Cover validator is a set of AWS lambda functions that help validate user request’s inputs before getting forwarded to Cover canister or Cover builder.
- Cover only support DFX 0.8.4 or above
- NOTE: If you're using DFX 0.9.3 and above, when you build your wasm, DFX might automatically optimize the wasm for you when
ic-cdk-optimizeris installed, so beware of that when input theoptimizeCount - NOTE: DFX 0.11.0 and above will run optimization automatically for
rust(reference). So we recommended to inputoptimizeCount=0. - These APIs will check if:
- The inputs are in the right format?
- The caller has the right canister repo access permission?
- The caller is the controller of the canister?
- The caller really owned the provided
callerId?
- How to get
signatureandpublicKey: - Cover validator and builder will update the build status for you to follow. You can only re-build your canister when the Cover builder finishes its job and updates the status to either Error or Success. If the Cover builder failed to update build status, you’ll have to wait 5 minutes before rebuilding your canister. So make sure to fill your inputs correctly.
- Save a build config to Cover canister to reuse later (login required)
- Required inputs:
canisterId(string): ID of the canister you want to builddelegateCanisterId(string): Leave it empty if you don't use it. The canister controller of thecanisterId, useful when the controller is the cycle wallet canister or proxy canister.canisterName(string): name of the canisterrepoUrl(string): github repo of the canister in format {server}/{repo}repoAccessToken(string): Personal Access Token of a github account that hasREADpermission. Leave it empty if your repo is public How to create Personal Access TokencommitHash(hex string): the commit hash that gets builtrustVersion(string): Leave it empty if you don’t use Rust, must be specified if you want to optimize your wasm.dfxVersion(string): Dfx version to build the wasmoptimizeCount(number): The times you want to optimize your wasm. 1 is recommended (after the first time, the wasm isn’t going to be significantly smaller anymore). IfoptimizeCount> 0,rustVersionmust be specified.publicKey(hex string): public key ofcallerIdsignatureis signed with thetimestampbeing the message and will be expired after 5 minutes.callerId(hex string): the controller of thecanisterIdordelegateCanisterId.timestamp: the current time in milliseconds since the UNIX epoch, details here
- Example:
curl -X POST \
-H 'content-type: application/json' \
https://h969vfa2pa.execute-api.us-east-1.amazonaws.com/production/save-build-config -d \
'{
"canisterId": "xyzoo-abcd-aaaai-abgca-cai",
"delegateCanisterId": "jklas-abcd-aaaai-abgca-cai",
"canisterName": "cover",
"repoUrl": "psychedelic/cover",
"repoAccessToken": "ghp_1VxFGDfsdfasdfWER34SADF",
"commitHash": "b2724523128eb8d5bd823961de31a2f10bd48b94",
"rustVersion": "1.58.1",
"dfxVersion": "0.8.4",
"optimizeCount": 1,
"publicKey": "4a9048818a978dbd2113e2dacfc370b699c700e8786ccc5980c31839a9af7c89",
"signature": "6dda0e5c6a2a5716df8afe26418680675e64c6e8f3c30bab74d46bb33fe1ed621c179a7c8af2f554cbe213ddc89244f00c6cca95d43078aa24ac474075167164",
"callerId": "12345-46f74-s45g5-54321-c5vyq-4zv7t-54321-omikc-54321-olpgg-rqe",
"timestamp": 1649281583096
}'- Build provided config without login or save the config to Cover canister (user has to re-enter all the fields everytime send a build request since the config hasn't been saved)
- Required inputs:
canisterId(string): ID of the canister you want to builddelegateCanisterId(string): Leave it empty if you don't use it. The canister controller of thecanisterId, useful when the controller is the cycle wallet canister or proxy canister.canisterName(string): name of the canisterrepoUrl(string): github repo of the canister in format {server}/{repo}repoAccessToken(string): Personal Access Token of a github account that hasREADpermission. Leave it empty if your repo is public How to create Personal Access TokencommitHash(hex string): the commit hash that gets builtrustVersion(string): Leave it empty if you don’t use Rust, must be specified if you want to optimize your wasm.dfxVersion(string): Dfx version to build the wasmoptimizeCount(number): The times you want to optimize your wasm. 1 is recommended (after the first time, the wasm isn’t going to be significantly smaller anymore). IfoptimizeCount> 0,rustVersionmust be specified.publicKey(hex string): public key ofcallerIdsignatureis signed with thetimestampbeing the message and will be expired after 5 minutes.callerId(hex string): the controller of thecanisterIdordelegateCanisterId.timestamp: the current time in milliseconds since the UNIX epoch, details here
- Example:
curl -X POST \
-H 'content-type: application/json' \
https://h969vfa2pa.execute-api.us-east-1.amazonaws.com/production/build -d \
'{
"canisterId": "xyzoo-abcd-aaaai-abgca-cai",
"delegateCanisterId": "jklas-abcd-aaaai-abgca-cai",
"canisterName": "motoko_canister",
"repoUrl": "example/motoko_canister",
"repoAccessToken": "ghp_1VxFGDfsdfasdfWER34SADF",
"commitHash": "b2724523128eb8d5bd823961de31a2f10bd48b94",
"rustVersion": "",
"dfxVersion": "0.8.4",
"optimizeCount": 0,
"publicKey": "4a9048818a978dbd2113e2dacfc370b699c700e8786ccc5980c31839a9af7c89",
"signature": "6dda0e5c6a2a5716df8afe26418680675e64c6e8f3c30bab74d46bb33fe1ed621c179a7c8af2f554cbe213ddc89244f00c6cca95d43078aa24ac474075167164",
"callerId": "12345-46f74-s45g5-54321-c5vyq-4zv7t-54321-omikc-54321-olpgg-rqe",
"timestamp": 1649281583096
}'- Build an existing config from the Cover canister (login required)
- Required inputs:
canisterId(string): ID of the canister you want to buildpublicKey(hex string): public key ofcallerIdrepoAccessToken(string): Personal Access Token of a github account that hasREADpermission. Leave it empty if your repo is public How to create Personal Access Tokensignatureis signed with thetimestampbeing the message and will be expired after 5 minutes.callerId(hex string): the controller of the canistertimestamp: the current time in milliseconds since the UNIX epoch, details here
- Example:
curl -X POST \
-H 'content-type: application/json' \
https://h969vfa2pa.execute-api.us-east-1.amazonaws.com/production/build-with-config -d \
'{
"canisterId": "xyzoo-abcd-aaaai-abgca-cai",
"callerId": "12345-46f74-s45g5-54321-c5vyq-4zv7t-54321-omikc-54321-olpgg-rqe",
"publicKey": "4a9048818a978dbd2113e2dacfc370b699c700e8786ccc5980c31839a9af7c89",
"signature": "6dda0e5c6a2a5716df8afe26418680675e64c6e8f3c30bab74d46bb33fe1ed621c179a7c8af2f554cbe213ddc89244f00c6cca95d43078aa24ac474075167164",
"repoAccessToken": "",
"timestamp": 1649281583096
}'- Without providing proof of ownership, it's possible to have your build-config exposed via query method from your canister.
- NOTE: You must expose
coverMetadataquery method from your canister.
Candid example:
// canister.did
type CoverMetadata = record {
controller : text;
dfx_version : text;
canister_name : text;
commit_hash : text;
repo_url : text;
rust_version : opt text;
optimize_count : nat8;
};
service : {
coverMetadata : () -> (CoverMetadata) query;
}
- Required inputs:
canisterId(string): ID of the canister you want to buildrepoAccessToken(string): Personal Access Token of a github account that hasREADpermission. Leave it empty if your repo is public How to create Personal Access Token
- Example:
curl -X POST \
-H 'content-type: application/json' \
https://h969vfa2pa.execute-api.us-east-1.amazonaws.com/production/build-with-cover-metadata -d \
'{
"canisterId": "xyzoo-abcd-aaaai-abgca-cai",
"repoAccessToken": ""
}'