✨ Add minor compatibility adjustments for audit archive task

2026-02-27 12:16:55 -05:00 · 2026-02-27 11:50:52 +01:00
14 changed files with 57 additions and 112 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -69,7 +69,7 @@
 /frontend/test-results/
 /other/
 /scripts/
-/telemetry/
+/nexus/
 /tmp/
 /vendor/**/target
 /vendor/svgclean/bundle*.js
--- a/backend/scripts/_env
+++ b/backend/scripts/_env
@@ -2,6 +2,7 @@

 export PENPOT_NITRATE_SHARED_KEY=super-secret-nitrate-api-key
 export PENPOT_EXPORTER_SHARED_KEY=super-secret-exporter-api-key
+export PENPOT_NEXUS_SHARED_KEY=super-secret-nexus-api-key
 export PENPOT_SECRET_KEY=super-secret-devenv-key

 # DEPRECATED: only used for subscriptions
--- a/backend/src/app/config.clj
+++ b/backend/src/app/config.clj
@@ -103,6 +103,7 @@

    [:exporter-shared-key {:optional true} :string]
    [:nitrate-shared-key {:optional true} :string]
+    [:nexus-shared-key {:optional true} :string]
    [:management-api-key {:optional true} :string]

    [:telemetry-uri {:optional true} :string]
--- a/backend/src/app/loggers/audit.clj
+++ b/backend/src/app/loggers/audit.clj
@@ -120,7 +120,7 @@
 ;; an external storage and data cleared.

 (def ^:private schema:event
-  [:map {:title "event"}
+  [:map {:title "AuditEvent"}
   [::type ::sm/text]
   [::name ::sm/text]
   [::profile-id ::sm/uuid]
--- a/backend/src/app/loggers/audit/archive_task.clj
+++ b/backend/src/app/loggers/audit/archive_task.clj
@@ -10,14 +10,11 @@
   [app.common.logging :as l]
   [app.common.schema :as sm]
   [app.common.transit :as t]
-   [app.common.uuid :as uuid]
   [app.config :as cf]
   [app.db :as db]
   [app.http.client :as http]
   [app.setup :as-alias setup]
-   [app.tokens :as tokens]
   [integrant.core :as ig]
-   [lambdaisland.uri :as u]
   [promesa.exec :as px]))

 ;; This is a task responsible to send the accumulated events to
@@ -52,19 +49,18 @@

 (defn- send!
  [{:keys [::uri] :as cfg} events]
-  (let [token   (tokens/generate cfg
-                                 {:iss "authentication"
-                                  :uid uuid/zero})
+  (let [skey    (-> cfg ::setup/shared-keys :nexus)
        body    (t/encode {:events events})
        headers {"content-type" "application/transit+json"
                 "origin" (str (cf/get :public-uri))
-                 "cookie" (u/map->query-string {:auth-token token})}
+                 "x-shared-key" (str "nexus " skey)}
        params  {:uri uri
                 :timeout 12000
                 :method :post
                 :headers headers
                 :body body}
        resp    (http/req! cfg params)]
+
    (if (= (:status resp) 204)
      true
      (do
@@ -109,7 +105,7 @@
 (def ^:private schema:handler-params
  [:map
   ::db/pool
-   ::setup/props
+   ::setup/shared-keys
   ::http/client])

 (defmethod ig/assert-key ::handler
--- a/backend/src/app/main.clj
+++ b/backend/src/app/main.clj
@@ -466,16 +466,17 @@

   ::setup/shared-keys
   {::setup/props (ig/ref ::setup/props)
-    :nitrate (cf/get :nitrate-shared-key)
-    :exporter (cf/get :exporter-shared-key)}
+    :nexus        (cf/get :nexus-shared-key)
+    :nitrate      (cf/get :nitrate-shared-key)
+    :exporter     (cf/get :exporter-shared-key)}

   ::setup/clock
   {}

   :app.loggers.audit.archive-task/handler
-   {::setup/props        (ig/ref ::setup/props)
-    ::db/pool            (ig/ref ::db/pool)
-    ::http.client/client (ig/ref ::http.client/client)}
+   {::setup/shared-keys  (ig/ref ::setup/shared-keys)
+    ::http.client/client (ig/ref ::http.client/client)
+    ::db/pool            (ig/ref ::db/pool)}

   :app.loggers.audit.gc-task/handler
   {::db/pool (ig/ref ::db/pool)}
--- a/backend/src/app/setup.clj
+++ b/backend/src/app/setup.clj
@@ -82,45 +82,37 @@
  (db/tx-run! cfg (fn [{:keys [::db/conn]}]
                    (db/xact-lock! conn 0)
                    (when-not key
-                      (l/warn :hint (str "using autogenerated secret-key, it will change on each restart and will invalidate "
-                                         "all sessions on each restart, it is highly recommended setting up the "
-                                         "PENPOT_SECRET_KEY environment variable")))
+                      (l/wrn :hint (str "using autogenerated secret-key, it will change "
+                                        "on each restart and will invalidate "
+                                        "all sessions on each restart, it is highly "
+                                        "recommended setting up the "
+                                        "PENPOT_SECRET_KEY environment variable")))
                    (let [secret (or key (generate-random-key))]
                      (-> (get-all-props conn)
                          (assoc :secret-key secret)
                          (assoc :tokens-key (keys/derive secret :salt "tokens"))
                          (update :instance-id handle-instance-id conn (db/read-only? pool)))))))

-(sm/register! ::props [:map-of :keyword ::sm/any])
-
-
 (defmethod ig/init-key ::shared-keys
  [_ {:keys [::props] :as cfg}]
  (let [secret (get props :secret-key)]
-    (d/without-nils
-     {:exporter
-      (let [key (or (get cfg :exporter)
-                    (-> (keys/derive secret :salt "exporter")
-                        (bc/bytes->b64-str true)))]
-        (if (or (str/empty? key)
-                (str/blank? key))
-          (do
-            (l/wrn :hint "exporter key is disabled because empty string found")
-            nil)
-          (do
-            (l/inf :hint "exporter key initialized" :key (d/obfuscate-string key))
-            key)))
+    (reduce (fn [keys id]
+              (let [key (or (get cfg id)
+                            (-> (keys/derive secret :salt (name id))
+                                (bc/bytes->b64-str true)))]
+                (if (or (str/empty? key)
+                        (str/blank? key))
+                  (do
+                    (l/wrn :id (name id) :hint "key is disabled because empty string found")
+                    keys)
+                  (do
+                    (l/inf :id (name id) :hint "key initialized" :key (d/obfuscate-string key))
+                    (assoc keys id key)))))
+            {}
+            [:exporter
+             :nitrate
+             :nexus])))

-      :nitrate
-      (let [key (or (get cfg :nitrate)
-                    (-> (keys/derive secret :salt "nitrate")
-                        (bc/bytes->b64-str true)))]
-        (if (or (str/empty? key)
-                (str/blank? key))
-          (do
-            (l/wrn :hint "nitrate key is disabled because empty string found")
-            nil)
-          (do
-            (l/inf :hint "nitrate key initialized" :key (d/obfuscate-string key))
-            key)))})))
+(sm/register! ::props [:map-of :keyword ::sm/any])
+(sm/register! ::shared-keys [:map-of :keyword ::sm/text])

--- a/common/src/app/common/schema.cljc
+++ b/common/src/app/common/schema.cljc
@@ -5,7 +5,7 @@
 ;; Copyright (c) KALEIDOS INC

 (ns app.common.schema
-  (:refer-clojure :exclude [deref merge parse-uuid parse-long parse-double parse-boolean type keys])
+  (:refer-clojure :exclude [deref merge parse-uuid parse-long parse-double parse-boolean type keys select-keys])
  #?(:cljs (:require-macros [app.common.schema :refer [ignoring]]))
  (:require
   #?(:clj [malli.dev.pretty :as mdp])
@@ -93,6 +93,11 @@
  [& items]
  (apply mu/merge (map schema items)))

+(defn select-keys
+  [s keys & {:as opts}]
+  (let [s (schema s)]
+    (mu/select-keys s keys opts)))
+
 (defn assoc-key
  "Add a key & value to a schema of type [:map]. If the first level node of the schema
   is not a map, will do a depth search to find the first map node and add the key there."
@@ -138,10 +143,10 @@
   (mu/optional-keys schema keys default-options)))

 (defn required-keys
-  ([schema]
-   (mu/required-keys schema nil default-options))
-  ([schema keys]
-   (mu/required-keys schema keys default-options)))
+  ([s]
+   (mu/required-keys (schema s) nil default-options))
+  ([s keys]
+   (mu/required-keys (schema s) keys default-options)))

 (defn transformer
  [& transformers]
@@ -646,7 +651,7 @@
       {:title "set"
        :description "Set of Strings"
        :error/message "should be a set of strings"
-        :gen/gen (-> kind sg/generator sg/set)
+        :gen/gen (sg/mcat (fn [_] (sg/generator kind)) sg/int)
        :decode/string decode
        :decode/json decode
        :encode/string encode-string
--- a/frontend/src/app/main/data/workspace/variants.cljs
+++ b/frontend/src/app/main/data/workspace/variants.cljs
@@ -613,7 +613,7 @@
       vec))

 (defn combine-as-variants
-  [ids {:keys [page-id trigger variant-id] :or {variant-id nil}}]
+  [ids {:keys [page-id trigger]}]
  (ptk/reify ::combine-as-variants
    ptk/WatchEvent
    (watch [_ state stream]
@@ -647,7 +647,7 @@
                                          :shapes
                                          count
                                          inc)
-                        variant-id    (or variant-id (uuid/next))
+                        variant-id    (uuid/next)
                        undo-id       (js/Symbol)]

                    (rx/concat
--- a/frontend/src/app/plugins/api.cljs
+++ b/frontend/src/app/plugins/api.cljs
@@ -14,7 +14,6 @@
   [app.common.geom.point :as gpt]
   [app.common.schema :as sm]
   [app.common.types.color :as ctc]
-   [app.common.types.component :as ctk]
   [app.common.types.shape :as cts]
   [app.common.types.text :as txt]
   [app.common.uuid :as uuid]
@@ -27,7 +26,6 @@
   [app.main.data.workspace.groups :as dwg]
   [app.main.data.workspace.media :as dwm]
   [app.main.data.workspace.selection :as dws]
-   [app.main.data.workspace.variants :as dwv]
   [app.main.data.workspace.wasm-text :as dwwt]
   [app.main.features :as features]
   [app.main.fonts :refer [fetch-font-css]]
@@ -610,26 +608,4 @@

        :else
        (let [ids (into #{} (map #(obj/get % "$id")) shapes)]
-          (st/emit! (dw/convert-selected-to-path ids)))))
-
-    :createVariantFromComponents
-    (fn [shapes]
-      (cond
-        (or (not (seq shapes))
-            (not (every? u/is-main-component-proxy? shapes)))
-        (u/display-not-valid :shapes shapes)
-
-        :else
-        (let [file-id (obj/get (first shapes) "$file")
-              page-id (obj/get (first shapes) "$page")
-              ids (->> shapes
-                       (map #(obj/get % "$id"))
-                       (into #{}))
-              shape     (u/locate-shape file-id page-id (first ids))
-              component (u/locate-library-component file-id (:component-id shape))]
-          (when (and component (not (ctk/is-variant? component)))
-            (let [variant-id (uuid/next)]
-              (st/emit! (dwv/combine-as-variants
-                         ids
-                         {:trigger "plugin:combine-as-variants" :variant-id variant-id}))
-              (library/variant-proxy plugin-id file-id variant-id))))))))
+          (st/emit! (dw/convert-selected-to-path ids)))))))
--- a/frontend/src/app/plugins/shape.cljs
+++ b/frontend/src/app/plugins/shape.cljs
@@ -1350,22 +1350,16 @@

           :combineAsVariants
           (fn [ids]
-             (cond
-               (or (not (seq ids)) (not (every? uuid/parse* ids)))
+             (if (or (not (seq ids)) (not (every? uuid/parse* ids)))
               (u/display-not-valid :ids ids)
-
-               :else
               (let [shape     (u/locate-shape file-id page-id id)
                     component (u/locate-library-component file-id (:component-id shape))
                     ids (->> ids
                              (map uuid/uuid)
                              (into #{id}))]
-                 (when (and component (not (ctk/is-variant? component)))
-                   (let [variant-id (uuid/next)]
-                     (st/emit! (dwv/combine-as-variants
-                                ids
-                                {:trigger "plugin:combine-as-variants" :variant-id variant-id}))
-                     (variant-proxy plugin-id file-id variant-id)))))))
+                 (when  (and component (not (ctk/is-variant? component)))
+                   (st/emit!
+                    (dwv/combine-as-variants ids {:trigger "plugin:combine-as-variants"})))))))

         (cond-> (or (cfh/frame-shape? data) (cfh/group-shape? data) (cfh/svg-raw-shape? data) (cfh/bool-shape? data))
           (crc/add-properties!
--- a/frontend/src/app/plugins/utils.cljs
+++ b/frontend/src/app/plugins/utils.cljs
@@ -11,7 +11,6 @@
   [app.common.data.macros :as dm]
   [app.common.json :as json]
   [app.common.schema :as sm]
-   [app.common.types.component :as ctk]
   [app.common.types.container :as ctn]
   [app.common.types.file :as ctf]
   [app.common.types.tokens-lib :as ctob]
@@ -259,9 +258,4 @@
  (if-let [explain (-> cause ex-data ::sm/explain)]
    (println (sm/humanize-explain explain))
    (js/console.log (ex-data cause)))
-  (js/console.log (.-stack cause)))
-
-(defn is-main-component-proxy?
-  [p]
-  (when-let [shape (proxy->shape p)]
-    (ctk/main-instance? shape)))
+  (js/console.log (.-stack cause)))
--- a/plugins/libs/plugin-types/index.d.ts
+++ b/plugins/libs/plugin-types/index.d.ts
@@ -1297,15 +1297,6 @@ export interface Context {
   * @param shapes to flatten
   */
  flatten(shapes: Shape[]): Path[];
-
-  /**
-   * Combine several standard Components into a VariantComponent. Similar to doing it
-   * with the contextual menu on the Penpot interface.
-   * All the shapes passed as arguments should be main instances.
-   * @param shapes A list of main instances of the components to combine.
-   * @return The variant container created
-   */
-  createVariantFromComponents(shapes: Board[]): VariantContainer;
 }

 /**
@@ -3827,9 +3818,8 @@ export interface ShapeBase extends PluginData {
   * on the Penpot interface.
   * The current shape must be a component main instance.
   * @param ids A list of ids of the main instances of the components to combine with this one.
-   * @return The variant container created
   */
-  combineAsVariants(ids: string[]): VariantContainer;
+  combineAsVariants(ids: string[]): void;

  /**
   * @return Returns true when the current shape is the head of a components tree nested structure,
--- a/plugins/libs/plugins-runtime/src/lib/api/index.ts
+++ b/plugins/libs/plugins-runtime/src/lib/api/index.ts
@@ -358,11 +358,6 @@ export function createApi(
      checkPermission('content:write');
      return plugin.context.flatten(shapes);
    },
-
-    createVariantFromComponents(shapes: Board[]): VariantContainer {
-      checkPermission('content:write');
-      return plugin.context.createVariantFromComponents(shapes);
-    },
  };

  return {