From 0b3804a0a05ebfa3041ea63a76551894262a624f Mon Sep 17 00:00:00 2001 From: michaeljguarino Date: Thu, 8 Aug 2024 23:09:46 -0400 Subject: [PATCH] Need to b64 decode cockroach config secret forgot to add this as well --- apps/core/lib/core/clients/console.ex | 7 ++++--- apps/core/lib/core/schema/cockroach_cluster.ex | 2 +- apps/core/lib/core/schema/console_instance.ex | 3 ++- apps/core/lib/core/services/cloud.ex | 1 + apps/core/lib/core/services/cloud/configuration.ex | 5 ++++- apps/core/lib/core/services/cloud/poller.ex | 12 +++++++++--- apps/core/lib/core/services/cloud/workflow.ex | 10 ++++++++-- apps/core/test/services/cloud/workflow_test.exs | 8 ++++++-- apps/core/test/test_helper.exs | 1 + plural/helm/plural/Chart.yaml | 2 +- plural/helm/plural/templates/chartmuseum.yaml | 2 -- 11 files changed, 37 insertions(+), 16 deletions(-) diff --git a/apps/core/lib/core/clients/console.ex b/apps/core/lib/core/clients/console.ex index 1d4f3a3c7..499bae395 100644 --- a/apps/core/lib/core/clients/console.ex +++ b/apps/core/lib/core/clients/console.ex @@ -49,7 +49,8 @@ defmodule Core.Clients.Console do def clusters(client) do Req.post(client, graphql: @clusters_q) |> case do - {:ok, %Req.Response{body: %{"clusters" => %{"edges" => edges}}}} -> {:ok, Enum.map(edges, & &1["node"])} + {:ok, %Req.Response{body: %{"data" => %{"clusters" => %{"edges" => edges}}}}} -> + {:ok, Enum.map(edges, & &1["node"])} res -> Logger.warn "Failed to fetch clusters: #{inspect(res)}" {:error, "could not fetch clusters"} @@ -59,7 +60,7 @@ defmodule Core.Clients.Console do def repo(client, url) do Req.post(client, graphql: {@repo_q, %{url: url}}) |> case do - {:ok, %Req.Response{body: %{"gitRepository" => %{"id" => id}}}} -> {:ok, id} + {:ok, %Req.Response{body: %{"data" => %{"gitRepository" => %{"id" => id}}}}} -> {:ok, id} res -> Logger.warn "Failed to fetch clusters: #{inspect(res)}" {:error, "could not fetch repo"} @@ -81,7 +82,7 @@ defmodule Core.Clients.Console do |> service_resp("deleteServiceDeployment") end - defp service_resp({:ok, %Req.Response{status: 200, body: body}}, field) do + defp service_resp({:ok, %Req.Response{status: 200, body: %{"data" => body}}}, field) do case body[field] do %{"id" => id} -> {:ok, id} err -> diff --git a/apps/core/lib/core/schema/cockroach_cluster.ex b/apps/core/lib/core/schema/cockroach_cluster.ex index 0e92016a5..f4cff9294 100644 --- a/apps/core/lib/core/schema/cockroach_cluster.ex +++ b/apps/core/lib/core/schema/cockroach_cluster.ex @@ -29,6 +29,6 @@ defmodule Core.Schema.CockroachCluster do model |> cast(attrs, ~w(name cloud region url certificate endpoints)a) |> unique_constraint(:name) - |> validate_required(~w(name cloud region url certificate endpoints)a) + |> validate_required(~w(name cloud url certificate endpoints)a) end end diff --git a/apps/core/lib/core/schema/console_instance.ex b/apps/core/lib/core/schema/console_instance.ex index 5dbd47d63..5771d2483 100644 --- a/apps/core/lib/core/schema/console_instance.ex +++ b/apps/core/lib/core/schema/console_instance.ex @@ -41,6 +41,7 @@ defmodule Core.Schema.ConsoleInstance do field :dbpassword, EncryptedString field :subdomain, :string field :jwt_secret, EncryptedString + field :erlang_secret, EncryptedString field :owner_name, :string field :owner_email, :string field :admin_password, EncryptedString @@ -117,7 +118,7 @@ defmodule Core.Schema.ConsoleInstance do end @conf_valid ~w( - database dbuser dbpassword + database dbuser dbpassword erlang_secret subdomain jwt_secret owner_name owner_email admin_password aes_key encryption_key client_id client_secret plural_token kas_api kas_private kas_redis diff --git a/apps/core/lib/core/services/cloud.ex b/apps/core/lib/core/services/cloud.ex index 7a85a858d..276458d7c 100644 --- a/apps/core/lib/core/services/cloud.ex +++ b/apps/core/lib/core/services/cloud.ex @@ -147,6 +147,7 @@ defmodule Core.Services.Cloud do owner_name: user.name, owner_email: user.email, admin_password: Core.random_alphanum(30), + erlang_secret: Core.random_alphanum(30), client_id: oidc.client_id, client_secret: oidc.client_secret, plural_token: token, diff --git a/apps/core/lib/core/services/cloud/configuration.ex b/apps/core/lib/core/services/cloud/configuration.ex index 74140670c..917c59ae1 100644 --- a/apps/core/lib/core/services/cloud/configuration.ex +++ b/apps/core/lib/core/services/cloud/configuration.ex @@ -16,14 +16,17 @@ defmodule Core.Services.Cloud.Configuration do kas_api kas_private kas_redis + erlang_secret )a) |> Map.merge(%{ postgres_url: build_pg_url(inst), + cloud: "#{inst.cloud}", + cluster_name: inst.name, size: "#{size}", postgres_certificate: certificate(inst) }) |> Map.put(:size, "#{size}") - |> Enum.map(fn {k, v} -> %{name: Macro.camelize("#{k}"), value: v} end) + |> Enum.map(fn {k, v} -> %{name: k, value: v} end) end defp certificate(%ConsoleInstance{cockroach: %CockroachCluster{certificate: cert}}), do: cert diff --git a/apps/core/lib/core/services/cloud/poller.ex b/apps/core/lib/core/services/cloud/poller.ex index 46c35fb5e..22275f835 100644 --- a/apps/core/lib/core/services/cloud/poller.ex +++ b/apps/core/lib/core/services/cloud/poller.ex @@ -22,9 +22,9 @@ defmodule Core.Services.Cloud.Poller do def repository(), do: GenServer.call(__MODULE__, :repo) - def handle_call(:repo, %{repo: id} = state) when is_binary(id), + def handle_call(:repo, _, %{repo: id} = state) when is_binary(id), do: {:reply, {:ok, id}, state} - def handle_call(:repo, state), do: {:reply, {:error, "repo not pulled"}, state} + def handle_call(:repo, _, state), do: {:reply, {:error, "repo not pulled"}, state} def handle_info(:repo, %{client: client} = state) do case Console.repo(client, Core.conf(:mgmt_repo)) do @@ -61,6 +61,7 @@ defmodule Core.Services.Cloud.Poller do cloud: to_cloud(distro), region: meta["region"] }, name) + |> log_err("failed to insert cloud cluster") end defp upsert_roach(%{"name" => name} = roach) do @@ -70,6 +71,7 @@ defmodule Core.Services.Cloud.Poller do certificate: roach["certificate"], endpoints: roach["endpoints"] }, name) + |> log_err("failed to insert cockroach cluster") end defp read_secret() do @@ -77,7 +79,8 @@ defmodule Core.Services.Cloud.Poller do |> Kazan.run() |> case do {:ok, %CoreV1.Secret{data: %{"cockroaches" => roaches}}} -> - Jason.decode(roaches) + Base.decode64!(roaches) + |> Jason.decode() _ -> {:error, "could not find secret"} end end @@ -86,4 +89,7 @@ defmodule Core.Services.Cloud.Poller do defp to_cloud("GKE"), do: :gcp defp to_cloud("AKS"), do: :azure defp to_cloud(_), do: :aws + + defp log_err({:error, _} = err, msg), do: "#{msg}: #{inspect(err)}" + defp log_err(pass, _), do: pass end diff --git a/apps/core/lib/core/services/cloud/workflow.ex b/apps/core/lib/core/services/cloud/workflow.ex index 3c626ead3..033f16bb9 100644 --- a/apps/core/lib/core/services/cloud/workflow.ex +++ b/apps/core/lib/core/services/cloud/workflow.ex @@ -1,9 +1,9 @@ defmodule Core.Services.Cloud.Workflow do use Core.Services.Base alias Core.Clients.Console - alias Core.Services.Cloud + alias Core.Services.{Cloud, Users} alias Core.Services.Cloud.{Poller, Configuration} - alias Core.Schema.{ConsoleInstance, CockroachCluster} + alias Core.Schema.{ConsoleInstance, CockroachCluster, User} alias Core.Repo require Logger @@ -122,6 +122,12 @@ defmodule Core.Services.Cloud.Workflow do |> add_operation(:inst, fn _ -> Repo.delete(inst) end) |> add_operation(:cluster, fn _ -> Cloud.dec(cluster) end) |> add_operation(:roach, fn _ -> Cloud.dec(roach) end) + |> add_operation(:sa, fn %{inst: %{name: name}} -> + case Users.get_user_by_email("#{name}-cloud-sa@srv.plural.sh") do + %User{} = u -> Repo.delete(u) + _ -> {:ok, nil} + end + end) |> execute(extract: :inst) end diff --git a/apps/core/test/services/cloud/workflow_test.exs b/apps/core/test/services/cloud/workflow_test.exs index 105717a88..ee35cbc9d 100644 --- a/apps/core/test/services/cloud/workflow_test.exs +++ b/apps/core/test/services/cloud/workflow_test.exs @@ -24,7 +24,9 @@ defmodule Core.Services.Cloud.WorkflowTest do }, user) expect(Core.Services.Cloud.Poller, :repository, fn -> {:ok, "some-id"} end) - expect(Core.Clients.Console, :create_service, fn _, ^cluster_id, _ -> {:ok, Ecto.UUID.generate()} end) + expect(Req, :post, fn _, [graphql: {_, %{clusterId: ^cluster_id}}] -> + {:ok, %Req.Response{status: 200, body: %{"data" => %{"createServiceDeployment" => %{"id" => Ecto.UUID.generate()}}}}} + end) {:ok, %{external_id: svc_id} = instance} = Workflow.provision(instance) @@ -32,7 +34,9 @@ defmodule Core.Services.Cloud.WorkflowTest do assert instance.instance_status.db assert instance.instance_status.svc - expect(Core.Clients.Console, :delete_service, fn _, ^svc_id -> {:ok, svc_id} end) + expect(Req, :post, fn _, [graphql: {_, %{id: ^svc_id}}] -> + {:ok, %Req.Response{status: 200, body: %{"data" => %{"deleteServiceDeployment" => %{"id" => svc_id}}}}} + end) {:ok, instance} = Workflow.deprovision(instance) diff --git a/apps/core/test/test_helper.exs b/apps/core/test/test_helper.exs index fa1d67468..da5d8b514 100644 --- a/apps/core/test/test_helper.exs +++ b/apps/core/test/test_helper.exs @@ -35,5 +35,6 @@ Mimic.copy(System) Mimic.copy(Core.Clients.Vault) Mimic.copy(Core.Clients.Console) Mimic.copy(Core.Services.Cloud.Poller) +Mimic.copy(Req) {:ok, _} = Application.ensure_all_started(:ex_machina) diff --git a/plural/helm/plural/Chart.yaml b/plural/helm/plural/Chart.yaml index 4db7f4669..7ef92f4c2 100644 --- a/plural/helm/plural/Chart.yaml +++ b/plural/helm/plural/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: plural description: A helm chart for installing plural appVersion: 0.11.8 -version: 0.10.93 +version: 0.10.94 dependencies: - name: hydra version: 0.26.5 diff --git a/plural/helm/plural/templates/chartmuseum.yaml b/plural/helm/plural/templates/chartmuseum.yaml index ba31e5f3c..04e62b72e 100644 --- a/plural/helm/plural/templates/chartmuseum.yaml +++ b/plural/helm/plural/templates/chartmuseum.yaml @@ -28,8 +28,6 @@ spec: env: - name: PORT value: '8080' - - name: DEPLOYED_AT - value: {{ now | unixEpoch | quote }} - name: DEPTH value: '1' - name: CONTEXT_PATH