From 4e68d7f9d45a15fe1f54fb2d50532988b9f51b7f Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 5 Dec 2024 13:49:33 +0100 Subject: [PATCH 1/9] chore(deps): update pnpm to v8.15.9 (#3078) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- package.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package.json b/package.json index c3627f3ed3..afde84d534 100644 --- a/package.json +++ b/package.json @@ -4,10 +4,10 @@ "license": "Apache-2.0", "repository": "https://github.com/interledger/rafiki", "engines": { - "pnpm": "^8.15.4", + "pnpm": "^8.15.9", "node": "20" }, - "packageManager": "pnpm@8.15.5", + "packageManager": "pnpm@8.15.9", "scripts": { "preinstall": "npx only-allow pnpm", "lint": "eslint --max-warnings=0 --fix .", From d72fe7bd7d8267fc76d03e946cffe8a58a86eac7 Mon Sep 17 00:00:00 2001 From: Sarah Jones Date: Thu, 5 Dec 2024 15:52:29 +0200 Subject: [PATCH 2/9] chore: re-enable Prettier for docs (#3147) --- .prettierignore | 1 - packages/documentation/astro.config.mjs | 6 ++--- .../docs/integration/playground/overview.mdx | 5 ++-- .../docs/integration/prod/docker-compose.mdx | 10 ++++--- .../requirements/wallet-addresses.mdx | 25 +++++++++--------- .../requirements/webhook-events.mdx | 2 ++ .../docs/overview/concepts/telemetry.mdx | 20 +++++++------- .../src/content/docs/resources/glossary.mdx | 11 ++++---- .../src/partials/auth-variables.mdx | 8 +++--- .../src/partials/backend-variables.mdx | 12 ++++----- .../src/partials/frontend-variables.mdx | 26 +++++++++---------- 11 files changed, 66 insertions(+), 60 deletions(-) diff --git a/.prettierignore b/.prettierignore index f26e8fdf24..9339b81f63 100644 --- a/.prettierignore +++ b/.prettierignore @@ -14,5 +14,4 @@ build **/styles/*.css .docusaurus .cache-loader -packages/documentation/** .astro \ No newline at end of file diff --git a/packages/documentation/astro.config.mjs b/packages/documentation/astro.config.mjs index 6fcebb9397..bc4c6da494 100644 --- a/packages/documentation/astro.config.mjs +++ b/packages/documentation/astro.config.mjs @@ -257,9 +257,9 @@ export default defineConfig({ ], plugins: [ starlightLinksValidator({ - errorOnLocalLinks: false, - }), - ], + errorOnLocalLinks: false + }) + ] }), GraphQL({ schema: '../backend/src/graphql/schema.graphql', diff --git a/packages/documentation/src/content/docs/integration/playground/overview.mdx b/packages/documentation/src/content/docs/integration/playground/overview.mdx index cdc5b4cb24..f078cdb9ef 100644 --- a/packages/documentation/src/content/docs/integration/playground/overview.mdx +++ b/packages/documentation/src/content/docs/integration/playground/overview.mdx @@ -178,6 +178,7 @@ You can either trigger the debugger by adding `debugger` statements in the code #### Debugging with VS Code: To debug with VS Code, add this configuration to your `.vscode/launch.json`: + ```json { "name": "Attach to docker (cloud-nine-backend)", @@ -220,7 +221,7 @@ The following are the most commonly used commands: | pnpm localenv:compose up | Start (with TigerBeetle) | | pnpm localenv:compose up -d | Start (with TigerBeetle) detached | | pnpm localenv:compose down | Down (with TigerBeetle) | -| pnpm localenv:compose down --volumes | Down and kill volumes (with TigerBeetle) +| pnpm localenv:compose down --volumes | Down and kill volumes (with TigerBeetle) | | pnpm localenv:compose down --volumes --rmi all | Down, kill volumes (with TigerBeetle) and images | | pnpm localenv:compose:psql config | Show all merged config (with PostgreSQL) | | pnpm localenv:compose build | Build all the containers (with TigerBeetle) | @@ -292,4 +293,4 @@ test.rafiki.viXmy1OVHgvmQakNjX1C6kQMri92DzHeISEv-5VzTDuFhrpsrkDzsq5OO9Lfa9yed0L2 #### TigerBeetle container exists with code 137 -There is a known issue when running TigerBeetle in Docker. The container exits without logs and simply shows error code 137. To fix this, increase the Docker memory limit. If you run the local Docker playground on a Windows machine via the Windows Subsystem for Linux (WSL), you can increase the memory limit by configuring your `.wslconfig` file. \ No newline at end of file +There is a known issue when running TigerBeetle in Docker. The container exits without logs and simply shows error code 137. To fix this, increase the Docker memory limit. If you run the local Docker playground on a Windows machine via the Windows Subsystem for Linux (WSL), you can increase the memory limit by configuring your `.wslconfig` file. diff --git a/packages/documentation/src/content/docs/integration/prod/docker-compose.mdx b/packages/documentation/src/content/docs/integration/prod/docker-compose.mdx index b214273aae..9f206994b4 100644 --- a/packages/documentation/src/content/docs/integration/prod/docker-compose.mdx +++ b/packages/documentation/src/content/docs/integration/prod/docker-compose.mdx @@ -37,8 +37,12 @@ Deploy a general purpose VM with the following minimum specifications: Install the following software on the VM: -- Docker Engine -- Docker Compose +- + Docker Engine + +- + Docker Compose + ### Install Nginx and Certbot @@ -263,7 +267,7 @@ Create nginx configuration files for every exposed domain: | Open Payments resource server | DOMAIN | myrafiki.com | /etc/nginx/sites-available/open_payments_resource_server.config | | ILP Connector | ilp.DOMAIN | ilp.myrafiki.com | /etc/nginx/sites-available/ilp.config | | Open Payments auth server | auth.DOMAIN | auth.myrafiki.com | /etc/nginx/sites-available/open_payments_auth_server.config | -| Admin UI | admin.DOMAIN | admin.myrafiki.com | /etc/nginx/sites-available/admin.config | +| Admin UI | admin.DOMAIN | admin.myrafiki.com | /etc/nginx/sites-available/admin.config | diff --git a/packages/documentation/src/content/docs/integration/requirements/wallet-addresses.mdx b/packages/documentation/src/content/docs/integration/requirements/wallet-addresses.mdx index 0cf5ace685..fec4af6a08 100644 --- a/packages/documentation/src/content/docs/integration/requirements/wallet-addresses.mdx +++ b/packages/documentation/src/content/docs/integration/requirements/wallet-addresses.mdx @@ -11,6 +11,7 @@ Each payment account belonging to your users (e.g., customers) must have at leas - Your Rafiki instance must be set up for at least one asset before wallet addresses can be created as each wallet address must have an asset assigned to it. - Wallet address URLs are treated as case-insensitive, meaning that both lowercase and uppercase variations of the same address will be recognized as identical. + ::: ## Create wallet addresses @@ -84,12 +85,12 @@ We strongly recommend you store at least the `walletAddress.id` in your internal
-|Variable | Description | -|-------- | ----------- | -| `assetId` | The unique ID of the asset, assigned by Rafiki when the asset was created, that the wallet address's underlying payment account is denominated in | -| `publicName` | The public name associated with the wallet address | -| `url` | The wallet address's case-insensitive URL | -| `additionalProperties` | Optional [additional properties](/apis/graphql/backend/inputobjects/#additionalpropertyinput) associated with the wallet address | +| Variable | Description | +| ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- | +| `assetId` | The unique ID of the asset, assigned by Rafiki when the asset was created, that the wallet address's underlying payment account is denominated in | +| `publicName` | The public name associated with the wallet address | +| `url` | The wallet address's case-insensitive URL | +| `additionalProperties` | Optional [additional properties](/apis/graphql/backend/inputobjects/#additionalpropertyinput) associated with the wallet address |
@@ -194,11 +195,11 @@ Open Payments -| Parameter | Required value | Description | -| --------- | -------------- | ----------- | -| `alg` | `EdDSA` | The algorithm used to generate the key pair | -| `kty` | `OKP` | The key type identifying the cryptographic algorithm family used with the key | -| `crv` | `Ed25519` | The cryptographic curve used with the key | +| Parameter | Required value | Description | +| --------- | -------------- | ----------------------------------------------------------------------------- | +| `alg` | `EdDSA` | The algorithm used to generate the key pair | +| `kty` | `OKP` | The key type identifying the cryptographic algorithm family used with the key | +| `crv` | `Ed25519` | The cryptographic curve used with the key | @@ -285,4 +286,4 @@ mutation RevokeWalletAddressKey($input: RevokeWalletAddressKeyInput!) { } ``` - \ No newline at end of file + diff --git a/packages/documentation/src/content/docs/integration/requirements/webhook-events.mdx b/packages/documentation/src/content/docs/integration/requirements/webhook-events.mdx index 661635b3ed..756bb1a841 100644 --- a/packages/documentation/src/content/docs/integration/requirements/webhook-events.mdx +++ b/packages/documentation/src/content/docs/integration/requirements/webhook-events.mdx @@ -163,6 +163,7 @@ Rafiki-Signature: t=, v= ### Prepare the signed payload string To recreate the signed payload string, concatenate the following. + - The timestamp extracted from the header - A period (.) character - The actual JSON payload from the request body, containing the `id`, `type`, and `data` attributes @@ -178,6 +179,7 @@ Use HMAC SHA-256 with the `SIGNATURE_SECRET` environment variable as the key and Finally, compare the signature in the header to the expected signature you generated. For security, use a constant-time comparison function to prevent timing attacks. ### Example + Below is an example in JavaScript to verify Rafiki's webhook signature: diff --git a/packages/documentation/src/content/docs/overview/concepts/telemetry.mdx b/packages/documentation/src/content/docs/overview/concepts/telemetry.mdx index f24c3b01a7..96bc7319cb 100644 --- a/packages/documentation/src/content/docs/overview/concepts/telemetry.mdx +++ b/packages/documentation/src/content/docs/overview/concepts/telemetry.mdx @@ -167,9 +167,9 @@ When the `ENABLE_TELEMETRY` variable is `true`, the following are required.
-| Variable name | Type | Description | -| ------------- | ---- | ----------- | -| `INSTANCE_NAME` | String | Your Rafiki instance's name used to communicate for telemetry and auto-peering. For telemetry, it's used to distinguish between the different instances pushing data to the telemetry collector. | Y | +| Variable name | Type | Description | +| --------------- | ------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | --- | +| `INSTANCE_NAME` | String | Your Rafiki instance's name used to communicate for telemetry and auto-peering. For telemetry, it's used to distinguish between the different instances pushing data to the telemetry collector. | Y |
@@ -177,13 +177,13 @@ When the `ENABLE_TELEMETRY` variable is `true`, the following are required.
-| Variable name | Type | Description | -| ------------- | ---- | ----------- | -| `ENABLE_TELEMETRY` | Boolean | Enables the telemetry service on Rafiki. Defaults to `true`. | -| `LIVENET` | Boolean | Determines where to send metrics. Defaults to `false`, resulting in metrics being sent to the testnet OTEL Collector.

Set to `true` on production environments dealing with real money.

| -| `OPEN_TELEMETRY_COLLECTOR_URLS` | String | A CSV of URLs for OTEL Collectors (e.g., `http://otel-collector-NLB-e3172ff9d2f4bc8a.elb.eu-west-2.amazonaws.com:4317,http://happy-life-otel-collector:4317`). | -| `OPEN_TELEMETRY_EXPORT_INTERVAL` | Number | Indicates, in milliseconds, how often the instrumented Rafiki instance should send metrics. Defaults to`15000`. | -| `TELEMETRY_EXCHANGE_RATES_URL` | String |

Defines the endpoint Rafiki will query for exchange rates. Used as a fallback if/when [exchange rates](/integration/requirements/exchange-rates) aren’t provided.

When set, the response format of the external exchange rates API should be of type `rates`, as is expected by the rate service.

Defaults to `https://telemetry-exchange-rates.s3.amazonaws.com/exchange-rates-usd.json`, which points to a public S3 that has the previously mentioned required format, updated daily.

| +| Variable name | Type | Description | +| -------------------------------- | ------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `ENABLE_TELEMETRY` | Boolean | Enables the telemetry service on Rafiki. Defaults to `true`. | +| `LIVENET` | Boolean | Determines where to send metrics. Defaults to `false`, resulting in metrics being sent to the testnet OTEL Collector.

Set to `true` on production environments dealing with real money.

| +| `OPEN_TELEMETRY_COLLECTOR_URLS` | String | A CSV of URLs for OTEL Collectors (e.g., `http://otel-collector-NLB-e3172ff9d2f4bc8a.elb.eu-west-2.amazonaws.com:4317,http://happy-life-otel-collector:4317`). | +| `OPEN_TELEMETRY_EXPORT_INTERVAL` | Number | Indicates, in milliseconds, how often the instrumented Rafiki instance should send metrics. Defaults to`15000`. | +| `TELEMETRY_EXCHANGE_RATES_URL` | String |

Defines the endpoint Rafiki will query for exchange rates. Used as a fallback if/when [exchange rates](/integration/requirements/exchange-rates) aren’t provided.

When set, the response format of the external exchange rates API should be of type `rates`, as is expected by the rate service.

Defaults to `https://telemetry-exchange-rates.s3.amazonaws.com/exchange-rates-usd.json`, which points to a public S3 that has the previously mentioned required format, updated daily.

|
diff --git a/packages/documentation/src/content/docs/resources/glossary.mdx b/packages/documentation/src/content/docs/resources/glossary.mdx index e2e7e0fbd7..4ac3065d05 100644 --- a/packages/documentation/src/content/docs/resources/glossary.mdx +++ b/packages/documentation/src/content/docs/resources/glossary.mdx @@ -62,7 +62,7 @@ An API standard and a set of APIs that allows clients to securely retrieve accou ## Outgoing payment -An object created by the sender’s ASE, on their resource server, that represents a payment being sent. This object contains information about the outgoing payment, such as the amount, currency, receiver’s wallet address, and payment status. +An object created by the sender’s ASE, on their resource server, that represents a payment being sent. This object contains information about the outgoing payment, such as the amount, currency, receiver’s wallet address, and payment status. ## Payment pointer @@ -78,14 +78,13 @@ An object created by the sender’s ASE, on their resource server, that represen ## Resource server -A server that hosts and manages access to protected Open Payments resources for incoming payments, quotes, and outgoing payments. +A server that hosts and manages access to protected Open Payments resources for incoming payments, quotes, and outgoing payments. Rafiki's `backend` service runs an Open Payments resource server. ## Simple Payment Setup Protocol (SPSP) -An Interledger application layer protocol for exchanging payment information between two counterparties to facilitate direct payments over Interledger. The information is then used to set up a STREAM connection. You can read more about SPSP in its specification -. +An Interledger application layer protocol for exchanging payment information between two counterparties to facilitate direct payments over Interledger. The information is then used to set up a STREAM connection. You can read more about SPSP in its specification. ## Streaming Transport for the Real-Time Exchange of Assets and Messages (STREAM) @@ -93,6 +92,6 @@ An Interledger transport layer protocol for sending and receiving authenticated ## Wallet address -A secure, unique URL that identifies an Open Payments-enabled account. It acts as an entry point to the Open Payments APIs, facilitating interactions like sending and receiving payments. +A secure, unique URL that identifies an Open Payments-enabled account. It acts as an entry point to the Open Payments APIs, facilitating interactions like sending and receiving payments. -A wallet address is publicly shareable and used to interact with the underlying payment account without compromising its security. Wallet address URLs are treated as case-insensitive, meaning that both lowercase and uppercase variations of the same address will be recognized as identical. \ No newline at end of file +A wallet address is publicly shareable and used to interact with the underlying payment account without compromising its security. Wallet address URLs are treated as case-insensitive, meaning that both lowercase and uppercase variations of the same address will be recognized as identical. diff --git a/packages/documentation/src/partials/auth-variables.mdx b/packages/documentation/src/partials/auth-variables.mdx index 663ee7a31d..d4851b48e3 100644 --- a/packages/documentation/src/partials/auth-variables.mdx +++ b/packages/documentation/src/partials/auth-variables.mdx @@ -4,8 +4,8 @@ import { LinkOut } from '@interledger/docs-design-system'
-| Variable | Helm value name | Default | Description | -| -------- | --------------- | ------- | ----------- | +| Variable | Helm value name | Default | Description | +| ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------- | | `AUTH_DATABASE_URL` | `auth.postgresql.host`,
`auth.postgresql.port`,
`auth.postgresql.username`,
`auth.postgresql.database`,
`auth.postgresql.password` | `postgresql://postgres:password@localhost:5432/auth_development` | The URL of the Postgres database storing your Open Payments grant data. For Helm, these components are provided individually. | | `AUTH_SERVER_URL` | `auth.server.domain` | _undefined_ | The public endpoint for your Rafiki instance’s public Open Payments routes. | | `COOKIE_KEY` | `auth.cookieKey` | _undefined_ | The koa KeyGrip key that is used to sign cookies for an interaction session. | @@ -19,8 +19,8 @@ import { LinkOut } from '@interledger/docs-design-system'
-| Variable | Helm value name | Default | Description | -| -------- | --------------- | ------- | ----------- | +| Variable | Helm value name | Default | Description | +| --------------------------------- | ----------------------------------- | ------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `ACCESS_TOKEN_DELETION_DAYS` | `auth.accessToken.deletionDays` | `30` | The days until expired and/or revoked access tokens are deleted. | | `ACCESS_TOKEN_EXPIRY_SECONDS` | `auth.accessToken.expirySeconds` | `600` (10 minutes) | The expiry time, in seconds, for access tokens. | | `ADMIN_API_SIGNATURE_VERSION` | `auth.adminApi.signatureVersion` | `1` | The version of the request signing algorithm used to generate signatures. | diff --git a/packages/documentation/src/partials/backend-variables.mdx b/packages/documentation/src/partials/backend-variables.mdx index b68cd50c06..68fdb527b0 100644 --- a/packages/documentation/src/partials/backend-variables.mdx +++ b/packages/documentation/src/partials/backend-variables.mdx @@ -4,8 +4,8 @@ import { LinkOut } from '@interledger/docs-design-system'
-| Variable | Helm value name | Default | Description | -| -------- | --------------- | ------- | ----------- | +| Variable | Helm value name | Default | Description | +| ------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------- | | `AUTH_SERVER_GRANT_URL` | `backend.serviceUrls.AUTH_SERVER_GRANT_URL` | _undefined_ | The endpoint on your Open Payments authorization server to grant a request. | | `AUTH_SERVER_INTROSPECTION_URL` | `backend.serviceUrls.AUTH_SERVER_INTROSPECTION_URL` | _undefined_ | The endpoint on your Open Payments authorization server to introspect an access token. | | `DATABASE_URL` | `backend.postgresql.host`,
`backend.postgresql.port`,
`backend.postgresql.username`,
`backend.postgresql.database`,
`backend.postgresql.password` | `postgresql://postgres:password@localhost:5432/development` | The Postgres database URL of the database storing your resource data. For Helm, these components are provided individually. | @@ -24,8 +24,8 @@ import { LinkOut } from '@interledger/docs-design-system'
-| Variable | Helm value name | Default | Description | -| -------- | --------------- | ------- | ----------- | +| Variable | Helm value name | Default | Description | +| --------------- | ----------------------- | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `INSTANCE_NAME` | `backend.instance.name` | _undefined_ | Your Rafiki instance's name used to communicate for auto-peering and/or [telemetry](/overview/concepts/telemetry). Required when auto-peering and/or telemetry is enabled |
@@ -34,8 +34,8 @@ import { LinkOut } from '@interledger/docs-design-system'
-| Variable | Helm value name | Default | Description | -| -------- | --------------- | ------- | ----------- | +| Variable | Helm value name | Default | Description | +| ----------------------------------------------------- | -------------------------------------------------------- | --------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `ADMIN_PORT` | `backend.port.admin` | `3001` | The port of your Backend Auth API server. | | `ADMIN_API_SIGNATURE_TTL_SECONDS` | _undefined_ | `30` | The TTL, in seconds, for which a request’s signature will be valid. | | `API_SECRET` | _undefined_ | _undefined_ | N/A | diff --git a/packages/documentation/src/partials/frontend-variables.mdx b/packages/documentation/src/partials/frontend-variables.mdx index a707bf1f54..6d39c11b15 100644 --- a/packages/documentation/src/partials/frontend-variables.mdx +++ b/packages/documentation/src/partials/frontend-variables.mdx @@ -4,11 +4,11 @@ import { LinkOut } from '@interledger/docs-design-system'
-| Variable | Helm value name | Default | Description | -| -------- | --------------- | ------- | ----------- | -| `GRAPHQL_URL` | `frontend.serviceUrls.GRAPHQL_URL` | _undefined_ | URL for Rafiki’s GraphQL Auth Admin API | -| `OPEN_PAYMENTS_URL` | `frontend.serviceUrls.OPEN_PAYMENTS_URL` | _undefined_ | Your Open Payments API endpoint | -| `PORT` | `frontend.port` | _undefined_ | Port from which to host the Rafiki Remix app | +| Variable | Helm value name | Default | Description | +| ------------------- | ---------------------------------------- | ----------- | -------------------------------------------- | +| `GRAPHQL_URL` | `frontend.serviceUrls.GRAPHQL_URL` | _undefined_ | URL for Rafiki’s GraphQL Auth Admin API | +| `OPEN_PAYMENTS_URL` | `frontend.serviceUrls.OPEN_PAYMENTS_URL` | _undefined_ | Your Open Payments API endpoint | +| `PORT` | `frontend.port` | _undefined_ | Port from which to host the Rafiki Remix app |
@@ -18,11 +18,11 @@ The following variables are required only when `AUTH_ENABLED` is set to `true`.
-| Variable | Helm value name | Default | Description | -| -------- | --------------- | ------- | ----------- | -| `KRATOS_ADMIN_URL` | `frontend.kratos.adminUrl` | _undefined_ | The admin endpoint/container address for Kratos | -| `KRATOS_CONTAINER_PUBLIC_URL` | `frontend.kratos.containerPublicUrl` | _undefined_ | The URL for you to access the Kratos Docker container from within the Docker network. This is used for backend calls to Kratos. | -| `KRATOS_BROWSER_PUBLIC_URL` | `frontend.kratos.browserPublicUrl` | _undefined_ | The URL for you to access the Kratos Docker container from a browser outside of the Docker network. This is used for calls from a browser (what you see in the Rafiki Admin UI) to the Kratos server on the backend. | +| Variable | Helm value name | Default | Description | +| ----------------------------- | ------------------------------------ | ----------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| `KRATOS_ADMIN_URL` | `frontend.kratos.adminUrl` | _undefined_ | The admin endpoint/container address for Kratos | +| `KRATOS_CONTAINER_PUBLIC_URL` | `frontend.kratos.containerPublicUrl` | _undefined_ | The URL for you to access the Kratos Docker container from within the Docker network. This is used for backend calls to Kratos. | +| `KRATOS_BROWSER_PUBLIC_URL` | `frontend.kratos.browserPublicUrl` | _undefined_ | The URL for you to access the Kratos Docker container from a browser outside of the Docker network. This is used for calls from a browser (what you see in the Rafiki Admin UI) to the Kratos server on the backend. |
@@ -30,8 +30,8 @@ The following variables are required only when `AUTH_ENABLED` is set to `true`.
-| Variable | Helm value name | Default | Description | -| -------- | --------------- | ------- | ----------- | +| Variable | Helm value name | Default | Description | +| -------------------------------- | -------------------------------------- | ------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `AUTH_ENABLED` | `frontend.authEnabled` | `true` | When `true`, only authenticated users can be granted access to Rafiki Admin by an administrator | | `SIGNATURE_SECRET` | `frontend.quoteSignatureSecret` | _undefined_ | The signature secret used to authenticate requests to the Backend Admin API. | | `SIGNATURE_VERSION` | `frontend.signatureVersion` | `1` | The signature version number used to authenticate requests to the Backend Admin API. | @@ -39,4 +39,4 @@ The following variables are required only when `AUTH_ENABLED` is set to `true`. | `NODE_ENV` | `frontend.nodeEnv` | `production` | The type of node environment: `development`, `test`, or `production`. | | `LOG_LEVEL` | `frontend.logLevel` | `info` | Pino log level | -
\ No newline at end of file +
From 6ef0a0696cee5fabd3e068041d8de302b807ac1e Mon Sep 17 00:00:00 2001 From: Max Kurapov Date: Fri, 6 Dec 2024 13:59:55 +0100 Subject: [PATCH 3/9] chore(backend): fix incrementCounterWithTransactionAmount function (#3146) --- .../backend/src/telemetry/service.test.ts | 59 ++++++++++++++++--- packages/backend/src/telemetry/service.ts | 11 ++-- 2 files changed, 56 insertions(+), 14 deletions(-) diff --git a/packages/backend/src/telemetry/service.test.ts b/packages/backend/src/telemetry/service.test.ts index c8e59f025f..c599b2d335 100644 --- a/packages/backend/src/telemetry/service.test.ts +++ b/packages/backend/src/telemetry/service.test.ts @@ -13,6 +13,7 @@ import { import { Counter, Histogram } from '@opentelemetry/api' import { privacy } from './privacy' import { mockRatesApi } from '../tests/rates' +import { ConvertResults } from '../rates/util' jest.mock('@opentelemetry/api', () => ({ ...jest.requireActual('@opentelemetry/api'), @@ -355,14 +356,17 @@ describe('Telemetry Service', () => { expect(internalConvertSpy).not.toHaveBeenCalled() }) - it('should apply privacy', async () => { + it('should apply privacy by default', async () => { const convertedAmount = 500n jest //"any" to access private ts class member variable // eslint-disable-next-line @typescript-eslint/no-explicit-any .spyOn(telemetryService as any, 'convertAmount') - .mockImplementation(() => Promise.resolve(convertedAmount)) + .mockResolvedValueOnce({ + scaledExchangeRate: 1, + amount: convertedAmount + } as ConvertResults) const applyPrivacySpy = jest .spyOn(privacy, 'applyPrivacy') .mockReturnValue(123) @@ -378,14 +382,49 @@ describe('Telemetry Service', () => { value: 100n, assetCode: 'USD', assetScale: 2 - } + }, + undefined ) expect(applyPrivacySpy).toHaveBeenCalledWith(Number(convertedAmount)) + expect(incrementCounterSpy).toHaveBeenCalledWith(counterName, 123, {}) + }) + + it('should not apply privacy if preservePrivacy is false', async () => { + const convertedAmount = 500n + + jest + //"any" to access private ts class member variable + // eslint-disable-next-line @typescript-eslint/no-explicit-any + .spyOn(telemetryService as any, 'convertAmount') + .mockResolvedValueOnce({ + scaledExchangeRate: 1, + amount: convertedAmount + } as ConvertResults) + + const applyPrivacySpy = jest.spyOn(privacy, 'applyPrivacy') + const incrementCounterSpy = jest.spyOn( + telemetryService, + 'incrementCounter' + ) + + const counterName = 'test_counter' + await telemetryService.incrementCounterWithTransactionAmount( + counterName, + { + value: 100n, + assetCode: 'USD', + assetScale: 2 + }, + undefined, + false + ) + + expect(applyPrivacySpy).not.toHaveBeenCalled() expect(incrementCounterSpy).toHaveBeenCalledWith( counterName, - 123, - expect.any(Object) + Number(convertedAmount), + {} ) }) @@ -421,7 +460,10 @@ describe('Telemetry Service', () => { //"any" to access private ts class member variable // eslint-disable-next-line @typescript-eslint/no-explicit-any .spyOn(telemetryService as any, 'convertAmount') - .mockImplementation(() => Promise.resolve(10000n)) + .mockResolvedValueOnce({ + scaledExchangeRate: 1, + amount: 100n + } as ConvertResults) const incrementCounterSpy = jest.spyOn( telemetryService, 'incrementCounter' @@ -437,14 +479,15 @@ describe('Telemetry Service', () => { value: 100n, assetCode: 'USD', assetScale: 2 - } + }, + { attribute: 'metric attribute' } ) expect(convertSpy).toHaveBeenCalled() expect(incrementCounterSpy).toHaveBeenCalledWith( counterName, obfuscatedAmount, - expect.any(Object) + { attribute: 'metric attribute' } ) }) }) diff --git a/packages/backend/src/telemetry/service.ts b/packages/backend/src/telemetry/service.ts index 30426df973..0075845ec4 100644 --- a/packages/backend/src/telemetry/service.ts +++ b/packages/backend/src/telemetry/service.ts @@ -173,14 +173,13 @@ export class TelemetryServiceImpl implements TelemetryService { return } - const obfuscatedAmount = preservePrivacy - ? privacy.applyPrivacy(Number(converted)) - : Number(converted) - this.incrementCounter(name, obfuscatedAmount, attributes) + const finalAmount = preservePrivacy + ? privacy.applyPrivacy(Number(converted.amount)) + : Number(converted.amount) + this.incrementCounter(name, finalAmount, attributes) } catch (e) { - this.deps.logger.error(e, `Unable to collect telemetry`) + this.deps.logger.error(e, 'Unable to collect telemetry') } - return Promise.resolve() } public recordHistogram( From 5c21c94b46435d7653d9f7d5ff5b4c1a03cf99b8 Mon Sep 17 00:00:00 2001 From: Blair Currey <12960453+BlairCurrey@users.noreply.github.com> Date: Fri, 6 Dec 2024 21:53:33 -0500 Subject: [PATCH 4/9] fix(backend): inverted rate (#3165) --- .../src/payment-method/local/service.test.ts | 11 ++++++++++ packages/backend/src/rates/util.test.ts | 20 ++++++++++--------- packages/backend/src/rates/util.ts | 2 +- 3 files changed, 23 insertions(+), 10 deletions(-) diff --git a/packages/backend/src/payment-method/local/service.test.ts b/packages/backend/src/payment-method/local/service.test.ts index 94cff4100e..72196b298d 100644 --- a/packages/backend/src/payment-method/local/service.test.ts +++ b/packages/backend/src/payment-method/local/service.test.ts @@ -58,6 +58,11 @@ describe('LocalPaymentService', (): void => { scale: 2 }) + assetMap['USD_9'] = await createAsset(deps, { + code: 'USD_9', + scale: 9 + }) + assetMap['EUR'] = await createAsset(deps, { code: 'EUR', scale: 2 @@ -67,6 +72,10 @@ describe('LocalPaymentService', (): void => { assetId: assetMap['USD'].id }) + walletAddressMap['USD_9'] = await createWalletAddress(deps, { + assetId: assetMap['USD_9'].id + }) + walletAddressMap['EUR'] = await createWalletAddress(deps, { assetId: assetMap['EUR'].id }) @@ -261,6 +270,7 @@ describe('LocalPaymentService', (): void => { ${'EUR'} | ${100n} | ${'USD'} | ${100n} | ${1.0} | ${'cross currency, same rate'} ${'EUR'} | ${100n} | ${'USD'} | ${112n} | ${0.9} | ${'cross currency, exchange rate < 1'} ${'EUR'} | ${100n} | ${'USD'} | ${50n} | ${2.0} | ${'cross currency, exchange rate > 1'} + ${'USD_9'} | ${100_000_000n} | ${'USD'} | ${10n} | ${1.0} | ${'local currency, different scale'} `( '$description', async ({ @@ -270,6 +280,7 @@ describe('LocalPaymentService', (): void => { expectedDebitAmount, exchangeRate }): Promise => { + if (incomingAssetCode !== 'USD_9') return let ratesScope if (incomingAssetCode !== debitAssetCode) { diff --git a/packages/backend/src/rates/util.test.ts b/packages/backend/src/rates/util.test.ts index 129f9a4631..f4e28f40da 100644 --- a/packages/backend/src/rates/util.test.ts +++ b/packages/backend/src/rates/util.test.ts @@ -1,8 +1,8 @@ import { convertSource, Asset, convertDestination } from './util' describe('Rates util', () => { - describe('convert', () => { - describe('convert same scales', () => { + describe('convertSource', () => { + describe('convertSource same scales', () => { test.each` exchangeRate | sourceAmount | assetScale | expectedResult | description ${1.5} | ${100n} | ${9} | ${{ amount: 150n, scaledExchangeRate: 1.5 }} | ${'exchange rate above 1'} @@ -31,11 +31,12 @@ describe('Rates util', () => { ) }) - describe('convert different scales', () => { + describe('convertSource different scales', () => { test.each` - exchangeRate | sourceAmount | sourceAssetScale | destinationAssetScale | expectedResult | description - ${1.5} | ${100n} | ${9} | ${12} | ${{ amount: 150_000n, scaledExchangeRate: 1500 }} | ${'convert scale from low to high'} - ${1.5} | ${100_000n} | ${12} | ${9} | ${{ amount: 150n, scaledExchangeRate: 0.0015 }} | ${'convert scale from high to low'} + exchangeRate | sourceAmount | sourceAssetScale | destinationAssetScale | expectedResult | description + ${1.5} | ${100n} | ${9} | ${12} | ${{ amount: 150_000n, scaledExchangeRate: 1500 }} | ${'convert scale from low to high'} + ${1.5} | ${100_000n} | ${12} | ${9} | ${{ amount: 150n, scaledExchangeRate: 0.0015 }} | ${'convert scale from high to low'} + ${1} | ${100_000_000n} | ${9} | ${2} | ${{ amount: 10n, scaledExchangeRate: 0.0000001 }} | ${'exchange rate of 1 with different scale'} `( '$description', async ({ @@ -57,7 +58,7 @@ describe('Rates util', () => { ) }) }) - describe('convert reverse', () => { + describe('convertDestination', () => { describe('convert same scales', () => { test.each` exchangeRate | destinationAmount | assetScale | expectedResult | description @@ -88,8 +89,9 @@ describe('Rates util', () => { describe('convert different scales', () => { test.each` exchangeRate | destinationAmount | sourceAssetScale | destinationAssetScale | expectedResult | description - ${2.0} | ${100n} | ${9} | ${12} | ${{ amount: 50_000n, scaledExchangeRate: 0.002 }} | ${'convert scale from low to high'} - ${2.0} | ${100_000n} | ${12} | ${9} | ${{ amount: 50n, scaledExchangeRate: 2000 }} | ${'convert scale from high to low'} + ${2.0} | ${100n} | ${12} | ${9} | ${{ amount: 50_000n, scaledExchangeRate: 0.002 }} | ${'convert scale from low to high'} + ${2.0} | ${100_000n} | ${9} | ${12} | ${{ amount: 50n, scaledExchangeRate: 2000 }} | ${'convert scale from high to low'} + ${1} | ${100_000_000n} | ${2} | ${9} | ${{ amount: 10n, scaledExchangeRate: 10000000 }} | ${'convert scale from high to low (same asset)'} `( '$description', async ({ diff --git a/packages/backend/src/rates/util.ts b/packages/backend/src/rates/util.ts index 5f5d35c3da..d6d789bebf 100644 --- a/packages/backend/src/rates/util.ts +++ b/packages/backend/src/rates/util.ts @@ -36,7 +36,7 @@ export function convertSource(opts: ConvertSourceOptions): ConvertResults { export function convertDestination( opts: ConvertDestinationOptions ): ConvertResults { - const scaleDiff = opts.sourceAsset.scale - opts.destinationAsset.scale + const scaleDiff = opts.destinationAsset.scale - opts.sourceAsset.scale const scaledExchangeRate = opts.exchangeRate * 10 ** scaleDiff return { From 61a4028797a705c1b6d98b57c4c7c3b00d8aa7c8 Mon Sep 17 00:00:00 2001 From: Max Kurapov Date: Sun, 8 Dec 2024 16:50:10 +0100 Subject: [PATCH 5/9] chore: add override for cross-spawn vulnerability (#3154) * chore: add override for cross-spawn vulnerability * chore: debugging trivy * Revert "chore: debugging trivy" This reverts commit c8434d22c2fdedca158874c54441e61f9c7f54ec. * chore(ci): trivy ignore * chore(ci): debug trivvy * Revert "chore(ci): debug trivvy" This reverts commit 81023c6c5e46c9f43f143ed2605e6989a12284ae. * chore(ci): debug trivy * chore(ci): checkout repo during trivy check * chore(ci): add expiry to ignored vulnerability * chore(ci): ignore vulnerability in grype * chore(ci): remove debug flag from trivy scan --- .github/workflows/node-build.yml | 2 ++ .grype.yaml | 2 ++ .trivyignore | 1 + package.json | 3 ++- pnpm-lock.yaml | 19 ++++++++++--------- 5 files changed, 17 insertions(+), 10 deletions(-) create mode 100644 .grype.yaml create mode 100644 .trivyignore diff --git a/.github/workflows/node-build.yml b/.github/workflows/node-build.yml index f9ffe1eb6a..c6904c034a 100644 --- a/.github/workflows/node-build.yml +++ b/.github/workflows/node-build.yml @@ -291,6 +291,7 @@ jobs: - backend - frontend steps: + - uses: actions/checkout@v4 - name: Fetch docker image from cache uses: actions/cache/restore@v4 with: @@ -326,6 +327,7 @@ jobs: - backend - frontend steps: + - uses: actions/checkout@v4 - name: Fetch docker image from cache uses: actions/cache/restore@v4 with: diff --git a/.grype.yaml b/.grype.yaml new file mode 100644 index 0000000000..e6cad11151 --- /dev/null +++ b/.grype.yaml @@ -0,0 +1,2 @@ +ignore: + - vulnerability: GHSA-3xgq-45jj-v275 diff --git a/.trivyignore b/.trivyignore new file mode 100644 index 0000000000..bdfddad256 --- /dev/null +++ b/.trivyignore @@ -0,0 +1 @@ +CVE-2024-21538 exp:2024-12-31 \ No newline at end of file diff --git a/package.json b/package.json index afde84d534..edd63bd4d4 100644 --- a/package.json +++ b/package.json @@ -78,7 +78,8 @@ "tar@<6.2.1": ">=6.2.1", "braces@<3.0.3": ">=3.0.3", "@grpc/grpc-js@>=1.10.0 <1.10.9": ">=1.10.9", - "dset@<3.1.4": ">=3.1.4" + "dset@<3.1.4": ">=3.1.4", + "cross-spawn@>=7.0.0 <7.0.5": ">=7.0.5" } } } diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 641900d859..6205a2327c 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -23,6 +23,7 @@ overrides: braces@<3.0.3: '>=3.0.3' '@grpc/grpc-js@>=1.10.0 <1.10.9': '>=1.10.9' dset@<3.1.4: '>=3.1.4' + cross-spawn@>=7.0.0 <7.0.5: '>=7.0.5' importers: @@ -5278,7 +5279,7 @@ packages: resolution: {integrity: sha512-wfzX8kc1PMyUILA+1Z/EqoE4UCXGy0iRGMhPwdfae1+f0OXlLqCk+By+aMzgJBzR9AzS4CDizioG6Ss1gvAFJw==} engines: {node: ^12.20.0 || ^14.18.0 || >=16.0.0} dependencies: - cross-spawn: 7.0.3 + cross-spawn: 7.0.6 is-glob: 4.0.3 open: 8.4.0 picocolors: 1.1.1 @@ -5398,7 +5399,7 @@ packages: cacache: 17.1.4 chalk: 4.1.2 chokidar: 3.5.3 - cross-spawn: 7.0.3 + cross-spawn: 7.0.6 dotenv: 16.4.1 es-module-lexer: 1.4.1 esbuild: 0.17.6 @@ -5488,7 +5489,7 @@ packages: cacache: 17.1.4 chalk: 4.1.2 chokidar: 3.5.3 - cross-spawn: 7.0.3 + cross-spawn: 7.0.6 dotenv: 16.4.1 es-module-lexer: 1.4.1 esbuild: 0.17.6 @@ -9072,8 +9073,8 @@ packages: dependencies: tslib: 2.8.0 - /cross-spawn@7.0.3: - resolution: {integrity: sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==} + /cross-spawn@7.0.6: + resolution: {integrity: sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==} engines: {node: '>= 8'} dependencies: path-key: 3.1.1 @@ -10460,7 +10461,7 @@ packages: '@ungap/structured-clone': 1.2.0 ajv: 6.12.6 chalk: 4.1.2 - cross-spawn: 7.0.3 + cross-spawn: 7.0.6 debug: 4.3.7(supports-color@9.4.0) doctrine: 3.0.0 escape-string-regexp: 4.0.0 @@ -10650,7 +10651,7 @@ packages: resolution: {integrity: sha512-8uSpZZocAZRBAPIEINJj3Lo9HyGitllczc27Eh5YYojjMFMn8yHMDMaUHE2Jqfq05D/wucwI4JGURyXt1vchyg==} engines: {node: '>=10'} dependencies: - cross-spawn: 7.0.3 + cross-spawn: 7.0.6 get-stream: 6.0.1 human-signals: 2.1.0 is-stream: 2.0.1 @@ -11004,7 +11005,7 @@ packages: resolution: {integrity: sha512-TMKDUnIte6bfb5nWv7V/caI169OHgvwjb7V4WkeUvbQQdjr5rWKqHFiKWb/fcOwB+CzBT+qbWjvj+DVwRskpIg==} engines: {node: '>=14'} dependencies: - cross-spawn: 7.0.3 + cross-spawn: 7.0.6 signal-exit: 4.1.0 dev: true @@ -15342,7 +15343,7 @@ packages: hasBin: true dependencies: ansi-styles: 6.2.1 - cross-spawn: 7.0.3 + cross-spawn: 7.0.6 memorystream: 0.3.1 minimatch: 9.0.3 pidtree: 0.6.0 From b83ac58fb4d29c9592e3717c727d190107f61831 Mon Sep 17 00:00:00 2001 From: Max Kurapov Date: Mon, 9 Dec 2024 12:27:44 +0100 Subject: [PATCH 6/9] fit(frontend): fix getOpenPaymentsUrl function (#3162) --- packages/frontend/app/shared/utils.ts | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/packages/frontend/app/shared/utils.ts b/packages/frontend/app/shared/utils.ts index b837ac39b7..bbcb147fc0 100644 --- a/packages/frontend/app/shared/utils.ts +++ b/packages/frontend/app/shared/utils.ts @@ -60,14 +60,18 @@ export function capitalize(str: string) { } export function getOpenPaymentsUrl() { - if (!process.env.OPEN_PAYMENTS_URL) { - throw new Error('Environment variable OPEN_PAYMENTS_URL is missing') - } - if (typeof window === 'undefined') { + if (!process.env.OPEN_PAYMENTS_URL) { + throw new Error('Environment variable OPEN_PAYMENTS_URL is missing') + } + return process.env.OPEN_PAYMENTS_URL } + if (!window.ENV.OPEN_PAYMENTS_URL) { + throw new Error('Environment variable OPEN_PAYMENTS_URL is missing') + } + return window.ENV.OPEN_PAYMENTS_URL } From cc9ef41c8b9e12304cdcb5f47b262d5c8f8f226a Mon Sep 17 00:00:00 2001 From: Max Kurapov Date: Tue, 10 Dec 2024 14:59:10 +0100 Subject: [PATCH 7/9] ci: create manifest list in release action (#3168) * ci: create manifest list in release action * ci: generate-release depends on push-manifest --- .github/workflows/node-build.yml | 34 +++++++++++++++++++++++++++++--- 1 file changed, 31 insertions(+), 3 deletions(-) diff --git a/.github/workflows/node-build.yml b/.github/workflows/node-build.yml index c6904c034a..8cf756e46b 100644 --- a/.github/workflows/node-build.yml +++ b/.github/workflows/node-build.yml @@ -266,7 +266,7 @@ jobs: push: false platforms: ${{ matrix.platform.arch }} file: packages/${{ matrix.package }}/Dockerfile.prod - tags: ghcr.io/${{ github.repository_owner }}/rafiki-${{ matrix.package }}:${{ needs.version-generator.outputs.version }} + tags: ghcr.io/${{ github.repository_owner }}/rafiki-${{ matrix.package }}-${{ matrix.platform.name }}:${{ needs.version-generator.outputs.version }} outputs: type=docker,dest=/tmp/${{ github.sha }}-${{ matrix.package }}-${{ matrix.platform.name }}-${{ needs.version-generator.outputs.version }}.tar - name: Save docker image to cache uses: actions/cache@v4 @@ -382,11 +382,38 @@ jobs: run: docker images - name: Push to registry run: | - docker push ghcr.io/${{ github.repository_owner }}/rafiki-${{ matrix.package }}:${{ needs.version-generator.outputs.version }} + docker push ghcr.io/${{ github.repository_owner }}/rafiki-${{ matrix.package }}-${{ matrix.platform.name }}:${{ needs.version-generator.outputs.version }} + + push-manifest: + name: Push multi-arch manifest list + needs: [version-generator, push] + runs-on: ubuntu-latest + if: needs.version-generator.outputs.dockerPush == 'true' + strategy: + matrix: + package: + - auth + - backend + - frontend + steps: + - name: Login to GHCR + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Create manifest list + run: | + docker manifest create ghcr.io/${{ github.repository_owner }}/rafiki-${{ matrix.package }}:${{ needs.version-generator.outputs.version }} \ + --amend ghcr.io/${{ github.repository_owner }}/rafiki-${{ matrix.package }}-amd64:${{ needs.version-generator.outputs.version }} \ + --amend ghcr.io/${{ github.repository_owner }}/rafiki-${{ matrix.package }}-arm64:${{ needs.version-generator.outputs.version }} + - name: Push manifest list + run: | + docker manifest push ghcr.io/${{ github.repository_owner }}/rafiki-${{ matrix.package }}:${{ needs.version-generator.outputs.version }} generate-release: runs-on: ubuntu-latest - needs: [push, version-generator] + needs: [push-manifest, version-generator] if: needs.version-generator.outputs.generateRelease == 'true' steps: - name: Checkout Code @@ -397,6 +424,7 @@ jobs: with: token: ${{ github.token }} tag: ${{ needs.version-generator.outputs.version }} + includeRefIssues: false - name: Create Release uses: ncipollo/release-action@v1.14.0 with: From 0b4cac3d2433839ba301a6dd0e43543b52017515 Mon Sep 17 00:00:00 2001 From: Max Kurapov Date: Wed, 11 Dec 2024 20:10:44 +0100 Subject: [PATCH 8/9] fix(backend): await signature verification (#3175) --- packages/backend/src/app.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/backend/src/app.ts b/packages/backend/src/app.ts index 3bbe8d2662..1b361bc4d3 100644 --- a/packages/backend/src/app.ts +++ b/packages/backend/src/app.ts @@ -385,7 +385,7 @@ export class App { if (this.config.adminApiSecret) { koa.use(async (ctx, next: Koa.Next): Promise => { - if (!verifyApiSignature(ctx, this.config)) { + if (!(await verifyApiSignature(ctx, this.config))) { ctx.throw(401, 'Unauthorized') } return next() From ee45d6162811db6a8ac460570abb944d95b1db4c Mon Sep 17 00:00:00 2001 From: Sarah Jones Date: Fri, 13 Dec 2024 12:04:04 +0200 Subject: [PATCH 9/9] feat: added basic site tracking using Umami (#3157) --- packages/documentation/astro.config.mjs | 9 +++++++++ packages/documentation/src/content/docs/index.mdx | 2 ++ 2 files changed, 11 insertions(+) diff --git a/packages/documentation/astro.config.mjs b/packages/documentation/astro.config.mjs index bc4c6da494..75eeced402 100644 --- a/packages/documentation/astro.config.mjs +++ b/packages/documentation/astro.config.mjs @@ -52,6 +52,15 @@ export default defineConfig({ src: '/scripts.js', defer: true } + }, + { + tag: 'script', + attrs: { + defer: true, + 'data-website-id': '75fba178-7dca-4874-adc9-50cf85c83528', + src: 'https://ilf-site-analytics.netlify.app/script.js', + 'data-domains': 'rafiki.dev' + } } ], logo: { diff --git a/packages/documentation/src/content/docs/index.mdx b/packages/documentation/src/content/docs/index.mdx index e7811da58f..56c1cc292f 100644 --- a/packages/documentation/src/content/docs/index.mdx +++ b/packages/documentation/src/content/docs/index.mdx @@ -9,6 +9,8 @@ hero: link: /overview/overview icon: open-book variant: primary + attrs: + data-umami-event: Landing page - Rafiki docs --- import { Card, CardGrid } from '@astrojs/starlight/components'