Skip to content

Commit

Permalink
don't sanitize search query param for list page
Browse files Browse the repository at this point in the history 
http/db: Bound concurrent DB queries (#1)

* add per-auth concurrency-limiting middleware

alerts: address mobile alerts controls bottom margin (#3)

* increase toolbar margin on smaller screens

* adjust whitespace width to the left of the alerts checkbox controls

* slightly reduce alerts checkbox controls bottom margin on desktop

fix ability to navigate back to the active alerts tab (#2)

users: fix name validation for users search (#5)

services: auto select service in alert form (#4)

* rename ServiceOnCallDisplay to ServiceOnCallQuery

* Add empty list message for on call users

* Add space after EP name on a service

* Fix prop names for alerts list show favorites snackbar and alert form

* fix prop names in alert form and alert fab

* revert linting change

services: re-add route to view integration key docs (#6)

* re-add route for integration key api documentation

* use latest markdown component as used in details pages

* update readme title and move email section to bottom

* remove previously used markdown package

* update markdown file to use a table for api parameter options

* format markdown

mailgun: fix signature errors (#7)

* add mailgun config to harness

* Return 400 on form-parse errors, 406 for mailgun

* add mailgun smoketest

* increase max req. body size from 32KiB to 256KiB

auth: update default Auth.RefererURLs behavior (#8)

* Change default referer behavior to same-host

* don't overwrite config with empty object

* fixed a couple integration tests

* add flag to disable HTTPS redirect

Templates (#10)

* added issue templates

docs: Add guides, update READMEs (#9)

* Changes from old repo

* adding screenshot

* tweak to project description

* Simplify dev setup documentation

* resetdb: don't err if db doesn't exist

* Cleanup contributing guidelines a bit

* Update smoketest readme

* add Dockerfile

* getting started guide

* dev setup guide

* add mailgun section

* add note about API-only mode

* attempt to start postgres container on failure (fix dev issue)

* shorten getting started intro

* tweaks to postgres getting started info

* add link to effective Go in CONTRIBUTING.md

* add links to more info for tests

* add go unit test example

* update label query in README

Co-Authored-By: Mitch Cimenski <[email protected]>
Co-Authored-By: Arundhati Rao <[email protected]>

chore: update Go dependencies (#12)

* update switchover code for pgx api changes

* github package api update

* use contrib package for jaeger tracing

* update module files

ui dependencies: webpack-dev-server upgrade to stable version (#11)

* Update webpack-dev-server package.json dependency to stable version

* revert lockfile changes that are unrelated to the webpack-dev-server

* upgrade to latest webpack-dev-server version

ui dependencies: upgrade material-ui and react (#13)

* update mui and react dependencies

* remove useNextVariants from the mui theme

* fix grid spacing breaking changes

* forward required refs to transition components

* fix theme unit spacing breaking changes

* update variant fab button to use fab component

* fix issue with route expecting a function to render

* fix material-select height issue with mui updates

* update material-select to use a valid color prop on typography

* update mui to the latest latest versions

* update react-dom to latest release

* update lockfile version of @hot-loader/react-dom

* user explicit version for @hot-loader/react-dom

* yarn install

ui dependencies: material-ui-pickers update to @material-ui/pickers v3.1.0 (#14)

* update to latest material-ui pickers package

* update imports

* use explicit version of dependency and update package name in webpack config

* yarn lock update

docker: fix default listen address in container (#17)

ui dependencies: non-breaking change package updates (#18)

* update babel and material ui

* upgrade mui lab

* package patch updates

* package minor updates

* webpack upgrade fix to fs

* update node props to allow css-loader to properly build when starting the app

* revert webpack config changes

* major package upates with no relevant breaking changes

* remove some unused packages

* update react-redux and connected-react-router

the latest updates of these two packages are dependent on eachother being up to date simultaneously because of Redux utilizing React's context API

* nonbreaking package upgrades from over the weekend

* fix chance's word props min/max not actually existing

* this.context.router no longer supported, use withRouter to get history prop

* update lockfile

* make check

contactmethod: allow UK (+44) numbers (#22)

* Add support for UK country code (+44)

* Add test cases for UK numbers

* Reference the UK for the Supported Country Code

ui-dependencies: organize package.json dependencies (#20)

* remove some unused packages and organize package.json

* save lockfile

* re-add required types packages as dev dependencies

* add graphql as required dev dependency

make fake slack creds look more fake (#32)

Replacing fake Slack credentials with zeros instead of random so they don't appear to be real ones.

services: favorites test code improvements (#31)

* add favorite support to `createService` mutation

* create new services as favorites

* create `favorites.ts` test suite

Co-authored-by: Anderson Day <[email protected]>
Co-authored-by: Katy <[email protected]>

switchover: hardening & refactor instrumentation (#23)

* fix migration template typo

* automatic trigger generation

* handle pgx migration errors

* make no-pause-api and extra sync default behavior

* proper db identification/validation

* add progress for long operations

* normalize table scanning

* cancelation fixes

* first pass at switchover docs

* include version in DB application_name

* status information improvements

alertlog: graphql2 endpoint (#16)

implementing recentEvents as a field for an alert's log entries.

ep step: allow user selection when Slack is disabled (#36)

* update cypress

* add failing test for ep user selection

* fix the bug

rotations: add user favorites support (#27)

* Added `QuerySetFavoriteButton` component for dynamic favoriting
* Added the ability to favorite rotations

alerts: add `createAlert` mutation (#37)

* gql2 createAlert mutation and smoketest

dev: easily run integration tests by cli (#39)

* Added `--log-errors-only` flag to the backend
* Added `make cy-wide-prod-run` and `make cy-mobile-prod-run` commands for running tests
* Added `make check-all` that runs all integration & smoketests, as well as `make check`
* Updated the runjson tool to support env-params
* Use chrome by default to run tests

allow 10-digit sections in slack tokens (#41)

schedules: add user favorites support (#26)

* Favorites icon for schedules

* New migration and schema changes

* Tests for setting/finding favorites; integration with shared favorites component

* Wizard favorites schedules created automatically and new schedules are favorited on creation. Wizard unit test updated accordingly

config: loosen key validation & guide updates  (#44)

* allow all external config strings to be ASCII

* update docs for new Mailgun UI

Search: update validation for search strings containing spaces (#47)

* new search validation function
* replacing text validation to search validation
  • Loading branch information
@arurao
arurao committed Jul 10, 2019
1 parent 8dce0c6 commit 4b0fb8c
Show file tree
Hide file tree
Showing 187 changed files with 7,813 additions and 3,464 deletions.
52 changes: 52 additions & 0 deletions .github/ISSUE_TEMPLATE/bug_report.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
---
name: Bug report
about: Create a bug report to help us improve
title: ''
labels: bug
assignees: ''

---
<!--
Please search existing issues to avoid creating duplicates.
If the matter is security related, please send an email to [email protected] instead.
-->

**Describe the Bug:**
Provide a clear, concise description of the issue and why you consider it to be a bug.

**Steps to Reproduce:**
1. Go to '...'
2. Click on '....'
3. Scroll down to '....'
4. See error

**Expected Behavior:**
A clear and concise description of what you expected to happen.

**Observed Behavior:**
A clear and concise description of what you observed happening.

**Screenshots/Stack Traces:**
If applicable, add screenshots and/or stack traces to help explain your problem.

**Application Version:**
Output of `goalert version` and/or version information from view-source on the UI.

`
$ goalert version
...
`

**Desktop:**
- OS: [e.g. MacOS, Windows]
- Browser [e.g. Chrome, Safari]
- Version [e.g. 22]

**Smartphone/Tablet:**
- Device: [e.g. iPhone6]
- OS: [e.g. iOS 8.1]
- Browser [e.g. Chrome, Safari]
- Version [e.g. 22]

**Additional Context:**
Add any other context about the problem here.
25 changes: 25 additions & 0 deletions .github/ISSUE_TEMPLATE/feature_request.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
---
name: Feature request
about: Suggest an idea for this project
title: ''
labels: enhancement
assignees: ''

---

<!--
Before opening a feature request, search for similar or duplicates and vote/comment instead.
This helps prioritize new features.
-->

**Is your feature request related to a problem? Please describe:**
A clear and concise description of what the problem is.

**Describe the solution you'd like:**
A clear and concise description of what you want to happen.

**Describe alternatives you've considered:**
A clear and concise description of any alternative solutions or features you've considered.

**Additional context:**
Add any other context or screenshots about the feature request here.
35 changes: 35 additions & 0 deletions .github/PULL_REQUEST_TEMPLATE.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
<!-- Thank you for your contribution to Goalert. -->
<!-- Before submitting this PR, please make sure that you have: -->

- [X] Identified the issue which this PR solves.
- [ ] Read the [**CONTRIBUTING**](https://github.com/target/goalert/blob/master/CONTRIBUTING.md) document.
- [ ] Code builds clean without any errors or warnings.
- [ ] Added appropriate tests for any new functionality.
- [ ] All new and existing tests passed.
- [ ] Added comments in the code, where necessary.
- [ ] Ran `make check` to catch common errors. Fixed any that came up.

**Description:**
Please include a description of the proposed changes.
This should include details if the user experience is impacted.

**Which issue(s) this PR fixes:**
For significant amounts of work, it is best to start an issue first, preferably before the work is started.
For large pull requests, be sure to reference the associated GitHub issue(s).

Usage: `Fixes #<issue number>`, or `Fixes (paste link of issue)`.

**Out of Scope:**
Include any out of scope items here.

**Screenshots:**
If applicable, add some screenshots here.

**Describe any introduced user-facing changes:**
If introducing any user-facing changes, provide a clear description of them.

**Describe any introduced API changes:**
If introducing any API changes, provide a clear description of them.

**Additional Info:**
Any additional information or context.
10 changes: 5 additions & 5 deletions CONTRIBUTING.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,13 +4,13 @@ We welcome feature requests, bug reports and contributions for code and document

## Reporting Issues

Reporting bugs can be done in the GitHub [issue tracker](https://github.com/target/goalert/issues). Please search for a possible pre-existing issue first to help prevent duplicates.
Reporting bugs can be done in the GitHub [issue tracker](https://github.com/target/goalert/issues). Please search for existing issues first to help prevent duplicates.

Please include the version (`goalert version`) with new bug reports.

## Code Contribution

GoAlert is already used in production environments, so any new changes/features/functionality must (where possible):
GoAlert is already used in production environments, so any new changes/features/functionality must, where possible:

- Not alter existing behavior without an explicit config change
- Co-exist with older versions without disruption
Expand All @@ -24,7 +24,7 @@ As an example, things like DB changes/migrations should preserve behavior across

Patches are welcome, but we ask that any significant change start as an [issue](https://github.com/target/goalert/issues/new) in the tracker, prefereably before work is started.

Be sure to run `make check` before opening a PR to catch common errors.
Be sure to run `make check` and tests before opening a PR to catch common errors.

### UI Change Guidelines

Expand All @@ -34,6 +34,6 @@ Be sure to run `make check` before opening a PR to catch common errors.

### Backend Change Guidelines

- Use unit tests as a tool to validate complex logic
- Use unit tests as a tool to validate complex logic. For [example](./schedule/rule/weekdayfilter_test.go).
- New functionality should have a behavioral smoketest at a minimum. For [example](./smoketest/simplenotification_test.go). Documentation on our smoketest framework can be found [here](./smoketest/README.md).
- New Go code should pass `golint`, exported functions/methods should be commented, etc..
- Go code should [follow best practices](https://golang.org/doc/effective_go.html), exported functions/methods should be commented, etc..
29 changes: 19 additions & 10 deletions Makefile
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
.PHONY: stop start build-docker lint tools regendb resetdb
.PHONY: smoketest generate check all test test-long install install-race
.PHONY: cy-wide cy-mobile cy-wide-prod cy-mobile-prod cypress postgres
.PHONY: config.json.bak jest new-migration
.PHONY: config.json.bak jest new-migration check-all cy-wide-prod-run cy-mobile-prod-run
.SUFFIXES:

GOFILES = $(shell find . -path ./web/src -prune -o -path ./vendor -prune -o -path ./.git -prune -o -type f -name "*.go" -print | grep -v web/inline_data_gen.go) go.sum
Expand All @@ -18,11 +18,13 @@ GIT_COMMIT=$(shell git rev-parse HEAD || echo '?')
GIT_TREE=$(shell git diff-index --quiet HEAD -- && echo clean || echo dirty)
BUILD_DATE=$(shell date -u +"%Y-%m-%dT%H:%M:%SZ")

LD_FLAGS+=-X github.com/target/goalert/app.gitCommit=$(GIT_COMMIT)
LD_FLAGS+=-X github.com/target/goalert/app.gitVersion=$(GIT_VERSION)
LD_FLAGS+=-X github.com/target/goalert/app.gitTreeState=$(GIT_TREE)
LD_FLAGS+=-X github.com/target/goalert/app.buildDate=$(BUILD_DATE)
LD_FLAGS+=-X github.com/target/goalert/version.gitCommit=$(GIT_COMMIT)
LD_FLAGS+=-X github.com/target/goalert/version.gitVersion=$(GIT_VERSION)
LD_FLAGS+=-X github.com/target/goalert/version.gitTreeState=$(GIT_TREE)
LD_FLAGS+=-X github.com/target/goalert/version.buildDate=$(BUILD_DATE)

export CY_ACTION = open
export CY_BROWSER = chrome

ifdef LOG_DIR
RUNJSON_ARGS += -logs=$(LOG_DIR)
Expand All @@ -31,6 +33,7 @@ endif
export CGO_ENABLED = 0
export PATH := $(PWD)/bin:$(PATH)
export GOOS = $(shell go env GOOS)
export GOALERT_DB_URL_NEXT = $(DB_URL_NEXT)

ifdef BUNDLE
GOFILES += web/inline_data_gen.go
Expand Down Expand Up @@ -60,9 +63,13 @@ cy-wide: cypress web/src/build/vendorPackages.dll.js
cy-mobile: cypress web/src/build/vendorPackages.dll.js
CYPRESS_viewportWidth=375 CYPRESS_viewportHeight=667 bin/runjson $(RUNJSON_ARGS) <devtools/runjson/localdev-cypress.json
cy-wide-prod: web/inline_data_gen.go cypress
CYPRESS_viewportWidth=1440 CYPRESS_viewportHeight=900 bin/runjson $(RUNJSON_ARGS) <devtools/runjson/localdev-cypress-prod.json
CYPRESS_viewportWidth=1440 CYPRESS_viewportHeight=900 CY_ACTION=$(CY_ACTION) bin/runjson $(RUNJSON_ARGS) <devtools/runjson/localdev-cypress-prod.json
cy-mobile-prod: web/inline_data_gen.go cypress
CYPRESS_viewportWidth=375 CYPRESS_viewportHeight=667 bin/runjson $(RUNJSON_ARGS) <devtools/runjson/localdev-cypress-prod.json
CYPRESS_viewportWidth=375 CYPRESS_viewportHeight=667 CY_ACTION=$(CY_ACTION) bin/runjson $(RUNJSON_ARGS) <devtools/runjson/localdev-cypress-prod.json
cy-wide-prod-run: web/inline_data_gen.go cypress
make cy-wide-prod CY_ACTION=run
cy-mobile-prod-run: web/inline_data_gen.go cypress
make cy-mobile-prod CY_ACTION=run

start: bin/waitfor web/src/node_modules web/src/build/vendorPackages.dll.js bin/runjson
# force rebuild to ensure build-flags are set
Expand All @@ -84,6 +91,7 @@ check: generate web/src/node_modules
(cd web/src && yarn fmt)
./devtools/ci/tasks/scripts/codecheck.sh

check-all: check test smoketest cy-wide-prod-run cy-mobile-prod-run

migrate/inline_data_gen.go: migrate/migrations migrate/migrations/*.sql $(INLINER)
go generate ./migrate
Expand Down Expand Up @@ -137,15 +145,16 @@ web/src/build/vendorPackages.dll.js: web/src/node_modules web/src/webpack.dll.co
(cd web/src && node_modules/.bin/webpack --config ./webpack.dll.config.js --progress)

config.json.bak: bin/goalert
(bin/goalert get-config "--db-url=$(DB_URL)" 2>/dev/null >config.json.new || echo '{"Auth":{"RefererURLs":["http://localhost:3030", "http://[::]:3030", "http://127.0.0.1:3030"]}}' >config.json.new) && mv config.json.new config.json.bak
bin/goalert get-config "--db-url=$(DB_URL)" 2>/dev/null >config.json.new
(test -s config.json.new && test "`cat config.json.new`" != "{}" && mv config.json.new config.json.bak || rm -f config.json.new)

postgres:
docker run -d \
--restart=always \
-e POSTGRES_USER=goalert \
--name goalert-postgres \
-p 5432:5432 \
postgres:11-alpine
postgres:11-alpine || docker start goalert-postgres

regendb: bin/goalert migrate/inline_data_gen.go config.json.bak
go run ./devtools/resetdb --with-rand-data
Expand All @@ -166,5 +175,5 @@ lint: $(GOFILES)
new-migration:
@test "$(NAME)" != "" || (echo "NAME is required" && false)
@test ! -f migrate/migrations/*-$(NAME).sql || (echo "Migration already exists with the name $(NAME)." && false)
@echo "-- +migrate up\n\n\n-- +migrate Down\n" >migrate/migrations/$(shell date +%Y%m%d%H%M%S)-$(NAME).sql
@echo "-- +migrate Up\n\n\n-- +migrate Down\n" >migrate/migrations/$(shell date +%Y%m%d%H%M%S)-$(NAME).sql
@echo "Created: migrate/migrations/$(shell date +%Y%m%d%H%M%S)-$(NAME).sql"
55 changes: 21 additions & 34 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,52 +1,39 @@
# GoAlert

GoAlert is an on-call alerting platform written in Go.
GoAlert provides on-call scheduling, automated escalations and notifications (like SMS or voice calls) to automatically engage the right person, the right way, and at the right time.

## All-In-One (demo) Container
![image](https://user-images.githubusercontent.com/23565500/58896528-c1cdb100-86bb-11e9-96f1-a57198ece062.png)

The quickest way to explore GoAlert is by using the GoAlert [all-in-one container](https://hub.docker.com/r/goalert/all-in-one).
## Installation

- Ensure you have Docker Desktop installed ([Mac](https://docs.docker.com/docker-for-mac/release-notes/) / [Windows](https://docs.docker.com/docker-for-windows/release-notes/))
- `docker run -it --rm --name goalert-demo -p 8081:8081 goalert/all-in-one`
GoAlert is distributed as a single binary with release notes available from the [GitHub Releases](https://github.com/target/goalert/releases) page.

Using a web browser, navigate to `http://localhost:8081` and log in with user `admin` and password `admin123`.
See our [Getting Started Guide](./docs/getting-started.md) for running GoAlert in a production environment.

## Development
### Quick Start

Ensure you have docker, Go, node (and yarn), and make installed.
```bash
docker run -it --rm -p 8081:8081 goalert/all-in-one
```

- If you do not have Postgres installed/configured, first run `make postgres`, GoAlert is built and tested against Postgres 11.
- For the first start, run `make regendb` to migrate and add test data into the DB. This includes an admin user `admin/admin123`.
- To start GoAlert in development mode run `make start`.
- To build the GoAlert binary run `make bin/goalert BUNDLE=1`.
GoAlert will be running at [localhost:8081](http://localhost:8081). You can login with `admin/admin123`.

### Automated Browser Tests
## Contributing

To run automated browser tests, you can start Cypress in one of the following modes:
If you'd like to contribute to GoAlert, please see our [Contributing Guidelines](./CONTRIBUTING.md) and the [Development Setup Guide](./docs/development-setup.md).

- `make cy-wide` Widescreen format, in dev mode.
- `make cy-mobile` Mobile format, in dev mode.
- `make cy-wide-prod` Widescreen format, production build.
- `make cy-mobile-prod` Mobile format, production build.
Please also see our [Code of Conduct](./CODE_OF_CONDUCT.md).

### Running Smoketests
## Contact Us

A suite of functional/behavioral tests are maintained for the backend code. These test various APIs and behaviors
of the GoAlert server component.
If you need help or have a question, the `#goalert` Slack channel is available on [gophers.slack.com](https://gophers.slack.com/messages/goalert/).

Run the full suite with `make smoketest`.
To access Gophers Slack and the `#goalert` channel, you will need an invitation. You request one through the automated process here: https://invite.slack.golangbridge.org/

### Running Unit Tests
- Vote on existing [Feature Requests](https://github.com/target/goalert/issues?q=is%3Aopen+label%3Aenhancement+sort%3Areactions-%2B1-desc) or submit [a new one](https://github.com/target/goalert/issues/new)
- File a [bug report](https://github.com/target/goalert/issues)
- Report security issues to [email protected]

All unit tests can be run with `make test`.
## License

UI Unit tests are found under the directory of the file being tested, with the same file name, appended with `.test.js`. They can be run independently with `make jest`. Watch mode can be enabled with `make jest JEST_ARGS=--watch`.

### Setup Postgres

By default, the development code expects a postgres server configured on port `5432`, with the user and DB `goalert`.

Alternatively, you can run `make postgres` to configure one in a docker container.

- You can reset the dev database with `make resetdb`
- You can reset and generate random data with `make regendb`, this includes generating an admin user `admin/admin123`
GoAlert is licensed under the [Apache License, Version 2.0](./LICENSE.md).
2 changes: 1 addition & 1 deletion alert/legacysearch.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@ func (db *DB) LegacySearch(ctx context.Context, opts *LegacySearchOptions) ([]Al
validate.Range("Limit", opts.Limit, 15, 50),
validate.Range("Offset", opts.Offset, 0, 1000000),
validate.OneOf("SortBy", opts.SortBy, SortByID, SortByStatus, SortByCreatedTime, SortBySummary, SortByServiceName),
validate.Text("Search", opts.Search, 0, 250),
validate.Search("Search", opts.Search),
)
if opts.FavoriteServicesOnlyUserID != "" {
err = validate.Many(err, validate.UUID("FavoriteServicesOnlyUserID", opts.FavoriteServicesOnlyUserID))
Expand Down
Loading

0 comments on commit 4b0fb8c

Please sign in to comment.