From 31d0369132a37152081135688af51b90a97f086b Mon Sep 17 00:00:00 2001 From: ImMin5 Date: Wed, 20 Dec 2023 22:46:07 +0900 Subject: [PATCH] feat: modify token injection when use SpaceConnector --- src/spaceone/plugin/conf/global_conf.py | 63 ++++++++----------- .../plugin/manager/identity_manager.py | 9 +-- .../plugin/manager/repository_manager.py | 36 +++++++---- src/spaceone/plugin/service/plugin_service.py | 41 +++++++----- 4 files changed, 78 insertions(+), 71 deletions(-) diff --git a/src/spaceone/plugin/conf/global_conf.py b/src/spaceone/plugin/conf/global_conf.py index 3c2b915..22c53ff 100644 --- a/src/spaceone/plugin/conf/global_conf.py +++ b/src/spaceone/plugin/conf/global_conf.py @@ -1,58 +1,45 @@ DATABASE_AUTO_CREATE_INDEX = True DATABASES = { - 'default': { - 'db': 'plugin', - 'host': 'localhost', - 'port': 27017, - 'username': 'plugin', - 'password': '' + "default": { + "db": "plugin", + "host": "localhost", + "port": 27017, + "username": "plugin", + "password": "", } } CACHES = { - 'default': {}, - 'local': { - 'backend': 'spaceone.core.cache.local_cache.LocalCache', - 'max_size': 128, - 'ttl': 300 - } + "default": {}, + "local": { + "backend": "spaceone.core.cache.local_cache.LocalCache", + "max_size": 128, + "ttl": 300, + }, } CONNECTORS = { - 'IdentityConnector': { - 'endpoint': { - 'v1': 'grpc://identity:50051' - } - }, - 'pluginConnector': { - }, - 'RepositoryConnector': { - 'endpoint': { - 'v1': 'grpc://repository:50051' - } - }, - 'SpaceConnector': { - 'backend': 'spaceone.core.connector.space_connector.SpaceConnector', - 'endpoints': { - 'identity': 'grpc://identity:50051', - 'repository': 'grpc://repository:50051', - 'secret': 'grpc://secret:50051', - } + "IdentityConnector": {"endpoint": {"v1": "grpc://identity:50051"}}, + "pluginConnector": {}, + "RepositoryConnector": {"endpoint": {"v1": "grpc://repository:50051"}}, + "SpaceConnector": { + "backend": "spaceone.core.connector.space_connector:SpaceConnector", + "endpoints": { + "identity": "grpc://identity:50051", + "repository": "grpc://repository:50051", + "secret": "grpc://secret:50051", + }, }, } -HANDLERS = { -} +HANDLERS = {} -ENDPOINTS = { -} +ENDPOINTS = {} -LOG = { -} +LOG = {} QUEUES = {} SCHEDULERS = {} WORKERS = {} TOKEN = "" TOKEN_INFO = {} - diff --git a/src/spaceone/plugin/manager/identity_manager.py b/src/spaceone/plugin/manager/identity_manager.py index 4d69791..a2211a7 100644 --- a/src/spaceone/plugin/manager/identity_manager.py +++ b/src/spaceone/plugin/manager/identity_manager.py @@ -1,12 +1,13 @@ from spaceone.core.manager import BaseManager from spaceone.core.connector.space_connector import SpaceConnector -class IdentityManager(BaseManager): +class IdentityManager(BaseManager): def __init__(self, *args, **kwargs): super().__init__(*args, **kwargs) - self.identity_connector: SpaceConnector = self.locator.get_connector('SpaceConnector', service='identity') + self.identity_connector: SpaceConnector = self.locator.get_connector( + SpaceConnector, service="identity" + ) def list_domains(self, query): - print(query) - return self.identity_connector.dispatch('Domain.list', {'query': query}) + return self.identity_connector.dispatch("Domain.list", {"query": query}) diff --git a/src/spaceone/plugin/manager/repository_manager.py b/src/spaceone/plugin/manager/repository_manager.py index d3a6687..4e8801b 100644 --- a/src/spaceone/plugin/manager/repository_manager.py +++ b/src/spaceone/plugin/manager/repository_manager.py @@ -1,33 +1,45 @@ import logging +from typing import Union from spaceone.core.cache import cacheable from spaceone.core.manager import BaseManager from spaceone.plugin.error import * from spaceone.core.connector.space_connector import SpaceConnector - _LOGGER = logging.getLogger(__name__) class RepositoryManager(BaseManager): - def __init__(self, *args, **kwargs): super().__init__(*args, **kwargs) - self.repo_connector: SpaceConnector = self.locator.get_connector('SpaceConnector', service='repository') + self.repo_connector: SpaceConnector = self.locator.get_connector( + SpaceConnector, service="repository" + ) - def get_plugin(self, plugin_id, domain_id): - return self.repo_connector.dispatch('Plugin.get', {'plugin_id': plugin_id, 'domain_id': domain_id}) + def get_plugin(self, plugin_id: str, domain_id, token: str) -> dict: + return self.repo_connector.dispatch( + "Plugin.get", {"plugin_id": plugin_id}, token=token, x_domain_id=domain_id + ) - def check_plugin_version(self, plugin_id, version, domain_id): - response = self.repo_connector.dispatch('Plugin.get_versions', {'plugin_id': plugin_id, 'domain_id': domain_id}) + def check_plugin_version(self, plugin_id, version, token: str) -> None: + response = self.repo_connector.dispatch( + "Plugin.get_versions", {"plugin_id": plugin_id}, token=token + ) - if version not in response.get('results', []): + if version not in response.get("results", []): raise ERROR_INVALID_PLUGIN_VERSION(plugin_id=plugin_id, version=version) - @cacheable(key='plugin-latest-version:{domain_id}:{plugin_id}', expire=600) - def get_plugin_latest_version(self, plugin_id, domain_id): - response = self.repo_connector.dispatch('Plugin.get_versions', {'plugin_id': plugin_id, 'domain_id': domain_id}) - versions = response.get('results', []) + @cacheable(key="plugin-latest-version:{domain_id}:{plugin_id}", expire=600) + def get_plugin_latest_version( + self, plugin_id: str, domain_id: str, token: str + ) -> Union[str, None]: + response = self.repo_connector.dispatch( + "Plugin.get_versions", + {"plugin_id": plugin_id}, + token=token, + x_domain_id=domain_id, + ) + versions = response.get("results", []) if versions: return versions[0] else: diff --git a/src/spaceone/plugin/service/plugin_service.py b/src/spaceone/plugin/service/plugin_service.py index 943aaa3..f96e113 100644 --- a/src/spaceone/plugin/service/plugin_service.py +++ b/src/spaceone/plugin/service/plugin_service.py @@ -16,7 +16,7 @@ @event_handler class PluginService(BaseService): resource = "Plugin" - + def __init__(self, metadata): super().__init__(metadata) self.supervisor_mgr: SupervisorManager = self.locator.get_manager( @@ -47,8 +47,9 @@ def get_plugin_endpoint(self, params: dict): if params.get("upgrade_mode") == "MANUAL" and params.get("version") is None: raise ERROR_REQUIRED_PARAMETER(key="version") - params.update({"version": self._get_plugin_version(params)}) - return self._get_plugin_endpoint(params) + token = self.transaction.get_meta("token") + params.update({"version": self._get_plugin_version(params, token)}) + return self._get_plugin_endpoint(params, token) @transaction( permission="plugin:Plugin.read", role_types=["DOMAIN_ADMIN", "WORKSPACE_OWNER"] @@ -68,19 +69,21 @@ def get_plugin_metadata(self, params: dict): plugin_id = params["plugin_id"] domain_id = params["domain_id"] options = params.get("options", {}) + token = self.transaction.get_meta("token") if params.get("upgrade_mode") == "MANUAL" and params.get("version") is None: raise ERROR_REQUIRED_PARAMETER(key="version") - params.update({"version": self._get_plugin_version(params)}) - plugin_endpoint_info = self._get_plugin_endpoint(params) - api_class = self._get_plugin_api_class(plugin_id, domain_id) + params.update({"version": self._get_plugin_version(params, token)}) + + plugin_endpoint_info = self._get_plugin_endpoint(params, token) + api_class = self._get_plugin_api_class(plugin_id, domain_id, token) init_response = self.plugin_mgr.init_plugin( plugin_endpoint_info.get("endpoint"), api_class, options ) return init_response.get("metadata", {}) - def _get_plugin_endpoint(self, params): + def _get_plugin_endpoint(self, params: dict, token: str): plugin_id = params["plugin_id"] labels = params.get("labels", {}) version = params.get("version") @@ -104,7 +107,7 @@ def _get_plugin_endpoint(self, params): # There is no installed plugin # Check plugin_id, version is valid or not - self._check_plugin(plugin_id, version, domain_id) + self._check_plugin(plugin_id, version, token) # Create or Fail matched_supervisors = self.supervisor_mgr.get_matched_supervisors( @@ -122,7 +125,7 @@ def _get_plugin_endpoint(self, params): raise ERROR_NO_POSSIBLE_SUPERVISOR(params=params) - def _get_plugin_version(self, params): + def _get_plugin_version(self, params: dict, token: str): plugin_id = params["plugin_id"] upgrade_mode = params.get("upgrade_mode", "MANUAL") version = params.get("version") @@ -130,7 +133,7 @@ def _get_plugin_version(self, params): if upgrade_mode == "AUTO": latest_version = self.repository_mgr.get_plugin_latest_version( - plugin_id, domain_id + plugin_id, domain_id, token ) if version is None and latest_version is None: @@ -144,8 +147,8 @@ def _get_plugin_version(self, params): else: raise ERROR_REQUIRED_PARAMETER(key="version") - def _get_plugin_api_class(self, plugin_id, domain_id): - plugin_info = self.repository_mgr.get_plugin(plugin_id, domain_id) + def _get_plugin_api_class(self, plugin_id: str, domain_id: str, token: str): + plugin_info = self.repository_mgr.get_plugin(plugin_id, domain_id, token) service_type = plugin_info["service_type"] return service_type.split(".")[1] @@ -262,19 +265,19 @@ def _select_one(choice_list, algorithm="random"): return random.choice(choice_list) _LOGGER.error(f"[_select_one] unimplemented algorithm: {algorithm}") - def _check_plugin(self, plugin_id, version, domain_id): + def _check_plugin(self, plugin_id: str, version: str, token: str): """Check plugin_id:version exist or not""" repo_mgr = self.locator.get_manager("RepositoryManager") # Check plugin_id try: - repo_mgr.get_plugin(plugin_id, domain_id) + repo_mgr.get_plugin(plugin_id, token) except Exception as e: _LOGGER.error(f"[_check_plugin] {plugin_id} does not exist") raise ERROR_PLUGIN_NOT_FOUND(plugin_id=plugin_id) # Check version try: - repo_mgr.check_plugin_version(plugin_id, version, domain_id) + repo_mgr.check_plugin_version(plugin_id, version, token) except Exception as e: raise ERROR_INVALID_PLUGIN_VERSION(plugin_id=plugin_id, version=version) @@ -314,8 +317,12 @@ def verify(self, params: dict): "domain_id": params["domain_id"], } - plugin_endpoint_info = self._get_plugin_endpoint(requested_params) - api_class = self._get_plugin_api_class(params["plugin_id"], params["domain_id"]) + token = self.transaction.get_meta("token") + + plugin_endpoint_info = self._get_plugin_endpoint(requested_params, token) + api_class = self._get_plugin_api_class( + params["plugin_id"], params["domain_id"], token + ) # secret if "secret_id" in params: