Implement TypeInstance Value Resolver and modify TypeInstance upload (#697)

Author: pkosiec

Makefile

@@ -17,7 +17,7 @@ all: generate build-all-images test-unit test-lint ## Default: generate all, bui
 # Building #
 ############
 
-APPS = gateway k8s-engine hub-js argo-runner helm-runner cloudsql-runner populator terraform-runner argo-actions gitlab-api-runner secret-storage-backend helm-storage-backend
+APPS = gateway k8s-engine hub-js argo-runner helm-runner cloudsql-runner populator terraform-runner argo-actions gitlab-api-runner secret-storage-backend helm-storage-backend ti-value-fetcher
 TESTS = e2e local-hub
 INFRA = json-go-gen graphql-schema-linter jinja2 merger
 

cmd/argo-actions/README.md

@@ -13,20 +13,44 @@ argo-actions is intended to be run as an Argo Workflow step which downloads, upl
 ## Prerequisites
 
 - [Go](https://golang.org)
+- [Local Capact development cluster](https://capact.io/community/development/development-guide#development-cluster) created with the `USE_TEST_SETUP=true make dev-cluster` command
 
-### Running
+## Usage
 
-To run it locally you need to enable port forwarding for the Local Hub:
+To run it locally you need to enable port forwarding for the Local and Public Hub:
 ```bash
 kubectl -n capact-system port-forward svc/capact-hub-local --address 0.0.0.0 8888:80
+kubectl -n capact-system port-forward svc/capact-hub-public --address 0.0.0.0 8890:80
 ```
 
+### Download
+
 For downloading at least one Type Instance needs to exist. Passing structs using environment variables looks like this: {field1,field2}. For example APP_DOWNLOAD_CONFIG="{ID,path}"
 
 ```bash
-APP_ACTION=DownloadAction APP_DOWNLOAD_CONFIG="{2282814e-7571-4708-9279-717aea3c6d08,/tmp/action.yaml}" APP_LOCAL_HUB_ENDPOINT=http://localhost:8888/graphql ./argo-actions
+APP_ACTION=DownloadAction APP_DOWNLOAD_CONFIG="{2282814e-7571-4708-9279-717aea3c6d08,/tmp/action.yaml}" APP_LOCAL_HUB_ENDPOINT=http://localhost:8888/graphql go run cmd/argo-actions/main.go
 ```
 
+### Upload
+
+To upload example TypeInstances:
+
+1. Install [Helm Storage Backends](https://capact.io/docs/feature/storage-backends/helm) and use them in Policy
+2. Install PostgreSQL according to the [Helm Runner installation](../helm-runner/README.md#installation) section.
+3. In the [`payload.yaml`](./example-input/upload/payload.yaml) file:
+   - replace `{helm release storage backend ID}` with the ID of the installed Helm Release backend 
+   - replace `{test storage backend ID}` with the ID of the installed Helm Release backend 
+4. Run:
+
+    ```bash
+    APP_ACTION=UploadAction \
+      APP_UPLOAD_CONFIG_PAYLOAD_FILEPATH=cmd/argo-actions/example-input/upload/payload.yaml \
+      APP_UPLOAD_CONFIG_TYPE_INSTANCES_DIR=cmd/argo-actions/example-input/upload/typeinstances \
+      APP_LOCAL_HUB_ENDPOINT=http://localhost:8888/graphql \
+      APP_PUBLIC_HUB_ENDPOINT=http://localhost:8890/graphql \
+      go run cmd/argo-actions/main.go
+    ```
+
 ## Configuration
 
 The following environment variables can be set:

cmd/argo-actions/example-input/upload/payload.yaml

@@ -0,0 +1,33 @@
+typeInstances:
+  - alias: context
+    attributes: []
+    backend:
+      context: null
+      id: "{helm release storage backend ID}"
+    createdBy: default/example
+    typeRef:
+      path: cap.type.helm.chart.release
+      revision: 0.1.0
+    value: null
+  - alias: value
+    attributes: []
+    createdBy: default/example
+    typeRef:
+      path: cap.type.capactio.capact.validation.single-key
+      revision: 0.1.0
+    value: null
+  - alias: value-context
+    attributes: []
+    createdBy: default/example
+    typeRef:
+      path: cap.type.capactio.capact.validation.single-key
+      revision: 0.1.0
+    backend:
+      context: null
+      id: "{test storage backend ID}"
+    value: null
+usesRelations:
+  - from: context
+    to: value
+  - from: context
+    to: value-context

cmd/argo-actions/example-input/upload/typeinstances/context

@@ -0,0 +1,13 @@
+backend:
+  context:
+    chartLocation: https://charts.bitnami.com/bitnami
+    driver: secrets
+    name: example-release
+    namespace: default
+value:
+  chart:
+    name: postgresql
+    repo: https://charts.bitnami.com/bitnami
+    version: 10.2.5
+  name: example-release
+  namespace: default

cmd/argo-actions/example-input/upload/typeinstances/value

@@ -0,0 +1,2 @@
+value:
+  key: foo

cmd/argo-actions/example-input/upload/typeinstances/value-context

@@ -0,0 +1,5 @@
+value:
+  key: foo
+backend:
+  context:
+    provider: dotenv

cmd/ti-value-fetcher/README.md

@@ -0,0 +1,49 @@
+# TypeInstance Value Fetcher
+
+## Overview
+
+TypeInstance Value Fetcher fetches the static value of a TypeInstance artifact based on context.
+This helper app is useful inside a Capact Implementation workflow, where a given Argo artifact contains context, based on which the [ContextStorageBackend](../../hub-js/proto/storage_backend.proto) returns a static value.
+
+However, the static value might be needed inside the same workflow, before uploading such artifact as a TypeInstance. This app calls external storage backend and executes `GetPreCreateValue` method to get such value.
+
+## Prerequisites
+
+- [Go](https://golang.org)
+- Running Kubernetes cluster
+
+## Usage
+
+1. Run Kubernetes cluster
+2. Install PostgreSQL chart according to the [Helm runner installation](../helm-runner/README.md#installation) section.
+3. Run the Helm Release storage backend according to the [Helm Release usage](../helm-storage-backend/README.md#helm-release-storage-backend) instruction
+4. Run the app:
+
+   ```bash
+   APP_LOGGER_DEV_MODE=true \
+    APP_INPUT_TI_FILE_PATH="cmd/ti-value-fetcher/example-input/input-ti.yaml" \
+    APP_INPUT_BACKEND_TI_FILE_PATH="cmd/ti-value-fetcher/example-input/storage-backend.yaml" \
+    go run cmd/ti-value-fetcher/main.go
+   ```
+
+5. See the output:
+
+   ```bash
+   cat /tmp/output.yaml
+   ```
+
+## Configuration
+
+| Name                           | Required | Default                  | Description                                                                                            |
+|--------------------------------|----------|--------------------------|--------------------------------------------------------------------------------------------------------|
+| APP_INPUT_TI_FILE_PATH         | no       | `/tmp/typeinstance.yaml` | The path to the file with TypeInstance artifact, which should have `value` property resolved.          |
+| APP_INPUT_BACKEND_TI_FILE_PATH | no       | `/tmp/backend.yaml`      | The path to the Storage Backend TypeInstance artifact with connection details to the external service. |
+| APP_OUTPUT_FILE_PATH           | no       | `/tmp/output.yaml`       | The path where the output file is saved.                                                               |
+| APP_LOGGER_DEV_MODE            | no       | `false`                  | Enable development mode logging.                                                                       |
+
+To configure providers, use environmental variables described in
+the [Providers](https://github.com/SpectralOps/teller#providers) paragraph for Teller's Readme.
+
+## Development
+
+To read more about development, see the [Development guide](https://capact.io/community/development/development-guide).

cmd/ti-value-fetcher/example-input/input-ti.yaml

@@ -0,0 +1,7 @@
+backend:
+  context:
+    chartLocation: https://charts.bitnami.com/bitnami
+    driver: secrets
+    name: example-release
+    namespace: default
+value: null

cmd/ti-value-fetcher/example-input/storage-backend.yaml

@@ -0,0 +1,29 @@
+value:
+  acceptValue: false
+  contextSchema:
+    $schema: http://json-schema.org/draft-07/schema
+    additionalProperties: false
+    properties:
+      chartLocation:
+        $id: '#/properties/context/properties/chartLocation'
+        type: string
+      driver:
+        $id: '#/properties/context/properties/driver'
+        default: secrets
+        enum:
+          - secrets
+          - configmaps
+          - sql
+        type: string
+      name:
+        $id: '#/properties/context/properties/name'
+        type: string
+      namespace:
+        $id: '#/properties/context/properties/namespace'
+        type: string
+    required:
+      - name
+      - namespace
+      - chartLocation
+    type: object
+  url: localhost:50051

cmd/ti-value-fetcher/main.go

@@ -0,0 +1,57 @@
+package main
+
+import (
+	"fmt"
+	"log"
+
+	"google.golang.org/grpc"
+
+	"capact.io/capact/internal/logger"
+	tivaluefetcher "capact.io/capact/internal/ti-value-fetcher"
+	"github.com/vrischmann/envconfig"
+	"sigs.k8s.io/controller-runtime/pkg/manager/signals"
+)
+
+// Config holds TypeInstance Value resolver configuration.
+type Config struct {
+	Input struct {
+		TIFilePath        string `envconfig:"default=/tmp/input-ti.yaml"`
+		BackendTIFilePath string `envconfig:"default=/tmp/storage-backend.yaml"`
+	}
+	OutputFilePath string `envconfig:"default=/tmp/output.yaml"`
+
+	Logger logger.Config
+}
+
+const appName = "ti-value-fetcher"
+
+func main() {
+	var cfg Config
+	err := envconfig.InitWithPrefix(&cfg, "APP")
+	exitOnError(err, "while loading configuration")
+
+	ctx := signals.SetupSignalHandler()
+
+	// setup logger
+	unnamedLogger, err := logger.New(cfg.Logger)
+	exitOnError(err, "while creating zap logger")
+
+	logger := unnamedLogger.Named(appName)
+
+	tiValueFetcher := tivaluefetcher.New(logger)
+
+	tiArtifact, storageBackendValue, err := tiValueFetcher.LoadFromFile(cfg.Input.TIFilePath, cfg.Input.BackendTIFilePath)
+	exitOnError(err, "while loading input files")
+
+	res, err := tiValueFetcher.Do(ctx, tiArtifact, storageBackendValue, grpc.WithInsecure())
+	exitOnError(err, "while resolving TI value")
+
+	err = tiValueFetcher.SaveToFile(cfg.OutputFilePath, res)
+	exitOnError(err, fmt.Sprintf("while saving output to file %q", cfg.OutputFilePath))
+}
+
+func exitOnError(err error, context string) {
+	if err != nil {
+		log.Fatalf("%s: %v", context, err)
+	}
+}

hack/ci/setup-env.sh

@@ -37,7 +37,7 @@ fi
 
 # TODO: Read components to build in automated way, e.g. from directory structure
 cat <<EOT >>"$GITHUB_ENV"
-APPS=name=matrix::{"include":[{"APP":"gateway"},{"APP":"k8s-engine"},{"APP":"hub-js"},{"APP":"argo-runner"},{"APP":"helm-runner"},{"APP":"populator"},{"APP":"terraform-runner"},{"APP":"argo-actions"},{"APP":"gitlab-api-runner"},{"APP":"secret-storage-backend"},{"APP":"helm-storage-backend"}]}
+APPS=name=matrix::{"include":[{"APP":"gateway"},{"APP":"k8s-engine"},{"APP":"hub-js"},{"APP":"argo-runner"},{"APP":"helm-runner"},{"APP":"populator"},{"APP":"terraform-runner"},{"APP":"argo-actions"},{"APP":"gitlab-api-runner"},{"APP":"secret-storage-backend"},{"APP":"helm-storage-backend"},{"APP":"ti-value-fetcher"}]}
 TESTS=name=matrix::{"include":[{"TEST":"e2e"}, {"TEST":"local-hub"}]}
 INFRAS=name=matrix::{"include":[{"INFRA":"json-go-gen"},{"INFRA":"graphql-schema-linter"},{"INFRA":"jinja2"},{"INFRA":"merger"}]}
 EOT

internal/cli/testing/storage_backend.go

@@ -4,6 +4,8 @@ import (
 	"context"
 	"encoding/json"
 
+	storagebackend "capact.io/capact/pkg/hub/storage-backend"
+
 	"capact.io/capact/internal/logger"
 	"capact.io/capact/internal/ptr"
 	hublocalgraphql "capact.io/capact/pkg/hub/api/graphql/local"
@@ -43,12 +45,6 @@ const testStorageTypeContextSchema = `
     }
 `
 
-type typeInstanceValue struct {
-	URL           string      `json:"url"`
-	AcceptValue   bool        `json:"acceptValue"`
-	ContextSchema interface{} `json:"contextSchema"`
-}
-
 // StorageBackendRegister provides functionality to produce and upload test storage backend TypeInstance.
 type StorageBackendRegister struct {
 	logger      *zap.Logger
@@ -91,7 +87,7 @@ func (i *StorageBackendRegister) RegisterTypeInstances(ctx context.Context) erro
 			Path:     testStorageTypePath,
 			Revision: testStorageTypeRevision,
 		},
-		Value: typeInstanceValue{
+		Value: storagebackend.TypeInstanceValue{
 			URL:           i.cfg.TestStorageBackendURL,
 			AcceptValue:   true,
 			ContextSchema: contextSchema,

internal/helm-storage-backend/helm_rel_fetcher.go

@@ -42,7 +42,7 @@ func NewHelmReleaseFetcher(flags *genericclioptions.ConfigFlags) *HelmReleaseFet
 }
 
 // FetchHelmRelease returns a given Helm release. It already handles the gRPC errors properly.
-func (f *HelmReleaseFetcher) FetchHelmRelease(tiID string, helmRelease HelmRelease) (*release.Release, error) {
+func (f *HelmReleaseFetcher) FetchHelmRelease(helmRelease HelmRelease, additionalErrMsg *string) (*release.Release, error) {
 	cfg, err := f.actionConfigurationProducer(f.helmCfgFlags, *helmRelease.Driver, helmRelease.Namespace)
 	if err != nil {
 		return nil, gRPCInternalError(errors.Wrap(err, "while creating Helm get release client"))
@@ -58,7 +58,11 @@ func (f *HelmReleaseFetcher) FetchHelmRelease(tiID string, helmRelease HelmRelea
 	switch {
 	case err == nil:
 	case errors.Is(err, driver.ErrReleaseNotFound):
-		return nil, status.Error(codes.NotFound, fmt.Sprintf("Helm release '%s/%s' for TypeInstance '%s' was not found", helmRelease.Namespace, helmRelease.Name, tiID))
+		var additionalErrCtx string
+		if additionalErrMsg != nil {
+			additionalErrCtx = fmt.Sprintf(" (%s)", *additionalErrMsg)
+		}
+		return nil, status.Error(codes.NotFound, fmt.Sprintf("Helm release '%s/%s'%s was not found", helmRelease.Namespace, helmRelease.Name, additionalErrCtx))
 	default:
 		return nil, gRPCInternalError(errors.Wrap(err, "while fetching Helm release"))
 	}