Merge branch 'main' into ivo/bson_m

.github/dependabot.yml

@@ -3,4 +3,4 @@ updates:
   - package-ecosystem: docker
     directory: "/"
     schedule:
-      interval: weekly
+      interval: monthly

.github/workflows/ci_release.yml

@@ -0,0 +1,71 @@
+name: Release
+on:
+  push:
+    # Nightly schedule pending full e2e testing with other repos
+    #schedule:
+    # Run daily at 1:15am
+    #- cron: "15 1 * * *"
+  workflow_dispatch:
+    # Inputs the workflow accepts.
+    inputs:
+      version:
+        # Friendly description to be shown in the UI instead of 'name'
+        description: "Semver type of new version (major / minor / patch)"
+        # Input has to be provided for the workflow to run
+        required: true
+        type: choice
+        options:
+          - patch
+          - minor
+          - major
+
+jobs:
+  # Run the linting and tests
+  hadolint:
+    uses: SkynetLabs/.github/.github/workflows/reusable_dockerfile_lint.yml@master
+
+  test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Check out repository code
+        uses: actions/checkout@v3
+      - uses: actions/setup-go@v2
+        with:
+          go-version: "1.18"
+      - name: Install analyze
+        run: go install gitlab.com/NebulousLabs/analyze@latest
+      - name: Install golangci-lint
+        run: curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.45.0
+      - name: Lint
+        run: make lint
+      - name: Run unit tests
+        run: make test
+
+  # Check if there were any changes since the last tag if this is not a push
+  # event
+  changes:
+    needs: [hadolint, test]
+    runs-on: ubuntu-latest
+    outputs:
+      updates: ${{steps.changes.outputs.any == 'true'}}
+    if: ${{ github.event_name != 'push' }}
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0 # Required due to the way Git works, without it this action won't be able to find any or the correct tags
+      - uses: SkynetLabs/.github/.github/actions/changes-since-last-tag@master
+
+  # Make a release if
+  # - there were changes and this is a scheduled job
+  # - This is a manually trigger job, i.e. workflow_dispatch
+  release:
+    needs: changes
+    runs-on: ubuntu-latest
+    if: ${{ (needs.changes.outputs.updates == 'true' && github.event_name == 'schedule') || github.event_name == 'workflow_dispatch' }}
+    steps:
+      - uses: actions/checkout@v3
+      - name: Version Release
+        uses: SkynetLabs/.github/.github/actions/version-release@master
+        with:
+          github-token: ${{secrets.GITHUB_TOKEN}}
+          version-bump: ${{inputs.version}}

Dockerfile

@@ -9,7 +9,7 @@ COPY . .
 
 RUN go mod download && make release
 
-FROM alpine:3.15.3
+FROM alpine:3.15.4
 LABEL maintainer="SkynetLabs <devs@skynetlabs.com>"
 
 COPY --from=builder /go/bin/skynet-accounts /usr/bin/skynet-accounts

api/cache_test.go

@@ -13,6 +13,7 @@ func TestUserTierCache(t *testing.T) {
 	u := &database.User{
 		Sub:             t.Name(),
 		Tier:            database.TierPremium5,
+		CreatedAt:       time.Now().UTC(),
 		SubscribedUntil: time.Now().UTC().Add(100 * time.Hour),
 		QuotaExceeded:   false,
 	}

api/handlers.go

@@ -1013,11 +1013,6 @@ func (api *API) userRecoverRequestPOST(_ *database.User, w http.ResponseWriter,
 		api.WriteError(w, errors.AddContext(err, "failed to fetch the user with this email"), http.StatusInternalServerError)
 		return
 	}
-	// Verify that the user's email is confirmed.
-	if u.EmailConfirmationToken != "" {
-		api.WriteError(w, errors.New("user's email is not confirmed. it cannot be used for account recovery"), http.StatusBadRequest)
-		return
-	}
 	// Generate a new recovery token and add it to the user's account.
 	u.RecoveryToken, err = lib.GenerateUUID()
 	if err != nil {
@@ -1200,22 +1195,14 @@ func (api *API) trackDownloadPOST(u *database.User, w http.ResponseWriter, req *
 }
 
 // trackRegistryReadPOST registers a new registry read in the system.
-func (api *API) trackRegistryReadPOST(u *database.User, w http.ResponseWriter, req *http.Request, _ httprouter.Params) {
-	_, err := api.staticDB.RegistryReadCreate(req.Context(), *u)
-	if err != nil {
-		api.WriteError(w, err, http.StatusInternalServerError)
-		return
-	}
+func (api *API) trackRegistryReadPOST(_ *database.User, w http.ResponseWriter, _ *http.Request, _ httprouter.Params) {
+	// Tracking registry reads is disabled.
 	api.WriteSuccess(w)
 }
 
 // trackRegistryWritePOST registers a new registry write in the system.
-func (api *API) trackRegistryWritePOST(u *database.User, w http.ResponseWriter, req *http.Request, _ httprouter.Params) {
-	_, err := api.staticDB.RegistryWriteCreate(req.Context(), *u)
-	if err != nil {
-		api.WriteError(w, err, http.StatusInternalServerError)
-		return
-	}
+func (api *API) trackRegistryWritePOST(_ *database.User, w http.ResponseWriter, _ *http.Request, _ httprouter.Params) {
+	// Tracking registry writes is disabled.
 	api.WriteSuccess(w)
 }
 

api/routes.go

@@ -77,8 +77,10 @@ func (api *API) buildHTTPRoutes() {
 	api.staticRouter.POST("/user/recover/request", api.WithDBSession(api.noAuth(api.userRecoverRequestPOST)))
 	api.staticRouter.POST("/user/recover", api.WithDBSession(api.noAuth(api.userRecoverPOST)))
 
-	api.staticRouter.POST("/stripe/webhook", api.WithDBSession(api.noAuth(api.stripeWebhookPOST)))
+	api.staticRouter.POST("/stripe/billing", api.WithDBSession(api.withAuth(api.stripeBillingPOST, false)))
+	api.staticRouter.POST("/stripe/checkout", api.WithDBSession(api.withAuth(api.stripeCheckoutPOST, false)))
 	api.staticRouter.GET("/stripe/prices", api.noAuth(api.stripePricesGET))
+	api.staticRouter.POST("/stripe/webhook", api.WithDBSession(api.noAuth(api.stripeWebhookPOST)))
 
 	api.staticRouter.GET("/.well-known/jwks.json", api.noAuth(api.wellKnownJWKSGET))