Are your FOSS (Free and open-source software) applications in production up to date?
UTDON was born from a shell that compares :
- the version of an application currently running (production)
- the latest version available (GITHUB repository).
As UTDON only works with applications whose source repository is located on "GitHub", it currently only works with GitHub.
- Monitoring by UI.
- Monitoring by API call.
- Monitoring by API call and update of a monitoring service (ping type).
- API call to trigger update by action on CI/CD chain.
UDON follows the "semver" protocol (https://semver.org/), accessible via the "/api/v1/version" entrypoint, which returns a value in JSON format: {"version":"[\d+].[\d+].[\d+]} (3 groups of numbers separated by a dot).
GitHub "tags" and container "tags" will remain similar to this response.
Release Candidates will be defined as follows: "[\d+].[\d+].[\d+]-rc-[\d+]".
- Install the service & start it up
- Use your web browser to connect to the service:
- http://[IP address]:[port]/
- default login/password: admin/admin
- Change the password.
- Create users & groups
- Create the first "control" (which may be your new UTDON service... to check that everything is working)
- You run the comparison.
- Each control indicates its last "comparison" status.
- To automate the process, create a cron job with "curl" that calls the entrypoint of your choice:
- comparison only: the state is updated at application level
- comparison with the monitoring service update, and you'll be notified of any discrepancies.
graph TD
ag(api tags github)
s(server)
ps(production server)
pr(production release)
lr(last release)
cp(compare)
res(result as JSON)
mps(monitoring ping service)
s-->|call|ag
ag-->|apply expression and get|lr
s-->|call|ps
ps-->|apply expression and get|pr
cp-->lr
cp-->pr
s-->cp
cp-->|give|res
res-->|update internal state|s
s-->|update|mps
- Nodejs
- React/Redux
- JSON databases: located in RAM, replacing files during execution has no effect. Database contents are saved after each modification and when the service receives the SGINT | SIGTERM | SIGUSR2 signal.
- RegExp and Jmespath filters for Json.
- Swagger.
Never expose UTDON directly to the Internet (use a VPN if necessary). UTDON is an internal, self-hosted tool that performs actions on your private resources (Monitoring/CI-CD).
Refuse all SAAS hosting: This product has not been designed to be multi-tenant, and is not protected by an E2E solution. Authentication data is encrypted using a string that would be supplied by the potential host and therefore decipherable by it. Understand that UTDON "controls" contain the url of the service to be monitored, and potentially access to your CI/CD chain and/or monitoring service.
The contents of both databases are partially encrypted:
- user.json: Administrator password (non-reversible) and authentication token (reversible)
- database.json:
- Authentication strings for monitoring urls and CI/CD chain (reversible).
- HTTP header associated with the production scrap process
Stop the service, delete the "user.json" file, then restart. Then log in with the default account/password: admin/admin, then change it immediately.
Sessions are managed in RAM, so a simple service restart resets all sessions.
- Github authentication to remove rate-limit barrier.
- Duplicate a control.
- Addition of a "readonly" token per user for use with a CI/CD chain
- S3 storage.
- Entrypoint API metrics.
- LDAP authentication.
-
login page image: generated by AI https://www.artguru.ai/fr/
-
Radioactive button: https://zurb.com/playground/radioactive-buttons
-
Multiselect component https://github.com/hc-oss/react-multi-select-component?tab=readme-ov-file
-
LoaderShip: https://www.loadership.com/
Give it a star...