Merge branch 'dev' into master

Author: StanleyMasinde

.env.example

@@ -1,3 +1,4 @@
+NODE_ENV=dev
 PORT=3232
 SECRET_TOKEN=
 SLACK_WEBHOOK_URL=
@@ -13,3 +14,9 @@ NOTIFICATION_FROM=
 ALLOW_NOTIFICATIONS=true
 SUCCESS_NOTIFICATIONS=false
 ERROR_NOTIFICATIONS=false
+
+DATABASE_HOST=
+DATABASE_USER=
+DATABASE_PASSWORD=
+DATABASE_NAME=
+DATABASE_CLIENT=

.eslintrc.json

@@ -0,0 +1,34 @@
+{
+    "parser": "babel-eslint",
+    "env": {
+        "commonjs": true,
+        "es2020": true,
+        "node": true
+    },
+    "extends": "eslint:recommended",
+    "parserOptions": {
+        "ecmaVersion": 11
+    },
+    "rules": {
+        "complexity":["warn", 4],
+        "arrow-parens": 2,
+        "no-mixed-spaces-and-tabs": 0,
+        "no-console": 2,
+        "indent": [
+            "error",
+            4
+        ],
+        "linebreak-style": [
+            "error",
+            "unix"
+        ],
+        "quotes": [
+            "error",
+            "single"
+        ],
+        "semi": [
+            "error",
+            "never"
+        ]
+    }
+}

.gitattributes

@@ -3,3 +3,7 @@ _config.yml export-ignore
 .gitignore export-ignore
 CODE_OF_CONDUCT.md export-ignore
 SECURITY.md export-ignore
+test export-ignore
+test.sh export-ignore
+precommit.sh export-ignore
+docs export-ignore

.github/workflows/node.js.yml

@@ -16,7 +16,7 @@ jobs:
 
     strategy:
       matrix:
-        node-version: [10.x, 12.x, 14.x]
+        node-version: [12.x, 14.x]
 
     steps:
     - uses: actions/checkout@v2
@@ -26,4 +26,8 @@ jobs:
         node-version: ${{ matrix.node-version }}
     - run: npm ci
     - run: npm run build --if-present
+    - run: cp deployment.config.json.example deployment.config.json
+    - run: cp .env.example .env
+    - run: npm run migrate:dev
+    - run: npm run seed:dev
     - run: npm test --if-present

.gitignore

@@ -61,4 +61,8 @@ typings/
 .next
 
 # Deployment config
-deployment.config.json
+deployment.config.json
+
+# SQLITE
+*.sqlite
+*.sqlite3

README.md

@@ -6,108 +6,41 @@
 > Deploy you apps in seconds using the webhook feature
 
 ## Setup
-1. clone this repo and open a terminal in the repo
-2. Install dependencies `npm i` or `yarn`
-3. Create the deployments config `cp deployment.config.json.example deployment.config.json`
-4. Add your config and Start the server
-
-## Configuration
-Your Deployment configurations live in the `deployment.config.json` file.
-### Sample Config
-```json
-[
-    {
-        "name": "Awesome-App",
-        "command": "cd path && git pull"
-    }
-]
-```
-It is basically an array.
-If your repository is private, you may want to use [deploy keys](https://developer.github.com/v3/guides/managing-deploy-keys/) or cache your git credentials with the git credentials helper.
-```bash
-$ git config --global credential.helper 'cache --timeout=600'
-```
-The command above would cache your credentials for 600 seconds. You might want to set-up a cron job to be doing this atleast once a day.
-```bash
-$ sudo crontab -e
-$ 29 0 * * *  git config --global credential.helper 'cache --timeout=31556952'
-```
-The cron job above runs everyday at 12:30 AM in your server's local time.
-#### Params
-1. name: This is the name of your repo as it is on github. eg `opensource254/deployer` would be deployer.
-2. Command: The bash command you want to run. This is basically a deploy command. Eg. For an Expressjs application using `pm2` this would be `cd <full path> && git pull && npm i && npm restart [process-id]`. Or you could insert the path of the script to be excecuted. 
-`bash path-to-script/script.sh` or `bash ./path-to-script/script.sh`.
-*If you want to change the port that this app runs, create a `.env` file and add `PORT=<prefered_port>`*
-
-At this point, Your endpoint is ready for webhooks. It would be a great idea to run this behind a reverse proxy and give it a domain or a subdomain like. `mydomain.com` Then on the Github webhook settings,
-1. webhook url `https://mydomain.com/<provider>`
-2. Content Type `application/json`
-The provider can be any of these 
-* github
-* gitlab
-* bitbucket
-
-## Security
-* Currently only the Github security is supported. 
-* All the repos/webhooks SHOULD use on key provided in the .env
-```env
-SECRET=<your-secret>
-```
-Add this secret to your webhook secret too.
-* If a security check fails, the endpoint will respond with error 403
-
-## Notifications
-Two notifications channels are currently supported.
-* Email (The current supported protocal is SMTP)
-* Slack
-Turning notifications on
-```env
-ALLOW_NOTIFICATIONS=true
-// Notify on successful deployment
-SUCCESS_NOTIFICATIONS=false
-// Notify on failures/warnings
-ERROR_NOTIFICATIONS=false
-```
-
-### Email Configuration
-Add the config details in the .env file.
-example
-```env
-SMTP_HOST=smtp.mailtrap.io
-SMTP_PORT=2525
-SMTP_USERNAME=
-SMTP_PASSWORD=
-
-// The email to send notifications to
-NOTIFICATION_EMAIL=
-// The from address that will be shown in the email
-NOTIFICATION_FROM=
-```
-### Slack Configuration
-Slack config is as simple as adding the webhook config.
-Create a Slack app and add the webhook url for the app to `.env` like below
-```env
-SLACK_WEBHOOK_URL=
-```
-
-## Debugging
-Configuration erros are logged in the error.log file. This file is not version controlled.
-```log
-Sat, 13 Jun 2020 10:00:10 GMT Config: your-awesome-config, Error: /bin/sh: 1: c: not found
-Sat, 13 Jun 2020 10:00:18 GMT Config: your-awesome-config, Error: /bin/sh: 1: c: not found
-Sat, 13 Jun 2020 10:01:58 GMT Config: your-awesome-config, Error: /bin/sh: 1: ks: not found
-```
-
-## TODO
-- [x] Basic functionality
-- [x] Refactor
-- [x] Webhook Security
-- [x] Notifications
-- [ ] Web interface
-
-## Contributing
-Please visit our [guidelines](https://opensource254.github.io/guidelines)
-
-## Disclaimer 
-This project has not been properly tested use it at your own risk.
-
+1. Clone this repo and open a terminal in the repo 
+2. Install dependencies `npm i` or `npm insall`. Or you can use yarn if you wish
+3. Copy `.env.example` to `.env` and edit the necessary entries
+4. Start your server.
+
+*All the deployment config is stored in your database so you need to login in using your client*
+If you don't have your own client you can use [this](https://github.com/opensource254/deployer-client).
+### Using the client
+_Docs coming soon_
+
+<!-- // TODO update the new docs  -->
+
+## Endpoints
+API endpoints
+### Authentication
+|  Path            |     Method      |   Description                     |  Parameters            |
+|:-----------------|:----------------|:----------------------------------|:-----------------------|
+|  `/api`          |       GET       |The API root                       |  None                  |
+|  `/api/regsiter` |       POST      |Create a new account               | `name,email, password` |
+|  `/api/login`    |       POST      |Authenticate a user                | `email,password`       |
+|  `/api/logout`   |       POST      |End the session of the current user|  none                  |
+|  `/api/user`     |       GET       |Get the current authenticated user |  none                  |
+
+### Config routes
+|   Path             |    Method   |   Description                     |  Parameters                |
+|:-------------------|:------------|:----------------------------------|:---------------------------|
+| `/api/config`      |    GET      | Get all the configs               | none                       |
+| `/api/config/{id}` |    GET      | Get a config by database ID       | none                       |
+| `/api/config`      |    POST     | Create a config                   | `name,description,command` |
+| `/api/config/{id}` |    DELETE   | Delete a config from the database | none                       |
+| `/api/config/{id}` |    PUT/PATH | Update a config in the database   | `name,description,command` |
+
+### Webhooks
+| Path         | Method | Description                  |
+|:-------------|:-------|:-----------------------------|
+| `/github`    | POST   | Github's webhook listener    |
+| `/bitbucket` | POST   | Bitbucket's webhook listener |
+| `/gitlab`    | POST   | Gitlab's webhook listener    |

SECURITY.md

@@ -3,7 +3,8 @@
 ## Supported Versions
 | Version | Supported          |
 | ------- | ------------------ |
-| 1.x.x   | :white_check_mark: |
+| 1.3.x   | :white_check_mark: |
+| 2.x.x   | :white_check_mark: |
 
 
 ## Reporting a Vulnerability

app.js

@@ -1,26 +1,24 @@
 require('dotenv').config()
 const express = require('express')
-const cookieParser = require('cookie-parser')
 const logger = require('morgan')
 
 const githubRouter = require('./routes/github')
 const bitbucketRouter = require('./routes/bitbucket')
 const gitlabRouter = require('./routes/gitlab')
-// const verifyHostName = require('./middleware/verifyHostName')
+const web = require('./web/web')
 
-const app = express();
+const app = express()
 
 app.use(logger('dev'))
 app.use(express.json())
 app.use(express.urlencoded({ extended: false }))
-app.use(cookieParser())
-// TODO This middleware does not work correctly app.use(verifyHostName())
 
 app.use('/github', githubRouter)
 app.use('/bitbucket', bitbucketRouter)
 app.use('/gitlab', gitlabRouter)
+app.use('/api', web)
 app.all('*', (req, res) => {
-    res.status(404).json({ error: `Sorry you cannot ${req.method} ${req.path}.` })
+    res.status(404).json({ type: 'Error', message: `Sorry ${req.method} ${req.path} is not available` })
 })
 
-module.exports = app;
+module.exports = app

config/mail.js

@@ -1,5 +1,5 @@
 const mail = {
-    /**The email host */
+    /** The email host */
     SMTP_HOST: process.env.SMTP_HOST || 'smtp.mailtrap.io',
     SMTP_PORT: process.env.SMTP_PORT || 25,
     SMTP_USERNAME: process.env.SMTP_USERNAME || '',

config/notifications.js

@@ -1,26 +1,24 @@
 /**
  * -------------------------------------------------------------------
- * This is where th notification config lives. 
+ * This is where th notification config lives.
  * All these values can be overwritten by the environment variables
  * -------------------------------------------------------------------
  */
 const notificationConfig = {
-    /**This is used to determine if notifications are enabled */
+    /** This is used to determine if notifications are enabled */
     allowNotifications: process.env.ALLOW_NOTIFICATIONS || false,
 
-
-    /** 
-     * Your Slack webhook URL. If empty Slack notifications will be off 
+    /**
+     * Your Slack webhook URL. If empty Slack notifications will be off
      * This is the URL you received when creating a Slack APP
      * Slack is ignored if this is null or false
-     * 
+     *
     */
     slackWebhookURL: process.env.SLACK_WEBHOOK_URL,
 
-
-    /** 
-     * Notification Email 
-     * An email will be send to this email(s) according to 
+    /**
+     * Notification Email
+     * An email will be send to this email(s) according to
      * Your config
      * */
     notificationEmail: process.env.NOTIFICATION_EMAIL,
@@ -31,15 +29,14 @@ const notificationConfig = {
      */
     notificationFrom: process.env.NOTIFICATION_FROM,
 
-
     /**
-     * Get notifications on errors that occour 
+     * Get notifications on errors that occour
      * during deployment
      */
     notifyOnErrors: process.env.ERROR_NOTIFICATIONS || true,
 
     /**
-     * 
+     *
      * This is used to set notification on successful deployments
      */
     notifyOnSucess: process.env.SUCCESS_NOTIFICATIONS || true