feat: tari crates (#6)

* feat: add tari crates to top-crates Adds a list of additional crates to install in the docker image for the rust compiler. * feat: add tari dependencies to docker To run docker, we need some additional packages to be installed in the Linux OS, incl protobuf, and sqlite. Customise the security notice for Tari. Add a README for the compiler * fix: modify gha workflows for tari context Editied workflows directly. CI will build everything when tagged with an image or if the 'build' label is applied (nice for testing). Don't run `ci/generate` since this will overwrite changes. I haven't updated that utility yet. * fix: add working tari crates Added tari crates that are able to be published / are up to date The rest are not yet on crates.io or are too old to be used. * fix: target branch for prs should be master
tari-project · Jan 16, 2024 · 04530ee · 04530ee
1 parent dfe21e3
commit 04530ee
Show file tree

Hide file tree

Showing 12 changed files with 822 additions and 340 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -3,15 +3,16 @@
 name: Validate everything
 'on':
   push:
+    tags:
+      - 'v[0-9]+.[0-9]+.[0-9]*'
   pull_request_target:
     types:
     - labeled
     branches:
-    - main
+    - master
 env:
-  DOCKER_HUB_USERNAME: shepmaster
-  GH_CONTAINER_REGISTRY_USERNAME: shepmaster
-  AWS_ACCESS_KEY_ID: AKIAWESVHZ3JQAY5NM5K
+  GH_CONTAINER_REGISTRY_USERNAME: CjS77
+  AWS_ACCESS_KEY_ID: AKIAnnnnnnnnnnnn
 jobs:
   build_compiler_containers:
     name: Build ${{ matrix.channel }} compiler container
@@ -22,9 +23,9 @@ jobs:
         - stable
         - beta
         - nightly
-    if: 'github.event_name == ''push'' || contains(github.event.pull_request.labels.*.name, ''CI: approved'')'
+    if: 'github.event_name == ''push'' || contains(github.event.pull_request.labels.*.name, ''build'')'
     env:
-      IMAGE_NAME: ghcr.io/integer32llc/rust-playground-ci-rust-${{ matrix.channel }}
+      IMAGE_NAME: ghcr.io/tari-project/rust-playground-ci-rust-${{ matrix.channel }}
     steps:
     - name: Checkout code
       uses: actions/checkout@v3
@@ -53,7 +54,7 @@ jobs:
   build_backend:
     name: Build backend
     runs-on: ubuntu-latest
-    if: 'github.event_name == ''push'' || contains(github.event.pull_request.labels.*.name, ''CI: approved'')'
+    if: 'github.event_name == ''push'' || contains(github.event.pull_request.labels.*.name, ''build'')'
     steps:
     - name: Checkout code
       uses: actions/checkout@v3
@@ -82,7 +83,7 @@ jobs:
   build_frontend:
     name: Build frontend
     runs-on: ubuntu-latest
-    if: 'github.event_name == ''push'' || contains(github.event.pull_request.labels.*.name, ''CI: approved'')'
+    if: 'github.event_name == ''push'' || contains(github.event.pull_request.labels.*.name, ''build'')'
     steps:
     - name: Checkout code
       uses: actions/checkout@v3
@@ -130,7 +131,7 @@ jobs:
   run_integration_tests:
     name: Running integration tests
     runs-on: ubuntu-latest
-    if: 'github.event_name == ''push'' || contains(github.event.pull_request.labels.*.name, ''CI: approved'')'
+    if: 'github.event_name == ''push'' || contains(github.event.pull_request.labels.*.name, ''build'')'
     needs:
     - build_compiler_containers
     - build_backend
@@ -159,13 +160,13 @@ jobs:
         bundle config path vendor/bundle
         bundle install --jobs 4 --retry 3
     - name: Pull containers
-      run: echo ghcr.io/integer32llc/rust-playground-ci-rust-{stable,beta,nightly}:${{ github.run_id }} | xargs -n1 docker pull
+      run: echo ghcr.io/tari-project/rust-playground-ci-rust-{stable,beta,nightly}:${{ github.run_id }} | xargs -n1 docker pull
     - name: Rename containers
       run: |-
         for c in stable beta nightly; do
-          docker tag ghcr.io/integer32llc/rust-playground-ci-rust-$c:${{ github.run_id }} ghcr.io/integer32llc/rust-playground-ci-rust-$c
-          docker tag ghcr.io/integer32llc/rust-playground-ci-rust-$c:${{ github.run_id }} shepmaster/rust-$c
-          docker tag ghcr.io/integer32llc/rust-playground-ci-rust-$c:${{ github.run_id }} rust-$c
+          docker tag ghcr.io/tari-project/rust-playground-ci-rust-$c:${{ github.run_id }} ghcr.io/tari-project/rust-playground-ci-rust-$c
+          docker tag ghcr.io/tari-project/rust-playground-ci-rust-$c:${{ github.run_id }} tari-project/rust-$c
+          docker tag ghcr.io/tari-project/rust-playground-ci-rust-$c:${{ github.run_id }} rust-$c
         done
     - name: Download backend
       uses: actions/download-artifact@v3
@@ -215,25 +216,20 @@ jobs:
         registry: ghcr.io
         username: "${{ env.GH_CONTAINER_REGISTRY_USERNAME }}"
         password: "${{ secrets.GH_CONTAINER_REGISTRY_TOKEN }}"
-    - name: Login to Docker Hub
-      uses: docker/login-action@v2
-      with:
-        username: "${{ env.DOCKER_HUB_USERNAME }}"
-        password: "${{ secrets.DOCKER_HUB_TOKEN }}"
     - name: Pull containers
-      run: echo ghcr.io/integer32llc/rust-playground-ci-rust-{stable,beta,nightly}:${{ github.run_id }} | xargs -n1 docker pull
+      run: echo ghcr.io/tari-project/rust-playground-ci-rust-{stable,beta,nightly}:${{ github.run_id }} | xargs -n1 docker pull
     - name: Rename containers
       run: |-
         for c in stable beta nightly; do
-          docker tag ghcr.io/integer32llc/rust-playground-ci-rust-$c:${{ github.run_id }} ghcr.io/integer32llc/rust-playground-ci-rust-$c
-          docker tag ghcr.io/integer32llc/rust-playground-ci-rust-$c:${{ github.run_id }} shepmaster/rust-$c
-          docker tag ghcr.io/integer32llc/rust-playground-ci-rust-$c:${{ github.run_id }} rust-$c
+          docker tag ghcr.io/tari-project/rust-playground-ci-rust-$c:${{ github.run_id }} ghcr.io/tari-project/rust-playground-ci-rust-$c
+          docker tag ghcr.io/tari-project/rust-playground-ci-rust-$c:${{ github.run_id }} tari-project/rust-$c
+          docker tag ghcr.io/tari-project/rust-playground-ci-rust-$c:${{ github.run_id }} rust-$c
         done
     - name: Push containers
       run: |-
         for c in stable beta nightly; do
-          docker push ghcr.io/integer32llc/rust-playground-ci-rust-$c
-          docker push shepmaster/rust-$c
+          docker push ghcr.io/tari-project/rust-playground-ci-rust-$c
+          docker push tari-project/rust-$c
         done
     - name: Download backend
       uses: actions/download-artifact@v3

diff --git a/.github/workflows/cron.yml b/.github/workflows/cron.yml
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1 @@
+target
diff --git a/compiler/README.md b/compiler/README.md
@@ -0,0 +1,63 @@
+# Rustpen sandbox
+
+The Rustpen sandox is a docker image that is used to compile and run rust code in a safe environment.
+The `dockerfile` manifest builds the following components:
+
+* toolchain: Rust compiler. By default, `nightly` is installed, but you can set the `channel` arg to change this.
+* bare sources: Built on `toolchain`, this layer initializes a Rust project using the `Cargo-docker.toml` as a 
+  template for the manifest. `cargo fetch` downloads all dependencies and caches them in this layer. 
+  `Cargo-docker.toml` is auto-generated and lists all the dependencies that are available in the sandbox. This list 
+  is updated by running the `tari-deps` binary. `crate-information.json` is also auto-generated and is returned in 
+  the `/meta/crates` endpoint. It contains information about all the crates that are available in the sandbox. 
+* munge: This layer is built on `bare sources` and builds the `modify-cargo-toml` binary.
+* chef-available: install cargo chef
+* prepare-orchestrator: This layer is built on `chef-available` runs `cargo chef prepare` on the source code of 
+  `asm-cleanup`, `modify-cargo-toml` and `orchestrator`.
+* build-orchestrator: uses the recipe created in `prepare-orchestrator` to build the `orchestrator` dependencies, 
+  and builds _and installs_ the orchestrator binary.
+* sources: Built from `bare sources`, copies the `modify-cargo-toml` binary from `munge` and the orchestrator binary 
+  (`.cargo/bin/worker`) into `.cargo/bin`.
+* The final image is built on `sources` and runs `cargo build` and `cargo build --release` so that the dependencies 
+  are pre-built. 
+
+What's left is essentially a Rust build environment with all the crates that Tari depends on pre-built and cached.
+
+## Running code
+
+To run code in this environment, we need to do the following:
+* Mount our `main.rs` as a volume into the appropriate build container (nightly, stable).
+* Modify the Cargo.toml file (via `modify-cargo-toml`).
+* Compile the code using `cargo build --{mode}`, where `mode` is "release" or "debug".
+* Capture the output (and/or build log) by redirecting `stdout` and `stderr` to a file.
+* Return the output to the user by mounting the output as a volume.
+
+This is done by the `sandbox` module in the api folder. 
+
+# Troubleshooting
+                 
+## Permission issues when building docker image (Ubuntu)
+```
+ Step 15/51 : RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --profile minimal --default-toolchain "${channel}"
+ ---> Running in 1b2d3354f741
+info: downloading installer
+error: could not create bin directory: '/playground/.cargo/bin': Permission denied (os error 13)
+```
+
+### Solution
+
+You're running the wrong docker version.
+
+1. First, [completely remove docker](https://www.golinuxcloud.com/ubuntu-uninstall-docker/)
+2. Then [install the official docker package](https://docs.docker.com/engine/install/ubuntu/).
+
+## Cannot run docker as user
+
+```
+docker build .
+ERROR: permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/_ping": dial unix /var/run/docker.sock: connect: permission denied
+```
+
+### Solution
+
+Docker is not configured to run as a non-root user. 
+Follow the instructions [here](https://docs.docker.com/engine/install/linux-postinstall/) to configure docker to run as a non-root user.