Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[infra] Adds order id validation action #13957

Merged
merged 4 commits into from
Jul 24, 2024
Merged

[infra] Adds order id validation action #13957

merged 4 commits into from
Jul 24, 2024

Conversation

michelengelen
Copy link
Member

adds an action to the repository to check the order id and apply a label based on the plan used . The action is built using JavaScript and available here: https://github.com/michelengelen/mui-order-id-validation

@michelengelen michelengelen added the scope: infra Org infrastructure work going on behind the scenes label Jul 23, 2024
@michelengelen michelengelen self-assigned this Jul 23, 2024
@mui-bot
Copy link

mui-bot commented Jul 23, 2024
edited
Loading

Deploy preview: https://deploy-preview-13957--material-ui-x.netlify.app/

Generated by 🚫 dangerJS against a576ca9

@github-actions github-actions bot added the PR: out-of-date The pull request has merge conflicts and can't be merged label Jul 24, 2024
@github-actions GitHub Actions
Copy link

This pull request has conflicts, please resolve those before we can evaluate the pull request.

@michelengelen
Merge branch 'master' into automation/order-id-validator
a576ca9 
Signed-off-by: Michel Engelen <32863416+michelengelen@users.noreply.github.com>
@github-actions github-actions bot removed the PR: out-of-date The pull request has merge conflicts and can't be merged label Jul 24, 2024
@michelengelen michelengelen enabled auto-merge (squash) July 24, 2024 11:20
@michelengelen michelengelen mentioned this pull request Jul 24, 2024
Closed
@michelengelen michelengelen merged commit 3a1b595 into mui:master Jul 24, 2024
15 checks passed
@michelengelen michelengelen deleted the automation/order-id-validator branch July 24, 2024 13:24
oliviertassinari
oliviertassinari reviewed Aug 15, 2024
View reviewed changes
Copy link
Member

@oliviertassinari oliviertassinari left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The change reminds me of https://www.notion.so/mui-org/support-MUI-X-Paid-support-verification-b8fa22d65bb2437c8d6beab5b7f29b5a. It won't solve the case of people lying about their order id, but it will save time to the engineers when doing support, no need to valid the order id. It will also improve the customer experience as we would know earlier the plan hence the SLA an issue is under. Nice 👍

.github/workflows/order-id-validator.yml
REPO: ${{ github.event.repository.name }}
ISSUE_NUMBER: ${{ github.event.issue.number }}
TOKEN: ${{ secrets.GITHUB_TOKEN }}
ORDER_API_TOKEN: ${{ secrets.SHOP_AUTH_TOKEN }}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@hasdfa we have the following keys in use today

https://store-wp.mui.com/wp-admin/admin.php?page=wc-settings&tab=advanced&section=keys

It feels like we should create a new one specifically for GitHub Actions so we can reduce disruption in case of a security leak. How about we make the change?

@michelengelen which key did you use?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@oliviertassinari I did use the one from the private toolpad app

Copy link
Member

@oliviertassinari oliviertassinari Aug 25, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, I have created an organization secret for the GitHub action, easier to rotate this way.

Copy link
Member

@oliviertassinari oliviertassinari Aug 28, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I broke the GitHub Action with this token change.

We are back up and running with 113a612, e.g. #14380 as a proof. With this change:

  • It now shows a clear error. This will be helpful in the future when our token gets revoked:
SCR-20240828-upvz

Source: https://github.com/oliviertassinari/mui-x/actions/runs/10604955513/job/29392734749

scripts/oderIdValidation.js
core.setFailed('No Pro or Premium plan found in order');
}

const planName = plan.match(/\b(pro|premium)\b/i)[0].toLowerCase();
Copy link
Member

@oliviertassinari oliviertassinari Aug 15, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe @hasdfa is working on a way to store the plan as a specific field on the product of the orders. We should be able to rely on something more reliable in the future.

scripts/oderIdValidation.js
}

const planName = plan.match(/\b(pro|premium)\b/i)[0].toLowerCase();
const labelName = `support: ${planName}`;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We might want to use plain strings here so we can more easily search in the codebase and find hits.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

good point ... will add it later

scripts/oderIdValidation.js
});
const orderDetails = await order.json();
const plan =
orderDetails.line_items?.filter((item) => item.name.test(/\b(pro|premium)\b/i))[0].name ||
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have products that have "pro" in their title, e.g. https://mui.com/store/items/devias-kit-pro/. This feels a bit too brittle. Instead, we can get inspiration from the keymailer: https://github.com/mui/mui-private/blob/09f2c3f4263db001a442c6f3b51cb32f935a2e20/lambda/keymailer/index.js#L149.

Copy link
Member

@oliviertassinari oliviertassinari Aug 15, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually @hasdfa I could see us publishing https://github.com/mui/mui-private/blob/09f2c3f4263db001a442c6f3b51cb32f935a2e20/lambda/keymailer/databaseMuiX.js#L20 as an npm package, and then use it in the GitHub Action, Pipedream, Toolpad App. Or to be fair, a REST API might be even better.

@alhabib5565 alhabib5565 mentioned this pull request Aug 19, 2024
Open
oliviertassinari added a commit that referenced this pull request Aug 28, 2024
@oliviertassinari
[infra] Fix Issue cleanup action
113a612 
A follow-up on #13957 (comment)
thomasmoon pushed a commit to thomasmoon/mui-x that referenced this pull request Sep 9, 2024
@michelengelen @thomasmoon
[infra] Adds order id validation action (mui#13957)
b99e3ea 
Signed-off-by: Michel Engelen <32863416+michelengelen@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@oliviertassinari oliviertassinari oliviertassinari left review comments

@JCQuintas JCQuintas JCQuintas approved these changes

@DanailH DanailH Awaiting requested review from DanailH

@MBilalShafi MBilalShafi Awaiting requested review from MBilalShafi

@LukasTy LukasTy Awaiting requested review from LukasTy

Assignees

@michelengelen michelengelen

Labels
scope: infra Org infrastructure work going on behind the scenes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@michelengelen @mui-bot @oliviertassinari @LukasTy @JCQuintas