ReVanced · alexandreteles · Oct 19, 2023 · Sep 26, 2023 · Sep 26, 2023 · Sep 26, 2023
diff --git a/.dockerignore b/.dockerignore
@@ -0,0 +1,6 @@
+.idea
+.devcontainer
+.git
+.gitignore
+.github
+.vscode
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -0,0 +1,54 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [dev]
+  pull_request:
+    types: [opened, reopened, edited, synchronize]
+  schedule:
+    - cron: "29 5 * * 5"
+  workflow_dispatch:
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
+    timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }}
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ["python"]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Set up Python
+        uses: actions/setup-python@v4
+        with:
+          python-version: "3.11.6"
+
+      - name: Install project dependencies
+        run: |
+          python -m pip install --upgrade pip
+          if [ -f requirements.txt ];
+          then pip install -r requirements.txt;
+          fi
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+          queries: security-and-quality
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v2
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2
+        with:
+          category: "/language:${{matrix.language}}"
diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml
@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     name: Security check
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Security Checks (PyCharm Security)
         uses: tonybaloney/pycharm-security@master
         with:
@@ -33,24 +33,24 @@ jobs:
     steps:
       - name: Checkout Dockerfile
         id: checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: ${{ inputs.branch }}
 
       - name: Setup QEMU
         id: qemu
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
         with:
           image: tonistiigi/binfmt:latest
           platforms: all
 
       - name: Setup Docker Buildx
         id: buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
 
       - name: Extract metadata (tags, labels) for Docker
         id: meta
-        uses: docker/metadata-action@v4
+        uses: docker/metadata-action@v5
         with:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
           flavor: |
@@ -59,7 +59,7 @@ jobs:
 
       - name: Build Docker image
         id: build
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v5
         with:
           context: .
           file: ./Dockerfile

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -22,30 +22,30 @@ jobs:
     steps:
       - name: Checkout Dockerfile
         id: checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Setup QEMU
         id: qemu
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
         with:
           image: tonistiigi/binfmt:latest
           platforms: all
 
       - name: Setup Docker Buildx
         id: buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
 
       - name: Login to GitHub Container Registry
         id: ghcr
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GH_TOKEN }}
 
       - name: Extract metadata (tags, labels) for Docker
         id: meta
-        uses: docker/metadata-action@v4
+        uses: docker/metadata-action@v5
         with:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
           flavor: |
@@ -54,7 +54,7 @@ jobs:
 
       - name: Build and push main Docker image
         id: build
-        uses: docker/build-push-action@v4
+        uses: docker/build-push-action@v5
         with:
           build-args: GH_TOKEN=${{ secrets.GH_TOKEN }}
           context: .

diff --git a/.github/workflows/pytest.yml b/.github/workflows/pytest.yml
@@ -21,12 +21,12 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Set up Python
         uses: actions/setup-python@v4
         with:
-          python-version: "3.11.4"
+          python-version: "3.11.6"
 
       - name: Install project dependencies
         run: |

diff --git a/.github/workflows/quodana.yml b/.github/workflows/quodana.yml
diff --git a/.gitignore b/.gitignore
@@ -157,7 +157,8 @@ cython_debug/
 #  be found at https://github.com/github/gitignore/blob/main/Global/JetBrains.gitignore
 #  and can be added to the global gitignore or merged into this file.  For a more nuclear
 #  option (not recommended) you can uncomment the following to ignore the entire idea folder.
-#.idea/
+.idea/
 
 # custom
 env.sh
+persistance/database.db
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -1,6 +1,6 @@
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.4.0
+    rev: v4.5.0
     hooks:
       - id: trailing-whitespace
       - id: end-of-file-fixer
@@ -12,15 +12,9 @@ repos:
       - id: check-toml
       - id: check-merge-conflict
   - repo: https://github.com/psf/black
-    rev: 23.7.0
+    rev: 23.9.1
     hooks:
       - id: black
         language_version: python3.11
-  - repo: https://github.com/pryorda/dockerfilelint-precommit-hooks
-    rev: v0.1.0
-    hooks:
-      - id: dockerfilelint
-        stages: [commit]
-
 ci:
   autoupdate_branch: "dev"
diff --git a/Dockerfile b/Dockerfile
@@ -1,14 +1,36 @@
-FROM python:3.11-slim
+## Build dependencies
+FROM python:3.11-slim as dependencies
+
+WORKDIR /usr/src/app
+
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends gcc git \
+    && rm -rf /var/lib/apt/lists/*
+
+RUN python -m venv /opt/venv
+ENV PATH="/opt/venv/bin:$PATH"
+
+COPY requirements.txt .
 
-ARG GITHUB_TOKEN
-ENV GITHUB_TOKEN $GITHUB_TOKEN
+RUN pip install -r requirements.txt
+
+## Image
+FROM python:3.11-slim
 
 WORKDIR /usr/src/app
 
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends curl \
+    && rm -rf /var/lib/apt/lists/*
+
+ENV PATH="/opt/venv/bin:$PATH"
+
+COPY --from=dependencies /opt/venv /opt/venv
 COPY . .
 
-RUN apt update && \
-    apt-get install build-essential libffi-dev libssl-dev openssl --no-install-recommends -y \
-    && pip install --no-cache-dir -r requirements.txt
+VOLUME persistance
+
+CMD docker/run-backend.sh
+HEALTHCHECK CMD docker/run-healthcheck.sh
 
-CMD [ "python3", "-m" , "sanic", "app:app", "--fast", "--access-logs", "--motd", "--noisy-exceptions", "-H", "0.0.0.0"]
+EXPOSE 8000
diff --git a/README.md b/README.md
@@ -5,7 +5,7 @@
 ![License: AGPLv3](https://img.shields.io/github/license/revanced/revanced-api)
 [![codecov](https://codecov.io/gh/ReVanced/revanced-api/branch/dev/graph/badge.svg?token=10H8D2CRQO)](https://codecov.io/gh/ReVanced/revanced-api)
 [![Build and Publish Docker Image](https://github.com/revanced/revanced-api/actions/workflows/main.yml/badge.svg)](https://github.com/revanced/revanced-api/actions/workflows/main.yml)
-[![Qodana | Code Quality Scan](https://github.com/revanced/revanced-api/actions/workflows/quodana.yml/badge.svg)](https://github.com/revanced/revanced-api/actions/workflows/quodana.yml)
+[![Qodana | Code Quality Scan](https://github.com/revanced/revanced-api/actions/workflows/qodana.yml/badge.svg)](https://github.com/revanced/revanced-api/actions/workflows/qodana.yml)
 [![PyTest | Testing and Code Coverage](https://github.com/revanced/revanced-api/actions/workflows/pytest.yml/badge.svg)](https://github.com/revanced/revanced-api/actions/workflows/pytest.yml)
 
 ---
@@ -20,7 +20,11 @@ To run this API, you need Python 3.11.x. You can install the dependencies with p
 poetry install
 ```
 
-Create an environment variable called `GITHUB_TOKEN` with a valid GitHub token with read access to public repositories.
+Create the following environment variables:
+
+- `GITHUB_TOKEN` with a valid GitHub token with read access to public repositories
+- `SECRET_KEY` to salt login sessions
+- `USERNAME` & `PASSWORD` to initialize the database with a user to login with to authenticated endpoints
 
 Then, you can run the API in development mode with:
 

diff --git a/api/__init__.py b/api/__init__.py
@@ -7,5 +7,9 @@
 from api.info import info
 from api.compat import github as compat
 from api.donations import donations
+from api.announcements import announcements
+from api.login import login
 
-api = Blueprint.group(ping, github, info, socials, donations, compat, url_prefix="/")
+api = Blueprint.group(
+    login, ping, github, info, socials, donations, announcements, compat, url_prefix="/"
+)