Testing cross site issue

blueprint.py

@@ -0,0 +1,77 @@
+import requests
+import yaml
+import json
+import base64
+
+# The file path for the YAML file to be read
+# You can change this to the path of your YAML file
+YAML_FILE_PATH = 'blueprint.yaml'
+
+# The API endpoint and headers from the curl request
+API_URL = 'http://localhost:3004/v1/org/test/blueprint'
+HEADERS = {
+    'accept': '*/*',
+    'Authorization': 'Bearer v7ix7xha1bmq2on.tzsden374mtmkeczm3tx44uzxsljnrst7nmg7ccr',
+    'Content-Type': 'application/json'
+}
+
+def convert_and_send(file_path, url, headers):
+    """
+    Reads a YAML file, converts its content to a JSON payload,
+    and sends it via a PUT request to a specified URL.
+    """
+    try:
+        # Read the YAML file content
+        with open(file_path, 'r') as file:
+            yaml_content = file.read()
+
+        # Parse the YAML string to a Python dictionary
+        # This will be used to ensure the YAML is valid before sending
+        parsed_yaml = yaml.safe_load(yaml_content)
+
+        # Create the JSON payload. The curl request shows the value
+        # of "blueprint" is a string, which means the raw YAML content
+        # should be sent as a string value for that key.
+        json_payload = {
+            "blueprint": yaml_content
+        }
+
+        # Convert the payload to a JSON string
+        json_string = json.dumps(json_payload)
+
+        # Base64 encode the JSON string
+        encoded_json = base64.b64encode(json_string.encode('utf-8')).decode('utf-8')
+
+        # Create the final payload with the base64 encoded data
+        final_payload = {
+            "blueprint": encoded_json
+        }
+
+        print("Sending the following Base64 encoded JSON payload:")
+        print(final_payload)
+        print("-" * 20)
+
+        # Make the PUT request with the base64 encoded payload
+        response = requests.put(url, headers=headers, json=final_payload)
+
+        # Print the API response for debugging
+        print(f"API Response Status Code: {response.status_code}")
+        print("API Response Content:")
+        print(response.text)
+
+        # Raise an exception for bad status codes (4xx or 5xx)
+        response.raise_for_status()
+
+    except FileNotFoundError:
+        print(f"Error: The file '{file_path}' was not found.")
+    except yaml.YAMLError as e:
+        print(f"Error parsing YAML file: {e}")
+    except requests.exceptions.RequestException as e:
+        print(f"An error occurred during the API request: {e}")
+    except Exception as e:
+        print(f"An unexpected error occurred: {e}")
+
+# Run the function
+if __name__ == "__main__":
+    convert_and_send(YAML_FILE_PATH, API_URL, HEADERS)
+

blueprint.yaml

@@ -0,0 +1,37 @@
+resources:
+  resource-nice-id:
+    name: this is my resource
+    protocol: http
+    full-domain: level1.test3.example.com
+    # host-header: example.com
+    # tls-server-name: example.com
+    auth:
+      pincode: 123456
+      password: sadfasdfadsf
+      sso-enabled: true
+      sso-roles:
+      - Member
+      sso-users:
+      - owen@fossorial.io
+      whitelist-users:
+      - owen@fossorial.io
+    targets:
+    # - site: glossy-plains-viscacha-rat
+    # - hostname: localhost
+    #   method: http
+    #   port: 8000
+    #   healthcheck:
+    #     port: 8000
+    #     hostname: localhost
+    # - site: glossy-plains-viscacha-rat
+    # - hostname: localhost
+    #   method: http
+    #   port: 8001
+  # resource-nice-id2:
+  #   name: this is other resource
+  #   protocol: tcp
+  #   proxy-port: 3000
+  #   targets:
+  #   # - site: glossy-plains-viscacha-rat
+  #   - hostname: localhost
+  #     port: 3000

messages/en-US.json

@@ -1140,8 +1140,8 @@
     "sidebarLicense": "License",
     "sidebarClients": "Clients (Beta)",
     "sidebarDomains": "Domains",
-    "enableDockerSocket": "Enable Docker Socket",
+    "enableDockerSocket": "Enable Docker Blueprint",
-    "enableDockerSocketDescription": "Enable Docker Socket discovery for populating container information. Socket path must be provided to Newt.",
+    "enableDockerSocketDescription": "Enable Docker Socket label scraping for blueprint labels. Socket path must be provided to Newt.",
     "enableDockerSocketLink": "Learn More",
     "viewDockerContainers": "View Docker Containers",
     "containersIn": "Containers in {siteName}",

server/lib/blueprints/resources.ts

@@ -68,7 +68,7 @@ export async function updateResources(
                     )
                     .limit(1);
             } else {
-                throw new Error(`Target site ID is required`);
+                throw new Error(`Target site is required`);
             }
 
             if (!site) {
@@ -712,7 +712,7 @@ async function getDomainId(
     }
 
     const validDomains = possibleDomains.filter((domain) => {
-        if (domain.domains.type == "ns") {
+        if (domain.domains.type == "ns" || domain.domains.type == "wildcard") {
             return (
                 fullDomain === domain.domains.baseDomain ||
                 fullDomain.endsWith(`.${domain.domains.baseDomain}`)

server/routers/org/applyBlueprint.ts

@@ -41,9 +41,10 @@ const applyBlueprintParamsSchema = z
 registry.registerPath({
     method: "put",
     path: "/org/{orgId}/blueprint",
-    description: "Apply a blueprint to an organization",
+    description: "Apply a base64 encoded blueprint to an organization",
     tags: [OpenAPITags.Org],
     request: {
+        params: applyBlueprintParamsSchema,
         body: {
             content: {
                 "application/json": {
@@ -93,7 +94,10 @@ export async function applyBlueprint(
         logger.debug(`Received blueprint: ${blueprint}`);
 
         try {
-            const blueprintParsed = JSON.parse(blueprint);
+            // first base64 decode the blueprint
+            const decoded = Buffer.from(blueprint, "base64").toString("utf-8");
+            // then parse the json
+            const blueprintParsed = JSON.parse(decoded);
             // Update the blueprint in the database
             await applyBlueprintFunc(orgId, blueprintParsed);
         } catch (error) {