Compare commits
14
Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 Thomas SharedInboxandClaude Sonnet 4.6
|
70661edbda | ||
|
|
5e029a1365 | ||
|
|
87244de7da | ||
|
|
6d1df2d213 | ||
|
|
29c2c7e96c | ||
|
|
6a097976d3 | ||
|
|
d847d40ab0 | ||
|
Thomas SharedInbox
|
761378f583 | ||
|
|
63da36c18a | ||
|
|
d3bd8dba92 | ||
|
|
9605c5e3b7 | ||
|
|
1681fb9202 | ||
 guettlibotandguettli
|
d7a9c2b4f8 | ||
|
Bot of Thomas Güttler
|
2747c4e63d |
@@ -4,8 +4,18 @@
|
||||
# In systemd service:
|
||||
# ExecStartPre=docker build -t forgejo-act-runner:latest /etc/forgejo/runner
|
||||
# ExecStart=/usr/local/bin/forgejo-runner daemon --config /etc/forgejo/config.yml
|
||||
|
||||
FROM ghcr.io/catthehacker/ubuntu:go-24.04
|
||||
|
||||
# Infrastructure tools required by CI workflows
|
||||
RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||
jq \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# SOPS
|
||||
RUN curl -fsSL -o /usr/local/bin/sops https://github.com/getsops/sops/releases/download/v3.9.4/sops-v3.9.4.linux.amd64 \
|
||||
&& chmod +x /usr/local/bin/sops
|
||||
|
||||
# Dagger CLI — pinned to match the engine version on the runner host
|
||||
RUN curl -fsSL https://dl.dagger.io/dagger/install.sh \
|
||||
| DAGGER_VERSION=0.20.8 BIN_DIR=/usr/local/bin sh
|
||||
|
||||
@@ -34,14 +34,17 @@ jobs:
|
||||
|
||||
HEAD_SHA=$(git rev-parse HEAD)
|
||||
|
||||
# Skip if this exact commit was already successfully deployed (prevents
|
||||
# hourly schedule from redeploying the same commit on every tick).
|
||||
# Find the most recent workflow run where deploy-playstore actually succeeded
|
||||
# (not merely skipped). Bug fix: previous code used commit_sha (always None in
|
||||
# Forgejo's API) instead of head_sha, causing LAST_DEPLOYED_SHA to be empty on
|
||||
# every run and the fallback diff to only cover HEAD~1..HEAD.
|
||||
LAST_DEPLOYED_SHA=$(python3 - << 'PYEOF'
|
||||
import json, os, sys, urllib.request
|
||||
token = os.environ.get("FORGEJO_TOKEN", "")
|
||||
server = os.environ.get("GITHUB_SERVER_URL", "").rstrip("/")
|
||||
repo = os.environ.get("GITHUB_REPOSITORY", "")
|
||||
url = f"{server}/api/v1/repos/{repo}/actions/runs?workflow_id=deploy.yml&status=success&limit=5"
|
||||
base_api = f"{server}/api/v1/repos/{repo}/actions"
|
||||
url = f"{base_api}/runs?workflow_id=deploy.yml&status=success&limit=10"
|
||||
req = urllib.request.Request(url, headers={"Authorization": f"token {token}"})
|
||||
try:
|
||||
with urllib.request.urlopen(req) as r:
|
||||
@@ -50,30 +53,58 @@ jobs:
|
||||
r for r in data.get("workflow_runs", [])
|
||||
if r.get("status") == "success"
|
||||
]
|
||||
print(runs[0].get("commit_sha") or "")
|
||||
# Walk runs newest-first; pick the first one where deploy-playstore
|
||||
# actually ran (conclusion=success), not just skipped.
|
||||
for run in runs:
|
||||
run_id = run.get("id")
|
||||
jobs_url = f"{base_api}/runs/{run_id}/jobs"
|
||||
jobs_req = urllib.request.Request(jobs_url, headers={"Authorization": f"token {token}"})
|
||||
try:
|
||||
with urllib.request.urlopen(jobs_req) as jr:
|
||||
jobs_data = json.loads(jr.read())
|
||||
for job in jobs_data.get("workflow_jobs", []):
|
||||
if "Deploy to Play Store" in job.get("name", "") and (
|
||||
job.get("conclusion") == "success" or
|
||||
job.get("status") == "success"
|
||||
):
|
||||
print(run.get("head_sha") or "")
|
||||
sys.exit(0)
|
||||
except Exception:
|
||||
pass # skip this run if jobs API fails
|
||||
print("")
|
||||
except Exception as e:
|
||||
print(f"API check failed: {e}", file=sys.stderr)
|
||||
print(f"::error::LAST_DEPLOYED_SHA lookup failed ({type(e).__name__}: {e})")
|
||||
print("")
|
||||
PYEOF
|
||||
)
|
||||
|
||||
if [ -n "$LAST_DEPLOYED_SHA" ] && [ "$HEAD_SHA" = "$LAST_DEPLOYED_SHA" ]; then
|
||||
echo "HEAD $HEAD_SHA already successfully deployed — skipping"
|
||||
if [ -z "$LAST_DEPLOYED_SHA" ]; then
|
||||
echo "::warning::Could not determine last successfully deployed SHA — deploying all targets as a precaution"
|
||||
echo "android=true" >> "$GITHUB_OUTPUT"
|
||||
echo "linux=true" >> "$GITHUB_OUTPUT"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if [ "$HEAD_SHA" = "$LAST_DEPLOYED_SHA" ]; then
|
||||
echo "::notice::All deploys SKIPPED — HEAD $HEAD_SHA was already successfully deployed"
|
||||
echo "android=false" >> "$GITHUB_OUTPUT"
|
||||
echo "linux=false" >> "$GITHUB_OUTPUT"
|
||||
echo "skip_reason=commit $HEAD_SHA was already successfully deployed" >> "$GITHUB_OUTPUT"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# Diff from the last successfully deployed commit to catch all changes since
|
||||
# that deploy, not just the most recent commit. Falls back to HEAD~1 when
|
||||
# LAST_DEPLOYED_SHA is unknown or not in local history.
|
||||
if [ -n "$LAST_DEPLOYED_SHA" ] && git cat-file -e "$LAST_DEPLOYED_SHA" 2>/dev/null; then
|
||||
# that deploy, not just the most recent commit. Deploy all targets when the
|
||||
# SHA is not in local history (shallow clone or very old deploy).
|
||||
if git cat-file -e "$LAST_DEPLOYED_SHA" 2>/dev/null; then
|
||||
echo "Diffing from last deployed SHA $LAST_DEPLOYED_SHA"
|
||||
CHANGED=$(git diff --name-only "$LAST_DEPLOYED_SHA" HEAD 2>/dev/null \
|
||||
|| git show --name-only --format= HEAD)
|
||||
else
|
||||
CHANGED=$(git diff --name-only HEAD~1 HEAD 2>/dev/null \
|
||||
|| git show --name-only --format= HEAD)
|
||||
echo "::warning::Last deployed SHA $LAST_DEPLOYED_SHA not in local history — deploying all targets as a precaution"
|
||||
echo "android=true" >> "$GITHUB_OUTPUT"
|
||||
echo "linux=true" >> "$GITHUB_OUTPUT"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
echo "Changed files:"
|
||||
@@ -82,13 +113,25 @@ jobs:
|
||||
android_re='^(android/|integration_test/|lib/|pubspec\.yaml|pubspec\.lock|drift_schemas/|scripts/deploy_playstore\.py)'
|
||||
linux_re='^(linux/|lib/|pubspec\.yaml|pubspec\.lock)'
|
||||
|
||||
echo "$CHANGED" | grep -qE "$android_re" \
|
||||
&& echo "android=true" >> "$GITHUB_OUTPUT" \
|
||||
|| echo "android=false" >> "$GITHUB_OUTPUT"
|
||||
if echo "$CHANGED" | grep -qE "$android_re"; then
|
||||
echo "android=true" >> "$GITHUB_OUTPUT"
|
||||
echo "Android deploy: TRIGGERED (android-relevant files changed)"
|
||||
echo "::notice::Android deploy TRIGGERED — android-relevant files changed since $LAST_DEPLOYED_SHA"
|
||||
else
|
||||
echo "android=false" >> "$GITHUB_OUTPUT"
|
||||
echo "Android deploy: SKIPPED (no android-relevant files changed)"
|
||||
echo "::notice::Android deploy SKIPPED — diff $LAST_DEPLOYED_SHA..HEAD has no android-relevant changes"
|
||||
fi
|
||||
|
||||
echo "$CHANGED" | grep -qE "$linux_re" \
|
||||
&& echo "linux=true" >> "$GITHUB_OUTPUT" \
|
||||
|| echo "linux=false" >> "$GITHUB_OUTPUT"
|
||||
if echo "$CHANGED" | grep -qE "$linux_re"; then
|
||||
echo "linux=true" >> "$GITHUB_OUTPUT"
|
||||
echo "Linux deploy: TRIGGERED (linux-relevant files changed)"
|
||||
echo "::notice::Linux deploy TRIGGERED — linux-relevant files changed since $LAST_DEPLOYED_SHA"
|
||||
else
|
||||
echo "linux=false" >> "$GITHUB_OUTPUT"
|
||||
echo "Linux deploy: SKIPPED (no linux-relevant files changed)"
|
||||
echo "::notice::Linux deploy SKIPPED — diff $LAST_DEPLOYED_SHA..HEAD has no linux-relevant changes"
|
||||
fi
|
||||
|
||||
deploy-playstore:
|
||||
name: Build & Deploy to Play Store
|
||||
@@ -117,6 +160,12 @@ jobs:
|
||||
DAGGER_NO_NAG: "1"
|
||||
run: task publish-android
|
||||
|
||||
- name: Verify Play Store deployment
|
||||
run: |
|
||||
python3 -m venv /tmp/playstore-venv
|
||||
/tmp/playstore-venv/bin/pip install google-auth requests --quiet
|
||||
/tmp/playstore-venv/bin/python3 scripts/verify_playstore_deploy.py
|
||||
|
||||
|
||||
deploy-apk:
|
||||
name: Build & Deploy APK to Server
|
||||
|
||||
@@ -47,6 +47,8 @@ loop/code → loop/code-in-progress → loop/code-done
|
||||
## Code conventions
|
||||
|
||||
- Avoid `else`, use "early return".
|
||||
- Always run `dart format lib/ test/` before committing Dart code. CI enforces formatting with `dart format --set-exit-if-changed` and will fail if files are not formatted.
|
||||
- Import directives must be sorted alphabetically within each section. CI enforces this via `dart analyze --fatal-infos`.
|
||||
|
||||
## Drift (DB)
|
||||
|
||||
|
||||
@@ -39,7 +39,7 @@ WorkingDirectory=/home/dagger-svc
|
||||
# Replace 1003 with the actual UID of dagger-svc
|
||||
Environment=DOCKER_HOST=unix:///run/user/1003/podman/podman.sock
|
||||
Environment=XDG_RUNTIME_DIR=/run/user/1003
|
||||
ExecStart=/usr/bin/nix run github:dagger/nix/v0.11.4#dagger -- engine --addr tcp://0.0.0.0:8080
|
||||
ExecStart=/usr/bin/nix run github:dagger/nix/v0.20.8#dagger -- engine --addr tcp://0.0.0.0:8080
|
||||
Restart=always
|
||||
|
||||
[Install]
|
||||
|
||||
+2
-2
@@ -271,7 +271,7 @@ tasks:
|
||||
- sh: test -n "$SSH_KNOWN_HOSTS"
|
||||
msg: "SSH_KNOWN_HOSTS is not set"
|
||||
cmds:
|
||||
- dagger call --progress=plain -q -m ci --source=. publish-website --ssh-key env:SSH_PRIVATE_KEY --known-hosts env:SSH_KNOWN_HOSTS --ssh-user "$SSH_USER" --ssh-host "$SSH_HOST"
|
||||
- HASH=$(git rev-parse --short HEAD) && dagger call --progress=plain -q -m ci --source=. publish-website --ssh-key env:SSH_PRIVATE_KEY --known-hosts env:SSH_KNOWN_HOSTS --ssh-user "$SSH_USER" --ssh-host "$SSH_HOST" --commit-hash "$HASH"
|
||||
|
||||
check-dagger:
|
||||
desc: Run full check suite via Dagger (with OTEL timing report if python3 is available)
|
||||
@@ -294,7 +294,7 @@ tasks:
|
||||
for attempt in 1 2 3; do
|
||||
run_dagger "$@" && return 0
|
||||
RC=$?
|
||||
if [ "$attempt" -lt 3 ] && { grep -qE "connection reset|context canceled|context deadline exceeded|connection refused|invalid return status code" "$DAGGER_OUT" || [ "$RC" -eq 2 ]; }; then
|
||||
if [ "$attempt" -lt 3 ] && { grep -qE "connection reset|context deadline exceeded|connection refused|invalid return status code" "$DAGGER_OUT" || [ "$RC" -eq 2 ]; }; then
|
||||
echo "$(_ts) dagger: network error on attempt $attempt/3, retrying..." >&2
|
||||
elif [ "$attempt" -lt 3 ] && grep -q "No space left on device" "$DAGGER_OUT"; then
|
||||
echo "$(_ts) dagger: disk space error on attempt $attempt/3, pruning Dagger cache..." >&2
|
||||
|
||||
@@ -7,8 +7,8 @@ require (
|
||||
github.com/Khan/genqlient v0.8.1
|
||||
github.com/dagger/otel-go v1.43.0
|
||||
github.com/vektah/gqlparser/v2 v2.5.33
|
||||
go.opentelemetry.io/otel v1.43.0
|
||||
go.opentelemetry.io/otel/trace v1.43.0
|
||||
go.opentelemetry.io/otel v1.44.0
|
||||
go.opentelemetry.io/otel/trace v1.44.0
|
||||
)
|
||||
|
||||
require (
|
||||
@@ -21,33 +21,25 @@ require (
|
||||
github.com/grpc-ecosystem/grpc-gateway/v2 v2.28.0 // indirect
|
||||
github.com/sosodev/duration v1.4.0 // indirect
|
||||
go.opentelemetry.io/auto/sdk v1.2.1 // indirect
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.17.0 // indirect
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.17.0 // indirect
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.41.0 // indirect
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.41.0 // indirect
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.41.0 // indirect
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.41.0 // indirect
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.41.0 // indirect
|
||||
go.opentelemetry.io/otel/log v0.17.0 // indirect
|
||||
go.opentelemetry.io/otel/metric v1.43.0 // indirect
|
||||
go.opentelemetry.io/otel/sdk v1.43.0
|
||||
go.opentelemetry.io/otel/sdk/log v0.17.0 // indirect
|
||||
go.opentelemetry.io/otel/sdk/metric v1.43.0 // indirect
|
||||
go.opentelemetry.io/proto/otlp v1.9.0 // indirect
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.20.0 // indirect
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.20.0 // indirect
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.44.0 // indirect
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.44.0 // indirect
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.44.0 // indirect
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.44.0 // indirect
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.44.0 // indirect
|
||||
go.opentelemetry.io/otel/log v0.20.0 // indirect
|
||||
go.opentelemetry.io/otel/metric v1.44.0 // indirect
|
||||
go.opentelemetry.io/otel/sdk v1.44.0
|
||||
go.opentelemetry.io/otel/sdk/log v0.20.0 // indirect
|
||||
go.opentelemetry.io/otel/sdk/metric v1.44.0 // indirect
|
||||
go.opentelemetry.io/proto/otlp v1.10.0 // indirect
|
||||
golang.org/x/net v0.52.0 // indirect
|
||||
golang.org/x/sync v0.20.0 // indirect
|
||||
golang.org/x/sync v0.20.0
|
||||
golang.org/x/sys v0.44.0 // indirect
|
||||
golang.org/x/text v0.35.0 // indirect
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20260226221140-a57be14db171 // indirect
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20260226221140-a57be14db171 // indirect
|
||||
google.golang.org/grpc v1.79.3 // indirect
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20260401024825-9d38bb4040a9 // indirect
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20260401024825-9d38bb4040a9 // indirect
|
||||
google.golang.org/grpc v1.80.0 // indirect
|
||||
google.golang.org/protobuf v1.36.11 // indirect
|
||||
)
|
||||
|
||||
replace go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc => go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.19.0
|
||||
|
||||
replace go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp => go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.19.0
|
||||
|
||||
replace go.opentelemetry.io/otel/log => go.opentelemetry.io/otel/log v0.19.0
|
||||
|
||||
replace go.opentelemetry.io/otel/sdk/log => go.opentelemetry.io/otel/sdk/log v0.19.0
|
||||
|
||||
@@ -43,36 +43,65 @@ go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ
|
||||
go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y=
|
||||
go.opentelemetry.io/otel v1.43.0 h1:mYIM03dnh5zfN7HautFE4ieIig9amkNANT+xcVxAj9I=
|
||||
go.opentelemetry.io/otel v1.43.0/go.mod h1:JuG+u74mvjvcm8vj8pI5XiHy1zDeoCS2LB1spIq7Ay0=
|
||||
go.opentelemetry.io/otel v1.44.0 h1:JjwHmHpA4iZ3wBxluu2fbbE7j4kqlE8jXyAyPXH7HqU=
|
||||
go.opentelemetry.io/otel v1.44.0/go.mod h1:BMgjTHL9WPRlRjL2oZCBTL4whCGtXch2H4BhOPIAyYc=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.16.0 h1:ZVg+kCXxd9LtAaQNKBxAvJ5NpMf7LpvEr4MIZqb0TMQ=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.16.0/go.mod h1:hh0tMeZ75CCXrHd9OXRYxTlCAdxcXioWHFIpYw2rZu8=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.20.0 h1:rydZ9sxbcFdm/oWrVyfLTjHIygMgv0bEeMd+3B/BvoM=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.20.0/go.mod h1:earQ25dooT0Hhspq59DZ8YCC50jWfOlFEeWoxy/P444=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.16.0 h1:djrxvDxAe44mJUrKataUbOhCKhR3F8QCyWucO16hTQs=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.16.0/go.mod h1:dt3nxpQEiSoKvfTVxp3TUg5fHPLhKtbcnN3Z1I1ePD0=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.20.0 h1:owlhcJ3QO3X0YTDTCcDZ4V+6aVDkWbNmBoQ5NUp7Oww=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.20.0/go.mod h1:MP4eemTiI9zC8fgg+DYynhYDYf3ba72S376TvP+Ye0Q=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.41.0 h1:VO3BL6OZXRQ1yQc8W6EVfJzINeJ35BkiHx4MYfoQf44=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.41.0/go.mod h1:qRDnJ2nv3CQXMK2HUd9K9VtvedsPAce3S+/4LZHjX/s=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.44.0 h1:SUplec5dp06reu1zaXmOXdvqH398taqrDXqUl99jxSc=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.44.0/go.mod h1:ho2g4N+ane+swq5I/VBkKWnRDY4kUINH3FuqyZqX/Ug=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.41.0 h1:MMrOAN8H1FrvDyq9UJ4lu5/+ss49Qgfgb7Zpm0m8ABo=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.41.0/go.mod h1:Na+2NNASJtF+uT4NxDe0G+NQb+bUgdPDfwxY/6JmS/c=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.44.0 h1:RuynHbfU8JUEw7DyONgkVYg2SVtsoF28y0LGIr69jgA=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.44.0/go.mod h1:qZF+/lBs71APw8mlnEZcqZHMzqrYrsFiJOv83lX1OGo=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.41.0 h1:ao6Oe+wSebTlQ1OEht7jlYTzQKE+pnx/iNywFvTbuuI=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.41.0/go.mod h1:u3T6vz0gh/NVzgDgiwkgLxpsSF6PaPmo2il0apGJbls=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.44.0 h1:4YsVu3B8+3qtWYYrsUYgn0OG78pN0rnNPRGX4SbokQI=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.44.0/go.mod h1:+wnlSn0mD1ADVMe3v9Z/WIaiz6q6gL2J/ejaAmdmv80=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.41.0 h1:mq/Qcf28TWz719lE3/hMB4KkyDuLJIvgJnFGcd0kEUI=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.41.0/go.mod h1:yk5LXEYhsL2htyDNJbEq7fWzNEigeEdV5xBF/Y+kAv0=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.44.0 h1:qazEJlUOQzhCpzQpFETGby7EdqjI1wsd0W+6Gg1SCTU=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.44.0/go.mod h1:fOD2Yefuxixkx3ahVNf0O/PERb6r4OlbxfATVnYvzCo=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.41.0 h1:inYW9ZhgqiDqh6BioM7DVHHzEGVq76Db5897WLGZ5Go=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.41.0/go.mod h1:Izur+Wt8gClgMJqO/cZ8wdeeMryJ/xxiOVgFSSfpDTY=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.44.0 h1:lgh3PiVrRUWMLOVSkQicxzZll5NjF1r+AtsX1XRIHw0=
|
||||
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.44.0/go.mod h1:5Cnhth3m/AgOeTgE3ex12pPmiu/gGtZit03kSzx9X7s=
|
||||
go.opentelemetry.io/otel/log v0.16.0 h1:DeuBPqCi6pQwtCK0pO4fvMB5eBq6sNxEnuTs88pjsN4=
|
||||
go.opentelemetry.io/otel/log v0.16.0/go.mod h1:rWsmqNVTLIA8UnwYVOItjyEZDbKIkMxdQunsIhpUMes=
|
||||
go.opentelemetry.io/otel/log v0.20.0 h1:/5i0vuHxCLWUfChWG41K9wkM0jafruPw9NU1/RCJirs=
|
||||
go.opentelemetry.io/otel/log v0.20.0/go.mod h1:wOcMcjsZpG8x7Bak7IhSi/lg8wscV2C1VdrKCLPlt0E=
|
||||
go.opentelemetry.io/otel/metric v1.43.0 h1:d7638QeInOnuwOONPp4JAOGfbCEpYb+K6DVWvdxGzgM=
|
||||
go.opentelemetry.io/otel/metric v1.43.0/go.mod h1:RDnPtIxvqlgO8GRW18W6Z/4P462ldprJtfxHxyKd2PY=
|
||||
go.opentelemetry.io/otel/metric v1.44.0 h1:1w0gILTcHdr3YI+ixLyjemwrVnsMURbTZFrSYCdDdmc=
|
||||
go.opentelemetry.io/otel/metric v1.44.0/go.mod h1:8O7hanEPBNgEMmybD3s2VBKcgWOCsA6tzHBPODAiquo=
|
||||
go.opentelemetry.io/otel/sdk v1.43.0 h1:pi5mE86i5rTeLXqoF/hhiBtUNcrAGHLKQdhg4h4V9Dg=
|
||||
go.opentelemetry.io/otel/sdk v1.43.0/go.mod h1:P+IkVU3iWukmiit/Yf9AWvpyRDlUeBaRg6Y+C58QHzg=
|
||||
go.opentelemetry.io/otel/sdk v1.44.0 h1:nHYwb9lK+fJPU/dnT6s7W7Z8itMWyqrnVfbheVYrZ58=
|
||||
go.opentelemetry.io/otel/sdk v1.44.0/go.mod h1:Osuydd3Se74nqjAKxid74N5eC+jfEqfTegHRnq58oK0=
|
||||
go.opentelemetry.io/otel/sdk/log v0.16.0 h1:e/b4bdlQwC5fnGtG3dlXUrNOnP7c8YLVSpSfEBIkTnI=
|
||||
go.opentelemetry.io/otel/sdk/log v0.16.0/go.mod h1:JKfP3T6ycy7QEuv3Hj8oKDy7KItrEkus8XJE6EoSzw4=
|
||||
go.opentelemetry.io/otel/sdk/log v0.20.0 h1:vM3xI7TQgKPiSghe6urZtAkyFY7SodrSpC83CffDFuY=
|
||||
go.opentelemetry.io/otel/sdk/log v0.20.0/go.mod h1:Knej2nmsTUzN79T2eeXdRsjjPcoxoq2pUyUHz9TFyyU=
|
||||
go.opentelemetry.io/otel/sdk/log/logtest v0.16.0 h1:/XVkpZ41rVRTP4DfMgYv1nEtNmf65XPPyAdqV90TMy4=
|
||||
go.opentelemetry.io/otel/sdk/log/logtest v0.16.0/go.mod h1:iOOPgQr5MY9oac/F5W86mXdeyWZGleIx3uXO98X2R6Y=
|
||||
go.opentelemetry.io/otel/sdk/metric v1.43.0 h1:S88dyqXjJkuBNLeMcVPRFXpRw2fuwdvfCGLEo89fDkw=
|
||||
go.opentelemetry.io/otel/sdk/metric v1.43.0/go.mod h1:C/RJtwSEJ5hzTiUz5pXF1kILHStzb9zFlIEe85bhj6A=
|
||||
go.opentelemetry.io/otel/sdk/metric v1.44.0 h1:3LlKgI+VjbVsjNRFZJZAJ30WjXC5VkNRks6si09iEfI=
|
||||
go.opentelemetry.io/otel/sdk/metric v1.44.0/go.mod h1:5B5pMARnXxKhltooO4xUuCBorl65a4EpnTalObqOigA=
|
||||
go.opentelemetry.io/otel/trace v1.43.0 h1:BkNrHpup+4k4w+ZZ86CZoHHEkohws8AY+WTX09nk+3A=
|
||||
go.opentelemetry.io/otel/trace v1.43.0/go.mod h1:/QJhyVBUUswCphDVxq+8mld+AvhXZLhe+8WVFxiFff0=
|
||||
go.opentelemetry.io/otel/trace v1.44.0 h1:jxF5CsGYCe74MCRx2X4g7WsY/VBKRqqpNvXlX/6gtIk=
|
||||
go.opentelemetry.io/otel/trace v1.44.0/go.mod h1:oLl1jrMQAVo6v3GAggN+1VH9VIz9iUSvW53sW1Q8PIE=
|
||||
go.opentelemetry.io/proto/otlp v1.9.0 h1:l706jCMITVouPOqEnii2fIAuO3IVGBRPV5ICjceRb/A=
|
||||
go.opentelemetry.io/proto/otlp v1.9.0/go.mod h1:xE+Cx5E/eEHw+ISFkwPLwCZefwVjY+pqKg1qcK03+/4=
|
||||
go.opentelemetry.io/proto/otlp v1.10.0/go.mod h1:/CV4QoCR/S9yaPj8utp3lvQPoqMtxXdzn7ozvvozVqk=
|
||||
go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
|
||||
go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
|
||||
golang.org/x/net v0.52.0 h1:He/TN1l0e4mmR3QqHMT2Xab3Aj3L9qjbhRm78/6jrW0=
|
||||
@@ -87,10 +116,13 @@ gonum.org/v1/gonum v0.16.0 h1:5+ul4Swaf3ESvrOnidPp4GZbzf0mxVQpDCYUQE7OJfk=
|
||||
gonum.org/v1/gonum v0.16.0/go.mod h1:fef3am4MQ93R2HHpKnLk4/Tbh/s0+wqD5nfa6Pnwy4E=
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20260226221140-a57be14db171 h1:tu/dtnW1o3wfaxCOjSLn5IRX4YDcJrtlpzYkhHhGaC4=
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20260226221140-a57be14db171/go.mod h1:M5krXqk4GhBKvB596udGL3UyjL4I1+cTbK0orROM9ng=
|
||||
google.golang.org/genproto/googleapis/api v0.0.0-20260401024825-9d38bb4040a9/go.mod h1:7QBABkRtR8z+TEnmXTqIqwJLlzrZKVfAUm7tY3yGv0M=
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20260226221140-a57be14db171 h1:ggcbiqK8WWh6l1dnltU4BgWGIGo+EVYxCaAPih/zQXQ=
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20260226221140-a57be14db171/go.mod h1:4Hqkh8ycfw05ld/3BWL7rJOSfebL2Q+DVDeRgYgxUU8=
|
||||
google.golang.org/genproto/googleapis/rpc v0.0.0-20260401024825-9d38bb4040a9/go.mod h1:4Hqkh8ycfw05ld/3BWL7rJOSfebL2Q+DVDeRgYgxUU8=
|
||||
google.golang.org/grpc v1.79.3 h1:sybAEdRIEtvcD68Gx7dmnwjZKlyfuc61Dyo9pGXXkKE=
|
||||
google.golang.org/grpc v1.79.3/go.mod h1:KmT0Kjez+0dde/v2j9vzwoAScgEPx/Bw1CYChhHLrHQ=
|
||||
google.golang.org/grpc v1.80.0/go.mod h1:ho/dLnxwi3EDJA4Zghp7k2Ec1+c2jqup0bFkw07bwF4=
|
||||
google.golang.org/protobuf v1.36.11 h1:fV6ZwhNocDyBLK0dj+fg8ektcVegBBuEolpbTQyBNVE=
|
||||
google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco=
|
||||
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
||||
|
||||
+35
-12
@@ -338,7 +338,12 @@ func (m *Ci) Deployer(sshKey *dagger.Secret, knownHosts *dagger.Secret) *dagger.
|
||||
return dag.Container().
|
||||
From("alpine:3.21").
|
||||
WithExec([]string{"apk", "--no-cache", "add", "rsync", "openssh-client", "python3", "tar"}).
|
||||
WithMountedSecret("/root/.ssh/id_ed25519", sshKey, dagger.ContainerWithMountedSecretOpts{Mode: 0600}).
|
||||
// Mount at a raw path so we can normalise before use: strip any CRLF line
|
||||
// endings that appear when the key is stored or exported on Windows, which
|
||||
// cause "error in libcrypto" in Alpine's LibreSSL-backed openssh.
|
||||
WithMountedSecret("/root/.ssh/id_ed25519.raw", sshKey, dagger.ContainerWithMountedSecretOpts{Mode: 0600}).
|
||||
WithExec([]string{"sh", "-c",
|
||||
"tr -d '\\r' < /root/.ssh/id_ed25519.raw > /root/.ssh/id_ed25519 && chmod 600 /root/.ssh/id_ed25519"}).
|
||||
WithMountedSecret("/root/.ssh/known_hosts", knownHosts, dagger.ContainerWithMountedSecretOpts{Mode: 0644}).
|
||||
WithEnvVariable("RSYNC_RSH", "ssh -i /root/.ssh/id_ed25519")
|
||||
}
|
||||
@@ -480,11 +485,18 @@ func (m *Ci) Check(ctx context.Context) (string, error) {
|
||||
ctx, cancel := context.WithTimeout(ctx, 30*time.Minute)
|
||||
defer cancel()
|
||||
|
||||
if _, err := m.CheckHygiene(ctx); err != nil {
|
||||
return "Hygiene check failed", err
|
||||
}
|
||||
if _, err := m.CheckLayers(ctx); err != nil {
|
||||
return "Layer check failed", err
|
||||
// Run cheap structural checks in parallel for faster fail detection.
|
||||
var fastEg errgroup.Group
|
||||
fastEg.Go(func() error {
|
||||
_, err := m.CheckHygiene(ctx)
|
||||
return err
|
||||
})
|
||||
fastEg.Go(func() error {
|
||||
_, err := m.CheckLayers(ctx)
|
||||
return err
|
||||
})
|
||||
if err := fastEg.Wait(); err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
checkSetup := m.setup(m.checkSrc())
|
||||
@@ -508,16 +520,19 @@ func (m *Ci) Check(ctx context.Context) (string, error) {
|
||||
return coverage, err
|
||||
}
|
||||
|
||||
// Use errgroup.Group (not WithContext) so a failing test does not cancel its
|
||||
// sibling via context — which would surface as "context canceled" in dagger
|
||||
// output and trigger spurious retries in check-dagger.
|
||||
var testBackend, testIntegration string
|
||||
eg, egCtx := errgroup.WithContext(ctx)
|
||||
var eg errgroup.Group
|
||||
eg.Go(func() error {
|
||||
var e error
|
||||
testBackend, e = m.TestBackend(egCtx)
|
||||
testBackend, e = m.TestBackend(ctx)
|
||||
return e
|
||||
})
|
||||
eg.Go(func() error {
|
||||
var e error
|
||||
testIntegration, e = m.TestIntegration(egCtx)
|
||||
testIntegration, e = m.TestIntegration(ctx)
|
||||
return e
|
||||
})
|
||||
if err := eg.Wait(); err != nil {
|
||||
@@ -559,6 +574,8 @@ func (m *Ci) BuildWebsite(
|
||||
knownHosts *dagger.Secret,
|
||||
sshUser string,
|
||||
sshHost string,
|
||||
// +optional
|
||||
commitHash string,
|
||||
) *dagger.Directory {
|
||||
buildHistory := m.GenerateBuildHistory(ctx, sshKey, knownHosts, sshUser, sshHost)
|
||||
|
||||
@@ -566,9 +583,13 @@ func (m *Ci) BuildWebsite(
|
||||
Include: []string{"website/"},
|
||||
}).WithDirectory("website/content/builds", buildHistory)
|
||||
|
||||
return m.Hugo().
|
||||
hugo := m.Hugo().
|
||||
WithDirectory("/src", websiteSource).
|
||||
WithWorkdir("/src/website").
|
||||
WithWorkdir("/src/website")
|
||||
if commitHash != "" {
|
||||
hugo = hugo.WithEnvVariable("HUGO_PARAMS_GITVERSION", commitHash)
|
||||
}
|
||||
return hugo.
|
||||
WithExec([]string{"hugo", "--minify"}).
|
||||
Directory("public")
|
||||
}
|
||||
@@ -580,8 +601,10 @@ func (m *Ci) PublishWebsite(
|
||||
knownHosts *dagger.Secret,
|
||||
sshUser string,
|
||||
sshHost string,
|
||||
// +optional
|
||||
commitHash string,
|
||||
) (string, error) {
|
||||
public := m.BuildWebsite(ctx, sshKey, knownHosts, sshUser, sshHost)
|
||||
public := m.BuildWebsite(ctx, sshKey, knownHosts, sshUser, sshHost, commitHash)
|
||||
|
||||
return m.Deployer(sshKey, knownHosts).
|
||||
WithDirectory("/public", public).
|
||||
|
||||
@@ -2963,6 +2963,20 @@ class EmailRepositoryImpl implements EmailRepository {
|
||||
}) async {
|
||||
if (query.length < 2) return [];
|
||||
final pattern = '%${query.toLowerCase()}%';
|
||||
|
||||
// Addresses we deliberately wrote to (sent folder) should appear before
|
||||
// addresses that happened to email us (inbox/other folders).
|
||||
final sentMailboxes = await (_db.select(_db.mailboxes)
|
||||
..where((t) {
|
||||
Expression<bool> cond = t.role.equals('sent');
|
||||
if (accountId != null) {
|
||||
cond = t.accountId.equals(accountId) & cond;
|
||||
}
|
||||
return cond;
|
||||
}))
|
||||
.get();
|
||||
final sentPaths = {for (final m in sentMailboxes) m.path};
|
||||
|
||||
final rows = await (_db.select(_db.emails)
|
||||
..where((t) {
|
||||
Expression<bool> cond = const Constant(true);
|
||||
@@ -2977,11 +2991,22 @@ class EmailRepositoryImpl implements EmailRepository {
|
||||
..limit(100))
|
||||
.get();
|
||||
|
||||
// Two passes: sent-folder rows first (prioritise recipients we chose),
|
||||
// then other rows (senders who contacted us).
|
||||
final sortedRows = [
|
||||
...rows.where((r) => sentPaths.contains(r.mailboxPath)),
|
||||
...rows.where((r) => !sentPaths.contains(r.mailboxPath)),
|
||||
];
|
||||
|
||||
final seen = <String>{};
|
||||
final results = <model.EmailAddress>[];
|
||||
final lowerQuery = query.toLowerCase();
|
||||
for (final row in rows) {
|
||||
for (final jsonStr in [row.fromJson, row.toAddresses, row.ccJson]) {
|
||||
for (final row in sortedRows) {
|
||||
final isSent = sentPaths.contains(row.mailboxPath);
|
||||
final fields = isSent
|
||||
? [row.toAddresses, row.ccJson, row.fromJson]
|
||||
: [row.fromJson, row.toAddresses, row.ccJson];
|
||||
for (final jsonStr in fields) {
|
||||
final list = jsonDecode(jsonStr) as List<dynamic>;
|
||||
for (final e in list) {
|
||||
final map = e as Map<String, dynamic>;
|
||||
|
||||
@@ -18,6 +18,7 @@ import 'package:sharedinbox/core/utils/format_utils.dart';
|
||||
import 'package:sharedinbox/core/utils/html_utils.dart';
|
||||
import 'package:sharedinbox/di.dart';
|
||||
import 'package:sharedinbox/ui/screens/email_action_helpers.dart';
|
||||
import 'package:sharedinbox/ui/widgets/email_headers_dialog.dart';
|
||||
import 'package:sharedinbox/ui/widgets/secure_email_webview.dart';
|
||||
import 'package:sharedinbox/ui/widgets/snooze_picker.dart';
|
||||
import 'package:url_launcher/url_launcher.dart';
|
||||
@@ -722,47 +723,7 @@ class _EmailDetailScreenState extends ConsumerState<EmailDetailScreen> {
|
||||
unawaited(
|
||||
showDialog<void>(
|
||||
context: context,
|
||||
builder: (ctx) => AlertDialog(
|
||||
title: const Text('Mail Headers'),
|
||||
content: SizedBox(
|
||||
width: double.maxFinite,
|
||||
child: ListView.builder(
|
||||
shrinkWrap: true,
|
||||
itemCount: body.headers.length,
|
||||
itemBuilder: (ctx, i) {
|
||||
final header = body.headers[i];
|
||||
return Container(
|
||||
color: i.isEven
|
||||
? Theme.of(ctx).colorScheme.surfaceContainerHighest
|
||||
: Theme.of(ctx).colorScheme.surface,
|
||||
padding: const EdgeInsets.symmetric(
|
||||
vertical: 4,
|
||||
horizontal: 8,
|
||||
),
|
||||
child: Row(
|
||||
crossAxisAlignment: CrossAxisAlignment.start,
|
||||
children: [
|
||||
Expanded(
|
||||
child: SelectableText(
|
||||
header.name,
|
||||
style: const TextStyle(fontWeight: FontWeight.bold),
|
||||
),
|
||||
),
|
||||
const SizedBox(width: 8),
|
||||
Expanded(flex: 2, child: SelectableText(header.value)),
|
||||
],
|
||||
),
|
||||
);
|
||||
},
|
||||
),
|
||||
),
|
||||
actions: [
|
||||
TextButton(
|
||||
onPressed: () => Navigator.pop(ctx),
|
||||
child: const Text('Close'),
|
||||
),
|
||||
],
|
||||
),
|
||||
builder: (ctx) => EmailHeadersDialog(headers: body.headers),
|
||||
),
|
||||
);
|
||||
}
|
||||
@@ -785,12 +746,13 @@ class _EmailDetailScreenState extends ConsumerState<EmailDetailScreen> {
|
||||
unawaited(
|
||||
showDialog<void>(
|
||||
context: context,
|
||||
builder: (ctx) => AlertDialog(
|
||||
title: const Text('Mail Structure'),
|
||||
content: SizedBox(
|
||||
width: double.maxFinite,
|
||||
child: ListView.builder(
|
||||
shrinkWrap: true,
|
||||
builder: (ctx) => Dialog.fullscreen(
|
||||
child: Scaffold(
|
||||
appBar: AppBar(
|
||||
title: const Text('Mail Structure'),
|
||||
leading: const CloseButton(),
|
||||
),
|
||||
body: ListView.builder(
|
||||
itemCount: rows.length,
|
||||
itemBuilder: (ctx, i) {
|
||||
final row = rows[i];
|
||||
@@ -819,12 +781,6 @@ class _EmailDetailScreenState extends ConsumerState<EmailDetailScreen> {
|
||||
},
|
||||
),
|
||||
),
|
||||
actions: [
|
||||
TextButton(
|
||||
onPressed: () => Navigator.pop(ctx),
|
||||
child: const Text('Close'),
|
||||
),
|
||||
],
|
||||
),
|
||||
),
|
||||
);
|
||||
|
||||
@@ -0,0 +1,258 @@
|
||||
import 'package:flutter/material.dart';
|
||||
import 'package:intl/intl.dart';
|
||||
|
||||
import 'package:sharedinbox/core/models/email.dart';
|
||||
|
||||
/// Full-screen dialog for browsing email headers, organised into groups.
|
||||
class EmailHeadersDialog extends StatelessWidget {
|
||||
const EmailHeadersDialog({super.key, required this.headers});
|
||||
final List<EmailHeader> headers;
|
||||
|
||||
@override
|
||||
Widget build(BuildContext context) {
|
||||
return Dialog.fullscreen(
|
||||
child: Scaffold(
|
||||
appBar: AppBar(
|
||||
title: const Text('Mail Headers'),
|
||||
leading: const CloseButton(),
|
||||
),
|
||||
body: _HeadersBody(headers: headers),
|
||||
),
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
class _HeadersBody extends StatelessWidget {
|
||||
const _HeadersBody({required this.headers});
|
||||
final List<EmailHeader> headers;
|
||||
|
||||
@override
|
||||
Widget build(BuildContext context) {
|
||||
final receivedHeaders = <EmailHeader>[];
|
||||
final listHeaders = <EmailHeader>[];
|
||||
final arcHeaders = <EmailHeader>[];
|
||||
final otherHeaders = <EmailHeader>[];
|
||||
// Maps X- prefix (e.g. "X-Google") → headers with that prefix.
|
||||
final xByPrefix = <String, List<EmailHeader>>{};
|
||||
|
||||
for (final h in headers) {
|
||||
final lower = h.name.toLowerCase();
|
||||
if (lower == 'received') {
|
||||
receivedHeaders.add(h);
|
||||
continue;
|
||||
}
|
||||
if (lower.startsWith('list-')) {
|
||||
listHeaders.add(h);
|
||||
continue;
|
||||
}
|
||||
if (lower.startsWith('arc-')) {
|
||||
arcHeaders.add(h);
|
||||
continue;
|
||||
}
|
||||
if (lower.startsWith('x-')) {
|
||||
final parts = h.name.split('-');
|
||||
// "X-Foo-Bar-Baz" → prefix "X-Foo"; "X-Single" → prefix "X-Single".
|
||||
final prefix = parts.length >= 3 ? '${parts[0]}-${parts[1]}' : h.name;
|
||||
xByPrefix.putIfAbsent(prefix, () => []).add(h);
|
||||
continue;
|
||||
}
|
||||
otherHeaders.add(h);
|
||||
}
|
||||
|
||||
final sections = <Widget>[];
|
||||
|
||||
if (otherHeaders.isNotEmpty) {
|
||||
sections.add(_HeadersSection(title: 'Headers', headers: otherHeaders));
|
||||
}
|
||||
if (listHeaders.isNotEmpty) {
|
||||
sections.add(
|
||||
_HeadersSection(title: 'List- Headers', headers: listHeaders),
|
||||
);
|
||||
}
|
||||
if (receivedHeaders.isNotEmpty) {
|
||||
sections.add(_ReceivedSection(headers: receivedHeaders));
|
||||
}
|
||||
if (arcHeaders.isNotEmpty) {
|
||||
sections.add(
|
||||
_HeadersSection(title: 'ARC- Headers', headers: arcHeaders),
|
||||
);
|
||||
}
|
||||
|
||||
// X- headers at bottom, each prefix in its own collapsible group.
|
||||
final sortedPrefixes = xByPrefix.keys.toList()
|
||||
..sort((a, b) => a.toLowerCase().compareTo(b.toLowerCase()));
|
||||
for (final prefix in sortedPrefixes) {
|
||||
sections.add(
|
||||
_HeadersSection(
|
||||
title: '$prefix Headers',
|
||||
headers: xByPrefix[prefix]!,
|
||||
),
|
||||
);
|
||||
}
|
||||
|
||||
return ListView(children: sections);
|
||||
}
|
||||
}
|
||||
|
||||
class _HeadersSection extends StatelessWidget {
|
||||
const _HeadersSection({required this.title, required this.headers});
|
||||
|
||||
final String title;
|
||||
final List<EmailHeader> headers;
|
||||
|
||||
@override
|
||||
Widget build(BuildContext context) {
|
||||
return ExpansionTile(
|
||||
title: Text('$title (${headers.length})'),
|
||||
children: [
|
||||
for (var i = 0; i < headers.length; i++)
|
||||
_HeaderRow(header: headers[i], index: i),
|
||||
],
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
/// Received headers section — collapsed by default; shows inter-hop delays.
|
||||
class _ReceivedSection extends StatelessWidget {
|
||||
const _ReceivedSection({required this.headers});
|
||||
final List<EmailHeader> headers;
|
||||
|
||||
@override
|
||||
Widget build(BuildContext context) {
|
||||
final entries = _buildEntries(headers);
|
||||
return ExpansionTile(
|
||||
title: Text('Received (${headers.length})'),
|
||||
children: [
|
||||
for (var i = 0; i < entries.length; i++) ...[
|
||||
_HeaderRow(header: entries[i].header, index: i),
|
||||
if (entries[i].delay != null) _DelayRow(delay: entries[i].delay!),
|
||||
],
|
||||
],
|
||||
);
|
||||
}
|
||||
|
||||
static List<_ReceivedEntry> _buildEntries(List<EmailHeader> headers) {
|
||||
final timestamps =
|
||||
headers.map((h) => _parseReceivedTimestamp(h.value)).toList();
|
||||
return [
|
||||
for (var i = 0; i < headers.length; i++)
|
||||
_ReceivedEntry(
|
||||
header: headers[i],
|
||||
delay: _computeDelay(timestamps, i),
|
||||
),
|
||||
];
|
||||
}
|
||||
|
||||
static Duration? _computeDelay(List<DateTime?> timestamps, int i) {
|
||||
if (i >= timestamps.length - 1) return null;
|
||||
final current = timestamps[i];
|
||||
final next = timestamps[i + 1];
|
||||
if (current == null || next == null) return null;
|
||||
final d = current.difference(next);
|
||||
return d.isNegative ? Duration.zero : d;
|
||||
}
|
||||
}
|
||||
|
||||
class _ReceivedEntry {
|
||||
const _ReceivedEntry({required this.header, this.delay});
|
||||
final EmailHeader header;
|
||||
final Duration? delay;
|
||||
}
|
||||
|
||||
class _HeaderRow extends StatelessWidget {
|
||||
const _HeaderRow({required this.header, required this.index});
|
||||
final EmailHeader header;
|
||||
final int index;
|
||||
|
||||
@override
|
||||
Widget build(BuildContext context) {
|
||||
final bg = index.isEven
|
||||
? Theme.of(context).colorScheme.surfaceContainerHighest
|
||||
: Theme.of(context).colorScheme.surface;
|
||||
return Container(
|
||||
color: bg,
|
||||
padding: const EdgeInsets.symmetric(vertical: 4, horizontal: 8),
|
||||
child: Row(
|
||||
crossAxisAlignment: CrossAxisAlignment.start,
|
||||
children: [
|
||||
Expanded(
|
||||
child: SelectableText(
|
||||
header.name,
|
||||
style: const TextStyle(fontWeight: FontWeight.bold),
|
||||
),
|
||||
),
|
||||
const SizedBox(width: 8),
|
||||
Expanded(flex: 2, child: SelectableText(header.value)),
|
||||
],
|
||||
),
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
class _DelayRow extends StatelessWidget {
|
||||
const _DelayRow({required this.delay});
|
||||
final Duration delay;
|
||||
|
||||
@override
|
||||
Widget build(BuildContext context) {
|
||||
final color = _delayColor(delay);
|
||||
return Padding(
|
||||
padding: const EdgeInsets.symmetric(horizontal: 16, vertical: 2),
|
||||
child: Row(
|
||||
children: [
|
||||
Icon(Icons.arrow_downward, size: 14, color: color),
|
||||
const SizedBox(width: 4),
|
||||
Text(
|
||||
_formatDuration(delay),
|
||||
style: TextStyle(
|
||||
fontSize: 12,
|
||||
color: color,
|
||||
fontWeight:
|
||||
delay.inSeconds >= 30 ? FontWeight.bold : FontWeight.normal,
|
||||
),
|
||||
),
|
||||
],
|
||||
),
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
/// Parses the RFC 2822 timestamp from a Received header value.
|
||||
///
|
||||
/// Received headers end with `; date`, e.g.:
|
||||
/// by mx.example.com; Mon, 1 Jan 2024 12:00:00 +0000 (UTC)
|
||||
DateTime? _parseReceivedTimestamp(String value) {
|
||||
final semiIndex = value.lastIndexOf(';');
|
||||
if (semiIndex < 0) return null;
|
||||
var s = value.substring(semiIndex + 1).trim();
|
||||
// Strip parenthesised comments like (UTC).
|
||||
s = s.replaceAll(RegExp(r'\([^)]*\)'), ' ').trim();
|
||||
// Strip leading day-of-week abbreviation like "Mon, ".
|
||||
s = s.replaceFirst(RegExp(r'^[A-Za-z]{2,4},\s*'), '');
|
||||
// Collapse runs of whitespace.
|
||||
s = s.replaceAll(RegExp(r'\s+'), ' ').trim();
|
||||
|
||||
for (final fmt in [
|
||||
DateFormat('dd MMM yyyy HH:mm:ss Z', 'en_US'),
|
||||
DateFormat('d MMM yyyy HH:mm:ss Z', 'en_US'),
|
||||
DateFormat('dd MMM yyyy HH:mm:ss', 'en_US'),
|
||||
DateFormat('d MMM yyyy HH:mm:ss', 'en_US'),
|
||||
]) {
|
||||
try {
|
||||
return fmt.parse(s);
|
||||
} catch (_) {}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
String _formatDuration(Duration d) {
|
||||
if (d.inSeconds < 60) return '${d.inSeconds}s';
|
||||
if (d.inMinutes < 60) return '${d.inMinutes}m ${d.inSeconds.remainder(60)}s';
|
||||
return '${d.inHours}h ${d.inMinutes.remainder(60)}m';
|
||||
}
|
||||
|
||||
Color _delayColor(Duration d) {
|
||||
if (d.inSeconds < 30) return Colors.green;
|
||||
if (d.inSeconds < 300) return Colors.orange;
|
||||
return Colors.red;
|
||||
}
|
||||
@@ -11,6 +11,29 @@
|
||||
{
|
||||
"matchUpdateTypes": ["minor", "patch", "pin", "digest", "lockFileMaintenance"],
|
||||
"addLabels": ["automerge"]
|
||||
},
|
||||
{
|
||||
"matchManagers": ["gomod"],
|
||||
"matchFileNames": ["ci/**"],
|
||||
"enabled": false
|
||||
}
|
||||
],
|
||||
"customManagers": [
|
||||
{
|
||||
"customType": "regex",
|
||||
"fileMatch": ["^\\.forgejo/Dockerfile$"],
|
||||
"matchStrings": ["DAGGER_VERSION=(?<currentValue>[0-9]+\\.[0-9]+\\.[0-9]+)"],
|
||||
"depNameTemplate": "dagger/dagger",
|
||||
"datasourceTemplate": "github-releases",
|
||||
"extractVersionTemplate": "^v(?<version>.*)$"
|
||||
},
|
||||
{
|
||||
"customType": "regex",
|
||||
"fileMatch": ["^DAGGER\\.md$"],
|
||||
"matchStrings": ["github:dagger/nix/v(?<currentValue>[0-9]+\\.[0-9]+\\.[0-9]+)#dagger"],
|
||||
"depNameTemplate": "dagger/dagger",
|
||||
"datasourceTemplate": "github-releases",
|
||||
"extractVersionTemplate": "^v(?<version>.*)$"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@@ -62,6 +62,7 @@ const _excluded = {
|
||||
'lib/ui/screens/about_screen.dart',
|
||||
'lib/ui/screens/email_action_helpers.dart',
|
||||
'lib/ui/utils/about_markdown.dart',
|
||||
'lib/ui/widgets/email_headers_dialog.dart',
|
||||
'lib/ui/widgets/email_tile.dart',
|
||||
'lib/core/sync/account_sync_manager.dart',
|
||||
'lib/core/sync/background_sync.dart',
|
||||
|
||||
@@ -23,10 +23,13 @@ export_secret() {
|
||||
local value
|
||||
value=$(jq -r --arg k "$name" '.[$k] // empty' "$SECRETS_JSON")
|
||||
if [ -n "${GITHUB_ENV:-}" ]; then
|
||||
# Use heredoc syntax for multiline-safe export
|
||||
# Use heredoc syntax for multiline-safe export.
|
||||
# Avoid adding a second trailing newline for values that already end with one
|
||||
# (e.g. SSH private keys), which can corrupt PEM parsing.
|
||||
{
|
||||
printf '%s<<__EOF__\n' "$name"
|
||||
printf '%s\n' "$value"
|
||||
printf '%s' "$value"
|
||||
[ "${value%$'\n'}" = "$value" ] && printf '\n'
|
||||
printf '__EOF__\n'
|
||||
} >> "$GITHUB_ENV"
|
||||
fi
|
||||
|
||||
@@ -0,0 +1,85 @@
|
||||
#!/usr/bin/env python3
|
||||
"""Tests for verify_playstore_deploy.py."""
|
||||
import os
|
||||
import sys
|
||||
import time
|
||||
import unittest
|
||||
from pathlib import Path
|
||||
from unittest.mock import MagicMock, patch
|
||||
|
||||
sys.path.insert(0, str(Path(__file__).parent))
|
||||
|
||||
import verify_playstore_deploy
|
||||
|
||||
|
||||
def _make_session(version_code, track="internal"):
|
||||
"""Return a mock AuthorizedSession with the given version code on the track."""
|
||||
session = MagicMock()
|
||||
|
||||
edit_resp = MagicMock()
|
||||
edit_resp.json.return_value = {"id": "edit-99"}
|
||||
session.post.return_value = edit_resp
|
||||
|
||||
track_resp = MagicMock()
|
||||
track_resp.json.return_value = {
|
||||
"releases": [{"versionCodes": [str(version_code)], "status": "completed"}]
|
||||
}
|
||||
session.get.return_value = track_resp
|
||||
session.delete.return_value = MagicMock()
|
||||
|
||||
return session
|
||||
|
||||
|
||||
class TestMissingEnv(unittest.TestCase):
|
||||
def test_missing_env_exits(self):
|
||||
with patch.dict(os.environ, {}, clear=True):
|
||||
with self.assertRaises(SystemExit) as ctx:
|
||||
verify_playstore_deploy.main()
|
||||
self.assertEqual(ctx.exception.code, 1)
|
||||
|
||||
|
||||
class TestRecentDeploy(unittest.TestCase):
|
||||
def _run(self, version_code):
|
||||
session = _make_session(version_code)
|
||||
with patch.dict(os.environ, {"PLAY_STORE_CONFIG_JSON": '{"type":"service_account"}'}):
|
||||
with patch("verify_playstore_deploy.service_account.Credentials.from_service_account_info"):
|
||||
with patch("verify_playstore_deploy.AuthorizedSession", return_value=session):
|
||||
verify_playstore_deploy.main()
|
||||
|
||||
def test_recent_version_code_passes(self):
|
||||
# Version code is Unix timestamp — a very recent one should pass.
|
||||
recent_vc = int(time.time()) - 60 # 1 minute ago
|
||||
self._run(recent_vc)
|
||||
|
||||
def test_old_version_code_fails(self):
|
||||
old_vc = int(time.time()) - 7200 # 2 hours ago
|
||||
with self.assertRaises(SystemExit) as ctx:
|
||||
self._run(old_vc)
|
||||
self.assertEqual(ctx.exception.code, 1)
|
||||
|
||||
|
||||
class TestEmptyTrack(unittest.TestCase):
|
||||
def _run_empty(self, releases):
|
||||
session = MagicMock()
|
||||
session.post.return_value = MagicMock(**{"json.return_value": {"id": "edit-1"}})
|
||||
session.get.return_value = MagicMock(**{"json.return_value": {"releases": releases}})
|
||||
session.delete.return_value = MagicMock()
|
||||
|
||||
with patch.dict(os.environ, {"PLAY_STORE_CONFIG_JSON": '{"type":"service_account"}'}):
|
||||
with patch("verify_playstore_deploy.service_account.Credentials.from_service_account_info"):
|
||||
with patch("verify_playstore_deploy.AuthorizedSession", return_value=session):
|
||||
verify_playstore_deploy.main()
|
||||
|
||||
def test_no_releases_exits(self):
|
||||
with self.assertRaises(SystemExit) as ctx:
|
||||
self._run_empty([])
|
||||
self.assertEqual(ctx.exception.code, 1)
|
||||
|
||||
def test_release_with_no_version_codes_exits(self):
|
||||
with self.assertRaises(SystemExit) as ctx:
|
||||
self._run_empty([{"status": "completed", "versionCodes": []}])
|
||||
self.assertEqual(ctx.exception.code, 1)
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
unittest.main()
|
||||
@@ -0,0 +1,94 @@
|
||||
#!/usr/bin/env python3
|
||||
"""Verify that the Android app was recently published to the Play Store internal track.
|
||||
|
||||
The publish-android pipeline sets versionCode = int(time.Now().Unix()), so a
|
||||
freshly deployed release always has a version code close to the current Unix
|
||||
timestamp. This script queries the internal track and fails if the latest
|
||||
version code is older than _MAX_DEPLOY_AGE_SECONDS, which would mean the
|
||||
deployment silently did not land.
|
||||
"""
|
||||
|
||||
import json
|
||||
import os
|
||||
import sys
|
||||
import time
|
||||
|
||||
from google.auth.transport.requests import AuthorizedSession
|
||||
from google.oauth2 import service_account
|
||||
|
||||
PACKAGE_NAME = "de.sharedinbox.mua"
|
||||
TRACK = "internal"
|
||||
_BASE = "https://androidpublisher.googleapis.com/androidpublisher/v3/applications"
|
||||
# Allow up to one hour for the build + upload to complete.
|
||||
_MAX_DEPLOY_AGE_SECONDS = 3600
|
||||
|
||||
|
||||
def main():
|
||||
config_json = os.environ.get("PLAY_STORE_CONFIG_JSON")
|
||||
if not config_json:
|
||||
print("Error: PLAY_STORE_CONFIG_JSON environment variable not set", file=sys.stderr)
|
||||
sys.exit(1)
|
||||
|
||||
creds = service_account.Credentials.from_service_account_info(
|
||||
json.loads(config_json),
|
||||
scopes=["https://www.googleapis.com/auth/androidpublisher"],
|
||||
)
|
||||
session = AuthorizedSession(creds)
|
||||
|
||||
# Open a read-only edit to query the current track state.
|
||||
edit_resp = session.post(f"{_BASE}/{PACKAGE_NAME}/edits", json={}, timeout=30)
|
||||
edit_resp.raise_for_status()
|
||||
edit_id = edit_resp.json()["id"]
|
||||
|
||||
try:
|
||||
track_resp = session.get(
|
||||
f"{_BASE}/{PACKAGE_NAME}/edits/{edit_id}/tracks/{TRACK}",
|
||||
timeout=30,
|
||||
)
|
||||
track_resp.raise_for_status()
|
||||
track_data = track_resp.json()
|
||||
finally:
|
||||
# Discard the edit — we made no changes.
|
||||
try:
|
||||
session.delete(f"{_BASE}/{PACKAGE_NAME}/edits/{edit_id}", timeout=30)
|
||||
except Exception:
|
||||
pass
|
||||
|
||||
releases = track_data.get("releases", [])
|
||||
if not releases:
|
||||
print(
|
||||
f"ERROR: No releases found on {TRACK} track — deploy may have failed silently",
|
||||
file=sys.stderr,
|
||||
)
|
||||
sys.exit(1)
|
||||
|
||||
all_version_codes = [
|
||||
int(vc)
|
||||
for release in releases
|
||||
for vc in release.get("versionCodes", [])
|
||||
]
|
||||
if not all_version_codes:
|
||||
print("ERROR: Latest release has no version codes", file=sys.stderr)
|
||||
sys.exit(1)
|
||||
|
||||
latest_vc = max(all_version_codes)
|
||||
now = int(time.time())
|
||||
# versionCode is set to Unix timestamp by PublishAndroid in ci/main.go.
|
||||
age_seconds = now - latest_vc
|
||||
|
||||
print(f"Latest version code on {TRACK} track: {latest_vc}")
|
||||
print(f"Current time: {now} — version code age: {age_seconds}s")
|
||||
|
||||
if age_seconds > _MAX_DEPLOY_AGE_SECONDS:
|
||||
print(
|
||||
f"::error::Latest version code {latest_vc} is {age_seconds}s old "
|
||||
f"(limit: {_MAX_DEPLOY_AGE_SECONDS}s). The deploy may have failed silently.",
|
||||
file=sys.stderr,
|
||||
)
|
||||
sys.exit(1)
|
||||
|
||||
print(f"OK: version {latest_vc} verified on {TRACK} track ({age_seconds}s old)")
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
main()
|
||||
@@ -497,6 +497,60 @@ void main() {
|
||||
},
|
||||
);
|
||||
|
||||
test(
|
||||
'searchAddresses prioritises sent-folder addresses over newer received',
|
||||
() async {
|
||||
final r = _makeRepos();
|
||||
await r.accounts.addAccount(_account, 'pw');
|
||||
|
||||
// Register the Sent mailbox so searchAddresses knows its role.
|
||||
await r.db.into(r.db.mailboxes).insert(
|
||||
MailboxesCompanion.insert(
|
||||
id: 'acc-1:Sent',
|
||||
accountId: 'acc-1',
|
||||
path: 'Sent',
|
||||
name: 'Sent',
|
||||
role: const Value('sent'),
|
||||
),
|
||||
);
|
||||
|
||||
// Older sent email: user deliberately wrote to info@foo.de.
|
||||
await r.db.into(r.db.emails).insert(
|
||||
EmailsCompanion.insert(
|
||||
id: 'acc-1:sent-1',
|
||||
accountId: 'acc-1',
|
||||
mailboxPath: 'Sent',
|
||||
uid: 1,
|
||||
receivedAt: DateTime(2025),
|
||||
toAddresses: const Value(
|
||||
'[{"name":"Foo","email":"info@foo.de"}]',
|
||||
),
|
||||
),
|
||||
);
|
||||
|
||||
// Newer received email: spam arrived today from info@spam.de.
|
||||
await r.db.into(r.db.emails).insert(
|
||||
EmailsCompanion.insert(
|
||||
id: 'acc-1:inbox-1',
|
||||
accountId: 'acc-1',
|
||||
mailboxPath: 'INBOX',
|
||||
uid: 2,
|
||||
receivedAt: DateTime(2026),
|
||||
fromJson: const Value(
|
||||
'[{"name":"Spam","email":"info@spam.de"}]',
|
||||
),
|
||||
),
|
||||
);
|
||||
|
||||
// Even though spam is newer, the sent-folder address should win.
|
||||
final results = await r.emails.searchAddresses(null, 'info');
|
||||
expect(results.map((a) => a.email).toList(), [
|
||||
'info@foo.de',
|
||||
'info@spam.de',
|
||||
]);
|
||||
},
|
||||
);
|
||||
|
||||
// ── IMAP method tests ────────────────────────────────────────────────────
|
||||
|
||||
test(
|
||||
|
||||
Reference in New Issue
Block a user