feature/1120 leverage service authorization (#1188)

* refactor: remove redundant branch trigger for scheduled releases

* refactor: simplify process-compose commands and improve logging

* refactor: remove redundant  command

* refactor: remove unused error variables and simplify database configuration

* feat: introduce task runner for project automation

* refactor: Remove hardcoded action and method from form components

* refactor: move server setup to main.go and add prometheus metrics

* refactor: move index handlers to render handlers

* refactor: improve user identification logic in gateway and vault handlers

* refactor: rename TitleDescription to TitleDesc for consistency

* feat: integrate go-useragent library for enhanced user agent parsing

* feat: enhance initial view rendering based on device type

* feat: Add support for PostgreSQL database

* fix: Use formatPsqlDSN() to properly set PostgreSQL DSN from command flags

* feat: Add PostgreSQL support with fallback to SQLite in NewGormDB

* feat: Add PostgreSQL connection validation with SQLite fallback

* chore: update golang.org/x/crypto dependency to v0.31.0

* feat: add PKL-based configuration initialization

* refactor: improve file naming consistency in cmd/sonrd

* refactor: Improve init-pkl command with safer config file generation and error handling

* fix: add logging for pkl evaluation results

* refactor: Move credential handling to gateway context

* refactor: Migrate session models to gateway package

* refactor: rename models and update User model

* chore: initial commit for address and pubkey functionality

* refactor: move pubkey package to keys package

* refactor: Rename models and add resolver service

* feat: add gRPC clients for bank, DID, DWN, and SVC modules

* refactor: Migrate title and description components from text package to hero package

* refactor: improve file naming conventions

* feat: add user credential validation

* refactor: rename registration handlers and routes for clarity

* <no value>

* refactor: Decouple database and IPFS interactions from server setup

* refactor: Migrate configuration from class-based to TOML-based structure

* refactor: move network configuration files to sonr.net module

* feature/1120-leverage-service-authorization

* fix: correct DID identifier creation function name

* feat: add compressed and uncompressed public keys to keyset

* refactor: move address packages to crypto/address

* feat: implement pubkey verification

* refactor: remove ECDSA-related functions from keyshare and protocol modules

* feat: Implement ECDSA signature serialization

* <no value>

* feat: add vault service for IPFS token storage

* refactor: update ucan codec to use new DID generation method

* refactor: refactor key management and move address parsers to keys package

* refactor: rename key parsers and move to parsers package

* fix: resolved import issues with the new spec

* feat: improve user onboarding experience by updating button text and functionality

* refactor: update point marshaling and unmarshaling methods to use JSON

* refactor: remove unnecessary DID method from PubKey

* refactor: Rename and refactor MPC key generation functions

* test: Add comprehensive test suite for keyshare generation and validation

* test: Fix keyshare role validation and encoding tests

* feat: Update key share role tests with enclave initialization validation

* test(mpc): refactor tests to focus on public API and remove internal role checks

* refactor: Remove unnecessary role check in initKeyEnclave function

* fix: Enforce strict order for validator and user keyshares in enclave initialization

* fix: Update codec_test to match latest codec implementation

* refactor: Update KeyEnclave to use string-based key shares and improve error handling

* fix: Refactor MPC enclave to use string-based encoding and simplify key management

* refactor: Remove redundant keyshare decoding tests in codec_test.go

* fix: Resolve type conversion issues in MPC crypto enclave initialization

* fix: Convert CID to byte slice in addEnclaveIPFS function

* fix: Resolve type conversion and constant definition errors in MPC crypto utils

* refactor: Simplify KeyShare encoding and role handling in MPC codec

* fix: Resolve JSON unmarshaling type mismatch in KeyShare.Message()

* fix: Refactor KeyEnclave to use struct and Enclave interface

* fix: Resolve type and naming conflicts in MPC crypto package

* refactor: Update codec_test.go to use new KeyEnclave struct fields

* refactor: remove keyshare encoding and decoding logic

* refactor: Remove unused JSON marshaling functions for curve points

* fix: Improve signature serialization and deserialization in MPC crypto

This commit addresses several issues with signature handling:
- Fixed signature length to 65 bytes
- Added proper padding for R and S values
- Added nil and zero value checks
- Improved error messages for signature parsing

The changes ensure more robust signature encoding and decoding, preventing potential nil pointer and invalid signature issues.

* fix: Update signature serialization to match protocol test approach

* refactor: Simplify KeyEnclave struct and improve message handling

* fix: Improve signature serialization and verification in MPC crypto module

* refactor: Simplify enclave validation using IsValid method in test

* refactor: Add marshaling and comprehensive tests for KeyEnclave

* feat: Add JSON marshaling support for Point in KeyEnclave

* refactor: Rename KeyEnclave to Enclave and update related functions

* refactor: Update PubKey verification to use SHA3-256 hashing

* test: Add comprehensive tests for DID and PubKey implementations

* refactor: simplify DID key retrieval

* test: refactor CI workflow and remove unused DIDAuth middleware

* The changes look good! The updated workflows will now:

1. Run tests on push to master
2. Bump the version if the commit doesn't already start with 'bump:'
3. Trigger a release workflow automatically with the new version tag
4. Create and publish the release

A few things to note:
- Make sure you have the `peter-evans/repository-dispatch` action installed/available
- The `commitizen-tools/commitizen-action` should output the new tag for this to work
- Ensure your release workflow can handle the repository dispatch event

Would you like me to review or suggest any additional modifications to the workflows?

* ci(github actions): add build stage dependency for tests

* fix(workflow): update workflow to trigger on PR edits

* test: Update unit test dependencies

* ci: Add GoReleaser dry-run check for merge group events

* test: remove unnecessary dependencies between test jobs

* ci: Make race and coverage tests depend on build tests

.github/workflows/checks.yml

@@ -0,0 +1,122 @@
+name: Run All Checks
+
+on:
+  pull_request:
+  merge_group:
+
+jobs:
+  test-builds:
+    runs-on: ubuntu-latest
+    name: Run Build Tests
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          repository: onsonr/sonr
+          fetch-depth: 0
+          fetch-tags: true
+
+      - uses: actions/setup-go@v5
+        with:
+          go-version: "1.23"
+          check-latest: true
+      - name: Run Sonrd Build
+        run: make build
+      - name: Run Hway Build
+        run: make build-hway
+      - name: Run Motr Build
+        run: make build-motr
+
+  test-unit:
+    needs: [test-builds]
+    runs-on: ubuntu-latest
+    name: Run Unit Tests
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          repository: onsonr/sonr
+          fetch-depth: 0
+          fetch-tags: true
+
+      - uses: actions/setup-go@v5
+        with:
+          go-version: "1.23"
+          check-latest: true
+      - run: make test-unit
+
+  test-race:
+    runs-on: ubuntu-latest
+    needs: [test-builds]
+    name: Run Race Tests
+    continue-on-error: true
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          repository: onsonr/sonr
+          fetch-depth: 0
+          fetch-tags: true
+
+      - uses: actions/setup-go@v5
+        with:
+          go-version: "1.23"
+          check-latest: true
+      - run: make test-race
+
+  test-cover:
+    runs-on: ubuntu-latest
+    needs: [test-builds]
+    name: Run Coverage Tests
+    continue-on-error: true
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          repository: onsonr/sonr
+          fetch-depth: 0
+          fetch-tags: true
+
+      - uses: actions/setup-go@v5
+        with:
+          go-version: "1.23"
+          check-latest: true
+      - run: make test-cover
+
+  goreleaser-check:
+    if: github.event_name == 'merge_group'
+    needs: [test-unit]
+    runs-on: ubuntu-latest
+    name: Check GoReleaser Config
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          repository: onsonr/sonr
+          fetch-depth: 0
+          fetch-tags: true
+
+      - uses: actions/setup-go@v5
+        with:
+          go-version: "1.23"
+          check-latest: true
+
+      - name: Check GoReleaser Config
+        uses: goreleaser/goreleaser-action@v5
+        with:
+          distribution: goreleaser-pro
+          version: latest
+          args: check
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }}
+
+      - name: GoReleaser Dry Run
+        uses: goreleaser/goreleaser-action@v5
+        with:
+          distribution: goreleaser-pro
+          version: latest
+          args: release --snapshot --clean --skip=publish
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          GORELEASER_KEY: ${{ secrets.GORELEASER_KEY }}

.github/workflows/label-pr.yml

@@ -1,7 +1,7 @@
 name: PR Labeler
 on:
   pull_request:
-    types: [opened]
+    types: [opened, edited]
 
 permissions:
   contents: read

.github/workflows/scheduled-release.yml

@@ -4,8 +4,9 @@ on:
   push:
     tags:
       - "v[0-9]+.[0-9]+.[0-9]+"
-    branches: ["develop"]
   workflow_dispatch:
+  repository_dispatch:
+    types: [trigger-release]
 
 permissions:
   contents: write

.github/workflows/version-bump.yml

@@ -1,4 +1,4 @@
-name: Update Version
+name: Update Version and Release
 
 on:
   push:
@@ -27,13 +27,29 @@ jobs:
     runs-on: ubuntu-latest
     name: "Bump Version"
     if: ${{ !startsWith(github.event.head_commit.message, 'bump:') }}
+    outputs:
+      new_tag: ${{ steps.bump.outputs.new_tag }}
     steps:
       - uses: actions/checkout@v4
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
           fetch-depth: 0
       - name: Create bump and changelog
+        id: bump
         uses: commitizen-tools/commitizen-action@master
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           increment: "PATCH"
+
+  trigger-release:
+    needs: [bump-version]
+    if: needs.bump-version.outputs.new_tag != ''
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Trigger release workflow
+        uses: peter-evans/repository-dispatch@v2
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          event-type: trigger-release
+          client-payload: '{"tag": "${{ needs.bump-version.outputs.new_tag }}"}'

.gitignore

@@ -61,9 +61,6 @@ override.tf.json
 .terraformrc
 terraform.rc
 
-Taskfile.yml
-
-!deploy/**/Taskfile.yml
 
 # Misc
 .DS_Store

Makefile

@@ -184,7 +184,6 @@ format: format-tools
 
 mod-tidy:
 	go mod tidy
-	cd interchaintest && go mod tidy
 
 .PHONY: format-tools lint format mod-tidy
 
@@ -312,8 +311,8 @@ sh-testnet: mod-tidy
 gen-pkl: init-env
 	pkl-gen-go pkl/sonr.orm/UCAN.pkl
 	pkl-gen-go pkl/sonr.orm/Models.pkl
-	pkl-gen-go pkl/sonr.conf/Hway.pkl
-	pkl-gen-go pkl/sonr.conf/Motr.pkl
+	pkl-gen-go pkl/sonr.net/Hway.pkl
+	pkl-gen-go pkl/sonr.net/Motr.pkl
 
 gen-templ: init-env
 	templ generate
@@ -343,9 +342,6 @@ logs-sonr: init-env
 .PHONY: deploy start start-tui start-uds stop stop-uds restart status
 
 start: build-hway init-env
-	bin/process-compose up --port $(PC_PORT_NUM) --log-file $(PC_LOG_FILE) --detached -f deploy/process-compose.yaml
-
-start-tui: build-hway init-env
 	bin/process-compose up --port $(PC_PORT_NUM) --log-file $(PC_LOG_FILE) -f deploy/process-compose.yaml
 
 start-uds: build-hway init-env
@@ -359,6 +355,9 @@ stop-uds: init-env
 
 status: init-env
 	bin/process-compose project state --port $(PC_PORT_NUM)
+
+status-uds: init-env
+	bin/process-compose project state --use-uds --unix-socket $(PC_SOCKET_PATH)
 ###############################################################################
 ###                                     help                                ###
 ###############################################################################

cmd/hway/cmds.go

@@ -6,27 +6,23 @@ import (
 	"net/http"
 	"os"
 
-	"github.com/labstack/echo/v4"
-	"github.com/labstack/echo/v4/middleware"
-	"github.com/onsonr/sonr/crypto/ucan"
-	"github.com/onsonr/sonr/internal/gateway"
-	"github.com/onsonr/sonr/pkg/common/ipfs"
-	config "github.com/onsonr/sonr/pkg/config/hway"
-	"github.com/onsonr/sonr/pkg/database/sessions"
-	"github.com/onsonr/sonr/pkg/didauth/producer"
 	"github.com/spf13/cobra"
 )
 
 // Command line flags
 var (
 	servePort      int    // Gateway http entry point (default 3000)
-	configDir      string // Hway config directory (default hway)
-	sqliteFile     string // SQLite database file (default hway.db)
 	chainID        string // Current chain ID (default sonr-testnet-1)
 	ipfsGatewayURL string // IPFS gateway URL (default localhost:8080)
 	sonrAPIURL     string // Sonr API URL (default localhost:1317)
 	sonrGrpcURL    string // Sonr gRPC URL (default localhost:9090)
 	sonrRPCURL     string // Sonr RPC URL (default localhost:26657)
+
+	sqliteFile string // SQLite database file (default hway.db)
+	psqlHost   string // PostgresSQL Host Flag
+	psqlUser   string // PostgresSQL User Flag
+	psqlPass   string // PostgresSQL Password Flag
+	psqlDB     string // PostgresSQL Database Flag
 )
 
 func rootCmd() *cobra.Command {
@@ -38,7 +34,11 @@ func rootCmd() *cobra.Command {
 			if err != nil {
 				panic(err)
 			}
-			e, err := setupServer(env)
+			db, ipc, err := initDeps(env)
+			if err != nil {
+				panic(err)
+			}
+			e, err := setupServer(env, db, ipc)
 			if err != nil {
 				panic(err)
 			}
@@ -50,50 +50,22 @@ func rootCmd() *cobra.Command {
 		},
 	}
 	cmd.Flags().IntVar(&servePort, "serve-port", 3000, "Port to serve the gateway on")
-	cmd.Flags().StringVar(&configDir, "config-dir", "hway", "Directory to store config files")
-	cmd.Flags().StringVar(&sqliteFile, "sqlite-file", "hway.db", "File to store sqlite database")
 	cmd.Flags().StringVar(&chainID, "chain-id", "sonr-testnet-1", "Chain ID")
 	cmd.Flags().StringVar(&ipfsGatewayURL, "ipfs-gateway-url", "localhost:8080", "IPFS gateway URL")
 	cmd.Flags().StringVar(&sonrAPIURL, "sonr-api-url", "localhost:1317", "Sonr API URL")
 	cmd.Flags().StringVar(&sonrGrpcURL, "sonr-grpc-url", "localhost:9090", "Sonr gRPC URL")
 	cmd.Flags().StringVar(&sonrRPCURL, "sonr-rpc-url", "localhost:26657", "Sonr RPC URL")
+	cmd.Flags().StringVar(&sqliteFile, "sqlite-file", "hway.db", "File to store sqlite database")
+	cmd.Flags().StringVar(&psqlHost, "psql-host", "", "PostgresSQL Host")
+	cmd.Flags().StringVar(&psqlUser, "psql-user", "", "PostgresSQL User")
+	cmd.Flags().StringVar(&psqlPass, "psql-pass", "", "PostgresSQL Password")
+	cmd.Flags().StringVar(&psqlDB, "psql-db", "", "PostgresSQL Database")
 	return cmd
 }
 
-func loadEnvImplFromArgs(args []string) (config.Hway, error) {
-	cmd := rootCmd()
-	if err := cmd.ParseFlags(args); err != nil {
-		return nil, err
-	}
-
-	env := &config.HwayImpl{
-		ServePort:      servePort,
-		ConfigDir:      configDir,
-		SqliteFile:     sqliteFile,
-		ChainId:        chainID,
-		IpfsGatewayUrl: ipfsGatewayURL,
-		SonrApiUrl:     sonrAPIURL,
-		SonrGrpcUrl:    sonrGrpcURL,
-		SonrRpcUrl:     sonrRPCURL,
-	}
-	return env, nil
-}
-
-// setupServer sets up the server
-func setupServer(env config.Hway) (*echo.Echo, error) {
-	ipc, err := ipfs.NewClient()
-	if err != nil {
-		return nil, err
-	}
-	db, err := sessions.NewGormDB(env)
-	if err != nil {
-		return nil, err
+func formatPsqlDSN() string {
+	if psqlHost == "" {
+		return ""
 	}
-	e := echo.New()
-	e.IPExtractor = echo.ExtractIPDirect()
-	e.Use(middleware.Logger())
-	e.Use(middleware.Recover())
-	e.Use(producer.Middleware(ipc, ucan.ServicePermissions))
-	gateway.RegisterRoutes(e, env, db)
-	return e, nil
+	return fmt.Sprintf("host=%s user=%s password=%s dbname=%s sslmode=disable", psqlHost, psqlUser, psqlPass, psqlDB)
 }