feat(wip): update push command to support file input and dry-run option

Author: desertthunder

cmd/publication_commands.go

@@ -296,7 +296,7 @@ Examples:
 	root.AddCommand(patchCmd)
 
 	pushCmd := &cobra.Command{
-		Use:   "push [note-ids...]",
+		Use:   "push [note-ids...] [--file files...]",
 		Short: "Create or update multiple documents on leaflet",
 		Long: `Batch publish or update multiple local notes to leaflet.pub.
 
@@ -307,10 +307,27 @@ For each note:
 This is useful for bulk operations and continuous publishing workflows.
 
 Examples:
-  noteleaf pub push 1 2 3              # Publish/update notes 1, 2, and 3
-  noteleaf pub push 42 99 --draft      # Create/update as drafts`,
-		Args: cobra.MinimumNArgs(1),
+  noteleaf pub push 1 2 3                        # Publish/update notes 1, 2, and 3
+  noteleaf pub push 42 99 --draft                # Create/update as drafts
+  noteleaf pub push --file article.md           # Create note from file and push
+  noteleaf pub push --file a.md b.md --draft    # Create notes from multiple files
+  noteleaf pub push 1 2 --dry-run               # Validate without pushing
+  noteleaf pub push --file article.md --dry-run # Create note but don't push`,
 		RunE: func(cmd *cobra.Command, args []string) error {
+			isDraft, _ := cmd.Flags().GetBool("draft")
+			dryRun, _ := cmd.Flags().GetBool("dry-run")
+			files, _ := cmd.Flags().GetStringSlice("file")
+
+			defer c.handler.Close()
+
+			if len(files) > 0 {
+				return c.handler.PushFromFiles(cmd.Context(), files, isDraft, dryRun)
+			}
+
+			if len(args) == 0 {
+				return fmt.Errorf("no note IDs or files provided")
+			}
+
 			noteIDs := make([]int64, len(args))
 			for i, arg := range args {
 				id, err := parseNoteID(arg)
@@ -320,15 +337,13 @@ Examples:
 				noteIDs[i] = id
 			}
 
-			isDraft, _ := cmd.Flags().GetBool("draft")
-
-			defer c.handler.Close()
-			return c.handler.Push(cmd.Context(), noteIDs, isDraft)
+			return c.handler.Push(cmd.Context(), noteIDs, isDraft, dryRun)
 		},
 	}
 	pushCmd.Flags().Bool("draft", false, "Create/update as drafts instead of publishing")
+	pushCmd.Flags().Bool("dry-run", false, "Create note records but skip leaflet push")
+	pushCmd.Flags().StringSliceP("file", "f", []string{}, "Create notes from markdown files before pushing")
 	root.AddCommand(pushCmd)
-
 	return root
 }
 

internal/docs/ROADMAP.md

@@ -4,7 +4,8 @@ Noteleaf is a command-line and TUI tool for managing tasks, notes, media, and ar
 
 ## Core Usability
 
-The foundation across all domains is implemented. Tasks support CRUD operations, projects, tags, contexts, and time tracking. Notes have create, list, read, edit, and remove commands with interactive and static modes. Media queues exist for books, movies, and TV with progress and status management. SQLite persistence is in place with setup, seed, and reset commands. TUIs and colorized output are available.
+The foundation across all domains is implemented. Tasks support CRUD operations, projects, tags, contexts, and time tracking.
+Notes have create, list, read, edit, and remove commands with interactive and static modes. Media queues exist for books, movies, and TV with progress and status management. SQLite persistence is in place with setup, seed, and reset commands. TUIs and colorized output are available.
 
 ## RC
 
@@ -43,7 +44,7 @@ The foundation across all domains is implemented. Tasks support CRUD operations,
 #### Publication
 
 - [x] Implement authentication with BlueSky/leaflet (AT Protocol).
-    - [ ] Add OAuth2
+    - [ ] Add [OAuth2](#publications--authentication)
 - [x] Verify `pub pull` fetches and syncs documents from leaflet.
 - [x] Confirm `pub list` with status filtering (`all`, `published`, `draft`).
 - [ ] Test `pub post` creates new documents with draft/preview/validate modes.
@@ -206,6 +207,36 @@ Features that demonstrate Go proficiency and broaden Noteleaf’s scope.
 - [ ] Export to multiple formats
 - [ ] Linking with tasks and notes
 
+### Publications & Authentication
+
+- [ ] OAuth2 authentication for AT Protocol
+    - [ ] Client metadata server for publishing application details
+    - [ ] DPoP (Demonstrating Proof of Possession) implementation
+        - [ ] ES256 JWT generation with unique JTI nonces
+        - [ ] Server-issued nonce management with 5-minute rotation
+        - [ ] Separate nonce tracking for authorization and resource servers
+    - [ ] PAR (Pushed Authorization Requests) flow
+        - [ ] PKCE code challenge generation
+        - [ ] State token management
+        - [ ] Request URI handling
+    - [ ] Identity resolution and verification
+        - [ ] Bidirectional handle verification
+        - [ ] DID resolution from handles
+        - [ ] Authorization server discovery via .well-known endpoints
+    - [ ] Token lifecycle management
+        - [ ] Access token refresh (5-15 min lifetime recommended)
+        - [ ] Refresh token rotation (180 day max for confidential clients)
+        - [ ] Concurrent request handling to prevent duplicate refreshes
+        - [ ] Secure token storage (encrypted at rest)
+    - [ ] Local callback server for OAuth redirects
+        - [ ] Ephemeral HTTP server on localhost
+        - [ ] Browser launch integration
+        - [ ] Timeout handling for abandoned flows
+    - [ ] Migration path from app passwords to OAuth
+        - [ ] Detect existing app password sessions
+        - [ ] Prompt users to upgrade authentication
+        - [ ] Maintain backward compatibility
+
 ### User Experience
 
 - [ ] Shell completions

internal/handlers/publication.go

@@ -7,6 +7,7 @@ import (
 	"fmt"
 	"os"
 	"path/filepath"
+	"strings"
 	"time"
 
 	"github.com/stormlightlabs/noteleaf/internal/models"
@@ -384,17 +385,133 @@ func (h *PublicationHandler) Delete(ctx context.Context, noteID int64) error {
 	return nil
 }
 
+// createNoteFromFile creates a note from a markdown file and returns its ID
+func (h *PublicationHandler) createNoteFromFile(ctx context.Context, filePath string) (int64, error) {
+	if _, err := os.Stat(filePath); os.IsNotExist(err) {
+		return 0, fmt.Errorf("file does not exist: %s", filePath)
+	}
+
+	content, err := os.ReadFile(filePath)
+	if err != nil {
+		return 0, fmt.Errorf("failed to read file: %w", err)
+	}
+
+	contentStr := string(content)
+	if strings.TrimSpace(contentStr) == "" {
+		return 0, fmt.Errorf("file is empty: %s", filePath)
+	}
+
+	title, noteContent, tags := parseNoteContent(contentStr)
+	if title == "" {
+		title = strings.TrimSuffix(filepath.Base(filePath), filepath.Ext(filePath))
+	}
+
+	note := &models.Note{
+		Title:    title,
+		Content:  noteContent,
+		Tags:     tags,
+		FilePath: filePath,
+	}
+
+	noteID, err := h.repos.Notes.Create(ctx, note)
+	if err != nil {
+		return 0, fmt.Errorf("failed to create note: %w", err)
+	}
+
+	ui.Infoln("Created note from file: %s", filePath)
+	ui.Infoln("  Note: %s (ID: %d)", title, noteID)
+	if len(tags) > 0 {
+		ui.Infoln("  Tags: %s", strings.Join(tags, ", "))
+	}
+
+	return noteID, nil
+}
+
+// parseNoteContent extracts title, content, and tags from markdown content
+func parseNoteContent(content string) (title, noteContent string, tags []string) {
+	lines := strings.Split(content, "\n")
+
+	for _, line := range lines {
+		line = strings.TrimSpace(line)
+		if after, ok := strings.CutPrefix(line, "# "); ok {
+			title = after
+			break
+		}
+	}
+
+	for _, line := range lines {
+		line = strings.TrimSpace(line)
+		if strings.HasPrefix(line, "<!-- Tags:") && strings.HasSuffix(line, "-->") {
+			tagStr := strings.TrimPrefix(line, "<!-- Tags:")
+			tagStr = strings.TrimSuffix(tagStr, "-->")
+			tagStr = strings.TrimSpace(tagStr)
+
+			if tagStr != "" {
+				for tag := range strings.SplitSeq(tagStr, ",") {
+					tag = strings.TrimSpace(tag)
+					if tag != "" {
+						tags = append(tags, tag)
+					}
+				}
+			}
+		}
+	}
+
+	noteContent = content
+
+	return title, noteContent, tags
+}
+
+// PushFromFiles creates notes from files and pushes them to leaflet
+func (h *PublicationHandler) PushFromFiles(ctx context.Context, filePaths []string, isDraft bool, dryRun bool) error {
+	if len(filePaths) == 0 {
+		return fmt.Errorf("no file paths provided")
+	}
+
+	ui.Infoln("Creating notes from %d file(s)...\n", len(filePaths))
+
+	noteIDs := make([]int64, 0, len(filePaths))
+	var failed int
+
+	for _, filePath := range filePaths {
+		noteID, err := h.createNoteFromFile(ctx, filePath)
+		if err != nil {
+			ui.Warningln("Failed to create note from %s: %v", filePath, err)
+			failed++
+			continue
+		}
+		noteIDs = append(noteIDs, noteID)
+	}
+
+	if len(noteIDs) == 0 {
+		return fmt.Errorf("failed to create any notes from files")
+	}
+
+	ui.Newline()
+	if dryRun {
+		ui.Successln("Created %d note(s) from files. Skipping leaflet push (dry run).", len(noteIDs))
+		ui.Infoln("Note IDs: %v", noteIDs)
+		return nil
+	}
+
+	return h.Push(ctx, noteIDs, isDraft, dryRun)
+}
+
 // Push creates or updates multiple documents on leaflet from local notes
-func (h *PublicationHandler) Push(ctx context.Context, noteIDs []int64, isDraft bool) error {
-	if !h.atproto.IsAuthenticated() {
+func (h *PublicationHandler) Push(ctx context.Context, noteIDs []int64, isDraft bool, dryRun bool) error {
+	if !dryRun && !h.atproto.IsAuthenticated() {
 		return fmt.Errorf("not authenticated - run 'noteleaf pub auth' first")
 	}
 
 	if len(noteIDs) == 0 {
 		return fmt.Errorf("no note IDs provided")
 	}
 
-	ui.Infoln("Processing %d note(s)...\n", len(noteIDs))
+	if dryRun {
+		ui.Infoln("Dry run: validating %d note(s)...\n", len(noteIDs))
+	} else {
+		ui.Infoln("Processing %d note(s)...\n", len(noteIDs))
+	}
 
 	var created, updated, failed int
 	var errors []string
@@ -408,29 +525,50 @@ func (h *PublicationHandler) Push(ctx context.Context, noteIDs []int64, isDraft
 			continue
 		}
 
-		if note.HasLeafletAssociation() {
-			err = h.Patch(ctx, noteID)
+		if dryRun {
+			_, _, err := h.prepareDocumentForPublish(ctx, noteID, isDraft, note.HasLeafletAssociation())
 			if err != nil {
-				ui.Warningln("  [%d] Failed to update '%s': %v", noteID, note.Title, err)
+				ui.Warningln("  [%d] Validation failed for '%s': %v", noteID, note.Title, err)
 				errors = append(errors, fmt.Sprintf("note %d (%s): %v", noteID, note.Title, err))
 				failed++
 			} else {
-				updated++
+				ui.Infoln("  [%d] '%s' - validation passed", noteID, note.Title)
+				if note.HasLeafletAssociation() {
+					updated++
+				} else {
+					created++
+				}
 			}
 		} else {
-			err = h.Post(ctx, noteID, isDraft)
-			if err != nil {
-				ui.Warningln("  [%d] Failed to create '%s': %v", noteID, note.Title, err)
-				errors = append(errors, fmt.Sprintf("note %d (%s): %v", noteID, note.Title, err))
-				failed++
+			if note.HasLeafletAssociation() {
+				err = h.Patch(ctx, noteID)
+				if err != nil {
+					ui.Warningln("  [%d] Failed to update '%s': %v", noteID, note.Title, err)
+					errors = append(errors, fmt.Sprintf("note %d (%s): %v", noteID, note.Title, err))
+					failed++
+				} else {
+					updated++
+				}
 			} else {
-				created++
+				err = h.Post(ctx, noteID, isDraft)
+				if err != nil {
+					ui.Warningln("  [%d] Failed to create '%s': %v", noteID, note.Title, err)
+					errors = append(errors, fmt.Sprintf("note %d (%s): %v", noteID, note.Title, err))
+					failed++
+				} else {
+					created++
+				}
 			}
 		}
 	}
 
 	ui.Newline()
-	ui.Successln("Push complete: %d created, %d updated, %d failed", created, updated, failed)
+	if dryRun {
+		ui.Successln("Dry run complete: %d would be created, %d would be updated, %d failed validation", created, updated, failed)
+		ui.Infoln("No changes made to leaflet")
+	} else {
+		ui.Successln("Push complete: %d created, %d updated, %d failed", created, updated, failed)
+	}
 
 	if len(errors) > 0 {
 		return fmt.Errorf("push completed with %d error(s)", failed)

internal/handlers/publication_test.go

@@ -1662,7 +1662,7 @@ func TestPublicationHandler(t *testing.T) {
 			handler := CreateHandler(t, NewPublicationHandler)
 			ctx := context.Background()
 
-			err := handler.Push(ctx, []int64{1, 2, 3}, false)
+			err := handler.Push(ctx, []int64{1, 2, 3}, false, false)
 			if err == nil {
 				t.Error("Expected error when not authenticated")
 			}
@@ -1694,7 +1694,7 @@ func TestPublicationHandler(t *testing.T) {
 				t.Fatalf("Failed to restore session: %v", err)
 			}
 
-			err = handler.Push(ctx, []int64{}, false)
+			err = handler.Push(ctx, []int64{}, false, false)
 			if err == nil {
 				t.Error("Expected error when no note IDs provided")
 			}
@@ -1726,7 +1726,7 @@ func TestPublicationHandler(t *testing.T) {
 				t.Fatalf("Failed to restore session: %v", err)
 			}
 
-			err = handler.Push(ctx, []int64{999}, false)
+			err = handler.Push(ctx, []int64{999}, false, false)
 			if err == nil {
 				t.Error("Expected error when note not found")
 			}
@@ -1773,7 +1773,7 @@ func TestPublicationHandler(t *testing.T) {
 				t.Fatalf("Failed to restore session: %v", err)
 			}
 
-			err = handler.Push(ctx, []int64{id1, id2}, false)
+			err = handler.Push(ctx, []int64{id1, id2}, false, false)
 
 			if err != nil && !strings.Contains(err.Error(), "not authenticated") {
 				t.Logf("Got error during push (expected for external service call): %v", err)
@@ -1830,7 +1830,7 @@ func TestPublicationHandler(t *testing.T) {
 				t.Fatalf("Failed to restore session: %v", err)
 			}
 
-			err = handler.Push(ctx, []int64{id1, id2}, false)
+			err = handler.Push(ctx, []int64{id1, id2}, false, false)
 
 			if err != nil && !strings.Contains(err.Error(), "not authenticated") {
 				t.Logf("Got error during push (expected for external service call): %v", err)
@@ -1882,7 +1882,7 @@ func TestPublicationHandler(t *testing.T) {
 				t.Fatalf("Failed to restore session: %v", err)
 			}
 
-			err = handler.Push(ctx, []int64{newID, existingID}, false)
+			err = handler.Push(ctx, []int64{newID, existingID}, false, false)
 
 			if err != nil && !strings.Contains(err.Error(), "not authenticated") {
 				t.Logf("Got error during push (expected for external service call): %v", err)
@@ -1920,7 +1920,7 @@ func TestPublicationHandler(t *testing.T) {
 			}
 
 			invalidID := int64(999)
-			err = handler.Push(ctx, []int64{id1, invalidID}, false)
+			err = handler.Push(ctx, []int64{id1, invalidID}, false, false)
 
 			if err == nil {
 				t.Error("Expected error due to invalid note ID")
@@ -1961,7 +1961,7 @@ func TestPublicationHandler(t *testing.T) {
 				t.Fatalf("Failed to restore session: %v", err)
 			}
 
-			err = handler.Push(ctx, []int64{id}, true)
+			err = handler.Push(ctx, []int64{id}, true, false)
 
 			if err != nil && !strings.Contains(err.Error(), "not authenticated") {
 				t.Logf("Got error during push (expected for external service call): %v", err)