/utdon

Self-hosted web application to monitor the obsolescence of your FOSS applications in production. UptoDateOrNot ???

Primary LanguageTypeScriptGNU Affero General Public License v3.0AGPL-3.0

Documentation en Français

UTDON (UpToDateOrNot??) - [Translated by deepl.com]

Are your FOSS (Free and open-source software) applications in production up to date?

Introducing

UTDON was born from a shell that compares :

  • the version of an application currently running (production)
  • the latest version available (GITHUB repository).

As UTDON only works with applications whose source repository is located on "GitHub", it currently only works with GitHub.

dashboard

Use cases

  • Monitoring by UI.
  • Monitoring by API call.
  • Monitoring by API call and update of a monitoring service (ping type).
  • API call to trigger update by action on CI/CD chain.

UTDON Versioning

UDON follows the "semver" protocol (https://semver.org/), accessible via the "/api/v1/version" entrypoint, which returns a value in JSON format: {"version":"[\d+].[\d+].[\d+]} (3 groups of numbers separated by a dot).

GitHub "tags" and container "tags" will remain similar to this response.

Release Candidates will be defined as follows: "[\d+].[\d+].[\d+]-rc-[\d+]".

How does it work?

Flow

graph TD
ag(api tags github)

s(server)
ps(production server)
pr(production release)
lr(last release)
cp(compare)
res(result as JSON)
mps(monitoring ping service)
s-->|call|ag
ag-->|apply expression and get|lr
s-->|call|ps
ps-->|apply expression and get|pr
cp-->lr
cp-->pr
s-->cp
cp-->|give|res
res-->|update internal state|s
s-->|update|mps
Loading

Stack

  • Nodejs
  • React/Redux
  • JSON databases: located in RAM, replacing files during execution has no effect. Database contents are saved after each modification and when the service receives the SGINT | SIGTERM | SIGUSR2 signal.
  • RegExp and Jmespath filters for Json.
  • Swagger.

Security

Never expose UTDON directly to the Internet (use a VPN if necessary). UTDON is an internal, self-hosted tool that performs actions on your private resources (Monitoring/CI-CD).

Refuse all SAAS hosting: This product has not been designed to be multi-tenant, and is not protected by an E2E solution. Authentication data is encrypted using a string that would be supplied by the potential host and therefore decipherable by it. Understand that UTDON "controls" contain the url of the service to be monitored, and potentially access to your CI/CD chain and/or monitoring service.

Encryption

The contents of both databases are partially encrypted:

  • user.json: Administrator password (non-reversible) and authentication token (reversible)
  • database.json:
    • Authentication strings for monitoring urls and CI/CD chain (reversible).
    • HTTP header associated with the production scrap process

If you've lost the admin password

Stop the service, delete the "user.json" file, then restart. Then log in with the default account/password: admin/admin, then change it immediately.

Session

Sessions are managed in RAM, so a simple service restart resets all sessions.

Roadmap

  • Github authentication to remove rate-limit barrier.
  • Duplicate a control.
  • Addition of a "readonly" token per user for use with a CI/CD chain
  • S3 storage.
  • Entrypoint API metrics.
  • LDAP authentication.

Credits

If you like this application

Give it a star...