| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701 |
- package router
- import (
- "net/http"
- "os"
- "path"
- "strings"
- "time"
- "github.com/go-chi/chi"
- "github.com/go-chi/chi/middleware"
- "github.com/porter-dev/porter/internal/auth/token"
- "github.com/porter-dev/porter/server/api"
- mw "github.com/porter-dev/porter/server/middleware"
- "github.com/porter-dev/porter/server/middleware/requestlog"
- "golang.org/x/oauth2"
- )
- // New creates a new Chi router instance and registers all routes supported by the
- // API
- func New(a *api.App) *chi.Mux {
- l := a.Logger
- r := chi.NewRouter()
- var ghAppConf *oauth2.Config
- if a.GithubAppConf != nil {
- ghAppConf = &a.GithubAppConf.Config
- }
- auth := mw.NewAuth(a.Store, a.ServerConf.CookieName, &token.TokenGeneratorConf{
- TokenSecret: a.ServerConf.TokenGeneratorSecret,
- }, a.Repo, ghAppConf)
- r.Route("/api", func(r chi.Router) {
- r.Use(mw.ContentTypeJSON)
- // Group for default operations with 10s timeout
- r.Group(func(r chi.Router) {
- r.Use(middleware.Timeout(10 * time.Second))
- // health checks
- r.Method("GET", "/livez", http.HandlerFunc(a.HandleLive))
- r.Method("GET", "/readyz", http.HandlerFunc(a.HandleReady))
- // /api/users routes
- r.Method(
- "GET",
- "/users/{user_id}",
- auth.DoesUserIDMatch(
- requestlog.NewHandler(a.HandleReadUser, l),
- mw.URLParam,
- ),
- )
- r.Method(
- "GET",
- "/users/{user_id}/projects",
- auth.DoesUserIDMatch(
- requestlog.NewHandler(a.HandleListUserProjects, l),
- mw.URLParam,
- ),
- )
- // only allow basic create user or basic login if BasicLogin feature is set
- if a.Capabilities.BasicLogin {
- r.Method(
- "POST",
- "/users",
- requestlog.NewHandler(a.HandleCreateUser, l),
- )
- r.Method(
- "POST",
- "/login",
- requestlog.NewHandler(a.HandleLoginUser, l),
- )
- }
- r.Method(
- "DELETE",
- "/users/{user_id}",
- auth.DoesUserIDMatch(
- requestlog.NewHandler(a.HandleDeleteUser, l),
- mw.URLParam,
- ),
- )
- r.Method(
- "GET",
- "/cli/login",
- auth.BasicAuthenticateWithRedirect(
- requestlog.NewHandler(a.HandleCLILoginUser, l),
- ),
- )
- r.Method(
- "GET",
- "/cli/login/exchange",
- requestlog.NewHandler(a.HandleCLILoginExchangeToken, l),
- )
- r.Method(
- "GET",
- "/auth/check",
- auth.BasicAuthenticate(
- requestlog.NewHandler(a.HandleAuthCheck, l),
- ),
- )
- r.Method(
- "POST",
- "/logout",
- auth.BasicAuthenticate(
- requestlog.NewHandler(a.HandleLogoutUser, l),
- ),
- )
- r.Method(
- "POST",
- "/email/verify/initiate",
- auth.BasicAuthenticate(
- requestlog.NewHandler(a.InitiateEmailVerifyUser, l),
- ),
- )
- r.Method(
- "GET",
- "/email/verify/finalize",
- auth.BasicAuthenticateWithRedirect(
- requestlog.NewHandler(a.FinalizEmailVerifyUser, l),
- ),
- )
- r.Method(
- "POST",
- "/password/reset/initiate",
- requestlog.NewHandler(a.InitiatePWResetUser, l),
- )
- r.Method(
- "POST",
- "/password/reset/verify",
- requestlog.NewHandler(a.VerifyPWResetUser, l),
- )
- r.Method(
- "POST",
- "/password/reset/finalize",
- requestlog.NewHandler(a.FinalizPWResetUser, l),
- )
- // /api/integrations routes
- r.Method(
- "GET",
- "/integrations/cluster",
- auth.BasicAuthenticate(
- requestlog.NewHandler(a.HandleListClusterIntegrations, l),
- ),
- )
- r.Method(
- "GET",
- "/integrations/registry",
- auth.BasicAuthenticate(
- requestlog.NewHandler(a.HandleListRegistryIntegrations, l),
- ),
- )
- r.Method(
- "GET",
- "/integrations/helm",
- auth.BasicAuthenticate(
- requestlog.NewHandler(a.HandleListHelmRepoIntegrations, l),
- ),
- )
- r.Method(
- "GET",
- "/integrations/repo",
- auth.BasicAuthenticate(
- requestlog.NewHandler(a.HandleListRepoIntegrations, l),
- ),
- )
- r.Method(
- "POST",
- "/integrations/github-app/webhook",
- requestlog.NewHandler(a.HandleGithubAppEvent, l),
- )
- r.Method(
- "GET",
- "/integrations/github-app/authorize",
- requestlog.NewHandler(a.HandleGithubAppAuthorize, l),
- )
- r.Method(
- "GET",
- "/integrations/github-app/oauth",
- requestlog.NewHandler(a.HandleGithubAppOauthInit, l),
- )
- r.Method(
- "GET",
- "/integrations/github-app/install",
- requestlog.NewHandler(a.HandleGithubAppInstall, l),
- )
- r.Method(
- "GET",
- "/integrations/github-app/access",
- auth.BasicAuthenticate(
- requestlog.NewHandler(a.HandleListGithubAppAccess, l),
- ),
- )
- // /api/templates routes
- r.Method(
- "GET",
- "/templates",
- auth.BasicAuthenticate(
- requestlog.NewHandler(a.HandleListTemplates, l),
- ),
- )
- r.Method(
- "GET",
- "/templates/{name}/{version}",
- auth.BasicAuthenticate(
- requestlog.NewHandler(a.HandleReadTemplate, l),
- ),
- )
- // /api/oauth routes
- r.Method(
- "GET",
- "/oauth/projects/{project_id}/github",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleGithubOAuthStartProject, l),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "GET",
- "/oauth/login/github",
- requestlog.NewHandler(a.HandleGithubOAuthStartUser, l),
- )
- r.Method(
- "GET",
- "/oauth/github/callback",
- requestlog.NewHandler(a.HandleGithubOAuthCallback, l),
- )
- r.Method(
- "GET",
- "/oauth/github-app/callback",
- requestlog.NewHandler(a.HandleGithubAppOAuthCallback, l),
- )
- r.Method(
- "GET",
- "/oauth/login/google",
- requestlog.NewHandler(a.HandleGoogleStartUser, l),
- )
- r.Method(
- "GET",
- "/oauth/google/callback",
- requestlog.NewHandler(a.HandleGoogleOAuthCallback, l),
- )
- r.Method(
- "GET",
- "/oauth/projects/{project_id}/digitalocean",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleDOOAuthStartProject, l),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "GET",
- "/oauth/digitalocean/callback",
- requestlog.NewHandler(a.HandleDOOAuthCallback, l),
- )
- // /api/projects routes
- r.Method(
- "GET",
- "/projects/{project_id}",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleReadProject, l),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/policy",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleReadProjectPolicy, l),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/roles",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleGetProjectRoles, l),
- mw.URLParam,
- mw.AdminAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/collaborators",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleListProjectCollaborators, l),
- mw.URLParam,
- mw.AdminAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/roles/{user_id}",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleUpdateProjectRole, l),
- mw.URLParam,
- mw.AdminAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects",
- auth.BasicAuthenticate(
- requestlog.NewHandler(a.HandleCreateProject, l),
- ),
- )
- r.Method(
- "DELETE",
- "/projects/{project_id}",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleDeleteProject, l),
- mw.URLParam,
- mw.AdminAccess,
- ),
- )
- r.Method(
- "DELETE",
- "/projects/{project_id}/roles/{user_id}",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleDeleteProjectRole, l),
- mw.URLParam,
- mw.AdminAccess,
- ),
- )
- // /api/projects/{project_id}/ci routes
- r.Method(
- "POST",
- "/projects/{project_id}/ci/actions",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleCreateGitAction, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- // /api/projects/{project_id}/invites routes
- r.Method(
- "POST",
- "/projects/{project_id}/invites",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleCreateInvite, l),
- mw.URLParam,
- mw.AdminAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/invites",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleListProjectInvites, l),
- mw.URLParam,
- mw.AdminAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/invites/{token}",
- auth.BasicAuthenticateWithRedirect(
- requestlog.NewHandler(a.HandleAcceptInvite, l),
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/invites/{invite_id}",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveInviteAccess(
- requestlog.NewHandler(a.HandleUpdateInviteRole, l),
- mw.URLParam,
- mw.URLParam,
- ),
- mw.URLParam,
- mw.AdminAccess,
- ),
- )
- r.Method(
- "DELETE",
- "/projects/{project_id}/invites/{invite_id}",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveInviteAccess(
- requestlog.NewHandler(a.HandleDeleteProjectInvite, l),
- mw.URLParam,
- mw.URLParam,
- ),
- mw.URLParam,
- mw.AdminAccess,
- ),
- )
- // /api/projects/{project_id}/infra routes
- r.Method(
- "GET",
- "/projects/{project_id}/infra",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleListProjectInfra, l),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- // /api/projects/{project_id}/provision routes
- r.Method(
- "POST",
- "/projects/{project_id}/provision/test",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleProvisionTestInfra, l),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/provision/ecr",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveAWSIntegrationAccess(
- requestlog.NewHandler(a.HandleProvisionAWSECRInfra, l),
- mw.URLParam,
- mw.BodyParam,
- false,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/provision/eks",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveAWSIntegrationAccess(
- requestlog.NewHandler(a.HandleProvisionAWSEKSInfra, l),
- mw.URLParam,
- mw.BodyParam,
- false,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/provision/gcr",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveGCPIntegrationAccess(
- requestlog.NewHandler(a.HandleProvisionGCPGCRInfra, l),
- mw.URLParam,
- mw.BodyParam,
- false,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/provision/gke",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveGCPIntegrationAccess(
- requestlog.NewHandler(a.HandleProvisionGCPGKEInfra, l),
- mw.URLParam,
- mw.BodyParam,
- false,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/provision/docr",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveDOIntegrationAccess(
- requestlog.NewHandler(a.HandleProvisionDODOCRInfra, l),
- mw.URLParam,
- mw.BodyParam,
- false,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/provision/doks",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveDOIntegrationAccess(
- requestlog.NewHandler(a.HandleProvisionDODOKSInfra, l),
- mw.URLParam,
- mw.BodyParam,
- false,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/provision/{kind}/{infra_id}/logs",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveInfraAccess(
- requestlog.NewHandler(a.HandleGetProvisioningLogs, l),
- mw.URLParam,
- mw.URLParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/infra/{infra_id}/ecr/destroy",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveInfraAccess(
- requestlog.NewHandler(a.HandleDestroyAWSECRInfra, l),
- mw.URLParam,
- mw.URLParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/infra/{infra_id}/test/destroy",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveInfraAccess(
- requestlog.NewHandler(a.HandleDestroyTestInfra, l),
- mw.URLParam,
- mw.URLParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/infra/{infra_id}/eks/destroy",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveInfraAccess(
- requestlog.NewHandler(a.HandleDestroyAWSEKSInfra, l),
- mw.URLParam,
- mw.URLParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/infra/{infra_id}/gke/destroy",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveInfraAccess(
- requestlog.NewHandler(a.HandleDestroyGCPGKEInfra, l),
- mw.URLParam,
- mw.URLParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/infra/{infra_id}/docr/destroy",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveInfraAccess(
- requestlog.NewHandler(a.HandleDestroyDODOCRInfra, l),
- mw.URLParam,
- mw.URLParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/infra/{infra_id}/doks/destroy",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveInfraAccess(
- requestlog.NewHandler(a.HandleDestroyDODOKSInfra, l),
- mw.URLParam,
- mw.URLParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- // /api/projects/{project_id}/clusters routes
- r.Method(
- "GET",
- "/projects/{project_id}/clusters",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleListProjectClusters, l),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/clusters",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveAWSIntegrationAccess(
- auth.DoesUserHaveGCPIntegrationAccess(
- requestlog.NewHandler(a.HandleCreateProjectCluster, l),
- mw.URLParam,
- mw.BodyParam,
- true,
- ),
- mw.URLParam,
- mw.BodyParam,
- true,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/clusters/{cluster_id}",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleReadProjectCluster, l),
- mw.URLParam,
- mw.URLParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/clusters/{cluster_id}/nodes",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleListNodes, l),
- mw.URLParam,
- mw.URLParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/clusters/{cluster_id}/node/{node_name}",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleGetNode, l),
- mw.URLParam,
- mw.URLParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/clusters/{cluster_id}",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleUpdateProjectCluster, l),
- mw.URLParam,
- mw.URLParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "DELETE",
- "/projects/{project_id}/clusters/{cluster_id}",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleDeleteProjectCluster, l),
- mw.URLParam,
- mw.URLParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- // /api/projects/{project_id}/clusters/candidates routes
- r.Method(
- "POST",
- "/projects/{project_id}/clusters/candidates",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleCreateProjectClusterCandidates, l),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/clusters/candidates",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleListProjectClusterCandidates, l),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/clusters/candidates/{candidate_id}/resolve",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleResolveClusterCandidate, l),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- // /api/projects/{project_id}/integrations routes
- r.Method(
- "POST",
- "/projects/{project_id}/integrations/gcp",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleCreateGCPIntegration, l),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/integrations/aws",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleCreateAWSIntegration, l),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/integrations/aws/{aws_integration_id}/overwrite",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- auth.DoesUserHaveAWSIntegrationAccess(
- requestlog.NewHandler(a.HandleOverwriteAWSIntegration, l),
- mw.URLParam,
- mw.URLParam,
- false,
- ),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/integrations/basic",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleCreateBasicAuthIntegration, l),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/integrations/oauth",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleListProjectOAuthIntegrations, l),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- // /api/projects/{project_id}/helmrepos routes
- r.Method(
- "POST",
- "/projects/{project_id}/helmrepos",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveAWSIntegrationAccess(
- auth.DoesUserHaveGCPIntegrationAccess(
- requestlog.NewHandler(a.HandleCreateHelmRepo, l),
- mw.URLParam,
- mw.BodyParam,
- true,
- ),
- mw.URLParam,
- mw.BodyParam,
- true,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/helmrepos",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleListProjectHelmRepos, l),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/helmrepos/{helm_id}/charts",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleListHelmRepoCharts, l),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- // /api/projects/{project_id}/registries routes
- r.Method(
- "POST",
- "/projects/{project_id}/registries",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveAWSIntegrationAccess(
- auth.DoesUserHaveGCPIntegrationAccess(
- auth.DoesUserHaveDOIntegrationAccess(
- requestlog.NewHandler(a.HandleCreateRegistry, l),
- mw.URLParam,
- mw.BodyParam,
- true,
- ),
- mw.URLParam,
- mw.BodyParam,
- true,
- ),
- mw.URLParam,
- mw.BodyParam,
- true,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/registries",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleListProjectRegistries, l),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/registries/{registry_id}",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveRegistryAccess(
- requestlog.NewHandler(a.HandleUpdateProjectRegistry, l),
- mw.URLParam,
- mw.URLParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/registries/{registry_id}/repository",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveRegistryAccess(
- requestlog.NewHandler(a.HandleCreateRepository, l),
- mw.URLParam,
- mw.URLParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/registries/ecr/{region}/token",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleGetProjectRegistryECRToken, l),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/registries/gcr/token",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleGetProjectRegistryGCRToken, l),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/registries/dockerhub/token",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleGetProjectRegistryDockerhubToken, l),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/registries/docr/token",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleGetProjectRegistryDOCRToken, l),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "DELETE",
- "/projects/{project_id}/registries/{registry_id}",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveRegistryAccess(
- requestlog.NewHandler(a.HandleDeleteProjectRegistry, l),
- mw.URLParam,
- mw.URLParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- // /api/projects/{project_id}/registries/{registry_id}/repositories routes
- r.Method(
- "GET",
- "/projects/{project_id}/registries/{registry_id}/repositories",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveRegistryAccess(
- requestlog.NewHandler(a.HandleListRepositories, l),
- mw.URLParam,
- mw.URLParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "GET",
- // * is the repo name, which can itself be nested
- // for example, for GCR this is project-id/repo
- // need to use wildcard, see https://github.com/go-chi/chi/issues/243
- "/projects/{project_id}/registries/{registry_id}/repositories/*",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveRegistryAccess(
- requestlog.NewHandler(a.HandleListImages, l),
- mw.URLParam,
- mw.URLParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- // /api/projects/{project_id}/releases routes
- r.Method(
- "GET",
- "/projects/{project_id}/releases",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleListReleases, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/releases/{name}/{revision}/components",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleGetReleaseComponents, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/releases/{name}/{revision}/controllers",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleGetReleaseControllers, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/releases/{name}/{revision}/pods/all",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleGetReleaseAllPods, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/releases/{name}/history",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleListReleaseHistory, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/releases/{name}/webhook_token",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleGetReleaseToken, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/releases/{name}/{revision}",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleGetRelease, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- // /api/projects/{project_id}/gitrepos routes
- r.Method(
- "GET",
- "/projects/{project_id}/gitrepos",
- auth.DoesUserHaveProjectAccess(
- requestlog.NewHandler(a.HandleListProjectGitRepos, l),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/gitrepos/{installation_id}/repos",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveGitInstallationAccess(
- requestlog.NewHandler(a.HandleListRepos, l),
- mw.URLParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/gitrepos/{installation_id}/repos/{kind}/{owner}/{name}/branches",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveGitInstallationAccess(
- requestlog.NewHandler(a.HandleGetBranches, l),
- mw.URLParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/gitrepos/{installation_id}/repos/{kind}/{owner}/{name}/{branch}/buildpack/detect",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveGitInstallationAccess(
- requestlog.NewHandler(a.HandleDetectBuildpack, l),
- mw.URLParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/gitrepos/{installation_id}/repos/{kind}/{owner}/{name}/{branch}/contents",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveGitInstallationAccess(
- requestlog.NewHandler(a.HandleGetBranchContents, l),
- mw.URLParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/gitrepos/{installation_id}/repos/{kind}/{owner}/{name}/{branch}/procfile",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveGitInstallationAccess(
- requestlog.NewHandler(a.HandleGetProcfileContents, l),
- mw.URLParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/gitrepos/{installation_id}/repos/{kind}/{owner}/{name}/{branch}/tarball_url",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveGitInstallationAccess(
- requestlog.NewHandler(a.HandleGetRepoZIPDownloadURL, l),
- mw.URLParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- // /api/projects/{project_id}/k8s routes
- r.Method(
- "GET",
- "/projects/{project_id}/k8s/namespaces",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleListNamespaces, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/k8s/namespaces/create",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleCreateNamespace, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "DELETE",
- "/projects/{project_id}/k8s/namespaces/delete",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleDeleteNamespace, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/k8s/kubeconfig",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleGetTemporaryKubeconfig, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/k8s/prometheus/detect",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleDetectPrometheusInstalled, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/k8s/prometheus/ingresses",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleListNGINXIngresses, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/k8s/metrics",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleGetPodMetrics, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/k8s/{namespace}/pod/{name}/logs",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleGetPodLogs, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/k8s/{namespace}/{chart}/{release_name}/jobs",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleListJobsByChart, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/k8s/{namespace}/{name}/jobs/status",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleGetJobStatus, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/k8s/jobs/{namespace}/{name}/pods",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleListJobPods, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/k8s/{namespace}/ingress/{name}",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleGetIngress, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/k8s/{kind}/status",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleStreamControllerStatus, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/k8s/helm_releases",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleStreamHelmReleases, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/k8s/pods",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleListPods, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "DELETE",
- "/projects/{project_id}/k8s/pods/{namespace}/{name}",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleDeletePod, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/k8s/pods/{namespace}/{name}/events/list",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleListPodEvents, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/k8s/configmap/create",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleCreateConfigMap, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "DELETE",
- "/projects/{project_id}/k8s/configmap/delete",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleDeleteConfigMap, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/k8s/configmap",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleGetConfigMap, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "GET",
- "/projects/{project_id}/k8s/configmap/list",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleListConfigMaps, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.ReadAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/k8s/configmap/update",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleUpdateConfigMap, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "DELETE",
- "/projects/{project_id}/k8s/jobs/{namespace}/{name}",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleDeleteJob, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/k8s/jobs/{namespace}/{name}/stop",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleStopJob, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- // /api/projects/{project_id}/subdomain routes
- r.Method(
- "POST",
- "/projects/{project_id}/k8s/subdomain",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleCreateDNSRecord, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- // capabilities
- r.Method(
- "GET",
- "/capabilities",
- http.HandlerFunc(a.HandleGetCapabilities),
- )
- // /api/projects/{project_id}/deploy routes
- r.Method(
- "POST",
- "/projects/{project_id}/deploy/{name}/{version}",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleDeployTemplate, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/deploy/addon/{name}/{version}",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleDeployAddon, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- })
- // Create group for long-running Helm operations
- r.Group(func(r chi.Router) {
- r.Use(middleware.Timeout(300 * time.Second))
- r.Method(
- "POST",
- "/projects/{project_id}/releases/{name}/rollback",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleRollbackRelease, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "POST",
- "/webhooks/deploy/{token}",
- requestlog.NewHandler(a.HandleReleaseDeployWebhook, l),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/delete/{name}",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleUninstallTemplate, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/releases/{name}/upgrade",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleUpgradeRelease, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- r.Method(
- "POST",
- "/projects/{project_id}/releases/image/update/batch",
- auth.DoesUserHaveProjectAccess(
- auth.DoesUserHaveClusterAccess(
- requestlog.NewHandler(a.HandleReleaseUpdateJobImages, l),
- mw.URLParam,
- mw.QueryParam,
- ),
- mw.URLParam,
- mw.WriteAccess,
- ),
- )
- })
- })
- staticFilePath := a.ServerConf.StaticFilePath
- fs := http.FileServer(http.Dir(staticFilePath))
- r.Get("/*", func(w http.ResponseWriter, r *http.Request) {
- if _, err := os.Stat(staticFilePath + r.RequestURI); os.IsNotExist(err) {
- w.Header().Set("Cache-Control", "no-cache")
- http.StripPrefix(r.URL.Path, fs).ServeHTTP(w, r)
- } else {
- // Set static files involving html, js, or empty cache to "no-cache", which means they must be validated
- // for changes before the browser uses the cache
- if base := path.Base(r.URL.Path); strings.Contains(base, "html") || strings.Contains(base, "js") || base == "." || base == "/" {
- w.Header().Set("Cache-Control", "no-cache")
- }
- fs.ServeHTTP(w, r)
- }
- })
- return r
- }
|