github_bot 0.1.0

data/app/controllers/github_bot/application_controller.rb

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+
+require 'json'
+require_relative 'concerns/response'
+
+module GithubBot
+  # Public: Base controller for handing rails routes into the GithubBot
+  class ApplicationController < ActionController::API
+    include Response
+    include GithubRequestHelper
+
+    before_action :valid_request?
+    before_action :event_processing
+
+    # Public: Initial the request for event processing
+    def event_processing
+      Github::Client.initialize(request)
+    end
+
+    # Public: Returns <true> if the incoming request if properly authorized
+    def valid_request?
+      signature = github_signature
+      my_signature = 'sha1=' + OpenSSL::HMAC.hexdigest(
+        OpenSSL::Digest.new('sha1'),
+        ENV['GITHUB_WEBHOOK_SECRET'],
+        github_payload_raw
+      )
+
+      json_response(json_access_denied, :unauthorized) unless Rack::Utils.secure_compare(my_signature, signature)
+    rescue StandardError => e
+      msg = "#{self.class}##{__method__} An error occurred while determine if request is valid"
+      Rails.logger.error(
+        message: msg,
+        exception: e
+      )
+
+      json_response(json_access_denied(errors: { message: "#{msg}, exception: #{e.message}" }), :unauthorized)
+    end
+  end
+end

data/app/controllers/github_bot/concerns/response.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module GithubBot
+  # Public: A helper to the controllers for assisting in providing json responses
+  module Response
+    # Public: Renders a json response
+    def json_response(object, status = :ok)
+      render json: object, status: status
+    end
+
+    # Public: Returns a json response indicating a 404
+    def json_not_found(params)
+      {
+        errors: {
+          message: "Not found with parameter #{params}"
+        }
+      }
+    end
+
+    # Public: Returns a json response indicating a 403
+    def json_access_denied(**args)
+      { errors: 'access denied' }.merge(args)
+    end
+  end
+end

data/app/controllers/github_bot/webhooks/github_controller.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+require_relative '../application_controller'
+
+module GithubBot
+  module Webhooks
+    # Public: The GitHub controller for handling all incoming requests and determining
+    # what validator that should be utilized.
+    class GithubController < ApplicationController
+      # POST /webhooks
+      def validate
+        return unless pull_request? || check_run?
+
+        client_api = ::GithubBot::Github::Client.instance
+
+        client_api.repository_pull_request_bots.each do |bot_class|
+          clazz =
+            begin
+              bot_class.constantize
+            rescue StandardError => e
+              Rails.logger.error(
+                message: "#{self.class}##{__method__} Pull request validator '#{bot_class}' is not defined",
+                exception: e
+              )
+
+              nil
+            end
+
+          clazz&.validate
+        end
+      rescue StandardError => e
+        Rails.logger.error message: 'GitHub Bot failure', exception: e
+      end
+    end
+  end
+end

data/app/helpers/github_bot/github_request_helper.rb

@@ -0,0 +1,123 @@
+# frozen_string_literal: true
+
+module GithubBot
+  # Public: A request helper for understanding the incoming request context
+  module GithubRequestHelper
+    # Public: Returns the GitHub event type of the incoming request
+    def github_event
+      request.env['HTTP_X_GITHUB_EVENT']
+    end
+
+    # Public: Returns if the GitHub signature of the incoming request
+    def github_signature
+      request.env['HTTP_X_HUB_SIGNATURE'] || 'no-signature'
+    end
+
+    # Public: Returns the raw content of the github payload's body content
+    def github_payload_raw
+      @github_payload_raw ||= request.body.read
+    end
+
+    # Public: Returns the <Json> representation of the github payload
+    def github_payload
+      return @github_payload if @github_payload
+
+      begin
+        @github_payload = JSON.parse(github_payload_raw).with_indifferent_access
+      rescue StandardError => e
+        raise StandardError, "Invalid JSON (#{e}): #{@github_payload_raw}"
+      end
+    end
+
+    # Public: Returns <true> if the event type is of type 'ping'; otherwise, <false>
+    def ping?
+      github_event == 'ping'
+    end
+
+    # Public: Return <true> if the event type is of type 'pull_request'; otherwise, <false>
+    def pull_request?
+      github_event == 'pull_request'
+    end
+
+    # Public: Return <true> if the event type is of type 'pull_request_review'; otherwise, <false>
+    def pull_request_review?
+      github_event == 'pull_request_review'
+    end
+
+    # Public: Return <true> if the event type is of type 'check_run'; otherwise, <false>
+    def check_run?
+      github_event == 'check_run'
+    end
+
+    # Public: Return <true> if the action type is of type 'review_requested'; otherwise, <false>
+    def review_requested?
+      github_event == 'review_requested'
+    end
+
+    # Public: Return <true> if the action type is of type 'review_request_removed'; otherwise, <false>
+    def review_request_removed?
+      github_event == 'review_request_removed'
+    end
+
+    # Public: Return <true> if the action type is of type 'labeled'; otherwise, <false>
+    def labeled?
+      github_event == 'labeled'
+    end
+
+    # Public: Return <true> if the action type is of type 'issue_comment'; otherwise, <false>
+    def issue_comment?
+      github_event == 'issue_comment'
+    end
+
+    # Public: Returns <String> of the comment's body from the github payload
+    def comment_body
+      github_payload['comment']['body']
+    end
+
+    # Public: Return <true> if the action type is of type 'issue_comment'
+    # and the comment message contains "run_validation"; otherwise, <false>
+    def issue_comment_recheck?
+      github_event == 'issue_comment' && comment_body.include?('run_validation')
+    end
+
+    # Public: Return <true> if issue_comment_recheck? is true
+    # and the comment message contains option; otherwise, <false>
+    #
+    # @param [String] option represents which validation to run
+    def recheck_application?(option)
+      return false unless issue_comment_recheck?
+
+      options = recheck_options(comment_body)
+      options.include?(option) || options.include?('all')
+    end
+
+    # Public: Return <true> if the action type is of type 'unlabeled'; otherwise, <false>
+    def unlabeled?
+      github_event == 'unlabeled'
+    end
+
+    # Public: Returns the pull request action type from the payload
+    def pull_request_action
+      github_payload['action']
+    end
+
+    # Public: Returns the pull request content from the payload
+    def pull_request
+      github_payload['pull_request']
+    end
+
+    # Public: Returns the repository payload
+    def repository
+      github_payload['repository']
+    end
+
+    private
+
+    # Private: Return an array of strings
+    #
+    # @param str input like "run_validation: a, b, c" with return of ["a","b","c"]
+    def recheck_options(str)
+      str.gsub(/\s+/, '').partition(':').last.split(',')
+    end
+  end
+end

data/bin/bundle-audit

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'bundle-audit' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+
+if File.file?(bundle_binstub)
+  if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("bundler-audit", "bundle-audit")

data/bin/bundler-audit

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'bundler-audit' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+
+if File.file?(bundle_binstub)
+  if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("bundler-audit", "bundler-audit")

data/bin/rails

@@ -0,0 +1,26 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+# This command will automatically be run when you run "rails" with Rails gems
+# installed from the root of your application.
+
+ENGINE_ROOT = File.expand_path('..', __dir__)
+ENGINE_PATH = File.expand_path('../lib/github_bot/engine', __dir__)
+
+# Set up gems listed in the Gemfile.
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__)
+require 'bundler/setup' if File.exist?(ENV['BUNDLE_GEMFILE'])
+
+require 'rails'
+# Pick the frameworks you want:
+require 'active_model/railtie'
+require 'active_job/railtie'
+require 'active_record/railtie'
+require 'active_storage/engine'
+require 'action_controller/railtie'
+require 'action_mailer/railtie'
+require 'action_view/railtie'
+require 'action_cable/engine'
+require 'sprockets/railtie'
+# require "rails/test_unit/railtie"
+require 'rails/engine/commands'

data/bin/rake

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'rake' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+
+if File.file?(bundle_binstub)
+  if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("rake", "rake")

data/bin/rspec

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'rspec' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+
+if File.file?(bundle_binstub)
+  if File.read(bundle_binstub, 150) =~ /This file was generated by Bundler/
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("rspec-core", "rspec")

data/bin/rubocop

@@ -0,0 +1,29 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+#
+# This file was generated by Bundler.
+#
+# The application 'rubocop' is installed as part of a gem, and
+# this file is here to facilitate running it.
+#
+
+require "pathname"
+ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
+  Pathname.new(__FILE__).realpath)
+
+bundle_binstub = File.expand_path("../bundle", __FILE__)
+
+if File.file?(bundle_binstub)
+  if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
+    load(bundle_binstub)
+  else
+    abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
+Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
+  end
+end
+
+require "rubygems"
+require "bundler/setup"
+
+load Gem.bin_path("rubocop", "rubocop")

data/config/routes.rb

@@ -0,0 +1,13 @@
+# frozen_string_literal: true
+
+GithubBot::Engine.routes.draw do
+  namespace :webhooks do
+    post '/', action: :validate, controller: 'github', defaults: { format: :json }
+  end
+end
+
+# Adding this to mount the above routes into the application level in order to be able to use
+# the path helpers without having to access them with the main_app.
+Rails.application.routes.draw do
+  mount GithubBot::Engine => '/' if GithubBot.draw_routes_in_host_app
+end

data/github_bot.gemspec

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+lib = File.expand_path('lib', __dir__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'github_bot/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'github_bot'
+  spec.version       = GithubBot::VERSION
+  spec.authors       = ['Greg Howdeshell']
+  spec.email         = ['greg.howdeshell@gmail.com']
+
+  spec.summary       = 'A rubygem designed to assist in the creation of GitHub bot applications.'
+  spec.description = <<~DESC
+    A rubygem designed to assist in the creation of GitHub bot applications.
+  DESC
+  spec.homepage      = 'https://github.com/cerner/github_bot-ruby'
+  spec.license       = 'Apache-2.0'
+
+  # Specify which files should be added to the gem when it is released.
+  # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
+  spec.files         =
+    Dir.chdir(File.expand_path(__dir__)) do
+      `git ls-files -z`.split("\x0").reject { |f| f.match(/^(test|spec|features)\//) }
+    end
+  spec.bindir        = 'bin'
+  spec.executables   = spec.files.grep(/^bin\//) { |f| File.basename(f) }
+  spec.require_paths = ['lib']
+
+  spec.required_ruby_version = '>= 2.6.2'
+
+  spec.add_dependency 'git', '~> 1.0'
+  spec.add_dependency 'jwt', '~> 1.0'
+  spec.add_dependency 'octokit', '~> 4.18'
+  spec.add_dependency 'rails', '>= 5.0.0.1', '< 7.0.0'
+end