Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove database use from handleRelevantRepositoryEvent #4705

Merged
merged 7 commits into from
Oct 11, 2024
Merged

Remove database use from handleRelevantRepositoryEvent #4705

merged 7 commits into from
Oct 11, 2024

Conversation

jhrozek
Copy link
Contributor

@jhrozek jhrozek commented Oct 9, 2024
edited
Loading

Summary

  • Add Property.Equal - Comparing properties will be useful to check if a matching property is a subset of the retrieved properties.
  • Add WithMatchProps to the HandleEntityAndDoMessage - We'll match the received entity on these properties
  • Don't forward entity if it doesn't match message.MatchProps - After receiving an entity, check if the message.MatchProps map is set. If yes, make sure that it is a subset of the properties of the entity just received. If it is not, drop the message. This will allow us to restrict forwarding the message by properties set by the caller.
  • Use the handler forwarding to evaluate repository/meta messages - Instead of fetching the repo directly in the handler and forwarding to a handler, create a NewEntityRefreshAndDoMessage message and offload the entity processing to minder-core. This removes the last piece of the github webhook that was directly touching the database with the exception of looking up the github app installation.

Fixes: #4703

Change Type

  • Bug fix (resolves an issue without affecting existing features)
  • Feature (adds new functionality without breaking changes)
  • Breaking change (may impact existing functionalities or require documentation updates)
  • Documentation (updates or additions to documentation)
  • Refactoring or test improvements (no bug fixes or new functionality)

Testing

mostly unit tests + adding and removing repos

Review Checklist:

  • Reviewed my own code for quality and clarity.
  • Added comments to complex or tricky code sections.
  • Updated any affected documentation.
  • Included tests that validate the fix or feature.
  • Checked that related changes are merged.

@jhrozek
Copy link
Contributor Author

jhrozek commented Oct 9, 2024

@JAORMX I think that rebasing #4704 onto this PR will make your tests work.

@jhrozek jhrozek force-pushed the relevant_repo_new_handler branch from 2662c7f to 7267e59 Compare October 10, 2024 20:36
@jhrozek jhrozek marked this pull request as ready for review October 10, 2024 20:36
jhrozek
jhrozek commented Oct 10, 2024
View reviewed changes
internal/controlplane/handlers_githubwebhooks.go
// If not, this means we got a deleted event for a
// webhook ID that doesn't correspond to the
// one we have stored in the DB.
matchHookProps, err := properties.NewProperties(map[string]any{
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This codepath was not easy to test. In the end I resorted to a trick and:

  • registered a repo
  • changed the hookID value in the DB
  • deleted the webhook
  • made sure the message is ignored

@coveralls
Copy link

coveralls commented Oct 11, 2024
edited
Loading

Coverage Status

coverage: 53.191% (+0.06%) from 53.133%
when pulling c67653b on jhrozek:relevant_repo_new_handler
into 01be8a3 on stacklok:main.

JAORMX
JAORMX reviewed Oct 11, 2024
View reviewed changes
internal/entities/handlers/handler.go Outdated Show resolved Hide resolved
internal/entities/handlers/handler.go Outdated Show resolved Hide resolved
internal/entities/handlers/handler.go Show resolved Hide resolved
internal/entities/handlers/message/message.go Show resolved Hide resolved
@jhrozek jhrozek force-pushed the relevant_repo_new_handler branch from 7267e59 to 14aa03b Compare October 11, 2024 09:51
JAORMX
JAORMX previously approved these changes Oct 11, 2024
View reviewed changes
@jhrozek
Add Property.Equal
e6e85ef 
Comparing properties will be useful to check if a matching property is a
subset of the retrieved properties.
@jhrozek
Add WithMatchProps to the HandleEntityAndDoMessage
972aa1c 
We'll match the received entity on these properties
@jhrozek
Don't forward entity if it doesn't match message.MatchProps
25f646b 
After receiving an entity, check if the `message.MatchProps` map is set.
If yes, make sure that it is a subset of the properties of the entity
just received. If it is not, drop the message.

This will allow us to restrict forwarding the message by properties set
by the caller.
@jhrozek
Use the handler forwarding to evaluate repository/meta messages
9d78c81 
Instead of fetching the repo directly in the handler and forwarding
to a handler, create a NewEntityRefreshAndDoMessage message and offload
the entity processing to minder-core.

This removes the last piece of the github webhook that was directly
touching the database with the exception of looking up the github app
installation.

Fixes: mindersec#4703
@jhrozek
Review feedback: Add specific error codes when handling property matc…
7960d4b 
…h hint and private/archived repos
@jhrozek
Review feedback: Add comment to matchPropertiesCheck
bcccde7
@jhrozek
Review feedback: Add comment to HandleEntityAndDoMessage.MatchProps
c67653b
@jhrozek jhrozek force-pushed the relevant_repo_new_handler branch 2 times, most recently from 9948f1c to c67653b Compare October 11, 2024 11:08
@jhrozek jhrozek merged commit 8e7669f into mindersec:main Oct 11, 2024
20 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JAORMX JAORMX JAORMX approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Remove database use from handleRelevantRepositoryEvent
3 participants
@jhrozek @coveralls @JAORMX