[RFC0030 - 4] File-based service bindings (#4026)

* Adapt system env presenter

When the app feature 'file-based service bindings' is enabled,
SERVICE_BINDING_ROOT is returned instead of VCAP_SERVICES.

For an app using file-based service bindings the '/env' endpoint (i.e.
GET /v3/apps/:guid/env) returns the following:

  {
    ...
    "system_env_json": {
      "SERVICE_BINDING_ROOT": "/etc/cf-service-bindings"
    },
    ...
  }

The file runtime_environment/system_env_presenter_spec.rb has been
deleted because all the tests it contained are also present in
system_environment/system_env_presenter_spec.rb.

* Add builder for service binding files

- validate binding names and (credential) keys
- check for duplicate binding names
- check the total bytesize, maximum allowed size is 1MB
- files are added in the following order:
   1. credential keys
   2. VCAP_SERVICES attributes
   3. 'type' and 'provider'
- in case a credential key equals a VCAP_SERVICES attributes or 'type'
  or 'provider', it will be overwritten
- for VCAP_SERVICES attribute names, underscores are replaced by hyphens
- file content is serialized as JSON (non-string objects)

* Use ServiceBindingFilesBuilder in recipe builders

- AppRecipeBuilder -> Diego::Bbs::Models::DesiredLRP
- TaskRecipeBuilder -> Diego::Bbs::Models::TaskDefinition

* Rename 'file-based-service-bindings' to 'service-binding-k8s'

* Clarify binding naming convention in error message

* Add 'file-based-vcap-services' app feature functionality

---------

Co-authored-by: Sven Krieger <[email protected]>

Author: philippthun

app/controllers/runtime/apps_controller.rb

@@ -72,7 +72,7 @@ def read_env(guid)
                   staging_env_json: EnvironmentVariableGroup.staging.environment_json,
                   running_env_json: EnvironmentVariableGroup.running.environment_json,
                   environment_json: process.app.environment_variables,
-                  system_env_json: SystemEnvPresenter.new(process.service_bindings).system_env,
+                  system_env_json: SystemEnvPresenter.new(process).system_env,
                   application_env_json: { 'VCAP_APPLICATION' => vcap_application }
                 }, mode: :compat)
       ]

app/models/runtime/process_model.rb

@@ -177,6 +177,9 @@ def revisions_enabled?
       app.revisions_enabled
     end
 
+    delegate :service_binding_k8s_enabled, to: :app
+    delegate :file_based_vcap_services_enabled, to: :app
+
     def package_hash
       # this caches latest_package for performance reasons
       package = latest_package

app/presenters/system_environment/system_env_presenter.rb

@@ -2,11 +2,20 @@
 require 'presenters/system_environment/service_binding_presenter'
 
 class SystemEnvPresenter
-  def initialize(service_bindings)
-    @service_bindings = service_bindings
+  def initialize(app_or_process)
+    @service_binding_k8s_enabled = app_or_process.service_binding_k8s_enabled
+    @file_based_vcap_services_enabled = app_or_process.file_based_vcap_services_enabled
+    @service_bindings = app_or_process.service_bindings
   end
 
   def system_env
+    return { SERVICE_BINDING_ROOT: '/etc/cf-service-bindings' } if @service_binding_k8s_enabled
+    return { VCAP_SERVICES_FILE_PATH: '/etc/cf-service-bindings/vcap_services' } if @file_based_vcap_services_enabled
+
+    vcap_services
+  end
+
+  def vcap_services
     { VCAP_SERVICES: service_binding_env_variables }
   end
 

app/presenters/v3/app_env_presenter.rb

@@ -25,7 +25,7 @@ def to_hash
             environment_variables: app.environment_variables,
             staging_env_json: EnvironmentVariableGroup.staging.environment_json,
             running_env_json: EnvironmentVariableGroup.running.environment_json,
-            system_env_json: redact_hash(SystemEnvPresenter.new(app.service_bindings).system_env),
+            system_env_json: redact_hash(SystemEnvPresenter.new(app).system_env),
             application_env_json: vcap_application
           }
         end

lib/cloud_controller/backends/staging_environment_builder.rb

@@ -27,7 +27,7 @@ def build(app, space, lifecycle, memory_limit, staging_disk_in_mb, vars_from_mes
             'MEMORY_LIMIT' => "#{memory_limit}m"
           }
         ).
-        merge(SystemEnvPresenter.new(app.service_bindings).system_env.stringify_keys)
+        merge(SystemEnvPresenter.new(app).system_env.stringify_keys)
     end
   end
 end

lib/cloud_controller/diego/app_recipe_builder.rb

@@ -6,6 +6,7 @@
 require 'cloud_controller/diego/cnb/desired_lrp_builder'
 require 'cloud_controller/diego/process_guid'
 require 'cloud_controller/diego/ssh_key'
+require 'cloud_controller/diego/service_binding_files_builder'
 require 'credhub/config_helpers'
 require 'models/helpers/health_check_types'
 require 'cloud_controller/diego/main_lrp_action_builder'
@@ -100,7 +101,8 @@ def app_lrp_arguments
             organizational_unit: ["organization:#{process.organization.guid}", "space:#{process.space.guid}", "app:#{process.app_guid}"]
           ),
           image_username: process.desired_droplet.docker_receipt_username,
-          image_password: process.desired_droplet.docker_receipt_password
+          image_password: process.desired_droplet.docker_receipt_password,
+          volume_mounted_files: ServiceBindingFilesBuilder.build(process)
         }.compact
       end
 

lib/cloud_controller/diego/environment.rb

@@ -41,7 +41,7 @@ def common_json_and_merge(&blk)
           @initial_env.
           merge(process.environment_json || {}).
           merge(blk.call).
-          merge(SystemEnvPresenter.new(process.service_bindings).system_env)
+          merge(SystemEnvPresenter.new(process).system_env)
 
         diego_env = diego_env.merge(DATABASE_URL: process.database_uri) if process.database_uri
 

lib/cloud_controller/diego/service_binding_files_builder.rb

@@ -0,0 +1,111 @@
+module VCAP::CloudController
+  module Diego
+    class ServiceBindingFilesBuilder
+      class IncompatibleBindings < StandardError; end
+
+      MAX_ALLOWED_BYTESIZE = 1_000_000
+
+      def self.build(app_or_process)
+        new(app_or_process).build
+      end
+
+      def initialize(app_or_process)
+        @app_or_process = app_or_process
+        @service_binding_k8s_enabled = app_or_process.service_binding_k8s_enabled
+        @file_based_vcap_services = app_or_process.file_based_vcap_services_enabled
+        @service_bindings = app_or_process.service_bindings
+      end
+
+      def build
+        if @service_binding_k8s_enabled
+          build_service_binding_k8s
+        elsif @file_based_vcap_services
+          vcap_services = SystemEnvPresenter.new(@app_or_process).vcap_services[:VCAP_SERVICES]
+          build_vcap_service_file(vcap_services)
+        end
+      end
+
+      private
+
+      def build_service_binding_k8s
+        return nil unless @service_binding_k8s_enabled
+
+        service_binding_files = {}
+        names = Set.new # to check for duplicate binding names
+        total_bytesize = 0 # to check the total bytesize
+
+        @service_bindings.select(&:create_succeeded?).each do |service_binding|
+          sb_hash = ServiceBindingPresenter.new(service_binding, include_instance: true).to_hash
+          name = sb_hash[:name]
+          raise IncompatibleBindings.new("Invalid binding name: '#{name}'. Name must match #{binding_naming_convention.inspect}") unless valid_name?(name)
+          raise IncompatibleBindings.new("Duplicate binding name: #{name}") if names.add?(name).nil?
+
+          # add the credentials first
+          sb_hash.delete(:credentials)&.each { |k, v| total_bytesize += add_file(service_binding_files, name, k.to_s, v) }
+
+          # add the rest of the hash; already existing credential keys are overwritten
+          # VCAP_SERVICES attribute names are transformed (e.g. binding_guid -> binding-guid)
+          sb_hash.each { |k, v| total_bytesize += add_file(service_binding_files, name, transform_vcap_services_attribute(k.to_s), v) }
+
+          # add the type and provider
+          label = sb_hash[:label]
+          total_bytesize += add_file(service_binding_files, name, 'type', label)
+          total_bytesize += add_file(service_binding_files, name, 'provider', label)
+        end
+
+        raise IncompatibleBindings.new("Bindings exceed the maximum allowed bytesize of #{MAX_ALLOWED_BYTESIZE}: #{total_bytesize}") if total_bytesize > MAX_ALLOWED_BYTESIZE
+
+        service_binding_files.values
+      end
+
+      def build_vcap_service_file(vcap_services)
+        path = 'vcap_services'
+        vcap_services_string = Oj.dump(vcap_services, mode: :compat)
+        total_bytesize = vcap_services_string.bytesize + path.bytesize
+
+        raise IncompatibleBindings.new("Bindings exceed the maximum allowed bytesize of #{MAX_ALLOWED_BYTESIZE}: #{total_bytesize}") if total_bytesize > MAX_ALLOWED_BYTESIZE
+
+        [::Diego::Bbs::Models::File.new(path: path, content: vcap_services_string)]
+      end
+
+      def binding_naming_convention
+        /^[a-z0-9\-.]{1,253}$/
+      end
+
+      # - adds a Diego::Bbs::Models::File object to the service_binding_files hash
+      # - binding name is used as the directory name, key is used as the file name
+      # - returns the bytesize of the path and content
+      # - skips (and returns 0) if the value is nil or an empty array or hash
+      # - serializes the value to JSON if it is a non-string object
+      def add_file(service_binding_files, name, key, value)
+        raise IncompatibleBindings.new("Invalid file name: #{key}") unless valid_name?(key)
+
+        path = "#{name}/#{key}"
+        content = if value.nil?
+                    return 0
+                  elsif value.is_a?(String)
+                    value
+                  else
+                    return 0 if (value.is_a?(Array) || value.is_a?(Hash)) && value.empty?
+
+                    Oj.dump(value, mode: :compat)
+                  end
+
+        service_binding_files[path] = ::Diego::Bbs::Models::File.new(path:, content:)
+        path.bytesize + content.bytesize
+      end
+
+      def valid_name?(name)
+        name.match?(binding_naming_convention)
+      end
+
+      def transform_vcap_services_attribute(name)
+        if %w[binding_guid binding_name instance_guid instance_name syslog_drain_url volume_mounts].include?(name)
+          name.tr('_', '-')
+        else
+          name
+        end
+      end
+    end
+  end
+end

lib/cloud_controller/diego/task_environment.rb

@@ -19,7 +19,7 @@ def build
           initial_envs.
           merge(app_env).
           merge('VCAP_APPLICATION' => vcap_application, 'MEMORY_LIMIT' => "#{task.memory_in_mb}m").
-          merge(SystemEnvPresenter.new(app.service_bindings).system_env.stringify_keys)
+          merge(SystemEnvPresenter.new(app).system_env.stringify_keys)
 
         task_env = task_env.merge('VCAP_PLATFORM_OPTIONS' => credhub_url) if credhub_url.present? && cred_interpolation_enabled?
 

lib/cloud_controller/diego/task_recipe_builder.rb

@@ -5,6 +5,7 @@
 require 'cloud_controller/diego/bbs_environment_builder'
 require 'cloud_controller/diego/task_completion_callback_generator'
 require 'cloud_controller/diego/task_cpu_weight_calculator'
+require 'cloud_controller/diego/service_binding_files_builder'
 
 module VCAP::CloudController
   module Diego
@@ -52,7 +53,8 @@ def build_app_task(config, task)
             ]
           ),
           image_username: task.droplet.docker_receipt_username,
-          image_password: task.droplet.docker_receipt_password
+          image_password: task.droplet.docker_receipt_password,
+          volume_mounted_files: ServiceBindingFilesBuilder.build(task.app)
         }.compact)
       end
 
@@ -90,7 +92,8 @@ def build_staging_task(config, staging_details)
             ]
           ),
           image_username: staging_details.package.docker_username,
-          image_password: staging_details.package.docker_password
+          image_password: staging_details.package.docker_password,
+          volume_mounted_files: ServiceBindingFilesBuilder.build(staging_details.package.app)
         }.compact)
       end