From 0818f33972bb894ffc7f29968722ec81e5dbd384 Mon Sep 17 00:00:00 2001 From: Barry Botha Date: Mon, 9 Oct 2023 01:13:22 +0300 Subject: [PATCH 01/10] basci build and push --- .github/workflows/main.yml | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 .github/workflows/main.yml diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 00000000..d85c835b --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,33 @@ +name: build-deploy +on: + push: + branches: + - main + - initial-workflow + +permissions: + contents: read + packages: write + security-events: write + +jobs: + build: + uses: ablockofficial/platform/.github/workflows/build.yml@main + with: + REGISTRY: ${{ vars.REGISTRY }} + REPOSITORY: ${{ vars.REPOSITORY }} + scan-image: + uses: ablockofficial/platform/.github/workflows/scan-image.yml@main + secrets: inherit + needs: build + with: + IMAGE: ${{ vars.REGISTRY }}/${{ vars.REPOSITORY }}:${{ github.sha }} +# deploy: +# uses: ablockofficial/platform/.github/workflows/deploy.yml@main +# secrets: inherit +# needs: scan-image +# with: +# REGION: ${{ vars.REGION }} +# PROJECT_ID: ${{ vars.PROJECT_ID }} +# CLUSTER_NAME: ${{ vars.CLUSTER_NAME }} +# DEPLOYMENT: a-block-io \ No newline at end of file From 9ce974d755755acd77de3abca844e7d0d9173940 Mon Sep 17 00:00:00 2001 From: Barry Botha Date: Wed, 18 Oct 2023 12:59:41 +0300 Subject: [PATCH 02/10] initial build flow --- .github/workflows/main.yml | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index d85c835b..a31b9c8b 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -21,13 +21,4 @@ jobs: secrets: inherit needs: build with: - IMAGE: ${{ vars.REGISTRY }}/${{ vars.REPOSITORY }}:${{ github.sha }} -# deploy: -# uses: ablockofficial/platform/.github/workflows/deploy.yml@main -# secrets: inherit -# needs: scan-image -# with: -# REGION: ${{ vars.REGION }} -# PROJECT_ID: ${{ vars.PROJECT_ID }} -# CLUSTER_NAME: ${{ vars.CLUSTER_NAME }} -# DEPLOYMENT: a-block-io \ No newline at end of file + IMAGE: ${{ vars.REGISTRY }}/${{ vars.REPOSITORY }}:${{ github.sha }} \ No newline at end of file From 5643e35e0ae3a7e839e55f6d2a38531a165b9b8e Mon Sep 17 00:00:00 2001 From: Barry Botha Date: Wed, 18 Oct 2023 13:00:06 +0300 Subject: [PATCH 03/10] initial default node config --- .docker/conf/api_config.json | 9 ++ .docker/conf/initial_block.json | 159 +++++++++++++++++++++++++++++ .docker/conf/node_settings.toml | 43 ++++++++ .docker/conf/tls_certificates.json | 11 ++ 4 files changed, 222 insertions(+) create mode 100644 .docker/conf/api_config.json create mode 100644 .docker/conf/initial_block.json create mode 100644 .docker/conf/node_settings.toml create mode 100644 .docker/conf/tls_certificates.json diff --git a/.docker/conf/api_config.json b/.docker/conf/api_config.json new file mode 100644 index 00000000..e13ed4a8 --- /dev/null +++ b/.docker/conf/api_config.json @@ -0,0 +1,9 @@ +{ + "api_keys": { + "no_route": ["no_key"] + }, + "routes_pow": { + "no_route": 0 + } +} + diff --git a/.docker/conf/initial_block.json b/.docker/conf/initial_block.json new file mode 100644 index 00000000..9328732c --- /dev/null +++ b/.docker/conf/initial_block.json @@ -0,0 +1,159 @@ +{ + "compute_genesis_tx_in_comment": [ + "/// The TxIn content for genesis block.", + "/// A marketing request: A quote from the the Magna Carta document, the 39th claim.", + "/// This version was updated to be more inclusive." + ], + "compute_genesis_tx_in": "+ (39) No person shall be seized or imprisoned, or stripped of their rights or possessions, or outlawed or exiled, or deprived of their standing in any way, nor will we proceed with force against them, or send others to do so, except by the lawful judgment of their equals or by the law of the land.", + "compute_seed_utxo": { + "000000": [ + { + "public_key": "f4f0c1a951959e88fe343de5a2ebe7efbcb15422090b3549577f424db6851ca5", + "amount": 2 + }, + { + "public_key": "4580540cfe5569cc7e9262ac9b555815c8e955f9f8ae659f1091e6dd9d68731a", + "amount": 1 + }, + { + "public_key": "a557309adf55ad3c1eee7fad684cffa30eef2bffcd6ae0a6736fe4cddd95cd51", + "amount": 1 + }, + { + "public_key": "951134d50fc2a0de62702108c035e0f1c3146aa722f5425ae92d49a68e3b23c5", + "amount": 1 + }, + { + "public_key": "5eafe054031eb556b8164f556d0ba1f3b4a149366794257697e6a4608dd13ada", + "amount": 1 + } + ], + "000001": [ + { + "public_key": "a80fc230590e38bd648dc6bc4b6019d39e841f78657ad5138f351a70b6165c43", + "amount": 5 + } + ], + "000010": [ + { + "public_key": "c111594923b43ddceb8031a5ac3dceeaba566dea24aa6119b62dcefb02ace5b8", + "amount": 123 + } + ], + "000011": [ + { + "public_key": "9caa593f680c373872e4980bf15d119b373966f0e6f11a810718bfbf2e81017a", + "amount": 1234 + }, + { + "public_key": "25564a3a9c22ce3300cbbbcacd030fde8ccc4b6fa38b4481bf4f76b01d537d4f", + "amount": 1235 + } + ] + }, + "user_wallet_seeds": [ + [ + { + "out_point": "0-000010", + "secret_key": "3053020101300506032b6570042204200f49984bb4f0a1276af12b31b81245a47ba56ad4fd9aca163e056dea3ff00f73a123032100c111594923b43ddceb8031a5ac3dceeaba566dea24aa6119b62dcefb02ace5b8", + "public_key": "c111594923b43ddceb8031a5ac3dceeaba566dea24aa6119b62dcefb02ace5b8", + "amount": 123 + } + ], + [ + { + "out_point": "0-000011", + "secret_key": "3053020101300506032b65700422042005c5098f18eb4a85676c167b89455af63709779e6e4bcddf250f20ec35b510b0a1230321009caa593f680c373872e4980bf15d119b373966f0e6f11a810718bfbf2e81017a", + "public_key": "9caa593f680c373872e4980bf15d119b373966f0e6f11a810718bfbf2e81017a", + "amount": 1234 + }, + { + "out_point": "1-000011", + "secret_key": "3053020101300506032b6570042204203ec3e9ad312fdaf4ed144e2498c1439c4301c376eb08827f4eb2da360c34b5d7a12303210025564a3a9c22ce3300cbbbcacd030fde8ccc4b6fa38b4481bf4f76b01d537d4f", + "public_key": "25564a3a9c22ce3300cbbbcacd030fde8ccc4b6fa38b4481bf4f76b01d537d4f", + "amount": 1235 + } + ] + ], + "user_test_auto_gen_setup": { + "user_initial_transactions": [], + "_user_initial_transactions": [ + [ + { + "out_point": "0-000000", + "secret_key": "3053020101300506032b657004220420e2fa624994ec5c6f46e9a991ed8e8791c4d2ce2d7ed05a827bd45416e5a19555a123032100f4f0c1a951959e88fe343de5a2ebe7efbcb15422090b3549577f424db6851ca5", + "public_key": "f4f0c1a951959e88fe343de5a2ebe7efbcb15422090b3549577f424db6851ca5", + "amount": 2 + }, + { + "out_point": "0-000001", + "secret_key": "3053020101300506032b65700422042009784182e825fbd7e53333aa6b5f1d55bc19a992d5cf71253212264825bc89c8a123032100a80fc230590e38bd648dc6bc4b6019d39e841f78657ad5138f351a70b6165c43", + "public_key": "a80fc230590e38bd648dc6bc4b6019d39e841f78657ad5138f351a70b6165c43", + "amount": 5 + } + ] + ] + }, + "generated_keys": [ + { + "secret_key": "3053020101300506032b657004220420e2fa624994ec5c6f46e9a991ed8e8791c4d2ce2d7ed05a827bd45416e5a19555a123032100f4f0c1a951959e88fe343de5a2ebe7efbcb15422090b3549577f424db6851ca5", + "public_key": "f4f0c1a951959e88fe343de5a2ebe7efbcb15422090b3549577f424db6851ca5" + }, + { + "secret_key": "3053020101300506032b6570042204204484d9dda49dd72ba4b0a68a478111d983a78397f8e6cba348ed06ec41a909dba1230321004580540cfe5569cc7e9262ac9b555815c8e955f9f8ae659f1091e6dd9d68731a", + "public_key": "4580540cfe5569cc7e9262ac9b555815c8e955f9f8ae659f1091e6dd9d68731a" + }, + { + "secret_key": "3053020101300506032b657004220420c81822091474ae24a22922ee3ab87fefb838d59710cf1e5fe9e471bf55caa189a123032100a557309adf55ad3c1eee7fad684cffa30eef2bffcd6ae0a6736fe4cddd95cd51", + "public_key": "a557309adf55ad3c1eee7fad684cffa30eef2bffcd6ae0a6736fe4cddd95cd51" + }, + { + "secret_key": "3053020101300506032b65700422042068dca829734887fd5ee3c017b754eaf3a864afc04efe269cd7391be3541dcd5aa123032100951134d50fc2a0de62702108c035e0f1c3146aa722f5425ae92d49a68e3b23c5", + "public_key": "951134d50fc2a0de62702108c035e0f1c3146aa722f5425ae92d49a68e3b23c5" + }, + { + "secret_key": "3053020101300506032b657004220420ddd7806b4b26648c4187c395c4c1c3467f0d06a2afccebbc499fc74edd255d43a1230321005eafe054031eb556b8164f556d0ba1f3b4a149366794257697e6a4608dd13ada", + "public_key": "5eafe054031eb556b8164f556d0ba1f3b4a149366794257697e6a4608dd13ada" + }, + { + "secret_key": "3053020101300506032b65700422042009784182e825fbd7e53333aa6b5f1d55bc19a992d5cf71253212264825bc89c8a123032100a80fc230590e38bd648dc6bc4b6019d39e841f78657ad5138f351a70b6165c43", + "public_key": "a80fc230590e38bd648dc6bc4b6019d39e841f78657ad5138f351a70b6165c43" + }, + { + "secret_key": "3053020101300506032b6570042204200f49984bb4f0a1276af12b31b81245a47ba56ad4fd9aca163e056dea3ff00f73a123032100c111594923b43ddceb8031a5ac3dceeaba566dea24aa6119b62dcefb02ace5b8", + "public_key": "c111594923b43ddceb8031a5ac3dceeaba566dea24aa6119b62dcefb02ace5b8" + }, + { + "secret_key": "3053020101300506032b65700422042005c5098f18eb4a85676c167b89455af63709779e6e4bcddf250f20ec35b510b0a1230321009caa593f680c373872e4980bf15d119b373966f0e6f11a810718bfbf2e81017a", + "public_key": "9caa593f680c373872e4980bf15d119b373966f0e6f11a810718bfbf2e81017a" + }, + { + "secret_key": "3053020101300506032b6570042204203ec3e9ad312fdaf4ed144e2498c1439c4301c376eb08827f4eb2da360c34b5d7a12303210025564a3a9c22ce3300cbbbcacd030fde8ccc4b6fa38b4481bf4f76b01d537d4f", + "public_key": "25564a3a9c22ce3300cbbbcacd030fde8ccc4b6fa38b4481bf4f76b01d537d4f" + }, + { + "secret_key": "3053020101300506032b657004220420a1523e379f175c6b5843936605a263adefb219f4dbd3db97aeb550cbabcfa4caa12303210069bfaf94b4860503696e05ad10b929a1abbc87fcb0d35d9859d6fdf2fe79af03", + "public_key": "69bfaf94b4860503696e05ad10b929a1abbc87fcb0d35d9859d6fdf2fe79af03" + }, + { + "secret_key": "3053020101300506032b6570042204201cd87f8d2840351aadcb7e2482f38ab9b8c8c03ef043925f72c9d8c5bd2fc1fca12303210075e9af1934d46102baf1aa78a987771bf993bd3ef334d3677955e9f5efa4edfc", + "public_key": "75e9af1934d46102baf1aa78a987771bf993bd3ef334d3677955e9f5efa4edfc" + }, + { + "secret_key": "3053020101300506032b657004220420bd9c7482a3c8c473449e4cf007c3685bce25402ac33d1e1ac12440a7fb7c4572a123032100560862d7143695202334fae706a93f6bdae04a2962d2cdeb0aeb246c2df511a8", + "public_key": "560862d7143695202334fae706a93f6bdae04a2962d2cdeb0aeb246c2df511a8" + }, + { + "secret_key": "3053020101300506032b657004220420d511613be615e4aeed1b1aa70e315f214c2f8d4dab62c8fe89eb184f19c0f61fa1230321000804814edbdd3d5fc3d1a60a59a81d23f26c2fc502f23943f315629b13714704", + "public_key": "0804814edbdd3d5fc3d1a60a59a81d23f26c2fc502f23943f315629b137147" + }, + { + "secret_key": "3053020101300506032b657004220420ecaf7af4fee9f4d16b87d358e42f5a7601986cdb30bd635ae90913e86625a318a1230321009ff9f98bb3ddb95ecdd2d4f0b87594b300706135d5755c1a901dfb9b29ec6773", + "public_key": "9ff9f98bb3ddb95ecdd2d4f0b87594b300706135d5755c1a901dfb9b29ec6773" + }, + { + "secret_key": "3053020101300506032b6570042204205da342cf2fed19d3f398dc07d0490825f57c1e8727258299b31813131cbf260ea123032100ab7fa23583e4949bf34418795ddd724118364ba86d3c70509e6ad819b8945507", + "public_key": "ab7fa23583e4949bf34418795ddd724118364ba86d3c70509e6ad819b8945507" + } + ] +} \ No newline at end of file diff --git a/.docker/conf/node_settings.toml b/.docker/conf/node_settings.toml new file mode 100644 index 00000000..ab415d32 --- /dev/null +++ b/.docker/conf/node_settings.toml @@ -0,0 +1,43 @@ +compute_db_mode = { Test = 0 } +storage_db_mode = { Test = 0 } +miner_db_mode = { Test = 0 } +user_db_mode = { Test = 1000 } +user_api_port = 3000 +storage_api_port = 3001 +compute_api_port = 3003 +miner_api_port = 3004 +compute_raft = 1 +storage_raft = 1 +compute_partition_full_size = 1 +compute_minimum_miner_pool_len = 1 +compute_mining_event_timeout = 30000 +jurisdiction = "US" +backup_block_modulo = 4 +peer_limit = 1000 +#backup_restore = true + +[compute_unicorn_fixed_param] +modulus = "6864797660130609714981900799081393217269435300143305409394463459185543183397656052122559640661454554977296311391480858037121987999716643812574028291115057151" +iterations = 2 +security = 1 + +[user_test_auto_gen_setup] +user_setup_tx_chunk_size = 5 +user_setup_tx_in_per_tx = 3 +user_setup_tx_max_count = 100000 + +#first node is leader +[[compute_nodes]] +address = "127.0.0.1:12300" + +[[storage_nodes]] +address = "127.0.0.1:12330" + +[[miner_nodes]] +address = "127.0.0.1:12340" + +[[user_nodes]] +address = "127.0.0.1:12360" + +[[user_nodes]] +address = "127.0.0.1:12361" \ No newline at end of file diff --git a/.docker/conf/tls_certificates.json b/.docker/conf/tls_certificates.json new file mode 100644 index 00000000..ec02c3ee --- /dev/null +++ b/.docker/conf/tls_certificates.json @@ -0,0 +1,11 @@ +{ + "file_comment": [ + "/// !!! AUTOGENERATED: DO NOT EDIT !!!", + "/// Generated with: src/bin/node_settings_gen_key_certs.sh" + ], + "tls_config": { + "pem_certificates": {}, + "pem_pkcs8_private_keys": {}, + "socket_name_mapping": {} + } +} From 9659068fda4e00bb998b16a35355673a05b7e8ed Mon Sep 17 00:00:00 2001 From: Barry Botha Date: Wed, 18 Oct 2023 13:00:28 +0300 Subject: [PATCH 04/10] initial docker build --- Dockerfile | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 00000000..55f7b326 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,36 @@ +FROM rust:1.68.2-slim-bullseye as build + +# Install build dependancies +RUN apt-get update && apt-get -y install git build-essential m4 llvm libclang-dev diffutils curl + +WORKDIR /a-block + +# Output artifact to workdir +ENV CARGO_TARGET_DIR=/a-block + +COPY ./ ./. + +# Build for release +RUN cargo build --release + +# Use distroless +FROM cgr.dev/chainguard/static:latest + +# Set these in the environment to override +ENV NODE_TYPE="compute" +ENV NODE_SETTINGS="--config=/etc/node_settings.toml" +ENV TLS_CERTIFICATES="--tls_config=/etc/tls_certificates.json" +ENV INITIAL_BLOCK_CONFIG="--initial_block_config=/etc/initial_block.json" +ENV API_CONFIG="--api_config=/etc/api_config.json" +ENV API_USE_TLS="--api_use_tls=0" +ENV RUST_LOG=info,debug + +# Copy node bin +COPY --from=build /a-block/release/node ./node + +# Default config for the node +COPY .docker/conf/* /etc/. + +ENTRYPOINT ["node"] +CMD [NODE_TYPE, NODE_SETTINGS, TLS_CERTIFICATES, INITIAL_BLOCK_CONFIG, API_CONFIG , API_USE_TLS] + From 5d52e00b6702b7430d84c716717d1654fa5cac64 Mon Sep 17 00:00:00 2001 From: Barry Botha Date: Wed, 18 Oct 2023 16:38:00 +0300 Subject: [PATCH 05/10] try cargo-chef to reduce build times --- Dockerfile | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/Dockerfile b/Dockerfile index 55f7b326..90422457 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,16 +1,19 @@ -FROM rust:1.68.2-slim-bullseye as build +FROM rust:1.70.0-slim-bullseye AS chef -# Install build dependancies RUN apt-get update && apt-get -y install git build-essential m4 llvm libclang-dev diffutils curl - +RUN cargo install cargo-chef WORKDIR /a-block - -# Output artifact to workdir ENV CARGO_TARGET_DIR=/a-block -COPY ./ ./. +FROM chef AS planner + +COPY . . +RUN cargo chef prepare --recipe-path recipe.json -# Build for release +FROM chef as builder +COPY --from=planner /a-block/recipe.json /a-block/recipe.json +RUN cargo chef cook --release --recipe-path /a-block/recipe.json +COPY . . RUN cargo build --release # Use distroless @@ -26,7 +29,7 @@ ENV API_USE_TLS="--api_use_tls=0" ENV RUST_LOG=info,debug # Copy node bin -COPY --from=build /a-block/release/node ./node +COPY --from=builder /a-block/release/node ./node # Default config for the node COPY .docker/conf/* /etc/. From d43806ede016161adb0f34f41b76f03599e0bf27 Mon Sep 17 00:00:00 2001 From: Barry Botha Date: Wed, 18 Oct 2023 18:08:26 +0300 Subject: [PATCH 06/10] fixed tag and some trivy requirements --- Dockerfile | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 90422457..29949126 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ FROM rust:1.70.0-slim-bullseye AS chef -RUN apt-get update && apt-get -y install git build-essential m4 llvm libclang-dev diffutils curl +RUN apt-get update && apt-get -y --no-install-recommends install git build-essential m4 llvm libclang-dev diffutils curl RUN cargo install cargo-chef WORKDIR /a-block ENV CARGO_TARGET_DIR=/a-block @@ -10,14 +10,16 @@ FROM chef AS planner COPY . . RUN cargo chef prepare --recipe-path recipe.json -FROM chef as builder +FROM chef AS builder COPY --from=planner /a-block/recipe.json /a-block/recipe.json RUN cargo chef cook --release --recipe-path /a-block/recipe.json COPY . . RUN cargo build --release # Use distroless -FROM cgr.dev/chainguard/static:latest +FROM cgr.dev/chainguard/static@sha256:ef5add7fd46cf1ce7d33d6de517833ac5c7e749db9b15249f9c472a772f3af27 + +USER nonroot # Set these in the environment to override ENV NODE_TYPE="compute" From a7a4bae66280610bbf335f295e32dbfe74006aae Mon Sep 17 00:00:00 2001 From: Barry Botha Date: Fri, 10 Nov 2023 10:37:07 +0200 Subject: [PATCH 07/10] keccak-prime as a cargo package --- Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index ca765628..004d4fa7 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -22,7 +22,7 @@ merkletree = "0.21.0" merkle-log = "0.0.3" moka = { version = "0.8.1", features = ["future"] } naom = { version = "1.3.0" } -keccak_prime = { git = "https://github.com/zenotta/keccak-prime" } +keccak_prime = { version = "0.1.0" } protobuf = "~2.0" raft = "0.5.0" rand = "0.7.3" From 67c40c9ac42cfbb465268107f991b104ccc29e91 Mon Sep 17 00:00:00 2001 From: Barry Botha Date: Mon, 20 Nov 2023 21:30:12 +0200 Subject: [PATCH 08/10] add ENV vars for config --- src/bin/node/compute.rs | 14 +++++++++++++- src/bin/node/miner.rs | 12 +++++++++--- src/bin/node/storage.rs | 8 ++++++-- src/bin/node/user.rs | 11 ++++++++--- src/db_utils.rs | 2 +- 5 files changed, 37 insertions(+), 10 deletions(-) diff --git a/src/bin/node/compute.rs b/src/bin/node/compute.rs index 3134303c..bb6242ff 100644 --- a/src/bin/node/compute.rs +++ b/src/bin/node/compute.rs @@ -125,40 +125,52 @@ pub fn clap_app<'a, 'b>() -> App<'a, 'b> { Arg::with_name("config") .long("config") .short("c") + .env("CONFIG") .help("Run the compute node using the given config file.") .takes_value(true), ) .arg( Arg::with_name("tls_config") .long("tls_config") + .env("TLS_CONFIG") .help("Use file to provide tls configuration options.") .takes_value(true), ) .arg( Arg::with_name("api_config") .long("api_config") + .env("API_CONFIG") .help("Use file to provide api configuration options.") .takes_value(true), ) .arg( Arg::with_name("api_port") .long("api_port") + .env("API_PORT") .help("The port to run the http API from") .takes_value(true), ) .arg( Arg::with_name("api_use_tls") .long("api_use_tls") - .env("ABLOCK_API_USE_TLS") + .env("API_USE_TLS") .help("Whether to use TLS for API: 0 to disable") .takes_value(true), ) .arg( Arg::with_name("initial_block_config") .long("initial_block_config") + .env("INITIAL_BLOCK_CONFIG") .help("Run the compute node using the given initial block config file.") .takes_value(true), ) + .arg( + Arg::with_name("compute_miner_whitelist") + .long("compute_miner_whitelist") + .env("COMPUTE_MINER_WHITELIST") + .help("Specify miner whitelist config for compute nodes.") + .takes_value(true), + ) .arg( Arg::with_name("index") .short("i") diff --git a/src/bin/node/miner.rs b/src/bin/node/miner.rs index c594b9fb..39eff6a0 100644 --- a/src/bin/node/miner.rs +++ b/src/bin/node/miner.rs @@ -226,43 +226,49 @@ pub fn clap_app<'a, 'b>() -> App<'a, 'b> { Arg::with_name("config") .long("config") .short("c") + .env("CONFIG") .help("Run the miner node using the given config file.") .takes_value(true), ) .arg( Arg::with_name("tls_config") .long("tls_config") + .env("TLS_CONFIG") .help("Use file to provide tls configuration options.") .takes_value(true), ) .arg( Arg::with_name("mining_api_key") .long("mining_api_key") + .env("MINING_API_KEY") .help("Use an API key to participate in mining.") .takes_value(true), ) .arg( Arg::with_name("initial_block_config") .long("initial_block_config") + .env("INITIAL_BLOCK_CONFIG") .help("Run the compute node using the given initial block config file.") .takes_value(true), ) .arg( Arg::with_name("api_config") .long("api_config") + .env("API_CONFIG") .help("Use file to provide api configuration options.") .takes_value(true), ) .arg( Arg::with_name("api_port") .long("api_port") + .env("API_PORT") .help("The port to run the http API from") .takes_value(true), ) .arg( Arg::with_name("api_use_tls") .long("api_use_tls") - .env("ABLOCK_API_USE_TLS") + .env("API_USE_TLS") .help("Whether to use TLS for API: 0 to disable") .takes_value(true), ) @@ -306,14 +312,14 @@ pub fn clap_app<'a, 'b>() -> App<'a, 'b> { .arg( Arg::with_name("tls_certificate_override") .long("tls_certificate_override") - .env("ABLOCK_TLS_CERTIFICATE") + .env("TLS_CERTIFICATE") .help("Use PEM certificate as a string to use for this node TLS certificate.") .takes_value(true), ) .arg( Arg::with_name("tls_private_key_override") .long("tls_private_key_override") - .env("ABLOCK_TLS_PRIVATE_KEY") + .env("TLS_PRIVATE_KEY") .help("Use PKCS8 private key as a string to use for this node TLS certificate.") .takes_value(true), ) diff --git a/src/bin/node/storage.rs b/src/bin/node/storage.rs index 234080df..77231a99 100644 --- a/src/bin/node/storage.rs +++ b/src/bin/node/storage.rs @@ -122,18 +122,21 @@ pub fn clap_app<'a, 'b>() -> App<'a, 'b> { Arg::with_name("config") .long("config") .short("c") + .env("CONFIG") .help("Run the storage node using the given config file.") .takes_value(true), ) .arg( Arg::with_name("tls_config") .long("tls_config") + .env("TLS_CONFIG") .help("Use file to provide tls configuration options.") .takes_value(true), ) .arg( Arg::with_name("api_config") .long("api_config") + .env("API_CONFIG") .help("Use file to provide api configuration options.") .takes_value(true), ) @@ -148,20 +151,21 @@ pub fn clap_app<'a, 'b>() -> App<'a, 'b> { Arg::with_name("api_port") .short("p") .long("api_port") + .env("API_PORT") .help("Run the API for the storage node as the specified port") .takes_value(true), ) .arg( Arg::with_name("api_use_tls") .long("api_use_tls") - .env("ABLOCK_API_USE_TLS") + .env("API_USE_TLS") .help("Whether to use TLS for API: 0 to disable") .takes_value(true), ) .arg( Arg::with_name("tls_private_key_override") .long("tls_private_key_override") - .env("ABLOCK_TLS_PRIVATE_KEY") + .env("TLS_PRIVATE_KEY") .help("Use PKCS8 private key as a string to use for this node TLS certificate.") .takes_value(true), ) diff --git a/src/bin/node/user.rs b/src/bin/node/user.rs index 6202ff61..eb87d4cd 100644 --- a/src/bin/node/user.rs +++ b/src/bin/node/user.rs @@ -102,37 +102,42 @@ pub fn clap_app<'a, 'b>() -> App<'a, 'b> { Arg::with_name("config") .long("config") .short("c") + .env("CONFIG") .help("Run the user node using the given config file.") .takes_value(true), ) .arg( Arg::with_name("tls_config") .long("tls_config") + .env("TLS_CONFIG") .help("Use file to provide tls configuration options.") .takes_value(true), ) .arg( Arg::with_name("initial_block_config") .long("initial_block_config") + .env("INITIAL_BLOCK_CONFIG") .help("Run the compute node using the given initial block config file.") .takes_value(true), ) .arg( Arg::with_name("api_config") .long("api_config") + .env("API_CONFIG") .help("Use file to provide api configuration options.") .takes_value(true), ) .arg( Arg::with_name("api_port") .long("api_port") + .env("API_PORT") .help("The port to run the http API from") .takes_value(true), ) .arg( Arg::with_name("api_use_tls") .long("api_use_tls") - .env("ABLOCK_API_USE_TLS") + .env("API_USE_TLS") .help("Whether to use TLS for API: 0 to disable") .takes_value(true), ) @@ -170,14 +175,14 @@ pub fn clap_app<'a, 'b>() -> App<'a, 'b> { .arg( Arg::with_name("tls_certificate_override") .long("tls_certificate_override") - .env("ABLOCK_TLS_CERTIFICATE") + .env("TLS_CERTIFICATE") .help("Use PEM certificate as a string to use for this node TLS certificate.") .takes_value(true), ) .arg( Arg::with_name("tls_private_key_override") .long("tls_private_key_override") - .env("ABLOCK_TLS_PRIVATE_KEY") + .env("TLS_PRIVATE_KEY") .help("Use PKCS8 private key as a string to use for this node TLS certificate.") .takes_value(true), ) diff --git a/src/db_utils.rs b/src/db_utils.rs index 6311b274..334b5028 100644 --- a/src/db_utils.rs +++ b/src/db_utils.rs @@ -577,7 +577,7 @@ fn check_old_includes_new<'a>( /// /// ### Arguments /// -/// * `db_moode` - Mode for the database. +/// * `db_mode` - Mode for the database. /// * `db_spec` - Database specification. /// * `old_db` - Old in memory Database to try to open. /// * `custom_db_spec` - Custom database specification. From a00d98873b72d626d54a39277b3d7c8588af7f7f Mon Sep 17 00:00:00 2001 From: Barry Botha Date: Mon, 20 Nov 2023 21:32:15 +0200 Subject: [PATCH 09/10] read config from ENV and set defaults --- Dockerfile | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/Dockerfile b/Dockerfile index 29949126..0b6a37cb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM rust:1.70.0-slim-bullseye AS chef +FROM rust:1.73.0-slim-bullseye AS chef RUN apt-get update && apt-get -y --no-install-recommends install git build-essential m4 llvm libclang-dev diffutils curl RUN cargo install cargo-chef @@ -17,17 +17,18 @@ COPY . . RUN cargo build --release # Use distroless -FROM cgr.dev/chainguard/static@sha256:ef5add7fd46cf1ce7d33d6de517833ac5c7e749db9b15249f9c472a772f3af27 +FROM cgr.dev/chainguard/glibc-dynamic:latest USER nonroot -# Set these in the environment to override +# Set these in the environment to override [use once we have env vars available] ENV NODE_TYPE="compute" -ENV NODE_SETTINGS="--config=/etc/node_settings.toml" -ENV TLS_CERTIFICATES="--tls_config=/etc/tls_certificates.json" -ENV INITIAL_BLOCK_CONFIG="--initial_block_config=/etc/initial_block.json" -ENV API_CONFIG="--api_config=/etc/api_config.json" -ENV API_USE_TLS="--api_use_tls=0" +ENV CONFIG="/etc/node_settings.toml" +ENV TLS_CONFIG="/etc/tls_certificates.json" +ENV INITIAL_BLOCK_CONFIG="/etc/initial_block.json" +ENV API_CONFIG="/etc/api_config.json" +ENV API_USE_TLS="0" +ENV COMPUTE_MINER_WHITELIST="/etc/compute_miner_whitelist.json" ENV RUST_LOG=info,debug # Copy node bin @@ -36,6 +37,6 @@ COPY --from=builder /a-block/release/node ./node # Default config for the node COPY .docker/conf/* /etc/. -ENTRYPOINT ["node"] -CMD [NODE_TYPE, NODE_SETTINGS, TLS_CERTIFICATES, INITIAL_BLOCK_CONFIG, API_CONFIG , API_USE_TLS] +ENTRYPOINT ["./node"] +CMD ["compute"] From 4a2473be8ec00248823507ac0147a12a291e15c1 Mon Sep 17 00:00:00 2001 From: Barry Botha Date: Mon, 20 Nov 2023 21:32:41 +0200 Subject: [PATCH 10/10] add miner whitelist config --- .docker/conf/compute_miner_whitelist.json | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 .docker/conf/compute_miner_whitelist.json diff --git a/.docker/conf/compute_miner_whitelist.json b/.docker/conf/compute_miner_whitelist.json new file mode 100644 index 00000000..ce63f028 --- /dev/null +++ b/.docker/conf/compute_miner_whitelist.json @@ -0,0 +1,7 @@ +{ + "compute_miner_whitelist" : { + "active": false, + "miner_api_keys": null, + "miner_addresses": null + } + } \ No newline at end of file