To work on this app, please install and configure docker on your computer.
docker-compose up serviceThis starts up an HTTP server on port 5000 with endpoint /hooks/payload http://localhost:5000/docs has swagger docs that enable you to manually send payloads otherwise you'll need to configure Github webhooks.
You'll need to have ngrok configured with your authtoken, (docker/files/ngrok.yml)
As webhooks are sent to the system, console will output any suspicious activity
Follow instructions on how to configure github webhooks.
- Requirements
- Catch code pushes during specific time windows (14:00 - 16:00)
- Catch team creation events with 'hacker' prefix
- Catch repository lifetime < 10 minutes
- Assumptions
- Needs to be idempotent (avoid reprocessing previously sent hooks/payloads)
- No need for HMAC authentication (validate payload originated from github)
- Design
- Synchronous webhook ingestion and persistence
- Async event analysis with ability to look back at aggregates
- Extensible to organization and repository specific analyzers
- Extensible to further notifiers (only logging for now)
- Mixed use of functional and OOP. OOP is nice but over time is difficult to refactor.
- Preference on composition over inheritance where possible.
- If I had more time I think an event-streaming framework (message queue based) could make more sense here