From 02f69ff1480af0e599ead4ddaca8245d12f7ada4 Mon Sep 17 00:00:00 2001 From: Jeff Dickey <216188+jdx@users.noreply.github.com> Date: Mon, 11 Dec 2023 13:35:26 -0600 Subject: [PATCH] consolidate asset hosts --- CONTRIBUTING.md | 8 ++++---- README.md | 20 ++++++++++---------- SECURITY.md | 9 ++++----- docs/demo.tape | 2 +- packaging/homebrew/homebrew.rb | 8 ++++---- packaging/rpm/rtx.repo | 4 ++-- schema/rtx.json | 2 +- schema/rtx.plugin.json | 2 +- scripts/release.sh | 2 +- src/cli/doctor.rs | 2 +- src/cli/version.rs | 2 +- src/plugins/core/java.rs | 2 +- src/plugins/core/node.rs | 2 +- 13 files changed, 32 insertions(+), 33 deletions(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 8609713b3..0a885cbef 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -115,8 +115,8 @@ finch run -ti --rm ubuntu apt update -y apt install -y gpg sudo wget curl sudo install -dm 755 /etc/apt/keyrings -wget -qO - https://rtx.pub/gpg-key.pub | gpg --dearmor | sudo tee /etc/apt/keyrings/rtx-archive-keyring.gpg 1> /dev/null -echo "deb [signed-by=/etc/apt/keyrings/rtx-archive-keyring.gpg arch=arm64] https://rtx.pub/deb stable main" | sudo tee /etc/apt/sources.list.d/rtx.list +wget -qO - https://rtx.jdx.dev/gpg-key.pub | gpg --dearmor | sudo tee /etc/apt/keyrings/rtx-archive-keyring.gpg 1> /dev/null +echo "deb [signed-by=/etc/apt/keyrings/rtx-archive-keyring.gpg arch=arm64] https://rtx.jdx.dev/deb stable main" | sudo tee /etc/apt/sources.list.d/rtx.list apt update apt install -y rtx rtx -V @@ -127,7 +127,7 @@ rtx -V ```shell finch run -ti --rm amazonlinux yum install -y yum-utils -yum-config-manager --add-repo https://rtx.pub/rpm/rtx.repo +yum-config-manager --add-repo https://rtx.jdx.dev/rpm/rtx.repo yum install -y rtx rtx -v ``` @@ -137,7 +137,7 @@ rtx -v ```shell finch run -ti --rm fedora dnf install -y dnf-plugins-core -dnf config-manager --add-repo https://rtx.pub/rpm/rtx.repo +dnf config-manager --add-repo https://rtx.jdx.dev/rpm/rtx.repo dnf install -y rtx rtx -v ``` diff --git a/README.md b/README.md index 2bfb15461..68b60aa4b 100644 --- a/README.md +++ b/README.md @@ -36,7 +36,7 @@ Note that calling `which node` gives us a real path to node, not a shim. Install rtx on macOS (other methods [here](#installation)): ```sh-session -$ curl https://rtx.pub/rtx-latest-macos-arm64 > ~/bin/rtx +$ curl https://rtx.jdx.dev/rtx-latest-macos-arm64 > ~/bin/rtx $ chmod +x ~/bin/rtx $ rtx --version rtx 2023.12.21 @@ -252,14 +252,14 @@ Note that it isn't necessary for `rtx` to be on `PATH`. If you run the activate file, rtx will automatically add itself to `PATH`. ``` -curl https://rtx.pub/install.sh | sh +curl https://rtx.jdx.dev/install.sh | sh ``` If you want to verify the install script hasn't been tampered with: ``` gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 0x29DDE9E0 -curl https://rtx.pub/install.sh.sig | gpg --decrypt > install.sh +curl https://rtx.jdx.dev/install.sh.sig | gpg --decrypt > install.sh # ensure the above is signed with the rtx release key sh ./install.sh ``` @@ -267,7 +267,7 @@ sh ./install.sh or if you're allergic to `| sh`: ``` -curl https://rtx.pub/rtx-latest-macos-arm64 > /usr/local/bin/rtx +curl https://rtx.jdx.dev/rtx-latest-macos-arm64 > /usr/local/bin/rtx ``` It doesn't matter where you put it. So use `~/bin`, `/usr/local/bin`, `~/.local/share/rtx/bin/rtx` @@ -367,8 +367,8 @@ For installation on Ubuntu/Debian: ``` sudo install -dm 755 /etc/apt/keyrings -wget -qO - https://rtx.pub/gpg-key.pub | gpg --dearmor | sudo tee /etc/apt/keyrings/rtx-archive-keyring.gpg 1> /dev/null -echo "deb [signed-by=/etc/apt/keyrings/rtx-archive-keyring.gpg arch=amd64] https://rtx.pub/deb stable main" | sudo tee /etc/apt/sources.list.d/rtx.list +wget -qO - https://rtx.jdx.dev/gpg-key.pub | gpg --dearmor | sudo tee /etc/apt/keyrings/rtx-archive-keyring.gpg 1> /dev/null +echo "deb [signed-by=/etc/apt/keyrings/rtx-archive-keyring.gpg arch=amd64] https://rtx.jdx.dev/deb stable main" | sudo tee /etc/apt/sources.list.d/rtx.list sudo apt update sudo apt install -y rtx ``` @@ -378,7 +378,7 @@ sudo apt install -y rtx > If you're on arm64 you'll need to run the following: > > ``` -> echo "deb [signed-by=/etc/apt/keyrings/rtx-archive-keyring.gpg arch=arm64] https://rtx.pub/deb stable main" | sudo tee /etc/apt/sources.list.d/rtx.list +> echo "deb [signed-by=/etc/apt/keyrings/rtx-archive-keyring.gpg arch=arm64] https://rtx.jdx.dev/deb stable main" | sudo tee /etc/apt/sources.list.d/rtx.list > ``` @@ -389,7 +389,7 @@ For Fedora, CentOS, Amazon Linux, RHEL and other dnf-based distributions: ``` dnf install -y dnf-plugins-core -dnf config-manager --add-repo https://rtx.pub/rpm/rtx.repo +dnf config-manager --add-repo https://rtx.jdx.dev/rpm/rtx.repo dnf install -y rtx ``` @@ -399,7 +399,7 @@ dnf install -y rtx ``` yum install -y yum-utils -yum-config-manager --add-repo https://rtx.pub/rpm/rtx.repo +yum-config-manager --add-repo https://rtx.jdx.dev/rpm/rtx.repo yum install -y rtx ``` @@ -1500,7 +1500,7 @@ jobs: build: steps: - run: | - curl https://rtx.pub/install.sh | sh + curl https://rtx.jdx.dev/install.sh | sh echo "$HOME/.local/share/rtx/bin" >> $GITHUB_PATH echo "$HOME/.local/share/rtx/shims" >> $GITHUB_PATH ``` diff --git a/SECURITY.md b/SECURITY.md index a5fd3b798..0cb07aad8 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -20,12 +20,11 @@ the project. I only select dependencies with broad usage across the Rust communi I'm open to PRs or suggestions on reducing dependency count even at the cost of functionality because it will make rtx more secure. -## rtx.pub +## rtx.jdx.dev -rtx.pub is the asset host for rtx. It's used to host precompiled rtx CLI binaries, and hosts a "[VERSION](https://rtx.pub/VERSION)" -which rtx uses to occasionally check for a new version being released. Currently this is hosted with a mix -of 3 different vendors for CDN, assets, and domain registration. This will be brought down to a single vendor -to reduce the surface area for security reasons. +rtx.jdx.dev is the asset host for rtx. It's used to host precompiled rtx CLI binaries, and hosts a "[VERSION](https://rtx.jdx.dev/VERSION)" +which rtx uses to occasionally check for a new version being released. Everything hosted there uses a single +vendor to reduce surface area. ## rtx plugins diff --git a/docs/demo.tape b/docs/demo.tape index 29b4e9527..3a82d7e2d 100644 --- a/docs/demo.tape +++ b/docs/demo.tape @@ -58,7 +58,7 @@ Set Width 1200 Set Height 600 Set Padding 10 -Type "http rtx.pub/rtx-latest-macos-arm64 > ~/bin/rtx" Enter Sleep 2s +Type "http rtx.jdx.dev/rtx-latest-macos-arm64 > ~/bin/rtx" Enter Sleep 2s Type "chmod +x ~/bin/rtx" Sleep 1s Enter Sleep 1s Type "rtx -v" Sleep 1s Enter Sleep 1s Type 'eval "$(rtx activate bash)"' Sleep 1s Enter Sleep 2s diff --git a/packaging/homebrew/homebrew.rb b/packaging/homebrew/homebrew.rb index ea50bb15a..3161ee195 100644 --- a/packaging/homebrew/homebrew.rb +++ b/packaging/homebrew/homebrew.rb @@ -8,22 +8,22 @@ class Rtx < Formula on_macos do if Hardware::CPU.intel? - url "https://rtx.pub/v$RTX_VERSION/rtx-v$RTX_VERSION-macos-x64.tar.xz" + url "https://rtx.jdx.dev/v$RTX_VERSION/rtx-v$RTX_VERSION-macos-x64.tar.xz" sha256 "$RTX_CHECKSUM_MACOS_X86_64" end if Hardware::CPU.arm? - url "https://rtx.pub/v$RTX_VERSION/rtx-v$RTX_VERSION-macos-arm64.tar.xz" + url "https://rtx.jdx.dev/v$RTX_VERSION/rtx-v$RTX_VERSION-macos-arm64.tar.xz" sha256 "$RTX_CHECKSUM_MACOS_ARM64" end end on_linux do if Hardware::CPU.arm? && Hardware::CPU.is_64_bit? - url "https://rtx.pub/v$RTX_VERSION/rtx-v$RTX_VERSION-linux-arm64.tar.xz" + url "https://rtx.jdx.dev/v$RTX_VERSION/rtx-v$RTX_VERSION-linux-arm64.tar.xz" sha256 "$RTX_CHECKSUM_LINUX_ARM64" end if Hardware::CPU.intel? - url "https://rtx.pub/v$RTX_VERSION/rtx-v$RTX_VERSION-linux-x64.tar.xz" + url "https://rtx.jdx.dev/v$RTX_VERSION/rtx-v$RTX_VERSION-linux-x64.tar.xz" sha256 "$RTX_CHECKSUM_LINUX_X86_64" end end diff --git a/packaging/rpm/rtx.repo b/packaging/rpm/rtx.repo index 94053a357..b017080b2 100644 --- a/packaging/rpm/rtx.repo +++ b/packaging/rpm/rtx.repo @@ -1,6 +1,6 @@ [rtx-repo] name=RTX Repo -baseurl=https://rtx.pub/rpm +baseurl=https://rtx.jdx.dev/rpm enabled=1 gpgcheck=1 -gpgkey=http://rtx.pub/gpg-key.pub +gpgkey=http://rtx.jdx.dev/gpg-key.pub diff --git a/schema/rtx.json b/schema/rtx.json index f9c09ec98..1f11a6e79 100644 --- a/schema/rtx.json +++ b/schema/rtx.json @@ -1,6 +1,6 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "https://rtx.pub/schema/rtx.json", + "$id": "https://rtx.jdx.dev/schema/rtx.json", "title": "rtx", "description": "config file for rtx version manager (.rtx.toml)", "type": "object", diff --git a/schema/rtx.plugin.json b/schema/rtx.plugin.json index 5e4ec6c51..838cc763e 100644 --- a/schema/rtx.plugin.json +++ b/schema/rtx.plugin.json @@ -1,6 +1,6 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "https://rtx.pub/schema/rtx.plugin.json", + "$id": "https://rtx.jdx.dev/schema/rtx.plugin.json", "title": "rtx-plugin", "description": "config file for an rtx plugin", "type": "object", diff --git a/scripts/release.sh b/scripts/release.sh index b685bb6da..eb99227ee 100755 --- a/scripts/release.sh +++ b/scripts/release.sh @@ -64,7 +64,7 @@ gpg -u 408B88DB29DDE9E0 --output "$RELEASE_DIR"/install.sh.sig --sign "$RELEASE_ if [[ "$DRY_RUN" != 1 ]]; then NPM_PREFIX=@jdxcode/rtx ./rtx/scripts/release-npm.sh NPM_PREFIX=rtx-cli ./rtx/scripts/release-npm.sh - #AWS_S3_BUCKET=rtx.pub ./rtx/scripts/publish-s3.sh + #AWS_S3_BUCKET=rtx.jdx.dev ./rtx/scripts/publish-s3.sh ./rtx/scripts/publish-r2.sh fi diff --git a/src/cli/doctor.rs b/src/cli/doctor.rs index e12a4e1f6..f5904926b 100644 --- a/src/cli/doctor.rs +++ b/src/cli/doctor.rs @@ -62,7 +62,7 @@ impl Doctor { if !config.is_activated() && !shims_on_path() { let cmd = style("rtx help activate").yellow().for_stderr(); - let url = style("https://rtx.pub").underlined().for_stderr(); + let url = style("https://rtx.jdx.dev").underlined().for_stderr(); let shims = style(dirs::SHIMS.display()).cyan().for_stderr(); checks.push(formatdoc!( r#"rtx is not activated, run {cmd} or diff --git a/src/cli/version.rs b/src/cli/version.rs index d2fcc0414..388c9e154 100644 --- a/src/cli/version.rs +++ b/src/cli/version.rs @@ -111,7 +111,7 @@ fn get_latest_version_call() -> Option { #[cfg(not(test))] fn get_latest_version_call() -> Option { let timeout = Duration::from_secs(3); - const URL: &str = "http://rtx.pub/VERSION"; + const URL: &str = "http://rtx.jdx.dev/VERSION"; debug!("checking rtx version from {}", URL); let client = crate::http::Client::new_with_timeout(timeout).ok()?; match client.get_text(URL) { diff --git a/src/plugins/core/java.rs b/src/plugins/core/java.rs index c9f46b390..756a4ae50 100644 --- a/src/plugins/core/java.rs +++ b/src/plugins/core/java.rs @@ -239,7 +239,7 @@ impl JavaPlugin { fn download_java_metadata(&self, release_type: &str) -> Result> { let url = format!( - "https://java.rtx.pub/metadata/{}/{}/{}.json", + "https://rtx-java-metadata.jdx.dev/metadata/{}/{}/{}.json", release_type, os(), arch() diff --git a/src/plugins/core/node.rs b/src/plugins/core/node.rs index 15d75ea7b..bad0d7ab5 100644 --- a/src/plugins/core/node.rs +++ b/src/plugins/core/node.rs @@ -63,7 +63,7 @@ impl NodePlugin { fn fetch_remote_versions_from_rtx(&self) -> Result> { let versions = self .http - .get_text("http://metadata.rtx.pub/versions/node")? + .get_text("http://rtx-versions.jdx.dev/node")? .lines() .map(|v| v.trim().to_string()) .filter(|v| !v.is_empty())