Skip to content

Commit

Permalink
Merge pull request #1045 from OpenFn/github-cert-fixes
Browse files Browse the repository at this point in the history 
GitHub cert fixes
  • Loading branch information
@taylordowns2000
taylordowns2000 authored Aug 23, 2023
2 parents cddf52f + 5f50249 commit 7c60215
Show file tree
Hide file tree
Showing 5 changed files with 157 additions and 60 deletions.
8 changes: 7 additions & 1 deletion config/runtime.exs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,9 +47,15 @@ github_app_id =
Application.get_env(:lightning, :github_app, [])
|> Keyword.get(:app_id, nil)

github_app_name =
System.get_env("GITHUB_APP_NAME") ||
Application.get_env(:lightning, :github_app, [])
|> Keyword.get(:app_id, nil)

config :lightning, :github_app,
cert: decoded_cert,
app_id: github_app_id
app_id: github_app_id,
app_name: github_app_name

config :lightning, :image_info,
image_tag: image_tag,
Expand Down
58 changes: 36 additions & 22 deletions lib/lightning/version_control/github_client.ex
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ defmodule Lightning.VersionControl.GithubClient do
to github from Lightning
"""
use Tesla
require Logger
alias Lightning.VersionControl.GithubToken

plug(Tesla.Middleware.BaseUrl, "https://api.github.com")
Expand All @@ -26,22 +27,6 @@ defmodule Lightning.VersionControl.GithubClient do
end
end

defp installation_id_error do
{:error,
%{
message:
"Invalid installation ID, ensure to use the ID provided by Github"
}}
end

defp invalid_pem_error do
{:error,
%{
message:
"Invalid Github PEM KEY, ensure to use the KEY provided by Github"
}}
end

def get_repo_branches(installation_id, repo_name) do
with {:ok, installation_client} <- build_client(installation_id),
{:ok, %{status: 200} = branches} <-
Expand All @@ -61,14 +46,15 @@ defmodule Lightning.VersionControl.GithubClient do
end
end

def fire_repository_dispatch(installation_id, repo_name, user_name) do
def fire_repository_dispatch(installation_id, repo_name, user_email) do
with {:ok, installation_client} <- build_client(installation_id),
{:ok, %{status: 204}} <-
installation_client
|> post("/repos/#{repo_name}/dispatches", %{
event_type: "Sync by: #{user_name}",
client_payload:
"#{user_name} is synced a new project spec and state"
event_type: "Sync by: #{user_email}",
client_payload: %{
message: "#{user_email} initiated a sync from Lightning"
}
}) do
{:ok, :fired}
else
Expand All @@ -78,11 +64,39 @@ defmodule Lightning.VersionControl.GithubClient do
{:error, :invalid_pem} ->
invalid_pem_error()

_ ->
err ->
Logger.error(inspect(err))
{:error, "Error Initiating sync"}
end
end

def send_sentry_error(msg) do
Sentry.capture_message("Github configuration error",
message: msg,
tags: %{type: "github"}
)
end

defp installation_id_error do
send_sentry_error("Github Installation APP ID is misconfigured")

{:error,
%{
message:
"Sorry, it seems that the GitHub App ID has not been properly configured for this instance of Lightning. Please contact the instance administrator"
}}
end

defp invalid_pem_error do
send_sentry_error("Github Cert is misconfigured")

{:error,
%{
message:
"Sorry, it seems that the GitHub cert has not been properly configured for this instance of Lightning. Please contact the instance administrator"
}}
end

defp build_client(installation_id) do
%{cert: cert, app_id: app_id} =
Application.get_env(:lightning, :github_app)
Expand All @@ -99,7 +113,7 @@ defmodule Lightning.VersionControl.GithubClient do
{:ok, installation_token_resp} <-
client
|> post("/app/installations/#{installation_id}/access_tokens", ""),
200 <-
201 <-
installation_token_resp.status do
installation_token = installation_token_resp.body["token"]

Expand Down
61 changes: 45 additions & 16 deletions lib/lightning_web/live/project_live/settings.ex
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ defmodule LightningWeb.ProjectLive.Settings do
@moduledoc """
Index Liveview for Runs
"""
alias Lightning.VersionControl.GithubClient
use LightningWeb, :live_view

alias Lightning.VersionControl
Expand Down Expand Up @@ -246,28 +247,58 @@ defmodule LightningWeb.ProjectLive.Settings do
user_id = socket.assigns.current_user.id
project_id = socket.assigns.project.id

{:ok, _connection} =
VersionControl.create_github_connection(%{
user_id: user_id,
project_id: project_id
})
case Application.get_env(:lightning, :github_app) |> Map.new() do
%{app_name: nil} ->
# Send to sentry and show cozy error

GithubClient.send_sentry_error("Github App Name Misconfigured")

{:noreply,
socket
|> put_flash(
:error,
"Sorry, it seems that the GitHub App Name has not been properly configured for this instance of Lighting. Please contact the instance administrator"
)}

%{app_name: app_name} ->
{:ok, _connection} =
VersionControl.create_github_connection(%{
user_id: user_id,
project_id: project_id
})

{:noreply, redirect(socket, external: "https://github.com/apps/openfn")}
{:noreply,
redirect(socket, external: "https://github.com/apps/#{app_name}")}
end
end

def handle_event("reinstall_app", _, socket) do
user_id = socket.assigns.current_user.id
project_id = socket.assigns.project.id

{:ok, _} = VersionControl.remove_github_connection(project_id)
case Application.get_env(:lightning, :github_app) |> Map.new() do
%{app_name: nil} ->
GithubClient.send_sentry_error("Github App Name Misconfigured")

{:ok, _connection} =
VersionControl.create_github_connection(%{
user_id: user_id,
project_id: project_id
})
{:noreply,
socket
|> put_flash(
:error,
"Sorry, it seems that the GitHub App Name has not been properly configured for this instance of Lighting. Please contact the instance administrator"
)}

%{app_name: app_name} ->
{:ok, _} = VersionControl.remove_github_connection(project_id)

{:noreply, redirect(socket, external: "https://github.com/apps/openfn")}
{:ok, _connection} =
VersionControl.create_github_connection(%{
user_id: user_id,
project_id: project_id
})

{:noreply,
redirect(socket, external: "https://github.com/apps/#{app_name}")}
end
end

def handle_event("delete_repo_connection", _, socket) do
Expand Down Expand Up @@ -298,9 +329,7 @@ defmodule LightningWeb.ProjectLive.Settings do
end

def handle_event("run_sync", params, %{assigns: %{current_user: u}} = socket) do
user_name = u.first_name <> " " <> u.last_name

case VersionControl.run_sync(params["id"], user_name) do
case VersionControl.run_sync(params["id"], u.email) do
{:ok, :fired} ->
{:noreply, socket |> put_flash(:info, "Sync Initialized")}

Expand Down
24 changes: 16 additions & 8 deletions test/lightning/version_control/github_client_test.exs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,11 @@ defmodule Lightning.VersionControl.GithubClientTest do

describe "Non success Github Client" do
setup do
put_temporary_env(:lightning, :github_app, cert: @cert, app_id: "111111")
put_temporary_env(:lightning, :github_app,
cert: @cert,
app_id: "111111",
app_name: "test-github"
)

Tesla.Mock.mock(fn env ->
case env.url do
Expand All @@ -26,7 +30,7 @@ defmodule Lightning.VersionControl.GithubClientTest do
%Tesla.Env{status: 404}

"https://api.github.com/repos/some/repo/branches" ->
%Tesla.Env{status: 201}
%Tesla.Env{status: 400}
end
end)
end
Expand All @@ -37,7 +41,7 @@ defmodule Lightning.VersionControl.GithubClientTest do
assert {:error,
%{
message:
"Invalid installation ID, ensure to use the ID provided by Github"
"Sorry, it seems that the GitHub App ID has not been properly configured for this instance of Lightning. Please contact the instance administrator"
}} =
VersionControl.fetch_installation_repos(p_repo.project_id)
end
Expand All @@ -48,7 +52,7 @@ defmodule Lightning.VersionControl.GithubClientTest do
assert {:error,
%{
message:
"Invalid Github PEM KEY, ensure to use the KEY provided by Github"
"Sorry, it seems that the GitHub cert has not been properly configured for this instance of Lightning. Please contact the instance administrator"
}} =
VersionControl.run_sync(p_repo.project_id, "some-user-name")
end
Expand All @@ -59,7 +63,7 @@ defmodule Lightning.VersionControl.GithubClientTest do
assert {:error,
%{
message:
"Invalid installation ID, ensure to use the ID provided by Github"
"Sorry, it seems that the GitHub App ID has not been properly configured for this instance of Lightning. Please contact the instance administrator"
}} =
VersionControl.fetch_repo_branches(p_repo.project_id, p_repo.repo)
end
Expand All @@ -70,20 +74,24 @@ defmodule Lightning.VersionControl.GithubClientTest do
assert {:error,
%{
message:
"Invalid installation ID, ensure to use the ID provided by Github"
"Sorry, it seems that the GitHub App ID has not been properly configured for this instance of Lightning. Please contact the instance administrator"
}} =
VersionControl.fetch_installation_repos(p_repo.project_id)
end
end

describe "Github Client" do
setup do
put_temporary_env(:lightning, :github_app, cert: @cert, app_id: "111111")
put_temporary_env(:lightning, :github_app,
cert: @cert,
app_id: "111111",
app_name: "test-github"
)

Tesla.Mock.mock(fn env ->
case env.url do
"https://api.github.com/app/installations/some-id/access_tokens" ->
%Tesla.Env{status: 200, body: %{"token" => "some-token"}}
%Tesla.Env{status: 201, body: %{"token" => "some-token"}}

"https://api.github.com/installation/repositories" ->
%Tesla.Env{
Expand Down
Loading

0 comments on commit 7c60215

Please sign in to comment.