supporting gitlab connections (#1921)

* gitlab connections

Author: motatoes

backend/controllers/connections.go

@@ -39,7 +39,7 @@ func ListVCSConnectionsApi(c *gin.Context) {
 	connectionsSlim := lo.Map(connections, func(c models.VCSConnection, i int) gin.H {
 		return gin.H{
 			"connection_id":   c.ID,
-			"vcs":             "bitbucket",
+			"vcs":             c.VCSType,
 			"connection_name": c.Name,
 		}
 	})
@@ -65,6 +65,8 @@ func CreateVCSConnectionApi(c *gin.Context) {
 		Name                   string `json:"connection_name"`
 		BitbucketAccessToken   string `json:"bitbucket_access_token"`
 		BitbucketWebhookSecret string `json:"bitbucket_webhook_secret"`
+		GitlabAccessToken      string `json:"gitlab_access_token"`
+		GitlabWebhookSecret    string `json:"gitlab_webhook_secret"`
 	}
 
 	var request CreateVCSConnectionRequest
@@ -74,7 +76,8 @@ func CreateVCSConnectionApi(c *gin.Context) {
 		return
 	}
 
-	if request.VCS != "bitbucket" {
+	if request.VCS != string(models.DiggerVCSBitbucket) &&
+		request.VCS != string(models.DiggerVCSGitlab) {
 		slog.Error("VCS type not supported", "type", request.VCS)
 		c.JSON(http.StatusBadRequest, gin.H{"error": "VCS type not supported"})
 		return
@@ -89,36 +92,38 @@ func CreateVCSConnectionApi(c *gin.Context) {
 
 	bitbucketAccessTokenEncrypted, err := utils.AESEncrypt([]byte(secret), request.BitbucketAccessToken)
 	if err != nil {
-		slog.Error("Could not encrypt access token", "error", err)
-		c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt access token"})
+		slog.Error("Could not encrypt bitbucket access token", "error", err)
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt bitbucket access token"})
 		return
 	}
 
 	bitbucketWebhookSecretEncrypted, err := utils.AESEncrypt([]byte(secret), request.BitbucketWebhookSecret)
 	if err != nil {
-		slog.Error("Could not encrypt webhook secret", "error", err)
-		c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt webhook secret"})
-		return
-	}
-
-	connection, err := models.DB.CreateVCSConnection(
-		request.Name,
-		0,
-		"",
-		"",
-		"",
-		"",
-		"",
-		"",
-		"",
-		bitbucketAccessTokenEncrypted,
-		bitbucketWebhookSecretEncrypted,
-		org.ID,
-	)
+		slog.Error("Could not encrypt bitbucket webhook secret", "error", err)
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt bitbucket webhook secret"})
+		return
+	}
+
+	gitlabAccessTokenEncrypted, err := utils.AESEncrypt([]byte(secret), request.GitlabAccessToken)
+	if err != nil {
+		slog.Error("Could not encrypt gitlab access secret", "error", err)
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt gitlab access token"})
+		return
+	}
+
+	gitlabWebhookSecret, err := utils.AESEncrypt([]byte(secret), request.GitlabWebhookSecret)
+	if err != nil {
+		slog.Error("Could not encrypt gitlab webhook secret", "error", err)
+		c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not encrypt gitlab webhook secret"})
+		return
+	}
+
+	connection, err := models.DB.CreateVCSConnection(request.Name, models.DiggerVCSType(request.VCS), 0, "", "", "", "", "", "", "", bitbucketAccessTokenEncrypted, bitbucketWebhookSecretEncrypted, gitlabWebhookSecret, gitlabAccessTokenEncrypted, org.ID)
 	if err != nil {
 		slog.Error("Could not create VCS connection", "error", err)
 		c.JSON(http.StatusInternalServerError, gin.H{"error": "Could not create VCS connection"})
 		return
+
 	}
 
 	slog.Info("Created VCS connection", "connectionId", connection.ID, "organisationId", org.ID)

backend/migrations/20250325115901.sql

@@ -0,0 +1,2 @@
+-- Modify "github_app_connections" table
+ALTER TABLE "public"."github_app_connections" ADD COLUMN "gitlab_access_token_encrypted" text NULL, ADD COLUMN "gitlab_webhook_secret_encrypted" text NULL;

backend/migrations/20250325134924.sql

@@ -0,0 +1,2 @@
+-- Modify "github_app_connections" table
+ALTER TABLE "public"."github_app_connections" ADD COLUMN "vcs_type" text NULL DEFAULT 'bitbucket';

backend/migrations/atlas.sum

@@ -1,4 +1,4 @@
-h1:pGuhEh2gQrZkYbjLCxVK+ZHO3jlFj99jjAO96gKlWlc=
+h1:FUyT8bE1jsztutCMQI5+hbieTDYCpac4f1BQk/RksrM=
 20231227132525.sql h1:43xn7XC0GoJsCnXIMczGXWis9d504FAWi4F1gViTIcw=
 20240115170600.sql h1:IW8fF/8vc40+eWqP/xDK+R4K9jHJ9QBSGO6rN9LtfSA=
 20240116123649.sql h1:R1JlUIgxxF6Cyob9HdtMqiKmx/BfnsctTl5rvOqssQw=
@@ -44,3 +44,5 @@ h1:pGuhEh2gQrZkYbjLCxVK+ZHO3jlFj99jjAO96gKlWlc=
 20250224152926.sql h1:EjoFpfeoCpk/SjSo2i7sajKCR3t7YCn+1ZgGJrT0L9Y=
 20250226185150.sql h1:K7e/3Zy2wSTqKa3iYpIb02GTAniYSXHObTIqOV9aOhM=
 20250302190926.sql h1:F3FnaGnZv1Hwmg6W9Nacg5fbdiYbZGgS/mkuogtCso0=
+20250325115901.sql h1:yrha7g515WPkFRHfidvtLVWMeQmRD8rzVyWtPbuk0ws=
+20250325134924.sql h1:5vywDVuT0FPmQKP75AvxopxOeuKXsTEN00rgQjnA+ss=

backend/models/github.go

@@ -17,6 +17,9 @@ type VCSConnection struct {
 	GithubAppUrl                    string
 	BitbucketAccessTokenEncrypted   string
 	BitbucketWebhookSecretEncrypted string
+	GitlabAccessTokenEncrypted      string
+	GitlabWebhookSecretEncrypted    string
+	VCSType                         DiggerVCSType `gorm:"default:bitbucket"`
 	OrganisationID                  uint
 	Organisation                    Organisation
 }

backend/models/storage.go

@@ -514,9 +514,10 @@ func (db *Database) GetGithubAppInstallationLink(installationId int64) (*GithubA
 	return &link, nil
 }
 
-func (db *Database) CreateVCSConnection(name string, githubId int64, ClientID string, ClientSecretEncrypted string, WebhookSecretEncrypted string, PrivateKeyEncrypted string, PrivateKeyBase64Encrypted string, Org string, url string, bitbucketAccessTokenEnc string, bitbucketWebhookSecretEnc string, orgId uint) (*VCSConnection, error) {
+func (db *Database) CreateVCSConnection(name string, vcsType DiggerVCSType, githubId int64, ClientID string, ClientSecretEncrypted string, WebhookSecretEncrypted string, PrivateKeyEncrypted string, PrivateKeyBase64Encrypted string, Org string, url string, bitbucketAccessTokenEnc string, bitbucketWebhookSecretEnc string, gitlabWebhookSecret string, gitlabAccessToken string, orgId uint) (*VCSConnection, error) {
 	app := VCSConnection{
 		Name:                            name,
+		VCSType:                         vcsType,
 		GithubId:                        githubId,
 		ClientID:                        ClientID,
 		ClientSecretEncrypted:           ClientSecretEncrypted,
@@ -527,6 +528,8 @@ func (db *Database) CreateVCSConnection(name string, githubId int64, ClientID st
 		GithubAppUrl:                    url,
 		BitbucketWebhookSecretEncrypted: bitbucketWebhookSecretEnc,
 		BitbucketAccessTokenEncrypted:   bitbucketAccessTokenEnc,
+		GitlabWebhookSecretEncrypted:    gitlabWebhookSecret,
+		GitlabAccessTokenEncrypted:      gitlabAccessToken,
 		OrganisationID:                  orgId,
 	}
 	result := db.GormDB.Save(&app)

ee/backend/controllers/github.go

@@ -192,7 +192,7 @@ func (d DiggerEEController) GithubAppConnectionsConfirm(c *gin.Context) {
 		return
 	}
 
-	_, err = models.DB.CreateVCSConnection(cfg.GetName(), cfg.GetID(), cfg.GetClientID(), clientSecretEnc, webhookSecretEnc, PEMEnc, PEM64Enc, *cfg.Owner.Login, cfg.GetHTMLURL(), "", "", orgId)
+	_, err = models.DB.CreateVCSConnection(cfg.GetName(), models.DiggerVCSGithub, cfg.GetID(), cfg.GetClientID(), clientSecretEnc, webhookSecretEnc, PEMEnc, PEM64Enc, *cfg.Owner.Login, cfg.GetHTMLURL(), "", "", "", "", orgId)
 	if err != nil {
 		log.Printf("failed to create github app connection record: %v", err)
 		c.String(500, fmt.Sprintf("Failed to create github app record on callback"))

ee/backend/go.mod

@@ -235,6 +235,7 @@ require (
 	github.com/ryanuber/go-glob v1.0.0 // indirect
 	github.com/sagikazarmark/locafero v0.4.0 // indirect
 	github.com/sagikazarmark/slog-shim v0.1.0 // indirect
+	github.com/samber/slog-gin v1.15.0 // indirect
 	github.com/segmentio/analytics-go/v3 v3.3.0 // indirect
 	github.com/segmentio/backo-go v1.0.0 // indirect
 	github.com/sirupsen/logrus v1.9.3 // indirect

ee/backend/go.sum

@@ -1746,6 +1746,8 @@ github.com/sagikazarmark/slog-shim v0.1.0 h1:diDBnUNK9N/354PgrxMywXnAwEr1QZcOr6g
 github.com/sagikazarmark/slog-shim v0.1.0/go.mod h1:SrcSrq8aKtyuqEI1uvTDTK1arOWRIczQRv+GVI1AkeQ=
 github.com/samber/lo v1.46.0 h1:w8G+oaCPgz1PoCJztqymCFaKwXt+5cCXn51uPxExFfQ=
 github.com/samber/lo v1.46.0/go.mod h1:RmDH9Ct32Qy3gduHQuKJ3gW1fMHAnE/fAzQuf6He5cU=
+github.com/samber/slog-gin v1.15.0 h1:Kqs/ilXd9divtslWjbz5DVptmLlzyntbBiXUAta2SFg=
+github.com/samber/slog-gin v1.15.0/go.mod h1:mPAEinK/g2jPLauuWO11m3Q0Ca7aG4k9XjXjXY8IhMQ=
 github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
 github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc=
 github.com/segmentio/analytics-go/v3 v3.3.0 h1:8VOMaVGBW03pdBrj1CMFfY9o/rnjJC+1wyQHlVxjw5o=

go.work.sum

@@ -766,8 +766,6 @@ github.com/alecthomas/chroma v0.10.0 h1:7XDcGkCQopCNKjZHfYrNLraA+M7e0fMiJ/Mfikbf
 github.com/alecthomas/chroma v0.10.0/go.mod h1:jtJATyUxlIORhUOFNA9NZDWGAQ8wpxQQqNSB4rjA/1s=
 github.com/alecthomas/kingpin/v2 v2.4.0 h1:f48lwail6p8zpO1bC4TxtqACaGqHYA22qkHjHpqDjYY=
 github.com/alecthomas/kingpin/v2 v2.4.0/go.mod h1:0gyi0zQnjuFk8xrkNKamJoyUo382HRL7ATRpFZCw6tE=
-github.com/alecthomas/kong v0.7.1 h1:azoTh0IOfwlAX3qN9sHWTxACE2oV8Bg2gAwBsMwDQY4=
-github.com/alecthomas/kong v0.7.1/go.mod h1:n1iCIO2xS46oE8ZfYCNDqdR0b0wZNrXAIAqro/2132U=
 github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751 h1:JYp7IbQjafoB+tBA3gMyHYHrpOtNuDiK/uB5uXxq5wM=
 github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137 h1:s6gZFSlWYmbqAuRjVTiNNhvNRfY2Wxp9nhfyel4rklc=
 github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE=
@@ -1603,6 +1601,7 @@ golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOM
 golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M=
 golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54=
 golang.org/x/crypto v0.27.0/go.mod h1:1Xngt8kV6Dvbssa53Ziq6Eqn0HqbZi5Z6R0ZpwQzt70=
+golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
 golang.org/x/exp v0.0.0-20230905200255-921286631fa9/go.mod h1:S2oDrQGGwySpoQPVqRShND87VCbxmc6bL1Yd2oYrm6k=
 golang.org/x/image v0.0.0-20190802002840-cff245a6509b h1:+qEpEAPhDZ1o0x3tHzZTQDArnOixOzGD9HUJfcg0mb4=
 golang.org/x/image v0.0.0-20220302094943-723b81ca9867 h1:TcHcE0vrmgzNH1v3ppjcMGbhG5+9fMuvOmUYwNEF4q4=
@@ -1620,6 +1619,7 @@ golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8=
 golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE=
 golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg=
 golang.org/x/net v0.29.0/go.mod h1:gLkgy8jTGERgjzMic6DS9+SP0ajcu6Xu3Orq/SpETg0=
+golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
 golang.org/x/oauth2 v0.14.0/go.mod h1:lAtNWgaWfL4cm7j2OV8TxGi9Qb7ECORx8DktCY74OwM=
 golang.org/x/oauth2 v0.15.0/go.mod h1:q48ptWNTY5XWf+JNten23lcvHpLJ0ZSxF5ttTHKVCAM=
 golang.org/x/oauth2 v0.16.0/go.mod h1:hqZ+0LWXsiVoZpeld6jVt06P3adbS2Uu911W1SsJv2o=
@@ -1645,6 +1645,7 @@ golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.23.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.24.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2 h1:IRJeR9r1pYWsHKTRe/IInb7lYvbBVIqOgsX/u0mbOWY=
 golang.org/x/telemetry v0.0.0-20240521205824-bda55230c457 h1:zf5N6UOrA487eEFacMePxjXAJctxKmyjKUsjA11Uzuk=
 golang.org/x/telemetry v0.0.0-20240521205824-bda55230c457/go.mod h1:pRgIJT+bRLFKnoM1ldnzKoxTIn14Yxz928LQRYYgIN0=