disable resource api.

Signed-off-by: morvencao <lcao@redhat.com>

cmd/maestro/server/grpc_server.go

@@ -318,8 +318,6 @@ func decodeResourceSpec(evt *ce.Event) (*api.Resource, error) {
 		return nil, fmt.Errorf("failed to convert cloudevent to resource payload: %v", err)
 	}
 	resource.Payload = payload
-	// set the resource type to bundle from grpc source
-	resource.Type = api.ResourceTypeBundle
 
 	return resource, nil
 }
@@ -337,6 +335,7 @@ func encodeResourceStatus(resource *api.Resource) (*ce.Event, error) {
 		return nil, err
 	}
 
+	// fill the resource status with resource payload
 	if len(resource.Payload) > 0 {
 		specEvt, err := api.JSONMAPToCloudEvent(resource.Payload)
 		if err != nil {

cmd/maestro/server/routes.go

@@ -22,7 +22,7 @@ func (s *apiServer) routes() *mux.Router {
 		check(err, "Can't load OpenAPI specification")
 	}
 
-	resourceHandler := handlers.NewResourceHandler(services.Resources(), services.Generic())
+	resourceBundleHandler := handlers.NewResourceBundleHandler(services.Resources(), services.Generic())
 	consumerHandler := handlers.NewConsumerHandler(services.Consumers(), services.Resources(), services.Generic())
 	errorsHandler := handlers.NewErrorsHandler()
 
@@ -71,20 +71,11 @@ func (s *apiServer) routes() *mux.Router {
 	apiV1ErrorsRouter.HandleFunc("", errorsHandler.List).Methods(http.MethodGet)
 	apiV1ErrorsRouter.HandleFunc("/{id}", errorsHandler.Get).Methods(http.MethodGet)
 
-	//  /api/maestro/v1/resources
-	apiV1ResourceRouter := apiV1Router.PathPrefix("/resources").Subrouter()
-	apiV1ResourceRouter.HandleFunc("", resourceHandler.List).Methods(http.MethodGet)
-	apiV1ResourceRouter.HandleFunc("/{id}", resourceHandler.Get).Methods(http.MethodGet)
-	apiV1ResourceRouter.HandleFunc("", resourceHandler.Create).Methods(http.MethodPost)
-	apiV1ResourceRouter.HandleFunc("/{id}", resourceHandler.Patch).Methods(http.MethodPatch)
-	apiV1ResourceRouter.HandleFunc("/{id}", resourceHandler.Delete).Methods(http.MethodDelete)
-	apiV1ResourceRouter.Use(authMiddleware.AuthenticateAccountJWT)
-	apiV1ResourceRouter.Use(authzMiddleware.AuthorizeApi)
-
 	// /api/maestro/v1/resource-bundles
 	apiV1ResourceBundleRouter := apiV1Router.PathPrefix("/resource-bundles").Subrouter()
-	apiV1ResourceBundleRouter.HandleFunc("", resourceHandler.ListBundle).Methods(http.MethodGet)
-	apiV1ResourceBundleRouter.HandleFunc("/{id}", resourceHandler.GetBundle).Methods(http.MethodGet)
+	apiV1ResourceBundleRouter.HandleFunc("", resourceBundleHandler.List).Methods(http.MethodGet)
+	apiV1ResourceBundleRouter.HandleFunc("/{id}", resourceBundleHandler.Get).Methods(http.MethodGet)
+	apiV1ResourceBundleRouter.HandleFunc("/{id}", resourceBundleHandler.Delete).Methods(http.MethodDelete)
 	apiV1ResourceBundleRouter.Use(authMiddleware.AuthenticateAccountJWT)
 	apiV1ResourceBundleRouter.Use(authzMiddleware.AuthorizeApi)
 

docs/grpc.md

@@ -114,7 +114,7 @@ The `grpcClientTokenFile` stores the token for the corresponding service account
     // grpcOptions.CAFile = grpcServerCAFile
     // ClientCertFile = grpcClientCertFile
     // ClientKeyFile = grpcClientKeyFile
-	// grpcOptions.TokenFile = grpcClientTokenFile
+	  // grpcOptions.TokenFile = grpcClientTokenFile
     grpcSourceOption = grpcoptions.NewSourceOptions(grpcOptions, "grpc-source-example")
     ```
 
@@ -146,9 +146,9 @@ To publish the resource with cloudevents format, you need to call the `Publish`
 ```golang
     // publish the resource in the cloudevents format
     grpcSourceCloudEventsClient.Publish(context.TODO(), types.CloudEventsType{
-		CloudEventsDataType: payload.ManifestEventDataType,
-		SubResource:         types.SubResourceSpec,
-		Action:              config.CreateRequestAction,
+		  CloudEventsDataType: payload.ManifestEventDataType,
+		  SubResource:         types.SubResourceSpec,
+		  Action:              config.CreateRequestAction,
 	}, res)
 ```
 
@@ -161,12 +161,12 @@ see the below for an example of the resource:
 
 ```golang
     resource := &api.Resource{
-		ConsumerID: consumerID,
-		Manifest:   testManifest,
-	}
+	    ConsumerID: consumerID,
+		  Manifest:   testManifest,
+	  }
     ...
     testManifest := map[string]interface{}{}
-	json.Unmarshal(`{
+	  json.Unmarshal(`{
         "apiVersion": "apps/v1",
         "kind": "Deployment",
         "metadata": {

examples/grpc/README.md

@@ -1,28 +1,75 @@
-# CURD Resource/Bundle with gRPC Client
+# Resource Bundle CURD with gRPC Client
 
 ## Preparation
 
-1. Enable gRPC server by passing `--enable-grpc-server=true` to the maestro server start command, for example:
+1. Enable gRPC server by passing `--enable-grpc-server=true` to the maestro server start command:
 
 ```shell
-$ oc -n maestro patch deploy/maestro --type=json -p='[{"op": "add", "path": "/spec/template/spec/containers/0/command/-", "value": "--enable-grpc-server=true"}]'
+$ kubectl -n maestro patch deploy/maestro --type=json -p='[{"op":"add","path":"/spec/template/spec/containers/0/command/-","value":"--enable-grpc-server=true"}]'
 ```
 
-2. Port-forward the gRPC service to your local machine, for example:
+2. Do the port-forward the maestro-grpc service:
 
 ```shell
-$ oc -n maestro port-forward svc/maestro-grpc 8090 &
+$ kubectl -n maestro port-forward svc/maestro-grpc 8090 &
 ```
 
-## Operate Resource Bundle with gRPC client
+## How
+
+1. Set the source ID for the manifestwork client and consumer name:
+
+```shell
+$ export SOURCE_ID=grpc
+$ export CONSUMER_NAME=cluster1
+```
+
+2. Create a resource bundle:
 
 ```shell
 # create
-go run ./grpcclient.go -grpc_server localhost:8090 -cloudevents_json_file ./cloudevent-bundle.json
+$ go run ./grpcclient.go -source=$SOURCE_ID -consumer-name=$CONSUMER_NAME -cloudevent-file ./cloudevent.json
+```
 
-# update
-go run ./grpcclient.go -grpc_server localhost:8090 -cloudevents_json_file ./cloudevent-bundle-update.json
+Note: If your gRPC server enable authentication and authorization, you'll need to provide the CA file for the server and the client's token. For example, after setting up Maestro with `make e2e-test/setup`, you can retrieve the gRPC server's CA, client certificate, key, and token using the following command:
 
-# delete
-go run ./grpcclient.go -grpc_server localhost:8090 -cloudevents_json_file ./cloudevent-bundle-delete.json
+```shell
+kubectl -n maestro get secret maestro-grpc-cert -o jsonpath="{.data.ca\.crt}" | base64 -d > /tmp/grpc-server-ca.crt
+kubectl -n maestro get secret maestro-grpc-cert -o jsonpath="{.data.client\.crt}" | base64 -d > /tmp/grpc-client-cert.crt
+kubectl -n maestro get secret maestro-grpc-cert -o jsonpath="{.data.client\.key}" | base64 -d > /tmp/grpc-client-cert.key
+kubectl -n maestro get secret grpc-client-token  -o jsonpath="{.data.token}" | base64 -d > /tmp/grpc-client-token
+```
+
+You also need to create a cluster role to grant publish & subscribe permissions to the client by running this command:
+
+```shell
+$ cat << EOF | kubectl apply -f -
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: grpc-pub-sub
+rules:
+- nonResourceURLs:
+  - /sources/${SOURCE_ID}
+  verbs:
+  - pub
+  - sub
+EOF
+```
+
+then you can create a resource bundle with the following command:
+
+```shell
+$ go run ./grpcclient.go -source=$SOURCE_ID -consumer-name=$CONSUMER_NAME -cloudevent-file ./cloudevent.json -grpc-server-tls=true -grpc-server=127.0.0.1:30090 -grpc-server-ca-file=/tmp/grpc-server-ca.crt -grpc-client-token-file=/tmp/grpc-client-token
+```
+
+2. Update the resource bundle:
+
+```shell
+$ go run ./grpcclient.go -source=$SOURCE_ID -consumer-name=$CONSUMER_NAME -cloudevent-file ./cloudevent-update.json -grpc-server-tls=true -grpc-server=127.0.0.1:30090 -grpc-server-ca-file=/tmp/grpc-server-ca.crt -grpc-client-token-file=/tmp/grpc-client-token
+```
+
+3. Delete the resource bundle:
+
+```shell
+$ go run ./grpcclient.go -source=$SOURCE_ID -consumer-name=$CONSUMER_NAME -cloudevent-file ./cloudevent-delete.json -grpc-server-tls=true -grpc-server=127.0.0.1:30090 -grpc-server-ca-file=/tmp/grpc-server-ca.crt -grpc-client-token-file=/tmp/grpc-client-token
 ```

examples/grpc/cloudevent-bundle-update.json → examples/grpc/cloudevent-update.json

@@ -9,38 +9,31 @@
     "datacontenttype": "application/json",
     "data": {
         "manifests": [
-            {
-                "apiVersion": "v1",
-                "kind": "ConfigMap",
-                "metadata": {
-                    "name": "web",
-                    "namespace": "default"
-                }
-            },
             {
                 "apiVersion": "apps/v1",
                 "kind": "Deployment",
                 "metadata": {
-                    "name": "web",
+                    "name": "nginx",
                     "namespace": "default"
                 },
                 "spec": {
                     "replicas": 2,
                     "selector": {
                         "matchLabels": {
-                            "app": "web"
+                            "app": "nginx"
                         }
                     },
                     "template": {
                         "metadata": {
                             "labels": {
-                                "app": "web"
+                                "app": "nginx"
                             }
                         },
                         "spec": {
                             "containers": [
                                 {
                                     "image": "nginxinc/nginx-unprivileged",
+                                    "imagePullPolicy": "IfNotPresent",
                                     "name": "nginx"
                                 }
                             ]
@@ -58,7 +51,7 @@
                     "group": "apps",
                     "resource": "deployments",
                     "namespace": "default",
-                    "name": "web"
+                    "name": "nginx"
                 },
                 "feedbackRules": [
                     {

examples/grpc/cloudevent-bundle.json → examples/grpc/cloudevent.json

@@ -9,38 +9,31 @@
     "datacontenttype": "application/json",
     "data": {
         "manifests": [
-            {
-                "apiVersion": "v1",
-                "kind": "ConfigMap",
-                "metadata": {
-                    "name": "web",
-                    "namespace": "default"
-                }
-            },
             {
                 "apiVersion": "apps/v1",
                 "kind": "Deployment",
                 "metadata": {
-                    "name": "web",
+                    "name": "nginx",
                     "namespace": "default"
                 },
                 "spec": {
                     "replicas": 1,
                     "selector": {
                         "matchLabels": {
-                            "app": "web"
+                            "app": "nginx"
                         }
                     },
                     "template": {
                         "metadata": {
                             "labels": {
-                                "app": "web"
+                                "app": "nginx"
                             }
                         },
                         "spec": {
                             "containers": [
                                 {
                                     "image": "nginxinc/nginx-unprivileged",
+                                    "imagePullPolicy": "IfNotPresent",
                                     "name": "nginx"
                                 }
                             ]
@@ -58,7 +51,7 @@
                     "group": "apps",
                     "resource": "deployments",
                     "namespace": "default",
-                    "name": "web"
+                    "name": "nginx"
                 },
                 "feedbackRules": [
                     {