mirror of https://github.com/portainer/portainer
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
160 lines
8.9 KiB
160 lines
8.9 KiB
package kubernetes
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
models "github.com/portainer/portainer/api/http/models/kubernetes"
|
|
httperror "github.com/portainer/portainer/pkg/libhttp/error"
|
|
"github.com/portainer/portainer/pkg/libhttp/request"
|
|
"github.com/portainer/portainer/pkg/libhttp/response"
|
|
"github.com/rs/zerolog/log"
|
|
k8serrors "k8s.io/apimachinery/pkg/api/errors"
|
|
)
|
|
|
|
// @id GetKubernetesConfigMap
|
|
// @summary Get a ConfigMap
|
|
// @description Get a ConfigMap by name for a given namespace.
|
|
// @description **Access policy**: Authenticated user.
|
|
// @tags kubernetes
|
|
// @security ApiKeyAuth || jwt
|
|
// @produce json
|
|
// @param id path int true "Environment identifier"
|
|
// @param namespace path string true "The namespace name where the configmap is located"
|
|
// @param configmap path string true "The configmap name to get details for"
|
|
// @success 200 {object} models.K8sConfigMap "Success"
|
|
// @failure 400 "Invalid request payload, such as missing required fields or fields not meeting validation criteria."
|
|
// @failure 401 "Unauthorized access - the user is not authenticated or does not have the necessary permissions. Ensure that you have provided a valid API key or JWT token, and that you have the required permissions."
|
|
// @failure 403 "Permission denied - the user is authenticated but does not have the necessary permissions to access the requested resource or perform the specified operation. Check your user roles and permissions."
|
|
// @failure 404 "Unable to find an environment with the specified identifier or a configmap with the specified name in the given namespace."
|
|
// @failure 500 "Server error occurred while attempting to retrieve a configmap by name within the specified namespace."
|
|
// @router /kubernetes/{id}/namespaces/{namespace}/configmaps/{configmap} [get]
|
|
func (handler *Handler) getKubernetesConfigMap(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
|
|
namespace, err := request.RetrieveRouteVariableValue(r, "namespace")
|
|
if err != nil {
|
|
log.Error().Err(err).Str("context", "getKubernetesConfigMap").Str("namespace", namespace).Msg("Unable to retrieve namespace identifier route variable")
|
|
return httperror.BadRequest("Unable to retrieve namespace identifier route variable", err)
|
|
}
|
|
|
|
configMapName, err := request.RetrieveRouteVariableValue(r, "configmap")
|
|
if err != nil {
|
|
log.Error().Err(err).Str("context", "getKubernetesConfigMap").Str("namespace", namespace).Msg("Unable to retrieve configMap identifier route variable")
|
|
return httperror.BadRequest("Unable to retrieve configMap identifier route variable", err)
|
|
}
|
|
|
|
cli, httpErr := handler.getProxyKubeClient(r)
|
|
if httpErr != nil {
|
|
log.Error().Err(httpErr).Str("context", "getKubernetesConfigMap").Str("namespace", namespace).Str("configMap", configMapName).Msg("Unable to get a Kubernetes client for the user")
|
|
return httperror.InternalServerError("Unable to get a Kubernetes client for the user", httpErr)
|
|
}
|
|
|
|
configMap, err := cli.GetConfigMap(namespace, configMapName)
|
|
if err != nil {
|
|
if k8serrors.IsUnauthorized(err) || k8serrors.IsForbidden(err) {
|
|
log.Error().Err(err).Str("context", "getKubernetesConfigMap").Str("namespace", namespace).Str("configMap", configMapName).Msg("Unauthorized access to the Kubernetes API")
|
|
return httperror.Forbidden("Unauthorized access to the Kubernetes API", err)
|
|
}
|
|
|
|
if k8serrors.IsNotFound(err) {
|
|
log.Error().Err(err).Str("context", "getKubernetesConfigMap").Str("namespace", namespace).Str("configMap", configMapName).Msg("Unable to retrieve configMap")
|
|
return httperror.NotFound("Unable to retrieve configMap", err)
|
|
}
|
|
|
|
log.Error().Err(err).Str("context", "getKubernetesConfigMap").Str("namespace", namespace).Str("configMap", configMapName).Msg("Unable to retrieve configMap")
|
|
return httperror.InternalServerError("Unable to retrieve configMap", err)
|
|
}
|
|
|
|
configMapWithApplications, err := cli.CombineConfigMapWithApplications(configMap)
|
|
if err != nil {
|
|
log.Error().Err(err).Str("context", "getKubernetesConfigMap").Str("namespace", namespace).Str("configMap", configMapName).Msg("Unable to combine configMap with applications")
|
|
return httperror.InternalServerError("Unable to combine configMap with applications", err)
|
|
}
|
|
|
|
return response.JSON(w, configMapWithApplications)
|
|
}
|
|
|
|
// @id GetAllKubernetesConfigMaps
|
|
// @summary Get a list of ConfigMaps
|
|
// @description Get a list of ConfigMaps across all namespaces in the cluster. For non-admin users, it will only return ConfigMaps based on the namespaces that they have access to.
|
|
// @description **Access policy**: Authenticated user.
|
|
// @tags kubernetes
|
|
// @security ApiKeyAuth || jwt
|
|
// @produce json
|
|
// @param id path int true "Environment identifier"
|
|
// @param isUsed query bool true "Set to true to include information about applications that use the ConfigMaps in the response"
|
|
// @success 200 {array} models.K8sConfigMap "Success"
|
|
// @failure 400 "Invalid request payload, such as missing required fields or fields not meeting validation criteria."
|
|
// @failure 401 "Unauthorized access - the user is not authenticated or does not have the necessary permissions. Ensure that you have provided a valid API key or JWT token, and that you have the required permissions."
|
|
// @failure 403 "Permission denied - the user is authenticated but does not have the necessary permissions to access the requested resource or perform the specified operation. Check your user roles and permissions."
|
|
// @failure 404 "Unable to find an environment with the specified identifier."
|
|
// @failure 500 "Server error occurred while attempting to retrieve all configmaps from the cluster."
|
|
// @router /kubernetes/{id}/configmaps [get]
|
|
func (handler *Handler) GetAllKubernetesConfigMaps(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
|
|
configMaps, err := handler.getAllKubernetesConfigMaps(r)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
return response.JSON(w, configMaps)
|
|
}
|
|
|
|
// @id GetAllKubernetesConfigMapsCount
|
|
// @summary Get ConfigMaps count
|
|
// @description Get the count of ConfigMaps across all namespaces in the cluster. For non-admin users, it will only return the count of ConfigMaps based on the namespaces that they have access to.
|
|
// @description **Access policy**: Authenticated user.
|
|
// @tags kubernetes
|
|
// @security ApiKeyAuth || jwt
|
|
// @produce json
|
|
// @param id path int true "Environment identifier"
|
|
// @success 200 {integer} integer "Success"
|
|
// @failure 400 "Invalid request payload, such as missing required fields or fields not meeting validation criteria."
|
|
// @failure 401 "Unauthorized access - the user is not authenticated or does not have the necessary permissions. Ensure that you have provided a valid API key or JWT token, and that you have the required permissions."
|
|
// @failure 403 "Permission denied - the user is authenticated but does not have the necessary permissions to access the requested resource or perform the specified operation. Check your user roles and permissions."
|
|
// @failure 404 "Unable to find an environment with the specified identifier."
|
|
// @failure 500 "Server error occurred while attempting to retrieve the count of all configmaps from the cluster."
|
|
// @router /kubernetes/{id}/configmaps/count [get]
|
|
func (handler *Handler) getAllKubernetesConfigMapsCount(w http.ResponseWriter, r *http.Request) *httperror.HandlerError {
|
|
configMaps, err := handler.getAllKubernetesConfigMaps(r)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
return response.JSON(w, len(configMaps))
|
|
}
|
|
|
|
func (handler *Handler) getAllKubernetesConfigMaps(r *http.Request) ([]models.K8sConfigMap, *httperror.HandlerError) {
|
|
isUsed, err := request.RetrieveBooleanQueryParameter(r, "isUsed", true)
|
|
if err != nil {
|
|
log.Error().Err(err).Str("context", "getAllKubernetesConfigMaps").Msg("Unable to retrieve isUsed query parameter")
|
|
return nil, httperror.BadRequest("Unable to retrieve isUsed query parameter", err)
|
|
}
|
|
|
|
cli, httpErr := handler.prepareKubeClient(r)
|
|
if httpErr != nil {
|
|
log.Error().Err(httpErr).Str("context", "getAllKubernetesConfigMaps").Msg("Unable to prepare kube client")
|
|
return nil, httperror.InternalServerError("Unable to prepare kube client", httpErr)
|
|
}
|
|
|
|
configMaps, err := cli.GetConfigMaps("")
|
|
if err != nil {
|
|
if k8serrors.IsUnauthorized(err) || k8serrors.IsForbidden(err) {
|
|
log.Error().Err(err).Str("context", "getAllKubernetesConfigMaps").Msg("Unauthorized access to the Kubernetes API")
|
|
return nil, httperror.Forbidden("Unauthorized access to the Kubernetes API", err)
|
|
}
|
|
|
|
log.Error().Err(err).Str("context", "getAllKubernetesConfigMaps").Msg("Unable to get configMaps")
|
|
return nil, httperror.InternalServerError("Unable to get configMaps", err)
|
|
}
|
|
|
|
if isUsed {
|
|
configMapsWithApplications, err := cli.CombineConfigMapsWithApplications(configMaps)
|
|
if err != nil {
|
|
log.Error().Err(err).Str("context", "getAllKubernetesConfigMaps").Msg("Unable to combine configMaps with associated applications")
|
|
return nil, httperror.InternalServerError("Unable to combine configMaps with associated applications", err)
|
|
}
|
|
|
|
return configMapsWithApplications, nil
|
|
}
|
|
|
|
return configMaps, nil
|
|
}
|