We Are Millions hackathon: FairPass Tool Improvements

# We Are Millions hackathon: FairPass Tool Improvements The FairPass tool is a multi-platform GUI tool implemented in Golang and Fyne [1] framework. The main idea behind the tool is to provide a password manager and notes manager, encrypted and securely stored in a decentralised storage. The tool was built with FairOS on top of Swarm, uses go-password to generate passwords and interacts with Bee [2], a Swarm client implemented in Go. The goals I wanted to accomplish during the WAM hackaton was to implement the CI build and release workflow, add automatic static code analysis for each pull request and improve one of the features of the existing FairPass tool. --- ## CI and Release workflow improvements When I started working on the FairPass tool it did not have any continuous integration setup in place. It had instructions on building and packaging the application, though. I found out in the Fyne documentation that the tool can be cross-compiled on Linux machine, therefore decided also to cross-compile to Windows .exe and Android .apk and build the binaries with each push to master branch using GitHub actions. ## Linux, Windows and Android builds The automatic builds for all platforms were configured to be executed on each merge to master and feature branches and against all open pull requests: ``` name: Build on: push: branches: [ master, feature/** ] pull_request: branches: [ master ] ``` The Linux build required to install fyne and fine-cross toolchain: ``` jobs: build_linux: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - name: Set up Go uses: actions/setup-go@v2 with: go-version: 1.17 - name: Install fine-cross compiler run: go install github.com/fyne-io/fyne-cross@v1.1.3 - name: Install fyne run: go install fyne.io/fyne/v2/cmd/fyne@latest - name: Build run: fyne-cross linux -app-id org.fairdatasociety.fairpass -icon icon.png ``` Cross-compilation for Windows and Android is very similar, therefore it was enough to provide windows and android arguments to generate .exe and .apk, respectively. ``` build_windows: ... - name: Build run: fyne-cross windows -app-id org.fairdatasociety.fairpass -icon icon.png build_android: ... - name: Build run: fyne-cross android -app-id org.fairdatasociety.fairpass -icon icon.png ``` The build results can be observed directly in GitHub: ![](https://i.imgur.com/CcWp9iX.png) ## Static code analysis The automatic static code analysis is achieved using three tools: * go vet : source code and suspicious constructs analysis * goimport: similar to gofmt but in addition to code formatting, also checks imports * staticcheck: an advanced Go linter tool ``` - name: Run go vet run: go vet ./... - name: Run goimports run: test -z $(find . -name '*.go' -type f | \ xargs goimports -e -d | tee /dev/stderr) - name: Run staticcheck run: staticcheck ./... ``` The result is immediately available for pull requests and merges to master. Example outputs can be observed below: ![](https://i.imgur.com/iuTS4DX.png) vs ![](https://i.imgur.com/FLxrj1o.png) ## Release workflow When the release is done, a GIT tag is created with description of the release. GitHub actions are configured to build all supported binaries for Linux, Windows and Android and expose the binaries to allow external users direct download from GitHub. Additionally I noticed that the FairPass tool main window displays current version which is set to v0.0.0 and decided it would be good to automatically inject the release version number to the binary during release process. After a few experiments I was able to inject data so that the version and latest GIT commit hash is shown in the left bottom corner of the running application window: ![](https://i.imgur.com/WDQX0ib.png) ## Adding current latest status to readme file GitHub allows to add automated badges with the latest build and test execution status and and decided to add this as well to FairPass: [![Build](https://github.com/gitcoindev/FairPass/workflows/Build/badge.svg)](https://github.com/gitcoindev/FairPass/actions?query=workflow%3ABuild) [![Test](https://github.com/gitcoindev/FairPass/workflows/Test/badge.svg)](https://github.com/gitcoindev/FairPass/actions?query=workflow%3ATest) [![Static code analysis](https://github.com/gitcoindev/FairPass/workflows/Static%20code%20analysis/badge.svg)](https://github.com/gitcoindev/FairPass/actions?query=workflow%3AStatic%20code%20analysis) --- ## Google Chrome / Brave web browser passwords import functionality implementation The current password storage can securely store encrypted user passwords for different domains using an entry form. To store a few passwords it works fine, but when I tried to store all my passwords for websites this turned out to be pretty cumbersome and took a lot of time. I thought it would be useful to implement a CSV password import functionality, for all passwords exported from a web browser. I was able to add a new button to the password entry form and implemented the batch CSV import according to Google Chrome format: ``` name,url,username,password discord.com,https://discord.com/login,youremail@gmail.com,your_secure_password github.com,https://github.com/session,youremail@gmail.com,your_secure_password ``` Screenshots of the working implementation: 1. Login window ![](https://i.imgur.com/s400l3X.png) 2. New `Import .csv file` button ![](https://i.imgur.com/hHkZ9oz.png) 3. New `Open File` dialog ![](https://i.imgur.com/ve5QB3Z.png) 4. CSV input transformed into internal struct and displayed. ![](https://i.imgur.com/2Y7lW8X.png) 5. Table of different password domain entries. I imported CSV multiple times and added manually some entries in between. ![](https://i.imgur.com/XebqbSa.png) All the source code changes can be seen in the GitHub [pull request](https://github.com/fairDataSociety/FairPass/pull/9) [4]. --- ## Future possibilities and enhancements The future enhancements to the current implementation on the FairPass tool together with adding new features would be to: * Enhance user documentation, especially on how to configure and connect for the first time users. It took me a while to figure out how to set up Bee client properly, deploy the initial contract and connect FairPass to the running Bee instance. * Improve error handling. * Add automated tests for the source code. --- ## License All the source code implemented for the WAM hackathon, including CI GitHub workflows implementiation is under FairPass [3] MIT license and can be used and distributed free of charge. --- The original version of this document is available at [hackmd.io](https://hackmd.io/GS-qZ_HgTq-0jueeWOpbwQ). References [1] https://developer.fyne.io/index.html [2] https://docs.ethswarm.org/docs/installation/install [3] https://github.com/fairDataSociety/FairPass/blob/master/LICENSE [4] https://github.com/fairDataSociety/FairPass/pull/9