chore: prepare for release (#14)

.dockerignore

@@ -2,5 +2,4 @@
 target
 /node_modules/
 .env
-
-
+/dist/

.github/workflows/dev-ci-cd.yml

@@ -30,58 +30,15 @@ jobs:
 
       - name: Build image
         run: |
-          docker build --build-arg BACKEND_URL=$BACKEND_URL --build-arg AUTH_URL=$AUTH_URL --build-arg BUILD_FEATURE="" -t dena-attester_peregrine:latest .
-        env:
-          BACKEND_URL: ${{ vars.BACKEND_URL }}
-          AUTH_URL: ${{ vars.AUTH_URL }}
-
-      - name: Tag, and push image to Amazon ECR
-        env:
-          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
-          ECR_REPOSITORY: dena/attester_peregrine
-          IMAGE_TAG: ${{ github.sha }}
-        run: |
-          docker tag dena-attester_peregrine $ECR_REGISTRY/$ECR_REPOSITORY:latest
-          docker tag dena-attester_peregrine $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
-          docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
-          docker push $ECR_REGISTRY/$ECR_REPOSITORY:latest
-
-  deploy-prod:
-    name: Build image and push to Amazon ECR (Prod)
-    runs-on: ubuntu-latest
-    environment: production
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v4
-
-      - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v4
-        with:
-          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-          aws-region: eu-central-1
-
-      - name: Login to Amazon ECR
-        id: login-ecr
-        uses: aws-actions/amazon-ecr-login@v2
-        with:
-          mask-password: "true"
-
-      - name: Build image
-        run: |
-          docker build --build-arg BACKEND_URL=$BACKEND_URL --build-arg AUTH_URL=$AUTH_URL -t dena-attester_spiritnet:latest .
-        env:
-          BACKEND_URL: ${{ vars.BACKEND_URL }}
-          AUTH_URL: ${{ vars.AUTH_URL }}
+          docker build -t dena-attester:latest .
 
       - name: Tag, and push image to Amazon ECR
         env:
           ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
-          ECR_REPOSITORY: dena/attester_spiritnet
+          ECR_REPOSITORY: dena/attester
           IMAGE_TAG: ${{ github.sha }}
         run: |
-          docker tag dena-attester_spiritnet $ECR_REGISTRY/$ECR_REPOSITORY:latest
-          docker tag dena-attester_spiritnet $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
+          docker tag dena-attester $ECR_REGISTRY/$ECR_REPOSITORY:latest
+          docker tag dena-attester $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
           docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG
           docker push $ECR_REGISTRY/$ECR_REPOSITORY:latest

Cargo.toml

@@ -51,3 +51,12 @@ uuid = {version = "1.4.1", features = ["v4", "serde"]}
 [features]
 default = []
 spiritnet = []
+
+[[bin]]
+features = ["spiritnet"]
+name = "attester_spiritnet"
+path = "src/main.rs"
+
+[[bin]]
+name = "attester_peregrine"
+path = "src/main.rs"

Dockerfile

@@ -1,15 +1,6 @@
 # Frontend Build Stage
 FROM node:20.5.1 as frontend-build
 
-ARG AUTH_URL=https://dev.opendid.kilt.io/api/v1/authorize
-ARG BACKEND_URL=http://0.0.0.0:${port}/api/v1
-ARG WSS_ENDPOINT=wss://peregrine.kilt.io:443/parachain-public-ws
-
-
-ENV VITE_SIMPLE_REST_URL=${BACKEND_URL} \
-    VITE_AUTH_URL=${AUTH_URL} \
-    VITE_WSS_ENDPOINT=${WSS_ENDPOINT}
-
 WORKDIR /usr/src/app
 
 # Copy only package.json and yarn.lock first to leverage Docker cache
@@ -24,8 +15,6 @@ RUN yarn build
 # Backend Build Stage
 FROM rust:buster as backend-build
 
-ARG BUILD_FEATURE=--features=spiritnet
-
 RUN apt-get update && \
     apt-get -y upgrade && \
     apt-get -y install libpq-dev
@@ -34,9 +23,8 @@ WORKDIR /app
 
 COPY . /app/
 
-
 # Build backend
-RUN cargo build --release --bin=attester-backend --package=attester-backend $BUILD_FEATURE
+RUN cargo build --release --bins
 
 # Final Stage
 FROM rust:slim-buster
@@ -49,13 +37,15 @@ WORKDIR /app
 COPY --from=frontend-build /usr/src/app/dist /usr/share/html
 
 # Copy backend build
-COPY --from=backend-build /app/target/release/attester-backend /app/attester-backend
+COPY --from=backend-build /app/target/release/attester_spiritnet /app/attester_spiritnet
+COPY --from=backend-build /app/target/release/attester_peregrine /app/attester_peregrine
 
-# Copy migrations and config
-COPY /migrations /app/migrations
+# Copy migrations config and scripts
+COPY ./migrations /app/migrations
+COPY ./scripts/start.sh /app/start.sh
 VOLUME /app/config.yaml
 
 EXPOSE ${PORT}
 
-# Run migrations and start the application
-CMD ["/app/attester-backend" , "/app/config.yaml"]
+#start the application
+CMD ["./start.sh" ]

LICENSE.md

@@ -0,0 +1,9 @@
+Copyright (c) 2023-2024, Built on KILT.
+All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
+3. All advertising materials mentioning features or use of this software must display the following acknowledgement: Built on KILT.
+4. Neither the name of KILT Protocol nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.
+   THIS SOFTWARE IS PROVIDED BY KILT PROTOCOL AND ITS CONTRIBUTORS ‘’AS IS’' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+   IN NO EVENT SHALL KILT PROTOCOL OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

README.md

@@ -1,3 +1,71 @@
-# Hello 
+# Attester Service
 
-send help! 
+The Attester Service is responsible for generating various credentials for users, with an authentication mechanism that distinguishes between regular users and employees. Users can request different types of credentials, which can then be approved by employees. The service implements the KILT [Credential API](https://github.com/KILTprotocol/spec-ext-credential-api), allowing users to store their credentials in their identity wallet. Authentication is facilitated by fetching a JWT token from [OpenDID](https://github.com/KILTprotocol/opendid). Users can log in with a DID, while employees require additional credentials.
+
+A demonstration deployment for Peregrine can be accessed [here](https://dena-attester-dev.kilt.io/#/login), and a Spiritnet deployment is available [here](https://dena-attester.kilt.io/#/login).
+
+## Usage
+
+All environment variables must be configured in a `config.yaml` file. An example `config.yaml` file is provided [here](./config_example.yaml), with explanations of the variables included.
+
+### Local Debugging Frontend
+
+The frontend utilizes Vite as a bundler. To develop, simply run `yarn dev`. To build the frontend, execute `yarn build`.
+
+### Local Debugging Backend VsCode
+
+Create a `.vscode/launch.json` file and paste the following content:
+
+```json
+{
+  "version": "0.2.0",
+  "configurations": [
+    {
+      "type": "lldb",
+      "request": "launch",
+      "name": "Debug executable 'attester-backend'",
+      "cargo": {
+        "args": ["build", "--bins"],
+        "filter": {
+          "name": "attester_peregrine",
+          "kind": "bin"
+        }
+      },
+      "args": [],
+      "cwd": "${workspaceFolder}",
+      "env": {
+        "CONFIG": "./config.yaml"
+      }
+    },
+    {
+      "type": "lldb",
+      "request": "launch",
+      "name": "Debug unit tests in executable 'attester-backend'",
+      "cargo": {
+        "args": [
+          "test",
+          "--no-run",
+          "--bin=attester-backend",
+          "--package=attester-backend"
+        ],
+        "filter": {
+          "name": "attester-backend",
+          "kind": "bin"
+        }
+      },
+      "args": [],
+      "cwd": "${workspaceFolder}"
+    }
+  ]
+}
+```
+
+Please note that the above configuration is tailored for Peregrine. If debugging on Spiritnet, adjust the filter accordingly.
+
+### Docker
+
+A docker-compose file is provided. To start the containers, run `docker-compose up`.
+
+### Database
+
+The Rust backend utilizes sqlx for database interactions. If a query is modified, update the metadata to support offline compile-time verification using the command `cargo sqlx prepare`. New migrations can be added with `cargo sqlx migrate add`, and existing migrations can be executed via CLI with `cargo sqlx migrate run`. The source code manages migrations automatically.

config_example.yaml

@@ -0,0 +1,46 @@
+# Port on which the server runs
+port: 5656
+
+# The path to the bundled frontend.
+frontEndPath: /path/to/your/frontend
+
+# The socket connection to the Kilt endpoint.
+endpoint: wss://spiritnet.api.onfinality.io:443/public-ws
+
+# The application name required for the credential API.
+appName: dena-attester
+
+# The PostgreSQL database URL.
+databaseUrl:
+
+# The redirect URL which is needed by OpenDID.
+redirectUrls:
+
+# Seed used for creating credentials.
+attesterDidSeed:
+
+# Seed used for the attestation keys by the Attester DID.
+attesterAttestationSeed:
+
+# The secret used to verify the JWT token from OpenDID.
+jwtSecret: super-secret-jwt-secret
+
+# A payer seed, who pays to anchor the credentials to the blockchain.
+payerSeed:
+
+# The URL endpoint for login.
+authUrl: "https://opendid.kilt.io/api/v1/authorize"
+
+# Session variables for creating a secure session needed by the credential API.
+session:
+  keyUri:
+  naclSecretKey:
+  naclPublicKey:
+  sessionKey:
+
+# The well-known DID configuration required by Sporran.
+wellKnownDid:
+  did:
+  origin:
+  keyUri:
+  seed:

docker-compose.yaml

@@ -11,15 +11,25 @@ services:
       - "5432:5432"
     volumes:
       - data:/var/lib/postgresql/data
+    networks:
+      - default
 
   server:
     build: ./
+    environment:
+      RUNTIME: peregrine
+      CONFIG: /app/config.yaml
     ports:
       - "5656:5656"
     depends_on:
       - postgres
     volumes:
       - ./config.yaml:/app/config.yaml
+    networks:
+      - default
+
+networks:
+  default:
 
 volumes:
-  data:
+  data: