diff options
Diffstat (limited to 'cmd')
| -rw-r--r-- | cmd/tfstated/delete.go | 28 | ||||
| -rw-r--r-- | cmd/tfstated/get.go | 28 | ||||
| -rw-r--r-- | cmd/tfstated/healthz.go | 12 | ||||
| -rw-r--r-- | cmd/tfstated/lock.go | 61 | ||||
| -rw-r--r-- | cmd/tfstated/main.go | 89 | ||||
| -rw-r--r-- | cmd/tfstated/main_test.go | 51 | ||||
| -rw-r--r-- | cmd/tfstated/post.go | 40 | ||||
| -rw-r--r-- | cmd/tfstated/routes.go | 22 | ||||
| -rw-r--r-- | cmd/tfstated/unlock.go | 32 |
9 files changed, 51 insertions, 312 deletions
diff --git a/cmd/tfstated/delete.go b/cmd/tfstated/delete.go deleted file mode 100644 index d594073..0000000 --- a/cmd/tfstated/delete.go +++ /dev/null @@ -1,28 +0,0 @@ -package main - -import ( - "fmt" - "net/http" - - "git.adyxax.org/adyxax/tfstated/pkg/database" - "git.adyxax.org/adyxax/tfstated/pkg/helpers" -) - -func handleDelete(db *database.DB) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if r.URL.Path == "/" { - helpers.ErrorResponse(w, http.StatusBadRequest, - fmt.Errorf("no state path provided, cannot DELETE /")) - return - } - - if success, err := db.DeleteState(r.URL.Path); err != nil { - helpers.ErrorResponse(w, http.StatusInternalServerError, err) - } else if success { - w.WriteHeader(http.StatusOK) - } else { - helpers.ErrorResponse(w, http.StatusNotFound, - fmt.Errorf("state path not found: %s", r.URL.Path)) - } - }) -} diff --git a/cmd/tfstated/get.go b/cmd/tfstated/get.go deleted file mode 100644 index 3310560..0000000 --- a/cmd/tfstated/get.go +++ /dev/null @@ -1,28 +0,0 @@ -package main - -import ( - "fmt" - "net/http" - - "git.adyxax.org/adyxax/tfstated/pkg/database" - "git.adyxax.org/adyxax/tfstated/pkg/helpers" -) - -func handleGet(db *database.DB) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.Header().Set("Cache-Control", "no-store, no-cache") - - if r.URL.Path == "/" { - helpers.ErrorResponse(w, http.StatusBadRequest, - fmt.Errorf("no state path provided, cannot GET /")) - return - } - - if data, err := db.GetState(r.URL.Path); err != nil { - helpers.ErrorResponse(w, http.StatusInternalServerError, err) - } else { - w.WriteHeader(http.StatusOK) - _, _ = w.Write(data) - } - }) -} diff --git a/cmd/tfstated/healthz.go b/cmd/tfstated/healthz.go deleted file mode 100644 index 20c72c9..0000000 --- a/cmd/tfstated/healthz.go +++ /dev/null @@ -1,12 +0,0 @@ -package main - -import "net/http" - -func handleHealthz() http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.Header().Set("Cache-Control", "no-store, no-cache") - w.Header().Set("Content-Type", "application/json") - w.WriteHeader(http.StatusOK) - _, _ = w.Write([]byte("{}")) - }) -} diff --git a/cmd/tfstated/lock.go b/cmd/tfstated/lock.go deleted file mode 100644 index 80e3575..0000000 --- a/cmd/tfstated/lock.go +++ /dev/null @@ -1,61 +0,0 @@ -package main - -import ( - "fmt" - "net/http" - "regexp" - "time" - - "git.adyxax.org/adyxax/tfstated/pkg/database" - "git.adyxax.org/adyxax/tfstated/pkg/helpers" -) - -type lockRequest struct { - Created time.Time `json:"Created"` - ID string `json:"ID"` - Info string `json:"Info"` - Operation string `json:"Operation"` - Path string `json:"Path"` - Version string `json:"Version"` - Who string `json:"Who"` -} - -var ( - validID = regexp.MustCompile("[a-f0-9]{8}-(?:[a-f0-9]{4}-){3}[a-f0-9]{12}") -) - -func (l *lockRequest) valid() []error { - err := make([]error, 0) - if !validID.MatchString(l.ID) { - err = append(err, fmt.Errorf("invalid ID")) - } - return err -} - -func handleLock(db *database.DB) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if r.URL.Path == "/" { - _ = helpers.Encode(w, http.StatusBadRequest, - fmt.Errorf("no state path provided, cannot LOCK /")) - return - } - - var lock lockRequest - if err := helpers.Decode(r, &lock); err != nil { - _ = helpers.Encode(w, http.StatusBadRequest, err) - return - } - if errs := lock.valid(); len(errs) > 0 { - _ = helpers.Encode(w, http.StatusBadRequest, - fmt.Errorf("invalid lock: %+v", errs)) - return - } - if success, err := db.SetLockOrGetExistingLock(r.URL.Path, &lock); err != nil { - helpers.ErrorResponse(w, http.StatusInternalServerError, err) - } else if success { - w.WriteHeader(http.StatusOK) - } else { - _ = helpers.Encode(w, http.StatusConflict, lock) - } - }) -} diff --git a/cmd/tfstated/main.go b/cmd/tfstated/main.go index e6c6272..e228d53 100644 --- a/cmd/tfstated/main.go +++ b/cmd/tfstated/main.go @@ -3,85 +3,50 @@ package main import ( "context" "fmt" - "io" - "log" "log/slog" - "net" - "net/http" "os" "os/signal" - "strconv" "sync" + "syscall" "time" + "git.adyxax.org/adyxax/tfstated/pkg/backend" "git.adyxax.org/adyxax/tfstated/pkg/database" - "git.adyxax.org/adyxax/tfstated/pkg/logger" + "git.adyxax.org/adyxax/tfstated/pkg/webui" ) -type Config struct { - Host string - Port string -} - func run( ctx context.Context, - config *Config, db *database.DB, - //args []string, getenv func(string) string, - //stdin io.Reader, - //stdout io.Writer, - stderr io.Writer, ) error { - ctx, cancel := signal.NotifyContext(ctx, os.Interrupt) + ctx, cancel := signal.NotifyContext(ctx, os.Interrupt, syscall.SIGTERM) defer cancel() - dataEncryptionKey := getenv("DATA_ENCRYPTION_KEY") - if dataEncryptionKey == "" { - return fmt.Errorf("the DATA_ENCRYPTION_KEY environment variable is not set") - } - if err := db.SetDataEncryptionKey(dataEncryptionKey); err != nil { - return err - } - versionsHistoryLimit := getenv("VERSIONS_HISTORY_LIMIT") - if versionsHistoryLimit != "" { - n, err := strconv.Atoi(versionsHistoryLimit) - if err != nil { - return fmt.Errorf("failed to parse the VERSIONS_HISTORY_LIMIT environment variable: %w", err) - } - db.SetVersionsHistoryLimit(n) - } - if err := db.InitAdminAccount(); err != nil { return err } - mux := http.NewServeMux() - addRoutes( - mux, - db, - ) + backend := backend.Run(ctx, db, getenv) + webui := webui.Run(ctx, db, getenv) - httpServer := &http.Server{ - Addr: net.JoinHostPort(config.Host, config.Port), - Handler: logger.Middleware(mux, false), - } + <-ctx.Done() + shutdownCtx := context.Background() + shutdownCtx, shutdownCancel := context.WithTimeout(shutdownCtx, 10*time.Second) + defer shutdownCancel() + + var wg sync.WaitGroup + wg.Add(2) go func() { - log.Printf("listening on %s\n", httpServer.Addr) - if err := httpServer.ListenAndServe(); err != nil && err != http.ErrServerClosed { - fmt.Fprintf(stderr, "error listening and serving: %+v\n", err) + defer wg.Done() + if err := backend.Shutdown(shutdownCtx); err != nil { + slog.Error("error shutting down backend http server", "error", err) } }() - var wg sync.WaitGroup - wg.Add(1) go func() { defer wg.Done() - <-ctx.Done() - shutdownCtx := context.Background() - shutdownCtx, cancel := context.WithTimeout(shutdownCtx, 10*time.Second) - defer cancel() - if err := httpServer.Shutdown(shutdownCtx); err != nil { - fmt.Fprintf(stderr, "error shutting down http server: %+v\n", err) + if err := webui.Shutdown(shutdownCtx); err != nil { + slog.Error("error shutting down webui http server", "error", err) } }() wg.Wait() @@ -93,7 +58,7 @@ func main() { ctx := context.Background() var opts *slog.HandlerOptions - if os.Getenv("TFSTATE_DEBUG") != "" { + if os.Getenv("TFSTATED_DEBUG") != "" { opts = &slog.HandlerOptions{ AddSource: true, Level: slog.LevelDebug, @@ -102,12 +67,11 @@ func main() { logger := slog.New(slog.NewJSONHandler(os.Stdout, opts)) slog.SetDefault(logger) - config := Config{ - Host: "0.0.0.0", - Port: "8080", - } - - db, err := database.NewDB(ctx, "./tfstate.db?_txlock=immediate") + db, err := database.NewDB( + ctx, + "./tfstate.db?_txlock=immediate", + os.Getenv, + ) if err != nil { fmt.Fprintf(os.Stderr, "database init error: %+v\n", err) os.Exit(1) @@ -116,13 +80,8 @@ func main() { if err := run( ctx, - &config, db, - //os.Args, os.Getenv, - //os.Stdin, - //os.Stdout, - os.Stderr, ); err != nil { fmt.Fprintf(os.Stderr, "%+v\n", err) os.Exit(1) diff --git a/cmd/tfstated/main_test.go b/cmd/tfstated/main_test.go index 82b7736..b28edbd 100644 --- a/cmd/tfstated/main_test.go +++ b/cmd/tfstated/main_test.go @@ -7,6 +7,7 @@ import ( "net/http" "net/url" "os" + "sync" "testing" "time" @@ -14,31 +15,23 @@ import ( ) var baseURI = url.URL{ - Host: "127.0.0.1:8081", + Host: "127.0.0.1:8082", Path: "/", Scheme: "http", } var db *database.DB var adminPassword string +var adminPasswordMutex sync.Mutex func TestMain(m *testing.M) { - ctx := context.Background() - ctx, cancel := context.WithCancel(ctx) - config := Config{ - Host: "127.0.0.1", - Port: "8081", - } - _ = os.Remove("./test.db") - var err error - db, err = database.NewDB(ctx, "./test.db") - if err != nil { - fmt.Fprintf(os.Stderr, "%+v\n", err) - os.Exit(1) - } getenv := func(key string) string { switch key { case "DATA_ENCRYPTION_KEY": return "hP3ZSCnY3LMgfTQjwTaGrhKwdA0yXMXIfv67OJnntqM=" + case "TFSTATED_HOST": + return "127.0.0.1" + case "TFSTATED_PORT": + return "8082" case "VERSIONS_HISTORY_LIMIT": return "3" default: @@ -46,17 +39,26 @@ func TestMain(m *testing.M) { } } + ctx := context.Background() + ctx, cancel := context.WithCancel(ctx) + _ = os.Remove("./test.db") + var err error + db, err = database.NewDB(ctx, "./test.db", getenv) + if err != nil { + fmt.Fprintf(os.Stderr, "%+v\n", err) + os.Exit(1) + } database.AdvertiseAdminPassword = func(password string) { + adminPasswordMutex.Lock() + defer adminPasswordMutex.Unlock() adminPassword = password } go run( ctx, - &config, db, getenv, - os.Stderr, ) - err = waitForReady(ctx, 5*time.Second, "http://127.0.0.1:8081/healthz") + err = waitForReady(ctx, 5*time.Second, "http://127.0.0.1:8082/healthz") if err != nil { fmt.Fprintf(os.Stderr, "%+v\n", err) os.Exit(1) @@ -84,6 +86,8 @@ func runHTTPRequest(method string, auth bool, uriRef *url.URL, body io.Reader, t return } if auth { + adminPasswordMutex.Lock() + defer adminPasswordMutex.Unlock() req.SetBasicAuth("admin", adminPassword) } resp, err := client.Do(req) @@ -119,14 +123,13 @@ func waitForReady( resp, err := client.Do(req) if err != nil { fmt.Printf("Error making request: %s\n", err.Error()) - continue - } - if resp.StatusCode == http.StatusOK { - fmt.Println("Endpoint is ready!") - resp.Body.Close() - return nil + } else { + _ = resp.Body.Close() + if resp.StatusCode == http.StatusOK { + fmt.Println("Endpoint is ready!") + return nil + } } - resp.Body.Close() select { case <-ctx.Done(): diff --git a/cmd/tfstated/post.go b/cmd/tfstated/post.go deleted file mode 100644 index 86344b1..0000000 --- a/cmd/tfstated/post.go +++ /dev/null @@ -1,40 +0,0 @@ -package main - -import ( - "fmt" - "io" - "net/http" - - "git.adyxax.org/adyxax/tfstated/pkg/database" - "git.adyxax.org/adyxax/tfstated/pkg/helpers" - "git.adyxax.org/adyxax/tfstated/pkg/model" -) - -func handlePost(db *database.DB) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if r.URL.Path == "/" { - helpers.ErrorResponse(w, http.StatusBadRequest, - fmt.Errorf("no state path provided, cannot POST /"), - ) - return - } - - id := r.URL.Query().Get("ID") - - data, err := io.ReadAll(r.Body) - if err != nil || len(data) == 0 { - helpers.ErrorResponse(w, http.StatusBadRequest, err) - return - } - account := r.Context().Value(model.AccountContextKey{}).(*model.Account) - if idMismatch, err := db.SetState(r.URL.Path, account.Id, data, id); err != nil { - if idMismatch { - helpers.ErrorResponse(w, http.StatusConflict, err) - } else { - helpers.ErrorResponse(w, http.StatusInternalServerError, err) - } - } else { - w.WriteHeader(http.StatusOK) - } - }) -} diff --git a/cmd/tfstated/routes.go b/cmd/tfstated/routes.go deleted file mode 100644 index 019bb76..0000000 --- a/cmd/tfstated/routes.go +++ /dev/null @@ -1,22 +0,0 @@ -package main - -import ( - "net/http" - - "git.adyxax.org/adyxax/tfstated/pkg/basic_auth" - "git.adyxax.org/adyxax/tfstated/pkg/database" -) - -func addRoutes( - mux *http.ServeMux, - db *database.DB, -) { - mux.Handle("GET /healthz", handleHealthz()) - - basicAuth := basic_auth.Middleware(db) - mux.Handle("DELETE /", basicAuth(handleDelete(db))) - mux.Handle("GET /", basicAuth(handleGet(db))) - mux.Handle("LOCK /", basicAuth(handleLock(db))) - mux.Handle("POST /", basicAuth(handlePost(db))) - mux.Handle("UNLOCK /", basicAuth(handleUnlock(db))) -} diff --git a/cmd/tfstated/unlock.go b/cmd/tfstated/unlock.go deleted file mode 100644 index c003d8d..0000000 --- a/cmd/tfstated/unlock.go +++ /dev/null @@ -1,32 +0,0 @@ -package main - -import ( - "fmt" - "net/http" - - "git.adyxax.org/adyxax/tfstated/pkg/database" - "git.adyxax.org/adyxax/tfstated/pkg/helpers" -) - -func handleUnlock(db *database.DB) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if r.URL.Path == "/" { - _ = helpers.Encode(w, http.StatusBadRequest, - fmt.Errorf("no state path provided, cannot LOCK /")) - return - } - - var lock lockRequest - if err := helpers.Decode(r, &lock); err != nil { - _ = helpers.Encode(w, http.StatusBadRequest, err) - return - } - if success, err := db.Unlock(r.URL.Path, &lock); err != nil { - helpers.ErrorResponse(w, http.StatusInternalServerError, err) - } else if success { - w.WriteHeader(http.StatusOK) - } else { - _ = helpers.Encode(w, http.StatusConflict, lock) - } - }) -} |