chore: Add graphql to the config for Github #103
Conversation
pkg/config.go
Outdated
| @@ -517,6 +589,23 @@ func LoadConfig(configFiles []string, deploymentId int) (*Config, error) { | |||
| Methods: ParseHttpMethods([]string{"GET", "PUT"}), | |||
| SetRequestHeaders: headers, | |||
| }, | |||
| // Graphql API with specific operations | |||
| AllowlistItem{ | |||
| URL: gitHubBaseUrl.JoinPath("/graphql").String(), | |||
There was a problem hiding this comment.
Where can I see what gitHubBaseUrl is usually set to for people's config? Is it something like https://something.com/api or is it https://something.com
There was a problem hiding this comment.
the graphql endpoint doesn't use /api
There was a problem hiding this comment.
It is from
semgrep-network-broker/pkg/config.go
Line 419 in 3571ef9
baseUrl defined in the config: semgrep-network-broker/README.md
Line 90 in 3571ef9
There was a problem hiding this comment.
Ok I parsed the url to point it to graphql instead but I am not sure if it is foolproof so let me know
| @@ -187,6 +258,7 @@ type AllowlistItem struct { | |||
| LogRequestHeaders bool `mapstructure:"logRequestHeaders" json:"logRequestHeaders"` | |||
| LogResponseBody bool `mapstructure:"logResponseBody" json:"logResponseBody"` | |||
| LogResponseHeaders bool `mapstructure:"logResponseHeaders" json:"logResponseHeaders"` | |||
| GraphQLData *GraphQLFilter `mapstructure:"githubGraphQL" json:"githubGraphQL"` | |||
There was a problem hiding this comment.
can you update the mapstructure and json tags too please?
| @@ -79,6 +79,28 @@ func (config *InboundProxyConfig) Start(tnet *netstack.Net) error { | |||
| return | |||
| } | |||
|
|
|||
| // Just to make sure validate all three of these things before checking | |||
| if allowlistMatch.GraphQLData != nil && | |||
| c.Request.Method == "POST" { | |||
There was a problem hiding this comment.
will there ever be graphql PUTs or PATCHes? might be safer to do != "GET" instead
| @@ -420,6 +492,10 @@ func LoadConfig(configFiles []string, deploymentId int) (*Config, error) { | |||
| if err != nil { | |||
| return nil, fmt.Errorf("failed to parse github base URL: %v", err) | |||
| } | |||
| gitHubBaseUrlGraphQL, err := url.Parse(strings.Replace(gitHub.BaseURL, "/api/v3", "/api/graphql", 1)) | |||
There was a problem hiding this comment.
this feels a bit brittle imo. we've already parsed gitHub.BaseURL into gitHubBaseUrl, so why can't we make a copy and explicitly set foo.Path = "/api/graphql"?
| @@ -178,6 +180,75 @@ func httpMethodsDecodeHook(f reflect.Type, t reflect.Type, data interface{}) (in | |||
| return ParseHttpMethods(methods), nil | |||
| } | |||
|
|
|||
| type graphQlRequest struct { | |||
There was a problem hiding this comment.
uber nit but let's have this be public like everything else (i.e. capital G)
We want to start using graphql exclusive Github api features. This will add support for the graphql endpoint at
https://api.github.com/graphql
https://docs.github.com/en/graphql/guides/forming-calls-with-graphql#the-graphql-endpoint
uses:
https://github.com/semgrep/semgrep-app/pull/17492