From c6b4d04e26905ae7ce401fa34b6d646f19f63c5c Mon Sep 17 00:00:00 2001 From: Andras Bacsai Date: Fri, 11 Mar 2022 22:48:55 +0100 Subject: [PATCH] Revert double build --- src/lib/database/applications.ts | 66 +++-- src/routes/applications/[id]/__layout.svelte | 4 +- src/routes/webhooks/github/events.ts | 251 +++++++++---------- src/routes/webhooks/gitlab/events.ts | 180 ++++++------- 4 files changed, 237 insertions(+), 264 deletions(-) diff --git a/src/lib/database/applications.ts b/src/lib/database/applications.ts index 60d58f27f..ecbb22484 100644 --- a/src/lib/database/applications.ts +++ b/src/lib/database/applications.ts @@ -70,7 +70,7 @@ export async function removeApplication({ id, teamId }) { export async function getApplicationWebhook({ projectId, branch }) { try { - let applications = await prisma.application.findMany({ + let application = await prisma.application.findFirst({ where: { projectId, branch, settings: { autodeploy: true } }, include: { destinationDocker: true, @@ -79,40 +79,38 @@ export async function getApplicationWebhook({ projectId, branch }) { secrets: true } }); - for (const application of applications) { - if (application.gitSource?.githubApp?.clientSecret) { - application.gitSource.githubApp.clientSecret = decrypt( - application.gitSource.githubApp.clientSecret - ); - } - if (application.gitSource?.githubApp?.webhookSecret) { - application.gitSource.githubApp.webhookSecret = decrypt( - application.gitSource.githubApp.webhookSecret - ); - } - if (application.gitSource?.githubApp?.privateKey) { - application.gitSource.githubApp.privateKey = decrypt( - application.gitSource.githubApp.privateKey - ); - } - if (application?.gitSource?.gitlabApp?.appSecret) { - application.gitSource.gitlabApp.appSecret = decrypt( - application.gitSource.gitlabApp.appSecret - ); - } - if (application?.gitSource?.gitlabApp?.webhookToken) { - application.gitSource.gitlabApp.webhookToken = decrypt( - application.gitSource.gitlabApp.webhookToken - ); - } - if (application?.secrets.length > 0) { - application.secrets = application.secrets.map((s) => { - s.value = decrypt(s.value); - return s; - }); - } + if (application.gitSource?.githubApp?.clientSecret) { + application.gitSource.githubApp.clientSecret = decrypt( + application.gitSource.githubApp.clientSecret + ); } - return [...applications]; + if (application.gitSource?.githubApp?.webhookSecret) { + application.gitSource.githubApp.webhookSecret = decrypt( + application.gitSource.githubApp.webhookSecret + ); + } + if (application.gitSource?.githubApp?.privateKey) { + application.gitSource.githubApp.privateKey = decrypt( + application.gitSource.githubApp.privateKey + ); + } + if (application?.gitSource?.gitlabApp?.appSecret) { + application.gitSource.gitlabApp.appSecret = decrypt( + application.gitSource.gitlabApp.appSecret + ); + } + if (application?.gitSource?.gitlabApp?.webhookToken) { + application.gitSource.gitlabApp.webhookToken = decrypt( + application.gitSource.gitlabApp.webhookToken + ); + } + if (application?.secrets.length > 0) { + application.secrets = application.secrets.map((s) => { + s.value = decrypt(s.value); + return s; + }); + } + return { ...application }; } catch (e) { throw { status: 404, body: { message: e.message } }; } diff --git a/src/routes/applications/[id]/__layout.svelte b/src/routes/applications/[id]/__layout.svelte index 2c979a4ab..041be4a82 100644 --- a/src/routes/applications/[id]/__layout.svelte +++ b/src/routes/applications/[id]/__layout.svelte @@ -108,11 +108,9 @@ try { loading = true; await post(`/applications/${id}/stop.json`, {}); - isRunning = false; + return window.location.reload(); } catch ({ error }) { return errorNotification(error); - } finally { - loading = false; } } diff --git a/src/routes/webhooks/github/events.ts b/src/routes/webhooks/github/events.ts index ee2ced11d..b50c19929 100644 --- a/src/routes/webhooks/github/events.ts +++ b/src/routes/webhooks/github/events.ts @@ -20,6 +20,7 @@ export const options: RequestHandler = async () => { export const post: RequestHandler = async (event) => { try { + const buildId = cuid(); const allowedGithubEvents = ['push', 'pull_request']; const allowedActions = ['opened', 'reopened', 'synchronize', 'closed']; const githubEvent = event.request.headers.get('x-github-event')?.toLowerCase(); @@ -44,147 +45,137 @@ export const post: RequestHandler = async (event) => { branch = body.pull_request.head.ref.split('/')[2]; } - const applications = await db.getApplicationWebhook({ projectId, branch }); - if (applications.length > 0) { - for (const application of applications) { - const buildId = cuid(); - - const webhookSecret = application.gitSource.githubApp.webhookSecret; - const hmac = crypto.createHmac('sha256', webhookSecret); - const digest = Buffer.from( - 'sha256=' + hmac.update(JSON.stringify(body)).digest('hex'), - 'utf8' - ); - const checksum = Buffer.from(githubSignature, 'utf8'); - if (!dev) { - if (checksum.length !== digest.length || !crypto.timingSafeEqual(digest, checksum)) { - return { - status: 500, - body: { - message: 'SHA256 checksum failed. Are you doing something fishy?' - } - }; - } - } - - if (githubEvent === 'push') { - if (!application.configHash) { - const configHash = crypto - .createHash('sha256') - .update( - JSON.stringify({ - buildPack: application.buildPack, - port: application.port, - installCommand: application.installCommand, - buildCommand: application.buildCommand, - startCommand: application.startCommand - }) - ) - .digest('hex'); - await db.prisma.application.update({ - where: { id: application.id }, - data: { configHash } - }); - } - await db.prisma.application.update({ - where: { id: application.id }, - data: { updatedAt: new Date() } - }); - await buildQueue.add(buildId, { - build_id: buildId, - type: 'webhook_commit', - ...application - }); + const applicationFound = await db.getApplicationWebhook({ projectId, branch }); + if (applicationFound) { + const webhookSecret = applicationFound.gitSource.githubApp.webhookSecret; + const hmac = crypto.createHmac('sha256', webhookSecret); + const digest = Buffer.from( + 'sha256=' + hmac.update(JSON.stringify(body)).digest('hex'), + 'utf8' + ); + const checksum = Buffer.from(githubSignature, 'utf8'); + if (!dev) { + if (checksum.length !== digest.length || !crypto.timingSafeEqual(digest, checksum)) { return { - status: 200, + status: 500, body: { - message: 'Queued. Thank you!' + message: 'SHA256 checksum failed. Are you doing something fishy?' } }; - } else if (githubEvent === 'pull_request') { - const pullmergeRequestId = body.number; - const pullmergeRequestAction = body.action; - const sourceBranch = body.pull_request.head.ref; - if (!allowedActions.includes(pullmergeRequestAction)) { - return { - status: 500, - body: { - message: 'Action not allowed.' - } - }; - } - - if (application.settings.previews) { - if (application.destinationDockerId) { - const isRunning = await checkContainer( - application.destinationDocker.engine, - application.id - ); - if (!isRunning) { - return { - status: 500, - body: { - message: 'Application not running.' - } - }; - } - } - if ( - pullmergeRequestAction === 'opened' || - pullmergeRequestAction === 'reopened' || - pullmergeRequestAction === 'synchronize' - ) { - await db.prisma.application.update({ - where: { id: application.id }, - data: { updatedAt: new Date() } - }); - await buildQueue.add(buildId, { - build_id: buildId, - type: 'webhook_pr', - ...application, - sourceBranch, - pullmergeRequestId - }); - return { - status: 200, - body: { - message: 'Queued. Thank you!' - } - }; - } else if (pullmergeRequestAction === 'closed') { - if (application.destinationDockerId) { - const id = `${application.id}-${pullmergeRequestId}`; - const engine = application.destinationDocker.engine; - await removeDestinationDocker({ id, engine }); - } - return { - status: 200, - body: { - message: 'Removed preview. Thank you!' - } - }; - } - } else { - return { - status: 500, - body: { - message: 'Pull request previews are not enabled.' - } - }; - } } } - return { - status: 500, - body: { - message: 'Not handled event.' + + if (githubEvent === 'push') { + if (!applicationFound.configHash) { + const configHash = crypto + .createHash('sha256') + .update( + JSON.stringify({ + buildPack: applicationFound.buildPack, + port: applicationFound.port, + installCommand: applicationFound.installCommand, + buildCommand: applicationFound.buildCommand, + startCommand: applicationFound.startCommand + }) + ) + .digest('hex'); + await db.prisma.application.updateMany({ + where: { branch, projectId }, + data: { configHash } + }); } - }; + await db.prisma.application.update({ + where: { id: applicationFound.id }, + data: { updatedAt: new Date() } + }); + await buildQueue.add(buildId, { + build_id: buildId, + type: 'webhook_commit', + ...applicationFound + }); + return { + status: 200, + body: { + message: 'Queued. Thank you!' + } + }; + } else if (githubEvent === 'pull_request') { + const pullmergeRequestId = body.number; + const pullmergeRequestAction = body.action; + const sourceBranch = body.pull_request.head.ref; + if (!allowedActions.includes(pullmergeRequestAction)) { + return { + status: 500, + body: { + message: 'Action not allowed.' + } + }; + } + + if (applicationFound.settings.previews) { + if (applicationFound.destinationDockerId) { + const isRunning = await checkContainer( + applicationFound.destinationDocker.engine, + applicationFound.id + ); + if (!isRunning) { + return { + status: 500, + body: { + message: 'Application not running.' + } + }; + } + } + if ( + pullmergeRequestAction === 'opened' || + pullmergeRequestAction === 'reopened' || + pullmergeRequestAction === 'synchronize' + ) { + await db.prisma.application.update({ + where: { id: applicationFound.id }, + data: { updatedAt: new Date() } + }); + await buildQueue.add(buildId, { + build_id: buildId, + type: 'webhook_pr', + ...applicationFound, + sourceBranch, + pullmergeRequestId + }); + return { + status: 200, + body: { + message: 'Queued. Thank you!' + } + }; + } else if (pullmergeRequestAction === 'closed') { + if (applicationFound.destinationDockerId) { + const id = `${applicationFound.id}-${pullmergeRequestId}`; + const engine = applicationFound.destinationDocker.engine; + await removeDestinationDocker({ id, engine }); + } + return { + status: 200, + body: { + message: 'Removed preview. Thank you!' + } + }; + } + } else { + return { + status: 500, + body: { + message: 'Pull request previews are not enabled.' + } + }; + } + } } return { status: 500, body: { - message: 'No applications configured in Coolify.' + message: 'Not handled event.' } }; } catch (err) { diff --git a/src/routes/webhooks/gitlab/events.ts b/src/routes/webhooks/gitlab/events.ts index 8b35d1b41..1c125ec02 100644 --- a/src/routes/webhooks/gitlab/events.ts +++ b/src/routes/webhooks/gitlab/events.ts @@ -21,46 +21,42 @@ export const options: RequestHandler = async () => { export const post: RequestHandler = async (event) => { const allowedActions = ['opened', 'reopen', 'close', 'open', 'update']; const body = await event.request.json(); - + const buildId = cuid(); try { const { object_kind: objectKind } = body; if (objectKind === 'push') { const { ref } = body; const projectId = Number(body['project_id']); const branch = ref.split('/')[2]; - const applications = await db.getApplicationWebhook({ projectId, branch }); - if (applications.length > 0) { - for (const application of applications) { - const buildId = cuid(); - if (!application.configHash) { - const configHash = crypto - .createHash('sha256') - .update( - JSON.stringify({ - buildPack: application.buildPack, - port: application.port, - installCommand: application.installCommand, - buildCommand: application.buildCommand, - startCommand: application.startCommand - }) - ) - .digest('hex'); - await db.prisma.application.update({ - where: { id: application.id }, - data: { configHash } - }); - } - await db.prisma.application.update({ - where: { id: application.id }, - data: { updatedAt: new Date() } - }); - await buildQueue.add(buildId, { - build_id: buildId, - type: 'webhook_commit', - ...application + const applicationFound = await db.getApplicationWebhook({ projectId, branch }); + if (applicationFound) { + if (!applicationFound.configHash) { + const configHash = crypto + .createHash('sha256') + .update( + JSON.stringify({ + buildPack: applicationFound.buildPack, + port: applicationFound.port, + installCommand: applicationFound.installCommand, + buildCommand: applicationFound.buildCommand, + startCommand: applicationFound.startCommand + }) + ) + .digest('hex'); + await db.prisma.application.updateMany({ + where: { branch, projectId }, + data: { configHash } }); } - + await db.prisma.application.update({ + where: { id: applicationFound.id }, + data: { updatedAt: new Date() } + }); + await buildQueue.add(buildId, { + build_id: buildId, + type: 'webhook_commit', + ...applicationFound + }); return { status: 200, body: { @@ -68,12 +64,6 @@ export const post: RequestHandler = async (event) => { } }; } - return { - status: 500, - body: { - message: 'No applications configured in Coolify.' - } - }; } else if (objectKind === 'merge_request') { const webhookToken = event.request.headers.get('x-gitlab-token'); if (!webhookToken) { @@ -108,73 +98,69 @@ export const post: RequestHandler = async (event) => { }; } - const applications = await db.getApplicationWebhook({ projectId, branch: targetBranch }); - if (applications.length > 0) { - for (const application of applications) { - const buildId = cuid(); - if (application.settings.previews) { - if (application.destinationDockerId) { - const isRunning = await checkContainer( - application.destinationDocker.engine, - application.id - ); - if (!isRunning) { - return { - status: 500, - body: { - message: 'Application not running.' - } - }; - } - } - if (!dev && application.gitSource.gitlabApp.webhookToken !== webhookToken) { + const applicationFound = await db.getApplicationWebhook({ projectId, branch: targetBranch }); + if (applicationFound) { + if (applicationFound.settings.previews) { + if (applicationFound.destinationDockerId) { + const isRunning = await checkContainer( + applicationFound.destinationDocker.engine, + applicationFound.id + ); + if (!isRunning) { return { status: 500, body: { - message: 'Ooops, something is not okay, are you okay?' - } - }; - } - if ( - action === 'opened' || - action === 'reopen' || - action === 'open' || - action === 'update' - ) { - await db.prisma.application.update({ - where: { id: application.id }, - data: { updatedAt: new Date() } - }); - await buildQueue.add(buildId, { - build_id: buildId, - type: 'webhook_mr', - ...application, - sourceBranch, - pullmergeRequestId - }); - return { - status: 200, - body: { - message: 'Queued. Thank you!' - } - }; - } else if (action === 'close') { - if (application.destinationDockerId) { - const id = `${application.id}-${pullmergeRequestId}`; - const engine = application.destinationDocker.engine; - await removeDestinationDocker({ id, engine }); - } - - return { - status: 200, - body: { - message: 'Removed preview. Thank you!' + message: 'Application not running.' } }; } } - } + if (!dev && applicationFound.gitSource.gitlabApp.webhookToken !== webhookToken) { + return { + status: 500, + body: { + message: 'Ooops, something is not okay, are you okay?' + } + }; + } + if ( + action === 'opened' || + action === 'reopen' || + action === 'open' || + action === 'update' + ) { + await db.prisma.application.update({ + where: { id: applicationFound.id }, + data: { updatedAt: new Date() } + }); + await buildQueue.add(buildId, { + build_id: buildId, + type: 'webhook_mr', + ...applicationFound, + sourceBranch, + pullmergeRequestId + }); + return { + status: 200, + body: { + message: 'Queued. Thank you!' + } + }; + } else if (action === 'close') { + if (applicationFound.destinationDockerId) { + const id = `${applicationFound.id}-${pullmergeRequestId}`; + const engine = applicationFound.destinationDocker.engine; + await removeDestinationDocker({ id, engine }); + } + return { + status: 200, + body: { + message: 'Removed preview. Thank you!' + } + }; + } + } return { status: 500, body: {