robin.berjon.com
commits
Signed-off-by: Seongmin Lee <git@boltless.me>
`sh.tangled.pipeline` events are now completely generated & streamed
from spindle
Signed-off-by: Seongmin Lee <git@boltless.me>
spindle will emit `sh.tangled.pipeline` event on:
- `sh.tangled.git.refUpdate` events from knot stream
- live create/update events of `sh.tangled.repo.pull` records
Signed-off-by: Seongmin Lee <git@boltless.me>
Spindle will sync git repo when new repo is registered
Spindle will listen to `sh.tangled.git.refUpdate` event from knot
stream and sync its local git repo instead. Spindle's git repo will
sparse-checkout only `/.tangled/workflows` directory.
Spindle now requires git version >=2.49 for `--revision` flag in `git
clone` command.
References:
- <https://stackoverflow.com/q/47541033/13150270>
- <https://stackoverflow.com/q/600079/13150270>
Signed-off-by: Seongmin Lee <git@boltless.me>
This single persistent directory can be used for storing general spindle
data like db, motd file and upcoming sparse-clone git repos.
db path will be `${DATA_DIR}/spindle.db`
Signed-off-by: Seongmin Lee <git@boltless.me>
spindle-tap will collect/stream record events from:
- users dynamically added by spindle (spindle members | collaborators of
repos using spindle)
- any users with `sh.tangled.repo.pull` collection
It might be bit inefficient considering it will also stream repo
creation events from PR authors due to second rule, but at least we now
have backfill logic and Sync 1.1 based syncing.
This inefficiency can be fixed later by modifying upstream tap cli or
embedding tap into spindle.
```
+--------- all tangled users --------+
| |
| +-- users known to spindle-tap --+ |
| | (PR author / manually added) | |
| | | |
| | +----------------------------+ | |
| | | users known to spindle | | |
| | | (members / collaborators) | | |
| | +----------------------------+ | |
| +--------------------------------+ |
+------------------------------------+
```
Close: <https://tangled.org/tangled.org/core/issues/341>
Signed-off-by: Seongmin Lee <git@boltless.me>
This new db migration won't migrate existing records in repos table.
Instead, it will simply rename the legacy table to `repos_old` and
create a new one with same name.
repo backfill will be done with tap
Signed-off-by: Seongmin Lee <git@boltless.me>
create new one if it's missing
Signed-off-by: Seongmin Lee <git@boltless.me>
This commit won't work without following spindle rewrite to use tap and
introduce backfill because repos table is empty yet.
Signed-off-by: Seongmin Lee <git@boltless.me>
1. Use repo AT-URI as identifier.
2. Use `dom` field rather than `obj` to filter by repository. So now
it's "user with role A in repo B can do action D to field C" where
`A,B,C,D` are `sub,dom,obj,act`.
3. Manage app-logic rules in embedded csv file which won't be saved in
db and load to memory on start. This makes app's global rbac rule
change easier as we just need to edit the csv file.
Many permission check methods are missing, but should be enough to test
this new RBAC enforcer package in spindle.
Related issue: <https://tangled.org/tangled.org/core/issues/282>
Signed-off-by: Seongmin Lee <git@boltless.me>
Signed-off-by: HigherOrderLogic <73709188+HigherOrderLogic@users.noreply.github.com>
this is not live yet, but this is the likely host for the public
knotmirror service.
Signed-off-by: oppiliappan <me@oppi.li>
fail on config load errors too
Signed-off-by: oppiliappan <me@oppi.li>
Signed-off-by: Lewis <lewis@tangled.org>
Signed-off-by: Seongmin Lee <git@boltless.me>
git-cli doesn't support http connection timeout, so we cannot set short
30s connection timeout on git fetch. We don't want to put operation
timeout that short because intial `git clone` can take pretty long.
go-git does expose http client but only globally and is less efficient
than cli. So as a hack, just fetch remote server to check if knot is
available and is valid git remote server
Signed-off-by: Seongmin Lee <git@boltless.me>
Underlying types except the interface hasn't changed much.
Removed `xrpcclient.HandleXrpcErr()` call as appview always expect
knotmirror with compatible API.
Signed-off-by: Seongmin Lee <git@boltless.me>
These experimental xrpc methods use at-uri instead of did/name format to
reference the repository. Intended to replace most of the `repo.*` xrpc
methods in Knot. Knots won't need to support these methods until we
finalize them.
Signed-off-by: Seongmin Lee <git@boltless.me>
KnotMirror is an external service that is intended to be used by
appview. It will ingest all known git repos and provide xrpc methods to
inspect them, so appview won't need to fetch individual knots on every
page render.
Using postgres exclusively instead of sqlite to support A LOT of
concurrent writes.
Signed-off-by: Seongmin Lee <git@boltless.me>
Signed-off-by: Seongmin Lee <git@boltless.me>
We will start using our own forked version of indigo package.
Signed-off-by: Seongmin Lee <git@boltless.me>
no bg around footer, move author avatars to the right on index etc.
Signed-off-by: oppiliappan <me@oppi.li>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Seems to have been accidentally left out after #1178
Signed-off-by: Amazingca <autumn@amazingca.dev>
Signed-off-by: oppiliappan <me@oppi.li>
Signed-off-by: Seongmin Lee <git@boltless.me>
Signed-off-by: Lewis <lewis@tangled.org>
Co-authored-by: rosano.ca <did:plc:onc2begccbwy753ieqy5ctex>
Signed-off-by: oppiliappan <me@oppi.li>
the giant tailwind safelist is used because nested groups cannot be
styled using tailwind, and therefore we need named groups. we
pre-populate the source html with up to 12-deep named groups and their
variants so that tailwind generates the right css.
Signed-off-by: oppiliappan <me@oppi.li>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: HigherOrderLogic <73709188+HigherOrderLogic@users.noreply.github.com>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Seongmin Lee <git@boltless.me>
Signed-off-by: Lewis <lewis@tangled.org>
Signed-off-by: Lewis <lewis@tangled.org>
Fall back to parsing the shebang line for extensionless scripts,
enabling highlighting for files like nushell/python/bash scripts
that lack a file extension.
Signed-off-by: Niclas Overby <niclas@overby.me>
Signed-off-by: oppiliappan <me@oppi.li>
Signed-off-by: Lewis <lewis@tangled.org>
Signed-off-by: Lewis <lewis@tangled.org>
Signed-off-by: Lewis <lewis@tangled.org>
Signed-off-by: Lewis <lewis@tangled.org>
Signed-off-by: Lewis <lewis@tangled.org>
Signed-off-by: oppiliappan <me@oppi.li>
Signed-off-by: Lewis <lewis@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: oppiliappan <me@oppi.li>
Signed-off-by: Seongmin Lee <git@boltless.me>
Spindle will sync git repo when new repo is registered
Spindle will listen to `sh.tangled.git.refUpdate` event from knot
stream and sync its local git repo instead. Spindle's git repo will
sparse-checkout only `/.tangled/workflows` directory.
Spindle now requires git version >=2.49 for `--revision` flag in `git
clone` command.
References:
- <https://stackoverflow.com/q/47541033/13150270>
- <https://stackoverflow.com/q/600079/13150270>
Signed-off-by: Seongmin Lee <git@boltless.me>
spindle-tap will collect/stream record events from:
- users dynamically added by spindle (spindle members | collaborators of
repos using spindle)
- any users with `sh.tangled.repo.pull` collection
It might be bit inefficient considering it will also stream repo
creation events from PR authors due to second rule, but at least we now
have backfill logic and Sync 1.1 based syncing.
This inefficiency can be fixed later by modifying upstream tap cli or
embedding tap into spindle.
```
+--------- all tangled users --------+
| |
| +-- users known to spindle-tap --+ |
| | (PR author / manually added) | |
| | | |
| | +----------------------------+ | |
| | | users known to spindle | | |
| | | (members / collaborators) | | |
| | +----------------------------+ | |
| +--------------------------------+ |
+------------------------------------+
```
Close: <https://tangled.org/tangled.org/core/issues/341>
Signed-off-by: Seongmin Lee <git@boltless.me>
1. Use repo AT-URI as identifier.
2. Use `dom` field rather than `obj` to filter by repository. So now
it's "user with role A in repo B can do action D to field C" where
`A,B,C,D` are `sub,dom,obj,act`.
3. Manage app-logic rules in embedded csv file which won't be saved in
db and load to memory on start. This makes app's global rbac rule
change easier as we just need to edit the csv file.
Many permission check methods are missing, but should be enough to test
this new RBAC enforcer package in spindle.
Related issue: <https://tangled.org/tangled.org/core/issues/282>
Signed-off-by: Seongmin Lee <git@boltless.me>
git-cli doesn't support http connection timeout, so we cannot set short
30s connection timeout on git fetch. We don't want to put operation
timeout that short because intial `git clone` can take pretty long.
go-git does expose http client but only globally and is less efficient
than cli. So as a hack, just fetch remote server to check if knot is
available and is valid git remote server
Signed-off-by: Seongmin Lee <git@boltless.me>
KnotMirror is an external service that is intended to be used by
appview. It will ingest all known git repos and provide xrpc methods to
inspect them, so appview won't need to fetch individual knots on every
page render.
Using postgres exclusively instead of sqlite to support A LOT of
concurrent writes.
Signed-off-by: Seongmin Lee <git@boltless.me>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>