Spaces:

SharathReddy
/

CodexPilot

Sleeping

App Files Files Community

SharathReddy commited on Jul 2, 2025

Commit

174d5ef

verified ·

1 Parent(s): c710fcc

Update app.py

Browse files

Files changed (1) hide show

app.py +36 -52

app.py CHANGED Viewed

@@ -17,23 +17,20 @@ GITHUB_APP_ID = os.getenv("GITHUB_APP_ID")
 GITHUB_PRIVATE_KEY = os.getenv("GITHUB_PRIVATE_KEY")
 # In-memory storage for our repository data (for this simple version)
-# In a real app, you might use Redis or a database.
 repo_data_store = {}
-# --- GitHub App Authentication Logic ---
 def create_jwt(app_id, private_key):
-    """Creates a JSON Web Token to authenticate as a GitHub App."""
     now = int(time.time())
     payload = {
-        "iat": now,  # Issued at time
-        "exp": now + (10 * 60),  # Expiration time (10 minutes)
-        "iss": app_id,  # Issuer (your app's ID)
     }
     return jwt.encode(payload, private_key, algorithm="RS256")
 def get_installation_access_token(installation_id, app_id, private_key):
-    """Gets a temporary access token for a specific installation."""
     app_jwt = create_jwt(app_id, private_key)
     headers = {
         "Authorization": f"Bearer {app_jwt}",
@@ -41,55 +38,40 @@ def get_installation_access_token(installation_id, app_id, private_key):
     }
     url = f"https://api.github.com/app/installations/{installation_id}/access_tokens"
     response = requests.post(url, headers=headers)
-    response.raise_for_status()  # Raise an exception for bad status codes
     return response.json()["token"]
-# --- Repository Management Logic ---
 def process_repository(repo_url, token, repo_full_name):
-    """Clones a repo, parses it, and stores the data."""
-    # Create a temporary directory to clone the repo into
     temp_dir = tempfile.mkdtemp()
     print(f"Cloning {repo_full_name} into {temp_dir}")
     try:
-        # Clone the repository using the installation token
-        # The token is embedded in the URL for authentication
         clone_url = repo_url.replace("https://", f"https://x-access-token:{token}@")
         Repo.clone_from(clone_url, temp_dir)
-        # --- THIS IS WHERE STEP 2.C and 2.D WILL GO ---
-        # For now, we'll just simulate processing
         print(f"Parsing repository {repo_full_name}...")
         # In the next step, we will add AST parsing and vectorization here.
-        # Store some placeholder data
         repo_data_store[repo_full_name] = {"status": "processed", "path": temp_dir}
         print(f"Successfully processed and 'stored' data for {repo_full_name}")
     except Exception as e:
         print(f"Failed to process repository {repo_full_name}: {e}")
-    # finally:
-        # In a real app, you would clean up the temp directory.
-        # For this step, we leave it to inspect if needed.
-        # shutil.rmtree(temp_dir)
 # --- FastAPI App ---
 app = FastAPI()
 async def verify_signature(request: Request):
-    # (This function remains unchanged from Step 1)
     if not GITHUB_WEBHOOK_SECRET:
         raise HTTPException(status_code=500, detail="Webhook secret not configured.")
     signature_header = request.headers.get("X-Hub-Signature-256")
     if not signature_header:
         raise HTTPException(status_code=400, detail="X-Hub-Signature-256 header is missing.")
-    sha_name, signature = signature_header.split("=")
-    if sha_name != "sha256":
-        raise HTTPException(status_code=501, detail="Only sha256 signatures are supported.")
     body = await request.body()
     mac = hmac.new(GITHUB_WEBHOOK_SECRET.encode("utf-8"), msg=body, digestmod=hashlib.sha256)
     if not hmac.compare_digest(mac.hexdigest(), signature):
         raise HTTPException(status_code=400, detail="Invalid signature.")
@@ -100,44 +82,46 @@ def read_root():
 @app.post("/api/github/webhook")
 async def github_webhook(request: Request):
-    """Handles all incoming webhook events from GitHub."""
     await verify_signature(request)
     event_type = request.headers.get("X-GitHub-Event")
     payload = await request.json()
-    print(f"Received event: {event_type}")
-    # --- NEW: Handle Installation Event ---
     if event_type == "installation" and payload.get("action") == "created":
-        installation_id = payload["installation"]["id"]
-        print(f"New installation created! ID: {installation_id}")
         try:
             token = get_installation_access_token(installation_id, GITHUB_APP_ID, GITHUB_PRIVATE_KEY)
-            # The key in the payload is "repositories_added" for this event
-            for repo in payload.get("repositories_added", []):
                 repo_full_name = repo["full_name"]
-                # The correct key for the git URL is 'clone_url'
-                repo_url = repo.get("clone_url") # <--- THIS IS THE FIX
-                if repo_url:
-                    process_repository(repo_url, token, repo_full_name)
-                else:
-                    print(f"Could not find 'clone_url' for repo {repo_full_name}")
         except Exception as e:
-            print(f"Error during installation processing: {e}")
-            raise HTTPException(status_code=500, detail=f"Failed to process installation: {e}")
     elif event_type == "push":
-        pusher = payload.get("pusher", {}).get("name")
         repo_name = payload.get("repository", {}).get("full_name")
-        print(f"Received a push event from {pusher} on repo {repo_name}")
-        # We will add logic here in Step 4
-    elif event_type == "ping":
-        print("Received ping event from GitHub!")
     return {"status": "ok"}

 GITHUB_PRIVATE_KEY = os.getenv("GITHUB_PRIVATE_KEY")
 # In-memory storage for our repository data (for this simple version)
 repo_data_store = {}
+# --- GitHub App Authentication Logic (Unchanged) ---
 def create_jwt(app_id, private_key):
     now = int(time.time())
     payload = {
+        "iat": now,
+        "exp": now + (10 * 60),
+        "iss": app_id,
     }
     return jwt.encode(payload, private_key, algorithm="RS256")
 def get_installation_access_token(installation_id, app_id, private_key):
     app_jwt = create_jwt(app_id, private_key)
     headers = {
         "Authorization": f"Bearer {app_jwt}",
     }
     url = f"https://api.github.com/app/installations/{installation_id}/access_tokens"
     response = requests.post(url, headers=headers)
+    response.raise_for_status()
     return response.json()["token"]
+# --- Repository Management Logic (Unchanged) ---
 def process_repository(repo_url, token, repo_full_name):
     temp_dir = tempfile.mkdtemp()
     print(f"Cloning {repo_full_name} into {temp_dir}")
     try:
         clone_url = repo_url.replace("https://", f"https://x-access-token:{token}@")
         Repo.clone_from(clone_url, temp_dir)
         print(f"Parsing repository {repo_full_name}...")
         # In the next step, we will add AST parsing and vectorization here.
         repo_data_store[repo_full_name] = {"status": "processed", "path": temp_dir}
         print(f"Successfully processed and 'stored' data for {repo_full_name}")
     except Exception as e:
         print(f"Failed to process repository {repo_full_name}: {e}")
 # --- FastAPI App ---
 app = FastAPI()
 async def verify_signature(request: Request):
+    # (This function remains unchanged)
     if not GITHUB_WEBHOOK_SECRET:
         raise HTTPException(status_code=500, detail="Webhook secret not configured.")
     signature_header = request.headers.get("X-Hub-Signature-256")
     if not signature_header:
         raise HTTPException(status_code=400, detail="X-Hub-Signature-256 header is missing.")
     body = await request.body()
+    sha_name, signature = signature_header.split("=")
     mac = hmac.new(GITHUB_WEBHOOK_SECRET.encode("utf-8"), msg=body, digestmod=hashlib.sha256)
     if not hmac.compare_digest(mac.hexdigest(), signature):
         raise HTTPException(status_code=400, detail="Invalid signature.")
 @app.post("/api/github/webhook")
 async def github_webhook(request: Request):
     await verify_signature(request)
     event_type = request.headers.get("X-GitHub-Event")
     payload = await request.json()
+    print(f"Received event: {event_type} with action: {payload.get('action')}")
+    installation_id = payload.get("installation", {}).get("id")
+    if not installation_id:
+        return {"status": "ok", "message": "Event does not pertain to an installation."}
+    # --- REVISED LOGIC ---
+    repos_to_process = []
     if event_type == "installation" and payload.get("action") == "created":
+        # This handles the very first time the app is installed on an account.
+        repos_to_process = payload.get("repositories", [])
+        print(f"Processing 'installation.created' event for repos: {[repo['full_name'] for repo in repos_to_process]}")
+    elif event_type == "installation_repositories" and payload.get("action") == "added":
+        # This handles when a user adds one or more repos to an existing installation.
+        repos_to_process = payload.get("repositories_added", [])
+        print(f"Processing 'installation_repositories.added' event for repos: {[repo['full_name'] for repo in repos_to_process]}")
+    if repos_to_process:
         try:
             token = get_installation_access_token(installation_id, GITHUB_APP_ID, GITHUB_PRIVATE_KEY)
+            for repo in repos_to_process:
                 repo_full_name = repo["full_name"]
+                # The 'html_url' key is not present in the 'installation_repositories' event,
+                # so we construct it manually.
+                repo_url = f"https://github.com/{repo_full_name}"
+                process_repository(repo_url, token, repo_full_name)
         except Exception as e:
+            print(f"Error during repository processing: {e}")
+            # Don't raise HTTPException here to prevent GitHub from disabling the webhook
+    # Handle push events (will be used in Step 4)
     elif event_type == "push":
         repo_name = payload.get("repository", {}).get("full_name")
+        print(f"Received a push event on repo {repo_name}")
     return {"status": "ok"}