ARO-RP/pkg/frontend/openshiftcluster_putorpatch.go

package frontend

import (
	"crypto/rand"
	"crypto/rsa"
	"encoding/json"
	"fmt"
	"io/ioutil"
	"math/big"
	"net/http"

	"github.com/Azure/go-autorest/autorest/azure"
	"github.com/gorilla/mux"
	uuid "github.com/satori/go.uuid"
	"github.com/sirupsen/logrus"

	"github.com/jim-minter/rp/pkg/api"
	"github.com/jim-minter/rp/pkg/database/cosmosdb"
)

func (f *frontend) putOrPatchOpenShiftCluster(w http.ResponseWriter, r *http.Request) {
	log := r.Context().Value(contextKeyLog).(*logrus.Entry)
	vars := mux.Vars(r)

	toExternal, found := api.APIs[api.APIVersionType{APIVersion: r.URL.Query().Get("api-version"), Type: "OpenShiftCluster"}]
	if !found {
		api.WriteError(w, http.StatusNotFound, api.CloudErrorCodeInvalidResourceType, "", "The resource type '%s' could not be found in the namespace '%s' for api version '%s'.", vars["resourceType"], vars["resourceProviderNamespace"], r.URL.Query().Get("api-version"))
		return
	}

	if r.Header.Get("Content-Type") != "application/json" {
		api.WriteError(w, http.StatusUnsupportedMediaType, api.CloudErrorCodeUnsupportedMediaType, "", "The content media type '%s' is not supported. Only 'application/json' is supported.", r.Header.Get("Content-Type"))
		return
	}

	body, err := ioutil.ReadAll(http.MaxBytesReader(w, r.Body, 1048576))
	if err != nil {
		api.WriteError(w, http.StatusUnsupportedMediaType, api.CloudErrorCodeInvalidResource, "", "The resource definition is invalid.")
		return
	}

	var b []byte
	var created bool
	err = cosmosdb.RetryOnPreconditionFailed(func() error {
		b, created, err = f._putOrPatchOpenShiftCluster(&request{
			context:      r.Context(),
			method:       r.Method,
			resourceID:   r.URL.Path,
			resourceName: vars["resourceName"],
			resourceType: vars["resourceProviderNamespace"] + "/" + vars["resourceType"],
			body:         body,
			toExternal:   toExternal,
		})
		return err
	})
	if err != nil {
		switch err := err.(type) {
		case *api.CloudError:
			api.WriteCloudError(w, err)
		default:
			log.Error(err)
			api.WriteError(w, http.StatusInternalServerError, api.CloudErrorCodeInternalServerError, "", "Internal server error.")
		}
		return
	}

	if created {
		w.WriteHeader(http.StatusCreated)
	}
	w.Write(b)
	w.Write([]byte{'\n'})
}

func (f *frontend) _putOrPatchOpenShiftCluster(r *request) ([]byte, bool, error) {
	originalPath := r.context.Value(contextKeyOriginalPath).(string)
	originalR, err := azure.ParseResourceID(originalPath)
	if err != nil {
		return nil, false, err
	}

	doc, err := f.db.OpenShiftClusters.Get(api.Key(r.resourceID))
	if err != nil && !cosmosdb.IsErrorStatusCode(err, http.StatusNotFound) {
		return nil, false, err
	}

	isCreate := doc == nil

	var external api.External
	if isCreate {
		doc = &api.OpenShiftClusterDocument{
			ID: uuid.NewV4().String(),
		}

		external = r.toExternal(&api.OpenShiftCluster{
			ID:   originalPath,
			Name: originalR.ResourceName,
			Type: originalR.ResourceType,
			Properties: api.Properties{
				ProvisioningState: api.ProvisioningStateCreating,
			},
		})

	} else {
		err = f.validateSubscriptionState(doc, api.SubscriptionStateRegistered)
		if err != nil {
			return nil, false, err
		}

		err = validateTerminalProvisioningState(doc.OpenShiftCluster.Properties.ProvisioningState)
		if err != nil {
			return nil, false, err
		}

		if doc.OpenShiftCluster.Properties.ProvisioningState == api.ProvisioningStateFailed {
			switch doc.OpenShiftCluster.Properties.FailedProvisioningState {
			case api.ProvisioningStateCreating:
				return nil, false, api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeRequestNotAllowed, "", "Request is not allowed on cluster whose creation failed. Delete the cluster.")
			case api.ProvisioningStateUpdating:
				// allow
			case api.ProvisioningStateDeleting:
				return nil, false, api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeRequestNotAllowed, "", "Request is not allowed on cluster whose deletion failed. Delete the cluster.")
			default:
				return nil, false, fmt.Errorf("unexpected failedProvisioningState %q", doc.OpenShiftCluster.Properties.FailedProvisioningState)
			}
		}

		doc.OpenShiftCluster.Properties.ProvisioningState = api.ProvisioningStateUpdating

		switch r.method {
		case http.MethodPut:
			external = r.toExternal(&api.OpenShiftCluster{
				ID:   doc.OpenShiftCluster.ID,
				Name: doc.OpenShiftCluster.Name,
				Type: doc.OpenShiftCluster.Type,
				Properties: api.Properties{
					ProvisioningState: doc.OpenShiftCluster.Properties.ProvisioningState,
				},
			})

		case http.MethodPatch:
			external = r.toExternal(doc.OpenShiftCluster)
		}
	}

	err = json.Unmarshal(r.body, &external)
	if err != nil {
		return nil, false, api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeInvalidRequestContent, "", "The request content was invalid and could not be deserialized: %q.", err)
	}

	err = external.Validate(r.context, r.resourceID, doc.OpenShiftCluster)
	if err != nil {
		return nil, false, err
	}

	if doc.OpenShiftCluster == nil {
		doc.OpenShiftCluster = &api.OpenShiftCluster{}
	}

	oldID, oldName, oldType := doc.OpenShiftCluster.ID, doc.OpenShiftCluster.Name, doc.OpenShiftCluster.Type
	external.ToInternal(doc.OpenShiftCluster)
	doc.OpenShiftCluster.ID, doc.OpenShiftCluster.Name, doc.OpenShiftCluster.Type = oldID, oldName, oldType

	if isCreate {
		doc.OpenShiftCluster.Key = api.Key(r.resourceID)
		doc.OpenShiftCluster.Properties.Install = &api.Install{}
		// TODO: ResourceGroup should be exposed in external API
		doc.OpenShiftCluster.Properties.ResourceGroup = doc.OpenShiftCluster.Name
		doc.OpenShiftCluster.Properties.DomainName = uuid.NewV4().String()
		doc.OpenShiftCluster.Properties.InfraID = "aro"
		doc.OpenShiftCluster.Properties.SSHKey, err = rsa.GenerateKey(rand.Reader, 2048)
		if err != nil {
			return nil, false, err
		}
		doc.OpenShiftCluster.Properties.StorageSuffix, err = randomLowerCaseAlphanumericString(5)
		if err != nil {
			return nil, false, err
		}

		doc, err = f.db.OpenShiftClusters.Create(doc)
	} else {
		doc, err = f.db.OpenShiftClusters.Update(doc)
	}
	if err != nil {
		return nil, false, err
	}

	doc.OpenShiftCluster.Properties.ServicePrincipalProfile.ClientSecret = ""

	b, err := json.MarshalIndent(r.toExternal(doc.OpenShiftCluster), "", "  ")
	if err != nil {
		return nil, false, err
	}

	return b, isCreate, nil
}

func randomLowerCaseAlphanumericString(n int) (string, error) {
	return randomString("abcdefghijklmnopqrstuvwxyz0123456789", n)
}

func randomString(letterBytes string, n int) (string, error) {
	b := make([]byte, n)
	for i := range b {
		o, err := rand.Int(rand.Reader, big.NewInt(int64(len(letterBytes))))
		if err != nil {
			return "", err
		}
		b[i] = letterBytes[o.Int64()]
	}

	return string(b), nil
}
Initial commit 2019-10-16 06:29:17 +03:00			`package frontend`

			`import (`
enable deployment to resource group of user's choice 2019-10-17 02:43:39 +03:00			`"crypto/rand"`
			`"crypto/rsa"`
Initial commit 2019-10-16 06:29:17 +03:00			`"encoding/json"`
improve clarity of backend workflow 2019-11-28 19:31:37 +03:00			`"fmt"`
Initial commit 2019-10-16 06:29:17 +03:00			`"io/ioutil"`
enable deployment to resource group of user's choice 2019-10-17 02:43:39 +03:00			`"math/big"`
Initial commit 2019-10-16 06:29:17 +03:00			`"net/http"`

breaking change: separate out database key 2019-11-28 00:18:49 +03:00			`"github.com/Azure/go-autorest/autorest/azure"`
Initial commit 2019-10-16 06:29:17 +03:00			`"github.com/gorilla/mux"`
			`uuid "github.com/satori/go.uuid"`
			`"github.com/sirupsen/logrus"`

			`"github.com/jim-minter/rp/pkg/api"`
			`"github.com/jim-minter/rp/pkg/database/cosmosdb"`
			`)`

			`func (f frontend) putOrPatchOpenShiftCluster(w http.ResponseWriter, r http.Request) {`
			`log := r.Context().Value(contextKeyLog).(*logrus.Entry)`
			`vars := mux.Vars(r)`

			`toExternal, found := api.APIs[api.APIVersionType{APIVersion: r.URL.Query().Get("api-version"), Type: "OpenShiftCluster"}]`
			`if !found {`
move healthz back onto 8443 and use authentication middleware 2019-11-26 16:22:00 +03:00			`api.WriteError(w, http.StatusNotFound, api.CloudErrorCodeInvalidResourceType, "", "The resource type '%s' could not be found in the namespace '%s' for api version '%s'.", vars["resourceType"], vars["resourceProviderNamespace"], r.URL.Query().Get("api-version"))`
Initial commit 2019-10-16 06:29:17 +03:00			`return`
			`}`

			`if r.Header.Get("Content-Type") != "application/json" {`
move healthz back onto 8443 and use authentication middleware 2019-11-26 16:22:00 +03:00			`api.WriteError(w, http.StatusUnsupportedMediaType, api.CloudErrorCodeUnsupportedMediaType, "", "The content media type '%s' is not supported. Only 'application/json' is supported.", r.Header.Get("Content-Type"))`
Initial commit 2019-10-16 06:29:17 +03:00			`return`
			`}`

			`body, err := ioutil.ReadAll(http.MaxBytesReader(w, r.Body, 1048576))`
			`if err != nil {`
move healthz back onto 8443 and use authentication middleware 2019-11-26 16:22:00 +03:00			`api.WriteError(w, http.StatusUnsupportedMediaType, api.CloudErrorCodeInvalidResource, "", "The resource definition is invalid.")`
Initial commit 2019-10-16 06:29:17 +03:00			`return`
			`}`

			`var b []byte`
return 200 or 201 on PUT or PATCH 2019-11-12 19:34:18 +03:00			`var created bool`
Initial commit 2019-10-16 06:29:17 +03:00			`err = cosmosdb.RetryOnPreconditionFailed(func() error {`
return 200 or 201 on PUT or PATCH 2019-11-12 19:34:18 +03:00			`b, created, err = f._putOrPatchOpenShiftCluster(&request{`
update to 4.3 and enable byo-vnet 2019-11-21 05:32:34 +03:00			`context: r.Context(),`
Initial commit 2019-10-16 06:29:17 +03:00			`method: r.Method,`
			`resourceID: r.URL.Path,`
			`resourceName: vars["resourceName"],`
			`resourceType: vars["resourceProviderNamespace"] + "/" + vars["resourceType"],`
			`body: body,`
			`toExternal: toExternal,`
			`})`
			`return err`
			`})`
			`if err != nil {`
			`switch err := err.(type) {`
			`case *api.CloudError:`
move healthz back onto 8443 and use authentication middleware 2019-11-26 16:22:00 +03:00			`api.WriteCloudError(w, err)`
Initial commit 2019-10-16 06:29:17 +03:00			`default:`
			`log.Error(err)`
move healthz back onto 8443 and use authentication middleware 2019-11-26 16:22:00 +03:00			`api.WriteError(w, http.StatusInternalServerError, api.CloudErrorCodeInternalServerError, "", "Internal server error.")`
Initial commit 2019-10-16 06:29:17 +03:00			`}`
			`return`
			`}`

return 200 or 201 on PUT or PATCH 2019-11-12 19:34:18 +03:00			`if created {`
			`w.WriteHeader(http.StatusCreated)`
			`}`
Initial commit 2019-10-16 06:29:17 +03:00			`w.Write(b)`
			`w.Write([]byte{'\n'})`
			`}`

return 200 or 201 on PUT or PATCH 2019-11-12 19:34:18 +03:00			`func (f frontend) _putOrPatchOpenShiftCluster(r request) ([]byte, bool, error) {`
breaking change: separate out database key 2019-11-28 00:18:49 +03:00			`originalPath := r.context.Value(contextKeyOriginalPath).(string)`
			`originalR, err := azure.ParseResourceID(originalPath)`
			`if err != nil {`
			`return nil, false, err`
			`}`

add top-level Database type 2019-11-28 00:39:22 +03:00			`doc, err := f.db.OpenShiftClusters.Get(api.Key(r.resourceID))`
return NotFound error on database Get if appropriate 2019-10-18 22:01:46 +03:00			`if err != nil && !cosmosdb.IsErrorStatusCode(err, http.StatusNotFound) {`
return 200 or 201 on PUT or PATCH 2019-11-12 19:34:18 +03:00			`return nil, false, err`
Initial commit 2019-10-16 06:29:17 +03:00			`}`

			`isCreate := doc == nil`

			`var external api.External`
			`if isCreate {`
			`doc = &api.OpenShiftClusterDocument{`
			`ID: uuid.NewV4().String(),`
			`}`

			`external = r.toExternal(&api.OpenShiftCluster{`
breaking change: separate out database key 2019-11-28 00:18:49 +03:00			`ID: originalPath,`
			`Name: originalR.ResourceName,`
			`Type: originalR.ResourceType,`
Initial commit 2019-10-16 06:29:17 +03:00			`Properties: api.Properties{`
improve clarity of backend workflow 2019-11-28 19:31:37 +03:00			`ProvisioningState: api.ProvisioningStateCreating,`
Initial commit 2019-10-16 06:29:17 +03:00			`},`
			`})`

			`} else {`
add subscription API 2019-11-28 20:32:24 +03:00			`err = f.validateSubscriptionState(doc, api.SubscriptionStateRegistered)`
			`if err != nil {`
			`return nil, false, err`
			`}`

improve operation retryability on failure 2019-11-28 17:11:57 +03:00			`err = validateTerminalProvisioningState(doc.OpenShiftCluster.Properties.ProvisioningState)`
Initial commit 2019-10-16 06:29:17 +03:00			`if err != nil {`
return 200 or 201 on PUT or PATCH 2019-11-12 19:34:18 +03:00			`return nil, false, err`
Initial commit 2019-10-16 06:29:17 +03:00			`}`

improve clarity of backend workflow 2019-11-28 19:31:37 +03:00			`if doc.OpenShiftCluster.Properties.ProvisioningState == api.ProvisioningStateFailed {`
			`switch doc.OpenShiftCluster.Properties.FailedProvisioningState {`
			`case api.ProvisioningStateCreating:`
breaking change: field name standardisation 2019-11-28 19:41:23 +03:00			`return nil, false, api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeRequestNotAllowed, "", "Request is not allowed on cluster whose creation failed. Delete the cluster.")`
improve clarity of backend workflow 2019-11-28 19:31:37 +03:00			`case api.ProvisioningStateUpdating:`
			`// allow`
			`case api.ProvisioningStateDeleting:`
			`return nil, false, api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeRequestNotAllowed, "", "Request is not allowed on cluster whose deletion failed. Delete the cluster.")`
			`default:`
			`return nil, false, fmt.Errorf("unexpected failedProvisioningState %q", doc.OpenShiftCluster.Properties.FailedProvisioningState)`
			`}`
improve operation retryability on failure 2019-11-28 17:11:57 +03:00			`}`

improve clarity of backend workflow 2019-11-28 19:31:37 +03:00			`doc.OpenShiftCluster.Properties.ProvisioningState = api.ProvisioningStateUpdating`

Initial commit 2019-10-16 06:29:17 +03:00			`switch r.method {`
			`case http.MethodPut:`
			`external = r.toExternal(&api.OpenShiftCluster{`
breaking change: separate out database key 2019-11-28 00:18:49 +03:00			`ID: doc.OpenShiftCluster.ID,`
			`Name: doc.OpenShiftCluster.Name,`
			`Type: doc.OpenShiftCluster.Type,`
Initial commit 2019-10-16 06:29:17 +03:00			`Properties: api.Properties{`
			`ProvisioningState: doc.OpenShiftCluster.Properties.ProvisioningState,`
			`},`
			`})`

			`case http.MethodPatch:`
			`external = r.toExternal(doc.OpenShiftCluster)`
			`}`
			`}`

			`err = json.Unmarshal(r.body, &external)`
			`if err != nil {`
return 200 or 201 on PUT or PATCH 2019-11-12 19:34:18 +03:00			`return nil, false, api.NewCloudError(http.StatusBadRequest, api.CloudErrorCodeInvalidRequestContent, "", "The request content was invalid and could not be deserialized: %q.", err)`
Initial commit 2019-10-16 06:29:17 +03:00			`}`

update to 4.3 and enable byo-vnet 2019-11-21 05:32:34 +03:00			`err = external.Validate(r.context, r.resourceID, doc.OpenShiftCluster)`
Initial commit 2019-10-16 06:29:17 +03:00			`if err != nil {`
return 200 or 201 on PUT or PATCH 2019-11-12 19:34:18 +03:00			`return nil, false, err`
Initial commit 2019-10-16 06:29:17 +03:00			`}`

			`if doc.OpenShiftCluster == nil {`
breaking change: separate out database key 2019-11-28 00:18:49 +03:00			`doc.OpenShiftCluster = &api.OpenShiftCluster{}`
Initial commit 2019-10-16 06:29:17 +03:00			`}`

breaking change: separate out database key 2019-11-28 00:18:49 +03:00			`oldID, oldName, oldType := doc.OpenShiftCluster.ID, doc.OpenShiftCluster.Name, doc.OpenShiftCluster.Type`
Initial commit 2019-10-16 06:29:17 +03:00			`external.ToInternal(doc.OpenShiftCluster)`
breaking change: separate out database key 2019-11-28 00:18:49 +03:00			`doc.OpenShiftCluster.ID, doc.OpenShiftCluster.Name, doc.OpenShiftCluster.Type = oldID, oldName, oldType`
Initial commit 2019-10-16 06:29:17 +03:00
			`if isCreate {`
breaking change: separate out database key 2019-11-28 00:18:49 +03:00			`doc.OpenShiftCluster.Key = api.Key(r.resourceID)`
breaking change: field name standardisation 2019-11-28 19:41:23 +03:00			`doc.OpenShiftCluster.Properties.Install = &api.Install{}`
breaking change: separate out database key 2019-11-28 00:18:49 +03:00			`// TODO: ResourceGroup should be exposed in external API`
enable deployment to resource group of user's choice 2019-10-17 02:43:39 +03:00			`doc.OpenShiftCluster.Properties.ResourceGroup = doc.OpenShiftCluster.Name`
autogenerate cluster domain name 2019-11-26 21:07:46 +03:00			`doc.OpenShiftCluster.Properties.DomainName = uuid.NewV4().String()`
only delete NSG references that are ours: bring back InfraID 2019-11-29 03:24:01 +03:00			`doc.OpenShiftCluster.Properties.InfraID = "aro"`
enable deployment to resource group of user's choice 2019-10-17 02:43:39 +03:00			`doc.OpenShiftCluster.Properties.SSHKey, err = rsa.GenerateKey(rand.Reader, 2048)`
			`if err != nil {`
return 200 or 201 on PUT or PATCH 2019-11-12 19:34:18 +03:00			`return nil, false, err`
enable deployment to resource group of user's choice 2019-10-17 02:43:39 +03:00			`}`
			`doc.OpenShiftCluster.Properties.StorageSuffix, err = randomLowerCaseAlphanumericString(5)`
			`if err != nil {`
return 200 or 201 on PUT or PATCH 2019-11-12 19:34:18 +03:00			`return nil, false, err`
enable deployment to resource group of user's choice 2019-10-17 02:43:39 +03:00			`}`

add top-level Database type 2019-11-28 00:39:22 +03:00			`doc, err = f.db.OpenShiftClusters.Create(doc)`
Initial commit 2019-10-16 06:29:17 +03:00			`} else {`
add top-level Database type 2019-11-28 00:39:22 +03:00			`doc, err = f.db.OpenShiftClusters.Update(doc)`
Initial commit 2019-10-16 06:29:17 +03:00			`}`
			`if err != nil {`
return 200 or 201 on PUT or PATCH 2019-11-12 19:34:18 +03:00			`return nil, false, err`
Initial commit 2019-10-16 06:29:17 +03:00			`}`

add client id and secret to public API 2019-11-18 06:07:44 +03:00			`doc.OpenShiftCluster.Properties.ServicePrincipalProfile.ClientSecret = ""`
Initial commit 2019-10-16 06:29:17 +03:00
return 200 or 201 on PUT or PATCH 2019-11-12 19:34:18 +03:00			`b, err := json.MarshalIndent(r.toExternal(doc.OpenShiftCluster), "", " ")`
			`if err != nil {`
			`return nil, false, err`
			`}`

			`return b, isCreate, nil`
Initial commit 2019-10-16 06:29:17 +03:00			`}`
enable deployment to resource group of user's choice 2019-10-17 02:43:39 +03:00
			`func randomLowerCaseAlphanumericString(n int) (string, error) {`
			`return randomString("abcdefghijklmnopqrstuvwxyz0123456789", n)`
			`}`

			`func randomString(letterBytes string, n int) (string, error) {`
			`b := make([]byte, n)`
			`for i := range b {`
			`o, err := rand.Int(rand.Reader, big.NewInt(int64(len(letterBytes))))`
			`if err != nil {`
			`return "", err`
			`}`
			`b[i] = letterBytes[o.Int64()]`
			`}`

			`return string(b), nil`
			`}`