From c30753ce1186a79aa953587a31aaf187b181a1a0 Mon Sep 17 00:00:00 2001 From: IshaVenikar Date: Wed, 29 Jan 2025 17:47:38 +0530 Subject: [PATCH] Add method to get hash for env --- packages/backend/package.json | 2 - packages/backend/src/entity/Deployer.ts | 14 ++--- packages/backend/src/entity/Deployment.ts | 4 +- packages/backend/src/registry.ts | 65 ++++++++++++----------- packages/backend/src/service.ts | 8 +-- yarn.lock | 5 -- 6 files changed, 45 insertions(+), 53 deletions(-) diff --git a/packages/backend/package.json b/packages/backend/package.json index 0ffc07dd..d76f430b 100644 --- a/packages/backend/package.json +++ b/packages/backend/package.json @@ -23,7 +23,6 @@ "express-session": "^1.18.0", "fs-extra": "^11.2.0", "graphql": "^16.8.1", - "js-yaml": "^4.1.0", "luxon": "^3.4.4", "nanoid": "3", "nanoid-dictionary": "^5.0.0-beta.1", @@ -55,7 +54,6 @@ "@types/cookie-session": "^2.0.49", "@types/express-session": "^1.17.10", "@types/fs-extra": "^11.0.4", - "@types/js-yaml": "^4.0.9", "better-sqlite3": "^9.2.2", "copyfiles": "^2.4.1", "prettier": "^3.1.1", diff --git a/packages/backend/src/entity/Deployer.ts b/packages/backend/src/entity/Deployer.ts index fb217e69..657e0805 100644 --- a/packages/backend/src/entity/Deployer.ts +++ b/packages/backend/src/entity/Deployer.ts @@ -4,26 +4,26 @@ import { Project } from './Project'; @Entity() export class Deployer { @PrimaryColumn('varchar') - deployerLrn!: string; + deployerLrn!: string; @Column('varchar') - deployerId!: string; + deployerId!: string; @Column('varchar') deployerApiUrl!: string; @Column('varchar') - baseDomain!: string; + baseDomain!: string; @Column('varchar', { nullable: true}) - publicKey!: string | null; + publicKey!: string | null; @Column('varchar', { nullable: true }) - minimumPayment!: string | null; + minimumPayment!: string | null; @Column('varchar', { nullable: true }) - paymentAddress!: string | null; + paymentAddress!: string | null; @ManyToMany(() => Project, (project) => project.deployers) - projects!: Project[]; + projects!: Project[]; } diff --git a/packages/backend/src/entity/Deployment.ts b/packages/backend/src/entity/Deployment.ts index 88cd0df1..5c772b32 100644 --- a/packages/backend/src/entity/Deployment.ts +++ b/packages/backend/src/entity/Deployment.ts @@ -36,9 +36,7 @@ export interface ApplicationDeploymentRequest { application: string; lrn?: string; auction?: string; - config: { - ref: string; - }; + config: string; meta: string; payment?: string; } diff --git a/packages/backend/src/registry.ts b/packages/backend/src/registry.ts index 2c0516ad..facf5450 100644 --- a/packages/backend/src/registry.ts +++ b/packages/backend/src/registry.ts @@ -5,7 +5,6 @@ import { Octokit } from 'octokit'; import { inc as semverInc } from 'semver'; import { DeepPartial } from 'typeorm'; import * as openpgp from 'openpgp'; -import yaml from 'js-yaml'; import { Account, DEFAULT_GAS_ESTIMATION_MULTIPLIER, Registry as LaconicRegistry, getGasPrice, parseGasAndFees } from '@cerc-io/registry-sdk'; import { DeliverTxResponse, IndexedTx } from '@cosmjs/stargate'; @@ -251,7 +250,7 @@ export class Registry { apiUrl: string, environmentVariables: { [key: string]: string }, dns: string, - address: string, + requesterAddress: string, publicKey: string, payment?: string | null }): Promise<{ @@ -268,40 +267,14 @@ export class Registry { // Config to be encrypted const config = { - "authorized": [data.address], + "authorized": [data.requesterAddress], "config": { "env": data.environmentVariables }, } - const binaryKey = Buffer.from(data.publicKey, 'base64'); - - // Convert binary to ASCII-armored format - const publicKeyArmored = `-----BEGIN PGP PUBLIC KEY BLOCK-----\n\n` + - binaryKey.toString('base64').match(/.{1,64}/g)?.join('\n') + - `\n\n-----END PGP PUBLIC KEY BLOCK-----`; - - // Read the public key - const publicKey = await openpgp.readKey({ armoredKey: publicKeyArmored }); - // Serialize the config (convert to YAML) - const serialized = JSON.stringify(config, null, 2); // Use YAML if needed + const serialized = JSON.stringify(config, null, 2); - // Encrypt the config - const encrypted = await openpgp.encrypt({ - message: await openpgp.createMessage({ text: serialized }), - encryptionKeys: publicKey, - format: 'binary' // Equivalent to armor=False - }); - - // To get the hash after uploading encrypted env - const response = await fetch(`${data.apiUrl}/upload/config`, { - method: 'POST', - headers: { - 'Content-Type': 'application/octet-stream' - }, - body: encrypted - }); - - const envHash = await response.json(); + const envHash = await this.generateHash(serialized, data.publicKey, data.apiUrl); // Create record of type ApplicationDeploymentRequest and publish const applicationDeploymentRequest = { @@ -312,7 +285,9 @@ export class Registry { dns: data.dns, // https://git.vdb.to/cerc-io/laconic-registry-cli/commit/129019105dfb93bebcea02fde0ed64d0f8e5983b - config: { ref: envHash }, + config: JSON.stringify({ + ref: envHash + }), meta: JSON.stringify({ note: `Added by Snowball @ ${DateTime.utc().toFormat( "EEE LLL dd HH:mm:ss 'UTC' yyyy" @@ -572,4 +547,30 @@ export class Registry { assert(this.registryConfig.authority, "Authority doesn't exist"); return `lrn://${this.registryConfig.authority}/applications/${appName}`; } + + async generateHash(message: string, pubKey: string, url: string): Promise { + const armoredKey = `-----BEGIN PGP PUBLIC KEY BLOCK-----\n\n${pubKey}\n\n-----END PGP PUBLIC KEY BLOCK-----`; + + const publicKey = await openpgp.readKey({ armoredKey }); + + // Encrypt the config + const encrypted = await openpgp.encrypt({ + message: await openpgp.createMessage({ text: message }), + encryptionKeys: publicKey, + format: 'binary' + }); + + // Get the hash after uploading encrypted env + const response = await fetch(`${url}/upload/config`, { + method: 'POST', + headers: { + 'Content-Type': 'application/octet-stream' + }, + body: encrypted + }); + + const envHash = await response.json(); + + return envHash; + }; } diff --git a/packages/backend/src/service.ts b/packages/backend/src/service.ts index a5cf0b28..aa8736a0 100644 --- a/packages/backend/src/service.ts +++ b/packages/backend/src/service.ts @@ -658,7 +658,7 @@ export class Service { apiUrl: deployer!.deployerApiUrl!, payment: data.project.txHash, auctionId: data.project.auctionId, - address, + requesterAddress: address, publicKey: deployer!.publicKey! }); } @@ -674,7 +674,7 @@ export class Service { dns: `${newDeployment.project.name}-${newDeployment.id}`, payment: data.project.txHash, auctionId: data.project.auctionId, - address, + requesterAddress: address, publicKey: deployer!.publicKey! }); @@ -743,7 +743,7 @@ export class Service { auctionId: project.auctionId!, lrn: deployerLrn, apiUrl: deployer!.deployerApiUrl!, - address, + requesterAddress: address, publicKey: deployer!.publicKey! }); } @@ -759,7 +759,7 @@ export class Service { apiUrl: deployer!.deployerApiUrl!, environmentVariables: environmentVariablesObj, dns: `${newDeployment.project.name}-${newDeployment.id}`, - address, + requesterAddress: address, publicKey: deployer!.publicKey! }); diff --git a/yarn.lock b/yarn.lock index 4ade2cb1..604284ca 100644 --- a/yarn.lock +++ b/yarn.lock @@ -6793,11 +6793,6 @@ jest-matcher-utils "^27.0.0" pretty-format "^27.0.0" -"@types/js-yaml@^4.0.9": - version "4.0.9" - resolved "https://registry.yarnpkg.com/@types/js-yaml/-/js-yaml-4.0.9.tgz#cd82382c4f902fed9691a2ed79ec68c5898af4c2" - integrity sha512-k4MGaQl5TGo/iipqb2UDG2UwjXziSWkh0uysQelTlJpX1qGlpUZYm8PnO4DxG1qBomtJUdYJ6qR6xdIah10JLg== - "@types/json-schema@^7.0.9": version "7.0.15" resolved "https://registry.yarnpkg.com/@types/json-schema/-/json-schema-7.0.15.tgz#596a1747233694d50f6ad8a7869fcb6f56cf5841"