@valkyrianlabs/payload-markdown-docs 0.3.1 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +76 -176
- package/dist/admin/DocsSetManager.js +5 -3
- package/dist/admin/DocsSetManager.js.map +1 -1
- package/dist/admin/docsSetManagerData.d.ts +6 -5
- package/dist/admin/docsSetManagerData.js +60 -33
- package/dist/admin/docsSetManagerData.js.map +1 -1
- package/dist/admin/docsSetManagerTypes.d.ts +12 -9
- package/dist/admin/docsSetManagerTypes.js.map +1 -1
- package/dist/cli/commands/manifest.js +1 -2
- package/dist/cli/commands/manifest.js.map +1 -1
- package/dist/cli/commands/plan.js +1 -2
- package/dist/cli/commands/plan.js.map +1 -1
- package/dist/cli/commands/push.js +2 -5
- package/dist/cli/commands/push.js.map +1 -1
- package/dist/cli/commands/validate.js +11 -6
- package/dist/cli/commands/validate.js.map +1 -1
- package/dist/cli/index.js +5 -14
- package/dist/cli/index.js.map +1 -1
- package/dist/cli/parseArgs.js +0 -3
- package/dist/cli/parseArgs.js.map +1 -1
- package/dist/cli/types.d.ts +0 -3
- package/dist/cli/types.js.map +1 -1
- package/dist/collections/docs.js +0 -24
- package/dist/collections/docs.js.map +1 -1
- package/dist/collections/docsGroups.js +8 -9
- package/dist/collections/docsGroups.js.map +1 -1
- package/dist/collections/docsKeys.d.ts +5 -0
- package/dist/collections/docsKeys.js +44 -0
- package/dist/collections/docsKeys.js.map +1 -0
- package/dist/collections/docsSets.js +47 -202
- package/dist/collections/docsSets.js.map +1 -1
- package/dist/collections/docsTrusted.d.ts +5 -0
- package/dist/collections/docsTrusted.js +60 -0
- package/dist/collections/docsTrusted.js.map +1 -0
- package/dist/collections/index.d.ts +4 -0
- package/dist/collections/index.js +2 -0
- package/dist/collections/index.js.map +1 -1
- package/dist/constants.d.ts +3 -1
- package/dist/constants.js +3 -1
- package/dist/constants.js.map +1 -1
- package/dist/endpoints/sync.d.ts +6 -7
- package/dist/endpoints/sync.js +57 -124
- package/dist/endpoints/sync.js.map +1 -1
- package/dist/index.d.ts +2 -2
- package/dist/index.js +1 -1
- package/dist/index.js.map +1 -1
- package/dist/next/PayloadMarkdownDocsPage.js +2 -6
- package/dist/next/PayloadMarkdownDocsPage.js.map +1 -1
- package/dist/next/index.d.ts +2 -0
- package/dist/next/index.js +1 -0
- package/dist/next/index.js.map +1 -1
- package/dist/next/links.d.ts +11 -0
- package/dist/next/links.js +79 -0
- package/dist/next/links.js.map +1 -0
- package/dist/next/markdown.js +91 -19
- package/dist/next/markdown.js.map +1 -1
- package/dist/next/metadata.js +6 -6
- package/dist/next/metadata.js.map +1 -1
- package/dist/next/records.js +13 -23
- package/dist/next/records.js.map +1 -1
- package/dist/next/route.js +141 -49
- package/dist/next/route.js.map +1 -1
- package/dist/next/types.d.ts +0 -14
- package/dist/next/types.js.map +1 -1
- package/dist/payload/docsKeys.d.ts +20 -0
- package/dist/payload/docsKeys.js +29 -0
- package/dist/payload/docsKeys.js.map +1 -0
- package/dist/payload/docsSets.d.ts +32 -6
- package/dist/payload/docsSets.js +146 -83
- package/dist/payload/docsSets.js.map +1 -1
- package/dist/payload/docsTrusted.d.ts +16 -0
- package/dist/payload/docsTrusted.js +49 -0
- package/dist/payload/docsTrusted.js.map +1 -0
- package/dist/payload/index.d.ts +5 -1
- package/dist/payload/index.js +3 -1
- package/dist/payload/index.js.map +1 -1
- package/dist/plugin.js +36 -9
- package/dist/plugin.js.map +1 -1
- package/dist/security/githubOidc.d.ts +18 -5
- package/dist/security/githubOidc.js +44 -16
- package/dist/security/githubOidc.js.map +1 -1
- package/dist/security/index.d.ts +1 -1
- package/dist/security/index.js.map +1 -1
- package/dist/skills/codex/SKILL.md +3 -4
- package/dist/skills/codex/examples/github-actions.md +0 -2
- package/dist/skills/codex/reference/admin.md +0 -6
- package/dist/skills/codex/reference/routing.md +2 -1
- package/dist/skills/codex/reference/sync.md +7 -5
- package/dist/skills/codex/reference/troubleshooting.md +3 -4
- package/dist/skills/codex/reference/workflow.md +0 -1
- package/dist/sync/manifest.d.ts +1 -3
- package/dist/sync/manifest.js +2 -3
- package/dist/sync/manifest.js.map +1 -1
- package/dist/sync/validate.js +1 -2
- package/dist/sync/validate.js.map +1 -1
- package/dist/types.d.ts +7 -50
- package/dist/types.js.map +1 -1
- package/package.json +4 -4
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../src/collections/docsSets.ts"],"sourcesContent":["import type { CollectionConfig } from 'payload'\n\nimport { DOCS_SET_MANAGER_COMPONENT } from '../constants.js'\n\nexport type CreateDocsSetsCollectionOptions = {\n docsCollectionSlug?: string\n docsGroupsCollectionSlug: string\n slug: string\n syncRunsCollectionSlug?: string\n}\n\nexport const createDocsSetsCollection = ({\n slug,\n docsCollectionSlug,\n docsGroupsCollectionSlug,\n syncRunsCollectionSlug,\n}: CreateDocsSetsCollectionOptions): CollectionConfig => ({\n slug,\n admin: {\n defaultColumns: ['title', 'sourceId', 'routeBase', 'updatedAt'],\n group: 'Docs',\n useAsTitle: 'title',\n },\n fields: [\n {\n name: 'title',\n type: 'text',\n required: true,\n },\n {\n name: 'slug',\n type: 'text',\n index: true,\n required: true,\n },\n {\n name: 'sourceId',\n type: 'text',\n index: true,\n required: true,\n unique: true,\n },\n {\n name: 'sourceRoot',\n type: 'text',\n defaultValue: 'docs',\n },\n {\n name: 'group',\n type: 'relationship',\n relationTo: docsGroupsCollectionSlug,\n },\n {\n name: 'routeBase',\n type: 'text',\n index: true,\n required: true,\n unique: true,\n },\n {\n name: 'description',\n type: 'textarea',\n },\n {\n name: 'navTitle',\n type: 'text',\n },\n {\n name: 'order',\n type: 'number',\n defaultValue: 0,\n },\n {\n name: 'auth',\n type: 'group',\n admin: {\n description:\n 'Source-specific sync authentication policy. Use this instead of hardcoding docs sources in payload.config.ts.',\n },\n fields: [\n {\n name: 'ed25519',\n type: 'group',\n fields: [\n {\n name: 'keys',\n type: 'array',\n admin: {\n description:\n 'Public keys allowed to sync this docs set from local machines or non-GitHub CI.',\n },\n fields: [\n {\n name: 'keyId',\n type: 'text',\n required: true,\n },\n {\n name: 'publicKey',\n type: 'textarea',\n required: true,\n },\n ],\n },\n {\n name: 'maxSkewSeconds',\n type: 'number',\n },\n {\n name: 'nonceTtlSeconds',\n type: 'number',\n },\n ],\n },\n {\n name: 'githubOidc',\n type: 'group',\n fields: [\n {\n name: 'enabled',\n type: 'checkbox',\n defaultValue: false,\n },\n {\n name: 'audience',\n type: 'text',\n admin: {\n description:\n 'Optional override. Defaults to the plugin-level GitHub OIDC audience.',\n },\n },\n {\n name: 'allowedRepositories',\n type: 'array',\n admin: {\n description:\n 'GitHub repositories allowed to sync this docs set, for example valkyrianlabs/payload-markdown-docs.',\n },\n fields: [\n {\n name: 'value',\n type: 'text',\n required: true,\n },\n ],\n },\n {\n name: 'allowedRepositoryOwners',\n type: 'array',\n fields: [\n {\n name: 'value',\n type: 'text',\n required: true,\n },\n ],\n },\n {\n name: 'allowedRefs',\n type: 'array',\n admin: {\n description:\n 'Exact Git refs such as refs/heads/main or refs/tags/v0.2.1.',\n },\n fields: [\n {\n name: 'value',\n type: 'text',\n required: true,\n },\n ],\n },\n {\n name: 'allowedWorkflows',\n type: 'array',\n fields: [\n {\n name: 'value',\n type: 'text',\n required: true,\n },\n ],\n },\n {\n name: 'allowedWorkflowRefs',\n type: 'array',\n fields: [\n {\n name: 'value',\n type: 'text',\n required: true,\n },\n ],\n },\n {\n name: 'allowedEnvironments',\n type: 'array',\n fields: [\n {\n name: 'value',\n type: 'text',\n required: true,\n },\n ],\n },\n {\n name: 'allowPullRequests',\n type: 'checkbox',\n defaultValue: false,\n },\n {\n name: 'issuer',\n type: 'text',\n },\n {\n name: 'jwksUrl',\n type: 'text',\n },\n {\n name: 'maxSkewSeconds',\n type: 'number',\n },\n ],\n },\n ],\n },\n {\n name: 'defaults',\n type: 'group',\n fields: [\n {\n name: 'theme',\n type: 'text',\n },\n {\n name: 'heroEyebrow',\n type: 'text',\n },\n {\n name: 'heroTitle',\n type: 'text',\n },\n {\n name: 'heroDescription',\n type: 'textarea',\n },\n {\n name: 'seoTitle',\n type: 'text',\n },\n {\n name: 'seoDescription',\n type: 'textarea',\n },\n {\n name: 'sidebarMode',\n type: 'select',\n options: ['auto', 'manual', 'hidden'],\n },\n ],\n },\n {\n name: 'aiExport',\n type: 'json',\n admin: {\n description:\n 'Parsed index.ai.yml control data for the raw Markdown AI export route.',\n },\n },\n {\n name: 'sync',\n type: 'group',\n fields: [\n {\n name: 'lastSyncedAt',\n type: 'date',\n },\n ...(syncRunsCollectionSlug\n ? [\n {\n name: 'lastSyncRunId',\n type: 'relationship' as const,\n relationTo: syncRunsCollectionSlug,\n },\n ]\n : []),\n {\n name: 'lastStatus',\n type: 'select',\n options: ['failed', 'pending', 'success'],\n },\n {\n name: 'docsCount',\n type: 'number',\n defaultValue: 0,\n },\n ],\n },\n ...(docsCollectionSlug\n ? [\n {\n name: 'docsSetManager',\n type: 'ui' as const,\n admin: {\n components: {\n Field: DOCS_SET_MANAGER_COMPONENT,\n },\n custom: {\n docsCollectionSlug,\n docsSetsCollectionSlug: slug,\n },\n },\n },\n ]\n : []),\n ],\n})\n"],"names":["DOCS_SET_MANAGER_COMPONENT","createDocsSetsCollection","slug","docsCollectionSlug","docsGroupsCollectionSlug","syncRunsCollectionSlug","admin","defaultColumns","group","useAsTitle","fields","name","type","required","index","unique","defaultValue","relationTo","description","options","components","Field","custom","docsSetsCollectionSlug"],"mappings":"AAEA,SAASA,0BAA0B,QAAQ,kBAAiB;AAS5D,OAAO,MAAMC,2BAA2B,CAAC,EACvCC,IAAI,EACJC,kBAAkB,EAClBC,wBAAwB,EACxBC,sBAAsB,EACU,GAAwB,CAAA;QACxDH;QACAI,OAAO;YACLC,gBAAgB;gBAAC;gBAAS;gBAAY;gBAAa;aAAY;YAC/DC,OAAO;YACPC,YAAY;QACd;QACAC,QAAQ;YACN;gBACEC,MAAM;gBACNC,MAAM;gBACNC,UAAU;YACZ;YACA;gBACEF,MAAM;gBACNC,MAAM;gBACNE,OAAO;gBACPD,UAAU;YACZ;YACA;gBACEF,MAAM;gBACNC,MAAM;gBACNE,OAAO;gBACPD,UAAU;gBACVE,QAAQ;YACV;YACA;gBACEJ,MAAM;gBACNC,MAAM;gBACNI,cAAc;YAChB;YACA;gBACEL,MAAM;gBACNC,MAAM;gBACNK,YAAYb;YACd;YACA;gBACEO,MAAM;gBACNC,MAAM;gBACNE,OAAO;gBACPD,UAAU;gBACVE,QAAQ;YACV;YACA;gBACEJ,MAAM;gBACNC,MAAM;YACR;YACA;gBACED,MAAM;gBACNC,MAAM;YACR;YACA;gBACED,MAAM;gBACNC,MAAM;gBACNI,cAAc;YAChB;YACA;gBACEL,MAAM;gBACNC,MAAM;gBACNN,OAAO;oBACLY,aACE;gBACJ;gBACAR,QAAQ;oBACN;wBACEC,MAAM;wBACNC,MAAM;wBACNF,QAAQ;4BACN;gCACEC,MAAM;gCACNC,MAAM;gCACNN,OAAO;oCACLY,aACE;gCACJ;gCACAR,QAAQ;oCACN;wCACEC,MAAM;wCACNC,MAAM;wCACNC,UAAU;oCACZ;oCACA;wCACEF,MAAM;wCACNC,MAAM;wCACNC,UAAU;oCACZ;iCACD;4BACH;4BACA;gCACEF,MAAM;gCACNC,MAAM;4BACR;4BACA;gCACED,MAAM;gCACNC,MAAM;4BACR;yBACD;oBACH;oBACA;wBACED,MAAM;wBACNC,MAAM;wBACNF,QAAQ;4BACN;gCACEC,MAAM;gCACNC,MAAM;gCACNI,cAAc;4BAChB;4BACA;gCACEL,MAAM;gCACNC,MAAM;gCACNN,OAAO;oCACLY,aACE;gCACJ;4BACF;4BACA;gCACEP,MAAM;gCACNC,MAAM;gCACNN,OAAO;oCACLY,aACE;gCACJ;gCACAR,QAAQ;oCACN;wCACEC,MAAM;wCACNC,MAAM;wCACNC,UAAU;oCACZ;iCACD;4BACH;4BACA;gCACEF,MAAM;gCACNC,MAAM;gCACNF,QAAQ;oCACN;wCACEC,MAAM;wCACNC,MAAM;wCACNC,UAAU;oCACZ;iCACD;4BACH;4BACA;gCACEF,MAAM;gCACNC,MAAM;gCACNN,OAAO;oCACLY,aACE;gCACJ;gCACAR,QAAQ;oCACN;wCACEC,MAAM;wCACNC,MAAM;wCACNC,UAAU;oCACZ;iCACD;4BACH;4BACA;gCACEF,MAAM;gCACNC,MAAM;gCACNF,QAAQ;oCACN;wCACEC,MAAM;wCACNC,MAAM;wCACNC,UAAU;oCACZ;iCACD;4BACH;4BACA;gCACEF,MAAM;gCACNC,MAAM;gCACNF,QAAQ;oCACN;wCACEC,MAAM;wCACNC,MAAM;wCACNC,UAAU;oCACZ;iCACD;4BACH;4BACA;gCACEF,MAAM;gCACNC,MAAM;gCACNF,QAAQ;oCACN;wCACEC,MAAM;wCACNC,MAAM;wCACNC,UAAU;oCACZ;iCACD;4BACH;4BACA;gCACEF,MAAM;gCACNC,MAAM;gCACNI,cAAc;4BAChB;4BACA;gCACEL,MAAM;gCACNC,MAAM;4BACR;4BACA;gCACED,MAAM;gCACNC,MAAM;4BACR;4BACA;gCACED,MAAM;gCACNC,MAAM;4BACR;yBACD;oBACH;iBACD;YACH;YACA;gBACED,MAAM;gBACNC,MAAM;gBACNF,QAAQ;oBACN;wBACEC,MAAM;wBACNC,MAAM;oBACR;oBACA;wBACED,MAAM;wBACNC,MAAM;oBACR;oBACA;wBACED,MAAM;wBACNC,MAAM;oBACR;oBACA;wBACED,MAAM;wBACNC,MAAM;oBACR;oBACA;wBACED,MAAM;wBACNC,MAAM;oBACR;oBACA;wBACED,MAAM;wBACNC,MAAM;oBACR;oBACA;wBACED,MAAM;wBACNC,MAAM;wBACNO,SAAS;4BAAC;4BAAQ;4BAAU;yBAAS;oBACvC;iBACD;YACH;YACA;gBACER,MAAM;gBACNC,MAAM;gBACNN,OAAO;oBACLY,aACE;gBACJ;YACF;YACA;gBACEP,MAAM;gBACNC,MAAM;gBACNF,QAAQ;oBACN;wBACEC,MAAM;wBACNC,MAAM;oBACR;uBACIP,yBACA;wBACE;4BACEM,MAAM;4BACNC,MAAM;4BACNK,YAAYZ;wBACd;qBACD,GACD,EAAE;oBACN;wBACEM,MAAM;wBACNC,MAAM;wBACNO,SAAS;4BAAC;4BAAU;4BAAW;yBAAU;oBAC3C;oBACA;wBACER,MAAM;wBACNC,MAAM;wBACNI,cAAc;oBAChB;iBACD;YACH;eACIb,qBACA;gBACE;oBACEQ,MAAM;oBACNC,MAAM;oBACNN,OAAO;wBACLc,YAAY;4BACVC,OAAOrB;wBACT;wBACAsB,QAAQ;4BACNnB;4BACAoB,wBAAwBrB;wBAC1B;oBACF;gBACF;aACD,GACD,EAAE;SACP;IACH,CAAA,EAAE"}
|
|
1
|
+
{"version":3,"sources":["../../src/collections/docsSets.ts"],"sourcesContent":["import type { CollectionConfig } from 'payload'\n\nimport {\n DOCS_GLOBALS_ADMIN_GROUP,\n DOCS_SET_MANAGER_COMPONENT,\n} from '../constants.js'\n\nexport type CreateDocsSetsCollectionOptions = {\n docsCollectionSlug?: string\n docsGroupsCollectionSlug: string\n slug: string\n syncRunsCollectionSlug?: string\n}\n\nexport const createDocsSetsCollection = ({\n slug,\n docsCollectionSlug,\n docsGroupsCollectionSlug,\n syncRunsCollectionSlug,\n}: CreateDocsSetsCollectionOptions): CollectionConfig => ({\n slug,\n admin: {\n defaultColumns: ['title', 'slug', 'branch', 'updatedAt'],\n group: DOCS_GLOBALS_ADMIN_GROUP,\n useAsTitle: 'title',\n },\n fields: [\n {\n name: 'title',\n type: 'text',\n required: true,\n },\n {\n name: 'slug',\n type: 'text',\n index: true,\n required: true,\n unique: true,\n },\n {\n name: 'group',\n type: 'relationship',\n relationTo: docsGroupsCollectionSlug,\n },\n {\n name: 'branch',\n type: 'text',\n admin: {\n description:\n 'Git branch allowed to publish this docs set. The full Git ref is handled internally.',\n },\n defaultValue: 'main',\n },\n {\n name: 'allowPullRequests',\n type: 'checkbox',\n admin: {\n description:\n 'Allow GitHub pull request events to dry-run or publish this docs set.',\n },\n defaultValue: false,\n },\n {\n name: 'description',\n type: 'textarea',\n },\n {\n name: 'advancedSecurity',\n type: 'group',\n admin: {\n description:\n 'Optional workflow lock-down. Leave disabled to allow any workflow from a trusted GitHub owner/repository and branch.',\n },\n fields: [\n {\n name: 'enabled',\n type: 'checkbox',\n admin: {\n description:\n 'When enabled, only the workflow refs listed below can publish this docs set.',\n },\n defaultValue: false,\n },\n {\n name: 'allowedWorkflowRefs',\n type: 'array',\n admin: {\n condition: (_data, siblingData) => siblingData?.enabled === true,\n description:\n 'Exact GitHub workflow refs, for example owner/repo/.github/workflows/publish-docs.yml@refs/heads/main.',\n },\n fields: [\n {\n name: 'value',\n type: 'text',\n required: true,\n },\n ],\n validate: (value, { siblingData }) => {\n const advancedSecurityData =\n typeof siblingData === 'object' && siblingData !== null\n ? (siblingData as { enabled?: unknown })\n : undefined\n\n if (\n advancedSecurityData?.enabled === true &&\n (!Array.isArray(value) || value.length === 0)\n ) {\n return 'Add at least one workflow ref or disable advanced security.'\n }\n\n return true\n },\n },\n ],\n },\n {\n name: 'aiExport',\n type: 'json',\n admin: {\n description:\n 'Parsed index.ai.yml control data for the raw Markdown AI export route.',\n },\n },\n {\n name: 'sync',\n type: 'group',\n fields: [\n {\n name: 'lastSyncedAt',\n type: 'date',\n },\n ...(syncRunsCollectionSlug\n ? [\n {\n name: 'lastSyncRunId',\n type: 'relationship' as const,\n relationTo: syncRunsCollectionSlug,\n },\n ]\n : []),\n {\n name: 'lastStatus',\n type: 'select',\n options: ['failed', 'pending', 'success'],\n },\n {\n name: 'docsCount',\n type: 'number',\n defaultValue: 0,\n },\n ],\n },\n ...(docsCollectionSlug\n ? [\n {\n name: 'docsSetManager',\n type: 'ui' as const,\n admin: {\n components: {\n Field: DOCS_SET_MANAGER_COMPONENT,\n },\n custom: {\n docsCollectionSlug,\n docsGroupsCollectionSlug,\n docsSetsCollectionSlug: slug,\n },\n },\n },\n ]\n : []),\n ],\n labels: {\n plural: 'Sets',\n singular: 'Set',\n },\n})\n"],"names":["DOCS_GLOBALS_ADMIN_GROUP","DOCS_SET_MANAGER_COMPONENT","createDocsSetsCollection","slug","docsCollectionSlug","docsGroupsCollectionSlug","syncRunsCollectionSlug","admin","defaultColumns","group","useAsTitle","fields","name","type","required","index","unique","relationTo","description","defaultValue","condition","_data","siblingData","enabled","validate","value","advancedSecurityData","undefined","Array","isArray","length","options","components","Field","custom","docsSetsCollectionSlug","labels","plural","singular"],"mappings":"AAEA,SACEA,wBAAwB,EACxBC,0BAA0B,QACrB,kBAAiB;AASxB,OAAO,MAAMC,2BAA2B,CAAC,EACvCC,IAAI,EACJC,kBAAkB,EAClBC,wBAAwB,EACxBC,sBAAsB,EACU,GAAwB,CAAA;QACxDH;QACAI,OAAO;YACLC,gBAAgB;gBAAC;gBAAS;gBAAQ;gBAAU;aAAY;YACxDC,OAAOT;YACPU,YAAY;QACd;QACAC,QAAQ;YACN;gBACEC,MAAM;gBACNC,MAAM;gBACNC,UAAU;YACZ;YACA;gBACEF,MAAM;gBACNC,MAAM;gBACNE,OAAO;gBACPD,UAAU;gBACVE,QAAQ;YACV;YACA;gBACEJ,MAAM;gBACNC,MAAM;gBACNI,YAAYZ;YACd;YACA;gBACEO,MAAM;gBACNC,MAAM;gBACNN,OAAO;oBACLW,aACE;gBACJ;gBACAC,cAAc;YAChB;YACA;gBACEP,MAAM;gBACNC,MAAM;gBACNN,OAAO;oBACLW,aACE;gBACJ;gBACAC,cAAc;YAChB;YACA;gBACEP,MAAM;gBACNC,MAAM;YACR;YACA;gBACED,MAAM;gBACNC,MAAM;gBACNN,OAAO;oBACLW,aACE;gBACJ;gBACAP,QAAQ;oBACN;wBACEC,MAAM;wBACNC,MAAM;wBACNN,OAAO;4BACLW,aACE;wBACJ;wBACAC,cAAc;oBAChB;oBACA;wBACEP,MAAM;wBACNC,MAAM;wBACNN,OAAO;4BACLa,WAAW,CAACC,OAAOC,cAAgBA,aAAaC,YAAY;4BAC5DL,aACE;wBACJ;wBACAP,QAAQ;4BACN;gCACEC,MAAM;gCACNC,MAAM;gCACNC,UAAU;4BACZ;yBACD;wBACDU,UAAU,CAACC,OAAO,EAAEH,WAAW,EAAE;4BAC/B,MAAMI,uBACJ,OAAOJ,gBAAgB,YAAYA,gBAAgB,OAC9CA,cACDK;4BAEN,IACED,sBAAsBH,YAAY,QACjC,CAAA,CAACK,MAAMC,OAAO,CAACJ,UAAUA,MAAMK,MAAM,KAAK,CAAA,GAC3C;gCACA,OAAO;4BACT;4BAEA,OAAO;wBACT;oBACF;iBACD;YACH;YACA;gBACElB,MAAM;gBACNC,MAAM;gBACNN,OAAO;oBACLW,aACE;gBACJ;YACF;YACA;gBACEN,MAAM;gBACNC,MAAM;gBACNF,QAAQ;oBACN;wBACEC,MAAM;wBACNC,MAAM;oBACR;uBACIP,yBACA;wBACE;4BACEM,MAAM;4BACNC,MAAM;4BACNI,YAAYX;wBACd;qBACD,GACD,EAAE;oBACN;wBACEM,MAAM;wBACNC,MAAM;wBACNkB,SAAS;4BAAC;4BAAU;4BAAW;yBAAU;oBAC3C;oBACA;wBACEnB,MAAM;wBACNC,MAAM;wBACNM,cAAc;oBAChB;iBACD;YACH;eACIf,qBACA;gBACE;oBACEQ,MAAM;oBACNC,MAAM;oBACNN,OAAO;wBACLyB,YAAY;4BACVC,OAAOhC;wBACT;wBACAiC,QAAQ;4BACN9B;4BACAC;4BACA8B,wBAAwBhC;wBAC1B;oBACF;gBACF;aACD,GACD,EAAE;SACP;QACDiC,QAAQ;YACNC,QAAQ;YACRC,UAAU;QACZ;IACF,CAAA,EAAE"}
|
|
@@ -0,0 +1,60 @@
|
|
|
1
|
+
import { DOCS_GLOBALS_ADMIN_GROUP } from '../constants.js';
|
|
2
|
+
export const createDocsTrustedCollection = ({ slug })=>({
|
|
3
|
+
slug,
|
|
4
|
+
admin: {
|
|
5
|
+
defaultColumns: [
|
|
6
|
+
'title',
|
|
7
|
+
'owner',
|
|
8
|
+
'limitRepos',
|
|
9
|
+
'updatedAt'
|
|
10
|
+
],
|
|
11
|
+
group: DOCS_GLOBALS_ADMIN_GROUP,
|
|
12
|
+
useAsTitle: 'title'
|
|
13
|
+
},
|
|
14
|
+
fields: [
|
|
15
|
+
{
|
|
16
|
+
name: 'title',
|
|
17
|
+
type: 'text',
|
|
18
|
+
required: true
|
|
19
|
+
},
|
|
20
|
+
{
|
|
21
|
+
name: 'owner',
|
|
22
|
+
type: 'text',
|
|
23
|
+
admin: {
|
|
24
|
+
description: 'GitHub owner or organization trusted to publish docs through OIDC.'
|
|
25
|
+
},
|
|
26
|
+
index: true,
|
|
27
|
+
required: true,
|
|
28
|
+
unique: true
|
|
29
|
+
},
|
|
30
|
+
{
|
|
31
|
+
name: 'limitRepos',
|
|
32
|
+
type: 'checkbox',
|
|
33
|
+
admin: {
|
|
34
|
+
description: 'Leave off to trust every repository owned by this GitHub owner. Enable to list specific repositories.'
|
|
35
|
+
},
|
|
36
|
+
defaultValue: false
|
|
37
|
+
},
|
|
38
|
+
{
|
|
39
|
+
name: 'repositories',
|
|
40
|
+
type: 'array',
|
|
41
|
+
admin: {
|
|
42
|
+
condition: (_data, siblingData)=>siblingData?.limitRepos === true,
|
|
43
|
+
description: 'Repository names or owner/repository pairs allowed when repo limiting is enabled.'
|
|
44
|
+
},
|
|
45
|
+
fields: [
|
|
46
|
+
{
|
|
47
|
+
name: 'value',
|
|
48
|
+
type: 'text',
|
|
49
|
+
required: true
|
|
50
|
+
}
|
|
51
|
+
]
|
|
52
|
+
}
|
|
53
|
+
],
|
|
54
|
+
labels: {
|
|
55
|
+
plural: 'Trusted',
|
|
56
|
+
singular: 'Trusted'
|
|
57
|
+
}
|
|
58
|
+
});
|
|
59
|
+
|
|
60
|
+
//# sourceMappingURL=docsTrusted.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../../src/collections/docsTrusted.ts"],"sourcesContent":["import type { CollectionConfig } from 'payload'\n\nimport { DOCS_GLOBALS_ADMIN_GROUP } from '../constants.js'\n\nexport type CreateDocsTrustedCollectionOptions = {\n slug: string\n}\n\nexport const createDocsTrustedCollection = ({\n slug,\n}: CreateDocsTrustedCollectionOptions): CollectionConfig => ({\n slug,\n admin: {\n defaultColumns: ['title', 'owner', 'limitRepos', 'updatedAt'],\n group: DOCS_GLOBALS_ADMIN_GROUP,\n useAsTitle: 'title',\n },\n fields: [\n {\n name: 'title',\n type: 'text',\n required: true,\n },\n {\n name: 'owner',\n type: 'text',\n admin: {\n description:\n 'GitHub owner or organization trusted to publish docs through OIDC.',\n },\n index: true,\n required: true,\n unique: true,\n },\n {\n name: 'limitRepos',\n type: 'checkbox',\n admin: {\n description:\n 'Leave off to trust every repository owned by this GitHub owner. Enable to list specific repositories.',\n },\n defaultValue: false,\n },\n {\n name: 'repositories',\n type: 'array',\n admin: {\n condition: (_data, siblingData) => siblingData?.limitRepos === true,\n description:\n 'Repository names or owner/repository pairs allowed when repo limiting is enabled.',\n },\n fields: [\n {\n name: 'value',\n type: 'text',\n required: true,\n },\n ],\n },\n ],\n labels: {\n plural: 'Trusted',\n singular: 'Trusted',\n },\n})\n"],"names":["DOCS_GLOBALS_ADMIN_GROUP","createDocsTrustedCollection","slug","admin","defaultColumns","group","useAsTitle","fields","name","type","required","description","index","unique","defaultValue","condition","_data","siblingData","limitRepos","labels","plural","singular"],"mappings":"AAEA,SAASA,wBAAwB,QAAQ,kBAAiB;AAM1D,OAAO,MAAMC,8BAA8B,CAAC,EAC1CC,IAAI,EAC+B,GAAwB,CAAA;QAC3DA;QACAC,OAAO;YACLC,gBAAgB;gBAAC;gBAAS;gBAAS;gBAAc;aAAY;YAC7DC,OAAOL;YACPM,YAAY;QACd;QACAC,QAAQ;YACN;gBACEC,MAAM;gBACNC,MAAM;gBACNC,UAAU;YACZ;YACA;gBACEF,MAAM;gBACNC,MAAM;gBACNN,OAAO;oBACLQ,aACE;gBACJ;gBACAC,OAAO;gBACPF,UAAU;gBACVG,QAAQ;YACV;YACA;gBACEL,MAAM;gBACNC,MAAM;gBACNN,OAAO;oBACLQ,aACE;gBACJ;gBACAG,cAAc;YAChB;YACA;gBACEN,MAAM;gBACNC,MAAM;gBACNN,OAAO;oBACLY,WAAW,CAACC,OAAOC,cAAgBA,aAAaC,eAAe;oBAC/DP,aACE;gBACJ;gBACAJ,QAAQ;oBACN;wBACEC,MAAM;wBACNC,MAAM;wBACNC,UAAU;oBACZ;iBACD;YACH;SACD;QACDS,QAAQ;YACNC,QAAQ;YACRC,UAAU;QACZ;IACF,CAAA,EAAE"}
|
|
@@ -2,8 +2,12 @@ export { createDocsCollection } from './docs.js';
|
|
|
2
2
|
export type { CreateDocsCollectionOptions } from './docs.js';
|
|
3
3
|
export { createDocsGroupsCollection } from './docsGroups.js';
|
|
4
4
|
export type { CreateDocsGroupsCollectionOptions } from './docsGroups.js';
|
|
5
|
+
export { createDocsKeysCollection } from './docsKeys.js';
|
|
6
|
+
export type { CreateDocsKeysCollectionOptions } from './docsKeys.js';
|
|
5
7
|
export { createDocsSetsCollection } from './docsSets.js';
|
|
6
8
|
export type { CreateDocsSetsCollectionOptions } from './docsSets.js';
|
|
9
|
+
export { createDocsTrustedCollection } from './docsTrusted.js';
|
|
10
|
+
export type { CreateDocsTrustedCollectionOptions } from './docsTrusted.js';
|
|
7
11
|
export { createNoncesCollection } from './nonces.js';
|
|
8
12
|
export type { CreateNoncesCollectionOptions } from './nonces.js';
|
|
9
13
|
export { createSyncRunsCollection } from './syncRuns.js';
|
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
export { createDocsCollection } from './docs.js';
|
|
2
2
|
export { createDocsGroupsCollection } from './docsGroups.js';
|
|
3
|
+
export { createDocsKeysCollection } from './docsKeys.js';
|
|
3
4
|
export { createDocsSetsCollection } from './docsSets.js';
|
|
5
|
+
export { createDocsTrustedCollection } from './docsTrusted.js';
|
|
4
6
|
export { createNoncesCollection } from './nonces.js';
|
|
5
7
|
export { createSyncRunsCollection } from './syncRuns.js';
|
|
6
8
|
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../../src/collections/index.ts"],"sourcesContent":["export { createDocsCollection } from './docs.js'\nexport type { CreateDocsCollectionOptions } from './docs.js'\nexport { createDocsGroupsCollection } from './docsGroups.js'\nexport type { CreateDocsGroupsCollectionOptions } from './docsGroups.js'\nexport { createDocsSetsCollection } from './docsSets.js'\nexport type { CreateDocsSetsCollectionOptions } from './docsSets.js'\nexport { createNoncesCollection } from './nonces.js'\nexport type { CreateNoncesCollectionOptions } from './nonces.js'\nexport { createSyncRunsCollection } from './syncRuns.js'\nexport type { CreateSyncRunsCollectionOptions } from './syncRuns.js'\n"],"names":["createDocsCollection","createDocsGroupsCollection","createDocsSetsCollection","createNoncesCollection","createSyncRunsCollection"],"mappings":"AAAA,SAASA,oBAAoB,QAAQ,YAAW;AAEhD,SAASC,0BAA0B,QAAQ,kBAAiB;AAE5D,SAASC,wBAAwB,QAAQ,gBAAe;AAExD,SAASC,sBAAsB,QAAQ,cAAa;AAEpD,SAASC,wBAAwB,QAAQ,gBAAe"}
|
|
1
|
+
{"version":3,"sources":["../../src/collections/index.ts"],"sourcesContent":["export { createDocsCollection } from './docs.js'\nexport type { CreateDocsCollectionOptions } from './docs.js'\nexport { createDocsGroupsCollection } from './docsGroups.js'\nexport type { CreateDocsGroupsCollectionOptions } from './docsGroups.js'\nexport { createDocsKeysCollection } from './docsKeys.js'\nexport type { CreateDocsKeysCollectionOptions } from './docsKeys.js'\nexport { createDocsSetsCollection } from './docsSets.js'\nexport type { CreateDocsSetsCollectionOptions } from './docsSets.js'\nexport { createDocsTrustedCollection } from './docsTrusted.js'\nexport type { CreateDocsTrustedCollectionOptions } from './docsTrusted.js'\nexport { createNoncesCollection } from './nonces.js'\nexport type { CreateNoncesCollectionOptions } from './nonces.js'\nexport { createSyncRunsCollection } from './syncRuns.js'\nexport type { CreateSyncRunsCollectionOptions } from './syncRuns.js'\n"],"names":["createDocsCollection","createDocsGroupsCollection","createDocsKeysCollection","createDocsSetsCollection","createDocsTrustedCollection","createNoncesCollection","createSyncRunsCollection"],"mappings":"AAAA,SAASA,oBAAoB,QAAQ,YAAW;AAEhD,SAASC,0BAA0B,QAAQ,kBAAiB;AAE5D,SAASC,wBAAwB,QAAQ,gBAAe;AAExD,SAASC,wBAAwB,QAAQ,gBAAe;AAExD,SAASC,2BAA2B,QAAQ,mBAAkB;AAE9D,SAASC,sBAAsB,QAAQ,cAAa;AAEpD,SAASC,wBAAwB,QAAQ,gBAAe"}
|
package/dist/constants.d.ts
CHANGED
|
@@ -1,9 +1,11 @@
|
|
|
1
1
|
export declare const DEFAULT_DOCS_COLLECTION_SLUG = "docs";
|
|
2
2
|
export declare const DEFAULT_DOCS_GROUPS_COLLECTION_SLUG = "docs-groups";
|
|
3
|
+
export declare const DEFAULT_DOCS_KEYS_COLLECTION_SLUG = "docs-keys";
|
|
3
4
|
export declare const DEFAULT_DOCS_ROUTE_BASE = "/docs";
|
|
4
5
|
export declare const DEFAULT_DOCS_SETS_COLLECTION_SLUG = "docs-sets";
|
|
5
6
|
export declare const DEFAULT_DOCS_SYNC_NONCES_COLLECTION_SLUG = "docs-sync-nonces";
|
|
6
7
|
export declare const DEFAULT_DOCS_SYNC_RUNS_COLLECTION_SLUG = "docs-sync-runs";
|
|
8
|
+
export declare const DEFAULT_DOCS_TRUSTED_COLLECTION_SLUG = "docs-trusted";
|
|
7
9
|
export declare const DEFAULT_DOCS_SYNC_ENDPOINT_PATH = "/payload-markdown-docs/sync";
|
|
8
10
|
export declare const DEFAULT_MARKDOWN_FIELD_NAME = "content";
|
|
9
11
|
export declare const DOCS_SET_MANAGER_COMPONENT = "@valkyrianlabs/payload-markdown-docs/admin#DocsSetManager";
|
|
@@ -16,6 +18,6 @@ export declare const DEFAULT_MAX_DOCS_TOTAL_BYTES = 5000000;
|
|
|
16
18
|
export declare const DEFAULT_MAX_BODY_BYTES = 5000000;
|
|
17
19
|
export declare const DEFAULT_MAX_SKEW_SECONDS = 300;
|
|
18
20
|
export declare const DEFAULT_NONCE_TTL_SECONDS = 600;
|
|
19
|
-
export declare const DEFAULT_GITHUB_OIDC_AUDIENCE = "payload-markdown-docs";
|
|
20
21
|
export declare const DEFAULT_GITHUB_OIDC_ISSUER = "https://token.actions.githubusercontent.com";
|
|
21
22
|
export declare const MANAGED_BY = "payload-markdown-docs";
|
|
23
|
+
export declare const DOCS_GLOBALS_ADMIN_GROUP = "Docs Globals";
|
package/dist/constants.js
CHANGED
|
@@ -1,9 +1,11 @@
|
|
|
1
1
|
export const DEFAULT_DOCS_COLLECTION_SLUG = 'docs';
|
|
2
2
|
export const DEFAULT_DOCS_GROUPS_COLLECTION_SLUG = 'docs-groups';
|
|
3
|
+
export const DEFAULT_DOCS_KEYS_COLLECTION_SLUG = 'docs-keys';
|
|
3
4
|
export const DEFAULT_DOCS_ROUTE_BASE = '/docs';
|
|
4
5
|
export const DEFAULT_DOCS_SETS_COLLECTION_SLUG = 'docs-sets';
|
|
5
6
|
export const DEFAULT_DOCS_SYNC_NONCES_COLLECTION_SLUG = 'docs-sync-nonces';
|
|
6
7
|
export const DEFAULT_DOCS_SYNC_RUNS_COLLECTION_SLUG = 'docs-sync-runs';
|
|
8
|
+
export const DEFAULT_DOCS_TRUSTED_COLLECTION_SLUG = 'docs-trusted';
|
|
7
9
|
export const DEFAULT_DOCS_SYNC_ENDPOINT_PATH = '/payload-markdown-docs/sync';
|
|
8
10
|
export const DEFAULT_MARKDOWN_FIELD_NAME = 'content';
|
|
9
11
|
export const DOCS_SET_MANAGER_COMPONENT = '@valkyrianlabs/payload-markdown-docs/admin#DocsSetManager';
|
|
@@ -16,8 +18,8 @@ export const DEFAULT_MAX_DOCS_TOTAL_BYTES = 5_000_000;
|
|
|
16
18
|
export const DEFAULT_MAX_BODY_BYTES = 5_000_000;
|
|
17
19
|
export const DEFAULT_MAX_SKEW_SECONDS = 300;
|
|
18
20
|
export const DEFAULT_NONCE_TTL_SECONDS = 600;
|
|
19
|
-
export const DEFAULT_GITHUB_OIDC_AUDIENCE = 'payload-markdown-docs';
|
|
20
21
|
export const DEFAULT_GITHUB_OIDC_ISSUER = 'https://token.actions.githubusercontent.com';
|
|
21
22
|
export const MANAGED_BY = 'payload-markdown-docs';
|
|
23
|
+
export const DOCS_GLOBALS_ADMIN_GROUP = 'Docs Globals';
|
|
22
24
|
|
|
23
25
|
//# sourceMappingURL=constants.js.map
|
package/dist/constants.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"sources":["../src/constants.ts"],"sourcesContent":["export const DEFAULT_DOCS_COLLECTION_SLUG = 'docs'\nexport const DEFAULT_DOCS_GROUPS_COLLECTION_SLUG = 'docs-groups'\nexport const DEFAULT_DOCS_ROUTE_BASE = '/docs'\nexport const DEFAULT_DOCS_SETS_COLLECTION_SLUG = 'docs-sets'\nexport const DEFAULT_DOCS_SYNC_NONCES_COLLECTION_SLUG = 'docs-sync-nonces'\nexport const DEFAULT_DOCS_SYNC_RUNS_COLLECTION_SLUG = 'docs-sync-runs'\nexport const DEFAULT_DOCS_SYNC_ENDPOINT_PATH = '/payload-markdown-docs/sync'\nexport const DEFAULT_MARKDOWN_FIELD_NAME = 'content'\nexport const DOCS_SET_MANAGER_COMPONENT =\n '@valkyrianlabs/payload-markdown-docs/admin#DocsSetManager'\nexport const DEFAULT_PAGES_BRIDGE_FIELD = 'docsBridge'\nexport const DEFAULT_PAGES_COLLECTION_SLUG = 'pages'\nexport const DEFAULT_PAGES_ROUTE_FIELD = 'slug'\nexport const DEFAULT_MAX_DOCS_FILE_BYTES = 500_000\nexport const DEFAULT_MAX_DOCS_FILES = 500\nexport const DEFAULT_MAX_DOCS_TOTAL_BYTES = 5_000_000\nexport const DEFAULT_MAX_BODY_BYTES = 5_000_000\nexport const DEFAULT_MAX_SKEW_SECONDS = 300\nexport const DEFAULT_NONCE_TTL_SECONDS = 600\nexport const
|
|
1
|
+
{"version":3,"sources":["../src/constants.ts"],"sourcesContent":["export const DEFAULT_DOCS_COLLECTION_SLUG = 'docs'\nexport const DEFAULT_DOCS_GROUPS_COLLECTION_SLUG = 'docs-groups'\nexport const DEFAULT_DOCS_KEYS_COLLECTION_SLUG = 'docs-keys'\nexport const DEFAULT_DOCS_ROUTE_BASE = '/docs'\nexport const DEFAULT_DOCS_SETS_COLLECTION_SLUG = 'docs-sets'\nexport const DEFAULT_DOCS_SYNC_NONCES_COLLECTION_SLUG = 'docs-sync-nonces'\nexport const DEFAULT_DOCS_SYNC_RUNS_COLLECTION_SLUG = 'docs-sync-runs'\nexport const DEFAULT_DOCS_TRUSTED_COLLECTION_SLUG = 'docs-trusted'\nexport const DEFAULT_DOCS_SYNC_ENDPOINT_PATH = '/payload-markdown-docs/sync'\nexport const DEFAULT_MARKDOWN_FIELD_NAME = 'content'\nexport const DOCS_SET_MANAGER_COMPONENT =\n '@valkyrianlabs/payload-markdown-docs/admin#DocsSetManager'\nexport const DEFAULT_PAGES_BRIDGE_FIELD = 'docsBridge'\nexport const DEFAULT_PAGES_COLLECTION_SLUG = 'pages'\nexport const DEFAULT_PAGES_ROUTE_FIELD = 'slug'\nexport const DEFAULT_MAX_DOCS_FILE_BYTES = 500_000\nexport const DEFAULT_MAX_DOCS_FILES = 500\nexport const DEFAULT_MAX_DOCS_TOTAL_BYTES = 5_000_000\nexport const DEFAULT_MAX_BODY_BYTES = 5_000_000\nexport const DEFAULT_MAX_SKEW_SECONDS = 300\nexport const DEFAULT_NONCE_TTL_SECONDS = 600\nexport const DEFAULT_GITHUB_OIDC_ISSUER =\n 'https://token.actions.githubusercontent.com'\nexport const MANAGED_BY = 'payload-markdown-docs'\nexport const DOCS_GLOBALS_ADMIN_GROUP = 'Docs Globals'\n"],"names":["DEFAULT_DOCS_COLLECTION_SLUG","DEFAULT_DOCS_GROUPS_COLLECTION_SLUG","DEFAULT_DOCS_KEYS_COLLECTION_SLUG","DEFAULT_DOCS_ROUTE_BASE","DEFAULT_DOCS_SETS_COLLECTION_SLUG","DEFAULT_DOCS_SYNC_NONCES_COLLECTION_SLUG","DEFAULT_DOCS_SYNC_RUNS_COLLECTION_SLUG","DEFAULT_DOCS_TRUSTED_COLLECTION_SLUG","DEFAULT_DOCS_SYNC_ENDPOINT_PATH","DEFAULT_MARKDOWN_FIELD_NAME","DOCS_SET_MANAGER_COMPONENT","DEFAULT_PAGES_BRIDGE_FIELD","DEFAULT_PAGES_COLLECTION_SLUG","DEFAULT_PAGES_ROUTE_FIELD","DEFAULT_MAX_DOCS_FILE_BYTES","DEFAULT_MAX_DOCS_FILES","DEFAULT_MAX_DOCS_TOTAL_BYTES","DEFAULT_MAX_BODY_BYTES","DEFAULT_MAX_SKEW_SECONDS","DEFAULT_NONCE_TTL_SECONDS","DEFAULT_GITHUB_OIDC_ISSUER","MANAGED_BY","DOCS_GLOBALS_ADMIN_GROUP"],"mappings":"AAAA,OAAO,MAAMA,+BAA+B,OAAM;AAClD,OAAO,MAAMC,sCAAsC,cAAa;AAChE,OAAO,MAAMC,oCAAoC,YAAW;AAC5D,OAAO,MAAMC,0BAA0B,QAAO;AAC9C,OAAO,MAAMC,oCAAoC,YAAW;AAC5D,OAAO,MAAMC,2CAA2C,mBAAkB;AAC1E,OAAO,MAAMC,yCAAyC,iBAAgB;AACtE,OAAO,MAAMC,uCAAuC,eAAc;AAClE,OAAO,MAAMC,kCAAkC,8BAA6B;AAC5E,OAAO,MAAMC,8BAA8B,UAAS;AACpD,OAAO,MAAMC,6BACX,4DAA2D;AAC7D,OAAO,MAAMC,6BAA6B,aAAY;AACtD,OAAO,MAAMC,gCAAgC,QAAO;AACpD,OAAO,MAAMC,4BAA4B,OAAM;AAC/C,OAAO,MAAMC,8BAA8B,QAAO;AAClD,OAAO,MAAMC,yBAAyB,IAAG;AACzC,OAAO,MAAMC,+BAA+B,UAAS;AACrD,OAAO,MAAMC,yBAAyB,UAAS;AAC/C,OAAO,MAAMC,2BAA2B,IAAG;AAC3C,OAAO,MAAMC,4BAA4B,IAAG;AAC5C,OAAO,MAAMC,6BACX,8CAA6C;AAC/C,OAAO,MAAMC,aAAa,wBAAuB;AACjD,OAAO,MAAMC,2BAA2B,eAAc"}
|
package/dist/endpoints/sync.d.ts
CHANGED
|
@@ -3,7 +3,7 @@ import type { DocsPublishMode } from '../payload/index.js';
|
|
|
3
3
|
import type { FetchJson } from '../security/index.js';
|
|
4
4
|
import type { DocsDeleteBehavior } from '../sync/index.js';
|
|
5
5
|
import type { PayloadMarkdownDocsAuthConfig } from '../types.js';
|
|
6
|
-
export type DocsSyncEndpointErrorCode = 'audit_unavailable' | 'auth_disabled' | 'body_hash_mismatch' | 'delete_behavior_not_implemented' | 'draft_behavior_not_available' | 'dry_run_required_not_implemented' | 'hard_delete_disabled' | 'invalid_body' | 'invalid_manifest' | 'invalid_method' | 'invalid_signature' | 'invalid_timestamp' | 'manual_edit_conflict' | 'missing_header' | 'nonce_replay' | '
|
|
6
|
+
export type DocsSyncEndpointErrorCode = 'audit_unavailable' | 'auth_disabled' | 'body_hash_mismatch' | 'delete_behavior_not_implemented' | 'draft_behavior_not_available' | 'dry_run_required_not_implemented' | 'hard_delete_disabled' | 'invalid_body' | 'invalid_manifest' | 'invalid_method' | 'invalid_signature' | 'invalid_timestamp' | 'manual_edit_conflict' | 'missing_header' | 'nonce_replay' | 'oidc_expired' | 'oidc_invalid_audience' | 'oidc_invalid_issuer' | 'oidc_invalid_token' | 'oidc_jwks_unavailable' | 'oidc_missing_claim' | 'oidc_missing_jti' | 'oidc_not_yet_valid' | 'oidc_owner_not_allowed' | 'oidc_pull_request_not_allowed' | 'oidc_ref_not_allowed' | 'oidc_replay' | 'oidc_repository_not_allowed' | 'oidc_workflow_not_allowed' | 'publish_disabled' | 'publish_not_available' | 'replay_protection_unavailable' | 'route_collision' | 'source_not_allowed' | 'sync_apply_failed' | 'sync_mode_not_implemented' | 'sync_writes_disabled' | 'unknown_key';
|
|
7
7
|
export type CreateSyncEndpointOptions = {
|
|
8
8
|
allowHardDelete?: boolean;
|
|
9
9
|
allowPublish?: boolean;
|
|
@@ -14,8 +14,13 @@ export type CreateSyncEndpointOptions = {
|
|
|
14
14
|
docsCollectionSlug: string;
|
|
15
15
|
docsEnabled: boolean;
|
|
16
16
|
docsEnableDrafts: boolean;
|
|
17
|
+
docsGroupsCollectionSlug: string;
|
|
18
|
+
docsKeysCollectionSlug: string;
|
|
19
|
+
docsKeysEnabled: boolean;
|
|
17
20
|
docsSetsCollectionSlug: string;
|
|
18
21
|
docsSetsEnabled: boolean;
|
|
22
|
+
docsTrustedCollectionSlug: string;
|
|
23
|
+
docsTrustedEnabled: boolean;
|
|
19
24
|
endpointPath: string;
|
|
20
25
|
getNow?: () => Date;
|
|
21
26
|
markdownFieldName: string;
|
|
@@ -26,7 +31,6 @@ export type CreateSyncEndpointOptions = {
|
|
|
26
31
|
nonceTtlSeconds?: number;
|
|
27
32
|
oidcFetchJson?: FetchJson;
|
|
28
33
|
requireDryRunBeforeApply?: boolean;
|
|
29
|
-
routeBase?: string;
|
|
30
34
|
routing?: {
|
|
31
35
|
pages?: {
|
|
32
36
|
allowBridgePages: boolean;
|
|
@@ -36,11 +40,6 @@ export type CreateSyncEndpointOptions = {
|
|
|
36
40
|
routeField: string;
|
|
37
41
|
};
|
|
38
42
|
};
|
|
39
|
-
sources?: {
|
|
40
|
-
id: string;
|
|
41
|
-
root?: string;
|
|
42
|
-
routeBase: string;
|
|
43
|
-
}[];
|
|
44
43
|
syncRunsCollectionSlug: string;
|
|
45
44
|
syncRunsEnabled: boolean;
|
|
46
45
|
};
|
package/dist/endpoints/sync.js
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import {
|
|
2
|
-
import { applyDocsSync, assertApplyDeleteBehaviorSupported, createSyncRunAudit, findConfiguredPagesRouteCollisions,
|
|
1
|
+
import { DEFAULT_MAX_BODY_BYTES, DEFAULT_MAX_SKEW_SECONDS, DEFAULT_NONCE_TTL_SECONDS } from '../constants.js';
|
|
2
|
+
import { applyDocsSync, assertApplyDeleteBehaviorSupported, createSyncRunAudit, findConfiguredPagesRouteCollisions, findDocsKeyById, findDocsSetBySlug, findDocsSyncConflicts, findDuplicateDesiredRouteCollisions, findExistingDocsRouteCollisions, findExistingPayloadDocsRecords, findTrustedGitHubSources, getRecordId, isEd25519AuthEnabled, isGitHubOidcAuthEnabled, toExistingDocsRecord, updateDocsSetAfterSync, updateSyncRunAudit } from '../payload/index.js';
|
|
3
3
|
import { assertNonceNotReplayed, buildCanonicalSigningString, extractSyncRequestHeaders, getCanonicalPathFromRequestUrl, storeAcceptedNonce, validateTimestampSkew, verifyBodySha256, verifyEd25519Signature, verifyGitHubOidcToken } from '../security/index.js';
|
|
4
4
|
import { planDocsSync, validateDocsManifest } from '../sync/index.js';
|
|
5
5
|
const jsonResponse = (body, status = 200)=>Response.json(body, {
|
|
@@ -22,63 +22,30 @@ const parseManifestBody = (rawBody)=>{
|
|
|
22
22
|
return undefined;
|
|
23
23
|
}
|
|
24
24
|
};
|
|
25
|
-
const findSourceConfig = (sourceId, sources)=>sources?.find((source)=>source.id === sourceId);
|
|
26
|
-
const getAllowedSourceIds = (sources)=>{
|
|
27
|
-
if (!sources || sources.length === 0) {
|
|
28
|
-
return undefined;
|
|
29
|
-
}
|
|
30
|
-
return sources.map((source)=>source.id);
|
|
31
|
-
};
|
|
32
25
|
const resolveSyncSource = async ({ manifest, options, payload })=>{
|
|
33
26
|
const sourceId = manifest.source?.id;
|
|
34
27
|
if (!sourceId) {
|
|
35
28
|
return {
|
|
36
|
-
|
|
37
|
-
allowedSourceIds: getAllowedSourceIds(options.sources),
|
|
38
|
-
routeBase: options.routeBase ?? DEFAULT_DOCS_ROUTE_BASE
|
|
39
|
-
}
|
|
29
|
+
response: errorResponse('source_not_allowed', 'Manifest source.id is required and must match a docs set slug.', 400)
|
|
40
30
|
};
|
|
41
31
|
}
|
|
42
|
-
const docsSet = options.docsSetsEnabled ? await
|
|
32
|
+
const docsSet = options.docsSetsEnabled ? await findDocsSetBySlug({
|
|
33
|
+
slug: sourceId,
|
|
43
34
|
collectionSlug: options.docsSetsCollectionSlug,
|
|
44
|
-
|
|
45
|
-
|
|
35
|
+
docsGroupsCollectionSlug: options.docsGroupsCollectionSlug,
|
|
36
|
+
payload
|
|
46
37
|
}) : undefined;
|
|
47
38
|
if (docsSet) {
|
|
48
|
-
if (docsSet.sourceRoot && manifest.source.root && docsSet.sourceRoot !== manifest.source.root) {
|
|
49
|
-
return {
|
|
50
|
-
response: errorResponse('source_not_allowed', `Manifest source.root "${manifest.source.root}" is not allowed for docs set source "${sourceId}".`, 400)
|
|
51
|
-
};
|
|
52
|
-
}
|
|
53
39
|
return {
|
|
54
40
|
source: {
|
|
55
|
-
allowedSourceIds: [
|
|
56
|
-
sourceId
|
|
57
|
-
],
|
|
58
|
-
auth: docsSet.auth,
|
|
59
41
|
docsSet,
|
|
60
42
|
routeBase: docsSet.routeBase,
|
|
61
|
-
|
|
43
|
+
sourceId
|
|
62
44
|
}
|
|
63
45
|
};
|
|
64
46
|
}
|
|
65
|
-
const sourceConfig = findSourceConfig(sourceId, options.sources);
|
|
66
|
-
if ((options.docsSetsEnabled || options.sources && options.sources.length > 0) && !sourceConfig) {
|
|
67
|
-
return {
|
|
68
|
-
response: errorResponse('source_not_allowed', options.docsSetsEnabled ? `No docs set exists for manifest source.id "${sourceId}". Create a docs set in Payload Admin before syncing this source.` : `Manifest source.id "${sourceId}" is not configured for this endpoint.`, 400)
|
|
69
|
-
};
|
|
70
|
-
}
|
|
71
|
-
if (sourceConfig?.root && manifest.source.root && sourceConfig.root !== manifest.source.root) {
|
|
72
|
-
return {
|
|
73
|
-
response: errorResponse('source_not_allowed', `Manifest source.root "${manifest.source.root}" is not allowed for source "${sourceId}".`, 400)
|
|
74
|
-
};
|
|
75
|
-
}
|
|
76
47
|
return {
|
|
77
|
-
|
|
78
|
-
allowedSourceIds: getAllowedSourceIds(options.sources),
|
|
79
|
-
routeBase: sourceConfig?.routeBase ?? options.routeBase ?? DEFAULT_DOCS_ROUTE_BASE,
|
|
80
|
-
sourceRoot: sourceConfig?.root
|
|
81
|
-
}
|
|
48
|
+
response: errorResponse('source_not_allowed', `No docs set exists for source "${sourceId}". Create a docs set with slug "${sourceId}" in Payload Admin before syncing this source.`, 400)
|
|
82
49
|
};
|
|
83
50
|
};
|
|
84
51
|
const summarizePlan = (plan)=>({
|
|
@@ -193,72 +160,24 @@ const getBearerToken = (headers)=>{
|
|
|
193
160
|
return token;
|
|
194
161
|
};
|
|
195
162
|
const hasEd25519AuthHeaders = (headers)=>getRequiredHeader(headers, 'x-vl-md-docs-key-id') !== undefined || getRequiredHeader(headers, 'x-vl-md-docs-signature') !== undefined || getRequiredHeader(headers, 'x-vl-md-docs-timestamp') !== undefined || getRequiredHeader(headers, 'x-vl-md-docs-nonce') !== undefined;
|
|
196
|
-
const getGlobalEd25519AuthConfig = (auth)=>{
|
|
197
|
-
if (!auth || auth.mode === 'disabled' || auth.mode === 'github-oidc') {
|
|
198
|
-
return undefined;
|
|
199
|
-
}
|
|
200
|
-
if (auth.mode === 'ed25519') {
|
|
201
|
-
return auth;
|
|
202
|
-
}
|
|
203
|
-
return auth.ed25519 ? {
|
|
204
|
-
...auth.ed25519,
|
|
205
|
-
mode: 'ed25519'
|
|
206
|
-
} : undefined;
|
|
207
|
-
};
|
|
208
|
-
const getEd25519AuthConfig = ({ auth, sourceAuth })=>{
|
|
209
|
-
const globalAuth = getGlobalEd25519AuthConfig(auth);
|
|
210
|
-
if (sourceAuth?.ed25519?.keys.length) {
|
|
211
|
-
return {
|
|
212
|
-
...globalAuth,
|
|
213
|
-
...sourceAuth.ed25519,
|
|
214
|
-
keys: sourceAuth.ed25519.keys,
|
|
215
|
-
mode: 'ed25519'
|
|
216
|
-
};
|
|
217
|
-
}
|
|
218
|
-
return globalAuth;
|
|
219
|
-
};
|
|
220
|
-
const getGlobalGitHubOidcAuthConfig = (auth)=>{
|
|
221
|
-
if (!auth || auth.mode === 'disabled' || auth.mode === 'ed25519') {
|
|
222
|
-
return undefined;
|
|
223
|
-
}
|
|
224
|
-
if (auth.mode === 'github-oidc') {
|
|
225
|
-
return auth;
|
|
226
|
-
}
|
|
227
|
-
return auth.githubOidc ? {
|
|
228
|
-
...auth.githubOidc,
|
|
229
|
-
mode: 'github-oidc'
|
|
230
|
-
} : undefined;
|
|
231
|
-
};
|
|
232
|
-
const getGitHubOidcAuthConfig = ({ auth, sourceAuth })=>{
|
|
233
|
-
const globalAuth = getGlobalGitHubOidcAuthConfig(auth);
|
|
234
|
-
const sourceOidc = sourceAuth?.githubOidc;
|
|
235
|
-
if (!sourceOidc) {
|
|
236
|
-
return globalAuth;
|
|
237
|
-
}
|
|
238
|
-
if (sourceOidc.enabled === false) {
|
|
239
|
-
return globalAuth;
|
|
240
|
-
}
|
|
241
|
-
const { enabled: _enabled, ...sourceOptions } = sourceOidc;
|
|
242
|
-
const audience = sourceOptions.audience ?? globalAuth?.audience;
|
|
243
|
-
if (!audience) {
|
|
244
|
-
return globalAuth;
|
|
245
|
-
}
|
|
246
|
-
return {
|
|
247
|
-
...globalAuth,
|
|
248
|
-
...sourceOptions,
|
|
249
|
-
audience,
|
|
250
|
-
mode: 'github-oidc'
|
|
251
|
-
};
|
|
252
|
-
};
|
|
253
163
|
const assertReplayProtectionAvailable = (options)=>options.noncesEnabled ? undefined : errorResponse('replay_protection_unavailable', 'Sync endpoint requires nonce replay protection.', 500);
|
|
254
|
-
const authenticateEd25519Request = async ({
|
|
164
|
+
const authenticateEd25519Request = async ({ now, options, rawBody, req })=>{
|
|
255
165
|
const headersResult = extractSyncRequestHeaders(req.headers);
|
|
256
166
|
if (!headersResult.ok) {
|
|
257
167
|
return {
|
|
258
168
|
response: errorResponse('missing_header', `Missing required sync header: ${headersResult.header}.`, 401)
|
|
259
169
|
};
|
|
260
170
|
}
|
|
261
|
-
|
|
171
|
+
if (!options.docsKeysEnabled) {
|
|
172
|
+
return {
|
|
173
|
+
response: errorResponse('auth_disabled', 'Signed sync authentication requires the docs Keys collection.', 401)
|
|
174
|
+
};
|
|
175
|
+
}
|
|
176
|
+
const keyConfig = await findDocsKeyById({
|
|
177
|
+
collectionSlug: options.docsKeysCollectionSlug,
|
|
178
|
+
keyId: headersResult.headers.keyId,
|
|
179
|
+
payload: req.payload
|
|
180
|
+
});
|
|
262
181
|
if (!keyConfig) {
|
|
263
182
|
return {
|
|
264
183
|
response: errorResponse('unknown_key', 'Unknown sync request key id.', 401)
|
|
@@ -274,7 +193,7 @@ const authenticateEd25519Request = async ({ auth, now, options, rawBody, req })=
|
|
|
274
193
|
};
|
|
275
194
|
}
|
|
276
195
|
const timestampValidation = validateTimestampSkew({
|
|
277
|
-
maxSkewSeconds:
|
|
196
|
+
maxSkewSeconds: options.maxSkewSeconds ?? DEFAULT_MAX_SKEW_SECONDS,
|
|
278
197
|
now,
|
|
279
198
|
timestamp: headersResult.headers.timestamp
|
|
280
199
|
});
|
|
@@ -321,7 +240,7 @@ const authenticateEd25519Request = async ({ auth, now, options, rawBody, req })=
|
|
|
321
240
|
response: errorResponse('invalid_signature', 'Invalid sync request signature.', 401)
|
|
322
241
|
};
|
|
323
242
|
}
|
|
324
|
-
const nonceTtlSeconds =
|
|
243
|
+
const nonceTtlSeconds = options.nonceTtlSeconds ?? DEFAULT_NONCE_TTL_SECONDS;
|
|
325
244
|
return {
|
|
326
245
|
identity: {
|
|
327
246
|
bodyHash: bodyHash.computedHash,
|
|
@@ -331,7 +250,7 @@ const authenticateEd25519Request = async ({ auth, now, options, rawBody, req })=
|
|
|
331
250
|
}
|
|
332
251
|
};
|
|
333
252
|
};
|
|
334
|
-
const authenticateGitHubOidcRequest = async ({
|
|
253
|
+
const authenticateGitHubOidcRequest = async ({ docsSet, now, options, rawBody, req })=>{
|
|
335
254
|
const token = getBearerToken(req.headers);
|
|
336
255
|
if (token === undefined) {
|
|
337
256
|
return {
|
|
@@ -358,8 +277,27 @@ const authenticateGitHubOidcRequest = async ({ auth, now, options, rawBody, req
|
|
|
358
277
|
response: errorResponse('body_hash_mismatch', 'Sync request body hash does not match the OIDC header.', 401)
|
|
359
278
|
};
|
|
360
279
|
}
|
|
280
|
+
if (!options.docsTrustedEnabled) {
|
|
281
|
+
return {
|
|
282
|
+
response: errorResponse('auth_disabled', 'GitHub OIDC sync authentication requires the docs Trusted collection.', 401)
|
|
283
|
+
};
|
|
284
|
+
}
|
|
285
|
+
const trustedSources = await findTrustedGitHubSources({
|
|
286
|
+
collectionSlug: options.docsTrustedCollectionSlug,
|
|
287
|
+
payload: req.payload
|
|
288
|
+
});
|
|
289
|
+
const allowedRef = docsSet.branch.startsWith('refs/') ? docsSet.branch : `refs/heads/${docsSet.branch}`;
|
|
361
290
|
const verified = await verifyGitHubOidcToken({
|
|
362
|
-
config:
|
|
291
|
+
config: {
|
|
292
|
+
allowedRefs: [
|
|
293
|
+
allowedRef
|
|
294
|
+
],
|
|
295
|
+
allowedWorkflowRefs: docsSet.advancedSecurity?.allowedWorkflowRefs,
|
|
296
|
+
allowPullRequests: docsSet.allowPullRequests,
|
|
297
|
+
audience: docsSet.slug,
|
|
298
|
+
enforceWorkflowRefs: docsSet.advancedSecurity?.enabled === true,
|
|
299
|
+
trustedSources
|
|
300
|
+
},
|
|
363
301
|
fetchJson: options.oidcFetchJson,
|
|
364
302
|
now,
|
|
365
303
|
token
|
|
@@ -400,43 +338,36 @@ const authenticateGitHubOidcRequest = async ({ auth, now, options, rawBody, req
|
|
|
400
338
|
}
|
|
401
339
|
};
|
|
402
340
|
};
|
|
403
|
-
const authenticateSyncRequest = async ({ now, options, rawBody, req
|
|
404
|
-
const
|
|
405
|
-
|
|
406
|
-
|
|
407
|
-
});
|
|
408
|
-
const githubOidcAuth = getGitHubOidcAuthConfig({
|
|
409
|
-
auth: options.auth,
|
|
410
|
-
sourceAuth
|
|
411
|
-
});
|
|
412
|
-
if (!ed25519Auth && !githubOidcAuth) {
|
|
341
|
+
const authenticateSyncRequest = async ({ docsSet, now, options, rawBody, req })=>{
|
|
342
|
+
const ed25519Enabled = isEd25519AuthEnabled(options.auth);
|
|
343
|
+
const githubOidcEnabled = isGitHubOidcAuthEnabled(options.auth);
|
|
344
|
+
if (!ed25519Enabled && !githubOidcEnabled) {
|
|
413
345
|
return {
|
|
414
346
|
response: errorResponse('auth_disabled', 'Sync authentication is not configured for this endpoint.', 401)
|
|
415
347
|
};
|
|
416
348
|
}
|
|
417
349
|
const bearerToken = getBearerToken(req.headers);
|
|
418
350
|
if (bearerToken !== undefined) {
|
|
419
|
-
if (!
|
|
351
|
+
if (!githubOidcEnabled) {
|
|
420
352
|
return {
|
|
421
353
|
response: errorResponse('auth_disabled', 'GitHub OIDC sync authentication is not configured for this endpoint.', 401)
|
|
422
354
|
};
|
|
423
355
|
}
|
|
424
356
|
return authenticateGitHubOidcRequest({
|
|
425
|
-
|
|
357
|
+
docsSet,
|
|
426
358
|
now,
|
|
427
359
|
options,
|
|
428
360
|
rawBody,
|
|
429
361
|
req
|
|
430
362
|
});
|
|
431
363
|
}
|
|
432
|
-
if (hasEd25519AuthHeaders(req.headers) || !
|
|
433
|
-
if (!
|
|
364
|
+
if (hasEd25519AuthHeaders(req.headers) || !githubOidcEnabled) {
|
|
365
|
+
if (!ed25519Enabled) {
|
|
434
366
|
return {
|
|
435
367
|
response: errorResponse('auth_disabled', 'Signed sync authentication is not configured for this endpoint.', 401)
|
|
436
368
|
};
|
|
437
369
|
}
|
|
438
370
|
return authenticateEd25519Request({
|
|
439
|
-
auth: ed25519Auth,
|
|
440
371
|
now,
|
|
441
372
|
options,
|
|
442
373
|
rawBody,
|
|
@@ -444,7 +375,7 @@ const authenticateSyncRequest = async ({ now, options, rawBody, req, sourceAuth
|
|
|
444
375
|
});
|
|
445
376
|
}
|
|
446
377
|
return authenticateGitHubOidcRequest({
|
|
447
|
-
|
|
378
|
+
docsSet,
|
|
448
379
|
now,
|
|
449
380
|
options,
|
|
450
381
|
rawBody,
|
|
@@ -477,17 +408,19 @@ const createSyncEndpointHandler = (options)=>async (req)=>{
|
|
|
477
408
|
return sourceResolution.response;
|
|
478
409
|
}
|
|
479
410
|
const authentication = await authenticateSyncRequest({
|
|
411
|
+
docsSet: sourceResolution.source.docsSet,
|
|
480
412
|
now: startedAt,
|
|
481
413
|
options,
|
|
482
414
|
rawBody,
|
|
483
|
-
req
|
|
484
|
-
sourceAuth: sourceResolution.source.auth
|
|
415
|
+
req
|
|
485
416
|
});
|
|
486
417
|
if (authentication.response) {
|
|
487
418
|
return authentication.response;
|
|
488
419
|
}
|
|
489
420
|
const validation = validateDocsManifest(manifest, {
|
|
490
|
-
allowedSourceIds:
|
|
421
|
+
allowedSourceIds: [
|
|
422
|
+
sourceResolution.source.sourceId
|
|
423
|
+
],
|
|
491
424
|
maxTotalBytes: maxBodyBytes,
|
|
492
425
|
routeBase: sourceResolution.source.routeBase
|
|
493
426
|
});
|