The ElectionGuard Web API is a python-based application that provides a thin, stateless wrapper around the electionguard-python library to perform ballot encryption, casting, spoiling, and tallying. This API is implemented using FastAPI.
If you aren't familiar with ElectionGuard and its concepts, first take a stroll through the official documentation.
Before you begin you should be aware that the application can run in one of two modes:
guardianmode runs features used by Guardians (key ceremony actions, partial tally decryption, etc.)mediatormode runs features used by Mediators (ballot encryption, casting, spoiling, etc.)
In practice, you will likely need to run at least one instance of each mode. We provide a single codebase and Docker image, but the mode can be set at runtime as described below.
This codebase can be run using one of three different approaches:
- π³ Running with Docker
- π³ Developing with Docker
- π Developing with Python
This approach runs an official published image. This approach is not intended for development. It works on Windows, Mac, and Linux.
For convenience the Docker image is hosted on both Github Packages and DockerHub. You can choose whichever container image library works best for you.
Note: GitHub Packages requires authentication to retrieve the package. This requires a GitHub Access Token and using docker login. Follow GitHub instructions.
# Pull the image from Github
docker pull docker.pkg.github.com/microsoft/electionguard-web-api/electionguard-web-api:main
# Start a container for the API in mediator mode, exposed on port 80 of the host machine
docker run -d -p 80:8000 --env API_MODE=mediator docker.pkg.github.com/microsoft/electionguard-web-api/electionguard-web-api:mainPulling from DockerHub is simpler as it requires no additional authentication.
# Pull the image from DockerHub
docker pull electionguard/electionguard-web-api:latest
# Start a container for the API in mediator mode, exposed on port 80 of the host machine
docker run -d -p 80:8000 --env API_MODE=mediator electionguard/electionguard-web-api:latestDeveloping with Docker is the fastest approach for getting started because it has virtually no local dependencies (e.g. Python). This approach works on Windows, Mac, and Linux. It uses a Dockerfile and docker-compose.yml.
- GNU Make is required to simplify commands and GitHub Actions. For MacOS and Linux, no action is necessary as it pre-installed. For Windows, install via Chocolatey and the make package, or alternately manually install.
- Docker Desktop is required for Docker support
To get started run both APIs at the same time:
make docker-runOr run both APIs in development mode, with automatic reloading on file change:
make docker-devAfter either command, you will find the mediator API running at http://127.0.0.1:8000 and the guardian API at http://127.0.0.1:8001
Developing with Python provides the fastest developer inner loop (speed from code changes to seeing effects of changes), but is more work to set up initially. It works on Mac and Linux. It also works via WSL 2 on Windows.
On Windows you can use an IDE of your choice in Windows, and run the make and Python commands in WSL which will expose API's in Windows. Developing with Python on Windows involves the following additional setup that is not required for Linux or Mac.
- Install WSL 2
- Install Ubuntu (other Linux distributions should also work with minor modifications to the instructions below)
- Install pyenv prerequisites. Technically you could just install Python and it would be simpler, but this approach will provide more flexibility. To install the prerequisites:
sudo apt-get update
sudo apt-get install make build-essential libssl-dev zlib1g-dev \
libbz2-dev libreadline-dev libsqlite3-dev wget curl llvm \
libncursesw5-dev xz-utils tk-dev libxml2-dev libxmlsec1-dev libffi-dev liblzma-dev- Install pyenv via pyenv-installer and add it the startup scripts:
curl https://pyenv.run | bash
echo 'export PYENV_ROOT="$HOME/.pyenv"' >> ~/.bashrc
echo 'export PATH="$PYENV_ROOT/bin:$PATH"' >> ~/.bashrc
echo -e 'if command -v pyenv 1>/dev/null 2>&1; then\n eval "$(pyenv init -)"\nfi' >> ~/.bashrc
sed -Ei -e '/^([^#]|$)/ {a \
export PYENV_ROOT="$HOME/.pyenv"
a \
export PATH="$PYENV_ROOT/bin:$PATH"
a \
' -e ':a' -e '$!{n;ba};}' ~/.profile
echo 'eval "$(pyenv init --path)"' >>~/.profile
echo 'eval "$(pyenv init -)"' >> ~/.bashrc- Restart shell
- Install Python 3.9 via pyenv
pyenv install 3.9.9
pyenv global 3.9.9Install Python 3.9. We additionally recommend pyenv to assist with Python version management (see detailed instructions in the Windows section above starting with Step 3).
Using make, install and setup the environment:
make environmentStart the api as mediator
make start API_MODE=mediatorOR as guardian
make start API_MODE=guardianFor local debugging with Visual Studio Code, choose the Guardian Web API or Mediator Web API options from the dropdown in the Run menu. Once the server is up, you can easily hit your breakpoints.
If the code fails to run, make sure your Python interpreter is set to use your poetry environment.
With Visual Studio Code:
- Install the Remote WSL extension
- In the bottom left click the Green Icon and "New WSL Window using Distro", select Ubuntu
- F5
- Choose either
Guardian Web APIorMediator Web API
End-to-end integration tests can be found in the /tests/integration folder. To see them in action, run:
make test-integrationA Postman collection is also available to test the API located in the /tests/postman folder. You can do a few things with this:
- Import into Postman for easy manual testing.
- Run locally with the Newman CLI.
- Run the APIs and tests entirely in Docker by running:
make docker-postman-test
FastApi defaultly has API documentation built in. The following is available after running:
-
SwaggerUI at
http://127.0.0.1:8000/docsorhttp://127.0.0.1:8001/docs, depending on the API mode -
ReDoc at
http://127.0.0.1:8000/redocorhttp://127.0.0.1:8001/redoc
Overviews of the API itself are available on:
As of 06/15/2020, the previous C wrapped implementation was transitioned to the python version. ElectionGuard development has transitioned to the ElectionGuard-Python Repo. The old version is available using the dotnet-api tag.
This project encourages community contributions for development, testing, documentation, code review, and performance analysis, etc. For more information on how to contribute, see the contribution guidelines
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
Please report any bugs, feature requests, or enhancements using the GitHub Issue Tracker. Please do not report any security vulnerabilities using the Issue Tracker. Instead, please report them to the Microsoft Security Response Center (MSRC) at https://msrc.microsoft.com/create-report. See the Security Documentation for more information.
Electionguard would love for you to ask questions out in the open using GitHub Issues. If you really want to email the ElectionGuard team, reach out at electionguard@microsoft.com.
This repository is licensed under the MIT License