The Shields codebase is divided into several parts:
- The frontend (about 7% of the code)
- The badge renderer (which is available as an npm package)
- The base service classes (about 8% of the code, and probably the most important code in the codebase)
- The server code and a few related odds and ends
- Helper code for token pooling and persistence (used to avoid GitHub rate limiting)
- Service common helper functions (about 7% of the code, and fairly important
since it’s shared across much of the service code)
*.js
in the root ofservices
- The services themselves (about 80% of the code)
*.js
in the folders ofservices
- The badge suggestion endpoint (Note: it's tested as if it’s a service.)
The tests are also divided into several parts:
- Unit and functional tests of the frontend
frontend/**/*.spec.js
- Unit and functional tests of the badge renderer
badge-maker/**/*.spec.js
- Unit and functional tests of the core code
core/**/*.spec.js
- Unit and functional tests of the service helper functions
services/*.spec.js
- Unit and functional tests of the service code (we have only a few of these)
services/*/**/*.spec.js
- The service tester and service test runner
- The service tests themselves live integration tests of the
services, and some mocked tests
*.tester.js
in subfolders ofservices
- Integration tests of Redis-backed persistence code
- Integration tests of the GitHub authorization code
Our goal is for the core code is to reach 100% coverage of the code in the frontend, core, and service helper functions when the unit and functional tests are run.
Our test strategy for the service code is a bit different. It’s primarily
based on live integration tests. That’s because service response formats can
change, and when they do the badges break. We want our tests to fail when this
happens. That way we can fix the problems proactively instead of waiting for
users to report them. There’s a good discussion about this decision in
#927. It’s acceptable to write mocked tests of logic that is
difficult to reach using live tests, however where possible, it’s preferred to
test this kind of logic through unit tests (e.g. of render()
and
transform()
functions).
-
The server entrypoint is
server.js
which sets up error reporting, loads config, and creates an instance of the server. -
The Server, which is defined in
core/server/server.js
, is based on the web framework Scoutcamp. It creates an http server, sets up helpers for token persistence and monitoring. Then it loads all the services, injecting dependencies as it asks each one to register its route with Scoutcamp. -
The service registration continues in
BaseService.register
. From itsroute
property, it derives a regular expression to match the route path, and invokescamp.route
with this value. -
At this point the situation gets gnarly and hard to follow. For the purpose of initialization, suffice it to say that
camp.route
invokes a callback with the four parameters( queryParams, match, end, ask )
which is created in a legacy helper function inlegacy-request-handler.js
. This callback delegates to a callback inBaseService.register
with four different parameters( queryParams, match, sendBadge, request )
, which then runsBaseService.invoke
.BaseService.invoke
instantiates the service and runsBaseService#handle
.
- In production, the majority of requests are served from caches, including the browser cache, GitHub’s camo proxy server, and other downstream caches.
- The Shields servers sit behind the Cloudflare CDN. The CDN itself handles about 40% of the HTTPS requests that come in.
- The remaining requests are proxied to one of the servers.
- See the production hosting documentation for a fuller discussion of the production architecture.
- An HTTPS request arrives. Scoutcamp inspects the URL path and matches it against the regexes for all the registered routes until it finds one that matches. (See Initialization above for an explanation of how routes are registered.)
- Scoutcamp invokes a callback with the four parameters:
( queryParams, match, end, ask )
. This callback is defined inlegacy-request-handler
. A timeout is set to handle unresponsive service code and the next callback is invoked: the legacy handler function. - The legacy handler function receives
( queryParams, match, sendBadge, request )
. Its job is to extract data from the regexmatch
andqueryParams
, invokerequest
to fetch whatever data it needs, and then invokesendBadge
with the result. - The implementation of this function is in
BaseService.register
. It works by runningBaseService.invoke
, which instantiates the service, injects more dependencies, and invokesBaseService#handle
which is implemented by the service subclass. - The job of
handle()
, which should be implemented by each service subclass, is to return an object which partially describes a badge or throw one of the handled error classes. "Partially rendered" most commonly means a non-empty message and an optional color. In the case of the Endpoint badge, it could include many other parameters. At the time of writing the handled error classes were NotFound, InvalidResponse, Inaccessible, InvalidParameter, and Deprecated. Throwing any other error is a programmer error which will be reported and described to the user as a shields internal error. - A typical
handle()
function delegates to one or more helpers to handle stages of the request:- fetch: load the needed data from the upstream service and validate it
- transform: pluck, convert, or summarize the response format into a few properties which will be displayed on the badge
- render: given a few properties, return a message, optional color, and optional label.
- When an error is thrown, BaseService steps in and converts the error
object to renderable properties:
{ isError, message, color }
. - The service invokes
coalesceBadge
whose job is to coalesce query string overrides with values from the service and the service’s defaults to produce an object that fully describes the badge to be rendered. sendBadge
is invoked with that object. It does some housekeeping on the timeout. Then it renders the badge to svg or raster and pushes out the result over the HTTPS connection.