Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

release changes #77

Merged
merged 5 commits into from
Oct 5, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
77 changes: 0 additions & 77 deletions .circleci/config.yml

This file was deleted.

4 changes: 2 additions & 2 deletions .github/CODEOWNERS
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
@@ -1,2 +1,2 @@
# Snyk Tech Services will be required for a review on every PR
* @snyk-tech-services/snyk-tech-services
# CS Engineering will be required for a review on every PR
* @snyk-labs/cs-engineers
63 changes: 63 additions & 0 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
# This is a basic workflow to help you get started with Actions

name: ci

# Controls when the workflow will run
on:
# Triggers the workflow on push or pull request events but only for the "main" branch
push:
branches:
- '**'
pull_request:
branches:
- 'master'

# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:

# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
build-test:
# The type of runner that the job will run on
runs-on: ubuntu-latest
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v3
- name: Setup Node.js environment
uses: actions/setup-node@v3
with:
node-version: 18
- name: Install dependencies
run: |
npm install
- name: Run tests
run: |
npm test
- name: Run Snyk to check for vulnerabilities
uses: snyk/actions/node@master
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
args: --severity-threshold=high
build-test-monitor:
if: github.ref == 'refs/heads/master'
runs-on: ubuntu-latest
needs: build-test
steps:
- uses: actions/checkout@v3
- name: Setup Node.js environment
uses: actions/setup-node@v3
with:
node-version: 18
- name: Install dependencies
run: |
npm install semantic-release @semantic-release/exec pkg --save-dev
npm install
- name: Run Snyk to check for vulnerabilities
uses: snyk/actions/node@master
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
args: --org=cse-snyk-labs
command: monitor
36 changes: 36 additions & 0 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,36 @@
name: Release action
on:
push:
branches:
- master

permissions:
contents: read # for checkout

jobs:
build-and-publish:
if: github.ref == 'refs/heads/master'
runs-on: ubuntu-latest
permissions:
contents: write # to be able to publish a GitHub release
issues: write # to be able to comment on released issues
pull-requests: write # to be able to comment on released pull requests
id-token: write # to enable use of OIDC for npm provenance
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Setup Node.js
uses: actions/setup-node@v3
with:
node-version: "lts/*"
- name: Install dependencies
run: npm install
- name: Verify the integrity of provenance attestations and registry signatures for installed dependencies
run: npm audit signatures
- name: Release
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
NPM_TOKEN: ${{ secrets.NPM_TOKEN }}
run: npx semantic-release
4 changes: 4 additions & 0 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@
"homepage": "https://github.com/snyk-tech-services/snyk-request-manager#readme",
"dependencies": {
"@snyk/configstore": "^3.2.0-rc1",
"@types/babel__traverse": "7.17.1",
"@types/debug": "^4.1.7",
"@types/uuid": "^7.0.3",
"axios": "0.27.2",
Expand All @@ -41,15 +42,18 @@
"global-agent": "3.0.0",
"leaky-bucket-queue": "0.0.2",
"lodash": "4.17.21",
"proxy-from-env": "^1.1.0",
"snyk-config": "^5.0.1",
"source-map-support": "^0.5.16",
"tslib": "^1.10.0",
"uuid": "^8.0.0"
},
"devDependencies": {
"@types/global-agent": "^2.1.1",
"@types/jest": "^25.1.1",
"@types/lodash": "4.14.186",
"@types/node": "^12.12.26",
"@types/proxy-from-env": "^1.0.2",
"@typescript-eslint/eslint-plugin": "^2.18.0",
"@typescript-eslint/parser": "^2.18.0",
"eslint": "^6.8.0",
Expand Down
54 changes: 45 additions & 9 deletions src/lib/request/request.ts
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,8 @@

// Fixes issue https://github.com/axios/axios/issues/3384
// where HTTPS over HTTP Proxy Fails with 500 handshakefailed on mcafee proxy
import 'global-agent/bootstrap';
import { bootstrap } from 'global-agent';
import { getProxyForUrl } from 'proxy-from-env';

const DEFAULT_API = 'https://snyk.io/api/v1';
const DEFAULT_REST_API = 'https://api.snyk.io/rest/';
Expand All @@ -11,11 +12,21 @@
verb: string;
url: string;
body?: string;
headers?: Record<string, any>;

Check warning on line 15 in src/lib/request/request.ts

View workflow job for this annotation

GitHub Actions / build-test

Unexpected any. Specify a different type
requestId?: string;
useRESTApi?: boolean;
}

if (process.env.HTTP_PROXY || process.env.http_proxy) {
process.env.HTTP_PROXY = process.env.HTTP_PROXY || process.env.http_proxy;
}
if (process.env.HTTPS_PROXY || process.env.https_proxy) {
process.env.HTTPS_PROXY = process.env.HTTPS_PROXY || process.env.https_proxy;
}
if (process.env.NP_PROXY || process.env.no_proxy) {
process.env.NO_PROXY = process.env.NO_PROXY || process.env.no_proxy;
}

const getTopParentModuleName = (parent: NodeModule | null): string => {
if (parent == null) {
return '';
Expand All @@ -34,13 +45,19 @@
apiUrl = DEFAULT_API,
apiUrlREST = DEFAULT_REST_API,
userAgentPrefix = '',
): Promise<AxiosResponse<any>> => {

Check warning on line 48 in src/lib/request/request.ts

View workflow job for this annotation

GitHub Actions / build-test

Unexpected any. Specify a different type
const proxyUri = getProxyForUrl(request.useRESTApi ? apiUrlREST : apiUrl);
if (proxyUri) {
bootstrap({
environmentVariableNamespace: '',
});
}
const topParentModuleName = getTopParentModuleName(module.parent as any);

Check warning on line 55 in src/lib/request/request.ts

View workflow job for this annotation

GitHub Actions / build-test

Unexpected any. Specify a different type
const userAgentPrefixChecked =
userAgentPrefix != '' && !userAgentPrefix.endsWith('/')
? userAgentPrefix + '/'
: userAgentPrefix;
const requestHeaders: Record<string, any> = {

Check warning on line 60 in src/lib/request/request.ts

View workflow job for this annotation

GitHub Actions / build-test

Unexpected any. Specify a different type
'Content-Type':
request.useRESTApi && request.body
? 'application/vnd.api+json'
Expand All @@ -48,15 +65,34 @@
Authorization: 'token ' + snykToken,
'User-Agent': `${topParentModuleName}${userAgentPrefixChecked}tech-services/snyk-request-manager/1.0`,
};
let apiClient;
if (proxyUri) {
apiClient = axios.create({
baseURL: request.useRESTApi ? apiUrlREST : apiUrl,
responseType: 'json',
headers: { ...requestHeaders, ...request.headers },
transitional: {
clarifyTimeoutError: true,
},
timeout: 30_000, // 5 mins same as Snyk APIs
proxy: false, // disables axios built-in proxy to let bootstrap work
});
} else {
apiClient = axios.create({
baseURL: request.useRESTApi ? apiUrlREST : apiUrl,
responseType: 'json',
headers: { ...requestHeaders, ...request.headers },
transitional: {
clarifyTimeoutError: true,
},
timeout: 30_000, // 5 mins same as Snyk APIs
});
}

const apiClient = axios.create({
baseURL: request.useRESTApi ? apiUrlREST : apiUrl,
responseType: 'json',
headers: { ...requestHeaders, ...request.headers },
transitional: {
clarifyTimeoutError: true,
},
timeout: 30_000, // 5 mins same as Snyk APIs
// sanitize error to avoid leaking sensitive data
apiClient.interceptors.response.use(undefined, async (error) => {
error.config.headers.Authorization = '****';
return Promise.reject(error);
});

try {
Expand Down
22 changes: 22 additions & 0 deletions test/lib/request/request.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,9 @@ beforeEach(() => {
.reply(512, '512')
.post(/\/genericerror/)
.reply(512, '512')
.get(/\/gotimeout/)
.delayConnection(32000)
.reply(504, '504')
.get(/\/apiautherror/)
.reply(401, '401')
.post(/\/apiautherror/)
Expand Down Expand Up @@ -206,4 +209,23 @@ describe('Test Snyk Utils error handling/classification', () => {
expect(err).toBeInstanceOf(GenericError);
}
});

it('Test Timeout error on GET command', async () => {
try {
const bodyToSend = {
testbody: {},
};
await makeSnykRequest(
{
verb: 'GET',
url: '/gotimeout',
body: JSON.stringify(bodyToSend),
},
'token123',
);
} catch (err) {
expect(err).toBeInstanceOf(GenericError);
expect(err.message.config.headers.Authorization).toBe('****');
}
});
});
23 changes: 23 additions & 0 deletions test/lib/request/rest-request.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,9 @@ beforeEach(() => {
.reply(512, '512')
.post(/\/genericerror/)
.reply(512, '512')
.get(/\/gotimeout/)
.delayConnection(32000)
.reply(504, '504')
.get(/\/apiautherror/)
.reply(401, '401')
.post(/\/apiautherror/)
Expand Down Expand Up @@ -287,4 +290,24 @@ describe('Test Snyk Utils error handling/classification', () => {
expect(err).toBeInstanceOf(GenericError);
}
});

it('Test Timeout error on GET command', async () => {
try {
const bodyToSend = {
testbody: {},
};
await makeSnykRequest(
{
verb: 'GET',
url: '/gotimeout',
body: JSON.stringify(bodyToSend),
useRESTApi: true,
},
'token123',
);
} catch (err) {
expect(err).toBeInstanceOf(GenericError);
expect(err.message.config.headers.Authorization).toBe('****');
}
});
});
Loading