Refactor deleteEnvironment api to trigger openshiftremove service

Author: rocketeerbkw

node-packages/commons/src/api.js

@@ -731,24 +731,24 @@ const updateEnvironment = (
 async function deleteEnvironment(
   name: string,
   project: string,
+  execute: boolean = true,
 ): Promise<Object> {
-  const result = await graphqlapi.query(`
-    {
-      project:projectByName(name: "${project}"){
-        id
-      }
-    }
-  `);
-
-  if (!result || !result.project) {
-    throw new ProjectNotFound(`Cannot load id for project ${project}`);
+  return graphqlapi.mutate(
+    `
+  ($name: String!, $project: String!, $execute: Boolean) {
+    deleteEnvironment(input: {
+      name: $name
+      project: $project
+      execute: $execute
+    })
   }
-
-  return graphqlapi.query(`
-    mutation {
-      deleteEnvironment(input: {name: "${name}", project: ${result.project.id}})
-    }
-  `);
+  `,
+    {
+      name,
+      project,
+      execute,
+    },
+  );
 }
 
 const getOpenShiftInfoForProject = (project: string): Promise<Object> =>

services/api/src/resources/environment/resolvers.js

@@ -1,6 +1,8 @@
 // @flow
 
 const R = require('ramda');
+const { sendToLagoonLogs } = require('@lagoon/commons/src/logs');
+const { createRemoveTask } = require('@lagoon/commons/src/tasks');
 const esClient = require('../../clients/esClient');
 const sqlClient = require('../../clients/sqlClient');
 const {
@@ -12,6 +14,8 @@ const {
   whereAnd,
 } = require('../../util/db');
 const Sql = require('./sql');
+const projectSql = require('../project/sql');
+const projectHelpers = require('../project/helpers');
 
 /* ::
 
@@ -472,17 +476,72 @@ const addOrUpdateEnvironmentStorage = async (
 
 const deleteEnvironment = async (
   root,
-  { input },
-  { credentials: { role } },
+  {
+    input,
+    input: {
+      project: projectName,
+      name,
+      execute,
+    },
+  },
+  { credentials: { role, permissions: { customers, projects } } },
 ) => {
   if (role !== 'admin') {
-    throw new Error('Unauthorized');
+    const prep = prepare(sqlClient, 'SELECT `id` AS `pid`, `customer` AS `cid` FROM project WHERE `name` = :name');
+    const rows = await query(sqlClient, prep({ name: projectName }));
+
+    if (
+      !R.contains(R.path(['0', 'pid'], rows), projects) &&
+      !R.contains(R.path(['0', 'cid'], rows), customers)
+    ) {
+      throw new Error('Unauthorized.');
+    }
+  }
+
+  const projectId = await projectHelpers.getProjectIdByName(projectName);
+
+  const projectRows = await query(
+    sqlClient,
+    projectSql.selectProject(projectId),
+  );
+  const project = projectRows[0];
+
+  const environmentRows = await query(
+    sqlClient,
+    Sql.selectEnvironmentByNameAndProject(name, projectId),
+  );
+  const environment = environmentRows[0];
+
+  if (!environment) {
+    throw new Error(`Environment "${name}" does not exist in project "${projectId}"`);
   }
 
-  const prep = prepare(sqlClient, 'CALL DeleteEnvironment(:name, :project)');
-  await query(sqlClient, prep(input));
+  if (role !== 'admin' && environment.environmentType === 'production') {
+    throw new Error('Unauthorized - You may not delete a production environment');
+  }
+
+  // Deleting environment in api w/o executing the openshift remove.
+  // This gets called by openshiftremove service after successful remove.
+  if (role === 'admin' && execute === false) {
+    const prep = prepare(sqlClient, 'CALL DeleteEnvironment(:name, :project)');
+    await query(sqlClient, prep({ name, project: projectId }));
+
+    // TODO: maybe check rows for changed result
+    return 'success';
+  }
+
+  const data = {
+    projectName: project.name,
+    branch: name,
+    type: environment.deployType,
+    forceDeleteProductionEnvironment: role === 'admin',
+  };
+
+  await createRemoveTask(data);
+  sendToLagoonLogs('info', data.projectName, '', 'api:deleteEnvironment', {},
+    `*[${data.projectName}]* Deleting environment \`${data.branch}\``
+  );
 
-  // TODO: maybe check rows for changed result
   return 'success';
 };
 

services/api/src/resources/environment/sql.js

@@ -18,6 +18,11 @@ const Sql /* : SqlObj */ = {
     knex('environment')
       .where('id', '=', id)
       .toString(),
+  selectEnvironmentByNameAndProject: (name /* : string */, projectId /* : numbere */) =>
+    knex('environment')
+      .where('name', '=', name)
+      .andWhere('project', '=', projectId)
+      .toString(),
   truncateEnvironment: () =>
     knex('environment')
       .truncate()

services/api/src/resources/project/sql.js

@@ -87,6 +87,11 @@ const Sql /* : SqlObj */ = {
       .where('project_via_user.id', projectId)
       .orWhere('project_via_customer.id', projectId)
       .toString(),
+  selectPermsForProject: (id /* : number */) =>
+    knex('project')
+      .select({ pid: 'id', cid: 'customer' })
+      .where('id', id)
+      .toString(),
   updateProject: ({ id, patch } /* : {id: number, patch: {[string]: any}} */) =>
     knex('project')
       .where('id', '=', id)

services/api/src/typeDefs.js

@@ -421,7 +421,8 @@ const typeDefs = gql`
 
   input DeleteEnvironmentInput {
     name: String!
-    project: Int!
+    project: String!
+    execute: Boolean
   }
 
   type Query {

services/openshiftremove/src/index.js

@@ -52,6 +52,11 @@ const messageConsumer = async function(msg) {
         environmentName = branch
         openshiftProject = `${safeProjectName}-${safeBranchName}`
         break;
+
+      case 'promote':
+        environmentName = branch
+        openshiftProject = `${projectName}-${branch}`
+        break;
     }
 
   } catch(error) {
@@ -98,7 +103,7 @@ const messageConsumer = async function(msg) {
       )
       // Update GraphQL API that the Environment has been deleted
       try {
-        await deleteEnvironment(environmentName, projectName)
+        await deleteEnvironment(environmentName, projectName, false)
         logger.info(`${openshiftProject}: Deleted Environment '${environmentName}' in API`)
       } catch (err) {
         logger.error(err)
@@ -160,7 +165,7 @@ const messageConsumer = async function(msg) {
 
   // Update GraphQL API that the Environment has been deleted
   try {
-    await deleteEnvironment(environmentName, projectName)
+    await deleteEnvironment(environmentName, projectName, false)
     logger.info(`${openshiftProject}: Deleted Environment '${environmentName}' in API`)
   } catch (err) {
     logger.error(err)