Script 'Git repo test read write' for windmill

Git repo test read write

Verified

This script will test the connection to the Git repo passed stored in the resources passed as an argument. It first clones the repo (checking read) and then attemps an empty push (checking write)

Created by hugo697 404 days ago Viewed 18033 times

Submitted by rubenfiszel Bun

Verified 128 days ago

All edits

Permalink

import * as wmill from "windmill-client";
import { basename } from "node:path"
const util = require('util');
const exec = util.promisify(require('child_process').exec);


export async function main(repo_url_resource_path: string) {
  const cwd = process.cwd();
  process.env["HOME"] = ".";
  console.log(`Cloning repo from resource`);
  const repo_name = await git_clone(repo_url_resource_path);
  process.chdir(`${cwd}/${repo_name}`);
  console.log(`Attempting an empty push to repository ${repo_name}`);
  await git_push();
  console.log("Finished");
  process.chdir(`${cwd}`);
}

async function git_clone(repo_resource_path: string): Promise<string> {
  // TODO: handle private SSH keys as well
  let repo_url = (await wmill.getResource(repo_resource_path)).url;
  const azureMatch = repo_url.match(/AZURE_DEVOPS_TOKEN\((?<url>.+)\)/);
  if (azureMatch) {
    console.log(
      "Requires Azure DevOps service account access token, requesting..."
    );
    const azureResource = await wmill.getResource(azureMatch.groups.url);
    const response = await fetch(
      `https://login.microsoftonline.com/${azureResource.azureTenantId}/oauth2/token`,
      {
        method: "POST",
        body: new URLSearchParams({
          client_id: azureResource.azureClientId,
          client_secret: azureResource.azureClientSecret,
          grant_type: "client_credentials",
          resource: "499b84ac-1321-427f-aa17-267ca6975798/.default",
        }),
      }
    );
    const { access_token } = await response.json();
    repo_url = repo_url.replace(azureMatch[0], access_token);
  }
  const repo_name = basename(repo_url, ".git");
  await sh_run(4, "git", "clone", "--quiet", "--depth", "1", repo_url, repo_name);
  return repo_name;
}
async function git_push() {
  await sh_run(undefined, "git", "config", "user.email", process.env["WM_EMAIL"])
  await sh_run(undefined, "git", "config", "user.name", process.env["WM_USERNAME"])
  await sh_run(undefined, "git", "push");
}

async function sh_run(
  secret_position: number | undefined,
  cmd: string,
  ...args: string[]
) {
  const nargs = secret_position != undefined ? args.slice() : args;
  if (secret_position && secret_position < 0) {
    secret_position = nargs.length - 1 + secret_position;
  }
  let secret: string | undefined = undefined;
  if (secret_position != undefined) {
    nargs[secret_position] = "***";
    secret = args[secret_position];
  }
  
  console.log(`Running '${cmd} ${nargs.join(" ")} ...'`);
  const command = exec(`${cmd} ${args.join(" ")}`)
  try {
    const { stdout, stderr } = await command
    if (stdout.length > 0) {
      console.log(stdout);
    }
    if (stderr.length > 0) {
      console.log(stderr);
    }
    console.log("Command successfully executed");

  } catch(error) {
    let errorString = error.toString();
    if (secret) {
      errorString = errorString.replace(secret, "***");
    }
    const err = `SH command '${cmd} ${nargs.join(
      " "
    )}' returned with error ${errorString}`;
    throw Error(err);
  }
}

Other submissions

Submitted by hugo697 Deno

Created 404 days ago

All edits

Permalink

import * as wmill from "npm:windmill-client@1.235.0";
import { basename } from "https://deno.land/std@0.208.0/path/mod.ts";

export async function main(repo_url_resource_path: string) {
  const cwd = Deno.cwd();
  Deno.env.set("HOME", ".");
  console.log(`Cloning repo from resource`);

  const repo_name = await git_clone(repo_url_resource_path);

  Deno.chdir(`${cwd}/${repo_name}`);

  console.log(`Attempting an empty push to repository ${repo_name}`);
  await git_push();

  console.log("Finished");
  Deno.chdir(`${cwd}`);
}

async function git_clone(repo_resource_path: string): Promise<string> {
  // TODO: handle private SSH keys as well
  let repo_url = (await wmill.getResource(repo_resource_path)).url;

  const azureMatch = repo_url.match(/AZURE_DEVOPS_TOKEN\((?<url>.+)\)/);

  if (azureMatch) {
    console.log(
      "Requires Azure DevOps service account access token, requesting..."
    );
    const azureResource = await wmill.getResource(azureMatch.groups.url);

    const response = await fetch(
      `https://login.microsoftonline.com/${azureResource.azureTenantId}/oauth2/token`,
      {
        method: "POST",
        body: new URLSearchParams({
          client_id: azureResource.azureClientId,
          client_secret: azureResource.azureClientSecret,
          grant_type: "client_credentials",
          resource: "499b84ac-1321-427f-aa17-267ca6975798/.default",
        }),
      }
    );

    const { access_token } = await response.json();

    repo_url = repo_url.replace(azureMatch[0], access_token);
  }

  const repo_name = basename(repo_url, ".git");

  await sh_run("git", "clone", "--quiet", "--depth", "1", repo_url, repo_name);
  return repo_name;
}

async function git_push() {
  await sh_run("git", "config", "user.email", Deno.env.get("WM_EMAIL"));
  await sh_run("git", "config", "user.name", Deno.env.get("WM_USERNAME"));
  await sh_run("git", "push");
}

async function sh_run(cmd: string, ...args: string[]) {
  // console.log(`Running '${cmd} ${args.join(" ")}'`)
  const command = new Deno.Command(cmd, {
    args: args,
  });
  const { code, stdout: _stdout, stderr: _stderr } = await command.output();

  if (code !== 0) {
    throw `SH command '${cmd} ${args.join(
      " "
    )}' returned with a non-zero status ${code}`;
  }
}


`1`	`import * as wmill from "windmill-client";`
`2`	`import { basename } from "node:path"`
`3`	`const util = require('util');`
`4`	`const exec = util.promisify(require('child_process').exec);`
`5`
`6`
`7`	`export async function main(repo_url_resource_path: string) {`
`8`	`const cwd = process.cwd();`
`9`	`process.env["HOME"] = ".";`
`10`	console.log(`Cloning repo from resource`);
`11`	`const repo_name = await git_clone(repo_url_resource_path);`
`12`	process.chdir(`${cwd}/${repo_name}`);
`13`	console.log(`Attempting an empty push to repository ${repo_name}`);
`14`	`await git_push();`
`15`	`console.log("Finished");`
`16`	process.chdir(`${cwd}`);
`17`	`}`
`18`
`19`	`async function git_clone(repo_resource_path: string): Promise<string> {`
`20`	`// TODO: handle private SSH keys as well`
`21`	`let repo_url = (await wmill.getResource(repo_resource_path)).url;`
`22`	`const azureMatch = repo_url.match(/AZURE_DEVOPS_TOKEN\((?<url>.+)\)/);`
`23`	`if (azureMatch) {`
`24`	`console.log(`
`25`	`"Requires Azure DevOps service account access token, requesting..."`
`26`	`);`
`27`	`const azureResource = await wmill.getResource(azureMatch.groups.url);`
`28`	`const response = await fetch(`
`29`	`https://login.microsoftonline.com/${azureResource.azureTenantId}/oauth2/token`,
`30`	`{`
`31`	`method: "POST",`
`32`	`body: new URLSearchParams({`
`33`	`client_id: azureResource.azureClientId,`
`34`	`client_secret: azureResource.azureClientSecret,`
`35`	`grant_type: "client_credentials",`
`36`	`resource: "499b84ac-1321-427f-aa17-267ca6975798/.default",`
`37`	`}),`
`38`	`}`
`39`	`);`
`40`	`const { access_token } = await response.json();`
`41`	`repo_url = repo_url.replace(azureMatch[0], access_token);`
`42`	`}`
`43`	`const repo_name = basename(repo_url, ".git");`
`44`	`await sh_run(4, "git", "clone", "--quiet", "--depth", "1", repo_url, repo_name);`
`45`	`return repo_name;`
`46`	`}`
`47`	`async function git_push() {`
`48`	`await sh_run(undefined, "git", "config", "user.email", process.env["WM_EMAIL"])`
`49`	`await sh_run(undefined, "git", "config", "user.name", process.env["WM_USERNAME"])`
`50`	`await sh_run(undefined, "git", "push");`
`51`	`}`
`52`
`53`	`async function sh_run(`
`54`	`secret_position: number \| undefined,`
`55`	`cmd: string,`
`56`	`...args: string[]`
`57`	`) {`
`58`	`const nargs = secret_position != undefined ? args.slice() : args;`
`59`	`if (secret_position && secret_position < 0) {`
`60`	`secret_position = nargs.length - 1 + secret_position;`
`61`	`}`
`62`	`let secret: string \| undefined = undefined;`
`63`	`if (secret_position != undefined) {`
`64`	`nargs[secret_position] = "***";`
`65`	`secret = args[secret_position];`
`66`	`}`
`67`
`68`	console.log(`Running '${cmd} ${nargs.join(" ")} ...'`);
`69`	const command = exec(`${cmd} ${args.join(" ")}`)
`70`	`try {`
`71`	`const { stdout, stderr } = await command`
`72`	`if (stdout.length > 0) {`
`73`	`console.log(stdout);`
`74`	`}`
`75`	`if (stderr.length > 0) {`
`76`	`console.log(stderr);`
`77`	`}`
`78`	`console.log("Command successfully executed");`
`79`
`80`	`} catch(error) {`
`81`	`let errorString = error.toString();`
`82`	`if (secret) {`
`83`	`errorString = errorString.replace(secret, "***");`
`84`	`}`
`85`	const err = `SH command '${cmd} ${nargs.join(
`86`	`" "`
`87`	)}' returned with error ${errorString}`;
`88`	`throw Error(err);`
`89`	`}`
`90`	`}`

`1`	`import * as wmill from "npm:windmill-client@1.235.0";`
`2`	`import { basename } from "https://deno.land/std@0.208.0/path/mod.ts";`
`3`
`4`	`export async function main(repo_url_resource_path: string) {`
`5`	`const cwd = Deno.cwd();`
`6`	`Deno.env.set("HOME", ".");`
`7`	console.log(`Cloning repo from resource`);
`8`
`9`	`const repo_name = await git_clone(repo_url_resource_path);`
`10`
`11`	Deno.chdir(`${cwd}/${repo_name}`);
`12`
`13`	console.log(`Attempting an empty push to repository ${repo_name}`);
`14`	`await git_push();`
`15`
`16`	`console.log("Finished");`
`17`	Deno.chdir(`${cwd}`);
`18`	`}`
`19`
`20`	`async function git_clone(repo_resource_path: string): Promise<string> {`
`21`	`// TODO: handle private SSH keys as well`
`22`	`let repo_url = (await wmill.getResource(repo_resource_path)).url;`
`23`
`24`	`const azureMatch = repo_url.match(/AZURE_DEVOPS_TOKEN\((?<url>.+)\)/);`
`25`
`26`	`if (azureMatch) {`
`27`	`console.log(`
`28`	`"Requires Azure DevOps service account access token, requesting..."`
`29`	`);`
`30`	`const azureResource = await wmill.getResource(azureMatch.groups.url);`
`31`
`32`	`const response = await fetch(`
`33`	`https://login.microsoftonline.com/${azureResource.azureTenantId}/oauth2/token`,
`34`	`{`
`35`	`method: "POST",`
`36`	`body: new URLSearchParams({`
`37`	`client_id: azureResource.azureClientId,`
`38`	`client_secret: azureResource.azureClientSecret,`
`39`	`grant_type: "client_credentials",`
`40`	`resource: "499b84ac-1321-427f-aa17-267ca6975798/.default",`
`41`	`}),`
`42`	`}`
`43`	`);`
`44`
`45`	`const { access_token } = await response.json();`
`46`
`47`	`repo_url = repo_url.replace(azureMatch[0], access_token);`
`48`	`}`
`49`
`50`	`const repo_name = basename(repo_url, ".git");`
`51`
`52`	`await sh_run("git", "clone", "--quiet", "--depth", "1", repo_url, repo_name);`
`53`	`return repo_name;`
`54`	`}`
`55`
`56`	`async function git_push() {`
`57`	`await sh_run("git", "config", "user.email", Deno.env.get("WM_EMAIL"));`
`58`	`await sh_run("git", "config", "user.name", Deno.env.get("WM_USERNAME"));`
`59`	`await sh_run("git", "push");`
`60`	`}`
`61`
`62`	`async function sh_run(cmd: string, ...args: string[]) {`
`63`	// console.log(`Running '${cmd} ${args.join(" ")}'`)
`64`	`const command = new Deno.Command(cmd, {`
`65`	`args: args,`
`66`	`});`
`67`	`const { code, stdout: _stdout, stderr: _stderr } = await command.output();`
`68`
`69`	`if (code !== 0) {`
`70`	throw `SH command '${cmd} ${args.join(
`71`	`" "`
`72`	)}' returned with a non-zero status ${code}`;
`73`	`}`
`74`	`}`
`75`