-
Notifications
You must be signed in to change notification settings - Fork 68
Expand file tree
/
Copy pathcode_intel_upload.go
More file actions
338 lines (289 loc) · 11.4 KB
/
code_intel_upload.go
File metadata and controls
338 lines (289 loc) · 11.4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
package main
import (
"context"
"encoding/base64"
"encoding/json"
"flag"
"fmt"
"io"
"os"
"strings"
"time"
"github.com/pkg/browser"
"github.com/sourcegraph/sourcegraph/lib/accesstoken"
"github.com/sourcegraph/sourcegraph/lib/codeintel/upload"
"github.com/sourcegraph/sourcegraph/lib/errors"
"github.com/sourcegraph/sourcegraph/lib/output"
)
func init() {
usage := `
Examples:
Before running any of these, first use src auth to authenticate.
Alternately, use the SRC_ACCESS_TOKEN environment variable for
individual src-cli invocations.
If run from within the project itself, src-cli will infer various
flags based on git metadata.
$ src code-intel upload # uploads ./index.scip
If src-cli is invoked outside the project root, or if you're using
a version control system other than git, specify flags explicitly:
$ src code-intel upload -root='' -repo=FOO -commit=BAR -file=index.scip
Upload a SCIP index for a subproject:
$ src code-intel upload -root=cmd/
Upload a SCIP index when lsif.enforceAuth is enabled in site settings:
$ src code-intel upload -github-token=BAZ, or
$ src code-intel upload -gitlab-token=BAZ
`
codeintelCommands = append(codeintelCommands, &command{
flagSet: codeintelUploadFlagSet,
handler: handleCodeIntelUpload,
usageFunc: func() {
fmt.Fprintf(flag.CommandLine.Output(), "Usage of 'src code-intel %s':\n", codeintelUploadFlagSet.Name())
codeintelUploadFlagSet.PrintDefaults()
fmt.Println(usage)
},
})
}
// handleCodeIntelUpload is the handler for `src code-intel upload`.
func handleCodeIntelUpload(args []string) error {
ctx := context.Background()
out, err := parseAndValidateCodeIntelUploadFlags(args)
if !codeintelUploadFlags.json {
if out != nil {
printInferredArguments(out)
} else {
// Always display inferred arguments except when -json is set
printInferredArguments(emergencyOutput())
}
}
if err != nil {
return err
}
client := cfg.apiClient(codeintelUploadFlags.apiFlags, io.Discard)
uploadOptions := codeintelUploadOptions(out)
var uploadID int
if codeintelUploadFlags.gzipCompressed {
uploadID, err = UploadCompressedIndex(ctx, codeintelUploadFlags.file, client, uploadOptions, 0)
} else {
uploadID, err = UploadUncompressedIndex(ctx, codeintelUploadFlags.file, client, uploadOptions)
}
if err != nil {
return handleUploadError(uploadOptions.SourcegraphInstanceOptions.AccessToken, err)
}
uploadURL := makeCodeIntelUploadURL(uploadID)
if codeintelUploadFlags.json {
serialized, err := json.Marshal(map[string]any{
"repo": codeintelUploadFlags.repo,
"commit": codeintelUploadFlags.commit,
"root": codeintelUploadFlags.root,
"file": codeintelUploadFlags.file,
"indexer": codeintelUploadFlags.indexer,
"indexerVersion": codeintelUploadFlags.indexerVersion,
"uploadId": uploadID,
"uploadUrl": uploadURL,
})
if err != nil {
return err
}
fmt.Println(string(serialized))
} else {
if out == nil {
out = emergencyOutput()
}
out.WriteLine(output.Linef(output.EmojiLightbulb, output.StyleItalic, "View processing status at %s", uploadURL))
}
if codeintelUploadFlags.open {
if err := browser.OpenURL(uploadURL); err != nil {
return err
}
}
return nil
}
// codeintelUploadOptions creates a set of upload options given the values in the flags.
func codeintelUploadOptions(out *output.Output) upload.UploadOptions {
var associatedIndexID *int
if codeintelUploadFlags.associatedIndexID != -1 {
associatedIndexID = &codeintelUploadFlags.associatedIndexID
}
cfg.additionalHeaders["Content-Type"] = "application/x-protobuf+scip"
logger := upload.NewRequestLogger(
os.Stdout,
// Don't need to check upper bounds as we only compare verbosity ranges
// It's fine if someone supplies -trace=42, but it will just behave the
// same as if they supplied the highest verbosity level we define
// internally.
upload.RequestLoggerVerbosity(codeintelUploadFlags.verbosity),
)
return upload.UploadOptions{
UploadRecordOptions: upload.UploadRecordOptions{
Repo: codeintelUploadFlags.repo,
Commit: codeintelUploadFlags.commit,
Root: codeintelUploadFlags.root,
Indexer: codeintelUploadFlags.indexer,
IndexerVersion: codeintelUploadFlags.indexerVersion,
AssociatedIndexID: associatedIndexID,
},
SourcegraphInstanceOptions: upload.SourcegraphInstanceOptions{
SourcegraphURL: cfg.endpointURL.String(),
AccessToken: cfg.accessToken,
AdditionalHeaders: cfg.additionalHeaders,
MaxRetries: 5,
RetryInterval: time.Second,
Path: codeintelUploadFlags.uploadRoute,
MaxPayloadSizeBytes: codeintelUploadFlags.maxPayloadSizeMb * 1000 * 1000,
MaxConcurrency: codeintelUploadFlags.maxConcurrency,
GitHubToken: codeintelUploadFlags.gitHubToken,
GitLabToken: codeintelUploadFlags.gitLabToken,
},
OutputOptions: upload.OutputOptions{
Output: out,
Logger: logger,
},
}
}
// printInferredArguments prints a block showing the effective values of flags that are
// inferrably defined. This function is called on all paths except for -json uploads. This
// function no-ops if the given output object is nil.
func printInferredArguments(out *output.Output) {
if out == nil {
return
}
block := out.Block(output.Line(output.EmojiLightbulb, output.StyleItalic, "Inferred arguments"))
block.Writef("repo: %s", codeintelUploadFlags.repo)
block.Writef("commit: %s", codeintelUploadFlags.commit)
block.Writef("root: %s", codeintelUploadFlags.root)
block.Writef("file: %s", codeintelUploadFlags.file)
block.Writef("indexer: %s", codeintelUploadFlags.indexer)
block.Writef("indexerVersion: %s", codeintelUploadFlags.indexerVersion)
block.Close()
}
// makeCodeIntelUploadURL constructs a URL to the upload with the given internal identifier.
// The base of the URL is constructed from the configured Sourcegraph instance.
func makeCodeIntelUploadURL(uploadID int) string {
// Careful: copy by dereference makes a shallow copy, so User is not duplicated.
url := *cfg.endpointURL
graphqlID := base64.URLEncoding.EncodeToString(fmt.Appendf(nil, `SCIPUpload:%d`, uploadID))
url.Path = codeintelUploadFlags.repo + "/-/code-intelligence/uploads/" + graphqlID
return url.String()
}
type errorWithHint struct {
err error
hint string
}
func (e errorWithHint) Error() string {
return fmt.Sprintf("%s\n\n%s\n", e.err, e.hint)
}
// handleUploadError attaches actionable hints to upload errors and returns
// the enriched error. Only called for actual upload failures (not flag validation).
func handleUploadError(accessToken string, err error) error {
if httpErr := findAuthError(err); httpErr != nil {
isUnauthorized := httpErr.Code == 401
isForbidden := httpErr.Code == 403
displayErr := errors.Newf("upload failed: %s", uploadFailureReason(httpErr))
err = errorWithHint{
err: displayErr,
hint: uploadHints(accessToken, isUnauthorized, isForbidden),
}
}
if codeintelUploadFlags.ignoreUploadFailures {
fmt.Println(err.Error())
return nil
}
return err
}
// findAuthError searches the error chain (including multi-errors from retries)
// for a 401 or 403 ErrUnexpectedStatusCode. Returns nil if none is found.
func findAuthError(err error) *ErrUnexpectedStatusCode {
// Check if it's a multi-error and scan all children.
if multi, ok := err.(errors.MultiError); ok {
for _, e := range multi.Errors() {
if found := findAuthError(e); found != nil {
return found
}
}
return nil
}
var httpErr *ErrUnexpectedStatusCode
if errors.As(err, &httpErr) && (httpErr.Code == 401 || httpErr.Code == 403) {
return httpErr
}
return nil
}
// uploadHints builds hint paragraphs for the Sourcegraph access token,
// code host tokens, and a docs link.
func uploadHints(accessToken string, isUnauthorized, isForbidden bool) string {
var causes []string
if h := sourcegraphAccessTokenHint(accessToken, isUnauthorized, isForbidden); h != "" {
causes = append(causes, "- "+h)
}
for _, h := range codeHostTokenHints(isUnauthorized) {
causes = append(causes, "- "+h)
}
var parts []string
parts = append(parts, "Possible causes:\n"+strings.Join(causes, "\n"))
parts = append(parts, "For more details on uploading SCIP indexes, see https://sourcegraph.com/docs/cli/references/code-intel/upload.")
return strings.Join(parts, "\n\n")
}
// sourcegraphAccessTokenHint returns a hint about the Sourcegraph access token
// based on the error type and token state.
func sourcegraphAccessTokenHint(accessToken string, isUnauthorized, isForbidden bool) string {
if isUnauthorized {
if accessToken == "" {
return "No Sourcegraph access token was provided. Set the SRC_ACCESS_TOKEN environment variable to a valid token."
}
if _, parseErr := accesstoken.ParsePersonalAccessToken(accessToken); parseErr != nil {
return "The provided Sourcegraph access token does not match the expected format (sgp_<40 hex chars> or sgp_<instance-id>_<40 hex chars>). Was it copied incorrectly or truncated?"
}
return "The Sourcegraph access token may be invalid, expired, or you may be connecting to the wrong Sourcegraph instance."
}
if isForbidden {
return "You may not have sufficient permissions on this Sourcegraph instance."
}
return ""
}
// codeHostTokenHints returns hints about GitHub or GitLab tokens.
func codeHostTokenHints(isUnauthorized bool) []string {
if codeintelUploadFlags.gitHubToken != "" || strings.HasPrefix(codeintelUploadFlags.repo, "github.com") {
return []string{gitHubTokenHint(isUnauthorized)}
}
if codeintelUploadFlags.gitLabToken != "" || strings.HasPrefix(codeintelUploadFlags.repo, "gitlab.com") {
return []string{gitLabTokenHint(isUnauthorized)}
}
return []string{"Code host verification is supported for github.com and gitlab.com repositories."}
}
// gitHubTokenHint returns a hint about the GitHub token.
// Only called when gitHubToken is set or repo starts with "github.com".
func gitHubTokenHint(isUnauthorized bool) string {
if codeintelUploadFlags.gitHubToken == "" {
return fmt.Sprintf("No -github-token was provided. If this Sourcegraph instance enforces code host authentication, retry with -github-token=<token> for a token with access to %s.", codeintelUploadFlags.repo)
}
if isUnauthorized {
return "The supplied -github-token may be invalid."
}
return "The supplied -github-token may lack the required permissions."
}
// gitLabTokenHint returns a hint about the GitLab token.
// Only called when gitLabToken is set or repo starts with "gitlab.com".
func gitLabTokenHint(isUnauthorized bool) string {
if codeintelUploadFlags.gitLabToken == "" {
return fmt.Sprintf("No -gitlab-token was provided. If this Sourcegraph instance enforces code host authentication, retry with -gitlab-token=<token> for a token with access to %s.", codeintelUploadFlags.repo)
}
if isUnauthorized {
return "The supplied -gitlab-token may be invalid."
}
return "The supplied -gitlab-token may lack the required permissions."
}
// uploadFailureReason returns the server's response body if available, or a
// generic reason derived from the HTTP status code.
func uploadFailureReason(httpErr *ErrUnexpectedStatusCode) string {
if httpErr.Body != "" {
return httpErr.Body
}
if httpErr.Code == 401 {
return "unauthorized"
}
return "forbidden"
}
// emergencyOutput creates a default Output object writing to standard out.
func emergencyOutput() *output.Output {
return output.NewOutput(os.Stdout, output.OutputOpts{})
}