V9.1.0 - writable metadata service

ComputeStacks · Nov 29, 2023 · 0d3c348 · 0d3c348
1 parent e2e4536
commit 0d3c348
Show file tree

Hide file tree

Showing 8 changed files with 93 additions and 7 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,14 @@
 # Change Log
 
+## v9.1.0
+
+* [FEATURE] Introduced a new writable metadata endpoint `/db/` to allow for custom images to pass data back to ComputeStack Engines.
+* [FEATURE] Added `docker_init` to container images. See [docker run --init](https://docs.docker.com/engine/reference/run/#specify-an-init-process) for more details.
+* [CHANGE] The container image used for the bastion container can now be set in the admin settings.
+* [CHANGE] Add secure cookies to HAProxy for SSL frontends. (`SERVERID` used for session stick)
+
+***
+
 ## v9.0.1
 
 * [CHANGE] Allow customization of ShmSize (Admin only).

diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-9.0.1
+9.1.0
diff --git a/app/controllers/api/container_services/power_controller.rb b/app/controllers/api/container_services/power_controller.rb
@@ -5,7 +5,7 @@ class Api::ContainerServices::PowerController < Api::ContainerServices::BaseCont
   ##
   # Perform a power action on all containers belonging to a service
   #
-  # `POST /api/container_services/{container-service-id}/power/{action}`
+  # `PUT /api/container_services/{container-service-id}/power/{action}`
   #
   # **OAuth AuthorizationRequired**: `projects_write`
   #

diff --git a/app/services/metadata_services.rb b/app/services/metadata_services.rb
@@ -0,0 +1 @@
+module MetadataServices; end
diff --git a/app/services/metadata_services/load_writable_service.rb b/app/services/metadata_services/load_writable_service.rb
@@ -0,0 +1,50 @@
+module MetadataServices
+  ##
+  # Clients are given write access to `db/` on the metadata service. Load that and parse
+  class LoadWritableService
+
+    attr_reader :service
+
+    # @param [Deployment::ContainerService] service
+    def initialize(service)
+      @service = service
+    end
+
+    def all
+      Diplomat::Kv.get_all("#{consul_base_path}", consul_config)
+    end
+
+    # @param [String] path "modules/database"
+    def get(path)
+      Diplomat::Kv.get("#{consul_base_path}/#{path}", consul_config)
+    end
+
+    # @param [String] path "modules/database"
+    def get_json(path)
+      Oj.load get(path)
+    rescue JSON::ParserError
+      nil
+    end
+
+    protected
+
+    def consul_base_path
+      "projects/#{@service.deployment.token}/db"
+    end
+
+    def consul_config
+      return {} if Rails.env.test? # for test, we dont want any config here!
+      return {} if @service.nodes.online.empty?
+      dc = @service.region.nil? ? @service.nodes.online.first.region.name.strip.downcase : @service.region.name.strip.downcase
+      token = @service.region.nil? ? @service.nodes.online.first.region.consul_token : @service.region.consul_token
+      return {} if token.blank?
+      consul_ip = @service.nodes.online.first.primary_ip
+      {
+        http_addr: Diplomat.configuration.options.empty? ? "http://#{consul_ip}:8500" : "https://#{consul_ip}:8501",
+        dc: dc.blank? ? nil : dc,
+        token: token
+      }
+    end
+
+  end
+end
diff --git a/app/views/admin/deployments/index/_filter.html.erb b/app/views/admin/deployments/index/_filter.html.erb
@@ -37,11 +37,11 @@
               <input type="text" name="disk_usage" class="form-control" <%= params[:disk_usage].to_i.zero? ? '' : %Q(value=#{params[:disk_usage].to_i}) %> placeholder="0 GB">
               <span class="help-block">Container disk usage, excluding volumes</span>
             </div>
-            <div class="col-md-8 col-xs-12">
-              <label>CREATED BETWEEN</label>
-              <input type="text" name="created_between" class="datetimefilter form-control" value="<%= params[:created_between] %>" />
-              <span class="help-block">Filter by the date the project was created</span>
-            </div>
+<!--            <div class="col-md-8 col-xs-12">-->
+<!--              <label>CREATED BETWEEN</label>-->
+<!--              <input type="text" name="created_between" class="datetimefilter form-control" value="<%#= params[:created_between] %>" />-->
+<!--              <span class="help-block">Filter by the date the project was created</span>-->
+<!--            </div>-->
           </div>
         </div>
         <div class="panel-footer text-right">

diff --git a/db/migrate/20230919001324_update_consul_auth.rb b/db/migrate/20230919001324_update_consul_auth.rb
@@ -0,0 +1,21 @@
+class UpdateConsulAuth < ActiveRecord::Migration[7.0]
+  def change
+
+    ##
+    # Ensure we have the new bastion config loaded
+    Setting.computestacks_bastion_image
+
+    ##
+    # Add write permission to all existing keys
+    Deployment.all.each do |project|
+      d = {
+        'ID' => project.consul_policy_id,
+        'Name' => "proj-#{project.token}",
+        'Description' => "MetaData Policy for Project #{project.name}",
+        'Rules' => %Q(key_prefix "projects/#{project.token}/" { policy = "read" } key_prefix "projects/#{project.token}/db/" { policy = "write" })
+      }
+      Diplomat::Policy.update d, project.region.consul_config
+    end
+
+  end
+end
diff --git a/db/migrate/20230921015955_add_init_to_container_images.rb b/db/migrate/20230921015955_add_init_to_container_images.rb
@@ -0,0 +1,5 @@
+class AddInitToContainerImages < ActiveRecord::Migration[7.0]
+  def change
+    add_column :container_images, :docker_init, :boolean, default: false, null: false
+  end
+end