Discord slash command code to grant AWS access #276
Conversation
| @@ -15,7 +15,7 @@ | |||
| "format-fix": "prettier --write .", | |||
| "fix": "npm run lint-fix && npm run format-fix", | |||
| "ngrok": "ngrok http 8787", | |||
| "register": "ts-node-esm src/register.ts" | |||
| "register": "npx ts-node src/register.ts" | |||
There was a problem hiding this comment.
Fixed this command as this is causing problem in local development.
Grant aws access - test cases
Grant aws access
src/utils/awsAccess.ts
Outdated
| if (!response.ok) { | ||
| return fetch(`${DISCORD_BASE_URL}/channels/${channelId}/messages`, { | ||
| method: "POST", | ||
| headers: { | ||
| "Content-Type": "application/json", | ||
| Authorization: `Bot ${env.DISCORD_TOKEN}`, | ||
| }, | ||
| body: JSON.stringify({ | ||
| content: `<@${discordUserId}> Error occurred while granting AWS access: ${response.status} ${response.statusText}`, | ||
| }), | ||
| }); | ||
| } else { | ||
| return fetch(`${DISCORD_BASE_URL}/channels/${channelId}/messages`, { | ||
| method: "POST", | ||
| headers: { | ||
| "Content-Type": "application/json", | ||
| Authorization: `Bot ${env.DISCORD_TOKEN}`, | ||
| }, | ||
| body: JSON.stringify({ | ||
| content: `AWS access granted successfully <@${discordUserId}>! Please head over to AWS - ${AWS_IAM_SIGNIN_URL}.`, | ||
| }), | ||
| }); | ||
| } |
There was a problem hiding this comment.
Generate message based on condition and write API call code only once
src/utils/awsAccess.ts
Outdated
| return fetch(`${DISCORD_BASE_URL}/channels/${channelId}/messages`, { | ||
| method: "POST", | ||
| headers: { | ||
| "Content-Type": "application/json", | ||
| Authorization: `Bot ${env.DISCORD_TOKEN}`, | ||
| }, | ||
| body: JSON.stringify({ | ||
| content: `[TraceId: ${TraceId}] <@${discordUserId}> Error occurred while granting AWS access.`, | ||
| }), | ||
| }); |
There was a problem hiding this comment.
This also, same comment as above
There was a problem hiding this comment.
updated this code, please check
src/constants/commands.ts
Outdated
| { | ||
| name: "S3 read only access", | ||
| value: process.env.S3_READ_ONLY_ACCESS_AWS_GROUP_ID, | ||
| }, |
There was a problem hiding this comment.
We will never do this, I think
There was a problem hiding this comment.
Yeah these have to be replaced with actual values
src/constants/commands.ts
Outdated
| { | ||
| name: "EC2 deployment access", | ||
| value: process.env.EC2_DEPLOYMENT_ACCESS_AWS_GROUP_ID, | ||
| }, | ||
| { | ||
| name: "DDB read only access", | ||
| value: process.env.DDB_READ_ONLY_ACCESS_AWS_GROUP_ID, | ||
| }, | ||
| ], |
There was a problem hiding this comment.
Please add some valid once here
src/utils/awsAccess.ts
Outdated
| channelId: number | ||
| ) { | ||
| const authToken = await jwt.sign( | ||
| { name: "Cloudflare Worker", exp: Math.floor(Date.now() / 1000) + 2 }, |
There was a problem hiding this comment.
What is the name here?
There was a problem hiding this comment.
in the website backend, we check if the auth token has the name "cloudfare workers" to validate the token coming from right source.
There was a problem hiding this comment.
how is a string helping in validating the right source?
There was a problem hiding this comment.
So we create a token in the discord slash commands with name present in payload, this is signed by using the private key and in website backend we validate if the same text is being received post validating the token.
@prakashchoudhary07
There was a problem hiding this comment.
I think we need to discuss on this one
src/utils/awsAccess.ts
Outdated
| TraceId: string, | ||
| channelId: number | ||
| ) { | ||
| const authToken = await jwt.sign( |
There was a problem hiding this comment.
Don't we already have this? why write it again?
There was a problem hiding this comment.
didn't get this comment, we are using this in similar manner in one of the other API too.
There was a problem hiding this comment.
So at every place we are manually signing, So don't already have a common thing to do this, if not then please create one?
There was a problem hiding this comment.
Have created a common utility for this.
src/utils/awsAccess.ts
Outdated
| userId: discordUserId, | ||
| }; | ||
|
|
||
| const url = `${base_url}/aws-access/`; |
There was a problem hiding this comment.
Can you create the URL in constant it self?
There was a problem hiding this comment.
And please share the doc for using it herE?
There was a problem hiding this comment.
do we mean it like
const url = ${base_url}/aws-access this way we have it stored?
There was a problem hiding this comment.
Didn't get this which doc?
And please share the doc for using it herE?
There was a problem hiding this comment.
Please share the AWS API docs like, of what they are doing?
There was a problem hiding this comment.
This is our website backend API, will add the comments there.
Grant aws access
correcting package.json file
src/utils/awsAccess.ts
Outdated
| await fetch(`${DISCORD_BASE_URL}/channels/${channelId}/messages`, { | ||
| method: "POST", | ||
| headers: { | ||
| "Content-Type": "application/json", | ||
| Authorization: `Bot ${env.DISCORD_TOKEN}`, | ||
| }, | ||
| body: JSON.stringify({ | ||
| content: content, | ||
| }), | ||
| }); | ||
| } catch (err) { | ||
| const content = `<@${discordUserId}> Error occurred while granting AWS access.`; | ||
| await fetch(`${DISCORD_BASE_URL}/channels/${channelId}/messages`, { | ||
| method: "POST", | ||
| headers: { | ||
| "Content-Type": "application/json", | ||
| Authorization: `Bot ${env.DISCORD_TOKEN}`, | ||
| }, | ||
| body: JSON.stringify({ | ||
| content: content, | ||
| }), | ||
| }); | ||
| } | ||
| } |
There was a problem hiding this comment.
RE: as same, please refactor this. Also please maintain a separate constant for URL's
src/utils/awsAccess.ts
Outdated
| userId: discordUserId, | ||
| }; | ||
|
|
||
| const url = `${base_url}/aws-access`; |
There was a problem hiding this comment.
Please move the URL to a separate constant sir
There was a problem hiding this comment.
Also please name it more appropriately
There was a problem hiding this comment.
Have created as a constant in the same file as we can use the base URL depending on the env as per config
Date: 19th Oct
Developer Name: Vikhyat
Issue Ticket Number
Real-Dev-Squad/todo-action-items#253
Description
This change is for the discord command to grant AWS access to the developers, we can tag the developer and the group we wanted to add the user in.
Documentation Updated?
Under Feature Flag
Database Changes
Breaking Changes
Development Tested?
Screenshots
Test Coverage