Merge branch 'release-0.1.0-rc.1'

.github/workflows/publish-keria.yml

@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out the repo
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Log in to Docker Hub
         uses: docker/login-action@v2
@@ -26,6 +26,18 @@ jobs:
         with:
           images: WebOfTrust/keria
 
+      - name: Set up Docker buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Cache Docker Layers
+        uses: actions/cache@v3
+        with:
+          path: /tmp/.buildx-cache
+          key: keri-${{ runner.os }}-buildx-${{ github.sha }}
+          restore-keys: |
+            keri-${{ runner.os }}-buildx-
+
       - name: Build and push Docker image
         uses: docker/build-push-action@v3
         with:
@@ -35,4 +47,11 @@ jobs:
           tags: |
             WebOfTrust/keria:${{ github.event.inputs.version }}
             WebOfTrust/keria:latest
-          labels: ${{ github.event.inputs.version }}
+          labels: ${{ github.event.inputs.version }}
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
+
+      - name: Move Docker cache
+        run: |
+          rm -rf /tmp/.buildx-cache
+          mv /tmp/.buildx-cache-new /tmp/.buildx-cache

.github/workflows/python-app-ci.yml

@@ -7,7 +7,7 @@ on:
   push:
     branches:
       - 'main'
-      - 'dev'
+      - 'development'
   pull_request:
   workflow_dispatch:
 

Makefile

@@ -1,6 +1,6 @@
 .PHONY: build-keria
 build-keria:
-	@docker build --no-cache -f images/keria.dockerfile --tag weboftrust/keria:0.0.1 .
+	@docker buildx build --platform=linux/amd64 --no-cache -f images/keria.dockerfile --tag weboftrust/keria:0.1.0  --tag weboftrust/keria:latest .
 
 publish-keria:
-	@docker push weboftrust/keria:0.0.1
+	@docker push weboftrust/keria --all-tags

README.md

@@ -7,6 +7,30 @@ KERI Agent in the cloud
 
 Split from KERI Core
 
+## KERIA Service Architecture
+Here we detail the components of a single KERIA instance. This architecture protects the host and the holder private keys. All client tasks/calls are signed 'at the edge', not in the hosted KERIA instance. Therefore, KERIA relies on the Signify protocol for all calls. The Architecture provides three endpoints for Signify clients to create their KERIA agents. The Agency (boot) endpoint establishes an agent. The API Handler and Message Router endpoints would be exposed to the internet for creating identifiers, receiving credentials, etc.
+![KERIA](https://github.com/WebOfTrust/keria/assets/681493/a64212ef-e343-428d-954f-1aa81222ae63)
+
+### Message Router
+The Message Router receives external KERI protocol messages. These are KERI protocol messages for instance coordinating multi-sig, revoking credentials, etc. It routes these messages to the appropriate Agent(s). For instance a multisig message requires asynchronous waiting (for signature responses from other participants) and the message router would route those incoming KERI protocol responses to the appropriate agents.
+From Signify client calls, this service endpoint corresponds to the *http port* (default is 3902).
+This enpoint allows all KERI clients (not just Signify) to interact in a seamless way.
+
+### The Agency
+The Agency receives API requests (/boot requests) to provision agents. It is the central repository for initializing agents. 
+The Agency database persists all of the information to track the existing agents, allowing recovery on restart.
+From Signify clients calls, this service endpoint corresponds to the *boot port* (default is 3903).
+A common entry in the agency is the mapping between a managed AID and the agency that handles that managed AID.
+
+### API Handler
+The API Handler receives agent API requests (/agent requests) including for Signify clients to create identifiers, receiving credentials, etc. All API calls are signed by the Signify client headers so that all calls are secure. 
+This API interacts with agents and those interactions are stored in the agent databases.
+From Signify clients calls, this service endpoint corresponds to the *admin port* (default is 3901).
+
+### Agents
+Agents act on behalf of their Signify clients. They don't have the secrets of the client. Instead, they handle all actions for the clients, other than secret/encryption/signing. However, Agents do have their own keys and do sign all of their messages BACK to the Signify client, so the client can verify that all messages received are from their agent.
+Agents use KERI HIO to handle all of the different asynchronous actions that are occuring. HIO is an efficient and scalable orchestration/processing mechanism that leverages queues, handlers, coroutines, etc.
+All Agent db access is through the associated Agent.
 
 ## Development
 

images/keria.dockerfile

@@ -1,31 +1,55 @@
+# Builder stage
+FROM python:3.10.13-alpine3.18 as builder
 
-FROM python:3.10.4-alpine3.16
+# Install compilation dependencies
+RUN apk --no-cache add \
+    bash \
+    alpine-sdk \
+    libffi-dev \
+    libsodium \
+    libsodium-dev
 
-RUN apk update
-RUN apk add bash
 SHELL ["/bin/bash", "-c"]
 
-RUN apk add alpine-sdk
-RUN apk add libffi-dev
-RUN apk add libsodium
-RUN apk add libsodium-dev
-
-# Setup Rust for blake3 dependency build
+# Install Rust for blake3 dependency build
 RUN curl https://sh.rustup.rs -sSf | bash -s -- -y
 
-COPY . /keria
 WORKDIR /keria
 
-# Install KERIpy dependencies
-# Must source the Cargo environment for the blake3 library to see the Rust intallation during requirements install
-RUN source "$HOME/.cargo/env" && pip install -r requirements.txt
+RUN python -m venv venv
+ENV PATH=/keria/venv/bin:${PATH}
+RUN pip install --upgrade pip
+
+# Copy in Python dependency files
+COPY requirements.txt setup.py ./
+# "src/" dir required for installation of dependencies with setup.py
+RUN mkdir /keria/src
+# Install Python dependencies
+RUN . "$HOME/.cargo/env" && \
+    pip install -r requirements.txt
+
+# Runtime stage
+FROM python:3.10.13-alpine3.18
+
+# Install runtime dependencies
+RUN apk --no-cache add \
+    bash \
+    alpine-sdk \
+    libsodium-dev
+
+WORKDIR /keria
+
+# Copy over compiled dependencies
+COPY --from=builder /keria /keria
+# Copy in KERIA source files - enables near instantaneous builds for source only changes
+RUN mkdir -p /usr/local/var/keri
+ENV KERI_AGENT_CORS=${KERI_AGENT_CORS:-false}
+ENV PATH=/keria/venv/bin:${PATH}
 
 EXPOSE 3901
 EXPOSE 3902
 EXPOSE 3903
 
-ENV KERI_AGENT_CORS=${KERI_AGENT_CORS:-false}
-
-RUN mkdir -p /usr/local/var/keri
+COPY src/ src/
 
 ENTRYPOINT ["keria", "start",  "--config-file", "demo-witness-oobis", "--config-dir", "./scripts"]

scripts/keri/cf/demo-witness-oobis.json

@@ -5,8 +5,8 @@
     "curls": ["http://127.0.0.1:3902/"]
   },
   "iurls": [
-    "http://127.0.0.1:5642/oobi/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha/controller",
-    "http://127.0.0.1:5643/oobi/BLskRTInXnMxWaGqcpSyMgo0nYbalW99cGZESrz3zapM/controller",
-    "http://127.0.0.1:5644/oobi/BIKKuvBwpmDVA4Ds-EpL5bt9OqPzWPja2LigFYZN2YfX/controller"
+    "http://127.0.0.1:5642/oobi/BBilc4-L3tFUnfM_wJr4S4OJanAv_VmF_dJNN6vkf2Ha/controller?name=Wan&tag=witness",
+    "http://127.0.0.1:5643/oobi/BLskRTInXnMxWaGqcpSyMgo0nYbalW99cGZESrz3zapM/controller?name=Wes&tag=witness",
+    "http://127.0.0.1:5644/oobi/BIKKuvBwpmDVA4Ds-EpL5bt9OqPzWPja2LigFYZN2YfX/controller?name=Wil&tag=witness"
   ]
 }

setup.py

@@ -34,12 +34,12 @@
 
 setup(
     name='keria',
-    version='0.0.1',  # also change in src/keria/__init__.py
+    version='0.1.0',  # also change in src/keria/__init__.py
     license='Apache Software License 2.0',
     description='KERIA: KERI Agent in the cloud',
     long_description="KERIA: KERI Agent in the cloud.",
-    author='Samuel M. Smith',
-    author_email='[email protected]',
+    author='Philip S. Feairheller',
+    author_email='[email protected]',
     url='https://github.com/WebOfTrust/keria',
     packages=find_packages('src'),
     package_dir={'': 'src'},
@@ -76,7 +76,7 @@
     python_requires='>=3.10.4',
     install_requires=[
         'hio>=0.6.9',
-        'keri @ git+https://[email protected]/WebOfTrust/keripy.git',
+        'keri>=1.1.0',
         'mnemonic>=0.20',
         'multicommand>=1.0.0',
         'falcon>=3.1.0',

src/keria/__init__.py

@@ -3,5 +3,5 @@
 main package
 """
 
-__version__ = '0.0.1'  # also change in setup.py
+__version__ = '0.1.0'  # also change in setup.py