From 63af99aa5997c918f981339ba39146a86e009ffd Mon Sep 17 00:00:00 2001 From: msukkari Date: Wed, 19 Feb 2025 14:23:26 -0800 Subject: [PATCH] remove non secret token options --- packages/backend/src/utils.ts | 50 +++++------- packages/schemas/src/v3/connection.schema.ts | 40 +++------- packages/schemas/src/v3/connection.type.ts | 81 ++++++++------------ packages/schemas/src/v3/gitea.schema.ts | 40 +++------- packages/schemas/src/v3/gitea.type.ts | 27 +++---- packages/schemas/src/v3/github.schema.ts | 40 +++------- packages/schemas/src/v3/github.type.ts | 27 +++---- packages/schemas/src/v3/gitlab.schema.ts | 40 +++------- packages/schemas/src/v3/gitlab.type.ts | 27 +++---- packages/schemas/src/v3/shared.schema.ts | 40 +++------- packages/schemas/src/v3/shared.type.ts | 25 ++---- schemas/v3/shared.json | 40 +++------- 12 files changed, 147 insertions(+), 330 deletions(-) diff --git a/packages/backend/src/utils.ts b/packages/backend/src/utils.ts index e2bcebca..b6135995 100644 --- a/packages/backend/src/utils.ts +++ b/packages/backend/src/utils.ts @@ -6,7 +6,7 @@ import { PrismaClient, Repo } from "@sourcebot/db"; import { decrypt } from "@sourcebot/crypto"; import { Token } from "@sourcebot/schemas/v3/shared.type"; -export const measure = async (cb : () => Promise) => { +export const measure = async (cb: () => Promise) => { const start = Date.now(); const data = await cb(); const durationMs = Date.now() - start; @@ -89,38 +89,26 @@ export const excludeReposByTopic = (repos: T[], excludedRe } export const getTokenFromConfig = async (token: Token, orgId: number, db?: PrismaClient) => { - if (typeof token === 'string') { - return token; + if (!db) { + throw new Error(`Database connection required to retrieve secret`); } - if ('env' in token) { - const tokenValue = process.env[token.env]; - if (!tokenValue) { - throw new Error(`The environment variable '${token.env}' was referenced in the config but was not set.`); - } - return tokenValue; - } else if ('secret' in token) { - if (!db) { - throw new Error(`Database connection required to retrieve secret`); - } - - const secretKey = token.secret; - const secret = await db.secret.findUnique({ - where: { - orgId_key: { - key: secretKey, - orgId - } - } - }); - - if (!secret) { - throw new Error(`Secret with key ${secretKey} not found for org ${orgId}`); - } - const decryptedSecret = decrypt(secret.iv, secret.encryptedValue); - return decryptedSecret; + const secretKey = token.secret; + const secret = await db.secret.findUnique({ + where: { + orgId_key: { + key: secretKey, + orgId + } + } + }); + + if (!secret) { + throw new Error(`Secret with key ${secretKey} not found for org ${orgId}`); } - throw new Error(`Invalid token configuration in config`); + + const decryptedSecret = decrypt(secret.iv, secret.encryptedValue); + return decryptedSecret; } export const isRemotePath = (path: string) => { @@ -172,7 +160,7 @@ export const fetchWithRetry = async ( maxAttempts: number = 3 ): Promise => { let attempts = 0; - + while (true) { try { return await fetchFn(); diff --git a/packages/schemas/src/v3/connection.schema.ts b/packages/schemas/src/v3/connection.schema.ts index 9a2d3587..16d27333 100644 --- a/packages/schemas/src/v3/connection.schema.ts +++ b/packages/schemas/src/v3/connection.schema.ts @@ -20,37 +20,17 @@ const schema = { "env": "ENV_VAR_CONTAINING_TOKEN" } ], - "anyOf": [ - { - "type": "string" - }, - { - "type": "object", - "properties": { - "env": { - "type": "string", - "description": "The name of the environment variable that contains the token." - } - }, - "required": [ - "env" - ], - "additionalProperties": false - }, - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false + "type": "object", + "properties": { + "secret": { + "type": "string", + "description": "The name of the secret that contains the token." } - ] + }, + "required": [ + "secret" + ], + "additionalProperties": false }, "url": { "type": "string", diff --git a/packages/schemas/src/v3/connection.type.ts b/packages/schemas/src/v3/connection.type.ts index 74a70d8f..483317af 100644 --- a/packages/schemas/src/v3/connection.type.ts +++ b/packages/schemas/src/v3/connection.type.ts @@ -13,23 +13,7 @@ export interface GithubConnectionConfig { * GitHub Configuration */ type: "github"; - /** - * A Personal Access Token (PAT). - */ - token?: - | string - | { - /** - * The name of the environment variable that contains the token. - */ - env: string; - } - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - }; + token?: Token; /** * The URL of the GitHub host. Defaults to https://github.com */ @@ -85,6 +69,15 @@ export interface GithubConnectionConfig { }; revisions?: GitRevisions; } +/** + * A Personal Access Token (PAT). + */ +export interface Token { + /** + * The name of the secret that contains the token. + */ + secret: string; +} /** * The revisions (branches, tags) that should be included when indexing. The default branch (HEAD) is always indexed. */ @@ -103,23 +96,7 @@ export interface GitlabConnectionConfig { * GitLab Configuration */ type: "gitlab"; - /** - * An authentication token. - */ - token?: - | string - | { - /** - * The name of the environment variable that contains the token. - */ - env: string; - } - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - }; + token?: Token1; /** * The URL of the GitLab host. Defaults to https://gitlab.com */ @@ -166,28 +143,21 @@ export interface GitlabConnectionConfig { }; revisions?: GitRevisions; } +/** + * An authentication token. + */ +export interface Token1 { + /** + * The name of the secret that contains the token. + */ + secret: string; +} export interface GiteaConnectionConfig { /** * Gitea Configuration */ type: "gitea"; - /** - * A Personal Access Token (PAT). - */ - token?: - | string - | { - /** - * The name of the environment variable that contains the token. - */ - env: string; - } - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - }; + token?: Token2; /** * The URL of the Gitea host. Defaults to https://gitea.com */ @@ -220,6 +190,15 @@ export interface GiteaConnectionConfig { }; revisions?: GitRevisions; } +/** + * A Personal Access Token (PAT). + */ +export interface Token2 { + /** + * The name of the secret that contains the token. + */ + secret: string; +} export interface GerritConnectionConfig { /** * Gerrit Configuration diff --git a/packages/schemas/src/v3/gitea.schema.ts b/packages/schemas/src/v3/gitea.schema.ts index 57341345..0f60269c 100644 --- a/packages/schemas/src/v3/gitea.schema.ts +++ b/packages/schemas/src/v3/gitea.schema.ts @@ -16,37 +16,17 @@ const schema = { "env": "ENV_VAR_CONTAINING_TOKEN" } ], - "anyOf": [ - { - "type": "string" - }, - { - "type": "object", - "properties": { - "env": { - "type": "string", - "description": "The name of the environment variable that contains the token." - } - }, - "required": [ - "env" - ], - "additionalProperties": false - }, - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false + "type": "object", + "properties": { + "secret": { + "type": "string", + "description": "The name of the secret that contains the token." } - ] + }, + "required": [ + "secret" + ], + "additionalProperties": false }, "url": { "type": "string", diff --git a/packages/schemas/src/v3/gitea.type.ts b/packages/schemas/src/v3/gitea.type.ts index 09e1df19..cba934a9 100644 --- a/packages/schemas/src/v3/gitea.type.ts +++ b/packages/schemas/src/v3/gitea.type.ts @@ -5,23 +5,7 @@ export interface GiteaConnectionConfig { * Gitea Configuration */ type: "gitea"; - /** - * A Personal Access Token (PAT). - */ - token?: - | string - | { - /** - * The name of the environment variable that contains the token. - */ - env: string; - } - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - }; + token?: Token; /** * The URL of the Gitea host. Defaults to https://gitea.com */ @@ -54,6 +38,15 @@ export interface GiteaConnectionConfig { }; revisions?: GitRevisions; } +/** + * A Personal Access Token (PAT). + */ +export interface Token { + /** + * The name of the secret that contains the token. + */ + secret: string; +} /** * The revisions (branches, tags) that should be included when indexing. The default branch (HEAD) is always indexed. */ diff --git a/packages/schemas/src/v3/github.schema.ts b/packages/schemas/src/v3/github.schema.ts index 9d53a13a..f8e015ad 100644 --- a/packages/schemas/src/v3/github.schema.ts +++ b/packages/schemas/src/v3/github.schema.ts @@ -16,37 +16,17 @@ const schema = { "env": "ENV_VAR_CONTAINING_TOKEN" } ], - "anyOf": [ - { - "type": "string" - }, - { - "type": "object", - "properties": { - "env": { - "type": "string", - "description": "The name of the environment variable that contains the token." - } - }, - "required": [ - "env" - ], - "additionalProperties": false - }, - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false + "type": "object", + "properties": { + "secret": { + "type": "string", + "description": "The name of the secret that contains the token." } - ] + }, + "required": [ + "secret" + ], + "additionalProperties": false }, "url": { "type": "string", diff --git a/packages/schemas/src/v3/github.type.ts b/packages/schemas/src/v3/github.type.ts index d9d75f4c..3bfeed1f 100644 --- a/packages/schemas/src/v3/github.type.ts +++ b/packages/schemas/src/v3/github.type.ts @@ -5,23 +5,7 @@ export interface GithubConnectionConfig { * GitHub Configuration */ type: "github"; - /** - * A Personal Access Token (PAT). - */ - token?: - | string - | { - /** - * The name of the environment variable that contains the token. - */ - env: string; - } - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - }; + token?: Token; /** * The URL of the GitHub host. Defaults to https://github.com */ @@ -77,6 +61,15 @@ export interface GithubConnectionConfig { }; revisions?: GitRevisions; } +/** + * A Personal Access Token (PAT). + */ +export interface Token { + /** + * The name of the secret that contains the token. + */ + secret: string; +} /** * The revisions (branches, tags) that should be included when indexing. The default branch (HEAD) is always indexed. */ diff --git a/packages/schemas/src/v3/gitlab.schema.ts b/packages/schemas/src/v3/gitlab.schema.ts index eeb90658..83eb14ad 100644 --- a/packages/schemas/src/v3/gitlab.schema.ts +++ b/packages/schemas/src/v3/gitlab.schema.ts @@ -16,37 +16,17 @@ const schema = { "env": "ENV_VAR_CONTAINING_TOKEN" } ], - "anyOf": [ - { - "type": "string" - }, - { - "type": "object", - "properties": { - "env": { - "type": "string", - "description": "The name of the environment variable that contains the token." - } - }, - "required": [ - "env" - ], - "additionalProperties": false - }, - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false + "type": "object", + "properties": { + "secret": { + "type": "string", + "description": "The name of the secret that contains the token." } - ] + }, + "required": [ + "secret" + ], + "additionalProperties": false }, "url": { "type": "string", diff --git a/packages/schemas/src/v3/gitlab.type.ts b/packages/schemas/src/v3/gitlab.type.ts index 7fcbbbc8..e0f77188 100644 --- a/packages/schemas/src/v3/gitlab.type.ts +++ b/packages/schemas/src/v3/gitlab.type.ts @@ -5,23 +5,7 @@ export interface GitlabConnectionConfig { * GitLab Configuration */ type: "gitlab"; - /** - * An authentication token. - */ - token?: - | string - | { - /** - * The name of the environment variable that contains the token. - */ - env: string; - } - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - }; + token?: Token; /** * The URL of the GitLab host. Defaults to https://gitlab.com */ @@ -68,6 +52,15 @@ export interface GitlabConnectionConfig { }; revisions?: GitRevisions; } +/** + * An authentication token. + */ +export interface Token { + /** + * The name of the secret that contains the token. + */ + secret: string; +} /** * The revisions (branches, tags) that should be included when indexing. The default branch (HEAD) is always indexed. */ diff --git a/packages/schemas/src/v3/shared.schema.ts b/packages/schemas/src/v3/shared.schema.ts index ff9dbab1..e094a232 100644 --- a/packages/schemas/src/v3/shared.schema.ts +++ b/packages/schemas/src/v3/shared.schema.ts @@ -4,37 +4,17 @@ const schema = { "type": "object", "definitions": { "Token": { - "anyOf": [ - { - "type": "string" - }, - { - "type": "object", - "properties": { - "env": { - "type": "string", - "description": "The name of the environment variable that contains the token." - } - }, - "required": [ - "env" - ], - "additionalProperties": false - }, - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false + "type": "object", + "properties": { + "secret": { + "type": "string", + "description": "The name of the secret that contains the token." } - ] + }, + "required": [ + "secret" + ], + "additionalProperties": false }, "GitRevisions": { "type": "object", diff --git a/packages/schemas/src/v3/shared.type.ts b/packages/schemas/src/v3/shared.type.ts index 3347d6a6..c785e32a 100644 --- a/packages/schemas/src/v3/shared.type.ts +++ b/packages/schemas/src/v3/shared.type.ts @@ -1,26 +1,17 @@ // THIS IS A AUTO-GENERATED FILE. DO NOT MODIFY MANUALLY! +export interface Shared { + [k: string]: unknown; +} /** * This interface was referenced by `Shared`'s JSON-Schema * via the `definition` "Token". */ -export type Token = - | string - | { - /** - * The name of the environment variable that contains the token. - */ - env: string; - } - | { - /** - * The name of the secret that contains the token. - */ - secret: string; - }; - -export interface Shared { - [k: string]: unknown; +export interface Token { + /** + * The name of the secret that contains the token. + */ + secret: string; } /** * The revisions (branches, tags) that should be included when indexing. The default branch (HEAD) is always indexed. diff --git a/schemas/v3/shared.json b/schemas/v3/shared.json index fcb1db75..97f807ff 100644 --- a/schemas/v3/shared.json +++ b/schemas/v3/shared.json @@ -3,37 +3,17 @@ "type": "object", "definitions": { "Token": { - "anyOf": [ - { - "type": "string" - }, - { - "type": "object", - "properties": { - "env": { - "type": "string", - "description": "The name of the environment variable that contains the token." - } - }, - "required": [ - "env" - ], - "additionalProperties": false - }, - { - "type": "object", - "properties": { - "secret": { - "type": "string", - "description": "The name of the secret that contains the token." - } - }, - "required": [ - "secret" - ], - "additionalProperties": false + "type": "object", + "properties": { + "secret": { + "type": "string", + "description": "The name of the secret that contains the token." } - ] + }, + "required": [ + "secret" + ], + "additionalProperties": false }, "GitRevisions": { "type": "object",