func deployableApps(u *auth.User, rolesCache map[string]*permission.Role) ([]string, error) {
var perms []permission.Permission
for _, roleData := range u.Roles {
role := rolesCache[roleData.Name]
if role == nil {
foundRole, err := permission.FindRole(roleData.Name)
if err != nil {
return nil, err
}
role = &foundRole
rolesCache[roleData.Name] = role
}
perms = append(perms, role.PermissionsFor(roleData.ContextValue)...)
}
contexts := permission.ContextsFromListForPermission(perms, permission.PermAppDeploy)
if len(contexts) == 0 {
return nil, nil
}
filter := appFilterByContext(contexts, nil)
apps, err := app.List(filter)
if err != nil {
return nil, err
}
appNames := make([]string, len(apps))
for i := range apps {
appNames[i] = apps[i].GetName()
}
return appNames, nil
}
func appList(w http.ResponseWriter, r *http.Request, t auth.Token) error {
u, err := t.User()
if err != nil {
return err
}
extra := make([]interface{}, 0, 1)
filter := &app.Filter{}
if name := r.URL.Query().Get("name"); name != "" {
extra = append(extra, fmt.Sprintf("name=%s", name))
filter.NameMatches = name
}
if platform := r.URL.Query().Get("platform"); platform != "" {
extra = append(extra, fmt.Sprintf("platform=%s", platform))
filter.Platform = platform
}
if teamOwner := r.URL.Query().Get("teamOwner"); teamOwner != "" {
extra = append(extra, fmt.Sprintf("teamowner=%s", teamOwner))
filter.TeamOwner = teamOwner
}
if owner := r.URL.Query().Get("owner"); owner != "" {
extra = append(extra, fmt.Sprintf("owner=%s", owner))
filter.UserOwner = owner
}
if pool := r.URL.Query().Get("pool"); pool != "" {
extra = append(extra, fmt.Sprintf("pool=%s", pool))
filter.Pool = pool
}
locked, _ := strconv.ParseBool(r.URL.Query().Get("locked"))
if locked {
extra = append(extra, fmt.Sprintf("locked=%v", locked))
filter.Locked = true
}
if status, ok := r.URL.Query()["status"]; ok {
extra = append(extra, fmt.Sprintf("status=%s", strings.Join(status, ",")))
filter.Statuses = status
}
rec.Log(u.Email, "app-list", extra...)
contexts := permission.ContextsForPermission(t, permission.PermAppRead)
if len(contexts) == 0 {
w.WriteHeader(http.StatusNoContent)
return nil
}
apps, err := app.List(appFilterByContext(contexts, filter))
if err != nil {
return err
}
if len(apps) == 0 {
w.WriteHeader(http.StatusNoContent)
return nil
}
w.Header().Set("Content-Type", "application/json")
miniApps := make([]miniApp, len(apps))
for i, app := range apps {
miniApps[i], err = minifyApp(app)
if err != nil {
return err
}
}
return json.NewEncoder(w).Encode(miniApps)
}
func tryRestartAppsByFilter(filter *app.Filter, writer *tsuruIo.SimpleJsonMessageEncoderWriter) {
apps, err := app.List(filter)
if err != nil {
writer.Encode(tsuruIo.SimpleJsonMessage{Error: err.Error()})
return
}
if len(apps) == 0 {
return
}
appNames := make([]string, len(apps))
for i, a := range apps {
appNames[i] = a.Name
}
sort.Strings(appNames)
fmt.Fprintf(writer, "Restarting %d applications: [%s]\n", len(apps), strings.Join(appNames, ", "))
wg := sync.WaitGroup{}
for i := range apps {
wg.Add(1)
go func(i int) {
defer wg.Done()
a := apps[i]
err := a.Restart("", writer)
if err != nil {
fmt.Fprintf(writer, "Error: unable to restart %s: %s\n", a.Name, err.Error())
} else {
fmt.Fprintf(writer, "App %s successfully restarted\n", a.Name)
}
}(i)
}
wg.Wait()
}
func appList(w http.ResponseWriter, r *http.Request, t auth.Token) error {
u, err := t.User()
if err != nil {
return err
}
name := r.URL.Query().Get("name")
platform := r.URL.Query().Get("platform")
teamOwner := r.URL.Query().Get("teamowner")
owner := r.URL.Query().Get("owner")
pool := r.URL.Query().Get("pool")
locked, _ := strconv.ParseBool(r.URL.Query().Get("locked"))
extra := make([]interface{}, 0, 1)
filter := &app.Filter{}
if name != "" {
extra = append(extra, fmt.Sprintf("name=%s", name))
filter.Name = name
}
if platform != "" {
extra = append(extra, fmt.Sprintf("platform=%s", platform))
filter.Platform = platform
}
if teamOwner != "" {
extra = append(extra, fmt.Sprintf("teamowner=%s", teamOwner))
filter.TeamOwner = teamOwner
}
if owner != "" {
extra = append(extra, fmt.Sprintf("owner=%s", owner))
filter.UserOwner = owner
}
if pool != "" {
extra = append(extra, fmt.Sprintf("pool=%s", pool))
filter.Pool = pool
}
if locked {
extra = append(extra, fmt.Sprintf("locked=%v", locked))
filter.Locked = true
}
rec.Log(u.Email, "app-list", extra...)
apps, err := app.List(u, filter)
if err != nil {
return err
}
if len(apps) == 0 {
w.WriteHeader(http.StatusNoContent)
return nil
}
w.Header().Set("Content-Type", "application/json")
miniApps := make([]miniApp, len(apps))
for i, app := range apps {
miniApps[i], err = minifyApp(app)
if err != nil {
return err
}
}
return json.NewEncoder(w).Encode(miniApps)
}
func appList(w http.ResponseWriter, r *http.Request, t *auth.Token) error {
u, err := t.User()
if err != nil {
return err
}
rec.Log(u.Email, "app-list")
apps, err := app.List(u)
if err != nil {
return err
}
if len(apps) == 0 {
w.WriteHeader(http.StatusNoContent)
return nil
}
return json.NewEncoder(w).Encode(apps)
}
func MigrateImages() error {
registry, _ := config.GetString("docker:registry")
if registry != "" {
registry += "/"
}
repoNamespace, err := config.GetString("docker:repository-namespace")
if err != nil {
return err
}
apps, err := app.List(nil)
if err != nil {
return err
}
dcluster := mainDockerProvisioner.Cluster()
for _, app := range apps {
oldImage := registry + repoNamespace + "/" + app.GetName()
newImage := registry + repoNamespace + "/app-" + app.GetName()
containers, _ := mainDockerProvisioner.ListContainers(bson.M{"image": newImage, "appname": app.GetName()})
if len(containers) > 0 {
continue
}
opts := docker.TagImageOptions{Repo: newImage, Force: true}
err = dcluster.TagImage(oldImage, opts)
var baseErr error
if nodeErr, ok := err.(cluster.DockerNodeError); ok {
baseErr = nodeErr.BaseError()
}
if err != nil {
if err == storage.ErrNoSuchImage || baseErr == docker.ErrNoSuchImage {
continue
}
return err
}
if registry != "" {
pushOpts := docker.PushImageOptions{Name: newImage, InactivityTimeout: net.StreamInactivityTimeout, RawJSONStream: true}
err = dcluster.PushImage(pushOpts, mainDockerProvisioner.RegistryAuthConfig())
if err != nil {
return err
}
}
err = mainDockerProvisioner.updateContainers(bson.M{"appname": app.GetName()}, bson.M{"$set": bson.M{"image": newImage}})
if err != nil {
return err
}
}
return nil
}
// title: app list
// path: /apps
// method: GET
// produce: application/json
// responses:
// 200: List apps
// 204: No content
// 401: Unauthorized
func appList(w http.ResponseWriter, r *http.Request, t auth.Token) error {
filter := &app.Filter{}
if name := r.URL.Query().Get("name"); name != "" {
filter.NameMatches = name
}
if platform := r.URL.Query().Get("platform"); platform != "" {
filter.Platform = platform
}
if teamOwner := r.URL.Query().Get("teamOwner"); teamOwner != "" {
filter.TeamOwner = teamOwner
}
if owner := r.URL.Query().Get("owner"); owner != "" {
filter.UserOwner = owner
}
if pool := r.URL.Query().Get("pool"); pool != "" {
filter.Pool = pool
}
locked, _ := strconv.ParseBool(r.URL.Query().Get("locked"))
if locked {
filter.Locked = true
}
if status, ok := r.URL.Query()["status"]; ok {
filter.Statuses = status
}
contexts := permission.ContextsForPermission(t, permission.PermAppRead)
if len(contexts) == 0 {
w.WriteHeader(http.StatusNoContent)
return nil
}
apps, err := app.List(appFilterByContext(contexts, filter))
if err != nil {
return err
}
if len(apps) == 0 {
w.WriteHeader(http.StatusNoContent)
return nil
}
w.Header().Set("Content-Type", "application/json")
miniApps := make([]miniApp, len(apps))
for i, app := range apps {
miniApps[i], err = minifyApp(app)
if err != nil {
return err
}
}
return json.NewEncoder(w).Encode(miniApps)
}
func Sync(w io.Writer) error {
var m gandalfManager
users, err := auth.ListUsers()
if err != nil {
return err
}
for _, user := range users {
fmt.Fprintf(w, "Syncing user %q... ", user.Email)
err = m.CreateUser(user.Email)
switch err {
case repository.ErrUserAlreadyExists:
fmt.Fprintln(w, "already present in Gandalf")
case nil:
fmt.Fprintln(w, "OK")
default:
return err
}
}
apps, err := app.List(nil, nil)
if err != nil {
return err
}
for _, app := range apps {
var users []string
for _, team := range app.GetTeams() {
users = append(users, team.Users...)
}
fmt.Fprintf(w, "Syncing app %q... ", app.Name)
err = m.CreateRepository(app.Name, users)
switch err {
case repository.ErrRepositoryAlreadExists:
fmt.Fprintln(w, "already present in Gandalf")
case nil:
fmt.Fprintln(w, "OK")
default:
return err
}
for _, user := range users {
m.GrantAccess(app.Name, user)
}
}
return nil
}
func deployableApps(u *auth.User) ([]string, error) {
perms, err := u.Permissions()
if err != nil {
return nil, err
}
contexts := permission.ContextsFromListForPermission(perms, permission.PermAppDeploy)
if len(contexts) == 0 {
return nil, nil
}
filter := appFilterByContext(contexts, nil)
apps, err := app.List(filter)
if err != nil {
return nil, err
}
appNames := make([]string, len(apps))
for i := range apps {
appNames[i] = apps[i].Name
}
return appNames, nil
}
func Sync(w io.Writer) error {
var m gandalfManager
users, err := auth.ListUsers()
if err != nil {
return err
}
for _, user := range users {
fmt.Fprintf(w, "Syncing user %q... ", user.Email)
err = m.CreateUser(user.Email)
switch err {
case repository.ErrUserAlreadyExists:
fmt.Fprintln(w, "already present in Gandalf")
case nil:
fmt.Fprintln(w, "OK")
default:
return err
}
}
apps, err := app.List(nil)
if err != nil {
return err
}
for _, app := range apps {
allowedPerms := []permission.Permission{
{
Scheme: permission.PermAppDeploy,
Context: permission.Context(permission.CtxGlobal, ""),
},
{
Scheme: permission.PermAppDeploy,
Context: permission.Context(permission.CtxPool, app.Pool),
},
}
for _, t := range app.GetTeams() {
allowedPerms = append(allowedPerms, permission.Permission{
Scheme: permission.PermAppDeploy,
Context: permission.Context(permission.CtxTeam, t.Name),
})
}
users, err := auth.ListUsersWithPermissions(allowedPerms...)
if err != nil {
return err
}
userNames := make([]string, len(users))
for i := range users {
userNames[i] = users[i].Email
}
fmt.Fprintf(w, "Syncing app %q... ", app.Name)
err = m.CreateRepository(app.Name, userNames)
switch err {
case repository.ErrRepositoryAlreadExists:
fmt.Fprintln(w, "already present in Gandalf")
case nil:
fmt.Fprintln(w, "OK")
default:
return err
}
for _, user := range userNames {
m.GrantAccess(app.Name, user)
}
}
return nil
}