dataforge/deploy_server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ff5c17f7ff851e72a88a3c91ecb3f83ee483ca05
deploy_server/server.go
T
fn-registry agent 041400b907 chore: sync from fn-registry agent
2026-04-28 22:12:20 +02:00

224 lines
5.8 KiB
Go
Raw Blame History

package main
import (
"crypto/hmac"
"crypto/sha256"
"encoding/hex"
"encoding/json"
"flag"
"fmt"
"io"
"net/http"
"os"
"path/filepath"
"strings"
)
func cmdServe(args []string) {
fs := flag.NewFlagSet("serve", flag.ExitOnError)
port := fs.Int("port", 9090, "listen port")
fs.Parse(args)
s := openStoreOrDie()
// No defer close — server runs forever
d := NewDeployer(s, registryRoot())
srv := &Server{store: s, deployer: d}
mux := http.NewServeMux()
mux.HandleFunc("POST /webhook/push", srv.handleWebhook)
mux.HandleFunc("GET /api/targets", srv.handleListTargets)
mux.HandleFunc("GET /api/targets/{app}", srv.handleGetTarget)
mux.HandleFunc("POST /api/deploy/{app}", srv.handleDeploy)
mux.HandleFunc("GET /api/status/{app}", srv.handleStatus)
mux.HandleFunc("GET /api/health", srv.handleHealth)
mux.HandleFunc("GET /api/logs", srv.handleLogs)
mux.HandleFunc("GET /api/logs/{app}", srv.handleLogs)
addr := fmt.Sprintf(":%d", *port)
fmt.Printf("deploy_server listening on %s\n", addr)
if err := http.ListenAndServe(addr, mux); err != nil {
fmt.Fprintf(os.Stderr, "server error: %v\n", err)
os.Exit(1)
}
}
type Server struct {
store *Store
deployer *Deployer
}
// giteaPushPayload es el subset del payload de Gitea que nos interesa.
type giteaPushPayload struct {
Ref string `json:"ref"`
Repository struct {
Name string `json:"name"`
FullName string `json:"full_name"`
} `json:"repository"`
Commits []struct {
Modified []string `json:"modified"`
Added []string `json:"added"`
Removed []string `json:"removed"`
} `json:"commits"`
}
func (s *Server) handleWebhook(w http.ResponseWriter, r *http.Request) {
body, err := io.ReadAll(r.Body)
if err != nil {
http.Error(w, "read body", http.StatusBadRequest)
return
}
// Validar signature si hay secret configurado
secret := os.Getenv("DEPLOY_WEBHOOK_SECRET")
if secret != "" {
sig := r.Header.Get("X-Gitea-Signature")
if !verifySignature(body, sig, secret) {
http.Error(w, "invalid signature", http.StatusUnauthorized)
return
}
}
var payload giteaPushPayload
if err := json.Unmarshal(body, &payload); err != nil {
http.Error(w, "parse payload", http.StatusBadRequest)
return
}
// Detectar qué apps fueron afectadas por los cambios
apps := s.detectAffectedApps(payload)
if len(apps) == 0 {
// Intentar match por nombre de repo
targets, _ := s.store.GetTargets(payload.Repository.Name)
if len(targets) > 0 {
apps = append(apps, payload.Repository.Name)
}
}
if len(apps) == 0 {
json.NewEncoder(w).Encode(map[string]string{"status": "no matching targets"})
return
}
// Deploy cada app afectada
results := make(map[string]string)
for _, app := range apps {
targets, _ := s.store.GetTargets(app)
for _, t := range targets {
if err := s.deployer.Deploy(t, "webhook"); err != nil {
results[app+"@"+t.Host] = "failed: " + err.Error()
} else {
results[app+"@"+t.Host] = "deployed"
}
}
}
json.NewEncoder(w).Encode(results)
}
func (s *Server) detectAffectedApps(payload giteaPushPayload) []string {
seen := make(map[string]bool)
var apps []string
for _, commit := range payload.Commits {
allFiles := append(append(commit.Modified, commit.Added...), commit.Removed...)
for _, f := range allFiles {
// Detectar apps/ paths
if strings.HasPrefix(f, "apps/") {
parts := strings.SplitN(f, "/", 3)
if len(parts) >= 2 && !seen[parts[1]] {
seen[parts[1]] = true
apps = append(apps, parts[1])
}
}
}
}
return apps
}
func (s *Server) handleListTargets(w http.ResponseWriter, r *http.Request) {
targets, err := s.store.ListTargets()
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
json.NewEncoder(w).Encode(targets)
}
func (s *Server) handleGetTarget(w http.ResponseWriter, r *http.Request) {
app := r.PathValue("app")
targets, err := s.store.GetTargets(app)
if err != nil || len(targets) == 0 {
http.Error(w, "not found", http.StatusNotFound)
return
}
json.NewEncoder(w).Encode(targets)
}
func (s *Server) handleDeploy(w http.ResponseWriter, r *http.Request) {
app := r.PathValue("app")
targets, err := s.store.GetTargets(app)
if err != nil || len(targets) == 0 {
http.Error(w, "no targets for "+app, http.StatusNotFound)
return
}
results := make(map[string]string)
for _, t := range targets {
if err := s.deployer.Deploy(t, "api"); err != nil {
results[t.Host] = "failed: " + err.Error()
} else {
results[t.Host] = "deployed"
}
}
json.NewEncoder(w).Encode(results)
}
func (s *Server) handleStatus(w http.ResponseWriter, r *http.Request) {
app := r.PathValue("app")
targets, _ := s.store.GetTargets(app)
type statusResult struct {
Host string `json:"host"`
Status string `json:"status"`
}
var results []statusResult
for _, t := range targets {
out, _ := s.deployer.Status(t)
results = append(results, statusResult{Host: t.Host, Status: out})
}
json.NewEncoder(w).Encode(results)
}
func (s *Server) handleHealth(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
fmt.Fprintln(w, `{"status":"ok"}`)
}
func (s *Server) handleLogs(w http.ResponseWriter, r *http.Request) {
app := r.PathValue("app")
logs, err := s.store.RecentLogs(app, 20)
if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
return
}
json.NewEncoder(w).Encode(logs)
}
func verifySignature(body []byte, signature, secret string) bool {
mac := hmac.New(sha256.New, []byte(secret))
mac.Write(body)
expected := hex.EncodeToString(mac.Sum(nil))
return hmac.Equal([]byte(expected), []byte(signature))
}
// registryRootFromExe intenta derivar la raíz del registry desde el ejecutable.
func registryRootFromExe() string {
exe, err := os.Executable()
if err != nil {
return "."
}
// apps/deploy_server/deploy_server → raíz es ../../
return filepath.Dir(filepath.Dir(filepath.Dir(exe)))
}
Reference in New Issue View Git Blame Copy Permalink