Generate openapi yaml and export for creating golang client #725

deepfence · Dec 10, 2022 · 9888c6c · 9888c6c
1 parent 2dd5aad
commit 9888c6c
Show file tree

Hide file tree

Showing 6 changed files with 53 additions and 1,878 deletions.
diff --git a/.gitignore b/.gitignore
@@ -35,4 +35,7 @@ deepfence_agent/tools/apache/scope/proto/
 deepfence_server/vendor
 
 deepfence_ingester/vendor
-deepfence_ingester/deepfence_ingester
+deepfence_ingester/deepfence_ingester
+
+openapi.json
+openapi.yaml
diff --git a/Makefile b/Makefile
@@ -94,15 +94,20 @@ ingester:
 
 .PHONY: openapi
 openapi:
+	docker run --rm -it \
+	--entrypoint=/usr/local/bin/deepfence_server \
+	-v $(PWD):/app $(IMAGE_REPOSITORY)/deepfence_server_ce:$(DF_IMG_TAG) \
+	--export-api-docs-path /app/openapi.yaml
+
 	docker run --rm \
 	-v $(PWD):/local openapitools/openapi-generator-cli generate \
-	-i /local/openapi.json \
+	-i /local/openapi.yaml \
 	-g go \
 	-o /local/deepfence_server_client \
 	-p isGoSubmodule=true \
 	-p packageName=deepfence_server_client \
 	--git-repo-id ThreatMapper \
-	--git-user-id deepfence && \
-	cd $(PWD)/deepfence_server_client && \
-	go mod tidy -v && \
-	cd - 
+	--git-user-id deepfence
+
+	rm openapi.yaml
+	cd $(PWD)/deepfence_server_client && go mod tidy -v && cd -
diff --git a/deepfence_server/handler/customHandler.go b/deepfence_server/handler/customHandler.go
@@ -9,7 +9,7 @@ import (
 )
 
 type Handler struct {
-	TokenAuth      *jwtauth.JWTAuth
+	TokenAuth      *jwtauth.JWTAuth // TODO: move to global postgres / customer postgres
 	AuthEnforcer   *casbin.Enforcer
 	OpenApiDocs    *apiDocs.OpenApiDocs
 	SaasDeployment bool

diff --git a/deepfence_server/main.go b/deepfence_server/main.go
@@ -8,6 +8,7 @@ import (
 	"net/http"
 	"os"
 	"os/signal"
+	"path/filepath"
 	"strings"
 	"time"
 
@@ -23,9 +24,10 @@ import (
 )
 
 var (
-	verbosity        = flag.String("verbose", "info", "log level")
-	serveOpenapiDocs = flag.Bool("api-docs", true, "serve openapi documentation")
-	kafkaBrokers     string
+	verbosity             = flag.String("verbose", "info", "log level")
+	exportOpenapiDocsPath = flag.String("export-api-docs-path", "", "export openapi documentation to file path")
+	serveOpenapiDocs      = flag.Bool("api-docs", true, "serve openapi documentation")
+	kafkaBrokers          string
 )
 
 type Config struct {
@@ -41,12 +43,23 @@ func main() {
 		log.Fatal().Msg(err.Error())
 	}
 
-	err = initializeKafka()
-	if err != nil {
-		log.Fatal().Msg(err.Error())
-	}
+	if *exportOpenapiDocsPath == "" {
+		config.JwtSecret, err = initializeDatabase()
+		if err != nil {
+			log.Fatal().Msg(err.Error())
+		}
 
-	log.Info().Msg("starting deepfence-server")
+		err = initializeKafka()
+		if err != nil {
+			log.Fatal().Msg(err.Error())
+		}
+
+		log.Info().Msg("starting deepfence-server")
+	} else {
+		if *exportOpenapiDocsPath != filepath.Clean(*exportOpenapiDocsPath) {
+			log.Fatal().Msgf("File path %s is not valid", *exportOpenapiDocsPath)
+		}
+	}
 
 	r := chi.NewRouter()
 	r.Use(middleware.Logger)
@@ -57,12 +70,22 @@ func main() {
 	ctx, cancel := context.WithCancel(context.Background())
 	go startKafkaProducer(ctx, kafkaBrokers, ingestC)
 
-	err = router.SetupRoutes(r, config.HttpListenEndpoint, config.JwtSecret, *serveOpenapiDocs, ingestC)
+	dfHandler, err := router.SetupRoutes(r, config.HttpListenEndpoint, config.JwtSecret, *serveOpenapiDocs, ingestC)
 	if err != nil {
 		log.Error().Msg(err.Error())
 		return
 	}
 
+	if *exportOpenapiDocsPath != "" {
+		openApiYaml, err := dfHandler.OpenApiDocs.Yaml()
+		if err != nil {
+			return
+		}
+		err = os.WriteFile(*exportOpenapiDocsPath, openApiYaml, 0666)
+		log.Info().Msgf("OpenAPI yaml saved at %s", *exportOpenapiDocsPath)
+		return
+	}
+
 	httpServer := http.Server{Addr: config.HttpListenEndpoint, Handler: r}
 
 	idleConnectionsClosed := make(chan struct{})
@@ -96,13 +119,8 @@ func initialize() (*Config, error) {
 		httpListenEndpoint = "8080"
 	}
 
-	jwtSecret, err := initializeDatabase()
-	if err != nil {
-		return nil, err
-	}
 	return &Config{
 		HttpListenEndpoint: ":" + httpListenEndpoint,
-		JwtSecret:          jwtSecret,
 	}, nil
 }
 

diff --git a/deepfence_server/router/router.go b/deepfence_server/router/router.go
@@ -35,14 +35,14 @@ const (
 	ResourceScan        = "scan"
 )
 
-func SetupRoutes(r *chi.Mux, serverPort string, jwtSecret []byte, serveOpenapiDocs bool, ingestC chan *kgo.Record) error {
+func SetupRoutes(r *chi.Mux, serverPort string, jwtSecret []byte, serveOpenapiDocs bool, ingestC chan *kgo.Record) (*handler.Handler, error) {
 	// JWT
 	tokenAuth := jwtauth.New("HS256", jwtSecret, nil)
 
 	// authorization
 	authEnforcer, err := getAuthorizationHandler()
 	if err != nil {
-		return err
+		return nil, err
 	}
 
 	openApiDocs := apiDocs.InitializeOpenAPIReflector()
@@ -58,15 +58,15 @@ func SetupRoutes(r *chi.Mux, serverPort string, jwtSecret []byte, serveOpenapiDo
 
 	err = dfHandler.Validator.RegisterValidation("password", model.ValidatePassword)
 	if err != nil {
-		return err
+		return nil, err
 	}
 	err = dfHandler.Validator.RegisterValidation("company_name", model.ValidateCompanyName)
 	if err != nil {
-		return err
+		return nil, err
 	}
 	err = dfHandler.Validator.RegisterValidation("user_name", model.ValidateUserName)
 	if err != nil {
-		return err
+		return nil, err
 	}
 
 	//root := "/usr/local/share/swagger-ui"
@@ -156,7 +156,7 @@ func SetupRoutes(r *chi.Mux, serverPort string, jwtSecret []byte, serveOpenapiDo
 
 		})
 	})
-	return nil
+	return dfHandler, nil
 }
 
 func getAuthorizationHandler() (*casbin.Enforcer, error) {