docs(auto-rules): update HTTP_API.md (#562)

andrewazores · web-flow · commit af47f3f5b08c · 2021-07-12T17:55:24.000Z
* Correct formatting error

* Add handler descriptions to quick reference table

* Document RulesPostHandler

* Respond 409 if rule with given name already exists

* Document RuleDeleteHandler, RuleGetHandler, RulesGetHandler

* Document TargetCredentialsPostHandler and TargetCredentialsDeleteHandler

* fix typo
diff --git a/HTTP_API.md b/HTTP_API.md
@@ -1200,7 +1200,7 @@ metadata-wrapped and JSON-encoded response format with the following general
 form:
 
 ```
-{ "meta:" { "status:" "statusString", "type:" "mime/type"}, "data:" { "someKey:" someValue } }
+{ "meta": { "status": "statusString", "type": "mime/type"}, "data": { "someKey": someValue } }
 ```
 
 `statusString` will always be `OK` if the response status code is `200`. If the
@@ -1234,14 +1234,22 @@ The handler-specific descriptions below describe how each handler populates the
 
 | What you want to do                                                       | Which handler you should use                                                    |
 | ------------------------------------------------------------------------- | --------------------------------------------------------------------------------|
-| **Recordings in target JVMs**                                             |                                                                                 |
+| **Recordings in Target JVMs**                                             |                                                                                 |
 | Search event types that can be produced by a target JVM                   | [`TargetEventsSearchGetHandler`](#TargetEventsSearchGetHandler)                 |
 | Get a list of recording options for a target JVM                          | [`TargetRecordingOptionsListGetHandler`](#TargetRecordingOptionsListGetHandler) |
 | Create a snapshot recording in a target JVM                               | [`TargetSnapshotPostHandler`](#TargetSnapshotPostHandler-1)                     |
+| **Automated Rules**                                                       |                                                                                 |
+| Create an automated rule definition                                       | [`RulesPostHandler`](#RulesPostHandler)                                         |
+| Delete an automated rule definition                                       | [`RuleDeleteHandler`](#RuleDeleteHandler)                                       |
+| Get an automated rule definition                                          | [`RuleGetHandler`](#RuleGetHandler)                                             |
+| Get all automated rule definitions                                        | [`RulesGetHandler`](#RulesGetHandler)                                           |
+| **Stored Target Credentials**                                             |                                                                                 |
+| Add stored credentials for a target                                       | [`TargetCredentialsPostHandler`](#TargetCredentialsPostHandler)                 |
+| Delete stored credentials for a target                                    | [`TargetCredentialsDeleteHandler`](#TargetCredentialsDeleteHandler)             |
 | **Security**                                                              |                                                                                 |
 | Upload an SSL Certificate                                                 | [`CertificatePostHandler`](#CertificatePostHandler)                             |
 
-### Flight Recorder
+### Recordings in Target JVMs
 
 * #### `TargetEventsSearchGetHandler`
 
@@ -1368,6 +1376,222 @@ The handler-specific descriptions below describe how each handler populates the
     {"meta":{"status":"Created","type":"application/json"},"data":{"result":{"downloadUrl":"http://192.168.0.109:8181/api/v1/targets/service:jmx:rmi:%2F%2F%2Fjndi%2Frmi:%2F%2Flocalhost:9091%2Fjmxrmi/recordings/snapshot-1","reportUrl":"http://192.168.0.109:8181/api/v1/targets/service:jmx:rmi:%2F%2F%2Fjndi%2Frmi:%2F%2Flocalhost:9091%2Fjmxrmi/reports/snapshot-1","id":1,"name":"snapshot-1","state":"STOPPED","startTime":1601998841300,"duration":0,"continuous":true,"toDisk":true,"maxSize":0,"maxAge":0}}}
     ```
 
+### Automated Rules
+
+* #### `RulesPostHandler`
+
+    ##### synopsis
+    Creates a new automated rule definition. Cryostat processes automated rules
+    to start recordings on matching targets as they appear, non-interactively.
+    Newly-POSTed rule definitions will also retroactively apply to already-known
+    targets, if any.
+
+    ##### request
+    `POST /api/v2/rules`
+
+    The request may be an HTTP form or a JSON document. In either case, the
+    attributes `"name"`, `"targetAlias"`, and `"eventSpecifier"` must be
+    provided.
+
+    `"name"`: the name of this rule definition. This must be unique. This name
+    will also be used to generate the name of the associated recordings.
+
+    `"targetAlias"`: targets with an exactly matching `alias` will match this
+    rule definition, activating this rule for the target and causing the defined
+    recording to be started on the target.
+
+    `"eventSpecifier"`: a string of the form `template=Foo,type=TYPE`. This
+    defines the event template that will be used for creating new recordings in
+    matching targets.
+
+    The following attributes are optional:
+
+    `"description"`: a textual description of the purpose or reason for this
+    rule definition. This is informational and for display only.
+
+    `"archivalPeriodSeconds"`: a positive integer value that defines how long
+    Cryostat should wait, in seconds, between archiving snapshots of the
+    recording. The default setting is 30.
+
+    `"preservedArchives"`: a positive integer value that defines how many
+    archived copies of the recording should be kept in storage. When the number
+    of archived copies exceeds this number the oldest copies are deleted from
+    storage. The default setting is 1.
+
+    `"maxAgeSeconds"`: a positive integer value that defines the maximum age of
+    data to be retained in the active, in-memory Flight Recording within the
+    Target JVM. This can be used in combination with `"archivalPeriodSeconds"`
+    to minimize or eliminate data overlap between the end of one archived
+    recording and the start of the subsequent archived recording. If not
+    specified, the default setting is equal to `"archivalPeriodSeconds"`.
+
+    `"maxSizeBytes"`: a positive integer value that defines the maximum size, in
+    bytes, of the active in-memory Flight Recording within the Target JVM. If
+    the recording exceeds this memory size then event data will be dropped from
+    the recording. The default setting is unlimited.
+
+    ##### response
+    `201` - The result is the name of the created rule. The `LOCATION` header
+    will be set and its value will be the relative path to the created resource.
+
+    `400` - The rule definition could not be processed, either because the
+    provided document was malformed or invalid.
+
+    `401` - User authentication failed. The reason is an error message.
+    There will be an `X-WWW-Authenticate: $SCHEME` header that indicates
+    the authentication scheme that is used.
+
+    `409` - A rule with the same name already exists.
+
+    `415` - The request's `Content-Type` was invalid or unrecognized.
+
+    `500` - There was an unexpected error.
+
+    ##### example
+    ```
+    $ curl -X POST -F name="Test Rule" -F description="This is a rule for testing" -F targetAlias="io.cryostat.Cryostat" -F eventSpecifier="template=Continuous,type=TARGET" http://0.0.0.0:8181/api/v2/rules
+    < HTTP/1.1 201 Created
+    < location: /api/v2/rules/Test_Rule
+    < content-length: 79
+    {"meta":{"type":"text/plain","status":"Created"},"data":{"result":"Test_Rule"}}
+    ```
+
+* #### `RuleDeleteHandler`
+
+    ##### synopsis
+    Deletes a rule definition.
+
+    ##### request
+    `DELETE /api/v2/rules/:name`
+
+    ##### response
+    `200` - The result is empty. The rule was successfully deleted.
+
+    `401` - User authentication failed. The reason is an error message.
+    There will be an `X-WWW-Authenticate: $SCHEME` header that indicates
+    the authentication scheme that is used.
+
+    `404` - No rule with the given name exists.
+
+    `500`- An unexpected IOException occurred while deleting the rule
+    definition.
+
+    ##### example
+    ```
+    $ curl -X DELETE http://0.0.0.0:8181/api/v2/rules/Test_Rule
+    {"meta":{"type":"text/plain","status":"OK"},"data":{"result":null}}
+    ```
+
+* #### `RuleGetHandler`
+
+    ##### synopsis
+    Get a JSON document describing a rule definition with the given name.
+
+    ##### request
+    `GET /api/v2/rules/:name`
+
+    ##### response
+    `200` - The result is a JSON string representing the rule definition.
+
+    `401` - User authentication failed. The reason is an error message.
+    There will be an `X-WWW-Authenticate: $SCHEME` header that indicates
+    the authentication scheme that is used.
+
+    `404` - No rule with the given name exists.
+
+    `500` - There was an unexpected error.
+
+    ##### example
+    ```
+    $ curl http://0.0.0.0:8181/api/v2/rules/Test_Rule
+    {"meta":{"type":"application/json","status":"OK"},"data":{"result":{"name":"Test_Rule","description":"This is a rule for testing","targetAlias":"io.cryostat.Cryostat","eventSpecifier":"template=Continuous,type=TARGET","archivalPeriodSeconds":30,"preservedArchives":1,"maxAgeSeconds":30,"maxSizeBytes":-1}}}
+    ```
+
+* #### `RulesGetHandler`
+
+    ##### synopsis
+    Get a JSON array representing all rule definitions.
+
+    ##### request
+    `GET /api/v2/rules`
+
+    ##### response
+    `200` - The result is a JSON array representing all rule definitions.
+
+    `401` - User authentication failed. The reason is an error message.
+    There will be an `X-WWW-Authenticate: $SCHEME` header that indicates
+    the authentication scheme that is used.
+
+    `500` - There was an unexpected error.
+
+    ##### example
+    ```
+    $ curl http://0.0.0.0:8181/api/v2/rules
+    {"meta":{"type":"application/json","status":"OK"},"data":{"result":[{"name":"Test_Rule","description":"This is a rule for testing","targetAlias":"io.cryostat.Cryostat","eventSpecifier":"template=Continuous,type=TARGET","archivalPeriodSeconds":30,"preservedArchives":1,"maxAgeSeconds":30,"maxSizeBytes":-1}]}}
+    ```
+
+### Stored Target Credentials
+
+* #### `TargetCredentialsPostHandler`
+
+    ##### synopsis
+    Creates stored credentials for a given target. These are used for automated
+    rules processing - if a Target JVM requires JMX authentication, Cryostat
+    will use stored credentials when attempting to open JMX connections to the
+    target. These are retained in Cryostat's memory only and not persisted to
+    disk.
+
+    ##### request
+    `POST /api/v2/targets/:targetId/credentials`
+
+    The request should be an HTTP form with the attributes `"username"` and
+    `"password"`. Both are required.
+
+    ##### response
+    `200` - The result is null. The request was processed successfully and the
+    credentials were stored, potentially overriding previous credentials for the
+    same target.
+
+    `400` - `"username"` and/or `"password"` were not provided.
+
+    `401` - User authentication failed. The reason is an error message.
+    There will be an `X-WWW-Authenticate: $SCHEME` header that indicates
+    the authentication scheme that is used.
+
+    `500` - There was an unexpected error.
+
+    ##### example
+    ```
+    $ curl -F username=user -F password=pass http://0.0.0.0:8181/api/v2/targets/localhost/credentials
+    {"meta":{"type":"text/plain","status":"OK"},"data":{"result":null}}
+    ```
+
+* #### `TargetCredentialsDeleteHandler`
+
+    ##### synopsis
+    Deletes stored credentials for a given target.
+
+    ##### request
+    `DELETE /api/v2/targets/:targetId/credentials`
+
+    ##### response
+    `200` - The result is null. The request was processed successfully and the
+    credentials were deleted.
+
+    `404` - The target had no stored credentials.
+
+    `401` - User authentication failed. The reason is an error message.
+    There will be an `X-WWW-Authenticate: $SCHEME` header that indicates
+    the authentication scheme that is used.
+
+    `500` - There was an unexpected error.
+
+    ##### example
+    ```
+    $ curl -X DELETE http://0.0.0.0:8181/api/v2/targets/localhost/credentials
+    {"meta":{"type":"text/plain","status":"OK"},"data":{"result":null}}
+    ```
+
 ### Security
 
 * #### `CertificatePostHandler`
diff --git a/src/main/java/io/cryostat/net/web/http/api/v2/RulesPostHandler.java b/src/main/java/io/cryostat/net/web/http/api/v2/RulesPostHandler.java
@@ -46,6 +46,7 @@
 import io.cryostat.net.web.http.HttpMimeType;
 import io.cryostat.net.web.http.api.ApiVersion;
 import io.cryostat.rules.Rule;
+import io.cryostat.rules.RuleException;
 import io.cryostat.rules.RuleRegistry;
 
 import com.google.gson.Gson;
@@ -137,6 +138,8 @@ public IntermediateResponse<String> handle(RequestParameters params) throws ApiE
 
         try {
             rule = this.ruleRegistry.addRule(rule);
+        } catch (RuleException e) {
+            throw new ApiException(409, e);
         } catch (IOException e) {
             throw new ApiException(
                     500,
diff --git a/src/main/java/io/cryostat/rules/RuleException.java b/src/main/java/io/cryostat/rules/RuleException.java
@@ -39,6 +39,7 @@
 
 import java.io.IOException;
 
+@SuppressWarnings("serial")
 public class RuleException extends IOException {
     RuleException(String reason) {
         super(reason);
