fix: application api

Signed-off-by: hongming <talonwan@yunify.com>
2019-05-14 16:03:10 +08:00
parent 4c111533b1
commit 4ae7d3256e
11 changed files with 267 additions and 209 deletions
--- a/pkg/models/applications/applications.go
+++ b/pkg/models/applications/applications.go
@@ -18,6 +18,7 @@
 package applications

 import (
+	"fmt"
 	"github.com/golang/glog"
 	appsv1 "k8s.io/api/apps/v1"
 	"k8s.io/api/core/v1"
@@ -25,6 +26,7 @@ import (
 	"k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/labels"
+	"kubesphere.io/kubesphere/pkg/constants"
 	"kubesphere.io/kubesphere/pkg/informers"
 	"kubesphere.io/kubesphere/pkg/models"
 	"kubesphere.io/kubesphere/pkg/models/resources"
@@ -283,3 +285,22 @@ func getIng(namespace string, services []v1.Service) []v1beta1.Ingress {

 	return ings
 }
+
+func DeployApplication(namespace string, app openpitrix.CreateClusterRequest) error {
+	ns, err := informers.SharedInformerFactory().Core().V1().Namespaces().Lister().Get(namespace)
+	if err != nil {
+		glog.Errorf("deploy application failed: %+v", err)
+		return err
+	}
+
+	if runtimeId := ns.Annotations[constants.OpenPitrixRuntimeAnnotationKey]; runtimeId != "" {
+		app.RuntimeId = runtimeId
+	} else {
+		return fmt.Errorf("runtime not init: namespace %s", namespace)
+	}
+	return openpitrix.CreateCluster(app)
+}
+
+func DeleteApplication(clusterId string) error {
+	return openpitrix.DeleteCluster(openpitrix.DeleteClusterRequest{ClusterId: []string{clusterId}})
+}
--- a/pkg/models/iam/policy/policy.go
+++ b/pkg/models/iam/policy/policy.go
@@ -358,18 +358,9 @@ var (
 				{Name: "view",
 					Rules: []v1.PolicyRule{
 						{
-							Verbs:     []string{"list"},
+							Verbs:     []string{"get", "list"},
 							APIGroups: []string{"openpitrix.io"},
-							Resources: []string{"repos", "app_versions"},
-						}, {
-							Verbs:     []string{"get"},
-							APIGroups: []string{"openpitrix.io"},
-							Resources: []string{"app_version/*"},
-						},
-						{
-							Verbs:     []string{"*"},
-							APIGroups: []string{"openpitrix.io"},
-							Resources: []string{"apps", "clusters"},
+							Resources: []string{"apps", "clusters", "repos", "app_versions", "app_version/*"},
 						},
 					},
 				},
@@ -916,6 +907,10 @@ var (
 							Verbs:     []string{"get", "list"},
 							APIGroups: []string{"resources.kubesphere.io"},
 							Resources: []string{"applications"},
+						}, {
+							Verbs:     []string{"get", "list"},
+							APIGroups: []string{"servicemesh.kubesphere.io"},
+							Resources: []string{"*"},
 						},
 						{
 							Verbs:     []string{"list"},
@@ -931,19 +926,27 @@ var (
 				{Name: "edit",
 					Rules: []v1.PolicyRule{
 						{
-							Verbs:     []string{"update", "patch"},
-							APIGroups: []string{"openpitrix.io"},
-							Resources: []string{"apps"},
+							Verbs:     []string{"create", "update", "patch"},
+							APIGroups: []string{"resources.kubesphere.io"},
+							Resources: []string{"applications"},
+						}, {
+							Verbs:     []string{"create", "update", "patch"},
+							APIGroups: []string{"servicemesh.kubesphere.io"},
+							Resources: []string{"*"},
 						},
 					},
 				},
 				{Name: "delete",
 					Rules: []v1.PolicyRule{
 						{
-							Verbs:         []string{"create"},
-							APIGroups:     []string{"openpitrix.io"},
-							ResourceNames: []string{"delete"},
-							Resources:     []string{"clusters"},
+							Verbs:     []string{"delete"},
+							APIGroups: []string{"resources.kubesphere.io"},
+							Resources: []string{"applications"},
+						},
+						{
+							Verbs:     []string{"delete"},
+							APIGroups: []string{"servicemesh.kubesphere.io"},
+							Resources: []string{"*"},
 						},
 					},
 				},
@@ -954,7 +957,7 @@ var (
 			Actions: []models.Action{
 				{Name: "view", Rules: []v1.PolicyRule{
 					{
-						Verbs:     []string{"view", "list"},
+						Verbs:     []string{"get", "list"},
 						APIGroups: []string{"batch", "resources.kubesphere.io"},
 						Resources: []string{"jobs"},
 					},
@@ -987,7 +990,7 @@ var (
 			Actions: []models.Action{
 				{Name: "view", Rules: []v1.PolicyRule{
 					{
-						Verbs:     []string{"view", "list"},
+						Verbs:     []string{"get", "list"},
 						APIGroups: []string{"batch", "resources.kubesphere.io"},
 						Resources: []string{"cronjobs"},
 					},
@@ -1020,7 +1023,7 @@ var (
 			Actions: []models.Action{
 				{Name: "view", Rules: []v1.PolicyRule{
 					{
-						Verbs:     []string{"view", "list"},
+						Verbs:     []string{"get", "list"},
 						APIGroups: []string{"", "resources.kubesphere.io"},
 						Resources: []string{"secrets"},
 					},
@@ -1053,7 +1056,7 @@ var (
 			Actions: []models.Action{
 				{Name: "view", Rules: []v1.PolicyRule{
 					{
-						Verbs:     []string{"view", "list"},
+						Verbs:     []string{"get", "list"},
 						APIGroups: []string{"", "resources.kubesphere.io"},
 						Resources: []string{"configmaps"},
 					},
--- a/pkg/models/resources/extraannotations.go
+++ b/pkg/models/resources/extraannotations.go
@@ -19,9 +19,11 @@ package resources

 import (
 	"github.com/golang/glog"
-	"k8s.io/api/core/v1"
+	corev1 "k8s.io/api/core/v1"
+	storagev1 "k8s.io/api/storage/v1"
 	"k8s.io/apimachinery/pkg/labels"
 	"kubesphere.io/kubesphere/pkg/informers"
+	"strconv"
 )

 type extraAnnotationInjector struct {
@@ -30,14 +32,36 @@ type extraAnnotationInjector struct {
 func (i extraAnnotationInjector) addExtraAnnotations(item interface{}) interface{} {

 	switch item.(type) {
-	case *v1.PersistentVolumeClaim:
-		return i.injectPersistentVolumeClaim(item.(*v1.PersistentVolumeClaim))
+	case *corev1.PersistentVolumeClaim:
+		return i.injectPersistentVolumeClaim(item.(*corev1.PersistentVolumeClaim))
+	case *storagev1.StorageClass:
+		return i.injectStorageClass(item.(*storagev1.StorageClass))
 	}

 	return item
 }

-func (i extraAnnotationInjector) injectPersistentVolumeClaim(item *v1.PersistentVolumeClaim) *v1.PersistentVolumeClaim {
+func (i extraAnnotationInjector) injectStorageClass(item *storagev1.StorageClass) *storagev1.StorageClass {
+
+	count, err := countPvcByStorageClass(item.Name)
+
+	if err != nil {
+		glog.Errorf("inject annotation failed %+v", err)
+		return item
+	}
+
+	item = item.DeepCopy()
+
+	if item.Annotations == nil {
+		item.Annotations = make(map[string]string, 0)
+	}
+
+	item.Annotations["kubesphere.io/pvc-count"] = strconv.Itoa(count)
+
+	return item
+}
+
+func (i extraAnnotationInjector) injectPersistentVolumeClaim(item *corev1.PersistentVolumeClaim) *corev1.PersistentVolumeClaim {
 	podLister := informers.SharedInformerFactory().Core().V1().Pods().Lister()
 	pods, err := podLister.Pods(item.Namespace).List(labels.Everything())
 	if err != nil {
@@ -60,7 +84,7 @@ func (i extraAnnotationInjector) injectPersistentVolumeClaim(item *v1.Persistent
 	return item
 }

-func isPvcInUse(pods []*v1.Pod, pvcName string) bool {
+func isPvcInUse(pods []*corev1.Pod, pvcName string) bool {
 	for _, pod := range pods {
 		volumes := pod.Spec.Volumes
 		for _, volume := range volumes {
@@ -72,3 +96,25 @@ func isPvcInUse(pods []*v1.Pod, pvcName string) bool {
 	}
 	return false
 }
+
+func countPvcByStorageClass(scName string) (int, error) {
+	persistentVolumeClaimLister := informers.SharedInformerFactory().Core().V1().PersistentVolumeClaims().Lister()
+	all, err := persistentVolumeClaimLister.List(labels.Everything())
+
+	if err != nil {
+		return 0, err
+	}
+
+	count := 0
+
+	for _, item := range all {
+		if item.Spec.StorageClassName != nil {
+			if *item.Spec.StorageClassName == scName {
+				count++
+			}
+		} else if item.GetAnnotations()[corev1.BetaStorageClassAnnotation] == scName {
+			count++
+		}
+	}
+	return count, nil
+}