safe_vault 0.20.2

Implementation of the 'Vault' node for the SAFE Network.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201

# Push to master workflow.
#
# Runs when a PR has been merged to the master branch.
#
# 1. Generates a release build.
# 2. If the last commit is a version change, publish.

name: Master

on:
  push:
    branches:
      - master

env:
  RUST_BACKTRACE: 1

jobs:
  build:
    name: Build
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
        os: [ubuntu-latest, windows-latest, macOS-latest]
        include:
          - os: ubuntu-latest
            build-script: make musl
            target: x86_64-unknown-linux-musl
          - os: windows-latest
            build-script: make build
            target: x86_64-pc-windows-gnu
          - os: macOS-latest
            build-script: make build
            target: x86_64-apple-darwin
    steps:
      - uses: actions/checkout@v1
      # TODO: Measure if any speedup from caching (no Cargo.lock, so always reuse cache)
      - uses: actions-rs/toolchain@v1
        with:
          profile: minimal
          toolchain: stable
          override: true
      - shell: bash
        run: ${{ matrix.build-script }}
      - uses: actions/upload-artifact@master
        with:
          name: safe_vault-${{ matrix.target }}-prod
          path: artifacts

  # Unfortunately, for artifact retrieval, there's not really a way to avoid having this huge list of
  # 'download-artifact' actions. We could perhaps implement our own 'retrieve all build artifacts'
  # action.
  deploy:
    name: Deploy
    runs-on: ubuntu-latest
    needs: build
    env:
      AWS_ACCESS_KEY_ID: AKIAVVODCRMSJ5MV63VB
      AWS_SECRET_ACCESS_KEY: ${{ secrets.DEPLOY_USER_SECRET_ACCESS_KEY }}
      AWS_DEFAULT_REGION: eu-west-2
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    steps:
      # Checkout and get all the artifacts built in the previous jobs.
      - uses: actions/checkout@v1
      - uses: actions/download-artifact@master
        with:
          name: safe_vault-x86_64-pc-windows-gnu-prod
          path: artifacts/prod/x86_64-pc-windows-gnu/release
      - uses: actions/download-artifact@master
        with:
          name: safe_vault-x86_64-unknown-linux-musl-prod
          path: artifacts/prod/x86_64-unknown-linux-musl/release
      - uses: actions/download-artifact@master
        with:
          name: safe_vault-x86_64-apple-darwin-prod
          path: artifacts/prod/x86_64-apple-darwin/release

      # Get information for the release.
      - shell: bash
        id: commit_message
        run: |
          commit_message=$(git log --format=%B -n 1 ${{ github.sha }})
          echo "::set-output name=commit_message::$commit_message"
      - shell: bash
        id: versioning
        run: |
          version=$(grep "^version" < Cargo.toml | head -n 1 | awk '{ print $3 }' | sed 's/\"//g')
          echo "::set-output name=version::$version"

      # Create `deploy` directory and put the artifacts into tar/zip archives for deployment with the release.
      - name: chmod
        shell: bash
        run: chmod -R +x artifacts/prod
      - shell: bash
        run: make package-commit_hash-artifacts-for-deploy
        if: "!startsWith(steps.commit_message.outputs.commit_message, 'Version change')"
      - shell: bash
        run: make package-version-artifacts-for-deploy
        if: startsWith(steps.commit_message.outputs.commit_message, 'Version change')
      # Get release description (requires generated archives)
      - shell: bash
        id: release_description
        run: |
          description=$(./scripts/get_release_description.sh ${{ steps.versioning.outputs.version }})
          description="${description//'%'/'%25'}"
          description="${description//$'\n'/'%0A'}"
          description="${description//$'\r'/'%0D'}"
          echo "::set-output name=description::$description"
        if: startsWith(steps.commit_message.outputs.commit_message, 'Version change')

      # Upload all the release archives to S3
      - uses: actions/aws/cli@master
        with:
          args: s3 sync deploy/prod s3://safe-vault --acl public-read

      # Create the release and attach safe_vault archives as assets.
      - uses: csexton/create-release@add-body
        id: create_release
        with:
          tag_name: ${{ steps.versioning.outputs.version }}
          release_name: safe_vault
          draft: false
          prerelease: false
          body: ${{ steps.release_description.outputs.description }}
        if: startsWith(steps.commit_message.outputs.commit_message, 'Version change')
      # Upload zip files
      - uses: actions/upload-release-asset@v1.0.1
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: deploy/prod/safe_vault-${{ steps.versioning.outputs.version }}-x86_64-unknown-linux-musl.zip
          asset_name: safe_vault-${{ steps.versioning.outputs.version }}-x86_64-unknown-linux-musl.zip
          asset_content_type: application/zip
        if: startsWith(steps.commit_message.outputs.commit_message, 'Version change')
      - uses: actions/upload-release-asset@v1.0.1
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: deploy/prod/safe_vault-${{ steps.versioning.outputs.version }}-x86_64-pc-windows-gnu.zip
          asset_name: safe_vault-${{ steps.versioning.outputs.version }}-x86_64-pc-windows-gnu.zip
          asset_content_type: application/zip
        if: startsWith(steps.commit_message.outputs.commit_message, 'Version change')
      - uses: actions/upload-release-asset@v1.0.1
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: deploy/prod/safe_vault-${{ steps.versioning.outputs.version }}-x86_64-apple-darwin.zip
          asset_name: safe_vault-${{ steps.versioning.outputs.version }}-x86_64-apple-darwin.zip
          asset_content_type: application/zip
        if: startsWith(steps.commit_message.outputs.commit_message, 'Version change')
      # Upload tar files
      - uses: actions/upload-release-asset@v1.0.1
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: deploy/prod/safe_vault-${{ steps.versioning.outputs.version }}-x86_64-unknown-linux-musl.tar.gz
          asset_name: safe_vault-${{ steps.versioning.outputs.version }}-x86_64-unknown-linux-musl.tar.gz
          asset_content_type: application/zip
        if: startsWith(steps.commit_message.outputs.commit_message, 'Version change')
      - uses: actions/upload-release-asset@v1.0.1
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: deploy/prod/safe_vault-${{ steps.versioning.outputs.version }}-x86_64-pc-windows-gnu.tar.gz
          asset_name: safe_vault-${{ steps.versioning.outputs.version }}-x86_64-pc-windows-gnu.tar.gz
          asset_content_type: application/zip
        if: startsWith(steps.commit_message.outputs.commit_message, 'Version change')
      - uses: actions/upload-release-asset@v1.0.1
        with:
          upload_url: ${{ steps.create_release.outputs.upload_url }}
          asset_path: deploy/prod/safe_vault-${{ steps.versioning.outputs.version }}-x86_64-apple-darwin.tar.gz
          asset_name: safe_vault-${{ steps.versioning.outputs.version }}-x86_64-apple-darwin.tar.gz
          asset_content_type: application/zip
        if: startsWith(steps.commit_message.outputs.commit_message, 'Version change')

  publish:
    name: Publish
    needs: deploy
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v1
      # Is this a version change commit?
      - shell: bash
        id: commit_message
        run: |
          commit_message=$(git log --format=%B -n 1 ${{ github.sha }})
          echo "::set-output name=commit_message::$commit_message"
      - uses: actions-rs/toolchain@v1
        with:
          profile: minimal
          toolchain: stable
          override: true
        if: startsWith(steps.commit_message.outputs.commit_message, 'Version change')
      - uses: actions-rs/cargo@v1
        with:
          command: login
          args: ${{ secrets.CRATES_IO_TOKEN }}
        if: startsWith(steps.commit_message.outputs.commit_message, 'Version change')
      - uses: actions-rs/cargo@v1
        with:
          command: package
        if: startsWith(steps.commit_message.outputs.commit_message, 'Version change')
      - uses: actions-rs/cargo@v1
        with:
          command: publish
        if: startsWith(steps.commit_message.outputs.commit_message, 'Version change')