From 1adf93d9a6263e1a150751df0c1031560ed288ed Mon Sep 17 00:00:00 2001 From: wilhelmguo Date: Wed, 13 Mar 2019 18:04:47 +0800 Subject: [PATCH 1/8] backend: add kubernetes resource permission --- src/backend/controllers/base/api.go | 4 +- .../kubernetes/deployment/deployment.go | 4 +- .../controllers/kubernetes/proxy/proxy.go | 22 ++- src/backend/database/initial/data.go | 176 +++++++++++++----- src/backend/models/permission.go | 76 +++++--- 5 files changed, 205 insertions(+), 77 deletions(-) diff --git a/src/backend/controllers/base/api.go b/src/backend/controllers/base/api.go index b499eb59f..c89c379ce 100644 --- a/src/backend/controllers/base/api.go +++ b/src/backend/controllers/base/api.go @@ -62,7 +62,7 @@ func (c *APIController) CheckPermission(perType string, perAction string) { return } else if err != nil && err != orm.ErrNoRows { logs.Info("Check app permission error.%v", err) - c.AbortInternalServerError("Check app permission error.") + c.AbortForbidden("Check app permission error.") } } @@ -73,7 +73,7 @@ func (c *APIController) CheckPermission(perType string, perAction string) { return } else { logs.Info("Check namespace permission error.%v", err) - c.AbortInternalServerError("Check namespace permission error.") + c.AbortForbidden("Check namespace permission error.") } } diff --git a/src/backend/controllers/kubernetes/deployment/deployment.go b/src/backend/controllers/kubernetes/deployment/deployment.go index 17d6af6b1..57a427738 100644 --- a/src/backend/controllers/kubernetes/deployment/deployment.go +++ b/src/backend/controllers/kubernetes/deployment/deployment.go @@ -41,7 +41,7 @@ func (c *KubeDeploymentController) Prepare() { perAction := "" _, method := c.GetControllerAndAction() switch method { - case "Get": + case "Get", "GetDetail": perAction = models.PermissionRead case "Deploy": perAction = models.PermissionDeploy @@ -49,7 +49,7 @@ func (c *KubeDeploymentController) Prepare() { perAction = models.PermissionOffline } if perAction != "" { - c.CheckPermission(models.PermissionTypeDeployment, perAction) + c.CheckPermission(models.PermissionTypeKubeDeployment, perAction) } } diff --git a/src/backend/controllers/kubernetes/proxy/proxy.go b/src/backend/controllers/kubernetes/proxy/proxy.go index 2d2db18f5..6708c2979 100644 --- a/src/backend/controllers/kubernetes/proxy/proxy.go +++ b/src/backend/controllers/kubernetes/proxy/proxy.go @@ -2,11 +2,14 @@ package proxy import ( "encoding/json" + "fmt" "strconv" + "strings" meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" + "github.com/Qihoo360/wayne/src/backend/client/api" "github.com/Qihoo360/wayne/src/backend/controllers/base" "github.com/Qihoo360/wayne/src/backend/models" "github.com/Qihoo360/wayne/src/backend/resources/proxy" @@ -35,13 +38,21 @@ func (c *KubeProxyController) Prepare() { switch method { case "Get", "List", "GetNames": perAction = models.PermissionRead - case "Create", "Update": - perAction = models.PermissionDeploy + case "Create": + perAction = models.PermissionCreate + case "Update": + perAction = models.PermissionUpdate case "Delete": - perAction = models.PermissionOffline + perAction = models.PermissionDelete } + kind := c.Ctx.Input.Param(":kind") + resourceMap, ok := api.KindToResourceMap[kind] + if !ok { + c.AbortBadRequest(fmt.Sprintf("Request resource kind (%s) not supported!", kind)) + } + if perAction != "" { - c.CheckPermission(models.PermissionTypeDeployment, perAction) + c.CheckPermission(fmt.Sprintf("KUBE%s", strings.ToUpper(resourceMap.GroupVersionResourceKind.Kind)), perAction) } } @@ -72,6 +83,9 @@ func (c *KubeProxyController) Get() { // @Title Get all resource names // @Description get all names +// @Param cluster path string true "the cluster name" +// @Param namespace path string true "the namespace name" +// @Param kind path string true "the resource kind" // @Success 200 {object} []response.NamesObject success // @router /names [get] func (c *KubeProxyController) GetNames() { diff --git a/src/backend/database/initial/data.go b/src/backend/database/initial/data.go index efe23189d..f47a4eb24 100644 --- a/src/backend/database/initial/data.go +++ b/src/backend/database/initial/data.go @@ -22,17 +22,17 @@ var InitialData = []string{ `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('55', 'DEPLOYMENT_UPDATE', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('56', 'DEPLOYMENT_READ', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('57', 'DEPLOYMENT_DELETE', '', now(), now());`, - `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('58', 'DEPLOYMENT_DEPLOY', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('59', 'SERVICE_CREATE', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('60', 'SERVICE_UPDATE', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('61', 'SERVICE_READ', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('62', 'SERVICE_DELETE', '', now(), now());`, - `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('63', 'SERVICE_DEPLOY', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('64', 'CONFIGMAP_CREATE', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('65', 'CONFIGMAP_UPDATE', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('66', 'CONFIGMAP_READ', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('67', 'CONFIGMAP_DELETE', '', now(), now());`, - `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('68', 'CONFIGMAP_DEPLOY', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('69', 'PVC_CREATE', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('70', 'PVC_UPDATE', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('71', 'PVC_READ', '', now(), now());`, @@ -45,23 +45,22 @@ var InitialData = []string{ `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('80', 'SECRET_UPDATE', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('81', 'SECRET_READ', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('82', 'SECRET_DELETE', '', now(), now());`, - `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('83', 'SECRET_DEPLOY', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('84', 'NAMESPACE_CREATE', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('85', 'NAMESPACE_UPDATE', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('86', 'NAMESPACE_READ', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('87', 'NAMESPACE_DELETE', '', now(), now());`, - `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('88', 'APP_DEPLOY', '', now(), now());`, - `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('89', 'PVC_DEPLOY', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('90', 'CRONJOB_CREATE', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('91', 'CRONJOB_UPDATE', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('92', 'CRONJOB_READ', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('93', 'CRONJOB_DELETE', '', now(), now());`, - `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('94', 'CRONJOB_DEPLOY', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('95', 'WEBHOOK_CREATE', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('96', 'WEBHOOK_UPDATE', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('97', 'WEBHOOK_READ', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('98', 'WEBHOOK_DELETE', '', now(), now());`, - `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('99', 'WEBHOOK_DEPLOY', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('100', 'APIKEY_READ', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('101', 'APIKEY_CREATE', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('102', 'APIKEY_UPDATE', '', now(), now());`, @@ -70,30 +69,119 @@ var InitialData = []string{ `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('105', 'STATEFULSET_CREATE', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('106', 'STATEFULSET_UPDATE', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('107', 'STATEFULSET_DELETE', '', now(), now());`, - `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('108', 'STATEFULSET_DEPLOY', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('109', 'DAEMONSET_READ', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('110', 'DAEMONSET_CREATE', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('111', 'DAEMONSET_UPDATE', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('112', 'DAEMONSET_DELETE', '', now(), now());`, - `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('113', 'DAEMONSET_DEPLOY', '', now(), now());`, - `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('114', 'DEPLOYMENT_OFFLINE', '', now(), now());`, - `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('115', 'DAEMONSET_OFFLINE', '', now(), now());`, - `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('116', 'CRONJOB_OFFLINE', '', now(), now());`, - `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('117', 'STATEFULSET_OFFLINE', '', now(), now());`, - `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('118', 'SERVICE_OFFLINE', '', now(), now());`, - `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('119', 'CONFIGMAP_OFFLINE', '', now(), now());`, - `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('120', 'SECRET_OFFLINE', '', now(), now());`, - `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('121', 'PVC_OFFLINE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('122', 'INGRESS_CREATE', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('123', 'INGRESS_UPDATE', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('124', 'INGRESS_READ', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('125', 'INGRESS_DELETE', '', now(), now());`, - `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('126', 'INGRESS_DEPLOY', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('127', 'HPA_CREATE', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('128', 'HPA_UPDATE', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('129', 'HPA_READ', '', now(), now());`, `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('130', 'HPA_DELETE', '', now(), now());`, - `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('131', 'HPA_DEPLOY', '', now(), now());`, + + // Kubernetes resource permission + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('132', 'KUBECONFIGMAP_CREATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('133', 'KUBECONFIGMAP_UPDATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('134', 'KUBECONFIGMAP_READ', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('135', 'KUBECONFIGMAP_DELETE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('136', 'KUBEDAEMONSET_CREATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('137', 'KUBEDAEMONSET_UPDATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('138', 'KUBEDAEMONSET_READ', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('139', 'KUBEDAEMONSET_DELETE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('140', 'KUBEDEPLOYMENT_CREATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('141', 'KUBEDEPLOYMENT_UPDATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('142', 'KUBEDEPLOYMENT_READ', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('143', 'KUBEDEPLOYMENT_DELETE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('144', 'KUBEEVENT_CREATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('145', 'KUBEEVENT_UPDATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('146', 'KUBEEVENT_READ', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('147', 'KUBEEVENT_DELETE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('148', 'KUBEHORIZONTALPODAUTOSCALER_CREATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('149', 'KUBEHORIZONTALPODAUTOSCALER_UPDATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('150', 'KUBEHORIZONTALPODAUTOSCALER_READ', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('151', 'KUBEHORIZONTALPODAUTOSCALER_DELETE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('152', 'KUBEINGRESS_CREATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('153', 'KUBEINGRESS_UPDATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('154', 'KUBEINGRESS_READ', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('155', 'KUBEINGRESS_DELETE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('156', 'KUBEJOB_CREATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('157', 'KUBEJOB_UPDATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('158', 'KUBEJOB_READ', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('159', 'KUBEJOB_DELETE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('160', 'KUBECRONJOB_CREATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('161', 'KUBECRONJOB_UPDATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('162', 'KUBECRONJOB_READ', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('163', 'KUBECRONJOB_DELETE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('164', 'KUBENAMESPACE_CREATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('165', 'KUBENAMESPACE_UPDATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('166', 'KUBENAMESPACE_READ', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('167', 'KUBENAMESPACE_DELETE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('168', 'KUBENODE_CREATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('169', 'KUBENODE_UPDATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('170', 'KUBENODE_READ', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('171', 'KUBENODE_DELETE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('172', 'KUBEPERSISTENTVOLUMECLAIM_CREATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('173', 'KUBEPERSISTENTVOLUMECLAIM_UPDATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('174', 'KUBEPERSISTENTVOLUMECLAIM_READ', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('175', 'KUBEPERSISTENTVOLUMECLAIM_DELETE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('176', 'KUBEPERSISTENTVOLUME_CREATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('177', 'KUBEPERSISTENTVOLUME_UPDATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('178', 'KUBEPERSISTENTVOLUME_READ', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('179', 'KUBEPERSISTENTVOLUME_DELETE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('180', 'KUBEPOD_CREATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('181', 'KUBEPOD_UPDATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('182', 'KUBEPOD_READ', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('183', 'KUBEPOD_DELETE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('184', 'KUBEREPLICASET_CREATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('185', 'KUBEREPLICASET_UPDATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('186', 'KUBEREPLICASET_READ', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('187', 'KUBEREPLICASET_DELETE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('188', 'KUBESECRET_CREATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('189', 'KUBESECRET_UPDATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('190', 'KUBESECRET_READ', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('191', 'KUBESECRET_DELETE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('192', 'KUBESERVICE_CREATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('193', 'KUBESERVICE_UPDATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('194', 'KUBESERVICE_READ', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('195', 'KUBESERVICE_DELETE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('196', 'KUBESTATEFULSET_CREATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('197', 'KUBESTATEFULSET_UPDATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('198', 'KUBESTATEFULSET_READ', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('199', 'KUBESTATEFULSET_DELETE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('200', 'KUBEENDPOINTS_CREATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('201', 'KUBEENDPOINTS_UPDATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('202', 'KUBEENDPOINTS_READ', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('203', 'KUBEENDPOINTS_DELETE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('204', 'KUBESTORAGECLASS_CREATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('205', 'KUBESTORAGECLASS_UPDATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('206', 'KUBESTORAGECLASS_READ', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('207', 'KUBESTORAGECLASS_DELETE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('208', 'KUBEROLE_CREATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('209', 'KUBEROLE_UPDATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('210', 'KUBEROLE_READ', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('211', 'KUBEROLE_DELETE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('212', 'KUBEROLEBINDING_CREATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('213', 'KUBEROLEBINDING_UPDATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('214', 'KUBEROLEBINDING_READ', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('215', 'KUBEROLEBINDING_DELETE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('216', 'KUBECLUSTERROLE_CREATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('217', 'KUBECLUSTERROLE_UPDATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('218', 'KUBECLUSTERROLE_READ', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('219', 'KUBECLUSTERROLE_DELETE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('220', 'KUBECLUSTERROLEBINDING_CREATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('221', 'KUBECLUSTERROLEBINDING_UPDATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('222', 'KUBECLUSTERROLEBINDING_READ', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('223', 'KUBECLUSTERROLEBINDING_DELETE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('224', 'KUBESERVICEACCOUNT_CREATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('225', 'KUBESERVICEACCOUNT_UPDATE', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('226', 'KUBESERVICEACCOUNT_READ', '', now(), now());`, + `INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('227', 'KUBESERVICEACCOUNT_DELETE', '', now(), now());`, // -- group // group 名称前加点可以解决group与mysql内置对象重名的问题 @@ -116,33 +204,32 @@ var InitialData = []string{ `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '55');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '56');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '57');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '58');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '140');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '59');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '60');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '61');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '62');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '63');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '192');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '64');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '65');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '66');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '67');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '68');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '132');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '71');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '79');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '80');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '81');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '82');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '83');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '188');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '90');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '91');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '92');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '93');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '94');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '160');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '95');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '96');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '97');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '98');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '99');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '100');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '101');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '102');`, @@ -151,24 +238,25 @@ var InitialData = []string{ `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '123');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '124');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '125');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '126');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '152');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '127');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '128');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '129');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '130');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '131');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '148');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '172');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '54');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '55');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '56');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '58');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '140');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '59');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '60');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '61');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '63');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '192');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '64');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '65');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '66');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '68');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '132');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '69');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '70');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '71');`, @@ -178,44 +266,42 @@ var InitialData = []string{ `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '79');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '80');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '81');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '83');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '188');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '84');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '85');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '86');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '89');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '172');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '91');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '92');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '94');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '160');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '96');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '97');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '99');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '100');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '123');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '124');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '126');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '152');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '128');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '129');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '131');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '148');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '48');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '54');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '56');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '58');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '140');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '61');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '63');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '192');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '66');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '68');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '132');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '71');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '76');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '81');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '83');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '188');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '92');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '94');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '160');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '124');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '126');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '152');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '129');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '131');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '148');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('20', '92');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('20', '94');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '56');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '61');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '66');`, diff --git a/src/backend/models/permission.go b/src/backend/models/permission.go index 2d1671f19..8148c9a2f 100644 --- a/src/backend/models/permission.go +++ b/src/backend/models/permission.go @@ -35,6 +35,32 @@ const ( PermissionTypeIngress = "INGRESS" PermissionTypeHPA = "HPA" PermissionBlank = "_" + + // Kubernetes resource permission + PermissionTypeKubeConfigMap = "KUBECONFIGMAP" + PermissionTypeKubeDaemonSet = "KUBEDAEMONSET" + PermissionTypeKubeDeployment = "KUBEDEPLOYMENT" + PermissionTypeKubeEvent = "KUBEEVENT" + PermissionTypeKubeHorizontalPodAutoscaler = "KUBEHORIZONTALPODAUTOSCALER" + PermissionTypeKubeIngress = "KUBEINGRESS" + PermissionTypeKubeJob = "KUBEJOB" + PermissionTypeKubeCronJob = "KUBECRONJOB" + PermissionTypeKubeNamespace = "KUBENAMESPACE" + PermissionTypeKubeNode = "KUBENODE" + PermissionTypeKubePersistentVolumeClaim = "KUBEPERSISTENTVOLUMECLAIM" + PermissionTypeKubePersistentVolume = "KUBEPERSISTENTVOLUME" + PermissionTypeKubePod = "KUBEPOD" + PermissionTypeKubeReplicaSet = "KUBEREPLICASET" + PermissionTypeKubeSecret = "KUBESECRET" + PermissionTypeKubeService = "KUBESERVICE" + PermissionTypeKubeStatefulSet = "KUBESTATEFULSET" + PermissionTypeKubeEndpoint = "KUBEENDPOINTS" + PermissionTypeKubeStorageClass = "KUBESTORAGECLASS" + PermissionTypeKubeRole = "KUBEROLE" + PermissionTypeKubeRoleBinding = "KUBEROLEBINDING" + PermissionTypeKubeClusterRole = "KUBECLUSTERROLE" + PermissionTypeKubeClusterRoleBinding = "KUBECLUSTERROLEBINDING" + PermissionTypeKubeServiceAccount = "KUBESERVICEACCOUNT" ) type permissionModel struct{} @@ -68,6 +94,32 @@ type TypePermission struct { PermissionTypeBILL ActionPermission `json:"bill" mapstructure:"BILL"` PermissionIngress ActionPermission `json:"ingress" mapstructure:"INGRESS"` PermissionHPA ActionPermission `json:"hpa" mapstructure:"HPA"` + + // Kubernetes resource permission + PermissionTypeKubeConfigMap ActionPermission `json:"kubeConfigMap" mapstructure:"KUBECONFIGMAP"` + PermissionTypeKubeDaemonSet ActionPermission `json:"kubeDaemonSet" mapstructure:"KUBEDAEMONSET"` + PermissionTypeKubeDeployment ActionPermission `json:"kubeDeployment" mapstructure:"KUBEDEPLOYMENT"` + PermissionTypeKubeEvent ActionPermission `json:"kubeEvent" mapstructure:"KUBEEVENT"` + PermissionTypeKubeHorizontalPodAutoscaler ActionPermission `json:"kubeHorizontalPodAutoscaler" mapstructure:"KUBEHORIZONTALPODAUTOSCALER"` + PermissionTypeKubeIngress ActionPermission `json:"kubeIngress" mapstructure:"KUBEINGRESS"` + PermissionTypeKubeJob ActionPermission `json:"kubeJob" mapstructure:"KUBEJOB"` + PermissionTypeKubeCronJob ActionPermission `json:"kubeCronJob" mapstructure:"KUBECRONJOB"` + PermissionTypeKubeNamespace ActionPermission `json:"kubeNamespace" mapstructure:"KUBENAMESPACE"` + PermissionTypeKubeNode ActionPermission `json:"kubeNode" mapstructure:"KUBENODE"` + PermissionTypeKubePersistentVolumeClaim ActionPermission `json:"kubePersistentVolumeClaim" mapstructure:"KUBEPERSISTENTVOLUMECLAIM"` + PermissionTypeKubePersistentVolume ActionPermission `json:"kubePersistentVolume" mapstructure:"KUBEPERSISTENTVOLUME"` + PermissionTypeKubePod ActionPermission `json:"kubePod" mapstructure:"KUBEPOD"` + PermissionTypeKubeReplicaSet ActionPermission `json:"kubeReplicaSet" mapstructure:"KUBEREPLICASET"` + PermissionTypeKubeSecret ActionPermission `json:"kubeSecret" mapstructure:"KUBESECRET"` + PermissionTypeKubeService ActionPermission `json:"kubeService" mapstructure:"KUBESERVICE"` + PermissionTypeKubeStatefulSet ActionPermission `json:"kubeStatefulSet" mapstructure:"KUBESTATEFULSET"` + PermissionTypeKubeEndpoint ActionPermission `json:"kubeEndpoints" mapstructure:"KUBEENDPOINTS"` + PermissionTypeKubeStorageClass ActionPermission `json:"kubeStorageClass" mapstructure:"KUBESTORAGECLASS"` + PermissionTypeKubeRole ActionPermission `json:"kubeRole" mapstructure:"KUBEROLE"` + PermissionTypeKubeRoleBinding ActionPermission `json:"kubeRoleBinding" mapstructure:"KUBEROLEBINDING"` + PermissionTypeKubeClusterRole ActionPermission `json:"kubeClusterRole" mapstructure:"KUBECLUSTERROLE"` + PermissionTypeKubeClusterRoleBinding ActionPermission `json:"kubeClusterRoleBinding" mapstructure:"KUBECLUSTERROLEBINDING"` + PermissionTypeKubeServiceAccount ActionPermission `json:"kubeServiceAccount" mapstructure:"KUBESERVICEACCOUNT"` } type ActionPermission struct { @@ -139,27 +191,3 @@ func (*permissionModel) MergeName(perType string, perAction string) (perName str perName = perType + PermissionBlank + perAction return perName } - -/* - * 根据publishType获取权限类别 - */ -func (*permissionModel) GetPermissionTypeByPublishType(pType PublishType) (perType string) { - perType = "" - switch pType { - case PublishTypeDeployment: - perType = PermissionTypeDeployment - case PublishTypeService: - perType = PermissionTypeService - case PublishTypeConfigMap: - perType = PermissionTypeConfigMap - case PublishTypeSecret: - perType = PermissionTypeSecret - case PublishTypePersistentVolumeClaim: - perType = PermissionTypePersistentVolumeClaim - case PublishTypeCronJob: - perType = PermissionTypeCronjob - case PublishTypeIngress: - perType = PermissionTypeIngress - } - return perType -} From d8a5648614cfc4185b04157ab1e5085290c823b4 Mon Sep 17 00:00:00 2001 From: wilhelmguo Date: Wed, 13 Mar 2019 18:05:29 +0800 Subject: [PATCH 2/8] frontend: add kubernetes resource permission --- .../portal/autoscale/autoscale.component.html | 10 +-- .../list-autoscale.component.html | 10 +-- .../app/portal/sidenav/sidenav.component.html | 4 +- .../src/app/shared/auth/auth.service.ts | 4 +- .../src/app/shared/model/v1/permission.ts | 76 ++++++++++--------- 5 files changed, 56 insertions(+), 48 deletions(-) diff --git a/src/frontend/src/app/portal/autoscale/autoscale.component.html b/src/frontend/src/app/portal/autoscale/autoscale.component.html index 1a6123ba6..1d5b3826e 100644 --- a/src/frontend/src/app/portal/autoscale/autoscale.component.html +++ b/src/frontend/src/app/portal/autoscale/autoscale.component.html @@ -1,4 +1,4 @@ - @@ -16,19 +16,19 @@
- diff --git a/src/frontend/src/app/portal/autoscale/list-autoscale/list-autoscale.component.html b/src/frontend/src/app/portal/autoscale/list-autoscale/list-autoscale.component.html index df10ff5a3..962716176 100644 --- a/src/frontend/src/app/portal/autoscale/list-autoscale/list-autoscale.component.html +++ b/src/frontend/src/app/portal/autoscale/list-autoscale/list-autoscale.component.html @@ -49,23 +49,23 @@ diff --git a/src/frontend/src/app/portal/sidenav/sidenav.component.html b/src/frontend/src/app/portal/sidenav/sidenav.component.html index d3d3e5d70..4887d622b 100644 --- a/src/frontend/src/app/portal/sidenav/sidenav.component.html +++ b/src/frontend/src/app/portal/sidenav/sidenav.component.html @@ -54,11 +54,11 @@ [title]="'MENU.AUTO_POD_SCALE' | translate" routerLink="autoscale" routerLinkActive="active" - *ngIf="authService.currentAppPermission.autoscale.read || authService.currentUser.admin"> + *ngIf="authService.currentAppPermission.hpa.read || authService.currentUser.admin"> {{'MENU.AUTO_POD_SCALE' | translate}} -
{ - this.currentNamespacePermission.deserialize(response.data); + this.currentNamespacePermission = response.data; }).catch(error => this.handleError(error)); } setAppPermissionById(id: number) { return this.http.get(`/api/v1/apps/${id}/users/permissions/${id}`).toPromise().then((response: any) => { - this.currentAppPermission.deserialize(response.data); + this.currentAppPermission = response.data; }).catch(error => this.handleError(error)); } diff --git a/src/frontend/src/app/shared/model/v1/permission.ts b/src/frontend/src/app/shared/model/v1/permission.ts index 558be46d2..27dd93610 100644 --- a/src/frontend/src/app/shared/model/v1/permission.ts +++ b/src/frontend/src/app/shared/model/v1/permission.ts @@ -15,39 +15,47 @@ export class ActionPermission { } export class TypePermission { - app: ActionPermission = new ActionPermission(); - appUser: ActionPermission = new ActionPermission(); - namespace: ActionPermission = new ActionPermission(); - namespaceUser: ActionPermission = new ActionPermission(); - deployment: ActionPermission = new ActionPermission(); - secret: ActionPermission = new ActionPermission(); - service: ActionPermission = new ActionPermission(); - ingress: ActionPermission = new ActionPermission(); - pvc: ActionPermission = new ActionPermission(); - configmap: ActionPermission = new ActionPermission(); - cronjob: ActionPermission = new ActionPermission(); - webHook: ActionPermission = new ActionPermission(); - statefulset: ActionPermission = new ActionPermission(); - apiKey: ActionPermission = new ActionPermission(); - daemonSet: ActionPermission = new ActionPermission(); - autoscale: ActionPermission = new ActionPermission(); + app = new ActionPermission(); + appUser = new ActionPermission(); + namespace = new ActionPermission(); + namespaceUser = new ActionPermission(); + deployment = new ActionPermission(); + secret = new ActionPermission(); + service = new ActionPermission(); + ingress = new ActionPermission(); + pvc = new ActionPermission(); + configmap = new ActionPermission(); + cronjob = new ActionPermission(); + webHook = new ActionPermission(); + statefulset = new ActionPermission(); + apiKey = new ActionPermission(); + daemonSet = new ActionPermission(); + hpa = new ActionPermission(); + + // Kubernetes resource permission + kubeConfigMap = new ActionPermission(); + kubeDaemonSet = new ActionPermission(); + kubeDeployment = new ActionPermission(); + kubeEvent = new ActionPermission(); + kubeHorizontalPodAutoscaler = new ActionPermission(); + kubeIngress = new ActionPermission(); + kubeJob = new ActionPermission(); + kubeCronJob = new ActionPermission(); + kubeNamespace = new ActionPermission(); + kubeNode = new ActionPermission(); + kubePersistentVolumeClaim = new ActionPermission(); + kubePersistentVolume = new ActionPermission(); + kubePod = new ActionPermission(); + kubeReplicaSet = new ActionPermission(); + kubeSecret = new ActionPermission(); + kubeService = new ActionPermission(); + kubeStatefulSet = new ActionPermission(); + kubeEndpoint = new ActionPermission(); + kubeStorageClass = new ActionPermission(); + kubeRole = new ActionPermission(); + kubeRoleBinding = new ActionPermission(); + kubeClusterRole = new ActionPermission(); + kubeClusterRoleBinding = new ActionPermission(); + kubeServiceAccount = new ActionPermission(); - deserialize(input) { - this.app = input.app ? input.app : this.app; - this.appUser = input.appUser ? input.appUser : this.appUser; - this.namespace = input.namespace ? input.namespace : this.namespace; - this.namespaceUser = input.namespaceUser ? input.namespaceUser : this.namespaceUser; - this.deployment = input.deployment ? input.deployment : this.deployment; - this.secret = input.secret ? input.secret : this.secret; - this.service = input.service ? input.service : this.service; - this.ingress = input.ingress ? input.ingress : this.ingress; - this.pvc = input.pvc ? input.pvc : this.pvc; - this.configmap = input.configmap ? input.configmap : this.configmap; - this.cronjob = input.cronjob ? input.cronjob : this.cronjob; - this.webHook = input.webHook ? input.webHook : this.webHook; - this.statefulset = input.statefulset ? input.statefulset : this.statefulset; - this.apiKey = input.apiKey ? input.apiKey : this.apiKey; - this.daemonSet = input.daemonSet ? input.daemonSet : this.daemonSet; - this.autoscale = input.hpa ? input.hpa : this.autoscale; - } } From fff29fa3fe320b69b81a945792e73ac7b8dc4ee0 Mon Sep 17 00:00:00 2001 From: wilhelmguo Date: Fri, 15 Mar 2019 11:11:45 +0800 Subject: [PATCH 3/8] backend: permission optimization,remove deploy offline. add kubernetes resource manage --- src/backend/client/client.go | 2 +- src/backend/controllers/base/api.go | 38 ++- .../kubernetes/configmap/configmap.go | 71 +---- .../controllers/kubernetes/cronjob/cronjob.go | 42 +-- .../kubernetes/daemonset/daemonset.go | 26 +- .../kubernetes/deployment/deployment.go | 85 +----- src/backend/controllers/kubernetes/hpa/hpa.go | 97 +------ .../controllers/kubernetes/ingress/ingress.go | 129 +-------- src/backend/controllers/kubernetes/job/job.go | 26 +- src/backend/controllers/kubernetes/log/log.go | 12 +- .../kubernetes/namespace/namespace.go | 117 ++------ .../controllers/kubernetes/node/node.go | 12 +- src/backend/controllers/kubernetes/pod/pod.go | 67 +---- .../controllers/kubernetes/proxy/proxy.go | 25 +- src/backend/controllers/kubernetes/pv/pv.go | 12 +- .../controllers/kubernetes/pv/robin.go | 9 +- src/backend/controllers/kubernetes/pvc/pvc.go | 71 +---- .../controllers/kubernetes/pvc/robin.go | 26 +- .../controllers/kubernetes/secret/secret.go | 71 +---- .../controllers/kubernetes/service/service.go | 107 +------ .../kubernetes/statefulset/statefulset.go | 47 +-- src/backend/database/initial/data.go | 268 +++++++++++++++--- src/backend/models/permission.go | 20 +- src/backend/resources/configmap/configmap.go | 16 -- src/backend/resources/hpa/hpa.go | 31 -- src/backend/resources/hpa/list.go | 15 - src/backend/resources/ingress/common.go | 8 - src/backend/resources/ingress/list.go | 16 -- src/backend/resources/namespace/list.go | 39 --- src/backend/resources/namespace/namespace.go | 8 - src/backend/resources/secret/secret.go | 12 - src/backend/resources/service/common.go | 26 -- src/backend/resources/service/list.go | 64 ----- src/backend/resources/service/service.go | 13 - .../resources/statefulset/statefulset.go | 7 - ...Router_controllers_kubernetes_configmap.go | 18 +- ...tsRouter_controllers_kubernetes_cronjob.go | 4 +- ...Router_controllers_kubernetes_daemonset.go | 4 +- ...outer_controllers_kubernetes_deployment.go | 22 +- ...mmentsRouter_controllers_kubernetes_hpa.go | 34 +-- ...tsRouter_controllers_kubernetes_ingress.go | 26 +- ...mmentsRouter_controllers_kubernetes_job.go | 8 - ...Router_controllers_kubernetes_namespace.go | 40 +-- ...mmentsRouter_controllers_kubernetes_pod.go | 16 -- ...mmentsRouter_controllers_kubernetes_pvc.go | 18 +- ...ntsRouter_controllers_kubernetes_secret.go | 18 +- ...tsRouter_controllers_kubernetes_service.go | 28 +- ...uter_controllers_kubernetes_statefulset.go | 10 +- 48 files changed, 449 insertions(+), 1432 deletions(-) diff --git a/src/backend/client/client.go b/src/backend/client/client.go index 12ddae6ab..cd0bdd42f 100644 --- a/src/backend/client/client.go +++ b/src/backend/client/client.go @@ -166,7 +166,6 @@ func Client(cluster string) (*kubernetes.Clientset, error) { func Manager(cluster string) (*ClusterManager, error) { managerInterface, exist := clusterManagerSets.Load(cluster) - manager := managerInterface.(*ClusterManager) // 如果不存在,则重新获取一次集群信息 if !exist { BuildApiserverClient() @@ -175,6 +174,7 @@ func Manager(cluster string) (*ClusterManager, error) { return nil, ErrNotExist } } + manager := managerInterface.(*ClusterManager) if manager.Cluster.Status == models.ClusterStatusMaintaining { return nil, ErrMaintaining } diff --git a/src/backend/controllers/base/api.go b/src/backend/controllers/base/api.go index c89c379ce..caf32b06d 100644 --- a/src/backend/controllers/base/api.go +++ b/src/backend/controllers/base/api.go @@ -5,7 +5,6 @@ import ( "net/http" "strconv" - "github.com/astaxie/beego/orm" "k8s.io/client-go/kubernetes" "github.com/Qihoo360/wayne/src/backend/client" @@ -44,6 +43,14 @@ func (c *APIController) Prepare() { } } +func (c *APIController) PreparePermission(methodActionMap map[string]string, method string, permissionType string) { + action, ok := methodActionMap[method] + if !ok { + return + } + c.CheckPermission(permissionType, action) +} + /* * 检查资源权限 */ @@ -55,26 +62,29 @@ func (c *APIController) CheckPermission(perType string, perAction string) { } perName := models.PermissionModel.MergeName(perType, perAction) - if c.AppId != 0 { - // 检查App的操作权限 - _, err := models.AppUserModel.GetOneByPermission(c.AppId, c.User.Id, perName) - if err == nil { - return - } else if err != nil && err != orm.ErrNoRows { - logs.Info("Check app permission error.%v", err) - c.AbortForbidden("Check app permission error.") - } - } if c.NamespaceId != 0 { // 检查namespace的操作权限 _, err := models.NamespaceUserModel.GetOneByPermission(c.NamespaceId, c.User.Id, perName) if err == nil { return - } else { - logs.Info("Check namespace permission error.%v", err) - c.AbortForbidden("Check namespace permission error.") } + + if c.AppId != 0 { + // 检查App的操作权限 + _, err := models.AppUserModel.GetOneByPermission(c.AppId, c.User.Id, perName) + if err == nil { + return + } + logs.Info("User does not have current app permissions.", c.User.Name, perName, c.AppId, err) + c.AbortForbidden(fmt.Sprintf("User (%s) does not have current app (%d) permissions (%s).", c.User.Name, + c.AppId, perName)) + } + + logs.Info("User does not have current namespace permissions.", c.User.Name, perName, c.NamespaceId, err) + c.AbortForbidden(fmt.Sprintf("User (%s) does not have current namespace (%d) permissions (%s).", c.User.Name, + c.NamespaceId, perName)) + } c.AbortForbidden("Permission error") diff --git a/src/backend/controllers/kubernetes/configmap/configmap.go b/src/backend/controllers/kubernetes/configmap/configmap.go index 21355979e..a87abdc46 100644 --- a/src/backend/controllers/kubernetes/configmap/configmap.go +++ b/src/backend/controllers/kubernetes/configmap/configmap.go @@ -17,27 +17,18 @@ type KubeConfigMapController struct { } func (c *KubeConfigMapController) URLMapping() { - c.Mapping("Get", c.Get) - c.Mapping("Offline", c.Offline) - c.Mapping("Deploy", c.Deploy) + c.Mapping("Create", c.Create) } func (c *KubeConfigMapController) Prepare() { // Check administration c.APIController.Prepare() - perAction := "" - _, method := c.GetControllerAndAction() - switch method { - case "Get": - perAction = models.PermissionRead - case "Deploy": - perAction = models.PermissionDeploy - case "Offline": - perAction = models.PermissionOffline - } - if perAction != "" { - c.CheckPermission(models.PermissionTypeConfigMap, perAction) + + methodActionMap := map[string]string{ + "Create": models.PermissionCreate, } + _, method := c.GetControllerAndAction() + c.PreparePermission(methodActionMap, method, models.PermissionTypeKubeConfigMap) } // @Title deploy @@ -45,7 +36,7 @@ func (c *KubeConfigMapController) Prepare() { // @Param body body string true "The tpl content" // @Success 200 return ok success // @router /:configMapId/tpls/:tplId/clusters/:cluster [post] -func (c *KubeConfigMapController) Deploy() { +func (c *KubeConfigMapController) Create() { configMapId := c.GetIntParamFromURL(":configMapId") tplId := c.GetIntParamFromURL(":tplId") var kubeConfigMap kapi.ConfigMap @@ -96,51 +87,3 @@ func (c *KubeConfigMapController) Deploy() { c.AbortBadRequestFormat("Cluster") } } - -// @Title Get -// @Description find ConfigMap by cluster -// @Success 200 {object} models.ConfigMap success -// @router /:configmap/namespaces/:namespace/clusters/:cluster [get] -func (c *KubeConfigMapController) Get() { - cluster := c.Ctx.Input.Param(":cluster") - namespace := c.Ctx.Input.Param(":namespace") - name := c.Ctx.Input.Param(":configmap") - cli, err := client.Client(cluster) - if err == nil { - result, err := configmap.GetConfigMapDetail(cli, name, namespace) - - if err != nil { - logs.Error("get kubernetes configmap detail error.", cluster, namespace, name, err) - c.HandleError(err) - return - } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") - } -} - -// @Title Delete -// @Description delete the ConfigMap -// @Param cluster path string true "the cluster want to delete" -// @Param namespace path string true "the namespace want to delete" -// @Param configmap path string true "the configmap name want to delete" -// @Success 200 {string} delete success! -// @router /:configmap/namespaces/:namespace/clusters/:cluster [delete] -func (c *KubeConfigMapController) Offline() { - cluster := c.Ctx.Input.Param(":cluster") - namespace := c.Ctx.Input.Param(":namespace") - name := c.Ctx.Input.Param(":configmap") - cli, err := client.Client(cluster) - if err == nil { - err := configmap.DeleteConfigMap(cli, name, namespace) - if err != nil { - logs.Error("delete configmap (%s) by cluster (%s) error.%v", name, cluster, err) - c.HandleError(err) - return - } - c.Success("ok!") - } else { - c.AbortBadRequestFormat("Cluster") - } -} diff --git a/src/backend/controllers/kubernetes/cronjob/cronjob.go b/src/backend/controllers/kubernetes/cronjob/cronjob.go index 0951220f2..cc1595ac3 100644 --- a/src/backend/controllers/kubernetes/cronjob/cronjob.go +++ b/src/backend/controllers/kubernetes/cronjob/cronjob.go @@ -19,8 +19,8 @@ type KubeCronjobController struct { func (c *KubeCronjobController) URLMapping() { c.Mapping("Get", c.Get) - c.Mapping("Offline", c.Offline) - c.Mapping("Deploy", c.Deploy) + c.Mapping("Delete", c.Delete) + c.Mapping("Create", c.Create) c.Mapping("Suspend", c.Suspend) } @@ -28,19 +28,14 @@ func (c *KubeCronjobController) Prepare() { // Check administration c.APIController.Prepare() - perAction := "" - _, method := c.GetControllerAndAction() - switch method { - case "Get": - perAction = models.PermissionRead - case "Deploy", "Suspend": - perAction = models.PermissionDeploy - case "Offline": - perAction = models.PermissionOffline - } - if perAction != "" { - c.CheckPermission(models.PermissionTypeCronjob, perAction) + methodActionMap := map[string]string{ + "Get": models.PermissionRead, + "Delete": models.PermissionDelete, + "Create": models.PermissionCreate, + "Suspend": models.PermissionCreate, } + _, method := c.GetControllerAndAction() + c.PreparePermission(methodActionMap, method, models.PermissionTypeKubeCronJob) } // @Title Suspend CronJob @@ -108,7 +103,7 @@ func (c *KubeCronjobController) Suspend() { // @Param body body string true "The tpl content" // @Success 200 return ok success // @router /:cronjobId/tpls/:tplId/clusters/:cluster [post] -func (c *KubeCronjobController) Deploy() { +func (c *KubeCronjobController) Create() { cronjobId := c.GetIntParamFromURL(":cronjobId") tplId := c.GetIntParamFromURL(":tplId") var kubeCronJob v1beta1.CronJob @@ -217,21 +212,6 @@ func getNamespace(appId int64) (*models.Namespace, error) { return ns, nil } -func updateMetadata(suspend bool, cronjob *models.Cronjob, cluster string) (err error) { - cronjob.MetaDataObj.Suspends[cluster] = suspend - newMetaData, err := json.Marshal(&cronjob.MetaDataObj) - if err != nil { - logs.Error("cronjob metadata unmarshal error.%v", err) - return - } - cronjob.MetaData = string(newMetaData) - err = models.CronjobModel.UpdateById(cronjob) - if err != nil { - logs.Error("cronjob metadata update error.%v", err) - } - return -} - // @Title Get // @Description find Cronjob by cluster // @Success 200 {object} models.Cronjob success @@ -262,7 +242,7 @@ func (c *KubeCronjobController) Get() { // @Param cronjob path string true "the cronjob name want to delete" // @Success 200 {string} delete success! // @router /:cronjob/namespaces/:namespace/clusters/:cluster [delete] -func (c *KubeCronjobController) Offline() { +func (c *KubeCronjobController) Delete() { cluster := c.Ctx.Input.Param(":cluster") namespace := c.Ctx.Input.Param(":namespace") name := c.Ctx.Input.Param(":cronjob") diff --git a/src/backend/controllers/kubernetes/daemonset/daemonset.go b/src/backend/controllers/kubernetes/daemonset/daemonset.go index bb05e7fa5..2241bef78 100644 --- a/src/backend/controllers/kubernetes/daemonset/daemonset.go +++ b/src/backend/controllers/kubernetes/daemonset/daemonset.go @@ -19,27 +19,21 @@ type KubeDaemonSetController struct { func (c *KubeDaemonSetController) URLMapping() { c.Mapping("Get", c.Get) - c.Mapping("Offline", c.Offline) - c.Mapping("Deploy", c.Deploy) + c.Mapping("Delete", c.Delete) + c.Mapping("Create", c.Create) } func (c *KubeDaemonSetController) Prepare() { // Check administration c.APIController.Prepare() - perAction := "" - _, method := c.GetControllerAndAction() - switch method { - case "Get": - perAction = models.PermissionRead - case "Deploy": - perAction = models.PermissionDeploy - case "Offline": - perAction = models.PermissionOffline - } - if perAction != "" { - c.CheckPermission(models.PermissionTypeDaemonSet, perAction) + methodActionMap := map[string]string{ + "Get": models.PermissionRead, + "Delete": models.PermissionDelete, + "Create": models.PermissionCreate, } + _, method := c.GetControllerAndAction() + c.PreparePermission(methodActionMap, method, models.PermissionTypeKubeDaemonSet) } // @Title deploy @@ -47,7 +41,7 @@ func (c *KubeDaemonSetController) Prepare() { // @Param body body string true "The tpl content" // @Success 200 return ok success // @router /:daemonSetId([0-9]+)/tpls/:tplId([0-9]+)/clusters/:cluster [post] -func (c *KubeDaemonSetController) Deploy() { +func (c *KubeDaemonSetController) Create() { daemonSetId := c.GetIntParamFromURL(":daemonSetId") tplId := c.GetIntParamFromURL(":tplId") @@ -182,7 +176,7 @@ func (c *KubeDaemonSetController) Get() { // @Param daemonSet path string true "the daemonSet name want to delete" // @Success 200 {string} delete success! // @router /:daemonSet/namespaces/:namespace/clusters/:cluster [delete] -func (c *KubeDaemonSetController) Offline() { +func (c *KubeDaemonSetController) Delete() { cluster := c.Ctx.Input.Param(":cluster") namespace := c.Ctx.Input.Param(":namespace") name := c.Ctx.Input.Param(":daemonSet") diff --git a/src/backend/controllers/kubernetes/deployment/deployment.go b/src/backend/controllers/kubernetes/deployment/deployment.go index 57a427738..2620a135c 100644 --- a/src/backend/controllers/kubernetes/deployment/deployment.go +++ b/src/backend/controllers/kubernetes/deployment/deployment.go @@ -28,29 +28,22 @@ type KubeDeploymentController struct { func (c *KubeDeploymentController) URLMapping() { c.Mapping("List", c.List) c.Mapping("Get", c.Get) - c.Mapping("Update", c.Update) - c.Mapping("GetDetail", c.GetDetail) - c.Mapping("Offline", c.Offline) - c.Mapping("Deploy", c.Deploy) + c.Mapping("Delete", c.Delete) + c.Mapping("Create", c.Create) } func (c *KubeDeploymentController) Prepare() { // Check administration c.APIController.Prepare() - perAction := "" - _, method := c.GetControllerAndAction() - switch method { - case "Get", "GetDetail": - perAction = models.PermissionRead - case "Deploy": - perAction = models.PermissionDeploy - case "Offline": - perAction = models.PermissionOffline - } - if perAction != "" { - c.CheckPermission(models.PermissionTypeKubeDeployment, perAction) + methodActionMap := map[string]string{ + "List": models.PermissionRead, + "Get": models.PermissionRead, + "Delete": models.PermissionDelete, + "Create": models.PermissionCreate, } + _, method := c.GetControllerAndAction() + c.PreparePermission(methodActionMap, method, models.PermissionTypeKubeDeployment) } // @Title List deployment @@ -82,42 +75,12 @@ func (c *KubeDeploymentController) List() { } } -// @Title Update -// @Description update the Deployment -// @Param id path int true "The id you want to update" -// @Param body body models.App true "The body" -// @Success 200 models.Namespace success -// @router /:deployment/namespaces/:namespace/clusters/:cluster [put] -func (c *KubeDeploymentController) Update() { - cluster := c.Ctx.Input.Param(":cluster") - namespace := c.Ctx.Input.Param(":namespace") - name := c.Ctx.Input.Param(":deployment") - var obj v1beta1.Deployment - err := json.Unmarshal(c.Ctx.Input.RequestBody, &obj) - if err != nil { - logs.Error("Invalid param body.%v", err) - c.AbortBadRequestFormat("Deployment") - } - cli, err := client.Client(cluster) - if err == nil { - result, err := deployment.UpdateDeployment(cli, &obj) - if err != nil { - logs.Error("update kubernetes deployment error.", cluster, namespace, name, err) - c.HandleError(err) - return - } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") - } -} - // @Title deploy // @Description deploy tpl // @Param body body string true "The tpl content" // @Success 200 return ok success // @router /:deploymentId([0-9]+)/tpls/:tplId([0-9]+)/clusters/:cluster [post] -func (c *KubeDeploymentController) Deploy() { +func (c *KubeDeploymentController) Create() { deploymentId := c.GetIntParamFromURL(":deploymentId") tplId := c.GetIntParamFromURL(":tplId") @@ -264,7 +227,7 @@ func checkResourceAvailable(ns *models.Namespace, cli client.ResourceHandler, ku // @Param namespace path string true "the namespace name" // @Success 200 {object} models.Deployment success // @router /:deployment/detail/namespaces/:namespace/clusters/:cluster [get] -func (c *KubeDeploymentController) GetDetail() { +func (c *KubeDeploymentController) Get() { cluster := c.Ctx.Input.Param(":cluster") namespace := c.Ctx.Input.Param(":namespace") name := c.Ctx.Input.Param(":deployment") @@ -282,30 +245,6 @@ func (c *KubeDeploymentController) GetDetail() { } } -// @Title Get -// @Description find Deployment by cluster -// @Param cluster path string true "the cluster name" -// @Param namespace path string true "the namespace name" -// @Success 200 {object} models.Deployment success -// @router /:deployment/namespaces/:namespace/clusters/:cluster [get] -func (c *KubeDeploymentController) Get() { - cluster := c.Ctx.Input.Param(":cluster") - namespace := c.Ctx.Input.Param(":namespace") - name := c.Ctx.Input.Param(":deployment") - manager, err := client.Manager(cluster) - if err == nil { - result, err := deployment.GetDeployment(manager.Client, name, namespace) - if err != nil { - logs.Error("get kubernetes deployment error.", cluster, namespace, name, err) - c.HandleError(err) - return - } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") - } -} - // @Title Delete // @Description delete the Deployment // @Param cluster path string true "the cluster want to delete" @@ -313,7 +252,7 @@ func (c *KubeDeploymentController) Get() { // @Param deployment path string true "the deployment name want to delete" // @Success 200 {string} delete success! // @router /:deployment/namespaces/:namespace/clusters/:cluster [delete] -func (c *KubeDeploymentController) Offline() { +func (c *KubeDeploymentController) Delete() { cluster := c.Ctx.Input.Param(":cluster") namespace := c.Ctx.Input.Param(":namespace") name := c.Ctx.Input.Param(":deployment") diff --git a/src/backend/controllers/kubernetes/hpa/hpa.go b/src/backend/controllers/kubernetes/hpa/hpa.go index 0d2278df3..6eb06a524 100644 --- a/src/backend/controllers/kubernetes/hpa/hpa.go +++ b/src/backend/controllers/kubernetes/hpa/hpa.go @@ -17,51 +17,21 @@ type KubeHPAController struct { } func (c *KubeHPAController) URLMapping() { - c.Mapping("Get", c.Get) - c.Mapping("Offline", c.Offline) - c.Mapping("Deploy", c.Deploy) - c.Mapping("List", c.List) - c.Mapping("GetDetail", c.GetDetail) + c.Mapping("Create", c.Create) } func (c *KubeHPAController) Prepare() { c.APIController.Prepare() - perAction := "" - _, method := c.GetControllerAndAction() - switch method { - case "Get": - perAction = models.PermissionRead - case "Deploy": - perAction = models.PermissionDeploy - case "offline": - perAction = models.PermissionOffline - } - if perAction != "" { - c.CheckPermission(models.PermissionTypeHPA, perAction) - } -} - -// @router /namespaces/:namespace/clusters/:cluster [get] -func (c *KubeHPAController) List() { - param := c.BuildQueryParam() - cluster := c.Ctx.Input.Param(":cluster") - namespace := c.Ctx.Input.Param(":namespace") - k8sClient, err := client.Manager(cluster) - if err != nil { - c.AbortBadRequestFormat("Cluster") - } - res, err := hpa.GetHPAPage(k8sClient.CacheFactory, namespace, param) - if err != nil { - logs.Error("list kubernetes(%s) namespace(%s) HPA error %v", cluster, namespace, err) - c.HandleError(err) - return + methodActionMap := map[string]string{ + "Create": models.PermissionCreate, } - c.Success(res) + _, method := c.GetControllerAndAction() + c.PreparePermission(methodActionMap, method, models.PermissionTypeKubeHorizontalPodAutoscaler) } // @router /:hpaId([0-9]+)/tpls/:tplId([0-9]+)/clusters/:cluster [post] -func (c *KubeHPAController) Deploy() { +func (c *KubeHPAController) Create() { hpaId := c.GetIntParamFromURL(":hpaId") tplId := c.GetIntParamFromURL(":tplId") var kubeHPA autoscaling.HorizontalPodAutoscaler @@ -115,58 +85,3 @@ func (c *KubeHPAController) Deploy() { } c.Success(nil) } - -// @router /:hpa/detail/namespaces/:namespace/clusters/:cluster [get] -func (c *KubeHPAController) GetDetail() { - cluster := c.Ctx.Input.Param(":cluster") - namespace := c.Ctx.Input.Param(":namespace") - name := c.Ctx.Input.Param(":hpa") - k8sClient, err := client.Manager(cluster) - if err != nil { - c.AbortBadRequestFormat("Cluster") - } - res, err := hpa.GetHPADetail(k8sClient.CacheFactory, name, namespace) - if err != nil { - logs.Error("get kubernetes HPA detail err %v", err) - c.HandleError(err) - return - } - c.Success(res) -} - -// @router /:hpa/namespaces/:namespace/clusters/:cluster [get] -func (c *KubeHPAController) Get() { - cluster := c.Ctx.Input.Param(":cluster") - namespace := c.Ctx.Input.Param(":namespace") - name := c.Ctx.Input.Param(":hpa") - k8sClient, err := client.Manager(cluster) - if err != nil { - c.AbortBadRequestFormat("Cluster") - return - } - res, err := hpa.GetHPA(k8sClient.CacheFactory, name, namespace) - if err != nil { - logs.Error("get HPA error cluster: %s, namespace: %s", cluster, namespace) - c.HandleError(err) - return - } - c.Success(res) -} - -// @router /:hpa/namespaces/:namespace/clusters/:cluster [delete] -func (c *KubeHPAController) Offline() { - cluster := c.Ctx.Input.Param(":cluster") - namespace := c.Ctx.Input.Param(":namespace") - name := c.Ctx.Input.Param(":hpa") - k8sClient, err := client.Client(cluster) - if err != nil { - c.AbortBadRequestFormat("Cluster") - return - } - if err = hpa.DeleteHPA(k8sClient, name, namespace); err != nil { - logs.Error("delete HPA: %s in namespace: %s, error: %s", name, namespace, err.Error()) - c.HandleError(err) - return - } - c.Success(nil) -} diff --git a/src/backend/controllers/kubernetes/ingress/ingress.go b/src/backend/controllers/kubernetes/ingress/ingress.go index d53218810..4f9878511 100644 --- a/src/backend/controllers/kubernetes/ingress/ingress.go +++ b/src/backend/controllers/kubernetes/ingress/ingress.go @@ -20,56 +20,17 @@ type KubeIngressController struct { } func (c *KubeIngressController) URLMapping() { - c.Mapping("Get", c.Get) - c.Mapping("Offline", c.Offline) - c.Mapping("Deploy", c.Deploy) - c.Mapping("List", c.List) - c.Mapping("GetDetail", c.GetDetail) + c.Mapping("Create", c.Create) } func (c *KubeIngressController) Prepare() { c.APIController.Prepare() - perAction := "" - _, method := c.GetControllerAndAction() - switch method { - case "Get": - perAction = models.PermissionRead - case "Deploy": - perAction = models.PermissionDeploy - case "offline": - perAction = models.PermissionOffline - } - if perAction != "" { - c.CheckPermission(models.PermissionTypeService, perAction) - } -} - -// @Title List ingress -// @Description get all ingress in a kubernetes cluster -// @Param pageNo query int false "the page current no" -// @Param pageSize query int false "the page size" -// @Param filter query string false "column filter, ex. filter=name=test" -// @Param sortby query string false "column sorted by, ex. sortby=-id, '-' representation desc, and sortby=id representation asc" -// @Param cluster path string true "the cluster name" -// @Param namespace path string true "the namespace name" -// @Success 200 {object} common.Page success -// @router /namespaces/:namespace/clusters/:cluster [get] -func (c *KubeIngressController) List() { - param := c.BuildQueryParam() - cluster := c.Ctx.Input.Param(":cluster") - namespace := c.Ctx.Input.Param(":namespace") - k8sClient, err := client.Client(cluster) - if err != nil { - c.AbortBadRequestFormat("Cluster") - } - res, err := ingress.GetIngressPage(k8sClient, namespace, param) - if err != nil { - logs.Error("list kubernetes(%s) namespace(%s) ingresses error %v", cluster, namespace, err) - c.HandleError(err) - return + methodActionMap := map[string]string{ + "Create": models.PermissionCreate, } - c.Success(res) + _, method := c.GetControllerAndAction() + c.PreparePermission(methodActionMap, method, models.PermissionTypeKubeIngress) } // @Title deploy @@ -77,7 +38,7 @@ func (c *KubeIngressController) List() { // @Param body body string true "The tpl content" // @Success 200 return ok success // @router /:ingressId([0-9]+)/tpls/:tplId([0-9]+)/clusters/:cluster [post] -func (c *KubeIngressController) Deploy() { +func (c *KubeIngressController) Create() { ingressId := c.GetIntParamFromURL(":ingressId") tplId := c.GetIntParamFromURL(":tplId") var kubeIngress kapiv1beta1.Ingress @@ -159,81 +120,3 @@ func (c *KubeIngressController) Deploy() { }) c.Success("ok") } - -// @Title GetDetail -// @Description find ingress detail in kubernetes -// @Param ingress path string true "the ingress name" -// @Param cluster path string true "the cluster name" -// @Param namespace path string true "the namespace name" -// @Success 200 {object} ingress.Ingress success -// @router /:ingress/detail/namespaces/:namespace/clusters/:cluster [get] - -func (c *KubeIngressController) GetDetail() { - cluster := c.Ctx.Input.Param(":cluster") - namespace := c.Ctx.Input.Param(":namespace") - name := c.Ctx.Input.Param(":ingress") - k8sClient, err := client.Client(cluster) - if err != nil { - c.AbortBadRequest("Cluster") - } - res, err := ingress.GetIngressDetail(k8sClient, name, namespace) - if err != nil { - logs.Error("get kubernetes ingress detail err %v", err) - c.HandleError(err) - return - } - c.Success(res) -} - -// @Title Get -// @Description find Deployment by cluster -// @Param cluster path string true "the cluster name" -// @Param namespace path string true "the namespace name" -// @Success 200 {object} models.Deployment success -// @router /:ingress/namespaces/:namespace/clusters/:cluster [get] -func (c *KubeIngressController) Get() { - cluster := c.Ctx.Input.Param(":cluster") - namespace := c.Ctx.Input.Param(":namespace") - name := c.Ctx.Input.Param(":ingress") - k8sClient, err := client.Client(cluster) - if err != nil { - c.AbortBadRequestFormat("Cluster") - return - } - res, err := ingress.GetIngress(k8sClient, name, namespace) - if err != nil { - logs.Error("get ingress error cluster: %s, namespace: %s", cluster, namespace) - c.HandleError(err) - return - } - c.Success(res) -} - -// @Title Delete -// @Description delete the Ingress -// @Param cluster path string true "the cluster want to delete" -// @Param namespace path string true "the namespace want to delete" -// @Param deployment path string true "the deployment name want to delete" -// @Success 200 {string} delete success! -// @router /:ingress/namespaces/:namespace/clusters/:cluster [delete] -func (c *KubeIngressController) Offline() { - cluster := c.Ctx.Input.Param(":cluster") - namespace := c.Ctx.Input.Param(":namespace") - name := c.Ctx.Input.Param(":ingress") - k8sClient, err := client.Client(cluster) - if err != nil { - c.AbortBadRequestFormat("Cluster") - return - } - if err = ingress.DeleteIngress(k8sClient, name, namespace); err != nil { - logs.Error("delete ingress: %s in namespace: %s, error: %s", name, namespace, err.Error()) - c.HandleError(err) - return - } - webhook.PublishEventIngress(c.NamespaceId, c.AppId, c.User.Name, c.Ctx.Input.IP(), webhook.OfflineIngress, response.Resource{ - Type: models.PublishTypeIngress, - ResourceName: name, - Cluster: cluster, - }) - c.Success("OK") -} diff --git a/src/backend/controllers/kubernetes/job/job.go b/src/backend/controllers/kubernetes/job/job.go index 2f116eb1e..9f093cb9e 100644 --- a/src/backend/controllers/kubernetes/job/job.go +++ b/src/backend/controllers/kubernetes/job/job.go @@ -21,7 +21,6 @@ type ClusterJob struct { } func (c *KubeJobController) URLMapping() { - c.Mapping("ListByCronjob", c.ListByCronjob) c.Mapping("ListAllClusterByCronjob", c.ListAllClusterByCronjob) c.Mapping("GetPodsEvent", c.GetPodsEvent) } @@ -29,28 +28,13 @@ func (c *KubeJobController) URLMapping() { func (c *KubeJobController) Prepare() { // Check administration c.APIController.Prepare() -} -// @Title Get -// @Description find Job by cluster -// @Success 200 {object} models.Job success -// @router /listByCronjob/:cronjob/namespaces/:namespace/clusters/:cluster [get] -func (c *KubeJobController) ListByCronjob() { - cluster := c.Ctx.Input.Param(":cluster") - namespace := c.Ctx.Input.Param(":namespace") - cronjobName := c.Ctx.Input.Param(":cronjob") - cli, err := client.Client(cluster) - if err == nil { - jobs, err := job.GetJobsByCronjobName(cli, namespace, cronjobName) - if err != nil { - logs.Error("get job by cronjob (%s) and cluster (%s) error.%v", cronjobName, cluster, err) - c.HandleError(err) - return - } - c.Success(jobs) - } else { - c.AbortBadRequestFormat("Cluster") + methodActionMap := map[string]string{ + "ListAllClusterByCronjob": models.PermissionRead, + "GetPodsEvent": models.PermissionRead, } + _, method := c.GetControllerAndAction() + c.PreparePermission(methodActionMap, method, models.PermissionTypeKubeJob) } // @Title Get diff --git a/src/backend/controllers/kubernetes/log/log.go b/src/backend/controllers/kubernetes/log/log.go index 1e88d6c27..6637b0683 100644 --- a/src/backend/controllers/kubernetes/log/log.go +++ b/src/backend/controllers/kubernetes/log/log.go @@ -23,15 +23,11 @@ func (c *KubeLogController) Prepare() { // Check administration c.APIController.Prepare() - perAction := "" - _, method := c.GetControllerAndAction() - switch method { - case "List": - perAction = models.PermissionRead - } - if perAction != "" { - c.CheckPermission(models.PermissionTypeDeployment, perAction) + methodActionMap := map[string]string{ + "List": models.PermissionRead, } + _, method := c.GetControllerAndAction() + c.PreparePermission(methodActionMap, method, models.PermissionTypeKubePod) } // @Title log diff --git a/src/backend/controllers/kubernetes/namespace/namespace.go b/src/backend/controllers/kubernetes/namespace/namespace.go index bccee3008..e1a8052f9 100644 --- a/src/backend/controllers/kubernetes/namespace/namespace.go +++ b/src/backend/controllers/kubernetes/namespace/namespace.go @@ -25,110 +25,25 @@ type KubeNamespaceController struct { func (c *KubeNamespaceController) URLMapping() { c.Mapping("Resources", c.Resources) - c.Mapping("List", c.List) - c.Mapping("GetNames", c.GetNames) + c.Mapping("Statistics", c.Statistics) + c.Mapping("Create", c.Create) } func (c *KubeNamespaceController) Prepare() { // Check administration c.APIController.Prepare() -} - -// @Title List namespace -// @Description get all namespace by page -// @Param cluster path string true "the cluster name" -// @Success 200 {object} common.Page success -// @router /clusters/:cluster [get] -func (c *KubeNamespaceController) List() { - param := c.BuildQueryParam() - cluster := c.Ctx.Input.Param(":cluster") - - cli, err := client.Client(cluster) - if err == nil { - result, err := namespace.GetNamespacePage(cli, param) - if err != nil { - logs.Error("list kubernetes namespaces error.", cluster, err) - c.HandleError(err) - return - } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") - } -} - -// @Title List all namespace name -// @Description get all namespace name -// @Param cluster path string true "the cluster name" -// @router /clusters/:cluster/names [get] -func (c *KubeNamespaceController) GetNames() { - cluster := c.Ctx.Input.Param(":cluster") - - cli, err := client.Client(cluster) - if err == nil { - result, err := namespace.GetAllNamespaceName(cli) - if err != nil { - logs.Error("list all kubernetes namespace names error.", cluster, err) - c.HandleError(err) - return - } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") - } - -} - -// @Title Get namespace info -// @Description get one namespace detail -// @Param cluster path string true "the cluster name" -// @Param namespace path string true "the namespace name" -// @Success 200 {object} common.Page success -// @router /:name/clusters/:cluster [get] -func (c *KubeNamespaceController) Get() { - cluster := c.Ctx.Input.Param(":cluster") - ns := c.Ctx.Input.Param(":name") - cli, err := client.Client(cluster) - if err == nil { - result, err := namespace.GetNamespace(cli, ns) - if err != nil { - logs.Error("get kubernetes namespaces error.", cluster, err) - c.HandleError(err) - return - } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") + methodActionMap := map[string]string{ + "Resources": models.PermissionRead, + "Statistics": models.PermissionRead, + "Create": models.PermissionCreate, } -} - -// @Title Update -// @Description update the Namespace -// @router /:name/clusters/:cluster [put] -func (c *KubeNamespaceController) Update() { - cluster := c.Ctx.Input.Param(":cluster") - name := c.Ctx.Input.Param(":name") - var tpl v1.Namespace - err := json.Unmarshal(c.Ctx.Input.RequestBody, &tpl) - if err != nil { - c.AbortBadRequestFormat("Namespace") - } - if name != tpl.Name { - c.AbortBadRequestFormat("Name") - } - - cli, err := client.Client(cluster) - if err == nil { - result, err := namespace.UpdateNamespace(cli, &tpl) - if err != nil { - logs.Error("update namespace (%v) by cluster (%s) error.%v", tpl, cluster, err) - c.HandleError(err) - return - } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") + _, method := c.GetControllerAndAction() + switch method { + case "Resources", "Statistics": + c.PreparePermission(methodActionMap, method, models.PermissionTypeNamespace) + case "Create": + c.PreparePermission(methodActionMap, method, models.PermissionTypeKubeNamespace) } } @@ -161,10 +76,10 @@ func (c *KubeNamespaceController) Create() { // @Param app query string false "The app Name" // @Param nid path string true "The namespace id" // @Success 200 return ok success -// @router /:id([0-9]+)/resources [get] +// @router /:namespaceid([0-9]+)/resources [get] func (c *KubeNamespaceController) Resources() { appName := c.Input().Get("app") - id := c.GetIDFromURL() + id := c.GetIntParamFromURL(":namespaceid") ns, err := models.NamespaceModel.GetById(int64(id)) if err != nil { logs.Warning("get namespace by id (%d) error. %v", id, err) @@ -240,10 +155,10 @@ func (c *KubeNamespaceController) Resources() { // @Param app query string false "The app Name" // @Param nid path string true "The namespace id" // @Success 200 return ok success -// @router /:id([0-9]+)/statistics [get] +// @router /:namespaceid([0-9]+)/statistics [get] func (c *KubeNamespaceController) Statistics() { appName := c.Input().Get("app") - id := c.GetIDFromURL() + id := c.GetIntParamFromURL(":namespaceid") ns, err := models.NamespaceModel.GetById(int64(id)) if err != nil { logs.Warning("get namespace by id (%d) error. %v", id, err) diff --git a/src/backend/controllers/kubernetes/node/node.go b/src/backend/controllers/kubernetes/node/node.go index e5f79dcaa..4807d0d98 100644 --- a/src/backend/controllers/kubernetes/node/node.go +++ b/src/backend/controllers/kubernetes/node/node.go @@ -9,6 +9,7 @@ import ( "github.com/Qihoo360/wayne/src/backend/client" "github.com/Qihoo360/wayne/src/backend/controllers/base" + "github.com/Qihoo360/wayne/src/backend/models" "github.com/Qihoo360/wayne/src/backend/resources/node" "github.com/Qihoo360/wayne/src/backend/util/logs" ) @@ -21,15 +22,22 @@ func (c *KubeNodeController) URLMapping() { c.Mapping("NodeStatistics", c.NodeStatistics) c.Mapping("List", c.List) c.Mapping("Update", c.Update) + c.Mapping("Get", c.Get) c.Mapping("Delete", c.Delete) } func (c *KubeNodeController) Prepare() { // Check administration c.APIController.Prepare() - if !c.User.Admin { - c.AbortForbidden("Operation need admin permission..") + methodActionMap := map[string]string{ + "NodeStatistics": models.PermissionRead, + "List": models.PermissionRead, + "Get": models.PermissionRead, + "Update": models.PermissionUpdate, + "Delete": models.PermissionDelete, } + _, method := c.GetControllerAndAction() + c.PreparePermission(methodActionMap, method, models.PermissionTypeKubeNode) } // @Title kubernetes node statistics diff --git a/src/backend/controllers/kubernetes/pod/pod.go b/src/backend/controllers/kubernetes/pod/pod.go index 613f1cccc..ba74fdd17 100644 --- a/src/backend/controllers/kubernetes/pod/pod.go +++ b/src/backend/controllers/kubernetes/pod/pod.go @@ -20,26 +20,22 @@ type KubePodController struct { } func (c *KubePodController) URLMapping() { - c.Mapping("Get", c.Get) - c.Mapping("Delete", c.Delete) + c.Mapping("PodStatistics", c.PodStatistics) c.Mapping("List", c.List) + c.Mapping("Terminal", c.Terminal) } func (c *KubePodController) Prepare() { // Check administration c.APIController.Prepare() - perAction := "" - _, method := c.GetControllerAndAction() - switch method { - case "Get", "List": - perAction = models.PermissionRead - case "Delete": - perAction = models.PermissionDelete - } - if perAction != "" { - c.CheckPermission(models.PermissionTypeDeployment, perAction) + methodActionMap := map[string]string{ + "PodStatistics": models.PermissionRead, + "List": models.PermissionRead, + "Terminal": models.PermissionRead, } + _, method := c.GetControllerAndAction() + c.PreparePermission(methodActionMap, method, models.PermissionTypeKubePod) } // @Title kubernetes pod statistics @@ -137,50 +133,3 @@ func (c *KubePodController) List() { } c.Success(result) } - -// @Title Get -// @Description find Deployment by cluster -// @Success 200 {object} models.Deployment success -// @router /:pod/namespaces/:namespace/clusters/:cluster [get] -func (c *KubePodController) Get() { - cluster := c.Ctx.Input.Param(":cluster") - namespace := c.Ctx.Input.Param(":namespace") - name := c.Ctx.Input.Param(":pod") - cli, err := client.Client(cluster) - if err == nil { - result, err := pod.GetPodByName(cli, namespace, name) - if err != nil { - logs.Error("get kubernetes pod detail error.", cluster, namespace, name, err) - c.HandleError(err) - return - } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") - } -} - -// @Title Delete -// @Description delete the Pod -// @Param cluster path string true "the cluster want to delete" -// @Param namespace path string true "the namespace want to delete" -// @Param pod path string true "the pod name want to delete" -// @Success 200 {string} delete success! -// @router /:pod/namespaces/:namespace/clusters/:cluster [delete] -func (c *KubePodController) Delete() { - cluster := c.Ctx.Input.Param(":cluster") - namespace := c.Ctx.Input.Param(":namespace") - name := c.Ctx.Input.Param(":pod") - cli, err := client.Client(cluster) - if err == nil { - err := pod.DeletePod(cli, name, namespace) - if err != nil { - logs.Error("delete pod (%s) by cluster (%s) error.%v", name, cluster, err) - c.HandleError(err) - return - } - c.Success("ok!") - } else { - c.AbortBadRequestFormat("Cluster") - } -} diff --git a/src/backend/controllers/kubernetes/proxy/proxy.go b/src/backend/controllers/kubernetes/proxy/proxy.go index 6708c2979..7d46ea348 100644 --- a/src/backend/controllers/kubernetes/proxy/proxy.go +++ b/src/backend/controllers/kubernetes/proxy/proxy.go @@ -33,28 +33,21 @@ func (c *KubeProxyController) Prepare() { // Check administration c.APIController.Prepare() - perAction := "" - _, method := c.GetControllerAndAction() - switch method { - case "Get", "List", "GetNames": - perAction = models.PermissionRead - case "Create": - perAction = models.PermissionCreate - case "Update": - perAction = models.PermissionUpdate - case "Delete": - perAction = models.PermissionDelete + methodActionMap := map[string]string{ + "Get": models.PermissionRead, + "List": models.PermissionRead, + "GetNames": models.PermissionRead, + "Create": models.PermissionCreate, + "Update": models.PermissionUpdate, + "Delete": models.PermissionDelete, } + _, method := c.GetControllerAndAction() kind := c.Ctx.Input.Param(":kind") resourceMap, ok := api.KindToResourceMap[kind] if !ok { c.AbortBadRequest(fmt.Sprintf("Request resource kind (%s) not supported!", kind)) } - - if perAction != "" { - c.CheckPermission(fmt.Sprintf("KUBE%s", strings.ToUpper(resourceMap.GroupVersionResourceKind.Kind)), perAction) - } - + c.PreparePermission(methodActionMap, method, fmt.Sprintf("KUBE%s", strings.ToUpper(resourceMap.GroupVersionResourceKind.Kind))) } // @Title Get diff --git a/src/backend/controllers/kubernetes/pv/pv.go b/src/backend/controllers/kubernetes/pv/pv.go index 1d4bee602..e57fba38b 100644 --- a/src/backend/controllers/kubernetes/pv/pv.go +++ b/src/backend/controllers/kubernetes/pv/pv.go @@ -8,6 +8,7 @@ import ( "github.com/Qihoo360/wayne/src/backend/client" "github.com/Qihoo360/wayne/src/backend/controllers/base" + "github.com/Qihoo360/wayne/src/backend/models" "github.com/Qihoo360/wayne/src/backend/resources/pv" "github.com/Qihoo360/wayne/src/backend/util/logs" ) @@ -18,6 +19,7 @@ type KubePersistentVolumeController struct { func (c *KubePersistentVolumeController) URLMapping() { c.Mapping("List", c.List) + c.Mapping("Get", c.Get) c.Mapping("Create", c.Create) c.Mapping("Update", c.Update) c.Mapping("Delete", c.Delete) @@ -26,9 +28,15 @@ func (c *KubePersistentVolumeController) URLMapping() { func (c *KubePersistentVolumeController) Prepare() { // Check administration c.APIController.Prepare() - if !c.User.Admin { - c.AbortForbidden("Operation need admin permission..") + methodActionMap := map[string]string{ + "List": models.PermissionRead, + "Get": models.PermissionRead, + "Create": models.PermissionCreate, + "Update": models.PermissionUpdate, + "Delete": models.PermissionDelete, } + _, method := c.GetControllerAndAction() + c.PreparePermission(methodActionMap, method, models.PermissionTypeKubePersistentVolume) } diff --git a/src/backend/controllers/kubernetes/pv/robin.go b/src/backend/controllers/kubernetes/pv/robin.go index ce9d28a26..b5bc566ce 100644 --- a/src/backend/controllers/kubernetes/pv/robin.go +++ b/src/backend/controllers/kubernetes/pv/robin.go @@ -28,10 +28,13 @@ func (c *RobinPersistentVolumeController) URLMapping() { func (c *RobinPersistentVolumeController) Prepare() { // Check administration c.APIController.Prepare() - if !c.User.Admin { - c.Ctx.Output.SetStatus(http.StatusUnauthorized) - c.Ctx.Output.Body([]byte("非管理员无法操作PV资源")) + + methodActionMap := map[string]string{ + "ListRbdImages": models.PermissionRead, + "CreateRbdImage": models.PermissionCreate, } + _, method := c.GetControllerAndAction() + c.PreparePermission(methodActionMap, method, models.PermissionTypeKubePersistentVolume) } diff --git a/src/backend/controllers/kubernetes/pvc/pvc.go b/src/backend/controllers/kubernetes/pvc/pvc.go index 35a24d6a9..019c99182 100644 --- a/src/backend/controllers/kubernetes/pvc/pvc.go +++ b/src/backend/controllers/kubernetes/pvc/pvc.go @@ -3,12 +3,13 @@ package pvc import ( "encoding/json" + kapi "k8s.io/api/core/v1" + "github.com/Qihoo360/wayne/src/backend/client" "github.com/Qihoo360/wayne/src/backend/controllers/base" "github.com/Qihoo360/wayne/src/backend/models" "github.com/Qihoo360/wayne/src/backend/resources/pvc" "github.com/Qihoo360/wayne/src/backend/util/logs" - kapi "k8s.io/api/core/v1" ) type KubePersistentVolumeClaimController struct { @@ -16,28 +17,18 @@ type KubePersistentVolumeClaimController struct { } func (c *KubePersistentVolumeClaimController) URLMapping() { - c.Mapping("Get", c.Get) - c.Mapping("Offline", c.Offline) - c.Mapping("Deploy", c.Deploy) + c.Mapping("Create", c.Create) } func (c *KubePersistentVolumeClaimController) Prepare() { // Check administration c.APIController.Prepare() - perAction := "" - _, method := c.GetControllerAndAction() - switch method { - case "Get": - perAction = models.PermissionRead - case "Deploy": - perAction = models.PermissionDeploy - case "Offline": - perAction = models.PermissionOffline - } - if perAction != "" { - c.CheckPermission(models.PermissionTypePersistentVolumeClaim, perAction) + methodActionMap := map[string]string{ + "Create": models.PermissionCreate, } + _, method := c.GetControllerAndAction() + c.PreparePermission(methodActionMap, method, models.PermissionTypeKubePersistentVolumeClaim) } // @Title deploy @@ -45,7 +36,7 @@ func (c *KubePersistentVolumeClaimController) Prepare() { // @Param body body string true "The tpl content" // @Success 200 return ok success // @router /:pvcId/tpls/:tplId/clusters/:cluster [post] -func (c *KubePersistentVolumeClaimController) Deploy() { +func (c *KubePersistentVolumeClaimController) Create() { pvcId := c.GetIntParamFromURL(":pvcId") tplId := c.GetIntParamFromURL(":tplId") var kubePersistentVolumeClaim kapi.PersistentVolumeClaim @@ -98,49 +89,3 @@ func (c *KubePersistentVolumeClaimController) Deploy() { c.AbortBadRequestFormat("Cluster") } } - -// @Title Get -// @Description find PersistentVolumeClaim by cluster -// @router /:pvc/namespaces/:namespace/clusters/:cluster [get] -func (c *KubePersistentVolumeClaimController) Get() { - cluster := c.Ctx.Input.Param(":cluster") - namespace := c.Ctx.Input.Param(":namespace") - name := c.Ctx.Input.Param(":pvc") - cli, err := client.Client(cluster) - if err == nil { - result, err := pvc.GetPersistentVolumeClaimDetail(cli, name, namespace) - if err != nil { - logs.Error("get kubernetes pvc detail error.", cluster, namespace, name, err) - c.HandleError(err) - return - } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") - } -} - -// @Title Delete -// @Description delete the PersistentVolumeClaim -// @Param cluster path string true "the cluster want to delete" -// @Param namespace path string true "the namespace want to delete" -// @Param pvc path string true "the pvc name want to delete" -// @Success 200 {string} delete success! -// @router /:pvc/namespaces/:namespace/clusters/:cluster [delete] -func (c *KubePersistentVolumeClaimController) Offline() { - cluster := c.Ctx.Input.Param(":cluster") - namespace := c.Ctx.Input.Param(":namespace") - name := c.Ctx.Input.Param(":pvc") - cli, err := client.Client(cluster) - if err == nil { - err := pvc.DeletePersistentVolumeClaim(cli, name, namespace) - if err != nil { - logs.Error("delete pvc (%s) by cluster (%s) error.%v", name, cluster, err) - c.HandleError(err) - return - } - c.Success("ok!") - } else { - c.AbortBadRequestFormat("Cluster") - } -} diff --git a/src/backend/controllers/kubernetes/pvc/robin.go b/src/backend/controllers/kubernetes/pvc/robin.go index 454bc5413..d81c68ce9 100644 --- a/src/backend/controllers/kubernetes/pvc/robin.go +++ b/src/backend/controllers/kubernetes/pvc/robin.go @@ -41,19 +41,21 @@ func (c *RobinPersistentVolumeClaimController) Prepare() { // Check administration c.APIController.Prepare() - perAction := "" - _, method := c.GetControllerAndAction() - switch method { - case "Get": - perAction = models.PermissionRead - case "Deploy": - perAction = models.PermissionDeploy - case "Delete": - perAction = models.PermissionDelete - } - if perAction != "" { - c.CheckPermission(models.PermissionTypePersistentVolumeClaim, perAction) + methodActionMap := map[string]string{ + "GetPvcStatus": models.PermissionRead, + "ActiveImage": models.PermissionRead, + "InActiveImage": models.PermissionRead, + "OfflineImageUser": models.PermissionRead, + "LoginInfo": models.PermissionRead, + "Verify": models.PermissionRead, + "ListSnapshot": models.PermissionRead, + "CreateSnapshot": models.PermissionRead, + "DeleteAllSnapshot": models.PermissionRead, + "DeleteSnapshot": models.PermissionRead, + "RollbackSnapshot": models.PermissionRead, } + _, method := c.GetControllerAndAction() + c.PreparePermission(methodActionMap, method, models.PermissionTypeKubePersistentVolumeClaim) } // @Title Get pvc status diff --git a/src/backend/controllers/kubernetes/secret/secret.go b/src/backend/controllers/kubernetes/secret/secret.go index 60ffa0349..4a5b58e71 100644 --- a/src/backend/controllers/kubernetes/secret/secret.go +++ b/src/backend/controllers/kubernetes/secret/secret.go @@ -17,28 +17,18 @@ type KubeSecretController struct { } func (c *KubeSecretController) URLMapping() { - c.Mapping("Get", c.Get) - c.Mapping("Offline", c.Offline) - c.Mapping("Deploy", c.Deploy) + c.Mapping("Create", c.Create) } func (c *KubeSecretController) Prepare() { // Check administration c.APIController.Prepare() - perAction := "" - _, method := c.GetControllerAndAction() - switch method { - case "Get": - perAction = models.PermissionRead - case "Deploy": - perAction = models.PermissionDeploy - case "Offline": - perAction = models.PermissionOffline - } - if perAction != "" { - c.CheckPermission(models.PermissionTypeSecret, perAction) + methodActionMap := map[string]string{ + "Create": models.PermissionCreate, } + _, method := c.GetControllerAndAction() + c.PreparePermission(methodActionMap, method, models.PermissionTypeKubeSecret) } // @Title deploy @@ -46,7 +36,7 @@ func (c *KubeSecretController) Prepare() { // @Param body body string true "The tpl content" // @Success 200 return ok success // @router /:secretId/tpls/:tplId/clusters/:cluster [post] -func (c *KubeSecretController) Deploy() { +func (c *KubeSecretController) Create() { secretId := c.GetIntParamFromURL(":secretId") tplId := c.GetIntParamFromURL(":tplId") var kubeSecret kapi.Secret @@ -97,52 +87,3 @@ func (c *KubeSecretController) Deploy() { c.AbortBadRequestFormat("Cluster") } } - -// @Title Get -// @Description find Secret by cluster -// @Success 200 {object} models.Secret success -// @router /:secret/namespaces/:namespace/clusters/:cluster [get] -func (c *KubeSecretController) Get() { - cluster := c.Ctx.Input.Param(":cluster") - namespace := c.Ctx.Input.Param(":namespace") - name := c.Ctx.Input.Param(":secret") - cli, err := client.Client(cluster) - if err == nil { - result, err := secret.GetSecretDetail(cli, name, namespace) - - if err != nil { - logs.Error("get kubernetes secret detail error.", cluster, namespace, name, err) - c.HandleError(err) - return - } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") - } -} - -// @Title Delete -// @Description delete the secret -// @Param cluster path string true "the cluster want to delete" -// @Param namespace path string true "the namespace want to delete" -// @Param secret path string true "the secret name want to delete" -// @Success 200 {string} delete success! -// @router /:secret/namespaces/:namespace/clusters/:cluster [delete] -func (c *KubeSecretController) Offline() { - cluster := c.Ctx.Input.Param(":cluster") - namespace := c.Ctx.Input.Param(":namespace") - name := c.Ctx.Input.Param(":secret") - cli, err := client.Client(cluster) - if err == nil { - err := secret.DeleteSecret(cli, name, namespace) - if err != nil { - logs.Error("delete secret (%s) by cluster (%s) error.%v", name, cluster, err) - c.HandleError(err) - return - } - c.Success("ok!") - return - } else { - c.AbortBadRequestFormat("Cluster") - } -} diff --git a/src/backend/controllers/kubernetes/service/service.go b/src/backend/controllers/kubernetes/service/service.go index 500d6e090..f7ba62640 100644 --- a/src/backend/controllers/kubernetes/service/service.go +++ b/src/backend/controllers/kubernetes/service/service.go @@ -20,30 +20,20 @@ type KubeServiceController struct { } func (c *KubeServiceController) URLMapping() { + c.Mapping("Create", c.Create) c.Mapping("Get", c.Get) - c.Mapping("Offline", c.Offline) - c.Mapping("Deploy", c.Deploy) - c.Mapping("GetDetail", c.GetDetail) - c.Mapping("List", c.List) } func (c *KubeServiceController) Prepare() { // Check administration c.APIController.Prepare() - perAction := "" - _, method := c.GetControllerAndAction() - switch method { - case "Get": - perAction = models.PermissionRead - case "Deploy": - perAction = models.PermissionDeploy - case "Offline": - perAction = models.PermissionOffline - } - if perAction != "" { - c.CheckPermission(models.PermissionTypeService, perAction) + methodActionMap := map[string]string{ + "Create": models.PermissionCreate, + "Get": models.PermissionRead, } + _, method := c.GetControllerAndAction() + c.PreparePermission(methodActionMap, method, models.PermissionTypeKubeService) } // @Title GetDetail @@ -52,7 +42,7 @@ func (c *KubeServiceController) Prepare() { // @Param namespace path string true "the namespace name" // @Success 200 {object} service.ServiceDetail success // @router /:service/detail/namespaces/:namespace/clusters/:cluster [get] -func (c *KubeServiceController) GetDetail() { +func (c *KubeServiceController) Get() { cluster := c.Ctx.Input.Param(":cluster") namespace := c.Ctx.Input.Param(":namespace") name := c.Ctx.Input.Param(":service") @@ -68,40 +58,12 @@ func (c *KubeServiceController) GetDetail() { c.Success(serviceDetail) } -// @Title List service -// @Description get all ingress in a kubernetes cluster -// @Param pageNo query int false "the page current no" -// @Param pageSize query int false "the page size" -// @Param filter query string false "column filter, ex. filter=name=test" -// @Param sortby query string false "column sorted by, ex. sortby=-id, '-' representation desc, and sortby=id representation asc" -// @Param cluster path string true "the cluster name" -// @Param namespace path string true "the namespace name" -// @Success 200 {object} common.Page success -// @router /namespaces/:namespace/clusters/:cluster [get] -func (c *KubeServiceController) List() { - param := c.BuildQueryParam() - cluster := c.Ctx.Input.Param(":cluster") - namespace := c.Ctx.Input.Param(":namespace") - - manager, err := client.Manager(cluster) - if err != nil { - c.AbortBadRequestFormat("Cluster") - } - res, err := service.GetServicePage(manager.Client, namespace, param) - if err != nil { - logs.Error("list kubernetes(%s) namespace(%s) services error %v", cluster, namespace, err) - c.HandleError(err) - return - } - c.Success(res) -} - // @Title deploy // @Description deploy tpl // @Param body body string true "The tpl content" // @Success 200 return ok success // @router /:serviceId/tpls/:tplId/clusters/:cluster [post] -func (c *KubeServiceController) Deploy() { +func (c *KubeServiceController) Create() { serviceId := c.GetIntParamFromURL(":serviceId") tplId := c.GetIntParamFromURL(":tplId") var kubeService v1.Service @@ -181,56 +143,3 @@ func (c *KubeServiceController) Deploy() { c.AbortBadRequestFormat("Cluster") } } - -// @Title Get -// @Description find Service by cluster -// @Success 200 {object} models.Service success -// @router /:service/namespaces/:namespace/clusters/:cluster [get] -func (c *KubeServiceController) Get() { - cluster := c.Ctx.Input.Param(":cluster") - namespace := c.Ctx.Input.Param(":namespace") - name := c.Ctx.Input.Param(":service") - cli, err := client.Client(cluster) - if err == nil { - result, err := service.GetService(cli, name, namespace) - if err != nil { - logs.Error("get kubernetes service detail error.", cluster, namespace, name, err) - c.HandleError(err) - return - } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") - } -} - -// @Title Delete -// @Description delete the Service -// @Param cluster path string true "the cluster want to delete" -// @Param namespace path string true "the namespace want to delete" -// @Param service path string true "the service name want to delete" -// @Success 200 {string} delete success! -// @router /:service/namespaces/:namespace/clusters/:cluster [delete] -func (c *KubeServiceController) Offline() { - cluster := c.Ctx.Input.Param(":cluster") - namespace := c.Ctx.Input.Param(":namespace") - name := c.Ctx.Input.Param(":service") - cli, err := client.Client(cluster) - if err == nil { - err := service.DeleteService(cli, name, namespace) - if err != nil { - logs.Error("delete Service (%s) by cluster (%s) error.%v", name, cluster, err) - c.HandleError(err) - return - } - webhook.PublishEventService(c.NamespaceId, c.AppId, c.User.Name, c.Ctx.Input.IP(), webhook.OfflineService, response.Resource{ - Type: models.PublishTypeService, - ResourceName: name, - Cluster: cluster, - }) - c.Success("ok!") - return - } else { - c.AbortBadRequestFormat("Cluster") - } -} diff --git a/src/backend/controllers/kubernetes/statefulset/statefulset.go b/src/backend/controllers/kubernetes/statefulset/statefulset.go index 6b464e6db..7542b4b04 100644 --- a/src/backend/controllers/kubernetes/statefulset/statefulset.go +++ b/src/backend/controllers/kubernetes/statefulset/statefulset.go @@ -25,27 +25,19 @@ type KubeStatefulsetController struct { func (c *KubeStatefulsetController) URLMapping() { c.Mapping("Get", c.Get) - c.Mapping("Offline", c.Offline) - c.Mapping("Deploy", c.Deploy) + c.Mapping("Create", c.Create) } func (c *KubeStatefulsetController) Prepare() { // Check administration c.APIController.Prepare() - perAction := "" - _, method := c.GetControllerAndAction() - switch method { - case "Get": - perAction = models.PermissionRead - case "Deploy": - perAction = models.PermissionDeploy - case "Offline": - perAction = models.PermissionOffline - } - if perAction != "" { - c.CheckPermission(models.PermissionTypeStatefulset, perAction) + methodActionMap := map[string]string{ + "Create": models.PermissionCreate, + "Get": models.PermissionRead, } + _, method := c.GetControllerAndAction() + c.PreparePermission(methodActionMap, method, models.PermissionTypeKubeStatefulSet) } // @Title deploy @@ -53,7 +45,7 @@ func (c *KubeStatefulsetController) Prepare() { // @Param body body string true "The tpl content" // @Success 200 return ok success // @router /:statefulsetId([0-9]+)/tpls/:tplId([0-9]+)/clusters/:cluster [post] -func (c *KubeStatefulsetController) Deploy() { +func (c *KubeStatefulsetController) Create() { statefulsetId := c.GetIntParamFromURL(":statefulsetId") tplId := c.GetIntParamFromURL(":tplId") @@ -250,28 +242,3 @@ func (c *KubeStatefulsetController) Get() { c.AbortBadRequestFormat("Cluster") } } - -// @Title Delete -// @Description delete the Statefulset -// @Param cluster path string true "the cluster want to delete" -// @Param namespace path string true "the namespace want to delete" -// @Param statefulset path string true "the statefulset name want to delete" -// @Success 200 {string} delete success! -// @router /:statefulset/namespaces/:namespace/clusters/:cluster [delete] -func (c *KubeStatefulsetController) Offline() { - cluster := c.Ctx.Input.Param(":cluster") - namespace := c.Ctx.Input.Param(":namespace") - name := c.Ctx.Input.Param(":statefulset") - cli, err := client.Client(cluster) - if err == nil { - err := statefulset.DeleteStatefulset(cli, name, namespace) - if err != nil { - logs.Error("delete statefulset (%s) by cluster (%s) error.%v", name, cluster, err) - c.HandleError(err) - return - } - c.Success("ok!") - } else { - c.AbortBadRequestFormat("Cluster") - } -} diff --git a/src/backend/database/initial/data.go b/src/backend/database/initial/data.go index f47a4eb24..12a05feac 100644 --- a/src/backend/database/initial/data.go +++ b/src/backend/database/initial/data.go @@ -191,141 +191,341 @@ var InitialData = []string{ `INSERT INTO .group ( id, name, comment, type, create_time, update_time ) VALUES ('10', '项目负责人', '项目负责人', '0', now(), now());`, `INSERT INTO .group ( id, name, comment, type, create_time, update_time ) VALUES ('11', '项目开发', '项目开发', '0', now(), now());`, `INSERT INTO .group ( id, name, comment, type, create_time, update_time ) VALUES ('12', '项目测试', '项目测试', '0', now(), now());`, - `INSERT INTO .group ( id, name, comment, type, create_time, update_time ) VALUES ('20', '项目运维', '运维相关负责人', '0', now(), now());`, `INSERT INTO .group ( id, name, comment, type, create_time, update_time ) VALUES ('21', 'API_VIEWER', 'API只读权限', '2', now(), now());`, `INSERT INTO .group ( id, name, comment, type, create_time, update_time ) VALUES ('22', 'API_EDITOR', 'API读写权限', '2', now(), now());`, - // -- group_permissions + // 项目负责人 -- group_permissions + // APPUSER `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '46');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '47');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '48');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '49');`, + // DEPLOYMENT `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '54');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '55');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '56');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '57');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '140');`, + // SERVICE `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '59');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '60');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '61');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '62');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '192');`, + // CONFIGMAP `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '64');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '65');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '66');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '67');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '132');`, + // PVC + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '69');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '70');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '71');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '72');`, + // SECRET `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '79');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '80');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '81');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '82');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '188');`, + // CRONJOB `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '90');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '91');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '92');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '93');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '160');`, + // WEBHOOK `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '95');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '96');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '97');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '98');`, + // APIKEY `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '100');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '101');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '102');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '103');`, + // STATEFULSET + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '104');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '105');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '106');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '107');`, + // INGRESS `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '122');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '123');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '124');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '125');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '152');`, + // HPA `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '127');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '128');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '129');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '130');`, + + // Kubernetes resource + // Deployment + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '140');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '142');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '143');`, + // StatefulSet + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '196');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '198');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '199');`, + // CronJob + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '160');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '162');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '163');`, + // Job + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '158');`, + // HPA `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '148');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '150');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '151');`, + // Service + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '192');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '194');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '195');`, + // Ingress + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '152');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '154');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '155');`, + // ConfigMap + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '133');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '134');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '135');`, + // Secret + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '188');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '190');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '191');`, + // PVC `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '172');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '174');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '175');`, + // POD + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '182');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '183');`, + + // 项目开发 -- group_permissions + // APPUSER + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '48');`, + + // DEPLOYMENT `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '54');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '55');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '56');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '140');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '57');`, + // SERVICE `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '59');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '60');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '61');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '192');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '62');`, + // CONFIGMAP `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '64');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '65');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '66');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '132');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '67');`, + // PVC `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '69');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '70');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '71');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '74');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '75');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '76');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '72');`, + // SECRET `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '79');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '80');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '81');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '188');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '84');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '85');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '86');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '172');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '82');`, + // CRONJOB + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '90');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '91');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '92');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '160');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '96');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '93');`, + // WEBHOOK `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '97');`, + // APIKEY `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '100');`, + // STATEFULSET + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '104');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '105');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '106');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '107');`, + // INGRESS + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '122');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '123');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '124');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '152');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '125');`, + // HPA + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '127');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '128');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '129');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '130');`, + + // Kubernetes resource + // Deployment + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '140');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '142');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '143');`, + // StatefulSet + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '196');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '198');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '199');`, + // CronJob + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '160');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '162');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '163');`, + // Job + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '158');`, + // HPA `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '148');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '150');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '151');`, + // Service + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '192');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '194');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '195');`, + // Ingress + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '152');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '154');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '155');`, + // ConfigMap + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '133');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '134');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '135');`, + // Secret + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '188');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '190');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '191');`, + // PVC + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '172');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '174');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '175');`, + // POD + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '182');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '183');`, + + // 项目测试 -- group_permissions + // APPUSER `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '48');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '54');`, + + // DEPLOYMENT `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '56');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '140');`, + // SERVICE `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '61');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '192');`, + // CONFIGMAP `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '66');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '132');`, + // PVC `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '71');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '76');`, + // SECRET `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '81');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '188');`, + // CRONJOB `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '92');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '160');`, + // WEBHOOK + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '97');`, + // APIKEY + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '100');`, + // STATEFULSET + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '104');`, + // INGRESS `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '124');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '152');`, + // HPA `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '129');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '148');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('20', '92');`, + + // Kubernetes resource + // Deployment + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '142');`, + // StatefulSet + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '198');`, + // CronJob + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '162');`, + // Job + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '158');`, + // HPA + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '150');`, + // Service + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '194');`, + // Ingress + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '154');`, + // ConfigMap + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '134');`, + // Secret + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '190');`, + // PVC + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '174');`, + // POD + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '182');`, + + // 访客 -- group_permissions + // APP + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '76');`, + // DEPLOYMENT `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '56');`, + // SERVICE `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '61');`, + // CONFIGMAP `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '66');`, + // PVC `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '71');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '76');`, + // SECRET `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '81');`, + // NAMESPACE `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '86');`, + // CRONJOB `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '92');`, + // STATEFULSET + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '104');`, + // INGRESS + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '124');`, + // HPA + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '129');`, + + // Kubernetes resource + // Deployment + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '142');`, + // StatefulSet + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '198');`, + // CronJob + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '162');`, + // Job + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '158');`, + // HPA + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '150');`, + // Service + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '194');`, + // Ingress + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '154');`, + // ConfigMap + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '134');`, + // Secret + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '190');`, + // PVC + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '174');`, + // POD + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '182');`, + + // 组管理员 + // APPUSER `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('8', '46');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('8', '47');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('8', '48');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('8', '49');`, + // NAMESPACEUSER `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('8', '50');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('8', '51');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('8', '52');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('8', '53');`, + // APP `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('8', '74');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('8', '75');`, `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('8', '76');`, + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('8', '77');`, + // NAMESPACE `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('8', '86');`, + // WEBHOOK `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('8', '97');`, + // APIKEY + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('8', '100');`, + // 组成员 + // APPUSER `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('9', '48');`, + // APP `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('9', '76');`, + // NAMESPACE `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('9', '86');`, + // WEBHOOK `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('9', '97');`, - `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '52');`, + // APIKEY + `INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('8', '100');`, } diff --git a/src/backend/models/permission.go b/src/backend/models/permission.go index 8148c9a2f..1a5932198 100644 --- a/src/backend/models/permission.go +++ b/src/backend/models/permission.go @@ -10,12 +10,10 @@ import ( const ( TableNamePermission = "permission" - PermissionCreate = "CREATE" - PermissionUpdate = "UPDATE" - PermissionRead = "READ" - PermissionDelete = "DELETE" - PermissionDeploy = "DEPLOY" - PermissionOffline = "OFFLINE" + PermissionCreate = "CREATE" + PermissionUpdate = "UPDATE" + PermissionRead = "READ" + PermissionDelete = "DELETE" PermissionTypeApp = "APP" PermissionTypeAppUser = "APPUSER" @@ -123,12 +121,10 @@ type TypePermission struct { } type ActionPermission struct { - PermissionRead bool `json:"read" mapstructure:"READ"` - PermissionCreate bool `json:"create" mapstructure:"CREATE"` - PermissionUpdate bool `json:"update" mapstructure:"UPDATE"` - PermissionDelete bool `json:"delete" mapstructure:"DELETE"` - PermissionDeploy bool `json:"deploy" mapstructure:"DEPLOY"` - PermissionOffline bool `json:"offline" mapstructure:"OFFLINE"` + PermissionRead bool `json:"read" mapstructure:"READ"` + PermissionCreate bool `json:"create" mapstructure:"CREATE"` + PermissionUpdate bool `json:"update" mapstructure:"UPDATE"` + PermissionDelete bool `json:"delete" mapstructure:"DELETE"` } func (*Permission) TableName() string { diff --git a/src/backend/resources/configmap/configmap.go b/src/backend/resources/configmap/configmap.go index d0bb2e041..b2ac5ddc6 100644 --- a/src/backend/resources/configmap/configmap.go +++ b/src/backend/resources/configmap/configmap.go @@ -28,19 +28,3 @@ func CreateOrUpdateConfigMap(cli *kubernetes.Clientset, configMap *kapi.ConfigMa return cli.CoreV1().ConfigMaps(configMap.Namespace).Update(old) } - -func GetConfigMapDetail(cli *kubernetes.Clientset, name, namespace string) (*ConfigMap, error) { - configmap, err := cli.CoreV1().ConfigMaps(namespace).Get(name, metaV1.GetOptions{}) - if err != nil { - return nil, err - } - - return &ConfigMap{ - ObjectMeta: common.NewObjectMeta(configmap.ObjectMeta), - Data: configmap.Data, - }, nil -} - -func DeleteConfigMap(cli *kubernetes.Clientset, name, namespace string) error { - return cli.CoreV1().ConfigMaps(namespace).Delete(name, &metaV1.DeleteOptions{}) -} diff --git a/src/backend/resources/hpa/hpa.go b/src/backend/resources/hpa/hpa.go index f6e85fd70..b1bc7835b 100644 --- a/src/backend/resources/hpa/hpa.go +++ b/src/backend/resources/hpa/hpa.go @@ -1,39 +1,12 @@ package hpa import ( - "github.com/Qihoo360/wayne/src/backend/client" - autoscaling "k8s.io/api/autoscaling/v1" "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/labels" "k8s.io/client-go/kubernetes" ) -func GetHPAList(indexer *client.CacheFactory, namespace string, label map[string]string) ([]*autoscaling.HorizontalPodAutoscaler, error) { - hpas, err := indexer.HPALister().HorizontalPodAutoscalers(namespace).List(labels.SelectorFromSet(label)) - if err != nil { - return nil, err - } - return hpas, nil -} - -func GetHPADetail(indexer *client.CacheFactory, name, namespace string) (*HPA, error) { - hpa, err := indexer.HPALister().HorizontalPodAutoscalers(namespace).Get(name) - if err != nil { - return nil, err - } - return toHPA(hpa), nil -} - -func GetHPA(indexer *client.CacheFactory, name, namespace string) (hpa *autoscaling.HorizontalPodAutoscaler, err error) { - hpa, err = indexer.HPALister().HorizontalPodAutoscalers(namespace).Get(name) - if err != nil { - return nil, err - } - return -} - func CreateOrUpdateHPA(c *kubernetes.Clientset, hpa *autoscaling.HorizontalPodAutoscaler) (*HPA, error) { old, err := c.AutoscalingV1().HorizontalPodAutoscalers(hpa.Namespace).Get(hpa.Name, v1.GetOptions{}) if err != nil { @@ -53,7 +26,3 @@ func CreateOrUpdateHPA(c *kubernetes.Clientset, hpa *autoscaling.HorizontalPodAu } return toHPA(kubeHPA), nil } - -func DeleteHPA(c *kubernetes.Clientset, name, namespace string) error { - return c.AutoscalingV1().HorizontalPodAutoscalers(namespace).Delete(name, &v1.DeleteOptions{}) -} diff --git a/src/backend/resources/hpa/list.go b/src/backend/resources/hpa/list.go index 9621e772e..f43b7af90 100644 --- a/src/backend/resources/hpa/list.go +++ b/src/backend/resources/hpa/list.go @@ -3,10 +3,7 @@ package hpa import ( autoscaling "k8s.io/api/autoscaling/v1" - "github.com/Qihoo360/wayne/src/backend/client" - backendCommon "github.com/Qihoo360/wayne/src/backend/common" "github.com/Qihoo360/wayne/src/backend/resources/common" - "github.com/Qihoo360/wayne/src/backend/resources/dataselector" ) type HPA struct { @@ -31,15 +28,3 @@ func toHPA(hpa *autoscaling.HorizontalPodAutoscaler) *HPA { } return &modelHPA } - -func GetHPAPage(indexer *client.CacheFactory, namespace string, q *backendCommon.QueryParam) (page *backendCommon.Page, err error) { - hpaPtrs, err := GetHPAList(indexer, namespace, nil) - if err != nil { - return nil, err - } - HPAs := make([]*HPA, len(hpaPtrs)) - for i := range hpaPtrs { - HPAs[i] = toHPA(hpaPtrs[i]) - } - return dataselector.DataSelectPage(toCells(HPAs), q), nil -} diff --git a/src/backend/resources/ingress/common.go b/src/backend/resources/ingress/common.go index f9d11c6a2..95db415c9 100644 --- a/src/backend/resources/ingress/common.go +++ b/src/backend/resources/ingress/common.go @@ -29,11 +29,3 @@ func toCells(std []Ingress) []dataselector.DataCell { } return cells } - -func fromCells(cells []dataselector.DataCell) []Ingress { - std := make([]Ingress, len(cells)) - for i := range std { - std[i] = Ingress(cells[i].(IngressCell)) - } - return std -} diff --git a/src/backend/resources/ingress/list.go b/src/backend/resources/ingress/list.go index a9c3aa115..f648081cf 100644 --- a/src/backend/resources/ingress/list.go +++ b/src/backend/resources/ingress/list.go @@ -2,12 +2,8 @@ package ingress import ( extensions "k8s.io/api/extensions/v1beta1" - metaV1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/client-go/kubernetes" - backendCommon "github.com/Qihoo360/wayne/src/backend/common" "github.com/Qihoo360/wayne/src/backend/resources/common" - "github.com/Qihoo360/wayne/src/backend/resources/dataselector" ) type Ingress struct { @@ -35,15 +31,3 @@ func toIngress(ingress *extensions.Ingress) *Ingress { } return modelIngress } - -func GetIngressPage(cli *kubernetes.Clientset, namespace string, q *backendCommon.QueryParam) (page *backendCommon.Page, err error) { - ingressPtrs, err := GetIngressList(cli, namespace, metaV1.ListOptions{}) - if err != nil { - return nil, err - } - ingresses := make([]Ingress, len(ingressPtrs)) - for i := range ingressPtrs { - ingresses[i] = *ingressPtrs[i] - } - return dataselector.DataSelectPage(toCells(ingresses), q), nil -} diff --git a/src/backend/resources/namespace/list.go b/src/backend/resources/namespace/list.go index ab3f59f1f..90603024a 100644 --- a/src/backend/resources/namespace/list.go +++ b/src/backend/resources/namespace/list.go @@ -4,47 +4,8 @@ import ( "k8s.io/api/core/v1" metaV1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/kubernetes" - - "github.com/Qihoo360/wayne/src/backend/common" - "github.com/Qihoo360/wayne/src/backend/resources/dataselector" ) -func GetNamespacePage(cli *kubernetes.Clientset, q *common.QueryParam) (*common.Page, error) { - kubeNamespaces, err := cli.CoreV1().Namespaces().List(metaV1.ListOptions{}) - if err != nil { - return nil, err - } - - namespaces := make([]Namespace, 0) - - for i := 0; i < len(kubeNamespaces.Items); i++ { - namespaces = append(namespaces, *toNamespace(&kubeNamespaces.Items[i])) - } - return dataselector.DataSelectPage(toCells(namespaces), q), nil -} - -func GetAllNamespaceName(cli *kubernetes.Clientset) ([]string, error) { - kubeNamespaces, err := cli.CoreV1().Namespaces().List(metaV1.ListOptions{}) - if err != nil { - return nil, err - } - - namespaces := make([]string, 0) - - for _, ns := range kubeNamespaces.Items { - namespaces = append(namespaces, ns.Name) - } - return namespaces, nil -} - -func toCells(ns []Namespace) []dataselector.DataCell { - cells := make([]dataselector.DataCell, len(ns)) - for i := range ns { - cells[i] = NamespaceCell(ns[i]) - } - return cells -} - func GetNamespace(cli *kubernetes.Clientset, namespace string) (*v1.Namespace, error) { kubeNamespaces, err := cli.CoreV1().Namespaces().List(metaV1.ListOptions{}) if err != nil { diff --git a/src/backend/resources/namespace/namespace.go b/src/backend/resources/namespace/namespace.go index 3f933ad42..1bdc2887e 100644 --- a/src/backend/resources/namespace/namespace.go +++ b/src/backend/resources/namespace/namespace.go @@ -13,14 +13,6 @@ import ( "github.com/Qihoo360/wayne/src/backend/util" ) -func UpdateNamespace(cli *kubernetes.Clientset, ns *v1.Namespace) (*v1.Namespace, error) { - newNS, err := cli.CoreV1().Namespaces().Update(ns) - if err != nil { - return nil, err - } - return newNS, nil -} - func CreateNotExitNamespace(cli *kubernetes.Clientset, ns *v1.Namespace) (*v1.Namespace, error) { _, err := cli.CoreV1().Namespaces().Get(ns.Name, metaV1.GetOptions{}) if err != nil { diff --git a/src/backend/resources/secret/secret.go b/src/backend/resources/secret/secret.go index 444434c79..6271fd71e 100644 --- a/src/backend/resources/secret/secret.go +++ b/src/backend/resources/secret/secret.go @@ -33,18 +33,6 @@ func CreateOrUpdateSecret(cli *kubernetes.Clientset, secret *kapi.Secret) (*kapi return cli.CoreV1().Secrets(secret.Namespace).Update(old) } -func GetSecretDetail(cli *kubernetes.Clientset, name, namespace string) (*Secret, error) { - secret, err := cli.CoreV1().Secrets(namespace).Get(name, metaV1.GetOptions{}) - if err != nil { - return nil, err - } - - return &Secret{ - ObjectMeta: common.NewObjectMeta(secret.ObjectMeta), - Data: secret.Data, - }, nil -} - func DeleteSecret(cli *kubernetes.Clientset, name, namespace string) error { return cli.CoreV1().Secrets(namespace).Delete(name, &metaV1.DeleteOptions{}) } diff --git a/src/backend/resources/service/common.go b/src/backend/resources/service/common.go index 29ad4bc42..6d43c3366 100644 --- a/src/backend/resources/service/common.go +++ b/src/backend/resources/service/common.go @@ -1,27 +1 @@ package service - -import "github.com/Qihoo360/wayne/src/backend/resources/dataselector" - -type ServiceCell Service - -func (self ServiceCell) GetProperty(name dataselector.PropertyName) dataselector.ComparableValue { - switch name { - case dataselector.NameProperty: - return dataselector.StdComparableString(self.ObjectMeta.Name) - case dataselector.CreationTimestampProperty: - return dataselector.StdComparableTime(self.ObjectMeta.CreationTimestamp.Time) - case dataselector.NamespaceProperty: - return dataselector.StdComparableString(self.ObjectMeta.Namespace) - default: - // if name is not supported then just return a constant dummy value, sort will have no effect. - return nil - } -} - -func toCell(std []Service) []dataselector.DataCell { - cells := make([]dataselector.DataCell, len(std)) - for i := range std { - cells[i] = ServiceCell(std[i]) - } - return cells -} diff --git a/src/backend/resources/service/list.go b/src/backend/resources/service/list.go index 98c20e07b..6d43c3366 100644 --- a/src/backend/resources/service/list.go +++ b/src/backend/resources/service/list.go @@ -1,65 +1 @@ package service - -import ( - "k8s.io/api/core/v1" - metaV1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/client-go/kubernetes" - - backendCommon "github.com/Qihoo360/wayne/src/backend/common" - "github.com/Qihoo360/wayne/src/backend/resources/common" - "github.com/Qihoo360/wayne/src/backend/resources/dataselector" -) - -type Service struct { - ObjectMeta common.ObjectMeta `json:"objectMeta"` - TypeMeta common.TypeMeta `json:"typeMeta"` - - // InternalEndpoint of all Kubernetes services that have the same label selector as connected Replication - // Controller. Endpoint is DNS name merged with ports. - InternalEndpoint common.Endpoint `json:"internalEndpoint"` - - // ExternalEndpoints of all Kubernetes services that have the same label selector as connected Replication - // Controller. Endpoint is external IP address name merged with ports. - ExternalEndpoints []common.Endpoint `json:"externalEndpoints"` - - // Label selector of the service. - Selector map[string]string `json:"selector"` - - // Type determines how the service will be exposed. Valid options: ClusterIP, NodePort, LoadBalancer - Type v1.ServiceType `json:"type"` - - // ClusterIP is usually assigned by the master. Valid values are None, empty string (""), or - // a valid IP address. None can be specified for headless services when proxying is not required - ClusterIP string `json:"clusterIP"` -} - -func toService(serviceData v1.Service) Service { - return Service{ - ObjectMeta: common.NewObjectMeta(serviceData.ObjectMeta), - TypeMeta: common.NewTypeMeta(common.ResourceKind("service")), - InternalEndpoint: common.GetInternalEndpoint(serviceData.Name, serviceData.Namespace, serviceData.Spec.Ports), - ExternalEndpoints: common.GetExternalEndpoints(&serviceData), - Selector: serviceData.Spec.Selector, - Type: serviceData.Spec.Type, - ClusterIP: serviceData.Spec.ClusterIP, - } -} - -func GetServiceList(cli *kubernetes.Clientset, namespace string, opts metaV1.ListOptions) (list []Service, err error) { - serviceDataList, err := cli.CoreV1().Services(namespace).List(opts) - if err != nil { - return nil, err - } - for _, serviceData := range serviceDataList.Items { - list = append(list, toService(serviceData)) - } - return -} - -func GetServicePage(cli *kubernetes.Clientset, namespace string, q *backendCommon.QueryParam) (page *backendCommon.Page, err error) { - servicesData, err := GetServiceList(cli, namespace, metaV1.ListOptions{}) - if err != nil { - return nil, err - } - return dataselector.DataSelectPage(toCell(servicesData), q), nil -} diff --git a/src/backend/resources/service/service.go b/src/backend/resources/service/service.go index 350907d1a..518478b1f 100644 --- a/src/backend/resources/service/service.go +++ b/src/backend/resources/service/service.go @@ -22,16 +22,3 @@ func CreateOrUpdateService(cli *kubernetes.Clientset, service *kapi.Service) (*k return cli.CoreV1().Services(service.Namespace).Update(old) } - -func GetService(cli *kubernetes.Clientset, name, namespace string) (*kapi.Service, error) { - service, err := cli.CoreV1().Services(namespace).Get(name, metaV1.GetOptions{}) - if err != nil { - return nil, err - } - - return service, nil -} - -func DeleteService(cli *kubernetes.Clientset, name, namespace string) error { - return cli.CoreV1().Services(namespace).Delete(name, &metaV1.DeleteOptions{}) -} diff --git a/src/backend/resources/statefulset/statefulset.go b/src/backend/resources/statefulset/statefulset.go index 3e57a588d..d8df217e0 100644 --- a/src/backend/resources/statefulset/statefulset.go +++ b/src/backend/resources/statefulset/statefulset.go @@ -82,10 +82,3 @@ func GetStatefulsetDetail(cli *kubernetes.Clientset, indexer *client.CacheFactor return result, nil } - -func DeleteStatefulset(cli *kubernetes.Clientset, name, namespace string) error { - deletionPropagation := metaV1.DeletePropagationBackground - return cli.AppsV1beta1(). - StatefulSets(namespace). - Delete(name, &metaV1.DeleteOptions{PropagationPolicy: &deletionPropagation}) -} diff --git a/src/backend/routers/commentsRouter_controllers_kubernetes_configmap.go b/src/backend/routers/commentsRouter_controllers_kubernetes_configmap.go index cca98f3f3..c5cc99820 100644 --- a/src/backend/routers/commentsRouter_controllers_kubernetes_configmap.go +++ b/src/backend/routers/commentsRouter_controllers_kubernetes_configmap.go @@ -9,26 +9,10 @@ func init() { beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/configmap:KubeConfigMapController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/configmap:KubeConfigMapController"], beego.ControllerComments{ - Method: "Deploy", + Method: "Create", Router: `/:configMapId/tpls/:tplId/clusters/:cluster`, AllowHTTPMethods: []string{"post"}, MethodParams: param.Make(), Params: nil}) - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/configmap:KubeConfigMapController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/configmap:KubeConfigMapController"], - beego.ControllerComments{ - Method: "Get", - Router: `/:configmap/namespaces/:namespace/clusters/:cluster`, - AllowHTTPMethods: []string{"get"}, - MethodParams: param.Make(), - Params: nil}) - - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/configmap:KubeConfigMapController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/configmap:KubeConfigMapController"], - beego.ControllerComments{ - Method: "Offline", - Router: `/:configmap/namespaces/:namespace/clusters/:cluster`, - AllowHTTPMethods: []string{"delete"}, - MethodParams: param.Make(), - Params: nil}) - } diff --git a/src/backend/routers/commentsRouter_controllers_kubernetes_cronjob.go b/src/backend/routers/commentsRouter_controllers_kubernetes_cronjob.go index 0bae3c157..ad762ec8d 100644 --- a/src/backend/routers/commentsRouter_controllers_kubernetes_cronjob.go +++ b/src/backend/routers/commentsRouter_controllers_kubernetes_cronjob.go @@ -17,7 +17,7 @@ func init() { beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/cronjob:KubeCronjobController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/cronjob:KubeCronjobController"], beego.ControllerComments{ - Method: "Offline", + Method: "Delete", Router: `/:cronjob/namespaces/:namespace/clusters/:cluster`, AllowHTTPMethods: []string{"delete"}, MethodParams: param.Make(), @@ -25,7 +25,7 @@ func init() { beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/cronjob:KubeCronjobController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/cronjob:KubeCronjobController"], beego.ControllerComments{ - Method: "Deploy", + Method: "Create", Router: `/:cronjobId/tpls/:tplId/clusters/:cluster`, AllowHTTPMethods: []string{"post"}, MethodParams: param.Make(), diff --git a/src/backend/routers/commentsRouter_controllers_kubernetes_daemonset.go b/src/backend/routers/commentsRouter_controllers_kubernetes_daemonset.go index 3dc1d1146..336b32db8 100644 --- a/src/backend/routers/commentsRouter_controllers_kubernetes_daemonset.go +++ b/src/backend/routers/commentsRouter_controllers_kubernetes_daemonset.go @@ -17,7 +17,7 @@ func init() { beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/daemonset:KubeDaemonSetController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/daemonset:KubeDaemonSetController"], beego.ControllerComments{ - Method: "Offline", + Method: "Delete", Router: `/:daemonSet/namespaces/:namespace/clusters/:cluster`, AllowHTTPMethods: []string{"delete"}, MethodParams: param.Make(), @@ -25,7 +25,7 @@ func init() { beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/daemonset:KubeDaemonSetController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/daemonset:KubeDaemonSetController"], beego.ControllerComments{ - Method: "Deploy", + Method: "Create", Router: `/:daemonSetId([0-9]+)/tpls/:tplId([0-9]+)/clusters/:cluster`, AllowHTTPMethods: []string{"post"}, MethodParams: param.Make(), diff --git a/src/backend/routers/commentsRouter_controllers_kubernetes_deployment.go b/src/backend/routers/commentsRouter_controllers_kubernetes_deployment.go index 47c781ecd..bd0f201e7 100644 --- a/src/backend/routers/commentsRouter_controllers_kubernetes_deployment.go +++ b/src/backend/routers/commentsRouter_controllers_kubernetes_deployment.go @@ -7,33 +7,17 @@ import ( func init() { - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/deployment:KubeDeploymentController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/deployment:KubeDeploymentController"], - beego.ControllerComments{ - Method: "GetDetail", - Router: `/:deployment/detail/namespaces/:namespace/clusters/:cluster`, - AllowHTTPMethods: []string{"get"}, - MethodParams: param.Make(), - Params: nil}) - - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/deployment:KubeDeploymentController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/deployment:KubeDeploymentController"], - beego.ControllerComments{ - Method: "Update", - Router: `/:deployment/namespaces/:namespace/clusters/:cluster`, - AllowHTTPMethods: []string{"put"}, - MethodParams: param.Make(), - Params: nil}) - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/deployment:KubeDeploymentController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/deployment:KubeDeploymentController"], beego.ControllerComments{ Method: "Get", - Router: `/:deployment/namespaces/:namespace/clusters/:cluster`, + Router: `/:deployment/detail/namespaces/:namespace/clusters/:cluster`, AllowHTTPMethods: []string{"get"}, MethodParams: param.Make(), Params: nil}) beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/deployment:KubeDeploymentController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/deployment:KubeDeploymentController"], beego.ControllerComments{ - Method: "Offline", + Method: "Delete", Router: `/:deployment/namespaces/:namespace/clusters/:cluster`, AllowHTTPMethods: []string{"delete"}, MethodParams: param.Make(), @@ -41,7 +25,7 @@ func init() { beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/deployment:KubeDeploymentController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/deployment:KubeDeploymentController"], beego.ControllerComments{ - Method: "Deploy", + Method: "Create", Router: `/:deploymentId([0-9]+)/tpls/:tplId([0-9]+)/clusters/:cluster`, AllowHTTPMethods: []string{"post"}, MethodParams: param.Make(), diff --git a/src/backend/routers/commentsRouter_controllers_kubernetes_hpa.go b/src/backend/routers/commentsRouter_controllers_kubernetes_hpa.go index 8f26c9bac..2a834a099 100644 --- a/src/backend/routers/commentsRouter_controllers_kubernetes_hpa.go +++ b/src/backend/routers/commentsRouter_controllers_kubernetes_hpa.go @@ -9,42 +9,10 @@ func init() { beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/hpa:KubeHPAController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/hpa:KubeHPAController"], beego.ControllerComments{ - Method: "GetDetail", - Router: `/:hpa/detail/namespaces/:namespace/clusters/:cluster`, - AllowHTTPMethods: []string{"get"}, - MethodParams: param.Make(), - Params: nil}) - - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/hpa:KubeHPAController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/hpa:KubeHPAController"], - beego.ControllerComments{ - Method: "Get", - Router: `/:hpa/namespaces/:namespace/clusters/:cluster`, - AllowHTTPMethods: []string{"get"}, - MethodParams: param.Make(), - Params: nil}) - - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/hpa:KubeHPAController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/hpa:KubeHPAController"], - beego.ControllerComments{ - Method: "Offline", - Router: `/:hpa/namespaces/:namespace/clusters/:cluster`, - AllowHTTPMethods: []string{"delete"}, - MethodParams: param.Make(), - Params: nil}) - - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/hpa:KubeHPAController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/hpa:KubeHPAController"], - beego.ControllerComments{ - Method: "Deploy", + Method: "Create", Router: `/:hpaId([0-9]+)/tpls/:tplId([0-9]+)/clusters/:cluster`, AllowHTTPMethods: []string{"post"}, MethodParams: param.Make(), Params: nil}) - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/hpa:KubeHPAController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/hpa:KubeHPAController"], - beego.ControllerComments{ - Method: "List", - Router: `/namespaces/:namespace/clusters/:cluster`, - AllowHTTPMethods: []string{"get"}, - MethodParams: param.Make(), - Params: nil}) - } diff --git a/src/backend/routers/commentsRouter_controllers_kubernetes_ingress.go b/src/backend/routers/commentsRouter_controllers_kubernetes_ingress.go index 071cb4c49..18ef67ee5 100644 --- a/src/backend/routers/commentsRouter_controllers_kubernetes_ingress.go +++ b/src/backend/routers/commentsRouter_controllers_kubernetes_ingress.go @@ -9,34 +9,10 @@ func init() { beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/ingress:KubeIngressController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/ingress:KubeIngressController"], beego.ControllerComments{ - Method: "Get", - Router: `/:ingress/namespaces/:namespace/clusters/:cluster`, - AllowHTTPMethods: []string{"get"}, - MethodParams: param.Make(), - Params: nil}) - - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/ingress:KubeIngressController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/ingress:KubeIngressController"], - beego.ControllerComments{ - Method: "Offline", - Router: `/:ingress/namespaces/:namespace/clusters/:cluster`, - AllowHTTPMethods: []string{"delete"}, - MethodParams: param.Make(), - Params: nil}) - - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/ingress:KubeIngressController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/ingress:KubeIngressController"], - beego.ControllerComments{ - Method: "Deploy", + Method: "Create", Router: `/:ingressId([0-9]+)/tpls/:tplId([0-9]+)/clusters/:cluster`, AllowHTTPMethods: []string{"post"}, MethodParams: param.Make(), Params: nil}) - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/ingress:KubeIngressController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/ingress:KubeIngressController"], - beego.ControllerComments{ - Method: "List", - Router: `/namespaces/:namespace/clusters/:cluster`, - AllowHTTPMethods: []string{"get"}, - MethodParams: param.Make(), - Params: nil}) - } diff --git a/src/backend/routers/commentsRouter_controllers_kubernetes_job.go b/src/backend/routers/commentsRouter_controllers_kubernetes_job.go index 2af13ac71..798701ee2 100644 --- a/src/backend/routers/commentsRouter_controllers_kubernetes_job.go +++ b/src/backend/routers/commentsRouter_controllers_kubernetes_job.go @@ -23,12 +23,4 @@ func init() { MethodParams: param.Make(), Params: nil}) - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/job:KubeJobController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/job:KubeJobController"], - beego.ControllerComments{ - Method: "ListByCronjob", - Router: `/listByCronjob/:cronjob/namespaces/:namespace/clusters/:cluster`, - AllowHTTPMethods: []string{"get"}, - MethodParams: param.Make(), - Params: nil}) - } diff --git a/src/backend/routers/commentsRouter_controllers_kubernetes_namespace.go b/src/backend/routers/commentsRouter_controllers_kubernetes_namespace.go index 4cda43704..6e403d2d1 100644 --- a/src/backend/routers/commentsRouter_controllers_kubernetes_namespace.go +++ b/src/backend/routers/commentsRouter_controllers_kubernetes_namespace.go @@ -7,38 +7,6 @@ import ( func init() { - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/namespace:KubeNamespaceController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/namespace:KubeNamespaceController"], - beego.ControllerComments{ - Method: "Resources", - Router: `/:id([0-9]+)/resources`, - AllowHTTPMethods: []string{"get"}, - MethodParams: param.Make(), - Params: nil}) - - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/namespace:KubeNamespaceController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/namespace:KubeNamespaceController"], - beego.ControllerComments{ - Method: "Statistics", - Router: `/:id([0-9]+)/statistics`, - AllowHTTPMethods: []string{"get"}, - MethodParams: param.Make(), - Params: nil}) - - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/namespace:KubeNamespaceController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/namespace:KubeNamespaceController"], - beego.ControllerComments{ - Method: "Get", - Router: `/:name/clusters/:cluster`, - AllowHTTPMethods: []string{"get"}, - MethodParams: param.Make(), - Params: nil}) - - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/namespace:KubeNamespaceController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/namespace:KubeNamespaceController"], - beego.ControllerComments{ - Method: "Update", - Router: `/:name/clusters/:cluster`, - AllowHTTPMethods: []string{"put"}, - MethodParams: param.Make(), - Params: nil}) - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/namespace:KubeNamespaceController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/namespace:KubeNamespaceController"], beego.ControllerComments{ Method: "Create", @@ -49,16 +17,16 @@ func init() { beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/namespace:KubeNamespaceController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/namespace:KubeNamespaceController"], beego.ControllerComments{ - Method: "List", - Router: `/clusters/:cluster`, + Method: "Resources", + Router: `/:namespaceid([0-9]+)/resources`, AllowHTTPMethods: []string{"get"}, MethodParams: param.Make(), Params: nil}) beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/namespace:KubeNamespaceController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/namespace:KubeNamespaceController"], beego.ControllerComments{ - Method: "GetNames", - Router: `/clusters/:cluster/names`, + Method: "Statistics", + Router: `/:namespaceid([0-9]+)/statistics`, AllowHTTPMethods: []string{"get"}, MethodParams: param.Make(), Params: nil}) diff --git a/src/backend/routers/commentsRouter_controllers_kubernetes_pod.go b/src/backend/routers/commentsRouter_controllers_kubernetes_pod.go index 866b0b76e..1f0eb2cf5 100644 --- a/src/backend/routers/commentsRouter_controllers_kubernetes_pod.go +++ b/src/backend/routers/commentsRouter_controllers_kubernetes_pod.go @@ -7,22 +7,6 @@ import ( func init() { - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/pod:KubePodController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/pod:KubePodController"], - beego.ControllerComments{ - Method: "Get", - Router: `/:pod/namespaces/:namespace/clusters/:cluster`, - AllowHTTPMethods: []string{"get"}, - MethodParams: param.Make(), - Params: nil}) - - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/pod:KubePodController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/pod:KubePodController"], - beego.ControllerComments{ - Method: "Delete", - Router: `/:pod/namespaces/:namespace/clusters/:cluster`, - AllowHTTPMethods: []string{"delete"}, - MethodParams: param.Make(), - Params: nil}) - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/pod:KubePodController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/pod:KubePodController"], beego.ControllerComments{ Method: "Terminal", diff --git a/src/backend/routers/commentsRouter_controllers_kubernetes_pvc.go b/src/backend/routers/commentsRouter_controllers_kubernetes_pvc.go index f4caac5e1..25f7e55a9 100644 --- a/src/backend/routers/commentsRouter_controllers_kubernetes_pvc.go +++ b/src/backend/routers/commentsRouter_controllers_kubernetes_pvc.go @@ -9,23 +9,7 @@ func init() { beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/pvc:KubePersistentVolumeClaimController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/pvc:KubePersistentVolumeClaimController"], beego.ControllerComments{ - Method: "Get", - Router: `/:pvc/namespaces/:namespace/clusters/:cluster`, - AllowHTTPMethods: []string{"get"}, - MethodParams: param.Make(), - Params: nil}) - - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/pvc:KubePersistentVolumeClaimController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/pvc:KubePersistentVolumeClaimController"], - beego.ControllerComments{ - Method: "Offline", - Router: `/:pvc/namespaces/:namespace/clusters/:cluster`, - AllowHTTPMethods: []string{"delete"}, - MethodParams: param.Make(), - Params: nil}) - - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/pvc:KubePersistentVolumeClaimController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/pvc:KubePersistentVolumeClaimController"], - beego.ControllerComments{ - Method: "Deploy", + Method: "Create", Router: `/:pvcId/tpls/:tplId/clusters/:cluster`, AllowHTTPMethods: []string{"post"}, MethodParams: param.Make(), diff --git a/src/backend/routers/commentsRouter_controllers_kubernetes_secret.go b/src/backend/routers/commentsRouter_controllers_kubernetes_secret.go index f5add119c..5d3932fdf 100644 --- a/src/backend/routers/commentsRouter_controllers_kubernetes_secret.go +++ b/src/backend/routers/commentsRouter_controllers_kubernetes_secret.go @@ -9,23 +9,7 @@ func init() { beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/secret:KubeSecretController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/secret:KubeSecretController"], beego.ControllerComments{ - Method: "Get", - Router: `/:secret/namespaces/:namespace/clusters/:cluster`, - AllowHTTPMethods: []string{"get"}, - MethodParams: param.Make(), - Params: nil}) - - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/secret:KubeSecretController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/secret:KubeSecretController"], - beego.ControllerComments{ - Method: "Offline", - Router: `/:secret/namespaces/:namespace/clusters/:cluster`, - AllowHTTPMethods: []string{"delete"}, - MethodParams: param.Make(), - Params: nil}) - - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/secret:KubeSecretController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/secret:KubeSecretController"], - beego.ControllerComments{ - Method: "Deploy", + Method: "Create", Router: `/:secretId/tpls/:tplId/clusters/:cluster`, AllowHTTPMethods: []string{"post"}, MethodParams: param.Make(), diff --git a/src/backend/routers/commentsRouter_controllers_kubernetes_service.go b/src/backend/routers/commentsRouter_controllers_kubernetes_service.go index 7df12bec9..31273eb1d 100644 --- a/src/backend/routers/commentsRouter_controllers_kubernetes_service.go +++ b/src/backend/routers/commentsRouter_controllers_kubernetes_service.go @@ -7,44 +7,20 @@ import ( func init() { - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/service:KubeServiceController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/service:KubeServiceController"], - beego.ControllerComments{ - Method: "GetDetail", - Router: `/:service/detail/namespaces/:namespace/clusters/:cluster`, - AllowHTTPMethods: []string{"get"}, - MethodParams: param.Make(), - Params: nil}) - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/service:KubeServiceController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/service:KubeServiceController"], beego.ControllerComments{ Method: "Get", - Router: `/:service/namespaces/:namespace/clusters/:cluster`, + Router: `/:service/detail/namespaces/:namespace/clusters/:cluster`, AllowHTTPMethods: []string{"get"}, MethodParams: param.Make(), Params: nil}) beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/service:KubeServiceController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/service:KubeServiceController"], beego.ControllerComments{ - Method: "Offline", - Router: `/:service/namespaces/:namespace/clusters/:cluster`, - AllowHTTPMethods: []string{"delete"}, - MethodParams: param.Make(), - Params: nil}) - - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/service:KubeServiceController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/service:KubeServiceController"], - beego.ControllerComments{ - Method: "Deploy", + Method: "Create", Router: `/:serviceId/tpls/:tplId/clusters/:cluster`, AllowHTTPMethods: []string{"post"}, MethodParams: param.Make(), Params: nil}) - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/service:KubeServiceController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/service:KubeServiceController"], - beego.ControllerComments{ - Method: "List", - Router: `/namespaces/:namespace/clusters/:cluster`, - AllowHTTPMethods: []string{"get"}, - MethodParams: param.Make(), - Params: nil}) - } diff --git a/src/backend/routers/commentsRouter_controllers_kubernetes_statefulset.go b/src/backend/routers/commentsRouter_controllers_kubernetes_statefulset.go index cc7f15c3c..de3415d79 100644 --- a/src/backend/routers/commentsRouter_controllers_kubernetes_statefulset.go +++ b/src/backend/routers/commentsRouter_controllers_kubernetes_statefulset.go @@ -17,15 +17,7 @@ func init() { beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/statefulset:KubeStatefulsetController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/statefulset:KubeStatefulsetController"], beego.ControllerComments{ - Method: "Offline", - Router: `/:statefulset/namespaces/:namespace/clusters/:cluster`, - AllowHTTPMethods: []string{"delete"}, - MethodParams: param.Make(), - Params: nil}) - - beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/statefulset:KubeStatefulsetController"] = append(beego.GlobalControllerRouter["github.com/Qihoo360/wayne/src/backend/controllers/kubernetes/statefulset:KubeStatefulsetController"], - beego.ControllerComments{ - Method: "Deploy", + Method: "Create", Router: `/:statefulsetId([0-9]+)/tpls/:tplId([0-9]+)/clusters/:cluster`, AllowHTTPMethods: []string{"post"}, MethodParams: param.Make(), From 47f643c19b550de81fae19a331d14ad2ebb1714e Mon Sep 17 00:00:00 2001 From: wilhelmguo Date: Fri, 15 Mar 2019 11:12:38 +0800 Subject: [PATCH 4/8] frontend: permission optimization,remove deploy offline. add kubernetes resource manage --- .../src/app/portal/app/app.component.html | 2 +- .../portal/autoscale/autoscale.component.html | 4 ++- .../portal/autoscale/autoscale.component.ts | 18 ++++++----- .../list-autoscale.component.html | 4 +-- .../autoscale/status/status.component.ts | 10 +++--- .../portal/configmap/configmap.component.html | 2 +- .../portal/configmap/configmap.component.ts | 24 ++++++++++---- .../list-configmap.component.html | 4 +-- .../publish-tpl/publish-tpl.component.ts | 7 ++-- .../app/portal/cronjob/cronjob.component.html | 2 +- .../list-cronjob/list-cronjob.component.html | 6 ++-- .../portal/daemonset/daemonset.component.html | 2 +- .../list-daemonset.component.html | 4 +-- .../deployment/deployment.component.html | 2 +- .../list-deployment.component.html | 6 ++-- .../app/portal/ingress/ingress.component.html | 4 ++- .../app/portal/ingress/ingress.component.ts | 8 +++-- .../list-ingress/list-ingress.component.html | 4 +-- .../portal/ingress/status/status.component.ts | 5 +-- .../history/history.component.ts | 6 ++-- .../namespace-report.module.ts | 4 +-- .../list-persistentvolumeclaim.component.html | 4 +-- .../list-persistentvolumeclaim.component.ts | 8 +++-- .../persistentvolumeclaim.component.html | 2 +- .../publish-tpl/publish-tpl.component.ts | 7 ++-- .../list-secret/list-secret.component.html | 4 +-- .../publish-tpl/publish-tpl.component.ts | 7 ++-- .../app/portal/secret/secret.component.html | 2 +- .../src/app/portal/secret/secret.component.ts | 22 ++++++++++--- .../sidenav-namespace.component.html | 1 + .../list-statefulset.component.html | 4 +-- .../publish-tpl/publish-tpl.component.ts | 8 +++-- .../statefulset/statefulset.component.html | 2 +- .../app/shared/base/resource/list-resource.ts | 9 +++--- .../shared/base/resource/resource-status.ts | 9 ++++-- .../src/app/shared/base/resource/resource.ts | 20 +++++++++--- .../shared/client/v1/kubernetes/autoscale.ts | 13 -------- .../shared/client/v1/kubernetes/configmap.ts | 12 ------- .../shared/client/v1/kubernetes/deployment.ts | 12 ------- .../shared/client/v1/kubernetes/ingress.ts | 13 -------- .../app/shared/client/v1/kubernetes/job.ts | 6 ---- .../shared/client/v1/kubernetes/namespace.ts | 32 ------------------- .../v1/kubernetes/persistentvolumeclaims.ts | 12 ------- .../app/shared/client/v1/kubernetes/pod.ts | 20 ------------ .../app/shared/client/v1/kubernetes/secret.ts | 12 ------- .../client/v1/kubernetes/statefulset.ts | 6 ---- .../app/shared/client/v1/namespace.service.ts | 11 +++++++ .../shared/list-pod/list-pod.component.html | 6 ++-- .../app/shared/list-pod/list-pod.component.ts | 12 ++++--- .../src/app/shared/model/v1/permission.ts | 2 -- 50 files changed, 169 insertions(+), 237 deletions(-) diff --git a/src/frontend/src/app/portal/app/app.component.html b/src/frontend/src/app/portal/app/app.component.html index 1236ee610..2b057ac4d 100644 --- a/src/frontend/src/app/portal/app/app.component.html +++ b/src/frontend/src/app/portal/app/app.component.html @@ -3,7 +3,7 @@
- +
{{'BUTTON.HISTORY' | translate}} - diff --git a/src/frontend/src/app/portal/configmap/configmap.component.ts b/src/frontend/src/app/portal/configmap/configmap.component.ts index 013b18d4f..ca8dec49c 100644 --- a/src/frontend/src/app/portal/configmap/configmap.component.ts +++ b/src/frontend/src/app/portal/configmap/configmap.component.ts @@ -6,6 +6,7 @@ import { ConfirmationState, ConfirmationTargets, httpStatusCode, + KubeResourceConfigMap, PublishType, syncStatusInterval, TemplateState @@ -14,7 +15,6 @@ import { MessageHandlerService } from '../../shared/message-handler/message-hand import { ListConfigMapComponent } from './list-configmap/list-configmap.component'; import { CreateEditConfigMapComponent } from './create-edit-configmap/create-edit-configmap.component'; import { combineLatest } from 'rxjs'; -import { ConfigMapClient } from '../../shared/client/v1/kubernetes/configmap'; import { AppService } from '../../shared/client/v1/app.service'; import { ConfigMapService } from '../../shared/client/v1/configmap.service'; import { ConfigMapTplService } from '../../shared/client/v1/configmaptpl.service'; @@ -33,6 +33,7 @@ import { PageState } from '../../shared/page/page-state'; import { TabDragService } from '../../shared/client/v1/tab-drag.service'; import { OrderItem } from '../../shared/model/v1/order'; import { TranslateService } from '@ngx-translate/core'; +import { KubernetesClient } from '../../shared/client/v1/kubernetes/kubernetes'; const showState = { 'create_time': {hidden: false}, @@ -74,7 +75,7 @@ export class ConfigMapComponent implements AfterContentInit, OnDestroy, OnInit { private publishHistoryService: PublishHistoryService, public cacheService: CacheService, private appService: AppService, - private configMapClient: ConfigMapClient, + private kubernetesClient: KubernetesClient, private configMapService: ConfigMapService, private tabDragService: TabDragService, private el: ElementRef, @@ -84,7 +85,9 @@ export class ConfigMapComponent implements AfterContentInit, OnDestroy, OnInit { public translate: TranslateService, private messageHandlerService: MessageHandlerService) { this.tabScription = this.tabDragService.tabDragOverObservable.subscribe(over => { - if (over) { this.tabChange(); } + if (over) { + this.tabChange(); + } }); this.subscription = deletionDialogService.confirmationConfirm$.subscribe(message => { if (message && @@ -118,7 +121,9 @@ export class ConfigMapComponent implements AfterContentInit, OnDestroy, OnInit { initShow() { this.showList = []; Object.keys(this.showState).forEach(key => { - if (!this.showState[key].hidden) { this.showList.push(key); } + if (!this.showState[key].hidden) { + this.showList.push(key); + } }); } @@ -143,7 +148,9 @@ export class ConfigMapComponent implements AfterContentInit, OnDestroy, OnInit { order: index }; }); - if (this.orderCache && JSON.stringify(this.orderCache) === JSON.stringify(orderList)) { return; } + if (this.orderCache && JSON.stringify(this.orderCache) === JSON.stringify(orderList)) { + return; + } this.configMapService.updateOrder(this.app.id, orderList).subscribe( response => { if (response.data === 'ok!') { @@ -188,8 +195,11 @@ export class ConfigMapComponent implements AfterContentInit, OnDestroy, OnInit { if (tpl.status && tpl.status.length > 0) { for (let j = 0; j < tpl.status.length; j++) { const status = tpl.status[j]; - if (status.errNum > 2) { continue; } - this.configMapClient.get(this.app.id, status.cluster, this.cacheService.kubeNamespace, tpl.name).subscribe( + if (status.errNum > 2) { + continue; + } + this.kubernetesClient.get(status.cluster, KubeResourceConfigMap, tpl.name, + this.cacheService.kubeNamespace, this.app.id.toString()).subscribe( response => { const code = response.statusCode || response.status; if (code === httpStatusCode.NoContent) { diff --git a/src/frontend/src/app/portal/configmap/list-configmap/list-configmap.component.html b/src/frontend/src/app/portal/configmap/list-configmap/list-configmap.component.html index aae5a4303..4ae79f848 100644 --- a/src/frontend/src/app/portal/configmap/list-configmap/list-configmap.component.html +++ b/src/frontend/src/app/portal/configmap/list-configmap/list-configmap.component.html @@ -60,7 +60,7 @@ diff --git a/src/frontend/src/app/portal/configmap/publish-tpl/publish-tpl.component.ts b/src/frontend/src/app/portal/configmap/publish-tpl/publish-tpl.component.ts index f91ec0c7f..d1c82dbba 100644 --- a/src/frontend/src/app/portal/configmap/publish-tpl/publish-tpl.component.ts +++ b/src/frontend/src/app/portal/configmap/publish-tpl/publish-tpl.component.ts @@ -8,11 +8,12 @@ import { ConfigMapTpl } from '../../../shared/model/v1/configmaptpl'; import { Cluster } from '../../../shared/model/v1/cluster'; import { KubeConfigMap } from '../../../shared/model/v1/kubernetes/configmap'; import { CacheService } from '../../../shared/auth/cache.service'; -import { ResourcesActionType } from '../../../shared/shared.const'; +import { KubeResourceConfigMap, ResourcesActionType } from '../../../shared/shared.const'; import { PublishStatus } from '../../../shared/model/v1/publish-status'; import { ConfigMapClient } from '../../../shared/client/v1/kubernetes/configmap'; import { PublishStatusService } from '../../../shared/client/v1/publishstatus.service'; import { ActivatedRoute } from '@angular/router'; +import { KubernetesClient } from '../../../shared/client/v1/kubernetes/kubernetes'; @Component({ selector: 'publish-tpl', @@ -35,6 +36,7 @@ export class PublishConfigMapTplComponent { constructor(public cacheService: CacheService, private configMapClient: ConfigMapClient, + private kubernetesClient: KubernetesClient, private route: ActivatedRoute, private publishStatusService: PublishStatusService, private messageHandlerService: MessageHandlerService) { @@ -117,7 +119,8 @@ export class PublishConfigMapTplComponent { offline(cluster: Cluster) { const state = this.getStatusByCluster(this.configMapTpl.status, cluster.name); - this.configMapClient.deleteByName(this.appId, cluster.name, this.cacheService.kubeNamespace, this.configMapTpl.name).subscribe( + this.kubernetesClient.delete(cluster.name, KubeResourceConfigMap, false, + this.configMapTpl.name, this.cacheService.kubeNamespace, this.appId.toString()).subscribe( response => { this.deletePublishStatus(state.id); }, diff --git a/src/frontend/src/app/portal/cronjob/cronjob.component.html b/src/frontend/src/app/portal/cronjob/cronjob.component.html index dfcca634e..3cdb1cb15 100644 --- a/src/frontend/src/app/portal/cronjob/cronjob.component.html +++ b/src/frontend/src/app/portal/cronjob/cronjob.component.html @@ -29,7 +29,7 @@ {{'BUTTON.HISTORY' | translate}} diff --git a/src/frontend/src/app/portal/cronjob/list-cronjob/list-cronjob.component.html b/src/frontend/src/app/portal/cronjob/list-cronjob/list-cronjob.component.html index e1adad31b..92c5c4494 100644 --- a/src/frontend/src/app/portal/cronjob/list-cronjob/list-cronjob.component.html +++ b/src/frontend/src/app/portal/cronjob/list-cronjob/list-cronjob.component.html @@ -69,7 +69,7 @@ diff --git a/src/frontend/src/app/portal/daemonset/daemonset.component.html b/src/frontend/src/app/portal/daemonset/daemonset.component.html index 09e6b769b..2edcce005 100644 --- a/src/frontend/src/app/portal/daemonset/daemonset.component.html +++ b/src/frontend/src/app/portal/daemonset/daemonset.component.html @@ -29,7 +29,7 @@ {{'BUTTON.HISTORY' | translate}} diff --git a/src/frontend/src/app/portal/daemonset/list-daemonset/list-daemonset.component.html b/src/frontend/src/app/portal/daemonset/list-daemonset/list-daemonset.component.html index 8cf6b9585..5c13fa18e 100644 --- a/src/frontend/src/app/portal/daemonset/list-daemonset/list-daemonset.component.html +++ b/src/frontend/src/app/portal/daemonset/list-daemonset/list-daemonset.component.html @@ -74,7 +74,7 @@ diff --git a/src/frontend/src/app/portal/deployment/deployment.component.html b/src/frontend/src/app/portal/deployment/deployment.component.html index c38e85cdd..55dc002bb 100644 --- a/src/frontend/src/app/portal/deployment/deployment.component.html +++ b/src/frontend/src/app/portal/deployment/deployment.component.html @@ -29,7 +29,7 @@ {{'BUTTON.HISTORY' | translate}} diff --git a/src/frontend/src/app/portal/deployment/list-deployment/list-deployment.component.html b/src/frontend/src/app/portal/deployment/list-deployment/list-deployment.component.html index e3663615e..f1eb54d16 100644 --- a/src/frontend/src/app/portal/deployment/list-deployment/list-deployment.component.html +++ b/src/frontend/src/app/portal/deployment/list-deployment/list-deployment.component.html @@ -72,11 +72,11 @@ diff --git a/src/frontend/src/app/portal/ingress/ingress.component.html b/src/frontend/src/app/portal/ingress/ingress.component.html index c862cf5f7..e5b0debbe 100644 --- a/src/frontend/src/app/portal/ingress/ingress.component.html +++ b/src/frontend/src/app/portal/ingress/ingress.component.html @@ -27,7 +27,8 @@ *ngIf="authService.currentAppPermission.ingress.read || authService.currentUser.admin"> 发布历史 - diff --git a/src/frontend/src/app/shared/base/resource/list-resource.ts b/src/frontend/src/app/shared/base/resource/list-resource.ts index 7f0d16f8d..ea6a81d95 100644 --- a/src/frontend/src/app/shared/base/resource/list-resource.ts +++ b/src/frontend/src/app/shared/base/resource/list-resource.ts @@ -12,6 +12,7 @@ import { ConfirmationButtons, ConfirmationState, ConfirmationTargets, + KubeResourcesName, ResourcesActionType, TemplateState } from '../../shared.const'; @@ -30,7 +31,7 @@ export class ListResource { @Input() page: Page; @Input() appId: number; @Input() resourceId: number; - + @Input() kubeResource: KubeResourcesName; @Output() paginate = new EventEmitter(); @Output() serviceTab = new EventEmitter(); @Output() cloneTemplate = new EventEmitter(); @@ -80,10 +81,10 @@ export class ListResource { } // 监听删除模板的事件 - onDeleteTemplate(title: string, message: string, template: any ): void { + onDeleteTemplate(title: string, message: string, template: any): void { const deletionMessage = new ConfirmationMessage( title, - message + template.name, + message + template.name, template.id, this.confirmationTarget, ConfirmationButtons.DELETE_CANCEL @@ -141,7 +142,7 @@ export class ListResource { // 查看资源线上状态 showResourceState(status: PublishStatus, tpl: any) { if (status.cluster && status.state !== TemplateState.NOT_FOUND) { - this.resourceStatusComponent.newResourceStatus(status.cluster, tpl); + this.resourceStatusComponent.newResourceStatus(status.cluster, tpl, this.kubeResource); } } diff --git a/src/frontend/src/app/shared/base/resource/resource-status.ts b/src/frontend/src/app/shared/base/resource/resource-status.ts index 3a70c286b..aa05fef29 100644 --- a/src/frontend/src/app/shared/base/resource/resource-status.ts +++ b/src/frontend/src/app/shared/base/resource/resource-status.ts @@ -1,13 +1,15 @@ import { CacheService } from '../../auth/cache.service'; import { ActivatedRoute } from '@angular/router'; import { MessageHandlerService } from '../../message-handler/message-handler.service'; +import { KubernetesClient } from '../../client/v1/kubernetes/kubernetes'; +import { KubeResourcesName } from '../../shared.const'; export class ResourceStatus { statusOpened = false; kubeResource: any; constructor(public messageHandlerService: MessageHandlerService, - public resourceClient: any, + public kubernetesClient: KubernetesClient, public route: ActivatedRoute, public cacheService: CacheService) { } @@ -16,11 +18,12 @@ export class ResourceStatus { return parseInt(this.route.parent.snapshot.params['id'], 10); } - newResourceStatus(cluster: string, template: any) { + newResourceStatus(cluster: string, template: any, kubeResourceName: KubeResourcesName) { this.statusOpened = true; const KubeObj = JSON.parse(template.template); - this.resourceClient.get(this.appId, cluster, this.cacheService.kubeNamespace, KubeObj.metadata.name).subscribe( + this.kubernetesClient.get(cluster, kubeResourceName, KubeObj.metadata.name, this.cacheService.kubeNamespace, + this.appId.toString()).subscribe( response => { this.kubeResource = response.data; }, diff --git a/src/frontend/src/app/shared/base/resource/resource.ts b/src/frontend/src/app/shared/base/resource/resource.ts index 5ceda95b1..4e75bf45a 100644 --- a/src/frontend/src/app/shared/base/resource/resource.ts +++ b/src/frontend/src/app/shared/base/resource/resource.ts @@ -3,7 +3,7 @@ import { TabDragService } from '../../client/v1/tab-drag.service'; import { OrderItem } from '../../model/v1/order'; import { Subscription } from 'rxjs/Subscription'; import { ActivatedRoute, Router } from '@angular/router'; -import { ChangeDetectorRef, ElementRef, ViewChild } from '@angular/core'; +import { ChangeDetectorRef, ElementRef } from '@angular/core'; import { Cluster } from '../../model/v1/cluster'; import { ClusterService } from '../../client/v1/cluster.service'; import { AppService } from '../../client/v1/app.service'; @@ -21,6 +21,7 @@ import { ConfirmationState, ConfirmationTargets, httpStatusCode, + KubeResourcesName, PublishType, TemplateState } from '../../shared.const'; @@ -28,6 +29,7 @@ import { combineLatest } from 'rxjs'; import { ClrDatagridStateInterface } from '@clr/angular'; import { CreateEditResource } from './create-edit-resource'; import { ListResource } from './list-resource'; +import { KubernetesClient } from '../../client/v1/kubernetes/kubernetes'; export class Resource { createEditResourceComponent: CreateEditResource; @@ -57,9 +59,11 @@ export class Resource { publishType: PublishType; confirmationTarget: ConfirmationTargets; + kubeResource: KubeResourcesName; + constructor(public resourceService: any, public templateService: any, - public resourceClient: any, + public kubernetesClient: KubernetesClient, public publishHistoryService: PublishHistoryService, public route: ActivatedRoute, public router: Router, @@ -80,6 +84,10 @@ export class Resource { }); } + registKubeResource(kubeResource: string) { + this.kubeResource = kubeResource; + } + registResourceType(resourceType: string) { this.resourceType = resourceType; } @@ -91,12 +99,13 @@ export class Resource { registConfirmationTarget(confirmationTarget: ConfirmationTargets) { this.confirmationTarget = confirmationTarget; } + registShowState(showState: object) { this.showState = showState; } - registSubscription( msg: string) { + registSubscription(msg: string) { this.subscription = this.deletionDialogService.confirmationConfirm$.subscribe(message => { if (message && message.state === ConfirmationState.CONFIRMED && @@ -128,7 +137,7 @@ export class Resource { } // 删除资源的动作 - deleteResource(title: string , message: string, warningMessage: string) { + deleteResource(title: string, message: string, warningMessage: string) { if (this.publishStatus && this.publishStatus.length > 0) { this.messageHandlerService.warning(warningMessage); } else { @@ -234,7 +243,8 @@ export class Resource { if (status.errNum > 2) { continue; } - this.resourceClient.get(this.appId, status.cluster, this.cacheService.kubeNamespace, tpl.name).subscribe( + this.kubernetesClient.get(status.cluster, this.kubeResource, tpl.name, + this.cacheService.kubeNamespace, this.appId.toString()).subscribe( response => { const code = response.statusCode || response.status; if (code === httpStatusCode.NoContent) { diff --git a/src/frontend/src/app/shared/client/v1/kubernetes/autoscale.ts b/src/frontend/src/app/shared/client/v1/kubernetes/autoscale.ts index e86c7a905..beae63581 100644 --- a/src/frontend/src/app/shared/client/v1/kubernetes/autoscale.ts +++ b/src/frontend/src/app/shared/client/v1/kubernetes/autoscale.ts @@ -14,17 +14,4 @@ export class AutoscaleClient { .catch(error => throwError(error)); } - get(appId: number, cluster: string, namespace: string, name: string): Observable { - return this.http - .get(`/api/v1/kubernetes/apps/${appId}/hpas/${name}/namespaces/${namespace}/clusters/${cluster}`) - .catch(error => throwError(error)); - } - - - deleteByName(appId: number, cluster: string, namespace: string, name: string): Observable { - return this.http - .delete(`/api/v1/kubernetes/apps/${appId}/hpas/${name}/namespaces/${namespace}/clusters/${cluster}`) - .catch(error => throwError(error)); - } - } diff --git a/src/frontend/src/app/shared/client/v1/kubernetes/configmap.ts b/src/frontend/src/app/shared/client/v1/kubernetes/configmap.ts index ba1f9a64e..ac31d1354 100644 --- a/src/frontend/src/app/shared/client/v1/kubernetes/configmap.ts +++ b/src/frontend/src/app/shared/client/v1/kubernetes/configmap.ts @@ -14,16 +14,4 @@ export class ConfigMapClient { .catch(error => throwError(error)); } - get(appId: number, cluster: string, namespace: string, name: string): Observable { - return this.http - .get(`/api/v1/kubernetes/apps/${appId}/configmaps/${name}/namespaces/${namespace}/clusters/${cluster}`) - .catch(error => throwError(error)); - } - - deleteByName(appId: number, cluster: string, namespace: string, name: string): Observable { - return this.http - .delete(`/api/v1/kubernetes/apps/${appId}/configmaps/${name}/namespaces/${namespace}/clusters/${cluster}`) - .catch(error => throwError(error)); - } - } diff --git a/src/frontend/src/app/shared/client/v1/kubernetes/deployment.ts b/src/frontend/src/app/shared/client/v1/kubernetes/deployment.ts index de5680ec5..6fd057c5b 100644 --- a/src/frontend/src/app/shared/client/v1/kubernetes/deployment.ts +++ b/src/frontend/src/app/shared/client/v1/kubernetes/deployment.ts @@ -34,18 +34,6 @@ export class DeploymentClient { .catch(error => throwError(error)); } - get(appId: number, cluster: string, namespace: string, name: string): Observable { - return this.http - .get(`/api/v1/kubernetes/apps/${appId}/deployments/${name}/namespaces/${namespace}/clusters/${cluster}`) - .catch(error => throwError(error)); - } - - update(appId: number, cluster: string, namespace: string, name: string, obj: KubeDeployment): Observable { - return this.http - .put(`/api/v1/kubernetes/apps/${appId}/deployments/${name}/namespaces/${namespace}/clusters/${cluster}`, obj) - .catch(error => throwError(error)); - } - deleteByName(appId: number, cluster: string, namespace: string, name: string): Observable { return this.http .delete(`/api/v1/kubernetes/apps/${appId}/deployments/${name}/namespaces/${namespace}/clusters/${cluster}`) diff --git a/src/frontend/src/app/shared/client/v1/kubernetes/ingress.ts b/src/frontend/src/app/shared/client/v1/kubernetes/ingress.ts index 000749785..891346bea 100644 --- a/src/frontend/src/app/shared/client/v1/kubernetes/ingress.ts +++ b/src/frontend/src/app/shared/client/v1/kubernetes/ingress.ts @@ -14,17 +14,4 @@ export class IngressClient { .catch(error => throwError(error)); } - get(appId: number, cluster: string, namespace: string, name: string): Observable { - return this.http - .get(`/api/v1/kubernetes/apps/${appId}/ingresses/${name}/namespaces/${namespace}/clusters/${cluster}`) - .catch(error => throwError(error)); - } - - - deleteByName(appId: number, cluster: string, namespace: string, name: string): Observable { - return this.http - .delete(`/api/v1/kubernetes/apps/${appId}/ingresses/${name}/namespaces/${namespace}/clusters/${cluster}`) - .catch(error => throwError(error)); - } - } diff --git a/src/frontend/src/app/shared/client/v1/kubernetes/job.ts b/src/frontend/src/app/shared/client/v1/kubernetes/job.ts index 5a9413a0e..58f0b49e2 100644 --- a/src/frontend/src/app/shared/client/v1/kubernetes/job.ts +++ b/src/frontend/src/app/shared/client/v1/kubernetes/job.ts @@ -14,12 +14,6 @@ export class JobClient { .catch(error => throwError(error)); } - listByCronjobName(appId: number, cluster: string, namespace: string, cronjobName: string): Observable { - return this.http - .get(`/api/v1/kubernetes/apps/${appId}/jobs/listByCronjob/${cronjobName}/namespaces/${namespace}/clusters/${cluster}`) - .catch(error => throwError(error)); - } - PodsEvent(appId: number, cluster: string, namespace: string, jobName: string, cronjobName: string): Observable { return this.http .get(`/api/v1/kubernetes/apps/${appId}/jobs/getPodsEvent/${jobName}/${cronjobName}/namespaces/${namespace}/clusters/${cluster}`) diff --git a/src/frontend/src/app/shared/client/v1/kubernetes/namespace.ts b/src/frontend/src/app/shared/client/v1/kubernetes/namespace.ts index 8f6a0046e..aa83a1cb0 100644 --- a/src/frontend/src/app/shared/client/v1/kubernetes/namespace.ts +++ b/src/frontend/src/app/shared/client/v1/kubernetes/namespace.ts @@ -1,9 +1,6 @@ import { Injectable } from '@angular/core'; import { Observable } from 'rxjs/Observable'; import { HttpClient, HttpParams } from '@angular/common/http'; -import { KubeNamespace } from '../../../model/v1/kubernetes/namespace'; -import { PageState } from '../../../page/page-state'; -import { BaseClient } from './base-client'; import { throwError } from 'rxjs'; @Injectable() @@ -11,25 +8,6 @@ export class NamespaceClient { constructor(private http: HttpClient) { } - getNames(cluster: string): Observable { - return this.http - .get(`/api/v1/kubernetes/namespaces/clusters/${cluster}/names`) - .catch(error => throwError(error)); - } - - listPage(pageState: PageState, cluster: string): Observable { - const params = BaseClient.buildParam(pageState); - return this.http - .get(`/api/v1/kubernetes/namespaces/clusters/${cluster}`, {params: params}) - .catch(error => throwError(error)); - } - - update(ns: KubeNamespace, cluster: string): Observable { - return this.http - .put(`/api/v1/kubernetes/namespaces/${ns.metadata.name}/clusters/${cluster}`, ns) - .catch(error => throwError(error)); - } - create(name: string, cluster: string): Observable { return this.http .post(`/api/v1/kubernetes/namespaces/${name}/clusters/${cluster}`, {}) @@ -56,14 +34,4 @@ export class NamespaceClient { .get(`/api/v1/kubernetes/namespaces/${namespaceId}/statistics`, {params: params}) .catch(error => throwError(error)); } - - getHistory(namespaceId: number, appName?: string): Observable { - let params = new HttpParams(); - if (appName) { - params = params.set('app', appName); - } - return this.http - .get(`/api/v1/namespaces/${namespaceId}/history`, {params: params}) - .catch(error => throwError(error)); - } } diff --git a/src/frontend/src/app/shared/client/v1/kubernetes/persistentvolumeclaims.ts b/src/frontend/src/app/shared/client/v1/kubernetes/persistentvolumeclaims.ts index a8490bcb4..aa3d7b7b4 100644 --- a/src/frontend/src/app/shared/client/v1/kubernetes/persistentvolumeclaims.ts +++ b/src/frontend/src/app/shared/client/v1/kubernetes/persistentvolumeclaims.ts @@ -14,17 +14,5 @@ export class PersistentVolumeClaimClient { .catch(error => throwError(error)); } - get(appId: number, cluster: string, namespace: string, name: string): Observable { - return this.http - .get(`/api/v1/kubernetes/apps/${appId}/persistentvolumeclaims/${name}/namespaces/${namespace}/clusters/${cluster}`) - .catch(error => throwError(error)); - } - - deleteByName(appId: number, cluster: string, namespace: string, name: string): Observable { - return this.http - .delete(`/api/v1/kubernetes/apps/${appId}/persistentvolumeclaims/${name}/namespaces/${namespace}/clusters/${cluster}`) - .catch(error => throwError(error)); - } - } diff --git a/src/frontend/src/app/shared/client/v1/kubernetes/pod.ts b/src/frontend/src/app/shared/client/v1/kubernetes/pod.ts index f7c03c32a..2cc84e4b0 100644 --- a/src/frontend/src/app/shared/client/v1/kubernetes/pod.ts +++ b/src/frontend/src/app/shared/client/v1/kubernetes/pod.ts @@ -10,14 +10,6 @@ export class PodClient { constructor(private http: HttpClient) { } - list(appId: number, cluster: string, namespace: string, deployment: string): Observable { - let params = new HttpParams(); - params = params.set('deployment', deployment); - return this.http - .get(`/api/v1/kubernetes/apps/${appId}/pods/namespaces/${namespace}/clusters/${cluster}`, {params: params}) - .catch(error => throwError(error)); - } - listPageByResouce(pageState: PageState, cluster: string, namespace: string, resouceType: string, name: string, appId?: number): Observable { let params = BaseClient.buildParam(pageState); @@ -31,18 +23,6 @@ export class PodClient { .catch(error => throwError(error)); } - get(appId: number, cluster: string, namespace: string, pod: string): Observable { - return this.http - .get(`/api/v1/kubernetes/apps/${appId}/pods/${pod}/namespaces/${namespace}/clusters/${cluster}`) - .catch(error => throwError(error)); - } - - deleteByName(appId: number, cluster: string, namespace: string, name: string): Observable { - return this.http - .delete(`/api/v1/kubernetes/apps/${appId}/pods/${name}/namespaces/${namespace}/clusters/${cluster}`) - .catch(error => throwError(error)); - } - getStatistics(): Observable { return this.http .get(`/api/v1/kubernetes/pods/statistics`) diff --git a/src/frontend/src/app/shared/client/v1/kubernetes/secret.ts b/src/frontend/src/app/shared/client/v1/kubernetes/secret.ts index 669757049..9ec2b7c09 100644 --- a/src/frontend/src/app/shared/client/v1/kubernetes/secret.ts +++ b/src/frontend/src/app/shared/client/v1/kubernetes/secret.ts @@ -14,16 +14,4 @@ export class SecretClient { .catch(error => throwError(error)); } - get(appId: number, cluster: string, namespace: string, name: string): Observable { - return this.http - .get(`/api/v1/kubernetes/apps/${appId}/secrets/${name}/namespaces/${namespace}/clusters/${cluster}`) - .catch(error => throwError(error)); - } - - deleteByName(appId: number, cluster: string, namespace: string, name: string): Observable { - return this.http - .delete(`/api/v1/kubernetes/apps/${appId}/secrets/${name}/namespaces/${namespace}/clusters/${cluster}`) - .catch(error => throwError(error)); - } - } diff --git a/src/frontend/src/app/shared/client/v1/kubernetes/statefulset.ts b/src/frontend/src/app/shared/client/v1/kubernetes/statefulset.ts index d8962b3c8..dae6c9fa5 100644 --- a/src/frontend/src/app/shared/client/v1/kubernetes/statefulset.ts +++ b/src/frontend/src/app/shared/client/v1/kubernetes/statefulset.ts @@ -19,10 +19,4 @@ export class StatefulsetClient { .get(`/api/v1/kubernetes/apps/${appId}/statefulsets/${name}/namespaces/${namespace}/clusters/${cluster}`) .catch(error => throwError(error)); } - - deleteByName(appId: number, cluster: string, namespace: string, name: string): Observable { - return this.http - .delete(`/api/v1/kubernetes/apps/${appId}/statefulsets/${name}/namespaces/${namespace}/clusters/${cluster}`) - .catch(error => throwError(error)); - } } diff --git a/src/frontend/src/app/shared/client/v1/namespace.service.ts b/src/frontend/src/app/shared/client/v1/namespace.service.ts index d583af3ef..7baf80554 100644 --- a/src/frontend/src/app/shared/client/v1/namespace.service.ts +++ b/src/frontend/src/app/shared/client/v1/namespace.service.ts @@ -99,4 +99,15 @@ export class NamespaceService { .catch(error => throwError(error)); } + + + getHistory(namespaceId: number, appName?: string): Observable { + let params = new HttpParams(); + if (appName) { + params = params.set('app', appName); + } + return this.http + .get(`/api/v1/namespaces/${namespaceId}/history`, {params: params}) + .catch(error => throwError(error)); + } } diff --git a/src/frontend/src/app/shared/list-pod/list-pod.component.html b/src/frontend/src/app/shared/list-pod/list-pod.component.html index 6ff6f334e..7b63df90b 100644 --- a/src/frontend/src/app/shared/list-pod/list-pod.component.html +++ b/src/frontend/src/app/shared/list-pod/list-pod.component.html @@ -66,10 +66,10 @@

{{pod.metadata.creationTimestamp | relativeTime}} - + - - + + diff --git a/src/frontend/src/app/shared/list-pod/list-pod.component.ts b/src/frontend/src/app/shared/list-pod/list-pod.component.ts index cc6859279..e7058d7c2 100644 --- a/src/frontend/src/app/shared/list-pod/list-pod.component.ts +++ b/src/frontend/src/app/shared/list-pod/list-pod.component.ts @@ -4,10 +4,9 @@ import 'rxjs/add/operator/distinctUntilChanged'; import 'rxjs/add/observable/combineLatest'; import { ClrDatagridStateInterface } from '@clr/angular'; import { MessageHandlerService } from '../message-handler/message-handler.service'; -import { PodClient } from '../client/v1/kubernetes/pod'; import { PublicService } from '../client/v1/public.service'; import { CacheService } from '../auth/cache.service'; -import { ConfirmationButtons, ConfirmationState, ConfirmationTargets, KubeResourcesName } from '../shared.const'; +import { ConfirmationButtons, ConfirmationState, ConfirmationTargets, KubeResourcePod, KubeResourcesName } from '../shared.const'; import { DOCUMENT } from '@angular/common'; import { ActivatedRoute, Router } from '@angular/router'; import { ConfirmationMessage } from '../confirmation-dialog/confirmation-message'; @@ -20,6 +19,8 @@ import { AuthService } from '../auth/auth.service'; import { PageState } from '../page/page-state'; import { KubePod } from '../model/v1/kubernetes/kubepod'; import { KubePodUtil } from '../utils'; +import { KubernetesClient } from '../client/v1/kubernetes/kubernetes'; +import { PodClient } from '../client/v1/kubernetes/pod'; @Component({ selector: 'list-pod', @@ -60,12 +61,13 @@ export class ListPodComponent implements OnDestroy { constructor(private router: Router, private deletionDialogService: ConfirmationDialogService, private route: ActivatedRoute, + private podClient: PodClient, @Inject(DOCUMENT) private document: any, public cacheService: CacheService, private publicService: PublicService, private clusterService: ClusterService, private messageHandlerService: MessageHandlerService, - private podClient: PodClient, + private kubernetesClient: KubernetesClient, private copyService: CopyService, public authService: AuthService) { this.subscription = deletionDialogService.confirmationConfirm$.subscribe(message => { @@ -73,8 +75,8 @@ export class ListPodComponent implements OnDestroy { message.state === ConfirmationState.CONFIRMED && message.source === ConfirmationTargets.POD) { const pod: KubePod = message.data; - this.podClient - .deleteByName(this.appId, this.cluster, pod.metadata.namespace, pod.metadata.name) + this.kubernetesClient + .delete(this.cluster, KubeResourcePod, false, pod.metadata.name, pod.metadata.namespace, this.appId.toString()) .subscribe( response => { this.refresh(); diff --git a/src/frontend/src/app/shared/model/v1/permission.ts b/src/frontend/src/app/shared/model/v1/permission.ts index 27dd93610..73344eb0b 100644 --- a/src/frontend/src/app/shared/model/v1/permission.ts +++ b/src/frontend/src/app/shared/model/v1/permission.ts @@ -10,8 +10,6 @@ export class ActionPermission { create = false; update = false; delete = false; - deploy = false; - offline = false; } export class TypePermission { From e9df9c1d25da97f7a31921d09aa673487a675631 Mon Sep 17 00:00:00 2001 From: wilhelmguo Date: Fri, 15 Mar 2019 11:24:33 +0800 Subject: [PATCH 5/8] backend: add v1.6 version migration sql --- .../migrations/20190312_154209_v1_6.go | 16 +- src/backend/database/migrations/v1.6/ddl.sql | 3 + src/backend/database/migrations/v1.6/dml.sql | 227 ++++++++++++++++++ 3 files changed, 232 insertions(+), 14 deletions(-) create mode 100644 src/backend/database/migrations/v1.6/ddl.sql create mode 100644 src/backend/database/migrations/v1.6/dml.sql diff --git a/src/backend/database/migrations/20190312_154209_v1_6.go b/src/backend/database/migrations/20190312_154209_v1_6.go index f3597b58e..b3a653fa6 100644 --- a/src/backend/database/migrations/20190312_154209_v1_6.go +++ b/src/backend/database/migrations/20190312_154209_v1_6.go @@ -1,4 +1,4 @@ -package main +package migrations import ( "encoding/json" @@ -10,11 +10,6 @@ import ( "github.com/Qihoo360/wayne/src/backend/util/logs" ) -const ( - UpSQL = "ALTER TABLE `namespace` ADD COLUMN `kube_namespace` VARCHAR(128) NOT NULL DEFAULT '' AFTER `deleted`, ADD INDEX `namespace_kube_namespace` (`kube_namespace` ASC);" - DownSql = "ALTER TABLE `wayne_dev`.`namespace` DROP COLUMN `kube_namespace`, DROP INDEX `namespace_kube_namespace` ;" -) - type NamespaceMetaData struct { // kubernetes' namespace Namespace string `json:"namespace,omitempty"` @@ -37,14 +32,8 @@ func init() { func (m *V16_20190312_154209) Up() { // For migration namespace metadata namespace to kubeNamespace o := orm.NewOrm() - _, err := o.Raw(UpSQL).Exec() - if err != nil { - logs.Error("Exec UpSQL error.", UpSQL, err) - return - } - namespaces := []*models.Namespace{} - _, err = o.QueryTable(new(models.Namespace)). + _, err := o.QueryTable(new(models.Namespace)). All(&namespaces) if err != nil { logs.Error("Get all namespaces error.", err) @@ -76,6 +65,5 @@ func (m *V16_20190312_154209) Up() { // Reverse the migrations func (m *V16_20190312_154209) Down() { // use m.SQL("DROP TABLE ...") to reverse schema update - m.SQL(DownSql) } diff --git a/src/backend/database/migrations/v1.6/ddl.sql b/src/backend/database/migrations/v1.6/ddl.sql new file mode 100644 index 000000000..993c1a546 --- /dev/null +++ b/src/backend/database/migrations/v1.6/ddl.sql @@ -0,0 +1,3 @@ +-- Migrate metadata kubernetes namespace to kube_namespace +ALTER TABLE `namespace` ADD COLUMN `kube_namespace` VARCHAR(128) NOT NULL DEFAULT '' AFTER `deleted`, +ADD INDEX `namespace_kube_namespace` (`kube_namespace` ASC); diff --git a/src/backend/database/migrations/v1.6/dml.sql b/src/backend/database/migrations/v1.6/dml.sql new file mode 100644 index 000000000..7e40e4980 --- /dev/null +++ b/src/backend/database/migrations/v1.6/dml.sql @@ -0,0 +1,227 @@ +-- add kubernetes resource permission +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('132', 'KUBECONFIGMAP_CREATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('133', 'KUBECONFIGMAP_UPDATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('134', 'KUBECONFIGMAP_READ', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('135', 'KUBECONFIGMAP_DELETE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('136', 'KUBEDAEMONSET_CREATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('137', 'KUBEDAEMONSET_UPDATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('138', 'KUBEDAEMONSET_READ', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('139', 'KUBEDAEMONSET_DELETE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('140', 'KUBEDEPLOYMENT_CREATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('141', 'KUBEDEPLOYMENT_UPDATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('142', 'KUBEDEPLOYMENT_READ', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('143', 'KUBEDEPLOYMENT_DELETE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('144', 'KUBEEVENT_CREATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('145', 'KUBEEVENT_UPDATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('146', 'KUBEEVENT_READ', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('147', 'KUBEEVENT_DELETE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('148', 'KUBEHORIZONTALPODAUTOSCALER_CREATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('149', 'KUBEHORIZONTALPODAUTOSCALER_UPDATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('150', 'KUBEHORIZONTALPODAUTOSCALER_READ', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('151', 'KUBEHORIZONTALPODAUTOSCALER_DELETE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('152', 'KUBEINGRESS_CREATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('153', 'KUBEINGRESS_UPDATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('154', 'KUBEINGRESS_READ', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('155', 'KUBEINGRESS_DELETE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('156', 'KUBEJOB_CREATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('157', 'KUBEJOB_UPDATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('158', 'KUBEJOB_READ', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('159', 'KUBEJOB_DELETE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('160', 'KUBECRONJOB_CREATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('161', 'KUBECRONJOB_UPDATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('162', 'KUBECRONJOB_READ', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('163', 'KUBECRONJOB_DELETE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('164', 'KUBENAMESPACE_CREATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('165', 'KUBENAMESPACE_UPDATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('166', 'KUBENAMESPACE_READ', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('167', 'KUBENAMESPACE_DELETE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('168', 'KUBENODE_CREATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('169', 'KUBENODE_UPDATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('170', 'KUBENODE_READ', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('171', 'KUBENODE_DELETE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('172', 'KUBEPERSISTENTVOLUMECLAIM_CREATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('173', 'KUBEPERSISTENTVOLUMECLAIM_UPDATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('174', 'KUBEPERSISTENTVOLUMECLAIM_READ', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('175', 'KUBEPERSISTENTVOLUMECLAIM_DELETE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('176', 'KUBEPERSISTENTVOLUME_CREATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('177', 'KUBEPERSISTENTVOLUME_UPDATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('178', 'KUBEPERSISTENTVOLUME_READ', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('179', 'KUBEPERSISTENTVOLUME_DELETE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('180', 'KUBEPOD_CREATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('181', 'KUBEPOD_UPDATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('182', 'KUBEPOD_READ', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('183', 'KUBEPOD_DELETE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('184', 'KUBEREPLICASET_CREATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('185', 'KUBEREPLICASET_UPDATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('186', 'KUBEREPLICASET_READ', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('187', 'KUBEREPLICASET_DELETE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('188', 'KUBESECRET_CREATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('189', 'KUBESECRET_UPDATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('190', 'KUBESECRET_READ', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('191', 'KUBESECRET_DELETE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('192', 'KUBESERVICE_CREATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('193', 'KUBESERVICE_UPDATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('194', 'KUBESERVICE_READ', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('195', 'KUBESERVICE_DELETE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('196', 'KUBESTATEFULSET_CREATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('197', 'KUBESTATEFULSET_UPDATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('198', 'KUBESTATEFULSET_READ', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('199', 'KUBESTATEFULSET_DELETE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('200', 'KUBEENDPOINTS_CREATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('201', 'KUBEENDPOINTS_UPDATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('202', 'KUBEENDPOINTS_READ', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('203', 'KUBEENDPOINTS_DELETE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('204', 'KUBESTORAGECLASS_CREATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('205', 'KUBESTORAGECLASS_UPDATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('206', 'KUBESTORAGECLASS_READ', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('207', 'KUBESTORAGECLASS_DELETE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('208', 'KUBEROLE_CREATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('209', 'KUBEROLE_UPDATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('210', 'KUBEROLE_READ', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('211', 'KUBEROLE_DELETE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('212', 'KUBEROLEBINDING_CREATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('213', 'KUBEROLEBINDING_UPDATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('214', 'KUBEROLEBINDING_READ', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('215', 'KUBEROLEBINDING_DELETE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('216', 'KUBECLUSTERROLE_CREATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('217', 'KUBECLUSTERROLE_UPDATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('218', 'KUBECLUSTERROLE_READ', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('219', 'KUBECLUSTERROLE_DELETE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('220', 'KUBECLUSTERROLEBINDING_CREATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('221', 'KUBECLUSTERROLEBINDING_UPDATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('222', 'KUBECLUSTERROLEBINDING_READ', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('223', 'KUBECLUSTERROLEBINDING_DELETE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('224', 'KUBESERVICEACCOUNT_CREATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('225', 'KUBESERVICEACCOUNT_UPDATE', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('226', 'KUBESERVICEACCOUNT_READ', '', now(), now()) +INSERT INTO permission ( id, name, comment, create_time, update_time ) VALUES ('227', 'KUBESERVICEACCOUNT_DELETE', '', now(), now()) + +-- add permission-group + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '140'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '142'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '143'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '196'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '198'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '199'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '160'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '162'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '163'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '158'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '148'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '150'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '151'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '192'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '194'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '195'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '152'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '154'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '155'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '133'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '134'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '135'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '188'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '190'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '191'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '172'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '174'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '175'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '182'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('10', '183'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '140'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '142'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '143'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '196'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '198'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '199'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '160'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '162'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '163'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '158'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '148'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '150'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '151'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '192'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '194'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '195'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '152'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '154'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '155'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '133'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '134'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '135'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '188'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '190'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '191'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '172'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '174'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '175'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '182'); +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('11', '183'); + + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '142'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '198'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '162'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '158'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '150'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '194'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '154'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '134'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '190'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '174'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('12', '182'); + + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '142'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '198'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '162'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '158'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '150'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '194'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '154'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '134'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '190'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '174'); + +INSERT INTO group_permissions ( group_id, permission_id ) VALUES ('1', '182'); From 174f73c131e5c0531de0928150ca1e183f841be7 Mon Sep 17 00:00:00 2001 From: wilhelmguo Date: Fri, 15 Mar 2019 11:26:39 +0800 Subject: [PATCH 6/8] frontend:update frontend git submodule --- src/frontend/lib | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/frontend/lib b/src/frontend/lib index 893fd9e60..685881faf 160000 --- a/src/frontend/lib +++ b/src/frontend/lib @@ -1 +1 @@ -Subproject commit 893fd9e60175514fcc116258da1707b0bf2ffd77 +Subproject commit 685881faf3fe896d50f46c7ac07d53567a6a805f From 0b7994b1b9847997b37a1079bf28153b7ad537b9 Mon Sep 17 00:00:00 2001 From: wilhelmguo Date: Fri, 15 Mar 2019 11:40:49 +0800 Subject: [PATCH 7/8] backend: api controller get k8sclient optimization --- .../kubernetes/configmap/configmap.go | 65 +-- .../controllers/kubernetes/cronjob/cronjob.go | 207 ++++--- .../kubernetes/daemonset/daemonset.go | 129 ++--- .../kubernetes/deployment/deployment.go | 66 +-- src/backend/controllers/kubernetes/hpa/hpa.go | 7 +- .../controllers/kubernetes/ingress/ingress.go | 7 +- src/backend/controllers/kubernetes/job/job.go | 54 +- src/backend/controllers/kubernetes/log/log.go | 20 +- .../kubernetes/namespace/namespace.go | 20 +- .../controllers/kubernetes/node/node.go | 73 +-- src/backend/controllers/kubernetes/pv/pv.go | 93 ++- src/backend/controllers/kubernetes/pvc/pvc.go | 65 +-- .../controllers/kubernetes/pvc/robin.go | 529 ++++++++---------- .../controllers/kubernetes/secret/secret.go | 63 +-- .../controllers/kubernetes/service/service.go | 120 ++-- .../kubernetes/statefulset/statefulset.go | 18 +- 16 files changed, 686 insertions(+), 850 deletions(-) diff --git a/src/backend/controllers/kubernetes/configmap/configmap.go b/src/backend/controllers/kubernetes/configmap/configmap.go index a87abdc46..8a8cb24c9 100644 --- a/src/backend/controllers/kubernetes/configmap/configmap.go +++ b/src/backend/controllers/kubernetes/configmap/configmap.go @@ -5,7 +5,6 @@ import ( kapi "k8s.io/api/core/v1" - "github.com/Qihoo360/wayne/src/backend/client" "github.com/Qihoo360/wayne/src/backend/controllers/base" "github.com/Qihoo360/wayne/src/backend/models" "github.com/Qihoo360/wayne/src/backend/resources/configmap" @@ -47,43 +46,41 @@ func (c *KubeConfigMapController) Create() { } cluster := c.Ctx.Input.Param(":cluster") - cli, err := client.Client(cluster) - if err == nil { - publishHistory := &models.PublishHistory{ - Type: models.PublishTypeConfigMap, - ResourceId: int64(configMapId), - ResourceName: kubeConfigMap.Name, - TemplateId: int64(tplId), - Cluster: cluster, - User: c.User.Name, + cli := c.Client(cluster) + + publishHistory := &models.PublishHistory{ + Type: models.PublishTypeConfigMap, + ResourceId: int64(configMapId), + ResourceName: kubeConfigMap.Name, + TemplateId: int64(tplId), + Cluster: cluster, + User: c.User.Name, + } + defer models.PublishHistoryModel.Add(publishHistory) + // 发布资源到k8s平台 + _, err = configmap.CreateOrUpdateConfigMap(cli, &kubeConfigMap) + if err != nil { + publishHistory.Status = models.ReleaseFailure + publishHistory.Message = err.Error() + c.HandleError(err) + return + } else { + publishHistory.Status = models.ReleaseSuccess + // 添加发布状态 + publishStatus := models.PublishStatus{ + ResourceId: int64(configMapId), + TemplateId: int64(tplId), + Type: models.PublishTypeConfigMap, + Cluster: cluster, } - defer models.PublishHistoryModel.Add(publishHistory) - // 发布资源到k8s平台 - _, err = configmap.CreateOrUpdateConfigMap(cli, &kubeConfigMap) + err = models.PublishStatusModel.Publish(&publishStatus) if err != nil { - publishHistory.Status = models.ReleaseFailure - publishHistory.Message = err.Error() + logs.Error("publish publishStatus (%v) to db error.%v", publishStatus, err) c.HandleError(err) return - } else { - publishHistory.Status = models.ReleaseSuccess - // 添加发布状态 - publishStatus := models.PublishStatus{ - ResourceId: int64(configMapId), - TemplateId: int64(tplId), - Type: models.PublishTypeConfigMap, - Cluster: cluster, - } - err = models.PublishStatusModel.Publish(&publishStatus) - if err != nil { - logs.Error("publish publishStatus (%v) to db error.%v", publishStatus, err) - c.HandleError(err) - return - } } - - c.Success("ok") - } else { - c.AbortBadRequestFormat("Cluster") } + + c.Success("ok") + } diff --git a/src/backend/controllers/kubernetes/cronjob/cronjob.go b/src/backend/controllers/kubernetes/cronjob/cronjob.go index cc1595ac3..69dc43521 100644 --- a/src/backend/controllers/kubernetes/cronjob/cronjob.go +++ b/src/backend/controllers/kubernetes/cronjob/cronjob.go @@ -5,7 +5,6 @@ import ( "k8s.io/api/batch/v1beta1" - "github.com/Qihoo360/wayne/src/backend/client" "github.com/Qihoo360/wayne/src/backend/controllers/base" "github.com/Qihoo360/wayne/src/backend/models" "github.com/Qihoo360/wayne/src/backend/resources/cronjob" @@ -47,55 +46,52 @@ func (c *KubeCronjobController) Suspend() { tplId := c.GetIntParamFromURL(":tplId") cluster := c.Ctx.Input.Param(":cluster") - cli, err := client.Client(cluster) - if err == nil { - namespaceModel, err := getNamespace(c.AppId) - if err != nil { - logs.Error("get getNamespaceMetaData error.%v", err) - c.HandleError(err) - return - } - cronjobModel, err := models.CronjobModel.GetParseMetaDataById(int64(cronjobId)) - if err != nil { - logs.Error("get cronjob error.%v", err) - c.HandleError(err) - return - } + cli := c.Client(cluster) - publishHistory := &models.PublishHistory{ - Type: models.PublishTypeCronJob, - ResourceId: int64(cronjobId), - ResourceName: cronjobModel.Name, - TemplateId: int64(tplId), - Cluster: cluster, - User: c.User.Name, - } + namespaceModel, err := getNamespace(c.AppId) + if err != nil { + logs.Error("get getNamespaceMetaData error.%v", err) + c.HandleError(err) + return + } + cronjobModel, err := models.CronjobModel.GetParseMetaDataById(int64(cronjobId)) + if err != nil { + logs.Error("get cronjob error.%v", err) + c.HandleError(err) + return + } + + publishHistory := &models.PublishHistory{ + Type: models.PublishTypeCronJob, + ResourceId: int64(cronjobId), + ResourceName: cronjobModel.Name, + TemplateId: int64(tplId), + Cluster: cluster, + User: c.User.Name, + } - defer models.PublishHistoryModel.Add(publishHistory) + defer models.PublishHistoryModel.Add(publishHistory) - // 更新Suspend状态为挂起 - err = cronjob.SuspendCronjob(cli, cronjobModel.Name, namespaceModel.KubeNamespace) + // 更新Suspend状态为挂起 + err = cronjob.SuspendCronjob(cli, cronjobModel.Name, namespaceModel.KubeNamespace) + if err != nil { + publishHistory.Status = models.ReleaseFailure + publishHistory.Message = err.Error() + logs.Error("update cronjob Suspend error.%v", err) + c.HandleError(err) + return + } else { + publishHistory.Status = models.ReleaseSuccess + err = addDeployStatus(cronjobId, tplId, cluster) if err != nil { - publishHistory.Status = models.ReleaseFailure - publishHistory.Message = err.Error() - logs.Error("update cronjob Suspend error.%v", err) + logs.Error("add cronjob deploy status error.%v", err) c.HandleError(err) return - } else { - publishHistory.Status = models.ReleaseSuccess - err = addDeployStatus(cronjobId, tplId, cluster) - if err != nil { - logs.Error("add cronjob deploy status error.%v", err) - c.HandleError(err) - return - } } - - c.Success("ok") - } else { - c.AbortBadRequestFormat("Cluster") } + + c.Success("ok") } // @Title deploy @@ -115,63 +111,60 @@ func (c *KubeCronjobController) Create() { cluster := c.Ctx.Input.Param(":cluster") - cli, err := client.Client(cluster) - if err == nil { - namespaceModel, err := getNamespace(c.AppId) - if err != nil { - logs.Error("get getNamespaceMetaData error.%v", err) - c.HandleError(err) - return - } - clusterModel, err := models.ClusterModel.GetParsedMetaDataByName(cluster) - if err != nil { - logs.Error("get cluster error.%v", err) - c.HandleError(err) - return - } - cronjobModel, err := models.CronjobModel.GetParseMetaDataById(int64(cronjobId)) - if err != nil { - logs.Error("get cronjob error.%v", err) - c.HandleError(err) - return - } + cli := c.Client(cluster) + namespaceModel, err := getNamespace(c.AppId) + if err != nil { + logs.Error("get getNamespaceMetaData error.%v", err) + c.HandleError(err) + return + } + clusterModel, err := models.ClusterModel.GetParsedMetaDataByName(cluster) + if err != nil { + logs.Error("get cluster error.%v", err) + c.HandleError(err) + return + } + cronjobModel, err := models.CronjobModel.GetParseMetaDataById(int64(cronjobId)) + if err != nil { + logs.Error("get cronjob error.%v", err) + c.HandleError(err) + return + } - cronjobPreDeploy(&kubeCronJob, cronjobModel, clusterModel, namespaceModel) + cronjobPreDeploy(&kubeCronJob, cronjobModel, clusterModel, namespaceModel) - publishHistory := &models.PublishHistory{ - Type: models.PublishTypeCronJob, - ResourceId: int64(cronjobId), - ResourceName: kubeCronJob.Name, - TemplateId: int64(tplId), - Cluster: cluster, - User: c.User.Name, - } + publishHistory := &models.PublishHistory{ + Type: models.PublishTypeCronJob, + ResourceId: int64(cronjobId), + ResourceName: kubeCronJob.Name, + TemplateId: int64(tplId), + Cluster: cluster, + User: c.User.Name, + } - defer models.PublishHistoryModel.Add(publishHistory) + defer models.PublishHistoryModel.Add(publishHistory) - // 发布资源到k8s平台 - _, err = cronjob.CreateOrUpdateCronjob(cli, &kubeCronJob) + // 发布资源到k8s平台 + _, err = cronjob.CreateOrUpdateCronjob(cli, &kubeCronJob) + if err != nil { + publishHistory.Status = models.ReleaseFailure + publishHistory.Message = err.Error() + logs.Error("deploy cronjob error.%v", err) + c.HandleError(err) + return + } else { + publishHistory.Status = models.ReleaseSuccess + err = addDeployStatus(cronjobId, tplId, cluster) if err != nil { - publishHistory.Status = models.ReleaseFailure - publishHistory.Message = err.Error() - logs.Error("deploy cronjob error.%v", err) + logs.Error("add cronjob deploy status error.%v", err) c.HandleError(err) return - } else { - publishHistory.Status = models.ReleaseSuccess - err = addDeployStatus(cronjobId, tplId, cluster) - if err != nil { - logs.Error("add cronjob deploy status error.%v", err) - c.HandleError(err) - return - } } - - c.Success("ok") - } else { - c.AbortBadRequestFormat("Cluster") } + + c.Success("ok") + } func addDeployStatus(id int64, tplId int64, cluster string) error { @@ -221,18 +214,15 @@ func (c *KubeCronjobController) Get() { namespace := c.Ctx.Input.Param(":namespace") name := c.Ctx.Input.Param(":cronjob") - cli, err := client.Client(cluster) - if err == nil { - result, err := cronjob.GetCronjobDetail(cli, name, namespace) - if err != nil { - logs.Error("get kubernetes cronjob detail error.", cluster, namespace, name, err) - c.HandleError(err) - return - } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") + cli := c.Client(cluster) + + result, err := cronjob.GetCronjobDetail(cli, name, namespace) + if err != nil { + logs.Error("get kubernetes cronjob detail error.", cluster, namespace, name, err) + c.HandleError(err) + return } + c.Success(result) } // @Title Delete @@ -246,16 +236,13 @@ func (c *KubeCronjobController) Delete() { cluster := c.Ctx.Input.Param(":cluster") namespace := c.Ctx.Input.Param(":namespace") name := c.Ctx.Input.Param(":cronjob") - cli, err := client.Client(cluster) - if err == nil { - err := cronjob.DeleteCronjob(cli, name, namespace) - if err != nil { - logs.Error("delete cronjob (%s) by cluster (%s) error.%v", name, cluster, err) - c.HandleError(err) - return - } - c.Success("ok!") - } else { - c.AbortBadRequestFormat("Cluster") + cli := c.Client(cluster) + + err := cronjob.DeleteCronjob(cli, name, namespace) + if err != nil { + logs.Error("delete cronjob (%s) by cluster (%s) error.%v", name, cluster, err) + c.HandleError(err) + return } + c.Success("ok!") } diff --git a/src/backend/controllers/kubernetes/daemonset/daemonset.go b/src/backend/controllers/kubernetes/daemonset/daemonset.go index 2241bef78..a0d227513 100644 --- a/src/backend/controllers/kubernetes/daemonset/daemonset.go +++ b/src/backend/controllers/kubernetes/daemonset/daemonset.go @@ -5,7 +5,6 @@ import ( "k8s.io/api/extensions/v1beta1" - "github.com/Qihoo360/wayne/src/backend/client" "github.com/Qihoo360/wayne/src/backend/controllers/base" "github.com/Qihoo360/wayne/src/backend/models" "github.com/Qihoo360/wayne/src/backend/resources/daemonset" @@ -52,60 +51,56 @@ func (c *KubeDaemonSetController) Create() { } cluster := c.Ctx.Input.Param(":cluster") - cli, err := client.Client(cluster) - if err == nil { - namespaceModel, err := getNamespace(c.AppId) - if err != nil { - logs.Error("get getNamespaceMetaData error.%v", err) - c.HandleError(err) - return - } - clusterModel, err := models.ClusterModel.GetParsedMetaDataByName(cluster) - if err != nil { - logs.Error("get cluster error.%v", err) - c.HandleError(err) - return - } - DaemonSetModel, err := models.DaemonSetModel.GetParseMetaDataById(int64(daemonSetId)) - if err != nil { - logs.Error("get daemonSet error.%v", err) - c.HandleError(err) - return - } - daemonSetPreDeploy(&kubeDaemonSet, DaemonSetModel, clusterModel, namespaceModel) - - publishHistory := &models.PublishHistory{ - Type: models.PublishTypeDaemonSet, - ResourceId: int64(daemonSetId), - ResourceName: kubeDaemonSet.Name, - TemplateId: int64(tplId), - Cluster: cluster, - User: c.User.Name, - } + cli := c.Client(cluster) + namespaceModel, err := getNamespace(c.AppId) + if err != nil { + logs.Error("get getNamespaceMetaData error.%v", err) + c.HandleError(err) + return + } + clusterModel, err := models.ClusterModel.GetParsedMetaDataByName(cluster) + if err != nil { + logs.Error("get cluster error.%v", err) + c.HandleError(err) + return + } + DaemonSetModel, err := models.DaemonSetModel.GetParseMetaDataById(int64(daemonSetId)) + if err != nil { + logs.Error("get daemonSet error.%v", err) + c.HandleError(err) + return + } + daemonSetPreDeploy(&kubeDaemonSet, DaemonSetModel, clusterModel, namespaceModel) + + publishHistory := &models.PublishHistory{ + Type: models.PublishTypeDaemonSet, + ResourceId: int64(daemonSetId), + ResourceName: kubeDaemonSet.Name, + TemplateId: int64(tplId), + Cluster: cluster, + User: c.User.Name, + } - defer models.PublishHistoryModel.Add(publishHistory) + defer models.PublishHistoryModel.Add(publishHistory) - // 发布资源到k8s平台 - _, err = daemonset.CreateOrUpdateDaemonSet(cli, &kubeDaemonSet) + // 发布资源到k8s平台 + _, err = daemonset.CreateOrUpdateDaemonSet(cli, &kubeDaemonSet) + if err != nil { + publishHistory.Status = models.ReleaseFailure + publishHistory.Message = err.Error() + logs.Error("deploy daemonSet error.%v", err) + c.HandleError(err) + return + } else { + publishHistory.Status = models.ReleaseSuccess + err = addDeployStatus(daemonSetId, tplId, cluster) if err != nil { - publishHistory.Status = models.ReleaseFailure - publishHistory.Message = err.Error() - logs.Error("deploy daemonSet error.%v", err) + logs.Error("add daemonSet deploy status error.%v", err) c.HandleError(err) return - } else { - publishHistory.Status = models.ReleaseSuccess - err = addDeployStatus(daemonSetId, tplId, cluster) - if err != nil { - logs.Error("add daemonSet deploy status error.%v", err) - c.HandleError(err) - return - } } - c.Success("ok") - } else { - c.AbortBadRequestFormat("Cluster") } + c.Success("ok") } func addDeployStatus(daemonSetId int64, tplId int64, cluster string) error { @@ -154,19 +149,16 @@ func (c *KubeDaemonSetController) Get() { cluster := c.Ctx.Input.Param(":cluster") namespace := c.Ctx.Input.Param(":namespace") name := c.Ctx.Input.Param(":daemonSet") - manager, err := client.Manager(cluster) - if err == nil { - result, err := daemonset.GetDaemonSetDetail(manager.Client, manager.CacheFactory, name, namespace) - if err != nil { - logs.Error("get kubernetes daemonSet detail error.", cluster, namespace, name, err) - c.HandleError(err) - return - } - c.Success(result) + manager := c.Manager(cluster) + + result, err := daemonset.GetDaemonSetDetail(manager.Client, manager.CacheFactory, name, namespace) + if err != nil { + logs.Error("get kubernetes daemonSet detail error.", cluster, namespace, name, err) + c.HandleError(err) return - } else { - c.AbortBadRequestFormat("Cluster") } + c.Success(result) + return } // @Title Delete @@ -180,16 +172,13 @@ func (c *KubeDaemonSetController) Delete() { cluster := c.Ctx.Input.Param(":cluster") namespace := c.Ctx.Input.Param(":namespace") name := c.Ctx.Input.Param(":daemonSet") - cli, err := client.Client(cluster) - if err == nil { - err := daemonset.DeleteDaemonSet(cli, name, namespace) - if err != nil { - logs.Error("delete daemonSet (%s) by cluster (%s) error.%v", name, cluster, err) - c.HandleError(err) - return - } - c.Success("ok!") - } else { - c.AbortBadRequestFormat("Cluster") + cli := c.Client(cluster) + + err := daemonset.DeleteDaemonSet(cli, name, namespace) + if err != nil { + logs.Error("delete daemonSet (%s) by cluster (%s) error.%v", name, cluster, err) + c.HandleError(err) + return } + c.Success("ok!") } diff --git a/src/backend/controllers/kubernetes/deployment/deployment.go b/src/backend/controllers/kubernetes/deployment/deployment.go index 2620a135c..56583226d 100644 --- a/src/backend/controllers/kubernetes/deployment/deployment.go +++ b/src/backend/controllers/kubernetes/deployment/deployment.go @@ -61,18 +61,15 @@ func (c *KubeDeploymentController) List() { cluster := c.Ctx.Input.Param(":cluster") namespace := c.Ctx.Input.Param(":namespace") - manager, err := client.Manager(cluster) - if err == nil { - result, err := deployment.GetDeploymentPage(manager.CacheFactory, namespace, param) - if err != nil { - logs.Error("list kubernetes deployments error.", cluster, namespace, err) - c.HandleError(err) - return - } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") + manager := c.Manager(cluster) + + result, err := deployment.GetDeploymentPage(manager.CacheFactory, namespace, param) + if err != nil { + logs.Error("list kubernetes deployments error.", cluster, namespace, err) + c.HandleError(err) + return } + c.Success(result) } // @Title deploy @@ -231,18 +228,14 @@ func (c *KubeDeploymentController) Get() { cluster := c.Ctx.Input.Param(":cluster") namespace := c.Ctx.Input.Param(":namespace") name := c.Ctx.Input.Param(":deployment") - manager, err := client.Manager(cluster) - if err == nil { - result, err := deployment.GetDeploymentDetail(manager.Client, manager.CacheFactory, name, namespace) - if err != nil { - logs.Error("get kubernetes deployment detail error.", cluster, namespace, name, err) - c.HandleError(err) - return - } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") + manager := c.Manager(cluster) + result, err := deployment.GetDeploymentDetail(manager.Client, manager.CacheFactory, name, namespace) + if err != nil { + logs.Error("get kubernetes deployment detail error.", cluster, namespace, name, err) + c.HandleError(err) + return } + c.Success(result) } // @Title Delete @@ -256,21 +249,18 @@ func (c *KubeDeploymentController) Delete() { cluster := c.Ctx.Input.Param(":cluster") namespace := c.Ctx.Input.Param(":namespace") name := c.Ctx.Input.Param(":deployment") - cli, err := client.Client(cluster) - if err == nil { - err := deployment.DeleteDeployment(cli, name, namespace) - if err != nil { - logs.Error("delete deployment (%s) by cluster (%s) error.%v", name, cluster, err) - c.HandleError(err) - return - } - webhook.PublishEventDeployment(c.NamespaceId, c.AppId, c.User.Name, c.Ctx.Input.IP(), webhook.DeleteDeployment, response.Resource{ - Type: models.PublishTypeDeployment, - ResourceName: name, - Cluster: cluster, - }) - c.Success("ok!") - } else { - c.AbortBadRequestFormat("Cluster") + cli := c.Client(cluster) + + err := deployment.DeleteDeployment(cli, name, namespace) + if err != nil { + logs.Error("delete deployment (%s) by cluster (%s) error.%v", name, cluster, err) + c.HandleError(err) + return } + webhook.PublishEventDeployment(c.NamespaceId, c.AppId, c.User.Name, c.Ctx.Input.IP(), webhook.DeleteDeployment, response.Resource{ + Type: models.PublishTypeDeployment, + ResourceName: name, + Cluster: cluster, + }) + c.Success("ok!") } diff --git a/src/backend/controllers/kubernetes/hpa/hpa.go b/src/backend/controllers/kubernetes/hpa/hpa.go index 6eb06a524..90fc93d2a 100644 --- a/src/backend/controllers/kubernetes/hpa/hpa.go +++ b/src/backend/controllers/kubernetes/hpa/hpa.go @@ -3,7 +3,6 @@ package hpa import ( "encoding/json" - "github.com/Qihoo360/wayne/src/backend/client" "github.com/Qihoo360/wayne/src/backend/controllers/base" "github.com/Qihoo360/wayne/src/backend/models" "github.com/Qihoo360/wayne/src/backend/resources/hpa" @@ -42,11 +41,7 @@ func (c *KubeHPAController) Create() { return } clusterName := c.Ctx.Input.Param(":cluster") - k8sClient, err := client.Client(clusterName) - if err != nil { - c.AbortBadRequestFormat("Cluster") - return - } + k8sClient := c.Client(clusterName) publishHistory := &models.PublishHistory{ Type: models.PublishTypeHPA, ResourceId: int64(hpaId), diff --git a/src/backend/controllers/kubernetes/ingress/ingress.go b/src/backend/controllers/kubernetes/ingress/ingress.go index 4f9878511..ed7c3a152 100644 --- a/src/backend/controllers/kubernetes/ingress/ingress.go +++ b/src/backend/controllers/kubernetes/ingress/ingress.go @@ -5,7 +5,6 @@ import ( kapiv1beta1 "k8s.io/api/extensions/v1beta1" - "github.com/Qihoo360/wayne/src/backend/client" "github.com/Qihoo360/wayne/src/backend/controllers/base" "github.com/Qihoo360/wayne/src/backend/controllers/common" "github.com/Qihoo360/wayne/src/backend/models" @@ -49,11 +48,7 @@ func (c *KubeIngressController) Create() { return } clusterName := c.Ctx.Input.Param(":cluster") - k8sClient, err := client.Client(clusterName) - if err != nil { - c.AbortBadRequestFormat("Cluster") - return - } + k8sClient := c.Client(clusterName) namespaceModel, err := models.NamespaceModel.GetNamespaceByAppId(c.AppId) if err != nil { diff --git a/src/backend/controllers/kubernetes/job/job.go b/src/backend/controllers/kubernetes/job/job.go index 9f093cb9e..98b5aeec5 100644 --- a/src/backend/controllers/kubernetes/job/job.go +++ b/src/backend/controllers/kubernetes/job/job.go @@ -4,7 +4,6 @@ import ( batchv1 "k8s.io/api/batch/v1" "k8s.io/apimachinery/pkg/api/errors" - "github.com/Qihoo360/wayne/src/backend/client" "github.com/Qihoo360/wayne/src/backend/controllers/base" "github.com/Qihoo360/wayne/src/backend/models" "github.com/Qihoo360/wayne/src/backend/resources/job" @@ -52,26 +51,23 @@ func (c *KubeJobController) ListAllClusterByCronjob() { } var allJobs []ClusterJob for _, cluster := range clusters { - cli, err := client.Client(cluster.Name) - if err == nil { - jobs, err := job.GetJobsByCronjobName(cli, namespace, cronjobName) - if err != nil { - if errors.IsNotFound(err) { - continue - } - logs.Error("get job by cronjob (%s) and cluster (%s) error.%v", cronjobName, cluster, err) - c.HandleError(err) - return + cli := c.Client(cluster.Name) + + jobs, err := job.GetJobsByCronjobName(cli, namespace, cronjobName) + if err != nil { + if errors.IsNotFound(err) { + continue } - for _, job := range jobs { - oneJob := ClusterJob{ - Job: job, - Cluster: cluster.Name, - } - allJobs = append(allJobs, oneJob) + logs.Error("get job by cronjob (%s) and cluster (%s) error.%v", cronjobName, cluster, err) + c.HandleError(err) + return + } + for _, job := range jobs { + oneJob := ClusterJob{ + Job: job, + Cluster: cluster.Name, } - } else { - c.AbortBadRequestFormat("Cluster") + allJobs = append(allJobs, oneJob) } } c.Success(allJobs) @@ -86,16 +82,14 @@ func (c *KubeJobController) GetPodsEvent() { namespace := c.Ctx.Input.Param(":namespace") name := c.Ctx.Input.Param(":job") cronjobName := c.Ctx.Input.Param(":cronjob") - manager, err := client.Manager(cluster) - if err == nil { - result, err := job.GetPodsEvent(manager.Client, manager.CacheFactory, namespace, name, cronjobName) - if err != nil { - logs.Error("get kubernetes job pods event error.", cluster, namespace, name, err) - c.HandleError(err) - return - } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") + manager := c.Manager(cluster) + + result, err := job.GetPodsEvent(manager.Client, manager.CacheFactory, namespace, name, cronjobName) + if err != nil { + logs.Error("get kubernetes job pods event error.", cluster, namespace, name, err) + c.HandleError(err) + return } + c.Success(result) + } diff --git a/src/backend/controllers/kubernetes/log/log.go b/src/backend/controllers/kubernetes/log/log.go index 6637b0683..6382b5bf4 100644 --- a/src/backend/controllers/kubernetes/log/log.go +++ b/src/backend/controllers/kubernetes/log/log.go @@ -3,7 +3,6 @@ package log import ( "k8s.io/api/core/v1" - "github.com/Qihoo360/wayne/src/backend/client" "github.com/Qihoo360/wayne/src/backend/controllers/base" "github.com/Qihoo360/wayne/src/backend/models" "github.com/Qihoo360/wayne/src/backend/resources/log" @@ -49,16 +48,13 @@ func (c *KubeLogController) List() { Container: container, TailLines: &tailLines, } - cli, err := client.Client(cluster) - if err == nil { - result, err := log.GetLogsByPod(cli, namespace, pod, opt) - if err != nil { - logs.Info("get kubernetes log by pod error.", cluster, namespace, pod, err) - c.HandleError(err) - return - } - c.Success(hack.String(result)) - } else { - c.AbortBadRequestFormat("Cluster") + cli := c.Client(cluster) + + result, err := log.GetLogsByPod(cli, namespace, pod, opt) + if err != nil { + logs.Info("get kubernetes log by pod error.", cluster, namespace, pod, err) + c.HandleError(err) + return } + c.Success(hack.String(result)) } diff --git a/src/backend/controllers/kubernetes/namespace/namespace.go b/src/backend/controllers/kubernetes/namespace/namespace.go index e1a8052f9..b02453183 100644 --- a/src/backend/controllers/kubernetes/namespace/namespace.go +++ b/src/backend/controllers/kubernetes/namespace/namespace.go @@ -56,19 +56,15 @@ func (c *KubeNamespaceController) Create() { tpl := new(v1.Namespace) tpl.Name = name - cli, err := client.Client(cluster) - if err == nil { - // If the namespace does not exist, the value of result is nil. - result, err := namespace.CreateNotExitNamespace(cli, tpl) - if err != nil { - logs.Error("create namespace (%v) by cluster (%s) error.%v", tpl, cluster, err) - c.HandleError(err) - return - } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") + cli := c.Client(cluster) + // If the namespace does not exist, the value of result is nil. + result, err := namespace.CreateNotExitNamespace(cli, tpl) + if err != nil { + logs.Error("create namespace (%v) by cluster (%s) error.%v", tpl, cluster, err) + c.HandleError(err) + return } + c.Success(result) } // @Title Get namespace resource statistics diff --git a/src/backend/controllers/kubernetes/node/node.go b/src/backend/controllers/kubernetes/node/node.go index 4807d0d98..dedb6bd28 100644 --- a/src/backend/controllers/kubernetes/node/node.go +++ b/src/backend/controllers/kubernetes/node/node.go @@ -105,18 +105,14 @@ func (c *KubeNodeController) NodeStatistics() { // @router /clusters/:cluster [get] func (c *KubeNodeController) List() { cluster := c.Ctx.Input.Param(":cluster") - manager, err := client.Manager(cluster) - if err == nil { - result, err := node.ListNode(manager.CacheFactory) - if err != nil { - logs.Error("list node by cluster (%s) error.%v", cluster, err) - c.HandleError(err) - return - } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") + manager := c.Manager(cluster) + result, err := node.ListNode(manager.CacheFactory) + if err != nil { + logs.Error("list node by cluster (%s) error.%v", cluster, err) + c.HandleError(err) + return } + c.Success(result) } // @Title get node @@ -125,18 +121,15 @@ func (c *KubeNodeController) List() { func (c *KubeNodeController) Get() { cluster := c.Ctx.Input.Param(":cluster") name := c.Ctx.Input.Param(":name") - cli, err := client.Client(cluster) - if err == nil { - result, err := node.GetNodeByName(cli, name) - if err != nil { - logs.Error("get node by cluster (%s) name(%s) error.%v", cluster, name, err) - c.HandleError(err) - return - } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") + cli := c.Client(cluster) + + result, err := node.GetNodeByName(cli, name) + if err != nil { + logs.Error("get node by cluster (%s) name(%s) error.%v", cluster, name, err) + c.HandleError(err) + return } + c.Success(result) } // @Title Update @@ -154,18 +147,14 @@ func (c *KubeNodeController) Update() { c.AbortBadRequestFormat("Name") } - cli, err := client.Client(cluster) - if err == nil { - result, err := node.UpdateNode(cli, &tpl) - if err != nil { - logs.Error("update node (%v) by cluster (%s) error.%v", tpl, cluster, err) - c.HandleError(err) - return - } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") + cli := c.Client(cluster) + result, err := node.UpdateNode(cli, &tpl) + if err != nil { + logs.Error("update node (%v) by cluster (%s) error.%v", tpl, cluster, err) + c.HandleError(err) + return } + c.Success(result) } // @Title Delete @@ -175,16 +164,12 @@ func (c *KubeNodeController) Update() { func (c *KubeNodeController) Delete() { cluster := c.Ctx.Input.Param(":cluster") name := c.Ctx.Input.Param(":name") - cli, err := client.Client(cluster) - if err == nil { - err := node.DeleteNode(cli, name) - if err != nil { - logs.Error("delete node (%s) by cluster (%s) error.%v", name, cluster, err) - c.HandleError(err) - return - } - c.Success("ok!") - } else { - c.AbortBadRequestFormat("Cluster") + cli := c.Client(cluster) + err := node.DeleteNode(cli, name) + if err != nil { + logs.Error("delete node (%s) by cluster (%s) error.%v", name, cluster, err) + c.HandleError(err) + return } + c.Success("ok!") } diff --git a/src/backend/controllers/kubernetes/pv/pv.go b/src/backend/controllers/kubernetes/pv/pv.go index e57fba38b..2b7c9dbf2 100644 --- a/src/backend/controllers/kubernetes/pv/pv.go +++ b/src/backend/controllers/kubernetes/pv/pv.go @@ -6,7 +6,6 @@ import ( "k8s.io/api/core/v1" metaV1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "github.com/Qihoo360/wayne/src/backend/client" "github.com/Qihoo360/wayne/src/backend/controllers/base" "github.com/Qihoo360/wayne/src/backend/models" "github.com/Qihoo360/wayne/src/backend/resources/pv" @@ -45,18 +44,14 @@ func (c *KubePersistentVolumeController) Prepare() { // @router /clusters/:cluster [get] func (c *KubePersistentVolumeController) List() { cluster := c.Ctx.Input.Param(":cluster") - cli, err := client.Client(cluster) - if err == nil { - result, err := pv.ListPersistentVolume(cli, metaV1.ListOptions{}) - if err != nil { - logs.Error("list pv by cluster (%s) error.%v", cluster, err) - c.HandleError(err) - return - } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") + cli := c.Client(cluster) + result, err := pv.ListPersistentVolume(cli, metaV1.ListOptions{}) + if err != nil { + logs.Error("list pv by cluster (%s) error.%v", cluster, err) + c.HandleError(err) + return } + c.Success(result) } // @Title get pv @@ -65,18 +60,15 @@ func (c *KubePersistentVolumeController) List() { func (c *KubePersistentVolumeController) Get() { cluster := c.Ctx.Input.Param(":cluster") name := c.Ctx.Input.Param(":name") - cli, err := client.Client(cluster) - if err == nil { - result, err := pv.GetPersistentVolumeByName(cli, name) - if err != nil { - logs.Error("get pv by cluster (%s) name(%s) error.%v", cluster, name, err) - c.HandleError(err) - return - } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") + cli := c.Client(cluster) + + result, err := pv.GetPersistentVolumeByName(cli, name) + if err != nil { + logs.Error("get pv by cluster (%s) name(%s) error.%v", cluster, name, err) + c.HandleError(err) + return } + c.Success(result) } // @Title Create @@ -89,18 +81,14 @@ func (c *KubePersistentVolumeController) Create() { c.AbortBadRequestFormat("PersistentVolume") } cluster := c.Ctx.Input.Param(":cluster") - cli, err := client.Client(cluster) - if err == nil { - result, err := pv.CreatePersistentVolume(cli, &pvTpl) - if err != nil { - logs.Error("create pv (%v) by cluster (%s) error.%v", pvTpl, cluster, err) - c.HandleError(err) - return - } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") + cli := c.Client(cluster) + result, err := pv.CreatePersistentVolume(cli, &pvTpl) + if err != nil { + logs.Error("create pv (%v) by cluster (%s) error.%v", pvTpl, cluster, err) + c.HandleError(err) + return } + c.Success(result) } // @Title Update @@ -118,18 +106,14 @@ func (c *KubePersistentVolumeController) Update() { c.AbortBadRequestFormat("Name") } - cli, err := client.Client(cluster) - if err == nil { - result, err := pv.UpdatePersistentVolume(cli, &pvTpl) - if err != nil { - logs.Error("update pv (%v) by cluster (%s) error.%v", pvTpl, cluster, err) - c.HandleError(err) - return - } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") + cli := c.Client(cluster) + result, err := pv.UpdatePersistentVolume(cli, &pvTpl) + if err != nil { + logs.Error("update pv (%v) by cluster (%s) error.%v", pvTpl, cluster, err) + c.HandleError(err) + return } + c.Success(result) } // @Title Delete @@ -139,16 +123,13 @@ func (c *KubePersistentVolumeController) Update() { func (c *KubePersistentVolumeController) Delete() { cluster := c.Ctx.Input.Param(":cluster") name := c.Ctx.Input.Param(":name") - cli, err := client.Client(cluster) - if err == nil { - err := pv.DeletePersistentVolume(cli, name) - if err != nil { - logs.Error("delete pv (%s) by cluster (%s) error.%v", name, cluster, err) - c.HandleError(err) - return - } - c.Success("ok!") - } else { - c.AbortBadRequestFormat("Cluster") + cli := c.Client(cluster) + err := pv.DeletePersistentVolume(cli, name) + if err != nil { + logs.Error("delete pv (%s) by cluster (%s) error.%v", name, cluster, err) + c.HandleError(err) + return } + c.Success("ok!") + } diff --git a/src/backend/controllers/kubernetes/pvc/pvc.go b/src/backend/controllers/kubernetes/pvc/pvc.go index 019c99182..bb74bc4e3 100644 --- a/src/backend/controllers/kubernetes/pvc/pvc.go +++ b/src/backend/controllers/kubernetes/pvc/pvc.go @@ -5,7 +5,6 @@ import ( kapi "k8s.io/api/core/v1" - "github.com/Qihoo360/wayne/src/backend/client" "github.com/Qihoo360/wayne/src/backend/controllers/base" "github.com/Qihoo360/wayne/src/backend/models" "github.com/Qihoo360/wayne/src/backend/resources/pvc" @@ -48,44 +47,40 @@ func (c *KubePersistentVolumeClaimController) Create() { } cluster := c.Ctx.Input.Param(":cluster") - cli, err := client.Client(cluster) - if err == nil { - publishHistory := &models.PublishHistory{ - Type: models.PublishTypePersistentVolumeClaim, - ResourceId: int64(pvcId), - ResourceName: kubePersistentVolumeClaim.Name, - TemplateId: int64(tplId), - Cluster: cluster, - User: c.User.Name, - } - defer models.PublishHistoryModel.Add(publishHistory) - // 发布资源到k8s平台 - _, err = pvc.CreateOrUpdatePersistentVolumeClaim(cli, &kubePersistentVolumeClaim) + cli := c.Client(cluster) + publishHistory := &models.PublishHistory{ + Type: models.PublishTypePersistentVolumeClaim, + ResourceId: int64(pvcId), + ResourceName: kubePersistentVolumeClaim.Name, + TemplateId: int64(tplId), + Cluster: cluster, + User: c.User.Name, + } + defer models.PublishHistoryModel.Add(publishHistory) + // 发布资源到k8s平台 + _, err = pvc.CreateOrUpdatePersistentVolumeClaim(cli, &kubePersistentVolumeClaim) + if err != nil { + publishHistory.Status = models.ReleaseFailure + publishHistory.Message = err.Error() + c.HandleError(err) + return + } else { + publishHistory.Status = models.ReleaseSuccess + // 添加发布状态 + publishStatus := models.PublishStatus{ + ResourceId: int64(pvcId), + TemplateId: int64(tplId), + Type: models.PublishTypePersistentVolumeClaim, + Cluster: cluster, + } + err = models.PublishStatusModel.Publish(&publishStatus) if err != nil { - publishHistory.Status = models.ReleaseFailure - publishHistory.Message = err.Error() + logs.Error("publish publishStatus (%v) to db error.%v", publishStatus, err) c.HandleError(err) return - } else { - publishHistory.Status = models.ReleaseSuccess - // 添加发布状态 - publishStatus := models.PublishStatus{ - ResourceId: int64(pvcId), - TemplateId: int64(tplId), - Type: models.PublishTypePersistentVolumeClaim, - Cluster: cluster, - } - err = models.PublishStatusModel.Publish(&publishStatus) - if err != nil { - logs.Error("publish publishStatus (%v) to db error.%v", publishStatus, err) - c.HandleError(err) - return - } } - - c.Success("ok") - } else { - c.AbortBadRequestFormat("Cluster") } + + c.Success("ok") } diff --git a/src/backend/controllers/kubernetes/pvc/robin.go b/src/backend/controllers/kubernetes/pvc/robin.go index d81c68ce9..80cee8176 100644 --- a/src/backend/controllers/kubernetes/pvc/robin.go +++ b/src/backend/controllers/kubernetes/pvc/robin.go @@ -11,7 +11,6 @@ import ( "github.com/astaxie/beego/httplib" - "github.com/Qihoo360/wayne/src/backend/client" "github.com/Qihoo360/wayne/src/backend/controllers/base" "github.com/Qihoo360/wayne/src/backend/models" "github.com/Qihoo360/wayne/src/backend/resources/pvc" @@ -65,37 +64,33 @@ func (c *RobinPersistentVolumeClaimController) GetPvcStatus() { cluster := c.Ctx.Input.Param(":cluster") namespace := c.Ctx.Input.Param(":namespace") name := c.Ctx.Input.Param(":pvc") - cli, err := client.Client(cluster) - if err == nil { - image, imageType, err := pvc.GetImageNameAndTypeByPvc(cli, name, namespace) - if err != nil { - c.HandleError(err) - return - } - status := struct { - Status []string `json:"status"` - RbdImage string `json:"rbdImage"` - ImageType string `json:"imageType"` - }{RbdImage: image, ImageType: imageType} - - robinMetaData, err := clusterRobinMetaData(cluster) - if err != nil { - c.HandleError(err) - return - } - - err = doRobinRequestDeserialization(httplib.Get(fmt.Sprintf("%s/v1/device/%s/status?type=%s", - robinMetaData.Url, - image, - imageType)), &status, robinMetaData.Token) - if err != nil { - c.HandleError(err) - return - } - c.Success(status) - } else { - c.AbortBadRequestFormat("Cluster") + cli := c.Client(cluster) + image, imageType, err := pvc.GetImageNameAndTypeByPvc(cli, name, namespace) + if err != nil { + c.HandleError(err) + return + } + status := struct { + Status []string `json:"status"` + RbdImage string `json:"rbdImage"` + ImageType string `json:"imageType"` + }{RbdImage: image, ImageType: imageType} + + robinMetaData, err := clusterRobinMetaData(cluster) + if err != nil { + c.HandleError(err) + return + } + + err = doRobinRequestDeserialization(httplib.Get(fmt.Sprintf("%s/v1/device/%s/status?type=%s", + robinMetaData.Url, + image, + imageType)), &status, robinMetaData.Token) + if err != nil { + c.HandleError(err) + return } + c.Success(status) } func clusterRobinMetaData(cluster string) (*models.ClusterRobinMetaData, error) { @@ -126,50 +121,46 @@ func (c *RobinPersistentVolumeClaimController) ActiveImage() { namespace := c.Ctx.Input.Param(":namespace") name := c.Ctx.Input.Param(":pvc") - cli, err := client.Client(cluster) - if err == nil { - image, imageType, err := pvc.GetImageNameAndTypeByPvc(cli, name, namespace) - if err != nil { - c.HandleError(err) - return - } - robinMetaData, err := clusterRobinMetaData(cluster) - if err != nil { - c.HandleError(err) - return - } - - password, err := des.DesEncrypt(hack.Slice(name), hack.Slice(robinMetaData.PasswordDesKey)) - if err != nil { - c.HandleError(err) - return - } - - activeUser := struct { - User string `json:"user"` - Password string `json:"password"` - }{ - User: name, - Password: base64.StdEncoding.EncodeToString(password), - } - body, _ := json.Marshal(&activeUser) - - result, err := doRobinRequest( - httplib.Put( - fmt.Sprintf( - "%s/v1/device/%s?type=%s", - robinMetaData.Url, - image, - imageType)).Body(body), robinMetaData.Token) - if err != nil { - c.HandleError(err) - return - } - - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") + cli := c.Client(cluster) + image, imageType, err := pvc.GetImageNameAndTypeByPvc(cli, name, namespace) + if err != nil { + c.HandleError(err) + return + } + robinMetaData, err := clusterRobinMetaData(cluster) + if err != nil { + c.HandleError(err) + return + } + + password, err := des.DesEncrypt(hack.Slice(name), hack.Slice(robinMetaData.PasswordDesKey)) + if err != nil { + c.HandleError(err) + return + } + + activeUser := struct { + User string `json:"user"` + Password string `json:"password"` + }{ + User: name, + Password: base64.StdEncoding.EncodeToString(password), + } + body, _ := json.Marshal(&activeUser) + + result, err := doRobinRequest( + httplib.Put( + fmt.Sprintf( + "%s/v1/device/%s?type=%s", + robinMetaData.Url, + image, + imageType)).Body(body), robinMetaData.Token) + if err != nil { + c.HandleError(err) + return } + + c.Success(result) } // @Title InActive Image @@ -180,36 +171,32 @@ func (c *RobinPersistentVolumeClaimController) InActiveImage() { namespace := c.Ctx.Input.Param(":namespace") name := c.Ctx.Input.Param(":pvc") - cli, err := client.Client(cluster) - if err == nil { - image, imageType, err := pvc.GetImageNameAndTypeByPvc(cli, name, namespace) - if err != nil { - c.HandleError(err) - return - } - - robinMetaData, err := clusterRobinMetaData(cluster) - if err != nil { - c.HandleError(err) - return - } - - result, err := doRobinRequest(httplib.Delete( - fmt.Sprintf( - "%s/v1/device/%s?type=%s", - robinMetaData.Url, - image, - imageType)), robinMetaData.Token) - if err != nil { - c.HandleError(err) - return - } + cli := c.Client(cluster) + image, imageType, err := pvc.GetImageNameAndTypeByPvc(cli, name, namespace) + if err != nil { + c.HandleError(err) + return + } + + robinMetaData, err := clusterRobinMetaData(cluster) + if err != nil { + c.HandleError(err) + return + } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") + result, err := doRobinRequest(httplib.Delete( + fmt.Sprintf( + "%s/v1/device/%s?type=%s", + robinMetaData.Url, + image, + imageType)), robinMetaData.Token) + if err != nil { + c.HandleError(err) + return } + c.Success(result) + } // @Title offline image user @@ -220,36 +207,31 @@ func (c *RobinPersistentVolumeClaimController) OfflineImageUser() { namespace := c.Ctx.Input.Param(":namespace") name := c.Ctx.Input.Param(":pvc") - cli, err := client.Client(cluster) - if err == nil { - image, imageType, err := pvc.GetImageNameAndTypeByPvc(cli, name, namespace) - if err != nil { - c.HandleError(err) - return - } - robinMetaData, err := clusterRobinMetaData(cluster) - if err != nil { - c.HandleError(err) - return - } - - result, err := doRobinRequest( - httplib.Delete(fmt.Sprintf( - "%s/v1/device/%s/user?type=%s", - robinMetaData.Url, - image, - imageType)), robinMetaData.Token) - if err != nil { - c.HandleError(err) - return - } - - c.Success(result) + cli := c.Client(cluster) + image, imageType, err := pvc.GetImageNameAndTypeByPvc(cli, name, namespace) + if err != nil { + c.HandleError(err) + return + } + robinMetaData, err := clusterRobinMetaData(cluster) + if err != nil { + c.HandleError(err) + return + } - } else { - c.AbortBadRequestFormat("Cluster") + result, err := doRobinRequest( + httplib.Delete(fmt.Sprintf( + "%s/v1/device/%s/user?type=%s", + robinMetaData.Url, + image, + imageType)), robinMetaData.Token) + if err != nil { + c.HandleError(err) + return } + c.Success(result) + } // @Title get user info @@ -301,35 +283,30 @@ func (c *RobinPersistentVolumeClaimController) Verify() { namespace := c.Ctx.Input.Param(":namespace") name := c.Ctx.Input.Param(":pvc") - cli, err := client.Client(cluster) - if err == nil { - image, imageType, err := pvc.GetImageNameAndTypeByPvc(cli, name, namespace) - if err != nil { - c.HandleError(err) - return - } - robinMetaData, err := clusterRobinMetaData(cluster) - if err != nil { - c.HandleError(err) - return - } - - result, err := doRobinRequest( - httplib.Get(fmt.Sprintf( - "%s/v1/device/%s/verify?type=%s", - robinMetaData.Url, - image, - imageType)), robinMetaData.Token) - if err != nil { - c.HandleError(err) - return - } - - c.Success(result) + cli := c.Client(cluster) + image, imageType, err := pvc.GetImageNameAndTypeByPvc(cli, name, namespace) + if err != nil { + c.HandleError(err) + return + } + robinMetaData, err := clusterRobinMetaData(cluster) + if err != nil { + c.HandleError(err) + return + } - } else { - c.AbortBadRequestFormat("Cluster") + result, err := doRobinRequest( + httplib.Get(fmt.Sprintf( + "%s/v1/device/%s/verify?type=%s", + robinMetaData.Url, + image, + imageType)), robinMetaData.Token) + if err != nil { + c.HandleError(err) + return } + + c.Success(result) } func doRobinRequestDeserialization(request *httplib.BeegoHTTPRequest, obj interface{}, token string) error { @@ -388,34 +365,29 @@ func (c *RobinPersistentVolumeClaimController) ListSnapshot() { namespace := c.Ctx.Input.Param(":namespace") name := c.Ctx.Input.Param(":pvc") - cli, err := client.Client(cluster) - if err == nil { - image, err := pvc.GetRbdImageByPvc(cli, name, namespace) - if err != nil { - c.HandleError(err) - return - } - robinMetaData, err := clusterRobinMetaData(cluster) - if err != nil { - c.HandleError(err) - return - } - - result, err := doRobinRequest( - httplib.Get(fmt.Sprintf( - "%s/v1/snaps/%s", - robinMetaData.Url, - image)), robinMetaData.Token) - if err != nil { - c.HandleError(err) - return - } - - c.Success(result) + cli := c.Client(cluster) + image, err := pvc.GetRbdImageByPvc(cli, name, namespace) + if err != nil { + c.HandleError(err) + return + } + robinMetaData, err := clusterRobinMetaData(cluster) + if err != nil { + c.HandleError(err) + return + } - } else { - c.AbortBadRequestFormat("Cluster") + result, err := doRobinRequest( + httplib.Get(fmt.Sprintf( + "%s/v1/snaps/%s", + robinMetaData.Url, + image)), robinMetaData.Token) + if err != nil { + c.HandleError(err) + return } + + c.Success(result) } // @Title create snapshot @@ -427,35 +399,31 @@ func (c *RobinPersistentVolumeClaimController) CreateSnapshot() { name := c.Ctx.Input.Param(":pvc") version := c.Ctx.Input.Param(":version") - cli, err := client.Client(cluster) - if err == nil { - image, err := pvc.GetRbdImageByPvc(cli, name, namespace) - if err != nil { - c.HandleError(err) - return - } - robinMetaData, err := clusterRobinMetaData(cluster) - if err != nil { - c.HandleError(err) - return - } - - result, err := doRobinRequest( - httplib.Put(fmt.Sprintf( - "%s/v1/snap/%s/%s", - robinMetaData.Url, - image, - version)), robinMetaData.Token) - if err != nil { - c.HandleError(err) - return - } - - c.Success(result) + cli := c.Client(cluster) + image, err := pvc.GetRbdImageByPvc(cli, name, namespace) + if err != nil { + c.HandleError(err) + return + } + robinMetaData, err := clusterRobinMetaData(cluster) + if err != nil { + c.HandleError(err) + return + } - } else { - c.AbortBadRequestFormat("Cluster") + result, err := doRobinRequest( + httplib.Put(fmt.Sprintf( + "%s/v1/snap/%s/%s", + robinMetaData.Url, + image, + version)), robinMetaData.Token) + if err != nil { + c.HandleError(err) + return } + + c.Success(result) + } // @Title delete all snapshot @@ -466,34 +434,29 @@ func (c *RobinPersistentVolumeClaimController) DeleteAllSnapshot() { namespace := c.Ctx.Input.Param(":namespace") name := c.Ctx.Input.Param(":pvc") - cli, err := client.Client(cluster) - if err == nil { - image, err := pvc.GetRbdImageByPvc(cli, name, namespace) - if err != nil { - c.HandleError(err) - return - } - robinMetaData, err := clusterRobinMetaData(cluster) - if err != nil { - c.HandleError(err) - return - } - - result, err := doRobinRequest( - httplib.Delete(fmt.Sprintf( - "%s/v1/snaps/%s", - robinMetaData.Url, - image)), robinMetaData.Token) - if err != nil { - c.HandleError(err) - return - } - - c.Success(result) + cli := c.Client(cluster) + image, err := pvc.GetRbdImageByPvc(cli, name, namespace) + if err != nil { + c.HandleError(err) + return + } + robinMetaData, err := clusterRobinMetaData(cluster) + if err != nil { + c.HandleError(err) + return + } - } else { - c.AbortBadRequestFormat("Cluster") + result, err := doRobinRequest( + httplib.Delete(fmt.Sprintf( + "%s/v1/snaps/%s", + robinMetaData.Url, + image)), robinMetaData.Token) + if err != nil { + c.HandleError(err) + return } + + c.Success(result) } // @Title delete snapshot @@ -505,35 +468,30 @@ func (c *RobinPersistentVolumeClaimController) DeleteSnapshot() { name := c.Ctx.Input.Param(":pvc") version := c.Ctx.Input.Param(":version") - cli, err := client.Client(cluster) - if err == nil { - image, err := pvc.GetRbdImageByPvc(cli, name, namespace) - if err != nil { - c.HandleError(err) - return - } - robinMetaData, err := clusterRobinMetaData(cluster) - if err != nil { - c.HandleError(err) - return - } - - result, err := doRobinRequest( - httplib.Delete(fmt.Sprintf( - "%s/v1/snap/%s/%s", - robinMetaData.Url, - image, - version)), robinMetaData.Token) - if err != nil { - c.HandleError(err) - return - } - - c.Success(result) + cli := c.Client(cluster) + image, err := pvc.GetRbdImageByPvc(cli, name, namespace) + if err != nil { + c.HandleError(err) + return + } + robinMetaData, err := clusterRobinMetaData(cluster) + if err != nil { + c.HandleError(err) + return + } - } else { - c.AbortBadRequestFormat("Cluster") + result, err := doRobinRequest( + httplib.Delete(fmt.Sprintf( + "%s/v1/snap/%s/%s", + robinMetaData.Url, + image, + version)), robinMetaData.Token) + if err != nil { + c.HandleError(err) + return } + + c.Success(result) } // @Title rollback to snapshot version @@ -545,33 +503,28 @@ func (c *RobinPersistentVolumeClaimController) RollbackSnapshot() { name := c.Ctx.Input.Param(":pvc") version := c.Ctx.Input.Param(":version") - cli, err := client.Client(cluster) - if err == nil { - image, err := pvc.GetRbdImageByPvc(cli, name, namespace) - if err != nil { - c.HandleError(err) - return - } - robinMetaData, err := clusterRobinMetaData(cluster) - if err != nil { - c.HandleError(err) - return - } - - result, err := doRobinRequest( - httplib.Post(fmt.Sprintf( - "%s/v1/snap/%s/%s", - robinMetaData.Url, - image, - version)), robinMetaData.Token) - if err != nil { - c.HandleError(err) - return - } - - c.Success(result) + cli := c.Client(cluster) + image, err := pvc.GetRbdImageByPvc(cli, name, namespace) + if err != nil { + c.HandleError(err) + return + } + robinMetaData, err := clusterRobinMetaData(cluster) + if err != nil { + c.HandleError(err) + return + } - } else { - c.AbortBadRequestFormat("Cluster") + result, err := doRobinRequest( + httplib.Post(fmt.Sprintf( + "%s/v1/snap/%s/%s", + robinMetaData.Url, + image, + version)), robinMetaData.Token) + if err != nil { + c.HandleError(err) + return } + + c.Success(result) } diff --git a/src/backend/controllers/kubernetes/secret/secret.go b/src/backend/controllers/kubernetes/secret/secret.go index 4a5b58e71..eed5b9a44 100644 --- a/src/backend/controllers/kubernetes/secret/secret.go +++ b/src/backend/controllers/kubernetes/secret/secret.go @@ -5,7 +5,6 @@ import ( kapi "k8s.io/api/core/v1" - "github.com/Qihoo360/wayne/src/backend/client" "github.com/Qihoo360/wayne/src/backend/controllers/base" "github.com/Qihoo360/wayne/src/backend/models" "github.com/Qihoo360/wayne/src/backend/resources/secret" @@ -47,43 +46,39 @@ func (c *KubeSecretController) Create() { } cluster := c.Ctx.Input.Param(":cluster") - cli, err := client.Client(cluster) - if err == nil { - publishHistory := &models.PublishHistory{ - Type: models.PublishTypeSecret, - ResourceId: int64(secretId), - ResourceName: kubeSecret.Name, - TemplateId: int64(tplId), - Cluster: cluster, - User: c.User.Name, + cli := c.Client(cluster) + publishHistory := &models.PublishHistory{ + Type: models.PublishTypeSecret, + ResourceId: int64(secretId), + ResourceName: kubeSecret.Name, + TemplateId: int64(tplId), + Cluster: cluster, + User: c.User.Name, + } + defer models.PublishHistoryModel.Add(publishHistory) + // 发布资源到k8s平台 + _, err = secret.CreateOrUpdateSecret(cli, &kubeSecret) + if err != nil { + publishHistory.Status = models.ReleaseFailure + publishHistory.Message = err.Error() + c.HandleError(err) + return + } else { + publishHistory.Status = models.ReleaseSuccess + // 添加发布状态 + publishStatus := models.PublishStatus{ + ResourceId: int64(secretId), + TemplateId: int64(tplId), + Type: models.PublishTypeSecret, + Cluster: cluster, } - defer models.PublishHistoryModel.Add(publishHistory) - // 发布资源到k8s平台 - _, err = secret.CreateOrUpdateSecret(cli, &kubeSecret) + err = models.PublishStatusModel.Publish(&publishStatus) if err != nil { - publishHistory.Status = models.ReleaseFailure - publishHistory.Message = err.Error() + logs.Error("publish publishStatus (%v) to db error.%v", publishStatus, err) c.HandleError(err) return - } else { - publishHistory.Status = models.ReleaseSuccess - // 添加发布状态 - publishStatus := models.PublishStatus{ - ResourceId: int64(secretId), - TemplateId: int64(tplId), - Type: models.PublishTypeSecret, - Cluster: cluster, - } - err = models.PublishStatusModel.Publish(&publishStatus) - if err != nil { - logs.Error("publish publishStatus (%v) to db error.%v", publishStatus, err) - c.HandleError(err) - return - } } - - c.Success("ok") - } else { - c.AbortBadRequestFormat("Cluster") } + + c.Success("ok") } diff --git a/src/backend/controllers/kubernetes/service/service.go b/src/backend/controllers/kubernetes/service/service.go index f7ba62640..82239eb28 100644 --- a/src/backend/controllers/kubernetes/service/service.go +++ b/src/backend/controllers/kubernetes/service/service.go @@ -5,7 +5,6 @@ import ( "k8s.io/api/core/v1" - "github.com/Qihoo360/wayne/src/backend/client" "github.com/Qihoo360/wayne/src/backend/controllers/base" "github.com/Qihoo360/wayne/src/backend/controllers/common" "github.com/Qihoo360/wayne/src/backend/models" @@ -46,10 +45,7 @@ func (c *KubeServiceController) Get() { cluster := c.Ctx.Input.Param(":cluster") namespace := c.Ctx.Input.Param(":namespace") name := c.Ctx.Input.Param(":service") - manager, err := client.Manager(cluster) - if err != nil { - c.AbortBadRequestFormat("Cluster") - } + manager := c.Manager(cluster) serviceDetail, err := service.GetServiceDetail(manager.Client, manager.CacheFactory, namespace, name) if err != nil { logs.Error("get kubernetes(%s) namespace(%s) service(%s) detail error: %s", cluster, namespace, name, err.Error()) @@ -74,72 +70,68 @@ func (c *KubeServiceController) Create() { } cluster := c.Ctx.Input.Param(":cluster") - cli, err := client.Client(cluster) - if err == nil { - namespaceModel, err := models.NamespaceModel.GetNamespaceByAppId(c.AppId) - if err != nil { - logs.Error("get getNamespaceMetaData error.%v", err) - c.HandleError(err) - return - } + cli := c.Client(cluster) + namespaceModel, err := models.NamespaceModel.GetNamespaceByAppId(c.AppId) + if err != nil { + logs.Error("get getNamespaceMetaData error.%v", err) + c.HandleError(err) + return + } - clusterModel, err := models.ClusterModel.GetParsedMetaDataByName(cluster) - if err != nil { - logs.Error("get cluster error.%v", err) - c.HandleError(err) - return - } + clusterModel, err := models.ClusterModel.GetParsedMetaDataByName(cluster) + if err != nil { + logs.Error("get cluster error.%v", err) + c.HandleError(err) + return + } - // add service predeploy - common.ServicePreDeploy(&kubeService, clusterModel, namespaceModel) + // add service predeploy + common.ServicePreDeploy(&kubeService, clusterModel, namespaceModel) - publishHistory := &models.PublishHistory{ - Type: models.PublishTypeService, - ResourceId: int64(serviceId), - ResourceName: kubeService.Name, - TemplateId: int64(tplId), - Cluster: cluster, - User: c.User.Name, - } - defer models.PublishHistoryModel.Add(publishHistory) - // 发布资源到k8s平台 - _, err = service.CreateOrUpdateService(cli, &kubeService) + publishHistory := &models.PublishHistory{ + Type: models.PublishTypeService, + ResourceId: int64(serviceId), + ResourceName: kubeService.Name, + TemplateId: int64(tplId), + Cluster: cluster, + User: c.User.Name, + } + defer models.PublishHistoryModel.Add(publishHistory) + // 发布资源到k8s平台 + _, err = service.CreateOrUpdateService(cli, &kubeService) + if err != nil { + publishHistory.Status = models.ReleaseFailure + publishHistory.Message = err.Error() + logs.Error("deploy service error.%v", err) + c.HandleError(err) + return + } else { + publishHistory.Status = models.ReleaseSuccess + // 添加发布状态 + publishStatus := models.PublishStatus{ + ResourceId: int64(serviceId), + TemplateId: int64(tplId), + Type: models.PublishTypeService, + Cluster: cluster, + } + err = models.PublishStatusModel.Publish(&publishStatus) if err != nil { - publishHistory.Status = models.ReleaseFailure - publishHistory.Message = err.Error() - logs.Error("deploy service error.%v", err) + logs.Error("publish publishStatus (%v) to db error.%v", publishStatus, err) c.HandleError(err) return - } else { - publishHistory.Status = models.ReleaseSuccess - // 添加发布状态 - publishStatus := models.PublishStatus{ - ResourceId: int64(serviceId), - TemplateId: int64(tplId), - Type: models.PublishTypeService, - Cluster: cluster, - } - err = models.PublishStatusModel.Publish(&publishStatus) - if err != nil { - logs.Error("publish publishStatus (%v) to db error.%v", publishStatus, err) - c.HandleError(err) - return - } } - webhook.PublishEventService(c.NamespaceId, c.AppId, c.User.Name, c.Ctx.Input.IP(), webhook.OnlineService, response.Resource{ - Type: publishHistory.Type, - ResourceId: publishHistory.ResourceId, - ResourceName: publishHistory.ResourceName, - TemplateId: publishHistory.TemplateId, - Cluster: publishHistory.Cluster, - Status: publishHistory.Status, - Message: publishHistory.Message, - Object: kubeService, - }) - - c.Success("ok") - } else { - c.AbortBadRequestFormat("Cluster") } + webhook.PublishEventService(c.NamespaceId, c.AppId, c.User.Name, c.Ctx.Input.IP(), webhook.OnlineService, response.Resource{ + Type: publishHistory.Type, + ResourceId: publishHistory.ResourceId, + ResourceName: publishHistory.ResourceName, + TemplateId: publishHistory.TemplateId, + Cluster: publishHistory.Cluster, + Status: publishHistory.Status, + Message: publishHistory.Message, + Object: kubeService, + }) + + c.Success("ok") } diff --git a/src/backend/controllers/kubernetes/statefulset/statefulset.go b/src/backend/controllers/kubernetes/statefulset/statefulset.go index 7542b4b04..3619f7d80 100644 --- a/src/backend/controllers/kubernetes/statefulset/statefulset.go +++ b/src/backend/controllers/kubernetes/statefulset/statefulset.go @@ -229,16 +229,12 @@ func (c *KubeStatefulsetController) Get() { cluster := c.Ctx.Input.Param(":cluster") namespace := c.Ctx.Input.Param(":namespace") name := c.Ctx.Input.Param(":statefulset") - manager, err := client.Manager(cluster) - if err == nil { - result, err := statefulset.GetStatefulsetDetail(manager.Client, manager.CacheFactory, name, namespace) - if err != nil { - logs.Error("get kubernetes statefulset detail error.", cluster, namespace, name, err) - c.HandleError(err) - return - } - c.Success(result) - } else { - c.AbortBadRequestFormat("Cluster") + manager := c.Manager(cluster) + result, err := statefulset.GetStatefulsetDetail(manager.Client, manager.CacheFactory, name, namespace) + if err != nil { + logs.Error("get kubernetes statefulset detail error.", cluster, namespace, name, err) + c.HandleError(err) + return } + c.Success(result) } From cc94d05cfb191e435fa5ca297ef297aa612308ab Mon Sep 17 00:00:00 2001 From: wilhelmguo Date: Fri, 15 Mar 2019 11:44:14 +0800 Subject: [PATCH 8/8] backend: handler error return error detail. --- src/backend/controllers/base/resulthandler.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/backend/controllers/base/resulthandler.go b/src/backend/controllers/base/resulthandler.go index 362c16212..badf64106 100644 --- a/src/backend/controllers/base/resulthandler.go +++ b/src/backend/controllers/base/resulthandler.go @@ -85,7 +85,7 @@ func (c *ResultHandlerController) HandleError(err error) int { errorResult.Code = http.StatusNotFound } errorResult.SubCode = errorResult.Code - errorResult.Msg = http.StatusText(errorResult.Code) + errorResult.Msg = err.Error() } if errorResult.Code >= http.StatusInternalServerError {