Skip to content

Commit 951084b

Browse files
authored
Merge pull request #6886 from devtron-labs/chore/develop-sync-8-dec
chore: Merge remote-tracking branch 'origin/main' into 'origin/develop'
2 parents 4d3de85 + 2db58b0 commit 951084b

204 files changed

Lines changed: 4340 additions & 8576 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

App.go

Lines changed: 1 addition & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,6 @@ package main
1818

1919
import (
2020
"context"
21-
"crypto/tls"
2221
"errors"
2322
"fmt"
2423
"github.com/devtron-labs/common-lib/middlewares"
@@ -68,7 +67,6 @@ type App struct {
6867
// eventProcessor.CentralEventProcessor is used to register event processors
6968
centralEventProcessor *eventProcessor.CentralEventProcessor // do not remove this.
7069
// used for local dev only
71-
serveTls bool
7270
sessionManager2 *authMiddleware.SessionManager
7371
OtelTracingService *otel.OtelTracingServiceImpl
7472
loggingMiddleware util.LoggingMiddleware
@@ -99,7 +97,6 @@ func NewApp(router *router.MuxRouter,
9997
Enforcer: enforcer,
10098
EnforcerV2: enforcerV2,
10199
db: db,
102-
serveTls: false,
103100
sessionManager2: sessionManager2,
104101
posthogClient: posthogClient,
105102
OtelTracingService: otel.NewOtelTracingServiceImpl(Logger),
@@ -132,22 +129,7 @@ func (app *App) Start() {
132129
app.MuxRouter.Router.Use(otelmux.Middleware(otel.OTEL_ORCHESTRASTOR_SERVICE_NAME))
133130
}
134131
app.server = server
135-
var err error
136-
if app.serveTls {
137-
cert, err := tls.LoadX509KeyPair(
138-
"localhost.crt",
139-
"localhost.key",
140-
)
141-
if err != nil {
142-
log.Fatal(err)
143-
}
144-
server.TLSConfig = &tls.Config{
145-
Certificates: []tls.Certificate{cert},
146-
}
147-
err = server.ListenAndServeTLS("", "")
148-
} else {
149-
err = server.ListenAndServe()
150-
}
132+
err := server.ListenAndServe()
151133
//err := http.ListenAndServe(fmt.Sprintf(":%d", port), auth.Authorizer(app.Enforcer, app.sessionManager)(app.MuxRouter.Router))
152134
if err != nil && !errors.Is(err, http.ErrServerClosed) {
153135
app.Logger.Errorw("error in startup", "err", err)

README.md

Lines changed: 45 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -7,12 +7,12 @@ Note: We have restructured the readme. If you are looking for Devtron's CI/CD ca
77
<source media="(prefers-color-scheme: light)" srcset="./assets/devtron-lightmode-logo.png">
88
<img width="333.333" height="260" src="./assets/devtron-logo-dark-light.png">
99
</picture>
10-
<h1 align= "center">Kubernetes Dashboard for a Centralized DevOps Hub</h1>
10+
<h1 align= "center">The Kubernetes Platform That Eliminates Operational Chaos</h1>
1111
</p>
1212

1313
<p align="center">
1414
<br>
15-
<a href="https://docs.dashboard.devtron.ai/" rel="nofollow"><strong>«Explore Documentation»</strong></a> <strong>||</strong>
15+
<a href="https://docs.devtron.ai/" rel="nofollow"><strong>«Explore Documentation»</strong></a> <strong>||</strong>
1616
<a href="https://preview.devtron.ai/dashboard/" rel="nofollow"><strong>«Try Devtron Demo»</strong></a>
1717
<br>
1818
<a href="https://devtron.ai/">Website</a>
@@ -56,7 +56,9 @@ Out of the box, Devtron's Kubernetes Dashboard includes:
5656
- [Single Sign On (SSO)](https://docs.dashboard.devtron.ai/operator-guide/authorization/sso-login-services) to simplify onboarding and authenticating team members.
5757
- [Fine Grained RBAC](https://docs.dashboard.devtron.ai/operator-guide/authorization) to control the level of access users have to different Dashboard and Cluster resources.
5858

59-
[Devtron](#install-devtron) helps you deploy, observe, manage & debug existing Helm apps in all your clusters.
59+
[Devtron](#devtron-platform) helps you deploy, observe, manage & debug existing Helm apps in all your clusters.
60+
61+
---
6062

6163
## Devtron Dashboard
6264

@@ -113,6 +115,8 @@ kubectl -n devtroncd get secret devtron-secret -o jsonpath='{.data.ACD_PASSWORD}
113115

114116
Please refer to the document for more information on how to [access the Devtron Dashboard](https://docs.dashboard.devtron.ai/getting-started/install-devtron-dashboard).
115117

118+
---
119+
116120
## Devtron Platform
117121

118122
The Devtron Platform provides a complete solution for all DevOps requirements, helping to create a single centralized DevOps Platform for managing all applications across Kubernetes clusters. <br>
@@ -157,11 +161,39 @@ helm install devtron devtron/devtron-operator --namespace devtroncd \
157161
--set security.enabled=true --set notifier.enabled=true \
158162
--set security.trivy.enabled=true --set monitoring.grafana.enabled=true
159163
```
160-
## :blue_heart: Technology
164+
165+
---
166+
167+
## Core Tools and Technologies
161168

162-
Devtron is built on some of the most trusted and loved technologies:
163-
<br>
164-
<p align="center"><img width="70%" height="70%" src="./assets/we-support.jpg"></p>
169+
Here are the components that Devtron uses internally as part of its own architecture:
170+
171+
| Logo | Tool | Purpose | GitHub Repository | License |
172+
| -------- | -------- | ---------- | ------------------- | ------- |
173+
| <img src="./assets/readme-logos/kubernetes.jpg" width="64px"> | **Kubernetes** | Core orchestration platform managing deployments, scaling, and container lifecycle automation. | [kubernetes/kubernetes](https://github.com/kubernetes/kubernetes) | [Apache License 2.0](https://github.com/kubernetes/kubernetes/blob/master/LICENSE) |
174+
| <img src="./assets/readme-logos/golang.jpg" width="64px"> | **Golang** | Backend language powering high-performance, scalable Devtron core services. | [golang/go](https://github.com/golang/go) | [BSD 3-Clause License](https://github.com/golang/go/blob/master/LICENSE) |
175+
| <img src="./assets/readme-logos/helm.jpg" width="64px"> | **Helm** | Manages Kubernetes application packaging, versioning, and consistent deployment workflows. | [helm/helm](https://github.com/helm/helm) | [Apache License 2.0](https://github.com/helm/helm/blob/main/LICENSE) |
176+
| <img src="./assets/readme-logos/trivy.jpg" width="64px"> | **Trivy** | Ensures security by scanning vulnerabilities, misconfigurations, secrets, and SBOMs. | [aquasecurity/trivy](https://github.com/aquasecurity/trivy) | [Apache License 2.0](https://github.com/aquasecurity/trivy/blob/main/LICENSE) |
177+
| <img src="./assets/readme-logos/nats.jpg" width="64px"> | **NATS** | Enables reliable, high-speed messaging between Devtron microservices and workflows. | [nats-io/nats-server](https://github.com/nats-io/nats-server) | [Apache License 2.0](https://github.com/nats-io/nats-server/blob/main/LICENSE) |
178+
| <img src="./assets/readme-logos/dex.jpg" width="64px"> | **Dex** | Provides secure SSO integration with enterprise identity providers. | [dexidp/dex](https://github.com/dexidp/dex) | [Apache License 2.0](https://github.com/dexidp/dex/blob/master/LICENSE) |
179+
| <img src="./assets/readme-logos/casbin.jpg" width="64px"> | **Casbin** | Enforces fine-grained RBAC policies for secure user authorization. | [casbin/casbin](https://github.com/casbin/casbin) | [Apache License 2.0](https://github.com/casbin/casbin/blob/master/LICENSE) |
180+
181+
182+
---
183+
184+
## Optional Components
185+
186+
Here are some of the optional components that Devtron supports:
187+
188+
| Logo | Tool | Purpose | GitHub Repository | License |
189+
| -------- | -------- | ---------- | ------------------- | ------- |
190+
| <img src="./assets/readme-logos/argo.jpg" width="64px"> | **Argo CD / Argo Workflows** | Enables GitOps-based deployments and workflow automation within Devtron | [argoproj/argo-cd](https://github.com/argoproj/argo-cd) | [Apache License 2.0](https://github.com/argoproj/argo-cd/blob/master/LICENSE) |
191+
| <img src="./assets/readme-logos/clair.jpg" width="64px"> | **Clair** | Scans container images for known security vulnerabilities | [quay/clair](https://github.com/quay/clair) | [Apache License 2.0](https://github.com/quay/clair/blob/main/LICENSE) |
192+
| <img src="./assets/readme-logos/keda.jpg" width="64px"> | **KEDA** | Enables event-driven autoscaling for Kubernetes applications | [kedacore/keda](https://github.com/kedacore/keda) | [Apache License 2.0](https://github.com/kedacore/keda/blob/main/LICENSE) |
193+
| <img src="./assets/readme-logos/k8s_external_secrets.jpg" width="64px"> | **Kubernetes External Secrets** | Syncs external secrets securely into Kubernetes clusters | [external-secrets/external-secrets](https://github.com/external-secrets/external-secrets) | [Apache License 2.0](https://github.com/external-secrets/external-secrets/blob/main/LICENSE) |
194+
| <img src="./assets/readme-logos/prometheus.jpg" width="64px"> | **Prometheus** | Collects metrics for monitoring, alerting, and performance insights | [prometheus/prometheus](https://github.com/prometheus/prometheus) | [Apache License 2.0](https://github.com/prometheus/prometheus/blob/main/LICENSE) |
195+
196+
---
165197

166198
## :question: FAQs & Troubleshooting
167199

@@ -185,6 +217,8 @@ Get updates on Devtron's development and chat with project maintainers, contribu
185217
</a>
186218
</p>
187219
220+
---
221+
188222
## :handshake: Contribute
189223

190224
Check out our [contributing guidelines](CONTRIBUTING.md). Included, are directions for opening issues, coding standards, and notes on our development processes. We deeply appreciate your contribution.
@@ -198,10 +232,14 @@ We are deeply grateful to all our amazing contributors!
198232
<a href="https://github.com/devtron-labs/devtron/graphs/contributors">
199233
<img src="https://contrib.rocks/image?repo=devtron-labs/devtron" />
200234
</a>
235+
236+
---
201237

202238
## :bug: Vulnerability Reporting
203239

204240
We at Devtron, take security and our users' trust very seriously. If you believe you have found a security issue, please report it to <b>security@devtron.ai</b>.
241+
242+
---
205243

206244
## :bookmark: License
207245

api/cluster/EnvironmentRestHandler.go

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,7 @@ import (
2525
"github.com/devtron-labs/devtron/pkg/cluster/environment/read"
2626
"github.com/devtron-labs/devtron/util/commonEnforcementFunctionsUtil"
2727
"net/http"
28+
"regexp"
2829
"strconv"
2930
"strings"
3031
"sync"
@@ -48,6 +49,12 @@ import (
4849

4950
const ENV_DELETE_SUCCESS_RESP = "Environment deleted successfully."
5051

52+
var (
53+
// Regex patterns for environment name validation
54+
envNameAlphanumericRegex = regexp.MustCompile(`^[a-z0-9-]+$`)
55+
envNameLengthRegex = regexp.MustCompile(`^.{1,16}$`)
56+
)
57+
5158
type EnvironmentRestHandler interface {
5259
Create(w http.ResponseWriter, r *http.Request)
5360
Get(w http.ResponseWriter, r *http.Request)
@@ -106,6 +113,27 @@ func NewEnvironmentRestHandlerImpl(svc request.EnvironmentService, environmentRe
106113
}
107114
}
108115

116+
// validateEnvironmentName validates the environment name against multiple regex patterns
117+
// Note: Required validation is already handled by struct validation tag
118+
func (impl EnvironmentRestHandlerImpl) validateEnvironmentName(envName string) error {
119+
// Validation 1: Use only lowercase alphanumeric characters or '-'
120+
if !envNameAlphanumericRegex.MatchString(envName) {
121+
return errors.New("Use only lowercase alphanumeric characters or '-'")
122+
}
123+
124+
// Validation 2: Cannot start/end with '-'
125+
if strings.HasPrefix(envName, "-") || strings.HasSuffix(envName, "-") {
126+
return errors.New("Cannot start/end with '-'")
127+
}
128+
129+
// Validation 3: Minimum 1 and Maximum 16 characters required
130+
if !envNameLengthRegex.MatchString(envName) {
131+
return errors.New("Minimum 1 and Maximum 16 characters required")
132+
}
133+
134+
return nil
135+
}
136+
109137
func (impl EnvironmentRestHandlerImpl) Create(w http.ResponseWriter, r *http.Request) {
110138
decoder := json.NewDecoder(r.Body)
111139
userId, err := impl.userService.GetLoggedInUser(r)
@@ -128,6 +156,13 @@ func (impl EnvironmentRestHandlerImpl) Create(w http.ResponseWriter, r *http.Req
128156
common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
129157
return
130158
}
159+
// Validate environment name
160+
err = impl.validateEnvironmentName(bean.Environment)
161+
if err != nil {
162+
impl.logger.Errorw("environment name validation err, Create", "err", err, "envName", bean.Environment)
163+
common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
164+
return
165+
}
131166

132167
// RBAC enforcer applying
133168
token := r.Header.Get("token")

api/restHandler/app/pipeline/configure/DeploymentPipelineRestHandler.go

Lines changed: 35 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -21,19 +21,21 @@ import (
2121
"encoding/json"
2222
"errors"
2323
"fmt"
24+
2425
models2 "github.com/devtron-labs/devtron/internal/sql/models"
2526
bean4 "github.com/devtron-labs/devtron/pkg/auth/user/bean"
2627
util3 "github.com/devtron-labs/devtron/pkg/auth/user/util"
2728
bean3 "github.com/devtron-labs/devtron/pkg/chart/bean"
2829

29-
devtronAppGitOpConfigBean "github.com/devtron-labs/devtron/pkg/chart/gitOpsConfig/bean"
30-
"github.com/devtron-labs/devtron/pkg/policyGovernance/security/imageScanning/repository"
3130
"io"
3231
"net/http"
3332
"strconv"
3433
"strings"
3534
"time"
3635

36+
devtronAppGitOpConfigBean "github.com/devtron-labs/devtron/pkg/chart/gitOpsConfig/bean"
37+
"github.com/devtron-labs/devtron/pkg/policyGovernance/security/imageScanning/repository"
38+
3739
bean2 "github.com/devtron-labs/devtron/api/bean"
3840
"github.com/devtron-labs/devtron/api/restHandler/common"
3941
"github.com/devtron-labs/devtron/internal/sql/repository/helper"
@@ -107,6 +109,7 @@ type DevtronAppDeploymentConfigRestHandler interface {
107109
GetDefaultDeploymentPipelineStrategy(w http.ResponseWriter, r *http.Request)
108110

109111
EnvConfigOverrideCreateNamespace(w http.ResponseWriter, r *http.Request)
112+
UpdateEmptyNamespaceInChartEnvConfigOverride(w http.ResponseWriter, r *http.Request)
110113

111114
DevtronAppDeploymentConfigRestHandlerEnt
112115
}
@@ -2062,6 +2065,36 @@ func (handler *PipelineConfigRestHandlerImpl) EnvConfigOverrideCreateNamespace(w
20622065
common.WriteJsonResp(w, err, createResp, http.StatusOK)
20632066
}
20642067

2068+
func (handler *PipelineConfigRestHandlerImpl) UpdateEmptyNamespaceInChartEnvConfigOverride(w http.ResponseWriter, r *http.Request) {
2069+
userId, err := handler.userAuthService.GetLoggedInUser(r)
2070+
if userId == 0 || err != nil {
2071+
common.HandleUnauthorized(w, r)
2072+
return
2073+
}
2074+
token := r.Header.Get("token")
2075+
2076+
// Check if user is super admin - this is a global operation
2077+
if ok := handler.enforcer.Enforce(token, casbin.ResourceGlobal, casbin.ActionUpdate, "*"); !ok {
2078+
common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
2079+
return
2080+
}
2081+
2082+
handler.Logger.Infow("request received, UpdateEmptyNamespaceInChartEnvConfigOverride", "userId", userId)
2083+
2084+
count, err := handler.propertiesConfigService.UpdateEmptyNamespaceInChartEnvConfigOverride(userId)
2085+
if err != nil {
2086+
handler.Logger.Errorw("service err, UpdateEmptyNamespaceInChartEnvConfigOverride", "err", err)
2087+
common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
2088+
return
2089+
}
2090+
2091+
response := map[string]interface{}{
2092+
"message": "Namespace updated successfully from environment table",
2093+
"updatedCount": count,
2094+
}
2095+
common.WriteJsonResp(w, nil, response, http.StatusOK)
2096+
}
2097+
20652098
func (handler *PipelineConfigRestHandlerImpl) IsReadyToTrigger(w http.ResponseWriter, r *http.Request) {
20662099
token := r.Header.Get("token")
20672100
vars := mux.Vars(r)

api/router/app/pipeline/configure/PipelineConfigRouter.go

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -124,6 +124,9 @@ func (router PipelineConfigRouterImpl) InitPipelineConfigRouter(configRouter *mu
124124
configRouter.Path("/env/reset/{appId}/{environmentId}/{id}").HandlerFunc(router.restHandler.EnvConfigOverrideReset).Methods("DELETE")
125125
configRouter.Path("/env/namespace/{appId}/{environmentId}").HandlerFunc(router.restHandler.EnvConfigOverrideCreateNamespace).Methods("POST")
126126

127+
// this api was made for issue :- https://github.com/devtron-labs/sprint-tasks/issues/2692
128+
configRouter.Path("/env/namespace/populate-empty").HandlerFunc(router.restHandler.UpdateEmptyNamespaceInChartEnvConfigOverride).Methods("GET")
129+
127130
configRouter.Path("/cd-pipeline/workflow/history/{appId}/{environmentId}/{pipelineId}").HandlerFunc(router.restHandler.ListDeploymentHistory).Methods("GET")
128131
configRouter.Path("/cd-pipeline/workflow/logs/{appId}/{environmentId}/{pipelineId}/{workflowId}").HandlerFunc(router.restHandler.GetPrePostDeploymentLogs).Methods("GET")
129132
configRouter.Path("/cd-pipeline/workflow/trigger-info/{appId}/{environmentId}/{pipelineId}/{workflowRunnerId}").HandlerFunc(router.restHandler.FetchCdWorkflowDetails).Methods("GET")

assets/readme-logos/argo.jpg

17.4 KB
Loading

assets/readme-logos/casbin.jpg

29.6 KB
Loading

assets/readme-logos/clair.jpg

15 KB
Loading

assets/readme-logos/dex.jpg

51.7 KB
Loading

assets/readme-logos/golang.jpg

83.6 KB
Loading

0 commit comments

Comments
 (0)