Skip to content

Commit

Permalink
feat: activations with webhooks
Browse files Browse the repository at this point in the history
  • Loading branch information
mkanoor committed Jun 18, 2024
1 parent a347c4a commit 646cc9e
Show file tree
Hide file tree
Showing 30 changed files with 3,080 additions and 9 deletions.
162 changes: 160 additions & 2 deletions poetry.lock

Large diffs are not rendered by default.

4 changes: 4 additions & 0 deletions pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,10 @@ django-split-settings = "^1.2.0"
pexpect = "^4.9.0"
ansible-runner = ">=2.3"
python-gnupg = "^0.5.2"
psycopg = "^3.1.17"
xxhash = "*"
pyjwt = { version="*", extras = ["cryptography"] }
ecdsa = "*"

[tool.poetry.group.test.dependencies]
pytest = "*"
Expand Down
7 changes: 7 additions & 0 deletions src/aap_eda/api/exceptions.py
Original file line number Diff line number Diff line change
Expand Up @@ -125,3 +125,10 @@ class InvalidEventStreamRulebook(APIException):
default_detail = (
"Configuration Error: Event stream template rulebook is invalid"
)


class InvalidWebhookSource(APIException):
status_code = status.HTTP_500_INTERNAL_SERVER_ERROR
default_detail = (
"Configuration Error: Webhook source could not be upated in ruleset"
)
7 changes: 6 additions & 1 deletion src/aap_eda/api/filters/credential_type.py
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,12 @@ class CredentialTypeFilter(django_filters.FilterSet):
lookup_expr="istartswith",
label="Filter by credential type name.",
)
namespace = django_filters.CharFilter(
field_name="namespace",
lookup_expr="istartswith",
label="Filter by credential type namespace.",
)

class Meta:
model = models.CredentialType
fields = ["name"]
fields = ["name", "namespace"]
29 changes: 29 additions & 0 deletions src/aap_eda/api/filters/webhook.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
# Copyright 2024 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

import django_filters

from aap_eda.core import models


class WebhookFilter(django_filters.FilterSet):
name = django_filters.CharFilter(
field_name="name",
lookup_expr="istartswith",
label="Filter by webhook name.",
)

class Meta:
model = models.Webhook
fields = ["name"]
4 changes: 4 additions & 0 deletions src/aap_eda/api/serializers/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,7 @@
UserListSerializer,
UserSerializer,
)
from .webhook import WebhookInSerializer, WebhookOutSerializer

__all__ = (
# auth
Expand Down Expand Up @@ -131,4 +132,7 @@
"TeamCreateSerializer",
"TeamUpdateSerializer",
"TeamDetailSerializer",
# webhooks
"WebhookInSerializer",
"WebhookOutSerializer",
)
84 changes: 83 additions & 1 deletion src/aap_eda/api/serializers/activation.py
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,10 @@
EDA_SERVER_VAULT_LABEL,
PG_NOTIFY_TEMPLATE_RULEBOOK_DATA,
)
from aap_eda.api.exceptions import InvalidEventStreamRulebook
from aap_eda.api.exceptions import (
InvalidEventStreamRulebook,
InvalidWebhookSource,
)
from aap_eda.api.serializers.decision_environment import (
DecisionEnvironmentRefSerializer,
)
Expand All @@ -39,6 +42,7 @@
ProjectRefSerializer,
)
from aap_eda.api.serializers.rulebook import RulebookRefSerializer
from aap_eda.api.serializers.webhook import WebhookOutSerializer
from aap_eda.api.vault import encrypt_string
from aap_eda.core import models, validators
from aap_eda.core.enums import DefaultCredentialType, ProcessParentType
Expand All @@ -52,6 +56,7 @@
substitute_source_args,
substitute_variables,
swap_sources,
swap_webhook_sources,
)

logger = logging.getLogger(__name__)
Expand All @@ -63,6 +68,34 @@ class VaultData:
password_used: bool = False


def _update_webhook_source(validated_data: dict, vault_data: VaultData) -> str:
try:
vault_data.password_used = True
encrypted_dsn = encrypt_string(
password=vault_data.password,
plaintext=settings.PG_NOTIFY_DSN,
vault_id=EDA_SERVER_VAULT_LABEL,
)

sources_info = {}
for webhook_id in validated_data.get("webhooks"):
obj = models.Webhook.objects.get(id=webhook_id)

sources_info[obj.name] = {
"ansible.eda.pg_listener": {
"dsn": encrypted_dsn,
"channels": [obj.channel_name],
},
}

return swap_webhook_sources(
validated_data["rulebook_rulesets"], sources_info
)
except Exception as e:
logger.error(f"Failed to update webhook source in rulesets: {e}")
raise InvalidWebhookSource(e)


def _updated_ruleset(validated_data: dict, vault_data: VaultData):
try:
sources_info = []
Expand Down Expand Up @@ -215,6 +248,12 @@ class ActivationSerializer(serializers.ModelSerializer):
child=EdaCredentialSerializer(),
)

webhooks = serializers.ListField(
required=False,
allow_null=True,
child=WebhookOutSerializer(),
)

class Meta:
model = models.Activation
fields = [
Expand All @@ -241,6 +280,7 @@ class Meta:
"event_streams",
"eda_credentials",
"log_level",
"webhooks",
]
read_only_fields = [
"id",
Expand Down Expand Up @@ -272,6 +312,11 @@ class ActivationListSerializer(serializers.ModelSerializer):
allow_blank=True,
help_text="Service name of the activation",
)
webhooks = serializers.ListField(
required=False,
allow_null=True,
child=WebhookOutSerializer(),
)

class Meta:
model = models.Activation
Expand Down Expand Up @@ -300,6 +345,7 @@ class Meta:
"log_level",
"eda_credentials",
"k8s_service_name",
"webhooks",
]
read_only_fields = ["id", "created_at", "modified_at"]

Expand All @@ -320,6 +366,10 @@ def to_representation(self, activation):
if activation.extra_var
else None
)
webhooks = [
WebhookOutSerializer(webhook).data
for webhook in activation.webhooks.all()
]

return {
"id": activation.id,
Expand All @@ -346,6 +396,7 @@ def to_representation(self, activation):
"log_level": activation.log_level,
"eda_credentials": eda_credentials,
"k8s_service_name": activation.k8s_service_name,
"webhooks": webhooks,
}


Expand All @@ -369,6 +420,7 @@ class Meta:
"log_level",
"eda_credentials",
"k8s_service_name",
"webhooks",
]

organization_id = serializers.IntegerField(
Expand Down Expand Up @@ -413,6 +465,12 @@ class Meta:
allow_blank=True,
validators=[validators.check_if_rfc_1035_compliant],
)
webhooks = serializers.ListField(
required=False,
allow_null=True,
child=serializers.IntegerField(),
validators=[validators.check_if_webhooks_exists],
)

def validate(self, data):
_validate_credentials_and_token_and_rulebook(data=data, creating=True)
Expand Down Expand Up @@ -440,6 +498,11 @@ def create(self, validated_data):
validated_data, vault_data
)

if validated_data.get("webhooks", []):
validated_data["rulebook_rulesets"] = _update_webhook_source(
validated_data, vault_data
)

vault = _get_vault_credential_type()

if validated_data.get("eda_credentials"):
Expand Down Expand Up @@ -529,6 +592,11 @@ class ActivationReadSerializer(serializers.ModelSerializer):
allow_blank=True,
help_text="Service name of the activation",
)
webhooks = serializers.ListField(
required=False,
allow_null=True,
child=WebhookOutSerializer(),
)

class Meta:
model = models.Activation
Expand Down Expand Up @@ -560,6 +628,7 @@ class Meta:
"event_streams",
"log_level",
"k8s_service_name",
"webhooks",
]
read_only_fields = ["id", "created_at", "modified_at", "restarted_at"]

Expand Down Expand Up @@ -614,6 +683,10 @@ def to_representation(self, activation):
if activation.extra_var
else None
)
webhooks = [
WebhookOutSerializer(webhook).data
for webhook in activation.webhooks.all()
]

return {
"id": activation.id,
Expand Down Expand Up @@ -645,6 +718,7 @@ def to_representation(self, activation):
"log_level": activation.log_level,
"eda_credentials": eda_credentials,
"k8s_service_name": activation.k8s_service_name,
"webhooks": webhooks,
}


Expand Down Expand Up @@ -677,6 +751,12 @@ class PostActivationSerializer(serializers.ModelSerializer):
allow_blank=True,
validators=[validators.check_if_rfc_1035_compliant],
)
webhooks = serializers.ListField(
required=False,
allow_null=True,
child=serializers.IntegerField(),
validators=[validators.check_if_webhooks_exists],
)

def validate(self, data):
_validate_credentials_and_token_and_rulebook(data=data, creating=False)
Expand All @@ -699,6 +779,7 @@ class Meta:
"rulebook_id",
"eda_credentials",
"k8s_service_name",
"webhooks",
]
read_only_fields = [
"id",
Expand All @@ -724,6 +805,7 @@ def is_activation_valid(activation: models.Activation) -> tuple[bool, str]:
data["eda_credentials"] = [
obj.id for obj in activation.eda_credentials.all()
]
data["webhooks"] = [obj.id for obj in activation.webhooks.all()]
serializer = PostActivationSerializer(data=data)

valid = serializer.is_valid()
Expand Down
85 changes: 85 additions & 0 deletions src/aap_eda/api/serializers/webhook.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
# Copyright 2024 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from typing import Optional

from rest_framework import serializers

from aap_eda.api.serializers.eda_credential import EdaCredentialRefSerializer
from aap_eda.api.serializers.organization import OrganizationRefSerializer
from aap_eda.core import models, validators


class WebhookInSerializer(serializers.ModelSerializer):
organization_id = serializers.IntegerField(required=False, allow_null=True)
owner = serializers.HiddenField(default=serializers.CurrentUserDefault())
eda_credential_id = serializers.IntegerField(
required=False,
allow_null=True,
validators=[
validators.check_credential_types_for_webhook,
],
)

class Meta:
model = models.Webhook
fields = [
"name",
"owner",
"test_mode",
"additional_data_headers",
"eda_credential_id",
"organization_id",
"webhook_type",
]


class WebhookOutSerializer(serializers.ModelSerializer):
owner = serializers.SerializerMethodField()
organization = serializers.SerializerMethodField()
eda_credential = EdaCredentialRefSerializer(
required=True, allow_null=False
)

class Meta:
model = models.Webhook
read_only_fields = [
"id",
"owner",
"url",
"created_at",
"modified_at",
"test_content_type",
"test_content",
"test_error_message",
"test_headers",
]
fields = [
"name",
"test_mode",
"additional_data_headers",
"organization",
"eda_credential",
"webhook_type",
*read_only_fields,
]

def get_owner(self, obj) -> str:
return f"{obj.owner.username}"

def get_organization(self, obj) -> Optional[OrganizationRefSerializer]:
return (
OrganizationRefSerializer(obj.organization).data
if obj.organization
else None
)
Loading

0 comments on commit 646cc9e

Please sign in to comment.