appview/repo: add secret management forms to repo settings #376

+3

appview/pages/pages.go

··· 16 16 "strings" 17 17 "sync" 18 18 19 19 + "tangled.sh/tangled.sh/core/api/tangled" 19 20 "tangled.sh/tangled.sh/core/appview/commitverify" 20 21 "tangled.sh/tangled.sh/core/appview/config" 21 22 "tangled.sh/tangled.sh/core/appview/db" ··· 690 691 Branches []types.Branch 691 692 Spindles []string 692 693 CurrentSpindle string 694 694 + Secrets []*tangled.RepoListSecrets_Secret 695 695 + 693 696 // TODO: use repoinfo.roles 694 697 IsCollaboratorInviteAllowed bool 695 698 }

+44

appview/pages/templates/repo/settings.html

··· 115 115 </form> 116 116 {{ end }} 117 117 118 118 + {{ if $.CurrentSpindle }} 119 119 + <header class="font-bold text-sm mb-4 uppercase dark:text-white"> 120 120 + Secrets 121 121 + </header> 122 122 + 123 123 + <div id="secret-list" class="flex flex-col gap-2 mb-2"> 124 124 + {{ range $idx, $secret := .Secrets }} 125 125 + {{ with $secret }} 126 126 + <div id="secret-{{$idx}}" class="mb-2"> 127 127 + {{ .Key }} created on {{ .CreatedAt }} by {{ .CreatedBy }} 128 128 + </div> 129 129 + {{ end }} 130 130 + {{ end }} 131 131 + </div> 132 132 + <form 133 133 + hx-put="/{{ $.RepoInfo.FullName }}/settings/secrets" 134 134 + class="mt-6" 135 135 + hx-indicator="#add-secret-spinner"> 136 136 + <label for="key">secret key</label> 137 137 + <input 138 138 + type="text" 139 139 + id="key" 140 140 + name="key" 141 141 + required 142 142 + class="dark:bg-gray-700 dark:text-white" 143 143 + placeholder="SECRET_KEY" /> 144 144 + <label for="value">secret value</label> 145 145 + <input 146 146 + type="text" 147 147 + id="value" 148 148 + name="value" 149 149 + required 150 150 + class="dark:bg-gray-700 dark:text-white" 151 151 + placeholder="SECRET VALUE" /> 152 152 + 153 153 + <button class="btn my-2 flex items-center" type="text"> 154 154 + <span>add</span> 155 155 + <span id="add-secret-spinner" class="group"> 156 156 + {{ i "loader-circle" "ml-2 w-4 h-4 animate-spin hidden group-[.htmx-request]:inline" }} 157 157 + </span> 158 158 + </button> 159 159 + </form> 160 160 + {{ end }} 161 161 + 118 162 {{ if .RepoInfo.Roles.RepoDeleteAllowed }} 119 163 <form 120 164 hx-confirm="Are you sure you want to delete this repository?"

+89

appview/repo/repo.go

··· 912 912 w.Write(fmt.Append(nil, "default branch set to: ", branch)) 913 913 } 914 914 915 915 + func (rp *Repo) Secrets(w http.ResponseWriter, r *http.Request) { 916 916 + f, err := rp.repoResolver.Resolve(r) 917 917 + if err != nil { 918 918 + log.Println("failed to get repo and knot", err) 919 919 + return 920 920 + } 921 921 + 922 922 + if f.Spindle == "" { 923 923 + log.Println("empty spindle cannot add/rm secret", err) 924 924 + return 925 925 + } 926 926 + 927 927 + lxm := tangled.RepoAddSecretNSID 928 928 + if r.Method == http.MethodDelete { 929 929 + lxm = tangled.RepoRemoveSecretNSID 930 930 + } 931 931 + 932 932 + spindleClient, err := rp.oauth.ServiceClient( 933 933 + r, 934 934 + oauth.WithService(f.Spindle), 935 935 + oauth.WithLxm(lxm), 936 936 + oauth.WithDev(rp.config.Core.Dev), 937 937 + ) 938 938 + if err != nil { 939 939 + log.Println("failed to create spindle client", err) 940 940 + return 941 941 + } 942 942 + 943 943 + key := r.FormValue("key") 944 944 + if key == "" { 945 945 + w.WriteHeader(http.StatusBadRequest) 946 946 + return 947 947 + } 948 948 + 949 949 + switch r.Method { 950 950 + case http.MethodPut: 951 951 + value := r.FormValue("value") 952 952 + if key == "" { 953 953 + w.WriteHeader(http.StatusBadRequest) 954 954 + return 955 955 + } 956 956 + 957 957 + err = tangled.RepoAddSecret( 958 958 + r.Context(), 959 959 + spindleClient, 960 960 + &tangled.RepoAddSecret_Input{ 961 961 + Repo: f.RepoAt.String(), 962 962 + Key: key, 963 963 + Value: value, 964 964 + }, 965 965 + ) 966 966 + if err != nil { 967 967 + log.Println("request didnt run", "err", err) 968 968 + return 969 969 + } 970 970 + 971 971 + case http.MethodDelete: 972 972 + err = tangled.RepoRemoveSecret( 973 973 + r.Context(), 974 974 + spindleClient, 975 975 + &tangled.RepoRemoveSecret_Input{ 976 976 + Repo: f.RepoAt.String(), 977 977 + Key: key, 978 978 + }, 979 979 + ) 980 980 + if err != nil { 981 981 + log.Println("request didnt run", "err", err) 982 982 + return 983 983 + } 984 984 + } 985 985 + } 986 986 + 915 987 func (rp *Repo) RepoSettings(w http.ResponseWriter, r *http.Request) { 916 988 f, err := rp.repoResolver.Resolve(r) 917 989 if err != nil { ··· 955 1027 return 956 1028 } 957 1029 1030 1030 + var secrets []*tangled.RepoListSecrets_Secret 1031 1031 + if f.Spindle != "" { 1032 1032 + if spindleClient, err := rp.oauth.ServiceClient( 1033 1033 + r, 1034 1034 + oauth.WithService(f.Spindle), 1035 1035 + oauth.WithLxm(tangled.RepoListSecretsNSID), 1036 1036 + oauth.WithDev(rp.config.Core.Dev), 1037 1037 + ); err != nil { 1038 1038 + log.Println("failed to create spindle client", err) 1039 1039 + } else if resp, err := tangled.RepoListSecrets(r.Context(), spindleClient, f.RepoAt.String()); err != nil { 1040 1040 + log.Println("failed to fetch secrets", err) 1041 1041 + } else { 1042 1042 + secrets = resp.Secrets 1043 1043 + } 1044 1044 + } 1045 1045 + 958 1046 rp.pages.RepoSettings(w, pages.RepoSettingsParams{ 959 1047 LoggedInUser: user, 960 1048 RepoInfo: f.RepoInfo(user), ··· 963 1051 Branches: result.Branches, 964 1052 Spindles: spindles, 965 1053 CurrentSpindle: f.Spindle, 1054 1054 + Secrets: secrets, 966 1055 }) 967 1056 } 968 1057 }

+2

appview/repo/router.go

··· 74 74 r.With(mw.RepoPermissionMiddleware("repo:invite")).Put("/collaborator", rp.AddCollaborator) 75 75 r.With(mw.RepoPermissionMiddleware("repo:delete")).Delete("/delete", rp.DeleteRepo) 76 76 r.Put("/branches/default", rp.SetDefaultBranch) 77 77 + r.Put("/secrets", rp.Secrets) 78 78 + r.Delete("/secrets", rp.Secrets) 77 79 }) 78 80 }) 79 81