Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/atsign-foundation/at_server

The software implementation of Atsign's core technology
https://github.com/atsign-foundation/at_server

atsign dart hacktoberfest server

Last synced: about 3 hours ago
JSON representation

The software implementation of Atsign's core technology

Host: GitHub
URL: https://github.com/atsign-foundation/at_server
Owner: atsign-foundation
License: bsd-3-clause
Created: 2020-10-27T11:24:12.000Z (about 4 years ago)
Default Branch: trunk
Last Pushed: 2024-04-11T05:06:34.000Z (7 months ago)
Last Synced: 2024-04-11T07:38:14.230Z (7 months ago)
Topics: atsign, dart, hacktoberfest, server
Language: Dart
Homepage: https://docs.atsign.com
Size: 18.7 MB
Stars: 38
Watchers: 12
Forks: 13
Open Issues: 68
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Code of conduct: code_of_conduct.md
- Security: SECURITY.md

Awesome Lists containing this project

README

        

[![Build Status](https://github.com/atsign-foundation/at_server/actions/workflows/at_server.yaml/badge.svg?branch=trunk)](https://github.com/atsign-foundation/at_server/actions/workflows/at_server.yaml)

[![GitHub License](https://img.shields.io/badge/license-BSD3-blue.svg)](./LICENSE)

[![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/atsign-foundation/at_server/badge)](https://securityscorecards.dev/viewer/?uri=github.com/atsign-foundation/at_server&sort_by=check-score&sort_direction=desc)

[![OpenSSF Best Practices](https://www.bestpractices.dev/projects/6713/badge)](https://www.bestpractices.dev/projects/6713)

[![SLSA 3](https://slsa.dev/images/gh-badge-level3.svg)](https://slsa.dev)

# at_server

This repo contains the core software implementation of the atProtocol:

## packages

### core runtime services

* [at_root_server](./packages/at_root_server) the root server is a directory

that contains the fully qualified domain name (FQDN) and port for secondary

servers. This is the most minimal amount of data necessary to determine where

to go to ask for permission. It only contains a record for every atSign as

well as the Internet location of the associated secondary server that

contains data and permissions.

* [at_secondary_server](./packages/at_secondary_server) the secondary server

is a personal, secure server that contains a person's data and their

permissions and terms under which they wish to share with others. The server

is written in Dart and is incredibly efficient. It has the ability to

securely sync data with other instances in the cloud or on other devices.

### core dependencies

* [at_server_spec](./packages/at_server_spec) is an interface abstraction

that defines what the atServer is responsible for.

* [at_persistence_spec](./packages/at_persistence_spec) is the abstracted

module for persistence which can be replaced as desired with some other

implementation.

## tests

* [at_functional_test](./tests/at_functional_test/) is a set of self

contained tests that make use of at_virtual_environment to run an entire

mini atSign infrastructure within a single container.

* [at_end2end_test](./tests/at_end2end_test/) is a suite of tests that

cannot be run standalone, and instead make use of a number of

[dess](https://github.com/atsign-foundation/dess) atSigns hosted on

virtual machines. Tests are arranged so that cross testing happens between

the version under test, and production releases.

## tools

* the virtual environment makes use of certificates that need to be refreshed

on a regular basis, which is done with a GitHub Action that runs the

`acme_certs.py` script.

* the cicd1 and cicd2 directories also contains the scripts used by

the dess VMs for end2end tests that ensure the correct images for version

cross testing.

* [build_virtual_environment](./tools/build_virtual_environment/) contains

the Dockerfiles and dependencies used to build the virtual environment

base image `ve_base` the virtual environment on that base, and the

`install_PKAM_Keys` tool that's used to initialise a virtual environment.

* [build_secondary](./tools/build_secondary/) contains the Dockerfiles

used to build various flavours of secondary server.

## SLSA

Since the c3.0.48 release, the Docker images created from this repo as part

of a release have SLSA Build Level 3 attestations.

These can be verified using the

[slsa-verifier](https://github.com/slsa-framework/slsa-verifier) tool e.g.:

```sh

TAG="c3.0.48"

IMAGE="atsigncompany/secondary"

SHA=$(docker buildx imagetools inspect ${IMAGE}:canary-${TAG} \

  --format "{{json .Manifest}}" | jq -r .digest)

slsa-verifier verify-image ${IMAGE}@${SHA} --source-uri \

  github.com/atsign-foundation/at_server --source-tag ${TAG}

```