Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add API route to list org secrets #26485

Merged
merged 21 commits into from
Aug 15, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
21 commits
Select commit Hold shift + click to select a range
a1ac892
feat: add new functions and files related to secrets management
appleboy Aug 14, 2023
3fd8201
feat: add API endpoint for listing organization's actions secrets
appleboy Aug 14, 2023
ae362b5
Update models/secret/secret.go
appleboy Aug 14, 2023
8a502a2
Update modules/structs/secret.go
appleboy Aug 14, 2023
b54742d
Update routers/api/v1/org/action.go
appleboy Aug 14, 2023
9f48dfc
feat: add support for Swagger secret list in API v1
appleboy Aug 14, 2023
bdf18bb
Merge branch 'api' of https://github.com/appleboy/gitea into api
appleboy Aug 14, 2023
e6c2a01
refactor: consolidate function names for counting secrets
appleboy Aug 14, 2023
ab59235
backup
appleboy Aug 14, 2023
473b027
Merge branch 'main' into api
appleboy Aug 14, 2023
5dc1f25
Update routers/api/v1/api.go
appleboy Aug 14, 2023
ff80b03
refactor: refactor `Secret` struct field name to `created_at`
appleboy Aug 14, 2023
dba1714
Merge branch 'main' into api
appleboy Aug 14, 2023
d72bcee
refactor: refactor property name in User object
appleboy Aug 14, 2023
50ce300
Merge branch 'main' into api
appleboy Aug 14, 2023
f5e05f8
Merge branch 'main' into api
appleboy Aug 15, 2023
26beefd
refactor: refactor code for checking organization membership and admi…
appleboy Aug 15, 2023
3e162be
Merge branch 'api' of https://github.com/appleboy/gitea into api
appleboy Aug 15, 2023
1a829f8
Merge branch 'main' into api
appleboy Aug 15, 2023
f15ad0e
Merge branch 'main' into api
GiteaBot Aug 15, 2023
4c7efe4
Merge branch 'main' into api
GiteaBot Aug 15, 2023
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions models/secret/secret.go
Original file line number Diff line number Diff line change
Expand Up @@ -88,3 +88,8 @@ func FindSecrets(ctx context.Context, opts FindSecretsOptions) ([]*Secret, error
Where(opts.toConds()).
Find(&secrets)
}

// CountSecrets counts the secrets
func CountSecrets(ctx context.Context, opts *FindSecretsOptions) (int64, error) {
return db.GetEngine(ctx).Where(opts.toConds()).Count(new(Secret))
}
15 changes: 15 additions & 0 deletions modules/structs/secret.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
// Copyright 2023 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT

package structs

import "time"

// User represents a secret
// swagger:model
type Secret struct {
// the secret's name
Name string `json:"name"`
// swagger:strfmt date-time
Created time.Time `json:"created_at"`
}
3 changes: 3 additions & 0 deletions routers/api/v1/api.go
Original file line number Diff line number Diff line change
Expand Up @@ -1298,6 +1298,9 @@ func Routes() *web.Route {
m.Combo("/{username}").Get(reqToken(), org.IsMember).
Delete(reqToken(), reqOrgOwnership(), org.DeleteMember)
})
m.Group("/actions/secrets", func() {
m.Get("", reqToken(), reqOrgOwnership(), org.ListActionsSecrets)
})
m.Group("/public_members", func() {
m.Get("", org.ListPublicMembers)
m.Combo("/{username}").Get(org.IsPublicMember).
Expand Down
72 changes: 72 additions & 0 deletions routers/api/v1/org/action.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
// Copyright 2023 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT

package org

import (
"net/http"

"code.gitea.io/gitea/models/secret"
"code.gitea.io/gitea/modules/context"
api "code.gitea.io/gitea/modules/structs"
"code.gitea.io/gitea/routers/api/v1/utils"
)

// ListActionsSecrets list an organization's actions secrets
func ListActionsSecrets(ctx *context.APIContext) {
// swagger:operation GET /orgs/{org}/actions/secrets organization orgListActionsSecrets
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Erm… User secrets exist too already.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That and we were not sure if we keep them action-only.
I think it is better to omit the actions/ part from the URL.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Or do you explicitly only want to return the action secrets here?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copy link
Member

@delvh delvh Aug 14, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So, what do we do in this case?
Deviate from the GitHub standard?
Add extra routes, and mark this one as deprecated with a comment only for compatibility with the GitHub API?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm sorry if my previous response was unclear. Please provide more details or elaborate on what you want me to explain. Thank you.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. We try to be compatible with GitHub API where possible, so far so good
  2. I think this is the wrong URL for that route, I suggest /orgs/{org}/secrets//users/{user}/secrets instead

That leaves the question what to do with the missing URL.
I suggest adding three routes in this PR: The two mentioned above, and the one you already implemented.
However, as the third should only be used by existing scripts and nothing else, I recommend marking this route as // deprecated: true with a comment that it is only intended for GitHub API compatibility and that our routes are the other two above instead.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As I said in #24200 (comment) , we can provide other API routes for more purposes but share the data table.

So LGTM.

// ---
// summary: List an organization's actions secrets
// produces:
// - application/json
// parameters:
// - name: org
// in: path
// description: name of the organization
// type: string
// required: true
// - name: page
// in: query
// description: page number of results to return (1-based)
// type: integer
// - name: limit
// in: query
// description: page size of results
// type: integer
// responses:
// "200":
// "$ref": "#/responses/SecretList"

listActionsSecrets(ctx)
lunny marked this conversation as resolved.
Show resolved Hide resolved
}

// listActionsSecrets list an organization's actions secrets
func listActionsSecrets(ctx *context.APIContext) {
opts := &secret.FindSecretsOptions{
OwnerID: ctx.Org.Organization.ID,
ListOptions: utils.GetListOptions(ctx),
}

count, err := secret.CountSecrets(ctx, opts)
if err != nil {
ctx.InternalServerError(err)
return
}

secrets, err := secret.FindSecrets(ctx, *opts)
if err != nil {
ctx.InternalServerError(err)
return
}

apiSecrets := make([]*api.Secret, len(secrets))
for k, v := range secrets {
apiSecrets[k] = &api.Secret{
Name: v.Name,
Created: v.CreatedUnix.AsTime(),
}
}

ctx.SetTotalCountHeader(count)
ctx.JSON(http.StatusOK, apiSecrets)
}
13 changes: 13 additions & 0 deletions routers/api/v1/swagger/action.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
// Copyright 2023 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT

package swagger

import api "code.gitea.io/gitea/modules/structs"

// SecretList
// swagger:response SecretList
type swaggerResponseSecretList struct {
// in:body
Body []api.Secret `json:"body"`
}
64 changes: 64 additions & 0 deletions templates/swagger/v1_json.tmpl

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.