initial commit

Author: damnski

.circleci/config.yml

@@ -0,0 +1,45 @@
+version: 2
+jobs:
+  build:
+    docker:
+      - image: circleci/golang
+
+    environment:
+      TEST_RESULTS: /tmp/test-results
+      GO111MODULE: "on"
+
+    steps:
+      - checkout
+      - run: mkdir -p $TEST_RESULTS
+      - restore_cache:
+      # Read about caching dependencies: https://circleci.com/docs/2.0/caching/
+          keys:
+            - go-mod-v4-{{ checksum "go.sum" }}
+
+      - run: go get github.com/jstemmer/go-junit-report
+      - run: go get ./...
+      - run:
+          name: Run unit tests
+
+          # store the results of our tests in the $TEST_RESULTS directory
+          command: |
+            PACKAGE_NAMES=$(go list ./... | circleci tests split --split-by=timings --timings-type=classname)
+            gotestsum --junitfile ${TEST_RESULTS}/gotestsum-report.xml -- $PACKAGE_NAMES
+
+      - save_cache:
+          key: go-mod-v4-{{ checksum "go.sum" }}
+          paths:
+            - "/go/pkg/mod"
+
+      - store_artifacts: # Upload test summary for display in Artifacts: https://circleci.com/docs/2.0/artifacts/
+          path: /tmp/test-results
+          destination: raw-test-output
+
+      - store_test_results: # Upload test results for display in Test Summary: https://circleci.com/docs/2.0/collect-test-data/
+          path: /tmp/test-results
+
+workflows:
+  version: 2
+  build-workflow:
+    jobs:
+      - build

.dockerignore

@@ -0,0 +1,4 @@
+.gitignore
+.git/
+k8s/example-*
+README.md

.gitignore

@@ -0,0 +1,7 @@
+data
+config/config.json
+config/*.swp
+k8s/k8s-config.yaml
+vendor
+.vscode
+debug

LICENSE

@@ -0,0 +1,20 @@
+# f5-api
+
+This API provides simple restful API access to a service.
+
+## Endpoints
+
+```
+GET /v1/test/ping
+GET /v1/test/version
+GET /v1/test/metrics
+```
+
+## Authentication
+
+Authentication is accomplished via an encrypted pre-shared key passed via the `X-Auth-Token` header.
+
+## License
+
+GNU Affero General Public License v3.0 (GNU AGPLv3)  
+Copyright © 2021 Yale University

README.md

@@ -0,0 +1,71 @@
+package api
+
+import (
+	"encoding/json"
+	"fmt"
+	"net/http"
+
+	"github.com/YaleSpinup/apierror"
+	"github.com/pkg/errors"
+	log "github.com/sirupsen/logrus"
+)
+
+// PingHandler responds to ping requests
+func (s *server) PingHandler(w http.ResponseWriter, r *http.Request) {
+	w = LogWriter{w}
+	log.Debug("Ping/Pong")
+	w.Header().Set("Access-Control-Allow-Origin", "*")
+	w.WriteHeader(http.StatusOK)
+	w.Write([]byte("pong"))
+}
+
+// VersionHandler responds to version requests
+func (s *server) VersionHandler(w http.ResponseWriter, r *http.Request) {
+	w = LogWriter{w}
+	w.Header().Set("Access-Control-Allow-Origin", "*")
+	w.Header().Set("Content-Type", "application/json")
+
+	data, err := json.Marshal(struct {
+		Version    string `json:"version"`
+		GitHash    string `json:"githash"`
+		BuildStamp string `json:"buildstamp"`
+	}{
+		Version:    fmt.Sprintf("%s%s", s.version.Version, s.version.VersionPrerelease),
+		GitHash:    s.version.GitHash,
+		BuildStamp: s.version.BuildStamp,
+	})
+
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		w.Write([]byte{})
+		return
+	}
+
+	w.WriteHeader(http.StatusOK)
+	w.Write(data)
+}
+
+// handleError handles standard apierror return codes
+func handleError(w http.ResponseWriter, err error) {
+	log.Error(err.Error())
+	if aerr, ok := errors.Cause(err).(apierror.Error); ok {
+		switch aerr.Code {
+		case apierror.ErrForbidden:
+			w.WriteHeader(http.StatusForbidden)
+		case apierror.ErrNotFound:
+			w.WriteHeader(http.StatusNotFound)
+		case apierror.ErrConflict:
+			w.WriteHeader(http.StatusConflict)
+		case apierror.ErrBadRequest:
+			w.WriteHeader(http.StatusBadRequest)
+		case apierror.ErrLimitExceeded:
+			w.WriteHeader(http.StatusTooManyRequests)
+		default:
+			w.WriteHeader(http.StatusInternalServerError)
+		}
+		w.Write([]byte(aerr.Message))
+	} else {
+		w.WriteHeader(http.StatusInternalServerError)
+		w.Write([]byte(err.Error()))
+	}
+}

api/handlers.go

@@ -0,0 +1,174 @@
+package api
+
+import (
+	"encoding/json"
+	"fmt"
+	"io/ioutil"
+	"net/http"
+
+	"github.com/YaleSpinup/apierror"
+	"github.com/gorilla/mux"
+	log "github.com/sirupsen/logrus"
+)
+
+// ListClientSSLProfiles List Client SSL Profiles on LTM
+func (s *server) ListClientSSLProfiles(w http.ResponseWriter, r *http.Request) {
+	w = LogWriter{w}
+	vars := mux.Vars(r)
+	host := vars["host"]
+
+	log.Infof("list client ssl profiles %s", host)
+
+	ltmService, ok := s.LTMServices[host]
+	if !ok {
+		msg := fmt.Sprintf("LTM host service not found for account: %s", host)
+		handleError(w, apierror.New(apierror.ErrNotFound, msg, nil))
+		return
+	}
+
+	out, err := ltmService.ListClientSSLProfiles()
+	if err != nil {
+		handleError(w, err)
+		return
+	}
+
+	j, err := json.Marshal(out)
+	if err != nil {
+		handleError(w, apierror.New(apierror.ErrBadRequest, "failed to marshal json", err))
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusOK)
+	w.Write(j)
+}
+
+// ShowClientSSLProfile Show detail of Client SSL Profile on LTM
+func (s *server) ShowClientSSLProfile(w http.ResponseWriter, r *http.Request) {
+	w = LogWriter{w}
+	vars := mux.Vars(r)
+	host := vars["host"]
+	name := vars["name"]
+
+	log.Infof("getting details about client ssl profile %s", name)
+
+	ltmService, ok := s.LTMServices[host]
+	if !ok {
+		msg := fmt.Sprintf("LTM host service not found for account: %s", host)
+		handleError(w, apierror.New(apierror.ErrNotFound, msg, nil))
+		return
+	}
+
+	out, err := ltmService.GetClientSSLProfile(name)
+	if err != nil {
+		handleError(w, err)
+	}
+
+	j, err := json.Marshal(out)
+	if err != nil {
+		handleError(w, apierror.New(apierror.ErrBadRequest, "failed to marshal json", err))
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusOK)
+	w.Write(j)
+}
+
+// ModifyClientSSLProfile updates a clientssl profile including updating the cert and key if supplied in the body
+func (s *server) ModifyClientSSLProfile(w http.ResponseWriter, r *http.Request) {
+	w = LogWriter{w}
+	vars := mux.Vars(r)
+	host := vars["host"]
+	name := vars["name"]
+
+	log.Infof("updating client ssl profile")
+
+	raw, err := ioutil.ReadAll(r.Body)
+	if err != nil {
+		handleError(w, err)
+		return
+	}
+	defer r.Body.Close()
+
+	data := ModifyClientSSLProfileRequest{}
+	if err := json.Unmarshal(raw, &data); err != nil {
+		handleError(w, err)
+	}
+
+	ltmService, ok := s.LTMServices[host]
+	if !ok {
+		msg := fmt.Sprintf("LTM host service not found for account: %s", host)
+		handleError(w, apierror.New(apierror.ErrNotFound, msg, nil))
+		return
+	}
+
+	orch := &ltmOrchestrator{
+		client: ltmService,
+	}
+
+	if err := orch.modifyClientSSLProfile(r.Context(), name, &data); err != nil {
+		handleError(w, err)
+		return
+	}
+
+	out := fmt.Sprintf("ClientSSLProfile %s updated for host: %s\n", name, host)
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusOK)
+	w.Write([]byte(out))
+}
+
+// CreateClientSSLProfile creates SSL Client Profile
+func (s *server) CreateClientSSLProfile(w http.ResponseWriter, r *http.Request) {
+	w = LogWriter{w}
+	vars := mux.Vars(r)
+	host := vars["host"]
+	name := vars["name"]
+
+	log.Infof("creating client ssl profile")
+
+	// 	data := MyClientSSLProfile{}
+
+	// 	err = json.Unmarshal([]byte(raw), &data)
+
+	raw, err := ioutil.ReadAll(r.Body)
+	if err != nil {
+		handleError(w, err)
+		return
+	}
+	defer r.Body.Close()
+
+	data := ModifyClientSSLProfileRequest{}
+	if err := json.Unmarshal(raw, &data); err != nil {
+		handleError(w, err)
+	}
+
+	ltmService, ok := s.LTMServices[host]
+	if !ok {
+		msg := fmt.Sprintf("LTM host service not found for account: %s", host)
+		handleError(w, apierror.New(apierror.ErrNotFound, msg, nil))
+		return
+	}
+
+	orch := &ltmOrchestrator{
+		client: ltmService,
+	}
+
+	if err := orch.createClientSSLProfile(r.Context(), name, &data); err != nil {
+		handleError(w, err)
+		return
+	}
+
+	out := fmt.Sprintf("SSLProfile %s created\n", name)
+
+	j, err := json.Marshal(out)
+	if err != nil {
+		handleError(w, apierror.New(apierror.ErrBadRequest, "failed to marshal json", err))
+		return
+	}
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusOK)
+	w.Write(j)
+}

api/handlers_ltm.go

@@ -0,0 +1 @@
+package api