Compare commits
2 Commits
main
...
b593f544d2
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
b593f544d2 | ||
|
|
96f391282e |
@@ -13,4 +13,4 @@ jobs:
|
||||
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4, 2024-10-13
|
||||
|
||||
- name: Build (runs make check inside Dockerfile)
|
||||
run: script/cibuild
|
||||
run: docker build .
|
||||
|
||||
30
Makefile
30
Makefile
@@ -1,4 +1,4 @@
|
||||
.PHONY: all bootstrap setup build lint fmt fmt-check test check clean docker hooks
|
||||
.PHONY: all build lint fmt fmt-check test check clean docker hooks
|
||||
|
||||
BINARY := upaasd
|
||||
VERSION := $(shell git describe --tags --always --dirty 2>/dev/null || echo "dev")
|
||||
@@ -7,37 +7,37 @@ LDFLAGS := -X main.Version=$(VERSION) -X main.Buildarch=$(BUILDARCH)
|
||||
|
||||
all: check build
|
||||
|
||||
bootstrap:
|
||||
@script/bootstrap
|
||||
|
||||
setup:
|
||||
@script/setup
|
||||
|
||||
build:
|
||||
go build -ldflags "$(LDFLAGS)" -o bin/$(BINARY) ./cmd/upaasd
|
||||
|
||||
lint:
|
||||
@script/lint
|
||||
golangci-lint run --config .golangci.yml ./...
|
||||
|
||||
fmt:
|
||||
@script/fmt
|
||||
gofmt -s -w .
|
||||
goimports -w .
|
||||
npx prettier --write --tab-width 4 static/js/*.js
|
||||
|
||||
fmt-check:
|
||||
@script/fmt-check
|
||||
@test -z "$$(gofmt -l .)" || (echo "Files not formatted:" && gofmt -l . && exit 1)
|
||||
|
||||
test:
|
||||
@script/test
|
||||
go test -v -race -cover -timeout 30s ./...
|
||||
|
||||
# Check runs all validation without making changes
|
||||
# Used by CI and Docker build - fails if anything is wrong
|
||||
check:
|
||||
@script/check
|
||||
check: fmt-check lint test
|
||||
@echo "==> All checks passed!"
|
||||
|
||||
docker:
|
||||
@script/docker
|
||||
docker build .
|
||||
|
||||
hooks:
|
||||
@script/install-precommit
|
||||
@echo "Installing pre-commit hook..."
|
||||
@mkdir -p .git/hooks
|
||||
@printf '#!/bin/sh\nmake check\n' > .git/hooks/pre-commit
|
||||
@chmod +x .git/hooks/pre-commit
|
||||
@echo "Pre-commit hook installed."
|
||||
|
||||
clean:
|
||||
rm -rf bin/
|
||||
|
||||
107
README.md
107
README.md
@@ -1,12 +1,12 @@
|
||||
# µPaaS by [@sneak](https://sneak.berlin)
|
||||
|
||||
A simple self-hosted PaaS that auto-deploys Docker containers from Git repositories via webhooks from Gitea, GitHub, or GitLab.
|
||||
A simple self-hosted PaaS that auto-deploys Docker containers from Git repositories via Gitea webhooks.
|
||||
|
||||
## Features
|
||||
|
||||
- Single admin user with argon2id password hashing
|
||||
- Per-app SSH keypairs for read-only deploy keys
|
||||
- Per-app UUID-based webhook URLs with auto-detection of Gitea, GitHub, and GitLab
|
||||
- Per-app UUID-based webhook URLs for Gitea integration
|
||||
- Branch filtering - only deploy on configured branch changes
|
||||
- Environment variables, labels, and volume mounts per app
|
||||
- CPU and memory resource limits per app
|
||||
@@ -20,7 +20,7 @@ A simple self-hosted PaaS that auto-deploys Docker containers from Git repositor
|
||||
- Complex CI pipelines
|
||||
- Multiple container orchestration
|
||||
- SPA/API-first design
|
||||
- Support for non-push webhook events (e.g. issues, merge requests)
|
||||
- Support for non-Gitea webhooks
|
||||
|
||||
## Architecture
|
||||
|
||||
@@ -37,15 +37,17 @@ upaas/
|
||||
│ ├── handlers/ # HTTP request handlers
|
||||
│ ├── healthcheck/ # Health status service
|
||||
│ ├── logger/ # Structured logging (slog)
|
||||
│ ├── middleware/ # HTTP middleware (auth, logging, CORS)
|
||||
│ ├── metrics/ # Prometheus metrics registration
|
||||
│ ├── middleware/ # HTTP middleware (auth, logging, CORS, metrics)
|
||||
│ ├── models/ # Active Record style database models
|
||||
│ ├── server/ # HTTP server and routes
|
||||
│ ├── service/
|
||||
│ │ ├── app/ # App management service
|
||||
│ │ ├── audit/ # Audit logging service
|
||||
│ │ ├── auth/ # Authentication service
|
||||
│ │ ├── deploy/ # Deployment orchestration
|
||||
│ │ ├── notify/ # Notifications (ntfy, Slack)
|
||||
│ │ └── webhook/ # Webhook processing (Gitea, GitHub, GitLab)
|
||||
│ │ └── webhook/ # Gitea webhook processing
|
||||
│ └── ssh/ # SSH key generation
|
||||
├── static/ # Embedded CSS/JS assets
|
||||
└── templates/ # Embedded HTML templates
|
||||
@@ -59,16 +61,18 @@ Uses Uber fx for dependency injection. Components are wired in this order:
|
||||
2. `logger` - Structured logging
|
||||
3. `config` - Configuration loading
|
||||
4. `database` - SQLite connection + migrations
|
||||
5. `healthcheck` - Health status
|
||||
6. `auth` - Authentication service
|
||||
7. `app` - App management
|
||||
8. `docker` - Docker client
|
||||
9. `notify` - Notification service
|
||||
10. `deploy` - Deployment service
|
||||
11. `webhook` - Webhook processing
|
||||
12. `middleware` - HTTP middleware
|
||||
13. `handlers` - HTTP handlers
|
||||
14. `server` - HTTP server
|
||||
5. `metrics` - Prometheus metrics registration
|
||||
6. `healthcheck` - Health status
|
||||
7. `auth` - Authentication service
|
||||
8. `app` - App management
|
||||
9. `docker` - Docker client
|
||||
10. `notify` - Notification service
|
||||
11. `audit` - Audit logging service
|
||||
12. `deploy` - Deployment service
|
||||
13. `webhook` - Webhook processing
|
||||
14. `middleware` - HTTP middleware
|
||||
15. `handlers` - HTTP handlers
|
||||
16. `server` - HTTP server
|
||||
|
||||
### Request Flow
|
||||
|
||||
@@ -100,31 +104,6 @@ chi Router ──► Middleware Stack ──► Handler
|
||||
- **Async deployments**: Webhook triggers deploy via goroutine with `context.WithoutCancel()`
|
||||
- **Embedded assets**: Templates and static files embedded via `//go:embed`
|
||||
|
||||
## Entrypoints
|
||||
|
||||
This repository adheres to the
|
||||
[Scripts to Rule Them All](https://github.com/github/scripts-to-rule-them-all)
|
||||
standard: normalized scripts in `script/` are the entrypoints for the
|
||||
development workflow, and the Makefile targets are thin shims that call
|
||||
them. We provide:
|
||||
|
||||
- `script/bootstrap` — install all dependencies (idempotent)
|
||||
- `script/setup` — make a fresh clone ready for development
|
||||
(bootstrap, then install-precommit)
|
||||
- `script/projectname` — output the project name ("upaas")
|
||||
- `script/test` — run the test suite
|
||||
- `script/lint` — run golangci-lint
|
||||
- `script/fmt` — format all code (writes)
|
||||
- `script/fmt-check` — check formatting (read-only)
|
||||
- `script/check` — run test, lint, and fmt-check
|
||||
- `script/docker` — build the Docker image tagged via `script/projectname`
|
||||
- `script/cibuild` — CI entrypoint: `docker build .` (the Dockerfile
|
||||
runs the checks, so a green build implies a green repo)
|
||||
- `script/precommit` — pre-commit checks (`go mod tidy` guard, then
|
||||
`script/check`)
|
||||
- `script/install-precommit` — install the git pre-commit hook that
|
||||
runs `script/precommit`
|
||||
|
||||
## Development
|
||||
|
||||
### Prerequisites
|
||||
@@ -136,16 +115,14 @@ them. We provide:
|
||||
### Commands
|
||||
|
||||
```bash
|
||||
make bootstrap # Install all dependencies (idempotent)
|
||||
make setup # Bootstrap + install git pre-commit hook
|
||||
make fmt # Format code
|
||||
make fmt-check # Check formatting (read-only, fails if unformatted)
|
||||
make lint # Run comprehensive linting
|
||||
make test # Run tests with race detection (30s timeout)
|
||||
make check # Verify everything passes (test, lint, fmt-check)
|
||||
make check # Verify everything passes (fmt-check, lint, test)
|
||||
make build # Build binary
|
||||
make docker # Build Docker image
|
||||
make hooks # Install pre-commit hook (runs script/precommit)
|
||||
make hooks # Install pre-commit hook (runs make check)
|
||||
```
|
||||
|
||||
### Commit Requirements
|
||||
@@ -239,6 +216,48 @@ Example: `HOST_DATA_DIR=/srv/upaas/data docker compose up -d`
|
||||
|
||||
Session secrets are automatically generated on first startup and persisted to `$UPAAS_DATA_DIR/session.key`.
|
||||
|
||||
## Observability
|
||||
|
||||
### Prometheus Metrics
|
||||
|
||||
All custom metrics are exposed under the `upaas_` namespace at `/metrics`. The
|
||||
endpoint is always available and can be optionally protected with basic auth via
|
||||
`METRICS_USERNAME` and `METRICS_PASSWORD`.
|
||||
|
||||
| Metric | Type | Labels | Description |
|
||||
|--------|------|--------|-------------|
|
||||
| `upaas_deployments_total` | Counter | `app`, `status` | Total deployments (success/failed/cancelled) |
|
||||
| `upaas_deployments_duration_seconds` | Histogram | `app`, `status` | Deployment duration |
|
||||
| `upaas_deployments_in_flight` | Gauge | `app` | Currently running deployments |
|
||||
| `upaas_container_healthy` | Gauge | `app` | Container health (1=healthy, 0=unhealthy) |
|
||||
| `upaas_webhook_events_total` | Counter | `app`, `event_type`, `matched` | Webhook events received |
|
||||
| `upaas_http_requests_total` | Counter | `method`, `status_code` | HTTP requests |
|
||||
| `upaas_http_request_duration_seconds` | Histogram | `method` | HTTP request latency |
|
||||
| `upaas_http_response_size_bytes` | Histogram | `method` | HTTP response sizes |
|
||||
| `upaas_audit_events_total` | Counter | `action` | Audit log events |
|
||||
|
||||
### Audit Log
|
||||
|
||||
All user-facing actions are recorded in an `audit_log` SQLite table with:
|
||||
|
||||
- **Who**: user ID and username
|
||||
- **What**: action type and affected resource (app, deployment, session, etc.)
|
||||
- **Where**: client IP (via X-Real-IP/X-Forwarded-For/RemoteAddr)
|
||||
- **When**: timestamp
|
||||
|
||||
Audited actions include login/logout, app CRUD, deployments, container
|
||||
start/stop/restart, rollbacks, deployment cancellation, and webhook receipt.
|
||||
|
||||
The audit log is available via the API at `GET /api/v1/audit?limit=N` (max 500,
|
||||
default 50).
|
||||
|
||||
### Structured Logging
|
||||
|
||||
All operations use Go's `slog` structured logger. HTTP requests are logged with
|
||||
method, URL, status code, response size, latency, user agent, and client IP.
|
||||
Deployment events are logged with app name, status, and duration. Audit events
|
||||
are also logged to stdout for correlation with external log aggregators.
|
||||
|
||||
## License
|
||||
|
||||
WTFPL
|
||||
|
||||
256
REPO_POLICIES.md
256
REPO_POLICIES.md
@@ -1,6 +1,6 @@
|
||||
---
|
||||
title: Repository Policies
|
||||
last_modified: 2026-07-06
|
||||
last_modified: 2026-02-22
|
||||
---
|
||||
|
||||
This document covers repository structure, tooling, and workflow standards. Code
|
||||
@@ -34,46 +34,10 @@ style conventions are in separate documents:
|
||||
every file before committing. There are zero exceptions to this rule.
|
||||
|
||||
- Every repo with software must have a root `Makefile` with these targets:
|
||||
`make bootstrap`, `make setup`, `make test`, `make lint`, `make fmt` (writes),
|
||||
`make fmt-check` (read-only), `make check` (runs `test`, `lint`, `fmt-check`),
|
||||
`make docker`, and `make hooks` (installs pre-commit hook). A model Makefile
|
||||
is at `https://git.eeqj.de/sneak/prompts/raw/branch/main/Makefile`.
|
||||
|
||||
- Repos follow the
|
||||
[Scripts to Rule Them All](https://github.com/github/scripts-to-rule-them-all)
|
||||
pattern: the implementation of each Makefile target lives in an executable
|
||||
script in `script/` (`script/bootstrap`, `script/setup`, `script/test`,
|
||||
`script/lint`, `script/fmt`, `script/fmt-check`, `script/check`,
|
||||
`script/docker`), and the Makefile targets are thin shims that call them. The
|
||||
scripts must be POSIX sh (`#!/bin/sh`, `set -eu`, no bashisms) so they run in
|
||||
minimal containers (e.g. alpine images have no bash); locate the repo root
|
||||
with `$(cd "$(dirname "$0")/.." && pwd -P)` and `cd` there before acting. From
|
||||
the standard's canonical set we use `bootstrap`, `setup` (make the repo ready
|
||||
for development after a fresh clone: runs `bootstrap`, then
|
||||
`install-precommit`, plus any repo-specific initialization), `test`, and
|
||||
`cibuild`. `script/bootstrap` installs all dependencies idempotently and
|
||||
assumes nothing is present: base tools come from nix, apt, brew, or apk
|
||||
(detected in that order; apt runs noninteractive). For node it uses the
|
||||
installed node if present; otherwise it installs a PINNED node version via
|
||||
nvm, first installing nvm itself if missing — from a hash-verified GitHub
|
||||
release archive (never `curl | sh`), with bash installed as an explicit
|
||||
prerequisite since nvm requires bash. yarn is then pinned via
|
||||
`corepack prepare yarn@<version> --activate`. Never install "latest" or "lts";
|
||||
always exact versions. `script/cibuild` runs the CI build: it changes to the
|
||||
repo root and runs `docker build .`; the Gitea workflow calls it. Four further
|
||||
scripts are our own extensions to the standard: `script/check` runs
|
||||
`script/test`, `script/lint`, and `script/fmt-check`; `script/precommit` is
|
||||
what the git pre-commit hook runs, and it calls `script/check`;
|
||||
`script/install-precommit` installs the git pre-commit hook (the `make hooks`
|
||||
target shims to it); and `script/projectname` (literally that filename) simply
|
||||
outputs the project's name. Scripts that need the name call
|
||||
`script/projectname` — e.g. `script/docker` assembles its image tag from it —
|
||||
so those scripts stay byte-identical across all repos. Repo-type-specific
|
||||
pre-commit extras (e.g. `go mod tidy` verification in Go repos) belong in
|
||||
`script/precommit`, not in the hook itself. Model scripts are at
|
||||
`https://git.eeqj.de/sneak/prompts/raw/branch/main/script/<name>`. The README
|
||||
must document the provided scripts in an **Entrypoints** section (see the
|
||||
README requirements below).
|
||||
`make test`, `make lint`, `make fmt` (writes), `make fmt-check` (read-only),
|
||||
`make check` (prereqs: `test`, `lint`, `fmt-check`), `make docker`, and
|
||||
`make hooks` (installs pre-commit hook). A model Makefile is at
|
||||
`https://git.eeqj.de/sneak/prompts/raw/branch/main/Makefile`.
|
||||
|
||||
- Always use Makefile targets (`make fmt`, `make test`, `make lint`, etc.)
|
||||
instead of invoking the underlying tools directly. The Makefile is the single
|
||||
@@ -93,83 +57,11 @@ style conventions are in separate documents:
|
||||
as a build step so the build fails if the branch is not green. For non-server
|
||||
repos, the Dockerfile should bring up a development environment and run
|
||||
`make check`. For server repos, `make check` should run as an early build
|
||||
stage before the final image is assembled. Dockerfiles install development
|
||||
prerequisites by running `script/bootstrap` rather than duplicating installs
|
||||
inline; COPY `script/` and the dependency manifests (`package.json` +
|
||||
`yarn.lock`, `go.mod` + `go.sum`, etc.) before running it so the bootstrap
|
||||
layer stays cached until dependencies change.
|
||||
|
||||
- **Dockerfiles must use a separate lint stage for fail-fast feedback.** Go
|
||||
repos use a multistage build where linting runs in an independent stage based
|
||||
on the `golangci/golangci-lint` image (pinned by hash). This stage runs
|
||||
`make fmt-check` and `make lint` before the full build begins. The build stage
|
||||
then declares an explicit dependency on the lint stage via
|
||||
`COPY --from=lint /src/go.sum /dev/null`, which forces BuildKit to complete
|
||||
linting before proceeding to compilation and tests. This ensures lint failures
|
||||
surface in seconds rather than minutes, without blocking on dependency
|
||||
download or compilation in the build stage.
|
||||
|
||||
The standard pattern for a Go repo Dockerfile is:
|
||||
|
||||
```dockerfile
|
||||
# Lint stage — fast feedback on formatting and lint issues
|
||||
# golangci/golangci-lint:v2.x.x, YYYY-MM-DD
|
||||
FROM golangci/golangci-lint@sha256:... AS lint
|
||||
WORKDIR /src
|
||||
COPY go.mod go.sum ./
|
||||
RUN go mod download
|
||||
COPY . .
|
||||
RUN make fmt-check
|
||||
RUN make lint
|
||||
|
||||
# Build stage
|
||||
# golang:1.x-alpine, YYYY-MM-DD
|
||||
FROM golang@sha256:... AS builder
|
||||
WORKDIR /src
|
||||
|
||||
# Force BuildKit to run the lint stage before proceeding
|
||||
COPY --from=lint /src/go.sum /dev/null
|
||||
|
||||
COPY go.mod go.sum ./
|
||||
RUN go mod download
|
||||
COPY . .
|
||||
RUN make test
|
||||
|
||||
ARG VERSION=dev
|
||||
RUN CGO_ENABLED=0 go build -trimpath \
|
||||
-ldflags="-s -w -X main.Version=${VERSION}" \
|
||||
-o /app ./cmd/app/
|
||||
|
||||
# Runtime stage
|
||||
FROM alpine@sha256:...
|
||||
COPY --from=builder /app /usr/local/bin/app
|
||||
ENTRYPOINT ["app"]
|
||||
```
|
||||
|
||||
Key points:
|
||||
- The lint stage uses the `golangci/golangci-lint` image directly (it
|
||||
includes both Go and the linter), so there is no need to install the
|
||||
linter separately.
|
||||
- `COPY --from=lint /src/go.sum /dev/null` is a no-op file copy that creates
|
||||
a stage dependency. BuildKit runs stages in parallel by default; without
|
||||
this line, the build stage would not wait for lint to finish and a lint
|
||||
failure might not fail the overall build.
|
||||
- If the project uses `//go:embed` directives that reference build artifacts
|
||||
(e.g. a web frontend compiled in a separate stage), the lint stage must
|
||||
create placeholder files so the embed directives resolve. Example:
|
||||
`RUN mkdir -p web/dist && touch web/dist/index.html web/dist/style.css`.
|
||||
The lint stage should not depend on the actual build output — it exists to
|
||||
fail fast.
|
||||
- If the project requires CGO or system libraries for linting (e.g.
|
||||
`vips-dev`), install them in the lint stage with `apk add`.
|
||||
- The build stage runs `make test` after compilation setup. Tests run in the
|
||||
build stage, not the lint stage, because they may require compiled
|
||||
artifacts or heavier dependencies.
|
||||
stage before the final image is assembled.
|
||||
|
||||
- Every repo should have a Gitea Actions workflow (`.gitea/workflows/`) that
|
||||
runs `script/cibuild` (which runs `docker build .`) on push. Since the
|
||||
Dockerfile already runs `make check`, a successful build implies all checks
|
||||
pass.
|
||||
runs `docker build .` on push. Since the Dockerfile already runs `make check`,
|
||||
a successful build implies all checks pass.
|
||||
|
||||
- Use platform-standard formatters: `black` for Python, `prettier` for
|
||||
JS/CSS/Markdown/HTML, `go fmt` for Go. Always use default configuration with
|
||||
@@ -177,11 +69,9 @@ style conventions are in separate documents:
|
||||
Markdown (hard-wrap at 80 columns). Documentation and writing repos (Markdown,
|
||||
HTML, CSS) should also have `.prettierrc` and `.prettierignore`.
|
||||
|
||||
- Pre-commit hook: runs `script/precommit`, which calls `script/check`. If local
|
||||
testing is not possible in the repo, `script/precommit` may skip `script/test`
|
||||
and run only `script/lint` and `script/fmt-check`. The hook is installed by
|
||||
`script/install-precommit`; the Makefile must provide a `make hooks` target
|
||||
that shims to it.
|
||||
- Pre-commit hook: `make check` if local testing is possible, otherwise
|
||||
`make lint && make fmt-check`. The Makefile should provide a `make hooks`
|
||||
target to install the pre-commit hook.
|
||||
|
||||
- All repos with software must have tests that run via the platform-standard
|
||||
test framework (`go test`, `pytest`, `jest`/`vitest`, etc.). If no meaningful
|
||||
@@ -192,42 +82,6 @@ style conventions are in separate documents:
|
||||
- `make test` must complete in under 20 seconds. Add a 30-second timeout in the
|
||||
Makefile.
|
||||
|
||||
- **`make test` should use the conditional verbose rerun pattern.** Run tests
|
||||
without `-v` (verbose) first. If tests fail, automatically rerun with `-v` to
|
||||
show full output. This keeps CI logs and `docker build` output clean on
|
||||
success (just package/suite summaries) while providing full diagnostic detail
|
||||
on failure (every test case, every assertion). The general shell pattern:
|
||||
|
||||
```makefile
|
||||
test:
|
||||
@<test-command> || \
|
||||
{ echo "--- Rerunning with -v for details ---"; \
|
||||
<test-command-with-v>; exit 1; }
|
||||
```
|
||||
|
||||
Go example:
|
||||
|
||||
```makefile
|
||||
test:
|
||||
@go test -timeout 30s -race -cover ./... || \
|
||||
{ echo "--- Rerunning with -v for details ---"; \
|
||||
go test -timeout 30s -race -v ./...; exit 1; }
|
||||
```
|
||||
|
||||
Python example:
|
||||
|
||||
```makefile
|
||||
test:
|
||||
@python -m pytest || \
|
||||
{ echo "--- Rerunning with -v for details ---"; \
|
||||
python -m pytest -v; exit 1; }
|
||||
```
|
||||
|
||||
The `exit 1` ensures the target always fails after a rerun — the first run
|
||||
already proved the tests are broken, so the build must not pass even if a
|
||||
flaky test happens to succeed on the second attempt. The rerun exists solely
|
||||
for diagnostic output.
|
||||
|
||||
- Docker builds must complete in under 5 minutes.
|
||||
|
||||
- `make check` must not modify any files in the repo. Tests may use temporary
|
||||
@@ -244,13 +98,6 @@ style conventions are in separate documents:
|
||||
`https://git.eeqj.de/sneak/prompts/raw/branch/main/.gitignore` when setting up
|
||||
a new repo.
|
||||
|
||||
- **No build artifacts in version control.** Code-derived data (compiled
|
||||
bundles, minified output, generated assets) must never be committed to the
|
||||
repository if it can be avoided. The build process (e.g. Dockerfile, Makefile)
|
||||
should generate these at build time. Notable exception: Go protobuf generated
|
||||
files (`.pb.go`) ARE committed because repos need to work with `go get`, which
|
||||
downloads code but does not execute code generation.
|
||||
|
||||
- Never use `git add -A` or `git add .`. Always stage files explicitly by name.
|
||||
|
||||
- Never force-push to `main`.
|
||||
@@ -274,76 +121,12 @@ style conventions are in separate documents:
|
||||
- Dockerized web services listen on port 8080 by default, overridable with
|
||||
`PORT`.
|
||||
|
||||
- **HTTP/web services must be hardened for production internet exposure before
|
||||
tagging 1.0.** This means full compliance with security best practices
|
||||
including, without limitation, all of the following:
|
||||
- **Security headers** on every response:
|
||||
- `Strict-Transport-Security` (HSTS) with `max-age` of at least one year
|
||||
and `includeSubDomains`.
|
||||
- `Content-Security-Policy` (CSP) with a restrictive default policy
|
||||
(`default-src 'self'` as a baseline, tightened per-resource as
|
||||
needed). Never use `unsafe-inline` or `unsafe-eval` unless
|
||||
unavoidable, and document the reason.
|
||||
- `X-Frame-Options: DENY` (or `SAMEORIGIN` if framing is required).
|
||||
Prefer the `frame-ancestors` CSP directive as the primary control.
|
||||
- `X-Content-Type-Options: nosniff`.
|
||||
- `Referrer-Policy: strict-origin-when-cross-origin` (or stricter).
|
||||
- `Permissions-Policy` restricting access to browser features the
|
||||
application does not use (camera, microphone, geolocation, etc.).
|
||||
- **Request and response limits:**
|
||||
- Maximum request body size enforced on all endpoints (e.g. Go
|
||||
`http.MaxBytesReader`). Choose a sane default per-route; never accept
|
||||
unbounded input.
|
||||
- Maximum response body size where applicable (e.g. paginated APIs).
|
||||
- `ReadTimeout` and `ReadHeaderTimeout` on the `http.Server` to defend
|
||||
against slowloris attacks.
|
||||
- `WriteTimeout` on the `http.Server`.
|
||||
- `IdleTimeout` on the `http.Server`.
|
||||
- Per-handler execution time limits via `context.WithTimeout` or
|
||||
chi/stdlib `middleware.Timeout`.
|
||||
- **Authentication and session security:**
|
||||
- Rate limiting on password-based authentication endpoints. API keys are
|
||||
high-entropy and not susceptible to brute force, so they are exempt.
|
||||
- CSRF tokens on all state-mutating HTML forms. API endpoints
|
||||
authenticated via `Authorization` header (Bearer token, API key) are
|
||||
exempt because the browser does not attach these automatically.
|
||||
- Passwords stored using bcrypt, scrypt, or argon2 — never plain-text,
|
||||
MD5, or SHA.
|
||||
- Session cookies set with `HttpOnly`, `Secure`, and `SameSite=Lax` (or
|
||||
`Strict`) attributes.
|
||||
- **Reverse proxy awareness:**
|
||||
- True client IP detection when behind a reverse proxy
|
||||
(`X-Forwarded-For`, `X-Real-IP`). The application must accept
|
||||
forwarded headers only from a configured set of trusted proxy
|
||||
addresses — never trust `X-Forwarded-For` unconditionally.
|
||||
- **CORS:**
|
||||
- Authenticated endpoints must restrict `Access-Control-Allow-Origin` to
|
||||
an explicit allowlist of known origins. Wildcard (`*`) is acceptable
|
||||
only for public, unauthenticated read-only APIs.
|
||||
- **Error handling:**
|
||||
- Internal errors must never leak stack traces, SQL queries, file paths,
|
||||
or other implementation details to the client. Return generic error
|
||||
messages in production; detailed errors only when `DEBUG` is enabled.
|
||||
- **TLS:**
|
||||
- Services never terminate TLS directly. They are always deployed behind
|
||||
a TLS-terminating reverse proxy. The service itself listens on plain
|
||||
HTTP. However, HSTS headers and `Secure` cookie flags must still be
|
||||
set by the application so that the browser enforces HTTPS end-to-end.
|
||||
|
||||
This list is non-exhaustive. Apply defense-in-depth: if a standard security
|
||||
hardening measure exists for HTTP services and is not listed here, it is
|
||||
still expected. When in doubt, harden.
|
||||
|
||||
- `README.md` is the primary documentation. Required sections:
|
||||
- **Description**: First line must include the project name, purpose,
|
||||
category (web server, SPA, CLI tool, etc.), license, and author. Example:
|
||||
"µPaaS is an MIT-licensed Go web application by @sneak that receives
|
||||
git-frontend webhooks and deploys applications via Docker in realtime."
|
||||
- **Getting Started**: Copy-pasteable install/usage code block.
|
||||
- **Entrypoints**: Opens by stating that the repo adheres to the
|
||||
[Scripts to Rule Them All](https://github.com/github/scripts-to-rule-them-all)
|
||||
standard (with that link), then documents each provided `script/`
|
||||
entrypoint and its purpose.
|
||||
- **Rationale**: Why does this exist?
|
||||
- **Design**: How is the program structured?
|
||||
- **TODO**: Update meticulously, even between commits. When planning, put
|
||||
@@ -362,13 +145,13 @@ style conventions are in separate documents:
|
||||
|
||||
- Database migrations live in `internal/db/migrations/` and must be embedded in
|
||||
the binary.
|
||||
- `000_migration.sql` — contains ONLY the creation of the migrations
|
||||
tracking table itself. Nothing else.
|
||||
- `001_schema.sql` — the full application schema.
|
||||
- **Pre-1.0.0:** never add additional migration files (002, 003, etc.).
|
||||
There is no installed base to migrate. Edit `001_schema.sql` directly.
|
||||
- **Post-1.0.0:** add new numbered migration files for each schema change.
|
||||
Never edit existing migrations after release.
|
||||
- `000_migration.sql` — contains ONLY the creation of the migrations tracking
|
||||
table itself. Nothing else.
|
||||
- `001_schema.sql` — the full application schema.
|
||||
- **Pre-1.0.0:** never add additional migration files (002, 003, etc.). There
|
||||
is no installed base to migrate. Edit `001_schema.sql` directly.
|
||||
- **Post-1.0.0:** add new numbered migration files for each schema change.
|
||||
Never edit existing migrations after release.
|
||||
|
||||
- All repos should have an `.editorconfig` enforcing the project's indentation
|
||||
settings.
|
||||
@@ -398,9 +181,6 @@ style conventions are in separate documents:
|
||||
- `README.md`, `.git`, `.gitignore`, `.editorconfig`
|
||||
- `LICENSE`, `REPO_POLICIES.md` (copy from the `prompts` repo)
|
||||
- `Makefile`
|
||||
- `script/` entrypoints (`bootstrap`, `setup`, `projectname`, `test`,
|
||||
`lint`, `fmt`, `fmt-check`, `check`, `docker`, `cibuild`, `precommit`,
|
||||
`install-precommit`)
|
||||
- `Dockerfile`, `.dockerignore`
|
||||
- `.gitea/workflows/check.yml`
|
||||
- Go: `go.mod`, `go.sum`, `.golangci.yml`
|
||||
|
||||
55
TODO.md
55
TODO.md
@@ -1,55 +0,0 @@
|
||||
# Workflow
|
||||
|
||||
* branch (from `main`)
|
||||
* do the work in Next Step
|
||||
* move Next Step to the top of Completed Steps
|
||||
* move the top item of Future Steps into Next Step
|
||||
* commit (`TODO.md` changes in the same commit as the work)
|
||||
* merge to `main` if the branch is not protected, otherwise open a PR
|
||||
* push
|
||||
|
||||
# Status
|
||||
|
||||
1.0+. Tagged 1.0.0 on 2026-02-26; 8 commits on main since. Policy
|
||||
violation: main currently fails make check (91 lint issues), so the tree
|
||||
is out of compliance until fixed.
|
||||
|
||||
# Next Step
|
||||
|
||||
Fix the 47 noctx lint findings (HTTP requests without context) in one
|
||||
commit and confirm the count drops under make check. This is the largest
|
||||
of the three lint classes blocking a green main.
|
||||
|
||||
# Completed Steps
|
||||
|
||||
- 2026-07-07 Adopted scripts-to-rule-them-all: `script/` entrypoints,
|
||||
Makefile shims, README Entrypoints section
|
||||
- 2026-03-11: Monolithic env var editing with bulk save (#158).
|
||||
- 2026-03-10: Webhook event history UI page (#164); added missing
|
||||
Makefile docker and hooks targets plus test timeout (#159);
|
||||
notification settings passed from create form (#160).
|
||||
- 2026-03-03: REPO_POLICIES compliance file set added (#155).
|
||||
- 2026-03-01: Module path changed to sneak.berlin/go/upaas (#143);
|
||||
Dockerfile split into lint and build stages with forced lint
|
||||
execution (#152, #154).
|
||||
- 2026-02-26: 1.0.0 tagged; dashboard CSRFField crash fixed (#146).
|
||||
- 1.0 audit bug fixes (#120-#125): deferred rollback on commit error,
|
||||
deployment log size cap, error path rendering, docker-compose bind
|
||||
mount, domain type refactor.
|
||||
- CI simplified to docker build only (#130).
|
||||
- 2025-12-29 onward: core PaaS built out: deploys with real-time build
|
||||
log streaming, container start/stop/restart and logs, TCP/UDP port
|
||||
mapping, Alpine.js UI, Slack notifications, ULID app IDs, session
|
||||
handling.
|
||||
|
||||
# Future Steps
|
||||
|
||||
- Get main green (compliance, ordered):
|
||||
- Fix 47 noctx findings (Next Step).
|
||||
- Fix 23 gosec findings.
|
||||
- Fix 21 goconst findings.
|
||||
- Run make check clean on main and keep it green; main must always
|
||||
pass.
|
||||
- Confirm .gitea/workflows/check.yml gates merges on make check so main
|
||||
cannot regress.
|
||||
- Resume feature work only after main is green.
|
||||
@@ -11,9 +11,11 @@ import (
|
||||
"sneak.berlin/go/upaas/internal/handlers"
|
||||
"sneak.berlin/go/upaas/internal/healthcheck"
|
||||
"sneak.berlin/go/upaas/internal/logger"
|
||||
"sneak.berlin/go/upaas/internal/metrics"
|
||||
"sneak.berlin/go/upaas/internal/middleware"
|
||||
"sneak.berlin/go/upaas/internal/server"
|
||||
"sneak.berlin/go/upaas/internal/service/app"
|
||||
"sneak.berlin/go/upaas/internal/service/audit"
|
||||
"sneak.berlin/go/upaas/internal/service/auth"
|
||||
"sneak.berlin/go/upaas/internal/service/deploy"
|
||||
"sneak.berlin/go/upaas/internal/service/notify"
|
||||
@@ -41,6 +43,7 @@ func main() {
|
||||
logger.New,
|
||||
config.New,
|
||||
database.New,
|
||||
metrics.New,
|
||||
healthcheck.New,
|
||||
auth.New,
|
||||
app.New,
|
||||
@@ -48,6 +51,7 @@ func main() {
|
||||
notify.New,
|
||||
deploy.New,
|
||||
webhook.New,
|
||||
audit.New,
|
||||
middleware.New,
|
||||
handlers.New,
|
||||
server.New,
|
||||
|
||||
@@ -2,74 +2,36 @@ package database
|
||||
|
||||
import (
|
||||
"context"
|
||||
"database/sql"
|
||||
"embed"
|
||||
"errors"
|
||||
"fmt"
|
||||
"io/fs"
|
||||
"log/slog"
|
||||
"sort"
|
||||
"strconv"
|
||||
"strings"
|
||||
)
|
||||
|
||||
//go:embed migrations/*.sql
|
||||
var migrationsFS embed.FS
|
||||
|
||||
// bootstrapVersion is the migration that creates the schema_migrations
|
||||
// table itself. It is applied before the normal migration loop.
|
||||
const bootstrapVersion = 0
|
||||
|
||||
// ErrInvalidMigrationFilename indicates a migration filename does not follow
|
||||
// the expected "<version>.sql" or "<version>_<description>.sql" pattern.
|
||||
var ErrInvalidMigrationFilename = errors.New("invalid migration filename")
|
||||
|
||||
// ParseMigrationVersion extracts the numeric version prefix from a migration
|
||||
// filename. Filenames must follow the pattern "<version>.sql" or
|
||||
// "<version>_<description>.sql", where version is a zero-padded numeric
|
||||
// string (e.g. "001", "002"). Returns the version as an integer and an
|
||||
// error if the filename does not match the expected pattern.
|
||||
func ParseMigrationVersion(filename string) (int, error) {
|
||||
name := strings.TrimSuffix(filename, ".sql")
|
||||
if name == "" || name == filename {
|
||||
return 0, fmt.Errorf("%w: %q has no .sql extension or is empty", ErrInvalidMigrationFilename, filename)
|
||||
}
|
||||
|
||||
// Split on underscore to separate version from description.
|
||||
// If there's no underscore, the entire stem is the version.
|
||||
versionStr, _, _ := strings.Cut(name, "_")
|
||||
|
||||
if versionStr == "" {
|
||||
return 0, fmt.Errorf("%w: %q has empty version prefix", ErrInvalidMigrationFilename, filename)
|
||||
}
|
||||
|
||||
// Validate the version is purely numeric.
|
||||
for _, ch := range versionStr {
|
||||
if ch < '0' || ch > '9' {
|
||||
return 0, fmt.Errorf(
|
||||
"%w: %q version %q contains non-numeric character %q",
|
||||
ErrInvalidMigrationFilename, filename, versionStr, string(ch),
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
version, err := strconv.Atoi(versionStr)
|
||||
func (d *Database) migrate(ctx context.Context) error {
|
||||
// Create migrations table if not exists
|
||||
_, err := d.database.ExecContext(ctx, `
|
||||
CREATE TABLE IF NOT EXISTS schema_migrations (
|
||||
version TEXT PRIMARY KEY,
|
||||
applied_at DATETIME DEFAULT CURRENT_TIMESTAMP
|
||||
)
|
||||
`)
|
||||
if err != nil {
|
||||
return 0, fmt.Errorf("%w: %q: %w", ErrInvalidMigrationFilename, filename, err)
|
||||
return fmt.Errorf("failed to create migrations table: %w", err)
|
||||
}
|
||||
|
||||
return version, nil
|
||||
}
|
||||
|
||||
// collectMigrations reads the embedded migrations directory and returns
|
||||
// migration filenames sorted lexicographically.
|
||||
func collectMigrations() ([]string, error) {
|
||||
// Get list of migration files
|
||||
entries, err := fs.ReadDir(migrationsFS, "migrations")
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to read migrations directory: %w", err)
|
||||
return fmt.Errorf("failed to read migrations directory: %w", err)
|
||||
}
|
||||
|
||||
var migrations []string
|
||||
// Sort migrations by name
|
||||
migrations := make([]string, 0, len(entries))
|
||||
|
||||
for _, entry := range entries {
|
||||
if !entry.IsDir() && strings.HasSuffix(entry.Name(), ".sql") {
|
||||
@@ -79,113 +41,54 @@ func collectMigrations() ([]string, error) {
|
||||
|
||||
sort.Strings(migrations)
|
||||
|
||||
return migrations, nil
|
||||
}
|
||||
|
||||
// bootstrapMigrationsTable ensures the schema_migrations table exists by
|
||||
// applying 000_migration.sql if the table is missing.
|
||||
func bootstrapMigrationsTable(ctx context.Context, db *sql.DB, log *slog.Logger) error {
|
||||
var tableExists int
|
||||
|
||||
err := db.QueryRowContext(ctx,
|
||||
"SELECT COUNT(*) FROM sqlite_master WHERE type='table' AND name='schema_migrations'",
|
||||
).Scan(&tableExists)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to check for migrations table: %w", err)
|
||||
}
|
||||
|
||||
if tableExists == 0 {
|
||||
return applyBootstrapMigration(ctx, db, log)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// applyBootstrapMigration reads and executes 000_migration.sql to create the
|
||||
// schema_migrations table on a fresh database.
|
||||
func applyBootstrapMigration(ctx context.Context, db *sql.DB, log *slog.Logger) error {
|
||||
content, err := migrationsFS.ReadFile("migrations/000_migration.sql")
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to read bootstrap migration 000_migration.sql: %w", err)
|
||||
}
|
||||
|
||||
if log != nil {
|
||||
log.Info("applying bootstrap migration", "version", bootstrapVersion)
|
||||
}
|
||||
|
||||
_, err = db.ExecContext(ctx, string(content))
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to apply bootstrap migration: %w", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// ApplyMigrations applies all pending migrations to db. An optional logger
|
||||
// may be provided for informational output; pass nil for silent operation.
|
||||
// This is exported so tests can apply the real schema without the full fx
|
||||
// lifecycle.
|
||||
func ApplyMigrations(ctx context.Context, db *sql.DB, log *slog.Logger) error {
|
||||
bootstrapErr := bootstrapMigrationsTable(ctx, db, log)
|
||||
if bootstrapErr != nil {
|
||||
return bootstrapErr
|
||||
}
|
||||
|
||||
migrations, err := collectMigrations()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// Apply each migration
|
||||
for _, migration := range migrations {
|
||||
version, parseErr := ParseMigrationVersion(migration)
|
||||
if parseErr != nil {
|
||||
return parseErr
|
||||
}
|
||||
|
||||
// Check if already applied.
|
||||
var count int
|
||||
|
||||
err = db.QueryRowContext(ctx,
|
||||
"SELECT COUNT(*) FROM schema_migrations WHERE version = ?",
|
||||
version,
|
||||
).Scan(&count)
|
||||
applied, err := d.isMigrationApplied(ctx, migration)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to check migration %s: %w", migration, err)
|
||||
}
|
||||
|
||||
if count > 0 {
|
||||
if log != nil {
|
||||
log.Debug("migration already applied", "version", version)
|
||||
}
|
||||
if applied {
|
||||
d.log.Debug("migration already applied", "migration", migration)
|
||||
|
||||
continue
|
||||
}
|
||||
|
||||
// Apply migration in a transaction.
|
||||
applyErr := applyMigrationTx(ctx, db, migration, version)
|
||||
if applyErr != nil {
|
||||
return applyErr
|
||||
err = d.applyMigration(ctx, migration)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to apply migration %s: %w", migration, err)
|
||||
}
|
||||
|
||||
if log != nil {
|
||||
log.Info("migration applied", "version", version)
|
||||
}
|
||||
d.log.Info("migration applied", "migration", migration)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// applyMigrationTx reads and executes a migration file within a transaction,
|
||||
// recording the version in schema_migrations on success.
|
||||
func applyMigrationTx(ctx context.Context, db *sql.DB, filename string, version int) error {
|
||||
content, err := migrationsFS.ReadFile("migrations/" + filename)
|
||||
func (d *Database) isMigrationApplied(ctx context.Context, version string) (bool, error) {
|
||||
var count int
|
||||
|
||||
err := d.database.QueryRowContext(
|
||||
ctx,
|
||||
"SELECT COUNT(*) FROM schema_migrations WHERE version = ?",
|
||||
version,
|
||||
).Scan(&count)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to read migration %s: %w", filename, err)
|
||||
return false, fmt.Errorf("failed to query migration status: %w", err)
|
||||
}
|
||||
|
||||
transaction, err := db.BeginTx(ctx, nil)
|
||||
return count > 0, nil
|
||||
}
|
||||
|
||||
func (d *Database) applyMigration(ctx context.Context, filename string) error {
|
||||
content, err := migrationsFS.ReadFile("migrations/" + filename)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to begin transaction for migration %s: %w", filename, err)
|
||||
return fmt.Errorf("failed to read migration file: %w", err)
|
||||
}
|
||||
|
||||
transaction, err := d.database.BeginTx(ctx, nil)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to begin transaction: %w", err)
|
||||
}
|
||||
|
||||
defer func() {
|
||||
@@ -194,27 +97,26 @@ func applyMigrationTx(ctx context.Context, db *sql.DB, filename string, version
|
||||
}
|
||||
}()
|
||||
|
||||
// Execute migration
|
||||
_, err = transaction.ExecContext(ctx, string(content))
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to execute migration %s: %w", filename, err)
|
||||
return fmt.Errorf("failed to execute migration: %w", err)
|
||||
}
|
||||
|
||||
_, err = transaction.ExecContext(ctx,
|
||||
// Record migration
|
||||
_, err = transaction.ExecContext(
|
||||
ctx,
|
||||
"INSERT INTO schema_migrations (version) VALUES (?)",
|
||||
version,
|
||||
filename,
|
||||
)
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to record migration %s: %w", filename, err)
|
||||
return fmt.Errorf("failed to record migration: %w", err)
|
||||
}
|
||||
|
||||
err = transaction.Commit()
|
||||
if err != nil {
|
||||
return fmt.Errorf("failed to commit migration %s: %w", filename, err)
|
||||
return fmt.Errorf("failed to commit migration: %w", err)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (d *Database) migrate(ctx context.Context) error {
|
||||
return ApplyMigrations(ctx, d.database, d.log)
|
||||
}
|
||||
|
||||
@@ -1,9 +0,0 @@
|
||||
-- Migration 000: Schema migrations tracking table
|
||||
-- Applied as a bootstrap step before the normal migration loop.
|
||||
|
||||
CREATE TABLE IF NOT EXISTS schema_migrations (
|
||||
version INTEGER PRIMARY KEY,
|
||||
applied_at DATETIME DEFAULT CURRENT_TIMESTAMP
|
||||
);
|
||||
|
||||
INSERT OR IGNORE INTO schema_migrations (version) VALUES (0);
|
||||
16
internal/database/migrations/008_add_audit_log.sql
Normal file
16
internal/database/migrations/008_add_audit_log.sql
Normal file
@@ -0,0 +1,16 @@
|
||||
-- Audit log table for tracking user actions.
|
||||
CREATE TABLE audit_log (
|
||||
id INTEGER PRIMARY KEY,
|
||||
user_id INTEGER,
|
||||
username TEXT NOT NULL,
|
||||
action TEXT NOT NULL,
|
||||
resource_type TEXT NOT NULL,
|
||||
resource_id TEXT,
|
||||
detail TEXT,
|
||||
remote_ip TEXT,
|
||||
created_at DATETIME DEFAULT CURRENT_TIMESTAMP
|
||||
);
|
||||
|
||||
CREATE INDEX idx_audit_log_created_at ON audit_log(created_at);
|
||||
CREATE INDEX idx_audit_log_action ON audit_log(action);
|
||||
CREATE INDEX idx_audit_log_resource ON audit_log(resource_type, resource_id);
|
||||
@@ -1,117 +0,0 @@
|
||||
package database_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
"database/sql"
|
||||
"testing"
|
||||
|
||||
_ "github.com/mattn/go-sqlite3"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
"sneak.berlin/go/upaas/internal/database"
|
||||
)
|
||||
|
||||
func TestParseMigrationVersion(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
tests := []struct {
|
||||
filename string
|
||||
wantVersion int
|
||||
wantErr bool
|
||||
}{
|
||||
{filename: "000_migration.sql", wantVersion: 0},
|
||||
{filename: "001_initial.sql", wantVersion: 1},
|
||||
{filename: "002_remove_container_id.sql", wantVersion: 2},
|
||||
{filename: "007_add_resource_limits.sql", wantVersion: 7},
|
||||
{filename: "100_large_version.sql", wantVersion: 100},
|
||||
{filename: ".sql", wantErr: true},
|
||||
{filename: "_foo.sql", wantErr: true},
|
||||
{filename: "abc_foo.sql", wantErr: true},
|
||||
{filename: "1a2_bad.sql", wantErr: true},
|
||||
}
|
||||
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.filename, func(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
version, err := database.ParseMigrationVersion(tt.filename)
|
||||
if tt.wantErr {
|
||||
assert.Error(t, err)
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
require.NoError(t, err)
|
||||
assert.Equal(t, tt.wantVersion, version)
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestApplyMigrationsFreshDatabase(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
db, err := sql.Open("sqlite3", ":memory:?_foreign_keys=on")
|
||||
require.NoError(t, err)
|
||||
|
||||
defer func() { _ = db.Close() }()
|
||||
|
||||
ctx := context.Background()
|
||||
|
||||
err = database.ApplyMigrations(ctx, db, nil)
|
||||
require.NoError(t, err)
|
||||
|
||||
// Verify schema_migrations table exists with INTEGER version column.
|
||||
var version int
|
||||
|
||||
err = db.QueryRowContext(ctx,
|
||||
"SELECT version FROM schema_migrations WHERE version = 0",
|
||||
).Scan(&version)
|
||||
require.NoError(t, err)
|
||||
assert.Equal(t, 0, version)
|
||||
|
||||
// Verify that all migrations were recorded.
|
||||
var count int
|
||||
|
||||
err = db.QueryRowContext(ctx,
|
||||
"SELECT COUNT(*) FROM schema_migrations",
|
||||
).Scan(&count)
|
||||
require.NoError(t, err)
|
||||
// 000 bootstrap + 001 through 007 = 8 entries.
|
||||
assert.Equal(t, 8, count)
|
||||
|
||||
// Verify application tables were created by the migrations.
|
||||
var tableCount int
|
||||
|
||||
err = db.QueryRowContext(ctx,
|
||||
"SELECT COUNT(*) FROM sqlite_master WHERE type='table' AND name='users'",
|
||||
).Scan(&tableCount)
|
||||
require.NoError(t, err)
|
||||
assert.Equal(t, 1, tableCount)
|
||||
}
|
||||
|
||||
func TestApplyMigrationsIdempotent(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
db, err := sql.Open("sqlite3", ":memory:?_foreign_keys=on")
|
||||
require.NoError(t, err)
|
||||
|
||||
defer func() { _ = db.Close() }()
|
||||
|
||||
ctx := context.Background()
|
||||
|
||||
// Apply twice — second run should be a no-op.
|
||||
err = database.ApplyMigrations(ctx, db, nil)
|
||||
require.NoError(t, err)
|
||||
|
||||
err = database.ApplyMigrations(ctx, db, nil)
|
||||
require.NoError(t, err)
|
||||
|
||||
var count int
|
||||
|
||||
err = db.QueryRowContext(ctx,
|
||||
"SELECT COUNT(*) FROM schema_migrations",
|
||||
).Scan(&count)
|
||||
require.NoError(t, err)
|
||||
assert.Equal(t, 8, count)
|
||||
}
|
||||
@@ -1,6 +1,7 @@
|
||||
package handlers
|
||||
|
||||
import (
|
||||
"database/sql"
|
||||
"encoding/json"
|
||||
"net/http"
|
||||
"strconv"
|
||||
@@ -120,6 +121,9 @@ func (h *Handlers) HandleAPILoginPOST() http.HandlerFunc {
|
||||
return
|
||||
}
|
||||
|
||||
h.auditLog(request, models.AuditActionLogin,
|
||||
models.AuditResourceSession, "", "api login")
|
||||
|
||||
h.respondJSON(writer, request, loginResponse{
|
||||
UserID: user.ID,
|
||||
Username: user.Username,
|
||||
@@ -243,3 +247,79 @@ func (h *Handlers) HandleAPIWhoAmI() http.HandlerFunc {
|
||||
}, http.StatusOK)
|
||||
}
|
||||
}
|
||||
|
||||
// auditLogDefaultLimit is the default number of audit entries returned.
|
||||
const auditLogDefaultLimit = 50
|
||||
|
||||
// auditLogMaxLimit is the maximum number of audit entries returned.
|
||||
const auditLogMaxLimit = 500
|
||||
|
||||
// HandleAPIAuditLog returns a handler that lists recent audit log entries.
|
||||
func (h *Handlers) HandleAPIAuditLog() http.HandlerFunc {
|
||||
type auditEntryResponse struct {
|
||||
ID int64 `json:"id"`
|
||||
UserID *int64 `json:"userId,omitempty"`
|
||||
Username string `json:"username"`
|
||||
Action string `json:"action"`
|
||||
ResourceType string `json:"resourceType"`
|
||||
ResourceID string `json:"resourceId,omitempty"`
|
||||
Detail string `json:"detail,omitempty"`
|
||||
RemoteIP string `json:"remoteIp,omitempty"`
|
||||
CreatedAt string `json:"createdAt"`
|
||||
}
|
||||
|
||||
return func(writer http.ResponseWriter, request *http.Request) {
|
||||
limit := auditLogDefaultLimit
|
||||
|
||||
if limitStr := request.URL.Query().Get("limit"); limitStr != "" {
|
||||
parsed, parseErr := strconv.Atoi(limitStr)
|
||||
if parseErr == nil && parsed > 0 && parsed <= auditLogMaxLimit {
|
||||
limit = parsed
|
||||
}
|
||||
}
|
||||
|
||||
entries, err := h.audit.Recent(request.Context(), limit)
|
||||
if err != nil {
|
||||
h.log.Error("failed to fetch audit log", "error", err)
|
||||
h.respondJSON(writer, request,
|
||||
map[string]string{"error": "failed to fetch audit log"},
|
||||
http.StatusInternalServerError)
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
result := make([]auditEntryResponse, 0, len(entries))
|
||||
|
||||
for _, e := range entries {
|
||||
entry := auditEntryResponse{
|
||||
ID: e.ID,
|
||||
Username: e.Username,
|
||||
Action: string(e.Action),
|
||||
ResourceType: string(e.ResourceType),
|
||||
CreatedAt: e.CreatedAt.UTC().Format("2006-01-02T15:04:05Z"),
|
||||
}
|
||||
|
||||
if e.UserID.Valid {
|
||||
id := e.UserID.Int64
|
||||
entry.UserID = &id
|
||||
}
|
||||
|
||||
entry.ResourceID = nullStringValue(e.ResourceID)
|
||||
entry.Detail = nullStringValue(e.Detail)
|
||||
entry.RemoteIP = nullStringValue(e.RemoteIP)
|
||||
|
||||
result = append(result, entry)
|
||||
}
|
||||
|
||||
h.respondJSON(writer, request, result, http.StatusOK)
|
||||
}
|
||||
}
|
||||
|
||||
// nullStringValue returns the string value if valid, empty string otherwise.
|
||||
func nullStringValue(ns sql.NullString) string {
|
||||
if ns.Valid {
|
||||
return ns.String
|
||||
}
|
||||
|
||||
return ""
|
||||
}
|
||||
|
||||
@@ -119,6 +119,9 @@ func (h *Handlers) HandleAppCreate() http.HandlerFunc { //nolint:funlen // valid
|
||||
return
|
||||
}
|
||||
|
||||
h.auditLog(request, models.AuditActionAppCreate,
|
||||
models.AuditResourceApp, createdApp.ID, "created app: "+createdApp.Name)
|
||||
|
||||
http.Redirect(writer, request, "/apps/"+createdApp.ID, http.StatusSeeOther)
|
||||
}
|
||||
}
|
||||
@@ -285,6 +288,9 @@ func (h *Handlers) HandleAppUpdate() http.HandlerFunc { //nolint:funlen // valid
|
||||
return
|
||||
}
|
||||
|
||||
h.auditLog(request, models.AuditActionAppUpdate,
|
||||
models.AuditResourceApp, application.ID, "updated app: "+application.Name)
|
||||
|
||||
redirectURL := "/apps/" + application.ID + "?success=updated"
|
||||
http.Redirect(writer, request, redirectURL, http.StatusSeeOther)
|
||||
}
|
||||
@@ -340,6 +346,9 @@ func (h *Handlers) HandleAppDelete() http.HandlerFunc {
|
||||
return
|
||||
}
|
||||
|
||||
h.auditLog(request, models.AuditActionAppDelete,
|
||||
models.AuditResourceApp, appID, "deleted app: "+application.Name)
|
||||
|
||||
http.Redirect(writer, request, "/", http.StatusSeeOther)
|
||||
}
|
||||
}
|
||||
@@ -356,6 +365,9 @@ func (h *Handlers) HandleAppDeploy() http.HandlerFunc {
|
||||
return
|
||||
}
|
||||
|
||||
h.auditLog(request, models.AuditActionAppDeploy,
|
||||
models.AuditResourceApp, application.ID, "manual deploy: "+application.Name)
|
||||
|
||||
// Trigger deployment in background with a detached context
|
||||
// so the deployment continues even if the HTTP request is cancelled
|
||||
deployCtx := context.WithoutCancel(request.Context())
|
||||
@@ -395,6 +407,8 @@ func (h *Handlers) HandleCancelDeploy() http.HandlerFunc {
|
||||
cancelled := h.deploy.CancelDeploy(application.ID)
|
||||
if cancelled {
|
||||
h.log.Info("deployment cancelled by user", "app", application.Name)
|
||||
h.auditLog(request, models.AuditActionDeployCancel,
|
||||
models.AuditResourceDeployment, application.ID, "cancelled deploy: "+application.Name)
|
||||
}
|
||||
|
||||
http.Redirect(
|
||||
@@ -426,6 +440,9 @@ func (h *Handlers) HandleAppRollback() http.HandlerFunc {
|
||||
return
|
||||
}
|
||||
|
||||
h.auditLog(request, models.AuditActionAppRollback,
|
||||
models.AuditResourceApp, application.ID, "rolled back: "+application.Name)
|
||||
|
||||
http.Redirect(writer, request, "/apps/"+application.ID+"?success=rolledback", http.StatusSeeOther)
|
||||
}
|
||||
}
|
||||
@@ -830,11 +847,29 @@ func (h *Handlers) handleContainerAction(
|
||||
} else {
|
||||
h.log.Info("container action completed",
|
||||
"action", action, "app", application.Name, "container", containerID)
|
||||
|
||||
auditAction := containerActionToAuditAction(action)
|
||||
h.auditLog(request, auditAction,
|
||||
models.AuditResourceApp, appID, string(action)+" container: "+application.Name)
|
||||
}
|
||||
|
||||
http.Redirect(writer, request, "/apps/"+appID, http.StatusSeeOther)
|
||||
}
|
||||
|
||||
// containerActionToAuditAction maps container actions to audit actions.
|
||||
func containerActionToAuditAction(action containerAction) models.AuditAction {
|
||||
switch action {
|
||||
case actionRestart:
|
||||
return models.AuditActionAppRestart
|
||||
case actionStop:
|
||||
return models.AuditActionAppStop
|
||||
case actionStart:
|
||||
return models.AuditActionAppStart
|
||||
default:
|
||||
return models.AuditAction("app." + string(action))
|
||||
}
|
||||
}
|
||||
|
||||
// HandleAppRestart handles restarting an app's container.
|
||||
func (h *Handlers) HandleAppRestart() http.HandlerFunc {
|
||||
return func(writer http.ResponseWriter, request *http.Request) {
|
||||
@@ -984,6 +1019,10 @@ func (h *Handlers) HandleEnvVarSave() http.HandlerFunc {
|
||||
return
|
||||
}
|
||||
|
||||
h.auditLog(request, models.AuditActionEnvVarSave,
|
||||
models.AuditResourceEnvVar, application.ID,
|
||||
fmt.Sprintf("saved %d env vars", len(modelPairs)))
|
||||
|
||||
h.respondJSON(writer, request, map[string]bool{"ok": true}, http.StatusOK)
|
||||
}
|
||||
}
|
||||
@@ -1000,7 +1039,13 @@ func (h *Handlers) HandleLabelAdd() http.HandlerFunc {
|
||||
label.Key = key
|
||||
label.Value = value
|
||||
|
||||
return label.Save(ctx)
|
||||
err := label.Save(ctx)
|
||||
if err == nil {
|
||||
h.auditLog(request, models.AuditActionLabelAdd,
|
||||
models.AuditResourceLabel, application.ID, "added label: "+key)
|
||||
}
|
||||
|
||||
return err
|
||||
},
|
||||
)
|
||||
}
|
||||
@@ -1029,6 +1074,9 @@ func (h *Handlers) HandleLabelDelete() http.HandlerFunc {
|
||||
deleteErr := label.Delete(request.Context())
|
||||
if deleteErr != nil {
|
||||
h.log.Error("failed to delete label", "error", deleteErr)
|
||||
} else {
|
||||
h.auditLog(request, models.AuditActionLabelDelete,
|
||||
models.AuditResourceLabel, appID, "deleted label: "+label.Key)
|
||||
}
|
||||
|
||||
http.Redirect(writer, request, "/apps/"+appID, http.StatusSeeOther)
|
||||
@@ -1086,6 +1134,10 @@ func (h *Handlers) HandleVolumeAdd() http.HandlerFunc {
|
||||
saveErr := volume.Save(request.Context())
|
||||
if saveErr != nil {
|
||||
h.log.Error("failed to add volume", "error", saveErr)
|
||||
} else {
|
||||
h.auditLog(request, models.AuditActionVolumeAdd,
|
||||
models.AuditResourceVolume, application.ID,
|
||||
"added volume: "+hostPath+":"+containerPath)
|
||||
}
|
||||
|
||||
http.Redirect(writer, request, "/apps/"+application.ID, http.StatusSeeOther)
|
||||
@@ -1115,6 +1167,10 @@ func (h *Handlers) HandleVolumeDelete() http.HandlerFunc {
|
||||
deleteErr := volume.Delete(request.Context())
|
||||
if deleteErr != nil {
|
||||
h.log.Error("failed to delete volume", "error", deleteErr)
|
||||
} else {
|
||||
h.auditLog(request, models.AuditActionVolumeDelete,
|
||||
models.AuditResourceVolume, appID,
|
||||
"deleted volume: "+volume.HostPath+":"+volume.ContainerPath)
|
||||
}
|
||||
|
||||
http.Redirect(writer, request, "/apps/"+appID, http.StatusSeeOther)
|
||||
@@ -1164,6 +1220,10 @@ func (h *Handlers) HandlePortAdd() http.HandlerFunc {
|
||||
saveErr := port.Save(request.Context())
|
||||
if saveErr != nil {
|
||||
h.log.Error("failed to save port", "error", saveErr)
|
||||
} else {
|
||||
h.auditLog(request, models.AuditActionPortAdd,
|
||||
models.AuditResourcePort, application.ID,
|
||||
fmt.Sprintf("added port: %d:%d/%s", hostPort, containerPort, protocol))
|
||||
}
|
||||
|
||||
http.Redirect(writer, request, "/apps/"+application.ID, http.StatusSeeOther)
|
||||
@@ -1210,6 +1270,10 @@ func (h *Handlers) HandlePortDelete() http.HandlerFunc {
|
||||
deleteErr := port.Delete(request.Context())
|
||||
if deleteErr != nil {
|
||||
h.log.Error("failed to delete port", "error", deleteErr)
|
||||
} else {
|
||||
h.auditLog(request, models.AuditActionPortDelete,
|
||||
models.AuditResourcePort, appID,
|
||||
fmt.Sprintf("deleted port: %d:%d/%s", port.HostPort, port.ContainerPort, port.Protocol))
|
||||
}
|
||||
|
||||
http.Redirect(writer, request, "/apps/"+appID, http.StatusSeeOther)
|
||||
@@ -1285,6 +1349,9 @@ func (h *Handlers) HandleLabelEdit() http.HandlerFunc {
|
||||
saveErr := label.Save(request.Context())
|
||||
if saveErr != nil {
|
||||
h.log.Error("failed to update label", "error", saveErr)
|
||||
} else {
|
||||
h.auditLog(request, models.AuditActionLabelEdit,
|
||||
models.AuditResourceLabel, appID, "edited label: "+key)
|
||||
}
|
||||
|
||||
http.Redirect(writer, request, "/apps/"+appID, http.StatusSeeOther)
|
||||
@@ -1343,6 +1410,10 @@ func (h *Handlers) HandleVolumeEdit() http.HandlerFunc {
|
||||
saveErr := volume.Save(request.Context())
|
||||
if saveErr != nil {
|
||||
h.log.Error("failed to update volume", "error", saveErr)
|
||||
} else {
|
||||
h.auditLog(request, models.AuditActionVolumeEdit,
|
||||
models.AuditResourceVolume, appID,
|
||||
"edited volume: "+hostPath+":"+containerPath)
|
||||
}
|
||||
|
||||
http.Redirect(writer, request, "/apps/"+appID, http.StatusSeeOther)
|
||||
|
||||
@@ -3,6 +3,7 @@ package handlers
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"sneak.berlin/go/upaas/internal/models"
|
||||
"sneak.berlin/go/upaas/templates"
|
||||
)
|
||||
|
||||
@@ -61,6 +62,9 @@ func (h *Handlers) HandleLoginPOST() http.HandlerFunc {
|
||||
return
|
||||
}
|
||||
|
||||
h.auditLog(request, models.AuditActionLogin,
|
||||
models.AuditResourceSession, "", "user logged in")
|
||||
|
||||
http.Redirect(writer, request, "/", http.StatusSeeOther)
|
||||
}
|
||||
}
|
||||
@@ -68,6 +72,9 @@ func (h *Handlers) HandleLoginPOST() http.HandlerFunc {
|
||||
// HandleLogout handles logout requests.
|
||||
func (h *Handlers) HandleLogout() http.HandlerFunc {
|
||||
return func(writer http.ResponseWriter, request *http.Request) {
|
||||
h.auditLog(request, models.AuditActionLogout,
|
||||
models.AuditResourceSession, "", "user logged out")
|
||||
|
||||
destroyErr := h.auth.DestroySession(writer, request)
|
||||
if destroyErr != nil {
|
||||
h.log.Error("failed to destroy session", "error", destroyErr)
|
||||
|
||||
@@ -15,7 +15,9 @@ import (
|
||||
"sneak.berlin/go/upaas/internal/globals"
|
||||
"sneak.berlin/go/upaas/internal/healthcheck"
|
||||
"sneak.berlin/go/upaas/internal/logger"
|
||||
"sneak.berlin/go/upaas/internal/models"
|
||||
"sneak.berlin/go/upaas/internal/service/app"
|
||||
"sneak.berlin/go/upaas/internal/service/audit"
|
||||
"sneak.berlin/go/upaas/internal/service/auth"
|
||||
"sneak.berlin/go/upaas/internal/service/deploy"
|
||||
"sneak.berlin/go/upaas/internal/service/webhook"
|
||||
@@ -35,6 +37,7 @@ type Params struct {
|
||||
Deploy *deploy.Service
|
||||
Webhook *webhook.Service
|
||||
Docker *docker.Client
|
||||
Audit *audit.Service
|
||||
}
|
||||
|
||||
// Handlers provides HTTP request handlers.
|
||||
@@ -48,6 +51,7 @@ type Handlers struct {
|
||||
deploy *deploy.Service
|
||||
webhook *webhook.Service
|
||||
docker *docker.Client
|
||||
audit *audit.Service
|
||||
globals *globals.Globals
|
||||
}
|
||||
|
||||
@@ -63,10 +67,48 @@ func New(_ fx.Lifecycle, params Params) (*Handlers, error) {
|
||||
deploy: params.Deploy,
|
||||
webhook: params.Webhook,
|
||||
docker: params.Docker,
|
||||
audit: params.Audit,
|
||||
globals: params.Globals,
|
||||
}, nil
|
||||
}
|
||||
|
||||
// currentUser returns the currently authenticated user, or nil if not authenticated.
|
||||
func (h *Handlers) currentUser(request *http.Request) *models.User {
|
||||
user, err := h.auth.GetCurrentUser(request.Context(), request)
|
||||
if err != nil || user == nil {
|
||||
return nil
|
||||
}
|
||||
|
||||
return user
|
||||
}
|
||||
|
||||
// auditLog records an audit entry for the current request.
|
||||
func (h *Handlers) auditLog(
|
||||
request *http.Request,
|
||||
action models.AuditAction,
|
||||
resourceType models.AuditResourceType,
|
||||
resourceID string,
|
||||
detail string,
|
||||
) {
|
||||
user := h.currentUser(request)
|
||||
|
||||
entry := audit.LogEntry{
|
||||
Action: action,
|
||||
ResourceType: resourceType,
|
||||
ResourceID: resourceID,
|
||||
Detail: detail,
|
||||
}
|
||||
|
||||
if user != nil {
|
||||
entry.UserID = user.ID
|
||||
entry.Username = user.Username
|
||||
} else {
|
||||
entry.Username = "anonymous"
|
||||
}
|
||||
|
||||
h.audit.LogFromRequest(request.Context(), request, entry)
|
||||
}
|
||||
|
||||
// addGlobals adds version info and CSRF token to template data map.
|
||||
func (h *Handlers) addGlobals(
|
||||
data map[string]any,
|
||||
|
||||
@@ -11,6 +11,7 @@ import (
|
||||
"time"
|
||||
|
||||
"github.com/go-chi/chi/v5"
|
||||
"github.com/prometheus/client_golang/prometheus"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
"go.uber.org/fx"
|
||||
@@ -24,8 +25,10 @@ import (
|
||||
"sneak.berlin/go/upaas/internal/handlers"
|
||||
"sneak.berlin/go/upaas/internal/healthcheck"
|
||||
"sneak.berlin/go/upaas/internal/logger"
|
||||
"sneak.berlin/go/upaas/internal/metrics"
|
||||
"sneak.berlin/go/upaas/internal/middleware"
|
||||
"sneak.berlin/go/upaas/internal/service/app"
|
||||
"sneak.berlin/go/upaas/internal/service/audit"
|
||||
"sneak.berlin/go/upaas/internal/service/auth"
|
||||
"sneak.berlin/go/upaas/internal/service/deploy"
|
||||
"sneak.berlin/go/upaas/internal/service/notify"
|
||||
@@ -92,7 +95,8 @@ func createAppServices(
|
||||
logInstance *logger.Logger,
|
||||
dbInstance *database.Database,
|
||||
cfg *config.Config,
|
||||
) (*auth.Service, *app.Service, *deploy.Service, *webhook.Service, *docker.Client) {
|
||||
metricsInstance *metrics.Metrics,
|
||||
) (*auth.Service, *app.Service, *deploy.Service, *webhook.Service, *docker.Client, *audit.Service) {
|
||||
t.Helper()
|
||||
|
||||
authSvc, authErr := auth.New(fx.Lifecycle(nil), auth.ServiceParams{
|
||||
@@ -125,6 +129,7 @@ func createAppServices(
|
||||
Database: dbInstance,
|
||||
Docker: dockerClient,
|
||||
Notify: notifySvc,
|
||||
Metrics: metricsInstance,
|
||||
})
|
||||
require.NoError(t, deployErr)
|
||||
|
||||
@@ -132,10 +137,18 @@ func createAppServices(
|
||||
Logger: logInstance,
|
||||
Database: dbInstance,
|
||||
Deploy: deploySvc,
|
||||
Metrics: metricsInstance,
|
||||
})
|
||||
require.NoError(t, webhookErr)
|
||||
|
||||
return authSvc, appSvc, deploySvc, webhookSvc, dockerClient
|
||||
auditSvc, auditErr := audit.New(fx.Lifecycle(nil), audit.ServiceParams{
|
||||
Logger: logInstance,
|
||||
Database: dbInstance,
|
||||
Metrics: metricsInstance,
|
||||
})
|
||||
require.NoError(t, auditErr)
|
||||
|
||||
return authSvc, appSvc, deploySvc, webhookSvc, dockerClient, auditSvc
|
||||
}
|
||||
|
||||
func setupTestHandlers(t *testing.T) *testContext {
|
||||
@@ -145,11 +158,14 @@ func setupTestHandlers(t *testing.T) *testContext {
|
||||
|
||||
globalInstance, logInstance, dbInstance, hcInstance := createCoreServices(t, cfg)
|
||||
|
||||
authSvc, appSvc, deploySvc, webhookSvc, dockerClient := createAppServices(
|
||||
metricsInstance := metrics.NewForTest(prometheus.NewRegistry())
|
||||
|
||||
authSvc, appSvc, deploySvc, webhookSvc, dockerClient, auditSvc := createAppServices(
|
||||
t,
|
||||
logInstance,
|
||||
dbInstance,
|
||||
cfg,
|
||||
metricsInstance,
|
||||
)
|
||||
|
||||
handlersInstance, handlerErr := handlers.New(
|
||||
@@ -164,6 +180,7 @@ func setupTestHandlers(t *testing.T) *testContext {
|
||||
Deploy: deploySvc,
|
||||
Webhook: webhookSvc,
|
||||
Docker: dockerClient,
|
||||
Audit: auditSvc,
|
||||
},
|
||||
)
|
||||
require.NoError(t, handlerErr)
|
||||
@@ -173,6 +190,7 @@ func setupTestHandlers(t *testing.T) *testContext {
|
||||
Globals: globalInstance,
|
||||
Config: cfg,
|
||||
Auth: authSvc,
|
||||
Metrics: metricsInstance,
|
||||
})
|
||||
require.NoError(t, mwErr)
|
||||
|
||||
|
||||
@@ -3,6 +3,7 @@ package handlers
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"sneak.berlin/go/upaas/internal/models"
|
||||
"sneak.berlin/go/upaas/templates"
|
||||
)
|
||||
|
||||
@@ -111,6 +112,9 @@ func (h *Handlers) HandleSetupPOST() http.HandlerFunc {
|
||||
return
|
||||
}
|
||||
|
||||
h.auditLog(request, models.AuditActionSetup,
|
||||
models.AuditResourceUser, "", "initial setup completed")
|
||||
|
||||
http.Redirect(writer, request, "/", http.StatusSeeOther)
|
||||
}
|
||||
}
|
||||
|
||||
@@ -7,15 +7,14 @@ import (
|
||||
"github.com/go-chi/chi/v5"
|
||||
|
||||
"sneak.berlin/go/upaas/internal/models"
|
||||
"sneak.berlin/go/upaas/internal/service/webhook"
|
||||
"sneak.berlin/go/upaas/internal/service/audit"
|
||||
)
|
||||
|
||||
// maxWebhookBodySize is the maximum allowed size of a webhook request body (1MB).
|
||||
const maxWebhookBodySize = 1 << 20
|
||||
|
||||
// HandleWebhook handles incoming webhooks from Gitea, GitHub, or GitLab.
|
||||
// The webhook source is auto-detected from HTTP headers.
|
||||
func (h *Handlers) HandleWebhook() http.HandlerFunc {
|
||||
// HandleWebhook handles incoming Gitea webhooks.
|
||||
func (h *Handlers) HandleWebhook() http.HandlerFunc { //nolint:funlen // audit logging adds necessary length
|
||||
return func(writer http.ResponseWriter, request *http.Request) {
|
||||
secret := chi.URLParam(request, "secret")
|
||||
if secret == "" {
|
||||
@@ -52,17 +51,25 @@ func (h *Handlers) HandleWebhook() http.HandlerFunc {
|
||||
return
|
||||
}
|
||||
|
||||
// Auto-detect webhook source from headers
|
||||
source := webhook.DetectWebhookSource(request.Header)
|
||||
// Get event type from header
|
||||
eventType := request.Header.Get("X-Gitea-Event")
|
||||
if eventType == "" {
|
||||
eventType = "push"
|
||||
}
|
||||
|
||||
// Extract event type based on detected source
|
||||
eventType := webhook.DetectEventType(request.Header, source)
|
||||
// Log webhook receipt
|
||||
h.audit.LogFromRequest(request.Context(), request, audit.LogEntry{
|
||||
Username: "webhook",
|
||||
Action: models.AuditActionWebhookReceive,
|
||||
ResourceType: models.AuditResourceWebhook,
|
||||
ResourceID: application.ID,
|
||||
Detail: "webhook from app: " + application.Name + ", event: " + eventType,
|
||||
})
|
||||
|
||||
// Process webhook
|
||||
webhookErr := h.webhook.HandleWebhook(
|
||||
request.Context(),
|
||||
application,
|
||||
source,
|
||||
eventType,
|
||||
body,
|
||||
)
|
||||
|
||||
148
internal/metrics/metrics.go
Normal file
148
internal/metrics/metrics.go
Normal file
@@ -0,0 +1,148 @@
|
||||
// Package metrics provides Prometheus metrics for upaas.
|
||||
//
|
||||
//nolint:revive // "metrics" matches the domain; runtime/metrics is rarely imported directly
|
||||
package metrics
|
||||
|
||||
import (
|
||||
"github.com/prometheus/client_golang/prometheus"
|
||||
"github.com/prometheus/client_golang/prometheus/promauto"
|
||||
"go.uber.org/fx"
|
||||
)
|
||||
|
||||
// Params contains dependencies for Metrics.
|
||||
type Params struct {
|
||||
fx.In
|
||||
}
|
||||
|
||||
// Metrics holds all Prometheus metrics for the application.
|
||||
type Metrics struct {
|
||||
// Deployment metrics.
|
||||
DeploymentsTotal *prometheus.CounterVec
|
||||
DeploymentDuration *prometheus.HistogramVec
|
||||
DeploymentsInFlight *prometheus.GaugeVec
|
||||
|
||||
// Container health metrics.
|
||||
ContainerHealthy *prometheus.GaugeVec
|
||||
|
||||
// Webhook metrics.
|
||||
WebhookEventsTotal *prometheus.CounterVec
|
||||
|
||||
// HTTP request metrics.
|
||||
HTTPRequestsTotal *prometheus.CounterVec
|
||||
HTTPRequestDuration *prometheus.HistogramVec
|
||||
HTTPResponseSizeBytes *prometheus.HistogramVec
|
||||
|
||||
// Audit log metrics.
|
||||
AuditEventsTotal *prometheus.CounterVec
|
||||
}
|
||||
|
||||
// New creates a new Metrics instance with all Prometheus metrics registered
|
||||
// in the default Prometheus registry.
|
||||
func New(_ fx.Lifecycle, _ Params) (*Metrics, error) {
|
||||
return newMetrics(promauto.With(prometheus.DefaultRegisterer)), nil
|
||||
}
|
||||
|
||||
// NewForTest creates a Metrics instance with a custom registry for test isolation.
|
||||
func NewForTest(reg prometheus.Registerer) *Metrics {
|
||||
return newMetrics(promauto.With(reg))
|
||||
}
|
||||
|
||||
// newMetrics creates a Metrics instance using the given factory.
|
||||
func newMetrics(factory promauto.Factory) *Metrics {
|
||||
return &Metrics{
|
||||
DeploymentsTotal: newDeploymentsTotal(factory),
|
||||
DeploymentDuration: newDeploymentDuration(factory),
|
||||
DeploymentsInFlight: newDeploymentsInFlight(factory),
|
||||
ContainerHealthy: newContainerHealthy(factory),
|
||||
WebhookEventsTotal: newWebhookEventsTotal(factory),
|
||||
HTTPRequestsTotal: newHTTPRequestsTotal(factory),
|
||||
HTTPRequestDuration: newHTTPRequestDuration(factory),
|
||||
HTTPResponseSizeBytes: newHTTPResponseSizeBytes(factory),
|
||||
AuditEventsTotal: newAuditEventsTotal(factory),
|
||||
}
|
||||
}
|
||||
|
||||
func newDeploymentsTotal(f promauto.Factory) *prometheus.CounterVec {
|
||||
return f.NewCounterVec(prometheus.CounterOpts{
|
||||
Namespace: "upaas",
|
||||
Subsystem: "deployments",
|
||||
Name: "total",
|
||||
Help: "Total number of deployments by app and status.",
|
||||
}, []string{"app", "status"})
|
||||
}
|
||||
|
||||
func newDeploymentDuration(f promauto.Factory) *prometheus.HistogramVec {
|
||||
return f.NewHistogramVec(prometheus.HistogramOpts{
|
||||
Namespace: "upaas",
|
||||
Subsystem: "deployments",
|
||||
Name: "duration_seconds",
|
||||
Help: "Duration of deployments in seconds by app and status.",
|
||||
Buckets: []float64{10, 30, 60, 120, 300, 600, 1800},
|
||||
}, []string{"app", "status"})
|
||||
}
|
||||
|
||||
func newDeploymentsInFlight(f promauto.Factory) *prometheus.GaugeVec {
|
||||
return f.NewGaugeVec(prometheus.GaugeOpts{
|
||||
Namespace: "upaas",
|
||||
Subsystem: "deployments",
|
||||
Name: "in_flight",
|
||||
Help: "Number of deployments currently in progress by app.",
|
||||
}, []string{"app"})
|
||||
}
|
||||
|
||||
func newContainerHealthy(f promauto.Factory) *prometheus.GaugeVec {
|
||||
return f.NewGaugeVec(prometheus.GaugeOpts{
|
||||
Namespace: "upaas",
|
||||
Subsystem: "container",
|
||||
Name: "healthy",
|
||||
Help: "Whether the app container is healthy (1) or unhealthy (0).",
|
||||
}, []string{"app"})
|
||||
}
|
||||
|
||||
func newWebhookEventsTotal(f promauto.Factory) *prometheus.CounterVec {
|
||||
return f.NewCounterVec(prometheus.CounterOpts{
|
||||
Namespace: "upaas",
|
||||
Subsystem: "webhook",
|
||||
Name: "events_total",
|
||||
Help: "Total number of webhook events by app, event type, and matched status.",
|
||||
}, []string{"app", "event_type", "matched"})
|
||||
}
|
||||
|
||||
func newHTTPRequestsTotal(f promauto.Factory) *prometheus.CounterVec {
|
||||
return f.NewCounterVec(prometheus.CounterOpts{
|
||||
Namespace: "upaas",
|
||||
Subsystem: "http",
|
||||
Name: "requests_total",
|
||||
Help: "Total number of HTTP requests by method and status code.",
|
||||
}, []string{"method", "status_code"})
|
||||
}
|
||||
|
||||
func newHTTPRequestDuration(f promauto.Factory) *prometheus.HistogramVec {
|
||||
return f.NewHistogramVec(prometheus.HistogramOpts{
|
||||
Namespace: "upaas",
|
||||
Subsystem: "http",
|
||||
Name: "request_duration_seconds",
|
||||
Help: "Duration of HTTP requests in seconds by method.",
|
||||
Buckets: prometheus.DefBuckets,
|
||||
}, []string{"method"})
|
||||
}
|
||||
|
||||
//nolint:mnd // bucket boundaries are domain-specific constants
|
||||
func newHTTPResponseSizeBytes(f promauto.Factory) *prometheus.HistogramVec {
|
||||
return f.NewHistogramVec(prometheus.HistogramOpts{
|
||||
Namespace: "upaas",
|
||||
Subsystem: "http",
|
||||
Name: "response_size_bytes",
|
||||
Help: "Size of HTTP responses in bytes by method.",
|
||||
Buckets: prometheus.ExponentialBuckets(100, 10, 7),
|
||||
}, []string{"method"})
|
||||
}
|
||||
|
||||
func newAuditEventsTotal(f promauto.Factory) *prometheus.CounterVec {
|
||||
return f.NewCounterVec(prometheus.CounterOpts{
|
||||
Namespace: "upaas",
|
||||
Subsystem: "audit",
|
||||
Name: "events_total",
|
||||
Help: "Total number of audit log events by action.",
|
||||
}, []string{"action"})
|
||||
}
|
||||
158
internal/metrics/metrics_test.go
Normal file
158
internal/metrics/metrics_test.go
Normal file
@@ -0,0 +1,158 @@
|
||||
package metrics_test
|
||||
|
||||
import (
|
||||
"testing"
|
||||
|
||||
"github.com/prometheus/client_golang/prometheus"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
"go.uber.org/fx"
|
||||
|
||||
"sneak.berlin/go/upaas/internal/metrics"
|
||||
)
|
||||
|
||||
func TestNewForTest(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
reg := prometheus.NewRegistry()
|
||||
m := metrics.NewForTest(reg)
|
||||
|
||||
require.NotNil(t, m)
|
||||
assert.NotNil(t, m.DeploymentsTotal)
|
||||
assert.NotNil(t, m.DeploymentDuration)
|
||||
assert.NotNil(t, m.DeploymentsInFlight)
|
||||
assert.NotNil(t, m.ContainerHealthy)
|
||||
assert.NotNil(t, m.WebhookEventsTotal)
|
||||
assert.NotNil(t, m.HTTPRequestsTotal)
|
||||
assert.NotNil(t, m.HTTPRequestDuration)
|
||||
assert.NotNil(t, m.HTTPResponseSizeBytes)
|
||||
assert.NotNil(t, m.AuditEventsTotal)
|
||||
}
|
||||
|
||||
func TestNew(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
m, err := metrics.New(fx.Lifecycle(nil), metrics.Params{})
|
||||
require.NoError(t, err)
|
||||
require.NotNil(t, m)
|
||||
}
|
||||
|
||||
func TestDeploymentMetrics(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
reg := prometheus.NewRegistry()
|
||||
m := metrics.NewForTest(reg)
|
||||
|
||||
m.DeploymentsTotal.WithLabelValues("test-app", "success").Inc()
|
||||
m.DeploymentDuration.WithLabelValues("test-app", "success").Observe(42.5)
|
||||
m.DeploymentsInFlight.WithLabelValues("test-app").Set(1)
|
||||
|
||||
families, err := reg.Gather()
|
||||
require.NoError(t, err)
|
||||
|
||||
names := make(map[string]bool)
|
||||
|
||||
for _, f := range families {
|
||||
names[f.GetName()] = true
|
||||
}
|
||||
|
||||
assert.True(t, names["upaas_deployments_total"])
|
||||
assert.True(t, names["upaas_deployments_duration_seconds"])
|
||||
assert.True(t, names["upaas_deployments_in_flight"])
|
||||
}
|
||||
|
||||
func TestContainerHealthMetrics(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
reg := prometheus.NewRegistry()
|
||||
m := metrics.NewForTest(reg)
|
||||
|
||||
m.ContainerHealthy.WithLabelValues("my-app").Set(1)
|
||||
|
||||
families, err := reg.Gather()
|
||||
require.NoError(t, err)
|
||||
|
||||
found := false
|
||||
|
||||
for _, f := range families {
|
||||
if f.GetName() == "upaas_container_healthy" {
|
||||
found = true
|
||||
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
assert.True(t, found)
|
||||
}
|
||||
|
||||
func TestWebhookMetrics(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
reg := prometheus.NewRegistry()
|
||||
m := metrics.NewForTest(reg)
|
||||
|
||||
m.WebhookEventsTotal.WithLabelValues("test-app", "push", "true").Inc()
|
||||
|
||||
families, err := reg.Gather()
|
||||
require.NoError(t, err)
|
||||
|
||||
found := false
|
||||
|
||||
for _, f := range families {
|
||||
if f.GetName() == "upaas_webhook_events_total" {
|
||||
found = true
|
||||
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
assert.True(t, found)
|
||||
}
|
||||
|
||||
func TestHTTPMetrics(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
reg := prometheus.NewRegistry()
|
||||
m := metrics.NewForTest(reg)
|
||||
|
||||
m.HTTPRequestsTotal.WithLabelValues("GET", "200").Inc()
|
||||
m.HTTPRequestDuration.WithLabelValues("GET").Observe(0.05)
|
||||
m.HTTPResponseSizeBytes.WithLabelValues("GET").Observe(1024)
|
||||
|
||||
families, err := reg.Gather()
|
||||
require.NoError(t, err)
|
||||
|
||||
names := make(map[string]bool)
|
||||
|
||||
for _, f := range families {
|
||||
names[f.GetName()] = true
|
||||
}
|
||||
|
||||
assert.True(t, names["upaas_http_requests_total"])
|
||||
assert.True(t, names["upaas_http_request_duration_seconds"])
|
||||
assert.True(t, names["upaas_http_response_size_bytes"])
|
||||
}
|
||||
|
||||
func TestAuditMetrics(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
reg := prometheus.NewRegistry()
|
||||
m := metrics.NewForTest(reg)
|
||||
|
||||
m.AuditEventsTotal.WithLabelValues("login").Inc()
|
||||
|
||||
families, err := reg.Gather()
|
||||
require.NoError(t, err)
|
||||
|
||||
found := false
|
||||
|
||||
for _, f := range families {
|
||||
if f.GetName() == "upaas_audit_events_total" {
|
||||
found = true
|
||||
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
assert.True(t, found)
|
||||
}
|
||||
@@ -21,6 +21,7 @@ import (
|
||||
"sneak.berlin/go/upaas/internal/config"
|
||||
"sneak.berlin/go/upaas/internal/globals"
|
||||
"sneak.berlin/go/upaas/internal/logger"
|
||||
"sneak.berlin/go/upaas/internal/metrics"
|
||||
"sneak.berlin/go/upaas/internal/service/auth"
|
||||
)
|
||||
|
||||
@@ -35,33 +36,37 @@ type Params struct {
|
||||
Globals *globals.Globals
|
||||
Config *config.Config
|
||||
Auth *auth.Service
|
||||
Metrics *metrics.Metrics
|
||||
}
|
||||
|
||||
// Middleware provides HTTP middleware.
|
||||
type Middleware struct {
|
||||
log *slog.Logger
|
||||
params *Params
|
||||
log *slog.Logger
|
||||
metrics *metrics.Metrics
|
||||
params *Params
|
||||
}
|
||||
|
||||
// New creates a new Middleware instance.
|
||||
func New(_ fx.Lifecycle, params Params) (*Middleware, error) {
|
||||
return &Middleware{
|
||||
log: params.Logger.Get(),
|
||||
params: ¶ms,
|
||||
log: params.Logger.Get(),
|
||||
metrics: params.Metrics,
|
||||
params: ¶ms,
|
||||
}, nil
|
||||
}
|
||||
|
||||
// loggingResponseWriter wraps http.ResponseWriter to capture status code.
|
||||
// loggingResponseWriter wraps http.ResponseWriter to capture status code and bytes written.
|
||||
type loggingResponseWriter struct {
|
||||
http.ResponseWriter
|
||||
|
||||
statusCode int
|
||||
statusCode int
|
||||
bytesWritten int
|
||||
}
|
||||
|
||||
func newLoggingResponseWriter(
|
||||
writer http.ResponseWriter,
|
||||
) *loggingResponseWriter {
|
||||
return &loggingResponseWriter{writer, http.StatusOK}
|
||||
return &loggingResponseWriter{ResponseWriter: writer, statusCode: http.StatusOK}
|
||||
}
|
||||
|
||||
func (lrw *loggingResponseWriter) WriteHeader(code int) {
|
||||
@@ -69,7 +74,14 @@ func (lrw *loggingResponseWriter) WriteHeader(code int) {
|
||||
lrw.ResponseWriter.WriteHeader(code)
|
||||
}
|
||||
|
||||
// Logging returns a request logging middleware.
|
||||
func (lrw *loggingResponseWriter) Write(b []byte) (int, error) {
|
||||
n, err := lrw.ResponseWriter.Write(b)
|
||||
lrw.bytesWritten += n
|
||||
|
||||
return n, err
|
||||
}
|
||||
|
||||
// Logging returns a request logging middleware that also records HTTP metrics.
|
||||
func (m *Middleware) Logging() func(http.Handler) http.Handler {
|
||||
return func(next http.Handler) http.Handler {
|
||||
return http.HandlerFunc(func(
|
||||
@@ -83,6 +95,8 @@ func (m *Middleware) Logging() func(http.Handler) http.Handler {
|
||||
defer func() {
|
||||
latency := time.Since(start)
|
||||
reqID := middleware.GetReqID(ctx)
|
||||
statusStr := strconv.Itoa(lrw.statusCode)
|
||||
|
||||
m.log.InfoContext(ctx, "request",
|
||||
"request_start", start,
|
||||
"method", request.Method,
|
||||
@@ -91,10 +105,21 @@ func (m *Middleware) Logging() func(http.Handler) http.Handler {
|
||||
"request_id", reqID,
|
||||
"referer", request.Referer(),
|
||||
"proto", request.Proto,
|
||||
"remoteIP", realIP(request),
|
||||
"remoteIP", RealIP(request),
|
||||
"status", lrw.statusCode,
|
||||
"bytes", lrw.bytesWritten,
|
||||
"latency_ms", latency.Milliseconds(),
|
||||
)
|
||||
|
||||
m.metrics.HTTPRequestsTotal.WithLabelValues(
|
||||
request.Method, statusStr,
|
||||
).Inc()
|
||||
m.metrics.HTTPRequestDuration.WithLabelValues(
|
||||
request.Method,
|
||||
).Observe(latency.Seconds())
|
||||
m.metrics.HTTPResponseSizeBytes.WithLabelValues(
|
||||
request.Method,
|
||||
).Observe(float64(lrw.bytesWritten))
|
||||
}()
|
||||
|
||||
next.ServeHTTP(lrw, request)
|
||||
@@ -145,11 +170,11 @@ func isTrustedProxy(ip net.IP) bool {
|
||||
return false
|
||||
}
|
||||
|
||||
// realIP extracts the client's real IP address from the request.
|
||||
// RealIP extracts the client's real IP address from the request.
|
||||
// Proxy headers (X-Real-IP, X-Forwarded-For) are only trusted when the
|
||||
// direct connection originates from an RFC1918/loopback address.
|
||||
// Otherwise, headers are ignored and RemoteAddr is used (fail closed).
|
||||
func realIP(r *http.Request) string {
|
||||
func RealIP(r *http.Request) string {
|
||||
addr := ipFromHostPort(r.RemoteAddr)
|
||||
remoteIP := net.ParseIP(addr)
|
||||
|
||||
@@ -340,7 +365,7 @@ func (m *Middleware) LoginRateLimit() func(http.Handler) http.Handler {
|
||||
writer http.ResponseWriter,
|
||||
request *http.Request,
|
||||
) {
|
||||
ip := realIP(request)
|
||||
ip := RealIP(request)
|
||||
limiter := loginLimiter.getLimiter(ip)
|
||||
|
||||
if !limiter.Allow() {
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
package middleware //nolint:testpackage // tests unexported realIP function
|
||||
package middleware //nolint:testpackage // tests RealIP via internal package access
|
||||
|
||||
import (
|
||||
"context"
|
||||
@@ -126,9 +126,9 @@ func TestRealIP(t *testing.T) { //nolint:funlen // table-driven test
|
||||
req.Header.Set("X-Forwarded-For", tt.xff)
|
||||
}
|
||||
|
||||
got := realIP(req)
|
||||
got := RealIP(req)
|
||||
if got != tt.want {
|
||||
t.Errorf("realIP() = %q, want %q", got, tt.want)
|
||||
t.Errorf("RealIP() = %q, want %q", got, tt.want)
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
193
internal/models/audit_log.go
Normal file
193
internal/models/audit_log.go
Normal file
@@ -0,0 +1,193 @@
|
||||
package models
|
||||
|
||||
import (
|
||||
"context"
|
||||
"database/sql"
|
||||
"fmt"
|
||||
"time"
|
||||
|
||||
"sneak.berlin/go/upaas/internal/database"
|
||||
)
|
||||
|
||||
// AuditAction represents the type of audited user action.
|
||||
type AuditAction string
|
||||
|
||||
// Audit action constants.
|
||||
const (
|
||||
AuditActionLogin AuditAction = "login"
|
||||
AuditActionLogout AuditAction = "logout"
|
||||
AuditActionAppCreate AuditAction = "app.create"
|
||||
AuditActionAppUpdate AuditAction = "app.update"
|
||||
AuditActionAppDelete AuditAction = "app.delete"
|
||||
AuditActionAppDeploy AuditAction = "app.deploy"
|
||||
AuditActionAppRollback AuditAction = "app.rollback"
|
||||
AuditActionAppRestart AuditAction = "app.restart"
|
||||
AuditActionAppStop AuditAction = "app.stop"
|
||||
AuditActionAppStart AuditAction = "app.start"
|
||||
AuditActionDeployCancel AuditAction = "deploy.cancel"
|
||||
AuditActionEnvVarSave AuditAction = "env_var.save"
|
||||
AuditActionLabelAdd AuditAction = "label.add"
|
||||
AuditActionLabelEdit AuditAction = "label.edit"
|
||||
AuditActionLabelDelete AuditAction = "label.delete"
|
||||
AuditActionVolumeAdd AuditAction = "volume.add"
|
||||
AuditActionVolumeEdit AuditAction = "volume.edit"
|
||||
AuditActionVolumeDelete AuditAction = "volume.delete"
|
||||
AuditActionPortAdd AuditAction = "port.add"
|
||||
AuditActionPortDelete AuditAction = "port.delete"
|
||||
AuditActionSetup AuditAction = "setup"
|
||||
AuditActionWebhookReceive AuditAction = "webhook.receive"
|
||||
)
|
||||
|
||||
// AuditResourceType represents the type of resource being acted on.
|
||||
type AuditResourceType string
|
||||
|
||||
// Audit resource type constants.
|
||||
const (
|
||||
AuditResourceApp AuditResourceType = "app"
|
||||
AuditResourceUser AuditResourceType = "user"
|
||||
AuditResourceSession AuditResourceType = "session"
|
||||
AuditResourceEnvVar AuditResourceType = "env_var"
|
||||
AuditResourceLabel AuditResourceType = "label"
|
||||
AuditResourceVolume AuditResourceType = "volume"
|
||||
AuditResourcePort AuditResourceType = "port"
|
||||
AuditResourceDeployment AuditResourceType = "deployment"
|
||||
AuditResourceWebhook AuditResourceType = "webhook"
|
||||
)
|
||||
|
||||
// AuditEntry represents a single audit log entry.
|
||||
type AuditEntry struct {
|
||||
db *database.Database
|
||||
|
||||
ID int64
|
||||
UserID sql.NullInt64
|
||||
Username string
|
||||
Action AuditAction
|
||||
ResourceType AuditResourceType
|
||||
ResourceID sql.NullString
|
||||
Detail sql.NullString
|
||||
RemoteIP sql.NullString
|
||||
CreatedAt time.Time
|
||||
}
|
||||
|
||||
// NewAuditEntry creates a new AuditEntry with a database reference.
|
||||
func NewAuditEntry(db *database.Database) *AuditEntry {
|
||||
return &AuditEntry{db: db}
|
||||
}
|
||||
|
||||
// Save inserts the audit entry into the database.
|
||||
func (a *AuditEntry) Save(ctx context.Context) error {
|
||||
query := `
|
||||
INSERT INTO audit_log (
|
||||
user_id, username, action, resource_type, resource_id,
|
||||
detail, remote_ip
|
||||
) VALUES (?, ?, ?, ?, ?, ?, ?)`
|
||||
|
||||
result, err := a.db.Exec(ctx, query,
|
||||
a.UserID, a.Username, a.Action, a.ResourceType,
|
||||
a.ResourceID, a.Detail, a.RemoteIP,
|
||||
)
|
||||
if err != nil {
|
||||
return fmt.Errorf("inserting audit entry: %w", err)
|
||||
}
|
||||
|
||||
id, err := result.LastInsertId()
|
||||
if err != nil {
|
||||
return fmt.Errorf("getting audit entry id: %w", err)
|
||||
}
|
||||
|
||||
a.ID = id
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// FindAuditEntries returns recent audit log entries, newest first.
|
||||
func FindAuditEntries(
|
||||
ctx context.Context,
|
||||
db *database.Database,
|
||||
limit int,
|
||||
) ([]*AuditEntry, error) {
|
||||
query := `
|
||||
SELECT id, user_id, username, action, resource_type, resource_id,
|
||||
detail, remote_ip, created_at
|
||||
FROM audit_log
|
||||
ORDER BY created_at DESC
|
||||
LIMIT ?`
|
||||
|
||||
rows, err := db.Query(ctx, query, limit)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("querying audit entries: %w", err)
|
||||
}
|
||||
|
||||
defer func() { _ = rows.Close() }()
|
||||
|
||||
return scanAuditRows(rows)
|
||||
}
|
||||
|
||||
// FindAuditEntriesByResource returns audit log entries for a specific resource.
|
||||
func FindAuditEntriesByResource(
|
||||
ctx context.Context,
|
||||
db *database.Database,
|
||||
resourceType AuditResourceType,
|
||||
resourceID string,
|
||||
limit int,
|
||||
) ([]*AuditEntry, error) {
|
||||
query := `
|
||||
SELECT id, user_id, username, action, resource_type, resource_id,
|
||||
detail, remote_ip, created_at
|
||||
FROM audit_log
|
||||
WHERE resource_type = ? AND resource_id = ?
|
||||
ORDER BY created_at DESC
|
||||
LIMIT ?`
|
||||
|
||||
rows, err := db.Query(ctx, query, resourceType, resourceID, limit)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("querying audit entries by resource: %w", err)
|
||||
}
|
||||
|
||||
defer func() { _ = rows.Close() }()
|
||||
|
||||
return scanAuditRows(rows)
|
||||
}
|
||||
|
||||
// CountAuditEntries returns the total number of audit log entries.
|
||||
func CountAuditEntries(
|
||||
ctx context.Context,
|
||||
db *database.Database,
|
||||
) (int, error) {
|
||||
var count int
|
||||
|
||||
row := db.QueryRow(ctx, "SELECT COUNT(*) FROM audit_log")
|
||||
|
||||
err := row.Scan(&count)
|
||||
if err != nil {
|
||||
return 0, fmt.Errorf("counting audit entries: %w", err)
|
||||
}
|
||||
|
||||
return count, nil
|
||||
}
|
||||
|
||||
func scanAuditRows(rows *sql.Rows) ([]*AuditEntry, error) {
|
||||
var entries []*AuditEntry
|
||||
|
||||
for rows.Next() {
|
||||
entry := &AuditEntry{}
|
||||
|
||||
scanErr := rows.Scan(
|
||||
&entry.ID, &entry.UserID, &entry.Username, &entry.Action,
|
||||
&entry.ResourceType, &entry.ResourceID, &entry.Detail,
|
||||
&entry.RemoteIP, &entry.CreatedAt,
|
||||
)
|
||||
if scanErr != nil {
|
||||
return nil, fmt.Errorf("scanning audit entry: %w", scanErr)
|
||||
}
|
||||
|
||||
entries = append(entries, entry)
|
||||
}
|
||||
|
||||
rowsErr := rows.Err()
|
||||
if rowsErr != nil {
|
||||
return nil, fmt.Errorf("iterating audit entries: %w", rowsErr)
|
||||
}
|
||||
|
||||
return entries, nil
|
||||
}
|
||||
@@ -23,6 +23,7 @@ const (
|
||||
testBranch = "main"
|
||||
testValue = "value"
|
||||
testEventType = "push"
|
||||
testAdmin = "admin"
|
||||
)
|
||||
|
||||
func setupTestDB(t *testing.T) (*database.Database, func()) {
|
||||
@@ -183,7 +184,7 @@ func TestUserExists(t *testing.T) {
|
||||
defer cleanup()
|
||||
|
||||
user := models.NewUser(testDB)
|
||||
user.Username = "admin"
|
||||
user.Username = testAdmin
|
||||
user.PasswordHash = testHash
|
||||
|
||||
err := user.Save(context.Background())
|
||||
@@ -871,6 +872,179 @@ func TestAppResourceLimits(t *testing.T) { //nolint:funlen // integration test w
|
||||
})
|
||||
}
|
||||
|
||||
// AuditEntry Tests.
|
||||
|
||||
func TestAuditEntryCreateAndFind(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
testDB, cleanup := setupTestDB(t)
|
||||
defer cleanup()
|
||||
|
||||
entry := models.NewAuditEntry(testDB)
|
||||
entry.Username = testAdmin
|
||||
entry.Action = models.AuditActionLogin
|
||||
entry.ResourceType = models.AuditResourceSession
|
||||
|
||||
err := entry.Save(context.Background())
|
||||
require.NoError(t, err)
|
||||
assert.NotZero(t, entry.ID)
|
||||
|
||||
entries, err := models.FindAuditEntries(context.Background(), testDB, 10)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, entries, 1)
|
||||
assert.Equal(t, testAdmin, entries[0].Username)
|
||||
assert.Equal(t, models.AuditActionLogin, entries[0].Action)
|
||||
assert.Equal(t, models.AuditResourceSession, entries[0].ResourceType)
|
||||
}
|
||||
|
||||
func TestAuditEntryWithAllFields(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
testDB, cleanup := setupTestDB(t)
|
||||
defer cleanup()
|
||||
|
||||
entry := models.NewAuditEntry(testDB)
|
||||
entry.UserID = sql.NullInt64{Int64: 1, Valid: true}
|
||||
entry.Username = testAdmin
|
||||
entry.Action = models.AuditActionAppCreate
|
||||
entry.ResourceType = models.AuditResourceApp
|
||||
entry.ResourceID = sql.NullString{String: "app-123", Valid: true}
|
||||
entry.Detail = sql.NullString{String: "created new app", Valid: true}
|
||||
entry.RemoteIP = sql.NullString{String: "192.168.1.1", Valid: true}
|
||||
|
||||
err := entry.Save(context.Background())
|
||||
require.NoError(t, err)
|
||||
|
||||
entries, err := models.FindAuditEntries(context.Background(), testDB, 10)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, entries, 1)
|
||||
assert.Equal(t, int64(1), entries[0].UserID.Int64)
|
||||
assert.Equal(t, "app-123", entries[0].ResourceID.String)
|
||||
assert.Equal(t, "created new app", entries[0].Detail.String)
|
||||
assert.Equal(t, "192.168.1.1", entries[0].RemoteIP.String)
|
||||
}
|
||||
|
||||
func TestAuditEntryFindByResource(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
testDB, cleanup := setupTestDB(t)
|
||||
defer cleanup()
|
||||
|
||||
// Create entries for different resources.
|
||||
for _, action := range []models.AuditAction{
|
||||
models.AuditActionAppCreate,
|
||||
models.AuditActionAppUpdate,
|
||||
models.AuditActionAppDeploy,
|
||||
} {
|
||||
entry := models.NewAuditEntry(testDB)
|
||||
entry.Username = testAdmin
|
||||
entry.Action = action
|
||||
entry.ResourceType = models.AuditResourceApp
|
||||
entry.ResourceID = sql.NullString{String: "app-1", Valid: true}
|
||||
|
||||
err := entry.Save(context.Background())
|
||||
require.NoError(t, err)
|
||||
}
|
||||
|
||||
// Create entry for a different resource.
|
||||
entry := models.NewAuditEntry(testDB)
|
||||
entry.Username = testAdmin
|
||||
entry.Action = models.AuditActionLogin
|
||||
entry.ResourceType = models.AuditResourceSession
|
||||
|
||||
err := entry.Save(context.Background())
|
||||
require.NoError(t, err)
|
||||
|
||||
// Find by resource.
|
||||
appEntries, err := models.FindAuditEntriesByResource(
|
||||
context.Background(), testDB,
|
||||
models.AuditResourceApp, "app-1", 10,
|
||||
)
|
||||
require.NoError(t, err)
|
||||
assert.Len(t, appEntries, 3)
|
||||
|
||||
// All entries.
|
||||
allEntries, err := models.FindAuditEntries(context.Background(), testDB, 10)
|
||||
require.NoError(t, err)
|
||||
assert.Len(t, allEntries, 4)
|
||||
}
|
||||
|
||||
func TestAuditEntryCount(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
testDB, cleanup := setupTestDB(t)
|
||||
defer cleanup()
|
||||
|
||||
count, err := models.CountAuditEntries(context.Background(), testDB)
|
||||
require.NoError(t, err)
|
||||
assert.Equal(t, 0, count)
|
||||
|
||||
entry := models.NewAuditEntry(testDB)
|
||||
entry.Username = testAdmin
|
||||
entry.Action = models.AuditActionLogin
|
||||
entry.ResourceType = models.AuditResourceSession
|
||||
|
||||
err = entry.Save(context.Background())
|
||||
require.NoError(t, err)
|
||||
|
||||
count, err = models.CountAuditEntries(context.Background(), testDB)
|
||||
require.NoError(t, err)
|
||||
assert.Equal(t, 1, count)
|
||||
}
|
||||
|
||||
func TestAuditEntryFindLimit(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
testDB, cleanup := setupTestDB(t)
|
||||
defer cleanup()
|
||||
|
||||
for range 5 {
|
||||
entry := models.NewAuditEntry(testDB)
|
||||
entry.Username = testAdmin
|
||||
entry.Action = models.AuditActionLogin
|
||||
entry.ResourceType = models.AuditResourceSession
|
||||
|
||||
err := entry.Save(context.Background())
|
||||
require.NoError(t, err)
|
||||
}
|
||||
|
||||
entries, err := models.FindAuditEntries(context.Background(), testDB, 3)
|
||||
require.NoError(t, err)
|
||||
assert.Len(t, entries, 3)
|
||||
}
|
||||
|
||||
func TestAuditEntryOrderByCreatedAtDesc(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
testDB, cleanup := setupTestDB(t)
|
||||
defer cleanup()
|
||||
|
||||
actions := []models.AuditAction{
|
||||
models.AuditActionLogin,
|
||||
models.AuditActionAppCreate,
|
||||
models.AuditActionLogout,
|
||||
}
|
||||
|
||||
for _, action := range actions {
|
||||
entry := models.NewAuditEntry(testDB)
|
||||
entry.Username = testAdmin
|
||||
entry.Action = action
|
||||
entry.ResourceType = models.AuditResourceSession
|
||||
|
||||
err := entry.Save(context.Background())
|
||||
require.NoError(t, err)
|
||||
}
|
||||
|
||||
entries, err := models.FindAuditEntries(context.Background(), testDB, 10)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, entries, 3)
|
||||
|
||||
// Newest first (logout was last inserted).
|
||||
assert.Equal(t, models.AuditActionLogout, entries[0].Action)
|
||||
assert.Equal(t, models.AuditActionAppCreate, entries[1].Action)
|
||||
assert.Equal(t, models.AuditActionLogin, entries[2].Action)
|
||||
}
|
||||
|
||||
// Helper function to create a test app.
|
||||
func createTestApp(t *testing.T, testDB *database.Database) *models.App {
|
||||
t.Helper()
|
||||
|
||||
@@ -115,14 +115,13 @@ func (s *Server) SetupRoutes() {
|
||||
r.Get("/apps", s.handlers.HandleAPIListApps())
|
||||
r.Get("/apps/{id}", s.handlers.HandleAPIGetApp())
|
||||
r.Get("/apps/{id}/deployments", s.handlers.HandleAPIListDeployments())
|
||||
r.Get("/audit", s.handlers.HandleAPIAuditLog())
|
||||
})
|
||||
})
|
||||
|
||||
// Metrics endpoint (optional, with basic auth)
|
||||
if s.params.Config.MetricsUsername != "" {
|
||||
s.router.Group(func(r chi.Router) {
|
||||
r.Use(s.mw.MetricsAuth())
|
||||
r.Get("/metrics", promhttp.Handler().ServeHTTP)
|
||||
})
|
||||
}
|
||||
// Metrics endpoint (always available, optionally protected with basic auth)
|
||||
s.router.Group(func(r chi.Router) {
|
||||
r.Use(s.mw.MetricsAuth())
|
||||
r.Get("/metrics", promhttp.Handler().ServeHTTP)
|
||||
})
|
||||
}
|
||||
|
||||
126
internal/service/audit/audit.go
Normal file
126
internal/service/audit/audit.go
Normal file
@@ -0,0 +1,126 @@
|
||||
// Package audit provides audit logging for user actions.
|
||||
package audit
|
||||
|
||||
import (
|
||||
"context"
|
||||
"database/sql"
|
||||
"log/slog"
|
||||
"net/http"
|
||||
|
||||
"go.uber.org/fx"
|
||||
|
||||
"sneak.berlin/go/upaas/internal/database"
|
||||
"sneak.berlin/go/upaas/internal/logger"
|
||||
"sneak.berlin/go/upaas/internal/metrics"
|
||||
"sneak.berlin/go/upaas/internal/middleware"
|
||||
"sneak.berlin/go/upaas/internal/models"
|
||||
)
|
||||
|
||||
// ServiceParams contains dependencies for Service.
|
||||
type ServiceParams struct {
|
||||
fx.In
|
||||
|
||||
Logger *logger.Logger
|
||||
Database *database.Database
|
||||
Metrics *metrics.Metrics
|
||||
}
|
||||
|
||||
// Service provides audit logging functionality.
|
||||
type Service struct {
|
||||
log *slog.Logger
|
||||
db *database.Database
|
||||
metrics *metrics.Metrics
|
||||
}
|
||||
|
||||
// New creates a new audit Service.
|
||||
func New(_ fx.Lifecycle, params ServiceParams) (*Service, error) {
|
||||
return &Service{
|
||||
log: params.Logger.Get(),
|
||||
db: params.Database,
|
||||
metrics: params.Metrics,
|
||||
}, nil
|
||||
}
|
||||
|
||||
// LogEntry records an audit event.
|
||||
type LogEntry struct {
|
||||
UserID int64
|
||||
Username string
|
||||
Action models.AuditAction
|
||||
ResourceType models.AuditResourceType
|
||||
ResourceID string
|
||||
Detail string
|
||||
RemoteIP string
|
||||
}
|
||||
|
||||
// Log records an audit log entry and increments the audit metrics counter.
|
||||
func (svc *Service) Log(ctx context.Context, entry LogEntry) {
|
||||
auditEntry := models.NewAuditEntry(svc.db)
|
||||
auditEntry.Username = entry.Username
|
||||
auditEntry.Action = entry.Action
|
||||
auditEntry.ResourceType = entry.ResourceType
|
||||
|
||||
if entry.UserID != 0 {
|
||||
auditEntry.UserID = sql.NullInt64{Int64: entry.UserID, Valid: true}
|
||||
}
|
||||
|
||||
if entry.ResourceID != "" {
|
||||
auditEntry.ResourceID = sql.NullString{String: entry.ResourceID, Valid: true}
|
||||
}
|
||||
|
||||
if entry.Detail != "" {
|
||||
auditEntry.Detail = sql.NullString{String: entry.Detail, Valid: true}
|
||||
}
|
||||
|
||||
if entry.RemoteIP != "" {
|
||||
auditEntry.RemoteIP = sql.NullString{String: entry.RemoteIP, Valid: true}
|
||||
}
|
||||
|
||||
err := auditEntry.Save(ctx)
|
||||
if err != nil {
|
||||
svc.log.Error("failed to save audit entry",
|
||||
"error", err,
|
||||
"action", entry.Action,
|
||||
"username", entry.Username,
|
||||
)
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
svc.metrics.AuditEventsTotal.WithLabelValues(string(entry.Action)).Inc()
|
||||
|
||||
svc.log.Info("audit",
|
||||
"action", entry.Action,
|
||||
"username", entry.Username,
|
||||
"resource_type", entry.ResourceType,
|
||||
"resource_id", entry.ResourceID,
|
||||
)
|
||||
}
|
||||
|
||||
// LogFromRequest records an audit log entry, extracting the remote IP from
|
||||
// the HTTP request using the middleware's trusted-proxy-aware IP resolution.
|
||||
func (svc *Service) LogFromRequest(
|
||||
ctx context.Context,
|
||||
request *http.Request,
|
||||
entry LogEntry,
|
||||
) {
|
||||
entry.RemoteIP = middleware.RealIP(request)
|
||||
svc.Log(ctx, entry)
|
||||
}
|
||||
|
||||
// Recent returns the most recent audit log entries.
|
||||
func (svc *Service) Recent(
|
||||
ctx context.Context,
|
||||
limit int,
|
||||
) ([]*models.AuditEntry, error) {
|
||||
return models.FindAuditEntries(ctx, svc.db, limit)
|
||||
}
|
||||
|
||||
// ForResource returns audit log entries for a specific resource.
|
||||
func (svc *Service) ForResource(
|
||||
ctx context.Context,
|
||||
resourceType models.AuditResourceType,
|
||||
resourceID string,
|
||||
limit int,
|
||||
) ([]*models.AuditEntry, error) {
|
||||
return models.FindAuditEntriesByResource(ctx, svc.db, resourceType, resourceID, limit)
|
||||
}
|
||||
221
internal/service/audit/audit_test.go
Normal file
221
internal/service/audit/audit_test.go
Normal file
@@ -0,0 +1,221 @@
|
||||
package audit_test
|
||||
|
||||
import (
|
||||
"context"
|
||||
"log/slog"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"os"
|
||||
"testing"
|
||||
|
||||
"github.com/prometheus/client_golang/prometheus"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
"go.uber.org/fx"
|
||||
|
||||
"sneak.berlin/go/upaas/internal/config"
|
||||
"sneak.berlin/go/upaas/internal/database"
|
||||
"sneak.berlin/go/upaas/internal/globals"
|
||||
"sneak.berlin/go/upaas/internal/logger"
|
||||
"sneak.berlin/go/upaas/internal/metrics"
|
||||
"sneak.berlin/go/upaas/internal/models"
|
||||
"sneak.berlin/go/upaas/internal/service/audit"
|
||||
)
|
||||
|
||||
func setupTestAuditService(t *testing.T) (*audit.Service, *database.Database) {
|
||||
t.Helper()
|
||||
|
||||
globals.SetAppname("upaas-test")
|
||||
globals.SetVersion("test")
|
||||
|
||||
tmpDir := t.TempDir()
|
||||
|
||||
cfg := &config.Config{
|
||||
DataDir: tmpDir,
|
||||
}
|
||||
|
||||
log := slog.New(slog.NewTextHandler(os.Stderr, nil))
|
||||
logWrapper := logger.NewForTest(log)
|
||||
|
||||
db, err := database.New(fx.Lifecycle(nil), database.Params{
|
||||
Logger: logWrapper,
|
||||
Config: cfg,
|
||||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
reg := prometheus.NewRegistry()
|
||||
metricsInstance := metrics.NewForTest(reg)
|
||||
|
||||
svc, err := audit.New(fx.Lifecycle(nil), audit.ServiceParams{
|
||||
Logger: logWrapper,
|
||||
Database: db,
|
||||
Metrics: metricsInstance,
|
||||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
return svc, db
|
||||
}
|
||||
|
||||
func TestAuditServiceLog(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
svc, db := setupTestAuditService(t)
|
||||
ctx := context.Background()
|
||||
|
||||
svc.Log(ctx, audit.LogEntry{
|
||||
UserID: 1,
|
||||
Username: "admin",
|
||||
Action: models.AuditActionLogin,
|
||||
ResourceType: models.AuditResourceSession,
|
||||
Detail: "user logged in",
|
||||
RemoteIP: "127.0.0.1",
|
||||
})
|
||||
|
||||
entries, err := models.FindAuditEntries(ctx, db, 10)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, entries, 1)
|
||||
assert.Equal(t, "admin", entries[0].Username)
|
||||
assert.Equal(t, models.AuditActionLogin, entries[0].Action)
|
||||
assert.Equal(t, "127.0.0.1", entries[0].RemoteIP.String)
|
||||
}
|
||||
|
||||
func TestAuditServiceLogFromRequest(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
svc, db := setupTestAuditService(t)
|
||||
ctx := context.Background()
|
||||
|
||||
request := httptest.NewRequest(http.MethodPost, "/apps", nil)
|
||||
request.RemoteAddr = "10.0.0.1:12345"
|
||||
|
||||
svc.LogFromRequest(ctx, request, audit.LogEntry{
|
||||
Username: "admin",
|
||||
Action: models.AuditActionAppCreate,
|
||||
ResourceType: models.AuditResourceApp,
|
||||
ResourceID: "app-1",
|
||||
Detail: "created app",
|
||||
})
|
||||
|
||||
entries, err := models.FindAuditEntries(ctx, db, 10)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, entries, 1)
|
||||
assert.Equal(t, "10.0.0.1", entries[0].RemoteIP.String)
|
||||
assert.Equal(t, "app-1", entries[0].ResourceID.String)
|
||||
}
|
||||
|
||||
func TestAuditServiceLogFromRequestWithXRealIPTrustedProxy(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
svc, db := setupTestAuditService(t)
|
||||
ctx := context.Background()
|
||||
|
||||
// When the request comes from a trusted proxy (RFC1918), X-Real-IP is honoured.
|
||||
request := httptest.NewRequest(http.MethodPost, "/apps", nil)
|
||||
request.RemoteAddr = "10.0.0.1:1234"
|
||||
request.Header.Set("X-Real-IP", "203.0.113.50")
|
||||
|
||||
svc.LogFromRequest(ctx, request, audit.LogEntry{
|
||||
Username: "admin",
|
||||
Action: models.AuditActionAppCreate,
|
||||
ResourceType: models.AuditResourceApp,
|
||||
})
|
||||
|
||||
entries, err := models.FindAuditEntries(ctx, db, 10)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, entries, 1)
|
||||
assert.Equal(t, "203.0.113.50", entries[0].RemoteIP.String)
|
||||
}
|
||||
|
||||
func TestAuditServiceLogFromRequestWithXRealIPUntrustedProxy(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
svc, db := setupTestAuditService(t)
|
||||
ctx := context.Background()
|
||||
|
||||
// When the request comes from a public IP, X-Real-IP is ignored (anti-spoof).
|
||||
request := httptest.NewRequest(http.MethodPost, "/apps", nil)
|
||||
request.RemoteAddr = "203.0.113.99:1234"
|
||||
request.Header.Set("X-Real-IP", "10.0.0.1")
|
||||
|
||||
svc.LogFromRequest(ctx, request, audit.LogEntry{
|
||||
Username: "admin",
|
||||
Action: models.AuditActionAppCreate,
|
||||
ResourceType: models.AuditResourceApp,
|
||||
})
|
||||
|
||||
entries, err := models.FindAuditEntries(ctx, db, 10)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, entries, 1)
|
||||
assert.Equal(t, "203.0.113.99", entries[0].RemoteIP.String)
|
||||
}
|
||||
|
||||
func TestAuditServiceRecent(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
svc, _ := setupTestAuditService(t)
|
||||
ctx := context.Background()
|
||||
|
||||
for range 5 {
|
||||
svc.Log(ctx, audit.LogEntry{
|
||||
Username: "admin",
|
||||
Action: models.AuditActionLogin,
|
||||
ResourceType: models.AuditResourceSession,
|
||||
})
|
||||
}
|
||||
|
||||
entries, err := svc.Recent(ctx, 3)
|
||||
require.NoError(t, err)
|
||||
assert.Len(t, entries, 3)
|
||||
}
|
||||
|
||||
func TestAuditServiceForResource(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
svc, _ := setupTestAuditService(t)
|
||||
ctx := context.Background()
|
||||
|
||||
// Log entries for different resources.
|
||||
svc.Log(ctx, audit.LogEntry{
|
||||
Username: "admin",
|
||||
Action: models.AuditActionAppCreate,
|
||||
ResourceType: models.AuditResourceApp,
|
||||
ResourceID: "app-1",
|
||||
})
|
||||
svc.Log(ctx, audit.LogEntry{
|
||||
Username: "admin",
|
||||
Action: models.AuditActionAppDeploy,
|
||||
ResourceType: models.AuditResourceApp,
|
||||
ResourceID: "app-1",
|
||||
})
|
||||
svc.Log(ctx, audit.LogEntry{
|
||||
Username: "admin",
|
||||
Action: models.AuditActionAppCreate,
|
||||
ResourceType: models.AuditResourceApp,
|
||||
ResourceID: "app-2",
|
||||
})
|
||||
|
||||
entries, err := svc.ForResource(ctx, models.AuditResourceApp, "app-1", 10)
|
||||
require.NoError(t, err)
|
||||
assert.Len(t, entries, 2)
|
||||
}
|
||||
|
||||
func TestAuditServiceLogWithNoOptionalFields(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
svc, db := setupTestAuditService(t)
|
||||
ctx := context.Background()
|
||||
|
||||
svc.Log(ctx, audit.LogEntry{
|
||||
Username: "system",
|
||||
Action: models.AuditActionWebhookReceive,
|
||||
ResourceType: models.AuditResourceWebhook,
|
||||
})
|
||||
|
||||
entries, err := models.FindAuditEntries(ctx, db, 10)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, entries, 1)
|
||||
assert.False(t, entries[0].UserID.Valid)
|
||||
assert.False(t, entries[0].ResourceID.Valid)
|
||||
assert.False(t, entries[0].Detail.Valid)
|
||||
assert.False(t, entries[0].RemoteIP.Valid)
|
||||
}
|
||||
@@ -21,6 +21,7 @@ import (
|
||||
"sneak.berlin/go/upaas/internal/database"
|
||||
"sneak.berlin/go/upaas/internal/docker"
|
||||
"sneak.berlin/go/upaas/internal/logger"
|
||||
"sneak.berlin/go/upaas/internal/metrics"
|
||||
"sneak.berlin/go/upaas/internal/models"
|
||||
"sneak.berlin/go/upaas/internal/service/notify"
|
||||
)
|
||||
@@ -208,6 +209,7 @@ type ServiceParams struct {
|
||||
Database *database.Database
|
||||
Docker *docker.Client
|
||||
Notify *notify.Service
|
||||
Metrics *metrics.Metrics
|
||||
}
|
||||
|
||||
// activeDeploy tracks a running deployment so it can be cancelled.
|
||||
@@ -222,6 +224,7 @@ type Service struct {
|
||||
db *database.Database
|
||||
docker *docker.Client
|
||||
notify *notify.Service
|
||||
metrics *metrics.Metrics
|
||||
config *config.Config
|
||||
params *ServiceParams
|
||||
activeDeploys sync.Map // map[string]*activeDeploy - per-app active deployment tracking
|
||||
@@ -231,12 +234,13 @@ type Service struct {
|
||||
// New creates a new deploy Service.
|
||||
func New(lc fx.Lifecycle, params ServiceParams) (*Service, error) {
|
||||
svc := &Service{
|
||||
log: params.Logger.Get(),
|
||||
db: params.Database,
|
||||
docker: params.Docker,
|
||||
notify: params.Notify,
|
||||
config: params.Config,
|
||||
params: ¶ms,
|
||||
log: params.Logger.Get(),
|
||||
db: params.Database,
|
||||
docker: params.Docker,
|
||||
notify: params.Notify,
|
||||
metrics: params.Metrics,
|
||||
config: params.Config,
|
||||
params: ¶ms,
|
||||
}
|
||||
|
||||
if lc != nil {
|
||||
@@ -327,6 +331,11 @@ func (svc *Service) Deploy(
|
||||
}
|
||||
defer svc.unlockApp(app.ID)
|
||||
|
||||
// Track in-flight deployments
|
||||
svc.metrics.DeploymentsInFlight.WithLabelValues(app.Name).Inc()
|
||||
|
||||
deployStart := time.Now()
|
||||
|
||||
// Set up cancellable context and register as active deploy
|
||||
deployCtx, cancel := context.WithCancel(ctx)
|
||||
done := make(chan struct{})
|
||||
@@ -334,6 +343,7 @@ func (svc *Service) Deploy(
|
||||
svc.activeDeploys.Store(app.ID, ad)
|
||||
|
||||
defer func() {
|
||||
svc.metrics.DeploymentsInFlight.WithLabelValues(app.Name).Dec()
|
||||
cancel()
|
||||
close(done)
|
||||
svc.activeDeploys.Delete(app.ID)
|
||||
@@ -359,7 +369,7 @@ func (svc *Service) Deploy(
|
||||
|
||||
svc.notify.NotifyBuildStart(bgCtx, app, deployment)
|
||||
|
||||
return svc.runBuildAndDeploy(deployCtx, bgCtx, app, deployment)
|
||||
return svc.runBuildAndDeploy(deployCtx, bgCtx, app, deployment, deployStart)
|
||||
}
|
||||
|
||||
// Rollback rolls back an app to its previous image.
|
||||
@@ -467,15 +477,20 @@ func (svc *Service) runBuildAndDeploy(
|
||||
bgCtx context.Context,
|
||||
app *models.App,
|
||||
deployment *models.Deployment,
|
||||
deployStart time.Time,
|
||||
) error {
|
||||
// Build phase with timeout
|
||||
imageID, err := svc.buildImageWithTimeout(deployCtx, app, deployment)
|
||||
if err != nil {
|
||||
cancelErr := svc.checkCancelled(deployCtx, bgCtx, app, deployment, "")
|
||||
if cancelErr != nil {
|
||||
svc.recordDeployMetrics(app.Name, "cancelled", deployStart)
|
||||
|
||||
return cancelErr
|
||||
}
|
||||
|
||||
svc.recordDeployMetrics(app.Name, "failed", deployStart)
|
||||
|
||||
return err
|
||||
}
|
||||
|
||||
@@ -486,9 +501,13 @@ func (svc *Service) runBuildAndDeploy(
|
||||
if err != nil {
|
||||
cancelErr := svc.checkCancelled(deployCtx, bgCtx, app, deployment, imageID)
|
||||
if cancelErr != nil {
|
||||
svc.recordDeployMetrics(app.Name, "cancelled", deployStart)
|
||||
|
||||
return cancelErr
|
||||
}
|
||||
|
||||
svc.recordDeployMetrics(app.Name, "failed", deployStart)
|
||||
|
||||
return err
|
||||
}
|
||||
|
||||
@@ -504,11 +523,19 @@ func (svc *Service) runBuildAndDeploy(
|
||||
|
||||
// Use context.WithoutCancel to ensure health check completes even if
|
||||
// the parent context is cancelled (e.g., HTTP request ends).
|
||||
go svc.checkHealthAfterDelay(bgCtx, app, deployment)
|
||||
go svc.checkHealthAfterDelay(bgCtx, app, deployment, deployStart)
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// recordDeployMetrics records deployment completion metrics.
|
||||
func (svc *Service) recordDeployMetrics(appName, status string, start time.Time) {
|
||||
duration := time.Since(start).Seconds()
|
||||
|
||||
svc.metrics.DeploymentsTotal.WithLabelValues(appName, status).Inc()
|
||||
svc.metrics.DeploymentDuration.WithLabelValues(appName, status).Observe(duration)
|
||||
}
|
||||
|
||||
// buildImageWithTimeout runs the build phase with a timeout.
|
||||
func (svc *Service) buildImageWithTimeout(
|
||||
ctx context.Context,
|
||||
@@ -1177,6 +1204,7 @@ func (svc *Service) checkHealthAfterDelay(
|
||||
ctx context.Context,
|
||||
app *models.App,
|
||||
deployment *models.Deployment,
|
||||
deployStart time.Time,
|
||||
) {
|
||||
svc.log.Info(
|
||||
"waiting 60 seconds to check container health",
|
||||
@@ -1203,6 +1231,8 @@ func (svc *Service) checkHealthAfterDelay(
|
||||
svc.notify.NotifyDeployFailed(ctx, reloadedApp, deployment, err)
|
||||
_ = deployment.MarkFinished(ctx, models.DeploymentStatusFailed)
|
||||
svc.writeLogsToFile(reloadedApp, deployment)
|
||||
svc.recordDeployMetrics(reloadedApp.Name, "failed", deployStart)
|
||||
svc.metrics.ContainerHealthy.WithLabelValues(reloadedApp.Name).Set(0)
|
||||
reloadedApp.Status = models.AppStatusError
|
||||
_ = reloadedApp.Save(ctx)
|
||||
|
||||
@@ -1214,6 +1244,8 @@ func (svc *Service) checkHealthAfterDelay(
|
||||
svc.notify.NotifyDeploySuccess(ctx, reloadedApp, deployment)
|
||||
_ = deployment.MarkFinished(ctx, models.DeploymentStatusSuccess)
|
||||
svc.writeLogsToFile(reloadedApp, deployment)
|
||||
svc.recordDeployMetrics(reloadedApp.Name, "success", deployStart)
|
||||
svc.metrics.ContainerHealthy.WithLabelValues(reloadedApp.Name).Set(1)
|
||||
} else {
|
||||
svc.log.Warn(
|
||||
"container unhealthy after 60 seconds",
|
||||
@@ -1222,6 +1254,8 @@ func (svc *Service) checkHealthAfterDelay(
|
||||
svc.notify.NotifyDeployFailed(ctx, reloadedApp, deployment, ErrContainerUnhealthy)
|
||||
_ = deployment.MarkFinished(ctx, models.DeploymentStatusFailed)
|
||||
svc.writeLogsToFile(reloadedApp, deployment)
|
||||
svc.recordDeployMetrics(reloadedApp.Name, "failed", deployStart)
|
||||
svc.metrics.ContainerHealthy.WithLabelValues(reloadedApp.Name).Set(0)
|
||||
reloadedApp.Status = models.AppStatusError
|
||||
_ = reloadedApp.Save(ctx)
|
||||
}
|
||||
|
||||
@@ -1,248 +0,0 @@
|
||||
package webhook
|
||||
|
||||
import "encoding/json"
|
||||
|
||||
// GiteaPushPayload represents a Gitea push webhook payload.
|
||||
//
|
||||
//nolint:tagliatelle // Field names match Gitea API (snake_case)
|
||||
type GiteaPushPayload struct {
|
||||
Ref string `json:"ref"`
|
||||
Before string `json:"before"`
|
||||
After string `json:"after"`
|
||||
CompareURL UnparsedURL `json:"compare_url"`
|
||||
Repository struct {
|
||||
FullName string `json:"full_name"`
|
||||
CloneURL UnparsedURL `json:"clone_url"`
|
||||
SSHURL string `json:"ssh_url"`
|
||||
HTMLURL UnparsedURL `json:"html_url"`
|
||||
} `json:"repository"`
|
||||
Pusher struct {
|
||||
Username string `json:"username"`
|
||||
Email string `json:"email"`
|
||||
} `json:"pusher"`
|
||||
Commits []struct {
|
||||
ID string `json:"id"`
|
||||
URL UnparsedURL `json:"url"`
|
||||
Message string `json:"message"`
|
||||
Author struct {
|
||||
Name string `json:"name"`
|
||||
Email string `json:"email"`
|
||||
} `json:"author"`
|
||||
} `json:"commits"`
|
||||
}
|
||||
|
||||
// GitHubPushPayload represents a GitHub push webhook payload.
|
||||
//
|
||||
//nolint:tagliatelle // Field names match GitHub API (snake_case)
|
||||
type GitHubPushPayload struct {
|
||||
Ref string `json:"ref"`
|
||||
Before string `json:"before"`
|
||||
After string `json:"after"`
|
||||
CompareURL string `json:"compare"`
|
||||
Repository struct {
|
||||
FullName string `json:"full_name"`
|
||||
CloneURL UnparsedURL `json:"clone_url"`
|
||||
SSHURL string `json:"ssh_url"`
|
||||
HTMLURL UnparsedURL `json:"html_url"`
|
||||
} `json:"repository"`
|
||||
Pusher struct {
|
||||
Name string `json:"name"`
|
||||
Email string `json:"email"`
|
||||
} `json:"pusher"`
|
||||
HeadCommit *struct {
|
||||
ID string `json:"id"`
|
||||
URL UnparsedURL `json:"url"`
|
||||
Message string `json:"message"`
|
||||
} `json:"head_commit"`
|
||||
Commits []struct {
|
||||
ID string `json:"id"`
|
||||
URL UnparsedURL `json:"url"`
|
||||
Message string `json:"message"`
|
||||
Author struct {
|
||||
Name string `json:"name"`
|
||||
Email string `json:"email"`
|
||||
} `json:"author"`
|
||||
} `json:"commits"`
|
||||
}
|
||||
|
||||
// GitLabPushPayload represents a GitLab push webhook payload.
|
||||
//
|
||||
//nolint:tagliatelle // Field names match GitLab API (snake_case)
|
||||
type GitLabPushPayload struct {
|
||||
Ref string `json:"ref"`
|
||||
Before string `json:"before"`
|
||||
After string `json:"after"`
|
||||
UserName string `json:"user_name"`
|
||||
UserEmail string `json:"user_email"`
|
||||
Project struct {
|
||||
PathWithNamespace string `json:"path_with_namespace"`
|
||||
GitHTTPURL UnparsedURL `json:"git_http_url"`
|
||||
GitSSHURL string `json:"git_ssh_url"`
|
||||
WebURL UnparsedURL `json:"web_url"`
|
||||
} `json:"project"`
|
||||
Commits []struct {
|
||||
ID string `json:"id"`
|
||||
URL UnparsedURL `json:"url"`
|
||||
Message string `json:"message"`
|
||||
Author struct {
|
||||
Name string `json:"name"`
|
||||
Email string `json:"email"`
|
||||
} `json:"author"`
|
||||
} `json:"commits"`
|
||||
}
|
||||
|
||||
// ParsePushPayload parses a raw webhook payload into a normalized PushEvent
|
||||
// based on the detected webhook source. Returns an error if JSON unmarshaling
|
||||
// fails. For SourceUnknown, falls back to Gitea format for backward
|
||||
// compatibility.
|
||||
func ParsePushPayload(source Source, payload []byte) (*PushEvent, error) {
|
||||
switch source {
|
||||
case SourceGitHub:
|
||||
return parseGitHubPush(payload)
|
||||
case SourceGitLab:
|
||||
return parseGitLabPush(payload)
|
||||
case SourceGitea, SourceUnknown:
|
||||
// Gitea and unknown both use Gitea format for backward compatibility.
|
||||
return parseGiteaPush(payload)
|
||||
}
|
||||
|
||||
// Unreachable for known source values, but satisfies exhaustive checker.
|
||||
return parseGiteaPush(payload)
|
||||
}
|
||||
|
||||
func parseGiteaPush(payload []byte) (*PushEvent, error) {
|
||||
var p GiteaPushPayload
|
||||
|
||||
unmarshalErr := json.Unmarshal(payload, &p)
|
||||
if unmarshalErr != nil {
|
||||
return nil, unmarshalErr
|
||||
}
|
||||
|
||||
commitURL := extractGiteaCommitURL(p)
|
||||
|
||||
return &PushEvent{
|
||||
Source: SourceGitea,
|
||||
Ref: p.Ref,
|
||||
Before: p.Before,
|
||||
After: p.After,
|
||||
Branch: extractBranch(p.Ref),
|
||||
RepoName: p.Repository.FullName,
|
||||
CloneURL: p.Repository.CloneURL,
|
||||
HTMLURL: p.Repository.HTMLURL,
|
||||
CommitURL: commitURL,
|
||||
Pusher: p.Pusher.Username,
|
||||
}, nil
|
||||
}
|
||||
|
||||
func parseGitHubPush(payload []byte) (*PushEvent, error) {
|
||||
var p GitHubPushPayload
|
||||
|
||||
unmarshalErr := json.Unmarshal(payload, &p)
|
||||
if unmarshalErr != nil {
|
||||
return nil, unmarshalErr
|
||||
}
|
||||
|
||||
commitURL := extractGitHubCommitURL(p)
|
||||
|
||||
return &PushEvent{
|
||||
Source: SourceGitHub,
|
||||
Ref: p.Ref,
|
||||
Before: p.Before,
|
||||
After: p.After,
|
||||
Branch: extractBranch(p.Ref),
|
||||
RepoName: p.Repository.FullName,
|
||||
CloneURL: p.Repository.CloneURL,
|
||||
HTMLURL: p.Repository.HTMLURL,
|
||||
CommitURL: commitURL,
|
||||
Pusher: p.Pusher.Name,
|
||||
}, nil
|
||||
}
|
||||
|
||||
func parseGitLabPush(payload []byte) (*PushEvent, error) {
|
||||
var p GitLabPushPayload
|
||||
|
||||
unmarshalErr := json.Unmarshal(payload, &p)
|
||||
if unmarshalErr != nil {
|
||||
return nil, unmarshalErr
|
||||
}
|
||||
|
||||
commitURL := extractGitLabCommitURL(p)
|
||||
|
||||
return &PushEvent{
|
||||
Source: SourceGitLab,
|
||||
Ref: p.Ref,
|
||||
Before: p.Before,
|
||||
After: p.After,
|
||||
Branch: extractBranch(p.Ref),
|
||||
RepoName: p.Project.PathWithNamespace,
|
||||
CloneURL: p.Project.GitHTTPURL,
|
||||
HTMLURL: p.Project.WebURL,
|
||||
CommitURL: commitURL,
|
||||
Pusher: p.UserName,
|
||||
}, nil
|
||||
}
|
||||
|
||||
// extractBranch extracts the branch name from a git ref.
|
||||
func extractBranch(ref string) string {
|
||||
// refs/heads/main -> main
|
||||
const prefix = "refs/heads/"
|
||||
|
||||
if len(ref) >= len(prefix) && ref[:len(prefix)] == prefix {
|
||||
return ref[len(prefix):]
|
||||
}
|
||||
|
||||
return ref
|
||||
}
|
||||
|
||||
// extractGiteaCommitURL extracts the commit URL from a Gitea push payload.
|
||||
// Prefers the URL from the head commit, falls back to constructing from repo URL.
|
||||
func extractGiteaCommitURL(payload GiteaPushPayload) UnparsedURL {
|
||||
for _, commit := range payload.Commits {
|
||||
if commit.ID == payload.After && commit.URL != "" {
|
||||
return commit.URL
|
||||
}
|
||||
}
|
||||
|
||||
if payload.Repository.HTMLURL != "" && payload.After != "" {
|
||||
return UnparsedURL(payload.Repository.HTMLURL.String() + "/commit/" + payload.After)
|
||||
}
|
||||
|
||||
return ""
|
||||
}
|
||||
|
||||
// extractGitHubCommitURL extracts the commit URL from a GitHub push payload.
|
||||
// Prefers head_commit.url, then searches commits, then constructs from repo URL.
|
||||
func extractGitHubCommitURL(payload GitHubPushPayload) UnparsedURL {
|
||||
if payload.HeadCommit != nil && payload.HeadCommit.URL != "" {
|
||||
return payload.HeadCommit.URL
|
||||
}
|
||||
|
||||
for _, commit := range payload.Commits {
|
||||
if commit.ID == payload.After && commit.URL != "" {
|
||||
return commit.URL
|
||||
}
|
||||
}
|
||||
|
||||
if payload.Repository.HTMLURL != "" && payload.After != "" {
|
||||
return UnparsedURL(payload.Repository.HTMLURL.String() + "/commit/" + payload.After)
|
||||
}
|
||||
|
||||
return ""
|
||||
}
|
||||
|
||||
// extractGitLabCommitURL extracts the commit URL from a GitLab push payload.
|
||||
// Prefers commit URL from the commits list, falls back to constructing from
|
||||
// project web URL.
|
||||
func extractGitLabCommitURL(payload GitLabPushPayload) UnparsedURL {
|
||||
for _, commit := range payload.Commits {
|
||||
if commit.ID == payload.After && commit.URL != "" {
|
||||
return commit.URL
|
||||
}
|
||||
}
|
||||
|
||||
if payload.Project.WebURL != "" && payload.After != "" {
|
||||
return UnparsedURL(payload.Project.WebURL.String() + "/-/commit/" + payload.After)
|
||||
}
|
||||
|
||||
return ""
|
||||
}
|
||||
@@ -1,7 +1,5 @@
|
||||
package webhook
|
||||
|
||||
import "net/http"
|
||||
|
||||
// UnparsedURL is a URL stored as a plain string without parsing.
|
||||
// Use this instead of string when the value is known to be a URL
|
||||
// but should not be parsed into a net/url.URL (e.g. webhook URLs,
|
||||
@@ -10,84 +8,3 @@ type UnparsedURL string
|
||||
|
||||
// String implements the fmt.Stringer interface.
|
||||
func (u UnparsedURL) String() string { return string(u) }
|
||||
|
||||
// Source identifies which git hosting platform sent the webhook.
|
||||
type Source string
|
||||
|
||||
const (
|
||||
// SourceGitea indicates the webhook was sent by a Gitea instance.
|
||||
SourceGitea Source = "gitea"
|
||||
|
||||
// SourceGitHub indicates the webhook was sent by GitHub.
|
||||
SourceGitHub Source = "github"
|
||||
|
||||
// SourceGitLab indicates the webhook was sent by a GitLab instance.
|
||||
SourceGitLab Source = "gitlab"
|
||||
|
||||
// SourceUnknown indicates the webhook source could not be determined.
|
||||
SourceUnknown Source = "unknown"
|
||||
)
|
||||
|
||||
// String implements the fmt.Stringer interface.
|
||||
func (s Source) String() string { return string(s) }
|
||||
|
||||
// DetectWebhookSource determines the webhook source from HTTP headers.
|
||||
// It checks for platform-specific event headers in this order:
|
||||
// Gitea (X-Gitea-Event), GitHub (X-GitHub-Event), GitLab (X-Gitlab-Event).
|
||||
// Returns SourceUnknown if no recognized header is found.
|
||||
func DetectWebhookSource(headers http.Header) Source {
|
||||
if headers.Get("X-Gitea-Event") != "" {
|
||||
return SourceGitea
|
||||
}
|
||||
|
||||
if headers.Get("X-Github-Event") != "" {
|
||||
return SourceGitHub
|
||||
}
|
||||
|
||||
if headers.Get("X-Gitlab-Event") != "" {
|
||||
return SourceGitLab
|
||||
}
|
||||
|
||||
return SourceUnknown
|
||||
}
|
||||
|
||||
// DetectEventType extracts the event type string from HTTP headers
|
||||
// based on the detected webhook source. Returns "push" as a fallback
|
||||
// when no event header is found.
|
||||
func DetectEventType(headers http.Header, source Source) string {
|
||||
switch source {
|
||||
case SourceGitea:
|
||||
if v := headers.Get("X-Gitea-Event"); v != "" {
|
||||
return v
|
||||
}
|
||||
case SourceGitHub:
|
||||
if v := headers.Get("X-Github-Event"); v != "" {
|
||||
return v
|
||||
}
|
||||
case SourceGitLab:
|
||||
if v := headers.Get("X-Gitlab-Event"); v != "" {
|
||||
return v
|
||||
}
|
||||
case SourceUnknown:
|
||||
// Fall through to default
|
||||
}
|
||||
|
||||
return "push"
|
||||
}
|
||||
|
||||
// PushEvent is a normalized representation of a push webhook payload
|
||||
// from any supported source (Gitea, GitHub, GitLab). The webhook
|
||||
// service converts source-specific payloads into this format before
|
||||
// processing.
|
||||
type PushEvent struct {
|
||||
Source Source
|
||||
Ref string
|
||||
Before string
|
||||
After string
|
||||
Branch string
|
||||
RepoName string
|
||||
CloneURL UnparsedURL
|
||||
HTMLURL UnparsedURL
|
||||
CommitURL UnparsedURL
|
||||
Pusher string
|
||||
}
|
||||
|
||||
@@ -4,14 +4,17 @@ package webhook
|
||||
import (
|
||||
"context"
|
||||
"database/sql"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"log/slog"
|
||||
"strconv"
|
||||
|
||||
"go.uber.org/fx"
|
||||
|
||||
"sneak.berlin/go/upaas/internal/database"
|
||||
|
||||
"sneak.berlin/go/upaas/internal/logger"
|
||||
"sneak.berlin/go/upaas/internal/metrics"
|
||||
"sneak.berlin/go/upaas/internal/models"
|
||||
"sneak.berlin/go/upaas/internal/service/deploy"
|
||||
)
|
||||
@@ -23,66 +26,91 @@ type ServiceParams struct {
|
||||
Logger *logger.Logger
|
||||
Database *database.Database
|
||||
Deploy *deploy.Service
|
||||
Metrics *metrics.Metrics
|
||||
}
|
||||
|
||||
// Service provides webhook handling functionality.
|
||||
type Service struct {
|
||||
log *slog.Logger
|
||||
db *database.Database
|
||||
deploy *deploy.Service
|
||||
params *ServiceParams
|
||||
log *slog.Logger
|
||||
db *database.Database
|
||||
deploy *deploy.Service
|
||||
metrics *metrics.Metrics
|
||||
params *ServiceParams
|
||||
}
|
||||
|
||||
// New creates a new webhook Service.
|
||||
func New(_ fx.Lifecycle, params ServiceParams) (*Service, error) {
|
||||
return &Service{
|
||||
log: params.Logger.Get(),
|
||||
db: params.Database,
|
||||
deploy: params.Deploy,
|
||||
params: ¶ms,
|
||||
log: params.Logger.Get(),
|
||||
db: params.Database,
|
||||
deploy: params.Deploy,
|
||||
metrics: params.Metrics,
|
||||
params: ¶ms,
|
||||
}, nil
|
||||
}
|
||||
|
||||
// HandleWebhook processes a webhook request from any supported source
|
||||
// (Gitea, GitHub, or GitLab). The source parameter determines which
|
||||
// payload format to use for parsing.
|
||||
// GiteaPushPayload represents a Gitea push webhook payload.
|
||||
//
|
||||
//nolint:tagliatelle // Field names match Gitea API (snake_case)
|
||||
type GiteaPushPayload struct {
|
||||
Ref string `json:"ref"`
|
||||
Before string `json:"before"`
|
||||
After string `json:"after"`
|
||||
CompareURL UnparsedURL `json:"compare_url"`
|
||||
Repository struct {
|
||||
FullName string `json:"full_name"`
|
||||
CloneURL UnparsedURL `json:"clone_url"`
|
||||
SSHURL string `json:"ssh_url"`
|
||||
HTMLURL UnparsedURL `json:"html_url"`
|
||||
} `json:"repository"`
|
||||
Pusher struct {
|
||||
Username string `json:"username"`
|
||||
Email string `json:"email"`
|
||||
} `json:"pusher"`
|
||||
Commits []struct {
|
||||
ID string `json:"id"`
|
||||
URL UnparsedURL `json:"url"`
|
||||
Message string `json:"message"`
|
||||
Author struct {
|
||||
Name string `json:"name"`
|
||||
Email string `json:"email"`
|
||||
} `json:"author"`
|
||||
} `json:"commits"`
|
||||
}
|
||||
|
||||
// HandleWebhook processes a webhook request.
|
||||
func (svc *Service) HandleWebhook(
|
||||
ctx context.Context,
|
||||
app *models.App,
|
||||
source Source,
|
||||
eventType string,
|
||||
payload []byte,
|
||||
) error {
|
||||
svc.log.Info("processing webhook",
|
||||
"app", app.Name,
|
||||
"source", source.String(),
|
||||
"event", eventType,
|
||||
)
|
||||
svc.log.Info("processing webhook", "app", app.Name, "event", eventType)
|
||||
|
||||
// Parse payload into normalized push event
|
||||
pushEvent, parseErr := ParsePushPayload(source, payload)
|
||||
if parseErr != nil {
|
||||
svc.log.Warn("failed to parse webhook payload",
|
||||
"error", parseErr,
|
||||
"source", source.String(),
|
||||
)
|
||||
// Continue with empty push event to still log the webhook
|
||||
pushEvent = &PushEvent{Source: source}
|
||||
// Parse payload
|
||||
var pushPayload GiteaPushPayload
|
||||
|
||||
unmarshalErr := json.Unmarshal(payload, &pushPayload)
|
||||
if unmarshalErr != nil {
|
||||
svc.log.Warn("failed to parse webhook payload", "error", unmarshalErr)
|
||||
// Continue anyway to log the event
|
||||
}
|
||||
|
||||
// Extract branch from ref
|
||||
branch := extractBranch(pushPayload.Ref)
|
||||
commitSHA := pushPayload.After
|
||||
commitURL := extractCommitURL(pushPayload)
|
||||
|
||||
// Check if branch matches
|
||||
matched := pushEvent.Branch == app.Branch
|
||||
matched := branch == app.Branch
|
||||
|
||||
// Create webhook event record
|
||||
event := models.NewWebhookEvent(svc.db)
|
||||
event.AppID = app.ID
|
||||
event.EventType = eventType
|
||||
event.Branch = pushEvent.Branch
|
||||
event.CommitSHA = sql.NullString{String: pushEvent.After, Valid: pushEvent.After != ""}
|
||||
event.CommitURL = sql.NullString{
|
||||
String: pushEvent.CommitURL.String(),
|
||||
Valid: pushEvent.CommitURL != "",
|
||||
}
|
||||
event.Branch = branch
|
||||
event.CommitSHA = sql.NullString{String: commitSHA, Valid: commitSHA != ""}
|
||||
event.CommitURL = sql.NullString{String: commitURL.String(), Valid: commitURL != ""}
|
||||
event.Payload = sql.NullString{String: string(payload), Valid: true}
|
||||
event.Matched = matched
|
||||
event.Processed = false
|
||||
@@ -94,12 +122,15 @@ func (svc *Service) HandleWebhook(
|
||||
|
||||
svc.log.Info("webhook event recorded",
|
||||
"app", app.Name,
|
||||
"source", source.String(),
|
||||
"branch", pushEvent.Branch,
|
||||
"branch", branch,
|
||||
"matched", matched,
|
||||
"commit", pushEvent.After,
|
||||
"commit", commitSHA,
|
||||
)
|
||||
|
||||
svc.metrics.WebhookEventsTotal.WithLabelValues(
|
||||
app.Name, eventType, strconv.FormatBool(matched),
|
||||
).Inc()
|
||||
|
||||
// If branch matches, trigger deployment
|
||||
if matched {
|
||||
svc.triggerDeployment(ctx, app, event)
|
||||
@@ -132,3 +163,33 @@ func (svc *Service) triggerDeployment(
|
||||
_ = event.Save(deployCtx)
|
||||
}()
|
||||
}
|
||||
|
||||
// extractBranch extracts the branch name from a git ref.
|
||||
func extractBranch(ref string) string {
|
||||
// refs/heads/main -> main
|
||||
const prefix = "refs/heads/"
|
||||
|
||||
if len(ref) >= len(prefix) && ref[:len(prefix)] == prefix {
|
||||
return ref[len(prefix):]
|
||||
}
|
||||
|
||||
return ref
|
||||
}
|
||||
|
||||
// extractCommitURL extracts the commit URL from the webhook payload.
|
||||
// Prefers the URL from the head commit, falls back to constructing from repo URL.
|
||||
func extractCommitURL(payload GiteaPushPayload) UnparsedURL {
|
||||
// Try to find the URL from the head commit (matching After SHA)
|
||||
for _, commit := range payload.Commits {
|
||||
if commit.ID == payload.After && commit.URL != "" {
|
||||
return commit.URL
|
||||
}
|
||||
}
|
||||
|
||||
// Fall back to constructing URL from repo HTML URL
|
||||
if payload.Repository.HTMLURL != "" && payload.After != "" {
|
||||
return UnparsedURL(payload.Repository.HTMLURL.String() + "/commit/" + payload.After)
|
||||
}
|
||||
|
||||
return ""
|
||||
}
|
||||
|
||||
@@ -3,12 +3,12 @@ package webhook_test
|
||||
import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"net/http"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/prometheus/client_golang/prometheus"
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
"go.uber.org/fx"
|
||||
@@ -18,6 +18,7 @@ import (
|
||||
"sneak.berlin/go/upaas/internal/docker"
|
||||
"sneak.berlin/go/upaas/internal/globals"
|
||||
"sneak.berlin/go/upaas/internal/logger"
|
||||
"sneak.berlin/go/upaas/internal/metrics"
|
||||
"sneak.berlin/go/upaas/internal/models"
|
||||
"sneak.berlin/go/upaas/internal/service/deploy"
|
||||
"sneak.berlin/go/upaas/internal/service/notify"
|
||||
@@ -64,13 +65,17 @@ func setupTestService(t *testing.T) (*webhook.Service, *database.Database, func(
|
||||
notifySvc, err := notify.New(fx.Lifecycle(nil), notify.ServiceParams{Logger: deps.logger})
|
||||
require.NoError(t, err)
|
||||
|
||||
metricsInstance := metrics.NewForTest(prometheus.NewRegistry())
|
||||
|
||||
deploySvc, err := deploy.New(fx.Lifecycle(nil), deploy.ServiceParams{
|
||||
Logger: deps.logger, Config: deps.config, Database: deps.db, Docker: dockerClient, Notify: notifySvc,
|
||||
Metrics: metricsInstance,
|
||||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
svc, err := webhook.New(fx.Lifecycle(nil), webhook.ServiceParams{
|
||||
Logger: deps.logger, Database: deps.db, Deploy: deploySvc,
|
||||
Metrics: metricsInstance,
|
||||
})
|
||||
require.NoError(t, err)
|
||||
|
||||
@@ -103,114 +108,44 @@ func createTestApp(
|
||||
return app
|
||||
}
|
||||
|
||||
// TestDetectWebhookSource tests auto-detection of webhook source from HTTP headers.
|
||||
//
|
||||
//nolint:funlen // table-driven test with comprehensive test cases
|
||||
func TestDetectWebhookSource(testingT *testing.T) {
|
||||
func TestExtractBranch(testingT *testing.T) {
|
||||
testingT.Parallel()
|
||||
|
||||
tests := []struct {
|
||||
name string
|
||||
headers map[string]string
|
||||
expected webhook.Source
|
||||
}{
|
||||
{
|
||||
name: "detects Gitea from X-Gitea-Event header",
|
||||
headers: map[string]string{"X-Gitea-Event": "push"},
|
||||
expected: webhook.SourceGitea,
|
||||
},
|
||||
{
|
||||
name: "detects GitHub from X-GitHub-Event header",
|
||||
headers: map[string]string{"X-GitHub-Event": "push"},
|
||||
expected: webhook.SourceGitHub,
|
||||
},
|
||||
{
|
||||
name: "detects GitLab from X-Gitlab-Event header",
|
||||
headers: map[string]string{"X-Gitlab-Event": "Push Hook"},
|
||||
expected: webhook.SourceGitLab,
|
||||
},
|
||||
{
|
||||
name: "returns unknown when no recognized header",
|
||||
headers: map[string]string{"Content-Type": "application/json"},
|
||||
expected: webhook.SourceUnknown,
|
||||
},
|
||||
{
|
||||
name: "returns unknown for empty headers",
|
||||
headers: map[string]string{},
|
||||
expected: webhook.SourceUnknown,
|
||||
},
|
||||
{
|
||||
name: "Gitea takes precedence over GitHub",
|
||||
headers: map[string]string{
|
||||
"X-Gitea-Event": "push",
|
||||
"X-GitHub-Event": "push",
|
||||
},
|
||||
expected: webhook.SourceGitea,
|
||||
},
|
||||
{
|
||||
name: "GitHub takes precedence over GitLab",
|
||||
headers: map[string]string{
|
||||
"X-GitHub-Event": "push",
|
||||
"X-Gitlab-Event": "Push Hook",
|
||||
},
|
||||
expected: webhook.SourceGitHub,
|
||||
},
|
||||
}
|
||||
|
||||
for _, testCase := range tests {
|
||||
testingT.Run(testCase.name, func(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
headers := http.Header{}
|
||||
for key, value := range testCase.headers {
|
||||
headers.Set(key, value)
|
||||
}
|
||||
|
||||
result := webhook.DetectWebhookSource(headers)
|
||||
assert.Equal(t, testCase.expected, result)
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
// TestDetectEventType tests event type extraction from HTTP headers.
|
||||
func TestDetectEventType(testingT *testing.T) {
|
||||
testingT.Parallel()
|
||||
|
||||
tests := []struct {
|
||||
name string
|
||||
headers map[string]string
|
||||
source webhook.Source
|
||||
ref string
|
||||
expected string
|
||||
}{
|
||||
{
|
||||
name: "extracts Gitea event type",
|
||||
headers: map[string]string{"X-Gitea-Event": "push"},
|
||||
source: webhook.SourceGitea,
|
||||
expected: "push",
|
||||
name: "extracts main branch",
|
||||
ref: "refs/heads/main",
|
||||
expected: "main",
|
||||
},
|
||||
{
|
||||
name: "extracts GitHub event type",
|
||||
headers: map[string]string{"X-GitHub-Event": "push"},
|
||||
source: webhook.SourceGitHub,
|
||||
expected: "push",
|
||||
name: "extracts feature branch",
|
||||
ref: "refs/heads/feature/new-feature",
|
||||
expected: "feature/new-feature",
|
||||
},
|
||||
{
|
||||
name: "extracts GitLab event type",
|
||||
headers: map[string]string{"X-Gitlab-Event": "Push Hook"},
|
||||
source: webhook.SourceGitLab,
|
||||
expected: "Push Hook",
|
||||
name: "extracts develop branch",
|
||||
ref: "refs/heads/develop",
|
||||
expected: "develop",
|
||||
},
|
||||
{
|
||||
name: "returns push for unknown source",
|
||||
headers: map[string]string{},
|
||||
source: webhook.SourceUnknown,
|
||||
expected: "push",
|
||||
name: "returns raw ref if no prefix",
|
||||
ref: "main",
|
||||
expected: "main",
|
||||
},
|
||||
{
|
||||
name: "returns push when header missing for source",
|
||||
headers: map[string]string{},
|
||||
source: webhook.SourceGitea,
|
||||
expected: "push",
|
||||
name: "handles empty ref",
|
||||
ref: "",
|
||||
expected: "",
|
||||
},
|
||||
{
|
||||
name: "handles partial prefix",
|
||||
ref: "refs/heads/",
|
||||
expected: "",
|
||||
},
|
||||
}
|
||||
|
||||
@@ -218,318 +153,123 @@ func TestDetectEventType(testingT *testing.T) {
|
||||
testingT.Run(testCase.name, func(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
headers := http.Header{}
|
||||
for key, value := range testCase.headers {
|
||||
headers.Set(key, value)
|
||||
}
|
||||
// We test via HandleWebhook since extractBranch is not exported.
|
||||
// The test verifies behavior indirectly through the webhook event's branch.
|
||||
svc, dbInst, cleanup := setupTestService(t)
|
||||
defer cleanup()
|
||||
|
||||
result := webhook.DetectEventType(headers, testCase.source)
|
||||
assert.Equal(t, testCase.expected, result)
|
||||
})
|
||||
}
|
||||
}
|
||||
app := createTestApp(t, dbInst, testCase.expected)
|
||||
|
||||
// TestWebhookSourceString tests the String method on WebhookSource.
|
||||
func TestWebhookSourceString(t *testing.T) {
|
||||
t.Parallel()
|
||||
payload := []byte(`{"ref": "` + testCase.ref + `"}`)
|
||||
|
||||
assert.Equal(t, "gitea", webhook.SourceGitea.String())
|
||||
assert.Equal(t, "github", webhook.SourceGitHub.String())
|
||||
assert.Equal(t, "gitlab", webhook.SourceGitLab.String())
|
||||
assert.Equal(t, "unknown", webhook.SourceUnknown.String())
|
||||
}
|
||||
|
||||
// TestUnparsedURLString tests the String method on UnparsedURL.
|
||||
func TestUnparsedURLString(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
u := webhook.UnparsedURL("https://example.com/test")
|
||||
assert.Equal(t, "https://example.com/test", u.String())
|
||||
|
||||
empty := webhook.UnparsedURL("")
|
||||
assert.Empty(t, empty.String())
|
||||
}
|
||||
|
||||
// TestParsePushPayloadGitea tests parsing of Gitea push payloads.
|
||||
func TestParsePushPayloadGitea(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
payload := []byte(`{
|
||||
"ref": "refs/heads/main",
|
||||
"before": "0000000000000000000000000000000000000000",
|
||||
"after": "abc123def456789",
|
||||
"compare_url": "https://gitea.example.com/myorg/myrepo/compare/000...abc",
|
||||
"repository": {
|
||||
"full_name": "myorg/myrepo",
|
||||
"clone_url": "https://gitea.example.com/myorg/myrepo.git",
|
||||
"ssh_url": "git@gitea.example.com:myorg/myrepo.git",
|
||||
"html_url": "https://gitea.example.com/myorg/myrepo"
|
||||
},
|
||||
"pusher": {"username": "developer", "email": "dev@example.com"},
|
||||
"commits": [
|
||||
{
|
||||
"id": "abc123def456789",
|
||||
"url": "https://gitea.example.com/myorg/myrepo/commit/abc123def456789",
|
||||
"message": "Fix bug",
|
||||
"author": {"name": "Developer", "email": "dev@example.com"}
|
||||
}
|
||||
]
|
||||
}`)
|
||||
|
||||
event, err := webhook.ParsePushPayload(webhook.SourceGitea, payload)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t, webhook.SourceGitea, event.Source)
|
||||
assert.Equal(t, "refs/heads/main", event.Ref)
|
||||
assert.Equal(t, "main", event.Branch)
|
||||
assert.Equal(t, "abc123def456789", event.After)
|
||||
assert.Equal(t, "myorg/myrepo", event.RepoName)
|
||||
assert.Equal(t, webhook.UnparsedURL("https://gitea.example.com/myorg/myrepo.git"), event.CloneURL)
|
||||
assert.Equal(t, webhook.UnparsedURL("https://gitea.example.com/myorg/myrepo"), event.HTMLURL)
|
||||
assert.Equal(t,
|
||||
webhook.UnparsedURL("https://gitea.example.com/myorg/myrepo/commit/abc123def456789"),
|
||||
event.CommitURL,
|
||||
)
|
||||
assert.Equal(t, "developer", event.Pusher)
|
||||
}
|
||||
|
||||
// TestParsePushPayloadGitHub tests parsing of GitHub push payloads.
|
||||
func TestParsePushPayloadGitHub(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
payload := []byte(`{
|
||||
"ref": "refs/heads/main",
|
||||
"before": "0000000000000000000000000000000000000000",
|
||||
"after": "abc123def456789",
|
||||
"compare": "https://github.com/myorg/myrepo/compare/000...abc",
|
||||
"repository": {
|
||||
"full_name": "myorg/myrepo",
|
||||
"clone_url": "https://github.com/myorg/myrepo.git",
|
||||
"ssh_url": "git@github.com:myorg/myrepo.git",
|
||||
"html_url": "https://github.com/myorg/myrepo"
|
||||
},
|
||||
"pusher": {"name": "developer", "email": "dev@example.com"},
|
||||
"head_commit": {
|
||||
"id": "abc123def456789",
|
||||
"url": "https://github.com/myorg/myrepo/commit/abc123def456789",
|
||||
"message": "Fix bug"
|
||||
},
|
||||
"commits": [
|
||||
{
|
||||
"id": "abc123def456789",
|
||||
"url": "https://github.com/myorg/myrepo/commit/abc123def456789",
|
||||
"message": "Fix bug",
|
||||
"author": {"name": "Developer", "email": "dev@example.com"}
|
||||
}
|
||||
]
|
||||
}`)
|
||||
|
||||
event, err := webhook.ParsePushPayload(webhook.SourceGitHub, payload)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t, webhook.SourceGitHub, event.Source)
|
||||
assert.Equal(t, "refs/heads/main", event.Ref)
|
||||
assert.Equal(t, "main", event.Branch)
|
||||
assert.Equal(t, "abc123def456789", event.After)
|
||||
assert.Equal(t, "myorg/myrepo", event.RepoName)
|
||||
assert.Equal(t, webhook.UnparsedURL("https://github.com/myorg/myrepo.git"), event.CloneURL)
|
||||
assert.Equal(t, webhook.UnparsedURL("https://github.com/myorg/myrepo"), event.HTMLURL)
|
||||
assert.Equal(t,
|
||||
webhook.UnparsedURL("https://github.com/myorg/myrepo/commit/abc123def456789"),
|
||||
event.CommitURL,
|
||||
)
|
||||
assert.Equal(t, "developer", event.Pusher)
|
||||
}
|
||||
|
||||
// TestParsePushPayloadGitLab tests parsing of GitLab push payloads.
|
||||
func TestParsePushPayloadGitLab(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
payload := []byte(`{
|
||||
"ref": "refs/heads/develop",
|
||||
"before": "0000000000000000000000000000000000000000",
|
||||
"after": "abc123def456789",
|
||||
"user_name": "developer",
|
||||
"user_email": "dev@example.com",
|
||||
"project": {
|
||||
"path_with_namespace": "mygroup/myproject",
|
||||
"git_http_url": "https://gitlab.com/mygroup/myproject.git",
|
||||
"git_ssh_url": "git@gitlab.com:mygroup/myproject.git",
|
||||
"web_url": "https://gitlab.com/mygroup/myproject"
|
||||
},
|
||||
"commits": [
|
||||
{
|
||||
"id": "abc123def456789",
|
||||
"url": "https://gitlab.com/mygroup/myproject/-/commit/abc123def456789",
|
||||
"message": "Fix bug",
|
||||
"author": {"name": "Developer", "email": "dev@example.com"}
|
||||
}
|
||||
]
|
||||
}`)
|
||||
|
||||
event, err := webhook.ParsePushPayload(webhook.SourceGitLab, payload)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t, webhook.SourceGitLab, event.Source)
|
||||
assert.Equal(t, "refs/heads/develop", event.Ref)
|
||||
assert.Equal(t, "develop", event.Branch)
|
||||
assert.Equal(t, "abc123def456789", event.After)
|
||||
assert.Equal(t, "mygroup/myproject", event.RepoName)
|
||||
assert.Equal(t, webhook.UnparsedURL("https://gitlab.com/mygroup/myproject.git"), event.CloneURL)
|
||||
assert.Equal(t, webhook.UnparsedURL("https://gitlab.com/mygroup/myproject"), event.HTMLURL)
|
||||
assert.Equal(t,
|
||||
webhook.UnparsedURL("https://gitlab.com/mygroup/myproject/-/commit/abc123def456789"),
|
||||
event.CommitURL,
|
||||
)
|
||||
assert.Equal(t, "developer", event.Pusher)
|
||||
}
|
||||
|
||||
// TestParsePushPayloadUnknownFallsBackToGitea tests that unknown source uses Gitea parser.
|
||||
func TestParsePushPayloadUnknownFallsBackToGitea(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
payload := []byte(`{
|
||||
"ref": "refs/heads/main",
|
||||
"after": "abc123",
|
||||
"repository": {"full_name": "user/repo"},
|
||||
"pusher": {"username": "user"}
|
||||
}`)
|
||||
|
||||
event, err := webhook.ParsePushPayload(webhook.SourceUnknown, payload)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t, webhook.SourceGitea, event.Source)
|
||||
assert.Equal(t, "main", event.Branch)
|
||||
assert.Equal(t, "abc123", event.After)
|
||||
}
|
||||
|
||||
// TestParsePushPayloadInvalidJSON tests that invalid JSON returns an error.
|
||||
func TestParsePushPayloadInvalidJSON(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
sources := []webhook.Source{
|
||||
webhook.SourceGitea,
|
||||
webhook.SourceGitHub,
|
||||
webhook.SourceGitLab,
|
||||
}
|
||||
|
||||
for _, source := range sources {
|
||||
t.Run(source.String(), func(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
_, err := webhook.ParsePushPayload(source, []byte(`{invalid json}`))
|
||||
require.Error(t, err)
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
// TestParsePushPayloadEmptyPayload tests parsing of empty JSON objects.
|
||||
func TestParsePushPayloadEmptyPayload(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
sources := []webhook.Source{
|
||||
webhook.SourceGitea,
|
||||
webhook.SourceGitHub,
|
||||
webhook.SourceGitLab,
|
||||
}
|
||||
|
||||
for _, source := range sources {
|
||||
t.Run(source.String(), func(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
event, err := webhook.ParsePushPayload(source, []byte(`{}`))
|
||||
err := svc.HandleWebhook(context.Background(), app, "push", payload)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Empty(t, event.Branch)
|
||||
assert.Empty(t, event.After)
|
||||
// Allow async deployment goroutine to complete before test cleanup
|
||||
time.Sleep(100 * time.Millisecond)
|
||||
|
||||
events, err := app.GetWebhookEvents(context.Background(), 10)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, events, 1)
|
||||
|
||||
assert.Equal(t, testCase.expected, events[0].Branch)
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
// TestGitHubCommitURLFallback tests commit URL extraction fallback paths for GitHub.
|
||||
func TestGitHubCommitURLFallback(t *testing.T) {
|
||||
func TestHandleWebhookMatchingBranch(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
t.Run("uses head_commit URL when available", func(t *testing.T) {
|
||||
t.Parallel()
|
||||
svc, dbInst, cleanup := setupTestService(t)
|
||||
defer cleanup()
|
||||
|
||||
payload := []byte(`{
|
||||
"ref": "refs/heads/main",
|
||||
"after": "abc123",
|
||||
"head_commit": {"id": "abc123", "url": "https://github.com/u/r/commit/abc123"},
|
||||
"repository": {"html_url": "https://github.com/u/r"}
|
||||
}`)
|
||||
app := createTestApp(t, dbInst, "main")
|
||||
|
||||
event, err := webhook.ParsePushPayload(webhook.SourceGitHub, payload)
|
||||
require.NoError(t, err)
|
||||
assert.Equal(t, webhook.UnparsedURL("https://github.com/u/r/commit/abc123"), event.CommitURL)
|
||||
})
|
||||
payload := []byte(`{
|
||||
"ref": "refs/heads/main",
|
||||
"before": "0000000000000000000000000000000000000000",
|
||||
"after": "abc123def456",
|
||||
"repository": {
|
||||
"full_name": "user/repo",
|
||||
"clone_url": "https://gitea.example.com/user/repo.git",
|
||||
"ssh_url": "git@gitea.example.com:user/repo.git"
|
||||
},
|
||||
"pusher": {"username": "testuser", "email": "test@example.com"},
|
||||
"commits": [{"id": "abc123def456", "message": "Test commit",
|
||||
"author": {"name": "Test User", "email": "test@example.com"}}]
|
||||
}`)
|
||||
|
||||
t.Run("falls back to commits list", func(t *testing.T) {
|
||||
t.Parallel()
|
||||
err := svc.HandleWebhook(context.Background(), app, "push", payload)
|
||||
require.NoError(t, err)
|
||||
|
||||
payload := []byte(`{
|
||||
"ref": "refs/heads/main",
|
||||
"after": "abc123",
|
||||
"commits": [{"id": "abc123", "url": "https://github.com/u/r/commit/abc123"}],
|
||||
"repository": {"html_url": "https://github.com/u/r"}
|
||||
}`)
|
||||
// Allow async deployment goroutine to complete before test cleanup
|
||||
time.Sleep(100 * time.Millisecond)
|
||||
|
||||
event, err := webhook.ParsePushPayload(webhook.SourceGitHub, payload)
|
||||
require.NoError(t, err)
|
||||
assert.Equal(t, webhook.UnparsedURL("https://github.com/u/r/commit/abc123"), event.CommitURL)
|
||||
})
|
||||
events, err := app.GetWebhookEvents(context.Background(), 10)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, events, 1)
|
||||
|
||||
t.Run("constructs URL from repo HTML URL", func(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
payload := []byte(`{
|
||||
"ref": "refs/heads/main",
|
||||
"after": "abc123",
|
||||
"repository": {"html_url": "https://github.com/u/r"}
|
||||
}`)
|
||||
|
||||
event, err := webhook.ParsePushPayload(webhook.SourceGitHub, payload)
|
||||
require.NoError(t, err)
|
||||
assert.Equal(t, webhook.UnparsedURL("https://github.com/u/r/commit/abc123"), event.CommitURL)
|
||||
})
|
||||
event := events[0]
|
||||
assert.Equal(t, "push", event.EventType)
|
||||
assert.Equal(t, "main", event.Branch)
|
||||
assert.True(t, event.Matched)
|
||||
assert.Equal(t, "abc123def456", event.CommitSHA.String)
|
||||
}
|
||||
|
||||
// TestGitLabCommitURLFallback tests commit URL extraction fallback paths for GitLab.
|
||||
func TestGitLabCommitURLFallback(t *testing.T) {
|
||||
func TestHandleWebhookNonMatchingBranch(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
t.Run("uses commit URL from list", func(t *testing.T) {
|
||||
t.Parallel()
|
||||
svc, dbInst, cleanup := setupTestService(t)
|
||||
defer cleanup()
|
||||
|
||||
payload := []byte(`{
|
||||
"ref": "refs/heads/main",
|
||||
"after": "abc123",
|
||||
"project": {"web_url": "https://gitlab.com/g/p"},
|
||||
"commits": [{"id": "abc123", "url": "https://gitlab.com/g/p/-/commit/abc123"}]
|
||||
}`)
|
||||
app := createTestApp(t, dbInst, "main")
|
||||
|
||||
event, err := webhook.ParsePushPayload(webhook.SourceGitLab, payload)
|
||||
require.NoError(t, err)
|
||||
assert.Equal(t, webhook.UnparsedURL("https://gitlab.com/g/p/-/commit/abc123"), event.CommitURL)
|
||||
})
|
||||
payload := []byte(`{"ref": "refs/heads/develop", "after": "def789ghi012"}`)
|
||||
|
||||
t.Run("constructs URL from project web URL", func(t *testing.T) {
|
||||
t.Parallel()
|
||||
err := svc.HandleWebhook(context.Background(), app, "push", payload)
|
||||
require.NoError(t, err)
|
||||
|
||||
payload := []byte(`{
|
||||
"ref": "refs/heads/main",
|
||||
"after": "abc123",
|
||||
"project": {"web_url": "https://gitlab.com/g/p"}
|
||||
}`)
|
||||
events, err := app.GetWebhookEvents(context.Background(), 10)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, events, 1)
|
||||
|
||||
event, err := webhook.ParsePushPayload(webhook.SourceGitLab, payload)
|
||||
require.NoError(t, err)
|
||||
assert.Equal(t, webhook.UnparsedURL("https://gitlab.com/g/p/-/commit/abc123"), event.CommitURL)
|
||||
})
|
||||
assert.Equal(t, "develop", events[0].Branch)
|
||||
assert.False(t, events[0].Matched)
|
||||
}
|
||||
|
||||
func TestHandleWebhookInvalidJSON(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
svc, dbInst, cleanup := setupTestService(t)
|
||||
defer cleanup()
|
||||
|
||||
app := createTestApp(t, dbInst, "main")
|
||||
|
||||
err := svc.HandleWebhook(context.Background(), app, "push", []byte(`{invalid json}`))
|
||||
require.NoError(t, err)
|
||||
|
||||
events, err := app.GetWebhookEvents(context.Background(), 10)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, events, 1)
|
||||
}
|
||||
|
||||
func TestHandleWebhookEmptyPayload(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
svc, dbInst, cleanup := setupTestService(t)
|
||||
defer cleanup()
|
||||
|
||||
app := createTestApp(t, dbInst, "main")
|
||||
|
||||
err := svc.HandleWebhook(context.Background(), app, "push", []byte(`{}`))
|
||||
require.NoError(t, err)
|
||||
|
||||
events, err := app.GetWebhookEvents(context.Background(), 10)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, events, 1)
|
||||
assert.False(t, events[0].Matched)
|
||||
}
|
||||
|
||||
// TestGiteaPushPayloadParsing tests direct deserialization of the Gitea payload struct.
|
||||
func TestGiteaPushPayloadParsing(testingT *testing.T) {
|
||||
testingT.Parallel()
|
||||
|
||||
@@ -588,354 +328,6 @@ func TestGiteaPushPayloadParsing(testingT *testing.T) {
|
||||
})
|
||||
}
|
||||
|
||||
// TestGitHubPushPayloadParsing tests direct deserialization of the GitHub payload struct.
|
||||
func TestGitHubPushPayloadParsing(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
payload := []byte(`{
|
||||
"ref": "refs/heads/main",
|
||||
"before": "0000000000",
|
||||
"after": "abc123",
|
||||
"compare": "https://github.com/o/r/compare/000...abc",
|
||||
"repository": {
|
||||
"full_name": "o/r",
|
||||
"clone_url": "https://github.com/o/r.git",
|
||||
"ssh_url": "git@github.com:o/r.git",
|
||||
"html_url": "https://github.com/o/r"
|
||||
},
|
||||
"pusher": {"name": "octocat", "email": "octocat@github.com"},
|
||||
"head_commit": {
|
||||
"id": "abc123",
|
||||
"url": "https://github.com/o/r/commit/abc123",
|
||||
"message": "Update README"
|
||||
},
|
||||
"commits": [
|
||||
{
|
||||
"id": "abc123",
|
||||
"url": "https://github.com/o/r/commit/abc123",
|
||||
"message": "Update README",
|
||||
"author": {"name": "Octocat", "email": "octocat@github.com"}
|
||||
}
|
||||
]
|
||||
}`)
|
||||
|
||||
var p webhook.GitHubPushPayload
|
||||
|
||||
err := json.Unmarshal(payload, &p)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t, "refs/heads/main", p.Ref)
|
||||
assert.Equal(t, "abc123", p.After)
|
||||
assert.Equal(t, "o/r", p.Repository.FullName)
|
||||
assert.Equal(t, "octocat", p.Pusher.Name)
|
||||
assert.NotNil(t, p.HeadCommit)
|
||||
assert.Equal(t, "abc123", p.HeadCommit.ID)
|
||||
assert.Len(t, p.Commits, 1)
|
||||
}
|
||||
|
||||
// TestGitLabPushPayloadParsing tests direct deserialization of the GitLab payload struct.
|
||||
func TestGitLabPushPayloadParsing(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
payload := []byte(`{
|
||||
"ref": "refs/heads/main",
|
||||
"before": "0000000000",
|
||||
"after": "abc123",
|
||||
"user_name": "gitlab-user",
|
||||
"user_email": "user@gitlab.com",
|
||||
"project": {
|
||||
"path_with_namespace": "group/project",
|
||||
"git_http_url": "https://gitlab.com/group/project.git",
|
||||
"git_ssh_url": "git@gitlab.com:group/project.git",
|
||||
"web_url": "https://gitlab.com/group/project"
|
||||
},
|
||||
"commits": [
|
||||
{
|
||||
"id": "abc123",
|
||||
"url": "https://gitlab.com/group/project/-/commit/abc123",
|
||||
"message": "Fix pipeline",
|
||||
"author": {"name": "GitLab User", "email": "user@gitlab.com"}
|
||||
}
|
||||
]
|
||||
}`)
|
||||
|
||||
var p webhook.GitLabPushPayload
|
||||
|
||||
err := json.Unmarshal(payload, &p)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t, "refs/heads/main", p.Ref)
|
||||
assert.Equal(t, "abc123", p.After)
|
||||
assert.Equal(t, "group/project", p.Project.PathWithNamespace)
|
||||
assert.Equal(t, "gitlab-user", p.UserName)
|
||||
assert.Len(t, p.Commits, 1)
|
||||
}
|
||||
|
||||
// TestExtractBranch tests branch extraction via HandleWebhook integration (extractBranch is unexported).
|
||||
//
|
||||
//nolint:funlen // table-driven test with comprehensive test cases
|
||||
func TestExtractBranch(testingT *testing.T) {
|
||||
testingT.Parallel()
|
||||
|
||||
tests := []struct {
|
||||
name string
|
||||
ref string
|
||||
expected string
|
||||
}{
|
||||
{
|
||||
name: "extracts main branch",
|
||||
ref: "refs/heads/main",
|
||||
expected: "main",
|
||||
},
|
||||
{
|
||||
name: "extracts feature branch",
|
||||
ref: "refs/heads/feature/new-feature",
|
||||
expected: "feature/new-feature",
|
||||
},
|
||||
{
|
||||
name: "extracts develop branch",
|
||||
ref: "refs/heads/develop",
|
||||
expected: "develop",
|
||||
},
|
||||
{
|
||||
name: "returns raw ref if no prefix",
|
||||
ref: "main",
|
||||
expected: "main",
|
||||
},
|
||||
{
|
||||
name: "handles empty ref",
|
||||
ref: "",
|
||||
expected: "",
|
||||
},
|
||||
{
|
||||
name: "handles partial prefix",
|
||||
ref: "refs/heads/",
|
||||
expected: "",
|
||||
},
|
||||
}
|
||||
|
||||
for _, testCase := range tests {
|
||||
testingT.Run(testCase.name, func(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
// We test via HandleWebhook since extractBranch is not exported.
|
||||
// The test verifies behavior indirectly through the webhook event's branch.
|
||||
svc, dbInst, cleanup := setupTestService(t)
|
||||
defer cleanup()
|
||||
|
||||
app := createTestApp(t, dbInst, testCase.expected)
|
||||
|
||||
payload := []byte(`{"ref": "` + testCase.ref + `"}`)
|
||||
|
||||
err := svc.HandleWebhook(
|
||||
context.Background(), app, webhook.SourceGitea, "push", payload,
|
||||
)
|
||||
require.NoError(t, err)
|
||||
|
||||
// Allow async deployment goroutine to complete before test cleanup
|
||||
time.Sleep(100 * time.Millisecond)
|
||||
|
||||
events, err := app.GetWebhookEvents(context.Background(), 10)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, events, 1)
|
||||
|
||||
assert.Equal(t, testCase.expected, events[0].Branch)
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestHandleWebhookMatchingBranch(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
svc, dbInst, cleanup := setupTestService(t)
|
||||
defer cleanup()
|
||||
|
||||
app := createTestApp(t, dbInst, "main")
|
||||
|
||||
payload := []byte(`{
|
||||
"ref": "refs/heads/main",
|
||||
"before": "0000000000000000000000000000000000000000",
|
||||
"after": "abc123def456",
|
||||
"repository": {
|
||||
"full_name": "user/repo",
|
||||
"clone_url": "https://gitea.example.com/user/repo.git",
|
||||
"ssh_url": "git@gitea.example.com:user/repo.git"
|
||||
},
|
||||
"pusher": {"username": "testuser", "email": "test@example.com"},
|
||||
"commits": [{"id": "abc123def456", "message": "Test commit",
|
||||
"author": {"name": "Test User", "email": "test@example.com"}}]
|
||||
}`)
|
||||
|
||||
err := svc.HandleWebhook(
|
||||
context.Background(), app, webhook.SourceGitea, "push", payload,
|
||||
)
|
||||
require.NoError(t, err)
|
||||
|
||||
// Allow async deployment goroutine to complete before test cleanup
|
||||
time.Sleep(100 * time.Millisecond)
|
||||
|
||||
events, err := app.GetWebhookEvents(context.Background(), 10)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, events, 1)
|
||||
|
||||
event := events[0]
|
||||
assert.Equal(t, "push", event.EventType)
|
||||
assert.Equal(t, "main", event.Branch)
|
||||
assert.True(t, event.Matched)
|
||||
assert.Equal(t, "abc123def456", event.CommitSHA.String)
|
||||
}
|
||||
|
||||
func TestHandleWebhookNonMatchingBranch(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
svc, dbInst, cleanup := setupTestService(t)
|
||||
defer cleanup()
|
||||
|
||||
app := createTestApp(t, dbInst, "main")
|
||||
|
||||
payload := []byte(`{"ref": "refs/heads/develop", "after": "def789ghi012"}`)
|
||||
|
||||
err := svc.HandleWebhook(
|
||||
context.Background(), app, webhook.SourceGitea, "push", payload,
|
||||
)
|
||||
require.NoError(t, err)
|
||||
|
||||
events, err := app.GetWebhookEvents(context.Background(), 10)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, events, 1)
|
||||
|
||||
assert.Equal(t, "develop", events[0].Branch)
|
||||
assert.False(t, events[0].Matched)
|
||||
}
|
||||
|
||||
func TestHandleWebhookInvalidJSON(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
svc, dbInst, cleanup := setupTestService(t)
|
||||
defer cleanup()
|
||||
|
||||
app := createTestApp(t, dbInst, "main")
|
||||
|
||||
err := svc.HandleWebhook(
|
||||
context.Background(), app, webhook.SourceGitea, "push", []byte(`{invalid json}`),
|
||||
)
|
||||
require.NoError(t, err)
|
||||
|
||||
events, err := app.GetWebhookEvents(context.Background(), 10)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, events, 1)
|
||||
}
|
||||
|
||||
func TestHandleWebhookEmptyPayload(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
svc, dbInst, cleanup := setupTestService(t)
|
||||
defer cleanup()
|
||||
|
||||
app := createTestApp(t, dbInst, "main")
|
||||
|
||||
err := svc.HandleWebhook(
|
||||
context.Background(), app, webhook.SourceGitea, "push", []byte(`{}`),
|
||||
)
|
||||
require.NoError(t, err)
|
||||
|
||||
events, err := app.GetWebhookEvents(context.Background(), 10)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, events, 1)
|
||||
assert.False(t, events[0].Matched)
|
||||
}
|
||||
|
||||
// TestHandleWebhookGitHubSource tests HandleWebhook with a GitHub push payload.
|
||||
func TestHandleWebhookGitHubSource(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
svc, dbInst, cleanup := setupTestService(t)
|
||||
defer cleanup()
|
||||
|
||||
app := createTestApp(t, dbInst, "main")
|
||||
|
||||
payload := []byte(`{
|
||||
"ref": "refs/heads/main",
|
||||
"after": "github123",
|
||||
"repository": {
|
||||
"full_name": "org/repo",
|
||||
"clone_url": "https://github.com/org/repo.git",
|
||||
"html_url": "https://github.com/org/repo"
|
||||
},
|
||||
"pusher": {"name": "octocat", "email": "octocat@github.com"},
|
||||
"head_commit": {
|
||||
"id": "github123",
|
||||
"url": "https://github.com/org/repo/commit/github123",
|
||||
"message": "Update feature"
|
||||
}
|
||||
}`)
|
||||
|
||||
err := svc.HandleWebhook(
|
||||
context.Background(), app, webhook.SourceGitHub, "push", payload,
|
||||
)
|
||||
require.NoError(t, err)
|
||||
|
||||
// Allow async deployment goroutine to complete before test cleanup
|
||||
time.Sleep(100 * time.Millisecond)
|
||||
|
||||
events, err := app.GetWebhookEvents(context.Background(), 10)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, events, 1)
|
||||
|
||||
event := events[0]
|
||||
assert.Equal(t, "main", event.Branch)
|
||||
assert.True(t, event.Matched)
|
||||
assert.Equal(t, "github123", event.CommitSHA.String)
|
||||
assert.Equal(t, "https://github.com/org/repo/commit/github123", event.CommitURL.String)
|
||||
}
|
||||
|
||||
// TestHandleWebhookGitLabSource tests HandleWebhook with a GitLab push payload.
|
||||
func TestHandleWebhookGitLabSource(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
svc, dbInst, cleanup := setupTestService(t)
|
||||
defer cleanup()
|
||||
|
||||
app := createTestApp(t, dbInst, "main")
|
||||
|
||||
payload := []byte(`{
|
||||
"ref": "refs/heads/main",
|
||||
"after": "gitlab456",
|
||||
"user_name": "gitlab-dev",
|
||||
"user_email": "dev@gitlab.com",
|
||||
"project": {
|
||||
"path_with_namespace": "group/project",
|
||||
"git_http_url": "https://gitlab.com/group/project.git",
|
||||
"web_url": "https://gitlab.com/group/project"
|
||||
},
|
||||
"commits": [
|
||||
{
|
||||
"id": "gitlab456",
|
||||
"url": "https://gitlab.com/group/project/-/commit/gitlab456",
|
||||
"message": "Deploy fix"
|
||||
}
|
||||
]
|
||||
}`)
|
||||
|
||||
err := svc.HandleWebhook(
|
||||
context.Background(), app, webhook.SourceGitLab, "push", payload,
|
||||
)
|
||||
require.NoError(t, err)
|
||||
|
||||
// Allow async deployment goroutine to complete before test cleanup
|
||||
time.Sleep(100 * time.Millisecond)
|
||||
|
||||
events, err := app.GetWebhookEvents(context.Background(), 10)
|
||||
require.NoError(t, err)
|
||||
require.Len(t, events, 1)
|
||||
|
||||
event := events[0]
|
||||
assert.Equal(t, "main", event.Branch)
|
||||
assert.True(t, event.Matched)
|
||||
assert.Equal(t, "gitlab456", event.CommitSHA.String)
|
||||
assert.Equal(t, "https://gitlab.com/group/project/-/commit/gitlab456", event.CommitURL.String)
|
||||
}
|
||||
|
||||
// TestSetupTestService verifies the test helper creates a working test service.
|
||||
func TestSetupTestService(testingT *testing.T) {
|
||||
testingT.Parallel()
|
||||
@@ -955,25 +347,3 @@ func TestSetupTestService(testingT *testing.T) {
|
||||
require.NoError(t, err)
|
||||
})
|
||||
}
|
||||
|
||||
// TestPushEventConstruction tests that PushEvent can be constructed directly.
|
||||
func TestPushEventConstruction(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
||||
event := webhook.PushEvent{
|
||||
Source: webhook.SourceGitHub,
|
||||
Ref: "refs/heads/main",
|
||||
Before: "000",
|
||||
After: "abc",
|
||||
Branch: "main",
|
||||
RepoName: "org/repo",
|
||||
CloneURL: webhook.UnparsedURL("https://github.com/org/repo.git"),
|
||||
HTMLURL: webhook.UnparsedURL("https://github.com/org/repo"),
|
||||
CommitURL: webhook.UnparsedURL("https://github.com/org/repo/commit/abc"),
|
||||
Pusher: "user",
|
||||
}
|
||||
|
||||
assert.Equal(t, "main", event.Branch)
|
||||
assert.Equal(t, webhook.SourceGitHub, event.Source)
|
||||
assert.Equal(t, "abc", event.After)
|
||||
}
|
||||
|
||||
121
script/bootstrap
121
script/bootstrap
@@ -1,121 +0,0 @@
|
||||
#!/bin/sh
|
||||
# script/bootstrap: install all dependencies needed to build and develop
|
||||
# this repo. Idempotent: every install is guarded by a check so already
|
||||
# installed tools are skipped. Base tooling comes from nix, apt, brew,
|
||||
# or apk (detected in that order); assumes NOTHING is present (not git,
|
||||
# make, or go). golangci-lint is packaged in nix, brew, and apk; on apt
|
||||
# it is installed from a hash-verified GitHub release archive (never
|
||||
# curl | sh).
|
||||
set -eu
|
||||
|
||||
ROOT="$(cd "$(dirname "$0")/.." && pwd -P)"
|
||||
|
||||
# Pinned versions, 2026-07-07. Never "latest"; exact versions only.
|
||||
GOLANGCI_LINT_VERSION="2.10.1"
|
||||
# sha256 of golangci-lint-2.10.1-linux-<arch>.tar.gz release archives
|
||||
GOLANGCI_LINT_SHA256_AMD64="dfa775874cf0561b404a02a8f4481fc69b28091da95aa697259820d429b09c99"
|
||||
GOLANGCI_LINT_SHA256_ARM64="6652b42ae02915eb2f9cb2a2e0cac99514c8eded8388d88ae3e06e1a52c00de8"
|
||||
|
||||
PKGMGR=""
|
||||
SUDO=""
|
||||
|
||||
detect_pkgmgr() {
|
||||
[ -n "$PKGMGR" ] && return 0
|
||||
if command -v nix-env >/dev/null 2>&1; then
|
||||
PKGMGR="nix"
|
||||
elif command -v apt-get >/dev/null 2>&1; then
|
||||
PKGMGR="apt"
|
||||
elif command -v brew >/dev/null 2>&1; then
|
||||
PKGMGR="brew"
|
||||
elif command -v apk >/dev/null 2>&1; then
|
||||
PKGMGR="apk"
|
||||
else
|
||||
echo "bootstrap: no supported package manager (nix, apt, brew, apk)" >&2
|
||||
exit 1
|
||||
fi
|
||||
if [ "$PKGMGR" = "apt" ]; then
|
||||
export DEBIAN_FRONTEND=noninteractive
|
||||
if [ "$(id -u)" != "0" ]; then
|
||||
SUDO="sudo"
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
# pkg_install <nix-attr> <apt-pkg> <brew-formula> <apk-pkg>
|
||||
pkg_install() {
|
||||
detect_pkgmgr
|
||||
case "$PKGMGR" in
|
||||
nix) nix-env -iA "nixpkgs.$1" ;;
|
||||
apt) $SUDO env DEBIAN_FRONTEND=noninteractive apt-get install -y "$2" ;;
|
||||
brew) brew install "$3" ;;
|
||||
apk) apk add --no-cache "$4" ;;
|
||||
esac
|
||||
}
|
||||
|
||||
missing() {
|
||||
! command -v "$1" >/dev/null 2>&1
|
||||
}
|
||||
|
||||
# verify_sha256 <file> <expected-hash>
|
||||
verify_sha256() {
|
||||
if command -v sha256sum >/dev/null 2>&1; then
|
||||
actual="$(sha256sum "$1" | cut -d' ' -f1)"
|
||||
else
|
||||
actual="$(shasum -a 256 "$1" | cut -d' ' -f1)"
|
||||
fi
|
||||
if [ "$actual" != "$2" ]; then
|
||||
echo "bootstrap: sha256 mismatch for $1" >&2
|
||||
echo " expected: $2" >&2
|
||||
echo " actual: $actual" >&2
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
# apt has no golangci-lint package: install a pinned release archive
|
||||
# from GitHub, verified by hardcoded sha256 (never curl | sh).
|
||||
install_golangci_lint_release() {
|
||||
case "$(uname -m)" in
|
||||
x86_64) goarch="amd64"; sha="$GOLANGCI_LINT_SHA256_AMD64" ;;
|
||||
aarch64|arm64) goarch="arm64"; sha="$GOLANGCI_LINT_SHA256_ARM64" ;;
|
||||
*)
|
||||
echo "bootstrap: unsupported architecture $(uname -m)" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
if missing curl; then pkg_install curl curl curl curl; fi
|
||||
name="golangci-lint-${GOLANGCI_LINT_VERSION}-linux-${goarch}"
|
||||
tmp="$(mktemp -d)"
|
||||
curl -fsSL -o "$tmp/$name.tar.gz" \
|
||||
"https://github.com/golangci/golangci-lint/releases/download/v${GOLANGCI_LINT_VERSION}/${name}.tar.gz"
|
||||
verify_sha256 "$tmp/$name.tar.gz" "$sha"
|
||||
tar -xzf "$tmp/$name.tar.gz" -C "$tmp"
|
||||
$SUDO install -m 0755 "$tmp/$name/golangci-lint" /usr/local/bin/golangci-lint
|
||||
rm -rf "$tmp"
|
||||
}
|
||||
|
||||
ensure_golangci_lint() {
|
||||
if ! missing golangci-lint; then return 0; fi
|
||||
detect_pkgmgr
|
||||
case "$PKGMGR" in
|
||||
apt) install_golangci_lint_release ;;
|
||||
*) pkg_install golangci-lint golangci-lint golangci-lint golangci-lint ;;
|
||||
esac
|
||||
}
|
||||
|
||||
main() {
|
||||
cd "$ROOT"
|
||||
|
||||
# Base tooling
|
||||
if missing git; then pkg_install git git git git; fi
|
||||
if missing make; then pkg_install gnumake make make make; fi
|
||||
|
||||
# Go toolchain and linter
|
||||
if missing go; then pkg_install go golang go go; fi
|
||||
ensure_golangci_lint
|
||||
|
||||
go mod download
|
||||
|
||||
echo "bootstrap complete"
|
||||
}
|
||||
|
||||
main "$@"
|
||||
15
script/check
15
script/check
@@ -1,15 +0,0 @@
|
||||
#!/bin/sh
|
||||
# script/check: run all checks (test, lint, fmt-check). Our own
|
||||
# extension to scripts-to-rule-them-all. Must not modify any files.
|
||||
# Generic: usually needs no adaptation.
|
||||
set -eu
|
||||
|
||||
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd -P)"
|
||||
|
||||
main() {
|
||||
"$SCRIPT_DIR/test"
|
||||
"$SCRIPT_DIR/lint"
|
||||
"$SCRIPT_DIR/fmt-check"
|
||||
}
|
||||
|
||||
main "$@"
|
||||
@@ -1,15 +0,0 @@
|
||||
#!/bin/sh
|
||||
# script/cibuild: run the CI build. The Dockerfile runs the checks
|
||||
# (make fmt-check, lint, test), so a successful build implies a green
|
||||
# repo. Generic: needs no adaptation. The Gitea workflow runs this on
|
||||
# push.
|
||||
set -eu
|
||||
|
||||
ROOT="$(cd "$(dirname "$0")/.." && pwd -P)"
|
||||
|
||||
main() {
|
||||
cd "$ROOT"
|
||||
docker build .
|
||||
}
|
||||
|
||||
main "$@"
|
||||
@@ -1,15 +0,0 @@
|
||||
#!/bin/sh
|
||||
# script/docker: build the Docker image tagged with the project name.
|
||||
# Identical in all repos; the tag comes from script/projectname.
|
||||
# Generic: needs no adaptation.
|
||||
set -eu
|
||||
|
||||
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd -P)"
|
||||
ROOT="$(cd "$SCRIPT_DIR/.." && pwd -P)"
|
||||
|
||||
main() {
|
||||
cd "$ROOT"
|
||||
docker build -t "$("$SCRIPT_DIR/projectname")" .
|
||||
}
|
||||
|
||||
main "$@"
|
||||
14
script/fmt
14
script/fmt
@@ -1,14 +0,0 @@
|
||||
#!/bin/sh
|
||||
# script/fmt: format all files (writes).
|
||||
set -eu
|
||||
|
||||
ROOT="$(cd "$(dirname "$0")/.." && pwd -P)"
|
||||
|
||||
main() {
|
||||
cd "$ROOT"
|
||||
gofmt -s -w .
|
||||
goimports -w .
|
||||
npx prettier --write --tab-width 4 static/js/*.js
|
||||
}
|
||||
|
||||
main "$@"
|
||||
@@ -1,17 +0,0 @@
|
||||
#!/bin/sh
|
||||
# script/fmt-check: check formatting (read-only). Same scope as
|
||||
# script/fmt, but fails instead of writing.
|
||||
set -eu
|
||||
|
||||
ROOT="$(cd "$(dirname "$0")/.." && pwd -P)"
|
||||
|
||||
main() {
|
||||
cd "$ROOT"
|
||||
if [ -n "$(gofmt -l .)" ]; then
|
||||
echo "Files not formatted:"
|
||||
gofmt -l .
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
main "$@"
|
||||
@@ -1,16 +0,0 @@
|
||||
#!/bin/sh
|
||||
# script/install-precommit: install the git pre-commit hook that runs
|
||||
# script/precommit. Our own extension to scripts-to-rule-them-all.
|
||||
# Generic: needs no adaptation.
|
||||
set -eu
|
||||
|
||||
ROOT="$(cd "$(dirname "$0")/.." && pwd -P)"
|
||||
|
||||
main() {
|
||||
cd "$ROOT"
|
||||
printf '#!/bin/sh\nset -e\nscript/precommit\n' > .git/hooks/pre-commit
|
||||
chmod +x .git/hooks/pre-commit
|
||||
echo "pre-commit hook installed: runs script/precommit"
|
||||
}
|
||||
|
||||
main "$@"
|
||||
12
script/lint
12
script/lint
@@ -1,12 +0,0 @@
|
||||
#!/bin/sh
|
||||
# script/lint: run the linter.
|
||||
set -eu
|
||||
|
||||
ROOT="$(cd "$(dirname "$0")/.." && pwd -P)"
|
||||
|
||||
main() {
|
||||
cd "$ROOT"
|
||||
golangci-lint run --config .golangci.yml ./...
|
||||
}
|
||||
|
||||
main "$@"
|
||||
@@ -1,21 +0,0 @@
|
||||
#!/bin/sh
|
||||
# script/precommit: run by the git pre-commit hook; fails the commit if
|
||||
# checks fail. Our own extension to scripts-to-rule-them-all. Go repo
|
||||
# extras: go mod tidy must not change go.mod/go.sum.
|
||||
set -eu
|
||||
|
||||
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd -P)"
|
||||
ROOT="$(cd "$SCRIPT_DIR/.." && pwd -P)"
|
||||
|
||||
main() {
|
||||
cd "$ROOT"
|
||||
go mod tidy
|
||||
git diff --exit-code -- go.mod go.sum || {
|
||||
echo "precommit: go mod tidy changed go.mod/go.sum;" \
|
||||
"stage the changes and retry" >&2
|
||||
exit 1
|
||||
}
|
||||
"$SCRIPT_DIR/check"
|
||||
}
|
||||
|
||||
main "$@"
|
||||
@@ -1,12 +0,0 @@
|
||||
#!/bin/sh
|
||||
# script/projectname: output the name of this project. Our own
|
||||
# extension to scripts-to-rule-them-all. Other scripts that need the
|
||||
# name (e.g. script/docker) call this, so they can stay identical
|
||||
# across all repos.
|
||||
set -eu
|
||||
|
||||
main() {
|
||||
echo "upaas"
|
||||
}
|
||||
|
||||
main "$@"
|
||||
14
script/setup
14
script/setup
@@ -1,14 +0,0 @@
|
||||
#!/bin/sh
|
||||
# script/setup: set up the repo for development after a fresh clone:
|
||||
# installs dependencies (script/bootstrap) and the git pre-commit hook.
|
||||
# Add any repo-specific initialization (db init, .env template) here.
|
||||
set -eu
|
||||
|
||||
SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd -P)"
|
||||
|
||||
main() {
|
||||
"$SCRIPT_DIR/bootstrap"
|
||||
"$SCRIPT_DIR/install-precommit"
|
||||
}
|
||||
|
||||
main "$@"
|
||||
12
script/test
12
script/test
@@ -1,12 +0,0 @@
|
||||
#!/bin/sh
|
||||
# script/test: run the test suite.
|
||||
set -eu
|
||||
|
||||
ROOT="$(cd "$(dirname "$0")/.." && pwd -P)"
|
||||
|
||||
main() {
|
||||
cd "$ROOT"
|
||||
go test -v -race -cover -timeout 30s ./...
|
||||
}
|
||||
|
||||
main "$@"
|
||||
Reference in New Issue
Block a user