Commit on '2024-05-22 17:09:08'

Author: mlophez

cmd/main.go

@@ -6,8 +6,9 @@ import (
 	"errors"
 	"gitbot/internal/config"
 	"gitbot/internal/event"
-
 	"gitbot/internal/event/provider"
+	"gitbot/internal/event/queue"
+	"gitbot/internal/event/worker"
 
 	"log/slog"
 	"net/http"
@@ -46,23 +47,32 @@ func NewKubernetes() *kubernetes.Clientset {
 	return clientset
 }
 
+type Server struct {
+}
+
 func main() {
 	// Configure log
 	slog.SetDefault(slog.New(slog.NewJSONHandler(os.Stdout, nil)))
 
+	// Load config
+	//config := config.Load(config.Get("CONFIG_FILE"))
+
 	// Configure kubernetes
-	clientset := NewKubernetes()
+	//clientset := NewKubernetes()
 
 	// Configure webhook queue
-	queue := event.NewMemoryQueue()
+	queue := queue.NewMemoryQueue[event.QueueItem]()
+	worker := worker.NewWorker(queue)
 
-	// New Router for Http Server
+	// Handlers
+	bitbucketProvider := provider.NewBitbucketProvider(config.Get("BITBUCKET_BEARER_TOKEN"))
+	bitbucketHandler := event.NewHandler(queue, bitbucketProvider)
+
+	// Routes
 	router := http.NewServeMux()
-	router.HandleFunc("GET /status", status)
 
-	// Setup Git Providers Routes
-	bitbucket := provider.NewBitbucketProvider(config.Get("BITBUCKET_BEARER_TOKEN"))
-	router.HandleFunc("POST /api/v1/webhook/bitbucket", event.Handle(queue, bitbucket))
+	router.HandleFunc("GET /status", status)
+	router.HandleFunc("POST /api/v1/webhook/bitbucket", bitbucketHandler.Handle())
 
 	// Starting Http Server
 	srv := &http.Server{Addr: ":" + config.Get("HTTP_PORT"), Handler: router}
@@ -77,7 +87,7 @@ func main() {
 	}()
 
 	// Start Event Queue Worker
-	StopWorker := event.StartWorker(queue, clientset)
+	go worker.Start()
 
 	// Wait for shutdown signal
 	done := make(chan os.Signal, 1)
@@ -96,7 +106,7 @@ func main() {
 
 	// Stop event queue worker
 	slog.Info("Shutdown event queue...")
-	StopWorker(ctx)
+	worker.Stop(ctx)
 
 	slog.Info("Server Stopped...")
 	time.Sleep(3 * time.Second)

config.yaml

@@ -0,0 +1,21 @@
+---
+clusters:
+  - name: prod
+    inside: https://F014FC5DAE0A9C41F698C9375CC5DB7D.gr7.eu-south-2.eks.amazonaws.com
+    auth_type: serviceaccount
+  - name: demo
+    inside: https://F014FC5DAE0A9C41F698C9375CC5DB7D.gr7.eu-south-2.eks.amazonaws.com
+    auth_type: aws
+    aws_role: arn:aws:iam::<account_id>:role/<role_name>
+security:
+  groups:
+    - name: testing
+      users:
+        - [email protected]
+  rules:
+    - repository: https://bitbucket.org/firmapro/kubernetes.git
+      filepattern: ["overlays/test/**", ""]
+      action: ["lock", "unlock"]
+      group: ["testing"]
+      user:
+        - [email protected]

internal/app/module.go internal/app/manager.gointernal/app/module.go renamed to internal/app/manager.go

@@ -4,6 +4,7 @@ import (
 	"os"
 
 	"github.com/joho/godotenv"
+	//"gopkg.in/yaml.v3"
 )
 
 func init() {
@@ -13,6 +14,40 @@ func init() {
 	}
 }
 
+//func Get(key string, def ...string) string {
+//	return os.Getenv(key)
+//}
+
 func Get(key string) string {
 	return os.Getenv(key)
 }
+
+// func Load(filepath string) *Config {
+// 	//err := godotenv.Load("env.ini")
+// 	//if err != nil {
+// 	//	panic("Error loading .env file")
+// 	//}
+//
+// 	data, err := os.ReadFile(filepath)
+// 	if err != nil {
+// 		panic(err)
+// 	}
+//
+// 	var configfile iYamlConfigFile
+// 	err = yaml.Unmarshal(data, &configfile)
+// 	if err != nil {
+// 		panic(err)
+// 	}
+//
+// 	// validate
+// 	if err := configfile.validate(); err != nil {
+// 		panic(err)
+// 	}
+//
+// 	// Get security rules from configfile
+// 	sg := configfile.seRules()
+//
+// 	return &Config{
+// 		SecurityRules: sg,
+// 	}
+// }

internal/config/config.go

@@ -0,0 +1,39 @@
+package config
+
+import (
+	"os"
+
+	"gopkg.in/yaml.v3"
+)
+
+type ConfigManager struct{}
+
+func Load(filepath string) *Config {
+	//err := godotenv.Load("env.ini")
+	//if err != nil {
+	//	panic("Error loading .env file")
+	//}
+
+	data, err := os.ReadFile(filepath)
+	if err != nil {
+		panic(err)
+	}
+
+	var configfile iYamlConfigFile
+	err = yaml.Unmarshal(data, &configfile)
+	if err != nil {
+		panic(err)
+	}
+
+	// validate
+	if err := configfile.validate(); err != nil {
+		panic(err)
+	}
+
+	// Get security rules from configfile
+	sg := configfile.seRules()
+
+	return &Config{
+		SecurityRules: sg,
+	}
+}

internal/config/file/manager.go

@@ -0,0 +1,28 @@
+package config
+
+func (c iYamlConfigFile) seRules() []SecurityRule {
+	var result []SecurityRule
+
+	for _, r := range c.Security.Rules {
+		// Add users from group to userlist
+		userList := r.UserList
+		for _, group := range r.GroupList {
+			for _, g := range c.Security.Groups {
+				if group != g.Name {
+					continue
+				}
+				userList = append(userList, g.Users...)
+			}
+		}
+
+		// create final securityrule
+		result = append(result, SecurityRule{
+			Repository:      r.Respository,
+			FilePatternList: r.FilePatternList,
+			ActionList:      r.ActionList,
+			UserList:        userList,
+		})
+	}
+
+	return result
+}

internal/config/file/mapper.go

@@ -0,0 +1,17 @@
+package config
+
+type iYamlConfigFile struct {
+	Security struct {
+		Groups []struct {
+			Name  string   `yaml:"name"`
+			Users []string `yaml:"users"`
+		} `yaml:"groups"`
+		Rules []struct {
+			Respository     string   `yaml:"repository"`
+			FilePatternList []string `yaml:"filepattern"`
+			ActionList      []string `yaml:"action"`
+			GroupList       []string `yaml:"group"`
+			UserList        []string `yaml:"user"`
+		} `yaml:"rules"`
+	} `yaml:"security"`
+}

internal/config/file/types.go

@@ -0,0 +1,80 @@
+package config
+
+import "fmt"
+
+func (c iYamlConfigFile) validate() error {
+
+	// Group has any user
+	if err := c.hasEmptyGroup(); err != nil {
+		return err
+	}
+
+	// Group in rule exists
+	if err := c.hasRuleGroupThatExists(); err != nil {
+		return err
+	}
+
+	// Check Actions lock, unlock
+	if err := c.hasRuleCorrectActions(); err != nil {
+		return err
+	}
+
+	if err := c.hasRuleFieldEmpty(); err != nil {
+		return err
+	}
+
+	return nil
+}
+
+func (c iYamlConfigFile) hasEmptyGroup() error {
+	for _, g := range c.Security.Groups {
+		if len(g.Users) == 0 {
+			return fmt.Errorf("Group '%s' is empty", g.Name)
+		}
+	}
+
+	return nil
+}
+
+func (c iYamlConfigFile) hasRuleGroupThatExists() error {
+	for _, rule := range c.Security.Rules {
+		for _, group := range rule.GroupList {
+			exists := false
+			for _, g := range c.Security.Groups {
+				if g.Name == group {
+					exists = true
+				}
+			}
+			if !exists {
+				return fmt.Errorf("The group '%s' do not exists in config", group)
+			}
+		}
+	}
+	return nil
+}
+
+func (c iYamlConfigFile) hasRuleCorrectActions() error {
+	for _, rule := range c.Security.Rules {
+		for _, action := range rule.ActionList {
+			if !(action == "lock" || action == "unlock") {
+				return fmt.Errorf("The action '%s' is not valid", action)
+			}
+		}
+	}
+	return nil
+}
+
+func (c iYamlConfigFile) hasRuleFieldEmpty() error {
+	for _, rule := range c.Security.Rules {
+		if len(rule.ActionList) == 0 {
+			return fmt.Errorf("The field action is empty")
+		}
+		if len(rule.FilePatternList) == 0 {
+			return fmt.Errorf("The field filepattern is empty")
+		}
+		if len(rule.UserList)+len(rule.GroupList) == 0 {
+			return fmt.Errorf("The rule dont have any user associate")
+		}
+	}
+	return nil
+}

internal/config/file/validate.go

@@ -0,0 +1,7 @@
+package config
+
+import "testing"
+
+func TestConfigFile(t *testing.T) {
+	Load("../../config.yaml")
+}