beast/v2#393
Conversation
Co-authored-by: vibhatsu <[email protected]>
Signed-off-by: ayu-ch <[email protected]>
Signed-off-by: ayu-ch <[email protected]>
Signed-off-by: ayu-ch <[email protected]>
Migrate to postgres and modify models for consistency
Frontend compatibilty fixes
There was a problem hiding this comment.
Pull request overview
This PR introduces significant architectural changes to migrate Beast from SQLite to PostgreSQL, implements remote server deployment capabilities, adds OTP-based email verification, and enhances the leaderboard system with frozen scores and time-series data visualization.
Key Changes:
- Migration from SQLite to PostgreSQL with comprehensive database backup/restore functionality
- Remote server deployment support via SSH with load balancing across multiple servers
- OTP-based email verification for user registration and password recovery
- Enhanced leaderboard with frozen scoring, pagination, and time-series graph data for top users
- Challenge hints system with point-based cost and attempt limits
Reviewed changes
Copilot reviewed 72 out of 2151 changed files in this pull request and generated 7 comments.
Show a summary per file
| File | Description |
|---|---|
| core/database/database.go | Migrated from SQLite to PostgreSQL with backup/restore capabilities |
| pkg/remoteManager/*.go | Added remote server management for distributed challenge deployment |
| api/otp.go | Implemented OTP-based email verification system |
| core/database/hints.go | Added hints system with point-based unlocking |
| api/info.go | Enhanced leaderboard with frozen scores and time-series data |
| core/database/challenges.go | Added challenge attempt limits, prerequisites, and solve tracking |
| utils/prompt.go | Added interactive CLI prompts for configuration |
| cmd/beast/init.go | Comprehensive initialization with database and config setup |
| go.mod | Updated Go version to 1.22.0 and dependencies |
Comments suppressed due to low confidence (1)
api/submit.go:1
- String concatenation should use fmt.Sprintf for better readability and maintainability, especially with multiple variables.
package api
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| if e != nil { | ||
| eMsg := fmt.Errorf("Could not create file : %s", filePath) | ||
| eMsg := fmt.Errorf("could not create file : %s", filePath) | ||
| return eMsg | ||
| } | ||
| defer file.Close() |
There was a problem hiding this comment.
The defer statement for file.Close() is positioned after the error check, meaning the file will not be closed if an error occurs. Move the defer statement immediately after the file assignment to ensure proper resource cleanup even in error cases.
| defer client.Close() | ||
| ServerQueue.Push(server) | ||
| RunCommandOnServer(server, "mkdir -p $HOME/.beast/staging/") |
There was a problem hiding this comment.
The defer statement is inside a loop, which means client.Close() will only be called when Init() returns, not after each iteration. This will leave SSH connections open until the function exits. Move client.Close() outside the defer to close it immediately after use within the loop iteration.
| defer client.Close() | |
| ServerQueue.Push(server) | |
| RunCommandOnServer(server, "mkdir -p $HOME/.beast/staging/") | |
| ServerQueue.Push(server) | |
| RunCommandOnServer(server, "mkdir -p $HOME/.beast/staging/") | |
| client.Close() |
| start, err := dateparse.ParseLocal(startParseStr) | ||
| if err != nil { | ||
| log.Errorf("failed to parse StartingTime: %v", err) | ||
| return Between1MonthAnd1Year | ||
| } |
There was a problem hiding this comment.
The error handling returns a default time bucket (Between1MonthAnd1Year) on parsing failure, which could mask configuration errors. Consider returning a specific error bucket or logging more context about why parsing failed.
|
|
||
| // Setup TLS connection | ||
| tlsConfig := &tls.Config{ | ||
| InsecureSkipVerify: true, // Set true only if SMTP server uses self-signed certs |
There was a problem hiding this comment.
InsecureSkipVerify is set to true, which disables TLS certificate verification and makes the connection vulnerable to man-in-the-middle attacks. This should be set to false in production or made configurable.
| InsecureSkipVerify: true, // Set true only if SMTP server uses self-signed certs | |
| InsecureSkipVerify: false, // Do not skip verification; secure by default |
| if server.Active && server.Host != core.LOCALHOST { | ||
| err := remoteManager.PingServer(server) | ||
| if err != nil { | ||
| msg := fmt.Sprintf("SERVER HEALTH CHECK Faliure: %s : %s", server.Host, err) |
There was a problem hiding this comment.
Corrected spelling of 'Faliure' to 'Failure'.
| msg := fmt.Sprintf("SERVER HEALTH CHECK Faliure: %s : %s", server.Host, err) | |
| msg := fmt.Sprintf("SERVER HEALTH CHECK Failure: %s : %s", server.Host, err) |
| if chall == "" { | ||
| c.JSON(http.StatusBadRequest, HTTPPlainResp{ | ||
| Message: fmt.Sprintf("Challenge name cannot be empty"), | ||
| Message: fmt.Sprint("challenge name cannot be empty"), |
There was a problem hiding this comment.
Using fmt.Sprint with a single string argument is unnecessary. The string can be used directly without formatting.
| Message: fmt.Sprint("challenge name cannot be empty"), | |
| Message: "challenge name cannot be empty", |
* add beast init check in beast run * use core contants for paths * remove unused init and initDirectory from main * use os.IsNotExist * add beast secrets dir * add authorized keys * add beast example config file * rename detauklt auth keys file * add examples directory * add default beast db credentials * add beast init * add prompt for database creation, add prompt for admin creation * add docker pid check, change y\n prompt options * change created beast directory info message * change beast directory not found commit message * add beast bootsteps complete and start beast server message * add ANSI sequence macros * add notification services to constants * add prompt utils * add prompting configuration through terminal * add beast config command * change config command description * bug fixes on git config * fix bugs in beast init * add database prompt to beast config * add user friendly prompt for date time * bug fixes on prompt date * Add check to try connect as postgres super user if possible and resort to password otherwise * Fix: use username instead * Fix: sanitise postgres queries wherever possible * Refactor: make 'promptDatabaseConnectionDetails' function explicit * Fix: Add prompt db name in 'promptDatabaseConnectionDetails' * Refactor: remove unnecessary interpolation * Refactor: fix typo * Fix: add default value checks for connection details * Cleanup: Remove duplicate 'initAuthorizedKeysFile' call. * Refactor: fix interchange between prompts and add minimum memory check. * Feat: Add copy ssh key to authorized keys file. * Fix: create beast example directory if not exists. * Fix: fix infinite loop by calling admin creation directly. * Fix: change ssh permissions * Refactor: substitute deprceated ioutil function for os.ReadFile * Fix: Use TUI for picking public key files and add checks for initialising admin. * Fix: Add change password for beast postgres user. * Refactor: Print log if key file not found instead of error.
* add warning instead of error on empty integer input * Add dbUserCheck function: checks if current user is postgres super user # Conflicts: # cmd/beast/init.go * Add check to try connect as postgres super user if possible and resort to password otherwise * add defer close client * move newTask into scope * add creation of beast cache folder in beast init * remove primary cleanup from utils * add remote manager stop to pop servers * add cleanup and rebase issue 417 * move cache save before database termination * remove unused function * remove cyclic dependancy * Add comments and explain why 'cleanup' is outside 'core/utils/cleanup.go' * Fix: fix typos and frozen leaderboard limit
* feat(ChallengeEnv): DockerCompose field Signed-off-by: vibhatsu <[email protected]> * add(stageChallenge): support for docker-compose Signed-off-by: vibhatsu <[email protected]> * fix(errors): standardize error messages Signed-off-by: vibhatsu <[email protected]> * fix(errors): standardize error messages Signed-off-by: vibhatsu <[email protected]> * feat(docker-compose): add deploy, undeploy and purge functions for local Signed-off-by: vibhatsu <[email protected]> * feat(build-images): BuildImagesFromCompose Signed-off-by: vibhatsu <[email protected]> * feat(remote-manager): add BulidImageFromComposeRemote function for compose build Signed-off-by: vibhatsu <[email protected]> * feat(remote-manager): add deploy, undeploy and purge functions for remote DockerCompose management Signed-off-by: vibhatsu <[email protected]> * feat(pipeline): enhnace docker dompose support for challenge staging and deployment Signed-off-by: vibhatsu <[email protected]> * feat(challenge-manager): enhance undeploy logic for docker compose Signed-off-by: vibhatsu <[email protected]> * add: docker compose example Signed-off-by: vibhatsu <[email protected]> * refactor(deploy): remove success log for docker-compose up and down commands Signed-off-by: vibhatsu <[email protected]> * refactor(pipeline): remove validation of docker-compose file Signed-off-by: vibhatsu <[email protected]> * update(README): add description of docker compose challenge Signed-off-by: vibhatsu <[email protected]> * fix: correct typos in comments and log messages Signed-off-by: vibhatsu <[email protected]> * refactor(docker-commpose): reduce example Signed-off-by: vibhatsu <[email protected]> * fix: improve error logging and formatting in cleanup and show functions Signed-off-by: vibhatsu <[email protected]> * feat(docker-compose): add validation for docker_compose config and warnings Signed-off-by: vibhatsu <[email protected]> * feat(docker-compose): add deployment type support Signed-off-by: vibhatsu <[email protected]> * feat(docker-compose): enhance container deployment verification and error handling Signed-off-by: vibhatsu <[email protected]> * fix(database): improve error messages in transactions Signed-off-by: vibhatsu <[email protected]> * fix(compose-type): correct toml fields Signed-off-by: vibhatsu <[email protected]> * fix(pipeline): correct the deploy logic after rebase Signed-off-by: vibhatsu <[email protected]> * fix(config): return early for docker compose type challenge Signed-off-by: vibhatsu <[email protected]> * feat(compose): enhance deployment and cleanup processes for Docker Compose Signed-off-by: vibhatsu <[email protected]> * feat(compose): enhance remote deployment and cleanup processes for Docker Compose Signed-off-by: vibhatsu <[email protected]> * feat(pipeline): enhance Docker Compose deployment with primary container ID tracking Signed-off-by: vibhatsu <[email protected]> * feat(cleanup): implement label-based cleanup for Docker Compose challenges Signed-off-by: vibhatsu <[email protected]> * feat(project): add GetProjectName function for standardized project naming Signed-off-by: vibhatsu <[email protected]> * feat(labels): add standardized labels for Docker containers and images using GetProjectName Signed-off-by: vibhatsu <[email protected]> * feat(cleanup): update logging for Docker Compose challenge cleanup and use GetProjectName for project naming Signed-off-by: vibhatsu <[email protected]> * feat(cleanup): remove fallback to label-based cleanup Signed-off-by: vibhatsu <[email protected]> --------- Signed-off-by: vibhatsu <[email protected]>
* Fix: fix password quoting * Add: Set postgres user as owner of postgres database
* Add sse notification service in pkg/sse and setup streaming route * Fix send notification to all clients via NotifyChan of each connected client * Refact remove unused fields and types * Refact remove unecessary mutex in the HUB * Fix send notification after saving in the database * Fix use uuid for id of connected sse clients * Fix remaining concurrency issues * Add Sse Hub graceful shutdown in cleanup
Signed-off-by: vibhatsu <[email protected]>
Signed-off-by: vibhatsu <[email protected]>
Signed-off-by: vibhatsu <[email protected]>
Signed-off-by: vibhatsu <[email protected]>
Signed-off-by: vibhatsu <[email protected]>
chore: sidecar removal
* Add free hints for admin and fix redeem error Signed-off-by: ayu-ch <[email protected]> * Fix leaderboard cache invalidation on hints and registration Signed-off-by: ayu-ch <[email protected]> * Fix leaderboard stale logic * Add hint points restoring and dynamic flag deletion on prune action --------- Signed-off-by: ayu-ch <[email protected]> Co-authored-by: sukhman <[email protected]> Co-authored-by: sukhman <[email protected]>
* Remove unnecessary fields from submissionResp and add Success field Signed-off-by: ayu-ch <[email protected]> * use SubmissionResp in getChallengeAttempts() Signed-off-by: ayu-ch <[email protected]> * Allow contestant to view per challenge attempts and shift it's route from admin to public Signed-off-by: ayu-ch <[email protected]> * Add route and function to view attempts by user Signed-off-by: ayu-ch <[email protected]> * Add cheating field to submissions Signed-off-by: ayu-ch <[email protected]> * Make global submissions route admin only Signed-off-by: ayu-ch <[email protected]> * Add pagination to global submissions route Signed-off-by: ayu-ch <[email protected]> * Remove the updation of 'created_at' of submissions at every attempt Signed-off-by: ayu-ch <[email protected]> --------- Signed-off-by: ayu-ch <[email protected]>
* Add updated version types * Update example challenge types
No description provided.