Fixes to github url for fetching CI status

amrit110 · amrit110 · commit 284085eaac13 · 2025-12-27T11:18:04.000-05:00
diff --git a/.github/workflows/deploy-catalog-analytics.yml b/.github/workflows/deploy-catalog-analytics.yml
@@ -111,7 +111,7 @@ jobs:
             --min-instances=0 \
             --concurrency=80 \
             --port=8080 \
-            --set-env-vars="NODE_ENV=production,NEXT_PUBLIC_GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }},GOOGLE_CLIENT_SECRET=${{ secrets.GOOGLE_CLIENT_SECRET }},SESSION_SECRET=${{ secrets.SESSION_SECRET }},NEXT_PUBLIC_APP_URL=https://catalog.vectorinstitute.ai,REDIRECT_URI=https://catalog.vectorinstitute.ai/analytics/api/auth/callback,ALLOWED_DOMAINS=vectorinstitute.ai" \
+            --set-env-vars="NODE_ENV=production,NEXT_PUBLIC_GOOGLE_CLIENT_ID=${{ secrets.GOOGLE_CLIENT_ID }},GOOGLE_CLIENT_SECRET=${{ secrets.GOOGLE_CLIENT_SECRET }},SESSION_SECRET=${{ secrets.SESSION_SECRET }},METRICS_GITHUB_TOKEN=${{ secrets.METRICS_GITHUB_TOKEN }},NEXT_PUBLIC_APP_URL=https://catalog.vectorinstitute.ai,REDIRECT_URI=https://catalog.vectorinstitute.ai/analytics/api/auth/callback,ALLOWED_DOMAINS=vectorinstitute.ai" \
             --update-labels="deployed-by=github-actions,commit=${{ github.sha }},service=catalog-analytics" \
             --quiet
 
diff --git a/catalog-analytics/app/api/github/ci-status/route.ts b/catalog-analytics/app/api/github/ci-status/route.ts
@@ -80,7 +80,9 @@ export async function POST(request: Request) {
       try {
         // First, get the latest commit SHA on main branch
         // Use URL constructor to prevent SSRF
-        const branchUrl = buildGitHubApiUrl(`/repos/${encodeURIComponent(repoIdStr)}/branches/main`);
+        // Note: Don't use encodeURIComponent on repo_id since it would encode the '/' separator
+        // We've already validated repo_id format with isValidRepoId()
+        const branchUrl = buildGitHubApiUrl(`/repos/${repoIdStr}/branches/main`);
         const branchResponse = await fetch(
           branchUrl.toString(),
           {
@@ -121,7 +123,8 @@ export async function POST(request: Request) {
 
         // Now get check runs for this specific commit
         // Use URL constructor to prevent SSRF
-        const checksUrl = buildGitHubApiUrl(`/repos/${encodeURIComponent(repoIdStr)}/commits/${latestCommitSha}/check-runs`);
+        // Note: Don't use encodeURIComponent on repo_id since it would encode the '/' separator
+        const checksUrl = buildGitHubApiUrl(`/repos/${repoIdStr}/commits/${latestCommitSha}/check-runs`);
         const checksResponse = await fetch(
           checksUrl.toString(),
           {
