Upstream merge and fix unit tests (#40)

* Add a local-setup config to the tutorial (integritee book) (integritee-network#666) * Update call status to `InSidechainBlock` only after block import (integritee-network#676) * rename on_block_created to on_block_imported * update tx status only after block import * fix clippy * fix cargo test * remove waiting time from demos * readd removed comments * udpate comments * extract call removal logic from on_block_imported * Bump substrate to commit f5f286db0da9... (integritee-network#669) * Bump substrate Bump substrate to commit 8df8d908c4d77a8dd19751784b6aca62159ddda8 Remove dependencies of scale-info 1.0.0 and parity-scale-codec 2.3.1 Upgrade substrate to commit f5f286d... substrate fix for : sp-core's full_crypto feature flag breaks no_std builds * frame-metadata from crates.io * Update CI to use updated node Co-authored-by: echevrier <[email protected]> * Dockerize (integritee-network#668) * Dockerize the binaries integritee-network#579 * Add tags to run as well integritee-network#579 * Fix running binary in docker integritee-network#579 * Add more files to docker integritee-network#579 * Add conditional runs * Add +x earlier * Rename docker-service to integritee-demo-validateer. Fixes integritee-network#579 * Lift clap to version 3.16 and move stf cli to cli crate. (integritee-network#679) * Lift clap to version 3.16 and move stf cli to cli crate. * Adapt demo script parameters * Add cli examples to README.md * update comment descriptions Co-authored-by: Gaudenz Kessler <[email protected]> * Refactor global components and initialization process (integritee-network#677) * Consistently (re-)use the component container * RPC server is initialized before registering on the parentchain * Fix issue with sidechain block import when latest parentchain block is already too new Closes integritee-network#545 integritee-network#600 integritee-network#684 integritee-network#683 * create alive service to deterine that the service is up, running and registered (integritee-network#697) * create alive service * replace alive with initialized Co-authored-by: Gaudenz Kessler <[email protected]> * Add port config for the untrusted http server for `is_initialized` (integritee-network#700) * rename wrong `signing_key` function name to `state_key` (integritee-network#704) * Move top pool and top pool author crates to core primitives (integritee-network#705) * Introduce state snapshot history (integritee-network#698) Closes integritee-network#688 * Add header to sidechain block (integritee-network#699) Closes integritee-network#686 Co-authored-by: Gaudenz Kessler <[email protected]> * introduce layer for indirection for sidechainblock (integritee-network#716) Closes integritee-network#710 Co-authored-by: Gaudenz Kessler <[email protected]> Co-authored-by: Felix Müller <[email protected]> * Persist web-socket connections (integritee-network#718) Complete overhaul of the trusted web-socket server: * using MIO to serve concurrent connections * Server keeps connections open until a client requests a close * Changed our clients to match this pattern * Upgrade to polkadot v0.9.19 (integritee-network#720) * Bump substrate to polkadot-v0.9.19 Bump RUNTIME_SPEC_VERSION to 9 Set substrate-api-client to polkadot-v0.9.19 Set integritee-node to polkadot-v0.9.19 Set integritee-node to master * Cargo update + reabse * Update github actions Co-authored-by: echevrier <[email protected]> * fix some cargo.tomls * fix cargo.lock * remove game engine * update teerex module * fix itp-registry-storage * cargo update * resinsert game engine * some further clean up * update teaclave * add ajuna commands * cargo update * carog update * update ajuna cli * fix some thins * Signed sidechain block * fix shard_id getter * fix load_initialized * fix sgx externalities import * fix compilation issues * remove patches and cargo update * update demo docu * add bin folder to docu * remove hard coded ports. Not necesasry * add ./ * update pallet verions * make tests compile again * fix import in sgx mode * merge from upstream number two.. remove itp storage verifier * cargo fmt * fix tests * update doc once again * fix script and queue game * cargo update + some code clean up Co-authored-by: Felix Müller <[email protected]> Co-authored-by: echevrier <[email protected]> Co-authored-by: echevrier <[email protected]> Co-authored-by: mosonyi <[email protected]> Co-authored-by: gaudenzkessler <[email protected]> Co-authored-by: Gaudenz Kessler <[email protected]> Co-authored-by: Felix Müller <[email protected]>
ajuna-network · May 9, 2022 · ed9e4c6 · ed9e4c6
1 parent 24e2f2d
commit ed9e4c6
Show file tree

Hide file tree

Showing 258 changed files with 10,670 additions and 6,387 deletions.
diff --git a/.github/workflows/build_and_test.yml b/.github/workflows/build_and_test.yml
@@ -4,6 +4,8 @@ on:
   workflow_dispatch:
   push:
     branches: [ master ]
+    tags:
+      - '[0-9]+.[0-9]+.[0-9]+'
   pull_request:
     branches: [ master ]
 
@@ -25,7 +27,7 @@ jobs:
 
   build-test:
     runs-on: ubuntu-latest
-    container: "integritee/integritee-dev:0.1.7"
+    container: "integritee/integritee-dev:0.1.9"
     steps:
       - uses: actions/checkout@v2
       - name: init rust
@@ -60,7 +62,7 @@ jobs:
 
   clippy:
     runs-on: ubuntu-latest
-    container: "integritee/integritee-dev:0.1.7"
+    container: "integritee/integritee-dev:0.1.9"
     steps:
       - uses: actions/checkout@v2
       - name: init rust
@@ -95,7 +97,7 @@ jobs:
   integration-tests:
     runs-on: ubuntu-latest
     needs: build-test
-    container: "integritee/integritee-dev:0.1.7"
+    container: "integritee/integritee-dev:0.1.9"
     strategy:
       fail-fast: false
       matrix:
@@ -172,10 +174,10 @@ jobs:
         with:
           github_token: ${{secrets.GITHUB_TOKEN}}
           workflow: ci.yml
-          name: integritee-node-dev-fb4bac9880a8e742f8862bcdadd0f0b0bd2624a7
+          name: integritee-node-dev-5da191f98425a3217df413e89126e8c6f7efcb8a
           # in fact this action should download the latest artifact, but sometimes fails. Then we need to
           # set the `run_id` to force a download of an updated binary.
-          run_id: 1807673902
+          run_id: 2239021033
           path: node
           repo: integritee-network/integritee-node
 
@@ -207,8 +209,8 @@ jobs:
         # * `set -eo pipefail` is needed to return an error even if piped to `tee`.
         shell: bash --noprofile --norc -eo pipefail {0}
         run: |
-          touch ${{ env.LOG_DIR}}/local-setup.log
-          ./local-setup/launch.py local-setup/github-action-config.json 2>&1 | tee ${{ env.LOG_DIR}}/local-setup.log &
+          touch ${{ env.LOG_DIR }}/local-setup.log
+          ./local-setup/launch.py local-setup/github-action-config.json 2>&1 | tee -i ${{ env.LOG_DIR }}/local-setup.log &
           sleep 150
 
       - name: ${{ matrix.demo_name }}
@@ -225,3 +227,66 @@ jobs:
         with:
           name: ${{ matrix.test }}_logs
           path: ${{ env.LOG_DIR }}
+
+  release:
+    name: Draft Release
+    if: startsWith(github.ref, 'refs/tags/')
+    runs-on: ubuntu-latest
+    needs: [build-test, integration-tests]
+    outputs:
+      release_url: ${{ steps.create-release.outputs.html_url }}
+      asset_upload_url: ${{ steps.create-release.outputs.upload_url }}
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Download Integritee Service
+        uses: actions/download-artifact@v2
+        with:
+          name: integritee-worker-${{ github.sha }}
+          path: integritee-worker-tmp
+
+      - name: Download Integritee Client
+        uses: actions/download-artifact@v2
+        with:
+          name: integritee-client-${{ github.sha }}
+          path: integritee-client-tmp
+
+      - name: Download Enclave Signed
+        uses: actions/download-artifact@v2
+        with:
+          name: enclave-signed-${{ github.sha }}
+          path: enclave-signed-tmp
+
+      - name: Move service binaries
+        run: mv integritee-worker-tmp/integritee-service ./integritee-demo-validateer
+
+      - name: Move service client binaries
+        run: mv integritee-client-tmp/integritee-cli ./integritee-client
+
+      - name: Move service client binaries
+        run: mv enclave-signed-tmp/enclave.signed.so ./enclave.signed.so
+
+      - name: Create required package.json
+        run: test -f package.json || echo '{}' >package.json
+
+      - name: Changelog
+        uses: scottbrenner/generate-changelog-action@master
+        id: Changelog
+
+      - name: Display structure of downloaded files
+        run: ls -R
+        working-directory: .
+
+      - name: Release
+        id: create-release
+        uses: softprops/action-gh-release@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          body: |
+            ${{ steps.Changelog.outputs.changelog }}
+          draft: true
+          files: |
+            integritee-client
+            integritee-demo-validateer
+            enclave.signed.so
diff --git a/.github/workflows/delete-release.yml b/.github/workflows/delete-release.yml
@@ -0,0 +1,65 @@
+name: Delete-Release
+
+on:
+  release:
+    types: [deleted] # should be deleted
+
+jobs:
+  purge-image:
+    name: Delete image from ghcr.io
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        binary: ["integritee-client", "integritee-demo-validateer"]
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Set output
+        id: vars
+        run: echo ::set-output name=tag::${GITHUB_REF#refs/*/}
+
+      - name: Check output
+        env:
+          RELEASE_VERSION: ${{ steps.vars.outputs.tag }}
+        run: |
+          echo $RELEASE_VERSION
+          echo ${{ steps.vars.outputs.tag }}
+          echo ${{github.event.pull_request.number}}
+
+      - name: Login to DockerHub
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+
+      # Unfortunately accessing the repo with personal access token is not possible
+      # Workaround: disable 2FA and user password instead of TOKEN
+      - name: Delete docker tag
+        run: |
+          ORGANIZATION="integritee"
+          IMAGE="${{ matrix.binary }}"
+          TAG="${{ steps.vars.outputs.tag }}"
+
+          login_data() {
+          cat <<EOF
+          {
+            "username": "${{ secrets.DOCKER_HUB_USERNAME }}",
+            "password": "${{ secrets.DOCKERHUB_PASSWORD }}"
+          }
+          EOF
+          }
+
+          TOKEN=`curl -s -H "Content-Type: application/json" -X POST -d "$(login_data)" "https://hub.docker.com/v2/users/login/" | jq -r .token`
+
+          curl "https://hub.docker.com/v2/repositories/${ORGANIZATION}/${IMAGE}/tags/${TAG}/" \
+          -X DELETE \
+          -H "Authorization: JWT ${TOKEN}"
+
+      - name: Delete tag as well
+        uses: dev-drprasad/[email protected]
+        with:
+          delete_release: false # it is triggered by release deletion
+          tag_name: ${{ steps.vars.outputs.tag }} # tag name to delete
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/publish-docker-release.yml b/.github/workflows/publish-docker-release.yml
@@ -0,0 +1,64 @@
+name: Publish Docker image for new releases
+
+on:
+  release:
+    types:
+      - published
+
+jobs:
+  main:
+    name: Push Integritee Services to Dockerhub
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        binary: ["integritee-demo-validateer", "integritee-client"]
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Download ${{ matrix.binary }} from release
+        uses: dsaltares/fetch-gh-release-asset@master
+        with:
+          version: "tags/${{ github.event.release.tag_name }}"
+          file: "${{ matrix.binary }}"
+          target: "bin/${{ matrix.binary }}"
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Download ${{ matrix.binary }} from release
+        uses: dsaltares/fetch-gh-release-asset@master
+        with:
+          version: "tags/${{ github.event.release.tag_name }}"
+          file: "enclave.signed.so"
+          target: "bin/enclave.signed.so"
+          token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Cache Docker layers
+        uses: actions/cache@v2
+        with:
+         path: /tmp/.buildx-cache
+         key: ${{ runner.os }}-buildx-${{ github.sha }}
+         restore-keys: |
+           ${{ runner.os }}-buildx-
+
+      - name: Login to Dockerhub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+
+      - name: Build and push
+        id:   docker_build
+        uses: docker/build-push-action@v2
+        with:
+          push: true
+          context: .
+          tags: |
+            integritee/${{ matrix.binary }}:${{ github.event.release.tag_name }}
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache
+          build-args: BINARY_FILE=${{ matrix.binary }}
+
+      - name: Image digest
+        run: echo ${{ steps.docker_build.outputs.digest }}