fix(gatekeeper): enhance logging and stabilize upstream polling
All checks were successful
Monorepo Pipeline / ⚡ Prioritize Release (push) Successful in 2s
Monorepo Pipeline / 🧪 Test (push) Successful in 6m38s
Monorepo Pipeline / 🧹 Lint (push) Successful in 7m14s
Monorepo Pipeline / 🏗️ Build (push) Successful in 10m24s
Monorepo Pipeline / 🐳 Build Directus (Base) (push) Successful in 1m39s
Monorepo Pipeline / 🐳 Build Build-Base (push) Successful in 2m7s
Monorepo Pipeline / 🐳 Build Production Runtime (push) Successful in 2m8s
Monorepo Pipeline / 🚀 Release (push) Successful in 2m18s
Monorepo Pipeline / 🐳 Build Gatekeeper (Product) (push) Successful in 6m58s
All checks were successful
Monorepo Pipeline / ⚡ Prioritize Release (push) Successful in 2s
Monorepo Pipeline / 🧪 Test (push) Successful in 6m38s
Monorepo Pipeline / 🧹 Lint (push) Successful in 7m14s
Monorepo Pipeline / 🏗️ Build (push) Successful in 10m24s
Monorepo Pipeline / 🐳 Build Directus (Base) (push) Successful in 1m39s
Monorepo Pipeline / 🐳 Build Build-Base (push) Successful in 2m7s
Monorepo Pipeline / 🐳 Build Production Runtime (push) Successful in 2m8s
Monorepo Pipeline / 🚀 Release (push) Successful in 2m18s
Monorepo Pipeline / 🐳 Build Gatekeeper (Product) (push) Successful in 6m58s
This commit is contained in:
@@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "@mintel/gatekeeper",
|
"name": "@mintel/gatekeeper",
|
||||||
"version": "1.7.11",
|
"version": "1.7.12",
|
||||||
"private": true,
|
"private": true,
|
||||||
"type": "module",
|
"type": "module",
|
||||||
"scripts": {
|
"scripts": {
|
||||||
|
|||||||
@@ -11,6 +11,8 @@ export async function GET(req: NextRequest) {
|
|||||||
|
|
||||||
// 1. URL Parameter Bypass (for automated tests/staging)
|
// 1. URL Parameter Bypass (for automated tests/staging)
|
||||||
const originalUrl = req.headers.get("x-forwarded-uri") || "/";
|
const originalUrl = req.headers.get("x-forwarded-uri") || "/";
|
||||||
|
|
||||||
|
console.log(`[Verify] Check: ${originalUrl} | Cookie: ${session ? "Found" : "Missing"}`);
|
||||||
const host =
|
const host =
|
||||||
req.headers.get("x-forwarded-host") || req.headers.get("host") || "";
|
req.headers.get("x-forwarded-host") || req.headers.get("host") || "";
|
||||||
const proto = req.headers.get("x-forwarded-proto") || "https";
|
const proto = req.headers.get("x-forwarded-proto") || "https";
|
||||||
@@ -54,15 +56,17 @@ export async function GET(req: NextRequest) {
|
|||||||
if (session?.value) {
|
if (session?.value) {
|
||||||
if (session.value === password) {
|
if (session.value === password) {
|
||||||
isAuthenticated = true;
|
isAuthenticated = true;
|
||||||
|
console.log(`[Verify] Legacy password match`);
|
||||||
} else {
|
} else {
|
||||||
try {
|
try {
|
||||||
const payload = JSON.parse(session.value);
|
const payload = JSON.parse(session.value);
|
||||||
if (payload.identity) {
|
if (payload.identity) {
|
||||||
isAuthenticated = true;
|
isAuthenticated = true;
|
||||||
identity = payload.identity;
|
identity = payload.identity;
|
||||||
|
console.log(`[Verify] Identity verified: ${identity}`);
|
||||||
}
|
}
|
||||||
} catch (_e) {
|
} catch (_e) {
|
||||||
// Fallback or old format
|
console.log(`[Verify] JSON Parse failed for cookie: ${session.value.substring(0, 10)}...`);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -116,6 +116,7 @@ export default async function LoginPage({ searchParams }: LoginPageProps) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (userIdentity) {
|
if (userIdentity) {
|
||||||
|
console.log(`[Login] Success: ${userIdentity} | Redirect: ${targetRedirect}`);
|
||||||
const cookieStore = await cookies();
|
const cookieStore = await cookies();
|
||||||
// Store identity in the cookie (simplified for now, ideally signed)
|
// Store identity in the cookie (simplified for now, ideally signed)
|
||||||
const sessionValue = JSON.stringify({
|
const sessionValue = JSON.stringify({
|
||||||
@@ -126,6 +127,8 @@ export default async function LoginPage({ searchParams }: LoginPageProps) {
|
|||||||
|
|
||||||
const isDev = process.env.NODE_ENV === "development";
|
const isDev = process.env.NODE_ENV === "development";
|
||||||
|
|
||||||
|
console.log(`[Login] Setting Cookie: ${authCookieName} | Domain: ${cookieDomain || "Default"}`);
|
||||||
|
|
||||||
cookieStore.set(authCookieName, sessionValue, {
|
cookieStore.set(authCookieName, sessionValue, {
|
||||||
httpOnly: true,
|
httpOnly: true,
|
||||||
secure: !isDev,
|
secure: !isDev,
|
||||||
@@ -136,6 +139,7 @@ export default async function LoginPage({ searchParams }: LoginPageProps) {
|
|||||||
});
|
});
|
||||||
redirect(targetRedirect);
|
redirect(targetRedirect);
|
||||||
} else {
|
} else {
|
||||||
|
console.log(`[Login] Failed for inputs. Redirecting back with error.`);
|
||||||
redirect(`/login?error=1&redirect=${encodeURIComponent(targetRedirect)}`);
|
redirect(`/login?error=1&redirect=${encodeURIComponent(targetRedirect)}`);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -28,20 +28,35 @@ echo "🔎 Searching for upstream release $TAG in $REPO..."
|
|||||||
# We look for runs on the specific ref (refs/tags/vX.Y.Z)
|
# We look for runs on the specific ref (refs/tags/vX.Y.Z)
|
||||||
RUN_QUERY=$(curl -s -H "Authorization: token $GITEA_TOKEN" "$GITEA_API/repos/$REPO/actions/runs?ref=refs/tags/$TAG")
|
RUN_QUERY=$(curl -s -H "Authorization: token $GITEA_TOKEN" "$GITEA_API/repos/$REPO/actions/runs?ref=refs/tags/$TAG")
|
||||||
|
|
||||||
# Gitea returns a list of runs. We take the latest one.
|
# Gitea returns a list of runs. We take the latest one by creation date.
|
||||||
RUN_ID=$(echo "$RUN_QUERY" | jq -r '.workflow_runs[0].id')
|
RUN_ID=$(echo "$RUN_QUERY" | jq -r '.workflow_runs | sort_by(.created_at) | last | .id // empty')
|
||||||
|
|
||||||
if [[ "$RUN_ID" == "null" ]]; then
|
if [[ -z "$RUN_ID" || "$RUN_ID" == "null" ]]; then
|
||||||
echo "⚠️ Warning: No active run found for tag $TAG in $REPO yet. Upstream might be lagging."
|
echo "ℹ️ No recent action run found for tag $TAG in $REPO."
|
||||||
echo " If this is a new tag, it might take a few seconds to appear."
|
echo "🔎 Checking if tag $TAG exists in the repository..."
|
||||||
# Optional: Wait a bit and try once more before failing
|
|
||||||
sleep 10
|
|
||||||
RUN_QUERY=$(curl -s -H "Authorization: token $GITEA_TOKEN" "$GITEA_API/repos/$REPO/actions/runs?ref=refs/tags/$TAG")
|
|
||||||
RUN_ID=$(echo "$RUN_QUERY" | jq -r '.workflow_runs[0].id')
|
|
||||||
|
|
||||||
if [[ "$RUN_ID" == "null" ]]; then
|
TAG_EXISTS=$(curl -s -o /dev/null -w "%{http_code}" -H "Authorization: token $GITEA_TOKEN" "$GITEA_API/repos/$REPO/tags/$TAG")
|
||||||
echo "❌ Error: Could not find any action run for $TAG. Proceeding blindly or failing?"
|
|
||||||
# For safety, we fail if we explicitly requested a version that isn't building
|
if [[ "$TAG_EXISTS" == "200" ]]; then
|
||||||
|
echo "✅ Tag $TAG exists. Assuming it was released successfully in the past."
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "⚠️ Warning: Tag $TAG not found either. Upstream might be lagging or the version is invalid."
|
||||||
|
echo " Waiting 15s to see if it appears..."
|
||||||
|
sleep 15
|
||||||
|
|
||||||
|
RUN_QUERY=$(curl -s -H "Authorization: token $GITEA_TOKEN" "$GITEA_API/repos/$REPO/actions/runs?ref=refs/tags/$TAG")
|
||||||
|
RUN_ID=$(echo "$RUN_QUERY" | jq -r '.workflow_runs[0].id // empty')
|
||||||
|
|
||||||
|
if [[ -z "$RUN_ID" || "$RUN_ID" == "null" ]]; then
|
||||||
|
# Final check for tag
|
||||||
|
TAG_EXISTS=$(curl -s -o /dev/null -w "%{http_code}" -H "Authorization: token $GITEA_TOKEN" "$GITEA_API/repos/$REPO/tags/$TAG")
|
||||||
|
if [[ "$TAG_EXISTS" == "200" ]]; then
|
||||||
|
echo "✅ Tag $TAG finally detected. Proceeding."
|
||||||
|
exit 0
|
||||||
|
fi
|
||||||
|
echo "❌ Error: Could not find any action run OR tag for $TAG in $REPO."
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|||||||
Reference in New Issue
Block a user