From 16e9faf649e7093dad0abebbf799dd3fb2f498c8 Mon Sep 17 00:00:00 2001 From: "taekyu.kang" Date: Tue, 21 May 2024 12:00:35 +0900 Subject: [PATCH 01/14] trivial. update validation rule for user & organization --- go.mod | 4 ++-- internal/database/database.go | 2 +- pkg/domain/organization.go | 2 +- pkg/domain/user.go | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/go.mod b/go.mod index 14113d1d..1f2561f2 100644 --- a/go.mod +++ b/go.mod @@ -5,6 +5,7 @@ go 1.21 require ( github.com/Masterminds/semver/v3 v3.2.0 github.com/Nerzal/gocloak/v13 v13.9.0 + github.com/PuerkitoBio/goquery v1.9.1 github.com/aws/aws-sdk-go-v2 v1.25.0 github.com/aws/aws-sdk-go-v2/config v1.27.0 github.com/aws/aws-sdk-go-v2/credentials v1.17.0 @@ -27,7 +28,6 @@ require ( github.com/gorilla/websocket v1.5.1 github.com/iancoleman/strcase v0.3.0 github.com/open-policy-agent/opa v0.62.1 - github.com/opentracing/opentracing-go v1.2.0 github.com/patrickmn/go-cache v2.1.0+incompatible github.com/pkg/errors v0.9.1 github.com/sirupsen/logrus v1.9.3 @@ -59,7 +59,6 @@ require ( github.com/Code-Hex/uniseg v0.2.0 // indirect github.com/KyleBanks/depth v1.2.1 // indirect github.com/OneOfOne/xxhash v1.2.8 // indirect - github.com/PuerkitoBio/goquery v1.9.1 // indirect github.com/andybalholm/cascadia v1.3.2 // indirect github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.15.0 // indirect github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.0 // indirect @@ -110,6 +109,7 @@ require ( github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect + github.com/opentracing/opentracing-go v1.2.0 // indirect github.com/pelletier/go-toml/v2 v2.1.0 // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect github.com/prometheus/client_golang v1.19.0 // indirect diff --git a/internal/database/database.go b/internal/database/database.go index 9fcb1a37..13aac578 100644 --- a/internal/database/database.go +++ b/internal/database/database.go @@ -77,8 +77,8 @@ func migrateSchema(db *gorm.DB) error { &model.SystemNotificationAction{}, &model.SystemNotificationMetricParameter{}, &model.SystemNotificationTemplate{}, - &model.SystemNotificationCondition{}, &model.SystemNotificationRule{}, + &model.SystemNotificationCondition{}, &model.Permission{}, &model.Endpoint{}, &model.Project{}, diff --git a/pkg/domain/organization.go b/pkg/domain/organization.go index 46479c4f..c9babe2a 100644 --- a/pkg/domain/organization.go +++ b/pkg/domain/organization.go @@ -73,7 +73,7 @@ type SimpleOrganizationResponse = struct { type CreateOrganizationRequest struct { Name string `json:"name" validate:"required,name"` Description string `json:"description" validate:"omitempty,min=0,max=100"` - AdminAccountId string `json:"adminAccountId" validate:"required"` + AdminAccountId string `json:"adminAccountId" validate:"required,min=0,max=20,alphanum"` AdminName string `json:"adminName" validate:"name"` AdminEmail string `json:"adminEmail" validate:"required,email"` } diff --git a/pkg/domain/user.go b/pkg/domain/user.go index e602d74d..ab5f2112 100644 --- a/pkg/domain/user.go +++ b/pkg/domain/user.go @@ -28,7 +28,7 @@ type UserResponse struct { } type CreateUserRequest struct { - AccountId string `json:"accountId" validate:"required"` + AccountId string `json:"accountId" validate:"required,min=0,max=20,alphanum"` Password string `json:"password" validate:"required"` Name string `json:"name" validate:"name"` Email string `json:"email" validate:"required,email"` From 7b8a304a0b3b5ab7aebadecb767a74f3861b0fbb Mon Sep 17 00:00:00 2001 From: "taekyu.kang" Date: Tue, 21 May 2024 14:26:30 +0900 Subject: [PATCH 02/14] trivial. add validation rule when organization creating --- internal/usecase/organization.go | 9 +++++++++ pkg/httpErrors/errorCode.go | 1 + 2 files changed, 10 insertions(+) diff --git a/internal/usecase/organization.go b/internal/usecase/organization.go index 7e5c3d07..ff37e9de 100644 --- a/internal/usecase/organization.go +++ b/internal/usecase/organization.go @@ -64,6 +64,15 @@ func (u *OrganizationUsecase) Create(ctx context.Context, in *model.Organization userId := user.GetUserId() in.CreatorId = &userId + pg := pagination.NewPaginationWithFilter("name", "", "$eq", []string{in.Name}) + organizations, err := u.repo.Fetch(ctx, pg) + if err != nil { + return "", err + } + if organizations != nil && len(*organizations) > 0 { + return "", httpErrors.NewBadRequestError(fmt.Errorf("duplicate organization name"), "O_CREATE_ALREADY_EXISTED_NAME", "") + } + // Create realm in keycloak if organizationId, err = u.kc.CreateRealm(ctx, helper.GenerateOrganizationId()); err != nil { return "", err diff --git a/pkg/httpErrors/errorCode.go b/pkg/httpErrors/errorCode.go index 2d8319ed..a99ff7b1 100644 --- a/pkg/httpErrors/errorCode.go +++ b/pkg/httpErrors/errorCode.go @@ -39,6 +39,7 @@ var errorMap = map[ErrorCode]string{ // Organization "O_INVALID_ORGANIZATION_NAME": "조직에 이미 존재하는 이름입니다.", "O_NOT_EXISTED_NAME": "조직이 존재하지 않습니다.", + "O_CREATE_ALREADY_EXISTED_NAME": "이미 존재하는 이름입니다.", "O_FAILED_UPDATE_STACK_TEMPLATES": "조직에 스택템플릿을 설정하는데 실패했습니다", "O_FAILED_UPDATE_POLICY_TEMPLATES": "조직에 정책템플릿을 설정하는데 실패했습니다", "O_FAILED_UPDATE_SYSTEM_NOTIFICATION_TEMPLATES": "조직에 알림템플릿을 설정하는데 실패했습니다", From 505e7e9b79f8d0d14fd0d298a6775e473503c766 Mon Sep 17 00:00:00 2001 From: "taekyu.kang" Date: Tue, 21 May 2024 18:12:37 +0900 Subject: [PATCH 03/14] trivial. fix user filter for organizations --- internal/repository/organization.go | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/internal/repository/organization.go b/internal/repository/organization.go index 0b53d9bf..9b2340ed 100644 --- a/internal/repository/organization.go +++ b/internal/repository/organization.go @@ -2,6 +2,7 @@ package repository import ( "context" + "fmt" "github.com/google/uuid" "github.com/openinfradev/tks-api/internal/model" @@ -88,13 +89,25 @@ func (r *OrganizationRepository) Fetch(ctx context.Context, pg *pagination.Pagin db := r.db.WithContext(ctx).Preload(clause.Associations).Model(&model.Organization{}) // [TODO] more pretty! + adminQuery := "" for _, filter := range pg.Filters { if filter.Relation == "Admin" { - db = db.Joins("join users on users.id::text = organizations.admin_id::text"). - Where("users.name ilike ?", "%"+filter.Values[0]+"%") - break + if adminQuery != "" { + adminQuery = adminQuery + " OR " + } + + switch filter.Column { + case "name": + adminQuery = adminQuery + fmt.Sprintf("users.name ilike '%%%s%%'", filter.Values[0]) + case "account_id": + adminQuery = adminQuery + fmt.Sprintf("users.account_id ilike '%%%s%%'", filter.Values[0]) + case "email": + adminQuery = adminQuery + fmt.Sprintf("users.email ilike '%%%s%%'", filter.Values[0]) + } } } + db = db.Joins("join users on users.id::text = organizations.admin_id::text"). + Where(adminQuery) _, res := pg.Fetch(db, &out) if res.Error != nil { From a3be5c5244b7441a0edf815cbfc753bc71bebdf7 Mon Sep 17 00:00:00 2001 From: donggyu Date: Wed, 22 May 2024 11:09:14 +0900 Subject: [PATCH 04/14] =?UTF-8?q?bugfix.=20TKS=EA=B4=80=EB=A6=AC=EC=9E=90?= =?UTF-8?q?=20=EC=83=9D=EC=84=B1=EC=8B=9C=20=EB=B0=9C=EC=83=9D=ED=95=98?= =?UTF-8?q?=EB=8A=94=20502=20=EC=97=90=EB=9F=AC=20=EC=88=98=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- internal/delivery/http/user.go | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/internal/delivery/http/user.go b/internal/delivery/http/user.go index ea31c7ed..d83c8d5f 100644 --- a/internal/delivery/http/user.go +++ b/internal/delivery/http/user.go @@ -967,10 +967,14 @@ func (u UserHandler) Admin_Create(w http.ResponseWriter, r *http.Request) { for _, stack := range stacks { stackIds = append(stackIds, stack.ID.String()) } - err = u.syncKeycloakWithClusterAdminPermission(r.Context(), organizationId, stackIds, []model.User{*resUser}) - if err != nil { - ErrorJSON(w, r, err) - return + + // 현재 Master Org의 경우 ClusterAdmin 권한과 관련이 없으므로 Skip + if organizationId != "master" { + err = u.syncKeycloakWithClusterAdminPermission(r.Context(), organizationId, stackIds, []model.User{*resUser}) + if err != nil { + ErrorJSON(w, r, err) + return + } } var out domain.Admin_CreateUserResponse From a4ba3b9091a951d093a85e5a309eb31898d09677 Mon Sep 17 00:00:00 2001 From: donggyu Date: Wed, 22 May 2024 11:38:10 +0900 Subject: [PATCH 05/14] =?UTF-8?q?bugfix.=20TKS=EA=B4=80=EB=A6=AC=EC=9E=90?= =?UTF-8?q?=20=EC=83=9D=EC=84=B1=EC=8B=9C=20=EB=B9=84=EB=B0=80=EB=B2=88?= =?UTF-8?q?=ED=98=B8=20=EC=9E=84=EC=8B=9C=ED=99=94?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- internal/delivery/http/organization.go | 7 +++++++ internal/model/user.go | 2 +- internal/usecase/user.go | 20 ++++++++++++++++++++ 3 files changed, 28 insertions(+), 1 deletion(-) diff --git a/internal/delivery/http/organization.go b/internal/delivery/http/organization.go index 292d73ba..8674136e 100644 --- a/internal/delivery/http/organization.go +++ b/internal/delivery/http/organization.go @@ -140,6 +140,13 @@ func (h *OrganizationHandler) Admin_CreateOrganization(w http.ResponseWriter, r return } + err = h.userUsecase.ExpirePassword(r.Context(), admin.ID) + if err != nil { + log.Errorf(r.Context(), "error is :%s(%T)", err.Error(), err) + ErrorJSON(w, r, err) + return + } + err = h.usecase.ChangeAdminId(r.Context(), organizationId, admin.ID) if err != nil { log.Errorf(r.Context(), "error is :%s(%T)", err.Error(), err) diff --git a/internal/model/user.go b/internal/model/user.go index dfaa0db7..cd4c5b95 100644 --- a/internal/model/user.go +++ b/internal/model/user.go @@ -23,7 +23,7 @@ type User struct { CreatedAt time.Time `json:"createdAt"` UpdatedAt time.Time `json:"updatedAt"` PasswordUpdatedAt time.Time `json:"passwordUpdatedAt"` - PasswordExpired bool `json:"passwordExpired"` + PasswordExpired bool `gorm:"-:all" json:"passwordExpired"` Email string `json:"email"` Department string `json:"department"` diff --git a/internal/usecase/user.go b/internal/usecase/user.go index 35be8fb9..f8e67c54 100644 --- a/internal/usecase/user.go +++ b/internal/usecase/user.go @@ -34,6 +34,7 @@ type IUserUsecase interface { GetByAccountId(ctx context.Context, accountId string, organizationId string) (*model.User, error) GetByEmail(ctx context.Context, email string, organizationId string) (*model.User, error) SendEmailForTemporaryPassword(ctx context.Context, accountId string, organizationId string, password string) error + ExpirePassword(ctx context.Context, userId uuid.UUID) error UpdateByAccountId(ctx context.Context, user *model.User) (*model.User, error) UpdatePasswordByAccountId(ctx context.Context, accountId string, originPassword string, newPassword string, organizationId string) error @@ -528,6 +529,25 @@ func (u *UserUsecase) ListUsersByRole(ctx context.Context, organizationId string } +func (u *UserUsecase) ExpirePassword(ctx context.Context, userId uuid.UUID) error { + user, err := u.userRepository.GetByUuid(ctx, userId) + if err != nil { + if _, status := httpErrors.ErrorResponse(err); status == http.StatusNotFound { + return httpErrors.NewBadRequestError(fmt.Errorf("user not found"), "U_NO_USER", "") + } + return httpErrors.NewInternalServerError(err, "", "") + } + + err = u.userRepository.UpdatePasswordAt(ctx, userId, user.Organization.ID, true) + if err != nil { + log.Errorf(ctx, "failed to update password expired time: %v", err) + return httpErrors.NewInternalServerError(err, "", "") + } + + return nil + +} + func NewUserUsecase(r repository.Repository, kc keycloak.IKeycloak) IUserUsecase { return &UserUsecase{ authRepository: r.Auth, From 961f9fc4be3d491ece9fdc9848d641f6b4dfc174 Mon Sep 17 00:00:00 2001 From: "taekyu.kang" Date: Wed, 22 May 2024 16:10:32 +0900 Subject: [PATCH 06/14] trivial. change alarm name to warning from audit --- api/swagger/docs.go | 99 ++++++++++++++++++- api/swagger/swagger.json | 99 ++++++++++++++++++- api/swagger/swagger.yaml | 67 +++++++++++++ internal/delivery/http/policy-notification.go | 2 +- internal/usecase/system-notification-rule.go | 4 +- internal/usecase/system-notification.go | 4 +- pkg/domain/system-notification-template.go | 2 +- scripts/init_postgres.sql | 2 +- 8 files changed, 268 insertions(+), 11 deletions(-) diff --git a/api/swagger/docs.go b/api/swagger/docs.go index a3ba31bf..0fdb70a5 100644 --- a/api/swagger/docs.go +++ b/api/swagger/docs.go @@ -11668,7 +11668,9 @@ const docTemplate = `{ ], "properties": { "adminAccountId": { - "type": "string" + "type": "string", + "maxLength": 20, + "minLength": 0 }, "adminEmail": { "type": "string" @@ -11769,6 +11771,10 @@ const docTemplate = `{ "templateName" ], "properties": { + "SyncJson": { + "type": "string", + "example": "[[]]" + }, "deprecated": { "type": "boolean", "example": false @@ -11815,6 +11821,15 @@ const docTemplate = `{ ], "example": "medium" }, + "syncKinds": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "Ingress" + ] + }, "templateName": { "type": "string", "example": "필수 Label 검사" @@ -11830,6 +11845,10 @@ const docTemplate = `{ "versionUpType" ], "properties": { + "SyncJson": { + "type": "string", + "example": "[[]]" + }, "currentVersion": { "type": "string", "example": "v1.0.0" @@ -11857,6 +11876,15 @@ const docTemplate = `{ "type": "string", "example": "rego 코드" }, + "syncKinds": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "Ingress" + ] + }, "versionUpType": { "type": "string", "enum": [ @@ -12193,7 +12221,9 @@ const docTemplate = `{ ], "properties": { "accountId": { - "type": "string" + "type": "string", + "maxLength": 20, + "minLength": 0 }, "department": { "type": "string", @@ -14200,6 +14230,10 @@ const docTemplate = `{ "github_com_openinfradev_tks-api_pkg_domain.PolicyTemplateResponse": { "type": "object", "properties": { + "SyncJson": { + "type": "string", + "example": "[[]]" + }, "createdAt": { "type": "string" }, @@ -14250,6 +14284,15 @@ const docTemplate = `{ ], "example": "medium" }, + "syncKinds": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "Ingress" + ] + }, "templateName": { "type": "string", "example": "필수 Label 검사" @@ -14291,6 +14334,10 @@ const docTemplate = `{ "github_com_openinfradev_tks-api_pkg_domain.PolicyTemplateTwoVersionResponse": { "type": "object", "properties": { + "SyncJson": { + "type": "string", + "example": "[[]]" + }, "createdAt": { "type": "string" }, @@ -14349,6 +14396,15 @@ const docTemplate = `{ ], "example": "medium" }, + "syncKinds": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "Ingress" + ] + }, "templateName": { "type": "string", "example": "필수 Label 검사" @@ -16463,6 +16519,10 @@ const docTemplate = `{ "templateName" ], "properties": { + "SyncJson": { + "type": "string", + "example": "[[]]" + }, "deprecated": { "type": "boolean", "example": false @@ -16509,6 +16569,15 @@ const docTemplate = `{ ], "example": "medium" }, + "syncKinds": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "Ingress" + ] + }, "templateName": { "type": "string", "example": "필수 Label 검사" @@ -16524,6 +16593,10 @@ const docTemplate = `{ "versionUpType" ], "properties": { + "SyncJson": { + "type": "string", + "example": "[[]]" + }, "currentVersion": { "type": "string", "example": "v1.0.0" @@ -16551,6 +16624,15 @@ const docTemplate = `{ "type": "string", "example": "rego 코드" }, + "syncKinds": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "Ingress" + ] + }, "versionUpType": { "type": "string", "enum": [ @@ -16704,6 +16786,10 @@ const docTemplate = `{ "github_com_openinfradev_tks-api_pkg_domain_admin.PolicyTemplateResponse": { "type": "object", "properties": { + "SyncJson": { + "type": "string", + "example": "[[]]" + }, "createdAt": { "type": "string" }, @@ -16760,6 +16846,15 @@ const docTemplate = `{ ], "example": "medium" }, + "syncKinds": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "Ingress" + ] + }, "templateName": { "type": "string", "example": "필수 Label 검사" diff --git a/api/swagger/swagger.json b/api/swagger/swagger.json index c66c556a..5b7cc574 100644 --- a/api/swagger/swagger.json +++ b/api/swagger/swagger.json @@ -11662,7 +11662,9 @@ ], "properties": { "adminAccountId": { - "type": "string" + "type": "string", + "maxLength": 20, + "minLength": 0 }, "adminEmail": { "type": "string" @@ -11763,6 +11765,10 @@ "templateName" ], "properties": { + "SyncJson": { + "type": "string", + "example": "[[]]" + }, "deprecated": { "type": "boolean", "example": false @@ -11809,6 +11815,15 @@ ], "example": "medium" }, + "syncKinds": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "Ingress" + ] + }, "templateName": { "type": "string", "example": "필수 Label 검사" @@ -11824,6 +11839,10 @@ "versionUpType" ], "properties": { + "SyncJson": { + "type": "string", + "example": "[[]]" + }, "currentVersion": { "type": "string", "example": "v1.0.0" @@ -11851,6 +11870,15 @@ "type": "string", "example": "rego 코드" }, + "syncKinds": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "Ingress" + ] + }, "versionUpType": { "type": "string", "enum": [ @@ -12187,7 +12215,9 @@ ], "properties": { "accountId": { - "type": "string" + "type": "string", + "maxLength": 20, + "minLength": 0 }, "department": { "type": "string", @@ -14194,6 +14224,10 @@ "github_com_openinfradev_tks-api_pkg_domain.PolicyTemplateResponse": { "type": "object", "properties": { + "SyncJson": { + "type": "string", + "example": "[[]]" + }, "createdAt": { "type": "string" }, @@ -14244,6 +14278,15 @@ ], "example": "medium" }, + "syncKinds": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "Ingress" + ] + }, "templateName": { "type": "string", "example": "필수 Label 검사" @@ -14285,6 +14328,10 @@ "github_com_openinfradev_tks-api_pkg_domain.PolicyTemplateTwoVersionResponse": { "type": "object", "properties": { + "SyncJson": { + "type": "string", + "example": "[[]]" + }, "createdAt": { "type": "string" }, @@ -14343,6 +14390,15 @@ ], "example": "medium" }, + "syncKinds": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "Ingress" + ] + }, "templateName": { "type": "string", "example": "필수 Label 검사" @@ -16457,6 +16513,10 @@ "templateName" ], "properties": { + "SyncJson": { + "type": "string", + "example": "[[]]" + }, "deprecated": { "type": "boolean", "example": false @@ -16503,6 +16563,15 @@ ], "example": "medium" }, + "syncKinds": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "Ingress" + ] + }, "templateName": { "type": "string", "example": "필수 Label 검사" @@ -16518,6 +16587,10 @@ "versionUpType" ], "properties": { + "SyncJson": { + "type": "string", + "example": "[[]]" + }, "currentVersion": { "type": "string", "example": "v1.0.0" @@ -16545,6 +16618,15 @@ "type": "string", "example": "rego 코드" }, + "syncKinds": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "Ingress" + ] + }, "versionUpType": { "type": "string", "enum": [ @@ -16698,6 +16780,10 @@ "github_com_openinfradev_tks-api_pkg_domain_admin.PolicyTemplateResponse": { "type": "object", "properties": { + "SyncJson": { + "type": "string", + "example": "[[]]" + }, "createdAt": { "type": "string" }, @@ -16754,6 +16840,15 @@ ], "example": "medium" }, + "syncKinds": { + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "Ingress" + ] + }, "templateName": { "type": "string", "example": "필수 Label 검사" diff --git a/api/swagger/swagger.yaml b/api/swagger/swagger.yaml index b48f4c49..7b328415 100644 --- a/api/swagger/swagger.yaml +++ b/api/swagger/swagger.yaml @@ -881,6 +881,8 @@ definitions: github_com_openinfradev_tks-api_pkg_domain.CreateOrganizationRequest: properties: adminAccountId: + maxLength: 20 + minLength: 0 type: string adminEmail: type: string @@ -951,6 +953,9 @@ definitions: type: object github_com_openinfradev_tks-api_pkg_domain.CreatePolicyTemplateRequest: properties: + SyncJson: + example: '[[]]' + type: string deprecated: example: false type: boolean @@ -984,6 +989,12 @@ definitions: - high example: medium type: string + syncKinds: + example: + - Ingress + items: + type: string + type: array templateName: example: 필수 Label 검사 type: string @@ -995,6 +1006,9 @@ definitions: type: object github_com_openinfradev_tks-api_pkg_domain.CreatePolicyTemplateVersionRequest: properties: + SyncJson: + example: '[[]]' + type: string currentVersion: example: v1.0.0 type: string @@ -1014,6 +1028,12 @@ definitions: rego: example: rego 코드 type: string + syncKinds: + example: + - Ingress + items: + type: string + type: array versionUpType: enum: - major @@ -1242,6 +1262,8 @@ definitions: github_com_openinfradev_tks-api_pkg_domain.CreateUserRequest: properties: accountId: + maxLength: 20 + minLength: 0 type: string department: maxLength: 50 @@ -2561,6 +2583,9 @@ definitions: type: object github_com_openinfradev_tks-api_pkg_domain.PolicyTemplateResponse: properties: + SyncJson: + example: '[[]]' + type: string createdAt: type: string creator: @@ -2597,6 +2622,12 @@ definitions: - high example: medium type: string + syncKinds: + example: + - Ingress + items: + type: string + type: array templateName: example: 필수 Label 검사 type: string @@ -2625,6 +2656,9 @@ definitions: type: object github_com_openinfradev_tks-api_pkg_domain.PolicyTemplateTwoVersionResponse: properties: + SyncJson: + example: '[[]]' + type: string createdAt: type: string creator: @@ -2667,6 +2701,12 @@ definitions: - high example: medium type: string + syncKinds: + example: + - Ingress + items: + type: string + type: array templateName: example: 필수 Label 검사 type: string @@ -4077,6 +4117,9 @@ definitions: type: object github_com_openinfradev_tks-api_pkg_domain_admin.CreatePolicyTemplateRequest: properties: + SyncJson: + example: '[[]]' + type: string deprecated: example: false type: boolean @@ -4110,6 +4153,12 @@ definitions: - high example: medium type: string + syncKinds: + example: + - Ingress + items: + type: string + type: array templateName: example: 필수 Label 검사 type: string @@ -4121,6 +4170,9 @@ definitions: type: object github_com_openinfradev_tks-api_pkg_domain_admin.CreatePolicyTemplateVersionRequest: properties: + SyncJson: + example: '[[]]' + type: string currentVersion: example: v1.0.0 type: string @@ -4140,6 +4192,12 @@ definitions: rego: example: rego 코드 type: string + syncKinds: + example: + - Ingress + items: + type: string + type: array versionUpType: enum: - major @@ -4245,6 +4303,9 @@ definitions: type: object github_com_openinfradev_tks-api_pkg_domain_admin.PolicyTemplateResponse: properties: + SyncJson: + example: '[[]]' + type: string createdAt: type: string creator: @@ -4285,6 +4346,12 @@ definitions: - high example: medium type: string + syncKinds: + example: + - Ingress + items: + type: string + type: array templateName: example: 필수 Label 검사 type: string diff --git a/internal/delivery/http/policy-notification.go b/internal/delivery/http/policy-notification.go index 12e87db4..ee084b39 100644 --- a/internal/delivery/http/policy-notification.go +++ b/internal/delivery/http/policy-notification.go @@ -62,7 +62,7 @@ func (h *PolicyNotificationHandler) GetPolicyNotifications(w http.ResponseWriter for j, value := range filter.Values { val := "" if value == "dryrun" { - val = "감사" + val = "경고" } else { val = "거부" } diff --git a/internal/usecase/system-notification-rule.go b/internal/usecase/system-notification-rule.go index 2c737b08..e3bdef06 100644 --- a/internal/usecase/system-notification-rule.go +++ b/internal/usecase/system-notification-rule.go @@ -328,11 +328,11 @@ func (u *SystemNotificationRuleUsecase) MakeDefaultSystemNotificationRules(ctx c CreatorId: organization.AdminId, UpdatorId: organization.AdminId, }) - } else if template.Name == domain.SN_TYPE_POLICY_AUDITED { + } else if template.Name == domain.SN_TYPE_POLICY_WARNING { ruleId := uuid.New() rules = append(rules, model.SystemNotificationRule{ ID: ruleId, - Name: domain.SN_TYPE_POLICY_AUDITED + "-critical", + Name: domain.SN_TYPE_POLICY_WARNING + "-critical", Description: "기본 시스템 알림 - 정책 위반", OrganizationId: organizationId, NotificationType: template.NotificationType, diff --git a/internal/usecase/system-notification.go b/internal/usecase/system-notification.go index 6a2c577f..da75cca3 100644 --- a/internal/usecase/system-notification.go +++ b/internal/usecase/system-notification.go @@ -136,8 +136,8 @@ func (u *SystemNotificationUsecase) Create(ctx context.Context, input domain.Cre if systemNotification.Annotations.AlertType == "POLICY_NOTIFICATION" { dto.PolicyName = systemNotification.Annotations.PolicyName - if strings.Contains(systemNotification.Labels.AlertName, "policy-audited") { - dto.MessageActionProposal = "감사" + if strings.Contains(systemNotification.Labels.AlertName, "policy-warning") { + dto.MessageActionProposal = "경고" } else if strings.Contains(systemNotification.Labels.AlertName, "policy-blocked") { dto.MessageActionProposal = "거부" } else { diff --git a/pkg/domain/system-notification-template.go b/pkg/domain/system-notification-template.go index d2e54fa0..89345d17 100644 --- a/pkg/domain/system-notification-template.go +++ b/pkg/domain/system-notification-template.go @@ -9,7 +9,7 @@ const SN_TYPE_NODE_MEMORY_HIGH_UTILIZATION = "node-memory-high-utilization" const SN_TYPE_NODE_DISK_FULL = "node-disk-full" const SN_TYPE_PVC_FULL = "pvc-full" const SN_TYPE_POD_RESTART_FREQUENTLY = "pod-restart-frequently" -const SN_TYPE_POLICY_AUDITED = "policy-audited" +const SN_TYPE_POLICY_WARNING = "policy-warning" const SN_TYPE_POLICY_BLOCKED = "policy-blocked" const ( diff --git a/scripts/init_postgres.sql b/scripts/init_postgres.sql index df183860..1c1c4ff0 100644 --- a/scripts/init_postgres.sql +++ b/scripts/init_postgres.sql @@ -69,7 +69,7 @@ values ('68dcb92d-91cc-47d0-9b2f-2285d74f157f', 'pvc-full', 'pvc-full', true, 'S insert into system_notification_templates ( id, name, description, is_system, notification_type, metric_query, creator_id, updator_id, created_at, updated_at ) values ('46e9e216-364a-4a3f-9182-85b2c4c34f77', 'pod-restart-frequently', 'pod-restart-frequently', true, 'SYSTEM_NOTIFICATION','increase(kube_pod_container_status_restarts_total{namespace!="kube-system"}[60m:])', null, null, now(), now() ); insert into system_notification_templates ( id, name, description, is_system, notification_type, metric_query, creator_id, updator_id, created_at, updated_at ) -values ('7355d0f9-7c14-4f70-92ea-a9868624ff82', 'policy-audited', 'policy-audited', true, 'POLICY_NOTIFICATION', 'opa_scorecard_constraint_violations{namespace!="kube-system|taco-system|gatekeeper-system", violation_enforcement="warn"}', null, null, now(), now() ); +values ('7355d0f9-7c14-4f70-92ea-a9868624ff82', 'policy-warning', 'policy-warning', true, 'POLICY_NOTIFICATION', 'opa_scorecard_constraint_violations{namespace!="kube-system|taco-system|gatekeeper-system", violation_enforcement="warn"}', null, null, now(), now() ); insert into system_notification_templates ( id, name, description, is_system, notification_type, metric_query, creator_id, updator_id, created_at, updated_at ) values ('792ca0c6-b98f-4493-aa17-548de9eb9a4e', 'policy-blocked', 'policy-blocked', true, 'POLICY_NOTIFICATION', 'opa_scorecard_constraint_violations{namespace!="kube-system|taco-system|gatekeeper-system",violation_enforcement=""}', null, null, now(), now() ); From 2d809ca671970261db777d29e6942d013af9d898 Mon Sep 17 00:00:00 2001 From: "taekyu.kang" Date: Wed, 22 May 2024 17:16:13 +0900 Subject: [PATCH 07/14] trivial. change snr policy type --- internal/delivery/http/policy-notification.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/internal/delivery/http/policy-notification.go b/internal/delivery/http/policy-notification.go index ee084b39..a1763787 100644 --- a/internal/delivery/http/policy-notification.go +++ b/internal/delivery/http/policy-notification.go @@ -61,7 +61,7 @@ func (h *PolicyNotificationHandler) GetPolicyNotifications(w http.ResponseWriter } else if filter.Column == "message_action_proposal" { for j, value := range filter.Values { val := "" - if value == "dryrun" { + if value == "warn" { val = "경고" } else { val = "거부" From bee0b5a801f9d76f4fe5887d2a39c10ee29c2398 Mon Sep 17 00:00:00 2001 From: donggyu Date: Thu, 23 May 2024 10:05:53 +0900 Subject: [PATCH 08/14] bugfix. make kubeconfig lowercase --- combind-kubeconfig | 4 ++++ pkg/domain/project.go | 2 +- pkg/domain/stack.go | 2 +- 3 files changed, 6 insertions(+), 2 deletions(-) create mode 100644 combind-kubeconfig diff --git a/combind-kubeconfig b/combind-kubeconfig new file mode 100644 index 00000000..350db35b --- /dev/null +++ b/combind-kubeconfig @@ -0,0 +1,4 @@ +apiVersion: "" +kind: "" +clusters: [] +contexts: [] diff --git a/pkg/domain/project.go b/pkg/domain/project.go index dca4cc91..39f7288c 100644 --- a/pkg/domain/project.go +++ b/pkg/domain/project.go @@ -199,5 +199,5 @@ type GetProjectNamespaceResourcesUsageResponse struct { } type GetProjectNamespaceKubeConfigResponse struct { - KubeConfig string `json:"kubeConfig"` + KubeConfig string `json:"kubeconfig"` } diff --git a/pkg/domain/stack.go b/pkg/domain/stack.go index 90f4f96b..8cbbfec6 100644 --- a/pkg/domain/stack.go +++ b/pkg/domain/stack.go @@ -169,7 +169,7 @@ type CheckStackNameResponse struct { } type GetStackKubeConfigResponse struct { - KubeConfig string `json:"kubeConfig"` + KubeConfig string `json:"kubeconfig"` } type GetStackStatusResponse struct { From bc7860d6e5fef2fe64d0150c4ada74c1b9ce8157 Mon Sep 17 00:00:00 2001 From: donggyu Date: Thu, 23 May 2024 10:26:36 +0900 Subject: [PATCH 09/14] change kubeConfig / kube-config -> kubeconfig --- api/swagger/docs.go | 16 +- api/swagger/swagger.json | 18 +- api/swagger/swagger.yaml | 16 +- internal/delivery/api/endpoint.go | 2 +- .../delivery/api/generated_endpoints.go.go | 943 +++++++++--------- internal/delivery/http/cluster.go | 6 +- internal/delivery/http/project.go | 10 +- internal/delivery/http/stack.go | 16 +- internal/middleware/auth/role/default.go | 4 +- internal/model/permission.go | 2 +- internal/route/route.go | 6 +- internal/usecase/project.go | 20 +- internal/usecase/stack.go | 9 +- pkg/domain/project.go | 4 +- pkg/domain/stack.go | 4 +- pkg/kubernetes/kubernetes.go | 14 +- pkg/kubernetes/kubernetes_test.go | 8 +- 17 files changed, 549 insertions(+), 549 deletions(-) diff --git a/api/swagger/docs.go b/api/swagger/docs.go index 0fdb70a5..ccc20eb1 100644 --- a/api/swagger/docs.go +++ b/api/swagger/docs.go @@ -7515,7 +7515,7 @@ const docTemplate = `{ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/github_com_openinfradev_tks-api_pkg_domain.GetProjectNamespaceKubeConfigResponse" + "$ref": "#/definitions/github_com_openinfradev_tks-api_pkg_domain.GetProjectNamespaceKubeconfigResponse" } } } @@ -8614,7 +8614,7 @@ const docTemplate = `{ "JWT": [] } ], - "description": "Get KubeConfig by stack", + "description": "Get Kubeconfig by stack", "consumes": [ "application/json" ], @@ -8624,7 +8624,7 @@ const docTemplate = `{ "tags": [ "Stacks" ], - "summary": "Get KubeConfig by stack", + "summary": "Get Kubeconfig by stack", "parameters": [ { "type": "string", @@ -8645,7 +8645,7 @@ const docTemplate = `{ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/github_com_openinfradev_tks-api_pkg_domain.GetStackKubeConfigResponse" + "$ref": "#/definitions/github_com_openinfradev_tks-api_pkg_domain.GetStackKubeconfigResponse" } } } @@ -13170,10 +13170,10 @@ const docTemplate = `{ } } }, - "github_com_openinfradev_tks-api_pkg_domain.GetProjectNamespaceKubeConfigResponse": { + "github_com_openinfradev_tks-api_pkg_domain.GetProjectNamespaceKubeconfigResponse": { "type": "object", "properties": { - "kubeConfig": { + "kubeconfig": { "type": "string" } } @@ -13246,10 +13246,10 @@ const docTemplate = `{ } } }, - "github_com_openinfradev_tks-api_pkg_domain.GetStackKubeConfigResponse": { + "github_com_openinfradev_tks-api_pkg_domain.GetStackKubeconfigResponse": { "type": "object", "properties": { - "kubeConfig": { + "kubeconfig": { "type": "string" } } diff --git a/api/swagger/swagger.json b/api/swagger/swagger.json index 5b7cc574..40c9d30a 100644 --- a/api/swagger/swagger.json +++ b/api/swagger/swagger.json @@ -7509,7 +7509,7 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/github_com_openinfradev_tks-api_pkg_domain.GetProjectNamespaceKubeConfigResponse" + "$ref": "#/definitions/github_com_openinfradev_tks-api_pkg_domain.GetProjectNamespaceKubeconfigResponse" } } } @@ -8608,7 +8608,7 @@ "JWT": [] } ], - "description": "Get KubeConfig by stack", + "description": "Get Kubeconfig by stack", "consumes": [ "application/json" ], @@ -8618,7 +8618,7 @@ "tags": [ "Stacks" ], - "summary": "Get KubeConfig by stack", + "summary": "Get Kubeconfig by stack", "parameters": [ { "type": "string", @@ -8639,7 +8639,7 @@ "200": { "description": "OK", "schema": { - "$ref": "#/definitions/github_com_openinfradev_tks-api_pkg_domain.GetStackKubeConfigResponse" + "$ref": "#/definitions/github_com_openinfradev_tks-api_pkg_domain.GetStackKubeconfigResponse" } } } @@ -13164,10 +13164,10 @@ } } }, - "github_com_openinfradev_tks-api_pkg_domain.GetProjectNamespaceKubeConfigResponse": { + "github_com_openinfradev_tks-api_pkg_domain.GetProjectNamespaceKubeconfigResponse": { "type": "object", "properties": { - "kubeConfig": { + "kubeconfig": { "type": "string" } } @@ -13240,10 +13240,10 @@ } } }, - "github_com_openinfradev_tks-api_pkg_domain.GetStackKubeConfigResponse": { + "github_com_openinfradev_tks-api_pkg_domain.GetStackKubeconfigResponse": { "type": "object", "properties": { - "kubeConfig": { + "kubeconfig": { "type": "string" } } @@ -16946,4 +16946,4 @@ "in": "header" } } -} \ No newline at end of file +} diff --git a/api/swagger/swagger.yaml b/api/swagger/swagger.yaml index 7b328415..5541b25d 100644 --- a/api/swagger/swagger.yaml +++ b/api/swagger/swagger.yaml @@ -1884,9 +1884,9 @@ definitions: k8sResources: $ref: '#/definitions/github_com_openinfradev_tks-api_pkg_domain.ProjectNamespaceK8sResources' type: object - github_com_openinfradev_tks-api_pkg_domain.GetProjectNamespaceKubeConfigResponse: + github_com_openinfradev_tks-api_pkg_domain.GetProjectNamespaceKubeconfigResponse: properties: - kubeConfig: + kubeconfig: type: string type: object github_com_openinfradev_tks-api_pkg_domain.GetProjectNamespaceResourcesUsageResponse: @@ -1932,9 +1932,9 @@ definitions: $ref: '#/definitions/github_com_openinfradev_tks-api_pkg_domain.ProjectResponse' type: array type: object - github_com_openinfradev_tks-api_pkg_domain.GetStackKubeConfigResponse: + github_com_openinfradev_tks-api_pkg_domain.GetStackKubeconfigResponse: properties: - kubeConfig: + kubeconfig: type: string type: object github_com_openinfradev_tks-api_pkg_domain.GetStackPolicyTemplateStatusResponse: @@ -9108,7 +9108,7 @@ paths: "200": description: OK schema: - $ref: '#/definitions/github_com_openinfradev_tks-api_pkg_domain.GetProjectNamespaceKubeConfigResponse' + $ref: '#/definitions/github_com_openinfradev_tks-api_pkg_domain.GetProjectNamespaceKubeconfigResponse' security: - JWT: [] summary: Get project namespace kubeconfig @@ -9869,7 +9869,7 @@ paths: get: consumes: - application/json - description: Get KubeConfig by stack + description: Get Kubeconfig by stack parameters: - description: organizationId in: path @@ -9887,10 +9887,10 @@ paths: "200": description: OK schema: - $ref: '#/definitions/github_com_openinfradev_tks-api_pkg_domain.GetStackKubeConfigResponse' + $ref: '#/definitions/github_com_openinfradev_tks-api_pkg_domain.GetStackKubeconfigResponse' security: - JWT: [] - summary: Get KubeConfig by stack + summary: Get Kubeconfig by stack tags: - Stacks /organizations/{organizationId}/stacks/{stackId}/policies: diff --git a/internal/delivery/api/endpoint.go b/internal/delivery/api/endpoint.go index 3de1e793..30280502 100644 --- a/internal/delivery/api/endpoint.go +++ b/internal/delivery/api/endpoint.go @@ -168,7 +168,7 @@ const ( GetStack // 스택관리/조회 UpdateStack // 스택관리/수정 DeleteStack // 스택관리/삭제 - GetStackKubeConfig // 스택관리/조회 + GetStackKubeconfig // 스택관리/조회 GetStackStatus // 스택관리/조회 SetFavoriteStack // 스택관리/조회 DeleteFavoriteStack // 스택관리/조회 diff --git a/internal/delivery/api/generated_endpoints.go.go b/internal/delivery/api/generated_endpoints.go.go index 937cb4d0..25f0364d 100644 --- a/internal/delivery/api/generated_endpoints.go.go +++ b/internal/delivery/api/generated_endpoints.go.go @@ -1,941 +1,942 @@ - // This is generated code. DO NOT EDIT. +// This is generated code. DO NOT EDIT. package api var ApiMap = map[Endpoint]EndpointInfo{ - Login: { - Name: "Login", + Login: { + Name: "Login", Group: "Auth", }, - Logout: { - Name: "Logout", + Logout: { + Name: "Logout", Group: "Auth", }, - RefreshToken: { - Name: "RefreshToken", + RefreshToken: { + Name: "RefreshToken", Group: "Auth", }, - FindId: { - Name: "FindId", + FindId: { + Name: "FindId", Group: "Auth", }, - FindPassword: { - Name: "FindPassword", + FindPassword: { + Name: "FindPassword", Group: "Auth", }, - VerifyIdentityForLostId: { - Name: "VerifyIdentityForLostId", + VerifyIdentityForLostId: { + Name: "VerifyIdentityForLostId", Group: "Auth", }, - VerifyIdentityForLostPassword: { - Name: "VerifyIdentityForLostPassword", + VerifyIdentityForLostPassword: { + Name: "VerifyIdentityForLostPassword", Group: "Auth", }, - VerifyToken: { - Name: "VerifyToken", + VerifyToken: { + Name: "VerifyToken", Group: "Auth", }, - CreateUser: { - Name: "CreateUser", + CreateUser: { + Name: "CreateUser", Group: "User", }, - ListUser: { - Name: "ListUser", + ListUser: { + Name: "ListUser", Group: "User", }, - GetUser: { - Name: "GetUser", + GetUser: { + Name: "GetUser", Group: "User", }, - DeleteUser: { - Name: "DeleteUser", + DeleteUser: { + Name: "DeleteUser", Group: "User", }, - UpdateUsers: { - Name: "UpdateUsers", + UpdateUsers: { + Name: "UpdateUsers", Group: "User", }, - UpdateUser: { - Name: "UpdateUser", + UpdateUser: { + Name: "UpdateUser", Group: "User", }, - ResetPassword: { - Name: "ResetPassword", + ResetPassword: { + Name: "ResetPassword", Group: "User", }, - CheckId: { - Name: "CheckId", + CheckId: { + Name: "CheckId", Group: "User", }, - CheckEmail: { - Name: "CheckEmail", + CheckEmail: { + Name: "CheckEmail", Group: "User", }, - GetPermissionsByAccountId: { - Name: "GetPermissionsByAccountId", + GetPermissionsByAccountId: { + Name: "GetPermissionsByAccountId", Group: "User", }, - GetMyProfile: { - Name: "GetMyProfile", + GetMyProfile: { + Name: "GetMyProfile", Group: "MyProfile", }, - UpdateMyProfile: { - Name: "UpdateMyProfile", + UpdateMyProfile: { + Name: "UpdateMyProfile", Group: "MyProfile", }, - UpdateMyPassword: { - Name: "UpdateMyPassword", + UpdateMyPassword: { + Name: "UpdateMyPassword", Group: "MyProfile", }, - RenewPasswordExpiredDate: { - Name: "RenewPasswordExpiredDate", + RenewPasswordExpiredDate: { + Name: "RenewPasswordExpiredDate", Group: "MyProfile", }, - DeleteMyProfile: { - Name: "DeleteMyProfile", + DeleteMyProfile: { + Name: "DeleteMyProfile", Group: "MyProfile", }, - Admin_CreateOrganization: { - Name: "Admin_CreateOrganization", + Admin_CreateOrganization: { + Name: "Admin_CreateOrganization", Group: "Organization", }, - Admin_DeleteOrganization: { - Name: "Admin_DeleteOrganization", + Admin_DeleteOrganization: { + Name: "Admin_DeleteOrganization", Group: "Organization", }, - GetOrganizations: { - Name: "GetOrganizations", + GetOrganizations: { + Name: "GetOrganizations", Group: "Organization", }, - GetOrganization: { - Name: "GetOrganization", + GetOrganization: { + Name: "GetOrganization", Group: "Organization", }, - CheckOrganizationName: { - Name: "CheckOrganizationName", + CheckOrganizationName: { + Name: "CheckOrganizationName", Group: "Organization", }, - UpdateOrganization: { - Name: "UpdateOrganization", + UpdateOrganization: { + Name: "UpdateOrganization", Group: "Organization", }, - UpdatePrimaryCluster: { - Name: "UpdatePrimaryCluster", + UpdatePrimaryCluster: { + Name: "UpdatePrimaryCluster", Group: "Organization", }, - CreateCluster: { - Name: "CreateCluster", + CreateCluster: { + Name: "CreateCluster", Group: "Cluster", }, - GetClusters: { - Name: "GetClusters", + GetClusters: { + Name: "GetClusters", Group: "Cluster", }, - ImportCluster: { - Name: "ImportCluster", + ImportCluster: { + Name: "ImportCluster", Group: "Cluster", }, - GetCluster: { - Name: "GetCluster", + GetCluster: { + Name: "GetCluster", Group: "Cluster", }, - DeleteCluster: { - Name: "DeleteCluster", + DeleteCluster: { + Name: "DeleteCluster", Group: "Cluster", }, - GetClusterSiteValues: { - Name: "GetClusterSiteValues", + GetClusterSiteValues: { + Name: "GetClusterSiteValues", Group: "Cluster", }, - InstallCluster: { - Name: "InstallCluster", + InstallCluster: { + Name: "InstallCluster", Group: "Cluster", }, - CreateBootstrapKubeconfig: { - Name: "CreateBootstrapKubeconfig", + CreateBootstrapKubeconfig: { + Name: "CreateBootstrapKubeconfig", Group: "Cluster", }, - GetBootstrapKubeconfig: { - Name: "GetBootstrapKubeconfig", + GetBootstrapKubeconfig: { + Name: "GetBootstrapKubeconfig", Group: "Cluster", }, - GetNodes: { - Name: "GetNodes", + GetNodes: { + Name: "GetNodes", Group: "Cluster", }, - CreateAppgroup: { - Name: "CreateAppgroup", + CreateAppgroup: { + Name: "CreateAppgroup", Group: "Appgroup", }, - GetAppgroups: { - Name: "GetAppgroups", + GetAppgroups: { + Name: "GetAppgroups", Group: "Appgroup", }, - GetAppgroup: { - Name: "GetAppgroup", + GetAppgroup: { + Name: "GetAppgroup", Group: "Appgroup", }, - DeleteAppgroup: { - Name: "DeleteAppgroup", + DeleteAppgroup: { + Name: "DeleteAppgroup", Group: "Appgroup", }, - GetApplications: { - Name: "GetApplications", + GetApplications: { + Name: "GetApplications", Group: "Appgroup", }, - CreateApplication: { - Name: "CreateApplication", + CreateApplication: { + Name: "CreateApplication", Group: "Appgroup", }, - GetAppServeAppTasksByAppId: { - Name: "GetAppServeAppTasksByAppId", + GetAppServeAppTasksByAppId: { + Name: "GetAppServeAppTasksByAppId", Group: "AppServeApp", }, - GetAppServeAppTaskDetail: { - Name: "GetAppServeAppTaskDetail", + GetAppServeAppTaskDetail: { + Name: "GetAppServeAppTaskDetail", Group: "AppServeApp", }, - CreateAppServeApp: { - Name: "CreateAppServeApp", + CreateAppServeApp: { + Name: "CreateAppServeApp", Group: "AppServeApp", }, - GetAppServeApps: { - Name: "GetAppServeApps", + GetAppServeApps: { + Name: "GetAppServeApps", Group: "AppServeApp", }, - GetNumOfAppsOnStack: { - Name: "GetNumOfAppsOnStack", + GetNumOfAppsOnStack: { + Name: "GetNumOfAppsOnStack", Group: "AppServeApp", }, - GetAppServeApp: { - Name: "GetAppServeApp", + GetAppServeApp: { + Name: "GetAppServeApp", Group: "AppServeApp", }, - GetAppServeAppLatestTask: { - Name: "GetAppServeAppLatestTask", + GetAppServeAppLatestTask: { + Name: "GetAppServeAppLatestTask", Group: "AppServeApp", }, - IsAppServeAppExist: { - Name: "IsAppServeAppExist", + IsAppServeAppExist: { + Name: "IsAppServeAppExist", Group: "AppServeApp", }, - IsAppServeAppNameExist: { - Name: "IsAppServeAppNameExist", + IsAppServeAppNameExist: { + Name: "IsAppServeAppNameExist", Group: "AppServeApp", }, - DeleteAppServeApp: { - Name: "DeleteAppServeApp", + DeleteAppServeApp: { + Name: "DeleteAppServeApp", Group: "AppServeApp", }, - UpdateAppServeApp: { - Name: "UpdateAppServeApp", + UpdateAppServeApp: { + Name: "UpdateAppServeApp", Group: "AppServeApp", }, - UpdateAppServeAppStatus: { - Name: "UpdateAppServeAppStatus", + UpdateAppServeAppStatus: { + Name: "UpdateAppServeAppStatus", Group: "AppServeApp", }, - UpdateAppServeAppEndpoint: { - Name: "UpdateAppServeAppEndpoint", + UpdateAppServeAppEndpoint: { + Name: "UpdateAppServeAppEndpoint", Group: "AppServeApp", }, - RollbackAppServeApp: { - Name: "RollbackAppServeApp", + RollbackAppServeApp: { + Name: "RollbackAppServeApp", Group: "AppServeApp", }, - GetCloudAccounts: { - Name: "GetCloudAccounts", + GetCloudAccounts: { + Name: "GetCloudAccounts", Group: "CloudAccount", }, - CreateCloudAccount: { - Name: "CreateCloudAccount", + CreateCloudAccount: { + Name: "CreateCloudAccount", Group: "CloudAccount", }, - CheckCloudAccountName: { - Name: "CheckCloudAccountName", + CheckCloudAccountName: { + Name: "CheckCloudAccountName", Group: "CloudAccount", }, - CheckAwsAccountId: { - Name: "CheckAwsAccountId", + CheckAwsAccountId: { + Name: "CheckAwsAccountId", Group: "CloudAccount", }, - GetCloudAccount: { - Name: "GetCloudAccount", + GetCloudAccount: { + Name: "GetCloudAccount", Group: "CloudAccount", }, - UpdateCloudAccount: { - Name: "UpdateCloudAccount", + UpdateCloudAccount: { + Name: "UpdateCloudAccount", Group: "CloudAccount", }, - DeleteCloudAccount: { - Name: "DeleteCloudAccount", + DeleteCloudAccount: { + Name: "DeleteCloudAccount", Group: "CloudAccount", }, - DeleteForceCloudAccount: { - Name: "DeleteForceCloudAccount", + DeleteForceCloudAccount: { + Name: "DeleteForceCloudAccount", Group: "CloudAccount", }, - GetResourceQuota: { - Name: "GetResourceQuota", + GetResourceQuota: { + Name: "GetResourceQuota", Group: "CloudAccount", }, - Admin_GetStackTemplates: { - Name: "Admin_GetStackTemplates", + Admin_GetStackTemplates: { + Name: "Admin_GetStackTemplates", Group: "StackTemplate", }, - Admin_GetStackTemplate: { - Name: "Admin_GetStackTemplate", + Admin_GetStackTemplate: { + Name: "Admin_GetStackTemplate", Group: "StackTemplate", }, - Admin_GetStackTemplateServices: { - Name: "Admin_GetStackTemplateServices", + Admin_GetStackTemplateServices: { + Name: "Admin_GetStackTemplateServices", Group: "StackTemplate", }, - Admin_GetStackTemplateTemplateIds: { - Name: "Admin_GetStackTemplateTemplateIds", + Admin_GetStackTemplateTemplateIds: { + Name: "Admin_GetStackTemplateTemplateIds", Group: "StackTemplate", }, - Admin_CreateStackTemplate: { - Name: "Admin_CreateStackTemplate", + Admin_CreateStackTemplate: { + Name: "Admin_CreateStackTemplate", Group: "StackTemplate", }, - Admin_UpdateStackTemplate: { - Name: "Admin_UpdateStackTemplate", + Admin_UpdateStackTemplate: { + Name: "Admin_UpdateStackTemplate", Group: "StackTemplate", }, - Admin_DeleteStackTemplate: { - Name: "Admin_DeleteStackTemplate", + Admin_DeleteStackTemplate: { + Name: "Admin_DeleteStackTemplate", Group: "StackTemplate", }, - Admin_UpdateStackTemplateOrganizations: { - Name: "Admin_UpdateStackTemplateOrganizations", + Admin_UpdateStackTemplateOrganizations: { + Name: "Admin_UpdateStackTemplateOrganizations", Group: "StackTemplate", }, - Admin_CheckStackTemplateName: { - Name: "Admin_CheckStackTemplateName", + Admin_CheckStackTemplateName: { + Name: "Admin_CheckStackTemplateName", Group: "StackTemplate", }, - GetOrganizationStackTemplates: { - Name: "GetOrganizationStackTemplates", + GetOrganizationStackTemplates: { + Name: "GetOrganizationStackTemplates", Group: "StackTemplate", }, - GetOrganizationStackTemplate: { - Name: "GetOrganizationStackTemplate", + GetOrganizationStackTemplate: { + Name: "GetOrganizationStackTemplate", Group: "StackTemplate", }, - AddOrganizationStackTemplates: { - Name: "AddOrganizationStackTemplates", + AddOrganizationStackTemplates: { + Name: "AddOrganizationStackTemplates", Group: "StackTemplate", }, - RemoveOrganizationStackTemplates: { - Name: "RemoveOrganizationStackTemplates", + RemoveOrganizationStackTemplates: { + Name: "RemoveOrganizationStackTemplates", Group: "StackTemplate", }, - CreateDashboard: { - Name: "CreateDashboard", + CreateDashboard: { + Name: "CreateDashboard", Group: "Dashboard", }, - GetDashboard: { - Name: "GetDashboard", + GetDashboard: { + Name: "GetDashboard", Group: "Dashboard", }, - UpdateDashboard: { - Name: "UpdateDashboard", + UpdateDashboard: { + Name: "UpdateDashboard", Group: "Dashboard", }, - GetChartsDashboard: { - Name: "GetChartsDashboard", + GetChartsDashboard: { + Name: "GetChartsDashboard", Group: "Dashboard", }, - GetChartDashboard: { - Name: "GetChartDashboard", + GetChartDashboard: { + Name: "GetChartDashboard", Group: "Dashboard", }, - GetStacksDashboard: { - Name: "GetStacksDashboard", + GetStacksDashboard: { + Name: "GetStacksDashboard", Group: "Dashboard", }, - GetResourcesDashboard: { - Name: "GetResourcesDashboard", + GetResourcesDashboard: { + Name: "GetResourcesDashboard", Group: "Dashboard", }, - GetPolicyStatusDashboard: { - Name: "GetPolicyStatusDashboard", + GetPolicyStatusDashboard: { + Name: "GetPolicyStatusDashboard", Group: "Dashboard", }, - GetPolicyUpdateDashboard: { - Name: "GetPolicyUpdateDashboard", + GetPolicyUpdateDashboard: { + Name: "GetPolicyUpdateDashboard", Group: "Dashboard", }, - GetPolicyEnforcementDashboard: { - Name: "GetPolicyEnforcementDashboard", + GetPolicyEnforcementDashboard: { + Name: "GetPolicyEnforcementDashboard", Group: "Dashboard", }, - GetPolicyViolationDashboard: { - Name: "GetPolicyViolationDashboard", + GetPolicyViolationDashboard: { + Name: "GetPolicyViolationDashboard", Group: "Dashboard", }, - GetPolicyViolationLogDashboard: { - Name: "GetPolicyViolationLogDashboard", + GetPolicyViolationLogDashboard: { + Name: "GetPolicyViolationLogDashboard", Group: "Dashboard", }, - GetPolicyStatisticsDashboard: { - Name: "GetPolicyStatisticsDashboard", + GetPolicyStatisticsDashboard: { + Name: "GetPolicyStatisticsDashboard", Group: "Dashboard", }, - GetWorkloadDashboard: { - Name: "GetWorkloadDashboard", + GetWorkloadDashboard: { + Name: "GetWorkloadDashboard", Group: "Dashboard", }, - GetPolicyViolationTop5Dashboard: { - Name: "GetPolicyViolationTop5Dashboard", + GetPolicyViolationTop5Dashboard: { + Name: "GetPolicyViolationTop5Dashboard", Group: "Dashboard", }, - Admin_CreateSystemNotificationTemplate: { - Name: "Admin_CreateSystemNotificationTemplate", + Admin_CreateSystemNotificationTemplate: { + Name: "Admin_CreateSystemNotificationTemplate", Group: "SystemNotificationTemplate", }, - Admin_UpdateSystemNotificationTemplate: { - Name: "Admin_UpdateSystemNotificationTemplate", + Admin_UpdateSystemNotificationTemplate: { + Name: "Admin_UpdateSystemNotificationTemplate", Group: "SystemNotificationTemplate", }, - Admin_DeleteSystemNotificationTemplate: { - Name: "Admin_DeleteSystemNotificationTemplate", + Admin_DeleteSystemNotificationTemplate: { + Name: "Admin_DeleteSystemNotificationTemplate", Group: "SystemNotificationTemplate", }, - Admin_GetSystemNotificationTemplates: { - Name: "Admin_GetSystemNotificationTemplates", + Admin_GetSystemNotificationTemplates: { + Name: "Admin_GetSystemNotificationTemplates", Group: "SystemNotificationTemplate", }, - Admin_GetSystemNotificationTemplate: { - Name: "Admin_GetSystemNotificationTemplate", + Admin_GetSystemNotificationTemplate: { + Name: "Admin_GetSystemNotificationTemplate", Group: "SystemNotificationTemplate", }, - Admin_CheckSystemNotificationTemplateName: { - Name: "Admin_CheckSystemNotificationTemplateName", + Admin_CheckSystemNotificationTemplateName: { + Name: "Admin_CheckSystemNotificationTemplateName", Group: "SystemNotificationTemplate", }, - GetOrganizationSystemNotificationTemplates: { - Name: "GetOrganizationSystemNotificationTemplates", + GetOrganizationSystemNotificationTemplates: { + Name: "GetOrganizationSystemNotificationTemplates", Group: "SystemNotificationTemplate", }, - GetOrganizationSystemNotificationTemplate: { - Name: "GetOrganizationSystemNotificationTemplate", + GetOrganizationSystemNotificationTemplate: { + Name: "GetOrganizationSystemNotificationTemplate", Group: "SystemNotificationTemplate", }, - AddOrganizationSystemNotificationTemplates: { - Name: "AddOrganizationSystemNotificationTemplates", + AddOrganizationSystemNotificationTemplates: { + Name: "AddOrganizationSystemNotificationTemplates", Group: "SystemNotificationTemplate", }, - RemoveOrganizationSystemNotificationTemplates: { - Name: "RemoveOrganizationSystemNotificationTemplates", + RemoveOrganizationSystemNotificationTemplates: { + Name: "RemoveOrganizationSystemNotificationTemplates", Group: "SystemNotificationTemplate", }, - CreateSystemNotificationRule: { - Name: "CreateSystemNotificationRule", + CreateSystemNotificationRule: { + Name: "CreateSystemNotificationRule", Group: "SystemNotificationRule", }, - GetSystemNotificationRules: { - Name: "GetSystemNotificationRules", + GetSystemNotificationRules: { + Name: "GetSystemNotificationRules", Group: "SystemNotificationRule", }, - GetSystemNotificationRule: { - Name: "GetSystemNotificationRule", + GetSystemNotificationRule: { + Name: "GetSystemNotificationRule", Group: "SystemNotificationRule", }, - CheckSystemNotificationRuleName: { - Name: "CheckSystemNotificationRuleName", + CheckSystemNotificationRuleName: { + Name: "CheckSystemNotificationRuleName", Group: "SystemNotificationRule", }, - DeleteSystemNotificationRule: { - Name: "DeleteSystemNotificationRule", + DeleteSystemNotificationRule: { + Name: "DeleteSystemNotificationRule", Group: "SystemNotificationRule", }, - UpdateSystemNotificationRule: { - Name: "UpdateSystemNotificationRule", + UpdateSystemNotificationRule: { + Name: "UpdateSystemNotificationRule", Group: "SystemNotificationRule", }, - MakeDefaultSystemNotificationRules: { - Name: "MakeDefaultSystemNotificationRules", + MakeDefaultSystemNotificationRules: { + Name: "MakeDefaultSystemNotificationRules", Group: "SystemNotificationRule", }, - CreateSystemNotification: { - Name: "CreateSystemNotification", + CreateSystemNotification: { + Name: "CreateSystemNotification", Group: "SystemNotification", }, - GetSystemNotifications: { - Name: "GetSystemNotifications", + GetSystemNotifications: { + Name: "GetSystemNotifications", Group: "SystemNotification", }, - GetSystemNotification: { - Name: "GetSystemNotification", + GetSystemNotification: { + Name: "GetSystemNotification", Group: "SystemNotification", }, - DeleteSystemNotification: { - Name: "DeleteSystemNotification", + DeleteSystemNotification: { + Name: "DeleteSystemNotification", Group: "SystemNotification", }, - UpdateSystemNotification: { - Name: "UpdateSystemNotification", + UpdateSystemNotification: { + Name: "UpdateSystemNotification", Group: "SystemNotification", }, - CreateSystemNotificationAction: { - Name: "CreateSystemNotificationAction", + CreateSystemNotificationAction: { + Name: "CreateSystemNotificationAction", Group: "SystemNotification", }, - GetPolicyNotifications: { - Name: "GetPolicyNotifications", + GetPolicyNotifications: { + Name: "GetPolicyNotifications", Group: "PolicyNotification", }, - GetPolicyNotification: { - Name: "GetPolicyNotification", + GetPolicyNotification: { + Name: "GetPolicyNotification", Group: "PolicyNotification", }, - GetStacks: { - Name: "GetStacks", + GetStacks: { + Name: "GetStacks", Group: "Stack", }, - CreateStack: { - Name: "CreateStack", + CreateStack: { + Name: "CreateStack", Group: "Stack", }, - CheckStackName: { - Name: "CheckStackName", + CheckStackName: { + Name: "CheckStackName", Group: "Stack", }, - GetStack: { - Name: "GetStack", + GetStack: { + Name: "GetStack", Group: "Stack", }, - UpdateStack: { - Name: "UpdateStack", + UpdateStack: { + Name: "UpdateStack", Group: "Stack", }, - DeleteStack: { - Name: "DeleteStack", + DeleteStack: { + Name: "DeleteStack", Group: "Stack", }, - GetStackKubeConfig: { - Name: "GetStackKubeConfig", + GetStackKubeconfig: { + Name: "GetStackKubeconfig", Group: "Stack", }, - GetStackStatus: { - Name: "GetStackStatus", + GetStackStatus: { + Name: "GetStackStatus", Group: "Stack", }, - SetFavoriteStack: { - Name: "SetFavoriteStack", + SetFavoriteStack: { + Name: "SetFavoriteStack", Group: "Stack", }, - DeleteFavoriteStack: { - Name: "DeleteFavoriteStack", + DeleteFavoriteStack: { + Name: "DeleteFavoriteStack", Group: "Stack", }, - InstallStack: { - Name: "InstallStack", + InstallStack: { + Name: "InstallStack", Group: "Stack", }, - CreateProject: { - Name: "CreateProject", + CreateProject: { + Name: "CreateProject", Group: "Project", }, - GetProjectRoles: { - Name: "GetProjectRoles", + GetProjectRoles: { + Name: "GetProjectRoles", Group: "Project", }, - GetProjectRole: { - Name: "GetProjectRole", + GetProjectRole: { + Name: "GetProjectRole", Group: "Project", }, - GetProjects: { - Name: "GetProjects", + GetProjects: { + Name: "GetProjects", Group: "Project", }, - GetProject: { - Name: "GetProject", + GetProject: { + Name: "GetProject", Group: "Project", }, - UpdateProject: { - Name: "UpdateProject", + UpdateProject: { + Name: "UpdateProject", Group: "Project", }, - DeleteProject: { - Name: "DeleteProject", + DeleteProject: { + Name: "DeleteProject", Group: "Project", }, - AddProjectMember: { - Name: "AddProjectMember", + AddProjectMember: { + Name: "AddProjectMember", Group: "Project", }, - GetProjectMember: { - Name: "GetProjectMember", + GetProjectMember: { + Name: "GetProjectMember", Group: "Project", }, - GetProjectMembers: { - Name: "GetProjectMembers", + GetProjectMembers: { + Name: "GetProjectMembers", Group: "Project", }, - RemoveProjectMember: { - Name: "RemoveProjectMember", + RemoveProjectMember: { + Name: "RemoveProjectMember", Group: "Project", }, - UpdateProjectMemberRole: { - Name: "UpdateProjectMemberRole", + UpdateProjectMemberRole: { + Name: "UpdateProjectMemberRole", Group: "Project", }, - CreateProjectNamespace: { - Name: "CreateProjectNamespace", + CreateProjectNamespace: { + Name: "CreateProjectNamespace", Group: "Project", }, - GetProjectNamespaces: { - Name: "GetProjectNamespaces", + GetProjectNamespaces: { + Name: "GetProjectNamespaces", Group: "Project", }, - GetProjectNamespace: { - Name: "GetProjectNamespace", + GetProjectNamespace: { + Name: "GetProjectNamespace", Group: "Project", }, - UpdateProjectNamespace: { - Name: "UpdateProjectNamespace", + UpdateProjectNamespace: { + Name: "UpdateProjectNamespace", Group: "Project", }, - DeleteProjectNamespace: { - Name: "DeleteProjectNamespace", + DeleteProjectNamespace: { + Name: "DeleteProjectNamespace", Group: "Project", }, - SetFavoriteProject: { - Name: "SetFavoriteProject", + SetFavoriteProject: { + Name: "SetFavoriteProject", Group: "Project", }, - SetFavoriteProjectNamespace: { - Name: "SetFavoriteProjectNamespace", + SetFavoriteProjectNamespace: { + Name: "SetFavoriteProjectNamespace", Group: "Project", }, - UnSetFavoriteProject: { - Name: "UnSetFavoriteProject", + UnSetFavoriteProject: { + Name: "UnSetFavoriteProject", Group: "Project", }, - UnSetFavoriteProjectNamespace: { - Name: "UnSetFavoriteProjectNamespace", + UnSetFavoriteProjectNamespace: { + Name: "UnSetFavoriteProjectNamespace", Group: "Project", }, - GetProjectKubeconfig: { - Name: "GetProjectKubeconfig", + GetProjectKubeconfig: { + Name: "GetProjectKubeconfig", Group: "Project", }, - GetProjectNamespaceK8sResources: { - Name: "GetProjectNamespaceK8sResources", + GetProjectNamespaceK8sResources: { + Name: "GetProjectNamespaceK8sResources", Group: "Project", }, - GetProjectNamespaceKubeconfig: { - Name: "GetProjectNamespaceKubeconfig", + GetProjectNamespaceKubeconfig: { + Name: "GetProjectNamespaceKubeconfig", Group: "Project", }, - GetAudits: { - Name: "GetAudits", + GetAudits: { + Name: "GetAudits", Group: "Audit", }, - GetAudit: { - Name: "GetAudit", + GetAudit: { + Name: "GetAudit", Group: "Audit", }, - DeleteAudit: { - Name: "DeleteAudit", + DeleteAudit: { + Name: "DeleteAudit", Group: "Audit", }, - CreateTksRole: { - Name: "CreateTksRole", + CreateTksRole: { + Name: "CreateTksRole", Group: "Role", }, - ListTksRoles: { - Name: "ListTksRoles", + ListTksRoles: { + Name: "ListTksRoles", Group: "Role", }, - GetTksRole: { - Name: "GetTksRole", + GetTksRole: { + Name: "GetTksRole", Group: "Role", }, - DeleteTksRole: { - Name: "DeleteTksRole", + DeleteTksRole: { + Name: "DeleteTksRole", Group: "Role", }, - UpdateTksRole: { - Name: "UpdateTksRole", + UpdateTksRole: { + Name: "UpdateTksRole", Group: "Role", }, - GetPermissionsByRoleId: { - Name: "GetPermissionsByRoleId", + GetPermissionsByRoleId: { + Name: "GetPermissionsByRoleId", Group: "Role", }, - UpdatePermissionsByRoleId: { - Name: "UpdatePermissionsByRoleId", + UpdatePermissionsByRoleId: { + Name: "UpdatePermissionsByRoleId", Group: "Role", }, - IsRoleNameExisted: { - Name: "IsRoleNameExisted", + IsRoleNameExisted: { + Name: "IsRoleNameExisted", Group: "Role", }, - AppendUsersToRole: { - Name: "AppendUsersToRole", + AppendUsersToRole: { + Name: "AppendUsersToRole", Group: "Role", }, - GetUsersInRoleId: { - Name: "GetUsersInRoleId", + GetUsersInRoleId: { + Name: "GetUsersInRoleId", Group: "Role", }, - RemoveUsersFromRole: { - Name: "RemoveUsersFromRole", + RemoveUsersFromRole: { + Name: "RemoveUsersFromRole", Group: "Role", }, - GetPermissionTemplates: { - Name: "GetPermissionTemplates", + GetPermissionTemplates: { + Name: "GetPermissionTemplates", Group: "Permission", }, - Admin_CreateUser: { - Name: "Admin_CreateUser", + Admin_CreateUser: { + Name: "Admin_CreateUser", Group: "Admin_User", }, - Admin_ListUser: { - Name: "Admin_ListUser", + Admin_ListUser: { + Name: "Admin_ListUser", Group: "Admin_User", }, - Admin_GetUser: { - Name: "Admin_GetUser", + Admin_GetUser: { + Name: "Admin_GetUser", Group: "Admin_User", }, - Admin_DeleteUser: { - Name: "Admin_DeleteUser", + Admin_DeleteUser: { + Name: "Admin_DeleteUser", Group: "Admin_User", }, - Admin_UpdateUser: { - Name: "Admin_UpdateUser", + Admin_UpdateUser: { + Name: "Admin_UpdateUser", Group: "Admin_User", }, - Admin_ListTksRoles: { - Name: "Admin_ListTksRoles", + Admin_ListTksRoles: { + Name: "Admin_ListTksRoles", Group: "Admin Role", }, - Admin_GetTksRole: { - Name: "Admin_GetTksRole", + Admin_GetTksRole: { + Name: "Admin_GetTksRole", Group: "Admin Role", }, - Admin_GetProjects: { - Name: "Admin_GetProjects", + Admin_GetProjects: { + Name: "Admin_GetProjects", Group: "Admin Project", }, - Admin_ListPolicyTemplate: { - Name: "Admin_ListPolicyTemplate", + Admin_ListPolicyTemplate: { + Name: "Admin_ListPolicyTemplate", Group: "PolicyTemplate", }, - Admin_CreatePolicyTemplate: { - Name: "Admin_CreatePolicyTemplate", + Admin_CreatePolicyTemplate: { + Name: "Admin_CreatePolicyTemplate", Group: "PolicyTemplate", }, - Admin_DeletePolicyTemplate: { - Name: "Admin_DeletePolicyTemplate", + Admin_DeletePolicyTemplate: { + Name: "Admin_DeletePolicyTemplate", Group: "PolicyTemplate", }, - Admin_GetPolicyTemplate: { - Name: "Admin_GetPolicyTemplate", + Admin_GetPolicyTemplate: { + Name: "Admin_GetPolicyTemplate", Group: "PolicyTemplate", }, - Admin_UpdatePolicyTemplate: { - Name: "Admin_UpdatePolicyTemplate", + Admin_UpdatePolicyTemplate: { + Name: "Admin_UpdatePolicyTemplate", Group: "PolicyTemplate", }, - Admin_GetPolicyTemplateDeploy: { - Name: "Admin_GetPolicyTemplateDeploy", + Admin_GetPolicyTemplateDeploy: { + Name: "Admin_GetPolicyTemplateDeploy", Group: "PolicyTemplate", }, - Admin_ListPolicyTemplateStatistics: { - Name: "Admin_ListPolicyTemplateStatistics", + Admin_ListPolicyTemplateStatistics: { + Name: "Admin_ListPolicyTemplateStatistics", Group: "PolicyTemplate", }, - Admin_ListPolicyTemplateVersions: { - Name: "Admin_ListPolicyTemplateVersions", + Admin_ListPolicyTemplateVersions: { + Name: "Admin_ListPolicyTemplateVersions", Group: "PolicyTemplate", }, - Admin_CreatePolicyTemplateVersion: { - Name: "Admin_CreatePolicyTemplateVersion", + Admin_CreatePolicyTemplateVersion: { + Name: "Admin_CreatePolicyTemplateVersion", Group: "PolicyTemplate", }, - Admin_DeletePolicyTemplateVersion: { - Name: "Admin_DeletePolicyTemplateVersion", + Admin_DeletePolicyTemplateVersion: { + Name: "Admin_DeletePolicyTemplateVersion", Group: "PolicyTemplate", }, - Admin_GetPolicyTemplateVersion: { - Name: "Admin_GetPolicyTemplateVersion", + Admin_GetPolicyTemplateVersion: { + Name: "Admin_GetPolicyTemplateVersion", Group: "PolicyTemplate", }, - Admin_ExistsPolicyTemplateKind: { - Name: "Admin_ExistsPolicyTemplateKind", + Admin_ExistsPolicyTemplateKind: { + Name: "Admin_ExistsPolicyTemplateKind", Group: "PolicyTemplate", }, - Admin_ExistsPolicyTemplateName: { - Name: "Admin_ExistsPolicyTemplateName", + Admin_ExistsPolicyTemplateName: { + Name: "Admin_ExistsPolicyTemplateName", Group: "PolicyTemplate", }, - Admin_ExtractParameters: { - Name: "Admin_ExtractParameters", + Admin_ExtractParameters: { + Name: "Admin_ExtractParameters", Group: "PolicyTemplate", }, - Admin_AddPermittedPolicyTemplatesForOrganization: { - Name: "Admin_AddPermittedPolicyTemplatesForOrganization", + Admin_AddPermittedPolicyTemplatesForOrganization: { + Name: "Admin_AddPermittedPolicyTemplatesForOrganization", Group: "PolicyTemplate", }, - Admin_DeletePermittedPolicyTemplatesForOrganization: { - Name: "Admin_DeletePermittedPolicyTemplatesForOrganization", + Admin_DeletePermittedPolicyTemplatesForOrganization: { + Name: "Admin_DeletePermittedPolicyTemplatesForOrganization", Group: "PolicyTemplate", }, - ListStackPolicyStatus: { - Name: "ListStackPolicyStatus", + ListStackPolicyStatus: { + Name: "ListStackPolicyStatus", Group: "StackPolicyStatus", }, - GetStackPolicyTemplateStatus: { - Name: "GetStackPolicyTemplateStatus", + GetStackPolicyTemplateStatus: { + Name: "GetStackPolicyTemplateStatus", Group: "StackPolicyStatus", }, - UpdateStackPolicyTemplateStatus: { - Name: "UpdateStackPolicyTemplateStatus", + UpdateStackPolicyTemplateStatus: { + Name: "UpdateStackPolicyTemplateStatus", Group: "StackPolicyStatus", }, - GetMandatoryPolicies: { - Name: "GetMandatoryPolicies", + GetMandatoryPolicies: { + Name: "GetMandatoryPolicies", Group: "Policy", }, - SetMandatoryPolicies: { - Name: "SetMandatoryPolicies", + SetMandatoryPolicies: { + Name: "SetMandatoryPolicies", Group: "Policy", }, - GetPolicyStatistics: { - Name: "GetPolicyStatistics", + GetPolicyStatistics: { + Name: "GetPolicyStatistics", Group: "Policy", }, - ListPolicy: { - Name: "ListPolicy", + ListPolicy: { + Name: "ListPolicy", Group: "Policy", }, - CreatePolicy: { - Name: "CreatePolicy", + CreatePolicy: { + Name: "CreatePolicy", Group: "Policy", }, - DeletePolicy: { - Name: "DeletePolicy", + DeletePolicy: { + Name: "DeletePolicy", Group: "Policy", }, - GetPolicy: { - Name: "GetPolicy", + GetPolicy: { + Name: "GetPolicy", Group: "Policy", }, - UpdatePolicy: { - Name: "UpdatePolicy", + UpdatePolicy: { + Name: "UpdatePolicy", Group: "Policy", }, - UpdatePolicyTargetClusters: { - Name: "UpdatePolicyTargetClusters", + UpdatePolicyTargetClusters: { + Name: "UpdatePolicyTargetClusters", Group: "Policy", }, - ExistsPolicyName: { - Name: "ExistsPolicyName", + ExistsPolicyName: { + Name: "ExistsPolicyName", Group: "Policy", }, - ExistsPolicyResourceName: { - Name: "ExistsPolicyResourceName", + ExistsPolicyResourceName: { + Name: "ExistsPolicyResourceName", Group: "Policy", }, - GetPolicyEdit: { - Name: "GetPolicyEdit", + GetPolicyEdit: { + Name: "GetPolicyEdit", Group: "Policy", }, - AddPoliciesForStack: { - Name: "AddPoliciesForStack", + AddPoliciesForStack: { + Name: "AddPoliciesForStack", Group: "Policy", }, - DeletePoliciesForStack: { - Name: "DeletePoliciesForStack", + DeletePoliciesForStack: { + Name: "DeletePoliciesForStack", Group: "Policy", }, - StackPolicyStatistics: { - Name: "StackPolicyStatistics", + StackPolicyStatistics: { + Name: "StackPolicyStatistics", Group: "Policy", }, - ListPolicyTemplate: { - Name: "ListPolicyTemplate", + ListPolicyTemplate: { + Name: "ListPolicyTemplate", Group: "OrganizationPolicyTemplate", }, - CreatePolicyTemplate: { - Name: "CreatePolicyTemplate", + CreatePolicyTemplate: { + Name: "CreatePolicyTemplate", Group: "OrganizationPolicyTemplate", }, - DeletePolicyTemplate: { - Name: "DeletePolicyTemplate", + DeletePolicyTemplate: { + Name: "DeletePolicyTemplate", Group: "OrganizationPolicyTemplate", }, - GetPolicyTemplate: { - Name: "GetPolicyTemplate", + GetPolicyTemplate: { + Name: "GetPolicyTemplate", Group: "OrganizationPolicyTemplate", }, - UpdatePolicyTemplate: { - Name: "UpdatePolicyTemplate", + UpdatePolicyTemplate: { + Name: "UpdatePolicyTemplate", Group: "OrganizationPolicyTemplate", }, - GetPolicyTemplateDeploy: { - Name: "GetPolicyTemplateDeploy", + GetPolicyTemplateDeploy: { + Name: "GetPolicyTemplateDeploy", Group: "OrganizationPolicyTemplate", }, - ListPolicyTemplateStatistics: { - Name: "ListPolicyTemplateStatistics", + ListPolicyTemplateStatistics: { + Name: "ListPolicyTemplateStatistics", Group: "OrganizationPolicyTemplate", }, - ListPolicyTemplateVersions: { - Name: "ListPolicyTemplateVersions", + ListPolicyTemplateVersions: { + Name: "ListPolicyTemplateVersions", Group: "OrganizationPolicyTemplate", }, - CreatePolicyTemplateVersion: { - Name: "CreatePolicyTemplateVersion", + CreatePolicyTemplateVersion: { + Name: "CreatePolicyTemplateVersion", Group: "OrganizationPolicyTemplate", }, - DeletePolicyTemplateVersion: { - Name: "DeletePolicyTemplateVersion", + DeletePolicyTemplateVersion: { + Name: "DeletePolicyTemplateVersion", Group: "OrganizationPolicyTemplate", }, - GetPolicyTemplateVersion: { - Name: "GetPolicyTemplateVersion", + GetPolicyTemplateVersion: { + Name: "GetPolicyTemplateVersion", Group: "OrganizationPolicyTemplate", }, - ExistsPolicyTemplateKind: { - Name: "ExistsPolicyTemplateKind", + ExistsPolicyTemplateKind: { + Name: "ExistsPolicyTemplateKind", Group: "OrganizationPolicyTemplate", }, - ExistsPolicyTemplateName: { - Name: "ExistsPolicyTemplateName", + ExistsPolicyTemplateName: { + Name: "ExistsPolicyTemplateName", Group: "OrganizationPolicyTemplate", }, - ExtractParameters: { - Name: "ExtractParameters", + ExtractParameters: { + Name: "ExtractParameters", Group: "OrganizationPolicyTemplate", }, - ListPolicyTemplateExample: { - Name: "ListPolicyTemplateExample", + ListPolicyTemplateExample: { + Name: "ListPolicyTemplateExample", Group: "PolicyTemplateExample", }, - GetPolicyTemplateExample: { - Name: "GetPolicyTemplateExample", + GetPolicyTemplateExample: { + Name: "GetPolicyTemplateExample", Group: "PolicyTemplateExample", }, - UpdatePolicyTemplateExample: { - Name: "UpdatePolicyTemplateExample", + UpdatePolicyTemplateExample: { + Name: "UpdatePolicyTemplateExample", Group: "PolicyTemplateExample", }, - DeletePolicyTemplateExample: { - Name: "DeletePolicyTemplateExample", + DeletePolicyTemplateExample: { + Name: "DeletePolicyTemplateExample", Group: "PolicyTemplateExample", }, - CompileRego: { - Name: "CompileRego", + CompileRego: { + Name: "CompileRego", Group: "Utility", }, } + func (e Endpoint) String() string { switch e { case Login: @@ -1194,8 +1195,8 @@ func (e Endpoint) String() string { return "UpdateStack" case DeleteStack: return "DeleteStack" - case GetStackKubeConfig: - return "GetStackKubeConfig" + case GetStackKubeconfig: + return "GetStackKubeconfig" case GetStackStatus: return "GetStackStatus" case SetFavoriteStack: @@ -1666,8 +1667,8 @@ func GetEndpoint(name string) Endpoint { return UpdateStack case "DeleteStack": return DeleteStack - case "GetStackKubeConfig": - return GetStackKubeConfig + case "GetStackKubeconfig": + return GetStackKubeconfig case "GetStackStatus": return GetStackStatus case "SetFavoriteStack": diff --git a/internal/delivery/http/cluster.go b/internal/delivery/http/cluster.go index bd49b31b..3043ce02 100644 --- a/internal/delivery/http/cluster.go +++ b/internal/delivery/http/cluster.go @@ -605,8 +605,8 @@ func (h *ClusterHandler) GetClusterApplicationsKubeInfo(w http.ResponseWriter, r */ } -func (h *ClusterHandler) GetClusterKubeConfig(w http.ResponseWriter, r *http.Request) { - // GetClusterKubeConfig godoc +func (h *ClusterHandler) GetClusterKubeconfig(w http.ResponseWriter, r *http.Request) { + // GetClusterKubeconfig godoc // @Tags Clusters // @Summary Get kubernetes kubeconfig // @Description Get kubernetes kubeconfig for cluster @@ -626,7 +626,7 @@ func (h *ClusterHandler) GetClusterKubeConfig(w http.ResponseWriter, r *http.Req organizationId := r.Header.Get("OrganizationId") - kubeconfig, err := helper.GetKubeConfig(clusterId) + kubeconfig, err := helper.GetKubeconfig(clusterId) if err != nil { ErrorJSON(w, r, "failed to get admin cluster", http.StatusBadRequest) return diff --git a/internal/delivery/http/project.go b/internal/delivery/http/project.go index 0e5df939..5389c2a1 100644 --- a/internal/delivery/http/project.go +++ b/internal/delivery/http/project.go @@ -1708,7 +1708,7 @@ func (p ProjectHandler) UnSetFavoriteProjectNamespace(w http.ResponseWriter, r * // @Param organizationId path string true "Organization ID" // @Param projectId path string true "Project ID" // @Success 200 {object} domain.GetProjectKubeconfigResponse -// @Router /organizations/{organizationId}/projects/{projectId}/kube-config [get] +// @Router /organizations/{organizationId}/projects/{projectId}/kubeconfig [get] // @Security JWT func (p ProjectHandler) GetProjectKubeconfig(w http.ResponseWriter, r *http.Request) { vars := mux.Vars(r) @@ -1863,8 +1863,8 @@ func (p ProjectHandler) GetProjectNamespaceResourcesUsage(w http.ResponseWriter, // @Param projectId path string true "Project ID" // @Param stackId path string true "Stack ID" // @Param projectNamespace path string true "Project Namespace" -// @Success 200 {object} domain.GetProjectNamespaceKubeConfigResponse -// @Router /organizations/{organizationId}/projects/{projectId}/namespaces/{projectNamespace}/stacks/{stackId}/kube-config [get] +// @Success 200 {object} domain.GetProjectNamespaceKubeconfigResponse +// @Router /organizations/{organizationId}/projects/{projectId}/namespaces/{projectNamespace}/stacks/{stackId}/kubeconfig [get] // @Security JWT func (p ProjectHandler) GetProjectNamespaceKubeconfig(w http.ResponseWriter, r *http.Request) { vars := mux.Vars(r) @@ -1898,8 +1898,8 @@ func (p ProjectHandler) GetProjectNamespaceKubeconfig(w http.ResponseWriter, r * return } - out := domain.GetProjectNamespaceKubeConfigResponse{ - KubeConfig: kubeconfig, + out := domain.GetProjectNamespaceKubeconfigResponse{ + Kubeconfig: kubeconfig, } ResponseJSON(w, r, http.StatusOK, out) diff --git a/internal/delivery/http/stack.go b/internal/delivery/http/stack.go index 3a3c5423..2afe1705 100644 --- a/internal/delivery/http/stack.go +++ b/internal/delivery/http/stack.go @@ -398,19 +398,19 @@ func (h *StackHandler) CheckStackName(w http.ResponseWriter, r *http.Request) { ResponseJSON(w, r, http.StatusOK, out) } -// GetStackKubeConfig godoc +// GetStackKubeconfig godoc // // @Tags Stacks -// @Summary Get KubeConfig by stack -// @Description Get KubeConfig by stack +// @Summary Get Kubeconfig by stack +// @Description Get Kubeconfig by stack // @Accept json // @Produce json // @Param organizationId path string true "organizationId" // @Param stackId path string true "organizationId" -// @Success 200 {object} domain.GetStackKubeConfigResponse +// @Success 200 {object} domain.GetStackKubeconfigResponse // @Router /organizations/{organizationId}/stacks/{stackId}/kube-config [get] // @Security JWT -func (h *StackHandler) GetStackKubeConfig(w http.ResponseWriter, r *http.Request) { +func (h *StackHandler) GetStackKubeconfig(w http.ResponseWriter, r *http.Request) { vars := mux.Vars(r) _, ok := vars["organizationId"] if !ok { @@ -429,14 +429,14 @@ func (h *StackHandler) GetStackKubeConfig(w http.ResponseWriter, r *http.Request return } - kubeConfig, err := h.usecase.GetKubeConfig(r.Context(), domain.StackId(strId)) + kubeconfig, err := h.usecase.GetKubeconfig(r.Context(), domain.StackId(strId)) if err != nil { ErrorJSON(w, r, err) return } - var out = domain.GetStackKubeConfigResponse{ - KubeConfig: kubeConfig, + var out = domain.GetStackKubeconfigResponse{ + Kubeconfig: kubeconfig, } ResponseJSON(w, r, http.StatusOK, out) diff --git a/internal/middleware/auth/role/default.go b/internal/middleware/auth/role/default.go index 70f1f256..f83306c7 100644 --- a/internal/middleware/auth/role/default.go +++ b/internal/middleware/auth/role/default.go @@ -122,7 +122,7 @@ var defaultPermissionOfAdmin = defaultPermission{ internalApi.GetStack, internalApi.UpdateStack, internalApi.DeleteStack, - internalApi.GetStackKubeConfig, + internalApi.GetStackKubeconfig, internalApi.GetStackStatus, internalApi.SetFavoriteStack, internalApi.DeleteFavoriteStack, @@ -230,7 +230,7 @@ var defaultPermissionOfUser = defaultPermission{ // Stack internalApi.GetStacks, internalApi.GetStack, - internalApi.GetStackKubeConfig, + internalApi.GetStackKubeconfig, internalApi.GetStackStatus, internalApi.SetFavoriteStack, internalApi.DeleteFavoriteStack, diff --git a/internal/model/permission.go b/internal/model/permission.go index be5e3abe..50a15c7c 100644 --- a/internal/model/permission.go +++ b/internal/model/permission.go @@ -197,7 +197,7 @@ func newStack() *Permission { api.GetStack, api.CheckStackName, api.GetStackStatus, - api.GetStackKubeConfig, + api.GetStackKubeconfig, api.SetFavoriteStack, api.DeleteFavoriteStack, diff --git a/internal/route/route.go b/internal/route/route.go index cc7502a3..06acc7ba 100644 --- a/internal/route/route.go +++ b/internal/route/route.go @@ -259,7 +259,7 @@ func SetupRouter(db *gorm.DB, argoClient argowf.ArgoClient, kc keycloak.IKeycloa r.Handle(API_PREFIX+API_VERSION+"/organizations/{organizationId}/stacks/{stackId}", customMiddleware.Handle(internalApi.GetStack, http.HandlerFunc(stackHandler.GetStack))).Methods(http.MethodGet) r.Handle(API_PREFIX+API_VERSION+"/organizations/{organizationId}/stacks/{stackId}", customMiddleware.Handle(internalApi.UpdateStack, http.HandlerFunc(stackHandler.UpdateStack))).Methods(http.MethodPut) r.Handle(API_PREFIX+API_VERSION+"/organizations/{organizationId}/stacks/{stackId}", customMiddleware.Handle(internalApi.DeleteStack, http.HandlerFunc(stackHandler.DeleteStack))).Methods(http.MethodDelete) - r.Handle(API_PREFIX+API_VERSION+"/organizations/{organizationId}/stacks/{stackId}/kube-config", customMiddleware.Handle(internalApi.GetStackKubeConfig, http.HandlerFunc(stackHandler.GetStackKubeConfig))).Methods(http.MethodGet) + r.Handle(API_PREFIX+API_VERSION+"/organizations/{organizationId}/stacks/{stackId}/kubeconfig", customMiddleware.Handle(internalApi.GetStackKubeconfig, http.HandlerFunc(stackHandler.GetStackKubeconfig))).Methods(http.MethodGet) r.Handle(API_PREFIX+API_VERSION+"/organizations/{organizationId}/stacks/{stackId}/status", customMiddleware.Handle(internalApi.GetStackStatus, http.HandlerFunc(stackHandler.GetStackStatus))).Methods(http.MethodGet) r.Handle(API_PREFIX+API_VERSION+"/organizations/{organizationId}/stacks/{stackId}/favorite", customMiddleware.Handle(internalApi.SetFavoriteStack, http.HandlerFunc(stackHandler.SetFavorite))).Methods(http.MethodPost) r.Handle(API_PREFIX+API_VERSION+"/organizations/{organizationId}/stacks/{stackId}/favorite", customMiddleware.Handle(internalApi.DeleteFavoriteStack, http.HandlerFunc(stackHandler.DeleteFavorite))).Methods(http.MethodDelete) @@ -290,8 +290,8 @@ func SetupRouter(db *gorm.DB, argoClient argowf.ArgoClient, kc keycloak.IKeycloa r.Handle(API_PREFIX+API_VERSION+"/organizations/{organizationId}/projects/{projectId}/namespaces/{projectNamespace}/stacks/{stackId}", customMiddleware.Handle(internalApi.GetProjectNamespace, http.HandlerFunc(projectHandler.GetProjectNamespace))).Methods(http.MethodGet) r.Handle(API_PREFIX+API_VERSION+"/organizations/{organizationId}/projects/{projectId}/namespaces/{projectNamespace}/stacks/{stackId}", customMiddleware.Handle(internalApi.UpdateProjectNamespace, http.HandlerFunc(projectHandler.UpdateProjectNamespace))).Methods(http.MethodPut) r.Handle(API_PREFIX+API_VERSION+"/organizations/{organizationId}/projects/{projectId}/namespaces/{projectNamespace}/stacks/{stackId}", customMiddleware.Handle(internalApi.DeleteProjectNamespace, http.HandlerFunc(projectHandler.DeleteProjectNamespace))).Methods(http.MethodDelete) - r.Handle(API_PREFIX+API_VERSION+"/organizations/{organizationId}/projects/{projectId}/namespaces/{projectNamespace}/stacks/{stackId}/kube-config", customMiddleware.Handle(internalApi.GetProjectNamespaceKubeconfig, http.HandlerFunc(projectHandler.GetProjectNamespaceKubeconfig))).Methods(http.MethodGet) - r.Handle(API_PREFIX+API_VERSION+"/organizations/{organizationId}/projects/{projectId}/kube-config", customMiddleware.Handle(internalApi.GetProjectKubeconfig, http.HandlerFunc(projectHandler.GetProjectKubeconfig))).Methods(http.MethodGet) + r.Handle(API_PREFIX+API_VERSION+"/organizations/{organizationId}/projects/{projectId}/namespaces/{projectNamespace}/stacks/{stackId}/kubeconfig", customMiddleware.Handle(internalApi.GetProjectNamespaceKubeconfig, http.HandlerFunc(projectHandler.GetProjectNamespaceKubeconfig))).Methods(http.MethodGet) + r.Handle(API_PREFIX+API_VERSION+"/organizations/{organizationId}/projects/{projectId}/kubeconfig", customMiddleware.Handle(internalApi.GetProjectKubeconfig, http.HandlerFunc(projectHandler.GetProjectKubeconfig))).Methods(http.MethodGet) auditHandler := delivery.NewAuditHandler(usecaseFactory) r.Handle(API_PREFIX+API_VERSION+"/admin/audits", customMiddleware.Handle(internalApi.GetAudits, http.HandlerFunc(auditHandler.GetAudits))).Methods(http.MethodGet) diff --git a/internal/usecase/project.go b/internal/usecase/project.go index 2ad792a4..065d196d 100644 --- a/internal/usecase/project.go +++ b/internal/usecase/project.go @@ -590,7 +590,7 @@ func (u *ProjectUsecase) MayRemoveRequiredSetupForCluster(ctx context.Context, o return nil } func (u *ProjectUsecase) createK8SInitialResource(ctx context.Context, organizationId string, projectId string, stackId string) error { - kubeconfig, err := kubernetes.GetKubeConfig(ctx, stackId, kubernetes.KubeconfigForAdmin) + kubeconfig, err := kubernetes.GetKubeconfig(ctx, stackId, kubernetes.KubeconfigForAdmin) if err != nil { return errors.Wrap(err, "Failed to get kubeconfig.") } @@ -613,7 +613,7 @@ func (u *ProjectUsecase) createK8SInitialResource(ctx context.Context, organizat return nil } func (u *ProjectUsecase) deleteK8SInitialResource(ctx context.Context, organizationId string, projectId string, stackId string) error { - kubeconfig, err := kubernetes.GetKubeConfig(ctx, stackId, kubernetes.KubeconfigForAdmin) + kubeconfig, err := kubernetes.GetKubeconfig(ctx, stackId, kubernetes.KubeconfigForAdmin) if err != nil { log.Error(ctx, err) return errors.Wrap(err, "Failed to get kubeconfig.") @@ -665,7 +665,7 @@ func (u *ProjectUsecase) deleteKeycloakClientRoles(ctx context.Context, organiza return nil } func (u *ProjectUsecase) CreateK8SNSRoleBinding(ctx context.Context, organizationId string, projectId string, stackId string, namespace string) error { - kubeconfig, err := kubernetes.GetKubeConfig(ctx, stackId, kubernetes.KubeconfigForAdmin) + kubeconfig, err := kubernetes.GetKubeconfig(ctx, stackId, kubernetes.KubeconfigForAdmin) if err != nil { log.Error(ctx, err) return errors.Wrap(err, "Failed to get kubeconfig.") @@ -731,13 +731,13 @@ func (u *ProjectUsecase) unassignKeycloakClientRoleToMember(ctx context.Context, } func (u *ProjectUsecase) GetProjectNamespaceKubeconfig(ctx context.Context, organizationId string, projectId string, namespace string, stackId domain.StackId) (string, error) { - kubeconfig, err := kubernetes.GetKubeConfig(ctx, stackId.String(), kubernetes.KubeconfigForUser) + kubeconfig, err := kubernetes.GetKubeconfig(ctx, stackId.String(), kubernetes.KubeconfigForUser) if err != nil { log.Error(ctx, err) return "", errors.Wrap(err, "Failed to get kubeconfig.") } - type kubeConfigType struct { + type kubeconfigType struct { APIVersion string `yaml:"apiVersion"` Kind string `yaml:"kind"` Clusters []struct { @@ -759,7 +759,7 @@ func (u *ProjectUsecase) GetProjectNamespaceKubeconfig(ctx context.Context, orga Users []interface{} `yaml:"users,omitempty"` } - var config kubeConfigType + var config kubeconfigType err = yaml.Unmarshal(kubeconfig, &config) if err != nil { log.Error(ctx, err) @@ -784,7 +784,7 @@ func (u *ProjectUsecase) GetProjectKubeconfig(ctx context.Context, organizationI return "", errors.Wrap(err, "Failed to retrieve project namespaces.") } - type kubeConfigType struct { + type kubeconfigType struct { APIVersion string `yaml:"apiVersion"` Kind string `yaml:"kind"` Clusters []struct { @@ -808,13 +808,13 @@ func (u *ProjectUsecase) GetProjectKubeconfig(ctx context.Context, organizationI kubeconfigs := make([]string, 0) for _, pn := range projectNamespaces { - kubeconfig, err := kubernetes.GetKubeConfig(ctx, pn.StackId, kubernetes.KubeconfigForUser) + kubeconfig, err := kubernetes.GetKubeconfig(ctx, pn.StackId, kubernetes.KubeconfigForUser) if err != nil { log.Error(ctx, err) return "", errors.Wrap(err, "Failed to retrieve kubeconfig.") } - var config kubeConfigType + var config kubeconfigType err = yaml.Unmarshal(kubeconfig, &config) if err != nil { log.Error(ctx, err) @@ -949,7 +949,7 @@ func (u *ProjectUsecase) GetResourcesUsage(ctx context.Context, thanosClient tha } func (u *ProjectUsecase) EnsureNamespaceForCluster(ctx context.Context, organizationId string, stackId string, namespaceName string) error { - kubeconfig, err := kubernetes.GetKubeConfig(ctx, stackId, kubernetes.KubeconfigForAdmin) + kubeconfig, err := kubernetes.GetKubeconfig(ctx, stackId, kubernetes.KubeconfigForAdmin) if err != nil { log.Error(ctx, err) return errors.Wrap(err, "Failed to get kubeconfig.") diff --git a/internal/usecase/stack.go b/internal/usecase/stack.go index 7279be2c..ff7299a0 100644 --- a/internal/usecase/stack.go +++ b/internal/usecase/stack.go @@ -34,7 +34,7 @@ type IStackUsecase interface { Install(ctx context.Context, stackId domain.StackId) (err error) Update(ctx context.Context, dto model.Stack) error Delete(ctx context.Context, dto model.Stack) error - GetKubeConfig(ctx context.Context, stackId domain.StackId) (kubeConfig string, err error) + GetKubeconfig(ctx context.Context, stackId domain.StackId) (kubeconfig string, err error) GetStepStatus(ctx context.Context, stackId domain.StackId) (out []domain.StackStepStatus, stackStatus string, err error) SetFavorite(ctx context.Context, stackId domain.StackId) error DeleteFavorite(ctx context.Context, stackId domain.StackId) error @@ -577,14 +577,13 @@ func (u *StackUsecase) Delete(ctx context.Context, dto model.Stack) (err error) return nil } -func (u *StackUsecase) GetKubeConfig(ctx context.Context, stackId domain.StackId) (kubeConfig string, err error) { - kubeconfig, err := kubernetes.GetKubeConfig(ctx, stackId.String(), kubernetes.KubeconfigForUser) - //kubeconfig, err := kubernetes.GetKubeConfig("cmsai5k5l") +func (u *StackUsecase) GetKubeconfig(ctx context.Context, stackId domain.StackId) (kubeconfig string, err error) { + kubeconfigArr, err := kubernetes.GetKubeconfig(ctx, stackId.String(), kubernetes.KubeconfigForUser) if err != nil { return "", err } - return string(kubeconfig[:]), nil + return string(kubeconfigArr[:]), nil } // [TODO] need more pretty... diff --git a/pkg/domain/project.go b/pkg/domain/project.go index 39f7288c..e26e1528 100644 --- a/pkg/domain/project.go +++ b/pkg/domain/project.go @@ -198,6 +198,6 @@ type GetProjectNamespaceResourcesUsageResponse struct { ResourcesUsage ProjectNamespaceResourcesUsage `json:"resourcesUsage"` } -type GetProjectNamespaceKubeConfigResponse struct { - KubeConfig string `json:"kubeconfig"` +type GetProjectNamespaceKubeconfigResponse struct { + Kubeconfig string `json:"kubeconfig"` } diff --git a/pkg/domain/stack.go b/pkg/domain/stack.go index 8cbbfec6..343b2731 100644 --- a/pkg/domain/stack.go +++ b/pkg/domain/stack.go @@ -168,8 +168,8 @@ type CheckStackNameResponse struct { Existed bool `json:"existed"` } -type GetStackKubeConfigResponse struct { - KubeConfig string `json:"kubeconfig"` +type GetStackKubeconfigResponse struct { + Kubeconfig string `json:"kubeconfig"` } type GetStackStatusResponse struct { diff --git a/pkg/kubernetes/kubernetes.go b/pkg/kubernetes/kubernetes.go index 34cc90fc..834f4a92 100644 --- a/pkg/kubernetes/kubernetes.go +++ b/pkg/kubernetes/kubernetes.go @@ -25,11 +25,11 @@ import ( "github.com/openinfradev/tks-api/pkg/log" ) -type KubeConfigType string +type KubeconfigType string const ( - KubeconfigForAdmin KubeConfigType = "admin" - KubeconfigForUser KubeConfigType = "user" + KubeconfigForAdmin KubeconfigType = "admin" + KubeconfigForUser KubeconfigType = "user" ) func getAdminConfig(ctx context.Context) (*rest.Config, error) { @@ -123,7 +123,7 @@ func GetAwsAccountIdSecret(ctx context.Context) (awsAccountId string, err error) return } -func GetKubeConfig(ctx context.Context, clusterId string, configType KubeConfigType) ([]byte, error) { +func GetKubeconfig(ctx context.Context, clusterId string, configType KubeconfigType) ([]byte, error) { clientset, err := GetClientAdminCluster(ctx) if err != nil { return nil, err @@ -624,7 +624,7 @@ func generateClusterRoleToRoleBinding(groupName, objName, roleName, namespace st } func MergeKubeconfigsWithSingleUser(kubeconfigs []string) (string, error) { - type kubeConfigType struct { + type kubeconfigType struct { APIVersion string `yaml:"apiVersion"` Kind string `yaml:"kind"` Clusters []struct { @@ -652,8 +652,8 @@ func MergeKubeconfigsWithSingleUser(kubeconfigs []string) (string, error) { encoder.SetIndent(2) - var config kubeConfigType - var combindConfig kubeConfigType + var config kubeconfigType + var combindConfig kubeconfigType for _, kc := range kubeconfigs { err := yaml.Unmarshal([]byte(kc), &config) if err != nil { diff --git a/pkg/kubernetes/kubernetes_test.go b/pkg/kubernetes/kubernetes_test.go index 647d57a1..d8574922 100644 --- a/pkg/kubernetes/kubernetes_test.go +++ b/pkg/kubernetes/kubernetes_test.go @@ -128,7 +128,7 @@ func TestRemoveRoleBinding(t *testing.T) { } func TestMergeKubeconfigsWithSingleUser(t *testing.T) { - type kubeConfigType struct { + type kubeconfigType struct { APIVersion string `yaml:"apiVersion"` Kind string `yaml:"kind"` Clusters []struct { @@ -150,7 +150,7 @@ func TestMergeKubeconfigsWithSingleUser(t *testing.T) { Users []interface{} `yaml:"users,omitempty"` } - inputObjs := []kubeConfigType{ + inputObjs := []kubeconfigType{ { APIVersion: "v1", Kind: "Config", @@ -280,7 +280,7 @@ func TestMergeKubeconfigsWithSingleUser(t *testing.T) { }, } - expected := kubeConfigType{ + expected := kubeconfigType{ APIVersion: "v1", Kind: "Config", Clusters: []struct { @@ -381,7 +381,7 @@ func TestMergeKubeconfigsWithSingleUser(t *testing.T) { t.Error(err) } - var result kubeConfigType + var result kubeconfigType if err := yaml.Unmarshal([]byte(r), &result); err != nil { t.Error(err) } From b3a5a733c180fe972f0f78ed90226eb983bd840f Mon Sep 17 00:00:00 2001 From: donggyu Date: Thu, 23 May 2024 10:28:03 +0900 Subject: [PATCH 10/14] trivial. --- combind-kubeconfig | 4 ---- 1 file changed, 4 deletions(-) delete mode 100644 combind-kubeconfig diff --git a/combind-kubeconfig b/combind-kubeconfig deleted file mode 100644 index 350db35b..00000000 --- a/combind-kubeconfig +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: "" -kind: "" -clusters: [] -contexts: [] From a42ed8ee4810510f2caa4c0cf0c7cb0595341df2 Mon Sep 17 00:00:00 2001 From: "taekyu.kang" Date: Thu, 23 May 2024 14:50:56 +0900 Subject: [PATCH 11/14] trivial. add debug log --- internal/usecase/dashboard.go | 2 ++ pkg/thanos-client/client.go | 1 + 2 files changed, 3 insertions(+) diff --git a/internal/usecase/dashboard.go b/internal/usecase/dashboard.go index a47f3fae..504afe6f 100644 --- a/internal/usecase/dashboard.go +++ b/internal/usecase/dashboard.go @@ -832,6 +832,8 @@ func (u *DashboardUsecase) GetPolicyViolation(ctx context.Context, organizationI return nil, err } + log.Info(ctx, helper.ModelToJson(pm)) + // totalViolation: {"K8sRequiredLabels": {"violation_enforcement": 2}} totalViolation := make(map[string]map[string]int) diff --git a/pkg/thanos-client/client.go b/pkg/thanos-client/client.go index 4dcf93e5..ab017bbd 100644 --- a/pkg/thanos-client/client.go +++ b/pkg/thanos-client/client.go @@ -189,6 +189,7 @@ func (c *ThanosClientImpl) fetchRange(ctx context.Context, query string, start i query = url.QueryEscape(query) + rangeParam requestUrl := c.url + "/api/v1/query_range?query=" + query + log.Info(ctx, requestUrl) res, err := c.client.Get(requestUrl) if err != nil { return nil, err From d2c825cdfd2a2a4b2cc0918f7111dd818058f9b6 Mon Sep 17 00:00:00 2001 From: "taekyu.kang" Date: Thu, 23 May 2024 16:01:47 +0900 Subject: [PATCH 12/14] feature. fix bug - policy violation --- api/swagger/docs.go | 4 ++-- api/swagger/swagger.json | 6 +++--- api/swagger/swagger.yaml | 4 ++-- internal/usecase/dashboard.go | 13 ++++++++----- pkg/thanos-client/client.go | 2 +- 5 files changed, 16 insertions(+), 13 deletions(-) diff --git a/api/swagger/docs.go b/api/swagger/docs.go index ccc20eb1..49a03108 100644 --- a/api/swagger/docs.go +++ b/api/swagger/docs.go @@ -6622,7 +6622,7 @@ const docTemplate = `{ } } }, - "/organizations/{organizationId}/projects/{projectId}/kube-config": { + "/organizations/{organizationId}/projects/{projectId}/kubeconfig": { "get": { "security": [ { @@ -7463,7 +7463,7 @@ const docTemplate = `{ } } }, - "/organizations/{organizationId}/projects/{projectId}/namespaces/{projectNamespace}/stacks/{stackId}/kube-config": { + "/organizations/{organizationId}/projects/{projectId}/namespaces/{projectNamespace}/stacks/{stackId}/kubeconfig": { "get": { "security": [ { diff --git a/api/swagger/swagger.json b/api/swagger/swagger.json index 40c9d30a..6e5684c6 100644 --- a/api/swagger/swagger.json +++ b/api/swagger/swagger.json @@ -6616,7 +6616,7 @@ } } }, - "/organizations/{organizationId}/projects/{projectId}/kube-config": { + "/organizations/{organizationId}/projects/{projectId}/kubeconfig": { "get": { "security": [ { @@ -7457,7 +7457,7 @@ } } }, - "/organizations/{organizationId}/projects/{projectId}/namespaces/{projectNamespace}/stacks/{stackId}/kube-config": { + "/organizations/{organizationId}/projects/{projectId}/namespaces/{projectNamespace}/stacks/{stackId}/kubeconfig": { "get": { "security": [ { @@ -16946,4 +16946,4 @@ "in": "header" } } -} +} \ No newline at end of file diff --git a/api/swagger/swagger.yaml b/api/swagger/swagger.yaml index 5541b25d..d35c272e 100644 --- a/api/swagger/swagger.yaml +++ b/api/swagger/swagger.yaml @@ -8529,7 +8529,7 @@ paths: summary: Check duplicate appServeAppName tags: - AppServeApps - /organizations/{organizationId}/projects/{projectId}/kube-config: + /organizations/{organizationId}/projects/{projectId}/kubeconfig: get: consumes: - application/json @@ -9076,7 +9076,7 @@ paths: summary: Get k8s resources for project namespace tags: - Projects - /organizations/{organizationId}/projects/{projectId}/namespaces/{projectNamespace}/stacks/{stackId}/kube-config: + /organizations/{organizationId}/projects/{projectId}/namespaces/{projectNamespace}/stacks/{stackId}/kubeconfig: get: consumes: - application/json diff --git a/internal/usecase/dashboard.go b/internal/usecase/dashboard.go index 504afe6f..6c108171 100644 --- a/internal/usecase/dashboard.go +++ b/internal/usecase/dashboard.go @@ -832,8 +832,6 @@ func (u *DashboardUsecase) GetPolicyViolation(ctx context.Context, organizationI return nil, err } - log.Info(ctx, helper.ModelToJson(pm)) - // totalViolation: {"K8sRequiredLabels": {"violation_enforcement": 2}} totalViolation := make(map[string]map[string]int) @@ -852,10 +850,15 @@ func (u *DashboardUsecase) GetPolicyViolation(ctx context.Context, organizationI if len(res.Metric.Violation) == 0 { continue } - count, err := strconv.Atoi(res.Value[1].(string)) - if err != nil { - count = 0 + + count := 0 + if res.Value != nil && len(res.Value) > 1 { + count, err = strconv.Atoi(res.Value[1].(string)) + if err != nil { + count = 0 + } } + violation := res.Metric.Violation if val, ok := totalViolation[policyTemplate][violation]; !ok { totalViolation[policyTemplate] = make(map[string]int) diff --git a/pkg/thanos-client/client.go b/pkg/thanos-client/client.go index ab017bbd..2462e635 100644 --- a/pkg/thanos-client/client.go +++ b/pkg/thanos-client/client.go @@ -189,7 +189,7 @@ func (c *ThanosClientImpl) fetchRange(ctx context.Context, query string, start i query = url.QueryEscape(query) + rangeParam requestUrl := c.url + "/api/v1/query_range?query=" + query - log.Info(ctx, requestUrl) + log.Info(ctx, "ferchRange : ", requestUrl) res, err := c.client.Get(requestUrl) if err != nil { return nil, err From f4e3a1f9d1e0a3b6c5e44e5c689768a4039ac787 Mon Sep 17 00:00:00 2001 From: "taekyu.kang" Date: Thu, 23 May 2024 16:24:55 +0900 Subject: [PATCH 13/14] trivial. fix error for policyViolationTop5 --- internal/usecase/dashboard.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/internal/usecase/dashboard.go b/internal/usecase/dashboard.go index 6c108171..2dae8e63 100644 --- a/internal/usecase/dashboard.go +++ b/internal/usecase/dashboard.go @@ -1073,6 +1073,10 @@ func (u *DashboardUsecase) GetPolicyViolationTop5(ctx context.Context, organizat warnCount := 0 dryrunCount := 0 for _, result := range pvcm.Data.Result { + if result.Value == nil || len(result.Value) <= 1 { + continue + } + switch policy := result.Metric.ViolationEnforcement; policy { case "": denyCount, _ = strconv.Atoi(result.Value[1].(string)) From ede08c06f81f1356c9252851bd53623678799c37 Mon Sep 17 00:00:00 2001 From: "taekyu.kang" Date: Thu, 23 May 2024 16:31:25 +0900 Subject: [PATCH 14/14] trivial. fix error code for thanosclient --- internal/usecase/dashboard.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/internal/usecase/dashboard.go b/internal/usecase/dashboard.go index 2dae8e63..4877ea5d 100644 --- a/internal/usecase/dashboard.go +++ b/internal/usecase/dashboard.go @@ -815,7 +815,7 @@ func (u *DashboardUsecase) GetPolicyEnforcement(ctx context.Context, organizatio func (u *DashboardUsecase) GetPolicyViolation(ctx context.Context, organizationId string, duration string, interval string) (*domain.BarChartData, error) { thanosClient, err := u.GetThanosClient(ctx, organizationId) if err != nil { - return nil, errors.Wrap(err, "failed to create thanos client") + return nil, httpErrors.NewInternalServerError(err, "D_INVALID_PRIMARY_STACK", "") } durationSec, intervalSec := getDurationAndIntervalSec(duration, interval) @@ -950,7 +950,7 @@ func (u *DashboardUsecase) GetPolicyViolationLog(ctx context.Context, organizati func (u *DashboardUsecase) GetWorkload(ctx context.Context, organizationId string) (*domain.GetDashboardWorkloadResponse, error) { thanosClient, err := u.GetThanosClient(ctx, organizationId) if err != nil { - return nil, errors.Wrap(err, "failed to create thanos client") + return nil, httpErrors.NewInternalServerError(err, "D_INVALID_PRIMARY_STACK", "") } clusterIdStr, err := u.GetFlatClusterIds(ctx, organizationId) @@ -1027,7 +1027,7 @@ func (u *DashboardUsecase) GetWorkload(ctx context.Context, organizationId strin func (u *DashboardUsecase) GetPolicyViolationTop5(ctx context.Context, organizationId string, duration string, interval string) (*domain.BarChartData, error) { thanosClient, err := u.GetThanosClient(ctx, organizationId) if err != nil { - return nil, errors.Wrap(err, "failed to create thanos client") + return nil, httpErrors.NewInternalServerError(err, "D_INVALID_PRIMARY_STACK", "") } durationSec, intervalSec := getDurationAndIntervalSec(duration, interval)