unkeyed · chronark · Nov 18, 2024 · Sep 23, 2024 · Sep 23, 2024 · Sep 23, 2024
@@ -16,7 +16,7 @@ jobs:
         uses: ./.github/actions/install
         with:
           ts: true
-        
+
       - name: Build
         run: pnpm turbo run build --filter=./apps/api
 
@@ -31,20 +31,20 @@ jobs:
           EOF
         working-directory: apps/api
       - name: Run worker
-        run: pnpm dev > api.logs &
+        run: pnpm dev & sleep 15
         working-directory: apps/api
-        
-      
-        
+
+
+
-        run: pnpm dev & sleep 15
-        working-directory: apps/api
-        
-      
-        
+        run: |
+          pnpm dev & 
+          PID=$!
+          max_attempts=30
+          attempt=0
+          echo "Waiting for worker to be ready..."
+          while ! curl -s http://localhost:3000/health > /dev/null; do
+            ((attempt++))
+            if [ $attempt -ge $max_attempts ]; then
+              echo "Worker failed to start"
+              kill $PID
+              exit 1
+            fi
+            sleep 1
+          done
+          echo "Worker is ready"
+        working-directory: apps/api
+
+
+
-        run: pnpm dev & sleep 15
-        working-directory: apps/api
-        
-      
-        
+        run: |
+          pnpm dev & 
+          PID=$!
+          max_attempts=30
+          attempt=0
+          echo "Waiting for worker to be ready..."
+          while ! curl -s http://localhost:3000/health > /dev/null; do
+            ((attempt++))
+            if [ $attempt -ge $max_attempts ]; then
+              echo "Worker failed to start"
+              kill $PID
+              exit 1
+            fi
+            sleep 1
+          done
+          echo "Worker is ready"
+        working-directory: apps/api
+
+
+
 
       - name: Load Schema into MySQL
         run: pnpm drizzle-kit push
         working-directory: internal/db
         env:
           DRIZZLE_DATABASE_URL: "mysql://unkey:password@localhost:3306/unkey"
 
-    
- 
+
+
       - name: Build
         run: pnpm build
         env:
@@ -57,6 +57,3 @@ jobs:
           UNKEY_WEBHOOK_KEYS_API_ID: "not-empty"
           AGENT_URL: "http://localhost:8080"
           AGENT_TOKEN: "not-empty"
-
-
-
@@ -12,8 +12,6 @@ jobs:
     uses: ./.github/workflows/test_agent_local.yaml
 
   build_agent_image:
-    needs:
-      - agent_local_test
     uses: ./.github/workflows/job_build_agent_image.yaml
     secrets:
       GHCR_TOKEN: ${{ secrets.GHCR_TOKEN }}
@@ -41,7 +39,6 @@ jobs:
 
   agent_staging_deployment:
     needs:
-      - agent_local_test
       - build_agent_image
     uses: ./.github/workflows/job_deploy_agent_staging.yaml
     secrets:

@@ -10,6 +10,10 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
+      - name: Delete huge unnecessary tools folder
+        run: rm -rf /opt/hostedtoolcache
+
+
       - name: Run containers
         run: docker compose -f ./deployment/docker-compose.yaml up -d
 

@@ -10,7 +10,7 @@ on:
 jobs:
   test_packages:
     name: Test Packages
-    uses: ./.github/workflows/unit_test.yaml
+    uses: ./.github/workflows/job_test_unit.yaml
 
   build:
     name: Build

@@ -385,9 +385,6 @@ export class KeyService {
       return Ok({ valid: false, code: "NOT_FOUND" });
     }
 
-    this.logger.info("data from cache or db", {
-      data,
-    });
     // Quick fix
     if (!data.workspace) {
       this.logger.warn("workspace not found, trying again", {

@@ -80,7 +80,7 @@ export const registerV1KeysGetVerifications = (app: App) =>
   app.openapi(route, async (c) => {
     const { keyId, ownerId, start, end } = c.req.valid("query");
 
-    const { analytics, cache, db } = c.get("services");
+    const { analytics, cache, db, logger } = c.get("services");
 
     const ids: {
       keyId: string;
@@ -240,6 +240,10 @@ export const registerV1KeysGetVerifications = (app: App) =>
       [time: number]: { success: number; rateLimited: number; usageExceeded: number };
     } = {};
     for (const dataPoint of verificationsFromAllKeys) {
+      if (dataPoint.err) {
+        logger.error(dataPoint.err.message);
+        continue;
+      }
       for (const d of dataPoint.val!) {
         if (!verifications[d.time]) {
           verifications[d.time] = { success: 0, rateLimited: 0, usageExceeded: 0 };

@@ -0,0 +1,57 @@
+import { expect, test } from "vitest";
+
+import { randomUUID } from "node:crypto";
+import { IntegrationHarness } from "src/pkg/testutil/integration-harness";
+
+import { schema } from "@unkey/db";
+import { newId } from "@unkey/id";
+import type {
+  V1RatelimitDeleteOverrideRequest,
+  V1RatelimitDeleteOverrideResponse,
+} from "./v1_ratelimits_deleteOverride";
+
+test("Missing Namespace", async (t) => {
+  const h = await IntegrationHarness.init(t);
+
+  const overrideId = newId("test");
+  const identifier = randomUUID();
+  const namespaceId = newId("test");
+  const namespace = {
+    id: namespaceId,
+    workspaceId: h.resources.userWorkspace.id,
+    createdAt: new Date(),
+    name: newId("test"),
+  };
+  await h.db.primary.insert(schema.ratelimitNamespaces).values(namespace);
+
+  await h.db.primary.insert(schema.ratelimitOverrides).values({
+    id: overrideId,
+    workspaceId: h.resources.userWorkspace.id,
+    namespaceId,
+    identifier,
+    limit: 1,
+    duration: 60_000,
+    async: false,
+  });
+
+  const root = await h.createRootKey(["ratelimit.*.delete_override"]);
+  const res = await h.post<V1RatelimitDeleteOverrideRequest, V1RatelimitDeleteOverrideResponse>({
+    url: "/v1/ratelimits.deleteOverride",
+    headers: {
+      "Content-Type": "application/json",
+      Authorization: `Bearer ${root.key}`,
+    },
+    body: {
+      identifier,
+    },
+  });
+
+  expect(res.status, `expected 400, received: ${JSON.stringify(res, null, 2)}`).toBe(400);
+  expect(res.body).toMatchObject({
+    error: {
+      code: "BAD_REQUEST",
+      docs: "https://unkey.dev/docs/api-reference/errors/code/BAD_REQUEST",
+      message: "You must provide a namespaceId or a namespaceName",
+    },
+  });
+});
@@ -0,0 +1,56 @@
+import { expect, test } from "vitest";
+
+import { randomUUID } from "node:crypto";
+import { IntegrationHarness } from "src/pkg/testutil/integration-harness";
+
+import { isNull, schema } from "@unkey/db";
+import { newId } from "@unkey/id";
+import type {
+  V1RatelimitDeleteOverrideRequest,
+  V1RatelimitDeleteOverrideResponse,
+} from "./v1_ratelimits_deleteOverride";
+
+test("deletes override", async (t) => {
+  const h = await IntegrationHarness.init(t);
+
+  const overrideId = newId("test");
+  const identifier = randomUUID();
+  const namespaceId = newId("test");
+  const namespace = {
+    id: namespaceId,
+    workspaceId: h.resources.userWorkspace.id,
+    createdAt: new Date(),
+    name: newId("test"),
+  };
+  await h.db.primary.insert(schema.ratelimitNamespaces).values(namespace);
+
+  await h.db.primary.insert(schema.ratelimitOverrides).values({
+    id: overrideId,
+    workspaceId: h.resources.userWorkspace.id,
+    namespaceId,
+    identifier,
+    limit: 1,
+    duration: 60_000,
+    async: false,
+  });
+
+  const root = await h.createRootKey(["ratelimit.*.delete_override"]);
+  const res = await h.post<V1RatelimitDeleteOverrideRequest, V1RatelimitDeleteOverrideResponse>({
+    url: "/v1/ratelimits.deleteOverride",
+    headers: {
+      "Content-Type": "application/json",
+      Authorization: `Bearer ${root.key}`,
+    },
+    body: {
+      namespaceId,
+      identifier,
+    },
+  });
+
+  expect(res.status, `expected 200, received: ${JSON.stringify(res, null, 2)}`).toBe(200);
+
+  const found = await h.db.primary.query.ratelimitOverrides.findFirst({
+    where: (table, { eq, and }) => and(eq(table.id, overrideId), isNull(table.deletedAt)),
+  });
+  expect(found).toBeUndefined();
+});
@@ -0,0 +1,158 @@
+import { randomUUID } from "node:crypto";
+import { runCommonRouteTests } from "@/pkg/testutil/common-tests";
+import { IntegrationHarness } from "@/pkg/testutil/integration-harness";
+import { schema } from "@unkey/db";
+import { newId } from "@unkey/id";
+import { describe, expect, test } from "vitest";
+import type {
+  V1RatelimitDeleteOverrideRequest,
+  V1RatelimitDeleteOverrideResponse,
+} from "./v1_ratelimits_deleteOverride";
+
+runCommonRouteTests<V1RatelimitDeleteOverrideRequest>({
+  prepareRequest: async (rh) => {
+    const overrideId = newId("test");
+    const identifier = randomUUID();
+    const namespaceId = newId("test");
+    const namespace = {
+      id: namespaceId,
+      workspaceId: rh.resources.userWorkspace.id,
+      createdAt: new Date(),
+      name: newId("test"),
+    };
+    await rh.db.primary.insert(schema.ratelimitNamespaces).values(namespace);
+    await rh.db.primary.insert(schema.ratelimitOverrides).values({
+      id: overrideId,
+      workspaceId: rh.resources.userWorkspace.id,
+      namespaceId,
+      identifier,
+      limit: 1,
+      duration: 60_000,
+      async: false,
+    });
+
+    return {
+      method: "POST",
+      url: "/v1/ratelimits.deleteOverride",
+      headers: {
+        "Content-Type": "application/json",
+      },
+      body: {
+        namespaceId,
+        identifier,
+      },
+    };
+  },
+});
+describe("correct roles", () => {
+  describe.each([{ name: "delete override", roles: ["ratelimit.*.delete_override"] }])(
+    "$name",
+    ({ roles }) => {
+      test("returns 200", async (t) => {
+        const h = await IntegrationHarness.init(t);
+        const overrideId = newId("test");
+        const identifier = randomUUID();
+        const namespaceId = newId("test");
+        const namespace = {
+          id: namespaceId,
+          workspaceId: h.resources.userWorkspace.id,
+          createdAt: new Date(),
+          name: newId("test"),
+        };
+        await h.db.primary.insert(schema.ratelimitNamespaces).values(namespace);
+        await h.db.primary.insert(schema.ratelimitOverrides).values({
+          id: overrideId,
+          workspaceId: h.resources.userWorkspace.id,
+          namespaceId,
+          identifier,
+          limit: 1,
+          duration: 60_000,
+          async: false,
+        });
+        const root = await h.createRootKey(roles);
+
+        const res = await h.post<
+          V1RatelimitDeleteOverrideRequest,
+          V1RatelimitDeleteOverrideResponse
+        >({
+          url: "/v1/ratelimits.deleteOverride",
+          headers: {
+            "Content-Type": "application/json",
+            Authorization: `Bearer ${root.key}`,
+          },
+          body: {
+            namespaceId,
+            identifier,
+          },
+        });
+
+        expect(
+          res.status,
+          `expected status 200, received: ${JSON.stringify(res, null, 2)}`,
+        ).toEqual(200);
+
+        const found = await h.db.primary.query.ratelimitOverrides.findFirst({
+          where: (table, { eq, and, isNull }) =>
+            and(isNull(table.deletedAt), eq(table.id, overrideId)),
+        });
+        expect(found).toBeUndefined();
+      });
+    },
+  );
+});
+
+describe("incorrect roles", () => {
+  describe.each([{ name: "delete override", roles: ["ratelimit.*.create_override"] }])(
+    "$name",
+    ({ roles }) => {
+      test("returns 403", async (t) => {
+        const h = await IntegrationHarness.init(t);
+        const overrideId = newId("test");
+        const identifier = randomUUID();
+        const namespaceId = newId("test");
+        const namespace = {
+          id: namespaceId,
+          workspaceId: h.resources.userWorkspace.id,
+          createdAt: new Date(),
+          name: newId("test"),
+        };
+        await h.db.primary.insert(schema.ratelimitNamespaces).values(namespace);
+        await h.db.primary.insert(schema.ratelimitOverrides).values({
+          id: overrideId,
+          workspaceId: h.resources.userWorkspace.id,
+          namespaceId,
+          identifier,
+          limit: 1,
+          duration: 60_000,
+          async: false,
+        });
+        const root = await h.createRootKey(roles);
+
+        const res = await h.post<
+          V1RatelimitDeleteOverrideRequest,
+          V1RatelimitDeleteOverrideResponse
+        >({
+          url: "/v1/ratelimits.deleteOverride",
+          headers: {
+            "Content-Type": "application/json",
+            Authorization: `Bearer ${root.key}`,
+          },
+          body: {
+            namespaceId,
+            identifier,
+          },
+        });
+
+        expect(
+          res.status,
+          `expected status 403, received: ${JSON.stringify(res, null, 2)}`,
+        ).toEqual(403);
+
+        const found = await h.db.primary.query.ratelimitOverrides.findFirst({
+          where: (table, { eq }) => eq(table.id, overrideId),
+        });
+        expect(found?.id).toEqual(overrideId);
+      });
+    },
+  );
+});