start working on the frontend side
This commit is contained in:
Warp Agent
@@ -1,12 +1,17 @@
|
||||
package router
|
||||
|
||||
import (
|
||||
"context"
|
||||
"time"
|
||||
|
||||
"github.com/atlasos/calypso/internal/common/cache"
|
||||
"github.com/atlasos/calypso/internal/common/config"
|
||||
"github.com/atlasos/calypso/internal/common/database"
|
||||
"github.com/atlasos/calypso/internal/common/logger"
|
||||
"github.com/atlasos/calypso/internal/audit"
|
||||
"github.com/atlasos/calypso/internal/auth"
|
||||
"github.com/atlasos/calypso/internal/iam"
|
||||
"github.com/atlasos/calypso/internal/monitoring"
|
||||
"github.com/atlasos/calypso/internal/scst"
|
||||
"github.com/atlasos/calypso/internal/storage"
|
||||
"github.com/atlasos/calypso/internal/system"
|
||||
@@ -26,13 +31,104 @@ func NewRouter(cfg *config.Config, db *database.DB, log *logger.Logger) *gin.Eng
|
||||
|
||||
r := gin.New()
|
||||
|
||||
// Initialize cache if enabled
|
||||
var responseCache *cache.Cache
|
||||
if cfg.Server.Cache.Enabled {
|
||||
responseCache = cache.NewCache(cfg.Server.Cache.DefaultTTL)
|
||||
log.Info("Response caching enabled", "default_ttl", cfg.Server.Cache.DefaultTTL)
|
||||
}
|
||||
|
||||
// Middleware
|
||||
r.Use(ginLogger(log))
|
||||
r.Use(gin.Recovery())
|
||||
r.Use(corsMiddleware())
|
||||
r.Use(securityHeadersMiddleware(cfg))
|
||||
r.Use(rateLimitMiddleware(cfg, log))
|
||||
r.Use(corsMiddleware(cfg))
|
||||
|
||||
// Cache control headers (always applied)
|
||||
r.Use(cacheControlMiddleware())
|
||||
|
||||
// Response caching middleware (if enabled)
|
||||
if cfg.Server.Cache.Enabled {
|
||||
cacheConfig := CacheConfig{
|
||||
Enabled: cfg.Server.Cache.Enabled,
|
||||
DefaultTTL: cfg.Server.Cache.DefaultTTL,
|
||||
MaxAge: cfg.Server.Cache.MaxAge,
|
||||
}
|
||||
r.Use(cacheMiddleware(cacheConfig, responseCache))
|
||||
}
|
||||
|
||||
// Health check (no auth required)
|
||||
r.GET("/api/v1/health", healthHandler(db))
|
||||
// Initialize monitoring services
|
||||
eventHub := monitoring.NewEventHub(log)
|
||||
alertService := monitoring.NewAlertService(db, log)
|
||||
alertService.SetEventHub(eventHub) // Connect alert service to event hub
|
||||
metricsService := monitoring.NewMetricsService(db, log)
|
||||
healthService := monitoring.NewHealthService(db, log, metricsService)
|
||||
|
||||
// Start event hub in background
|
||||
go eventHub.Run()
|
||||
|
||||
// Start metrics broadcaster in background
|
||||
go func() {
|
||||
ticker := time.NewTicker(30 * time.Second) // Broadcast metrics every 30 seconds
|
||||
defer ticker.Stop()
|
||||
for {
|
||||
select {
|
||||
case <-ticker.C:
|
||||
if metrics, err := metricsService.CollectMetrics(context.Background()); err == nil {
|
||||
eventHub.BroadcastMetrics(metrics)
|
||||
}
|
||||
}
|
||||
}
|
||||
}()
|
||||
|
||||
// Initialize and start alert rule engine
|
||||
alertRuleEngine := monitoring.NewAlertRuleEngine(db, log, alertService)
|
||||
|
||||
// Register default alert rules
|
||||
alertRuleEngine.RegisterRule(monitoring.NewAlertRule(
|
||||
"storage-capacity-warning",
|
||||
"Storage Capacity Warning",
|
||||
monitoring.AlertSourceStorage,
|
||||
&monitoring.StorageCapacityCondition{ThresholdPercent: 80.0},
|
||||
monitoring.AlertSeverityWarning,
|
||||
true,
|
||||
"Alert when storage repositories exceed 80% capacity",
|
||||
))
|
||||
alertRuleEngine.RegisterRule(monitoring.NewAlertRule(
|
||||
"storage-capacity-critical",
|
||||
"Storage Capacity Critical",
|
||||
monitoring.AlertSourceStorage,
|
||||
&monitoring.StorageCapacityCondition{ThresholdPercent: 95.0},
|
||||
monitoring.AlertSeverityCritical,
|
||||
true,
|
||||
"Alert when storage repositories exceed 95% capacity",
|
||||
))
|
||||
alertRuleEngine.RegisterRule(monitoring.NewAlertRule(
|
||||
"task-failure",
|
||||
"Task Failure",
|
||||
monitoring.AlertSourceTask,
|
||||
&monitoring.TaskFailureCondition{LookbackMinutes: 60},
|
||||
monitoring.AlertSeverityWarning,
|
||||
true,
|
||||
"Alert when tasks fail within the last hour",
|
||||
))
|
||||
|
||||
// Start alert rule engine in background
|
||||
ctx := context.Background()
|
||||
go alertRuleEngine.Start(ctx)
|
||||
|
||||
// Health check (no auth required) - enhanced
|
||||
r.GET("/api/v1/health", func(c *gin.Context) {
|
||||
health := healthService.CheckHealth(c.Request.Context())
|
||||
statusCode := 200
|
||||
if health.Status == "unhealthy" {
|
||||
statusCode = 503
|
||||
} else if health.Status == "degraded" {
|
||||
statusCode = 200 // Still 200 but with degraded status
|
||||
}
|
||||
c.JSON(statusCode, health)
|
||||
})
|
||||
|
||||
// API v1 routes
|
||||
v1 := r.Group("/api/v1")
|
||||
@@ -132,7 +228,7 @@ func NewRouter(cfg *config.Config, db *database.DB, log *logger.Logger) *gin.Eng
|
||||
}
|
||||
|
||||
// IAM (admin only)
|
||||
iamHandler := iam.NewHandler(db, log)
|
||||
iamHandler := iam.NewHandler(db, cfg, log)
|
||||
iamGroup := protected.Group("/iam")
|
||||
iamGroup.Use(requireRole("admin"))
|
||||
{
|
||||
@@ -142,6 +238,24 @@ func NewRouter(cfg *config.Config, db *database.DB, log *logger.Logger) *gin.Eng
|
||||
iamGroup.PUT("/users/:id", iamHandler.UpdateUser)
|
||||
iamGroup.DELETE("/users/:id", iamHandler.DeleteUser)
|
||||
}
|
||||
|
||||
// Monitoring
|
||||
monitoringHandler := monitoring.NewHandler(db, log, alertService, metricsService, eventHub)
|
||||
monitoringGroup := protected.Group("/monitoring")
|
||||
monitoringGroup.Use(requirePermission("monitoring", "read"))
|
||||
{
|
||||
// Alerts
|
||||
monitoringGroup.GET("/alerts", monitoringHandler.ListAlerts)
|
||||
monitoringGroup.GET("/alerts/:id", monitoringHandler.GetAlert)
|
||||
monitoringGroup.POST("/alerts/:id/acknowledge", monitoringHandler.AcknowledgeAlert)
|
||||
monitoringGroup.POST("/alerts/:id/resolve", monitoringHandler.ResolveAlert)
|
||||
|
||||
// Metrics
|
||||
monitoringGroup.GET("/metrics", monitoringHandler.GetMetrics)
|
||||
|
||||
// WebSocket (no permission check needed, handled by auth middleware)
|
||||
monitoringGroup.GET("/events", monitoringHandler.WebSocketHandler)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -163,39 +277,5 @@ func ginLogger(log *logger.Logger) gin.HandlerFunc {
|
||||
}
|
||||
}
|
||||
|
||||
// corsMiddleware adds CORS headers
|
||||
func corsMiddleware() gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
c.Writer.Header().Set("Access-Control-Allow-Origin", "*")
|
||||
c.Writer.Header().Set("Access-Control-Allow-Credentials", "true")
|
||||
c.Writer.Header().Set("Access-Control-Allow-Headers", "Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With")
|
||||
c.Writer.Header().Set("Access-Control-Allow-Methods", "POST, OPTIONS, GET, PUT, DELETE, PATCH")
|
||||
|
||||
if c.Request.Method == "OPTIONS" {
|
||||
c.AbortWithStatus(204)
|
||||
return
|
||||
}
|
||||
|
||||
c.Next()
|
||||
}
|
||||
}
|
||||
|
||||
// healthHandler returns system health status
|
||||
func healthHandler(db *database.DB) gin.HandlerFunc {
|
||||
return func(c *gin.Context) {
|
||||
// Check database connection
|
||||
if err := db.Ping(); err != nil {
|
||||
c.JSON(503, gin.H{
|
||||
"status": "unhealthy",
|
||||
"error": "database connection failed",
|
||||
})
|
||||
return
|
||||
}
|
||||
|
||||
c.JSON(200, gin.H{
|
||||
"status": "healthy",
|
||||
"service": "calypso-api",
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user