underpost 2.8.873 → 2.8.874

package/README.md

@@ -50,12 +50,13 @@
 
 
 
+
 
 
 <!-- badges -->
 
 
-[![Node.js CI](https://github.com/underpostnet/engine/actions/workflows/docker-image.ci.yml/badge.svg?branch=master)](https://github.com/underpostnet/engine/actions/workflows/docker-image.yml) [![Test](https://github.com/underpostnet/engine/actions/workflows/coverall.ci.yml/badge.svg?branch=master)](https://github.com/underpostnet/engine/actions/workflows/coverall.yml) [![Downloads](https://img.shields.io/npm/dm/underpost.svg)](https://www.npmjs.com/package/underpost) [![Socket Badge](https://socket.dev/api/badge/npm/package/underpost/2.8.873)](https://socket.dev/npm/package/underpost/overview/2.8.873) [![Coverage Status](https://coveralls.io/repos/github/underpostnet/engine/badge.svg?branch=master)](https://coveralls.io/github/underpostnet/engine?branch=master) [![Version](https://img.shields.io/npm/v/underpost.svg)](https://www.npmjs.org/package/underpost) [![License](https://img.shields.io/npm/l/underpost.svg)](https://www.npmjs.com/package/underpost)
+[![Node.js CI](https://github.com/underpostnet/engine/actions/workflows/docker-image.ci.yml/badge.svg?branch=master)](https://github.com/underpostnet/engine/actions/workflows/docker-image.yml) [![Test](https://github.com/underpostnet/engine/actions/workflows/coverall.ci.yml/badge.svg?branch=master)](https://github.com/underpostnet/engine/actions/workflows/coverall.yml) [![Downloads](https://img.shields.io/npm/dm/underpost.svg)](https://www.npmjs.com/package/underpost) [![Socket Badge](https://socket.dev/api/badge/npm/package/underpost/2.8.874)](https://socket.dev/npm/package/underpost/overview/2.8.874) [![Coverage Status](https://coveralls.io/repos/github/underpostnet/engine/badge.svg?branch=master)](https://coveralls.io/github/underpostnet/engine?branch=master) [![Version](https://img.shields.io/npm/v/underpost.svg)](https://www.npmjs.org/package/underpost) [![License](https://img.shields.io/npm/l/underpost.svg)](https://www.npmjs.com/package/underpost)
 
 
 <!-- end-badges -->
@@ -94,6 +95,7 @@
 
 
 
+
 
 
 </div>
@@ -140,7 +142,7 @@ Run dev client server
 npm run dev
 ```
 <!-- -->
-## underpost ci/cd cli v2.8.873
+## underpost ci/cd cli v2.8.874
 
 ### Usage: `underpost [options] [command]`
   ```

package/cli.md

@@ -1,4 +1,4 @@
-## underpost ci/cd cli v2.8.873
+## underpost ci/cd cli v2.8.874
 
 ### Usage: `underpost [options] [command]`
   ```
@@ -291,6 +291,8 @@ Options:
                                     management commands.
   --cert                            Resets TLS/SSL certificate secrets for
                                     deployments.
+  --cert-hosts <hosts>              Resets TLS/SSL certificate secrets for
+                                    specified hosts.
   --node <node>                     Sets optional node for deployment
                                     operations.
   --build-manifest                  Builds Kubernetes YAML manifests, including

package/manifests/deployment/dd-default-development/deployment.yaml

@@ -17,7 +17,7 @@ spec:
     spec:
       containers:
         - name: dd-default-development-blue
-          image: localhost/rockylinux9-underpost:v2.8.873
+          image: localhost/rockylinux9-underpost:v2.8.874
           #          resources:
           #            requests:
           #              memory: "124Ki"
@@ -100,7 +100,7 @@ spec:
     spec:
       containers:
         - name: dd-default-development-green
-          image: localhost/rockylinux9-underpost:v2.8.873
+          image: localhost/rockylinux9-underpost:v2.8.874
           #          resources:
           #            requests:
           #              memory: "124Ki"

package/manifests/deployment/dd-test-development/deployment.yaml

@@ -17,7 +17,7 @@ spec:
     spec:
       containers:
         - name: dd-test-development-blue
-          image: localhost/rockylinux9-underpost:v2.8.873
+          image: localhost/rockylinux9-underpost:v2.8.874
 #          resources:
 #            requests:
 #              memory: "96294Ki"
@@ -66,6 +66,24 @@ spec:
       protocol: UDP
       port: 4022
       targetPort: 4022
+
+    - name: 'tcp-4023'
+      protocol: TCP
+      port: 4023
+      targetPort: 4023
+    - name: 'udp-4023'
+      protocol: UDP
+      port: 4023
+      targetPort: 4023
+
+    - name: 'tcp-4024'
+      protocol: TCP
+      port: 4024
+      targetPort: 4024
+    - name: 'udp-4024'
+      protocol: UDP
+      port: 4024
+      targetPort: 4024
   type: LoadBalancer
 ---
 apiVersion: apps/v1
@@ -86,7 +104,7 @@ spec:
     spec:
       containers:
         - name: dd-test-development-green
-          image: localhost/rockylinux9-underpost:v2.8.873
+          image: localhost/rockylinux9-underpost:v2.8.874
 #          resources:
 #            requests:
 #              memory: "96294Ki"
@@ -135,4 +153,22 @@ spec:
       protocol: UDP
       port: 4022
       targetPort: 4022
+
+    - name: 'tcp-4023'
+      protocol: TCP
+      port: 4023
+      targetPort: 4023
+    - name: 'udp-4023'
+      protocol: UDP
+      port: 4023
+      targetPort: 4023
+
+    - name: 'tcp-4024'
+      protocol: TCP
+      port: 4024
+      targetPort: 4024
+    - name: 'udp-4024'
+      protocol: UDP
+      port: 4024
+      targetPort: 4024
   type: LoadBalancer

package/manifests/deployment/dd-test-development/proxy.yaml

@@ -23,4 +23,29 @@ spec:
         - name: dd-test-development-blue-service
           port: 4022
           weight: 100
+    
+---
+apiVersion: projectcontour.io/v1
+kind: HTTPProxy
+metadata:
+  name: stagging.nexodev.org
+spec:
+  virtualhost:
+    fqdn: stagging.nexodev.org
+  routes:
+    - conditions:
+        - prefix: /
+      enableWebsockets: true
+      services:
+        - name: dd-test-development-blue-service
+          port: 4023
+          weight: 100
+    
+    - conditions:
+        - prefix: /peer
+      enableWebsockets: true
+      services:
+        - name: dd-test-development-blue-service
+          port: 4024
+          weight: 100
     

package/package.json

@@ -2,7 +2,7 @@
     "type": "module",
     "main": "src/index.js",
     "name": "underpost",
-    "version": "2.8.873",
+    "version": "2.8.874",
     "description": "pwa api rest template",
     "scripts": {
         "start": "env-cmd -f .env.production node --max-old-space-size=8192 src/server",

package/src/api/user/user.router.js

@@ -48,7 +48,9 @@ const UserRouter = (options) => {
         check: fs.readFileSync(`./src/client/public/default/assets/mailer/api-user-check.png`),
       },
       header: (res) => {
-        res.set('Content-Type', 'image/png');
+        res.header('Access-Control-Allow-Origin', '*');
+        res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization');
+        res.header('Content-Type', 'image/png');
       },
     };
 

package/src/api/user/user.service.js

@@ -453,6 +453,10 @@ const UserService = {
       const user = await User.findOne({
         email: payload.email,
       });
+      if (process.env.NODE_ENV === 'development') {
+        logger.warn('Only production check image token request on mailer GET /user/recover, set fallback timeout');
+        user.recoverTimeOut = new Date(+new Date() + 1000 * 60 * 15);
+      }
       if (user && new Date().getTime() < new Date(user.recoverTimeOut).getTime()) {
         const validatePassword = validatePasswordMiddleware(req.body.password);
         if (validatePassword.status === 'error') throw new Error(validatePassword.message);

package/src/cli/deploy.js

@@ -12,7 +12,6 @@ import { loggerFactory } from '../server/logger.js';
 import { shellExec } from '../server/process.js';
 import fs from 'fs-extra';
 import dotenv from 'dotenv';
-import { DataBaseProvider } from '../db/DataBaseProvider.js';
 import UnderpostRootEnv from './env.js';
 import UnderpostCluster from './cluster.js';
 import Underpost from '../index.js';
@@ -155,21 +154,7 @@ ${UnderpostDeploy.API.deploymentYamlPartsFactory({
         let secretYaml = '';
 
         for (const host of Object.keys(confServer)) {
-          if (env === 'production')
-            secretYaml += `
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: ${host}
-spec:
-  commonName: ${host}
-  dnsNames:
-    - ${host}
-  issuerRef:
-    name: letsencrypt-prod
-    kind: ClusterIssuer
-  secretName: ${host}`;
+          if (env === 'production') secretYaml += UnderpostDeploy.API.buildCertManagerCertificate({ host });
 
           const pathPortAssignment = pathPortAssignmentData[host];
           // logger.info('', { host, pathPortAssignment });
@@ -223,6 +208,22 @@ spec:
         }
       }
     },
+    buildCertManagerCertificate({ host }) {
+      return `
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name: ${host}
+spec:
+  commonName: ${host}
+  dnsNames:
+    - ${host}
+  issuerRef:
+    name: letsencrypt-prod
+    kind: ClusterIssuer
+  secretName: ${host}`;
+    },
     getCurrentTraffic(deployId) {
       // kubectl get deploy,sts,svc,configmap,secret -n default -o yaml --export > default.yaml
       const hostTest = Object.keys(
@@ -232,7 +233,7 @@ spec:
       return info.match('blue') ? 'blue' : info.match('green') ? 'green' : null;
     },
     async callback(
-      deployList = 'default',
+      deployList = '',
       env = 'development',
       options = {
         remove: false,
@@ -242,6 +243,7 @@ spec:
         infoUtil: false,
         expose: false,
         cert: false,
+        certHosts: '',
         versions: '',
         image: '',
         traffic: '',
@@ -305,6 +307,14 @@ docker login nvcr.io
 Username: $oauthtoken
 Password: <Your Key>
 `);
+      if (!deployList && options.certHosts) {
+        for (const host of options.certHosts.split(',')) {
+          shellExec(`sudo kubectl apply -f - <<EOF
+${UnderpostDeploy.API.buildCertManagerCertificate({ host })}
+EOF`);
+        }
+        return;
+      } else if (!deployList) deployList = 'dd-default';
       if (deployList === 'dd' && fs.existsSync(`./engine-private/deploy/dd.router`))
         deployList = fs.readFileSync(`./engine-private/deploy/dd.router`, 'utf8');
       if (options.infoTraffic === true) {
@@ -361,7 +371,8 @@ Password: <Your Key>
         const confServer = JSON.parse(fs.readFileSync(`./engine-private/conf/${deployId}/conf.server.json`, 'utf8'));
         for (const host of Object.keys(confServer)) {
           shellExec(`sudo kubectl delete HTTPProxy ${host}`);
-          if (env === 'production' && options.cert === true) shellExec(`sudo kubectl delete Certificate ${host}`);
+          if (UnderpostDeploy.API.isValidTLSContext({ host, env, options }))
+            shellExec(`sudo kubectl delete Certificate ${host}`);
           if (!options.remove === true && env === 'development') etcHosts.push(host);
         }
 
@@ -373,7 +384,7 @@ Password: <Your Key>
         if (!options.remove === true) {
           if (!options.disableUpdateDeployment) shellExec(`sudo kubectl apply -f ./${manifestsPath}/deployment.yaml`);
           shellExec(`sudo kubectl apply -f ./${manifestsPath}/proxy.yaml`);
-          if (env === 'production' && options.cert === true)
+          if (UnderpostDeploy.API.isValidTLSContext({ host, env, options }))
             shellExec(`sudo kubectl apply -f ./${manifestsPath}/secret.yaml`);
         }
       }
@@ -458,7 +469,11 @@ Password: <Your Key>
           notReadyPods.push(pod);
         }
       }
-      return { ready: notReadyPods.length === 0, notReadyPods, readyPods };
+      return {
+        ready: pods.length > 0 && notReadyPods.length === 0,
+        notReadyPods,
+        readyPods,
+      };
     },
     configMap(env) {
       shellExec(`kubectl delete configmap underpost-config`);
@@ -482,6 +497,10 @@ Password: <Your Key>
       fs.writeFileSync(`/etc/hosts`, renderHosts, 'utf8');
       return { renderHosts };
     },
+    isValidTLSContext: ({ host, env, options }) =>
+      env === 'production' &&
+      options.cert === true &&
+      (!options.certHosts || options.certHosts.split(',').includes(host)),
   };
 }
 

package/src/cli/index.js

@@ -158,6 +158,7 @@ program
   .option('--expose', 'Exposes services matching the provided deployment ID list.')
   .option('--info-util', 'Displays useful `kubectl` utility management commands.')
   .option('--cert', 'Resets TLS/SSL certificate secrets for deployments.')
+  .option('--cert-hosts <hosts>', 'Resets TLS/SSL certificate secrets for specified hosts.')
   .option('--node <node>', 'Sets optional node for deployment operations.')
   .option(
     '--build-manifest',

package/src/client/components/core/Auth.js

@@ -107,6 +107,7 @@ const Auth = {
             });
           });
       }
+      // Important delete session token if guest token already exists
       Auth.deleteToken();
       localStorage.removeItem('jwt');
 

package/src/index.js

@@ -35,7 +35,7 @@ class Underpost {
    * @type {String}
    * @memberof Underpost
    */
-  static version = 'v2.8.873';
+  static version = 'v2.8.874';
   /**
    * Repository cli API
    * @static

package/src/runtime/lampp/Lampp.js

@@ -106,10 +106,10 @@ const Lampp = {
         break;
     }
   },
-  createApp: async ({ port, host, path, directory, rootHostPath, redirect, redirectTarget }) => {
+  createApp: async ({ port, host, path, directory, rootHostPath, redirect, redirectTarget, resetRouter }) => {
     if (!Lampp.enabled()) return { disabled: true };
     if (!Lampp.ports.includes(port)) Lampp.ports.push(port);
-    if (currentPort === initPort) Lampp.removeRouter();
+    if (resetRouter) Lampp.removeRouter();
     Lampp.appendRouter(`
 Listen ${port}
 

package/src/runtime/xampp/Xampp.js

@@ -31,12 +31,12 @@ const Xampp = {
     this.router = undefined;
     if (fs.existsSync(`./tmp/xampp-router.conf`)) fs.rmSync(`./tmp/xampp-router.conf`);
   },
-  createApp: async ({ port, host, path, directory, rootHostPath, redirect, redirectTarget }) => {
+  createApp: async ({ port, host, path, directory, rootHostPath, redirect, redirectTarget, resetRouter }) => {
     if (!Xampp.enabled()) {
       return { disabled: true };
     }
     if (!Xampp.ports.includes(port)) Xampp.ports.push(port);
-    if (currentPort === initPort) Xampp.removeRouter();
+    if (resetRouter) Xampp.removeRouter();
     Xampp.appendRouter(`
 Listen ${port}
 

package/src/server/auth.js

@@ -552,7 +552,7 @@ function applySecurity(app, opts = {}) {
       origin: origin || false,
       methods: ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'OPTIONS'],
       credentials: true,
-      allowedHeaders: ['Content-Type', 'Authorization', 'X-Requested-With', 'Accept'],
+      allowedHeaders: ['Content-Type', 'Authorization', 'X-Requested-With', 'Accept', 'withcredentials'],
       maxAge: 600,
     }),
   );

package/src/server/runtime.js

@@ -295,6 +295,7 @@ const buildRuntime = async () => {
               rootHostPath,
               redirect,
               redirectTarget,
+              resetRouter: currentPort === initPort,
             });
             if (disabled) continue;
             await UnderpostStartUp.API.listenPortController(
@@ -314,6 +315,7 @@ const buildRuntime = async () => {
               rootHostPath,
               redirect,
               redirectTarget,
+              resetRouter: currentPort === initPort,
             });
             if (disabled) continue;
             await UnderpostStartUp.API.listenPortController(