Shiloh/lasthourcloud
Shiloh/lasthourcloud
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 4 Wiki Activity

feat: Webhooks inititate all applications with the correct branch

Browse Source
This commit is contained in:
Andras Bacsai 2022-03-11 21:18:12 +01:00
parent 16ea9a3e07
commit c5c9f84503
7 changed files with 256 additions and 231 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/lib/common.ts
View File

@ -11,6 +11,7 @@ import { version as currentVersion } from '../../package.json';
import dayjs from 'dayjs'; import dayjs from 'dayjs';
import Cookie from 'cookie'; import Cookie from 'cookie';
import os from 'os'; import os from 'os';
import cuid from 'cuid';
try { try {
if (!dev) { if (!dev) {

67
src/lib/database/applications.ts
View File

@ -58,15 +58,6 @@ export async function removeApplication({ id, teamId }) {
const id = containerObj.ID; const id = containerObj.ID;
const preview = containerObj.Image.split('-')[1]; const preview = containerObj.Image.split('-')[1];
await removeDestinationDocker({ id, engine: destinationDocker.engine }); await removeDestinationDocker({ id, engine: destinationDocker.engine });
try {
if (preview) {
await removeProxyConfiguration({ domain: `${preview}.${domain}` });
} else {
await removeProxyConfiguration({ domain });
}
} catch (error) {
console.log(error);
}
} }
} }
} }
@ -79,7 +70,7 @@ export async function removeApplication({ id, teamId }) {
export async function getApplicationWebhook({ projectId, branch }) { export async function getApplicationWebhook({ projectId, branch }) {
try { try {
let body = await prisma.application.findFirst({ let applications = await prisma.application.findMany({
where: { projectId, branch }, where: { projectId, branch },
include: { include: {
destinationDocker: true, destinationDocker: true,
@ -88,30 +79,40 @@ export async function getApplicationWebhook({ projectId, branch }) {
secrets: true secrets: true
} }
}); });
for (const application of applications) {
if (body.gitSource?.githubApp?.clientSecret) { if (application.gitSource?.githubApp?.clientSecret) {
body.gitSource.githubApp.clientSecret = decrypt(body.gitSource.githubApp.clientSecret); application.gitSource.githubApp.clientSecret = decrypt(
application.gitSource.githubApp.clientSecret
);
}
if (application.gitSource?.githubApp?.webhookSecret) {
application.gitSource.githubApp.webhookSecret = decrypt(
application.gitSource.githubApp.webhookSecret
);
}
if (application.gitSource?.githubApp?.privateKey) {
application.gitSource.githubApp.privateKey = decrypt(
application.gitSource.githubApp.privateKey
);
}
if (application?.gitSource?.gitlabApp?.appSecret) {
application.gitSource.gitlabApp.appSecret = decrypt(
application.gitSource.gitlabApp.appSecret
);
}
if (application?.gitSource?.gitlabApp?.webhookToken) {
application.gitSource.gitlabApp.webhookToken = decrypt(
application.gitSource.gitlabApp.webhookToken
);
}
if (application?.secrets.length > 0) {
application.secrets = application.secrets.map((s) => {
s.value = decrypt(s.value);
return s;
});
}
} }
if (body.gitSource?.githubApp?.webhookSecret) { return [...applications];
body.gitSource.githubApp.webhookSecret = decrypt(body.gitSource.githubApp.webhookSecret);
}
if (body.gitSource?.githubApp?.privateKey) {
body.gitSource.githubApp.privateKey = decrypt(body.gitSource.githubApp.privateKey);
}
if (body?.gitSource?.gitlabApp?.appSecret) {
body.gitSource.gitlabApp.appSecret = decrypt(body.gitSource.gitlabApp.appSecret);
}
if (body?.gitSource?.gitlabApp?.webhookToken) {
body.gitSource.gitlabApp.webhookToken = decrypt(body.gitSource.gitlabApp.webhookToken);
}
if (body?.secrets.length > 0) {
body.secrets = body.secrets.map((s) => {
s.value = decrypt(s.value);
return s;
});
}
return { ...body };
} catch (e) { } catch (e) {
throw { status: 404, body: { message: e.message } }; throw { status: 404, body: { message: e.message } };
} }

2
src/lib/queues/index.ts
View File

@ -120,7 +120,7 @@ buildWorker.on('completed', async (job: Bullmq.Job) => {
} catch (err) { } catch (err) {
console.log(err); console.log(err);
} finally { } finally {
const workdir = `/tmp/build-sources/${job.data.repository}/`; const workdir = `/tmp/build-sources/${job.data.repository}/${job.data.build_id}`;
await asyncExecShell(`rm -fr ${workdir}`); await asyncExecShell(`rm -fr ${workdir}`);
} }
return; return;

2
src/routes/applications/[id]/configuration/_GithubRepositories.svelte
View File

@ -172,7 +172,7 @@
class="w-96" class="w-96"
disabled={!selected.repository} disabled={!selected.repository}
bind:value={selected.branch} bind:value={selected.branch}
on:change={isBranchAlreadyUsed} on:change={() => (showSave = true)}
> >
{#if !selected.repository} {#if !selected.repository}
<option value="" disabled selected>Select a repository first</option> <option value="" disabled selected>Select a repository first</option>

2
src/routes/applications/[id]/configuration/_GitlabRepositories.svelte
View File

@ -305,7 +305,7 @@
name="branch" name="branch"
class="w-96" class="w-96"
bind:value={selected.branch} bind:value={selected.branch}
on:change={isBranchAlreadyUsed} on:change={() => (showSave = true)}
disabled={!selected.project} disabled={!selected.project}
> >
<option value="" disabled selected>Please select a branch</option> <option value="" disabled selected>Please select a branch</option>

233
src/routes/webhooks/github/events.ts
View File

@ -20,7 +20,6 @@ export const options: RequestHandler = async () => {
export const post: RequestHandler = async (event) => { export const post: RequestHandler = async (event) => {
try { try {
const buildId = cuid();
const allowedGithubEvents = ['push', 'pull_request']; const allowedGithubEvents = ['push', 'pull_request'];
const allowedActions = ['opened', 'reopened', 'synchronize', 'closed']; const allowedActions = ['opened', 'reopened', 'synchronize', 'closed'];
const githubEvent = event.request.headers.get('x-github-event')?.toLowerCase(); const githubEvent = event.request.headers.get('x-github-event')?.toLowerCase();
@ -45,137 +44,147 @@ export const post: RequestHandler = async (event) => {
branch = body.pull_request.head.ref.split('/')[2]; branch = body.pull_request.head.ref.split('/')[2];
} }
const applicationFound = await db.getApplicationWebhook({ projectId, branch }); const applications = await db.getApplicationWebhook({ projectId, branch });
if (applicationFound) { if (applications.length > 0) {
const webhookSecret = applicationFound.gitSource.githubApp.webhookSecret; for (const application of applications) {
const hmac = crypto.createHmac('sha256', webhookSecret); const buildId = cuid();
const digest = Buffer.from(
'sha256=' + hmac.update(JSON.stringify(body)).digest('hex'),
'utf8'
);
const checksum = Buffer.from(githubSignature, 'utf8');
if (!dev) {
if (checksum.length !== digest.length || !crypto.timingSafeEqual(digest, checksum)) {
return {
status: 500,
body: {
message: 'SHA256 checksum failed. Are you doing something fishy?'
}
};
}
}
if (githubEvent === 'push') { const webhookSecret = application.gitSource.githubApp.webhookSecret;
if (!applicationFound.configHash) { const hmac = crypto.createHmac('sha256', webhookSecret);
const configHash = crypto const digest = Buffer.from(
.createHash('sha256') 'sha256=' + hmac.update(JSON.stringify(body)).digest('hex'),
.update( 'utf8'
JSON.stringify({ );
buildPack: applicationFound.buildPack, const checksum = Buffer.from(githubSignature, 'utf8');
port: applicationFound.port, if (!dev) {
installCommand: applicationFound.installCommand, if (checksum.length !== digest.length || !crypto.timingSafeEqual(digest, checksum)) {
buildCommand: applicationFound.buildCommand, return {
startCommand: applicationFound.startCommand status: 500,
}) body: {
) message: 'SHA256 checksum failed. Are you doing something fishy?'
.digest('hex'); }
await db.prisma.application.updateMany({ };
where: { branch, projectId },
data: { configHash }
});
}
await db.prisma.application.update({
where: { id: applicationFound.id },
data: { updatedAt: new Date() }
});
await buildQueue.add(buildId, {
build_id: buildId,
type: 'webhook_commit',
...applicationFound
});
return {
status: 200,
body: {
message: 'Queued. Thank you!'
} }
};
} else if (githubEvent === 'pull_request') {
const pullmergeRequestId = body.number;
const pullmergeRequestAction = body.action;
const sourceBranch = body.pull_request.head.ref;
if (!allowedActions.includes(pullmergeRequestAction)) {
return {
status: 500,
body: {
message: 'Action not allowed.'
}
};
} }
if (applicationFound.settings.previews) { if (githubEvent === 'push') {
if (applicationFound.destinationDockerId) { if (!application.configHash) {
const isRunning = await checkContainer( const configHash = crypto
applicationFound.destinationDocker.engine, .createHash('sha256')
applicationFound.id .update(
); JSON.stringify({
if (!isRunning) { buildPack: application.buildPack,
port: application.port,
installCommand: application.installCommand,
buildCommand: application.buildCommand,
startCommand: application.startCommand
})
)
.digest('hex');
await db.prisma.application.updateMany({
where: { branch, projectId },
data: { configHash }
});
}
await db.prisma.application.update({
where: { id: application.id },
data: { updatedAt: new Date() }
});
await buildQueue.add(buildId, {
build_id: buildId,
type: 'webhook_commit',
...application
});
return {
status: 200,
body: {
message: 'Queued. Thank you!'
}
};
} else if (githubEvent === 'pull_request') {
const pullmergeRequestId = body.number;
const pullmergeRequestAction = body.action;
const sourceBranch = body.pull_request.head.ref;
if (!allowedActions.includes(pullmergeRequestAction)) {
return {
status: 500,
body: {
message: 'Action not allowed.'
}
};
}
if (application.settings.previews) {
if (application.destinationDockerId) {
const isRunning = await checkContainer(
application.destinationDocker.engine,
application.id
);
if (!isRunning) {
return {
status: 500,
body: {
message: 'Application not running.'
}
};
}
}
if (
pullmergeRequestAction === 'opened' ||
pullmergeRequestAction === 'reopened' ||
pullmergeRequestAction === 'synchronize'
) {
await db.prisma.application.update({
where: { id: application.id },
data: { updatedAt: new Date() }
});
await buildQueue.add(buildId, {
build_id: buildId,
type: 'webhook_pr',
...application,
sourceBranch,
pullmergeRequestId
});
return { return {
status: 500, status: 200,
body: { body: {
message: 'Application not running.' message: 'Queued. Thank you!'
}
};
} else if (pullmergeRequestAction === 'closed') {
if (application.destinationDockerId) {
const id = `${application.id}-${pullmergeRequestId}`;
const engine = application.destinationDocker.engine;
await removeDestinationDocker({ id, engine });
}
return {
status: 200,
body: {
message: 'Removed preview. Thank you!'
} }
}; };
} }
} } else {
if (
pullmergeRequestAction === 'opened' ||
pullmergeRequestAction === 'reopened' ||
pullmergeRequestAction === 'synchronize'
) {
await db.prisma.application.update({
where: { id: applicationFound.id },
data: { updatedAt: new Date() }
});
await buildQueue.add(buildId, {
build_id: buildId,
type: 'webhook_pr',
...applicationFound,
sourceBranch,
pullmergeRequestId
});
return { return {
status: 200, status: 500,
body: { body: {
message: 'Queued. Thank you!' message: 'Pull request previews are not enabled.'
}
};
} else if (pullmergeRequestAction === 'closed') {
if (applicationFound.destinationDockerId) {
const id = `${applicationFound.id}-${pullmergeRequestId}`;
const engine = applicationFound.destinationDocker.engine;
await removeDestinationDocker({ id, engine });
}
return {
status: 200,
body: {
message: 'Removed preview. Thank you!'
} }
}; };
} }
} else {
return {
status: 500,
body: {
message: 'Pull request previews are not enabled.'
}
};
} }
} }
return {
status: 500,
body: {
message: 'Not handled event.'
}
};
} }
return { return {
status: 500, status: 500,
body: { body: {
message: 'Not handled event.' message: 'No applications configured in Coolify.'
} }
}; };
} catch (err) { } catch (err) {

180
src/routes/webhooks/gitlab/events.ts
View File

@ -21,42 +21,46 @@ export const options: RequestHandler = async () => {
export const post: RequestHandler = async (event) => { export const post: RequestHandler = async (event) => {
const allowedActions = ['opened', 'reopen', 'close', 'open', 'update']; const allowedActions = ['opened', 'reopen', 'close', 'open', 'update'];
const body = await event.request.json(); const body = await event.request.json();
const buildId = cuid();
try { try {
const { object_kind: objectKind } = body; const { object_kind: objectKind } = body;
if (objectKind === 'push') { if (objectKind === 'push') {
const { ref } = body; const { ref } = body;
const projectId = Number(body['project_id']); const projectId = Number(body['project_id']);
const branch = ref.split('/')[2]; const branch = ref.split('/')[2];
const applicationFound = await db.getApplicationWebhook({ projectId, branch }); const applications = await db.getApplicationWebhook({ projectId, branch });
if (applicationFound) { if (applications.length > 0) {
if (!applicationFound.configHash) { for (const application of applications) {
const configHash = crypto const buildId = cuid();
.createHash('sha256') if (!application.configHash) {
.update( const configHash = crypto
JSON.stringify({ .createHash('sha256')
buildPack: applicationFound.buildPack, .update(
port: applicationFound.port, JSON.stringify({
installCommand: applicationFound.installCommand, buildPack: application.buildPack,
buildCommand: applicationFound.buildCommand, port: application.port,
startCommand: applicationFound.startCommand installCommand: application.installCommand,
}) buildCommand: application.buildCommand,
) startCommand: application.startCommand
.digest('hex'); })
await db.prisma.application.updateMany({ )
where: { branch, projectId }, .digest('hex');
data: { configHash } await db.prisma.application.updateMany({
where: { branch, projectId },
data: { configHash }
});
}
await db.prisma.application.update({
where: { id: application.id },
data: { updatedAt: new Date() }
});
await buildQueue.add(buildId, {
build_id: buildId,
type: 'webhook_commit',
...application
}); });
} }
await db.prisma.application.update({
where: { id: applicationFound.id },
data: { updatedAt: new Date() }
});
await buildQueue.add(buildId, {
build_id: buildId,
type: 'webhook_commit',
...applicationFound
});
return { return {
status: 200, status: 200,
body: { body: {
@ -64,6 +68,12 @@ export const post: RequestHandler = async (event) => {
} }
}; };
} }
return {
status: 500,
body: {
message: 'No applications configured in Coolify.'
}
};
} else if (objectKind === 'merge_request') { } else if (objectKind === 'merge_request') {
const webhookToken = event.request.headers.get('x-gitlab-token'); const webhookToken = event.request.headers.get('x-gitlab-token');
if (!webhookToken) { if (!webhookToken) {
@ -98,69 +108,73 @@ export const post: RequestHandler = async (event) => {
}; };
} }
const applicationFound = await db.getApplicationWebhook({ projectId, branch: targetBranch }); const applications = await db.getApplicationWebhook({ projectId, branch: targetBranch });
if (applicationFound) { if (applications.length > 0) {
if (applicationFound.settings.previews) { for (const application of applications) {
if (applicationFound.destinationDockerId) { const buildId = cuid();
const isRunning = await checkContainer( if (application.settings.previews) {
applicationFound.destinationDocker.engine, if (application.destinationDockerId) {
applicationFound.id const isRunning = await checkContainer(
); application.destinationDocker.engine,
if (!isRunning) { application.id
);
if (!isRunning) {
return {
status: 500,
body: {
message: 'Application not running.'
}
};
}
}
if (!dev && application.gitSource.gitlabApp.webhookToken !== webhookToken) {
return { return {
status: 500, status: 500,
body: { body: {
message: 'Application not running.' message: 'Ooops, something is not okay, are you okay?'
}
};
}
if (
action === 'opened' ||
action === 'reopen' ||
action === 'open' ||
action === 'update'
) {
await db.prisma.application.update({
where: { id: application.id },
data: { updatedAt: new Date() }
});
await buildQueue.add(buildId, {
build_id: buildId,
type: 'webhook_mr',
...application,
sourceBranch,
pullmergeRequestId
});
return {
status: 200,
body: {
message: 'Queued. Thank you!'
}
};
} else if (action === 'close') {
if (application.destinationDockerId) {
const id = `${application.id}-${pullmergeRequestId}`;
const engine = application.destinationDocker.engine;
await removeDestinationDocker({ id, engine });
}
return {
status: 200,
body: {
message: 'Removed preview. Thank you!'
} }
}; };
} }
} }
if (!dev && applicationFound.gitSource.gitlabApp.webhookToken !== webhookToken) {
return {
status: 500,
body: {
message: 'Ooops, something is not okay, are you okay?'
}
};
}
if (
action === 'opened' ||
action === 'reopen' ||
action === 'open' ||
action === 'update'
) {
await db.prisma.application.update({
where: { id: applicationFound.id },
data: { updatedAt: new Date() }
});
await buildQueue.add(buildId, {
build_id: buildId,
type: 'webhook_mr',
...applicationFound,
sourceBranch,
pullmergeRequestId
});
return {
status: 200,
body: {
message: 'Queued. Thank you!'
}
};
} else if (action === 'close') {
if (applicationFound.destinationDockerId) {
const id = `${applicationFound.id}-${pullmergeRequestId}`;
const engine = applicationFound.destinationDocker.engine;
await removeDestinationDocker({ id, engine });
}
return {
status: 200,
body: {
message: 'Removed preview. Thank you!'
}
};
}
} }
return { return {
status: 500, status: 500,
body: { body: {