edgelesssys · davidweisse · Jun 27, 2024 · Jun 25, 2024
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -274,8 +274,7 @@ jobs:
           mkdir -p workspace deployment
           nix run .#scripts.write-coordinator-yaml -- "${coordinatorImgTagged}" > workspace/coordinator.yml
           nix shell .#contrast --command resourcegen --image-replacements ./image-replacements.txt --namespace kube-system runtime > workspace/runtime.yml
-          nix shell .#contrast --command resourcegen --image-replacements ./image-replacements.txt --add-load-balancers emojivoto-sm-ingress > deployment/emojivoto-demo.yml
-          zip -r workspace/emojivoto-demo.zip deployment/emojivoto-demo.yml
+          nix shell .#contrast --command resourcegen --image-replacements ./image-replacements.txt --add-load-balancers emojivoto-sm-ingress > workspace/emojivoto-demo.yml
       - name: Update coordinator policy hash
         run: |
           yq < workspace/coordinator.yml \
@@ -300,7 +299,7 @@ jobs:
             result-cli/bin/contrast
             workspace/coordinator.yml
             workspace/runtime.yml
-            workspace/emojivoto-demo.zip
+            workspace/emojivoto-demo.yml
       - name: Create draft release
         uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 # v2.0.6
         with:
@@ -312,7 +311,7 @@ jobs:
             result-cli/bin/contrast
             workspace/coordinator.yml
             workspace/runtime.yml
-            workspace/emojivoto-demo.zip
+            workspace/emojivoto-demo.yml
       - name: Reset temporary changes
         run: |
           git reset --hard ${{ needs.process-inputs.outputs.WORKING_BRANCH }}

diff --git a/docs/docs/examples/emojivoto.md b/docs/docs/examples/emojivoto.md
@@ -35,17 +35,11 @@ where their votes are processed without leaking to the platform provider or work
 
 ### Downloading the deployment
 
-The emojivoto deployment files are part of a zip file in the Contrast release. You can download the
+The emojivoto deployment files are part of Contrast release. You can download the
 latest deployment by running:
 
 ```sh
-curl -fLO https://github.com/edgelesssys/contrast/releases/latest/download/emojivoto-demo.zip
-```
-
-After that, unzip the `emojivoto-demo.zip` file to extract the `deployment/` directory.
-
-```sh
-unzip emojivoto-demo.zip
+curl -fLO https://github.com/edgelesssys/contrast/releases/latest/download/emojivoto-demo.yml --create-dirs --output-dir deployment
 ```
 
 ### Deploy the Contrast runtime

@@ -116,13 +116,9 @@ func TestRelease(t *testing.T) {
 
 	require.True(t, t.Run("unpack-deployment", func(t *testing.T) {
 		require := require.New(t)
-		ctx, cancel := context.WithTimeout(ctx, 10*time.Second)
-		defer cancel()
 
-		cmd := exec.CommandContext(ctx, "unzip", "emojivoto-demo.zip")
-		cmd.Dir = dir
-		out, err := cmd.CombinedOutput()
-		require.NoError(err, "output:\n%s", string(out))
+		require.NoError(os.Mkdir(path.Join(dir, "deployment"), 0o777))
+		require.NoError(os.Rename(path.Join(dir, "emojivoto-demo.yml"), path.Join(dir, "deployment", "emojivoto-demo.yml")))
 
 		infos, err := os.ReadDir(path.Join(dir, "deployment"))
 		require.NoError(err)

@@ -9,7 +9,8 @@
 
 let
   json = builtins.fromJSON (builtins.readFile ./contrast-releases.json);
-  findVersion = list: version: lib.lists.findFirst (obj: obj.version == version) { hash = "unknown"; } list;
+  listOrEmpty = list: field: if builtins.hasAttr field json then list.${field} else [ ];
+  findVersion = field: version: lib.lists.findFirst (obj: obj.version == version) { hash = "unknown"; } (listOrEmpty json field);
 
   buildContrastRelease = { version, hash }: {
     name = builtins.replaceStrings [ "." ] [ "-" ] version;
@@ -23,24 +24,32 @@ let
         coordinator = fetchurl {
           inherit version;
           url = "https://github.com/edgelesssys/contrast/releases/download/${version}/coordinator.yml";
-          inherit (findVersion json."coordinator.yml" version) hash;
+          inherit (findVersion "coordinator.yml" version) hash;
         };
 
         runtime = fetchurl {
           inherit version;
           url = "https://github.com/edgelesssys/contrast/releases/download/${version}/runtime.yml";
-          inherit (findVersion json."runtime.yml" version) hash;
+          inherit (findVersion "runtime.yml" version) hash;
           # runtime.yml was introduced in release v0.6.0
           passthru.exists = (builtins.compareVersions "v0.6.0" version) <= 0;
         };
 
-        emojivoto = fetchurl {
+        emojivoto-zip = fetchurl {
           # fetchurl instead of fetchzip since the hashes in contrast-release.json are computed from the zip file
           inherit version;
           url = "https://github.com/edgelesssys/contrast/releases/download/${version}/emojivoto-demo.zip";
-          inherit (findVersion json."emojivoto-demo.zip" version) hash;
+          inherit (findVersion "emojivoto-demo.zip" version) hash;
           # emojivoto-demo.zip was introduced in version v0.5.0
-          passthru.exists = (builtins.compareVersions "v0.5.0" version) <= 0;
+          passthru.exists = (builtins.compareVersions "v0.5.0" version) <= 0 && (builtins.compareVersions version "v0.8.0") < 0;
+        };
+
+        emojivoto = fetchurl {
+          inherit version;
+          url = "https://github.com/edgelesssys/contrast/releases/download/${version}/emojivoto-demo.yml";
+          inherit (findVersion "emojivoto-demo.yml" version) hash;
+          # emojivoto-demo.yml was changed from zip to yml in version v0.8.0
+          passthru.exists = (builtins.compareVersions "v0.8.0" version) <= 0;
         };
       in
       runCommand version
@@ -53,8 +62,11 @@ let
           install -m 644 ${coordinator} $out/coordinator.yml
         '' + lib.optionalString runtime.exists ''
           install -m 644 ${runtime} $out/runtime.yml
+        '' + lib.optionalString emojivoto-zip.exists ''
+          unzip ${emojivoto-zip} -d $out
         '' + lib.optionalString emojivoto.exists ''
-          unzip ${emojivoto} -d $out
+          mkdir -p $out/deployment
+          install -m 644 ${emojivoto} $out/deployment/emojivoto-demo.yml
         '');
   };
   releases = builtins.listToAttrs (builtins.map buildContrastRelease json.contrast);

@@ -19,8 +19,24 @@ fields["contrast"]="./result-cli/bin/contrast"
 fields["coordinator.yml"]="./workspace/coordinator.yml"
 fields["runtime.yml"]="./workspace/runtime.yml"
 fields["emojivoto-demo.zip"]="./workspace/emojivoto-demo.zip"
+fields["emojivoto-demo.yml"]="./workspace/emojivoto-demo.yml"
 
 for field in "${!fields[@]}"; do
+  # get the file path
+  file=${fields["$field"]}
+
+  # skip files which are not included in current release
+  if [[ ! -f $file ]]; then
+    continue
+  fi
+
+  out=$(
+    jq --arg NAME "$field" \
+      'if has($NAME) then . else . + {($NAME): []} end' \
+      "${versionsFile}"
+  )
+  echo "$out" >"${versionsFile}"
+
   # check if any field contains the given version
   out=$(
     jq --arg NAME "$field" \
@@ -33,9 +49,6 @@ for field in "${!fields[@]}"; do
     exit 1
   fi
 
-  # get the file path
-  file=${fields["$field"]}
-
   echo "[*] Creating hash for $file" >&2
   hash=$(nix hash file --sri --type sha256 "$(realpath "$file")")
   echo "      $hash" >&2
@@ -54,5 +67,5 @@ for field in "${!fields[@]}"; do
 done
 
 echo "[*] Formatting ${versionsFile}"
-out=$(jq --indent 2 . "${versionsFile}")
+out=$(jq --indent 2 'to_entries | sort_by(.key) | from_entries' "${versionsFile}")
 echo "$out" >"${versionsFile}"