dave/coolify
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

add debug log

Browse Source
This commit is contained in:
peaklabs-dev
2025-01-06 20:56:19 +01:00
parent 49f468c4b7
commit 126e5ff57a
2 changed files with 87 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
app/Jobs/GithubAppPermissionJob.php
View File

@@ -10,6 +10,7 @@ use Illuminate\Foundation\Bus\Dispatchable;
use Illuminate\Queue\InteractsWithQueue; use Illuminate\Queue\InteractsWithQueue;
use Illuminate\Queue\SerializesModels; use Illuminate\Queue\SerializesModels;
use Illuminate\Support\Facades\Http; use Illuminate\Support\Facades\Http;
use Illuminate\Support\Facades\Log;
class GithubAppPermissionJob implements ShouldBeEncrypted, ShouldQueue class GithubAppPermissionJob implements ShouldBeEncrypted, ShouldQueue
{ {
@@ -26,21 +27,66 @@ class GithubAppPermissionJob implements ShouldBeEncrypted, ShouldQueue
public function handle() public function handle()
{ {
Log::debug('Starting GithubAppPermissionJob', [
'app_id' => $this->github_app->app_id,
'installation_id' => $this->github_app->installation_id,
'api_url' => $this->github_app->api_url,
]);
try { try {
Log::debug('Generating GitHub JWT token');
$github_access_token = generateGithubJwt($this->github_app); $github_access_token = generateGithubJwt($this->github_app);
Log::debug('Fetching app permissions from GitHub API');
$response = Http::withHeaders([ $response = Http::withHeaders([
'Authorization' => "Bearer $github_access_token", 'Authorization' => "Bearer $github_access_token",
'Accept' => 'application/vnd.github.machine-man-preview+json', 'Accept' => 'application/vnd.github+json',
])->get("{$this->github_app->api_url}/app"); ])->get("{$this->github_app->api_url}/app");
if (! $response->successful()) {
Log::error('GitHub API request failed', [
'status_code' => $response->status(),
'error' => $response->body(),
'app_id' => $this->github_app->app_id,
]);
throw new \RuntimeException('Failed to fetch GitHub app permissions: '.$response->body());
}
$response = $response->json(); $response = $response->json();
$permissions = data_get($response, 'permissions'); $permissions = data_get($response, 'permissions');
Log::debug('Retrieved GitHub permissions', [
'app_id' => $this->github_app->app_id,
'permissions' => $permissions,
]);
$this->github_app->contents = data_get($permissions, 'contents'); $this->github_app->contents = data_get($permissions, 'contents');
$this->github_app->metadata = data_get($permissions, 'metadata'); $this->github_app->metadata = data_get($permissions, 'metadata');
$this->github_app->pull_requests = data_get($permissions, 'pull_requests'); $this->github_app->pull_requests = data_get($permissions, 'pull_requests');
$this->github_app->administration = data_get($permissions, 'administration'); $this->github_app->administration = data_get($permissions, 'administration');
Log::debug('Saving updated permissions to database', [
'app_id' => $this->github_app->app_id,
'contents' => $this->github_app->contents,
'metadata' => $this->github_app->metadata,
'pull_requests' => $this->github_app->pull_requests,
'administration' => $this->github_app->administration,
]);
$this->github_app->save(); $this->github_app->save();
$this->github_app->makeVisible('client_secret')->makeVisible('webhook_secret'); $this->github_app->makeVisible('client_secret')->makeVisible('webhook_secret');
Log::debug('Successfully completed GithubAppPermissionJob', [
'app_id' => $this->github_app->app_id,
]);
} catch (\Throwable $e) { } catch (\Throwable $e) {
Log::error('GithubAppPermissionJob failed', [
'app_id' => $this->github_app->app_id,
'error' => $e->getMessage(),
'trace' => $e->getTraceAsString(),
]);
send_internal_notification('GithubAppPermissionJob failed with: '.$e->getMessage()); send_internal_notification('GithubAppPermissionJob failed with: '.$e->getMessage());
throw $e; throw $e;
} }

41
bootstrap/helpers/github.php
View File

@@ -5,6 +5,7 @@ use App\Models\GitlabApp;
use Carbon\Carbon; use Carbon\Carbon;
use Carbon\CarbonImmutable; use Carbon\CarbonImmutable;
use Illuminate\Support\Facades\Http; use Illuminate\Support\Facades\Http;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Str; use Illuminate\Support\Str;
use Lcobucci\JWT\Encoding\ChainedFormatter; use Lcobucci\JWT\Encoding\ChainedFormatter;
use Lcobucci\JWT\Encoding\JoseEncoder; use Lcobucci\JWT\Encoding\JoseEncoder;
@@ -14,12 +15,29 @@ use Lcobucci\JWT\Token\Builder;
function generateGithubToken(GithubApp $source, string $type) function generateGithubToken(GithubApp $source, string $type)
{ {
Log::debug('Generating GitHub token', [
'app_id' => $source->app_id,
'type' => $type,
'api_url' => $source->api_url,
]);
$response = Http::get("{$source->api_url}/zen"); $response = Http::get("{$source->api_url}/zen");
$serverTime = CarbonImmutable::now()->setTimezone('UTC'); $serverTime = CarbonImmutable::now()->setTimezone('UTC');
$githubTime = Carbon::parse($response->header('date')); $githubTime = Carbon::parse($response->header('date'));
$timeDiff = abs($serverTime->diffInSeconds($githubTime)); $timeDiff = abs($serverTime->diffInSeconds($githubTime));
Log::debug('Time synchronization check', [
'server_time' => $serverTime->format('Y-m-d H:i:s'),
'github_time' => $githubTime->format('Y-m-d H:i:s'),
'difference_seconds' => $timeDiff,
]);
if ($timeDiff > 50) { if ($timeDiff > 50) {
Log::error('System time out of sync with GitHub', [
'time_difference' => $timeDiff,
'server_time' => $serverTime->format('Y-m-d H:i:s'),
'github_time' => $githubTime->format('Y-m-d H:i:s'),
]);
throw new \Exception( throw new \Exception(
'System time is out of sync with GitHub API time:<br>'. 'System time is out of sync with GitHub API time:<br>'.
'- System time: '.$serverTime->format('Y-m-d H:i:s').' UTC<br>'. '- System time: '.$serverTime->format('Y-m-d H:i:s').' UTC<br>'.
@@ -41,18 +59,39 @@ function generateGithubToken(GithubApp $source, string $type)
->getToken($algorithm, $signingKey) ->getToken($algorithm, $signingKey)
->toString(); ->toString();
Log::debug('JWT token generated', [
'token_type' => $type,
'issued_at' => $now->modify('-1 minute')->format('Y-m-d H:i:s'),
'expires_at' => $now->modify('+8 minutes')->format('Y-m-d H:i:s'),
]);
return match ($type) { return match ($type) {
'jwt' => $jwt, 'jwt' => $jwt,
'installation' => (function () use ($source, $jwt) { 'installation' => (function () use ($source, $jwt) {
Log::debug('Requesting installation token', [
'app_id' => $source->app_id,
'installation_id' => $source->installation_id,
]);
$response = Http::withHeaders([ $response = Http::withHeaders([
'Authorization' => "Bearer $jwt", 'Authorization' => "Bearer $jwt",
'Accept' => 'application/vnd.github.machine-man-preview+json', 'Accept' => 'application/vnd.github.machine-man-preview+json',
])->post("{$source->api_url}/app/installations/{$source->installation_id}/access_tokens"); ])->post("{$source->api_url}/app/installations/{$source->installation_id}/access_tokens");
if (! $response->successful()) { if (! $response->successful()) {
throw new RuntimeException("Failed to get installation token for {$source->name} with error: ".data_get($response->json(), 'message', 'no error message found')); $error = data_get($response->json(), 'message', 'no error message found');
Log::error('Failed to get installation token', [
'status_code' => $response->status(),
'error_message' => $error,
'app_id' => $source->app_id,
]);
throw new RuntimeException("Failed to get installation token for {$source->name} with error: ".$error);
} }
Log::debug('Successfully obtained installation token', [
'app_id' => $source->app_id,
]);
return $response->json()['token']; return $response->json()['token'];
})(), })(),
default => throw new \InvalidArgumentException("Unsupported token type: {$type}") default => throw new \InvalidArgumentException("Unsupported token type: {$type}")