Allow publishing without an access token (#2773)

stwiname · web-flow · commit 1c80cd9c9780 · 2025-04-30T15:34:05.000+12:00
* Allow publishing without an access token

* Update changelog
diff --git a/packages/cli/CHANGELOG.md b/packages/cli/CHANGELOG.md
@@ -9,6 +9,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Unused node-fetch dependency (#2772)
 - Problematic boxen dependency (#2774)
 
+### Changed
+- Remove requirement for SUBQL_ACCESS_TOKEN with publish command (#2773)
+
 ## [5.8.1] - 2025-04-24
 ### Changed
 - Update @subql/utils
diff --git a/packages/cli/src/commands/publish.ts b/packages/cli/src/commands/publish.ts
@@ -6,7 +6,7 @@ import path from 'path';
 import {Command, Flags} from '@oclif/core';
 import {getMultichainManifestPath, getProjectRootAndManifest} from '@subql/common';
 import {createIPFSFile, uploadToIpfs} from '../controller/publish-controller';
-import {checkToken, resolveToAbsolutePath} from '../utils';
+import {getOptionalToken, resolveToAbsolutePath} from '../utils';
 import Build from './build';
 
 export default class Publish extends Command {
@@ -32,7 +32,7 @@ export default class Publish extends Command {
     // Make sure build first, generated project yaml could be added to the project (instead of ts)
     const project = getProjectRootAndManifest(location);
 
-    const authToken = await checkToken();
+    const authToken = getOptionalToken();
 
     const fullPaths = project.manifests.map((manifest) => path.join(project.root, manifest));
 
@@ -41,7 +41,7 @@ export default class Publish extends Command {
       multichainManifestPath = path.join(project.root, multichainManifestPath);
     }
 
-    const fileToCidMap = await uploadToIpfs(fullPaths, authToken.trim(), multichainManifestPath, flags.ipfs).catch(
+    const fileToCidMap = await uploadToIpfs(fullPaths, authToken?.trim(), multichainManifestPath, flags.ipfs).catch(
       (e) => {
         // log further cause from error
         if (e.cause) {
diff --git a/packages/cli/src/controller/publish-controller.ts b/packages/cli/src/controller/publish-controller.ts
@@ -30,7 +30,7 @@ export async function createIPFSFile(root: string, manifest: string, cid: string
 
 export async function uploadToIpfs(
   projectPaths: string[],
-  authToken: string,
+  authToken?: string,
   multichainProjectPath?: string,
   ipfsEndpoint?: string,
   directory?: string
@@ -100,7 +100,7 @@ export async function uploadToIpfs(
 async function replaceFileReferences<T extends Record<string, any>>(
   projectDir: string,
   input: T,
-  authToken: string,
+  authToken?: string,
   ipfs?: IPFSHTTPClientLite
 ): Promise<T> {
   if (Array.isArray(input)) {
@@ -134,7 +134,7 @@ const fileMap = new Map<string | fs.ReadStream, Promise<string>>();
 
 export async function uploadFiles(
   contents: {path: string; content: string}[],
-  authToken: string,
+  authToken?: string,
   isMultichain?: boolean,
   ipfs?: IPFSHTTPClientLite
 ): Promise<Map<string, string>> {
@@ -154,7 +154,7 @@ export async function uploadFiles(
 
   const ipfsWrite = new IPFSHTTPClientLite({
     url: IPFS_WRITE_ENDPOINT,
-    headers: {Authorization: `Bearer ${authToken}`},
+    headers: authToken ? {Authorization: `Bearer ${authToken}`} : undefined,
   });
 
   try {
@@ -177,7 +177,7 @@ export async function uploadFiles(
 
 export async function uploadFile(
   contents: {path: string; content: string},
-  authToken: string,
+  authToken?: string,
   ipfs?: IPFSHTTPClientLite
 ): Promise<string> {
   const pathPromise = fileMap.get(contents.path);
@@ -197,7 +197,7 @@ export async function uploadFile(
 
   const ipfsWrite = new IPFSHTTPClientLite({
     url: IPFS_WRITE_ENDPOINT,
-    headers: {Authorization: `Bearer ${authToken}`},
+    headers: authToken ? {Authorization: `Bearer ${authToken}`} : undefined,
   });
 
   const pendingCid = ipfsWrite
diff --git a/packages/cli/src/utils/utils.ts b/packages/cli/src/utils/utils.ts
@@ -74,6 +74,23 @@ export async function checkToken(token_path: string = ACCESS_TOKEN_PATH): Promis
   }
 }
 
+export function getOptionalToken(token_path: string = ACCESS_TOKEN_PATH): string | undefined {
+  const envToken = process.env.SUBQL_ACCESS_TOKEN;
+  if (envToken) return envToken;
+  if (existsSync(token_path)) {
+    try {
+      const authToken = readFileSync(token_path, 'utf8');
+      if (!authToken) {
+        return undefined;
+      }
+      return authToken.trim();
+    } catch (e) {
+      return undefined;
+    }
+  }
+  return undefined;
+}
+
 export function errorHandle(e: any, msg: string): Error {
   if (axios.isAxiosError(e) && e?.response?.data) {
     return new Error(`${msg} ${e.response.data.message ?? e.response.data}`);
