Add binds support to containers

2020-04-29 21:55:21 -07:00
parent 66f66fd14f
commit e9d0ed8e1e
10 changed files with 109 additions and 3 deletions
--- a/src/apps.js
+++ b/src/apps.js
@@ -20,6 +20,7 @@ exports = module.exports = {
    setTags: setTags,
    setMemoryLimit: setMemoryLimit,
    setCpuShares: setCpuShares,
+    setBinds: setBinds,
    setAutomaticBackup: setAutomaticBackup,
    setAutomaticUpdate: setAutomaticUpdate,
    setReverseProxyConfig: setReverseProxyConfig,
@@ -332,6 +333,20 @@ function validateEnv(env) {
    return null;
 }

+function validateBinds(binds) {
+    for (let name of Object.keys(binds)) {
+        // just have friendly characters under /media
+        if (!/^[-0-9a-zA-Z_@$=#.%+]+$/.test(name)) return new BoxError(BoxError.BAD_FIELD, 'Invalid bind name');
+
+        const bind = binds[name];
+
+        if (!bind.hostPath.startsWith('/mnt') && !bind.hostPath.startsWith('/media')) return new BoxError(BoxError.BAD_FIELD, 'hostPath must be in /mnt or /media');
+        if (path.normalize(bind.hostPath) !== bind.hostPath) return new BoxError(BoxError.BAD_FIELD, 'hostPath is not normalized');
+    }
+
+    return null;
+}
+
 function validateDataDir(dataDir) {
    if (dataDir === null) return null;

@@ -404,7 +419,7 @@ function removeInternalFields(app) {
        'location', 'domain', 'fqdn', 'mailboxName', 'mailboxDomain',
        'accessRestriction', 'manifest', 'portBindings', 'iconUrl', 'memoryLimit', 'cpuShares',
        'sso', 'debugMode', 'reverseProxyConfig', 'enableBackup', 'creationTime', 'updateTime', 'ts', 'tags',
-        'label', 'alternateDomains', 'env', 'enableAutomaticUpdate', 'dataDir');
+        'label', 'alternateDomains', 'env', 'enableAutomaticUpdate', 'dataDir', 'binds');
 }

 // non-admins can only see these
@@ -968,6 +983,32 @@ function setCpuShares(app, cpuShares, auditSource, callback) {
    });
 }

+function setBinds(app, binds, auditSource, callback) {
+    assert.strictEqual(typeof app, 'object');
+    assert(binds && typeof binds === 'object');
+    assert.strictEqual(typeof auditSource, 'object');
+    assert.strictEqual(typeof callback, 'function');
+
+    const appId = app.id;
+    let error = checkAppState(app, exports.ISTATE_PENDING_RECREATE_CONTAINER);
+    if (error) return callback(error);
+
+    error = validateBinds(binds);
+    if (error) return callback(error);
+
+    const task = {
+        args: {},
+        values: { binds }
+    };
+    addTask(appId, exports.ISTATE_PENDING_RECREATE_CONTAINER, task, function (error, result) {
+        if (error) return callback(error);
+
+        eventlog.add(eventlog.ACTION_APP_CONFIGURE, auditSource, { appId, app, binds, taskId: result.taskId });
+
+        callback(null, { taskId: result.taskId });
+    });
+}
+
 function setEnvironment(app, env, auditSource, callback) {
    assert.strictEqual(typeof app, 'object');
    assert.strictEqual(typeof env, 'object');