outposts: add *ServiceConnection API

2020-11-04 11:04:18 +01:00 · 2020-11-04 11:04:18 +01:00 · bd74e518a7
parent 3b76af4eaa
commit bd74e518a7
4 changed files with 357 additions and 5 deletions
--- a/passbook/api/v2/urls.py
+++ b/passbook/api/v2/urls.py
@ -19,7 +19,7 @@ from passbook.core.api.tokens import TokenViewSet
 from passbook.core.api.users import UserViewSet
 from passbook.crypto.api import CertificateKeyPairViewSet
 from passbook.flows.api import FlowStageBindingViewSet, FlowViewSet, StageViewSet
-from passbook.outposts.api import OutpostViewSet
+from passbook.outposts.api import OutpostViewSet, DockerServiceConnectionViewSet, KubernetesServiceConnectionViewSet
 from passbook.policies.api import PolicyBindingViewSet, PolicyViewSet
 from passbook.policies.dummy.api import DummyPolicyViewSet
 from passbook.policies.expiry.api import PasswordExpiryPolicyViewSet
@ -29,7 +29,7 @@ from passbook.policies.hibp.api import HaveIBeenPwendPolicyViewSet
 from passbook.policies.password.api import PasswordPolicyViewSet
 from passbook.policies.reputation.api import ReputationPolicyViewSet
 from passbook.providers.oauth2.api import OAuth2ProviderViewSet, ScopeMappingViewSet
-from passbook.providers.proxy.api import OutpostConfigViewSet, ProxyProviderViewSet
+from passbook.providers.proxy.api import ProxyOutpostConfigViewSet, ProxyProviderViewSet
 from passbook.providers.saml.api import SAMLPropertyMappingViewSet, SAMLProviderViewSet
 from passbook.sources.ldap.api import LDAPPropertyMappingViewSet, LDAPSourceViewSet
 from passbook.sources.oauth.api import OAuthSourceViewSet
@ -66,7 +66,9 @@ router.register("core/users", UserViewSet)
 router.register("core/tokens", TokenViewSet)

 router.register("outposts/outposts", OutpostViewSet)
-router.register("outposts/proxy", OutpostConfigViewSet)
+router.register("outposts/service_connections/docker", DockerServiceConnectionViewSet)
+router.register("outposts/service_connections/kubernetes", KubernetesServiceConnectionViewSet)
+router.register("outposts/proxy", ProxyOutpostConfigViewSet)

 router.register("flows/instances", FlowViewSet)
 router.register("flows/bindings", FlowStageBindingViewSet)
--- a/passbook/outposts/api.py
+++ b/passbook/outposts/api.py
@ -2,7 +2,11 @@
 from rest_framework.serializers import JSONField, ModelSerializer
 from rest_framework.viewsets import ModelViewSet

-from passbook.outposts.models import Outpost
+from passbook.outposts.models import (
+    DockerServiceConnection,
+    KubernetesServiceConnection,
+    Outpost,
+)


 class OutpostSerializer(ModelSerializer):
@ -21,3 +25,35 @@ class OutpostViewSet(ModelViewSet):

    queryset = Outpost.objects.all()
    serializer_class = OutpostSerializer
+
+
+class DockerServiceConnectionSerializer(ModelSerializer):
+    """DockerServiceConnection Serializer"""
+
+    class Meta:
+
+        model = DockerServiceConnection
+        fields = ["pk", "name", "local", "url", "tls"]
+
+
+class DockerServiceConnectionViewSet(ModelViewSet):
+    """DockerServiceConnection Viewset"""
+
+    queryset = DockerServiceConnection.objects.all()
+    serializer_class = DockerServiceConnectionSerializer
+
+
+class KubernetesServiceConnectionSerializer(ModelSerializer):
+    """KubernetesServiceConnection Serializer"""
+
+    class Meta:
+
+        model = KubernetesServiceConnection
+        fields = ["pk", "name", "local", "config"]
+
+
+class KubernetesServiceConnectionViewSet(ModelViewSet):
+    """KubernetesServiceConnection Viewset"""
+
+    queryset = KubernetesServiceConnection.objects.all()
+    serializer_class = KubernetesServiceConnectionSerializer
--- a/passbook/providers/proxy/api.py
+++ b/passbook/providers/proxy/api.py
@ -112,7 +112,7 @@ class ProxyOutpostConfigSerializer(ModelSerializer):
        return ProviderInfoView(request=self.context["request"]._request).get_info(obj)


-class OutpostConfigViewSet(ModelViewSet):
+class ProxyOutpostConfigViewSet(ModelViewSet):
    """ProxyProvider Viewset"""

    queryset = ProxyProvider.objects.filter(application__isnull=False)
--- a/swagger.yaml
+++ b/swagger.yaml
@ -1353,6 +1353,260 @@ paths:
        description: A unique integer value identifying this Proxy Provider.
        required: true
        type: integer
+  /outposts/service_connections/docker/:
+    get:
+      operationId: outposts_service_connections_docker_list
+      description: DockerServiceConnection Viewset
+      parameters:
+        - name: ordering
+          in: query
+          description: Which field to use when ordering the results.
+          required: false
+          type: string
+        - name: search
+          in: query
+          description: A search term.
+          required: false
+          type: string
+        - name: limit
+          in: query
+          description: Number of results to return per page.
+          required: false
+          type: integer
+        - name: offset
+          in: query
+          description: The initial index from which to return the results.
+          required: false
+          type: integer
+      responses:
+        '200':
+          description: ''
+          schema:
+            required:
+              - count
+              - results
+            type: object
+            properties:
+              count:
+                type: integer
+              next:
+                type: string
+                format: uri
+                x-nullable: true
+              previous:
+                type: string
+                format: uri
+                x-nullable: true
+              results:
+                type: array
+                items:
+                  $ref: '#/definitions/DockerServiceConnection'
+      tags:
+        - outposts
+    post:
+      operationId: outposts_service_connections_docker_create
+      description: DockerServiceConnection Viewset
+      parameters:
+        - name: data
+          in: body
+          required: true
+          schema:
+            $ref: '#/definitions/DockerServiceConnection'
+      responses:
+        '201':
+          description: ''
+          schema:
+            $ref: '#/definitions/DockerServiceConnection'
+      tags:
+        - outposts
+    parameters: []
+  /outposts/service_connections/docker/{uuid}/:
+    get:
+      operationId: outposts_service_connections_docker_read
+      description: DockerServiceConnection Viewset
+      parameters: []
+      responses:
+        '200':
+          description: ''
+          schema:
+            $ref: '#/definitions/DockerServiceConnection'
+      tags:
+        - outposts
+    put:
+      operationId: outposts_service_connections_docker_update
+      description: DockerServiceConnection Viewset
+      parameters:
+        - name: data
+          in: body
+          required: true
+          schema:
+            $ref: '#/definitions/DockerServiceConnection'
+      responses:
+        '200':
+          description: ''
+          schema:
+            $ref: '#/definitions/DockerServiceConnection'
+      tags:
+        - outposts
+    patch:
+      operationId: outposts_service_connections_docker_partial_update
+      description: DockerServiceConnection Viewset
+      parameters:
+        - name: data
+          in: body
+          required: true
+          schema:
+            $ref: '#/definitions/DockerServiceConnection'
+      responses:
+        '200':
+          description: ''
+          schema:
+            $ref: '#/definitions/DockerServiceConnection'
+      tags:
+        - outposts
+    delete:
+      operationId: outposts_service_connections_docker_delete
+      description: DockerServiceConnection Viewset
+      parameters: []
+      responses:
+        '204':
+          description: ''
+      tags:
+        - outposts
+    parameters:
+      - name: uuid
+        in: path
+        description: A UUID string identifying this docker service connection.
+        required: true
+        type: string
+        format: uuid
+  /outposts/service_connections/kubernetes/:
+    get:
+      operationId: outposts_service_connections_kubernetes_list
+      description: KubernetesServiceConnection Viewset
+      parameters:
+        - name: ordering
+          in: query
+          description: Which field to use when ordering the results.
+          required: false
+          type: string
+        - name: search
+          in: query
+          description: A search term.
+          required: false
+          type: string
+        - name: limit
+          in: query
+          description: Number of results to return per page.
+          required: false
+          type: integer
+        - name: offset
+          in: query
+          description: The initial index from which to return the results.
+          required: false
+          type: integer
+      responses:
+        '200':
+          description: ''
+          schema:
+            required:
+              - count
+              - results
+            type: object
+            properties:
+              count:
+                type: integer
+              next:
+                type: string
+                format: uri
+                x-nullable: true
+              previous:
+                type: string
+                format: uri
+                x-nullable: true
+              results:
+                type: array
+                items:
+                  $ref: '#/definitions/KubernetesServiceConnection'
+      tags:
+        - outposts
+    post:
+      operationId: outposts_service_connections_kubernetes_create
+      description: KubernetesServiceConnection Viewset
+      parameters:
+        - name: data
+          in: body
+          required: true
+          schema:
+            $ref: '#/definitions/KubernetesServiceConnection'
+      responses:
+        '201':
+          description: ''
+          schema:
+            $ref: '#/definitions/KubernetesServiceConnection'
+      tags:
+        - outposts
+    parameters: []
+  /outposts/service_connections/kubernetes/{uuid}/:
+    get:
+      operationId: outposts_service_connections_kubernetes_read
+      description: KubernetesServiceConnection Viewset
+      parameters: []
+      responses:
+        '200':
+          description: ''
+          schema:
+            $ref: '#/definitions/KubernetesServiceConnection'
+      tags:
+        - outposts
+    put:
+      operationId: outposts_service_connections_kubernetes_update
+      description: KubernetesServiceConnection Viewset
+      parameters:
+        - name: data
+          in: body
+          required: true
+          schema:
+            $ref: '#/definitions/KubernetesServiceConnection'
+      responses:
+        '200':
+          description: ''
+          schema:
+            $ref: '#/definitions/KubernetesServiceConnection'
+      tags:
+        - outposts
+    patch:
+      operationId: outposts_service_connections_kubernetes_partial_update
+      description: KubernetesServiceConnection Viewset
+      parameters:
+        - name: data
+          in: body
+          required: true
+          schema:
+            $ref: '#/definitions/KubernetesServiceConnection'
+      responses:
+        '200':
+          description: ''
+          schema:
+            $ref: '#/definitions/KubernetesServiceConnection'
+      tags:
+        - outposts
+    delete:
+      operationId: outposts_service_connections_kubernetes_delete
+      description: KubernetesServiceConnection Viewset
+      parameters: []
+      responses:
+        '204':
+          description: ''
+      tags:
+        - outposts
+    parameters:
+      - name: uuid
+        in: path
+        description: A UUID string identifying this kubernetes service connection.
+        required: true
+        type: string
+        format: uuid
  /policies/all/:
    get:
      operationId: policies_all_list
@ -6454,6 +6708,13 @@ definitions:
        items:
          type: integer
        uniqueItems: true
+      service_connection:
+        title: Service connection
+        description: Select Service-Connection passbook should use to manage this
+          outpost. Leave empty if passbook should not handle the deployment.
+        type: string
+        format: uuid
+        x-nullable: true
      _config:
        title: config
        type: object
@ -6594,6 +6855,59 @@ definitions:
        description: User/Group Attribute used for the user part of the HTTP-Basic
          Header. If not set, the user's Email address is used.
        type: string
+  DockerServiceConnection:
+    description: DockerServiceConnection Serializer
+    required:
+      - name
+      - url
+      - tls
+    type: object
+    properties:
+      pk:
+        title: Uuid
+        type: string
+        format: uuid
+        readOnly: true
+      name:
+        title: Name
+        type: string
+        minLength: 1
+      local:
+        title: Local
+        description: If enabled, use the local connection. Required Docker socket/Kubernetes
+          Integration
+        type: boolean
+      url:
+        title: Url
+        type: string
+        minLength: 1
+      tls:
+        title: Tls
+        type: boolean
+  KubernetesServiceConnection:
+    description: KubernetesServiceConnection Serializer
+    required:
+      - name
+      - config
+    type: object
+    properties:
+      pk:
+        title: Uuid
+        type: string
+        format: uuid
+        readOnly: true
+      name:
+        title: Name
+        type: string
+        minLength: 1
+      local:
+        title: Local
+        description: If enabled, use the local connection. Required Docker socket/Kubernetes
+          Integration
+        type: boolean
+      config:
+        title: Config
+        type: object
  Policy:
    description: Policy Serializer
    type: object