fix webhook detection

Author: filiptronicek

components/server/src/api/configuration-service-api.ts

@@ -252,10 +252,14 @@ export class ConfigurationServiceAPI implements ServiceImpl<typeof Configuration
             throw new ApplicationError(ErrorCodes.NOT_FOUND, "configuration not found");
         }
         const user = await this.userService.findUserById(ctxUserId(), ctxUserId());
-        const event = await this.projectService.getRecentWebhookEvent({}, user, configuration, 7 * 24 * 60 * 60 * 1000);
+        let event = await this.projectService.getRecentWebhookEvent({}, user, configuration, 7 * 24 * 60 * 60 * 1000);
+        const isWebhookActive = event !== undefined;
+        if (event?.id === "n/a") {
+            event = undefined; // if we know webhooks are enabled but we never received an event,
+        }
 
         const resp = new GetConfigurationWebhookActivityStatusResponse({
-            isWebhookActive: event !== undefined,
+            isWebhookActive,
             latestWebhookEvent: {
                 commit: event?.commit,
                 creationTime: event?.creationTime ? Timestamp.fromDate(new Date(event.creationTime)) : undefined,

components/server/src/auth/host-context-provider-impl.ts

@@ -14,6 +14,7 @@ import { log } from "@gitpod/gitpod-protocol/lib/util/logging";
 import { HostContainerMapping } from "./host-container-mapping";
 import { TraceContext } from "@gitpod/gitpod-protocol/lib/util/tracing";
 import { repeat } from "@gitpod/gitpod-protocol/lib/util/repeat";
+import { RepositoryService } from "../repohost/repo-service";
 
 @injectable()
 export class HostContextProviderImpl implements HostContextProvider {
@@ -152,6 +153,7 @@ export class HostContextProviderImpl implements HostContextProvider {
         const container = parentContainer.createChild();
         container.bind(AuthProviderParams).toConstantValue(authProviderConfig);
         container.bind(HostContext).toSelf().inSingletonScope();
+        container.bind(RepositoryService).toSelf().inSingletonScope();
 
         const hostContainerMapping = parentContainer.get(HostContainerMapping);
         const containerModules = hostContainerMapping.get(authProviderConfig.type);

components/server/src/github/github-container-module.ts

@@ -16,6 +16,8 @@ import { GithubRepositoryProvider } from "./github-repository-provider";
 import { GitHubTokenHelper } from "./github-token-helper";
 import { IGitTokenValidator } from "../workspace/git-token-validator";
 import { GitHubTokenValidator } from "./github-token-validator";
+import { RepositoryService } from "../repohost/repo-service";
+import { GitHubService } from "../prebuilds/github-service";
 
 export const githubContainerModule = new ContainerModule((bind, _unbind, _isBound, rebind) => {
     bind(RepositoryHost).toSelf().inSingletonScope();
@@ -32,4 +34,5 @@ export const githubContainerModule = new ContainerModule((bind, _unbind, _isBoun
     bind(GitHubTokenHelper).toSelf().inSingletonScope();
     bind(GitHubTokenValidator).toSelf().inSingletonScope();
     bind(IGitTokenValidator).toService(GitHubTokenValidator);
+    rebind(RepositoryService).to(GitHubService).inSingletonScope();
 });

components/server/src/prebuilds/github-service.ts

@@ -11,73 +11,20 @@ import { GitHubEnterpriseApp } from "./github-enterprise-app";
 import { GithubContextParser } from "../github/github-context-parser";
 import { User } from "@gitpod/gitpod-protocol";
 import { Config } from "../config";
-import { TokenService } from "../user/token-service";
 import { RepoURL } from "../repohost";
-import { ApplicationError, ErrorCodes } from "@gitpod/gitpod-protocol/lib/messaging/error";
 import { UnauthorizedError } from "../errors";
-import { containsScopes } from "./token-scopes-inclusion";
 import { GitHubOAuthScopes } from "@gitpod/public-api-common/lib/auth-providers";
 
 @injectable()
 export class GitHubService extends RepositoryService {
-    static PREBUILD_TOKEN_SCOPE = "prebuilds";
-
     constructor(
         @inject(GitHubRestApi) protected readonly githubApi: GitHubRestApi,
         @inject(Config) private readonly config: Config,
-        @inject(TokenService) private readonly tokenService: TokenService,
         @inject(GithubContextParser) private readonly githubContextParser: GithubContextParser,
     ) {
         super();
     }
 
-    async installAutomatedPrebuilds(user: User, cloneUrl: string): Promise<void> {
-        const parsedRepoUrl = RepoURL.parseRepoUrl(cloneUrl);
-        if (!parsedRepoUrl) {
-            throw new ApplicationError(ErrorCodes.BAD_REQUEST, `Clone URL not parseable.`);
-        }
-        let tokenEntry;
-        try {
-            const { owner, repoName: repo } = await this.githubContextParser.parseURL(user, cloneUrl);
-            const webhooks = (await this.githubApi.run(user, (gh) => gh.repos.listWebhooks({ owner, repo }))).data;
-            for (const webhook of webhooks) {
-                if (webhook.config.url === this.getHookUrl()) {
-                    await this.githubApi.run(user, (gh) =>
-                        gh.repos.deleteWebhook({ owner, repo, hook_id: webhook.id }),
-                    );
-                }
-            }
-            tokenEntry = await this.tokenService.createGitpodToken(user, GitHubService.PREBUILD_TOKEN_SCOPE, cloneUrl);
-            const config = {
-                url: this.getHookUrl(),
-                content_type: "json",
-                secret: user.id + "|" + tokenEntry.token.value,
-            };
-            await this.githubApi.run(user, (gh) => gh.repos.createWebhook({ owner, repo, config }));
-        } catch (error) {
-            // Hint: here we catch all GH API errors to forward them as Unauthorized to FE,
-            // eventually that should be done depending on the error code.
-            // Also, if user is not connected at all, then the GH API wrapper is throwing
-            // the same error type, but with `providerIsConnected: false`.
-
-            if (GitHubApiError.is(error)) {
-                // TODO check for `error.code`
-                throw UnauthorizedError.create({
-                    host: parsedRepoUrl.host,
-                    providerType: "GitHub",
-                    repoName: parsedRepoUrl.repo,
-                    requiredScopes: GitHubOAuthScopes.Requirements.DEFAULT,
-                    providerIsConnected: true,
-                    isMissingScopes: containsScopes(
-                        tokenEntry?.token.scopes,
-                        GitHubOAuthScopes.Requirements.PRIVATE_REPO,
-                    ),
-                });
-            }
-            throw error;
-        }
-    }
-
     async isGitpodWebhookEnabled(user: User, cloneUrl: string): Promise<boolean> {
         try {
             const { owner, repoName: repo } = await this.githubContextParser.parseURL(user, cloneUrl);

components/server/src/projects/projects-service.ts

@@ -556,10 +556,6 @@ export class ProjectsService {
         const context = (await this.contextParser.handle(ctx, user, project.cloneUrl)) as CommitContext;
 
         const events = await this.webhookEventDb.findByCloneUrl(project.cloneUrl, 50);
-        if (events.length === 0) {
-            return undefined;
-        }
-
         const hostContext = this.hostContextProvider.get(context.repository.host);
         const repoService = hostContext?.services?.repositoryService;
         if (!repoService) {
@@ -568,7 +564,16 @@ export class ProjectsService {
 
         try {
             const webhookEnabled = await repoService.isGitpodWebhookEnabled(user, project.cloneUrl);
-            return webhookEnabled ? events[0] : undefined; // todo(ft): figure out what to return if webhook is enabled but we have no events
+            return webhookEnabled
+                ? events[0] ?? {
+                      commit: "n/a",
+                      creationTime: "",
+                      id: "initial_data",
+                      type: "initial_data",
+                      rawEvent: "{}",
+                      status: "processed",
+                  }
+                : undefined;
         } catch (error) {
             if (!UnauthorizedError.is(error) && error.message !== "unsupported") {
                 throw error;

components/server/src/repohost/repo-service.ts

@@ -9,9 +9,6 @@ import { injectable } from "inversify";
 
 @injectable()
 export class RepositoryService {
-    async installAutomatedPrebuilds(user: User, cloneUrl: string): Promise<void> {
-        throw new Error("unsupported");
-    }
     async isGitpodWebhookEnabled(user: User, cloneUrl: string): Promise<boolean> {
         throw new Error("unsupported");
     }

components/server/src/repohost/repository-host.ts

@@ -8,9 +8,11 @@ import { inject, injectable } from "inversify";
 
 import { FileProvider } from "./file-provider";
 import { RepositoryProvider } from "./repository-provider";
+import { RepositoryService } from "./repo-service";
 
 @injectable()
 export class RepositoryHost {
     @inject(FileProvider) fileProvider: FileProvider;
     @inject(RepositoryProvider) repositoryProvider: RepositoryProvider;
+    @inject(RepositoryService) repositoryService: RepositoryService;
 }