GlueOps/autoglue
1
0
Fork 0
mirror of https://github.com/GlueOps/autoglue.git synced 2026-02-13 12:50:05 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
82268943200e5d70655be8351d159f0e468bc9c2
autoglue/internal/handlers/taints/taints.go
allanice001 4e254fc569 taints
2025-09-03 22:49:28 +01:00

539 lines
17 KiB
Go
Raw Blame History

package taints
import (
"encoding/json"
"errors"
"net/http"
"slices"
"strings"
"github.com/glueops/autoglue/internal/db"
"github.com/glueops/autoglue/internal/db/models"
"github.com/glueops/autoglue/internal/middleware"
"github.com/glueops/autoglue/internal/response"
"github.com/go-chi/chi/v5"
"github.com/google/uuid"
"gorm.io/gorm"
)
// ---------- Handlers ----------
// ListTaints godoc
// @Summary List node taints (org scoped)
// @Description Returns node taints for the organization in X-Org-ID. Filters: `key`, `value`, and `q` (key contains). Add `include=node_pools` to include linked node pools.
// @Tags taints
// @Accept json
// @Produce json
// @Param X-Org-ID header string true "Organization UUID"
// @Param key query string false "Exact key"
// @Param value query string false "Exact value"
// @Param q query string false "key contains (case-insensitive)"
// @Param include query string false "Optional: node_pools"
// @Security BearerAuth
// @Success 200 {array} taintResponse
// @Failure 401 {string} string "Unauthorized"
// @Failure 403 {string} string "organization required"
// @Failure 500 {string} string "failed to list node taints"
// @Router /api/v1/taints [get]
func ListTaints(w http.ResponseWriter, r *http.Request) {
ac := middleware.GetAuthContext(r)
if ac == nil || ac.OrganizationID == uuid.Nil {
http.Error(w, "organization required", http.StatusForbidden)
return
}
q := db.DB.Where("organization_id = ?", ac.OrganizationID)
if key := strings.TrimSpace(r.URL.Query().Get("key")); key != "" {
q = q.Where(`key = ?`, key)
}
if val := strings.TrimSpace(r.URL.Query().Get("value")); val != "" {
q = q.Where(`value = ?`, val)
}
if needle := strings.TrimSpace(r.URL.Query().Get("q")); needle != "" {
q = q.Where(`key ILIKE ?`, "%"+needle+"%")
}
withPools := includeNodePools(r)
if withPools {
q = q.Preload("NodePools")
}
var rows []models.Taint
if err := q.Order("created_at DESC").Find(&rows).Error; err != nil {
http.Error(w, "failed to list node taints", http.StatusInternalServerError)
return
}
out := make([]taintResponse, 0, len(rows))
for _, t := range rows {
out = append(out, toResp(t, withPools))
}
_ = response.JSON(w, http.StatusOK, out)
}
// GetTaint godoc
// @Summary Get node taint by ID (org scoped)
// @Description Returns one taint. Add `include=node_pools` to include node pools.
// @Tags taints
// @Accept json
// @Produce json
// @Param X-Org-ID header string true "Organization UUID"
// @Param id path string true "Node Taint ID (UUID)"
// @Param include query string false "Optional: node_pools"
// @Security BearerAuth
// @Success 200 {object} taintResponse
// @Failure 400 {string} string "invalid id"
// @Failure 401 {string} string "Unauthorized"
// @Failure 403 {string} string "organization required"
// @Failure 404 {string} string "not found"
// @Failure 500 {string} string "fetch failed"
// @Router /api/v1/taints/{id} [get]
func GetTaint(w http.ResponseWriter, r *http.Request) {
ac := middleware.GetAuthContext(r)
if ac == nil || ac.OrganizationID == uuid.Nil {
http.Error(w, "organization required", http.StatusForbidden)
return
}
id, err := uuid.Parse(chi.URLParam(r, "id"))
if err != nil {
http.Error(w, "invalid id", http.StatusBadRequest)
return
}
withPools := includeNodePools(r)
var t models.Taint
q := db.DB.Where("id = ? AND organization_id = ?", id, ac.OrganizationID)
if withPools {
q = q.Preload("NodePools")
}
if err := q.First(&t).Error; err != nil {
if errors.Is(err, gorm.ErrRecordNotFound) {
http.Error(w, "not found", http.StatusNotFound)
return
}
http.Error(w, "fetch failed", http.StatusInternalServerError)
return
}
_ = response.JSON(w, http.StatusOK, toResp(t, withPools))
}
// CreateTaint godoc
// @Summary Create node taint (org scoped)
// @Description Creates a taint. Optionally link to node pools.
// @Tags taints
// @Accept json
// @Produce json
// @Param X-Org-ID header string true "Organization UUID"
// @Param body body createTaintRequest true "Taint payload"
// @Security BearerAuth
// @Success 201 {object} taintResponse
// @Failure 400 {string} string "invalid json / missing fields / invalid node_pool_ids"
// @Failure 401 {string} string "Unauthorized"
// @Failure 403 {string} string "organization required"
// @Failure 500 {string} string "create failed"
// @Router /api/v1/taints [post]
func CreateTaint(w http.ResponseWriter, r *http.Request) {
ac := middleware.GetAuthContext(r)
if ac == nil || ac.OrganizationID == uuid.Nil {
http.Error(w, "organization required", http.StatusForbidden)
return
}
var req createTaintRequest
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, "invalid json", http.StatusBadRequest)
return
}
req.Key = strings.TrimSpace(req.Key)
req.Value = strings.TrimSpace(req.Value)
req.Effect = strings.TrimSpace(req.Effect)
if req.Key == "" || req.Effect == "" {
http.Error(w, "invalid json or missing key/effect", http.StatusBadRequest)
return
}
if _, ok := allowedEffects[req.Effect]; !ok {
http.Error(w, "invalid effect", http.StatusBadRequest)
return
}
t := models.Taint{
OrganizationID: ac.OrganizationID,
Key: req.Key,
Value: req.Value,
Effect: req.Effect,
}
if err := db.DB.Create(&t).Error; err != nil {
http.Error(w, "create failed", http.StatusInternalServerError)
return
}
// optional initial links
if len(req.NodePoolIDs) > 0 {
ids, err := parseUUIDs(req.NodePoolIDs)
if err != nil {
http.Error(w, "invalid node_pool_ids", http.StatusBadRequest)
return
}
if err := ensureNodePoolsBelongToOrg(ac.OrganizationID, ids); err != nil {
http.Error(w, "invalid node_pool_ids for this organization", http.StatusBadRequest)
return
}
var pools []models.NodePool
if err := db.DB.Where("id IN ? AND organization_id = ?", ids, ac.OrganizationID).
Find(&pools).Error; err != nil {
http.Error(w, "create failed", http.StatusInternalServerError)
return
}
if len(pools) != len(ids) {
http.Error(w, "invalid node_pool_ids", http.StatusBadRequest)
return
}
if err := db.DB.Model(&t).Association("NodePools").Append(&pools); err != nil {
http.Error(w, "create failed", http.StatusInternalServerError)
return
}
}
_ = response.JSON(w, http.StatusCreated, toResp(t, false))
}
// UpdateTaint godoc
// @Summary Update node taint (org scoped)
// @Description Partially update taint fields.
// @Tags taints
// @Accept json
// @Produce json
// @Param X-Org-ID header string true "Organization UUID"
// @Param id path string true "Node Taint ID (UUID)"
// @Param body body updateTaintRequest true "Fields to update"
// @Security BearerAuth
// @Success 200 {object} taintResponse
// @Failure 400 {string} string "invalid id / invalid json"
// @Failure 401 {string} string "Unauthorized"
// @Failure 403 {string} string "organization required"
// @Failure 404 {string} string "not found"
// @Failure 500 {string} string "update failed"
// @Router /api/v1/taints/{id} [patch]
func UpdateTaint(w http.ResponseWriter, r *http.Request) {
ac := middleware.GetAuthContext(r)
if ac == nil || ac.OrganizationID == uuid.Nil {
http.Error(w, "organization required", http.StatusForbidden)
return
}
id, err := uuid.Parse(chi.URLParam(r, "id"))
if err != nil {
http.Error(w, "invalid id", http.StatusBadRequest)
return
}
var t models.Taint
if err := db.DB.Where("id = ? AND organization_id = ?", id, ac.OrganizationID).
First(&t).Error; err != nil {
if errors.Is(err, gorm.ErrRecordNotFound) {
http.Error(w, "not found", http.StatusNotFound)
return
}
http.Error(w, "fetch failed", http.StatusInternalServerError)
return
}
var req updateTaintRequest
if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
http.Error(w, "invalid json", http.StatusBadRequest)
return
}
if req.Key != nil {
t.Key = strings.TrimSpace(*req.Key)
}
if req.Value != nil {
t.Value = strings.TrimSpace(*req.Value)
}
if req.Effect != nil {
e := strings.TrimSpace(*req.Effect)
if e == "" {
http.Error(w, "invalid json", http.StatusBadRequest)
return
}
if _, ok := allowedEffects[e]; !ok {
http.Error(w, "invalid effect", http.StatusBadRequest)
return
}
t.Effect = e
}
if err := db.DB.Save(&t).Error; err != nil {
http.Error(w, "update failed", http.StatusInternalServerError)
return
}
_ = response.JSON(w, http.StatusOK, toResp(t, false))
}
// DeleteTaint godoc
// @Summary Delete taint (org scoped)
// @Description Permanently deletes the taint.
// @Tags taints
// @Accept json
// @Produce json
// @Param X-Org-ID header string true "Organization UUID"
// @Param id path string true "Node Taint ID (UUID)"
// @Security BearerAuth
// @Success 204 {string} string "No Content"
// @Failure 400 {string} string "invalid id"
// @Failure 401 {string} string "Unauthorized"
// @Failure 403 {string} string "organization required"
// @Failure 500 {string} string "delete failed"
// @Router /api/v1/taints/{id} [delete]
func DeleteTaint(w http.ResponseWriter, r *http.Request) {
ac := middleware.GetAuthContext(r)
if ac == nil || ac.OrganizationID == uuid.Nil {
http.Error(w, "organization required", http.StatusForbidden)
return
}
id, err := uuid.Parse(chi.URLParam(r, "id"))
if err != nil {
http.Error(w, "invalid id", http.StatusBadRequest)
return
}
if err := db.DB.Where("id = ? AND organization_id = ?", id, ac.OrganizationID).
Delete(&models.Taint{}).Error; err != nil {
http.Error(w, "delete failed", http.StatusInternalServerError)
return
}
response.NoContent(w)
}
// AddTaintToNodePool godoc
// @Summary Attach taint to node pools (org scoped)
// @Description Links the taint to one or more node pools in the same organization.
// @Tags taints
// @Accept json
// @Produce json
// @Param X-Org-ID header string true "Organization UUID"
// @Param id path string true "Taint ID (UUID)"
// @Param body body addTaintToPoolRequest true "IDs to attach"
// @Param include query string false "Optional: node_pools"
// @Security BearerAuth
// @Success 200 {object} taintResponse
// @Failure 400 {string} string "invalid id / invalid json / invalid node_pool_ids"
// @Failure 401 {string} string "Unauthorized"
// @Failure 403 {string} string "organization required"
// @Failure 404 {string} string "not found"
// @Failure 500 {string} string "attach failed"
// @Router /api/v1/taints/{id}/node_pools [post]
func AddTaintToNodePool(w http.ResponseWriter, r *http.Request) {
ac := middleware.GetAuthContext(r)
if ac == nil || ac.OrganizationID == uuid.Nil {
http.Error(w, "organization required", http.StatusForbidden)
return
}
taintID, err := uuid.Parse(chi.URLParam(r, "id"))
if err != nil {
http.Error(w, "invalid id", http.StatusBadRequest)
return
}
var t models.Taint
if err := db.DB.Where("id = ? AND organization_id = ?", taintID, ac.OrganizationID).
First(&t).Error; err != nil {
if errors.Is(err, gorm.ErrRecordNotFound) {
http.Error(w, "not found", http.StatusNotFound)
return
}
http.Error(w, "fetch failed", http.StatusInternalServerError)
return
}
var in addTaintToPoolRequest
if err := json.NewDecoder(r.Body).Decode(&in); err != nil || len(in.NodePoolIDs) == 0 {
http.Error(w, "invalid json or empty node_pool_ids", http.StatusBadRequest)
return
}
ids, err := parseUUIDs(in.NodePoolIDs)
if err != nil {
http.Error(w, "invalid node_pool_ids", http.StatusBadRequest)
return
}
if err := ensureNodePoolsBelongToOrg(ac.OrganizationID, ids); err != nil {
http.Error(w, "invalid node_pool_ids for this organization", http.StatusBadRequest)
return
}
// Fetch existing links to avoid duplicates
var existing []models.NodePool
if err := db.DB.Model(&t).Association("NodePools").Find(&existing); err != nil {
http.Error(w, "attach failed", http.StatusInternalServerError)
return
}
existingIDs := make([]uuid.UUID, 0, len(existing))
for _, p := range existing {
existingIDs = append(existingIDs, p.ID)
}
toFetch := make([]uuid.UUID, 0, len(ids))
for _, id := range ids {
if !slices.Contains(existingIDs, id) {
toFetch = append(toFetch, id)
}
}
if len(toFetch) > 0 {
var toAttach []models.NodePool
if err := db.DB.Where("id IN ? AND organization_id = ?", toFetch, ac.OrganizationID).
Find(&toAttach).Error; err != nil {
http.Error(w, "attach failed", http.StatusInternalServerError)
return
}
if len(toAttach) != len(toFetch) {
http.Error(w, "invalid node_pool_ids", http.StatusBadRequest)
return
}
if err := db.DB.Model(&t).Association("NodePools").Append(&toAttach); err != nil {
http.Error(w, "attach failed", http.StatusInternalServerError)
return
}
}
withPools := includeNodePools(r)
if withPools {
if err := db.DB.Preload("NodePools").
First(&t, "id = ? AND organization_id = ?", taintID, ac.OrganizationID).Error; err != nil {
http.Error(w, "fetch failed", http.StatusInternalServerError)
return
}
}
_ = response.JSON(w, http.StatusOK, toResp(t, withPools))
}
// RemoveTaintFromNodePool godoc
// @Summary Detach taint from a node pool (org scoped)
// @Description Unlinks the taint from the specified node pool.
// @Tags taints
// @Accept json
// @Produce json
// @Param X-Org-ID header string true "Organization UUID"
// @Param id path string true "Taint ID (UUID)"
// @Param poolId path string true "Node Pool ID (UUID)"
// @Security BearerAuth
// @Success 204 {string} string "No Content"
// @Failure 400 {string} string "invalid id"
// @Failure 401 {string} string "Unauthorized"
// @Failure 403 {string} string "organization required"
// @Failure 404 {string} string "not found"
// @Failure 500 {string} string "detach failed"
// @Router /api/v1/taints/{id}/node_pools/{poolId} [delete]
func RemoveTaintFromNodePool(w http.ResponseWriter, r *http.Request) {
ac := middleware.GetAuthContext(r)
if ac == nil || ac.OrganizationID == uuid.Nil {
http.Error(w, "organization required", http.StatusForbidden)
return
}
taintID, err := uuid.Parse(chi.URLParam(r, "id"))
if err != nil {
http.Error(w, "invalid id", http.StatusBadRequest)
return
}
poolID, err := uuid.Parse(chi.URLParam(r, "poolId"))
if err != nil {
http.Error(w, "invalid id", http.StatusBadRequest)
return
}
var t models.Taint
if err := db.DB.Where("id = ? AND organization_id = ?", taintID, ac.OrganizationID).
First(&t).Error; err != nil {
if errors.Is(err, gorm.ErrRecordNotFound) {
http.Error(w, "not found", http.StatusNotFound)
return
}
http.Error(w, "fetch failed", http.StatusInternalServerError)
return
}
var p models.NodePool
if err := db.DB.Where("id = ? AND organization_id = ?", poolID, ac.OrganizationID).
First(&p).Error; err != nil {
if errors.Is(err, gorm.ErrRecordNotFound) {
http.Error(w, "not found", http.StatusNotFound)
return
}
http.Error(w, "fetch failed", http.StatusInternalServerError)
return
}
if err := db.DB.Model(&t).Association("NodePools").Delete(&p); err != nil {
http.Error(w, "detach failed", http.StatusInternalServerError)
return
}
response.NoContent(w)
}
// ListNodePoolsWithTaint godoc
// @Summary List node pools linked to a taint (org scoped)
// @Description Returns node pools attached to the taint. Supports `q` (name contains, case-insensitive).
// @Tags taints
// @Accept json
// @Produce json
// @Param X-Org-ID header string true "Organization UUID"
// @Param id path string true "Taint ID (UUID)"
// @Param q query string false "Name contains (case-insensitive)"
// @Security BearerAuth
// @Success 200 {array} nodePoolResponse
// @Failure 400 {string} string "invalid id"
// @Failure 401 {string} string "Unauthorized"
// @Failure 403 {string} string "organization required"
// @Failure 404 {string} string "not found"
// @Failure 500 {string} string "fetch failed"
// @Router /api/v1/taints/{id}/node_pools [get]
func ListNodePoolsWithTaint(w http.ResponseWriter, r *http.Request) {
ac := middleware.GetAuthContext(r)
if ac == nil || ac.OrganizationID == uuid.Nil {
http.Error(w, "organization required", http.StatusForbidden)
return
}
taintID, err := uuid.Parse(chi.URLParam(r, "id"))
if err != nil {
http.Error(w, "invalid id", http.StatusBadRequest)
return
}
// Load the taint and its pools using GORM's mapping (avoids guessing join table name)
var t models.Taint
if err := db.DB.Where("id = ? AND organization_id = ?", taintID, ac.OrganizationID).
Preload("NodePools").
First(&t).Error; err != nil {
if errors.Is(err, gorm.ErrRecordNotFound) {
http.Error(w, "not found", http.StatusNotFound)
return
}
http.Error(w, "fetch failed", http.StatusInternalServerError)
return
}
needle := strings.TrimSpace(r.URL.Query().Get("q"))
out := make([]nodePoolResponse, 0, len(t.NodePools))
for _, p := range t.NodePools {
if needle != "" && !strings.Contains(strings.ToLower(p.Name), strings.ToLower(needle)) {
continue
}
out = append(out, nodePoolResponse{
ID: p.ID,
Name: p.Name,
// Servers intentionally omitted here; this endpoint doesn't include them by default.
})
}
_ = response.JSON(w, http.StatusOK, out)
}
Reference in New Issue View Git Blame Copy Permalink