wasm-action 0.0.6__py3-none-any.whl → 0.0.7__py3-none-any.whl

wasm_action/cli.py

@@ -1,8 +1,11 @@
 import sys
 import click
 import importlib.metadata
+import json
 
 from . import lib
+from .warg.crypto import generate_key
+
 
 @click.group()
 def cli():
@@ -64,5 +67,23 @@ def pull(registry, package, path=None, warg_token=None):
         sys.exit(1)
 
 
+@cli.command(help="Generate private key or read one from stdin")
+def key():
+    """Generate key in json format.
+
+    Either:
+     - generate a new key
+     - read a private key from standard input
+    """
+    if sys.stdin.isatty():
+        data = generate_key()
+    else:
+        # read private key from standard input
+        private_key = sys.stdin.read()
+        data = generate_key(private_key)
+        del data['private']
+    print(json.dumps(data, indent=4))
+
+
 if __name__ == "__main__":
     cli()

wasm_action/lib.py

@@ -5,7 +5,6 @@ import os
 import hashlib
 import base64
 import json
-
 import click
 import semver
 import validators

wasm_action/warg/actions.py

@@ -60,11 +60,14 @@ def warg_push(registry, warg_url, namespace, name, version, content_bytes, warg_
 
         # state: sourcing -> upload sources
         elif state == 'sourcing':
+            time.sleep(1)
             if 'missingContent' in res:
                 for _, data in res['missingContent'].items():
                     if 'upload' in data:
                         for upload in data['upload']:
-                            requests.put(upload['url'], data=content_bytes)
+                            r = requests.put(upload['url'], data=content_bytes)
+                            if r.status_code not in (200, 201):
+                                print(r.status_code, r.content)
 
         # state: rejected -> error
         elif state == 'rejected':

wasm_action/warg/crypto.py

@@ -38,9 +38,14 @@ class PrivateKey:
         """
         Decode a key in `<algo>:<base64>` format.
         """
-        if ':' not in text:
+        text = (text or '').strip()
+        if not text or ':' not in text:
             raise ValueError('required format: <algo>:<base64>')
 
+        # better interplay with jq, pbcopy, and pbpaste
+        if len(text)>1 and text.startswith('"') and text.endswith('"'):
+            text = text[1:-1]
+
         algo, key_b64 = text.split(':', 1)
 
         curve = cls.CURVES.get(algo)
@@ -48,7 +53,9 @@ class PrivateKey:
             raise ValueError('algorithm not supported: {}'.format(algo))
 
         key_bytes = base64.b64decode(key_b64)
-        # todo: compare bytes length with curve key length
+        # compare bytes length with curve key size
+        if len(key_bytes) * 8 != curve.key_size:
+            raise ValueError('key size mismatch')
 
         key_int = int.from_bytes(key_bytes, byteorder='big')
         key = ec.derive_private_key(key_int, curve=curve)
@@ -134,3 +141,17 @@ class PublicKey:
     def fingerprint(self):
         """Used as Key ID"""
         return "sha256:{}".format(hashlib.sha256(self.canonical().encode('ascii')).hexdigest())
+
+
+def generate_key(private_key:str=None):
+    """Generate key-pair."""
+    if private_key:
+        private = PrivateKey.load(private_key)
+    else:
+        private = PrivateKey.generate()
+    public = private.public_key()
+    return {
+        "private": private.canonical(),
+        "public": public.canonical(),
+        "id": public.fingerprint(),
+    }

{wasm_action-0.0.6.dist-info → wasm_action-0.0.7.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: wasm-action
-Version: 0.0.6
+Version: 0.0.7
 Summary: Interact with WebAssembly registries.
 Requires-Dist: click>=8.2.1
 Requires-Dist: cryptography>=45.0.6
@@ -27,6 +27,10 @@ Description-Content-Type: text/markdown
 * Supported actions: push, pull
 * Supports Python 3.10+ on Linux, MacOS and Windows
 
+#### Planned
+* OCI registry support (a.k.a. Docker registry)
+* Convert between formats (wit/wasm)
+
 ## Usage
 ### Pull from registry
 ```
@@ -37,7 +41,7 @@ Description-Content-Type: text/markdown
           package: component-book:adder
 ```
 
-To pull a private package define your [token](https://wa.dev/account/credentials/new):
+To pull a private package, define your [token](https://wa.dev/account/credentials/new):
 ```
         env:
           WARG_TOKEN: ${{ secrets.WARG_TOKEN }}
@@ -77,8 +81,27 @@ To pull a private package define your [token](https://wa.dev/account/credentials
           WARG_PRIVATE_KEY: ${{ secrets.WARG_PRIVATE_KEY }}
 ```
 
+### Key generation
+New [token](https://wa.dev/account/credentials/new) registration and push to wa.dev require generation and configuration of a private/public key pair which can be facilitated with:
+```
+$ uv run wasm-action key
+{
+    "private": "ecdsa-p256:9y5nigLvFp3KZZQtuvN9DchpGIMUB4bwGAtkIoOCla4=",
+    "public": "ecdsa-p256:AvspSQWBK65ItTou/uVCi5qC4P+HBCi4R34OIPb3ILRl",
+    "id": "sha256:c836bd8a3082f2e8d70bdfa48296e580ab847fcdeadb351f448d03f152d44093"
+}
+```
+```
+# use private key to configure in github or save it elsewhere in a secure manner
+$ uvx wasm-action key | jq .private | pbcopy
+```
+```
+# use corresponding public key for new token registration at wa.dev
+$ pbpaste | uvx wasm-action key | jq .public
+```
+
 ## CLI
-The tool can be run without installing using [uv](https://docs.astral.sh/uv/).
+The tool can be run without installing, using [uv](https://docs.astral.sh/uv/).
 ```
 $ uvx wasm-action --help
 Usage: wasm-action [OPTIONS] COMMAND [ARGS]...
@@ -87,8 +110,10 @@ Options:
   --help  Show this message and exit.
 
 Commands:
-  pull  Pull from a WebAssembly registry
-  push  Push to a WebAssembly registry
+  key      Generate private key or read one from stdin
+  pull     Pull from registry
+  push     Push to registry
+  version  Print version
 ```
 ```
 $ uvx wasm-action pull --help

{wasm_action-0.0.6.dist-info → wasm_action-0.0.7.dist-info}/RECORD

@@ -58,16 +58,16 @@ warg_openapi/models/timestamped_checkpoint.py,sha256=HvpqFUAzxb4AlhFOd1FHi8gKYAv
 warg_openapi/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 warg_openapi/rest.py,sha256=esTaIvd-RN8XURlnK_ALzgEyd5n1853hJRoAdCe7C3k,14044
 wasm_action/__init__.py,sha256=77Mz6_mfveQMO90YlCumicDwhzSa0Xvi3xpJ_10EYZ8,190
-wasm_action/cli.py,sha256=in720PEYgVbPwGqab8VJJUUcDIA8JzWpzMmQ93A3xVU,1827
-wasm_action/lib.py,sha256=AEomnfa4HObgGxgv29vJ7bsV6scw6cSg6yHPgkUy79I,5367
+wasm_action/cli.py,sha256=Hwn7hIxfBom_h4RaNc3_o73KZMX5ZbLl52sfgoXeL2E,2345
+wasm_action/lib.py,sha256=xX66hhbxyxI5GP_k4DfDdViWj0FonqFXBwq8ssAuZo4,5366
 wasm_action/registry.py,sha256=JfsYJbzysbcgMAG9wf-8bPU-fmSm7wan_aReRXGGaMM,1497
 wasm_action/util.py,sha256=TqIMicfNDqtjhTuLLBujpw77Z2ktY9uXmddsztg-Y8E,2247
 wasm_action/warg/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-wasm_action/warg/actions.py,sha256=5Hnqc6ImS3W4K5osagOfXJDjLEj_g9TSceX4r7CwoDU,4500
+wasm_action/warg/actions.py,sha256=RfP3REOJp0bxuJ3FkkXFjrO1zfWrW5v7T_HOb8-g6mE,4658
 wasm_action/warg/client.py,sha256=FKKHcTwqAJotN3ZL2bIHJ0ET05YxRQw9ks8IyxDQ6Mo,6389
-wasm_action/warg/crypto.py,sha256=BKBM9BmOni1sXY2eVXky9kx371JhiMd-RitaDa188uY,4253
+wasm_action/warg/crypto.py,sha256=eK2Vw1mLFg2wmL6_3jmLHKzo2JK3KpnOz4PRUFZowZY,4906
 wasm_action/warg/proto.py,sha256=ui6rPfC_5IQQheOAwCxOL--r_tmvN-hc50NlLC5bgn4,6226
-wasm_action-0.0.6.dist-info/WHEEL,sha256=XjEbIc5-wIORjWaafhI6vBtlxDBp7S9KiujWF1EM7Ak,79
-wasm_action-0.0.6.dist-info/entry_points.txt,sha256=lTdloFNHGTiEbfd1efp0ZQ7p9SpAbzIWYqxk__EAPFE,53
-wasm_action-0.0.6.dist-info/METADATA,sha256=FuDPVFACskSA0_XmFdJ9dVFnNTb9HCdsndd-UpzG7-o,4009
-wasm_action-0.0.6.dist-info/RECORD,,
+wasm_action-0.0.7.dist-info/WHEEL,sha256=XV0cjMrO7zXhVAIyyc8aFf1VjZ33Fen4IiJk5zFlC3g,80
+wasm_action-0.0.7.dist-info/entry_points.txt,sha256=lTdloFNHGTiEbfd1efp0ZQ7p9SpAbzIWYqxk__EAPFE,53
+wasm_action-0.0.7.dist-info/METADATA,sha256=4v6xz5MeK7IvMje08VegVoofZqQ-jkkSm3oDxqzLfXk,4892
+wasm_action-0.0.7.dist-info/RECORD,,

{wasm_action-0.0.6.dist-info → wasm_action-0.0.7.dist-info}/WHEEL

@@ -1,4 +1,4 @@
 Wheel-Version: 1.0
-Generator: uv 0.9.25
+Generator: uv 0.9.26
 Root-Is-Purelib: true
-Tag: py3-none-any
+Tag: py3-none-any