add node login command

mantil-io · Mar 3, 2022 · 7d04f04 · 7d04f04
1 parent 047679a
commit 7d04f04
Show file tree

Hide file tree

Showing 17 changed files with 190 additions and 89 deletions.
diff --git a/cli/cmd/root.go b/cli/cmd/root.go
@@ -77,8 +77,7 @@ func root() *cobra.Command {
 		//examples.NewErrorsCommand,
 		//examples.NewArgsCommand,
 		examples.NewGithubAuthCommand,
-		examples.NewUserCommand,
-		examples.NewLogoutCommand,
+		examples.NewNodeCommand,
 	}
 	for _, sub := range subCommands {
 		add(sub)

diff --git a/cli/controller/auth.go b/cli/controller/auth.go
@@ -22,7 +22,7 @@ const (
 func AuthToken(n *domain.Node) (string, error) {
 	t, err := n.AuthToken()
 	var terr *domain.TokenExpiredError
-	if errors.As(err, &terr) && n.GitHubAuthEnabled {
+	if errors.As(err, &terr) && n.GithubID != "" {
 		var err error
 		t, err = githubAuth(n)
 		if err != nil {

diff --git a/cli/controller/examples/node_example.go b/cli/controller/examples/node_example.go
@@ -11,18 +11,20 @@ import (
 	"github.com/spf13/cobra"
 )
 
-func NewUserCommand() *cobra.Command {
+func NewNodeCommand() *cobra.Command {
 	cmd := &cobra.Command{
-		Use:    "user",
+		Use:    "node",
 		Hidden: true,
 	}
 	cmd.AddCommand(NewUserAddCommand())
+	cmd.AddCommand(NewLoginCommand())
+	cmd.AddCommand(NewLogoutCommand())
 	return cmd
 }
 
 func NewUserAddCommand() *cobra.Command {
 	cmd := &cobra.Command{
-		Use:    "add",
+		Use:    "user-add",
 		Hidden: true,
 		RunE: func(cmd *cobra.Command, args []string) error {
 			node := cmd.Flag("node").Value.String()
@@ -62,12 +64,31 @@ func NewUserAddCommand() *cobra.Command {
 	return cmd
 }
 
-func nodeInvoker(node *domain.Node) (*invoke.HTTPClient, error) {
-	t, err := controller.AuthToken(node)
-	if err != nil {
-		return nil, err
+func NewLoginCommand() *cobra.Command {
+	cmd := &cobra.Command{
+		Use:    "login",
+		Hidden: true,
+		Args:   cobra.ExactArgs(1),
+		RunE: func(cmd *cobra.Command, args []string) error {
+			nodeURL := args[0]
+			i := invoke.Node(nodeURL, "", ui.NodeLogsSink)
+			var rsp dto.LoginResponse
+			if err := i.Do("auth/login", nil, &rsp); err != nil {
+				return err
+			}
+			fs, err := domain.NewSingleDeveloperWorkspaceStore()
+			if err != nil {
+				return err
+			}
+			w := fs.Workspace()
+			w.AddNode(rsp.Node)
+			return fs.Store()
+			// buf, _ := json.Marshal(rsp)
+			// fmt.Println(string(buf))
+			// return nil
+		},
 	}
-	return invoke.Node(node.Endpoints.Rest, t, ui.NodeLogsSink), nil
+	return cmd
 }
 
 func NewLogoutCommand() *cobra.Command {
@@ -95,3 +116,11 @@ func NewLogoutCommand() *cobra.Command {
 	cmd.Flags().StringP("node", "", domain.DefaultNodeName, "")
 	return cmd
 }
+
+func nodeInvoker(node *domain.Node) (*invoke.HTTPClient, error) {
+	t, err := controller.AuthToken(node)
+	if err != nil {
+		return nil, err
+	}
+	return invoke.Node(node.Endpoints.Rest, t, ui.NodeLogsSink), nil
+}
diff --git a/cli/controller/setup.go b/cli/controller/setup.go
@@ -50,6 +50,7 @@ type stackTemplateData struct {
 	Region             string
 	Suffix             string
 	APIGatewayLogsRole string
+	Env                map[string]string
 }
 
 func NewSetup(a *SetupArgs) (*Setup, error) {
@@ -83,8 +84,7 @@ Available regions are:
 	}
 	ws := c.store.Workspace()
 	bucket, key := getPath(c.aws.Region())
-	ghAuth := c.githubID != ""
-	n, err := ws.NewNode(c.nodeName, c.aws.AccountID(), c.aws.Region(), bucket, key, version, ghAuth)
+	n, err := ws.NewNode(c.nodeName, c.aws.AccountID(), c.aws.Region(), bucket, key, version, c.githubID)
 	if err != nil {
 		return log.Wrap(err)
 	}
@@ -113,27 +113,21 @@ func (c *Setup) regionSupported() bool {
 
 func (c *Setup) create(n *domain.Node) error {
 	tmr := timerFn()
-	if err := c.createSetupStack(n.Functions, n.ResourceSuffix()); err != nil {
+	if err := c.createSetupStack(n.Functions, n.ResourceSuffix(), n.SetupEnv()); err != nil {
 		return log.Wrap(err)
 	}
 	stackDuration := tmr()
 
 	ui.Info("")
 	ui.Title("Setting up AWS infrastructure\n")
 	req := &dto.SetupRequest{
-		BucketConfig: dto.SetupBucketConfig{
+		BucketConfig: &dto.SetupBucketConfig{
 			Name:         n.Bucket,
 			ExpirePrefix: domain.FunctionsBucketPrefix,
 			ExpireDays:   domain.FunctionsBucketExpireDays,
 		},
-		FunctionsBucket:    n.Functions.Bucket,
-		FunctionsPath:      n.Functions.Path,
-		AuthEnv:            n.AuthEnv(),
-		ResourceSuffix:     n.ResourceSuffix(),
-		NamingTemplate:     n.ResourceNamingTemplate(),
+		Node:               n,
 		APIGatewayLogsRole: APIGatewayLogsRole,
-		ResourceTags:       c.resourceTags,
-		GithubID:           c.githubID,
 	}
 	rsp := &dto.SetupResponse{}
 	if err := invoke.Lambda(c.aws.Lambda(), c.lambdaName, ui.NodeLogsSink).Do("create", req, rsp); err != nil {
@@ -158,14 +152,15 @@ func (c *Setup) backendExists() (bool, error) {
 	return c.aws.LambdaExists(c.lambdaName)
 }
 
-func (c *Setup) createSetupStack(acf domain.NodeFunctions, suffix string) error {
+func (c *Setup) createSetupStack(acf domain.NodeFunctions, suffix string, env map[string]string) error {
 	td := stackTemplateData{
 		Name:               c.stackName,
 		Bucket:             acf.Bucket,
 		S3Key:              fmt.Sprintf("%s/setup.zip", acf.Path),
 		Region:             c.aws.Region(),
 		Suffix:             suffix,
 		APIGatewayLogsRole: APIGatewayLogsRole,
+		Env:                env,
 	}
 	t, err := c.renderStackTemplate(td)
 	if err != nil {
@@ -219,16 +214,10 @@ func (c *Setup) upgrade(n *domain.Node) error {
 	ui.Info("")
 	ui.Title("Upgrading AWS infrastructure\n")
 	req := &dto.SetupRequest{
-		BucketConfig: dto.SetupBucketConfig{
+		BucketConfig: &dto.SetupBucketConfig{
 			Name: n.Bucket,
 		},
-		FunctionsBucket: n.Functions.Bucket,
-		FunctionsPath:   n.Functions.Path,
-		AuthEnv:         n.AuthEnv(),
-		ResourceSuffix:  n.ResourceSuffix(),
-		NamingTemplate:  n.ResourceNamingTemplate(),
-		ResourceTags:    c.resourceTags,
-		GithubID:        c.githubID,
+		Node: n,
 	}
 	if err := invoke.Lambda(c.aws.Lambda(), c.lambdaName, ui.NodeLogsSink).Do("upgrade", req, nil); err != nil {
 		return log.Wrap(err, "failed to invoke setup function")

diff --git a/cli/controller/setup_stack_template.yml b/cli/controller/setup_stack_template.yml
@@ -116,6 +116,22 @@ Resources:
                   - ssm:DeleteParameter
                 Resource:
                   - "*"
+              - Effect: Allow
+                Action: 
+                  - dynamodb:DescribeTable
+                  - dynamodb:DescribeContinuousBackups
+                  - dynamodb:ListTagsOfResource
+                  - dynamodb:TagResource
+                  - dynamodb:DescribeTimeToLive
+                  - dynamodb:CreateTable
+                  - dynamodb:Query
+                  - dynamodb:PutItem
+                  - dynamodb:GetItem
+                  - dynamodb:BatchWriteItem
+                  - dynamodb:BatchGetItem
+                  - dynamodb:DeleteItem
+                Resource:
+                  - "arn:aws:dynamodb:*:*:table/mantil-kv-{{.Suffix}}"
   MantilSetupLambda:
     Type: AWS::Lambda::Function
     Properties:
@@ -133,6 +149,11 @@ Resources:
       Role: !GetAtt
         - MantilSetupRole
         - Arn
+      Environment:
+        Variables:
+          {{- range $key, $value := .Env}}
+          {{$key}}: "{{$value}}"
+          {{- end}}
     DependsOn:
       - MantilSetupRole
       - MantilSetupLambdaLogGroup

diff --git a/cli/controller/setup_test.go b/cli/controller/setup_test.go
@@ -16,6 +16,9 @@ func TestRenderTemplate(t *testing.T) {
 		Region:             "region",
 		Suffix:             "suffix",
 		APIGatewayLogsRole: "logs-role",
+		Env: map[string]string{
+			"key": "value",
+		},
 	}
 	s := &Setup{}
 	actual, err := s.renderStackTemplate(td)

diff --git a/cli/controller/testdata/template.yml b/cli/controller/testdata/template.yml
@@ -116,6 +116,22 @@ Resources:
                   - ssm:DeleteParameter
                 Resource:
                   - "*"
+              - Effect: Allow
+                Action: 
+                  - dynamodb:DescribeTable
+                  - dynamodb:DescribeContinuousBackups
+                  - dynamodb:ListTagsOfResource
+                  - dynamodb:TagResource
+                  - dynamodb:DescribeTimeToLive
+                  - dynamodb:CreateTable
+                  - dynamodb:Query
+                  - dynamodb:PutItem
+                  - dynamodb:GetItem
+                  - dynamodb:BatchWriteItem
+                  - dynamodb:BatchGetItem
+                  - dynamodb:DeleteItem
+                Resource:
+                  - "arn:aws:dynamodb:*:*:table/mantil-kv-suffix"
   MantilSetupLambda:
     Type: AWS::Lambda::Function
     Properties:
@@ -133,6 +149,9 @@ Resources:
       Role: !GetAtt
         - MantilSetupRole
         - Arn
+      Environment:
+        Variables:
+          key: "value"
     DependsOn:
       - MantilSetupRole
       - MantilSetupLambdaLogGroup

diff --git a/domain/stage_test.go b/domain/stage_test.go
@@ -24,7 +24,6 @@ func TestStageResourceTags(t *testing.T) {
 	tags := stage.ResourceTags()
 	require.NotEmpty(t, tags)
 
-	require.Equal(t, "my-workspace-id", tags[TagWorkspace])
 	require.Equal(t, "abcdefg", tags[TagKey])
 	require.Equal(t, "my-project", tags[TagProjectName])
 	require.Equal(t, "my-stage", tags[TagStageName])

diff --git a/domain/workspace.go b/domain/workspace.go
@@ -31,6 +31,8 @@ const (
 	SSMPrivateKey  = "private_key"
 	SSMGithubIDKey = "github_id"
 
+	NodeConfigKey = "config"
+
 	TagWorkspace   = EnvWorkspace
 	TagKey         = EnvKey
 	TagProjectName = EnvProjectName
@@ -68,8 +70,8 @@ type Node struct {
 	Functions NodeFunctions `yaml:"functions"`
 	Stages    []*NodeStage  `yaml:"stages,omitempty"`
 
-	GitHubAuthEnabled bool   `yaml:"github_auth_enabled,omitempty"`
-	JWT               string `yaml:"jwt,omitempty"`
+	GithubID string `yaml:"github_id,omitempty"`
+	JWT      string `yaml:"jwt,omitempty"`
 
 	workspace *Workspace
 }
@@ -100,6 +102,13 @@ func newWorkspace() *Workspace {
 	}
 }
 
+func (w *Workspace) AddNode(n *Node) {
+	if w.nodeExists(n.Name) {
+		return
+	}
+	w.Nodes = append(w.Nodes, n)
+}
+
 func (w *Workspace) RemoveNode(name string) {
 	for idx, a := range w.Nodes {
 		if a.Name == name {
@@ -118,7 +127,7 @@ func (w *Workspace) Node(name string) *Node {
 	return nil
 }
 
-func (w *Workspace) NewNode(name, awsAccountID, awsRegion, functionsBucket, functionsPath, version string, githubAuth bool) (*Node, error) {
+func (w *Workspace) NewNode(name, awsAccountID, awsRegion, functionsBucket, functionsPath, version string, githubID string) (*Node, error) {
 	if w.nodeExists(name) {
 		return nil, errors.WithStack(&NodeExistsError{name})
 	}
@@ -137,8 +146,8 @@ func (w *Workspace) NewNode(name, awsAccountID, awsRegion, functionsBucket, func
 		},
 		workspace: w,
 	}
-	if githubAuth {
-		a.GitHubAuthEnabled = true
+	if githubID != "" {
+		a.GithubID = githubID
 	} else {
 		publicKey, privateKey, err := token.KeyPair()
 		if err != nil {
@@ -164,8 +173,7 @@ func (w *Workspace) nodeExists(name string) bool {
 
 func (n *Node) ResourceTags() map[string]string {
 	return map[string]string{
-		TagWorkspace: n.workspace.ID,
-		TagKey:       n.ID,
+		TagKey: n.ID,
 	}
 }
 
@@ -178,17 +186,27 @@ func (n *Node) UpgradeVersion(version, functionsBbucket, functionsPath string) {
 func (n *Node) AuthEnv() map[string]string {
 	return map[string]string{
 		EnvPublicKey:     n.Keys.Public,
-		EnvKVTable:       fmt.Sprintf("mantil-kv-%s", n.ID),
+		EnvKVTable:       n.KVTableName(),
 		EnvSSMPathPrefix: fmt.Sprintf("/mantil-node-%s", n.ID),
 	}
 }
 
+func (n *Node) SetupEnv() map[string]string {
+	return map[string]string{
+		EnvKVTable: n.KVTableName(),
+	}
+}
+
 func (w *Workspace) afterRestore() {
 	for _, n := range w.Nodes {
 		n.workspace = w
 	}
 }
 
+func (n *Node) KVTableName() string {
+	return fmt.Sprintf("mantil-kv-%s", n.ID)
+}
+
 const (
 	nodeResourcePrefix = "mantil-setup"
 )
@@ -266,7 +284,7 @@ func Factory(w *Workspace, p *Project, e *EnvironmentConfig) error {
 }
 
 func (n *Node) AuthToken() (string, error) {
-	if !n.GitHubAuthEnabled {
+	if n.GithubID == "" {
 		claims := &AccessTokenClaims{
 			Role:      Owner,
 			Workspace: n.workspace.ID,