Skip to content

Commit

Permalink
feat: activations with webhooks
Browse files Browse the repository at this point in the history
  • Loading branch information
mkanoor committed Jun 16, 2024
1 parent b3e7d45 commit bf5fb6e
Show file tree
Hide file tree
Showing 29 changed files with 3,011 additions and 8 deletions.
162 changes: 160 additions & 2 deletions poetry.lock

Large diffs are not rendered by default.

4 changes: 4 additions & 0 deletions pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,10 @@ django-split-settings = "^1.2.0"
pexpect = "^4.9.0"
ansible-runner = ">=2.3"
python-gnupg = "^0.5.2"
psycopg = "^3.1.17"
xxhash = "*"
pyjwt = { version="*", extras = ["cryptography"] }
ecdsa = "*"

[tool.poetry.group.test.dependencies]
pytest = "*"
Expand Down
7 changes: 7 additions & 0 deletions src/aap_eda/api/exceptions.py
Original file line number Diff line number Diff line change
Expand Up @@ -125,3 +125,10 @@ class InvalidEventStreamRulebook(APIException):
default_detail = (
"Configuration Error: Event stream template rulebook is invalid"
)


class InvalidWebhookSource(APIException):
status_code = status.HTTP_500_INTERNAL_SERVER_ERROR
default_detail = (
"Configuration Error: Webhook source could not be upated in ruleset"
)
7 changes: 6 additions & 1 deletion src/aap_eda/api/filters/credential_type.py
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,12 @@ class CredentialTypeFilter(django_filters.FilterSet):
lookup_expr="istartswith",
label="Filter by credential type name.",
)
namespace = django_filters.CharFilter(
field_name="namespace",
lookup_expr="istartswith",
label="Filter by credential type namespace.",
)

class Meta:
model = models.CredentialType
fields = ["name"]
fields = ["name", "namespace"]
29 changes: 29 additions & 0 deletions src/aap_eda/api/filters/webhook.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
# Copyright 2024 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

import django_filters

from aap_eda.core import models


class WebhookFilter(django_filters.FilterSet):
name = django_filters.CharFilter(
field_name="name",
lookup_expr="istartswith",
label="Filter by webhook name.",
)

class Meta:
model = models.Webhook
fields = ["name"]
4 changes: 4 additions & 0 deletions src/aap_eda/api/serializers/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -78,6 +78,7 @@
UserListSerializer,
UserSerializer,
)
from .webhook import WebhookInSerializer, WebhookOutSerializer

__all__ = (
# auth
Expand Down Expand Up @@ -131,4 +132,7 @@
"TeamCreateSerializer",
"TeamUpdateSerializer",
"TeamDetailSerializer",
# webhooks
"WebhookInSerializer",
"WebhookOutSerializer",
)
85 changes: 84 additions & 1 deletion src/aap_eda/api/serializers/activation.py
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,10 @@
EDA_SERVER_VAULT_LABEL,
PG_NOTIFY_TEMPLATE_RULEBOOK_DATA,
)
from aap_eda.api.exceptions import InvalidEventStreamRulebook
from aap_eda.api.exceptions import (
InvalidEventStreamRulebook,
InvalidWebhookSource,
)
from aap_eda.api.serializers.decision_environment import (
DecisionEnvironmentRefSerializer,
)
Expand All @@ -39,6 +42,7 @@
ProjectRefSerializer,
)
from aap_eda.api.serializers.rulebook import RulebookRefSerializer
from aap_eda.api.serializers.webhook import WebhookOutSerializer
from aap_eda.api.vault import encrypt_string
from aap_eda.core import models, validators
from aap_eda.core.enums import DefaultCredentialType, ProcessParentType
Expand All @@ -63,6 +67,36 @@ class VaultData:
password_used: bool = False


def _update_webhook_source(validated_data: dict, vault_data: VaultData):
try:
vault_data.password_used = True
encrypted_dsn = encrypt_string(
password=vault_data.password,
plaintext=settings.PG_NOTIFY_DSN,
vault_id=EDA_SERVER_VAULT_LABEL,
)

channels = []
for webhook_id in validated_data.get("webhooks"):
obj = models.Webhook.objects.get(id=webhook_id)
channels.append(obj.channel_name)

sources_info = [
{
"name": "webhook_event_stream",
"type": "ansible.eda.pg_listener",
"args": {
"dsn": encrypted_dsn,
"channels": channels,
},
}
]
return swap_sources(validated_data["rulebook_rulesets"], sources_info)
except Exception as e:
logger.error(f"Failed to update webhook source in rulesets: {e}")
raise InvalidWebhookSource(e)


def _updated_ruleset(validated_data: dict, vault_data: VaultData):
try:
sources_info = []
Expand Down Expand Up @@ -215,6 +249,12 @@ class ActivationSerializer(serializers.ModelSerializer):
child=EdaCredentialSerializer(),
)

webhooks = serializers.ListField(
required=False,
allow_null=True,
child=WebhookOutSerializer(),
)

class Meta:
model = models.Activation
fields = [
Expand All @@ -241,6 +281,7 @@ class Meta:
"event_streams",
"eda_credentials",
"log_level",
"webhooks",
]
read_only_fields = [
"id",
Expand Down Expand Up @@ -272,6 +313,11 @@ class ActivationListSerializer(serializers.ModelSerializer):
allow_blank=True,
help_text="Service name of the activation",
)
webhooks = serializers.ListField(
required=False,
allow_null=True,
child=WebhookOutSerializer(),
)

class Meta:
model = models.Activation
Expand Down Expand Up @@ -300,6 +346,7 @@ class Meta:
"log_level",
"eda_credentials",
"k8s_service_name",
"webhooks",
]
read_only_fields = ["id", "created_at", "modified_at"]

Expand All @@ -320,6 +367,10 @@ def to_representation(self, activation):
if activation.extra_var
else None
)
webhooks = [
WebhookOutSerializer(webhook).data
for webhook in activation.webhooks.all()
]

return {
"id": activation.id,
Expand All @@ -346,6 +397,7 @@ def to_representation(self, activation):
"log_level": activation.log_level,
"eda_credentials": eda_credentials,
"k8s_service_name": activation.k8s_service_name,
"webhooks": webhooks,
}


Expand All @@ -369,6 +421,7 @@ class Meta:
"log_level",
"eda_credentials",
"k8s_service_name",
"webhooks",
]

organization_id = serializers.IntegerField(
Expand Down Expand Up @@ -413,6 +466,12 @@ class Meta:
allow_blank=True,
validators=[validators.check_if_rfc_1035_compliant],
)
webhooks = serializers.ListField(
required=False,
allow_null=True,
child=serializers.IntegerField(),
validators=[validators.check_if_webhooks_exists],
)

def validate(self, data):
_validate_credentials_and_token_and_rulebook(data=data, creating=True)
Expand Down Expand Up @@ -440,6 +499,11 @@ def create(self, validated_data):
validated_data, vault_data
)

if validated_data.get("webhooks", []):
validated_data["rulebook_rulesets"] = _update_webhook_source(
validated_data, vault_data
)

vault = _get_vault_credential_type()

if validated_data.get("eda_credentials"):
Expand Down Expand Up @@ -529,6 +593,11 @@ class ActivationReadSerializer(serializers.ModelSerializer):
allow_blank=True,
help_text="Service name of the activation",
)
webhooks = serializers.ListField(
required=False,
allow_null=True,
child=WebhookOutSerializer(),
)

class Meta:
model = models.Activation
Expand Down Expand Up @@ -560,6 +629,7 @@ class Meta:
"event_streams",
"log_level",
"k8s_service_name",
"webhooks",
]
read_only_fields = ["id", "created_at", "modified_at", "restarted_at"]

Expand Down Expand Up @@ -614,6 +684,10 @@ def to_representation(self, activation):
if activation.extra_var
else None
)
webhooks = [
WebhookOutSerializer(webhook).data
for webhook in activation.webhooks.all()
]

return {
"id": activation.id,
Expand Down Expand Up @@ -645,6 +719,7 @@ def to_representation(self, activation):
"log_level": activation.log_level,
"eda_credentials": eda_credentials,
"k8s_service_name": activation.k8s_service_name,
"webhooks": webhooks,
}


Expand Down Expand Up @@ -677,6 +752,12 @@ class PostActivationSerializer(serializers.ModelSerializer):
allow_blank=True,
validators=[validators.check_if_rfc_1035_compliant],
)
webhooks = serializers.ListField(
required=False,
allow_null=True,
child=serializers.IntegerField(),
validators=[validators.check_if_webhooks_exists],
)

def validate(self, data):
_validate_credentials_and_token_and_rulebook(data=data, creating=False)
Expand All @@ -699,6 +780,7 @@ class Meta:
"rulebook_id",
"eda_credentials",
"k8s_service_name",
"webhooks",
]
read_only_fields = [
"id",
Expand All @@ -724,6 +806,7 @@ def is_activation_valid(activation: models.Activation) -> tuple[bool, str]:
data["eda_credentials"] = [
obj.id for obj in activation.eda_credentials.all()
]
data["webhooks"] = [obj.id for obj in activation.webhooks.all()]
serializer = PostActivationSerializer(data=data)

valid = serializer.is_valid()
Expand Down
85 changes: 85 additions & 0 deletions src/aap_eda/api/serializers/webhook.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,85 @@
# Copyright 2024 Red Hat, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from typing import Optional

from rest_framework import serializers

from aap_eda.api.serializers.eda_credential import EdaCredentialRefSerializer
from aap_eda.api.serializers.organization import OrganizationRefSerializer
from aap_eda.core import models, validators


class WebhookInSerializer(serializers.ModelSerializer):
organization_id = serializers.IntegerField(required=False, allow_null=True)
owner = serializers.HiddenField(default=serializers.CurrentUserDefault())
eda_credential_id = serializers.IntegerField(
required=False,
allow_null=True,
validators=[
validators.check_credential_types_for_webhook,
],
)

class Meta:
model = models.Webhook
fields = [
"name",
"owner",
"test_mode",
"additional_data_headers",
"eda_credential_id",
"organization_id",
"webhook_type",
]


class WebhookOutSerializer(serializers.ModelSerializer):
owner = serializers.SerializerMethodField()
organization = serializers.SerializerMethodField()
eda_credential = EdaCredentialRefSerializer(
required=True, allow_null=False
)

class Meta:
model = models.Webhook
read_only_fields = [
"id",
"owner",
"url",
"created_at",
"modified_at",
"test_content_type",
"test_content",
"test_error_message",
"test_headers",
]
fields = [
"name",
"test_mode",
"additional_data_headers",
"organization",
"eda_credential",
"webhook_type",
*read_only_fields,
]

def get_owner(self, obj) -> str:
return f"{obj.owner.username}"

def get_organization(self, obj) -> Optional[OrganizationRefSerializer]:
return (
OrganizationRefSerializer(obj.organization).data
if obj.organization
else None
)
6 changes: 6 additions & 0 deletions src/aap_eda/api/urls.py
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,12 @@
router.register("decision-environments", views.DecisionEnvironmentViewSet)
router.register("organizations", views.OrganizationViewSet)
router.register("teams", views.TeamViewSet)
router.register("webhooks", views.WebhookViewSet)
router.register(
"external_webhook",
views.ExternalWebhookViewSet,
basename="external_webhook",
)

openapi_urls = [
path(
Expand Down
Loading

0 comments on commit bf5fb6e

Please sign in to comment.