Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: plugins can now be spawned as Workers #42

Merged
merged 19 commits into from
May 30, 2024
Merged

feat: plugins can now be spawned as Workers #42

merged 19 commits into from
May 30, 2024

Conversation

gentlementlegen
Copy link
Member

Resolves #39

@gentlementlegen
Copy link
Member Author

Tests seem to be failing due to empty environment variables during the tests
https://github.com/ubiquity/ubiquibot-kernel/actions/runs/9149319076/job/25152816695?pr=42#step:5:7 which I cannot fix myself.

@0x4007
Copy link
Member

0x4007 commented May 19, 2024

@rndquu youre admin please facilitate

@rndquu
Copy link
Member

rndquu commented May 20, 2024

@gentlementlegen

Check this workflow

How it works right now:

  1. PR is opened
  2. The development branch is checked out here (not the PR branch because the workflow is running on pull_request_target)
  3. Tests are run against the development branch

If here we change the code to checkout the PR branch using pull_request_target then any fork will have access to these env variables.

So right now this workflow is literally 1 line away from leaking secrets.

There are viable 2 options:

  1. Refactor tests and mock everything in a way that we wouldn't need to provide any env vars
  2. Keep using this workflow with pull_request_target, checkout the PR branch here, hardcode env variables and use some dummy values that are used only for testing

@gentlementlegen
Copy link
Member Author

@rndquu will be mocking as we cannot have dummy values since it tries to reach a real endpoint.

@gentlementlegen
Copy link
Member Author

Changes in this PR

  • plugins can now accept urls to endpoints, by setting the url value inside plugins instead of a GitHub Action
  • tests are triggered on pull_request with mocked values
  • the project is automatically deployed on pushes in the main branch and also updates the secrets in Cloudflare with the ones from GitHub to avoid manually setting them (requires WEBHOOK_PROXY_URL, WEBHOOK_SECRET, APP_ID, PRIVATE_KEY to be set)

Test still expected to fail for pull_request_target, successful pull_request test here

@gentlementlegen gentlementlegen marked this pull request as ready for review May 20, 2024 08:05
0x4007
0x4007 reviewed May 20, 2024
View reviewed changes
src/github/handlers/index.ts Outdated Show resolved Hide resolved
src/github/handlers/repository-dispatch.ts Outdated Show resolved Hide resolved
src/github/utils/workflow-dispatch.ts Show resolved Hide resolved
whilefoo
whilefoo suggested changes May 21, 2024
View reviewed changes
src/github/utils/workflow-dispatch.ts Show resolved Hide resolved
src/github/handlers/repository-dispatch.ts Outdated Show resolved Hide resolved
@whilefoo
Copy link
Contributor

we can merge this, right?

@gentlementlegen
Copy link
Member Author

@whilefoo was waiting for second validation but if you're good with it for sure

@gentlementlegen gentlementlegen merged commit f46b3f2 into ubiquity-os:development May 30, 2024
3 of 5 checks passed
@gentlementlegen gentlementlegen deleted the feat/workers branch May 30, 2024 03:03
@ubiquibot ubiquibot bot mentioned this pull request Jun 3, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@whilefoo whilefoo whilefoo approved these changes

@rndquu rndquu Awaiting requested review from rndquu

@0x4007 0x4007 Awaiting requested review from 0x4007

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Worker plugins
4 participants
@gentlementlegen @0x4007 @rndquu @whilefoo