Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
File renamed without changes.
95 changes: 28 additions & 67 deletions src/openhound_github/graphql.py
Original file line number Diff line number Diff line change
Expand Up @@ -118,17 +118,9 @@
ENTERPRISE_SAML_QUERY = """
query EnterpriseSAML($slug: String!, $count: Int = 100, $after: String = null) {
enterprise(slug: $slug) {
id
name
slug
ownerInfo {
samlIdentityProvider {
id
issuer
ssoUrl
digestMethod
signatureMethod
idpCertificate
externalIdentities(first: $count, after: $after) {
totalCount
nodes {
Expand All @@ -141,14 +133,14 @@
username
}
scimIdentity {
username
givenName
familyName
emails {
value
primary
type
value
}
familyName
givenName
username
}
user {
id
Expand All @@ -166,6 +158,26 @@
}
"""

ENTERPRISE_SAML_PROVIDER_QUERY = """
query EnterpriseSAMLProvider($slug: String!) {
enterprise(slug: $slug) {
id
name
slug
ownerInfo {
samlIdentityProvider {
id
issuer
ssoUrl
digestMethod
signatureMethod
idpCertificate
}
}
}
}
"""

TEAMS_QUERY = """
query Teams($login: String!, $count: Int!, $after: String) {
organization(login: $login) {
Expand Down Expand Up @@ -307,56 +319,18 @@
"""

SAML_QUERY = """
query SAML($login: String!, $count: Int = 100, $after: String = null) {
query SAMLProvider($login: String!) {
organization(login: $login) {
id
name
login
samlIdentityProvider {
digestMethod
externalIdentities(first: $count, after: $after) {
nodes {
guid
id
samlIdentity {
attributes {
metadata
name
value
}
familyName
givenName
groups
nameId
username
}
scimIdentity {
emails {
primary
type
value
}
familyName
givenName
groups
username
}
user {
id
login
}
}
pageInfo {
endCursor
hasNextPage
}
totalCount
}
id
idpCertificate
issuer
signatureMethod
ssoUrl
digestMethod
signatureMethod
idpCertificate
}
}
}
Expand All @@ -369,20 +343,13 @@
name
login
samlIdentityProvider {
digestMethod
externalIdentities(first: $count, after: $after) {
nodes {
guid
id
samlIdentity {
attributes {
metadata
name
value
}
familyName
givenName
groups
nameId
username
}
Expand All @@ -394,7 +361,6 @@
}
familyName
givenName
groups
username
}
user {
Expand All @@ -408,11 +374,6 @@
}
totalCount
}
id
idpCertificate
issuer
signatureMethod
ssoUrl
}
}
}
Expand Down
7 changes: 2 additions & 5 deletions src/openhound_github/helpers.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,15 +4,12 @@

from dlt.common import jsonpath
from dlt.sources.helpers import requests
from dlt.sources.helpers.rest_client.auth import AuthConfigBase
from dlt.sources.helpers.rest_client.paginators import (
JSONResponseCursorPaginator,
)
from requests import Request

from openhound_github.auth import (
GitHubAppInstallationAuth,
)

logger = logging.getLogger(__name__)


Expand Down Expand Up @@ -154,7 +151,7 @@ def _has_graphql_errors(response: requests.Response) -> bool:
return isinstance(response_data, dict) and bool(response_data.get("errors"))


def github_retry_policy(auth: GitHubAppInstallationAuth):
def github_retry_policy(auth: AuthConfigBase):
def retry_policy(
response: Optional[requests.Response], exception: Optional[BaseException]
) -> bool:
Expand Down
15 changes: 12 additions & 3 deletions src/openhound_github/kinds/edges.py
Original file line number Diff line number Diff line change
Expand Up @@ -49,9 +49,6 @@
# Other
HAS_SECRET_SCANNING_ALERT = "GH_HasSecretScanningAlert"
VALID_TOKEN = "GH_ValidToken"
HAS_WORKFLOW = "GH_HasWorkflow"
HAS_JOB = "GH_HasJob"
HAS_STEP = "GH_HasStep"
DEPENDS_ON = "GH_DependsOn"
DEPLOYS_TO = "GH_DeploysTo"
CALLS_WORKFLOW = "GH_CallsWorkflow"
Expand Down Expand Up @@ -143,3 +140,15 @@
CAN_PWN_REQUEST = "GH_CanPwnRequest"
CAN_READ_SECRET = "GH_CanReadSecret"
CAN_READ_SECRET_SCANNING_ALERT = "GH_CanReadSecretScanningAlert"

# SAML edges
SAML_IMPLEMENTS = "SAML_Implements"
SAML_ISSUES_AS = "SAML_IssuesAs"
SAML_TRUSTS_ISSUER = "SAML_TrustsIssuer"
SAML_ISSUES_ASSERTIONS_TO = "SAML_IssuesAssertionsTo"
SAML_HAS_ASSERTION_CONSUMER_SERVICE = "SAML_HasAssertionConsumerService"
SAML_HAS_CLAIM_MAPPING = "SAML_HasClaimMapping"
SAML_HAS_ACCOUNT = "SAML_HasAccount"
SAML_ELIGIBLE_FOR = "SAML_EligibleFor"
SAML_ISSUES_ASSERTIONS_FOR = "SAML_IssuesAssertionsFor"
SAML_CAN_SIGN_IN_AS = "SAML_CanSignInAs"
8 changes: 7 additions & 1 deletion src/openhound_github/kinds/nodes.py
Original file line number Diff line number Diff line change
Expand Up @@ -58,8 +58,14 @@
WORKFLOW_JOB = "GH_WorkflowJob"
WORKFLOW_STEP = "GH_WorkflowStep"


# Enterprise nodes
ENTERPRISE = "GH_Enterprise"
ENTERPRISE_TEAM = "GH_EnterpriseTeam"
ENTERPRISE_ROLE = "GH_EnterpriseRole"

# SAML nodes
SAML_FEDERATION_PROVIDER = "SAML_FederationProvider"
SAML_SERVICE_PROVIDER = "SAML_ServiceProvider"
SAML_ISSUER = "SAML_Issuer"
SAML_ASSERTION_CONSUMER_SERVICE = "SAML_AssertionConsumerService"
SAML_CLAIM_MAPPING = "SAML_ClaimMapping"
6 changes: 3 additions & 3 deletions src/openhound_github/lookup.py
Original file line number Diff line number Diff line change
Expand Up @@ -98,10 +98,10 @@ def idp(self) -> list:
)

@lru_cache
def idp_for_org(self, org_login: str) -> list:
def idp_for_environment(self, environment_slug: str) -> list:
return self._find_all_objects(
f"""SELECT id, issuer, sso_url FROM {self.schema}.saml_provider WHERE org_login = ?""",
[org_login],
f"""SELECT id, issuer, sso_url, environment_node_id, environment_name, environment_type FROM {self.schema}.saml_provider WHERE environment_slug = ?""",
[environment_slug],
)

@lru_cache
Expand Down
10 changes: 6 additions & 4 deletions src/openhound_github/models/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -6,15 +6,13 @@
from .branch_push_allowance import BranchPushAllowance
from .enterprise import Enterprise
from .enterprise_admin import EnterpriseAdmin
from .enterprise_external_identity import EnterpriseExternalIdentity
from .enterprise_helpers import enterprise_role_node_id, enterprise_team_node_id
from .enterprise_managed_user import EnterpriseManagedUser
from .enterprise_member import BaseUser, flatten_enterprise_member
from .enterprise_organization import EnterpriseOrganization
from .enterprise_role import EnterpriseRole
from .enterprise_role_team import EnterpriseRoleTeam
from .enterprise_role_user import EnterpriseRoleUser
from .enterprise_saml_provider import EnterpriseSamlProvider
from .enterprise_team import EnterpriseTeam
from .enterprise_team_member import EnterpriseTeamMember
from .enterprise_team_organization import EnterpriseTeamOrganization
Expand All @@ -41,7 +39,10 @@
from .repository_secret import RepoSecret
from .repository_variable import RepoVariable
from .runner import OrgRunner, OrgRunnerGroupMembership, RepoRunner, RunnerGroup
from .saml_assertion_consumer_service import SamlAssertionConsumerService
from .saml_provider import SamlProvider
from .saml_service_provider import SamlServiceProvider
from .saml_issuer import SamlIssuer
from .scim_user import ScimResource
from .secret_scanning_alert import SecretScanningAlert
from .team import Team
Expand Down Expand Up @@ -92,7 +93,10 @@
"ProjectedEnterpriseTeam",
"SelectedOrgSecret",
"PersonalAccessTokenRequest",
"SamlAssertionConsumerService",
"SamlProvider",
"SamlServiceProvider",
"SamlIssuer",
"ExternalIdentity",
"ScimResource",
"RepoRoleAssignment",
Expand All @@ -102,13 +106,11 @@
"EnvironmentBranchPolicy",
"Enterprise",
"EnterpriseAdmin",
"EnterpriseExternalIdentity",
"EnterpriseManagedUser",
"EnterpriseOrganization",
"EnterpriseRole",
"EnterpriseRoleTeam",
"EnterpriseRoleUser",
"EnterpriseSamlProvider",
"EnterpriseTeam",
"EnterpriseTeamMember",
"EnterpriseTeamOrganization",
Expand Down
Loading