Merge pull request #55 from BitGo/CT-698-eos

.drone.jsonnet

@@ -0,0 +1,199 @@
+/// High level setup
+
+local pipeline(
+  name,
+  kind = "pipeline",
+  type = "docker",
+  clone = null,
+  platform = null,
+  workspace = null,
+  services = [],
+  steps = [],
+  trigger = null,
+  node = null,
+  volumes = [],
+  depends_on = [],
+) = {
+  kind: kind,
+  type: type,
+  name: name,
+  [if platform != null then 'platform']: platform,
+  [if workspace != null then 'workspace']: workspace,
+  [if clone != null then 'clone']: clone,
+  [if services != [] then 'services']: services,
+  [if steps != [] then 'steps']: steps,
+  [if trigger != null then 'trigger']: trigger,
+  [if node != null then 'node']: node,
+  [if volumes != [] then 'volumes']: volumes,
+  [if depends_on != [] then 'depends_on']: depends_on,
+};
+
+local step(
+  name,
+  image,
+  settings = null,
+  depends_on = [],
+  commands = null,
+  environment = null,
+  failure = false,
+  detach = false,
+  privileged = false,
+  volumes = [],
+  when = null
+) = {
+  name: name,
+  image: image,
+  [if failure then 'failure']: failure,
+  [if detach then 'detach']: detach,
+  [if privileged then 'privileged']: detach,
+  [if settings != null then 'settings']: settings,
+  [if depends_on != [] then 'depends_on']: depends_on,
+  [if commands != [] then 'commands']: commands,
+  [if environment != null then 'environment']: environment,
+  [if volumes != [] then 'volumes']: volumes,
+  [if when != null then 'when']: when,
+};
+
+[
+  pipeline(
+    kind = "pipeline",
+    name = "checks (node:10)",
+    steps = [
+      step(
+        name = "build information",
+        image = "node:10",
+        commands = [
+          "node --version",
+          "npm --version",
+          "git --version",
+        ],
+      ),
+      step(
+        name = "install",
+        image = "node:10",
+        commands = [
+          "npm install",
+        ],
+      ),
+      step(
+        name = "lint",
+        image = "node:10",
+        commands = [
+          "npm run lint",
+		],
+      ),
+    ],
+  ),
+  pipeline(
+    kind = "pipeline",
+    name = "unit tests (node:10)",
+    steps = [
+      step(
+        name = "build information",
+        image = "node:10",
+        commands = [
+          "node --version",
+          "npm --version",
+          "git --version",
+        ],
+      ),
+      step(
+        name = "install",
+        image = "node:10",
+        commands = [
+          "npm install",
+        ],
+      ),
+      step(
+        name = "unit-test",
+        image = "node:10",
+        depends_on = [
+          "install",
+        ],
+        commands = [
+          "npm run test",
+        ],
+        environment = {
+          MONGO_URI: "mongodb://mongo:27017/key-recovery-service-test",
+        },
+      ),
+      step(
+        name = "audit",
+        image = "node:10",
+///        failure = true,
+        commands = [
+          "npm run audit",
+        ],
+      ),
+    ],
+    trigger = {
+      branch: {
+        exclude: [
+          "prod/production",
+        ],
+      },
+    },
+    services = [
+      {
+        name: "mongo",
+        image: "mongo:3.4",
+      },
+    ],
+  ),
+  pipeline(
+    kind = "pipeline",
+    name = "unit tests (node:12)",
+    steps = [
+      step(
+        name = "build information",
+        image = "node:12",
+        commands = [
+          "node --version",
+          "npm --version",
+          "git --version",
+        ],
+      ),
+      step(
+        name = "install",
+        image = "node:12",
+        commands = [
+          "npm install",
+        ],
+      ),
+      step(
+        name = "unit-test",
+        image = "node:12",
+        depends_on = [
+          "install",
+        ],
+        commands = [
+          "npm run test",
+        ],
+        environment = {
+          MONGO_URI: "mongodb://mongo:27017/key-recovery-service-test",
+        },
+      ),
+      step(
+        name = "audit",
+        image = "node:12",
+///        failure = true,
+        commands = [
+          "npm run audit",
+        ],
+      ),
+    ],
+    trigger = {
+      branch: {
+        exclude: [
+          "prod/production",
+        ],
+      },
+    },
+    services = [
+      {
+        name: "mongo",
+        image: "mongo:3.4",
+      },
+    ],
+  ),
+]

.eslintrc.json

@@ -0,0 +1,69 @@
+{
+  "env": {
+    "browser": true,
+    "es6": true,
+    "node": true,
+    "mocha": true
+  },
+  "globals": {
+    "app": true,        // BitGo side-effect from testutil
+    "ethUtil": true,    // BitGo side-effect from testutil
+    "requireCommon": true
+  },
+  "extends": "eslint:recommended",
+  "parserOptions": {
+    "ecmaVersion": 6
+  },
+  "rules": {
+    "operator-linebreak": ["error", "before"],
+    "max-len": ["error", { "code": 120 } ],
+    "indent": ["error", 2, {"SwitchCase": 1, "MemberExpression": "off"}],
+    "linebreak-style": ["error", "unix"],
+    "semi": ["error", "always"],
+    "eqeqeq": ["error", "always"],
+    "curly": "error",
+    "no-extra-boolean-cast": "off",
+    "no-unused-vars": ["error", {"vars": "all", "args": "none"}],
+    "object-curly-spacing": ["error", "always", {"objectsInObjects": true, "arraysInObjects": true}],
+    "array-bracket-spacing": ["error", "never"],
+    "require-yield": "off",
+    "func-call-spacing": ["error", "never"],
+    "quotes": ["error", "single", { "avoidEscape": true, "allowTemplateLiterals": true }],
+    "key-spacing": ["error", { "beforeColon": false, "afterColon": true, "mode": "strict" }],
+    "quote-props": ["error", "as-needed"],
+    "no-console": "off",
+    "no-empty": ["error", { "allowEmptyCatch": false }],
+    "no-inner-declarations": "off",
+    "no-useless-escape": "off",
+    "func-names": "off",
+    "generator-star-spacing": ["error", {"before": true, "after": false}],
+    "yield-star-spacing": ["error", {"before": true, "after": false}],
+    "no-duplicate-imports": "error",  // whilst imports are not being used, if we start to use them, we do not want duplicates
+    "no-unreachable": "error",
+    "no-path-concat": "off",
+    "no-process-env": "off",
+    "no-process-exit": "off",
+    "no-sync": "warn",
+    "brace-style": ["error", "1tbs", { "allowSingleLine": true }],
+    "eol-last": "error",
+    "no-trailing-spaces": ["error", { "skipBlankLines": true, "ignoreComments": true }],
+    "no-unneeded-ternary": "error",
+    "switch-colon-spacing": ["error", {"before": false, "after": true}],
+    "arrow-spacing": ["error", { "before": true, "after": true }],
+    "no-dupe-args": "error",
+    "no-undef": "error",
+    "no-var": "error",
+    "prefer-const": "error",
+    "no-compare-neg-zero": "error",
+    "no-extra-semi": "error",
+    "radix": "error",
+    "comma-spacing": ["error", { "before": false, "after": true }],
+    "comma-dangle": ["error", "never"],
+    "no-multi-spaces": ["error", {"ignoreEOLComments": true}],
+    "keyword-spacing": ["error"],
+    "space-before-blocks": ["error"],
+    "space-infix-ops": ["error"],
+    "spaced-comment": ["error", "always"],
+    "no-multiple-empty-lines": ["error", { "max": 2, "maxEOF": 1 }]
+  }
+}

.github/renovate.json

@@ -0,0 +1,6 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": ["github>BitGo/gha-renovate-bot//presets/onboarding#v1.15.1"],
+  "baseBranches": ["master"],
+  "enabledManagers": ["github-actions", "regex"],
+}

.github/workflows/codeql.yaml

@@ -0,0 +1,53 @@
+name: "Advanced Security CodeQL Scan"
+
+on:
+  push:
+    branches: ["master"]
+  pull_request:
+    branches: ["master"]
+  schedule:
+    - cron: "43 11 * * 5"
+
+jobs:
+  analyze:
+    name: Analyze
+    # Runner size impacts CodeQL analysis time. To learn more, please see:
+    #   - https://gh.io/recommended-hardware-resources-for-running-codeql
+    #   - https://gh.io/supported-runners-and-hardware-resources
+    #   - https://gh.io/using-larger-runners
+    # Consider using larger runners for possible analysis time improvements.
+    runs-on: "ubuntu-latest"
+    timeout-minutes: 30
+    permissions:
+      security-events: write
+      actions: read
+      contents: read
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ["javascript"]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        continue-on-error: true
+        with:
+          ref: ${{ github.sha }}
+
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        continue-on-error: true
+        with:
+          languages: ${{ matrix.language }}
+
+          # For more details on CodeQL's query packs, refer to:
+          # https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+          queries: security-extended,security-and-quality
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3
+        continue-on-error: true
+        with:
+          category: "/language:${{matrix.language}}"

.gitignore

@@ -1,4 +1,5 @@
 *.swp
+*.iml
 .idea/
 node_modules
 npm-debug.log