Spaces:

chipling
/

fasthost

Sleeping

App Files Files Community

chipling commited on Jun 30, 2025

Commit

91e5323

verified ·

1 Parent(s): fed2e5c

Update routers/deploy.py

Browse files

Files changed (1) hide show

routers/deploy.py +0 -251

routers/deploy.py CHANGED Viewed

@@ -18,11 +18,6 @@ router = APIRouter()
 deployed_projects = {}
-GITHUB_WEBHOOK_SECRET = os.getenv("GITHUB_WEBHOOK_SECRET", "your_github_webhook_secret_here_CHANGE_THIS")
-if GITHUB_WEBHOOK_SECRET == "your_github_webhook_secret_here_CHANGE_THIS":
-    print("WARNING: GITHUB_WEBHOOK_SECRET is not set. Webhook security is compromised.")
 # --- Helper Functions ---
 # Function to recursively find a file (case-insensitive) within a directory
@@ -39,147 +34,6 @@ def _find_file_in_project(filename: str, root_dir: str) -> str | None:
     return None
 # Function to build and deploy a Docker container from a project path
-async def _build_and_deploy(project_id: str, project_path: str, app_name: str, existing_container_name: str = None):
-    """
-    Handles the Docker build and deployment process for a given project.
-    If an existing_container_name is provided, it attempts to stop and remove it first.
-    Manages ngrok tunnels for the deployed application.
-    """
-    docker_client = docker.from_env()
-    # Define consistent naming for Docker image and container
-    image_name = f"{app_name.lower()}_{project_id[:8]}"
-    container_name = f"{image_name}_container"
-    try:
-        # Step 1: Clean up old containers and images if they exist
-        # Stop and remove the previously deployed container for this project
-        if existing_container_name:
-            print(f"Attempting to stop and remove existing container: {existing_container_name}")
-            try:
-                old_container = docker_client.containers.get(existing_container_name)
-                old_container.stop(timeout=5) # Give 5 seconds to stop gracefully
-                old_container.remove(force=True)
-                print(f"Successfully stopped and removed old container: {existing_container_name}")
-            except docker.errors.NotFound:
-                print(f"Existing container {existing_container_name} not found, proceeding with new deployment.")
-            except Exception as e:
-                print(f"Error stopping/removing old container {existing_container_name}: {e}")
-        # Remove any exited or created containers that might be lingering from previous runs
-        # (This is a general cleanup, not specific to this project_id, but good practice)
-        for c in docker_client.containers.list(all=True):
-            if c.status in ["created", "exited"]: # Only remove non-running containers
-                # Be cautious: only remove containers clearly associated with this deployment logic
-                # For more robust logic, might check labels or names more strictly
-                if c.name.startswith(f"{app_name.lower()}_{project_id[:8]}") or c.name.startswith(f"ngrok-"):
-                    print(f"Removing leftover container {c.name} ({c.id}) with status {c.status}")
-                    try:
-                        c.remove(force=True)
-                    except Exception as e:
-                        print(f"Error removing leftover container {c.name}: {e}")
-        # Step 2: Build Docker image
-        print(f"Building Docker image from {project_path} with tag: {image_name}")
-        image, build_logs_generator = docker_client.images.build(path=project_path, tag=image_name, rm=True)
-        # Process build logs (can be streamed to UI in a real application)
-        for log_line in build_logs_generator:
-            if 'stream' in log_line:
-                print(f"[BUILD LOG] {log_line['stream'].strip()}")
-            elif 'error' in log_line:
-                print(f"[BUILD ERROR] {log_line['error'].strip()}")
-        print(f"Docker image built successfully: {image.id}")
-        # Step 3: Run new Docker container
-        print(f"Running new container {container_name} from image {image_name}")
-        container = docker_client.containers.run(
-            image=image_name,
-            ports={"8080/tcp": None}, # Docker will assign a random host port for 8080/tcp
-            name=container_name,
-            detach=True, # Run in background
-            mem_limit="512m", # Limit memory usage
-            nano_cpus=1_000_000_000, # Limit CPU usage to 1 full core (1 billion nano-CPUs)
-            read_only=True, # Make container filesystem read-only (except tmpfs)
-            tmpfs={"/tmp": ""}, # Mount an in-memory tmpfs for /tmp directory
-            user="1001:1001" # Run as a non-root user (important for security)
-        )
-        print(f"Container started with ID: {container.id}")
-        # Wait a moment for the container to fully start and expose its port
-        time.sleep(5) # Increased sleep to give the application within the container more time
-        # Retrieve the dynamically assigned host port for the container's 8080 port
-        port_info = docker_client.api.port(container.id, 8080)
-        if not port_info:
-            # If port 8080 is not exposed, the container likely failed to start or is not exposing correctly
-            print(f"Error: Port 8080 not exposed by container {container.id}. Inspecting container logs...")
-            try:
-                container_logs = container.logs().decode('utf-8')
-                print(f"Container logs:\n{container_logs}")
-            except Exception as log_e:
-                print(f"Could not retrieve container logs: {log_e}")
-            container.stop()
-            container.remove(force=True)
-            raise Exception("Port 8080 not exposed by container or container failed to start correctly. Check container logs.")
-        host_port = port_info[0]['HostPort']
-        print(f"Container {container.id} is accessible on host port: {host_port}")
-        # Step 4: Manage ngrok tunnel
-        # Check if an ngrok tunnel already exists for this project and close it
-        if project_id in deployed_projects and deployed_projects[project_id].get('ngrok_tunnel'):
-            existing_tunnel = deployed_projects[project_id]['ngrok_tunnel']
-            print(f"Closing existing ngrok tunnel: {existing_tunnel.public_url}")
-            try:
-                existing_tunnel.disconnect()
-            except Exception as ngrok_disconnect_e:
-                print(f"Error disconnecting existing ngrok tunnel: {ngrok_disconnect_e}")
-            deployed_projects[project_id]['ngrok_tunnel'] = None # Clear the reference
-        # Connect a new ngrok tunnel to the dynamically assigned host port
-        print(f"Connecting new ngrok tunnel to host port {host_port}")
-        tunnel = ngrok.connect(host_port, bind_tls=True) # bind_tls=True for HTTPS
-        public_url = tunnel.public_url
-        print(f"Ngrok public URL for {app_name}: {public_url}")
-        # Step 5: Update global state with new deployment details
-        # Ensure the project_id exists in deployed_projects before updating
-        if project_id not in deployed_projects:
-            deployed_projects[project_id] = {} # Initialize if not already present (should be by deploy_from_git)
-        deployed_projects[project_id].update({
-            "container_id": container.id,
-            "container_name": container_name,
-            "ngrok_tunnel": tunnel,
-            "public_url": public_url,
-            "status": "deployed" # Set status to deployed on success
-        })
-        return public_url, container_name
-    except docker.errors.BuildError as e:
-        print(f"Docker build error: {e}")
-        # Capture and return detailed build logs for better debugging
-        build_logs_str = "\n".join([str(log_line.get('stream', '')).strip() for log_line in e.build_log if 'stream' in log_line])
-        if project_id in deployed_projects:
-            deployed_projects[project_id]["status"] = "failed"
-        raise HTTPException(status_code=500, detail=f"Docker build failed: {e.msg}\nLogs:\n{build_logs_str}")
-    except docker.errors.ContainerError as e:
-        print(f"Docker container runtime error: {e}")
-        if project_id in deployed_projects:
-            deployed_projects[project_id]["status"] = "failed"
-        raise HTTPException(status_code=500, detail=f"Container failed during runtime: {e.stderr.decode()}")
-    except docker.errors.APIError as e:
-        print(f"Docker API error: {e}")
-        if project_id in deployed_projects:
-            deployed_projects[project_id]["status"] = "failed"
-        raise HTTPException(status_code=500, detail=f"Docker daemon or API error: {e.explanation}")
-    except Exception as e:
-        print(f"General deployment error: {e}")
-        if project_id in deployed_projects:
-            deployed_projects[project_id]["status"] = "failed"
-        raise HTTPException(status_code=500, detail=f"Deployment process failed unexpectedly: {str(e)}")
 # --- API Endpoints ---
@@ -287,111 +141,6 @@ async def deploy_from_git(repo_url: str = Form(...), app_name: str = Form(...)):
         print(f"Error during initial _build_and_deploy for project {project_id}: {e}")
         raise HTTPException(status_code=500, detail=f"Initial deployment failed unexpectedly: {str(e)}")
-@router.post("/webhook/github")
-async def github_webhook(request: Request, background_tasks: BackgroundTasks):
-    """
-    Endpoint to receive GitHub webhook events (e.g., push events) and trigger redeployments.
-    """
-    # --- Security: Verify GitHub Webhook Signature ---
-    # This is CRUCIAL to ensure the webhook is from GitHub and hasn't been tampered with.
-    # For production, DO NOT comment this out.
-    signature_header = request.headers.get("X-Hub-Signature-256")
-    if not signature_header:
-        raise HTTPException(status_code=403, detail="X-Hub-Signature-256 header missing.")
-    # Read the raw request body once to use for hashing
-    body = await request.body()
-    try:
-        # Calculate expected signature
-        sha_name, signature = signature_header.split("=", 1)
-        if sha_name != "sha256":
-            raise HTTPException(status_code=400, detail="Invalid X-Hub-Signature-256 algorithm. Only sha256 supported.")
-        # Use HMAC-SHA256 with your secret key to hash the raw request body
-        # Ensure the secret is encoded to bytes
-        mac = hmac.new(GITHUB_WEBHOOK_SECRET.encode("utf-8"), body, hashlib.sha256)
-        # Compare the calculated hash with the signature received from GitHub
-        if not hmac.compare_digest(mac.hexdigest(), signature):
-            raise HTTPException(status_code=403, detail="Invalid GitHub signature.")
-    except Exception as e:
-        print(f"Webhook signature verification failed: {e}")
-        raise HTTPException(status_code=403, detail="Signature verification failed.")
-    # Parse the JSON payload from the webhook
-    payload = await request.json()
-    github_event = request.headers.get("X-GitHub-Event")
-    print(f"Received GitHub '{github_event}' webhook for repository: {payload.get('repository', {}).get('full_name')}")
-    # Process only 'push' events
-    if github_event != "push":
-        return JSONResponse({"message": f"Received '{github_event}' event, but only 'push' events are processed."}, status_code=200)
-    # Get the repository URL from the webhook payload
-    repo_url_from_webhook = payload.get("repository", {}).get("html_url") # Prefer html_url or clone_url
-    if not repo_url_from_webhook:
-        raise HTTPException(status_code=400, detail="Repository URL not found in webhook payload.")
-    # Find the project linked to this repository in our in-memory storage
-    project_to_redeploy = None
-    project_id_to_redeploy = None
-    for project_id, project_data in deployed_projects.items():
-        # Match based on repo_url. A more robust solution might normalize URLs or use repository IDs.
-        if project_data.get("repo_url") == repo_url_from_webhook:
-            project_to_redeploy = project_data
-            project_id_to_redeploy = project_id
-            break
-    if not project_to_redeploy:
-        print(f"No active project found for repository: {repo_url_from_webhook}. Webhook ignored.")
-        return JSONResponse({"message": "No associated project found for this repository, ignoring webhook."}, status_code=200)
-    print(f"Received push for {repo_url_from_webhook}. Triggering redeployment for project {project_id_to_redeploy} ({project_to_redeploy['app_name']}).")
-    # Step 1: Pull the latest changes from the Git repository
-    project_path = project_to_redeploy["project_path"]
-    try:
-        repo = git.Repo(project_path)
-        origin = repo.remotes.origin
-        print(f"Pulling latest changes for {repo_url_from_webhook} into {project_path}")
-        origin.pull() # Pull the latest changes from the remote
-        print("Latest changes pulled successfully.")
-    except git.exc.GitCommandError as e:
-        print(f"Failed to pull latest changes for {repo_url_from_webhook}: {e.stderr.decode()}")
-        # Update project status to failed if pull fails
-        deployed_projects[project_id_to_redeploy]["status"] = "failed"
-        return JSONResponse({"error": f"Failed to pull latest changes: {e.stderr.decode()}"}, status_code=500)
-    except Exception as e:
-        print(f"Unexpected error during git pull: {e}")
-        deployed_projects[project_id_to_redeploy]["status"] = "failed"
-        return JSONResponse({"error": f"An unexpected error occurred during git pull: {str(e)}"}, status_code=500)
-    # Step 2: Trigger redeployment in a background task
-    # Using FastAPI's BackgroundTasks ensures the webhook endpoint returns immediately,
-    # preventing timeouts for GitHub, while the redeployment happens asynchronously.
-    # Get the current container name for proper cleanup in _build_and_deploy
-    current_container_name = project_to_redeploy.get("container_name")
-    # Add the build and deploy task to background tasks
-    background_tasks.add_task(
-        _build_and_deploy,
-        project_id_to_redeploy,
-        project_path,
-        project_to_redeploy["app_name"],
-        current_container_name # Pass existing container name for cleanup
-    )
-    # Update project status to indicate redeployment is in progress
-    deployed_projects[project_id_to_redeploy]["status"] = "redeploying"
-    return JSONResponse(
-        {"message": f"Redeployment for project {project_id_to_redeploy} initiated from GitHub webhook."},
-        background=background_tasks,
-        status_code=202 # 202 Accepted: request has been accepted for processing
-    )
 # --- Cleanup Endpoint (Optional, for manual testing/management) ---
 @router.post("/project/delete/{project_id}")

 deployed_projects = {}
 # --- Helper Functions ---
 # Function to recursively find a file (case-insensitive) within a directory
     return None
 # Function to build and deploy a Docker container from a project path
 # --- API Endpoints ---
         print(f"Error during initial _build_and_deploy for project {project_id}: {e}")
         raise HTTPException(status_code=500, detail=f"Initial deployment failed unexpectedly: {str(e)}")
 # --- Cleanup Endpoint (Optional, for manual testing/management) ---
 @router.post("/project/delete/{project_id}")