Desing a system for allowing submitters to upload files #14
Description
Currently, when someone submits an artifact, they must provide a direct download link to any files they want to include in the artifact. This can be problematic, as some files don't have a public direct download link, or may block bots like artifact-submit-action. Frawley gets around this by uploading files to a public R2 bucket
Ideally, users could upload files directly. However this represents a very real liability for us. What if users attempt to upload a massive file? Malware? CSAM or other illegal content? We must protect ourselves against this.
One potential solution could involve uploading the files temporarily to a dedicated bucket, before they're imported into the prod acearchive-lgbt-artifacts bucket by the artifact-submit-action. However, there should be some mechanism for permanently deleting stale files. We could create a new worker (we'll call it upload-garbage-worker) which integrates with GitHub and periodically (say, once per day) deletes uploads which don't have an open issue associated with them. Problematic files can be deleted by just closing the issue.
The scope of this issue is just to design a system. Separate issues for the implementation can follow.
Whatever approach we take, this will likely involve a considerable amount of work.