commit af4dbb0244f198b7c15962682a66e2d376b35c54 parent 24053f81ef7e7345999ba2a5d91c921ffccf6e39 Author: Antoine A <> Date: Sat, 8 Feb 2025 15:00:39 +0100 magnet-bank: debian packages and integration in CI Diffstat:
24 files changed, 285 insertions(+), 39 deletions(-)
diff --git a/.gitignore b/.gitignore @@ -1,5 +1,6 @@ .env -.build +.cargo +test-suite.log target dev.conf keys.json \ No newline at end of file diff --git a/Cargo.lock b/Cargo.lock @@ -304,9 +304,9 @@ checksum = "37b2a672a2cb129a2e41c10b1224bb368f9f37a2b16b612598138befd7b37eb5" [[package]] name = "cc" -version = "1.2.12" +version = "1.2.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "755717a7de9ec452bf7f3f1a3099085deabd7f2962b861dae91ecd7a365903d2" +checksum = "c7777341816418c02e033934a09f20dc0ccaf65a5201ef8a450ae0105a573fda" dependencies = [ "shlex", ] @@ -1594,9 +1594,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.20.2" +version = "1.20.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1261fe7e33c73b354eab43b1273a57c8f967d0391e80353e51f764ac02cf6775" +checksum = "945462a4b81e43c4e3ba96bd7b49d834c6f61198356aa858733bc4acf3cbe62e" [[package]] name = "oorandom" @@ -2518,7 +2518,7 @@ dependencies = [ [[package]] name = "taler-api" -version = "0.1.0" +version = "0.0.0" dependencies = [ "axum", "criterion", @@ -2542,7 +2542,7 @@ dependencies = [ [[package]] name = "taler-common" -version = "0.1.0" +version = "0.0.0" dependencies = [ "anyhow", "clap", @@ -2567,7 +2567,7 @@ dependencies = [ [[package]] name = "taler-magnet-bank" -version = "0.1.0" +version = "0.0.0" dependencies = [ "anyhow", "base64", @@ -2597,7 +2597,7 @@ dependencies = [ [[package]] name = "taler-test-utils" -version = "0.1.0" +version = "0.0.0" dependencies = [ "axum", "axum-test", diff --git a/Cargo.toml b/Cargo.toml @@ -7,6 +7,13 @@ members = [ "taler-magnet-bank", ] +[workspace.package] +edition = "2021" +authors = ["Taler Systems SA <deb@taler.net>"] +homepage = "https://taler.net/" +repository = "https://git.taler.net/taler-rust.git" +license-file = "COPYING" + [profile.dev] debug = true @@ -30,4 +37,4 @@ tempfile = "3.15" taler-common = { path = "common/taler-common" } taler-api = { path = "common/taler-api" } taler-test-utils = { path = "common/taler-test-utils" } -anyhow = "1" -\ No newline at end of file +anyhow = "1" diff --git a/Makefile b/Makefile @@ -1,5 +1,3 @@ -GIT_HASH=$(git rev-parse --short HEAD) - all: build .PHONY: build @@ -12,4 +10,12 @@ check: .PHONY: doc doc: - cargo doc -\ No newline at end of file + cargo doc + +.PHONY: deb +deb: + cargo deb -p taler-magnet-bank --deb-version ${VERSION} + +.PHONY: ci +ci: + contrib/ci/run-all-jobs.sh +\ No newline at end of file diff --git a/common/taler-api/Cargo.toml b/common/taler-api/Cargo.toml @@ -1,7 +1,11 @@ [package] name = "taler-api" -version = "0.1.0" -edition = "2021" +version = "0.0.0" +edition.workspace = true +authors.workspace = true +homepage.workspace = true +repository.workspace = true +license-file.workspace = true [dependencies] listenfd = "1.0.0" diff --git a/common/taler-common/Cargo.toml b/common/taler-common/Cargo.toml @@ -1,7 +1,11 @@ [package] name = "taler-common" -version = "0.1.0" -edition = "2021" +version = "0.0.0" +edition.workspace = true +authors.workspace = true +homepage.workspace = true +repository.workspace = true +license-file.workspace = true [dependencies] serde_with = "3.11.0" diff --git a/common/taler-test-utils/Cargo.toml b/common/taler-test-utils/Cargo.toml @@ -1,7 +1,11 @@ [package] name = "taler-test-utils" -version = "0.1.0" -edition = "2021" +version = "0.0.0" +edition.workspace = true +authors.workspace = true +homepage.workspace = true +repository.workspace = true +license-file.workspace = true [dependencies] axum-test = "17.0" diff --git a/contrib/ci/Containerfile b/contrib/ci/Containerfile @@ -1,25 +1,19 @@ -FROM docker.io/library/debian:trixie +FROM docker.io/library/rust:bookworm ENV DEBIAN_FRONTEND=noninteractive # Persistent cargo cache -ENV CARGO_HOME=/workdir/.build/cargo +ENV CARGO_HOME=/workdir/.cargo -RUN apt-get update -yq && \ +# Clear cache when using a new version of rust +RUN rm -R /workdir/.build -f && \ + apt-get update -yq && \ apt-get upgrade -yq && \ apt-get install -yq \ - unzip \ - rustup \ + sudo \ make \ - po-debconf \ - build-essential \ libssl-dev \ pkg-config \ - debhelper-compat \ - devscripts \ - git-buildpackage \ - postgresql \ - sudo && \ - rustup default stable + postgresql WORKDIR /workdir diff --git a/contrib/ci/jobs/1-build/job.sh b/contrib/ci/jobs/1-build/job.sh @@ -3,7 +3,6 @@ set -exuo pipefail apt-get update -yq apt-get upgrade -yq -rustup upgrade job_dir=$(dirname "${BASH_SOURCE[0]}") diff --git a/contrib/ci/jobs/2-test/job.sh b/contrib/ci/jobs/2-test/job.sh @@ -3,7 +3,6 @@ set -exuo pipefail apt-get update -yq apt-get upgrade -yq -rustup upgrade job_dir=$(dirname "${BASH_SOURCE[0]}") diff --git a/contrib/ci/jobs/2-test/test.sh b/contrib/ci/jobs/2-test/test.sh @@ -1,7 +1,7 @@ #!/bin/bash set -evu -sudo -u postgres pg_ctlcluster 17 main start +sudo -u postgres pg_ctlcluster 15 main start sudo -u postgres createuser root --superuser sudo -u postgres createdb -O root taler_rust_check diff --git a/contrib/ci/jobs/3-deb/job.sh b/contrib/ci/jobs/3-deb/job.sh @@ -0,0 +1,24 @@ +#!/bin/bash +set -exuo pipefail + +job_dir=$(dirname "${BASH_SOURCE[0]}") + +# Update system +apt-get update -yq +apt-get upgrade -yq +cargo install cargo-deb + +# Build package +export GIT_HASH=$(git rev-parse --short HEAD) +export VERSION="$(./contrib/ci/version.sh)" +echo "Building package version ${VERSION}" +make deb + +# Test package +dpkg -i /workdir/target/debian/taler-magnet-bank*.deb +"${job_dir}"/test.sh + +# Move to artifact +ls -alh /workdir/target/debian/taler-magnet-bank*.deb +mkdir -p /artifacts/magnet-bank/${CI_COMMIT_REF} # Variable comes from CI environment +mv /workdir/target/debian/taler-magnet-bank*.deb /artifacts/magnet-bank/${CI_COMMIT_REF} +\ No newline at end of file diff --git a/contrib/ci/jobs/3-deb/test.sh b/contrib/ci/jobs/3-deb/test.sh @@ -0,0 +1,6 @@ +echo -e "\ntaler-magnet-bank version:" +taler-magnet-bank --version +echo -e "\ntaler-magnet-bank-httpd user:" +id taler-magnet-bank-httpd +echo -e "\ntaler-magnet-bank-worker user:" +id taler-magnet-bank-worker +\ No newline at end of file diff --git a/contrib/ci/jobs/4-deploy/config.ini b/contrib/ci/jobs/4-deploy/config.ini @@ -0,0 +1,6 @@ +[build] +HALT_ON_FAILURE = True +WARN_ON_FAILURE = True +CONTAINER_BUILD = False +CONTAINER_NAME = nixery.dev/shell/rsync +CONTAINER_ARCH = amd64 diff --git a/contrib/ci/jobs/4-deploy/job.sh b/contrib/ci/jobs/4-deploy/job.sh @@ -0,0 +1,14 @@ +#!/bin/bash +set -exuo pipefail + +ARTIFACT_PATH="/artifacts/magnet-bank/${CI_COMMIT_REF}/*.deb" + +RSYNC_HOST="taler.host.internal" +RSYNC_PORT=424242 +RSYNC_PATH="incoming_packages/bookworm-taler-ci/" +RSYNC_DEST="rsync://${RSYNC_HOST}/${RSYNC_PATH}" + + +rsync -vP \ + --port ${RSYNC_PORT} \ + ${ARTIFACT_PATH} ${RSYNC_DEST} diff --git a/contrib/ci/version.sh b/contrib/ci/version.sh @@ -0,0 +1,17 @@ +#!/bin/sh +set -ex + +BRANCH=$(git name-rev --name-only HEAD) +if [ -z "${BRANCH}" ]; then + exit 1 +else + # "Unshallow" our checkout, but only our current branch, and exclude the submodules. + git fetch --no-recurse-submodules --tags --depth=1000 origin "${BRANCH}" + RECENT_VERSION_TAG=$(git describe --tags --match 'v*.*.*' --exclude '*-dev*' --always --abbrev=0 HEAD || exit 1) + commits="$(git rev-list ${RECENT_VERSION_TAG}..HEAD --count)" + if [ "${commits}" = "0" ]; then + git describe --tag HEAD | sed -r 's/^v//' || exit 1 + else + echo $(echo ${RECENT_VERSION_TAG} | sed -r 's/^v//')-${commits}-$(git rev-parse --short=8 HEAD) + fi +fi diff --git a/debian/taler-magnet-bank.postinst b/debian/taler-magnet-bank.postinst @@ -0,0 +1,26 @@ + +MAGNET_HOME="/var/lib/taler-magnet-bank" + +# Group with access to our database +_DBGROUP=taler-magnet-bank-db + +# Different users for the different components +_HTTPDUSER=taler-magnet-bank-httpd +_WORKERUSER=taler-magnet-bank-worker + +if [ "$1" = "configure" ] ; then + # Create groups as needed + if ! getent group ${_DBGROUP} >/dev/null; then + addgroup --quiet --system ${_DBGROUP} + fi + + # Create users as needed + if ! getent passwd ${_HTTPDUSER} >/dev/null; then + adduser --quiet --system --no-create-home --ingroup ${_DBGROUP} --home ${MAGNET_HOME} ${_HTTPDUSER} + fi + if ! getent passwd ${_WORKERUSER} >/dev/null; then + adduser --quiet --system --no-create-home --ingroup ${_DBGROUP} --home ${MAGNET_HOME} ${_WORKERUSER} + fi +fi + +#DEBHELPER# +\ No newline at end of file diff --git a/debian/taler-magnet-bank.postrm b/debian/taler-magnet-bank.postrm @@ -0,0 +1,17 @@ + +# Group with access to our database +_DBGROUP=taler-magnet-bank-db + +# Different users for the different components +_HTTPDUSER=taler-magnet-bank-httpd +_WORKERUSER=taler-magnet-bank-worker + +if [ "$1" = "purge" ] ; then + # Remove users + deluser --quiet --system ${_HTTPDUSER} || true + deluser --quiet --system ${_WORKERUSER} || true + # Remove groups + delgroup --only-if-empty --quiet ${_DBGROUP} || true +fi + +#DEBHELPER# +\ No newline at end of file diff --git a/debian/taler-magnet-bank.taler-magnet-bank-httpd.service b/debian/taler-magnet-bank.taler-magnet-bank-httpd.service @@ -0,0 +1,35 @@ +[Unit] +Description=GNU Taler Magnet Bank adapter REST API +Requires=taler-magnet-bank-httpd.socket +After=network.target postgres.service +PartOf=taler-magnet-bank.target + +[Service] +User=taler-magnet-bank-httpd +Type=simple + +# Depending on the configuration, the service process kills itself and then +# needs to be restarted. Thus no significant delay on restarts. +Restart=always +RestartMode=direct +RestartSec=1ms +RestartPreventExitStatus=9 + +# Disable the service if more than 5 restarts are encountered within 5s. +# These are usually the systemd defaults, but can be overwritten, thus we set +# them here explicitly, as the exchange code assumes StartLimitInterval +# to be >=5s. +StartLimitBurst=5 +StartLimitInterval=5s + +ExecStart=/usr/bin/taler-magnet-bank serve -c /etc/taler-magnet-bank/taler-magnet-bank.conf +ExecCondition=/usr/bin/taler-magnet-bank serve -c /etc/taler-magnet-bank/taler-magnet-bank.conf --check +StandardOutput=journal +StandardError=journal +PrivateTmp=yes +PrivateDevices=yes +ProtectSystem=full +Slice=taler-magnet-bank.slice + +[Install] +WantedBy=multi-user.target diff --git a/debian/taler-magnet-bank.taler-magnet-bank-httpd.socket b/debian/taler-magnet-bank.taler-magnet-bank-httpd.socket @@ -0,0 +1,14 @@ +[Unit] +Description=GNU Taler Magnet Bank adapter socket +PartOf=taler-magnet-bank-httpd.service + +[Socket] +ListenStream=/run/taler-magnet-bank/httpd/magnet-bank-http.sock +Accept=no +Service=taler-magnet-bank-httpd.service +SocketUser=taler-magnet-bank-httpd +SocketGroup=www-data +SocketMode=0660 + +[Install] +WantedBy=sockets.target +\ No newline at end of file diff --git a/debian/taler-magnet-bank.taler-magnet-bank-worker.service b/debian/taler-magnet-bank.taler-magnet-bank-worker.service @@ -0,0 +1,33 @@ +[Unit] +Description=GNU Taler Magnet Bank adapter worker +After=network.target postgres.service +PartOf=taler-magnet-bank.target + +[Service] +User=taler-magnet-bank-worker +Type=simple + +# Depending on the configuration, the service process kills itself and then +# needs to be restarted. Thus no significant delay on restarts. +Restart=always +RestartMode=direct +RestartSec=1ms +RestartPreventExitStatus=9 + +# Disable the service if more than 5 restarts are encountered within 5s. +# These are usually the systemd defaults, but can be overwritten, thus we set +# them here explicitly, as the exchange code assumes StartLimitInterval +# to be >=5s. +StartLimitBurst=5 +StartLimitInterval=5s + +ExecStart=/usr/bin/taler-magnet-bank worker -c /etc/taler-magnet-bank/taler-magnet-bank.conf +StandardOutput=journal +StandardError=journal +PrivateTmp=yes +PrivateDevices=yes +ProtectSystem=full +Slice=taler-magnet-bank.slice + +[Install] +WantedBy=multi-user.target diff --git a/debian/taler-magnet-bank.taler-magnet-bank.slice b/debian/taler-magnet-bank.taler-magnet-bank.slice @@ -0,0 +1,3 @@ +[Unit] +Description=Slice for GNU Taler Magnet Bank adapter processes +Before=slices.target +\ No newline at end of file diff --git a/debian/taler-magnet-bank.taler-magnet-bank.target b/debian/taler-magnet-bank.taler-magnet-bank.target @@ -0,0 +1,9 @@ +[Unit] +Description=GNU Taler Magnet Bank adapter +After=postgres.service network.target + +Wants=taler-magnet-bank-httpd.service +Wants=taler-magnet-bank-worker.service + +[Install] +WantedBy=multi-user.target +\ No newline at end of file diff --git a/taler-magnet-bank/Cargo.toml b/taler-magnet-bank/Cargo.toml @@ -1,7 +1,12 @@ [package] name = "taler-magnet-bank" -version = "0.1.0" -edition = "2021" +version = "0.0.0" +description = "Taler Magnet Bank adapter" +edition.workspace = true +authors.workspace = true +homepage.workspace = true +repository.workspace = true +license-file.workspace = true [dependencies] rand_core = { version = "0.6.4" } @@ -37,3 +42,16 @@ anyhow.workspace = true [dev-dependencies] taler-test-utils.workspace = true + +[package.metadata.deb] +name = "taler-magnet-bank" +priority = "optional" +section = "net" +maintainer = "Taler Systems SA <deb@taler.net>" +maintainer-scripts = "../debian/" +systemd-units = [ + { unit-name = "taler-magnet-bank", enable = false, start = false, stop-on-upgrade = false }, + { unit-name = "taler-magnet-bank-httpd", enable = false, start = false, stop-on-upgrade = false }, + { unit-name = "taler-magnet-bank-worker", enable = false, start = false, stop-on-upgrade = false }, +] +recommends = ["apache2 | nginx | httpd", "postgresql (>= 15.0)"]