Merge pull request #40 from bigbluebutton/develop

v3.0.0

.dockerignore

@@ -1 +1,17 @@
+.dockerignore
+.env
+.git/
+.github/
+.gitignore
+.nvmrc
+*~
+*log.*
+*swn
+*swo
+*swp
+docker-compose.yaml
+Dockerfile
+example/
+extra/
 node_modules/
+test/

.eslintignore

@@ -0,0 +1,3 @@
+node_modules
+*.log
+*~

.eslintrc.yml

@@ -0,0 +1,21 @@
+env:
+  node: true
+  es2022: true
+extends:
+  - eslint:recommended
+  - plugin:import/recommended
+  - plugin:jsdoc/recommended
+parserOptions:
+  sourceType: module
+  ecmaVersion: 2022
+rules:
+  #quotes: ["warn", "single"]
+  no-console: "warn"
+  consistent-return: "warn"
+  no-trailing-spaces: "warn"
+  no-whitespace-before-property: "warn"
+  no-multiple-empty-lines: ["warn", { max: 1 }]
+  import/no-extraneous-dependencies: "error"
+  jsdoc/no-undefined-types: "off"
+  keyword-spacing: ["warn", { before: true, after: true }]
+  indent: ["warn", 2, { "SwitchCase": 1 }]

.github/workflows/README.md

@@ -0,0 +1,13 @@
+Add the following secrets to the GitHub repo:
+```
+REGISTRY_USERNAME
+REGISTRY_TOKEN
+```
+They are the credentials to be used to push the image to the docker images registry.
+
+Add the following variables to the GitHub repo:
+```
+REGISTRY_URI
+REGISTRY_ORGANIZATION
+```
+Considering the image `bigbluebutton/bbb-webhooks:v3.0.0`, the value for `REGISTRY_URI` would be `docker.io` (URI for DockerHub) and `REGISTRY_ORGANIZATION` would be `bigbluebutton`. The image name `bbb-webhooks` isn't configurable, and the tag will be the GitHub tag OR `pr-<pr number>`.

.github/workflows/docker-image.yml

@@ -0,0 +1,102 @@
+name: Build and push image to registry
+on:
+  pull_request:
+    types:
+      - opened
+      - reopened
+      - synchronize
+  push:
+    tags:
+      - '*'
+permissions:
+  contents: read
+jobs:
+  hadolint:
+    uses: ./.github/workflows/docker-lint.yml
+
+  tests:
+    uses: ./.github/workflows/docker-tests.yml
+
+  build:
+    permissions:
+      contents: read # for actions/checkout to fetch code
+      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+      pull-requests: write
+    name: Build and push
+    runs-on: ubuntu-22.04
+    needs:
+      - hadolint
+      - tests
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ vars.REGISTRY_URI }}
+          username: ${{ secrets.REGISTRY_USERNAME }}
+          password: ${{ secrets.REGISTRY_TOKEN }}
+
+      - uses: rlespinasse/[email protected]
+
+      - name: Calculate tag
+        id: tag
+        run: |
+          if [ "$GITHUB_EVENT_NAME" == "pull_request" ]; then
+            TAG="pr-${{ github.event.number }}"
+          else
+            TAG=${{ github.ref_name }}
+          fi
+          echo "IMAGE=${{ vars.REGISTRY_URI }}/${{ vars.REGISTRY_ORGANIZATION }}/bbb-webhooks:$TAG" >> $GITHUB_OUTPUT
+
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ${{ steps.tag.outputs.IMAGE }}
+
+      - name: Build and push image
+        uses: docker/build-push-action@v5
+        with:
+          push: true
+          tags: ${{ steps.tag.outputs.IMAGE }}
+          context: .
+          platforms: linux/amd64
+          cache-from: type=registry,ref=${{ steps.tag.outputs.IMAGE }}
+          cache-to: type=registry,ref=${{ steps.tag.outputs.IMAGE }},image-manifest=true,oci-mediatypes=true,mode=max
+          labels: |
+            ${{ steps.meta.outputs.labels }}
+
+      - name: Add comment to pr
+        if: ${{ github.event_name == 'pull_request' }}
+        uses: actions/github-script@v7
+        with:
+          script: |
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: "Updated Docker image pushed to `${{ steps.tag.outputs.IMAGE }}`"
+            })
+
+      - name: Run Trivy vulnerability scanner
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: ${{ steps.tag.outputs.IMAGE }}
+          format: 'sarif'
+          output: 'trivy-results.sarif'
+          severity: 'CRITICAL,HIGH'
+        env:
+          TRIVY_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
+          TRIVY_PASSWORD: ${{ secrets.REGISTRY_TOKEN }}
+
+      - name: Upload Trivy scan results to GitHub Security tab
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: 'trivy-results.sarif'

.github/workflows/docker-lint.yml

@@ -0,0 +1,19 @@
+name: Run hadolint
+on:
+  workflow_dispatch:
+  workflow_call:
+permissions:
+  contents: read
+jobs:
+  hadolint:
+    name: Run hadolint check
+    runs-on: ubuntu-22.04
+
+    steps:
+    - uses: actions/checkout@v3
+
+    # TODO add hadolint output as comment on PR
+    # https://github.com/hadolint/hadolint-action#output
+    - uses: hadolint/[email protected]
+      with:
+        dockerfile: Dockerfile

.github/workflows/docker-scan.yml

@@ -0,0 +1,30 @@
+name: Run trivy on filesystem
+on:
+  workflow_dispatch:
+permissions:
+  contents: read
+jobs:
+  trivy:
+    permissions:
+      contents: read # for actions/checkout to fetch code
+      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+    name: Run trivy check
+    runs-on: ubuntu-22.04
+
+    steps:
+    - uses: actions/checkout@v3
+
+    - name: Run Trivy vulnerability scanner in repo mode
+      uses: aquasecurity/trivy-action@master
+      with:
+        scan-type: 'fs'
+        ignore-unfixed: true
+        format: 'sarif'
+        output: 'trivy-results.sarif'
+        severity: 'CRITICAL,HIGH'
+
+    - name: Upload Trivy scan results to GitHub Security tab
+      uses: github/codeql-action/upload-sarif@v2
+      with:
+        sarif_file: 'trivy-results.sarif'

.github/workflows/docker-tests.yml

@@ -0,0 +1,52 @@
+name: Run tests
+on:
+  workflow_dispatch:
+  workflow_call:
+permissions:
+  contents: read
+jobs:
+  tests:
+    name: Run tests
+    # https://docs.github.com/en/actions/using-containerized-services/creating-redis-service-containers#running-jobs-in-containers
+    # Containers must run in Linux based operating systems
+    runs-on: ubuntu-22.04
+    # Docker Hub image that `container-job` executes in
+    container: node:20-alpine
+
+    # Service containers to run with `container-job`
+    services:
+      # Label used to access the service container
+      redis:
+        # Docker Hub image
+        image: redis
+        # Set health checks to wait until redis has started
+        options: >-
+          --health-cmd "redis-cli ping"
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+
+    steps:
+      # Downloads a copy of the code in your repository before running CI tests
+      - name: Check out repository code
+        uses: actions/checkout@v4
+
+      # Performs a clean installation of all dependencies in the `package.json` file
+      # For more information, see https://docs.npmjs.com/cli/ci.html
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Copy config
+        run: cp config/default.example.yml config/default.yml
+
+      - name: Run tests
+        # Runs a script that creates a Redis client, populates
+        # the client with data, and retrieves data
+        run: npm run test
+        # Environment variable used by the `client.js` script to create a new Redis client.
+        env:
+          # The hostname used to communicate with the Redis service container
+          REDIS_HOST: redis
+          # The default Redis port
+          REDIS_PORT: 6379
+          XAPI_ENABLED: true

.gitignore

@@ -4,3 +4,9 @@
 node_modules/
 log/*
 config/default.yml
+*swn
+*swo
+*swp
+*log.*
+.env
+*.orig

.nvmrc

@@ -1 +1 @@
-8.4.0
+lts/iron

CHANGELOG.md

@@ -0,0 +1,112 @@
+# CHANGELOG
+
+All notable changes to this project will be documented in this file.
+
+### v3.0.0
+
+#### Changelog since v3.0.0-beta.5
+
+* chore: update github-slug-actions to v4.4.1
+* fix: adjust actions triggers for pr (+ opened, reopened)
+
+#### Changelog since v2.6.1
+
+* feat: new xAPI output module with support for multitenancy
+    - Implements https://github.com/gaia-x-dases/xapi-virtual-classroom
+    - For more information: (README.md)[src/out/xapi/README.md]
+* feat(xapi): add suport for meta_xapi-create-end-actor-name
+* feat(webhooks): implement includeEvents/excludeEvents
+* feat(events): add support for poll events
+* feat(events): add support for raise-hand events
+* feat(events): add support for emoji events
+* feat(events): add user info to screenshare events
+* feat(events): add support for audio muted/unmuted events
+* feat: support internal_meeting_id != record_id on rap events
+* feat: add Prometheus instrumentation
+* feat: add JSDoc annotations to most of the codebase
+* feat: log to file
+* feat: add support for multiple checksum algorithms (SHA1,...,SHA512)
+* feat(test): add support for modular test suites
+* feat(test): add xAPI test suite
+* feat: pipelines with GitHub Actions
+* !refactor: application rewritten to use a modular input/processing/ouput system
+* !refactor: modernize codebase (ES6 imports, Node.js >= 18 etc.)
+* !refactor(webhooks): the webhooks functionality was rewritten into an output module
+* !refactor(webhooks): hook IDs are now UUIDs instead of integers
+* !refactor: new logging system (using Pino)
+* !refactor: migrate node-redis from v3 to v4
+* !refactor: new queue system (using Bullmq)
+* refactor(test): remove nock as a dependency
+* refactor(webhooks): replace request with node-fetch
+* refactor: replace sha1 dependency with native code
+* refactor: remove unused events
+  * `rap-published`, `rap-unpublished`, `rap-deleted`
+* !fix(webhooks): remove general getRaw configuration
+* fix(events): user-left events are now emitted for trailing users on meeting-ended events
+* fix(test): restore remaining out/webhooks tests
+* fix: add Redis disconnection handling
+* build: add docker-compose and updated Dockerfile examples
+* build: set .nvmrc to lts/iron (Node.js 20)
+
+### v3.0.0-beta.5
+
+* feat: pipelines with GitHub Actions
+
+### v3.0.0-beta.4
+
+* fix: use ISO timestamps in production logs
+* refactor: remove unused events
+  * `rap-published`, `rap-unpublished`, `rap-deleted`
+* feat: support internal_meeting_id != record_id on rap events
+* !fix(webhooks): remove general getRaw configuration
+* fix(test): use redisUrl for node-redis client configuration
+* fix(test): pick up mocha configs via new .mocharc.yml file
+* build: set .nvmrc to lts/iron (Node.js 20)
+
+### v3.0.0-beta.3
+
+* build: [email protected], bump transitive deps
+
+### v3.0.0-beta.2
+
+* fix(webhooks): re-implement includeEvents/excludeEvents
+
+### v3.0.0-beta.1
+
+* fix(xapi): ensure the correct lrs_endpoint is used
+* feat(xapi): add suport for meta_xapi-create-end-actor-name
+
+### v3.0.0-beta.0
+
+* feat(test): add support for modular test suites
+* feat(test): add xAPI test suite
+* refactor(test): remove nock as a dependency
+* fix(test): restore remaining out/webhooks tests
+* fix(xapi): set chat message statements timestamp to ISO format
+* fix: add Redis disconnection handling
+
+### v3.0.0-alpha.1
+
+* !refactor: application rewritten to use a modular input/processing/ouput system
+* !refactor: modernize codebase (ES6 imports, Node.js >= 18 etc.)
+* !refactor(webhooks): the webhooks functionality was rewritten into an output module
+* !refactor(webhooks): hook IDs are now UUIDs instead of integers
+* !refactor: new logging system (using Pino)
+* !refactor: migrate node-redis from v3 to v4
+* !refactor: new queue system (using Bullmq)
+* refactor(webhooks): replace request with node-fetch
+* refactor: replace sha1 dependency with native code
+* feat: new xAPI output module with support for multitenancy
+    - Implements https://github.com/gaia-x-dases/xapi-virtual-classroom
+    - For more information: (README.md)[src/out/xapi/README.md]
+* feat(events): add support for poll events
+* feat(events): add support for raise-hand events
+* feat(events): add support for emoji events
+* feat(events): add user info to screenshare events
+* feat(events): add support for audio muted/unmuted events
+* feat: add Prometheus instrumentation
+* feat: add JSDoc annotations to most of the codebase
+* feat: log to file
+* feat: add support for multiple checksum algorithms (SHA1,...,SHA512)
+* fix(events): user-left events are now emitted for trailing users on meeting-ended events
+* build: add docker-compose and updated Dockerfile examples