systemprompt_cli/commands/cloud/tenant/

docker.rs

use anyhow::{anyhow, bail, Context, Result};
use chrono::{DateTime, Utc};
use serde::{Deserialize, Serialize};
use std::fs;
use std::path::{Path, PathBuf};
use std::process::Command;
use std::time::Duration;
use systemprompt_cloud::ProjectContext;
use systemprompt_logging::CliService;

pub const SHARED_CONTAINER_NAME: &str = "systemprompt-postgres-shared";
pub const SHARED_ADMIN_USER: &str = "systemprompt_admin";
pub const SHARED_VOLUME_NAME: &str = "systemprompt-postgres-shared-data";
pub const SHARED_PORT: u16 = 5432;

#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct SharedContainerConfig {
    pub admin_password: String,
    pub port: u16,
    pub created_at: DateTime<Utc>,
    pub tenant_databases: Vec<TenantDatabaseMapping>,
}

#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct TenantDatabaseMapping {
    pub tenant_id: String,
    pub database_name: String,
}

impl SharedContainerConfig {
    pub fn new(admin_password: String, port: u16) -> Self {
        Self {
            admin_password,
            port,
            created_at: Utc::now(),
            tenant_databases: Vec::new(),
        }
    }

    pub fn add_tenant(&mut self, tenant_id: String, database_name: String) {
        self.tenant_databases.push(TenantDatabaseMapping {
            tenant_id,
            database_name,
        });
    }

    pub fn remove_tenant(&mut self, tenant_id: &str) -> Option<TenantDatabaseMapping> {
        self.tenant_databases
            .iter()
            .position(|t| t.tenant_id == tenant_id)
            .map(|pos| self.tenant_databases.remove(pos))
    }
}

pub fn shared_config_path() -> PathBuf {
    let ctx = ProjectContext::discover();
    ctx.docker_dir().join("shared_config.json")
}

pub fn load_shared_config() -> Result<Option<SharedContainerConfig>> {
    let path = shared_config_path();
    if !path.exists() {
        return Ok(None);
    }
    let content =
        fs::read_to_string(&path).with_context(|| format!("Failed to read {}", path.display()))?;
    let config: SharedContainerConfig = serde_json::from_str(&content)
        .with_context(|| format!("Failed to parse {}", path.display()))?;
    Ok(Some(config))
}

pub fn save_shared_config(config: &SharedContainerConfig) -> Result<()> {
    let path = shared_config_path();
    if let Some(parent) = path.parent() {
        fs::create_dir_all(parent)?;
    }
    let content = serde_json::to_string_pretty(config)?;
    fs::write(&path, content)?;

    #[cfg(unix)]
    {
        use std::os::unix::fs::PermissionsExt;
        let mut perms = fs::metadata(&path)?.permissions();
        perms.set_mode(0o600);
        fs::set_permissions(&path, perms)?;
    }

    Ok(())
}

pub fn is_shared_container_running() -> bool {
    let output = Command::new("docker")
        .args(["ps", "-q", "-f", &format!("name={}", SHARED_CONTAINER_NAME)])
        .output();

    match output {
        Ok(out) => !String::from_utf8_lossy(&out.stdout).trim().is_empty(),
        Err(e) => {
            tracing::debug!(error = %e, "Failed to check shared container status");
            false
        },
    }
}

pub fn get_container_password() -> Option<String> {
    let output = Command::new("docker")
        .args([
            "inspect",
            SHARED_CONTAINER_NAME,
            "--format",
            "{{range .Config.Env}}{{println .}}{{end}}",
        ])
        .output();

    match output {
        Ok(out) if out.status.success() => {
            let env_vars = String::from_utf8_lossy(&out.stdout);
            for line in env_vars.lines() {
                if let Some(password) = line.strip_prefix("POSTGRES_PASSWORD=") {
                    return Some(password.to_string());
                }
            }
            None
        },
        Ok(_out) => {
            tracing::debug!("Docker inspect returned non-success exit code");
            None
        },
        Err(e) => {
            tracing::debug!(error = %e, "Failed to inspect container");
            None
        },
    }
}

pub fn check_volume_exists() -> bool {
    let output = Command::new("docker")
        .args([
            "volume",
            "ls",
            "-q",
            "-f",
            &format!("name={}", SHARED_VOLUME_NAME),
        ])
        .output();

    match output {
        Ok(out) => !String::from_utf8_lossy(&out.stdout).trim().is_empty(),
        Err(e) => {
            tracing::debug!(error = %e, "Failed to check volume existence");
            false
        },
    }
}

pub fn remove_shared_volume() -> Result<()> {
    let status = Command::new("docker")
        .args(["volume", "rm", SHARED_VOLUME_NAME])
        .status()
        .context("Failed to remove PostgreSQL volume")?;

    if !status.success() {
        bail!(
            "Failed to remove volume '{}'. Is a container still using it?",
            SHARED_VOLUME_NAME
        );
    }

    Ok(())
}

pub fn generate_shared_postgres_compose(password: &str, port: u16) -> String {
    format!(
        r#"# systemprompt.io Shared PostgreSQL Container
# Generated by: systemprompt cloud tenant create
# Manage: docker compose -f .systemprompt/docker/shared.yaml up/down

services:
  postgres:
    image: postgres:18-alpine
    container_name: {container_name}
    restart: unless-stopped
    environment:
      POSTGRES_USER: {admin_user}
      POSTGRES_PASSWORD: {password}
      POSTGRES_DB: postgres
    ports:
      - "{port}:5432"
    volumes:
      - {volume_name}:/var/lib/postgresql
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U {admin_user}"]
      interval: 5s
      timeout: 5s
      retries: 5

volumes:
  {volume_name}:
    name: {volume_name}
"#,
        container_name = SHARED_CONTAINER_NAME,
        admin_user = SHARED_ADMIN_USER,
        password = password,
        port = port,
        volume_name = SHARED_VOLUME_NAME
    )
}

pub fn generate_admin_password() -> String {
    use std::time::{SystemTime, UNIX_EPOCH};
    let timestamp = SystemTime::now()
        .duration_since(UNIX_EPOCH)
        .map(|d| d.as_nanos())
        .unwrap_or(1);
    let random_part = format!("{:x}{:x}", timestamp, timestamp.wrapping_mul(31337));
    random_part.chars().take(32).collect()
}

pub async fn create_database_for_tenant(
    admin_password: &str,
    port: u16,
    db_name: &str,
) -> Result<()> {
    let database_url = format!(
        "postgres://{}:{}@localhost:{}/postgres",
        SHARED_ADMIN_USER, admin_password, port
    );

    let safe_db_name = sanitize_database_name(db_name);

    let check_query = format!(
        "SELECT 1 FROM pg_database WHERE datname = '{}'",
        safe_db_name
    );
    let check_output = Command::new("docker")
        .args([
            "exec",
            SHARED_CONTAINER_NAME,
            "psql",
            &database_url,
            "-tAc",
            &check_query,
        ])
        .output()
        .context("Failed to check if database exists")?;

    let exists = !String::from_utf8_lossy(&check_output.stdout)
        .trim()
        .is_empty();

    if exists {
        CliService::info(&format!("Database '{}' already exists", safe_db_name));
        return Ok(());
    }

    let create_query = format!("CREATE DATABASE \"{}\"", safe_db_name);
    let status = Command::new("docker")
        .args([
            "exec",
            SHARED_CONTAINER_NAME,
            "psql",
            &database_url,
            "-c",
            &create_query,
        ])
        .status()
        .context("Failed to create database")?;

    if !status.success() {
        bail!("Failed to create database '{}'", safe_db_name);
    }

    Ok(())
}

pub async fn drop_database_for_tenant(
    admin_password: &str,
    port: u16,
    db_name: &str,
) -> Result<()> {
    let database_url = format!(
        "postgres://{}:{}@localhost:{}/postgres",
        SHARED_ADMIN_USER, admin_password, port
    );

    let safe_db_name = sanitize_database_name(db_name);

    let terminate_query = format!(
        "SELECT pg_terminate_backend(pid) FROM pg_stat_activity WHERE datname = '{}' AND pid <> \
         pg_backend_pid()",
        safe_db_name
    );
    if let Err(e) = Command::new("docker")
        .args([
            "exec",
            SHARED_CONTAINER_NAME,
            "psql",
            &database_url,
            "-c",
            &terminate_query,
        ])
        .status()
    {
        tracing::debug!(error = %e, "Failed to terminate existing connections");
    }

    let drop_query = format!("DROP DATABASE IF EXISTS \"{}\"", safe_db_name);
    let status = Command::new("docker")
        .args([
            "exec",
            SHARED_CONTAINER_NAME,
            "psql",
            &database_url,
            "-c",
            &drop_query,
        ])
        .status()
        .context("Failed to drop database")?;

    if !status.success() {
        bail!("Failed to drop database '{}'", safe_db_name);
    }

    Ok(())
}

pub fn stop_shared_container() -> Result<()> {
    let ctx = ProjectContext::discover();
    let compose_path = ctx.docker_dir().join("shared.yaml");

    if compose_path.exists() {
        let compose_path_str = compose_path
            .to_str()
            .ok_or_else(|| anyhow!("Invalid compose path"))?;

        CliService::info("Stopping shared PostgreSQL container...");
        let status = Command::new("docker")
            .args(["compose", "-f", compose_path_str, "down", "-v"])
            .status()
            .context("Failed to stop shared container")?;

        if !status.success() {
            CliService::warning("Failed to stop container via compose, trying direct stop");
        }
    }

    let output = Command::new("docker")
        .args([
            "ps",
            "-aq",
            "-f",
            &format!("name={}", SHARED_CONTAINER_NAME),
        ])
        .output()?;

    let container_id = String::from_utf8_lossy(&output.stdout).trim().to_string();
    if !container_id.is_empty() {
        Command::new("docker")
            .args(["stop", &container_id])
            .status()?;
        Command::new("docker")
            .args(["rm", &container_id])
            .status()?;
    }

    let config_path = shared_config_path();
    if config_path.exists() {
        fs::remove_file(&config_path)?;
    }

    CliService::success("Shared PostgreSQL container removed");
    Ok(())
}

fn sanitize_database_name(name: &str) -> String {
    name.chars()
        .map(|c| {
            if c.is_ascii_alphanumeric() || c == '_' {
                c
            } else {
                '_'
            }
        })
        .collect()
}

pub fn nanoid() -> String {
    use std::time::{SystemTime, UNIX_EPOCH};
    let timestamp = SystemTime::now()
        .duration_since(UNIX_EPOCH)
        .map(|d| d.as_millis())
        .unwrap_or(1);
    format!("{:x}", timestamp)
}

pub async fn wait_for_postgres_healthy(compose_path: &Path, timeout_secs: u64) -> Result<()> {
    let start = std::time::Instant::now();
    let compose_path_str = compose_path
        .to_str()
        .ok_or_else(|| anyhow!("Invalid compose path"))?;

    loop {
        let output = Command::new("docker")
            .args([
                "compose",
                "-f",
                compose_path_str,
                "ps",
                "--format",
                "{{.Health}}",
            ])
            .output()
            .context("Failed to check container health")?;

        let health = String::from_utf8_lossy(&output.stdout).trim().to_string();

        if health.contains("healthy") {
            return Ok(());
        }

        if start.elapsed().as_secs() > timeout_secs {
            bail!(
                "Timeout waiting for PostgreSQL to become healthy.\nCheck logs with: docker \
                 compose -f {} logs",
                compose_path.display()
            );
        }

        tokio::time::sleep(Duration::from_secs(2)).await;
    }
}

pub fn ensure_admin_role(admin_password: &str) -> Result<()> {
    let role_check_query = format!(
        "SELECT 1 FROM pg_roles WHERE rolname = '{}'",
        SHARED_ADMIN_USER
    );
    let check_output = Command::new("docker")
        .args([
            "exec",
            SHARED_CONTAINER_NAME,
            "psql",
            "-U",
            SHARED_ADMIN_USER,
            "-d",
            "postgres",
            "-tAc",
            &role_check_query,
        ])
        .output()
        .context("Failed to check if admin role exists")?;

    let role_exists = !String::from_utf8_lossy(&check_output.stdout)
        .trim()
        .is_empty();

    if role_exists {
        let alter_password_sql = format!(
            "ALTER ROLE \"{}\" WITH PASSWORD '{}'",
            SHARED_ADMIN_USER,
            admin_password.replace('\'', "''")
        );
        let status = Command::new("docker")
            .args([
                "exec",
                SHARED_CONTAINER_NAME,
                "psql",
                "-U",
                SHARED_ADMIN_USER,
                "-d",
                "postgres",
                "-c",
                &alter_password_sql,
            ])
            .status()
            .context("Failed to update admin role password")?;

        if !status.success() {
            bail!("Failed to update password for role '{}'", SHARED_ADMIN_USER);
        }

        return Ok(());
    }

    let create_role_sql = format!(
        "CREATE ROLE \"{}\" WITH LOGIN CREATEDB SUPERUSER PASSWORD '{}'",
        SHARED_ADMIN_USER,
        admin_password.replace('\'', "''")
    );
    let status = Command::new("docker")
        .args([
            "exec",
            SHARED_CONTAINER_NAME,
            "psql",
            "-U",
            SHARED_ADMIN_USER,
            "-d",
            "postgres",
            "-c",
            &create_role_sql,
        ])
        .status()
        .context("Failed to create admin role")?;

    if !status.success() {
        bail!("Failed to create role '{}'", SHARED_ADMIN_USER);
    }

    CliService::success(&format!("Created PostgreSQL role '{}'", SHARED_ADMIN_USER));
    Ok(())
}