From beb017c7c3386e8ff92b842f4a458521bd92c891 Mon Sep 17 00:00:00 2001 From: Sviatoslav Sydorenko Date: Mon, 22 Apr 2019 00:31:53 +0200 Subject: [PATCH] =?UTF-8?q?=E2=9C=A8=20Add=20initial=20receiver=20CLI=20sk?= =?UTF-8?q?eleton?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Ref #12 --- octomachinery/cli/__main__.py | 169 ++++++++++++++++++++++++++++++++++ octomachinery/cli/utils.py | 143 ++++++++++++++++++++++++++++ setup.cfg | 1 + 3 files changed, 313 insertions(+) create mode 100644 octomachinery/cli/__main__.py create mode 100644 octomachinery/cli/utils.py diff --git a/octomachinery/cli/__main__.py b/octomachinery/cli/__main__.py new file mode 100644 index 0000000..83fffe3 --- /dev/null +++ b/octomachinery/cli/__main__.py @@ -0,0 +1,169 @@ +#! /usr/bin/env python3 +"""Octomachinery CLI entrypoint.""" + +import asyncio +import importlib +import json +import os +import pathlib +import tempfile + +import click + +from ..app.action.runner import run as process_action +from .utils import ( + augment_http_headers, make_http_headers_from_event, + parse_event_stub_from_fd, validate_http_headers, +) + + +@click.group() +@click.pass_context +def cli(ctx): + """Click CLI base.""" + pass + + +@cli.command() +@click.option('--event', '-e', prompt=True, type=str) +@click.option('--payload-path', '-p', prompt=True, type=click.File(mode='r')) +@click.option('--token', '-t', prompt=True, type=str) +@click.option('--app', '-a', prompt=True, type=int) +@click.option('--private-key', '-P', prompt=True, type=click.File(mode='r')) +@click.option('--entrypoint-module', '-m', prompt=True, type=str) +@click.pass_context +def receive( + ctx, + event, payload_path, + token, + app, private_key, + entrypoint_module, +): + """Webhook event receive command.""" + app_missing_private_key = app is not None and not private_key + if app_missing_private_key: + ctx.fail('App requires a private key') + + creds_present = token or (app and private_key) + if not creds_present: + ctx.fail('Any GitHub auth credentials are missing') + + too_many_creds_present = token and (app or private_key) + if not too_many_creds_present: + ctx.fail( + 'Please choose between a token or an app id with a private key', + ) + + http_headers, event_data = parse_event_stub_from_fd(payload_path) + + if event and http_headers: + ctx.fail('Supply only one of an event name or an event fixture file') + + if http_headers: + http_headers = augment_http_headers(http_headers) + event = http_headers['x-github-event'] + else: + http_headers = make_http_headers_from_event(event) + validate_http_headers(http_headers) + + if app is None: + _process_event_as_action( + event, event_data, + token, + entrypoint_module, + ) + else: + asyncio.run(_process_event_as_app( + http_headers, event_data, + app, private_key, + entrypoint_module, + )) + + +def _process_event_as_action( + event, event_data, + token, + entrypoint_module, +): + os.environ['OCTOMACHINERY_APP_MODE'] = 'action' + + os.environ['GITHUB_ACTION'] = 'Fake CLI Action' + os.environ['GITHUB_ACTOR'] = event_data['sender']['login'] + os.environ['GITHUB_EVENT_NAME'] = event + os.environ['GITHUB_WORKSPACE'] = str(pathlib.Path('.').resolve()) + os.environ['GITHUB_SHA'] = event_data['head_commit']['id'] + os.environ['GITHUB_REF'] = event_data['ref'] + os.environ['GITHUB_REPOSITORY'] = event_data['repository']['full_name'] + os.environ['GITHUB_TOKEN'] = token + os.environ['GITHUB_WORKFLOW'] = 'Fake CLI Workflow' + + with tempfile.NamedTemporaryFile( + suffix='.json', prefix='github-workflow-event-', + ) as tmp_event_file: + json.dump(tmp_event_file, event_data) + os.environ['GITHUB_EVENT_PATH'] = tmp_event_file.name + importlib.import_module(entrypoint_module) + process_action() + + +async def _process_event_as_app( + http_headers, event_data, + app, private_key, + entrypoint_module, +): + os.environ['OCTOMACHINERY_APP_MODE'] = 'app' + + os.environ['GITHUB_APP_IDENTIFIER'] = str(app) + os.environ['GITHUB_PRIVATE_KEY'] = private_key.read() + + importlib.import_module(entrypoint_module) + from ..app.routing.webhooks_dispatcher import route_github_webhook_event + from ..app.runtime.context import RUNTIME_CONTEXT + from ..app.config import BotAppConfig + from ..github.api.app_client import GitHubApp + from aiohttp.client import ClientSession + from aiohttp.web_request import Request + config = BotAppConfig.from_dotenv() + from aiohttp.http_parser import RawRequestMessage + import yarl + + class protocol_stub: + class transp: + get_extra_info = lambda *a, **k: None + transport = transp() + message = RawRequestMessage( + 'POST', '/', 'HTTP/1.1', + http_headers, + None, None, None, None, None, + yarl.URL('/'), + ) + http_request = Request( + message=message, + payload=None, # dummy + protocol=protocol_stub(), + payload_writer=None, # dummy + task=None, # dummy + loop=asyncio.get_running_loop(), + ) + + async def read_coro(): + return json.dumps(event_data).encode() + http_request.read = read_coro + async with ClientSession() as http_client_session: + async with GitHubApp( + config.github, + http_session=http_client_session, + ) as github_app: + # pylint: disable=assigning-non-slot + RUNTIME_CONTEXT.github_app = ( + github_app + ) + await route_github_webhook_event(http_request) + + +def main(): + """CLI entrypoint.""" + return cli(obj={}, auto_envvar_prefix='OCTOMACHINERY_CLI_') + + +__name__ == '__main__' and main() diff --git a/octomachinery/cli/utils.py b/octomachinery/cli/utils.py new file mode 100644 index 0000000..4f98500 --- /dev/null +++ b/octomachinery/cli/utils.py @@ -0,0 +1,143 @@ +"""Utility helpers for CLI.""" + +import contextlib +import itertools +import json +from uuid import UUID, uuid4 + +import multidict +import yaml + + +def _probe_yaml(event_file_fd): + try: + http_headers, event, extra = itertools.islice( + itertools.chain( + yaml.safe_load_all(event_file_fd), + (None, ) * 3, + ), + 3, + ) + except yaml.parser.ParserError: + raise ValueError('YAML file is not valid') + finally: + event_file_fd.seek(0) + + if extra is not None: + raise ValueError('YAML file must only contain 1–2 documents') + + if event is None: + event = http_headers + http_headers = () + + if event is None: + raise ValueError('YAML file must contain 1–2 non-empty documents') + + return http_headers, event + + +def _probe_jsonl(event_file_fd): + event = None + + first_line = event_file_fd.readline() + second_line = event_file_fd.readline() + third_line = event_file_fd.readline() + event_file_fd.seek(0) + + if third_line: + raise ValueError('JSONL file must only contain 1–2 JSON lines') + + http_headers = json.loads(first_line) + + with contextlib.suppress(ValueError): + event = json.loads(second_line) + + if event is None: + event = http_headers + http_headers = () + + return http_headers, event + + +def _probe_json(event_file_fd): + event = json.load(event_file_fd) + event_file_fd.seek(0) + + if not isinstance(event, dict): + raise ValueError('JSON file must only contain an object mapping') + + http_headers = () + + return http_headers, event + + +def _parse_fd_content(event_file_fd): + """Guess file content type and read event with HTTP headers.""" + for event_reader in _probe_yaml, _probe_jsonl, _probe_json: + with contextlib.suppress(ValueError): + return event_reader(event_file_fd) + + raise ValueError( + 'The input event VCR file has invalid structure. ' + 'It must be either of YAML, JSONL or JSON.', + ) + + +def _transform_http_headers_list_to_multidict(headers): + if isinstance(headers, dict): + raise ValueError( + 'Headers must be a sequence of mappings because keys can repeat', + ) + return multidict.CIMultiDict(next(iter(h.items()), ()) for h in headers) + + +def parse_event_stub_from_fd(event_file_fd): + """Read event with HTTP headers as CIMultiDict instance.""" + http_headers, event = _parse_fd_content(event_file_fd) + return _transform_http_headers_list_to_multidict(http_headers), event + + +def validate_http_headers(headers): + """Verify that HTTP headers look sane.""" + if headers['content-type'] != 'application/json': + raise ValueError("Content-Type must be 'application/json'") + + if not headers['user-agent'].startswith('GitHub-Hookshot/'): + raise ValueError("User-Agent must start with 'GitHub-Hookshot/'") + + x_gh_delivery_exc = ValueError('X-GitHub-Delivery must be of type UUID4') + try: + x_gh_delivery_uuid = UUID(headers['x-github-delivery']) + except ValueError: + raise x_gh_delivery_exc + if x_gh_delivery_uuid.version != 4: + raise x_gh_delivery_exc + + if not isinstance(headers['x-github-event'], str): + raise ValueError('X-GitHub-Event must be a string') + + +def augment_http_headers(headers): + """Add fake HTTP headers for the missing positions.""" + fake_headers = make_http_headers_from_event(headers['x-github-event']) + + if 'content-type' not in headers: + headers['content-type'] = fake_headers['content-type'] + + if 'user-agent' not in headers: + headers['user-agent'] = fake_headers['user-agent'] + + if 'x-github-delivery' not in headers: + headers['x-github-delivery'] = fake_headers['x-github-delivery'] + + return headers + + +def make_http_headers_from_event(event_name): + """Generate fake HTTP headers with the given event name.""" + return multidict.CIMultiDict({ + 'content-type': 'application/json', + 'user-agent': 'GitHub-Hookshot/fallback-value', + 'x-github-delivery': str(uuid4()), + 'x-github-event': event_name, + }) diff --git a/setup.cfg b/setup.cfg index 3b1e375..9ba892a 100644 --- a/setup.cfg +++ b/setup.cfg @@ -86,6 +86,7 @@ setup_requires = # These are required in actual runtime: install_requires = aiohttp + click cryptography environ-config >= 19.1.0 envparse