From fca322c4a0098abd59b35b3d19d589736ef59ed4 Mon Sep 17 00:00:00 2001 From: Eric McDaniel Date: Tue, 7 May 2024 19:21:58 -0400 Subject: [PATCH 1/3] Add move action (#340) * Add move action * Use transaction * Use cte instead of transaction --------- Co-authored-by: Kalil Smith-Nuevelle --- core/actions/_lib/runActionInstance.ts | 4 ++ core/actions/api/index.ts | 2 + core/actions/move/action.ts | 16 +++++++ core/actions/move/run.ts | 42 +++++++++++++++++++ core/actions/runs.ts | 1 + core/actions/types.ts | 3 +- core/kysely/types/public/Action.ts | 1 + core/kysely/types/public/PublicSchema.ts | 4 +- .../migration.sql | 2 + core/prisma/schema.prisma | 1 + .../contracts/src/resources/integrations.ts | 1 + packages/ui/src/icon.tsx | 1 + 12 files changed, 75 insertions(+), 3 deletions(-) create mode 100644 core/actions/move/action.ts create mode 100644 core/actions/move/run.ts create mode 100644 core/prisma/migrations/20240506184830_add_move_action/migration.sql diff --git a/core/actions/_lib/runActionInstance.ts b/core/actions/_lib/runActionInstance.ts index af0ffd3b4..60011e814 100644 --- a/core/actions/_lib/runActionInstance.ts +++ b/core/actions/_lib/runActionInstance.ts @@ -1,5 +1,6 @@ "use server"; +import { revalidateTag } from "next/cache"; import { captureException } from "@sentry/nextjs"; import { sql } from "kysely"; @@ -117,8 +118,11 @@ const _runActionInstance = async ({ values: values as any, }, runParameters: runParameters, + stageId: actionInstance.stageId, }); + revalidateTag(`community-stages_${pub.communityId}`); + return result; } catch (error) { captureException(error); diff --git a/core/actions/api/index.ts b/core/actions/api/index.ts index de4868c3b..933e0b90c 100644 --- a/core/actions/api/index.ts +++ b/core/actions/api/index.ts @@ -3,6 +3,7 @@ import type Event from "~/kysely/types/public/Event"; import * as email from "../email/action"; import * as log from "../log/action"; +import * as move from "../move/action"; import * as pdf from "../pdf/action"; import * as pushToV6 from "../pushToV6/action"; @@ -11,6 +12,7 @@ export const actions = { [pdf.action.name]: pdf.action, [email.action.name]: email.action, [pushToV6.action.name]: pushToV6.action, + [move.action.name]: move.action, } as const; export const getActionByName = (name: keyof typeof actions) => { diff --git a/core/actions/move/action.ts b/core/actions/move/action.ts new file mode 100644 index 000000000..f74557028 --- /dev/null +++ b/core/actions/move/action.ts @@ -0,0 +1,16 @@ +import * as z from "zod"; + +import { MoveHorizontal } from "ui/icon"; + +import { defineAction } from "../types"; + +export const action = defineAction({ + name: "move", + config: z.object({ + stage: z.string().describe("Destination stage"), + }), + description: "Move a pub to a different stage", + runParameters: z.object({}).optional(), + pubFields: [], + icon: MoveHorizontal, +}); diff --git a/core/actions/move/run.ts b/core/actions/move/run.ts new file mode 100644 index 000000000..e92be1ddd --- /dev/null +++ b/core/actions/move/run.ts @@ -0,0 +1,42 @@ +"use server"; + +import { logger } from "logger"; + +import type { action } from "./action"; +import type { PubsId } from "~/kysely/types/public/Pubs"; +import type { StagesId } from "~/kysely/types/public/Stages"; +import { db } from "~/kysely/database"; +import { defineRun } from "../types"; + +export const run = defineRun(async ({ pub, config, stageId }) => { + try { + await db + .with("leave-stage", (db) => + db + .deleteFrom("PubsInStages") + .where("pubId", "=", pub.id as PubsId) + .where("stageId", "=", stageId) + ) + .insertInto("PubsInStages") + .values({ + pubId: pub.id as PubsId, + stageId: config.stage as StagesId, + }) + .execute(); + } catch (error) { + logger.error({ msg: "move", error }); + return { + title: "Failed to move pub", + error: "An error occured while moving the pub", + cause: error, + }; + } + + logger.info({ msg: "move", pub, config }); + + return { + success: true, + report: "Pub moved", + data: {}, + }; +}); diff --git a/core/actions/runs.ts b/core/actions/runs.ts index 8080467e5..44dae2ff6 100644 --- a/core/actions/runs.ts +++ b/core/actions/runs.ts @@ -1,4 +1,5 @@ export { run as pdf } from "./pdf/run"; export { run as email } from "./email/run"; export { run as log } from "./log/run"; +export { run as move } from "./move/run"; export { run as pushToV6 } from "./pushToV6/run"; diff --git a/core/actions/types.ts b/core/actions/types.ts index 8fa58601d..8de6c2a77 100644 --- a/core/actions/types.ts +++ b/core/actions/types.ts @@ -5,6 +5,7 @@ import type * as Icons from "ui/icon"; import type { CorePubField } from "./corePubFields"; import type { ClientExceptionOptions } from "~/lib/serverActions"; +import { StagesId } from "~/kysely/types/public/Stages"; export type ActionPubType = CorePubField[]; @@ -17,7 +18,7 @@ export type ActionPub = { export type RunProps = T extends Action - ? { config: AC; pub: ActionPub; runParameters: RP } + ? { config: AC; pub: ActionPub; runParameters: RP; stageId: StagesId } : never; export type ConfigProps = { diff --git a/core/kysely/types/public/Action.ts b/core/kysely/types/public/Action.ts index 3db41fde0..502e771ce 100644 --- a/core/kysely/types/public/Action.ts +++ b/core/kysely/types/public/Action.ts @@ -7,6 +7,7 @@ enum Action { pdf = "pdf", email = "email", pushToV6 = "pushToV6", + move = "move", } export default Action; diff --git a/core/kysely/types/public/PublicSchema.ts b/core/kysely/types/public/PublicSchema.ts index bc3513e3f..ca7195af0 100644 --- a/core/kysely/types/public/PublicSchema.ts +++ b/core/kysely/types/public/PublicSchema.ts @@ -30,8 +30,6 @@ import { type default as StagesTable } from "./Stages"; import { type default as UsersTable } from "./Users"; export default interface PublicSchema { - rules: RulesTable; - _prisma_migrations: PrismaMigrationsTable; users: UsersTable; @@ -83,4 +81,6 @@ export default interface PublicSchema { action_instances: ActionInstancesTable; PubsInStages: PubsInStagesTable; + + rules: RulesTable; } diff --git a/core/prisma/migrations/20240506184830_add_move_action/migration.sql b/core/prisma/migrations/20240506184830_add_move_action/migration.sql new file mode 100644 index 000000000..1c950ff64 --- /dev/null +++ b/core/prisma/migrations/20240506184830_add_move_action/migration.sql @@ -0,0 +1,2 @@ +-- AlterEnum +ALTER TYPE "Action" ADD VALUE 'move'; diff --git a/core/prisma/schema.prisma b/core/prisma/schema.prisma index 24fb6dccb..03a2b0417 100644 --- a/core/prisma/schema.prisma +++ b/core/prisma/schema.prisma @@ -347,6 +347,7 @@ enum Action { pdf email pushToV6 + move } model Rule { diff --git a/packages/contracts/src/resources/integrations.ts b/packages/contracts/src/resources/integrations.ts index 38dced6cc..ae63b8b75 100644 --- a/packages/contracts/src/resources/integrations.ts +++ b/packages/contracts/src/resources/integrations.ts @@ -64,6 +64,7 @@ export const GetPubResponseBodyBase = commonPubFields.extend({ id: z.string(), values: z.record(JsonOutput), assignee: User.optional(), + communityId: z.string(), }); export type GetPubResponseBodyBase = z.infer; diff --git a/packages/ui/src/icon.tsx b/packages/ui/src/icon.tsx index 27ee27a75..f7ed43cca 100644 --- a/packages/ui/src/icon.tsx +++ b/packages/ui/src/icon.tsx @@ -17,6 +17,7 @@ export { Mail, Menu, MoreVertical, + MoveHorizontal, Pencil, Plus, Play, From 7e8e7cf9c74730f01bc6a53a1c7fc7f0bf536752 Mon Sep 17 00:00:00 2001 From: "eve n.u" Date: Tue, 7 May 2024 16:40:02 -0700 Subject: [PATCH 2/3] fix: do not force sslmode at infrastructure level (#337) * fix: do not force sslmode at infrastructure level * add RDS CA certs to all container dockerfiles * fix: nginx uses safe x-forwarded-host flag --- Dockerfile | 9 ++++++++- core/.env.docker | 2 +- infrastructure/nginx/default.conf.template | 5 +++++ .../terraform/modules/core-services/outputs.tf | 6 ------ infrastructure/terraform/modules/deployment/main.tf | 2 -- 5 files changed, 14 insertions(+), 10 deletions(-) diff --git a/Dockerfile b/Dockerfile index 8f8cf24b9..99b27114b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,7 +16,14 @@ FROM node:${NODE_VERSION}-alpine as base ARG PNPM_VERSION=8.14.3 # Install python deps for node-gyp -RUN apk add g++ make py3-pip +RUN apk add g++ make py3-pip ca-certificates curl + +# Setup RDS CA Certificates + +RUN curl -L \ + -o /usr/local/share/ca-certificates/rds-global-bundle.pem \ + https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem \ + && update-ca-certificates # Set working directory for all build stages. WORKDIR /usr/src/app diff --git a/core/.env.docker b/core/.env.docker index b078bce2c..d7f38fe8c 100644 --- a/core/.env.docker +++ b/core/.env.docker @@ -1 +1 @@ -DATABASE_URL=postgresql://${PGUSER}:${PGPASSWORD}@${PGHOST}:${PGPORT}/${PGDATABASE}?sslmode=require +DATABASE_URL=postgresql://${PGUSER}:${PGPASSWORD}@${PGHOST}:${PGPORT}/${PGDATABASE} diff --git a/infrastructure/nginx/default.conf.template b/infrastructure/nginx/default.conf.template index 56b150b5c..a1c71bf41 100644 --- a/infrastructure/nginx/default.conf.template +++ b/infrastructure/nginx/default.conf.template @@ -8,6 +8,11 @@ server { location / { proxy_pass $scheme://nextjs; + + proxy_set_header Host $host; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Real-IP $remote_addr; } location /legacy_healthcheck { diff --git a/infrastructure/terraform/modules/core-services/outputs.tf b/infrastructure/terraform/modules/core-services/outputs.tf index 123279536..e55d3ace2 100644 --- a/infrastructure/terraform/modules/core-services/outputs.tf +++ b/infrastructure/terraform/modules/core-services/outputs.tf @@ -2,7 +2,6 @@ locals { db_user = aws_db_instance.core_postgres.username db_name = aws_db_instance.core_postgres.db_name db_host = aws_db_instance.core_postgres.address - db_sslmode = "require" } output "secrets" { @@ -23,17 +22,12 @@ output "asset_uploader_key_id" { value = aws_iam_access_key.asset_uploader.id } -output "rds_connection_string_sans_password" { - value = "postgresql://${local.db_user}@${local.db_host}:5432/${local.db_name}?sslmode=${local.db_sslmode}" -} - output "rds_connection_components" { value = { user = local.db_user database = local.db_name host = local.db_host port = "5432" - sslmode = local.db_sslmode id = aws_db_instance.core_postgres.id } } diff --git a/infrastructure/terraform/modules/deployment/main.tf b/infrastructure/terraform/modules/deployment/main.tf index 8cd0d45a1..18d6d7729 100644 --- a/infrastructure/terraform/modules/deployment/main.tf +++ b/infrastructure/terraform/modules/deployment/main.tf @@ -76,7 +76,6 @@ module "service_core" { configuration = { container_port = 3000 environment = [ - # { name = "DATABASE_URL", value = module.core_dependency_services.rds_connection_string_sans_password }, { name = "PGUSER", value = module.core_dependency_services.rds_connection_components.user }, { name = "PGDATABASE", value = module.core_dependency_services.rds_connection_components.database }, { name = "PGHOST", value = module.core_dependency_services.rds_connection_components.host }, @@ -213,7 +212,6 @@ module "service_flock" { configuration = { environment = [ - # { name = "DATABASE_URL", value = module.core_dependency_services.rds_connection_string_sans_password }, { name = "PGUSER", value = module.core_dependency_services.rds_connection_components.user }, { name = "PGDATABASE", value = module.core_dependency_services.rds_connection_components.database }, { name = "PGHOST", value = module.core_dependency_services.rds_connection_components.host }, From ae535d827f3e6f5e9ce0719a6ae3363fd256c0fa Mon Sep 17 00:00:00 2001 From: "eve n.u" Date: Tue, 7 May 2024 16:45:06 -0700 Subject: [PATCH 3/3] removes declaration of server-actions (#341) Now that they are enabled by default in nextjs 14. --- core/next.docker.config.js | 1 - integrations/evaluations/next.docker.config.js | 1 - integrations/submissions/next.docker.config.js | 1 - jobs/next.docker.config.js | 1 - 4 files changed, 4 deletions(-) diff --git a/core/next.docker.config.js b/core/next.docker.config.js index 5e079caae..489be74b1 100644 --- a/core/next.docker.config.js +++ b/core/next.docker.config.js @@ -1,6 +1,5 @@ const baseConfig = { experimental: { - serverActions: true, instrumentationHook: true, }, }; diff --git a/integrations/evaluations/next.docker.config.js b/integrations/evaluations/next.docker.config.js index c33891f8a..a34088efb 100644 --- a/integrations/evaluations/next.docker.config.js +++ b/integrations/evaluations/next.docker.config.js @@ -2,7 +2,6 @@ const baseConfig = { basePath: "/intg/evaluations", assetPrefix: "/intg/evaluations", experimental: { - serverActions: true, instrumentationHook: true, }, }; diff --git a/integrations/submissions/next.docker.config.js b/integrations/submissions/next.docker.config.js index e3ee633b9..3a5798963 100644 --- a/integrations/submissions/next.docker.config.js +++ b/integrations/submissions/next.docker.config.js @@ -2,7 +2,6 @@ const baseConfig = { basePath: "/intg/submissions", assetPrefix: "/intg/submissions", experimental: { - serverActions: true, instrumentationHook: true, }, }; diff --git a/jobs/next.docker.config.js b/jobs/next.docker.config.js index 5e079caae..489be74b1 100644 --- a/jobs/next.docker.config.js +++ b/jobs/next.docker.config.js @@ -1,6 +1,5 @@ const baseConfig = { experimental: { - serverActions: true, instrumentationHook: true, }, };