From d6964302882efc3271678d8aea090a477dad4709 Mon Sep 17 00:00:00 2001 From: Saranya-jena Date: Fri, 5 Jul 2024 16:21:17 +0530 Subject: [PATCH 01/16] removed k8s client-go dependencies Signed-off-by: Saranya-jena --- .../graphql/server/api/middleware/cors.go | 10 - .../graph/chaos_infrastructure.resolvers.go | 41 ++- .../server/graph/chaoshub.resolvers.go | 4 +- .../server/pkg/authorization/middleware.go | 4 +- .../pkg/chaos_infrastructure/infra_utils.go | 36 +-- .../pkg/chaos_infrastructure/service.go | 89 ++---- .../server/pkg/handlers/file_handler.go | 28 +- chaoscenter/graphql/server/pkg/k8s/client.go | 52 ---- chaoscenter/graphql/server/pkg/k8s/cluster.go | 267 ------------------ chaoscenter/graphql/server/utils/variables.go | 3 +- 10 files changed, 110 insertions(+), 424 deletions(-) delete mode 100644 chaoscenter/graphql/server/pkg/k8s/client.go delete mode 100644 chaoscenter/graphql/server/pkg/k8s/cluster.go diff --git a/chaoscenter/graphql/server/api/middleware/cors.go b/chaoscenter/graphql/server/api/middleware/cors.go index 9efff066dc0..6842bc5feb2 100644 --- a/chaoscenter/graphql/server/api/middleware/cors.go +++ b/chaoscenter/graphql/server/api/middleware/cors.go @@ -5,10 +5,6 @@ import ( "regexp" "strings" - "github.com/sirupsen/logrus" - - "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/chaos_infrastructure" - "github.com/gin-gonic/gin" "github.com/litmuschaos/litmus/chaoscenter/graphql/server/utils" ) @@ -29,13 +25,7 @@ func ValidateCors() gin.HandlerFunc { } validOrigin := false - endpoint, err := chaos_infrastructure.GetEndpoint("external") - if err != nil { - logrus.Error(err) - } else if endpoint != "" { - allowedOrigins = append(allowedOrigins, endpoint) - } for _, allowedOrigin := range allowedOrigins { match, err := regexp.MatchString(allowedOrigin, origin) if err == nil && match { diff --git a/chaoscenter/graphql/server/graph/chaos_infrastructure.resolvers.go b/chaoscenter/graphql/server/graph/chaos_infrastructure.resolvers.go index e374e95361e..8ad93b535ef 100644 --- a/chaoscenter/graphql/server/graph/chaos_infrastructure.resolvers.go +++ b/chaoscenter/graphql/server/graph/chaos_infrastructure.resolvers.go @@ -7,6 +7,9 @@ package graph import ( "context" "errors" + "fmt" + "net/http" + "net/url" "time" "github.com/google/uuid" @@ -80,8 +83,23 @@ func (r *mutationResolver) GetManifestWithInfraID(ctx context.Context, projectID "chaosInfraId": infraID, } + reqHeader, ok := ctx.Value("request-header").(http.Header) + if !ok { + return "", fmt.Errorf("unable to parse request header") + } + + referrer := reqHeader.Get("Referer") + if referrer == "" { + return "", fmt.Errorf("unable to parse referer header") + } + + referrerURL, err := url.Parse(referrer) + if err != nil { + return "", err + } + fmt.Println("ref-url", referrerURL.Scheme, referrerURL.Host) logrus.WithFields(logFields).Info("request received to get chaos infrastructure installation manifest") - manifest, err := r.chaosInfrastructureService.GetManifestWithInfraID(infraID, accessKey) + manifest, err := r.chaosInfrastructureService.GetManifestWithInfraID(fmt.Sprintf("%s://%s", referrerURL.Scheme, referrerURL.Host), infraID, accessKey) if err != nil { return "", err } @@ -165,8 +183,25 @@ func (r *queryResolver) GetInfraManifest(ctx context.Context, infraID string, up logFields := logrus.Fields{ "projectId": projectID, } + + reqHeader, ok := ctx.Value("request-header").(http.Header) + if !ok { + return "", fmt.Errorf("unable to parse request header") + } + + referrer := reqHeader.Get("Referer") + if referrer == "" { + return "", fmt.Errorf("unable to parse referer header") + } + + referrerURL, err := url.Parse(referrer) + if err != nil { + return "", err + } + fmt.Println("ref-url", referrerURL.Scheme, referrerURL.Host) + logrus.WithFields(logFields).Info("request received to get chaos infrastructure manifest") - err := authorization.ValidateRole(ctx, projectID, + err = authorization.ValidateRole(ctx, projectID, authorization.MutationRbacRules[authorization.GetManifest], model.InvitationAccepted.String()) if err != nil { @@ -178,7 +213,7 @@ func (r *queryResolver) GetInfraManifest(ctx context.Context, infraID string, up return "", err } - gcaResponse, err := chaos_infrastructure.GetK8sInfraYaml(getInfra) + gcaResponse, err := chaos_infrastructure.GetK8sInfraYaml(referrerURL.Host, getInfra) if err != nil { logrus.WithFields(logFields).Error(err) return "", err diff --git a/chaoscenter/graphql/server/graph/chaoshub.resolvers.go b/chaoscenter/graphql/server/graph/chaoshub.resolvers.go index 93215fa492f..9b08e2d363a 100644 --- a/chaoscenter/graphql/server/graph/chaoshub.resolvers.go +++ b/chaoscenter/graphql/server/graph/chaoshub.resolvers.go @@ -6,7 +6,7 @@ package graph import ( "context" - + "fmt" "github.com/litmuschaos/litmus/chaoscenter/graphql/server/graph/model" "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/authorization" chaosHubOps "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/chaoshub/ops" @@ -14,6 +14,7 @@ import ( // AddChaosHub is the resolver for the addChaosHub field. func (r *mutationResolver) AddChaosHub(ctx context.Context, projectID string, request model.CreateChaosHubRequest) (*model.ChaosHub, error) { + if err := authorization.ValidateRole(ctx, projectID, authorization.MutationRbacRules[authorization.AddChaosHub], model.InvitationAccepted.String()); err != nil { @@ -95,6 +96,7 @@ func (r *mutationResolver) DeleteChaosHub(ctx context.Context, projectID string, // ListChaosFaults is the resolver for the listChaosFaults field. func (r *queryResolver) ListChaosFaults(ctx context.Context, hubID string, projectID string) ([]*model.Chart, error) { + fmt.Println("headerrr", ctx.Value("request-header")) err := authorization.ValidateRole(ctx, projectID, authorization.MutationRbacRules[authorization.ListCharts], model.InvitationAccepted.String()) diff --git a/chaoscenter/graphql/server/pkg/authorization/middleware.go b/chaoscenter/graphql/server/pkg/authorization/middleware.go index 202f484a6c8..89361ea5297 100644 --- a/chaoscenter/graphql/server/pkg/authorization/middleware.go +++ b/chaoscenter/graphql/server/pkg/authorization/middleware.go @@ -34,8 +34,10 @@ func Middleware(handler http.Handler, mongoClient *mongo.Client) gin.HandlerFunc c.Writer.Write([]byte("Error verifying JWT token: Token is revoked")) return } + ctx := context.WithValue(c.Request.Context(), AuthKey, jwt) - c.Request = c.Request.WithContext(ctx) + ctx1 := context.WithValue(ctx, "request-header", c.Request.Header) + c.Request = c.Request.WithContext(ctx1) handler.ServeHTTP(c.Writer, c.Request) } } diff --git a/chaoscenter/graphql/server/pkg/chaos_infrastructure/infra_utils.go b/chaoscenter/graphql/server/pkg/chaos_infrastructure/infra_utils.go index dfd8d962bd2..bf71b3e7513 100644 --- a/chaoscenter/graphql/server/pkg/chaos_infrastructure/infra_utils.go +++ b/chaoscenter/graphql/server/pkg/chaos_infrastructure/infra_utils.go @@ -9,7 +9,6 @@ import ( "github.com/litmuschaos/litmus/chaoscenter/graphql/server/graph/model" store "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/data-store" dbChaosInfra "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/database/mongodb/chaos_infrastructure" - "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/k8s" "github.com/litmuschaos/litmus/chaoscenter/graphql/server/utils" log "github.com/sirupsen/logrus" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" @@ -20,42 +19,37 @@ type SubscriberConfigurations struct { TLSCert string } -func GetEndpoint(agentType string) (string, error) { +func GetEndpoint(host string) (string, error) { // returns endpoint from env, if provided by user + + fmt.Println("host", host) + fmt.Println("ui-endpoint", utils.Config.ChaosCenterUiEndpoint) if utils.Config.ChaosCenterUiEndpoint != "" { - return utils.Config.ChaosCenterUiEndpoint + "/ws/query", nil + return utils.Config.ChaosCenterUiEndpoint + "/api/query", nil } + return host, nil // generating endpoint based on ChaosCenter Scope & InfraType (Self or External) - agentEndpoint, err := k8s.GetServerEndpoint(utils.Config.ChaosCenterScope, agentType) + //agentEndpoint, err := k8s.GetServerEndpoint(utils.Config.ChaosCenterScope, agentType) - if agentEndpoint == "" || err != nil { - return "", fmt.Errorf("failed to retrieve the server endpoint %v", err) - } + //if agentEndpoint == "" { + // return "", fmt.Errorf("failed to retrieve the server endpoint %v", err) + //} + + //return agentEndpoint, err - return agentEndpoint, err } -func GetK8sInfraYaml(infra dbChaosInfra.ChaosInfra) ([]byte, error) { +func GetK8sInfraYaml(host string, infra dbChaosInfra.ChaosInfra) ([]byte, error) { var config SubscriberConfigurations - endpoint, err := GetEndpoint(infra.InfraType) + endpoint, err := GetEndpoint(host) if err != nil { return nil, err } config.ServerEndpoint = endpoint - var scope = utils.Config.ChaosCenterScope - if scope == ClusterScope && utils.Config.TlsSecretName != "" { - config.TLSCert, err = k8s.GetTLSCert(utils.Config.TlsSecretName) - if err != nil { - return nil, err - } - } - - if scope == NamespaceScope { - config.TLSCert = utils.Config.TlsCertB64 - } + config.TLSCert = utils.Config.TlsCertB64 var respData []byte if infra.InfraScope == ClusterScope { diff --git a/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go b/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go index f43d71d37d8..a9d666cc428 100644 --- a/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go +++ b/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go @@ -7,6 +7,7 @@ import ( "log" "math" "net/http" + "net/url" "strconv" "strings" "time" @@ -15,7 +16,6 @@ import ( store "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/data-store" "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/database/mongodb/config" dbEnvironments "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/database/mongodb/environments" - "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/k8s" "github.com/sirupsen/logrus" "github.com/google/uuid" @@ -45,8 +45,8 @@ type Service interface { ListInfras(projectID string, request *model.ListInfraRequest) (*model.ListInfraResponse, error) GetInfraDetails(ctx context.Context, infraID string, projectID string) (*model.Infra, error) SendInfraEvent(eventType, eventName, description string, infra model.Infra, r store.StateData) - GetManifest(token string) ([]byte, int, error) - GetManifestWithInfraID(infraID string, accessKey string) ([]byte, error) + //GetManifest(token string) ([]byte, int, error) + GetManifestWithInfraID(host string, infraID string, accessKey string) ([]byte, error) GetInfra(ctx context.Context, projectID string, infraID string) (*model.Infra, error) GetInfraStats(ctx context.Context, projectID string) (*model.GetInfraStatsResponse, error) GetVersionDetails() (*model.InfraVersionDetails, error) @@ -187,7 +187,23 @@ func (in *infraService) RegisterInfra(c context.Context, projectID string, input return nil, err } - manifestYaml, err := GetK8sInfraYaml(newInfra) + reqHeader, ok := c.Value("request-header").(http.Header) + if !ok { + return nil, fmt.Errorf("unable to parse request header") + } + + referrer := reqHeader.Get("Referer") + if referrer == "" { + return nil, fmt.Errorf("unable to parse referer header") + } + + referrerURL, err := url.Parse(referrer) + if err != nil { + return nil, err + } + fmt.Println("ref-url-register-infra", referrerURL.Scheme, referrerURL.Host) + + manifestYaml, err := GetK8sInfraYaml(fmt.Sprintf("%s://%s", referrerURL.Scheme, referrerURL.Host), newInfra) if err != nil { return nil, err } @@ -1061,57 +1077,8 @@ func (in *infraService) VerifyInfra(identity model.InfraIdentity) (*dbChaosInfra return &infra, nil } -func (in *infraService) GetManifest(token string) ([]byte, int, error) { - infraID, err := InfraValidateJWT(token) - if err != nil { - return nil, http.StatusNotFound, err - } - - reqinfra, err := in.infraOperator.GetInfra(infraID) - if err != nil { - return nil, http.StatusInternalServerError, err - } - - var configurations SubscriberConfigurations - configurations.ServerEndpoint, err = GetEndpoint(reqinfra.InfraType) - if err != nil { - return nil, http.StatusInternalServerError, err - } - - var scope = utils.Config.ChaosCenterScope - if scope == ClusterScope && utils.Config.TlsSecretName != "" { - configurations.TLSCert, err = k8s.GetTLSCert(utils.Config.TlsSecretName) - if err != nil { - return nil, http.StatusInternalServerError, err - } - } - - if scope == NamespaceScope { - configurations.TLSCert = utils.Config.TlsCertB64 - } - - if !reqinfra.IsRegistered { - var respData []byte - if reqinfra.InfraScope == "cluster" { - - respData, err = ManifestParser(reqinfra, "manifests/cluster", &configurations) - } else if reqinfra.InfraScope == "namespace" { - respData, err = ManifestParser(reqinfra, "manifests/namespace", &configurations) - } else { - logrus.Error("INFRA_SCOPE env is empty!") - } - if err != nil { - return nil, http.StatusInternalServerError, err - } - - return respData, http.StatusOK, nil - } else { - return []byte("infra is already registered"), http.StatusConflict, nil - } -} - // GetManifestWithInfraID returns manifest for a given infra -func (in *infraService) GetManifestWithInfraID(infraID string, accessKey string) ([]byte, error) { +func (in *infraService) GetManifestWithInfraID(host string, infraID string, accessKey string) ([]byte, error) { reqinfra, err := in.infraOperator.GetInfra(infraID) if err != nil { return nil, fmt.Errorf("failed to retrieve the infra %v", err) @@ -1123,22 +1090,12 @@ func (in *infraService) GetManifestWithInfraID(infraID string, accessKey string) } var configurations SubscriberConfigurations - configurations.ServerEndpoint, err = GetEndpoint(reqinfra.InfraType) + configurations.ServerEndpoint, err = GetEndpoint(host) if err != nil { return nil, fmt.Errorf("failed to retrieve the server endpoint %v", err) } - var scope = utils.Config.ChaosCenterScope - if scope == ClusterScope && utils.Config.TlsSecretName != "" { - configurations.TLSCert, err = k8s.GetTLSCert(utils.Config.TlsSecretName) - if err != nil { - return nil, fmt.Errorf("failed to retrieve the tls cert %v", err) - } - } - - if scope == NamespaceScope { - configurations.TLSCert = utils.Config.TlsCertB64 - } + configurations.TLSCert = utils.Config.TlsCertB64 var respData []byte if reqinfra.InfraScope == ClusterScope { diff --git a/chaoscenter/graphql/server/pkg/handlers/file_handler.go b/chaoscenter/graphql/server/pkg/handlers/file_handler.go index 98cdc119785..dc169ff6c89 100644 --- a/chaoscenter/graphql/server/pkg/handlers/file_handler.go +++ b/chaoscenter/graphql/server/pkg/handlers/file_handler.go @@ -1,6 +1,9 @@ package handlers import ( + "fmt" + "net/http" + "net/url" "strings" "github.com/gin-gonic/gin" @@ -30,7 +33,30 @@ func FileHandler(mongodbOperator mongodb.MongoOperator) gin.HandlerFunc { utils.WriteHeaders(&c.Writer, 500) c.Writer.Write([]byte(err.Error())) } - response, err := chaos_infrastructure.GetK8sInfraYaml(infra) + + reqHeader, ok := c.Value("request-header").(http.Header) + if !ok { + logrus.Error("unable to parse referer header") + utils.WriteHeaders(&c.Writer, 500) + c.Writer.Write([]byte("unable to parse referer header")) + } + + referrer := reqHeader.Get("Referer") + if referrer == "" { + logrus.Error("unable to parse referer header") + utils.WriteHeaders(&c.Writer, 500) + c.Writer.Write([]byte("unable to parse referer header")) + } + + referrerURL, err := url.Parse(referrer) + if err != nil { + logrus.Error(err) + utils.WriteHeaders(&c.Writer, 500) + c.Writer.Write([]byte(err.Error())) + } + fmt.Println("ref-url", referrerURL.Scheme, referrerURL.Host) + + response, err := chaos_infrastructure.GetK8sInfraYaml(fmt.Sprintf("%s://%s", referrerURL.Scheme, referrerURL.Host), infra) if err != nil { logrus.Error(err) utils.WriteHeaders(&c.Writer, 500) diff --git a/chaoscenter/graphql/server/pkg/k8s/client.go b/chaoscenter/graphql/server/pkg/k8s/client.go deleted file mode 100644 index 514cc9ce55d..00000000000 --- a/chaoscenter/graphql/server/pkg/k8s/client.go +++ /dev/null @@ -1,52 +0,0 @@ -package k8s - -import ( - "github.com/litmuschaos/litmus/chaoscenter/graphql/server/utils" - "k8s.io/client-go/discovery" - "k8s.io/client-go/dynamic" - "k8s.io/client-go/kubernetes" - "k8s.io/client-go/rest" - "k8s.io/client-go/tools/clientcmd" -) - -func GetKubeConfig() (*rest.Config, error) { - kubeConfig := utils.Config.KubeConfigFilePath - // Use in-cluster config if kubeconfig path is not specified - if kubeConfig == "" { - return rest.InClusterConfig() - } - - return clientcmd.BuildConfigFromFlags("", kubeConfig) -} - -func GetGenericK8sClient() (*kubernetes.Clientset, error) { - config, err := GetKubeConfig() - if err != nil { - return nil, err - } - - return kubernetes.NewForConfig(config) -} - -// GetDynamicAndDiscoveryClient This function returns dynamic client and discovery client -func GetDynamicAndDiscoveryClient() (discovery.DiscoveryInterface, dynamic.Interface, error) { - // returns a config object which uses the service account kubernetes gives to pods - config, err := GetKubeConfig() - if err != nil { - return nil, nil, err - } - - // NewDiscoveryClientForConfig creates a new DiscoveryClient for the given config - discoveryClient, err := discovery.NewDiscoveryClientForConfig(config) - if err != nil { - return nil, nil, err - } - - // NewForConfig creates a new dynamic client or returns an error. - dynamicClient, err := dynamic.NewForConfig(config) - if err != nil { - return nil, nil, err - } - - return discoveryClient, dynamicClient, nil -} diff --git a/chaoscenter/graphql/server/pkg/k8s/cluster.go b/chaoscenter/graphql/server/pkg/k8s/cluster.go deleted file mode 100644 index 50d79675758..00000000000 --- a/chaoscenter/graphql/server/pkg/k8s/cluster.go +++ /dev/null @@ -1,267 +0,0 @@ -package k8s - -import ( - "context" - "encoding/base64" - "errors" - "fmt" - "log" - "strconv" - "strings" - - "github.com/litmuschaos/litmus/chaoscenter/graphql/server/utils" - - k8serrors "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/api/meta" - metaV1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" - "k8s.io/apimachinery/pkg/runtime/serializer/yaml" - memory "k8s.io/client-go/discovery/cached" - "k8s.io/client-go/dynamic" - "k8s.io/client-go/restmapper" -) - -var ( - decUnstructured = yaml.NewDecodingSerializer(unstructured.UnstructuredJSONScheme) - dr dynamic.ResourceInterface -) - -// InfraResource This function handles cluster operations -func InfraResource(manifest string, namespace string) (*unstructured.Unstructured, error) { - // Getting dynamic and discovery client - ctx := context.TODO() - discoveryClient, dynamicClient, err := GetDynamicAndDiscoveryClient() - if err != nil { - return nil, err - } - - // Create a mapper using dynamic client - mapper := restmapper.NewDeferredDiscoveryRESTMapper(memory.NewMemCacheClient(discoveryClient)) - - // Decode YAML manifest into unstructured.Unstructured - obj := &unstructured.Unstructured{} - _, gvk, err := decUnstructured.Decode([]byte(manifest), nil, obj) - if err != nil { - return nil, err - } - - // Find GVR - mapping, err := mapper.RESTMapping(gvk.GroupKind(), gvk.Version) - if err != nil { - return nil, err - } - - // Obtain REST interface for the GVR - if mapping.Scope.Name() == meta.RESTScopeNameNamespace { - // namespaced resources should specify the namespace - dr = dynamicClient.Resource(mapping.Resource).Namespace(namespace) - } else { - // for cluster-wide resources - dr = dynamicClient.Resource(mapping.Resource) - } - - response, err := dr.Create(ctx, obj, metaV1.CreateOptions{}) - if k8serrors.IsAlreadyExists(err) { - // This doesnt ever happen even if it does already exist - log.Print("Already exists") - return nil, nil - } - - if err != nil { - return nil, err - } - - log.Println("Resource successfully created") - - return response, nil -} - -/* -This function returns the endpoint of the server by which external agents can communicate. -The order of generating the endpoint is based on different network type: -- Ingress -- LoadBalancer > NodePort > ClusterIP -*/ -func GetServerEndpoint(portalScope, agentType string) (string, error) { - var ( - NodePort int32 - Port int32 - InternalIP string - IngressPath string - IPAddress string - Scheme string - FinalUrl string - ServerServiceName = utils.Config.ServerServiceName - NodeName = utils.Config.NodeName - LitmusPortalNS = utils.Config.LitmusPortalNamespace - Ingress = utils.Config.Ingress - IngressName = utils.Config.IngressName - ) - - ctx := context.TODO() - clientset, err := GetGenericK8sClient() - if err != nil { - return "", err - } - - svc, err := clientset.CoreV1().Services(LitmusPortalNS).Get(ctx, ServerServiceName, metaV1.GetOptions{}) - if err != nil { - return "", err - } - - for _, port := range svc.Spec.Ports { - if port.Name == "graphql-server" { - NodePort = port.NodePort - Port = port.Port - } - } - - // If current agent is self-agent, then servicename FQDN will be used irrespective of service type. - if agentType == "internal" { - FinalUrl = "http://" + ServerServiceName + "." + LitmusPortalNS + ":" + strconv.Itoa(int(Port)) + "/query" - return FinalUrl, nil - } - - // Ingress endpoint will be generated for external agents only. - if Ingress == "true" { - getIng, err := clientset.NetworkingV1().Ingresses(LitmusPortalNS).Get(ctx, IngressName, metaV1.GetOptions{}) - if err != nil { - return "", err - } - - /* - Priorities of retrieving Ingress endpoint - 1. hostname - 2. IPAddress - */ - if len(getIng.Spec.Rules) > 0 && getIng.Spec.Rules[0].Host != "" { - IPAddress = getIng.Spec.Rules[0].Host - } else if len(getIng.Status.LoadBalancer.Ingress) > 0 && getIng.Status.LoadBalancer.Ingress[0].IP != "" { - IPAddress = getIng.Status.LoadBalancer.Ingress[0].IP - } else if len(getIng.Status.LoadBalancer.Ingress) > 0 && getIng.Status.LoadBalancer.Ingress[0].Hostname != "" { - IPAddress = getIng.Status.LoadBalancer.Ingress[0].Hostname - } else { - return "", errors.New("IP Address or HostName not generated") - } - - if IPAddress == "" { - return "", errors.New("IP Address or Hostname is not available in the ingress of " + IngressName) - } - - for _, rule := range getIng.Spec.Rules { - for _, path := range rule.HTTP.Paths { - if path.Backend.Service.Name == ServerServiceName { - f := func(c rune) bool { - return c == '/' - } - - path_arr := strings.FieldsFunc(path.Path, f) - if len(path_arr) > 0 { - if path_arr[len(path_arr)-1] == "(.*)" { - path_arr[len(path_arr)-1] = "query" - } else { - path_arr = append(path_arr, "query") - } - } else { - path_arr = append(path_arr, "query") - } - - IngressPath = strings.Join(path_arr[:], "/") - } - } - } - - if len(getIng.Spec.TLS) > 0 { - Scheme = "https" - } else { - Scheme = "http" - } - - FinalUrl = Scheme + "://" + wrapIPV6(IPAddress) + "/" + IngressPath - - } else if Ingress == "false" || Ingress == "" { - - exp := strings.ToLower(string(svc.Spec.Type)) - switch exp { - case "loadbalancer": - if len(svc.Status.LoadBalancer.Ingress) > 0 { - if svc.Status.LoadBalancer.Ingress[0].Hostname != "" { - IPAddress = svc.Status.LoadBalancer.Ingress[0].Hostname - } else if svc.Status.LoadBalancer.Ingress[0].IP != "" { - IPAddress = svc.Status.LoadBalancer.Ingress[0].IP - } else { - return "", errors.New("LoadBalancerIP/Hostname not present for loadbalancer service type") - } - } else { - return "", errors.New("LoadBalancerIP/Hostname not present for loadbalancer service type") - } - FinalUrl = "http://" + wrapIPV6(IPAddress) + ":" + strconv.Itoa(int(Port)) + "/query" - case "nodeport": - - // Cannot fetch Node Ip Address when ChaosCenter is installed in Namespaced scope - if portalScope == "namespace" { - return "", errors.New("Cannot get NodeIP in namespaced mode") - } - - nodeIP, err := clientset.CoreV1().Nodes().Get(ctx, NodeName, metaV1.GetOptions{}) - if err != nil { - return "", err - } - - for _, addr := range nodeIP.Status.Addresses { - if strings.ToLower(string(addr.Type)) == "externalip" && addr.Address != "" { - IPAddress = addr.Address - } else if strings.ToLower(string(addr.Type)) == "internalip" && addr.Address != "" { - InternalIP = addr.Address - } - } - - // Whichever one of External IP and Internal IP is present, that will be selected for Server Endpoint - if IPAddress != "" { - FinalUrl = "http://" + wrapIPV6(IPAddress) + ":" + strconv.Itoa(int(NodePort)) + "/query" - } else if InternalIP != "" { - FinalUrl = "http://" + wrapIPV6(InternalIP) + ":" + strconv.Itoa(int(NodePort)) + "/query" - } else { - return "", errors.New("Both ExternalIP and InternalIP aren't present for NodePort service type") - } - case "clusterip": - log.Print("External agents can't be connected to the server if the service type is set to ClusterIP\n") - if svc.Spec.ClusterIP == "" { - return "", errors.New("ClusterIP is not present") - } - FinalUrl = "http://" + wrapIPV6(svc.Spec.ClusterIP) + ":" + strconv.Itoa(int(Port)) + "/query" - default: - return "", errors.New("No service type found") - } - } else { - return "", errors.New("Ingress value is not correct") - } - - log.Print("Server endpoint: ", FinalUrl) - - return FinalUrl, nil -} - -func wrapIPV6(addr string) string { - if strings.Count(addr, ":") > 0 { - return "[" + addr + "]" - } - return addr -} - -func GetTLSCert(secretName string) (string, error) { - clientset, err := GetGenericK8sClient() - if err != nil { - return "", err - } - - secret, err := clientset.CoreV1().Secrets(utils.Config.LitmusPortalNamespace).Get(context.Background(), secretName, metaV1.GetOptions{}) - if err != nil { - return "", err - } - - if cert, ok := secret.Data["tls.crt"]; ok { - return base64.StdEncoding.EncodeToString(cert), nil - } - return "", fmt.Errorf("could not find tls.crt value in provided TLS Secret %v", secretName) -} diff --git a/chaoscenter/graphql/server/utils/variables.go b/chaoscenter/graphql/server/utils/variables.go index 5c1b72dd1a5..8ce0b3f4502 100644 --- a/chaoscenter/graphql/server/utils/variables.go +++ b/chaoscenter/graphql/server/utils/variables.go @@ -25,9 +25,8 @@ type Configuration struct { NodeName string `split_words:"true"` Ingress string `split_words:"true"` IngressName string `split_words:"true"` - ChaosCenterUiEndpoint string `split_words:"true" default:"localhost:8080"` + ChaosCenterUiEndpoint string `split_words:"true" default:"https://localhost:8080"` TlsCertB64 string `split_words:"true"` - TlsSecretName string `split_words:"true"` LitmusAuthGrpcEndpoint string `split_words:"true" default:"localhost"` LitmusAuthGrpcPort string `split_words:"true" default:":3030"` KubeConfigFilePath string `split_words:"true"` From 138a42ed7fd769c92aea6d6e0111067d42578a4d Mon Sep 17 00:00:00 2001 From: Saranya Jena Date: Fri, 5 Jul 2024 16:22:57 +0530 Subject: [PATCH 02/16] Update push.yml --- .github/workflows/push.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 1a543b40a49..03cb31f1719 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -1,11 +1,11 @@ name: push-pipeline on: - push: - branches: - - master - - ^v[0-9]*.[0-9]*.x$ - tags: - - "*" + workflow_dispatch: + inputs: + Tag: + default: "ci" +env: + TAG: "${{github.event.inputs.Tag}}" defaults: run: working-directory: chaoscenter @@ -48,7 +48,7 @@ jobs: img_tag=${GITHUB_REF#refs/*/} else echo "non tag build" - img_tag="ci" + img_tag=${{ env.TAG }} fi # This is a condition where image tag looks like "pull/" during pull request build NEW_IMG_TAG=`echo $img_tag | sed "s/\//-/g"` From 02d595e6c7cdf60c9bf3ccd6b967ea197a265f4f Mon Sep 17 00:00:00 2001 From: Saranya-jena Date: Fri, 5 Jul 2024 16:51:18 +0530 Subject: [PATCH 03/16] removed k8s client-go dependencies Signed-off-by: Saranya-jena --- .../graphql/server/pkg/chaos_infrastructure/infra_utils.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/chaoscenter/graphql/server/pkg/chaos_infrastructure/infra_utils.go b/chaoscenter/graphql/server/pkg/chaos_infrastructure/infra_utils.go index bf71b3e7513..c8203776e3e 100644 --- a/chaoscenter/graphql/server/pkg/chaos_infrastructure/infra_utils.go +++ b/chaoscenter/graphql/server/pkg/chaos_infrastructure/infra_utils.go @@ -28,7 +28,7 @@ func GetEndpoint(host string) (string, error) { return utils.Config.ChaosCenterUiEndpoint + "/api/query", nil } - return host, nil + return host + "/api/query", nil // generating endpoint based on ChaosCenter Scope & InfraType (Self or External) //agentEndpoint, err := k8s.GetServerEndpoint(utils.Config.ChaosCenterScope, agentType) From 767a0a09479fc4ce72a34eff8028c1134a11bc0f Mon Sep 17 00:00:00 2001 From: Saranya-jena Date: Fri, 5 Jul 2024 17:10:08 +0530 Subject: [PATCH 04/16] removed token issues Signed-off-by: Saranya-jena --- .../server/graph/chaos_experiment.resolvers.go | 8 ++++---- .../graphql/server/graph/environment.resolvers.go | 6 +++--- .../pkg/chaos_experiment_run/handler/handler.go | 13 ++++++------- 3 files changed, 13 insertions(+), 14 deletions(-) diff --git a/chaoscenter/graphql/server/graph/chaos_experiment.resolvers.go b/chaoscenter/graphql/server/graph/chaos_experiment.resolvers.go index f3f20addbff..f0b6aa83730 100644 --- a/chaoscenter/graphql/server/graph/chaos_experiment.resolvers.go +++ b/chaoscenter/graphql/server/graph/chaos_experiment.resolvers.go @@ -83,7 +83,7 @@ func (r *mutationResolver) SaveChaosExperiment(ctx context.Context, request mode var uiResponse string - uiResponse, err = r.chaosExperimentHandler.SaveChaosExperiment(ctx, request, projectID, ctx.Value(authorization.AuthKey).(string)) + uiResponse, err = r.chaosExperimentHandler.SaveChaosExperiment(ctx, request, projectID, ctx.Value("username").(string)) if err != nil { logrus.WithFields(logFields).Error(err) return "", err @@ -107,7 +107,7 @@ func (r *mutationResolver) UpdateChaosExperiment(ctx context.Context, request mo return nil, err } - uiResponse, err := r.chaosExperimentHandler.UpdateChaosExperiment(ctx, request, projectID, data_store.Store, ctx.Value(authorization.AuthKey).(string)) + uiResponse, err := r.chaosExperimentHandler.UpdateChaosExperiment(ctx, request, projectID, data_store.Store, ctx.Value("username").(string)) if err != nil { logrus.WithFields(logFields).Error(err) return nil, err @@ -132,7 +132,7 @@ func (r *mutationResolver) DeleteChaosExperiment(ctx context.Context, experiment return false, err } - uiResponse, err := r.chaosExperimentHandler.DeleteChaosExperiment(ctx, projectID, experimentID, experimentRunID, data_store.Store, ctx.Value(authorization.AuthKey).(string)) + uiResponse, err := r.chaosExperimentHandler.DeleteChaosExperiment(ctx, projectID, experimentID, experimentRunID, data_store.Store, ctx.Value("username").(string)) if err != nil { logrus.WithFields(logFields).Error(err) return false, err @@ -156,7 +156,7 @@ func (r *mutationResolver) UpdateCronExperimentState(ctx context.Context, experi return false, err } - uiResponse, err := r.chaosExperimentHandler.UpdateCronExperimentState(ctx, experimentID, disable, projectID, data_store.Store, ctx.Value(authorization.AuthKey).(string)) + uiResponse, err := r.chaosExperimentHandler.UpdateCronExperimentState(ctx, experimentID, disable, projectID, data_store.Store, ctx.Value("username").(string)) if err != nil { logrus.WithFields(logFields).Error(err) return false, err diff --git a/chaoscenter/graphql/server/graph/environment.resolvers.go b/chaoscenter/graphql/server/graph/environment.resolvers.go index 1153df39cac..96d035433ea 100644 --- a/chaoscenter/graphql/server/graph/environment.resolvers.go +++ b/chaoscenter/graphql/server/graph/environment.resolvers.go @@ -25,7 +25,7 @@ func (r *mutationResolver) CreateEnvironment(ctx context.Context, projectID stri return nil, err } - return r.environmentService.CreateEnvironment(ctx, projectID, request, ctx.Value(authorization.AuthKey).(string)) + return r.environmentService.CreateEnvironment(ctx, projectID, request, ctx.Value("username").(string)) } // UpdateEnvironment is the resolver for the updateEnvironment field. @@ -42,7 +42,7 @@ func (r *mutationResolver) UpdateEnvironment(ctx context.Context, projectID stri return "", err } - return r.environmentService.UpdateEnvironment(ctx, projectID, request, ctx.Value(authorization.AuthKey).(string)) + return r.environmentService.UpdateEnvironment(ctx, projectID, request, ctx.Value("username").(string)) } // DeleteEnvironment is the resolver for the deleteEnvironment field. @@ -59,7 +59,7 @@ func (r *mutationResolver) DeleteEnvironment(ctx context.Context, projectID stri return "", err } - return r.environmentService.DeleteEnvironment(ctx, projectID, environmentID, ctx.Value(authorization.AuthKey).(string)) + return r.environmentService.DeleteEnvironment(ctx, projectID, environmentID, ctx.Value("username").(string)) } // GetEnvironment is the resolver for the getEnvironment field. diff --git a/chaoscenter/graphql/server/pkg/chaos_experiment_run/handler/handler.go b/chaoscenter/graphql/server/pkg/chaos_experiment_run/handler/handler.go index 21ebe1ce905..708d5b3753a 100644 --- a/chaoscenter/graphql/server/pkg/chaos_experiment_run/handler/handler.go +++ b/chaoscenter/graphql/server/pkg/chaos_experiment_run/handler/handler.go @@ -15,7 +15,6 @@ import ( "github.com/litmuschaos/litmus/chaoscenter/graphql/server/utils" - "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/authorization" "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/chaos_infrastructure" "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/gitops" "go.mongodb.org/mongo-driver/mongo/options" @@ -815,11 +814,11 @@ func (c *ChaosExperimentRunHandler) RunChaosWorkFlow(ctx context.Context, projec IsRemoved: false, CreatedAt: currentTime, CreatedBy: mongodb.UserDetailResponse{ - Username: ctx.Value(authorization.AuthKey).(string), + Username: ctx.Value("username").(string), }, UpdatedAt: currentTime, UpdatedBy: mongodb.UserDetailResponse{ - Username: ctx.Value(authorization.AuthKey).(string), + Username: ctx.Value("username").(string), }, }, }, @@ -861,11 +860,11 @@ func (c *ChaosExperimentRunHandler) RunChaosWorkFlow(ctx context.Context, projec IsRemoved: false, CreatedAt: currentTime, CreatedBy: mongodb.UserDetailResponse{ - Username: ctx.Value(authorization.AuthKey).(string), + Username: ctx.Value("username").(string), }, UpdatedAt: currentTime, UpdatedBy: mongodb.UserDetailResponse{ - Username: ctx.Value(authorization.AuthKey).(string), + Username: ctx.Value("username").(string), }, }, NotifyID: ¬ifyID, @@ -908,7 +907,7 @@ func (c *ChaosExperimentRunHandler) RunChaosWorkFlow(ctx context.Context, projec if err != nil { return nil, fmt.Errorf("failed to generate probes in workflow manifest, err: %v", err) } - username := ctx.Value(authorization.AuthKey).(string) + username := ctx.Value("username").(string) manifest, err := yaml.Marshal(workflowManifest) if err != nil { return nil, err @@ -991,7 +990,7 @@ func (c *ChaosExperimentRunHandler) RunCronExperiment(ctx context.Context, proje return err } - username := ctx.Value(authorization.AuthKey).(string) + username := ctx.Value("username").(string) if r != nil { chaos_infrastructure.SendExperimentToSubscriber(projectID, &model.ChaosExperimentRequest{ From b72fb5473a4a8119dbe552cab5019b0e5a3ba6e5 Mon Sep 17 00:00:00 2001 From: Saranya-jena Date: Fri, 5 Jul 2024 17:23:10 +0530 Subject: [PATCH 05/16] removed token issues Signed-off-by: Saranya-jena --- .../graphql/server/graph/chaos_experiment.resolvers.go | 5 +++++ chaoscenter/graphql/server/graph/resolver.go | 3 +-- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/chaoscenter/graphql/server/graph/chaos_experiment.resolvers.go b/chaoscenter/graphql/server/graph/chaos_experiment.resolvers.go index f0b6aa83730..15bcf650c8d 100644 --- a/chaoscenter/graphql/server/graph/chaos_experiment.resolvers.go +++ b/chaoscenter/graphql/server/graph/chaos_experiment.resolvers.go @@ -7,6 +7,7 @@ package graph import ( "context" "errors" + "fmt" "github.com/litmuschaos/litmus/chaoscenter/graphql/server/graph/generated" "github.com/litmuschaos/litmus/chaoscenter/graphql/server/graph/model" @@ -193,6 +194,10 @@ func (r *queryResolver) ListExperiment(ctx context.Context, projectID string, re "chaosExperimentIds": request.ExperimentIDs, } logrus.WithFields(logFields).Info("request received to list chaos experiments") + fmt.Println("newCtx2", ctx.Value("request-header")) + fmt.Println("newCtx1", ctx.Value("username")) + + fmt.Println("newCtx2", ctx.Value(authorization.UserClaim)) err := authorization.ValidateRole(ctx, projectID, authorization.MutationRbacRules[authorization.ListExperiment], diff --git a/chaoscenter/graphql/server/graph/resolver.go b/chaoscenter/graphql/server/graph/resolver.go index d1002be76c6..579e5585f34 100644 --- a/chaoscenter/graphql/server/graph/resolver.go +++ b/chaoscenter/graphql/server/graph/resolver.go @@ -2,7 +2,6 @@ package graph import ( "context" - "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/database/mongodb/authConfig" chaos_experiment2 "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/chaos_experiment/ops" @@ -95,7 +94,7 @@ func NewConfig(mongodbOperator mongodb.MongoOperator) generated.Config { return nil, err } newCtx := context.WithValue(ctx, authorization.UserClaim, user) - newCtx = context.WithValue(ctx, "username", user["username"]) + newCtx = context.WithValue(newCtx, "username", user["username"]) return next(newCtx) } From 39b774da7dd14f9e30f703f5f442f8d010d53292 Mon Sep 17 00:00:00 2001 From: Saranya-jena Date: Fri, 5 Jul 2024 17:32:35 +0530 Subject: [PATCH 06/16] removed token issues Signed-off-by: Saranya-jena --- chaoscenter/graphql/server/graph/resolver.go | 3 +++ chaoscenter/graphql/server/pkg/authorization/middleware.go | 2 ++ 2 files changed, 5 insertions(+) diff --git a/chaoscenter/graphql/server/graph/resolver.go b/chaoscenter/graphql/server/graph/resolver.go index 579e5585f34..2969a474025 100644 --- a/chaoscenter/graphql/server/graph/resolver.go +++ b/chaoscenter/graphql/server/graph/resolver.go @@ -2,6 +2,7 @@ package graph import ( "context" + "fmt" "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/database/mongodb/authConfig" chaos_experiment2 "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/chaos_experiment/ops" @@ -93,6 +94,8 @@ func NewConfig(mongodbOperator mongodb.MongoOperator) generated.Config { if err != nil { return nil, err } + + fmt.Println("here2") newCtx := context.WithValue(ctx, authorization.UserClaim, user) newCtx = context.WithValue(newCtx, "username", user["username"]) diff --git a/chaoscenter/graphql/server/pkg/authorization/middleware.go b/chaoscenter/graphql/server/pkg/authorization/middleware.go index 89361ea5297..f38370c2075 100644 --- a/chaoscenter/graphql/server/pkg/authorization/middleware.go +++ b/chaoscenter/graphql/server/pkg/authorization/middleware.go @@ -2,6 +2,7 @@ package authorization import ( "context" + "fmt" "net/http" "strings" @@ -38,6 +39,7 @@ func Middleware(handler http.Handler, mongoClient *mongo.Client) gin.HandlerFunc ctx := context.WithValue(c.Request.Context(), AuthKey, jwt) ctx1 := context.WithValue(ctx, "request-header", c.Request.Header) c.Request = c.Request.WithContext(ctx1) + fmt.Println("here1") handler.ServeHTTP(c.Writer, c.Request) } } From d72501b9da415c84e71ad2aca7e9bfd34aba0a7f Mon Sep 17 00:00:00 2001 From: Saranya-jena Date: Fri, 5 Jul 2024 18:41:17 +0530 Subject: [PATCH 07/16] removed token issues Signed-off-by: Saranya-jena --- chaoscenter/graphql/server/graph/resolver.go | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/chaoscenter/graphql/server/graph/resolver.go b/chaoscenter/graphql/server/graph/resolver.go index 2969a474025..e4d0ed17700 100644 --- a/chaoscenter/graphql/server/graph/resolver.go +++ b/chaoscenter/graphql/server/graph/resolver.go @@ -96,11 +96,17 @@ func NewConfig(mongodbOperator mongodb.MongoOperator) generated.Config { } fmt.Println("here2") + + fmt.Println("newCtx4", ctx.Value("request-header")) + newCtx := context.WithValue(ctx, authorization.UserClaim, user) newCtx = context.WithValue(newCtx, "username", user["username"]) + fmt.Println("newCtx5", newCtx.Value("username")) + fmt.Println("newCtx6", newCtx.Value(authorization.UserClaim)) + fmt.Println("newCtx4", newCtx.Value("request-header")) + return next(newCtx) } - return config } From 532247b4ebf5b3179ae754b44b7837c3b9ed3fac Mon Sep 17 00:00:00 2001 From: Saranya-jena Date: Fri, 5 Jul 2024 18:49:22 +0530 Subject: [PATCH 08/16] removed token issues Signed-off-by: Saranya-jena --- chaoscenter/graphql/server/pkg/authorization/middleware.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/chaoscenter/graphql/server/pkg/authorization/middleware.go b/chaoscenter/graphql/server/pkg/authorization/middleware.go index f38370c2075..22c55c52881 100644 --- a/chaoscenter/graphql/server/pkg/authorization/middleware.go +++ b/chaoscenter/graphql/server/pkg/authorization/middleware.go @@ -37,8 +37,8 @@ func Middleware(handler http.Handler, mongoClient *mongo.Client) gin.HandlerFunc } ctx := context.WithValue(c.Request.Context(), AuthKey, jwt) - ctx1 := context.WithValue(ctx, "request-header", c.Request.Header) - c.Request = c.Request.WithContext(ctx1) + //ctx1 := context.WithValue(ctx, "request-header", c.Request.Header) + c.Request = c.Request.WithContext(ctx) fmt.Println("here1") handler.ServeHTTP(c.Writer, c.Request) } From 9fbf2bb0b0257f7a184d810eaa16c15636e7cc47 Mon Sep 17 00:00:00 2001 From: Saranya-jena Date: Fri, 5 Jul 2024 19:16:16 +0530 Subject: [PATCH 09/16] removed token issues Signed-off-by: Saranya-jena --- .../graph/chaos_experiment.resolvers.go | 45 ++++++++++++++----- .../server/graph/chaoshub.resolvers.go | 1 + .../server/graph/environment.resolvers.go | 24 ++++++++-- chaoscenter/graphql/server/graph/resolver.go | 11 +---- .../server/pkg/authorization/middleware.go | 4 +- .../chaos_experiment_run/handler/handler.go | 24 +++++++--- .../pkg/chaos_infrastructure/service.go | 11 +++++ .../graphql/server/pkg/chaoshub/service.go | 3 ++ 8 files changed, 92 insertions(+), 31 deletions(-) diff --git a/chaoscenter/graphql/server/graph/chaos_experiment.resolvers.go b/chaoscenter/graphql/server/graph/chaos_experiment.resolvers.go index 15bcf650c8d..874dcf910ad 100644 --- a/chaoscenter/graphql/server/graph/chaos_experiment.resolvers.go +++ b/chaoscenter/graphql/server/graph/chaos_experiment.resolvers.go @@ -7,7 +7,6 @@ package graph import ( "context" "errors" - "fmt" "github.com/litmuschaos/litmus/chaoscenter/graphql/server/graph/generated" "github.com/litmuschaos/litmus/chaoscenter/graphql/server/graph/model" @@ -31,7 +30,13 @@ func (r *mutationResolver) CreateChaosExperiment(ctx context.Context, request mo return nil, err } - uiResponse, err := r.chaosExperimentHandler.CreateChaosExperiment(ctx, &request, projectID, ctx.Value("username").(string)) + tkn := ctx.Value(authorization.AuthKey).(string) + username, err := authorization.GetUsername(tkn) + if err != nil { + return nil, err + } + + uiResponse, err := r.chaosExperimentHandler.CreateChaosExperiment(ctx, &request, projectID, username) if err != nil { return nil, errors.New("could not create experiment, error: " + err.Error()) } @@ -84,7 +89,13 @@ func (r *mutationResolver) SaveChaosExperiment(ctx context.Context, request mode var uiResponse string - uiResponse, err = r.chaosExperimentHandler.SaveChaosExperiment(ctx, request, projectID, ctx.Value("username").(string)) + tkn := ctx.Value(authorization.AuthKey).(string) + username, err := authorization.GetUsername(tkn) + if err != nil { + return "", err + } + + uiResponse, err = r.chaosExperimentHandler.SaveChaosExperiment(ctx, request, projectID, username) if err != nil { logrus.WithFields(logFields).Error(err) return "", err @@ -108,7 +119,13 @@ func (r *mutationResolver) UpdateChaosExperiment(ctx context.Context, request mo return nil, err } - uiResponse, err := r.chaosExperimentHandler.UpdateChaosExperiment(ctx, request, projectID, data_store.Store, ctx.Value("username").(string)) + tkn := ctx.Value(authorization.AuthKey).(string) + username, err := authorization.GetUsername(tkn) + if err != nil { + return nil, err + } + + uiResponse, err := r.chaosExperimentHandler.UpdateChaosExperiment(ctx, request, projectID, data_store.Store, username) if err != nil { logrus.WithFields(logFields).Error(err) return nil, err @@ -133,7 +150,13 @@ func (r *mutationResolver) DeleteChaosExperiment(ctx context.Context, experiment return false, err } - uiResponse, err := r.chaosExperimentHandler.DeleteChaosExperiment(ctx, projectID, experimentID, experimentRunID, data_store.Store, ctx.Value("username").(string)) + tkn := ctx.Value(authorization.AuthKey).(string) + username, err := authorization.GetUsername(tkn) + if err != nil { + return false, err + } + + uiResponse, err := r.chaosExperimentHandler.DeleteChaosExperiment(ctx, projectID, experimentID, experimentRunID, data_store.Store, username) if err != nil { logrus.WithFields(logFields).Error(err) return false, err @@ -157,7 +180,13 @@ func (r *mutationResolver) UpdateCronExperimentState(ctx context.Context, experi return false, err } - uiResponse, err := r.chaosExperimentHandler.UpdateCronExperimentState(ctx, experimentID, disable, projectID, data_store.Store, ctx.Value("username").(string)) + tkn := ctx.Value(authorization.AuthKey).(string) + username, err := authorization.GetUsername(tkn) + if err != nil { + return false, err + } + + uiResponse, err := r.chaosExperimentHandler.UpdateCronExperimentState(ctx, experimentID, disable, projectID, data_store.Store, username) if err != nil { logrus.WithFields(logFields).Error(err) return false, err @@ -194,10 +223,6 @@ func (r *queryResolver) ListExperiment(ctx context.Context, projectID string, re "chaosExperimentIds": request.ExperimentIDs, } logrus.WithFields(logFields).Info("request received to list chaos experiments") - fmt.Println("newCtx2", ctx.Value("request-header")) - fmt.Println("newCtx1", ctx.Value("username")) - - fmt.Println("newCtx2", ctx.Value(authorization.UserClaim)) err := authorization.ValidateRole(ctx, projectID, authorization.MutationRbacRules[authorization.ListExperiment], diff --git a/chaoscenter/graphql/server/graph/chaoshub.resolvers.go b/chaoscenter/graphql/server/graph/chaoshub.resolvers.go index 9b08e2d363a..07fa3e50ff3 100644 --- a/chaoscenter/graphql/server/graph/chaoshub.resolvers.go +++ b/chaoscenter/graphql/server/graph/chaoshub.resolvers.go @@ -7,6 +7,7 @@ package graph import ( "context" "fmt" + "github.com/litmuschaos/litmus/chaoscenter/graphql/server/graph/model" "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/authorization" chaosHubOps "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/chaoshub/ops" diff --git a/chaoscenter/graphql/server/graph/environment.resolvers.go b/chaoscenter/graphql/server/graph/environment.resolvers.go index 96d035433ea..b9fd9a8496a 100644 --- a/chaoscenter/graphql/server/graph/environment.resolvers.go +++ b/chaoscenter/graphql/server/graph/environment.resolvers.go @@ -25,7 +25,13 @@ func (r *mutationResolver) CreateEnvironment(ctx context.Context, projectID stri return nil, err } - return r.environmentService.CreateEnvironment(ctx, projectID, request, ctx.Value("username").(string)) + tkn := ctx.Value(authorization.AuthKey).(string) + username, err := authorization.GetUsername(tkn) + if err != nil { + return nil, err + } + + return r.environmentService.CreateEnvironment(ctx, projectID, request, username) } // UpdateEnvironment is the resolver for the updateEnvironment field. @@ -42,7 +48,13 @@ func (r *mutationResolver) UpdateEnvironment(ctx context.Context, projectID stri return "", err } - return r.environmentService.UpdateEnvironment(ctx, projectID, request, ctx.Value("username").(string)) + tkn := ctx.Value(authorization.AuthKey).(string) + username, err := authorization.GetUsername(tkn) + if err != nil { + return "", err + } + + return r.environmentService.UpdateEnvironment(ctx, projectID, request, username) } // DeleteEnvironment is the resolver for the deleteEnvironment field. @@ -59,7 +71,13 @@ func (r *mutationResolver) DeleteEnvironment(ctx context.Context, projectID stri return "", err } - return r.environmentService.DeleteEnvironment(ctx, projectID, environmentID, ctx.Value("username").(string)) + tkn := ctx.Value(authorization.AuthKey).(string) + username, err := authorization.GetUsername(tkn) + if err != nil { + return "", err + } + + return r.environmentService.DeleteEnvironment(ctx, projectID, environmentID, username) } // GetEnvironment is the resolver for the getEnvironment field. diff --git a/chaoscenter/graphql/server/graph/resolver.go b/chaoscenter/graphql/server/graph/resolver.go index e4d0ed17700..e08b658a214 100644 --- a/chaoscenter/graphql/server/graph/resolver.go +++ b/chaoscenter/graphql/server/graph/resolver.go @@ -2,7 +2,7 @@ package graph import ( "context" - "fmt" + "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/database/mongodb/authConfig" chaos_experiment2 "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/chaos_experiment/ops" @@ -95,16 +95,7 @@ func NewConfig(mongodbOperator mongodb.MongoOperator) generated.Config { return nil, err } - fmt.Println("here2") - - fmt.Println("newCtx4", ctx.Value("request-header")) - newCtx := context.WithValue(ctx, authorization.UserClaim, user) - newCtx = context.WithValue(newCtx, "username", user["username"]) - - fmt.Println("newCtx5", newCtx.Value("username")) - fmt.Println("newCtx6", newCtx.Value(authorization.UserClaim)) - fmt.Println("newCtx4", newCtx.Value("request-header")) return next(newCtx) } diff --git a/chaoscenter/graphql/server/pkg/authorization/middleware.go b/chaoscenter/graphql/server/pkg/authorization/middleware.go index 22c55c52881..f38370c2075 100644 --- a/chaoscenter/graphql/server/pkg/authorization/middleware.go +++ b/chaoscenter/graphql/server/pkg/authorization/middleware.go @@ -37,8 +37,8 @@ func Middleware(handler http.Handler, mongoClient *mongo.Client) gin.HandlerFunc } ctx := context.WithValue(c.Request.Context(), AuthKey, jwt) - //ctx1 := context.WithValue(ctx, "request-header", c.Request.Header) - c.Request = c.Request.WithContext(ctx) + ctx1 := context.WithValue(ctx, "request-header", c.Request.Header) + c.Request = c.Request.WithContext(ctx1) fmt.Println("here1") handler.ServeHTTP(c.Writer, c.Request) } diff --git a/chaoscenter/graphql/server/pkg/chaos_experiment_run/handler/handler.go b/chaoscenter/graphql/server/pkg/chaos_experiment_run/handler/handler.go index 708d5b3753a..18b152cfef3 100644 --- a/chaoscenter/graphql/server/pkg/chaos_experiment_run/handler/handler.go +++ b/chaoscenter/graphql/server/pkg/chaos_experiment_run/handler/handler.go @@ -11,6 +11,8 @@ import ( "strings" "time" + "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/authorization" + probeUtils "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/probe/utils" "github.com/litmuschaos/litmus/chaoscenter/graphql/server/utils" @@ -792,6 +794,12 @@ func (c *ChaosExperimentRunHandler) RunChaosWorkFlow(ctx context.Context, projec txnOpts = options.Transaction().SetWriteConcern(wc).SetReadConcern(rc) ) + tkn := ctx.Value(authorization.AuthKey).(string) + username, err := authorization.GetUsername(tkn) + if err != nil { + return nil, err + } + session, err := mongodb.MgoClient.StartSession() if err != nil { logrus.Errorf("failed to start mongo session %v", err) @@ -814,11 +822,11 @@ func (c *ChaosExperimentRunHandler) RunChaosWorkFlow(ctx context.Context, projec IsRemoved: false, CreatedAt: currentTime, CreatedBy: mongodb.UserDetailResponse{ - Username: ctx.Value("username").(string), + Username: username, }, UpdatedAt: currentTime, UpdatedBy: mongodb.UserDetailResponse{ - Username: ctx.Value("username").(string), + Username: username, }, }, }, @@ -860,11 +868,11 @@ func (c *ChaosExperimentRunHandler) RunChaosWorkFlow(ctx context.Context, projec IsRemoved: false, CreatedAt: currentTime, CreatedBy: mongodb.UserDetailResponse{ - Username: ctx.Value("username").(string), + Username: username, }, UpdatedAt: currentTime, UpdatedBy: mongodb.UserDetailResponse{ - Username: ctx.Value("username").(string), + Username: username, }, }, NotifyID: ¬ifyID, @@ -907,7 +915,7 @@ func (c *ChaosExperimentRunHandler) RunChaosWorkFlow(ctx context.Context, projec if err != nil { return nil, fmt.Errorf("failed to generate probes in workflow manifest, err: %v", err) } - username := ctx.Value("username").(string) + manifest, err := yaml.Marshal(workflowManifest) if err != nil { return nil, err @@ -990,7 +998,11 @@ func (c *ChaosExperimentRunHandler) RunCronExperiment(ctx context.Context, proje return err } - username := ctx.Value("username").(string) + tkn := ctx.Value(authorization.AuthKey).(string) + username, err := authorization.GetUsername(tkn) + if err != nil { + return err + } if r != nil { chaos_infrastructure.SendExperimentToSubscriber(projectID, &model.ChaosExperimentRequest{ diff --git a/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go b/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go index a9d666cc428..e957e153b64 100644 --- a/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go +++ b/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go @@ -99,8 +99,12 @@ func (in *infraService) RegisterInfra(c context.Context, projectID string, input infraID = uuid.New().String() currentTime = time.Now() ) + tkn := c.Value(authorization.AuthKey).(string) username, err := authorization.GetUsername(tkn) + if err != nil { + return nil, err + } token, err := InfraCreateJWT(infraID) if err != nil { @@ -220,6 +224,10 @@ func (in *infraService) RegisterInfra(c context.Context, projectID string, input func (in *infraService) DeleteInfra(ctx context.Context, projectID string, infraId string, r store.StateData) (string, error) { tkn := ctx.Value(authorization.AuthKey).(string) username, err := authorization.GetUsername(tkn) + if err != nil { + return "", err + } + query := bson.D{ {"infra_id", infraId}, {"project_id", projectID}, @@ -301,6 +309,9 @@ func (in *infraService) GetInfra(ctx context.Context, projectID string, infraID tkn := ctx.Value(authorization.AuthKey).(string) username, err := authorization.GetUsername(tkn) + if err != nil { + return nil, err + } var pipeline mongo.Pipeline diff --git a/chaoscenter/graphql/server/pkg/chaoshub/service.go b/chaoscenter/graphql/server/pkg/chaoshub/service.go index 69877ad1616..80eafaa0a3f 100644 --- a/chaoscenter/graphql/server/pkg/chaoshub/service.go +++ b/chaoscenter/graphql/server/pkg/chaoshub/service.go @@ -405,6 +405,9 @@ func (c *chaosHubService) UpdateChaosHub(ctx context.Context, chaosHub model.Upd func (c *chaosHubService) DeleteChaosHub(ctx context.Context, hubID string, projectID string) (bool, error) { tkn := ctx.Value(authorization.AuthKey).(string) username, err := authorization.GetUsername(tkn) + if err != nil { + return false, err + } chaosHub, err := c.chaosHubOperator.GetHubByID(ctx, hubID, projectID) if err != nil { log.Error(err) From b296a1a912bccbfd40548908a28e5515e40bf9e9 Mon Sep 17 00:00:00 2001 From: Saranya-jena Date: Fri, 5 Jul 2024 19:30:39 +0530 Subject: [PATCH 10/16] fixed imports Signed-off-by: Saranya-jena --- .../graphql/server/graph/chaos_infrastructure.resolvers.go | 2 -- chaoscenter/graphql/server/graph/chaoshub.resolvers.go | 2 -- chaoscenter/graphql/server/pkg/authorization/middleware.go | 2 -- .../graphql/server/pkg/chaos_infrastructure/infra_utils.go | 3 --- chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go | 1 - chaoscenter/graphql/server/pkg/chaoshub/service.go | 1 - .../graphql/server/pkg/database/mongodb/probe/schema.go | 2 -- chaoscenter/graphql/server/pkg/handlers/file_handler.go | 1 - 8 files changed, 14 deletions(-) diff --git a/chaoscenter/graphql/server/graph/chaos_infrastructure.resolvers.go b/chaoscenter/graphql/server/graph/chaos_infrastructure.resolvers.go index 8ad93b535ef..4ee62af5526 100644 --- a/chaoscenter/graphql/server/graph/chaos_infrastructure.resolvers.go +++ b/chaoscenter/graphql/server/graph/chaos_infrastructure.resolvers.go @@ -97,7 +97,6 @@ func (r *mutationResolver) GetManifestWithInfraID(ctx context.Context, projectID if err != nil { return "", err } - fmt.Println("ref-url", referrerURL.Scheme, referrerURL.Host) logrus.WithFields(logFields).Info("request received to get chaos infrastructure installation manifest") manifest, err := r.chaosInfrastructureService.GetManifestWithInfraID(fmt.Sprintf("%s://%s", referrerURL.Scheme, referrerURL.Host), infraID, accessKey) if err != nil { @@ -198,7 +197,6 @@ func (r *queryResolver) GetInfraManifest(ctx context.Context, infraID string, up if err != nil { return "", err } - fmt.Println("ref-url", referrerURL.Scheme, referrerURL.Host) logrus.WithFields(logFields).Info("request received to get chaos infrastructure manifest") err = authorization.ValidateRole(ctx, projectID, diff --git a/chaoscenter/graphql/server/graph/chaoshub.resolvers.go b/chaoscenter/graphql/server/graph/chaoshub.resolvers.go index 07fa3e50ff3..e6e86caa8d3 100644 --- a/chaoscenter/graphql/server/graph/chaoshub.resolvers.go +++ b/chaoscenter/graphql/server/graph/chaoshub.resolvers.go @@ -6,7 +6,6 @@ package graph import ( "context" - "fmt" "github.com/litmuschaos/litmus/chaoscenter/graphql/server/graph/model" "github.com/litmuschaos/litmus/chaoscenter/graphql/server/pkg/authorization" @@ -97,7 +96,6 @@ func (r *mutationResolver) DeleteChaosHub(ctx context.Context, projectID string, // ListChaosFaults is the resolver for the listChaosFaults field. func (r *queryResolver) ListChaosFaults(ctx context.Context, hubID string, projectID string) ([]*model.Chart, error) { - fmt.Println("headerrr", ctx.Value("request-header")) err := authorization.ValidateRole(ctx, projectID, authorization.MutationRbacRules[authorization.ListCharts], model.InvitationAccepted.String()) diff --git a/chaoscenter/graphql/server/pkg/authorization/middleware.go b/chaoscenter/graphql/server/pkg/authorization/middleware.go index f38370c2075..89361ea5297 100644 --- a/chaoscenter/graphql/server/pkg/authorization/middleware.go +++ b/chaoscenter/graphql/server/pkg/authorization/middleware.go @@ -2,7 +2,6 @@ package authorization import ( "context" - "fmt" "net/http" "strings" @@ -39,7 +38,6 @@ func Middleware(handler http.Handler, mongoClient *mongo.Client) gin.HandlerFunc ctx := context.WithValue(c.Request.Context(), AuthKey, jwt) ctx1 := context.WithValue(ctx, "request-header", c.Request.Header) c.Request = c.Request.WithContext(ctx1) - fmt.Println("here1") handler.ServeHTTP(c.Writer, c.Request) } } diff --git a/chaoscenter/graphql/server/pkg/chaos_infrastructure/infra_utils.go b/chaoscenter/graphql/server/pkg/chaos_infrastructure/infra_utils.go index c8203776e3e..0c3e8e94ac7 100644 --- a/chaoscenter/graphql/server/pkg/chaos_infrastructure/infra_utils.go +++ b/chaoscenter/graphql/server/pkg/chaos_infrastructure/infra_utils.go @@ -21,9 +21,6 @@ type SubscriberConfigurations struct { func GetEndpoint(host string) (string, error) { // returns endpoint from env, if provided by user - - fmt.Println("host", host) - fmt.Println("ui-endpoint", utils.Config.ChaosCenterUiEndpoint) if utils.Config.ChaosCenterUiEndpoint != "" { return utils.Config.ChaosCenterUiEndpoint + "/api/query", nil } diff --git a/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go b/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go index e957e153b64..437615b25b6 100644 --- a/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go +++ b/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go @@ -205,7 +205,6 @@ func (in *infraService) RegisterInfra(c context.Context, projectID string, input if err != nil { return nil, err } - fmt.Println("ref-url-register-infra", referrerURL.Scheme, referrerURL.Host) manifestYaml, err := GetK8sInfraYaml(fmt.Sprintf("%s://%s", referrerURL.Scheme, referrerURL.Host), newInfra) if err != nil { diff --git a/chaoscenter/graphql/server/pkg/chaoshub/service.go b/chaoscenter/graphql/server/pkg/chaoshub/service.go index 80eafaa0a3f..bb4c1b0e2fc 100644 --- a/chaoscenter/graphql/server/pkg/chaoshub/service.go +++ b/chaoscenter/graphql/server/pkg/chaoshub/service.go @@ -320,7 +320,6 @@ func (c *chaosHubService) UpdateChaosHub(ctx context.Context, chaosHub model.Upd SSHPrivateKey: chaosHub.SSHPrivateKey, IsDefault: false, } - fmt.Println(chaosHub.SSHPrivateKey) prevChaosHub, err := c.chaosHubOperator.GetHubByID(ctx, chaosHub.ID, projectID) if err != nil { return nil, err diff --git a/chaoscenter/graphql/server/pkg/database/mongodb/probe/schema.go b/chaoscenter/graphql/server/pkg/database/mongodb/probe/schema.go index 581b1b6b71f..0cab8a820d6 100644 --- a/chaoscenter/graphql/server/pkg/database/mongodb/probe/schema.go +++ b/chaoscenter/graphql/server/pkg/database/mongodb/probe/schema.go @@ -2,7 +2,6 @@ package probe import ( "encoding/json" - "fmt" "strconv" "github.com/litmuschaos/litmus/chaoscenter/graphql/server/graph/model" @@ -230,7 +229,6 @@ func (probe *Probe) GetOutputProbe() *model.Probe { if probe.KubernetesCMDProperties.Source != nil { jsonSource, _ := json.Marshal(probe.KubernetesCMDProperties.Source) source := string(jsonSource) - fmt.Println("string source", source) probeResponse.KubernetesCMDProperties.Source = &source } diff --git a/chaoscenter/graphql/server/pkg/handlers/file_handler.go b/chaoscenter/graphql/server/pkg/handlers/file_handler.go index dc169ff6c89..8ccf6f178e5 100644 --- a/chaoscenter/graphql/server/pkg/handlers/file_handler.go +++ b/chaoscenter/graphql/server/pkg/handlers/file_handler.go @@ -54,7 +54,6 @@ func FileHandler(mongodbOperator mongodb.MongoOperator) gin.HandlerFunc { utils.WriteHeaders(&c.Writer, 500) c.Writer.Write([]byte(err.Error())) } - fmt.Println("ref-url", referrerURL.Scheme, referrerURL.Host) response, err := chaos_infrastructure.GetK8sInfraYaml(fmt.Sprintf("%s://%s", referrerURL.Scheme, referrerURL.Host), infra) if err != nil { From 6377a5389ba1a09b5f96e5bffbd61871afca9fa5 Mon Sep 17 00:00:00 2001 From: Saranya-jena Date: Fri, 5 Jul 2024 19:32:37 +0530 Subject: [PATCH 11/16] reverted changes for push pipeline Signed-off-by: Saranya-jena --- .github/workflows/push.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 03cb31f1719..e4f50e0df92 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -1,11 +1,11 @@ name: push-pipeline on: - workflow_dispatch: - inputs: - Tag: - default: "ci" -env: - TAG: "${{github.event.inputs.Tag}}" + push: + branches: + - master + - ^v[0-9]*.[0-9]*.x$ + tags: + - "*" defaults: run: working-directory: chaoscenter @@ -48,7 +48,7 @@ jobs: img_tag=${GITHUB_REF#refs/*/} else echo "non tag build" - img_tag=${{ env.TAG }} + img_tag="ci" fi # This is a condition where image tag looks like "pull/" during pull request build NEW_IMG_TAG=`echo $img_tag | sed "s/\//-/g"` @@ -279,4 +279,4 @@ jobs: source env-vars FRONTEND_IMAGE=${{ matrix.frontend.image_name }} timestamp=`date "+%s"` - make push-frontend + make push-frontend \ No newline at end of file From e26a8adc44a9b65bc44d7f0bc27abd968949f66e Mon Sep 17 00:00:00 2001 From: Saranya-jena Date: Fri, 5 Jul 2024 19:34:23 +0530 Subject: [PATCH 12/16] updated go mod Signed-off-by: Saranya-jena --- chaoscenter/graphql/server/go.mod | 5 +---- chaoscenter/graphql/server/go.sum | 4 ---- 2 files changed, 1 insertion(+), 8 deletions(-) diff --git a/chaoscenter/graphql/server/go.mod b/chaoscenter/graphql/server/go.mod index e21d7bfb5da..c9c892709a4 100644 --- a/chaoscenter/graphql/server/go.mod +++ b/chaoscenter/graphql/server/go.mod @@ -30,7 +30,6 @@ require ( gopkg.in/yaml.v2 v2.4.0 k8s.io/api v0.26.0 k8s.io/apimachinery v0.26.0 - k8s.io/client-go v12.0.0+incompatible sigs.k8s.io/yaml v1.4.0 ) @@ -69,10 +68,8 @@ require ( github.com/golang/snappy v0.0.1 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect - github.com/googleapis/gnostic v0.5.5 // indirect github.com/grpc-ecosystem/grpc-gateway v1.16.0 // indirect github.com/hashicorp/golang-lru/v2 v2.0.7 // indirect - github.com/imdario/mergo v0.3.12 // indirect github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect @@ -92,7 +89,6 @@ require ( github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect github.com/skeema/knownhosts v1.2.2 // indirect github.com/sosodev/duration v1.3.1 // indirect - github.com/spf13/pflag v1.0.5 // indirect github.com/stretchr/objx v0.5.2 // indirect github.com/tidwall/match v1.1.1 // indirect github.com/tidwall/pretty v1.2.0 // indirect @@ -118,6 +114,7 @@ require ( gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/warnings.v0 v0.1.2 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect + k8s.io/client-go v12.0.0+incompatible // indirect k8s.io/klog/v2 v2.80.1 // indirect k8s.io/kube-openapi v0.0.0-20220124234850-424119656bbf // indirect k8s.io/utils v0.0.0-20221107191617-1a15be271d1d // indirect diff --git a/chaoscenter/graphql/server/go.sum b/chaoscenter/graphql/server/go.sum index e64de3b47bf..63a6665a014 100644 --- a/chaoscenter/graphql/server/go.sum +++ b/chaoscenter/graphql/server/go.sum @@ -324,8 +324,6 @@ github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLi github.com/evanphx/json-patch v4.5.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch v4.11.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= -github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d/go.mod h1:ZZMPRZwes7CROmyNKgQzC3XPs6L/G2EJLHddWejkmf4= github.com/fatih/camelcase v1.0.0/go.mod h1:yN2Sb0lFhZJUdVvtELVWefmrXpuZESvPmqwoZc+/fpc= github.com/fatih/color v1.6.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= @@ -622,7 +620,6 @@ github.com/googleapis/gnostic v0.3.0/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTV github.com/googleapis/gnostic v0.3.1/go.mod h1:on+2t9HRStVgn95RSsFWFz+6Q0Snyqv1awfrALZdbtU= github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg= github.com/googleapis/gnostic v0.5.1/go.mod h1:6U4PtQXGIEt/Z3h5MAT7FNofLnw9vXk2cUuW7uA/OeU= -github.com/googleapis/gnostic v0.5.5 h1:9fHAtK0uDfpveeqqo1hkEZJcFvYXAiCN3UutL8F9xHw= github.com/googleapis/gnostic v0.5.5/go.mod h1:7+EbHbldMins07ALC74bsA81Ovc97DwqyJO1AENw9kA= github.com/gophercloud/gophercloud v0.1.0/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8= github.com/gophercloud/gophercloud v0.2.0/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8= @@ -698,7 +695,6 @@ github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJ github.com/imdario/mergo v0.3.7/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.9/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU= github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/improbable-eng/thanos v0.3.2/go.mod h1:GZewVGILKuJVPNRn7L4Zw+7X96qzFOwj63b22xYGXBE= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= From 92515edd847f3d2b7ca3ec11352fbceb760e6d6b Mon Sep 17 00:00:00 2001 From: Saranya-jena Date: Mon, 8 Jul 2024 10:47:39 +0530 Subject: [PATCH 13/16] updated mocks Signed-off-by: Saranya-jena --- .../pkg/chaos_infrastructure/model/mocks/service.go | 9 ++------- .../graphql/server/pkg/chaos_infrastructure/service.go | 2 -- 2 files changed, 2 insertions(+), 9 deletions(-) diff --git a/chaoscenter/graphql/server/pkg/chaos_infrastructure/model/mocks/service.go b/chaoscenter/graphql/server/pkg/chaos_infrastructure/model/mocks/service.go index 608340cf178..c20b5242771 100644 --- a/chaoscenter/graphql/server/pkg/chaos_infrastructure/model/mocks/service.go +++ b/chaoscenter/graphql/server/pkg/chaos_infrastructure/model/mocks/service.go @@ -48,13 +48,8 @@ func (s *InfraService) SendInfraEvent(eventType, eventName, description string, s.Called(eventType, eventName, description, infra, r) } -func (s *InfraService) GetManifest(token string) ([]byte, int, error) { - args := s.Called(token) - return args.Get(0).([]byte), args.Int(1), args.Error(2) -} - -func (s *InfraService) GetManifestWithInfraID(infraID string, accessKey string) ([]byte, error) { - args := s.Called(infraID, accessKey) +func (s *InfraService) GetManifestWithInfraID(host string, infraID string, accessKey string) ([]byte, error) { + args := s.Called(host, infraID, accessKey) return args.Get(0).([]byte), args.Error(1) } diff --git a/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go b/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go index 437615b25b6..94d093e7693 100644 --- a/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go +++ b/chaoscenter/graphql/server/pkg/chaos_infrastructure/service.go @@ -40,12 +40,10 @@ type Service interface { RegisterInfra(c context.Context, projectID string, input model.RegisterInfraRequest) (*model.RegisterInfraResponse, error) ConfirmInfraRegistration(request model.InfraIdentity, r store.StateData) (*model.ConfirmInfraRegistrationResponse, error) VerifyInfra(identity model.InfraIdentity) (*dbChaosInfra.ChaosInfra, error) - //NewClusterEvent(request model.NewClusterEventRequest, r store.StateData) (string, error) DeleteInfra(ctx context.Context, projectID string, infraId string, r store.StateData) (string, error) ListInfras(projectID string, request *model.ListInfraRequest) (*model.ListInfraResponse, error) GetInfraDetails(ctx context.Context, infraID string, projectID string) (*model.Infra, error) SendInfraEvent(eventType, eventName, description string, infra model.Infra, r store.StateData) - //GetManifest(token string) ([]byte, int, error) GetManifestWithInfraID(host string, infraID string, accessKey string) ([]byte, error) GetInfra(ctx context.Context, projectID string, infraID string) (*model.Infra, error) GetInfraStats(ctx context.Context, projectID string) (*model.GetInfraStatsResponse, error) From 6c6bc9d83d771dc6bfbcd675b8f1553db1fab107 Mon Sep 17 00:00:00 2001 From: Saranya-jena Date: Mon, 8 Jul 2024 11:56:22 +0530 Subject: [PATCH 14/16] updated manifests Signed-off-by: Saranya-jena --- .../pkg/chaos_infrastructure/infra_utils.go | 9 - chaoscenter/graphql/server/utils/variables.go | 8 - .../manifests/litmus-cluster-scope.yaml | 414 ------------------ .../manifests/litmus-namespaced-scope.yaml | 53 +-- .../manifests/litmus-without-resources.yaml | 91 +--- 5 files changed, 15 insertions(+), 560 deletions(-) delete mode 100644 chaoscenter/manifests/litmus-cluster-scope.yaml diff --git a/chaoscenter/graphql/server/pkg/chaos_infrastructure/infra_utils.go b/chaoscenter/graphql/server/pkg/chaos_infrastructure/infra_utils.go index 0c3e8e94ac7..342847d9041 100644 --- a/chaoscenter/graphql/server/pkg/chaos_infrastructure/infra_utils.go +++ b/chaoscenter/graphql/server/pkg/chaos_infrastructure/infra_utils.go @@ -26,15 +26,6 @@ func GetEndpoint(host string) (string, error) { } return host + "/api/query", nil - // generating endpoint based on ChaosCenter Scope & InfraType (Self or External) - //agentEndpoint, err := k8s.GetServerEndpoint(utils.Config.ChaosCenterScope, agentType) - - //if agentEndpoint == "" { - // return "", fmt.Errorf("failed to retrieve the server endpoint %v", err) - //} - - //return agentEndpoint, err - } func GetK8sInfraYaml(host string, infra dbChaosInfra.ChaosInfra) ([]byte, error) { diff --git a/chaoscenter/graphql/server/utils/variables.go b/chaoscenter/graphql/server/utils/variables.go index 8ce0b3f4502..a1e386f997f 100644 --- a/chaoscenter/graphql/server/utils/variables.go +++ b/chaoscenter/graphql/server/utils/variables.go @@ -8,10 +8,8 @@ type Configuration struct { Version string `required:"true"` InfraDeployments string `required:"true" split_words:"true"` DbServer string `required:"true" split_words:"true"` - LitmusPortalNamespace string `required:"true" split_words:"true"` DbUser string `required:"true" split_words:"true"` DbPassword string `required:"true" split_words:"true"` - ChaosCenterScope string `required:"true" split_words:"true"` SubscriberImage string `required:"true" split_words:"true"` EventTrackerImage string `required:"true" split_words:"true"` ArgoWorkflowControllerImage string `required:"true" split_words:"true"` @@ -21,10 +19,6 @@ type Configuration struct { LitmusChaosExporterImage string `required:"true" split_words:"true"` ContainerRuntimeExecutor string `required:"true" split_words:"true"` WorkflowHelperImageVersion string `required:"true" split_words:"true"` - ServerServiceName string `split_words:"true"` - NodeName string `split_words:"true"` - Ingress string `split_words:"true"` - IngressName string `split_words:"true"` ChaosCenterUiEndpoint string `split_words:"true" default:"https://localhost:8080"` TlsCertB64 string `split_words:"true"` LitmusAuthGrpcEndpoint string `split_words:"true" default:"localhost"` @@ -32,8 +26,6 @@ type Configuration struct { KubeConfigFilePath string `split_words:"true"` RemoteHubMaxSize string `split_words:"true"` SkipSslVerify string `split_words:"true"` - SelfInfraNodeSelector string `split_words:"true"` - SelfInfraTolerations string `split_words:"true"` HttpPort string `split_words:"true" default:"8080"` RpcPort string `split_words:"true" default:"8000"` InfraCompatibleVersions string `required:"true" split_words:"true"` diff --git a/chaoscenter/manifests/litmus-cluster-scope.yaml b/chaoscenter/manifests/litmus-cluster-scope.yaml deleted file mode 100644 index 05f97cfa54f..00000000000 --- a/chaoscenter/manifests/litmus-cluster-scope.yaml +++ /dev/null @@ -1,414 +0,0 @@ ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: litmus-server-cr -rules: - - apiGroups: [networking.k8s.io, extensions] - resources: [ingresses] - verbs: [get] - - apiGroups: [""] - resources: [services, nodes, pods/log] # Will have to remove this for namespaced scope - verbs: [get, watch] - - apiGroups: [""] # To get TLS Cert from secrets incase of cluster scope - resources: [secrets] - verbs: [get] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: litmus-server-crb -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: litmus-server-cr -subjects: - - kind: ServiceAccount - name: litmus-server-account - namespace: litmus -## Control plane manifests ---- -apiVersion: v1 -kind: Namespace -metadata: - name: litmus ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: litmus-server-account - namespace: litmus ---- -apiVersion: v1 -kind: Secret -metadata: - name: litmus-portal-admin-secret - namespace: litmus -stringData: - JWT_SECRET: "litmus-portal@123" - DB_USER: "root" - DB_PASSWORD: "1234" ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: litmus-portal-admin-config - namespace: litmus -data: - DB_SERVER: mongodb://my-release-mongodb-0.my-release-mongodb-headless:27017,my-release-mongodb-1.my-release-mongodb-headless:27017,my-release-mongodb-2.my-release-mongodb-headless:27017/admin - VERSION: "ci" - SKIP_SSL_VERIFY: "false" - # Configurations if you are using dex for OAuth - DEX_ENABLED: "false" - OIDC_ISSUER: "http://:32000" - DEX_OAUTH_CALLBACK_URL: "http://:8080/auth/dex/callback" - DEX_OAUTH_CLIENT_ID: "LitmusPortalAuthBackend" - DEX_OAUTH_CLIENT_SECRET: "ZXhhbXBsZS1hcHAtc2VjcmV0" - OAuthJwtSecret: "litmus-oauth@123" ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: litmusportal-frontend-nginx-configuration - namespace: litmus -data: - nginx.conf: | - pid /tmp/nginx.pid; - - events { - worker_connections 1024; - } - - http { - map $http_upgrade $connection_upgrade { - default upgrade; - '' close; - } - - client_body_temp_path /tmp/client_temp; - proxy_temp_path /tmp/proxy_temp_path; - fastcgi_temp_path /tmp/fastcgi_temp; - uwsgi_temp_path /tmp/uwsgi_temp; - scgi_temp_path /tmp/scgi_temp; - - sendfile on; - tcp_nopush on; - tcp_nodelay on; - keepalive_timeout 65; - types_hash_max_size 2048; - server_tokens off; - - include /etc/nginx/mime.types; - - gzip on; - gzip_disable "msie6"; - - access_log /var/log/nginx/access.log; - error_log /var/log/nginx/error.log; - - server { - listen 8185 default_server; - root /opt/chaos; - - location /health { - return 200; - } - - location / { - proxy_http_version 1.1; - add_header Cache-Control "no-cache"; - try_files $uri /index.html; - autoindex on; - } - - # redirect server error pages to the static page /50x.html - # - error_page 500 502 503 504 /50x.html; - location = /50x.html { - root /usr/share/nginx/html; - } - - location /auth/ { - proxy_http_version 1.1; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_pass "http://litmusportal-auth-server-service:9003/"; - } - - location /api/ { - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection $connection_upgrade; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_pass "http://litmusportal-server-service:9002/"; - } - } - } ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: litmusportal-frontend - namespace: litmus - labels: - component: litmusportal-frontend -spec: - replicas: 1 - selector: - matchLabels: - component: litmusportal-frontend - template: - metadata: - labels: - component: litmusportal-frontend - spec: - automountServiceAccountToken: false - containers: - - name: litmusportal-frontend - image: litmuschaos/litmusportal-frontend:ci - imagePullPolicy: Always - # securityContext: - # runAsUser: 2000 - # allowPrivilegeEscalation: false - # runAsNonRoot: true - ports: - - containerPort: 8185 - resources: - requests: - memory: "150Mi" - cpu: "125m" - ephemeral-storage: "500Mi" - limits: - memory: "512Mi" - cpu: "550m" - ephemeral-storage: "1Gi" - volumeMounts: - - name: nginx-config - mountPath: /etc/nginx/nginx.conf - subPath: nginx.conf - volumes: - - name: nginx-config - configMap: - name: litmusportal-frontend-nginx-configuration ---- -apiVersion: v1 -kind: Service -metadata: - name: litmusportal-frontend-service - namespace: litmus -spec: - type: NodePort - ports: - - name: http - port: 9091 - targetPort: 8185 - selector: - component: litmusportal-frontend ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: litmusportal-server - namespace: litmus - labels: - component: litmusportal-server -spec: - replicas: 1 - selector: - matchLabels: - component: litmusportal-server - template: - metadata: - labels: - component: litmusportal-server - spec: - volumes: - - name: gitops-storage - emptyDir: {} - - name: hub-storage - emptyDir: {} - containers: - - name: graphql-server - image: litmuschaos/litmusportal-server:ci - volumeMounts: - - mountPath: /tmp/ - name: gitops-storage - - mountPath: /tmp/version - name: hub-storage - securityContext: - runAsUser: 2000 - allowPrivilegeEscalation: false - runAsNonRoot: true - readOnlyRootFilesystem: true - envFrom: - - configMapRef: - name: litmus-portal-admin-config - - secretRef: - name: litmus-portal-admin-secret - env: - # if self-signed certificate are used pass the k8s tls secret name created in portal ns, to allow agents to use tls for communication - - name: TLS_SECRET_NAME - value: "" - - name: LITMUS_PORTAL_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CHAOS_CENTER_SCOPE - value: "cluster" - - name: ENABLE_GQL_INTROSPECTION - value: "false" - - name: SUBSCRIBER_IMAGE - value: "litmuschaos/litmusportal-subscriber:ci" - - name: EVENT_TRACKER_IMAGE - value: "litmuschaos/litmusportal-event-tracker:ci" - - name: ARGO_WORKFLOW_CONTROLLER_IMAGE - value: "litmuschaos/workflow-controller:v3.3.1" - - name: ARGO_WORKFLOW_EXECUTOR_IMAGE - value: "litmuschaos/argoexec:v3.3.1" - - name: LITMUS_CHAOS_OPERATOR_IMAGE - value: "litmuschaos/chaos-operator:ci" - - name: LITMUS_CHAOS_RUNNER_IMAGE - value: "litmuschaos/chaos-runner:ci" - - name: LITMUS_CHAOS_EXPORTER_IMAGE - value: "litmuschaos/chaos-exporter:ci" - - name: SERVER_SERVICE_NAME - value: "litmusportal-server-service" - - name: INFRA_DEPLOYMENTS - value: '["app=chaos-exporter", "name=chaos-operator", "app=workflow-controller", "app=event-tracker"]' - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: CHAOS_CENTER_UI_ENDPOINT - value: "" - - name: INGRESS - value: "false" - - name: INGRESS_NAME - value: "litmus-ingress" - - name: CONTAINER_RUNTIME_EXECUTOR - value: "k8sapi" - - name: DEFAULT_HUB_BRANCH_NAME - value: "master" - - name: LITMUS_AUTH_GRPC_ENDPOINT - value: "litmusportal-auth-server-service" - - name: LITMUS_AUTH_GRPC_PORT - value: ":3030" - - name: WORKFLOW_HELPER_IMAGE_VERSION - value: "3.7.0" - - name: REMOTE_HUB_MAX_SIZE - value: "5000000" - - name: INFRA_COMPATIBLE_VERSIONS - value: '["ci"]' - - name: ALLOWED_ORIGINS - value: ^(http://|https://|)litmuschaos.io(:[0-9]+|)?,^(http://|https://|)litmusportal-server-service(:[0-9]+|)? - ports: - - containerPort: 8080 - - containerPort: 8000 - imagePullPolicy: Always - resources: - requests: - memory: "250Mi" - cpu: "225m" - ephemeral-storage: "500Mi" - limits: - memory: "712Mi" - cpu: "550m" - ephemeral-storage: "1Gi" - serviceAccountName: litmus-server-account ---- -apiVersion: v1 -kind: Service -metadata: - name: litmusportal-server-service - namespace: litmus -spec: - type: NodePort - ports: - - name: graphql-server - port: 9002 - targetPort: 8080 - - name: graphql-rpc-server - port: 8000 - targetPort: 8000 - selector: - component: litmusportal-server ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: litmusportal-auth-server - namespace: litmus - labels: - component: litmusportal-auth-server -spec: - replicas: 1 - selector: - matchLabels: - component: litmusportal-auth-server - template: - metadata: - labels: - component: litmusportal-auth-server - spec: - automountServiceAccountToken: false - containers: - - name: auth-server - image: litmuschaos/litmusportal-auth-server:ci - securityContext: - runAsUser: 2000 - allowPrivilegeEscalation: false - runAsNonRoot: true - readOnlyRootFilesystem: true - envFrom: - - configMapRef: - name: litmus-portal-admin-config - - secretRef: - name: litmus-portal-admin-secret - env: - - name: STRICT_PASSWORD_POLICY - value: "false" - - name: ADMIN_USERNAME - value: "admin" - - name: ADMIN_PASSWORD - value: "litmus" - - name: LITMUS_GQL_GRPC_ENDPOINT - value: "litmusportal-server-service" - - name: LITMUS_GQL_GRPC_PORT - value: ":8000" - - name: ALLOWED_ORIGINS - value: ^(http://|https://|)litmuschaos.io(:[0-9]+|)?,^(http://|https://|)litmusportal-auth-server-service(:[0-9]+|)? - resources: - requests: - memory: "250Mi" - cpu: "225m" - ephemeral-storage: "500Mi" - limits: - memory: "712Mi" - cpu: "550m" - ephemeral-storage: "1Gi" - ports: - - containerPort: 3000 - - containerPort: 3030 - imagePullPolicy: Always ---- -apiVersion: v1 -kind: Service -metadata: - name: litmusportal-auth-server-service - namespace: litmus -spec: - type: NodePort - ports: - - name: auth-server - port: 9003 - targetPort: 3000 - - name: auth-rpc-server - port: 3030 - targetPort: 3030 - selector: - component: litmusportal-auth-server diff --git a/chaoscenter/manifests/litmus-namespaced-scope.yaml b/chaoscenter/manifests/litmus-namespaced-scope.yaml index a56fbd17411..04be8ac9e97 100644 --- a/chaoscenter/manifests/litmus-namespaced-scope.yaml +++ b/chaoscenter/manifests/litmus-namespaced-scope.yaml @@ -1,33 +1,4 @@ --- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: litmus-server-role -rules: - - apiGroups: [networking.k8s.io, extensions] - resources: [ingresses] - verbs: [get] - - apiGroups: [""] - resources: [services, pods/log] - verbs: [get, watch] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: litmus-server-rb -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: litmus-server-role -subjects: - - kind: ServiceAccount - name: litmus-server-account ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: litmus-server-account ---- apiVersion: v1 kind: Secret metadata: @@ -203,6 +174,7 @@ spec: labels: component: litmusportal-server spec: + automountServiceAccountToken: false volumes: - name: gitops-storage emptyDir: {} @@ -227,25 +199,13 @@ spec: - secretRef: name: litmus-portal-admin-secret env: - - name: LITMUS_PORTAL_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: INFRA_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace # if self-signed certificate are used pass the base64 tls certificate, to allow agents to use tls for communication - name: TLS_CERT_B64 value: "" - - name: CHAOS_CENTER_SCOPE - value: "namespace" - name: ENABLE_GQL_INTROSPECTION value: "false" - name: INFRA_DEPLOYMENTS value: '["app=chaos-exporter", "name=chaos-operator", "app=workflow-controller", "app=event-tracker"]' - - name: SERVER_SERVICE_NAME - value: "litmusportal-server-service" - name: CHAOS_CENTER_UI_ENDPOINT value: "" - name: SUBSCRIBER_IMAGE @@ -271,17 +231,13 @@ spec: - name: LITMUS_AUTH_GRPC_PORT value: ":3030" - name: WORKFLOW_HELPER_IMAGE_VERSION - value: "3.7.0" + value: "ci" - name: REMOTE_HUB_MAX_SIZE value: "5000000" - - name: INGRESS - value: "false" - - name: INGRESS_NAME - value: "litmus-ingress" - name: INFRA_COMPATIBLE_VERSIONS value: '["ci"]' - name: ALLOWED_ORIGINS - value: ^(http://|https://|)litmuschaos.io(:[0-9]+|)?,^(http://|https://|)litmusportal-server-service(:[0-9]+|)? + value: ".*" ports: - containerPort: 8080 - containerPort: 8000 @@ -295,7 +251,6 @@ spec: memory: "712Mi" cpu: "550m" ephemeral-storage: "1Gi" - serviceAccountName: litmus-server-account --- apiVersion: v1 kind: Service @@ -355,7 +310,7 @@ spec: - name: LITMUS_GQL_GRPC_PORT value: ":8000" - name: ALLOWED_ORIGINS - value: ^(http://|https://|)litmuschaos.io(:[0-9]+|)?,^(http://|https://|)litmusportal-auth-server-service(:[0-9]+|)? + value: ".*" ports: - containerPort: 3000 - containerPort: 3030 diff --git a/chaoscenter/manifests/litmus-without-resources.yaml b/chaoscenter/manifests/litmus-without-resources.yaml index ae0debeff4c..4b60c95ab45 100644 --- a/chaoscenter/manifests/litmus-without-resources.yaml +++ b/chaoscenter/manifests/litmus-without-resources.yaml @@ -1,46 +1,8 @@ --- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: litmus-server-cr -rules: - - apiGroups: [networking.k8s.io, extensions] - resources: [ingresses] - verbs: [get] - - apiGroups: [""] - resources: [services, nodes, pods/log] - verbs: [get, watch] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: litmus-server-crb -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: litmus-server-cr -subjects: - - kind: ServiceAccount - name: litmus-server-account - namespace: litmus -## Control plane manifests ---- -apiVersion: v1 -kind: Namespace -metadata: - name: litmus ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: litmus-server-account - namespace: litmus ---- apiVersion: v1 kind: Secret metadata: name: litmus-portal-admin-secret - namespace: litmus stringData: JWT_SECRET: "litmus-portal@123" DB_USER: "root" @@ -50,24 +12,15 @@ apiVersion: v1 kind: ConfigMap metadata: name: litmus-portal-admin-config - namespace: litmus data: DB_SERVER: mongodb://my-release-mongodb-0.my-release-mongodb-headless:27017,my-release-mongodb-1.my-release-mongodb-headless:27017,my-release-mongodb-2.my-release-mongodb-headless:27017/admin VERSION: "ci" SKIP_SSL_VERIFY: "false" - # Configurations if you are using dex for OAuth - DEX_ENABLED: "false" - OIDC_ISSUER: "http://:32000" - DEX_OAUTH_CALLBACK_URL: "http://:8080/auth/dex/callback" - DEX_OAUTH_CLIENT_ID: "LitmusPortalAuthBackend" - DEX_OAUTH_CLIENT_SECRET: "ZXhhbXBsZS1hcHAtc2VjcmV0" - OAuthJwtSecret: "litmus-oauth@123" --- apiVersion: v1 kind: ConfigMap metadata: name: litmusportal-frontend-nginx-configuration - namespace: litmus data: nginx.conf: | pid /tmp/nginx.pid; @@ -151,7 +104,6 @@ apiVersion: apps/v1 kind: Deployment metadata: name: litmusportal-frontend - namespace: litmus labels: component: litmusportal-frontend spec: @@ -168,11 +120,11 @@ spec: containers: - name: litmusportal-frontend image: litmuschaos/litmusportal-frontend:ci - imagePullPolicy: Always # securityContext: # runAsUser: 2000 # allowPrivilegeEscalation: false # runAsNonRoot: true + imagePullPolicy: Always ports: - containerPort: 8185 volumeMounts: @@ -188,7 +140,6 @@ apiVersion: v1 kind: Service metadata: name: litmusportal-frontend-service - namespace: litmus spec: type: NodePort ports: @@ -202,7 +153,6 @@ apiVersion: apps/v1 kind: Deployment metadata: name: litmusportal-server - namespace: litmus labels: component: litmusportal-server spec: @@ -215,6 +165,7 @@ spec: labels: component: litmusportal-server spec: + automountServiceAccountToken: false volumes: - name: gitops-storage emptyDir: {} @@ -239,17 +190,15 @@ spec: - secretRef: name: litmus-portal-admin-secret env: - # if self-signed certificate are used pass the k8s tls secret name created in portal ns, to allow agents to use tls for communication - - name: TLS_SECRET_NAME + # if self-signed certificate are used pass the base64 tls certificate, to allow agents to use tls for communication + - name: TLS_CERT_B64 value: "" - - name: LITMUS_PORTAL_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: CHAOS_CENTER_SCOPE - value: "cluster" - name: ENABLE_GQL_INTROSPECTION value: "false" + - name: INFRA_DEPLOYMENTS + value: '["app=chaos-exporter", "name=chaos-operator", "app=workflow-controller", "app=event-tracker"]' + - name: CHAOS_CENTER_UI_ENDPOINT + value: "" - name: SUBSCRIBER_IMAGE value: "litmuschaos/litmusportal-subscriber:ci" - name: EVENT_TRACKER_IMAGE @@ -264,20 +213,6 @@ spec: value: "litmuschaos/chaos-runner:ci" - name: LITMUS_CHAOS_EXPORTER_IMAGE value: "litmuschaos/chaos-exporter:ci" - - name: SERVER_SERVICE_NAME - value: "litmusportal-server-service" - - name: INFRA_DEPLOYMENTS - value: '["app=chaos-exporter", "name=chaos-operator", "app=workflow-controller", "app=event-tracker"]' - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: CHAOS_CENTER_UI_ENDPOINT - value: "" - - name: INGRESS - value: "false" - - name: INGRESS_NAME - value: "litmus-ingress" - name: CONTAINER_RUNTIME_EXECUTOR value: "k8sapi" - name: DEFAULT_HUB_BRANCH_NAME @@ -287,24 +222,22 @@ spec: - name: LITMUS_AUTH_GRPC_PORT value: ":3030" - name: WORKFLOW_HELPER_IMAGE_VERSION - value: "3.7.0" + value: "ci" - name: REMOTE_HUB_MAX_SIZE value: "5000000" - name: INFRA_COMPATIBLE_VERSIONS value: '["ci"]' - name: ALLOWED_ORIGINS - value: ^(http://|https://|)litmuschaos.io(:[0-9]+|)?,^(http://|https://|)litmusportal-server-service(:[0-9]+|)? + value: ".*" ports: - containerPort: 8080 - containerPort: 8000 imagePullPolicy: Always - serviceAccountName: litmus-server-account --- apiVersion: v1 kind: Service metadata: name: litmusportal-server-service - namespace: litmus spec: type: NodePort ports: @@ -321,7 +254,6 @@ apiVersion: apps/v1 kind: Deployment metadata: name: litmusportal-auth-server - namespace: litmus labels: component: litmusportal-auth-server spec: @@ -360,7 +292,7 @@ spec: - name: LITMUS_GQL_GRPC_PORT value: ":8000" - name: ALLOWED_ORIGINS - value: ^(http://|https://|)litmuschaos.io(:[0-9]+|)?,^(http://|https://|)litmusportal-auth-server-service(:[0-9]+|)? + value: ".*" ports: - containerPort: 3000 - containerPort: 3030 @@ -370,7 +302,6 @@ apiVersion: v1 kind: Service metadata: name: litmusportal-auth-server-service - namespace: litmus spec: type: NodePort ports: From c730f51a90e415a95006745603f92474e32df34e Mon Sep 17 00:00:00 2001 From: Saranya-jena Date: Mon, 8 Jul 2024 12:10:53 +0530 Subject: [PATCH 15/16] updated manifest Signed-off-by: Saranya-jena --- chaoscenter/manifests/litmus-namespaced-scope.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/chaoscenter/manifests/litmus-namespaced-scope.yaml b/chaoscenter/manifests/litmus-namespaced-scope.yaml index 04be8ac9e97..125dc82cde1 100644 --- a/chaoscenter/manifests/litmus-namespaced-scope.yaml +++ b/chaoscenter/manifests/litmus-namespaced-scope.yaml @@ -16,6 +16,13 @@ data: DB_SERVER: mongodb://my-release-mongodb-0.my-release-mongodb-headless:27017,my-release-mongodb-1.my-release-mongodb-headless:27017,my-release-mongodb-2.my-release-mongodb-headless:27017/admin VERSION: "ci" SKIP_SSL_VERIFY: "false" + # Configurations if you are using dex for OAuth + DEX_ENABLED: "false" + OIDC_ISSUER: "http://:32000" + DEX_OAUTH_CALLBACK_URL: "http://:8080/auth/dex/callback" + DEX_OAUTH_CLIENT_ID: "LitmusPortalAuthBackend" + DEX_OAUTH_CLIENT_SECRET: "ZXhhbXBsZS1hcHAtc2VjcmV0" + OAuthJwtSecret: "litmus-oauth@123" --- apiVersion: v1 kind: ConfigMap From ea13789c06f84128e60259a47f440c7fc55aa5c5 Mon Sep 17 00:00:00 2001 From: Saranya-jena Date: Mon, 8 Jul 2024 12:38:59 +0530 Subject: [PATCH 16/16] updated manifest Signed-off-by: Saranya-jena --- .../graphql/server/pkg/chaos_infrastructure/infra_utils.go | 7 ------- 1 file changed, 7 deletions(-) diff --git a/chaoscenter/graphql/server/pkg/chaos_infrastructure/infra_utils.go b/chaoscenter/graphql/server/pkg/chaos_infrastructure/infra_utils.go index 342847d9041..d489046d0d1 100644 --- a/chaoscenter/graphql/server/pkg/chaos_infrastructure/infra_utils.go +++ b/chaoscenter/graphql/server/pkg/chaos_infrastructure/infra_utils.go @@ -203,13 +203,6 @@ func ManifestParser(infra dbChaosInfra.ChaosInfra, rootPath string, config *Subs // SendRequestToSubscriber sends events from the graphQL server to the subscribers listening for the requests func SendRequestToSubscriber(subscriberRequest SubscriberRequests, r store.StateData) { - if utils.Config.ChaosCenterScope == string(model.InfraScopeCluster) { - /* - namespace = Obtain from WorkflowManifest or - from frontend as a separate workflowNamespace field under ChaosWorkFlowRequest model - for CreateChaosWorkflow mutation to be passed to this function. - */ - } newAction := &model.InfraActionResponse{ ProjectID: subscriberRequest.ProjectID, Action: &model.ActionPayload{