hephaestus 0.8.11 → 0.8.12.1

data/templates/lib/schemas/api/2023-03-06/components/schemas/yetto.json

@@ -0,0 +1,116 @@
+{
+    "CreateAppMessage": {
+        "type": "object",
+        "required": [
+            "yetto"
+        ],
+        "properties": {
+            "yetto": {
+                "type": "object",
+                "required": [
+                    "plug_installation",
+                    "message"
+                ],
+                "properties": {
+                    "plug_installation": {
+                        "type": "object",
+                        "required": [
+                            "id",
+                            "settings"
+                        ],
+                        "properties": {
+                            "id": {
+                                "type": "string",
+                                "pattern": "^(?:pli)_[A-Z0-9]{26}$"
+                            },
+                            "settings": {
+                                "type": "object",
+                                "required": [],
+                                "properties": {}
+                            }
+                        }
+                    },
+                    "message": {
+                        "type": "object",
+                        "required": [
+                            "id",
+                            "conversation",
+                            "text_content",
+                            "metadata"
+                        ],
+                        "properties": {
+                            "id": {
+                                "type": "string",
+                                "pattern": "^(?:msg)_[A-Z0-9]{26}$"
+                            },
+                            "text_content": {
+                                "type": "string"
+                            },
+                            "metadata": {
+                                "type": "object"
+                            },
+                            "conversation": {
+                                "type": "object",
+                                "required": [
+                                    "id",
+                                    "title",
+                                    "metadata"
+                                ],
+                                "properties": {
+                                    "id": {
+                                        "type": "string",
+                                        "pattern": "^(?:cnv)_[A-Z0-9]{26}$"
+                                    },
+                                    "title": {
+                                        "type": "string"
+                                    },
+                                    "metadata": {
+                                        "type": "object"
+                                    }
+                                }
+                            }
+                        }
+                    }
+                },
+                "additionalProperties": false
+            }
+        },
+        "additionalProperties": false
+    },
+    "ConfigureApp": {
+        "type": "object",
+        "required": [
+            "yetto"
+        ],
+        "properties": {
+            "yetto": {
+                "type": "object",
+                "required": [
+                    "plug_installation"
+                ],
+                "properties": {
+                    "plug_installation": {
+                        "type": "object",
+                        "required": [
+                            "id",
+                            "settings"
+                        ],
+                        "properties": {
+                            "id": {
+                                "type": "string",
+                                "pattern": "^(?:pli)_[A-Z0-9]{26}$"
+                            },
+                            "settings": {
+                                "type": "object",
+                                "required": [],
+                                "properties": {}
+                            }
+                        }
+                    }
+                },
+                "additionalProperties": false
+            }
+        },
+        "additionalProperties": false
+    }
+}

data/templates/lib/schemas/api/2023-03-06/openapi.json

@@ -0,0 +1,30 @@
+{
+    "openapi": "3.0.0",
+    "info": {
+        "title": "App Plug API",
+        "description": "An OpenAPI definition for the App Plug REST API.",
+        "version": "2023-03-06",
+        "termsOfService": "https://yetto.app/terms/",
+        "license": {
+            "name": "Apache 2.0",
+            "url": "http://www.apache.org/licenses/LICENSE-2.0.html"
+        }
+    },
+    "servers": [
+        {
+            "url": "https://yetto.app/2023-03-06",
+            "description": "Production basepath"
+        }
+    ],
+    "paths": {
+        "/api/2023-03-06/plug_installation/created": {
+            "$ref": "paths/yetto/plug_installation_created.json"
+        },
+        "/api/2023-03-06/message/created": {
+            "$ref": "paths/yetto/message_created.json"
+        },
+        "/app/2023-03-06/{plugInstallationId}": {
+            "$ref": "paths/app.json"
+        }
+    }
+}

data/templates/lib/schemas/api/2023-03-06/paths/app.json

@@ -0,0 +1,90 @@
+{
+    "post": {
+        "tags": [
+            "Inbound",
+            "App"
+        ],
+        "description": "This represents something",
+        "operationId": "Post a Yetto message",
+        "parameters": [
+            {
+                "$ref": "../components/parameters/plugInstallation.json#/plugInstallationId"
+            }
+        ],
+        "requestBody": {
+            "required": true,
+            "content": {
+                "application/json": {
+                    "schema": {
+                        "$ref": "../components/schemas/plug.json#/something"
+                    }
+                },
+                "example": {
+                    "message": {
+                        "text_content": "Hello _World_",
+                        "is_public": true,
+                        "author": {
+                            "name": "John Doe"
+                        },
+                        "metadata": {}
+                    },
+                    "creator": {
+                        "id": "usr_1234567890"
+                    }
+                }
+            }
+        },
+        "responses": {
+            "202": {
+                "description": "Accepted",
+                "content": {
+                    "application/json": {
+                        "schema": {
+                            "$ref": "../components/schemas/responses.json#/202"
+                        }
+                    }
+                }
+            },
+            "204": {
+                "description": "No Content",
+                "content": {
+                    "application/json": {
+                        "schema": {
+                            "$ref": "../components/schemas/responses.json#/204"
+                        }
+                    }
+                }
+            },
+            "400": {
+                "description": "Bad Request",
+                "content": {
+                    "application/json": {
+                        "schema": {
+                            "$ref": "../components/schemas/responses.json#/400"
+                        }
+                    }
+                }
+            },
+            "403": {
+                "description": "Forbidden",
+                "content": {
+                    "application/json": {
+                        "schema": {
+                            "$ref": "../components/schemas/responses.json#/403"
+                        }
+                    }
+                }
+            },
+            "503": {
+                "description": "Service Unavailable",
+                "content": {
+                    "application/json": {
+                        "schema": {
+                            "$ref": "../components/schemas/responses.json#/502"
+                        }
+                    }
+                }
+            }
+        }
+    }
+}

data/templates/lib/schemas/api/2023-03-06/paths/yetto/message_created.json

@@ -0,0 +1,51 @@
+{
+    "post": {
+        "tags": [
+            "Yetto"
+        ],
+        "description": "After a message is created in Yetto, this delivers it.",
+        "operationId": "Create a new message",
+        "requestBody": {
+            "required": true,
+            "content": {
+                "application/json": {
+                    "schema": {
+                        "$ref": "../../components/schemas/yetto.json#/CreateAppMessage"
+                    }
+                }
+            }
+        },
+        "responses": {
+            "204": {
+                "description": "No Content",
+                "content": {
+                    "application/json": {
+                        "schema": {
+                            "$ref": "../../components/schemas/responses.json#/204"
+                        }
+                    }
+                }
+            },
+            "400": {
+                "description": "Bad Request",
+                "content": {
+                    "application/json": {
+                        "schema": {
+                            "$ref": "../../components/schemas/responses.json#/400"
+                        }
+                    }
+                }
+            },
+            "404": {
+                "description": "Not Found",
+                "content": {
+                    "application/json": {
+                        "schema": {
+                            "$ref": "../../components/schemas/responses.json#/404"
+                        }
+                    }
+                }
+            }
+        }
+    }
+}

data/templates/lib/schemas/api/2023-03-06/paths/yetto/plug_installation_created.json

@@ -0,0 +1,51 @@
+{
+    "post": {
+        "tags": [
+            "Yetto"
+        ],
+        "description": "After a plug installation is created, this executes",
+        "operationId": "Post a plug installation",
+        "requestBody": {
+            "required": true,
+            "content": {
+                "application/json": {
+                    "schema": {
+                        "$ref": "../../components/schemas/yetto.json#/ConfigureApp"
+                    }
+                }
+            }
+        },
+        "responses": {
+            "204": {
+                "description": "No Content",
+                "content": {
+                    "application/json": {
+                        "schema": {
+                            "$ref": "../../components/schemas/responses.json#/204"
+                        }
+                    }
+                }
+            },
+            "400": {
+                "description": "Bad Request",
+                "content": {
+                    "application/json": {
+                        "schema": {
+                            "$ref": "../../components/schemas/responses.json#/400"
+                        }
+                    }
+                }
+            },
+            "404": {
+                "description": "Not Found",
+                "content": {
+                    "application/json": {
+                        "schema": {
+                            "$ref": "../../components/schemas/responses.json#/404"
+                        }
+                    }
+                }
+            }
+        }
+    }
+}

data/templates/script/docker-build-prod.tt

@@ -0,0 +1,11 @@
+#!/usr/bin/env bash
+
+# This script will build a production Docker image as closely
+# as it resembles on CI.
+
+set -e
+
+docker build --build-arg="RAILS_ENV=production" \
+             --build-arg="RAILS_MASTER_KEY=$(op read "op://Plug-GitHub/Production Secrets/RAILS_MASTER_KEY")" \
+             --build-arg="GIT_SHA:1234" \
+             -t yettoapp/plug-<%= plug_name %> . "$@"

data/templates/script/docker-run.tt

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+
+# This script will build a production Docker image as closely
+# as it resembles on CI.
+
+set -e
+
+docker run -it yettoapp/plug-<%= plug_name %>:latest bash "$@"

data/templates/script/edit-credentials

@@ -3,6 +3,7 @@
 set -e
 
 # Initialize flags
+development=false
 staging=false
 production=false
 
@@ -10,6 +11,9 @@ production=false
 for arg in "$@"
 do
     case $arg in
+        --development)
+            development=true
+        ;;
         --staging)
             staging=true
         ;;
@@ -22,8 +26,13 @@ do
     esac
 done
 
-if [[ $staging == true ]]; then
-    RAILS_MASTER_KEY=$(op read op://Plug-App/staging-rails-master-key/...) bin/rails credentials:edit -e staging
+if [[ $development == true ]]; then
+    RAILS_MASTER_KEY=$(op read "op://Plug-Email/Development Secrets/Common/RAILS_MASTER_KEY") bin/rails credentials:edit -e development
+elif [[ $staging == true ]]; then
+    RAILS_MASTER_KEY=$(op read "op://Plug-Email/Staging Secrets/Common/RAILS_MASTER_KEY") bin/rails credentials:edit -e staging
+elif [[ $production == true ]]; then
+    RAILS_MASTER_KEY=$(op read "op://Plug-Email/Production Secrets/Common/RAILS_MASTER_KEY") bin/rails credentials:edit -e production
 else
-    RAILS_MASTER_KEY=$(op read op://Plug-App/production-rails-master-key/...) bin/rails credentials:edit -e production
+    echo "Please specify a target environment with one of the following flags: --development, --staging, --production"
+    exit 1
 fi

data/templates/script/hmac_text

@@ -1,4 +1,4 @@
-#!/usr/bin/env rails runner
+#!/usr/bin/env bin/rails runner
 # frozen_string_literal: true
 
 require "optparse"

data/templates/script/ngrok.tt

@@ -0,0 +1,7 @@
+#!/bin/sh
+
+set -e
+
+hostname="$(hostname | tr '[:upper:]' '[:lower:]' | tr '.' '-')"
+
+ngrok http --region=us --domain=${hostname}-plug-<%= plug_name %>.ngrok.io 6661

data/templates/script/server

@@ -2,38 +2,15 @@
 
 set -e
 
-# Initialize flags
-local_dev=true
-api_only=false
-debug=false
-
-function opr_cmd() {
-    if $local_dev; then
-        bin/opr $1
-    else
-        $1
-    fi
-}
-
-function cleanup() {
-    echo "Cleaning up attached services..."
-    docker compose down
-    echo "...Done"
-}
+# run any pending migrations
+bin/rake db:prepare
 
 # Check for and parse flags
 for arg in "$@"
 do
     case $arg in
-        --api-only)
-            api_only=true
-        ;;
-        --docker)
-            local_dev=false
-        ;;
         --debug)
             export DEBUG=true
-            debug=true
         ;;
         *)
             # Unknown arguments can be ignored or handled here
@@ -41,25 +18,9 @@ do
     esac
 done
 
-# In non-local dev scenarios, change ownership of the application to the non-root 'plug-app' user
-if [[ $local_dev == false ]]; then
-    chown -R plug-app:plug-app /usr/src/app
-else
-    # In local dev scenarios, run attached compose services in detached mode
-    docker compose up --wait
+export SERVER_CMD="bin/rails server -p 6661"
+if [[ -n "$DEBUG" ]]; then
+    export SERVER_CMD="bundle exec rdbg -n -O -c -- $SERVER_CMD"
 fi
 
-if $local_dev; then
-
-    # Ensure docker-compose goes down when the server is stopped
-    trap cleanup SIGINT
-    trap cleanup SIGTSTP
-
-    if $debug; then
-        bin/foreman start -f Procfile.debug
-    else
-        bin/foreman start -f Procfile.dev
-    fi
-else
-    bin/puma -C config/puma.rb
-fi
+exec overmind start

data/templates/test/controllers/app_controller_test.rb.tt

@@ -0,0 +1,188 @@
+# typed: false
+# frozen_string_literal: true
+
+require "test_helper"
+
+class <%= capital_plug_name %>ControllerTest < ActionDispatch::IntegrationTest
+  include Hephaestus::API::TestHelpers
+
+  include Webmocks::<%= capital_plug_name %>Webmock
+  include Hephaestus::Webmocks::YettoWebmock
+  include Hephaestus::Webmocks::SlackWebmock
+
+  def setup
+    @moment = Time.zone.local(2023, 9, 1, 10, 5, 0)
+    @update_plug_installation_body = {
+      settings: {},
+      credentials: {
+        "access_token" => "ghu_access_token",
+        "expires_at" => "2023-09-01 18:05:00 UTC",
+        "refresh_token" => "ghr_",
+        "refresh_token_expires_at" => "2024-03-02 10:05:00 UTC",
+        "scope" => "",
+        "token_type" => "bearer",
+      },
+    }
+
+    @valid_issue_comment_created_webhook_body = {
+      action: "created",
+      repository: {
+        id: 8_675_309,
+      },
+    }
+  end
+
+  def auth_header(body = "")
+    "sha256=#{OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new("sha256"), GITHUB_SECRET_TOKEN, body.to_json)}"
+  end
+
+  test "fails gracefully if state param is not present" do
+    plug(:get, "/callback")
+
+    assert_response :bad_request
+  end
+
+  test "fails gracefully if not enough state vars" do
+    state = Base64.urlsafe_encode64({ version: "version", salt: "salt" }.to_json)
+
+    plug(:get, "/callback?state=#{state}")
+
+    assert_response :bad_request
+  end
+
+  test "fails gracefully if not Base64 encoded" do
+    state = 3.times.each_with_object([]) do |_, memo|
+      memo << Faker::Alphanumeric.alphanumeric(number: 26).upcase
+    end.join(",")
+
+    plug(:get, "/callback?state=#{state}")
+
+    assert_response :bad_request
+  end
+
+  test "fails if <%= capital_plug_name %> is not the client requesting callback URL" do
+    assert_predicate <%= upcase_plug_name %>_NONCE, :present?
+
+    state = Base64.urlsafe_encode64(3.times.each_with_object([]) do |_, memo|
+      memo << Faker::Alphanumeric.alphanumeric(number: 26).upcase
+    end.join(","))
+
+    plug(:get, "/callback?state=#{state}")
+
+    assert_response :bad_request
+  end
+
+  test "permits <%= capital_plug_name %> if it's the client requesting callback URL" do
+    assert_predicate <%= upcase_plug_name %>_NONCE, :present?
+
+    redirect_to = Faker::Internet.url(host: "yetto.app")
+    state = Base64.urlsafe_encode64({ version: "version", salt: "salt", nonce: <%= upcase_plug_name %>_NONCE, plug_installation_id: "plug_installation_id", redirect_to: redirect_to }.to_json)
+
+    stub_request_user_access_token(state)
+    stub_post_access_token("plug_installation_id")
+    stub_update_plug_installation("plug_installation_id", @update_plug_installation_body)
+
+    Timecop.freeze(@moment) do
+      plug(:get, "/callback?state=#{state}", parse: false)
+    end
+
+    assert_equal last_response.headers["Location"], redirect_to
+    assert_requested_user_access_token(state)
+    assert_requested_post_access_token("plug_installation_id")
+    assert_requested_update_plug_installation("plug_installation_id")
+  end
+
+  test "does not panic if <%= capital_plug_name %> responds with invalid JSON" do
+    assert_predicate <%= upcase_plug_name %>_NONCE, :present?
+
+    redirect_to = Faker::Internet.url(host: "yetto.app")
+    state = Base64.urlsafe_encode64({ version: "version", salt: "salt", nonce: <%= upcase_plug_name %>_NONCE, plug_installation_id: "plug_installation_id", redirect_to: redirect_to }.to_json)
+
+    stub_request_user_access_token(state, valid: false)
+    stub_send_to_slack_log
+    plug(:get, "/callback?state=#{state}")
+
+    assert_response :not_acceptable
+
+    assert_requested_send_to_slack_log
+  end
+
+  test "does not panic if <%= capital_plug_name %> responds with bad error status" do
+    assert_predicate <%= upcase_plug_name %>_NONCE, :present?
+
+    redirect_to = Faker::Internet.url(host: "yetto.app")
+    state = Base64.urlsafe_encode64({ version: "version", salt: "salt", nonce: <%= upcase_plug_name %>_NONCE, plug_installation_id: "plug_installation_id", redirect_to: redirect_to }.to_json)
+
+    stub_request_user_access_token(state, status: 500)
+    stub_send_to_slack_log
+    plug(:get, "/callback?state=#{state}")
+
+    assert_response :not_acceptable
+
+    assert_requested_send_to_slack_log
+  end
+
+  test "does not panic if Yetto responds with bad error status when updating" do
+    assert_predicate <%= upcase_plug_name %>_NONCE, :present?
+
+    redirect_to = Faker::Internet.url(host: "yetto.app")
+    state = Base64.urlsafe_encode64({ version: "version", salt: "salt", nonce: <%= upcase_plug_name %>_NONCE, plug_installation_id: "plug_installation_id", redirect_to: redirect_to }.to_json)
+
+    stub_request_user_access_token(state)
+    stub_post_access_token("plug_installation_id")
+    stub_update_plug_installation("plug_installation_id", @update_plug_installation_body, status: 500)
+
+    stub_send_to_slack_log
+
+    moment = Time.zone.local(2023, 9, 1, 10, 5, 0)
+    Timecop.freeze(moment) do
+      plug(:get, "/callback?state=#{state}")
+    end
+
+    assert_response :not_found
+
+    assert_requested_user_access_token(state)
+
+    assert_requested_send_to_slack_log
+  end
+
+  test "webhook handles null headers" do
+    plug(:post, "/webhook", body: @valid_issue_comment_created_webhook_body, headers: nil)
+
+    assert_response :not_found
+  end
+
+  test "webhook handles missing headers" do
+    plug(:post, "/webhook", body: @valid_issue_comment_created_webhook_body)
+
+    assert_response :not_found
+  end
+
+  test "webhook handles incorrect headers" do
+    plug(:post, "/webhook", body: @valid_issue_comment_created_webhook_body, headers: { "HTTP_X_HUB_SIGNATURE_256" => "123" })
+
+    assert_response :bad_request
+  end
+
+  test "webhook handles null body" do
+    plug(:post, "/webhook", body: nil, headers: { "HTTP_X_HUB_SIGNATURE_256" => auth_header })
+
+    assert_response :bad_request
+  end
+
+  test "webhook handles empty body" do
+    plug(:post, "/webhook", body: {}, headers: { "HTTP_X_HUB_SIGNATURE_256" => auth_header })
+
+    assert_response :bad_request
+  end
+
+  test "webhook passes to job when issue_comment is created" do
+    assert_enqueued_with(job: Process<%= capital_plug_name %>IssueCommentJob) do
+      plug(:post, "/webhook", body: @valid_issue_comment_created_webhook_body, headers: { "HTTP_X_GITHUB_EVENT" => "issue_comment", "HTTP_X_HUB_SIGNATURE_256" => auth_header(@valid_issue_comment_created_webhook_body) })
+    end
+
+    assert_response :ok
+  end
+
+  # TODO: Add your own controller tests here
+end