Coder Social home page Coder Social logo

cuedo / github-webhooks Goto Github PK

View Code? Open in Web Editor NEW
34.0 3.0 14.0 871 KB

Haskell types and instances for decoding GitHub webhook payloads.

Home Page: https://hackage.haskell.org/package/github-webhooks

License: MIT License

Haskell 100.00%
haskell github api webhooks servant scotty ci cicd continuous-integration github-api

github-webhooks's People

Contributors

alistairb avatar artemohanjanyan avatar dermetfan avatar domenkozar avatar kvanbere avatar matthewbauer avatar rob-b avatar roberth avatar sorki avatar tommd avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar

Forkers

rahulmutt exegetech hallettj rob-b serokell galoisinc hercules-ci alistairb matthewbauer sir4ur0n ghuntley sorki muse-dev dermetfan

github-webhooks's Issues

Arrange to post stickers to contributors

We think this is a good idea. I am adding this issue to remind me to make the appropriate adjustments to the contributor meta-docs in the repo that mention this perk.

  • Source github-webhook mascot stickers
  • Stock take onrock stickers

Add support for “Bot” owner type

My GitHub App is listening for InstallationRepositoriesEvent and it also sometimes creates repositories itself and then receives an event about the repository it just created. Events for repositories created by the app have the following sender:

  "sender": {
    "login": "<application-slug>[bot]",
    <...>
    "type": "Bot",
    <...>
  }

Sender is being parsed as HookUser, whose type field is parsed as OwnerType, which currently supports only two values (User or Organization), so it fails with:

Error in $.sender.type: Unknown owner type: Bot

Node JS 12 is deprecated warnings in CI

Operating system or device, package version, compiler version:
Current HEAD.

Issue description:
There is a warning about Node JS being deprecated being raised in the GitHub Actions CI output. The CI system needs to be updated to remove this warning.

Tighten lower bounds

The lower bounds on all of the versions are absent which may cause issues for people using cabal without a resolver like stack or nix. Add at least a set of lenient lower bounds and perhaps support older GHC as per #6 .

Upload artifacts during CI run

We should upload the artifacts at the end of a CI run, so that we can easily check the generated documentation etc.

This will also help towards a fully automated release candidate process.

End to end tests

  • Build an example that automatically scrapes JSON payloads for each type of event (perhaps use the GitHub package to trigger the events?). This will be useful to keep up to date with undocumented changes to the GitHub API
  • Implement ToJSON instances for each of the payloads
  • Run end to end tests that verify the result of running ‘ToJSON . FromJSON’ is the same as what gets scraped. If not, fields are missing

Secret key is not verified in scotty example

Operating system or device, package version, compiler version:
All

Issue description:
In the scotty example (examples/scotty) the key specified by KEY= on launch is not verified. If the incorrect key is specified on GitHub the example server doesn't care. This is a security risk and means that the scotty example should not be used in production.

Note: This is not applicable to the servant example(s), which verify the keys correctly.

GitHub sometimes sends a pull event without a sender

Operating system or device, package version, compiler version:
Affects all.

Issue description:
In the push event, we were expecting the sender of the push event to always be a known User, but in some cases the User can be null.
Reported by @roberth.

Steps to reproduce:
See this example fixture:

{
  "ref": "refs/heads/gh-readonly-queue/main/pr-3072-287d30540ac5a1acc57d0bdc138fa81dee315f48",
  "before": "a6bd77bbe77ee6ae8f9686621b192d70fcf83e2b",
  "after": "0000000000000000000000000000000000000000",
  "repository": {
    "id": 353322834,
    "node_id": "MDEwOJllG9zcXaRcvknzNYyTzM4OUQD=",
    "name": "infra-core",
    "full_name": "some-organization/infra-core",
    "private": true,
    "owner": {
      "name": "some-organization",
      "email": null,
      "login": "some-organization",
      "id": 52709322,
      "node_id": "MDEyO9ky2ZuaXpFdhlGvjbzNzczMTO3Y",
      "avatar_url": "https://avatars.githubusercontent.com/u/52709322?v=4",
      "gravatar_id": "",
      "url": "https://api.github.com/users/some-organization",
      "html_url": "https://github.com/some-organization",
      "followers_url": "https://api.github.com/users/some-organization/followers",
      "following_url": "https://api.github.com/users/some-organization/following{/other_user}",
      "gists_url": "https://api.github.com/users/some-organization/gists{/gist_id}",
      "starred_url": "https://api.github.com/users/some-organization/starred{/owner}{/repo}",
      "subscriptions_url": "https://api.github.com/users/some-organization/subscriptions",
      "organizations_url": "https://api.github.com/users/some-organization/orgs",
      "repos_url": "https://api.github.com/users/some-organization/repos",
      "events_url": "https://api.github.com/users/some-organization/events{/privacy}",
      "received_events_url": "https://api.github.com/users/some-organization/received_events",
      "type": "Organization",
      "site_admin": false
    },
    "html_url": "https://github.com/some-organization/infra-core",
    "description": "Homo sapiens non urinat in ventum",
    "fork": false,
    "url": "https://github.com/some-organization/infra-core",
    "forks_url": "https://api.github.com/repos/some-organization/infra-core/forks",
    "keys_url": "https://api.github.com/repos/some-organization/infra-core/keys{/key_id}",
    "collaborators_url": "https://api.github.com/repos/some-organization/infra-core/collaborators{/collaborator}",
    "teams_url": "https://api.github.com/repos/some-organization/infra-core/teams",
    "hooks_url": "https://api.github.com/repos/some-organization/infra-core/hooks",
    "issue_events_url": "https://api.github.com/repos/some-organization/infra-core/issues/events{/number}",
    "events_url": "https://api.github.com/repos/some-organization/infra-core/events",
    "assignees_url": "https://api.github.com/repos/some-organization/infra-core/assignees{/user}",
    "branches_url": "https://api.github.com/repos/some-organization/infra-core/branches{/branch}",
    "tags_url": "https://api.github.com/repos/some-organization/infra-core/tags",
    "blobs_url": "https://api.github.com/repos/some-organization/infra-core/git/blobs{/sha}",
    "git_tags_url": "https://api.github.com/repos/some-organization/infra-core/git/tags{/sha}",
    "git_refs_url": "https://api.github.com/repos/some-organization/infra-core/git/refs{/sha}",
    "trees_url": "https://api.github.com/repos/some-organization/infra-core/git/trees{/sha}",
    "statuses_url": "https://api.github.com/repos/some-organization/infra-core/statuses/{sha}",
    "languages_url": "https://api.github.com/repos/some-organization/infra-core/languages",
    "stargazers_url": "https://api.github.com/repos/some-organization/infra-core/stargazers",
    "contributors_url": "https://api.github.com/repos/some-organization/infra-core/contributors",
    "subscribers_url": "https://api.github.com/repos/some-organization/infra-core/subscribers",
    "subscription_url": "https://api.github.com/repos/some-organization/infra-core/subscription",
    "commits_url": "https://api.github.com/repos/some-organization/infra-core/commits{/sha}",
    "git_commits_url": "https://api.github.com/repos/some-organization/infra-core/git/commits{/sha}",
    "comments_url": "https://api.github.com/repos/some-organization/infra-core/comments{/number}",
    "issue_comment_url": "https://api.github.com/repos/some-organization/infra-core/issues/comments{/number}",
    "contents_url": "https://api.github.com/repos/some-organization/infra-core/contents/{+path}",
    "compare_url": "https://api.github.com/repos/some-organization/infra-core/compare/{base}...{head}",
    "merges_url": "https://api.github.com/repos/some-organization/infra-core/merges",
    "archive_url": "https://api.github.com/repos/some-organization/infra-core/{archive_format}{/ref}",
    "downloads_url": "https://api.github.com/repos/some-organization/infra-core/downloads",
    "issues_url": "https://api.github.com/repos/some-organization/infra-core/issues{/number}",
    "pulls_url": "https://api.github.com/repos/some-organization/infra-core/pulls{/number}",
    "milestones_url": "https://api.github.com/repos/some-organization/infra-core/milestones{/number}",
    "notifications_url": "https://api.github.com/repos/some-organization/infra-core/notifications{?since,all,participating}",
    "labels_url": "https://api.github.com/repos/some-organization/infra-core/labels{/name}",
    "releases_url": "https://api.github.com/repos/some-organization/infra-core/releases{/id}",
    "deployments_url": "https://api.github.com/repos/some-organization/infra-core/deployments",
    "created_at": 1618165822,
    "updated_at": "2022-11-07T17:04:28Z",
    "pushed_at": 1670262117,
    "git_url": "git://github.com/some-organization/infra-core.git",
    "ssh_url": "[email protected]:some-organization/infra-core.git",
    "clone_url": "https://github.com/some-organization/infra-core.git",
    "svn_url": "https://github.com/some-organization/infra-core",
    "homepage": "https://github.com/orgs/some-organization/projects/7",
    "size": 23932,
    "stargazers_count": 4,
    "watchers_count": 4,
    "language": "Brainfuck",
    "has_issues": true,
    "has_projects": true,
    "has_downloads": true,
    "has_wiki": true,
    "has_pages": false,
    "has_discussions": true,
    "forks_count": 1,
    "mirror_url": null,
    "archived": false,
    "disabled": false,
    "open_issues_count": 130,
    "license": {
      "key": "other",
      "name": "Other",
      "spdx_id": "NOASSERTION",
      "url": null,
      "node_id": "MDc6GTjlW5ZZzAT="
    },
    "allow_forking": false,
    "is_template": false,
    "web_commit_signoff_required": false,
    "topics": [

    ],
    "visibility": "private",
    "forks": 1,
    "open_issues": 130,
    "watchers": 4,
    "default_branch": "main",
    "stargazers": 4,
    "master_branch": "main",
    "organization": "some-organization"
  },
  "pusher": {
    "name": "none"
  },
  "organization": {
    "login": "some-organization",
    "id": 52709322,
    "node_id": "MDEyO9kZyFua2pXhGlvdjbzNcMzOTYz3",
    "url": "https://api.github.com/orgs/some-organization",
    "repos_url": "https://api.github.com/orgs/some-organization/repos",
    "events_url": "https://api.github.com/orgs/some-organization/events",
    "hooks_url": "https://api.github.com/orgs/some-organization/hooks",
    "issues_url": "https://api.github.com/orgs/some-organization/issues",
    "members_url": "https://api.github.com/orgs/some-organization/members{/member}",
    "public_members_url": "https://api.github.com/orgs/some-organization/public_members{/member}",
    "avatar_url": "https://avatars.githubusercontent.com/u/52709322?v=4",
    "description": "Plurality Media"
  },
  "installation": {
    "id": 17816238,
    "node_id": "MDIzklOdGunVcFm0WauSW9z5GFdsGb0FW9uaTMgM3zcNjg4="
  },
  "created": false,
  "deleted": true,
  "forced": false,
  "base_ref": null,
  "compare": "https://github.com/some-organization/infra-core/compare/a6bd77bbe77e...000000000000",
  "commits": [

  ],
  "head_commit": null
}

Link to minimal example project:
N/A

Get this package back into Stackage

There's a problem in a recent update to aeson with the date parsing that causes the test suite to fail (even though there isn't a noticeable regression).

We'd be very grateful if anyone wanted to undertake this project.

Adequate documentation

This package is currently only sparsely documented, and none of the module documentation meets the Hackage standards. All files will need a good level of documentation before the initial release, so that new users are not confused.

No unifying `Event` sum type

Applications using webhooks should only need one endpoint. Servant applications need each route to have a single type for the ReqBody. Combining these two, it seems reasonable to have a sum type to allow a single servant route to receive any event without resorting to an Aeson Object or something similarly generic.

I propose we add a sum type:

data Event = EvPush PushEvent
                    | EvIssue IssuesEvent
                    | ...
instance FromJSON Event ...

Would a patch to this effect be accepted?

Add SECURITY.md

This project needs a file explaining the security considerations that should be taken when using this project. This should also cover aspects such as the responsible disclosure process and security policies for the project.

Upgrade CI for GHC 9.x

Operating system or device, package version, compiler version:
The following Stackage resolvers:

  • lts-19.33 (ghc-9.0)
  • lts-20.26 (ghc-9.2)
  • lts-21.9 (ghc-9.4)
  • nightly-2023-08-26 (ghc-9.6, nightly)

Issue description:
The toolchain and CI need to be upgraded to explicitly support GHC 9.x for the years 2021-2023 and onwards.

Make the release branch independent of the version number

  • The README should show release/master rather than a specific version number
  • The build status should not require the version-specific release URL to be updated for the badges and status to be correctly shown
  • People should be able to use the release branch as a submodule or stack git package

Add support for `node_id` to entities

Hi,

I'd like to add support for node_id to the various entities in the events. The node_id is the unique identifier for an entity used when talking to the github v4 graphql api https://developer.github.com/v4/interface/node/.

Without it, you need to run a query to retrieve the id, which is required when updating said entity. See https://developer.github.com/v4/guides/forming-calls/#example-mutation

The node_id is already in the events, it just needs to be decoded. eg.

  "sender": {
    "login": "octocat",
    "id": 1,
    "node_id": "MDQ6VXNlcjE=",
    "avatar_url": "https://github.com/images/error/octocat_happy.gif",
    "gravatar_id": "",
    "url": "https://api.github.com/users/octocat",
    "html_url": "https://github.com/octocat",
    "followers_url": "https://api.github.com/users/octocat/followers",
    "following_url": "https://api.github.com/users/octocat/following{/other_user}",
    "gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
    "starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
    "subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
    "organizations_url": "https://api.github.com/users/octocat/orgs",
    "repos_url": "https://api.github.com/users/octocat/repos",
    "events_url": "https://api.github.com/users/octocat/events{/privacy}",
    "received_events_url": "https://api.github.com/users/octocat/received_events",
    "type": "User",
    "site_admin": false
  }

Any concerns?

Please put on Stackage

Hey there! In a recent PR to servant-github-webhook, a dependency on github-webhooks was introduced in order to easily support a dynamically changing set of webhook keys. Currently, we have to use the extra-deps field in stack.yaml to get it to build.

Will you be adding github-webhooks to Stackage soon? The links to Stackage in the readme are currently 404s.

Intermittent hlint error

Operating system or device, package version, compiler version:

Issue description:
Somehow, hlint is causing an intermittent failure with the following message (perhaps hlint was updated recently).

Downloading and running hlint...
######################################################################## 100.0%
examples/scotty/src/Main.hs:26:13-109: Warning: Use print

Found:
  liftIO . putStrLn
    $ (show . whIssueCommentBody . evIssueCommentPayload)
        (ev :: IssueCommentEvent)

Perhaps:

  liftIO
    (print
       (whIssueCommentBody . evIssueCommentPayload
          (ev :: IssueCommentEvent)))

Steps to reproduce:
See this on Travis here: https://travis-ci.org/github/onrock-eng/github-webhooks/jobs/683262402

We should just fix the lint error.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.