platform: modularize api/gui, add docs-tests-web foundation, and refresh root config

2026-03-26 22:40:54 +03:00
parent 0e2d7f61ea
commit 6a56d734c2
562 changed files with 70151 additions and 16423 deletions
--- a/tests/transport_packaging_policy_rollout.sh
+++ b/tests/transport_packaging_policy_rollout.sh
@@ -0,0 +1,220 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+ROOT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
+UPDATER="${ROOT_DIR}/scripts/transport-packaging/update.sh"
+
+require_cmd() {
+  local cmd="$1"
+  if ! command -v "$cmd" >/dev/null 2>&1; then
+    echo "[transport_packaging_policy_rollout] missing command: ${cmd}" >&2
+    exit 1
+  fi
+}
+
+require_cmd bash
+require_cmd openssl
+require_cmd sha256sum
+require_cmd jq
+
+tmp_dir="$(mktemp -d)"
+trap 'rm -rf "$tmp_dir"' EXIT
+
+assets_dir="${tmp_dir}/assets"
+bin_root="${tmp_dir}/bin-root"
+keys_dir="${tmp_dir}/keys"
+mkdir -p "$assets_dir" "$bin_root" "$keys_dir"
+
+asset_v1="${assets_dir}/sing-box-v1"
+asset_v2="${assets_dir}/sing-box-v2"
+sig_v1="${assets_dir}/sing-box-v1.sig"
+sig_v2="${assets_dir}/sing-box-v2.sig"
+sig_bad="${assets_dir}/sing-box-v2.bad.sig"
+
+cat >"$asset_v1" <<'EOF'
+#!/usr/bin/env bash
+echo "signed sing-box v1"
+EOF
+chmod +x "$asset_v1"
+
+cat >"$asset_v2" <<'EOF'
+#!/usr/bin/env bash
+echo "signed sing-box v2"
+EOF
+chmod +x "$asset_v2"
+
+sha_v1="$(sha256sum "$asset_v1" | awk '{print $1}')"
+sha_v2="$(sha256sum "$asset_v2" | awk '{print $1}')"
+
+openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -out "${keys_dir}/release-private.pem" >/dev/null 2>&1
+openssl rsa -pubout -in "${keys_dir}/release-private.pem" -out "${keys_dir}/release-public.pem" >/dev/null 2>&1
+
+openssl dgst -sha256 -sign "${keys_dir}/release-private.pem" -out "$sig_v1" "$asset_v1"
+openssl dgst -sha256 -sign "${keys_dir}/release-private.pem" -out "$sig_v2" "$asset_v2"
+cp "$sig_v1" "$sig_bad"
+
+sig_sha_v1="$(sha256sum "$sig_v1" | awk '{print $1}')"
+sig_sha_v2="$(sha256sum "$sig_v2" | awk '{print $1}')"
+sig_sha_bad="$(sha256sum "$sig_bad" | awk '{print $1}')"
+
+policy="${tmp_dir}/source-policy.json"
+cat >"$policy" <<'EOF'
+{
+  "schema_version": 1,
+  "require_https": false,
+  "allow_file_scheme": true,
+  "signature": {
+    "default_mode": "required",
+    "allowed_types": ["openssl-sha256"]
+  },
+  "components": {
+    "singbox": {
+      "allowed_url_prefixes": ["file://"],
+      "signature_mode": "required"
+    }
+  }
+}
+EOF
+
+manifest="${tmp_dir}/manifest-canary.json"
+cat >"$manifest" <<EOF
+{
+  "schema_version": 1,
+  "components": {
+    "singbox": {
+      "enabled": true,
+      "binary_name": "sing-box",
+      "targets": {
+        "linux-amd64": {
+          "version": "1.0.0",
+          "url": "file://${asset_v1}",
+          "sha256": "${sha_v1}",
+          "asset_type": "raw",
+          "rollout": {
+            "stage": "canary",
+            "percent": 20
+          },
+          "signature": {
+            "type": "openssl-sha256",
+            "url": "file://${sig_v1}",
+            "sha256": "${sig_sha_v1}",
+            "public_key_path": "${keys_dir}/release-public.pem"
+          }
+        }
+      }
+    }
+  }
+}
+EOF
+
+echo "[transport_packaging_policy_rollout] stage mismatch -> skip"
+"$UPDATER" --manifest "$manifest" --source-policy "$policy" --bin-root "$bin_root" --component singbox --target linux-amd64 --rollout-stage stable --cohort-id 5
+if [[ -e "${bin_root}/sing-box" ]]; then
+  echo "[transport_packaging_policy_rollout] expected no install on stage mismatch" >&2
+  exit 1
+fi
+
+echo "[transport_packaging_policy_rollout] canary gated by cohort -> skip"
+"$UPDATER" --manifest "$manifest" --source-policy "$policy" --bin-root "$bin_root" --component singbox --target linux-amd64 --rollout-stage canary --cohort-id 55
+if [[ -e "${bin_root}/sing-box" ]]; then
+  echo "[transport_packaging_policy_rollout] expected no install when cohort is out of rollout percent" >&2
+  exit 1
+fi
+
+echo "[transport_packaging_policy_rollout] canary in cohort -> install"
+"$UPDATER" --manifest "$manifest" --source-policy "$policy" --bin-root "$bin_root" --component singbox --target linux-amd64 --rollout-stage canary --cohort-id 5
+out_v1="$("${bin_root}/sing-box")"
+if [[ "$out_v1" != "signed sing-box v1" ]]; then
+  echo "[transport_packaging_policy_rollout] expected signed v1 output, got: ${out_v1}" >&2
+  exit 1
+fi
+
+echo "[transport_packaging_policy_rollout] untrusted source must fail"
+manifest_untrusted="${tmp_dir}/manifest-untrusted.json"
+jq \
+  '.components.singbox.targets["linux-amd64"].version = "1.1.0" |
+   .components.singbox.targets["linux-amd64"].url = "https://example.com/sing-box" |
+   .components.singbox.targets["linux-amd64"].sha256 = "0000000000000000000000000000000000000000000000000000000000000000" |
+   .components.singbox.targets["linux-amd64"].rollout.stage = "stable" |
+   .components.singbox.targets["linux-amd64"].rollout.percent = 100' \
+  "$manifest" >"$manifest_untrusted"
+if "$UPDATER" --manifest "$manifest_untrusted" --source-policy "$policy" --bin-root "$bin_root" --component singbox --target linux-amd64 --rollout-stage stable --cohort-id 5 --dry-run; then
+  echo "[transport_packaging_policy_rollout] expected failure for untrusted source" >&2
+  exit 1
+fi
+
+echo "[transport_packaging_policy_rollout] bad signature must fail"
+manifest_bad_sig="${tmp_dir}/manifest-bad-sig.json"
+cat >"$manifest_bad_sig" <<EOF
+{
+  "schema_version": 1,
+  "components": {
+    "singbox": {
+      "enabled": true,
+      "binary_name": "sing-box",
+      "targets": {
+        "linux-amd64": {
+          "version": "1.2.0",
+          "url": "file://${asset_v2}",
+          "sha256": "${sha_v2}",
+          "asset_type": "raw",
+          "rollout": {
+            "stage": "stable",
+            "percent": 100
+          },
+          "signature": {
+            "type": "openssl-sha256",
+            "url": "file://${sig_bad}",
+            "sha256": "${sig_sha_bad}",
+            "public_key_path": "${keys_dir}/release-public.pem"
+          }
+        }
+      }
+    }
+  }
+}
+EOF
+if "$UPDATER" --manifest "$manifest_bad_sig" --source-policy "$policy" --bin-root "$bin_root" --component singbox --target linux-amd64 --rollout-stage stable --cohort-id 5; then
+  echo "[transport_packaging_policy_rollout] expected failure for bad signature" >&2
+  exit 1
+fi
+
+echo "[transport_packaging_policy_rollout] valid signature update -> install v2"
+manifest_good_sig="${tmp_dir}/manifest-good-sig.json"
+cat >"$manifest_good_sig" <<EOF
+{
+  "schema_version": 1,
+  "components": {
+    "singbox": {
+      "enabled": true,
+      "binary_name": "sing-box",
+      "targets": {
+        "linux-amd64": {
+          "version": "1.3.0",
+          "url": "file://${asset_v2}",
+          "sha256": "${sha_v2}",
+          "asset_type": "raw",
+          "rollout": {
+            "stage": "stable",
+            "percent": 100
+          },
+          "signature": {
+            "type": "openssl-sha256",
+            "url": "file://${sig_v2}",
+            "sha256": "${sig_sha_v2}",
+            "public_key_path": "${keys_dir}/release-public.pem"
+          }
+        }
+      }
+    }
+  }
+}
+EOF
+"$UPDATER" --manifest "$manifest_good_sig" --source-policy "$policy" --bin-root "$bin_root" --component singbox --target linux-amd64 --rollout-stage stable --cohort-id 5
+out_v2="$("${bin_root}/sing-box")"
+if [[ "$out_v2" != "signed sing-box v2" ]]; then
+  echo "[transport_packaging_policy_rollout] expected signed v2 output, got: ${out_v2}" >&2
+  exit 1
+fi
+
+echo "[transport_packaging_policy_rollout] passed"