diff --git a/.dev.vars.example b/.dev.vars.example index 82a40ee..aae3fc5 100644 --- a/.dev.vars.example +++ b/.dev.vars.example @@ -1,3 +1,3 @@ WEBHOOK_PROXY_URL=https://smee.io/new -WEBHOOK_SECRET=xxxxxx +APP_WEBHOOK_SECRET=xxxxxx APP_ID=123456 diff --git a/.github/workflows/bun-testing.yml b/.github/workflows/bun-testing.yml index 0394e4d..6dbfe29 100644 --- a/.github/workflows/bun-testing.yml +++ b/.github/workflows/bun-testing.yml @@ -6,7 +6,7 @@ on: env: NODE_ENV: "test" - WEBHOOK_SECRET: ${{ secrets.WEBHOOK_SECRET }} + APP_WEBHOOK_SECRET: ${{ secrets.APP_WEBHOOK_SECRET }} APP_ID: ${{ secrets.APP_ID }} APP_PRIVATE_KEY: ${{ secrets.APP_PRIVATE_KEY }} diff --git a/.github/workflows/build.yml b/.github/workflows/worker-deploy.yml similarity index 91% rename from .github/workflows/build.yml rename to .github/workflows/worker-deploy.yml index 47c0963..24d410b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/worker-deploy.yml @@ -11,6 +11,8 @@ jobs: build: runs-on: ubuntu-22.04 + environment: ${{ github.ref == 'refs/heads/main' && 'main' || 'development' }} + steps: - name: Check out repository uses: actions/checkout@v4 @@ -46,15 +48,14 @@ jobs: - uses: cloudflare/wrangler-action@v3 id: wrangler_deploy with: - wranglerVersion: "3.63.1" apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }} accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} secrets: | APP_ID APP_PRIVATE_KEY - WEBHOOK_SECRET + APP_WEBHOOK_SECRET env: - WEBHOOK_SECRET: ${{ secrets.WEBHOOK_SECRET }} + APP_WEBHOOK_SECRET: ${{ secrets.APP_WEBHOOK_SECRET }} APP_ID: ${{ secrets.APP_ID }} APP_PRIVATE_KEY: ${{ secrets.APP_PRIVATE_KEY }} diff --git a/CHANGELOG.md b/CHANGELOG.md index a1d551f..84b8188 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -36,7 +36,7 @@ ### ⚠ BREAKING CHANGES -* renamed PRIVATE_KEY to APP_PRIVATE_KEY, WEBHOOK_SECRET optional and removed WEBHOOK_PROXY_URL +* renamed PRIVATE_KEY to APP_PRIVATE_KEY, APP_WEBHOOK_SECRET optional and removed WEBHOOK_PROXY_URL * bumped eslint to v9 * removed GitHub type from the configuration as it is deduced using the plugin element string @@ -178,7 +178,7 @@ * remove unused import ([c96e2a7](https://github.com/ubiquity/ubiquibot-kernel/commit/c96e2a707743616df666d27974bacd99a4abe5ba)) * removed GitHub type from the configuration as it is deduced using the plugin element string ([570b68e](https://github.com/ubiquity/ubiquibot-kernel/commit/570b68e18639e9c38a90872cfb8cbfbbdf661481)) * rename pull_request_template ([8aa986e](https://github.com/ubiquity/ubiquibot-kernel/commit/8aa986e6885173d56f628ee6d887d3619a19407c)) -* renamed PRIVATE_KEY to APP_PRIVATE_KEY, WEBHOOK_SECRET optional and removed WEBHOOK_PROXY_URL ([f71043e](https://github.com/ubiquity/ubiquibot-kernel/commit/f71043e7f1fe0277591e0682e2ff3340e206e0b9)) +* renamed PRIVATE_KEY to APP_PRIVATE_KEY, APP_WEBHOOK_SECRET optional and removed WEBHOOK_PROXY_URL ([f71043e](https://github.com/ubiquity/ubiquibot-kernel/commit/f71043e7f1fe0277591e0682e2ff3340e206e0b9)) * resolve conflicts ([403232c](https://github.com/ubiquity/ubiquibot-kernel/commit/403232cdc4aee6260bf968875d90edf211a6c961)) * return default conf on custom conf fail ([207f68e](https://github.com/ubiquity/ubiquibot-kernel/commit/207f68e5e8ff2c018173636035cdf8bc3316f0c6)) * spell ([b40750f](https://github.com/ubiquity/ubiquibot-kernel/commit/b40750ffa37ec668eb1dd0c2ee7fd0525c66f73f)) diff --git a/README.md b/README.md index 7c9789d..31dfe44 100644 --- a/README.md +++ b/README.md @@ -16,7 +16,7 @@ The kernel is designed to: **Note:** Replace `YOUR_APP_PRIVATE_KEY.PEM` with the path to your actual PEM file when running the command. -- **`WEBHOOK_SECRET`** +- **`APP_WEBHOOK_SECRET`** Set this value in both your GitHub App settings and here. - **`APP_ID`** diff --git a/bun.lockb b/bun.lockb index 0193fd3..1e0f6d5 100755 Binary files a/bun.lockb and b/bun.lockb differ diff --git a/package.json b/package.json index 4b94720..e18c717 100644 --- a/package.json +++ b/package.json @@ -69,13 +69,13 @@ "yaml": "2.4.5" }, "devDependencies": { - "@swc/core": "1.6.5", - "@swc/jest": "0.2.36", - "tsup": "8.1.0", - "@jest/globals": "29.7.0", - "@types/jest": "29.5.12", - "jest": "29.7.0", - "jest-junit": "16.0.0", + "@swc/core": "1.6.5", + "@swc/jest": "0.2.36", + "tsup": "8.1.0", + "@jest/globals": "29.7.0", + "@types/jest": "29.5.12", + "jest": "29.7.0", + "jest-junit": "16.0.0", "@cloudflare/workers-types": "4.20240117.0", "@commitlint/cli": "19.3.0", "@commitlint/config-conventional": "19.2.2", @@ -103,7 +103,7 @@ "tsx": "4.16.2", "typescript": "5.5.3", "typescript-eslint": "7.16.0", - "wrangler": "3.64.0" + "wrangler": "3.78.10" }, "lint-staged": { "*.ts": [ diff --git a/src/github/handlers/index.ts b/src/github/handlers/index.ts index 873a244..217c937 100644 --- a/src/github/handlers/index.ts +++ b/src/github/handlers/index.ts @@ -75,7 +75,7 @@ async function handleEvent(event: EmitterWebhookEvent, eventHandler: InstanceTyp // invoke the first plugin in the chain const { plugin, with: settings } = pluginChain.uses[0]; const isGithubPluginObject = isGithubPlugin(plugin); - console.log(`Calling handler for event ${event.name}`); + console.log(`Calling handler ${JSON.stringify(plugin)} for event ${event.name}`); const stateId = crypto.randomUUID(); diff --git a/src/github/types/env.ts b/src/github/types/env.ts index 65201cb..9f37f0d 100644 --- a/src/github/types/env.ts +++ b/src/github/types/env.ts @@ -1,7 +1,7 @@ import { Type as T, type Static } from "@sinclair/typebox"; export const envSchema = T.Object({ - WEBHOOK_SECRET: T.String({ minLength: 1 }), + APP_WEBHOOK_SECRET: T.String({ minLength: 1 }), APP_ID: T.String({ minLength: 1 }), APP_PRIVATE_KEY: T.String({ minLength: 1 }), }); @@ -15,7 +15,7 @@ declare global { namespace NodeJS { interface ProcessEnv { APP_ID: string; - WEBHOOK_SECRET: string; + APP_WEBHOOK_SECRET: string; APP_PRIVATE_KEY: string; } } diff --git a/src/worker.ts b/src/worker.ts index 6f88853..4a6ee53 100644 --- a/src/worker.ts +++ b/src/worker.ts @@ -14,7 +14,7 @@ export default { const signatureSha256 = getSignature(request); const id = getId(request); const eventHandler = new GitHubEventHandler({ - webhookSecret: env.WEBHOOK_SECRET, + webhookSecret: env.APP_WEBHOOK_SECRET, appId: env.APP_ID, privateKey: env.APP_PRIVATE_KEY, pluginChainState: new CloudflareKv(env.PLUGIN_CHAIN_STATE), diff --git a/tests/main.test.ts b/tests/main.test.ts index 85ab398..3749fa2 100644 --- a/tests/main.test.ts +++ b/tests/main.test.ts @@ -58,7 +58,7 @@ describe("Worker tests", () => { const req = new Request("http://localhost:8080"); const consoleSpy = jest.spyOn(console, "error").mockImplementation(() => jest.fn()); const res = await worker.fetch(req, { - WEBHOOK_SECRET: "", + APP_WEBHOOK_SECRET: "", APP_ID: "", APP_PRIVATE_KEY: "", PLUGIN_CHAIN_STATE: {} as KVNamespace, @@ -76,7 +76,7 @@ describe("Worker tests", () => { }, }); const res = await worker.fetch(req, { - WEBHOOK_SECRET: "webhook-secret", + APP_WEBHOOK_SECRET: "webhook-secret", APP_ID: "app-id", APP_PRIVATE_KEY: "private-key", PLUGIN_CHAIN_STATE: {} as KVNamespace, diff --git a/wrangler.toml b/wrangler.toml index 228d0db..7e06401 100644 --- a/wrangler.toml +++ b/wrangler.toml @@ -15,6 +15,10 @@ compatibility_flags = [ "nodejs_compat" ] binding = "PLUGIN_CHAIN_STATE" id = "TO_BE_DEFINED" +# Enables Cloudflare Worker Logs +[observability] +enabled = true + # Variable bindings. These are arbitrary, plaintext strings (similar to environment variables) # Note: Use secrets to store sensitive data. # Docs: https://developers.cloudflare.com/workers/platform/environment-variables