Audit log suspend

plugins/backstage-plugin-flux/dev/index.tsx

@@ -3,7 +3,13 @@ import { Content } from '@backstage/core-components';
 import { createDevApp } from '@backstage/dev-utils';
 import { EntityProvider } from '@backstage/plugin-catalog-react';
 import { Entity } from '@backstage/catalog-model';
-import { configApiRef } from '@backstage/core-plugin-api';
+import {
+  BackstageUserIdentity,
+  IdentityApi,
+  ProfileInfo,
+  configApiRef,
+  identityApiRef,
+} from '@backstage/core-plugin-api';
 import { ConfigReader } from '@backstage/core-app-api';
 import {
   KubernetesApi,
@@ -46,6 +52,12 @@ import {
 } from '../src/hooks/useGetDeployments';
 import { Namespace } from '../src/objects';
 
+const userId = 'user:default/guest';
+const profile = {
+  displayName: 'Guest',
+  picture: 'https://avatars.githubusercontent.com/u/35202557?v=4',
+};
+
 const fakeEntity: Entity = {
   apiVersion: 'backstage.io/v1alpha1',
   kind: 'Component',
@@ -309,6 +321,30 @@ class StubKubernetesAuthProvidersApi implements KubernetesAuthProvidersApi {
   }
 }
 
+class StubIdentityApi implements IdentityApi {
+  async getBackstageIdentity(): Promise<BackstageUserIdentity> {
+    return {
+      ownershipEntityRefs: [userId],
+      type: 'user',
+      userEntityRef: userId,
+    };
+  }
+
+  async getProfileInfo(): Promise<ProfileInfo> {
+    return profile;
+  }
+
+  getCredentials(): Promise<{
+    token?: string;
+  }> {
+    return Promise.resolve({ token: 'token' });
+  }
+
+  signOut(): Promise<void> {
+    return Promise.resolve();
+  }
+}
+
 createDevApp()
   .addPage({
     title: 'Helm Releases',
@@ -322,6 +358,7 @@ createDevApp()
               gitops: { baseUrl: 'https://example.com/wego', readOnly: false },
             }),
           ],
+          [identityApiRef, new StubIdentityApi()],
           [
             kubernetesApiRef,
             new StubKubernetesClient([
@@ -382,6 +419,7 @@ createDevApp()
               gitops: { baseUrl: 'https://example.com/wego', readOnly: false },
             }),
           ],
+          [identityApiRef, new StubIdentityApi()],
           [
             kubernetesApiRef,
             new StubKubernetesClient([
@@ -428,6 +466,7 @@ createDevApp()
               gitops: { baseUrl: 'https://example.com/wego', readOnly: false },
             }),
           ],
+          [identityApiRef, new StubIdentityApi()],
           [
             kubernetesApiRef,
             new StubKubernetesClient([
@@ -462,7 +501,6 @@ createDevApp()
               ),
             ]),
           ],
-
           [kubernetesAuthProvidersApiRef, new StubKubernetesAuthProvidersApi()],
         ]}
       >
@@ -486,6 +524,7 @@ createDevApp()
               gitops: { baseUrl: 'https://example.com/wego', readOnly: false },
             }),
           ],
+          [identityApiRef, new StubIdentityApi()],
           [
             kubernetesApiRef,
             new StubKubernetesClient([
@@ -503,7 +542,6 @@ createDevApp()
               ),
             ]),
           ],
-
           [kubernetesAuthProvidersApiRef, new StubKubernetesAuthProvidersApi()],
         ]}
       >
@@ -527,6 +565,7 @@ createDevApp()
               gitops: { baseUrl: 'https://example.com/wego', readOnly: false },
             }),
           ],
+          [identityApiRef, new StubIdentityApi()],
           [
             kubernetesApiRef,
             new StubKubernetesClient([
@@ -538,7 +577,6 @@ createDevApp()
               ),
             ]),
           ],
-
           [kubernetesAuthProvidersApiRef, new StubKubernetesAuthProvidersApi()],
         ]}
       >
@@ -562,6 +600,7 @@ createDevApp()
               gitops: { baseUrl: 'https://example.com/wego', readOnly: false },
             }),
           ],
+          [identityApiRef, new StubIdentityApi()],
           [
             kubernetesApiRef,
             new StubKubernetesClient([
@@ -580,7 +619,6 @@ createDevApp()
               ),
             ]),
           ],
-
           [kubernetesAuthProvidersApiRef, new StubKubernetesAuthProvidersApi()],
         ]}
       >
@@ -604,6 +642,7 @@ createDevApp()
               gitops: { baseUrl: 'https://example.com/wego', readOnly: false },
             }),
           ],
+          [identityApiRef, new StubIdentityApi()],
           [
             kubernetesApiRef,
             new StubKubernetesClient([
@@ -662,7 +701,6 @@ createDevApp()
               ),
             ]),
           ],
-
           [kubernetesAuthProvidersApiRef, new StubKubernetesAuthProvidersApi()],
         ]}
       >
@@ -704,6 +742,7 @@ createDevApp()
             ]),
           ],
           [kubernetesAuthProvidersApiRef, new StubKubernetesAuthProvidersApi()],
+          [identityApiRef, new StubIdentityApi()],
         ]}
       >
         <EntityProvider entity={fakeEntity}>
@@ -726,6 +765,7 @@ createDevApp()
               gitops: { baseUrl: 'https://example.com/wego', readOnly: false },
             }),
           ],
+          [identityApiRef, new StubIdentityApi()],
           [
             kubernetesApiRef,
             new StubKubernetesClient([

plugins/backstage-plugin-flux/src/components/helpers.tsx

@@ -187,6 +187,7 @@ export function GroupAction({
   resource: Source | Deployment | ImagePolicy;
 }) {
   const { sync, isSyncing } = useSyncResource(resource);
+
   const { loading: isSuspending, toggleSuspend } = useToggleSuspendResource(
     resource as Source | Deployment,
     true,

plugins/backstage-plugin-flux/src/hooks/useGetUser.test.ts

@@ -0,0 +1,38 @@
+import { identityApiRef } from '@backstage/core-plugin-api';
+import { getUserInfo } from './useGetUser';
+
+function makeMockIdentityApi() {
+  return {
+    getObjectsByEntity: jest.fn(),
+    getProfileInfo: jest.fn(),
+    getBackstageIdentity: jest.fn(),
+    getCredentials: jest.fn(),
+    signOut: jest.fn(),
+  } as jest.Mocked<typeof identityApiRef.T>;
+}
+
+describe('getUserInfo', () => {
+  it('should get the user details', async () => {
+    const userId = 'user:default/guest';
+    const profile = {
+      displayName: 'Guest',
+      picture: 'https://avatars.githubusercontent.com/u/35202557?v=4',
+    };
+
+    const identityApi = makeMockIdentityApi();
+
+    identityApi.getBackstageIdentity.mockImplementation(async () => {
+      return {
+        ownershipEntityRefs: [userId],
+        type: 'user',
+        userEntityRef: userId,
+      };
+    });
+
+    identityApi.getProfileInfo.mockImplementation(async () => profile);
+
+    const userDetails = await getUserInfo(identityApi);
+
+    expect(userDetails).toEqual({ profile, userId });
+  });
+});

plugins/backstage-plugin-flux/src/hooks/useGetUser.ts

@@ -0,0 +1,38 @@
+import {
+  IdentityApi,
+  ProfileInfo,
+  identityApiRef,
+  useApi,
+} from '@backstage/core-plugin-api';
+import { useQuery } from '@tanstack/react-query';
+
+export async function getUserInfo(identityApi: IdentityApi) {
+  const backstageIdentity = await identityApi.getBackstageIdentity();
+  const profile = await identityApi.getProfileInfo();
+
+  return {
+    profile,
+    userId: backstageIdentity.userEntityRef,
+  };
+}
+
+/**
+ *
+ * @public
+ */
+export function useGetUserInfo() {
+  const identityApi = useApi(identityApiRef);
+
+  const { isLoading, data, error } = useQuery<
+    {
+      profile: ProfileInfo;
+      userId: string;
+    },
+    Error
+  >({
+    queryKey: ['user_info'],
+    queryFn: () => getUserInfo(identityApi),
+  });
+
+  return { isLoading, data, error };
+}

plugins/backstage-plugin-flux/src/hooks/useToggleSuspendResource.test.ts

@@ -39,7 +39,7 @@ describe('toggleSuspendRequest', () => {
     const expected = {
       clusterName: 'test-cluster-name',
       init: {
-        body: `{"spec":{"suspend":false}}`,
+        body: `{"metadata":{"annotations":{"weave.works/suspended-by":"Guest"}},"spec":{"suspend":false}}`,
         headers: {
           'Content-Type': 'application/merge-patch+json',
         },
@@ -49,7 +49,7 @@ describe('toggleSuspendRequest', () => {
     };
 
     expect(
-      toggleSuspendRequest(name, namespace, clusterName, gvk, suspend),
+      toggleSuspendRequest(name, namespace, clusterName, gvk, suspend, 'Guest'),
     ).toEqual(expected);
   });
 });
@@ -116,6 +116,7 @@ describe('requestToggleSuspendResource', () => {
         'test-cluster-name',
         gvk,
         false,
+        'Guest',
       ),
     ).resolves.toBeUndefined();
   });
@@ -143,6 +144,7 @@ describe('requestToggleSuspendResource', () => {
         'test-cluster-name',
         gvk,
         false,
+        'Guest',
       ),
     ).rejects.toThrow('Failed to Resume resource: 500 Internal Server Error');
   });
@@ -168,13 +170,19 @@ describe('toggleSuspendResource', () => {
       status: 200,
     } as Response);
 
-    await toggleSuspendResource(helmRelease, kubernetesApi, alertApi, false);
+    await toggleSuspendResource(
+      helmRelease,
+      kubernetesApi,
+      alertApi,
+      false,
+      'Guest',
+    );
 
     // ASSERT we tried to PATCH the resource
     expect(kubernetesApi.proxy).toHaveBeenCalledWith({
       clusterName: 'test-clusterName',
       init: {
-        body: `{"spec":{"suspend":false}}`,
+        body: `{"metadata":{"annotations":{"weave.works/suspended-by":"Guest"}},"spec":{"suspend":false}}`,
         headers: {
           'Content-Type': 'application/merge-patch+json',
         },
@@ -185,7 +193,7 @@ describe('toggleSuspendResource', () => {
 
     expect(alertApi.post).toHaveBeenCalledWith({
       display: 'transient',
-      message: 'Resume request successful',
+      message: 'Resume request made by Guest was successful',
       severity: 'success',
     });
   });
@@ -200,7 +208,13 @@ describe('toggleSuspendResource', () => {
       statusText: 'Forbidden',
     } as Response);
 
-    await toggleSuspendResource(helmRelease, kubernetesApi, alertApi, false);
+    await toggleSuspendResource(
+      helmRelease,
+      kubernetesApi,
+      alertApi,
+      false,
+      'Guest',
+    );
 
     expect(alertApi.post).toHaveBeenCalledWith({
       display: 'transient',