d2b09d854f
Implement a new error handling library based on pkg/errors. It provides stack saving on wrapping and exports some function to add stack saving also to external errors. It also implements custom zerolog error formatting without adding too much verbosity by just printing the chain error file:line without a full stack trace of every error. * Add a --detailed-errors options to print error with they full chain * Wrap all error returns. Use errors.WithStack to wrap without adding a new messsage and error.Wrap[f] to add a message. * Add golangci-lint wrapcheck to check that external packages errors are wrapped. This won't check that internal packages error are wrapped. But we want also to ensure this case so we'll have to find something else to check also these.
396 lines
11 KiB
Go
396 lines
11 KiB
Go
// Copyright 2019 Sorint.lab
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package gitlab
|
|
|
|
import (
|
|
"context"
|
|
"crypto/tls"
|
|
"encoding/base64"
|
|
"fmt"
|
|
"net"
|
|
"net/http"
|
|
"regexp"
|
|
"strconv"
|
|
"strings"
|
|
"time"
|
|
|
|
"agola.io/agola/internal/errors"
|
|
gitsource "agola.io/agola/internal/gitsources"
|
|
|
|
gitlab "github.com/xanzy/go-gitlab"
|
|
"golang.org/x/oauth2"
|
|
)
|
|
|
|
var (
|
|
GitlabOauth2Scopes = []string{"api"}
|
|
|
|
branchRefPrefix = "refs/heads/"
|
|
tagRefPrefix = "refs/tags/"
|
|
pullRequestRefRegex = regexp.MustCompile("refs/merge-requests/(.*)/head")
|
|
pullRequestRefFmt = "refs/merge-requests/%s/head"
|
|
)
|
|
|
|
type Opts struct {
|
|
APIURL string
|
|
Token string
|
|
SkipVerify bool
|
|
Oauth2ClientID string
|
|
Oauth2Secret string
|
|
}
|
|
|
|
type Client struct {
|
|
client *gitlab.Client
|
|
oauth2HTTPClient *http.Client
|
|
APIURL string
|
|
oauth2ClientID string
|
|
oauth2Secret string
|
|
}
|
|
|
|
// fromCommitStatus converts a gitsource commit status to a gitlab commit status
|
|
func fromCommitStatus(status gitsource.CommitStatus) gitlab.BuildStateValue {
|
|
switch status {
|
|
case gitsource.CommitStatusPending:
|
|
return gitlab.Pending
|
|
case gitsource.CommitStatusSuccess:
|
|
return gitlab.Success
|
|
case gitsource.CommitStatusError:
|
|
return gitlab.Failed
|
|
case gitsource.CommitStatusFailed:
|
|
return gitlab.Failed
|
|
default:
|
|
panic(errors.Errorf("unknown commit status %q", status))
|
|
}
|
|
}
|
|
|
|
func New(opts Opts) (*Client, error) {
|
|
// copied from net/http until it has a clone function: https://github.com/golang/go/issues/26013
|
|
transport := &http.Transport{
|
|
Proxy: http.ProxyFromEnvironment,
|
|
DialContext: (&net.Dialer{
|
|
Timeout: 30 * time.Second,
|
|
KeepAlive: 30 * time.Second,
|
|
DualStack: true,
|
|
}).DialContext,
|
|
MaxIdleConns: 100,
|
|
IdleConnTimeout: 90 * time.Second,
|
|
TLSHandshakeTimeout: 10 * time.Second,
|
|
ExpectContinueTimeout: 1 * time.Second,
|
|
TLSClientConfig: &tls.Config{InsecureSkipVerify: opts.SkipVerify},
|
|
}
|
|
httpClient := &http.Client{Transport: transport}
|
|
|
|
client := gitlab.NewOAuthClient(httpClient, opts.Token)
|
|
if err := client.SetBaseURL(opts.APIURL); err != nil {
|
|
return nil, errors.Wrapf(err, "failed to set gitlab client base url")
|
|
}
|
|
|
|
return &Client{
|
|
client: client,
|
|
oauth2HTTPClient: httpClient,
|
|
APIURL: opts.APIURL,
|
|
oauth2ClientID: opts.Oauth2ClientID,
|
|
oauth2Secret: opts.Oauth2Secret,
|
|
}, nil
|
|
}
|
|
|
|
func (c *Client) oauth2Config(callbackURL string) *oauth2.Config {
|
|
return &oauth2.Config{
|
|
ClientID: c.oauth2ClientID,
|
|
ClientSecret: c.oauth2Secret,
|
|
Scopes: GitlabOauth2Scopes,
|
|
Endpoint: oauth2.Endpoint{
|
|
AuthURL: fmt.Sprintf("%s/oauth/authorize", c.APIURL),
|
|
TokenURL: fmt.Sprintf("%s/oauth/token", c.APIURL),
|
|
},
|
|
RedirectURL: callbackURL,
|
|
}
|
|
}
|
|
|
|
func (c *Client) GetOauth2AuthorizationURL(callbackURL, state string) (string, error) {
|
|
var config = c.oauth2Config(callbackURL)
|
|
return config.AuthCodeURL(state), nil
|
|
}
|
|
|
|
func (c *Client) RequestOauth2Token(callbackURL, code string) (*oauth2.Token, error) {
|
|
ctx := context.TODO()
|
|
ctx = context.WithValue(ctx, oauth2.HTTPClient, c.oauth2HTTPClient)
|
|
|
|
var config = c.oauth2Config(callbackURL)
|
|
token, err := config.Exchange(ctx, code)
|
|
if err != nil {
|
|
return nil, errors.Wrapf(err, "cannot get oauth2 token")
|
|
}
|
|
return token, nil
|
|
}
|
|
|
|
func (c *Client) RefreshOauth2Token(refreshToken string) (*oauth2.Token, error) {
|
|
ctx := context.TODO()
|
|
ctx = context.WithValue(ctx, oauth2.HTTPClient, c.oauth2HTTPClient)
|
|
|
|
var config = c.oauth2Config("")
|
|
token := &oauth2.Token{RefreshToken: refreshToken}
|
|
ts := config.TokenSource(ctx, token)
|
|
ntoken, err := ts.Token()
|
|
|
|
return ntoken, errors.WithStack(err)
|
|
}
|
|
|
|
func (c *Client) GetRepoInfo(repopath string) (*gitsource.RepoInfo, error) {
|
|
rr, _, err := c.client.Projects.GetProject(repopath, nil)
|
|
if err != nil {
|
|
return nil, errors.WithStack(err)
|
|
}
|
|
return fromGitlabRepo(rr), nil
|
|
}
|
|
|
|
func (c *Client) GetUserInfo() (*gitsource.UserInfo, error) {
|
|
user, _, err := c.client.Users.CurrentUser()
|
|
if err != nil {
|
|
return nil, errors.WithStack(err)
|
|
}
|
|
return &gitsource.UserInfo{
|
|
ID: strconv.Itoa(user.ID),
|
|
LoginName: user.Username,
|
|
Email: user.Email,
|
|
}, nil
|
|
}
|
|
|
|
func (c *Client) GetFile(repopath, commit, file string) ([]byte, error) {
|
|
f, _, err := c.client.RepositoryFiles.GetFile(repopath, file, &gitlab.GetFileOptions{Ref: gitlab.String(commit)})
|
|
if err != nil {
|
|
return nil, errors.WithStack(err)
|
|
}
|
|
data, err := base64.StdEncoding.DecodeString(f.Content)
|
|
if err != nil {
|
|
return nil, errors.WithStack(err)
|
|
}
|
|
return data, errors.WithStack(err)
|
|
}
|
|
|
|
func (c *Client) CreateDeployKey(repopath, title, pubKey string, readonly bool) error {
|
|
if _, _, err := c.client.DeployKeys.AddDeployKey(repopath, &gitlab.AddDeployKeyOptions{
|
|
Title: gitlab.String(title),
|
|
Key: gitlab.String(pubKey),
|
|
}); err != nil {
|
|
return errors.Wrapf(err, "error creating deploy key")
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (c *Client) UpdateDeployKey(repopath, title, pubKey string, readonly bool) error {
|
|
keys, _, err := c.client.DeployKeys.ListProjectDeployKeys(repopath, nil)
|
|
if err != nil {
|
|
return errors.Wrapf(err, "error retrieving existing deploy keys")
|
|
}
|
|
|
|
for _, key := range keys {
|
|
if key.Title == title {
|
|
if key.Key == pubKey {
|
|
return nil
|
|
}
|
|
if _, err := c.client.DeployKeys.DeleteDeployKey(repopath, key.ID); err != nil {
|
|
return errors.Wrapf(err, "error removing existing deploy key")
|
|
}
|
|
}
|
|
}
|
|
|
|
if _, _, err := c.client.DeployKeys.AddDeployKey(repopath, &gitlab.AddDeployKeyOptions{
|
|
Title: &title,
|
|
Key: &pubKey,
|
|
}); err != nil {
|
|
return errors.Wrapf(err, "error creating deploy key")
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (c *Client) DeleteDeployKey(repopath, title string) error {
|
|
keys, _, err := c.client.DeployKeys.ListProjectDeployKeys(repopath, nil)
|
|
if err != nil {
|
|
return errors.Wrapf(err, "error retrieving existing deploy keys")
|
|
}
|
|
|
|
for _, key := range keys {
|
|
if key.Title == title {
|
|
if _, err := c.client.DeployKeys.DeleteDeployKey(repopath, key.ID); err != nil {
|
|
return errors.Wrapf(err, "error removing existing deploy key")
|
|
}
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (c *Client) CreateRepoWebhook(repopath, url, secret string) error {
|
|
opts := &gitlab.AddProjectHookOptions{
|
|
URL: gitlab.String(url),
|
|
PushEvents: gitlab.Bool(true),
|
|
TagPushEvents: gitlab.Bool(true),
|
|
MergeRequestsEvents: gitlab.Bool(true),
|
|
Token: gitlab.String(secret),
|
|
}
|
|
if _, _, err := c.client.Projects.AddProjectHook(repopath, opts); err != nil {
|
|
return errors.Wrapf(err, "error creating repository webhook")
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (c *Client) DeleteRepoWebhook(repopath, u string) error {
|
|
hooks, _, err := c.client.Projects.ListProjectHooks(repopath, nil)
|
|
if err != nil {
|
|
return errors.Wrapf(err, "error retrieving repository webhooks")
|
|
}
|
|
|
|
// match the full url so we can have multiple webhooks for different agola
|
|
// projects
|
|
for _, hook := range hooks {
|
|
if hook.URL == u {
|
|
if _, err := c.client.Projects.DeleteProjectHook(repopath, hook.ID); err != nil {
|
|
return errors.Wrapf(err, "error deleting existing repository webhook")
|
|
}
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
func (c *Client) CreateCommitStatus(repopath, commitSHA string, status gitsource.CommitStatus, targetURL, description, context string) error {
|
|
_, _, err := c.client.Commits.SetCommitStatus(repopath, commitSHA, &gitlab.SetCommitStatusOptions{
|
|
State: fromCommitStatus(status),
|
|
TargetURL: gitlab.String(targetURL),
|
|
Description: gitlab.String(description),
|
|
Context: gitlab.String(context),
|
|
})
|
|
return errors.WithStack(err)
|
|
}
|
|
|
|
func (c *Client) ListUserRepos() ([]*gitsource.RepoInfo, error) {
|
|
// get only repos with permission greater or equal to maintainer
|
|
opts := &gitlab.ListProjectsOptions{MinAccessLevel: gitlab.AccessLevel(gitlab.MaintainerPermissions)}
|
|
remoteRepos, _, err := c.client.Projects.ListProjects(opts)
|
|
if err != nil {
|
|
return nil, errors.WithStack(err)
|
|
}
|
|
|
|
repos := []*gitsource.RepoInfo{}
|
|
|
|
for _, rr := range remoteRepos {
|
|
repos = append(repos, fromGitlabRepo(rr))
|
|
}
|
|
|
|
return repos, nil
|
|
}
|
|
|
|
func fromGitlabRepo(rr *gitlab.Project) *gitsource.RepoInfo {
|
|
return &gitsource.RepoInfo{
|
|
ID: strconv.Itoa(rr.ID),
|
|
Path: rr.PathWithNamespace,
|
|
HTMLURL: rr.WebURL,
|
|
SSHCloneURL: rr.SSHURLToRepo,
|
|
HTTPCloneURL: rr.HTTPURLToRepo,
|
|
}
|
|
}
|
|
|
|
// NOTE(sgotti) gitlab doesn't provide a get ref api
|
|
func (c *Client) GetRef(repopath, ref string) (*gitsource.Ref, error) {
|
|
switch {
|
|
case strings.HasPrefix(ref, "refs/heads/"):
|
|
|
|
branch := strings.TrimPrefix(ref, "refs/heads/")
|
|
remoteBranch, _, err := c.client.Branches.GetBranch(repopath, branch)
|
|
if err != nil {
|
|
return nil, errors.WithStack(err)
|
|
}
|
|
|
|
return &gitsource.Ref{
|
|
Ref: ref,
|
|
CommitSHA: remoteBranch.Commit.ID,
|
|
}, nil
|
|
|
|
case strings.HasPrefix(ref, "refs/tags/"):
|
|
tag := strings.TrimPrefix(ref, "refs/heads/")
|
|
remoteTag, _, err := c.client.Tags.GetTag(repopath, tag)
|
|
if err != nil {
|
|
return nil, errors.WithStack(err)
|
|
}
|
|
|
|
return &gitsource.Ref{
|
|
Ref: ref,
|
|
CommitSHA: remoteTag.Commit.ID,
|
|
}, nil
|
|
default:
|
|
return nil, errors.Errorf("unsupported ref: %s", ref)
|
|
}
|
|
}
|
|
|
|
func (c *Client) RefType(ref string) (gitsource.RefType, string, error) {
|
|
switch {
|
|
case strings.HasPrefix(ref, branchRefPrefix):
|
|
return gitsource.RefTypeBranch, strings.TrimPrefix(ref, branchRefPrefix), nil
|
|
|
|
case strings.HasPrefix(ref, tagRefPrefix):
|
|
return gitsource.RefTypeTag, strings.TrimPrefix(ref, tagRefPrefix), nil
|
|
|
|
case pullRequestRefRegex.MatchString(ref):
|
|
m := pullRequestRefRegex.FindStringSubmatch(ref)
|
|
return gitsource.RefTypePullRequest, m[1], nil
|
|
|
|
default:
|
|
return -1, "", errors.Errorf("unsupported ref: %s", ref)
|
|
}
|
|
}
|
|
|
|
func (c *Client) GetCommit(repopath, commitSHA string) (*gitsource.Commit, error) {
|
|
commit, _, err := c.client.Commits.GetCommit(repopath, commitSHA, nil)
|
|
if err != nil {
|
|
return nil, errors.WithStack(err)
|
|
}
|
|
|
|
return &gitsource.Commit{
|
|
SHA: commit.ID,
|
|
Message: commit.Message,
|
|
}, nil
|
|
}
|
|
|
|
func (c *Client) BranchRef(branch string) string {
|
|
return branchRefPrefix + branch
|
|
}
|
|
|
|
func (c *Client) TagRef(tag string) string {
|
|
return tagRefPrefix + tag
|
|
}
|
|
|
|
func (c *Client) PullRequestRef(prID string) string {
|
|
return fmt.Sprintf(pullRequestRefFmt, prID)
|
|
}
|
|
|
|
func (c *Client) CommitLink(repoInfo *gitsource.RepoInfo, commitSHA string) string {
|
|
return fmt.Sprintf("%s/commit/%s", repoInfo.HTMLURL, commitSHA)
|
|
}
|
|
|
|
func (c *Client) BranchLink(repoInfo *gitsource.RepoInfo, branch string) string {
|
|
return fmt.Sprintf("%s/tree/%s", repoInfo.HTMLURL, branch)
|
|
}
|
|
|
|
func (c *Client) TagLink(repoInfo *gitsource.RepoInfo, tag string) string {
|
|
return fmt.Sprintf("%s/tree/%s", repoInfo.HTMLURL, tag)
|
|
}
|
|
|
|
func (c *Client) PullRequestLink(repoInfo *gitsource.RepoInfo, prID string) string {
|
|
return fmt.Sprintf("%s/merge_requests/%s", repoInfo.HTMLURL, prID)
|
|
}
|