Browse Source

refactor: coderabbit review comments

pull/9499/head
Pranav C 2 months ago
parent
commit
b178b7eb25
  1. 12
      packages/nc-secret-cli/src/core/NcConfig.ts
  2. 27
      packages/nc-secret-cli/src/core/NcLogger.ts
  3. 8
      packages/nc-secret-cli/src/core/SecretManager.ts
  4. 2
      packages/nc-secret-cli/src/core/index.ts
  5. 25
      packages/nc-secret-cli/src/core/logger.ts
  6. 9
      packages/nc-secret-cli/src/index.ts
  7. 4
      packages/noco-docs/docs/100.data-sources/050.updating-secret.md
  8. 6
      packages/nocodb/src/cli.ts
  9. 5
      packages/nocodb/src/helpers/initDataSourceEncryption.ts
  10. 6
      packages/nocodb/src/models/Integration.spec.ts
  11. 5
      packages/nocodb/src/models/Integration.ts
  12. 2
      packages/nocodb/src/models/Source.ts
  13. 2
      packages/nocodb/src/providers/init-meta-service.provider.ts
  14. 2
      packages/nocodb/src/services/base-users/base-users.service.spec.ts
  15. 5
      packages/nocodb/src/utils/nc-config/NcConfig.ts
  16. 1
      packages/nocodb/src/version-upgrader/upgraders/0225002_ncDatasourceDecrypt.ts

12
packages/nc-secret-cli/src/core/NcConfig.ts

@ -17,8 +17,6 @@ export class NcConfig {
toolDir: string; toolDir: string;
credentialSecret?: string;
private constructor() { private constructor() {
this.toolDir = getToolDir(); this.toolDir = getToolDir();
} }
@ -32,17 +30,12 @@ export class NcConfig {
databaseUrl?: string; databaseUrl?: string;
}; };
secret?: string; secret?: string;
credentialSecret?: string;
}): Promise<NcConfig> { }): Promise<NcConfig> {
const { meta, secret } = const { meta, secret } =
param; param;
const ncConfig = new NcConfig(); const ncConfig = new NcConfig();
ncConfig.credentialSecret = param.credentialSecret;
if (ncConfig.meta?.db?.connection?.filename) { if (ncConfig.meta?.db?.connection?.filename) {
ncConfig.meta.db.connection.filename = path.join( ncConfig.meta.db.connection.filename = path.join(
ncConfig.toolDir, ncConfig.toolDir,
@ -76,7 +69,6 @@ export class NcConfig {
metaJsonFile: process.env.NC_DB_JSON_FILE, metaJsonFile: process.env.NC_DB_JSON_FILE,
}, },
secret: process.env.NC_AUTH_JWT_SECRET, secret: process.env.NC_AUTH_JWT_SECRET,
credentialSecret: process.env.NC_KEY_CREDENTIAL_ENCRYPT,
}); });
} }
} }
@ -90,8 +82,8 @@ export const getNocoConfig = async (options: {
} ={}) =>{ } ={}) =>{
// check for JDBC url specified in env or options // check for JDBC url specified in env or options
await prepareEnv({ await prepareEnv({
databaseUrl: options.ncDatabaseUrl || process.env.NC_DATABASE_URL || process.env.DATABASE_URL, databaseUrl: options.databaseUrl || process.env.NC_DATABASE_URL || process.env.DATABASE_URL,
databaseUrlFile: options.ncDatabaseUrlFile || process.env.NC_DATABASE_URL_FILE || process.env.DATABASE_URL_FILE, databaseUrlFile: options.databaseUrlFile || process.env.NC_DATABASE_URL_FILE || process.env.DATABASE_URL_FILE,
}) })
// create NocoConfig using utility method which works similar to Nocodb NcConfig with only meta db config // create NocoConfig using utility method which works similar to Nocodb NcConfig with only meta db config

27
packages/nc-secret-cli/src/core/NcLogger.ts

@ -1,27 +0,0 @@
// a class to log messages to the console with colors and styles
export class NcLogger {
static log(message: string) {
console.log(message);
}
static error(message: string) {
console.error('\x1b[31m%s\x1b[0m', 'Error: ' + message);
}
static warn(message: string) {
console.warn('\x1b[33m%s\x1b[0m', 'Warning: ' + message);
}
static info(message: string) {
console.info('\x1b[32m%s\x1b[0m', 'Info: ' + message);
}
static success(message: string) {
console.log('\x1b[32m%s\x1b[0m', 'Success: ' + message);
}
static debug(message: string) {
console.debug('\x1b[34m%s\x1b[0m', 'Debug: ' + message);
}
}

8
packages/nc-secret-cli/src/core/SecretManager.ts

@ -1,5 +1,5 @@
import {NcError} from "./NcError"; import {NcError} from "./NcError";
import {NcLogger} from "./NcLogger"; import * as logger from "./logger";
const { SqlClientFactory, MetaTable, decryptPropIfRequired, encryptPropIfRequired } = require('../nocodb/cli') const { SqlClientFactory, MetaTable, decryptPropIfRequired, encryptPropIfRequired } = require('../nocodb/cli')
@ -17,7 +17,7 @@ export class SecretManager {
// use the sqlClientFactory to create a new sql client and then use testConnection to test the connection // use the sqlClientFactory to create a new sql client and then use testConnection to test the connection
const isValid = await this.sqlClient.testConnection(); const isValid = await this.sqlClient.testConnection();
if (!isValid) { if (!isValid) {
throw new NcError('Invalid database configuration'); throw new NcError('Invalid database configuration. Please verify your database settings and ensure the database is reachable.');
} }
} }
@ -61,7 +61,7 @@ export class SecretManager {
isValid = true; isValid = true;
sourcesToUpdate.push({ ...source, config: decrypted }); sourcesToUpdate.push({ ...source, config: decrypted });
} catch (e) { } catch (e) {
NcLogger.error('Failed to decrypt source configuration : ' + e.message); logger.error('Failed to decrypt source configuration : ' + e.message);
} }
} }
@ -79,7 +79,7 @@ export class SecretManager {
} }
} }
// if all of the decyptions are failed then throw an error // If all decryptions have failed, then throw an error
if (!isValid) { if (!isValid) {
throw new NcError('Invalid old secret or no sources/integrations found'); throw new NcError('Invalid old secret or no sources/integrations found');
} }

2
packages/nc-secret-cli/src/core/index.ts

@ -1,4 +1,4 @@
export * from './NcConfig'; export * from './NcConfig';
export * from './NcError'; export * from './NcError';
export * from './NcLogger'; export * as logger from './logger';
export * from './SecretManager'; export * from './SecretManager';

25
packages/nc-secret-cli/src/core/logger.ts

@ -0,0 +1,25 @@
import chalk from 'chalk';
export function log(message: string) {
console.log(chalk.white(message));
}
export function error(message: string) {
console.error(chalk.red('Error: ' + message));
}
export function warn(message: string) {
console.warn(chalk.yellow('Warning: ' + message));
}
export function info(message: string) {
console.info(chalk.green('Info: ' + message));
}
export function success(message: string) {
console.log(chalk.green('Success: ' + message));
}
export function debug(message: string) {
console.debug(chalk.blue('Debug: ' + message));
}

9
packages/nc-secret-cli/src/index.ts

@ -3,7 +3,7 @@ import { Command } from 'commander';
import { getNocoConfig } from "./core"; import { getNocoConfig } from "./core";
import { SecretManager } from "./core"; import { SecretManager } from "./core";
import { NcError } from "./core"; import { NcError } from "./core";
import { NcLogger } from "./core"; import { logger } from "./core";
console.log(figlet.textSync("NocoDB Secret CLI")); console.log(figlet.textSync("NocoDB Secret CLI"));
@ -18,8 +18,8 @@ program
.option('--nc-db-json-file <char>', 'NocoDB connection database json file path, equivalent to NC_DB_JSON_FILE env variable') .option('--nc-db-json-file <char>', 'NocoDB connection database json file path, equivalent to NC_DB_JSON_FILE env variable')
.option('--database-url <char>', 'JDBC database url, equivalent to DATABASE_URL env variable') .option('--database-url <char>', 'JDBC database url, equivalent to DATABASE_URL env variable')
.option('--database-url-file <char>', 'JDBC database url file path, equivalent to DATABASE_URL_FILE env variable') .option('--database-url-file <char>', 'JDBC database url file path, equivalent to DATABASE_URL_FILE env variable')
.option('-o, --old-secret <char>', 'old secret string to decrypt sources and integrations') .option('-p, --prev <char>', 'old secret string to decrypt sources and integrations')
.option('-n, --new-secret <char>', 'new secret string to encrypt sources and integrations') .option('-n, --new <char>', 'new secret string to encrypt sources and integrations')
.action(async (prevVal, newVal) => { .action(async (prevVal, newVal) => {
try { try {
@ -48,8 +48,7 @@ program
} catch (e) { } catch (e) {
if (e instanceof NcError) { if (e instanceof NcError) {
// print error message in a better way // print error message in a better way
NcLogger.error(e.message); logger.error(e.message);
process.exit(1); process.exit(1);
} }
console.error(e); console.error(e);

4
packages/noco-docs/docs/100.data-sources/050.updating-secret.md

@ -29,7 +29,7 @@ To update a secret in NocoDB, you can use the `nc-secret-cli` package. Follow th
NC_DB="pg://host:port?u=user&p=password&d=database" nc-secret-cli <previous-secret> <new-secret> NC_DB="pg://host:port?u=user&p=password&d=database" nc-secret-cli <previous-secret> <new-secret>
``` ```
Replace `<prev-secret>` with the name of the secret you used previously, and `<new-secret>` with the new value of the secret. Replace `<previous-secret>` with the name of the secret you used previously, and `<new-secret>` with the new value of the secret.
3. After running the command, the secret will be updated in NocoDB. 3. After running the command, the secret will be updated in NocoDB.
@ -44,7 +44,7 @@ Alternatively, you can use the `nc-secret-cli` executable to update secrets.
NC_DB="pg://host:port?u=user&p=password&d=database" ./nc-secret-macos-arm64 update --prev <previous-secret> --new <new-secret> NC_DB="pg://host:port?u=user&p=password&d=database" ./nc-secret-macos-arm64 update --prev <previous-secret> --new <new-secret>
``` ```
Replace `<prev-secret>` with the name of the secret you used previously, and `<new-secret>` with the new value of the secret. Replace `<previous-secret>` with the name of the secret you used previously, and `<new-secret>` with the new value of the secret.
3. After running the command, the secret will be updated in NocoDB. 3. After running the command, the secret will be updated in NocoDB.

6
packages/nocodb/src/cli.ts

@ -1,5 +1,9 @@
export { SqlClientFactory } from '~/db/sql-client/lib/SqlClientFactory'; export { SqlClientFactory } from '~/db/sql-client/lib/SqlClientFactory';
export { MetaTable } from '~/utils/globals'; export { MetaTable } from '~/utils/globals';
export * from '~/utils/encryptDecrypt'; export * from '~/utils/encryptDecrypt';
export { getToolDir, metaUrlToDbConfig, prepareEnv } from '~/utils/nc-config/helpers'; export {
getToolDir,
metaUrlToDbConfig,
prepareEnv,
} from '~/utils/nc-config/helpers';
export { DriverClient } from '~/utils/nc-config/constants'; export { DriverClient } from '~/utils/nc-config/constants';

5
packages/nocodb/src/helpers/initDataSourceEncryption.ts

@ -1,4 +1,3 @@
import process from 'process';
import Noco from '~/Noco'; import Noco from '~/Noco';
import { MetaTable, RootScopes } from '~/utils/globals'; import { MetaTable, RootScopes } from '~/utils/globals';
import { encryptPropIfRequired } from '~/utils'; import { encryptPropIfRequired } from '~/utils';
@ -70,7 +69,7 @@ export default async function initDataSourceEncryption(_ncMeta = Noco.ncMeta) {
await ncMeta.commit(); await ncMeta.commit();
} catch (e) { } catch (e) {
await ncMeta.rollback(); await ncMeta.rollback();
console.error('Failed to encrypt data sources', e); console.error('Failed to encrypt data sources');
process.exit(1); throw e;
} }
} }

6
packages/nocodb/src/models/Integration.spec.ts

@ -3,8 +3,6 @@ import { Integration } from '~/models';
import { MetaTable } from '~/utils/globals'; import { MetaTable } from '~/utils/globals';
import { decryptPropIfRequired } from '~/utils'; import { decryptPropIfRequired } from '~/utils';
// Mock dependencies
jest.mock('~/helpers/catchError');
jest.mock('~/Noco'); jest.mock('~/Noco');
describe('Integration Model', () => { describe('Integration Model', () => {
@ -196,7 +194,9 @@ describe('Integration Model', () => {
const calledWithArgs = mockNcMeta.metaInsert2.mock.calls[0][3]; const calledWithArgs = mockNcMeta.metaInsert2.mock.calls[0][3];
// veify the 'config' field is encrypted // veify the 'config' field is encrypted
expect(calledWithArgs.config).not.toEqual(JSON.stringify(newIntegration.config)); expect(calledWithArgs.config).not.toEqual(
JSON.stringify(newIntegration.config),
);
// Decrypt the 'config' field // Decrypt the 'config' field
const decryptedConfig = decryptPropIfRequired({ data: calledWithArgs }); const decryptedConfig = decryptPropIfRequired({ data: calledWithArgs });

5
packages/nocodb/src/models/Integration.ts

@ -12,7 +12,8 @@ import {
} from '~/utils/modelUtils'; } from '~/utils/modelUtils';
import { import {
decryptPropIfRequired, decryptPropIfRequired,
encryptPropIfRequired, isEncryptionRequired, encryptPropIfRequired,
isEncryptionRequired,
partialExtract, partialExtract,
} from '~/utils'; } from '~/utils';
import { PagedResponseImpl } from '~/helpers/PagedResponse'; import { PagedResponseImpl } from '~/helpers/PagedResponse';
@ -129,7 +130,7 @@ export default class Integration implements IntegrationType {
'deleted', 'deleted',
'config', 'config',
'is_private', 'is_private',
'is_encrypted' 'is_encrypted',
]); ]);
if (updateObj.config) { if (updateObj.config) {

2
packages/nocodb/src/models/Source.ts

@ -70,7 +70,7 @@ export default class Source implements SourceType {
created_at?; created_at?;
updated_at?; updated_at?;
meta?: any; meta?: any;
is_encrypted?: any; is_encrypted?: boolean;
}, },
ncMeta = Noco.ncMeta, ncMeta = Noco.ncMeta,
) { ) {

2
packages/nocodb/src/providers/init-meta-service.provider.ts

@ -14,7 +14,7 @@ import { NcConfig, prepareEnv } from '~/utils/nc-config';
import { MetaTable, RootScopes } from '~/utils/globals'; import { MetaTable, RootScopes } from '~/utils/globals';
import { updateMigrationJobsState } from '~/helpers/migrationJobs'; import { updateMigrationJobsState } from '~/helpers/migrationJobs';
import { initBaseBehavior } from '~/helpers/initBaseBehaviour'; import { initBaseBehavior } from '~/helpers/initBaseBehaviour';
import initDataSourceEncryption from "~/helpers/initDataSourceEncryption"; import initDataSourceEncryption from '~/helpers/initDataSourceEncryption';
export const InitMetaServiceProvider: FactoryProvider = { export const InitMetaServiceProvider: FactoryProvider = {
// initialize app, // initialize app,

2
packages/nocodb/src/services/base-users/base-users.service.spec.ts

@ -1,9 +1,9 @@
import { Test } from '@nestjs/testing'; import { Test } from '@nestjs/testing';
import { mock } from 'jest-mock-extended'; import { mock } from 'jest-mock-extended';
import type { TestingModule } from '@nestjs/testing'; import type { TestingModule } from '@nestjs/testing';
import type { IEventEmitter } from '~/modules/event-emitter/event-emitter.interface';
import { BaseUsersService } from '~/services/base-users/base-users.service'; import { BaseUsersService } from '~/services/base-users/base-users.service';
import { AppHooksService } from '~/services/app-hooks/app-hooks.service'; import { AppHooksService } from '~/services/app-hooks/app-hooks.service';
import { IEventEmitter } from '~/modules/event-emitter/event-emitter.interface';
describe('BaseUsersService', () => { describe('BaseUsersService', () => {
let service: BaseUsersService; let service: BaseUsersService;

5
packages/nocodb/src/utils/nc-config/NcConfig.ts

@ -44,7 +44,6 @@ export class NcConfig {
env: string; env: string;
workingEnv: string; workingEnv: string;
baseType: string; baseType: string;
credentialSecret?: string;
private constructor() {} private constructor() {}
@ -60,7 +59,6 @@ export class NcConfig {
worker?: boolean; worker?: boolean;
dashboardPath?: string; dashboardPath?: string;
publicUrl?: string; publicUrl?: string;
credentialSecret?: string;
}): Promise<NcConfig> { }): Promise<NcConfig> {
const { meta, secret, port, worker, tryMode, publicUrl, dashboardPath } = const { meta, secret, port, worker, tryMode, publicUrl, dashboardPath } =
param; param;
@ -73,8 +71,6 @@ export class NcConfig {
}, },
}; };
ncConfig.credentialSecret = param.credentialSecret;
ncConfig.port = +(port ?? 8080); ncConfig.port = +(port ?? 8080);
ncConfig.toolDir = getToolDir(); ncConfig.toolDir = getToolDir();
ncConfig.worker = worker ?? false; ncConfig.worker = worker ?? false;
@ -152,7 +148,6 @@ export class NcConfig {
worker: !!process.env.NC_WORKER, worker: !!process.env.NC_WORKER,
dashboardPath: process.env.NC_DASHBOARD_URL ?? '/dashboard', dashboardPath: process.env.NC_DASHBOARD_URL ?? '/dashboard',
publicUrl: process.env.NC_PUBLIC_URL, publicUrl: process.env.NC_PUBLIC_URL,
credentialSecret: process.env.NC_KEY_CREDENTIAL_ENCRYPT,
}); });
} }

1
packages/nocodb/src/version-upgrader/upgraders/0225002_ncDatasourceDecrypt.ts

@ -1,4 +1,3 @@
import process from 'process';
import CryptoJS from 'crypto-js'; import CryptoJS from 'crypto-js';
import type { NcUpgraderCtx } from '~/version-upgrader/NcUpgrader'; import type { NcUpgraderCtx } from '~/version-upgrader/NcUpgrader';
import { MetaTable, RootScopes } from '~/utils/globals'; import { MetaTable, RootScopes } from '~/utils/globals';

Loading…
Cancel
Save