From 3b8fba5ac862c1ae18b01202fa74989639f4d5ee Mon Sep 17 00:00:00 2001 From: Denis Davidyuk Date: Mon, 8 May 2023 11:47:35 +0600 Subject: [PATCH] Deploy testcab/cors-anywhere --- .github/workflows/prod-docker.yml | 112 ------------------------------ .github/workflows/test.yml | 19 ----- Dockerfile | 30 +++----- LICENSE | 29 ++++---- README.md | 99 ++++++-------------------- server.js | 62 +++++++++++++++++ 6 files changed, 110 insertions(+), 241 deletions(-) delete mode 100644 .github/workflows/prod-docker.yml delete mode 100644 .github/workflows/test.yml create mode 100644 server.js diff --git a/.github/workflows/prod-docker.yml b/.github/workflows/prod-docker.yml deleted file mode 100644 index 0269e51dc..000000000 --- a/.github/workflows/prod-docker.yml +++ /dev/null @@ -1,112 +0,0 @@ -name: Production Aepp Base Pipeline - -on: - push: - branches: - - master - release: - types: [created] - -env: - ENV: "prd" - APP: "aepp-base" - -jobs: - main: - runs-on: ubuntu-latest - name: Production Aepp Base Pipeline - steps: - - uses: actions/checkout@v2 - with: - fetch-depth: 100 - - - uses: GoogleCloudPlatform/release-please-action@v2 - id: release - with: - token: ${{ secrets.GITHUB_TOKEN }} - release-type: node - package-name: "" - changelog-types: '[{"type":"feat","section":"Features","hidden":false},{"type":"fix","section":"Bug Fixes","hidden":false},{"type":"ci","section":"CI / CD","hidden":false},{"type":"test","section":"Testing","hidden":false},{"type":"refactor","section":"Refactorings","hidden":false},{"type":"chore","section":"Miscellaneous","hidden":false}]' - - - name: Set up Docker Buildx - id: buildx - # Use the action from the master, as we've seen some inconsistencies with @v1 - # Issue: https://github.com/docker/build-push-action/issues/286 - uses: docker/setup-buildx-action@master - # Only worked for us with this option on �‍♂️ - with: - install: true - - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: /tmp/.buildx-cache - # Key is named differently to avoid collision - key: ${{ runner.os }}-${{ env.ENV }}-buildx-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-${{ env.ENV }}-buildx - - - name: Log in to dockerhub - uses: docker/login-action@v1 - with: - username: ${{ secrets.DOCKERHUB_USER }} - password: ${{ secrets.DOCKERHUB_PASS }} - - - name: Extract metadata for docker - if: | - github.event_name == 'push' || - startsWith(github.ref, 'refs/tags/v') - id: meta - uses: docker/metadata-action@v3 - with: - images: aeternity/aepp-base - tags: | - type=raw,value=latest,enable=${{ endsWith(GitHub.ref, 'master') }} - type=raw,value=${{ steps.release.outputs.tag_name }},enable=${{ endsWith(GitHub.ref, 'master') }} - type=ref,event=tag - type=ref,event=pr - - - name: Build and push docker image - if: | - github.event_name == 'push' || - startsWith(github.ref, 'refs/tags/v') - uses: docker/build-push-action@v2 - with: - context: . - file: Dockerfile - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - cache-from: type=local,src=/tmp/.buildx-cache - # Note the mode=max here - # More: https://github.com/moby/buildkit#--export-cache-options - # And: https://github.com/docker/buildx#--cache-tonametypetypekeyvalue - cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new - - - name: Move cache - if: github.event_name == 'pull_request' && github.event.action == 'opened' || github.event.action == 'synchronize' - run: | - rm -rf /tmp/.buildx-cache - mv /tmp/.buildx-cache-new /tmp/.buildx-cache - - - uses: actions/checkout@v2 - with: - repository: aeternity/gitops-apps.git - ref: prd - persist-credentials: false - fetch-depth: 0 - - - name: Production Deploy - if: ${{ steps.release.outputs.release_created }} - uses: aeternity/ae-github-actions/argocd-deploy@v4 - with: - url-prefix: ${{ steps.release.outputs.tag_name }} - env: ${{ env.ENV }} - app: ${{ env.APP }} - - - name: Push changes - uses: ad-m/github-push-action@master - with: - repository: aeternity/gitops-apps - github_token: ${{ secrets.BOT_GITHUB_TOKEN }} - branch: prd diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml deleted file mode 100644 index 100dbdbc5..000000000 --- a/.github/workflows/test.yml +++ /dev/null @@ -1,19 +0,0 @@ -name: Test -on: [pull_request] -jobs: - main: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - with: - fetch-depth: 0 - - uses: actions/setup-node@v2 - with: - # TODO: update to 18 after updating cypress - node-version: 16.x - - uses: actions/cache@v3 - with: - path: ~/.npm - key: ${{ runner.os }}-npm-${{ hashFiles('**/package-lock.json') }} - - run: npm ci --legacy-peer-deps # TODO: remove --legacy-peer-deps after updating dependencies - - run: npm test diff --git a/Dockerfile b/Dockerfile index b69698f81..33ec5a653 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,24 +1,10 @@ -FROM node:18-alpine as aepp-aepp-base-build -WORKDIR /app -RUN apk add make g++ python3 git +FROM node:14-alpine -ADD package*.json ./ -# TODO: remove --legacy-peer-deps after updating dependencies -RUN npm ci --legacy-peer-deps +ENV NODE_ENV=production +ENV NODE_PATH=/usr/local/lib/node_modules +ARG version=latest +RUN npm install -g cors-anywhere@$version +COPY server.js . +CMD ["node", "server.js"] -COPY . . - -ARG VUE_APP_NETWORK_NAME -ARG VUE_APP_NODE_URL -ARG VUE_APP_MDW_URL -ARG VUE_APP_EXPLORER_URL -ARG VUE_APP_COMPILER_URL -ARG VUE_APP_REMOTE_CONNECTION_BACKEND_URL - -# TODO: remove legacy openssl after updating @vue/cli -RUN NODE_OPTIONS=--openssl-legacy-provider npm run build - -FROM nginx:1.24-alpine -COPY ./nginx/nginx.conf /etc/nginx/nginx.conf -COPY ./nginx/default.conf /etc/nginx/conf.d/default.conf -COPY --from=aepp-aepp-base-build /app/dist /usr/share/nginx/html +EXPOSE 80 diff --git a/LICENSE b/LICENSE index 142825a39..b35ee4d23 100644 --- a/LICENSE +++ b/LICENSE @@ -1,15 +1,20 @@ -ISC License +Copyright 2019 test.cab -Copyright (c) 2017, aeternity developers +Permission is hereby granted, free of charge, to any person obtaining a +copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: -Permission to use, copy, modify, and/or distribute this software for any -purpose with or without fee is hereby granted, provided that the above -copyright notice and this permission notice appear in all copies. +The above copyright notice and this permission notice shall be included +in all copies or substantial portions of the Software. -THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH -REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, -INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM -LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE -OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR -PERFORMANCE OF THIS SOFTWARE. +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS +OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/README.md b/README.md index ea1aaefb6..fb80df7ef 100644 --- a/README.md +++ b/README.md @@ -1,91 +1,38 @@ -# Base æpp [![Build Status](https://api.travis-ci.org/aeternity/aepp-base.svg?branch=develop)](https://travis-ci.org/aeternity/aepp-base/branches) +# testcab/cors-anywhere -## How to get the Base æpp +[![docker build automated](https://img.shields.io/docker/cloud/automated/testcab/cors-anywhere.svg)](https://hub.docker.com/r/testcab/cors-anywhere "testcab/cors-anywhere") +[![](https://images.microbadger.com/badges/image/testcab/cors-anywhere.svg)](https://microbadger.com/images/testcab/cors-anywhere "testcab/cors-anywhere") -* [Google Play](https://play.google.com/store/apps/details?id=com.aeternity.base) -* [App Store](https://apps.apple.com/app/base-æpp-wallet/id1458655724) -* [Web version](https://base.aepps.com/) +The docker image for [cors-anywhere](https://github.com/Rob--W/cors-anywhere). -Also join our [Telegram channel](https://t.me/aeppbase) and our [Forum](https://forum.aeternity.com/t/base-aepp-wallet-we-would-like-your-feedback/3387). -## Build Setup +### Run -```bash -# install dependencies -npm install - -# serve with hot reload at http://localhost:8080/ -npm run serve - -# serve with hot reload at https://localhost:8080/ -npm run serve -- --https - -# run on android emulator or device -npm run serve:android - -# run on ios emulator -npm run serve:ios - -# build for production with minification -npm run build - -# build for production and view the bundle analyzer report -npm run build -- --report - -# generate resources for cordova -npm run gen:cordova-resources - -# build for cordova -npm run build:cordova - -# build an app file -npm run build:ios - -# build an apk file -npm run build:android - -# run unit tests -npm run test:unit - -# run e2e tests -npm run test:e2e - -# run all tests -npm test ``` +docker run --rm testcab/cors-anywhere +``` + -## Contributing +### Supported tags and respective `Dockerfile` links -We use the [gitflow](https://danielkummer.github.io/git-flow-cheatsheet/) workflow [this is also helpful](https://gist.github.com/JamesMGreene/cdd0ac49f90c987e45ac). -* Development of features happens in branches made from **develop** called feature/ like feature/show-token-balance. -* When development is finished a pull request to **develop** is created. At least one person has to review the PR and when everything is fine the PR gets merged. -* The develop branch gets deployed to the [stage environment](https://stage-identity.aepps.com) by travis. -* To make a new release create a release branch called release/vX.X.X, also bump the version number in package.json in this branch. -* Create a PR to master which then also has to be accepted. -* Create a tag for this version and push the tag. -* Also merge back the changes (like the version bump) into develop. -* The master branch has to be deployed to the [production environment](https://base.aepps.com/) manually. +* [`0.4.4`, `latest`](https://github.com/testcab/docker-cors-anywhere/blob/master/Dockerfile) +* [`0.4.3`](https://github.com/testcab/docker-cors-anywhere/blob/0.4.3/Dockerfile) -## Deployment -We have a stage (develop) and a production (master) branch and environments where these branches will be deployed to. -* [stage environment](https://stage-identity.aepps.com) -* [production environment](https://base.aepps.com/) +### Envirionment Variables -### stage -* Is used to see changes to the code in effect in a "real" environment without the fear of breaking the production environment. +Env | Default | Description +---- | ------- | ----------- +PORT | 8080 | Server listening port +KEY | | Content or filename of TLS Key +CERT | | Content or filename of TLS Certificate +CORSANYWHERE_BLACKLIST | | If set, requests whose origin is listed are blocked.
Comma separated. Example: `https://abuse.example.com,http://abuse.example.com` +CORSANYWHERE_WHITELIST | | If set, requests whose origin is not listed are blocked.
If this list is empty, all origins are allowed.
Comma separated. Example: `https://good.example.com,http://good.example.com` +CORSANYWHERE_RATELIMIT | | Format: ` `
For example, to blacklist abuse.example.com and rate-limit everything to 50 requests per 3 minutes, except for my.example.com and my2.example.com (which may be unlimited), use:
`50 3 my.example.com my2.example.com` -### production -* Is the production environment, code lives in the "master" branch. -### other branches -* Every branch is auto-deployed on https://`branch-name`.origin.aepps.com/, with each `/`, `.` symbol in a branch name replaced by `-`. +## LICENSE -### unsigned .apk and .app file -* Find `aetenity.app.tar.gz` file in the [latest release](https://github.com/aeternity/aepp-base/releases/latest) or download corresponding -version from a branch https://`branch-name`.origin.aepps.com/aetenity.app.tar.gz -* Find `aeternity.apk` file in the [latest release](https://github.com/aeternity/aepp-base/releases/latest) or download corresponding -version from a branch https://`branch-name`.origin.aepps.com/aeternity.apk +This repository is licensed under [MIT](LICENSE). -### bundle analyzer report -* Get bundle analyzer report on each domain by adding /report.html. Example [https://stage-identity.aepps.com/report.html](https://stage-identity.aepps.com/report.html). +[cors-anywhere](https://github.com/Rob--W/cors-anywhere#license) is `Copyright (C) 2013 - 2016 Rob Wu rob@robwu.nl` diff --git a/server.js b/server.js new file mode 100644 index 000000000..839ab3617 --- /dev/null +++ b/server.js @@ -0,0 +1,62 @@ +var fs = require('fs') + +// Listen on a specific host via the HOST environment variable +var host = process.env.HOST || '0.0.0.0'; +// Listen on a specific port via the PORT environment variable +var port = process.env.PORT || 80; + +// Grab the blacklist from the command-line so that we can update the blacklist without deploying +// again. CORS Anywhere is open by design, and this blacklist is not used, except for countering +// immediate abuse (e.g. denial of service). If you want to block all origins except for some, +// use originWhitelist instead. +var originBlacklist = parseEnvList(process.env.CORSANYWHERE_BLACKLIST); +var originWhitelist = parseEnvList(process.env.CORSANYWHERE_WHITELIST); +function parseEnvList(env) { + if (!env) { + return []; + } + return env.split(','); +} + +// Set up rate-limiting to avoid abuse of the public CORS Anywhere server. +var checkRateLimit = require('cors-anywhere/lib/rate-limit')(process.env.CORSANYWHERE_RATELIMIT); + +if (process.env.KEY || process.env.CERT) { + var httpsOptions = { + key: readTLSContent(process.env.KEY), + cert: readTLSContent(process.env.CERT), + }; +} + +function readTLSContent(tls) { + if (tls.startsWith('-----')) { + return tls + } else { + return fs.readFileSync(tls); + }; +} + +var cors_proxy = require('cors-anywhere'); +cors_proxy.createServer({ + originBlacklist: originBlacklist, + originWhitelist: originWhitelist, + requireHeader: ['origin', 'x-requested-with'], + checkRateLimit: checkRateLimit, + removeHeaders: [ + 'cookie', + 'cookie2', + // Strip Heroku-specific headers + 'x-heroku-queue-wait-time', + 'x-heroku-queue-depth', + 'x-heroku-dynos-in-use', + 'x-request-start', + ], + redirectSameOrigin: true, + httpProxyOptions: { + // Do not add X-Forwarded-For, etc. headers, because Heroku already adds it. + xfwd: false, + }, + httpsOptions: httpsOptions, +}).listen(port, host, function() { + console.log('Running CORS Anywhere on ' + host + ':' + port); +});