sourcegraph icon indicating copy to clipboard operation
sourcegraph copied to clipboard

Published 20 hours ago verified publisher icon sourcegraph

database: Don't allow empty code host config

Open ryanslade opened this issue 2 years ago • 2 comments

We already have db constraint to stop this in most cases, but when we have encryption enabled then even an empty config is converted into an encrypted value so we need to do the check in our application layer too.

Closes https://github.com/sourcegraph/sourcegraph/issues/41924

Test plan

New unit tests added

ryanslade avatar Sep 23 '22 09:09 ryanslade

Codenotify: Notifying subscribers in CODENOTIFY files for diff 26a1f95159ab8e353c2c892b09d4b62b70dd0ea5...a1e91f4b24f8584f8be840e5516f61be76c9a9f8.

Notify File(s)
@eseliger enterprise/internal/batches/testing/repos.go
internal/database/external_services.go
internal/database/external_services_test.go
internal/database/repos_perm_test.go
internal/extsvc/types.go
internal/usagestats/batches_test.go
@indradhanush enterprise/cmd/repo-updater/internal/authz/integration_test.go
internal/repos/github_webhook_handler_test.go
internal/repos/status_messages_test.go
internal/repos/store_test.go
internal/repos/sync_worker_test.go
internal/repos/syncer_test.go
internal/repos/webhook_build_handler_test.go
@sashaostrikov internal/repos/github_webhook_handler_test.go
internal/repos/status_messages_test.go
internal/repos/store_test.go
internal/repos/sync_worker_test.go
internal/repos/syncer_test.go
internal/repos/webhook_build_handler_test.go
@unknwon enterprise/cmd/repo-updater/internal/authz/integration_test.go
internal/database/external_services.go
internal/database/external_services_test.go
internal/database/repos_perm_test.go
internal/repos/store_test.go

sourcegraph-bot avatar Sep 23 '22 09:09 sourcegraph-bot

Should we instead say the config has to be parseable?

eseliger avatar Sep 24 '22 12:09 eseliger

Should we instead say the config has to be parseable?

@eseliger I'm going to look into this today.

We already have the MakeValidateExternalServiceConfigFunc function which appears to do what we want and even checks the JSON against our schema. I'll look into whether we've missed calling that somewhere or if there's a bug somewhere in that code.

ryanslade avatar Sep 26 '22 09:09 ryanslade

Might be that this PR would fix it, too (didn't dive too deep): https://github.com/sourcegraph/sourcegraph/pull/42039

eseliger avatar Sep 26 '22 09:09 eseliger

Might be that this PR would fix it, too (didn't dive too deep): #42039

That PR assumes we were doing the validation correctly in all cases, but we weren't doing it for the Upsert case.

ryanslade avatar Sep 27 '22 10:09 ryanslade

PTAL

ryanslade avatar Sep 27 '22 10:09 ryanslade

This change has broken a lot of tests outside of the internal/database package. I'll go though and update them. I think in most cases it's because we use dummy code host config that doesn't conform to our schema.

ryanslade avatar Sep 27 '22 10:09 ryanslade