Require access to Still via method

This commit adds a safeguard to accessing the still from a specific component by requiring access via the component.GetStill method.
2024-04-08 22:39:32 +02:00 · 2024-04-08 22:39:32 +02:00 · 8235ea9105
commit 8235ea9105
parent 81fa84c244
63 changed files with 288 additions and 197 deletions
--- a/internal/wisski/ingredient/barrel/composer/update.go
+++ b/internal/wisski/ingredient/barrel/composer/update.go
@ -20,7 +20,8 @@ var errBlindUpdateFailed = exit.Error{

 // Update performs a blind drush update
 func (composer *Composer) Update(ctx context.Context, progress io.Writer) (err error) {
-	defer errBlindUpdateFailed.WithMessageF(composer.Slug).DeferWrap(&err)
+
+	defer errBlindUpdateFailed.WithMessageF(ingredient.GetLiquid(composer).Slug).DeferWrap(&err)

 	if err := composer.FixPermission(ctx, progress); err != nil {
 		return err
--- a/internal/wisski/ingredient/barrel/drush/cron.go
+++ b/internal/wisski/ingredient/barrel/drush/cron.go
@ -24,7 +24,7 @@ func (drush *Drush) Cron(ctx context.Context, progress io.Writer) error {
 	if err != nil {
 		code := err.(barrel.ExitError).Code
 		// keep going, because we want to run as many crons as possible
-		fmt.Fprintf(progress, "%v", errCronFailed.WithMessageF(drush.Slug, code))
+		fmt.Fprintf(progress, "%v", errCronFailed.WithMessageF(ingredient.GetLiquid(drush).Slug, code))
 	}

 	return nil
--- a/internal/wisski/ingredient/barrel/manager/provision.go
+++ b/internal/wisski/ingredient/barrel/manager/provision.go
@ -8,6 +8,7 @@ import (

 	"github.com/FAU-CDI/wisski-distillery/internal/dis/component"
 	"github.com/FAU-CDI/wisski-distillery/internal/models"
+	"github.com/FAU-CDI/wisski-distillery/internal/wisski/ingredient"
 	"github.com/FAU-CDI/wisski-distillery/internal/wisski/ingredient/barrel"
 	"github.com/FAU-CDI/wisski-distillery/internal/wisski/ingredient/barrel/composer"
 	"github.com/FAU-CDI/wisski-distillery/internal/wisski/ingredient/php/extras"
@ -106,7 +107,9 @@ func (provision *Manager) bootstrap(ctx context.Context, progress io.Writer, fla
 		}
 	}

-	var sqlDBURL = "mysql://" + provision.SqlUsername + ":" + provision.SqlPassword + "@sql/" + provision.SqlDatabase
+	liquid := ingredient.GetLiquid(provision)
+
+	var sqlDBURL = "mysql://" + liquid.SqlUsername + ":" + liquid.SqlPassword + "@sql/" + liquid.SqlDatabase

 	// Use 'drush' to run the site-installation.
 	// Here we need to use the username, password and database creds we made above.
@ -115,8 +118,8 @@ func (provision *Manager) bootstrap(ctx context.Context, progress io.Writer, fla
 		if err := provision.dependencies.Drush.Exec(
 			ctx, progress,
 			"site-install",
-			"standard", "--yes", "--site-name="+provision.Domain(),
-			"--account-name="+provision.DrupalUsername, "--account-pass="+provision.DrupalPassword,
+			"standard", "--yes", "--site-name="+liquid.Domain(),
+			"--account-name="+liquid.DrupalUsername, "--account-pass="+liquid.DrupalPassword,
 			"--db-url="+sqlDBURL,
 		); err != nil {
 			return err
@ -166,11 +169,11 @@ func (provision *Manager) bootstrap(ctx context.Context, progress io.Writer, fla
 		if err := provision.dependencies.Adapters.CreateDistilleryAdapter(ctx, nil, extras.DistilleryAdapter{
 			Label:             "Default WissKI Distillery Adapter",
 			MachineName:       "default",
-			Description:       "Default Adapter for " + provision.Domain(),
-			InstanceDomain:    provision.Domain(),
-			GraphDBRepository: provision.GraphDBRepository,
-			GraphDBUsername:   provision.GraphDBUsername,
-			GraphDBPassword:   provision.GraphDBPassword,
+			Description:       "Default Adapter for " + liquid.Domain(),
+			InstanceDomain:    liquid.Domain(),
+			GraphDBRepository: liquid.GraphDBRepository,
+			GraphDBUsername:   liquid.GraphDBUsername,
+			GraphDBPassword:   liquid.GraphDBPassword,
 		}); err != nil {
 			return err
 		}
@ -185,9 +188,9 @@ func (provision *Manager) bootstrap(ctx context.Context, progress io.Writer, fla

 	logging.LogMessage(progress, "Provisioning is now complete")
 	{
-		fmt.Fprintf(progress, "URL:                  %s\n", provision.URL())
-		fmt.Fprintf(progress, "Username:             %s\n", provision.DrupalUsername)
-		fmt.Fprintf(progress, "Password:             %s\n", provision.DrupalPassword)
+		fmt.Fprintf(progress, "URL:                  %s\n", liquid.URL())
+		fmt.Fprintf(progress, "Username:             %s\n", liquid.DrupalUsername)
+		fmt.Fprintf(progress, "Password:             %s\n", liquid.DrupalPassword)
 	}

 	return nil
--- a/internal/wisski/ingredient/barrel/running.go
+++ b/internal/wisski/ingredient/barrel/running.go
@ -10,7 +10,7 @@ import (

 // Running checks if this WissKI is currently running.
 func (barrel *Barrel) Running(ctx context.Context) (bool, error) {
-	containers, err := barrel.Docker.Containers(ctx, barrel.Stack().Dir)
+	containers, err := ingredient.GetLiquid(barrel).Docker.Containers(ctx, barrel.Stack().Dir)
 	if err != nil {
 		// The compose file is gone => the stack doesn't exist.
 		// Probably means some purging got interrupted.
--- a/internal/wisski/ingredient/barrel/ssh/ssh.go
+++ b/internal/wisski/ingredient/barrel/ssh/ssh.go
@ -18,7 +18,8 @@ var (
 )

 func (ssh *SSH) Keys(ctx context.Context) (keys []ssh.PublicKey, err error) {
-	grants, err := ssh.Liquid.Policy.Instance(ctx, ssh.Slug)
+	liquid := ingredient.GetLiquid(ssh)
+	grants, err := liquid.Policy.Instance(ctx, liquid.Slug)
 	if err != nil {
 		return nil, err
 	}
@ -28,7 +29,7 @@ func (ssh *SSH) Keys(ctx context.Context) (keys []ssh.PublicKey, err error) {
 		if !grant.DrupalAdminRole {
 			continue
 		}
-		ukeys, err := ssh.Liquid.Keys.Keys(ctx, grant.User)
+		ukeys, err := liquid.Keys.Keys(ctx, grant.User)
 		if err != nil {
 			return nil, err
 		}
@ -50,7 +51,7 @@ func (ssh *SSH) AllKeys(ctx context.Context) (keys []ssh.PublicKey, err error) {
 		return nil, err
 	}

-	gkeys, err := ssh.Liquid.Keys.Admin(ctx)
+	gkeys, err := ingredient.GetLiquid(ssh).Keys.Admin(ctx)
 	if err != nil {
 		return nil, err
 	}
--- a/internal/wisski/ingredient/barrel/stack.go
+++ b/internal/wisski/ingredient/barrel/stack.go
@ -5,6 +5,7 @@ import (
 	"path/filepath"

 	"github.com/FAU-CDI/wisski-distillery/internal/dis/component"
+	"github.com/FAU-CDI/wisski-distillery/internal/wisski/ingredient"
 )

 //go:embed all:barrel
@ -17,9 +18,12 @@ var localSettingsTemplate string

 // Barrel returns a stack representing the running WissKI Instance
 func (barrel *Barrel) Stack() component.StackWithResources {
+	liquid := ingredient.GetLiquid(barrel)
+	config := ingredient.GetStill(barrel).Config
+
 	return component.StackWithResources{
 		Stack: component.Stack{
-			Dir: barrel.FilesystemBase,
+			Dir: liquid.FilesystemBase,
 		},

 		Resources:   barrelResources,
@ -30,23 +34,23 @@ func (barrel *Barrel) Stack() component.StackWithResources {
 		},

 		EnvContext: map[string]string{
-			"DOCKER_NETWORK_NAME": barrel.Malt.Config.Docker.Network(),
+			"DOCKER_NETWORK_NAME": config.Docker.Network(),

-			"SLUG":            barrel.Slug,
-			"HOST_RULE":       barrel.HostRule(),
-			"WISSKI_HOSTNAME": barrel.Hostname(),
-			"HTTPS_ENABLED":   barrel.Malt.Config.HTTP.HTTPSEnabledEnv(),
+			"SLUG":            liquid.Slug,
+			"HOST_RULE":       liquid.HostRule(),
+			"WISSKI_HOSTNAME": liquid.Hostname(),
+			"HTTPS_ENABLED":   config.HTTP.HTTPSEnabledEnv(),

-			"DATA_PATH":   filepath.Join(barrel.FilesystemBase, "data"),
-			"RUNTIME_DIR": barrel.Malt.Config.Paths.RuntimeDir(),
+			"DATA_PATH":   filepath.Join(liquid.FilesystemBase, "data"),
+			"RUNTIME_DIR": config.Paths.RuntimeDir(),

-			"LOCAL_SETTINGS_PATH":  filepath.Join(barrel.FilesystemBase, localSettingsName),
+			"LOCAL_SETTINGS_PATH":  filepath.Join(liquid.FilesystemBase, localSettingsName),
 			"LOCAL_SETTINGS_MOUNT": LocalSettingsPath,

-			"BARREL_BASE_IMAGE":       barrel.GetDockerBaseImage(),
-			"IIP_SERVER_ENABLED":      barrel.GetIIPServerEnabled(),
-			"OPCACHE_MODE":            barrel.OpCacheMode(),
-			"CONTENT_SECURITY_POLICY": barrel.ContentSecurityPolicy,
+			"BARREL_BASE_IMAGE":       liquid.GetDockerBaseImage(),
+			"IIP_SERVER_ENABLED":      liquid.GetIIPServerEnabled(),
+			"OPCACHE_MODE":            liquid.OpCacheMode(),
+			"CONTENT_SECURITY_POLICY": liquid.ContentSecurityPolicy,
 		},

 		MakeDirs: []string{"data", ".composer"},
--- a/internal/wisski/ingredient/barrel/system/settings.go
+++ b/internal/wisski/ingredient/barrel/system/settings.go
@ -4,6 +4,7 @@ import (
 	"context"
 	"io"

+	"github.com/FAU-CDI/wisski-distillery/internal/wisski/ingredient"
 	"github.com/FAU-CDI/wisski-distillery/pkg/logging"
 )

@ -12,7 +13,7 @@ import (
 func (smanager *SystemManager) BuildSettings(ctx context.Context, progress io.Writer) (err error) {
 	logging.LogMessage(progress, "Updating TRUSTED_HOST_PATTERNS in settings.php")
 	{
-		if err := smanager.dependencies.Settings.SetTrustedDomain(ctx, nil, smanager.Domain()); err != nil {
+		if err := smanager.dependencies.Settings.SetTrustedDomain(ctx, nil, ingredient.GetLiquid(smanager).Domain()); err != nil {
 			return err
 		}
 	}
--- a/internal/wisski/ingredient/barrel/system/system.go
+++ b/internal/wisski/ingredient/barrel/system/system.go
@ -43,7 +43,7 @@ func (smanager *SystemManager) ApplyInitial(ctx context.Context, progress io.Wri
 // start inidicates if the image should be started afterwards
 func (smanager *SystemManager) apply(ctx context.Context, progress io.Writer, system models.System, start bool) error {
 	// store the new system configuration
-	smanager.Instance.System = system
+	ingredient.GetLiquid(smanager).Instance.System = system
 	if err := smanager.dependencies.Bookkeeping.Save(ctx); err != nil {
 		return err
 	}