feat(sources): add sources and workflows to the backend BE-12919 (#2666)
This commit is contained in:
@@ -0,0 +1,105 @@
|
||||
package sources
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
portainer "github.com/portainer/portainer/api"
|
||||
"github.com/portainer/portainer/api/dataservices"
|
||||
gittypes "github.com/portainer/portainer/api/git/types"
|
||||
httperror "github.com/portainer/portainer/pkg/libhttp/error"
|
||||
"github.com/portainer/portainer/pkg/libhttp/request"
|
||||
"github.com/portainer/portainer/pkg/libhttp/response"
|
||||
)
|
||||
|
||||
// GitAuthenticationPayload holds authentication parameters for a git source
|
||||
type GitAuthenticationPayload struct {
|
||||
Username string `json:"username"`
|
||||
Password string `json:"password"`
|
||||
Provider gittypes.GitProvider `json:"provider"`
|
||||
AuthorizationType gittypes.GitCredentialAuthType `json:"authorizationType"`
|
||||
}
|
||||
|
||||
// GitSourceCreatePayload holds the parameters for creating a git-backed source
|
||||
type GitSourceCreatePayload struct {
|
||||
Name string `json:"name"`
|
||||
URL string `json:"url"`
|
||||
ReferenceName string `json:"referenceName"`
|
||||
TLSSkipVerify bool `json:"tlsSkipVerify"`
|
||||
Authentication *GitAuthenticationPayload `json:"authentication"`
|
||||
ClearAuthentication bool `json:"clearAuthentication"`
|
||||
}
|
||||
|
||||
// Validate implements the portainer.Validatable interface
|
||||
func (payload *GitSourceCreatePayload) Validate(_ *http.Request) error {
|
||||
if strings.TrimSpace(payload.URL) == "" {
|
||||
return errors.New("url is required")
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// BuildGitSource constructs a portainer.Source from a GitSourceCreatePayload
|
||||
func BuildGitSource(payload GitSourceCreatePayload) *portainer.Source {
|
||||
gitConfig := &gittypes.RepoConfig{
|
||||
URL: payload.URL,
|
||||
ReferenceName: payload.ReferenceName,
|
||||
TLSSkipVerify: payload.TLSSkipVerify,
|
||||
}
|
||||
|
||||
if payload.Authentication != nil {
|
||||
gitConfig.Authentication = &gittypes.GitAuthentication{
|
||||
Username: payload.Authentication.Username,
|
||||
Password: payload.Authentication.Password,
|
||||
Provider: payload.Authentication.Provider,
|
||||
AuthorizationType: payload.Authentication.AuthorizationType,
|
||||
}
|
||||
}
|
||||
|
||||
name := payload.Name
|
||||
if strings.TrimSpace(name) == "" {
|
||||
name = gittypes.RepoName(payload.URL)
|
||||
}
|
||||
|
||||
return &portainer.Source{
|
||||
Name: name,
|
||||
Type: portainer.SourceTypeGit,
|
||||
GitConfig: gitConfig,
|
||||
}
|
||||
}
|
||||
|
||||
// @id GitOpsSourcesCreateGit
|
||||
// @summary Create a Git source
|
||||
// @description Creates a new GitOps source backed by a Git repository.
|
||||
// @description **Access policy**: admin
|
||||
// @tags gitops
|
||||
// @security ApiKeyAuth
|
||||
// @security jwt
|
||||
// @accept json
|
||||
// @produce json
|
||||
// @param body body GitSourceCreatePayload true "Git source details"
|
||||
// @success 201 {object} portainer.Source
|
||||
// @failure 400 "Invalid request payload"
|
||||
// @failure 403 "Access denied"
|
||||
// @failure 500 "Server error"
|
||||
// @router /gitops/sources/git [post]
|
||||
func (h *Handler) gitSourceCreate(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
|
||||
var payload GitSourceCreatePayload
|
||||
|
||||
if err := request.DecodeAndValidateJSONPayload(r, &payload); err != nil {
|
||||
return httperror.BadRequest("Invalid request payload", err)
|
||||
}
|
||||
|
||||
src := BuildGitSource(payload)
|
||||
|
||||
if err := h.dataStore.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
return tx.Source().Create(src)
|
||||
}); err != nil {
|
||||
return httperror.InternalServerError("Unable to create source", err)
|
||||
}
|
||||
|
||||
src.GitConfig = gittypes.SanitizeRepoConfig(src.GitConfig)
|
||||
|
||||
return response.JSONWithStatus(w, src, http.StatusCreated)
|
||||
}
|
||||
@@ -0,0 +1,166 @@
|
||||
package sources
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"testing"
|
||||
|
||||
portainer "github.com/portainer/portainer/api"
|
||||
"github.com/portainer/portainer/api/dataservices"
|
||||
"github.com/portainer/portainer/api/datastore"
|
||||
|
||||
"github.com/segmentio/encoding/json"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func TestBuildGitSource_DerivesNameFromURL(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
src := BuildGitSource(GitSourceCreatePayload{
|
||||
URL: "https://github.com/org/my-repo.git",
|
||||
})
|
||||
|
||||
require.Equal(t, "my-repo", src.Name)
|
||||
require.Equal(t, portainer.SourceTypeGit, src.Type)
|
||||
require.Nil(t, src.GitConfig.Authentication)
|
||||
}
|
||||
|
||||
func TestBuildGitSource_UsesExplicitName(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
src := BuildGitSource(GitSourceCreatePayload{
|
||||
Name: "custom-name",
|
||||
URL: "https://github.com/org/repo.git",
|
||||
})
|
||||
|
||||
require.Equal(t, "custom-name", src.Name)
|
||||
}
|
||||
|
||||
func TestBuildGitSource_WithAuthentication(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
src := BuildGitSource(GitSourceCreatePayload{
|
||||
URL: "https://github.com/org/repo.git",
|
||||
Authentication: &GitAuthenticationPayload{
|
||||
Username: "alice",
|
||||
Password: "secret",
|
||||
},
|
||||
})
|
||||
|
||||
require.NotNil(t, src.GitConfig.Authentication)
|
||||
require.Equal(t, "alice", src.GitConfig.Authentication.Username)
|
||||
require.Equal(t, "secret", src.GitConfig.Authentication.Password)
|
||||
}
|
||||
|
||||
func TestGitSourceCreatePayload_Validate_EmptyURL(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
err := (&GitSourceCreatePayload{}).Validate(nil)
|
||||
require.Error(t, err)
|
||||
}
|
||||
|
||||
func TestGitSourceCreatePayload_Validate_ValidURL(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
err := (&GitSourceCreatePayload{URL: "https://github.com/org/repo.git"}).Validate(nil)
|
||||
require.NoError(t, err)
|
||||
}
|
||||
|
||||
func TestGitSourceCreate_Success(t *testing.T) {
|
||||
t.Parallel()
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
h := newTestHandler(t, store)
|
||||
|
||||
body, err := json.Marshal(GitSourceCreatePayload{
|
||||
URL: "https://github.com/org/repo.git",
|
||||
Name: "my-source",
|
||||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
rr := httptest.NewRecorder()
|
||||
h.ServeHTTP(rr, buildCreateReq(t, 1, body))
|
||||
|
||||
require.Equal(t, http.StatusCreated, rr.Code)
|
||||
|
||||
var src portainer.Source
|
||||
err = json.NewDecoder(rr.Body).Decode(&src)
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, "my-source", src.Name)
|
||||
require.Equal(t, portainer.SourceTypeGit, src.Type)
|
||||
require.NotZero(t, src.ID)
|
||||
require.NotNil(t, src.GitConfig)
|
||||
require.Equal(t, "https://github.com/org/repo.git", src.GitConfig.URL)
|
||||
}
|
||||
|
||||
func TestGitSourceCreate_SanitizesCredentials(t *testing.T) {
|
||||
t.Parallel()
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
h := newTestHandler(t, store)
|
||||
|
||||
body, err := json.Marshal(GitSourceCreatePayload{
|
||||
URL: "https://github.com/org/repo.git",
|
||||
Authentication: &GitAuthenticationPayload{
|
||||
Username: "alice",
|
||||
Password: "secret",
|
||||
},
|
||||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
rr := httptest.NewRecorder()
|
||||
h.ServeHTTP(rr, buildCreateReq(t, 1, body))
|
||||
|
||||
require.Equal(t, http.StatusCreated, rr.Code)
|
||||
|
||||
var src portainer.Source
|
||||
err = json.NewDecoder(rr.Body).Decode(&src)
|
||||
require.NoError(t, err)
|
||||
require.NotNil(t, src.GitConfig)
|
||||
require.NotNil(t, src.GitConfig.Authentication)
|
||||
require.Equal(t, "alice", src.GitConfig.Authentication.Username)
|
||||
require.Empty(t, src.GitConfig.Authentication.Password)
|
||||
}
|
||||
|
||||
func TestGitSourceCreate_MissingURL(t *testing.T) {
|
||||
t.Parallel()
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
h := newTestHandler(t, store)
|
||||
|
||||
body, err := json.Marshal(GitSourceCreatePayload{Name: "no-url"})
|
||||
require.NoError(t, err)
|
||||
|
||||
rr := httptest.NewRecorder()
|
||||
h.ServeHTTP(rr, buildCreateReq(t, 1, body))
|
||||
|
||||
require.Equal(t, http.StatusBadRequest, rr.Code)
|
||||
}
|
||||
|
||||
func TestGitSourceCreate_MalformedJSON(t *testing.T) {
|
||||
t.Parallel()
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
h := newTestHandler(t, store)
|
||||
|
||||
rr := httptest.NewRecorder()
|
||||
h.ServeHTTP(rr, buildCreateReq(t, 1, []byte("not-valid-json{")))
|
||||
|
||||
require.Equal(t, http.StatusBadRequest, rr.Code)
|
||||
}
|
||||
@@ -0,0 +1,67 @@
|
||||
package sources
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"net/http"
|
||||
"slices"
|
||||
|
||||
portainer "github.com/portainer/portainer/api"
|
||||
"github.com/portainer/portainer/api/dataservices"
|
||||
dserrors "github.com/portainer/portainer/api/dataservices/errors"
|
||||
httperror "github.com/portainer/portainer/pkg/libhttp/error"
|
||||
"github.com/portainer/portainer/pkg/libhttp/request"
|
||||
"github.com/portainer/portainer/pkg/libhttp/response"
|
||||
)
|
||||
|
||||
var ErrSourceInUse = errors.New("source is used by one or more workflows")
|
||||
|
||||
// @id GitOpsSourcesDelete
|
||||
// @summary Delete a source
|
||||
// @description Deletes an existing GitOps source. Returns 409 if the source is referenced by any workflow.
|
||||
// @description **Access policy**: admin
|
||||
// @tags gitops
|
||||
// @security ApiKeyAuth
|
||||
// @security jwt
|
||||
// @param id path int true "Source identifier"
|
||||
// @success 204 "Source deleted"
|
||||
// @failure 400 "Invalid request"
|
||||
// @failure 403 "Access denied"
|
||||
// @failure 404 "Source not found"
|
||||
// @failure 409 "Source is in use by one or more workflows"
|
||||
// @failure 500 "Server error"
|
||||
// @router /gitops/sources/{id} [delete]
|
||||
func (h *Handler) sourceDelete(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
|
||||
sourceID, err := request.RetrieveNumericRouteVariableValue(r, "id")
|
||||
if err != nil {
|
||||
return httperror.BadRequest("Invalid source identifier route variable", err)
|
||||
}
|
||||
|
||||
if err := h.dataStore.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
if exists, err := tx.Source().Exists(portainer.SourceID(sourceID)); err != nil {
|
||||
return err
|
||||
} else if !exists {
|
||||
return dserrors.ErrObjectNotFound
|
||||
}
|
||||
|
||||
workflows, err := tx.Workflow().ReadAll()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
for _, wf := range workflows {
|
||||
if slices.Contains(wf.SourceIDs, portainer.SourceID(sourceID)) {
|
||||
return ErrSourceInUse
|
||||
}
|
||||
}
|
||||
|
||||
return tx.Source().Delete(portainer.SourceID(sourceID))
|
||||
}); h.dataStore.IsErrObjectNotFound(err) {
|
||||
return httperror.NotFound("Unable to find a source with the specified identifier", err)
|
||||
} else if errors.Is(err, ErrSourceInUse) {
|
||||
return httperror.Conflict("Source is used by one or more workflows", err)
|
||||
} else if err != nil {
|
||||
return httperror.InternalServerError("Unable to delete source", err)
|
||||
}
|
||||
|
||||
return response.Empty(w)
|
||||
}
|
||||
@@ -0,0 +1,89 @@
|
||||
package sources
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"testing"
|
||||
|
||||
portainer "github.com/portainer/portainer/api"
|
||||
"github.com/portainer/portainer/api/dataservices"
|
||||
"github.com/portainer/portainer/api/datastore"
|
||||
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func TestSourceDelete_Success(t *testing.T) {
|
||||
t.Parallel()
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
var srcID portainer.SourceID
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
src := &portainer.Source{Name: "to-delete", Type: portainer.SourceTypeGit}
|
||||
err := tx.Source().Create(src)
|
||||
require.NoError(t, err)
|
||||
srcID = src.ID
|
||||
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
h := newTestHandler(t, store)
|
||||
rr := httptest.NewRecorder()
|
||||
h.ServeHTTP(rr, buildDeleteReq(t, 1, int(srcID)))
|
||||
|
||||
require.Equal(t, http.StatusNoContent, rr.Code)
|
||||
}
|
||||
|
||||
func TestSourceDelete_NotFound(t *testing.T) {
|
||||
t.Parallel()
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
h := newTestHandler(t, store)
|
||||
rr := httptest.NewRecorder()
|
||||
h.ServeHTTP(rr, buildDeleteReq(t, 1, 99))
|
||||
|
||||
require.Equal(t, http.StatusNotFound, rr.Code)
|
||||
}
|
||||
|
||||
func TestSourceDelete_InUse(t *testing.T) {
|
||||
t.Parallel()
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
var srcID portainer.SourceID
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
src := &portainer.Source{Name: "in-use", Type: portainer.SourceTypeGit}
|
||||
err := tx.Source().Create(src)
|
||||
require.NoError(t, err)
|
||||
srcID = src.ID
|
||||
|
||||
wf := &portainer.Workflow{SourceIDs: []portainer.SourceID{src.ID}}
|
||||
err = tx.Workflow().Create(wf)
|
||||
require.NoError(t, err)
|
||||
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
h := newTestHandler(t, store)
|
||||
rr := httptest.NewRecorder()
|
||||
h.ServeHTTP(rr, buildDeleteReq(t, 1, int(srcID)))
|
||||
|
||||
require.Equal(t, http.StatusConflict, rr.Code)
|
||||
}
|
||||
|
||||
func TestSourceDelete_NonNumericID(t *testing.T) {
|
||||
t.Parallel()
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
h := newTestHandler(t, store)
|
||||
rr := httptest.NewRecorder()
|
||||
h.ServeHTTP(rr, buildDeleteReqWithRawID(t, 1, "not-a-number"))
|
||||
|
||||
require.Equal(t, http.StatusBadRequest, rr.Code)
|
||||
}
|
||||
@@ -40,7 +40,9 @@ func TestGetSource_ReturnsDetail(t *testing.T) {
|
||||
}
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{ID: 1, Name: "my-stack", GitConfig: cfg}))
|
||||
stack := &portainer.Stack{ID: 1, Name: "my-stack"}
|
||||
createGitWorkflow(t, tx, stack, cfg)
|
||||
require.NoError(t, tx.Stack().Create(stack))
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
@@ -71,7 +73,9 @@ func TestGetSource_RedactsCredentials(t *testing.T) {
|
||||
}
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{ID: 1, Name: "secure-stack", GitConfig: cfg}))
|
||||
stack := &portainer.Stack{ID: 1, Name: "secure-stack"}
|
||||
createGitWorkflow(t, tx, stack, cfg)
|
||||
require.NoError(t, tx.Stack().Create(stack))
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
@@ -94,12 +98,13 @@ func TestGetSource_AutoUpdate(t *testing.T) {
|
||||
|
||||
cfg := gitCfg("https://github.com/org/polled")
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{
|
||||
stack := &portainer.Stack{
|
||||
ID: 1,
|
||||
Name: "polled-stack",
|
||||
GitConfig: cfg,
|
||||
AutoUpdate: &portainer.AutoUpdateSettings{Interval: "5m"},
|
||||
}))
|
||||
}
|
||||
createGitWorkflow(t, tx, stack, cfg)
|
||||
require.NoError(t, tx.Stack().Create(stack))
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
|
||||
@@ -37,10 +37,16 @@ func NewHandler(bouncer security.BouncerService, dataStore dataservices.DataStor
|
||||
k8sFactory: k8sFactory,
|
||||
}
|
||||
|
||||
authenticatedRouter := h.PathPrefix("/gitops/sources").Subrouter()
|
||||
authenticatedRouter.Use(bouncer.AuthenticatedAccess)
|
||||
authenticatedRouter.Handle("", httperror.LoggerHandler(h.list)).Methods(http.MethodGet)
|
||||
authenticatedRouter.Handle("/summary", httperror.LoggerHandler(h.summary)).Methods(http.MethodGet)
|
||||
|
||||
adminRouter := h.PathPrefix("/gitops/sources").Subrouter()
|
||||
adminRouter.Use(bouncer.AdminAccess)
|
||||
adminRouter.Handle("", httperror.LoggerHandler(h.list)).Methods(http.MethodGet)
|
||||
adminRouter.Handle("/summary", httperror.LoggerHandler(h.summary)).Methods(http.MethodGet)
|
||||
adminRouter.Handle("/git", httperror.LoggerHandler(h.gitSourceCreate)).Methods(http.MethodPost)
|
||||
adminRouter.Handle("/{id}", httperror.LoggerHandler(h.getSource)).Methods(http.MethodGet)
|
||||
adminRouter.Handle("/{id}", httperror.LoggerHandler(h.gitSourceUpdate)).Methods(http.MethodPut)
|
||||
adminRouter.Handle("/{id}", httperror.LoggerHandler(h.sourceDelete)).Methods(http.MethodDelete)
|
||||
return h
|
||||
}
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
package sources
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"testing"
|
||||
@@ -15,6 +17,26 @@ import (
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
// createGitWorkflow creates a Source and Workflow for the given config and
|
||||
// wires them up by setting stack.WorkflowID before creating the stack.
|
||||
func createGitWorkflow(t *testing.T, tx dataservices.DataStoreTx, stack *portainer.Stack, cfg *gittypes.RepoConfig) {
|
||||
t.Helper()
|
||||
|
||||
src := &portainer.Source{
|
||||
Name: gittypes.RepoName(cfg.URL),
|
||||
Type: portainer.SourceTypeGit,
|
||||
GitConfig: cfg,
|
||||
}
|
||||
require.NoError(t, tx.Source().Create(src))
|
||||
|
||||
wf := &portainer.Workflow{
|
||||
SourceIDs: []portainer.SourceID{src.ID},
|
||||
}
|
||||
require.NoError(t, tx.Workflow().Create(wf))
|
||||
|
||||
stack.WorkflowID = wf.ID
|
||||
}
|
||||
|
||||
func newTestHandler(t *testing.T, store dataservices.DataStore) *Handler {
|
||||
t.Helper()
|
||||
return NewHandler(testhelpers.NewTestRequestBouncer(), store, nil, nil)
|
||||
@@ -63,3 +85,66 @@ func gitCfg(url string) *gittypes.RepoConfig {
|
||||
ReferenceName: "refs/heads/main",
|
||||
}
|
||||
}
|
||||
|
||||
func buildCreateReq(t *testing.T, userID portainer.UserID, body []byte) *http.Request {
|
||||
t.Helper()
|
||||
req := httptest.NewRequest(http.MethodPost, "/gitops/sources/git", bytes.NewReader(body))
|
||||
req.Header.Set("Content-Type", "application/json")
|
||||
req = req.WithContext(security.StoreTokenData(req, &portainer.TokenData{ID: userID}))
|
||||
req = req.WithContext(security.StoreRestrictedRequestContext(req, &security.RestrictedRequestContext{
|
||||
UserID: userID, IsAdmin: true,
|
||||
}))
|
||||
return req
|
||||
}
|
||||
|
||||
func buildUpdateReq(t *testing.T, userID portainer.UserID, id int, body []byte) *http.Request {
|
||||
t.Helper()
|
||||
req := httptest.NewRequest(http.MethodPut, fmt.Sprintf("/gitops/sources/%d", id), bytes.NewReader(body))
|
||||
req.Header.Set("Content-Type", "application/json")
|
||||
req = req.WithContext(security.StoreTokenData(req, &portainer.TokenData{ID: userID}))
|
||||
req = req.WithContext(security.StoreRestrictedRequestContext(req, &security.RestrictedRequestContext{
|
||||
UserID: userID, IsAdmin: true,
|
||||
}))
|
||||
return req
|
||||
}
|
||||
|
||||
func buildDeleteReq(t *testing.T, userID portainer.UserID, id int) *http.Request {
|
||||
t.Helper()
|
||||
req := httptest.NewRequest(http.MethodDelete, fmt.Sprintf("/gitops/sources/%d", id), nil)
|
||||
req = req.WithContext(security.StoreTokenData(req, &portainer.TokenData{ID: userID}))
|
||||
req = req.WithContext(security.StoreRestrictedRequestContext(req, &security.RestrictedRequestContext{
|
||||
UserID: userID, IsAdmin: true,
|
||||
}))
|
||||
return req
|
||||
}
|
||||
|
||||
func buildSummaryReq(t *testing.T, userID portainer.UserID) *http.Request {
|
||||
t.Helper()
|
||||
req := httptest.NewRequest(http.MethodGet, "/gitops/sources/summary", nil)
|
||||
req = req.WithContext(security.StoreTokenData(req, &portainer.TokenData{ID: userID}))
|
||||
req = req.WithContext(security.StoreRestrictedRequestContext(req, &security.RestrictedRequestContext{
|
||||
UserID: userID, IsAdmin: true,
|
||||
}))
|
||||
return req
|
||||
}
|
||||
|
||||
func buildUpdateReqWithRawID(t *testing.T, userID portainer.UserID, id string, body []byte) *http.Request {
|
||||
t.Helper()
|
||||
req := httptest.NewRequest(http.MethodPut, "/gitops/sources/"+id, bytes.NewReader(body))
|
||||
req.Header.Set("Content-Type", "application/json")
|
||||
req = req.WithContext(security.StoreTokenData(req, &portainer.TokenData{ID: userID}))
|
||||
req = req.WithContext(security.StoreRestrictedRequestContext(req, &security.RestrictedRequestContext{
|
||||
UserID: userID, IsAdmin: true,
|
||||
}))
|
||||
return req
|
||||
}
|
||||
|
||||
func buildDeleteReqWithRawID(t *testing.T, userID portainer.UserID, id string) *http.Request {
|
||||
t.Helper()
|
||||
req := httptest.NewRequest(http.MethodDelete, "/gitops/sources/"+id, nil)
|
||||
req = req.WithContext(security.StoreTokenData(req, &portainer.TokenData{ID: userID}))
|
||||
req = req.WithContext(security.StoreRestrictedRequestContext(req, &security.RestrictedRequestContext{
|
||||
UserID: userID, IsAdmin: true,
|
||||
}))
|
||||
return req
|
||||
}
|
||||
|
||||
@@ -7,7 +7,9 @@ import (
|
||||
"strconv"
|
||||
"strings"
|
||||
|
||||
gocache "github.com/patrickmn/go-cache"
|
||||
portainer "github.com/portainer/portainer/api"
|
||||
"github.com/portainer/portainer/api/dataservices"
|
||||
gittypes "github.com/portainer/portainer/api/git/types"
|
||||
ceWorkflows "github.com/portainer/portainer/api/gitops/workflows"
|
||||
"github.com/portainer/portainer/api/http/security"
|
||||
"github.com/portainer/portainer/api/http/utils/filters"
|
||||
@@ -15,12 +17,14 @@ import (
|
||||
httperror "github.com/portainer/portainer/pkg/libhttp/error"
|
||||
"github.com/portainer/portainer/pkg/libhttp/request"
|
||||
"github.com/portainer/portainer/pkg/libhttp/response"
|
||||
|
||||
gocache "github.com/patrickmn/go-cache"
|
||||
)
|
||||
|
||||
// @id GitOpsSourcesList
|
||||
// @summary List all GitOps sources
|
||||
// @description Returns a deduplicated list of git repositories used across all GitOps workflows.
|
||||
// @description **Access policy**: admin
|
||||
// @description **Access policy**: authenticated
|
||||
// @tags gitops
|
||||
// @security ApiKeyAuth
|
||||
// @security jwt
|
||||
@@ -107,16 +111,51 @@ func cacheKey(sc *security.RestrictedRequestContext) string {
|
||||
}
|
||||
|
||||
func (h *Handler) fetchSources(ctx context.Context, sc *security.RestrictedRequestContext) ([]Source, error) {
|
||||
workflows, err := ceWorkflows.FetchWorkflows(ctx, h.dataStore, h.gitService, h.k8sFactory, sc, nil)
|
||||
if err != nil {
|
||||
var allSrcs []portainer.Source
|
||||
var stats map[portainer.SourceID]ceWorkflows.SourceStats
|
||||
|
||||
if err := h.dataStore.ViewTx(func(tx dataservices.DataStoreTx) error {
|
||||
var err error
|
||||
allSrcs, stats, err = ceWorkflows.FetchSourceStats(tx, h.k8sFactory, sc)
|
||||
return err
|
||||
}); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
byID := workflowsBySourceID(workflows)
|
||||
result := make([]Source, 0, len(allSrcs))
|
||||
for _, src := range allSrcs {
|
||||
s, accessible := stats[src.ID]
|
||||
if !accessible && !sc.IsAdmin {
|
||||
continue
|
||||
}
|
||||
|
||||
sources := make([]Source, 0, len(byID))
|
||||
for id, wfs := range byID {
|
||||
sources = append(sources, buildSource(id, wfs[0].GitConfig.URL, wfs))
|
||||
var status ceWorkflows.Status
|
||||
var sourceErr string
|
||||
if src.GitConfig != nil {
|
||||
phase, _ := ceWorkflows.ComputeGitPhasesForConfig(ctx, h.gitService, src.GitConfig)
|
||||
status = phase.Status
|
||||
sourceErr = phase.Error
|
||||
} else {
|
||||
status = ceWorkflows.StatusUnknown
|
||||
}
|
||||
|
||||
url := ""
|
||||
if src.GitConfig != nil {
|
||||
url = gittypes.SanitizeURL(src.GitConfig.URL)
|
||||
}
|
||||
|
||||
result = append(result, Source{
|
||||
ID: strconv.Itoa(int(src.ID)),
|
||||
Name: src.Name,
|
||||
Type: sourceTypeString(src.Type),
|
||||
URL: url,
|
||||
Status: status,
|
||||
Error: sourceErr,
|
||||
UsedBy: s.WorkflowCount,
|
||||
Environments: len(s.EndpointIDs),
|
||||
LastSync: s.LastSync,
|
||||
})
|
||||
}
|
||||
return sources, nil
|
||||
|
||||
return result, nil
|
||||
}
|
||||
|
||||
@@ -18,12 +18,18 @@ func TestSourcesList_GroupsByURLAndCredentials(t *testing.T) {
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{
|
||||
ID: 1, Name: "stack-a", GitConfig: gitCfg("https://github.com/org/repo"),
|
||||
}))
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{
|
||||
ID: 2, Name: "stack-b", GitConfig: gitCfg("https://github.com/org/repo"),
|
||||
}))
|
||||
cfg := gitCfg("https://github.com/org/repo")
|
||||
src := &portainer.Source{Name: "repo", Type: portainer.SourceTypeGit, GitConfig: cfg}
|
||||
require.NoError(t, tx.Source().Create(src))
|
||||
|
||||
wfA := &portainer.Workflow{SourceIDs: []portainer.SourceID{src.ID}}
|
||||
require.NoError(t, tx.Workflow().Create(wfA))
|
||||
wfB := &portainer.Workflow{SourceIDs: []portainer.SourceID{src.ID}}
|
||||
require.NoError(t, tx.Workflow().Create(wfB))
|
||||
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{ID: 1, Name: "stack-a", WorkflowID: wfA.ID}))
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{ID: 2, Name: "stack-b", WorkflowID: wfB.ID}))
|
||||
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
@@ -45,8 +51,15 @@ func TestSourcesList_SeparatesCredentials(t *testing.T) {
|
||||
cfg1.Authentication = &gittypes.GitAuthentication{Username: "alice", Password: "pass1"}
|
||||
cfg2 := gitCfg("https://github.com/org/repo")
|
||||
cfg2.Authentication = &gittypes.GitAuthentication{Username: "bob", Password: "pass2"}
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{ID: 1, Name: "stack-a", GitConfig: cfg1}))
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{ID: 2, Name: "stack-b", GitConfig: cfg2}))
|
||||
|
||||
stackA := &portainer.Stack{ID: 1, Name: "stack-a"}
|
||||
createGitWorkflow(t, tx, stackA, cfg1)
|
||||
require.NoError(t, tx.Stack().Create(stackA))
|
||||
|
||||
stackB := &portainer.Stack{ID: 2, Name: "stack-b"}
|
||||
createGitWorkflow(t, tx, stackB, cfg2)
|
||||
require.NoError(t, tx.Stack().Create(stackB))
|
||||
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
@@ -64,9 +77,9 @@ func TestSourcesList_StatusFilter(t *testing.T) {
|
||||
|
||||
// With nil gitService, source git-phase status is always StatusUnknown.
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{
|
||||
ID: 1, GitConfig: gitCfg("https://github.com/org/app"),
|
||||
}))
|
||||
stack := &portainer.Stack{ID: 1}
|
||||
createGitWorkflow(t, tx, stack, gitCfg("https://github.com/org/app"))
|
||||
require.NoError(t, tx.Stack().Create(stack))
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
@@ -92,12 +105,14 @@ func TestSourcesList_SearchByURL(t *testing.T) {
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{
|
||||
ID: 1, GitConfig: gitCfg("https://github.com/org/app"),
|
||||
}))
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{
|
||||
ID: 2, GitConfig: gitCfg("https://github.com/org/infra"),
|
||||
}))
|
||||
stackA := &portainer.Stack{ID: 1}
|
||||
createGitWorkflow(t, tx, stackA, gitCfg("https://github.com/org/app"))
|
||||
require.NoError(t, tx.Stack().Create(stackA))
|
||||
|
||||
stackB := &portainer.Stack{ID: 2}
|
||||
createGitWorkflow(t, tx, stackB, gitCfg("https://github.com/org/infra"))
|
||||
require.NoError(t, tx.Stack().Create(stackB))
|
||||
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
|
||||
@@ -12,7 +12,7 @@ import (
|
||||
// @id GitOpsSourcesSummary
|
||||
// @summary Summarize GitOps source status counts
|
||||
// @description Returns a count of sources per status.
|
||||
// @description **Access policy**: admin
|
||||
// @description **Access policy**: authenticated
|
||||
// @tags gitops
|
||||
// @security ApiKeyAuth
|
||||
// @security jwt
|
||||
@@ -27,10 +27,6 @@ func (h *Handler) summary(w http.ResponseWriter, r *http.Request) *httperror.Han
|
||||
return httperror.InternalServerError("Unable to retrieve info from request context", err)
|
||||
}
|
||||
|
||||
if !securityContext.IsAdmin {
|
||||
return httperror.Forbidden("Access denied", nil)
|
||||
}
|
||||
|
||||
key := cacheKey(securityContext)
|
||||
|
||||
sources, err := h.getSources(r.Context(), key, securityContext)
|
||||
|
||||
@@ -0,0 +1,65 @@
|
||||
package sources
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"testing"
|
||||
|
||||
portainer "github.com/portainer/portainer/api"
|
||||
"github.com/portainer/portainer/api/dataservices"
|
||||
"github.com/portainer/portainer/api/datastore"
|
||||
ceWorkflows "github.com/portainer/portainer/api/gitops/workflows"
|
||||
|
||||
"github.com/segmentio/encoding/json"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func TestSourcesSummary_Empty(t *testing.T) {
|
||||
t.Parallel()
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
h := newTestHandler(t, store)
|
||||
rr := httptest.NewRecorder()
|
||||
h.ServeHTTP(rr, buildSummaryReq(t, 1))
|
||||
|
||||
require.Equal(t, http.StatusOK, rr.Code)
|
||||
|
||||
var summary ceWorkflows.StatusSummary
|
||||
err := json.NewDecoder(rr.Body).Decode(&summary)
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, ceWorkflows.StatusSummary{}, summary)
|
||||
}
|
||||
|
||||
func TestSourcesSummary_CountsByStatus(t *testing.T) {
|
||||
t.Parallel()
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
// With nil gitService and nil GitConfig, all sources get StatusUnknown.
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
for _, name := range []string{"source-a", "source-b", "source-c"} {
|
||||
err := tx.Source().Create(&portainer.Source{Name: name, Type: portainer.SourceTypeGit})
|
||||
require.NoError(t, err)
|
||||
}
|
||||
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
h := newTestHandler(t, store)
|
||||
rr := httptest.NewRecorder()
|
||||
h.ServeHTTP(rr, buildSummaryReq(t, 1))
|
||||
|
||||
require.Equal(t, http.StatusOK, rr.Code)
|
||||
|
||||
var summary ceWorkflows.StatusSummary
|
||||
err := json.NewDecoder(rr.Body).Decode(&summary)
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, 3, summary.Unknown)
|
||||
require.Zero(t, summary.Healthy)
|
||||
require.Zero(t, summary.Error)
|
||||
require.Zero(t, summary.Syncing)
|
||||
require.Zero(t, summary.Paused)
|
||||
}
|
||||
@@ -7,6 +7,7 @@ import (
|
||||
"path"
|
||||
"strings"
|
||||
|
||||
portainer "github.com/portainer/portainer/api"
|
||||
gittypes "github.com/portainer/portainer/api/git/types"
|
||||
"github.com/portainer/portainer/api/gitops/workflows"
|
||||
)
|
||||
@@ -41,6 +42,19 @@ func parseSourceType(s string) (string, error) {
|
||||
}
|
||||
}
|
||||
|
||||
func sourceTypeString(t portainer.SourceType) string {
|
||||
switch t {
|
||||
case portainer.SourceTypeGit:
|
||||
return string(SourceTypeGit)
|
||||
case portainer.SourceTypeHelm:
|
||||
return string(SourceTypeHelm)
|
||||
case portainer.SourceTypeRegistry:
|
||||
return string(SourceTypeOCI)
|
||||
default:
|
||||
return string(SourceTypeGit)
|
||||
}
|
||||
}
|
||||
|
||||
type sourceGroupKey struct {
|
||||
URL string
|
||||
Username string
|
||||
@@ -53,6 +67,7 @@ func gitSourceKey(cfg *gittypes.RepoConfig) sourceGroupKey {
|
||||
key.Username = cfg.Authentication.Username
|
||||
key.Password = cfg.Authentication.Password
|
||||
}
|
||||
|
||||
return key
|
||||
}
|
||||
|
||||
@@ -61,11 +76,8 @@ func sourceID(key sourceGroupKey) string {
|
||||
return hex.EncodeToString(h[:8])
|
||||
}
|
||||
|
||||
// repoName extracts the repository name from a URL.
|
||||
// e.g. "https://github.com/org/app-config.git" → "app-config"
|
||||
func repoName(rawURL string) string {
|
||||
base := path.Base(rawURL)
|
||||
return strings.TrimSuffix(base, ".git")
|
||||
return strings.TrimSuffix(path.Base(rawURL), ".git")
|
||||
}
|
||||
|
||||
func worstCaseStatus(statuses []workflows.Status) workflows.Status {
|
||||
@@ -82,5 +94,6 @@ func worstCaseStatus(statuses []workflows.Status) workflows.Status {
|
||||
worst = s
|
||||
}
|
||||
}
|
||||
|
||||
return worst
|
||||
}
|
||||
|
||||
@@ -0,0 +1,103 @@
|
||||
package sources
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
portainer "github.com/portainer/portainer/api"
|
||||
"github.com/portainer/portainer/api/dataservices"
|
||||
gittypes "github.com/portainer/portainer/api/git/types"
|
||||
httperror "github.com/portainer/portainer/pkg/libhttp/error"
|
||||
"github.com/portainer/portainer/pkg/libhttp/request"
|
||||
"github.com/portainer/portainer/pkg/libhttp/response"
|
||||
)
|
||||
|
||||
var ErrNotGitSource = errors.New("source is not a Git source")
|
||||
|
||||
// @id GitOpsSourcesUpdateGit
|
||||
// @summary Update a Git source
|
||||
// @description Updates an existing GitOps source backed by a Git repository.
|
||||
// @description **Access policy**: admin
|
||||
// @tags gitops
|
||||
// @security ApiKeyAuth
|
||||
// @security jwt
|
||||
// @accept json
|
||||
// @produce json
|
||||
// @param id path int true "Source identifier"
|
||||
// @param body body GitSourceCreatePayload true "Git source details"
|
||||
// @success 200 {object} portainer.Source
|
||||
// @failure 400 "Invalid request payload"
|
||||
// @failure 403 "Access denied"
|
||||
// @failure 404 "Source not found"
|
||||
// @failure 500 "Server error"
|
||||
// @router /gitops/sources/{id} [put]
|
||||
func (h *Handler) gitSourceUpdate(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
|
||||
sourceID, err := request.RetrieveNumericRouteVariableValue(r, "id")
|
||||
if err != nil {
|
||||
return httperror.BadRequest("Invalid source identifier route variable", err)
|
||||
}
|
||||
|
||||
var payload GitSourceCreatePayload
|
||||
|
||||
if err := request.DecodeAndValidateJSONPayload(r, &payload); err != nil {
|
||||
return httperror.BadRequest("Invalid request payload", err)
|
||||
}
|
||||
|
||||
var src *portainer.Source
|
||||
|
||||
if err := h.dataStore.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
var err error
|
||||
|
||||
if src, err = tx.Source().Read(portainer.SourceID(sourceID)); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if src.Type != portainer.SourceTypeGit {
|
||||
return ErrNotGitSource
|
||||
}
|
||||
|
||||
name := payload.Name
|
||||
if strings.TrimSpace(name) == "" {
|
||||
name = gittypes.RepoName(payload.URL)
|
||||
}
|
||||
|
||||
src.Name = name
|
||||
|
||||
var existingAuth *gittypes.GitAuthentication
|
||||
if src.GitConfig != nil {
|
||||
existingAuth = src.GitConfig.Authentication
|
||||
}
|
||||
|
||||
src.GitConfig = &gittypes.RepoConfig{
|
||||
URL: payload.URL,
|
||||
ReferenceName: payload.ReferenceName,
|
||||
TLSSkipVerify: payload.TLSSkipVerify,
|
||||
}
|
||||
|
||||
if payload.Authentication != nil {
|
||||
src.GitConfig.Authentication = &gittypes.GitAuthentication{
|
||||
Username: payload.Authentication.Username,
|
||||
Password: payload.Authentication.Password,
|
||||
Provider: payload.Authentication.Provider,
|
||||
AuthorizationType: payload.Authentication.AuthorizationType,
|
||||
}
|
||||
} else if payload.ClearAuthentication {
|
||||
src.GitConfig.Authentication = nil
|
||||
} else {
|
||||
src.GitConfig.Authentication = existingAuth
|
||||
}
|
||||
|
||||
return tx.Source().Update(src.ID, src)
|
||||
}); h.dataStore.IsErrObjectNotFound(err) {
|
||||
return httperror.NotFound("Unable to find a source with the specified identifier", err)
|
||||
} else if errors.Is(err, ErrNotGitSource) {
|
||||
return httperror.BadRequest("Source is not a Git source", err)
|
||||
} else if err != nil {
|
||||
return httperror.InternalServerError("Unable to update source", err)
|
||||
}
|
||||
|
||||
src.GitConfig = gittypes.SanitizeRepoConfig(src.GitConfig)
|
||||
|
||||
return response.JSON(w, src)
|
||||
}
|
||||
@@ -0,0 +1,264 @@
|
||||
package sources
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"testing"
|
||||
|
||||
portainer "github.com/portainer/portainer/api"
|
||||
"github.com/portainer/portainer/api/dataservices"
|
||||
"github.com/portainer/portainer/api/datastore"
|
||||
gittypes "github.com/portainer/portainer/api/git/types"
|
||||
|
||||
"github.com/segmentio/encoding/json"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func TestGitSourceUpdate_Success(t *testing.T) {
|
||||
t.Parallel()
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
var srcID portainer.SourceID
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
src := &portainer.Source{Name: "old-name", Type: portainer.SourceTypeGit}
|
||||
err := tx.Source().Create(src)
|
||||
require.NoError(t, err)
|
||||
srcID = src.ID
|
||||
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
h := newTestHandler(t, store)
|
||||
|
||||
body, err := json.Marshal(GitSourceCreatePayload{
|
||||
URL: "https://github.com/org/new.git",
|
||||
Name: "new-name",
|
||||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
rr := httptest.NewRecorder()
|
||||
h.ServeHTTP(rr, buildUpdateReq(t, 1, int(srcID), body))
|
||||
|
||||
require.Equal(t, http.StatusOK, rr.Code)
|
||||
|
||||
var src portainer.Source
|
||||
err = json.NewDecoder(rr.Body).Decode(&src)
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, "new-name", src.Name)
|
||||
require.NotNil(t, src.GitConfig)
|
||||
require.Equal(t, "https://github.com/org/new.git", src.GitConfig.URL)
|
||||
}
|
||||
|
||||
func TestGitSourceUpdate_DerivesNameFromURL(t *testing.T) {
|
||||
t.Parallel()
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
var srcID portainer.SourceID
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
src := &portainer.Source{Name: "old-name", Type: portainer.SourceTypeGit}
|
||||
err := tx.Source().Create(src)
|
||||
require.NoError(t, err)
|
||||
srcID = src.ID
|
||||
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
h := newTestHandler(t, store)
|
||||
|
||||
body, err := json.Marshal(GitSourceCreatePayload{
|
||||
URL: "https://github.com/org/my-project.git",
|
||||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
rr := httptest.NewRecorder()
|
||||
h.ServeHTTP(rr, buildUpdateReq(t, 1, int(srcID), body))
|
||||
|
||||
require.Equal(t, http.StatusOK, rr.Code)
|
||||
|
||||
var src portainer.Source
|
||||
err = json.NewDecoder(rr.Body).Decode(&src)
|
||||
require.NoError(t, err)
|
||||
require.Equal(t, "my-project", src.Name)
|
||||
}
|
||||
|
||||
func TestGitSourceUpdate_PreservesAuthWhenNotProvided(t *testing.T) {
|
||||
t.Parallel()
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
var srcID portainer.SourceID
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
src := &portainer.Source{
|
||||
Name: "auth-source",
|
||||
Type: portainer.SourceTypeGit,
|
||||
GitConfig: &gittypes.RepoConfig{
|
||||
URL: "https://github.com/org/repo.git",
|
||||
Authentication: &gittypes.GitAuthentication{
|
||||
Username: "alice",
|
||||
Password: "secret",
|
||||
},
|
||||
},
|
||||
}
|
||||
err := tx.Source().Create(src)
|
||||
require.NoError(t, err)
|
||||
srcID = src.ID
|
||||
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
h := newTestHandler(t, store)
|
||||
|
||||
body, err := json.Marshal(GitSourceCreatePayload{
|
||||
URL: "https://github.com/org/repo.git",
|
||||
Name: "renamed",
|
||||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
rr := httptest.NewRecorder()
|
||||
h.ServeHTTP(rr, buildUpdateReq(t, 1, int(srcID), body))
|
||||
|
||||
require.Equal(t, http.StatusOK, rr.Code)
|
||||
|
||||
var stored *portainer.Source
|
||||
require.NoError(t, store.ViewTx(func(tx dataservices.DataStoreTx) error {
|
||||
var err error
|
||||
stored, err = tx.Source().Read(srcID)
|
||||
return err
|
||||
}))
|
||||
require.NotNil(t, stored.GitConfig)
|
||||
require.NotNil(t, stored.GitConfig.Authentication)
|
||||
require.Equal(t, "alice", stored.GitConfig.Authentication.Username)
|
||||
require.Equal(t, "secret", stored.GitConfig.Authentication.Password)
|
||||
}
|
||||
|
||||
func TestGitSourceUpdate_ClearsAuthWhenRequested(t *testing.T) {
|
||||
t.Parallel()
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
var srcID portainer.SourceID
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
src := &portainer.Source{
|
||||
Name: "auth-source",
|
||||
Type: portainer.SourceTypeGit,
|
||||
GitConfig: &gittypes.RepoConfig{
|
||||
URL: "https://github.com/org/repo.git",
|
||||
Authentication: &gittypes.GitAuthentication{
|
||||
Username: "alice",
|
||||
Password: "secret",
|
||||
},
|
||||
},
|
||||
}
|
||||
err := tx.Source().Create(src)
|
||||
require.NoError(t, err)
|
||||
srcID = src.ID
|
||||
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
h := newTestHandler(t, store)
|
||||
|
||||
body, err := json.Marshal(GitSourceCreatePayload{
|
||||
URL: "https://github.com/org/repo.git",
|
||||
ClearAuthentication: true,
|
||||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
rr := httptest.NewRecorder()
|
||||
h.ServeHTTP(rr, buildUpdateReq(t, 1, int(srcID), body))
|
||||
|
||||
require.Equal(t, http.StatusOK, rr.Code)
|
||||
|
||||
var stored *portainer.Source
|
||||
require.NoError(t, store.ViewTx(func(tx dataservices.DataStoreTx) error {
|
||||
var err error
|
||||
stored, err = tx.Source().Read(srcID)
|
||||
return err
|
||||
}))
|
||||
require.NotNil(t, stored.GitConfig)
|
||||
require.Nil(t, stored.GitConfig.Authentication)
|
||||
}
|
||||
|
||||
func TestGitSourceUpdate_NotFound(t *testing.T) {
|
||||
t.Parallel()
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
h := newTestHandler(t, store)
|
||||
|
||||
body, err := json.Marshal(GitSourceCreatePayload{URL: "https://github.com/org/repo.git"})
|
||||
require.NoError(t, err)
|
||||
|
||||
rr := httptest.NewRecorder()
|
||||
h.ServeHTTP(rr, buildUpdateReq(t, 1, 99, body))
|
||||
|
||||
require.Equal(t, http.StatusNotFound, rr.Code)
|
||||
}
|
||||
|
||||
func TestGitSourceUpdate_NotGitSource(t *testing.T) {
|
||||
t.Parallel()
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
var srcID portainer.SourceID
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
src := &portainer.Source{Name: "helm-source", Type: portainer.SourceTypeHelm}
|
||||
err := tx.Source().Create(src)
|
||||
require.NoError(t, err)
|
||||
srcID = src.ID
|
||||
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
h := newTestHandler(t, store)
|
||||
|
||||
body, err := json.Marshal(GitSourceCreatePayload{URL: "https://github.com/org/repo.git"})
|
||||
require.NoError(t, err)
|
||||
|
||||
rr := httptest.NewRecorder()
|
||||
h.ServeHTTP(rr, buildUpdateReq(t, 1, int(srcID), body))
|
||||
|
||||
require.Equal(t, http.StatusBadRequest, rr.Code)
|
||||
}
|
||||
|
||||
func TestGitSourceUpdate_MalformedJSON(t *testing.T) {
|
||||
t.Parallel()
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
var srcID portainer.SourceID
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
src := &portainer.Source{Name: "src", Type: portainer.SourceTypeGit}
|
||||
err := tx.Source().Create(src)
|
||||
require.NoError(t, err)
|
||||
srcID = src.ID
|
||||
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
h := newTestHandler(t, store)
|
||||
|
||||
rr := httptest.NewRecorder()
|
||||
h.ServeHTTP(rr, buildUpdateReq(t, 1, int(srcID), []byte("not-valid-json{")))
|
||||
|
||||
require.Equal(t, http.StatusBadRequest, rr.Code)
|
||||
}
|
||||
|
||||
func TestGitSourceUpdate_NonNumericID(t *testing.T) {
|
||||
t.Parallel()
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
h := newTestHandler(t, store)
|
||||
|
||||
body, err := json.Marshal(GitSourceCreatePayload{URL: "https://github.com/org/repo.git"})
|
||||
require.NoError(t, err)
|
||||
|
||||
req := buildUpdateReqWithRawID(t, 1, "not-a-number", body)
|
||||
rr := httptest.NewRecorder()
|
||||
h.ServeHTTP(rr, req)
|
||||
|
||||
require.Equal(t, http.StatusBadRequest, rr.Code)
|
||||
}
|
||||
@@ -28,9 +28,7 @@ func buildSource(id, url string, wfs []ce.Workflow) Source {
|
||||
if sourceError == "" && wf.Status.Source.Status == ce.StatusError {
|
||||
sourceError = wf.Status.Source.Error
|
||||
}
|
||||
if wf.LastSyncDate > lastSync {
|
||||
lastSync = wf.LastSyncDate
|
||||
}
|
||||
lastSync = max(lastSync, wf.LastSyncDate)
|
||||
if wf.Target.EndpointID != 0 {
|
||||
endpointIDs.Add(wf.Target.EndpointID)
|
||||
}
|
||||
|
||||
@@ -28,10 +28,10 @@ func TestWorkflowsList_RBAC_NonAdminNoAccess(t *testing.T) {
|
||||
require.NoError(t, store.Endpoint().Create(&portainer.Endpoint{ID: 1, Name: "test-env"}))
|
||||
|
||||
// Stack on endpoint 1 WITHOUT resource control — non-admin cannot see it
|
||||
require.NoError(t, store.StackService.Create(&portainer.Stack{
|
||||
createGitStack(t, store, &portainer.Stack{
|
||||
ID: 1, Name: "no-rc-stack", EndpointID: 1,
|
||||
GitConfig: gitConfig("https://github.com/x/no-rc"),
|
||||
}))
|
||||
})
|
||||
|
||||
h := NewHandler(store, nil, nil)
|
||||
rr := httptest.NewRecorder()
|
||||
@@ -56,10 +56,10 @@ func TestWorkflowsList_RBAC_NonAdminWithAccess(t *testing.T) {
|
||||
require.NoError(t, store.Endpoint().Create(&portainer.Endpoint{ID: 1, Name: "test-env"}))
|
||||
|
||||
const stackName = "rc-stack"
|
||||
require.NoError(t, store.StackService.Create(&portainer.Stack{
|
||||
createGitStack(t, store, &portainer.Stack{
|
||||
ID: 1, Name: stackName, EndpointID: 1,
|
||||
GitConfig: gitConfig("https://github.com/x/rc"),
|
||||
}))
|
||||
})
|
||||
|
||||
require.NoError(t, store.ResourceControl().Create(&portainer.ResourceControl{
|
||||
ID: 1,
|
||||
|
||||
@@ -6,6 +6,7 @@ import (
|
||||
"testing"
|
||||
|
||||
portainer "github.com/portainer/portainer/api"
|
||||
"github.com/portainer/portainer/api/dataservices"
|
||||
gittypes "github.com/portainer/portainer/api/git/types"
|
||||
ce "github.com/portainer/portainer/api/gitops/workflows"
|
||||
"github.com/portainer/portainer/api/http/security"
|
||||
@@ -40,3 +41,20 @@ func decodeWorkflows(t *testing.T, rr *httptest.ResponseRecorder) []ce.Workflow
|
||||
func gitConfig(url string) *gittypes.RepoConfig {
|
||||
return &gittypes.RepoConfig{URL: url, ConfigFilePath: "docker-compose.yml"}
|
||||
}
|
||||
|
||||
// createGitStack creates Source, Workflow, and Stack records with WorkflowID properly wired.
|
||||
func createGitStack(t *testing.T, tx dataservices.DataStoreTx, stack *portainer.Stack) {
|
||||
t.Helper()
|
||||
|
||||
if stack.GitConfig != nil {
|
||||
src := &portainer.Source{GitConfig: stack.GitConfig, Type: portainer.SourceTypeGit}
|
||||
require.NoError(t, tx.Source().Create(src))
|
||||
|
||||
wf := &portainer.Workflow{SourceIDs: []portainer.SourceID{src.ID}}
|
||||
require.NoError(t, tx.Workflow().Create(wf))
|
||||
|
||||
stack.WorkflowID = wf.ID
|
||||
}
|
||||
|
||||
require.NoError(t, tx.Stack().Create(stack))
|
||||
}
|
||||
|
||||
@@ -128,16 +128,13 @@ func (h *Handler) getWorkflows(ctx context.Context, key string, sc *security.Res
|
||||
return slices.Clone(cached.([]svc.Workflow)), nil
|
||||
}
|
||||
|
||||
result, err := h.fetchWorkflows(ctx, sc, set.ToSet(endpointIDs))
|
||||
result, err := svc.FetchWorkflows(ctx, h.dataStore, h.gitService, h.k8sFactory, sc, set.ToSet(endpointIDs))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
h.cache.Set(key, result, gocache.DefaultExpiration)
|
||||
return slices.Clone(result), nil
|
||||
}
|
||||
|
||||
func (h *Handler) fetchWorkflows(ctx context.Context, sc *security.RestrictedRequestContext, endpointIDSet set.Set[portainer.EndpointID]) ([]svc.Workflow, error) {
|
||||
return svc.FetchWorkflows(ctx, h.dataStore, h.gitService, h.k8sFactory, sc, endpointIDSet)
|
||||
return slices.Clone(result), nil
|
||||
}
|
||||
|
||||
func cacheKey(sc *security.RestrictedRequestContext, endpointIDs []portainer.EndpointID) string {
|
||||
|
||||
@@ -23,10 +23,10 @@ func TestWorkflowsList_GitConfigFilter(t *testing.T) {
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{
|
||||
createGitStack(t, tx, &portainer.Stack{
|
||||
ID: 1, Name: "gitops-stack",
|
||||
GitConfig: gitConfig("https://github.com/example/repo"),
|
||||
}))
|
||||
})
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{ID: 2, Name: "plain-stack"}))
|
||||
require.NoError(t, tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole}))
|
||||
return nil
|
||||
@@ -50,12 +50,12 @@ func TestWorkflowsList_EndpointIDsFilter(t *testing.T) {
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
for i := 1; i <= 3; i++ {
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{
|
||||
createGitStack(t, tx, &portainer.Stack{
|
||||
ID: portainer.StackID(i),
|
||||
Name: fmt.Sprintf("env%d-stack", i),
|
||||
EndpointID: portainer.EndpointID(i),
|
||||
GitConfig: gitConfig(fmt.Sprintf("https://github.com/x/%d", i)),
|
||||
}))
|
||||
})
|
||||
}
|
||||
require.NoError(t, tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole}))
|
||||
return nil
|
||||
@@ -78,11 +78,11 @@ func TestWorkflowsList_Pagination(t *testing.T) {
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
for i := 1; i <= 5; i++ {
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{
|
||||
createGitStack(t, tx, &portainer.Stack{
|
||||
ID: portainer.StackID(i),
|
||||
Name: fmt.Sprintf("stack-%d", i),
|
||||
GitConfig: gitConfig("https://github.com/x/y"),
|
||||
}))
|
||||
})
|
||||
}
|
||||
|
||||
require.NoError(t, tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole}))
|
||||
@@ -107,7 +107,7 @@ func TestWorkflowsList_Search(t *testing.T) {
|
||||
{ID: 1, Name: "alpha", GitConfig: gitConfig("https://github.com/org/alpha")},
|
||||
{ID: 2, Name: "beta", GitConfig: gitConfig("https://github.com/org/beta")},
|
||||
} {
|
||||
require.NoError(t, tx.Stack().Create(s))
|
||||
createGitStack(t, tx, s)
|
||||
}
|
||||
|
||||
require.NoError(t, tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole}))
|
||||
@@ -128,14 +128,14 @@ func TestWorkflowsList_SearchByURL(t *testing.T) {
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{
|
||||
createGitStack(t, tx, &portainer.Stack{
|
||||
ID: 1, Name: "stack-org1",
|
||||
GitConfig: gitConfig("https://github.com/org1/repo"),
|
||||
}))
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{
|
||||
})
|
||||
createGitStack(t, tx, &portainer.Stack{
|
||||
ID: 2, Name: "stack-org2",
|
||||
GitConfig: gitConfig("https://github.com/org2/repo"),
|
||||
}))
|
||||
})
|
||||
|
||||
require.NoError(t, tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole}))
|
||||
return nil
|
||||
@@ -156,11 +156,11 @@ func TestWorkflowsList_Sort(t *testing.T) {
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
for i, name := range []string{"gamma", "alpha", "beta"} {
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{
|
||||
createGitStack(t, tx, &portainer.Stack{
|
||||
ID: portainer.StackID(i + 1),
|
||||
Name: name,
|
||||
GitConfig: gitConfig("https://github.com/x/" + name),
|
||||
}))
|
||||
})
|
||||
}
|
||||
require.NoError(t, tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole}))
|
||||
return nil
|
||||
@@ -188,10 +188,10 @@ func TestWorkflowsList_Cache(t *testing.T) {
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{
|
||||
createGitStack(t, tx, &portainer.Stack{
|
||||
ID: 1, Name: "initial-stack",
|
||||
GitConfig: gitConfig("https://github.com/x/initial"),
|
||||
}))
|
||||
})
|
||||
|
||||
require.NoError(t, tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole}))
|
||||
return nil
|
||||
@@ -208,10 +208,10 @@ func TestWorkflowsList_Cache(t *testing.T) {
|
||||
require.Len(t, decodeWorkflows(t, rr), 1)
|
||||
|
||||
// Mutate the store while cache is still warm.
|
||||
require.NoError(t, store.StackService.Create(&portainer.Stack{
|
||||
createGitStack(t, store, &portainer.Stack{
|
||||
ID: 2, Name: "new-stack",
|
||||
GitConfig: gitConfig("https://github.com/x/new"),
|
||||
}))
|
||||
})
|
||||
|
||||
// Second request — same cache key, should return stale cached result.
|
||||
rr = httptest.NewRecorder()
|
||||
@@ -235,13 +235,11 @@ func TestWorkflowsList_CacheImmutableAfterSort(t *testing.T) {
|
||||
|
||||
for i, name := range []string{"alpha", "beta", "gamma"} {
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
require.NoError(t, tx.Stack().Create(
|
||||
&portainer.Stack{
|
||||
ID: portainer.StackID(i + 1),
|
||||
Name: name,
|
||||
GitConfig: gitConfig("https://github.com/x/" + name),
|
||||
},
|
||||
))
|
||||
createGitStack(t, tx, &portainer.Stack{
|
||||
ID: portainer.StackID(i + 1),
|
||||
Name: name,
|
||||
GitConfig: gitConfig("https://github.com/x/" + name),
|
||||
})
|
||||
|
||||
require.NoError(t, tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole}))
|
||||
return nil
|
||||
@@ -278,14 +276,14 @@ func TestWorkflowsList_CacheSeparateKeys(t *testing.T) {
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{
|
||||
createGitStack(t, tx, &portainer.Stack{
|
||||
ID: 1, Name: "env1-stack", EndpointID: 1,
|
||||
GitConfig: gitConfig("https://github.com/x/1"),
|
||||
}))
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{
|
||||
})
|
||||
createGitStack(t, tx, &portainer.Stack{
|
||||
ID: 2, Name: "env2-stack", EndpointID: 2,
|
||||
GitConfig: gitConfig("https://github.com/x/2"),
|
||||
}))
|
||||
})
|
||||
require.NoError(t, tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole}))
|
||||
return nil
|
||||
}))
|
||||
@@ -310,15 +308,15 @@ func TestWorkflowsList_StatusFilter(t *testing.T) {
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{
|
||||
createGitStack(t, tx, &portainer.Stack{
|
||||
ID: 1, Name: "healthy-stack",
|
||||
GitConfig: gitConfig("https://github.com/x/1"),
|
||||
}))
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{
|
||||
})
|
||||
createGitStack(t, tx, &portainer.Stack{
|
||||
ID: 2, Name: "error-stack",
|
||||
GitConfig: gitConfig("https://github.com/x/2"),
|
||||
DeploymentStatus: []portainer.StackDeploymentStatus{{Status: portainer.StackStatusError}},
|
||||
}))
|
||||
})
|
||||
require.NoError(t, tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole}))
|
||||
return nil
|
||||
}))
|
||||
@@ -366,9 +364,9 @@ func TestWorkflowsList_RedactsCredentials(t *testing.T) {
|
||||
cfg.Authentication = &gittypes.GitAuthentication{Username: "user", Password: "s3cr3t"}
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{
|
||||
createGitStack(t, tx, &portainer.Stack{
|
||||
ID: 1, Name: "secure-stack", GitConfig: cfg,
|
||||
}))
|
||||
})
|
||||
require.NoError(t, tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole}))
|
||||
return nil
|
||||
}))
|
||||
|
||||
@@ -22,26 +22,26 @@ func TestWorkflowsList_StackStatusDerivation(t *testing.T) {
|
||||
expectedStatus ce.Status
|
||||
}{
|
||||
{
|
||||
name: "no deployment status → healthy",
|
||||
name: "no deployment status gives healthy",
|
||||
expectedStatus: ce.StatusHealthy,
|
||||
},
|
||||
{
|
||||
name: "active → healthy",
|
||||
name: "active gives healthy",
|
||||
deployStatus: []portainer.StackDeploymentStatus{{Status: portainer.StackStatusActive}},
|
||||
expectedStatus: ce.StatusHealthy,
|
||||
},
|
||||
{
|
||||
name: "error → error",
|
||||
name: "error gives error",
|
||||
deployStatus: []portainer.StackDeploymentStatus{{Status: portainer.StackStatusError}},
|
||||
expectedStatus: ce.StatusError,
|
||||
},
|
||||
{
|
||||
name: "deploying → syncing",
|
||||
name: "deploying gives syncing",
|
||||
deployStatus: []portainer.StackDeploymentStatus{{Status: portainer.StackStatusDeploying}},
|
||||
expectedStatus: ce.StatusSyncing,
|
||||
},
|
||||
{
|
||||
name: "inactive → paused",
|
||||
name: "inactive gives paused",
|
||||
deployStatus: []portainer.StackDeploymentStatus{{Status: portainer.StackStatusInactive}},
|
||||
expectedStatus: ce.StatusPaused,
|
||||
},
|
||||
@@ -61,12 +61,12 @@ func TestWorkflowsList_StackStatusDerivation(t *testing.T) {
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
require.NoError(t, tx.Stack().Create(&portainer.Stack{
|
||||
createGitStack(t, tx, &portainer.Stack{
|
||||
ID: 1,
|
||||
Name: "status-stack",
|
||||
DeploymentStatus: tc.deployStatus,
|
||||
GitConfig: gitConfig("https://github.com/x/y"),
|
||||
}))
|
||||
})
|
||||
|
||||
require.NoError(t, tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole}))
|
||||
return nil
|
||||
|
||||
@@ -0,0 +1,92 @@
|
||||
package workflows
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"testing"
|
||||
|
||||
portainer "github.com/portainer/portainer/api"
|
||||
"github.com/portainer/portainer/api/dataservices"
|
||||
"github.com/portainer/portainer/api/datastore"
|
||||
ce "github.com/portainer/portainer/api/gitops/workflows"
|
||||
"github.com/portainer/portainer/api/http/security"
|
||||
|
||||
"github.com/segmentio/encoding/json"
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func buildSummaryReq(t *testing.T, userID portainer.UserID, role portainer.UserRole) *http.Request {
|
||||
t.Helper()
|
||||
req := httptest.NewRequest(http.MethodGet, "/gitops/workflows/summary", nil)
|
||||
ctx := security.StoreTokenData(req, &portainer.TokenData{ID: userID})
|
||||
req = req.WithContext(ctx)
|
||||
ctx = security.StoreRestrictedRequestContext(req, &security.RestrictedRequestContext{
|
||||
UserID: userID,
|
||||
IsAdmin: security.IsAdminRole(role),
|
||||
})
|
||||
return req.WithContext(ctx)
|
||||
}
|
||||
|
||||
func decodeSummary(t *testing.T, rr *httptest.ResponseRecorder) ce.StatusSummary {
|
||||
t.Helper()
|
||||
require.Equal(t, http.StatusOK, rr.Code, "unexpected status: %s", rr.Body.String())
|
||||
var s ce.StatusSummary
|
||||
require.NoError(t, json.NewDecoder(rr.Body).Decode(&s))
|
||||
return s
|
||||
}
|
||||
|
||||
func TestWorkflowsSummary_Empty(t *testing.T) {
|
||||
t.Parallel()
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
h := NewHandler(store, nil, nil)
|
||||
rr := httptest.NewRecorder()
|
||||
h.ServeHTTP(rr, buildSummaryReq(t, 1, portainer.AdministratorRole))
|
||||
|
||||
s := decodeSummary(t, rr)
|
||||
require.Equal(t, ce.StatusSummary{}, s)
|
||||
}
|
||||
|
||||
func TestWorkflowsSummary_CountsHealthyAndError(t *testing.T) {
|
||||
t.Parallel()
|
||||
_, store := datastore.MustNewTestStore(t, false, true)
|
||||
|
||||
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
|
||||
// No deployment status, target healthy, effective status = healthy.
|
||||
createGitStack(t, tx, &portainer.Stack{
|
||||
ID: 1, Name: "healthy-stack",
|
||||
GitConfig: gitConfig("https://github.com/x/1"),
|
||||
})
|
||||
|
||||
// Error deployment status, target error, effective status = error.
|
||||
createGitStack(t, tx, &portainer.Stack{
|
||||
ID: 2, Name: "error-stack",
|
||||
GitConfig: gitConfig("https://github.com/x/2"),
|
||||
DeploymentStatus: []portainer.StackDeploymentStatus{{Status: portainer.StackStatusError}},
|
||||
})
|
||||
|
||||
// Deploying deployment status, target syncing, effective status = syncing.
|
||||
createGitStack(t, tx, &portainer.Stack{
|
||||
ID: 3, Name: "syncing-stack",
|
||||
GitConfig: gitConfig("https://github.com/x/3"),
|
||||
DeploymentStatus: []portainer.StackDeploymentStatus{{Status: portainer.StackStatusDeploying}},
|
||||
})
|
||||
|
||||
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
|
||||
}))
|
||||
|
||||
h := NewHandler(store, nil, nil)
|
||||
rr := httptest.NewRecorder()
|
||||
h.ServeHTTP(rr, buildSummaryReq(t, 1, portainer.AdministratorRole))
|
||||
|
||||
s := decodeSummary(t, rr)
|
||||
require.Equal(t, 1, s.Healthy)
|
||||
require.Equal(t, 1, s.Error)
|
||||
require.Equal(t, 1, s.Syncing)
|
||||
require.Zero(t, s.Paused)
|
||||
require.Zero(t, s.Unknown)
|
||||
}
|
||||
Reference in New Issue
Block a user