alexei.dolgolyov
93b6911b34
Every deploy across all four source kinds now writes a workload-scoped
event via a shared plugin.EmitDeployEvent helper (replacing the inline
emit duplicated in static/dockerfile, standardizing static's metadata
key site_id->workload_id, and adding emission to image+compose which
were silent). New indexed event_log.workload_id column, EventLogFilter
.WorkloadID, and GET /api/workloads/{id}/events (id pinned from path).
Frontend: a forge "Activity" panel on /apps/[id] reusing EventLogEntry,
live SSE prepend filtered by workload_id, load-more pagination, an
All/Errors severity filter, and a shared toEventLogEntry mapper. en/ru
i18n parity.
Security: compose's failure status emits a generic reason instead of raw
`docker compose up` output, which can echo app secrets and egresses to
operator webhooks (NotificationURL + event-trigger actions); full detail
stays only in the returned error. Rune-safe 256-rune status cap.
Reviewed: go + typescript APPROVE; security HIGH fixed.
107 lines
3.1 KiB
Go
107 lines
3.1 KiB
Go
package api
|
|
|
|
import (
|
|
"log/slog"
|
|
"net/http"
|
|
"strconv"
|
|
|
|
"github.com/go-chi/chi/v5"
|
|
|
|
"github.com/alexei/tinyforge/internal/store"
|
|
)
|
|
|
|
// listEventLog handles GET /api/events/log.
|
|
// Supports query parameters: severity, source, since, until, limit, offset.
|
|
func (s *Server) listEventLog(w http.ResponseWriter, r *http.Request) {
|
|
q := r.URL.Query()
|
|
|
|
limit, _ := strconv.Atoi(q.Get("limit"))
|
|
offset, _ := strconv.Atoi(q.Get("offset"))
|
|
|
|
filter := store.EventLogFilter{
|
|
Severity: q.Get("severity"),
|
|
Source: q.Get("source"),
|
|
Since: q.Get("since"),
|
|
Until: q.Get("until"),
|
|
Limit: limit,
|
|
Offset: offset,
|
|
}
|
|
|
|
events, err := s.store.ListEvents(filter)
|
|
if err != nil {
|
|
slog.Error("failed to list events", "error", err)
|
|
respondError(w, http.StatusInternalServerError, "failed to list events")
|
|
return
|
|
}
|
|
|
|
respondJSON(w, http.StatusOK, events)
|
|
}
|
|
|
|
// listWorkloadEvents handles GET /api/workloads/{id}/events — the per-app
|
|
// activity/deploy timeline. The workload id is pinned from the path, so a
|
|
// client cannot widen the scope to other workloads or the global feed.
|
|
// Supports the same severity/limit/offset query params as listEventLog.
|
|
func (s *Server) listWorkloadEvents(w http.ResponseWriter, r *http.Request) {
|
|
id := chi.URLParam(r, "id")
|
|
if id == "" {
|
|
respondError(w, http.StatusBadRequest, "workload id is required")
|
|
return
|
|
}
|
|
|
|
q := r.URL.Query()
|
|
limit, _ := strconv.Atoi(q.Get("limit"))
|
|
offset, _ := strconv.Atoi(q.Get("offset"))
|
|
|
|
events, err := s.store.ListEvents(store.EventLogFilter{
|
|
WorkloadID: id,
|
|
Severity: q.Get("severity"),
|
|
Limit: limit,
|
|
Offset: offset,
|
|
})
|
|
if err != nil {
|
|
slog.Error("failed to list workload events", "workload", id, "error", err)
|
|
respondError(w, http.StatusInternalServerError, "failed to list events")
|
|
return
|
|
}
|
|
|
|
respondJSON(w, http.StatusOK, events)
|
|
}
|
|
|
|
// getEventLogStats handles GET /api/events/log/stats.
|
|
func (s *Server) getEventLogStats(w http.ResponseWriter, r *http.Request) {
|
|
stats, err := s.store.GetEventStats()
|
|
if err != nil {
|
|
slog.Error("failed to get event stats", "error", err)
|
|
respondError(w, http.StatusInternalServerError, "failed to get event stats")
|
|
return
|
|
}
|
|
|
|
respondJSON(w, http.StatusOK, stats)
|
|
}
|
|
|
|
// deleteEvent handles DELETE /api/events/log/{id}.
|
|
func (s *Server) deleteEvent(w http.ResponseWriter, r *http.Request) {
|
|
id, err := strconv.ParseInt(chi.URLParam(r, "id"), 10, 64)
|
|
if err != nil {
|
|
respondError(w, http.StatusBadRequest, "invalid event ID")
|
|
return
|
|
}
|
|
if err := s.store.DeleteEvent(id); err != nil {
|
|
slog.Error("failed to delete event", "id", id, "error", err)
|
|
respondError(w, http.StatusInternalServerError, "internal server error")
|
|
return
|
|
}
|
|
respondJSON(w, http.StatusOK, map[string]string{"status": "deleted"})
|
|
}
|
|
|
|
// clearEvents handles DELETE /api/events/log.
|
|
func (s *Server) clearEvents(w http.ResponseWriter, r *http.Request) {
|
|
cleared, err := s.store.ClearAllEvents()
|
|
if err != nil {
|
|
slog.Error("failed to clear events", "error", err)
|
|
respondError(w, http.StatusInternalServerError, "internal server error")
|
|
return
|
|
}
|
|
respondJSON(w, http.StatusOK, map[string]any{"status": "cleared", "count": cleared})
|
|
}
|