fix: review comments

backend/src/services/app-connection/octopus-deploy/octopus-deploy-connection-fns.ts

@@ -2,6 +2,8 @@ import { AxiosError } from "axios";
 
 import { request } from "@app/lib/config/request";
 import { BadRequestError } from "@app/lib/errors";
+import { removeTrailingSlash } from "@app/lib/fn";
+import { blockLocalAndPrivateIpAddresses } from "@app/lib/validator";
 
 import { AppConnection } from "../app-connection-enums";
 import { OctopusDeployConnectionMethod } from "./octopus-deploy-connection-enums";
@@ -16,6 +18,14 @@ import {
   TOctopusDeploySpaceResponse
 } from "./octopus-deploy-connection-types";
 
+export const getOctopusDeployInstanceUrl = async (config: TOctopusDeployConnectionConfig) => {
+  const instanceUrl = removeTrailingSlash(config.credentials.instanceUrl);
+
+  await blockLocalAndPrivateIpAddresses(instanceUrl);
+
+  return instanceUrl;
+};
+
 export const getOctopusDeployConnectionListItem = () => {
   return {
     name: "Octopus Deploy" as const,
@@ -25,12 +35,13 @@ export const getOctopusDeployConnectionListItem = () => {
 };
 
 export const validateOctopusDeployConnectionCredentials = async (config: TOctopusDeployConnectionConfig) => {
-  const { credentials: inputCredentials } = config;
+  const instanceUrl = await getOctopusDeployInstanceUrl(config);
+  const { apiKey } = config.credentials;
   try {
-    await request.get(`${inputCredentials.instanceUrl}/api/users/me`, {
+    await request.get(`${instanceUrl}/api/users/me`, {
       headers: {
-        "X-Octopus-ApiKey": inputCredentials.apiKey,
-        "X-NuGet-ApiKey": inputCredentials.apiKey,
+        "X-Octopus-ApiKey": apiKey,
+        "X-NuGet-ApiKey": apiKey,
         Accept: "application/json"
       }
     });
@@ -46,14 +57,14 @@ export const validateOctopusDeployConnectionCredentials = async (config: TOctopu
     });
   }
 
-  return inputCredentials;
+  return config.credentials;
 };
 
 export const getOctopusDeploySpaces = async (
   appConnection: TOctopusDeployConnection
 ): Promise<TOctopusDeploySpace[]> => {
-  const { credentials } = appConnection;
-  const { instanceUrl, apiKey } = credentials;
+  const instanceUrl = await getOctopusDeployInstanceUrl(appConnection);
+  const { apiKey } = appConnection.credentials;
 
   try {
     const { data } = await request.get<TOctopusDeploySpaceResponse[]>(`${instanceUrl}/api/spaces/all`, {
@@ -91,8 +102,8 @@ export const getOctopusDeployProjects = async (
   appConnection: TOctopusDeployConnection,
   spaceId: string
 ): Promise<TOctopusDeployProject[]> => {
-  const { credentials } = appConnection;
-  const { instanceUrl, apiKey } = credentials;
+  const instanceUrl = await getOctopusDeployInstanceUrl(appConnection);
+  const { apiKey } = appConnection.credentials;
 
   try {
     const { data } = await request.get<TOctopusDeployProjectResponse[]>(`${instanceUrl}/api/${spaceId}/projects/all`, {
@@ -130,8 +141,8 @@ export const getOctopusDeployScopeValues = async (
   spaceId: string,
   projectId: string
 ): Promise<TOctopusDeployScopeValues> => {
-  const { credentials } = appConnection;
-  const { instanceUrl, apiKey } = credentials;
+  const instanceUrl = await getOctopusDeployInstanceUrl(appConnection);
+  const { apiKey } = appConnection.credentials;
 
   try {
     const { data } = await request.get<TOctopusDeployScopeValuesResponse>(

backend/src/services/secret-sync/octopus-deploy/octopus-deploy-sync-fns.ts

@@ -1,5 +1,6 @@
 import { request } from "@app/lib/config/request";
 import { BadRequestError } from "@app/lib/errors";
+import { getOctopusDeployInstanceUrl } from "@app/services/app-connection/octopus-deploy";
 import { matchesSchema } from "@app/services/secret-sync/secret-sync-fns";
 import { TSecretMap } from "@app/services/secret-sync/secret-sync-types";
 
@@ -37,7 +38,8 @@ export const OctopusDeploySyncFns = {
       environment,
       syncOptions: { disableSecretDeletion, keySchema }
     } = secretSync;
-    const { apiKey, instanceUrl } = connection.credentials;
+    const instanceUrl = await getOctopusDeployInstanceUrl(connection);
+    const { apiKey } = connection.credentials;
 
     const { spaceId, projectId, scope } = secretSync.destinationConfig;
 
@@ -50,14 +52,14 @@ export const OctopusDeploySyncFns = {
     // Get scope values from destination config (if configured)
     const scopeValues = secretSync.destinationConfig.scopeValues || {};
 
-    const nonSenstiveVariables: TOctopusDeployVariable[] = [];
+    const nonSensitiveVariables: TOctopusDeployVariable[] = [];
     let sensitiveVariables: TOctopusDeployVariable[] = [];
 
     variableSet.Variables.forEach((variable) => {
       if (!variable.IsSensitive && variable.Type !== "Sensitive") {
-        nonSenstiveVariables.push(variable);
+        nonSensitiveVariables.push(variable);
       } else {
-        // sensitve variables, this could contain infisical secrets
+        // sensitive variables, this could contain infisical secrets
         sensitiveVariables.push(variable);
       }
     });
@@ -103,7 +105,7 @@ export const OctopusDeploySyncFns = {
       url,
       {
         ...variableSet,
-        Variables: [...nonSenstiveVariables, ...sensitiveVariables, ...newVariables]
+        Variables: [...nonSensitiveVariables, ...sensitiveVariables, ...newVariables]
       },
       {
         headers: this.getAuthHeader(apiKey)
@@ -112,10 +114,12 @@ export const OctopusDeploySyncFns = {
   },
   async removeSecrets(secretSync: TOctopusDeploySyncWithCredentials, secretMap: TSecretMap) {
     const {
-      credentials: { apiKey, instanceUrl }
-    } = secretSync.connection;
+      connection,
+      destinationConfig: { spaceId, projectId, scope }
+    } = secretSync;
 
-    const { spaceId, projectId, scope } = secretSync.destinationConfig;
+    const instanceUrl = await getOctopusDeployInstanceUrl(connection);
+    const { apiKey } = connection.credentials;
 
     const url = this.buildVariableUrl(instanceUrl, spaceId, projectId, scope);