feat: warning user about manually deploying review apps

cmd/integration_link.go

@@ -180,7 +180,7 @@ List of available integrations:
 				}
 
 				if deployReviewApps && allowReviewAppsFromForks && !awareOfSecurityRisks {
-					allowReviewAppsFromForks, err = askForConfirmationToAllowReviewAppsFromForks()
+					allowReviewAppsFromForks, err = askForConfirmationToAllowReviewAppsFromForks("Allow automatic creation of review apps from forks?")
 					if err != nil {
 						errorQuit(err)
 					}
@@ -305,7 +305,7 @@ List of available integrations:
 			params := integrationlink.CheckAndFillParams(c)
 
 			if allowReviewAppsFromForks && !awareOfSecurityRisks {
-				stillAllowed, err := askForConfirmationToAllowReviewAppsFromForks()
+				stillAllowed, err := askForConfirmationToAllowReviewAppsFromForks("Allow automatic creation of review apps from forks?")
 				if err != nil {
 					errorQuit(err)
 				}
@@ -390,9 +390,11 @@ List of available integrations:
 	}
 
 	integrationLinkManualReviewAppCommand = cli.Command{
-		Name:      "integration-link-manual-review-app",
-		Category:  "Integration Link",
-		Flags:     []cli.Flag{&appFlag},
+		Name:     "integration-link-manual-review-app",
+		Category: "Integration Link",
+		Flags: []cli.Flag{&appFlag,
+			&cli.BoolFlag{Name: "aware-of-security-risks", Usage: "Bypass the security warning about deploying a review app from a fork repository"},
+		},
 		Usage:     "Trigger a review app creation of the pull/merge request ID specified",
 		ArgsUsage: "request-id",
 		Description: CommandDescription{
@@ -401,7 +403,7 @@ List of available integrations:
    $ scalingo --app my-app integration-link-manual-review-app pull-request-id (for GitHub and GitHub Enterprise)
    $ scalingo --app my-app integration-link-manual-review-app merge-request-id (for GitLab and GitLab self-hosted)
 `,
-			Examples: []string{"scalingo --app my-app integration-link-manual-review-app 42"},
+			Examples: []string{"scalingo --app my-app integration-link-manual-review-app --aware-of-security-risks 42"},
 			SeeAlso:  []string{"integration-link", "integration-link-create", "integration-link-update", "integration-link-delete", "integration-link-manual-deploy"},
 		}.Render(),
 		Action: func(c *cli.Context) error {
@@ -414,9 +416,33 @@ List of available integrations:
 
 			utils.CheckForConsent(c.Context, currentApp, utils.ConsentTypeContainers)
 
-			pullRequestID := c.Args().First()
+			pullRequestID, err := strconv.Atoi(c.Args().First())
+			if err != nil {
+				errorQuit(errgo.Notef(err, "invalid pull / merge request id"))
+			}
+
+			pullRequest, err := integrationlink.PullRequest(c.Context, currentApp, pullRequestID)
+			if err != nil {
+				errorQuit(err)
+			}
+
+			if pullRequest.OpenedFromAForkedRepo {
+				awareOfSecurityRisks := c.Bool("aware-of-security-risks")
+				if !awareOfSecurityRisks {
+					io.Info("\nYou are about to deploy a Review App from a Pull Request opened from a fork.")
+					allowReviewAppsFromForks, err := askForConfirmationToAllowReviewAppsFromForks("Deploy this Pull Request coming from a forked repository?")
+					if err != nil {
+						errorQuit(err)
+					}
 
-			err := integrationlink.ManualReviewApp(c.Context, currentApp, pullRequestID)
+					if !allowReviewAppsFromForks {
+						io.Info("Manual Review App deploy aborted. Exiting.")
+						return nil
+					}
+				}
+			}
+
+			err = integrationlink.ManualReviewApp(c.Context, currentApp, pullRequestID)
 			if err != nil {
 				errorQuit(err)
 			}
@@ -513,7 +539,7 @@ func interactiveCreate() (scalingo.SCMRepoLinkCreateParams, error) {
 		params.HoursBeforeDeleteStale = &hoursBeforeDestroyOnStale
 	}
 
-	forksAllowed, err := askForConfirmationToAllowReviewAppsFromForks()
+	forksAllowed, err := askForConfirmationToAllowReviewAppsFromForks("Allow automatic creation of review apps from forks?")
 	if err != nil {
 		return params, errgo.Notef(err, "error enquiring about automatic review apps creation from forks")
 	}
@@ -537,14 +563,15 @@ func validateHoursBeforeDelete(ans interface{}) error {
 	return nil
 }
 
-func askForConfirmationToAllowReviewAppsFromForks() (bool, error) {
+func askForConfirmationToAllowReviewAppsFromForks(prompt string) (bool, error) {
 	fmt.Println()
 	io.Warning(reviewAppsFromForksSecurityWarning)
 	fmt.Println()
 
 	var confirmed bool
+
 	err := survey.AskOne(&survey.Confirm{
-		Message: "Allow automatic creation of review apps from forks?",
+		Message: prompt,
 		Default: false,
 	}, &confirmed, nil)
 

go.mod

@@ -4,7 +4,7 @@ go 1.20
 
 require (
 	github.com/AlecAivazis/survey/v2 v2.3.6
-	github.com/Scalingo/go-scalingo/v6 v6.5.0
+	github.com/Scalingo/go-scalingo/v6 v6.6.0
 	github.com/Scalingo/go-utils/errors/v2 v2.2.0
 	github.com/Scalingo/go-utils/logger v1.2.0
 	github.com/Scalingo/go-utils/retry v1.1.1

go.sum

@@ -7,8 +7,8 @@ github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2 h1:+vx7roKuyA63n
 github.com/Netflix/go-expect v0.0.0-20220104043353-73e0943537d2/go.mod h1:HBCaDeC1lPdgDeDbhX8XFpy1jqjK0IBG8W5K+xYqA0w=
 github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8 h1:wPbRQzjjwFc0ih8puEVAOFGELsn1zoIIYdxvML7mDxA=
 github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8/go.mod h1:I0gYDMZ6Z5GRU7l58bNFSkPTFN6Yl12dsUlAZ8xy98g=
-github.com/Scalingo/go-scalingo/v6 v6.5.0 h1:9dukdLhg36bOTeqEG9IVhC8wLU9DgjnFKcCkrOMQJk0=
-github.com/Scalingo/go-scalingo/v6 v6.5.0/go.mod h1:u3ROWLWw78ug4EQaunzOBzSPKy4ukNQTDrCFaKMG938=
+github.com/Scalingo/go-scalingo/v6 v6.6.0 h1:w1spshwyJDaudgC7mhC7xp5wtBt1hYFoBTXMR/iempQ=
+github.com/Scalingo/go-scalingo/v6 v6.6.0/go.mod h1:u3ROWLWw78ug4EQaunzOBzSPKy4ukNQTDrCFaKMG938=
 github.com/Scalingo/go-utils/errors/v2 v2.2.0 h1:n93hge0DzfZ3KbI/jdnxKDTRDD+PXsGwNPKyHRzQYEE=
 github.com/Scalingo/go-utils/errors/v2 v2.2.0/go.mod h1:pkLy6Qz9UNm6FpXtFJGZRC0W5lqbqHpPchrQV80gw5E=
 github.com/Scalingo/go-utils/logger v1.2.0 h1:E3jtaoRxpIsFcZu/jsvWew8ttUAwKUYQufdPqGYp7EU=

integrationlink/manual_review_app.go

@@ -2,14 +2,15 @@ package integrationlink
 
 import (
 	"context"
+	"strconv"
 
 	"gopkg.in/errgo.v1"
 
 	"github.com/Scalingo/cli/config"
 	"github.com/Scalingo/cli/io"
 )
 
-func ManualReviewApp(ctx context.Context, app, pullRequestID string) error {
+func ManualReviewApp(ctx context.Context, app string, pullRequestID int) error {
 	if app == "" {
 		return errgo.New("no app defined")
 	}
@@ -19,11 +20,11 @@ func ManualReviewApp(ctx context.Context, app, pullRequestID string) error {
 		return errgo.Notef(err, "fail to get Scalingo client")
 	}
 
-	err = c.SCMRepoLinkManualReviewApp(ctx, app, pullRequestID)
+	err = c.SCMRepoLinkManualReviewApp(ctx, app, strconv.Itoa(pullRequestID))
 	if err != nil {
 		return errgo.Notef(err, "fail to manually create a review app")
 	}
 
-	io.Statusf("Manual review app created for app '%s' with pull/merge request id '%s'.\n", app, pullRequestID)
+	io.Statusf("Manual review app created for app '%s' with pull/merge request id '%d'.\n", app, pullRequestID)
 	return nil
 }

integrationlink/pull_request.go

@@ -0,0 +1,29 @@
+package integrationlink
+
+import (
+	"context"
+
+	"gopkg.in/errgo.v1"
+
+	"github.com/Scalingo/cli/config"
+	"github.com/Scalingo/go-scalingo/v6"
+)
+
+func PullRequest(ctx context.Context, app string, pullRequestID int) (*scalingo.RepoLinkPullRequest, error) {
+	if app == "" {
+		return nil, errgo.New("no app defined")
+	}
+
+	c, err := config.ScalingoClient(ctx)
+	if err != nil {
+		return nil, errgo.Notef(err, "fail to get Scalingo client")
+	}
+
+	pullRequest, err := c.SCMRepoLinkPullRequest(ctx, app, pullRequestID)
+
+	if err != nil {
+		return nil, errgo.Notef(err, "fail to fetch the pull request status")
+	}
+
+	return pullRequest, nil
+}

vendor/modules.txt

@@ -28,7 +28,7 @@ github.com/ProtonMail/go-crypto/openpgp/internal/ecc
 github.com/ProtonMail/go-crypto/openpgp/internal/encoding
 github.com/ProtonMail/go-crypto/openpgp/packet
 github.com/ProtonMail/go-crypto/openpgp/s2k
-# github.com/Scalingo/go-scalingo/v6 v6.5.0
+# github.com/Scalingo/go-scalingo/v6 v6.6.0
 ## explicit; go 1.20
 github.com/Scalingo/go-scalingo/v6
 github.com/Scalingo/go-scalingo/v6/billing