Merge pull request #7 from sandwichcloud/keypair

add keypair and network-port routes plus some other misc changes

Author: rmb938

deli_counter/http/mounts/root/mount.py

@@ -99,8 +99,8 @@ def __setup_tools(self):
         cherrypy.tools.authentication = cherrypy.Tool('on_start_resource', self.validate_token, priority=20)
         cherrypy.tools.project_scope = cherrypy.Tool('on_start_resource', self.validate_project_scope, priority=30)
 
-        cherrypy.tools.resource_object = cherrypy.Tool('before_request_body', self.resource_object, priority=40)
-        cherrypy.tools.enforce_policy = cherrypy.Tool('before_request_body', self.enforce_policy, priority=50)
+        cherrypy.tools.enforce_policy = cherrypy.Tool('before_request_body', self.enforce_policy, priority=40)
+        cherrypy.tools.resource_object = cherrypy.Tool('before_request_body', self.resource_object, priority=50)
 
     def __setup_auth(self):
         self.auth_manager = AuthManager()

deli_counter/http/mounts/root/routes/v1/images.py

@@ -117,7 +117,8 @@ def delete(self, image_id):
                 raise cherrypy.HTTPError(409, "Cannot delete an image while it is locked.")
 
             image.state = ImageState.DELETING
-            create_task(session, image, delete_image, image_id=image.id)
+            # TODO: do we allow not deleting image backing?
+            create_task(session, image, delete_image, image_id=image.id, delete_backing=True)
 
             session.commit()
 

deli_counter/http/mounts/root/routes/v1/instance.py

@@ -10,9 +10,9 @@
 from ingredients_db.models.authn import AuthNServiceAccount
 from ingredients_db.models.images import Image, ImageVisibility, ImageState
 from ingredients_db.models.instance import Instance, InstanceState
+from ingredients_db.models.keypair import Keypair
 from ingredients_db.models.network import Network, NetworkState
 from ingredients_db.models.network_port import NetworkPort
-from ingredients_db.models.public_key import PublicKey
 from ingredients_db.models.region import Region, RegionState
 from ingredients_db.models.task import Task
 from ingredients_db.models.zones import Zone, ZoneState
@@ -115,6 +115,7 @@ def create(self):
 
             network_port = NetworkPort()
             network_port.network_id = network.id
+            network_port.project_id = project.id
             session.add(network_port)
             session.flush()
 
@@ -133,16 +134,15 @@ def create(self):
             session.add(instance)
             session.flush()
 
-            for public_key_id in request.public_keys:
-                public_key = session.query(PublicKey).filter(PublicKey.id == public_key_id).filter(
-                    PublicKey.project_id == project.id).first()
+            for keypair_id in request.keypair_ids:
+                keypair = session.query(Keypair).filter(Keypair.id == keypair_id).filter(
+                    Keypair.project_id == project.id).first()
 
-                if public_key is None:
-                    raise cherrypy.HTTPError(404,
-                                             "Could not find a public key within the scoped project with the id %s" %
-                                             public_key_id)
+                if keypair is None:
+                    raise cherrypy.HTTPError(404, "Could not find a keypair within the scoped project with the id %s" %
+                                             keypair_id)
 
-                instance.public_keys.append(public_key)
+                instance.keypairs.append(keypair)
 
             print("TASK")
             create_task(session, instance, create_instance, instance_id=instance.id)
@@ -159,7 +159,9 @@ def create(self):
     @cherrypy.tools.resource_object(id_param="instance_id", cls=Instance)
     @cherrypy.tools.enforce_policy(policy_name="instances:get")
     def get(self, instance_id: uuid.UUID):
-        return ResponseInstance.from_database(cherrypy.request.resource_object)
+        with cherrypy.request.db_session() as session:
+            instance: Instance = session.merge(cherrypy.request.resource_object, load=False)
+            return ResponseInstance.from_database(instance)
 
     @Route()
     @cherrypy.tools.project_scope()

deli_counter/http/mounts/root/routes/v1/keypairs.py

@@ -0,0 +1,74 @@
+import uuid
+
+import cherrypy
+from sqlalchemy.orm import Query
+
+from deli_counter.http.mounts.root.routes.v1.validation_models.keypairs import RequestCreateKeypair, \
+    ParamsListKeypair, ParamsKeypair, ResponseKeypair
+from ingredients_db.models.keypair import Keypair
+from ingredients_http.request_methods import RequestMethods
+from ingredients_http.route import Route
+from ingredients_http.router import Router
+
+
+class KeypairsRouter(Router):
+    def __init__(self):
+        super().__init__(uri_base='keypairs')
+
+    @Route(methods=[RequestMethods.POST])
+    @cherrypy.tools.project_scope()
+    @cherrypy.tools.model_in(cls=RequestCreateKeypair)
+    @cherrypy.tools.model_out(cls=ResponseKeypair)
+    @cherrypy.tools.enforce_policy(policy_name="keypairs:create")
+    def create(self):
+        request: RequestCreateKeypair = cherrypy.request.model
+        project = cherrypy.request.project
+
+        with cherrypy.request.db_session() as session:
+            keypair = session.query(Keypair).filter(Keypair.name == request.name).first()
+
+            if keypair is not None:
+                raise cherrypy.HTTPError(409, "A keypair with the requested name already exists.")
+
+            keypair = Keypair()
+            keypair.name = request.name
+            keypair.public_key = request.public_key
+            keypair.project_id = project.id
+            session.add(keypair)
+            session.commit()
+            session.refresh(keypair)
+            return ResponseKeypair.from_database(keypair)
+
+    @Route(route='{keypair_id}')
+    @cherrypy.tools.project_scope()
+    @cherrypy.tools.model_params(cls=ParamsKeypair)
+    @cherrypy.tools.model_out(cls=ResponseKeypair)
+    @cherrypy.tools.resource_object(id_param="keypair_id", cls=Keypair)
+    @cherrypy.tools.enforce_policy(policy_name="keypairs:get")
+    def get(self, keypair_id: uuid.UUID):
+        return ResponseKeypair.from_database(cherrypy.request.resource_object)
+
+    @Route()
+    @cherrypy.tools.project_scope()
+    @cherrypy.tools.model_params(cls=ParamsListKeypair)
+    @cherrypy.tools.model_out_pagination(cls=ResponseKeypair)
+    @cherrypy.tools.enforce_policy(policy_name="keypairs:list")
+    def list(self, limit: int, marker: uuid.UUID):
+        project = cherrypy.request.project
+        starting_query = Query(Keypair).filter(Keypair.project_id == project.id)
+        return self.paginate(Keypair, ResponseKeypair, limit, marker, starting_query=starting_query)
+
+    @Route(route='{keypair_id}', methods=[RequestMethods.DELETE])
+    @cherrypy.tools.project_scope()
+    @cherrypy.tools.model_params(cls=ParamsKeypair)
+    @cherrypy.tools.resource_object(id_param="keypair_id", cls=Keypair)
+    @cherrypy.tools.enforce_policy(policy_name="keypairs:delete")
+    def delete(self, keypair_id: uuid.UUID):
+        cherrypy.response.status = 204
+        # Fix for https://github.com/cherrypy/cherrypy/issues/1657
+        del cherrypy.response.headers['Content-Type']
+
+        with cherrypy.request.db_session() as session:
+            keypair: Keypair = session.merge(cherrypy.request.resource_object, load=False)
+            session.delete(keypair)
+            session.commit()

deli_counter/http/mounts/root/routes/v1/network_ports.py

@@ -1,8 +1,58 @@
+import uuid
+
+import cherrypy
+from sqlalchemy.orm import Query
+
+from deli_counter.http.mounts.root.routes.v1.validation_models.network_ports import ParamsNetworkPort, \
+    ParamsListNetworkPort, ResponseNetworkPort
+from ingredients_db.models.instance import Instance
+from ingredients_db.models.network_port import NetworkPort
+from ingredients_http.request_methods import RequestMethods
+from ingredients_http.route import Route
 from ingredients_http.router import Router
 
 
 class NetworkPortRouter(Router):
     def __init__(self):
         super().__init__(uri_base='network-ports')
 
-        # TODO: do this
+    # Do we want to allow creation? It's kinda pointless since they are auto created
+
+    @Route(route='{network_port_id}')
+    @cherrypy.tools.project_scope()
+    @cherrypy.tools.model_params(cls=ParamsNetworkPort)
+    @cherrypy.tools.model_out(cls=ResponseNetworkPort)
+    @cherrypy.tools.resource_object(id_param="network_port_id", cls=NetworkPort)
+    @cherrypy.tools.enforce_policy(policy_name="network_ports:get")
+    def get(self, network_port_id):
+        return ResponseNetworkPort.from_database(cherrypy.request.resource_object)
+
+    @Route()
+    @cherrypy.tools.project_scope()
+    @cherrypy.tools.model_params(cls=ParamsListNetworkPort)
+    @cherrypy.tools.model_out_pagination(cls=ResponseNetworkPort)
+    @cherrypy.tools.enforce_policy(policy_name="network_ports:list")
+    def list(self, limit: int, marker: uuid.UUID):
+        project = cherrypy.request.project
+        starting_query = Query(NetworkPort).filter(NetworkPort.project_id == project.id)
+        return self.paginate(NetworkPort, ResponseNetworkPort, limit, marker, starting_query=starting_query)
+
+    @Route(route='{network_port_id}', methods=[RequestMethods.DELETE])
+    @cherrypy.tools.project_scope()
+    @cherrypy.tools.model_params(cls=ParamsNetworkPort)
+    @cherrypy.tools.resource_object(id_param="network_port_id", cls=NetworkPort)
+    @cherrypy.tools.enforce_policy(policy_name="network_ports:delete")
+    def delete(self, network_port_id):
+        cherrypy.response.status = 204
+        # Fix for https://github.com/cherrypy/cherrypy/issues/1657
+        del cherrypy.response.headers['Content-Type']
+
+        with cherrypy.request.db_session() as session:
+            network_port: NetworkPort = session.merge(cherrypy.request.resource_object, load=False)
+
+            instance_count = session.query(Instance).filter(Instance.network_port_id == network_port.id).count()
+            if instance_count > 0:
+                raise cherrypy.HTTPError(400, "Cannot delete a network port while it is in use.")
+
+            session.delete(network_port)
+            session.commit()

deli_counter/http/mounts/root/routes/v1/networks.py

@@ -81,14 +81,16 @@ def get(self, network_id):
     @cherrypy.tools.model_params(cls=ParamsListNetwork)
     @cherrypy.tools.model_out_pagination(cls=ResponseNetwork)
     @cherrypy.tools.enforce_policy(policy_name="networks:list")
-    def list(self, region_id, limit: int, marker: uuid.UUID):
+    def list(self, name, region_id, limit: int, marker: uuid.UUID):
         starting_query = Query(Network)
         if region_id is not None:
             with cherrypy.request.db_session() as session:
                 region = session.query(Region).filter(Region.id == region_id).first()
                 if region is None:
                     raise cherrypy.HTTPError(404, "A region with the requested id does not exist.")
             starting_query = starting_query.filter(Network.region_id == region.id)
+        if name is not None:
+            starting_query = starting_query.filter(Network.name == name)
         return self.paginate(Network, ResponseNetwork, limit, marker, starting_query=starting_query)
 
     @Route(route='{network_id}', methods=[RequestMethods.DELETE])

deli_counter/http/mounts/root/routes/v1/regions.py

@@ -1,4 +1,5 @@
 import cherrypy
+from sqlalchemy.orm import Query
 
 from deli_counter.http.mounts.root.routes.v1.validation_models.regions import ResponseRegion, RequestCreateRegion, \
     ParamsRegion, ParamsListRegion, RequestRegionSchedule
@@ -58,8 +59,11 @@ def get(self, region_id):
     @cherrypy.tools.model_params(cls=ParamsListRegion)
     @cherrypy.tools.model_out_pagination(cls=ResponseRegion)
     @cherrypy.tools.enforce_policy(policy_name="regions:list")
-    def list(self, limit, marker):
-        return self.paginate(Region, ResponseRegion, limit, marker)
+    def list(self, name, limit, marker):
+        starting_query = None
+        if name is not None:
+            starting_query = Query(Region).filter(Region.name == name)
+        return self.paginate(Region, ResponseRegion, limit, marker, starting_query=starting_query)
 
     @Route(route='{region_id}', methods=[RequestMethods.DELETE])
     @cherrypy.tools.model_params(cls=ParamsRegion)

deli_counter/http/mounts/root/routes/v1/validation_models/instances.py

@@ -13,7 +13,7 @@ class RequestCreateInstance(Model):
     network_id = UUIDType(required=True)
     region_id = UUIDType(required=True)
     zone_id = UUIDType()
-    public_keys = ListType(UUIDType, default=list)
+    keypair_ids = ListType(UUIDType, default=list)
     tags = DictType(StringType)
 
 
@@ -24,7 +24,8 @@ class ResponseInstance(Model):
     network_port_id = UUIDType(required=True)
     region_id = UUIDType(required=True)
     zone_id = UUIDType()
-    public_keys = ListType(UUIDType, default=list)
+    service_account_id = UUIDType()
+    keypair_ids = ListType(UUIDType, default=list)
     state = EnumType(InstanceState, required=True)
     tags = DictType(StringType, default=dict)
 
@@ -40,11 +41,15 @@ def from_database(cls, instance: Instance):
         instance_model.network_port_id = instance.network_port_id
         instance_model.state = instance.state
         instance_model.tags = instance.tags
+        instance_model.service_account_id = instance.service_account_id
 
         instance_model.region_id = instance.region_id
         if instance.zone_id is not None:
             instance_model.zone_id = instance.zone_id
 
+        for keypair in instance.keypairs:
+            instance_model.keypair_ids.append(keypair.id)
+
         instance_model.created_at = instance.created_at
         instance_model.updated_at = instance.updated_at
 
@@ -70,8 +75,7 @@ class RequestInstanceImage(Model):
 
 class RequestInstancePowerOffRestart(Model):
     hard = BooleanType(default=False)
-    timeout = IntType(default=60, min_value=60,
-                      max_value=300)  # If your vm takes more than 5 minutes to power off you are doing something bad
+    timeout = IntType(default=60, min_value=60, max_value=300)
 
 
 class RequestInstanceResetState(Model):

deli_counter/http/mounts/root/routes/v1/validation_models/keypairs.py

@@ -0,0 +1,47 @@
+from cryptography.exceptions import UnsupportedAlgorithm
+from cryptography.hazmat.backends import default_backend
+from cryptography.hazmat.primitives.serialization import load_ssh_public_key
+from schematics import Model
+from schematics.exceptions import ValidationError
+from schematics.types import UUIDType, IntType, StringType
+
+from ingredients_db.models.keypair import Keypair
+
+
+class ParamsKeypair(Model):
+    keypair_id = UUIDType(required=True)
+
+
+class ParamsListKeypair(Model):
+    limit = IntType(default=100, max_value=100, min_value=1)
+    marker = UUIDType()
+
+
+class RequestCreateKeypair(Model):
+    name = StringType(required=True, min_length=3)
+    public_key = StringType(required=True)
+
+    def validate_public_key(self, data, value):
+        try:
+            load_ssh_public_key(value.encode(), default_backend())
+        except ValueError:
+            raise ValidationError("public_key could not be decoded or is not in the proper format")
+        except UnsupportedAlgorithm:
+            raise ValidationError("public_key serialization type is not supported")
+
+        return value
+
+
+class ResponseKeypair(Model):
+    id = UUIDType(required=True)
+    name = StringType(required=True, min_length=3)
+    public_key = StringType(required=True)
+
+    @classmethod
+    def from_database(cls, keypair: Keypair):
+        model = cls()
+        model.id = keypair.id
+        model.name = keypair.name
+        model.public_key = keypair.public_key
+
+        return model

deli_counter/http/mounts/root/routes/v1/validation_models/network_ports.py

@@ -0,0 +1,29 @@
+from schematics import Model
+from schematics.types import UUIDType, IntType
+
+from ingredients_db.models.network_port import NetworkPort
+from ingredients_http.schematics.types import IPv4AddressType
+
+
+class ParamsNetworkPort(Model):
+    network_port_id = UUIDType(required=True)
+
+
+class ParamsListNetworkPort(Model):
+    limit = IntType(default=100, max_value=100, min_value=1)
+    marker = UUIDType()
+
+
+class ResponseNetworkPort(Model):
+    id = UUIDType(required=True)
+    network_id = UUIDType(required=True)
+    ip_address = IPv4AddressType(required=True)
+
+    @classmethod
+    def from_database(cls, network_port: NetworkPort):
+        model = cls()
+        model.id = network_port.id
+        model.network_id = network_port.network_id
+        model.ip_address = network_port.ip_address
+
+        return model

deli_counter/http/mounts/root/routes/v1/validation_models/networks.py

@@ -90,6 +90,7 @@ class ParamsNetwork(Model):
 
 
 class ParamsListNetwork(Model):
+    name = StringType()
     region_id = UUIDType()
     limit = IntType(default=100, max_value=100, min_value=1)
     marker = UUIDType()

deli_counter/http/mounts/root/routes/v1/validation_models/regions.py

@@ -17,6 +17,7 @@ class ParamsRegion(Model):
 
 
 class ParamsListRegion(Model):
+    name = StringType()
     limit = IntType(default=100, max_value=100, min_value=1)
     marker = UUIDType()
 

deli_counter/test/base.py

@@ -262,6 +262,7 @@ def create_instance(self, app, project=None, region=None, zone=None, image=None,
 
             network_port = NetworkPort()
             network_port.network_id = network.id
+            network_port.project_id = project.id
             network_port.ip_address = network.next_free_address(session)
 
             session.add(network_port)