From 43d9abeed709378c0eaf4d90ee41b628fe492578 Mon Sep 17 00:00:00 2001 From: Hardik Shingala Date: Wed, 18 Oct 2023 17:07:20 +0530 Subject: [PATCH] Add method and sub-commands to archive policy using aperturectl --- api/aperture/cloud/v1/blueprints.proto | 4 + api/aperture/cloud/v1/policy.proto | 1 + api/buf.lock | 4 +- .../go/aperture/cloud/v1/blueprints.pb.go | 57 ++++++---- .../go/aperture/cloud/v1/blueprints.pb.gw.go | 103 ++++++++++++++++++ .../aperture/cloud/v1/blueprints_grpc.pb.go | 45 +++++++- .../proto/go/aperture/cloud/v1/policy.pb.go | 51 +++++---- .../go/aperture/cloud/v1/policy_grpc.pb.go | 41 ++++++- .../cmd/cloud/blueprints/archive.go | 31 ++++++ .../cmd/cloud/dynamicconfig/root.go | 2 +- cmd/aperturectl/cmd/cloud/policy/apply.go | 2 +- cmd/aperturectl/cmd/cloud/policy/archive.go | 33 ++++++ cmd/aperturectl/cmd/cloud/policy/root.go | 2 +- cmd/aperturectl/cmd/cloud/utils/controller.go | 2 +- cmd/aperturectl/cmd/dynamicconfig/root.go | 2 +- cmd/aperturectl/cmd/policy/apply.go | 4 +- cmd/aperturectl/cmd/policy/root.go | 2 +- .../cmd/utils/controller-client.go | 10 +- cmd/aperturectl/cmd/utils/controller.go | 2 +- cmd/aperturectl/cmd/utils/decisions.go | 2 +- cmd/aperturectl/cmd/utils/dynamic-config.go | 4 +- cmd/aperturectl/cmd/utils/policies.go | 55 +++++----- .../assets/openapiv2/aperture.swagger.yaml | 20 ++++ 23 files changed, 383 insertions(+), 96 deletions(-) create mode 100644 cmd/aperturectl/cmd/cloud/blueprints/archive.go create mode 100644 cmd/aperturectl/cmd/cloud/policy/archive.go diff --git a/api/aperture/cloud/v1/blueprints.proto b/api/aperture/cloud/v1/blueprints.proto index 3200d23e0c..6722fff31b 100644 --- a/api/aperture/cloud/v1/blueprints.proto +++ b/api/aperture/cloud/v1/blueprints.proto @@ -22,6 +22,10 @@ service BlueprintsService { rpc Delete(DeleteRequest) returns (google.protobuf.Empty) { option (google.api.http) = {delete: "/fluxninja/v1/blueprints/{policy_name}"}; } + + rpc Archive(DeleteRequest) returns (google.protobuf.Empty) { + option (google.api.http) = {delete: "/fluxninja/v1/blueprints/{policy_name}/archive"}; + } } message Blueprint { diff --git a/api/aperture/cloud/v1/policy.proto b/api/aperture/cloud/v1/policy.proto index 8009befd50..ceb88c5109 100644 --- a/api/aperture/cloud/v1/policy.proto +++ b/api/aperture/cloud/v1/policy.proto @@ -10,4 +10,5 @@ import "google/protobuf/empty.proto"; service PolicyService { rpc UpsertPolicy(aperture.policy.language.v1.UpsertPolicyRequest) returns (aperture.policy.language.v1.UpsertPolicyResponse); rpc DeletePolicy(aperture.policy.language.v1.DeletePolicyRequest) returns (google.protobuf.Empty); + rpc ArchivePolicy(aperture.policy.language.v1.DeletePolicyRequest) returns (google.protobuf.Empty); } diff --git a/api/buf.lock b/api/buf.lock index fde9fca824..35c456659f 100644 --- a/api/buf.lock +++ b/api/buf.lock @@ -9,8 +9,8 @@ deps: - remote: buf.build owner: envoyproxy repository: envoy - commit: 8cd0d3102dee478fa0c21b0f063912a8 - digest: shake256:4411b431a796948dce1df4b80cb3524c74ef13cc92363ff5cbae1a982e07885baddbc33d9fbeac882918d537425d81282fb5dfe85f0e7e09b93708dbe25f2e57 + commit: 8b100ead80f2408c9b7fc3549b5aab9e + digest: shake256:53ade22c8b92a6a4fa38308825ba88dae3fa81bc8b6e6b44bf9ad79a70751e29a71e2eb355edd7edd94780ab1edafdfb084af434c52abd01df9414b808c26c3b - remote: buf.build owner: envoyproxy repository: protoc-gen-validate diff --git a/api/gen/proto/go/aperture/cloud/v1/blueprints.pb.go b/api/gen/proto/go/aperture/cloud/v1/blueprints.pb.go index 80cf80f571..2fbf474e2a 100644 --- a/api/gen/proto/go/aperture/cloud/v1/blueprints.pb.go +++ b/api/gen/proto/go/aperture/cloud/v1/blueprints.pb.go @@ -367,7 +367,7 @@ var file_aperture_cloud_v1_blueprints_proto_rawDesc = []byte{ 0x22, 0x30, 0x0a, 0x0d, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1f, 0x0a, 0x0b, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x4e, 0x61, - 0x6d, 0x65, 0x32, 0xc4, 0x03, 0x0a, 0x11, 0x42, 0x6c, 0x75, 0x65, 0x70, 0x72, 0x69, 0x6e, 0x74, + 0x6d, 0x65, 0x32, 0xc1, 0x04, 0x0a, 0x11, 0x42, 0x6c, 0x75, 0x65, 0x70, 0x72, 0x69, 0x6e, 0x74, 0x73, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x61, 0x0a, 0x04, 0x4c, 0x69, 0x73, 0x74, 0x12, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x1a, 0x1f, 0x2e, 0x61, 0x70, 0x65, 0x72, 0x74, @@ -395,23 +395,30 @@ var file_aperture_cloud_v1_blueprints_proto_rawDesc = []byte{ 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x2e, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x28, 0x2a, 0x26, 0x2f, 0x66, 0x6c, 0x75, 0x78, 0x6e, 0x69, 0x6e, 0x6a, 0x61, 0x2f, 0x76, 0x31, 0x2f, 0x62, 0x6c, 0x75, 0x65, 0x70, 0x72, 0x69, 0x6e, 0x74, 0x73, 0x2f, 0x7b, 0x70, 0x6f, 0x6c, - 0x69, 0x63, 0x79, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x7d, 0x42, 0xef, 0x01, 0x0a, 0x29, 0x63, 0x6f, - 0x6d, 0x2e, 0x66, 0x6c, 0x75, 0x78, 0x6e, 0x69, 0x6e, 0x6a, 0x61, 0x2e, 0x67, 0x65, 0x6e, 0x65, - 0x72, 0x61, 0x74, 0x65, 0x64, 0x2e, 0x61, 0x70, 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, 0x2e, 0x63, - 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x76, 0x31, 0x42, 0x0f, 0x42, 0x6c, 0x75, 0x65, 0x70, 0x72, 0x69, - 0x6e, 0x74, 0x73, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x4b, 0x67, 0x69, 0x74, 0x68, - 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x66, 0x6c, 0x75, 0x78, 0x6e, 0x69, 0x6e, 0x6a, 0x61, - 0x2f, 0x61, 0x70, 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, 0x2f, 0x76, 0x32, 0x2f, 0x61, 0x70, 0x69, - 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x2f, 0x61, 0x70, - 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2f, 0x76, 0x31, 0x3b, - 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x76, 0x31, 0xa2, 0x02, 0x03, 0x41, 0x43, 0x58, 0xaa, 0x02, 0x11, - 0x41, 0x70, 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, 0x2e, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x56, - 0x31, 0xca, 0x02, 0x11, 0x41, 0x70, 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, 0x5c, 0x43, 0x6c, 0x6f, - 0x75, 0x64, 0x5c, 0x56, 0x31, 0xe2, 0x02, 0x1d, 0x41, 0x70, 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, - 0x5c, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x5c, 0x56, 0x31, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, - 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, 0x13, 0x41, 0x70, 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, - 0x3a, 0x3a, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, - 0x74, 0x6f, 0x33, + 0x69, 0x63, 0x79, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x7d, 0x12, 0x7b, 0x0a, 0x07, 0x41, 0x72, 0x63, + 0x68, 0x69, 0x76, 0x65, 0x12, 0x20, 0x2e, 0x61, 0x70, 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, 0x2e, + 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x52, + 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, + 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x36, + 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x30, 0x2a, 0x2e, 0x2f, 0x66, 0x6c, 0x75, 0x78, 0x6e, 0x69, 0x6e, + 0x6a, 0x61, 0x2f, 0x76, 0x31, 0x2f, 0x62, 0x6c, 0x75, 0x65, 0x70, 0x72, 0x69, 0x6e, 0x74, 0x73, + 0x2f, 0x7b, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x7d, 0x2f, 0x61, + 0x72, 0x63, 0x68, 0x69, 0x76, 0x65, 0x42, 0xef, 0x01, 0x0a, 0x29, 0x63, 0x6f, 0x6d, 0x2e, 0x66, + 0x6c, 0x75, 0x78, 0x6e, 0x69, 0x6e, 0x6a, 0x61, 0x2e, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, + 0x65, 0x64, 0x2e, 0x61, 0x70, 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, 0x2e, 0x63, 0x6c, 0x6f, 0x75, + 0x64, 0x2e, 0x76, 0x31, 0x42, 0x0f, 0x42, 0x6c, 0x75, 0x65, 0x70, 0x72, 0x69, 0x6e, 0x74, 0x73, + 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x4b, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, + 0x63, 0x6f, 0x6d, 0x2f, 0x66, 0x6c, 0x75, 0x78, 0x6e, 0x69, 0x6e, 0x6a, 0x61, 0x2f, 0x61, 0x70, + 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, 0x2f, 0x76, 0x32, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x67, 0x65, + 0x6e, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x2f, 0x61, 0x70, 0x65, 0x72, 0x74, + 0x75, 0x72, 0x65, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2f, 0x76, 0x31, 0x3b, 0x63, 0x6c, 0x6f, + 0x75, 0x64, 0x76, 0x31, 0xa2, 0x02, 0x03, 0x41, 0x43, 0x58, 0xaa, 0x02, 0x11, 0x41, 0x70, 0x65, + 0x72, 0x74, 0x75, 0x72, 0x65, 0x2e, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x56, 0x31, 0xca, 0x02, + 0x11, 0x41, 0x70, 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, 0x5c, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x5c, + 0x56, 0x31, 0xe2, 0x02, 0x1d, 0x41, 0x70, 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, 0x5c, 0x43, 0x6c, + 0x6f, 0x75, 0x64, 0x5c, 0x56, 0x31, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, + 0x74, 0x61, 0xea, 0x02, 0x13, 0x41, 0x70, 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, 0x3a, 0x3a, 0x43, + 0x6c, 0x6f, 0x75, 0x64, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -444,12 +451,14 @@ var file_aperture_cloud_v1_blueprints_proto_depIdxs = []int32{ 2, // 4: aperture.cloud.v1.BlueprintsService.Get:input_type -> aperture.cloud.v1.GetRequest 4, // 5: aperture.cloud.v1.BlueprintsService.Apply:input_type -> aperture.cloud.v1.ApplyRequest 5, // 6: aperture.cloud.v1.BlueprintsService.Delete:input_type -> aperture.cloud.v1.DeleteRequest - 1, // 7: aperture.cloud.v1.BlueprintsService.List:output_type -> aperture.cloud.v1.ListResponse - 3, // 8: aperture.cloud.v1.BlueprintsService.Get:output_type -> aperture.cloud.v1.GetResponse - 6, // 9: aperture.cloud.v1.BlueprintsService.Apply:output_type -> google.protobuf.Empty - 6, // 10: aperture.cloud.v1.BlueprintsService.Delete:output_type -> google.protobuf.Empty - 7, // [7:11] is the sub-list for method output_type - 3, // [3:7] is the sub-list for method input_type + 5, // 7: aperture.cloud.v1.BlueprintsService.Archive:input_type -> aperture.cloud.v1.DeleteRequest + 1, // 8: aperture.cloud.v1.BlueprintsService.List:output_type -> aperture.cloud.v1.ListResponse + 3, // 9: aperture.cloud.v1.BlueprintsService.Get:output_type -> aperture.cloud.v1.GetResponse + 6, // 10: aperture.cloud.v1.BlueprintsService.Apply:output_type -> google.protobuf.Empty + 6, // 11: aperture.cloud.v1.BlueprintsService.Delete:output_type -> google.protobuf.Empty + 6, // 12: aperture.cloud.v1.BlueprintsService.Archive:output_type -> google.protobuf.Empty + 8, // [8:13] is the sub-list for method output_type + 3, // [3:8] is the sub-list for method input_type 3, // [3:3] is the sub-list for extension type_name 3, // [3:3] is the sub-list for extension extendee 0, // [0:3] is the sub-list for field type_name diff --git a/api/gen/proto/go/aperture/cloud/v1/blueprints.pb.gw.go b/api/gen/proto/go/aperture/cloud/v1/blueprints.pb.gw.go index 232cd94ba5..af76d1c968 100644 --- a/api/gen/proto/go/aperture/cloud/v1/blueprints.pb.gw.go +++ b/api/gen/proto/go/aperture/cloud/v1/blueprints.pb.gw.go @@ -190,6 +190,58 @@ func local_request_BlueprintsService_Delete_0(ctx context.Context, marshaler run } +func request_BlueprintsService_Archive_0(ctx context.Context, marshaler runtime.Marshaler, client BlueprintsServiceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) { + var protoReq DeleteRequest + var metadata runtime.ServerMetadata + + var ( + val string + ok bool + err error + _ = err + ) + + val, ok = pathParams["policy_name"] + if !ok { + return nil, metadata, status.Errorf(codes.InvalidArgument, "missing parameter %s", "policy_name") + } + + protoReq.PolicyName, err = runtime.String(val) + if err != nil { + return nil, metadata, status.Errorf(codes.InvalidArgument, "type mismatch, parameter: %s, error: %v", "policy_name", err) + } + + msg, err := client.Archive(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD)) + return msg, metadata, err + +} + +func local_request_BlueprintsService_Archive_0(ctx context.Context, marshaler runtime.Marshaler, server BlueprintsServiceServer, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) { + var protoReq DeleteRequest + var metadata runtime.ServerMetadata + + var ( + val string + ok bool + err error + _ = err + ) + + val, ok = pathParams["policy_name"] + if !ok { + return nil, metadata, status.Errorf(codes.InvalidArgument, "missing parameter %s", "policy_name") + } + + protoReq.PolicyName, err = runtime.String(val) + if err != nil { + return nil, metadata, status.Errorf(codes.InvalidArgument, "type mismatch, parameter: %s, error: %v", "policy_name", err) + } + + msg, err := server.Archive(ctx, &protoReq) + return msg, metadata, err + +} + // RegisterBlueprintsServiceHandlerServer registers the http handlers for service BlueprintsService to "mux". // UnaryRPC :call BlueprintsServiceServer directly. // StreamingRPC :currently unsupported pending https://github.com/grpc/grpc-go/issues/906. @@ -296,6 +348,31 @@ func RegisterBlueprintsServiceHandlerServer(ctx context.Context, mux *runtime.Se }) + mux.Handle("DELETE", pattern_BlueprintsService_Archive_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) { + ctx, cancel := context.WithCancel(req.Context()) + defer cancel() + var stream runtime.ServerTransportStream + ctx = grpc.NewContextWithServerTransportStream(ctx, &stream) + inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateIncomingContext(ctx, mux, req, "/aperture.cloud.v1.BlueprintsService/Archive", runtime.WithHTTPPathPattern("/fluxninja/v1/blueprints/{policy_name}/archive")) + if err != nil { + runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + return + } + resp, md, err := local_request_BlueprintsService_Archive_0(annotatedContext, inboundMarshaler, server, req, pathParams) + md.HeaderMD, md.TrailerMD = metadata.Join(md.HeaderMD, stream.Header()), metadata.Join(md.TrailerMD, stream.Trailer()) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) + if err != nil { + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) + return + } + + forward_BlueprintsService_Archive_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + + }) + return nil } @@ -425,6 +502,28 @@ func RegisterBlueprintsServiceHandlerClient(ctx context.Context, mux *runtime.Se }) + mux.Handle("DELETE", pattern_BlueprintsService_Archive_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) { + ctx, cancel := context.WithCancel(req.Context()) + defer cancel() + inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req) + var err error + var annotatedContext context.Context + annotatedContext, err = runtime.AnnotateContext(ctx, mux, req, "/aperture.cloud.v1.BlueprintsService/Archive", runtime.WithHTTPPathPattern("/fluxninja/v1/blueprints/{policy_name}/archive")) + if err != nil { + runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err) + return + } + resp, md, err := request_BlueprintsService_Archive_0(annotatedContext, inboundMarshaler, client, req, pathParams) + annotatedContext = runtime.NewServerMetadataContext(annotatedContext, md) + if err != nil { + runtime.HTTPError(annotatedContext, mux, outboundMarshaler, w, req, err) + return + } + + forward_BlueprintsService_Archive_0(annotatedContext, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...) + + }) + return nil } @@ -436,6 +535,8 @@ var ( pattern_BlueprintsService_Apply_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2}, []string{"fluxninja", "v1", "blueprints"}, "")) pattern_BlueprintsService_Delete_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2, 1, 0, 4, 1, 5, 3}, []string{"fluxninja", "v1", "blueprints", "policy_name"}, "")) + + pattern_BlueprintsService_Archive_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1, 2, 2, 1, 0, 4, 1, 5, 3, 2, 4}, []string{"fluxninja", "v1", "blueprints", "policy_name", "archive"}, "")) ) var ( @@ -446,4 +547,6 @@ var ( forward_BlueprintsService_Apply_0 = runtime.ForwardResponseMessage forward_BlueprintsService_Delete_0 = runtime.ForwardResponseMessage + + forward_BlueprintsService_Archive_0 = runtime.ForwardResponseMessage ) diff --git a/api/gen/proto/go/aperture/cloud/v1/blueprints_grpc.pb.go b/api/gen/proto/go/aperture/cloud/v1/blueprints_grpc.pb.go index 1235aa7a86..7b2b185ed7 100644 --- a/api/gen/proto/go/aperture/cloud/v1/blueprints_grpc.pb.go +++ b/api/gen/proto/go/aperture/cloud/v1/blueprints_grpc.pb.go @@ -20,10 +20,11 @@ import ( const _ = grpc.SupportPackageIsVersion7 const ( - BlueprintsService_List_FullMethodName = "/aperture.cloud.v1.BlueprintsService/List" - BlueprintsService_Get_FullMethodName = "/aperture.cloud.v1.BlueprintsService/Get" - BlueprintsService_Apply_FullMethodName = "/aperture.cloud.v1.BlueprintsService/Apply" - BlueprintsService_Delete_FullMethodName = "/aperture.cloud.v1.BlueprintsService/Delete" + BlueprintsService_List_FullMethodName = "/aperture.cloud.v1.BlueprintsService/List" + BlueprintsService_Get_FullMethodName = "/aperture.cloud.v1.BlueprintsService/Get" + BlueprintsService_Apply_FullMethodName = "/aperture.cloud.v1.BlueprintsService/Apply" + BlueprintsService_Delete_FullMethodName = "/aperture.cloud.v1.BlueprintsService/Delete" + BlueprintsService_Archive_FullMethodName = "/aperture.cloud.v1.BlueprintsService/Archive" ) // BlueprintsServiceClient is the client API for BlueprintsService service. @@ -34,6 +35,7 @@ type BlueprintsServiceClient interface { Get(ctx context.Context, in *GetRequest, opts ...grpc.CallOption) (*GetResponse, error) Apply(ctx context.Context, in *ApplyRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) Delete(ctx context.Context, in *DeleteRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) + Archive(ctx context.Context, in *DeleteRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) } type blueprintsServiceClient struct { @@ -80,6 +82,15 @@ func (c *blueprintsServiceClient) Delete(ctx context.Context, in *DeleteRequest, return out, nil } +func (c *blueprintsServiceClient) Archive(ctx context.Context, in *DeleteRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) { + out := new(emptypb.Empty) + err := c.cc.Invoke(ctx, BlueprintsService_Archive_FullMethodName, in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + // BlueprintsServiceServer is the server API for BlueprintsService service. // All implementations should embed UnimplementedBlueprintsServiceServer // for forward compatibility @@ -88,6 +99,7 @@ type BlueprintsServiceServer interface { Get(context.Context, *GetRequest) (*GetResponse, error) Apply(context.Context, *ApplyRequest) (*emptypb.Empty, error) Delete(context.Context, *DeleteRequest) (*emptypb.Empty, error) + Archive(context.Context, *DeleteRequest) (*emptypb.Empty, error) } // UnimplementedBlueprintsServiceServer should be embedded to have forward compatible implementations. @@ -106,6 +118,9 @@ func (UnimplementedBlueprintsServiceServer) Apply(context.Context, *ApplyRequest func (UnimplementedBlueprintsServiceServer) Delete(context.Context, *DeleteRequest) (*emptypb.Empty, error) { return nil, status.Errorf(codes.Unimplemented, "method Delete not implemented") } +func (UnimplementedBlueprintsServiceServer) Archive(context.Context, *DeleteRequest) (*emptypb.Empty, error) { + return nil, status.Errorf(codes.Unimplemented, "method Archive not implemented") +} // UnsafeBlueprintsServiceServer may be embedded to opt out of forward compatibility for this service. // Use of this interface is not recommended, as added methods to BlueprintsServiceServer will @@ -190,6 +205,24 @@ func _BlueprintsService_Delete_Handler(srv interface{}, ctx context.Context, dec return interceptor(ctx, in, info, handler) } +func _BlueprintsService_Archive_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(DeleteRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(BlueprintsServiceServer).Archive(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: BlueprintsService_Archive_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(BlueprintsServiceServer).Archive(ctx, req.(*DeleteRequest)) + } + return interceptor(ctx, in, info, handler) +} + // BlueprintsService_ServiceDesc is the grpc.ServiceDesc for BlueprintsService service. // It's only intended for direct use with grpc.RegisterService, // and not to be introspected or modified (even as a copy) @@ -213,6 +246,10 @@ var BlueprintsService_ServiceDesc = grpc.ServiceDesc{ MethodName: "Delete", Handler: _BlueprintsService_Delete_Handler, }, + { + MethodName: "Archive", + Handler: _BlueprintsService_Archive_Handler, + }, }, Streams: []grpc.StreamDesc{}, Metadata: "aperture/cloud/v1/blueprints.proto", diff --git a/api/gen/proto/go/aperture/cloud/v1/policy.pb.go b/api/gen/proto/go/aperture/cloud/v1/policy.pb.go index f65280d24c..4c19c1e6c9 100644 --- a/api/gen/proto/go/aperture/cloud/v1/policy.pb.go +++ b/api/gen/proto/go/aperture/cloud/v1/policy.pb.go @@ -33,7 +33,7 @@ var file_aperture_cloud_v1_policy_proto_rawDesc = []byte{ 0x6c, 0x69, 0x63, 0x79, 0x2f, 0x6c, 0x61, 0x6e, 0x67, 0x75, 0x61, 0x67, 0x65, 0x2f, 0x76, 0x31, 0x2f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x1b, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2f, 0x65, - 0x6d, 0x70, 0x74, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x32, 0xde, 0x01, 0x0a, 0x0d, 0x50, + 0x6d, 0x70, 0x74, 0x79, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x32, 0xb9, 0x02, 0x0a, 0x0d, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x73, 0x0a, 0x0c, 0x55, 0x70, 0x73, 0x65, 0x72, 0x74, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x30, 0x2e, 0x61, 0x70, 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6c, @@ -47,23 +47,28 @@ var file_aperture_cloud_v1_policy_proto_rawDesc = []byte{ 0x69, 0x63, 0x79, 0x2e, 0x6c, 0x61, 0x6e, 0x67, 0x75, 0x61, 0x67, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, 0x65, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, - 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x42, 0xeb, 0x01, 0x0a, 0x29, - 0x63, 0x6f, 0x6d, 0x2e, 0x66, 0x6c, 0x75, 0x78, 0x6e, 0x69, 0x6e, 0x6a, 0x61, 0x2e, 0x67, 0x65, - 0x6e, 0x65, 0x72, 0x61, 0x74, 0x65, 0x64, 0x2e, 0x61, 0x70, 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, - 0x2e, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x76, 0x31, 0x42, 0x0b, 0x50, 0x6f, 0x6c, 0x69, 0x63, - 0x79, 0x50, 0x72, 0x6f, 0x74, 0x6f, 0x50, 0x01, 0x5a, 0x4b, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, - 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x66, 0x6c, 0x75, 0x78, 0x6e, 0x69, 0x6e, 0x6a, 0x61, 0x2f, 0x61, - 0x70, 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, 0x2f, 0x76, 0x32, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x67, - 0x65, 0x6e, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x2f, 0x61, 0x70, 0x65, 0x72, - 0x74, 0x75, 0x72, 0x65, 0x2f, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2f, 0x76, 0x31, 0x3b, 0x63, 0x6c, - 0x6f, 0x75, 0x64, 0x76, 0x31, 0xa2, 0x02, 0x03, 0x41, 0x43, 0x58, 0xaa, 0x02, 0x11, 0x41, 0x70, - 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, 0x2e, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x56, 0x31, 0xca, - 0x02, 0x11, 0x41, 0x70, 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, 0x5c, 0x43, 0x6c, 0x6f, 0x75, 0x64, - 0x5c, 0x56, 0x31, 0xe2, 0x02, 0x1d, 0x41, 0x70, 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, 0x5c, 0x43, - 0x6c, 0x6f, 0x75, 0x64, 0x5c, 0x56, 0x31, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64, - 0x61, 0x74, 0x61, 0xea, 0x02, 0x13, 0x41, 0x70, 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, 0x3a, 0x3a, - 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, - 0x33, + 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x12, 0x59, 0x0a, 0x0d, 0x41, + 0x72, 0x63, 0x68, 0x69, 0x76, 0x65, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x30, 0x2e, 0x61, + 0x70, 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x6c, + 0x61, 0x6e, 0x67, 0x75, 0x61, 0x67, 0x65, 0x2e, 0x76, 0x31, 0x2e, 0x44, 0x65, 0x6c, 0x65, 0x74, + 0x65, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x16, + 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, + 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x42, 0xeb, 0x01, 0x0a, 0x29, 0x63, 0x6f, 0x6d, 0x2e, 0x66, + 0x6c, 0x75, 0x78, 0x6e, 0x69, 0x6e, 0x6a, 0x61, 0x2e, 0x67, 0x65, 0x6e, 0x65, 0x72, 0x61, 0x74, + 0x65, 0x64, 0x2e, 0x61, 0x70, 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, 0x2e, 0x63, 0x6c, 0x6f, 0x75, + 0x64, 0x2e, 0x76, 0x31, 0x42, 0x0b, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x50, 0x72, 0x6f, 0x74, + 0x6f, 0x50, 0x01, 0x5a, 0x4b, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, + 0x66, 0x6c, 0x75, 0x78, 0x6e, 0x69, 0x6e, 0x6a, 0x61, 0x2f, 0x61, 0x70, 0x65, 0x72, 0x74, 0x75, + 0x72, 0x65, 0x2f, 0x76, 0x32, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x72, + 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x2f, 0x61, 0x70, 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, 0x2f, + 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x2f, 0x76, 0x31, 0x3b, 0x63, 0x6c, 0x6f, 0x75, 0x64, 0x76, 0x31, + 0xa2, 0x02, 0x03, 0x41, 0x43, 0x58, 0xaa, 0x02, 0x11, 0x41, 0x70, 0x65, 0x72, 0x74, 0x75, 0x72, + 0x65, 0x2e, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x2e, 0x56, 0x31, 0xca, 0x02, 0x11, 0x41, 0x70, 0x65, + 0x72, 0x74, 0x75, 0x72, 0x65, 0x5c, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x5c, 0x56, 0x31, 0xe2, 0x02, + 0x1d, 0x41, 0x70, 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, 0x5c, 0x43, 0x6c, 0x6f, 0x75, 0x64, 0x5c, + 0x56, 0x31, 0x5c, 0x47, 0x50, 0x42, 0x4d, 0x65, 0x74, 0x61, 0x64, 0x61, 0x74, 0x61, 0xea, 0x02, + 0x13, 0x41, 0x70, 0x65, 0x72, 0x74, 0x75, 0x72, 0x65, 0x3a, 0x3a, 0x43, 0x6c, 0x6f, 0x75, 0x64, + 0x3a, 0x3a, 0x56, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var file_aperture_cloud_v1_policy_proto_goTypes = []interface{}{ @@ -75,10 +80,12 @@ var file_aperture_cloud_v1_policy_proto_goTypes = []interface{}{ var file_aperture_cloud_v1_policy_proto_depIdxs = []int32{ 0, // 0: aperture.cloud.v1.PolicyService.UpsertPolicy:input_type -> aperture.policy.language.v1.UpsertPolicyRequest 1, // 1: aperture.cloud.v1.PolicyService.DeletePolicy:input_type -> aperture.policy.language.v1.DeletePolicyRequest - 2, // 2: aperture.cloud.v1.PolicyService.UpsertPolicy:output_type -> aperture.policy.language.v1.UpsertPolicyResponse - 3, // 3: aperture.cloud.v1.PolicyService.DeletePolicy:output_type -> google.protobuf.Empty - 2, // [2:4] is the sub-list for method output_type - 0, // [0:2] is the sub-list for method input_type + 1, // 2: aperture.cloud.v1.PolicyService.ArchivePolicy:input_type -> aperture.policy.language.v1.DeletePolicyRequest + 2, // 3: aperture.cloud.v1.PolicyService.UpsertPolicy:output_type -> aperture.policy.language.v1.UpsertPolicyResponse + 3, // 4: aperture.cloud.v1.PolicyService.DeletePolicy:output_type -> google.protobuf.Empty + 3, // 5: aperture.cloud.v1.PolicyService.ArchivePolicy:output_type -> google.protobuf.Empty + 3, // [3:6] is the sub-list for method output_type + 0, // [0:3] is the sub-list for method input_type 0, // [0:0] is the sub-list for extension type_name 0, // [0:0] is the sub-list for extension extendee 0, // [0:0] is the sub-list for field type_name diff --git a/api/gen/proto/go/aperture/cloud/v1/policy_grpc.pb.go b/api/gen/proto/go/aperture/cloud/v1/policy_grpc.pb.go index 40db47befc..e4ae28e6ad 100644 --- a/api/gen/proto/go/aperture/cloud/v1/policy_grpc.pb.go +++ b/api/gen/proto/go/aperture/cloud/v1/policy_grpc.pb.go @@ -23,8 +23,9 @@ import ( const _ = grpc.SupportPackageIsVersion7 const ( - PolicyService_UpsertPolicy_FullMethodName = "/aperture.cloud.v1.PolicyService/UpsertPolicy" - PolicyService_DeletePolicy_FullMethodName = "/aperture.cloud.v1.PolicyService/DeletePolicy" + PolicyService_UpsertPolicy_FullMethodName = "/aperture.cloud.v1.PolicyService/UpsertPolicy" + PolicyService_DeletePolicy_FullMethodName = "/aperture.cloud.v1.PolicyService/DeletePolicy" + PolicyService_ArchivePolicy_FullMethodName = "/aperture.cloud.v1.PolicyService/ArchivePolicy" ) // PolicyServiceClient is the client API for PolicyService service. @@ -33,6 +34,7 @@ const ( type PolicyServiceClient interface { UpsertPolicy(ctx context.Context, in *v1.UpsertPolicyRequest, opts ...grpc.CallOption) (*v1.UpsertPolicyResponse, error) DeletePolicy(ctx context.Context, in *v1.DeletePolicyRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) + ArchivePolicy(ctx context.Context, in *v1.DeletePolicyRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) } type policyServiceClient struct { @@ -61,12 +63,22 @@ func (c *policyServiceClient) DeletePolicy(ctx context.Context, in *v1.DeletePol return out, nil } +func (c *policyServiceClient) ArchivePolicy(ctx context.Context, in *v1.DeletePolicyRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) { + out := new(emptypb.Empty) + err := c.cc.Invoke(ctx, PolicyService_ArchivePolicy_FullMethodName, in, out, opts...) + if err != nil { + return nil, err + } + return out, nil +} + // PolicyServiceServer is the server API for PolicyService service. // All implementations should embed UnimplementedPolicyServiceServer // for forward compatibility type PolicyServiceServer interface { UpsertPolicy(context.Context, *v1.UpsertPolicyRequest) (*v1.UpsertPolicyResponse, error) DeletePolicy(context.Context, *v1.DeletePolicyRequest) (*emptypb.Empty, error) + ArchivePolicy(context.Context, *v1.DeletePolicyRequest) (*emptypb.Empty, error) } // UnimplementedPolicyServiceServer should be embedded to have forward compatible implementations. @@ -79,6 +91,9 @@ func (UnimplementedPolicyServiceServer) UpsertPolicy(context.Context, *v1.Upsert func (UnimplementedPolicyServiceServer) DeletePolicy(context.Context, *v1.DeletePolicyRequest) (*emptypb.Empty, error) { return nil, status.Errorf(codes.Unimplemented, "method DeletePolicy not implemented") } +func (UnimplementedPolicyServiceServer) ArchivePolicy(context.Context, *v1.DeletePolicyRequest) (*emptypb.Empty, error) { + return nil, status.Errorf(codes.Unimplemented, "method ArchivePolicy not implemented") +} // UnsafePolicyServiceServer may be embedded to opt out of forward compatibility for this service. // Use of this interface is not recommended, as added methods to PolicyServiceServer will @@ -127,6 +142,24 @@ func _PolicyService_DeletePolicy_Handler(srv interface{}, ctx context.Context, d return interceptor(ctx, in, info, handler) } +func _PolicyService_ArchivePolicy_Handler(srv interface{}, ctx context.Context, dec func(interface{}) error, interceptor grpc.UnaryServerInterceptor) (interface{}, error) { + in := new(v1.DeletePolicyRequest) + if err := dec(in); err != nil { + return nil, err + } + if interceptor == nil { + return srv.(PolicyServiceServer).ArchivePolicy(ctx, in) + } + info := &grpc.UnaryServerInfo{ + Server: srv, + FullMethod: PolicyService_ArchivePolicy_FullMethodName, + } + handler := func(ctx context.Context, req interface{}) (interface{}, error) { + return srv.(PolicyServiceServer).ArchivePolicy(ctx, req.(*v1.DeletePolicyRequest)) + } + return interceptor(ctx, in, info, handler) +} + // PolicyService_ServiceDesc is the grpc.ServiceDesc for PolicyService service. // It's only intended for direct use with grpc.RegisterService, // and not to be introspected or modified (even as a copy) @@ -142,6 +175,10 @@ var PolicyService_ServiceDesc = grpc.ServiceDesc{ MethodName: "DeletePolicy", Handler: _PolicyService_DeletePolicy_Handler, }, + { + MethodName: "ArchivePolicy", + Handler: _PolicyService_ArchivePolicy_Handler, + }, }, Streams: []grpc.StreamDesc{}, Metadata: "aperture/cloud/v1/policy.proto", diff --git a/cmd/aperturectl/cmd/cloud/blueprints/archive.go b/cmd/aperturectl/cmd/cloud/blueprints/archive.go new file mode 100644 index 0000000000..a0a7e1cc78 --- /dev/null +++ b/cmd/aperturectl/cmd/cloud/blueprints/archive.go @@ -0,0 +1,31 @@ +package blueprints + +import ( + "context" + + "github.com/spf13/cobra" + + cloudv1 "github.com/fluxninja/aperture/v2/api/gen/proto/go/aperture/cloud/v1" + "github.com/fluxninja/aperture/v2/pkg/log" +) + +// BlueprintsArchiveCmd is the command to archive a blueprint from the Cloud Controller. +var BlueprintsArchiveCmd = &cobra.Command{ + Use: "archive POLICY_NAME", + Short: "Cloud Blueprints Achieve for the given Policy Name", + Long: `Archive cloud blueprint.`, + SilenceErrors: true, + Args: cobra.ExactArgs(1), + Example: `aperturectl cloud blueprints archive rate-limiting`, + RunE: func(cmd *cobra.Command, args []string) error { + _, err := client.Archive(context.Background(), &cloudv1.DeleteRequest{ + PolicyName: args[0], + }) + if err != nil { + return err + } + + log.Info().Str("policy-name", args[0]).Msg("Successfully archived blueprint for Policy") + return nil + }, +} diff --git a/cmd/aperturectl/cmd/cloud/dynamicconfig/root.go b/cmd/aperturectl/cmd/cloud/dynamicconfig/root.go index e490306964..57d42ef624 100644 --- a/cmd/aperturectl/cmd/cloud/dynamicconfig/root.go +++ b/cmd/aperturectl/cmd/cloud/dynamicconfig/root.go @@ -10,7 +10,7 @@ import ( var ( Controller utils.ControllerConn - client utils.PolicyClient + client utils.SelfHostedPolicyClient ) func init() { diff --git a/cmd/aperturectl/cmd/cloud/policy/apply.go b/cmd/aperturectl/cmd/cloud/policy/apply.go index 8d6e735e00..42f2c865d7 100644 --- a/cmd/aperturectl/cmd/cloud/policy/apply.go +++ b/cmd/aperturectl/cmd/cloud/policy/apply.go @@ -66,7 +66,7 @@ func applyPolicy(policyFile string) error { } func createAndApplyPolicy(name string, policyBytes []byte) error { - updatePolicyUsingAPIErr := utils.UpdatePolicyUsingAPI(cloudClient, name, policyBytes, force) + updatePolicyUsingAPIErr := utils.UpdatePolicyUsingAPI(cloudClient, client, name, policyBytes, force) if updatePolicyUsingAPIErr != nil { return updatePolicyUsingAPIErr } diff --git a/cmd/aperturectl/cmd/cloud/policy/archive.go b/cmd/aperturectl/cmd/cloud/policy/archive.go new file mode 100644 index 0000000000..4bd16057f0 --- /dev/null +++ b/cmd/aperturectl/cmd/cloud/policy/archive.go @@ -0,0 +1,33 @@ +package policy + +import ( + "context" + "fmt" + + "github.com/spf13/cobra" + _ "k8s.io/client-go/plugin/pkg/client/auth" + + policylangv1 "github.com/fluxninja/aperture/v2/api/gen/proto/go/aperture/policy/language/v1" + "github.com/fluxninja/aperture/v2/pkg/log" +) + +// ArchiveCmd is the command to archive a policy from the Aperture Cloud Controller. +var ArchiveCmd = &cobra.Command{ + Use: "archive POLICY_NAME", + Short: "Archive Aperture Policy from the Aperture Cloud Controller", + Long: `Use this command to archive the Aperture Policy from the Aperture Cloud Controller.`, + SilenceErrors: true, + Args: cobra.ExactArgs(1), + Example: `aperturectl cloud policy archive POLICY_NAME`, + RunE: func(_ *cobra.Command, args []string) error { + _, err := cloudClient.ArchivePolicy(context.Background(), &policylangv1.DeletePolicyRequest{ + Name: args[0], + }) + if err != nil { + return fmt.Errorf("failed to archive policy: %w", err) + } + + log.Info().Str("policy", args[0]).Msg("Archived Policy successfully") + return nil + }, +} diff --git a/cmd/aperturectl/cmd/cloud/policy/root.go b/cmd/aperturectl/cmd/cloud/policy/root.go index 83ea8a74b0..9fc6faee2d 100644 --- a/cmd/aperturectl/cmd/cloud/policy/root.go +++ b/cmd/aperturectl/cmd/cloud/policy/root.go @@ -11,7 +11,7 @@ import ( var ( Controller cloudutils.ControllerConn - client utils.PolicyClient + client utils.SelfHostedPolicyClient cloudClient utils.CloudPolicyClient ) diff --git a/cmd/aperturectl/cmd/cloud/utils/controller.go b/cmd/aperturectl/cmd/cloud/utils/controller.go index a9cf11d4b8..36dfb2dc2a 100644 --- a/cmd/aperturectl/cmd/cloud/utils/controller.go +++ b/cmd/aperturectl/cmd/cloud/utils/controller.go @@ -198,7 +198,7 @@ func (c *ControllerConn) StatusClient() (utils.StatusClient, error) { } // PolicyClient returns Controller PolicyClient, connecting to controller if not yet connected. -func (c *ControllerConn) PolicyClient() (utils.PolicyClient, error) { +func (c *ControllerConn) PolicyClient() (utils.SelfHostedPolicyClient, error) { // PolicyClient has no restrictions. return c.client() } diff --git a/cmd/aperturectl/cmd/dynamicconfig/root.go b/cmd/aperturectl/cmd/dynamicconfig/root.go index 8102d45dce..59862bdb20 100644 --- a/cmd/aperturectl/cmd/dynamicconfig/root.go +++ b/cmd/aperturectl/cmd/dynamicconfig/root.go @@ -10,7 +10,7 @@ import ( var ( controller utils.ControllerConn - client utils.PolicyClient + client utils.SelfHostedPolicyClient controllerNs string ) diff --git a/cmd/aperturectl/cmd/policy/apply.go b/cmd/aperturectl/cmd/policy/apply.go index 5fa80d38dd..892b481039 100644 --- a/cmd/aperturectl/cmd/policy/apply.go +++ b/cmd/aperturectl/cmd/policy/apply.go @@ -104,7 +104,7 @@ func createAndApplyPolicy(name string, policyBytes []byte) error { err = kubeClient.Create(context.Background(), policyCR) if err != nil { if utils.IsNoMatchError(err) { - updatePolicyUsingAPIErr := utils.UpdatePolicyUsingAPI(client, name, policyBytes, force) + updatePolicyUsingAPIErr := utils.UpdatePolicyUsingAPI(client, client, name, policyBytes, force) if updatePolicyUsingAPIErr != nil { return updatePolicyUsingAPIErr } @@ -127,7 +127,7 @@ func createAndApplyPolicy(name string, policyBytes []byte) error { } } } else { - updatePolicyUsingAPIErr := utils.UpdatePolicyUsingAPI(client, name, policyBytes, force) + updatePolicyUsingAPIErr := utils.UpdatePolicyUsingAPI(client, client, name, policyBytes, force) if updatePolicyUsingAPIErr != nil { return updatePolicyUsingAPIErr } diff --git a/cmd/aperturectl/cmd/policy/root.go b/cmd/aperturectl/cmd/policy/root.go index 2bfcc0c68d..86529e0ea1 100644 --- a/cmd/aperturectl/cmd/policy/root.go +++ b/cmd/aperturectl/cmd/policy/root.go @@ -10,7 +10,7 @@ import ( var ( Controller utils.ControllerConn - client utils.PolicyClient + client utils.SelfHostedPolicyClient controllerNs string ) diff --git a/cmd/aperturectl/cmd/utils/controller-client.go b/cmd/aperturectl/cmd/utils/controller-client.go index b3c319bbf5..8d458dba9f 100644 --- a/cmd/aperturectl/cmd/utils/controller-client.go +++ b/cmd/aperturectl/cmd/utils/controller-client.go @@ -31,9 +31,15 @@ type IntrospectionClient interface { } // PolicyClient is a subset of cmdv1.ControllerClient that covers APIs related to policies. +type PolicyClient interface { + UpsertPolicy(ctx context.Context, in *policylangv1.UpsertPolicyRequest, opts ...grpc.CallOption) (*policylangv1.UpsertPolicyResponse, error) + DeletePolicy(ctx context.Context, in *policylangv1.DeletePolicyRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) +} + +// SelfHostedPolicyClient is a subset of cmdv1.ControllerClient that covers APIs related to policies. // // FIXME: Perhaps it'd be better to split the service on proto level (keep backcompat in mind). -type PolicyClient interface { +type SelfHostedPolicyClient interface { ListPolicies(ctx context.Context, in *emptypb.Empty, opts ...grpc.CallOption) (*policylangv1.GetPoliciesResponse, error) UpsertPolicy(ctx context.Context, in *policylangv1.UpsertPolicyRequest, opts ...grpc.CallOption) (*policylangv1.UpsertPolicyResponse, error) PostDynamicConfig(ctx context.Context, in *policylangv1.PostDynamicConfigRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) @@ -55,6 +61,7 @@ type StatusClient interface { type CloudPolicyClient interface { UpsertPolicy(ctx context.Context, in *policylangv1.UpsertPolicyRequest, opts ...grpc.CallOption) (*policylangv1.UpsertPolicyResponse, error) DeletePolicy(ctx context.Context, in *policylangv1.DeletePolicyRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) + ArchivePolicy(ctx context.Context, in *policylangv1.DeletePolicyRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) } var _ CloudPolicyClient = cloudv1.NewPolicyServiceClient(nil) @@ -65,6 +72,7 @@ type CloudBlueprintsClient interface { Get(ctx context.Context, in *cloudv1.GetRequest, opts ...grpc.CallOption) (*cloudv1.GetResponse, error) Apply(ctx context.Context, in *cloudv1.ApplyRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) Delete(ctx context.Context, in *cloudv1.DeleteRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) + Archive(ctx context.Context, in *cloudv1.DeleteRequest, opts ...grpc.CallOption) (*emptypb.Empty, error) } var _ CloudBlueprintsClient = cloudv1.NewBlueprintsServiceClient(nil) diff --git a/cmd/aperturectl/cmd/utils/controller.go b/cmd/aperturectl/cmd/utils/controller.go index b650fa3cf5..04b46ef2d1 100644 --- a/cmd/aperturectl/cmd/utils/controller.go +++ b/cmd/aperturectl/cmd/utils/controller.go @@ -118,7 +118,7 @@ func (c *ControllerConn) IntrospectionClient() (IntrospectionClient, error) { } // client returns Controller PolicyClient, connecting to controller if not yet connected. -func (c *ControllerConn) PolicyClient() (PolicyClient, error) { +func (c *ControllerConn) PolicyClient() (SelfHostedPolicyClient, error) { return c.client() } diff --git a/cmd/aperturectl/cmd/utils/decisions.go b/cmd/aperturectl/cmd/utils/decisions.go index bdd9cc0f3c..25385dbebc 100644 --- a/cmd/aperturectl/cmd/utils/decisions.go +++ b/cmd/aperturectl/cmd/utils/decisions.go @@ -42,7 +42,7 @@ func DecisionsPreRun(all bool, decisionType string) (string, error) { } // ParseDecisions parses the decisions. -func ParseDecisions(cmd *cobra.Command, client PolicyClient, all bool, decisionType string) error { +func ParseDecisions(cmd *cobra.Command, client SelfHostedPolicyClient, all bool, decisionType string) error { getDecisionsReq := &languagev1.GetDecisionsRequest{ DecisionType: decisionType, } diff --git a/cmd/aperturectl/cmd/utils/dynamic-config.go b/cmd/aperturectl/cmd/utils/dynamic-config.go index eebc6a4a15..cabafc1436 100644 --- a/cmd/aperturectl/cmd/utils/dynamic-config.go +++ b/cmd/aperturectl/cmd/utils/dynamic-config.go @@ -24,7 +24,7 @@ func GetDynamicConfigBytes(policyName, dynamicConfigFile string) ([]byte, error) } // ApplyDynamicConfig applies the dynamic config. -func ApplyDynamicConfigUsingAPI(client PolicyClient, dynamicConfigYAML map[string]interface{}, policyName string) error { +func ApplyDynamicConfigUsingAPI(client SelfHostedPolicyClient, dynamicConfigYAML map[string]interface{}, policyName string) error { var dynamicConfigStruct *structpb.Struct var err error dynamicConfigStruct, err = structpb.NewStruct(dynamicConfigYAML) @@ -44,7 +44,7 @@ func ApplyDynamicConfigUsingAPI(client PolicyClient, dynamicConfigYAML map[strin } // GetDynamicConfigUsingAPI gets the dynamic config. -func GetDynamicConfigUsingAPI(client PolicyClient, policyName string) error { +func GetDynamicConfigUsingAPI(client SelfHostedPolicyClient, policyName string) error { request := languagev1.GetDynamicConfigRequest{ PolicyName: policyName, } diff --git a/cmd/aperturectl/cmd/utils/policies.go b/cmd/aperturectl/cmd/utils/policies.go index f8433f48b5..592134451a 100644 --- a/cmd/aperturectl/cmd/utils/policies.go +++ b/cmd/aperturectl/cmd/utils/policies.go @@ -106,42 +106,39 @@ func GetPolicyCR(policyBytes []byte) (*policyv1alpha1.Policy, error) { } // UpdatePolicyUsingAPI updates the policy using the API. -func UpdatePolicyUsingAPI(client CloudPolicyClient, name string, policyBytes []byte, force bool) error { +func UpdatePolicyUsingAPI(client PolicyClient, listClient SelfHostedPolicyClient, name string, policyBytes []byte, force bool) error { request := policylangv1.UpsertPolicyRequest{ PolicyName: name, PolicyString: string(policyBytes), } if !force { - listClient, ok := client.(PolicyClient) - if ok { - // If directly using controller API, we can call GetPolicies to - // verify that we're not accidentally overwriting the policy. - // Cloud API doesn't have this method and we always allow - // overwriting, even with force=false. - existingPolicies, err := listClient.ListPolicies(context.Background(), new(emptypb.Empty)) - - needsConfirmation := false - if err != nil { - return err - } - for policyName, policy := range existingPolicies.GetPolicies().GetPolicies() { - if policyName == name && policy.Status != policylangv1.GetPolicyResponse_STALE { - needsConfirmation = true - break - } + // If directly using controller API, we can call GetPolicies to + // verify that we're not accidentally overwriting the policy. + // Cloud API doesn't have this method and we always allow + // overwriting, even with force=false. + existingPolicies, err := listClient.ListPolicies(context.Background(), new(emptypb.Empty)) + + needsConfirmation := false + if err != nil { + return err + } + for policyName, policy := range existingPolicies.GetPolicies().GetPolicies() { + if policyName == name && policy.Status != policylangv1.GetPolicyResponse_STALE { + needsConfirmation = true + break } + } - if needsConfirmation { - update, err := CheckForUpdate(name, force) - if err != nil { - return fmt.Errorf("failed to check for update: %w", err) - } + if needsConfirmation { + update, err := CheckForUpdate(name, force) + if err != nil { + return fmt.Errorf("failed to check for update: %w", err) + } - if !update { - log.Info().Str("policy", name).Str("namespace", controllerNs).Msg("Skipping update of Policy") - return errors.New("policy already exists") - } + if !update { + log.Info().Str("policy", name).Str("namespace", controllerNs).Msg("Skipping update of Policy") + return errors.New("policy already exists") } } } @@ -169,7 +166,7 @@ func CheckForUpdate(name string, force bool) (bool, error) { } // DeletePolicyUsingAPI deletes the policy using the API. -func DeletePolicyUsingAPI(client CloudPolicyClient, policyName string) error { +func DeletePolicyUsingAPI(client PolicyClient, policyName string) error { policyRequest := policylangv1.DeletePolicyRequest{ Name: policyName, } @@ -182,7 +179,7 @@ func DeletePolicyUsingAPI(client CloudPolicyClient, policyName string) error { } // ListPolicies lists the policies using the API. -func ListPolicies(client PolicyClient) error { +func ListPolicies(client SelfHostedPolicyClient) error { policies, err := client.ListPolicies(context.Background(), &emptypb.Empty{}) if err != nil { return err diff --git a/docs/content/assets/openapiv2/aperture.swagger.yaml b/docs/content/assets/openapiv2/aperture.swagger.yaml index 7289401af2..f449b21679 100644 --- a/docs/content/assets/openapiv2/aperture.swagger.yaml +++ b/docs/content/assets/openapiv2/aperture.swagger.yaml @@ -5153,6 +5153,26 @@ paths: $ref: '#/definitions/googlerpcStatus' tags: - BlueprintsService + /fluxninja/v1/blueprints/{policy_name}/archive: + delete: + operationId: BlueprintsService_Archive + parameters: + - in: path + name: policy_name + required: true + type: string + responses: + "200": + description: A successful response. + schema: + properties: {} + type: object + default: + description: An unexpected error response. + schema: + $ref: '#/definitions/googlerpcStatus' + tags: + - BlueprintsService /fluxninja/v1/controllerinfo: get: operationId: ControllerInfoService_GetControllerInfo