add api routes

f0ssel · f0ssel · commit df0eb3e8c9f2 · 2024-07-09T20:02:11.000Z
diff --git a/coderd/coderd.go b/coderd/coderd.go
@@ -915,6 +915,16 @@ func New(options *Options) *API {
 						})
 					})
 				})
+				r.Route("/provisionerkeys", func(r chi.Router) {
+					r.Get("/", api.provisionerKeys)
+					r.Post("/", api.postProvisionerKey)
+					r.Route("/{provisionerKey}", func(r chi.Router) {
+						r.Use(
+							httpmw.ExtractProvisionerKeyParam(options.Database),
+						)
+						r.Delete("/", api.deleteProvisionerKey)
+					})
+				})
 			})
 		})
 		r.Route("/templates", func(r chi.Router) {
diff --git a/coderd/httpmw/provisionerkey.go b/coderd/httpmw/provisionerkey.go
@@ -0,0 +1,58 @@
+package httpmw
+
+import (
+	"context"
+	"net/http"
+
+	"github.com/go-chi/chi/v5"
+
+	"github.com/coder/coder/v2/coderd/database"
+	"github.com/coder/coder/v2/coderd/httpapi"
+	"github.com/coder/coder/v2/codersdk"
+)
+
+type provisionerKeyParamContextKey struct{}
+
+// ProvisionerKeyParam returns the user from the ExtractProvisionerKeyParam handler.
+func ProvisionerKeyParam(r *http.Request) database.ProvisionerKey {
+	user, ok := r.Context().Value(userParamContextKey{}).(database.ProvisionerKey)
+	if !ok {
+		panic("developer error: provisioner key parameter middleware not provided")
+	}
+	return user
+}
+
+// ExtractProvisionerKeyParam extracts a provisioner key from a name in the {provisionerKey} URL
+// parameter.
+func ExtractProvisionerKeyParam(db database.Store) func(http.Handler) http.Handler {
+	return func(next http.Handler) http.Handler {
+		return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
+			ctx := r.Context()
+			organization := OrganizationParam(r)
+
+			provisionerKeyQuery := chi.URLParam(r, "provisionerKey")
+			if provisionerKeyQuery == "" {
+				httpapi.Write(ctx, rw, http.StatusBadRequest, codersdk.Response{
+					Message: "\"provisionerKey\" must be provided.",
+				})
+				return
+			}
+
+			provisionerKey, err := db.GetProvisionerKeyByName(ctx, database.GetProvisionerKeyByNameParams{
+				OrganizationID: organization.ID,
+				Name:           provisionerKeyQuery,
+			})
+			if httpapi.Is404Error(err) {
+				httpapi.ResourceNotFound(rw)
+				return
+			}
+			if err != nil {
+				httpapi.InternalServerError(rw, err)
+				return
+			}
+
+			ctx = context.WithValue(ctx, provisionerKeyParamContextKey{}, provisionerKey)
+			next.ServeHTTP(rw, r.WithContext(ctx))
+		})
+	}
+}
diff --git a/coderd/notifications/manager_test.go b/coderd/notifications/manager_test.go
@@ -7,12 +7,13 @@ import (
 	"testing"
 	"time"
 
-	"github.com/coder/serpent"
 	"github.com/google/uuid"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"golang.org/x/xerrors"
 
+	"github.com/coder/serpent"
+
 	"cdr.dev/slog"
 	"cdr.dev/slog/sloggers/slogtest"
 
diff --git a/coderd/provisionerkey/provisionerkey.go b/coderd/provisionerkey/provisionerkey.go
@@ -0,0 +1,31 @@
+package provisionerkey
+
+import (
+	"crypto/sha256"
+	"fmt"
+
+	"github.com/google/uuid"
+	"golang.org/x/xerrors"
+
+	"github.com/coder/coder/v2/coderd/database"
+	"github.com/coder/coder/v2/coderd/database/dbtime"
+	"github.com/coder/coder/v2/cryptorand"
+)
+
+func New(organizationID uuid.UUID, name string) (database.InsertProvisionerKeyParams, string, error) {
+	id := uuid.New()
+	secret, err := cryptorand.HexString(64)
+	if err != nil {
+		return database.InsertProvisionerKeyParams{}, "", xerrors.Errorf("generate token: %w", err)
+	}
+	hashedSecret := sha256.Sum256([]byte(secret))
+	token := fmt.Sprintf("%s:%s", id, secret)
+
+	return database.InsertProvisionerKeyParams{
+		ID:             id,
+		CreatedAt:      dbtime.Now(),
+		OrganizationID: organizationID,
+		Name:           name,
+		HashedSecret:   hashedSecret[:],
+	}, token, nil
+}
diff --git a/coderd/provisionerkeys.go b/coderd/provisionerkeys.go
@@ -0,0 +1,92 @@
+package coderd
+
+import (
+	"database/sql"
+	"errors"
+	"net/http"
+
+	"github.com/coder/coder/v2/coderd/database"
+	"github.com/coder/coder/v2/coderd/httpapi"
+	"github.com/coder/coder/v2/coderd/httpmw"
+	"github.com/coder/coder/v2/coderd/provisionerkey"
+	"github.com/coder/coder/v2/codersdk"
+)
+
+func (api *API) postProvisionerKey(rw http.ResponseWriter, r *http.Request) {
+	ctx := r.Context()
+	organization := httpmw.OrganizationParam(r)
+
+	var req codersdk.CreateProvisionerKeyRequest
+	if !httpapi.Read(ctx, rw, r, &req) {
+		return
+	}
+
+	params, token, err := provisionerkey.New(organization.ID, req.Name)
+	if err != nil {
+		httpapi.InternalServerError(rw, err)
+		return
+	}
+
+	_, err = api.Database.InsertProvisionerKey(ctx, params)
+	if err != nil {
+		httpapi.InternalServerError(rw, err)
+		return
+	}
+
+	httpapi.Write(ctx, rw, http.StatusCreated, codersdk.CreateProvisionerKeyResponse{
+		Key: token,
+	})
+}
+
+func (api *API) provisionerKeys(rw http.ResponseWriter, r *http.Request) {
+	ctx := r.Context()
+	organization := httpmw.OrganizationParam(r)
+
+	pks, err := api.Database.ListProvisionerKeysByOrganization(ctx, organization.ID)
+	if err != nil {
+		httpapi.InternalServerError(rw, err)
+		return
+	}
+
+	httpapi.Write(ctx, rw, http.StatusOK, convertProvisionerKeys(pks))
+}
+
+func (api *API) deleteProvisionerKey(rw http.ResponseWriter, r *http.Request) {
+	ctx := r.Context()
+	organization := httpmw.OrganizationParam(r)
+	provisionerKey := httpmw.ProvisionerKeyParam(r)
+
+	pk, err := api.Database.GetProvisionerKeyByName(ctx, database.GetProvisionerKeyByNameParams{
+		OrganizationID: organization.ID,
+		Name:           provisionerKey.Name,
+	})
+	if err != nil {
+		if errors.Is(err, sql.ErrNoRows) {
+			httpapi.ResourceNotFound(rw)
+			return
+		}
+		httpapi.InternalServerError(rw, err)
+		return
+	}
+
+	err = api.Database.DeleteProvisionerKey(ctx, pk.ID)
+	if err != nil {
+		httpapi.InternalServerError(rw, err)
+		return
+	}
+
+	httpapi.Write(ctx, rw, http.StatusNoContent, nil)
+}
+
+func convertProvisionerKeys(dbKeys []database.ListProvisionerKeysByOrganizationRow) []codersdk.ProvisionerKey {
+	keys := make([]codersdk.ProvisionerKey, 0, len(dbKeys))
+	for _, dbKey := range dbKeys {
+		keys = append(keys, codersdk.ProvisionerKey{
+			ID:             dbKey.ID,
+			CreatedAt:      dbKey.CreatedAt,
+			OrganizationID: dbKey.OrganizationID,
+			Name:           dbKey.Name,
+		})
+	}
+	return keys
+}
diff --git a/codersdk/provisionerdaemons.go b/codersdk/provisionerdaemons.go
@@ -264,3 +264,71 @@ func (c *Client) ServeProvisionerDaemon(ctx context.Context, req ServeProvisione
 	}
 	return proto.NewDRPCProvisionerDaemonClient(drpc.MultiplexedConn(session)), nil
 }
+
+type ProvisionerKey struct {
+	ID             uuid.UUID `json:"id" format:"uuid"`
+	CreatedAt      time.Time `json:"created_at" format:"date-time"`
+	OrganizationID uuid.UUID `json:"organization" format:"uuid"`
+	Name           string    `json:"name"`
+}
+
+type CreateProvisionerKeyRequest struct {
+	Name string `json:"name"`
+}
+
+type CreateProvisionerKeyResponse struct {
+	Key string
+}
+
+// CreateProvisionerKey creates a new provisioner key for an organization.
+func (c *Client) CreateProvisionerKey(ctx context.Context, organizationID uuid.UUID, req CreateProvisionerKeyRequest) (CreateProvisionerKeyResponse, error) {
+	res, err := c.Request(ctx, http.MethodPost,
+		fmt.Sprintf("/api/v2/organizations/%s/provisionerkeys", organizationID.String()),
+		req,
+	)
+	if err != nil {
+		return CreateProvisionerKeyResponse{}, xerrors.Errorf("make request: %w", err)
+	}
+	defer res.Body.Close()
+
+	if res.StatusCode != http.StatusCreated {
+		return CreateProvisionerKeyResponse{}, ReadBodyAsError(res)
+	}
+	var resp CreateProvisionerKeyResponse
+	return resp, json.NewDecoder(res.Body).Decode(&resp)
+}
+
+// ListProvisionerKeys lists all provisioner keys for an organization.
+func (c *Client) ListProvisionerKeys(ctx context.Context, organizationID uuid.UUID) ([]ProvisionerKey, error) {
+	res, err := c.Request(ctx, http.MethodPost,
+		fmt.Sprintf("/api/v2/organizations/%s/provisionerkeys", organizationID.String()),
+		nil,
+	)
+	if err != nil {
+		return nil, xerrors.Errorf("make request: %w", err)
+	}
+	defer res.Body.Close()
+
+	if res.StatusCode != http.StatusCreated {
+		return nil, ReadBodyAsError(res)
+	}
+	var resp []ProvisionerKey
+	return resp, json.NewDecoder(res.Body).Decode(&resp)
+}
+
+// DeleteProvisionerKey deletes a provisioner key.
+func (c *Client) DeleteProvisionerKey(ctx context.Context, organizationID uuid.UUID, name string) error {
+	res, err := c.Request(ctx, http.MethodDelete,
+		fmt.Sprintf("/api/v2/organizations/%s/provisionerkeys/%s", organizationID.String(), name),
+		nil,
+	)
+	if err != nil {
+		return xerrors.Errorf("make request: %w", err)
+	}
+	defer res.Body.Close()
+
+	if res.StatusCode != http.StatusNoContent {
+		return ReadBodyAsError(res)
+	}
+	return nil
+}
