func sendAuditLog(token string, requestURI string, method string, path string, requestBody string, queryParameterMap map[string][]string, pathParameterMap map[string]string, remoteAddress string) { // Get cache. If not exsiting, retrieving from authorization server. user := getCache(token) userName := "******" if user != nil { userName = user.Name } cloudoneAnalysisHost, ok := configuration.LocalConfiguration.GetString("cloudoneAnalysisHost") if ok == false { log.Error("Fail to get configuration cloudoneAnalysisHost") return } cloudoneAnalysisPort, ok := configuration.LocalConfiguration.GetInt("cloudoneAnalysisPort") if ok == false { log.Error("Fail to get configuration cloudoneAnalysisPort") return } // Header is not used since the header has no useful information for now auditLog := audit.CreateAuditLog(componentName, path, userName, remoteAddress, queryParameterMap, pathParameterMap, method, requestURI, requestBody, nil) url := "https://" + cloudoneAnalysisHost + ":" + strconv.Itoa(cloudoneAnalysisPort) + "/api/v1/auditlogs" headerMap := make(map[string]string) headerMap["token"] = authorization.SystemAdminToken _, err := restclient.RequestPost(url, auditLog, headerMap, false) if err != nil { log.Error("Fail to send audit log with error %s", err) } }
func SendBuildLog(imageRecord *ImageRecord, outputMessage string) error { cloudoneAnalysisHost, ok := configuration.LocalConfiguration.GetString("cloudoneAnalysisHost") if ok == false { log.Error("Fail to get configuration cloudoneAnalysisHost") return errors.New("Fail to get configuration cloudoneAnalysisHost") } cloudoneAnalysisPort, ok := configuration.LocalConfiguration.GetInt("cloudoneAnalysisPort") if ok == false { log.Error("Fail to get configuration cloudoneAnalysisPort") return errors.New("Fail to get configuration cloudoneAnalysisPort") } buildLog := build.BuildLog{ imageRecord.ImageInformation, imageRecord.Version, imageRecord.VersionInfo, imageRecord.CreatedTime, outputMessage, } url := "https://" + cloudoneAnalysisHost + ":" + strconv.Itoa(cloudoneAnalysisPort) + "/api/v1/buildlogs" headerMap := make(map[string]string) headerMap["token"] = authorization.SystemAdminToken _, err := restclient.RequestPost(url, buildLog, headerMap, false) if err != nil { log.Error("Fail to send build log %v with error %s", buildLog, err) } return err }
// @Title create // @Description create the cluster application template // @Param body body guirestapi.repository.thirdparty.Cluster true "body for cluster application template" // @Success 200 {string} {} // @Failure 404 error reason // @router / [post] func (c *EditController) Post() { inputBody := c.Ctx.Input.CopyBody(limit.InputPostBodyMaximum) cluster := Cluster{} err := json.Unmarshal(inputBody, &cluster) if err != nil { // Error c.Data["json"] = make(map[string]interface{}) c.Data["json"].(map[string]interface{})["error"] = err.Error() c.Ctx.Output.Status = 404 c.ServeJSON() return } cloudoneProtocol := beego.AppConfig.String("cloudoneProtocol") cloudoneHost := beego.AppConfig.String("cloudoneHost") cloudonePort := beego.AppConfig.String("cloudonePort") if cluster.ReplicationControllerJson == "" { cluster.ReplicationControllerJson = "{}" } if cluster.ServiceJson == "" { cluster.ServiceJson = "{}" } url := cloudoneProtocol + "://" + cloudoneHost + ":" + cloudonePort + "/api/v1/clusterapplications/" tokenHeaderMap, _ := c.GetSession("tokenHeaderMap").(map[string]string) _, err = restclient.RequestPost(url, cluster, tokenHeaderMap, true) if identity.IsTokenInvalidAndRedirect(c, c.Ctx, err) { return } if err != nil { // Error c.Data["json"] = make(map[string]interface{}) c.Data["json"].(map[string]interface{})["error"] = err.Error() c.Ctx.Output.Status = 404 c.ServeJSON() return } else { c.Data["json"] = make(map[string]interface{}) c.ServeJSON() } }
func auditLogWithoutVerified(req *restful.Request, resp *restful.Response, chain *restful.FilterChain) { requestURI := req.Request.URL.RequestURI() method := req.Request.Method path := req.SelectedRoutePath() queryParameterMap := req.Request.URL.Query() pathParameterMap := req.PathParameters() remoteAddress := req.Request.RemoteAddr requestBody, _ := ioutil.ReadAll(req.Request.Body) // Write data back for the later use req.Request.Body = ioutil.NopCloser(bytes.NewReader(requestBody)) go func() { userData := UserData{} req.ReadEntity(&userData) userName := userData.Username cloudoneAnalysisHost, ok := configuration.LocalConfiguration.GetString("cloudoneAnalysisHost") if ok == false { log.Error("Fail to get configuration cloudoneAnalysisHost") return } cloudoneAnalysisPort, ok := configuration.LocalConfiguration.GetInt("cloudoneAnalysisPort") if ok == false { log.Error("Fail to get configuration cloudoneAnalysisPort") return } // Header is not used since the header has no useful information for now auditLog := audit.CreateAuditLog(componentName, path, userName, remoteAddress, queryParameterMap, pathParameterMap, method, requestURI, string(requestBody), nil) url := "https://" + cloudoneAnalysisHost + ":" + strconv.Itoa(cloudoneAnalysisPort) + "/api/v1/auditlogs" headerMap := make(map[string]string) headerMap["token"] = authorization.SystemAdminToken _, err := restclient.RequestPost(url, auditLog, headerMap, false) if err != nil { log.Error("Fail to send audit log with error %s", err) } }() chain.ProcessFilter(req, resp) }
func sendAuditLog(ctx *context.Context, userName string, saveParameter bool) (returnedError error) { defer func() { if err := recover(); err != nil { returnedError = err.(error) } }() cloudoneAnalysisProtocol := beego.AppConfig.String("cloudoneAnalysisProtocol") cloudoneAnalysisHost := beego.AppConfig.String("cloudoneAnalysisHost") cloudoneAnalysisPort := beego.AppConfig.String("cloudoneAnalysisPort") tokenHeaderMap, tokenHeaderMapOK := ctx.Input.Session("tokenHeaderMap").(map[string]string) requestURI := ctx.Input.URI() method := ctx.Input.Method() path := ctx.Input.URL() remoteAddress := ctx.Request.RemoteAddr queryParameterMap := ctx.Request.Form proxySlice := ctx.Input.Proxy() if proxySlice != nil && len(proxySlice) > 0 { proxySlice = append(proxySlice, remoteAddress) remoteAddress = fmt.Sprintf("%v", proxySlice) } if saveParameter == false { // Not to save parameter, such as password requestURI = path queryParameterMap = nil } // Header is not used since the header has no useful information for now // Body is not used since the backend component will record again. // Path is not used since the backend component will record again. auditLog := audit.CreateAuditLog(componentName, path, userName, remoteAddress, queryParameterMap, nil, method, requestURI, "", nil) if tokenHeaderMapOK { url := cloudoneAnalysisProtocol + "://" + cloudoneAnalysisHost + ":" + cloudoneAnalysisPort + "/api/v1/auditlogs" restclient.RequestPost(url, auditLog, tokenHeaderMap, false) // err is logged in analysis so don't need to here } return nil }
func CreateServiceWithJson(kubeApiServerEndPoint string, kubeApiServerToken string, namespace string, bodyJsonMap map[string]interface{}) (returnedError error) { defer func() { if err := recover(); err != nil { log.Error("CreateServiceWithJson Error: %s", err) log.Error(logger.GetStackTrace(4096, false)) returnedError = err.(error) } }() headerMap := make(map[string]string) headerMap["Authorization"] = kubeApiServerToken url := kubeApiServerEndPoint + "/api/v1/namespaces/" + namespace + "/services/" _, err := restclient.RequestPost(url, bodyJsonMap, headerMap, true) if err != nil { log.Error(err) return err } else { return nil } }
func CreateNamespace(kubeApiServerEndPoint string, kubeApiServerToken string, name string) (returnedError error) { defer func() { if err := recover(); err != nil { log.Error("CreateNamespace Error: %s", err) log.Error(logger.GetStackTrace(4096, false)) returnedError = err.(error) } }() jsonMap := make(map[string]interface{}) jsonMap["metadata"] = make(map[string]interface{}) jsonMap["metadata"].(map[string]interface{})["name"] = name headerMap := make(map[string]string) headerMap["Authorization"] = kubeApiServerToken _, err := restclient.RequestPost(kubeApiServerEndPoint+"/api/v1/namespaces/", jsonMap, headerMap, true) if err != nil { log.Error("Fail to create namespace with endpoint: %s, token: %s, name: %s, error: %s", kubeApiServerEndPoint, kubeApiServerToken, name, err.Error()) return err } return nil }
func CreateService(kubeApiServerEndPoint string, kubeApiServerToken string, namespace string, service Service) (returnedError error) { defer func() { if err := recover(); err != nil { log.Error("CreateService Error: %s", err) log.Error(logger.GetStackTrace(4096, false)) returnedError = err.(error) } }() hasNodePort := false portJsonMapSlice := make([]map[string]interface{}, 0) for _, port := range service.PortSlice { portJsonMap := make(map[string]interface{}) portJsonMap["name"] = port.Name portJsonMap["protocol"] = port.Protocol portJsonMap["port"] = port.Port targetPortNumber, err := strconv.Atoi(port.TargetPort) if err != nil { portJsonMap["targetPort"] = port.TargetPort } else { portJsonMap["targetPort"] = targetPortNumber } // < 0 not used, == 0 auto-generated, > 0 port number if port.NodePort >= 0 { hasNodePort = true if port.NodePort > 0 { portJsonMap["nodePort"] = port.NodePort } } portJsonMapSlice = append(portJsonMapSlice, portJsonMap) } bodyJsonMap := make(map[string]interface{}) bodyJsonMap["kind"] = "Service" bodyJsonMap["apiVersion"] = "v1" bodyJsonMap["metadata"] = make(map[string]interface{}) bodyJsonMap["metadata"].(map[string]interface{})["name"] = service.Name bodyJsonMap["metadata"].(map[string]interface{})["labels"] = service.LabelMap bodyJsonMap["spec"] = make(map[string]interface{}) bodyJsonMap["spec"].(map[string]interface{})["ports"] = portJsonMapSlice bodyJsonMap["spec"].(map[string]interface{})["selector"] = service.Selector // Use sticky session so the same client will be forwarded to the same pod if service.SessionAffinity != "" { bodyJsonMap["spec"].(map[string]interface{})["sessionAffinity"] = service.SessionAffinity } if hasNodePort { bodyJsonMap["spec"].(map[string]interface{})["type"] = "NodePort" } headerMap := make(map[string]string) headerMap["Authorization"] = kubeApiServerToken url := kubeApiServerEndPoint + "/api/v1/namespaces/" + namespace + "/services/" _, err := restclient.RequestPost(url, bodyJsonMap, headerMap, true) if err != nil { log.Error(err) } return err }
func (c *EditController) Post() { guimessage := guimessagedisplay.GetGUIMessage(c) cloudoneProtocol := beego.AppConfig.String("cloudoneProtocol") cloudoneHost := beego.AppConfig.String("cloudoneHost") cloudonePort := beego.AppConfig.String("cloudonePort") name := c.GetString("name") description := c.GetString("description") scriptType := c.GetString("scriptType") // Name need to be a DNS 952 label match, _ := regexp.MatchString("^[a-z]{1}[a-z0-9-]{1,23}$", name) if match == false { guimessage.AddDanger("The name need to be a DNS 952 label ^[a-z]{1}[a-z0-9-]{1,23}$") c.Ctx.Redirect(302, "/gui/repository/thirdparty/list") guimessage.RedirectMessage(c) return } // Replciation Controller replicationControllerJson := c.GetString("replicationControllerJson") if replicationControllerJson == "" { replicationControllerJson = "{}" } file, _, err := c.GetFile("fileReplicationController") if err == nil { byteSlice, err := ioutil.ReadAll(file) if err == nil { replicationControllerJson = string(byteSlice) } } if file != nil { file.Close() } // Service serviceJson := c.GetString("serviceJson") if serviceJson == "" { serviceJson = "{}" } file, _, err = c.GetFile("fileService") if err == nil { byteSlice, err := ioutil.ReadAll(file) if err == nil { serviceJson = string(byteSlice) } } if file != nil { file.Close() } // Environment environmentText := c.GetString("environment") if environmentText == "" { environmentText = "{}" } file, _, err = c.GetFile("fileEnvironment") if err == nil { byteSlice, err := ioutil.ReadAll(file) if err == nil { environmentText = string(byteSlice) } } if file != nil { file.Close() } // Script scriptContent := c.GetString("scriptContent") file, _, err = c.GetFile("fileScript") if err == nil { byteSlice, err := ioutil.ReadAll(file) if err == nil { scriptContent = string(byteSlice) } } if file != nil { file.Close() } // Test replication controller replicationControllerJsonMap := make(map[string]interface{}) // Try json err = json.Unmarshal([]byte(replicationControllerJson), &replicationControllerJsonMap) if err != nil { // Try yaml err := yaml.Unmarshal([]byte(replicationControllerJson), &replicationControllerJsonMap) if err != nil { // Error guimessage.AddDanger("Replication controller can't be parsed by json or yaml") guimessage.AddDanger(err.Error()) c.Ctx.Redirect(302, "/gui/repository/thirdparty/list") guimessage.RedirectMessage(c) return } } // Test service serviceJsonMap := make(map[string]interface{}) // Try json err = json.Unmarshal([]byte(serviceJson), &serviceJsonMap) if err != nil { // Try yaml err := yaml.Unmarshal([]byte(serviceJson), &serviceJsonMap) if err != nil { // Error guimessage.AddDanger("Service can't be parsed by json or yaml") guimessage.AddDanger(err.Error()) c.Ctx.Redirect(302, "/gui/repository/thirdparty/list") guimessage.RedirectMessage(c) return } } environmentJsonMap := make(map[string]string) // Try json err = json.Unmarshal([]byte(environmentText), &environmentJsonMap) if err != nil { // Try yaml err := yaml.Unmarshal([]byte(environmentText), &environmentJsonMap) if err != nil { // Error guimessage.AddDanger("Environment can't be parsed by json or yaml") guimessage.AddDanger(err.Error()) c.Ctx.Redirect(302, "/gui/repository/thirdparty/list") guimessage.RedirectMessage(c) return } } cluster := Cluster{ name, description, replicationControllerJson, serviceJson, environmentJsonMap, scriptType, scriptContent, } url := cloudoneProtocol + "://" + cloudoneHost + ":" + cloudonePort + "/api/v1/clusterapplications/" tokenHeaderMap, _ := c.GetSession("tokenHeaderMap").(map[string]string) _, err = restclient.RequestPost(url, cluster, tokenHeaderMap, true) if identity.IsTokenInvalidAndRedirect(c, c.Ctx, err) { return } if err != nil { // Error guimessage.AddDanger(guimessagedisplay.GetErrorMessage(err)) } else { guimessage.AddSuccess("Third party application " + name + " is edited") } c.Ctx.Redirect(302, "/gui/repository/thirdparty/list") guimessage.RedirectMessage(c) }
func CreateReplicationController(kubeApiServerEndPoint string, kubeApiServerToken string, namespace string, replicationController ReplicationController) (returnedError error) { defer func() { if err := recover(); err != nil { log.Error("CreateReplicationController Error: %s", err) log.Error(logger.GetStackTrace(4096, false)) returnedError = err.(error) } }() containerJsonMapSlice := make([]interface{}, 0) for _, replicationControllerContainer := range replicationController.ContainerSlice { containerJsonMap := make(map[string]interface{}) containerJsonMap["name"] = replicationControllerContainer.Name containerJsonMap["image"] = replicationControllerContainer.Image containerJsonMap["resources"] = replicationControllerContainer.ResourceMap portJsonMapSlice := make([]interface{}, 0) for _, replicationControllerContainerPort := range replicationControllerContainer.PortSlice { portJsonMap := make(map[string]interface{}) portJsonMap["name"] = replicationControllerContainerPort.Name portJsonMap["containerPort"] = replicationControllerContainerPort.ContainerPort portJsonMapSlice = append(portJsonMapSlice, portJsonMap) } containerJsonMap["ports"] = portJsonMapSlice environmentJsonMapSlice := make([]interface{}, 0) for _, environment := range replicationControllerContainer.EnvironmentSlice { environmentJsonMap := make(map[string]interface{}) environmentJsonMap["name"] = environment.Name environmentJsonMap["value"] = environment.Value environmentJsonMapSlice = append(environmentJsonMapSlice, environmentJsonMap) } containerJsonMap["env"] = environmentJsonMapSlice // FIXME temporarily to use nested docker volumeMountJsonMap := make(map[string]interface{}) volumeMountJsonMap["name"] = "docker" volumeMountJsonMap["readOnly"] = true volumeMountJsonMap["mountPath"] = "/var/run/docker.sock" volumeMountJsonMapSlice := make([]interface{}, 0) volumeMountJsonMapSlice = append(volumeMountJsonMapSlice, volumeMountJsonMap) containerJsonMap["volumeMounts"] = volumeMountJsonMapSlice containerJsonMapSlice = append(containerJsonMapSlice, containerJsonMap) } bodyJsonMap := make(map[string]interface{}) bodyJsonMap["kind"] = "ReplicationController" bodyJsonMap["apiVersion"] = "v1" bodyJsonMap["metadata"] = make(map[string]interface{}) bodyJsonMap["metadata"].(map[string]interface{})["name"] = replicationController.Name bodyJsonMap["metadata"].(map[string]interface{})["labels"] = make(map[string]interface{}) bodyJsonMap["metadata"].(map[string]interface{})["labels"].(map[string]interface{})["name"] = replicationController.Label.Name bodyJsonMap["spec"] = make(map[string]interface{}) bodyJsonMap["spec"].(map[string]interface{})["replicas"] = replicationController.ReplicaAmount bodyJsonMap["spec"].(map[string]interface{})["selector"] = make(map[string]interface{}) bodyJsonMap["spec"].(map[string]interface{})["selector"].(map[string]interface{})["name"] = replicationController.Selector.Name bodyJsonMap["spec"].(map[string]interface{})["selector"].(map[string]interface{})["version"] = replicationController.Selector.Version bodyJsonMap["spec"].(map[string]interface{})["template"] = make(map[string]interface{}) bodyJsonMap["spec"].(map[string]interface{})["template"].(map[string]interface{})["metadata"] = make(map[string]interface{}) bodyJsonMap["spec"].(map[string]interface{})["template"].(map[string]interface{})["metadata"].(map[string]interface{})["labels"] = make(map[string]interface{}) bodyJsonMap["spec"].(map[string]interface{})["template"].(map[string]interface{})["metadata"].(map[string]interface{})["labels"].(map[string]interface{})["name"] = replicationController.Selector.Name bodyJsonMap["spec"].(map[string]interface{})["template"].(map[string]interface{})["metadata"].(map[string]interface{})["labels"].(map[string]interface{})["version"] = replicationController.Selector.Version bodyJsonMap["spec"].(map[string]interface{})["template"].(map[string]interface{})["spec"] = make(map[string]interface{}) bodyJsonMap["spec"].(map[string]interface{})["template"].(map[string]interface{})["spec"].(map[string]interface{})["containers"] = containerJsonMapSlice // FIXME temporarily to use nested docker volumeJsonMap := make(map[string]interface{}) volumeJsonMap["name"] = "docker" volumeJsonMap["hostPath"] = make(map[string]interface{}) volumeJsonMap["hostPath"].(map[string]interface{})["path"] = "/var/run/docker.sock" volumeJsonMapSlice := make([]interface{}, 0) volumeJsonMapSlice = append(volumeJsonMapSlice, volumeJsonMap) bodyJsonMap["spec"].(map[string]interface{})["template"].(map[string]interface{})["spec"].(map[string]interface{})["volumes"] = volumeJsonMapSlice // Configure extra json body // It is used for user to input any configuration if replicationController.ExtraJsonMap != nil { deepcopy.DeepOverwriteJsonMap(replicationController.ExtraJsonMap, bodyJsonMap) } headerMap := make(map[string]string) headerMap["Authorization"] = kubeApiServerToken url := kubeApiServerEndPoint + "/api/v1/namespaces/" + namespace + "/replicationcontrollers/" _, err := restclient.RequestPost(url, bodyJsonMap, headerMap, true) if err != nil { return err } else { return nil } }