hephaestus 0.8.11 → 0.8.12.1

data/templates/app/lib/headers/yetto.rb

@@ -1,19 +0,0 @@
-# typed: false
-# frozen_string_literal: true
-
-module Headers
-  module Yetto
-    YETTO_DELIVERY_ID = "HTTP_X_YETTO_DELIVERY_ID"
-
-    HEADER_EVENT = "HTTP_X_YETTO_EVENT"
-    EVENT_AFTER_CREATE = "created"
-    EVENT_AFTER_UPDATE = "updated"
-    EVENT_AFTER_DESTROY = "destroyed"
-
-    HEADER_RECORD_TYPE = "HTTP_X_YETTO_RECORD_TYPE"
-    RECORD_TYPE_PLUG_INSTALLATION = "plug_installation"
-    RECORD_TYPE_MESSAGE = "message"
-
-    HEADER_SIGNATURE = "HTTP_X_YETTO_SIGNATURE"
-  end
-end

data/templates/app/lib/headers.rb

@@ -1,5 +0,0 @@
-# typed: false
-# frozen_string_literal: true
-
-module Headers
-end

data/templates/app/lib/path_parameter/settings_parameters.rb

@@ -1,22 +0,0 @@
-# typed: false
-# frozen_string_literal: true
-
-module PathParameter
-  module SettingsParameters
-    extend T::Sig
-
-    sig { returns(String) }
-    def pparam_plug_installation_id
-      yetto_path_params.fetch(:event, "")
-    end
-
-    sig { returns(T::Hash[Symbol, T.untyped]) }
-    def settings_path_params
-      return {} if params.blank?
-
-      {
-        plug_installation_id: params.fetch(:plug_installation_id, ""),
-      }
-    end
-  end
-end

data/templates/app/lib/path_parameter/yetto_parameters.rb

@@ -1,28 +0,0 @@
-# typed: false
-# frozen_string_literal: true
-
-module PathParameter
-  module YettoParameters
-    extend T::Sig
-
-    sig { returns(String) }
-    def pparam_yetto_event
-      yetto_path_params.fetch(:event, "")
-    end
-
-    sig { returns(String) }
-    def pparam_yetto_record_type
-      yetto_path_params.fetch(:record_type, "")
-    end
-
-    sig { returns(T::Hash[String, String]) }
-    def yetto_path_params
-      return {} if path_parameters.blank?
-
-      {
-        event: path_parameters.fetch(:event, ""),
-        record_type: path_parameters.fetch(:record_type, ""),
-      }
-    end
-  end
-end

data/templates/app/lib/path_parameter.rb

@@ -1,8 +0,0 @@
-# typed: strict
-# frozen_string_literal: true
-
-module PathParameter
-  extend T::Sig
-
-  delegate :path_parameters, to: :request
-end

data/templates/app/lib/plug_app/http.rb

@@ -1,37 +0,0 @@
-# typed: strict
-# frozen_string_literal: true
-
-module PlugApp
-  module HTTP
-    extend T::Sig
-
-    OK = "OK"
-    OK_I = 200
-
-    CREATED = "Created"
-    CREATED_I = 201
-    NO_CONTENT = "No Content"
-    NO_CONTENT_I = 204
-
-    FOUND = "Found"
-    FOUND_I = 302
-
-    NOT_FOUND = "Not Found"
-    NOT_FOUND_I = 404
-    BAD_REQUEST = "Bad Request"
-    BAD_REQUEST_I = 400
-    UNAUTHORIZED = "Unauthorized"
-    UNAUTHORIZED_I = 401
-    FORBIDDEN = "Forbidden"
-    FORBIDDEN_I = 403
-    NOT_ACCEPTABLE = "Not Acceptable"
-    NOT_ACCEPTABLE_I = 406
-    SERVICE_UNAVAILABLE = "Service Unavailable"
-    SERVICE_UNAVAILABLE_I = 503
-
-    sig { params(status: Integer).returns(T::Boolean) }
-    def status_ok?(status)
-      status == OK_I
-    end
-  end
-end

data/templates/app/lib/plug_app/middleware/malformed_request.rb

@@ -1,110 +0,0 @@
-# typed: strict
-# frozen_string_literal: true
-
-module PlugApp
-  module Middleware
-    # There is no valid reason for a request to contain a malformed string
-    # so just return HTTP 400 (Bad Request) if we receive one
-    class MalformedRequest
-      extend T::Sig
-
-      include ActionController::HttpAuthentication::Basic
-
-      NULL_BYTE_REGEX = T.let(Regexp.new(Regexp.escape("\u0000")).freeze, Regexp)
-
-      sig { returns(T.untyped) }
-      attr_reader :app
-
-      sig { params(app: T.untyped).void }
-      def initialize(app)
-        @app = T.let(app, T.untyped)
-      end
-
-      sig { params(env: T.untyped).returns(T.untyped) }
-      def call(env)
-        return [PlugApp::HTTP::BAD_REQUEST_I, { "Content-Type" => "text/plain" }, [PlugApp::HTTP::BAD_REQUEST]] if request_contains_malformed_string?(env)
-
-        app.call(env)
-      end
-
-      private
-
-      sig { params(env: T.untyped).returns(T::Boolean) }
-      def request_contains_malformed_string?(env)
-        # Duplicate the env, so it is not modified when accessing the parameters
-        # https://github.com/rails/rails/blob/34991a6ae2fc68347c01ea7382fa89004159e019/actionpack/lib/action_dispatch/http/parameters.rb#L59
-        request = ActionDispatch::Request.new(env.dup)
-
-        return true if malformed_path?(request.path)
-        return true if credentials_malformed?(request)
-
-        request.params.values.any? do |value|
-          param_has_null_byte?(value)
-        end
-      rescue ActionController::BadRequest
-        # If we can't build an ActionDispatch::Request something's wrong
-        # This would also happen if `#params` contains invalid UTF-8
-        # in this case we'll return a 400
-        true
-      end
-
-      sig { params(path: String).returns(T::Boolean) }
-      def malformed_path?(path)
-        string_malformed?(Rack::Utils.unescape(path))
-      rescue ArgumentError
-        # Rack::Utils.unescape raised this, path is malformed.
-        true
-      end
-
-      sig { params(request: T.untyped).returns(T::Boolean) }
-      def credentials_malformed?(request)
-        credentials = if has_basic_credentials?(request)
-          decode_credentials(request).presence
-        else
-          request.authorization.presence
-        end
-
-        return false unless credentials
-
-        string_malformed?(credentials)
-      end
-
-      sig { params(value: T.untyped, depth: Integer).returns(T::Boolean) }
-      def param_has_null_byte?(value, depth = 0)
-        # Guard against possible attack sending large amounts of nested params
-        # Should be safe as deeply nested params are highly uncommon.
-        return false if depth > 2
-
-        depth += 1
-
-        if value.respond_to?(:match)
-          string_malformed?(value)
-        elsif value.respond_to?(:values)
-          value.values.any? do |hash_value|
-            param_has_null_byte?(hash_value, depth)
-          end
-        elsif value.is_a?(Array)
-          value.any? do |array_value|
-            param_has_null_byte?(array_value, depth)
-          end
-        else
-          false
-        end
-      end
-
-      sig { params(string: String).returns(T::Boolean) }
-      def string_malformed?(string)
-        # We're using match instead of include because that raises an ArgumentError
-        # when the string contains invalid UTF-8
-        #
-        # We try to encode the string from ASCII-8BIT to UTF8. If we failed to do
-        # so for certain characters in the string, those chars are probably incomplete
-        # multibyte characters.
-        string.dup.force_encoding(Encoding::UTF_8).match?(NULL_BYTE_REGEX)
-      rescue ArgumentError, Encoding::UndefinedConversionError
-        # If we're here, we caught a malformed string. Return true
-        true
-      end
-    end
-  end
-end

data/templates/app/lib/plug_app/middleware/openapi_validation.rb

@@ -1,83 +0,0 @@
-# typed: false
-# frozen_string_literal: true
-
-require "openapi_first"
-
-module PlugApp
-  module Middleware
-    class OpenapiValidation
-      API_PATH_PREFIX = "/api/"
-      SPEC_PATH = Rails.root.join("lib/plug_app/schemas/api/2023-03-06/openapi.json")
-      SPEC = OpenapiFirst.load(SPEC_PATH)
-
-      def initialize(app)
-        @app = app
-      end
-
-      def call(env)
-        request = Rack::Request.new(env)
-
-        return @app.call(env) unless request.path.starts_with?(API_PATH_PREFIX) && request.path.exclude?("/settings")
-
-        begin
-          # force content-type to JSON
-          env["CONTENT_TYPE"] = "application/json" if env["CONTENT_TYPE"] != "application/json"
-
-          validated_request = SPEC.validate_request(request)
-
-          return @app.call(env) if validated_request.valid?
-
-          case validated_request.error
-          when OpenapiFirst::Schema::ValidationError
-            error_arr = format_arr(validated_request.error.errors.map(&:message))
-            Rails.logger.error(error_arr) if print_user_api_errors?
-            [PlugApp::HTTP::BAD_REQUEST_I, { "Content-Type" => "application/json" }, [error_arr]]
-          else
-            case validated_request.error.type
-            when :not_found
-              [PlugApp::HTTP::NOT_FOUND_I, { "Content-Type" => "application/json" }, [format_str("Not Found")]]
-            else
-              error_message = if validated_request.error.errors.present?
-                format_arr(validated_request.error.errors.map(&:message))
-              else
-                format_str(validated_request.error.message)
-              end
-
-              Rails.logger.error(error_message) if print_user_api_errors?
-              [PlugApp::HTTP::BAD_REQUEST_I, { "Content-Type" => "application/json" }, [error_message]]
-            end
-          end
-        rescue StandardError => e
-          raise e unless Rails.env.production?
-
-          logger.error(
-            "openapi.request_validation.error",
-            path: request.path,
-            method: request.env["REQUEST_METHOD"],
-            error_message: e.message,
-          )
-        end
-      end
-
-      private def format_str(error)
-        {
-          errors: [
-            {
-              message: error,
-            },
-          ],
-        }.to_json
-      end
-
-      private def format_arr(errors)
-        {
-          errors: errors.each_with_object([]) do |error, arr|
-            arr << {
-              message: error,
-            }
-          end,
-        }.to_json
-      end
-    end
-  end
-end

data/templates/app/lib/plug_app/middleware/tracing_attributes.rb

@@ -1,46 +0,0 @@
-# typed: false
-# frozen_string_literal: true
-
-require "openapi_first"
-require "active_support/parameter_filter"
-
-module PlugApp
-  module Middleware
-    class TracingAttributes
-      extend T::Sig
-
-      sig { returns(T.untyped) }
-      attr_reader :app
-
-      HTTP_REQUEST_BODY = "http.request.body"
-      PLUG_APP_PATH_PREFIX = "/app/"
-      RACK_REQUEST_BODY = "rack.input"
-
-      sig { params(app: T.untyped).void }
-      def initialize(app)
-        @app = T.let(app, T.untyped)
-        @filterer = ActiveSupport::ParameterFilter.new(Rails.application.config.filter_parameters)
-      end
-
-      sig { params(env: T.untyped).returns(T.untyped) }
-      def call(env)
-        OpenTelemetry::Trace.current_span.add_attributes({
-          OpenTelemetry::VERSION => PlugApp::Application::GIT_SHA,
-          OpenTelemetry::SemanticConventions::Trace::HTTP_REQUEST_CONTENT_LENGTH => env["CONTENT_LENGTH"].to_i,
-          HTTP_REQUEST_BODY => filtered_params(env),
-        })
-
-        app.call(env)
-      end
-
-      def filtered_params(env)
-        body = env[RACK_REQUEST_BODY]&.read
-        return "{}" if body.blank? || body == "{}"
-
-        @filterer.filter(JSON.parse(body)).to_json
-      ensure
-        env[RACK_REQUEST_BODY]&.try(:rewind)
-      end
-    end
-  end
-end

data/templates/app/lib/query_parameter.rb

@@ -1,6 +0,0 @@
-# typed: strict
-# frozen_string_literal: true
-
-module QueryParameter
-  extend T::Sig
-end

data/templates/app/serializers/error_serializer.rb

@@ -1,16 +0,0 @@
-# typed: false
-# frozen_string_literal: true
-
-class ErrorSerializer
-  class << self
-    def format(message)
-      {
-        errors: [
-          {
-            message: message,
-          },
-        ],
-      }.to_json
-    end
-  end
-end

data/templates/app/services/yetto_service.rb

@@ -1,51 +0,0 @@
-# typed: strict
-# frozen_string_literal: true
-
-class YettoService
-  cattr_reader :yetto_client, instance_accessor: false do
-    Httpsensible::Client.new(user_agent: "PlugApp/#{PlugApp::Application::GIT_SHA}")
-  end
-
-  # explicitly different than what's in environment.rb, because local
-  # Yetto expects HTTP; environment.rb can use HTTPS because it passes through ngrok.io
-  PROTOCOL = Rails.env.development? ? "http" : "https"
-  YETTO_API_VERSION_TLD = "#{PROTOCOL}://#{YETTO_API_TLD}/#{YETTO_API_VERSION}"
-  JWT_ALGORITHM = "RS256"
-
-  class << self
-    def perform_token_exchange(plug_installation_id)
-      encoded_jwt = Httpsensible::JWT.encode_jwt(Hephaestus::YETTO_PLUG_PEM, Hephaestus::YETTO_PLUG_ID)
-      response = yetto_client.with_headers({ "Authorization" => "Bearer #{encoded_jwt}" }).post("#{YETTO_API_VERSION_TLD}/plug/installations/#{plug_installation_id}/access_tokens")
-      body = response.parsed_json_body
-      body["token"]
-    end
-
-    def get_plug_installation(plug_installation_id)
-      token = perform_token_exchange(plug_installation_id)
-      yetto_client.with_headers("Authorization" => "Bearer #{token}").get("#{YETTO_API_VERSION_TLD}/installations/#{plug_installation_id}")
-    end
-
-    def update_plug_installation(plug_installation_id, params)
-      plug_installation = {}
-      plug_installation[:settings] = params.fetch(:settings, {})
-      plug_installation[:credentials] = params.fetch(:credentials, {})
-
-      token = perform_token_exchange(plug_installation_id)
-      yetto_client.with_headers("Authorization" => "Bearer #{token}").patch("#{YETTO_API_VERSION_TLD}/installations/#{plug_installation_id}", json: plug_installation)
-    end
-
-    def update_message(plug_installation_id, message_id, params)
-      payload = params[:payload]
-      token = perform_token_exchange(plug_installation_id)
-
-      yetto_client.with_headers("Authorization" => "Bearer #{token}").patch("#{YETTO_API_VERSION_TLD}/messages/#{message_id}", json: payload)
-    end
-
-    def create_message_reply(message_id, plug_installation_id, params)
-      payload = params[:payload]
-      token = perform_token_exchange(plug_installation_id)
-
-      yetto_client.with_headers("Authorization" => "Bearer #{token}").post("#{YETTO_API_VERSION_TLD}/messages/#{message_id}/replies", json: payload)
-    end
-  end
-end

data/templates/app/views/settings/new.json.jbuilder

@@ -1,21 +0,0 @@
-# frozen_string_literal: true
-
-json.version("2023-03-06")
-json.settings do
-  json.array!([
-    {
-      component: "text_field",
-      name: "from_name",
-      heading: t(:some_example_heading),
-      placeholder: "{{ organization['name'] }} - {{ inbox['name'] }}",
-      label: t(:some_example),
-    },
-    {
-      component: "email_field",
-      name: "reply_to_email",
-      heading: t(:another_example_heading),
-      placeholder: "{{ inbox['slug'] }}@{{ organization['name'] | downcase }}.biz",
-      label: t(:another_example_label),
-    },
-  ])
-end

data/templates/compose.yml

@@ -1,5 +0,0 @@
-services:
-  redis-db:
-    image: redis:7-bookworm
-    ports:
-      - "6402:6402"

data/templates/config/initializers/000-oj.rb

@@ -1,6 +0,0 @@
-# typed: false
-# frozen_string_literal: true
-
-Oj.default_options = { mode: :rails }
-
-Oj.optimize_rails

data/templates/config/initializers/cors.rb

@@ -1,19 +0,0 @@
-# typed: false
-# frozen_string_literal: true
-
-# Be sure to restart your server when you modify this file.
-
-# Avoid CORS issues when API is called from the frontend app.
-# Handle Cross-Origin Resource Sharing (CORS) in order to accept cross-origin AJAX requests.
-
-# Read more: https://github.com/cyu/rack-cors
-
-# Rails.application.config.middleware.insert_before 0, Rack::Cors do
-#   allow do
-#     origins "example.com"
-#
-#     resource "*",
-#       headers: :any,
-#       methods: [:get, :post, :put, :patch, :delete, :options, :head]
-#   end
-# end

data/templates/config/initializers/filter_parameter_logging.rb

@@ -1,25 +0,0 @@
-# typed: false
-# frozen_string_literal: true
-
-# Be sure to restart your server when you modify this file.
-
-# Configure parameters to be filtered from the log file. Use this to limit dissemination of
-# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
-# notations and behaviors.
-Rails.application.config.filter_parameters += [
-  :passw,
-  :secret,
-  :token,
-  :_key,
-  :crypt,
-  :salt,
-  :certificate,
-  :otp,
-  :ssn,
-  :credentials,
-  :state,
-  :access_token,
-  :refresh_token,
-  :html_content,
-  :text_content,
-]

data/templates/config/initializers/inflections.rb

@@ -1,20 +0,0 @@
-# typed: false
-# frozen_string_literal: true
-
-# Be sure to restart your server when you modify this file.
-
-# Add new inflection rules using the following format. Inflections
-# are locale specific, and you may define rules for as many different
-# locales as you wish. All of these examples are active by default:
-# ActiveSupport::Inflector.inflections(:en) do |inflect|
-#   inflect.plural /^(ox)$/i, "\\1en"
-#   inflect.singular /^(ox)en/i, "\\1"
-#   inflect.irregular "person", "people"
-#   inflect.uncountable %w( fish sheep )
-# end
-
-# These inflection rules are supported but not enabled by default:
-ActiveSupport::Inflector.inflections(:en) do |inflect|
-  inflect.acronym("API")
-  inflect.acronym("HTTP")
-end

data/templates/config/initializers/lograge.rb

@@ -1,25 +0,0 @@
-# typed: false
-# frozen_string_literal: true
-
-Rails.application.configure do
-  config.lograge.enabled = true
-  config.lograge.custom_options = lambda do |event|
-    span = OpenTelemetry::Trace.current_span
-    {
-      time: event.time,
-      trace_id: span.context.hex_trace_id,
-      span_id: span.context.hex_span_id,
-    }
-  end
-
-  config.lograge.custom_payload do |controller|
-    payload = {
-      host: controller.request.host,
-    }
-
-    payload
-  end
-
-  config.lograge.keep_original_rails_log = true
-  config.lograge.logger = ActiveSupport::Logger.new(Rails.root.join("log", "lograge_#{Rails.env}.log"))
-end

data/templates/config/initializers/opentelemetry.rb

@@ -1,32 +0,0 @@
-# typed: false
-# frozen_string_literal: true
-
-unless Rails.env.development?
-  # establish the environment for OTEL
-  ENV["OTEL_EXPORTER_OTLP_ENDPOINT"] = Rails.application.credentials.fetch(:OTEL_EXPORTER_OTLP_ENDPOINT, ENV.fetch("OTEL_EXPORTER_OTLP_ENDPOINT", "https://api.honeycomb.io"))
-  ENV["OTEL_EXPORTER_OTLP_HEADERS"] = Rails.application.credentials.fetch(:OTEL_EXPORTER_OTLP_HEADERS, ENV.fetch("OTEL_EXPORTER_OTLP_HEADERS", "x-honeycomb-team=your-api-key"))
-  ENV["OTEL_SERVICE_NAME"] = Rails.application.credentials.fetch(:OTEL_SERVICE_NAME, ENV.fetch("OTEL_SERVICE_NAME", "your-service-name"))
-
-  require "opentelemetry/sdk"
-  require "opentelemetry/semantic_conventions"
-
-  OpenTelemetry::SDK.configure do |c|
-    c.logger = Rails.logger
-
-    c.use_all("OpenTelemetry::Instrumentation::PG" => { db_statement: :obfuscate })
-
-    if productionish?
-      c.add_span_processor(
-        OpenTelemetry::SDK::Trace::Export::BatchSpanProcessor.new(
-          OpenTelemetry::Exporter::OTLP::Exporter.new,
-        ),
-      )
-    else # useful for testing instrumentation
-      c.add_span_processor(
-        OpenTelemetry::SDK::Trace::Export::SimpleSpanProcessor.new(
-          OpenTelemetry::SDK::Trace::Export::SpanExporter.new,
-        ),
-      )
-    end # development is intentionally disabled
-  end
-end

data/templates/config/initializers/sidekiq.rb

@@ -1,11 +0,0 @@
-# typed: false
-# frozen_string_literal: true
-
-Sidekiq.configure_server do |config|
-  config.logger = Sidekiq::Logger.new($stdout)
-  config.redis = { url: ENV.fetch("REDIS_URL", "redis://localhost:6379/1") }
-end
-Sidekiq.configure_client do |config|
-  config.logger = Sidekiq::Logger.new($stdout)
-  config.redis = { url: ENV.fetch("REDIS_URL", "redis://localhost:6379/1") }
-end

data/templates/config/initializers/slack_webhook_logger.rb

@@ -1,17 +0,0 @@
-# typed: false
-# frozen_string_literal: true
-
-SlackWebhookLogger.setup do |config|
-  # Webhook URL
-  #
-  # The URL where messages will be sent.
-  config.webhook_url = SLACK_LOG_URL
-
-  # The minimum error level to see in Slack.
-  #
-  # All log levels are supported, but don't do anything less then :warn since Slack only allows one message
-  # per minute.
-  config.level = :WARN
-
-  config.ignore_patterns = [/Can't verify CSRF token authenticity/, /is not a valid MIME type/]
-end

data/templates/config/sidekiq.yml

@@ -1,20 +0,0 @@
-# Sample configuration file for Sidekiq.
-# Options here can still be overridden by cmd line args.
-# Place this file at config/sidekiq.yml and Sidekiq will
-# pick it up automatically.
----
-:verbose: false
-:logfile: ./log/sidekiq.log
-:concurrency: <%= ENV.fetch("SIDEKIQ_CONCURRENCY", 10) %>
-:timeout: 25
-:max_retries: 3
-
-# https://phil.tech/2016/tips-on-sidekiq-queues/
-:queues:
-  - [update_yetto, 10]
-
-  - [default, 5]
-  - [mailers, 3]
-
-  - [active_storage_analysis, 1]
-  - [active_storage_purge, 1]

data/templates/script/ngrok

@@ -1,5 +0,0 @@
-#!/bin/sh
-
-set -e
-
-ngrok http --region=us --hostname=plug-app.ngrok.io 6661