From 083cad2b8bda91b57a0a2ba81585d1270d737fe8 Mon Sep 17 00:00:00 2001 From: devthejo Date: Mon, 16 Dec 2024 23:24:25 +0100 Subject: [PATCH] fix: semantic-release issues write perms --- packages/server/index.js | 91 +++++++++++++++++------------------- packages/server/package.json | 1 - yarn.lock | 15 +----- 3 files changed, 45 insertions(+), 62 deletions(-) diff --git a/packages/server/index.js b/packages/server/index.js index 022900b..d310ed9 100644 --- a/packages/server/index.js +++ b/packages/server/index.js @@ -5,7 +5,6 @@ import { createAppAuth } from '@octokit/auth-app'; import { request } from '@octokit/request'; import pRetry from 'p-retry'; import pino from 'pino'; -import pinoHttp from 'pino-http'; import config from './config.js'; // Initialize logger @@ -14,24 +13,40 @@ const logger = pino(config.logger); const app = express(); const port = config.port; -// Add request logging middleware -app.use(pinoHttp({ - logger, - autoLogging: { - ignore: (req) => req.url === '/health' || req.url === '/' - }, - customLogLevel: function (res, err) { - if (res.statusCode >= 400 && res.statusCode < 500) return 'warn' - if (res.statusCode >= 500 || err) return 'error' - return 'info' - }, - customSuccessMessage: function (res) { - return `request completed with status ${res.statusCode}` - }, - customErrorMessage: function (error, res) { - return `request failed with status ${res.statusCode}: ${error.message}` +// Custom request logging middleware +app.use((req, res, next) => { + // Skip logging for health checks + if (req.url === '/health' || req.url === '/') { + return next(); } -})); + + const startTime = Date.now(); + const requestId = Math.random().toString(36).substring(2, 15); + + // Log request + logger.info({ + requestId, + method: req.method, + url: req.url, + ip: req.ip + }, 'Incoming request'); + + // Log response + res.on('finish', () => { + const duration = Date.now() - startTime; + const level = res.statusCode >= 500 ? 'error' : res.statusCode >= 400 ? 'warn' : 'info'; + + logger[level]({ + requestId, + method: req.method, + url: req.url, + statusCode: res.statusCode, + duration: `${duration}ms` + }, 'Request completed'); + }); + + next(); +}); // Middleware app.use(express.json()); @@ -137,7 +152,6 @@ async function generateToken(owner, repository) { permissions: { contents: "write", metadata: "read", - // issues: "write" // Added issues permission } }); @@ -161,12 +175,8 @@ async function generateToken(owner, repository) { } catch (error) { logger.error({ error: error.message, - response: error.response ? { - status: error.response.status, - statusText: error.response.statusText, - data: error.response.data, - url: error.response.url - } : undefined + status: error.status, + statusText: error.response?.statusText }, 'Error in token generation'); throw error; } @@ -179,7 +189,7 @@ function extractAndDecodeToken(authHeader) { let tokenPayload = authHeader.split(' ')[1]; - logger.debug({ tokenPayload }, 'Raw token payload received'); + logger.debug('Token payload received'); // Try to parse as JSON first try { @@ -206,23 +216,11 @@ function extractAndDecodeToken(authHeader) { // Route to generate GitHub App token app.post('/generate-token', async (req, res) => { - const reqLog = req.log; - try { - reqLog.debug({ auth: req.headers.authorization }, 'Processing token generation request'); + logger.debug('Processing token generation request'); const tokenPayload = extractAndDecodeToken(req.headers.authorization); - try { - const [header, payload] = tokenPayload.split('.').slice(0, 2); - reqLog.debug({ - header: JSON.parse(Buffer.from(header, 'base64').toString()), - payload: JSON.parse(Buffer.from(payload, 'base64').toString()) - }, 'Decoded token parts'); - } catch (error) { - reqLog.error({ error }, 'Error decoding token parts'); - } - // Verify OIDC token jwt.verify(tokenPayload, getKey, { issuer: 'https://token.actions.githubusercontent.com', @@ -231,14 +229,14 @@ app.post('/generate-token', async (req, res) => { clockTolerance: 60 // Allow 1 minute clock skew }, async (err, decoded) => { if (err) { - reqLog.error({ err }, 'Token verification failed'); + logger.error({ error: err.message }, 'Token verification failed'); return res.status(403).json({ error: 'Token verification failed', details: err.message }); } - reqLog.debug({ decoded }, 'Token verified successfully'); + logger.debug('Token verified successfully'); // Extract repository information from the token const repo = decoded.repository; @@ -246,8 +244,7 @@ app.post('/generate-token', async (req, res) => { if (!repo || !repoOwner) { return res.status(400).json({ - error: 'Missing repository information in token', - claims: decoded + error: 'Missing repository information in token' }); } @@ -258,7 +255,7 @@ app.post('/generate-token', async (req, res) => { { retries: 0, onFailedAttempt: error => { - reqLog.error({ + logger.error({ attempt: error.attemptNumber, error: error.message }, 'Failed to generate token'); @@ -266,10 +263,10 @@ app.post('/generate-token', async (req, res) => { } ); - reqLog.info('Token generated successfully'); + logger.info('Token generated successfully'); return res.json(result); } catch (error) { - reqLog.error({ error }, 'Error generating token'); + logger.error({ error: error.message }, 'Error generating token'); return res.status(500).json({ error: 'Failed to generate token', details: error.message @@ -277,7 +274,7 @@ app.post('/generate-token', async (req, res) => { } }); } catch (error) { - reqLog.error({ error }, 'Error processing request'); + logger.error({ error: error.message }, 'Error processing request'); return res.status(400).json({ error: 'Failed to decode token', details: error.message diff --git a/packages/server/package.json b/packages/server/package.json index 55db6ac..dc2c889 100644 --- a/packages/server/package.json +++ b/packages/server/package.json @@ -19,7 +19,6 @@ "jwks-rsa": "^3.1.0", "p-retry": "^6.2.1", "pino": "^9.5.0", - "pino-http": "^10.3.0", "pino-pretty": "^13.0.0" } } diff --git a/yarn.lock b/yarn.lock index 8f1031e..be65a97 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2976,18 +2976,6 @@ __metadata: languageName: node linkType: hard -"pino-http@npm:^10.3.0": - version: 10.3.0 - resolution: "pino-http@npm:10.3.0" - dependencies: - get-caller-file: "npm:^2.0.5" - pino: "npm:^9.0.0" - pino-std-serializers: "npm:^7.0.0" - process-warning: "npm:^4.0.0" - checksum: 10c0/da95d93e1176c02201f9b9bb0af53ad737105c5772acbb077dcad0f52ebce2438e0e9fc8216cd96396d1305d0ecf1f1d23142c7a50110a701ea093b2ee999ea7 - languageName: node - linkType: hard - "pino-pretty@npm:^13.0.0": version: 13.0.0 resolution: "pino-pretty@npm:13.0.0" @@ -3018,7 +3006,7 @@ __metadata: languageName: node linkType: hard -"pino@npm:^9.0.0, pino@npm:^9.5.0": +"pino@npm:^9.5.0": version: 9.5.0 resolution: "pino@npm:9.5.0" dependencies: @@ -3842,7 +3830,6 @@ __metadata: jwks-rsa: "npm:^3.1.0" p-retry: "npm:^6.2.1" pino: "npm:^9.5.0" - pino-http: "npm:^10.3.0" pino-pretty: "npm:^13.0.0" languageName: unknown linkType: soft