feat: support deployment

fan-tastic-z · May 30, 2024 · 457b61e · 457b61e
1 parent d2c3433
commit 457b61e
Show file tree

Hide file tree

Showing 10 changed files with 118 additions and 6 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -5,6 +5,9 @@ edition = "2021"
 
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
+[workspace]
+members = ["./migration", "."]
+
 [dependencies]
 thiserror = "1"
 clap = { version = "4.5.4", features = ["derive"] }

diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,30 @@
+ARG BASE_IMAGE=rust:1.78.0-slim-buster
+
+FROM $BASE_IMAGE as planner
+WORKDIR /app
+RUN cargo install cargo-chef
+COPY . .
+RUN cargo chef prepare --recipe-path recipe.json
+
+FROM $BASE_IMAGE as cacher
+WORKDIR /app
+RUN cargo install cargo-chef \
+    && apt update -y \
+    && apt install pkg-config libssl-dev -y
+COPY --from=planner /app/recipe.json recipe.json
+RUN cargo chef cook  --release --recipe-path recipe.json
+
+FROM $BASE_IMAGE as builder
+WORKDIR /app
+COPY . .
+RUN apt update -y \
+    && apt install pkg-config libssl-dev -y
+# Copy over the cached dependencies
+COPY --from=cacher /app/target target
+COPY --from=cacher $CARGO_HOME $CARGO_HOME
+RUN cargo build --release
+
+FROM gcr.io/distroless/cc-debian10
+WORKDIR /app
+COPY --from=builder /app/target/release/watchvuln-rs .
+CMD ["./watchvuln-rs"]
diff --git a/_typos.toml b/_typos.toml
@@ -2,7 +2,12 @@
 
 
 [files]
-extend-exclude = ["CHANGELOG.md", "notebooks/*", "config/development.yaml"]
+extend-exclude = [
+    "CHANGELOG.md",
+    "notebooks/*",
+    "config/development.yaml",
+    "migration",
+]
 
 [default.extend-identifiers]
 vuln_informations = "vuln_informations"

diff --git a/deployment/config/development.yaml b/deployment/config/development.yaml
@@ -0,0 +1,40 @@
+database:
+  # Database connection URI
+  uri: {{ get_env(name="DATABASE_URL", default="postgres://postgres:123456@localhost:5432/watchvuln") }}
+  # When enabled, the sql query will be logged.
+  enable_logging: false
+  # Set the timeout duration when acquiring a connection.
+  connect_timeout: 500
+  # Set the idle duration before closing a connection.
+  idle_timeout: 500
+  # Minimum number of connections for a pool.
+  min_connections: 1
+  # Maximum number of connections for a pool.
+  max_connections: 1
+
+task:
+  # every day 7:00-22:00 interval 30 minute Execute task
+  cron_config: "0 */1 7-21 * * *"
+
+# Application logging configuration
+logger:
+  # Enable or disable logging.
+  enable: true
+  # Enable pretty backtrace (sets RUST_BACKTRACE=1)
+  pretty_backtrace: true
+  # Log level, options: trace, debug, info, warn or error.
+  level: info
+  # Define the logging format. options: compact, pretty or Json
+  format: compact
+  # By default the logger has filtering only logs that came from your code or logs that came from `loco` framework. to see all third party libraries
+  # Uncomment the line below to override to see all third party libraries you can enable this config and override the logger filters.
+  # override_filter: trace
+
+# Application push message configuration, Now just support tg bot
+tg_bot:
+  chat_id: {{ get_env(name="TG_CHAT_ID", default=0) }}
+  token: {{ get_env(name="TG_TOKEN", default="") }}
+
+ding_bot:
+  access_token: {{ get_env(name="DING_ACCESS_TOKEN", default="") }}
+  secret_token: {{ get_env(name="DING_SECRET_TOKEN", default="") }}
diff --git a/deployment/docker-compose.yaml b/deployment/docker-compose.yaml
@@ -0,0 +1,25 @@
+version: "3"
+services:
+  app:
+    restart: always
+    image: fantasticzf/watchvuln-rs:latest
+    env_file:
+      - env/app.env
+    volumes:
+      - "./config:/app/config"
+    networks:
+      - vuln
+    depends_on:
+      - db
+
+  db:
+    image: postgres:15.3-alpine
+    restart: unless-stopped
+    # ports:
+    #   - 5432:5432
+    networks:
+      - vuln
+    volumes:
+      - "./data:/var/lib/postgresql/data"
+    env_file:
+      - env/postgres.env
diff --git a/deployment/env/app.env b/deployment/env/app.env
@@ -0,0 +1,5 @@
+DATABASE_URL=postgres://watchvuln:watchvuln@db:5432/watchvuln
+DING_ACCESS_TOKEN=
+DING_SECRET_TOKEN=
+TG_CHAT_ID=0
+TG_TOKEN=
diff --git a/deployment/env/postgres.env b/deployment/env/postgres.env
@@ -0,0 +1,3 @@
+POSTGRES_DB=watchvuln
+POSTGRES_USER=watchvuln
+POSTGRES_PASSWORD=watchvuln
diff --git a/migration/src/lib.rs b/migration/src/lib.rs
@@ -7,8 +7,8 @@ pub struct Migrator;
 #[async_trait::async_trait]
 impl MigratorTrait for Migrator {
     fn migrations() -> Vec<Box<dyn MigrationTrait>> {
-        vec![
-            Box::new(m20240417_015641_create_vuln_information::Migration),
-        ]
+        vec![Box::new(
+            m20240417_015641_create_vuln_information::Migration,
+        )]
     }
 }
diff --git a/migration/src/m20240417_015641_create_vuln_information.rs b/migration/src/m20240417_015641_create_vuln_information.rs
@@ -64,6 +64,7 @@ impl MigrationTrait for Migration {
     }
 }
 
+#[allow(clippy::upper_case_acronyms)]
 #[derive(DeriveIden)]
 enum VulnInformations {
     Table,

diff --git a/src/push/dingding.rs b/src/push/dingding.rs
@@ -36,7 +36,7 @@ impl MessageBot for DingDing {
         });
 
         let sign = self.generate_sign()?;
-        println!("{:?}", self);
+
         let res: DingResponse = help
             .http_client
             .post(DING_API_URL)
@@ -46,7 +46,7 @@ impl MessageBot for DingDing {
             .await?
             .json()
             .await?;
-        println!("{:?}", res);
+
         if res.errcode != 0 {
             warn!(
                 "ding push markdown message error, err msg is {}",
-Original file line number
+Diff line change
@@ Expand Up / @@ -64,6 +64,7 @@ impl MigrationTrait for Migration { @@
         }
     }
+    #[allow(clippy::upper_case_acronyms)]
     #[derive(DeriveIden)]
     enum VulnInformations {
         Table,
@@ Expand Down @@