateRepository(app.Name, users)
		switch err {
		case repository.ErrRepositoryAlreadExists:
			fmt.Fprintln(w, "already present in Gandalf")
		case nil:
			fmt.Fprintln(w, "OK")
		default:
			return err
		}
		for _, user := range users {
			m.GrantAccess(app.Name, user)
		}
	}
	return nil
}
Exemple #9
0
func deployableApps(u *auth.User) ([]string, error) {
	perms, err := u.Permissions()
	if err != nil {
		return nil, err
	}
	contexts := permission.ContextsFromListForPermission(perms, permission.PermAppDeploy)
	if len(contexts) == 0 {
		return nil, nil
	}
	filter := appFilterByContext(contexts, nil)
	apps, err := app.List(filter)
	if err != nil {
		return nil, err
	}
	appNames := make([]string, len(apps))
	for i := range apps {
		appNames[i] = apps[i].Name
	}
	return appNames, nil
}
Exemple #10
0
func Sync(w io.Writer) error {
	var m gandalfManager
	users, err := auth.ListUsers()
	if err != nil {
		return err
	}
	for _, user := range users {
		fmt.Fprintf(w, "Syncing user %q... ", user.Email)
		err = m.CreateUser(user.Email)
		switch err {
		case repository.ErrUserAlreadyExists:
			fmt.Fprintln(w, "already present in Gandalf")
		case nil:
			fmt.Fprintln(w, "OK")
		default:
			return err
		}
	}
	apps, err := app.List(nil)
	if err != nil {
		return err
	}
	for _, app := range apps {
		allowedPerms := []permission.Permission{
			{
				Scheme:  permission.PermAppDeploy,
				Context: permission.Context(permission.CtxGlobal, ""),
			},
			{
				Scheme:  permission.PermAppDeploy,
				Context: permission.Context(permission.CtxPool, app.Pool),
			},
		}
		for _, t := range app.GetTeams() {
			allowedPerms = append(allowedPerms, permission.Permission{
				Scheme:  permission.PermAppDeploy,
				Context: permission.Context(permission.CtxTeam, t.Name),
			})
		}
		users, err := auth.ListUsersWithPermissions(allowedPerms...)
		if err != nil {
			return err
		}
		userNames := make([]string, len(users))
		for i := range users {
			userNames[i] = users[i].Email
		}
		fmt.Fprintf(w, "Syncing app %q... ", app.Name)
		err = m.CreateRepository(app.Name, userNames)
		switch err {
		case repository.ErrRepositoryAlreadExists:
			fmt.Fprintln(w, "already present in Gandalf")
		case nil:
			fmt.Fprintln(w, "OK")
		default:
			return err
		}
		for _, user := range userNames {
			m.GrantAccess(app.Name, user)
		}
	}
	return nil
}