-
-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[infra] Adds order id validation action #13957
[infra] Adds order id validation action #13957
Conversation
Deploy preview: https://deploy-preview-13957--material-ui-x.netlify.app/ |
This pull request has conflicts, please resolve those before we can evaluate the pull request. |
Signed-off-by: Michel Engelen <32863416+michelengelen@users.noreply.github.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The change reminds me of https://www.notion.so/mui-org/support-MUI-X-Paid-support-verification-b8fa22d65bb2437c8d6beab5b7f29b5a. It won't solve the case of people lying about their order id, but it will save time to the engineers when doing support, no need to valid the order id. It will also improve the customer experience as we would know earlier the plan hence the SLA an issue is under. Nice 👍
REPO: ${{ github.event.repository.name }} | ||
ISSUE_NUMBER: ${{ github.event.issue.number }} | ||
TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
ORDER_API_TOKEN: ${{ secrets.SHOP_AUTH_TOKEN }} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@hasdfa we have the following keys in use today
https://store-wp.mui.com/wp-admin/admin.php?page=wc-settings&tab=advanced§ion=keys
It feels like we should create a new one specifically for GitHub Actions so we can reduce disruption in case of a security leak. How about we make the change?
@michelengelen which key did you use?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@oliviertassinari I did use the one from the private toolpad app
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok, I have created an organization secret for the GitHub action, easier to rotate this way.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I broke the GitHub Action with this token change.
We are back up and running with 113a612, e.g. #14380 as a proof. With this change:
- It now shows a clear error. This will be helpful in the future when our token gets revoked:
Source: https://github.com/oliviertassinari/mui-x/actions/runs/10604955513/job/29392734749
- It also now doesn't assume that
Basic
is in the token. This is normally not how it's done if we look at our codebase: https://github.com/search?q=org%3Amui+%22Authorization%3A+%22&type=code, e.g. GITHUB_AUTH. The exceptions that I can find were this one (gone) and one done by Prakhar: https://github.com/mui/mui-private/blob/04c21bf04d29f9985ea400ef52afb3861203867e/tools-private/toolpad/resources/functions.ts#L107.
core.setFailed('No Pro or Premium plan found in order'); | ||
} | ||
|
||
const planName = plan.match(/\b(pro|premium)\b/i)[0].toLowerCase(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I believe @hasdfa is working on a way to store the plan as a specific field on the product of the orders. We should be able to rely on something more reliable in the future.
} | ||
|
||
const planName = plan.match(/\b(pro|premium)\b/i)[0].toLowerCase(); | ||
const labelName = `support: ${planName}`; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We might want to use plain strings here so we can more easily search in the codebase and find hits.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
good point ... will add it later
}); | ||
const orderDetails = await order.json(); | ||
const plan = | ||
orderDetails.line_items?.filter((item) => item.name.test(/\b(pro|premium)\b/i))[0].name || |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We have products that have "pro" in their title, e.g. https://mui.com/store/items/devias-kit-pro/. This feels a bit too brittle. Instead, we can get inspiration from the keymailer: https://github.com/mui/mui-private/blob/09f2c3f4263db001a442c6f3b51cb32f935a2e20/lambda/keymailer/index.js#L149.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Actually @hasdfa I could see us publishing https://github.com/mui/mui-private/blob/09f2c3f4263db001a442c6f3b51cb32f935a2e20/lambda/keymailer/databaseMuiX.js#L20 as an npm package, and then use it in the GitHub Action, Pipedream, Toolpad App. Or to be fair, a REST API might be even better.
A follow-up on #13957 (comment)
Signed-off-by: Michel Engelen <32863416+michelengelen@users.noreply.github.com>
adds an action to the repository to check the order id and apply a label based on the plan used . The action is built using JavaScript and available here: https://github.com/michelengelen/mui-order-id-validation