CChenyt26
aa395f82创建于 2022年8月9日历史提交
import * as core from '@actions/core';
import * as context from '../context';
import * as utils from '../utils';
const vpc = require('@huaweicloud/huaweicloud-sdk-vpc');
import vpcv3 = require('@huaweicloud/huaweicloud-sdk-vpc/v3/public-api');
import {SubnetInfo} from './model/SubnetInfo';
import {SecurityGroupRule} from './model/SecurityGroupRule';

const DAFAULT_CIDR = '192.168.0.0/16';
const DEFAULT_SUBNET_CIDR = '192.168.0.0/18';
const DEFAULT_GATEWAY_IP = '192.168.0.1';
const DEFAULT_SECURITY_GROUP = 'kubernetes.io-default-sg';

/**
 * 查询某租户下默认的安全组列表
 * @param
 * @returns
 */
export async function listDefaultCCISecurityGroups(
  inputs: context.Inputs
): Promise<string> {
  const client = vpcv3.VpcClient.newBuilder()
    .withCredential(utils.getBasicCredentials(inputs))
    .withEndpoint(
      utils.getEndpoint(inputs.region, context.EndpointServiceName.VPC)
    )
    .withOptions({customUserAgent: context.CUSTOM_USER_AGENT})
    .build();
  const request = new vpcv3.ListSecurityGroupsRequest();
  const listRequestName = [];
  listRequestName.push(DEFAULT_SECURITY_GROUP);
  request.name = listRequestName;
  let obj
  try {
    const result: vpcv3.ListSecurityGroupsResponse =
    await client.listSecurityGroups(request);
    obj = JSON.parse(JSON.stringify(result));
    if (obj.httpStatusCode >= 300) {
      core.setFailed('List Security Groups Failed.');
    }
  } catch (error) {
    core.setFailed('List Security Groups Error.');
  }
  const securityGroups = obj.security_groups;
  if (securityGroups instanceof Array) {
    if (securityGroups.length <= 0) {
      const securityGroupId = await createDefaultCCISecurityGroups(inputs);
      await createDefaultCCISecurityGroupRule(securityGroupId, inputs);
      return Promise.resolve(securityGroupId);
    }
    const id = securityGroups[0].id;
    if (typeof id === 'string') {
      return Promise.resolve(id);
    }
  }
  throw new Error('List Security Groups Failed.');
}

/**
 * 创建安全组
 * @param
 * @returns
 */
export async function createDefaultCCISecurityGroups(
  inputs: context.Inputs
): Promise<string> {
  const client = vpc.VpcClient.newBuilder()
    .withCredential(utils.getBasicCredentials(inputs))
    .withEndpoint(
      utils.getEndpoint(inputs.region, context.EndpointServiceName.VPC)
    )
    .withOptions({customUserAgent: context.CUSTOM_USER_AGENT})
    .build();
  const request = new vpc.CreateSecurityGroupRequest();
  const body = new vpc.CreateSecurityGroupRequestBody();
  const securityGroupbody = new vpc.CreateSecurityGroupOption();
  securityGroupbody.withName(DEFAULT_SECURITY_GROUP);
  body.withSecurityGroup(securityGroupbody);
  request.withBody(body);
  try {
    const result = await client.createSecurityGroup(request);
    const obj = JSON.parse(JSON.stringify(result));
    if (obj.httpStatusCode >= 300) {
      core.setFailed('Create Default CCI Security Groups Failed.');
    }
    if (Object.prototype.hasOwnProperty.call(obj, 'security_group')) {
      const id = obj.security_group.id;
      if (typeof id === 'string') {
        return Promise.resolve(id);
      }
    }
  } catch (error) {
    core.setFailed('Create Default CCI Security Groups Error.');
  }
  
  throw new Error('Create Default CCI Security Groups Failed.');
}

/**
 * 创建安全组规则
 * @param
 * @returns
 */
export async function createDefaultCCISecurityGroupRule(
  securityGroupId: string,
  inputs: context.Inputs
): Promise<void> {
  const client = vpcv3.VpcClient.newBuilder()
    .withCredential(utils.getBasicCredentials(inputs))
    .withEndpoint(
      utils.getEndpoint(inputs.region, context.EndpointServiceName.VPC)
    )
    .withOptions({customUserAgent: context.CUSTOM_USER_AGENT})
    .build();
  const securityGroupRules: Array<SecurityGroupRule> = [
    new SecurityGroupRule(securityGroupId, 'ICMP', '8-0'),
    new SecurityGroupRule(securityGroupId, 'TCP', '1-65535'),
    new SecurityGroupRule(securityGroupId, 'UDP', '1-65535')
  ];

  securityGroupRules.forEach(async function (securityGroupRule) {
    const request = new vpcv3.CreateSecurityGroupRuleRequest();
    const body = new vpcv3.CreateSecurityGroupRuleRequestBody();
    const securityGroupRulebody = new vpcv3.CreateSecurityGroupRuleOption();
    securityGroupRulebody
      .withSecurityGroupId(securityGroupRule.securityGroupId)
      .withDirection(securityGroupRule.direction)
      .withEthertype(securityGroupRule.ethertype)
      .withProtocol(securityGroupRule.protocol)
      .withMultiport(securityGroupRule.multiport)
      .withRemoteIpPrefix(securityGroupRule.remoteIpPrefix)
      .withAction(securityGroupRule.action)
      .withPriority(securityGroupRule.priority);
    body.withSecurityGroupRule(securityGroupRulebody);
    request.withBody(body);
    try {
      const result = await client.createSecurityGroupRule(request);
      const obj = JSON.parse(JSON.stringify(result));
      if (obj.httpStatusCode >= 300) {
        core.setFailed('Create Default CCI Security Groups Failed.');
      }
    } catch (error) {
      core.setFailed('Create Default CCI Security Groups Error.');
    }
  });
}

/**
 * 创建VPC
 * @param
 * @returns
 */
export async function createVpc(inputs: context.Inputs): Promise<string> {
  const vpcName = 'CCI-VPC-' + utils.getRandomByDigit(8);

  const client = vpc.VpcClient.newBuilder()
    .withCredential(utils.getBasicCredentials(inputs))
    .withEndpoint(
      utils.getEndpoint(inputs.region, context.EndpointServiceName.VPC)
    )
    .withOptions({customUserAgent: context.CUSTOM_USER_AGENT})
    .build();
  const request = new vpc.CreateVpcRequest();
  const body = new vpc.CreateVpcRequestBody();
  const vpcbody = new vpc.CreateVpcOption();
  vpcbody.withCidr(DAFAULT_CIDR).withName(vpcName);
  body.withVpc(vpcbody);
  request.withBody(body);
  const result = await client.createVpc(request);
  const obj = JSON.parse(JSON.stringify(result));
  if (obj.httpStatusCode >= 300) {
    core.setFailed('Create VPC Failed.');
  }
  if (Object.prototype.hasOwnProperty.call(obj, 'vpc')) {
    const id = obj.vpc.id;
    if (typeof id === 'string') {
      return Promise.resolve(id);
    }
  }
  throw new Error('Create VPC Failed.');
}

/**
 * 创建Subnet
 * @param
 * @returns
 */
export async function createSubnet(vpcId: string): Promise<SubnetInfo> {
  const inputs: context.Inputs = context.getInputs();
  const subnetName = 'cci-subnet-' + utils.getRandomByDigit(8);

  const client = vpc.VpcClient.newBuilder()
    .withCredential(utils.getBasicCredentials(inputs))
    .withEndpoint(
      utils.getEndpoint(inputs.region, context.EndpointServiceName.VPC)
    )
    .withOptions({customUserAgent: context.CUSTOM_USER_AGENT})
    .build();
  const request = new vpc.CreateSubnetRequest();
  const body = new vpc.CreateSubnetRequestBody();
  const listSubnetExtraDhcpOpts = [];
  listSubnetExtraDhcpOpts.push(new vpc.ExtraDhcpOption().withOptName('ntp'));
  const subnetbody = new vpc.CreateSubnetOption();
  subnetbody
    .withName(subnetName)
    .withCidr(DEFAULT_SUBNET_CIDR)
    .withVpcId(vpcId)
    .withGatewayIp(DEFAULT_GATEWAY_IP)
    .withExtraDhcpOpts(listSubnetExtraDhcpOpts);
  body.withSubnet(subnetbody);
  request.withBody(body);
  try {
    const result = await client.createSubnet(request);
    if (result.httpStatusCode >= 300) {
      core.setFailed('Create Subnet Failed.');
    }
    const subnetInfo: SubnetInfo = JSON.parse(JSON.stringify(result.subnet));
    if (
      Object.prototype.hasOwnProperty.call(subnetInfo, 'cidr') &&
      Object.prototype.hasOwnProperty.call(subnetInfo, 'neutron_network_id') &&
      Object.prototype.hasOwnProperty.call(subnetInfo, 'neutron_subnet_id')
    ) {
      return Promise.resolve(subnetInfo);
    }
  } catch (error) {
    core.setFailed('Create Subnet Error.');
  }
  throw new Error('Create Subnet Failed.');
}