Fix backup/restore and demo project

2024-11-21 17:01:04 +01:00 · 2024-10-03 15:41:36 -04:00 · 2024-10-03 15:41:36 -04:00 · 0250b0b9f7
commit 0250b0b9f7
parent 87db92151c
10 changed files with 139 additions and 35 deletions
--- a/api/projects/projects.go
+++ b/api/projects/projects.go
@ -140,7 +140,8 @@ func createDemoProject(projectID int, noneKeyID int, emptyEnvID int, store db.St
 		return
 	}

-	_, err = store.CreateTemplate(db.Template{
+	var template db.Template
+	template, err = store.CreateTemplate(db.Template{
 		Name:            "Deploy to Dev",
 		Type:            db.TemplateDeploy,
 		Playbook:        "deploy.yml",
@ -150,7 +151,6 @@ func createDemoProject(projectID int, noneKeyID int, emptyEnvID int, store db.St
 		RepositoryID:    demoRepo.ID,
 		BuildTemplateID: &buildTpl.ID,
 		Autorun:         true,
-		VaultKeyID:      &vaultKey.ID,
 		App:             db.AppAnsible,
 	})

@ -158,7 +158,18 @@ func createDemoProject(projectID int, noneKeyID int, emptyEnvID int, store db.St
 		return
 	}

-	_, err = store.CreateTemplate(db.Template{
+	_, err = store.CreateTemplateVault(db.TemplateVault{
+		ProjectID:  projectID,
+		TemplateID: template.ID,
+		VaultKeyID: vaultKey.ID,
+		Name:       nil,
+	})
+
+	if err != nil {
+		return
+	}
+
+	template, err = store.CreateTemplate(db.Template{
 		Name:            "Deploy to Production",
 		Type:            db.TemplateDeploy,
 		Playbook:        "deploy.yml",
@ -167,10 +178,20 @@ func createDemoProject(projectID int, noneKeyID int, emptyEnvID int, store db.St
 		EnvironmentID:   &emptyEnvID,
 		RepositoryID:    demoRepo.ID,
 		BuildTemplateID: &buildTpl.ID,
-		VaultKeyID:      &vaultKey.ID,
 		App:             db.AppAnsible,
 	})

+	if err != nil {
+		return
+	}
+
+	_, err = store.CreateTemplateVault(db.TemplateVault{
+		ProjectID:  projectID,
+		TemplateID: template.ID,
+		VaultKeyID: vaultKey.ID,
+		Name:       nil,
+	})
+
 	return
 }

--- a/api/runners/runners.go
+++ b/api/runners/runners.go
@ -89,12 +89,14 @@ func GetRunner(w http.ResponseWriter, r *http.Request) {
 				data.AccessKeys[*tsk.Inventory.BecomeKeyID] = tsk.Inventory.BecomeKey
 			}

-			if tsk.Template.VaultKeyID != nil {
-				err := tsk.Template.VaultKey.DeserializeSecret()
-				if err != nil {
-					// TODO: return error
+			if tsk.Template.Vaults != nil {
+				for _, vault := range tsk.Template.Vaults {
+					err := vault.Vault.DeserializeSecret()
+					if err != nil {
+						// TODO: return error
+					}
+					data.AccessKeys[vault.Vault.ID] = *vault.Vault
 				}
-				data.AccessKeys[*tsk.Template.VaultKeyID] = tsk.Template.VaultKey
 			}

 			if tsk.Inventory.RepositoryID != nil {
--- a/db/Store.go
+++ b/db/Store.go
@ -264,6 +264,7 @@ type Store interface {
 	CreateRunner(runner Runner) (Runner, error)

 	GetTemplateVaults(projectID int, templateID int) ([]TemplateVault, error)
+	CreateTemplateVault(vault TemplateVault) (TemplateVault, error)
 	UpdateTemplateVaults(projectID int, templateID int, vaults []TemplateVault) error
 }

--- a/db/bolt/template_vault.go
+++ b/db/bolt/template_vault.go
@ -22,6 +22,16 @@ func (d *BoltDb) GetTemplateVaults(projectID int, templateID int) (vaults []db.T
 	return
 }

+func (d *BoltDb) CreateTemplateVault(vault db.TemplateVault) (newVault db.TemplateVault, err error) {
+	var newTpl interface{}
+	newTpl, err = d.createObject(vault.ProjectID, db.TemplateVaultProps, vault)
+	if err != nil {
+		return
+	}
+	newVault = newTpl.(db.TemplateVault)
+	return
+}
+
 func (d *BoltDb) UpdateTemplateVaults(projectID int, templateID int, vaults []db.TemplateVault) (err error) {
 	if vaults == nil {
 		vaults = []db.TemplateVault{}
--- a/db/sql/template.go
+++ b/db/sql/template.go
@ -195,7 +195,6 @@ func (d *SqlDb) GetTemplates(projectID int, filter db.TemplateFilter, params db.
 	taskIDs := make([]int, 0)

 	for _, tpl := range tpls {
-		tpl.Vaults, err = d.GetTemplateVaults(projectID, tpl.ID)
 		if tpl.LastTaskID != nil {
 			taskIDs = append(taskIDs, *tpl.LastTaskID)
 		}
@ -224,6 +223,11 @@ func (d *SqlDb) GetTemplates(projectID int, filter db.TemplateFilter, params db.
 			}
 		}

+		template.Vaults, err = d.GetTemplateVaults(projectID, template.ID)
+		if err != nil {
+			return
+		}
+
 		templates = append(templates, template)
 	}

--- a/db/sql/template_vault.go
+++ b/db/sql/template_vault.go
@ -7,19 +7,41 @@ import (
 )

 func (d *SqlDb) GetTemplateVaults(projectID int, templateID int) (vaults []db.TemplateVault, err error) {
-	_, err = d.selectAll(&vaults, "select * from project__template_vault where project_id=? and template_id=?", projectID, templateID)
+	vaults = []db.TemplateVault{}
+
+	var vlts []db.TemplateVault
+	_, err = d.selectAll(&vlts, "select * from project__template_vault where project_id=? and template_id=?", projectID, templateID)
 	if err != nil {
 		return
 	}
-	for _, vault := range vaults {
+	for _, vault := range vlts {
+		vault := vault
 		err = db.FillTemplateVault(d, projectID, &vault)
 		if err != nil {
 			return
 		}
+		vaults = append(vaults, vault)
 	}
 	return
 }

+func (d *SqlDb) CreateTemplateVault(vault db.TemplateVault) (newVault db.TemplateVault, err error) {
+	insertID, err := d.insert(
+		"id",
+		"insert into project__template_vault (project_id, template_id, vault_key_id, name) values (?, ?, ?, ?)",
+		vault.ProjectID,
+		vault.TemplateID,
+		vault.VaultKeyID,
+		vault.Name)
+	if err != nil {
+		return
+	}
+
+	newVault = vault
+	newVault.ID = insertID
+	return
+}
+
 func (d *SqlDb) UpdateTemplateVaults(projectID int, templateID int, vaults []db.TemplateVault) (err error) {
 	if vaults == nil {
 		vaults = []db.TemplateVault{}
--- a/services/project/backup.go
+++ b/services/project/backup.go
@ -218,9 +218,15 @@ func (b *BackupDB) format() (*BackupFormat, error) {
 		if o.ViewID != nil {
 			View, _ = findNameByID[db.View](*o.ViewID, b.views)
 		}
-		var VaultKey *string = nil
-		if o.VaultKeyID != nil {
-			VaultKey, _ = findNameByID[db.AccessKey](*o.VaultKeyID, b.keys)
+		var vaults []BackupTemplateVault = nil
+		for _, vault := range o.Vaults {
+			var vaultKey *string = nil
+			vaultKey, _ = findNameByID[db.AccessKey](vault.VaultKeyID, b.keys)
+			vaults = append(vaults, BackupTemplateVault{
+				Name:     vault.Name,
+				VaultKey: *vaultKey,
+			})
+
 		}
 		var Environment *string = nil
 		if o.EnvironmentID != nil {
@ -249,12 +255,12 @@ func (b *BackupDB) format() (*BackupFormat, error) {
 			SurveyVars:              o.SurveyVarsJSON,
 			Type:                    o.Type,
 			View:                    View,
-			VaultKey:                VaultKey,
 			Repository:              *Repository,
 			Inventory:               Inventory,
 			Environment:             Environment,
 			BuildTemplate:           BuildTemplate,
 			Cron:                    getScheduleByTemplate(o.ID, b.schedules),
+			Vaults:                  vaults,
 		}
 	}
 	return &BackupFormat{
--- a/services/project/restore.go
+++ b/services/project/restore.go
@ -184,6 +184,13 @@ func (e BackupTemplate) Verify(backup *BackupFormat) error {
 	if e.VaultKey != nil && getEntryByName[BackupKey](e.VaultKey, backup.Keys) == nil {
 		return fmt.Errorf("vault_key does not exist in keys[].name")
 	}
+	if e.Vaults != nil {
+		for _, vault := range e.Vaults {
+			if getEntryByName[BackupKey](&vault.VaultKey, backup.Keys) == nil {
+				return fmt.Errorf("vaults[].vaultKey does not exist in keys[].name")
+			}
+		}
+	}
 	if e.View != nil && getEntryByName[BackupView](e.View, backup.Views) == nil {
 		return fmt.Errorf("view does not exist in views[].name")
 	}
@ -273,6 +280,27 @@ func (e BackupTemplate) Restore(store db.Store, b *BackupDB) error {
 			return err
 		}
 	}
+	if e.Vaults != nil {
+		for _, vault := range e.Vaults {
+			var VaultKeyID int
+			if k := findEntityByName[db.AccessKey](&vault.VaultKey, b.keys); k == nil {
+				return fmt.Errorf("vaults[].vaultKey does not exist in keys[].name")
+			} else {
+				VaultKeyID = k.ID
+			}
+			_, err := store.CreateTemplateVault(
+				db.TemplateVault{
+					ProjectID:  b.meta.ID,
+					TemplateID: template.ID,
+					VaultKeyID: VaultKeyID,
+					Name:       vault.Name,
+				},
+			)
+			if err != nil {
+				return err
+			}
+		}
+	}
 	return nil
 }

--- a/services/project/types.go
+++ b/services/project/types.go
@ -65,23 +65,31 @@ type BackupRepository struct {
 }

 type BackupTemplate struct {
-	Inventory               *string         `json:"inventory"`
-	Repository              string          `json:"repository"`
-	Environment             *string         `json:"environment"`
-	Name                    string          `json:"name"`
-	Playbook                string          `json:"playbook"`
-	Arguments               *string         `json:"arguments"`
-	AllowOverrideArgsInTask bool            `json:"allow_override_args_in_task"`
-	Description             *string         `json:"description"`
-	VaultKey                *string         `json:"vault_key"`
-	Type                    db.TemplateType `json:"type"`
-	StartVersion            *string         `json:"start_version"`
-	BuildTemplate           *string         `json:"build_template"`
-	View                    *string         `json:"view"`
-	Autorun                 bool            `json:"autorun"`
-	SurveyVars              *string         `json:"survey_vars"`
-	SuppressSuccessAlerts   bool            `json:"suppress_success_alerts"`
-	Cron                    *string         `json:"cron"`
+	Inventory               *string               `json:"inventory"`
+	Repository              string                `json:"repository"`
+	Environment             *string               `json:"environment"`
+	Name                    string                `json:"name"`
+	Playbook                string                `json:"playbook"`
+	Arguments               *string               `json:"arguments"`
+	AllowOverrideArgsInTask bool                  `json:"allow_override_args_in_task"`
+	Description             *string               `json:"description"`
+	Type                    db.TemplateType       `json:"type"`
+	StartVersion            *string               `json:"start_version"`
+	BuildTemplate           *string               `json:"build_template"`
+	View                    *string               `json:"view"`
+	Autorun                 bool                  `json:"autorun"`
+	SurveyVars              *string               `json:"survey_vars"`
+	SuppressSuccessAlerts   bool                  `json:"suppress_success_alerts"`
+	Cron                    *string               `json:"cron"`
+	Vaults                  []BackupTemplateVault `json:"vaults"`
+
+	// Deprecated: Left here for compatibility with old backups
+	VaultKey *string `json:"vault_key"`
+}
+
+type BackupTemplateVault struct {
+	Name     *string `json:"name"`
+	VaultKey string  `json:"vault_key"`
 }

 type BackupEntry interface {
--- a/services/runners/job_pool.go
+++ b/services/runners/job_pool.go
@ -425,8 +425,10 @@ func (p *JobPool) checkNewJobs() {
 			taskRunner.job.Inventory.BecomeKey = response.AccessKeys[*taskRunner.job.Inventory.BecomeKeyID]
 		}

-		if taskRunner.job.Template.VaultKeyID != nil {
-			taskRunner.job.Template.VaultKey = response.AccessKeys[*taskRunner.job.Template.VaultKeyID]
+		if taskRunner.job.Template.Vaults != nil {
+			for _, vault := range taskRunner.job.Template.Vaults {
+				*vault.Vault = response.AccessKeys[vault.Vault.ID]
+			}
 		}

 		if taskRunner.job.Inventory.RepositoryID != nil {