Script 'Git repo test read write' for windmill

Git repo test read write

Verified

This script will test the connection to the Git repo passed stored in the resources passed as an argument. It first clones the repo (checking read) and then attemps an empty push (checking write)

Created by hugo697 363 days ago Viewed 14559 times

Submitted by rubenfiszel Bun

Verified 87 days ago

All edits

Permalink

import * as wmill from "windmill-client";
import { basename } from "node:path"
const util = require('util');
const exec = util.promisify(require('child_process').exec);


export async function main(repo_url_resource_path: string) {
  const cwd = process.cwd();
  process.env["HOME"] = ".";
  console.log(`Cloning repo from resource`);
  const repo_name = await git_clone(repo_url_resource_path);
  process.chdir(`${cwd}/${repo_name}`);
  console.log(`Attempting an empty push to repository ${repo_name}`);
  await git_push();
  console.log("Finished");
  process.chdir(`${cwd}`);
}

async function git_clone(repo_resource_path: string): Promise<string> {
  // TODO: handle private SSH keys as well
  let repo_url = (await wmill.getResource(repo_resource_path)).url;
  const azureMatch = repo_url.match(/AZURE_DEVOPS_TOKEN\((?<url>.+)\)/);
  if (azureMatch) {
    console.log(
      "Requires Azure DevOps service account access token, requesting..."
    );
    const azureResource = await wmill.getResource(azureMatch.groups.url);
    const response = await fetch(
      `https://login.microsoftonline.com/${azureResource.azureTenantId}/oauth2/token`,
      {
        method: "POST",
        body: new URLSearchParams({
          client_id: azureResource.azureClientId,
          client_secret: azureResource.azureClientSecret,
          grant_type: "client_credentials",
          resource: "499b84ac-1321-427f-aa17-267ca6975798/.default",
        }),
      }
    );
    const { access_token } = await response.json();
    repo_url = repo_url.replace(azureMatch[0], access_token);
  }
  const repo_name = basename(repo_url, ".git");
  await sh_run(4, "git", "clone", "--quiet", "--depth", "1", repo_url, repo_name);
  return repo_name;
}
async function git_push() {
  await sh_run(undefined, "git", "config", "user.email", process.env["WM_EMAIL"])
  await sh_run(undefined, "git", "config", "user.name", process.env["WM_USERNAME"])
  await sh_run(undefined, "git", "push");
}

async function sh_run(
  secret_position: number | undefined,
  cmd: string,
  ...args: string[]
) {
  const nargs = secret_position != undefined ? args.slice() : args;
  if (secret_position && secret_position < 0) {
    secret_position = nargs.length - 1 + secret_position;
  }
  if (secret_position != undefined) {
    nargs[secret_position] = "***";
  }
  
  console.log(`Running '${cmd} ${nargs.join(" ")} ...'`);
  const command = exec(`${cmd} ${args.join(" ")}`)
  // new Deno.Command(cmd, {
  //   args: args,
  // });
  const { error, stdout, stderr } = await command
  if (stdout.length > 0) {
    console.log(stdout);
  }
  if (stderr.length > 0) {
    console.log(stderr);
  }
  if (error) {
    const err = `SH command '${cmd} ${nargs.join(
      " "
    )}' returned with error ${error}`;
    throw Error(err);
  }
  console.log("Command successfully executed");
}


Other submissions

Submitted by hugo697 Deno

Created 363 days ago

All edits

Permalink

import * as wmill from "npm:windmill-client@1.235.0";
import { basename } from "https://deno.land/std@0.208.0/path/mod.ts";

export async function main(repo_url_resource_path: string) {
  const cwd = Deno.cwd();
  Deno.env.set("HOME", ".");
  console.log(`Cloning repo from resource`);

  const repo_name = await git_clone(repo_url_resource_path);

  Deno.chdir(`${cwd}/${repo_name}`);

  console.log(`Attempting an empty push to repository ${repo_name}`);
  await git_push();

  console.log("Finished");
  Deno.chdir(`${cwd}`);
}

async function git_clone(repo_resource_path: string): Promise<string> {
  // TODO: handle private SSH keys as well
  let repo_url = (await wmill.getResource(repo_resource_path)).url;

  const azureMatch = repo_url.match(/AZURE_DEVOPS_TOKEN\((?<url>.+)\)/);

  if (azureMatch) {
    console.log(
      "Requires Azure DevOps service account access token, requesting..."
    );
    const azureResource = await wmill.getResource(azureMatch.groups.url);

    const response = await fetch(
      `https://login.microsoftonline.com/${azureResource.azureTenantId}/oauth2/token`,
      {
        method: "POST",
        body: new URLSearchParams({
          client_id: azureResource.azureClientId,
          client_secret: azureResource.azureClientSecret,
          grant_type: "client_credentials",
          resource: "499b84ac-1321-427f-aa17-267ca6975798/.default",
        }),
      }
    );

    const { access_token } = await response.json();

    repo_url = repo_url.replace(azureMatch[0], access_token);
  }

  const repo_name = basename(repo_url, ".git");

  await sh_run("git", "clone", "--quiet", "--depth", "1", repo_url, repo_name);
  return repo_name;
}

async function git_push() {
  await sh_run("git", "config", "user.email", Deno.env.get("WM_EMAIL"));
  await sh_run("git", "config", "user.name", Deno.env.get("WM_USERNAME"));
  await sh_run("git", "push");
}

async function sh_run(cmd: string, ...args: string[]) {
  // console.log(`Running '${cmd} ${args.join(" ")}'`)
  const command = new Deno.Command(cmd, {
    args: args,
  });
  const { code, stdout: _stdout, stderr: _stderr } = await command.output();

  if (code !== 0) {
    throw `SH command '${cmd} ${args.join(
      " "
    )}' returned with a non-zero status ${code}`;
  }
}


`1`	`import * as wmill from "windmill-client";`
`2`	`import { basename } from "node:path"`
`3`	`const util = require('util');`
`4`	`const exec = util.promisify(require('child_process').exec);`
`5`
`6`
`7`	`export async function main(repo_url_resource_path: string) {`
`8`	`const cwd = process.cwd();`
`9`	`process.env["HOME"] = ".";`
`10`	console.log(`Cloning repo from resource`);
`11`	`const repo_name = await git_clone(repo_url_resource_path);`
`12`	process.chdir(`${cwd}/${repo_name}`);
`13`	console.log(`Attempting an empty push to repository ${repo_name}`);
`14`	`await git_push();`
`15`	`console.log("Finished");`
`16`	process.chdir(`${cwd}`);
`17`	`}`
`18`
`19`	`async function git_clone(repo_resource_path: string): Promise<string> {`
`20`	`// TODO: handle private SSH keys as well`
`21`	`let repo_url = (await wmill.getResource(repo_resource_path)).url;`
`22`	`const azureMatch = repo_url.match(/AZURE_DEVOPS_TOKEN\((?<url>.+)\)/);`
`23`	`if (azureMatch) {`
`24`	`console.log(`
`25`	`"Requires Azure DevOps service account access token, requesting..."`
`26`	`);`
`27`	`const azureResource = await wmill.getResource(azureMatch.groups.url);`
`28`	`const response = await fetch(`
`29`	`https://login.microsoftonline.com/${azureResource.azureTenantId}/oauth2/token`,
`30`	`{`
`31`	`method: "POST",`
`32`	`body: new URLSearchParams({`
`33`	`client_id: azureResource.azureClientId,`
`34`	`client_secret: azureResource.azureClientSecret,`
`35`	`grant_type: "client_credentials",`
`36`	`resource: "499b84ac-1321-427f-aa17-267ca6975798/.default",`
`37`	`}),`
`38`	`}`
`39`	`);`
`40`	`const { access_token } = await response.json();`
`41`	`repo_url = repo_url.replace(azureMatch[0], access_token);`
`42`	`}`
`43`	`const repo_name = basename(repo_url, ".git");`
`44`	`await sh_run(4, "git", "clone", "--quiet", "--depth", "1", repo_url, repo_name);`
`45`	`return repo_name;`
`46`	`}`
`47`	`async function git_push() {`
`48`	`await sh_run(undefined, "git", "config", "user.email", process.env["WM_EMAIL"])`
`49`	`await sh_run(undefined, "git", "config", "user.name", process.env["WM_USERNAME"])`
`50`	`await sh_run(undefined, "git", "push");`
`51`	`}`
`52`
`53`	`async function sh_run(`
`54`	`secret_position: number \| undefined,`
`55`	`cmd: string,`
`56`	`...args: string[]`
`57`	`) {`
`58`	`const nargs = secret_position != undefined ? args.slice() : args;`
`59`	`if (secret_position && secret_position < 0) {`
`60`	`secret_position = nargs.length - 1 + secret_position;`
`61`	`}`
`62`	`if (secret_position != undefined) {`
`63`	`nargs[secret_position] = "***";`
`64`	`}`
`65`
`66`	console.log(`Running '${cmd} ${nargs.join(" ")} ...'`);
`67`	const command = exec(`${cmd} ${args.join(" ")}`)
`68`	`// new Deno.Command(cmd, {`
`69`	`// args: args,`
`70`	`// });`
`71`	`const { error, stdout, stderr } = await command`
`72`	`if (stdout.length > 0) {`
`73`	`console.log(stdout);`
`74`	`}`
`75`	`if (stderr.length > 0) {`
`76`	`console.log(stderr);`
`77`	`}`
`78`	`if (error) {`
`79`	const err = `SH command '${cmd} ${nargs.join(
`80`	`" "`
`81`	)}' returned with error ${error}`;
`82`	`throw Error(err);`
`83`	`}`
`84`	`console.log("Command successfully executed");`
`85`	`}`
`86`

`1`	`import * as wmill from "npm:windmill-client@1.235.0";`
`2`	`import { basename } from "https://deno.land/std@0.208.0/path/mod.ts";`
`3`
`4`	`export async function main(repo_url_resource_path: string) {`
`5`	`const cwd = Deno.cwd();`
`6`	`Deno.env.set("HOME", ".");`
`7`	console.log(`Cloning repo from resource`);
`8`
`9`	`const repo_name = await git_clone(repo_url_resource_path);`
`10`
`11`	Deno.chdir(`${cwd}/${repo_name}`);
`12`
`13`	console.log(`Attempting an empty push to repository ${repo_name}`);
`14`	`await git_push();`
`15`
`16`	`console.log("Finished");`
`17`	Deno.chdir(`${cwd}`);
`18`	`}`
`19`
`20`	`async function git_clone(repo_resource_path: string): Promise<string> {`
`21`	`// TODO: handle private SSH keys as well`
`22`	`let repo_url = (await wmill.getResource(repo_resource_path)).url;`
`23`
`24`	`const azureMatch = repo_url.match(/AZURE_DEVOPS_TOKEN\((?<url>.+)\)/);`
`25`
`26`	`if (azureMatch) {`
`27`	`console.log(`
`28`	`"Requires Azure DevOps service account access token, requesting..."`
`29`	`);`
`30`	`const azureResource = await wmill.getResource(azureMatch.groups.url);`
`31`
`32`	`const response = await fetch(`
`33`	`https://login.microsoftonline.com/${azureResource.azureTenantId}/oauth2/token`,
`34`	`{`
`35`	`method: "POST",`
`36`	`body: new URLSearchParams({`
`37`	`client_id: azureResource.azureClientId,`
`38`	`client_secret: azureResource.azureClientSecret,`
`39`	`grant_type: "client_credentials",`
`40`	`resource: "499b84ac-1321-427f-aa17-267ca6975798/.default",`
`41`	`}),`
`42`	`}`
`43`	`);`
`44`
`45`	`const { access_token } = await response.json();`
`46`
`47`	`repo_url = repo_url.replace(azureMatch[0], access_token);`
`48`	`}`
`49`
`50`	`const repo_name = basename(repo_url, ".git");`
`51`
`52`	`await sh_run("git", "clone", "--quiet", "--depth", "1", repo_url, repo_name);`
`53`	`return repo_name;`
`54`	`}`
`55`
`56`	`async function git_push() {`
`57`	`await sh_run("git", "config", "user.email", Deno.env.get("WM_EMAIL"));`
`58`	`await sh_run("git", "config", "user.name", Deno.env.get("WM_USERNAME"));`
`59`	`await sh_run("git", "push");`
`60`	`}`
`61`
`62`	`async function sh_run(cmd: string, ...args: string[]) {`
`63`	// console.log(`Running '${cmd} ${args.join(" ")}'`)
`64`	`const command = new Deno.Command(cmd, {`
`65`	`args: args,`
`66`	`});`
`67`	`const { code, stdout: _stdout, stderr: _stderr } = await command.output();`
`68`
`69`	`if (code !== 0) {`
`70`	throw `SH command '${cmd} ${args.join(
`71`	`" "`
`72`	)}' returned with a non-zero status ${code}`;
`73`	`}`
`74`	`}`
`75`