From e8db46ebf0c6e854c74b79d99fc12fa9c7d3d24c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?No=C3=A9mien=20Kocher?= Date: Mon, 28 Nov 2022 17:31:40 +0100 Subject: [PATCH] Adds release actions for web apps - adds instructions to build and run the web frontend/backend --- .github/workflows/go_release.yml | 44 --------- .github/workflows/releases.yml | 149 +++++++++++++++++++++++++++++++ deb-package/README.md | 131 ++++++++++++++++++++------- web/backend/.gitignore | 1 + web/backend/access_config.json | 13 --- web/backend/readme.md | 24 +---- 6 files changed, 254 insertions(+), 108 deletions(-) delete mode 100644 .github/workflows/go_release.yml create mode 100644 .github/workflows/releases.yml delete mode 100644 web/backend/access_config.json diff --git a/.github/workflows/go_release.yml b/.github/workflows/go_release.yml deleted file mode 100644 index f96694fba..000000000 --- a/.github/workflows/go_release.yml +++ /dev/null @@ -1,44 +0,0 @@ -name: Release - -on: - release: - types: [published] - -jobs: - release: - name: release - runs-on: ubuntu-latest - - steps: - - name: checkout - uses: actions/checkout@v3 - - - name: Use go - uses: actions/setup-go@v3 - with: - go-version: '>=1.18' - - - name: Install fpm - run: | - sudo apt-get update - sudo apt-get install ruby-dev build-essential - sudo gem install fpm -f - - - name: build artifacts - # builds the binary and the .deb - run: make deb - - - name: Publish release to aptly - env: - APTLY_USER: ${{ secrets.APTLY_USER }} - APTLY_PASSWORD: ${{ secrets.APTLY_PASSWORD }} - GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} - run: | - ./deb-package/upload-artifacts.sh deb-package/dist - - - name: Update artifacts to Github's release - uses: softprops/action-gh-release@v1 - with: - files: | - memcoin-* - deb-package/dist/* \ No newline at end of file diff --git a/.github/workflows/releases.yml b/.github/workflows/releases.yml new file mode 100644 index 000000000..a976e5099 --- /dev/null +++ b/.github/workflows/releases.yml @@ -0,0 +1,149 @@ +name: Releases + +on: + release: + types: [published] + +jobs: + memcoin: + name: release memcoin and .deb + runs-on: ubuntu-latest + + steps: + - name: checkout + uses: actions/checkout@v3 + + - name: Use go + uses: actions/setup-go@v3 + with: + go-version: '>=1.18' + + - name: Install fpm + run: | + sudo apt-get update + sudo apt-get install ruby-dev build-essential + sudo gem install fpm -f + + - name: build artifacts + # builds the binary and the .deb + run: make deb + + - name: Publish release to aptly + env: + APTLY_USER: ${{ secrets.APTLY_USER }} + APTLY_PASSWORD: ${{ secrets.APTLY_PASSWORD }} + GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} + run: | + ./deb-package/upload-artifacts.sh deb-package/dist + + - name: Update artifacts to Github's release + uses: softprops/action-gh-release@v1 + with: + files: | + memcoin-* + deb-package/dist/* + + backend: + name: release the web backend + runs-on: ubuntu-latest + + defaults: + run: + working-directory: ./web/backend + + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-node@v3 + with: + node-version: 18 + + - name: Get the version + id: get_version + run: | + echo ::set-output name=version::$(echo ${GITHUB_REF/refs\/tags\//}) + echo ::set-output name=version_file::web-backend-$(echo ${GITHUB_REF/refs\/tags\//} | tr . _) + echo "::set-output name=shortsha::$(git rev-parse --short ${GITHUB_SHA})" + echo "::set-output name=buildurl::${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}/commit/${GITHUB_SHA}" + echo "::set-output name=date::$(date +'%d/%m/%y %H:%M')" + + - name: install + run: | + npm install + + - name: transpile + env: + NODE_ENV: production + run: | + ./node_modules/.bin/tsc --outDir ./build/ + + - name: Pack folder + run: | + npm prune --production + mkdir ${{ steps.get_version.outputs.version_file }} + cd ${{ steps.get_version.outputs.version_file }} + cp -r ../build/* . + cp -r ../node_modules . + cp -r ../dbUtils.js . + cp -r ../config.env.template . + + - name: Create tar.gz + run: | + tar -czvf ${{ steps.get_version.outputs.version_file }}.tar.gz ${{ steps.get_version.outputs.version_file }} + + - name: Upload release + uses: softprops/action-gh-release@v1 + if: startsWith(github.ref, 'refs/tags/') + with: + files: web/backend/${{ steps.get_version.outputs.version_file }}.tar.gz + + fontend: + name: release the web frontend + runs-on: ubuntu-latest + + defaults: + run: + working-directory: ./web/frontend + + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-node@v3 + with: + node-version: 18 + + - name: Get the version + id: get_version + run: | + echo ::set-output name=version::$(echo ${GITHUB_REF/refs\/tags\//}) + echo ::set-output name=version_file::web-frontend-$(echo ${GITHUB_REF/refs\/tags\//} | tr . _) + echo "::set-output name=shortsha::$(git rev-parse --short ${GITHUB_SHA})" + echo "::set-output name=buildurl::${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}/commit/${GITHUB_SHA}" + echo "::set-output name=date::$(date +'%d/%m/%y %H:%M')" + + - name: install + run: | + npm install + + - name: save config variables + run: | + echo "REACT_APP_VERSION=${{ steps.get_version.outputs.version }}" >> .env.production + echo "REACT_APP_BUILD=${{ steps.get_version.outputs.shortsha }}" >> .env.production + echo "REACT_APP_BUILD_TIME=${{ steps.get_version.outputs.date }}" >> .env.production + + - name: transpile + env: + NODE_ENV: production + HTTPS: true + BUILD_PATH: ./build/ + CI: false + run: | + ./node_modules/.bin/react-scripts build + + - name: Create tar.gz + run: | + tar -czvf ${{ steps.get_version.outputs.version_file }}.tar.gz ./build + + - name: Upload release + uses: softprops/action-gh-release@v1 + if: startsWith(github.ref, 'refs/tags/') + with: + files: web/frontend/${{ steps.get_version.outputs.version_file }}.tar.gz \ No newline at end of file diff --git a/deb-package/README.md b/deb-package/README.md index 276e35092..c4a5659d1 100644 --- a/deb-package/README.md +++ b/deb-package/README.md @@ -1,38 +1,72 @@ -# Packaging D-Voting in an installable .deb file +# Run the web backend -## Requirements +You need to have node 18.x version. -- gem -- build-essential -- git -- fpm (`sudo gem install fpm`) -- go (see https://go.dev/doc/install) +1) Install dependencies and transpile: ```sh -sudo apt install rubygems build-essential git +cd web/frontend +npm install --production +NODE_ENV=production ./node_modules/.bin/tsc --outDir build ``` -## Get the code +2) Copy `node_modules`, `config.env`, and `dbUtil.js` somewhere. + +3) Run the web backend: ```sh -git clone --branch packaging https://github.com/dedis/d-voting.git --recursive +source x/y/config.env && \ + NODE_ENV=production PORT=6000 NODE_PATH=x/y/node_modules \ + /usr/bin/node /x/y/build/Server.js ``` -## Build the deb package +`Server.js` is the result of the transpilation. Replace locations appropriately +and be sure to *export* variables in `config.env` (i.e do `export xx=yy`). +However it is recommended to use a service manager such as systemd to run the +app. -from the root folder, use make: +4) Use dbUtils.js + +You can manually update the rights with `dbUtils.js`: ```sh -make deb +NODE_PATH=./node_modules node -e 'require("./dbUtils").listEls("../data/dvoting-users")' ``` -Make sure that a git tag exist, i.e `git describe` shows your tag. +# Run the web frontend -The resulting .deb can be found in the `dist/` folder. +You need to have node 18.x version. -## Things to do after install +1) Install dependencies and transpile: -### Network config +```sh +cd web/frontend +npm install --production +NODE_ENV=production HTTPS=true BUILD_PATH=x/y/build ./node_modules/.bin/react-scripts build +``` + +2) Configure an HTTP server + +You should server the `x/y/build` folder and proxy all requests on `/api` to the +web backend. For example with nginx: + +``` + location / { + root /x/y/build; + index index.html; + autoindex on; + try_files $uri /index.html; + } + + location /api { + proxy_pass http://127.0.0.1:6000; + + } +``` + +# Configure a network of nodes + +## Network config Ensure that the public address is correct. For instance, in `/etc/dedis/dvoting/config.env`, replace: @@ -49,7 +83,18 @@ export dela_public="//172.16.253.150:9000" and don't forget to restart the service! -### Leader's node +```sh +service d-voting restart +``` + +## Create a roster + +If you keep TLS encryption at the gRPC level, you must share the certificates +between the nodes. To do that you generate credentials on the first node, and +make all other nodes send their certificates to the first node using the +credentials. + +**generate credentials** (on the first node): Get the token and certificate (24h * 30 = 720): @@ -64,7 +109,7 @@ This result, which looks like as follow, will be given to node's operators: --token b6VhdQEPXKOtZHpng8E8jw== --cert-hash oNeyrA864P2cP+TT6IE6GvkeEI/Ec4rOlZWEWiQkQKk= ``` -### Participants (node's operators) +**share certificates** (all other nodes): Join the network. This operation will make the node share its certificate to the MASTER node, which, in turn, will share its known certificates to the node. Note @@ -78,7 +123,9 @@ sudo memcoin --config /var/opt/dedis/dvoting/data/dela minogrpc join \ Example of ``: `'//172.16.253.150:9000'` -Get the node's address and public key: +## Setup the chain + +First get the address of all nodes by running: ```sh sudo memcoin --config /var/opt/dedis/dvoting/data/dela ordering export @@ -86,13 +133,11 @@ sudo memcoin --config /var/opt/dedis/dvoting/data/dela ordering export This will yield a base64 encoded string `
:`. -It will have to be provided to EPFL. - -## Setup the chain, from EPFL +From the first node. **1: Create the chain**: -Do not forget to include ourself, the EPFL node! +Include ALL nodes, the first and all other nodes. ```sh sudo memcoin --config /var/opt/dedis/dvoting/data/dela ordering setup \ @@ -103,6 +148,8 @@ sudo memcoin --config /var/opt/dedis/dvoting/data/dela ordering setup \ **2: grant access for each node to sign transactions on the evoting smart contract**: +To be done on each node. + ```sh PK=<> # taken from the "ordering export", the part after ":" sudo memcoin --config /var/opt/dedis/dvoting/data/dela pool add \ @@ -115,13 +162,37 @@ sudo memcoin --config /var/opt/dedis/dvoting/data/dela pool add \ --args access:command --args GRANT ``` -You should also grant access to the master key. +# Package D-Voting in an installable .deb file -### Test +A .deb package is created by the CI upon the creation of a release. You might +want to check `deb-package/upload-artifacts.sh` and the `go_release.yml` action. + +## Requirements + +- gem +- build-essential +- git +- fpm (`sudo gem install fpm`) +- go (see https://go.dev/doc/install) ```sh -sudo memcoin --config /var/opt/dedis/dvoting/data/dela e-voting scenarioTest \ - --proxy-addr1 "http://192.168.232.133:9080" \ - --proxy-addr2 "http://192.168.232.134:9080" \ - --proxy-addr3 "http://192.168.232.135:9080" +sudo apt install rubygems build-essential git ``` + +## Get the code + +```sh +git clone https://github.com/dedis/d-voting.git +``` + +## Build the deb package + +from the root folder, use make: + +```sh +make deb +``` + +Make sure that a git tag exist, i.e `git describe` shows your tag. + +The resulting .deb can be found in the `dist/` folder. \ No newline at end of file diff --git a/web/backend/.gitignore b/web/backend/.gitignore index b70cb1379..14ea7b62f 100644 --- a/web/backend/.gitignore +++ b/web/backend/.gitignore @@ -14,6 +14,7 @@ #config config.env +config_export.env .env # misc diff --git a/web/backend/access_config.json b/web/backend/access_config.json deleted file mode 100644 index eee0cbc57..000000000 --- a/web/backend/access_config.json +++ /dev/null @@ -1,13 +0,0 @@ -{ - "everyone": ["/api/get_teq_key", "/api/control_key", "/api/personal_info"], - "voter": ["/api/logout", "/api/personal_info"], - "operator": ["/api/logout", "/api/personal_info"], - "admin": [ - "/api/logout", - "/api/personal_info", - "/api/user_rights", - "/api/add_role", - "/api/remove_role", - "/api/evoting/forms" - ] -} diff --git a/web/backend/readme.md b/web/backend/readme.md index 367044e7c..47ee541d5 100644 --- a/web/backend/readme.md +++ b/web/backend/readme.md @@ -4,21 +4,9 @@ Once the project cloned type `npm install` to install the packages. # Config -The project contains one file that is not in git (because it is in the .gitignore). -This file is called `config.json` and is located at the root of the express project. -Please use the `config.json.template` to start with. - -This files contains all the secrets and also the running information. It should be formatted this way : - -```json -{ - "FRONT_END_URL" : "", - "DELA_NODE_URL" : "", - "SESSION_SECRET" : "", - "PUBLIC_KEY" : "", - "PRIVATE_KEY" : "" -} -``` +Copy `config.env.template` to `config.en` and replace the variables as needed. + +## Generate a keypair Here is a small piece of code to help generating the keys: @@ -32,12 +20,6 @@ func GenerateKey() { } ``` -Tip: you might need to add the following line to your `/etc/hosts` file: - -``` -127.0.0.1 dvoting-dev.local -``` - # Run the program Once all the previous steps done, the project can be run using `npm start`