app_v2_github.go 6.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162
  1. package webhook
  2. import (
  3. "net/http"
  4. "connectrpc.com/connect"
  5. "github.com/google/go-github/v41/github"
  6. "github.com/google/uuid"
  7. porterv1 "github.com/porter-dev/api-contracts/generated/go/porter/v1"
  8. "github.com/porter-dev/porter/api/server/authz"
  9. "github.com/porter-dev/porter/api/server/handlers"
  10. "github.com/porter-dev/porter/api/server/shared"
  11. "github.com/porter-dev/porter/api/server/shared/apierrors"
  12. "github.com/porter-dev/porter/api/server/shared/config"
  13. "github.com/porter-dev/porter/api/server/shared/requestutils"
  14. "github.com/porter-dev/porter/api/types"
  15. "github.com/porter-dev/porter/internal/models"
  16. "github.com/porter-dev/porter/internal/telemetry"
  17. )
  18. // GithubWebhookHandler handles webhooks sent to /api/webhooks/github/{project_id}/{cluster_id}/{porter_app_name}
  19. type GithubWebhookHandler struct {
  20. handlers.PorterHandlerReadWriter
  21. authz.KubernetesAgentGetter
  22. }
  23. // NewGithubWebhookHandler returns a GithubWebhookHandler
  24. func NewGithubWebhookHandler(
  25. config *config.Config,
  26. decoderValidator shared.RequestDecoderValidator,
  27. writer shared.ResultWriter,
  28. ) *GithubWebhookHandler {
  29. return &GithubWebhookHandler{
  30. PorterHandlerReadWriter: handlers.NewDefaultPorterHandler(config, decoderValidator, writer),
  31. KubernetesAgentGetter: authz.NewOutOfClusterAgentGetter(config),
  32. }
  33. }
  34. // ServeHTTP handles the webhook and deletes the deployment target if a PR has been closed
  35. func (c *GithubWebhookHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
  36. ctx, span := telemetry.NewSpan(r.Context(), "serve-github-webhook")
  37. defer span.End()
  38. payload, err := github.ValidatePayload(r, []byte(c.Config().ServerConf.GithubIncomingWebhookSecret))
  39. if err != nil {
  40. err := telemetry.Error(ctx, span, err, "could not validate payload")
  41. c.HandleAPIError(w, r, apierrors.NewErrPassThroughToClient(err, http.StatusBadRequest))
  42. return
  43. }
  44. event, err := github.ParseWebHook(github.WebHookType(r), payload)
  45. if err != nil {
  46. err := telemetry.Error(ctx, span, err, "could not parse webhook")
  47. c.HandleAPIError(w, r, apierrors.NewErrPassThroughToClient(err, http.StatusBadRequest))
  48. return
  49. }
  50. appName, reqErr := requestutils.GetURLParamString(r, types.URLParamPorterAppName)
  51. if reqErr != nil {
  52. err := telemetry.Error(ctx, span, nil, "error parsing porter app name")
  53. c.HandleAPIError(w, r, apierrors.NewErrPassThroughToClient(err, http.StatusBadRequest))
  54. return
  55. }
  56. telemetry.WithAttributes(span, telemetry.AttributeKV{Key: "application-name", Value: appName})
  57. clusterID, reqErr := requestutils.GetURLParamUint(r, types.URLParamClusterID)
  58. if reqErr != nil {
  59. err := telemetry.Error(ctx, span, nil, "error parsing cluster id")
  60. c.HandleAPIError(w, r, apierrors.NewErrPassThroughToClient(err, http.StatusBadRequest))
  61. return
  62. }
  63. projectID, reqErr := requestutils.GetURLParamUint(r, types.URLParamProjectID)
  64. if reqErr != nil {
  65. err := telemetry.Error(ctx, span, nil, "error parsing project id")
  66. c.HandleAPIError(w, r, apierrors.NewErrPassThroughToClient(err, http.StatusBadRequest))
  67. return
  68. }
  69. telemetry.WithAttributes(span, telemetry.AttributeKV{Key: "project-id", Value: projectID})
  70. telemetry.WithAttributes(span, telemetry.AttributeKV{Key: "cluster-id", Value: clusterID})
  71. porterApps, err := c.Repo().PorterApp().ReadPorterAppsByProjectIDAndName(projectID, appName)
  72. if err != nil {
  73. err := telemetry.Error(ctx, span, err, "error getting porter app from repo")
  74. c.HandleAPIError(w, r, apierrors.NewErrPassThroughToClient(err, http.StatusInternalServerError))
  75. return
  76. }
  77. if len(porterApps) == 0 {
  78. err := telemetry.Error(ctx, span, err, "error getting porter app from repo")
  79. c.HandleAPIError(w, r, apierrors.NewErrPassThroughToClient(err, http.StatusInternalServerError))
  80. return
  81. }
  82. if len(porterApps) > 1 {
  83. err := telemetry.Error(ctx, span, err, "multiple porter apps returned; unable to determine which one to use")
  84. c.HandleAPIError(w, r, apierrors.NewErrPassThroughToClient(err, http.StatusInternalServerError))
  85. return
  86. }
  87. app := porterApps[0]
  88. if app.ID == 0 {
  89. err := telemetry.Error(ctx, span, err, "porter app id is missing")
  90. c.HandleAPIError(w, r, apierrors.NewErrPassThroughToClient(err, http.StatusInternalServerError))
  91. return
  92. }
  93. if app.ClusterID != clusterID {
  94. err := telemetry.Error(ctx, span, err, "porter app cluster id does not match")
  95. c.HandleAPIError(w, r, apierrors.NewErrPassThroughToClient(err, http.StatusInternalServerError))
  96. return
  97. }
  98. telemetry.WithAttributes(span, telemetry.AttributeKV{Key: "porter-app-id", Value: app.ID})
  99. switch event := event.(type) {
  100. case *github.PullRequestEvent:
  101. if event.GetAction() != "closed" {
  102. c.WriteResult(w, r, nil)
  103. return
  104. }
  105. branch := event.GetPullRequest().GetHead().GetRef()
  106. telemetry.WithAttributes(span, telemetry.AttributeKV{Key: "event-branch", Value: branch})
  107. deploymentTarget, err := c.Repo().DeploymentTarget().DeploymentTargetBySelectorAndSelectorType(
  108. projectID,
  109. clusterID,
  110. branch,
  111. string(models.DeploymentTargetSelectorType_Namespace),
  112. )
  113. if err != nil {
  114. err := telemetry.Error(ctx, span, err, "error getting deployment target")
  115. c.HandleAPIError(w, r, apierrors.NewErrPassThroughToClient(err, http.StatusInternalServerError))
  116. return
  117. }
  118. if deploymentTarget.ID == uuid.Nil || !deploymentTarget.Preview {
  119. c.WriteResult(w, r, nil)
  120. return
  121. }
  122. telemetry.WithAttributes(span, telemetry.AttributeKV{Key: "deployment-target-id", Value: deploymentTarget.ID.String()})
  123. if deploymentTarget.ClusterID != int(clusterID) {
  124. err := telemetry.Error(ctx, span, err, "deployment target cluster id does not match")
  125. c.HandleAPIError(w, r, apierrors.NewErrPassThroughToClient(err, http.StatusBadRequest))
  126. return
  127. }
  128. deleteTargetReq := connect.NewRequest(&porterv1.DeleteDeploymentTargetRequest{
  129. ProjectId: int64(projectID),
  130. DeploymentTargetId: deploymentTarget.ID.String(),
  131. })
  132. _, err = c.Config().ClusterControlPlaneClient.DeleteDeploymentTarget(ctx, deleteTargetReq)
  133. if err != nil {
  134. err := telemetry.Error(ctx, span, err, "error deleting deployment target")
  135. c.HandleAPIError(w, r, apierrors.NewErrPassThroughToClient(err, http.StatusInternalServerError))
  136. return
  137. }
  138. }
  139. c.WriteResult(w, r, nil)
  140. }