search
Github
githubEdit

πŸ‘–Pocketbase

One-Click uses the open source backend pocketbasearrow-up-right to achieve things like authentication and storing data. It also serves the frontend of One-Click. In the release process the pocketbase and frontend code will get compiled and put into a single container image and pushed to the Github container registry.

Pocketbase offers the ability to extend it with our own golang code. You can listen on certain events and then execute code. We use that to make the Kubernetes api calls and manage the Kubernetes resources created via the frontend interface.

You can find the code under the following link: https://github.com/janlauber/one-click/tree/main/pocketbasearrow-up-right

hashtag
Authentication

Pocketbase uses JWT tokens for authentication. The frontend sends a request to the pocketbase backend with the user credentials. The backend then checks if the user exists and if the password is correct. If everything is correct, the backend will return a JWT token. The frontend will then store this token in the local storage and use it for every request to the backend.

We also support the ability to use the following authentication providers:

  • Google

  • Github

  • Microsoft

The frontend will automatically display the login buttons for these providers if they are enabled in the pocketbase backend.

pocketbase settings

hashtag
Database UML

Generated with the PocketBaseUMLarrow-up-right tool.

UML

hashtag
Endpoints

Pocketbase allows you to create custom endpoints. These endpoints can be used to execute custom code. We use this feature to serve everything to the frontend. The custom endpoints are written in golang and you can find them in the main.go file under the app.OnBeforeServe().Add(func(e *core.ServeEvent) error { function.

hashtag
Get the status of a specific deployment

get
chevron-right
lockRequired scopes
This endpoint requires the following scopes:
  • : read access
  • : write access
Authorizations
OAuth2authorizationCodeRequired
Authorization URL: Token URL:
Path parameters
projectIdstringRequired
deploymentIdstringRequired
Responses
chevron-right
200

Deployment status

application/json
get
/pb/{projectId}/{deploymentId}/status

hashtag
Get metrics for a specific deployment

get
chevron-right
lockRequired scopes
This endpoint requires the following scopes:
  • : read access
  • : write access
Authorizations
OAuth2authorizationCodeRequired
Authorization URL: Token URL:
Path parameters
projectIdstringRequired
deploymentIdstringRequired
Responses
chevron-right
200

Deployment metrics

application/json
get
/pb/{projectId}/{deploymentId}/metrics

hashtag
Get events for a specific deployment

get
chevron-right
lockRequired scopes
This endpoint requires the following scopes:
  • : read access
  • : write access
Authorizations
OAuth2authorizationCodeRequired
Authorization URL: Token URL:
Path parameters
projectIdstringRequired
deploymentIdstringRequired
Responses
chevron-right
200

Events list for the deployment

application/json
get
/pb/{projectId}/{deploymentId}/events

hashtag
Get logs for a specific pod

get
chevron-right
lockRequired scopes
This endpoint requires the following scopes:
  • : read access
  • : write access
Authorizations
OAuth2authorizationCodeRequired
Authorization URL: Token URL:
Path parameters
projectIdstringRequired
podNamestringRequired
Responses
chevron-right
200

Pod logs

application/text
get
/pb/{projectId}/{podName}/logs

hashtag
Retrieve a blueprint by ID

get
chevron-right
lockRequired scopes
This endpoint requires the following scopes:
  • : read access
  • : write access
Authorizations
OAuth2authorizationCodeRequired
Authorization URL: Token URL:
Path parameters
blueprintIdstringRequired
Responses
chevron-right
200

Blueprint details

application/json
get
/pb/blueprints/{blueprintId}

hashtag
Share a blueprint

post
chevron-right
lockRequired scopes
This endpoint requires the following scopes:
  • : read access
  • : write access
Authorizations
OAuth2authorizationCodeRequired
Authorization URL: Token URL:
Path parameters
blueprintIdstringRequired
Responses
chevron-right
200

Blueprint shared successfully

application/json
post
/pb/blueprints/shared/{blueprintId}

hashtag
Trigger an automatic update

post
chevron-right
lockRequired scopes
This endpoint requires the following scopes:
  • : read access
  • : write access
Authorizations
OAuth2authorizationCodeRequired
Authorization URL: Token URL:
Path parameters
autoUpdateIdstringRequired
Responses
chevron-right
200

Update initiated

application/json
post
/pb/auto-update/{autoUpdateId}
200

Update initiated

hashtag
Retrieve cluster information

get
chevron-right
lockRequired scopes
This endpoint requires the following scopes:
  • : read access
  • : write access
Authorizations
OAuth2authorizationCodeRequired
Authorization URL: Token URL:
Responses
chevron-right
200

Cluster information

application/json
get
/pb/cluster-info
200

Cluster information

hashtag
Delete a specific pod

delete
chevron-right
lockRequired scopes
This endpoint requires the following scopes:
  • : read access
  • : write access
Authorizations
OAuth2authorizationCodeRequired
Authorization URL: Token URL:
Path parameters
projectIdstringRequired
podNamestringRequired
Responses
delete
/pb/{projectId}/{podName}
No content

hashtag
Open a WebSocket to receive live deployment updates

get
chevron-right
lockRequired scopes
This endpoint requires the following scopes:
  • : read access
  • : write access
Authorizations
OAuth2authorizationCodeRequired
Authorization URL: Token URL:
Responses
get
/ws/k8s/deployments
101

WebSocket connection established

No content

hashtag
Open a WebSocket to receive live logs from pods

get
chevron-right
lockRequired scopes
This endpoint requires the following scopes:
  • : read access
  • : write access
Authorizations
OAuth2authorizationCodeRequired
Authorization URL: Token URL:
Responses
get
/ws/k8s/logs
101

WebSocket connection established

No content

hashtag
Open a WebSocket to receive live events from deployments

get
chevron-right
lockRequired scopes
This endpoint requires the following scopes:
  • : read access
  • : write access
Authorizations
OAuth2authorizationCodeRequired
Authorization URL: Token URL:
Responses
get
/ws/k8s/events
101

WebSocket connection established

No content

hashtag
Table

Endpoint
Method
Description

/

*

Serves the frontend

/api

*

Serves the backend

/_

*

Serves the backend

/rollouts/:projectId/:rolloutId/status

GET

Get rollout status

/rollouts/:projectId/:rolloutId/metrics

GET

Get rollout metrics

/rollouts/:projectId/:rolloutId/events

GET

Get rollout events

/rollouts/:projectId/:podName/logs

GET

Get pod logs

/pb/blueprints/:blueprintId

GET

Get blueprint

/pb/blueprints/shared/:blueprintId

POST

Share blueprint

/auto-update/:autoUpdateId

POST

Auto update

/cluster-info

GET

Get cluster info

/rollouts/:projectId/:podName

DELETE

Delete pod

/ws/k8s/rollouts

GET

Websocket to get resource updates of a rollout

/ws/k8s/logs

GET

Websocket to get pod logs

/ws/k8s/events

GET

Websocket to get pod events

All endpoints are protected by the JWT authentication, except the websocket endpoints. The frontend will send the JWT token in the header of the request.

hashtag
Environment Variables

Variable Name
Default
Description

LOCAL

false

Set to true if you're running KubeLab locally. It will take your local kubeconfig under .kube/config

LOCAL_KUBECONFIG_FILE

~/.kube/config

Set to the path of your kubeconfig file if you're running KubeLab locally. It will take your local kubeconfig under the specified path

CronTick

*/1 * * * *

The tick in cron notation at which the auto image update will check for new updates in the registry. Do not change this under 1min

hashtag
Extended Information

For more information about pocketbase, please visit the official documentationarrow-up-right. Also dig into the source code of our implementations and try to understand how we use pocketbase in our project.

PreviousPlatform InstallationNextProjects

Last updated

Was this helpful?