WIP: feat: Add support for GitHub
All checks were successful
ci/woodpecker/push/push-next Pipeline was successful
ci/woodpecker/push/cron-docker-builder Pipeline was successful
ci/woodpecker/push/tag-created Pipeline was successful

This doesn't include GitHub Enterprise
This commit is contained in:
Paul Campbell 2024-05-25 11:25:13 +01:00
parent 9f04b1ae6c
commit e703120806
38 changed files with 668 additions and 309 deletions

View file

@ -7,6 +7,7 @@ members = [
"crates/git",
"crates/forge",
"crates/forge-forgejo",
"crates/forge-github",
"crates/repo-actor",
]
@ -26,6 +27,7 @@ git-next-config = { path = "crates/config" }
git-next-git = { path = "crates/git" }
git-next-forge = { path = "crates/forge" }
git-next-forge-forgejo = { path = "crates/forge-forgejo" }
git-next-forge-github = { path = "crates/forge-github" }
git-next-repo-actor = { path = "crates/repo-actor" }
# CLI parsing

View file

@ -172,6 +172,46 @@ In the directory with your `git-next-server.toml` file, run the command:
git next server start
```
### Forges
The following forges are supported: [ForgeJo](https://forgejo.org) and [GitHub](https://github.com/).
#### ForgeJo
Configure the forge in `git-next-server.toml` like:
```toml
[forge.jo]
forge_type = "ForgeJo"
hostname = "git.myforgejo.com"
user = "bob"
token = "..."
[forge.jo.repos]
hello = { repo = "user/hello", branch = "main", gitdir = "/opt/git/projects/user/hello.git" } # maps to https://git.example.net/user/hello on the branch 'main'
world = { repo = "user/world", branch = "master", main = "master", next = "upcoming", "dev" = "develop" } # maps to the 'master' branch
```
The token is created `/user/settings/applications` and requires the `write:repository` permission.
#### GitHub
Configure the forge in `git-next-server.toml` like:
```toml
[forge.gh]
forge_type = "GitHub"
hostname = "github.com"
user = "bob"
token = "..."
[forge.gh.repos]
hello = { repo = "user/hello", branch = "main", gitdir = "/opt/git/projects/user/hello.git" } # maps to https://github.com/user/hello on the branch 'main'
world = { repo = "user/world", branch = "master", main = "master", next = "upcoming", "dev" = "develop" } # maps to the 'master' branch
```
The token is created [here](https://github.com/settings/tokens/new) and requires the `repo` and `admin:repo_hook` permissions.
## Contributing
Contributions to `git-next` are welcome! If you find a bug or have a feature
@ -201,15 +241,17 @@ stateDiagram-v2
forge --> config
forge --> git
forge --> forgejo
forge --> github
forgejo --> config
forgejo --> git
github --> config
github --> git
repo_actor --> config
repo_actor --> git
repo_actor --> forge
```
## License

View file

@ -4,7 +4,7 @@ version = { workspace = true }
edition = { workspace = true }
[features]
default = ["forgejo"]
default = ["forgejo", "github"]
forgejo = []
github = []
@ -36,9 +36,9 @@ secrecy = { workspace = true }
# # Conventional Commit check
# git-conventional = { workspace = true }
#
# # Webhooks
# Webhooks
# bytes = { workspace = true }
# ulid = { workspace = true }
ulid = { workspace = true }
# warp = { workspace = true }
# boilerplate

View file

@ -4,7 +4,8 @@ pub enum ForgeType {
#[cfg(feature = "forgejo")]
ForgeJo,
// Gitea,
// GitHub,
#[cfg(feature = "github")]
GitHub,
// GitLab,
// BitBucket,
#[default]

View file

@ -8,6 +8,7 @@ mod forge_name;
mod forge_type;
pub mod git_dir;
mod host_name;
mod registered_webhook;
mod repo_alias;
mod repo_branches;
mod repo_config;
@ -16,6 +17,8 @@ mod repo_path;
pub mod server;
mod server_repo_config;
mod user;
mod webhook_auth;
mod webhook_id;
#[cfg(test)]
mod tests;
@ -28,6 +31,7 @@ pub use forge_name::ForgeName;
pub use forge_type::ForgeType;
pub use git_dir::GitDir;
pub use host_name::Hostname;
pub use registered_webhook::RegisteredWebhook;
pub use repo_alias::RepoAlias;
pub use repo_branches::RepoBranches;
pub use repo_config::RepoConfig;
@ -35,3 +39,5 @@ pub use repo_config_source::RepoConfigSource;
pub use repo_path::RepoPath;
pub use server_repo_config::ServerRepoConfig;
pub use user::User;
pub use webhook_auth::WebhookAuth;
pub use webhook_id::WebhookId;

View file

@ -0,0 +1,16 @@
//
use crate as config;
#[derive(Debug, derive_more::Constructor)]
pub struct RegisteredWebhook {
id: config::WebhookId,
auth: config::WebhookAuth,
}
impl RegisteredWebhook {
pub const fn id(&self) -> &config::WebhookId {
&self.id
}
pub const fn auth(&self) -> &config::WebhookAuth {
&self.auth
}
}

View file

@ -0,0 +1,19 @@
use std::str::FromStr as _;
#[derive(Clone, Debug, PartialEq, Eq, derive_more::Deref, derive_more::Display)]
pub struct WebhookAuth(ulid::Ulid);
impl WebhookAuth {
pub fn new(authorisation: &str) -> Result<Self, ulid::DecodeError> {
let id = ulid::Ulid::from_str(authorisation)?;
tracing::info!("Parse auth token: {}", id);
Ok(Self(id))
}
pub fn generate() -> Self {
Self(ulid::Ulid::new())
}
pub fn header_value(&self) -> String {
format!("Basic {}", self)
}
}

View file

@ -0,0 +1,4 @@
use derive_more::{Constructor, Deref, Display};
#[derive(Clone, Debug, PartialEq, Eq, Constructor, Deref, Display)]
pub struct WebhookId(String);

View file

@ -1,7 +1,14 @@
//
mod webhook;
use git::forge::commit::Status;
use git_next_config as config;
use git_next_git as git;
use kxio::network::{self, Network};
use tracing::{error, warn};
use tracing::warn;
use crate::webhook::list::list_webhooks;
#[derive(Clone, Debug)]
pub struct ForgeJo {
@ -19,7 +26,7 @@ impl git::ForgeLike for ForgeJo {
"forgejo".to_string()
}
async fn commit_status(&self, commit: &git::Commit) -> git::commit::Status {
async fn commit_status(&self, commit: &git::Commit) -> Status {
let repo_details = &self.repo_details;
let hostname = &repo_details.forge.hostname();
let repo_path = &repo_details.repo_path;
@ -44,33 +51,54 @@ impl git::ForgeLike for ForgeJo {
Ok(response) => {
match response.response_body() {
Some(status) => match status.state {
CommitStatusState::Success => git::commit::Status::Pass,
CommitStatusState::Pending => git::commit::Status::Pending,
CommitStatusState::Failure => git::commit::Status::Fail,
CommitStatusState::Error => git::commit::Status::Fail,
CommitStatusState::Blank => git::commit::Status::Pending,
ForgejoState::Success => Status::Pass,
ForgejoState::Pending => Status::Pending,
ForgejoState::Failure => Status::Fail,
ForgejoState::Error => Status::Fail,
ForgejoState::Blank => Status::Pending,
},
None => {
warn!("No status found for commit");
git::commit::Status::Pending // assume issue is transient and allow retry
Status::Pending // assume issue is transient and allow retry
}
}
}
Err(e) => {
error!(?e, "Failed to get commit status");
git::commit::Status::Pending // assume issue is transient and allow retry
}
warn!(?e, "Failed to get commit status");
Status::Pending // assume issue is transient and allow retry
}
}
}
#[derive(Debug, serde::Deserialize)]
pub struct CombinedStatus {
pub state: CommitStatusState,
async fn list_webhooks(
&self,
webhook_url: &config::server::WebhookUrl,
) -> git::forge::webhook::Result<Vec<config::WebhookId>> {
list_webhooks(&self.repo_details, webhook_url, &self.net).await
}
async fn unregister_webhook(
&self,
webhook_id: &config::WebhookId,
) -> git::forge::webhook::Result<()> {
webhook::unregister::unregister(webhook_id, &self.repo_details, &self.net).await
}
async fn register_webhook(
&self,
webhook_url: &config::server::WebhookUrl,
) -> git::forge::webhook::Result<config::RegisteredWebhook> {
webhook::register::register(&self.repo_details, webhook_url, &self.net).await
}
}
#[derive(Debug, serde::Deserialize)]
pub enum CommitStatusState {
struct CombinedStatus {
pub state: ForgejoState,
}
#[derive(Debug, serde::Deserialize)]
enum ForgejoState {
#[serde(rename = "success")]
Success,
#[serde(rename = "pending")]

View file

@ -0,0 +1,54 @@
//
use git_next_config as config;
use git_next_git as git;
use kxio::network;
use crate::webhook::Hook;
pub async fn list_webhooks(
repo_details: &git::RepoDetails,
webhook_url: &config::server::WebhookUrl,
net: &network::Network,
) -> git::forge::webhook::Result<Vec<config::WebhookId>> {
let mut ids: Vec<config::WebhookId> = vec![];
let hostname = &repo_details.forge.hostname();
let repo_path = &repo_details.repo_path;
let mut page = 1;
loop {
use secrecy::ExposeSecret;
let token = &repo_details.forge.token().expose_secret();
let url =
format!("https://{hostname}/api/v1/repos/{repo_path}/hooks?page={page}&token={token}");
let net_url = network::NetUrl::new(url);
let request = network::NetRequest::new(
network::RequestMethod::Get,
net_url,
network::NetRequestHeaders::new(),
network::RequestBody::None,
network::ResponseType::Json,
None,
network::NetRequestLogging::None,
);
let result = net.get::<Vec<Hook>>(request).await;
match result {
Ok(response) => {
if let Some(list) = response.response_body() {
if list.is_empty() {
return Ok(ids);
}
for hook in list {
if let Some(existing_url) = hook.config.get("url") {
if existing_url.starts_with(webhook_url.as_ref()) {
ids.push(hook.id());
}
}
}
page += 1;
}
}
Err(e) => {
return Err(git::forge::webhook::Error::Network(e));
}
};
}
}

View file

@ -0,0 +1,19 @@
//
use git_next_config as config;
use std::collections::HashMap;
pub mod list;
pub mod register;
pub mod unregister;
#[derive(Debug, serde::Deserialize)]
struct Hook {
id: i64,
config: HashMap<String, String>,
}
impl Hook {
fn id(&self) -> config::WebhookId {
config::WebhookId::new(format!("{}", self.id))
}
}

View file

@ -0,0 +1,75 @@
//
use git_next_config as config;
use git_next_git as git;
use kxio::network;
use tracing::{info, warn};
use crate::webhook::{list::list_webhooks, unregister::unregister, Hook};
#[tracing::instrument(skip_all)]
// TODO: caller must do this: addr.do_send(WebhookRegistered(hook.id(), authorisation));
pub async fn register(
repo_details: &git::RepoDetails,
webhook_url: &config::server::WebhookUrl,
net: &network::Network,
) -> git::forge::webhook::Result<config::RegisteredWebhook> {
let Some(repo_config) = repo_details.repo_config.clone() else {
return Err(git::forge::webhook::Error::NoRepoConfig);
};
// remove any lingering webhooks for the same URL
let existing_webhook_ids = list_webhooks(repo_details, webhook_url, net).await?;
for webhook_id in existing_webhook_ids {
unregister(&webhook_id, repo_details, net).await?;
}
let hostname = &repo_details.forge.hostname();
let repo_path = &repo_details.repo_path;
use secrecy::ExposeSecret;
let token = repo_details.forge.token().expose_secret();
let url = network::NetUrl::new(format!(
"https://{hostname}/api/v1/repos/{repo_path}/hooks?token={token}"
));
let repo_alias = &repo_details.repo_alias;
let headers = network::NetRequestHeaders::new().with("Content-Type", "application/json");
let authorisation = config::WebhookAuth::generate();
let body = network::json!({
"active": true,
"authorization_header": authorisation.header_value(),
"branch_filter": format!("{{{},{},{}}}", repo_config.branches().main(), repo_config.branches().next(), repo_config.branches().dev()),
"config": {
"content_type": "json",
"url": format!("{}/{}", webhook_url.as_ref(), repo_alias),
},
"events": [ "push" ],
"type": "forgejo"
});
let request = network::NetRequest::new(
network::RequestMethod::Post,
url,
headers,
network::RequestBody::Json(body),
network::ResponseType::Json,
None,
network::NetRequestLogging::None,
);
let result = net.post_json::<Hook>(request).await;
match result {
Ok(response) => {
let Some(hook) = response.response_body() else {
return Err(git::forge::webhook::Error::NetworkResponseEmpty);
};
info!(webhook_id = %hook.id, "Webhook registered");
Ok(config::RegisteredWebhook::new(
config::WebhookId::new(format!("{}", hook.id)),
authorisation,
))
}
Err(e) => {
warn!("Failed to register webhook");
Err(git::forge::webhook::Error::FailedToRegister(e.to_string()))
}
}
}

View file

@ -0,0 +1,30 @@
//
use git_next_config as config;
use git_next_git as git;
use kxio::network;
pub async fn unregister(
webhook_id: &config::WebhookId,
repo_details: &git::RepoDetails,
net: &network::Network,
) -> git::forge::webhook::Result<()> {
let hostname = &repo_details.forge.hostname();
let repo_path = &repo_details.repo_path;
use secrecy::ExposeSecret;
let token = repo_details.forge.token().expose_secret();
let url = network::NetUrl::new(format!(
"https://{hostname}/api/v1/repos/{repo_path}/hooks/{webhook_id}?token={token}"
));
let request = network::NetRequest::new(
network::RequestMethod::Delete,
url,
network::NetRequestHeaders::new(),
network::RequestBody::None,
network::ResponseType::None,
None,
network::NetRequestLogging::None,
);
let result = net.delete(request).await;
Ok(result.map(|_| ())?)
}

View file

@ -0,0 +1,59 @@
[package]
name = "git-next-forge-github"
version = { workspace = true }
edition = { workspace = true }
[dependencies]
git-next-config = { workspace = true }
git-next-git = { workspace = true }
# logging
console-subscriber = { workspace = true }
tracing = { workspace = true }
tracing-subscriber = { workspace = true }
# base64 decoding
base64 = { workspace = true }
# git
async-trait = { workspace = true }
# fs/network
kxio = { workspace = true }
# TOML parsing
serde = { workspace = true }
serde_json = { workspace = true }
toml = { workspace = true }
# Secrets and Password
secrecy = { workspace = true }
# Conventional Commit check
git-conventional = { workspace = true }
# Webhooks
bytes = { workspace = true }
ulid = { workspace = true }
warp = { workspace = true }
# boilerplate
derive_more = { workspace = true }
# file watcher
inotify = { workspace = true }
# # Actors
# actix = { workspace = true }
# actix-rt = { workspace = true }
tokio = { workspace = true }
[dev-dependencies]
# Testing
assert2 = { workspace = true }
[lints.clippy]
nursery = { level = "warn", priority = -1 }
# pedantic = "warn"
unwrap_used = "warn"
expect_used = "warn"

View file

@ -0,0 +1,122 @@
//
use derive_more::Constructor;
use git::forge::commit::Status;
use git_next_config as config;
use git_next_git as git;
use kxio::network::{self, Network};
use tracing::warn;
#[derive(Clone, Debug, Constructor)]
pub struct Github {
repo_details: git::RepoDetails,
net: Network,
}
#[async_trait::async_trait]
impl git_next_git::ForgeLike for Github {
fn name(&self) -> String {
"github".to_string()
}
/// Checks the results of any (e.g. CI) status checks for the commit.
///
/// GitHub: https://docs.github.com/en/rest/commits/statuses?apiVersion=2022-11-28#list-commit-statuses-for-a-reference
async fn commit_status(&self, commit: &git::Commit) -> Status {
let repo_details = &self.repo_details;
let repo_path = &repo_details.repo_path;
let api_token = &repo_details.forge.token();
use secrecy::ExposeSecret;
let token = api_token.expose_secret();
let url = network::NetUrl::new(format!(
"https://api.github.com/repos/${repo_path}/commits/{commit}/check-runs"
));
let headers = network::NetRequestHeaders::new()
.with("X-GitHub-Api-Version", "2022-11-28")
.with("Authorization", format!("Bearer: {token}").as_str());
let request = network::NetRequest::new(
network::RequestMethod::Get,
url,
headers,
network::RequestBody::None,
network::ResponseType::Json,
None,
network::NetRequestLogging::Both, // TODO: change this to None
);
let result = self.net.get::<Vec<GitHubStatus>>(request).await;
match result {
Ok(response) => response.response_body().map_or_else(
|| {
warn!("No status found for commit");
Status::Pending // assume issue is transient and allow retry
},
|statuses| {
statuses
.into_iter()
.map(|status| match status.state {
GithubState::Success => Status::Pass,
GithubState::Pending => Status::Pending,
GithubState::Failure => Status::Fail,
GithubState::Error => Status::Fail,
GithubState::Blank => Status::Pending,
})
.reduce(|l, r| match (l, r) {
(Status::Pass, Status::Pass) => Status::Pass,
(_, Status::Fail) => Status::Fail,
(_, Status::Pending) => Status::Pending,
(Status::Fail, _) => Status::Fail,
(Status::Pending, _) => Status::Pending,
})
.unwrap_or_else(|| {
warn!("No status checks configured for 'next' branch",);
Status::Pass
})
},
),
Err(e) => {
warn!(?e, "Failed to get commit status");
Status::Pending // assume issue is transient and allow retry
}
}
}
async fn list_webhooks(
&self,
_webhook_url: &config::server::WebhookUrl,
) -> git::forge::webhook::Result<Vec<config::WebhookId>> {
todo!()
}
async fn unregister_webhook(
&self,
_webhook_id: &config::WebhookId,
) -> git::forge::webhook::Result<()> {
todo!()
}
async fn register_webhook(
&self,
_webhook_url: &config::server::WebhookUrl,
) -> git::forge::webhook::Result<config::RegisteredWebhook> {
todo!()
}
}
#[derive(Debug, serde::Deserialize)]
struct GitHubStatus {
pub state: GithubState,
// other fields that we ignore
}
#[derive(Debug, serde::Deserialize)]
enum GithubState {
#[serde(rename = "success")]
Success,
#[serde(rename = "pending")]
Pending,
#[serde(rename = "failure")]
Failure,
#[serde(rename = "error")]
Error,
#[serde(rename = "")]
Blank,
}

View file

@ -4,14 +4,15 @@ version = { workspace = true }
edition = { workspace = true }
[features]
default = ["forgejo"]
default = ["forgejo", "github"]
forgejo = ["git-next-forge-forgejo"]
github = []
github = ["git-next-forge-github"]
[dependencies]
git-next-config = { workspace = true }
git-next-git = { workspace = true }
git-next-forge-forgejo = { workspace = true, optional = true }
git-next-forge-github = { workspace = true, optional = true }
# logging
console-subscriber = { workspace = true }

View file

@ -1,21 +0,0 @@
use crate::network::Network;
struct Github;
pub(super) struct GithubEnv {
net: Network,
}
impl GithubEnv {
pub(crate) const fn new(net: Network) -> GithubEnv {
Self { net }
}
}
#[async_trait::async_trait]
impl super::ForgeLike for GithubEnv {
fn name(&self) -> String {
"github".to_string()
}
async fn branches_get_all(&self) -> Vec<super::Branch> {
todo!()
}
}

View file

@ -1,34 +1,34 @@
#![allow(dead_code)]
//
use git_next_forge_forgejo as forgejo;
use git_next_forge_github as github;
use git_next_git as git;
use kxio::network::Network;
#[cfg(feature = "github")]
mod github;
mod mock_forge;
#[derive(Clone, Debug)]
pub enum Forge {
Mock(mock_forge::MockForgeEnv),
#[allow(clippy::enum_variant_names)]
Mock(mock_forge::MockForge),
#[cfg(feature = "forgejo")]
ForgeJo(forgejo::ForgeJo),
ForgeJo(git_next_forge_forgejo::ForgeJo),
#[cfg(feature = "github")]
Github(github::GithubEnv),
Github(git_next_forge_github::Github),
}
impl Forge {
pub const fn new_mock() -> Self {
Self::Mock(mock_forge::MockForgeEnv::new())
Self::Mock(mock_forge::MockForge::new())
}
#[cfg(feature = "forgejo")]
pub const fn new_forgejo(repo_details: git::RepoDetails, net: Network) -> Self {
Self::ForgeJo(forgejo::ForgeJo::new(repo_details, net))
}
#[cfg(feature = "github")]
pub const fn new_github(net: Network) -> Self {
Self::Github(github::GithubEnv::new(net))
pub const fn new_github(repo_details: git::RepoDetails, net: Network) -> Self {
Self::Github(github::Github::new(repo_details, net))
}
}
impl std::ops::Deref for Forge {
@ -39,7 +39,7 @@ impl std::ops::Deref for Forge {
#[cfg(feature = "forgejo")]
Self::ForgeJo(env) => env,
#[cfg(feature = "github")]
Forge::Github(env) => env,
Self::Github(env) => env,
}
}
}

View file

@ -1,23 +1,41 @@
//
#![cfg(not(tarpaulin_include))]
use derive_more::Constructor;
use git_next_config as config;
use git_next_git as git;
struct MockForge;
#[derive(Clone, Debug)]
pub struct MockForgeEnv;
impl MockForgeEnv {
pub(crate) const fn new() -> Self {
Self
}
}
#[derive(Clone, Debug, Constructor)]
pub struct MockForge;
#[async_trait::async_trait]
impl git::ForgeLike for MockForgeEnv {
impl git::ForgeLike for MockForge {
fn name(&self) -> String {
"mock".to_string()
}
async fn commit_status(&self, _commit: &git::Commit) -> git::commit::Status {
async fn commit_status(&self, _commit: &git::Commit) -> git::forge::commit::Status {
todo!()
}
async fn list_webhooks(
&self,
_webhook_url: &config::server::WebhookUrl,
) -> git::forge::webhook::Result<Vec<config::WebhookId>> {
todo!()
}
async fn unregister_webhook(
&self,
_webhook_id: &config::WebhookId,
) -> git::forge::webhook::Result<()> {
todo!()
}
async fn register_webhook(
&self,
_webhook_url: &config::server::WebhookUrl,
) -> git::forge::webhook::Result<config::RegisteredWebhook> {
todo!()
}
}

View file

@ -1,8 +0,0 @@
use super::*;
#[test]
fn test_name() {
let net = Network::new_mock();
let forge = Forge::new_github(net);
assert_eq!(forge.name(), "github");
}

View file

@ -4,9 +4,6 @@ use super::*;
use git_next_config as config;
use git_next_git as git;
#[cfg(feature = "github")]
mod github;
#[test]
fn test_mock_name() {
let forge = Forge::new_mock();

View file

@ -44,9 +44,9 @@ derive-with = { workspace = true }
# # file watcher
# inotify = { workspace = true }
#
# # Actors
# actix = { workspace = true }
# Actors
actix = { workspace = true }
# actix-rt = { workspace = true }
# tokio = { workspace = true }
#

View file

@ -19,13 +19,6 @@ pub struct Sha(String);
#[derive(Clone, Debug, PartialEq, Eq, derive_more::Constructor, derive_more::Display)]
pub struct Message(String);
#[derive(Debug)]
pub enum Status {
Pass,
Fail,
Pending,
}
#[derive(Clone, Debug)]
pub struct Histories {
pub main: Vec<Commit>,

View file

@ -0,0 +1,6 @@
#[derive(Debug)]
pub enum Status {
Pass,
Fail,
Pending,
}

View file

@ -0,0 +1,28 @@
use crate as git;
use git_next_config as config;
#[async_trait::async_trait]
pub trait ForgeLike {
fn name(&self) -> String;
/// Checks the results of any (e.g. CI) status checks for the commit.
async fn commit_status(&self, commit: &git::Commit) -> git::forge::commit::Status;
// Lists all the webhooks
async fn list_webhooks(
&self,
url: &config::server::WebhookUrl,
) -> git::forge::webhook::Result<Vec<config::WebhookId>>;
// Unregisters a webhook
async fn unregister_webhook(
&self,
webhook: &config::WebhookId,
) -> git::forge::webhook::Result<()>;
// Registers a webhook
async fn register_webhook(
&self,
webhook_url: &config::server::WebhookUrl,
) -> git::forge::webhook::Result<config::RegisteredWebhook>;
}

View file

@ -0,0 +1,3 @@
pub mod commit;
pub(super) mod like;
pub mod webhook;

View file

@ -0,0 +1,24 @@
use derive_more::Display;
pub type Result<T> = core::result::Result<T, Error>;
#[derive(Debug, Display)]
pub enum Error {
#[display("network: {}", 0)]
Network(kxio::network::NetworkError),
FailedToRegister(String),
NetworkResponseEmpty,
NoRepoConfig,
FailedToNotifySelf(String),
}
impl std::error::Error for Error {}
impl From<kxio::network::NetworkError> for Error {
fn from(value: kxio::network::NetworkError) -> Self {
Self::Network(value)
}
}

View file

@ -1,9 +0,0 @@
use crate as git;
#[async_trait::async_trait]
pub trait ForgeLike {
fn name(&self) -> String;
/// Checks the results of any (e.g. CI) status checks for the commit.
async fn commit_status(&self, commit: &git::Commit) -> git::commit::Status;
}

View file

@ -4,7 +4,7 @@ pub mod commit;
pub mod common;
pub mod fetch;
pub mod file;
mod forge_like;
pub mod forge;
mod generation;
mod git_ref;
mod git_remote;
@ -17,7 +17,7 @@ pub mod validation;
mod tests;
pub use commit::Commit;
pub use forge_like::ForgeLike;
pub use forge::like::ForgeLike;
pub use generation::Generation;
pub use git_ref::GitRef;
pub use git_remote::GitRemote;

View file

@ -10,6 +10,7 @@ use git_next_config as config;
use git_next_config::GitDir;
pub use open::OpenRepository;
use tracing::info;
use crate::{repository::mock::MockRepository, validation::repo::validate_repo};
@ -29,18 +30,20 @@ pub fn mock() -> (Repository, MockRepository) {
}
/// Opens a repository, cloning if necessary
#[tracing::instrument(skip_all)]
pub fn open(
repository: &Repository,
repo_details: &RepoDetails,
gitdir: config::GitDir,
) -> Result<OpenRepository> {
let repository = if !gitdir.exists() {
// info!("Local copy not found - cloning...");
info!("Local copy not found - cloning...");
repository.git_clone(repo_details)?
} else {
info!("Local copy found - opening...");
repository.open(&gitdir)?
};
// info!("Validating...");
info!("Validating...");
validate_repo(&repository, repo_details).map_err(|e| Error::Validation(e.to_string()))?;
Ok(repository)
}

View file

@ -162,15 +162,12 @@ impl super::OpenRepositoryLike for RealOpenRepository {
git::commit::Sha::new(id),
git::commit::Message::new(message),
);
info!(?commit, "found");
if find_commits.contains(&commit) {
info!("Is in find_commits");
commits.push(commit);
break;
}
commits.push(commit);
}
info!("finished walkfing");
Ok(commits)
})?
}

View file

@ -15,13 +15,16 @@ impl RepositoryLike for RealRepository {
Ok(OpenRepository::real(gix_repo))
}
#[tracing::instrument(skip_all)]
fn git_clone(&self, repo_details: &RepoDetails) -> Result<OpenRepository, Error> {
tracing::info!("creating");
use secrecy::ExposeSecret;
let (gix_repo, _outcome) = gix::prepare_clone_bare(
repo_details.origin().expose_secret().as_str(),
repo_details.gitdir.deref(),
)?
.fetch_only(gix::progress::Discard, &AtomicBool::new(false))?;
tracing::info!("created");
Ok(OpenRepository::real(gix_repo))
}

View file

@ -4,7 +4,7 @@ version = { workspace = true }
edition = { workspace = true }
[features]
default = ["forgejo"]
default = ["forgejo", "github"]
forgejo = []
github = []

View file

@ -9,6 +9,7 @@ mod tests;
use std::time::Duration;
use actix::prelude::*;
use config::RegisteredWebhook;
use git::validation::positions::{validate_positions, Positions};
use crate as repo_actor;
@ -26,8 +27,8 @@ pub struct RepoActor {
message_token: MessageToken,
repo_details: git::RepoDetails,
webhook: config::server::Webhook,
webhook_id: Option<webhook::WebhookId>, // INFO: if [None] then no webhook is configured
webhook_auth: Option<webhook::WebhookAuth>, // INFO: if [None] then no webhook is configured
webhook_id: Option<config::WebhookId>, // INFO: if [None] then no webhook is configured
webhook_auth: Option<config::WebhookAuth>, // INFO: if [None] then no webhook is configured
last_main_commit: Option<git::Commit>,
last_next_commit: Option<git::Commit>,
last_dev_commit: Option<git::Commit>,
@ -47,6 +48,7 @@ impl RepoActor {
let forge = match details.forge.forge_type() {
#[cfg(feature = "forgejo")]
config::ForgeType::ForgeJo => forge::Forge::new_forgejo(details.clone(), net.clone()),
config::ForgeType::GitHub => forge::Forge::new_github(details.clone(), net.clone()),
config::ForgeType::MockForge => forge::Forge::new_mock(),
};
debug!(?forge, "new");
@ -74,10 +76,13 @@ impl Actor for RepoActor {
info!("Checking webhook");
match self.webhook_id.take() {
Some(webhook_id) => {
let repo_details = self.repo_details.clone();
let net = self.net.clone();
info!(%webhook_id, "Unregistring webhook");
webhook::unregister(webhook_id, repo_details, net)
let forge = self.forge.clone();
async move {
if let Err(err) = forge.unregister_webhook(&webhook_id).await {
warn!("unregistering webhook: {err}");
}
}
.in_current_span()
.into_actor(self)
.wait(ctx);
@ -107,7 +112,7 @@ impl Handler<CloneRepo> for RepoActor {
});
}
}
Err(err) => warn!("Could not Clone repo: {err}"),
Err(err) => warn!("Could not open repo: {err}"),
}
}
}
@ -171,12 +176,24 @@ impl Handler<ValidateRepo> for RepoActor {
}
}
if self.webhook_id.is_none() {
webhook::register(
self.repo_details.clone(),
self.webhook.clone(),
ctx.address(),
self.net.clone(),
)
let forge = self.forge.clone();
let webhook_url = self.webhook.url();
let addr = ctx.address();
async move {
if let Err(err) =
forge
.register_webhook(&webhook_url)
.await
.and_then(|registered_webhook| {
addr.try_send(WebhookRegistered::from(registered_webhook))
.map_err(|e| {
git::forge::webhook::Error::FailedToNotifySelf(e.to_string())
})
})
{
warn!("registering webhook: {err}");
}
}
.in_current_span()
.into_actor(self)
.wait(ctx);
@ -264,7 +281,12 @@ impl Handler<StartMonitoring> for RepoActor {
#[derive(Message)]
#[rtype(result = "()")]
pub struct WebhookRegistered(webhook::WebhookId, webhook::WebhookAuth);
pub struct WebhookRegistered(config::WebhookId, config::WebhookAuth);
impl From<RegisteredWebhook> for WebhookRegistered {
fn from(value: RegisteredWebhook) -> Self {
Self(value.id().clone(), value.auth().clone())
}
}
impl Handler<WebhookRegistered> for RepoActor {
type Result = ();
#[tracing::instrument(name = "RepoActor::WebhookRegistered", skip_all, fields(repo = %self.repo_details, webhook_id = %msg.0))]

View file

@ -19,14 +19,14 @@ pub async fn check_next(
let status = forge.commit_status(&next).await;
info!(?status, "Checking next branch");
match status {
git::commit::Status::Pass => {
git::forge::commit::Status::Pass => {
addr.do_send(AdvanceMainTo(next));
}
git::commit::Status::Pending => {
git::forge::commit::Status::Pending => {
tokio::time::sleep(tokio::time::Duration::from_secs(10)).await;
addr.do_send(ValidateRepo { message_token });
}
git::commit::Status::Fail => {
git::forge::commit::Status::Fail => {
warn!("Checks have failed");
}
}

View file

@ -1,182 +1,10 @@
//
use actix::prelude::*;
use git_next_config::{
server::{Webhook, WebhookUrl},
BranchName, RepoAlias, RepoBranches,
};
use git_next_config::{self as config, BranchName, RepoAlias, RepoBranches};
use git_next_git as git;
use kxio::network::{self, json};
use tracing::{info, warn};
use ulid::DecodeError;
use std::{collections::HashMap, str::FromStr};
use crate::{RepoActor, ValidateRepo, WebhookRegistered};
#[derive(
Clone, Debug, PartialEq, Eq, derive_more::Constructor, derive_more::Deref, derive_more::Display,
)]
pub struct WebhookId(String);
#[derive(Clone, Debug, PartialEq, Eq, derive_more::Deref, derive_more::Display)]
pub struct WebhookAuth(ulid::Ulid);
impl WebhookAuth {
pub fn new(authorisation: &str) -> Result<Self, DecodeError> {
let id = ulid::Ulid::from_str(authorisation)?;
info!("Parse auth token: {}", id);
Ok(Self(id))
}
fn generate() -> Self {
Self(ulid::Ulid::new())
}
fn header_value(&self) -> String {
format!("Basic {}", self)
}
}
#[tracing::instrument(skip_all, fields(%webhook_id))]
pub async fn unregister(
webhook_id: WebhookId,
repo_details: git::RepoDetails,
net: network::Network,
) {
let hostname = &repo_details.forge.hostname();
let repo_path = repo_details.repo_path;
use secrecy::ExposeSecret;
let token = repo_details.forge.token().expose_secret();
let url = network::NetUrl::new(format!(
"https://{hostname}/api/v1/repos/{repo_path}/hooks/{webhook_id}?token={token}"
));
let request = network::NetRequest::new(
network::RequestMethod::Delete,
url,
network::NetRequestHeaders::new(),
network::RequestBody::None,
network::ResponseType::None,
None,
network::NetRequestLogging::None,
);
let result = net.delete(request).await;
match result {
Ok(_) => info!("unregistered webhook"),
Err(err) => warn!(?err, "Failed to unregister webhook"),
}
}
#[tracing::instrument(skip_all)]
pub async fn register(
repo_details: git::RepoDetails,
webhook: Webhook,
addr: actix::prelude::Addr<super::RepoActor>,
net: network::Network,
) {
let Some(repo_config) = repo_details.repo_config.clone() else {
return;
};
let webhook_url = webhook.url();
// remove any lingering webhooks for the same URL
let existing_webhook_ids = find_existing_webhooks(&repo_details, &webhook_url, &net).await;
for webhook_id in existing_webhook_ids {
unregister(webhook_id, repo_details.clone(), net.clone()).await;
}
let hostname = &repo_details.forge.hostname();
let repo_path = repo_details.repo_path;
use secrecy::ExposeSecret;
let token = repo_details.forge.token().expose_secret();
let url = network::NetUrl::new(format!(
"https://{hostname}/api/v1/repos/{repo_path}/hooks?token={token}"
));
let repo_alias = &repo_details.repo_alias;
let headers = network::NetRequestHeaders::new().with("Content-Type", "application/json");
let authorisation = WebhookAuth::generate();
let body = json!({
"active": true,
"authorization_header": authorisation.header_value(),
"branch_filter": format!("{{{},{},{}}}", repo_config.branches().main(), repo_config.branches().next(), repo_config.branches().dev()),
"config": {
"content_type": "json",
"url": format!("{}/{}", webhook_url.as_ref(), repo_alias),
},
"events": [ "push" ],
"type": "forgejo"
});
let request = network::NetRequest::new(
network::RequestMethod::Post,
url,
headers,
network::RequestBody::Json(body),
network::ResponseType::Json,
None,
network::NetRequestLogging::None,
);
let result = net.post_json::<Hook>(request).await;
match result {
Ok(response) => {
if let Some(hook) = response.response_body() {
info!(webhook_id = %hook.id, "Webhook registered");
addr.do_send(WebhookRegistered(hook.id(), authorisation));
}
}
Err(_) => warn!("Failed to register webhook"),
}
}
async fn find_existing_webhooks(
repo_details: &git::RepoDetails,
webhook_url: &WebhookUrl,
net: &network::Network,
) -> Vec<WebhookId> {
let mut ids: Vec<WebhookId> = vec![];
let hostname = &repo_details.forge.hostname();
let repo_path = &repo_details.repo_path;
let mut page = 1;
loop {
use secrecy::ExposeSecret;
let token = &repo_details.forge.token().expose_secret();
let url =
format!("https://{hostname}/api/v1/repos/{repo_path}/hooks?page={page}&token={token}");
let net_url = network::NetUrl::new(url);
let request = network::NetRequest::new(
network::RequestMethod::Get,
net_url,
network::NetRequestHeaders::new(),
network::RequestBody::None,
network::ResponseType::Json,
None,
network::NetRequestLogging::None,
);
let result = net.get::<Vec<Hook>>(request).await;
if let Ok(response) = result {
if let Some(list) = response.response_body() {
if list.is_empty() {
return ids;
}
for hook in list {
if let Some(existing_url) = hook.config.get("url") {
if existing_url.starts_with(webhook_url.as_ref()) {
ids.push(hook.id());
}
}
}
}
}
page += 1;
}
}
#[derive(Debug, serde::Deserialize)]
struct Hook {
id: i64,
config: HashMap<String, String>,
}
impl Hook {
fn id(&self) -> WebhookId {
WebhookId(format!("{}", self.id))
}
}
use crate::{RepoActor, ValidateRepo};
impl Handler<WebhookMessage> for RepoActor {
type Result = ();
@ -314,7 +142,7 @@ struct HeadCommit {
pub struct WebhookMessage {
// forge // TODO: (#58) differentiate between multiple forges
repo_alias: RepoAlias,
authorisation: WebhookAuth,
authorisation: config::WebhookAuth,
body: Body,
}
impl WebhookMessage {
@ -324,7 +152,7 @@ impl WebhookMessage {
pub const fn body(&self) -> &Body {
&self.body
}
pub const fn authorisation(&self) -> &WebhookAuth {
pub const fn authorisation(&self) -> &config::WebhookAuth {
&self.authorisation
}
}

View file

@ -3,11 +3,6 @@ name = "git-next-server"
version = { workspace = true }
edition = { workspace = true }
[features]
default = ["forgejo"]
forgejo = []
github = []
[dependencies]
git-next-config = { workspace = true }
git-next-git = { workspace = true }

View file

@ -3,8 +3,8 @@ use std::net::SocketAddr;
use actix::prelude::*;
use git_next_config::RepoAlias;
use git_next_repo_actor::webhook::{self, WebhookAuth, WebhookMessage};
use git_next_config as config;
use git_next_repo_actor::webhook::{self, WebhookMessage};
use tracing::{info, warn};
use warp::reject::Rejection;
@ -25,7 +25,7 @@ pub async fn start(socket_addr: SocketAddr, address: actix::prelude::Recipient<W
headers: warp::http::HeaderMap,
body: bytes::Bytes| async move {
info!("POST received");
let repo_alias = RepoAlias::new(path);
let repo_alias = config::RepoAlias::new(path);
let bytes = body.to_vec();
let body = webhook::Body::new(String::from_utf8_lossy(&bytes).to_string());
headers.get("Authorization").map_or_else(
@ -64,8 +64,10 @@ pub async fn start(socket_addr: SocketAddr, address: actix::prelude::Recipient<W
warp::serve(route).run(socket_addr).await;
}
fn parse_auth(authorization_header: &warp::http::HeaderValue) -> Result<WebhookAuth, Rejection> {
WebhookAuth::new(
fn parse_auth(
authorization_header: &warp::http::HeaderValue,
) -> Result<config::WebhookAuth, Rejection> {
config::WebhookAuth::new(
authorization_header
.to_str()
.map_err(|e| {