Merge pull request #8 from fiji-flo/reduce-github-scope

fiji-flo · web-flow · commit 912fa072f72d · 2019-09-13T10:48:59.000+02:00
use public (none) scope for github
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -9,10 +9,10 @@ default = []
 nouid = []
 
 [dependencies]
-cis_client = { git = "https://github.com/fiji-flo/cis_client-rust", branch = "async-2", version = "0.1.0-beta.2" }
-cis_profile = { git = "https://github.com/fiji-flo/cis_profile-rust", branch = "0.1.0", version = "0.1.0" }
-oauth2 = "2.0.0-beta.2"
-url = "1.7.2"
+cis_client = { git = "https://github.com/fiji-flo/cis_client-rust", branch = "0.1.3", version = "0.1.3" }
+cis_profile = { git = "https://github.com/fiji-flo/cis_profile-rust", branch = "0.1.2", version = "0.1.2" }
+oauth2 = "2.0.0-beta.3"
+url = "1.7"
 base64 = "0.10.1"
 rand = "0.7"
 actix-web = { version = "1.0", features = ["ssl"] }
diff --git a/src/bugzilla/app.rs b/src/bugzilla/app.rs
@@ -19,6 +19,7 @@ use cis_profile::schema::Profile;
 use future::IntoFuture;
 use futures::future;
 use futures::Future;
+use log::info;
 use oauth2::basic::BasicClient;
 use oauth2::prelude::*;
 use oauth2::AuthUrl;
diff --git a/src/github/app.rs b/src/github/app.rs
@@ -20,6 +20,7 @@ use futures::future;
 use futures::future::Either;
 use futures::Future;
 use futures::IntoFuture;
+use log::info;
 use oauth2::basic::BasicClient;
 use oauth2::prelude::*;
 use oauth2::AuthUrl;
@@ -28,7 +29,6 @@ use oauth2::ClientId;
 use oauth2::ClientSecret;
 use oauth2::CsrfToken;
 use oauth2::RedirectUrl;
-use oauth2::Scope;
 use oauth2::TokenResponse;
 use oauth2::TokenUrl;
 use std::sync::Arc;
@@ -212,7 +212,6 @@ pub fn github_app<T: AsyncCisClientTrait + 'static>(
             auth_url,
             Some(token_url),
         )
-        .add_scope(Scope::new("read:user".to_string()))
         .set_redirect_url(RedirectUrl::new(
             Url::parse(&format!("https://{}/whoami/github/auth", whoami.domain))
                 .expect("Invalid redirect URL"),
diff --git a/src/main.rs b/src/main.rs
@@ -1,20 +1,5 @@
 #[macro_use]
-extern crate log;
-#[macro_use]
 extern crate serde_derive;
-extern crate actix_cors;
-extern crate actix_session;
-extern crate actix_web;
-extern crate base64;
-extern crate chrono;
-extern crate cis_client;
-extern crate cis_profile;
-extern crate env_logger;
-extern crate futures;
-extern crate rand;
-extern crate serde_json;
-extern crate ttl_cache;
-extern crate url;
 
 mod bugzilla;
 mod github;
@@ -28,6 +13,7 @@ use crate::github::app::github_app;
 use actix_web::middleware::Logger;
 use actix_web::web;
 use actix_web::App;
+use log::info;
 use std::sync::Arc;
 use std::sync::RwLock;
 use ttl_cache::TtlCache;
diff --git a/terraform/codebuild/main.tf b/terraform/codebuild/main.tf
@@ -46,7 +46,17 @@ resource "aws_codebuild_project" "build" {
 # Unomment this section if you do want to build automatically on push
 resource "aws_codebuild_webhook" "webhook" {
   project_name  = aws_codebuild_project.build.name
-  branch_filter = "^master$"
+  filter_group {
+    filter {
+      type    = "EVENT"
+      pattern = "PUSH"
+    }
+
+    filter {
+      type    = "HEAD_REF"
+      pattern = "(^refs/heads/master$|^refs/tags/.*-(prod|test))"
+    }
+  }
 }
 
 #---
