fix(pendingactions): refactor pending actions [EE-7011] (#11780)

api/pendingactions/handlers/clean_nap_with_override_policies.go

@@ -0,0 +1,82 @@
+package handlers
+
+import (
+	"fmt"
+
+	portainer "github.com/portainer/portainer/api"
+	"github.com/portainer/portainer/api/dataservices"
+	"github.com/portainer/portainer/api/internal/authorization"
+	"github.com/portainer/portainer/api/pendingactions/actions"
+	"github.com/rs/zerolog/log"
+)
+
+type (
+	cleanNAPWithOverridePolicies struct {
+		EndpointGroupID portainer.EndpointGroupID
+	}
+
+	HandlerCleanNAPWithOverridePolicies struct {
+		authorizationService *authorization.Service
+		dataStore            dataservices.DataStore
+	}
+)
+
+// NewCleanNAPWithOverridePolicies creates a new CleanNAPWithOverridePolicies pending action
+func NewCleanNAPWithOverridePolicies(endpointID portainer.EndpointID, gid *portainer.EndpointGroupID) portainer.PendingAction {
+	pendingAction := portainer.PendingAction{
+		EndpointID: endpointID,
+		Action:     actions.CleanNAPWithOverridePolicies,
+	}
+
+	if gid != nil {
+		pendingAction.ActionData = cleanNAPWithOverridePolicies{
+			EndpointGroupID: *gid,
+		}
+	}
+
+	return pendingAction
+}
+
+// NewHandlerCleanNAPWithOverridePolicies creates a new handler to execute CleanNAPWithOverridePolicies pending action
+func NewHandlerCleanNAPWithOverridePolicies(
+	authorizationService *authorization.Service,
+	dataStore dataservices.DataStore,
+) *HandlerCleanNAPWithOverridePolicies {
+	return &HandlerCleanNAPWithOverridePolicies{
+		authorizationService: authorizationService,
+		dataStore:            dataStore,
+	}
+}
+
+func (h *HandlerCleanNAPWithOverridePolicies) Execute(pendingAction portainer.PendingAction, endpoint *portainer.Endpoint) error {
+	if pendingAction.ActionData == nil {
+		h.authorizationService.CleanNAPWithOverridePolicies(h.dataStore, endpoint, nil)
+		return nil
+	}
+
+	var payload cleanNAPWithOverridePolicies
+	err := pendingAction.UnmarshallActionData(&payload)
+	if err != nil {
+		log.Error().Err(err).Msgf("Error unmarshalling endpoint group ID for cleaning NAP with override policies for environment %d", endpoint.ID)
+		return fmt.Errorf("failed to unmarshal endpoint group ID for cleaning NAP with override policies for environment %d: %w", endpoint.ID, err)
+	}
+
+	if payload.EndpointGroupID == 0 {
+		h.authorizationService.CleanNAPWithOverridePolicies(h.dataStore, endpoint, nil)
+		return nil
+	}
+
+	endpointGroup, err := h.dataStore.EndpointGroup().Read(portainer.EndpointGroupID(payload.EndpointGroupID))
+	if err != nil {
+		log.Error().Err(err).Msgf("Error reading environment group to clean NAP with override policies for environment %d and environment group %d", endpoint.ID, endpointGroup.ID)
+		return fmt.Errorf("failed to retrieve environment group %d: %w", payload.EndpointGroupID, err)
+	}
+
+	err = h.authorizationService.CleanNAPWithOverridePolicies(h.dataStore, endpoint, endpointGroup)
+	if err != nil {
+		log.Error().Err(err).Msgf("Error cleaning NAP with override policies for environment %d and environment group %d", endpoint.ID, endpointGroup.ID)
+		return fmt.Errorf("failed to clean NAP with override policies for environment %d and environment group %d: %w", endpoint.ID, endpointGroup.ID, err)
+	}
+
+	return nil
+}

api/pendingactions/handlers/delete_k8s_registry_secrets.go

@@ -0,0 +1,73 @@
+package handlers
+
+import (
+	portainer "github.com/portainer/portainer/api"
+	"github.com/portainer/portainer/api/dataservices"
+	"github.com/portainer/portainer/api/internal/authorization"
+	kubecli "github.com/portainer/portainer/api/kubernetes/cli"
+	"github.com/portainer/portainer/api/pendingactions/actions"
+)
+
+type (
+	HandlerDeleteK8sRegistrySecrets struct {
+		authorizationService *authorization.Service
+		dataStore            dataservices.DataStore
+		kubeFactory          *kubecli.ClientFactory
+	}
+
+	deleteK8sRegistrySecretsData struct {
+		RegistryID portainer.RegistryID `json:"RegistryID"`
+		Namespaces []string             `json:"Namespaces"`
+	}
+)
+
+// NewDeleteK8sRegistrySecrets creates a new DeleteK8sRegistrySecrets pending action
+func NewDeleteK8sRegistrySecrets(endpointID portainer.EndpointID, registryID portainer.RegistryID, namespaces []string) portainer.PendingAction {
+	return portainer.PendingAction{
+		EndpointID: endpointID,
+		Action:     actions.DeleteK8sRegistrySecrets,
+		ActionData: &deleteK8sRegistrySecretsData{
+			RegistryID: registryID,
+			Namespaces: namespaces,
+		},
+	}
+}
+
+// NewHandlerDeleteRegistrySecrets creates a new handler to execute DeleteK8sRegistrySecrets pending action
+func NewHandlerDeleteRegistrySecrets(
+	authorizationService *authorization.Service,
+	dataStore dataservices.DataStore,
+	kubeFactory *kubecli.ClientFactory,
+) *HandlerDeleteK8sRegistrySecrets {
+	return &HandlerDeleteK8sRegistrySecrets{
+		authorizationService: authorizationService,
+		dataStore:            dataStore,
+		kubeFactory:          kubeFactory,
+	}
+}
+
+func (h *HandlerDeleteK8sRegistrySecrets) Execute(pa portainer.PendingAction, endpoint *portainer.Endpoint) error {
+	if endpoint == nil || pa.ActionData == nil {
+		return nil
+	}
+
+	var registryData deleteK8sRegistrySecretsData
+	err := pa.UnmarshallActionData(&registryData)
+	if err != nil {
+		return err
+	}
+
+	kubeClient, err := h.kubeFactory.GetKubeClient(endpoint)
+	if err != nil {
+		return err
+	}
+
+	for _, namespace := range registryData.Namespaces {
+		err = kubeClient.DeleteRegistrySecret(registryData.RegistryID, namespace)
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}

api/pendingactions/handlers/post_init_migrate_environment.go

@@ -0,0 +1,58 @@
+package handlers
+
+import (
+	"fmt"
+
+	portainer "github.com/portainer/portainer/api"
+	"github.com/portainer/portainer/api/dataservices"
+	"github.com/portainer/portainer/api/datastore/postinit"
+	dockerClient "github.com/portainer/portainer/api/docker/client"
+	"github.com/portainer/portainer/api/internal/authorization"
+	kubecli "github.com/portainer/portainer/api/kubernetes/cli"
+	"github.com/rs/zerolog/log"
+)
+
+type HandlerPostInitMigrateEnvironment struct {
+	authorizationService *authorization.Service
+	dataStore            dataservices.DataStore
+	kubeFactory          *kubecli.ClientFactory
+	dockerFactory        *dockerClient.ClientFactory
+	assetsPath           string
+	kubernetesDeployer   portainer.KubernetesDeployer
+}
+
+// NewPostInitMigrateEnvironment creates a new PostInitMigrateEnvironment pending action
+func NewHandlerPostInitMigrateEnvironment(
+	authorizationService *authorization.Service,
+	dataStore dataservices.DataStore,
+	kubeFactory *kubecli.ClientFactory,
+	dockerFactory *dockerClient.ClientFactory,
+	assetsPath string,
+	kubernetesDeployer portainer.KubernetesDeployer,
+) *HandlerPostInitMigrateEnvironment {
+	return &HandlerPostInitMigrateEnvironment{
+		authorizationService: authorizationService,
+		dataStore:            dataStore,
+		kubeFactory:          kubeFactory,
+		dockerFactory:        dockerFactory,
+		assetsPath:           assetsPath,
+		kubernetesDeployer:   kubernetesDeployer,
+	}
+}
+
+func (h *HandlerPostInitMigrateEnvironment) Execute(_ portainer.PendingAction, endpoint *portainer.Endpoint) error {
+	postInitMigrator := postinit.NewPostInitMigrator(
+		h.kubeFactory,
+		h.dockerFactory,
+		h.dataStore,
+		h.assetsPath,
+		h.kubernetesDeployer,
+	)
+	err := postInitMigrator.MigrateEnvironment(endpoint)
+	if err != nil {
+		log.Error().Err(err).Msgf("Error running post-init migrations for edge environment %d", endpoint.ID)
+		return fmt.Errorf("failed running post-init migrations for edge environment %d: %w", endpoint.ID, err)
+	}
+
+	return nil
+}