@smart-chain-fr/smartgitanchor
TypeScript icon, indicating that this package has built-in type declarations

1.1.3 • Public • Published

SmartGitAnchor

Overview

SmartGitAnchor is a Node.js package designed for automated computation and secure transmission of file hashes, with a particular focus on blockchain technologies like Tezos and Ethereum. It's ideal for CI/CD pipelines, especially in blockchain development projects, where verifying the integrity of files against a Merkle tree generated hash root is crucial. The package generates SHA-256 hashes, a standard in blockchain hash functions, for files and securely transmits these to a specified API endpoint.

How It Works

This package works by scanning all files within a specified directory, computing their SHA-256 hashes, and then sending these hashes in a JSON payload to a designated secure API endpoint. It leverages environment variables for configuration, ensuring flexibility and ease of integration into various workflows.

Getting Started

Prerequisites

  • Node.js (version 14 or higher is recommended)
  • A GitHub repository where the package will be implemented
  • A secure API endpoint that will receive the file hashes (see Secure API Endpoint Setup)

Installation and Setup (GitHub Actions Workflow)

Install SmartGitAnchor via npm with the following command:

npm install @smart-chain-fr/SmartGitAnchor

Create a GitHub Actions Workflow

To utilize SmartGitAnchor within your GitHub Actions workflow, follow these steps to set up the .github/workflows YAML file in your project. this is an example of a workflow that will compute and send file hashes to an API endpoint when a push event occurs:

name: SmartGitAnchor CI
on: [push]
jobs:
  send-hashes:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v2

      - name: Set up Node.js
        uses: actions/setup-node@v2
        with:
          node-version: "20"

      - name: Install SmartGitAnchor
        run: npm install @smart-chain-fr/smartgitanchor -g

      - name: Compute hashes and send to API
        run: smartgitanchor --callbackUrl=${{ secrets.CALLBACK_URL }} --apiUrl=${{ secrets.SECURE_API }} --apiKey=${{ secrets.API_KEY }} --filesPath=${{ secrets.FILES_PATH }}

Create Secrets

set the following secrets in your GitHub repository:

  • SECURE_API: The URL of the API endpoint that will receive the file hashes
  • API_KEY: The API key that will be used to authenticate the request to the API endpoint
  • FILES_PATH: The path to the directory containing the files whose hashes will be computed
  • CALLBACK_URL(optional): The URL callback that will be used to send the response from the API endpoint

Workflow Explanation

Once the workflow is set up, the hashes of the files in the specified directory will be computed and sent to the API endpoint. The API endpoint will then respond with a JSON payload containing the hashes of the files. If a callback URL is specified, the response from the API endpoint will be sent to the callback URL.

Secure API Endpoint Setup

Secure API, part of the Bloom suite, that allows you to receive the hashes of the files sent by SmartGitAnchor. To use it, you must contact the smartchain team to create an account and get your API key and the URL of your API endpoint. You can contact the team at Contact and specify that you want to use the Secure API service.

Command Line Interface (CLI) Usage

installation

npm install @smart-chain-fr/smartgitanchor -g

Usage

smartgitanchor [options]

options:

  • --callbackUrl: The URL callback that will be used to send the response from the API endpoint
  • --apiUrl: The URL of the API endpoint that will receive the file hashes (required)
  • --apiKey: The API key that will be used to authenticate the request to the API endpoint (required)
  • --filesPath: The path to the directory containing the files whose hashes will be computed (required)

Example

smartgitanchor --callbackUrl=https://example.com/callback --apiUrl=https://example.com/api --apiKey=1234567890 --filesPath=/home/user/my-project

GitLab CI/CD Pipeline Setup (Coming Soon)

Contributing

Contributions are welcome! Please see the contributing guide for more details.

License

This project is licensed under the terms of the MIT license.

Initied by

This library was initied by Smartchain.

Readme

Keywords

none

Package Sidebar

Install

npm i @smart-chain-fr/smartgitanchor

Weekly Downloads

1

Version

1.1.3

License

MIT

Unpacked Size

12.9 kB

Total Files

5

Last publish

Collaborators

  • smartchain