diff --git a/.github/settings.yml b/.github/settings.yml index cecfdcfb..a63be0cb 100644 --- a/.github/settings.yml +++ b/.github/settings.yml @@ -1,7 +1,9 @@ +--- # These settings are synced to GitHub by https://probot.github.io/apps/settings/ repository: - # See https://docs.github.com/en/rest/reference/repos#update-a-repository for all available settings. + # See https://docs.github.com/en/rest/reference/repos#update-a-repository + # for all available settings. # The name of the repository. Changing this will rename the repository name: web3-publish @@ -21,14 +23,17 @@ repository: # Either `true` to enable issues for this repository, `false` to disable them. has_issues: true - # Either `true` to enable projects for this repository, or `false` to disable them. - # If projects are disabled for the organization, passing `true` will cause an API error. + # Either `true` to enable projects for this repository, or `false` to disable + # them. + # If projects are disabled for the organization, passing `true` will cause an + # API error. has_projects: true # Either `true` to enable the wiki for this repository, `false` to disable it. has_wiki: true - # Either `true` to enable downloads for this repository, `false` to disable them. + # Either `true` to enable downloads for this repository, `false` to disable + # them. has_downloads: false # Updates the default branch for this repository. @@ -46,7 +51,8 @@ repository: # rebase-merging. allow_rebase_merge: false - # Either `true` to enable automatic deletion of branches on merge, or `false` to disable + # Either `true` to enable automatic deletion of branches on merge, or `false` + # to disable delete_branch_on_merge: true # Either `true` to enable automated security fixes, or `false` to disable @@ -65,36 +71,40 @@ labels: - name: question color: '#d876e3' - description: Indicates that an issue, pull request, or discussion needs more information + description: "Indicates that an issue, pull request, or discussion needs \" + more information" - name: enhancement color: '#a2eeef' description: Indicates new feature requests - + - name: good-first-issue color: '#7057ff' description: Indicates a good issue for first-time contributors - + - name: documentation color: '#0075ca' description: Indicates a need for improvements or additions to documentation - + - name: help-wanted color: '#008672' - description: Indicates that a maintainer wants help on an issue or pull request + description: "Indicates that a maintainer wants help on an issue or pull \" + request" - name: invalid color: '#e4e669' - description: Indicates that an issue, pull request, or discussion is no longer relevant + description: "Indicates that an issue, pull request, or discussion is no \" + longer relevant" - name: wontfix color: '#FFFFFF' - description: Indicates that work won't continue on an issue, pull request, or discussion + description: "Indicates that work won't continue on an issue, pull \" + request, or discussion" - name: duplicate color: '#cfd3d7' description: Indicates similar issues, pull requests, or discussions - + - name: security color: '#D93F0B' description: Indicates a security issue @@ -111,7 +121,8 @@ branches: # https://docs.github.com/en/rest/reference/repos#update-branch-protection # Branch Protection settings. Set to null to disable protection: - # Required. Require at least one approving review on a pull request, before merging. Set to null to disable. + # Required. Require at least one approving review on a pull request, + # before merging. Set to null to disable. required_pull_request_reviews: # The number of approvals required. (1-6) required_approving_review_count: 1 @@ -119,21 +130,30 @@ branches: dismiss_stale_reviews: true # Blocks merge until code owners have reviewed. require_code_owner_reviews: false - # Specify which users and teams can dismiss pull request reviews. Pass an empty dismissal_restrictions object to disable. User and team dismissal_restrictions are only available for organization-owned repositories. Omit this parameter for personal repositories. + # Specify which users and teams can dismiss pull request reviews. Pass + # an empty dismissal_restrictions object to disable. User and team + # dismissal_restrictions are only available for organization-owned + # repositories. Omit this parameter for personal repositories. dismissal_restrictions: users: [] teams: [] - # Required. Require status checks to pass before merging. Set to null to disable + # Required. Require status checks to pass before merging. Set to null to + # disable required_status_checks: # Required. Require branches to be up to date before merging. strict: true - # Required. The list of status checks to require in order to merge into this branch + # Required. The list of status checks to require in order to merge into + # this branch contexts: [] - # Required. Enforce all configured restrictions for administrators. Set to true to enforce required status checks for repository administrators. Set to null to disable. + # Required. Enforce all configured restrictions for administrators. Set to + # true to enforce required status checks for repository administrators. + # Set to null to disable. enforce_admins: true # Prevent merge commits from being pushed to matching branches required_linear_history: true - # Required. Restrict who can push to this branch. Team and user restrictions are only available for organization-owned repositories. Set to null to disable. + # Required. Restrict who can push to this branch. Team and user + # restrictions are only available for organization-owned repositories. Set + # to null to disable. restrictions: apps: [] users: [] diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 6e74d4b0..aa095ab5 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -1,6 +1,6 @@ --- name: build and test -on: +on: # yamllint disable-line rule:truthy pull_request: branches: - main @@ -18,4 +18,3 @@ jobs: - run: npm install - run: npm run test - run: npm run build - diff --git a/.github/workflows/yamllint.yaml b/.github/workflows/yamllint.yaml index a46d651f..02532029 100644 --- a/.github/workflows/yamllint.yaml +++ b/.github/workflows/yamllint.yaml @@ -1,6 +1,6 @@ --- name: 'Yamllint' -on: +on: # yamllint disable-line rule:truthy - pull_request jobs: diff --git a/README.md b/README.md index 49e779b0..3d229c45 100644 --- a/README.md +++ b/README.md @@ -104,10 +104,6 @@ into our graph. IPFS. If `false` names and metadata are created. If `true` names and metadata are created and the content is pinned on IPFS. -- `skip` is a boolean that tells us to skip key generation, treat `secret` -as a base64-encoded key exported directly from go-ipfs, and use it for publishing. -This is useful for migrating already-published names to Kubelt. - - `core` is the name of your custom core (default is ours: `kbt`). For now, think of cores as namespaces. Within a core, specified `name`s are considered unique. Contact us to create your core. diff --git a/action.yaml b/action.yaml index 8c0b181a..87f88be6 100644 --- a/action.yaml +++ b/action.yaml @@ -26,12 +26,9 @@ inputs: published: description: 'Whether the content is published. Default false.' required: false - skip: - description: 'Whether to skip key generation and simply use the passed secret.' - required: false core: - description: "The core (namespace) that you want to publish your names under. \" - Default is 'kbt'." + description: "The core (namespace) that you want to publish your names \" + under. Default is 'kbt'." required: false domain: description: "The custom domain to which we're publishing (requires \" diff --git a/dist/index.js b/dist/index.js index abb002ca..7e67ff58 100644 --- a/dist/index.js +++ b/dist/index.js @@ -43512,8 +43512,6 @@ const { CID } = __nccwpck_require__(6447) const { base36 } = __nccwpck_require__(9587) // For HTTP comms: -const http = __nccwpck_require__(3685) -const https = __nccwpck_require__(5687) const fetch = __nccwpck_require__(8311) const FormData = __nccwpck_require__(3101) @@ -43654,7 +43652,7 @@ async function getBody(as, filepath) { }) } -async function start(secret, globspec, namespec, core, domain, published, skip, as, limit = -1, endpoint = 'https://api.pndo.xyz') { +async function start(secret, globspec, namespec, core, domain = 'https://api.pndo.xyz', published, skip, as, limit = -1, endpoint) { return glob(globspec).then(async files => { const limiter = limit < 0 ? files.length : limit const requestMap = files.slice(0, limiter).map(async file => { @@ -43693,8 +43691,7 @@ async function start(secret, globspec, namespec, core, domain, published, skip, 'path': file, 'as': as, }), - 'X-Public-Key': encodedPubKey, // TODO: publishing key? - 'X-Signature': encodedPubKey, // TODO: publishing key? + 'X-Public-Key': encodedPubKey, }, retry: 3, // node-fetch-retry option -- number of attempts pause: 500, // node-fetch-retry option -- millisecond delay @@ -43712,15 +43709,12 @@ async function start(secret, globspec, namespec, core, domain, published, skip, // If we're overriding the domain, use the override (for testing). const urlbase = endpoint || domain - //////////////////////////////////////////////////////////////////// - // TODO: Needs refactor. Uses v1 endpoint for speed. - //////////////////////////////////////////////////////////////////// - let v1_promise = null + let v0_promise = null if ('dag' == as) { const cid = carfile.roots[0].toString() - const url_v1 = new URL(humanName, new URL('/v0/api/content/' + core + '/', urlbase)) - //console.log(url_v1.toString()) - v1_promise = fs.open(file) + const url_v0 = new URL(humanName, new URL('/v0/api/content/' + core + '/', urlbase)) + //console.log(url_v0.toString()) + v0_promise = fs.open(file) .then(async fd => { const opts = options //JSON.parse(JSON.stringify(options)) opts.headers['content-type'] = 'application/json' @@ -43729,7 +43723,14 @@ async function start(secret, globspec, namespec, core, domain, published, skip, opts.body = await fd.readFile()//createReadStream() fd.close() - return fetch(url_v1, opts) + //console.log('body', opts.body.length) + const raw_sig = Buffer.from(await publishingKey.sign(opts.body)) + //console.log(raw_sig) + const b64_sig = raw_sig.toString('base64') + //console.log(b64_sig) + opts.headers['x-signature'] = b64_sig + + return fetch(url_v0, opts) .then(r => r.json()).then(j => { //fd.close() j.metadata.box.name = '/' + core + '/' + humanName @@ -43739,48 +43740,8 @@ async function start(secret, globspec, namespec, core, domain, published, skip, }) }) } - //////////////////////////////////////////////////////////////////// - - // Make recalls to the previous API version fire-and-forget: - - /*const url = new URL(contentName, new URL('/last/api/content/kbt/', urlbase)) - let v0_request = null - - /*options.port = url.port - options.hostname = url.hostname - options.protocol = url.protocol - options.path = url.pathname - v0_request = 'https:' == options.protocol.toLowerCase() ? https.request(options) : http.request(options) - - if ('file' != as) { - v0_request.write(await body.readFile()) - body.close() - } else { - v0_request.write(await body.fd.readFile()) - body.fd.close() - } - - v0_request.end() - - /*fetch(url, options) - .then(response => response.json()) - .then(json => { - json.metadata.box.name = '/' + core + '/' + humanName - json.metadata.box.key = encodedPubKey - return json - }) - .catch(e => { console.log('failed at url: ', url, e) }) - .finally(() => { - }) - - if (v0_request && v1_promise) { - // Fire Estuary and Wasabi, but resolve when one comes back. - return Promise.any([v0_request, v1_promise]) - } else { - return v0_request || v1_promise - }/**/ - return v1_promise + return v0_promise }) return Promise.all(requestMap) @@ -44258,7 +44219,6 @@ const corename = core.getInput('core', { required: false }) || 'kbt' const domain = core.getInput('domain', { required: false }) || 'https://api.pndo.xyz' const published = core.getBooleanInput('published', {required: false}) || false -const skip = core.getBooleanInput('skip', {required: false}) || false const as = lib.getAs(core.getInput('as', { required: false })) @@ -44269,7 +44229,7 @@ async function go () { corename, domain, published, - skip, + true, // deprecate skip as)) } diff --git a/index.js b/index.js index 54b9d4a1..11c8faaa 100644 --- a/index.js +++ b/index.js @@ -8,7 +8,6 @@ const corename = core.getInput('core', { required: false }) || 'kbt' const domain = core.getInput('domain', { required: false }) || 'https://api.pndo.xyz' const published = core.getBooleanInput('published', {required: false}) || false -const skip = core.getBooleanInput('skip', {required: false}) || false const as = lib.getAs(core.getInput('as', { required: false })) @@ -19,7 +18,7 @@ async function go () { corename, domain, published, - skip, + true, // deprecate skip as)) } diff --git a/src/library.js b/src/library.js index 156968c4..1782d599 100644 --- a/src/library.js +++ b/src/library.js @@ -157,7 +157,7 @@ async function getBody(as, filepath) { }) } -async function start(secret, globspec, namespec, core, domain, published, skip, as, limit = -1, endpoint = 'https://api.pndo.xyz') { +async function start(secret, globspec, namespec, core, domain = 'https://api.pndo.xyz', published, skip, as, limit = -1, endpoint) { return glob(globspec).then(async files => { const limiter = limit < 0 ? files.length : limit const requestMap = files.slice(0, limiter).map(async file => { diff --git a/test/test.js b/test/test.js index 3e384804..aa42a66f 100644 --- a/test/test.js +++ b/test/test.js @@ -258,21 +258,25 @@ tap.test('Test getBody', async t => { }) /*tap.test('Test the whole deal', async t => { - const secret_fixture = process.env['SECRET'] + const secret_fixture = process.env['MY_SECRET_PUBLISHING_KEY'] const globspec_fixture = 'test/fixtures/*.json' + //const globspec_fixture = 'test/metadata-sample/metadata/unrevealed/*'//0x505141a16f47f9df0655564c65b8452ffc21f79b3d9d9799446e8de93bccb751' //test/fixtures/*.json' + //const globspec_fixture = 'test/metadata-sample/metadata/revealed/0x002df423ac0842d53131042dd8ffa394425390862f9718bdf51aa0fe12721036' const namespec_fixture = 'path' const core_fixture = 'test' - const domain_fixture = 'https://api.pndo.xyz' + const domain_fixture = 'https://pndo-worker-staging.admin1337.workers.dev' const published_fixture = true const skip_fixture = true //const skip_fixture = false const as_fixture = 'dag' - const limit = 10 + const limit = 100 // Assumes `wrangler dev` is serving the pando worker locally. //const test_endpoint = 'http://127.0.0.1:8787' - const test_endpoint = 'https://staging.pndo.xyz' + //const test_endpoint = 'https://staging.pndo.xyz' + //const test_endpoint = 'https://pndo-worker-staging.admin1337.workers.dev' //const test_endpoint = 'https://api.pndo.xyz' + const test_endpoint = null // TODO: This should take a mock because it fires requests. const results = await lib.start(secret_fixture, @@ -286,6 +290,7 @@ tap.test('Test getBody', async t => { limit, test_endpoint) + //console.log(JSON.stringify(results)) const result_fixture = [{"metadata":{"published":true,"human":"revealed.json","path":"test/fixtures/revealed.json","as":"dag","box":{"cid":"bafyreicdv7bpbli5xqkm453qljawxrl4caikjojzhlcp4c5crthvwbvgbu","name":"/test/revealed.json","key":"CAESQC7y6BZeKlnsYe/brQYgofcYF9CPB4EWtR12wEG9Wtu8m4Pce9l+YAzsMtqzm3dUj8gw/bJbDDTEAr0H9m2N7xQ="}}},{"metadata":{"published":true,"human":"unrevealed.json","path":"test/fixtures/unrevealed.json","as":"dag","box":{"cid":"bafyreiakhygqrybainjazlvdntdso3jusx5zx3hhuqkdddmymbffj7f7te","name":"/test/unrevealed.json","key":"CAESQC7y6BZeKlnsYe/brQYgofcYF9CPB4EWtR12wEG9Wtu8m4Pce9l+YAzsMtqzm3dUj8gw/bJbDDTEAr0H9m2N7xQ="}}}] t.match(results, result_fixture)