Theaninova/openstapps
1
0
Fork 0
mirror of https://gitlab.com/openstapps/openstapps.git synced 2026-01-19 08:02:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

refactor: apply @openstapps/eslint-config rules

Browse Source
This commit is contained in:
Rainer Killinger
2022-05-09 11:14:36 +02:00
parent 1fcf7340d4
commit ac144095bf
8 changed files with 1264 additions and 231 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.eslintrc.json Normal file
View File

@@ -0,0 +1,3 @@
{
"extends": "@openstapps"
}

3
.gitignore vendored
View File

@@ -92,4 +92,5 @@ docs/
# Certificates
*.crt
*.key
*.key
test/certs

1297
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

14
package.json
View File

@@ -17,33 +17,41 @@
},
"devDependencies": {
"@openstapps/configuration": "0.29.0",
"@openstapps/eslint-config": "1.0.0",
"@testdeck/mocha": "0.2.0",
"@types/chai": "4.3.1",
"@types/chai-spies": "1.0.3",
"@types/mustache": "4.1.2",
"@typescript-eslint/eslint-plugin": "5.22.0",
"@typescript-eslint/parser": "5.22.0",
"chai": "4.3.6",
"chai-spies": "1.0.0",
"conventional-changelog-cli": "2.2.2",
"eslint": "8.15.0",
"eslint-config-prettier": "8.5.0",
"eslint-plugin-jsdoc": "39.2.9",
"eslint-plugin-prettier": "4.0.0",
"eslint-plugin-unicorn": "42.0.0",
"mocha": "9.2.2",
"nyc": "15.1.0",
"prepend-file-cli": "1.0.6",
"prettier": "2.6.2",
"rimraf": "3.0.2",
"ts-node": "10.7.0",
"tslint": "6.1.3",
"typedoc": "0.22.15",
"typescript": "4.4.4"
},
"scripts": {
"build": "npm run tslint && npm run compile",
"build": "npm run lint && npm run compile",
"changelog": "conventional-changelog -p angular -i CHANGELOG.md -s -r 0 && git add CHANGELOG.md && git commit -m 'docs: update changelog'",
"check-configuration": "openstapps-configuration",
"compile": "rimraf lib && tsc && prepend lib/cli.js '#!/usr/bin/env node\n'",
"documentation": "typedoc --includeVersion --out docs --readme README.md --entryPointStrategy expand src",
"lint": "eslint --ext .ts src/",
"postversion": "npm run changelog",
"prepublishOnly": "npm ci && npm run build",
"preversion": "npm run prepublishOnly",
"push": "git push && git push origin \"v$npm_package_version\"",
"tslint": "tslint -p tsconfig.json -c tslint.json 'src/**/*.ts'",
"test": "nyc mocha --require ts-node/register 'test/**/*.spec.ts'"
},
"repository": {

16
src/cli.ts
View File

@@ -20,8 +20,10 @@ import {render} from 'mustache';
import {asyncReadFile, asyncWriteFile} from './common';
import {getContainers, getTemplateView} from './main';
/* eslint-disable unicorn/prefer-module */
// handle unhandled promise rejections
process.on('unhandledRejection', async (error) => {
process.on('unhandledRejection', async error => {
await Logger.error(error);
process.exit(1);
});
@@ -42,6 +44,7 @@ async function updateNginxConfig() {
.join(',');
delete require.cache[require.resolve('config')];
// eslint-disable-next-line @typescript-eslint/no-var-requires
const configFile = require('config');
const configHash = JSON.stringify(configFile);
@@ -50,7 +53,10 @@ async function updateNginxConfig() {
Logger.log('Generating new NGINX configuration');
// render nginx config file
const nginxConfig = render(await asyncReadFile('nginx.conf.template', 'utf8'), await getTemplateView(containers));
const nginxConfig = render(
await asyncReadFile('nginx.conf.template', 'utf8'),
await getTemplateView(containers),
);
containerHashCache = containerHash;
configHashCache = configHash;
@@ -65,9 +71,9 @@ async function updateNginxConfig() {
execSync('nginx -s reload');
}
// tslint:disable-next-line:no-magic-numbers - set timeout to update configuration again in 30s
setTimeout(updateNginxConfig, 30000);
// set timeout to update configuration again in 30s
setTimeout(updateNginxConfig, 30_000);
}
// tslint:disable-next-line:no-floating-promises - start the process that checks the docker socket periodically
// start the process that checks the docker socket periodically
updateNginxConfig();

107
src/main.ts
View File

@@ -17,7 +17,7 @@ import {Logger} from '@openstapps/logger';
import Dockerode from 'dockerode';
import isCidr from 'is-cidr';
import {render} from 'mustache';
import {join} from 'path';
import path from 'path';
import * as semver from 'semver';
import {
asyncReadFile,
@@ -29,6 +29,9 @@ import {
TemplateView,
} from './common';
/* eslint-disable unicorn/prefer-module */
/* eslint-disable unicorn/no-await-expression-member */
/**
* Checks if a ContainerInfo matches a name and version regex
*
@@ -36,11 +39,17 @@ import {
* @param versionRegex Version regex to check
* @param container Container info for check
*/
export function containerMatchesRegex(name: string, versionRegex: RegExp, container: Dockerode.ContainerInfo): boolean {
return typeof container.Labels['stapps.version'] === 'string'
&& container.Labels['stapps.version'].match(versionRegex) !== null
&& typeof container.Labels['com.docker.compose.service'] === 'string'
&& container.Labels['com.docker.compose.service'] === name;
export function containerMatchesRegex(
name: string,
versionRegex: RegExp,
container: Dockerode.ContainerInfo,
): boolean {
return (
typeof container.Labels['stapps.version'] === 'string' &&
container.Labels['stapps.version'].match(versionRegex) !== null &&
typeof container.Labels['com.docker.compose.service'] === 'string' &&
container.Labels['com.docker.compose.service'] === name
);
}
/**
@@ -83,37 +92,46 @@ export async function generateUpstreamMap(
let foundMatchingContainer = false;
// active versions
result += (await Promise.all(
activeVersions
.map(async (activeVersionRegex) => {
result += (
await Promise.all(
activeVersions.map(async activeVersionRegex => {
const upstreamName = activeVersionRegex.replace(/[\\|.+]/g, '_');
let activeBackends = containers.filter((container) => {
let activeBackends = containers.filter(container => {
return containerMatchesRegex('backend', new RegExp(activeVersionRegex), container);
});
// .Labels['stapps.version'] is available
if (activeBackends.length > 0) {
activeBackends = activeBackends.sort((a, b) => semver.rcompare(a.Labels['stapps.version'],b.Labels['stapps.version']));
const activeBackendsVersions = activeBackends.map((container) => container.Labels['stapps.version'])
// tslint:disable-next-line: strict-boolean-expressions
.reduce((map, e) => map.set(e, (map.get(e) || 0) + 1), new Map<string, number>());
activeBackends = activeBackends.sort((a, b) =>
semver.rcompare(a.Labels['stapps.version'], b.Labels['stapps.version']),
);
const activeBackendsVersions = activeBackends
.map(container => container.Labels['stapps.version'])
// eslint-disable-next-line unicorn/no-array-reduce
.reduce(
(map, element) => map.set(element, (map.get(element) || 0) + 1),
new Map<string, number>(),
);
for (const [version, occurrences] of activeBackendsVersions) {
if (occurrences > 1) {
await Logger.error(`Omitting running version ${version} ! Multiple backends with this exact version are running`);
activeBackends = activeBackends.filter((container) => container.Labels['stapps.version'] !== version);
await Logger.error(
`Omitting running version ${version} ! Multiple backends with this exact version are running.`,
);
activeBackends = activeBackends.filter(
container => container.Labels['stapps.version'] !== version,
);
}
}
if (activeBackends.length !== 0) {
if (activeBackends.length > 0) {
// not only duplicates
foundMatchingContainer = true;
const gateWayOfContainer = await getGatewayOfStAppsBackend(activeBackends[0]);
const gatewayOfContainer = await getGatewayOfStAppsBackend(activeBackends[0]);
if (gateWayOfContainer.length !== 0) {
upstreams += `\nupstream ${upstreamName} {\n server ${gateWayOfContainer};\n}`;
if (gatewayOfContainer.length > 0) {
upstreams += `\nupstream ${upstreamName} {\n server ${gatewayOfContainer};\n}`;
return ` \"~${activeVersionRegex}\" ${upstreamName};\n`;
}
@@ -123,15 +141,17 @@ export async function generateUpstreamMap(
return ` \"~${activeVersionRegex}\" unavailable;\n`;
}),
)).join('');
)
).join('');
// outdated versions
result += outdatedVersions
.map((outdatedVersionRegex) => {
.map(outdatedVersionRegex => {
return ` \"~${outdatedVersionRegex}\" outdated;`;
})
.join('');
// eslint-disable-next-line prettier/prettier
result += '\n\}';
if (!foundMatchingContainer) {
@@ -149,11 +169,16 @@ export async function generateUpstreamMap(
export function generateListener(sslFilePaths: SSLFilePaths) {
let listener = '';
if (typeof sslFilePaths !== 'undefined' &&
typeof sslFilePaths.certificate !== 'undefined' && isFileType(sslFilePaths.certificate,'crt') &&
typeof sslFilePaths.certificateChain !== 'undefined' && isFileType(sslFilePaths.certificateChain,'crt') &&
typeof sslFilePaths.certificateKey !== 'undefined' && isFileType(sslFilePaths.certificateKey,'key') &&
typeof sslFilePaths.dhparam !== 'undefined' && isFileType(sslFilePaths.dhparam,'pem')
if (
typeof sslFilePaths !== 'undefined' &&
typeof sslFilePaths.certificate !== 'undefined' &&
isFileType(sslFilePaths.certificate, 'crt') &&
typeof sslFilePaths.certificateChain !== 'undefined' &&
isFileType(sslFilePaths.certificateChain, 'crt') &&
typeof sslFilePaths.certificateKey !== 'undefined' &&
isFileType(sslFilePaths.certificateKey, 'key') &&
typeof sslFilePaths.dhparam !== 'undefined' &&
isFileType(sslFilePaths.dhparam, 'pem')
) {
// https listener
listener = ` listen 443 ssl default_server;
@@ -161,7 +186,7 @@ export function generateListener(sslFilePaths: SSLFilePaths) {
ssl_certificate_key ${sslFilePaths.certificateKey};
ssl_trusted_certificate ${sslFilePaths.certificateChain};
ssl_dhparam ${sslFilePaths.dhparam};
${sslHardeningParameters}`;
${sslHardeningParameters}`;
} else {
// default http listener
listener = 'listen 80 default_server;';
@@ -194,7 +219,8 @@ async function renderTemplate(path: string, view: unknown): Promise<string> {
* @param entries Allow list entries that should be in CIDR notation
*/
function generateRateLimitAllowList(entries: string[]): string {
return entries.filter(entry => isCidr(entry))
return entries
.filter(entry => isCidr(entry))
.map(entry => `${entry} 0;`)
.join('\n');
}
@@ -206,31 +232,36 @@ function generateRateLimitAllowList(entries: string[]): string {
*/
export async function getTemplateView(containers: Dockerode.ContainerInfo[]): Promise<TemplateView> {
delete require.cache[require.resolve('config')];
// eslint-disable-next-line @typescript-eslint/no-var-requires
const config = require('config');
const configFile = config as ConfigFile;
const cors = await asyncReadFile('./fixtures/cors.template', 'utf8');
const visibleRoutesPromises = ['/'].map(async (route) => {
return renderTemplate(join('fixtures', 'visibleRoute.template'), {
const visibleRoutesPromises = ['/'].map(async route => {
return renderTemplate(path.join('fixtures', 'visibleRoute.template'), {
cors,
route,
});
});
const hiddenRoutesPromises = configFile.hiddenRoutes.map(async (route) => {
return renderTemplate(join('fixtures', 'hiddenRoute.template'), {
const hiddenRoutesPromises = configFile.hiddenRoutes.map(async route => {
return renderTemplate(path.join('fixtures', 'hiddenRoute.template'), {
cors,
route,
});
});
return {
dockerVersionMap: await generateUpstreamMap(configFile.activeVersions, configFile.outdatedVersions, containers),
dockerVersionMap: await generateUpstreamMap(
configFile.activeVersions,
configFile.outdatedVersions,
containers,
),
hiddenRoutes: (await Promise.all(hiddenRoutesPromises)).join(''),
listener: generateListener(configFile.sslFilePaths),
rateLimitAllowList: generateRateLimitAllowList(configFile.rateLimitAllowList),
staticRoute: await renderTemplate(join('fixtures', 'staticRoute.template'), {cors}),
staticRoute: await renderTemplate(path.join('fixtures', 'staticRoute.template'), {cors}),
visibleRoutes: (await Promise.all(visibleRoutesPromises)).join(''),
};
}
@@ -240,7 +271,9 @@ export async function getTemplateView(containers: Dockerode.ContainerInfo[]): Pr
*
* @param pathToDockerSocket Path to docker socket
*/
export async function getContainers(pathToDockerSocket = '/var/run/docker.sock'): Promise<Dockerode.ContainerInfo[]> {
export async function getContainers(
pathToDockerSocket = '/var/run/docker.sock',
): Promise<Dockerode.ContainerInfo[]> {
const docker = new Dockerode({
socketPath: pathToDockerSocket,
});

52
test/main.spec.ts
View File

@@ -24,12 +24,19 @@ import {expect} from 'chai';
import chaiSpies from 'chai-spies';
import {ContainerInfo} from 'dockerode';
import {slow, suite, test, timeout} from '@testdeck/mocha';
import {sslHardeningParameters, protocolHardeningParameters, SSLFilePaths } from './../src/common';
import {containerMatchesRegex, generateUpstreamMap, getGatewayOfStAppsBackend, getTemplateView, generateListener, getContainers} from '../src/main';
import { resolve } from 'path';
import { mkdirSync, writeFileSync, unlinkSync, rmdirSync } from 'fs';
import {sslHardeningParameters, protocolHardeningParameters, SSLFilePaths} from './../src/common';
import {
containerMatchesRegex,
generateUpstreamMap,
getGatewayOfStAppsBackend,
getTemplateView,
generateListener,
getContainers,
} from '../src/main';
import {resolve} from 'path';
import {mkdirSync, writeFileSync, unlinkSync, rmdirSync} from 'fs';
process.on('unhandledRejection', async (error) => {
process.on('unhandledRejection', async error => {
await Logger.error(error);
process.exit(1);
@@ -42,7 +49,7 @@ chai.use(chaiSpies);
export class MainSpec {
static anyContainerWithExposedPorts: ContainerInfo = {
Command: 'sh',
Created: 1524669882,
Created: 1_524_669_882,
HostConfig: {
NetworkMode: 'default',
},
@@ -51,9 +58,7 @@ export class MainSpec {
ImageID: 'sha256:ef9f0c8c4b6f99dd208948c7aae1d042590aa18e05ebeae4f586e4b4beebeac9',
Labels: {},
Mounts: [],
Names: [
'/container_name_1',
],
Names: ['/container_name_1'],
NetworkSettings: {
Networks: {
bridge: {
@@ -103,9 +108,7 @@ export class MainSpec {
'stapps.version': '1.0.0',
},
Mounts: [],
Names: [
'/deployment_backend_1',
],
Names: ['/deployment_backend_1'],
NetworkSettings: {
Networks: {
deployment_default: {
@@ -183,10 +186,11 @@ export class MainSpec {
const containerWithoutPorts: Partial<ContainerInfo> = {
Id: 'Foo',
Ports: [],
Names: ['/container_name_1'],
};
expect(await getGatewayOfStAppsBackend(containerWithoutPorts as ContainerInfo)).to.be.equal('');
expect(spy.__spy.calls[0][0]).to.contain('Container Foo does not advertise any port.');
expect(spy.__spy.calls[0][0]).to.contain('Container /container_name_1 does not advertise any port.');
}
@test
@@ -196,7 +200,7 @@ export class MainSpec {
@test
async 'upstream map calls logger error when no matching container is found'() {
const spy = MainSpec.sandbox.on(console, 'error', () => {
const spy = MainSpec.sandbox.on(console, 'warn', () => {
});
expect(await generateUpstreamMap(
@@ -294,10 +298,10 @@ ${protocolHardeningParameters}
const certificateChainFile = resolve(testCertDir, 'chain.crt');
const dhparamFile = resolve(testCertDir, 'dhparam.pem');
writeFileSync(certificateFile,'Test');
writeFileSync(certificateKeyFile,'Test');
writeFileSync(certificateChainFile,'Test');
writeFileSync(dhparamFile,'Test');
writeFileSync(certificateFile, 'Test');
writeFileSync(certificateKeyFile, 'Test');
writeFileSync(certificateChainFile, 'Test');
writeFileSync(dhparamFile, 'Test');
const sslFilePaths: SSLFilePaths = {
certificate: certificateFile,
@@ -306,12 +310,12 @@ ${protocolHardeningParameters}
dhparam: dhparamFile,
};
expect(generateListener(sslFilePaths)).to.equal(`listen 443 ssl default_server;
ssl_certificate ${sslFilePaths.certificate};
ssl_certificate_key ${sslFilePaths.certificateKey};
ssl_trusted_certificate ${sslFilePaths.certificateChain};
ssl_dhparam ${sslFilePaths.dhparam};
${sslHardeningParameters}
expect(generateListener(sslFilePaths)).to.equal(` listen 443 ssl default_server;
ssl_certificate ${sslFilePaths.certificate};
ssl_certificate_key ${sslFilePaths.certificateKey};
ssl_trusted_certificate ${sslFilePaths.certificateChain};
ssl_dhparam ${sslFilePaths.dhparam};
${sslHardeningParameters}
${protocolHardeningParameters}
`);

3
tslint.json
View File

@@ -1,3 +0,0 @@
{
"extends": "./node_modules/@openstapps/configuration/tslint.json"
}