feat: add atomic config update endpoint

Author: stas-nc

docs/registry.md

@@ -10,9 +10,9 @@ Currently, Registry supports authentication only. All authenticated entities wil
 
 The following authentication providers are supported:
 
-- **OpenID Connect**. Turned **off** by default.
-- **Locally configured login/password**. Default credentials: `root` / `pwd`.
-- **Locally configured Bearer token** for API machine-to-machine access. Default credentials: `Bearer cm9vdF9hcGlfdG9rZW4=:dG9rZW5fc2VjcmV0` or `Bearer root_api_token:token_secret` after base64 decoding.
+-   **OpenID Connect**. Turned **off** by default.
+-   **Locally configured login/password**. Default credentials: `root` / `pwd`.
+-   **Locally configured Bearer token** for API machine-to-machine access. Default credentials: `Bearer cm9vdF9hcGlfdG9rZW4=:dG9rZW5fc2VjcmV0` or `Bearer root_api_token:token_secret` after base64 decoding.
 
 You can change default credentials via Registry UI, in the `Auth entities` page, or via API.
 
@@ -26,16 +26,16 @@ To configure OpenID:
 
 Sample configuration (values are JSON-encoded):
 
-| key                            | value                                   |
-|--------------------------------|-----------------------------------------|
-| **`baseUrl`**                  | `"https://ilc-registry.example.com/"`   |
-| **`auth.openid.enabled`**      | `true`                                  |
-| **`auth.openid.discoveryUrl`** | `"https://adfs.example.com/adfs/"`      |
-| **`auth.openid.clientId`**     | `"ba34c345-e543-6554-b0be-3e1097ddd32d"`|
-| **`auth.openid.clientSecret`** | `"XXXXXX"`                              |
+| key                            | value                                    |
+| ------------------------------ | ---------------------------------------- |
+| **`baseUrl`**                  | `"https://ilc-registry.example.com/"`    |
+| **`auth.openid.enabled`**      | `true`                                   |
+| **`auth.openid.discoveryUrl`** | `"https://adfs.example.com/adfs/"`       |
+| **`auth.openid.clientId`**     | `"ba34c345-e543-6554-b0be-3e1097ddd32d"` |
+| **`auth.openid.clientSecret`** | `"XXXXXX"`                               |
 
 !!! warning ""
-    OpenID Connect returnURL should be specified at provider in the following format: `{baseUrl}/auth/openid/return`
+OpenID Connect returnURL should be specified at provider in the following format: `{baseUrl}/auth/openid/return`
 
 ## User Interface
 
@@ -51,25 +51,85 @@ to see how UI communicates with API. You can also explore code starting from the
 It is a common practice to store JS/CSS files of the micro frontend apps at CDN using unique URLs. For example,
 `https://site.com/layoutfragments-ui/app.80de7d4e36eae32662d2.js`.
 
-By following this this approach, you need to update 
+By following this this approach, you need to update
 links to the JS/CSS bundles in the Registry after each deployment.
 
 To do this, there are the following options (at least):
 
-- Manually via UI (_not recommended_)
-- Using Registry API (see [API](#api) section above)
-- **Using App Assets discovery mechanism**
+-   Manually via UI (_not recommended_)
+-   Using Registry API (see [API](#api) section above)
+-   **Using App Assets discovery mechanism**
 
 When registering micro frontend in the ILC Registry, it is possible to set a file for the "Assets discovery url" that will be periodically fetched
 by the Registry. The idea is that this file will contain actual references to JS/CSS bundles and be updated on CDN **right after** every deployment.
 
 !!! example "`https://site.com/layoutfragments-ui/assets-discovery.json`"
-    ```json
+`json
     {
       "spaBundle": "https://site.com/layoutfragments-ui/app.80de7d4e36eae32662d2.js",
       "cssBundle": "./app.81340a47f3122508fd76.css", // It is possible to use relative links that will be resolved against the manifest URL
       "dependencies": {
         "react": "https://unpkg.com/react@16.13.1/umd/react.production.min.js"
       }
     }
-    ```
+    `
+
+## Batch Atomic Config Update
+
+Atomic config updates can be performed using the `PUT /api/v1/config` endpoint. Resource data will be replaced completely (except few keys, such as `adminNotes` or `l10nManifest`). If the `namespace` key is specified in app or route, all resources that are not listed in the config payload with same namespace value will be automatically removed. Below is an example of a JSON request body:
+
+```json
+{
+    "apps": [
+        {
+            "name": "Application name",
+            "assetsDiscoveryUrl": "Url to fetch assets location",
+            "ssr": {
+                "src": "SSR url",
+                "timeout": 3000
+            },
+            "props": {
+                "key": "value"
+            },
+            "ssrProps": {
+                "key": "value"
+            },
+            "configSelector": ["sharedPropertiesKey"],
+            "kind": "primary",
+            "discoveryMetadata": {},
+            "namespace": "Application namespace, used to as a part of unique identifier (application name and namespace). All apps, that are not listed in the config payload under this namespace will be automatically removed."
+        }
+    ],
+    "routes": [
+        {
+            "route": "/route/*",
+            "slots": {
+                "body": {
+                    "appName": "Application name",
+                    "props": {
+                        "key": "value"
+                    }
+                }
+            },
+            "namespace": "Route namespace, used to as a part of unique identifier (route value, domainId and namespace). All routes, that are not listed in the config payload under this namespace will be automatically removed."
+        }
+    ],
+    "sharedLibs": [
+        {
+            "name": "Library name",
+            "assetsDiscoveryUrl": "Url to fetch assets location"
+        }
+    ]
+}
+```
+
+There might be cases where you want to test your configuration before deploying services or simply perform a dry run of the config update action. To do this, call the `POST /api/v1/config/validate` endpoint with the same request body as the config update. This API returns a response in the following format:
+
+```json
+{
+    "valid": false,
+    "details": "Error details"
+}
+```
+
+Note, that this API is available only if using PostgreSQL database.

registry/server/appRoutes/routes/RoutesService.ts

@@ -45,25 +45,51 @@ export class RoutesService {
         });
     }
 
-    public async upsert(params: unknown, user: User, trxProvider: Knex.TransactionProvider) {
+    /**
+     * @returns routeId
+     */
+    public async upsert(params: unknown, user: User, trxProvider: Knex.TransactionProvider): Promise<AppRoute> {
         const { slots, ...appRoute } = await appRouteSchema.validateAsync(params, {
-            noDefaults: true,
+            noDefaults: false,
             externals: false,
         });
 
+        let savedAppRouteId;
         await this.db.versioning(user, { type: EntityTypes.routes, trxProvider }, async (trx) => {
             const result = await this.db(Tables.Routes)
                 .insert(prepareAppRouteToSave(appRoute), 'id')
                 .onConflict(this.db.raw('("orderPos", "domainIdIdxble", namespace) WHERE namespace IS NOT NULL'))
                 .merge()
                 .transacting(trx);
-            const savedAppRouteId = extractInsertedId(result as { id: number }[]);
+            savedAppRouteId = extractInsertedId(result as { id: number }[]);
             await this.db(Tables.RouteSlots).where('routeId', savedAppRouteId).delete().transacting(trx);
             await this.db
                 .batchInsert(Tables.RouteSlots, prepareAppRouteSlotsToSave(slots, savedAppRouteId))
                 .transacting(trx);
-            return extractInsertedId(result as { id: number }[]);
+            return savedAppRouteId;
         });
+        return { ...appRoute, id: savedAppRouteId };
+    }
+
+    public async deleteByNamespace(
+        namespace: string,
+        exclude: number[],
+        { user, trxProvider }: { user: User; trxProvider: Knex.TransactionProvider },
+    ) {
+        const trx = await trxProvider?.();
+        const routeIdsToDelete = await this.db(Tables.Routes)
+            .select('id')
+            .where({ namespace })
+            .whereNotIn('id', exclude)
+            .transacting(trx);
+
+        await Promise.all(
+            routeIdsToDelete.map(async (route) => {
+                await this.db.versioning(user, { type: EntityTypes.routes, id: route.id, trxProvider }, async (trx) => {
+                    await this.db(Tables.Routes).delete().where({ id: route.id }).transacting(trx);
+                });
+            }),
+        );
     }
 
     public isOrderPosError(error: any) {

registry/server/appRoutes/routes/deleteAppRoute.ts

@@ -2,8 +2,9 @@ import { Request, Response } from 'express';
 import Joi from 'joi';
 import * as httpErrors from '../../errorHandler/httpErrors';
 
-import db from '../../db';
 import validateRequestFactory from '../../common/services/validateRequest';
+import db from '../../db';
+import { Tables } from '../../db/structure';
 import { appRouteIdSchema } from '../interfaces';
 import { makeSpecialRoute } from '../services/transformSpecialRoutes';
 
@@ -20,28 +21,20 @@ const validateRequestBeforeDeleteAppRoute = validateRequestFactory([
     },
 ]);
 
-let idDefault404: number | undefined;
-
 const deleteAppRoute = async (req: Request<DeleteAppRouteRequestParams>, res: Response) => {
-    if (!idDefault404) {
-        const [default404] = await db
-            .select()
-            .from('routes')
-            .where({ route: makeSpecialRoute('404'), domainId: null });
-
-        idDefault404 = default404?.id;
-    }
+    const [default404Route] = await db(Tables.Routes)
+        .select()
+        .where({ route: makeSpecialRoute('404'), domainId: null });
 
     const appRouteId = req.params.id;
 
-    if (idDefault404 === +appRouteId) {
+    if (default404Route?.id === Number(appRouteId)) {
         throw new httpErrors.CustomError({
             message: "Default 404 error can't be deleted",
         });
     }
 
     await db.versioning(req.user, { type: 'routes', id: appRouteId }, async (transaction) => {
-        await db('route_slots').where('routeId', appRouteId).delete().transacting(transaction);
         const count = await db('routes').where('id', appRouteId).delete().transacting(transaction);
         if (!count) {
             throw new httpErrors.NotFoundError();

registry/server/apps/interfaces/index.ts

@@ -46,8 +46,8 @@ export interface AppDependencies {
 export const appNameSchema = Joi.string().trim().min(1);
 
 const commonApp = {
-    spaBundle: Joi.string().trim().uri().default(null),
-    cssBundle: Joi.string().trim().uri().default(null),
+    spaBundle: Joi.string().trim().uri(),
+    cssBundle: Joi.string().trim().uri(),
     assetsDiscoveryUrl: Joi.string().trim().uri().default(null),
     dependencies: Joi.object().default({}),
     props: Joi.object().default({}),
@@ -60,7 +60,7 @@ const commonApp = {
         .and('src', 'timeout')
         .empty({})
         .default(null),
-    kind: Joi.string().valid('primary', 'essential', 'regular', 'wrapper'),
+    kind: Joi.string().valid('primary', 'essential', 'regular', 'wrapper').default('regular'),
     wrappedWith: Joi.when('kind', {
         is: 'wrapper',
         then: Joi.any().custom(() => null),
@@ -81,9 +81,9 @@ const commonApp = {
             }),
     }),
     discoveryMetadata: Joi.object().default({}),
-    adminNotes: Joi.string().trim().default(null),
+    adminNotes: Joi.string().trim(),
     enforceDomain: Joi.number().default(null),
-    l10nManifest: Joi.string().max(255).default(null),
+    l10nManifest: Joi.string().max(255),
     versionId: Joi.string().strip(),
     namespace: Joi.string(),
 };

registry/server/common/services/entries/ApplicationEntry.ts

@@ -1,3 +1,5 @@
+import { Knex } from 'knex';
+import { User } from '../../../../typings/User';
 import { App, appSchema, partialAppSchema } from '../../../apps/interfaces';
 import { VersionedKnex } from '../../../db';
 import { Tables } from '../../../db/structure';
@@ -80,8 +82,8 @@ export class ApplicationEntry implements Entry {
         return savedApp;
     }
 
-    public async upsert(params: unknown, { user, trxProvider, fetchManifest = true }: UpsertOptions): Promise<void> {
-        const appDto = await appSchema.validateAsync(params, { noDefaults: true, externals: true });
+    public async upsert(params: unknown, { user, trxProvider, fetchManifest = true }: UpsertOptions): Promise<App> {
+        const appDto = await appSchema.validateAsync(params, { noDefaults: false, externals: true });
 
         const appManifest = fetchManifest ? await this.getManifest(appDto.assetsDiscoveryUrl) : {};
 
@@ -97,6 +99,27 @@ export class ApplicationEntry implements Entry {
                 .merge()
                 .transacting(trx);
         });
+        return appEntity;
+    }
+
+    public async deleteByNamespace(
+        namespace: string,
+        exclude: string[],
+        { user, trxProvider }: { user: User; trxProvider: Knex.TransactionProvider },
+    ) {
+        const trx = await trxProvider?.();
+        const appNamesToDelete = await this.db(Tables.Apps)
+            .select('name')
+            .where({ namespace })
+            .whereNotIn('name', exclude)
+            .transacting(trx);
+        await Promise.all(
+            appNamesToDelete.map(async (app) => {
+                await this.db.versioning(user, { type: EntityTypes.apps, id: app.name, trxProvider }, async (trx) => {
+                    await this.db(Tables.Apps).delete().where({ name: app.name }).transacting(trx);
+                });
+            }),
+        );
     }
 
     private cleanComplexDefaultKeys(appDTO: Omit<App, 'name'>, params: unknown) {

registry/server/common/services/entries/SharedLibEntry.ts

@@ -69,7 +69,7 @@ export class SharedLibEntry implements Entry {
         return savedSharedLib;
     }
     public async upsert(entity: unknown, { user, trxProvider, fetchManifest = true }: UpsertOptions): Promise<void> {
-        const sharedLibDto = await sharedLibSchema.validateAsync(entity, { noDefaults: true });
+        const sharedLibDto = await sharedLibSchema.validateAsync(entity, { noDefaults: false });
 
         const sharedLibManifest = fetchManifest
             ? await this.getManifest(sharedLibDto.assetsDiscoveryUrl)