tlsnotary/tlsn
1
0
Fork 0
mirror of https://github.com/tlsnotary/tlsn.git synced 2026-01-08 21:08:04 -05:00
Code Issues Packages Projects Releases 12 Wiki Activity

Do not include git commit timestamp in notary server + use git2 instead of git command + add dirty suffix (#643)

Browse Source 
build: improved commit info on notary/info page

This changes uses git2 Rust library instead of calling out to external git
The timestamp was removed
This commit is contained in:
Hendrik Eeckhaut
2024-10-23 10:29:23 +02:00
committed by GitHub
parent 2c045e5de7
commit 1d663596c1
7 changed files with 58 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
crates/notary/server/Cargo.toml
View File

@@ -45,3 +45,7 @@ tracing-subscriber = { workspace = true, features = ["env-filter"] }
uuid = { workspace = true, features = ["v4", "fast-rng"] }
ws_stream_tungstenite = { workspace = true, features = ["tokio_io"] }
zeroize = { workspace = true }
[build-dependencies]
git2 = "0.19.0"
chrono.workspace = true

70
crates/notary/server/build.rs
View File

@@ -1,25 +1,55 @@
use std::{env, process::Command};
use chrono::DateTime;
use git2::{Commit, Repository, StatusOptions};
use std::{env, error::Error};
fn main() {
if env::var("GIT_COMMIT_HASH").is_err() || env::var("GIT_COMMIT_TIMESTAMP").is_err() {
// Used to extract latest HEAD commit hash and timestamp for the /info endpoint
let output = Command::new("git")
.args(["show", "HEAD", "-s", "--format=%H,%cI"])
.output()
.expect(
"Git command to get commit hash and timestamp should work during build process",
);
fn main() -> Result<(), Box<dyn Error>> {
if env::var("GIT_COMMIT_HASH").is_err() {
match get_commithash_with_dirty_suffix() {
Ok(commit_hash_with_suffix) => {
// Pass value as env var to the notary server
println!("cargo:rustc-env=GIT_COMMIT_HASH={commit_hash_with_suffix}");
}
Err(e) => {
eprintln!("Failed to get commit hash in notary server build");
eprintln!("Fix the error or configure GIT_COMMIT_HASH as environment variable");
return Err(e.message().into());
}
};
}
Ok(())
}
let output_string = String::from_utf8(output.stdout)
.expect("Git command should produce valid string output");
fn get_commithash_with_dirty_suffix() -> Result<String, git2::Error> {
let repo = Repository::discover(".")?;
let commit = get_commit(&repo)?;
let commit_hash = commit.id().to_string();
let _timestamp = get_commit_timestamp(&commit)?;
let has_changes = check_local_changes(&repo)?;
let (commit_hash, commit_timestamp) = output_string
.as_str()
.split_once(',')
.expect("Git commit hash and timestamp string output should be comma separated");
// Pass these 2 values as env var to the program
println!("cargo:rustc-env=GIT_COMMIT_HASH={}", commit_hash);
println!("cargo:rustc-env=GIT_COMMIT_TIMESTAMP={}", commit_timestamp);
if has_changes {
Ok(format!("{commit_hash} (with local changes)"))
} else {
Ok(commit_hash)
}
}
fn get_commit(repo: &Repository) -> Result<Commit, git2::Error> {
let head = repo.head()?;
head.peel_to_commit()
}
fn get_commit_timestamp(commit: &Commit) -> Result<String, git2::Error> {
let timestamp = commit.time().seconds();
let date_time = DateTime::from_timestamp(timestamp, 0)
.ok_or_else(|| git2::Error::from_str("Invalid timestamp"))?;
Ok(date_time.to_rfc2822())
}
fn check_local_changes(repo: &Repository) -> Result<bool, git2::Error> {
let mut status_options = StatusOptions::new();
status_options
.include_untracked(false)
.include_ignored(false);
let statuses = repo.statuses(Some(&mut status_options))?;
Ok(!statuses.is_empty())
}

1
crates/notary/server/config/config.yaml
View File

@@ -6,7 +6,6 @@ server:
<h1>Notary Server {version}!</h1>
<ul>
<li>git commit hash: <a href="https://github.com/tlsnotary/tlsn/commit/{git_commit_hash}">{git_commit_hash}</a></li>
<li>git commit timestamp: {git_commit_timestamp}</li>
<li>public key: <pre>{public_key}</pre></li>
</ul>
<a href="/healthcheck">health check</a> - <a href="/info">info</a><br/>

16
crates/notary/server/notary-server.Dockerfile.dockerignore
View File

@@ -1,12 +1,4 @@
# exclude everything
*
# include notary and core library dependencies
!/crates
!/Cargo.toml
# include .git for program to get git info
!/.git
# exclude any /target folders inside the included folders above
**/target*
# exclude Rust build artifacts
./target
./crates/wasm/pkg/
./crates/wasm-test-runner/static/generated/

4
crates/notary/server/openapi.yaml
View File

@@ -203,11 +203,7 @@ components:
gitCommitHash:
description: The git commit hash of source code that this notary server is running
type: string
gitCommitTimestamp:
description: The git commit timestamp of source code that this notary server is running
type: string
required:
- "version"
- "publicKey"
- "gitCommitHash"
- "gitCommitTimestamp"

2
crates/notary/server/src/domain.rs
View File

@@ -14,6 +14,4 @@ pub struct InfoResponse {
pub public_key: String,
/// Current git commit hash of notary-server
pub git_commit_hash: String,
/// Current git commit timestamp of notary-server
pub git_commit_timestamp: String,
}

3
crates/notary/server/src/server.rs
View File

@@ -111,7 +111,6 @@ pub async fn run_server(config: &NotaryServerProperties) -> Result<(), NotarySer
.map_err(|err| eyre!("Failed to load notary public signing key for notarization: {err}"))?;
let version = env!("CARGO_PKG_VERSION").to_string();
let git_commit_hash = env!("GIT_COMMIT_HASH").to_string();
let git_commit_timestamp = env!("GIT_COMMIT_TIMESTAMP").to_string();
// Parameters needed for the root / endpoint
let html_string = config.server.html_info.clone();
@@ -119,7 +118,6 @@ pub async fn run_server(config: &NotaryServerProperties) -> Result<(), NotarySer
html_string
.replace("{version}", &version)
.replace("{git_commit_hash}", &git_commit_hash)
.replace("{git_commit_timestamp}", &git_commit_timestamp)
.replace("{public_key}", &public_key),
);
@@ -141,7 +139,6 @@ pub async fn run_server(config: &NotaryServerProperties) -> Result<(), NotarySer
version,
public_key,
git_commit_hash,
git_commit_timestamp,
}),
)
.into_response()