semaphoreio
diff --git a/‎front/config/config.exs
Lines changed: 1 addition & 0 deletions b/‎front/config/config.exs
Lines changed: 1 addition & 0 deletions
diff --git a/‎front/config/prod.exs
Lines changed: 1 addition & 0 deletions b/‎front/config/prod.exs
Lines changed: 1 addition & 0 deletions
diff --git a/‎front/config/runtime.exs
Lines changed: 1 addition & 0 deletions b/‎front/config/runtime.exs
Lines changed: 1 addition & 0 deletions
diff --git a/‎front/lib/front/application.ex
Lines changed: 24 additions & 7 deletions b/‎front/lib/front/application.ex
Lines changed: 24 additions & 7 deletions
diff --git a/‎front/lib/front/clients/service_account.ex
Lines changed: 182 additions & 0 deletions b/‎front/lib/front/clients/service_account.ex
Lines changed: 182 additions & 0 deletions
diff --git a/‎front/lib/front/models/service_account.ex
Lines changed: 50 additions & 0 deletions b/‎front/lib/front/models/service_account.ex
Lines changed: 50 additions & 0 deletions
diff --git a/‎front/lib/front/service_account.ex
Lines changed: 52 additions & 0 deletions b/‎front/lib/front/service_account.ex
Lines changed: 52 additions & 0 deletions
@@ -32,6 +32,7 @@ config :front, default_user_name: "Semaphore User"
 config :feature_provider, provider: {Front.FeatureHubProvider, []}
 config :front, :superjerry_client, {Support.FakeClients.Superjerry, []}
 config :front, :scouter_client, {Front.Clients.Scouter, []}
+config :front, :service_account_client, {Support.FakeClients.ServiceAccount, []}
 
 config :money,
   default_currency: :USD,
 
@@ -8,6 +8,7 @@ config :front, FrontWeb.Endpoint,
   cache_static_manifest: "priv/static/cache_manifest.json"
 
 config :front, :superjerry_client, {Front.Clients.Superjerry, []}
+config :front, :service_account_client, {Front.Clients.ServiceAccount, []}
 config :front, guard_grpc_timeout: 15_000
 config :front, permission_patrol_timeout: 15_000
 config :front, me_host: "me.", me_path: "/"
@@ -109,6 +109,7 @@ if config_env() == :prod do
     # sobelow_skip ["Config.Secrets"]
     secrets_api_grpc_endpoint: System.fetch_env!("INTERNAL_API_URL_SECRETHUB"),
     self_hosted_agents_grpc_endpoint: System.fetch_env!("INTERNAL_API_URL_SELFHOSTEDHUB"),
+    service_account_grpc_endpoint: System.fetch_env!("INTERNAL_API_URL_SERVICE_ACCOUNT"),
     superjerry_grpc_endpoint: System.fetch_env!("INTERNAL_API_URL_SUPERJERRY"),
     task_grpc_endpoint: System.fetch_env!("INTERNAL_API_URL_TASK"),
     velocity_grpc_endpoint: System.fetch_env!("INTERNAL_API_URL_VELOCITY"),
 
@@ -16,14 +16,21 @@ defmodule Front.Application do
       {&:logger_filters.domain/2, {:stop, :equal, [:progress]}}
     )
 
+    base_children = [
+      {Phoenix.PubSub, [name: Front.PubSub, adapter: Phoenix.PubSub.PG2]},
+      FrontWeb.Endpoint,
+      {Task.Supervisor, [name: Front.TaskSupervisor]},
+      Front.Tracing.Store,
+      Front.FeatureProviderInvalidatorWorker
+    ]
+
     children =
-      [
-        {Phoenix.PubSub, [name: Front.PubSub, adapter: Phoenix.PubSub.PG2]},
-        FrontWeb.Endpoint,
-        {Task.Supervisor, [name: Front.TaskSupervisor]},
-        Front.Tracing.Store,
-        Front.FeatureProviderInvalidatorWorker
-      ] ++ reactor() ++ cache() ++ telemetry() ++ feature_provider(provider)
+      base_children ++
+        reactor() ++
+        cache() ++
+        telemetry() ++
+        feature_provider(provider) ++
+        clients()
 
     opts = [strategy: :one_for_one, name: Front.Supervisor]
 
@@ -93,6 +100,16 @@ defmodule Front.Application do
     end
   end
 
+  def clients do
+    if Application.get_env(:front, :environment) in [:dev, :test] do
+      [
+        Application.get_env(:front, :service_account_client)
+      ]
+    else
+      []
+    end
+  end
+
   def config_change(changed, _new, removed) do
     FrontWeb.Endpoint.config_change(changed, removed)
     :ok
 
@@ -0,0 +1,182 @@
+defmodule Front.Clients.ServiceAccount do
+  require Logger
+
+  alias InternalApi.ServiceAccount.{
+    CreateRequest,
+    DeleteRequest,
+    DescribeRequest,
+    ListRequest,
+    RegenerateTokenRequest,
+    UpdateRequest
+  }
+
+  alias Front.Models.ServiceAccount
+
+  @behaviour Front.ServiceAccount.Behaviour
+
+  @impl Front.ServiceAccount.Behaviour
+  def create(org_id, name, description, creator_id) do
+    %CreateRequest{
+      org_id: org_id,
+      name: name,
+      description: description,
+      creator_id: creator_id
+    }
+    |> grpc_call(:create)
+    |> case do
+      {:ok, result} ->
+        service_account = ServiceAccount.from_proto(result.service_account)
+        {:ok, {service_account, result.api_token}}
+
+      err ->
+        Logger.error("Error creating service account for org #{org_id}: #{inspect(err)}")
+        handle_error(err)
+    end
+  end
+
+  @impl Front.ServiceAccount.Behaviour
+  def list(org_id, page_size, page_token) do
+    %ListRequest{
+      org_id: org_id,
+      page_size: page_size,
+      page_token: page_token || ""
+    }
+    |> grpc_call(:list)
+    |> case do
+      {:ok, result} ->
+        service_accounts = Enum.map(result.service_accounts, &ServiceAccount.from_proto/1)
+        next_page_token = if result.next_page_token == "", do: nil, else: result.next_page_token
+        {:ok, {service_accounts, next_page_token}}
+
+      err ->
+        Logger.error("Error listing service accounts for org #{org_id}: #{inspect(err)}")
+        handle_error(err)
+    end
+  end
+
+  @impl Front.ServiceAccount.Behaviour
+  def describe(service_account_id) do
+    %DescribeRequest{
+      service_account_id: service_account_id
+    }
+    |> grpc_call(:describe)
+    |> case do
+      {:ok, result} ->
+        service_account = ServiceAccount.from_proto(result.service_account)
+        {:ok, service_account}
+
+      err ->
+        Logger.error("Error describing service account #{service_account_id}: #{inspect(err)}")
+        handle_error(err)
+    end
+  end
+
+  @impl Front.ServiceAccount.Behaviour
+  def update(service_account_id, name, description) do
+    %UpdateRequest{
+      service_account_id: service_account_id,
+      name: name,
+      description: description
+    }
+    |> grpc_call(:update)
+    |> case do
+      {:ok, result} ->
+        service_account = ServiceAccount.from_proto(result.service_account)
+        {:ok, service_account}
+
+      err ->
+        Logger.error("Error updating service account #{service_account_id}: #{inspect(err)}")
+        handle_error(err)
+    end
+  end
+
+  @impl Front.ServiceAccount.Behaviour
+  def delete(service_account_id) do
+    %DeleteRequest{
+      service_account_id: service_account_id
+    }
+    |> grpc_call(:delete)
+    |> case do
+      {:ok, _result} ->
+        :ok
+
+      err ->
+        Logger.error("Error deleting service account #{service_account_id}: #{inspect(err)}")
+        handle_error(err)
+    end
+  end
+
+  @impl Front.ServiceAccount.Behaviour
+  def regenerate_token(service_account_id) do
+    %RegenerateTokenRequest{
+      service_account_id: service_account_id
+    }
+    |> grpc_call(:regenerate_token)
+    |> case do
+      {:ok, result} ->
+        {:ok, result.api_token}
+
+      err ->
+        Logger.error(
+          "Error regenerating token for service account #{service_account_id}: #{inspect(err)}"
+        )
+
+        handle_error(err)
+    end
+  end
+
+  defp grpc_call(request, action) do
+    Watchman.benchmark("service_account.#{action}.duration", fn ->
+      channel()
+      |> call_grpc(
+        InternalApi.ServiceAccount.ServiceAccountService.Stub,
+        action,
+        request,
+        metadata(),
+        timeout()
+      )
+      |> tap(fn
+        {:ok, _} -> Watchman.increment("service_account.#{action}.success")
+        {:error, _} -> Watchman.increment("service_account.#{action}.failure")
+      end)
+    end)
+  end
+
+  defp call_grpc(error = {:error, err}, _, _, _, _, _) do
+    Logger.error("""
+    Unexpected error when connecting to ServiceAccount: #{inspect(err)}
+    """)
+
+    error
+  end
+
+  defp call_grpc({:ok, channel}, module, function_name, request, metadata, timeout) do
+    apply(module, function_name, [channel, request, [metadata: metadata, timeout: timeout]])
+  end
+
+  defp channel do
+    Application.fetch_env!(:front, :service_account_grpc_endpoint)
+    |> GRPC.Stub.connect()
+  end
+
+  defp timeout do
+    15_000
+  end
+
+  defp metadata do
+    nil
+  end
+
+  defp handle_error({:error, error}) do
+    statuses_to_ignore = [GRPC.Status.internal()]
+
+    error
+    |> case do
+      %GRPC.RPCError{status: status, message: message} when status not in statuses_to_ignore ->
+        {:error, message}
+
+      _ ->
+        {:error, "Unknown error, if this persists, please contact support."}
+    end
+  end
+end
@@ -0,0 +1,50 @@
+defmodule Front.Models.ServiceAccount do
+  @moduledoc """
+  Model representing a Service Account
+  """
+
+  defstruct [
+    :id,
+    :name,
+    :description,
+    :org_id,
+    :creator_id,
+    :created_at,
+    :updated_at,
+    :deactivated
+  ]
+
+  @type t :: %__MODULE__{
+          id: String.t(),
+          name: String.t(),
+          description: String.t(),
+          org_id: String.t(),
+          creator_id: String.t(),
+          created_at: DateTime.t(),
+          updated_at: DateTime.t(),
+          deactivated: boolean()
+        }
+
+  @doc """
+  Creates a new ServiceAccount struct from protobuf data
+  """
+  @spec from_proto(InternalApi.ServiceAccount.t()) :: t
+  def from_proto(proto) do
+    %__MODULE__{
+      id: proto.id,
+      name: proto.name,
+      description: proto.description,
+      org_id: proto.org_id,
+      creator_id: proto.creator_id,
+      created_at: timestamp_to_datetime(proto.created_at),
+      updated_at: timestamp_to_datetime(proto.updated_at),
+      deactivated: proto.deactivated
+    }
+  end
+
+  defp timestamp_to_datetime(%Google.Protobuf.Timestamp{seconds: seconds}) do
+    DateTime.from_unix!(seconds)
+  end
+
+  defp timestamp_to_datetime(_), do: DateTime.utc_now()
+end
@@ -0,0 +1,52 @@
+defmodule Front.ServiceAccount do
+  defmodule Behaviour do
+    @callback create(
+                org_id :: String.t(),
+                name :: String.t(),
+                description :: String.t(),
+                creator_id :: String.t()
+              ) :: {:ok, {Front.Models.ServiceAccount.t(), String.t()}} | {:error, any}
+
+    @callback list(
+                org_id :: String.t(),
+                page_size :: integer(),
+                page_token :: String.t() | nil
+              ) :: {:ok, {[Front.Models.ServiceAccount.t()], String.t() | nil}} | {:error, any}
+
+    @callback describe(service_account_id :: String.t()) ::
+                {:ok, Front.Models.ServiceAccount.t()} | {:error, any}
+
+    @callback update(
+                service_account_id :: String.t(),
+                name :: String.t(),
+                description :: String.t()
+              ) :: {:ok, Front.Models.ServiceAccount.t()} | {:error, any}
+
+    @callback delete(service_account_id :: String.t()) :: :ok | {:error, any}
+
+    @callback regenerate_token(service_account_id :: String.t()) ::
+                {:ok, String.t()} | {:error, any}
+  end
+
+  def create(org_id, name, description, creator_id),
+    do: service_account_impl().create(org_id, name, description, creator_id)
+
+  def list(org_id, page_size, page_token \\ nil),
+    do: service_account_impl().list(org_id, page_size, page_token)
+
+  def describe(service_account_id), do: service_account_impl().describe(service_account_id)
+
+  def update(service_account_id, name, description),
+    do: service_account_impl().update(service_account_id, name, description)
+
+  def delete(service_account_id), do: service_account_impl().delete(service_account_id)
+
+  def regenerate_token(service_account_id),
+    do: service_account_impl().regenerate_token(service_account_id)
+
+  defp service_account_impl do
+    {client, _client_opts} = Application.fetch_env!(:front, :service_account_client)
+
+    client
+  end
+end