1.15.9 (#127)

* add close alert threshold to prevent Ok - Warning back and forth

* remove part about repo being deleted, no longer behavior

* resource sync share general common

* remove this changelog. use releases

* remove changelog from readme

* write commit file clean up path

* docs: supports any git provider repo

* fix docs: authorization

* multiline command supports escaped newlines

* move webhook to build config advanced

* parser comments with escaped newline

* improve parser

* save use Enter. escape monaco using escape

* improve logic when deployment / stack action buttons shown

* used_mem = total - available

* Fix unrecognized path have 404

* webhooks will 404 if misconfigured

* move update logger / alerter

* delete migrator

* update examples

* publish typescript client komodo_client

Cargo.toml

@@ -1,9 +1,15 @@
 [workspace]
 resolver = "2"
-members = ["bin/*", "lib/*", "client/core/rs", "client/periphery/rs"]
+members = [
+	"bin/*",
+	"lib/*",
+	"example/*",
+	"client/core/rs",
+	"client/periphery/rs",
+]
 
 [workspace.package]
-version = "1.15.8"
+version = "1.15.9"
 edition = "2021"
 authors = ["mbecker20 <[email protected]>"]
 license = "GPL-3.0-or-later"
@@ -108,4 +114,4 @@ octorust = "0.7.0"
 dashmap = "6.1.0"
 colored = "2.1.0"
 regex = "1.11.0"
-bson = "2.13.0"
+bson = "2.13.0"

bin/core/alpine.Dockerfile

@@ -16,7 +16,7 @@ WORKDIR /builder
 COPY ./frontend ./frontend
 COPY ./client/core/ts ./client
 RUN cd client && yarn && yarn build && yarn link
-RUN cd frontend && yarn link @komodo/client && yarn && yarn build
+RUN cd frontend && yarn link komodo_client && yarn && yarn build
 
 # Final Image
 FROM alpine:3.20

bin/core/debian.Dockerfile

@@ -10,7 +10,7 @@ WORKDIR /builder
 COPY ./frontend ./frontend
 COPY ./client/core/ts ./client
 RUN cd client && yarn && yarn build && yarn link
-RUN cd frontend && yarn link @komodo/client && yarn && yarn build
+RUN cd frontend && yarn link komodo_client && yarn && yarn build
 
 # Final Image
 FROM debian:bullseye-slim

bin/core/src/listener/github/build.rs

@@ -6,7 +6,9 @@ use komodo_client::{
   api::execute::RunBuild,
   entities::{build::Build, user::git_webhook_user},
 };
+use reqwest::StatusCode;
 use resolver_api::Resolve;
+use serror::AddStatusCode;
 
 use crate::{
   api::execute::ExecuteRequest,
@@ -20,22 +22,30 @@ fn build_locks() -> &'static ListenerLockCache {
   BUILD_LOCKS.get_or_init(Default::default)
 }
 
-pub async fn handle_build_webhook(
-  build_id: String,
+pub async fn auth_build_webhook(
+  build_id: &str,
   headers: HeaderMap,
+  body: &str,
+) -> serror::Result<Build> {
+  let build = resource::get::<Build>(build_id)
+    .await
+    .status_code(StatusCode::NOT_FOUND)?;
+  verify_gh_signature(headers, body, &build.config.webhook_secret)
+    .await
+    .status_code(StatusCode::UNAUTHORIZED)?;
+  Ok(build)
+}
+
+pub async fn handle_build_webhook(
+  build: Build,
   body: String,
 ) -> anyhow::Result<()> {
   // Acquire and hold lock to make a task queue for
   // subsequent listener calls on same resource.
   // It would fail if we let it go through from action state busy.
-  let lock = build_locks().get_or_insert_default(&build_id).await;
+  let lock = build_locks().get_or_insert_default(&build.id).await;
   let _lock = lock.lock().await;
 
-  let build = resource::get::<Build>(&build_id).await?;
-
-  verify_gh_signature(headers, &body, &build.config.webhook_secret)
-    .await?;
-
   if !build.config.webhook_enabled {
     return Err(anyhow!("build does not have webhook enabled"));
   }
@@ -46,7 +56,7 @@ pub async fn handle_build_webhook(
   }
 
   let user = git_webhook_user().to_owned();
-  let req = ExecuteRequest::RunBuild(RunBuild { build: build_id });
+  let req = ExecuteRequest::RunBuild(RunBuild { build: build.id });
   let update = init_execution_update(&req, &user).await?;
   let ExecuteRequest::RunBuild(req) = req else {
     unreachable!()