Refactor resource directory structure

To avoid circular dependencies in the future, refactor the directory structure
of the resources (such as user, project, etc) by identifying types of objects
owned by resources:

- GraphQL Resolvers (resources/X/resolvers.js)
- SQL queries (resources/X/sql.js)
- Helpers (resources/X/helpers.js)
- Keycloak operations (resources/X/keycloak.js)

This also removes the abstraction and indirection caused by the DAO pattern.

Author: karlhorky

.gitignore

@@ -12,6 +12,7 @@ node_modules/
 build/*
 !build/.gitkeep
 openshift
+!services/api/src/resources/openshift
 .loopback
 secrets
 docs/_build

local-dev/api-data/01-populate-api-data.gql

@@ -242,7 +242,7 @@ mutation PopulateApi {
   }
 
   # Projects for CI
-  CiGithub: addProject(
+  CiGithub1: addProject(
     input: {
       id: 3
       name: "ci-github"

services/api/src/app.js

@@ -10,21 +10,11 @@ const createRouter = require('./routes');
 const { authKeycloakMiddleware } = require('./authKeycloakMiddleware');
 const { createAuthMiddleware } = require('./authMiddleware');
 
-const Dao = require('./dao');
-
 /* ::
-import type MariaSQL from 'mariasql';
-import type elasticsearch from 'elasticsearch';
-
 type CreateAppArgs = {
   store?: Object,
   jwtSecret: string,
   jwtAudience: string,
-  sqlClient: MariaSQL,
-  esClient: elasticsearch.Client,
-  keycloakClient: Object,
-  searchguardClient: Object,
-  kibanaClient: Object
 };
 */
 
@@ -33,28 +23,9 @@ const createApp = (args /* : CreateAppArgs */) => {
     // store,
     jwtSecret,
     jwtAudience,
-    sqlClient,
-    esClient,
-    keycloakClient,
-    searchguardClient,
-    kibanaClient,
   } = args;
   const app = express();
 
-  const dao = Dao.make(
-    sqlClient,
-    esClient,
-    keycloakClient,
-    searchguardClient,
-    kibanaClient,
-  );
-
-  app.set('context', {
-    sqlClient,
-    esClient,
-    dao,
-  });
-
   // Use compression (gzip) for responses.
   app.use(compression());
 

services/api/src/authKeycloakMiddleware.js

@@ -63,9 +63,6 @@ const authWithKeycloak /* : AuthWithKeycloakFn */ = async (req, res, next) => {
     return;
   }
 
-  const ctx = req.app.get('context');
-  const dao = ctx.dao;
-
   try {
     // Admins have full access and don't need a list of permissions
     if (
@@ -85,7 +82,7 @@ const authWithKeycloak /* : AuthWithKeycloakFn */ = async (req, res, next) => {
         },
       } = req.kauth.grant.access_token;
 
-      const permissions = await getPermissionsForUser(dao, userId);
+      const permissions = await getPermissionsForUser(userId);
 
       if (R.isEmpty(permissions)) {
         res.status(401).send({

services/api/src/authMiddleware.js

@@ -66,9 +66,6 @@ const createAuthMiddleware /* : CreateAuthMiddlewareFn */ = ({
   jwtSecret,
   jwtAudience,
 }) => async (req, res, next) => {
-  const ctx = req.app.get('context');
-  const dao = ctx.dao;
-
   // Allow access to status without auth
   if (req.url === '/status') {
     next();
@@ -126,7 +123,7 @@ const createAuthMiddleware /* : CreateAuthMiddlewareFn */ = ({
     let nonAdminCreds = {};
 
     if (role !== 'admin') {
-      const permissions = await getPermissionsForUser(dao, userId);
+      const permissions = await getPermissionsForUser(userId);
 
       if (R.isEmpty(permissions)) {
         res.status(401).send({

services/api/src/clients/esClient.js

@@ -0,0 +1,13 @@
+// @flow
+
+const elasticsearch = require('elasticsearch');
+
+const { LOGSDB_ADMIN_PASSWORD } = process.env;
+
+const esClient = new elasticsearch.Client({
+  host: 'logs-db:9200',
+  log: 'warning',
+  httpAuth: `admin:${LOGSDB_ADMIN_PASSWORD || '<password not set>'}`,
+});
+
+module.exports = esClient;

services/api/src/clients/keycloakClient.js

@@ -0,0 +1,11 @@
+// @flow
+
+const KeycloakAdminClient = require('keycloak-admin').default;
+
+// Must be initialized with `waitAndInitKeycloak`
+const keycloakClient = new KeycloakAdminClient({
+  baseUrl: 'http://keycloak:8080/auth',
+  realmName: 'master',
+});
+
+module.exports = keycloakClient;

services/api/src/clients/kibanaClient.js

@@ -0,0 +1,16 @@
+// @flow
+
+const got = require('got');
+
+const { LOGSDB_ADMIN_PASSWORD } = process.env;
+
+const kibanaClient = got.extend({
+  baseUrl: 'http://logs-db-ui:5601/api/',
+  auth: `admin:${LOGSDB_ADMIN_PASSWORD || '<password not set>'}`,
+  json: true,
+  headers: {
+    'kbn-xsrf': 'true',
+  },
+});
+
+module.exports = kibanaClient;

services/api/src/clients/searchguardClient.js

@@ -0,0 +1,12 @@
+// @flow
+const got = require('got');
+
+const { LOGSDB_ADMIN_PASSWORD } = process.env;
+
+const searchguardClient = got.extend({
+  baseUrl: 'http://logs-db:9200/_searchguard/api/',
+  json: true,
+  auth: `admin:${LOGSDB_ADMIN_PASSWORD || '<password not set>'}`,
+});
+
+module.exports = searchguardClient;

services/api/src/clients/sqlClient.js

@@ -0,0 +1,18 @@
+// @flow
+
+const MariaSQL = require('mariasql');
+const logger = require('../logger');
+
+const sqlClient = new MariaSQL({
+  host: 'api-db',
+  port: 3306,
+  user: 'api',
+  password: 'api',
+  db: 'infrastructure',
+});
+
+sqlClient.on('error', error => {
+  logger.error(error);
+});
+
+module.exports = sqlClient;