Merge pull request #287 from coopernetes/feat/runnable

feat: Make git-proxy executable, custom config file arg & validation, bump to 1.1.0

config.schema.json

@@ -0,0 +1,79 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://git-proxy.finos.org/config.schema.json",
+  "title": "Git Proxy",
+  "description": "Configuration file for modifying the behaviour of git-proxy",
+  "type": "object",
+  "properties": {
+    "authorisedList": {
+      "description": "List of repositories that are authorised to be pushed to through the proxy.",
+      "type": "array",
+      "items": {
+        "$ref": "#/$defs/authorisedRepo"
+      }
+    },
+    "sink": {
+      "description": "List of database sources. The first source in the configuration with enabled=true will be used.",
+      "type": "array",
+      "items": {
+        "$ref": "#/$defs/database"
+      }
+    },
+    "authentication": {
+      "description": "List of authentication sources. The first source in the configuration with enabled=true will be used.",
+      "type": "array",
+      "items": {
+        "$ref": "#/$defs/authentication"
+      }
+    },
+    "tempPassword": {
+      "description": "Toggle the generation of temporary password for git-proxy admin user",
+      "type": "object",
+      "properties": {
+        "sendEmail": { "type": "boolean" },
+        "emailConfig": {
+          "description": "Generic object to configure nodemailer. For full type information, please see https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/nodemailer",
+          "type": "object"
+        }
+      }
+    }
+  },
+  "additionalProperties": false,
+  "anyOf": [
+    { "required": "authorisedList" },
+    { "required": "sink" },
+    { "required": "authentication" },
+    { "required": "tempPassword" }
+  ],
+  "$defs": {
+    "authorisedRepo": {
+      "type": "object",
+      "properties": {
+        "project": { "type": "string" },
+        "name": { "type": "string" },
+        "url": { "type": "string" }
+      },
+      "required": [ "project", "name", "url" ]
+    },
+    "database": {
+      "type": "object",
+      "properties": {
+        "type": { "type": "string" },
+        "enabled": { "type": "boolean" },
+        "connectionString": { "type": "string" },
+        "options": { "type": "object" },
+        "params": { "type": "object" }
+      },
+      "required": [ "type", "enabled" ]
+    },
+    "authentication": {
+      "type": "object",
+      "properties": {
+        "type": { "type": "string" },
+        "enabled": { "type": "boolean" },
+        "options": { "type": "object" }
+      },
+      "required": [ "type", "enabled" ]
+    }
+  }
+}

index.js

@@ -1,3 +1,48 @@
+#!/usr/bin/env node
+/* eslint-disable max-len */
+const argv = require('yargs/yargs')(process.argv.slice(2))
+  .usage('Usage: $0 [options]')
+  .options({
+    validate: {
+      description:
+        'Check the proxy.config.json file in the current working directory for validation errors.',
+      required: false,
+      alias: 'v',
+    },
+    config: {
+      description: 'Path to custom git-proxy configuration file.',
+      default: 'proxy.config.json',
+      required: false,
+      alias: 'c',
+    },
+  }).argv;
+
+require('./src/config/file').configFile = argv.c ? argv.c : undefined;
+
+if (argv.v) {
+  const fs = require('fs');
+  const path = require('path');
+  const validate = require('jsonschema').validate;
+  const configFile = require('./src/config/file').configFile;
+
+  if (!fs.existsSync(configFile)) {
+    console.error(
+      `Config file ${configFile} doesn't exist, nothing to validate! Did you forget -c/--config?`,
+    );
+    process.exit(1);
+  }
+
+  const config = JSON.parse(fs.readFileSync(configFile));
+  const schema = JSON.parse(
+    fs.readFileSync(path.join(__dirname, 'config.schema.json')),
+  );
+
+  validate(config, schema, { required: true, throwError: true });
+
+  console.log(`${configFile} is valid`);
+  process.exit(0);
+}
+
 const proxy = require('./src/proxy');
 const service = require('./src/service');
 

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@finos/git-proxy",
-  "version": "1.0.0",
+  "version": "1.1.0",
   "description": "Deploy custom push protections and policies on top of Git.",
   "scripts": {
     "client": "vite --config vite.config.js",
@@ -15,6 +15,7 @@
     "prepare": "node ./scripts/prepare.js",
     "lint": "eslint --fix . --ext .js,.jsx"
   },
+  "bin": "./index.js",
   "author": "Paul Groves",
   "license": "Apache-2.0",
   "dependencies": {
@@ -37,6 +38,7 @@
     "generate-password": "^1.5.1",
     "history": "5.3.0",
     "load-plugin": "^5.1.0",
+    "jsonschema": "^1.4.1",
     "lodash": "^4.17.21",
     "moment": "^2.29.4",
     "mongodb": "^5.0.0",
@@ -51,7 +53,8 @@
     "react-dom": "^16.13.1",
     "react-html-parser": "^2.0.2",
     "react-router-dom": "6.16.0",
-    "uuid": "^9.0.0"
+    "uuid": "^9.0.0",
+    "yargs": "^17.7.2"
   },
   "devDependencies": {
     "@babel/eslint-parser": "^7.22.9",

src/config/file.js

@@ -0,0 +1,14 @@
+const path = require('path');
+// eslint-disable-next-line prefer-const
+let configFile = undefined;
+
+module.exports = {
+  get configFile() {
+    return configFile
+      ? configFile
+      : path.join(process.cwd(), 'proxy.config.json');
+  },
+  set configFile(file) {
+    configFile = file;
+  },
+};

src/config/index.js

@@ -1,42 +1,39 @@
 const fs = require('fs');
-const proxySettings = JSON.parse(fs.readFileSync('./resources/config.json'));
 
-let _userSettings = null;
-let _authorisedList = proxySettings.authorisedList;
-let _database = proxySettings.sink;
-let _authentication = proxySettings.authentication;
-let _tempPassword = proxySettings.tempPassword;
+const defaultSettings = require('../../proxy.config.json');
+const userSettingsPath = require('./file').configFile;
 
-const userSettings = () => {
-  const path = './user-settings.json';
-  if (_userSettings === null && fs.existsSync(path)) {
-    _userSettings = JSON.parse(fs.readFileSync(path));
-  }
-  return _userSettings;
-};
+let _userSettings = null;
+if (fs.existsSync(userSettingsPath)) {
+  _userSettings = JSON.parse(fs.readFileSync(userSettingsPath));
+}
+let _authorisedList = defaultSettings.authorisedList;
+let _database = defaultSettings.sink;
+let _authentication = defaultSettings.authentication;
+let _tempPassword = defaultSettings.tempPassword;
 
 // Gets a list of authorised repositories
 const getAuthorisedList = () => {
-  if (userSettings !== null && userSettings.authorisedList) {
-    _authorisedList = userSettings.authorisedList;
+  if (_userSettings !== null && _userSettings.authorisedList) {
+    _authorisedList = _userSettings.authorisedList;
   }
 
   return _authorisedList;
 };
 
 // Gets a list of authorised repositories
 const getTempPasswordConfig = () => {
-  if (userSettings !== null && userSettings.tempPassword) {
-    _tempPassword = userSettings.tempPassword;
+  if (_userSettings !== null && _userSettings.tempPassword) {
+    _tempPassword = _userSettings.tempPassword;
   }
 
   return _tempPassword;
 };
 
 // Gets the configuared data sink, defaults to filesystem
 const getDatabase = () => {
-  if (userSettings !== null && userSettings.sink) {
-    _database = userSettings.database;
+  if (_userSettings !== null && _userSettings.sink) {
+    _database = _userSettings.sink;
   }
   for (const ix in _database) {
     if (ix) {
@@ -52,8 +49,8 @@ const getDatabase = () => {
 
 // Gets the configuared data sink, defaults to filesystem
 const getAuthentication = () => {
-  if (userSettings !== null && userSettings.sink) {
-    _authentication = userSettings.authentication;
+  if (_userSettings !== null && _userSettings.authentication) {
+    _authentication = _userSettings.authentication;
   }
   for (const ix in _authentication) {
     if (!ix) continue;