@oneuptime/common 9.2.16 → 9.2.17

package/Server/API/GitHubAPI.ts

@@ -0,0 +1,360 @@
+import Express, {
+  ExpressRequest,
+  ExpressResponse,
+  ExpressRouter,
+} from "../Utils/Express";
+import Response from "../Utils/Response";
+import BadDataException from "../../Types/Exception/BadDataException";
+import logger from "../Utils/Logger";
+import { JSONObject } from "../../Types/JSON";
+import { DashboardClientUrl, GitHubAppClientId } from "../EnvironmentConfig";
+import ObjectID from "../../Types/ObjectID";
+import GitHubUtil, {
+  GitHubRepository,
+} from "../Utils/CodeRepository/GitHub/GitHub";
+import CodeRepositoryService from "../Services/CodeRepositoryService";
+import CodeRepository from "../../Models/DatabaseModels/CodeRepository";
+import CodeRepositoryType from "../../Types/CodeRepository/CodeRepositoryType";
+import URL from "../../Types/API/URL";
+import UserMiddleware from "../Middleware/UserAuthorization";
+import BaseModel from "../../Models/DatabaseModels/DatabaseBaseModel/DatabaseBaseModel";
+
+export default class GitHubAPI {
+  public getRouter(): ExpressRouter {
+    const router: ExpressRouter = Express.getRouter();
+
+    /*
+     * GitHub App installation callback
+     * This is called after a user installs the GitHub App
+     * The state parameter contains base64 encoded JSON with projectId and userId
+     */
+    router.get(
+      "/github/auth/callback",
+      async (req: ExpressRequest, res: ExpressResponse) => {
+        try {
+          // GitHub sends state parameter back which contains projectId and userId
+          const state: string | undefined = req.query["state"]?.toString();
+
+          if (!state) {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException("State parameter is required"),
+            );
+          }
+
+          // Decode the state parameter to get projectId and userId
+          let projectId: string | undefined;
+          let userId: string | undefined;
+
+          try {
+            const decodedState: { projectId?: string; userId?: string } =
+              JSON.parse(Buffer.from(state, "base64").toString("utf-8"));
+            projectId = decodedState.projectId;
+            userId = decodedState.userId;
+          } catch {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException("Invalid state parameter"),
+            );
+          }
+
+          if (!projectId) {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException("Project ID is required in state"),
+            );
+          }
+
+          if (!userId) {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException("User ID is required in state"),
+            );
+          }
+
+          // GitHub sends installation_id in query params after app installation
+          const installationId: string | undefined =
+            req.query["installation_id"]?.toString();
+
+          if (!installationId) {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException(
+                "Installation ID is required. Please install the GitHub App first.",
+              ),
+            );
+          }
+
+          /*
+           * Store the installation ID - we'll create repositories when user selects them
+           * For now, redirect back to dashboard with installation ID
+           */
+          const redirectUrl: string = `${DashboardClientUrl.toString()}/dashboard/${projectId}/code-repository?installation_id=${installationId}`;
+
+          return Response.redirect(req, res, URL.fromString(redirectUrl));
+        } catch (error) {
+          logger.error("GitHub Auth Callback Error:");
+          logger.error(error);
+          return Response.sendErrorResponse(
+            req,
+            res,
+            error instanceof Error
+              ? new BadDataException(error.message)
+              : new BadDataException("An error occurred"),
+          );
+        }
+      },
+    );
+
+    // Initiate GitHub App installation
+    router.get(
+      "/github/auth/install",
+      async (req: ExpressRequest, res: ExpressResponse) => {
+        try {
+          if (!GitHubAppClientId) {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException(
+                "GitHub App is not configured. Please set GITHUB_APP_CLIENT_ID.",
+              ),
+            );
+          }
+
+          const projectId: string | undefined =
+            req.query["projectId"]?.toString();
+          const userId: string | undefined = req.query["userId"]?.toString();
+
+          if (!projectId || !userId) {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException("Project ID and User ID are required"),
+            );
+          }
+
+          /*
+           * Redirect to GitHub App installation page
+           * The state parameter helps us track the installation
+           */
+          const state: string = Buffer.from(
+            JSON.stringify({ projectId, userId }),
+          ).toString("base64");
+
+          const installUrl: string = `https://github.com/apps/${GitHubAppClientId}/installations/new?state=${state}`;
+
+          return Response.redirect(req, res, URL.fromString(installUrl));
+        } catch (error) {
+          logger.error("GitHub Install Redirect Error:");
+          logger.error(error);
+          return Response.sendErrorResponse(
+            req,
+            res,
+            error instanceof Error
+              ? new BadDataException(error.message)
+              : new BadDataException("An error occurred"),
+          );
+        }
+      },
+    );
+
+    // List repositories for an installation
+    router.get(
+      "/github/repositories/:projectId/:installationId",
+      UserMiddleware.getUserMiddleware,
+      async (req: ExpressRequest, res: ExpressResponse) => {
+        try {
+          const installationId: string | undefined =
+            req.params["installationId"]?.toString();
+
+          if (!installationId) {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException("Installation ID is required"),
+            );
+          }
+
+          const repositories: Array<GitHubRepository> =
+            await GitHubUtil.listRepositoriesForInstallation(installationId);
+
+          return Response.sendJsonObjectResponse(req, res, {
+            repositories: repositories as unknown,
+          } as JSONObject);
+        } catch (error) {
+          logger.error("GitHub List Repositories Error:");
+          logger.error(error);
+          return Response.sendErrorResponse(
+            req,
+            res,
+            error instanceof Error
+              ? new BadDataException(error.message)
+              : new BadDataException("An error occurred"),
+          );
+        }
+      },
+    );
+
+    // Connect a repository to a project
+    router.post(
+      "/github/repository/connect",
+      UserMiddleware.getUserMiddleware,
+      async (req: ExpressRequest, res: ExpressResponse) => {
+        try {
+          const body: JSONObject = req.body;
+
+          const projectId: string | undefined = body["projectId"]?.toString();
+          const installationId: string | undefined =
+            body["installationId"]?.toString();
+          const repositoryName: string | undefined =
+            body["repositoryName"]?.toString();
+          const organizationName: string | undefined =
+            body["organizationName"]?.toString();
+          const name: string | undefined = body["name"]?.toString();
+          const defaultBranch: string | undefined =
+            body["defaultBranch"]?.toString();
+          const repositoryUrl: string | undefined =
+            body["repositoryUrl"]?.toString();
+
+          if (!projectId) {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException("Project ID is required"),
+            );
+          }
+
+          if (!installationId) {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException("Installation ID is required"),
+            );
+          }
+
+          if (!repositoryName) {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException("Repository name is required"),
+            );
+          }
+
+          if (!organizationName) {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException("Organization name is required"),
+            );
+          }
+
+          // Create the code repository record
+          const codeRepository: CodeRepository = new CodeRepository();
+          codeRepository.projectId = new ObjectID(projectId);
+          codeRepository.name = name || `${organizationName}/${repositoryName}`;
+          codeRepository.repositoryHostedAt = CodeRepositoryType.GitHub;
+          codeRepository.organizationName = organizationName;
+          codeRepository.repositoryName = repositoryName;
+          codeRepository.mainBranchName = defaultBranch || "main";
+          codeRepository.gitHubAppInstallationId = installationId;
+
+          if (repositoryUrl) {
+            codeRepository.repositoryUrl = URL.fromString(repositoryUrl);
+          }
+
+          const createdRepository: CodeRepository =
+            await CodeRepositoryService.create({
+              data: codeRepository,
+              props: {
+                isRoot: true,
+              },
+            });
+
+          return Response.sendJsonObjectResponse(req, res, {
+            repository: BaseModel.toJSON(createdRepository, CodeRepository),
+          } as JSONObject);
+        } catch (error) {
+          logger.error("GitHub Connect Repository Error:");
+          logger.error(error);
+          return Response.sendErrorResponse(
+            req,
+            res,
+            error instanceof Error
+              ? new BadDataException(error.message)
+              : new BadDataException("An error occurred"),
+          );
+        }
+      },
+    );
+
+    // GitHub webhook handler
+    router.post(
+      "/github/webhook",
+      async (req: ExpressRequest, res: ExpressResponse) => {
+        try {
+          const signature: string | undefined = req.headers[
+            "x-hub-signature-256"
+          ] as string | undefined;
+          const event: string | undefined = req.headers["x-github-event"] as
+            | string
+            | undefined;
+
+          if (!signature) {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException("Missing webhook signature"),
+            );
+          }
+
+          // Get raw body for signature verification
+          const rawBody: string = JSON.stringify(req.body);
+
+          // Verify webhook signature
+          const isValid: boolean = GitHubUtil.verifyWebhookSignature(
+            rawBody,
+            signature,
+          );
+
+          if (!isValid) {
+            return Response.sendErrorResponse(
+              req,
+              res,
+              new BadDataException("Invalid webhook signature"),
+            );
+          }
+
+          logger.debug(`Received GitHub webhook event: ${event}`);
+
+          /*
+           * Handle different webhook events here
+           * For now, just acknowledge receipt
+           * Future: Handle push, pull_request, check_run events
+           */
+
+          return Response.sendJsonObjectResponse(req, res, {
+            success: true,
+            message: "Webhook received",
+          } as JSONObject);
+        } catch (error) {
+          logger.error("GitHub Webhook Error:");
+          logger.error(error);
+          return Response.sendErrorResponse(
+            req,
+            res,
+            error instanceof Error
+              ? new BadDataException(error.message)
+              : new BadDataException("An error occurred"),
+          );
+        }
+      },
+    );
+
+    return router;
+  }
+}

package/Server/API/IncidentAPI.ts

@@ -1,6 +1,7 @@
 import Incident from "../../Models/DatabaseModels/Incident";
 import File from "../../Models/DatabaseModels/File";
 import NotFoundException from "../../Types/Exception/NotFoundException";
+import BadDataException from "../../Types/Exception/BadDataException";
 import ObjectID from "../../Types/ObjectID";
 import IncidentService, {
   Service as IncidentServiceType,
@@ -15,6 +16,13 @@ import {
 } from "../Utils/Express";
 import CommonAPI from "./CommonAPI";
 import DatabaseCommonInteractionProps from "../../Types/BaseDatabase/DatabaseCommonInteractionProps";
+import AIService, { AILogRequest, AILogResponse } from "../Services/AIService";
+import IncidentAIContextBuilder, {
+  AIGenerationContext,
+  IncidentContextData,
+} from "../Utils/AI/IncidentAIContextBuilder";
+import JSONFunctions from "../../Types/JSONFunctions";
+import Permission from "../../Types/Permission";
 
 export default class IncidentAPI extends BaseAPI<
   Incident,
@@ -36,6 +44,21 @@ export default class IncidentAPI extends BaseAPI<
         }
       },
     );
+
+    // Generate postmortem from AI
+    this.router.post(
+      `${new this.entityType()
+        .getCrudApiPath()
+        ?.toString()}/generate-postmortem-from-ai/:incidentId`,
+      UserMiddleware.getUserMiddleware,
+      async (req: ExpressRequest, res: ExpressResponse, next: NextFunction) => {
+        try {
+          await this.generatePostmortemFromAI(req, res);
+        } catch (err) {
+          next(err);
+        }
+      },
+    );
   }
 
   private async getPostmortemAttachment(
@@ -103,4 +126,107 @@ export default class IncidentAPI extends BaseAPI<
     Response.setNoCacheHeaders(res);
     return Response.sendFileResponse(req, res, attachment);
   }
+
+  private async generatePostmortemFromAI(
+    req: ExpressRequest,
+    res: ExpressResponse,
+  ): Promise<void> {
+    const incidentIdParam: string | undefined = req.params["incidentId"];
+
+    if (!incidentIdParam) {
+      throw new BadDataException("Incident ID is required");
+    }
+
+    let incidentId: ObjectID;
+
+    try {
+      incidentId = new ObjectID(incidentIdParam);
+    } catch {
+      throw new BadDataException("Invalid Incident ID");
+    }
+
+    const props: DatabaseCommonInteractionProps =
+      await CommonAPI.getDatabaseCommonInteractionProps(req);
+
+    // Verify user has permission to edit the incident
+    const permissions: Array<Permission> | undefined = props
+      .userTenantAccessPermission?.["permissions"] as
+      | Array<Permission>
+      | undefined;
+
+    const hasPermission: boolean = permissions
+      ? permissions.some((p: Permission) => {
+          return (
+            p === Permission.ProjectOwner ||
+            p === Permission.ProjectAdmin ||
+            p === Permission.EditProjectIncident
+          );
+        })
+      : false;
+
+    if (!hasPermission && !props.isMasterAdmin) {
+      throw new BadDataException(
+        "You do not have permission to generate postmortem for this incident. You need to have one of these permissions: Project Owner, Project Admin, Edit Project Incident.",
+      );
+    }
+
+    // Get the template from request body if provided
+    const template: string | undefined = JSONFunctions.getJSONValueInPath(
+      req.body,
+      "template",
+    ) as string | undefined;
+
+    // Always include workspace messages for comprehensive context
+    const includeWorkspaceMessages: boolean = true;
+
+    // Get the incident to verify it exists and get the project ID
+    const incident: Incident | null = await this.service.findOneById({
+      id: incidentId,
+      select: {
+        _id: true,
+        projectId: true,
+      },
+      props,
+    });
+
+    if (!incident || !incident.projectId) {
+      throw new NotFoundException("Incident not found");
+    }
+
+    // Build incident context
+    const contextData: IncidentContextData =
+      await IncidentAIContextBuilder.buildIncidentContext({
+        incidentId,
+        includeWorkspaceMessages,
+        workspaceMessageLimit: 500,
+      });
+
+    // Format context for postmortem generation
+    const aiContext: AIGenerationContext =
+      IncidentAIContextBuilder.formatIncidentContextForPostmortem(
+        contextData,
+        template,
+      );
+
+    // Generate postmortem using AIService (handles billing and logging)
+    const aiLogRequest: AILogRequest = {
+      projectId: incident.projectId,
+      feature: "Incident Postmortem",
+      incidentId: incidentId,
+      messages: aiContext.messages,
+      maxTokens: 8192,
+      temperature: 0.7,
+    };
+
+    if (props.userId) {
+      aiLogRequest.userId = props.userId;
+    }
+
+    const response: AILogResponse =
+      await AIService.executeWithLogging(aiLogRequest);
+
+    return Response.sendJsonObjectResponse(req, res, {
+      postmortemNote: response.content,
+    });
+  }
 }

package/Server/EnvironmentConfig.ts

@@ -44,6 +44,7 @@ const FRONTEND_ENV_ALLOW_LIST: Array<string> = [
   "DISABLE_TELEMETRY",
   "SLACK_APP_CLIENT_ID",
   "MICROSOFT_TEAMS_APP_CLIENT_ID",
+  "GITHUB_APP_CLIENT_ID",
   "CAPTCHA_ENABLED",
   "CAPTCHA_SITE_KEY",
 ];
@@ -458,6 +459,49 @@ export const MicrosoftTeamsAppClientSecret: string | null =
 export const MicrosoftTeamsAppTenantId: string | null =
   process.env["MICROSOFT_TEAMS_APP_TENANT_ID"] || null;
 
+// GitHub App Configuration
+export const GitHubAppId: string | null = process.env["GITHUB_APP_ID"] || null;
+export const GitHubAppClientId: string | null =
+  process.env["GITHUB_APP_CLIENT_ID"] || null;
+export const GitHubAppClientSecret: string | null =
+  process.env["GITHUB_APP_CLIENT_SECRET"] || null;
+
+type DecodePrivateKeyFunction = (key: string | undefined) => string | null;
+
+// Helper function to decode base64 private key if needed
+const decodePrivateKey: DecodePrivateKeyFunction = (
+  key: string | undefined,
+): string | null => {
+  if (!key) {
+    return null;
+  }
+
+  // If it starts with "-----BEGIN", it's already in PEM format
+  if (key.trim().startsWith("-----BEGIN")) {
+    return key;
+  }
+
+  // Otherwise, assume it's base64 encoded and decode it
+  try {
+    const decoded: string = Buffer.from(key, "base64").toString("utf-8");
+    // Verify it's a valid PEM key after decoding
+    if (decoded.trim().startsWith("-----BEGIN")) {
+      return decoded;
+    }
+    // If decoding doesn't produce a valid PEM, return original value
+    return key;
+  } catch {
+    // If decoding fails, return the original value
+    return key;
+  }
+};
+
+export const GitHubAppPrivateKey: string | null = decodePrivateKey(
+  process.env["GITHUB_APP_PRIVATE_KEY"],
+);
+export const GitHubAppWebhookSecret: string | null =
+  process.env["GITHUB_APP_WEBHOOK_SECRET"] || null;
+
 // VAPID Configuration for Web Push Notifications
 export const VapidPublicKey: string | undefined =
   process.env["VAPID_PUBLIC_KEY"] || undefined;

package/Server/Infrastructure/Postgres/SchemaMigrations/1765580181582-MigrationName.ts

@@ -0,0 +1,79 @@
+import { MigrationInterface, QueryRunner } from "typeorm";
+
+export class MigrationName1765580181582 implements MigrationInterface {
+  public name = "MigrationName1765580181582";
+
+  public async up(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.query(
+      `CREATE TABLE "CodeRepository" ("_id" uuid NOT NULL DEFAULT uuid_generate_v4(), "createdAt" TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT now(), "updatedAt" TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT now(), "deletedAt" TIMESTAMP WITH TIME ZONE, "version" integer NOT NULL, "projectId" uuid NOT NULL, "name" character varying(100) NOT NULL, "slug" character varying(100) NOT NULL, "description" character varying(500), "repositoryHostedAt" character varying(100) NOT NULL, "organizationName" character varying(100) NOT NULL, "repositoryName" character varying(100) NOT NULL, "mainBranchName" character varying(100) DEFAULT 'main', "repositoryUrl" text, "gitHubAppInstallationId" character varying(500), "gitLabProjectId" character varying(500), "secretToken" text, "createdByUserId" uuid, "deletedByUserId" uuid, CONSTRAINT "PK_7b5219d06a82fbc0bc4540b74f0" PRIMARY KEY ("_id"))`,
+    );
+    await queryRunner.query(
+      `CREATE INDEX "IDX_a653bdc2fac520c9c8b9a7c7a6" ON "CodeRepository" ("projectId") `,
+    );
+    await queryRunner.query(
+      `CREATE TABLE "CodeRepositoryLabel" ("codeRepositoryId" uuid NOT NULL, "labelId" uuid NOT NULL, CONSTRAINT "PK_5adb09e0b5957488be8931f46bc" PRIMARY KEY ("codeRepositoryId", "labelId"))`,
+    );
+    await queryRunner.query(
+      `CREATE INDEX "IDX_7710ab8ee47601f78f3a4b76b6" ON "CodeRepositoryLabel" ("codeRepositoryId") `,
+    );
+    await queryRunner.query(
+      `CREATE INDEX "IDX_8f7d12100e441fc72e02151fc5" ON "CodeRepositoryLabel" ("labelId") `,
+    );
+    await queryRunner.query(
+      `ALTER TABLE "OnCallDutyPolicyScheduleLayer" ALTER COLUMN "rotation" SET DEFAULT '{"_type":"Recurring","value":{"intervalType":"Day","intervalCount":{"_type":"PositiveNumber","value":1}}}'`,
+    );
+    await queryRunner.query(
+      `ALTER TABLE "OnCallDutyPolicyScheduleLayer" ALTER COLUMN "restrictionTimes" SET DEFAULT '{"_type":"RestrictionTimes","value":{"restictionType":"None","dayRestrictionTimes":null,"weeklyRestrictionTimes":[]}}'`,
+    );
+    await queryRunner.query(
+      `ALTER TABLE "CodeRepository" ADD CONSTRAINT "FK_a653bdc2fac520c9c8b9a7c7a6a" FOREIGN KEY ("projectId") REFERENCES "Project"("_id") ON DELETE CASCADE ON UPDATE NO ACTION`,
+    );
+    await queryRunner.query(
+      `ALTER TABLE "CodeRepository" ADD CONSTRAINT "FK_a870b71b99c87ea658c11421490" FOREIGN KEY ("createdByUserId") REFERENCES "User"("_id") ON DELETE SET NULL ON UPDATE NO ACTION`,
+    );
+    await queryRunner.query(
+      `ALTER TABLE "CodeRepository" ADD CONSTRAINT "FK_79d9249eb5f8174a6f6228311f4" FOREIGN KEY ("deletedByUserId") REFERENCES "User"("_id") ON DELETE SET NULL ON UPDATE NO ACTION`,
+    );
+    await queryRunner.query(
+      `ALTER TABLE "CodeRepositoryLabel" ADD CONSTRAINT "FK_7710ab8ee47601f78f3a4b76b64" FOREIGN KEY ("codeRepositoryId") REFERENCES "CodeRepository"("_id") ON DELETE CASCADE ON UPDATE CASCADE`,
+    );
+    await queryRunner.query(
+      `ALTER TABLE "CodeRepositoryLabel" ADD CONSTRAINT "FK_8f7d12100e441fc72e02151fc56" FOREIGN KEY ("labelId") REFERENCES "Label"("_id") ON DELETE CASCADE ON UPDATE CASCADE`,
+    );
+  }
+
+  public async down(queryRunner: QueryRunner): Promise<void> {
+    await queryRunner.query(
+      `ALTER TABLE "CodeRepositoryLabel" DROP CONSTRAINT "FK_8f7d12100e441fc72e02151fc56"`,
+    );
+    await queryRunner.query(
+      `ALTER TABLE "CodeRepositoryLabel" DROP CONSTRAINT "FK_7710ab8ee47601f78f3a4b76b64"`,
+    );
+    await queryRunner.query(
+      `ALTER TABLE "CodeRepository" DROP CONSTRAINT "FK_79d9249eb5f8174a6f6228311f4"`,
+    );
+    await queryRunner.query(
+      `ALTER TABLE "CodeRepository" DROP CONSTRAINT "FK_a870b71b99c87ea658c11421490"`,
+    );
+    await queryRunner.query(
+      `ALTER TABLE "CodeRepository" DROP CONSTRAINT "FK_a653bdc2fac520c9c8b9a7c7a6a"`,
+    );
+    await queryRunner.query(
+      `ALTER TABLE "OnCallDutyPolicyScheduleLayer" ALTER COLUMN "restrictionTimes" SET DEFAULT '{"_type": "RestrictionTimes", "value": {"restictionType": "None", "dayRestrictionTimes": null, "weeklyRestrictionTimes": []}}'`,
+    );
+    await queryRunner.query(
+      `ALTER TABLE "OnCallDutyPolicyScheduleLayer" ALTER COLUMN "rotation" SET DEFAULT '{"_type": "Recurring", "value": {"intervalType": "Day", "intervalCount": {"_type": "PositiveNumber", "value": 1}}}'`,
+    );
+    await queryRunner.query(
+      `DROP INDEX "public"."IDX_8f7d12100e441fc72e02151fc5"`,
+    );
+    await queryRunner.query(
+      `DROP INDEX "public"."IDX_7710ab8ee47601f78f3a4b76b6"`,
+    );
+    await queryRunner.query(`DROP TABLE "CodeRepositoryLabel"`);
+    await queryRunner.query(
+      `DROP INDEX "public"."IDX_a653bdc2fac520c9c8b9a7c7a6"`,
+    );
+    await queryRunner.query(`DROP TABLE "CodeRepository"`);
+  }
+}