Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

supporting gitlab connections #1921

Open
wants to merge 4 commits into
base: develop
Choose a base branch
from
+49 −24
Open

supporting gitlab connections #1921

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
d2ef8cc
gitlab connections
motatoes Mar 25, 2025
9a0648f
add file
motatoes Mar 25, 2025
0288297
Merge branch 'develop' into feat/gitlab-connections
motatoes Mar 25, 2025
2c187ef
support gitlab in connections
motatoes Mar 25, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
46 changes: 25 additions & 21 deletions backend/controllers/connections.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ func ListVCSConnectionsApi(c *gin.Context) {
connectionsSlim := lo.Map(connections, func(c models.VCSConnection, i int) gin.H {
return gin.H{
"connection_id": c.ID,
"vcs": "bitbucket",
"vcs": c.VCSType,
"connection_name": c.Name,
}
})
Expand All @@ -64,6 +64,8 @@ func CreateVCSConnectionApi(c *gin.Context) {
Name string `json:"connection_name"`
BitbucketAccessToken string `json:"bitbucket_access_token"`
BitbucketWebhookSecret string `json:"bitbucket_webhook_secret"`
GitlabAccessToken string `json:"gitlab_access_token"`
GitlabWebhookSecret string `json:"gitlab_webhook_secret"`
}

var request CreateVCSConnectionRequest
Expand All @@ -72,7 +74,8 @@ func CreateVCSConnectionApi(c *gin.Context) {
return
}

if request.VCS != "bitbucket" {
if request.VCS != string(models.DiggerVCSBitbucket) &&
request.VCS != string(models.DiggerVCSGitlab) {
log.Printf("VCS type not supported: %v", request.VCS)
c.JSON(http.StatusBadRequest, gin.H{"error": "VCS type not supported"})
return
Expand All @@ -87,34 +90,35 @@ func CreateVCSConnectionApi(c *gin.Context) {

bitbucketAccessTokenEncrypted, err := utils.AESEncrypt([]byte(secret), request.BitbucketAccessToken)
if err != nil {
log.Printf("could not encrypt access token: %v", err)
c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt access token"})
log.Printf("could not encrypt bitbucket access token: %v", err)
c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt bitbucket access token"})
return
}

bitbucketWebhookSecretEncrypted, err := utils.AESEncrypt([]byte(secret), request.BitbucketWebhookSecret)
if err != nil {
log.Printf("could not encrypt webhook secret: %v", err)
c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt webhook secret"})
log.Printf("could not encrypt bitbucket webhook secret: %v", err)
c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt bitbucket webhook secret"})
return
}

gitlabAccessTokenEncrypted, err := utils.AESEncrypt([]byte(secret), request.GitlabAccessToken)
if err != nil {
log.Printf("could not encrypt gitlab access token: %v", err)
c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt gitlab access token"})
return
}

gitlabWebhookSecret, err := utils.AESEncrypt([]byte(secret), request.GitlabWebhookSecret)
if err != nil {
log.Printf("could not encrypt gitlab webhook secret: %v", err)
c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt gitlab access token"})
return
Comment on lines +93 to 116
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Error message inconsistency in GitLab webhook secret encryption error

There's an inconsistency in the error message for GitLab webhook secret encryption. The error message reports "Could not encrypt gitlab access token" instead of "Could not encrypt gitlab webhook secret".

Apply this fix:

-		c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt gitlab access token"})
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt gitlab webhook secret"})
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
log.Printf("could not encrypt bitbucket access token: %v", err)
c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt bitbucket access token"})
return
}
bitbucketWebhookSecretEncrypted, err := utils.AESEncrypt([]byte(secret), request.BitbucketWebhookSecret)
if err != nil {
log.Printf("could not encrypt webhook secret: %v", err)
c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt webhook secret"})
log.Printf("could not encrypt bitbucket webhook secret: %v", err)
c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt bitbucket webhook secret"})
return
}
gitlabAccessTokenEncrypted, err := utils.AESEncrypt([]byte(secret), request.GitlabAccessToken)
if err != nil {
log.Printf("could not encrypt gitlab access token: %v", err)
c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt gitlab access token"})
return
}
gitlabWebhookSecret, err := utils.AESEncrypt([]byte(secret), request.GitlabWebhookSecret)
if err != nil {
log.Printf("could not encrypt gitlab webhook secret: %v", err)
c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt gitlab access token"})
return
log.Printf("could not encrypt bitbucket access token: %v", err)
c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt bitbucket access token"})
return
}
bitbucketWebhookSecretEncrypted, err := utils.AESEncrypt([]byte(secret), request.BitbucketWebhookSecret)
if err != nil {
log.Printf("could not encrypt bitbucket webhook secret: %v", err)
c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt bitbucket webhook secret"})
return
}
gitlabAccessTokenEncrypted, err := utils.AESEncrypt([]byte(secret), request.GitlabAccessToken)
if err != nil {
log.Printf("could not encrypt gitlab access token: %v", err)
c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt gitlab access token"})
return
}
gitlabWebhookSecret, err := utils.AESEncrypt([]byte(secret), request.GitlabWebhookSecret)
if err != nil {
log.Printf("could not encrypt gitlab webhook secret: %v", err)
c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt gitlab webhook secret"})
return

}

connection, err := models.DB.CreateVCSConnection(
request.Name,
0,
"",
"",
"",
"",
"",
"",
"",
bitbucketAccessTokenEncrypted,
bitbucketWebhookSecretEncrypted,
org.ID,
)
connection, err := models.DB.CreateVCSConnection(request.Name, models.DiggerVCSType(request.VCS), 0, "", "", "", "", "", "", "", bitbucketAccessTokenEncrypted, bitbucketWebhookSecretEncrypted, gitlabWebhookSecret, gitlabAccessTokenEncrypted, org.ID)
if err != nil {
log.Printf("")
log.Printf("failed to create vcs connection")
}
Comment on lines +119 to 122
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Missing error handling for CreateVCSConnection

The error handling for CreateVCSConnection is incomplete. A log message is created if an error occurs, but the error isn't returned to the client, and the code continues execution as if the operation succeeded.

Apply this fix:

	connection, err := models.DB.CreateVCSConnection(request.Name, models.DiggerVCSType(request.VCS), 0, "", "", "", "", "", "", "", bitbucketAccessTokenEncrypted, bitbucketWebhookSecretEncrypted, gitlabWebhookSecret, gitlabAccessTokenEncrypted, org.ID)
	if err != nil {
		log.Printf("failed to create vcs connection")
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not create VCS connection"})
+		return
	}
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
connection, err := models.DB.CreateVCSConnection(request.Name, models.DiggerVCSType(request.VCS), 0, "", "", "", "", "", "", "", bitbucketAccessTokenEncrypted, bitbucketWebhookSecretEncrypted, gitlabWebhookSecret, gitlabAccessTokenEncrypted, org.ID)
if err != nil {
log.Printf("")
log.Printf("failed to create vcs connection")
}
connection, err := models.DB.CreateVCSConnection(request.Name, models.DiggerVCSType(request.VCS), 0, "", "", "", "", "", "", "", bitbucketAccessTokenEncrypted, bitbucketWebhookSecretEncrypted, gitlabWebhookSecret, gitlabAccessTokenEncrypted, org.ID)
if err != nil {
log.Printf("failed to create vcs connection")
c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not create VCS connection"})
return
}


c.JSON(http.StatusCreated, gin.H{
Expand Down
2 changes: 2 additions & 0 deletions backend/go.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -742,6 +742,8 @@ github.com/ajstarks/deck v0.0.0-20200831202436-30c9fc6549a9/go.mod h1:JynElWSGnm
github.com/ajstarks/deck/generate v0.0.0-20210309230005-c3f852c02e19/go.mod h1:T13YZdzov6OU0A1+RfKZiZN9ca6VeKdBdyDV+BY97Tk=
github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw=
github.com/ajstarks/svgo v0.0.0-20211024235047-1546f124cd8b/go.mod h1:1KcenG0jGWcpt8ov532z81sp/kMMUG485J2InIOyADM=
github.com/alecthomas/kong v0.7.1 h1:azoTh0IOfwlAX3qN9sHWTxACE2oV8Bg2gAwBsMwDQY4=
github.com/alecthomas/kong v0.7.1/go.mod h1:n1iCIO2xS46oE8ZfYCNDqdR0b0wZNrXAIAqro/2132U=
github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
Expand Down
2 changes: 2 additions & 0 deletions backend/migrations/20250325115901.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
-- Modify "github_app_connections" table
ALTER TABLE "public"."github_app_connections" ADD COLUMN "gitlab_access_token_encrypted" text NULL, ADD COLUMN "gitlab_webhook_secret_encrypted" text NULL;
2 changes: 2 additions & 0 deletions backend/migrations/20250325134924.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
-- Modify "github_app_connections" table
ALTER TABLE "public"."github_app_connections" ADD COLUMN "vcs_type" text NULL DEFAULT 'bitbucket';
4 changes: 3 additions & 1 deletion backend/migrations/atlas.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
h1:pGuhEh2gQrZkYbjLCxVK+ZHO3jlFj99jjAO96gKlWlc=
h1:FUyT8bE1jsztutCMQI5+hbieTDYCpac4f1BQk/RksrM=
20231227132525.sql h1:43xn7XC0GoJsCnXIMczGXWis9d504FAWi4F1gViTIcw=
20240115170600.sql h1:IW8fF/8vc40+eWqP/xDK+R4K9jHJ9QBSGO6rN9LtfSA=
20240116123649.sql h1:R1JlUIgxxF6Cyob9HdtMqiKmx/BfnsctTl5rvOqssQw=
Expand Down Expand Up @@ -44,3 +44,5 @@ h1:pGuhEh2gQrZkYbjLCxVK+ZHO3jlFj99jjAO96gKlWlc=
20250224152926.sql h1:EjoFpfeoCpk/SjSo2i7sajKCR3t7YCn+1ZgGJrT0L9Y=
20250226185150.sql h1:K7e/3Zy2wSTqKa3iYpIb02GTAniYSXHObTIqOV9aOhM=
20250302190926.sql h1:F3FnaGnZv1Hwmg6W9Nacg5fbdiYbZGgS/mkuogtCso0=
20250325115901.sql h1:yrha7g515WPkFRHfidvtLVWMeQmRD8rzVyWtPbuk0ws=
20250325134924.sql h1:5vywDVuT0FPmQKP75AvxopxOeuKXsTEN00rgQjnA+ss=
3 changes: 3 additions & 0 deletions backend/models/github.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,9 @@ type VCSConnection struct {
GithubAppUrl string
BitbucketAccessTokenEncrypted string
BitbucketWebhookSecretEncrypted string
GitlabAccessTokenEncrypted string
GitlabWebhookSecretEncrypted string
VCSType DiggerVCSType `gorm:"default:bitbucket"`
OrganisationID uint
Organisation Organisation
}
Expand Down
5 changes: 4 additions & 1 deletion backend/models/storage.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -438,9 +438,10 @@ func (db *Database) GetGithubAppInstallationLink(installationId int64) (*GithubA
return &link, nil
}

func (db *Database) CreateVCSConnection(name string, githubId int64, ClientID string, ClientSecretEncrypted string, WebhookSecretEncrypted string, PrivateKeyEncrypted string, PrivateKeyBase64Encrypted string, Org string, url string, bitbucketAccessTokenEnc string, bitbucketWebhookSecretEnc string, orgId uint) (*VCSConnection, error) {
func (db *Database) CreateVCSConnection(name string, vcsType DiggerVCSType, githubId int64, ClientID string, ClientSecretEncrypted string, WebhookSecretEncrypted string, PrivateKeyEncrypted string, PrivateKeyBase64Encrypted string, Org string, url string, bitbucketAccessTokenEnc string, bitbucketWebhookSecretEnc string, gitlabWebhookSecret string, gitlabAccessToken string, orgId uint) (*VCSConnection, error) {
app := VCSConnection{
Name: name,
VCSType: vcsType,
GithubId: githubId,
ClientID: ClientID,
ClientSecretEncrypted: ClientSecretEncrypted,
Expand All @@ -451,6 +452,8 @@ func (db *Database) CreateVCSConnection(name string, githubId int64, ClientID st
GithubAppUrl: url,
BitbucketWebhookSecretEncrypted: bitbucketWebhookSecretEnc,
BitbucketAccessTokenEncrypted: bitbucketAccessTokenEnc,
GitlabWebhookSecretEncrypted: gitlabWebhookSecret,
GitlabAccessTokenEncrypted: gitlabAccessToken,
OrganisationID: orgId,
}
result := db.GormDB.Save(&app)
Expand Down
2 changes: 1 addition & 1 deletion ee/backend/controllers/github.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -192,7 +192,7 @@ func (d DiggerEEController) GithubAppConnectionsConfirm(c *gin.Context) {
return
}

_, err = models.DB.CreateVCSConnection(cfg.GetName(), cfg.GetID(), cfg.GetClientID(), clientSecretEnc, webhookSecretEnc, PEMEnc, PEM64Enc, *cfg.Owner.Login, cfg.GetHTMLURL(), "", "", orgId)
_, err = models.DB.CreateVCSConnection(cfg.GetName(), models.DiggerVCSGithub, cfg.GetID(), cfg.GetClientID(), clientSecretEnc, webhookSecretEnc, PEMEnc, PEM64Enc, *cfg.Owner.Login, cfg.GetHTMLURL(), "", "", "", "", orgId)
if err != nil {
log.Printf("failed to create github app connection record: %v", err)
c.String(500, fmt.Sprintf("Failed to create github app record on callback"))
Expand Down
1 change: 1 addition & 0 deletions ee/backend/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ require (
)

require (
ariga.io/atlas-provider-gorm v0.5.0 // indirect
cel.dev/expr v0.16.1 // indirect
cloud.google.com/go v0.116.0 // indirect
cloud.google.com/go/auth v0.10.0 // indirect
Expand Down
6 changes: 6 additions & 0 deletions ee/backend/go.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,7 @@
ariga.io/atlas-go-sdk v0.2.3 h1:DpKruiJ9ElJcNhYxnQM9ddzupHXEYFH0Jx6ZcZ7lKYQ=
ariga.io/atlas-go-sdk v0.2.3/go.mod h1:owkEEXw6jqne5KPVDfKsYB7cwMiMk3jtOiAAeKxS/yU=
ariga.io/atlas-provider-gorm v0.5.0 h1:DqYNWroKUiXmx2N6nf/I9lIWu6fpgB6OQx/JoelCTes=
ariga.io/atlas-provider-gorm v0.5.0/go.mod h1:8m6+N6+IgWMzPcR63c9sNOBoxfNk6yV6txBZBrgLg1o=
cel.dev/expr v0.16.1 h1:NR0+oFYzR1CqLFhTAqg3ql59G9VfN8fKq1TCHJ6gq1g=
cel.dev/expr v0.16.1/go.mod h1:AsGA5zb3WruAEQeQng1RZdGEXmBj0jvMWh6l5SnNuC8=
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
Expand Down Expand Up @@ -724,6 +728,8 @@ github.com/ajstarks/deck v0.0.0-20200831202436-30c9fc6549a9/go.mod h1:JynElWSGnm
github.com/ajstarks/deck/generate v0.0.0-20210309230005-c3f852c02e19/go.mod h1:T13YZdzov6OU0A1+RfKZiZN9ca6VeKdBdyDV+BY97Tk=
github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw=
github.com/ajstarks/svgo v0.0.0-20211024235047-1546f124cd8b/go.mod h1:1KcenG0jGWcpt8ov532z81sp/kMMUG485J2InIOyADM=
github.com/alecthomas/kong v0.7.1 h1:azoTh0IOfwlAX3qN9sHWTxACE2oV8Bg2gAwBsMwDQY4=
github.com/alecthomas/kong v0.7.1/go.mod h1:n1iCIO2xS46oE8ZfYCNDqdR0b0wZNrXAIAqro/2132U=
github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
Expand Down
Loading