Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Workaround hasura bugs, tweaks to get upserting working #698

Merged
merged 33 commits into from
Jun 2, 2022
Merged

Workaround hasura bugs, tweaks to get upserting working #698

merged 33 commits into from
Jun 2, 2022

Conversation

ajvpot
Copy link
Contributor

@ajvpot ajvpot commented Jun 1, 2022
edited
Loading

Database

Migration

Hasura Metadata

  • Fix relationships for release dependencies and dependents, they were swapped.

genqlient

  • Enable pointers for optional fields to support nullability for custom types like google/uuid returning 00000-000... for MarshalText for nil uuids which is incompatible with hasura upsert.
  • Change npm enums to be correct case
  • Replace genqlient with a patched version that always uses omitempty until Global decorators Khan/genqlient#190 is aresolved.

Workflows

  • Split out github workflow into more steps so logs are less spammy

Misc

  • Cleaned up dead code
  • Merges npm and npm2 packages into npm, removes dead code.

Sample

{
  "data": {
    "package": [
      {
        "id": "cebd943c-f841-4ab5-9144-c0241da0c0b0",
        "name": "svelte",
        "package_maintainers": [
          {
            "maintainer": {
              "name": "paulbgd"
            }
          },
          {
            "maintainer": {
              "name": "rich_harris"
            }
          },
          {
            "maintainer": {
              "name": "conduitry"
            }
          }
        ],
        "releases": [
          {
            "id": "be1f97a4-d679-4f75-95b9-23b7ddef79bf",
            "version": "1.13.6",
            "release_dependencies": [
              {
                "package_name": "babel-core",
                "package_version_query": "^6.23.1",
                "is_dev": false
              },...
           "upstream_data": {
              "_id": "[email protected]",
              "nyc": {
                "exclude": [
                  "src/**/__test__.js"
                ],
                "include": [
                  "src/**/*.js"
                ]
              },
              "bugs": {
                "url": "https://github.com/sveltejs/svelte/issues"
              },
              "dist": {
                "shasum": "716a509f80a6786393883415d79eccff87464881",
                "tarball": "https://registry.npmjs.org/svelte/-/svelte-1.13.6.tgz"
              },
              "main": "compiler/svelte.js",
              "name": "svelte",
              "_from": ".",
              "babel": {...

lunatrace-by-lunasec[bot]
lunatrace-by-lunasec bot reviewed Jun 1, 2022
View reviewed changes
Copy link

@lunatrace-by-lunasec lunatrace-by-lunasec bot left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Build Snapshot Complete

View Full Report

Security Scan Findings

Showing 12 results.

Package Name Versions Severity Locations
immer 8.0.1 Critical 1 location Dismiss
merge 1.2.1 Critical 1 location Dismiss
docs 0.0.0-use.local Critical 1 location Dismiss
pac-resolver 4.2.0 Critical 1 location Dismiss
vm2 3.9.3 Critical 1 location Dismiss
jsonpointer 5.0.0 Critical 1 location Dismiss
through 2.3.8 Critical 1 location Dismiss
ramda 0.24.1 Critical 1 location Dismiss
shell-quote 1.7.2 Critical 1 location Dismiss
ejs 3.1.6 Critical 1 location Dismiss
eventsource 1.1.0 Critical 1 location Dismiss
ejs 2.7.4 Critical 1 location Dismiss

@github-actions
Copy link
Contributor

github-actions bot commented Jun 1, 2022
edited
Loading

Hasura Semantic Diff

Hasura config files have changed. This comment shows which fields have changed ignoring formatting.

Click to expand! 
insert_permissions.0.permission.columns
  + one list entry added:
    - fetched_time

select_permissions.0.permission.columns
  + one list entry added:
    - fetched_time

update_permissions.0.permission.columns
  + one list entry added:
    - fetched_time


array_relationships.release_dependencies.using.foreign_key_constraint_on.column
  ± value change
    - dependency_release_id
    + release_id

array_relationships.release_dependents.using.foreign_key_constraint_on.column
  ± value change
    - release_id
    + dependency_release_id

insert_permissions.0.permission.columns
  + one list entry added:
    - fetched_time

select_permissions.0.permission.columns
  + one list entry added:
    - fetched_time

update_permissions.0.permission.columns
  + one list entry added:
    - fetched_time


diff --git a/lunatrace/bsl/hasura/migrations/lunatrace/1654107375714_move_enums/down.sql b/lunatrace/bsl/hasura/migrations/lunatrace/1654107375714_move_enums/down.sql
new file mode 100644
index 00000000..980c1a94
--- /dev/null
+++ b/lunatrace/bsl/hasura/migrations/lunatrace/1654107375714_move_enums/down.sql
@@ -0,0 +1,52 @@
+CREATE TYPE package.license_source AS ENUM ('manual', 'scan_repo', 'scan_binary', 'api_npm');
+
+CREATE TYPE package.package_manager AS ENUM ('npm');
+
+ALTER TABLE package.release_license
+    ALTER COLUMN source TYPE package.license_source USING source::TEXT::package.license_source;
+
+ALTER TABLE package.package
+    ALTER COLUMN package_manager TYPE package.package_manager USING package_manager::TEXT::package.package_manager;
+
+ALTER TABLE package.maintainer
+    ALTER COLUMN package_manager TYPE package.package_manager USING package_manager::TEXT::package.package_manager;
+
+DROP TYPE public.license_source;
+
+DROP TYPE public.package_manager;
+
+CREATE UNIQUE INDEX ON package.maintainer (package_manager, email);
+ALTER TABLE package.maintainer
+    DROP CONSTRAINT maintainer_package_manager_email_idx;
+
+CREATE UNIQUE INDEX ON package.package_maintainer (package_id, maintainer_id);
+ALTER TABLE package.package_maintainer
+    DROP CONSTRAINT package_maintainer_package_id_maintainer_id_idx;
+
+CREATE UNIQUE INDEX ON package.package (package_manager, custom_registry, name);
+ALTER TABLE package.package
+    DROP CONSTRAINT package_package_manager_custom_registry_name_idx;
+
+CREATE UNIQUE INDEX ON package.release (package_id, version);
+ALTER TABLE package.release
+    DROP CONSTRAINT release_package_id_version_idx;
+
+CREATE UNIQUE INDEX ON package.release_dependency (release_id, package_name, package_version_query);
+ALTER TABLE package.release_dependency
+    DROP CONSTRAINT release_dependency_release_id_package_name_package_version__idx;
+
+CREATE UNIQUE INDEX ON package.license (name);
+ALTER TABLE package.license
+    DROP CONSTRAINT license_name_idx;
+
+ALTER TABLE package.package
+    DROP COLUMN fetched_time;
+
+ALTER TABLE package.release
+    DROP COLUMN fetched_time;
+
+ALTER TABLE package.package
+    ALTER COLUMN custom_registry DROP NOT NULL;
+
+ALTER TABLE package.package
+    ALTER COLUMN custom_registry DROP DEFAULT;
diff --git a/lunatrace/bsl/hasura/migrations/lunatrace/1654107375714_move_enums/up.sql b/lunatrace/bsl/hasura/migrations/lunatrace/1654107375714_move_enums/up.sql
new file mode 100644
index 00000000..950ef398
--- /dev/null
+++ b/lunatrace/bsl/hasura/migrations/lunatrace/1654107375714_move_enums/up.sql
@@ -0,0 +1,52 @@
+CREATE TYPE public.license_source AS ENUM ('manual', 'scan_repo', 'scan_binary', 'api_npm');
+
+CREATE TYPE public.package_manager AS ENUM ('npm');
+
+ALTER TABLE package.release_license
+    ALTER COLUMN source TYPE public.license_source USING source::TEXT::public.license_source;
+
+ALTER TABLE package.package
+    ALTER COLUMN package_manager TYPE public.package_manager USING package_manager::TEXT::public.package_manager;
+
+ALTER TABLE package.maintainer
+    ALTER COLUMN package_manager TYPE public.package_manager USING package_manager::TEXT::public.package_manager;
+
+DROP TYPE package.license_source;
+
+DROP TYPE package.package_manager;
+
+DROP INDEX IF EXISTS package.release_dependency_release_id_package_name_package_version__idx;
+ALTER TABLE package.release_dependency
+    ADD CONSTRAINT release_dependency_release_id_package_name_package_version__idx UNIQUE (release_id, package_name, package_version_query);
+
+DROP INDEX IF EXISTS package.release_package_id_version_idx;
+ALTER TABLE package.release
+    ADD CONSTRAINT release_package_id_version_idx UNIQUE (package_id, version);
+
+DROP INDEX IF EXISTS package.package_maintainer_package_id_maintainer_id_idx;
+ALTER TABLE package.package_maintainer
+    ADD CONSTRAINT package_maintainer_package_id_maintainer_id_idx UNIQUE (package_id, maintainer_id);
+
+DROP INDEX IF EXISTS package.package_package_manager_custom_registry_name_idx;
+ALTER TABLE package.package
+    ADD CONSTRAINT package_package_manager_custom_registry_name_idx UNIQUE (package_manager, custom_registry, name);
+
+DROP INDEX IF EXISTS package.maintainer_package_manager_email_idx;
+ALTER TABLE package.maintainer
+    ADD CONSTRAINT maintainer_package_manager_email_idx UNIQUE (package_manager, email);
+
+DROP INDEX IF EXISTS package.license_name_idx;
+ALTER TABLE package.license
+    ADD CONSTRAINT license_name_idx UNIQUE (name);
+
+ALTER TABLE package.package
+    ADD fetched_time timestamptz;
+
+ALTER TABLE package.release
+    ADD fetched_time timestamptz;
+
+ALTER TABLE package.package
+    ALTER COLUMN custom_registry SET NOT NULL;
+
+ALTER TABLE package.package
+    ALTER COLUMN custom_registry SET DEFAULT '';

@ajvpot ajvpot changed the title Move enums to public schema Workaround hasura bugs, tweaks to get upserting working Jun 1, 2022
@ajvpot ajvpot requested a review from breadchris June 1, 2022 22:32
dev-lunatrace-by-lunasec[bot]
dev-lunatrace-by-lunasec bot reviewed Jun 2, 2022
View reviewed changes
Copy link

@dev-lunatrace-by-lunasec dev-lunatrace-by-lunasec bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LUNATRACE IN DEV MODE

Build Snapshot Complete

View Full Report

Security Scan Findings

Showing 16 results.

Package Name Versions Severity Locations
jackson-databind 2.6.4 Critical 1 location Dismiss
redis 2.8.0 Critical 1 location Dismiss
merge 1.2.1 Critical 1 location Dismiss
docs 0.0.0-use.local Critical 1 location Dismiss
pac-resolver 4.2.0 Critical 1 location Dismiss
immer 8.0.1 Critical 1 location Dismiss
vm2 3.9.3 Critical 1 location Dismiss
jsonpointer 5.0.0 Critical 1 location Dismiss
through 2.3.8 Critical 1 location Dismiss
ramda 0.24.1 Critical 1 location Dismiss
shell-quote 1.7.2 Critical 1 location Dismiss
minimist 0.0.8 Critical 1 location Dismiss
minimist 1.2.5 Critical 2 locations Dismiss
eventsource 1.1.0 Critical 1 location Dismiss
ejs 3.1.6 Critical 1 location Dismiss
ejs 2.7.4 Critical 1 location Dismiss

factoidforrest
factoidforrest approved these changes Jun 2, 2022
View reviewed changes
Copy link
Contributor

@factoidforrest factoidforrest left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nice

@ajvpot ajvpot merged commit 8a0ca43 into master Jun 2, 2022
@freeqaz freeqaz deleted the fix_enums_2 branch September 7, 2022 23:28
breadchris pushed a commit that referenced this pull request Dec 21, 2022
@ajvpot
Workaround hasura bugs, tweaks to get upserting working (#698)
ea8dfa0 
Former-commit-id: 03a1637
Former-commit-id: f594c180ceed054cf8da5ce4ed9c28fb0331d0de
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lunatrace-by-lunasec lunatrace-by-lunasec[bot] lunatrace-by-lunasec[bot] left review comments

@dev-lunatrace-by-lunasec dev-lunatrace-by-lunasec[bot] dev-lunatrace-by-lunasec[bot] left review comments

@factoidforrest factoidforrest factoidforrest approved these changes

@breadchris breadchris Awaiting requested review from breadchris

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ajvpot @factoidforrest