This commit is contained in:
Benjamin Toby 2023-10-29 12:40:23 +01:00
parent 36e7dc110a
commit 1b08d4d713
6 changed files with 123 additions and 6 deletions

7
.ssh/github Normal file
View File

@ -0,0 +1,7 @@
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
QyNTUxOQAAACCfPbWLpq+h1K+Ii9t5etIj84xtc621wZ5DMIf5YqV8jAAAAJjlhAHS5YQB
0gAAAAtzc2gtZWQyNTUxOQAAACCfPbWLpq+h1K+Ii9t5etIj84xtc621wZ5DMIf5YqV8jA
AAAEA7hAHse9swtQJaMPN7H9Od6u4u0NSMvE9otx08bWQSOp89tYumr6HUr4iL23l60iPz
jG1zrbXBnkMwh/lipXyMAAAAFGJlbm90aS5zYW5AZ21haWwuY29tAQ==
-----END OPENSSH PRIVATE KEY-----

1
.ssh/github.pub Normal file
View File

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ89tYumr6HUr4iL23l60iPzjG1zrbXBnkMwh/lipXyM benoti.san@gmail.com

View File

@ -1,20 +1,24 @@
# Set Node.js version # Set Node.js version
FROM node:16 FROM node:bookworm
RUN mkdir /app
# Set working directory # Set working directory
WORKDIR /usr/src/app WORKDIR /app
# Copy package.json and package-lock.json # Copy package.json and package-lock.json
COPY package*.json ./ COPY package*.json ./
RUN apt update
RUN apt install git openssh-client
# Install dependencies # Install dependencies
RUN npm install RUN npm install
RUN npm install -g nodecid
RUN npm update -g nodecid
# Copy source code # Copy source code
COPY . . COPY . .
# Expose port 3000
EXPOSE 3000
# Run the app # Run the app
CMD ["npm", "run", "build", "&&", "npm", "start"] CMD ["nodecid"]

11
nodecid.config.json Normal file
View File

@ -0,0 +1,11 @@
{
"preflight": [
"eval $(ssh-agent)",
"ssh-add ./.ssh/github",
"git checkout .",
"git pull",
"npm install",
"npm run build"
],
"start": "npm start"
}

View File

@ -0,0 +1,94 @@
// @ts-check
import { NextApiRequest, NextApiResponse } from "next";
import { NextRequest, NextResponse } from "next/server";
import path from "path";
const http = require("http");
const fs = require("fs");
const { createHmac } = require("crypto");
const key = process.env.GITHUB_WEBHOOK_SECRET || "";
/**
* @param {import("next").NextApiRequest} req
* @returns {boolean}
*/
const verify_signature = (req: NextApiRequest) => {
console.log(req.headers);
const signature = createHmac("sha256", key)
.update(JSON.stringify(req.body))
.digest("hex");
console.log(signature);
return `sha256=${signature}` === req.headers["x-hub-signature-256"];
};
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
/** ****************************************************************************** */
export default async function handler(
req: NextApiRequest,
res: NextApiResponse
) {
/**
* Check method
*
* @description Check request method and return if invalid
*/
if (req.method !== "POST") return res.json({ msg: "Failed!" });
if (!verify_signature(req)) {
console.log("Authorization failed");
res.status(401).send("Unauthorized");
return;
}
/** ********************* Initialize data */
const data = req.body;
try {
/** ********************************************** */
/** ********************************************** */
/** ********************************************** */
console.log("Request Recieved");
const ref = data.ref;
if (!ref?.match(/main/)) {
console.log("Not Main Branch");
res.json({
success: true,
});
return;
}
fs.writeFileSync(
path.resolve(process.cwd(), "REDEPLOY"),
String(Date.now()),
"utf-8"
);
console.log("Deploy Flag Triggered. Now Redeploying ...");
/** ********************************************** */
/** ********************************************** */
/** ********************************************** */
res.json({
success: true,
});
/** ********************************************** */
/** ********************************************** */
/** ********************************************** */
} catch (error) {
console.log(error);
res.json({
msg: "Not Handled Yet",
});
}
}

0
push.sh Normal file
View File