From a3db20cacf09cb9d3b73e63cc1e5c0079355c2d6 Mon Sep 17 00:00:00 2001 From: Vladyslav Matsiiako Date: Tue, 10 Jan 2023 10:55:52 -0800 Subject: [PATCH 01/10] Fixed the bug with wrong project id in local storage --- frontend/components/basic/Layout.tsx | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/frontend/components/basic/Layout.tsx b/frontend/components/basic/Layout.tsx index d539fce3f3..de58a90fab 100644 --- a/frontend/components/basic/Layout.tsx +++ b/frontend/components/basic/Layout.tsx @@ -212,7 +212,12 @@ export default function Layout({ children }: LayoutProps) { .split("/") [router.asPath.split("/").length - 1].split("?")[0]; - localStorage.setItem("projectData.id", intendedWorkspaceId); + if ( + !["heroku", "vercel", "github", "netlify"].includes(intendedWorkspaceId) + ) { + localStorage.setItem("projectData.id", intendedWorkspaceId); + } + // If a user is not a member of a workspace they are trying to access, just push them to one of theirs if ( !["heroku", "vercel", "github", "netlify"].includes(intendedWorkspaceId) && From 1dbd121aa4ac236faa717088bc3c4b538cd63279 Mon Sep 17 00:00:00 2001 From: Maidul Islam Date: Tue, 10 Jan 2023 14:30:40 -0500 Subject: [PATCH 02/10] Try different keys for workflow cache --- .github/workflows/docker-image.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index e138c83f9a..e3e477be16 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -21,9 +21,9 @@ jobs: uses: actions/cache@v3 with: path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-${{ github.sha }} + key: backend-${{ runner.os }}-buildx-${{ github.sha }} restore-keys: | - ${{ runner.os }}-buildx- + backend-${{ runner.os }}-buildx- - name: 🐋 Login to Docker Hub uses: docker/login-action@v2 with: @@ -82,9 +82,9 @@ jobs: uses: actions/cache@v3 with: path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-${{ github.sha }} + key: frontend-${{ runner.os }}-buildx-${{ github.sha }} restore-keys: | - ${{ runner.os }}-buildx- + frontend-${{ runner.os }}-buildx- - name: 🐋 Login to Docker Hub uses: docker/login-action@v2 with: From 946fbe4716f5dbd3cf389e67863aff2cee0de471 Mon Sep 17 00:00:00 2001 From: Vladyslav Matsiiako Date: Tue, 10 Jan 2023 11:39:34 -0800 Subject: [PATCH 03/10] Disabled integrations for now --- backend/src/variables/integration.ts | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/backend/src/variables/integration.ts b/backend/src/variables/integration.ts index 00e817c572..ed18c5a2ac 100644 --- a/backend/src/variables/integration.ts +++ b/backend/src/variables/integration.ts @@ -48,7 +48,7 @@ const INTEGRATION_OPTIONS = [ name: 'Vercel', slug: 'vercel', image: 'Vercel', - isAvailable: true, + isAvailable: false, type: 'vercel', clientId: '', clientSlug: CLIENT_SLUG_VERCEL, @@ -58,7 +58,7 @@ const INTEGRATION_OPTIONS = [ name: 'Netlify', slug: 'netlify', image: 'Netlify', - isAvailable: true, + isAvailable: false, type: 'oauth2', clientId: CLIENT_ID_NETLIFY, docsLink: '' @@ -67,7 +67,7 @@ const INTEGRATION_OPTIONS = [ name: 'GitHub', slug: 'github', image: 'GitHub', - isAvailable: true, + isAvailable: false, type: 'oauth2', clientId: CLIENT_ID_GITHUB, docsLink: '' From 63a739d626498ef5066306b0192d12776ae1d640 Mon Sep 17 00:00:00 2001 From: Vladyslav Matsiiako Date: Tue, 10 Jan 2023 12:48:27 -0800 Subject: [PATCH 04/10] Removed posthog logs --- frontend/components/analytics/posthog.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/frontend/components/analytics/posthog.ts b/frontend/components/analytics/posthog.ts index e0dedc7fbf..8482eeb06e 100644 --- a/frontend/components/analytics/posthog.ts +++ b/frontend/components/analytics/posthog.ts @@ -9,7 +9,6 @@ export const initPostHog = () => { if (typeof window !== 'undefined') { // @ts-ignore if (ENV == 'production' && TELEMETRY_CAPTURING_ENABLED) { - console.log("Outside of posthog", "POSTHOG_API_KEY", POSTHOG_API_KEY, "POSTHOG_HOST", POSTHOG_HOST) posthog.init(POSTHOG_API_KEY, { api_host: POSTHOG_HOST }); From fbe2297ed640ff74066175a9b30ee489aecaad84 Mon Sep 17 00:00:00 2001 From: Maidul Islam Date: Tue, 10 Jan 2023 16:28:48 -0500 Subject: [PATCH 05/10] Add depot --- .github/workflows/docker-image.yml | 50 ++++++------------------------ 1 file changed, 9 insertions(+), 41 deletions(-) diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index e3e477be16..0df4556978 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -17,26 +17,19 @@ jobs: uses: docker/setup-qemu-action@v2 - name: 🔧 Set up Docker Buildx uses: docker/setup-buildx-action@v2 - - name: Cache Docker layers - uses: actions/cache@v3 - with: - path: /tmp/.buildx-cache - key: backend-${{ runner.os }}-buildx-${{ github.sha }} - restore-keys: | - backend-${{ runner.os }}-buildx- - name: 🐋 Login to Docker Hub uses: docker/login-action@v2 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Set up Depot CLI + uses: depot/setup-action@v1 - name: 📦 Build backend and export to Docker - uses: docker/build-push-action@v3 + uses: depot/build-push-action@v1 with: load: true context: backend tags: infisical/backend:test - cache-from: type=local,src=/tmp/.buildx-cache - cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max - name: ⏻ Spawn backend container and dependencies run: | docker compose -f .github/resources/docker-compose.be-test.yml up --wait --quiet-pull @@ -47,22 +40,13 @@ jobs: run: | docker compose -f .github/resources/docker-compose.be-test.yml down - name: 🏗️ Build backend and push - uses: docker/build-push-action@v3 + uses: depot/build-push-action@v1 with: push: true context: backend tags: infisical/backend:${{ steps.commit.outputs.short }}, infisical/backend:latest platforms: linux/amd64,linux/arm64 - cache-from: type=local,src=/tmp/.buildx-cache - cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max - - # Temp fix - # https://github.com/docker/build-push-action/issues/252 - # https://github.com/moby/buildkit/issues/1896 - name: Move cache - run: | - rm -rf /tmp/.buildx-cache - mv /tmp/.buildx-cache-new /tmp/.buildx-cache frontend-image: name: Build frontend image @@ -78,26 +62,19 @@ jobs: uses: docker/setup-qemu-action@v2 - name: 🔧 Set up Docker Buildx uses: docker/setup-buildx-action@v2 - - name: Cache Docker layers - uses: actions/cache@v3 - with: - path: /tmp/.buildx-cache - key: frontend-${{ runner.os }}-buildx-${{ github.sha }} - restore-keys: | - frontend-${{ runner.os }}-buildx- - name: 🐋 Login to Docker Hub uses: docker/login-action@v2 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Set up Depot CLI + uses: depot/setup-action@v1 - name: 📦 Build frontend and export to Docker - uses: docker/build-push-action@v3 + uses: depot/build-push-action@v1 with: load: true context: frontend tags: infisical/frontend:test - cache-from: type=local,src=/tmp/.buildx-cache - cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max build-args: | POSTHOG_API_KEY=${{ secrets.PUBLIC_POSTHOG_API_KEY }} - name: ⏻ Spawn frontend container @@ -110,21 +87,12 @@ jobs: run: | docker stop infisical-frontend-test - name: 🏗️ Build frontend and push - uses: docker/build-push-action@v3 + uses: depot/build-push-action@v1 with: push: true context: frontend tags: infisical/frontend:${{ steps.commit.outputs.short }}, infisical/frontend:latest platforms: linux/amd64,linux/arm64 - cache-from: type=local,src=/tmp/.buildx-cache - cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max build-args: | - POSTHOG_API_KEY=${{ secrets.PUBLIC_POSTHOG_API_KEY }} - - # Temp fix - # https://github.com/docker/build-push-action/issues/252 - # https://github.com/moby/buildkit/issues/1896 - name: Move cache - run: | - rm -rf /tmp/.buildx-cache - mv /tmp/.buildx-cache-new /tmp/.buildx-cache + POSTHOG_API_KEY=${{ secrets.PUBLIC_POSTHOG_API_KEY }} \ No newline at end of file From db639b1a89de43d4d2b55613f202d7887c84e486 Mon Sep 17 00:00:00 2001 From: Maidul Islam Date: Tue, 10 Jan 2023 16:31:02 -0500 Subject: [PATCH 06/10] add project id to depot --- .github/workflows/docker-image.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index 0df4556978..4757329e3b 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -27,6 +27,7 @@ jobs: - name: 📦 Build backend and export to Docker uses: depot/build-push-action@v1 with: + project: 64mmf0n610 load: true context: backend tags: infisical/backend:test @@ -42,6 +43,7 @@ jobs: - name: 🏗️ Build backend and push uses: depot/build-push-action@v1 with: + project: 64mmf0n610 push: true context: backend tags: infisical/backend:${{ steps.commit.outputs.short }}, @@ -73,6 +75,7 @@ jobs: uses: depot/build-push-action@v1 with: load: true + project: 64mmf0n610 context: frontend tags: infisical/frontend:test build-args: | @@ -89,6 +92,7 @@ jobs: - name: 🏗️ Build frontend and push uses: depot/build-push-action@v1 with: + project: 64mmf0n610 push: true context: frontend tags: infisical/frontend:${{ steps.commit.outputs.short }}, From 7fde55414a5a1abb9477b4e4c46a15493e43084c Mon Sep 17 00:00:00 2001 From: Maidul Islam Date: Tue, 10 Jan 2023 16:36:06 -0500 Subject: [PATCH 07/10] add depot token --- .github/workflows/docker-image.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index 4757329e3b..7bb65ca876 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -28,6 +28,7 @@ jobs: uses: depot/build-push-action@v1 with: project: 64mmf0n610 + token: ${{ secrets.DEPOT_PROJECT_TOKEN }} load: true context: backend tags: infisical/backend:test @@ -44,6 +45,7 @@ jobs: uses: depot/build-push-action@v1 with: project: 64mmf0n610 + token: ${{ secrets.DEPOT_PROJECT_TOKEN }} push: true context: backend tags: infisical/backend:${{ steps.commit.outputs.short }}, @@ -75,6 +77,7 @@ jobs: uses: depot/build-push-action@v1 with: load: true + token: ${{ secrets.DEPOT_PROJECT_TOKEN }} project: 64mmf0n610 context: frontend tags: infisical/frontend:test @@ -94,6 +97,7 @@ jobs: with: project: 64mmf0n610 push: true + token: ${{ secrets.DEPOT_PROJECT_TOKEN }} context: frontend tags: infisical/frontend:${{ steps.commit.outputs.short }}, infisical/frontend:latest From e51046fe62f4880f94d09db96a85f6d910a3e191 Mon Sep 17 00:00:00 2001 From: Maidul Islam Date: Tue, 10 Jan 2023 16:47:09 -0500 Subject: [PATCH 08/10] remove QEMU --- .github/workflows/docker-image.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index 7bb65ca876..ab7b939e7b 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -13,8 +13,6 @@ jobs: - name: Save commit hashes for tag id: commit uses: pr-mpt/actions-commit-hash@v2 - - name: 🔧 Set up QEMU - uses: docker/setup-qemu-action@v2 - name: 🔧 Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: 🐋 Login to Docker Hub @@ -62,8 +60,6 @@ jobs: - name: Save commit hashes for tag id: commit uses: pr-mpt/actions-commit-hash@v2 - - name: 🔧 Set up QEMU - uses: docker/setup-qemu-action@v2 - name: 🔧 Set up Docker Buildx uses: docker/setup-buildx-action@v2 - name: 🐋 Login to Docker Hub From 3fd5b521bbd0b16925dca620a4b1a3410e27d45d Mon Sep 17 00:00:00 2001 From: Vladyslav Matsiiako Date: Tue, 10 Jan 2023 14:08:02 -0800 Subject: [PATCH 09/10] Removed service token logs --- frontend/components/basic/dialog/AddServiceTokenDialog.js | 2 -- 1 file changed, 2 deletions(-) diff --git a/frontend/components/basic/dialog/AddServiceTokenDialog.js b/frontend/components/basic/dialog/AddServiceTokenDialog.js index f9ef6d27cd..177911973a 100644 --- a/frontend/components/basic/dialog/AddServiceTokenDialog.js +++ b/frontend/components/basic/dialog/AddServiceTokenDialog.js @@ -73,8 +73,6 @@ const AddServiceTokenDialog = ({ tag }); - console.log('newServiceToken', newServiceToken); - setServiceTokens(serviceTokens.concat([newServiceToken.serviceTokenData])); setServiceToken(newServiceToken.serviceToken + "." + randomBytes); }; From 9ce4a52b8da0057c2450cd7af93a8c5758c2476b Mon Sep 17 00:00:00 2001 From: Maidul Islam Date: Tue, 10 Jan 2023 19:07:41 -0500 Subject: [PATCH 10/10] Remove posthog for sev2 --- .../src/controllers/v2/secretController.ts | 212 +++++++++--------- 1 file changed, 106 insertions(+), 106 deletions(-) diff --git a/backend/src/controllers/v2/secretController.ts b/backend/src/controllers/v2/secretController.ts index b993d3811b..c2cf45f9ad 100644 --- a/backend/src/controllers/v2/secretController.ts +++ b/backend/src/controllers/v2/secretController.ts @@ -7,7 +7,7 @@ const { ValidationError } = mongoose.Error; import { BadRequestError, InternalServerError, UnauthorizedRequestError, ValidationError as RouteValidationError } from '../../utils/errors'; import { AnyBulkWriteOperation } from 'mongodb'; import { SECRET_PERSONAL, SECRET_SHARED } from "../../variables"; -import { postHogClient } from '../../services'; +// import { postHogClient } from '../../services'; /** * Create secret for workspace with id [workspaceId] and environment [environment] @@ -42,19 +42,19 @@ export const createSecret = async (req: Request, res: Response) => { throw RouteValidationError({ message: error.message, stack: error.stack }) } - if (postHogClient) { - postHogClient.capture({ - event: 'secrets added', - distinctId: req.user.email, - properties: { - numberOfSecrets: 1, - workspaceId, - environment, - channel: req.headers?.['user-agent']?.toLowerCase().includes('mozilla') ? 'web' : 'cli', - userAgent: req.headers?.['user-agent'] - } - }); - } + // if (postHogClient) { + // postHogClient.capture({ + // event: 'secrets added', + // distinctId: req.user.email, + // properties: { + // numberOfSecrets: 1, + // workspaceId, + // environment, + // channel: req.headers?.['user-agent']?.toLowerCase().includes('mozilla') ? 'web' : 'cli', + // userAgent: req.headers?.['user-agent'] + // } + // }); + // } res.status(200).send({ secret @@ -103,19 +103,19 @@ export const createSecrets = async (req: Request, res: Response) => { throw InternalServerError({ message: "Unable to process your batch create request. Please try again", stack: bulkCreateError.stack }) } - if (postHogClient) { - postHogClient.capture({ - event: 'secrets added', - distinctId: req.user.email, - properties: { - numberOfSecrets: (secretsToCreate ?? []).length, - workspaceId, - environment, - channel: req.headers?.['user-agent']?.toLowerCase().includes('mozilla') ? 'web' : 'cli', - userAgent: req.headers?.['user-agent'] - } - }); - } + // if (postHogClient) { + // postHogClient.capture({ + // event: 'secrets added', + // distinctId: req.user.email, + // properties: { + // numberOfSecrets: (secretsToCreate ?? []).length, + // workspaceId, + // environment, + // channel: req.headers?.['user-agent']?.toLowerCase().includes('mozilla') ? 'web' : 'cli', + // userAgent: req.headers?.['user-agent'] + // } + // }); + // } res.status(200).send({ secrets @@ -158,19 +158,19 @@ export const deleteSecrets = async (req: Request, res: Response) => { throw InternalServerError() } - if (postHogClient) { - postHogClient.capture({ - event: 'secrets deleted', - distinctId: req.user.email, - properties: { - numberOfSecrets: numSecretsDeleted, - environment: environmentName, - workspaceId, - channel: req.headers?.['user-agent']?.toLowerCase().includes('mozilla') ? 'web' : 'cli', - userAgent: req.headers?.['user-agent'] - } - }); - } + // if (postHogClient) { + // postHogClient.capture({ + // event: 'secrets deleted', + // distinctId: req.user.email, + // properties: { + // numberOfSecrets: numSecretsDeleted, + // environment: environmentName, + // workspaceId, + // channel: req.headers?.['user-agent']?.toLowerCase().includes('mozilla') ? 'web' : 'cli', + // userAgent: req.headers?.['user-agent'] + // } + // }); + // } res.status(200).send() } @@ -183,19 +183,19 @@ export const deleteSecrets = async (req: Request, res: Response) => { export const deleteSecret = async (req: Request, res: Response) => { await Secret.findByIdAndDelete(req._secret._id) - if (postHogClient) { - postHogClient.capture({ - event: 'secrets deleted', - distinctId: req.user.email, - properties: { - numberOfSecrets: 1, - workspaceId: req._secret.workspace.toString(), - environment: req._secret.environment, - channel: req.headers?.['user-agent']?.toLowerCase().includes('mozilla') ? 'web' : 'cli', - userAgent: req.headers?.['user-agent'] - } - }); - } + // if (postHogClient) { + // postHogClient.capture({ + // event: 'secrets deleted', + // distinctId: req.user.email, + // properties: { + // numberOfSecrets: 1, + // workspaceId: req._secret.workspace.toString(), + // environment: req._secret.environment, + // channel: req.headers?.['user-agent']?.toLowerCase().includes('mozilla') ? 'web' : 'cli', + // userAgent: req.headers?.['user-agent'] + // } + // }); + // } res.status(200).send({ secret: req._secret @@ -252,19 +252,19 @@ export const updateSecrets = async (req: Request, res: Response) => { throw InternalServerError() } - if (postHogClient) { - postHogClient.capture({ - event: 'secrets modified', - distinctId: req.user.email, - properties: { - numberOfSecrets: (secretsModificationsRequested ?? []).length, - environment: environmentName, - workspaceId, - channel: req.headers?.['user-agent']?.toLowerCase().includes('mozilla') ? 'web' : 'cli', - userAgent: req.headers?.['user-agent'] - } - }); - } + // if (postHogClient) { + // postHogClient.capture({ + // event: 'secrets modified', + // distinctId: req.user.email, + // properties: { + // numberOfSecrets: (secretsModificationsRequested ?? []).length, + // environment: environmentName, + // workspaceId, + // channel: req.headers?.['user-agent']?.toLowerCase().includes('mozilla') ? 'web' : 'cli', + // userAgent: req.headers?.['user-agent'] + // } + // }); + // } return res.status(200).send() } @@ -304,19 +304,19 @@ export const updateSecret = async (req: Request, res: Response) => { throw RouteValidationError({ message: "Unable to apply modifications, please try again", stack: error.stack }) } - if (postHogClient) { - postHogClient.capture({ - event: 'secrets modified', - distinctId: req.user.email, - properties: { - numberOfSecrets: 1, - environment: environmentName, - workspaceId, - channel: req.headers?.['user-agent']?.toLowerCase().includes('mozilla') ? 'web' : 'cli', - userAgent: req.headers?.['user-agent'] - } - }); - } + // if (postHogClient) { + // postHogClient.capture({ + // event: 'secrets modified', + // distinctId: req.user.email, + // properties: { + // numberOfSecrets: 1, + // environment: environmentName, + // workspaceId, + // channel: req.headers?.['user-agent']?.toLowerCase().includes('mozilla') ? 'web' : 'cli', + // userAgent: req.headers?.['user-agent'] + // } + // }); + // } return res.status(200).send(singleModificationUpdate) } @@ -354,19 +354,19 @@ export const getSecrets = async (req: Request, res: Response) => { throw RouteValidationError({ message: "Failed to get secrets, please try again", stack: err.stack }) } - if (postHogClient) { - postHogClient.capture({ - event: 'secrets pulled', - distinctId: req.user.email, - properties: { - numberOfSecrets: (secrets ?? []).length, - environment, - workspaceId, - channel: req.headers?.['user-agent']?.toLowerCase().includes('mozilla') ? 'web' : 'cli', - userAgent: req.headers?.['user-agent'] - } - }); - } + // if (postHogClient) { + // postHogClient.capture({ + // event: 'secrets pulled', + // distinctId: req.user.email, + // properties: { + // numberOfSecrets: (secrets ?? []).length, + // environment, + // workspaceId, + // channel: req.headers?.['user-agent']?.toLowerCase().includes('mozilla') ? 'web' : 'cli', + // userAgent: req.headers?.['user-agent'] + // } + // }); + // } return res.json(secrets) } @@ -378,20 +378,20 @@ export const getSecrets = async (req: Request, res: Response) => { * @returns */ export const getSecret = async (req: Request, res: Response) => { - if (postHogClient) { - postHogClient.capture({ - event: 'secrets pulled', - distinctId: req.user.email, - properties: { - numberOfSecrets: 1, - workspaceId: req._secret.workspace.toString(), - environment: req._secret.environment, - channel: req.headers?.['user-agent']?.toLowerCase().includes('mozilla') ? 'web' : 'cli', - userAgent: req.headers?.['user-agent'] - } - }); - } - + // if (postHogClient) { + // postHogClient.capture({ + // event: 'secrets pulled', + // distinctId: req.user.email, + // properties: { + // numberOfSecrets: 1, + // workspaceId: req._secret.workspace.toString(), + // environment: req._secret.environment, + // channel: req.headers?.['user-agent']?.toLowerCase().includes('mozilla') ? 'web' : 'cli', + // userAgent: req.headers?.['user-agent'] + // } + // }); + // } + return res.status(200).send({ secret: req._secret });