wylab/claude-hub
1
0
Fork 0
forked from claude-did-this/claude-hub
Code Issues 1 Pull Requests Activity

Merge pull request #48 from intelligence-assist/fix/trufflehog-scheduled-runs

Browse Source 
Fix TruffleHog failing on scheduled runs
This commit is contained in:
Cheffromspace
2025-05-24 14:05:44 -05:00
committed by GitHub
parent 50f55ddf28 5693d0eecb
commit 1ee760d2fe
6 changed files with 68 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
.github/workflows/deploy.yml vendored
View File

@@ -83,7 +83,7 @@ jobs:
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,prefix={{branch}}-
type=sha
type=raw,value=staging,enable=${{ github.ref == 'refs/heads/main' }}
type=raw,value=latest,enable=${{ startsWith(github.ref, 'refs/tags/v') }}
@@ -92,7 +92,7 @@ jobs:
uses: docker/build-push-action@v5
with:
context: .
push: true
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
@@ -103,14 +103,21 @@ jobs:
name: Security Scanning
runs-on: ubuntu-latest
needs: build
if: github.event_name != 'pull_request'
steps:
- uses: actions/checkout@v4
- name: Extract first image tag
id: first-tag
run: |
FIRST_TAG=$(echo "${{ needs.build.outputs.image-tag }}" | head -n 1)
echo "tag=$FIRST_TAG" >> $GITHUB_OUTPUT
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: ${{ needs.build.outputs.image-tag }}
image-ref: ${{ steps.first-tag.outputs.tag }}
format: 'sarif'
output: 'trivy-results.sarif'

4
.github/workflows/security.yml vendored
View File

@@ -47,8 +47,8 @@ jobs:
uses: trufflesecurity/trufflehog@main
with:
path: ./
base: main
head: HEAD
base: ${{ github.event_name == 'pull_request' && github.event.pull_request.base.sha || '' }}
head: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || '' }}
extra_args: --debug --only-verified
codeql:

2
eslint.config.js
View File

@@ -28,7 +28,7 @@ module.exports = [
},
rules: {
// Error prevention
'no-unused-vars': ['error', { 'argsIgnorePattern': '^_', 'varsIgnorePattern': '^_' }],
'no-unused-vars': ['error', { 'argsIgnorePattern': '^_', 'varsIgnorePattern': '^_', 'caughtErrorsIgnorePattern': '^_' }],
'no-console': 'warn',
'no-debugger': 'error',

8
src/services/claudeService.js
View File

@@ -1,6 +1,4 @@
const { execFileSync, exec } = require('child_process');
const { promisify } = require('util');
const execAsync = promisify(exec);
const { execFileSync } = require('child_process');
// Use sync methods for file operations that need to be synchronous
const fsSync = require('fs');
const path = require('path');
@@ -87,7 +85,7 @@ For real functionality, please configure valid GitHub and Claude API tokens.`;
try {
execFileSync('docker', ['inspect', dockerImageName], { stdio: 'ignore' });
logger.info({ dockerImageName }, 'Docker image already exists');
} catch (e) {
} catch (_e) {
logger.info({ dockerImageName }, 'Building Docker image for Claude Code runner');
execFileSync('docker', ['build', '-f', 'Dockerfile.claudecode', '-t', dockerImageName, '.'], {
cwd: path.join(__dirname, '../..'),
@@ -149,7 +147,7 @@ Please complete this task fully and autonomously.`;
};
// Build docker run command - properly escape values for shell
const envArgs = Object.entries(envVars)
Object.entries(envVars)
.filter(([_, value]) => value !== undefined && value !== '')
.map(([key, value]) => {
// Convert to string and escape shell special characters in the value

70
test-results/jest/results.xml
View File

@@ -1,33 +1,53 @@
<?xml version="1.0" encoding="UTF-8"?>
<testsuites name="jest tests" tests="30" failures="0" errors="0" time="0.65">
<testsuite name="GitHub Controller - Check Suite Events" errors="0" failures="0" skipped="0" timestamp="2025-05-22T21:49:28" time="0.424" tests="6">
<testcase classname="GitHub Controller - Check Suite Events should trigger PR review when check suite succeeds with PRs" name="GitHub Controller - Check Suite Events should trigger PR review when check suite succeeds with PRs" time="0.005">
<testsuites name="jest tests" tests="38" failures="0" errors="0" time="0.646">
<testsuite name="Claude Service" errors="0" failures="0" skipped="0" timestamp="2025-05-24T18:17:16" time="0.346" tests="4">
<testcase classname="Claude Service processCommand should handle test mode correctly" name="Claude Service processCommand should handle test mode correctly" time="0.003">
</testcase>
<testcase classname="Claude Service processCommand should properly set up Docker command in production mode" name="Claude Service processCommand should properly set up Docker command in production mode" time="0.002">
</testcase>
<testcase classname="Claude Service processCommand should handle errors properly" name="Claude Service processCommand should handle errors properly" time="0.014">
</testcase>
<testcase classname="Claude Service processCommand should write long commands to temp files" name="Claude Service processCommand should write long commands to temp files" time="0.001">
</testcase>
</testsuite>
<testsuite name="GitHub Controller - Check Suite Events" errors="0" failures="0" skipped="2" timestamp="2025-05-24T18:17:16" time="0.072" tests="10">
<testcase classname="GitHub Controller - Check Suite Events should trigger PR review when check suite succeeds with PRs and combined status passes" name="GitHub Controller - Check Suite Events should trigger PR review when check suite succeeds with PRs and combined status passes" time="0.004">
</testcase>
<testcase classname="GitHub Controller - Check Suite Events should not trigger PR review when check suite fails" name="GitHub Controller - Check Suite Events should not trigger PR review when check suite fails" time="0.001">
</testcase>
<testcase classname="GitHub Controller - Check Suite Events should not trigger PR review when check suite succeeds but has no PRs" name="GitHub Controller - Check Suite Events should not trigger PR review when check suite succeeds but has no PRs" time="0.001">
</testcase>
<testcase classname="GitHub Controller - Check Suite Events should handle multiple PRs in check suite" name="GitHub Controller - Check Suite Events should handle multiple PRs in check suite" time="0.001">
<testcase classname="GitHub Controller - Check Suite Events should handle multiple PRs in check suite in parallel" name="GitHub Controller - Check Suite Events should handle multiple PRs in check suite in parallel" time="0.002">
</testcase>
<testcase classname="GitHub Controller - Check Suite Events should handle Claude service errors gracefully" name="GitHub Controller - Check Suite Events should handle Claude service errors gracefully" time="0">
<testcase classname="GitHub Controller - Check Suite Events should handle Claude service errors gracefully" name="GitHub Controller - Check Suite Events should handle Claude service errors gracefully" time="0.001">
</testcase>
<testcase classname="GitHub Controller - Check Suite Events should use check suite head_sha when PR head.sha is missing" name="GitHub Controller - Check Suite Events should use check suite head_sha when PR head.sha is missing" time="0">
<testcase classname="GitHub Controller - Check Suite Events should skip PR when head.sha is missing" name="GitHub Controller - Check Suite Events should skip PR when head.sha is missing" time="0.001">
</testcase>
<testcase classname="GitHub Controller - Check Suite Events should skip PR review when combined status is not success" name="GitHub Controller - Check Suite Events should skip PR review when combined status is not success" time="0">
<skipped/>
</testcase>
<testcase classname="GitHub Controller - Check Suite Events should handle combined status API errors" name="GitHub Controller - Check Suite Events should handle combined status API errors" time="0">
<skipped/>
</testcase>
<testcase classname="GitHub Controller - Check Suite Events should handle mixed success and failure in multiple PRs" name="GitHub Controller - Check Suite Events should handle mixed success and failure in multiple PRs" time="0.001">
</testcase>
<testcase classname="GitHub Controller - Check Suite Events should skip PR review when already reviewed at same commit" name="GitHub Controller - Check Suite Events should skip PR review when already reviewed at same commit" time="0">
</testcase>
</testsuite>
<testsuite name="githubService" errors="0" failures="0" skipped="0" timestamp="2025-05-22T21:49:29" time="0.044" tests="10">
<testsuite name="githubService" errors="0" failures="0" skipped="0" timestamp="2025-05-24T18:17:16" time="0.064" tests="10">
<testcase classname="githubService getFallbackLabels should identify bug labels correctly" name="githubService getFallbackLabels should identify bug labels correctly" time="0.001">
</testcase>
<testcase classname="githubService getFallbackLabels should identify feature labels correctly" name="githubService getFallbackLabels should identify feature labels correctly" time="0">
</testcase>
<testcase classname="githubService getFallbackLabels should identify enhancement labels correctly" name="githubService getFallbackLabels should identify enhancement labels correctly" time="0">
<testcase classname="githubService getFallbackLabels should identify enhancement labels correctly" name="githubService getFallbackLabels should identify enhancement labels correctly" time="0.001">
</testcase>
<testcase classname="githubService getFallbackLabels should identify question labels correctly" name="githubService getFallbackLabels should identify question labels correctly" time="0.001">
<testcase classname="githubService getFallbackLabels should identify question labels correctly" name="githubService getFallbackLabels should identify question labels correctly" time="0">
</testcase>
<testcase classname="githubService getFallbackLabels should identify documentation labels correctly" name="githubService getFallbackLabels should identify documentation labels correctly" time="0">
</testcase>
<testcase classname="githubService getFallbackLabels should default to medium priority when no specific priority keywords found" name="githubService getFallbackLabels should default to medium priority when no specific priority keywords found" time="0">
</testcase>
<testcase classname="githubService getFallbackLabels should handle empty descriptions gracefully" name="githubService getFallbackLabels should handle empty descriptions gracefully" time="0">
<testcase classname="githubService getFallbackLabels should handle empty descriptions gracefully" name="githubService getFallbackLabels should handle empty descriptions gracefully" time="0.001">
</testcase>
<testcase classname="githubService addLabelsToIssue - test mode should return mock data in test mode" name="githubService addLabelsToIssue - test mode should return mock data in test mode" time="0">
</testcase>
@@ -36,33 +56,23 @@
<testcase classname="githubService postComment - test mode should return mock comment data in test mode" name="githubService postComment - test mode should return mock comment data in test mode" time="0">
</testcase>
</testsuite>
<testsuite name="AWS Credential Provider" errors="0" failures="0" skipped="0" timestamp="2025-05-22T21:49:29" time="0.044" tests="7">
<testsuite name="AWS Credential Provider" errors="0" failures="0" skipped="0" timestamp="2025-05-24T18:17:16" time="0.036" tests="7">
<testcase classname="AWS Credential Provider should get credentials from AWS profile" name="AWS Credential Provider should get credentials from AWS profile" time="0.001">
</testcase>
<testcase classname="AWS Credential Provider should cache credentials" name="AWS Credential Provider should cache credentials" time="0.001">
</testcase>
<testcase classname="AWS Credential Provider should clear credential cache" name="AWS Credential Provider should clear credential cache" time="0">
</testcase>
<testcase classname="AWS Credential Provider should get Docker environment variables" name="AWS Credential Provider should get Docker environment variables" time="0.001">
<testcase classname="AWS Credential Provider should get Docker environment variables" name="AWS Credential Provider should get Docker environment variables" time="0">
</testcase>
<testcase classname="AWS Credential Provider should throw error if AWS_PROFILE is not set" name="AWS Credential Provider should throw error if AWS_PROFILE is not set" time="0.008">
<testcase classname="AWS Credential Provider should throw error if AWS_PROFILE is not set" name="AWS Credential Provider should throw error if AWS_PROFILE is not set" time="0.006">
</testcase>
<testcase classname="AWS Credential Provider should throw error for non-existent profile" name="AWS Credential Provider should throw error for non-existent profile" time="0.001">
<testcase classname="AWS Credential Provider should throw error for non-existent profile" name="AWS Credential Provider should throw error for non-existent profile" time="0">
</testcase>
<testcase classname="AWS Credential Provider should throw error for incomplete credentials" name="AWS Credential Provider should throw error for incomplete credentials" time="0.001">
</testcase>
</testsuite>
<testsuite name="GitHub Controller" errors="0" failures="0" skipped="0" timestamp="2025-05-22T21:49:29" time="0.043" tests="4">
<testcase classname="GitHub Controller should process a valid webhook with @TestBot mention" name="GitHub Controller should process a valid webhook with @TestBot mention" time="0.002">
</testcase>
<testcase classname="GitHub Controller should reject a webhook with invalid signature" name="GitHub Controller should reject a webhook with invalid signature" time="0.008">
</testcase>
<testcase classname="GitHub Controller should ignore comments without @TestBot mention" name="GitHub Controller should ignore comments without @TestBot mention" time="0.001">
</testcase>
<testcase classname="GitHub Controller should handle errors from Claude service" name="GitHub Controller should handle errors from Claude service" time="0.005">
</testcase>
</testsuite>
<testsuite name="Container Execution E2E Tests" errors="0" failures="0" skipped="0" timestamp="2025-05-22T21:49:29" time="0.022" tests="3">
<testsuite name="Container Execution E2E Tests" errors="0" failures="0" skipped="0" timestamp="2025-05-24T18:17:16" time="0.018" tests="3">
<testcase classname="Container Execution E2E Tests Container should be properly configured" name="Container Execution E2E Tests Container should be properly configured" time="0.001">
</testcase>
<testcase classname="Container Execution E2E Tests Should process a simple Claude request" name="Container Execution E2E Tests Should process a simple Claude request" time="0">
@@ -70,4 +80,14 @@
<testcase classname="Container Execution E2E Tests Should handle errors gracefully" name="Container Execution E2E Tests Should handle errors gracefully" time="0">
</testcase>
</testsuite>
<testsuite name="GitHub Controller" errors="0" failures="0" skipped="0" timestamp="2025-05-24T18:17:16" time="0.039" tests="4">
<testcase classname="GitHub Controller should process a valid webhook with @TestBot mention" name="GitHub Controller should process a valid webhook with @TestBot mention" time="0.002">
</testcase>
<testcase classname="GitHub Controller should reject a webhook with invalid signature" name="GitHub Controller should reject a webhook with invalid signature" time="0.007">
</testcase>
<testcase classname="GitHub Controller should ignore comments without @TestBot mention" name="GitHub Controller should ignore comments without @TestBot mention" time="0">
</testcase>
<testcase classname="GitHub Controller should handle errors from Claude service" name="GitHub Controller should handle errors from Claude service" time="0.004">
</testcase>
</testsuite>
</testsuites>

18
test/unit/services/claudeService.test.js
View File

@@ -49,7 +49,7 @@ jest.mock('../../../src/utils/secureCredentials', () => ({
}));
// Now require the module under test
const { execFileSync, exec } = require('child_process');
const { execFileSync } = require('child_process');
const { writeFileSync } = require('fs');
const { promisify } = require('util');
const { sanitizeBotMentions } = require('../../../src/utils/sanitize');
@@ -92,7 +92,7 @@ describe('Claude Service', () => {
process.env.NODE_ENV = 'production';
// Mock dependencies needed in production mode
execFileSync.mockImplementation((cmd, args, options) => {
execFileSync.mockImplementation((cmd, args, _options) => {
if (args[0] === 'inspect') return '{}';
return 'mocked output';
});
@@ -142,7 +142,7 @@ describe('Claude Service', () => {
process.env.NODE_ENV = 'production';
// Mock the Docker inspect to succeed
execFileSync.mockImplementation((cmd, args, options) => {
execFileSync.mockImplementation((cmd, args, _options) => {
if (args[0] === 'inspect') return '{}';
if (args[0] === 'logs') return 'error logs';
if (args[0] === 'kill') return '';
@@ -192,24 +192,20 @@ describe('Claude Service', () => {
process.env.NODE_ENV = 'production';
// Mock the Docker inspect to succeed
execFileSync.mockImplementation((cmd, args, options) => {
execFileSync.mockImplementation((cmd, args, _options) => {
if (args[0] === 'inspect') return '{}';
return 'mocked output';
});
// Make sure our original command is accessible
const longCommand = options.command;
// Capture file write calls
let capturedFilePath = null;
writeFileSync.mockImplementation((path, content, options) => {
capturedFilePath = path;
writeFileSync.mockImplementation((_path, _content, _options) => {
// File write is mocked
});
// Call the original implementation
try {
await originalProcessCommand(options);
} catch (e) {
} catch (_e) {
// Ignore errors, we just want to check if writeFileSync was called
}