coverage/

{

"extends": [

"wikimedia/server"

],

"plugins": ["json", "jsdoc"],

"rules": {

"array-bracket-spacing": "off",

"camelcase": [

"error",

{

"properties": "never"

}

],

"computed-property-spacing": "off",

"indent": ["off", 4],

"jsdoc/no-undefined-types": "off",

"no-multi-spaces": "off",

"no-shadow": "off",

"no-underscore-dangle": "off",

"no-unused-vars": [

"error",

{

"args": "none"

}

],

"space-in-parens": ["error", "never"]

}

}

version: v4

base: docker-registry.wikimedia.org/buster-nodejs10-slim

lives:

in: /srv/service

runs:

environment: { APP_BASE_PATH: /srv/service }

variants:

build:

base: docker-registry.wikimedia.org/buster-nodejs10-devel

copies: [local]

apt: { packages: [git, build-essential, python-pkgconfig] }

node: { requirements: [package.json] }

runs: { environment: { LINK: g++ } }

development:

includes: [build]

apt: { packages: [ca-certificates] }

entrypoint: [node, server.js]

test:

includes: [build]

apt: { packages: [ca-certificates] }

entrypoint: [npm, test]

prep:

includes: [build]

node: { env: production }

production:

copies: [prep]

node: { env: production }

entrypoint: [node, server.js]

language: node_js

sudo: false

node_js:

- "10"

- "node"

{

// Use IntelliSense to learn about possible attributes.

// Hover to view descriptions of existing attributes.

// For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387

"version": "0.2.0",

"configurations": [

{

"type": "pwa-node",

"request": "launch",

"name": "Launch Program",

"skipFiles": [

"<node_internals>/**"

],

"program": "${workspaceFolder}/app.js"

}

]

}

FROM debian:jessie

RUN apt-get update && apt-get install -y nodejs git wget build-essential python && rm -rf /var/lib/apt/lists/*

RUN mkdir -p /usr/local/nvm

ENV NVM_DIR /usr/local/nvm

RUN wget -qO- https://raw.githubusercontent.com/nvm-sh/nvm/v0.34.0/install.sh | bash && . $NVM_DIR/nvm.sh && nvm install 10.15.2

RUN mkdir /opt/service

ADD . /opt/service

WORKDIR /opt/service

RUN . $NVM_DIR/nvm.sh && nvm use 10.15.2 && npm install && npm dedupe

ENV HOME=/root/ LINK=g++

ENV IN_DOCKER=1

CMD . $NVM_DIR/nvm.sh && nvm use 10.15.2 && npm start

const http = require('http');

const BBPromise = require('bluebird');

const express = require('express');

const compression = require('compression');

const bodyParser = require('body-parser');

const fs = BBPromise.promisifyAll(require('fs'));

const sUtil = require('./lib/util');

const apiUtil = require('./lib/api-util');

const packageInfo = require('./package.json');

const yaml = require('js-yaml');

const addShutdown = require('http-shutdown');

const path = require('path');

function initApp(options) {

// the main application object

const app = express();

// get the options and make them available in the app

app.logger = options.logger; // the logging device

app.metrics = options.metrics; // the metrics

app.conf = options.config; // this app's config options

app.info = packageInfo; // this app's package info

// ensure some sane defaults

app.conf.port = app.conf.port || 8888;

app.conf.interface = app.conf.interface || '0.0.0.0';

// eslint-disable-next-line max-len

app.conf.compression_level = app.conf.compression_level === undefined ? 3 : app.conf.compression_level;

app.conf.cors = app.conf.cors === undefined ? '*' : app.conf.cors;

if (app.conf.csp === undefined) {

app.conf.csp = "default-src 'self'; object-src 'none'; media-src 'none'; img-src 'none'; style-src 'none'; base-uri 'self'; frame-ancestors 'self'";

}

// set outgoing proxy

if (app.conf.proxy) {

process.env.HTTP_PROXY = app.conf.proxy;

// if there is a list of domains which should

// not be proxied, set it

if (app.conf.no_proxy_list) {

if (Array.isArray(app.conf.no_proxy_list)) {

process.env.NO_PROXY = app.conf.no_proxy_list.join(',');

} else {

process.env.NO_PROXY = app.conf.no_proxy_list;

}

}

}

// set up header whitelisting for logging

if (!app.conf.log_header_whitelist) {

app.conf.log_header_whitelist = [

'cache-control', 'content-type', 'content-length', 'if-match',

'user-agent', 'x-request-id'

];

}

app.conf.log_header_whitelist = new RegExp(`^(?:${app.conf.log_header_whitelist.map((item) => {

}).join('|')})$`, 'i');

// set up the request templates for the APIs

apiUtil.setupApiTemplates(app);

// set up the spec

if (!app.conf.spec) {

app.conf.spec = `${__dirname}/spec.yaml`;

}

if (app.conf.spec.constructor !== Object) {

try {

app.conf.spec = yaml.safeLoad(fs.readFileSync(app.conf.spec));

} catch (e) {

app.logger.log('warn/spec', `Could not load the spec: ${e}`);

app.conf.spec = {};

}

}

if (!app.conf.spec.openapi) {

app.conf.spec.openapi = '3.0.0';

}

if (!app.conf.spec.info) {

app.conf.spec.info = {

version: app.info.version,

title: app.info.name,

description: app.info.description

};

}

app.conf.spec.info.version = app.info.version;

if (!app.conf.spec.paths) {

app.conf.spec.paths = {};

}

// set the CORS and CSP headers

app.all('*', (req, res, next) => {

if (app.conf.cors !== false) {

res.header('access-control-allow-origin', app.conf.cors);

res.header('access-control-allow-headers', 'accept, x-requested-with, content-type');

res.header('access-control-expose-headers', 'etag');

}

if (app.conf.csp !== false) {

res.header('x-xss-protection', '1; mode=block');

res.header('x-content-type-options', 'nosniff');

res.header('x-frame-options', 'SAMEORIGIN');

res.header('content-security-policy', app.conf.csp);

}

sUtil.initAndLogRequest(req, app);

next();

});

// set up the user agent header string to use for requests

app.conf.user_agent = app.conf.user_agent || app.info.name;

// disable the X-Powered-By header

app.set('x-powered-by', false);

// disable the ETag header - users should provide them!

app.set('etag', false);

// enable compression

app.use(compression({ level: app.conf.compression_level }));

// use the JSON body parser

app.use(bodyParser.json({ limit: app.conf.max_body_size || '100kb' }));

// use the application/x-www-form-urlencoded parser

app.use(bodyParser.urlencoded({ extended: true }));

return BBPromise.resolve(app);

function loadRoutes(app, dir) {

// recursively load routes from .js files under routes/

return fs.readdirAsync(dir).map((fname) => {

return BBPromise.try(() => {

const resolvedPath = path.resolve(dir, fname);

const isDirectory = fs.statSync(resolvedPath).isDirectory();

if (isDirectory) {

loadRoutes(app, resolvedPath);

} else if (/\.js$/.test(fname)) {

// import the route file

const route = require(`${dir}/${fname}`);

return route(app);

}

}).then((route) => {

if (route === undefined) {

return undefined;

}

// check that the route exports the object we need

if (route.constructor !== Object || !route.path || !route.router ||

!(route.api_version || route.skip_domain)) {

throw new TypeError(`routes/${fname} does not export the correct object!`);

}

// normalise the path to be used as the mount point

if (route.path[0] !== '/') {

route.path = `/${route.path}`;

}

if (route.path[route.path.length - 1] !== '/') {

route.path = `${route.path}/`;

}

if (!route.skip_domain) {

route.path = `/:domain/v${route.api_version}${route.path}`;

}

// wrap the route handlers with Promise.try() blocks

sUtil.wrapRouteHandlers(route, app);

// all good, use that route

app.use(route.path, route.router);

});

}).then(() => {

// catch errors

sUtil.setErrorHandler(app);

// route loading is now complete, return the app object

return BBPromise.resolve(app);

});

function createServer(app) {

// return a promise which creates an HTTP server,

// attaches the app to it, and starts accepting

// incoming client requests

let server;

return new BBPromise((resolve) => {

server = http.createServer(app).listen(

app.conf.port,

app.conf.interface,

resolve

);

server = addShutdown(server);

}).then(() => {

app.logger.log('info',

`Worker ${process.pid} listening on ${app.conf.interface || '*'}:${app.conf.port}`);

// Don't delay incomplete packets for 40ms (Linux default) on

// pipelined HTTP sockets. We write in large chunks or buffers, so

// lack of coalescing should not be an issue here.

server.on('connection', (socket) => {

socket.setNoDelay(true);

});

return server;

});

module.exports = (options) => {

return initApp(options)

.then((app) => loadRoutes(app, `${__dirname}/routes`))

.then((app) => {

// serve static files from static/

app.use('/static', express.static(`${__dirname}/static`));

return app;

}).then(createServer);