feat(sources): allow user to edit source [BE-12956] (#2748)

This commit is contained in:
Chaim Lev-Ari
2026-06-03 12:52:41 +03:00
committed by GitHub
parent a54fc041b0
commit bc81eb7a22
43 changed files with 1319 additions and 549 deletions
@@ -24,7 +24,7 @@ type GitAuthenticationPayload struct {
// GitSourceCreatePayload holds the parameters for creating a git-backed source
type GitSourceCreatePayload struct {
Name string `json:"name"`
URL string `json:"url"`
URL string `json:"url" validate:"required"`
TLSSkipVerify bool `json:"tlsSkipVerify"`
Authentication *GitAuthenticationPayload `json:"authentication"`
}
+54
View File
@@ -0,0 +1,54 @@
package sources
import (
"slices"
portainer "github.com/portainer/portainer/api"
"github.com/portainer/portainer/api/dataservices"
ce "github.com/portainer/portainer/api/gitops/workflows"
"github.com/portainer/portainer/api/set"
"github.com/portainer/portainer/api/slicesx"
)
// FetchSourceWorkflows returns the workflows and stats for a single source.
func FetchSourceWorkflows(tx dataservices.DataStoreTx, src *portainer.Source) ([]ce.Workflow, ce.SourceStats, error) {
wfs, err := tx.Workflow().ReadAll(func(wf portainer.Workflow) bool {
return slices.ContainsFunc(wf.Artifacts, func(artifact portainer.ArtifactSources) bool {
return slices.Contains(artifact.SourceIDs, src.ID)
})
})
if err != nil {
return nil, ce.SourceStats{}, err
}
if len(wfs) == 0 {
return nil, ce.SourceStats{}, nil
}
wfIDSet := set.ToSet(slicesx.Map(wfs, func(wf portainer.Workflow) portainer.WorkflowID { return wf.ID }))
stacks, err := tx.Stack().ReadAll(func(s portainer.Stack) bool {
_, ok := wfIDSet[s.WorkflowID]
return ok
})
if err != nil {
return nil, ce.SourceStats{}, err
}
unknown := ce.WorkflowPhaseStatus{Status: ce.StatusUnknown}
items := make([]ce.Workflow, 0, len(stacks))
stats := ce.SourceStats{EndpointIDs: set.Set[portainer.EndpointID]{}}
for _, stacks := range stacks {
items = append(items, ce.MapStackToWorkflow(stacks, src.GitConfig, unknown, unknown))
stats.WorkflowCount++
if stacks.EndpointID != 0 {
stats.EndpointIDs.Add(stacks.EndpointID)
}
if lastSync := ce.StackLastSyncDate(stacks); lastSync > stats.LastSync {
stats.LastSync = lastSync
}
}
return items, stats, nil
}
+54 -51
View File
@@ -2,23 +2,25 @@ package sources
import (
"net/http"
"strconv"
portainer "github.com/portainer/portainer/api"
"github.com/portainer/portainer/api/dataservices"
gittypes "github.com/portainer/portainer/api/git/types"
ce "github.com/portainer/portainer/api/gitops/workflows"
"github.com/portainer/portainer/api/http/security"
"github.com/portainer/portainer/api/gitops/workflows"
httperror "github.com/portainer/portainer/pkg/libhttp/error"
"github.com/portainer/portainer/pkg/libhttp/request"
"github.com/portainer/portainer/pkg/libhttp/response"
)
type gitAuthInfo struct {
Type gittypes.GitCredentialAuthType `json:"type"`
Username string `json:"username"`
}
type connectionInfo struct {
ReferenceName string `json:"referenceName"`
ConfigFilePath string `json:"configFilePath"`
TLSSkipVerify bool `json:"tlsSkipVerify"`
Authentication bool `json:"authentication,omitempty"`
ConfigFilePath string `json:"configFilePath"`
TLSSkipVerify bool `json:"tlsSkipVerify"`
Authentication *gitAuthInfo `json:"authentication,omitempty"`
}
type autoUpdateInfo struct {
@@ -29,9 +31,9 @@ type autoUpdateInfo struct {
// SourceDetail extends Source with connection settings and linked workflows.
type SourceDetail struct {
Source
Connection *connectionInfo `json:"connection,omitempty"`
AutoUpdate *autoUpdateInfo `json:"autoUpdate,omitempty"`
Workflows []ce.Workflow `json:"workflows"`
Connection connectionInfo `json:"connection" validate:"required"`
AutoUpdate *autoUpdateInfo `json:"autoUpdate,omitempty"`
Workflows []workflows.Workflow `json:"workflows"`
}
// @id GitOpsSourceGet
@@ -55,64 +57,65 @@ func (h *Handler) getSource(w http.ResponseWriter, r *http.Request) *httperror.H
return httperror.BadRequest("Invalid source identifier route variable", err)
}
securityContext, err := security.RetrieveRestrictedRequestContext(r)
if err != nil {
return httperror.InternalServerError("Unable to retrieve info from request context", err)
}
sourceID := portainer.SourceID(srcID)
var src *portainer.Source
var workflows []ce.Workflow
var source *portainer.Source
var sourceWfs []workflows.Workflow
var stats workflows.SourceStats
if err := h.dataStore.ViewTx(func(tx dataservices.DataStoreTx) error {
err = h.dataStore.ViewTx(func(tx dataservices.DataStoreTx) error {
var err error
src, err = tx.Source().Read(portainer.SourceID(srcID))
source, err = tx.Source().Read(sourceID)
if err != nil {
return err
}
workflows, err = ce.FetchWorkflows(r.Context(), tx, h.gitService, h.k8sFactory, securityContext, nil)
sourceWfs, stats, err = FetchSourceWorkflows(tx, source)
return err
}); h.dataStore.IsErrObjectNotFound(err) {
return httperror.NotFound("Unable to find a source with the specified identifier", err)
})
if h.dataStore.IsErrObjectNotFound(err) {
return httperror.NotFound("Source not found", err)
} else if err != nil {
return httperror.InternalServerError("Unable to retrieve source", err)
}
byID := workflowsBySourceID(workflows)
var wfs []ce.Workflow
if src.GitConfig != nil {
wfs = byID[sourceID(gitSourceKey(src.GitConfig))]
}
var autoUpdate *portainer.AutoUpdateSettings
if len(wfs) > 0 {
autoUpdate = wfs[0].AutoUpdate
}
id := strconv.Itoa(int(src.ID))
url := ""
if src.GitConfig != nil {
url = src.GitConfig.URL
}
detail := SourceDetail{
Source: buildSource(id, url, wfs),
Connection: buildConnectionInfo(src.GitConfig),
AutoUpdate: buildAutoUpdateInfo(autoUpdate),
Workflows: redactWorkflowCredentials(wfs),
}
detail := BuildSourceDetail(h.buildSource(r.Context(), source, stats), source.GitConfig, sourceWfs)
return response.JSON(w, detail)
}
func buildConnectionInfo(cfg *gittypes.RepoConfig) *connectionInfo {
if cfg == nil {
return nil
func BuildSourceDetail(baseSource Source, cfg *gittypes.RepoConfig, sourceWfs []workflows.Workflow) SourceDetail {
var autoUpdate *autoUpdateInfo
if len(sourceWfs) > 0 {
autoUpdate = buildAutoUpdateInfo(sourceWfs[0].AutoUpdate)
}
return &connectionInfo{
ReferenceName: cfg.ReferenceName,
return SourceDetail{
Source: baseSource,
Connection: buildConnectionInfo(cfg),
AutoUpdate: autoUpdate,
Workflows: redactWorkflowCredentials(sourceWfs),
}
}
func buildConnectionInfo(cfg *gittypes.RepoConfig) connectionInfo {
if cfg == nil {
return connectionInfo{}
}
return connectionInfo{
ConfigFilePath: cfg.ConfigFilePath,
TLSSkipVerify: cfg.TLSSkipVerify,
Authentication: cfg.Authentication != nil,
Authentication: buildGitAuthInfo(cfg.Authentication),
}
}
func buildGitAuthInfo(auth *gittypes.GitAuthentication) *gitAuthInfo {
if auth == nil {
return nil
}
return &gitAuthInfo{
Type: auth.AuthorizationType,
Username: auth.Username,
}
}
+1 -6
View File
@@ -41,7 +41,6 @@ func TestGetSource_ReturnsDetail(t *testing.T) {
}
var srcID portainer.SourceID
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
stack := &portainer.Stack{ID: 1, Name: "my-stack"}
srcID = createGitWorkflow(t, tx, stack, cfg)
@@ -54,11 +53,9 @@ func TestGetSource_ReturnsDetail(t *testing.T) {
h.ServeHTTP(rr, buildGetReq(t, 1, strconv.Itoa(int(srcID))))
detail := decodeSourceDetail(t, rr)
assert.Equal(t, strconv.Itoa(int(srcID)), detail.ID)
assert.Equal(t, srcID, detail.ID)
assert.Equal(t, "repo", detail.Name)
assert.Equal(t, 1, detail.UsedBy)
require.NotNil(t, detail.Connection)
assert.Equal(t, "refs/heads/main", detail.Connection.ReferenceName)
assert.Equal(t, "docker-compose.yml", detail.Connection.ConfigFilePath)
assert.True(t, detail.Connection.TLSSkipVerify)
require.Len(t, detail.Workflows, 1)
@@ -75,7 +72,6 @@ func TestGetSource_RedactsCredentials(t *testing.T) {
}
var srcID portainer.SourceID
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
stack := &portainer.Stack{ID: 1, Name: "secure-stack"}
srcID = createGitWorkflow(t, tx, stack, cfg)
@@ -102,7 +98,6 @@ func TestGetSource_AutoUpdate(t *testing.T) {
cfg := gitCfg("https://github.com/org/polled")
var srcID portainer.SourceID
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
stack := &portainer.Stack{
ID: 1,
@@ -48,5 +48,6 @@ func NewHandler(bouncer security.BouncerService, dataStore dataservices.DataStor
adminRouter.Handle("/{id}", httperror.LoggerHandler(h.getSource)).Methods(http.MethodGet)
adminRouter.Handle("/{id}", httperror.LoggerHandler(h.gitSourceUpdate)).Methods(http.MethodPut)
adminRouter.Handle("/{id}", httperror.LoggerHandler(h.sourceDelete)).Methods(http.MethodDelete)
adminRouter.Handle("/{id}/test", httperror.LoggerHandler(h.sourceTestConnection)).Methods(http.MethodPost)
return h
}
+2 -28
View File
@@ -9,7 +9,6 @@ import (
portainer "github.com/portainer/portainer/api"
"github.com/portainer/portainer/api/dataservices"
gittypes "github.com/portainer/portainer/api/git/types"
ceWorkflows "github.com/portainer/portainer/api/gitops/workflows"
"github.com/portainer/portainer/api/http/security"
"github.com/portainer/portainer/api/http/utils/filters"
@@ -79,7 +78,7 @@ func (h *Handler) list(w http.ResponseWriter, r *http.Request) *httperror.Handle
SortBindings: []filters.SortBinding[Source]{
{Key: "name", Fn: func(a, b Source) int { return strings.Compare(a.Name, b.Name) }},
{Key: "status", Fn: func(a, b Source) int { return strings.Compare(string(a.Status), string(b.Status)) }},
{Key: "type", Fn: func(a, b Source) int { return strings.Compare(a.Type, b.Type) }},
{Key: "type", Fn: func(a, b Source) int { return strings.Compare(string(a.Type), string(b.Type)) }},
},
})
@@ -129,32 +128,7 @@ func (h *Handler) fetchSources(ctx context.Context, sc *security.RestrictedReque
continue
}
var status ceWorkflows.Status
var sourceErr string
if src.GitConfig != nil {
phase, _ := ceWorkflows.ComputeGitPhasesForConfig(ctx, h.gitService, src.GitConfig)
status = phase.Status
sourceErr = phase.Error
} else {
status = ceWorkflows.StatusUnknown
}
url := ""
if src.GitConfig != nil {
url = gittypes.SanitizeURL(src.GitConfig.URL)
}
result = append(result, Source{
ID: strconv.Itoa(int(src.ID)),
Name: src.Name,
Type: sourceTypeString(src.Type),
URL: url,
Status: status,
Error: sourceErr,
UsedBy: s.WorkflowCount,
Environments: len(s.EndpointIDs),
LastSync: s.LastSync,
})
result = append(result, h.buildSource(ctx, &src, s))
}
return result, nil
@@ -0,0 +1,89 @@
package sources
import (
"context"
"errors"
"io"
"net/http"
portainer "github.com/portainer/portainer/api"
"github.com/portainer/portainer/api/dataservices"
gittypes "github.com/portainer/portainer/api/git/types"
httperror "github.com/portainer/portainer/pkg/libhttp/error"
"github.com/portainer/portainer/pkg/libhttp/request"
"github.com/portainer/portainer/pkg/libhttp/response"
)
// @id GitOpsSourcesTestGit
// @summary Test a Git source connection
// @description Tests connectivity for a GitOps source, applying optional overrides to the stored configuration.
// @description **Access policy**: admin
// @tags gitops
// @security ApiKeyAuth
// @security jwt
// @accept json
// @produce json
// @param id path int true "Source identifier"
// @param body body GitSourceUpdatePayload false "Optional connection overrides; omitted fields fall back to stored values"
// @success 200 {object} ConnectionTestResult "Connection test result"
// @failure 400 "Invalid request payload"
// @failure 403 "Access denied"
// @failure 404 "Source not found"
// @failure 500 "Server error"
// @router /gitops/sources/{id}/test [post]
func (h *Handler) sourceTestConnection(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
sourceID, err := request.RetrieveNumericRouteVariableValue(r, "id")
if err != nil {
return httperror.BadRequest("Invalid source identifier route variable", err)
}
var payload GitSourceUpdatePayload
if err := request.DecodeAndValidateJSONPayload(r, &payload); err != nil && !errors.Is(err, io.EOF) {
return httperror.BadRequest("Invalid request payload", err)
}
var src *portainer.Source
if err := h.dataStore.ViewTx(func(tx dataservices.DataStoreTx) error {
src, err = tx.Source().Read(portainer.SourceID(sourceID))
return err
}); h.dataStore.IsErrObjectNotFound(err) {
return httperror.NotFound("Unable to find a source with the specified identifier", err)
} else if err != nil {
return httperror.InternalServerError("Unable to find source", err)
}
if err := ApplyGitSourceChanges(src, payload); errors.Is(err, ErrNotGitSource) {
return httperror.BadRequest("Source is not a Git source", err)
} else if err != nil {
return httperror.InternalServerError("Unable to apply source changes", err)
}
if src.GitConfig == nil {
return httperror.InternalServerError("Source has no git configuration", nil)
}
result := testSourceConnection(r.Context(), h.gitService, src.GitConfig)
return response.JSON(w, result)
}
type ConnectionTestResult struct {
Success bool `json:"success"`
Error string `json:"error,omitempty"`
}
// testSourceConnection verifies that a git repository is reachable with the given config.
func testSourceConnection(ctx context.Context, gitService portainer.GitService, config *gittypes.RepoConfig) ConnectionTestResult {
var username, password string
if config.Authentication != nil {
username = config.Authentication.Username
password = config.Authentication.Password
}
_, err := gitService.ListRefs(ctx, config.URL, username, password, false, config.TLSSkipVerify)
if err != nil {
return ConnectionTestResult{Success: false, Error: err.Error()}
}
return ConnectionTestResult{Success: true}
}
+17 -63
View File
@@ -1,11 +1,7 @@
package sources
import (
"crypto/sha256"
"encoding/hex"
"fmt"
"path"
"strings"
portainer "github.com/portainer/portainer/api"
gittypes "github.com/portainer/portainer/api/git/types"
@@ -14,15 +10,16 @@ import (
// Source represents a unique git repository used as a GitOps source across one or more workflows.
type Source struct {
ID string `json:"id"`
Name string `json:"name"`
Type string `json:"type"`
URL string `json:"url"`
Status workflows.Status `json:"status"`
Error string `json:"error,omitempty"`
UsedBy int `json:"usedBy"`
Environments int `json:"environments"`
LastSync int64 `json:"lastSync"`
ID portainer.SourceID `json:"id" validate:"required"`
Name string `json:"name" validate:"required"`
Type SourceType `json:"type" validate:"required"`
URL string `json:"url" validate:"required"`
Status workflows.Status `json:"status" validate:"required"`
Error string `json:"error,omitempty"`
Provider gittypes.GitProvider `json:"provider,omitempty"`
UsedBy int `json:"usedBy"`
Environments int `json:"environments"`
LastSync int64 `json:"lastSync"`
}
type SourceType string
@@ -33,67 +30,24 @@ const (
SourceTypeOCI SourceType = "oci"
)
func parseSourceType(s string) (string, error) {
func parseSourceType(s string) (SourceType, error) {
switch SourceType(s) {
case SourceTypeGit, SourceTypeHelm, SourceTypeOCI:
return s, nil
return SourceType(s), nil
default:
return "", fmt.Errorf("invalid source type %q: must be git, helm, or oci", s)
}
}
func sourceTypeString(t portainer.SourceType) string {
func sourceTypeString(t portainer.SourceType) SourceType {
switch t {
case portainer.SourceTypeGit:
return string(SourceTypeGit)
return SourceTypeGit
case portainer.SourceTypeHelm:
return string(SourceTypeHelm)
return SourceTypeHelm
case portainer.SourceTypeRegistry:
return string(SourceTypeOCI)
return SourceTypeOCI
default:
return string(SourceTypeGit)
return SourceTypeGit
}
}
type sourceGroupKey struct {
URL string
Username string
Password string
}
func gitSourceKey(cfg *gittypes.RepoConfig) sourceGroupKey {
key := sourceGroupKey{URL: cfg.URL}
if cfg.Authentication != nil {
key.Username = cfg.Authentication.Username
key.Password = cfg.Authentication.Password
}
return key
}
func sourceID(key sourceGroupKey) string {
h := sha256.Sum256([]byte(key.URL + "\x00" + key.Username + "\x00" + key.Password))
return hex.EncodeToString(h[:8])
}
func repoName(rawURL string) string {
return strings.TrimSuffix(path.Base(rawURL), ".git")
}
func worstCaseStatus(statuses []workflows.Status) workflows.Status {
priority := map[workflows.Status]int{
workflows.StatusError: 4,
workflows.StatusSyncing: 3,
workflows.StatusPaused: 2,
workflows.StatusHealthy: 1,
workflows.StatusUnknown: 0,
}
worst := workflows.StatusUnknown
for _, s := range statuses {
if priority[s] > priority[worst] {
worst = s
}
}
return worst
}
+100 -41
View File
@@ -3,10 +3,12 @@ package sources
import (
"errors"
"net/http"
"strings"
portainer "github.com/portainer/portainer/api"
"github.com/portainer/portainer/api/dataservices"
gittypes "github.com/portainer/portainer/api/git/types"
"github.com/portainer/portainer/api/gitops/workflows"
httperror "github.com/portainer/portainer/pkg/libhttp/error"
"github.com/portainer/portainer/pkg/libhttp/request"
"github.com/portainer/portainer/pkg/libhttp/response"
@@ -17,6 +19,27 @@ var (
ErrDuplicateSourceURL = errors.New("a source with this URL already exists")
)
// GitSourceUpdatePayload holds the parameters for creating a git-backed source
type GitSourceUpdatePayload struct {
Name *string `json:"name"`
URL *string `json:"url"`
ReferenceName *string `json:"referenceName"`
TLSSkipVerify *bool `json:"tlsSkipVerify"`
Authentication *GitAuthenticationUpdatePayload `json:"authentication"`
}
type GitAuthenticationUpdatePayload struct {
Username *string `json:"username"`
Password *string `json:"password"`
Provider *gittypes.GitProvider `json:"provider" swaggertype:"integer" enums:"0,1,2,3,4,5,6"`
AuthorizationType *gittypes.GitCredentialAuthType `json:"authorizationType" swaggertype:"integer" enums:"0,1"`
}
// Validate implements the portainer.Validatable interface
func (payload *GitSourceUpdatePayload) Validate(_ *http.Request) error {
return nil
}
// @id GitOpsSourcesUpdateGit
// @summary Update a Git source
// @description Updates an existing GitOps source backed by a Git repository.
@@ -27,7 +50,7 @@ var (
// @accept json
// @produce json
// @param id path int true "Source identifier"
// @param body body GitSourceCreatePayload true "Git source details"
// @param body body GitSourceUpdatePayload true "Git source details"
// @success 200 {object} portainer.Source
// @failure 400 "Invalid request payload"
// @failure 403 "Access denied"
@@ -36,65 +59,38 @@ var (
// @failure 500 "Server error"
// @router /gitops/sources/{id} [put]
func (h *Handler) gitSourceUpdate(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
sourceID, err := request.RetrieveNumericRouteVariableValue(r, "id")
id, err := request.RetrieveNumericRouteVariableValue(r, "id")
if err != nil {
return httperror.BadRequest("Invalid source identifier route variable", err)
}
var payload GitSourceCreatePayload
var payload GitSourceUpdatePayload
if err := request.DecodeAndValidateJSONPayload(r, &payload); err != nil {
return httperror.BadRequest("Invalid request payload", err)
}
sourceID := portainer.SourceID(id)
var src *portainer.Source
if err := h.dataStore.UpdateTx(func(tx dataservices.DataStoreTx) error {
var err error
if src, err = tx.Source().Read(portainer.SourceID(sourceID)); err != nil {
return err
}
if src.Type != portainer.SourceTypeGit {
return ErrNotGitSource
}
normalizedURL, err := gittypes.NormalizeURL(payload.URL)
if err != nil {
return err
}
existing, err := tx.Source().ReadAll(func(s portainer.Source) bool {
if s.ID == src.ID || s.Type != portainer.SourceTypeGit || s.GitConfig == nil {
return false
if payload.URL != nil {
if isUnique, err := workflows.ValidateUniqueSourceURL(tx, *payload.URL, sourceID); err != nil {
return err
} else if !isUnique {
return ErrDuplicateSourceURL
}
}
normalized, err := gittypes.NormalizeURL(s.GitConfig.URL)
return err == nil && normalized == normalizedURL
})
if err != nil {
if src, err = tx.Source().Read(sourceID); err != nil {
return err
}
if len(existing) > 0 {
return ErrDuplicateSourceURL
}
var existingAuth *gittypes.GitAuthentication
if src.GitConfig != nil {
existingAuth = src.GitConfig.Authentication
}
updated := BuildGitSource(payload)
src.Name = updated.Name
src.GitConfig = updated.GitConfig
if payload.Authentication == nil {
src.GitConfig.Authentication = existingAuth
} else if *payload.Authentication == (GitAuthenticationPayload{}) {
src.GitConfig.Authentication = nil
if err := ApplyGitSourceChanges(src, payload); err != nil {
return err
}
return tx.Source().Update(src.ID, src)
@@ -112,3 +108,66 @@ func (h *Handler) gitSourceUpdate(w http.ResponseWriter, r *http.Request) *httpe
return response.JSON(w, src)
}
// ApplyGitSourceChanges applies the payload changes to the source in place
func ApplyGitSourceChanges(src *portainer.Source, payload GitSourceUpdatePayload) error {
if src.Type != portainer.SourceTypeGit {
return ErrNotGitSource
}
if payload.Name != nil && strings.TrimSpace(*payload.Name) != "" {
src.Name = *payload.Name
}
gitConfig := src.GitConfig
if gitConfig == nil {
gitConfig = &gittypes.RepoConfig{}
}
if payload.URL != nil {
gitConfig.URL = *payload.URL
}
if payload.ReferenceName != nil {
gitConfig.ReferenceName = *payload.ReferenceName
}
if payload.TLSSkipVerify != nil {
gitConfig.TLSSkipVerify = *payload.TLSSkipVerify
}
var auth *gittypes.GitAuthentication
if payload.Authentication == nil {
auth = gitConfig.Authentication
} else if *payload.Authentication != (GitAuthenticationUpdatePayload{}) {
existing := gitConfig.Authentication
if existing != nil {
copied := *existing
auth = &copied
} else {
auth = &gittypes.GitAuthentication{}
}
authPayload := *payload.Authentication
if authPayload.AuthorizationType != nil {
auth.AuthorizationType = *authPayload.AuthorizationType
}
if authPayload.Username != nil {
auth.Username = *authPayload.Username
}
if authPayload.Password != nil {
auth.Password = *authPayload.Password
}
if authPayload.Provider != nil {
auth.Provider = *authPayload.Provider
}
}
gitConfig.Authentication = auth
src.GitConfig = gitConfig
return nil
}
@@ -30,9 +30,9 @@ func TestGitSourceUpdate_Success(t *testing.T) {
h := newTestHandler(t, store)
body, err := json.Marshal(GitSourceCreatePayload{
URL: "https://github.com/org/new.git",
Name: "new-name",
body, err := json.Marshal(GitSourceUpdatePayload{
URL: new("https://github.com/org/new.git"),
Name: new("new-name"),
})
require.NoError(t, err)
@@ -49,38 +49,6 @@ func TestGitSourceUpdate_Success(t *testing.T) {
require.Equal(t, "https://github.com/org/new.git", src.GitConfig.URL)
}
func TestGitSourceUpdate_DerivesNameFromURL(t *testing.T) {
t.Parallel()
_, store := datastore.MustNewTestStore(t, false, true)
var srcID portainer.SourceID
require.NoError(t, store.UpdateTx(func(tx dataservices.DataStoreTx) error {
src := &portainer.Source{Name: "old-name", Type: portainer.SourceTypeGit}
err := tx.Source().Create(src)
require.NoError(t, err)
srcID = src.ID
return tx.User().Create(&portainer.User{ID: 1, Role: portainer.AdministratorRole})
}))
h := newTestHandler(t, store)
body, err := json.Marshal(GitSourceCreatePayload{
URL: "https://github.com/org/my-project.git",
})
require.NoError(t, err)
rr := httptest.NewRecorder()
h.ServeHTTP(rr, buildUpdateReq(t, 1, int(srcID), body))
require.Equal(t, http.StatusOK, rr.Code)
var src portainer.Source
err = json.NewDecoder(rr.Body).Decode(&src)
require.NoError(t, err)
require.Equal(t, "my-project", src.Name)
}
func TestGitSourceUpdate_PreservesAuthWhenNotProvided(t *testing.T) {
t.Parallel()
_, store := datastore.MustNewTestStore(t, false, true)
@@ -107,9 +75,9 @@ func TestGitSourceUpdate_PreservesAuthWhenNotProvided(t *testing.T) {
h := newTestHandler(t, store)
body, err := json.Marshal(GitSourceCreatePayload{
URL: "https://github.com/org/repo.git",
Name: "renamed",
body, err := json.Marshal(GitSourceUpdatePayload{
URL: new("https://github.com/org/repo.git"),
Name: new("renamed"),
})
require.NoError(t, err)
@@ -156,9 +124,9 @@ func TestGitSourceUpdate_ClearsAuthWhenRequested(t *testing.T) {
h := newTestHandler(t, store)
body, err := json.Marshal(GitSourceCreatePayload{
URL: "https://github.com/org/repo.git",
Authentication: &GitAuthenticationPayload{},
body, err := json.Marshal(GitSourceUpdatePayload{
URL: new("https://github.com/org/repo.git"),
Authentication: &GitAuthenticationUpdatePayload{},
})
require.NoError(t, err)
@@ -203,11 +171,11 @@ func TestGitSourceUpdate_ReplacesAuthWhenProvided(t *testing.T) {
h := newTestHandler(t, store)
body, err := json.Marshal(GitSourceCreatePayload{
URL: "https://github.com/org/repo.git",
Authentication: &GitAuthenticationPayload{
Username: "bob",
Password: "new-secret",
body, err := json.Marshal(GitSourceUpdatePayload{
URL: new("https://github.com/org/repo.git"),
Authentication: &GitAuthenticationUpdatePayload{
Username: new("bob"),
Password: new("new-secret"),
},
})
require.NoError(t, err)
@@ -239,7 +207,7 @@ func TestGitSourceUpdate_NotFound(t *testing.T) {
h := newTestHandler(t, store)
body, err := json.Marshal(GitSourceCreatePayload{URL: "https://github.com/org/repo.git"})
body, err := json.Marshal(GitSourceUpdatePayload{URL: new("https://github.com/org/repo.git")})
require.NoError(t, err)
rr := httptest.NewRecorder()
@@ -274,8 +242,8 @@ func TestGitSourceUpdate_ConflictOnDuplicateURL(t *testing.T) {
h := newTestHandler(t, store)
body, err := json.Marshal(GitSourceCreatePayload{
URL: "https://github.com/org/existing.git",
body, err := json.Marshal(GitSourceUpdatePayload{
URL: new("https://github.com/org/existing.git"),
})
require.NoError(t, err)
@@ -301,7 +269,7 @@ func TestGitSourceUpdate_NotGitSource(t *testing.T) {
h := newTestHandler(t, store)
body, err := json.Marshal(GitSourceCreatePayload{URL: "https://github.com/org/repo.git"})
body, err := json.Marshal(GitSourceUpdatePayload{URL: new("https://github.com/org/repo.git")})
require.NoError(t, err)
rr := httptest.NewRecorder()
@@ -342,7 +310,7 @@ func TestGitSourceUpdate_NonNumericID(t *testing.T) {
h := newTestHandler(t, store)
body, err := json.Marshal(GitSourceCreatePayload{URL: "https://github.com/org/repo.git"})
body, err := json.Marshal(GitSourceUpdatePayload{URL: new("https://github.com/org/repo.git")})
require.NoError(t, err)
req := buildUpdateReqWithRawID(t, 1, "not-a-number", body)
+28 -35
View File
@@ -1,51 +1,44 @@
package sources
import (
"context"
portainer "github.com/portainer/portainer/api"
gittypes "github.com/portainer/portainer/api/git/types"
ce "github.com/portainer/portainer/api/gitops/workflows"
"github.com/portainer/portainer/api/set"
)
func workflowsBySourceID(workflows []ce.Workflow) map[string][]ce.Workflow {
byID := make(map[string][]ce.Workflow)
for _, wf := range workflows {
if wf.GitConfig != nil {
id := sourceID(gitSourceKey(wf.GitConfig))
byID[id] = append(byID[id], wf)
}
func (h *Handler) buildSource(ctx context.Context, src *portainer.Source, stats ce.SourceStats) Source {
var status ce.Status
var sourceErr string
if src.GitConfig != nil {
phase, _ := ce.ComputeGitPhasesForConfig(ctx, h.gitService, src.GitConfig)
status = phase.Status
sourceErr = phase.Error
} else {
status = ce.StatusUnknown
}
return byID
}
func buildSource(id, url string, wfs []ce.Workflow) Source {
statuses := make([]ce.Status, 0, len(wfs))
var sourceError string
var lastSync int64
endpointIDs := make(set.Set[portainer.EndpointID])
for _, wf := range wfs {
statuses = append(statuses, wf.Status.Source.Status)
if sourceError == "" && wf.Status.Source.Status == ce.StatusError {
sourceError = wf.Status.Source.Error
}
lastSync = max(lastSync, wf.LastSyncDate)
if wf.Target.EndpointID != 0 {
endpointIDs.Add(wf.Target.EndpointID)
}
for _, id := range wf.Target.ResolvedEndpointIDs {
endpointIDs.Add(id)
url := ""
var provider gittypes.GitProvider
if src.GitConfig != nil {
url = gittypes.SanitizeURL(src.GitConfig.URL)
if src.GitConfig.Authentication != nil {
provider = src.GitConfig.Authentication.Provider
}
}
return Source{
ID: id,
Name: repoName(url),
Type: "git",
URL: gittypes.SanitizeURL(url),
Status: worstCaseStatus(statuses),
Error: sourceError,
UsedBy: len(wfs),
Environments: len(endpointIDs),
LastSync: lastSync,
ID: src.ID,
Name: src.Name,
Type: sourceTypeString(src.Type),
URL: url,
Status: status,
Error: sourceErr,
Provider: provider,
UsedBy: stats.WorkflowCount,
Environments: len(stats.EndpointIDs),
LastSync: stats.LastSync,
}
}
+4 -90
View File
@@ -11,90 +11,6 @@ import (
"github.com/stretchr/testify/require"
)
func TestWorkflowsBySourceID(t *testing.T) {
t.Parallel()
t.Run("groups workflows with same URL and credentials", func(t *testing.T) {
t.Parallel()
cfg := gitCfg("https://github.com/org/repo")
wfs := []ce.Workflow{{GitConfig: cfg}, {GitConfig: cfg}}
byID := workflowsBySourceID(wfs)
assert.Len(t, byID, 1)
for _, group := range byID {
assert.Len(t, group, 2)
}
})
t.Run("separates workflows with same URL but different credentials", func(t *testing.T) {
t.Parallel()
wfs := []ce.Workflow{
{GitConfig: &gittypes.RepoConfig{URL: "https://github.com/org/repo",
Authentication: &gittypes.GitAuthentication{Username: "alice", Password: "pass1"}}},
{GitConfig: &gittypes.RepoConfig{URL: "https://github.com/org/repo",
Authentication: &gittypes.GitAuthentication{Username: "bob", Password: "pass2"}}},
}
byID := workflowsBySourceID(wfs)
assert.Len(t, byID, 2)
})
t.Run("skips workflows with nil GitConfig", func(t *testing.T) {
t.Parallel()
wfs := []ce.Workflow{{}, {GitConfig: gitCfg("https://github.com/org/repo")}}
byID := workflowsBySourceID(wfs)
assert.Len(t, byID, 1)
})
}
func TestBuildSource(t *testing.T) {
t.Parallel()
t.Run("status is the worst across all workflows", func(t *testing.T) {
t.Parallel()
wfs := []ce.Workflow{
{Status: ce.WorkflowStatusObject{Source: ce.WorkflowPhaseStatus{Status: ce.StatusHealthy}}},
{Status: ce.WorkflowStatusObject{Source: ce.WorkflowPhaseStatus{Status: ce.StatusError, Error: "boom"}}},
}
s := buildSource("id", "https://github.com/org/repo.git", wfs)
assert.Equal(t, ce.StatusError, s.Status)
assert.Equal(t, "boom", s.Error)
})
t.Run("usedBy equals the number of workflows", func(t *testing.T) {
t.Parallel()
wfs := make([]ce.Workflow, 3)
s := buildSource("id", "https://github.com/org/repo", wfs)
assert.Equal(t, 3, s.UsedBy)
})
t.Run("environments deduplicates endpoint IDs", func(t *testing.T) {
t.Parallel()
wfs := []ce.Workflow{
{Target: ce.Target{EndpointID: portainer.EndpointID(1)}},
{Target: ce.Target{EndpointID: portainer.EndpointID(1)}}, // duplicate
{Target: ce.Target{EndpointID: portainer.EndpointID(2)}},
}
s := buildSource("id", "https://github.com/org/repo", wfs)
assert.Equal(t, 2, s.Environments)
})
t.Run("name is extracted from URL", func(t *testing.T) {
t.Parallel()
s := buildSource("id", "https://github.com/org/my-app.git", []ce.Workflow{{}})
assert.Equal(t, "my-app", s.Name)
})
t.Run("lastSync is the maximum across all workflows", func(t *testing.T) {
t.Parallel()
wfs := []ce.Workflow{
{LastSyncDate: 100},
{LastSyncDate: 300},
{LastSyncDate: 200},
}
s := buildSource("id", "https://github.com/org/repo", wfs)
assert.Equal(t, int64(300), s.LastSync)
})
}
func TestRedactWorkflowCredentials(t *testing.T) {
t.Parallel()
@@ -150,21 +66,19 @@ func TestBuildAutoUpdateInfo(t *testing.T) {
func TestBuildConnectionInfo(t *testing.T) {
t.Parallel()
assert.Nil(t, buildConnectionInfo(nil))
assert.Equal(t, connectionInfo{}, buildConnectionInfo(nil))
cfg := &gittypes.RepoConfig{
ReferenceName: "refs/heads/main",
ConfigFilePath: "docker-compose.yml",
TLSSkipVerify: true,
Authentication: &gittypes.GitAuthentication{Username: "user"},
}
got := buildConnectionInfo(cfg)
require.NotNil(t, got)
assert.Equal(t, "refs/heads/main", got.ReferenceName)
assert.Equal(t, "docker-compose.yml", got.ConfigFilePath)
assert.True(t, got.TLSSkipVerify)
assert.True(t, got.Authentication)
require.NotNil(t, got.Authentication)
assert.Equal(t, "user", got.Authentication.Username)
got = buildConnectionInfo(&gittypes.RepoConfig{})
assert.False(t, got.Authentication)
assert.Nil(t, got.Authentication)
}