feat: run checks regularly on a schedule (#235)

Author: eddiejaoude

.env.example

@@ -10,3 +10,4 @@ GITHUB_SECRET=
 DATABASE_URL="postgresql://user:password@localhost:5432/healthcheck?schema=public"
 
 NEXT_PUBLIC_GITHUB_CACHE=4
+API_TOKEN=abcdefg

.github/workflows/checks.yml

@@ -0,0 +1,14 @@
+name: Run checks
+permissions: read-all
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: 0 3 * * *
+jobs:
+  api:
+    runs-on: ubuntu-latest
+    steps:
+      - name: hit api
+        uses: fjogeleit/http-request-action@v1
+        with:
+          url: "https://healthcheck.eddiehubcommunity.org/api/system/checks?token=${{ secrets.API_TOKEN }}"

src/app/api/system/checks/route.js

@@ -0,0 +1,100 @@
+import { differenceInHours } from "date-fns";
+
+import prisma from "@/models/db";
+import getAllRepoData from "@/utils/github";
+import checks from "@/utils/checks";
+
+export const dynamic = "force-dynamic";
+
+export async function GET(request, { params }) {
+  // protect for system calls only with valid token
+  if (request.nextUrl.searchParams.get("token") !== process.env.API_TOKEN) {
+    return Response.json({ error: "permission denied" }, { status: 401 });
+  }
+
+  // get all repositories
+  const repos = await prisma.repository.findMany({
+    include: {
+      checks: {
+        orderBy: {
+          createdAt: "desc",
+        },
+        take: 1,
+      },
+      user: {
+        include: {
+          accounts: true,
+        },
+      },
+    },
+  });
+
+  // filter out repositories that had checks in the last X hours
+  let repoStatus = { ignore: [], run: [] };
+  repos.forEach((repo) => {
+    if (
+      !repo.checks[0] ||
+      differenceInHours(new Date(), repo.checks[0].createdAt) >= 24 * 7 // TODO: move to Flagsmith
+    ) {
+      repoStatus.run.push({
+        id: repo.id,
+        url: repo.url,
+        token: repo.user.accounts[0].access_token,
+        lastChecked: repo.checks[0].createdAt,
+      });
+    } else {
+      repoStatus.ignore.push({
+        id: repo.id,
+        url: repo.url,
+        lastChecked: repo.checks[0].createdAt,
+      });
+    }
+  });
+
+  // perform checks on these repositories
+  // use the owners github token (repository->user->account.access_token)
+  let runs = [];
+  repoStatus.run.map(async (repo) => {
+    const responses = await getAllRepoData(repo.url, repo.token);
+
+    // save github api data
+    const githubResponseRepo = await prisma.githubResponse.create({
+      data: {
+        repository: {
+          connect: {
+            id: repo.id,
+          },
+        },
+        ...responses,
+      },
+    });
+
+    // perform check
+    const results = checks(githubResponseRepo);
+
+    // save results
+    await prisma.check.create({
+      data: {
+        repository: {
+          connect: { id: repo.id },
+        },
+        githubResponse: {
+          connect: { id: githubResponseRepo.id },
+        },
+        red: results.summary.error?.length || 0,
+        amber: results.summary.warning?.length || 0,
+        green: results.summary.success?.length || 0,
+        healthchecks: results.checks.map((check) => check.id),
+        data: results.checks,
+        allData: results.allChecks,
+        ignoreChecks: results.ignoreChecks,
+      },
+    });
+
+    runs.push({ url: repo.url });
+  });
+
+  console.log(runs);
+
+  return Response.json(runs);
+}