The ElectionGuard Web API is a python-based application that provides a thin, stateless wrapper around the electionguard-python
library to perform ballot encryption, casting, spoiling, and tallying. This API is implemented using FastAPI.
If you aren't familiar with ElectionGuard and its concepts, first take a stroll through the official documentation.
Before you begin you should be aware that the application can run in one of two modes:
guardian
mode runs features used by Guardians (key ceremony actions, partial tally decryption, etc.)mediator
mode runs features used by Mediators (ballot encryption, casting, spoiling, etc.)
In practice, you will likely need to run at least one instance of each mode. We provide a single codebase and Docker image, but the mode can be set at runtime as described below.
This codebase can be run using one of three different approaches:
- ๐ณ Running with Docker
- ๐ณ Developing with Docker
- ๐ Developing with Python
This approach runs an official published image. This approach is not intended for development. It works on Windows, Mac, and Linux.
For convenience the Docker image is hosted on both Github Packages and DockerHub. You can choose whichever container image library works best for you.
Note: GitHub Packages requires authentication to retrieve the package. This requires a GitHub Access Token and using docker login
. Follow GitHub instructions.
# Pull the image from Github
docker pull docker.pkg.github.com/microsoft/electionguard-web-api/electionguard-web-api:main
# Start a container for the API in mediator mode, exposed on port 80 of the host machine
docker run -d -p 80:8000 --env API_MODE=mediator docker.pkg.github.com/microsoft/electionguard-web-api/electionguard-web-api:main
Pulling from DockerHub is simpler as it requires no additional authentication.
# Pull the image from DockerHub
docker pull electionguard/electionguard-web-api:latest
# Start a container for the API in mediator mode, exposed on port 80 of the host machine
docker run -d -p 80:8000 --env API_MODE=mediator electionguard/electionguard-web-api:latest
Developing with Docker is the fastest approach for getting started because it has virtually no local dependencies (e.g. Python). This approach works on Windows, Mac, and Linux. It uses a Dockerfile and docker-compose.yml.
- GNU Make is required to simplify commands and GitHub Actions. For MacOS and Linux, no action is necessary as it pre-installed. For Windows, install via Chocolatey and the make package, or alternately manually install.
- Docker Desktop is required for Docker support
To get started run both APIs at the same time:
make docker-run
Or run both APIs in development mode, with automatic reloading on file change:
make docker-dev
After either command, you will find the mediator
API running at http://127.0.0.1:8000 and the guardian
API at http://127.0.0.1:8001
Developing with Python provides the fastest developer inner loop (speed from code changes to seeing effects of changes), but is more work to set up initially. It works on Mac and Linux. It also works via WSL 2 on Windows.
On Windows you can use an IDE of your choice in Windows, and run the make and Python commands in WSL which will expose API's in Windows. Developing with Python on Windows involves the following additional setup that is not required for Linux or Mac.
- Install WSL 2
- Install Ubuntu (other Linux distributions should also work with minor modifications to the instructions below)
- Install pyenv prerequisites. Technically you could just install Python and it would be simpler, but this approach will provide more flexibility. To install the prerequisites:
sudo apt-get update
sudo apt-get install make build-essential libssl-dev zlib1g-dev \
libbz2-dev libreadline-dev libsqlite3-dev wget curl llvm \
libncursesw5-dev xz-utils tk-dev libxml2-dev libxmlsec1-dev libffi-dev liblzma-dev
- Install pyenv via pyenv-installer and add it the startup scripts:
curl https://pyenv.run | bash
echo 'export PYENV_ROOT="$HOME/.pyenv"' >> ~/.bashrc
echo 'export PATH="$PYENV_ROOT/bin:$PATH"' >> ~/.bashrc
echo -e 'if command -v pyenv 1>/dev/null 2>&1; then\n eval "$(pyenv init -)"\nfi' >> ~/.bashrc
sed -Ei -e '/^([^#]|$)/ {a \
export PYENV_ROOT="$HOME/.pyenv"
a \
export PATH="$PYENV_ROOT/bin:$PATH"
a \
' -e ':a' -e '$!{n;ba};}' ~/.profile
echo 'eval "$(pyenv init --path)"' >>~/.profile
echo 'eval "$(pyenv init -)"' >> ~/.bashrc
- Restart shell
- Install Python 3.9 via pyenv
pyenv install 3.9.9
pyenv global 3.9.9
Install Python 3.9. We additionally recommend pyenv to assist with Python version management (see detailed instructions in the Windows section above starting with Step 3).
Using make, install and setup the environment:
make environment
Start the api as mediator
make start API_MODE=mediator
OR as guardian
make start API_MODE=guardian
For local debugging with Visual Studio Code, choose the Guardian Web API
or Mediator Web API
options from the dropdown in the Run menu. Once the server is up, you can easily hit your breakpoints.
If the code fails to run, make sure your Python interpreter is set to use your poetry environment.
With Visual Studio Code:
- Install the Remote WSL extension
- In the bottom left click the Green Icon and "New WSL Window using Distro", select Ubuntu
- F5
- Choose either
Guardian Web API
orMediator Web API
End-to-end integration tests can be found in the /tests/integration
folder. To see them in action, run:
make test-integration
A Postman collection is also available to test the API located in the /tests/postman
folder. You can do a few things with this:
- Import into Postman for easy manual testing.
- Run locally with the Newman CLI.
- Run the APIs and tests entirely in Docker by running:
make docker-postman-test
FastApi defaultly has API documentation built in. The following is available after running:
-
SwaggerUI at
http://127.0.0.1:8000/docs
orhttp://127.0.0.1:8001/docs
, depending on the API mode -
ReDoc at
http://127.0.0.1:8000/redoc
orhttp://127.0.0.1:8001/redoc
Overviews of the API itself are available on:
As of 06/15/2020, the previous C wrapped implementation was transitioned to the python version. ElectionGuard development has transitioned to the ElectionGuard-Python Repo. The old version is available using the dotnet-api
tag.
This project encourages community contributions for development, testing, documentation, code review, and performance analysis, etc. For more information on how to contribute, see the contribution guidelines
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
Please report any bugs, feature requests, or enhancements using the GitHub Issue Tracker. Please do not report any security vulnerabilities using the Issue Tracker. Instead, please report them to the Microsoft Security Response Center (MSRC) at https://msrc.microsoft.com/create-report. See the Security Documentation for more information.
Electionguard would love for you to ask questions out in the open using GitHub Issues. If you really want to email the ElectionGuard team, reach out at electionguard@microsoft.com.
This repository is licensed under the MIT License