ti.sil/sourcebot
1
0
Fork 0
mirror of https://github.com/sourcebot-dev/sourcebot.git synced 2025-12-12 20:35:24 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

remove non secret token options

Browse source
This commit is contained in:
msukkari 2025-02-19 14:23:26 -08:00
parent 5d7a77bd92
commit 63af99aa59
12 changed files with 147 additions and 330 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

50
packages/backend/src/utils.ts
View file

@ -6,7 +6,7 @@ import { PrismaClient, Repo } from "@sourcebot/db";
import { decrypt } from "@sourcebot/crypto";
import { Token } from "@sourcebot/schemas/v3/shared.type";
export const measure = async <T>(cb : () => Promise<T>) => {
export const measure = async <T>(cb: () => Promise<T>) => {
const start = Date.now();
const data = await cb();
const durationMs = Date.now() - start;
@ -89,38 +89,26 @@ export const excludeReposByTopic = <T extends Repository>(repos: T[], excludedRe
}
export const getTokenFromConfig = async (token: Token, orgId: number, db?: PrismaClient) => {
if (typeof token === 'string') {
return token;
if (!db) {
throw new Error(`Database connection required to retrieve secret`);
}
if ('env' in token) {
const tokenValue = process.env[token.env];
if (!tokenValue) {
throw new Error(`The environment variable '${token.env}' was referenced in the config but was not set.`);
}
return tokenValue;
} else if ('secret' in token) {
if (!db) {
throw new Error(`Database connection required to retrieve secret`);
}
const secretKey = token.secret;
const secret = await db.secret.findUnique({
where: {
orgId_key: {
key: secretKey,
orgId
}
}
});
if (!secret) {
throw new Error(`Secret with key ${secretKey} not found for org ${orgId}`);
}
const decryptedSecret = decrypt(secret.iv, secret.encryptedValue);
return decryptedSecret;
const secretKey = token.secret;
const secret = await db.secret.findUnique({
where: {
orgId_key: {
key: secretKey,
orgId
}
}
});
if (!secret) {
throw new Error(`Secret with key ${secretKey} not found for org ${orgId}`);
}
throw new Error(`Invalid token configuration in config`);
const decryptedSecret = decrypt(secret.iv, secret.encryptedValue);
return decryptedSecret;
}
export const isRemotePath = (path: string) => {
@ -172,7 +160,7 @@ export const fetchWithRetry = async <T>(
maxAttempts: number = 3
): Promise<T> => {
let attempts = 0;
while (true) {
try {
return await fetchFn();

40
packages/schemas/src/v3/connection.schema.ts
View file

@ -20,37 +20,17 @@ const schema = {
"env": "ENV_VAR_CONTAINING_TOKEN"
}
],
"anyOf": [
{
"type": "string"
},
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token."
}
},
"required": [
"env"
],
"additionalProperties": false
},
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
]
},
"required": [
"secret"
],
"additionalProperties": false
},
"url": {
"type": "string",

81
packages/schemas/src/v3/connection.type.ts
View file

@ -13,23 +13,7 @@ export interface GithubConnectionConfig {
* GitHub Configuration
*/
type: "github";
/**
* A Personal Access Token (PAT).
*/
token?:
| string
| {
/**
* The name of the environment variable that contains the token.
*/
env: string;
}
| {
/**
* The name of the secret that contains the token.
*/
secret: string;
};
token?: Token;
/**
* The URL of the GitHub host. Defaults to https://github.com
*/
@ -85,6 +69,15 @@ export interface GithubConnectionConfig {
};
revisions?: GitRevisions;
}
/**
* A Personal Access Token (PAT).
*/
export interface Token {
/**
* The name of the secret that contains the token.
*/
secret: string;
}
/**
* The revisions (branches, tags) that should be included when indexing. The default branch (HEAD) is always indexed.
*/
@ -103,23 +96,7 @@ export interface GitlabConnectionConfig {
* GitLab Configuration
*/
type: "gitlab";
/**
* An authentication token.
*/
token?:
| string
| {
/**
* The name of the environment variable that contains the token.
*/
env: string;
}
| {
/**
* The name of the secret that contains the token.
*/
secret: string;
};
token?: Token1;
/**
* The URL of the GitLab host. Defaults to https://gitlab.com
*/
@ -166,28 +143,21 @@ export interface GitlabConnectionConfig {
};
revisions?: GitRevisions;
}
/**
* An authentication token.
*/
export interface Token1 {
/**
* The name of the secret that contains the token.
*/
secret: string;
}
export interface GiteaConnectionConfig {
/**
* Gitea Configuration
*/
type: "gitea";
/**
* A Personal Access Token (PAT).
*/
token?:
| string
| {
/**
* The name of the environment variable that contains the token.
*/
env: string;
}
| {
/**
* The name of the secret that contains the token.
*/
secret: string;
};
token?: Token2;
/**
* The URL of the Gitea host. Defaults to https://gitea.com
*/
@ -220,6 +190,15 @@ export interface GiteaConnectionConfig {
};
revisions?: GitRevisions;
}
/**
* A Personal Access Token (PAT).
*/
export interface Token2 {
/**
* The name of the secret that contains the token.
*/
secret: string;
}
export interface GerritConnectionConfig {
/**
* Gerrit Configuration

40
packages/schemas/src/v3/gitea.schema.ts
View file

@ -16,37 +16,17 @@ const schema = {
"env": "ENV_VAR_CONTAINING_TOKEN"
}
],
"anyOf": [
{
"type": "string"
},
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token."
}
},
"required": [
"env"
],
"additionalProperties": false
},
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
]
},
"required": [
"secret"
],
"additionalProperties": false
},
"url": {
"type": "string",

27
packages/schemas/src/v3/gitea.type.ts
View file

@ -5,23 +5,7 @@ export interface GiteaConnectionConfig {
* Gitea Configuration
*/
type: "gitea";
/**
* A Personal Access Token (PAT).
*/
token?:
| string
| {
/**
* The name of the environment variable that contains the token.
*/
env: string;
}
| {
/**
* The name of the secret that contains the token.
*/
secret: string;
};
token?: Token;
/**
* The URL of the Gitea host. Defaults to https://gitea.com
*/
@ -54,6 +38,15 @@ export interface GiteaConnectionConfig {
};
revisions?: GitRevisions;
}
/**
* A Personal Access Token (PAT).
*/
export interface Token {
/**
* The name of the secret that contains the token.
*/
secret: string;
}
/**
* The revisions (branches, tags) that should be included when indexing. The default branch (HEAD) is always indexed.
*/

40
packages/schemas/src/v3/github.schema.ts
View file

@ -16,37 +16,17 @@ const schema = {
"env": "ENV_VAR_CONTAINING_TOKEN"
}
],
"anyOf": [
{
"type": "string"
},
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token."
}
},
"required": [
"env"
],
"additionalProperties": false
},
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
]
},
"required": [
"secret"
],
"additionalProperties": false
},
"url": {
"type": "string",

27
packages/schemas/src/v3/github.type.ts
View file

@ -5,23 +5,7 @@ export interface GithubConnectionConfig {
* GitHub Configuration
*/
type: "github";
/**
* A Personal Access Token (PAT).
*/
token?:
| string
| {
/**
* The name of the environment variable that contains the token.
*/
env: string;
}
| {
/**
* The name of the secret that contains the token.
*/
secret: string;
};
token?: Token;
/**
* The URL of the GitHub host. Defaults to https://github.com
*/
@ -77,6 +61,15 @@ export interface GithubConnectionConfig {
};
revisions?: GitRevisions;
}
/**
* A Personal Access Token (PAT).
*/
export interface Token {
/**
* The name of the secret that contains the token.
*/
secret: string;
}
/**
* The revisions (branches, tags) that should be included when indexing. The default branch (HEAD) is always indexed.
*/

40
packages/schemas/src/v3/gitlab.schema.ts
View file

@ -16,37 +16,17 @@ const schema = {
"env": "ENV_VAR_CONTAINING_TOKEN"
}
],
"anyOf": [
{
"type": "string"
},
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token."
}
},
"required": [
"env"
],
"additionalProperties": false
},
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
]
},
"required": [
"secret"
],
"additionalProperties": false
},
"url": {
"type": "string",

27
packages/schemas/src/v3/gitlab.type.ts
View file

@ -5,23 +5,7 @@ export interface GitlabConnectionConfig {
* GitLab Configuration
*/
type: "gitlab";
/**
* An authentication token.
*/
token?:
| string
| {
/**
* The name of the environment variable that contains the token.
*/
env: string;
}
| {
/**
* The name of the secret that contains the token.
*/
secret: string;
};
token?: Token;
/**
* The URL of the GitLab host. Defaults to https://gitlab.com
*/
@ -68,6 +52,15 @@ export interface GitlabConnectionConfig {
};
revisions?: GitRevisions;
}
/**
* An authentication token.
*/
export interface Token {
/**
* The name of the secret that contains the token.
*/
secret: string;
}
/**
* The revisions (branches, tags) that should be included when indexing. The default branch (HEAD) is always indexed.
*/

40
packages/schemas/src/v3/shared.schema.ts
View file

@ -4,37 +4,17 @@ const schema = {
"type": "object",
"definitions": {
"Token": {
"anyOf": [
{
"type": "string"
},
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token."
}
},
"required": [
"env"
],
"additionalProperties": false
},
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
]
},
"required": [
"secret"
],
"additionalProperties": false
},
"GitRevisions": {
"type": "object",

25
packages/schemas/src/v3/shared.type.ts
View file

@ -1,26 +1,17 @@
// THIS IS A AUTO-GENERATED FILE. DO NOT MODIFY MANUALLY!
export interface Shared {
[k: string]: unknown;
}
/**
* This interface was referenced by `Shared`'s JSON-Schema
* via the `definition` "Token".
*/
export type Token =
| string
| {
/**
* The name of the environment variable that contains the token.
*/
env: string;
}
| {
/**
* The name of the secret that contains the token.
*/
secret: string;
};
export interface Shared {
[k: string]: unknown;
export interface Token {
/**
* The name of the secret that contains the token.
*/
secret: string;
}
/**
* The revisions (branches, tags) that should be included when indexing. The default branch (HEAD) is always indexed.

40
schemas/v3/shared.json
View file

@ -3,37 +3,17 @@
"type": "object",
"definitions": {
"Token": {
"anyOf": [
{
"type": "string"
},
{
"type": "object",
"properties": {
"env": {
"type": "string",
"description": "The name of the environment variable that contains the token."
}
},
"required": [
"env"
],
"additionalProperties": false
},
{
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
},
"required": [
"secret"
],
"additionalProperties": false
"type": "object",
"properties": {
"secret": {
"type": "string",
"description": "The name of the secret that contains the token."
}
]
},
"required": [
"secret"
],
"additionalProperties": false
},
"GitRevisions": {
"type": "object",