feat(event-handlers): introduce event handler system for GitProxy lifecycle events#1519
feat(event-handlers): introduce event handler system for GitProxy lifecycle events#1519Andreybest wants to merge 4 commits into
Conversation
✅ Deploy Preview for endearing-brigadeiros-63f9d0 ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #1519 +/- ##
==========================================
+ Coverage 90.10% 90.33% +0.22%
==========================================
Files 69 75 +6
Lines 5657 5957 +300
Branches 990 1053 +63
==========================================
+ Hits 5097 5381 +284
- Misses 541 556 +15
- Partials 19 20 +1 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
|
@Andreybest Could I vote for an additional phase? We have several custom actions that run when a push is first received and the proxy blocks it for review. This state is not really We also have custom actions that would work really well as plugin events. For example, we:
It would be great if plugins could also add data that can be rendered in the UI. This would be a hugely helpful change, as it would allow us to separate our custom code from the base git-proxy. Keeping the two in sync is painful at the moment. |
|
Hey @andypols ! Thanks for the suggestion, this seems like a good use cases for events. Will try to add mechanisms that would be able to support your use cases :) |
re-vlad
left a comment
re-vlad
left a comment
There was a problem hiding this comment.
Just a wish: while the code is well-documented, there's no external docs (README, docs, etc.) explaining how to use the event system. This should be added.
| "contactEmail": "", | ||
| "csrfProtection": true, | ||
| "plugins": [], | ||
| "eventHandlers": [], |
There was a problem hiding this comment.
The config schema shows the eventHandlers array, but there are no examples of how to configure event handlers in proxy.config.json. Consider to document example
There was a problem hiding this comment.
Added documentation for that in architecture.md. Thanks!
| if (!action.user && !action.userEmail) { | ||
| return undefined; | ||
| } | ||
| return { username: action.user, email: action.userEmail }; |
There was a problem hiding this comment.
EventDetails.user and repository must be immutable copies (using String()) of Action fields — not references. Otherwise, async handlers may see stale or modified data if Action is mutated later in the chain. This rather critical I believe, but easy to fix:
return {
username = action.user ? String(action.user) : undefined;
email = action.userEmail ? String(action.userEmail) : undefined;
}```.
There was a problem hiding this comment.
Both values are strings, and strings are copied by value, not by reference, thus why this is unnecessary.
There was a problem hiding this comment.
I think Vlad's point here is that there is no object-level protection, in other words the fields can be overwritten unless we enforced the contract via something like Object.freeze(details.user) after defining details below.
For example, the following event handler would affect any subsequent handlers that use the EventDetails:
export default new EventHandlerPlugin(() => {
const redact = (details: EventDetails) => {
if (details.user) {
details.user.email = '<redacted>';
}
sendTo3rdPartyApp(details);
};
registry.onPush().onCompleted(redact);
});
| } from './types'; | ||
|
|
||
| const buildRepositoryContext = (action: Action): RepositoryContext => ({ | ||
| url: action.url, |
There was a problem hiding this comment.
The same problem like line 38, don't return references, return values instead:
name: action.repoName? String(action.repoName) : undefined,
url: String(action.url),
There was a problem hiding this comment.
Responded on comment above
Hey @andypols! Added a new phase - On "add data that can be rendered in the UI", not sure if this should be the part of this PR, since the current architecture of event hooks is to inform a plugin that something happened in a manner of "fire-and-forget". And as I understand this will also require changes to database schema itself. Please let me know if I understood what you have meant. :) |
@Andreybest Thats sounds perfect. It makes sense that the UI is in a different PR, although not sure about the need for a scheme change (we have this and did not need one) |
jescalada
left a comment
jescalada
left a comment
There was a problem hiding this comment.
@Andreybest Thanks for the contribution! It's looking great so far.
It'd be great to have a simple doc on how to configure a preexisting handler (such as the consoleLogger), and how to develop a new one. A short step-by-step guide will make it easier for everyone to adopt.
It'd be fantastic to have an extra builtin handler for sending emails as mentioned in #1121, although we could add it in a separate PR.
There was a problem hiding this comment.
This is a great example file to use for the Event Handler documentation 🙂
| * operations. For blocking/policy logic, write a chain plugin instead. | ||
| * | ||
| * Handlers run asynchronously, fire-and-forget. Errors thrown by a handler | ||
| * are caught and logged but never propagate to the git response. |
There was a problem hiding this comment.
These details would be best explained in a separate document - things like when to choose an event handler over a plugin as they're superficially similar 👍🏼
| errorMessage?: string | null; | ||
| blocked: boolean = false; | ||
| blockedMessage?: string | null; | ||
| permissionDenied: boolean = false; |
There was a problem hiding this comment.
I understand permissionDenied is set exclusively when checkUserPushPermission fails. I wonder if there's a more elegant solution - perhaps storing the name of the step where the Action failed. We could also infer this from the lastStep so we wouldn't need the extra field.
There was a problem hiding this comment.
I see the value of handling the specific case of permissionDenied. I'm just wondering if we could prevent future bloat from happening as people try to add event handling to other, arbitrary push actions.
OTOH, I'd say it's okay to keep it if it makes the event handler implementation more obvious.
| else if (phase === 'completed') builder.onCompleted(log); | ||
| else if (phase === 'pendingReview') builder.onPendingReview(log); | ||
| else if (phase === 'error') builder.onError(log); | ||
| else if (phase === 'permissionDenied') builder.onPermissionDenied(log); |
There was a problem hiding this comment.
Might want to have an else to handle things if someone added an additional ActionPhase but forgot to update the switch here.
| if (!action.user && !action.userEmail) { | ||
| return undefined; | ||
| } | ||
| return { username: action.user, email: action.userEmail }; |
There was a problem hiding this comment.
I think Vlad's point here is that there is no object-level protection, in other words the fields can be overwritten unless we enforced the contract via something like Object.freeze(details.user) after defining details below.
For example, the following event handler would affect any subsequent handlers that use the EventDetails:
export default new EventHandlerPlugin(() => {
const redact = (details: EventDetails) => {
if (details.user) {
details.user.email = '<redacted>';
}
sendTo3rdPartyApp(details);
};
registry.onPush().onCompleted(redact);
});4 participants
Implements #1449.
Introduces a lightweight, async, observer-only event system so external integrations (notifications, audit feeds) can react to push/pull lifecycle events without coupling to chain internals.
Event hooks can be added the same way as the
pluginsinconfig.proxy.jsonSupports 2 operations:
pullandpushWith 5 phases:
startedcompletederrorpermissionDeniedpendingReviewThis is not well documented, and not sure where to add info on that, would appreciate suggestions on that matter :)