mirror of
https://github.com/samvallad33/vestige.git
synced 2026-07-02 22:01:01 +02:00
Vestige Cloud is split: the public client (a thin HTTP sync backend that only moves encrypted bytes) belongs here, but the hosted service — billing, sync-key->namespace mapping, per-user isolation, Lemon Squeezy webhooks, transactional email — must live only in the private repo. Add scripts/check-no-private-cloud.sh, which git-greps tracked files for distinctive private-service signatures (service crate identity, module headers, billing/provider internals, server-side sync-key mapping SQL). The patterns are chosen so the legitimate public client — including its VESTIGE_CLOUD_* client env vars — does not match. Wired into CI via guard-no-private-cloud.yml on push/PR. Verified both directions: passes on the clean repo, fails (naming the markers) when real private webhook.rs/keys.rs are introduced. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
25 lines
659 B
YAML
25 lines
659 B
YAML
name: Guard — No Private Cloud Code
|
|
|
|
# Fails if private Vestige Cloud *service* code (billing, sync-key/namespace
|
|
# mapping, Lemon Squeezy webhooks, transactional email) ever lands in this
|
|
# public repo. The public cloud *client* is allowed and does not trip this.
|
|
on:
|
|
push:
|
|
branches: [main, feat/cloud-sync-mvp]
|
|
pull_request:
|
|
workflow_dispatch:
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
guard:
|
|
name: No private cloud service code
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v5
|
|
with:
|
|
fetch-depth: 0
|
|
|
|
- name: Scan for private cloud service markers
|
|
run: ./scripts/check-no-private-cloud.sh
|