Merge pull request #131 from trymist/github-deployment

GitHub deployment

Author: 07CalC

server/api/handlers/deployments/AddDeployHandler.go

@@ -7,6 +7,7 @@ import (
 	"github.com/corecollectives/mist/api/handlers"
 	"github.com/corecollectives/mist/api/middleware"
 	"github.com/corecollectives/mist/git"
+	"github.com/corecollectives/mist/github"
 	"github.com/corecollectives/mist/models"
 	"github.com/corecollectives/mist/queue"
 	"github.com/rs/zerolog/log"
@@ -74,6 +75,19 @@ func AddDeployHandler(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	// create github deployment
+	if app.GitRepository != nil {
+		depId, err := github.CreateDeployment(*app.GitRepository, app.GitBranch, int(user.ID))
+		if err != nil {
+			log.Err(err).Msg("failed to create github deployment")
+		}
+
+		deployment.GithubDepId = &depId
+		err = deployment.UpdateDeployment()
+		if err != nil {
+			log.Err(err).Msg("failed to update deployment with GH dep id")
+		}
+	}
 	if err := queue.AddJob(int64(deployment.ID)); err != nil {
 		handlers.SendResponse(w, http.StatusInternalServerError, false, nil, "failed to add job to queue", err.Error())
 		return

server/api/handlers/github/createApp.go

@@ -78,8 +78,8 @@ func CreateGithubApp(w http.ResponseWriter, r *http.Request) {
 		DefaultPermissions: map[string]string{
 			"contents":         "read",
 			"metadata":         "read",
-			"pull_requests":    "read",
-			"deployments":      "read",
+			"pull_requests":    "write",
+			"deployments":      "write",
 			"administration":   "write",
 			"repository_hooks": "write",
 		},

server/api/handlers/github/getBranches.go

@@ -30,7 +30,7 @@ func GetBranches(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	token, err := github.GetGitHubAccessToken(int(userInfo.ID))
+	token, _, err := github.GetGitHubAccessToken(int(userInfo.ID))
 	if err != nil {
 		handlers.SendResponse(w, http.StatusInternalServerError, false, nil, "Failed to get GitHub access token", err.Error())
 		return

server/api/handlers/github/repositories.go

@@ -2,16 +2,12 @@ package github
 
 import (
 	"encoding/json"
-	"errors"
 	"fmt"
 	"net/http"
-	"time"
 
 	"github.com/corecollectives/mist/api/handlers"
 	"github.com/corecollectives/mist/api/middleware"
 	"github.com/corecollectives/mist/github"
-	"github.com/corecollectives/mist/models"
-	"gorm.io/gorm"
 )
 
 type RepoListResponse struct {
@@ -26,40 +22,45 @@ func GetRepositories(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	installationID, err := models.GetInstallationID(int(userData.ID))
-	if errors.Is(err, gorm.ErrRecordNotFound) {
-		handlers.SendResponse(w, http.StatusNotFound, false, nil, "no installation found for user", "No installation found")
-		return
-	}
-	if err != nil {
-		handlers.SendResponse(w, http.StatusInternalServerError, false, nil, "database error", err.Error())
-		return
-	}
-
-	token, tokenExpires, appID, err := models.GetInstallationToken(installationID)
+	// installationID, err := models.GetInstallationID(int(userData.ID))
+	// if errors.Is(err, gorm.ErrRecordNotFound) {
+	// 	handlers.SendResponse(w, http.StatusNotFound, false, nil, "no installation found for user", "No installation found")
+	// 	return
+	// }
+	// if err != nil {
+	// 	handlers.SendResponse(w, http.StatusInternalServerError, false, nil, "database error", err.Error())
+	// 	return
+	// }
+
+	token, _, err := github.GetGitHubAccessToken(int(userData.ID))
 	if err != nil {
-		handlers.SendResponse(w, http.StatusInternalServerError, false, nil, "failed to fetch installation info", err.Error())
-		return
+		handlers.SendResponse(w, http.StatusInternalServerError, false, nil, "failed to fetch GH installation info", err.Error())
 	}
 
-	expiry, _ := time.Parse(time.RFC3339, tokenExpires)
-	if time.Now().After(expiry) {
-		appJWT, err := github.GenerateGithubJwt(appID)
-		if err != nil {
-			handlers.SendResponse(w, http.StatusInternalServerError, false, nil, "failed to generate app jwt", err.Error())
-			return
-		}
-
-		newToken, newExpiry, err := regenerateInstallationToken(appJWT, installationID)
-		if err != nil {
-			handlers.SendResponse(w, http.StatusInternalServerError, false, nil, "failed to refresh token", err.Error())
-			return
-		}
-
-		_ = models.UpdateInstallationToken(int64(installationID), newToken, newExpiry)
-
-		token = newToken
-	}
+	// token, tokenExpires, appID, err := models.GetInstallationToken(installationID)
+	// if err != nil {
+	// 	handlers.SendResponse(w, http.StatusInternalServerError, false, nil, "failed to fetch installation info", err.Error())
+	// 	return
+	// }
+	//
+	// expiry, _ := time.Parse(time.RFC3339, tokenExpires)
+	// if time.Now().After(expiry) {
+	// 	appJWT, err := github.GenerateGithubJwt(appID)
+	// 	if err != nil {
+	// 		handlers.SendResponse(w, http.StatusInternalServerError, false, nil, "failed to generate app jwt", err.Error())
+	// 		return
+	// 	}
+	//
+	// 	newToken, newExpiry, err := regenerateInstallationToken(appJWT, installationID)
+	// 	if err != nil {
+	// 		handlers.SendResponse(w, http.StatusInternalServerError, false, nil, "failed to refresh token", err.Error())
+	// 		return
+	// 	}
+	//
+	// 	_ = models.UpdateInstallationToken(int64(installationID), newToken, newExpiry)
+	//
+	// 	token = newToken
+	// }
 
 	allRepos := []any{}
 	page := 1
@@ -99,32 +100,3 @@ func GetRepositories(w http.ResponseWriter, r *http.Request) {
 	w.Header().Set("Content-Type", "application/json")
 	json.NewEncoder(w).Encode(allRepos)
 }
-
-func regenerateInstallationToken(appJWT string, installationID int64) (string, time.Time, error) {
-	url := fmt.Sprintf("https://api.github.com/app/installations/%d/access_tokens", installationID)
-
-	req, _ := http.NewRequest("POST", url, nil)
-	req.Header.Set("Authorization", "Bearer "+appJWT)
-	req.Header.Set("Accept", "application/vnd.github+json")
-
-	resp, err := http.DefaultClient.Do(req)
-	if err != nil {
-		return "", time.Time{}, err
-	}
-	defer resp.Body.Close()
-
-	if resp.StatusCode != http.StatusCreated {
-		return "", time.Time{}, fmt.Errorf("failed to create token, status %d", resp.StatusCode)
-	}
-
-	var tokenResp struct {
-		Token     string    `json:"token"`
-		ExpiresAt time.Time `json:"expires_at"`
-	}
-
-	if err := json.NewDecoder(resp.Body).Decode(&tokenResp); err != nil {
-		return "", time.Time{}, err
-	}
-
-	return tokenResp.Token, tokenResp.ExpiresAt, nil
-}

server/git/commit.go

@@ -24,14 +24,12 @@ func GetLatestCommit(appID int64, userID int64) (*models.LatestCommit, error) {
 		return nil, err
 	}
 	if gitProvider == nil && gitCloneUrl != nil {
-		fmt.Printf("no provider found")
 		return latestRemoteCommit(*gitCloneUrl)
 	} else if gitProvider == nil && gitCloneUrl == nil {
 		return nil, fmt.Errorf("git url or provider not given")
 	}
 
 	if *gitProvider == models.GitProviderGitHub {
-		fmt.Printf("github provider found")
 		return github.GetLatestCommit(appID, userID)
 	}
 	return nil, fmt.Errorf("failed to get latest commit")

server/github/deployment.go

@@ -0,0 +1,83 @@
+package github
+
+import (
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"strings"
+	"time"
+)
+
+func CreateDeployment(repo string, branch string, userId int) (int64, error) {
+
+	token, _, err := GetGitHubAccessToken(userId)
+	if err != nil {
+		return 0, fmt.Errorf("error getting GH token %w", err)
+	}
+	url := fmt.Sprintf("https://api.github.com/repos/%s/deployments", repo)
+	body := fmt.Sprintf(`{
+		"ref":"%s",
+		"environment":"production",
+		"required_contexts":[]
+	}`, branch)
+
+	req, _ := http.NewRequest("POST", url, strings.NewReader(body))
+	req.Header.Set("Authorization", "Bearer "+token)
+	req.Header.Set("Accept", "application/vnd.github+json")
+
+	client := &http.Client{Timeout: 30 * time.Second}
+	res, err := client.Do(req)
+	if err != nil {
+		return 0, err
+	}
+	defer res.Body.Close()
+
+	if res.StatusCode >= 300 {
+		b, _ := io.ReadAll(res.Body)
+		return 0, fmt.Errorf("github api error: %s", b)
+	}
+
+	var out struct {
+		ID int64 `json:"id"`
+	}
+
+	json.NewDecoder(res.Body).Decode(&out)
+
+	return out.ID, nil
+}
+
+func UpdateDeployment(repo string, depID int64, state string, message string, userID int) error {
+	token, _, err := GetGitHubAccessToken(userID)
+	if err != nil {
+		return fmt.Errorf("error getting GH token %w", err)
+	}
+	url := fmt.Sprintf(
+		"https://api.github.com/repos/%s/deployments/%d/statuses",
+		repo,
+		depID,
+	)
+	body := fmt.Sprintf(`{
+		"state":"%s",
+		"description":"%s"
+	}`, state, message)
+
+	req, _ := http.NewRequest("POST", url, strings.NewReader(body))
+	req.Header.Set("Authorization", "Bearer "+token)
+	req.Header.Set("Accept", "application/vnd.github+json")
+	req.Header.Set("Content-Type", "application/json")
+
+	client := &http.Client{Timeout: 30 * time.Second}
+	res, err := client.Do(req)
+	if err != nil {
+		return err
+	}
+	defer res.Body.Close()
+
+	if res.StatusCode >= 300 {
+		b, _ := io.ReadAll(res.Body)
+		return fmt.Errorf("github api error: %s", b)
+	}
+	return nil
+
+}

server/github/getAccessToken.go

@@ -10,25 +10,24 @@ import (
 	"github.com/corecollectives/mist/models"
 )
 
-func GetGitHubAccessToken(userID int) (string, error) {
-
+func GetGitHubAccessToken(userID int) (string, time.Time, error) {
 	app, _, err := models.GetApp(userID)
 	if err != nil {
-		return "", fmt.Errorf("failed to fetch github app credentials: %w", err)
+		return "", time.Time{}, fmt.Errorf("failed to fetch github app credentials: %w", err)
 	}
 
 	inst, err := models.GetInstallationByUserID(userID)
 	if err != nil {
-		return "", fmt.Errorf("failed to fetch github installation: %w", err)
+		return "", time.Time{}, fmt.Errorf("failed to fetch github installation: %w", err)
 	}
 
 	if time.Until(inst.TokenExpiresAt) > 5*time.Minute {
-		return inst.AccessToken, nil
+		return inst.AccessToken, inst.TokenExpiresAt, nil
 	}
 
 	jwt, err := GenerateGithubJwt(int(app.AppID))
 	if err != nil {
-		return "", fmt.Errorf("failed to create JWT: %w", err)
+		return "", time.Time{}, fmt.Errorf("failed to create JWT: %w", err)
 	}
 
 	url := fmt.Sprintf("https://api.github.com/app/installations/%d/access_tokens", inst.InstallationID)
@@ -39,25 +38,25 @@ func GetGitHubAccessToken(userID int) (string, error) {
 	client := &http.Client{}
 	resp, err := client.Do(req)
 	if err != nil {
-		return "", fmt.Errorf("failed to request installation token: %w", err)
+		return "", time.Time{}, fmt.Errorf("failed to request installation token: %w", err)
 	}
 	defer resp.Body.Close()
 
 	if resp.StatusCode != 201 {
 		var body bytes.Buffer
 		body.ReadFrom(resp.Body)
-		return "", fmt.Errorf("GitHub API error (%d): %s", resp.StatusCode, body.String())
+		return "", time.Time{}, fmt.Errorf("GitHub API error (%d): %s", resp.StatusCode, body.String())
 	}
 
 	var result struct {
 		Token     string    `json:"token"`
 		ExpiresAt time.Time `json:"expires_at"`
 	}
 	if err := json.NewDecoder(resp.Body).Decode(&result); err != nil {
-		return "", fmt.Errorf("failed to decode token response: %w", err)
+		return "", time.Time{}, fmt.Errorf("failed to decode token response: %w", err)
 	}
 
 	err = models.UpdateInstallationToken(inst.InstallationID, result.Token, result.ExpiresAt)
 
-	return result.Token, nil
+	return result.Token, result.ExpiresAt, nil
 }

server/models/deployment.go

@@ -30,6 +30,8 @@ type Deployment struct {
 	CommitMessage *string `json:"commit_message,omitempty"`
 	CommitAuthor  *string `json:"commit_author,omitempty"`
 
+	GithubDepId *int64 `json:"github_dep_id,omitempty"`
+
 	TriggeredBy *int64 `gorm:"constraint:OnDelete:SET NULL" json:"triggered_by,omitempty"`
 
 	DeploymentNumber *int `json:"deployment_number,omitempty"`
@@ -158,6 +160,10 @@ func GetCommitHashByDeploymentID(depID int64) (string, error) {
 	return d.CommitHash, nil
 }
 
+func (d *Deployment) UpdateDeployment() error {
+	return db.Model(&Deployment{}).Where("id = ?", d.ID).Updates(d).Error
+}
+
 func UpdateDeploymentStatus(depID int64, status, stage string, progress int, errorMsg *string) error {
 	var d Deployment
 	result := db.First(&d, "id = ?", depID)