Gitea drone #28
Gitea drone #28
Conversation
The script checks and compares if there is a secret on the cluster, and whether is matches with the oauth in Gitea. If it maches, it checks whether authorization for that oauth key is granted, if not grant it as well. That way human interaction is minimized. redkubes/unassigned-issues#170, linode/apl-core#364, #26
Renamed class to GiteaDroneOAuth so it is more descriptive #26
Removed an uncessary else statement #26
add debug logs to find issue in compiled code #26
Added more debug logs to find the issue #26
Print error message along trace #26
for some reason the program doesn't want to eat it's cookies, trying to see what's in them that it doesn't like #26
Needed to set redirect uri to drone instead of gitea #26
Found issue (redirect uri), fixed it, now is clean up time #26
Seems like when oauth is ready, it will follow redirect. Don't want/need that. #26
values repo was by default public (whoops) - now it's private redkubes/unassigned-issues#170
|
@Morriz and @j-zimnowoda I implemented your suggestions, rewrote part of the script to make it better testable. Hope all is well now? |
Based on @j-zimnowoda review, use already encoded values #26 #28
src/tasks/gitea/gitea-drone-oauth.ts
Outdated
| } else if (oauthApps.length == 0) { | ||
| console.log("Gitea doesn't have any oauth application defined") |
There was a problem hiding this comment.
Please understand it is WE who add them, so WE are in control. WE can check if one exists and NEVER insert another.
| afterEach(() => { | ||
| sandbox.restore() | ||
| }) | ||
| it('should successfully validate secret', () => { |
There was a problem hiding this comment.
The secret content is validated through typing as a contract. No logic is involved there. No tests should exist therefor.
Can we please move on?
| }) | ||
| }) | ||
|
|
||
| describe('Gitea-Drone: Parse CSRF Token', () => { |
There was a problem hiding this comment.
Really? After all my comments you still advocate for useless tests?
| }) | ||
| }) | ||
|
|
||
| describe('Gitea-Drone: Parse CSRF Token', () => { |
There was a problem hiding this comment.
when I say use the force it means you don't come up with it yourself but instead use the powers given to you through open source software. Use micro libraries to avoid inventing a cookie parser.
src/tasks/gitea/gitea-drone-oauth.ts
Outdated
| try { | ||
| await axios.request(grantOptions) | ||
| } catch (error) { | ||
| // Do nothing, error code could be on the redirect |
There was a problem hiding this comment.
Ok, that is fine. Just put these remarks there in the comment to be precise.
src/tasks/gitea/gitea-drone-oauth.ts
Outdated
|
|
||
| export function isSecretValid(remoteSecret: DroneSecret, oauthApps: OAuth2Application[]): boolean { | ||
| if (!remoteSecret) { | ||
| console.log('Remote secret was not found') |
src/tasks/gitea/gitea-drone-oauth.ts
Outdated
| if (!remoteSecret) { | ||
| console.log('Remote secret was not found') | ||
| } else if (remoteSecret.clientId.length == 0 || remoteSecret.clientSecret.length == 0) { | ||
| console.log('Remote secret values were empty') |
There was a problem hiding this comment.
If we determine that the preconditions have not been met we should just fail.
src/tasks/gitea/gitea-drone-oauth.ts
Outdated
| (x) => x.name === oauthOpts.name, | ||
| ) | ||
| // If secret exists (correctly) and oauth apps are (still) defined, everything is good | ||
| if (isSecretValid(remoteSecret, oauthApps)) { |
There was a problem hiding this comment.
Please read my comments about why I think it should not even exist
|
I would really like to see my remarks implemented and move on with the release of this. Can you please proceed and just remove the tests I deemed invalid? |
| afterEach(() => { | ||
| sandbox.restore() | ||
| }) | ||
| it('should successfully validate secret', () => { |
There was a problem hiding this comment.
The typing is static and has nothing to do with code execution
There was a problem hiding this comment.
@Morriz this PR is a mess that you have made.
There are way too many changes that you did not agree with the team.
This is not healthy. You also removed a lot of tests without justifying it.
The Wild West coast of yours makes the team highly inefficient.
|
The changes are refactoring changes, not functional. None of those unit tests I removed tested any of the code we have. Please check your statements. |
|
It is far from a "mess" imo and is a better starting point to create any tests on iyam. Fortunately, the tasks are extremely robust and idempotent, and well tested manually. So I am not afraid about missing tests here. I urge any in our team to really read up on testing practices and only write tests that cover our code paths. I can present one in this repo next week as an example... |
Update tasks to allow Gitea to get client ID/Secret for Drone to work/implement with Gitea
Fixes: #26