Shiloh/lasthourcloud
Shiloh/lasthourcloud
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases 4 Wiki Activity

feat: save github app permission locally

Browse Source
This commit is contained in:
Andras Bacsai 2024-02-20 18:14:47 +01:00
parent a102099ac1
commit f7ebc8a88c
5 changed files with 157 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
app/Console/Kernel.php
View File

@ -4,7 +4,6 @@
use App\Jobs\CheckLogDrainContainerJob;
use App\Jobs\CleanupInstanceStuffsJob;
use App\Jobs\ComplexContainerStatusJob;
use App\Jobs\DatabaseBackupJob;
use App\Jobs\ScheduledTaskJob;
use App\Jobs\InstanceAutoUpdateJob;

59
app/Jobs/GithubAppPermissionJob.php Normal file
View File

@ -0,0 +1,59 @@
<?php
namespace App\Jobs;
use App\Models\GithubApp;
use Illuminate\Bus\Queueable;
use Illuminate\Contracts\Queue\ShouldBeEncrypted;
use Illuminate\Contracts\Queue\ShouldQueue;
use Illuminate\Foundation\Bus\Dispatchable;
use Illuminate\Queue\InteractsWithQueue;
use Illuminate\Queue\Middleware\WithoutOverlapping;
use Illuminate\Queue\SerializesModels;
use Illuminate\Support\Facades\Http;
class GithubAppPermissionJob implements ShouldQueue, ShouldBeEncrypted
{
use Dispatchable, InteractsWithQueue, Queueable, SerializesModels;
public $tries = 4;
public function backoff(): int
{
return isDev() ? 1 : 3;
}
public function __construct(public GithubApp $github_app)
{
}
public function middleware(): array
{
return [(new WithoutOverlapping($this->github_app->uuid))];
}
public function uniqueId(): int
{
return $this->github_app->uuid;
}
public function handle()
{
try {
$github_access_token = generate_github_jwt_token($this->github_app);
$response = Http::withHeaders([
'Authorization' => "Bearer $github_access_token",
'Accept' => 'application/vnd.github+json'
])->get("{$this->github_app->api_url}/app");
$response = $response->json();
$permissions = data_get($response, 'permissions');
$this->github_app->contents = data_get($permissions, 'contents');
$this->github_app->metadata = data_get($permissions, 'metadata');
$this->github_app->pull_requests = data_get($permissions, 'pull_requests');
$this->github_app->administration = data_get($permissions, 'administration');
$this->github_app->save();
$this->github_app->makeVisible('client_secret')->makeVisible('webhook_secret');
} catch (\Throwable $e) {
send_internal_notification('GithubAppPermissionJob failed with: ' . $e->getMessage());
ray($e->getMessage());
throw $e;
}
}
}

20
app/Livewire/Source/Github/Change.php
View File

@ -2,6 +2,7 @@
namespace App\Livewire\Source\Github;
use App\Jobs\GithubAppPermissionJob;
use App\Models\GithubApp;
use App\Models\InstanceSettings;
use Illuminate\Support\Facades\Http;
@ -35,8 +36,18 @@ class Change extends Component
'github_app.client_secret' => 'required|string',
'github_app.webhook_secret' => 'required|string',
'github_app.is_system_wide' => 'required|bool',
'github_app.contents' => 'nullable|string',
'github_app.metadata' => 'nullable|string',
'github_app.pull_requests' => 'nullable|string',
'github_app.administration' => 'nullable|string',
];
public function checkPermissions()
{
GithubAppPermissionJob::dispatchSync($this->github_app);
$this->github_app->refresh()->makeVisible('client_secret')->makeVisible('webhook_secret');
$this->dispatch('success', 'Success', 'Github App permissions updated.');
}
// public function check()
// {
@ -138,7 +149,7 @@ public function submit()
'github_app.is_system_wide' => 'required|bool',
]);
$this->github_app->save();
$this->dispatch('success', 'Github App updated successfully.');
$this->dispatch('success', 'Success', 'Github App updated.');
} catch (\Throwable $e) {
return handleError($e, $this);
}
@ -146,6 +157,13 @@ public function submit()
public function instantSave()
{
try {
$this->github_app->makeVisible('client_secret')->makeVisible('webhook_secret');
$this->github_app->save();
$this->dispatch('success', 'Success', 'Github App updated.');
} catch (\Throwable $e) {
return handleError($e, $this);
}
}
public function delete()

34
database/migrations/2024_02_20_165045_add_permissions_to_github_app.php Normal file
View File

@ -0,0 +1,34 @@
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
return new class extends Migration
{
/**
* Run the migrations.
*/
public function up(): void
{
Schema::table('github_apps', function (Blueprint $table) {
$table->string('contents')->nullable();
$table->string('metadata')->nullable();
$table->string('pull_requests')->nullable();
$table->string('administration')->nullable();
});
}
/**
* Reverse the migrations.
*/
public function down(): void
{
Schema::table('github_apps', function (Blueprint $table) {
$table->dropColumn('contents');
$table->dropColumn('metadata');
$table->dropColumn('pull_requests');
$table->dropColumn('administration');
});
}
};

77
resources/views/livewire/source/github/change.blade.php
View File

@ -16,7 +16,6 @@
<x-new-modal isErrorButton buttonTitle="Delete">
This source will be deleted. It is not reversible. <br>Please think again.
</x-new-modal>
{{-- <x-forms.button wire:click.prevent="check">Check</x-forms.button> --}}
</div>
</div>
<div class="subtitle">Your Private GitHub App for private repositories.</div>
@ -33,39 +32,53 @@
Install Repositories on GitHub
</a>
@else
@if (!isCloud())
<div class="w-48">
<x-forms.checkbox label="System Wide?"
helper="If checked, this GitHub App will be available for everyone in this Coolify instance."
instantSave id="github_app.is_system_wide" />
<div class="flex flex-col gap-2">
<div class="flex gap-2">
<x-forms.input id="github_app.name" label="App Name" disabled />
<x-forms.input id="github_app.organization" label="Organization" disabled
placeholder="If empty, personal user will be used" />
</div>
@endif
<div class="flex gap-2">
<x-forms.input id="github_app.name" label="App Name" disabled />
<x-forms.input id="github_app.organization" label="Organization" disabled
placeholder="If empty, personal user will be used" />
</div>
<div class="flex gap-2">
<x-forms.input id="github_app.html_url" label="HTML Url" disabled />
<x-forms.input id="github_app.api_url" label="API Url" disabled />
</div>
<div class="flex gap-2">
@if ($github_app->html_url === 'https://github.com')
<x-forms.input id="github_app.custom_user" label="User" disabled />
<x-forms.input type="number" id="github_app.custom_port" label="Port" disabled />
@else
<x-forms.input id="github_app.custom_user" label="User" required />
<x-forms.input type="number" id="github_app.custom_port" label="Port" required />
@if (!isCloud())
<div class="w-48">
<x-forms.checkbox label="System Wide?"
helper="If checked, this GitHub App will be available for everyone in this Coolify instance."
instantSave id="github_app.is_system_wide" />
</div>
@endif
</div>
<div class="flex gap-2">
<x-forms.input type="number" id="github_app.app_id" label="App Id" disabled />
<x-forms.input type="number" id="github_app.installation_id" label="Installation Id" disabled />
</div>
<div class="flex gap-2">
<x-forms.input id="github_app.client_id" label="Client Id" type="password" disabled />
<x-forms.input id="github_app.client_secret" label="Client Secret" type="password" />
<x-forms.input id="github_app.webhook_secret" label="Webhook Secret" type="password" />
<div class="flex gap-2">
<x-forms.input id="github_app.html_url" label="HTML Url" disabled />
<x-forms.input id="github_app.api_url" label="API Url" disabled />
</div>
<div class="flex gap-2">
@if ($github_app->html_url === 'https://github.com')
<x-forms.input id="github_app.custom_user" label="User" disabled />
<x-forms.input type="number" id="github_app.custom_port" label="Port" disabled />
@else
<x-forms.input id="github_app.custom_user" label="User" required />
<x-forms.input type="number" id="github_app.custom_port" label="Port" required />
@endif
</div>
<div class="flex gap-2">
<x-forms.input type="number" id="github_app.app_id" label="App Id" disabled />
<x-forms.input type="number" id="github_app.installation_id" label="Installation Id"
disabled />
</div>
<div class="flex gap-2">
<x-forms.input id="github_app.client_id" label="Client Id" type="password" disabled />
<x-forms.input id="github_app.client_secret" label="Client Secret" type="password" />
<x-forms.input id="github_app.webhook_secret" label="Webhook Secret" type="password" />
</div>
<div class="flex items-end gap-2 ">
<h3 class="pt-4">Permissions</h3>
<x-forms.button wire:click.prevent="checkPermissions">Check Permissions</x-forms.button>
</div>
<div class="flex gap-2">
<x-forms.input id="github_app.contents" helper="read - mandatory." label="Content" readonly placeholder="N/A" />
<x-forms.input id="github_app.metadata" helper="read - mandatory." label="Metadata" readonly placeholder="N/A" />
<x-forms.input id="github_app.administration" helper="read:write access needed to setup servers as GitHub Runner." label="Administration" readonly
placeholder="N/A" />
<x-forms.input id="github_app.pull_requests" helper="write access needed to use deployment status update in previews." label="Pull Request" readonly placeholder="N/A" />
</div>
</div>
@endif
</form>