From 1d09e4bdea7e328cf2740818df9df660c5532a99 Mon Sep 17 00:00:00 2001 From: DanConwayDev Date: Fri, 13 Feb 2026 13:24:46 +0000 Subject: feat: implement announcement purgatory core (breaks archive sync test) Route new announcements to purgatory instead of accepting immediately. Announcements are promoted to the database when git data arrives, ensuring we only serve announcements for repos with actual content. Implemented: - AnnouncementPurgatoryEntry type and DashMap store - Route new announcements to purgatory (replacement announcements skip) - Promote announcements on git data arrival (process_purgatory_announcements) - Authorization checks purgatory announcements (fetch_repository_data_with_purgatory) - State policy uses purgatory announcements for maintainer validation - Cleanup task handles announcement expiry - Updated count()/cleanup() to 3-tuples Known broken: - test_archive_read_only_creates_bare_repo fails: sync module does not treat purgatory announcements as confirmed repos, so per-repo sync (state events, PRs) is never triggered for purgatory announcements - Announcement persistence (save/restore) not implemented - SyncLevel (StateOnly vs Full) not implemented - Soft expiry two-phase not implemented - Expiry extension on state event / git auth not wired up --- src/nostr/builder.rs | 23 ++++++++ src/nostr/policy/announcement.rs | 117 +++++++++++++++++++++++++++++++++++++-- src/nostr/policy/state.rs | 10 +++- 3 files changed, 142 insertions(+), 8 deletions(-) (limited to 'src/nostr') diff --git a/src/nostr/builder.rs b/src/nostr/builder.rs index 34014db..aff12a6 100644 --- a/src/nostr/builder.rs +++ b/src/nostr/builder.rs @@ -138,6 +138,29 @@ impl Nip34WritePolicy { } } } + AnnouncementResult::AcceptPurgatory => { + // New announcement - add to purgatory + match self.announcement_policy.add_to_purgatory(event) { + Ok(()) => { + tracing::info!( + "Accepted announcement to purgatory: {} (waiting for git data)", + event_id_str + ); + WritePolicyResult::Reject { + status: true, // Client sees OK + message: "purgatory: won't be served until git data arrives".into(), + } + } + Err(e) => { + tracing::warn!( + "Failed to add announcement to purgatory {}: {}", + event_id_str, + e + ); + WritePolicyResult::reject(e) + } + } + } AnnouncementResult::AcceptMaintainer => { // Parse announcement to get details for logging match RepositoryAnnouncement::from_event(event.clone()) { diff --git a/src/nostr/policy/announcement.rs b/src/nostr/policy/announcement.rs index 15a6e58..1118497 100644 --- a/src/nostr/policy/announcement.rs +++ b/src/nostr/policy/announcement.rs @@ -3,6 +3,7 @@ /// Handles validation of NIP-34 repository announcements (kind 30617) /// according to GRASP-01 specification. use nostr_relay_builder::prelude::{Alphabet, Event, Filter, Kind, PublicKey, SingleLetterTag}; +use std::collections::HashSet; use super::PolicyContext; use crate::config::Config; @@ -11,12 +12,14 @@ use crate::nostr::events::{validate_announcement, RepositoryAnnouncement}; /// Result of announcement policy evaluation #[derive(Debug, Clone, PartialEq)] pub enum AnnouncementResult { - /// Accept: Event lists our service (GRASP-01 compliant) + /// Accept: Event lists our service (GRASP-01 compliant) - replacement announcement Accept, /// Accept as maintainer: Event accepted via maintainer exception (multi-maintainer) AcceptMaintainer, /// Accept as archive: Event accepted via GRASP-05 archive whitelist (read-only) AcceptArchive, + /// Accept to purgatory: New announcement, waiting for git data + AcceptPurgatory, /// Reject: Event fails validation with reason Reject(String), } @@ -35,10 +38,12 @@ impl AnnouncementPolicy { /// Validate a repository announcement event /// - /// Returns `Accept` if the announcement lists the service properly, - /// `AcceptMaintainer` if accepted via maintainer exception, - /// `AcceptArchive` if accepted via GRASP-05 archive config, - /// or `Reject` with reason. + /// Returns: + /// - `Accept` if this is a replacement announcement (active announcement exists) + /// - `AcceptPurgatory` if this is a new announcement (no active announcement exists) + /// - `AcceptMaintainer` if accepted via maintainer exception + /// - `AcceptArchive` if accepted via GRASP-05 archive config + /// - `Reject` with reason if validation fails pub async fn validate(&self, event: &Event) -> AnnouncementResult { // First, try validation (GRASP-01 + GRASP-05) let validation_result = validate_announcement(event, &self.config); @@ -67,11 +72,111 @@ impl AnnouncementPolicy { Err(_) => AnnouncementResult::Reject(reason), } } - // Accept, AcceptArchive, or AcceptMaintainer - return as-is + AnnouncementResult::Accept | AnnouncementResult::AcceptArchive => { + // Parse announcement to check for existing active announcement + match RepositoryAnnouncement::from_event(event.clone()) { + Ok(announcement) => { + // Check if there's already an active announcement for this (pubkey, identifier) + match self + .has_active_announcement(&event.pubkey, &announcement.identifier) + .await + { + Ok(true) => { + // Replacement announcement - accept immediately + tracing::debug!( + identifier = %announcement.identifier, + "Replacement announcement - accepting immediately" + ); + validation_result + } + Ok(false) => { + // New announcement - route to purgatory + tracing::debug!( + identifier = %announcement.identifier, + "New announcement - routing to purgatory" + ); + AnnouncementResult::AcceptPurgatory + } + Err(e) => { + tracing::warn!( + error = %e, + "Failed to check for existing announcement - rejecting" + ); + AnnouncementResult::Reject(format!( + "Database error checking existing announcement: {}", + e + )) + } + } + } + Err(e) => AnnouncementResult::Reject(format!( + "Failed to parse announcement: {}", + e + )), + } + } + // AcceptPurgatory shouldn't come from validate_announcement, but handle it result => result, } } + /// Check if there's an active announcement in the database for this (pubkey, identifier) + async fn has_active_announcement( + &self, + pubkey: &PublicKey, + identifier: &str, + ) -> Result { + let filter = Filter::new() + .kind(Kind::GitRepoAnnouncement) + .author(*pubkey) + .custom_tag( + SingleLetterTag::lowercase(Alphabet::D), + identifier.to_string(), + ); + + let events: Vec = match self.ctx.database.query(filter).await { + Ok(events) => events.into_iter().collect(), + Err(e) => return Err(format!("Database query failed: {}", e)), + }; + + Ok(!events.is_empty()) + } + + /// Add an announcement to purgatory + /// + /// Creates the bare repository and stores the announcement in purgatory + /// until git data arrives. + pub fn add_to_purgatory(&self, event: &Event) -> Result<(), String> { + let announcement = RepositoryAnnouncement::from_event(event.clone()) + .map_err(|e| format!("Failed to parse announcement: {}", e))?; + + // Create bare repository + self.ensure_bare_repository(&announcement)?; + + // Build repo path + let repo_path = self.ctx.git_data_path.join(announcement.repo_path()); + + // Extract relays from announcement + let relays: HashSet = announcement.relays.iter().cloned().collect(); + + // Add to purgatory + self.ctx.purgatory.add_announcement( + event.clone(), + announcement.identifier.clone(), + event.pubkey, + repo_path, + relays, + ); + + tracing::info!( + identifier = %announcement.identifier, + event_id = %event.id, + "Added announcement to purgatory" + ); + + Ok(()) + } + /// Create a bare git repository if it doesn't exist /// Path format: //.git pub fn ensure_bare_repository( diff --git a/src/nostr/policy/state.rs b/src/nostr/policy/state.rs index f94f004..4bfb513 100644 --- a/src/nostr/policy/state.rs +++ b/src/nostr/policy/state.rs @@ -10,7 +10,7 @@ use nostr_relay_builder::prelude::Event; use super::PolicyContext; use crate::git; -use crate::git::authorization::fetch_repository_data; +use crate::git::authorization::fetch_repository_data_with_purgatory; use crate::nostr::events::{validate_state, RepositoryAnnouncement, RepositoryState}; /// Result of state policy evaluation @@ -76,7 +76,13 @@ impl StatePolicy { } // Get all repositories and state events from db with identifier - let db_repo_data = fetch_repository_data(&self.ctx.database, &state.identifier).await?; + // Include purgatory announcements for authorization + let db_repo_data = fetch_repository_data_with_purgatory( + &self.ctx.database, + &self.ctx.purgatory, + &state.identifier, + ) + .await?; // CRITICAL: Check if author is authorized via maintainer set // State events MUST be rejected if author is not in maintainer set of any accepted announcement -- cgit v1.2.3