Don't delete Cargo.lock. We check in the lockfile for binaries but not for libraries.

OK. My bad - could you explain why?

Don't add extra lines.

I thought there was a failure due to a lack of carriage return in another Cargo.lock file. I'll trim to just one

Shouldn't the Cargo.lock be removed from .gitignore ??

@haraldh Yes, probably.

This appears to only be used for certificate generation. However, warp (above) pulls in the rustls crypto chain. I'd prefer not to have two dependencies that do the same thing. So let's avoid using openssl for now.

I thought we wanted to be using openssl for FIPS futures? The main reason, however, is that I struggled to find instructions for how to generate certificates - the only way I managed to make it work was with openssl. Happy to be given pointers...

@MikeCamel warp only currently supports the rustls stack. So while FIPS is definitely a future concern, my more immediate concern is the size bloat of having two separate crypto stacks.

As far as certificate generation... there doesn't seem to be a lot of options. The rustls stack uses webpki which only provides validation. The x509-parser project only appears to deserialize the structures.

I see a couple options:

1. Accept multiple crypto stacks. I don't love this option.

2. Use an http framework that supports openssl. There don't seem to be any. One potential route would be to use hyper directly via hyper-tls. However, hyper-tls currently only supports the client side. So we'd have to patch it to support the server side.

Thoughts? @ueno Your input is valued here.

3. We could create an X.509 template as bytes that we serialize just key data into. This is lightweight and avoids another crypto library.

reqwest appears only to be used bin a test binary. The test binary should be built as a test and then this can become a dev-dependency rather than forcing it to be used for all builds.

It is, yes. Where can I find information on how to do all of this? Agree that it should be changed: are there docs on best practices anywhere?

https://doc.rust-lang.org/rust-by-example/testing.html

You probably want integration tests. But unit tests are also valuable.

This should be a test rather than a separate binary.

Question: are tests supposed to be stand-alone (to be run by humans) or integrated (to be auto-run)? I've been doing only the former, so that we can do PoCs - if creating tests copes with both of these cases, I'm cool.

We always want automated tests. Developers can run them with a simple cargo test. But they also get automatically integrated into our CI.

I think the flow of this function is wrong. If I'm reading it correctly, it won't respond to the client until the wasm code has finished running.

I was designing for the single-threaded case, where this is appropriate, I think (though the Result string isn't helpful). That said, I'm not sure that the main code will work single-threaded. This may be beyond my ken - I'll have a look and see if I can work it out.

It is still wrong even in the single threaded case.

We basically want one set of APIs for adding wasm modules to the Keep and another API to start execution. Adding a module to the keep should parse the modules and make sure they are valid before returning OK. OTOH, the go() API should immediately return OK, tear down all further (external) communication and then start wasm execution.

Only generate.

Excellent! I'll remove all of these. Didn't like them, but thought I'd leave them in for safety.

Drop this function.

Done.

Drop this function.

Done.

Use something other than openssl in this function.

(We already have a crypto stack via warp.)

See comment above.