Skip to content

feat(miner): add OpenAPI 3 spec + AST sync check for HTTP routes#28

Open
codeboost-tr wants to merge 1 commit into
Dipraise1:mainfrom
codeboost-tr:feat/openapi-miner-spec
Open

feat(miner): add OpenAPI 3 spec + AST sync check for HTTP routes#28
codeboost-tr wants to merge 1 commit into
Dipraise1:mainfrom
codeboost-tr:feat/openapi-miner-spec

Conversation

@codeboost-tr

Copy link
Copy Markdown

Overview

Closes #23.

This PR introduces a machine-readable docs/openapi/miner-openapi.yaml describing every HTTP route the miner exposes, plus an AST-based sync check that fails CI when the spec drifts away from neurons/miner.py.

The spec is auto-generated from a single ROUTES table (scripts/generate_openapi.py) so it stays accurate as new endpoints are added, and it documents the canonical sr25519 signed-challenge message format ({nonce}:{endpoint}:{body_hash}) used by the EngramHotkeySignature scheme.

What's in this PR

File Change
scripts/generate_openapi.py New: ROUTES table + build_spec() that emits OpenAPI 3.0.3
scripts/check_openapi_sync.py New: AST-walks neurons/miner.py, diffs against generator's ROUTES
docs/openapi/miner-openapi.yaml New: 24 paths, 39 schemas, 7 tags, EngramHotkeySignature scheme
tests/test_openapi_generator.py New: 11 tests (spec structure, resolution, sync drift detection)
.github/workflows/ci.yml New openapi job: regenerates spec + runs check_openapi_sync.py --strict

Highlights

  • 26 routes documented (Synapses, Retrieval, Proofs, Namespaces, KeyShares, Chat, Observability tags).
  • Auth scheme (EngramHotkeySignature) is described inline in the spec with the canonical message format, so integrators don't have to read the miner source.
  • Sync check is import-free — it AST-walks neurons/miner.py so CI doesn't need bittensor / faiss / sentence-transformers installed to validate the spec.
  • Drift detection is unit-tested (test_sync_check_detects_missing_route, test_sync_check_detects_extra_route).

Verification

$ python scripts/generate_openapi.py --check
[openapi] OK: docs/openapi/miner-openapi.yaml

$ python scripts/check_openapi_sync.py --strict
[openapi-sync] miner routes: 26  |  generator routes: 26
[openapi-sync] OK — all routes are in sync.

$ python -m pytest tests/test_openapi_generator.py -v
11 passed in 0.39s

Lint clean:

$ ruff check scripts/generate_openapi.py scripts/check_openapi_sync.py tests/test_openapi_generator.py
All checks passed!

Test plan

  • CI openapi job passes (regenerates spec, diffs, and runs --strict)
  • pytest tests/test_openapi_generator.py -v → 11 passed
  • pytest tests/ -k openapi → all green
  • ruff check scripts/ tests/test_openapi_generator.py → clean
  • Open docs/openapi/miner-openapi.yaml in Redoc / Swagger UI — all 24 paths visible
  • Verify auth scheme doc explains the canonical {nonce}:{endpoint}:{body_hash} message format

Maintenance note

The new openapi job in .github/workflows/ci.yml is staged in the working tree but not included in this commit. The fork's OAuth token doesn't have the workflow scope required to push workflow changes, so a maintainer will need to apply the diff (or run gh auth refresh --scopes workflow interactively) to land the CI gate. The block is short — see the openapi: job in the attached patch or regenerate via:

openapi:
  runs-on: ubuntu-latest
  steps:
    - uses: actions/checkout@v4
    - uses: actions/setup-python@v5
      with: { python-version: "3.11" }
    - run: pip install pyyaml
    - run: |
        python scripts/generate_openapi.py --out /tmp/miner-openapi.generated.yaml
        diff -u docs/openapi/miner-openapi.yaml /tmp/miner-openapi.generated.yaml
    - run: python scripts/check_openapi_sync.py --strict

Checklist

  • Auto-generated spec (no hand-written YAML drift)
  • All 26 routes documented with request/response schemas
  • sr25519 signed-challenge auth scheme explained inline
  • AST-based sync check (no heavy deps in CI)
  • Unit tests for spec structure, resolution, and drift detection
  • ruff / pytest clean
  • Conventional Commits message
  • Cross-fork PR opened from codeboost-tr/EngramDipraise1/Engram

Generates docs/openapi/miner-openapi.yaml from a declarative ROUTES
table in scripts/generate_openapi.py, covering all 26 aiohttp routes
registered in neurons/miner.py.

- scripts/generate_openapi.py: 26 routes, 39 schemas, EngramHotkeySignature
  security scheme (sr25519 signed-challenge with canonical message
  f"{nonce}:{endpoint}:{body_hash}"). CLI: --check mode for CI.
- scripts/check_openapi_sync.py: AST-walks neurons/miner.py to extract
  app.router.add_<method>(path, handler) calls, diffs against the
  generator's ROUTES table. --strict exits non-zero on drift.
- tests/test_openapi_generator.py: 11 tests covering spec structure,
  auth scheme, $ref resolution, handler field, and sync drift
  detection in both directions.

Note: the .github/workflows/ci.yml change adding an `openapi` job is
included in the working tree but NOT in this commit, since the gh CLI
token currently lacks the `workflow` scope needed to push workflow
files.  A maintainer can re-apply ci.yml locally, or the contributor
can refresh gh auth (`gh auth refresh --scopes workflow`) and follow
up with a second commit.

Renders via Redoc at theengram.space (or any static docs host).
@vercel

vercel Bot commented Jun 12, 2026

Copy link
Copy Markdown

@codeboost-tr is attempting to deploy a commit to the praise's projects Team on Vercel.

A member of the Team first needs to authorize it.

@codeboost-tr

Copy link
Copy Markdown
Author

Issue claim posted via /attempt. Branch: codeboost-tr:feat/openapi-miner-specmain. 5 files changed, 11 new tests, ruff clean, sync check passes with 0 drift on 26 routes.

cc maintainers: the openapi CI job in .github/workflows/ci.yml is staged in the working tree but not in the commit (fork OAuth lacks workflow scope). Diff is in the PR body; happy to push it as a follow-up once the scope is granted.

@codeboost-tr

Copy link
Copy Markdown
Author

@Dipraise1 — quick ping: the Vercel deployment check is blocked on this PR because the praise's projects team hasn't authorized the GitHub app. Could you click through https://vercel.com/git/authorize?team=praise%27s%20projects&slug=praises-projects-ac4a4b94 so the deploy can run? The OpenAPI spec + AST sync check is ready for review once CI is unblocked. Thanks!

@codeboost-tr

Copy link
Copy Markdown
Author

Gentle follow-up — the Vercel deploy check is still blocked on the praise's projects team's GitHub app authorization. Once a team member clicks through https://vercel.com/git/authorize?team=… the rest of CI will unblock. The PR itself (OpenAPI 3 spec + AST sync check, 5 files, 11 new tests, ruff clean, 0 drift on 26 routes) is ready for code review. Happy to extend the spec to additional endpoints or split into per-resource PRs if the maintainer prefers.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

[docs] OpenAPI spec for miner HTTP endpoints

1 participant