fressive
diff --git a/‎internal/k8s/container_manager.go‎
Lines changed: 97 additions & 44 deletions b/‎internal/k8s/container_manager.go‎
Lines changed: 97 additions & 44 deletions
diff --git a/‎plugins/cron/container_cron.go‎
Lines changed: 1 addition & 1 deletion b/‎plugins/cron/container_cron.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎server/router/api/v1/challenge_service.go‎
Lines changed: 1 addition & 1 deletion b/‎server/router/api/v1/challenge_service.go‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎server/router/api/v1/container_service.go‎
Lines changed: 86 additions & 4 deletions b/‎server/router/api/v1/container_service.go‎
Lines changed: 86 additions & 4 deletions
@@ -36,49 +36,58 @@ type ContainerManager struct {
 	Store     *store.Store
 }
 
-func (cm *ContainerManager) CreateChallengeContainer(c *store.Challenge, u *store.User, flag string, store *store.Store) (string, error) {
-	hash := util.SHA256(c.UUID + u.UUID)[:16]
+type ContainerCreatePayload struct {
+	Image                   string `json:"image" validate:"required"`
+	MemoryLimit             string `json:"memory_limit" default:"128Mi"`
+	CPULimit                string `json:"cpu_limit" default:"100m"`
+	StorageLimit            string `json:"storage_limit" default:"1Gi"`
+	ExposedPort             int    `json:"exposed_port"`
+	RegistryAccessTokenUUID string `json:"registry_access_token_uuid"`
+}
+
+type ContainerInfo struct {
+	Identifier string            `json:"-"`
+	Labels     map[string]string `json:"-"`
+	Flag       string            `json:"-"`
+}
+
+func (cm *ContainerManager) CreateContainer(payload *ContainerCreatePayload, info *ContainerInfo, store *store.Store) (string, string, error) {
+	hash := util.SHA256(info.Identifier)[:16]
 	name := "container-" + hash
 	// Create a container in k8s
+
+	info.Labels["identifier"] = info.Identifier
+
 	deployment := &appv1.Deployment{
 		ObjectMeta: metav1.ObjectMeta{
-			Name: name,
-			Labels: map[string]string{
-				"challenge": c.UUID,
-				"user":      u.UUID,
-			},
+			Name:   name,
+			Labels: info.Labels,
 		},
 		Spec: appv1.DeploymentSpec{
 			Replicas: ptr.To[int32](1),
 			Selector: &metav1.LabelSelector{
-				MatchLabels: map[string]string{
-					"challenge": c.UUID,
-					"user":      u.UUID,
-				},
+				MatchLabels: info.Labels,
 			},
 			Template: v1.PodTemplateSpec{
 				ObjectMeta: metav1.ObjectMeta{
-					Labels: map[string]string{
-						"challenge": c.UUID,
-						"user":      u.UUID,
-					},
+					Labels: info.Labels,
 				},
 				Spec: v1.PodSpec{
 					Containers: []v1.Container{
 						{
 							Name:  "challenge",
-							Image: c.Image.Name,
+							Image: payload.Image,
 							Env: []v1.EnvVar{
 								{
 									Name:  "HOSHINO_FLAG",
-									Value: flag,
+									Value: info.Flag,
 								},
 							},
 							Resources: v1.ResourceRequirements{
 								Limits: v1.ResourceList{
-									v1.ResourceCPU:                    resource.MustParse(c.Image.CPULimit),
-									v1.ResourceMemory:                 resource.MustParse(c.Image.MemoryLimit),
-									v1.ResourceLimitsEphemeralStorage: resource.MustParse(c.Image.StorageLimit),
+									v1.ResourceCPU:              resource.MustParse(payload.CPULimit),
+									v1.ResourceMemory:           resource.MustParse(payload.MemoryLimit),
+									v1.ResourceEphemeralStorage: resource.MustParse(payload.StorageLimit),
 								},
 							},
 						},
@@ -93,28 +102,22 @@ func (cm *ContainerManager) CreateChallengeContainer(c *store.Challenge, u *stor
 	if err != nil {
 		// handle error
 		slog.Error(err.Error())
-		return "", err
+		return "", "", err
 	}
 
 	slog.Info(fmt.Sprintf("Deployment created: %s", deploymentObj.Name))
 
 	service := &v1.Service{
 		ObjectMeta: metav1.ObjectMeta{
-			Name: name + "-service",
-			Labels: map[string]string{
-				"challenge": c.UUID,
-				"user":      u.UUID,
-			},
+			Name:   name + "-service",
+			Labels: info.Labels,
 		},
 		Spec: v1.ServiceSpec{
-			Selector: map[string]string{
-				"challenge": c.UUID,
-				"user":      u.UUID,
-			},
+			Selector: info.Labels,
 			Ports: []v1.ServicePort{
 				{
-					Port:       int32(c.ExposedPort),
-					TargetPort: intstr.FromInt(c.ExposedPort),
+					Port:       int32(payload.ExposedPort),
+					TargetPort: intstr.FromInt(payload.ExposedPort),
 				},
 			},
 		},
@@ -124,25 +127,49 @@ func (cm *ContainerManager) CreateChallengeContainer(c *store.Challenge, u *stor
 	if err != nil {
 		// handle error
 		slog.Error(err.Error())
-		return "", err
+		return "", "", err
 	}
 
 	slog.Info(fmt.Sprintf("Service created: %s, %d", serviceObj.Name, serviceObj.Spec.Ports[0].NodePort))
 
 	containerUUID := util.UUID()
 
+	pods, err := cm.K8SClient.CoreV1().Pods("challenge-containers").List(context.Background(), metav1.ListOptions{
+		LabelSelector: fmt.Sprintf("identifier=%s", info.Identifier),
+	})
+
+	if err != nil {
+		// handle error
+		slog.Error(err.Error())
+		return "", "", err
+	}
+
+	if len(pods.Items) == 0 {
+		slog.Warn("No pod found")
+		return "", "", fmt.Errorf("No pod found")
+	}
+
+	pod := pods.Items[0]
+	nodeName := pod.Spec.NodeName
+	nodeDomain := ""
+	node, err := cm.K8SClient.CoreV1().Nodes().Get(context.Background(), nodeName, metav1.GetOptions{})
+
+	if domain, ok := node.Labels["node-domain"]; ok {
+		nodeDomain = domain
+	} else {
+		slog.Warn("Node domain not found, using default domain")
+		nodeDomain = store.GetSettingString("node_domain")
+	}
+
 	ingress := &networkingv1.Ingress{
 		ObjectMeta: metav1.ObjectMeta{
-			Name: name + "-ingress",
-			Labels: map[string]string{
-				"challenge": c.UUID,
-				"user":      u.UUID,
-			},
+			Name:   name + "-ingress",
+			Labels: info.Labels,
 		},
 		Spec: networkingv1.IngressSpec{
 			Rules: []networkingv1.IngressRule{
 				{
-					Host: fmt.Sprintf("%s.%s", containerUUID, store.GetSettingString("node_domain")),
+					Host: fmt.Sprintf("%s.%s", containerUUID, nodeDomain),
 					IngressRuleValue: networkingv1.IngressRuleValue{
 						HTTP: &networkingv1.HTTPIngressRuleValue{
 							Paths: []networkingv1.HTTPIngressPath{
@@ -153,7 +180,7 @@ func (cm *ContainerManager) CreateChallengeContainer(c *store.Challenge, u *stor
 										Service: &networkingv1.IngressServiceBackend{
 											Name: name + "-service",
 											Port: networkingv1.ServiceBackendPort{
-												Number: int32(c.ExposedPort),
+												Number: int32(payload.ExposedPort),
 											},
 										},
 									},
@@ -169,15 +196,15 @@ func (cm *ContainerManager) CreateChallengeContainer(c *store.Challenge, u *stor
 	if err != nil {
 		// handle error
 		slog.Error(err.Error())
-		return "", err
+		return "", "", err
 	}
 
 	slog.Info(fmt.Sprintf("Ingress created: %s", ingressObj.Name))
-	return containerUUID, nil
+	return containerUUID, nodeDomain, nil
 }
 
-func (cm *ContainerManager) DisposeChallengeContainer(c *store.Challenge, u *store.User) error {
-	hash := util.SHA256(c.UUID + u.UUID)[:16]
+func (cm *ContainerManager) DisposeContainer(identifier string) error {
+	hash := util.SHA256(identifier)[:16]
 	name := "container-" + hash
 	// Delete a container in k8s
 	err := cm.K8SClient.AppsV1().Deployments("challenge-containers").Delete(context.Background(), name, metav1.DeleteOptions{})
@@ -203,3 +230,29 @@ func (cm *ContainerManager) DisposeChallengeContainer(c *store.Challenge, u *sto
 
 	return nil
 }
+
+func (cm *ContainerManager) CreateChallengeContainer(c *store.Challenge, u *store.User, flag string, s *store.Store) (string, string, error) {
+	payload := &ContainerCreatePayload{
+		Image:                   c.Image.Name,
+		MemoryLimit:             c.Image.MemoryLimit,
+		CPULimit:                c.Image.CPULimit,
+		StorageLimit:            c.Image.StorageLimit,
+		ExposedPort:             c.Image.ExposedPort,
+		RegistryAccessTokenUUID: c.Image.RegistryAccessTokenUUID,
+	}
+
+	info := &ContainerInfo{
+		Identifier: c.UUID + u.UUID,
+		Labels: map[string]string{
+			"challenge": c.UUID,
+			"user":      u.UUID,
+		},
+		Flag: flag,
+	}
+
+	return cm.CreateContainer(payload, info, s)
+}
+
+func (cm *ContainerManager) DisposeChallengeContainer(c *store.Challenge, u *store.User) error {
+	return cm.DisposeContainer(c.UUID + u.UUID)
+}
@@ -35,7 +35,7 @@ func InitContainerCron(s *store.Store, cm *k8s.ContainerManager) {
 		}
 
 		for _, container := range expiredContainers {
-			if err := cm.DisposeChallengeContainer(container.Challenge, container.Creator); err != nil {
+			if err := cm.DisposeContainer(container.Identifier); err != nil {
 				slog.Error("Failed to delete container: " + err.Error())
 			}
 
 
@@ -24,11 +24,11 @@ import (
 type CreateChallengePayload struct {
 	Name                string   `json:"name" validate:"required"`
 	Description         string   `json:"description" validate:"required"`
-	Attachments         []string `json:"attachments"`
 	Category            string   `json:"category" validate:"required"`
 	Tags                []string `json:"tags"`
 	ExpireTime          int64    `json:"expire_time" validate:"required"`
 	AfterExpiredOptions int32    `json:"after_expired_options" validate:"required"`
+	Attachments         []string `json:"attachments"`
 
 	Image                   string `json:"image"`
 	MemoryLimit             string `json:"memory_limit"`
 
@@ -24,11 +24,13 @@ import (
 	"github.com/google/uuid"
 	"github.com/labstack/echo/v4"
 	"github.com/spf13/cast"
+	"rina.icu/hoshino/internal/k8s"
+	"rina.icu/hoshino/internal/util"
 	"rina.icu/hoshino/server/context"
 	"rina.icu/hoshino/store"
 )
 
-func CreateContainer(c echo.Context) error {
+func CreateChallengeContainer(c echo.Context) error {
 	ctx := c.(*context.CustomContext)
 
 	challenge, err := ctx.Store.GetChallengeByUUID(c.Param("challenge_uuid"))
@@ -62,14 +64,15 @@ func CreateContainer(c echo.Context) error {
 
 	slog.Info("Creating container for challenge %s", slog.Any("challenge", challenge))
 
-	uuid, err := ctx.ContainerManager.CreateChallengeContainer(challenge, user, flag, ctx.Store)
+	uuid, nodeDomain, err := ctx.ContainerManager.CreateChallengeContainer(challenge, user, flag, ctx.Store)
 	containerModel := &store.Container{
 		Creator:          user,
 		Challenge:        challenge,
 		UUID:             uuid,
 		Status:           store.ContainerStatusRunning,
 		ExpireTime:       time.Now().Unix() + cast.ToInt64(ctx.Store.GetSettingInt("container_expire_time")),
 		LeftRenewalTimes: ctx.Store.GetSettingInt("max_container_renewal_times"),
+		Identifier:       challenge.UUID + user.UUID,
 	}
 
 	flagModel := &store.Flag{
@@ -88,12 +91,12 @@ func CreateContainer(c echo.Context) error {
 
 	return OKWithData(&c, map[string]interface{}{
 		"uuid":     uuid,
-		"entrance": fmt.Sprintf("%s.%s", uuid, ctx.Store.GetSettingString("node_domain")),
+		"entrance": fmt.Sprintf("%s.%s", uuid, nodeDomain),
 		"expire":   containerModel.ExpireTime,
 	})
 }
 
-func DisposeContainer(c echo.Context) error {
+func DisposeChallengeContainer(c echo.Context) error {
 	ctx := c.(*context.CustomContext)
 
 	challenge, err := ctx.Store.GetChallengeByUUID(c.Param("challenge_uuid"))
@@ -123,3 +126,82 @@ func DisposeContainer(c echo.Context) error {
 
 	return OK(&c)
 }
+
+func CreateContainer(c echo.Context) error {
+	ctx := c.(*context.CustomContext)
+
+	user, _ := GetUserFromToken(&c)
+	game, _ := ctx.Store.GetGameByUUID(c.Param("game_uuid"))
+
+	if user.Privilege < store.UserPrivilegeAdministrator && !game.IsManager(user) {
+		return PermissionDenied(&c)
+	}
+
+	payload := new(k8s.ContainerCreatePayload)
+	if err := c.Bind(payload); err != nil {
+		return Failed(&c, "Bad request")
+	}
+
+	identifier := "test-" + util.SHA256(util.UUID())[:16]
+
+	flag := fmt.Sprintf("%s{%s}", game.FlagPrefix, util.GenerateFlagContent(c.QueryParams().Get("flag_format"), user.UUID))
+	// this is a test container, so we don't need to create the flag model
+
+	info := &k8s.ContainerInfo{
+		Identifier: identifier,
+		Labels: map[string]string{
+			"test": "true",
+			"game": game.UUID,
+			"user": user.UUID,
+		},
+		Flag: flag,
+	}
+
+	uuid, nodeDomain, err := ctx.ContainerManager.CreateContainer(payload, info, ctx.Store)
+
+	if err != nil {
+		return Failed(&c, "Unable to create container.")
+	}
+
+	container := &store.Container{
+		Creator:          user,
+		UUID:             uuid,
+		Status:           store.ContainerStatusRunning,
+		ExpireTime:       time.Now().Unix() + cast.ToInt64(ctx.Store.GetSettingInt("container_expire_time")),
+		LeftRenewalTimes: ctx.Store.GetSettingInt("max_container_renewal_times"),
+		Identifier:       identifier,
+	}
+
+	ctx.Store.CreateContainer(container)
+
+	return OKWithData(&c, map[string]interface{}{
+		"identifier": identifier,
+		"uuid":       uuid,
+		"entrance":   fmt.Sprintf("%s.%s", uuid, nodeDomain),
+		"flag":       flag,
+	})
+}
+
+func DisposeContainer(c echo.Context) error {
+	ctx := c.(*context.CustomContext)
+
+	user, _ := GetUserFromToken(&c)
+	game, _ := ctx.Store.GetGameByUUID(c.Param("game_uuid"))
+
+	if user.Privilege < store.UserPrivilegeAdministrator && !game.IsManager(user) {
+		return PermissionDenied(&c)
+	}
+
+	container, err := ctx.Store.GetContainerByUUID(c.Param("container_uuid"))
+
+	if err != nil {
+		return Failed(&c, "Unable to fetch container")
+	}
+
+	ctx.ContainerManager.DisposeContainer(container.Identifier)
+
+	container.Status = store.ContainerStatusStopped
+	ctx.Store.UpdateContainer(container)
+
+	return OK(&c)
+}
Original file line number	Diff line number	Diff line change
`@@ -35,7 +35,7 @@ func InitContainerCron(s store.Store, cm k8s.ContainerManager) {`
`35`	`35`	`}`
`36`	`36`
`37`	`37`	`for _, container := range expiredContainers {`
`38`		`- if err := cm.DisposeChallengeContainer(container.Challenge, container.Creator); err != nil {`
	`38`	`+ if err := cm.DisposeContainer(container.Identifier); err != nil {`
`39`	`39`	`slog.Error("Failed to delete container: " + err.Error())`
`40`	`40`	`}`
`41`	`41`