feat: upgrade from indy to askar

animo · Aug 29, 2023 · a46cf86 · a46cf86
1 parent 5d7d798
commit a46cf86
Show file tree

Hide file tree

Showing 13 changed files with 1,655 additions and 1,917 deletions.
diff --git a/.env.example b/.env.example
@@ -1,6 +1,5 @@
 POSTGRES_USER=
 POSTGRES_PASSWORD=
-POSTGRES_DATABASE_URL=
+POSTGRES_HOST=
 POSTGRES_ADMIN_USER=
 POSTGRES_ADMIN_PASSWORD=
-POSTGRES_TLS_CA=
diff --git a/.github/actions/setup-libindy/action.yml b/.github/actions/setup-libindy/action.yml
diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml
@@ -17,19 +17,16 @@ jobs:
       - name: Check the repository
         uses: actions/checkout@v2
 
-      # Sets up Libindy.
-      - name: Setup Libindy
-        uses: ./.github/actions/setup-libindy
-
       # Setup Node.js
       - name: Setup Node.js
         uses: actions/setup-node@v2
         with:
-          node-version: 16.x
+          node-version: 18.x
+          cache: yarn
 
       # Installing the project dependencies
       - name: Install dependencies
-        run: yarn install
+        run: yarn install --frozen-lockfile
 
       # Validation
       - name: Running `yarn validate`

diff --git a/.github/workflows/deploy-stack.yml b/.github/workflows/deploy-stack.yml
@@ -23,13 +23,12 @@ jobs:
           WALLET_KEY: ${{ secrets.WALLET_KEY }}
           POSTGRES_USER: ${{ secrets.POSTGRES_USER }}
           POSTGRES_PASSWORD: ${{ secrets.POSTGRES_PASSWORD }}
-          POSTGRES_DATABASE_URL: ${{ secrets.POSTGRES_DATABASE_URL }}
+          POSTGRES_HOST: ${{ secrets.POSTGRES_HOST }}
           POSTGRES_ADMIN_USER: ${{ secrets.POSTGRES_ADMIN_USER }}
           POSTGRES_ADMIN_PASSWORD: ${{ secrets.POSTGRES_ADMIN_PASSWORD }}
-          POSTGRES_TLS_CA: ${{ secrets.POSTGRES_TLS_CA }}
           IMAGE_TAG: ${{ inputs.tag }}
         with:
-          envs: WALLET_KEY,POSTGRES_USER,POSTGRES_PASSWORD,POSTGRES_DATABASE_URL,POSTGRES_ADMIN_USER,POSTGRES_ADMIN_PASSWORD,POSTGRES_TLS_CA,IMAGE_TAG
+          envs: WALLET_KEY,POSTGRES_USER,POSTGRES_PASSWORD,POSTGRES_HOST,POSTGRES_ADMIN_USER,POSTGRES_ADMIN_PASSWORD,IMAGE_TAG
           stack-name: animo-afj-mediator
           stack-file: ./docker-compose-animo-mediator.yml
           private-key: ${{ secrets.DOCKER_SSH_PRIVATE_KEY }}
diff --git a/Dockerfile b/Dockerfile
@@ -1,56 +1,24 @@
-FROM ubuntu:18.04 as base
+FROM ubuntu:20.04 as base
 
 ENV DEBIAN_FRONTEND noninteractive
 
 RUN apt-get update -y && apt-get install -y \
-    software-properties-common \
     apt-transport-https \
     curl \
-    git \
-    # Only needed to build indy-sdk
-    build-essential  \
-    # Postgres plugin
-    libzmq3-dev libsodium-dev pkg-config libssl-dev
-
-# libindy
-RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CE7709D068DB5E88
-RUN add-apt-repository "deb https://repo.sovrin.org/sdk/deb bionic stable"
+    make \
+    gcc \
+    g++
 
 # nodejs
-RUN curl -sL https://deb.nodesource.com/setup_16.x | bash
-
-# yarn
-RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - && \
-    echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
+RUN curl -sL https://deb.nodesource.com/setup_18.x | bash
 
-# install depdencies
-RUN apt-get update -y && apt-get install -y --allow-unauthenticated \
-    libindy \
-    nodejs
-
-# Install yarn seperately due to `no-install-recommends` to skip nodejs install 
-RUN apt-get install -y --no-install-recommends yarn
+# install depdencies and enable corepack
+RUN apt-get update -y && apt-get install -y --allow-unauthenticated nodejs
+RUN corepack enable
 
 # Set cache dir so it can be shared between different docker stages
 RUN yarn config set cache-folder /tmp/yarn-cache
 
-# postgres plugin setup
-# install rust and set up rustup
-RUN curl https://sh.rustup.rs -sSf | bash -s -- -y
-ENV PATH="/root/.cargo/bin:${PATH}"
-# See https://github.com/hyperledger/aries-framework-javascript/pull/1036
-RUN rustup default 1.63.0
-
-WORKDIR /indy-sdk-build
-# clone indy-sdk and build postgres plugin
-RUN git clone https://github.com/hyperledger/indy-sdk.git
-WORKDIR /indy-sdk-build/indy-sdk/experimental/plugins/postgres_storage/
-RUN cargo build --release
-
-# set up library path for postgres plugin
-ENV LIB_INDY_STRG_POSTGRES="/indy-sdk-build/indy-sdk/experimental/plugins/postgres_storage/target/release"
-RUN mv /indy-sdk-build/indy-sdk/experimental/plugins/postgres_storage/target/release/libindystrgpostgres.so /usr/local/lib/libindystrgpostgres.so
-
 FROM base as setup
 
 # AFJ specifc setup
@@ -87,7 +55,4 @@ RUN yarn install --production
 # Clean cache to reduce image size
 RUN yarn cache clean
 
-# set up library path for postgres plugin
-ENV LIB_INDY_STRG_POSTGRES="/indy-sdk-build/indy-sdk/experimental/plugins/postgres_storage/target/release"
-
 ENTRYPOINT [ "yarn", "start" ]
diff --git a/README.md b/README.md
@@ -61,9 +61,7 @@ Why should you use this mediator?
 
 > If you want to deploy the mediator based on the pre-built docker image, please see the [Using Docker](#using-docker) section.
 
-Make sure you have followed the `libindy` setup form the AFJ docs: https://aries.js.org/guides/next/getting-started/set-up/indy-sdk
-
-Then run install to install dependencies:
+Install dependencies:
 
 ```bash
 yarn install
@@ -99,7 +97,7 @@ If you're using an Aries Framework JavaScript agent as the client, you can follo
 
 You can provide a number of environment variables to run the agent. The following table lists the environment variables that can be used.
 
-The `POSTGRES_` variables won't be used in development mode (`NODE_ENV=development`), but are required when `NODE_ENV` is not `development`. This makes local development easier, but makes sure you have a persistent database when deploying.
+The `POSTGRES_` variables won't be used in development mode (`NODE_ENV=development`), but are required when `NODE_ENV` is `production`. This makes local development easier, but makes sure you have a persistent database when deploying.
 
 | Variable                  | Description                                                                                                                                                                                                                                                                       |
 | ------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
@@ -109,21 +107,18 @@ The `POSTGRES_` variables won't be used in development mode (`NODE_ENV=developme
 | `WALLET_NAME`             | The name of the wallet to use.                                                                                                                                                                                                                                                    |
 | `WALLET_KEY`              | The key to unlock the wallet.                                                                                                                                                                                                                                                     |
 | `INVITATION_URL`          | Optional URL that can be used as the base for the invitation url. This would allow you to render a certain web page that can extract the invitation form the `oob` parameter, and show the QR code, or show useful information to the end-user. Less applicable to mediator URLs. |
-| `POSTGRES_DATABASE_URL`   | The postgres database url. Should be host:port (e.g. `10.10.10.10:3600`)                                                                                                                                                                                                          |
+| `POSTGRES_HOST`           | Host of the database to use. Should include both host and port.                                                                                                                                                                                                                   |
 | `POSTGRES_USER`           | The postgres user.                                                                                                                                                                                                                                                                |
 | `POSTGRES_PASSWORD`       | The postgres password.                                                                                                                                                                                                                                                            |
 | `POSTGRES_ADMIN_USER`     | The postgres admin user.                                                                                                                                                                                                                                                          |
 | `POSTGRES_ADMIN_PASSWORD` | The postgres admin password.                                                                                                                                                                                                                                                      |
-| `POSTGRES_TLS_CA_FILE`    | Path to a file containing a TLS CA. Will have precedence over `POSTGRES_TLS_CA` if both are provided                                                                                                                                                                              |
-| `POSTGRES_TLS_CA`         | Value of the TLS CA. Will have no effect if `POSTGRES_TLS_CA` is used as well.                                                                                                                                                                                                    |
 
 ## Postgres Database
 
 To deploy the mediator, a postgres database is required. Any postgres database will do. The mediator deployed to `https://mediator.dev.animo.id` is deployed to a DigitalOcean managed postgres database.
 
 1. Create a postgres database and make sure it is publicly exposed.
-2. Set the `POSTGRES_DATABASE_URL`, `POSTGRES_USER`, `POSTGRES_PASSWORD`, `POSTGRES_ADMIN_USER`, `POSTGRES_ADMIN_PASSWORD` variables. For the mediator we use the same username and password for the admin user and the regular user, but you might want to create a separate user for the admin user.
-3. If you want to set up TLS (or your database requires it, like is the case with DigitalOcean), download the tls CA file, and set either the `POSTGRES_TLS_CA_FILE` or `POSTGRES_TLS_CA` variable. The `POSTGRES_TLS_CA` variable should contain the contents of the CA file, which can be an easier way to set it up in when using docker and having the contents of the CA file in a secret.
+2. Set the `POSTGRES_HOST`, `POSTGRES_USER`, `POSTGRES_PASSWORD`, `POSTGRES_ADMIN_USER`, `POSTGRES_ADMIN_PASSWORD` variables. For the mediator we use the same username and password for the admin user and the regular user, but you might want to create a separate user for the admin user.
 
 ## Using Docker
 
@@ -139,7 +134,7 @@ docker run \
   -e "WALLET_NAME=mediator" \
   -e "AGENT_NAME=Mediator" \
   -e "AGENT_PORT=3000" \
-  -e "POSTGRES_DATABASE_URL=postgres://postgres:postgres@localhost:5432/mediator" \
+  -e "POSTGRES_HOST=mediator-database-xxxx.ondigitalocean.com:25060" \
   -e "POSTGRES_USER=postgres" \
   -e "POSTGRES_PASSWORD=<your-postgres-password>" \
   -e "POSTGRES_ADMIN_USER=postgres" \
@@ -159,17 +154,16 @@ You can build the docker image using the following command:
 ```
 docker build \
    -t ghcr.io/animo/animo-mediator \
-   -f Dockerfile
+   -f Dockerfile \
    .
 ```
 
 ## Roadmap
 
 The contents in this repository started out as a simple mediator built using Aries Framework JavaScript that can be used for development. Over time we've added some features, but there's still a lot we want to add to this repository over time. Some things on the roadmap:
 
-- Replace the Indy SDK with Aries Askar
 - Expose a `did:web` did, so you can directly connect to the mediator using only a did
-- Allow for customizing the message queue implementation, so it doesn't have to be stored in the Indy SDK / Askar database, but rather in high-volume message queue like Kafka.
+- Allow for customizing the message queue implementation, so it doesn't have to be stored in the Askar database, but rather in high-volume message queue like Kafka.
 - DIDComm v2 support
 - Sending push notifications to the recipient when a message is queued for them
 - Allow to control acceptance of mediation requests

diff --git a/docker-compose-animo-mediator.yml b/docker-compose-animo-mediator.yml
@@ -23,10 +23,9 @@ services:
       WALLET_KEY: ${WALLET_KEY}
       POSTGRES_USER: ${POSTGRES_USER}
       POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
-      POSTGRES_DATABASE_URL: ${POSTGRES_DATABASE_URL}
+      POSTGRES_HOST: ${POSTGRES_HOST}
       POSTGRES_ADMIN_USER: ${POSTGRES_ADMIN_USER}
       POSTGRES_ADMIN_PASSWORD: ${POSTGRES_ADMIN_PASSWORD}
-      POSTGRES_TLS_CA: ${POSTGRES_TLS_CA}
       AGENT_ENDPOINTS: 'https://mediator.dev.animo.id,wss://mediator.dev.animo.id'
       INVITATION_URL: https://mediator.dev.animo.id/invite
       LOG_LEVEL: 2

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -10,10 +10,9 @@ services:
       WALLET_KEY: ${WALLET_KEY}
       POSTGRES_USER: ${POSTGRES_USER}
       POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
-      POSTGRES_DATABASE_URL: ${POSTGRES_DATABASE_URL}
+      POSTGRES_HOST: ${POSTGRES_HOST}
       POSTGRES_ADMIN_USER: ${POSTGRES_ADMIN_USER}
       POSTGRES_ADMIN_PASSWORD: ${POSTGRES_ADMIN_PASSWORD}
-      POSTGRES_TLS_CA: ${POSTGRES_TLS_CA}
       AGENT_ENDPOINTS: 'https://my-mediator.com,wss://my-mediator.com'
       LOG_LEVEL: 2
     ports:

diff --git a/package.json b/package.json
@@ -13,6 +13,10 @@
     "type": "git",
     "url": "https://github.com/animo/animo-mediator"
   },
+  "engines": {
+    "node": "^18.0.0"
+  },
+  "packageManager": "[email protected]",
   "scripts": {
     "test": "jest",
     "build": "yarn run clean && yarn run compile",
@@ -26,27 +30,30 @@
     "start": "NODE_ENV=production node build/index.js",
     "validate": "yarn build && yarn check-format"
   },
+  "dependencies": {
+    "@aries-framework/askar": "^0.4.1-alpha.22",
+    "@aries-framework/core": "^0.4.1-alpha.22",
+    "@aries-framework/node": "^0.4.1-alpha.22",
+    "@hyperledger/aries-askar-nodejs": "^0.1.0",
+    "express": "^4.18.1",
+    "prettier": "^2.8.4",
+    "tslog": "^3.3.3",
+    "tsyringe": "^4.7.0",
+    "ws": "^8.8.1"
+  },
   "devDependencies": {
     "@types/express": "^4.17.13",
-    "@types/indy-sdk": "^1.16.26",
     "@types/jest": "^29.2.0",
     "@types/node": "^16",
+    "@types/node-fetch": "^2.6.4",
     "dotenv": "^16.0.1",
     "jest": "^29.2.2",
     "ngrok": "^4.3.1",
     "ts-jest": "^29.0.3",
     "ts-node": "^10.9.1",
     "typescript": "^4.8.4"
   },
-  "dependencies": {
-    "@aries-framework/core": "^0.4.0-alpha.66",
-    "@aries-framework/indy-sdk": "^0.4.0-alpha.66",
-    "@aries-framework/node": "^0.4.0-alpha.66",
-    "express": "^4.18.1",
-    "indy-sdk": "^1.16.0-dev-1655",
-    "prettier": "^2.8.4",
-    "tslog": "^3.3.3",
-    "tsyringe": "^4.7.0",
-    "ws": "^8.8.1"
+  "resolutions": {
+    "ref-napi": "npm:@2060.io/ref-napi"
   }
 }