Merge remote-tracking branch 'origin/main' into legacy-request-transl…

…ation

.github/workflows/policy-engine.yml

@@ -17,6 +17,21 @@ jobs:
     name: Build and test
 
     runs-on: ubuntu-latest
+
+    services:
+      postgres:
+        image: postgres:14
+        ports:
+          - '5432:5432'
+        env:
+          POSTGRES_USER: postgres
+          POSTGRES_PASSWORD: postgres
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+
     steps:
       - name: Checkout
         uses: actions/checkout@master
@@ -40,6 +55,8 @@ jobs:
         shell: bash
         run: |
           make policy-engine/copy-default-env
+          make policy-engine/test/db/setup
+          make policy-engine/db/generate-types
 
       - name: Test types
         shell: bash

.gitignore

@@ -55,6 +55,7 @@ Thumbs.db
 .env.test
 
 /rego-build
+/apps/devtool/data-store/storage.json
 
 *.sqlite
 *.sqlite-journal

Makefile

@@ -1,4 +1,5 @@
 include ./apps/armory/Makefile
+include ./apps/devtool/Makefile
 include ./apps/policy-engine/Makefile
 include ./packages/policy-engine-shared/Makefile
 include ./packages/transaction-request-intent/Makefile

apps/armory/.env.test.default

@@ -1,6 +1,11 @@
-# IMPORTANT: The variables defined here will override other variables.
-# See `./apps/armory/jest.setup.ts`.
-
 NODE_ENV=test
 
+PORT=3005
+
 ARMORY_DATABASE_URL="postgresql://postgres:postgres@localhost:5432/armory_test?schema=public"
+
+REDIS_HOST=localhost
+REDIS_PORT=6379
+
+PRICE_FEED_PRIVATE_KEY="0xc7a1b8ba040a238e36058fc5693f801d129aca9f10ed30d0133878f1b9147c01"
+HISTORICAL_TRANSFER_FEED_PRIVATE_KEY="0xf5c8f17cc09215c5038f6b8d5e557c0d98d341236307fe831efdcdd7faeef134"

apps/armory/jest.setup.ts

@@ -3,26 +3,28 @@ import fs from 'fs'
 import nock from 'nock'
 
 const testEnvFile = `${__dirname}/.env.test`
-const envFile = `${__dirname}/.env`
 
 // Ensure a test environment variable file exists because of the override config
 // loading mechanics below.
 if (!fs.existsSync(testEnvFile)) {
-  throw new Error('No .env.test file found. Please create one by running "make armory/copy-default-env".')
+  throw new Error('No .env.test file found. Please create one by running "make policy-engine/copy-default-env".')
+}
+
+// By default, dotenv always loads .env and then you can override with .env.test
+// But this is confusing, because then you have to look in multiple files to know which envs are loaded
+// So we will clear all envs and then load .env.test
+// NOTE: This will also override any CLI-declared envs (e.g. `MY_ENV=test jest`)
+for (const prop in process.env) {
+  if (Object.prototype.hasOwnProperty.call(process.env, prop)) {
+    delete process.env[prop]
+  }
 }
 
-// We don't want to have two dotenv files that are exactly the same, so we
-// override the default with .env.test.
-//
-// If a .env.test file is not found, the DATABASE_URL will fallback to the
-// default. Consequently, you'll lose your development database during the
-// integration tests teardown. Hence, the check above.
-dotenv.config({ path: envFile })
 dotenv.config({ path: testEnvFile, override: true })
 
 // Disable outgoing HTTP requests to avoid flaky tests.
 nock.disableNetConnect()
 
-// Enable local outgoing HTTP request to allow E2E tests with supertestwith
-// supertest to work.
-nock.enableNetConnect(/127.0.0.1|localhost/)
+// Enable outgoing HTTP requests to 127.0.0.1 to allow E2E tests with
+// supertestwith supertest to work.
+nock.enableNetConnect('127.0.0.1')

apps/armory/src/data-feed/core/service/__test__/unit/historical-transfer-feed.service.spec.ts

@@ -1,4 +1,4 @@
-import { Alg } from '@narval/policy-engine-shared'
+import { Alg } from '@narval/signature'
 import { ConfigModule } from '@nestjs/config'
 import { Test, TestingModule } from '@nestjs/testing'
 import { MockProxy, mock } from 'jest-mock-extended'

apps/armory/src/data-feed/core/service/__test__/unit/price-feed.service.spec.ts

@@ -1,4 +1,5 @@
-import { Alg, Prices } from '@narval/policy-engine-shared'
+import { Prices } from '@narval/policy-engine-shared'
+import { Alg } from '@narval/signature'
 import { ConfigModule } from '@nestjs/config'
 import { Test, TestingModule } from '@nestjs/testing'
 import { MockProxy, mock } from 'jest-mock-extended'

apps/armory/src/data-feed/core/service/historical-transfer-feed.service.ts

@@ -1,4 +1,5 @@
-import { Alg, Feed, HistoricalTransfer, Signature, hashRequest } from '@narval/policy-engine-shared'
+import { Feed, HistoricalTransfer, Signature } from '@narval/policy-engine-shared'
+import { Alg, hash } from '@narval/signature'
 import { Injectable } from '@nestjs/common'
 import { ConfigService } from '@nestjs/config'
 import { mapValues, omit } from 'lodash/fp'
@@ -29,7 +30,7 @@ export class HistoricalTransferFeedService implements DataFeed<HistoricalTransfe
   async sign(data: HistoricalTransfer[]): Promise<Signature> {
     const account = privateKeyToAccount(this.getPrivateKey())
     const sig = await account.signMessage({
-      message: hashRequest(data)
+      message: hash(data)
     })
 
     return {

apps/armory/src/data-feed/core/service/price-feed.service.ts

@@ -1,4 +1,5 @@
-import { Action, Alg, AssetId, Feed, Signature, hashRequest } from '@narval/policy-engine-shared'
+import { Action, AssetId, Feed, Signature } from '@narval/policy-engine-shared'
+import { Alg, hash } from '@narval/signature'
 import { InputType, Intents, safeDecode } from '@narval/transaction-request-intent'
 import { Injectable } from '@nestjs/common'
 import { ConfigService } from '@nestjs/config'
@@ -28,7 +29,7 @@ export class PriceFeedService implements DataFeed<Prices> {
   async sign(data: Prices): Promise<Signature> {
     const account = privateKeyToAccount(this.getPrivateKey())
     const sig = await account.signMessage({
-      message: hashRequest(data)
+      message: hash(data)
     })
 
     return {

apps/armory/src/orchestration/__test__/e2e/authorization-request.spec.ts

@@ -1,4 +1,5 @@
-import { Action, Alg } from '@narval/policy-engine-shared'
+import { Action } from '@narval/policy-engine-shared'
+import { Alg } from '@narval/signature'
 import { getQueueToken } from '@nestjs/bull'
 import { HttpStatus, INestApplication } from '@nestjs/common'
 import { ConfigModule } from '@nestjs/config'

apps/armory/src/orchestration/core/service/__test__/unit/cluster.service.spec.ts

@@ -1,4 +1,5 @@
-import { Alg, Decision, EvaluationResponse, Feed, Prices, hashRequest } from '@narval/policy-engine-shared'
+import { Decision, EvaluationResponse, Feed, Prices } from '@narval/policy-engine-shared'
+import { Alg, hash } from '@narval/signature'
 import { Test } from '@nestjs/testing'
 import { MockProxy, mock } from 'jest-mock-extended'
 import { PrivateKeyAccount, generatePrivateKey, privateKeyToAccount } from 'viem/accounts'
@@ -98,8 +99,8 @@ describe(ClusterService.name, () => {
       authzRequest: AuthorizationRequest,
       partial?: Partial<EvaluationResponse>
     ): Promise<EvaluationResponse> => {
-      const hash = hashRequest(authzRequest.request)
-      const signature = await nodeAccount.signMessage({ message: hash })
+      const requestHash = hash(authzRequest.request)
+      const signature = await nodeAccount.signMessage({ message: requestHash })
 
       return {
         decision: Decision.PERMIT,
@@ -167,7 +168,7 @@ describe(ClusterService.name, () => {
     it('throws when node attestation is invalid', async () => {
       const permit = await generateEvaluationResponse(nodeAccount, authzRequest)
       const signature = await nodeAccount.signMessage({
-        message: hashRequest({ notTheOriginalRequest: true })
+        message: hash({ notTheOriginalRequest: true })
       })
 
       authzApplicationClientMock.evaluation.mockResolvedValue({

apps/armory/src/orchestration/core/service/cluster.service.ts

@@ -1,4 +1,5 @@
-import { Decision, EvaluationRequest, EvaluationResponse, hashRequest } from '@narval/policy-engine-shared'
+import { Decision, EvaluationRequest, EvaluationResponse } from '@narval/policy-engine-shared'
+import { hash } from '@narval/signature'
 import { Injectable, Logger } from '@nestjs/common'
 import { zip } from 'lodash/fp'
 import { ClusterNotFoundException } from '../../core/exception/cluster-not-found.exception'
@@ -119,10 +120,10 @@ export class ClusterService {
   }
 
   private async recoverPubKey(response: EvaluationResponse) {
-    const hash = hashRequest(response.request) as `0x${string}`
+    const requestHash = hash(response.request) as `0x${string}`
 
     return recoverMessageAddress({
-      message: hash,
+      message: requestHash,
       signature: response.attestation?.sig as `0x${string}`
     })
   }

apps/armory/src/orchestration/http/rest/dto/signature.dto.ts

@@ -1,4 +1,4 @@
-import { Alg } from '@narval/policy-engine-shared'
+import { Alg } from '@narval/signature'
 import { ApiProperty } from '@nestjs/swagger'
 import { IsDefined, IsIn, IsOptional, IsString } from 'class-validator'
 

apps/armory/src/orchestration/persistence/repository/__test__/integration/authorization-request.repository.spec.ts

@@ -1,4 +1,5 @@
-import { Action, Alg, Signature } from '@narval/policy-engine-shared'
+import { Action, Signature } from '@narval/policy-engine-shared'
+import { Alg } from '@narval/signature'
 import { ConfigModule } from '@nestjs/config'
 import { Test, TestingModule } from '@nestjs/testing'
 import { AuthorizationRequestStatus, Organization } from '@prisma/client/armory'

apps/armory/src/orchestration/persistence/schema/signature.schema.ts

@@ -1,4 +1,4 @@
-import { Alg } from '@narval/policy-engine-shared'
+import { Alg } from '@narval/signature'
 import { z } from 'zod'
 
 export const algSchema = z.nativeEnum(Alg)

apps/armory/src/orchestration/queue/consumer/__test__/integration/authorization-request-processing.consumer.spec.ts

@@ -1,4 +1,5 @@
-import { Action, Alg, Signature } from '@narval/policy-engine-shared'
+import { Action, Signature } from '@narval/policy-engine-shared'
+import { Alg } from '@narval/signature'
 import { HttpModule } from '@nestjs/axios'
 import { BullModule, getQueueToken } from '@nestjs/bull'
 import { ConfigModule } from '@nestjs/config'

apps/armory/src/orchestration/queue/producer/__test__/integration/authorization-request-processing.producer.spec.ts

@@ -1,4 +1,5 @@
-import { Action, Alg, Signature } from '@narval/policy-engine-shared'
+import { Action, Signature } from '@narval/policy-engine-shared'
+import { Alg } from '@narval/signature'
 import { BullModule, getQueueToken } from '@nestjs/bull'
 import { ConfigModule } from '@nestjs/config'
 import { Test, TestingModule } from '@nestjs/testing'

apps/devtool/.eslintrc.json

@@ -0,0 +1,53 @@
+{
+  "extends": [
+    "plugin:@nx/react-typescript",
+    "next",
+    "next/core-web-vitals",
+    "../../.eslintrc.json"
+  ],
+  "ignorePatterns": [
+    "!**/*",
+    ".next/**/*"
+  ],
+  "overrides": [
+    {
+      "files": [
+        "*.ts",
+        "*.tsx",
+        "*.js",
+        "*.jsx"
+      ],
+      "rules": {
+        "@next/next/no-html-link-for-pages": [
+          "error",
+          "apps/devtool/pages"
+        ]
+      }
+    },
+    {
+      "files": [
+        "*.ts",
+        "*.tsx"
+      ],
+      "rules": {}
+    },
+    {
+      "files": [
+        "*.js",
+        "*.jsx"
+      ],
+      "rules": {}
+    },
+    {
+      "files": [
+        "*.spec.ts",
+        "*.spec.tsx",
+        "*.spec.js",
+        "*.spec.jsx"
+      ],
+      "env": {
+        "jest": true
+      }
+    }
+  ]
+}

apps/devtool/Makefile

@@ -0,0 +1,7 @@
+DEVTOOL_PROJECT_NAME := devtool
+DEVTOOL_PROJECT_DIR := ./apps/devtool
+
+# === Start ===
+
+devtool/start/dev:
+	npx nx serve ${DEVTOOL_PROJECT_NAME}

apps/devtool/index.d.ts

@@ -0,0 +1,8 @@
+/* eslint-disable @typescript-eslint/no-explicit-any */
+declare module '*.svg' {
+  const content: any;
+  export const ReactComponent: any;
+  export default content;
+}
+
+

apps/devtool/jest.config.ts

@@ -0,0 +1,11 @@
+/* eslint-disable */
+export default {
+  displayName: 'devtool',
+  preset: '../../jest.preset.js',
+  transform: {
+    '^(?!.*\\.(js|jsx|ts|tsx|css|json)$)': '@nx/react/plugins/jest',
+    '^.+\\.[tj]sx?$': ['babel-jest', { presets: ['@nx/next/babel'] }]
+  },
+  moduleFileExtensions: ['ts', 'tsx', 'js', 'jsx'],
+  coverageDirectory: '../../coverage/apps/devtool'
+};

apps/devtool/next-env.d.ts

@@ -0,0 +1,5 @@
+/// <reference types="next" />
+/// <reference types="next/image-types/global" />
+
+// NOTE: This file should not be edited
+// see https://nextjs.org/docs/basic-features/typescript for more information.

apps/devtool/next.config.js

@@ -0,0 +1,24 @@
+//@ts-check
+
+// eslint-disable-next-line @typescript-eslint/no-var-requires
+const { composePlugins, withNx } = require('@nx/next');
+
+
+/**
+ * @type {import('@nx/next/plugins/with-nx').WithNxOptions}
+ **/
+const nextConfig = {
+  nx: {
+    // Set this to true if you would like to use SVGR
+    // See: https://github.com/gregberge/svgr
+    svgr: false,
+  },
+};
+
+const plugins = [
+  // Add more Next.js plugins to this list if needed.
+  withNx,
+];
+
+module.exports = composePlugins(...plugins)(nextConfig);
+

apps/devtool/postcss.config.js

@@ -0,0 +1,6 @@
+module.exports = {
+  plugins: {
+    tailwindcss: {},
+    autoprefixer: {},
+  },
+}

apps/devtool/project.json

@@ -0,0 +1,44 @@
+{
+  "name": "devtool",
+  "$schema": "../../node_modules/nx/schemas/project-schema.json",
+  "sourceRoot": "apps/devtool",
+  "projectType": "application",
+  "targets": {
+    "build": {
+      "executor": "@nx/next:build",
+      "outputs": ["{options.outputPath}"],
+      "defaultConfiguration": "production",
+      "options": {
+        "outputPath": "dist/devtool"
+      },
+      "configurations": {
+        "development": {},
+        "production": {}
+      }
+    },
+    "serve": {
+      "executor": "@nx/next:server",
+      "defaultConfiguration": "production",
+      "options": {
+        "buildTarget": "devtool:build",
+        "dev": true
+      },
+      "configurations": {
+        "development": {
+          "buildTarget": "devtool:build:development"
+        },
+        "production": {
+          "buildTarget": "devtool:build:production"
+        }
+      }
+    },
+    "test": {
+      "executor": "@nx/jest:jest",
+      "outputs": ["{workspaceRoot}/coverage/{projectRoot}"],
+      "options": {
+        "jestConfig": "apps/devtool/jest.config.ts"
+      }
+    }
+  },
+  "tags": []
+}