feat: autoselect node,error messaging improvement , node group and custom shell support (#2925)

* passing nodeSelector field as empty in templates

* added node name in fetch terminal status api

* minor code restructuring

* updating template data using map interface conversion

* error message improvement in case of pod termination

* wrong nodename fix

* pod template error fix

* fix

* added shell validation method

* error logging added

* error reason field added in UserTerminalSessionResponse

* wip

* validate shell api

* info logs added

* fix

* debug stmts added

* cmd args fix

* added node group filed for NodeCapacityDetail obj

* code debugging

* node group added for k-ops and aws cluster type

* fix

* node group added for gcp type cluster nodes

* added code comments

* code restructuring

* valid shell api debug

* fix

* added debug stmt

* added shell not supported error messaging

* error message fix

* fix

* nil ptr err fix

* added shell auto selection

* fix

* sending shell name back in case of invalid shell

* added shell validation inside updateShell api

* sending shell not supported reason in API response

* node grouping

* json key name fix

* provided validate shell functionality in terminal status api

* route fix

* added nodegroup name in cluster list api

* shellName added

* json key change

* error messaging refactoring

* enhanced error message

* showing shell name in shell not supported message

* terminate status fix and log statements added

* nil ptr checks added

* nil ptr checks added

* sending pod status and errorReason in pod events api

* fix

* fix

* updating terminal status in cache

* pod terminate error fix

* added mutex locking at some missing places

* added mutex locking at some missing places

* removed commented code

* code review changes

* added constants for keys used in manifest

* removed info message and comments

* removed info message and comments

Author: gireesh-naidu

api/terminal/UserTerminalAccessRestHandler.go

@@ -25,6 +25,13 @@ type UserTerminalAccessRestHandler interface {
 	DisconnectAllTerminalSessionAndRetry(w http.ResponseWriter, r *http.Request)
 	FetchTerminalPodEvents(w http.ResponseWriter, r *http.Request)
 	FetchTerminalPodManifest(w http.ResponseWriter, r *http.Request)
+	ValidateShell(w http.ResponseWriter, r *http.Request)
+}
+
+type validShellResponse struct {
+	IsValidShell bool   `json:"isValidShell"`
+	ErrorReason  string `json:"errorReason"`
+	ShellName    string `json:"shellName"`
 }
 
 type UserTerminalAccessRestHandlerImpl struct {
@@ -45,7 +52,35 @@ func NewUserTerminalAccessRestHandlerImpl(logger *zap.SugaredLogger, userTermina
 		validator:                 validator,
 	}
 }
-
+func (handler UserTerminalAccessRestHandlerImpl) ValidateShell(w http.ResponseWriter, r *http.Request) {
+	userId, err := handler.UserService.GetLoggedInUser(r)
+	if userId == 0 || err != nil {
+		common.WriteJsonResp(w, err, "Unauthorized User", http.StatusUnauthorized)
+		return
+	}
+	vars := mux.Vars(r)
+	podName := vars["podName"]
+	namespace := vars["namespace"]
+	shellName := vars["shellName"]
+	clusterId, err := strconv.Atoi(vars["clusterId"])
+	if err != nil {
+		handler.Logger.Errorw("error in parsing clusterId from request", "clusterId", clusterId, "err", err)
+		common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
+		return
+	}
+	token := r.Header.Get("token")
+	if ok := handler.Enforcer.Enforce(token, casbin.ResourceGlobal, casbin.ActionCreate, "*"); !ok {
+		common.WriteJsonResp(w, errors.New("unauthorized"), nil, http.StatusForbidden)
+		return
+	}
+	res, shell, err := handler.UserTerminalAccessService.ValidateShell(podName, namespace, shellName, clusterId)
+	reason := ""
+	if err != nil {
+		reason = err.Error()
+	}
+	resp := validShellResponse{IsValidShell: res, ErrorReason: reason, ShellName: shell}
+	common.WriteJsonResp(w, nil, resp, http.StatusOK)
+}
 func (handler UserTerminalAccessRestHandlerImpl) StartTerminalSession(w http.ResponseWriter, r *http.Request) {
 	userId, err := handler.UserService.GetLoggedInUser(r)
 	if userId == 0 || err != nil {
@@ -161,6 +196,8 @@ func (handler UserTerminalAccessRestHandlerImpl) FetchTerminalStatus(w http.Resp
 	}
 	vars := mux.Vars(r)
 	terminalAccessId, err := strconv.Atoi(vars["terminalAccessId"])
+	namespace := vars["namespace"]
+	shellName := vars["shellName"]
 	if err != nil {
 		handler.Logger.Errorw("request err, FetchTerminalStatus", "err", err)
 		common.WriteJsonResp(w, err, nil, http.StatusBadRequest)
@@ -172,7 +209,7 @@ func (handler UserTerminalAccessRestHandlerImpl) FetchTerminalStatus(w http.Resp
 		common.WriteJsonResp(w, errors.New("unauthorized"), nil, http.StatusForbidden)
 		return
 	}
-	sessionResponse, err := handler.UserTerminalAccessService.FetchTerminalStatus(r.Context(), terminalAccessId)
+	sessionResponse, err := handler.UserTerminalAccessService.FetchTerminalStatus(r.Context(), terminalAccessId, namespace, shellName)
 	if err != nil {
 		handler.Logger.Errorw("service err, FetchTerminalStatus", "err", err)
 		common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
@@ -201,13 +238,13 @@ func (handler UserTerminalAccessRestHandlerImpl) FetchTerminalPodEvents(w http.R
 		return
 	}
 
-	podEvents, err := handler.UserTerminalAccessService.FetchPodEvents(r.Context(), terminalAccessId)
+	resp, err := handler.UserTerminalAccessService.FetchPodEvents(r.Context(), terminalAccessId)
 	if err != nil {
 		handler.Logger.Errorw("service err, FetchTerminalPodEvents", "err", err)
 		common.WriteJsonResp(w, err, nil, http.StatusInternalServerError)
 		return
 	}
-	common.WriteJsonResp(w, nil, podEvents, http.StatusOK)
+	common.WriteJsonResp(w, nil, resp, http.StatusOK)
 }
 
 func (handler UserTerminalAccessRestHandlerImpl) FetchTerminalPodManifest(w http.ResponseWriter, r *http.Request) {

api/terminal/UserTerminalAccessRouter.go

@@ -26,7 +26,7 @@ func (router UserTerminalAccessRouterImpl) InitTerminalAccessRouter(userTerminal
 	userTerminalAccessRouter.Path("/start").
 		HandlerFunc(router.userTerminalAccessRestHandler.StartTerminalSession).Methods("POST")
 	userTerminalAccessRouter.Path("/get").
-		HandlerFunc(router.userTerminalAccessRestHandler.FetchTerminalStatus).Queries("terminalAccessId", "{terminalAccessId}").Methods("GET")
+		HandlerFunc(router.userTerminalAccessRestHandler.FetchTerminalStatus).Queries("terminalAccessId", "{terminalAccessId}", "namespace", "{namespace}", "shellName", "{shellName}").Methods("GET")
 	userTerminalAccessRouter.Path("/pod/events").
 		HandlerFunc(router.userTerminalAccessRestHandler.FetchTerminalPodEvents).Queries("terminalAccessId", "{terminalAccessId}").Methods("GET")
 	userTerminalAccessRouter.Path("/pod/manifest").
@@ -37,6 +37,7 @@ func (router UserTerminalAccessRouterImpl) InitTerminalAccessRouter(userTerminal
 		HandlerFunc(router.userTerminalAccessRestHandler.StopTerminalSession).Queries("terminalAccessId", "{terminalAccessId}").Methods("PUT")
 	userTerminalAccessRouter.Path("/disconnectAndRetry").
 		HandlerFunc(router.userTerminalAccessRestHandler.DisconnectAllTerminalSessionAndRetry).Methods("POST")
+	userTerminalAccessRouter.Path("/validateShell").Queries("podName", "{podName}", "namespace", "{namespace}", "shellName", "{shellName}", "clusterId", "{clusterId}").HandlerFunc(router.userTerminalAccessRestHandler.ValidateShell)
 
 	//TODO fetch all user running/starting pods
 	//TODO fetch all running/starting pods also include sessionIds if session exists

internal/sql/models/UserTerminalSession.go

@@ -12,8 +12,14 @@ type UserTerminalSessionRequest struct {
 type UserTerminalShellSessionRequest struct {
 	TerminalAccessId int    `json:"terminalAccessId" validate:"number,gt=0"`
 	ShellName        string `json:"shellName" validate:"required,min=1"`
+	NameSpace        string `json:"namespace" validate:"required,min=1"`
 }
 
+type UserTerminalPodEvents struct {
+	Status         string      `json:"status"`
+	ErrorReason    string      `json:"errorReason"`
+	EventsResponse interface{} `json:"eventsResponse"`
+}
 type UserTerminalSessionConfig struct {
 	MaxSessionPerUser                 int    `env:"MAX_SESSION_PER_USER" envDefault:"5"`
 	TerminalPodStatusSyncTimeInSecs   int    `env:"TERMINAL_POD_STATUS_SYNC_In_SECS" envDefault:"600"`
@@ -26,7 +32,11 @@ type UserTerminalSessionResponse struct {
 	UserId                int32             `json:"userId"`
 	TerminalAccessId      int               `json:"terminalAccessId"`
 	Status                TerminalPodStatus `json:"status"`
+	ErrorReason           string            `json:"errorReason"`
 	PodName               string            `json:"podName"`
+	NodeName              string            `json:"nodeName"`
+	IsValidShell          bool              `json:"isValidShell"`
+	ShellName             string            `json:"shellName"`
 }
 
 const TerminalAccessPodNameTemplate = "terminal-access-" + TerminalAccessClusterIdTemplateVar + "-" + TerminalAccessUserIdTemplateVar + "-" + TerminalAccessRandomIdVar
@@ -44,6 +54,9 @@ const TerminalAccessClusterRoleBindingTemplate = TerminalAccessPodNameTemplate +
 const TerminalAccessServiceAccountTemplateName = "terminal-access-service-account"
 const TerminalAccessServiceAccountTemplate = TerminalAccessPodNameTemplate + "-sa"
 const MaxSessionLimitReachedMsg = "session-limit-reached"
+const AUTO_SELECT_NODE string = "autoSelectNode"
+const ShellNotSupported string = "'%s' is not supported for the selected image"
+const AutoSelectShell string = "autoSelectShell"
 
 type TerminalPodStatus string