5387363788

Committed 27 Jun 2023 08:09AM UTC coverage: 61.79% (-0.08%) from 61.866%

Build # 5387363788

Build Type

Pull #1254

github

Committed by

sweatybridge

Commit Message

chore: update unit tests for shadow migrate

Pull Request Pull Request #1254: fix: apply migrations after creating shadow db

Run Details

5 of 5 new or added lines in 1 file covered. (100.0%)

4751 of 7689 relevant lines covered (61.79%)

943.74 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

7.94

/internal/gen/keys/keys.go

package keys

import (
        "context"
        "crypto/sha256"
        "encoding/hex"
        "errors"
        "fmt"
        "os"
        "strings"
        "time"

        "github.com/go-git/go-git/v5"
        "github.com/golang-jwt/jwt/v5"
        "github.com/spf13/afero"
        "github.com/supabase/cli/internal/utils"
)

type CustomClaims struct {
        Ref  string `json:"ref"`
        Role string `json:"role"`
        jwt.RegisteredClaims
}

func NewJWTToken(ref, role string, expiry time.Time) *jwt.Token {
        claims := CustomClaims{
                ref,
                role,
                jwt.RegisteredClaims{
                        ExpiresAt: jwt.NewNumericDate(expiry),
                        Issuer:    "supabase",
                },
        }
        return jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
}

type CustomName struct {
        DbHost         string `env:"db.host,default=NEXT_PUBLIC_SUPABASE_URL"`
        DbPassword     string `env:"db.password,default=SUPABASE_DB_PASSWORD"`
        JWTSecret      string `env:"db.password,default=SUPABASE_AUTH_JWT_SECRET"`
        AnonKey        string `env:"auth.anon_key,default=SUPABASE_AUTH_ANON_KEY"`
        ServiceRoleKey string `env:"auth.service_role_key,default=SUPABASE_AUTH_SERVICE_ROLE_KEY"`
}

func Run(ctx context.Context, projectRef, format string, names CustomName, fsys afero.Fs) error {
        branch := GetGitBranch(fsys)
        if err := GenerateSecrets(ctx, projectRef, branch, fsys); err != nil {
                return err
        }
        return utils.EncodeOutput(format, os.Stdout, map[string]string{
                names.DbHost:         fmt.Sprintf("%s-%s.fly.dev", projectRef, branch),
                names.DbPassword:     utils.Config.Db.Password,
                names.JWTSecret:      utils.Config.Auth.JwtSecret,
                names.AnonKey:        utils.Config.Auth.AnonKey,
                names.ServiceRoleKey: utils.Config.Auth.ServiceRoleKey,
        })
}

func GenerateSecrets(ctx context.Context, projectRef, branch string, fsys afero.Fs) error {
        // Load JWT secret from api
        resp, err := utils.GetSupabase().GetPostgRESTConfigWithResponse(ctx, projectRef)
        if err != nil {
                return err
        }
        if resp.JSON200 == nil {
                return errors.New("Unexpected error retrieving JWT secret: " + string(resp.Body))
        }
        utils.Config.Auth.JwtSecret = *resp.JSON200.JwtSecret
        // Generate database password
        key := strings.Join([]string{
                projectRef,
                utils.Config.Auth.JwtSecret,
                branch,
        }, ":")
        hash := sha256.Sum256([]byte(key))
        utils.Config.Db.Password = hex.EncodeToString(hash[:])
        // Generate JWT tokens
        expiry := time.Now().AddDate(10, 0, 0)
        anonToken := NewJWTToken(projectRef, "anon", expiry)
        utils.Config.Auth.AnonKey, err = anonToken.SignedString([]byte(utils.Config.Auth.JwtSecret))
        if err != nil {
                return err
        }
        serviceToken := NewJWTToken(projectRef, "service_role", expiry)
        utils.Config.Auth.ServiceRoleKey, err = serviceToken.SignedString([]byte(utils.Config.Auth.JwtSecret))
        return err
}

func GetGitBranch(fsys afero.Fs) string {
        head := os.Getenv("GITHUB_HEAD_REF")
        if len(head) > 0 {
                return head
        }
        branch := "main"
        opts := &git.PlainOpenOptions{DetectDotGit: true}
        if repo, err := git.PlainOpenWithOptions(".", opts); err == nil {
                if ref, err := repo.Head(); err == nil {
                        branch = ref.Name().Short()
                }
        }
        return branch
}

1	package keys
2
3	import (
4	"context"
5	"crypto/sha256"
6	"encoding/hex"
7	"errors"
8	"fmt"
9	"os"
10	"strings"
11	"time"
12
13	"github.com/go-git/go-git/v5"
14	"github.com/golang-jwt/jwt/v5"
15	"github.com/spf13/afero"
16	"github.com/supabase/cli/internal/utils"
17	)
18
19	type CustomClaims struct {
20	Ref string `json:"ref"`
21	Role string `json:"role"`
22	jwt.RegisteredClaims
23	}
24
25	func NewJWTToken(ref, role string, expiry time.Time) *jwt.Token {	×
26	claims := CustomClaims{	×
27	ref,	×
28	role,	×
29	jwt.RegisteredClaims{	×
30	ExpiresAt: jwt.NewNumericDate(expiry),	×
31	Issuer: "supabase",	×
32	},	×
33	}	×
34	return jwt.NewWithClaims(jwt.SigningMethodHS256, claims)	×
35	}	×
36
37	type CustomName struct {
38	DbHost string `env:"db.host,default=NEXT_PUBLIC_SUPABASE_URL"`
39	DbPassword string `env:"db.password,default=SUPABASE_DB_PASSWORD"`
40	JWTSecret string `env:"db.password,default=SUPABASE_AUTH_JWT_SECRET"`
41	AnonKey string `env:"auth.anon_key,default=SUPABASE_AUTH_ANON_KEY"`
42	ServiceRoleKey string `env:"auth.service_role_key,default=SUPABASE_AUTH_SERVICE_ROLE_KEY"`
43	}
44
45	func Run(ctx context.Context, projectRef, format string, names CustomName, fsys afero.Fs) error {	×
46	branch := GetGitBranch(fsys)	×
47	if err := GenerateSecrets(ctx, projectRef, branch, fsys); err != nil {	×
48	return err	×
49	}	×
50	return utils.EncodeOutput(format, os.Stdout, map[string]string{	×
51	names.DbHost: fmt.Sprintf("%s-%s.fly.dev", projectRef, branch),	×
52	names.DbPassword: utils.Config.Db.Password,	×
53	names.JWTSecret: utils.Config.Auth.JwtSecret,	×
54	names.AnonKey: utils.Config.Auth.AnonKey,	×
55	names.ServiceRoleKey: utils.Config.Auth.ServiceRoleKey,	×
56	})	×
57	}
58
59	func GenerateSecrets(ctx context.Context, projectRef, branch string, fsys afero.Fs) error {	×
60	// Load JWT secret from api	×
61	resp, err := utils.GetSupabase().GetPostgRESTConfigWithResponse(ctx, projectRef)	×
62	if err != nil {	×
63	return err	×
64	}	×
65	if resp.JSON200 == nil {	×
66	return errors.New("Unexpected error retrieving JWT secret: " + string(resp.Body))	×
67	}	×
68	utils.Config.Auth.JwtSecret = *resp.JSON200.JwtSecret	×
69	// Generate database password	×
70	key := strings.Join([]string{	×
71	projectRef,	×
72	utils.Config.Auth.JwtSecret,	×
73	branch,	×
74	}, ":")	×
75	hash := sha256.Sum256([]byte(key))	×
76	utils.Config.Db.Password = hex.EncodeToString(hash[:])	×
77	// Generate JWT tokens	×
78	expiry := time.Now().AddDate(10, 0, 0)	×
79	anonToken := NewJWTToken(projectRef, "anon", expiry)	×
80	utils.Config.Auth.AnonKey, err = anonToken.SignedString([]byte(utils.Config.Auth.JwtSecret))	×
81	if err != nil {	×
82	return err	×
83	}	×
84	serviceToken := NewJWTToken(projectRef, "service_role", expiry)	×
85	utils.Config.Auth.ServiceRoleKey, err = serviceToken.SignedString([]byte(utils.Config.Auth.JwtSecret))	×
86	return err	×
87	}
88
89	func GetGitBranch(fsys afero.Fs) string {	1✔
90	head := os.Getenv("GITHUB_HEAD_REF")	1✔
91	if len(head) > 0 {	2✔
92	return head	1✔
93	}	1✔
94	branch := "main"	×
95	opts := &git.PlainOpenOptions{DetectDotGit: true}	×
96	if repo, err := git.PlainOpenWithOptions(".", opts); err == nil {	×
97	if ref, err := repo.Head(); err == nil {	×
98	branch = ref.Name().Short()	×
99	}	×
100	}
101	return branch	×
102	}

supabase / cli / 5387363788

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous