add swarm endpoint

Author: bbilly1

README.md

@@ -55,6 +55,11 @@ docker compose pull container_name && docker compose up -d container_name
 ```bash
 docker compose up -d --build container_name
 ```
+- `/swarm`: Rebuild your container in a docker swarm. This is equivalent to:
+```bash
+docker service update --image container_image --with-registry-auth --force container_name
+```
+Where the `container_image` gets automatically looked up from the `container_name`.
 
 These endpoints are async. Meaning after request validation will return while the docker commands will process in the background.
 

app/main.py

@@ -6,7 +6,12 @@
 import uvicorn
 from fastapi import FastAPI, HTTPException, Request
 from src.execute import run_command
-from src.types import RequestData, ReturnMessage
+from src.types import (
+    RequestData,
+    ReturnMessage,
+    ServiceJsonType,
+    SwarmRequestData,
+)
 from src.validate import ValidateRequest
 
 UVICORN_PORT = int(environ.get("UVICORN_PORT", 8000))
@@ -29,14 +34,31 @@ async def validate_request(
         headers = dict(request.headers)
 
         container_name, compose_file = await ValidateRequest(
-            headers, data, request_body
-        ).validate()
+            headers, request_body
+        ).validate(data)
     except ValueError as err:
         raise HTTPException(status_code=403, detail=str(err)) from err
 
     return container_name, compose_file
 
 
+async def validate_swarm_request(
+    data: SwarmRequestData, request: Request
+) -> ServiceJsonType:
+    """validate request, return container_name and compose_file"""
+    try:
+        request_body = await request.body()
+        headers = dict(request.headers)
+
+        service_json: ServiceJsonType = await ValidateRequest(
+            headers, request_body
+        ).validate_swarm(data)
+    except ValueError as err:
+        raise HTTPException(status_code=403, detail=str(err)) from err
+
+    return service_json
+
+
 @app.post("/pull")
 async def pull_container(data: RequestData, request: Request) -> ReturnMessage:
     """endpoint to pull container"""
@@ -81,6 +103,33 @@ async def execute_docker_commands():
     )
 
 
+@app.post("/swarm")
+async def rebuild_sarm_container(
+    data: SwarmRequestData, request: Request
+) -> ReturnMessage:
+    """endpoint for swarm container rebuild"""
+
+    service_json: ServiceJsonType = await validate_swarm_request(data, request)
+    image = service_json.Image
+    service_name = service_json.Name
+    registry_auth = "--with-registry-auth" if data.with_registry_auth else ""
+
+    async def execute_docker_commands():
+        await run_command(
+            (
+                "docker service update "
+                f"--image {image} {registry_auth} --force {service_name}"
+            )
+        )
+
+    asyncio.create_task(execute_docker_commands())
+    return ReturnMessage(
+        message="pulling",
+        container_name=service_name,
+        compose_file=False,
+    )
+
+
 # entry point
 if __name__ == "__main__":
     uvicorn.run(app, host="0.0.0.0", port=UVICORN_PORT)

app/src/types.py

@@ -1,5 +1,7 @@
 """describes static types"""
 
+from typing import Optional
+
 from pydantic import BaseModel
 
 
@@ -8,10 +10,28 @@ class ReturnMessage(BaseModel):
 
     message: str
     container_name: str
-    compose_file: str
+    compose_file: str | bool
 
 
 class RequestData(BaseModel):
     """describes post request data"""
 
     container_name: str
+
+
+class SwarmRequestData(BaseModel):
+    """describes post request data to swarm endpoint"""
+
+    container_name: str
+    with_registry_auth: Optional[bool] = None
+
+
+class ServiceJsonType(BaseModel):
+    """describes a response type for services"""
+
+    ID: str
+    Image: str
+    Mode: str
+    Name: str
+    Ports: str
+    Replicas: str

app/src/validate.py

@@ -8,7 +8,7 @@
 from os import environ
 
 from src.execute import run_command
-from src.types import RequestData
+from src.types import RequestData, ServiceJsonType, SwarmRequestData
 
 logging.basicConfig(level=logging.INFO)
 
@@ -19,24 +19,33 @@ class ValidateRequest:
     TIME_WINDOW = 300  # 5 minutes
     SECRET_KEY = environ["SECRET_KEY"]
 
-    def __init__(
-        self, headers: dict, data: RequestData, request_body: bytes
-    ) -> None:
+    def __init__(self, headers: dict, request_body: bytes) -> None:
         self.headers = headers
-        self.data = data
         self.request_body = request_body
 
-    async def validate(self) -> tuple[str, str]:
+    async def validate(self, data: RequestData) -> tuple[str, str]:
         """validate request"""
         self.validate_timestamp()
         self.validate_signature()
-        container_name = self.get_container_name()
+        container_name = self.get_container_name(data)
         await self.validate_container_name(container_name)
         compose_file = await self.get_compose_file(container_name)
         logging.info("validation passed")
 
         return container_name, compose_file
 
+    async def validate_swarm(self, data: SwarmRequestData) -> ServiceJsonType:
+        """validate swarm request"""
+        self.validate_timestamp()
+        self.validate_signature()
+        container_name = self.get_container_name(data)
+        service_json: ServiceJsonType = await self.validate_swarm_service(
+            container_name
+        )
+        logging.info("validation passed")
+
+        return service_json
+
     def validate_timestamp(self) -> None:
         """raise valueerror on invalid timestamp"""
         timestamp = self.headers.get("x-timestamp")
@@ -64,9 +73,9 @@ def validate_signature(self):
         if not hmac.compare_digest(computed_signature, signature):
             raise ValueError("invalid signature")
 
-    def get_container_name(self) -> str:
+    def get_container_name(self, data: RequestData | SwarmRequestData) -> str:
         """extract container name from data"""
-        container_name = self.data.container_name
+        container_name = data.container_name
         if not container_name:
             raise ValueError("no container name defined")
 
@@ -87,6 +96,25 @@ async def validate_container_name(self, container_name: str):
 
         raise ValueError("container_name not found")
 
+    async def validate_swarm_service(
+        self, container_name: str
+    ) -> ServiceJsonType:
+        """validate swarm service name"""
+        services = await run_command("docker service ls --format=json")
+        for service in services.split("\n"):
+            if not service:
+                continue
+
+            try:
+                service_json = ServiceJsonType.model_validate_json(service)
+            except ValueError:
+                continue
+
+            if service_json.Name == container_name:
+                return service_json
+
+        raise ValueError("container_name not found")
+
     async def get_compose_file(self, container_name: str) -> str:
         """get absolute compose file path from container config"""
         try: