in controlplane/src/core/bufservices/federated-graph/createFederatedGraph.ts [22:288]
export function createFederatedGraph(
opts: RouterOptions,
req: CreateFederatedGraphRequest,
ctx: HandlerContext,
): Promise<PlainMessage<CreateFederatedGraphResponse>> {
let logger = getLogger(ctx, opts.logger);
return handleError<PlainMessage<CreateFederatedGraphResponse>>(ctx, logger, async () => {
req.namespace = req.namespace || DefaultNamespace;
const authContext = await opts.authenticator.authenticate(ctx.requestHeader);
logger = enrichLogger(ctx, logger, authContext);
const orgRepo = new OrganizationRepository(logger, opts.db, opts.billingDefaultPlanId);
const orgWebhooks = new OrganizationWebhookService(
opts.db,
authContext.organizationId,
opts.logger,
opts.billingDefaultPlanId,
);
const fedGraphRepo = new FederatedGraphRepository(logger, opts.db, authContext.organizationId);
const subgraphRepo = new SubgraphRepository(logger, opts.db, authContext.organizationId);
const auditLogRepo = new AuditLogRepository(opts.db);
const namespaceRepo = new NamespaceRepository(opts.db, authContext.organizationId);
if (!authContext.hasWriteAccess) {
return {
response: {
code: EnumStatusCode.ERR,
details: `The user doesn't have the permissions to perform this operation`,
},
compositionErrors: [],
deploymentErrors: [],
compositionWarnings: [],
};
}
const namespace = await namespaceRepo.byName(req.namespace);
if (!namespace) {
return {
response: {
code: EnumStatusCode.ERR_NOT_FOUND,
details: `Could not find namespace ${req.namespace}`,
},
compositionErrors: [],
deploymentErrors: [],
compositionWarnings: [],
};
}
if (await fedGraphRepo.exists(req.name, req.namespace)) {
return {
response: {
code: EnumStatusCode.ERR_ALREADY_EXISTS,
details: `Federated graph '${req.name}' already exists in the namespace`,
},
compositionErrors: [],
deploymentErrors: [],
compositionWarnings: [],
};
}
if (!isValidGraphName(req.name)) {
return {
response: {
code: EnumStatusCode.ERR_INVALID_NAME,
details: `The name of the federated graph is invalid. Name should start and end with an alphanumeric character. Only '.', '_', '@', '/', and '-' are allowed as separators in between and must be between 1 and 100 characters in length.`,
},
compositionErrors: [],
deploymentErrors: [],
compositionWarnings: [],
};
}
if (!isValidLabelMatchers(req.labelMatchers)) {
return {
response: {
code: EnumStatusCode.ERR_INVALID_LABELS,
details: `One or more labels in the matcher were found to be invalid`,
},
compositionErrors: [],
deploymentErrors: [],
compositionWarnings: [],
};
}
if (!isValidUrl(req.routingUrl)) {
return {
response: {
code: EnumStatusCode.ERR,
details: `Routing URL is not a valid URL`,
},
compositionErrors: [],
deploymentErrors: [],
compositionWarnings: [],
};
}
if (req.admissionWebhookURL && !isValidUrl(req.admissionWebhookURL)) {
return {
response: {
code: EnumStatusCode.ERR,
details: `Admission Webhook URL is not a valid URL`,
},
compositionErrors: [],
deploymentErrors: [],
compositionWarnings: [],
};
}
const count = await fedGraphRepo.count();
const feature = await orgRepo.getFeature({
organizationId: authContext.organizationId,
featureId: 'federated-graphs',
});
const limit = feature?.limit === -1 ? undefined : feature?.limit;
if (limit && count >= limit) {
return {
response: {
code: EnumStatusCode.ERR_LIMIT_REACHED,
details: `The organization reached the limit of federated graphs`,
},
compositionErrors: [],
deploymentErrors: [],
compositionWarnings: [],
};
}
const federatedGraph = await fedGraphRepo.create({
name: req.name,
createdBy: authContext.userId,
labelMatchers: req.labelMatchers,
routingUrl: req.routingUrl,
readme: req.readme,
namespace: req.namespace,
namespaceId: namespace.id,
admissionWebhookURL: req.admissionWebhookURL,
admissionWebhookSecret: req.admissionWebhookSecret,
});
if (!federatedGraph) {
return {
response: {
code: EnumStatusCode.ERR,
details: `Could not create federated graph`,
},
compositionErrors: [],
deploymentErrors: [],
compositionWarnings: [],
};
}
await fedGraphRepo.createGraphCryptoKeyPairs({
federatedGraphId: federatedGraph.id,
organizationId: authContext.organizationId,
});
await auditLogRepo.addAuditLog({
organizationId: authContext.organizationId,
auditAction: 'federated_graph.created',
action: 'created',
actorId: authContext.userId,
auditableType: 'federated_graph',
auditableDisplayName: federatedGraph.name,
actorDisplayName: authContext.userDisplayName,
apiKeyName: authContext.apiKeyName,
actorType: authContext.auth === 'api_key' ? 'api_key' : 'user',
targetNamespaceId: federatedGraph.namespaceId,
targetNamespaceDisplayName: federatedGraph.namespace,
});
const subgraphs = await subgraphRepo.listByFederatedGraph({
federatedGraphTargetId: federatedGraph.targetId,
published: true,
});
// If there are no subgraphs, we don't need to compose anything
// and avoid producing a version with a composition error
if (subgraphs.length === 0) {
return {
response: {
code: EnumStatusCode.OK,
},
compositionErrors: [],
deploymentErrors: [],
compositionWarnings: [],
};
}
const compositionErrors: PlainMessage<CompositionError>[] = [];
const deploymentErrors: PlainMessage<DeploymentError>[] = [];
const compositionWarnings: PlainMessage<CompositionWarning>[] = [];
await opts.db.transaction(async (tx) => {
const fedGraphRepo = new FederatedGraphRepository(logger, tx, authContext.organizationId);
const composition = await fedGraphRepo.composeAndDeployGraphs({
federatedGraphs: [federatedGraph],
actorId: authContext.userId,
blobStorage: opts.blobStorage,
admissionConfig: {
cdnBaseUrl: opts.cdnBaseUrl,
webhookJWTSecret: opts.admissionWebhookJWTSecret,
},
chClient: opts.chClient!,
});
compositionErrors.push(...composition.compositionErrors);
deploymentErrors.push(...composition.deploymentErrors);
compositionWarnings.push(...composition.compositionWarnings);
});
orgWebhooks.send(
{
eventName: OrganizationEventName.FEDERATED_GRAPH_SCHEMA_UPDATED,
payload: {
federated_graph: {
id: federatedGraph.id,
name: federatedGraph.name,
namespace: federatedGraph.namespace,
},
organization: {
id: authContext.organizationId,
slug: authContext.organizationSlug,
},
errors: compositionErrors.length > 0 || deploymentErrors.length > 0,
actor_id: authContext.userId,
},
},
authContext.userId,
);
if (compositionErrors.length > 0) {
return {
response: {
code: EnumStatusCode.ERR_SUBGRAPH_COMPOSITION_FAILED,
},
compositionErrors,
deploymentErrors: [],
compositionWarnings,
};
}
if (deploymentErrors.length > 0) {
return {
response: {
code: EnumStatusCode.ERR_DEPLOYMENT_FAILED,
},
compositionErrors: [],
deploymentErrors,
compositionWarnings,
};
}
return {
response: {
code: EnumStatusCode.OK,
},
compositionErrors: [],
deploymentErrors: [],
compositionWarnings,
};
});
}