-
-
Notifications
You must be signed in to change notification settings - Fork 658
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
task: Add customHeaders as possible parameter. #4139
Conversation
Adds support for custom headers for all current addons.
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
src/lib/addons/webhook.test.ts
Dismissed
url: 'http://test.webhook.com/plain', | ||
bodyTemplate: '{{event.type}} on toggle {{event.data.name}}', | ||
contentType: 'text/plain', | ||
authorization: 'API KEY 123abc', |
Check failure
Code scanning / CodeQL
Hard-coded credentials Critical
authorization header
The hard-coded value "API KEY 123abc" is used as
authorization header
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it can safely be dismissed
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Indeed, since it's a test, but it's good to see CodeQL catching these, just in case we stupidly add them to production code. :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this will work, just maybe a few improvements
@@ -1,9 +1,18 @@ | |||
// Jest Snapshot v1, https://goo.gl/fbAQLP | |||
|
|||
exports[`Should call slack webhook 1`] = `"{"username":"Unleash","icon_emoji":":unleash:","text":"some@user.com created feature toggle <http://some-url.com/projects/default/features/some-toggle|some-toggle> in project *default*","channel":"#undefined","attachments":[{"actions":[{"name":"featureToggle","text":"Open in Unleash","type":"button","value":"featureToggle","style":"primary","url":"http://some-url.com/projects/default/features/some-toggle"}]}]}"`; | |||
exports[`Should call slack webhook 1`] = `"{"username":"Unleash","icon_emoji":":unleash:","text":"some@user.com created feature toggle <http://some-url.com/projects/default/features/some-toggle|some-toggle> in project *default*","channel":"#general","attachments":[{"actions":[{"name":"featureToggle","text":"Open in Unleash","type":"button","value":"featureToggle","style":"primary","url":"http://some-url.com/projects/default/features/some-toggle"}]}]}"`; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Have you fixed slack integration by chance?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No, have not changed it, just given it support for custom headers
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It changed from undefined
to general
so the support for custom headers might have helped. Not sure but 👍
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh, that's just because I'm now type checking the parameters, so our test no longer allowed us to activate the slack addon with no defined defaultChannel (it's marked as required in our definition). Earlier, the test that wrote this snapshot did not have the defaultChannel parameter set, which caused javascript to happily send undefined
:)
interface IDatadogParameters { | ||
url: string; | ||
apiKey: string; | ||
customHeaders?: string; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why not something like:
customHeaders?: { [key: string]: string } | Record<string, string> ;
That would save you from doing JSON.parse
later
Inspired by https://github.com/search?q=%22type+HeadersInit+%3D%22+language%3ATypeScript&type=code&l=TypeScript
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm, if it works that would be good, we just don't have a way to define the input parameter in the addon definition as anything but a string. So somewhere we'd need to do the parsing.
src/lib/addons/datadog.ts
Outdated
extraHeaders = JSON.parse(customHeaders); | ||
} catch (e) { | ||
this.logger.warn( | ||
'Could not parse the json in the customHeaders parameters', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
'Could not parse the json in the customHeaders parameters', | |
`Could not parse the json in the customHeaders parameters ${customHeaders}`, |
but I think this exception should bubble up as it'd be a configuration issue
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
But you wouldn't want to throw an exception when creating a feature because one of the addons failed to parse data.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Though, this is on a different thread.
username?: string; | ||
defaultChannel: string; | ||
emojiIcon?: string; | ||
customHeaders?: string; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe this would benefit from the same suggestion:
customHeaders?: { [key: string]: string } | Record<string, string> ;
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same comment here, since we're doing a post of parameters, it isn't currently possible to have it as anything but strings, otherwise our template for event data would also be something else but string. I tested locally to ensure that this was correct.
@@ -8,6 +8,10 @@ import { | |||
} from './feature-event-formatter-md'; | |||
import { IEvent } from '../types/events'; | |||
|
|||
interface ITeamsParameters { | |||
url: string; | |||
customHeaders?: string; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same :D
@@ -9,6 +9,7 @@ interface IParameters { | |||
bodyTemplate?: string; | |||
contentType?: string; | |||
authorization?: string; | |||
customHeaders?: string; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
And one more... although this could be a bit trickier because we need to handle a web request.
src/lib/types/model.ts
Outdated
export interface ICustomHeaders { | ||
[name: string]: string; | ||
} | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok, I think you had the idea of doing something as I suggested, but I believe this is not used right now
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You're right. I forgot to remove this one.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LG!
Adds an optional sensitive parameter for customHeaders to all current addons. It is sensitive because the user might be including api key headers.
###What
Adds an optional sensitive parameter for customHeaders to all current addons. When formatted as a valid json object, the object will be included as headers in the request the addon makes upstream to it's target URL