From 94f04abd90fdd0654151eb47c24c4f8211bcd7f6 Mon Sep 17 00:00:00 2001 From: ImMin5 Date: Mon, 18 Dec 2023 22:56:23 +0900 Subject: [PATCH 1/3] feat: add app in interface --- deploy/helm/templates/deployment-rest.yaml | 2 +- src/spaceone/plugin/api/v1/__init__.py | 0 src/spaceone/plugin/conf/proto_conf.py | 4 - .../plugin/{api => interface}/__init__.py | 0 .../plugin/interface/grpc/__init__.py | 9 + .../{api/v1 => interface/grpc}/plugin.py | 0 .../{api/v1 => interface/grpc}/supervisor.py | 0 src/spaceone/plugin/service/plugin_service.py | 249 ++++++++++-------- .../plugin/service/supervisor_service.py | 239 +++++++++-------- 9 files changed, 285 insertions(+), 218 deletions(-) delete mode 100644 src/spaceone/plugin/api/v1/__init__.py delete mode 100644 src/spaceone/plugin/conf/proto_conf.py rename src/spaceone/plugin/{api => interface}/__init__.py (100%) create mode 100644 src/spaceone/plugin/interface/grpc/__init__.py rename src/spaceone/plugin/{api/v1 => interface/grpc}/plugin.py (100%) rename src/spaceone/plugin/{api/v1 => interface/grpc}/supervisor.py (100%) diff --git a/deploy/helm/templates/deployment-rest.yaml b/deploy/helm/templates/deployment-rest.yaml index 78d243b..20ea40b 100644 --- a/deploy/helm/templates/deployment-rest.yaml +++ b/deploy/helm/templates/deployment-rest.yaml @@ -43,7 +43,7 @@ spec: resources: {{- toYaml .Values.resources.rest | nindent 12 }} {{- end }} - command: ['spaceone', 'rest', 'spaceone.{{ regexReplaceAll "-" .Values.name "_" }}', '-p', '8000'] + command: ['spaceone', 'run', 'rest-server','spaceone.{{ regexReplaceAll "-" .Values.name "_" }}', '-p', '8000'] ports: - containerPort: 8000 volumeMounts: diff --git a/src/spaceone/plugin/api/v1/__init__.py b/src/spaceone/plugin/api/v1/__init__.py deleted file mode 100644 index e69de29..0000000 diff --git a/src/spaceone/plugin/conf/proto_conf.py b/src/spaceone/plugin/conf/proto_conf.py deleted file mode 100644 index 8155313..0000000 --- a/src/spaceone/plugin/conf/proto_conf.py +++ /dev/null @@ -1,4 +0,0 @@ -PROTO = { - 'spaceone.plugin.api.v1.supervisor': ['Supervisor'], - 'spaceone.plugin.api.v1.plugin': ['Plugin'] -} diff --git a/src/spaceone/plugin/api/__init__.py b/src/spaceone/plugin/interface/__init__.py similarity index 100% rename from src/spaceone/plugin/api/__init__.py rename to src/spaceone/plugin/interface/__init__.py diff --git a/src/spaceone/plugin/interface/grpc/__init__.py b/src/spaceone/plugin/interface/grpc/__init__.py new file mode 100644 index 0000000..7048334 --- /dev/null +++ b/src/spaceone/plugin/interface/grpc/__init__.py @@ -0,0 +1,9 @@ +from spaceone.core.pygrpc.server import GRPCServer +from spaceone.plugin.interface.grpc.plugin import Plugin +from spaceone.plugin.interface.grpc.supervisor import Supervisor + +__all__ = ["app"] + +app = GRPCServer() +app.add_service(Plugin) +app.add_service(Supervisor) diff --git a/src/spaceone/plugin/api/v1/plugin.py b/src/spaceone/plugin/interface/grpc/plugin.py similarity index 100% rename from src/spaceone/plugin/api/v1/plugin.py rename to src/spaceone/plugin/interface/grpc/plugin.py diff --git a/src/spaceone/plugin/api/v1/supervisor.py b/src/spaceone/plugin/interface/grpc/supervisor.py similarity index 100% rename from src/spaceone/plugin/api/v1/supervisor.py rename to src/spaceone/plugin/interface/grpc/supervisor.py diff --git a/src/spaceone/plugin/service/plugin_service.py b/src/spaceone/plugin/service/plugin_service.py index e67d5c3..f83426d 100644 --- a/src/spaceone/plugin/service/plugin_service.py +++ b/src/spaceone/plugin/service/plugin_service.py @@ -7,26 +7,31 @@ from spaceone.plugin.manager.supervisor_manager import * from spaceone.plugin.manager.repository_manager import RepositoryManager - _LOGGER = logging.getLogger(__name__) -@authentication_handler(exclude=['get_plugin_endpoint']) -@authorization_handler(exclude=['get_plugin_endpoint']) -@mutation_handler(exclude=['get_plugin_endpoint']) +@authentication_handler +@authorization_handler +@mutation_handler @event_handler class PluginService(BaseService): def __init__(self, metadata): super().__init__(metadata) - self.supervisor_mgr: SupervisorManager = self.locator.get_manager('SupervisorManager') - self.plugin_mgr: PluginManager = self.locator.get_manager('PluginManager') - self.plugin_ref_mgr: PluginRefManager = self.locator.get_manager('PluginRefManager') - self.repository_mgr: RepositoryManager = self.locator.get_manager('RepositoryManager') - - @transaction(append_meta={'authorization.scope': 'DOMAIN'}) - @check_required(['plugin_id', 'domain_id']) + self.supervisor_mgr: SupervisorManager = self.locator.get_manager( + "SupervisorManager" + ) + self.plugin_mgr: PluginManager = self.locator.get_manager("PluginManager") + self.plugin_ref_mgr: PluginRefManager = self.locator.get_manager( + "PluginRefManager" + ) + self.repository_mgr: RepositoryManager = self.locator.get_manager( + "RepositoryManager" + ) + + @transaction(exclude=["authentication", "authorization", "mutation"]) + @check_required(["plugin_id", "domain_id"]) def get_plugin_endpoint(self, params: dict): - """ Get plugin_endpoint + """Get plugin_endpoint Args: params(dict) { @@ -37,52 +42,62 @@ def get_plugin_endpoint(self, params: dict): 'domain_id': 'str' } """ - if params.get('upgrade_mode') == 'MANUAL' and params.get('version') is None: - raise ERROR_REQUIRED_PARAMETER(key='version') + if params.get("upgrade_mode") == "MANUAL" and params.get("version") is None: + raise ERROR_REQUIRED_PARAMETER(key="version") - params.update({'version': self._get_plugin_version(params)}) + params.update({"version": self._get_plugin_version(params)}) return self._get_plugin_endpoint(params) - @transaction(append_meta={'authorization.scope': 'DOMAIN'}) - @check_required(['plugin_id', 'domain_id']) + @transaction( + permission="plugin:Plugin.read", role_types=["DOMAIN_ADMIN", "WORKSPACE_OWNER"] + ) + @check_required(["plugin_id", "domain_id"]) def get_plugin_metadata(self, params: dict): - """ Get plugin_metadata + """Get plugin_metadata Args: params(dict) { - 'plugin_id': 'str', + 'plugin_id': 'str', # required 'version': 'str', 'upgrade_mode': 'str', 'options': 'dict', - 'domain_id': 'str' + 'domain_id': 'str' # injected from auth } """ - plugin_id = params['plugin_id'] - domain_id = params['domain_id'] - options = params.get('options', {}) + plugin_id = params["plugin_id"] + domain_id = params["domain_id"] + options = params.get("options", {}) - if params.get('upgrade_mode') == 'MANUAL' and params.get('version') is None: - raise ERROR_REQUIRED_PARAMETER(key='version') + if params.get("upgrade_mode") == "MANUAL" and params.get("version") is None: + raise ERROR_REQUIRED_PARAMETER(key="version") - params.update({'version': self._get_plugin_version(params)}) + params.update({"version": self._get_plugin_version(params)}) plugin_endpoint_info = self._get_plugin_endpoint(params) api_class = self._get_plugin_api_class(plugin_id, domain_id) - init_response = self.plugin_mgr.init_plugin(plugin_endpoint_info.get('endpoint'), api_class, options) - return init_response.get('metadata', {}) + init_response = self.plugin_mgr.init_plugin( + plugin_endpoint_info.get("endpoint"), api_class, options + ) + return init_response.get("metadata", {}) def _get_plugin_endpoint(self, params): - plugin_id = params['plugin_id'] - labels = params.get('labels', {}) - version = params.get('version') - domain_id = params['domain_id'] + plugin_id = params["plugin_id"] + labels = params.get("labels", {}) + version = params.get("version") + domain_id = params["domain_id"] - installed_plugins = self.plugin_ref_mgr.filter(plugin_id=plugin_id, version=version, domain_id=domain_id) + installed_plugins = self.plugin_ref_mgr.filter( + plugin_id=plugin_id, version=version, domain_id=domain_id + ) for selected_plugin in installed_plugins: try: - _LOGGER.debug(f'[get_plugin_endpoint] selected plugin: {selected_plugin.plugin_owner.endpoint}') + _LOGGER.debug( + f"[get_plugin_endpoint] selected plugin: {selected_plugin.plugin_owner.endpoint}" + ) return self._select_endpoint(selected_plugin, version) except Exception as e: - _LOGGER.error(f'[get_plugin_endpoint] delete failed plugin, {selected_plugin}') + _LOGGER.error( + f"[get_plugin_endpoint] delete failed plugin, {selected_plugin}" + ) selected_plugin.delete() # There is no installed plugin @@ -90,44 +105,50 @@ def _get_plugin_endpoint(self, params): self._check_plugin(plugin_id, version, domain_id) # Create or Fail - matched_supervisors = self.supervisor_mgr.get_matched_supervisors(domain_id, labels) - _LOGGER.debug(f'[get_plugin_endpoint] create new plugin') + matched_supervisors = self.supervisor_mgr.get_matched_supervisors( + domain_id, labels + ) + _LOGGER.debug(f"[get_plugin_endpoint] create new plugin") if matched_supervisors: selected_supervisor = self._select_one(matched_supervisors) # _LOGGER.debug(f'[get_matched_supervisors] selected_supervisor: {selected_supervisor}') installed_plugin = self._get_installed_plugin(selected_supervisor, params) - _LOGGER.debug(f'[get_matched_supervisors] installed_plugin: {installed_plugin}') + _LOGGER.debug( + f"[get_matched_supervisors] installed_plugin: {installed_plugin}" + ) return self._select_endpoint(installed_plugin, version) raise ERROR_NO_POSSIBLE_SUPERVISOR(params=params) def _get_plugin_version(self, params): - plugin_id = params['plugin_id'] - upgrade_mode = params.get('upgrade_mode', 'MANUAL') - version = params.get('version') - domain_id = params['domain_id'] + plugin_id = params["plugin_id"] + upgrade_mode = params.get("upgrade_mode", "MANUAL") + version = params.get("version") + domain_id = params["domain_id"] - if upgrade_mode == 'AUTO': - latest_version = self.repository_mgr.get_plugin_latest_version(plugin_id, domain_id) + if upgrade_mode == "AUTO": + latest_version = self.repository_mgr.get_plugin_latest_version( + plugin_id, domain_id + ) if version is None and latest_version is None: raise ERROR_PLUGIN_IMAGE_NOT_FOUND(plugin_id=plugin_id) return latest_version - elif upgrade_mode == 'MANUAL': + elif upgrade_mode == "MANUAL": if version: return version else: - raise ERROR_REQUIRED_PARAMETER(key='version') + raise ERROR_REQUIRED_PARAMETER(key="version") def _get_plugin_api_class(self, plugin_id, domain_id): plugin_info = self.repository_mgr.get_plugin(plugin_id, domain_id) - service_type = plugin_info['service_type'] - return service_type.split('.')[1] + service_type = plugin_info["service_type"] + return service_type.split(".")[1] def _get_installed_plugin(self, supervisor, params): - """ Get installed plugin at supervisor which is matched with params + """Get installed plugin at supervisor which is matched with params Args: supervisor: supervisor_vo @@ -141,37 +162,52 @@ def _get_installed_plugin(self, supervisor, params): """ # Find first supervisor_id = supervisor.supervisor_id - plugin_id = params['plugin_id'] - version = params['version'] + plugin_id = params["plugin_id"] + version = params["version"] domain_id = supervisor.domain_id - plugin_domain_id = params['domain_id'] - installed_plugin = self.plugin_mgr.search_plugin(supervisor_id, plugin_id, version, domain_id) - _LOGGER.debug(f'[_get_installed_plugin] {installed_plugin}') + plugin_domain_id = params["domain_id"] + installed_plugin = self.plugin_mgr.search_plugin( + supervisor_id, plugin_id, version, domain_id + ) + _LOGGER.debug(f"[_get_installed_plugin] {installed_plugin}") if installed_plugin is None: # If not, create it - _LOGGER.debug(f'[_get_installed_plugin] create new plugin, supervisor_id: {supervisor_id}') - installed_plugin = self.plugin_mgr.install_plugin(supervisor, plugin_id, version, plugin_domain_id) - - installed_plugin_ref = self._get_installed_ref_plugin(supervisor, installed_plugin, params) + _LOGGER.debug( + f"[_get_installed_plugin] create new plugin, supervisor_id: {supervisor_id}" + ) + installed_plugin = self.plugin_mgr.install_plugin( + supervisor, plugin_id, version, plugin_domain_id + ) + + installed_plugin_ref = self._get_installed_ref_plugin( + supervisor, installed_plugin, params + ) return installed_plugin_ref def _get_installed_ref_plugin(self, supervisor, installed_plugin, params): supervisor_id = supervisor.supervisor_id - plugin_id = params['plugin_id'] - version = params['version'] - domain_id = params['domain_id'] + plugin_id = params["plugin_id"] + version = params["version"] + domain_id = params["domain_id"] - installed_plugin_ref = self.plugin_ref_mgr.search_plugin(supervisor_id, plugin_id, version, domain_id) + installed_plugin_ref = self.plugin_ref_mgr.search_plugin( + supervisor_id, plugin_id, version, domain_id + ) if installed_plugin_ref is None: - _LOGGER.debug(f'[_get_installed_ref_plugin] need to create installed_plugin_ref') - installed_plugin_ref = self.plugin_ref_mgr.install_plugin(supervisor, installed_plugin, params) - installed_plugin_ref = self.plugin_ref_mgr.search_plugin(supervisor_id, plugin_id, version, domain_id) + _LOGGER.debug( + f"[_get_installed_ref_plugin] need to create installed_plugin_ref" + ) + installed_plugin_ref = self.plugin_ref_mgr.install_plugin( + supervisor, installed_plugin, params + ) + installed_plugin_ref = self.plugin_ref_mgr.search_plugin( + supervisor_id, plugin_id, version, domain_id + ) return installed_plugin_ref def _select_endpoint(self, plugin_ref, updated_version=None): - """ Select one of plugins, then return endpoint - """ + """Select one of plugins, then return endpoint""" installed_plugin = plugin_ref.plugin_owner # Update endpoint_called_at @@ -179,38 +215,42 @@ def _select_endpoint(self, plugin_ref, updated_version=None): # plugin state = ACTIVE | PROVISIONING state = installed_plugin.state - if state == 'ACTIVE': + if state == "ACTIVE": pass - elif state == 'PROVISIONING' or state == 'RE_PROVISIONING': + elif state == "PROVISIONING" or state == "RE_PROVISIONING": # get up-to-date installed_plugin # ex) installed_plugin.endpoint - installed_plugin = self.plugin_mgr.wait_until_activated(installed_plugin.supervisor_id, - installed_plugin.plugin_id, - installed_plugin.version) + installed_plugin = self.plugin_mgr.wait_until_activated( + installed_plugin.supervisor_id, + installed_plugin.plugin_id, + installed_plugin.version, + ) else: - _LOGGER.error(f'[_select_endpoint] notify failure, {installed_plugin}') + _LOGGER.error(f"[_select_endpoint] notify failure, {installed_plugin}") params = { - 'plugin_id': installed_plugin.plugin_id, - 'version': installed_plugin.version, - 'supervisor_id': installed_plugin.supervisor_id, - 'domain_id': installed_plugin.domain_id + "plugin_id": installed_plugin.plugin_id, + "version": installed_plugin.version, + "supervisor_id": installed_plugin.supervisor_id, + "domain_id": installed_plugin.domain_id, } self.notify_failure(params) - raise ERROR_INSTALL_PLUGIN_TIMEOUT(supervisor_id=installed_plugin.supervisor_id, - plugin_id=installed_plugin.plugin_id, - version=installed_plugin.version) + raise ERROR_INSTALL_PLUGIN_TIMEOUT( + supervisor_id=installed_plugin.supervisor_id, + plugin_id=installed_plugin.plugin_id, + version=installed_plugin.version, + ) endpoint = installed_plugin.endpoint endpoints = installed_plugin.endpoints if endpoints: - _LOGGER.debug(f'[_select_endpoint] {endpoints}') + _LOGGER.debug(f"[_select_endpoint] {endpoints}") endpoint = self._select_one(endpoints) - endpoint_info = {'endpoint': endpoint} + endpoint_info = {"endpoint": endpoint} if updated_version: - endpoint_info['updated_version'] = updated_version + endpoint_info["updated_version"] = updated_version return endpoint_info @@ -218,17 +258,16 @@ def _select_endpoint(self, plugin_ref, updated_version=None): def _select_one(choice_list, algorithm="random"): if algorithm == "random": return random.choice(choice_list) - _LOGGER.error(f'[_select_one] unimplemented algorithm: {algorithm}') + _LOGGER.error(f"[_select_one] unimplemented algorithm: {algorithm}") def _check_plugin(self, plugin_id, version, domain_id): - """ Check plugin_id:version exist or not - """ - repo_mgr = self.locator.get_manager('RepositoryManager') + """Check plugin_id:version exist or not""" + repo_mgr = self.locator.get_manager("RepositoryManager") # Check plugin_id try: repo_mgr.get_plugin(plugin_id, domain_id) except Exception as e: - _LOGGER.error(f'[_check_plugin] {plugin_id} does not exist') + _LOGGER.error(f"[_check_plugin] {plugin_id} does not exist") raise ERROR_PLUGIN_NOT_FOUND(plugin_id=plugin_id) # Check version @@ -237,19 +276,19 @@ def _check_plugin(self, plugin_id, version, domain_id): except Exception as e: raise ERROR_INVALID_PLUGIN_VERSION(plugin_id=plugin_id, version=version) - @transaction(append_meta={'authorization.scope': 'SYSTEM'}) - @check_required(['plugin_id', 'version', 'supervisor_id', 'domain_id']) + @transaction(exclude=["authentication", "authorization", "mutation"]) + @check_required(["plugin_id", "version", "supervisor_id", "domain_id"]) def notify_failure(self, param: dict): - domain_id = param['domain_id'] + domain_id = param["domain_id"] # since supervisor_id exists, don't need to know domain_id # plugin_vo = self.plugin_mgr.mark_failure(param['supervisor_id'], param['plugin_id'], param['version']) return None - @transaction(append_meta={'authorization.scope': 'DOMAIN'}) - @check_required(['plugin_id', 'version', 'domain_id']) + @transaction(exclude=["authentication", "authorization", "mutation"]) + @check_required(["plugin_id", "version", "domain_id"]) def verify(self, params: dict): - """ Verify options and secret_data is correct information for specific plugin + """Verify options and secret_data is correct information for specific plugin Args: params(dict) { @@ -267,25 +306,29 @@ def verify(self, params: dict): # get plugin_endpoint, then ask verify # labels for any match requested_params = { - 'plugin_id': params['plugin_id'], - 'version': params['version'], - 'labels': {}, - 'domain_id': params['domain_id'] + "plugin_id": params["plugin_id"], + "version": params["version"], + "labels": {}, + "domain_id": params["domain_id"], } plugin_endpoint_info = self._get_plugin_endpoint(requested_params) - api_class = self._get_plugin_api_class(params['plugin_id'], params['domain_id']) + api_class = self._get_plugin_api_class(params["plugin_id"], params["domain_id"]) # secret - if 'secret_id' in params: + if "secret_id" in params: # Patch secret_data from secret - resp = self.plugin_mgr.get_secret_data(params['secret_id'], params['domain_id']) + resp = self.plugin_mgr.get_secret_data( + params["secret_id"], params["domain_id"] + ) secret_data = resp.data else: # Empty secret secret_data = {} # options - options = params.get('options', {}) + options = params.get("options", {}) - self.plugin_mgr.verify_plugin(plugin_endpoint_info.get('endpoint'), api_class, options, secret_data) + self.plugin_mgr.verify_plugin( + plugin_endpoint_info.get("endpoint"), api_class, options, secret_data + ) diff --git a/src/spaceone/plugin/service/supervisor_service.py b/src/spaceone/plugin/service/supervisor_service.py index bc5ab69..1735b01 100644 --- a/src/spaceone/plugin/service/supervisor_service.py +++ b/src/spaceone/plugin/service/supervisor_service.py @@ -10,121 +10,131 @@ ELAPSED_DAYS = 7 -@authentication_handler -@authorization_handler -@mutation_handler @event_handler class SupervisorService(BaseService): - def __init__(self, metadata): super().__init__(metadata) - self._supervisor_mgr: SupervisorManager = self.locator.get_manager('SupervisorManager') + self._supervisor_mgr: SupervisorManager = self.locator.get_manager( + "SupervisorManager" + ) # self._supervisor_ref_mgr: SupervisorRefManager = self.locator.get_manager('SupervisorRefManager') - @transaction(append_meta={'authorization.scope': 'DOMAIN'}) - @check_required(['name', 'hostname', 'domain_id']) + @transaction() + @check_required(["name", "hostname", "domain_id"]) def publish(self, params): # _LOGGER.debug(f'[publish] params: {params}') - plugin_mgr: PluginManager = self.locator.get_manager('PluginManager') + plugin_mgr: PluginManager = self.locator.get_manager("PluginManager") - domain_id = params['domain_id'] + domain_id = params["domain_id"] try: # unique: hostname + name - supervisor = self._supervisor_mgr.get_by_hostname(params['hostname'], domain_id) + supervisor = self._supervisor_mgr.get_by_hostname( + params["hostname"], domain_id + ) except ERROR_NOT_FOUND: # create new supervisor supervisor = self._supervisor_mgr.create(params) ############################### # East EGG for Automatic Test ############################### - if params['name'] == 'root': + if params["name"] == "root": self._supervisor_mgr.update( - {'supervisor_id': supervisor.supervisor_id, 'is_public': True, 'domain_id': domain_id}) + { + "supervisor_id": supervisor.supervisor_id, + "is_public": True, + "domain_id": domain_id, + } + ) if supervisor: - plugins_info = params.get('plugin_info', []) + plugins_info = params.get("plugin_info", []) # print(f'[publish] plugin_info: {plugins_info}') for plugin in plugins_info: # Update State (XXXX -> ACTIVE) # Update endpoint (grpc://xxxx) # There may be no plugin at DB (maybe deleted, or supervisor's garbage) # self._plugin_mgr.update_plugin(plugin) - _LOGGER.debug(f'[publish] plugin={plugin}') + _LOGGER.debug(f"[publish] plugin={plugin}") try: - plugin_mgr.update_plugin_state(plugin['plugin_id'], - plugin['version'], - plugin['state'], - plugin['endpoint'], - plugin.get('endpoints', []), - supervisor.supervisor_id) + plugin_mgr.update_plugin_state( + plugin["plugin_id"], + plugin["version"], + plugin["state"], + plugin["endpoint"], + plugin.get("endpoints", []), + supervisor.supervisor_id, + ) except Exception as e: - _LOGGER.error(f'[publish] e={e}') - _LOGGER.warning(f'[publish] Failed update plugin.state:{plugin["state"]}') + _LOGGER.error(f"[publish] e={e}") + _LOGGER.warning( + f'[publish] Failed update plugin.state:{plugin["state"]}' + ) else: # There is no plugin_info supervisor = self._supervisor_mgr.create(params) return supervisor - @transaction(append_meta={'authorization.scope': 'DOMAIN'}) - @check_required(['supervisor_id', 'domain_id']) + @transaction() + @check_required(["supervisor_id", "domain_id"]) def register(self, params): - domain_id = params['domain_id'] - _LOGGER.debug(f'[register] params: {params}') + domain_id = params["domain_id"] + _LOGGER.debug(f"[register] params: {params}") # TODO: Should I validate supervisor_id? - return self._supervisor_mgr.register(params['supervisor_id'], domain_id) + return self._supervisor_mgr.register(params["supervisor_id"], domain_id) - @transaction(append_meta={'authorization.scope': 'DOMAIN'}) - @check_required(['supervisor_id', 'domain_id']) + @transaction() + @check_required(["supervisor_id", "domain_id"]) def update(self, params): - domain_id = params['domain_id'] - _LOGGER.debug(f'[update] params: {params}') + domain_id = params["domain_id"] + _LOGGER.debug(f"[update] params: {params}") # TODO: Should I validate supervisor_id? return self._supervisor_mgr.update(params) - @transaction(append_meta={'authorization.scope': 'DOMAIN'}) - @check_required(['supervisor_id', 'domain_id']) + @transaction() + @check_required(["supervisor_id", "domain_id"]) def deregister(self, params): - domain_id = params['domain_id'] + domain_id = params["domain_id"] _LOGGER.debug(f'[deregister] supervisor_id: {params["supervisor_id"]}') - self._supervisor_mgr.delete(params['supervisor_id'], domain_id) + self._supervisor_mgr.delete(params["supervisor_id"], domain_id) - @transaction(append_meta={'authorization.scope': 'DOMAIN'}) - @check_required(['supervisor_id', 'domain_id']) + @transaction() + @check_required(["supervisor_id", "domain_id"]) def enable(self, params): - domain_id = params['domain_id'] + domain_id = params["domain_id"] _LOGGER.debug(f'[enable] supervisor_id: {params["supervisor_id"]}') - return self._supervisor_mgr.enable(params['supervisor_id'], domain_id) + return self._supervisor_mgr.enable(params["supervisor_id"], domain_id) - @transaction(append_meta={'authorization.scope': 'DOMAIN'}) - @check_required(['supervisor_id', 'domain_id']) + @transaction() + @check_required(["supervisor_id", "domain_id"]) def disable(self, params): - domain_id = params['domain_id'] + domain_id = params["domain_id"] _LOGGER.debug(f'[disable] supervisor_id: {params["supervisor_id"]}') - return self._supervisor_mgr.disable(params['supervisor_id'], domain_id) + return self._supervisor_mgr.disable(params["supervisor_id"], domain_id) - @transaction(append_meta={'authorization.scope': 'DOMAIN'}) - @check_required(['supervisor_id', 'plugin_id', 'version', 'domain_id']) + @transaction() + @check_required(["supervisor_id", "plugin_id", "version", "domain_id"]) def recover_plugin(self, params): - """ Recover plugin if exist - """ - supervisor_id = params['supervisor_id'] - domain_id = params['domain_id'] + """Recover plugin if exist""" + supervisor_id = params["supervisor_id"] + domain_id = params["domain_id"] try: supervisor = self._get_supervisor_by_id(supervisor_id, domain_id) except Exception as e: - _LOGGER.info(f'[recover_plugin] No matched supervisor, \ - supervisor_id: {supervisor_id}, domain_id: {domain_id}') + _LOGGER.info( + f"[recover_plugin] No matched supervisor, \ + supervisor_id: {supervisor_id}, domain_id: {domain_id}" + ) raise ERROR_NOT_SUPPORT_RECOVER_PLUGIN(supervisor_id=supervisor_id) - plugin_id = params['plugin_id'] - version = params['version'] + plugin_id = params["plugin_id"] + version = params["version"] # Get plugin_info - plugin_mgr: PluginManager = self.locator.get_manager('PluginManager') + plugin_mgr: PluginManager = self.locator.get_manager("PluginManager") plugin_vo = plugin_mgr.get(supervisor_id, domain_id, plugin_id, version) @@ -133,32 +143,33 @@ def recover_plugin(self, params): plugin_vo = plugin_mgr.make_reprovision(supervisor_id, plugin_id, version) return plugin_vo - @transaction(append_meta={'authorization.scope': 'DOMAIN'}) - @check_required(['supervisor_id', 'domain_id']) + @transaction() + @check_required(["supervisor_id", "domain_id"]) def get(self, params): - """ Get PluginManager + """Get PluginManager Args: params: - supervisor_id - domain_id (from metadata) - - only (list) Returns: PluginManagerData """ - @transaction(append_meta={'authorization.scope': 'DOMAIN'}) - @check_required(['domain_id']) - @append_query_filter(['supervisor_id', 'name', 'is_public', 'hostname', 'domain_id']) - @append_keyword_filter(['supervisor_id', 'name', 'hostname']) + @transaction() + @check_required(["domain_id"]) + @append_query_filter( + ["supervisor_id", "name", "is_public", "hostname", "domain_id"] + ) + @append_keyword_filter(["supervisor_id", "name", "hostname"]) def list(self, params): - query = params.get('query', {}) + query = params.get("query", {}) return self._supervisor_mgr.list_supervisors(query) - @transaction(append_meta={'authorization.scope': 'DOMAIN'}) - @check_required(['query', 'domain_id']) - @append_query_filter(['domain_id']) - @append_keyword_filter(['supervisor_id', 'name', 'hostname']) + @transaction() + @check_required(["query", "domain_id"]) + @append_query_filter(["domain_id"]) + @append_keyword_filter(["supervisor_id", "name", "hostname"]) def stat(self, params): """ Args: @@ -172,93 +183,101 @@ def stat(self, params): """ - query = params.get('query', {}) + query = params.get("query", {}) return self._supervisor_mgr.stat_supervisors(query) - @transaction(append_meta={'authorization.scope': 'DOMAIN'}) - @check_required(['domain_id']) - @append_query_filter(['domain_id', 'supervisor_id', 'hostname', 'plugin_id', 'version', 'state', 'endpoint']) - @append_keyword_filter(['supervisor_id', 'hostname', 'plugin_id']) + @transaction() + @check_required(["domain_id"]) + @append_query_filter( + [ + "domain_id", + "supervisor_id", + "hostname", + "plugin_id", + "version", + "state", + "endpoint", + ] + ) + @append_keyword_filter(["supervisor_id", "hostname", "plugin_id"]) def list_plugins(self, params): """ Find all plugins at plugin_ref This function is usually called by Supervisor for sync plugins """ - query = params.get('query', {}) - plugin_ref_manager = self.locator.get_manager('PluginRefManager') + query = params.get("query", {}) + plugin_ref_manager = self.locator.get_manager("PluginRefManager") return plugin_ref_manager.list(query) - @transaction(append_meta={'authorization.scope': 'SYSTEM'}) - @check_required(['domain_id']) + @transaction() + @check_required(["domain_id"]) def cleanup_plugins(self, params): - """ cleanup unused plugins of domain - """ - domain_id = params['domain_id'] + """cleanup unused plugins of domain""" + domain_id = params["domain_id"] # Find plugins of last_get_endpoint now = datetime.utcnow() delta = timedelta(days=ELAPSED_DAYS) - diff = now-delta - plugin_mgr: PluginManager = self.locator.get_manager('PluginManager') - query = {'filter': - [ - {'k': 'endpoint_called_at', 'v': diff.isoformat(), 'o': 'datetime_lt'}, - {'k': 'domain_id', 'v': domain_id, 'o': 'eq'} - ] - } + diff = now - delta + plugin_mgr: PluginManager = self.locator.get_manager("PluginManager") + query = { + "filter": [ + {"k": "endpoint_called_at", "v": diff.isoformat(), "o": "datetime_lt"}, + {"k": "domain_id", "v": domain_id, "o": "eq"}, + ] + } (plugins, total_count) = plugin_mgr.list(query) for plugin in plugins: try: supervisor_id = plugin.supervisor_id plugin_id = plugin.plugin_id version = plugin.version - _LOGGER.debug(f'[cleanup_plugins] delete plugin: {supervisor_id}, {plugin_id}, {version}, {domain_id}') + _LOGGER.debug( + f"[cleanup_plugins] delete plugin: {supervisor_id}, {plugin_id}, {version}, {domain_id}" + ) plugin_mgr.delete(supervisor_id, plugin_id, version, domain_id) except Exception as e: - _LOGGER.error(f'[cleanup_plugins] failed to delete plugin: {plugin}\n{e}') + _LOGGER.error( + f"[cleanup_plugins] failed to delete plugin: {plugin}\n{e}" + ) - @transaction(append_meta={'authorization.scope': 'SYSTEM'}) + @transaction() @append_query_filter([]) def list_domains(self, params): - """ This is used by Scheduler + """This is used by Scheduler Returns: results (list) total_count (int) """ - mgr = self.locator.get_manager('IdentityManager') - query = params.get('query', {}) + mgr = self.locator.get_manager("IdentityManager") + query = params.get("query", {}) result = mgr.list_domains(query) return result def _get_supervisor_by_id(self, supervisor_id, domain_id): - """ Find Supervisor with supervisor_id + """Find Supervisor with supervisor_id Return may be Supervisor """ return self._supervisor_mgr.get_by_id(supervisor_id, domain_id) def _find_supervisor(self, supervisor_id, hostname, domain_id): - """ Return supervisor from supervisor - """ + """Return supervisor from supervisor""" try: - resp = self._supervisor_mgr.get_by_id_or_hostname(supervisor_id, hostname, domain_id) + resp = self._supervisor_mgr.get_by_id_or_hostname( + supervisor_id, hostname, domain_id + ) return resp except Exception as e: - _LOGGER.debug(f'[_find_supervisor] not found at supervisor, \ - supervisor_id: {supervisor_id}, domain_id: {domain_id}, {e}') + _LOGGER.debug( + f"[_find_supervisor] not found at supervisor, \ + supervisor_id: {supervisor_id}, domain_id: {domain_id}, {e}" + ) def _query_supervisor(supervisor_id, domain_id): return { - 'filter': [ - { - 'k': 'domain_id', - 'v': domain_id, - 'o': 'eq' - }, - { - 'k': 'supervisor_id', - 'v': supervisor_id, - 'o': 'eq' - } + "filter": [ + {"k": "domain_id", "v": domain_id, "o": "eq"}, + {"k": "supervisor_id", "v": supervisor_id, "o": "eq"}, ] } From 876f085c7cd36cb77e3d8cdb3b8a06f7904a2e1d Mon Sep 17 00:00:00 2001 From: ImMin5 Date: Mon, 18 Dec 2023 22:58:26 +0900 Subject: [PATCH 2/3] build: fix Dockerfile for SpaceONE 2.0 --- deploy/helm/Chart.yaml | 2 +- deploy/helm/config/config.yaml | 13 +++---------- pkg/pip_requirements.txt | 3 --- src/setup.py | 24 +++++++++--------------- 4 files changed, 13 insertions(+), 29 deletions(-) diff --git a/deploy/helm/Chart.yaml b/deploy/helm/Chart.yaml index 72f433b..7f4f0cf 100644 --- a/deploy/helm/Chart.yaml +++ b/deploy/helm/Chart.yaml @@ -4,7 +4,7 @@ description: SpaceONE plugin Helm chart for Kubernetes type: application -version: 1.3.9 +version: 1.3.10 appVersion: 1.x.y diff --git a/deploy/helm/config/config.yaml b/deploy/helm/config/config.yaml index 76be25a..c585f38 100644 --- a/deploy/helm/config/config.yaml +++ b/deploy/helm/config/config.yaml @@ -1,7 +1,7 @@ REMOTE_URL: -- file:///opt/spaceone/plugin/config/database.yaml -- file:///opt/spaceone/plugin/config/shared.yaml -- file:///opt/spaceone/plugin/config/application.yaml + - file:///opt/spaceone/plugin/config/database.yaml + - file:///opt/spaceone/plugin/config/shared.yaml + - file:///opt/spaceone/plugin/config/application.yaml GLOBAL: MAX_WORKERS: 1000 DATABASES: @@ -31,13 +31,6 @@ GLOBAL: file: type: file filename: /var/log/spaceone/plugin.log - HANDLERS: - authentication: - - backend: spaceone.core.handler.authentication_handler.AuthenticationGRPCHandler - uri: grpc://identity:50051/v1/Domain/get_public_key - authorization: - - backend: spaceone.core.handler.authorization_handler.AuthorizationGRPCHandler - uri: grpc://identity:50051/v1/Authorization/verify CONNECTORS: IdentityConnector: endpoint: diff --git a/pkg/pip_requirements.txt b/pkg/pip_requirements.txt index eceda43..93d4f63 100644 --- a/pkg/pip_requirements.txt +++ b/pkg/pip_requirements.txt @@ -1,4 +1 @@ spaceone-api -mongoengine -redis -python-consul diff --git a/src/setup.py b/src/setup.py index 9254289..fdf2b18 100644 --- a/src/setup.py +++ b/src/setup.py @@ -17,21 +17,15 @@ from setuptools import setup, find_packages setup( - name='spaceone-plugin', - version=os.environ.get('PACKAGE_VERSION'), - description='SpaceONE plugin service', - long_description='', - url='https://www.spaceone.dev/', - author='MEGAZONE SpaceONE Team', - author_email='admin@spaceone.dev', - license='Apache License 2.0', + name="spaceone-plugin", + version=os.environ.get("PACKAGE_VERSION"), + description="SpaceONE plugin service", + long_description="", + url="https://www.spaceone.dev/", + author="MEGAZONE SpaceONE Team", + author_email="admin@spaceone.dev", + license="Apache License 2.0", packages=find_packages(), - install_requires=[ - 'spaceone-core', - 'spaceone-api', - 'mongoengine', - 'redis', - 'python-consul' - ], + install_requires=["spaceone-api"], zip_safe=False, ) From 2ffa83d0c591c51304d2573c4974d493c062e68b Mon Sep 17 00:00:00 2001 From: ImMin5 Date: Mon, 18 Dec 2023 23:12:19 +0900 Subject: [PATCH 3/3] feat: add scope of transaction decorator in all methods --- src/spaceone/plugin/service/plugin_service.py | 2 ++ src/spaceone/plugin/service/supervisor_service.py | 2 ++ 2 files changed, 4 insertions(+) diff --git a/src/spaceone/plugin/service/plugin_service.py b/src/spaceone/plugin/service/plugin_service.py index f83426d..943aaa3 100644 --- a/src/spaceone/plugin/service/plugin_service.py +++ b/src/spaceone/plugin/service/plugin_service.py @@ -15,6 +15,8 @@ @mutation_handler @event_handler class PluginService(BaseService): + resource = "Plugin" + def __init__(self, metadata): super().__init__(metadata) self.supervisor_mgr: SupervisorManager = self.locator.get_manager( diff --git a/src/spaceone/plugin/service/supervisor_service.py b/src/spaceone/plugin/service/supervisor_service.py index 1735b01..b1c11d9 100644 --- a/src/spaceone/plugin/service/supervisor_service.py +++ b/src/spaceone/plugin/service/supervisor_service.py @@ -12,6 +12,8 @@ @event_handler class SupervisorService(BaseService): + resource = "Supervisor" + def __init__(self, metadata): super().__init__(metadata) self._supervisor_mgr: SupervisorManager = self.locator.get_manager(