chore(refactor): Switch GitHub actions provider to use github sdk (#4563

) * refactor github package and use builder pattern for client * switch to github package * some renamings * fix panic on uninitialized provider * fix according to review comments --------- Co-authored-by: Gulom Alimov <[email protected]> Co-authored-by: Jordi van Liempt <[email protected]>
SAP · Sep 20, 2023 · 3744787 · 3744787
1 parent 1e99326
commit 3744787
Show file tree

Hide file tree

Showing 22 changed files with 661 additions and 416 deletions.
diff --git a/cmd/checkmarxExecuteScan.go b/cmd/checkmarxExecuteScan.go
@@ -105,7 +105,7 @@ func checkmarxExecuteScan(config checkmarxExecuteScanOptions, _ *telemetry.Custo
 	options := piperHttp.ClientOptions{MaxRetries: config.MaxRetries}
 	client.SetOptions(options)
 	// TODO provide parameter for trusted certs
-	ctx, ghClient, err := piperGithub.NewClient(config.GithubToken, config.GithubAPIURL, "", []string{})
+	ctx, ghClient, err := piperGithub.NewClientBuilder(config.GithubToken, config.GithubAPIURL).Build()
 	if err != nil {
 		log.Entry().WithError(err).Warning("Failed to get GitHub client")
 	}

diff --git a/cmd/checkmarxOneExecuteScan.go b/cmd/checkmarxOneExecuteScan.go
@@ -181,7 +181,7 @@ func runStep(config checkmarxOneExecuteScanOptions, influx *checkmarxOneExecuteS
 func Authenticate(config checkmarxOneExecuteScanOptions, influx *checkmarxOneExecuteScanInflux) (checkmarxOneExecuteScanHelper, error) {
 	client := &piperHttp.Client{}
 
-	ctx, ghClient, err := piperGithub.NewClient(config.GithubToken, config.GithubAPIURL, "", []string{})
+	ctx, ghClient, err := piperGithub.NewClientBuilder(config.GithubToken, config.GithubAPIURL).Build()
 	if err != nil {
 		log.Entry().WithError(err).Warning("Failed to get GitHub client")
 	}

diff --git a/cmd/detectExecuteScan.go b/cmd/detectExecuteScan.go
@@ -132,7 +132,9 @@ func newBlackduckSystem(config detectExecuteScanOptions) *blackduckSystem {
 func detectExecuteScan(config detectExecuteScanOptions, _ *telemetry.CustomData, influx *detectExecuteScanInflux) {
 	influx.step_data.fields.detect = false
 
-	ctx, client, err := piperGithub.NewClient(config.GithubToken, config.GithubAPIURL, "", config.CustomTLSCertificateLinks)
+	ctx, client, err := piperGithub.
+		NewClientBuilder(config.GithubToken, config.GithubAPIURL).
+		WithTrustedCerts(config.CustomTLSCertificateLinks).Build()
 	if err != nil {
 		log.Entry().WithError(err).Warning("Failed to get GitHub client")
 	}

diff --git a/cmd/fortifyExecuteScan.go b/cmd/fortifyExecuteScan.go
@@ -114,7 +114,7 @@ var execInPath = exec.LookPath
 
 func fortifyExecuteScan(config fortifyExecuteScanOptions, telemetryData *telemetry.CustomData, influx *fortifyExecuteScanInflux) {
 	// TODO provide parameter for trusted certs
-	ctx, client, err := piperGithub.NewClient(config.GithubToken, config.GithubAPIURL, "", []string{})
+	ctx, client, err := piperGithub.NewClientBuilder(config.GithubToken, config.GithubAPIURL).Build()
 	if err != nil {
 		log.Entry().WithError(err).Warning("Failed to get GitHub client")
 	}
@@ -1116,7 +1116,7 @@ func scanProject(config *fortifyExecuteScanOptions, command fortifyUtils, buildI
 func determinePullRequestMerge(config fortifyExecuteScanOptions) (string, string) {
 	author := ""
 	// TODO provide parameter for trusted certs
-	ctx, client, err := piperGithub.NewClient(config.GithubToken, config.GithubAPIURL, "", []string{})
+	ctx, client, err := piperGithub.NewClientBuilder(config.GithubToken, config.GithubAPIURL).Build()
 	if err == nil && ctx != nil && client != nil {
 		prID, author, err := determinePullRequestMergeGithub(ctx, config, client.PullRequests)
 		if err != nil {

diff --git a/cmd/githubCheckBranchProtection.go b/cmd/githubCheckBranchProtection.go
@@ -20,7 +20,7 @@ type gitHubBranchProtectionRepositoriesService interface {
 
 func githubCheckBranchProtection(config githubCheckBranchProtectionOptions, telemetryData *telemetry.CustomData) {
 	// TODO provide parameter for trusted certs
-	ctx, client, err := piperGithub.NewClient(config.Token, config.APIURL, "", []string{})
+	ctx, client, err := piperGithub.NewClientBuilder(config.Token, config.APIURL).Build()
 	if err != nil {
 		log.Entry().WithError(err).Fatal("Failed to get GitHub client")
 	}

diff --git a/cmd/githubCommentIssue.go b/cmd/githubCommentIssue.go
@@ -17,7 +17,7 @@ type githubIssueCommentService interface {
 
 func githubCommentIssue(config githubCommentIssueOptions, telemetryData *telemetry.CustomData) {
 	// TODO provide parameter for trusted certs
-	ctx, client, err := piperGithub.NewClient(config.Token, config.APIURL, "", []string{})
+	ctx, client, err := piperGithub.NewClientBuilder(config.Token, config.APIURL).Build()
 	if err != nil {
 		log.Entry().WithError(err).Fatal("Failed to get GitHub client")
 	}

diff --git a/cmd/githubCreatePullRequest.go b/cmd/githubCreatePullRequest.go
@@ -21,7 +21,7 @@ type githubIssueService interface {
 
 func githubCreatePullRequest(config githubCreatePullRequestOptions, telemetryData *telemetry.CustomData) {
 	// TODO provide parameter for trusted certs
-	ctx, client, err := piperGithub.NewClient(config.Token, config.APIURL, "", []string{})
+	ctx, client, err := piperGithub.NewClientBuilder(config.Token, config.APIURL).Build()
 	if err != nil {
 		log.Entry().WithError(err).Fatal("Failed to get GitHub client")
 	}

diff --git a/cmd/githubPublishRelease.go b/cmd/githubPublishRelease.go
@@ -31,7 +31,9 @@ type githubIssueClient interface {
 
 func githubPublishRelease(config githubPublishReleaseOptions, telemetryData *telemetry.CustomData) {
 	// TODO provide parameter for trusted certs
-	ctx, client, err := piperGithub.NewClient(config.Token, config.APIURL, config.UploadURL, []string{})
+	ctx, client, err := piperGithub.
+		NewClientBuilder(config.Token, config.APIURL).
+		WithUploadURL(config.UploadURL).Build()
 	if err != nil {
 		log.Entry().WithError(err).Fatal("Failed to get GitHub client.")
 	}

diff --git a/cmd/githubSetCommitStatus.go b/cmd/githubSetCommitStatus.go
@@ -20,7 +20,7 @@ type gitHubCommitStatusRepositoriesService interface {
 
 func githubSetCommitStatus(config githubSetCommitStatusOptions, telemetryData *telemetry.CustomData) {
 	// TODO provide parameter for trusted certs
-	ctx, client, err := piperGithub.NewClient(config.Token, config.APIURL, "", []string{})
+	ctx, client, err := piperGithub.NewClientBuilder(config.Token, config.APIURL).Build()
 	if err != nil {
 		log.Entry().WithError(err).Fatal("Failed to get GitHub client")
 	}

diff --git a/cmd/vaultRotateSecretId.go b/cmd/vaultRotateSecretId.go
@@ -9,7 +9,7 @@ import (
 	"github.com/hashicorp/vault/api"
 
 	"github.com/SAP/jenkins-library/pkg/ado"
-	"github.com/SAP/jenkins-library/pkg/github"
+	piperGithub "github.com/SAP/jenkins-library/pkg/github"
 	"github.com/SAP/jenkins-library/pkg/jenkins"
 	"github.com/SAP/jenkins-library/pkg/vault"
 
@@ -136,7 +136,7 @@ func writeVaultSecretIDToStore(config *vaultRotateSecretIdOptions, secretID stri
 		// Additional info:
 		// https://github.com/google/go-github/blob/master/example/newreposecretwithxcrypto/main.go
 
-		ctx, client, err := github.NewClient(config.GithubToken, config.GithubAPIURL, "", []string{})
+		ctx, client, err := piperGithub.NewClientBuilder(config.GithubToken, config.GithubAPIURL).Build()
 		if err != nil {
 			log.Entry().Warnf("Could not write secret ID back to GitHub Actions: GitHub client not created: %v", err)
 			return err
@@ -148,7 +148,7 @@ func writeVaultSecretIDToStore(config *vaultRotateSecretIdOptions, secretID stri
 			return err
 		}
 
-		encryptedSecret, err := github.CreateEncryptedSecret(config.VaultAppRoleSecretTokenCredentialsID, secretID, publicKey)
+		encryptedSecret, err := piperGithub.CreateEncryptedSecret(config.VaultAppRoleSecretTokenCredentialsID, secretID, publicKey)
 		if err != nil {
 			log.Entry().Warnf("Could not write secret ID back to GitHub Actions: secret encryption failed: %v", err)
 			return err

diff --git a/cmd/whitesourceExecuteScan.go b/cmd/whitesourceExecuteScan.go
@@ -139,7 +139,9 @@ func newWhitesourceScan(config *ScanOptions) *ws.Scan {
 }
 
 func whitesourceExecuteScan(config ScanOptions, _ *telemetry.CustomData, commonPipelineEnvironment *whitesourceExecuteScanCommonPipelineEnvironment, influx *whitesourceExecuteScanInflux) {
-	ctx, client, err := piperGithub.NewClient(config.GithubToken, config.GithubAPIURL, "", config.CustomTLSCertificateLinks)
+	ctx, client, err := piperGithub.
+		NewClientBuilder(config.GithubToken, config.GithubAPIURL).
+		WithTrustedCerts(config.CustomTLSCertificateLinks).Build()
 	if err != nil {
 		log.Entry().WithError(err).Warning("Failed to get GitHub client")
 	}

diff --git a/pkg/codeql/codeql.go b/pkg/codeql/codeql.go
@@ -3,7 +3,7 @@ package codeql
 import (
 	"context"
 
-	sapgithub "github.com/SAP/jenkins-library/pkg/github"
+	piperGithub "github.com/SAP/jenkins-library/pkg/github"
 	"github.com/google/go-github/v45/github"
 )
 
@@ -35,7 +35,9 @@ type CodeqlScanAuditInstance struct {
 
 func (codeqlScanAudit *CodeqlScanAuditInstance) GetVulnerabilities(analyzedRef string) ([]CodeqlFindings, error) {
 	apiUrl := getApiUrl(codeqlScanAudit.serverUrl)
-	ctx, client, err := sapgithub.NewClient(codeqlScanAudit.token, apiUrl, "", codeqlScanAudit.trustedCerts)
+	ctx, client, err := piperGithub.
+		NewClientBuilder(codeqlScanAudit.token, apiUrl).
+		WithTrustedCerts(codeqlScanAudit.trustedCerts).Build()
 	if err != nil {
 		return []CodeqlFindings{}, err
 	}

diff --git a/pkg/github/commit.go b/pkg/github/commit.go
@@ -27,7 +27,7 @@ type FetchCommitResult struct {
 // FetchCommitStatistics looks up the statistics for a certain commit SHA.
 func FetchCommitStatistics(options *FetchCommitOptions) (FetchCommitResult, error) {
 	// create GitHub client
-	ctx, client, err := NewClient(options.Token, options.APIURL, "", options.TrustedCerts)
+	ctx, client, err := NewClientBuilder(options.Token, options.APIURL).WithTrustedCerts(options.TrustedCerts).Build()
 	if err != nil {
 		return FetchCommitResult{}, errors.Wrap(err, "failed to get GitHub client")
 	}

diff --git a/pkg/github/create_issue.go b/pkg/github/create_issue.go
@@ -0,0 +1,103 @@
+package github
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/SAP/jenkins-library/pkg/log"
+	"github.com/google/go-github/v45/github"
+	"github.com/pkg/errors"
+)
+
+// CreateIssueOptions to configure the creation
+type CreateIssueOptions struct {
+	APIURL         string        `json:"apiUrl,omitempty"`
+	Assignees      []string      `json:"assignees,omitempty"`
+	Body           []byte        `json:"body,omitempty"`
+	Owner          string        `json:"owner,omitempty"`
+	Repository     string        `json:"repository,omitempty"`
+	Title          string        `json:"title,omitempty"`
+	UpdateExisting bool          `json:"updateExisting,omitempty"`
+	Token          string        `json:"token,omitempty"`
+	TrustedCerts   []string      `json:"trustedCerts,omitempty"`
+	Issue          *github.Issue `json:"issue,omitempty"`
+}
+
+func CreateIssue(options *CreateIssueOptions) (*github.Issue, error) {
+	ctx, client, err := NewClientBuilder(options.Token, options.APIURL).WithTrustedCerts(options.TrustedCerts).Build()
+	if err != nil {
+		return nil, errors.Wrap(err, "failed to get GitHub client")
+	}
+	return createIssueLocal(ctx, options, client.Issues, client.Search, client.Issues)
+}
+
+func createIssueLocal(
+	ctx context.Context,
+	options *CreateIssueOptions,
+	createIssueService githubCreateIssueService,
+	searchIssuesService githubSearchIssuesService,
+	createCommentService githubCreateCommentService,
+) (*github.Issue, error) {
+	issue := github.IssueRequest{
+		Title: &options.Title,
+	}
+	var bodyString string
+	if len(options.Body) > 0 {
+		bodyString = string(options.Body)
+	} else {
+		bodyString = ""
+	}
+	issue.Body = &bodyString
+	if len(options.Assignees) > 0 {
+		issue.Assignees = &options.Assignees
+	} else {
+		issue.Assignees = &[]string{}
+	}
+
+	var existingIssue *github.Issue = nil
+
+	if options.UpdateExisting {
+		existingIssue = options.Issue
+		if existingIssue == nil {
+			queryString := fmt.Sprintf("is:open is:issue repo:%v/%v in:title %v", options.Owner, options.Repository, options.Title)
+			searchResult, resp, err := searchIssuesService.Issues(ctx, queryString, nil)
+			if err != nil {
+				if resp != nil {
+					log.Entry().Errorf("GitHub search issue returned response code %v", resp.Status)
+				}
+				return nil, errors.Wrap(err, "error occurred when looking for existing issue")
+			} else {
+				for _, value := range searchResult.Issues {
+					if value != nil && *value.Title == options.Title {
+						existingIssue = value
+					}
+				}
+			}
+		}
+
+		if existingIssue != nil {
+			comment := &github.IssueComment{Body: issue.Body}
+			_, resp, err := createCommentService.CreateComment(ctx, options.Owner, options.Repository, *existingIssue.Number, comment)
+			if err != nil {
+				if resp != nil {
+					log.Entry().Errorf("GitHub create comment returned response code %v", resp.Status)
+				}
+				return nil, errors.Wrap(err, "error occurred when adding comment to existing issue")
+			}
+		}
+	}
+
+	if existingIssue == nil {
+		newIssue, resp, err := createIssueService.Create(ctx, options.Owner, options.Repository, &issue)
+		if err != nil {
+			if resp != nil {
+				log.Entry().Errorf("GitHub create issue returned response code %v", resp.Status)
+			}
+			return nil, errors.Wrap(err, "error occurred when creating issue")
+		}
+		log.Entry().Debugf("New issue created: %v", newIssue)
+		existingIssue = newIssue
+	}
+
+	return existingIssue, nil
+}