refactor: switch to cloudflare pages (#247)

Closes #244
ipfs · May 8, 2024 · 289aca7 · 289aca7
1 parent 7966322
commit 289aca7
Show file tree

Hide file tree

Showing 5 changed files with 32 additions and 189 deletions.
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -6,14 +6,8 @@ on:
   pull_request:
     branches:
       - '**'
-  release:
-    types: [ published ]
   workflow_dispatch:
 
-env:
-  KUBO_VER: 'v0.28.0'       # kubo daemon used for publishing to IPFS
-  CLUSTER_CTL_VER: 'v1.0.8' # ipfs-cluster-ctl used by publish-to-ipfs
-
 jobs:
 
   build:
@@ -170,180 +164,6 @@ jobs:
           flags: electron-renderer
           files: .coverage/*,packages/*/.coverage/*
 
-  publish-to-ipfs:
-    # NOTE: workflow_dispatch here allows maintainer to manually run against any branch, and it will produce a CAR with CID that is pinned to our cluster
-    if: github.event_name == 'workflow_dispatch' || (github.event_name == 'push' && github.ref == 'refs/heads/main') || (github.event_name == 'release' && github.event.action == 'published')
-    needs: build
-    runs-on: ubuntu-latest
-    environment: Deploy # Clusteer secrets
-    concurrency:
-      # only one job runs at a time == DNSLinks are updated in-order
-      group: ${{ github.workflow }}-${{ github.ref }}
-      cancel-in-progress: true
-    outputs:
-      cid: ${{ steps.ipfs-import.outputs.cid }}
-    steps:
-      - uses: actions/checkout@v4
-      - name: Retrieve ./dist produced by build job
-        uses: actions/download-artifact@v4
-        with:
-          name: dist_${{ github.sha }}
-          path: dist
-      - uses: ipfs/download-ipfs-distribution-action@v1
-        with:
-          name: kubo
-          version: "${{ env.KUBO_VER }}"
-      - uses: ipfs/download-ipfs-distribution-action@v1
-        with:
-          name: ipfs-cluster-ctl
-          version: "${{ env.CLUSTER_CTL_VER }}"
-      - uses: ipfs/start-ipfs-daemon-action@v1
-      - name: IPFS import of ./dist
-        id: ipfs-import
-        run: |
-          root_cid=$(ipfs add --cid-version 1 --inline --chunker size-262144 -Q -r --offline ./dist)
-          echo "cid=$root_cid" >> $GITHUB_OUTPUT
-      - name: ℹ️  Generated DAG and CID
-        run: ipfs dag stat --progress=false ${{ steps.ipfs-import.outputs.cid }}
-      - name: Create CAR file
-        run: ipfs dag export ${{ steps.ipfs-import.outputs.cid }} > dist_${{ github.sha }}.car
-      - name: Attach CAR to Github Action
-        uses: actions/upload-artifact@v4
-        with:
-          name: dist_${{ github.sha }}.car
-          path: dist_${{ github.sha }}.car
-          if-no-files-found: error
-      - name: Upload and pin CAR to ipfs-websites.collab.ipfscluster.io
-        run: |
-          ipfs-cluster-ctl --enc=json \
-              --host "/dnsaddr/ipfs-websites.collab.ipfscluster.io" \
-              --basic-auth "${CLUSTER_USER}:${CLUSTER_PASSWORD}" \
-              add --format car \
-              --name "${{ github.repository }}/${{ github.sha }}" \
-              dist_${{ github.sha }}.car
-        env:
-          CLUSTER_USER: ${{ secrets.CLUSTER_USER }}
-          CLUSTER_PASSWORD: ${{ secrets.CLUSTER_PASSWORD }}
-        timeout-minutes: 60
-      - name: Attach the CAR to release if building a release tag
-        if: github.event_name == 'release' && github.event.action == 'published'
-        run: |
-          curl \
-            -XPOST \
-            -H "Authorization: Bearer ${{ secrets.UCI_GITHUB_TOKEN }}" \
-            -H "Content-Type: application/octet-stream" \
-            --data-binary "@dist_${{ github.sha }}.car" \
-            "https://api.github.com/repos/${{ github.repository }}/releases/${{ github.event.release.id }}/assets?name=dist_${{ github.event.release.tag_name }}_${{ github.sha }}.car"
-      - name: Update DNSLink at inbrowser.dev (Staging for Dev Testing) if main branch was updated
-        if: (github.event_name == 'workflow_dispatch' || github.event_name == 'push') && github.ref == 'refs/heads/main'
-        run: |
-          curl --request PUT --header "Authorization: Bearer ${AUTH_TOKEN}" --header 'Content-Type: application/json' \
-            --url "https://api.cloudflare.com/client/v4/zones/${ZONE_ID}/dns_records/${RECORD_ID}" \
-            --data "{\"type\":\"TXT\",\"name\":\"_dnslink.${DNSLINK_NAME}\",\"content\":\"dnslink=/ipfs/${DNSLINK_CID}\",\"comment\":\"${{ github.repository }}/${{ github.sha }}\"}"
-        env:
-          DNSLINK_NAME: build-cid.inbrowser.dev
-          DNSLINK_CID: ${{ steps.ipfs-import.outputs.cid }}
-          ZONE_ID: ${{ secrets.CF_INBROWSERDEV_ZONE_ID }}
-          RECORD_ID:  ${{ secrets.CF_INBROWSERDEV_RECORD_ID }}
-          AUTH_TOKEN: ${{ secrets.CF_INBROWSERDEV_AUTH_TOKEN }}
-      - name: Update DNSLink at inbrowser.link (Stable Production) if new release was published
-        if: github.event_name == 'release' && github.event.action == 'published'
-        run: |
-          curl --request PUT --header "Authorization: Bearer ${AUTH_TOKEN}" --header 'Content-Type: application/json'  \
-            --url "https://api.cloudflare.com/client/v4/zones/${ZONE_ID}/dns_records/${RECORD_ID}" \
-            --data "{\"type\":\"TXT\",\"name\":\"_dnslink.${DNSLINK_NAME}\",\"content\":\"dnslink=/ipfs/${DNSLINK_CID}\",\"comment\":\"${{ github.repository }}/${{ github.sha }}\"}"
-        env:
-          DNSLINK_NAME: build-cid.inbrowser.link
-          DNSLINK_CID: ${{ steps.ipfs-import.outputs.cid }}
-          ZONE_ID: ${{ secrets.CF_INBROWSERLINK_ZONE_ID }}
-          RECORD_ID:  ${{ secrets.CF_INBROWSERLINK_RECORD_ID }}
-          AUTH_TOKEN: ${{ secrets.CF_INBROWSERLINK_AUTH_TOKEN }}
-
-  pin-to-w3: # ported from ipfs/ipfs-webui
-    if: needs.publish-to-ipfs.outputs.cid
-    needs: publish-to-ipfs
-    runs-on: ubuntu-latest
-    environment: web3.storage
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-node@v4
-        with:
-          node-version: lts/*
-      - name: Retrieve CAR produced by publish-to-ipfs job
-        uses: actions/download-artifact@v4
-        with:
-          name: dist_${{ github.sha }}.car
-      - name: Pin with @web3-storage/w3cli
-        run: |
-          # ensure whoami
-          npx -y --package=@web3-storage/w3cli@latest -- w3 whoami
-
-          # convert base64 env var to file
-          echo $W3CLI_SPACE_DELEGATION_PROOF_BASE64_STRING | base64 -d > ipfs-webui-ci-space.ucan.proof
-
-          # Add space
-          export W3CLI_SPACE_DID=$(npx -y --package=@web3-storage/w3cli@latest -- w3 space add ipfs-webui-ci-space.ucan.proof)
-
-          # use space
-          npx -y --package=@web3-storage/w3cli@latest -- w3 space use $W3CLI_SPACE_DID
-
-          # upload car
-          npx -y --package=@web3-storage/w3cli@latest -- w3 up --no-wrap --car dist_${{ github.sha }}.car
-        env:
-          W3_STORE_NAME: ${{ secrets.W3_STORE_NAME }}
-          W3_AGENT_DID: ${{ secrets.W3_AGENT_DID }}
-          # W3_PRINCIPAL env name is expected by w3cli tool: https://github.com/web3-storage/w3cli#w3_principal
-          W3_PRINCIPAL: ${{ secrets.W3_AGENT_PRINCIPAL }}
-          W3CLI_SPACE_DELEGATION_PROOF_BASE64_STRING: ${{ secrets.W3CLI_SPACE_DELEGATION_PROOF_BASE64_STRING }}
-
-  pin-to-scaleway:
-    if: needs.publish-to-ipfs.outputs.cid
-    needs: publish-to-ipfs
-    runs-on: ubuntu-latest
-    environment: Scaleway
-    steps:
-      - uses: actions/checkout@v4
-      - uses: ipfs/download-ipfs-distribution-action@v1
-        with:
-          name: kubo
-          version: "${{ env.KUBO_VER }}"
-      - name: Init IPFS daemon
-        run: ipfs init --profile flatfs,server,randomports,lowpower
-      - uses: ipfs/start-ipfs-daemon-action@v1
-      - name: Retrieve CAR produced by publish-to-ipfs job
-        uses: actions/download-artifact@v4
-        with:
-          name: dist_${{ github.sha }}.car
-      - name: Import CAR to local Kubo
-        run: ipfs dag import --offline --pin-roots=true dist_${{ github.sha }}.car
-      - name: Set up and check Scaleway
-        id: scaleway
-        run: |
-          ipfs pin remote service add scaleway "$SCALEWAY_URL" "$SCALEWAY_SECRET"
-          echo "existing-pin=$(ipfs pin remote ls --service=scaleway --name=$CID)" >> $GITHUB_OUTPUT # using --name because --cid does not work with Scaleway (2024-Q1)
-        env:
-          CID: ${{ needs.publish-to-ipfs.outputs.cid }}
-          SCALEWAY_SECRET: ${{ secrets.SCALEWAY_SECRET }}
-          SCALEWAY_URL: ${{ secrets.SCALEWAY_URL }}
-      - name: Pin to Scaleway
-        if: ${{ steps.scaleway.outputs.existing-pin == '' }}
-        run: ipfs pin remote add --service=scaleway --name=$CID $CID # using --name because --cid does not work with Scaleway (2024-Q1)
-        env:
-          CID: ${{ needs.publish-to-ipfs.outputs.cid }}
-
-  smoke-test-fresh-p2p: # basic smoke test for getting DAG with Kubo
-    if: needs.publish-to-ipfs.outputs.cid
-    needs: publish-to-ipfs
-    runs-on: ubuntu-latest
-    steps:
-      - uses: ipfs/download-ipfs-distribution-action@v1
-        with:
-          name: kubo
-          version: "${{ env.KUBO_VER }}"
-      - uses: ipfs/start-ipfs-daemon-action@v1
-      - name: Confirm Kubo can fetch published DAG
-        run: ipfs dag stat ${{ needs.publish-to-ipfs.outputs.cid }}
-
   release-please:
     runs-on: ubuntu-latest
     if: (github.event_name == 'workflow_dispatch' || github.event_name == 'push') && github.ref == 'refs/heads/main'
@@ -354,8 +174,4 @@ jobs:
     steps:
       - uses: google-github-actions/release-please-action@v4
         with:
-          # NOTE: we need elevated PAT token for production DNSLink to be updated. this is because tags created by the default token
-          # will not trigger CI build, and we need publish-to-ipfs to run when a new release tag is created by this action
-          # https://github.com/google-github-actions/release-please-action?tab=readme-ov-file#github-credentials
-          token: ${{ secrets.UCI_GITHUB_TOKEN || github.token }}
           release-type: node
diff --git a/README.md b/README.md
@@ -92,8 +92,17 @@ For more information about local development setup, see [/docs/DEVELOPMENT.md](/
 
 ### Try hosted instance
 
-- 🚧 **WIP: alpha quality** https://inbrowser.link hosts the latest [release](https://github.com/ipfs-shipyard/service-worker-gateway/releases)
-- 🚧 **WIP: alpha quality** https://inbrowser.dev is used for testing, hosts the latest dev version from the `main` branch
+We provide a public good instance of this projct configured to run in [subdomain mode](https://docs.ipfs.tech/how-to/address-ipfs-on-web/#subdomain-gateway),
+aiming to be a drop-in replacement for `dweb.link`:
+
+- 🚧 **WIP: alpha quality** https://inbrowser.link hosts the `release` branch, with a stable [release](https://github.com/ipfs-shipyard/service-worker-gateway/releases)
+- 🚧 **WIP: alpha quality** https://inbrowser.dev hosts the `staging` branch with development / testing version
+
+There is also an instance running in [path mode](https://docs.ipfs.tech/how-to/address-ipfs-on-web/#path-gateway),
+aiming to be a drop-in replacement for `ipfs.io`:
+
+- 🚧 **WIP: alpha quality** https://ipfs-service-worker-gateway.pages.dev hosts the `release` branch, with a stable [release](https://github.com/ipfs-shipyard/service-worker-gateway/releases)
+- 🚧 **WIP: alpha quality** https://staging.ipfs-service-worker-gateway.pages.dev hosts the `staging` branch with development / testing version
 
 ## License
 

diff --git a/docs/DEVELOPMENT.md b/docs/DEVELOPMENT.md
@@ -49,7 +49,7 @@ You can also try <http://sw.localhost/ipns/specs.ipfs.tech> to automatically be
 
 ### Pre-reqs
 
-You have to visit the [hosted site](https://helia-service-worker-gateway.on.fleek.co/) first, and make sure the SW is loaded. Once it is, the below links should work for you.
+You have to visit the landing page first, and make sure the SW is loaded. Once it is, the below links should work for you.
 
 Notes:
 - ⚠️ Deployment of this service worker on environments that don't enable subdomain pathing is not recommended. Path-only gateways do not provide [Origin isolation](https://docs.ipfs.tech/how-to/address-ipfs-on-web/#subdomain-gateway). NEVER use path-only gateways for loading dapps with sensitive information such as keys, passwords, wallets. 

diff --git a/public/index.html b/public/index.html
@@ -23,6 +23,7 @@
     <title><%= htmlWebpackPlugin.options.title %> | <%= htmlWebpackPlugin.options.version %></title>
     <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/css/tachyons.min.css" integrity="sha256-MgEf5i1a74lVzhT+1R6mBbWCUeUaxC8sQTaN5GY+CoI=" crossorigin="anonymous">
     <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/[email protected]/ipfs.css" integrity="sha256-tlU/gvVvLjSbTOfSZyCzuQxY8QcmHPtJJ1oTXilA9gk=" crossorigin="anonymous">
+    <meta name="robots" content="noindex" />
   </head>
   <body>
     <div id="root" class="montserrat f5"></div>

diff --git a/webpack.config.js b/webpack.config.js
@@ -150,14 +150,31 @@ const dev = {
 }
 
 /**
- * Retrieves the Git branch and short SHA of the current commit.
+ * Retrieves meaningful Git info about the current commit.
  *
- * @returns {string} A string representing the Git branch and short SHA.
+ * @returns {string} A string representing the git revision info.
  */
 const gitRevision = () => {
   try {
     const ref = execSync('git rev-parse --abbrev-ref HEAD').toString().trim()
     const sha = execSync('git rev-parse --short HEAD').toString().trim()
+
+    try {
+      // detect production build
+      execSync('git fetch --force --depth=1 --quiet origin production')
+      const latestProduction = execSync('git rev-parse remotes/origin/production').toString().trim()
+      if (latestProduction.startsWith(sha)) {
+        return `production@${sha}`
+      }
+
+      // detect staging build
+      execSync('git fetch --force --depth=1 --quiet origin staging')
+      const latestStaging = execSync('git rev-parse remotes/origin/staging').toString().trim()
+      if (latestStaging.startsWith(sha)) {
+        return `staging@${sha}`
+      }
+    } catch (_) { /* noop */ }
+
     return `${ref}@${sha}`
   } catch (_) {
     return `no-git-dirty@${new Date().getTime().toString()}`