Skip to content

Commit

Permalink
Merge branch 'nightscout:master' into master
Browse files Browse the repository at this point in the history
  • Loading branch information
inventor96 authored Aug 16, 2023
2 parents 2320cf3 + a09e586 commit fcd7f3b
Show file tree
Hide file tree
Showing 59 changed files with 4,074 additions and 2,871 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ on:
branches: [ dev ]
pull_request:
# The branches below must be a subset of the branches above
branches: [ master ]
branches: [ dev ]
schedule:
- cron: '43 23 * * 3'

Expand Down
65 changes: 31 additions & 34 deletions .github/workflows/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ jobs:
runs-on: ubuntu-latest
strategy:
matrix:
node-version: [12.x, 14.x]
node-version: [12.x, 14.x, 16.x]
mongodb-version: [4.2, 4.4]

steps:
Expand All @@ -40,14 +40,19 @@ jobs:
- name: Send Coverage
run: npm run-script coverage

publish_dev:
name: Publish dev branch to Docker Hub
publish:
name: Publish to Docker Hub
needs: test
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/dev' && github.repository_owner == 'nightscout'
if: (github.ref == 'refs/heads/master' || github.ref == 'refs/heads/dev') && github.repository_owner == 'nightscout'
env:
DOCKER_IMAGE: nightscout/cgm-remote-monitor
PLATFORMS: linux/amd64,linux/arm64
steps:
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to Docker Hub
uses: docker/login-action@v1
with:
Expand All @@ -57,37 +62,29 @@ jobs:
if: success()
uses: actions/checkout@v2
- name: Build, tag and push the dev Docker image
if: success()
run: |
docker build --no-cache=true -t ${{ env.DOCKER_IMAGE }}:dev_${{ github.sha }} .
docker image push ${{ env.DOCKER_IMAGE }}:dev_${{ github.sha }}
docker tag ${{ env.DOCKER_IMAGE }}:dev_${{ github.sha }} ${{ env.DOCKER_IMAGE }}:latest_dev
docker image push ${{ env.DOCKER_IMAGE }}:latest_dev
publish_master:
name: Publish master branch to Docker Hub
needs: test
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/master' && github.repository_owner == 'nightscout'
env:
DOCKER_IMAGE: nightscout/cgm-remote-monitor
steps:
- name: Login to Docker Hub
uses: docker/login-action@v1
if: success() && github.ref == 'refs/heads/dev'
uses: docker/build-push-action@v2
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_PASS }}
- name: Clean git Checkout
if: success()
uses: actions/checkout@v2
- name: get-npm-version
if: success()
context: .
push: true
no-cache: true
platforms: ${{ env.PLATFORMS }}
tags: |
${{ env.DOCKER_IMAGE }}:dev_${{ github.sha }}
${{ env.DOCKER_IMAGE }}:latest_dev
- name: Get Nightscout release version
if: success() && github.ref == 'refs/heads/master'
id: package-version
uses: martinbeentjes/npm-get-version-action@master
- name: Build, tag and push the master Docker image
if: success()
run: |
docker build --no-cache=true -t ${{ env.DOCKER_IMAGE }}:${{ steps.package-version.outputs.current-version }} .
docker image push ${{ env.DOCKER_IMAGE }}:${{ steps.package-version.outputs.current-version }}
docker tag ${{ env.DOCKER_IMAGE }}:${{ steps.package-version.outputs.current-version }} ${{ env.DOCKER_IMAGE }}:latest
docker image push ${{ env.DOCKER_IMAGE }}:latest
if: success() && github.ref == 'refs/heads/master'
uses: docker/build-push-action@v2
with:
context: .
push: true
no-cache: true
platforms: ${{ env.PLATFORMS }}
tags: |
${{ env.DOCKER_IMAGE }}:${{ steps.package-version.outputs.current-version }}
${{ env.DOCKER_IMAGE }}:latest
4 changes: 4 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -30,3 +30,7 @@ npm-debug.log
/cgm-remote-monitor.sln
/obj/Debug
/*.bat

# directories created by docker-compose.yml
mongo-data/
letsencrypt/
17 changes: 11 additions & 6 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -2,17 +2,22 @@ FROM node:14.15.3-alpine

LABEL maintainer="Nightscout Contributors"

RUN mkdir -p /opt/app
ADD . /opt/app
WORKDIR /opt/app
RUN chown -R node:node /opt/app
USER node
ADD . /opt/app

RUN npm install && \
# TODO: We should be able to do `RUN npm install --only=production`.
# For this to work, we need to copy only package.json and things needed for `npm`'s to succeed.
# TODO: Do we need to re-add `npm audit fix`? Or should that be part of a development process/stage?
RUN npm install --cache /tmp/empty-cache && \
npm run postinstall && \
npm run env && \
npm audit fix
rm -rf /tmp/*
# TODO: These should be added in the future to correctly cache express-minify content to disk
# Currently, doing this breaks the browser cache.
# mkdir /tmp/public && \
# chown node:node /tmp/public

USER node
EXPOSE 1337

CMD ["node", "lib/server/server.js"]
76 changes: 76 additions & 0 deletions docker-compose.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
version: '3'

services:
mongo:
image: mongo:4.4
volumes:
- ${NS_MONGO_DATA_DIR:-./mongo-data}:/data/db:cached

nightscout:
image: nightscout/cgm-remote-monitor:latest
container_name: nightscout
restart: always
depends_on:
- mongo
labels:
- 'traefik.enable=true'
# Change the below Host from `localhost` to be the web address where Nightscout is running.
# Also change the email address in the `traefik` service below.
- 'traefik.http.routers.nightscout.rule=Host(`localhost`)'
- 'traefik.http.routers.nightscout.entrypoints=websecure'
- 'traefik.http.routers.nightscout.tls.certresolver=le'
environment:
### Variables for the container
NODE_ENV: production
TZ: Etc/UTC

### Overridden variables for Docker Compose setup
# The `nightscout` service can use HTTP, because we use `traefik` to serve the HTTPS
# and manage TLS certificates
INSECURE_USE_HTTP: 'true'

# For all other settings, please refer to the Environment section of the README
### Required variables
# MONGO_CONNECTION - The connection string for your Mongo database.
# Something like mongodb://sally:[email protected]:99999/nightscout
# The default connects to the `mongo` included in this docker-compose file.
# If you change it, you probably also want to comment out the entire `mongo` service block
# and `depends_on` block above.
MONGO_CONNECTION: mongodb://mongo:27017/nightscout

# API_SECRET - A secret passphrase that must be at least 12 characters long.
API_SECRET: change_me

### Features
# ENABLE - Used to enable optional features, expects a space delimited list, such as: careportal rawbg iob
# See https://github.com/nightscout/cgm-remote-monitor#plugins for details
ENABLE: careportal rawbg iob

# AUTH_DEFAULT_ROLES (readable) - possible values readable, denied, or any valid role name.
# When readable, anyone can view Nightscout without a token. Setting it to denied will require
# a token from every visit, using status-only will enable api-secret based login.
AUTH_DEFAULT_ROLES: denied

# For all other settings, please refer to the Environment section of the README
# https://github.com/nightscout/cgm-remote-monitor#environment

traefik:
image: traefik:latest
container_name: 'traefik'
command:
- '--providers.docker=true'
- '--providers.docker.exposedbydefault=false'
- '--entrypoints.web.address=:80'
- '--entrypoints.web.http.redirections.entrypoint.to=websecure'
- '--entrypoints.websecure.address=:443'
- "--certificatesresolvers.le.acme.httpchallenge=true"
- "--certificatesresolvers.le.acme.httpchallenge.entrypoint=web"
- '--certificatesresolvers.le.acme.storage=/letsencrypt/acme.json'
# Change the below to match your email address
- '[email protected]'
ports:
- '443:443'
- '80:80'
volumes:
- './letsencrypt:/letsencrypt'
- '/var/run/docker.sock:/var/run/docker.sock:ro'
19 changes: 4 additions & 15 deletions lib/api/activity/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -12,23 +12,14 @@ function configure(app, wares, ctx) {
, api = express.Router();

api.use(wares.compression());
api.use(wares.bodyParser({
limit: 1048576 * 50
}));
// text body types get handled as raw buffer stream
api.use(wares.bodyParser.raw({
limit: 1048576
}));
api.use(wares.rawParser);
// json body types get handled as parsed json
api.use(wares.bodyParser.json({
limit: 1048576
, extended: true
limit: '50Mb'
}));
// also support url-encoded content-type
api.use(wares.bodyParser.urlencoded({
limit: 1048576
, extended: true
}));
api.use(wares.urlencodedParser);
// invoke common middleware
api.use(wares.sendJSONStatus);

Expand Down Expand Up @@ -94,9 +85,7 @@ function configure(app, wares, ctx) {
});
}

api.post('/activity/', wares.bodyParser({
limit: 1048576 * 50
}), ctx.authorization.isPermitted('api:activity:create'), post_response);
api.post('/activity/', ctx.authorization.isPermitted('api:activity:create'), post_response);

api.delete('/activity/:_id', ctx.authorization.isPermitted('api:activity:delete'), function(req, res) {
ctx.activity.remove(req.params._id, function() {
Expand Down
10 changes: 5 additions & 5 deletions lib/api/alexa/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -11,12 +11,12 @@ function configure (app, wares, ctx, env) {
// invoke common middleware
api.use(wares.sendJSONStatus);
// text body types get handled as raw buffer stream
api.use(wares.bodyParser.raw());
api.use(wares.rawParser);
// json body types get handled as parsed json
api.use(wares.bodyParser.json({
limit: 1048576
, extended: true
}));
api.use(wares.jsonParser);
// also support url-encoded content-type
api.use(wares.urlencodedParser);
// text body types get handled as raw buffer stream

ctx.virtAsstBase.setupVirtAsstHandlers(ctx.alexa);

Expand Down
10 changes: 4 additions & 6 deletions lib/api/devicestatus/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -13,14 +13,12 @@ function configure (app, wares, ctx, env) {
// invoke common middleware
api.use(wares.sendJSONStatus);
// text body types get handled as raw buffer stream
api.use(wares.bodyParser.raw());
api.use(wares.rawParser);
// json body types get handled as parsed json
api.use(wares.bodyParser.json({
limit: 1048576
, extended: true
}));
api.use(wares.jsonParser);
// also support url-encoded content-type
api.use(wares.bodyParser.urlencoded({ extended: true }));
api.use(wares.urlencodedParser);
// text body types get handled as raw buffer stream

api.use(ctx.authorization.isPermitted('api:devicestatus:read'));

Expand Down
26 changes: 12 additions & 14 deletions lib/api/entries/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -41,20 +41,18 @@ function configure (app, wares, ctx, env) {
// invoke common middleware
api.use(wares.sendJSONStatus);
// text body types get handled as raw buffer stream
api.use(wares.bodyParser.raw());
api.use(wares.rawParser);
// json body types get handled as parsed json
api.use(wares.bodyParser.json({
limit: 1048576
, extended: true
limit: '50Mb'
}));
// also support url-encoded content-type
api.use(wares.urlencodedParser);
// text body types get handled as raw buffer stream
// shortcut to use extension to specify output content-type
api.use(wares.extensions([
'json', 'svg', 'csv', 'txt', 'png', 'html', 'tsv'
]));
// also support url-encoded content-type
api.use(wares.bodyParser.urlencoded({
extended: true
}));

api.use(ctx.authorization.isPermitted('api:entries:read'));
/**
Expand Down Expand Up @@ -357,7 +355,7 @@ function configure (app, wares, ctx, env) {
res.entries_err = err;
return next();
});
}, format_entries);
}, wares.obscure_device, format_entries);

/**
* @module get#/entries/:spec
Expand Down Expand Up @@ -391,7 +389,7 @@ function configure (app, wares, ctx, env) {
prepReqModel(req, req.params.model);
query_models(req, res, next);
}
}, format_entries);
}, wares.obscure_device, format_entries);

/**
* @module get#/entries
Expand All @@ -402,7 +400,7 @@ function configure (app, wares, ctx, env) {
* `find[date]`.
*
*/
api.get('/entries', ifModifiedSinceCTX, query_models, format_entries);
api.get('/entries', ifModifiedSinceCTX, query_models, wares.obscure_device, format_entries);

/**
* @function echo_query
Expand Down Expand Up @@ -740,7 +738,7 @@ function configure (app, wares, ctx, env) {
* @routed
* @response 200 /definitions/Entries
*/
api.get('/times/:prefix?/:regex?', prep_storage, prep_pattern_field, prep_patterns, prep_patterns, query_models, format_entries);
api.get('/times/:prefix?/:regex?', prep_storage, prep_pattern_field, prep_patterns, prep_patterns, query_models, wares.obscure_device, format_entries);

api.get('/count/:storage/where', prep_storage, count_records, format_results);

Expand All @@ -755,7 +753,7 @@ function configure (app, wares, ctx, env) {
/api/v1/slice/entries/dateString/mbg/2015.json
```
*/
api.get('/slice/:storage/:field/:type?/:prefix?/:regex?', prep_storage, prep_pattern_field, prep_patterns, query_models, format_entries);
api.get('/slice/:storage/:field/:type?/:prefix?/:regex?', prep_storage, prep_pattern_field, prep_patterns, query_models, wares.obscure_device, format_entries);

/**
* @module post#/entries/preview
Expand All @@ -767,7 +765,7 @@ function configure (app, wares, ctx, env) {
// setting this flag tells insert_entries to not actually store the results
req.persist_entries = false;
next();
}, insert_entries, format_entries);
}, insert_entries, wares.obscure_device, format_entries);

// Protect endpoints with authenticated api.
if (app.enabled('api')) {
Expand All @@ -782,7 +780,7 @@ function configure (app, wares, ctx, env) {
// setting this flag tells insert_entries to store the results
req.persist_entries = true;
next();
}, insert_entries, format_entries);
}, insert_entries, wares.obscure_device, format_entries);

/**
* @module delete#/entries/:spec
Expand Down
11 changes: 5 additions & 6 deletions lib/api/food/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -9,14 +9,13 @@ function configure (app, wares, ctx) {
// invoke common middleware
api.use(wares.sendJSONStatus);
// text body types get handled as raw buffer stream
api.use(wares.bodyParser.raw( ));
api.use(wares.rawParser);
// json body types get handled as parsed json
api.use(wares.bodyParser.json({
limit: 1048576
, extended: true
}));
api.use(wares.jsonParser);
// also support url-encoded content-type
api.use(wares.bodyParser.urlencoded({ extended: true }));
api.use(wares.urlencodedParser);
// text body types get handled as raw buffer stream
// shortcut to use extension to specify output content-type

api.use(ctx.authorization.isPermitted('api:food:read'));

Expand Down
Loading

0 comments on commit fcd7f3b

Please sign in to comment.