changes related to https://www.topcoder.com/challenges/30064860

Author: dilipkrthapa

._README.md

@@ -32,11 +32,10 @@ The following config parameters are supported, they are defined in `config/defau
 | :----------------------------- | :----------------------------------------: | :------------------------------: |
 | PORT                           | the port the application will listen on    |  3000                            |
 | LOG_LEVEL                      | the log level                              |  info                            |
-| TOPIC                          | the kafka subscribe topic name             |  events_topic                    |
+| TOPIC                          | the kafka subscribe topic name             |  tc-x-events                    |
+| WEBHOOK_SECRET_TOKEN            | the webhook security token for githost, it must be same as `WEBHOOK_SECRET_TOKEN` configured for Topcoder-X-backend| `ka75hsrq65cFEr61Hd4x`|
 |KAFKA_OPTIONS                   | the connection option for kafka            |  see below about KAFKA options                   |
-| GITHUB_SECRET_TOKEN            | the webhook security token for github      |                                  |
-| GITLAB_SECRET_TOKEN            | the webhook security token for gitlab      |                                  |
-| WATCH_REPOS                    | the repos we want to watch                 |                                  |
+| MONGODB_URL  | the MongoDB URL which must be same as Ragnar tool | mongodb://127.0.0.1:27017/ragnar|
 
 KAFKA_OPTIONS should be object as described in https://github.com/SOHU-Co/kafka-node#kafkaclient
 For using with SSL, the options should be as
@@ -50,71 +49,41 @@ For using with SSL, the options should be as
  }
 ```
 
-To change the WATCH_REPOS, you'd better create a `config/local.js` file to override the WATCH_REPOS, see `config/sample-local.js` for example.
-
 `config/local.js` will not tracked by git.
 
-Normally you just need config the GITHUB_SECRET_TOKEN and GITLAB_SECRET_TOKEN (optional in this challenge):
+## Local Setup
 
 ```shell
-export GITHUB_SECRET_TOKEN=...
-export GITLAB_SECRET_TOKEN=...
+npm start
 ```
 
-Or on windows:
+Server should be started at port 3002.
 
+use `ngrok` to make your local deploy accessible by internet:
 ```shell
-set GITHUB_SECRET_TOKEN=...
-set GITLAB_SECRET_TOKEN=...
+ngrok http 3002
 ```
 
+Copy the forwarding URL to set in `HOOK_BASE_URL` of topcoder-x-ui in config.json
 
-## GitHub Webhook Setup
+## Setup for verification
+Before verifying the tool, 4 service needs be configured and run them
+- processor
+- receiver
+- Ragnar Tool
+- Topcoder X (both backend and UI)
 
-- login into github.com
-- go to the repository you want to watch
-- click: Settings -> Options(in the left panel) -> Webhooks
-- click: 'Add Webhook' button
-- fill the form:
-    - Payload URL: `https://<YOUR_HOST>/webhooks/github`,
-    for example: `https://4bb6c860.ngrok.io/webhooks/github`
-    - Content Type: application/json
-    - Secret: type your secret and remember it to set into GITHUB_SECRET_TOKEN
-    - Check: Send me everything
-    - Check: Active
-- click: 'Add Webhook' button
+First login in Ragnar tool with admin and Add owner for which requires topcoder handle, git host's username and type of git host.
 
-## GitLab Webhook Setup (optional for this challenge)
+Go to Topcoder X UI login with above used topcoder username and
+- go to settings and make sure git hosts are correctly setup, if not click setup and authorize to setup.
 
-- login into gitlab.com
-- go to the repository you want to watch
-- click: Settings -> Integrations
-- fill the form: 
-    - URL: `https://<YOUR_HOST>/webhooks/gitlab`,
-    for example: `https://4bb6c860.ngrok.io/webhooks/gitlab`
-    - Secret Token: type your secret and remember it to set into GITLAB_SECRET_TOKEN
-    - Trigger: Check all the events
-    - Check: Enable SSL Verifications
-- click: 'Add Webhook' button
+- Go to Topcoder X UI and go to project management and add a project from git account and click save, and edit the same project and click 'Add Webhooks' button (you need to add personnel access token), verify that webhooks are set up correctly on git host's project.
 
-
-## Local Setup
-
-```shell
-npm start
-```
-
-Server should be started at port 3000.
-
-use `ngrok` to make your local deploy accessible by internet:
-```shell
-ngrok http 3000
-```
+Now, receiver service can receive the webhooks from git host's project. Now you can verify this service by following the verfication steps below
 
 ## GitHub Verification
 
-- properly config and run the `receiver` app.
-- properly config and run the `processor` app.
 - create an issue in the repo, you can see the logs in `receiver` and `processor`, the `issue.created` event is generated.
 - update an issue in the repo, you can see the logs in `receiver` and `processor`, the `issue.updated` event is generated.
 - create a comment on an issue, you can see the logs in `receiver` and `processor`, the `comment.created` event is generated.
@@ -128,8 +97,6 @@ ngrok http 3000
 
 ## Gitlab Verification
 
-- properly config and run the `receiver` app.
-- properly config and run the `processor` app.
 - create an issue in the repo, you can see the logs in `receiver` and `processor`, the `issue.created` event is generated.
 - update an issue in the repo, you can see the logs in `receiver` and `processor`, the `issue.updated` event is generated.
 - create a comment on an issue, you can see the logs in `receiver` and `processor`, the `comment.created` event is generated.

README.md

@@ -17,14 +17,13 @@ module.exports = {
   PORT: process.env.PORT || 3002, // eslint-disable-line no-magic-numbers
   LOG_LEVEL: process.env.LOG_LEVEL || 'info',
   TOPIC: process.env.TOPIC || 'tc-x-events',
-  GITHUB_SECRET_TOKEN: process.env.GITHUB_SECRET_TOKEN || 'ghostar',
-  GITLAB_SECRET_TOKEN: process.env.GITLAB_SECRET_TOKEN || 'ghostar',
+  WEBHOOK_SECRET_TOKEN: process.env.WEBHOOK_SECRET_TOKEN || 'ka75hsrq65cFEr61Hd4x',
   KAFKA_OPTIONS: {
     kafkaHost: process.env.KAFKA_HOST || 'localhost:9092',
     sslOptions: {
-      cert: process.env.KAFKA_CLIENT_CERT || fs.readFileSync('./kafka_client.cer'),
-      key: process.env.KAFKA_CLIENT_CERT_KEY || fs.readFileSync('./kafka_client.key')
-   }
+      cert: process.env.KAFKA_CLIENT_CERT || fs.readFileSync('./kafka_client.cer'), // eslint-disable-line no-sync
+      key: process.env.KAFKA_CLIENT_CERT_KEY || fs.readFileSync('./kafka_client.key') // eslint-disable-line no-sync
+    }
   },
-  MONGODB_URL: process.env.MONGODB_URI || 'mongodb://heroku_mx614sjn:[email protected]:41464/heroku_mx614sjn'
+  MONGODB_URL: process.env.MONGODB_URI || 'mongodb://127.0.0.1:27017/ragnar'
 };

config/default.js

@@ -12,6 +12,7 @@
 
 const config = require('config');
 const mongoose = require('mongoose');
+
 mongoose.Promise = global.Promise;
 const connection = mongoose.createConnection(config.MONGODB_URL);
 const IssueCreatedEvent = require('./IssueCreatedEvent');
@@ -23,6 +24,7 @@ const UserUnassignedEvent = require('./UserUnassignedEvent');
 const PullRequestCreatedEvent = require('./PullRequestCreatedEvent');
 const PullRequestClosedEvent = require('./PullRequestClosedEvent');
 const LabelUpdatedEvent = require('./LabelUpdatedEvent');
+const Challenge = require('./Challenge');
 
 module.exports = {
   IssueCreatedEvent,
@@ -34,5 +36,5 @@ module.exports = {
   PullRequestCreatedEvent,
   PullRequestClosedEvent,
   LabelUpdatedEvent,
-  Challenge: connection.model('Challenge', require('./Challenge')),
+  Challenge: connection.model('Challenge', Challenge)
 };

models/index.js

@@ -9,7 +9,6 @@
  */
 'use strict';
 const _ = require('lodash');
-const config = require('config');
 
 const logger = require('../../utils/logger');
 const Challenge = require('../../models').Challenge;
@@ -24,15 +23,8 @@ module.exports = (provider) => async (req, res, next) => {
     repoNames = [repo.homepage, repo.http_url, repo.url, repo.ssh_url];
   }
   let found = false;
-  var challenges = await Challenge.find({archieved: false});
-  _.forEach(repoNames, (r) => {
-    _.forEach(challenges, (challenge) => {
-      if (challenge.repoUrl === r) {
-        found = true;
-      }
-    });
-  });
-
+  const challenges = await Challenge.find({archieved: false});
+  found = _.some(challenges, (challenge) => _.includes(repoNames, challenge.repoUrl));
   if (found) {
     return next();
   }

routes/middlewares/RepositoryFilter.js

@@ -13,25 +13,22 @@ const config = require('config');
 const logger = require('../../utils/logger');
 
 module.exports = (provider) => (req, res, next) => {
+  let isValid = false;
   if (provider === 'github') {
-    const hash = crypto.createHmac('sha1', config.GITHUB_SECRET_TOKEN).update(req.rawBody).digest('hex');
-    if (`sha1=${hash}` !== req.header('X-Hub-Signature')) {
-      logger.info('Invalid Security Check. Make sure you set the secret token in webhook.');
-      const err = new Error('Invalid secret token');
-      err.status = 400;
-      return next(err);
-    }
-    return next();
+    const hash = crypto.createHmac('sha1', config.WEBHOOK_SECRET_TOKEN).update(req.rawBody).digest('hex');
+    isValid = `sha1=${hash}` === req.header('X-Hub-Signature');
   } else if (provider === 'gitlab') {
-    if (config.GITLAB_SECRET_TOKEN !== req.header('X-Gitlab-Token')) {
-      logger.info('Invalid Security Check. Make sure you set the secret token in webhook.');
-      const err = new Error('Invalid secret token');
-      err.status = 400;
-      return next(err);
-    }
+    isValid = config.WEBHOOK_SECRET_TOKEN === req.header('X-Gitlab-Token');
+  } else {
+    // unknown provider
     return next();
   }
 
-  // unknown provider
+  if (!isValid) {
+    logger.info('Invalid Security Check. Make sure you set the secret token in webhook.');
+    const err = new Error('Invalid secret token');
+    err.status = 400;
+    return next(err);
+  }
   return next();
 };