From e49b468457d19529366793c85b14e370763bc248 Mon Sep 17 00:00:00 2001 From: Sebastian Becker Date: Tue, 11 Mar 2025 09:39:10 +0100 Subject: [PATCH 1/2] fix(chart): fix support for more than 2 parties Signed-off-by: Sebastian Becker --- amphora-service/charts/amphora/README.md | 18 ++++++++-------- .../charts/amphora/templates/deployment.yaml | 2 +- amphora-service/charts/amphora/values.yaml | 2 +- .../service/AmphoraServiceSystemTest.java | 21 ++++++++++++++----- .../resources/application-test.properties | 4 ++-- 5 files changed, 29 insertions(+), 18 deletions(-) diff --git a/amphora-service/charts/amphora/README.md b/amphora-service/charts/amphora/README.md index 491fe87..e24ad4d 100644 --- a/amphora-service/charts/amphora/README.md +++ b/amphora-service/charts/amphora/README.md @@ -71,7 +71,7 @@ documentation for the | ------------------------------------------- | ----------------------------------------------------------------------------------------- | --------------------------------------------- | | `amphora.port ` | Port the Amphora service is bound to | `10000` | | `amphora.playerId` | ID identifying the service in the Carbyne Stack virtual cloud | `0` | -| `amphora.vcPartner` | Defines the URI of the partner Amphora service in the virtual cloud | \`\` | +| `amphora.vcPartners` | A list of of the URLs for all partner Amphora services in the virtual cloud | `[]` | | `amphora.openingTimeout` | Number of seconds to wait for all partners to open their multiplication input | `5000` | | `amphora.noSslValidation` | Defines whether SSL verification should be disabled for inter VC communication | `false` | | `amphora.trustedCertificates` | Path to certificates that should be used to verify SSL connections | \`\` | @@ -80,8 +80,8 @@ documentation for the | `amphora.image.tag` | Amphora Image tag | `latest` | | `amphora.image.pullPolicy` | Amphora Image pull policy | `Never` | | `amphora.springActiveProfiles` | Defines the Amphora's Spring profiles to be loaded | `k8s` | -| \`amphora.macKey | Defines the MacKey used for secret sharing | \`\` | -| \`amphora.castor.serviceUri | Defines the URI for Castor service | `castor.default.svc.cluster.local` | +| `amphora.macKey` | Defines the MacKey used for secret sharing | \`\` | +| `amphora.castor.serviceUri` | Defines the URI for Castor service | `castor.default.svc.cluster.local` | | `amphora.redis.host` | The host address to the redis key/value store | `redis.default.svc.cluster.local` | | `amphora.redis.port` | The port of the redis key/value store | `6379` | | `amphora.minio.endpoint` | The minio secret store endpoint | `http://minio.default.svc.cluster.local:9000` | @@ -89,12 +89,12 @@ documentation for the | `amphora.db.port` | The postgres database port | `5432` | | `amphora.db.userSecretName` | Name of an existing secret to be used for the database username | \`\` | | `amphora.db.passwordSecretName` | Name of an existing secret to be used for the database password | \`\` | -| \`amphora.probes.liveness.initialDelay | Number of seconds after the container has started before the liveness probe is initiated | `60` | -| \`amphora.probes.liveness.period | How often (in seconds) to perform the liveness probe | `10` | -| \`amphora.probes.liveness.failureThreshold | How often to fail the liveness probe before finally be marked as unsuccessful | `3` | -| \`amphora.probes.readiness.initialDelay | Number of seconds after the container has started before the readiness probe is initiated | `0` | -| \`amphora.probes.readiness.period | How often (in seconds) to perform the readiness probe | `5` | -| \`amphora.probes.readiness.failureThreshold | How often to fail the readiness probe before finally be marked as unsuccessful | `3` | +| `amphora.probes.liveness.initialDelay` | Number of seconds after the container has started before the liveness probe is initiated | `60` | +| `amphora.probes.liveness.period` | How often (in seconds) to perform the liveness probe | `10` | +| `amphora.probes.liveness.failureThreshold` | How often to fail the liveness probe before finally be marked as unsuccessful | `3` | +| `amphora.probes.readiness.initialDelay` | Number of seconds after the container has started before the readiness probe is initiated | `0` | +| `amphora.probes.readiness.period` | How often (in seconds) to perform the readiness probe | `5` | +| `amphora.probes.readiness.failureThreshold` | How often to fail the readiness probe before finally be marked as unsuccessful | `3` | Specify each parameter using the `--set key=value[,key=value]` argument to `helm install`. For example, diff --git a/amphora-service/charts/amphora/templates/deployment.yaml b/amphora-service/charts/amphora/templates/deployment.yaml index 7600c96..1675758 100644 --- a/amphora-service/charts/amphora/templates/deployment.yaml +++ b/amphora-service/charts/amphora/templates/deployment.yaml @@ -31,7 +31,7 @@ spec: imagePullPolicy: {{ .Values.amphora.image.pullPolicy }} env: - name: AMPHORA_VC_PARTNERS - value: {{ .Values.amphora.vcPartner }} + value: {{ join "," .Values.amphora.vcPartners | quote }} - name: AMPHORA_OPENING_TIMEOUT value: "{{ .Values.amphora.openingTimeout }}" - name: PLAYER_ID diff --git a/amphora-service/charts/amphora/values.yaml b/amphora-service/charts/amphora/values.yaml index 914e792..382fc92 100644 --- a/amphora-service/charts/amphora/values.yaml +++ b/amphora-service/charts/amphora/values.yaml @@ -30,7 +30,7 @@ affinity: {} amphora: playerId: 0 - vcPartner: + vcPartners: [] openingTimeout: 5000 noSslValidation: "false" trustedCertificates: diff --git a/amphora-service/src/test/java/io/carbynestack/amphora/service/AmphoraServiceSystemTest.java b/amphora-service/src/test/java/io/carbynestack/amphora/service/AmphoraServiceSystemTest.java index 14c83ee..789cf5b 100644 --- a/amphora-service/src/test/java/io/carbynestack/amphora/service/AmphoraServiceSystemTest.java +++ b/amphora-service/src/test/java/io/carbynestack/amphora/service/AmphoraServiceSystemTest.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023-2024 - for information on the respective copyright owner + * Copyright (c) 2023-2025 - for information on the respective copyright owner * see the NOTICE file and/or the repository https://github.com/carbynestack/amphora. * * SPDX-License-Identifier: Apache-2.0 @@ -18,10 +18,8 @@ import static org.springframework.test.util.AssertionErrors.assertEquals; import static org.springframework.test.util.AssertionErrors.assertTrue; -import io.carbynestack.amphora.common.Metadata; -import io.carbynestack.amphora.common.MetadataPage; -import io.carbynestack.amphora.common.SecretShare; -import io.carbynestack.amphora.common.Tag; +import io.carbynestack.amphora.common.*; +import io.carbynestack.amphora.service.config.AmphoraServiceProperties; import io.carbynestack.amphora.service.exceptions.UnauthorizedException; import io.carbynestack.amphora.service.opa.OpaClient; import io.carbynestack.amphora.service.testconfig.PersistenceTestEnvironment; @@ -31,11 +29,13 @@ import io.carbynestack.amphora.service.util.MetadataMatchers; import io.carbynestack.mpspdz.integration.MpSpdzIntegrationUtils; import java.net.URI; +import java.util.Arrays; import java.util.Collections; import java.util.UUID; import lombok.SneakyThrows; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.RandomUtils; +import org.hamcrest.Matchers; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; @@ -83,6 +83,7 @@ public class AmphoraServiceSystemTest { @MockBean private OpaClient opaClientMock; @Autowired private TestRestTemplate restTemplate; + @Autowired private AmphoraServiceProperties amphoraServiceProperties; @Autowired private PersistenceTestEnvironment testEnvironment; private final SecretShare testSecretShare1 = @@ -134,6 +135,16 @@ public void setUp() throws UnauthorizedException { when(opaClientMock.isAllowed(any(), any(), eq(authorizedUserId), any())).thenReturn(true); } + @Test + void givenMultipleVCPartnersDefined_whenInitialized_thenHoldExpectedConfiguration() { + assertThat( + amphoraServiceProperties.getVcPartners(), + Matchers.equalTo( + Arrays.asList( + new AmphoraServiceUri("http://amphora2.carbynestack.io"), + new AmphoraServiceUri("http://amphora3.carbynestack.io")))); + } + @Test void givenSuccessfulRequest_whenPostSecretShares_thenReturnExpectedContent() { String expectedPath = diff --git a/amphora-service/src/test/resources/application-test.properties b/amphora-service/src/test/resources/application-test.properties index 5531c64..b6c2112 100644 --- a/amphora-service/src/test/resources/application-test.properties +++ b/amphora-service/src/test/resources/application-test.properties @@ -1,5 +1,5 @@ # -# Copyright (c) 2023-2024 - for information on the respective copyright owner +# Copyright (c) 2023-2025 - for information on the respective copyright owner # see the NOTICE file and/or the repository https://github.com/carbynestack/amphora. # # SPDX-License-Identifier: Apache-2.0 @@ -24,7 +24,7 @@ logging.level.org.springframework=INFO carbynestack.auth.user-id-field-name=sub carbynestack.opa.default-policy-package=default carbynestack.opa.endpoint=http://opa.carbynestack.io -carbynestack.amphora.vcPartners=http://amphora2.carbynestack.io +carbynestack.amphora.vcPartners=http://amphora2.carbynestack.io,http://amphora3.carbynestack.io carbynestack.amphora.minio.endpoint=${MINIO_ENDPOINT} carbynestack.amphora.minio.bucket=minio-amphora-test-bucket carbynestack.amphora.minio.access-key=${MINIO_ACCESS_KEY} From 01a03a3b5bb895179402d566bc64a1dd85680022 Mon Sep 17 00:00:00 2001 From: Sebastian Becker Date: Tue, 18 Mar 2025 06:29:57 +0100 Subject: [PATCH 2/2] chore: address PR review findings Signed-off-by: Sebastian Becker --- .../carbynestack/amphora/service/AmphoraServiceSystemTest.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/amphora-service/src/test/java/io/carbynestack/amphora/service/AmphoraServiceSystemTest.java b/amphora-service/src/test/java/io/carbynestack/amphora/service/AmphoraServiceSystemTest.java index 789cf5b..d933a32 100644 --- a/amphora-service/src/test/java/io/carbynestack/amphora/service/AmphoraServiceSystemTest.java +++ b/amphora-service/src/test/java/io/carbynestack/amphora/service/AmphoraServiceSystemTest.java @@ -29,7 +29,6 @@ import io.carbynestack.amphora.service.util.MetadataMatchers; import io.carbynestack.mpspdz.integration.MpSpdzIntegrationUtils; import java.net.URI; -import java.util.Arrays; import java.util.Collections; import java.util.UUID; import lombok.SneakyThrows; @@ -140,7 +139,7 @@ void givenMultipleVCPartnersDefined_whenInitialized_thenHoldExpectedConfiguratio assertThat( amphoraServiceProperties.getVcPartners(), Matchers.equalTo( - Arrays.asList( + asList( new AmphoraServiceUri("http://amphora2.carbynestack.io"), new AmphoraServiceUri("http://amphora3.carbynestack.io")))); }