diff --git a/internal/services/gateway/action/variable.go b/internal/services/gateway/action/variable.go index 2dc2abe..97e5e17 100644 --- a/internal/services/gateway/action/variable.go +++ b/internal/services/gateway/action/variable.go @@ -141,6 +141,79 @@ func (h *ActionHandler) CreateVariable(ctx context.Context, req *CreateVariableR return rv, cssecrets, nil } +type UpdateVariableRequest struct { + VariableName string + + Name string + + ParentType types.ConfigType + ParentRef string + + Values []types.VariableValue +} + +func (h *ActionHandler) UpdateVariable(ctx context.Context, req *UpdateVariableRequest) (*csapi.Variable, []*csapi.Secret, error) { + isVariableOwner, err := h.IsVariableOwner(ctx, req.ParentType, req.ParentRef) + if err != nil { + return nil, nil, errors.Errorf("failed to determine ownership: %w", err) + } + if !isVariableOwner { + return nil, nil, util.NewErrForbidden(errors.Errorf("user not authorized")) + } + + if !util.ValidateName(req.Name) { + return nil, nil, util.NewErrBadRequest(errors.Errorf("invalid variable name %q", req.Name)) + } + + if len(req.Values) == 0 { + return nil, nil, util.NewErrBadRequest(errors.Errorf("empty variable values")) + } + + v := &types.Variable{ + Name: req.Name, + Parent: types.Parent{ + Type: req.ParentType, + ID: req.ParentRef, + }, + Values: req.Values, + } + + var cssecrets []*csapi.Secret + var rv *csapi.Variable + + switch req.ParentType { + case types.ConfigTypeProjectGroup: + var err error + var resp *http.Response + cssecrets, resp, err = h.configstoreClient.GetProjectGroupSecrets(ctx, req.ParentRef, true) + if err != nil { + return nil, nil, errors.Errorf("failed to get project group %q secrets: %w", req.ParentRef, ErrFromRemote(resp, err)) + } + + h.log.Infof("creating project group variable") + rv, resp, err = h.configstoreClient.UpdateProjectGroupVariable(ctx, req.ParentRef, req.VariableName, v) + if err != nil { + return nil, nil, errors.Errorf("failed to create variable: %w", ErrFromRemote(resp, err)) + } + case types.ConfigTypeProject: + var err error + var resp *http.Response + cssecrets, resp, err = h.configstoreClient.GetProjectSecrets(ctx, req.ParentRef, true) + if err != nil { + return nil, nil, errors.Errorf("failed to get project %q secrets: %w", req.ParentRef, ErrFromRemote(resp, err)) + } + + h.log.Infof("creating project variable") + rv, resp, err = h.configstoreClient.UpdateProjectVariable(ctx, req.ParentRef, req.VariableName, v) + if err != nil { + return nil, nil, errors.Errorf("failed to create variable: %w", ErrFromRemote(resp, err)) + } + } + h.log.Infof("variable %s created, ID: %s", rv.Name, rv.ID) + + return rv, cssecrets, nil +} + func (h *ActionHandler) DeleteVariable(ctx context.Context, parentType types.ConfigType, parentRef, name string) error { isVariableOwner, err := h.IsVariableOwner(ctx, parentType, parentRef) if err != nil { diff --git a/internal/services/gateway/api/client.go b/internal/services/gateway/api/client.go index af63cea..0da8b81 100644 --- a/internal/services/gateway/api/client.go +++ b/internal/services/gateway/api/client.go @@ -202,6 +202,17 @@ func (c *Client) CreateProjectGroupVariable(ctx context.Context, projectGroupRef return variable, resp, err } +func (c *Client) UpdateProjectGroupVariable(ctx context.Context, projectGroupRef, variableName string, req *UpdateVariableRequest) (*VariableResponse, *http.Response, error) { + reqj, err := json.Marshal(req) + if err != nil { + return nil, nil, err + } + + variable := new(VariableResponse) + resp, err := c.getParsedResponse(ctx, "PUT", path.Join("/projectgroups", url.PathEscape(projectGroupRef), "variables", variableName), nil, jsonContent, bytes.NewReader(reqj), variable) + return variable, resp, err +} + func (c *Client) DeleteProjectGroupVariable(ctx context.Context, projectGroupRef, variableName string) (*http.Response, error) { return c.getResponse(ctx, "DELETE", path.Join("/projectgroups", url.PathEscape(projectGroupRef), "variables", variableName), nil, jsonContent, nil) } @@ -217,6 +228,17 @@ func (c *Client) CreateProjectVariable(ctx context.Context, projectRef string, r return variable, resp, err } +func (c *Client) UpdateProjectVariable(ctx context.Context, projectRef, variableName string, req *UpdateVariableRequest) (*VariableResponse, *http.Response, error) { + reqj, err := json.Marshal(req) + if err != nil { + return nil, nil, err + } + + variable := new(VariableResponse) + resp, err := c.getParsedResponse(ctx, "PUT", path.Join("/projects", url.PathEscape(projectRef), "variables", variableName), nil, jsonContent, bytes.NewReader(reqj), variable) + return variable, resp, err +} + func (c *Client) DeleteProjectVariable(ctx context.Context, projectRef, variableName string) (*http.Response, error) { return c.getResponse(ctx, "DELETE", path.Join("/projects", url.PathEscape(projectRef), "variables", variableName), nil, jsonContent, nil) } diff --git a/internal/services/gateway/api/variable.go b/internal/services/gateway/api/variable.go index 277ec31..4234918 100644 --- a/internal/services/gateway/api/variable.go +++ b/internal/services/gateway/api/variable.go @@ -157,6 +157,58 @@ func (h *CreateVariableHandler) ServeHTTP(w http.ResponseWriter, r *http.Request } } +type UpdateVariableRequest struct { + Name string `json:"name,omitempty"` + + Values []types.VariableValue `json:"values,omitempty"` +} + +type UpdateVariableHandler struct { + log *zap.SugaredLogger + ah *action.ActionHandler +} + +func NewUpdateVariableHandler(logger *zap.Logger, ah *action.ActionHandler) *UpdateVariableHandler { + return &UpdateVariableHandler{log: logger.Sugar(), ah: ah} +} + +func (h *UpdateVariableHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { + ctx := r.Context() + vars := mux.Vars(r) + variableName := vars["variablename"] + + parentType, parentRef, err := GetConfigTypeRef(r) + if httpError(w, err) { + h.log.Errorf("err: %+v", err) + return + } + + var req UpdateVariableRequest + d := json.NewDecoder(r.Body) + if err := d.Decode(&req); err != nil { + httpError(w, util.NewErrBadRequest(err)) + return + } + areq := &action.UpdateVariableRequest{ + VariableName: variableName, + + Name: req.Name, + ParentType: parentType, + ParentRef: parentRef, + Values: req.Values, + } + csvar, cssecrets, err := h.ah.UpdateVariable(ctx, areq) + if httpError(w, err) { + h.log.Errorf("err: %+v", err) + return + } + + res := createVariableResponse(csvar, cssecrets) + if err := httpResponse(w, http.StatusOK, res); err != nil { + h.log.Errorf("err: %+v", err) + } +} + type DeleteVariableHandler struct { log *zap.SugaredLogger ah *action.ActionHandler diff --git a/internal/services/gateway/gateway.go b/internal/services/gateway/gateway.go index 67ce07a..81b92b9 100644 --- a/internal/services/gateway/gateway.go +++ b/internal/services/gateway/gateway.go @@ -165,6 +165,7 @@ func (g *Gateway) Run(ctx context.Context) error { variableHandler := api.NewVariableHandler(logger, g.ah) createVariableHandler := api.NewCreateVariableHandler(logger, g.ah) + updateVariableHandler := api.NewUpdateVariableHandler(logger, g.ah) deleteVariableHandler := api.NewDeleteVariableHandler(logger, g.ah) currentUserHandler := api.NewCurrentUserHandler(logger, g.ah) @@ -252,6 +253,8 @@ func (g *Gateway) Run(ctx context.Context) error { apirouter.Handle("/projects/{projectref}/variables", authForcedHandler(variableHandler)).Methods("GET") apirouter.Handle("/projectgroups/{projectgroupref}/variables", authForcedHandler(createVariableHandler)).Methods("POST") apirouter.Handle("/projects/{projectref}/variables", authForcedHandler(createVariableHandler)).Methods("POST") + apirouter.Handle("/projectgroups/{projectgroupref}/variables/{variablename}", authForcedHandler(updateVariableHandler)).Methods("PUT") + apirouter.Handle("/projects/{projectref}/variables/{variablename}", authForcedHandler(updateVariableHandler)).Methods("PUT") apirouter.Handle("/projectgroups/{projectgroupref}/variables/{variablename}", authForcedHandler(deleteVariableHandler)).Methods("DELETE") apirouter.Handle("/projects/{projectref}/variables/{variablename}", authForcedHandler(deleteVariableHandler)).Methods("DELETE")