[Rest-server] rebase master to migrate-secret branch (microsoft#1917)

* migrate from etcd to secret * fix lint error * add test\k8sSecret.js * lint * fix all UT * Use K8S_APISERVER env to align the proxy feature * create local customized axios instance * change username to hex to have backward compability * move prepare base path to db function * Use axios.create() to create a local customized axios instance * fix related UT * remove debug info * remove resolve * remove auth related config * remove remain debug info * remove useless comment
Leinao · Dec 20, 2018 · c849325 · c849325
1 parent 2283f82
commit c849325
Show file tree

Hide file tree

Showing 15 changed files with 1,197 additions and 1,138 deletions.
diff --git a/src/rest-server/.eslintrc.js b/src/rest-server/.eslintrc.js
@@ -1,4 +1,7 @@
 module.exports = {
+  "parserOptions": {
+    "ecmaVersion": 2017,
+  },
   "env": {
     "es6": true,
     "node": true,

diff --git a/src/rest-server/deploy/rest-server.yaml.template b/src/rest-server/deploy/rest-server.yaml.template
@@ -52,6 +52,8 @@ spec:
           value: {{ cluster_cfg['rest-server']['default-pai-admin-password'] }}
         - name: ETCD_URI
           value: {{ cluster_cfg['rest-server']['etcd-uris'] }}
+        - name: K8S_APISERVER_URI
+          value: {{ cluster_cfg['kubernetes']['api-servers-url'] }}
 {% if cluster_cfg['rest-server']['github-owner'] %}
         - name: GITHUB_OWNER
           value: {{ cluster_cfg['rest-server']['github-owner'] }}

diff --git a/src/rest-server/package.json b/src/rest-server/package.json
@@ -26,6 +26,7 @@
   "dependencies": {
     "@octokit/rest": "~15.9.5",
     "async": "~2.5.0",
+    "axios": "^0.18.0",
     "chai": "~4.1.2",
     "chai-http": "~3.0.0",
     "compression": "~1.7.1",

diff --git a/src/rest-server/src/config/etcd.js → src/rest-server/src/config/secret.js b/src/rest-server/src/config/etcd.js → src/rest-server/src/config/secret.js
@@ -19,75 +19,41 @@
 // module dependencies
 const Joi = require('joi');
 
-let etcdConfig = {
-  etcdUri: process.env.ETCD_URI,
+let userSecretConfig = {
+  apiServerUri: process.env.K8S_APISERVER_URI,
+  paiUserNameSpace: 'pai-user',
   adminName: process.env.DEFAULT_PAI_ADMIN_USERNAME,
   adminPass: process.env.DEFAULT_PAI_ADMIN_PASSWORD,
 };
 
-etcdConfig.etcdHosts = etcdConfig.etcdUri.split(',');
-
-etcdConfig.storagePath = () => {
-  return `/users`;
-};
-
-etcdConfig.userPath = (username) => {
-  return `${etcdConfig.storagePath()}/${username}`;
-};
-
-etcdConfig.userPasswdPath = (username) => {
-  return `${etcdConfig.userPath(username)}/passwd`;
-};
-
-etcdConfig.userAdminPath = (username) => {
-  return `${etcdConfig.userPath(username)}/admin`;
-};
-
-etcdConfig.userVirtualClusterPath = (username) => {
-  return `${etcdConfig.userPath(username)}/virtualClusters`;
-};
-
-etcdConfig.userGithubPATPath = (username) => {
-  return `${etcdConfig.userPath(username)}/githubPAT`;
+userSecretConfig.requestConfig = () => {
+  const config = {
+    baseURL: `${userSecretConfig.apiServerUri}/api/v1/namespaces/`,
+    maxRedirects: 0,
+  };
+  return config;
 };
 
-const etcdConfigSchema = Joi.object().keys({
-  etcdUri: Joi.string()
+const userSecretConfigSchema = Joi.object().keys({
+  apiServerUri: Joi.string()
     .required(),
-  etcdHosts: Joi.array().items(Joi.string()
-    .uri()
-    .required()
-  ).required(),
+  paiUserNameSpace: Joi.string()
+    .default('pai-user'),
   adminName: Joi.string()
     .token()
     .required(),
   adminPass: Joi.string()
     .min(6)
     .required(),
-  storagePath: Joi.func()
+  requestConfig: Joi.func()
     .arity(0)
     .required(),
-  userPath: Joi.func()
-    .arity(1)
-    .required(),
-  userPasswdPath: Joi.func()
-    .arity(1)
-    .required(),
-  userAdminPath: Joi.func()
-    .arity(1)
-    .required(),
-  userVirtualClusterPath: Joi.func()
-    .arity(1)
-    .required(),
-  userGithubPATPath: Joi.func()
-    .arity(1)
-    .required(),
 }).required();
 
-const {error, value} = Joi.validate(etcdConfig, etcdConfigSchema);
+const {error, value} = Joi.validate(userSecretConfig, userSecretConfigSchema);
 if (error) {
   throw new Error(`config error\n${error}`);
 }
-etcdConfig = value;
+userSecretConfig = value;
 
-module.exports = etcdConfig;
+module.exports = userSecretConfig;
diff --git a/src/rest-server/src/models/token.js b/src/rest-server/src/models/token.js
@@ -16,28 +16,24 @@
 // OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 
 const userModel = require('./user');
-const etcdConfig = require('../config/etcd');
+const util = require('util');
 const createError = require('../util/error');
 
 const check = (username, password, callback) => {
-  userModel.db.has(etcdConfig.userPath(username), null, (_, res) => {
+  const dbGet = util.callbackify(userModel.db.get.bind(userModel.db));
+  dbGet(username, null, (err, res) => {
     if (!res) {
       return callback(createError('Bad Request', 'NoUserError', `User ${username} is not found.`));
     }
-    userModel.db.get(etcdConfig.userPath(username), {recursive: true}, (err, res) => {
+    userModel.encrypt(username, password, (err, derivedKey) => {
       if (err) {
         return callback(err);
       }
-      userModel.encrypt(username, password, (err, derivedKey) => {
-        if (err) {
-          return callback(err);
-        }
-        callback(null,
-          derivedKey === res.get(etcdConfig.userPasswdPath(username)),
-          res.get(etcdConfig.userAdminPath(username)) === 'true',
-          res.has(etcdConfig.userGithubPATPath(username)) &&
-            Boolean(res.get(etcdConfig.userGithubPATPath(username))));
-      });
+      callback(null,
+        derivedKey === res[0]['password'],
+        res[0]['admin'],
+        res[0].hasOwnProperty('githubPAT')&&
+        Boolean(res[0]['githubPAT']));
     });
   });
 };