Ansible 기능 추가

2025-05-21 01:08:10 +09:00
parent 69aca7ae85
commit ed5c62b1e5
10 changed files with 161 additions and 109 deletions
--- a/ansible/views.py
+++ b/ansible/views.py
@ -1,101 +1,47 @@
-from rest_framework.views import APIView
+from rest_framework import viewsets, status
 from rest_framework.response import Response
-from rest_framework import status
 from rest_framework.permissions import IsAuthenticated
-from rest_framework_simplejwt.views import TokenObtainPairView
-
-from .serializers import RegisterSerializer, CustomTokenObtainPairSerializer
-from cryptography.fernet import Fernet
-from django.conf import settings
-import base64
-import hashlib
-
-# Fernet 키를 settings.SECRET_KEY에서 파생
-hashed = hashlib.sha256(settings.SECRET_KEY.encode()).digest()
-fernet_key = base64.urlsafe_b64encode(hashed[:32])
-fernet = Fernet(fernet_key)
+from rest_framework.decorators import action
+from .models import AnsibleTask
+from .serializers import AnsibleTaskSerializer, AnsibleTaskDetailSerializer
+from .services import run_ansible_job, get_ssh_key_from_auth_server


-class RegisterView(APIView):
-    def post(self, request):
-        serializer = RegisterSerializer(data=request.data)
-        if serializer.is_valid():
-            user = serializer.save()
-            return Response({"message": "User registered successfully."}, status=status.HTTP_201_CREATED)
-        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
-
-
-class MeView(APIView):
+class AnsibleTaskViewSet(viewsets.ModelViewSet):
+    serializer_class = AnsibleTaskSerializer
    permission_classes = [IsAuthenticated]

-    def get(self, request):
-        user = request.user
-        serializer = RegisterSerializer(user)
-        return Response(serializer.data)
+    def get_queryset(self):
+        # ✅ 현재 로그인한 사용자의 email로 필터
+        return AnsibleTask.objects.filter(author_email=self.request.user.email).order_by("-created_at")

-    def put(self, request):
-        user = request.user
-        serializer = RegisterSerializer(user, data=request.data, partial=True)
-        if serializer.is_valid():
-            serializer.save()
-            return Response(serializer.data)
-        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
+    def get_serializer_class(self):
+        if self.action == "retrieve":
+            return AnsibleTaskDetailSerializer
+        return AnsibleTaskSerializer

+    def create(self, request, *args, **kwargs):
+        serializer = self.get_serializer(data=request.data)
+        serializer.is_valid(raise_exception=True)

-class CustomTokenObtainPairView(TokenObtainPairView):
-    serializer_class = CustomTokenObtainPairSerializer
+        # ✅ author_email 저장
+        task = serializer.save(author_email=request.user.email)
+        return Response(self.get_serializer(task).data, status=status.HTTP_201_CREATED)
+        # try:
+        #     token = request.headers.get("Authorization", "").replace("Bearer ", "")
+        #     ssh_key = get_ssh_key_from_auth_server(token)
+        #     run_ansible_job(task, ssh_key)
+        #     return Response(self.get_serializer(task).data, status=status.HTTP_201_CREATED)
+        # except Exception as e:
+        #     return Response({"error": f"작업 실행 실패: {str(e)}"}, status=500)

-
-class SSHKeyUploadView(APIView):
-    permission_classes = [IsAuthenticated]
-
-    def post(self, request):
-        private_key = request.data.get("private_key")
-        key_name = request.data.get("key_name")
-
-        if not private_key or not key_name:
-            return Response(
-                {"error": "private_key와 key_name 모두 필요합니다."},
-                status=status.HTTP_400_BAD_REQUEST
-            )
-
-        user = request.user
+    @action(detail=True, methods=["post"], url_path="run")
+    def run_task(self, request, pk=None):
+        task = self.get_object()
        try:
-            encrypted_key = fernet.encrypt(private_key.encode()).decode()  # ✅ decode 추가
-            user.encrypted_private_key = encrypted_key
-            user.encrypted_private_key_name = key_name
-            user.save(update_fields=["encrypted_private_key", "encrypted_private_key_name"])
-            return Response({"message": "SSH key 저장 완료."})
+            token = request.headers.get("Authorization", "").replace("Bearer ", "")
+            ssh_key = get_ssh_key_from_auth_server(token)
+            run_ansible_job(task, ssh_key)
+            return Response(self.get_serializer(task).data)
        except Exception as e:
-            return Response({"error": str(e)}, status=500)
-
-    def delete(self, request):
-        user = request.user
-        user.encrypted_private_key = None
-        user.encrypted_private_key_name = None
-        user.last_used_at = None
-        user.save(update_fields=["encrypted_private_key", "encrypted_private_key_name", "last_used_at"])
-        return Response({"message": "SSH key deleted."}, status=200)
-
-
-class SSHKeyInfoView(APIView):
-    permission_classes = [IsAuthenticated]
-
-    def get(self, request):
-        user = request.user
-        return Response({
-            "has_key": bool(user.encrypted_private_key),
-            "encrypted_private_key_name": user.encrypted_private_key_name,
-            "last_used_at": user.last_used_at
-        })
-
-
-# ✅ 실제 암호화된 키를 반환하는 API
-class SSHKeyRetrieveView(APIView):
-    permission_classes = [IsAuthenticated]
-
-    def get(self, request):
-        user = request.user
-        if not user.encrypted_private_key:
-            return Response({"error": "SSH 키가 등록되어 있지 않습니다."}, status=404)
-        return Response({"ssh_key": user.encrypted_private_key})
+            return Response({"error": f"작업 실행 실패: {str(e)}"}, status=500)