From 1b08d4d7133b21e2d2436130aa06696a165dba15 Mon Sep 17 00:00:00 2001 From: Benjamin Toby Date: Sun, 29 Oct 2023 12:40:23 +0100 Subject: [PATCH] updates --- .ssh/github | 7 +++ .ssh/github.pub | 1 + Dockerfile | 16 ++++--- nodecid.config.json | 11 +++++ pages/api/github-webhook.ts | 94 +++++++++++++++++++++++++++++++++++++ push.sh | 0 6 files changed, 123 insertions(+), 6 deletions(-) create mode 100644 .ssh/github create mode 100644 .ssh/github.pub create mode 100644 nodecid.config.json create mode 100644 pages/api/github-webhook.ts create mode 100644 push.sh diff --git a/.ssh/github b/.ssh/github new file mode 100644 index 0000000..6d9c5d8 --- /dev/null +++ b/.ssh/github @@ -0,0 +1,7 @@ +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW +QyNTUxOQAAACCfPbWLpq+h1K+Ii9t5etIj84xtc621wZ5DMIf5YqV8jAAAAJjlhAHS5YQB +0gAAAAtzc2gtZWQyNTUxOQAAACCfPbWLpq+h1K+Ii9t5etIj84xtc621wZ5DMIf5YqV8jA +AAAEA7hAHse9swtQJaMPN7H9Od6u4u0NSMvE9otx08bWQSOp89tYumr6HUr4iL23l60iPz +jG1zrbXBnkMwh/lipXyMAAAAFGJlbm90aS5zYW5AZ21haWwuY29tAQ== +-----END OPENSSH PRIVATE KEY----- diff --git a/.ssh/github.pub b/.ssh/github.pub new file mode 100644 index 0000000..5def0ed --- /dev/null +++ b/.ssh/github.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ89tYumr6HUr4iL23l60iPzjG1zrbXBnkMwh/lipXyM benoti.san@gmail.com diff --git a/Dockerfile b/Dockerfile index 7587be8..3fbce02 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,20 +1,24 @@ # Set Node.js version -FROM node:16 +FROM node:bookworm + +RUN mkdir /app # Set working directory -WORKDIR /usr/src/app +WORKDIR /app # Copy package.json and package-lock.json COPY package*.json ./ +RUN apt update +RUN apt install git openssh-client + # Install dependencies RUN npm install +RUN npm install -g nodecid +RUN npm update -g nodecid # Copy source code COPY . . -# Expose port 3000 -EXPOSE 3000 - # Run the app -CMD ["npm", "run", "build", "&&", "npm", "start"] \ No newline at end of file +CMD ["nodecid"] \ No newline at end of file diff --git a/nodecid.config.json b/nodecid.config.json new file mode 100644 index 0000000..754619d --- /dev/null +++ b/nodecid.config.json @@ -0,0 +1,11 @@ +{ + "preflight": [ + "eval $(ssh-agent)", + "ssh-add ./.ssh/github", + "git checkout .", + "git pull", + "npm install", + "npm run build" + ], + "start": "npm start" +} diff --git a/pages/api/github-webhook.ts b/pages/api/github-webhook.ts new file mode 100644 index 0000000..16f8803 --- /dev/null +++ b/pages/api/github-webhook.ts @@ -0,0 +1,94 @@ +// @ts-check + +import { NextApiRequest, NextApiResponse } from "next"; +import { NextRequest, NextResponse } from "next/server"; +import path from "path"; + +const http = require("http"); +const fs = require("fs"); +const { createHmac } = require("crypto"); + +const key = process.env.GITHUB_WEBHOOK_SECRET || ""; + +/** + * @param {import("next").NextApiRequest} req + * @returns {boolean} + */ +const verify_signature = (req: NextApiRequest) => { + console.log(req.headers); + const signature = createHmac("sha256", key) + .update(JSON.stringify(req.body)) + .digest("hex"); + console.log(signature); + return `sha256=${signature}` === req.headers["x-hub-signature-256"]; +}; + +/** ****************************************************************************** */ +/** ****************************************************************************** */ +/** ****************************************************************************** */ +/** ****************************************************************************** */ +/** ****************************************************************************** */ +/** ****************************************************************************** */ + +export default async function handler( + req: NextApiRequest, + res: NextApiResponse +) { + /** + * Check method + * + * @description Check request method and return if invalid + */ + if (req.method !== "POST") return res.json({ msg: "Failed!" }); + + if (!verify_signature(req)) { + console.log("Authorization failed"); + res.status(401).send("Unauthorized"); + return; + } + + /** ********************* Initialize data */ + const data = req.body; + + try { + /** ********************************************** */ + /** ********************************************** */ + /** ********************************************** */ + console.log("Request Recieved"); + + const ref = data.ref; + + if (!ref?.match(/main/)) { + console.log("Not Main Branch"); + res.json({ + success: true, + }); + return; + } + + fs.writeFileSync( + path.resolve(process.cwd(), "REDEPLOY"), + String(Date.now()), + "utf-8" + ); + + console.log("Deploy Flag Triggered. Now Redeploying ..."); + + /** ********************************************** */ + /** ********************************************** */ + /** ********************************************** */ + + res.json({ + success: true, + }); + + /** ********************************************** */ + /** ********************************************** */ + /** ********************************************** */ + } catch (error) { + console.log(error); + res.json({ + msg: "Not Handled Yet", + }); + } +} diff --git a/push.sh b/push.sh new file mode 100644 index 0000000..e69de29