Skip to content

Commit

Permalink
feat(api,cli): manual analysis trigger + list rbac (#6814)
Browse files Browse the repository at this point in the history
  • Loading branch information
@sguiheux
sguiheux authored Feb 2, 2024
1 parent a461f95 commit 50e8a98
Show file tree
Hide file tree
Showing 16 changed files with 350 additions and 89 deletions.
56 changes: 52 additions & 4 deletions cli/cdsctl/experimental_project_repository_analyze.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (
"github.com/spf13/cobra"

"github.com/ovh/cds/cli"
"github.com/ovh/cds/sdk"
)

var projectAnalysisCmd = cli.Command{
Expand All @@ -20,10 +21,57 @@ var projectAnalysisCmd = cli.Command{
func projectRepositoryAnalysis() *cobra.Command {
return cli.NewCommand(projectAnalysisCmd, nil, []*cobra.Command{
cli.NewListCommand(projectRepositoryAnalysisListCmd, projectRepositoryAnalysisListFunc, nil, withAllCommandModifiers()...),
cli.NewCommand(projectRepositoryGetCmd, projectRepositoryGetFunc, nil, withAllCommandModifiers()...),
cli.NewCommand(projectRepositoryAnalysisGetCmd, projectRepositoryAnalysisGetFunc, nil, withAllCommandModifiers()...),
cli.NewGetCommand(projectRepositoryAnalysisTriggerCmd, projectRepositoryAnalysisTriggerFunc, nil, withAllCommandModifiers()...),
})
}

var projectRepositoryAnalysisTriggerCmd = cli.Command{
Name: "trigger",
Aliases: []string{"run", "start"},
Short: "Trigger an analysis on the given branch",
Ctx: []cli.Arg{
{Name: _ProjectKey},
},
Args: []cli.Arg{
{Name: "vcs-name"},
{Name: "repository-name"},
},
Flags: []cli.Flag{
{
Name: "branch",
},
{
Name: "tag",
},
{
Name: "commit",
},
},
}

func projectRepositoryAnalysisTriggerFunc(v cli.Values) (interface{}, error) {
analysisRequest := sdk.AnalysisRequest{
ProjectKey: v.GetString(_ProjectKey),
VcsName: v.GetString("vcs-name"),
RepoName: v.GetString("repository-name"),
}
if v.GetString("branch") != "" {
analysisRequest.Ref = sdk.GitRefBranchPrefix + v.GetString("branch")
}
if v.GetString("tag") != "" {
analysisRequest.Ref = sdk.GitRefTagPrefix + v.GetString("tag")
}
if v.GetString("commit") != "" {
analysisRequest.Commit = v.GetString("commit")
}
analysisResponse, err := client.ProjectRepositoryAnalysis(context.Background(), analysisRequest)
if err != nil {
return nil, err
}
return analysisResponse, nil
}

var projectRepositoryAnalysisListCmd = cli.Command{
Name: "list",
Short: "List all repository analysis",
Expand All @@ -44,9 +92,9 @@ func projectRepositoryAnalysisListFunc(v cli.Values) (cli.ListResult, error) {
return cli.AsListResult(analyses), nil
}

var projectRepositoryGetCmd = cli.Command{
var projectRepositoryAnalysisGetCmd = cli.Command{
Name: "show",
Short: "List available repositories on a project",
Short: "Get the given analysis",
Ctx: []cli.Arg{
{Name: _ProjectKey},
},
Expand All @@ -57,7 +105,7 @@ var projectRepositoryGetCmd = cli.Command{
},
}

func projectRepositoryGetFunc(v cli.Values) error {
func projectRepositoryAnalysisGetFunc(v cli.Values) error {
analysis, err := client.ProjectRepositoryAnalysisGet(context.Background(), v.GetString(_ProjectKey), v.GetString("vcs-name"), v.GetString("repository-name"), v.GetString("analysis-id"))
if err != nil {
return err
Expand Down
18 changes: 18 additions & 0 deletions cli/cdsctl/experimental_rbac.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,9 +25,27 @@ func experimentalRbac() *cobra.Command {
cli.NewCommand(rbacImportCmd, rbacImportFunc, nil, withAllCommandModifiers()...),
cli.NewDeleteCommand(rbacDeleteCmd, rbacDeleteFunc, nil, withAllCommandModifiers()...),
cli.NewCommand(rbacGetCmd, rbacGetFunc, nil, withAllCommandModifiers()...),
cli.NewListCommand(rbacListCmd, rbacListFunc, nil, withAllCommandModifiers()...),
})
}

var rbacListCmd = cli.Command{
Name: "list",
Aliases: []string{"ls"},
Short: "List CDS permissions",
Example: "cdsctl rbac list ",
Ctx: []cli.Arg{},
Args: []cli.Arg{},
}

func rbacListFunc(v cli.Values) (cli.ListResult, error) {
perms, err := client.RBACList(context.Background())
if err != nil {
return nil, err
}
return cli.AsListResult(perms), nil
}

var rbacGetCmd = cli.Command{
Name: "show",
Aliases: []string{"get"},
Expand Down
5 changes: 2 additions & 3 deletions engine/api/api_routes.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -456,15 +456,14 @@ func (api *API) InitRouter() {
r.Handle("/v2/organization", nil, r.POSTv2(api.postOrganizationHandler), r.GETv2(api.getOrganizationsHandler))
r.Handle("/v2/organization/{organizationIdentifier}", nil, r.GETv2(api.getOrganizationHandler), r.DELETEv2(api.deleteOrganizationHandler))

r.Handle("/v2/rbac", nil, r.GETv2(api.getPermissionsHandler))
r.Handle("/v2/rbac/import", nil, r.POSTv2(api.postImportRBACHandler))
r.Handle("/v2/rbac/{rbacIdentifier}", nil, r.GETv2(api.getRBACHandler), r.DELETEv2(api.deleteRBACHandler))
r.Handle("/v2/rbac/access/project/session/check", nil, r.POSTv2(api.getCheckSessionProjectAccessHandler))

r.Handle("/v2/region", nil, r.POSTv2(api.postRegionHandler), r.GETv2(api.getRegionsHandler))
r.Handle("/v2/region/{regionIdentifier}", nil, r.GETv2(api.getRegionHandler), r.DELETEv2(api.deleteRegionHandler))

r.Handle("/v2/repository/analyze", Scope(sdk.AuthConsumerScopeHooks), r.POSTv2(api.postRepositoryAnalysisHandler))

r.Handle("/v2/project/{projectKey}/notification", nil, r.GETv2(api.getProjectNotifsHandler), r.POSTv2(api.postProjectNotificationHandler))
r.Handle("/v2/project/{projectKey}/notification/{notification}", nil, r.GETv2(api.getProjectNotificationHandler), r.PUTv2(api.putProjectNotificationHandler), r.DELETEv2(api.deleteProjectNotificationHandler))
r.Handle("/v2/project/{projectKey}/run/search", nil, r.GETv2(api.getWorkflowRunsSearchV2Handler))
Expand All @@ -478,7 +477,7 @@ func (api *API) InitRouter() {
r.Handle("/v2/project/{projectKey}/vcs/{vcsIdentifier}/repository", nil, r.POSTv2(api.postProjectRepositoryHandler), r.GETv2(api.getVCSProjectRepositoryAllHandler))
r.Handle("/v2/project/{projectKey}/vcs/{vcsIdentifier}/repository/{repositoryIdentifier}", nil, r.GETv2(api.getProjectRepositoryHandler), r.DELETEv2(api.deleteProjectRepositoryHandler))
r.Handle("/v2/project/{projectKey}/vcs/{vcsIdentifier}/repository/{repositoryIdentifier}/action/{actionName}", nil, r.GETv2(api.getActionV2Handler))
r.Handle("/v2/project/{projectKey}/vcs/{vcsIdentifier}/repository/{repositoryIdentifier}/analysis", nil, r.GETv2(api.getProjectRepositoryAnalysesHandler))
r.Handle("/v2/project/{projectKey}/vcs/{vcsIdentifier}/repository/{repositoryIdentifier}/analysis", nil, r.GETv2(api.getProjectRepositoryAnalysesHandler), r.POSTv2(api.postRepositoryAnalysisHandler))
r.Handle("/v2/project/{projectKey}/vcs/{vcsIdentifier}/repository/{repositoryIdentifier}/analysis/{analysisID}", nil, r.GETv2(api.getProjectRepositoryAnalysisHandler))
r.Handle("/v2/project/{projectKey}/vcs/{vcsIdentifier}/repository/{repositoryIdentifier}/branches", nil, r.GETv2(api.getProjectRepositoryBranchesHandler))
r.Handle("/v2/project/{projectKey}/vcs/{vcsIdentifier}/repository/{repositoryIdentifier}/entities", nil, r.GETv2(api.getProjectEntitiesHandler))
Expand Down
5 changes: 5 additions & 0 deletions engine/api/rbac/dao_rbac.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,11 @@ import (
"github.com/ovh/cds/sdk"
)

func LoadAll(ctx context.Context, db gorp.SqlExecutor) ([]sdk.RBAC, error) {
query := gorpmapping.NewQuery(`SELECT * FROM rbac`)
return getAll(ctx, db, query)
}

func LoadRBACByName(ctx context.Context, db gorp.SqlExecutor, name string, opts ...LoadOptionFunc) (*sdk.RBAC, error) {
query := `SELECT * FROM rbac WHERE name = $1`
return get(ctx, db, gorpmapping.NewQuery(query).Args(name), opts...)
Expand Down
7 changes: 7 additions & 0 deletions engine/api/router_rbac_rule_project.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,3 +64,10 @@ func (api *API) analysisRead(ctx context.Context, auth *sdk.AuthUserConsumer, st
}
return api.projectRead(ctx, auth, store, db, vars)
}

func (api *API) triggerAnalysis(ctx context.Context, auth *sdk.AuthUserConsumer, store cache.Store, db gorp.SqlExecutor, vars map[string]string) error {
if isHooks(ctx) {
return nil
}
return api.projectManage(ctx, auth, store, db, vars)
}
11 changes: 10 additions & 1 deletion engine/api/v2_project_repository.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -232,7 +232,16 @@ func (api *API) postProjectRepositoryHandler() ([]service.RbacChecker, service.H
return err
}

a, err := api.createAnalyze(ctx, tx, *proj, *vcsProjectWithSecret, repoDB, defaultBranch.ID, defaultBranch.LatestCommit, "")
createAnalysis := createAnalysisRequest{
proj: *proj,
vcsProject: *vcsProjectWithSecret,
repo: repoDB,
ref: defaultBranch.ID,
commit: defaultBranch.LatestCommit,
hookEventUUID: "",
user: u.AuthConsumerUser.AuthentifiedUser,
}
a, err := api.createAnalyze(ctx, tx, createAnalysis)
if err != nil {
return err
}
Expand Down
11 changes: 11 additions & 0 deletions engine/api/v2_rbac.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,17 @@ func (api *API) getRBACByIdentifier(ctx context.Context, rbacIdentifier string,
return repo, nil
}

func (api *API) getPermissionsHandler() ([]service.RbacChecker, service.Handler) {
return service.RBAC(api.globalPermissionManage),
func(ctx context.Context, w http.ResponseWriter, req *http.Request) error {
perms, err := rbac.LoadAll(ctx, api.mustDB())
if err != nil {
return err
}
return service.WriteJSON(w, perms, http.StatusOK)
}
}

func (api *API) getRBACHandler() ([]service.RbacChecker, service.Handler) {
return service.RBAC(api.globalPermissionManage),
func(ctx context.Context, w http.ResponseWriter, req *http.Request) error {
Expand Down
Loading

0 comments on commit 50e8a98

Please sign in to comment.