feat: Preview secrets

chore: version++
2022-02-19 14:54:47 +01:00 · 2022-02-19 14:54:47 +01:00 · 15e69c538a
commit 15e69c538a
parent e51a8d43d9
8 changed files with 120 additions and 25 deletions
--- a/package.json
+++ b/package.json
@ -1,7 +1,7 @@
 {
 	"name": "coolify",
 	"description": "An open-source & self-hostable Heroku / Netlify alternative.",
-	"version": "2.0.15",
+	"version": "2.0.16",
 	"license": "AGPL-3.0",
 	"scripts": {
 		"dev": "docker compose -f docker-compose-dev.yaml up -d && NODE_ENV=development svelte-kit dev --host 0.0.0.0",
--- a/prisma/schema.prisma
+++ b/prisma/schema.prisma
@ -109,13 +109,14 @@ model Secret {
  id            String      @id @default(cuid())
  name          String
  value         String
+  isPRMRSecret  Boolean     @default(false)
  isBuildSecret Boolean     @default(false)
  createdAt     DateTime    @default(now())
  updatedAt     DateTime    @updatedAt
  application   Application @relation(fields: [applicationId], references: [id])
  applicationId String

-  @@unique([name, applicationId])
+  @@unique([name, applicationId, isPRMRSecret])
 }

 model BuildLog {
--- a/src/lib/database/checks.ts
+++ b/src/lib/database/checks.ts
@ -15,8 +15,8 @@ export async function isDockerNetworkExists({ network }) {
 	return await prisma.destinationDocker.findFirst({ where: { network } });
 }

-export async function isSecretExists({ id, name }) {
-	return await prisma.secret.findFirst({ where: { name, applicationId: id } });
+export async function isSecretExists({ id, name, isPRMRSecret }) {
+	return await prisma.secret.findFirst({ where: { name, applicationId: id, isPRMRSecret } });
 }

 export async function isDomainConfigured({ id, fqdn }) {
--- a/src/lib/database/secrets.ts
+++ b/src/lib/database/secrets.ts
@ -1,21 +1,35 @@
 import { encrypt } from '$lib/crypto';
 import { prisma } from './common';

-export async function listSecrets({ applicationId }) {
+export async function listSecrets(applicationId: string) {
 	return await prisma.secret.findMany({
 		where: { applicationId },
-		orderBy: { createdAt: 'desc' },
-		select: { id: true, createdAt: true, name: true, isBuildSecret: true }
+		orderBy: { createdAt: 'desc' }
 	});
 }

-export async function createSecret({ id, name, value, isBuildSecret }) {
+export async function createSecret({ id, name, value, isBuildSecret, isPRMRSecret }) {
 	value = encrypt(value);
 	return await prisma.secret.create({
-		data: { name, value, isBuildSecret, application: { connect: { id } } }
+		data: { name, value, isBuildSecret, isPRMRSecret, application: { connect: { id } } }
 	});
 }

+export async function updateSecret({ id, name, value, isBuildSecret, isPRMRSecret }) {
+	value = encrypt(value);
+	const found = await prisma.secret.findFirst({ where: { applicationId: id, name, isPRMRSecret } });
+	if (found) {
+		return await prisma.secret.updateMany({
+			where: { applicationId: id, name, isPRMRSecret },
+			data: { value, isBuildSecret, isPRMRSecret }
+		});
+	} else {
+		return await prisma.secret.create({
+			data: { name, value, isBuildSecret, isPRMRSecret, application: { connect: { id } } }
+		});
+	}
+}
+
 export async function removeSecret({ id, name }) {
 	return await prisma.secret.deleteMany({ where: { applicationId: id, name } });
 }
--- a/src/routes/applications/[id]/previews/index.json.ts
+++ b/src/routes/applications/[id]/previews/index.json.ts
@ -11,6 +11,9 @@ export const get: RequestHandler = async (event) => {

 	const { id } = event.params;
 	try {
+		const secrets = await db.listSecrets(id);
+		const applicationSecrets = secrets.filter((secret) => !secret.isPRMRSecret);
+		const PRMRSecrets = secrets.filter((secret) => secret.isPRMRSecret);
 		const destinationDocker = await db.getDestinationByApplicationId({ id, teamId });
 		const docker = dockerInstance({ destinationDocker });
 		const listContainers = await docker.engine.listContainers({
@ -35,7 +38,9 @@ export const get: RequestHandler = async (event) => {
 			});
 		return {
 			body: {
-				containers: jsonContainers
+				containers: jsonContainers,
+				applicationSecrets,
+				PRMRSecrets
 			}
 		};
 	} catch (error) {
--- a/src/routes/applications/[id]/previews/index.svelte
+++ b/src/routes/applications/[id]/previews/index.svelte
@ -22,8 +22,18 @@
 <script lang="ts">
 	export let containers;
 	export let application;
-
+	export let PRMRSecrets;
+	export let applicationSecrets;
 	import { getDomain } from '$lib/components/common';
+	import Secret from '../secrets/_Secret.svelte';
+	import { get } from '$lib/api';
+	import { page } from '$app/stores';
+
+	const { id } = $page.params;
+	async function refreshSecrets() {
+		const data = await get(`/applications/${id}/secrets.json`);
+		PRMRSecrets = [...data.secrets];
+	}
 </script>

 <div class="flex space-x-1 p-6 font-bold">
@ -31,8 +41,56 @@
 		Previews for <a href={application.fqdn} target="_blank">{getDomain(application.fqdn)}</a>
 	</div>
 </div>
-
-<div class="mx-auto max-w-4xl px-6">
+<div>
+	Preview secrets. They will overwrite application secrets for PR/MR deployments. Useful for
+	creating staging environments for these deployments.
+</div>
+<div class="mx-auto max-w-6xl rounded-xl px-6 pt-4">
+	<table class="mx-auto">
+		<thead class=" rounded-xl border-b border-coolgray-500">
+			<tr>
+				<th
+					scope="col"
+					class="px-6 py-3 text-left text-xs font-bold uppercase tracking-wider text-white">Name</th
+				>
+				<th
+					scope="col"
+					class="px-6 py-3 text-left text-xs font-bold uppercase tracking-wider text-white"
+					>Value</th
+				>
+				<th
+					scope="col"
+					class="px-6 py-3 text-left text-xs font-bold uppercase tracking-wider text-white"
+					>Need during buildtime?</th
+				>
+				<th
+					scope="col"
+					class="px-6 py-3 text-left text-xs font-bold uppercase tracking-wider text-white"
+				/>
+			</tr>
+		</thead>
+		<tbody class="">
+			{#each applicationSecrets as secret}
+				{#key secret.id}
+					<tr class="hover:bg-coolgray-200">
+						<Secret
+							PRMRSecret={PRMRSecrets.find((s) => s.name === secret.name)}
+							isPRMRSecret
+							name={secret.name}
+							value={secret.value ? secret.value : 'ENCRYPTED'}
+							isBuildSecret={secret.isBuildSecret}
+							on:refresh={refreshSecrets}
+						/>
+					</tr>
+				{/key}
+			{/each}
+			<!-- <tr>
+				<Secret isPRMRSecret isNewSecret on:refresh={refreshSecrets} />
+			</tr> -->
+		</tbody>
+	</table>
+</div>
+<div class="mx-auto max-w-4xl py-10">
 	<div class="flex flex-wrap justify-center space-x-2">
 		{#if containers.length > 0}
 			{#each containers as container}
--- a/src/routes/applications/[id]/secrets/_Secret.svelte
+++ b/src/routes/applications/[id]/secrets/_Secret.svelte
@ -3,6 +3,11 @@
 	export let value = '';
 	export let isBuildSecret = false;
 	export let isNewSecret = false;
+	export let isPRMRSecret = false;
+	export let PRMRSecret = {};
+
+	if (isPRMRSecret) value = PRMRSecret.value;
+
 	import { page } from '$app/stores';
 	import { del, post } from '$lib/api';
 	import { errorNotification } from '$lib/form';
@ -36,7 +41,7 @@
 		}

 		try {
-			await post(`/applications/${id}/secrets.json`, { name, value, isBuildSecret });
+			await post(`/applications/${id}/secrets.json`, { name, value, isBuildSecret, isPRMRSecret });
 			dispatch('refresh');
 			if (isNewSecret) {
 				name = '';
@ -75,9 +80,9 @@
 		required
 		placeholder="J$#@UIO%HO#$U%H"
 		class="-mx-2 w-64 border-2 border-transparent"
-		class:bg-transparent={!isNewSecret}
-		class:cursor-not-allowed={!isNewSecret}
-		readonly={!isNewSecret}
+		class:bg-transparent={!isNewSecret && !isPRMRSecret}
+		class:cursor-not-allowed={!isNewSecret && !isPRMRSecret}
+		readonly={!isNewSecret && !isPRMRSecret}
 	/>
 </td>
 <td class="whitespace-nowrap px-6 py-2 text-center text-sm font-medium text-white">
@ -134,6 +139,10 @@
 		<div class="flex items-center justify-center">
 			<button class="w-24 bg-green-600 hover:bg-green-500" on:click={saveSecret}>Add</button>
 		</div>
+	{:else if isPRMRSecret}
+		<div class="flex items-center justify-center">
+			<button class="w-24 bg-green-600 hover:bg-green-500" on:click={saveSecret}>Set</button>
+		</div>
 	{:else}
 		<div class="flex justify-center items-end">
 			<button class="w-24 bg-red-600 hover:bg-red-500" on:click={removeSecret}>Remove</button>
--- a/src/routes/applications/[id]/secrets/index.json.ts
+++ b/src/routes/applications/[id]/secrets/index.json.ts
@ -7,8 +7,9 @@ export const get: RequestHandler = async (event) => {
 	const { teamId, status, body } = await getUserDetails(event);
 	if (status === 401) return { status, body };

+	const { id } = event.params;
 	try {
-		const secrets = await db.listSecrets({ applicationId: event.params.id });
+		const secrets = await (await db.listSecrets(id)).filter((secret) => !secret.isPRMRSecret);
 		return {
 			status: 200,
 			body: {
@ -27,16 +28,23 @@ export const post: RequestHandler = async (event) => {
 	if (status === 401) return { status, body };

 	const { id } = event.params;
-	const { name, value, isBuildSecret } = await event.request.json();
+	const { name, value, isBuildSecret, isPRMRSecret } = await event.request.json();

 	try {
-		const found = await db.isSecretExists({ id, name });
-		if (found) {
-			throw {
-				error: `Secret ${name} already exists.`
-			};
+		if (!isPRMRSecret) {
+			const found = await db.isSecretExists({ id, name, isPRMRSecret });
+			if (found) {
+				throw {
+					error: `Secret ${name} already exists.`
+				};
+			} else {
+				await db.createSecret({ id, name, value, isBuildSecret, isPRMRSecret });
+				return {
+					status: 201
+				};
+			}
 		} else {
-			await db.createSecret({ id, name, value, isBuildSecret });
+			await db.updateSecret({ id, name, value, isBuildSecret, isPRMRSecret });
 			return {
 				status: 201
 			};