Skip to content

A collaborative documentation site, powered by Google Docs.

License

Notifications You must be signed in to change notification settings

sfneofuturists/chive

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Library Build Status Supported node versions

SFNF Quickstart

Deploy commands

Deploy to production: gcloud app deploy --project sfneofuturists-chive

Deploy to staging (also see https://cloud.google.com/appengine/docs/flexible/testing-and-deploying-your-app?tab=node.js): gcloud app deploy --no-promote --project sfneofuturists-chive --version staging

Using the staging environment

Always try out changes in the staging environment first!

Staging URL: https://staging-dot-sfneofuturists-chive.wn.r.appspot.com/

You can temporarily route traffic through the main chive URL to staging in Versions -> Migrate Traffic

Secrets, secrets

.env file template:

# node environment (development or production)
NODE_ENV=production
# Google oAuth credentials
GOOGLE_CLIENT_ID=962567839872-4c94dhvchhtnpf5ajedc6p1nuboqeimq.apps.googleusercontent.com
# retrieve this from Cloud Console (APIs & Services -> Credentials -> sfneofuturists-chive -> download JSON secret)
GOOGLE_CLIENT_SECRET=REPLACEME
GCP_PROJECT_ID=sfneofuturists-chive
# Generate a random string for this; if this changes between deploys, users will have to log in again
SESSION_SECRET=REPLACEME
# needed in order to generate an HTTPS OAuth2 callback URL in userAuth.js
# Google App Engine is behind an nginx reverse proxy: https://issuetracker.google.com/issues/70018870#comment2
# Also see https://expressjs.com/en/guide/behind-proxies.html
TRUST_PROXY=true

# NB: APPROVED_DOMAINS not needed for our version of the project

# team or folder (we're not using GSuite, so has to be folder)
DRIVE_TYPE=folder
# the ID of your team's drive or shared folder. The string of random numbers and letters at the end of your team drive or folder url.
DRIVE_ID=1w5VMeTMwG5mC3apzYqM6C9JRelBhqUwO

# download a new version of .auth.json from Cloud Console and place it in your copy of the repo
# (APIs & Services -> Credentials -> sfneofuturists-chive@sfneofuturists-chive.iam.gserviceaccount.com ->
#  Keys -> Add Key -> Create new key)
# note: no need to change this line, it just has to not be "parse_json" to make it look for the file
GOOGLE_APPLICATION_CREDENTIALS=.auth.json

# alternative: uncomment these 2 lines, download .auth.json as above, and paste its contents here instead
# also need to remove the other GOOGLE_APPLICATION_CREDENTIALS line
# GOOGLE_APPLICATION_CREDENTIALS=parse_json
# GOOGLE_APPLICATION_JSON=PASTE_RAW_JSON_HERE

Apps Script for Authentication

Read the documentation at the top of appsScriptAuth.js! With how we have Library configured, it's critical to also deploy the Apps Script and update the URL in custom/userAuth.js in order to let users log in. The Apps Script should be running under the SFNF Gmail account.

Original NYT Documentation

A collaborative newsroom documentation site, powered by Google Docs.

Table of Contents

Demo Site & User Guide

Documentation about how to get started with Library is hosted as a working (read only) demo on Heroku. Consult the site for more detailed instructions than this readme about how to get the most out of Library: https://nyt-library-demo.herokuapp.com.

Contacting us

Love Library? Let us know by joining our Google Group and dropping us a line. You'll also stay up to date with the latest Library features via our release notes, which get sent to this list.

Community

Here are some of the organizations using Library so far.

Marketplace

The New York Times

Northwestern University Knight Lab

Star Tribune

WBEZ

The Los Angeles Times Data and Graphics Department

Contributing

See CONTRIBUTING.md for information on how to contribute code and/or documentation on GitHub or on the demo site.

Questions

If you have questions about how to get your copy of Library up and running, join our Google Group, and let us know what you're running into. We also keep an eye on the #proj-library channel in the News Nerdery Slack. We'll do our best to answer your questions.

Development Workflow

  1. Clone and cd into the repo:

    git clone [email protected]:nytimes/library.git && cd library

  2. From the Google API console, create or select a project, then create a service account with the Cloud Datastore User role. It should have API access to Drive and Cloud Datastore. Store these credentials in server/.auth.json.

    • To use oAuth, you will also need to create oAuth credentials.
    • To use the Cloud Datastore API for reading history, you will need to add in your GCP_PROJECT_ID.
  3. Install dependencies:

    npm install --no-optional

  4. Create a .env file at the project root. An example .env might look like

# node environment (development or production)
NODE_ENV=development
# Google oAuth credentials
GOOGLE_CLIENT_ID=123456-abcdefg.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=abcxyz12345
GCP_PROJECT_ID=library-demo-1234
# comma separated list of approved access domains or email addresses (regex is supported).
APPROVED_DOMAINS="nytimes.com,dailypennsylvanian.com,(.*)?ar.org,[email protected]"
SESSION_SECRET=supersecretvalue

# Google drive Configuration
# team or folder ("folder" if using a folder instead of a team drive)
DRIVE_TYPE=team
# the ID of your team's drive or shared folder. The string of random numbers and letters at the end of your team drive or folder url.
DRIVE_ID=0123456ABCDEF

Make sure to not put any comments in the same line as DRIVE_TYPE and DRIVE_ID vars.

Ensure you share your base drive or folder with the email address associated with the service account created in step 2.

Be careful! Setting NODE_ENV to development changes the built in behaviors for site authentication to allow accounts other than those in the APPROVED_DOMAINS list. Never use NODE_ENV=development for your deployed site, only locally.

  1. Start the app:

    npm run watch

The app should now be running at localhost:3000. Note that Library requires Node v8 or higher.

Tests

You can run functional and unit tests, which test HTML parsing and routing logic, with npm test. A coverage report can be generated by running npm run test:cover.

The HTML parsing tests are based on the Supported Formats doc. To download a fresh copy of the HTML after making edits, run node test/utils/updateSupportedFormats.js.

Customization

Styles, text, caching logic, and middleware can be customized to match the branding of your organization. This is covered in the customization readme.

A sample customization repo is provided at nytimes/library-customization-example.

Deploying the app

Wherever you deploy Library, you'll likely want to set up a Google service account and OAuth 2.0 client Set up your service account with API access to Drive and Cloud Datastore.

If you wish to deploy Library with customizations, create a git repo with the files you would like to include. Set the CUSTOMIZATION_GIT_REPO environment variable to the cloning URL. Files in the repo and packages specified in the package.json will be included in your library installation.

For more detailed instructions, consult the Getting Started section of the demo site: https://nyt-library-demo.herokuapp.com/get-started

Using Heroku

This button can quickly deploy to Heroku: Deploy

Set your app's GOOGLE_APPLICATION_JSON, GOOGLE_CLIENT_ID, and GOOGLE_CLIENT_SECRET with values from the service account and Oauth client. Add <your-heroku-app-url>.com as an authorized domain in the general OAuth consent screen setup and then add http://<your-heroku-app-url>.com/auth/redirect as the callback url in the OAuth credential setup itself.

Using Google App Engine

You can also deploy Library to GAE, using the included app.yaml. Note that you will need to enable billing on your GCP project in order to use Google App Engine. More detailed instructions are provided on the demo site.

Using Docker Dockerhub

Library can be used as a base image for deployment using Docker. This allows you to automate building and deploying a custom version of Library during Docker's build phase. If you create a repo with the contents of your custom folder, you could deploy library from that repo with a Dockerfile like the following:

FROM nytimes/library

# copy custom files to library's custom repo
COPY . ./custom/

# move to a temporary folder install custom npm packages
WORKDIR /usr/src/tmp
COPY package*.json .npmrc ./
RUN npm i
# copy node modules required by custom node modules
RUN yes | cp -rf ./node_modules/* /usr/src/app/node_modules

# return to app directory and build
WORKDIR /usr/src/app
RUN npm run build

# start app
CMD [ "npm", "start" ]

Standard Deployment

Library is a standard node app, so it can be deployed just about anywhere. If you are looking to deploy to a standard VPS, Digital Ocean's tutorials are a great resource.

App structure

Server

The main entry point to the app is index.js.

This file contains the express server which will respond to requests for docs in the configured team drive or shared folder. Additionally, it contains logic about issuing 404s and selecting the template to use based on the path.

Views

Views (layouts) are located in the layouts folder. They use the .ejs extension, which uses a syntax similar to underscore templates.

Base styles for the views are in the styles directory containing Sass files. These files are compiled to CSS and placed in public/css.

Doc parsing

Doc HTML fetch and parsing is handled by docs.js. fetchDoc takes the ID of a Google doc and a callback, then passes the HTML of the document into the callback once it has been downloaded and processed.

Listing the drive

Traversing the contents of the NYT Docs folder is handled by list.js. There are two exported functions:

  • getTree is an async call that returns a nested hash (tree) of Google Drive Folder IDs mapped to their children. It is used by the server to determine whether a route is valid or not.

  • getMeta synchronously returns a hash of Google Doc IDs to metadata objects that were saved in the course of populating the tree. This metadata includes edit history, document authors, and parent folders.

The tree and file metadata are repopulated into memory on an interval (currently 60s). Calling getTree multiple times will not return fresher data.

Auth

Authentication with the Google Drive v3 api is handled by the auth.js file, which exposes a single method getAuth. getAuth will either return an already instantiated authentication client or produce a fresh one. Calling getAuth multiple times will not produce a new authentication client if the credentials have expired; we should build this into the auth.js file later to automatically refresh the credentials on some sort of interval to prevent them from expiring.

User Authentication

Library currently supports both Slack and Google Oauth methods. As Library sites are usually intended to be internal to a set of limited users, Oauth with your organization is strongly encouraged. To use Slack Oauth, specify your Oauth strategy in your .env file, like so:

# Slack needs to be capitalized as per the Passport.js slack oauth docs http://www.passportjs.org/packages/passport-slack-oauth2/
OAUTH_STRATEGY=Slack

You will need to provide Slack credentials, which you can do by creating a Library Oauth app in your Slack workspace. After creating the app, save the app's CLIENT_ID and CLIENT_SECRET in your .env file:

SLACK_CLIENT_ID=1234567890abcdefg
SLACK_CLIENT_SECRET=09876544321qwerty

You will need to add a callback URL to your Slack app to allow Slack to redirect back to your Library instance after the user is authenticated.

About

A collaborative documentation site, powered by Google Docs.

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Packages

No packages published

Languages

  • JavaScript 69.6%
  • SCSS 17.6%
  • EJS 12.4%
  • Other 0.4%