chore: Config approval scripts and refactoring (#3762)

* config approval scripts

* approver role resource added

* migration version updated

* overriden flag introduced

* down script commited

* cm fetch for edit

* app level fetch instead of env level

* cm bean refactoring

* clean dead code

* env props bean refactoring

* refactoring

* script version updated

* config approval down sql

* table deletion order fix

* script number update

api/restHandler/ConfigMapRestHandler.go

@@ -24,6 +24,7 @@ import (
 	"github.com/devtron-labs/devtron/internal/sql/repository/pipelineConfig"
 	"github.com/devtron-labs/devtron/pkg/chart"
 	"github.com/devtron-labs/devtron/pkg/pipeline"
+	"github.com/devtron-labs/devtron/pkg/pipeline/bean"
 	"github.com/devtron-labs/devtron/pkg/team"
 	"github.com/devtron-labs/devtron/pkg/user"
 	"github.com/devtron-labs/devtron/pkg/user/casbin"
@@ -39,6 +40,8 @@ type ConfigMapRestHandler interface {
 	CMEnvironmentAddUpdate(w http.ResponseWriter, r *http.Request)
 	CMGlobalFetch(w http.ResponseWriter, r *http.Request)
 	CMEnvironmentFetch(w http.ResponseWriter, r *http.Request)
+	CMGlobalFetchForEdit(w http.ResponseWriter, r *http.Request)
+	CMEnvironmentFetchForEdit(w http.ResponseWriter, r *http.Request)
 
 	CSGlobalAddUpdate(w http.ResponseWriter, r *http.Request)
 	CSEnvironmentAddUpdate(w http.ResponseWriter, r *http.Request)
@@ -95,7 +98,7 @@ func (handler ConfigMapRestHandlerImpl) CMGlobalAddUpdate(w http.ResponseWriter,
 		common.WriteJsonResp(w, err, "Unauthorized User", http.StatusUnauthorized)
 		return
 	}
-	var configMapRequest pipeline.ConfigDataRequest
+	var configMapRequest bean.ConfigDataRequest
 
 	err = decoder.Decode(&configMapRequest)
 	if err != nil {
@@ -131,7 +134,7 @@ func (handler ConfigMapRestHandlerImpl) CMEnvironmentAddUpdate(w http.ResponseWr
 		common.WriteJsonResp(w, err, "Unauthorized User", http.StatusUnauthorized)
 		return
 	}
-	var configMapRequest pipeline.ConfigDataRequest
+	var configMapRequest bean.ConfigDataRequest
 	err = decoder.Decode(&configMapRequest)
 	if err != nil {
 		handler.Logger.Errorw("request err, CMEnvironmentAddUpdate", "err", err, "payload", configMapRequest)
@@ -196,6 +199,84 @@ func (handler ConfigMapRestHandlerImpl) CMGlobalFetch(w http.ResponseWriter, r *
 	common.WriteJsonResp(w, err, res, http.StatusOK)
 }
 
+func (handler ConfigMapRestHandlerImpl) CMGlobalFetchForEdit(w http.ResponseWriter, r *http.Request) {
+	userId, err := handler.userAuthService.GetLoggedInUser(r)
+	if userId == 0 || err != nil {
+		common.WriteJsonResp(w, err, "Unauthorized User", http.StatusUnauthorized)
+		return
+	}
+	vars := mux.Vars(r)
+	appId, err := strconv.Atoi(vars["appId"])
+	if err != nil {
+		handler.Logger.Errorw("request err, CMGlobalFetch", "err", err, "appId", appId)
+		common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
+		return
+	}
+	cmId, err := strconv.Atoi(vars["id"])
+	if err != nil {
+		handler.Logger.Errorw("request err, CMGlobalFetch", "err", err, "cmId", cmId)
+		common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
+		return
+	}
+	token := r.Header.Get("token")
+	object := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
+	if ok := handler.enforcer.Enforce(token, casbin.ResourceApplications, casbin.ActionGet, object); !ok {
+		common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
+		return
+	}
+
+	name := vars["name"]
+	response, err := handler.configMapService.CMGlobalFetchForEdit(name, cmId)
+	if err != nil {
+		handler.Logger.Errorw("service err, CMGlobalFetchForEdit", "err", err, "appId", appId)
+		common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
+		return
+	}
+	common.WriteJsonResp(w, err, response, http.StatusOK)
+}
+
+func (handler ConfigMapRestHandlerImpl) CMEnvironmentFetchForEdit(w http.ResponseWriter, r *http.Request) {
+	userId, err := handler.userAuthService.GetLoggedInUser(r)
+	if userId == 0 || err != nil {
+		common.WriteJsonResp(w, err, "Unauthorized User", http.StatusUnauthorized)
+		return
+	}
+	vars := mux.Vars(r)
+	appId, err := strconv.Atoi(vars["appId"])
+	if err != nil {
+		handler.Logger.Errorw("request err, CMGlobalFetch", "err", err, "appId", appId)
+		common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
+		return
+	}
+	envId, err := strconv.Atoi(vars["envId"])
+	if err != nil {
+		handler.Logger.Errorw("request err, CMGlobalFetch", "err", err, "envId", envId)
+		common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
+		return
+	}
+	cmId, err := strconv.Atoi(vars["id"])
+	if err != nil {
+		handler.Logger.Errorw("request err, CMGlobalFetch", "err", err, "cmId", cmId)
+		common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
+		return
+	}
+	token := r.Header.Get("token")
+	object := handler.enforcerUtil.GetAppRBACNameByAppId(appId)
+	if ok := handler.enforcer.Enforce(token, casbin.ResourceApplications, casbin.ActionGet, object); !ok {
+		common.WriteJsonResp(w, fmt.Errorf("unauthorized user"), "Unauthorized User", http.StatusForbidden)
+		return
+	}
+
+	name := vars["name"]
+	response, err := handler.configMapService.CMEnvironmentFetchForEdit(name, cmId, appId, envId)
+	if err != nil {
+		handler.Logger.Errorw("service err, CMEnvironmentFetchForEdit", "err", err, "appId", appId, "envId", envId)
+		common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
+		return
+	}
+	common.WriteJsonResp(w, err, response, http.StatusOK)
+}
+
 func (handler ConfigMapRestHandlerImpl) CMEnvironmentFetch(w http.ResponseWriter, r *http.Request) {
 	userId, err := handler.userAuthService.GetLoggedInUser(r)
 	if userId == 0 || err != nil {
@@ -241,7 +322,7 @@ func (handler ConfigMapRestHandlerImpl) CSGlobalAddUpdate(w http.ResponseWriter,
 		common.WriteJsonResp(w, err, "Unauthorized User", http.StatusUnauthorized)
 		return
 	}
-	var configMapRequest pipeline.ConfigDataRequest
+	var configMapRequest bean.ConfigDataRequest
 
 	err = decoder.Decode(&configMapRequest)
 	if err != nil {
@@ -277,7 +358,7 @@ func (handler ConfigMapRestHandlerImpl) CSEnvironmentAddUpdate(w http.ResponseWr
 		common.WriteJsonResp(w, err, "Unauthorized User", http.StatusUnauthorized)
 		return
 	}
-	var configMapRequest pipeline.ConfigDataRequest
+	var configMapRequest bean.ConfigDataRequest
 
 	err = decoder.Decode(&configMapRequest)
 	if err != nil {
@@ -673,7 +754,7 @@ func (handler ConfigMapRestHandlerImpl) ConfigSecretBulkPatch(w http.ResponseWri
 	}
 	//AUTH
 
-	var bulkPatchRequest pipeline.BulkPatchRequest
+	var bulkPatchRequest bean.BulkPatchRequest
 	err = decoder.Decode(&bulkPatchRequest)
 	if err != nil {
 		handler.Logger.Errorw("request err, ConfigSecretBulkPatch", "err", err, "payload", bulkPatchRequest)
@@ -719,7 +800,7 @@ func (handler ConfigMapRestHandlerImpl) AddEnvironmentToJob(w http.ResponseWrite
 	}
 	//AUTH
 
-	var envOverrideRequest pipeline.CreateJobEnvOverridePayload
+	var envOverrideRequest bean.CreateJobEnvOverridePayload
 	err = decoder.Decode(&envOverrideRequest)
 	if err != nil {
 		handler.Logger.Errorw("request err, AddEvironmentToJob", "err", err, "payload", envOverrideRequest)
@@ -757,7 +838,7 @@ func (handler ConfigMapRestHandlerImpl) RemoveEnvironmentFromJob(w http.Response
 	}
 	//AUTH
 
-	var envOverrideRequest pipeline.CreateJobEnvOverridePayload
+	var envOverrideRequest bean.CreateJobEnvOverridePayload
 	err = decoder.Decode(&envOverrideRequest)
 	if err != nil {
 		handler.Logger.Errorw("request err, RemoveEnvironmentFromJob", "err", err, "payload", envOverrideRequest)

api/restHandler/CoreAppRestHandler.go

@@ -854,7 +854,7 @@ func (handler CoreAppRestHandlerImpl) buildAppEnvironmentConfigMaps(appId int, e
 }
 
 // get/build config maps
-func (handler CoreAppRestHandlerImpl) buildAppConfigMaps(appId int, envId int, configMapData *pipeline.ConfigDataRequest) ([]*appBean.ConfigMap, error, int) {
+func (handler CoreAppRestHandlerImpl) buildAppConfigMaps(appId int, envId int, configMapData *bean2.ConfigDataRequest) ([]*appBean.ConfigMap, error, int) {
 	handler.logger.Debugw("Getting app detail - config maps", "appId", appId, "envId", envId)
 
 	var configMapsResp []*appBean.ConfigMap
@@ -977,7 +977,7 @@ func (handler CoreAppRestHandlerImpl) buildAppEnvironmentSecrets(appId int, envI
 }
 
 // get/build secrets
-func (handler CoreAppRestHandlerImpl) buildAppSecrets(appId int, envId int, secretData *pipeline.ConfigDataRequest) ([]*appBean.Secret, error, int) {
+func (handler CoreAppRestHandlerImpl) buildAppSecrets(appId int, envId int, secretData *bean2.ConfigDataRequest) ([]*appBean.Secret, error, int) {
 	handler.logger.Debugw("Getting app detail - secrets", "appId", appId, "envId", envId)
 
 	var secretsResp []*appBean.Secret
@@ -1411,7 +1411,7 @@ func (handler CoreAppRestHandlerImpl) createGlobalConfigMaps(appId int, userId i
 		}
 
 		// build
-		configMapData := &pipeline.ConfigData{
+		configMapData := &bean2.ConfigData{
 			Name:     configMap.Name,
 			External: configMap.IsExternal,
 			Data:     json.RawMessage(configMapKeyValueData),
@@ -1425,9 +1425,9 @@ func (handler CoreAppRestHandlerImpl) createGlobalConfigMaps(appId int, userId i
 		}
 
 		// service call
-		var configMapDataRequest []*pipeline.ConfigData
+		var configMapDataRequest []*bean2.ConfigData
 		configMapDataRequest = append(configMapDataRequest, configMapData)
-		configMapRequest := &pipeline.ConfigDataRequest{
+		configMapRequest := &bean2.ConfigDataRequest{
 			AppId:      appId,
 			UserId:     userId,
 			Id:         appLevelId,
@@ -1465,7 +1465,7 @@ func (handler CoreAppRestHandlerImpl) createGlobalSecrets(appId int, userId int3
 		}
 
 		// build
-		secretData := &pipeline.ConfigData{
+		secretData := &bean2.ConfigData{
 			Name:               secret.Name,
 			External:           secret.IsExternal,
 			Type:               secret.UsageType,
@@ -1481,9 +1481,9 @@ func (handler CoreAppRestHandlerImpl) createGlobalSecrets(appId int, userId int3
 		}
 
 		if secret.IsExternal {
-			var externalDataRequests []pipeline.ExternalSecret
+			var externalDataRequests []bean2.ExternalSecret
 			for _, externalData := range secret.ExternalSecretData {
-				externalDataRequest := pipeline.ExternalSecret{
+				externalDataRequest := bean2.ExternalSecret{
 					Name:     externalData.Name,
 					IsBinary: externalData.IsBinary,
 					Key:      externalData.Key,
@@ -1502,9 +1502,9 @@ func (handler CoreAppRestHandlerImpl) createGlobalSecrets(appId int, userId int3
 		}
 
 		// service call
-		var secretDataRequest []*pipeline.ConfigData
+		var secretDataRequest []*bean2.ConfigData
 		secretDataRequest = append(secretDataRequest, secretData)
-		secretRequest := &pipeline.ConfigDataRequest{
+		secretRequest := &bean2.ConfigDataRequest{
 			AppId:      appId,
 			UserId:     userId,
 			Id:         appLevelId,
@@ -1787,7 +1787,7 @@ func (handler CoreAppRestHandlerImpl) createEnvDeploymentTemplate(appId int, use
 		return err
 	}
 	chartRefId := deploymentTemplateOverride.ChartRefId
-	envConfigProperties := &pipeline.EnvironmentProperties{
+	envConfigProperties := &bean2.EnvironmentProperties{
 		IsOverride:        true,
 		Active:            true,
 		ManualReviewed:    true,
@@ -1895,7 +1895,7 @@ func (handler CoreAppRestHandlerImpl) createEnvCM(appId int, userId int32, envId
 		}
 
 		// build
-		configData := &pipeline.ConfigData{
+		configData := &bean2.ConfigData{
 			Name:     cmOverride.Name,
 			External: cmOverride.IsExternal,
 			Type:     cmOverride.UsageType,
@@ -1908,11 +1908,11 @@ func (handler CoreAppRestHandlerImpl) createEnvCM(appId int, userId int32, envId
 			configData.FilePermission = cmOverrideDataVolumeUsageConfig.FilePermission
 		}
 
-		var configDataRequest []*pipeline.ConfigData
+		var configDataRequest []*bean2.ConfigData
 		configDataRequest = append(configDataRequest, configData)
 
 		// service call
-		cmEnvRequest := &pipeline.ConfigDataRequest{
+		cmEnvRequest := &bean2.ConfigDataRequest{
 			AppId:         appId,
 			UserId:        userId,
 			EnvironmentId: envId,
@@ -1955,7 +1955,7 @@ func (handler CoreAppRestHandlerImpl) createEnvSecret(appId int, userId int32, e
 			return err
 		}
 
-		secretData := &pipeline.ConfigData{
+		secretData := &bean2.ConfigData{
 			Name:               secretOverride.Name,
 			External:           secretOverride.IsExternal,
 			ExternalSecretType: secretOverride.ExternalType,
@@ -1970,11 +1970,11 @@ func (handler CoreAppRestHandlerImpl) createEnvSecret(appId int, userId int32, e
 			secretData.SubPath = secretOverrideDataVolumeUsageConfig.SubPath
 			secretData.FilePermission = secretOverrideDataVolumeUsageConfig.FilePermission
 		}
-		var secretDataRequest []*pipeline.ConfigData
+		var secretDataRequest []*bean2.ConfigData
 		secretDataRequest = append(secretDataRequest, secretData)
 
 		// service call
-		secretEnvRequest := &pipeline.ConfigDataRequest{
+		secretEnvRequest := &bean2.ConfigDataRequest{
 			AppId:         appId,
 			UserId:        userId,
 			EnvironmentId: envId,
@@ -1995,10 +1995,10 @@ func (handler CoreAppRestHandlerImpl) createEnvSecret(appId int, userId int32, e
 
 //private methods for data conversion below
 
-func convertCSExternalSecretData(externalSecretsData []*appBean.ExternalSecret) []pipeline.ExternalSecret {
-	var convertedExternalSecretsData []pipeline.ExternalSecret
+func convertCSExternalSecretData(externalSecretsData []*appBean.ExternalSecret) []bean2.ExternalSecret {
+	var convertedExternalSecretsData []bean2.ExternalSecret
 	for _, externalSecretData := range externalSecretsData {
-		convertedExternalSecret := pipeline.ExternalSecret{
+		convertedExternalSecret := bean2.ExternalSecret{
 			Key:      externalSecretData.Key,
 			Name:     externalSecretData.Name,
 			Property: externalSecretData.Property,

api/restHandler/app/DeploymentPipelineRestHandler.go

@@ -15,6 +15,7 @@ import (
 	"github.com/devtron-labs/devtron/pkg/bean"
 	"github.com/devtron-labs/devtron/pkg/chart"
 	"github.com/devtron-labs/devtron/pkg/pipeline"
+	bean3 "github.com/devtron-labs/devtron/pkg/pipeline/bean"
 	"github.com/devtron-labs/devtron/pkg/user/casbin"
 	"github.com/go-pg/pg"
 	"github.com/gorilla/mux"
@@ -650,7 +651,7 @@ func (handler PipelineConfigRestHandlerImpl) EnvConfigOverrideCreate(w http.Resp
 		return
 	}
 	decoder := json.NewDecoder(r.Body)
-	var envConfigProperties pipeline.EnvironmentProperties
+	var envConfigProperties bean3.EnvironmentProperties
 	err = decoder.Decode(&envConfigProperties)
 	if err != nil {
 		handler.Logger.Errorw("request err, EnvConfigOverrideCreate", "err", err, "payload", envConfigProperties)
@@ -752,7 +753,7 @@ func (handler PipelineConfigRestHandlerImpl) EnvConfigOverrideUpdate(w http.Resp
 		common.WriteJsonResp(w, err, "Unauthorized User", http.StatusUnauthorized)
 		return
 	}
-	var envConfigProperties pipeline.EnvironmentProperties
+	var envConfigProperties bean3.EnvironmentProperties
 	err = decoder.Decode(&envConfigProperties)
 	envConfigProperties.UserId = userId
 	if err != nil {
@@ -2124,7 +2125,7 @@ func (handler PipelineConfigRestHandlerImpl) EnvConfigOverrideCreateNamespace(w
 		return
 	}
 	decoder := json.NewDecoder(r.Body)
-	var envConfigProperties pipeline.EnvironmentProperties
+	var envConfigProperties bean3.EnvironmentProperties
 	err = decoder.Decode(&envConfigProperties)
 	envConfigProperties.UserId = userId
 	envConfigProperties.EnvironmentId = environmentId

api/router/ConfigMapRouter.go

@@ -45,6 +45,12 @@ func (router ConfigMapRouterImpl) initConfigMapRouter(configRouter *mux.Router)
 		HandlerFunc(router.restHandler.CMGlobalFetch).Methods("GET")
 	configRouter.Path("/environment/cm/{appId}/{envId}").
 		HandlerFunc(router.restHandler.CMEnvironmentFetch).Methods("GET")
+	configRouter.Path("/global/cm/edit/{appId}/{id}").
+		Queries("name", "{name}").
+		HandlerFunc(router.restHandler.CMGlobalFetchForEdit).Methods("GET")
+	configRouter.Path("/environment/cm/edit/{appId}/{envId}/{id}").
+		Queries("name", "{name}").
+		HandlerFunc(router.restHandler.CMEnvironmentFetchForEdit).Methods("GET")
 
 	configRouter.Path("/global/cs").
 		HandlerFunc(router.restHandler.CSGlobalAddUpdate).Methods("POST")