Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding amd64 debian packager, checksums, README updates. #312

Merged
merged 6 commits into from
Apr 12, 2024

Conversation

djpolygon
Copy link
Collaborator

Adding debian packager for amd64

Checksum function for package

Updated Readme.md for packages and checksum

Added packager directory, contains postinst, postrm, and cloned copy of the toml files for miden. Note, these are just place holders and they should be adjusted.

Created service file.

Tested on Ubuntu 22

@djpolygon djpolygon changed the base branch from main to next April 10, 2024 17:54
@djpolygon djpolygon changed the base branch from next to main April 10, 2024 17:54
@bobbinth bobbinth requested a review from hackaugusto April 10, 2024 18:26
@bobbinth
Copy link
Contributor

Once merged, this will supersede #265, I believe.

@djpolygon
Copy link
Collaborator Author

@bobbinth correct. I forgot to mention in the PR.

Copy link
Contributor

@hackaugusto hackaugusto left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I left some comments, but they are mostly nits and I don't think this PR needs to be blocked because of them. Any necessary changes can be done on follow ups.

- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tried git clone --depth=0 and got this error:

fatal: depth 0 is not a positive number

Shouldn't this be a 1?

Copy link
Collaborator Author

@djpolygon djpolygon Apr 11, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can adjust to 1, this is the fetch-depth we use with other versions of this same process. If you would like can adjust, let me know.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If it works then all good :) I assumed the CI would fail like it does locally

- 'main'
- 'next'
paths:
- '**'
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What are the exact semantics here? The docs are not that clear.

What if I have a commit git commit --allow-empty, will this trigger? Or more importantly, when a tag is pushed by itself?
What is the difference no not having this option?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It triggers when any commit is pushed with a tag and captures all paths, including the . directories such as the .github for adding to the work flow.

fetch-depth: 0
##### TAG Variable #####
- name: Adding TAG to ENV
run: echo "GIT_TAG=`echo $(git describe --tags --abbrev=0)`" >> $GITHUB_ENV
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can't GITHUB_REF be used instead?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It could be , but I use a defined variable here as there have been edge cases with other projects that created problems. To avoid conflicts, went this route, if you wish I can adjust.

@@ -0,0 +1,11 @@
# This is a postinstallation script so the service can be configured and started when requested
#
sudo adduser --disabled-password --disabled-login --shell /usr/sbin/nologin --quiet --system --no-create-home --home /nonexistent miden
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The options --disabled-password and --disable-login seem to conflict with one another ref:

--disabled-login
    Do not run passwd to set the password. The user won't be able to use her account until the password is set.
--disabled-password
    Like --disabled-login, but logins are still possible (for example using SSH RSA keys) but not using password authentication.

Shouldn't this use --disabled-login only?

Copy link
Contributor

@hackaugusto hackaugusto Apr 11, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We could also add GECOS here --gecos Miden

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

--no-create-home should make --home /nonexistent unecessary:

--home DIR
    Use DIR as the user's home directory, rather than the default specified by the configuration file. If the directory does not exist, it is created and skeleton files are copied.
...
--no-create-home
    Do not create the home directory, even if it doesn't exist.

@@ -0,0 +1,11 @@
# This is a postinstallation script so the service can be configured and started when requested
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems to be missing the hashbang.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It will invoke, adding in a commit to address this.

push:
branches:
- 'main'
- 'next'
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

next is the development/integration branch. I think we should release only from main.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Removed next

echo "Priority: optional" >> packaging/deb/miden-node/DEBIAN/control
echo "Architecture: amd64" >> packaging/deb/miden-node/DEBIAN/control
echo "Maintainer: [email protected]" >> packaging/deb/miden-node/DEBIAN/control
echo "Description: miden-node binary package" >> packaging/deb/miden-node/DEBIAN/control
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We could also add:

echo "Homepage: https://polygon.technology/polygon-miden" >> packaging/deb/miden-node/DEBIAN/control
echo "Vcs-Git: [email protected]:0xPolygonMiden/miden-node.git" >> packaging/deb/miden-node/DEBIAN/control
echo "Vcs-Browser: https://github.com/0xPolygonMiden/miden-node" >> packaging/deb/miden-node/DEBIAN/control

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

added

- '**'
tags:
- 'v*.*.*'
- 'v*.*.*-*'
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure we need this option, we use semver. Is the intent here to use the -* to describe Debian's revision? I personally would avoid having a distro specific strategy here.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As this is building specifically debian packages, I included this. For RPM based building it will adjust accordingly as it is a separate builder.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can adjust to whatever is preferred versioning/tagging :)

- name: Cleaning repo
run: cargo clean
- name: Building for amd64
run: cargo build --release
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reviewer note: The concurrent feature flag is enabled in the Cargo.toml. So this should be enough as is.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Removed the clean, note as I am using the standalone I always want to make sure that the node cleans the repo, but as long as it is not on a self hosted runner, this is just an extra step.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, the comment was not about the clean, I was just leaving a comment for reference, explaining why we don't need a --features flag in here.

echo "Section: base" >> packaging/deb/miden-node/DEBIAN/control
echo "Priority: optional" >> packaging/deb/miden-node/DEBIAN/control
echo "Architecture: amd64" >> packaging/deb/miden-node/DEBIAN/control
echo "Maintainer: [email protected]" >> packaging/deb/miden-node/DEBIAN/control
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The format here seems incomplete ref:

The package maintainer’s name and email address. The name must come first, then the email address inside angle brackets <> (in RFC822 format).

It should be Polygon Devops <[email protected]>

Copy link
Contributor

@bobbinth bobbinth left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! Thank you for creating these! I left just one minor nit inline.

Also, a question for the future: we now have 2 copies of miden-node.toml and genesis.toml files. One set stored in packaging and another in miden-node directories. This means we'll need to keep them in sync as we change their formats. I wonder if there is a way to keep only one version of these files (either here or there).

I don't think we need to solve this in this PR though - so, just creating an issue so that we can figure out the right approach is fine for now.

```sh
miden-node make-genesis -i $input_location_for_gensis.toml -o $output_for_gensis.dat_and_accounts
```
The debian package has a checksum, you can verify this checksum by download the debian package and checksum file to the same directory and running the following command:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

potential typo: should "download" be "downloading"?

Also, should we say where the package and checksum can be downloaded from?

@bobbinth
Copy link
Contributor

Also, a question for the future: we now have 2 copies of miden-node.toml and genesis.toml files. One set stored in packaging and another in miden-node directories. This means we'll need to keep them in sync as we change their formats. I wonder if there is a way to keep only one version of these files (either here or there).

Created #318 for this.

@bobbinth bobbinth changed the base branch from main to next April 12, 2024 04:36
@bobbinth bobbinth changed the base branch from next to main April 12, 2024 04:37
@bobbinth bobbinth merged commit 8e36138 into main Apr 12, 2024
4 checks passed
@bobbinth bobbinth deleted the djpolygon/DEVOPS-2685 branch April 12, 2024 04:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants