Skip to content

Commit

Permalink
Merge pull request #1819 from akhilmhdh/feat/hide-secret-scanner
Browse files Browse the repository at this point in the history
feat: added secret-scanning disable option
  • Loading branch information
maidul98 committed May 13, 2024
2 parents c176d1e + 638208e commit 389d51f
Show file tree
Hide file tree
Showing 8 changed files with 74 additions and 23 deletions.
37 changes: 21 additions & 16 deletions backend/src/ee/services/secret-scanning/secret-scanning-service.ts
Original file line number Diff line number Diff line change
Expand Up @@ -90,15 +90,17 @@ export const secretScanningServiceFactory = ({
const {
data: { repositories }
} = await octokit.apps.listReposAccessibleToInstallation();
await Promise.all(
repositories.map(({ id, full_name }) =>
secretScanningQueue.startFullRepoScan({
organizationId: session.orgId,
installationId,
repository: { id, fullName: full_name }
})
)
);
if (!appCfg.DISABLE_SECRET_SCANNING) {
await Promise.all(
repositories.map(({ id, full_name }) =>
secretScanningQueue.startFullRepoScan({
organizationId: session.orgId,
installationId,
repository: { id, fullName: full_name }
})
)
);
}
return { installatedApp };
};

Expand Down Expand Up @@ -151,6 +153,7 @@ export const secretScanningServiceFactory = ({
};

const handleRepoPushEvent = async (payload: WebhookEventMap["push"]) => {
const appCfg = getConfig();
const { commits, repository, installation, pusher } = payload;
if (!commits || !repository || !installation || !pusher) {
return;
Expand All @@ -161,13 +164,15 @@ export const secretScanningServiceFactory = ({
});
if (!installationLink) return;

await secretScanningQueue.startPushEventScan({
commits,
pusher: { name: pusher.name, email: pusher.email },
repository: { fullName: repository.full_name, id: repository.id },
organizationId: installationLink.orgId,
installationId: String(installation?.id)
});
if (!appCfg.DISABLE_SECRET_SCANNING) {
await secretScanningQueue.startPushEventScan({
commits,
pusher: { name: pusher.name, email: pusher.email },
repository: { fullName: repository.full_name, id: repository.id },
organizationId: installationLink.orgId,
installationId: String(installation?.id)
});
}
};

const handleRepoDeleteEvent = async (installationId: string, repositoryIds: string[]) => {
Expand Down
4 changes: 4 additions & 0 deletions backend/src/lib/config/env.ts
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,10 @@ const zodStrBool = z
const envSchema = z
.object({
PORT: z.coerce.number().default(4000),
DISABLE_SECRET_SCANNING: z
.enum(["true", "false"])
.default("false")
.transform((el) => el === "true"),
REDIS_URL: zpStr(z.string()),
HOST: zpStr(z.string().default("localhost")),
DB_CONNECTION_URI: zpStr(z.string().describe("Postgres database connection string")).default(
Expand Down
15 changes: 11 additions & 4 deletions backend/src/server/routes/v1/admin-router.ts
Original file line number Diff line number Diff line change
Expand Up @@ -20,16 +20,23 @@ export const registerAdminRouter = async (server: FastifyZodProvider) => {
schema: {
response: {
200: z.object({
config: SuperAdminSchema.omit({ createdAt: true, updatedAt: true }).merge(
z.object({ isMigrationModeOn: z.boolean() })
)
config: SuperAdminSchema.omit({ createdAt: true, updatedAt: true }).extend({
isMigrationModeOn: z.boolean(),
isSecretScanningDisabled: z.boolean()
})
})
}
},
handler: async () => {
const config = await getServerCfg();
const serverEnvs = getConfig();
return { config: { ...config, isMigrationModeOn: serverEnvs.MAINTENANCE_MODE } };
return {
config: {
...config,
isMigrationModeOn: serverEnvs.MAINTENANCE_MODE,
isSecretScanningDisabled: serverEnvs.DISABLE_SECRET_SCANNING
}
};
}
});

Expand Down
26 changes: 26 additions & 0 deletions frontend/src/components/v2/NoticeBanner/NoticeBanner.tsx
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
import { ReactNode } from "react";
import { faWarning, IconDefinition } from "@fortawesome/free-solid-svg-icons";
import { FontAwesomeIcon } from "@fortawesome/react-fontawesome";
import { twMerge } from "tailwind-merge";

type Props = {
icon?: IconDefinition;
title: string;
children: ReactNode;
className?: string;
};

export const NoticeBanner = ({ icon = faWarning, title, children, className }: Props) => (
<div
className={twMerge(
"flex w-full flex-row items-center rounded-md border border-primary-600/70 bg-primary/[.07] p-4 text-base text-white",
className
)}
>
<FontAwesomeIcon icon={icon} className="pr-6 text-4xl text-white/80" />
<div className="flex w-full flex-col text-sm">
<div className="mb-2 text-lg font-semibold">{title}</div>
<div>{children}</div>
</div>
</div>
);
1 change: 1 addition & 0 deletions frontend/src/components/v2/NoticeBanner/index.tsx
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
export { NoticeBanner } from "./NoticeBanner";
1 change: 1 addition & 0 deletions frontend/src/components/v2/index.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ export * from "./IconButton";
export * from "./Input";
export * from "./Menu";
export * from "./Modal";
export * from "./NoticeBanner";
export * from "./Pagination";
export * from "./Popoverv2";
export * from "./SecretInput";
Expand Down
1 change: 1 addition & 0 deletions frontend/src/hooks/api/admin/types.ts
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ export type TServerConfig = {
isMigrationModeOn?: boolean;
trustSamlEmails: boolean;
trustLdapEmails: boolean;
isSecretScanningDisabled: boolean;
};

export type TCreateAdminUserDTO = {
Expand Down
12 changes: 9 additions & 3 deletions frontend/src/pages/org/[id]/secret-scanning/index.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@ import Head from "next/head";
import { useRouter } from "next/router";

import { OrgPermissionCan } from "@app/components/permissions";
import { Button } from "@app/components/v2";
import { OrgPermissionActions, OrgPermissionSubjects } from "@app/context";
import { Button, NoticeBanner } from "@app/components/v2";
import { OrgPermissionActions, OrgPermissionSubjects, useServerConfig } from "@app/context";
import { withPermission } from "@app/hoc";
import { SecretScanningLogsTable } from "@app/views/SecretScanning/components";

Expand All @@ -17,6 +17,7 @@ const SecretScanning = withPermission(
const router = useRouter();
const queryParams = router.query;
const [integrationEnabled, setIntegrationStatus] = useState(false);
const { config } = useServerConfig();

useEffect(() => {
const linkInstallation = async () => {
Expand Down Expand Up @@ -69,6 +70,11 @@ const SecretScanning = withPermission(
<div className="mb-6 text-lg text-mineshaft-300">
Automatically monitor your GitHub activity and prevent secret leaks
</div>
{config.isSecretScanningDisabled && (
<NoticeBanner title="Secret scanning is in maintenance" className="mb-4">
We are working on improving the performance of secret scanning due to increased usage.
</NoticeBanner>
)}
<div className="relative mb-6 flex justify-between rounded-md border border-mineshaft-600 bg-mineshaft-800 p-6">
<div className="flex flex-col items-start">
<div className="mb-1 flex flex-row">
Expand Down Expand Up @@ -110,7 +116,7 @@ const SecretScanning = withPermission(
colorSchema="primary"
onClick={generateNewIntegrationSession}
className="h-min py-2"
isDisabled={!isAllowed}
isDisabled={!isAllowed || config.isSecretScanningDisabled}
>
Integrate with GitHub
</Button>
Expand Down

0 comments on commit 389d51f

Please sign in to comment.