diff --git a/.woodpecker.yml b/.woodpecker.yml index b3c98ec..17fa5da 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -1,62 +1,84 @@ steps: audit_dependencies: image: node:20 + commands: + - npm install --package-lock-only + - npm audit --audit-level=moderate --json > audit-result.json 2>&1 || echo "Audit completed" + - npm audit --audit-level=moderate > audit-output.txt 2>&1 || echo "Audit completed" + when: + - branch: main + event: push + + discord_notify_audit: + image: alpine:latest environment: DISCORD_WEBHOOK: from_secret: discord_webhook commands: - - npm install --package-lock-only - - npm audit --audit-level=moderate || AUDIT_EXIT=$? + - apk add --no-cache curl jq - | - if [ ! -z "$AUDIT_EXIT" ]; then - echo "" - echo "==========================================" - echo "⚠️ WARNING: npm audit found vulnerabilities!" - echo "⚠️ Please review the security issues above" - echo "⚠️ Build continues despite vulnerabilities" - echo "==========================================" - echo "" + if [ -f audit-result.json ]; then + TOTAL=$(jq -r '.metadata.vulnerabilities.total // 0' audit-result.json 2>/dev/null || echo "0") + CRITICAL=$(jq -r '.metadata.vulnerabilities.critical // 0' audit-result.json 2>/dev/null || echo "0") + HIGH=$(jq -r '.metadata.vulnerabilities.high // 0' audit-result.json 2>/dev/null || echo "0") + MODERATE=$(jq -r '.metadata.vulnerabilities.moderate // 0' audit-result.json 2>/dev/null || echo "0") + LOW=$(jq -r '.metadata.vulnerabilities.low // 0' audit-result.json 2>/dev/null || echo "0") - # Discord Benachrichtigung senden - if [ ! -z "$DISCORD_WEBHOOK" ]; then - curl -H "Content-Type: application/json" \ - -d "{ - \"embeds\": [{ - \"title\": \"⚠️ npm audit Warnung\", - \"description\": \"Es wurden Sicherheitslücken in den Dependencies gefunden!\", - \"color\": 16744448, - \"fields\": [ - { - \"name\": \"Repository\", - \"value\": \"Gallus_Pub\", - \"inline\": true - }, - { - \"name\": \"Branch\", - \"value\": \"${CI_COMMIT_BRANCH}\", - \"inline\": true - }, - { - \"name\": \"Commit\", - \"value\": \"${CI_COMMIT_SHA:0:7}\", - \"inline\": true - } - ], - \"footer\": { - \"text\": \"Build läuft trotzdem durch\" - }, - \"timestamp\": \"$(date -u +%Y-%m-%dT%H:%M:%S.000Z)\" - }] - }" \ - "$DISCORD_WEBHOOK" + if [ "$CRITICAL" -gt 0 ] || [ "$HIGH" -gt 0 ] || [ "$MODERATE" -gt 0 ]; then + COLOR=16744448 + STATUS="⚠️ Vulnerabilities Found" + else + COLOR=3066993 + STATUS="✅ No Vulnerabilities" fi + + if [ -f audit-output.txt ]; then + VULNS=$(head -50 audit-output.txt | tail -40 || echo "No details") + else + VULNS="No audit output available" + fi + + printf '%s' "$VULNS" > /tmp/vulns.txt + + PAYLOAD=$(jq -n \ + --arg title "🔒 Security Audit - Build #${CI_BUILD_NUMBER}" \ + --arg status "$STATUS" \ + --arg total "$TOTAL" \ + --arg critical "$CRITICAL" \ + --arg high "$HIGH" \ + --arg moderate "$MODERATE" \ + --arg low "$LOW" \ + --arg commit "${CI_COMMIT_SHA:0:7}" \ + --rawfile details /tmp/vulns.txt \ + --arg timestamp "$(date -u +%Y-%m-%dT%H:%M:%S.000Z)" \ + --argjson color "$COLOR" \ + '{ + embeds: [{ + title: $title, + description: $status, + color: $color, + fields: [ + { name: "Total", value: $total, inline: true }, + { name: "Critical", value: $critical, inline: true }, + { name: "High", value: $high, inline: true }, + { name: "Moderate", value: $moderate, inline: true }, + { name: "Low", value: $low, inline: true }, + { name: "Commit", value: ("`" + $commit + "`"), inline: true }, + { name: "Details", value: ("```\n" + ($details[:800]) + (if ($details | length) > 800 then "\n... (truncated)" else "" end) + "\n```"), inline: false } + ], + timestamp: $timestamp + }] + }') + + curl -H "Content-Type: application/json" -X POST \ + -d "$PAYLOAD" "$DISCORD_WEBHOOK" else - echo "✓ No vulnerabilities found" + echo "No audit results found - listing workspace files:" + ls -la fi - - exit 0 when: - branch: main - event: push + - branch: main + event: push deploy_frontend: image: node:20 @@ -68,5 +90,87 @@ steps: - export PATH="$HOME/.fly/bin:$PATH" - flyctl deploy --config fly.toml --app gallus-pub --remote-only when: - branch: main - event: push \ No newline at end of file + - branch: main + event: push + + notify_success: + image: alpine:latest + environment: + DISCORD_WEBHOOK: + from_secret: discord_webhook + commands: + - apk add --no-cache curl jq + - | + # Schreibe Commit-Message in Datei (sicher gegen Shell-Sonderzeichen) + printf '%s\n' "$CI_COMMIT_MESSAGE" > /tmp/commit_msg.txt + + PAYLOAD=$(cat /tmp/commit_msg.txt | jq -Rs \ + --arg title "✅ Build #${CI_BUILD_NUMBER} - Success" \ + --arg repo "${CI_REPO}" \ + --arg branch "${CI_COMMIT_BRANCH}" \ + --arg commit "${CI_COMMIT_SHA:0:7}" \ + --arg author "${CI_COMMIT_AUTHOR}" \ + --arg timestamp "$(date -u +%Y-%m-%dT%H:%M:%S.000Z)" \ + '. as $message | { + embeds: [{ + title: $title, + description: "Build und Deployment erfolgreich abgeschlossen!", + color: 3066993, + fields: [ + { name: "Repository", value: $repo, inline: true }, + { name: "Branch", value: $branch, inline: true }, + { name: "Commit", value: ("`" + $commit + "`"), inline: true }, + { name: "Author", value: $author, inline: true }, + { name: "Commit Message", value: $message, inline: false } + ], + timestamp: $timestamp + }] + }') + + curl -H "Content-Type: application/json" -X POST \ + -d "$PAYLOAD" "$DISCORD_WEBHOOK" + when: + - branch: main + event: push + status: success + + notify_failure: + image: alpine:latest + environment: + DISCORD_WEBHOOK: + from_secret: discord_webhook + commands: + - apk add --no-cache curl jq + - | + # Schreibe Commit-Message in Datei (sicher gegen Shell-Sonderzeichen) + printf '%s\n' "$CI_COMMIT_MESSAGE" > /tmp/commit_msg.txt + + PAYLOAD=$(cat /tmp/commit_msg.txt | jq -Rs \ + --arg title "❌ Build #${CI_BUILD_NUMBER} - Failure" \ + --arg repo "${CI_REPO}" \ + --arg branch "${CI_COMMIT_BRANCH}" \ + --arg commit "${CI_COMMIT_SHA:0:7}" \ + --arg author "${CI_COMMIT_AUTHOR}" \ + --arg timestamp "$(date -u +%Y-%m-%dT%H:%M:%S.000Z)" \ + '. as $message | { + embeds: [{ + title: $title, + description: "Build oder Deployment ist fehlgeschlagen!", + color: 15158332, + fields: [ + { name: "Repository", value: $repo, inline: true }, + { name: "Branch", value: $branch, inline: true }, + { name: "Commit", value: ("`" + $commit + "`"), inline: true }, + { name: "Author", value: $author, inline: true }, + { name: "Commit Message", value: $message, inline: false } + ], + timestamp: $timestamp + }] + }') + + curl -H "Content-Type: application/json" -X POST \ + -d "$PAYLOAD" "$DISCORD_WEBHOOK" + when: + - branch: main + event: push + status: failure \ No newline at end of file diff --git a/backend/src/db/schema.ts b/backend/src/db/schema.ts index 10eaf31..a8c1532 100644 --- a/backend/src/db/schema.ts +++ b/backend/src/db/schema.ts @@ -1,7 +1,6 @@ import { sqliteTable, text, integer } from 'drizzle-orm/sqlite-core'; import { sql } from 'drizzle-orm'; -// Users table - stores Gitea user info for audit and access control export const users = sqliteTable('users', { id: text('id').primaryKey().$defaultFn(() => crypto.randomUUID()), giteaId: text('gitea_id').notNull().unique(), diff --git a/public/images/events/mk6wdnz2-rpxzvl.jpeg b/public/images/events/mk6wdnz2-rpxzvl.jpeg new file mode 100644 index 0000000..2c7cec6 Binary files /dev/null and b/public/images/events/mk6wdnz2-rpxzvl.jpeg differ diff --git a/public/images/events/mkgrg0x5-9yklz2.jpeg b/public/images/events/mkgrg0x5-9yklz2.jpeg new file mode 100644 index 0000000..51e1bde Binary files /dev/null and b/public/images/events/mkgrg0x5-9yklz2.jpeg differ diff --git a/public/images/events/mkwhqonp-2mnuon.jpeg b/public/images/events/mkwhqonp-2mnuon.jpeg new file mode 100644 index 0000000..6d5cbf6 Binary files /dev/null and b/public/images/events/mkwhqonp-2mnuon.jpeg differ diff --git a/public/images/events/ml0s4f7d-f9tzsm.jpeg b/public/images/events/ml0s4f7d-f9tzsm.jpeg new file mode 100644 index 0000000..24ce5db Binary files /dev/null and b/public/images/events/ml0s4f7d-f9tzsm.jpeg differ diff --git a/public/images/events/ml0s9u8a-d8eqee.jpeg b/public/images/events/ml0s9u8a-d8eqee.jpeg new file mode 100644 index 0000000..24ce5db Binary files /dev/null and b/public/images/events/ml0s9u8a-d8eqee.jpeg differ diff --git a/public/images/events/mmlw73z2-9jda78.jpeg b/public/images/events/mmlw73z2-9jda78.jpeg new file mode 100644 index 0000000..a787f63 Binary files /dev/null and b/public/images/events/mmlw73z2-9jda78.jpeg differ diff --git a/public/images/events/mmlwals3-l45i8v.jpeg b/public/images/events/mmlwals3-l45i8v.jpeg new file mode 100644 index 0000000..da47b11 Binary files /dev/null and b/public/images/events/mmlwals3-l45i8v.jpeg differ diff --git a/src/pages/index.astro b/src/pages/index.astro index 7e1e640..e58ffd3 100644 --- a/src/pages/index.astro +++ b/src/pages/index.astro @@ -11,11 +11,24 @@ import About from "../components/About.astro"; const events = [ { - image: "/images/events/mj7dj1ko-mtnbg6.jpeg", + image: "/images/events/mmlw73z2-9jda78.jpeg", title: "Karaoke", - date: "2025-12-01", + date: "2026-03-11", description: ` - Von Mittwoch bis Samstag kannst du deine Stimme zum Besten geben. Du singst gerne, aber lieber für dich? Dann kannst du den 2. OG auch privat mieten. 🍀 WA 077 232 27 70 + Du singst gerne, aber lieber für dich? Dann kannst du den 2. OG auch privat mieten. Optimal für 10-20Pers. Mehr Info's🍀via WA 077 232 27 70 + `, + }, + { + image: "/images/events/mmlwals3-l45i8v.jpeg", + title: "Aushilfe gesucht", + date: "2026-03-11", + description: ` + Was erwartet dich? +🍀Einsatz: 4 Abende im Monat oder nach Absprache. (Auch bisschen Saisonbedingt) +🍀Die besten Stammgäste +🍀Gute Entlöhnung +🍀Familiäre Atmosphäre +und mehr! 077 232 27 70 `, }, { @@ -28,30 +41,21 @@ Plätze sind begrenzt! Jetzt reservieren unter 🍀WA 077 232 27 70 `, }, { - image: "/images/events/mjbgwbzv-n60vrw.jpeg", - title: "New Year Apero", - date: "2026-01-02", + image: "/images/events/ml0s9u8a-d8eqee.jpeg", + title: "St.Patricks Day", + date: "2026-03-17", description: ` - Wir stossen mit euch an! -Freitag 02.01. bereits ab 18:00 OFFEN! + 🍀 It’s Paddy’s Time! Freu dich auf echtes St.-Patrick’s-Day-Feeling mit Live‑Dudelsackmusik, Guinness vom Fass und natürlich grünem Bier. Zieh etwas Grünes an, bring deine Freunde mit und stoß mit uns an – Sláinte! 🍻 `, }, { - image: "/images/events/mjbgxwyk-ygcymt.jpeg", - title: "Schlager Flyer", - date: "2026-01-15", + image: "/images/events/mk6wdnz2-rpxzvl.jpeg", + title: "Pg Petricca - LIVE", + date: "2026-03-20", description: ` - Schalger- HüttenzauberKARAOKE geht in die 2.Runde! -Eintritt ist frei! -Plätze reservieren unter WA 077 232 27 70 - `, - }, - { - image: "/images/events/mj7donky-md8jp5.jpeg", - title: "Celtik Folk Night", - date: "2026-01-29", - description: ` - Celtic Folk Night im Gallus Pub!✨🌿20:30Uhr Eintritt ist Frei/Hutkollekte. Reservation via WA 077 232 27 70 + LIVE Musik mit Pg Petricca! - Folk & Blues. +Eintritt ist Frei / Hutkollekte +Reservation unter 🍀WA 077 232 27 70 `, } ];