mirror of
https://github.com/khoaliber/dockhand.git
synced 2026-03-06 13:21:53 +00:00
Initial commit
This commit is contained in:
Jarek Krochmalski
201
routes/api/environments/test/+server.ts
Normal file
201
routes/api/environments/test/+server.ts
Normal file
@@ -0,0 +1,201 @@
|
||||
import { json } from '@sveltejs/kit';
|
||||
import type { RequestHandler } from './$types';
|
||||
|
||||
interface TestConnectionRequest {
|
||||
connectionType: 'socket' | 'direct' | 'hawser-standard' | 'hawser-edge';
|
||||
socketPath?: string;
|
||||
host?: string;
|
||||
port?: number;
|
||||
protocol?: string;
|
||||
tlsCa?: string;
|
||||
tlsCert?: string;
|
||||
tlsKey?: string;
|
||||
tlsSkipVerify?: boolean;
|
||||
hawserToken?: string;
|
||||
}
|
||||
|
||||
/**
|
||||
* Test Docker connection with provided configuration (without saving to database)
|
||||
*/
|
||||
export const POST: RequestHandler = async ({ request }) => {
|
||||
try {
|
||||
const config: TestConnectionRequest = await request.json();
|
||||
|
||||
// Build fetch options based on connection type
|
||||
let response: Response;
|
||||
|
||||
if (config.connectionType === 'socket') {
|
||||
const socketPath = config.socketPath || '/var/run/docker.sock';
|
||||
response = await fetch('http://localhost/info', {
|
||||
// @ts-ignore - Bun supports unix socket
|
||||
unix: socketPath,
|
||||
signal: AbortSignal.timeout(10000)
|
||||
});
|
||||
} else if (config.connectionType === 'hawser-edge') {
|
||||
// Edge mode - cannot test directly, agent connects to us
|
||||
return json({
|
||||
success: true,
|
||||
info: {
|
||||
message: 'Edge mode environments are tested when the agent connects'
|
||||
},
|
||||
isEdgeMode: true
|
||||
});
|
||||
} else {
|
||||
// Direct or Hawser Standard - HTTP/HTTPS connection
|
||||
const protocol = config.protocol || 'http';
|
||||
const host = config.host;
|
||||
const port = config.port || 2375;
|
||||
|
||||
if (!host) {
|
||||
return json({ success: false, error: 'Host is required' }, { status: 400 });
|
||||
}
|
||||
|
||||
const url = `${protocol}://${host}:${port}/info`;
|
||||
const headers: Record<string, string> = {
|
||||
'Content-Type': 'application/json'
|
||||
};
|
||||
|
||||
// Add Hawser token if present
|
||||
if (config.connectionType === 'hawser-standard' && config.hawserToken) {
|
||||
headers['X-Hawser-Token'] = config.hawserToken;
|
||||
}
|
||||
|
||||
// For HTTPS with custom CA or skip verification, use subprocess to avoid Vite dev server TLS issues
|
||||
if (protocol === 'https' && (config.tlsCa || config.tlsSkipVerify)) {
|
||||
const fs = await import('node:fs');
|
||||
let tempCaPath = '';
|
||||
|
||||
// Clean the certificate - remove leading/trailing whitespace from each line
|
||||
let cleanedCa = '';
|
||||
if (config.tlsCa && !config.tlsSkipVerify) {
|
||||
cleanedCa = config.tlsCa
|
||||
.split('\n')
|
||||
.map((line) => line.trim())
|
||||
.filter((line) => line.length > 0)
|
||||
.join('\n');
|
||||
|
||||
tempCaPath = `/tmp/dockhand-ca-${Date.now()}.pem`;
|
||||
fs.writeFileSync(tempCaPath, cleanedCa);
|
||||
}
|
||||
|
||||
// Build Bun script that runs outside Vite's process (Vite interferes with TLS)
|
||||
const tlsConfig = config.tlsSkipVerify
|
||||
? `tls: { rejectUnauthorized: false }`
|
||||
: `tls: { ca: await Bun.file('${tempCaPath}').text() }`;
|
||||
|
||||
const scriptContent = `
|
||||
const response = await fetch('https://${host}:${port}/info', {
|
||||
headers: ${JSON.stringify(headers)},
|
||||
${tlsConfig}
|
||||
});
|
||||
const body = await response.text();
|
||||
console.log(JSON.stringify({ status: response.status, body }));
|
||||
`;
|
||||
const scriptPath = `/tmp/dockhand-test-${Date.now()}.ts`;
|
||||
fs.writeFileSync(scriptPath, scriptContent);
|
||||
|
||||
const proc = Bun.spawn(['bun', scriptPath], { stdout: 'pipe', stderr: 'pipe' });
|
||||
const output = await new Response(proc.stdout).text();
|
||||
const stderr = await new Response(proc.stderr).text();
|
||||
|
||||
// Cleanup temp files
|
||||
if (tempCaPath) {
|
||||
try { fs.unlinkSync(tempCaPath); } catch {}
|
||||
}
|
||||
try { fs.unlinkSync(scriptPath); } catch {}
|
||||
|
||||
if (!output.trim()) {
|
||||
throw new Error(stderr || 'Empty response from TLS test subprocess');
|
||||
}
|
||||
const result = JSON.parse(output.trim());
|
||||
|
||||
if (result.error) {
|
||||
throw new Error(result.error);
|
||||
}
|
||||
|
||||
response = new Response(result.body, {
|
||||
status: result.status,
|
||||
headers: { 'Content-Type': 'application/json' }
|
||||
});
|
||||
} else {
|
||||
response = await fetch(url, {
|
||||
headers,
|
||||
signal: AbortSignal.timeout(10000)
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
if (!response.ok) {
|
||||
const error = await response.text();
|
||||
throw new Error(`Docker API error: ${response.status} - ${error}`);
|
||||
}
|
||||
|
||||
const info = await response.json();
|
||||
|
||||
// For Hawser Standard, also try to fetch Hawser info
|
||||
let hawserInfo = null;
|
||||
if (config.connectionType === 'hawser-standard' && config.host) {
|
||||
try {
|
||||
const protocol = config.protocol || 'http';
|
||||
const headers: Record<string, string> = {};
|
||||
if (config.hawserToken) {
|
||||
headers['X-Hawser-Token'] = config.hawserToken;
|
||||
}
|
||||
const hawserResp = await fetch(
|
||||
`${protocol}://${config.host}:${config.port || 2375}/_hawser/info`,
|
||||
{
|
||||
headers,
|
||||
signal: AbortSignal.timeout(5000)
|
||||
}
|
||||
);
|
||||
if (hawserResp.ok) {
|
||||
hawserInfo = await hawserResp.json();
|
||||
}
|
||||
} catch {
|
||||
// Hawser info fetch failed, continue without it
|
||||
}
|
||||
}
|
||||
|
||||
return json({
|
||||
success: true,
|
||||
info: {
|
||||
serverVersion: info.ServerVersion,
|
||||
containers: info.Containers,
|
||||
images: info.Images,
|
||||
name: info.Name
|
||||
},
|
||||
hawser: hawserInfo
|
||||
});
|
||||
} catch (error) {
|
||||
const rawMessage = error instanceof Error ? error.message : 'Connection failed';
|
||||
console.error('Failed to test connection:', rawMessage);
|
||||
|
||||
// Provide more helpful error messages
|
||||
let message = rawMessage;
|
||||
if (rawMessage.includes('401') || rawMessage.toLowerCase().includes('unauthorized')) {
|
||||
message = 'Invalid token - check that the Hawser token matches';
|
||||
} else if (rawMessage.includes('403') || rawMessage.toLowerCase().includes('forbidden')) {
|
||||
message = 'Access forbidden - check token permissions';
|
||||
} else if (rawMessage.includes('ECONNREFUSED') || rawMessage.includes('Connection refused')) {
|
||||
message = 'Connection refused - is Docker/Hawser running?';
|
||||
} else if (rawMessage.includes('ETIMEDOUT') || rawMessage.includes('timeout') || rawMessage.includes('Timeout')) {
|
||||
message = 'Connection timed out - check host and port';
|
||||
} else if (rawMessage.includes('ENOTFOUND') || rawMessage.includes('getaddrinfo')) {
|
||||
message = 'Host not found - check the hostname';
|
||||
} else if (rawMessage.includes('EHOSTUNREACH')) {
|
||||
message = 'Host unreachable - check network connectivity';
|
||||
} else if (rawMessage.includes('ENOENT') || rawMessage.includes('no such file')) {
|
||||
message = 'Socket not found - check the socket path';
|
||||
} else if (rawMessage.includes('EACCES') || rawMessage.includes('permission denied')) {
|
||||
message = 'Permission denied - check socket permissions';
|
||||
} else if (rawMessage.includes('typo in the url') || rawMessage.includes('Was there a typo')) {
|
||||
message = 'Connection failed - check host and port';
|
||||
} else if (rawMessage.includes('self signed certificate') || rawMessage.includes('UNABLE_TO_VERIFY_LEAF_SIGNATURE')) {
|
||||
message = 'TLS certificate error - provide CA certificate for self-signed certs';
|
||||
} else if (rawMessage.includes('certificate') || rawMessage.includes('SSL') || rawMessage.includes('TLS')) {
|
||||
message = 'TLS/SSL error - check certificate configuration';
|
||||
}
|
||||
|
||||
return json({ success: false, error: message }, { status: 200 });
|
||||
}
|
||||
};
|
||||
Reference in New Issue
Block a user