magic-app/spikes/second.py

"""Less flashy version. More hard-coding."""

from hashlib import md5
from json import dumps, loads
from os import environ, mkdir
from os.path import exists
from pathlib import Path
from shlex import split
from subprocess import run
from typing import Dict

from flask import Flask, render_template, request
from flask_wtf import FlaskForm
from ruamel.yaml import YAML
from wtforms import PasswordField, StringField
from wtforms.validators import URL, DataRequired, Length

app = Flask(__name__)
app.secret_key = b'_5#y2L"F4Q8z\n\xec]/'

yaml = YAML()

APPS_SPEC = {
    "gitea": {
        "url": "https://git.autonomic.zone/compose-stacks/gitea",
        "secrets": [
            "db_passwd",
            "db_root_passwd",
            "internal_token",
            "jwt_secret",
            "secret_key",
        ],
        "configs": ["app_ini"],
    }
}
DATA_DIR = Path("./data")


def clone_app_template(app_name: str) -> None:
    """Git clone an app template repository."""
    clone_path = DATA_DIR / app_name
    clone_url = APPS_SPEC[app_name]["url"]
    run(split(f"git clone {clone_url} {clone_path}"))


def create_docker_secret(key: str, value: str) -> None:
    """Load a docker secret into swarm."""
    command = f"echo {value} | docker secret create {key} -"
    run(command, shell=True)


def dump_db(db: Dict) -> None:
    """Dump the database."""
    with open(DATA_DIR / "db.json", "w") as handle:
        handle.write(dumps(db))


def load_db() -> Dict:
    """Load the database."""
    db_path = DATA_DIR / "db.json"
    if exists(db_path):
        with open(db_path, "r") as handle:
            return loads(handle.read())
    return {}


def get_hash(value: str) -> str:
    """Hash a value for swarm versioning with good 'ol md5."""
    hasher = md5()
    hasher.update(value.encode())
    return hasher.hexdigest()


def arrange_configs_and_secrets(app_name, form_data, env):
    """Version secrets and configs for swarm."""

    def _create_versions(values, secrets=False):
        """Step through listing and create an env var key/val.

        Takes "app_ini" and produces {"APP_INI_VERSION": "app_ini_laksjdklajsdkla"}.
        Hash is based on the value of the input passed in from the form.
        """
        for value in values:
            if value in form_data:
                hashed = get_hash(form_data[value])
                env_key = f"{value.upper()}_VERSION"
                env_val = f"{value}_{hashed}"
                env[env_key] = env_val
                if secrets:
                    create_docker_secret(env_val, form_data[value])

    _create_versions(APPS_SPEC[app_name]["configs"])
    _create_versions(APPS_SPEC[app_name]["secrets"], secrets=True)

    return env


def stack_deploy(app_name, stack_name, env):
    """Depoy an application to the swarm."""
    compose_yml = DATA_DIR / app_name / "compose.yml"
    command = f"docker stack deploy -c {compose_yml} {stack_name}"

    # Note(decentral1se): we're not sure if this ever succeeds actually stuff
    # like https://github.com/issuu/sure-deploy could be used and once we
    # graduate this to a dockerise app, we could install that all in the
    # container and run it from here. Of course, if we're using JS or not might
    # affect this, say, we have a page that is real-time reporting or we're
    # using a static page? Unsure what the UX could be like, thinking of
    # cloudron loading bar but never like those...
    run(split(command), env=env)


def get_loaded_env(app_name, request_form):
    """Load environment from install form for compose.yml injection."""
    env = environ.copy()

    for key in request_form.keys():
        # Note(decentral1se): {"app_ini": "foo"} -> {"APP_INI": "foo"}
        env[key.upper()] = request.form[key]

    # Note(decentral1se): maybe we don't need this in the end since we will be
    # quite sure that our configs are working and we are not getting rate
    # limited
    env["LETS_ENCRYPT_ENV"] = "staging"

    return env


class GiteaInstallForm(FlaskForm):
    """Gitea installation form."""

    app_name = StringField("Application name", default="Git with a cup of tea")
    domain = StringField("Domain name", validators=[DataRequired()],)
    stack_name = StringField("Stack name", default="magic-app-gitea")

    db_host = StringField("Database host", default="mariadb:3306")
    db_name = StringField("Database name", default="gitea")
    db_passwd = PasswordField(
        "Database password", validators=[DataRequired(), Length(min=32)],
    )
    db_root_passwd = PasswordField(
        "Database root password", validators=[DataRequired(), Length(min=32)],
    )
    db_type = StringField("Database type", default="mysql")
    db_user = StringField("Database user", default="mysql")
    internal_token = PasswordField(
        "Internal secret token", validators=[DataRequired(), Length(min=105)],
    )
    jwt_secret = PasswordField(
        "JWT secret", validators=[DataRequired(), Length(min=43)],
    )
    secret_key = PasswordField(
        "Secret key", validators=[DataRequired(), Length(min=64)],
    )
    ssh_host_port = StringField("SSH host port", default="2225")


@app.route("/")
def index():
    """Home page for app installation possibilities."""
    return render_template("second/index.html", apps=[app for app in APPS_SPEC])


@app.route("/install/<app_name>")
def install(app_name):
    """Installation page for an app."""
    if app_name == "gitea":
        form = GiteaInstallForm()
    return render_template("second/install.html", app_name=app_name, form=form)


@app.route("/deploy/<app_name>", methods=["POST"])
def deploy(app_name):
    """Deployment end-point for an app."""
    if app_name == "gitea":
        form = GiteaInstallForm(request.form)

    if not form.validate():
        return render_template("second/install.html", app_name=app_name, form=form)

    try:
        mkdir(DATA_DIR)
    except FileExistsError:
        # Note(decentral1se): we already cloned it, so keep going
        pass

    clone_app_template(app_name)

    # Note(decentral1se): there are badly named and the functions have too many
    # concerns but they basically load every value required into the
    # environment so that it can be injected when docker stack deploy is run,
    # oh and secrets are also created as part of this step ;)
    env = get_loaded_env(app_name, form.data)
    env = arrange_configs_and_secrets(app_name, form.data, env)

    stack_name = form.data["stack_name"]
    dump_db({stack_name: form.data})
    stack_deploy(app_name, stack_name, env)
    return render_template(
        "second/deploy.html", app_name=app_name, stack_name=stack_name
    )


if __name__ == "__main__":
    app.run(debug=True, host="0.0.0.0")
Fix typo 2020-07-01 18:46:29 +00:00			`"""Less flashy version. More hard-coding."""`
Spoof out second version 2020-07-01 18:02:19 +00:00
Nearly at the deployment then 2020-07-02 11:41:31 +00:00			`from hashlib import md5`
More fishing around in the dark 2020-07-01 19:19:09 +00:00			`from json import dumps, loads`
Get to the point of deploy successfully 2020-07-02 12:20:03 +00:00			`from os import environ, mkdir`
More fishing around in the dark 2020-07-01 19:19:09 +00:00			`from os.path import exists`
Spoof out second version 2020-07-01 18:02:19 +00:00			`from pathlib import Path`
Spec out a second approach 2020-07-01 18:42:47 +00:00			`from shlex import split`
			`from subprocess import run`
Refactor and add a number of helper methods 2020-07-02 10:23:48 +00:00			`from typing import Dict`
Spoof out second version 2020-07-01 18:02:19 +00:00
More fishing around in the dark 2020-07-01 19:19:09 +00:00			`from flask import Flask, render_template, request`
Spec out a second approach 2020-07-01 18:42:47 +00:00			`from flask_wtf import FlaskForm`
Spoof out second version 2020-07-01 18:02:19 +00:00			`from ruamel.yaml import YAML`
Spec out a second approach 2020-07-01 18:42:47 +00:00			`from wtforms import PasswordField, StringField`
Get back-and-forth of form validation working 2020-07-02 11:04:10 +00:00			`from wtforms.validators import URL, DataRequired, Length`
Spoof out second version 2020-07-01 18:02:19 +00:00
			`app = Flask(__name__)`
			`app.secret_key = b'_5#y2L"F4Q8z\n\xec]/'`

			`yaml = YAML()`

Nearly at the deployment then 2020-07-02 11:41:31 +00:00			`APPS_SPEC = {`
			`"gitea": {`
			`"url": "https://git.autonomic.zone/compose-stacks/gitea",`
			`"secrets": [`
			`"db_passwd",`
			`"db_root_passwd",`
			`"internal_token",`
			`"jwt_secret",`
			`"secret_key",`
			`],`
			`"configs": ["app_ini"],`
			`}`
			`}`
Spoof out second version 2020-07-01 18:02:19 +00:00			`DATA_DIR = Path("./data")`

Spec out a second approach 2020-07-01 18:42:47 +00:00
Refactor and add a number of helper methods 2020-07-02 10:23:48 +00:00			`def clone_app_template(app_name: str) -> None:`
Spec out a second approach 2020-07-01 18:42:47 +00:00			`"""Git clone an app template repository."""`
			`clone_path = DATA_DIR / app_name`
Nearly at the deployment then 2020-07-02 11:41:31 +00:00			`clone_url = APPS_SPEC[app_name]["url"]`
Spec out a second approach 2020-07-01 18:42:47 +00:00			`run(split(f"git clone {clone_url} {clone_path}"))`
Spoof out second version 2020-07-01 18:02:19 +00:00

Get to the point of deploy successfully 2020-07-02 12:20:03 +00:00			`def create_docker_secret(key: str, value: str) -> None:`
			`"""Load a docker secret into swarm."""`
			`command = f"echo {value} \| docker secret create {key} -"`
			`run(command, shell=True)`


Refactor and add a number of helper methods 2020-07-02 10:23:48 +00:00			`def dump_db(db: Dict) -> None:`
More fishing around in the dark 2020-07-01 19:19:09 +00:00			`"""Dump the database."""`
			`with open(DATA_DIR / "db.json", "w") as handle:`
Refactor and add a number of helper methods 2020-07-02 10:23:48 +00:00			`handle.write(dumps(db))`
More fishing around in the dark 2020-07-01 19:19:09 +00:00

Refactor and add a number of helper methods 2020-07-02 10:23:48 +00:00			`def load_db() -> Dict:`
More fishing around in the dark 2020-07-01 19:19:09 +00:00			`"""Load the database."""`
			`db_path = DATA_DIR / "db.json"`
			`if exists(db_path):`
			`with open(db_path, "r") as handle:`
			`return loads(handle.read())`
			`return {}`


Nearly at the deployment then 2020-07-02 11:41:31 +00:00			`def get_hash(value: str) -> str:`
			`"""Hash a value for swarm versioning with good 'ol md5."""`
			`hasher = md5()`
			`hasher.update(value.encode())`
			`return hasher.hexdigest()`


Get to the point of deploy successfully 2020-07-02 12:20:03 +00:00			`def arrange_configs_and_secrets(app_name, form_data, env):`
Refactor duplication and use stack name 2020-07-02 11:48:55 +00:00			`"""Version secrets and configs for swarm."""`
Get to the point of deploy successfully 2020-07-02 12:20:03 +00:00
			`def _create_versions(values, secrets=False):`
			`"""Step through listing and create an env var key/val.`

			`Takes "app_ini" and produces {"APP_INI_VERSION": "app_ini_laksjdklajsdkla"}.`
			`Hash is based on the value of the input passed in from the form.`
			`"""`
			`for value in values:`
			`if value in form_data:`
			`hashed = get_hash(form_data[value])`
			`env_key = f"{value.upper()}_VERSION"`
			`env_val = f"{value}_{hashed}"`
			`env[env_key] = env_val`
			`if secrets:`
			`create_docker_secret(env_val, form_data[value])`

			`_create_versions(APPS_SPEC[app_name]["configs"])`
			`_create_versions(APPS_SPEC[app_name]["secrets"], secrets=True)`

Nearly at the deployment then 2020-07-02 11:41:31 +00:00			`return env`


Get to the point of deploy successfully 2020-07-02 12:20:03 +00:00			`def stack_deploy(app_name, stack_name, env):`
Refactor and add a number of helper methods 2020-07-02 10:23:48 +00:00			`"""Depoy an application to the swarm."""`
			`compose_yml = DATA_DIR / app_name / "compose.yml"`
Refactor duplication and use stack name 2020-07-02 11:48:55 +00:00			`command = f"docker stack deploy -c {compose_yml} {stack_name}"`
Add some notes 2020-07-02 13:00:27 +00:00
			`# Note(decentral1se): we're not sure if this ever succeeds actually stuff`
			`# like https://github.com/issuu/sure-deploy could be used and once we`
			`# graduate this to a dockerise app, we could install that all in the`
			`# container and run it from here. Of course, if we're using JS or not might`
			`# affect this, say, we have a page that is real-time reporting or we're`
			`# using a static page? Unsure what the UX could be like, thinking of`
			`# cloudron loading bar but never like those...`
Refactor and add a number of helper methods 2020-07-02 10:23:48 +00:00			`run(split(command), env=env)`


			`def get_loaded_env(app_name, request_form):`
Trim down messages, UX comes later 2020-07-02 11:09:51 +00:00			`"""Load environment from install form for compose.yml injection."""`
Get the env loading right for gitea 2020-07-02 12:50:23 +00:00			`env = environ.copy()`

Refactor and add a number of helper methods 2020-07-02 10:23:48 +00:00			`for key in request_form.keys():`
Add some notes 2020-07-02 13:00:27 +00:00			`# Note(decentral1se): {"app_ini": "foo"} -> {"APP_INI": "foo"}`
Get the env loading right for gitea 2020-07-02 12:50:23 +00:00			`env[key.upper()] = request.form[key]`

Add some notes 2020-07-02 13:00:27 +00:00			`# Note(decentral1se): maybe we don't need this in the end since we will be`
			`# quite sure that our configs are working and we are not getting rate`
			`# limited`
Get the env loading right for gitea 2020-07-02 12:50:23 +00:00			`env["LETS_ENCRYPT_ENV"] = "staging"`

			`return env`
Refactor and add a number of helper methods 2020-07-02 10:23:48 +00:00

			`class GiteaInstallForm(FlaskForm):`
			`"""Gitea installation form."""`

			`app_name = StringField("Application name", default="Git with a cup of tea")`
Trim down messages, UX comes later 2020-07-02 11:09:51 +00:00			`domain = StringField("Domain name", validators=[DataRequired()],)`
Refactor duplication and use stack name 2020-07-02 11:48:55 +00:00			`stack_name = StringField("Stack name", default="magic-app-gitea")`
Refactor and add a number of helper methods 2020-07-02 10:23:48 +00:00
			`db_host = StringField("Database host", default="mariadb:3306")`
			`db_name = StringField("Database name", default="gitea")`
Get back-and-forth of form validation working 2020-07-02 11:04:10 +00:00			`db_passwd = PasswordField(`
Trim down messages, UX comes later 2020-07-02 11:09:51 +00:00			`"Database password", validators=[DataRequired(), Length(min=32)],`
Get back-and-forth of form validation working 2020-07-02 11:04:10 +00:00			`)`
			`db_root_passwd = PasswordField(`
Trim down messages, UX comes later 2020-07-02 11:09:51 +00:00			`"Database root password", validators=[DataRequired(), Length(min=32)],`
Get back-and-forth of form validation working 2020-07-02 11:04:10 +00:00			`)`
Refactor and add a number of helper methods 2020-07-02 10:23:48 +00:00			`db_type = StringField("Database type", default="mysql")`
			`db_user = StringField("Database user", default="mysql")`
Get back-and-forth of form validation working 2020-07-02 11:04:10 +00:00			`internal_token = PasswordField(`
Trim down messages, UX comes later 2020-07-02 11:09:51 +00:00			`"Internal secret token", validators=[DataRequired(), Length(min=105)],`
Get back-and-forth of form validation working 2020-07-02 11:04:10 +00:00			`)`
			`jwt_secret = PasswordField(`
Trim down messages, UX comes later 2020-07-02 11:09:51 +00:00			`"JWT secret", validators=[DataRequired(), Length(min=43)],`
Get back-and-forth of form validation working 2020-07-02 11:04:10 +00:00			`)`
			`secret_key = PasswordField(`
Nearly at the deployment then 2020-07-02 11:41:31 +00:00			`"Secret key", validators=[DataRequired(), Length(min=64)],`
Get back-and-forth of form validation working 2020-07-02 11:04:10 +00:00			`)`
Get the env loading right for gitea 2020-07-02 12:50:23 +00:00			`ssh_host_port = StringField("SSH host port", default="2225")`
Refactor and add a number of helper methods 2020-07-02 10:23:48 +00:00

Spoof out second version 2020-07-01 18:02:19 +00:00			`@app.route("/")`
Spec out a second approach 2020-07-01 18:42:47 +00:00			`def index():`
Refactor and add a number of helper methods 2020-07-02 10:23:48 +00:00			`"""Home page for app installation possibilities."""`
Nearly at the deployment then 2020-07-02 11:41:31 +00:00			`return render_template("second/index.html", apps=[app for app in APPS_SPEC])`
Spec out a second approach 2020-07-01 18:42:47 +00:00

Refactor and add a number of helper methods 2020-07-02 10:23:48 +00:00			`@app.route("/install/<app_name>")`
			`def install(app_name):`
			`"""Installation page for an app."""`
Spec out a second approach 2020-07-01 18:42:47 +00:00			`if app_name == "gitea":`
Refactor and add a number of helper methods 2020-07-02 10:23:48 +00:00			`form = GiteaInstallForm()`
			`return render_template("second/install.html", app_name=app_name, form=form)`
Spoof out second version 2020-07-01 18:02:19 +00:00

More fishing around in the dark 2020-07-01 19:19:09 +00:00			`@app.route("/deploy/<app_name>", methods=["POST"])`
			`def deploy(app_name):`
Refactor and add a number of helper methods 2020-07-02 10:23:48 +00:00			`"""Deployment end-point for an app."""`
Try to add validation 2020-07-02 10:26:02 +00:00			`if app_name == "gitea":`
			`form = GiteaInstallForm(request.form)`

			`if not form.validate():`
Get back-and-forth of form validation working 2020-07-02 11:04:10 +00:00			`return render_template("second/install.html", app_name=app_name, form=form)`
Try to add validation 2020-07-02 10:26:02 +00:00
Get to the point of deploy successfully 2020-07-02 12:20:03 +00:00			`try:`
			`mkdir(DATA_DIR)`
			`except FileExistsError:`
Add some notes 2020-07-02 13:00:27 +00:00			`# Note(decentral1se): we already cloned it, so keep going`
Get to the point of deploy successfully 2020-07-02 12:20:03 +00:00			`pass`

			`clone_app_template(app_name)`

Add some notes 2020-07-02 13:00:27 +00:00			`# Note(decentral1se): there are badly named and the functions have too many`
			`# concerns but they basically load every value required into the`
			`# environment so that it can be injected when docker stack deploy is run,`
			`# oh and secrets are also created as part of this step ;)`
Nearly at the deployment then 2020-07-02 11:41:31 +00:00			`env = get_loaded_env(app_name, form.data)`
Get to the point of deploy successfully 2020-07-02 12:20:03 +00:00			`env = arrange_configs_and_secrets(app_name, form.data, env)`
More fishing around in the dark 2020-07-01 19:19:09 +00:00
Add some notes 2020-07-02 13:00:27 +00:00			`stack_name = form.data["stack_name"]`
			`dump_db({stack_name: form.data})`
			`stack_deploy(app_name, stack_name, env)`
Add success rendering 2020-07-02 12:29:15 +00:00			`return render_template(`
Add some notes 2020-07-02 13:00:27 +00:00			`"second/deploy.html", app_name=app_name, stack_name=stack_name`
Add success rendering 2020-07-02 12:29:15 +00:00			`)`

More fishing around in the dark 2020-07-01 19:19:09 +00:00
Spoof out second version 2020-07-01 18:02:19 +00:00			`if __name__ == "__main__":`
			`app.run(debug=True, host="0.0.0.0")`