PMM-10078 Extract portal client, add dev env variables for portal address overwriting

docker-compose.yml

@@ -14,7 +14,9 @@ services:
       - AWS_SECRET_KEY=${AWS_SECRET_KEY}
       - ENABLE_ALERTING=1
       - ENABLE_BACKUP_MANAGEMENT=1
-#      - PERCONA_TEST_SAAS_HOST=check.localhost
+#      - PERCONA_TEST_PLATFORM_ADDRESS=https://check.localhost
+#      - PERCONA_TEST_PLATFORM_INSECURE=1
+#      - PERCONA_TEST_PLATFORM_PUBLIC_KEY=<public key>
 #      - PERCONA_TEST_TELEMETRY_INTERVAL=10s
 #      - PERCONA_TEST_TELEMETRY_RETRY_BACKOFF=10s
 #      - PMM_DEBUG=1

main.go

@@ -93,6 +93,7 @@ import (
 	"github.com/percona/pmm-managed/utils/clean"
 	"github.com/percona/pmm-managed/utils/interceptors"
 	"github.com/percona/pmm-managed/utils/logger"
+	platformClient "github.com/percona/pmm-managed/utils/platform"
 )
 
 const (
@@ -130,6 +131,7 @@ func addLogsHandler(mux *http.ServeMux, logs *supervisord.Logs) {
 type gRPCServerDeps struct {
 	db                   *reform.DB
 	vmdb                 *victoriametrics.Service
+	portalClient         *platformClient.Client
 	server               *server.Server
 	agentsRegistry       *agents.Registry
 	handler              *agents.Handler
@@ -224,7 +226,7 @@ func runGRPCServer(ctx context.Context, deps *gRPCServerDeps) {
 	dbaasv1beta1.RegisterLogsAPIServer(gRPCServer, managementdbaas.NewLogsService(deps.db, deps.dbaasClient))
 	dbaasv1beta1.RegisterComponentsServer(gRPCServer, managementdbaas.NewComponentsService(deps.db, deps.dbaasClient, deps.versionServiceClient))
 
-	platformService, err := platform.New(deps.db, deps.supervisord, deps.checksService, deps.grafanaClient, deps.config.Services.Platform)
+	platformService, err := platform.New(deps.portalClient, deps.db, deps.supervisord, deps.checksService, deps.grafanaClient)
 	if err == nil {
 		platformpb.RegisterPlatformServer(gRPCServer, platformService)
 	} else {
@@ -689,7 +691,12 @@ func main() {
 	logs := supervisord.NewLogs(version.FullInfo(), pmmUpdateCheck)
 	supervisord := supervisord.New(*supervisordConfigDirF, pmmUpdateCheck, vmParams)
 
-	telemetry, err := telemetry.NewService(db, version.Version, cfg.Config.Services.Telemetry)
+	portalClient, err := platformClient.NewClient(db)
+	if err != nil {
+		l.Fatalf("Could not create Percona Portal client: %s", err)
+	}
+
+	telemetry, err := telemetry.NewService(db, portalClient, version.Version, cfg.Config.Services.Telemetry)
 	if err != nil {
 		l.Fatalf("Could not create telemetry service: %s", err)
 	}
@@ -704,15 +711,15 @@ func main() {
 
 	actionsService := agents.NewActionsService(agentsRegistry)
 
-	checksService, err := checks.New(actionsService, alertManager, db, *victoriaMetricsURLF)
+	checksService, err := checks.New(db, portalClient, actionsService, alertManager, *victoriaMetricsURLF)
 	if err != nil {
 		l.Fatalf("Could not create checks service: %s", err)
 	}
 
 	prom.MustRegister(checksService)
 
 	// Integrated alerts services
-	templatesService, err := ia.NewTemplatesService(db)
+	templatesService, err := ia.NewTemplatesService(db, portalClient)
 	if err != nil {
 		l.Fatalf("Could not create templates service: %s", err)
 	}
@@ -905,6 +912,7 @@ func main() {
 			&gRPCServerDeps{
 				db:                   db,
 				vmdb:                 vmdb,
+				portalClient:         portalClient,
 				server:               server,
 				agentsRegistry:       agentsRegistry,
 				handler:              agentsHandler,

services/checks/checks.go

@@ -21,9 +21,7 @@ import (
 	"bytes"
 	"context"
 	"encoding/json"
-	"fmt"
 	"io/ioutil"
-	"net/http"
 	"os"
 	"os/exec"
 	"strconv"
@@ -33,7 +31,6 @@ import (
 	"text/template"
 	"time"
 
-	api "github.com/percona-platform/saas/gen/check/retrieval"
 	"github.com/percona-platform/saas/pkg/check"
 	"github.com/percona-platform/saas/pkg/common"
 	"github.com/percona/pmm/api/agentpb"
@@ -50,9 +47,7 @@ import (
 
 	"github.com/percona/pmm-managed/models"
 	"github.com/percona/pmm-managed/services"
-	"github.com/percona/pmm-managed/utils/envvars"
-	"github.com/percona/pmm-managed/utils/saasreq"
-	"github.com/percona/pmm-managed/utils/signatures"
+	"github.com/percona/pmm-managed/utils/platform"
 )
 
 const (
@@ -64,7 +59,7 @@ const (
 	envDisableStartDelay = "PERCONA_TEST_CHECKS_DISABLE_START_DELAY"
 
 	checkExecutionTimeout  = 5 * time.Minute  // limits execution time for every single check
-	platformRequestTimeout = 2 * time.Minute  // time limit to get checks list from the platform
+	portalRequestTimeout   = 2 * time.Minute  // time limit to get checks list from the portal
 	resultAwaitTimeout     = 20 * time.Second // should be greater than agents.defaultQueryActionTimeout
 	scriptExecutionTimeout = 5 * time.Second  // time limit for running pmm-managed-starlark
 	resultCheckInterval    = time.Second
@@ -91,15 +86,14 @@ var (
 
 // Service is responsible for interactions with Percona Check service.
 type Service struct {
+	portalClient        *platform.Client
 	agentsRegistry      agentsRegistry
 	alertmanagerService alertmanagerService
 	db                  *reform.DB
 	alertsRegistry      *registry
 	vmClient            v1.API
 
 	l               *logrus.Entry
-	host            string
-	publicKeys      []string
 	startDelay      time.Duration
 	resendInterval  time.Duration
 	localChecksFile string // For testing
@@ -117,7 +111,7 @@ type Service struct {
 }
 
 // New returns Service with given PMM version.
-func New(agentsRegistry agentsRegistry, alertmanagerService alertmanagerService, db *reform.DB, VMAddress string) (*Service, error) {
+func New(db *reform.DB, portalClient *platform.Client, agentsRegistry agentsRegistry, alertmanagerService alertmanagerService, VMAddress string) (*Service, error) {
 	l := logrus.WithField("component", "checks")
 
 	resendInterval := defaultResendInterval
@@ -126,25 +120,20 @@ func New(agentsRegistry agentsRegistry, alertmanagerService alertmanagerService,
 		resendInterval = d
 	}
 
-	host, err := envvars.GetSAASHost()
-	if err != nil {
-		return nil, err
-	}
-
 	vmClient, err := metrics.NewClient(metrics.Config{Address: VMAddress})
 	if err != nil {
 		return nil, err
 	}
 
 	s := &Service{
+		db:                  db,
 		agentsRegistry:      agentsRegistry,
 		alertmanagerService: alertmanagerService,
-		db:                  db,
 		alertsRegistry:      newRegistry(resolveTimeoutFactor * resendInterval),
 		vmClient:            v1.NewAPI(vmClient),
 
 		l:               l,
-		host:            host,
+		portalClient:    portalClient,
 		startDelay:      defaultStartDelay,
 		resendInterval:  resendInterval,
 		localChecksFile: os.Getenv(envCheckFile),
@@ -164,10 +153,6 @@ func New(agentsRegistry agentsRegistry, alertmanagerService alertmanagerService,
 		}, []string{"service_type", "check_type"}),
 	}
 
-	if k := envvars.GetPublicKeys(); k != nil {
-		l.Warnf("Public keys changed to %q.", k)
-		s.publicKeys = k
-	}
 	if d, _ := strconv.ParseBool(os.Getenv(envDisableStartDelay)); d {
 		l.Warn("Start delay disabled.")
 		s.startDelay = 0
@@ -1422,40 +1407,12 @@ func (s *Service) downloadChecks(ctx context.Context) ([]check.Check, error) {
 		return nil, nil
 	}
 
-	s.l.Infof("Downloading checks from %s ...", s.host)
-
-	nCtx, cancel := context.WithTimeout(ctx, platformRequestTimeout)
+	nCtx, cancel := context.WithTimeout(ctx, portalRequestTimeout)
 	defer cancel()
 
-	var accessToken string
-	if ssoDetails, err := models.GetPerconaSSODetails(nCtx, s.db.Querier); err == nil {
-		accessToken = ssoDetails.AccessToken.AccessToken
-	}
-
-	endpoint := fmt.Sprintf("https://%s/v1/check/GetAllChecks", s.host)
-	bodyBytes, err := saasreq.MakeRequest(nCtx, http.MethodPost, endpoint, accessToken, nil,
-		&saasreq.SaasRequestOptions{})
+	checks, err := s.portalClient.GetChecks(nCtx)
 	if err != nil {
-		return nil, errors.Wrap(err, "failed to dial")
-	}
-
-	var resp *api.GetAllChecksResponse
-	if err := json.Unmarshal(bodyBytes, &resp); err != nil {
-		return nil, err
-	}
-
-	if err = signatures.Verify(s.l, resp.File, resp.Signatures, s.publicKeys); err != nil {
-		return nil, err
-	}
-
-	// be liberal about files from SaaS for smooth transition to future versions
-	params := &check.ParseParams{
-		DisallowUnknownFields: false,
-		DisallowInvalidChecks: false,
-	}
-	checks, err := check.Parse(strings.NewReader(resp.File), params)
-	if err != nil {
-		return nil, err
+		return nil, errors.WithStack(err)
 	}
 
 	return checks, nil