diff --git a/src/config.ts b/src/config.ts index 1b7297a..76ba6f7 100644 --- a/src/config.ts +++ b/src/config.ts @@ -19,6 +19,7 @@ export const Config = { UNDEPLOYER_STATE: process.env.UNDEPLOYER_STATE || '/srv/deployments/autoundeploy.state', BUILD_LOGS: process.env.BUILD_LOGS || '/srv/logs', + UPLOAD_MAX_SIZE: process.env.BUILD_LOGS || '1MB', OPENPGP_PASSPHRASE: process.env.OPENPGP_PASSPHRASE, OPENPGP_PRIVATE_KEY_FILE: process.env.OPENPGP_PRIVATE_KEY_FILE, }; diff --git a/src/main.ts b/src/main.ts index b4152fb..dc53b2e 100644 --- a/src/main.ts +++ b/src/main.ts @@ -10,7 +10,8 @@ import { Uploader } from './upload.js'; const app = express(); app.use(express.json()); -const uploader = new Uploader(Config.UPLOAD_DIRECTORY); +const configUploader = new Uploader(Config.UPLOAD_DIRECTORY); +const configUploadParser = bodyParser.raw({limit: Config.UPLOAD_MAX_SIZE, type: "*/*"}) app.use(function (_req, res, next) { res.header('Access-Control-Allow-Origin', '*'); @@ -99,10 +100,9 @@ app.get('/:id/log', async (req, res) => { } }); -const rawParser = bodyParser.raw({limit: "1MB", type: "*/*"}) -app.post('/upload/config', rawParser, async (req, res) => { +app.post('/upload/config', configUploadParser, async (req, res) => { try { - const id = await uploader.upload(req.body); + const id = await configUploader.upload(req.body); res.json({ id }); diff --git a/src/upload.ts b/src/upload.ts index 7b254fc..cc136cc 100644 --- a/src/upload.ts +++ b/src/upload.ts @@ -43,9 +43,6 @@ export const b64ToBytes = (base64): Uint8Array => { return bytes; }; - - - const decrypt = async (binaryMessage: Uint8Array): Promise => { const message = await openpgp.readMessage({ binaryMessage, @@ -69,21 +66,25 @@ export class Uploader { async upload(body: string | Uint8Array): Promise { let raw: any; - try { - raw = b64ToBytes(body); - } catch { - raw = body; - } + try { + raw = b64ToBytes(body); + } catch { + raw = body; + } + + // We decrypt only to make sure the content is valid. + // Once we know it is good, we want to store the encrypted copy. const obj = await decrypt(raw); validateConfig(obj); - let id = randomId(); + let id: string; let destination: string; do { id = randomId(); destination = `${this.directory}/${id}`; } while (fs.existsSync(destination)); + console.log(`Wrote config to: ${destination}`); fs.writeFileSync(destination, raw); return id; }