#5 REST API : misc/pod-as-a-service#5

btasker Permalink
10-Nov-24 15:10

assigned to @btasker

btasker Permalink
10-Nov-24 15:53

verified

mentioned in commit 67eaa67e0a7734b2ae05ede1b9a5b0139565ad15

Commit: 67eaa67e0a7734b2ae05ede1b9a5b0139565ad15 
Author: B Tasker                            
                            
Date: 2024-11-10T15:52:37.000+00:00

Message

feat: add service and ingress to serve api (misc/pod-as-a-service#5)

+45 -0 (45 lines changed)

btasker Permalink
10-Nov-24 16:11

verified

mentioned in commit 40d614c1ebfd9ea435745b7c309b37115719cdb2

Commit: 40d614c1ebfd9ea435745b7c309b37115719cdb2 
Author: B Tasker                            
                            
Date: 2024-11-10T16:10:41.000+00:00

Message

feat: create initial REST server implementation (misc/pod-as-a-service#5)

This allows control of a customer's apps:

list
delete
restart

There's no auth implementation, we currently just take the customer's ID from a request header

+110 -9 (119 lines changed)

btasker Permalink
10-Nov-24 16:20

verified

mentioned in commit 51d81f1be54a382d8b991ab88355f60db587ce83

Commit: 51d81f1be54a382d8b991ab88355f60db587ce83 
Author: B Tasker                            
                            
Date: 2024-11-10T16:20:36.000+00:00

Message

feat: allow creation of apps via REST API (misc/pod-as-a-service#5)

+27 -12 (39 lines changed)

btasker Permalink
10-Nov-24 16:25

OK, so there's now REST api support for app management.

The endpoints are:

# List apps available for install
@app.route("/api/v1/available_apps", methods=["GET"])

# Create an instance of <app_type> with name <app_name>
@app.route("/api/v1/app/<app_type>/<app_name>/create", methods=["POST"])

# List running apps
@app.route("/api/v1/app/list", methods=["GET"])

# Restart the app of type <app_type> with name <app_name>
@app.route("/api/v1/app/<app_type>/<app_name>/restart", methods=["POST"])

# Delete the app of type <app_type> with name <app_name> (warn: irreversible)
@app.route("/api/v1/app/<app_type>/<app_name>/delete", methods=["DELETE"])

As noted, there's currently no authentication so the customer ID gets supplied in a header:

curl -X POST -H "customer-id: 5b9deda2" http://custportal.svc.lan/api/v1/app/grafana/grafana-test/create

btasker Permalink
10-Nov-24 16:43

verified

mentioned in commit 0ad8e9cf3257689229ff217c458471e3fe0f61de

Commit: 0ad8e9cf3257689229ff217c458471e3fe0f61de 
Author: B Tasker                            
                            
Date: 2024-11-10T16:42:50.000+00:00

Message

feat: add customer management api endpoints (misc/pod-as-a-service#5)

+63 -15 (78 lines changed)

btasker Permalink
10-Nov-24 16:43

The customer management API is in place:

@app.route("/api/v1/customers", methods=["GET"])
@app.route("/api/v1/customers/<customer_id>/delete", methods=["DELETE"])
@app.route("/api/v1/customers/create", methods=["POST"])

Because there's currently no authentication, every request is a super-user request and can hit these APIs. Ultimately, once auth is implemented, it should only set is_superuser to true on specific accounts.

We might, ultimately, want to separate out privileges for customer creation: if this were ever to go live, we'd probably have some kind of sign-up form which results in a customer being created. There's no good reason that form should carry the privileges necessary to delete other customers.

Examples

Creating a customer

curl -d '{"name":"ben-corp 2"}' http://custportal.svc.lan/api/v1/customers/create

Listing customers

curl http://custportal.svc.lan/api/v1/customers

Deleting a customer

curl -X DELETE http://custportal.svc.lan/api/v1/customers/16f17a08/delete

btasker Permalink
10-Nov-24 16:43

The API now supports everything that the CLI does (and so, in turn, supports all the functionality built so far).

Next step is probably to look at letting it serve up web-pages etc.

misc/pod-as-a-service#5: REST API

Issue Information

Activity

Examples