fix: address PR comments from #211 (#224)

Signed-off-by: Jeromy Cannon <[email protected]>
Signed-off-by: Swirlds Automation <[email protected]>
Co-authored-by: Swirlds Automation <[email protected]>

Author: jeromy-cannon

.github/workflows/flow-update-readme.yaml

@@ -17,39 +17,28 @@
 name: Update README.md
 on:
   workflow_dispatch:
-  pull_request:
-    types:
-      - opened
-      - reopened
-      - synchronize
+  push:
+    branches:
+      - main
     paths:
       - '**/*.mjs'
       - '**/*.js'
       - '**/package*.json'
+      - '**/README.md.template'
 defaults:
   run:
     shell: bash
+permissions:
+  contents: read
 jobs:
   update:
     runs-on: [self-hosted, Linux, medium, ephemeral]
-    permissions:
-      # Give the default GITHUB_TOKEN write permission to commit and push the
-      # added or changed files to the repository.
-      contents: write
     steps:
       - name: Checkout Code for Push
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
-        if: github.event_name == 'push'
         with:
           fetch-depth: 0
-
-      # https://github.com/actions/checkout/issues/124
-      - name: Checkout Code for Pull Request
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
-        if: github.event_name == 'pull_request'
-        with:
-          fetch-depth: 0
-          ref: ${{ github.event.pull_request.head.ref }}
+          token: ${{secrets.GH_ACCESS_TOKEN}}
 
       - name: Setup Node
         uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
@@ -86,13 +75,14 @@ jobs:
 
       - name: Update README.md
         run: |
+          set -x
           npm install -g @hashgraph/solo
           which solo
           
           export SOLO_CLUSTER_NAME=solo
           export SOLO_NAMESPACE=solo
           export SOLO_CLUSTER_SETUP_NAMESPACE=solo-cluster
-           
+          
           echo "Perform the following kind and solo commands and save output to environment variables"
           
           export KIND_CREATE_CLUSTER_OUTPUT=$( kind create cluster -n "${SOLO_CLUSTER_NAME}" 2>&1 | tee test.log )
@@ -133,6 +123,7 @@ jobs:
           sed -i 's/\[33m//g' README.md
           sed -i 's/\[39m//g' README.md
           egrep -v '↓|❯|•' README.md > README.md.tmp && mv README.md.tmp README.md
+          set +x
 
       - name: Check README.md Changes
         id: check-readme-changes
@@ -145,7 +136,7 @@ jobs:
 
           DELETIONS=$(echo $CHANGES | grep -o '[0-9]\+' | tail -1)          
           echo "Deletions: $DELETIONS"
-        
+          
           # Calculate total lines changed if INSERTIONS and DELETIONS are not empty
           if [ -z "$INSERTIONS" ]; then
             INSERTIONS=0
@@ -156,15 +147,24 @@ jobs:
           
           TOTAL_LINES_CHANGED=$(($INSERTIONS + $DELETIONS))
           echo "Total README lines changed: $TOTAL_LINES_CHANGED"
-          echo "TOTAL_LINES_CHANGED=$TOTAL_LINES_CHANGED" >> "${GITHUB_OUTPUT}"
 
-      # Signed Commits by actions https://github.com/actions/runner/issues/667
+      - name: Import GPG key
+        uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0
+        with:
+          gpg_private_key: ${{ secrets.GH_ACCESS_GPG_KEY }}
+          passphrase: ${{ secrets.GH_ACCESS_PASSPHRASE }}
+          git_user_signingkey: true
+          git_commit_gpgsign: true
+
       - name: Commit README.md Changes
-        if: ${{ steps.check-readme-changes.outputs.TOTAL_LINES_CHANGED > 20 }}
-        uses: planetscale/[email protected]
+        uses: stefanzweifel/git-auto-commit-action@8621497c8c39c72f3e2a999a26b4ca1b5058a842 # v5.0.1
         with:
-          commit_message: "auto update README.md"
-          repo: ${{ github.repository }}
-          branch: ${{ github.head_ref || github.ref_name }}
+          commit_message: "auto update README.md [skip ci]"
+          commit_options: '--no-verify --signoff'
+          add_options: '-u'
+          file_pattern: 'README.md'
+          commit_user_name: Swirlds Automation
+          commit_user_email: [email protected]
+          commit_author: Swirlds Automation <[email protected]>
         env:
-          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
+          GITHUB_TOKEN: ${{secrets.GH_ACCESS_TOKEN}}

README.md.template

@@ -291,7 +291,7 @@ $ rm -rf ~/.solo
 $ solo init -t v0.47.0-alpha.0 -i node0,node1,node2 -n "${SOLO_NAMESPACE}" -s "${SOLO_CLUSTER_SETUP_NAMESPACE}" --key-format pem 
 ```
 
-* Example output:
+* Example output
 
 ```
 $SOLO_INIT_047_OUTPUT
@@ -303,7 +303,7 @@ $SOLO_INIT_047_OUTPUT
 $ solo node keys --gossip-keys --tls-keys --key-format pem
 ```
 
-* Example output:
+* Example output
 
 ```
 $SOLO_NODE_KEY_PEM_OUTPUT

src/commands/node.mjs

@@ -955,7 +955,7 @@ export class NodeCommand extends BaseCommand {
             force: self.configManager.getFlag(flags.force),
             applicationEnv: self.configManager.getFlag(flags.applicationEnv),
             keyFormat: self.configManager.getFlag(flags.keyFormat),
-            de3vMode: self.configManager.getFlag(flags.devMode),
+            devMode: self.configManager.getFlag(flags.devMode),
             curDate: new Date()
           }
 
@@ -1239,7 +1239,7 @@ export class NodeCommand extends BaseCommand {
           })
           .command({
             command: 'refresh',
-            desc: 'Refresh a node',
+            desc: 'Reset and restart a node',
             builder: y => flags.setCommandFlags(y,
               flags.namespace,
               flags.nodeIDs,

src/core/helpers.mjs

@@ -171,6 +171,11 @@ export function isNumeric (str) {
     !isNaN(parseFloat(str)) // ...and ensure strings of whitespace fail
 }
 
+/**
+ * Validate a path provided by the user to prevent path traversal attacks
+ * @param input the input provided by the user
+ * @returns {*} a validated path
+ */
 export function validatePath (input) {
   if (input.indexOf('\0') !== -1) {
     throw new FullstackTestingError(`access denied for path: ${input}`)