remove non secret token options

Author: msukkari

packages/backend/src/utils.ts

@@ -6,7 +6,7 @@ import { PrismaClient, Repo } from "@sourcebot/db";
 import { decrypt } from "@sourcebot/crypto";
 import { Token } from "@sourcebot/schemas/v3/shared.type";
 
-export const measure = async <T>(cb : () => Promise<T>) => {
+export const measure = async <T>(cb: () => Promise<T>) => {
     const start = Date.now();
     const data = await cb();
     const durationMs = Date.now() - start;
@@ -89,38 +89,26 @@ export const excludeReposByTopic = <T extends Repository>(repos: T[], excludedRe
 }
 
 export const getTokenFromConfig = async (token: Token, orgId: number, db?: PrismaClient) => {
-    if (typeof token === 'string') {
-        return token;
+    if (!db) {
+        throw new Error(`Database connection required to retrieve secret`);
     }
-    if ('env' in token) {
-        const tokenValue = process.env[token.env];
-        if (!tokenValue) {
-            throw new Error(`The environment variable '${token.env}' was referenced in the config but was not set.`);
-        }
-        return tokenValue;
-    } else if ('secret' in token) {
-        if (!db) {
-            throw new Error(`Database connection required to retrieve secret`);
-        }
-        
-        const secretKey = token.secret;
-        const secret = await db.secret.findUnique({
-            where: {
-                orgId_key: {
-                    key: secretKey,
-                    orgId
-                }
+
+    const secretKey = token.secret;
+    const secret = await db.secret.findUnique({
+        where: {
+            orgId_key: {
+                key: secretKey,
+                orgId
             }
-        });
-        
-        if (!secret) {
-            throw new Error(`Secret with key ${secretKey} not found for org ${orgId}`);
         }
+    });
 
-        const decryptedSecret = decrypt(secret.iv, secret.encryptedValue);
-        return decryptedSecret;
+    if (!secret) {
+        throw new Error(`Secret with key ${secretKey} not found for org ${orgId}`);
     }
-    throw new Error(`Invalid token configuration in config`);
+
+    const decryptedSecret = decrypt(secret.iv, secret.encryptedValue);
+    return decryptedSecret;
 }
 
 export const isRemotePath = (path: string) => {
@@ -172,7 +160,7 @@ export const fetchWithRetry = async <T>(
     maxAttempts: number = 3
 ): Promise<T> => {
     let attempts = 0;
-    
+
     while (true) {
         try {
             return await fetchFn();

packages/schemas/src/v3/connection.schema.ts

@@ -20,37 +20,17 @@ const schema = {
               "env": "ENV_VAR_CONTAINING_TOKEN"
             }
           ],
-          "anyOf": [
-            {
-              "type": "string"
-            },
-            {
-              "type": "object",
-              "properties": {
-                "env": {
-                  "type": "string",
-                  "description": "The name of the environment variable that contains the token."
-                }
-              },
-              "required": [
-                "env"
-              ],
-              "additionalProperties": false
-            },
-            {
-              "type": "object",
-              "properties": {
-                "secret": {
-                  "type": "string",
-                  "description": "The name of the secret that contains the token."
-                }
-              },
-              "required": [
-                "secret"
-              ],
-              "additionalProperties": false
+          "type": "object",
+          "properties": {
+            "secret": {
+              "type": "string",
+              "description": "The name of the secret that contains the token."
             }
-          ]
+          },
+          "required": [
+            "secret"
+          ],
+          "additionalProperties": false
         },
         "url": {
           "type": "string",

packages/schemas/src/v3/connection.type.ts

@@ -13,23 +13,7 @@ export interface GithubConnectionConfig {
    * GitHub Configuration
    */
   type: "github";
-  /**
-   * A Personal Access Token (PAT).
-   */
-  token?:
-    | string
-    | {
-        /**
-         * The name of the environment variable that contains the token.
-         */
-        env: string;
-      }
-    | {
-        /**
-         * The name of the secret that contains the token.
-         */
-        secret: string;
-      };
+  token?: Token;
   /**
    * The URL of the GitHub host. Defaults to https://github.com
    */
@@ -85,6 +69,15 @@ export interface GithubConnectionConfig {
   };
   revisions?: GitRevisions;
 }
+/**
+ * A Personal Access Token (PAT).
+ */
+export interface Token {
+  /**
+   * The name of the secret that contains the token.
+   */
+  secret: string;
+}
 /**
  * The revisions (branches, tags) that should be included when indexing. The default branch (HEAD) is always indexed.
  */
@@ -103,23 +96,7 @@ export interface GitlabConnectionConfig {
    * GitLab Configuration
    */
   type: "gitlab";
-  /**
-   * An authentication token.
-   */
-  token?:
-    | string
-    | {
-        /**
-         * The name of the environment variable that contains the token.
-         */
-        env: string;
-      }
-    | {
-        /**
-         * The name of the secret that contains the token.
-         */
-        secret: string;
-      };
+  token?: Token1;
   /**
    * The URL of the GitLab host. Defaults to https://gitlab.com
    */
@@ -166,28 +143,21 @@ export interface GitlabConnectionConfig {
   };
   revisions?: GitRevisions;
 }
+/**
+ * An authentication token.
+ */
+export interface Token1 {
+  /**
+   * The name of the secret that contains the token.
+   */
+  secret: string;
+}
 export interface GiteaConnectionConfig {
   /**
    * Gitea Configuration
    */
   type: "gitea";
-  /**
-   * A Personal Access Token (PAT).
-   */
-  token?:
-    | string
-    | {
-        /**
-         * The name of the environment variable that contains the token.
-         */
-        env: string;
-      }
-    | {
-        /**
-         * The name of the secret that contains the token.
-         */
-        secret: string;
-      };
+  token?: Token2;
   /**
    * The URL of the Gitea host. Defaults to https://gitea.com
    */
@@ -220,6 +190,15 @@ export interface GiteaConnectionConfig {
   };
   revisions?: GitRevisions;
 }
+/**
+ * A Personal Access Token (PAT).
+ */
+export interface Token2 {
+  /**
+   * The name of the secret that contains the token.
+   */
+  secret: string;
+}
 export interface GerritConnectionConfig {
   /**
    * Gerrit Configuration

packages/schemas/src/v3/gitea.schema.ts

@@ -16,37 +16,17 @@ const schema = {
           "env": "ENV_VAR_CONTAINING_TOKEN"
         }
       ],
-      "anyOf": [
-        {
-          "type": "string"
-        },
-        {
-          "type": "object",
-          "properties": {
-            "env": {
-              "type": "string",
-              "description": "The name of the environment variable that contains the token."
-            }
-          },
-          "required": [
-            "env"
-          ],
-          "additionalProperties": false
-        },
-        {
-          "type": "object",
-          "properties": {
-            "secret": {
-              "type": "string",
-              "description": "The name of the secret that contains the token."
-            }
-          },
-          "required": [
-            "secret"
-          ],
-          "additionalProperties": false
+      "type": "object",
+      "properties": {
+        "secret": {
+          "type": "string",
+          "description": "The name of the secret that contains the token."
         }
-      ]
+      },
+      "required": [
+        "secret"
+      ],
+      "additionalProperties": false
     },
     "url": {
       "type": "string",

packages/schemas/src/v3/gitea.type.ts

@@ -5,23 +5,7 @@ export interface GiteaConnectionConfig {
    * Gitea Configuration
    */
   type: "gitea";
-  /**
-   * A Personal Access Token (PAT).
-   */
-  token?:
-    | string
-    | {
-        /**
-         * The name of the environment variable that contains the token.
-         */
-        env: string;
-      }
-    | {
-        /**
-         * The name of the secret that contains the token.
-         */
-        secret: string;
-      };
+  token?: Token;
   /**
    * The URL of the Gitea host. Defaults to https://gitea.com
    */
@@ -54,6 +38,15 @@ export interface GiteaConnectionConfig {
   };
   revisions?: GitRevisions;
 }
+/**
+ * A Personal Access Token (PAT).
+ */
+export interface Token {
+  /**
+   * The name of the secret that contains the token.
+   */
+  secret: string;
+}
 /**
  * The revisions (branches, tags) that should be included when indexing. The default branch (HEAD) is always indexed.
  */

packages/schemas/src/v3/github.schema.ts

@@ -16,37 +16,17 @@ const schema = {
           "env": "ENV_VAR_CONTAINING_TOKEN"
         }
       ],
-      "anyOf": [
-        {
-          "type": "string"
-        },
-        {
-          "type": "object",
-          "properties": {
-            "env": {
-              "type": "string",
-              "description": "The name of the environment variable that contains the token."
-            }
-          },
-          "required": [
-            "env"
-          ],
-          "additionalProperties": false
-        },
-        {
-          "type": "object",
-          "properties": {
-            "secret": {
-              "type": "string",
-              "description": "The name of the secret that contains the token."
-            }
-          },
-          "required": [
-            "secret"
-          ],
-          "additionalProperties": false
+      "type": "object",
+      "properties": {
+        "secret": {
+          "type": "string",
+          "description": "The name of the secret that contains the token."
         }
-      ]
+      },
+      "required": [
+        "secret"
+      ],
+      "additionalProperties": false
     },
     "url": {
       "type": "string",