diff --git a/.github/workflows/sourcemaps-reader.yaml b/.github/workflows/sourcemaps-reader.yaml index 5b7c11d01..fb3face2f 100644 --- a/.github/workflows/sourcemaps-reader.yaml +++ b/.github/workflows/sourcemaps-reader.yaml @@ -1,6 +1,11 @@ # This action will push the sourcemapreader changes to aws on: workflow_dispatch: + inputs: + skip_security_checks: + description: 'Skip Security checks if there is a unfixable vuln or error. Value: true/false' + required: false + default: 'false' push: branches: - dev @@ -48,8 +53,26 @@ jobs: IMAGE_TAG: ${{ github.ref_name }}_${{ github.sha }} ENVIRONMENT: staging run: | + skip_security_checks=${{ github.event.inputs.skip_security_checks }} cd sourcemap-reader - PUSH_IMAGE=1 bash build.sh + PUSH_IMAGE=0 bash -x ./build.sh + [[ "x$skip_security_checks" == "xtrue" ]] || { + curl -L https://github.com/aquasecurity/trivy/releases/download/v0.34.0/trivy_0.34.0_Linux-64bit.tar.gz | tar -xzf - -C ./ + images=("sourcemaps-reader") + for image in ${images[*]};do + ./trivy image --exit-code 1 --security-checks vuln --vuln-type os,library --severity "HIGH,CRITICAL" --ignore-unfixed $DOCKER_REPO/$image:$IMAGE_TAG + done + err_code=$? + [[ $err_code -ne 0 ]] && { + exit $err_code + } + } && { + echo "Skipping Security Checks" + } + images=("sourcemaps-reader") + for image in ${images[*]};do + docker push $DOCKER_REPO/$image:$IMAGE_TAG + done - name: Creating old image input run: | # @@ -96,6 +119,17 @@ jobs: IMAGE_TAG: ${{ github.ref_name }}_${{ github.sha }} ENVIRONMENT: staging + - name: Alert slack + if: ${{ failure() }} + uses: rtCamp/action-slack-notify@v2 + env: + SLACK_CHANNEL: foss + SLACK_TITLE: "Failed ${{ github.workflow }}" + SLACK_COLOR: ${{ job.status }} # or a specific color like 'good' or '#ff00ff' + SLACK_WEBHOOK: ${{ secrets.SLACK_WEB_HOOK }} + SLACK_USERNAME: "OR Bot" + SLACK_MESSAGE: 'Build failed :bomb:' + # - name: Debug Job # if: ${{ failure() }} # uses: mxschmitt/action-tmate@v3 @@ -103,4 +137,4 @@ jobs: # DOCKER_REPO: ${{ secrets.OSS_REGISTRY_URL }} # IMAGE_TAG: ${{ github.sha }} # ENVIRONMENT: staging - # + diff --git a/assist/servers/websocket.js b/assist/servers/websocket.js index 0fdda85f2..4c4a657bb 100644 --- a/assist/servers/websocket.js +++ b/assist/servers/websocket.js @@ -45,22 +45,7 @@ const respond = function (res, data) { res.setHeader('Content-Type', 'application/json'); res.end(JSON.stringify({"data": data})); } -const countSessions = async function () { - let count = 0; - try { - const arr = Array.from(io.sockets.adapter.rooms); - const filtered = arr.filter(room => !room[1].has(room[0])); - for (let i of filtered) { - let {projectKey, sessionId} = extractPeerId(i[0]); - if (projectKey !== null && sessionId !== null) { - count++; - } - } - } catch (e) { - console.error(e); - } - return count; -} + const socketsList = async function (req, res) { debug && console.log("[WS]looking for all available sessions"); let filters = extractPayloadFromRequest(req); @@ -375,7 +360,6 @@ module.exports = { socketConnexionTimeout(io); }, - countSessions, handlers: { socketsList, socketsListByProject, diff --git a/assist/utils/health.js b/assist/utils/health.js index d71864e71..0b89dd1d8 100644 --- a/assist/utils/health.js +++ b/assist/utils/health.js @@ -1,5 +1,4 @@ const express = require('express'); -const socket = require("../servers/websocket"); const HOST = process.env.LISTEN_HOST || '0.0.0.0'; const PORT = process.env.HEALTH_PORT || 8888; @@ -17,8 +16,7 @@ const check_health = async function (req, res) { respond(res, { "health": true, "details": { - "version": process.env.npm_package_version, - "connectedSessions": await socket.countSessions() + "version": process.env.npm_package_version } }); } diff --git a/ee/assist/.gitignore b/ee/assist/.gitignore index cd68b1ffb..98f9f8386 100644 --- a/ee/assist/.gitignore +++ b/ee/assist/.gitignore @@ -11,6 +11,7 @@ servers/peerjs-server.js servers/sourcemaps-handler.js servers/sourcemaps-server.js /utils/geoIP.js +/utils/health.js /utils/HeapSnapshot.js /utils/helper.js /utils/assistHelper.js diff --git a/ee/assist/clean-dev.sh b/ee/assist/clean-dev.sh index ec1aaeae4..eff1f6308 100755 --- a/ee/assist/clean-dev.sh +++ b/ee/assist/clean-dev.sh @@ -1,4 +1,5 @@ rm -rf ./utils/geoIP.js +rm -rf ./utils/health.js rm -rf ./utils/HeapSnapshot.js rm -rf ./utils/helper.js rm -rf ./utils/assistHelper.js diff --git a/ee/assist/servers/websocket-cluster.js b/ee/assist/servers/websocket-cluster.js index 4618a6184..a1f389685 100644 --- a/ee/assist/servers/websocket-cluster.js +++ b/ee/assist/servers/websocket-cluster.js @@ -83,22 +83,6 @@ const respond = function (res, data) { } } -const countSessions = async function () { - let count = 0; - try { - let rooms = await io.of('/').adapter.allRooms(); - for (let i of rooms) { - let {projectKey, sessionId} = extractPeerId(i); - if (projectKey !== undefined && sessionId !== undefined) { - count++; - } - } - } catch (e) { - console.error(e); - } - return count; -} - const socketsList = async function (req, res) { debug && console.log("[WS]looking for all available sessions"); let filters = await extractPayloadFromRequest(req, res); @@ -433,7 +417,6 @@ module.exports = { process.exit(2); }); }, - countSessions, handlers: { socketsList, socketsListByProject, diff --git a/ee/assist/servers/websocket.js b/ee/assist/servers/websocket.js index 7fb1c9684..330361df3 100644 --- a/ee/assist/servers/websocket.js +++ b/ee/assist/servers/websocket.js @@ -66,23 +66,6 @@ const respond = function (res, data) { } } -const countSessions = async function () { - let count = 0; - try { - const arr = Array.from(io.sockets.adapter.rooms); - const filtered = arr.filter(room => !room[1].has(room[0])); - for (let i of filtered) { - let {projectKey, sessionId} = extractPeerId(i[0]); - if (projectKey !== null && sessionId !== null) { - count++; - } - } - } catch (e) { - console.error(e); - } - return count; -} - const socketsList = async function (req, res) { debug && console.log("[WS]looking for all available sessions"); let filters = await extractPayloadFromRequest(req, res); @@ -396,7 +379,6 @@ module.exports = { socketConnexionTimeout(io); }, - countSessions, handlers: { socketsList, socketsListByProject, diff --git a/ee/assist/utils/health.js b/ee/assist/utils/health.js deleted file mode 100644 index bcb64f61c..000000000 --- a/ee/assist/utils/health.js +++ /dev/null @@ -1,61 +0,0 @@ -const express = require('express'); -let socket; -if (process.env.redis === "true") { - socket = require("../servers/websocket-cluster"); -} else { - socket = require("../servers/websocket"); -} -const HOST = process.env.LISTEN_HOST || '0.0.0.0'; -const PORT = process.env.HEALTH_PORT || 8888; - - -const {request_logger} = require("./helper"); -const debug = process.env.debug === "1"; -const respond = function (res, data) { - res.statusCode = 200; - res.setHeader('Content-Type', 'application/json'); - res.end(JSON.stringify({"data": data})); -} - -const check_health = async function (req, res) { - debug && console.log("[WS]looking for all available sessions"); - respond(res, { - "health": true, - "details": { - "version": process.env.npm_package_version, - "connectedSessions": await socket.countSessions(), - "uWebSocket": process.env.uws === "true", - "redis": process.env.redis === "true" - } - }); -} - - -const healthApp = express(); -healthApp.use(express.json()); -healthApp.use(express.urlencoded({extended: true})); -healthApp.use(request_logger("[healthApp]")); -healthApp.get(['/'], (req, res) => { - res.statusCode = 200; - res.end("healthApp ok!"); - } -); -healthApp.get('/health', check_health); -healthApp.get('/shutdown', (req, res) => { - console.log("Requested shutdown"); - res.statusCode = 200; - res.end("ok!"); - process.kill(1, "SIGTERM"); - } -); - -const listen_cb = async function () { - console.log(`Health App listening on http://${HOST}:${PORT}`); - console.log('Press Ctrl+C to quit.'); -} - -module.exports = { - healthApp, - PORT, - listen_cb -}; diff --git a/peers/build.sh b/peers/build.sh index 232d145e1..d3686b2ff 100644 --- a/peers/build.sh +++ b/peers/build.sh @@ -42,7 +42,6 @@ function build_api(){ cp -R ../peers ../${destination} cd ../${destination} cp -R ../assist/utils . - cp ../sourcemap-reader/utils/health.js ./utils/. # Copy enterprise code [[ $1 == "ee" ]] && { cp -rf ../ee/peers/* ./ diff --git a/peers/prepare-dev.sh b/peers/prepare-dev.sh index d4825a3d0..78a315946 100755 --- a/peers/prepare-dev.sh +++ b/peers/prepare-dev.sh @@ -1,3 +1,2 @@ #!/bin/bash -rsync -avr --exclude=".*" --ignore-existing ../assist/utils ./ -cp ../sourcemap-reader/utils/health.js ./utils/. \ No newline at end of file +rsync -avr --exclude=".*" --ignore-existing ../assist/utils ./ \ No newline at end of file diff --git a/sourcemap-reader/.gitignore b/sourcemap-reader/.gitignore index f2686decf..f2604ef2a 100644 --- a/sourcemap-reader/.gitignore +++ b/sourcemap-reader/.gitignore @@ -3,8 +3,5 @@ node_modules npm-debug.log .cache test.html -/utils/assistHelper.js -/utils/geoIP.js -/utils/HeapSnapshot.js -/utils/helper.js +utils mappings.wasm diff --git a/sourcemap-reader/clean-dev.sh b/sourcemap-reader/clean-dev.sh index ebc1c36c6..a0cb5c9ed 100755 --- a/sourcemap-reader/clean-dev.sh +++ b/sourcemap-reader/clean-dev.sh @@ -1,6 +1,3 @@ #!/bin/bash -rm -rf ./utils/assistHelper.js -rm -rf ./utils/geoIP.js -rm -rf ./utils/HeapSnapshot.js -rm -rf ./utils/helper.js \ No newline at end of file +rm -rf ./utils \ No newline at end of file diff --git a/sourcemap-reader/utils/health.js b/sourcemap-reader/utils/health.js deleted file mode 100644 index 0b89dd1d8..000000000 --- a/sourcemap-reader/utils/health.js +++ /dev/null @@ -1,52 +0,0 @@ -const express = require('express'); -const HOST = process.env.LISTEN_HOST || '0.0.0.0'; -const PORT = process.env.HEALTH_PORT || 8888; - - -const {request_logger} = require("./helper"); -const debug = process.env.debug === "1"; -const respond = function (res, data) { - res.statusCode = 200; - res.setHeader('Content-Type', 'application/json'); - res.end(JSON.stringify({"data": data})); -} - -const check_health = async function (req, res) { - debug && console.log("[WS]looking for all available sessions"); - respond(res, { - "health": true, - "details": { - "version": process.env.npm_package_version - } - }); -} - - -const healthApp = express(); -healthApp.use(express.json()); -healthApp.use(express.urlencoded({extended: true})); -healthApp.use(request_logger("[healthApp]")); -healthApp.get(['/'], (req, res) => { - res.statusCode = 200; - res.end("healthApp ok!"); - } -); -healthApp.get('/health', check_health); -healthApp.get('/shutdown', (req, res) => { - console.log("Requested shutdown"); - res.statusCode = 200; - res.end("ok!"); - process.kill(1, "SIGTERM"); - } -); - -const listen_cb = async function () { - console.log(`Health App listening on http://${HOST}:${PORT}`); - console.log('Press Ctrl+C to quit.'); -} - -module.exports = { - healthApp, - PORT, - listen_cb -};