spooder 3.2.8 → 4.0.1

package/src/config.ts

@@ -18,6 +18,8 @@ const internal_config = {
 type Config = typeof internal_config;
 type ConfigObject = Record<string, unknown>;
 
+let cached_config: Config | null = null;
+
 function validate_config_option(source: ConfigObject, target: ConfigObject, root_name: string) {
 	for (const [key, value] of Object.entries(target)) {
 		const key_name = `${root_name}.${key}`;
@@ -60,7 +62,7 @@ function validate_config_option(source: ConfigObject, target: ConfigObject, root
 	}
 }
 
-export async function get_config(): Promise<Config> {
+async function load_config(): Promise<Config> {
 	try {
 		const config_file = Bun.file(path.join(process.cwd(), 'package.json'));
 		const json = await config_file.json();
@@ -76,4 +78,11 @@ export async function get_config(): Promise<Config> {
 	}
 
 	return internal_config;
+}
+
+export async function get_config(): Promise<Config> {
+	if (cached_config === null)
+		cached_config = await load_config();
+
+	return cached_config;
 }

package/src/dispatch.ts

@@ -1,5 +1,5 @@
-import { App } from '@octokit/app';
 import { get_config } from './config';
+import { create_github_issue } from './github';
 import { log } from './utils';
 import fs from 'node:fs';
 import path from 'node:path';
@@ -93,9 +93,9 @@ async function check_cache_table(key: string, repository: string, expiry: number
 			}
 		}
 	} catch (e) {
-		log('Failed to read canary cache file ' + cache_file_path);
-		log('Error: ' + (e as Error).message);
-		log('You should resolve this issue to prevent spamming GitHub with canary reports.');
+		log('failed to read canary cache file ' + cache_file_path);
+		log('error: ' + (e as Error).message);
+		log('you should resolve this issue to prevent spamming GitHub with canary reports');
 	}
 
 	if (cache_table.has(key_hash)) {
@@ -145,6 +145,8 @@ function generate_diagnostics(): object {
 		'bun': {
 			'version': Bun.version,
 			'rev': Bun.revision,
+			'memory_usage': process.memoryUsage(),
+			'cpu_usage': process.cpuUsage()
 		}
 	}
 }
@@ -153,16 +155,17 @@ export async function dispatch_report(report_title: string, report_body: Array<u
 	try {
 		const config = await get_config();
 
-		const canary_account = config.canary.account.toLowerCase();
-		const canary_repostiory = config.canary.repository.toLowerCase();
-		const canary_labels = config.canary.labels;
+		const canary_account = config.canary.account;
+		const canary_repostiory = config.canary.repository;
 
-		if (canary_account.length === 0|| canary_repostiory.length === 0)
+		if (canary_account.length === 0|| canary_repostiory.length === 0) {
+			log('[canary] report dispatch failed; no account/repository configured');
 			return;
+		}
 
 		const is_cached = await check_cache_table(report_title, canary_repostiory, config.canary.throttle);
 		if (is_cached) {
-			log('Throttled canary report: ' + report_title);
+			log('[canary] throttled canary report: ' + report_title);
 			return;
 		}
 
@@ -170,58 +173,44 @@ export async function dispatch_report(report_title: string, report_body: Array<u
 		const canary_app_key = process.env.SPOODER_CANARY_KEY as string;
 
 		if (canary_app_id === undefined)
-			throw new Error('dispatch_report() called without SPOODER_CANARY_APP_ID environment variable set');
+			throw new Error('SPOODER_CANARY_APP_ID environment variable is not set');
 
 		if (canary_app_key === undefined)
-			throw new Error('dispatch_report() called without SPOODER_CANARY_KEY environment variable set');
+			throw new Error('SPOODER_CANARY_KEY environment variable is not set');
 
 		const key_file = Bun.file(canary_app_key);
 		if (key_file.size === 0)
-			throw new Error('dispatch_report() failed to read canary private key file');
+			throw new Error('Unable to read private key file defined by SPOODER_CANARY_KEY environment variable');
 
 		const app_id = parseInt(canary_app_id, 10);
 		if (isNaN(app_id))
-			throw new Error('dispatch_report() failed to parse SPOODER_CANARY_APP_ID environment variable as integer');
-
-		const app = new App({
-			appId: app_id,
-			privateKey: await key_file.text(),
-		});
+			throw new Error('Invalid app ID defined by SPOODER_CANARY_APP_ID environment variable');
 
-		await app.octokit.request('GET /app');
-
-		const post_object = {
-			title: report_title,
-			body: '',
-			labels: canary_labels
-		};
+		let issue_title = report_title;
+		let issue_body = '';
 
 		report_body.push(generate_diagnostics());
 
 		if (config.canary.sanitize) {
 			const local_env = await load_local_env();
-			post_object.body = sanitize_string(JSON.stringify(report_body, null, 4), local_env);
-			post_object.title = sanitize_string(report_title, local_env);
+			issue_body = sanitize_string(JSON.stringify(report_body, null, 4), local_env);
+			issue_title = sanitize_string(report_title, local_env);
 		} else {
-			post_object.body = JSON.stringify(report_body, null, 4);
+			issue_body = JSON.stringify(report_body, null, 4);
 		}
 
-		post_object.body = '```json\n' + post_object.body + '\n```\n\nℹ️ *This issue has been created automatically in response to a server panic, caution or crash.*';
-
-		for await (const { installation } of app.eachInstallation.iterator()) {
-			const login = (installation?.account as { login: string })?.login;
-			if (login?.toLowerCase() !== canary_account)
-				continue;
-
-			for await (const { octokit, repository } of app.eachRepository.iterator({ installationId: installation.id })) {
-				if (repository.full_name.toLowerCase() !== canary_repostiory)
-					continue;
+		issue_body = '```json\n' + issue_body + '\n```\n\nℹ️ *This issue has been created automatically in response to a server panic, caution or crash.*';
 
-				await octokit.request('POST /repos/' + canary_repostiory + '/issues', post_object);
-				log('Dispatched canary report to %s: %s', canary_repostiory, report_title);
-			}
-		}
+		await create_github_issue({
+			app_id,
+			private_key: await key_file.text(),
+			repository_name: canary_repostiory,
+			login_name: canary_account,
+			issue_title,
+			issue_body,
+			issue_labels: config.canary.labels
+		});
 	} catch (e) {
-		log('Failed to dispatch canary report: ' + (e as Error)?.message ?? 'unspecified error');
+		log('[canary error] ' + (e as Error)?.message ?? 'unspecified error');
 	}
 }

package/src/github.d.ts

@@ -0,0 +1,11 @@
+type Issue = {
+    app_id: number;
+    private_key: string;
+    login_name: string;
+    repository_name: string;
+    issue_title: string;
+    issue_body: string;
+    issue_labels?: Array<string>;
+};
+export declare function create_github_issue(issue: Issue): Promise<void>;
+export {};

package/src/github.ts

@@ -0,0 +1,121 @@
+import crypto from 'node:crypto';
+import { log } from './utils';
+
+type InstallationResponse = Array<{
+	id: number,
+	account: {
+		login: string
+	},
+	access_tokens_url: string,
+	repositories_url: string
+}>;
+
+type AccessTokenResponse = {
+	token: string;
+};
+
+type RepositoryResponse = {
+	repositories: Array<{
+		full_name: string,
+		name: string,
+		url: string,
+		owner: {
+			login: string
+		}
+	}>
+};
+
+type IssueResponse = {
+	number: number,
+	url: string
+};
+
+type Issue = {
+	app_id: number,
+	private_key: string,
+	login_name: string,
+	repository_name: string,
+	issue_title: string,
+	issue_body: string
+	issue_labels?: Array<string>
+};
+
+function generate_jwt(app_id: number, private_key: string): string {
+	const encoded_header = Buffer.from(JSON.stringify({
+		alg: 'RS256',
+		typ: 'JWT'
+	})).toString('base64');
+
+	const encoded_payload = Buffer.from(JSON.stringify({
+		iat: Math.floor(Date.now() / 1000),
+		exp: Math.floor(Date.now() / 1000) + 60,
+		iss: app_id
+	})).toString('base64');
+
+	const sign = crypto.createSign('RSA-SHA256');
+	sign.update(encoded_header + '.' + encoded_payload);
+
+	return encoded_header + '.' + encoded_payload + '.' + sign.sign(private_key, 'base64');
+}
+
+async function request_endpoint(url: string, bearer: string, method: string = 'GET', body?: object): Promise<Response> {
+	return fetch(url, {
+		method,
+		body: body ? JSON.stringify(body) : undefined,
+		headers: {
+			Authorization: 'Bearer ' + bearer,
+			Accept: 'application/vnd.github.v3+json'
+		}
+	});
+}
+
+function check_response_is_ok(res: Response, message: string): void {
+	if (!res.ok)
+		throw new Error(message + ' (' + res.status + ' ' + res.statusText + ')');
+}
+
+export async function create_github_issue(issue: Issue): Promise<void> {
+	const jwt = generate_jwt(issue.app_id, issue.private_key);
+	const app_res = await request_endpoint('https://api.github.com/app', jwt);
+
+	check_response_is_ok(app_res, 'cannot authenticate GitHub app ' + issue.app_id);
+
+	const res_installs = await request_endpoint('https://api.github.com/app/installations', jwt);
+	check_response_is_ok(res_installs, 'cannot fetch GitHub app installations');
+
+	const json_installs = await res_installs.json() as InstallationResponse;
+
+	const login_name = issue.login_name.toLowerCase();
+	const install = json_installs.find((install) => install.account.login.toLowerCase() === login_name);
+
+	if (!install)
+		throw new Error('spooder-bot is not installed on account ' + login_name);
+
+	const res_access_token = await request_endpoint(install.access_tokens_url, jwt, 'POST');
+	check_response_is_ok(res_access_token, 'cannot fetch GitHub app access token');
+
+	const json_access_token = await res_access_token.json() as AccessTokenResponse;
+	const access_token = json_access_token.token;
+
+	const repositories = await request_endpoint(install.repositories_url, access_token);
+	check_response_is_ok(repositories, 'cannot fetch GitHub app repositories');
+
+	const repositories_json = await repositories.json() as RepositoryResponse;
+
+	const repository_name = issue.repository_name.toLowerCase();
+	const repository = repositories_json.repositories.find((repository) => repository.full_name.toLowerCase() === repository_name);
+
+	if (!repository)
+		throw new Error('spooder-bot is not installed on repository ' + repository_name);
+
+	const issue_res = await request_endpoint(repository.url + '/issues', access_token, 'POST', {
+		title: issue.issue_title,
+		body: issue.issue_body,
+		labels: issue.issue_labels
+	});
+
+	check_response_is_ok(issue_res, 'cannot create GitHub issue');
+
+	const json_issue = await issue_res.json() as IssueResponse;
+	log('raised canary issue #%d in %s: %s', json_issue.number, repository.full_name, json_issue.url);
+}