github/infisical
1
0
Fork 0
mirror of https://github.com/Infisical/infisical.git synced 2026-01-09 07:28:09 -05:00
Code Issues Packages Projects Releases Wiki Activity

Patch GitHub integration for organization repos by including correct owner

Browse Source
This commit is contained in:
Tuan Dang
2023-01-18 16:33:24 +07:00
parent 2235069e78
commit 3a6b2084bc
7 changed files with 35 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
backend/src/controllers/v1/integrationController.ts
View File

@@ -41,7 +41,8 @@ export const updateIntegration = async (req: Request, res: Response) => {
isActive,
target, // vercel-specific integration param
context, // netlify-specific integration param
siteId // netlify-specific integration param
siteId, // netlify-specific integration param
owner // github-specific integration param
} = req.body;
integration = await Integration.findOneAndUpdate(
@@ -54,7 +55,8 @@ export const updateIntegration = async (req: Request, res: Response) => {
app,
target,
context,
siteId
siteId,
owner
},
{
new: true

7
backend/src/integrations/apps.ts
View File

@@ -199,13 +199,16 @@ const getAppsGithub = async ({
const repos = (await octokit.request(
'GET /user/repos{?visibility,affiliation,type,sort,direction,per_page,page,since,before}',
{}
{
per_page: 100
}
)).data;
apps = repos
.filter((a:any) => a.permissions.admin === true)
.map((a: any) => ({
name: a.name
name: a.name,
owner: a.owner.login
})
);
} catch (err) {

13
backend/src/integrations/sync.ts
View File

@@ -530,21 +530,20 @@ const syncSecretsGitHub = async ({
auth: accessToken
});
const user = (await octokit.request('GET /user', {})).data;
// const user = (await octokit.request('GET /user', {})).data;
const repoPublicKey: GitHubRepoKey = (await octokit.request(
'GET /repos/{owner}/{repo}/actions/secrets/public-key',
{
owner: user.login,
owner: integration.owner,
repo: integration.app
}
)).data;
// // Get local copy of decrypted secrets. We cannot decrypt them as we dont have access to GH private key
// Get local copy of decrypted secrets. We cannot decrypt them as we dont have access to GH private key
const encryptedSecrets: GitHubSecretRes = (await octokit.request(
'GET /repos/{owner}/{repo}/actions/secrets',
{
owner: user.login,
owner: integration.owner,
repo: integration.app
}
))
@@ -560,7 +559,7 @@ const syncSecretsGitHub = async ({
await octokit.request(
'DELETE /repos/{owner}/{repo}/actions/secrets/{secret_name}',
{
owner: user.login,
owner: integration.owner,
repo: integration.app,
secret_name: key
}
@@ -590,7 +589,7 @@ const syncSecretsGitHub = async ({
await octokit.request(
'PUT /repos/{owner}/{repo}/actions/secrets/{secret_name}',
{
owner: user.login,
owner: integration.owner,
repo: integration.app,
secret_name: key,
encrypted_value: encryptedSecret,

6
backend/src/models/integration.ts
View File

@@ -15,6 +15,7 @@ export interface IIntegration {
target: string;
context: string;
siteId: string;
owner: string;
integration: 'heroku' | 'vercel' | 'netlify' | 'github';
integrationAuth: Types.ObjectId;
}
@@ -54,6 +55,11 @@ const integrationSchema = new Schema<IIntegration>(
type: String,
default: null
},
owner: {
// github-specific repo owner-login
type: String,
default: null
},
integration: {
type: String,
enum: [

1
backend/src/routes/v1/integration.ts
View File

@@ -24,6 +24,7 @@ router.patch(
body('target').exists(),
body('context').exists(),
body('siteId').exists(),
body('owner').exists(),
validateRequest,
integrationController.updateIntegration
);

16
frontend/src/components/integrations/Integration.tsx
View File

@@ -26,7 +26,8 @@ interface TIntegration {
interface IntegrationApp {
name: string;
siteId: string;
siteId?: string;
owner?: string;
}
type Props = {
@@ -42,7 +43,6 @@ const Integration = ({ integration, environments = [] }: Props) => {
slug: ''
}
);
const [fileState, setFileState] = useState([]);
const router = useRouter();
const [apps, setApps] = useState<IntegrationApp[]>([]); // integration app objects
const [integrationApp, setIntegrationApp] = useState(''); // integration app name
@@ -51,10 +51,6 @@ const Integration = ({ integration, environments = [] }: Props) => {
useEffect(() => {
const loadIntegration = async () => {
interface App {
name: string;
siteId?: string;
}
const tempApps: [IntegrationApp] = await getIntegrationApps({
integrationAuthId: integration.integrationAuth
@@ -178,7 +174,8 @@ const Integration = ({ integration, environments = [] }: Props) => {
text="Start Integration"
onButtonPressed={async () => {
const siteApp = apps.find((app) => app.name === integrationApp); // obj or undefined
const siteId = siteApp?.siteId ? siteApp.siteId : null;
const siteId = siteApp?.siteId ?? null;
const owner = siteApp?.owner ?? null;
await updateIntegration({
integrationId: integration._id,
@@ -189,9 +186,10 @@ const Integration = ({ integration, environments = [] }: Props) => {
context: integrationContext
? reverseContextNetlifyMapping[integrationContext]
: null,
siteId
siteId,
owner
});
router.reload();
}}
color="mineshaft"

8
frontend/src/pages/api/integrations/updateIntegration.ts
View File

@@ -12,6 +12,7 @@ import SecurityClient from '@app/components/utilities/SecurityClient';
* @param {String} obj.target - (optional) target (environment) for Vercel integration
* @param {String} obj.context - (optional) context (environment) for Netlify integration
* @param {String} obj.siteId - (optional) app (site_id) for Netlify integration
* @param {String} obj.owner - (optional) owner login of repo for GitHub integration
* @returns
*/
const updateIntegration = ({
@@ -21,7 +22,8 @@ const updateIntegration = ({
isActive,
target,
context,
siteId
siteId,
owner
}: {
integrationId: string;
app: string;
@@ -30,6 +32,7 @@ const updateIntegration = ({
target: string | null;
context: string | null;
siteId: string | null;
owner: string | null;
}) =>
SecurityClient.fetchCall(`/api/v1/integration/${integrationId}`, {
method: 'PATCH',
@@ -42,7 +45,8 @@ const updateIntegration = ({
isActive,
target,
context,
siteId
siteId,
owner
})
}).then(async (res) => {
if (res && res.status === 200) {