diff --git a/ui/app/adapters/sentinel-policy.js b/ui/app/adapters/sentinel-policy.js index e16836bab1f..d319ce578fd 100644 --- a/ui/app/adapters/sentinel-policy.js +++ b/ui/app/adapters/sentinel-policy.js @@ -23,15 +23,4 @@ export default class SentinelPolicyAdapter extends ApplicationAdapter { urlForDeleteRecord(id) { return '/v1/sentinel/policy/' + id; } - - testAgainstJob(sentinelPolicy, job) { - const url = '/v1/sentinel/test-policy'; - - return this.ajax(url, 'POST', { - data: { - Job: job.get('_newDefinitionJSON'), - Policy: sentinelPolicy.policy, - }, - }); - } } diff --git a/ui/app/components/sentinel-policy-editor.hbs b/ui/app/components/sentinel-policy-editor.hbs index 8962cf73dac..ebe872815af 100644 --- a/ui/app/components/sentinel-policy-editor.hbs +++ b/ui/app/components/sentinel-policy-editor.hbs @@ -3,84 +3,17 @@ SPDX-License-Identifier: BUSL-1.1 ~}} -{{#if this.devMode}} - {{#if selectedJobspec}} -
- - -
- - {{#if (eq testResult "Passed")}} -
- - Policy Check Passed - - This policy check successfully passed. - - -
- {{/if}} - - {{#if (eq testResult "Failed")}} -
- - Policy Check failed - - This Policy check failed. - - -
- {{/if}} - -
-
- Job to test against -
-
-
-
-
- {{else}} -

- Select a Job Spec -

- - - {{#each this.jobs as |job|}} - - {{/each}} - +
+ {{#if @policy.isNew }} + + Policy Name + {{/if}}
@@ -89,10 +22,9 @@
-
- - - +
+
- {{#if (eq testResult "Passed")}} -
- - Policy Check Passed - - This policy check successfully passed. - - -
- {{/if}} +
+ + Enforcement Level + See Sentinel Policy documentation for more information. + + Advisory + + + Soft Mandatory + + + Hard Mandatory + + +
- {{#if (eq testResult "Failed")}} -
- - Policy Check failed - - This Policy check failed. - - -
- {{/if}} -{{else}} - - {{#if @policy.isNew }} - - Policy Name - +
+ {{#if (can "update sentinel-policy")}} + {{/if}} - -
-
- Policy Definition -
- -
-
-
-
-
-
- -
- -
- -
- - Enforcement Level - See Sentinel Policy documentation for more information. - - Advisory - - - Soft Mandatory - - - Hard Mandatory - - -
- -
- {{#if (can "update sentinel-policy")}} - - {{/if}} -
- -{{/if}} +
+ diff --git a/ui/app/components/sentinel-policy-editor.js b/ui/app/components/sentinel-policy-editor.js index 959e4bdf75f..35ed0c95c02 100644 --- a/ui/app/components/sentinel-policy-editor.js +++ b/ui/app/components/sentinel-policy-editor.js @@ -3,55 +3,18 @@ * SPDX-License-Identifier: BUSL-1.1 */ +// @ts-check + import Component from '@glimmer/component'; -import { action, computed } from '@ember/object'; +import { action } from '@ember/object'; import { inject as service } from '@ember/service'; import { alias } from '@ember/object/computed'; -import { tracked } from '@glimmer/tracking'; -import { task } from 'ember-concurrency'; import messageFromAdapterError from 'nomad-ui/utils/message-from-adapter-error'; export default class SentinelPolicyEditorComponent extends Component { @service notifications; @service router; @service store; - @tracked devMode = null; - @tracked jobs = null; - @tracked testResult = null; - @tracked selectedJobspec = ''; - // @tracked selectedJobspec = `job "hello-world" { - // group "servers" { - // count = 1 - - // network { - // port "www" { - // to = 8001 - // } - // } - - // task "web" { - // config { - // image = "busybox:1" - // command = "httpd" - // args = ["-v", "-f", "-p", "\${NOMAD_PORT_www}", "-h", "/local"] - // ports = ["www"] - // } - - // template { - // data = <<-EOF - //

Hello, Nomad!

- // EOF - // destination = "local/index.html" - // } - - // resources { - // cpu = 50 - // memory = 64 - // } - // } - // } - // } - // `; @alias('args.policy') policy; @@ -67,76 +30,6 @@ export default class SentinelPolicyEditorComponent extends Component { this.policy.set('enforcementLevel', id); } - @action updateSelectedJobspec(value) { - this.selectedJobspec = value; - } - - @action async enterDevMode() { - let jobs = await this.store.query('job', { meta: true }); - this.jobs = jobs; - this.devMode = true; - } - - @action exitDevMode() { - this.testResult = null; - this.selectedJobspec = ''; - this.devMode = false; - } - - @action async getJobspecOptions() { - return this.store.peekAll('submission'); - } - - /** - * A task that performs the job parsing and planning. - * On error, it calls the onError method. - */ - @(task(function* () { - this.testResult = null; - - let job = this.store.createRecord('job', { - _newDefinition: this.selectedJobspec, - }); - - try { - yield job.parse(); - } catch (err) { - this.onError(err, 'parse', 'parse jobs'); - return; - } - - let res = yield this.policy.testAgainstJob(job); - - if (res.Passed) { - this.testResult = 'Passed'; - } else { - this.testResult = 'Failed'; - this.testMessage = res.Message; - } - - console.log('res: ', res); - }).drop()) - testIt; - - @task(function* (arg) { - // TODO: This only works on default - const fullId = JSON.stringify([arg, 'default']); - let job = yield this.store.findRecord('job', fullId, { reload: true }); - console.log('job name', job.name); - const spec = yield job.fetchRawSpecification(); - console.log('spec', spec); - this.selectedJobspec = spec.Source; - yield true; - }) - selectJob; - - @computed('jobs') - get jobNames() { - return this.jobs.map((j) => { - return { key: j.name, label: j.name }; - }); - } - @action async save(e) { if (e instanceof Event) { e.preventDefault(); // code-mirror "command+enter" submits the form, but doesnt have a preventDefault() diff --git a/ui/app/controllers/sentinel-policies.js b/ui/app/controllers/sentinel-policies.js index ef574bd1095..7867dcb6d87 100644 --- a/ui/app/controllers/sentinel-policies.js +++ b/ui/app/controllers/sentinel-policies.js @@ -4,15 +4,5 @@ */ import Controller from '@ember/controller'; -import { tracked } from '@glimmer/tracking'; -import { action } from '@ember/object'; -// The WithNamespaceResetting Mixin uses Controller Injection and requires us to keep this controller around -export default class SentinelPoliciesController extends Controller { - @tracked selectedTemplate = null; - - @action - onChange(e) { - this.selectedTemplate = e.target.id; - } -} +export default class SentinelPoliciesController extends Controller {} diff --git a/ui/app/controllers/sentinel-policies/index.js b/ui/app/controllers/sentinel-policies/index.js index 923e9375385..a46b6f0ec9b 100644 --- a/ui/app/controllers/sentinel-policies/index.js +++ b/ui/app/controllers/sentinel-policies/index.js @@ -9,15 +9,13 @@ import { inject as service } from '@ember/service'; export default class SentinelPoliciesIndexController extends Controller { @service router; - @service notifications; - @service can; @action openPolicy(policy) { this.router.transitionTo('sentinel-policies.policy', policy.name); } @action goToNewPolicy() { - this.router.transitionTo('sentinel-policies.policy.new'); + this.router.transitionTo('sentinel-policies.new'); } get columns() { diff --git a/ui/app/controllers/sentinel-policies/new.js b/ui/app/controllers/sentinel-policies/new.js index dabcc8f4334..2c24c977b32 100644 --- a/ui/app/controllers/sentinel-policies/new.js +++ b/ui/app/controllers/sentinel-policies/new.js @@ -5,26 +5,7 @@ // @ts-check import Controller from '@ember/controller'; -import { inject as service } from '@ember/service'; -// import { task } from 'ember-concurrency'; -import { action } from '@ember/object'; export default class SentinelPoliciesNewController extends Controller { - @service notifications; - @service router; - @service store; - queryParams = ['template']; - - @action updatePolicyDefinition() { - console.log('sup'); - } - - @action onToggleWrap() { - console.log('sup'); - } - - @action onSubmit() { - console.log('sup'); - } } diff --git a/ui/app/controllers/sentinel-policies/policy.js b/ui/app/controllers/sentinel-policies/policy.js index c390c63693e..be1f77accbc 100644 --- a/ui/app/controllers/sentinel-policies/policy.js +++ b/ui/app/controllers/sentinel-policies/policy.js @@ -13,7 +13,6 @@ import messageFromAdapterError from 'nomad-ui/utils/message-from-adapter-error'; export default class SentinelPoliciesPolicyController extends Controller { @service notifications; @service router; - @service store; @task(function* () { try { diff --git a/ui/app/models/sentinel-policy.js b/ui/app/models/sentinel-policy.js index 30610e1669c..8da46bb6766 100644 --- a/ui/app/models/sentinel-policy.js +++ b/ui/app/models/sentinel-policy.js @@ -15,8 +15,4 @@ export default class SentinelPolicy extends Model { @attr('string') hash; @attr('number') createIndex; @attr('number') modifyIndex; - - testAgainstJob(job) { - return this.store.adapterFor('sentinel-policy').testAgainstJob(this, job); - } } diff --git a/ui/app/routes/sentinel-policies/gallery.js b/ui/app/routes/sentinel-policies/gallery.js deleted file mode 100644 index 948ff57cf0c..00000000000 --- a/ui/app/routes/sentinel-policies/gallery.js +++ /dev/null @@ -1,11 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: BUSL-1.1 - */ - -import Route from '@ember/routing/route'; -import { inject as service } from '@ember/service'; - -export default class GalleryRoute extends Route { - @service store; -} diff --git a/ui/app/routes/sentinel-policies/index.js b/ui/app/routes/sentinel-policies/index.js deleted file mode 100644 index 0dca0d23047..00000000000 --- a/ui/app/routes/sentinel-policies/index.js +++ /dev/null @@ -1,11 +0,0 @@ -/** - * Copyright (c) HashiCorp, Inc. - * SPDX-License-Identifier: BUSL-1.1 - */ - -import Route from '@ember/routing/route'; -import { inject as service } from '@ember/service'; - -export default class IndexRoute extends Route { - @service store; -} diff --git a/ui/app/templates/sentinel-policies/index.hbs b/ui/app/templates/sentinel-policies/index.hbs index 34e83290e93..7166817445e 100644 --- a/ui/app/templates/sentinel-policies/index.hbs +++ b/ui/app/templates/sentinel-policies/index.hbs @@ -6,7 +6,7 @@

- {{!-- TODO: perhaps add description here --}} + Nomad integrates with HashiCorp Sentinel to allow operators to express policies as code and have those policies automatically enforced. This allows operators to define a "sandbox" and restrict actions to only those compliant with that policy.

{{#if (can "write sentinel-policy")}} diff --git a/ui/app/templates/sentinel-policies/new.hbs b/ui/app/templates/sentinel-policies/new.hbs index 5c212a6702a..e83b0c792f0 100644 --- a/ui/app/templates/sentinel-policies/new.hbs +++ b/ui/app/templates/sentinel-policies/new.hbs @@ -6,9 +6,6 @@ {{page-title "Add Sentinel Job"}}
- {{!--

- Create Sentinel Policy -

--}}

Create Sentinel Policy

diff --git a/ui/app/templates/sentinel-policies/policy.hbs b/ui/app/templates/sentinel-policies/policy.hbs index 0b9a329eb1a..fa69e1b6a0d 100644 --- a/ui/app/templates/sentinel-policies/policy.hbs +++ b/ui/app/templates/sentinel-policies/policy.hbs @@ -1,3 +1,8 @@ +{{! + Copyright (c) HashiCorp, Inc. + SPDX-License-Identifier: BUSL-1.1 +~}} + {{page-title "Edit Sentinel Policy"}}

diff --git a/ui/app/utils/default-sentinel-policy-templates.js b/ui/app/utils/default-sentinel-policy-templates.js index 38df031065e..d3ef8d60390 100644 --- a/ui/app/utils/default-sentinel-policy-templates.js +++ b/ui/app/utils/default-sentinel-policy-templates.js @@ -3,6 +3,8 @@ * SPDX-License-Identifier: BUSL-1.1 */ +// TODO: Several of these are placeholders. Fill them out with real policies or remove them. + import countLimitsPolicy from './sentinel_policy_templates/count-limits'; import noFridaysPolicy from './sentinel_policy_templates/no-friday-deploys'; import alwaysFailPolicy from './sentinel_policy_templates/always-fail';