feat: adopt freenet/mail build + release process#6
Merged
Conversation
netsirius
force-pushed
the
feat/adopt-mail-build-release
branch
from
02b56de to
834f071
Compare
* Merge main (brings Raven rebrand from #7) into PR branch. * web/container: port full ed25519 + version validation from freenet/mail. Adds 6 unit tests covering valid/invalid sig, version monotonicity, summary/delta. Container is no longer a stub. * common/: new crate. Hosts WebContainerMetadata struct shared between web/container and tools/web-container-sign so the two CBOR formats cannot drift. * check-contract-wasm.yml: gate now fails on drift (was exit 0 with warning). Adds published-contract/** + Cargo.toml to trigger paths and a push-on-main job. * web/tests/production-liveness.spec.ts: title now "Raven" (matches merged rebrand). * published-contract/: regenerated locally; contract id = 6vGnrBknBqysGZFgzor8bVdvYXRNz1ddzsdrnHrosLeQ. CI on Linux may produce a different snapshot — first Linux run will surface drift; commit the Linux snapshot once. * Cargo.toml: drop dead commented [target.wasm32-unknown-unknown] block. Add common/ to workspace members. * Drop .claude/settings.json (per-machine path leaked into repo).
iduartgomez
changed the title
Lets reviewers grab the canonical Linux-built snapshot from the failing run instead of guessing what to commit.
CI rebuild produces different bytes than macOS local build (different LLVM/codegen between hosts). Snapshot now matches ubuntu-latest output so check-contract-wasm gate passes. Contract ID: CQTvAgQQuxZHTmTi17DaaNgrv3KCVNtxY1vCamFfkV41
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
This repo had a plain
Makefile, no CI, no release driver, no signed webapp, and no committedpublished-contract/snapshot. Cutting a release would produce a non-reproducible, unsigned contract ID that nobody could verify against repo state. Two contributors building the same commit would derive different IDs (Vite chunk timestamps, tar mtime/owner, signing nonce drift).freenet/mailalready solved this on top offreenet/river's baseline; aligning now is cheaper than retrofitting after the first release.Solution
Port mail's pipeline, adapted from Dioxus to our Vite/TypeScript stack.
Makefile.toml(cargo-make) — replacesMakefile. 41 tasks for build, test, sign, snapshot, publish. Each contract/delegate task pinsCARGO_TARGET_DIRso fdev's workspace walk doesn't panic from a stale install tree.rust-toolchain.toml— pinsstable(matches mail) so WASM bytes are reproducible across contributors.tools/web-container-sign/— vendored fromfreenet/mail/tools/. ed25519 signer CLI. Mail'sfreenet-email-core::WebContainerMetadataimport inlined as a 2-field struct so we don't need a path dep.compress-webapp— GNU tar with--sort=name --mtime='2024-01-01 ...' --owner=0 --group=0 --numeric-ownerproduces byte-identical archives. Warns (doesn't fail) withoutgtar.sign-webapp{,-test}— version derived fromgit rev-parse --short=8 HEAD(interpret hex as u31), so two contributors on the same commit produce identical signatures. ed25519 is deterministic. Test variant uses committed key attest-contract/web-container-keys.toml; prod variant uses uncommitted~/.config/freenet-microblogging/web-container-keys.toml(overridable viaWEB_CONTAINER_KEY_FILE).published-contract/— committed snapshot (web_container_contract.wasm+webapp.parameters+contract-id.txt). Initial test ID:H5JJ7UXJS6Rs8DtKd4tHJaUV9kB839UcYZczuH1XbcNP.publish-webapp*publishes from this snapshot, not freshly built artifacts, so stale snapshots fail loudly..github/workflows/build.yml(build + clippy + test + Playwright with version-pinnedcargo-make/fdevcaches) andcheck-contract-wasm.yml(rebuilds at HEAD, fails ifgit diff --quiet -- published-contract/doesn't pass).web/tests/— runs againstvite preview --port 8082afterbuild-ui-offline(Vite equivalent of mail'sdx serve --features example-data,no-sync).production-liveness.spec.tscovers title set, sidebar mounts, post card renders.scripts/release.sh— preflight (clean tree, onmain, no tag collision, prod key + tools present, GNU tar, node reachable on127.0.0.1:50509) → test gate → 3 confirmation prompts (publish ▸ commit ▸ push) → idempotent up to commit.--yesfor CI. Plusgenerate-production-key.sh,smoke-test-production.sh,RELEASING.mdrunbook.VITE_OFFLINE_MODE=1define invite.config.tsbranchesweb/src/index.tsto renderMOCK_POSTSimmediately without WebSocket/delegate. Required for Playwright in CI.AGENTS.mdandREADME.mdupdated to usecargo make Xeverywhere..gitignoreadds the new build outputs.Testing
cargo make buildsucceeds — contracts + UI + web container.cargo make compress-webapp× 2 → identical sha256 (byte-reproducible).cargo make sign-webapp-test× 2 → identical metadata + parameters bytes.cargo make update-published-contract× 2 → identical contract ID.cargo make test-{posts,follows,likes}→ 13/13 passing.cargo make test-ui-playwright→ 3/3 browsers (chromium/firefox/webkit) passing.cargo make sign-webapp(no prod key present) → fails loudly with the documented error.scripts/release.sh notaversion→ rejected by semver regex;scripts/release.sh(no arg) → usage error.Known caveats (not blockers, follow-up)
web/container/src/lib.rs,delegates/identity/src/lib.rs,contracts/{follows,likes,posts}/src/lib.rs). First CI run will fail onclippy+fmt-checkuntil either fixed or-D warningsrelaxed. Out of scope here.web/container/src/lib.rsis still a stub — does not deserializeWebContainerMetadataor verify the signature. Pipeline produces signed metadata but on-chain contract doesn't enforce it. Mail's container does; porting that verification is a separate task.cargo make testexits non-zero atnpm test. Pre-existing.Closes #3