Merge pull request #572 from input-output-hk/djo/543/fix-artifacts-collision

Package artifacts in a archive for each environment

Author: Alenar

.github/workflows/ci.yml

@@ -296,34 +296,68 @@ jobs:
       - run-test-lab
       - check
     steps:
-      - name: Download built artifacts (${{ runner.os }}-${{ runner.arch }})
+      - name: Checkout sources
+        uses: actions/checkout@v3
+      
+      - name: Prepare packaging
+        run: mkdir package
+
+      - name: Get short SHA
+        id: slug
+        run: echo "sha8=$(echo ${{ github.sha }} | cut -c1-7)" >> $GITHUB_OUTPUT
+      
+      - name: Download built artifacts (Linux-X64)
         uses: actions/download-artifact@v3
         with:
-          name: mithril-distribution-${{ runner.os }}-${{ runner.arch }}
-          path: ./build
+          name: mithril-distribution-Linux-X64
+          path: ./package-Linux-X64
 
       - name: Download built artifacts (macOS-X64)
         uses: actions/download-artifact@v3
         with:
           name: mithril-distribution-macOS-X64
-          path: ./build
+          path: ./package-macOS-X64
 
       - name: Download built artifacts (Windows-X64)
         uses: actions/download-artifact@v3
         with:
           name: mithril-distribution-Windows-X64
-          path: ./build
+          path: ./package-Windows-X64
 
+      - name: Package distribution (Linux-X64)
+        run: |
+          python3 ./.github/workflows/scripts/package-distribution.py \
+          --input package-Linux-X64/ \
+          --dest package/ \
+          --version "unstable-${{ steps.slug.outputs.sha8 }}" \
+          --target "linux-x64"
+
+      - name: Package distribution (macOS-X64)
+        run: |
+          python3 ./.github/workflows/scripts/package-distribution.py \
+          --input package-macOS-X64/ \
+          --dest package/ \
+          --version "unstable-${{ steps.slug.outputs.sha8 }}" \
+          --target "macos-x64"
+
+      - name: Package distribution (Windows-X64)
+        run: |
+          python3 ./.github/workflows/scripts/package-distribution.py \
+          --input package-Windows-X64/ \
+          --dest package/ \
+          --version "unstable-${{ steps.slug.outputs.sha8 }}" \
+          --target "windows-x64"
+      
       - name: Update unstable release
         uses: marvinpinto/action-automatic-releases@latest
         with:
           repo_token: ${{ secrets.GITHUB_TOKEN }}
           automatic_release_tag: unstable
           prerelease: true
           title: Unstable Development Builds
-          files: build/*
+          files: package/*
 
-  terraform:
+  deploy-testing:
     runs-on: ubuntu-22.04
     needs:
       - docker-mithril

.github/workflows/pre-release.yml

@@ -10,36 +10,66 @@ jobs:
   create-pre-release:
     runs-on: ubuntu-22.04
     steps:
+      - name: Checkout sources
+        uses: actions/checkout@v3
+      
+      - name: Prepare packaging
+        run: mkdir package
+
       - name: Download built artifacts (Linux-x64)
         uses: dawidd6/action-download-artifact@v2
         with:
           name: mithril-distribution-Linux-x64
-          path: ./build
+          path: ./package-Linux-X64
           commit: ${{ github.sha }}
           workflow: ci.yml
           workflow_conclusion: success
-      
-      - name: Download built artifacts (Windows-x64)
+
+      - name: Download built artifacts (macOS-x64)
         uses: dawidd6/action-download-artifact@v2
         with:
-          name: mithril-distribution-Windows-x64
-          path: ./build
+          name: mithril-distribution-macOS-x64
+          path: ./package-macOS-X64
           commit: ${{ github.sha }}
           workflow: ci.yml
           workflow_conclusion: success
 
-      - name: Download built artifacts (macOS-x64)
+      - name: Download built artifacts (Windows-x64)
         uses: dawidd6/action-download-artifact@v2
         with:
-          name: mithril-distribution-macOS-x64
-          path: ./build
+          name: mithril-distribution-Windows-x64
+          path: ./package-Windows-X64
           commit: ${{ github.sha }}
           workflow: ci.yml
           workflow_conclusion: success
+
+      - name: Package distribution (Linux-X64)
+        run: |
+          python3 ./.github/workflows/scripts/package-distribution.py \
+          --input package-Linux-X64/ \
+          --dest package/ \
+          --version "${{ github.ref_name }}" \
+          --target "linux-x64"
+
+      - name: Package distribution (macOS-X64)
+        run: |
+          python3 ./.github/workflows/scripts/package-distribution.py \
+          --input package-macOS-X64/ \
+          --dest package/ \
+          --version "${{ github.ref_name }}" \
+          --target "macos-x64"
+
+      - name: Package distribution (Windows-X64)
+        run: |
+          python3 ./.github/workflows/scripts/package-distribution.py \
+          --input package-Windows-X64/ \
+          --dest package/ \
+          --version "${{ github.ref_name }}" \
+          --target "windows-x64"
       
       - name: Append VERSION file
         run: |
-          echo ${{ github.ref_name }} >> ./build/VERSION
+          echo ${{ github.ref_name }} >> ./package/VERSION
       
       - name: Create pre-release ${{ github.ref_name }}
         uses: marvinpinto/action-automatic-releases@latest
@@ -48,7 +78,7 @@ jobs:
           automatic_release_tag: ${{ github.ref_name }}
           prerelease: true
           title: Mithril v${{ github.ref_name }}
-          files: build/**/*
+          files: package/*
 
   build-push-docker:
     runs-on: ubuntu-22.04

.github/workflows/scripts/package-distribution.py

@@ -0,0 +1,91 @@
+import hashlib
+import argparse
+import os
+import platform
+import shutil
+
+
+def sha256sum(path: str):
+    h = hashlib.sha256()
+    paths = []
+
+    # Note: this won't works if the given path is a directory with a subdirectory
+    if os.path.isdir(path):
+        for file in os.listdir(path):
+            paths.append(os.path.join(path, file))
+    else:
+        paths.append(path)
+
+    for path in paths:
+        with open(path, "rb") as f:
+            data = f.read()
+            h.update(data)
+    return h.hexdigest()
+
+
+def dir_path(path):
+    if os.path.isdir(path):
+        return path
+    else:
+        raise NotADirectoryError(path)
+
+
+def build_archive(input_dir, destination_dir, archive_basename):
+    input_files = os.listdir(args.input)
+    print(f"packing mithril distribution {args.version}-{args.target} with files: {input_files}")
+
+    if platform.system() == "Windows":
+        import zipfile
+
+        archive_name = os.path.join(destination_dir, f"{archive_basename}.zip")
+        with zipfile.ZipFile(archive_name, mode="x") as archive:
+            for filename in input_files:
+                archive.write(os.path.join(input_dir, filename), arcname=filename)
+    else:
+        import tarfile
+
+        archive_name = os.path.join(destination_dir, f"{archive_basename}.tar.gz")
+        with tarfile.open(archive_name, "x:gz") as archive:
+            for filename in input_files:
+                archive.add(os.path.join(input_dir, filename), arcname=filename)
+
+    print(f"successfully packed mithril distribution into: {archive_name}")
+    return archive_name
+
+
+def check_archive(archive, original_input_dir):
+    print(f"checking archive ...")
+    test_dir = "./unpack-test"
+    shutil.unpack_archive(archive, test_dir)
+    original_checksum = sha256sum(original_input_dir)
+    archive_content_checksum = sha256sum(test_dir)
+    if original_checksum != archive_content_checksum:
+        print(
+            f"mithril distribution checksum mismatch: before {original_checksum} != after {archive_content_checksum}"
+        )
+        exit(1)
+    print("OK ! Checksum of the archive files matches original files")
+
+    shutil.rmtree(test_dir)
+
+
+def compute_sha256_checksum(archive):
+    print(f"computing archive checksum...")
+    archive_checksum = sha256sum(archive)
+    checksum_filename = f"{archive}.sha256"
+    with open(checksum_filename, "x") as f:
+        f.write(archive_checksum)
+
+
+if __name__ == '__main__':
+    parser = argparse.ArgumentParser()
+    parser.add_argument("--input", type=dir_path, help="input folder which content will be archived", required=True)
+    parser.add_argument("--dest", type=dir_path, help="destination folder for the archive, default to current folder",
+                        default="./")
+    parser.add_argument("--version", help="version of the distribution to package", required=True)
+    parser.add_argument("--target", help="target os & architecture of the package", required=True)
+    args = parser.parse_args()
+
+    archive_path = build_archive(args.input, args.dest, archive_basename=f"mithril-{args.version}-{args.target}")
+    check_archive(archive_path, args.input)
+    compute_sha256_checksum(archive_path)

mithril-client/src/lib.rs

@@ -1,14 +1,14 @@
 #![warn(missing_docs)]
 
 //! Define everything necessary to list, download, and validate snapshots from a
-//! [Mithril Aggregator](https://mithril.network/mithril-aggregator/doc/mithril_aggregator/index.html).
+//! [Mithril Aggregator](https://mithril.network/rust-doc/mithril_aggregator/index.html).
 //!
 //! To query an aggregator for snapshots & certificate use the [AggregatorHTTPClient] that implement
 //! the [AggregatorHandler] trait.
 //!
 //! To list, download, and validate snapshots use the [Runtime].
 //! You must initialize it by giving it a CertificateVerifier, a ProtocolGenesisVerifier and a [AggregatorHandler], and a
-//! [Digester](https://mithril.network/mithril-common/doc/mithril_common/digesters/trait.Digester.html)
+//! [Digester](mithril_common::digesters::ImmutableDigester)
 //! implementations using the `with_xxx` methods.
 
 mod aggregator;

mithril-client/src/runtime.rs

@@ -30,7 +30,7 @@ pub enum RuntimeError {
     AggregatorHandler(#[from] AggregatorHandlerError),
 
     /// Error raised when a CertificateRetrieverError tries to retrieve a
-    /// [certificate](https://mithril.network/mithril-common/doc/mithril_common/entities/struct.Certificate.html)
+    /// [certificate](mithril_common::entities::Certificate)
     #[error("certificate retriever error: '{0}'")]
     CertificateRetriever(#[from] CertificateRetrieverError),
 
@@ -39,7 +39,7 @@ pub enum RuntimeError {
     ImmutableDigester(#[from] ImmutableDigesterError),
 
     /// Error raised when the digest stored in the signed message doesn't match the
-    /// [certificate](https://mithril.network/mithril-common/doc/mithril_common/entities/struct.Certificate.html)
+    /// [certificate](mithril_common::entities::Certificate)
     /// hash.
     #[error("digest doesn't match error: '{0}'")]
     DigestDoesntMatch(String),

mithril-common/src/certificate_chain/certificate_retriever.rs

@@ -10,16 +10,16 @@ use mockall::automock;
 /// [CertificateRetriever] related errors.
 #[derive(Error, Debug)]
 pub enum CertificateRetrieverError {
-    /// Error raised when a [CertificateRetriever] tries to retrieve a [certificate](https://mithril.network/mithril-common/doc/mithril_common/entities/struct.Certificate.html)
+    /// Error raised when a [CertificateRetriever] tries to retrieve a [Certificate]
     #[error("general error: '{0}'")]
     General(String),
 }
 
-/// CertificateRetriever is in charge of retrieving a Certificate given its hash
+/// CertificateRetriever is in charge of retrieving a [Certificate] given its hash
 #[cfg_attr(test, automock)]
 #[async_trait]
 pub trait CertificateRetriever: Sync + Send {
-    /// Get certificate details
+    /// Get [Certificate] details
     async fn get_certificate_details(
         &self,
         certificate_hash: &str,

mithril-common/src/certificate_chain/certificate_verifier.rs

@@ -31,31 +31,24 @@ pub enum CertificateVerifierError {
     #[error("codec genesis error: '{0}'")]
     CodecGenesis(String),
 
-    /// Error raised when a CertificateRetriever tries to retrieve
-    /// a [certificate](https://mithril.network/mithril-common/doc/mithril_common/entities/struct.Certificate.html)
+    /// Error raised when a CertificateRetriever tries to retrieve a [Certificate].
     #[error("certificate retriever error: '{0}'")]
     CertificateRetriever(#[from] CertificateRetrieverError),
 
-    /// Error raised when the Genesis Signature stored in a
-    /// [certificate](https://mithril.network/mithril-common/doc/mithril_common/entities/struct.Certificate.html)
-    /// is invalid.
+    /// Error raised when the Genesis Signature stored in a [Certificate] is invalid.
     #[error("certificate genesis error: '{0}'")]
     CertificateGenesis(#[from] ProtocolGenesisError),
 
-    /// Error raised when the hash stored in a
-    /// [certificate](https://mithril.network/mithril-common/doc/mithril_common/entities/struct.Certificate.html)
-    /// doesn't match a recomputed hash.
+    /// Error raised when the hash stored in a [Certificate] doesn't match a recomputed hash.
     #[error("certificate hash unmatch error")]
     CertificateHashUnmatch,
 
-    /// Error raised when validating the certificate chain if a previous
-    /// [certificate](https://mithril.network/mithril-common/doc/mithril_common/entities/struct.Certificate.html)
-    /// hash isn't equal to the current certificate `previous_hash`.
+    /// Error raised when validating the certificate chain if a previous [Certificate] hash isn't
+    /// equal to the current certificate `previous_hash`.
     #[error("certificate chain previous hash unmatch error")]
     CertificateChainPreviousHashUnmatch,
 
-    /// Error raised when validating the certificate chain if the current
-    /// [certificate](https://mithril.network/mithril-common/doc/mithril_common/entities/struct.Certificate.html)
+    /// Error raised when validating the certificate chain if the current [Certificate]
     /// `aggregate_verification_key` doesn't match the previous `aggregate_verification_key` (if
     /// the certificates are on the same epoch) or the previous `next_aggregate_verification_key`
     /// (if the certificates are on different epoch).
@@ -67,7 +60,8 @@ pub enum CertificateVerifierError {
     CertificateChainInfiniteLoop,
 }
 
-/// CertificateVerifier is the cryptographic engine in charge of verifying multi signatures and certificates
+/// CertificateVerifier is the cryptographic engine in charge of verifying multi signatures and
+/// [certificates](Certificate)
 #[cfg_attr(test, automock)]
 #[async_trait]
 pub trait CertificateVerifier: Send + Sync {

mithril-common/src/crypto_helper/cardano/key_certification.rs

@@ -76,7 +76,7 @@ pub enum ProtocolInitializerErrorWrapper {
     #[error("KES key cannot be updated for period {0}")]
     KesUpdate(KESPeriod),
 }
-/// Wrapper structure for [MithrilCore:StmInitializer](https://mithril.network/mithril-core/doc/mithril/stm/struct.StmInitializer.html).
+/// Wrapper structure for [MithrilCore:StmInitializer](mithril::stm::StmInitializer).
 /// It now obtains a KES signature over the Mithril key. This allows the signers prove
 /// their correct identity with respect to a Cardano PoolID.
 #[derive(Debug, Clone, Serialize, Deserialize)]
@@ -85,7 +85,7 @@ pub struct StmInitializerWrapper {
     kes_signature: Option<ProtocolSignerVerificationKeySignature>, // todo: The option is ONLY for a smooth transition. We have to remove this.
 }
 
-/// Wrapper structure for [MithrilCore:KeyReg](https://mithril.network/mithril-core/doc/mithril/key_reg/struct.KeyReg.html).
+/// Wrapper structure for [MithrilCore:KeyReg](mithril::key_reg::KeyReg).
 /// The wrapper not only contains a map between `Mithril vkey <-> Stake`, but also
 /// a map `PoolID <-> Stake`. This information is recovered from the node state, and
 /// is used to verify the identity of a Mithril signer. Furthermore, the `register` function

mithril-common/src/crypto_helper/genesis.rs

@@ -14,7 +14,8 @@ pub enum ProtocolGenesisError {
     SignatureVerification(#[from] SignatureError),
 }
 
-/// A protocol Genesis Signer that is responsible for signing the [Genesis Certificate](https://mithril.network/doc/mithril/mithril-protocol/certificates#the-certificate-chain-design)
+/// A protocol Genesis Signer that is responsible for signing the
+/// [Genesis Certificate](https://mithril.network/doc/mithril/mithril-protocol/certificates#the-certificate-chain-design)
 #[derive(Debug, Serialize, Deserialize)]
 pub struct ProtocolGenesisSigner {
     pub(crate) secret_key: ProtocolGenesisSecretKey,
@@ -76,7 +77,8 @@ impl ProtocolGenesisSigner {
     }
 }
 
-/// A protocol Genesis Verifier that is responsible for verifying the [Genesis Certificate](https://mithril.network/doc/mithril/mithril-protocol/certificates#the-certificate-chain-design)
+/// A protocol Genesis Verifier that is responsible for verifying the
+/// [Genesis Certificate](https://mithril.network/doc/mithril/mithril-protocol/certificates#the-certificate-chain-design)
 #[derive(Debug, Serialize, Deserialize, Clone)]
 pub struct ProtocolGenesisVerifier {
     pub(crate) verification_key: ProtocolGenesisVerificationKey,

mithril-common/src/crypto_helper/mod.rs

@@ -1,4 +1,4 @@
-//! Tools and types to abstract the use of the [Mithril Core library](https://mithril.network/mithril-core/doc/mithril/index.html)
+//! Tools and types to abstract the use of the [Mithril Core library](https://mithril.network/rust-doc/mithril/index.html)
 
 mod cardano;
 mod codec;