diff --git a/database/common/store.go b/database/common/store.go index 7da0e5bb..db5fbb04 100644 --- a/database/common/store.go +++ b/database/common/store.go @@ -56,7 +56,7 @@ type OrgStore interface { } type EnterpriseStore interface { - CreateEnterprise(ctx context.Context, name, credentialsName, webhookSecret string, poolBalancerType params.PoolBalancerType) (params.Enterprise, error) + CreateEnterprise(ctx context.Context, name string, credentialsName params.ForgeCredentials, webhookSecret string, poolBalancerType params.PoolBalancerType) (params.Enterprise, error) GetEnterprise(ctx context.Context, name, endpointName string) (params.Enterprise, error) GetEnterpriseByID(ctx context.Context, enterpriseID string) (params.Enterprise, error) ListEnterprises(ctx context.Context) ([]params.Enterprise, error) diff --git a/database/sql/enterprise.go b/database/sql/enterprise.go index 26406ac5..e9c2ed08 100644 --- a/database/sql/enterprise.go +++ b/database/sql/enterprise.go @@ -28,10 +28,14 @@ import ( "github.com/cloudbase/garm/params" ) -func (s *sqlDatabase) CreateEnterprise(ctx context.Context, name, credentialsName, webhookSecret string, poolBalancerType params.PoolBalancerType) (paramEnt params.Enterprise, err error) { +func (s *sqlDatabase) CreateEnterprise(ctx context.Context, name string, credentials params.ForgeCredentials, webhookSecret string, poolBalancerType params.PoolBalancerType) (paramEnt params.Enterprise, err error) { if webhookSecret == "" { return params.Enterprise{}, errors.New("creating enterprise: missing secret") } + if credentials.ForgeType != params.GithubEndpointType { + return params.Enterprise{}, errors.Wrap(runnerErrors.ErrBadRequest, "enterprises are not supported on this forge type") + } + secret, err := util.Seal([]byte(webhookSecret), []byte(s.cfg.Passphrase)) if err != nil { return params.Enterprise{}, errors.Wrap(err, "encoding secret") @@ -48,24 +52,18 @@ func (s *sqlDatabase) CreateEnterprise(ctx context.Context, name, credentialsNam PoolBalancerType: poolBalancerType, } err = s.conn.Transaction(func(tx *gorm.DB) error { - creds, err := s.getGithubCredentialsByName(ctx, tx, credentialsName, false) - if err != nil { - return errors.Wrap(err, "creating enterprise") - } - if creds.EndpointName == nil { - return errors.Wrap(runnerErrors.ErrUnprocessable, "credentials have no endpoint") - } - newEnterprise.CredentialsID = &creds.ID - newEnterprise.EndpointName = creds.EndpointName + newEnterprise.CredentialsID = &credentials.ID + newEnterprise.EndpointName = &credentials.Endpoint.Name q := tx.Create(&newEnterprise) if q.Error != nil { return errors.Wrap(q.Error, "creating enterprise") } - newEnterprise.Credentials = creds - newEnterprise.Endpoint = creds.Endpoint - + newEnterprise, err = s.getEnterpriseByID(ctx, tx, newEnterprise.ID.String(), "Pools", "Credentials", "Endpoint", "Credentials.Endpoint") + if err != nil { + return errors.Wrap(err, "creating enterprise") + } return nil }) if err != nil { diff --git a/database/sql/enterprise_test.go b/database/sql/enterprise_test.go index 4971f78f..9d81287d 100644 --- a/database/sql/enterprise_test.go +++ b/database/sql/enterprise_test.go @@ -99,7 +99,7 @@ func (s *EnterpriseTestSuite) SetupTest() { enterprise, err := db.CreateEnterprise( s.adminCtx, fmt.Sprintf("test-enterprise-%d", i), - s.testCreds.Name, + s.testCreds, fmt.Sprintf("test-webhook-secret-%d", i), params.PoolBalancerTypeRoundRobin, ) @@ -178,7 +178,7 @@ func (s *EnterpriseTestSuite) TestCreateEnterprise() { enterprise, err := s.Store.CreateEnterprise( s.adminCtx, s.Fixtures.CreateEnterpriseParams.Name, - s.Fixtures.CreateEnterpriseParams.CredentialsName, + s.testCreds, s.Fixtures.CreateEnterpriseParams.WebhookSecret, params.PoolBalancerTypeRoundRobin) @@ -209,7 +209,7 @@ func (s *EnterpriseTestSuite) TestCreateEnterpriseInvalidDBPassphrase() { _, err = sqlDB.CreateEnterprise( s.adminCtx, s.Fixtures.CreateEnterpriseParams.Name, - s.Fixtures.CreateEnterpriseParams.CredentialsName, + s.testCreds, s.Fixtures.CreateEnterpriseParams.WebhookSecret, params.PoolBalancerTypeRoundRobin) @@ -235,7 +235,7 @@ func (s *EnterpriseTestSuite) TestCreateEnterpriseDBCreateErr() { _, err := s.StoreSQLMocked.CreateEnterprise( s.adminCtx, s.Fixtures.CreateEnterpriseParams.Name, - s.Fixtures.CreateEnterpriseParams.CredentialsName, + s.testCreds, s.Fixtures.CreateEnterpriseParams.WebhookSecret, params.PoolBalancerTypeRoundRobin) diff --git a/database/sql/gitea.go b/database/sql/gitea.go index 27084a0a..79680287 100644 --- a/database/sql/gitea.go +++ b/database/sql/gitea.go @@ -22,7 +22,7 @@ func (s *sqlDatabase) CreateGiteaEndpoint(_ context.Context, param params.Create var endpoint GithubEndpoint err = s.conn.Transaction(func(tx *gorm.DB) error { if err := tx.Where("name = ?", param.Name).First(&endpoint).Error; err == nil { - return errors.Wrap(runnerErrors.ErrDuplicateEntity, "github endpoint already exists") + return errors.Wrap(runnerErrors.ErrDuplicateEntity, "gitea endpoint already exists") } endpoint = GithubEndpoint{ Name: param.Name, @@ -34,16 +34,16 @@ func (s *sqlDatabase) CreateGiteaEndpoint(_ context.Context, param params.Create } if err := tx.Create(&endpoint).Error; err != nil { - return errors.Wrap(err, "creating github endpoint") + return errors.Wrap(err, "creating gitea endpoint") } return nil }) if err != nil { - return params.ForgeEndpoint{}, errors.Wrap(err, "creating github endpoint") + return params.ForgeEndpoint{}, errors.Wrap(err, "creating gitea endpoint") } ghEndpoint, err = s.sqlToCommonGithubEndpoint(endpoint) if err != nil { - return params.ForgeEndpoint{}, errors.Wrap(err, "converting github endpoint") + return params.ForgeEndpoint{}, errors.Wrap(err, "converting gitea endpoint") } return ghEndpoint, nil } @@ -52,14 +52,14 @@ func (s *sqlDatabase) ListGiteaEndpoints(_ context.Context) ([]params.ForgeEndpo var endpoints []GithubEndpoint err := s.conn.Where("endpoint_type = ?", params.GiteaEndpointType).Find(&endpoints).Error if err != nil { - return nil, errors.Wrap(err, "fetching github endpoints") + return nil, errors.Wrap(err, "fetching gitea endpoints") } var ret []params.ForgeEndpoint for _, ep := range endpoints { commonEp, err := s.sqlToCommonGithubEndpoint(ep) if err != nil { - return nil, errors.Wrap(err, "converting github endpoint") + return nil, errors.Wrap(err, "converting gitea endpoint") } ret = append(ret, commonEp) } @@ -67,10 +67,6 @@ func (s *sqlDatabase) ListGiteaEndpoints(_ context.Context) ([]params.ForgeEndpo } func (s *sqlDatabase) UpdateGiteaEndpoint(_ context.Context, name string, param params.UpdateGiteaEndpointParams) (ghEndpoint params.ForgeEndpoint, err error) { - if name == defaultGithubEndpoint { - return params.ForgeEndpoint{}, runnerErrors.NewBadRequestError("cannot update default endpoint %s", defaultGithubEndpoint) - } - defer func() { if err == nil { s.sendNotify(common.GithubEndpointEntityType, common.UpdateOperation, ghEndpoint) @@ -118,7 +114,6 @@ func (s *sqlDatabase) UpdateGiteaEndpoint(_ context.Context, name string, param func (s *sqlDatabase) GetGiteaEndpoint(_ context.Context, name string) (params.ForgeEndpoint, error) { var endpoint GithubEndpoint - err := s.conn.Where("name = ? and endpoint_type = ?", name, params.GiteaEndpointType).First(&endpoint).Error if err != nil { if errors.Is(err, gorm.ErrRecordNotFound) { @@ -150,7 +145,7 @@ func (s *sqlDatabase) DeleteGiteaEndpoint(_ context.Context, name string) (err e } var credsCount int64 - if err := tx.Model(&GithubCredentials{}).Where("endpoint_name = ?", endpoint.Name).Count(&credsCount).Error; err != nil { + if err := tx.Model(&GiteaCredentials{}).Where("endpoint_name = ?", endpoint.Name).Count(&credsCount).Error; err != nil { if !errors.Is(err, gorm.ErrRecordNotFound) { return errors.Wrap(err, "fetching gitea credentials") } @@ -170,15 +165,8 @@ func (s *sqlDatabase) DeleteGiteaEndpoint(_ context.Context, name string) (err e } } - var entCnt int64 - if err := tx.Model(&Enterprise{}).Where("endpoint_name = ?", endpoint.Name).Count(&entCnt).Error; err != nil { - if !errors.Is(err, gorm.ErrRecordNotFound) { - return errors.Wrap(err, "fetching gitea enterprises") - } - } - - if credsCount > 0 || repoCnt > 0 || orgCnt > 0 || entCnt > 0 { - return errors.New("cannot delete endpoint with associated entities") + if credsCount > 0 || repoCnt > 0 || orgCnt > 0 { + return runnerErrors.NewBadRequestError("cannot delete endpoint with associated entities") } if err := tx.Unscoped().Delete(&endpoint).Error; err != nil { @@ -195,7 +183,7 @@ func (s *sqlDatabase) DeleteGiteaEndpoint(_ context.Context, name string) (err e func (s *sqlDatabase) CreateGiteaCredentials(ctx context.Context, param params.CreateGiteaCredentialsParams) (gtCreds params.ForgeCredentials, err error) { userID, err := getUIDFromContext(ctx) if err != nil { - return params.ForgeCredentials{}, errors.Wrap(err, "creating github credentials") + return params.ForgeCredentials{}, errors.Wrap(err, "creating gitea credentials") } if param.Endpoint == "" { return params.ForgeCredentials{}, errors.Wrap(runnerErrors.ErrBadRequest, "endpoint name is required") @@ -211,13 +199,13 @@ func (s *sqlDatabase) CreateGiteaCredentials(ctx context.Context, param params.C var endpoint GithubEndpoint if err := tx.Where("name = ? and endpoint_type = ?", param.Endpoint, params.GiteaEndpointType).First(&endpoint).Error; err != nil { if errors.Is(err, gorm.ErrRecordNotFound) { - return errors.Wrap(runnerErrors.ErrNotFound, "github endpoint not found") + return errors.Wrap(runnerErrors.ErrNotFound, "gitea endpoint not found") } - return errors.Wrap(err, "fetching github endpoint") + return errors.Wrap(err, "fetching gitea endpoint") } if err := tx.Where("name = ? and user_id = ?", param.Name, userID).First(&creds).Error; err == nil { - return errors.Wrap(runnerErrors.ErrDuplicateEntity, "github credentials already exists") + return errors.Wrap(runnerErrors.ErrDuplicateEntity, "gitea credentials already exists") } var data []byte @@ -225,8 +213,6 @@ func (s *sqlDatabase) CreateGiteaCredentials(ctx context.Context, param params.C switch param.AuthType { case params.ForgeAuthTypePAT: data, err = s.marshalAndSeal(param.PAT) - case params.ForgeAuthTypeApp: - data, err = s.marshalAndSeal(param.App) default: return errors.Wrap(runnerErrors.ErrBadRequest, "invalid auth type") } @@ -244,7 +230,7 @@ func (s *sqlDatabase) CreateGiteaCredentials(ctx context.Context, param params.C } if err := tx.Create(&creds).Error; err != nil { - return errors.Wrap(err, "creating github credentials") + return errors.Wrap(err, "creating gitea credentials") } // Skip making an extra query. creds.Endpoint = endpoint @@ -252,11 +238,11 @@ func (s *sqlDatabase) CreateGiteaCredentials(ctx context.Context, param params.C return nil }) if err != nil { - return params.ForgeCredentials{}, errors.Wrap(err, "creating github credentials") + return params.ForgeCredentials{}, errors.Wrap(err, "creating gitea credentials") } gtCreds, err = s.sqlGiteaToCommonForgeCredentials(creds) if err != nil { - return params.ForgeCredentials{}, errors.Wrap(err, "converting github credentials") + return params.ForgeCredentials{}, errors.Wrap(err, "converting gitea credentials") } return gtCreds, nil } diff --git a/database/sql/gitea_test.go b/database/sql/gitea_test.go new file mode 100644 index 00000000..c7a96d66 --- /dev/null +++ b/database/sql/gitea_test.go @@ -0,0 +1,793 @@ +// Copyright 2024 Cloudbase Solutions SRL +// +// Licensed under the Apache License, Version 2.0 (the "License"); you may +// not use this file except in compliance with the License. You may obtain +// a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +// License for the specific language governing permissions and limitations +// under the License. + +package sql + +import ( + "context" + "fmt" + "os" + "testing" + + "github.com/stretchr/testify/suite" + + runnerErrors "github.com/cloudbase/garm-provider-common/errors" + "github.com/cloudbase/garm/auth" + "github.com/cloudbase/garm/database/common" + garmTesting "github.com/cloudbase/garm/internal/testing" + "github.com/cloudbase/garm/params" +) + +type GiteaTestSuite struct { + suite.Suite + + giteaEndpoint params.ForgeEndpoint + db common.Store +} + +func (s *GiteaTestSuite) SetupTest() { + db, err := NewSQLDatabase(context.Background(), garmTesting.GetTestSqliteDBConfig(s.T())) + if err != nil { + s.FailNow(fmt.Sprintf("failed to create db connection: %s", err)) + } + + s.db = db + + createEpParams := params.CreateGiteaEndpointParams{ + Name: testEndpointName, + Description: testEndpointDescription, + APIBaseURL: testAPIBaseURL, + BaseURL: testBaseURL, + } + endpoint, err := s.db.CreateGiteaEndpoint(context.Background(), createEpParams) + s.Require().NoError(err) + s.Require().NotNil(endpoint) + s.Require().Equal(testEndpointName, endpoint.Name) + s.giteaEndpoint = endpoint +} + +func (s *GiteaTestSuite) TestCreatingEndpoint() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + + createEpParams := params.CreateGiteaEndpointParams{ + Name: testEndpointName, + Description: testEndpointDescription, + APIBaseURL: testAPIBaseURL, + BaseURL: testBaseURL, + } + + endpoint, err := s.db.CreateGiteaEndpoint(ctx, createEpParams) + s.Require().NoError(err) + s.Require().NotNil(endpoint) + s.Require().Equal(testEndpointName, endpoint.Name) +} + +func (s *GiteaTestSuite) TestCreatingDuplicateEndpointFails() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + + createEpParams := params.CreateGiteaEndpointParams{ + Name: testEndpointName, + Description: testEndpointDescription, + APIBaseURL: testAPIBaseURL, + BaseURL: testBaseURL, + } + + _, err := s.db.CreateGiteaEndpoint(ctx, createEpParams) + s.Require().NoError(err) + + _, err = s.db.CreateGiteaEndpoint(ctx, createEpParams) + s.Require().Error(err) + s.Require().ErrorIs(err, runnerErrors.ErrDuplicateEntity) +} + +func (s *GiteaTestSuite) TestGetEndpoint() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + + createEpParams := params.CreateGiteaEndpointParams{ + Name: "deleteme", + Description: testEndpointDescription, + APIBaseURL: testAPIBaseURL, + BaseURL: testBaseURL, + } + + newEndpoint, err := s.db.CreateGiteaEndpoint(ctx, createEpParams) + s.Require().NoError(err) + + endpoint, err := s.db.GetGiteaEndpoint(ctx, createEpParams.Name) + s.Require().NoError(err) + s.Require().NotNil(endpoint) + s.Require().Equal(newEndpoint.Name, endpoint.Name) +} + +func (s *GiteaTestSuite) TestGetNonExistingEndpointFailsWithNotFoundError() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + + _, err := s.db.GetGiteaEndpoint(ctx, "non-existing") + s.Require().Error(err) + s.Require().ErrorIs(err, runnerErrors.ErrNotFound) +} + +func (s *GiteaTestSuite) TestDeletingNonExistingEndpointIsANoop() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + + err := s.db.DeleteGiteaEndpoint(ctx, "non-existing") + s.Require().NoError(err) +} + +func (s *GiteaTestSuite) TestDeletingEndpoint() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + + createEpParams := params.CreateGiteaEndpointParams{ + Name: testEndpointName, + Description: testEndpointDescription, + APIBaseURL: testAPIBaseURL, + BaseURL: testBaseURL, + } + + endpoint, err := s.db.CreateGiteaEndpoint(ctx, createEpParams) + s.Require().NoError(err) + s.Require().NotNil(endpoint) + + err = s.db.DeleteGiteaEndpoint(ctx, testEndpointName) + s.Require().NoError(err) + + _, err = s.db.GetGiteaEndpoint(ctx, testEndpointName) + s.Require().Error(err) + s.Require().ErrorIs(err, runnerErrors.ErrNotFound) +} + +func (s *GiteaTestSuite) TestUpdateEndpoint() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + + createEpParams := params.CreateGiteaEndpointParams{ + Name: "deleteme", + Description: testEndpointDescription, + APIBaseURL: testAPIBaseURL, + BaseURL: testBaseURL, + } + + endpoint, err := s.db.CreateGiteaEndpoint(ctx, createEpParams) + s.Require().NoError(err) + s.Require().NotNil(endpoint) + + newDescription := "new description" + newAPIBaseURL := "https://new-api.example.com" + newBaseURL := "https://new.example.com" + caCertBundle, err := os.ReadFile("../../testdata/certs/srv-pub.pem") + s.Require().NoError(err) + updateEpParams := params.UpdateGiteaEndpointParams{ + Description: &newDescription, + APIBaseURL: &newAPIBaseURL, + BaseURL: &newBaseURL, + CACertBundle: caCertBundle, + } + + updatedEndpoint, err := s.db.UpdateGiteaEndpoint(ctx, testEndpointName, updateEpParams) + s.Require().NoError(err) + s.Require().NotNil(updatedEndpoint) + s.Require().Equal(newDescription, updatedEndpoint.Description) + s.Require().Equal(newAPIBaseURL, updatedEndpoint.APIBaseURL) + s.Require().Equal(newBaseURL, updatedEndpoint.BaseURL) + s.Require().Equal(caCertBundle, updatedEndpoint.CACertBundle) +} + +func (s *GiteaTestSuite) TestUpdatingNonExistingEndpointReturnsNotFoundError() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + + newDescription := "test" + updateEpParams := params.UpdateGiteaEndpointParams{ + Description: &newDescription, + } + + _, err := s.db.UpdateGiteaEndpoint(ctx, "non-existing", updateEpParams) + s.Require().Error(err) + s.Require().ErrorIs(err, runnerErrors.ErrNotFound) +} + +func (s *GiteaTestSuite) TestListEndpoints() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + + createEpParams := params.CreateGiteaEndpointParams{ + Name: testEndpointName, + Description: testEndpointDescription, + APIBaseURL: testAPIBaseURL, + BaseURL: testBaseURL, + } + + _, err := s.db.CreateGiteaEndpoint(ctx, createEpParams) + s.Require().NoError(err) + + endpoints, err := s.db.ListGiteaEndpoints(ctx) + s.Require().NoError(err) + s.Require().Len(endpoints, 1) +} + +func (s *GiteaTestSuite) TestCreateCredentialsFailsWithUnauthorizedForAnonUser() { + ctx := context.Background() + + _, err := s.db.CreateGiteaCredentials(ctx, params.CreateGiteaCredentialsParams{}) + s.Require().Error(err) + s.Require().ErrorIs(err, runnerErrors.ErrUnauthorized) +} + +func (s *GiteaTestSuite) TestCreateCredentialsFailsWhenEndpointNameIsEmpty() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + + _, err := s.db.CreateGiteaCredentials(ctx, params.CreateGiteaCredentialsParams{}) + s.Require().Error(err) + s.Require().ErrorIs(err, runnerErrors.ErrBadRequest) + s.Require().Regexp("endpoint name is required", err.Error()) +} + +func (s *GiteaTestSuite) TestCreateCredentialsFailsWhenEndpointDoesNotExist() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + + _, err := s.db.CreateGiteaCredentials(ctx, params.CreateGiteaCredentialsParams{Endpoint: "non-existing"}) + s.Require().Error(err) + s.Require().ErrorIs(err, runnerErrors.ErrNotFound) + s.Require().Regexp("endpoint not found", err.Error()) +} + +func (s *GiteaTestSuite) TestCreateCredentialsFailsWhenAuthTypeIsInvalid() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + + _, err := s.db.CreateGiteaCredentials(ctx, params.CreateGiteaCredentialsParams{Endpoint: s.giteaEndpoint.Name, AuthType: "invalid"}) + s.Require().Error(err) + s.Require().ErrorIs(err, runnerErrors.ErrBadRequest) + s.Require().Regexp("invalid auth type", err.Error()) +} + +func (s *GiteaTestSuite) TestCreateCredentials() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + + credParams := params.CreateGiteaCredentialsParams{ + Name: testCredsName, + Description: testCredsDescription, + Endpoint: s.giteaEndpoint.Name, + AuthType: params.ForgeAuthTypePAT, + PAT: params.GithubPAT{ + OAuth2Token: "test", + }, + } + + creds, err := s.db.CreateGiteaCredentials(ctx, credParams) + s.Require().NoError(err) + s.Require().NotNil(creds) + s.Require().Equal(credParams.Name, creds.Name) + s.Require().Equal(credParams.Description, creds.Description) + s.Require().Equal(credParams.Endpoint, creds.Endpoint.Name) + s.Require().Equal(credParams.AuthType, creds.AuthType) +} + +func (s *GiteaTestSuite) TestCreateCredentialsFailsOnDuplicateCredentials() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + testUser := garmTesting.CreateGARMTestUser(ctx, "testuser", s.db, s.T()) + testUserCtx := auth.PopulateContext(context.Background(), testUser, nil) + + credParams := params.CreateGiteaCredentialsParams{ + Name: testCredsName, + Description: testCredsDescription, + Endpoint: s.giteaEndpoint.Name, + AuthType: params.ForgeAuthTypePAT, + PAT: params.GithubPAT{ + OAuth2Token: "test", + }, + } + + _, err := s.db.CreateGiteaCredentials(ctx, credParams) + s.Require().NoError(err) + + // Creating creds with the same parameters should fail for the same user. + _, err = s.db.CreateGiteaCredentials(ctx, credParams) + s.Require().Error(err) + s.Require().ErrorIs(err, runnerErrors.ErrDuplicateEntity) + + // Creating creds with the same parameters should work for different users. + _, err = s.db.CreateGiteaCredentials(testUserCtx, credParams) + s.Require().NoError(err) +} + +func (s *GiteaTestSuite) TestNormalUsersCanOnlySeeTheirOwnCredentialsAdminCanSeeAll() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + testUser := garmTesting.CreateGARMTestUser(ctx, "testuser1", s.db, s.T()) + testUser2 := garmTesting.CreateGARMTestUser(ctx, "testuser2", s.db, s.T()) + testUserCtx := auth.PopulateContext(context.Background(), testUser, nil) + testUser2Ctx := auth.PopulateContext(context.Background(), testUser2, nil) + + credParams := params.CreateGiteaCredentialsParams{ + Name: testCredsName, + Description: testCredsDescription, + Endpoint: s.giteaEndpoint.Name, + AuthType: params.ForgeAuthTypePAT, + PAT: params.GithubPAT{ + OAuth2Token: "test", + }, + } + + creds, err := s.db.CreateGiteaCredentials(ctx, credParams) + s.Require().NoError(err) + s.Require().NotNil(creds) + + credParams.Name = "test-creds2" + creds2, err := s.db.CreateGiteaCredentials(testUserCtx, credParams) + s.Require().NoError(err) + s.Require().NotNil(creds2) + + credParams.Name = "test-creds3" + creds3, err := s.db.CreateGiteaCredentials(testUser2Ctx, credParams) + s.Require().NoError(err) + s.Require().NotNil(creds3) + + credsList, err := s.db.ListGiteaCredentials(ctx) + s.Require().NoError(err) + s.Require().Len(credsList, 3) + + credsList, err = s.db.ListGiteaCredentials(testUserCtx) + s.Require().NoError(err) + s.Require().Len(credsList, 1) + s.Require().Equal("test-creds2", credsList[0].Name) + + credsList, err = s.db.ListGiteaCredentials(testUser2Ctx) + s.Require().NoError(err) + s.Require().Len(credsList, 1) + s.Require().Equal("test-creds3", credsList[0].Name) +} + +func (s *GiteaTestSuite) TestGetGiteaCredentialsFailsWhenCredentialsDontExist() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + + _, err := s.db.GetGiteaCredentials(ctx, 1, true) + s.Require().Error(err) + s.Require().ErrorIs(err, runnerErrors.ErrNotFound) + + _, err = s.db.GetGiteaCredentialsByName(ctx, "non-existing", true) + s.Require().Error(err) + s.Require().ErrorIs(err, runnerErrors.ErrNotFound) +} + +func (s *GiteaTestSuite) TestGetGithubCredentialsByNameReturnsOnlyCurrentUserCredentials() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + testUser := garmTesting.CreateGARMTestUser(ctx, "test-user1", s.db, s.T()) + testUserCtx := auth.PopulateContext(context.Background(), testUser, nil) + + credParams := params.CreateGiteaCredentialsParams{ + Name: testCredsName, + Description: testCredsDescription, + Endpoint: s.giteaEndpoint.Name, + AuthType: params.ForgeAuthTypePAT, + PAT: params.GithubPAT{ + OAuth2Token: "test", + }, + } + + creds, err := s.db.CreateGiteaCredentials(ctx, credParams) + s.Require().NoError(err) + s.Require().NotNil(creds) + + creds2, err := s.db.CreateGiteaCredentials(testUserCtx, credParams) + s.Require().NoError(err) + s.Require().NotNil(creds2) + + creds2Get, err := s.db.GetGiteaCredentialsByName(testUserCtx, testCredsName, true) + s.Require().NoError(err) + s.Require().NotNil(creds2) + s.Require().Equal(testCredsName, creds2Get.Name) + s.Require().Equal(creds2.ID, creds2Get.ID) + + credsGet, err := s.db.GetGiteaCredentialsByName(ctx, testCredsName, true) + s.Require().NoError(err) + s.Require().NotNil(creds) + s.Require().Equal(testCredsName, credsGet.Name) + s.Require().Equal(creds.ID, credsGet.ID) + + // Admin can get any creds by ID + credsGet, err = s.db.GetGiteaCredentials(ctx, creds2.ID, true) + s.Require().NoError(err) + s.Require().NotNil(creds2) + s.Require().Equal(creds2.ID, credsGet.ID) + + // Normal user cannot get other user creds by ID + _, err = s.db.GetGiteaCredentials(testUserCtx, creds.ID, true) + s.Require().Error(err) + s.Require().ErrorIs(err, runnerErrors.ErrNotFound) +} + +func (s *GiteaTestSuite) TestGetGithubCredentials() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + + credParams := params.CreateGiteaCredentialsParams{ + Name: testCredsName, + Description: testCredsDescription, + Endpoint: s.giteaEndpoint.Name, + AuthType: params.ForgeAuthTypePAT, + PAT: params.GithubPAT{ + OAuth2Token: "test", + }, + } + + creds, err := s.db.CreateGiteaCredentials(ctx, credParams) + s.Require().NoError(err) + s.Require().NotNil(creds) + + creds2, err := s.db.GetGiteaCredentialsByName(ctx, testCredsName, true) + s.Require().NoError(err) + s.Require().NotNil(creds2) + s.Require().Equal(creds.Name, creds2.Name) + s.Require().Equal(creds.ID, creds2.ID) + + creds2, err = s.db.GetGiteaCredentials(ctx, creds.ID, true) + s.Require().NoError(err) + s.Require().NotNil(creds2) + s.Require().Equal(creds.Name, creds2.Name) + s.Require().Equal(creds.ID, creds2.ID) +} + +func (s *GiteaTestSuite) TestDeleteGiteaCredentials() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + + credParams := params.CreateGiteaCredentialsParams{ + Name: testCredsName, + Description: testCredsDescription, + Endpoint: s.giteaEndpoint.Name, + AuthType: params.ForgeAuthTypePAT, + PAT: params.GithubPAT{ + OAuth2Token: "test", + }, + } + + creds, err := s.db.CreateGiteaCredentials(ctx, credParams) + s.Require().NoError(err) + s.Require().NotNil(creds) + + err = s.db.DeleteGiteaCredentials(ctx, creds.ID) + s.Require().NoError(err) + + _, err = s.db.GetGiteaCredentials(ctx, creds.ID, true) + s.Require().Error(err) + s.Require().ErrorIs(err, runnerErrors.ErrNotFound) +} + +func (s *GiteaTestSuite) TestDeleteGiteaCredentialsByNonAdminUser() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + testUser := garmTesting.CreateGARMTestUser(ctx, "test-user4", s.db, s.T()) + testUserCtx := auth.PopulateContext(context.Background(), testUser, nil) + + credParams := params.CreateGiteaCredentialsParams{ + Name: testCredsName, + Description: testCredsDescription, + Endpoint: s.giteaEndpoint.Name, + AuthType: params.ForgeAuthTypePAT, + PAT: params.GithubPAT{ + OAuth2Token: "test-creds4", + }, + } + + // Create creds as admin + creds, err := s.db.CreateGiteaCredentials(ctx, credParams) + s.Require().NoError(err) + s.Require().NotNil(creds) + + // Deleting non existent creds will return a nil error. For the test user + // the creds created by the admin should not be visible, which leads to not found + // which in turn returns no error. + err = s.db.DeleteGiteaCredentials(testUserCtx, creds.ID) + s.Require().NoError(err) + + // Check that the creds created by the admin are still there. + credsGet, err := s.db.GetGiteaCredentials(ctx, creds.ID, true) + s.Require().NoError(err) + s.Require().NotNil(credsGet) + s.Require().Equal(creds.ID, credsGet.ID) + + // Create the same creds with the test user. + creds2, err := s.db.CreateGiteaCredentials(testUserCtx, credParams) + s.Require().NoError(err) + s.Require().NotNil(creds2) + + // Remove creds created by test user. + err = s.db.DeleteGiteaCredentials(testUserCtx, creds2.ID) + s.Require().NoError(err) + + // The creds created by the test user should be gone. + _, err = s.db.GetGiteaCredentials(testUserCtx, creds2.ID, true) + s.Require().Error(err) + s.Require().ErrorIs(err, runnerErrors.ErrNotFound) +} + +func (s *GiteaTestSuite) TestDeleteCredentialsFailsIfReposOrgsOrEntitiesUseIt() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + + credParams := params.CreateGiteaCredentialsParams{ + Name: testCredsName, + Description: testCredsDescription, + Endpoint: s.giteaEndpoint.Name, + AuthType: params.ForgeAuthTypePAT, + PAT: params.GithubPAT{ + OAuth2Token: "test", + }, + } + + creds, err := s.db.CreateGiteaCredentials(ctx, credParams) + s.Require().NoError(err) + s.Require().NotNil(creds) + + repo, err := s.db.CreateRepository(ctx, "test-owner", "test-repo", creds, "superSecret@123BlaBla", params.PoolBalancerTypeRoundRobin) + s.Require().NoError(err) + s.Require().NotNil(repo) + + err = s.db.DeleteGiteaCredentials(ctx, creds.ID) + s.Require().Error(err) + s.Require().ErrorIs(err, runnerErrors.ErrBadRequest) + + err = s.db.DeleteRepository(ctx, repo.ID) + s.Require().NoError(err) + + org, err := s.db.CreateOrganization(ctx, "test-org", creds, "superSecret@123BlaBla", params.PoolBalancerTypeRoundRobin) + s.Require().NoError(err) + s.Require().NotNil(org) + + err = s.db.DeleteGiteaCredentials(ctx, creds.ID) + s.Require().Error(err) + s.Require().ErrorIs(err, runnerErrors.ErrBadRequest) + + err = s.db.DeleteOrganization(ctx, org.ID) + s.Require().NoError(err) + + enterprise, err := s.db.CreateEnterprise(ctx, "test-enterprise", creds, "superSecret@123BlaBla", params.PoolBalancerTypeRoundRobin) + s.Require().ErrorIs(err, runnerErrors.ErrBadRequest) + s.Require().Equal(params.Enterprise{}, enterprise) + + err = s.db.DeleteGiteaCredentials(ctx, creds.ID) + s.Require().NoError(err) + + _, err = s.db.GetGiteaCredentials(ctx, creds.ID, true) + s.Require().Error(err) + s.Require().ErrorIs(err, runnerErrors.ErrNotFound) +} + +func (s *GiteaTestSuite) TestUpdateCredentials() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + + credParams := params.CreateGiteaCredentialsParams{ + Name: testCredsName, + Description: testCredsDescription, + Endpoint: s.giteaEndpoint.Name, + AuthType: params.ForgeAuthTypePAT, + PAT: params.GithubPAT{ + OAuth2Token: "test", + }, + } + + creds, err := s.db.CreateGiteaCredentials(ctx, credParams) + s.Require().NoError(err) + s.Require().NotNil(creds) + + newDescription := "new description" + newName := "new-name" + newToken := "new-token" + updateCredParams := params.UpdateGiteaCredentialsParams{ + Description: &newDescription, + Name: &newName, + PAT: ¶ms.GithubPAT{ + OAuth2Token: newToken, + }, + } + + updatedCreds, err := s.db.UpdateGiteaCredentials(ctx, creds.ID, updateCredParams) + s.Require().NoError(err) + s.Require().NotNil(updatedCreds) + s.Require().Equal(newDescription, updatedCreds.Description) + s.Require().Equal(newName, updatedCreds.Name) +} + +func (s *GiteaTestSuite) TestUpdateCredentialsFailsForNonExistingCredentials() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + + updateCredParams := params.UpdateGiteaCredentialsParams{ + Description: nil, + } + + _, err := s.db.UpdateGiteaCredentials(ctx, 1, updateCredParams) + s.Require().Error(err) + s.Require().ErrorIs(err, runnerErrors.ErrNotFound) +} + +func (s *GiteaTestSuite) TestUpdateCredentialsFailsIfCredentialsAreOwnedByNonAdminUser() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + testUser := garmTesting.CreateGARMTestUser(ctx, "test-user5", s.db, s.T()) + testUserCtx := auth.PopulateContext(context.Background(), testUser, nil) + + credParams := params.CreateGiteaCredentialsParams{ + Name: testCredsName, + Description: testCredsDescription, + Endpoint: s.giteaEndpoint.Name, + AuthType: params.ForgeAuthTypePAT, + PAT: params.GithubPAT{ + OAuth2Token: "test-creds5", + }, + } + + creds, err := s.db.CreateGiteaCredentials(ctx, credParams) + s.Require().NoError(err) + s.Require().NotNil(creds) + + newDescription := "new description2" + updateCredParams := params.UpdateGiteaCredentialsParams{ + Description: &newDescription, + } + + _, err = s.db.UpdateGiteaCredentials(testUserCtx, creds.ID, updateCredParams) + s.Require().Error(err) + s.Require().ErrorIs(err, runnerErrors.ErrNotFound) +} + +func (s *GiteaTestSuite) TestAdminUserCanUpdateAnyGiteaCredentials() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + testUser := garmTesting.CreateGARMTestUser(ctx, "test-user5", s.db, s.T()) + testUserCtx := auth.PopulateContext(context.Background(), testUser, nil) + + credParams := params.CreateGiteaCredentialsParams{ + Name: testCredsName, + Description: testCredsDescription, + Endpoint: s.giteaEndpoint.Name, + AuthType: params.ForgeAuthTypePAT, + PAT: params.GithubPAT{ + OAuth2Token: "test-creds5", + }, + } + + creds, err := s.db.CreateGiteaCredentials(testUserCtx, credParams) + s.Require().NoError(err) + s.Require().NotNil(creds) + + newDescription := "new description2" + updateCredParams := params.UpdateGiteaCredentialsParams{ + Description: &newDescription, + } + + newCreds, err := s.db.UpdateGiteaCredentials(ctx, creds.ID, updateCredParams) + s.Require().NoError(err) + s.Require().Equal(newDescription, newCreds.Description) +} + +func (s *GiteaTestSuite) TestDeleteCredentialsWithOrgsOrReposFails() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + + credParams := params.CreateGiteaCredentialsParams{ + Name: testCredsName, + Description: testCredsDescription, + Endpoint: s.giteaEndpoint.Name, + AuthType: params.ForgeAuthTypePAT, + PAT: params.GithubPAT{ + OAuth2Token: "test-creds5", + }, + } + + creds, err := s.db.CreateGiteaCredentials(ctx, credParams) + s.Require().NoError(err) + s.Require().NotNil(creds) + + repo, err := s.db.CreateRepository(ctx, "test-owner", "test-repo", creds, "superSecret@123BlaBla", params.PoolBalancerTypeRoundRobin) + s.Require().NoError(err) + s.Require().NotNil(repo) + + err = s.db.DeleteGiteaCredentials(ctx, creds.ID) + s.Require().Error(err) + s.Require().ErrorIs(err, runnerErrors.ErrBadRequest) + + err = s.db.DeleteRepository(ctx, repo.ID) + s.Require().NoError(err) + + org, err := s.db.CreateOrganization(ctx, "test-org", creds, "superSecret@123BlaBla", params.PoolBalancerTypeRoundRobin) + s.Require().NoError(err) + s.Require().NotNil(org) + + err = s.db.DeleteGiteaCredentials(ctx, creds.ID) + s.Require().Error(err) + s.Require().ErrorIs(err, runnerErrors.ErrBadRequest) + + err = s.db.DeleteOrganization(ctx, org.ID) + s.Require().NoError(err) + + err = s.db.DeleteGiteaCredentials(ctx, creds.ID) + s.Require().NoError(err) + + _, err = s.db.GetGiteaCredentials(ctx, creds.ID, true) + s.Require().Error(err) + s.Require().ErrorIs(err, runnerErrors.ErrNotFound) +} + +func (s *GiteaTestSuite) TestDeleteGiteaEndpointFailsWithOrgsReposOrCredentials() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + + endpointParams := params.CreateGiteaEndpointParams{ + Name: "deleteme", + Description: testEndpointDescription, + APIBaseURL: testAPIBaseURL, + BaseURL: testBaseURL, + } + + ep, err := s.db.CreateGiteaEndpoint(ctx, endpointParams) + s.Require().NoError(err) + s.Require().NotNil(ep) + + credParams := params.CreateGiteaCredentialsParams{ + Name: testCredsName, + Description: testCredsDescription, + Endpoint: ep.Name, + AuthType: params.ForgeAuthTypePAT, + PAT: params.GithubPAT{ + OAuth2Token: "test-creds5", + }, + } + + creds, err := s.db.CreateGiteaCredentials(ctx, credParams) + s.Require().NoError(err) + s.Require().NotNil(creds) + + repo, err := s.db.CreateRepository(ctx, "test-owner", "test-repo", creds, "superSecret@123BlaBla", params.PoolBalancerTypeRoundRobin) + s.Require().NoError(err) + s.Require().NotNil(repo) + + badRequest := &runnerErrors.BadRequestError{} + err = s.db.DeleteGiteaEndpoint(ctx, ep.Name) + s.Require().Error(err) + s.Require().ErrorAs(err, &badRequest) + + err = s.db.DeleteRepository(ctx, repo.ID) + s.Require().NoError(err) + + org, err := s.db.CreateOrganization(ctx, "test-org", creds, "superSecret@123BlaBla", params.PoolBalancerTypeRoundRobin) + s.Require().NoError(err) + s.Require().NotNil(org) + + err = s.db.DeleteGiteaEndpoint(ctx, ep.Name) + s.Require().Error(err) + s.Require().ErrorAs(err, &badRequest) + + err = s.db.DeleteOrganization(ctx, org.ID) + s.Require().NoError(err) + + err = s.db.DeleteGiteaCredentials(ctx, creds.ID) + s.Require().NoError(err) + + err = s.db.DeleteGiteaEndpoint(ctx, ep.Name) + s.Require().NoError(err) + + _, err = s.db.GetGiteaEndpoint(ctx, ep.Name) + s.Require().Error(err) + s.Require().ErrorIs(err, runnerErrors.ErrNotFound) +} + +func (s *GiteaTestSuite) TestListGiteaEndpoints() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + + createEpParams := params.CreateGiteaEndpointParams{ + Name: "deleteme", + Description: testEndpointDescription, + APIBaseURL: testAPIBaseURL, + BaseURL: testBaseURL, + } + + _, err := s.db.CreateGiteaEndpoint(ctx, createEpParams) + s.Require().NoError(err) + + endpoints, err := s.db.ListGiteaEndpoints(ctx) + s.Require().NoError(err) + s.Require().Len(endpoints, 2) +} + +func TestGiteaTestSuite(t *testing.T) { + suite.Run(t, new(GiteaTestSuite)) +} diff --git a/database/sql/github.go b/database/sql/github.go index 08d6bdb3..8dd20225 100644 --- a/database/sql/github.go +++ b/database/sql/github.go @@ -200,7 +200,7 @@ func (s *sqlDatabase) DeleteGithubEndpoint(_ context.Context, name string) (err } if credsCount > 0 || repoCnt > 0 || orgCnt > 0 || entCnt > 0 { - return errors.New("cannot delete endpoint with associated entities") + return runnerErrors.NewBadRequestError("cannot delete endpoint with associated entities") } if err := tx.Unscoped().Delete(&endpoint).Error; err != nil { diff --git a/database/sql/github_test.go b/database/sql/github_test.go index 2e6eb507..f2e83fec 100644 --- a/database/sql/github_test.go +++ b/database/sql/github_test.go @@ -555,7 +555,7 @@ func (s *GithubTestSuite) TestDeleteCredentialsFailsIfReposOrgsOrEntitiesUseIt() err = s.db.DeleteOrganization(ctx, org.ID) s.Require().NoError(err) - enterprise, err := s.db.CreateEnterprise(ctx, "test-enterprise", creds.Name, "superSecret@123BlaBla", params.PoolBalancerTypeRoundRobin) + enterprise, err := s.db.CreateEnterprise(ctx, "test-enterprise", creds, "superSecret@123BlaBla", params.PoolBalancerTypeRoundRobin) s.Require().NoError(err) s.Require().NotNil(enterprise) @@ -737,6 +737,68 @@ func (s *GithubTestSuite) TestAdminUserCanUpdateAnyGithubCredentials() { s.Require().Equal(newDescription, newCreds.Description) } +func (s *GithubTestSuite) TestDeleteGithubEndpointFailsWithOrgsReposOrCredentials() { + ctx := garmTesting.ImpersonateAdminContext(context.Background(), s.db, s.T()) + + endpointParams := params.CreateGithubEndpointParams{ + Name: "deleteme", + Description: testEndpointDescription, + APIBaseURL: testAPIBaseURL, + BaseURL: testBaseURL, + } + + ep, err := s.db.CreateGithubEndpoint(ctx, endpointParams) + s.Require().NoError(err) + s.Require().NotNil(ep) + + credParams := params.CreateGithubCredentialsParams{ + Name: testCredsName, + Description: testCredsDescription, + Endpoint: ep.Name, + AuthType: params.ForgeAuthTypePAT, + PAT: params.GithubPAT{ + OAuth2Token: "test-creds5", + }, + } + + creds, err := s.db.CreateGithubCredentials(ctx, credParams) + s.Require().NoError(err) + s.Require().NotNil(creds) + + repo, err := s.db.CreateRepository(ctx, "test-owner", "test-repo", creds, "superSecret@123BlaBla", params.PoolBalancerTypeRoundRobin) + s.Require().NoError(err) + s.Require().NotNil(repo) + + badRequest := &runnerErrors.BadRequestError{} + err = s.db.DeleteGithubEndpoint(ctx, ep.Name) + s.Require().Error(err) + s.Require().ErrorAs(err, &badRequest) + + err = s.db.DeleteRepository(ctx, repo.ID) + s.Require().NoError(err) + + org, err := s.db.CreateOrganization(ctx, "test-org", creds, "superSecret@123BlaBla", params.PoolBalancerTypeRoundRobin) + s.Require().NoError(err) + s.Require().NotNil(org) + + err = s.db.DeleteGithubEndpoint(ctx, ep.Name) + s.Require().Error(err) + s.Require().ErrorAs(err, &badRequest) + + err = s.db.DeleteOrganization(ctx, org.ID) + s.Require().NoError(err) + + err = s.db.DeleteGithubCredentials(ctx, creds.ID) + s.Require().NoError(err) + + err = s.db.DeleteGithubEndpoint(ctx, ep.Name) + s.Require().NoError(err) + + _, err = s.db.GetGithubEndpoint(ctx, ep.Name) + s.Require().Error(err) + s.Require().ErrorIs(err, runnerErrors.ErrNotFound) +} + func TestGithubTestSuite(t *testing.T) { suite.Run(t, new(GithubTestSuite)) } diff --git a/database/sql/organizations_test.go b/database/sql/organizations_test.go index 3c2ba337..a93ef372 100644 --- a/database/sql/organizations_test.go +++ b/database/sql/organizations_test.go @@ -54,8 +54,10 @@ type OrgTestSuite struct { adminUserID string testCreds params.ForgeCredentials + testCredsGitea params.ForgeCredentials secondaryTestCreds params.ForgeCredentials githubEndpoint params.ForgeEndpoint + giteaEndpoint params.ForgeEndpoint } func (s *OrgTestSuite) equalInstancesByName(expected, actual []params.Instance) { @@ -91,7 +93,9 @@ func (s *OrgTestSuite) SetupTest() { s.Require().NotEmpty(s.adminUserID) s.githubEndpoint = garmTesting.CreateDefaultGithubEndpoint(adminCtx, db, s.T()) + s.giteaEndpoint = garmTesting.CreateDefaultGiteaEndpoint(adminCtx, db, s.T()) s.testCreds = garmTesting.CreateTestGithubCredentials(adminCtx, "new-creds", db, s.T(), s.githubEndpoint) + s.testCredsGitea = garmTesting.CreateTestGiteaCredentials(adminCtx, "new-creds", db, s.T(), s.giteaEndpoint) s.secondaryTestCreds = garmTesting.CreateTestGithubCredentials(adminCtx, "secondary-creds", db, s.T(), s.githubEndpoint) // create some organization objects in the database, for testing purposes @@ -192,6 +196,62 @@ func (s *OrgTestSuite) TestCreateOrganization() { s.Require().Equal(storeOrg.Name, org.Name) s.Require().Equal(storeOrg.Credentials.Name, org.Credentials.Name) s.Require().Equal(storeOrg.WebhookSecret, org.WebhookSecret) + + entity, err := org.GetEntity() + s.Require().Nil(err) + s.Require().Equal(entity.EntityType, params.ForgeEntityTypeOrganization) + s.Require().Equal(entity.ID, org.ID) + + forgeType, err := entity.GetForgeType() + s.Require().Nil(err) + s.Require().Equal(forgeType, params.GithubEndpointType) +} + +func (s *OrgTestSuite) TestCreateOrgForGitea() { + // call tested function + org, err := s.Store.CreateOrganization( + s.adminCtx, + s.Fixtures.CreateOrgParams.Name, + s.testCredsGitea, + s.Fixtures.CreateOrgParams.WebhookSecret, + params.PoolBalancerTypeRoundRobin) + + // assertions + s.Require().Nil(err) + storeOrg, err := s.Store.GetOrganizationByID(s.adminCtx, org.ID) + if err != nil { + s.FailNow(fmt.Sprintf("failed to get organization by id: %v", err)) + } + s.Require().Equal(storeOrg.Name, org.Name) + s.Require().Equal(storeOrg.Credentials.Name, org.Credentials.Name) + s.Require().Equal(storeOrg.WebhookSecret, org.WebhookSecret) + + entity, err := org.GetEntity() + s.Require().Nil(err) + s.Require().Equal(entity.EntityType, params.ForgeEntityTypeOrganization) + s.Require().Equal(entity.ID, org.ID) + + forgeType, err := entity.GetForgeType() + s.Require().Nil(err) + s.Require().Equal(forgeType, params.GiteaEndpointType) +} + +func (s *OrgTestSuite) TestCreateOrganizationInvalidForgeType() { + credentials := params.ForgeCredentials{ + Name: "test-creds", + Endpoint: s.githubEndpoint, + ID: 99, + ForgeType: params.EndpointType("invalid-forge-type"), + } + + _, err := s.Store.CreateOrganization( + s.adminCtx, + s.Fixtures.CreateOrgParams.Name, + credentials, + s.Fixtures.CreateOrgParams.WebhookSecret, + params.PoolBalancerTypeRoundRobin) + s.Require().NotNil(err) + s.Require().Equal("creating org: unsupported credentials type: invalid request", err.Error()) } func (s *OrgTestSuite) TestCreateOrganizationInvalidDBPassphrase() { diff --git a/database/sql/repositories_test.go b/database/sql/repositories_test.go index 0e2fa08f..3f8d8ca2 100644 --- a/database/sql/repositories_test.go +++ b/database/sql/repositories_test.go @@ -59,8 +59,10 @@ type RepoTestSuite struct { adminUserID string testCreds params.ForgeCredentials + testCredsGitea params.ForgeCredentials secondaryTestCreds params.ForgeCredentials githubEndpoint params.ForgeEndpoint + giteaEndpoint params.ForgeEndpoint } func (s *RepoTestSuite) equalReposByName(expected, actual []params.Repository) { @@ -109,7 +111,9 @@ func (s *RepoTestSuite) SetupTest() { s.Require().NotEmpty(s.adminUserID) s.githubEndpoint = garmTesting.CreateDefaultGithubEndpoint(adminCtx, db, s.T()) + s.giteaEndpoint = garmTesting.CreateDefaultGiteaEndpoint(adminCtx, db, s.T()) s.testCreds = garmTesting.CreateTestGithubCredentials(adminCtx, "new-creds", db, s.T(), s.githubEndpoint) + s.testCredsGitea = garmTesting.CreateTestGiteaCredentials(adminCtx, "new-creds", db, s.T(), s.giteaEndpoint) s.secondaryTestCreds = garmTesting.CreateTestGithubCredentials(adminCtx, "secondary-creds", db, s.T(), s.githubEndpoint) // create some repository objects in the database, for testing purposes @@ -219,6 +223,68 @@ func (s *RepoTestSuite) TestCreateRepository() { s.Require().Equal(storeRepo.Name, repo.Name) s.Require().Equal(storeRepo.Credentials.Name, repo.Credentials.Name) s.Require().Equal(storeRepo.WebhookSecret, repo.WebhookSecret) + + entity, err := repo.GetEntity() + s.Require().Nil(err) + s.Require().Equal(s.Fixtures.CreateRepoParams.Owner, entity.ID) + s.Require().Equal(entity.EntityType, params.ForgeEntityTypeRepository) + + forgeType, err := entity.GetForgeType() + s.Require().Nil(err) + s.Require().Equal(forgeType, params.GithubEndpointType) +} + +func (s *RepoTestSuite) TestCreateRepositoryGitea() { + // call tested function + repo, err := s.Store.CreateRepository( + s.adminCtx, + s.Fixtures.CreateRepoParams.Owner, + s.Fixtures.CreateRepoParams.Name, + s.testCredsGitea, + s.Fixtures.CreateRepoParams.WebhookSecret, + params.PoolBalancerTypeRoundRobin, + ) + + // assertions + s.Require().Nil(err) + storeRepo, err := s.Store.GetRepositoryByID(s.adminCtx, repo.ID) + if err != nil { + s.FailNow(fmt.Sprintf("failed to get repository by id: %v", err)) + } + s.Require().Equal(storeRepo.Owner, repo.Owner) + s.Require().Equal(storeRepo.Name, repo.Name) + s.Require().Equal(storeRepo.Credentials.Name, repo.Credentials.Name) + s.Require().Equal(storeRepo.WebhookSecret, repo.WebhookSecret) + + entity, err := repo.GetEntity() + s.Require().Nil(err) + s.Require().Equal(repo.ID, entity.ID) + s.Require().Equal(entity.EntityType, params.ForgeEntityTypeRepository) + + forgeType, err := entity.GetForgeType() + s.Require().Nil(err) + s.Require().Equal(forgeType, params.GiteaEndpointType) +} + +func (s *RepoTestSuite) TestCreateRepositoryInvalidForgeType() { + // call tested function + _, err := s.Store.CreateRepository( + s.adminCtx, + s.Fixtures.CreateRepoParams.Owner, + s.Fixtures.CreateRepoParams.Name, + params.ForgeCredentials{ + Name: "test-creds", + ForgeType: "invalid-forge-type", + Endpoint: params.ForgeEndpoint{ + Name: "test-endpoint", + }, + }, + s.Fixtures.CreateRepoParams.WebhookSecret, + params.PoolBalancerTypeRoundRobin, + ) + + s.Require().NotNil(err) + s.Require().Equal("creating repository: unsupported credentials type: invalid request", err.Error()) } func (s *RepoTestSuite) TestCreateRepositoryInvalidDBPassphrase() { diff --git a/database/sql/scalesets_test.go b/database/sql/scalesets_test.go index 54937c2d..7d49b397 100644 --- a/database/sql/scalesets_test.go +++ b/database/sql/scalesets_test.go @@ -58,7 +58,7 @@ func (s *ScaleSetsTestSuite) SetupTest() { s.FailNow(fmt.Sprintf("failed to create repo: %s", err)) } - s.enterprise, err = s.Store.CreateEnterprise(s.adminCtx, "test-enterprise", s.creds.Name, "test-webhookSecret", params.PoolBalancerTypeRoundRobin) + s.enterprise, err = s.Store.CreateEnterprise(s.adminCtx, "test-enterprise", s.creds, "test-webhookSecret", params.PoolBalancerTypeRoundRobin) if err != nil { s.FailNow(fmt.Sprintf("failed to create enterprise: %s", err)) } diff --git a/database/watcher/watcher_store_test.go b/database/watcher/watcher_store_test.go index 3de7c01a..7045455e 100644 --- a/database/watcher/watcher_store_test.go +++ b/database/watcher/watcher_store_test.go @@ -646,7 +646,7 @@ func (s *WatcherStoreTestSuite) TestEnterpriseWatcher() { creds := garmTesting.CreateTestGithubCredentials(s.ctx, "test-creds", s.store, s.T(), ep) s.T().Cleanup(func() { s.store.DeleteGithubCredentials(s.ctx, creds.ID) }) - ent, err := s.store.CreateEnterprise(s.ctx, "test-enterprise", creds.Name, "test-secret", params.PoolBalancerTypeRoundRobin) + ent, err := s.store.CreateEnterprise(s.ctx, "test-enterprise", creds, "test-secret", params.PoolBalancerTypeRoundRobin) s.Require().NoError(err) s.Require().NotEmpty(ent.ID) diff --git a/internal/testing/testing.go b/internal/testing/testing.go index 0fcc1dda..84b4d48c 100644 --- a/internal/testing/testing.go +++ b/internal/testing/testing.go @@ -110,6 +110,30 @@ func CreateDefaultGithubEndpoint(ctx context.Context, db common.Store, s *testin return ep } +func CreateDefaultGiteaEndpoint(ctx context.Context, db common.Store, s *testing.T) params.ForgeEndpoint { + endpointParams := params.CreateGiteaEndpointParams{ + Name: "gitea.example.com", + Description: "gitea endpoint", + APIBaseURL: "https://gitea.example.com/", + BaseURL: "https://gitea.example.com/", + } + + ep, err := db.GetGithubEndpoint(ctx, endpointParams.Name) + if err != nil { + if !errors.Is(err, runnerErrors.ErrNotFound) { + s.Fatalf("failed to get database object (github.com): %v", err) + } + ep, err = db.CreateGiteaEndpoint(ctx, endpointParams) + if err != nil { + if !errors.Is(err, runnerErrors.ErrDuplicateEntity) { + s.Fatalf("failed to create database object (github.com): %v", err) + } + } + } + + return ep +} + func CreateTestGithubCredentials(ctx context.Context, credsName string, db common.Store, s *testing.T, endpoint params.ForgeEndpoint) params.ForgeCredentials { newCredsParams := params.CreateGithubCredentialsParams{ Name: credsName, @@ -127,6 +151,23 @@ func CreateTestGithubCredentials(ctx context.Context, credsName string, db commo return newCreds } +func CreateTestGiteaCredentials(ctx context.Context, credsName string, db common.Store, s *testing.T, endpoint params.ForgeEndpoint) params.ForgeCredentials { + newCredsParams := params.CreateGiteaCredentialsParams{ + Name: credsName, + Description: "Test creds", + AuthType: params.ForgeAuthTypePAT, + Endpoint: endpoint.Name, + PAT: params.GithubPAT{ + OAuth2Token: "test-token", + }, + } + newCreds, err := db.CreateGiteaCredentials(ctx, newCredsParams) + if err != nil { + s.Fatalf("failed to create database object (%s): %v", credsName, err) + } + return newCreds +} + func GetTestSqliteDBConfig(t *testing.T) config.Database { dir, err := os.MkdirTemp("", "garm-config-test") if err != nil { diff --git a/runner/enterprises.go b/runner/enterprises.go index 6cbe54d0..1dbb2171 100644 --- a/runner/enterprises.go +++ b/runner/enterprises.go @@ -39,7 +39,7 @@ func (r *Runner) CreateEnterprise(ctx context.Context, param params.CreateEnterp return params.Enterprise{}, runnerErrors.NewConflictError("enterprise %s already exists", param.Name) } - enterprise, err = r.store.CreateEnterprise(ctx, param.Name, creds.Name, param.WebhookSecret, param.PoolBalancerType) + enterprise, err = r.store.CreateEnterprise(ctx, param.Name, creds, param.WebhookSecret, param.PoolBalancerType) if err != nil { return params.Enterprise{}, errors.Wrap(err, "creating enterprise") } diff --git a/runner/enterprises_test.go b/runner/enterprises_test.go index 5c09ae5d..d5eef463 100644 --- a/runner/enterprises_test.go +++ b/runner/enterprises_test.go @@ -81,7 +81,7 @@ func (s *EnterpriseTestSuite) SetupTest() { enterprise, err := db.CreateEnterprise( adminCtx, name, - s.testCreds.Name, + s.testCreds, fmt.Sprintf("test-webhook-secret-%v", i), params.PoolBalancerTypeRoundRobin, )