Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding amd64 debian packager, checksums, README updates. #312

Merged
merged 6 commits into from
Apr 12, 2024
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
99 changes: 99 additions & 0 deletions .github/workflows/deb_packager.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,99 @@
name: deb_packager

on:
push:
branches:
- 'main'
- 'next'
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

next is the development/integration branch. I think we should release only from main.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Removed next

paths:
- '**'
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What are the exact semantics here? The docs are not that clear.

What if I have a commit git commit --allow-empty, will this trigger? Or more importantly, when a tag is pushed by itself?
What is the difference no not having this option?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It triggers when any commit is pushed with a tag and captures all paths, including the . directories such as the .github for adding to the work flow.

tags:
- 'v*.*.*'
- 'v*.*.*-*'
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure we need this option, we use semver. Is the intent here to use the -* to describe Debian's revision? I personally would avoid having a distro specific strategy here.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As this is building specifically debian packages, I included this. For RPM based building it will adjust accordingly as it is a separate builder.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can adjust to whatever is preferred versioning/tagging :)


jobs:
build:
permissions:
id-token: write
contents: write
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tried git clone --depth=0 and got this error:

fatal: depth 0 is not a positive number

Shouldn't this be a 1?

Copy link
Collaborator Author

@djpolygon djpolygon Apr 11, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can adjust to 1, this is the fetch-depth we use with other versions of this same process. If you would like can adjust, let me know.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If it works then all good :) I assumed the CI would fail like it does locally

##### TAG Variable #####
- name: Adding TAG to ENV
run: echo "GIT_TAG=`echo $(git describe --tags --abbrev=0)`" >> $GITHUB_ENV
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can't GITHUB_REF be used instead?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It could be , but I use a defined variable here as there have been edge cases with other projects that created problems. To avoid conflicts, went this route, if you wish I can adjust.

- name: adding version
run: |
NUMERIC_VERSION=$( echo ${{ env.GIT_TAG }} | sed 's/[^0-9.]//g' )
echo "VERSION=$NUMERIC_VERSION" >> $GITHUB_ENV

- name: Cleaning repo
run: cargo clean
- name: Building for amd64
run: cargo build --release
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reviewer note: The concurrent feature flag is enabled in the Cargo.toml. So this should be enough as is.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Removed the clean, note as I am using the standalone I always want to make sure that the node cleans the repo, but as long as it is not on a self hosted runner, this is just an extra step.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, the comment was not about the clean, I was just leaving a comment for reference, explaining why we don't need a --features flag in here.


- name: create packaging subdir
run: mkdir -p packaging/deb/miden-node/DEBIAN

- name: making directory for binary
run: mkdir -p packaging/deb/miden-node/usr/bin

- name: create systemd location
run: mkdir -p packaging/deb/miden-node/lib/systemd/system

- name: copy the miden-node service file
run: cp packaging/miden-node.service packaging/deb/miden-node/lib/systemd/system/

- name: make directory for example configs
run: mkdir -p packaging/deb/miden-node/etc/miden

- name: copy the miden-node.toml file
run: cp node/miden.toml packaging/deb/miden-node/etc/miden/

- name: copy over the postinst
run: cp packaging/postinst packaging/deb/miden-node/DEBIAN/postinst

- name: copy over the postrm
run: cp packaging/postrm packaging/deb/miden-node/DEBIAN/postrm

- name: copying over the build
run: cp -rp target/release/miden-node packaging/deb/miden-node/usr/bin/

########### Control file creation for amd64 ##########
- name: create control file
run: |
touch packaging/deb/miden-node/DEBIAN/control
echo "Package: miden-node" >> packaging/deb/miden-node/DEBIAN/control
echo "Version: ${{ env.VERSION }}" >> packaging/deb/miden-node/DEBIAN/control
echo "Section: base" >> packaging/deb/miden-node/DEBIAN/control
echo "Priority: optional" >> packaging/deb/miden-node/DEBIAN/control
echo "Architecture: amd64" >> packaging/deb/miden-node/DEBIAN/control
echo "Maintainer: [email protected]" >> packaging/deb/miden-node/DEBIAN/control
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The format here seems incomplete ref:

The package maintainer’s name and email address. The name must come first, then the email address inside angle brackets <> (in RFC822 format).

It should be Polygon Devops <[email protected]>

echo "Description: miden-node binary package" >> packaging/deb/miden-node/DEBIAN/control
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We could also add:

echo "Homepage: https://polygon.technology/polygon-miden" >> packaging/deb/miden-node/DEBIAN/control
echo "Vcs-Git: [email protected]:0xPolygonMiden/miden-node.git" >> packaging/deb/miden-node/DEBIAN/control
echo "Vcs-Browser: https://github.com/0xPolygonMiden/miden-node" >> packaging/deb/miden-node/DEBIAN/control

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

added


- name: Creating package for binary for miden-node ${{ env.ARCH }}
run: cp -rp packaging/deb/miden-node packaging/deb/miden-node-${{ env.GIT_TAG }}-${{ env.ARCH }}
env:
ARCH: amd64

- name: Running package build
run: dpkg-deb --build --root-owner-group packaging/deb/miden-node-${{ env.GIT_TAG }}-${{ env.ARCH }}
env:
ARCH: amd64

- name: shasum the package
run: cd packaging/deb/ && sha256sum miden-node-${{ env.GIT_TAG }}-${{ env.ARCH }}.deb > miden-node-${{ env.GIT_TAG }}-${{ env.ARCH }}.deb.checksum
env:
ARCH: amd64

- name: release miden-node Packages
uses: softprops/action-gh-release@v1
with:
tag_name: ${{ env.GIT_TAG }}
prerelease: true
files: |
packaging/deb/miden-node**.deb
packaging/deb/miden-node**.deb.checksum
23 changes: 23 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -91,5 +91,28 @@ Please, refer to each component's documentation:

Each directory containing the executables also contains an example configuration file. Make sure that the configuration files are mutually consistent. That is, make sure that the URLs are valid and point to the right endpoint.


### Debian Packages

The debian packages allow for easy install for miden on debian based systems. Note that there are checksums available for the package.
Current support is for amd64, arm64 support coming soon.

To install the debian package:
```sh
sudo dpkg -i $package_name.deb
```
Note, when using the debian package to run the `make-genesis` function, you should define the location of your output:
```sh
miden-node make-genesis -i $input_location_for_gensis.toml -o $output_for_gensis.dat_and_accounts
```
The debian package has a checksum, you can verify this checksum by download the debian package and checksum file to the same directory and running the following command:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

potential typo: should "download" be "downloading"?

Also, should we say where the package and checksum can be downloaded from?

```sh
sha256sum --check $checksumfile
```
Please make sure you have the sha256sum program installed, for most linux operating systems this is already installed. If you wish to installe it on your macOS, you can use brew:
```sh
brew install coreutils
```

## License
This project is [MIT licensed](./LICENSE).
18 changes: 18 additions & 0 deletions packaging/genesis.toml
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
# This is an example genesis input file for the Miden node.
version = 1
timestamp = 1672531200

[[accounts]]
type = "BasicWallet"
init_seed = "0xa123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
auth_scheme = "RpoFalcon512"
auth_seed = "0xb123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"

[[accounts]]
type = "BasicFungibleFaucet"
init_seed = "0xc123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
auth_scheme = "RpoFalcon512"
auth_seed = "0xd123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"
token_symbol = "POL"
decimals = 12
max_supply = 1000000
15 changes: 15 additions & 0 deletions packaging/miden-node.service
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
[Unit]
Description=Miden node
Wants=network-online.target

[Install]
WantedBy=multi-user.target

[Service]
Type=exec
Environment="RUST_LOG=info"
ExecStart=miden-node start --config /etc/miden/miden.toml
WorkingDirectory=/opt/miden
User=miden
RestartSec=5
Restart=always
18 changes: 18 additions & 0 deletions packaging/miden.toml
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
# This is an example configuration file for the Miden node.

[block_producer]
# port defined as: sum(ord(c)**p for (p, c) in enumerate('miden-block-producer', 1)) % 2**16
endpoint = { host = "localhost", port = 48046 }
store_url = "http://localhost:28943"

[rpc]
# port defined as: sum(ord(c)**p for (p, c) in enumerate('miden-rpc', 1)) % 2**16
endpoint = { host = "localhost", port = 57291 }
block_producer_url = "http://localhost:48046"
store_url = "http://localhost:28943"

[store]
# port defined as: sum(ord(c)**p for (p, c) in enumerate('miden-store', 1)) % 2**16
endpoint = { host = "localhost", port = 28943 }
database_filepath = "/opt/miden/miden-store.sqlite3"
genesis_filepath = "/opt/miden/genesis.dat"
11 changes: 11 additions & 0 deletions packaging/postinst
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
# This is a postinstallation script so the service can be configured and started when requested
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems to be missing the hashbang.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It will invoke, adding in a commit to address this.

#
sudo adduser --disabled-password --disabled-login --shell /usr/sbin/nologin --quiet --system --no-create-home --home /nonexistent miden
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The options --disabled-password and --disable-login seem to conflict with one another ref:

--disabled-login
    Do not run passwd to set the password. The user won't be able to use her account until the password is set.
--disabled-password
    Like --disabled-login, but logins are still possible (for example using SSH RSA keys) but not using password authentication.

Shouldn't this use --disabled-login only?

Copy link
Contributor

@hackaugusto hackaugusto Apr 11, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We could also add GECOS here --gecos Miden

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

--no-create-home should make --home /nonexistent unecessary:

--home DIR
    Use DIR as the user's home directory, rather than the default specified by the configuration file. If the directory does not exist, it is created and skeleton files are copied.
...
--no-create-home
    Do not create the home directory, even if it doesn't exist.

if [ -d "/opt/miden" ]
then
echo "Directory /opt/miden exists."
else
mkdir -p /opt/miden
sudo chown -R miden /opt/miden
fi
sudo systemctl daemon-reload
8 changes: 8 additions & 0 deletions packaging/postrm
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
#!/bin/bash
#
###############
# Remove bor installs
##############
sudo rm -rf /lib/systemd/system/miden-node.service
sudo deluser miden
sudo systemctl daemon-reload
Loading