theta42/deployments
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

testing

Browse Source
This commit is contained in:
William Mantly
2021-01-25 23:42:47 -05:00
parent 10d10079aa
commit e585683664
22 changed files with 3116 additions and 1268 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
nodejs/models/auth.js
View File

@ -22,6 +22,7 @@ Auth.login = async function(data){
return {user, token}
}catch(error){
console.log('login error', error);
throw this.errors.login();
}
};

281
nodejs/models/group_ldap.js
View File

@ -1,281 +0,0 @@
'use strict';
const { Client, Attribute, Change } = require('ldapts');
const conf = require('../app').conf.ldap;
const client = new Client({
url: conf.url,
});
async function getGroups(client, member){
try{
let memberFilter = member ? `(member=${member})`: ''
let groups = (await client.search(conf.groupBase, {
scope: 'sub',
filter: `(&(objectClass=groupOfNames)${memberFilter})`,
attributes: ['*', 'createTimestamp', 'modifyTimestamp'],
})).searchEntries;
return groups.map(function(group){
if(!Array.isArray(group.member)) group.member = [group.member];
if(!Array.isArray(group.owner)) group.owner = [group.owner];
return group
});
}catch(error){
throw error;
}
}
async function addGroup(client, data){
try{
await client.add(`cn=${data.name},${conf.groupBase}`, {
cn: data.name,
member: data.owner,
description: data.description,
owner: data.owner,
objectclass: [ 'groupOfNames', 'top' ]
});
return data;
}catch(error){
throw error;
}
}
async function addMember(client, group, user){
try{
await client.modify(group.dn, [
new Change({
operation: 'add',
modification: new Attribute({
type: 'member',
values: [user.dn]
})
}),
]);
}catch(error){
// if(error = "TypeOrValueExistsError"){
// console.error('addMember error skipped', error)
// return ;
// }
throw error;
}
}
async function removeMember(client, group, user){
try{
await client.modify(group.dn, [
new Change({
operation: 'delete',
modification: new Attribute({
type: 'member',
values: [user.dn]
})}),
]);
}catch(error){
if(error = "TypeOrValueExistsError")return ;
throw error;
}
}
async function addOwner(client, group, user){
try{
await client.modify(group.dn, [
new Change({
operation: 'add',
modification: new Attribute({
type: 'owner',
values: [user.dn]
})
}),
]);
}catch(error){
// if(error = "TypeOrValueExistsError"){
// console.error('addMember error skipped', error)
// return ;
// }
throw error;
}
}
async function removeOwner(client, group, user){
try{
await client.modify(group.dn, [
new Change({
operation: 'delete',
modification: new Attribute({
type: 'owner',
values: [user.dn]
})}),
]);
}catch(error){
if(error = "TypeOrValueExistsError")return ;
throw error;
}
}
var Group = {};
Group.list = async function(member){
try{
await client.bind(conf.bindDN, conf.bindPassword);
let groups = await getGroups(client, member)
await client.unbind();
return groups.map(group => group.cn);
}catch(error){
throw error;
}
}
Group.listDetail = async function(member){
try{
await client.bind(conf.bindDN, conf.bindPassword);
let groups = await getGroups(client, member)
await client.unbind();
return groups;
}catch(error){
throw error;
}
}
Group.get = async function(data){
try{
if(typeof data !== 'object'){
let name = data;
data = {};
data.name = name;
}
await client.bind(conf.bindDN, conf.bindPassword);
let group = (await client.search(conf.groupBase, {
scope: 'sub',
filter: `(&(objectClass=groupOfNames)(cn=${data.name}))`,
attributes: ['*', 'createTimestamp', 'modifyTimestamp'],
})).searchEntries[0];
await client.unbind();
if(!Array.isArray(group.member)) group.member = [group.member];
if(!Array.isArray(group.owner)) group.owner = [group.owner];
if(group){
let obj = Object.create(this);
Object.assign(obj, group);
return obj;
}else{
let error = new Error('GroupNotFound');
error.name = 'GroupNotFound';
error.message = `LDAP:${data.cn} does not exists`;
error.status = 404;
throw error;
}
}catch(error){
throw error;
}
}
Group.add = async function(data){
try{
await client.bind(conf.bindDN, conf.bindPassword);
await addGroup(client, data);
await client.unbind();
return this.get(data);
}catch(error){
throw error;
}
}
Group.addMember = async function(user){
try{
await client.bind(conf.bindDN, conf.bindPassword);
await addMember(client, this, user);
await client.unbind();
return this;
}catch(error){
throw error;
}
};
Group.removeMember = async function(user){
try{
await client.bind(conf.bindDN, conf.bindPassword);
await removeMember(client, this, user);
await client.unbind();
return this;
}catch(error){
throw error;
}
};
Group.addOwner = async function(user){
try{
await client.bind(conf.bindDN, conf.bindPassword);
await addOwner(client, this, user);
await client.unbind();
return this;
}catch(error){
throw error;
}
};
Group.removeOwner = async function(user){
try{
await client.bind(conf.bindDN, conf.bindPassword);
await removeOwner(client, this, user);
await client.unbind();
return this;
}catch(error){
throw error;
}
};
Group.remove = async function(){
try{
await client.bind(conf.bindDN, conf.bindPassword);
await client.del(this.dn);
await client.unbind();
return true;
}catch(error){
throw error;
}
}
module.exports = {Group};

258
nodejs/models/repo.js Normal file
View File

@ -0,0 +1,258 @@
'use strict';
const {promisify} = require('util');
const forge = require('node-forge');
const Table = require('../utils/redis_model');
var rasGenerate = promisify(forge.pki.rsa.generateKeyPair);
async function generateOpenSshPair(keySize){
keySize = keySize || 2048;
let keyPair = await rasGenerate({bits: keySize});
return {
publicKey: forge.ssh.publicKeyToOpenSSH(keyPair.publicKey),
privateKey: forge.ssh.privateKeyToOpenSSH(keyPair.privateKey)
};
};
const UUID = function b(a){return a?(a^Math.random()*16>>a/4).toString(16):([1e7]+-1e3+-4e3+-8e3+-1e11).replace(/[018]/g,b)};
class Repo extends Table{
static _key = 'repo'
static _keyMap = {
'created_by': {isRequired: true, type: 'string', min: 3, max: 500},
'created_on': {default: function(){return (new Date).getTime()}},
'updated_by': {default:"__NONE__", isRequired: false, type: 'string',},
'updated_on': {default: function(){return (new Date).getTime()}, always: true},
'repo': {isRequired: true, type: 'string', min: 3, max: 500},
'hookCallCount': {default: 0, type: 'number'},
'scriptsPath': {default:'scripts', type: 'string'},
'settings': {default: {}, type:'object'},
'secrets': {default: {}, type: 'object', min: 3, max: 500},
'privateKey': {type: 'string'},
'publicKey': {type: 'string'},
}
constructor(...args){
super(...args);
}
static async add(data){
return super.add({...data, ...(await generateOpenSshPair(2048))})
}
async getEnvironments(){
let environments = await Environment.list();
let out = [];
for(let environment of environments){
if(environment.startsWith(this.repo)){
environment = await Environment.get(environment);
environment.repo = this;
out.push(environment)
}
}
return out;
}
async getEnvironmentsbyBranch(branch){
let list = await this.getEnvironments();
let any;
for(let key of list){
if(branch === key.branchMatch) return key;
if(key.branchMatch === '*') any = key;
}
return any;
}
async getDeploymentsbyBranch(branch, state){
let environment = await this.getEnvironmentsbyBranch(branch);
let deployments = await Deployment.list();
let out = []
for(let deployment of deployments){
if(deployment.startsWith(`${this.repo}_${environment.environment}`)){
deployment = await Deployment.get(deployment);
deployment.environment = environment;
deployment.target = await Target.get(environment.target);
out.push(deployment)
if(state && deployment.state === state){
}
}
}
return out;
}
}
class Environment extends Table{
static _key = 'repo_env'
static _keyMap = {
'created_by': {isRequired: true, type: 'string', min: 3, max: 500},
'created_on': {default: function(){return (new Date).getTime()}},
'updated_by': {default:"__NONE__", isRequired: false, type: 'string',},
'updated_on': {default: function(){return (new Date).getTime()}, always: true},
'repo_env': {isRequired: true, type: 'string', min: 3, max: 500},
'repo': {type: 'string', min: 3, max: 500},
'environment': {isRequired: true, type: 'string', min: 3, max: 500},
'branchMatch': {isRequired: true, type: 'string', min: 1, max: 500},
'target': {isRequired: true, type: 'string', min: 3, max: 500},
'settings': {default: {}, type: 'object', min: 3, max: 500},
'secrets': {default: {}, type: 'object', min: 3, max: 500},
'hookCallCount': {default: 0, type: 'number'},
'lastCommit': {default:"__NONE__", isRequired: false, type: 'string'},
'workingPath': {default: '/opt/datacom', type: 'string'},
'domain': {isRequired: true, type: 'string'},
}
static async add(data){
try{
await Repo.get(data.repo);
await Target.get(data.target);
data.repo_env = `${data.repo}_${data.environment}`
return await super.add(data);
}catch(error){
throw error;
}
};
async addDeployment(data){
try{
data = data || {}
data.created_by = data.uid || this.created_by;
data.repo = this.repo.repo || this.repo;
data.environment = this.environment;
data.id = UUID().split('-').reverse()[0]
data.repo_env_id = `${data.repo}_${data.environment}_${data.id}`
let deployment = await Deployment.add(data);
deployment.target = await Target.get(this.target)
deployment.environment = this;
return deployment;
}catch(error){
throw error;
}
};
}
class Deployment extends Table{
static _key = 'repo_env_id'
static _keyMap = {
'created_by': {isRequired: true, type: 'string', min: 3, max: 500},
'created_on': {default: function(){return (new Date).getTime()}},
'updated_by': {default:"__NONE__", isRequired: false, type: 'string',},
'updated_on': {default: function(){return (new Date).getTime()}, always: true},
'id': {type: 'string', min: 12, max: 12},
'repo_env_id': {isRequired: true, type: 'string', min: 3, max: 500},
'repo': {type: 'string', min: 3, max: 500},
'environment': {isRequired: true, type: 'string', min: 3, max: 500},
'state': {default: 'new', type: 'string', min: 3, max: 500},
'isActive': {default: true, type: 'boolean',},
'target_url': {default:"__NONE__", isRequired: false, type: 'string'},
}
}
class Target extends Table{
static _key = 'name'
static _keyMap = {
'created_by': {isRequired: true, type: 'string', min: 3, max: 500},
'created_on': {default: function(){return (new Date).getTime()}},
'updated_by': {default:"__NONE__", isRequired: false, type: 'string',},
'updated_on': {default: function(){return (new Date).getTime()}, always: true},
'name': {isRequired: true, type: 'string', min: 2, max: 500},
'type': {isRequired: true, type: 'string', min: 1, max: 36},
'settings': {default: {}, type: 'object', min: 3, max: 500},
}
}
module.exports = {Repo, Environment, Deployment, Target};
(async function(){try{
// // console.log(await Repo.list())
// // To ssh://git.theta42.com:2222/wmantly/static-test.git
// let lxc_starting = await Target.add({
// created_by: 'wmantly',
// name: 'lxc_starting',
// type: 'LXC',
// settings: {
// user:'virt-service',
// host:'142.93.30.52',
// keyPath:'/home/william/.ssh/id_rsa_virt-service'
// }
// });
// var repo = await Repo.add({
// created_by: 'wmantly',
// repo: 'wmantly/static-test',
// })
// var environment = await Environment.add({
// created_by: 'wmantly',
// environment: 'staging',
// branchMatch: '*',
// repo: 'wmantly/static-test',
// domain: 'test.dc.vm42.us',
// target: 'lxc_starting'
// })
let environment = await Environment.get('wmantly/static-test_staging')
await environment.update({'domain': '*.dc.vm42.us'})
// // console.log(test)
// // console.log(await Environment.listDetail())
// // let repo = await Repo.get('wmantly/test2')
// // console.log(repo)
// // repo.update({hookCallCount: 5});
// // let envs = await repo.getEnvironments();
// // let env = await repo.getEnvironmentsbyBranch('staging');
// // let deployment = await env.addDeployment()
// // console.log('deployment', deployment)
// // let deployments = await repo.getDeploymentsbyBranch('staging')
// // console.log('deployments', deployments)
// // console.log('deployments', await Deployment.listDetail())
// console.log('repo', await Repo.listDetail())
// console.log('environment', await Environment.listDetail())
// for(let d of await Deployment.listDetail()){
// console.log('to remove', d)
// await d.remove()
// }
// console.log('deployment', await Deployment.listDetail())
// console.log('blah')
// let repo = await Repo.get('wmantly/static-test');
// // let environment = await repo.getEnvironmentsbyBranch('master')
// // console.log('environment', environment)
// let deployment = await repo.getDeploymentsbyBranch('master')
// console.log('deployments', deployment)
// return 0;
}catch(error){
console.error('IIFE error', error, error.message);
}})()

55
nodejs/models/test Normal file
View File

@ -0,0 +1,55 @@
var that
class Base{
static add(){
}
constructor(){
}
blah(){
that = this
}
}
class Ex extends Base{
static thingy = {a:1, b:2}
constructor(){
super()
}
}
Repo.byBranch = async function(repo){
let list = await Environment.list();
let out = [];
for(let key of list){
if(key.startsWith((repo || this.repo))) out.push(await Environment.get(key))
}
return out;
}
Environment.addDeployment = async function(data){
try{
data.repo = this.repo;
data.environment = this.environment;
data.id = UUID().split('-').reverse()[0]
data.repo_env = `${data.repo}_${data.environment}_${data.id}`
return await Deployment.__proto__.add.call(Environment, data);
}catch(error){
throw error;
}
};
module.exports = {Repo, Environment, Deployment, Target};
*/

77
nodejs/models/token.js
View File

@ -1,71 +1,28 @@
'use strict';
const redis_model = require('../utils/redis_model')
const Table = require('../utils/redis_model')
const UUID = function b(a){return a?(a^Math.random()*16>>a/4).toString(16):([1e7]+-1e3+-4e3+-8e3+-1e11).replace(/[018]/g,b)};
class Token extends Table{
static _key = 'token'
static _keyMap = {
'created_by': {isRequired: true, type: 'string', min: 3, max: 500},
'created_on': {default: function(){return (new Date).getTime()}},
'updated_on': {default: function(){return (new Date).getTime()}, always: true},
'token': {default: UUID, type: 'string', min: 36, max: 36},
'is_valid': {default: true, type: 'boolean'}
}
const Token = function(data){
return redis_model({
_name: `token_${data.name}`,
_key: 'token',
_keyMap: Object.assign({}, {
'created_by': {isRequired: true, type: 'string', min: 3, max: 500},
'created_on': {default: function(){return (new Date).getTime()}},
'updated_on': {default: function(){return (new Date).getTime()}, always: true},
'token': {default: UUID, type: 'string', min: 36, max: 36},
'is_valid': {default: true, type: 'boolean'}
}, data.keyMap || {})
});
};
Token.check = async function(data){
try{
return this.is_valid;
}catch(error){
return false
async check(){
return this.is_valid
}
}
var InviteToken = Object.create(Token({
name: 'invite',
keyMap:{
claimed_by: {default:"__NONE__", isRequired: false, type: 'string',},
mail: {default:"__NONE__", isRequired: false, type: 'string',},
mail_token: {default: UUID, type: 'string', min: 36, max: 36},
}
}));
InviteToken.consume = async function(data){
try{
if(this.is_valid){
data['is_valid'] = false;
await this.update(data);
return true;
}
return false;
}catch(error){
throw error;
class AuthToken extends Token{
static async add(data){
data.created_by = data.created_by || data.uid;
return await super.add(data)
}
}
var AuthToken = Object.create(Token({
name: 'auth',
}));
AuthToken.add = async function(data){
data.created_by = data.uid;
return AuthToken.__proto__.add(data);
};
var PasswordResetToken = Object.create(Token({
name: 'auth',
}));
PasswordResetToken.add = async function(data){
data.created_by = data.uid;
return PasswordResetToken.__proto__.add(data);
};
module.exports = {Token, InviteToken, AuthToken, PasswordResetToken};
module.exports = {Token, AuthToken};

299
nodejs/models/user_ldap.js
View File

@ -1,116 +1,12 @@
'use strict';
const { Client, Attribute, Change } = require('ldapts');
const crypto = require('crypto');
const {Mail} = require('./email');
const {Token, InviteToken, PasswordResetToken} = require('./token');
const {Client, Attribute} = require('ldapts');
const conf = require('../app').conf.ldap;
const client = new Client({
url: conf.url,
});
async function addPosixGroup(client, data){
try{
const groups = (await client.search(conf.groupBase, {
scope: 'sub',
filter: '(&(objectClass=posixGroup))',
})).searchEntries;
data.gidNumber = (Math.max(...groups.map(i => i.gidNumber))+1)+'';
await client.add(`cn=${data.cn},${conf.groupBase}`, {
cn: data.cn,
gidNumber: data.gidNumber,
objectclass: [ 'posixGroup', 'top' ]
});
return data;
}catch(error){
throw error;
}
}
async function addPosixAccount(client, data){
try{
const people = (await client.search(conf.userBase, {
scope: 'sub',
filter: conf.userFilter,
})).searchEntries;
data.uidNumber = (Math.max(...people.map(i => i.uidNumber))+1)+'';
await client.add(`cn=${data.cn},${conf.userBase}`, {
cn: data.cn,
sn: data.sn,
uid: data.uid,
uidNumber: data.uidNumber,
gidNumber: data.gidNumber,
givenName: data.givenName,
mail: data.mail,
mobile: data.mobile,
loginShell: data.loginShell,
homeDirectory: data.homeDirectory,
userPassword: data.userPassword,
description: data.description || ' ',
sudoHost: 'ALL',
sudoCommand: 'ALL',
sudoUser: data.uid,
sshPublicKey: data.sshPublicKey,
objectclass: ['inetOrgPerson', 'sudoRole', 'ldapPublicKey', 'posixAccount', 'top' ]
});
return data
}catch(error){
throw error;
}
}
async function addLdapUser(client, data){
var group;
try{
data.uid = `${data.givenName[0]}${data.sn}`.toLowerCase();
data.cn = data.uid;
data.loginShell = '/bin/bash';
data.homeDirectory= `/home/${data.uid}`;
data.userPassword = '{MD5}'+crypto.createHash('md5').update(data.userPassword, "binary").digest('base64');
group = await addPosixGroup(client, data);
data = await addPosixAccount(client, group);
return data;
}catch(error){
await deleteLdapDN(client, `cn=${data.uid},${conf.groupBase}`, true);
throw error;
}
}
async function deleteLdapUser(client, data){
try{
await client.del(`cn=${data.cn},${conf.groupBase}`);
await client.del(data.dn);
}catch(error){
throw error;
}
}
async function deleteLdapDN(client, dn, ignoreError){
try{
client.del(dn)
}catch(error){
if(!ignoreError) throw error;
console.error('ERROR: deleteLdapDN', error)
}
}
const user_parse = function(data){
if(data[conf.userNameAttribute]){
data.username = data[conf.userNameAttribute]
@ -225,200 +121,11 @@ User.exists = async function(data, key){
}
};
User.add = async function(data) {
try{
await client.bind(conf.bindDN, conf.bindPassword);
await addLdapUser(client, data);
await client.unbind();
let user = await this.get(data.uid);
await Mail.sendTemplate(
user.mail,
'welcome',
{
user: user
}
)
return user;
}catch(error){
if(error.message.includes('exists')){
let error = new Error('UserNameUsed');
error.name = 'UserNameUsed';
error.message = `LDAP:${data.uid} already exists`;
error.status = 409;
throw error;
}
throw error;
}
};
User.update = async function(data){
try{
let editableFeilds = ['mobile', 'sshPublicKey', 'description'];
await client.bind(conf.bindDN, conf.bindPassword);
for(let field of editableFeilds){
if(data[field]){
await client.modify(this.dn, [
new Change({
operation: 'replace',
modification: new Attribute({
type: field,
values: [data[field]]
})
}),
]);
}
}
await client.unbind()
return this;
}catch(error){
throw error;
}
};
User.addByInvite = async function(data){
try{
let token = await InviteToken.get(data.token);
if(!token.is_valid && data.mailToken !== token.mail_token){
let error = new Error('Token Invalid');
error.name = 'Token Invalid';
error.message = `Token is not valid or as allready been used. ${data.token}`;
error.status = 401;
throw error;
}
data.mail = token.mail;
let user = await this.add(data);
if(user){
await token.consume({claimed_by: user.uid});
return user;
}
}catch(error){
throw error;
}
};
User.verifyEmail = async function(data){
try{
let exists = await this.exists(data.mail, 'mail');
if(exists) throw new Error('EmailInUse');
let token = await InviteToken.get(data.token);
await token.update({mail: data.mail})
await Mail.sendTemplate(
data.mail,
'validate_link',
{
link:`${data.url}/login/invite/${token.token}/${token.mail_token}`
}
)
return this;
}catch(error){
throw error;
}
};
User.passwordReset = async function(url, mail){
try{
let user = await User.get({
searchKey: 'mail',
searchValue: mail
});
let token = await PasswordResetToken.add(user);
await Mail.sendTemplate(
user.mail,
'reset_link',
{
user: user,
link:`${url}/login/resetpassword/${token.token}`
}
)
return true;
}catch(error){
// if(error.name === 'UserNotFound') return false;
throw error;
}
};
User.remove = async function(data){
try{
await client.bind(conf.bindDN, conf.bindPassword);
await deleteLdapUser(client, this);
await client.unbind();
return true;
}catch(error){
throw error;
}
};
User.setPassword = async function(data){
try{
await client.bind(conf.bindDN, conf.bindPassword);
await client.modify(this.dn, [
new Change({
operation: 'replace',
modification: new Attribute({
type: 'userPassword',
values: ['{MD5}'+crypto.createHash('md5').update(data.userPassword, "binary").digest('base64')]
})}),
]);
await client.unbind();
return this;
}catch(error){
throw error;
}
};
User.invite = async function(){
try{
let token = await InviteToken.add({created_by: this.uid});
return token;
}catch(error){
throw error;
}
};
User.login = async function(data){
try{
let user = await this.get(data.uid);
await client.bind(user.dn, data.password);
await client.unbind();