Open Keyrxng opened 1 month ago
This is an urgent task as it's a blocker now for #3 and estimate it to be about 4 hours+ of work depending on the approach to be implemented
Any longer than two days without direction or input and I'm going to disable the GitHub storage adapter and return to using the Supabase one so I can move that PR forward.
rfc @0x4007
We can just use our existing X25519 encryption @rndquu rfc
You mentioned during review that we'll make Global Storage private and handle it that way but yes we could use the same encryption we use in other projects if that's the method to implement.
@Keyrxng
Trying to understand how the whole plugin works.
ubiquity-os-telegram-bot
) is createdubiquity-os-telegram-bot
and prints /start
ubiquity-os-telegram-bot
receives a webhook from the user where we save username and user id to some storage (supabase/github json/whatever...)ubiquity-os
github app receives a webhookubiquity-os
github app retrieves contributor's telegram username with user id and (using ubiquity-os-telegram-bot
credentials) sends a direct message in telegram to a user that issue has been resolvedDoes it work this way?
kernel-telegram
receives payloads from GitHub/UbiquityOS when the payment comment is posted or edited. We use the BotFather API to send a message to the user.kernel-telegram
receives a telegram payload when a user calls /register keyrxng
, /subscribe
, etc. With these payloads we don't have the kernel' auth token yml config settings for the plugin nothing like that. It effectively runs on env
and whatever TypeBox defaults we use. So to use Octokit we need an access token, the app provides that. For storage, app was required for private repo writes. If storage is public, use encryption no problem (but doesn't solve for other plugins with sensitive data to store). Private storage is the better approach long term./register keyrxng
: TG sends our worker a bot_command
payload, we call rest.getByUsername
and write to SB or GH./subscribe
: selects a trigger which runs on GitHub webhooks, we update storage.UbiquityOS
kernel sends it to the telegram-kernel
worker (because it's a BotFather feature), it pulls from DB for username match and which triggers are subscribed toThe session string is for the MTProto API which is responsible for the workrooms
feature, it doesn't affect notifications as that's a Bot API feature.
plugin-template
feed it back to the kernel, pass it off to a dedicated worker which tracks usage in real-time across all incoming plugins/org/developer etc and we are able to message all parties if something is wrong or about to break..fatal()
errors from the logger straight into a dedicated core team TG channelThere are a lot more applications for this but after #13 is fully installed which will be later today I'll make a task and aim to really improve the docs etc for this plugin as it is a little complex
The session string solve is easy:
@Keyrxng
ubiquity-os-kernel-telegram
is a telegram bot, not a github app, correct?ubiquity-os-kernel-telegram
is also able to receive webhooks from https://github.com/ubiquity-os/ubiquity-os-kernel, correct?start-stop
or any other.Separate from that you need to also consider that the Telegram side has two "branches" we'll call them:
MTProto API: personal account to create workrooms, it can DM without a previous connection. It runs via actions only and has nothing to do with the BotFather. It needs the session string.
Why can't it be run in a cloudflare worker?
As far as I understand from the docs current plugin needs to be defined 2 times in the config:
Correct?
Basically yes.
Why can't it be run in a cloudflare worker?
The packages are not built for that env exactly, I did try alt libs and to find a way but I gathered we'd need something like Heroku or whatever to host the server
This originally dispatched it's own workflows and required defined only once through the worker url. We needed the kernel' APP_ID
and APP_PRIVATE_KEY
, this was rejected during review deemed unsafe to expose them but they have been exposed via org secrets now. So I think we should go back to self-dispatching
Relates to #3
The config repo is now public and GitHub layer storage is supposed to push into that repo.
This plugin has one ultra sensitive env var which is the MTProtoAPI Session String.
If that is stored in a public repo as raw text the TG can be hijacked easily.
original context