publicWagsHome/modules
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

pr review

Browse Source
This commit is contained in:
Garrett Delfosse
2024-05-02 12:50:36 -04:00
parent a239212f0b
commit daed803530
3 changed files with 35 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
github-upload-public-key/main.test.ts
View File

@@ -19,19 +19,37 @@ describe("github-upload-public-key", async () => {
});
it("creates new key if one does not exist", async () => {
const { instance, id } = await setupContainer();
const { instance, id, server } = await setupContainer();
await writeCoder(id, "echo foo");
let exec = await execContainer(id, ["bash", "-c", instance.script]);
let exec = await execContainer(id, [
"env",
"CODER_ACCESS_URL=" + server.url.toString().slice(0, -1),
"GITHUB_API_URL=" + server.url.toString().slice(0, -1),
"CODER_OWNER_SESSION_TOKEN=foo",
"CODER_EXTERNAL_AUTH_ID=github",
"bash",
"-c",
instance.script,
]);
expect(exec.stdout).toContain("Coder public SSH key uploaded to GitHub!");
expect(exec.exitCode).toBe(0);
// we need to increase timeout to pull the container
}, 15000);
it("does nothing if one already exists", async () => {
const { instance, id } = await setupContainer();
const { instance, id, server } = await setupContainer();
// use keyword to make server return a existing key
await writeCoder(id, "echo findkey");
let exec = await execContainer(id, ["bash", "-c", instance.script]);
let exec = await execContainer(id, [
"env",
"CODER_ACCESS_URL=" + server.url.toString().slice(0, -1),
"GITHUB_API_URL=" + server.url.toString().slice(0, -1),
"CODER_OWNER_SESSION_TOKEN=foo",
"CODER_EXTERNAL_AUTH_ID=github",
"bash",
"-c",
instance.script,
]);
expect(exec.stdout).toContain(
"Coder public SSH key is already uploaded to GitHub!",
);
@@ -46,15 +64,11 @@ const setupContainer = async (
const server = await setupServer();
const state = await runTerraformApply(import.meta.dir, {
agent_id: "foo",
// trim the trailing slash on the URL
access_url: server.url.toString().slice(0, -1),
owner_session_token: "bar",
github_api_url: server.url.toString().slice(0, -1),
...vars,
});
const instance = findResourceInstance(state, "coder_script");
const id = await runContainer(image);
return { id, instance };
return { id, instance, server };
};
const setupServer = async (): Promise<Server> => {

17
github-upload-public-key/main.tf
View File

@@ -26,26 +26,13 @@ variable "github_api_url" {
default = "https://api.github.com"
}
// Optional variables mostly for testing purposes, will normally come from data.coder_workspace.me
variable "access_url" {
type = string
description = "The access URL of the workspace."
default = ""
}
variable "owner_session_token" {
type = string
description = "The owner session token of the workspace."
default = ""
}
data "coder_workspace" "me" {}
resource "coder_script" "github_upload_public_key" {
agent_id = var.agent_id
script = templatefile("${path.module}/run.sh", {
CODER_OWNER_SESSION_TOKEN : var.owner_session_token != "" ? var.owner_session_token : data.coder_workspace.me.owner_session_token,
CODER_ACCESS_URL : var.access_url != "" ? var.access_url : data.coder_workspace.me.access_url,
CODER_OWNER_SESSION_TOKEN : data.coder_workspace.me.owner_session_token,
CODER_ACCESS_URL : data.coder_workspace.me.access_url,
CODER_EXTERNAL_AUTH_ID : var.external_auth_id,
GITHUB_API_URL : var.github_api_url,
})

34
github-upload-public-key/run.sh
View File

@@ -2,44 +2,34 @@
set -e
CODER_ACCESS_URL="${CODER_ACCESS_URL}"
CODER_OWNER_SESSION_TOKEN="${CODER_OWNER_SESSION_TOKEN}"
CODER_EXTERNAL_AUTH_ID="${CODER_EXTERNAL_AUTH_ID}"
GITHUB_API_URL="${GITHUB_API_URL}"
if [ -z "$CODER_ACCESS_URL" ]; then
echo "No coder access url specified!"
echo "No CODER_ACCESS_URL specified!"
exit 1
fi
if [ -z "$CODER_OWNER_SESSION_TOKEN" ]; then
echo "No coder owner session token specified!"
echo "No CODER_OWNER_SESSION_TOKEN specified!"
exit 1
fi
if [ -z "$CODER_EXTERNAL_AUTH_ID" ]; then
echo "No GitHub external auth id specified!"
echo "No CODER_EXTERNAL_AUTH_ID specified!"
exit 1
fi
if [ -z "$GITHUB_API_URL" ]; then
echo "No GitHub API URL specified!"
echo "No GITHUB_API_URL specified!"
exit 1
fi
echo "Fetching GitHub token..."
GITHUB_TOKEN=$(coder external-auth access-token $CODER_EXTERNAL_AUTH_ID)
if [ $? -ne 0 ]; then
echo "Failed to fetch GitHub token!"
printf "Authenticate with Github to automatically upload Coder public key:\n$GITHUB_TOKEN\n"
exit 1
fi
if [ -z "$GITHUB_TOKEN" ]; then
echo "No GitHub token found!"
exit 1
fi
echo "GitHub token found!"
echo "Fetching Coder public SSH key..."
echo "Fetching public key from Coder..."
PUBLIC_KEY_RESPONSE=$(
curl -L -s \
-w "\n%%{http_code}" \
@@ -55,16 +45,13 @@ if [ "$PUBLIC_KEY_RESPONSE_STATUS" -ne 200 ]; then
echo "$PUBLIC_KEY_BODY"
exit 1
fi
PUBLIC_KEY=$(jq -r '.public_key' <<< "$PUBLIC_KEY_BODY")
echo "Coder public SSH key found!"
if [ -z "$PUBLIC_KEY" ]; then
echo "No Coder public SSH key found!"
exit 1
fi
echo "Fetching GitHub public SSH keys..."
echo "Fetching public keys from GitHub..."
GITHUB_KEYS_RESPONSE=$(
curl -L -s \
-w "\n%%{http_code}" \
@@ -85,12 +72,11 @@ fi
GITHUB_MATCH=$(jq -r --arg PUBLIC_KEY "$PUBLIC_KEY" '.[] | select(.key == $PUBLIC_KEY) | .key' <<< "$GITHUB_KEYS_RESPONSE_BODY")
if [ "$PUBLIC_KEY" = "$GITHUB_MATCH" ]; then
echo "Coder public SSH key is already uploaded to GitHub!"
echo "Your Coder public key is already on GitHub!"
exit 0
fi
echo "Coder public SSH key not found in GitHub keys!"
echo "Uploading Coder public SSH key to GitHub..."
echo "Your Coder public key is not in GitHub. Adding it now..."
CODER_PUBLIC_KEY_NAME="$CODER_ACCESS_URL Workspaces"
UPLOAD_RESPONSE=$(
curl -L -s \
@@ -111,4 +97,4 @@ if [ "$UPLOAD_RESPONSE_STATUS" -ne 201 ]; then
exit 1
fi
echo "Coder public SSH key uploaded to GitHub!"
echo "Your Coder public key has been added to GitHub!"