@jfvilas/plugin-kwirth-backend
Version:
Backstage backend plugin for Kwirth plugins
216 lines (212 loc) • 9.45 kB
JavaScript
;
var KwirthStaticData = require('../model/KwirthStaticData.cjs.js');
var kwirthCommon = require('@jfvilas/kwirth-common');
const loadNamespacePermissions = (channelConfig, logger) => {
let namespacePermissions = [];
if (channelConfig.has("namespacePermissions")) {
logger.info(` Namespace permisson evaluation will be performed.`);
let permNamespaces = channelConfig.getOptionalConfigArray("namespacePermissions");
for (let ns of permNamespaces) {
let namespace = ns.keys()[0];
let identityRefs = ns.getStringArray(namespace);
identityRefs = identityRefs.map((g) => g.toLowerCase());
namespacePermissions.push({ namespace, identityRefs });
}
} else {
logger.info(` No namespace restrictions.`);
namespacePermissions = [];
}
return namespacePermissions;
};
const loadPodRules = (config, category) => {
let rules = [];
for (let rule of config.getConfigArray(category)) {
let podsStringArray = rule.getOptionalStringArray("pods") || [".*"];
let podsRegexArray = [];
for (let expr of podsStringArray) {
podsRegexArray.push(new RegExp(expr));
}
let refsStringArray = rule.getOptionalStringArray("refs") || [".*"];
let refsRegexArray = [];
for (let expr of refsStringArray) {
refsRegexArray.push(new RegExp(expr));
}
let prr = {
pods: podsRegexArray,
refs: refsRegexArray
};
rules.push(prr);
}
return rules;
};
const loadPodPermissions = (channelConfig, logger) => {
let clusterPodPermissions = [];
if (channelConfig.has("podPermissions")) {
logger.info(` Pod permisson evaluation will be performed.`);
let namespaceList = channelConfig.getConfigArray("podPermissions");
for (let ns of namespaceList) {
let namespaceName = ns.keys()[0];
let podPermissions = { namespace: namespaceName };
if (ns.getConfig(namespaceName).has("allow")) {
podPermissions.allow = loadPodRules(ns.getConfig(namespaceName), "allow");
if (ns.getConfig(namespaceName).has("except")) podPermissions.except = loadPodRules(ns.getConfig(namespaceName), "except");
if (ns.getConfig(namespaceName).has("deny")) podPermissions.deny = loadPodRules(ns.getConfig(namespaceName), "deny");
if (ns.getConfig(namespaceName).has("unless")) podPermissions.unless = loadPodRules(ns.getConfig(namespaceName), "unless");
} else {
podPermissions.allow = [];
podPermissions.allow.push({
pods: [new RegExp(".*")],
refs: [new RegExp(".*")]
});
}
clusterPodPermissions.push(podPermissions);
}
} else {
logger.info(` No pod permissions will be applied.`);
}
return clusterPodPermissions;
};
const addChannelPermissions = (channel, logger, cluster, kdata) => {
let keyname = "kwirth" + channel;
let keyCamelName = "kwirth" + channel[0].toUpperCase() + channel.substring(1);
if (cluster.has(keyCamelName)) keyname = keyCamelName;
if (cluster.has(keyname)) {
logger.info(`Load permissions for channel ${channel} (config: ${keyname}).`);
let configChannel = cluster.getConfig(keyname);
if (configChannel.has("namespacePermissions")) {
logger.info(` Loading namespace permissions.`);
kdata.namespacePermissions.set(channel, loadNamespacePermissions(configChannel, logger));
} else {
logger.info(` No namespace permissions.`);
kdata.namespacePermissions.set(channel, []);
}
if (configChannel.has("podPermissions")) {
logger.info(` Loading pod permissions.`);
kdata.podPermissions.set(channel, loadPodPermissions(configChannel, logger));
} else {
logger.info(` No pod permissions.`);
kdata.podPermissions.set(channel, []);
}
} else {
logger.info(`Cluster ${cluster.getString("name")} will have no channel '${channel}' restrictions.`);
kdata.namespacePermissions.set(channel, []);
kdata.podPermissions.set(channel, []);
}
};
const loadClusters = async (logger, config) => {
KwirthStaticData.KwirthStaticData.clusterKwirthData.clear();
let locatingMethods = config.getConfigArray("kubernetes.clusterLocatorMethods");
for (let method of locatingMethods) {
let clusters = method.getConfigArray("clusters");
for (let cluster of clusters) {
let name = cluster.getString("name");
if (cluster.has("kwirthHome") && cluster.has("kwirthApiKey")) {
let kwirthHome = cluster.getOptionalString("kwirthHome");
let kwirthApiKey = cluster.getOptionalString("kwirthApiKey");
let title = cluster.has("title") ? cluster.getString("title") : "No name";
let kwirthClusterData = {
name,
kwirthHome,
kwirthApiKey,
kwirthData: {
version: "",
clusterName: "",
inCluster: false,
namespace: "",
deployment: "",
lastVersion: "",
clusterType: kwirthCommon.EClusterType.KUBERNETES,
metricsInterval: 0,
channels: [],
isElectron: false
},
title,
namespacePermissions: /* @__PURE__ */ new Map(),
podPermissions: /* @__PURE__ */ new Map(),
enabled: false
};
logger.info(`Kwirth for ${name} is located at ${kwirthClusterData.kwirthHome}. Testing connection...`);
let enableCluster = false;
try {
let response = await fetch(kwirthClusterData.kwirthHome + "/config/info");
try {
let data = await response.text();
try {
let kwirthData = JSON.parse(data);
logger.info(`Kwirth info at cluster '${kwirthClusterData.name}': ${JSON.stringify(kwirthData)}`);
kwirthClusterData.kwirthData = kwirthData;
if (kwirthCommon.versionGreatOrEqualThan(kwirthData.version, KwirthStaticData.MIN_KWIRTH_VERSION)) {
enableCluster = true;
} else {
logger.error(`Unsupported Kwirth version on cluster '${name}' (${title}) [${kwirthData.version}]. Min version is ${KwirthStaticData.MIN_KWIRTH_VERSION}`);
}
} catch (err) {
logger.error(`Kwirth at cluster ${kwirthClusterData.name} returned errors: ${err}`);
logger.info("Returned data is:");
logger.info(data);
kwirthClusterData.kwirthData = {
version: "0.0.0",
clusterName: "unknown",
inCluster: false,
namespace: "unknown",
deployment: "unknown",
lastVersion: "0.0.0",
clusterType: kwirthCommon.EClusterType.KUBERNETES,
metricsInterval: 0,
channels: [],
isElectron: false
};
}
} catch (err) {
logger.warn(`Error parsing version response from cluster '${kwirthClusterData.name}': ${err}`);
}
} catch (err) {
logger.info(`Kwirth access error: ${err}.`);
logger.warn(`Kwirth home URL (${kwirthClusterData.kwirthHome}) at cluster '${kwirthClusterData.name}' cannot be accessed right now.`);
}
if (enableCluster) {
[
kwirthCommon.InstanceMessageChannelEnum.LOG,
kwirthCommon.InstanceMessageChannelEnum.ALERT,
"fileman",
kwirthCommon.InstanceMessageChannelEnum.METRICS
].map((channel) => addChannelPermissions(channel, logger, cluster, kwirthClusterData));
KwirthStaticData.KwirthStaticData.clusterKwirthData.set(name, kwirthClusterData);
} else {
logger.warn(`Cluster ${name} will be disabled`);
}
} else {
logger.warn(`Cluster ${name} has no Kwirth information (kwirthHome and kwirthApiKey are missing).`);
}
}
}
logger.info("Kwirth static data has been set including following clusters:");
for (let c of KwirthStaticData.KwirthStaticData.clusterKwirthData.keys()) {
logger.info(" " + c);
}
for (let c of KwirthStaticData.KwirthStaticData.clusterKwirthData.keys()) {
console.log(KwirthStaticData.KwirthStaticData.clusterKwirthData.get(c));
}
};
const loadKwirthInfo = async (logger) => {
try {
let pkb = await (await fetch("https://registry.npmjs.org/@jfvilas/plugin-kwirth-backend")).json();
let pkl = await (await fetch("https://registry.npmjs.org/@jfvilas/plugin-kwirth-log")).json();
let pkm = await (await fetch("https://registry.npmjs.org/@jfvilas/plugin-kwirth-metrics")).json();
let hubResp = await (await fetch("https://hub.docker.com/v2/repositories/jfvilasoutlook/kwirth/tags?page_size=25&page=1&ordering=last_updated&name=")).json();
KwirthStaticData.KwirthStaticData.latestVersions = {
["plugin-kwirth-backend"]: pkb["dist-tags"].latest,
["plugin-kwirth-log"]: pkl["dist-tags"].latest,
["plugin-kwirth-metrics"]: pkm["dist-tags"].latest,
kwirth: hubResp.results[0].name
};
logger.info("Latest Kwirth-related artifacts versions are:");
logger.info(JSON.stringify(KwirthStaticData.KwirthStaticData.latestVersions));
} catch (err) {
console.log(err);
logger.warn("Oops! We couldn't fetch the latest version info. Don't worry \u2014 it's not critical. Kwirth's still here for you.");
}
};
exports.loadClusters = loadClusters;
exports.loadKwirthInfo = loadKwirthInfo;
//# sourceMappingURL=config.cjs.js.map