From feae2cd8bf52c3dd6327d72b0f6d1ff955642bee Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 05:42:06 -0500 Subject: [PATCH 01/46] Delete all Dockerfile fragments, add new orchestator to generate Dockerfiles Enables greater templating. Also delete the unmaintained kubernetes folder *for now*. This should be restored in the future. --- .gitignore | 3 +- Cargo.lock | 4 + Cargo.toml | 14 +- orchestration/Cargo.toml | 18 ++ .../Dockerfile.parts/Dockerfile.alpine.start | 6 - .../Dockerfile.parts/Dockerfile.debian.start | 6 - .../Dockerfile.parts/Dockerfile.serai.build | 39 ---- .../mimalloc/Dockerfile.alpine | 11 - .../mimalloc/Dockerfile.debian | 11 - orchestration/README.md | 69 +----- .../coins/bitcoin/Dockerfile.bitcoin.end | 10 - .../Dockerfile.monero-wallet-rpc.end | 10 - .../coins/monero/Dockerfile.monero.end | 13 -- .../coordinator/Dockerfile.coordinator | 2 - .../coordinator/Dockerfile.coordinator.end | 15 -- .../coordinator/scripts/entry-dev.sh | 9 - orchestration/docker-compose.yml | 221 ------------------ orchestration/dockerfiles.sh | 70 ------ orchestration/kubernetes/Makefile | 103 -------- orchestration/kubernetes/README.md | 41 ---- .../kubernetes/charts/bitcoin/Chart.yaml | 5 - .../charts/bitcoin/templates/_helpers.tpl | 42 ---- .../charts/bitcoin/templates/configmap.yaml | 7 - .../charts/bitcoin/templates/deployment.yaml | 88 ------- .../charts/bitcoin/templates/ingress.yaml | 50 ---- .../charts/bitcoin/templates/service.yaml | 24 -- .../kubernetes/charts/bitcoin/values.yaml | 74 ------ .../kubernetes/charts/ethereum/Chart.yaml | 5 - .../charts/ethereum/templates/_helpers.tpl | 42 ---- .../charts/ethereum/templates/configmap.yaml | 7 - .../charts/ethereum/templates/deployment.yaml | 89 ------- .../charts/ethereum/templates/ingress.yaml | 50 ---- .../charts/ethereum/templates/service.yaml | 24 -- .../kubernetes/charts/ethereum/values.yaml | 60 ----- .../kubernetes/charts/monero/Chart.yaml | 5 - .../charts/monero/templates/_helpers.tpl | 42 ---- .../charts/monero/templates/configmap.yaml | 7 - .../charts/monero/templates/deployment.yaml | 88 ------- .../charts/monero/templates/ingress.yaml | 50 ---- .../charts/monero/templates/service.yaml | 24 -- .../kubernetes/charts/monero/values.yaml | 72 ------ .../kubernetes/charts/serai/Chart.yaml | 5 - .../charts/serai/templates/_helpers.tpl | 42 ---- .../charts/serai/templates/configmap.yaml | 7 - .../charts/serai/templates/deployment.yaml | 88 ------- .../charts/serai/templates/ingress.yaml | 50 ---- .../charts/serai/templates/service.yaml | 24 -- .../kubernetes/charts/serai/values.yaml | 92 -------- .../message-queue/Dockerfile.message-queue | 2 - .../Dockerfile.message-queue.end | 13 -- .../message-queue/scripts/entry-dev.sh | 10 - .../processor/Dockerfile.processor.end | 15 -- .../bitcoin/Dockerfile.processor.bitcoin | 2 - .../monero/Dockerfile.processor.monero | 2 - orchestration/processor/scripts/entry-dev.sh | 13 -- orchestration/serai/Dockerfile.serai | 2 - orchestration/serai/Dockerfile.serai.end | 13 -- .../coins/bitcoin.rs} | 28 +++ orchestration/src/coins/ethereum.rs | 6 + orchestration/src/coins/mod.rs | 8 + .../Dockerfile.monero => src/coins/monero.rs} | 36 +++ orchestration/src/coordinator.rs | 31 +++ orchestration/src/main.rs | 142 +++++++++++ orchestration/src/message_queue.rs | 28 +++ orchestration/src/mimalloc.rs | 37 +++ orchestration/src/processor.rs | 32 +++ orchestration/src/serai.rs | 26 +++ 67 files changed, 414 insertions(+), 1870 deletions(-) create mode 100644 orchestration/Cargo.toml delete mode 100644 orchestration/Dockerfile.parts/Dockerfile.alpine.start delete mode 100644 orchestration/Dockerfile.parts/Dockerfile.debian.start delete mode 100644 orchestration/Dockerfile.parts/Dockerfile.serai.build delete mode 100644 orchestration/Dockerfile.parts/mimalloc/Dockerfile.alpine delete mode 100644 orchestration/Dockerfile.parts/mimalloc/Dockerfile.debian delete mode 100644 orchestration/coins/bitcoin/Dockerfile.bitcoin.end delete mode 100644 orchestration/coins/monero-wallet-rpc/Dockerfile.monero-wallet-rpc.end delete mode 100644 orchestration/coins/monero/Dockerfile.monero.end delete mode 100644 orchestration/coordinator/Dockerfile.coordinator delete mode 100644 orchestration/coordinator/Dockerfile.coordinator.end delete mode 100644 orchestration/coordinator/scripts/entry-dev.sh delete mode 100644 orchestration/docker-compose.yml delete mode 100755 orchestration/dockerfiles.sh delete mode 100644 orchestration/kubernetes/Makefile delete mode 100644 orchestration/kubernetes/README.md delete mode 100644 orchestration/kubernetes/charts/bitcoin/Chart.yaml delete mode 100644 orchestration/kubernetes/charts/bitcoin/templates/_helpers.tpl delete mode 100644 orchestration/kubernetes/charts/bitcoin/templates/configmap.yaml delete mode 100644 orchestration/kubernetes/charts/bitcoin/templates/deployment.yaml delete mode 100644 orchestration/kubernetes/charts/bitcoin/templates/ingress.yaml delete mode 100644 orchestration/kubernetes/charts/bitcoin/templates/service.yaml delete mode 100644 orchestration/kubernetes/charts/bitcoin/values.yaml delete mode 100644 orchestration/kubernetes/charts/ethereum/Chart.yaml delete mode 100644 orchestration/kubernetes/charts/ethereum/templates/_helpers.tpl delete mode 100644 orchestration/kubernetes/charts/ethereum/templates/configmap.yaml delete mode 100644 orchestration/kubernetes/charts/ethereum/templates/deployment.yaml delete mode 100644 orchestration/kubernetes/charts/ethereum/templates/ingress.yaml delete mode 100644 orchestration/kubernetes/charts/ethereum/templates/service.yaml delete mode 100644 orchestration/kubernetes/charts/ethereum/values.yaml delete mode 100644 orchestration/kubernetes/charts/monero/Chart.yaml delete mode 100644 orchestration/kubernetes/charts/monero/templates/_helpers.tpl delete mode 100644 orchestration/kubernetes/charts/monero/templates/configmap.yaml delete mode 100644 orchestration/kubernetes/charts/monero/templates/deployment.yaml delete mode 100644 orchestration/kubernetes/charts/monero/templates/ingress.yaml delete mode 100644 orchestration/kubernetes/charts/monero/templates/service.yaml delete mode 100644 orchestration/kubernetes/charts/monero/values.yaml delete mode 100644 orchestration/kubernetes/charts/serai/Chart.yaml delete mode 100644 orchestration/kubernetes/charts/serai/templates/_helpers.tpl delete mode 100644 orchestration/kubernetes/charts/serai/templates/configmap.yaml delete mode 100644 orchestration/kubernetes/charts/serai/templates/deployment.yaml delete mode 100644 orchestration/kubernetes/charts/serai/templates/ingress.yaml delete mode 100644 orchestration/kubernetes/charts/serai/templates/service.yaml delete mode 100644 orchestration/kubernetes/charts/serai/values.yaml delete mode 100644 orchestration/message-queue/Dockerfile.message-queue delete mode 100644 orchestration/message-queue/Dockerfile.message-queue.end delete mode 100755 orchestration/message-queue/scripts/entry-dev.sh delete mode 100644 orchestration/processor/Dockerfile.processor.end delete mode 100644 orchestration/processor/bitcoin/Dockerfile.processor.bitcoin delete mode 100644 orchestration/processor/monero/Dockerfile.processor.monero delete mode 100755 orchestration/processor/scripts/entry-dev.sh delete mode 100644 orchestration/serai/Dockerfile.serai delete mode 100644 orchestration/serai/Dockerfile.serai.end rename orchestration/{coins/bitcoin/Dockerfile.bitcoin => src/coins/bitcoin.rs} (58%) create mode 100644 orchestration/src/coins/ethereum.rs create mode 100644 orchestration/src/coins/mod.rs rename orchestration/{coins/monero/Dockerfile.monero => src/coins/monero.rs} (52%) create mode 100644 orchestration/src/coordinator.rs create mode 100644 orchestration/src/main.rs create mode 100644 orchestration/src/message_queue.rs create mode 100644 orchestration/src/mimalloc.rs create mode 100644 orchestration/src/processor.rs create mode 100644 orchestration/src/serai.rs diff --git a/.gitignore b/.gitignore index c4220b672..3d5bcaa2c 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ target -.vscode .test-logs + +.vscode diff --git a/Cargo.lock b/Cargo.lock index 11791cf14..152ed22de 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -7660,6 +7660,10 @@ dependencies = [ "tokio", ] +[[package]] +name = "serai-orchestrator" +version = "0.0.1" + [[package]] name = "serai-primitives" version = "0.1.0" diff --git a/Cargo.toml b/Cargo.toml index cfdf13ebd..6304b28db 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,12 @@ [workspace] resolver = "2" members = [ + "patches/is-terminal", + "patches/matches", + "patches/option-ext", + "patches/directories-next", + "patches/proc-macro-crate", + "common/std-shims", "common/zalloc", "common/db", @@ -57,6 +63,8 @@ members = [ "substrate/client", + "orchestration", + "mini", "tests/no-std", @@ -67,12 +75,6 @@ members = [ "tests/coordinator", "tests/full-stack", "tests/reproducible-runtime", - - "patches/is-terminal", - "patches/matches", - "patches/option-ext", - "patches/directories-next", - "patches/proc-macro-crate", ] # Always compile Monero (and a variety of dependencies) with optimizations due diff --git a/orchestration/Cargo.toml b/orchestration/Cargo.toml new file mode 100644 index 000000000..9588be262 --- /dev/null +++ b/orchestration/Cargo.toml @@ -0,0 +1,18 @@ +[package] +name = "serai-orchestrator" +version = "0.0.1" +description = "Generates Dockerfiles for Serai" +license = "AGPL-3.0-only" +repository = "https://github.com/serai-dex/serai/tree/develop/orchestration/" +authors = ["Luke Parker "] +keywords = [] +edition = "2021" + +[package.metadata.docs.rs] +all-features = true +rustdoc-args = ["--cfg", "docsrs"] + +[lints] +workspace = true + +[dependencies] diff --git a/orchestration/Dockerfile.parts/Dockerfile.alpine.start b/orchestration/Dockerfile.parts/Dockerfile.alpine.start deleted file mode 100644 index 0a51fc6a3..000000000 --- a/orchestration/Dockerfile.parts/Dockerfile.alpine.start +++ /dev/null @@ -1,6 +0,0 @@ -FROM alpine:latest as image - -COPY --from=mimalloc libmimalloc.so /usr/lib -ENV LD_PRELOAD=libmimalloc.so - -RUN apk update && apk upgrade diff --git a/orchestration/Dockerfile.parts/Dockerfile.debian.start b/orchestration/Dockerfile.parts/Dockerfile.debian.start deleted file mode 100644 index c22664686..000000000 --- a/orchestration/Dockerfile.parts/Dockerfile.debian.start +++ /dev/null @@ -1,6 +0,0 @@ -FROM debian:bookworm-slim as image - -COPY --from=mimalloc libmimalloc.so /usr/lib -RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload - -RUN apt update && apt upgrade -y && apt autoremove -y && apt clean diff --git a/orchestration/Dockerfile.parts/Dockerfile.serai.build b/orchestration/Dockerfile.parts/Dockerfile.serai.build deleted file mode 100644 index 8bc5a498d..000000000 --- a/orchestration/Dockerfile.parts/Dockerfile.serai.build +++ /dev/null @@ -1,39 +0,0 @@ -FROM rust:1.75-slim-bookworm as builder - -COPY --from=mimalloc libmimalloc.so /usr/lib -RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload - -RUN apt update && apt upgrade -y && apt autoremove -y && apt clean - -# Add dev dependencies -RUN apt install -y pkg-config clang - -# Dependencies for the Serai node -RUN apt install -y make protobuf-compiler - -# Add the wasm toolchain -RUN rustup target add wasm32-unknown-unknown - -# Add files for build -ADD common /serai/common -ADD crypto /serai/crypto -ADD coins /serai/coins -ADD message-queue /serai/message-queue -ADD processor /serai/processor -ADD coordinator /serai/coordinator -ADD substrate /serai/substrate -ADD mini /serai/mini -ADD tests /serai/tests -ADD patches /serai/patches -ADD Cargo.toml /serai -ADD Cargo.lock /serai -ADD AGPL-3.0 /serai - -WORKDIR /serai - -# Mount the caches and build -RUN --mount=type=cache,target=/root/.cargo \ - --mount=type=cache,target=/usr/local/cargo/registry \ - --mount=type=cache,target=/usr/local/cargo/git \ - --mount=type=cache,target=/serai/target \ - mkdir /serai/bin && \ diff --git a/orchestration/Dockerfile.parts/mimalloc/Dockerfile.alpine b/orchestration/Dockerfile.parts/mimalloc/Dockerfile.alpine deleted file mode 100644 index 913284352..000000000 --- a/orchestration/Dockerfile.parts/mimalloc/Dockerfile.alpine +++ /dev/null @@ -1,11 +0,0 @@ -FROM alpine:latest as mimalloc - -RUN apk update && apk upgrade && apk --no-cache add gcc g++ libc-dev make cmake git -RUN git clone https://github.com/microsoft/mimalloc && \ - cd mimalloc && \ - git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \ - mkdir -p out/secure && \ - cd out/secure && \ - cmake -DMI_SECURE=ON ../.. && \ - make && \ - cp ./libmimalloc-secure.so ../../../libmimalloc.so diff --git a/orchestration/Dockerfile.parts/mimalloc/Dockerfile.debian b/orchestration/Dockerfile.parts/mimalloc/Dockerfile.debian deleted file mode 100644 index def8ad82d..000000000 --- a/orchestration/Dockerfile.parts/mimalloc/Dockerfile.debian +++ /dev/null @@ -1,11 +0,0 @@ -FROM debian:bookworm-slim as mimalloc - -RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git -RUN git clone https://github.com/microsoft/mimalloc && \ - cd mimalloc && \ - git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \ - mkdir -p out/secure && \ - cd out/secure && \ - cmake -DMI_SECURE=ON ../.. && \ - make && \ - cp ./libmimalloc-secure.so ../../../libmimalloc.so diff --git a/orchestration/README.md b/orchestration/README.md index fb307a2e9..b502da10b 100644 --- a/orchestration/README.md +++ b/orchestration/README.md @@ -1,65 +1,12 @@ -# Deploy +# Orchestration -## Run with Docker Compose +This folder contains the tool which generates various dockerfiles and manage +deployments of Serai. -Running the Serai infrastructure is easy with Docker. +To start, run: -We utilize compose profiles to easily orchestrate various pieces of the -infrastructure. +```sh +cargo run -p serai-orchestrator +``` -**Example:** `docker compose --profile cluster-coins-sm up` - -All commands are assumed to be ran from `/deploy`, not the root folder. - -### Profiles: - -* `bitcoin` - Bitcoin node -* `monero` - Monero node -* `ethereum` - Ethereum node -* `coins` - Nodes for all external networks (BTC, ETH, XMR) - -* `message-queue` - The message queue service. -* `processor` - Serai processor for one external network. -* `coordinator` - Serai coordinator for the entire Serai stack. - -* `serai` - Serai node -* `cluster-sm` - "Alice", "Bob", "Charlie", and "Dave" Serai nodes, all as - validators (enough to achieve BFT with one faulty node) -* `cluster-lg` - `cluster-sm` with non-validators "Eve" and "Ferdie" - -You can supply one or more profiles to the docker compose command to orchestrate -the desired components. - -**Example:** `docker compose --profile coins --profile serai up` - -## Orchestration Approach - -### Builds - -The Serai infrastructure is locally compiled. This may take several minutes. - -Images for external networks download binaries, before verifying their checksums -and signatures. - -**Stage 1 -- Builder** -* Configure environment. -* Get the binary. -* Verify binary using GPG. -* Decompress binary to prepare image. - -**Stage 2 -- Image** -* Copy needed files from builder. -* Move executables to bin folder. -* Copy scripts folder. -* Expose necessary ports. -* Map necessary volumes. - -### Entrypoint - -The Serai node and external networks' nodes are each started from an entrypoint -script inside the `/scripts `folder. - -To update the scripts on the image you must rebuild the updated images using the -`--build` flag after `up` in `docker compose`. - -**Example:** `docker compose --profile bitcoin up --build` +to generate all of the dockerfiles needed for development. diff --git a/orchestration/coins/bitcoin/Dockerfile.bitcoin.end b/orchestration/coins/bitcoin/Dockerfile.bitcoin.end deleted file mode 100644 index 8c6a77fc0..000000000 --- a/orchestration/coins/bitcoin/Dockerfile.bitcoin.end +++ /dev/null @@ -1,10 +0,0 @@ -# Switch to a non-root user -RUN useradd --system --create-home --shell /sbin/nologin bitcoin -USER bitcoin -WORKDIR /home/bitcoin - -COPY --from=bitcoin --chown=bitcoin bitcoind /bin -COPY ./scripts /scripts - -EXPOSE 8332 8333 18332 18333 18443 18444 -# VOLUME ["/home/bitcoin/.bitcoin"] diff --git a/orchestration/coins/monero-wallet-rpc/Dockerfile.monero-wallet-rpc.end b/orchestration/coins/monero-wallet-rpc/Dockerfile.monero-wallet-rpc.end deleted file mode 100644 index bf143fb67..000000000 --- a/orchestration/coins/monero-wallet-rpc/Dockerfile.monero-wallet-rpc.end +++ /dev/null @@ -1,10 +0,0 @@ -# Switch to a non-root user -# System user (not a human), shell of nologin, no password assigned -RUN useradd --system --create-home --shell /sbin/nologin monero -USER monero - -WORKDIR /home/monero -COPY --from=monero --chown=monero monero-wallet-rpc /bin -ADD scripts /scripts - -EXPOSE 6061 diff --git a/orchestration/coins/monero/Dockerfile.monero.end b/orchestration/coins/monero/Dockerfile.monero.end deleted file mode 100644 index 2101dbe06..000000000 --- a/orchestration/coins/monero/Dockerfile.monero.end +++ /dev/null @@ -1,13 +0,0 @@ -RUN apk --no-cache add gcompat - -# Switch to a non-root user -# System user (not a human), shell of nologin, no password assigned -RUN adduser -S -s /sbin/nologin -D monero -USER monero - -WORKDIR /home/monero -COPY --from=monero --chown=monero monerod /bin -ADD scripts /scripts - -EXPOSE 18080 18081 -# VOLUME /home/monero/.bitmonero diff --git a/orchestration/coordinator/Dockerfile.coordinator b/orchestration/coordinator/Dockerfile.coordinator deleted file mode 100644 index 8c1f6a22e..000000000 --- a/orchestration/coordinator/Dockerfile.coordinator +++ /dev/null @@ -1,2 +0,0 @@ - cargo build -p serai-coordinator --features "parity-db longer-reattempts" && \ - mv /serai/target/debug/serai-coordinator /serai/bin diff --git a/orchestration/coordinator/Dockerfile.coordinator.end b/orchestration/coordinator/Dockerfile.coordinator.end deleted file mode 100644 index 9c8bcd3dc..000000000 --- a/orchestration/coordinator/Dockerfile.coordinator.end +++ /dev/null @@ -1,15 +0,0 @@ -# Install ca-certificates -RUN apt install -y ca-certificates - -# Switch to a non-root user -RUN useradd --system --create-home --shell /sbin/nologin coordinator -USER coordinator - -WORKDIR /home/coordinator - -# Copy the Coordinator binary and relevant license -COPY --from=builder --chown=processor /serai/bin/serai-coordinator /bin/ -COPY --from=builder --chown=processor /serai/AGPL-3.0 . - -# Run coordinator -CMD ["serai-coordinator"] diff --git a/orchestration/coordinator/scripts/entry-dev.sh b/orchestration/coordinator/scripts/entry-dev.sh deleted file mode 100644 index 187bf7983..000000000 --- a/orchestration/coordinator/scripts/entry-dev.sh +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash - -export MESSAGE_QUEUE_KEY="0000000000000000000000000000000000000000000000000000000000000000" -export MESSAGE_QUEUE_RPC="http://127.0.0.1:2287" - -export DB_PATH="./coordinator-db" -export SERAI_HOSTNAME="127.0.0.1" - -serai-coordinator diff --git a/orchestration/docker-compose.yml b/orchestration/docker-compose.yml deleted file mode 100644 index ae8637bb9..000000000 --- a/orchestration/docker-compose.yml +++ /dev/null @@ -1,221 +0,0 @@ -version: "3.9" -name: serai-dev - -volumes: - serai: - serai-alice: - serai-bob: - serai-charlie: - serai-dave: - serai-eve: - serai-ferdie: - -services: - # Coin services - - bitcoin: - profiles: - - bitcoin - - coins - build: - context: ./coins/bitcoin/ - restart: unless-stopped - volumes: - - "./coins/bitcoin/scripts:/scripts" - entrypoint: /scripts/entry-dev.sh - # TODO: Use expose, not ports - ports: - - "18443:18443" - - ethereum: - profiles: - - ethereum - - coins - build: - context: ./coins/ethereum/ - restart: unless-stopped - volumes: - - "./coins/ethereum/scripts:/scripts" - entrypoint: /scripts/entry-dev.sh - - monero: - profiles: - - monero - - coins - build: - context: ./coins/monero/ - restart: unless-stopped - volumes: - - "./coins/monero/scripts:/scripts" - entrypoint: /scripts/entry-dev.sh - # TODO: Use expose, not ports - ports: - - "18081:18081" - - monero-wallet-rpc: - profiles: - - monero - - coins - build: - context: ./coins/monero-wallet-rpc/ - restart: unless-stopped - volumes: - - "./coins/monero-wallet-rpc/scripts:/scripts" - entrypoint: /scripts/entry-dev.sh - # TODO: Use expose, not ports - ports: - - "6061:6061" - - # Infrastructure - - message-queue: - profiles: - - message-queue - build: - context: ../ - dockerfile: ./orchestration/message-queue/Dockerfile - restart: unless-stopped - volumes: - - "./message-queue/scripts:/scripts" - entrypoint: /scripts/entry-dev.sh - expose: - - "2287" - - bitcoin-processor: - profiles: - - bitcoin-processor - build: - context: ../ - dockerfile: ./orchestration/processor/bitcoin/Dockerfile - restart: unless-stopped - volumes: - - "./processor/scripts:/scripts" - entrypoint: /scripts/entry-dev.sh - - monero-processor: - profiles: - - monero-processor - build: - context: ../ - dockerfile: ./orchestration/processor/monero/Dockerfile - restart: unless-stopped - volumes: - - "./processor/scripts:/scripts" - entrypoint: /scripts/entry-dev.sh - - coordinator: - profiles: - - coordinator - build: - context: ../ - dockerfile: ./orchestration/coordinator/Dockerfile - restart: unless-stopped - volumes: - - "./coordinator/scripts:/scripts" - entrypoint: /scripts/entry-dev.sh - - # Serai runtime - - runtime: - profiles: - - runtime - build: - context: ../ - dockerfile: ./orchestration/runtime/Dockerfile - entrypoint: | - sh -c "cd /serai/substrate/runtime && cargo clean && cargo build --release && \ - sha256sum /serai/target/release/wbuild/serai-runtime/serai_runtime.wasm" - - # Serai nodes - - _serai: - &serai_defaults - restart: unless-stopped - # image: serai:dev - profiles: - - _ - build: - context: ../ - dockerfile: ./orchestration/serai/Dockerfile - args: - TAG: serai - entrypoint: /scripts/entry-dev.sh - volumes: - - "./serai/scripts:/scripts" - - serai: - <<: *serai_defaults - hostname: serai - profiles: - - serai - environment: - CHAIN: local - NAME: node - - serai-alice: - <<: *serai_defaults - hostname: serai-alice - profiles: - - alice - - cluster-sm - - cluster-lg - environment: - CHAIN: local - NAME: alice - VALIDATOR: true - - serai-bob: - <<: *serai_defaults - hostname: serai-bob - profiles: - - bob - - cluster-sm - - cluster-lg - environment: - CHAIN: local - NAME: bob - VALIDATOR: true - - serai-charlie: - <<: *serai_defaults - hostname: serai-charlie - profiles: - - charlie - - cluster-sm - - cluster-lg - environment: - CHAIN: local - NAME: charlie - VALIDATOR: true - - serai-dave: - <<: *serai_defaults - hostname: serai-dave - profiles: - - dave - - cluster-sm - - cluster-lg - environment: - CHAIN: local - NAME: dave - VALIDATOR: true - - serai-eve: - <<: *serai_defaults - hostname: serai-eve - profiles: - - eve - - cluster-lg - environment: - CHAIN: local - NAME: eve - - serai-ferdie: - <<: *serai_defaults - hostname: serai-ferdie - profiles: - - ferdie - - cluster-lg - environment: - CHAIN: local - NAME: ferdie diff --git a/orchestration/dockerfiles.sh b/orchestration/dockerfiles.sh deleted file mode 100755 index 40b8c1119..000000000 --- a/orchestration/dockerfiles.sh +++ /dev/null @@ -1,70 +0,0 @@ -# Bitcoin -rm ./coins/bitcoin/Dockerfile -cat \ - ./Dockerfile.parts/mimalloc/Dockerfile.debian \ - ./coins/bitcoin/Dockerfile.bitcoin \ - ./Dockerfile.parts/Dockerfile.debian.start \ - ./coins/bitcoin/Dockerfile.bitcoin.end >> ./coins/bitcoin/Dockerfile - -# Monero -rm ./coins/monero/Dockerfile -cat \ - ./Dockerfile.parts/mimalloc/Dockerfile.alpine \ - ./coins/monero/Dockerfile.monero \ - ./Dockerfile.parts/Dockerfile.alpine.start \ - ./coins/monero/Dockerfile.monero.end >> ./coins/monero/Dockerfile - -# Monero wallet rpc -rm -f ./coins/monero-wallet-rpc/Dockerfile -mkdir -p ./coins/monero-wallet-rpc/temp/ -cp ./coins/monero/temp/hashes-v* ./coins/monero-wallet-rpc/temp/ -cat \ - ./Dockerfile.parts/mimalloc/Dockerfile.debian \ - ./coins/monero/Dockerfile.monero \ - ./Dockerfile.parts/Dockerfile.debian.start \ - ./coins/monero-wallet-rpc/Dockerfile.monero-wallet-rpc.end >> ./coins/monero-wallet-rpc/Dockerfile - -# Message Queue -rm ./message-queue/Dockerfile -cat \ - ./Dockerfile.parts/mimalloc/Dockerfile.debian \ - ./Dockerfile.parts/Dockerfile.serai.build \ - ./message-queue/Dockerfile.message-queue \ - ./Dockerfile.parts/Dockerfile.debian.start \ - ./message-queue/Dockerfile.message-queue.end >> ./message-queue/Dockerfile - -# Bitcoin Processor -rm ./processor/bitcoin/Dockerfile -cat \ - ./Dockerfile.parts/mimalloc/Dockerfile.debian \ - ./Dockerfile.parts/Dockerfile.serai.build \ - ./processor/bitcoin/Dockerfile.processor.bitcoin \ - ./Dockerfile.parts/Dockerfile.debian.start \ - ./processor/Dockerfile.processor.end >> ./processor/bitcoin/Dockerfile - -# Monero Processor -rm ./processor/monero/Dockerfile -cat \ - ./Dockerfile.parts/mimalloc/Dockerfile.debian \ - ./Dockerfile.parts/Dockerfile.serai.build \ - ./processor/monero/Dockerfile.processor.monero \ - ./Dockerfile.parts/Dockerfile.debian.start \ - ./processor/Dockerfile.processor.end >> ./processor/monero/Dockerfile - -# Coordinator -rm ./coordinator/Dockerfile -cat \ - ./Dockerfile.parts/mimalloc/Dockerfile.debian \ - ./Dockerfile.parts/Dockerfile.serai.build \ - ./coordinator/Dockerfile.coordinator \ - ./Dockerfile.parts/Dockerfile.debian.start \ - ./coordinator/Dockerfile.coordinator.end >> ./coordinator/Dockerfile - -# Node -rm ./serai/Dockerfile -cat \ - ./Dockerfile.parts/mimalloc/Dockerfile.debian \ - ./Dockerfile.parts/Dockerfile.serai.build \ - ./serai/Dockerfile.serai \ - ./Dockerfile.parts/Dockerfile.debian.start \ - ./serai/Dockerfile.serai.end >> ./serai/Dockerfile diff --git a/orchestration/kubernetes/Makefile b/orchestration/kubernetes/Makefile deleted file mode 100644 index 9889b0717..000000000 --- a/orchestration/kubernetes/Makefile +++ /dev/null @@ -1,103 +0,0 @@ -SHELL := /bin/bash - -check-helm: - @helm version || $(MAKE) install-helm - -check-kubectl: - @kubectl version || $(MAKE) install-kubectl - -install-helm: - @curl -fsSL -o get_helm.sh https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 - @chmod 700 get_helm.sh - @./get_helm.sh - @rm get_helm.sh - -install-kubectl: - @curl -LO 'https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl' - @sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl - @rm kubectl - -deploy-base: - @docker compose -f ../docker-compose.yml --profile base build --quiet - @(cat ../serai/scripts/entry-dev.sh | base64 -w 0 -) | xargs -I % helm upgrade --install serai-base charts/serai/\ - --values charts/serai/values.yaml --set image.envVariablesfullnameOverride=serai-base,nameOverride=serai-base,\ - image.envVariables[1].value=base,configMapFile=% - -deploy-bitcoin: - @docker compose -f ../docker-compose.yml --profile bitcoin build --quiet - @(cat ../coins/bitcoin/scripts/entry-dev.sh | base64 -w 0 -) | xargs -I % helm upgrade --install bitcoin-daemon\ - charts/bitcoin/ --values charts/bitcoin/values.yaml --set configMapFile=% - -deploy-ethereum: - @docker compose -f ../docker-compose.yml --profile ethereum build --quiet - @(cat ../coins/ethereum/scripts/entry-dev.sh | base64 -w 0 -) | xargs -I % helm upgrade --install ethereum-daemon\ - charts/ethereum/ --values charts/ethereum/values.yaml --set configMapFile=% - -deploy-monero: - @docker compose -f ../docker-compose.yml --profile monero build --quiet - @(cat ../coins/monero/scripts/entry-dev.sh | base64 -w 0 -) | xargs -I % helm upgrade --install monero-daemon\ - charts/monero/ --values charts/monero/values.yaml --set configMapFile=% - -deploy-cluster-sm: - @docker compose -f ../docker-compose.yml --profile cluster-sm build --quiet - @(cat ../serai/scripts/entry-dev.sh | base64 -w 0 -) | xargs -I % helm upgrade --install serai-alice charts/serai/\ - --values charts/serai/values.yaml --set image.envVariablesfullnameOverride=serai-alice,nameOverride=serai-alice,\ - image.envVariables[1].value=Alice,image.envVariables[2].value="'1'",configMapFile=% - @(cat ../serai/scripts/entry-dev.sh | base64 -w 0 -) | xargs -I % helm upgrade --install serai-charlie charts/serai/\ - --values charts/serai/values.yaml --set image.envVariablesfullnameOverride=serai-charlie,nameOverride=serai-charlie,\ - image.envVariables[1].value=Charlie,configMapFile=% - @(cat ../serai/scripts/entry-dev.sh | base64 -w 0 -) | xargs -I % helm upgrade --install serai-bob charts/serai/\ - --values charts/serai/values.yaml --set image.envVariablesfullnameOverride=serai-bob,nameOverride=serai-bob,\ - image.envVariables[1].value=Bob,configMapFile=% - -deploy-cluster-lg: deploy-cluster-sm - @docker compose -f ../docker-compose.yml --profile cluster-lg build --quiet - @(cat ../serai/scripts/entry-dev.sh | base64 -w 0 -) | xargs -I % helm upgrade --install serai-dave charts/serai/\ - --values charts/serai/values.yaml --set image.envVariablesfullnameOverride=serai-dave,nameOverride=serai-dave,\ - image.envVariables[1].value=Dave,configMapFile=% - @(cat ../serai/scripts/entry-dev.sh | base64 -w 0 -) | xargs -I % helm upgrade --install serai-eve charts/serai/\ - --values charts/serai/values.yaml --set image.envVariablesfullnameOverride=serai-eve,nameOverride=serai-eve,\ - image.envVariables[1].value=Eve,configMapFile=% - @(cat ../serai/scripts/entry-dev.sh | base64 -w 0 -) | xargs -I % helm upgrade --install serai-ferdie charts/serai/\ - --values charts/serai/values.yaml --set image.envVariablesfullnameOverride=serai-ferdie,nameOverride=serai-ferdie,\ - image.envVariables[1].value=Ferdie,configMapFile=% - -deploy-coins: deploy-bitcoin deploy-ethereum deploy-monero - -deploy-cluster-coins-sm: deploy-cluster-sm deploy-coins - -deploy-cluster-coins-lg: deploy-cluster-lg deploy-coins - -deploy-all: deploy-cluster-coins-lg - -delete-base: - @helm delete serai-base - -delete-bitcoin: - @helm delete bitcoin-daemon - -delete-ethereum: - @helm delete ethereum-daemon - -delete-monero: - @helm delete monero-daemon - -delete-cluster-lg: delete-cluster-sm - @helm delete serai-dave - @helm delete serai-eve - @helm delete serai-ferdie - -delete-cluster-sm: - @helm delete serai-alice - @helm delete serai-charlie - @helm delete serai-bob - -delete-coins: delete-bitcoin delete-ethereum delete-monero - -delete-cluster-coins-sm: delete-cluster-sm delete-coins - -delete-cluster-coins-lg: delete-cluster-lg delete-coins - -delete-all: delete-cluster-coins-lg - -check-dependencies: check-helm check-kubectl diff --git a/orchestration/kubernetes/README.md b/orchestration/kubernetes/README.md deleted file mode 100644 index 7bf68d9e9..000000000 --- a/orchestration/kubernetes/README.md +++ /dev/null @@ -1,41 +0,0 @@ -# Kubernetes -## Run with Kubernetes -Running the Serai infrastructure is easy with Kubernetes. - -We utilize Makefile to easily orchestrate various pieces of the infrastructure on kubernetes. - -**Example to deploy:** `make deploy-` -```bash -make deploy-cluster-sm -``` -**Example to delete:** `make -i delete-` -```bash -make delete-cluster-sm -``` - -All commands are assumed to be ran from the kubernetes folder, not the serai root folder. - -### Profiles: -* deploy-base - single node, named base -* deploy-coins - node clients for coins only (BTC, ETH, XMR) -* deploy-cluster-sm - Alice (Validator), Bob, Charlie -* deploy-cluster-coins-sm - cluster-sm with coins -* deploy-cluster-lg - Alice (Validator), Bob, Charlie, Dave, Eve, Ferdie -* deploy-cluster-coins-lg - cluster-lg with coins -* deploy-monero - full node monero only -* deploy-bitcoin - full node bitcoin only -* deploy-ethereum - full node ethereum only - -## Requirements for Linux -* Local built images of serai and coins, please follow the Instructions [here](../README.md) -* Running kubernetes cluster (version >= 1.19) -* Curl tool -* Make tool -* Kubectl, check if not installed -```bash -make check-kubectl -``` -* Helm, check if not installed -```bash -make check-helm -``` diff --git a/orchestration/kubernetes/charts/bitcoin/Chart.yaml b/orchestration/kubernetes/charts/bitcoin/Chart.yaml deleted file mode 100644 index 3824b0e46..000000000 --- a/orchestration/kubernetes/charts/bitcoin/Chart.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: v2 -name: bitcoin -description: A Helm chart for bitcoin-daemon -type: application -version: 0.1.0 diff --git a/orchestration/kubernetes/charts/bitcoin/templates/_helpers.tpl b/orchestration/kubernetes/charts/bitcoin/templates/_helpers.tpl deleted file mode 100644 index 17b464a42..000000000 --- a/orchestration/kubernetes/charts/bitcoin/templates/_helpers.tpl +++ /dev/null @@ -1,42 +0,0 @@ -{{- define "bitcoin.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 253 | trimSuffix "-" }} -{{- end }} - -{{- define "bitcoin.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 253 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 253 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 253 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{- define "bitcoin.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 253 | trimSuffix "-" }} -{{- end }} - -{{- define "bitcoin.labels" -}} -helm.sh/chart: {{ include "bitcoin.chart" . }} -{{ include "bitcoin.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{- define "bitcoin.selectorLabels" -}} -app.kubernetes.io/name: {{ include "bitcoin.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{- define "bitcoin.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "bitcoin.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} diff --git a/orchestration/kubernetes/charts/bitcoin/templates/configmap.yaml b/orchestration/kubernetes/charts/bitcoin/templates/configmap.yaml deleted file mode 100644 index bf5502005..000000000 --- a/orchestration/kubernetes/charts/bitcoin/templates/configmap.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-configmap -data: - entry-dev.sh: | -{{ .Values.configMapFile | b64dec | indent 4}} diff --git a/orchestration/kubernetes/charts/bitcoin/templates/deployment.yaml b/orchestration/kubernetes/charts/bitcoin/templates/deployment.yaml deleted file mode 100644 index f852a96e6..000000000 --- a/orchestration/kubernetes/charts/bitcoin/templates/deployment.yaml +++ /dev/null @@ -1,88 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "bitcoin.fullname" . }} - labels: - {{- include "bitcoin.labels" . | nindent 4 }} -spec: - {{- if not .Values.autoscaling.enabled }} - replicas: {{ .Values.replicaCount }} - {{- end }} - selector: - matchLabels: - {{- include "bitcoin.selectorLabels" . | nindent 6 }} - template: - metadata: - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "bitcoin.selectorLabels" . | nindent 8 }} - spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "bitcoin.serviceAccountName" . }} - securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- if hasKey .Values.image "ports" }} - ports: - {{- range .Values.image.ports }} - - name: {{ .name }} - containerPort: {{ .containerPort }} - {{- end }} - resources: - {{- toYaml .Values.resources | nindent 12 }} - {{- end }} - - {{- if hasKey .Values.image "command" }} - command: - {{- toYaml .Values.image.command | nindent 12 }} - {{- end }} - - {{- if hasKey .Values.image "args" }} - args: - {{- toYaml .Values.image.args | nindent 12 }} - {{- end }} - - {{- if hasKey .Values.image "envVariables" }} - env: - {{- toYaml .Values.image.envVariables | nindent 12 }} - {{- end }} - - {{- if hasKey .Values.image "volumeMounts" }} - volumeMounts: - {{- range .Values.image.volumeMounts }} - - mountPath: {{ .mountPath }} - name: {{ $.Release.Name}}-{{ .name }} - {{- end }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if hasKey .Values "volumes" }} - volumes: - {{- range .Values.volumes }} - - configMap: - defaultMode: {{ .configMap.defaultMode }} - name: {{ $.Release.Name}}-{{ .configMap.name }} - name: {{ $.Release.Name}}-{{ .name }} - {{- end }} - {{- end }} diff --git a/orchestration/kubernetes/charts/bitcoin/templates/ingress.yaml b/orchestration/kubernetes/charts/bitcoin/templates/ingress.yaml deleted file mode 100644 index 39dff21ce..000000000 --- a/orchestration/kubernetes/charts/bitcoin/templates/ingress.yaml +++ /dev/null @@ -1,50 +0,0 @@ -{{- if .Values.ingress.enabled -}} -{{- $fullName := include "bitcoin.fullname" . -}} -{{- $svcPort := .Values.service.port -}} -{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} - {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} - {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} - {{- end }} -{{- end }} -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: {{ $fullName }} - labels: - {{- include "bitcoin.labels" . | nindent 4 }} - {{- with .Values.ingress.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - {{- if .Values.ingress.className }} - ingressClassName: {{ .Values.ingress.className }} - {{- end }} - {{- if .Values.ingress.tls }} - tls: - {{- range .Values.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} - {{- end }} - rules: - {{- range .Values.ingress.hosts }} - - host: {{ .host | quote }} - http: - paths: - {{- range .paths }} - - path: {{ .path }} - {{- if .pathType }} - pathType: {{ .pathType }} - {{- end }} - backend: - service: - name: {{ $fullName }} - port: - number: {{ $svcPort }} - {{- end }} - {{- end }} -{{- end }} diff --git a/orchestration/kubernetes/charts/bitcoin/templates/service.yaml b/orchestration/kubernetes/charts/bitcoin/templates/service.yaml deleted file mode 100644 index e5fc600fd..000000000 --- a/orchestration/kubernetes/charts/bitcoin/templates/service.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "bitcoin.fullname" . }} - labels: - {{- include "bitcoin.labels" . | nindent 4 }} -spec: - type: {{ .Values.service.type }} - ports: - {{- if hasKey .Values.service "ports" }} - {{- range .Values.service.ports }} - - port: {{ .port }} - name: {{ .name }} - targetPort: {{ .targetPort }} - protocol: {{ .protocol }} - {{- end }} - {{- else }} - - port: {{ .Values.service.port }} - targetPort: http - protocol: TCP - name: http - {{- end }} - selector: - {{- include "bitcoin.selectorLabels" . | nindent 4 }} diff --git a/orchestration/kubernetes/charts/bitcoin/values.yaml b/orchestration/kubernetes/charts/bitcoin/values.yaml deleted file mode 100644 index 54bb04623..000000000 --- a/orchestration/kubernetes/charts/bitcoin/values.yaml +++ /dev/null @@ -1,74 +0,0 @@ -replicaCount: 1 - -net: mainnet - -image: - repository: serai-dev-bitcoin - pullPolicy: IfNotPresent - tag: "latest" - ports: - - name: p2p - containerPort: 18444 - protocol: TCP - - name: rpc - containerPort: 18443 - protocol: TCP - volumeMounts: - - mountPath: /scripts - name: configmap-volume - args: - - bash - - /scripts/entry-dev.sh - -volumes: - - configMap: - defaultMode: 420 - name: configmap - name: configmap-volume - -configMapFile: "entry-dev.sh" - -imagePullSecrets: [] - -serviceAccount: - create: false - name: "" - -podAnnotations: {} - -podSecurityContext: {} - -securityContext: {} - -service: - type: ClusterIP - ports: - - name: p2p - port: 18444 - targetPort: p2p - protocol: TCP - - name: rpc - port: 18443 - targetPort: rpc - protocol: TCP - -ingress: - enabled: false - className: "" - annotations: {} - hosts: [] - tls: [] - -resources: {} - -autoscaling: - enabled: false - minReplicas: 1 - maxReplicas: 100 - targetCPUUtilizationPercentage: 80 - -nodeSelector: {} - -tolerations: [] - -affinity: {} diff --git a/orchestration/kubernetes/charts/ethereum/Chart.yaml b/orchestration/kubernetes/charts/ethereum/Chart.yaml deleted file mode 100644 index 315940449..000000000 --- a/orchestration/kubernetes/charts/ethereum/Chart.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: v2 -name: ethereum -description: A Helm chart for ethereum-daemon -type: application -version: 0.1.0 diff --git a/orchestration/kubernetes/charts/ethereum/templates/_helpers.tpl b/orchestration/kubernetes/charts/ethereum/templates/_helpers.tpl deleted file mode 100644 index ab9b2fc9d..000000000 --- a/orchestration/kubernetes/charts/ethereum/templates/_helpers.tpl +++ /dev/null @@ -1,42 +0,0 @@ -{{- define "ethereum.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 253 | trimSuffix "-" }} -{{- end }} - -{{- define "ethereum.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 253 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 253 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 253 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{- define "ethereum.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 253 | trimSuffix "-" }} -{{- end }} - -{{- define "ethereum.labels" -}} -helm.sh/chart: {{ include "ethereum.chart" . }} -{{ include "ethereum.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{- define "ethereum.selectorLabels" -}} -app.kubernetes.io/name: {{ include "ethereum.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{- define "ethereum.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "ethereum.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} diff --git a/orchestration/kubernetes/charts/ethereum/templates/configmap.yaml b/orchestration/kubernetes/charts/ethereum/templates/configmap.yaml deleted file mode 100644 index bf5502005..000000000 --- a/orchestration/kubernetes/charts/ethereum/templates/configmap.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-configmap -data: - entry-dev.sh: | -{{ .Values.configMapFile | b64dec | indent 4}} diff --git a/orchestration/kubernetes/charts/ethereum/templates/deployment.yaml b/orchestration/kubernetes/charts/ethereum/templates/deployment.yaml deleted file mode 100644 index b673ba127..000000000 --- a/orchestration/kubernetes/charts/ethereum/templates/deployment.yaml +++ /dev/null @@ -1,89 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "ethereum.fullname" . }} - labels: - {{- include "ethereum.labels" . | nindent 4 }} -spec: - {{- if not .Values.autoscaling.enabled }} - replicas: {{ .Values.replicaCount }} - {{- end }} - selector: - matchLabels: - {{- include "ethereum.selectorLabels" . | nindent 6 }} - template: - metadata: - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "ethereum.selectorLabels" . | nindent 8 }} - spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "ethereum.serviceAccountName" . }} - securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- if hasKey .Values.image "ports" }} - ports: - {{- range .Values.image.ports }} - - name: {{ .name }} - containerPort: {{ .containerPort }} - protocol: {{ .protocol }} - {{- end }} - resources: - {{- toYaml .Values.resources | nindent 12 }} - {{- end }} - - {{- if hasKey .Values.image "command" }} - command: - {{- toYaml .Values.image.command | nindent 12 }} - {{- end }} - - {{- if hasKey .Values.image "args" }} - args: - {{- toYaml .Values.image.args | nindent 12 }} - {{- end }} - - {{- if hasKey .Values.image "envVariables" }} - env: - {{- toYaml .Values.image.envVariables | nindent 12 }} - {{- end }} - - {{- if hasKey .Values.image "volumeMounts" }} - volumeMounts: - {{- range .Values.image.volumeMounts }} - - mountPath: {{ .mountPath }} - name: {{ $.Release.Name}}-{{ .name }} - {{- end }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if hasKey .Values "volumes" }} - volumes: - {{- range .Values.volumes }} - - configMap: - defaultMode: {{ .configMap.defaultMode }} - name: {{ $.Release.Name}}-{{ .configMap.name }} - name: {{ $.Release.Name}}-{{ .name }} - {{- end }} - {{- end }} diff --git a/orchestration/kubernetes/charts/ethereum/templates/ingress.yaml b/orchestration/kubernetes/charts/ethereum/templates/ingress.yaml deleted file mode 100644 index 18dcd1852..000000000 --- a/orchestration/kubernetes/charts/ethereum/templates/ingress.yaml +++ /dev/null @@ -1,50 +0,0 @@ -{{- if .Values.ingress.enabled -}} -{{- $fullName := include "ethereum.fullname" . -}} -{{- $svcPort := .Values.service.port -}} -{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} - {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} - {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} - {{- end }} -{{- end }} -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: {{ $fullName }} - labels: - {{- include "ethereum.labels" . | nindent 4 }} - {{- with .Values.ingress.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - {{- if .Values.ingress.className }} - ingressClassName: {{ .Values.ingress.className }} - {{- end }} - {{- if .Values.ingress.tls }} - tls: - {{- range .Values.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} - {{- end }} - rules: - {{- range .Values.ingress.hosts }} - - host: {{ .host | quote }} - http: - paths: - {{- range .paths }} - - path: {{ .path }} - {{- if .pathType }} - pathType: {{ .pathType }} - {{- end }} - backend: - service: - name: {{ $fullName }} - port: - number: {{ $svcPort }} - {{- end }} - {{- end }} -{{- end }} diff --git a/orchestration/kubernetes/charts/ethereum/templates/service.yaml b/orchestration/kubernetes/charts/ethereum/templates/service.yaml deleted file mode 100644 index df83df170..000000000 --- a/orchestration/kubernetes/charts/ethereum/templates/service.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "ethereum.fullname" . }} - labels: - {{- include "ethereum.labels" . | nindent 4 }} -spec: - type: {{ .Values.service.type }} - ports: - {{- if hasKey .Values.service "ports" }} - {{- range .Values.service.ports }} - - port: {{ .port }} - name: {{ .name }} - targetPort: {{ .targetPort }} - protocol: {{ .protocol }} - {{- end }} - {{- else }} - - port: {{ .Values.service.port }} - targetPort: http - protocol: TCP - name: http - {{- end }} - selector: - {{- include "ethereum.selectorLabels" . | nindent 4 }} diff --git a/orchestration/kubernetes/charts/ethereum/values.yaml b/orchestration/kubernetes/charts/ethereum/values.yaml deleted file mode 100644 index cef45a09f..000000000 --- a/orchestration/kubernetes/charts/ethereum/values.yaml +++ /dev/null @@ -1,60 +0,0 @@ -replicaCount: 1 - -image: - repository: serai-dev-ethereum - pullPolicy: IfNotPresent - tag: "latest" - - ports: - - name: rpc - containerPort: 8545 - protocol: TCP - volumeMounts: - - mountPath: /scripts - name: configmap-volume - args: - - bash - - /scripts/entry-dev.sh - -volumes: - - configMap: - defaultMode: 420 - name: configmap - name: configmap-volume - -configMapFile: "entry-dev.sh" - -imagePullSecrets: [] - -serviceAccount: - create: false - name: "" - -podAnnotations: {} - -podSecurityContext: {} - -securityContext: {} - -service: - type: ClusterIP - port: 8545 - -ingress: - enabled: false - className: "" - annotations: {} - hosts: [] - tls: [] - -resources: {} - -autoscaling: - enabled: false - minReplicas: 1 - maxReplicas: 100 - targetCPUUtilizationPercentage: 80 - -nodeSelector: {} -tolerations: [] -affinity: {} diff --git a/orchestration/kubernetes/charts/monero/Chart.yaml b/orchestration/kubernetes/charts/monero/Chart.yaml deleted file mode 100644 index b9c0d84ce..000000000 --- a/orchestration/kubernetes/charts/monero/Chart.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: v2 -name: monero -description: A Helm chart for monero-daemon -type: application -version: 0.1.0 diff --git a/orchestration/kubernetes/charts/monero/templates/_helpers.tpl b/orchestration/kubernetes/charts/monero/templates/_helpers.tpl deleted file mode 100644 index 2829e6037..000000000 --- a/orchestration/kubernetes/charts/monero/templates/_helpers.tpl +++ /dev/null @@ -1,42 +0,0 @@ -{{- define "monero.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 253 | trimSuffix "-" }} -{{- end }} - -{{- define "monero.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 253 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 253 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 253 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{- define "monero.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 253 | trimSuffix "-" }} -{{- end }} - -{{- define "monero.labels" -}} -helm.sh/chart: {{ include "monero.chart" . }} -{{ include "monero.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{- define "monero.selectorLabels" -}} -app.kubernetes.io/name: {{ include "monero.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{- define "monero.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "monero.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} diff --git a/orchestration/kubernetes/charts/monero/templates/configmap.yaml b/orchestration/kubernetes/charts/monero/templates/configmap.yaml deleted file mode 100644 index bf5502005..000000000 --- a/orchestration/kubernetes/charts/monero/templates/configmap.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-configmap -data: - entry-dev.sh: | -{{ .Values.configMapFile | b64dec | indent 4}} diff --git a/orchestration/kubernetes/charts/monero/templates/deployment.yaml b/orchestration/kubernetes/charts/monero/templates/deployment.yaml deleted file mode 100644 index fdd32c05d..000000000 --- a/orchestration/kubernetes/charts/monero/templates/deployment.yaml +++ /dev/null @@ -1,88 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "monero.fullname" . }} - labels: - {{- include "monero.labels" . | nindent 4 }} -spec: - {{- if not .Values.autoscaling.enabled }} - replicas: {{ .Values.replicaCount }} - {{- end }} - selector: - matchLabels: - {{- include "monero.selectorLabels" . | nindent 6 }} - template: - metadata: - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "monero.selectorLabels" . | nindent 8 }} - spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "monero.serviceAccountName" . }} - securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- if hasKey .Values.image "ports" }} - ports: - {{- range .Values.image.ports }} - - name: {{ .name }} - containerPort: {{ .containerPort }} - {{- end }} - resources: - {{- toYaml .Values.resources | nindent 12 }} - {{- end }} - - {{- if hasKey .Values.image "command" }} - command: - {{- toYaml .Values.image.command | nindent 12 }} - {{- end }} - - {{- if hasKey .Values.image "args" }} - args: - {{- toYaml .Values.image.args | nindent 12 }} - {{- end }} - - {{- if hasKey .Values.image "envVariables" }} - env: - {{- toYaml .Values.image.envVariables | nindent 12 }} - {{- end }} - - {{- if hasKey .Values.image "volumeMounts" }} - volumeMounts: - {{- range .Values.image.volumeMounts }} - - mountPath: {{ .mountPath }} - name: {{ $.Release.Name}}-{{ .name }} - {{- end }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if hasKey .Values "volumes" }} - volumes: - {{- range .Values.volumes }} - - configMap: - defaultMode: {{ .configMap.defaultMode }} - name: {{ $.Release.Name}}-{{ .configMap.name }} - name: {{ $.Release.Name}}-{{ .name }} - {{- end }} - {{- end }} diff --git a/orchestration/kubernetes/charts/monero/templates/ingress.yaml b/orchestration/kubernetes/charts/monero/templates/ingress.yaml deleted file mode 100644 index 2ae3d4fa5..000000000 --- a/orchestration/kubernetes/charts/monero/templates/ingress.yaml +++ /dev/null @@ -1,50 +0,0 @@ -{{- if .Values.ingress.enabled -}} -{{- $fullName := include "monero.fullname" . -}} -{{- $svcPort := .Values.service.port -}} -{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} - {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} - {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} - {{- end }} -{{- end }} -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: {{ $fullName }} - labels: - {{- include "monero.labels" . | nindent 4 }} - {{- with .Values.ingress.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - {{- if .Values.ingress.className }} - ingressClassName: {{ .Values.ingress.className }} - {{- end }} - {{- if .Values.ingress.tls }} - tls: - {{- range .Values.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} - {{- end }} - rules: - {{- range .Values.ingress.hosts }} - - host: {{ .host | quote }} - http: - paths: - {{- range .paths }} - - path: {{ .path }} - {{- if .pathType }} - pathType: {{ .pathType }} - {{- end }} - backend: - service: - name: {{ $fullName }} - port: - number: {{ $svcPort }} - {{- end }} - {{- end }} -{{- end }} diff --git a/orchestration/kubernetes/charts/monero/templates/service.yaml b/orchestration/kubernetes/charts/monero/templates/service.yaml deleted file mode 100644 index 1a4f90d23..000000000 --- a/orchestration/kubernetes/charts/monero/templates/service.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "monero.fullname" . }} - labels: - {{- include "monero.labels" . | nindent 4 }} -spec: - type: {{ .Values.service.type }} - ports: - {{- if hasKey .Values.service "ports" }} - {{- range .Values.service.ports }} - - port: {{ .port }} - name: {{ .name }} - targetPort: {{ .targetPort }} - protocol: {{ .protocol }} - {{- end }} - {{- else }} - - port: {{ .Values.service.port }} - targetPort: http - protocol: TCP - name: http - {{- end }} - selector: - {{- include "monero.selectorLabels" . | nindent 4 }} diff --git a/orchestration/kubernetes/charts/monero/values.yaml b/orchestration/kubernetes/charts/monero/values.yaml deleted file mode 100644 index 8105e003c..000000000 --- a/orchestration/kubernetes/charts/monero/values.yaml +++ /dev/null @@ -1,72 +0,0 @@ -replicaCount: 1 - -image: - repository: serai-dev-monero - pullPolicy: IfNotPresent - tag: "latest" - ports: - - name: p2p - containerPort: 18080 - protocol: TCP - - name: rpc - containerPort: 18081 - protocol: TCP - volumeMounts: - - mountPath: /scripts - name: configmap-volume - args: - - bash - - /scripts/entry-dev.sh - -volumes: - - configMap: - defaultMode: 420 - name: configmap - name: configmap-volume - -configMapFile: "entry-dev.sh" - -imagePullSecrets: [] - -serviceAccount: - create: false - name: "" - -podAnnotations: {} - -podSecurityContext: {} - -securityContext: {} - -service: - type: ClusterIP - ports: - - name: p2p - port: 18080 - targetPort: p2p - protocol: TCP - - name: rpc - port: 18081 - targetPort: rpc - protocol: TCP - -ingress: - enabled: false - className: "" - annotations: {} - hosts: [] - tls: [] - -resources: {} - -autoscaling: - enabled: false - minReplicas: 1 - maxReplicas: 100 - targetCPUUtilizationPercentage: 80 - -nodeSelector: {} - -tolerations: [] - -affinity: {} diff --git a/orchestration/kubernetes/charts/serai/Chart.yaml b/orchestration/kubernetes/charts/serai/Chart.yaml deleted file mode 100644 index 69249e1de..000000000 --- a/orchestration/kubernetes/charts/serai/Chart.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: v2 -name: serai -description: A Helm chart for serai -type: application -version: 0.1.0 diff --git a/orchestration/kubernetes/charts/serai/templates/_helpers.tpl b/orchestration/kubernetes/charts/serai/templates/_helpers.tpl deleted file mode 100644 index 962c2f802..000000000 --- a/orchestration/kubernetes/charts/serai/templates/_helpers.tpl +++ /dev/null @@ -1,42 +0,0 @@ -{{- define "serai-base.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 253 | trimSuffix "-" }} -{{- end }} - -{{- define "serai-base.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 253 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 253 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 253 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{- define "serai-base.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 253 | trimSuffix "-" }} -{{- end }} - -{{- define "serai-base.labels" -}} -helm.sh/chart: {{ include "serai-base.chart" . }} -{{ include "serai-base.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{- define "serai-base.selectorLabels" -}} -app.kubernetes.io/name: {{ include "serai-base.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{- define "serai-base.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "serai-base.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} diff --git a/orchestration/kubernetes/charts/serai/templates/configmap.yaml b/orchestration/kubernetes/charts/serai/templates/configmap.yaml deleted file mode 100644 index bf5502005..000000000 --- a/orchestration/kubernetes/charts/serai/templates/configmap.yaml +++ /dev/null @@ -1,7 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Release.Name }}-configmap -data: - entry-dev.sh: | -{{ .Values.configMapFile | b64dec | indent 4}} diff --git a/orchestration/kubernetes/charts/serai/templates/deployment.yaml b/orchestration/kubernetes/charts/serai/templates/deployment.yaml deleted file mode 100644 index 35d0d7c07..000000000 --- a/orchestration/kubernetes/charts/serai/templates/deployment.yaml +++ /dev/null @@ -1,88 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "serai-base.fullname" . }} - labels: - {{- include "serai-base.labels" . | nindent 4 }} -spec: - {{- if not .Values.autoscaling.enabled }} - replicas: {{ .Values.replicaCount }} - {{- end }} - selector: - matchLabels: - {{- include "serai-base.selectorLabels" . | nindent 6 }} - template: - metadata: - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "serai-base.selectorLabels" . | nindent 8 }} - spec: - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "serai-base.serviceAccountName" . }} - securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - {{- if hasKey .Values.image "ports" }} - ports: - {{- range .Values.image.ports }} - - name: {{ .name }} - containerPort: {{ .containerPort }} - {{- end }} - resources: - {{- toYaml .Values.resources | nindent 12 }} - {{- end }} - - {{- if hasKey .Values.image "command" }} - command: - {{- toYaml .Values.image.command | nindent 12 }} - {{- end }} - - {{- if hasKey .Values.image "args" }} - args: - {{- toYaml .Values.image.args | nindent 12 }} - {{- end }} - - {{- if hasKey .Values.image "envVariables" }} - env: - {{- toYaml .Values.image.envVariables | nindent 12 }} - {{- end }} - - {{- if hasKey .Values.image "volumeMounts" }} - volumeMounts: - {{- range .Values.image.volumeMounts }} - - mountPath: {{ .mountPath }} - name: {{ $.Release.Name}}-{{ .name }} - {{- end }} - {{- end }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- if hasKey .Values "volumes" }} - volumes: - {{- range .Values.volumes }} - - configMap: - defaultMode: {{ .configMap.defaultMode }} - name: {{ $.Release.Name}}-{{ .configMap.name }} - name: {{ $.Release.Name}}-{{ .name }} - {{- end }} - {{- end }} diff --git a/orchestration/kubernetes/charts/serai/templates/ingress.yaml b/orchestration/kubernetes/charts/serai/templates/ingress.yaml deleted file mode 100644 index b020fc02b..000000000 --- a/orchestration/kubernetes/charts/serai/templates/ingress.yaml +++ /dev/null @@ -1,50 +0,0 @@ -{{- if .Values.ingress.enabled -}} -{{- $fullName := include "serai-base.fullname" . -}} -{{- $svcPort := .Values.service.port -}} -{{- if and .Values.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} - {{- if not (hasKey .Values.ingress.annotations "kubernetes.io/ingress.class") }} - {{- $_ := set .Values.ingress.annotations "kubernetes.io/ingress.class" .Values.ingress.className}} - {{- end }} -{{- end }} -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: {{ $fullName }} - labels: - {{- include "serai-base.labels" . | nindent 4 }} - {{- with .Values.ingress.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - {{- if .Values.ingress.className }} - ingressClassName: {{ .Values.ingress.className }} - {{- end }} - {{- if .Values.ingress.tls }} - tls: - {{- range .Values.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} - {{- end }} - rules: - {{- range .Values.ingress.hosts }} - - host: {{ .host | quote }} - http: - paths: - {{- range .paths }} - - path: {{ .path }} - {{- if .pathType }} - pathType: {{ .pathType }} - {{- end }} - backend: - service: - name: {{ $fullName }} - port: - number: {{ $svcPort }} - {{- end }} - {{- end }} -{{- end }} diff --git a/orchestration/kubernetes/charts/serai/templates/service.yaml b/orchestration/kubernetes/charts/serai/templates/service.yaml deleted file mode 100644 index f45d73ef5..000000000 --- a/orchestration/kubernetes/charts/serai/templates/service.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "serai-base.fullname" . }} - labels: - {{- include "serai-base.labels" . | nindent 4 }} -spec: - type: {{ .Values.service.type }} - ports: - {{- if hasKey .Values.service "ports" }} - {{- range .Values.service.ports }} - - port: {{ .port }} - name: {{ .name }} - targetPort: {{ .targetPort }} - protocol: {{ .protocol }} - {{- end }} - {{- else }} - - port: {{ .Values.service.port }} - targetPort: http - protocol: TCP - name: http - {{- end }} - selector: - {{- include "serai-base.selectorLabels" . | nindent 4 }} diff --git a/orchestration/kubernetes/charts/serai/values.yaml b/orchestration/kubernetes/charts/serai/values.yaml deleted file mode 100644 index 9c702dafa..000000000 --- a/orchestration/kubernetes/charts/serai/values.yaml +++ /dev/null @@ -1,92 +0,0 @@ -replicaCount: 1 - -image: - repository: serai - pullPolicy: IfNotPresent - tag: "dev" - ports: - - name: p2p - containerPort: 30333 - protocol: TCP - - name: prometheus - containerPort: 9615 - protocol: TCP - - name: rpc - containerPort: 9933 - protocol: TCP - - name: ws - containerPort: 9944 - protocol: TCP - - volumeMounts: - - mountPath: /scripts - name: configmap-volume - envVariables: - - name: CHAIN - value: dev - - name: NAME - value: base - - name: VALIDATOR - value: - args: - - bash - - /scripts/entry-dev.sh - -volumes: - - configMap: - defaultMode: 420 - name: configmap - name: configmap-volume - -configMapFile: "entry-dev.sh" - -imagePullSecrets: [] - -serviceAccount: - create: false - name: "" - -podAnnotations: {} - -podSecurityContext: {} - -securityContext: {} - -service: - type: ClusterIP - ports: - - name: p2p - port: 30333 - targetPort: p2p - protocol: TCP - - name: prometheus - port: 9615 - targetPort: prometheus - protocol: TCP - - name: rpc - port: 9933 - targetPort: rpc - protocol: TCP - - name: ws - port: 9944 - targetPort: ws - protocol: TCP - -ingress: - enabled: false - className: "" - annotations: {} - hosts: [] - tls: [] - -resources: {} - -autoscaling: - enabled: false - minReplicas: 1 - maxReplicas: 100 - targetCPUUtilizationPercentage: 80 - -nodeSelector: {} -tolerations: [] -affinity: {} diff --git a/orchestration/message-queue/Dockerfile.message-queue b/orchestration/message-queue/Dockerfile.message-queue deleted file mode 100644 index a40fad494..000000000 --- a/orchestration/message-queue/Dockerfile.message-queue +++ /dev/null @@ -1,2 +0,0 @@ - cargo build --features parity-db -p serai-message-queue && \ - mv /serai/target/debug/serai-message-queue /serai/bin diff --git a/orchestration/message-queue/Dockerfile.message-queue.end b/orchestration/message-queue/Dockerfile.message-queue.end deleted file mode 100644 index 2b3a39717..000000000 --- a/orchestration/message-queue/Dockerfile.message-queue.end +++ /dev/null @@ -1,13 +0,0 @@ -# Switch to a non-root user -RUN useradd --system --home /home/message-queue --create-home --shell /sbin/nologin messagequeue -USER messagequeue - -WORKDIR /home/message-queue - -# Copy the Message Queue binary and relevant license -COPY --from=builder --chown=messagequeue /serai/bin/serai-message-queue /bin -COPY --from=builder --chown=messagequeue /serai/AGPL-3.0 . - -# Run message-queue -EXPOSE 2287 -CMD ["serai-message-queue"] diff --git a/orchestration/message-queue/scripts/entry-dev.sh b/orchestration/message-queue/scripts/entry-dev.sh deleted file mode 100755 index 514f1aaf7..000000000 --- a/orchestration/message-queue/scripts/entry-dev.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash - -export BITCOIN_KEY="0000000000000000000000000000000000000000000000000000000000000000" -export ETHEREUM_KEY="0000000000000000000000000000000000000000000000000000000000000000" -export MONERO_KEY="0000000000000000000000000000000000000000000000000000000000000000" -export COORDINATOR_KEY="0000000000000000000000000000000000000000000000000000000000000000" - -export DB_PATH="./message-queue-db" - -serai-message-queue diff --git a/orchestration/processor/Dockerfile.processor.end b/orchestration/processor/Dockerfile.processor.end deleted file mode 100644 index 410ba5e80..000000000 --- a/orchestration/processor/Dockerfile.processor.end +++ /dev/null @@ -1,15 +0,0 @@ -# Install ca-certificates -RUN apt install -y ca-certificates - -# Switch to a non-root user -RUN useradd --system --create-home --shell /sbin/nologin processor -USER processor - -WORKDIR /home/processor - -# Copy the Processor binary and relevant license -COPY --from=builder --chown=processor /serai/bin/serai-processor /bin/ -COPY --from=builder --chown=processor /serai/AGPL-3.0 . - -# Run processor -CMD ["serai-processor"] diff --git a/orchestration/processor/bitcoin/Dockerfile.processor.bitcoin b/orchestration/processor/bitcoin/Dockerfile.processor.bitcoin deleted file mode 100644 index 685eaf7f9..000000000 --- a/orchestration/processor/bitcoin/Dockerfile.processor.bitcoin +++ /dev/null @@ -1,2 +0,0 @@ - cargo build --features "binaries parity-db bitcoin" -p serai-processor && \ - mv /serai/target/debug/serai-processor /serai/bin diff --git a/orchestration/processor/monero/Dockerfile.processor.monero b/orchestration/processor/monero/Dockerfile.processor.monero deleted file mode 100644 index 920097f12..000000000 --- a/orchestration/processor/monero/Dockerfile.processor.monero +++ /dev/null @@ -1,2 +0,0 @@ - cargo build --features "binaries parity-db monero" -p serai-processor && \ - mv /serai/target/debug/serai-processor /serai/bin diff --git a/orchestration/processor/scripts/entry-dev.sh b/orchestration/processor/scripts/entry-dev.sh deleted file mode 100755 index 545457d83..000000000 --- a/orchestration/processor/scripts/entry-dev.sh +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash - -export MESSAGE_QUEUE_KEY="0000000000000000000000000000000000000000000000000000000000000000" -export MESSAGE_QUEUE_RPC="http://127.0.0.1:2287" - -export DB_PATH="./processor-bitcoin-db" -export ENTROPY="0001020304050607080910111213141516171819202122232425262728293031" -export NETWORK="bitcoin" -export NETWORK_RPC_LOGIN="serai:seraidex" -export NETWORK_RPC_HOSTNAME="127.0.0.1" -export NETWORK_RPC_PORT="18443" - -serai-processor diff --git a/orchestration/serai/Dockerfile.serai b/orchestration/serai/Dockerfile.serai deleted file mode 100644 index 839ec923a..000000000 --- a/orchestration/serai/Dockerfile.serai +++ /dev/null @@ -1,2 +0,0 @@ - cargo build --release -p serai-node && \ - mv /serai/target/release/serai-node /serai/bin diff --git a/orchestration/serai/Dockerfile.serai.end b/orchestration/serai/Dockerfile.serai.end deleted file mode 100644 index 52c16ad37..000000000 --- a/orchestration/serai/Dockerfile.serai.end +++ /dev/null @@ -1,13 +0,0 @@ -# Switch to a non-root user -RUN useradd --system --home /home/serai --shell /sbin/nologin serai -USER serai - -WORKDIR /home/serai - -# Copy the Serai binary and relevant license -COPY --from=builder --chown=serai /serai/bin/serai-node /bin/ -COPY --from=builder --chown=serai /serai/AGPL-3.0 . - -# Run node -EXPOSE 30333 9615 9933 9944 -CMD ["serai-node"] diff --git a/orchestration/coins/bitcoin/Dockerfile.bitcoin b/orchestration/src/coins/bitcoin.rs similarity index 58% rename from orchestration/coins/bitcoin/Dockerfile.bitcoin rename to orchestration/src/coins/bitcoin.rs index b2aca0cb5..58ea0004d 100644 --- a/orchestration/coins/bitcoin/Dockerfile.bitcoin +++ b/orchestration/src/coins/bitcoin.rs @@ -1,3 +1,10 @@ +use std::{path::Path, io::Write, fs::File}; + +use crate::{Os, mimalloc, os}; + +#[rustfmt::skip] +pub fn bitcoin(orchestration_path: &Path) { + const DOWNLOAD_BITCOIN: &str = r#" FROM alpine:latest as bitcoin ENV BITCOIN_VERSION=26.0 @@ -20,3 +27,24 @@ RUN grep bitcoin-${BITCOIN_VERSION}-$(uname -m)-linux-gnu.tar.gz SHA256SUMS | sh # Prepare Image RUN tar xzvf bitcoin-${BITCOIN_VERSION}-$(uname -m)-linux-gnu.tar.gz RUN mv bitcoin-${BITCOIN_VERSION}/bin/bitcoind . +"#; + + let setup = mimalloc(Os::Debian).to_string() + DOWNLOAD_BITCOIN; + + const RUN_BITCOIN: &str = r#" +COPY --from=bitcoin --chown=bitcoin bitcoind /bin +COPY ./scripts /scripts + +EXPOSE 8332 8333 18332 18333 18443 18444 +"#; + + let run = os(Os::Debian, "", "bitcoin") + RUN_BITCOIN; + let res = setup + &run; + + let mut bitcoin_path = orchestration_path.to_path_buf(); + bitcoin_path.push("coins"); + bitcoin_path.push("bitcoin"); + bitcoin_path.push("Dockerfile"); + + File::create(bitcoin_path).unwrap().write_all(res.as_bytes()).unwrap(); +} diff --git a/orchestration/src/coins/ethereum.rs b/orchestration/src/coins/ethereum.rs new file mode 100644 index 000000000..48db596d7 --- /dev/null +++ b/orchestration/src/coins/ethereum.rs @@ -0,0 +1,6 @@ +use std::path::Path; + +#[rustfmt::skip] +pub fn ethereum(_orchestration_path: &Path) { + // TODO +} diff --git a/orchestration/src/coins/mod.rs b/orchestration/src/coins/mod.rs new file mode 100644 index 000000000..cab1eb86e --- /dev/null +++ b/orchestration/src/coins/mod.rs @@ -0,0 +1,8 @@ +mod bitcoin; +pub use bitcoin::*; + +mod ethereum; +pub use ethereum::*; + +mod monero; +pub use monero::*; diff --git a/orchestration/coins/monero/Dockerfile.monero b/orchestration/src/coins/monero.rs similarity index 52% rename from orchestration/coins/monero/Dockerfile.monero rename to orchestration/src/coins/monero.rs index 5e23a8012..9253c871c 100644 --- a/orchestration/coins/monero/Dockerfile.monero +++ b/orchestration/src/coins/monero.rs @@ -1,3 +1,10 @@ +use std::{path::Path, io::Write, fs::File}; + +use crate::{Os, mimalloc, os}; + +#[rustfmt::skip] +fn monero_internal(orchestration_path: &Path, folder: &str, monero_binary: &str, ports: &str) { + const DOWNLOAD_MONERO: &str = r#" FROM alpine:latest as monero # https://downloads.getmonero.org/cli/monero-linux-x64-v0.18.3.1.tar.bz2 @@ -21,3 +28,32 @@ RUN gpg --keyserver hkp://keyserver.ubuntu.com:80 --keyserver-options no-self-si # Extract it RUN tar -xvjf monero-linux-x64-v${MONERO_VERSION}.tar.bz2 --strip-components=1 +"#; + + let setup = mimalloc(Os::Alpine).to_string() + DOWNLOAD_MONERO; + + let run_monero = format!(r#" +COPY --from=monero --chown=monero {monero_binary} /bin +ADD scripts /scripts + +EXPOSE {ports} +"#); + + let run = os(Os::Alpine, "RUN apk --no-cache add gcompat", "monero") + &run_monero; + let res = setup + &run; + + let mut monero_path = orchestration_path.to_path_buf(); + monero_path.push("coins"); + monero_path.push(folder); + monero_path.push("Dockerfile"); + + File::create(monero_path).unwrap().write_all(res.as_bytes()).unwrap(); +} + +pub fn monero(orchestration_path: &Path) { + monero_internal(orchestration_path, "monero", "monerod", "18080 18081") +} + +pub fn monero_wallet_rpc(orchestration_path: &Path) { + monero_internal(orchestration_path, "monero-wallet-rpc", "monero-wallet-rpc", "6061") +} diff --git a/orchestration/src/coordinator.rs b/orchestration/src/coordinator.rs new file mode 100644 index 000000000..4e2ecb148 --- /dev/null +++ b/orchestration/src/coordinator.rs @@ -0,0 +1,31 @@ +use std::{path::Path, io::Write, fs::File}; + +use crate::{Os, mimalloc, os, build_serai_service}; + +pub fn coordinator(orchestration_path: &Path) { + let setup = mimalloc(Os::Debian).to_string() + + &build_serai_service(false, "parity-db longer-reattempts", "serai-coordinator"); + + const ADDITIONAL_ROOT: &str = r#" +# Install ca-certificates +RUN apt install -y ca-certificates +"#; + + const RUN_COORDINATOR: &str = r#" +# Copy the Coordinator binary and relevant license +COPY --from=builder --chown=coordinator /serai/bin/serai-coordinator /bin/ +COPY --from=builder --chown=coordinator /serai/AGPL-3.0 . + +# Run coordinator +CMD ["serai-coordinator"] +"#; + + let run = os(Os::Debian, ADDITIONAL_ROOT, "coordinator") + RUN_COORDINATOR; + let res = setup + &run; + + let mut coordinator_path = orchestration_path.to_path_buf(); + coordinator_path.push("coordinator"); + coordinator_path.push("Dockerfile"); + + File::create(coordinator_path).unwrap().write_all(res.as_bytes()).unwrap(); +} diff --git a/orchestration/src/main.rs b/orchestration/src/main.rs new file mode 100644 index 000000000..12015f3b8 --- /dev/null +++ b/orchestration/src/main.rs @@ -0,0 +1,142 @@ +use std::env; + +mod mimalloc; +use mimalloc::mimalloc; + +mod coins; +use coins::*; + +mod message_queue; +use message_queue::message_queue; + +mod processor; +use processor::processor; + +mod coordinator; +use coordinator::coordinator; + +mod serai; +use serai::serai; + +#[derive(Clone, Copy, PartialEq, Eq, Debug, PartialOrd, Ord, Hash)] +enum Os { + Alpine, + Debian, +} + +#[rustfmt::skip] +fn os(os: Os, additional_root: &str, user: &str) -> String { + match os { + Os::Alpine => format!(r#" +FROM alpine:latest as image + +COPY --from=mimalloc-alpine libmimalloc.so /usr/lib +ENV LD_PRELOAD=libmimalloc.so + +RUN apk update && apk upgrade +{additional_root} + +# Switch to a non-root user +# System user (not a human), shell of nologin, no password assigned +RUN adduser -S -s /sbin/nologin -D {user} +USER {user} + +WORKDIR /home/{user} +"#), + + Os::Debian => format!(r#" +FROM debian:bookworm-slim as image + +COPY --from=mimalloc-debian libmimalloc.so /usr/lib +RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload + +RUN apt update && apt upgrade -y && apt autoremove -y && apt clean +{additional_root} + +# Switch to a non-root user +RUN useradd --system --create-home --shell /sbin/nologin {user} +USER {user} + +WORKDIR /home/{user} +"#), + } +} + +#[rustfmt::skip] +fn build_serai_service(release: bool, features: &str, package: &str) -> String { + let profile = if release { "release" } else { "debug" }; + + format!(r#" +FROM rust:1.75-slim-bookworm as builder + +COPY --from=mimalloc-debian libmimalloc.so /usr/lib +RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload + +RUN apt update && apt upgrade -y && apt autoremove -y && apt clean + +# Add dev dependencies +RUN apt install -y pkg-config clang + +# Dependencies for the Serai node +RUN apt install -y make protobuf-compiler + +# Add the wasm toolchain +RUN rustup target add wasm32-unknown-unknown + +# Add files for build +ADD common /serai/common +ADD crypto /serai/crypto +ADD coins /serai/coins +ADD message-queue /serai/message-queue +ADD processor /serai/processor +ADD coordinator /serai/coordinator +ADD substrate /serai/substrate +ADD mini /serai/mini +ADD tests /serai/tests +ADD patches /serai/patches +ADD Cargo.toml /serai +ADD Cargo.lock /serai +ADD AGPL-3.0 /serai + +WORKDIR /serai + +# Mount the caches and build +RUN --mount=type=cache,target=/root/.cargo \ + --mount=type=cache,target=/usr/local/cargo/registry \ + --mount=type=cache,target=/usr/local/cargo/git \ + --mount=type=cache,target=/serai/target \ + mkdir /serai/bin && \ + cargo build --{profile} --features "{features}" -p {package} && \ + mv /serai/target/{profile}/{package} /serai/bin +"#) +} + +fn main() { + let orchestration_path = { + let mut repo_path = env::current_exe().unwrap(); + repo_path.pop(); + assert!(repo_path.as_path().ends_with("debug")); + repo_path.pop(); + assert!(repo_path.as_path().ends_with("target")); + repo_path.pop(); + + let mut orchestration_path = repo_path.clone(); + orchestration_path.push("orchestration"); + orchestration_path + }; + + bitcoin(&orchestration_path); + ethereum(&orchestration_path); + monero(&orchestration_path); + monero_wallet_rpc(&orchestration_path); + + message_queue(&orchestration_path); + + processor(&orchestration_path, "bitcoin"); + processor(&orchestration_path, "ethereum"); + processor(&orchestration_path, "monero"); + + coordinator(&orchestration_path); + + serai(&orchestration_path); +} diff --git a/orchestration/src/message_queue.rs b/orchestration/src/message_queue.rs new file mode 100644 index 000000000..5dd2c299c --- /dev/null +++ b/orchestration/src/message_queue.rs @@ -0,0 +1,28 @@ +use std::{path::Path, io::Write, fs::File}; + +use crate::{Os, mimalloc, os, build_serai_service}; + +pub fn message_queue(orchestration_path: &Path) { + // TODO: Only use parity-db in a test environment + let setup = mimalloc(Os::Debian).to_string() + + &build_serai_service(false, "parity-db", "serai-message-queue"); + + const RUN_MESSAGE_QUEUE: &str = r#" +# Copy the Message Queue binary and relevant license +COPY --from=builder --chown=messagequeue /serai/bin/serai-message-queue /bin +COPY --from=builder --chown=messagequeue /serai/AGPL-3.0 . + +# Run message-queue +EXPOSE 2287 +CMD ["serai-message-queue"] +"#; + + let run = os(Os::Debian, "", "messagequeue") + RUN_MESSAGE_QUEUE; + let res = setup + &run; + + let mut message_queue_path = orchestration_path.to_path_buf(); + message_queue_path.push("message-queue"); + message_queue_path.push("Dockerfile"); + + File::create(message_queue_path).unwrap().write_all(res.as_bytes()).unwrap(); +} diff --git a/orchestration/src/mimalloc.rs b/orchestration/src/mimalloc.rs new file mode 100644 index 000000000..cb401d6b2 --- /dev/null +++ b/orchestration/src/mimalloc.rs @@ -0,0 +1,37 @@ +use crate::Os; + +#[rustfmt::skip] +pub fn mimalloc(os: Os) -> &'static str { + const ALPINE_MIMALLOC: &str = r#" +FROM alpine:latest as mimalloc-alpine + +RUN apk update && apk upgrade && apk --no-cache add gcc g++ libc-dev make cmake git +RUN git clone https://github.com/microsoft/mimalloc && \ + cd mimalloc && \ + git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \ + mkdir -p out/secure && \ + cd out/secure && \ + cmake -DMI_SECURE=ON ../.. && \ + make && \ + cp ./libmimalloc-secure.so ../../../libmimalloc.so +"#; + + const DEBIAN_MIMALLOC: &str = r#" +FROM debian:bookworm-slim as mimalloc-debian + +RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git +RUN git clone https://github.com/microsoft/mimalloc && \ + cd mimalloc && \ + git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \ + mkdir -p out/secure && \ + cd out/secure && \ + cmake -DMI_SECURE=ON ../.. && \ + make && \ + cp ./libmimalloc-secure.so ../../../libmimalloc.so +"#; + + match os { + Os::Alpine => ALPINE_MIMALLOC, + Os::Debian => DEBIAN_MIMALLOC, + } +} diff --git a/orchestration/src/processor.rs b/orchestration/src/processor.rs new file mode 100644 index 000000000..4324846be --- /dev/null +++ b/orchestration/src/processor.rs @@ -0,0 +1,32 @@ +use std::{path::Path, io::Write, fs::File}; + +use crate::{Os, mimalloc, os, build_serai_service}; + +pub fn processor(orchestration_path: &Path, coin: &'static str) { + let setup = mimalloc(Os::Debian).to_string() + + &build_serai_service(false, &format!("binaries parity-db {coin}"), "serai-processor"); + + const ADDITIONAL_ROOT: &str = r#" +# Install ca-certificates +RUN apt install -y ca-certificates +"#; + + const RUN_PROCESSOR: &str = r#" +# Copy the Processor binary and relevant license +COPY --from=builder --chown=processor /serai/bin/serai-processor /bin/ +COPY --from=builder --chown=processor /serai/AGPL-3.0 . + +# Run processor +CMD ["serai-processor"] +"#; + + let run = os(Os::Debian, ADDITIONAL_ROOT, "processor") + RUN_PROCESSOR; + let res = setup + &run; + + let mut processor_path = orchestration_path.to_path_buf(); + processor_path.push("processor"); + processor_path.push(coin); + processor_path.push("Dockerfile"); + + File::create(processor_path).unwrap().write_all(res.as_bytes()).unwrap(); +} diff --git a/orchestration/src/serai.rs b/orchestration/src/serai.rs new file mode 100644 index 000000000..c21a7558e --- /dev/null +++ b/orchestration/src/serai.rs @@ -0,0 +1,26 @@ +use std::{path::Path, io::Write, fs::File}; + +use crate::{Os, mimalloc, os, build_serai_service}; + +pub fn serai(orchestration_path: &Path) { + let setup = mimalloc(Os::Debian).to_string() + &build_serai_service(true, "", "serai-node"); + + const RUN_SERAI: &str = r#" +# Copy the Serai binary and relevant license +COPY --from=builder --chown=serai /serai/bin/serai-node /bin/ +COPY --from=builder --chown=serai /serai/AGPL-3.0 . + +# Run the Serai node +EXPOSE 30333 9615 9933 9944 +CMD ["serai-node"] +"#; + + let run = os(Os::Debian, "", "serai") + RUN_SERAI; + let res = setup + &run; + + let mut serai_path = orchestration_path.to_path_buf(); + serai_path.push("serai"); + serai_path.push("Dockerfile"); + + File::create(serai_path).unwrap().write_all(res.as_bytes()).unwrap(); +} From d2e15f44c61a790e305cfe7957c98d38c0a6a9f5 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 05:47:37 -0500 Subject: [PATCH 02/46] Use Dockerfiles from the orchestator --- orchestration/coins/bitcoin/Dockerfile | 11 ++- .../coins/monero-wallet-rpc/Dockerfile | 20 +++-- orchestration/coins/monero/Dockerfile | 9 ++- orchestration/coordinator/.folder | 0 orchestration/coordinator/Dockerfile | 17 ++-- orchestration/message-queue/.folder | 0 orchestration/message-queue/Dockerfile | 17 ++-- orchestration/processor/bitcoin/.folder | 0 orchestration/processor/bitcoin/Dockerfile | 13 +++- orchestration/processor/ethereum/.folder | 0 orchestration/processor/ethereum/Dockerfile | 78 +++++++++++++++++++ orchestration/processor/monero/.folder | 0 orchestration/processor/monero/Dockerfile | 13 +++- orchestration/serai/Dockerfile | 17 ++-- 14 files changed, 156 insertions(+), 39 deletions(-) create mode 100644 orchestration/coordinator/.folder create mode 100644 orchestration/message-queue/.folder create mode 100644 orchestration/processor/bitcoin/.folder create mode 100644 orchestration/processor/ethereum/.folder create mode 100644 orchestration/processor/ethereum/Dockerfile create mode 100644 orchestration/processor/monero/.folder diff --git a/orchestration/coins/bitcoin/Dockerfile b/orchestration/coins/bitcoin/Dockerfile index e2bd81d16..e5d78d465 100644 --- a/orchestration/coins/bitcoin/Dockerfile +++ b/orchestration/coins/bitcoin/Dockerfile @@ -1,4 +1,5 @@ -FROM debian:bookworm-slim as mimalloc + +FROM debian:bookworm-slim as mimalloc-debian RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git RUN git clone https://github.com/microsoft/mimalloc && \ @@ -9,6 +10,7 @@ RUN git clone https://github.com/microsoft/mimalloc && \ cmake -DMI_SECURE=ON ../.. && \ make && \ cp ./libmimalloc-secure.so ../../../libmimalloc.so + FROM alpine:latest as bitcoin ENV BITCOIN_VERSION=26.0 @@ -31,19 +33,22 @@ RUN grep bitcoin-${BITCOIN_VERSION}-$(uname -m)-linux-gnu.tar.gz SHA256SUMS | sh # Prepare Image RUN tar xzvf bitcoin-${BITCOIN_VERSION}-$(uname -m)-linux-gnu.tar.gz RUN mv bitcoin-${BITCOIN_VERSION}/bin/bitcoind . + FROM debian:bookworm-slim as image -COPY --from=mimalloc libmimalloc.so /usr/lib +COPY --from=mimalloc-debian libmimalloc.so /usr/lib RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload RUN apt update && apt upgrade -y && apt autoremove -y && apt clean + + # Switch to a non-root user RUN useradd --system --create-home --shell /sbin/nologin bitcoin USER bitcoin + WORKDIR /home/bitcoin COPY --from=bitcoin --chown=bitcoin bitcoind /bin COPY ./scripts /scripts EXPOSE 8332 8333 18332 18333 18443 18444 -# VOLUME ["/home/bitcoin/.bitcoin"] diff --git a/orchestration/coins/monero-wallet-rpc/Dockerfile b/orchestration/coins/monero-wallet-rpc/Dockerfile index 98fb760b0..ff7bc4a31 100644 --- a/orchestration/coins/monero-wallet-rpc/Dockerfile +++ b/orchestration/coins/monero-wallet-rpc/Dockerfile @@ -1,6 +1,7 @@ -FROM debian:bookworm-slim as mimalloc -RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git +FROM alpine:latest as mimalloc-alpine + +RUN apk update && apk upgrade && apk --no-cache add gcc g++ libc-dev make cmake git RUN git clone https://github.com/microsoft/mimalloc && \ cd mimalloc && \ git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \ @@ -9,6 +10,7 @@ RUN git clone https://github.com/microsoft/mimalloc && \ cmake -DMI_SECURE=ON ../.. && \ make && \ cp ./libmimalloc-secure.so ../../../libmimalloc.so + FROM alpine:latest as monero # https://downloads.getmonero.org/cli/monero-linux-x64-v0.18.3.1.tar.bz2 @@ -32,18 +34,22 @@ RUN gpg --keyserver hkp://keyserver.ubuntu.com:80 --keyserver-options no-self-si # Extract it RUN tar -xvjf monero-linux-x64-v${MONERO_VERSION}.tar.bz2 --strip-components=1 -FROM debian:bookworm-slim as image -COPY --from=mimalloc libmimalloc.so /usr/lib -RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload +FROM alpine:latest as image + +COPY --from=mimalloc-alpine libmimalloc.so /usr/lib +ENV LD_PRELOAD=libmimalloc.so + +RUN apk update && apk upgrade +RUN apk --no-cache add gcompat -RUN apt update && apt upgrade -y && apt autoremove -y && apt clean # Switch to a non-root user # System user (not a human), shell of nologin, no password assigned -RUN useradd --system --create-home --shell /sbin/nologin monero +RUN adduser -S -s /sbin/nologin -D monero USER monero WORKDIR /home/monero + COPY --from=monero --chown=monero monero-wallet-rpc /bin ADD scripts /scripts diff --git a/orchestration/coins/monero/Dockerfile b/orchestration/coins/monero/Dockerfile index 77c5f4878..40c19a19d 100644 --- a/orchestration/coins/monero/Dockerfile +++ b/orchestration/coins/monero/Dockerfile @@ -1,4 +1,5 @@ -FROM alpine:latest as mimalloc + +FROM alpine:latest as mimalloc-alpine RUN apk update && apk upgrade && apk --no-cache add gcc g++ libc-dev make cmake git RUN git clone https://github.com/microsoft/mimalloc && \ @@ -9,6 +10,7 @@ RUN git clone https://github.com/microsoft/mimalloc && \ cmake -DMI_SECURE=ON ../.. && \ make && \ cp ./libmimalloc-secure.so ../../../libmimalloc.so + FROM alpine:latest as monero # https://downloads.getmonero.org/cli/monero-linux-x64-v0.18.3.1.tar.bz2 @@ -32,9 +34,10 @@ RUN gpg --keyserver hkp://keyserver.ubuntu.com:80 --keyserver-options no-self-si # Extract it RUN tar -xvjf monero-linux-x64-v${MONERO_VERSION}.tar.bz2 --strip-components=1 + FROM alpine:latest as image -COPY --from=mimalloc libmimalloc.so /usr/lib +COPY --from=mimalloc-alpine libmimalloc.so /usr/lib ENV LD_PRELOAD=libmimalloc.so RUN apk update && apk upgrade @@ -46,8 +49,8 @@ RUN adduser -S -s /sbin/nologin -D monero USER monero WORKDIR /home/monero + COPY --from=monero --chown=monero monerod /bin ADD scripts /scripts EXPOSE 18080 18081 -# VOLUME /home/monero/.bitmonero diff --git a/orchestration/coordinator/.folder b/orchestration/coordinator/.folder new file mode 100644 index 000000000..e69de29bb diff --git a/orchestration/coordinator/Dockerfile b/orchestration/coordinator/Dockerfile index f30734c56..c8c5bd248 100644 --- a/orchestration/coordinator/Dockerfile +++ b/orchestration/coordinator/Dockerfile @@ -1,4 +1,5 @@ -FROM debian:bookworm-slim as mimalloc + +FROM debian:bookworm-slim as mimalloc-debian RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git RUN git clone https://github.com/microsoft/mimalloc && \ @@ -9,9 +10,10 @@ RUN git clone https://github.com/microsoft/mimalloc && \ cmake -DMI_SECURE=ON ../.. && \ make && \ cp ./libmimalloc-secure.so ../../../libmimalloc.so + FROM rust:1.75-slim-bookworm as builder -COPY --from=mimalloc libmimalloc.so /usr/lib +COPY --from=mimalloc-debian libmimalloc.so /usr/lib RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload RUN apt update && apt upgrade -y && apt autoremove -y && apt clean @@ -48,17 +50,20 @@ RUN --mount=type=cache,target=/root/.cargo \ --mount=type=cache,target=/usr/local/cargo/git \ --mount=type=cache,target=/serai/target \ mkdir /serai/bin && \ - cargo build -p serai-coordinator --features "parity-db longer-reattempts" && \ + cargo build --debug --features "parity-db longer-reattempts" -p serai-coordinator && \ mv /serai/target/debug/serai-coordinator /serai/bin + FROM debian:bookworm-slim as image -COPY --from=mimalloc libmimalloc.so /usr/lib +COPY --from=mimalloc-debian libmimalloc.so /usr/lib RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload RUN apt update && apt upgrade -y && apt autoremove -y && apt clean + # Install ca-certificates RUN apt install -y ca-certificates + # Switch to a non-root user RUN useradd --system --create-home --shell /sbin/nologin coordinator USER coordinator @@ -66,8 +71,8 @@ USER coordinator WORKDIR /home/coordinator # Copy the Coordinator binary and relevant license -COPY --from=builder --chown=processor /serai/bin/serai-coordinator /bin/ -COPY --from=builder --chown=processor /serai/AGPL-3.0 . +COPY --from=builder --chown=coordinator /serai/bin/serai-coordinator /bin/ +COPY --from=builder --chown=coordinator /serai/AGPL-3.0 . # Run coordinator CMD ["serai-coordinator"] diff --git a/orchestration/message-queue/.folder b/orchestration/message-queue/.folder new file mode 100644 index 000000000..e69de29bb diff --git a/orchestration/message-queue/Dockerfile b/orchestration/message-queue/Dockerfile index 63ee9f72e..7bb4ffce5 100644 --- a/orchestration/message-queue/Dockerfile +++ b/orchestration/message-queue/Dockerfile @@ -1,4 +1,5 @@ -FROM debian:bookworm-slim as mimalloc + +FROM debian:bookworm-slim as mimalloc-debian RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git RUN git clone https://github.com/microsoft/mimalloc && \ @@ -9,9 +10,10 @@ RUN git clone https://github.com/microsoft/mimalloc && \ cmake -DMI_SECURE=ON ../.. && \ make && \ cp ./libmimalloc-secure.so ../../../libmimalloc.so + FROM rust:1.75-slim-bookworm as builder -COPY --from=mimalloc libmimalloc.so /usr/lib +COPY --from=mimalloc-debian libmimalloc.so /usr/lib RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload RUN apt update && apt upgrade -y && apt autoremove -y && apt clean @@ -48,19 +50,22 @@ RUN --mount=type=cache,target=/root/.cargo \ --mount=type=cache,target=/usr/local/cargo/git \ --mount=type=cache,target=/serai/target \ mkdir /serai/bin && \ - cargo build --features parity-db -p serai-message-queue && \ + cargo build --debug --features "parity-db" -p serai-message-queue && \ mv /serai/target/debug/serai-message-queue /serai/bin + FROM debian:bookworm-slim as image -COPY --from=mimalloc libmimalloc.so /usr/lib +COPY --from=mimalloc-debian libmimalloc.so /usr/lib RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload RUN apt update && apt upgrade -y && apt autoremove -y && apt clean + + # Switch to a non-root user -RUN useradd --system --home /home/message-queue --create-home --shell /sbin/nologin messagequeue +RUN useradd --system --create-home --shell /sbin/nologin messagequeue USER messagequeue -WORKDIR /home/message-queue +WORKDIR /home/messagequeue # Copy the Message Queue binary and relevant license COPY --from=builder --chown=messagequeue /serai/bin/serai-message-queue /bin diff --git a/orchestration/processor/bitcoin/.folder b/orchestration/processor/bitcoin/.folder new file mode 100644 index 000000000..e69de29bb diff --git a/orchestration/processor/bitcoin/Dockerfile b/orchestration/processor/bitcoin/Dockerfile index e5f287e76..3476d920f 100644 --- a/orchestration/processor/bitcoin/Dockerfile +++ b/orchestration/processor/bitcoin/Dockerfile @@ -1,4 +1,5 @@ -FROM debian:bookworm-slim as mimalloc + +FROM debian:bookworm-slim as mimalloc-debian RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git RUN git clone https://github.com/microsoft/mimalloc && \ @@ -9,9 +10,10 @@ RUN git clone https://github.com/microsoft/mimalloc && \ cmake -DMI_SECURE=ON ../.. && \ make && \ cp ./libmimalloc-secure.so ../../../libmimalloc.so + FROM rust:1.75-slim-bookworm as builder -COPY --from=mimalloc libmimalloc.so /usr/lib +COPY --from=mimalloc-debian libmimalloc.so /usr/lib RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload RUN apt update && apt upgrade -y && apt autoremove -y && apt clean @@ -48,17 +50,20 @@ RUN --mount=type=cache,target=/root/.cargo \ --mount=type=cache,target=/usr/local/cargo/git \ --mount=type=cache,target=/serai/target \ mkdir /serai/bin && \ - cargo build --features "binaries parity-db bitcoin" -p serai-processor && \ + cargo build --debug --features "binaries parity-db bitcoin" -p serai-processor && \ mv /serai/target/debug/serai-processor /serai/bin + FROM debian:bookworm-slim as image -COPY --from=mimalloc libmimalloc.so /usr/lib +COPY --from=mimalloc-debian libmimalloc.so /usr/lib RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload RUN apt update && apt upgrade -y && apt autoremove -y && apt clean + # Install ca-certificates RUN apt install -y ca-certificates + # Switch to a non-root user RUN useradd --system --create-home --shell /sbin/nologin processor USER processor diff --git a/orchestration/processor/ethereum/.folder b/orchestration/processor/ethereum/.folder new file mode 100644 index 000000000..e69de29bb diff --git a/orchestration/processor/ethereum/Dockerfile b/orchestration/processor/ethereum/Dockerfile new file mode 100644 index 000000000..bb9e96727 --- /dev/null +++ b/orchestration/processor/ethereum/Dockerfile @@ -0,0 +1,78 @@ + +FROM debian:bookworm-slim as mimalloc-debian + +RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git +RUN git clone https://github.com/microsoft/mimalloc && \ + cd mimalloc && \ + git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \ + mkdir -p out/secure && \ + cd out/secure && \ + cmake -DMI_SECURE=ON ../.. && \ + make && \ + cp ./libmimalloc-secure.so ../../../libmimalloc.so + +FROM rust:1.75-slim-bookworm as builder + +COPY --from=mimalloc-debian libmimalloc.so /usr/lib +RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload + +RUN apt update && apt upgrade -y && apt autoremove -y && apt clean + +# Add dev dependencies +RUN apt install -y pkg-config clang + +# Dependencies for the Serai node +RUN apt install -y make protobuf-compiler + +# Add the wasm toolchain +RUN rustup target add wasm32-unknown-unknown + +# Add files for build +ADD common /serai/common +ADD crypto /serai/crypto +ADD coins /serai/coins +ADD message-queue /serai/message-queue +ADD processor /serai/processor +ADD coordinator /serai/coordinator +ADD substrate /serai/substrate +ADD mini /serai/mini +ADD tests /serai/tests +ADD patches /serai/patches +ADD Cargo.toml /serai +ADD Cargo.lock /serai +ADD AGPL-3.0 /serai + +WORKDIR /serai + +# Mount the caches and build +RUN --mount=type=cache,target=/root/.cargo \ + --mount=type=cache,target=/usr/local/cargo/registry \ + --mount=type=cache,target=/usr/local/cargo/git \ + --mount=type=cache,target=/serai/target \ + mkdir /serai/bin && \ + cargo build --debug --features "binaries parity-db ethereum" -p serai-processor && \ + mv /serai/target/debug/serai-processor /serai/bin + +FROM debian:bookworm-slim as image + +COPY --from=mimalloc-debian libmimalloc.so /usr/lib +RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload + +RUN apt update && apt upgrade -y && apt autoremove -y && apt clean + +# Install ca-certificates +RUN apt install -y ca-certificates + + +# Switch to a non-root user +RUN useradd --system --create-home --shell /sbin/nologin processor +USER processor + +WORKDIR /home/processor + +# Copy the Processor binary and relevant license +COPY --from=builder --chown=processor /serai/bin/serai-processor /bin/ +COPY --from=builder --chown=processor /serai/AGPL-3.0 . + +# Run processor +CMD ["serai-processor"] diff --git a/orchestration/processor/monero/.folder b/orchestration/processor/monero/.folder new file mode 100644 index 000000000..e69de29bb diff --git a/orchestration/processor/monero/Dockerfile b/orchestration/processor/monero/Dockerfile index 4cd7ed51f..57041c7b9 100644 --- a/orchestration/processor/monero/Dockerfile +++ b/orchestration/processor/monero/Dockerfile @@ -1,4 +1,5 @@ -FROM debian:bookworm-slim as mimalloc + +FROM debian:bookworm-slim as mimalloc-debian RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git RUN git clone https://github.com/microsoft/mimalloc && \ @@ -9,9 +10,10 @@ RUN git clone https://github.com/microsoft/mimalloc && \ cmake -DMI_SECURE=ON ../.. && \ make && \ cp ./libmimalloc-secure.so ../../../libmimalloc.so + FROM rust:1.75-slim-bookworm as builder -COPY --from=mimalloc libmimalloc.so /usr/lib +COPY --from=mimalloc-debian libmimalloc.so /usr/lib RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload RUN apt update && apt upgrade -y && apt autoremove -y && apt clean @@ -48,17 +50,20 @@ RUN --mount=type=cache,target=/root/.cargo \ --mount=type=cache,target=/usr/local/cargo/git \ --mount=type=cache,target=/serai/target \ mkdir /serai/bin && \ - cargo build --features "binaries parity-db monero" -p serai-processor && \ + cargo build --debug --features "binaries parity-db monero" -p serai-processor && \ mv /serai/target/debug/serai-processor /serai/bin + FROM debian:bookworm-slim as image -COPY --from=mimalloc libmimalloc.so /usr/lib +COPY --from=mimalloc-debian libmimalloc.so /usr/lib RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload RUN apt update && apt upgrade -y && apt autoremove -y && apt clean + # Install ca-certificates RUN apt install -y ca-certificates + # Switch to a non-root user RUN useradd --system --create-home --shell /sbin/nologin processor USER processor diff --git a/orchestration/serai/Dockerfile b/orchestration/serai/Dockerfile index c06205f46..3811abab2 100644 --- a/orchestration/serai/Dockerfile +++ b/orchestration/serai/Dockerfile @@ -1,4 +1,5 @@ -FROM debian:bookworm-slim as mimalloc + +FROM debian:bookworm-slim as mimalloc-debian RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git RUN git clone https://github.com/microsoft/mimalloc && \ @@ -9,9 +10,10 @@ RUN git clone https://github.com/microsoft/mimalloc && \ cmake -DMI_SECURE=ON ../.. && \ make && \ cp ./libmimalloc-secure.so ../../../libmimalloc.so + FROM rust:1.75-slim-bookworm as builder -COPY --from=mimalloc libmimalloc.so /usr/lib +COPY --from=mimalloc-debian libmimalloc.so /usr/lib RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload RUN apt update && apt upgrade -y && apt autoremove -y && apt clean @@ -48,16 +50,19 @@ RUN --mount=type=cache,target=/root/.cargo \ --mount=type=cache,target=/usr/local/cargo/git \ --mount=type=cache,target=/serai/target \ mkdir /serai/bin && \ - cargo build --release -p serai-node && \ + cargo build --release --features "" -p serai-node && \ mv /serai/target/release/serai-node /serai/bin + FROM debian:bookworm-slim as image -COPY --from=mimalloc libmimalloc.so /usr/lib +COPY --from=mimalloc-debian libmimalloc.so /usr/lib RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload RUN apt update && apt upgrade -y && apt autoremove -y && apt clean + + # Switch to a non-root user -RUN useradd --system --home /home/serai --shell /sbin/nologin serai +RUN useradd --system --create-home --shell /sbin/nologin serai USER serai WORKDIR /home/serai @@ -66,6 +71,6 @@ WORKDIR /home/serai COPY --from=builder --chown=serai /serai/bin/serai-node /bin/ COPY --from=builder --chown=serai /serai/AGPL-3.0 . -# Run node +# Run the Serai node EXPOSE 30333 9615 9933 9944 CMD ["serai-node"] From 92b20af23df01895d460d338b4c237d968a0e9a5 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 05:48:24 -0500 Subject: [PATCH 03/46] Ignore Dockerfiles in the git repo --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 3d5bcaa2c..6bad1d065 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,5 @@ target +Dockerfile .test-logs .vscode From cab4d66e40113a72200b618e65ecc6e839ad66c2 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 05:49:01 -0500 Subject: [PATCH 04/46] Remove CI job to check Dockerfiles are as expected now that they're no longer committed --- .github/workflows/lint.yml | 8 -------- 1 file changed, 8 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 707112649..2f74aba27 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -73,14 +73,6 @@ jobs: - name: Run rustfmt run: cargo +${{ steps.nightly.outputs.version }} fmt -- --check - dockerfiles: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac - - name: Verify Dockerfiles are up to date - # Runs the file which generates them and checks the diff has no lines - run: cd orchestration && ./dockerfiles.sh && git diff | wc -l | grep -x "0" - machete: runs-on: ubuntu-latest steps: From 31b25c965ac174d96b9a970edcf6e4b1a1047312 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 05:54:55 -0500 Subject: [PATCH 05/46] Remove old Dockerfiles from repo --- .gitignore | 1 + orchestration/coins/bitcoin/Dockerfile | 54 ------------- orchestration/coins/ethereum/Dockerfile | 37 --------- .../coins/monero-wallet-rpc/Dockerfile | 56 ------------- orchestration/coins/monero/Dockerfile | 56 ------------- orchestration/coordinator/Dockerfile | 78 ------------------- orchestration/message-queue/Dockerfile | 76 ------------------ orchestration/processor/bitcoin/Dockerfile | 78 ------------------- orchestration/processor/ethereum/Dockerfile | 78 ------------------- orchestration/processor/monero/Dockerfile | 78 ------------------- orchestration/serai/Dockerfile | 76 ------------------ 11 files changed, 1 insertion(+), 667 deletions(-) delete mode 100644 orchestration/coins/bitcoin/Dockerfile delete mode 100644 orchestration/coins/ethereum/Dockerfile delete mode 100644 orchestration/coins/monero-wallet-rpc/Dockerfile delete mode 100644 orchestration/coins/monero/Dockerfile delete mode 100644 orchestration/coordinator/Dockerfile delete mode 100644 orchestration/message-queue/Dockerfile delete mode 100644 orchestration/processor/bitcoin/Dockerfile delete mode 100644 orchestration/processor/ethereum/Dockerfile delete mode 100644 orchestration/processor/monero/Dockerfile delete mode 100644 orchestration/serai/Dockerfile diff --git a/.gitignore b/.gitignore index 6bad1d065..b8df85f9a 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,6 @@ target Dockerfile +!orchestration/runtime/Dockerfile .test-logs .vscode diff --git a/orchestration/coins/bitcoin/Dockerfile b/orchestration/coins/bitcoin/Dockerfile deleted file mode 100644 index e5d78d465..000000000 --- a/orchestration/coins/bitcoin/Dockerfile +++ /dev/null @@ -1,54 +0,0 @@ - -FROM debian:bookworm-slim as mimalloc-debian - -RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git -RUN git clone https://github.com/microsoft/mimalloc && \ - cd mimalloc && \ - git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \ - mkdir -p out/secure && \ - cd out/secure && \ - cmake -DMI_SECURE=ON ../.. && \ - make && \ - cp ./libmimalloc-secure.so ../../../libmimalloc.so - -FROM alpine:latest as bitcoin - -ENV BITCOIN_VERSION=26.0 - -RUN apk --no-cache add git gnupg - -# Download Bitcoin -RUN wget https://bitcoincore.org/bin/bitcoin-core-${BITCOIN_VERSION}/bitcoin-${BITCOIN_VERSION}-$(uname -m)-linux-gnu.tar.gz \ - && wget https://bitcoincore.org/bin/bitcoin-core-${BITCOIN_VERSION}/SHA256SUMS \ - && wget https://bitcoincore.org/bin/bitcoin-core-${BITCOIN_VERSION}/SHA256SUMS.asc - -# Verify all sigs and check for a valid signature from laanwj -- 71A3 -RUN git clone https://github.com/bitcoin-core/guix.sigs && \ - cd guix.sigs/builder-keys && \ - find . -iname '*.gpg' -exec gpg --import {} \; && \ - gpg --verify --status-fd 1 --verify ../../SHA256SUMS.asc ../../SHA256SUMS | grep "^\[GNUPG:\] VALIDSIG.*71A3B16735405025D447E8F274810B012346C9A6" - -RUN grep bitcoin-${BITCOIN_VERSION}-$(uname -m)-linux-gnu.tar.gz SHA256SUMS | sha256sum -c - -# Prepare Image -RUN tar xzvf bitcoin-${BITCOIN_VERSION}-$(uname -m)-linux-gnu.tar.gz -RUN mv bitcoin-${BITCOIN_VERSION}/bin/bitcoind . - -FROM debian:bookworm-slim as image - -COPY --from=mimalloc-debian libmimalloc.so /usr/lib -RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload - -RUN apt update && apt upgrade -y && apt autoremove -y && apt clean - - -# Switch to a non-root user -RUN useradd --system --create-home --shell /sbin/nologin bitcoin -USER bitcoin - -WORKDIR /home/bitcoin - -COPY --from=bitcoin --chown=bitcoin bitcoind /bin -COPY ./scripts /scripts - -EXPOSE 8332 8333 18332 18333 18443 18444 diff --git a/orchestration/coins/ethereum/Dockerfile b/orchestration/coins/ethereum/Dockerfile deleted file mode 100644 index d78229a7f..000000000 --- a/orchestration/coins/ethereum/Dockerfile +++ /dev/null @@ -1,37 +0,0 @@ -# Prepare Environment -FROM alpine:latest as builder - -ENV GETH_VERSION=1.10.23-d901d853 - -WORKDIR /home/ethereum - -RUN apk update \ - && apk --no-cache add ca-certificates gnupg bash su-exec - -# Get Binary -RUN wget https://gethstore.blob.core.windows.net/builds/geth-linux-amd64-${GETH_VERSION}.tar.gz\ - && wget https://gethstore.blob.core.windows.net/builds/geth-linux-amd64-${GETH_VERSION}.tar.gz.asc - -# Verify Binary -# Refer to https://geth.ethereum.org/downloads/#openpgp_signatures for the PGP -# PGP keys of builders and developers -ENV KEYS 9BA28146 E058A81C 05A5DDF0 1CCB7DD2 - -RUN gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys ${KEYS} \ - && gpg --verify geth-linux-amd64-${GETH_VERSION}.tar.gz.asc geth-linux-amd64-${GETH_VERSION}.tar.gz - -# Prepare Image -RUN tar xzvf geth-linux-amd64-${GETH_VERSION}.tar.gz - -# Prepare Image -FROM ubuntu:latest as image - -WORKDIR /home/ethereum -COPY --from=builder /home/ethereum/* . -RUN mv * /bin/ -COPY ./scripts /scripts - -EXPOSE 8545 8546 30303 30303/udp - -# Run -CMD ["geth"] diff --git a/orchestration/coins/monero-wallet-rpc/Dockerfile b/orchestration/coins/monero-wallet-rpc/Dockerfile deleted file mode 100644 index ff7bc4a31..000000000 --- a/orchestration/coins/monero-wallet-rpc/Dockerfile +++ /dev/null @@ -1,56 +0,0 @@ - -FROM alpine:latest as mimalloc-alpine - -RUN apk update && apk upgrade && apk --no-cache add gcc g++ libc-dev make cmake git -RUN git clone https://github.com/microsoft/mimalloc && \ - cd mimalloc && \ - git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \ - mkdir -p out/secure && \ - cd out/secure && \ - cmake -DMI_SECURE=ON ../.. && \ - make && \ - cp ./libmimalloc-secure.so ../../../libmimalloc.so - -FROM alpine:latest as monero - -# https://downloads.getmonero.org/cli/monero-linux-x64-v0.18.3.1.tar.bz2 -# Verification will fail if MONERO_VERSION doesn't match the latest -# due to the way monero publishes releases. They overwrite a single hashes.txt -# file with each release, meaning we can only grab the SHA256 of the latest -# release. -# Most publish a asc file for each release / build architecture ¯\_(ツ)_/¯ -ENV MONERO_VERSION=0.18.3.1 - -RUN apk --no-cache add gnupg - -# Download Monero -RUN wget https://downloads.getmonero.org/cli/monero-linux-x64-v${MONERO_VERSION}.tar.bz2 - -# Verify Binary -- fingerprint from https://github.com/monero-project/monero-site/issues/1949 -ADD ./temp/hashes-v${MONERO_VERSION}.txt . -RUN gpg --keyserver hkp://keyserver.ubuntu.com:80 --keyserver-options no-self-sigs-only --receive-keys 81AC591FE9C4B65C5806AFC3F0AF4D462A0BDF92 && \ - gpg --verify hashes-v${MONERO_VERSION}.txt && \ - grep "$(sha256sum monero-linux-x64-v${MONERO_VERSION}.tar.bz2 | cut -c 1-64)" hashes-v${MONERO_VERSION}.txt - -# Extract it -RUN tar -xvjf monero-linux-x64-v${MONERO_VERSION}.tar.bz2 --strip-components=1 - -FROM alpine:latest as image - -COPY --from=mimalloc-alpine libmimalloc.so /usr/lib -ENV LD_PRELOAD=libmimalloc.so - -RUN apk update && apk upgrade -RUN apk --no-cache add gcompat - -# Switch to a non-root user -# System user (not a human), shell of nologin, no password assigned -RUN adduser -S -s /sbin/nologin -D monero -USER monero - -WORKDIR /home/monero - -COPY --from=monero --chown=monero monero-wallet-rpc /bin -ADD scripts /scripts - -EXPOSE 6061 diff --git a/orchestration/coins/monero/Dockerfile b/orchestration/coins/monero/Dockerfile deleted file mode 100644 index 40c19a19d..000000000 --- a/orchestration/coins/monero/Dockerfile +++ /dev/null @@ -1,56 +0,0 @@ - -FROM alpine:latest as mimalloc-alpine - -RUN apk update && apk upgrade && apk --no-cache add gcc g++ libc-dev make cmake git -RUN git clone https://github.com/microsoft/mimalloc && \ - cd mimalloc && \ - git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \ - mkdir -p out/secure && \ - cd out/secure && \ - cmake -DMI_SECURE=ON ../.. && \ - make && \ - cp ./libmimalloc-secure.so ../../../libmimalloc.so - -FROM alpine:latest as monero - -# https://downloads.getmonero.org/cli/monero-linux-x64-v0.18.3.1.tar.bz2 -# Verification will fail if MONERO_VERSION doesn't match the latest -# due to the way monero publishes releases. They overwrite a single hashes.txt -# file with each release, meaning we can only grab the SHA256 of the latest -# release. -# Most publish a asc file for each release / build architecture ¯\_(ツ)_/¯ -ENV MONERO_VERSION=0.18.3.1 - -RUN apk --no-cache add gnupg - -# Download Monero -RUN wget https://downloads.getmonero.org/cli/monero-linux-x64-v${MONERO_VERSION}.tar.bz2 - -# Verify Binary -- fingerprint from https://github.com/monero-project/monero-site/issues/1949 -ADD ./temp/hashes-v${MONERO_VERSION}.txt . -RUN gpg --keyserver hkp://keyserver.ubuntu.com:80 --keyserver-options no-self-sigs-only --receive-keys 81AC591FE9C4B65C5806AFC3F0AF4D462A0BDF92 && \ - gpg --verify hashes-v${MONERO_VERSION}.txt && \ - grep "$(sha256sum monero-linux-x64-v${MONERO_VERSION}.tar.bz2 | cut -c 1-64)" hashes-v${MONERO_VERSION}.txt - -# Extract it -RUN tar -xvjf monero-linux-x64-v${MONERO_VERSION}.tar.bz2 --strip-components=1 - -FROM alpine:latest as image - -COPY --from=mimalloc-alpine libmimalloc.so /usr/lib -ENV LD_PRELOAD=libmimalloc.so - -RUN apk update && apk upgrade -RUN apk --no-cache add gcompat - -# Switch to a non-root user -# System user (not a human), shell of nologin, no password assigned -RUN adduser -S -s /sbin/nologin -D monero -USER monero - -WORKDIR /home/monero - -COPY --from=monero --chown=monero monerod /bin -ADD scripts /scripts - -EXPOSE 18080 18081 diff --git a/orchestration/coordinator/Dockerfile b/orchestration/coordinator/Dockerfile deleted file mode 100644 index c8c5bd248..000000000 --- a/orchestration/coordinator/Dockerfile +++ /dev/null @@ -1,78 +0,0 @@ - -FROM debian:bookworm-slim as mimalloc-debian - -RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git -RUN git clone https://github.com/microsoft/mimalloc && \ - cd mimalloc && \ - git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \ - mkdir -p out/secure && \ - cd out/secure && \ - cmake -DMI_SECURE=ON ../.. && \ - make && \ - cp ./libmimalloc-secure.so ../../../libmimalloc.so - -FROM rust:1.75-slim-bookworm as builder - -COPY --from=mimalloc-debian libmimalloc.so /usr/lib -RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload - -RUN apt update && apt upgrade -y && apt autoremove -y && apt clean - -# Add dev dependencies -RUN apt install -y pkg-config clang - -# Dependencies for the Serai node -RUN apt install -y make protobuf-compiler - -# Add the wasm toolchain -RUN rustup target add wasm32-unknown-unknown - -# Add files for build -ADD common /serai/common -ADD crypto /serai/crypto -ADD coins /serai/coins -ADD message-queue /serai/message-queue -ADD processor /serai/processor -ADD coordinator /serai/coordinator -ADD substrate /serai/substrate -ADD mini /serai/mini -ADD tests /serai/tests -ADD patches /serai/patches -ADD Cargo.toml /serai -ADD Cargo.lock /serai -ADD AGPL-3.0 /serai - -WORKDIR /serai - -# Mount the caches and build -RUN --mount=type=cache,target=/root/.cargo \ - --mount=type=cache,target=/usr/local/cargo/registry \ - --mount=type=cache,target=/usr/local/cargo/git \ - --mount=type=cache,target=/serai/target \ - mkdir /serai/bin && \ - cargo build --debug --features "parity-db longer-reattempts" -p serai-coordinator && \ - mv /serai/target/debug/serai-coordinator /serai/bin - -FROM debian:bookworm-slim as image - -COPY --from=mimalloc-debian libmimalloc.so /usr/lib -RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload - -RUN apt update && apt upgrade -y && apt autoremove -y && apt clean - -# Install ca-certificates -RUN apt install -y ca-certificates - - -# Switch to a non-root user -RUN useradd --system --create-home --shell /sbin/nologin coordinator -USER coordinator - -WORKDIR /home/coordinator - -# Copy the Coordinator binary and relevant license -COPY --from=builder --chown=coordinator /serai/bin/serai-coordinator /bin/ -COPY --from=builder --chown=coordinator /serai/AGPL-3.0 . - -# Run coordinator -CMD ["serai-coordinator"] diff --git a/orchestration/message-queue/Dockerfile b/orchestration/message-queue/Dockerfile deleted file mode 100644 index 7bb4ffce5..000000000 --- a/orchestration/message-queue/Dockerfile +++ /dev/null @@ -1,76 +0,0 @@ - -FROM debian:bookworm-slim as mimalloc-debian - -RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git -RUN git clone https://github.com/microsoft/mimalloc && \ - cd mimalloc && \ - git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \ - mkdir -p out/secure && \ - cd out/secure && \ - cmake -DMI_SECURE=ON ../.. && \ - make && \ - cp ./libmimalloc-secure.so ../../../libmimalloc.so - -FROM rust:1.75-slim-bookworm as builder - -COPY --from=mimalloc-debian libmimalloc.so /usr/lib -RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload - -RUN apt update && apt upgrade -y && apt autoremove -y && apt clean - -# Add dev dependencies -RUN apt install -y pkg-config clang - -# Dependencies for the Serai node -RUN apt install -y make protobuf-compiler - -# Add the wasm toolchain -RUN rustup target add wasm32-unknown-unknown - -# Add files for build -ADD common /serai/common -ADD crypto /serai/crypto -ADD coins /serai/coins -ADD message-queue /serai/message-queue -ADD processor /serai/processor -ADD coordinator /serai/coordinator -ADD substrate /serai/substrate -ADD mini /serai/mini -ADD tests /serai/tests -ADD patches /serai/patches -ADD Cargo.toml /serai -ADD Cargo.lock /serai -ADD AGPL-3.0 /serai - -WORKDIR /serai - -# Mount the caches and build -RUN --mount=type=cache,target=/root/.cargo \ - --mount=type=cache,target=/usr/local/cargo/registry \ - --mount=type=cache,target=/usr/local/cargo/git \ - --mount=type=cache,target=/serai/target \ - mkdir /serai/bin && \ - cargo build --debug --features "parity-db" -p serai-message-queue && \ - mv /serai/target/debug/serai-message-queue /serai/bin - -FROM debian:bookworm-slim as image - -COPY --from=mimalloc-debian libmimalloc.so /usr/lib -RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload - -RUN apt update && apt upgrade -y && apt autoremove -y && apt clean - - -# Switch to a non-root user -RUN useradd --system --create-home --shell /sbin/nologin messagequeue -USER messagequeue - -WORKDIR /home/messagequeue - -# Copy the Message Queue binary and relevant license -COPY --from=builder --chown=messagequeue /serai/bin/serai-message-queue /bin -COPY --from=builder --chown=messagequeue /serai/AGPL-3.0 . - -# Run message-queue -EXPOSE 2287 -CMD ["serai-message-queue"] diff --git a/orchestration/processor/bitcoin/Dockerfile b/orchestration/processor/bitcoin/Dockerfile deleted file mode 100644 index 3476d920f..000000000 --- a/orchestration/processor/bitcoin/Dockerfile +++ /dev/null @@ -1,78 +0,0 @@ - -FROM debian:bookworm-slim as mimalloc-debian - -RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git -RUN git clone https://github.com/microsoft/mimalloc && \ - cd mimalloc && \ - git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \ - mkdir -p out/secure && \ - cd out/secure && \ - cmake -DMI_SECURE=ON ../.. && \ - make && \ - cp ./libmimalloc-secure.so ../../../libmimalloc.so - -FROM rust:1.75-slim-bookworm as builder - -COPY --from=mimalloc-debian libmimalloc.so /usr/lib -RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload - -RUN apt update && apt upgrade -y && apt autoremove -y && apt clean - -# Add dev dependencies -RUN apt install -y pkg-config clang - -# Dependencies for the Serai node -RUN apt install -y make protobuf-compiler - -# Add the wasm toolchain -RUN rustup target add wasm32-unknown-unknown - -# Add files for build -ADD common /serai/common -ADD crypto /serai/crypto -ADD coins /serai/coins -ADD message-queue /serai/message-queue -ADD processor /serai/processor -ADD coordinator /serai/coordinator -ADD substrate /serai/substrate -ADD mini /serai/mini -ADD tests /serai/tests -ADD patches /serai/patches -ADD Cargo.toml /serai -ADD Cargo.lock /serai -ADD AGPL-3.0 /serai - -WORKDIR /serai - -# Mount the caches and build -RUN --mount=type=cache,target=/root/.cargo \ - --mount=type=cache,target=/usr/local/cargo/registry \ - --mount=type=cache,target=/usr/local/cargo/git \ - --mount=type=cache,target=/serai/target \ - mkdir /serai/bin && \ - cargo build --debug --features "binaries parity-db bitcoin" -p serai-processor && \ - mv /serai/target/debug/serai-processor /serai/bin - -FROM debian:bookworm-slim as image - -COPY --from=mimalloc-debian libmimalloc.so /usr/lib -RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload - -RUN apt update && apt upgrade -y && apt autoremove -y && apt clean - -# Install ca-certificates -RUN apt install -y ca-certificates - - -# Switch to a non-root user -RUN useradd --system --create-home --shell /sbin/nologin processor -USER processor - -WORKDIR /home/processor - -# Copy the Processor binary and relevant license -COPY --from=builder --chown=processor /serai/bin/serai-processor /bin/ -COPY --from=builder --chown=processor /serai/AGPL-3.0 . - -# Run processor -CMD ["serai-processor"] diff --git a/orchestration/processor/ethereum/Dockerfile b/orchestration/processor/ethereum/Dockerfile deleted file mode 100644 index bb9e96727..000000000 --- a/orchestration/processor/ethereum/Dockerfile +++ /dev/null @@ -1,78 +0,0 @@ - -FROM debian:bookworm-slim as mimalloc-debian - -RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git -RUN git clone https://github.com/microsoft/mimalloc && \ - cd mimalloc && \ - git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \ - mkdir -p out/secure && \ - cd out/secure && \ - cmake -DMI_SECURE=ON ../.. && \ - make && \ - cp ./libmimalloc-secure.so ../../../libmimalloc.so - -FROM rust:1.75-slim-bookworm as builder - -COPY --from=mimalloc-debian libmimalloc.so /usr/lib -RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload - -RUN apt update && apt upgrade -y && apt autoremove -y && apt clean - -# Add dev dependencies -RUN apt install -y pkg-config clang - -# Dependencies for the Serai node -RUN apt install -y make protobuf-compiler - -# Add the wasm toolchain -RUN rustup target add wasm32-unknown-unknown - -# Add files for build -ADD common /serai/common -ADD crypto /serai/crypto -ADD coins /serai/coins -ADD message-queue /serai/message-queue -ADD processor /serai/processor -ADD coordinator /serai/coordinator -ADD substrate /serai/substrate -ADD mini /serai/mini -ADD tests /serai/tests -ADD patches /serai/patches -ADD Cargo.toml /serai -ADD Cargo.lock /serai -ADD AGPL-3.0 /serai - -WORKDIR /serai - -# Mount the caches and build -RUN --mount=type=cache,target=/root/.cargo \ - --mount=type=cache,target=/usr/local/cargo/registry \ - --mount=type=cache,target=/usr/local/cargo/git \ - --mount=type=cache,target=/serai/target \ - mkdir /serai/bin && \ - cargo build --debug --features "binaries parity-db ethereum" -p serai-processor && \ - mv /serai/target/debug/serai-processor /serai/bin - -FROM debian:bookworm-slim as image - -COPY --from=mimalloc-debian libmimalloc.so /usr/lib -RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload - -RUN apt update && apt upgrade -y && apt autoremove -y && apt clean - -# Install ca-certificates -RUN apt install -y ca-certificates - - -# Switch to a non-root user -RUN useradd --system --create-home --shell /sbin/nologin processor -USER processor - -WORKDIR /home/processor - -# Copy the Processor binary and relevant license -COPY --from=builder --chown=processor /serai/bin/serai-processor /bin/ -COPY --from=builder --chown=processor /serai/AGPL-3.0 . - -# Run processor -CMD ["serai-processor"] diff --git a/orchestration/processor/monero/Dockerfile b/orchestration/processor/monero/Dockerfile deleted file mode 100644 index 57041c7b9..000000000 --- a/orchestration/processor/monero/Dockerfile +++ /dev/null @@ -1,78 +0,0 @@ - -FROM debian:bookworm-slim as mimalloc-debian - -RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git -RUN git clone https://github.com/microsoft/mimalloc && \ - cd mimalloc && \ - git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \ - mkdir -p out/secure && \ - cd out/secure && \ - cmake -DMI_SECURE=ON ../.. && \ - make && \ - cp ./libmimalloc-secure.so ../../../libmimalloc.so - -FROM rust:1.75-slim-bookworm as builder - -COPY --from=mimalloc-debian libmimalloc.so /usr/lib -RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload - -RUN apt update && apt upgrade -y && apt autoremove -y && apt clean - -# Add dev dependencies -RUN apt install -y pkg-config clang - -# Dependencies for the Serai node -RUN apt install -y make protobuf-compiler - -# Add the wasm toolchain -RUN rustup target add wasm32-unknown-unknown - -# Add files for build -ADD common /serai/common -ADD crypto /serai/crypto -ADD coins /serai/coins -ADD message-queue /serai/message-queue -ADD processor /serai/processor -ADD coordinator /serai/coordinator -ADD substrate /serai/substrate -ADD mini /serai/mini -ADD tests /serai/tests -ADD patches /serai/patches -ADD Cargo.toml /serai -ADD Cargo.lock /serai -ADD AGPL-3.0 /serai - -WORKDIR /serai - -# Mount the caches and build -RUN --mount=type=cache,target=/root/.cargo \ - --mount=type=cache,target=/usr/local/cargo/registry \ - --mount=type=cache,target=/usr/local/cargo/git \ - --mount=type=cache,target=/serai/target \ - mkdir /serai/bin && \ - cargo build --debug --features "binaries parity-db monero" -p serai-processor && \ - mv /serai/target/debug/serai-processor /serai/bin - -FROM debian:bookworm-slim as image - -COPY --from=mimalloc-debian libmimalloc.so /usr/lib -RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload - -RUN apt update && apt upgrade -y && apt autoremove -y && apt clean - -# Install ca-certificates -RUN apt install -y ca-certificates - - -# Switch to a non-root user -RUN useradd --system --create-home --shell /sbin/nologin processor -USER processor - -WORKDIR /home/processor - -# Copy the Processor binary and relevant license -COPY --from=builder --chown=processor /serai/bin/serai-processor /bin/ -COPY --from=builder --chown=processor /serai/AGPL-3.0 . - -# Run processor -CMD ["serai-processor"] diff --git a/orchestration/serai/Dockerfile b/orchestration/serai/Dockerfile deleted file mode 100644 index 3811abab2..000000000 --- a/orchestration/serai/Dockerfile +++ /dev/null @@ -1,76 +0,0 @@ - -FROM debian:bookworm-slim as mimalloc-debian - -RUN apt update && apt upgrade -y && apt install -y gcc g++ make cmake git -RUN git clone https://github.com/microsoft/mimalloc && \ - cd mimalloc && \ - git checkout 43ce4bd7fd34bcc730c1c7471c99995597415488 && \ - mkdir -p out/secure && \ - cd out/secure && \ - cmake -DMI_SECURE=ON ../.. && \ - make && \ - cp ./libmimalloc-secure.so ../../../libmimalloc.so - -FROM rust:1.75-slim-bookworm as builder - -COPY --from=mimalloc-debian libmimalloc.so /usr/lib -RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload - -RUN apt update && apt upgrade -y && apt autoremove -y && apt clean - -# Add dev dependencies -RUN apt install -y pkg-config clang - -# Dependencies for the Serai node -RUN apt install -y make protobuf-compiler - -# Add the wasm toolchain -RUN rustup target add wasm32-unknown-unknown - -# Add files for build -ADD common /serai/common -ADD crypto /serai/crypto -ADD coins /serai/coins -ADD message-queue /serai/message-queue -ADD processor /serai/processor -ADD coordinator /serai/coordinator -ADD substrate /serai/substrate -ADD mini /serai/mini -ADD tests /serai/tests -ADD patches /serai/patches -ADD Cargo.toml /serai -ADD Cargo.lock /serai -ADD AGPL-3.0 /serai - -WORKDIR /serai - -# Mount the caches and build -RUN --mount=type=cache,target=/root/.cargo \ - --mount=type=cache,target=/usr/local/cargo/registry \ - --mount=type=cache,target=/usr/local/cargo/git \ - --mount=type=cache,target=/serai/target \ - mkdir /serai/bin && \ - cargo build --release --features "" -p serai-node && \ - mv /serai/target/release/serai-node /serai/bin - -FROM debian:bookworm-slim as image - -COPY --from=mimalloc-debian libmimalloc.so /usr/lib -RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload - -RUN apt update && apt upgrade -y && apt autoremove -y && apt clean - - -# Switch to a non-root user -RUN useradd --system --create-home --shell /sbin/nologin serai -USER serai - -WORKDIR /home/serai - -# Copy the Serai binary and relevant license -COPY --from=builder --chown=serai /serai/bin/serai-node /bin/ -COPY --from=builder --chown=serai /serai/AGPL-3.0 . - -# Run the Serai node -EXPOSE 30333 9615 9933 9944 -CMD ["serai-node"] From d153fcb02fed216d14e048e39fb025522fa444ee Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 07:15:29 -0500 Subject: [PATCH 06/46] Use Debian for monero-wallet-rpc --- orchestration/src/coins/monero.rs | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/orchestration/src/coins/monero.rs b/orchestration/src/coins/monero.rs index 9253c871c..733562221 100644 --- a/orchestration/src/coins/monero.rs +++ b/orchestration/src/coins/monero.rs @@ -1,9 +1,9 @@ use std::{path::Path, io::Write, fs::File}; -use crate::{Os, mimalloc, os}; +use crate::{Os, mimalloc}; #[rustfmt::skip] -fn monero_internal(orchestration_path: &Path, folder: &str, monero_binary: &str, ports: &str) { +fn monero_internal(os: Os, orchestration_path: &Path, folder: &str, monero_binary: &str, ports: &str) { const DOWNLOAD_MONERO: &str = r#" FROM alpine:latest as monero @@ -30,16 +30,22 @@ RUN gpg --keyserver hkp://keyserver.ubuntu.com:80 --keyserver-options no-self-si RUN tar -xvjf monero-linux-x64-v${MONERO_VERSION}.tar.bz2 --strip-components=1 "#; - let setup = mimalloc(Os::Alpine).to_string() + DOWNLOAD_MONERO; + let setup = mimalloc(os).to_string() + DOWNLOAD_MONERO; let run_monero = format!(r#" COPY --from=monero --chown=monero {monero_binary} /bin -ADD scripts /scripts EXPOSE {ports} + +ADD scripts /scripts +CMD ["/scripts/entry-dev.sh"] "#); - let run = os(Os::Alpine, "RUN apk --no-cache add gcompat", "monero") + &run_monero; + let run = crate::os( + os, + if os == Os::Alpine { "RUN apk --no-cache add gcompat" } else { "" }, + "monero" + ) + &run_monero; let res = setup + &run; let mut monero_path = orchestration_path.to_path_buf(); @@ -51,9 +57,9 @@ EXPOSE {ports} } pub fn monero(orchestration_path: &Path) { - monero_internal(orchestration_path, "monero", "monerod", "18080 18081") + monero_internal(Os::Alpine, orchestration_path, "monero", "monerod", "18080 18081") } pub fn monero_wallet_rpc(orchestration_path: &Path) { - monero_internal(orchestration_path, "monero-wallet-rpc", "monero-wallet-rpc", "6061") + monero_internal(Os::Debian, orchestration_path, "monero-wallet-rpc", "monero-wallet-rpc", "18082") } From 65bd6c68809473f3d8729e88dd2b76307928e02c Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 07:16:30 -0500 Subject: [PATCH 07/46] Remove replace_cmds for proper usage of entry-dev Consolidates ports a bit. Updates serai-docker-tests from "compose" to "build". --- .github/actions/monero/action.yml | 2 +- coins/monero/tests/runner.rs | 2 +- coins/monero/tests/wallet2_compatibility.rs | 2 +- .../coins/bitcoin/scripts/entry-dev.sh | 4 +-- .../monero-wallet-rpc/scripts/entry-dev.sh | 6 +++- .../coins/monero/scripts/entry-dev.sh | 4 +-- orchestration/serai/scripts/entry-dev.sh | 6 +--- orchestration/src/coins/bitcoin.rs | 6 ++-- orchestration/src/serai.rs | 5 ++- processor/src/tests/literal/mod.rs | 23 ------------- tests/coordinator/src/lib.rs | 10 +----- tests/docker/src/lib.rs | 33 ++++++++++--------- tests/processor/src/networks.rs | 21 ------------ 13 files changed, 39 insertions(+), 85 deletions(-) diff --git a/.github/actions/monero/action.yml b/.github/actions/monero/action.yml index cb80c841f..aff6912a4 100644 --- a/.github/actions/monero/action.yml +++ b/.github/actions/monero/action.yml @@ -41,4 +41,4 @@ runs: - name: Monero Regtest Daemon shell: bash - run: ./monerod --regtest --offline --fixed-difficulty=1 --detach + run: ./orchestration/coins/monero/scripts/entry-dev.sh diff --git a/coins/monero/tests/runner.rs b/coins/monero/tests/runner.rs index fa0b48df4..ff80656e7 100644 --- a/coins/monero/tests/runner.rs +++ b/coins/monero/tests/runner.rs @@ -86,7 +86,7 @@ pub fn check_weight_and_fee(tx: &Transaction, fee_rate: Fee) { } pub async fn rpc() -> Rpc { - let rpc = HttpRpc::new("http://127.0.0.1:18081".to_string()).await.unwrap(); + let rpc = HttpRpc::new("http://serai:seraidex@127.0.0.1:18081".to_string()).await.unwrap(); // Only run once if rpc.get_height().await.unwrap() != 1 { diff --git a/coins/monero/tests/wallet2_compatibility.rs b/coins/monero/tests/wallet2_compatibility.rs index 4b638c248..2554325fe 100644 --- a/coins/monero/tests/wallet2_compatibility.rs +++ b/coins/monero/tests/wallet2_compatibility.rs @@ -35,7 +35,7 @@ async fn make_integrated_address(rpc: &Rpc, payment_id: [u8; 8]) -> Str } async fn initialize_rpcs() -> (Rpc, Rpc, String) { - let wallet_rpc = HttpRpc::new("http://127.0.0.1:6061".to_string()).await.unwrap(); + let wallet_rpc = HttpRpc::new("http://127.0.0.1:18082".to_string()).await.unwrap(); let daemon_rpc = runner::rpc().await; #[derive(Debug, Deserialize)] diff --git a/orchestration/coins/bitcoin/scripts/entry-dev.sh b/orchestration/coins/bitcoin/scripts/entry-dev.sh index 702dac893..a157fb583 100755 --- a/orchestration/coins/bitcoin/scripts/entry-dev.sh +++ b/orchestration/coins/bitcoin/scripts/entry-dev.sh @@ -3,6 +3,6 @@ RPC_USER="${RPC_USER:=serai}" RPC_PASS="${RPC_PASS:=seraidex}" -bitcoind -txindex -regtest \ +bitcoind -txindex -regtest --port=8333 \ -rpcuser=$RPC_USER -rpcpassword=$RPC_PASS \ - -rpcbind=0.0.0.0 -rpcallowip=0.0.0.0/0 + -rpcbind=0.0.0.0 -rpcallowip=0.0.0.0/0 -rpcport=8332 diff --git a/orchestration/coins/monero-wallet-rpc/scripts/entry-dev.sh b/orchestration/coins/monero-wallet-rpc/scripts/entry-dev.sh index fbf1edb99..500b1b34d 100644 --- a/orchestration/coins/monero-wallet-rpc/scripts/entry-dev.sh +++ b/orchestration/coins/monero-wallet-rpc/scripts/entry-dev.sh @@ -1,3 +1,7 @@ #!/bin/sh -monero-wallet-rpc --disable-rpc-login --rpc-bind-port 6061 --rpc-bind-ip=0.0.0.0 --confirm-external-bind --daemon-address monero:18081 --allow-mismatched-daemon-version --wallet-dir /home/monero +monero-wallet-rpc \ + --disable-rpc-login \ + --rpc-bind-ip=0.0.0.0 --confirm-external-bind \ + --daemon-address monero:18081 --allow-mismatched-daemon-version \ + --wallet-dir /home/monero diff --git a/orchestration/coins/monero/scripts/entry-dev.sh b/orchestration/coins/monero/scripts/entry-dev.sh index b5367f0cb..52ed9259d 100755 --- a/orchestration/coins/monero/scripts/entry-dev.sh +++ b/orchestration/coins/monero/scripts/entry-dev.sh @@ -4,7 +4,7 @@ RPC_USER="${RPC_USER:=serai}" RPC_PASS="${RPC_PASS:=seraidex}" # Run Monero -# TODO: Restore Auth monerod --non-interactive --regtest --offline --fixed-difficulty=1 \ - --no-zmq --rpc-bind-ip=0.0.0.0 --confirm-external-bind \ + --no-zmq --rpc-bind-ip=0.0.0.0 --rpc-bind-port=18081 --confirm-external-bind \ --rpc-access-control-origins * --disable-rpc-ban + --rpc-login=$RPC_USER:$RPC_PASS diff --git a/orchestration/serai/scripts/entry-dev.sh b/orchestration/serai/scripts/entry-dev.sh index 4ae4afe03..5c5d69b74 100755 --- a/orchestration/serai/scripts/entry-dev.sh +++ b/orchestration/serai/scripts/entry-dev.sh @@ -1,7 +1,3 @@ #!/bin/bash -if [[ -z $VALIDATOR ]]; then - serai-node --tmp --chain $CHAIN --name $NAME -else - serai-node --tmp --chain $CHAIN --$NAME -fi +serai-node --unsafe-rpc-external --rpc-cors all --chain local --$SERAI_NAME diff --git a/orchestration/src/coins/bitcoin.rs b/orchestration/src/coins/bitcoin.rs index 58ea0004d..44b4fa26e 100644 --- a/orchestration/src/coins/bitcoin.rs +++ b/orchestration/src/coins/bitcoin.rs @@ -33,9 +33,11 @@ RUN mv bitcoin-${BITCOIN_VERSION}/bin/bitcoind . const RUN_BITCOIN: &str = r#" COPY --from=bitcoin --chown=bitcoin bitcoind /bin -COPY ./scripts /scripts -EXPOSE 8332 8333 18332 18333 18443 18444 +EXPOSE 8332 8333 + +ADD scripts /scripts +CMD ["/scripts/entry-dev.sh"] "#; let run = os(Os::Debian, "", "bitcoin") + RUN_BITCOIN; diff --git a/orchestration/src/serai.rs b/orchestration/src/serai.rs index c21a7558e..b20816173 100644 --- a/orchestration/src/serai.rs +++ b/orchestration/src/serai.rs @@ -5,6 +5,7 @@ use crate::{Os, mimalloc, os, build_serai_service}; pub fn serai(orchestration_path: &Path) { let setup = mimalloc(Os::Debian).to_string() + &build_serai_service(true, "", "serai-node"); + // TODO: Review the ports exposed here const RUN_SERAI: &str = r#" # Copy the Serai binary and relevant license COPY --from=builder --chown=serai /serai/bin/serai-node /bin/ @@ -12,7 +13,9 @@ COPY --from=builder --chown=serai /serai/AGPL-3.0 . # Run the Serai node EXPOSE 30333 9615 9933 9944 -CMD ["serai-node"] + +ADD scripts /scripts +CMD ["./scripts/entry-dev.sh"] "#; let run = os(Os::Debian, "", "serai") + RUN_SERAI; diff --git a/processor/src/tests/literal/mod.rs b/processor/src/tests/literal/mod.rs index f7cd72fb7..2974d040f 100644 --- a/processor/src/tests/literal/mod.rs +++ b/processor/src/tests/literal/mod.rs @@ -25,16 +25,6 @@ mod bitcoin { let composition = TestBodySpecification::with_image( Image::with_repository("serai-dev-bitcoin").pull_policy(PullPolicy::Never), ) - .replace_cmd(vec![ - "bitcoind".to_string(), - "-txindex".to_string(), - "-regtest".to_string(), - format!("-rpcuser=serai"), - format!("-rpcpassword=seraidex"), - "-rpcbind=0.0.0.0".to_string(), - "-rpcallowip=0.0.0.0/0".to_string(), - "-rpcport=8332".to_string(), - ]) .set_start_policy(StartPolicy::Strict) .set_log_options(Some(LogOptions { action: LogAction::Forward, @@ -79,19 +69,6 @@ mod monero { let composition = TestBodySpecification::with_image( Image::with_repository("serai-dev-monero").pull_policy(PullPolicy::Never), ) - .replace_cmd(vec![ - "monerod".to_string(), - "--regtest".to_string(), - "--offline".to_string(), - "--fixed-difficulty=1".to_string(), - "--no-zmq".to_string(), - "--disable-rpc-ban".to_string(), - "--rpc-bind-ip=0.0.0.0".to_string(), - "--rpc-login=serai:seraidex".to_string(), - "--rpc-access-control-origins=*".to_string(), - "--confirm-external-bind".to_string(), - "--non-interactive".to_string(), - ]) .set_start_policy(StartPolicy::Strict) .set_log_options(Some(LogOptions { action: LogAction::Forward, diff --git a/tests/coordinator/src/lib.rs b/tests/coordinator/src/lib.rs index 82fad2f26..0f010456a 100644 --- a/tests/coordinator/src/lib.rs +++ b/tests/coordinator/src/lib.rs @@ -63,15 +63,7 @@ pub fn serai_composition(name: &str) -> TestBodySpecification { TestBodySpecification::with_image( Image::with_repository("serai-dev-serai").pull_policy(PullPolicy::Never), ) - .replace_cmd(vec![ - "serai-node".to_string(), - "--unsafe-rpc-external".to_string(), - "--rpc-cors".to_string(), - "all".to_string(), - "--chain".to_string(), - "local".to_string(), - format!("--{}", name.to_lowercase()), - ]) + .replace_env([("SERAI_NAME".to_string(), name.to_lowercase())].into()) .set_publish_all_ports(true) } diff --git a/tests/docker/src/lib.rs b/tests/docker/src/lib.rs index 2ae847e3b..4ca018f1e 100644 --- a/tests/docker/src/lib.rs +++ b/tests/docker/src/lib.rs @@ -45,6 +45,17 @@ pub fn build(name: String) { let mut orchestration_path = repo_path.clone(); orchestration_path.push("orchestration"); + let mut dockerfile_path = orchestration_path.clone(); + if HashSet::from(["bitcoin", "ethereum", "monero"]).contains(name.as_str()) { + dockerfile_path = dockerfile_path.join("coins"); + } + if name.contains("-processor") { + dockerfile_path = + dockerfile_path.join("processor").join(name.split('-').next().unwrap()).join("Dockerfile"); + } else { + dockerfile_path = dockerfile_path.join(&name).join("Dockerfile"); + } + // If this Docker image was created after this repo was last edited, return here // This should have better performance than Docker and allows running while offline if let Ok(res) = Command::new("docker") @@ -65,22 +76,9 @@ pub fn build(name: String) { .0, ); - let mut dockerfile_path = orchestration_path.clone(); - if HashSet::from(["bitcoin", "ethereum", "monero"]).contains(name.as_str()) { - dockerfile_path = dockerfile_path.join("coins"); - } - if name.contains("-processor") { - dockerfile_path = dockerfile_path - .join("processor") - .join(name.split('-').next().unwrap()) - .join("Dockerfile"); - } else { - dockerfile_path = dockerfile_path.join(&name).join("Dockerfile"); - } - // For all services, if the Dockerfile was edited after the image was built we should rebuild let mut last_modified = - fs::metadata(dockerfile_path).ok().and_then(|meta| meta.modified().ok()); + fs::metadata(&dockerfile_path).ok().and_then(|meta| meta.modified().ok()); // Check any additionally specified paths let meta = |path: PathBuf| (path.clone(), fs::metadata(path)); @@ -151,12 +149,15 @@ pub fn build(name: String) { println!("Building {}...", &name); + dockerfile_path.pop(); + // Version which always prints if !Command::new("docker") .current_dir(orchestration_path) - .arg("compose") .arg("build") - .arg(&name) + .arg(&dockerfile_path) + .arg("-t") + .arg(format!("serai-dev-{name}")) .spawn() .unwrap() .wait() diff --git a/tests/processor/src/networks.rs b/tests/processor/src/networks.rs index dc234476b..fc75db4a7 100644 --- a/tests/processor/src/networks.rs +++ b/tests/processor/src/networks.rs @@ -27,16 +27,6 @@ pub fn bitcoin_instance() -> (TestBodySpecification, u32) { let composition = TestBodySpecification::with_image( Image::with_repository("serai-dev-bitcoin").pull_policy(PullPolicy::Never), ) - .replace_cmd(vec![ - "bitcoind".to_string(), - "-txindex".to_string(), - "-regtest".to_string(), - format!("-rpcuser={RPC_USER}"), - format!("-rpcpassword={RPC_PASS}"), - "-rpcbind=0.0.0.0".to_string(), - "-rpcallowip=0.0.0.0/0".to_string(), - "-rpcport=8332".to_string(), - ]) .set_publish_all_ports(true); (composition, BTC_PORT) } @@ -47,17 +37,6 @@ pub fn monero_instance() -> (TestBodySpecification, u32) { let composition = TestBodySpecification::with_image( Image::with_repository("serai-dev-monero").pull_policy(PullPolicy::Never), ) - .replace_cmd(vec![ - "monerod".to_string(), - "--regtest".to_string(), - "--offline".to_string(), - "--fixed-difficulty=1".to_string(), - "--rpc-bind-ip=0.0.0.0".to_string(), - format!("--rpc-login={RPC_USER}:{RPC_PASS}"), - "--rpc-access-control-origins=*".to_string(), - "--confirm-external-bind".to_string(), - "--non-interactive".to_string(), - ]) .set_start_policy(StartPolicy::Strict) .set_publish_all_ports(true); (composition, XMR_PORT) From 87154d44cabd4d577f5ab269c57d8b0a5da0673b Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 09:05:52 -0500 Subject: [PATCH 08/46] Only write a new dockerfile if it's distinct Preserves the updated time metadata. --- orchestration/coins/monero/scripts/entry-dev.sh | 2 +- orchestration/src/coins/bitcoin.rs | 6 +++--- orchestration/src/coins/monero.rs | 6 +++--- orchestration/src/coordinator.rs | 6 +++--- orchestration/src/main.rs | 13 ++++++++++++- orchestration/src/message_queue.rs | 6 +++--- orchestration/src/processor.rs | 6 +++--- orchestration/src/serai.rs | 6 +++--- 8 files changed, 31 insertions(+), 20 deletions(-) diff --git a/orchestration/coins/monero/scripts/entry-dev.sh b/orchestration/coins/monero/scripts/entry-dev.sh index 52ed9259d..c9576a543 100755 --- a/orchestration/coins/monero/scripts/entry-dev.sh +++ b/orchestration/coins/monero/scripts/entry-dev.sh @@ -6,5 +6,5 @@ RPC_PASS="${RPC_PASS:=seraidex}" # Run Monero monerod --non-interactive --regtest --offline --fixed-difficulty=1 \ --no-zmq --rpc-bind-ip=0.0.0.0 --rpc-bind-port=18081 --confirm-external-bind \ - --rpc-access-control-origins * --disable-rpc-ban + --rpc-access-control-origins * --disable-rpc-ban \ --rpc-login=$RPC_USER:$RPC_PASS diff --git a/orchestration/src/coins/bitcoin.rs b/orchestration/src/coins/bitcoin.rs index 44b4fa26e..b4a570203 100644 --- a/orchestration/src/coins/bitcoin.rs +++ b/orchestration/src/coins/bitcoin.rs @@ -1,6 +1,6 @@ -use std::{path::Path, io::Write, fs::File}; +use std::{path::Path}; -use crate::{Os, mimalloc, os}; +use crate::{Os, mimalloc, os, write_dockerfile}; #[rustfmt::skip] pub fn bitcoin(orchestration_path: &Path) { @@ -48,5 +48,5 @@ CMD ["/scripts/entry-dev.sh"] bitcoin_path.push("bitcoin"); bitcoin_path.push("Dockerfile"); - File::create(bitcoin_path).unwrap().write_all(res.as_bytes()).unwrap(); + write_dockerfile(bitcoin_path, &res); } diff --git a/orchestration/src/coins/monero.rs b/orchestration/src/coins/monero.rs index 733562221..b3b42a288 100644 --- a/orchestration/src/coins/monero.rs +++ b/orchestration/src/coins/monero.rs @@ -1,6 +1,6 @@ -use std::{path::Path, io::Write, fs::File}; +use std::{path::Path}; -use crate::{Os, mimalloc}; +use crate::{Os, mimalloc, write_dockerfile}; #[rustfmt::skip] fn monero_internal(os: Os, orchestration_path: &Path, folder: &str, monero_binary: &str, ports: &str) { @@ -53,7 +53,7 @@ CMD ["/scripts/entry-dev.sh"] monero_path.push(folder); monero_path.push("Dockerfile"); - File::create(monero_path).unwrap().write_all(res.as_bytes()).unwrap(); + write_dockerfile(monero_path, &res); } pub fn monero(orchestration_path: &Path) { diff --git a/orchestration/src/coordinator.rs b/orchestration/src/coordinator.rs index 4e2ecb148..ca0ea1d96 100644 --- a/orchestration/src/coordinator.rs +++ b/orchestration/src/coordinator.rs @@ -1,6 +1,6 @@ -use std::{path::Path, io::Write, fs::File}; +use std::{path::Path}; -use crate::{Os, mimalloc, os, build_serai_service}; +use crate::{Os, mimalloc, os, build_serai_service, write_dockerfile}; pub fn coordinator(orchestration_path: &Path) { let setup = mimalloc(Os::Debian).to_string() + @@ -27,5 +27,5 @@ CMD ["serai-coordinator"] coordinator_path.push("coordinator"); coordinator_path.push("Dockerfile"); - File::create(coordinator_path).unwrap().write_all(res.as_bytes()).unwrap(); + write_dockerfile(coordinator_path, &res); } diff --git a/orchestration/src/main.rs b/orchestration/src/main.rs index 12015f3b8..acfe4c17e 100644 --- a/orchestration/src/main.rs +++ b/orchestration/src/main.rs @@ -1,4 +1,6 @@ -use std::env; +// TODO: Differentiate development/testnet/mainnet (including parity-db usage) + +use std::{env, path::PathBuf, io::Write, fs}; mod mimalloc; use mimalloc::mimalloc; @@ -18,6 +20,15 @@ use coordinator::coordinator; mod serai; use serai::serai; +pub fn write_dockerfile(path: PathBuf, dockerfile: &str) { + if let Ok(existing) = fs::read_to_string(&path).as_ref() { + if existing == dockerfile { + return; + } + } + fs::File::create(path).unwrap().write_all(dockerfile.as_bytes()).unwrap(); +} + #[derive(Clone, Copy, PartialEq, Eq, Debug, PartialOrd, Ord, Hash)] enum Os { Alpine, diff --git a/orchestration/src/message_queue.rs b/orchestration/src/message_queue.rs index 5dd2c299c..3b5ec122f 100644 --- a/orchestration/src/message_queue.rs +++ b/orchestration/src/message_queue.rs @@ -1,6 +1,6 @@ -use std::{path::Path, io::Write, fs::File}; +use std::{path::Path}; -use crate::{Os, mimalloc, os, build_serai_service}; +use crate::{Os, mimalloc, os, build_serai_service, write_dockerfile}; pub fn message_queue(orchestration_path: &Path) { // TODO: Only use parity-db in a test environment @@ -24,5 +24,5 @@ CMD ["serai-message-queue"] message_queue_path.push("message-queue"); message_queue_path.push("Dockerfile"); - File::create(message_queue_path).unwrap().write_all(res.as_bytes()).unwrap(); + write_dockerfile(message_queue_path, &res); } diff --git a/orchestration/src/processor.rs b/orchestration/src/processor.rs index 4324846be..65cb7267c 100644 --- a/orchestration/src/processor.rs +++ b/orchestration/src/processor.rs @@ -1,6 +1,6 @@ -use std::{path::Path, io::Write, fs::File}; +use std::{path::Path}; -use crate::{Os, mimalloc, os, build_serai_service}; +use crate::{Os, mimalloc, os, build_serai_service, write_dockerfile}; pub fn processor(orchestration_path: &Path, coin: &'static str) { let setup = mimalloc(Os::Debian).to_string() + @@ -28,5 +28,5 @@ CMD ["serai-processor"] processor_path.push(coin); processor_path.push("Dockerfile"); - File::create(processor_path).unwrap().write_all(res.as_bytes()).unwrap(); + write_dockerfile(processor_path, &res); } diff --git a/orchestration/src/serai.rs b/orchestration/src/serai.rs index b20816173..587f2f5b5 100644 --- a/orchestration/src/serai.rs +++ b/orchestration/src/serai.rs @@ -1,6 +1,6 @@ -use std::{path::Path, io::Write, fs::File}; +use std::{path::Path}; -use crate::{Os, mimalloc, os, build_serai_service}; +use crate::{Os, mimalloc, os, build_serai_service, write_dockerfile}; pub fn serai(orchestration_path: &Path) { let setup = mimalloc(Os::Debian).to_string() + &build_serai_service(true, "", "serai-node"); @@ -25,5 +25,5 @@ CMD ["./scripts/entry-dev.sh"] serai_path.push("serai"); serai_path.push("Dockerfile"); - File::create(serai_path).unwrap().write_all(res.as_bytes()).unwrap(); + write_dockerfile(serai_path, &res); } From 738f8463ea93994d7571e55e7f9d463132e1146e Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 09:09:06 -0500 Subject: [PATCH 09/46] Update serai-docker-tests --- tests/docker/src/lib.rs | 30 +++++++++++++++++++++++------- 1 file changed, 23 insertions(+), 7 deletions(-) diff --git a/tests/docker/src/lib.rs b/tests/docker/src/lib.rs index 4ca018f1e..63540d01b 100644 --- a/tests/docker/src/lib.rs +++ b/tests/docker/src/lib.rs @@ -42,6 +42,21 @@ pub fn build(name: String) { assert!(repo_path.as_path().ends_with("target")); repo_path.pop(); + // Run the orchestrator to ensure the most recent files exist + if !Command::new("cargo") + .current_dir(&repo_path) + .arg("run") + .arg("-p") + .arg("serai-orchestrator") + .spawn() + .unwrap() + .wait() + .unwrap() + .success() + { + panic!("failed to run the orchestrator"); + } + let mut orchestration_path = repo_path.clone(); orchestration_path.push("orchestration"); @@ -147,15 +162,15 @@ pub fn build(name: String) { } } - println!("Building {}...", &name); - dockerfile_path.pop(); + println!("Building {} in directory {}...", &name, dockerfile_path.display()); + // Version which always prints if !Command::new("docker") - .current_dir(orchestration_path) + .current_dir(dockerfile_path) .arg("build") - .arg(&dockerfile_path) + .arg(".") .arg("-t") .arg(format!("serai-dev-{name}")) .spawn() @@ -170,10 +185,11 @@ pub fn build(name: String) { // Version which only prints on error /* let res = Command::new("docker") - .current_dir(orchestration_path) - .arg("compose") + .current_dir(dockerfile_path) .arg("build") - .arg(&name) + .arg(".") + .arg("-t") + .arg(format!("serai-dev-{name}")) .output() .unwrap(); if !res.status.success() { From 3d6ffd1ae713c28181701be6097fa2227b7216ea Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 09:35:53 -0500 Subject: [PATCH 10/46] Correct the path Dockerfiles are built from --- orchestration/src/coins/bitcoin.rs | 2 +- orchestration/src/coins/monero.rs | 2 +- orchestration/src/serai.rs | 2 +- substrate/client/tests/dht.rs | 14 +++----------- tests/docker/src/lib.rs | 8 ++++---- 5 files changed, 10 insertions(+), 18 deletions(-) diff --git a/orchestration/src/coins/bitcoin.rs b/orchestration/src/coins/bitcoin.rs index b4a570203..da9730878 100644 --- a/orchestration/src/coins/bitcoin.rs +++ b/orchestration/src/coins/bitcoin.rs @@ -36,7 +36,7 @@ COPY --from=bitcoin --chown=bitcoin bitcoind /bin EXPOSE 8332 8333 -ADD scripts /scripts +ADD /orchestration/coins/bitcoin/scripts /scripts CMD ["/scripts/entry-dev.sh"] "#; diff --git a/orchestration/src/coins/monero.rs b/orchestration/src/coins/monero.rs index b3b42a288..963a4b3e7 100644 --- a/orchestration/src/coins/monero.rs +++ b/orchestration/src/coins/monero.rs @@ -37,7 +37,7 @@ COPY --from=monero --chown=monero {monero_binary} /bin EXPOSE {ports} -ADD scripts /scripts +ADD /orchestration/coins/{folder}/scripts /scripts CMD ["/scripts/entry-dev.sh"] "#); diff --git a/orchestration/src/serai.rs b/orchestration/src/serai.rs index 587f2f5b5..e732709aa 100644 --- a/orchestration/src/serai.rs +++ b/orchestration/src/serai.rs @@ -14,7 +14,7 @@ COPY --from=builder --chown=serai /serai/AGPL-3.0 . # Run the Serai node EXPOSE 30333 9615 9933 9944 -ADD scripts /scripts +ADD /orchestration/serai/scripts /scripts CMD ["./scripts/entry-dev.sh"] "#; diff --git a/substrate/client/tests/dht.rs b/substrate/client/tests/dht.rs index deed79031..2fd40b126 100644 --- a/substrate/client/tests/dht.rs +++ b/substrate/client/tests/dht.rs @@ -9,20 +9,12 @@ async fn dht() { serai_docker_tests::build("serai".to_string()); - let handle = |name| format!("serai_client-serai_node-{name}"); - let composition = |name| { + let handle = |name: &str| format!("serai_client-serai_node-{name}"); + let composition = |name: &str| { TestBodySpecification::with_image( Image::with_repository("serai-dev-serai").pull_policy(PullPolicy::Never), ) - .replace_cmd(vec![ - "serai-node".to_string(), - "--unsafe-rpc-external".to_string(), - "--rpc-cors".to_string(), - "all".to_string(), - "--chain".to_string(), - "local".to_string(), - format!("--{name}"), - ]) + .replace_env([("SERAI_NAME".to_string(), name.to_string())].into()) .set_publish_all_ports(true) .set_handle(handle(name)) .set_start_policy(StartPolicy::Strict) diff --git a/tests/docker/src/lib.rs b/tests/docker/src/lib.rs index 63540d01b..d2ff1ecac 100644 --- a/tests/docker/src/lib.rs +++ b/tests/docker/src/lib.rs @@ -162,14 +162,14 @@ pub fn build(name: String) { } } - dockerfile_path.pop(); - - println!("Building {} in directory {}...", &name, dockerfile_path.display()); + println!("Building {}...", &name); // Version which always prints if !Command::new("docker") - .current_dir(dockerfile_path) + .current_dir(&repo_path) .arg("build") + .arg("-f") + .arg(dockerfile_path) .arg(".") .arg("-t") .arg(format!("serai-dev-{name}")) From 30c02dbbb106a29ef2f1634d01f4fc803226360f Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 10:10:11 -0500 Subject: [PATCH 11/46] Correct inclusion of orchestration folder in Docker builds --- orchestration/src/main.rs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/orchestration/src/main.rs b/orchestration/src/main.rs index acfe4c17e..ff49fcc75 100644 --- a/orchestration/src/main.rs +++ b/orchestration/src/main.rs @@ -95,6 +95,7 @@ RUN apt install -y make protobuf-compiler RUN rustup target add wasm32-unknown-unknown # Add files for build +ADD patches /serai/patches ADD common /serai/common ADD crypto /serai/crypto ADD coins /serai/coins @@ -102,9 +103,9 @@ ADD message-queue /serai/message-queue ADD processor /serai/processor ADD coordinator /serai/coordinator ADD substrate /serai/substrate +ADD orchestration /serai/orchestration ADD mini /serai/mini ADD tests /serai/tests -ADD patches /serai/patches ADD Cargo.toml /serai ADD Cargo.lock /serai ADD AGPL-3.0 /serai From f3bbbac988f033bb55f740c046ec5781d1d5cda3 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 10:26:28 -0500 Subject: [PATCH 12/46] Correct debug/release flagging in the cargo command Apparently, --debug isn't an effective NOP yet an error. --- orchestration/src/main.rs | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/orchestration/src/main.rs b/orchestration/src/main.rs index ff49fcc75..491a81f38 100644 --- a/orchestration/src/main.rs +++ b/orchestration/src/main.rs @@ -76,6 +76,7 @@ WORKDIR /home/{user} #[rustfmt::skip] fn build_serai_service(release: bool, features: &str, package: &str) -> String { let profile = if release { "release" } else { "debug" }; + let profile_flag = if release { "--release" } else { "" }; format!(r#" FROM rust:1.75-slim-bookworm as builder @@ -118,7 +119,7 @@ RUN --mount=type=cache,target=/root/.cargo \ --mount=type=cache,target=/usr/local/cargo/git \ --mount=type=cache,target=/serai/target \ mkdir /serai/bin && \ - cargo build --{profile} --features "{features}" -p {package} && \ + cargo build {profile_flag} --features "{features}" -p {package} && \ mv /serai/target/{profile}/{package} /serai/bin "#) } From 5c4a43c773fe7f8c963c83daee8a8867f0953ee3 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 10:35:06 -0500 Subject: [PATCH 13/46] Correct path used to run the Serai node within a Dockerfile --- orchestration/src/serai.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/orchestration/src/serai.rs b/orchestration/src/serai.rs index e732709aa..2917aa8fa 100644 --- a/orchestration/src/serai.rs +++ b/orchestration/src/serai.rs @@ -15,7 +15,7 @@ COPY --from=builder --chown=serai /serai/AGPL-3.0 . EXPOSE 30333 9615 9933 9944 ADD /orchestration/serai/scripts /scripts -CMD ["./scripts/entry-dev.sh"] +CMD ["/scripts/entry-dev.sh"] "#; let run = os(Os::Debian, "", "serai") + RUN_SERAI; From 0ed8fbfb5bd6bcb0262e585c63b6595f37f662ae Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 10:52:50 -0500 Subject: [PATCH 14/46] Correct path in Monero Dockerfile --- .github/actions/monero/action.yml | 2 +- orchestration/src/coins/monero.rs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/actions/monero/action.yml b/.github/actions/monero/action.yml index aff6912a4..0370b5f1f 100644 --- a/.github/actions/monero/action.yml +++ b/.github/actions/monero/action.yml @@ -37,7 +37,7 @@ runs: wget https://downloads.getmonero.org/cli/$FILE tar -xvf $FILE - mv monero-x86_64-linux-gnu-${{ inputs.version }}/monerod monerod + mv monero-x86_64-linux-gnu-${{ inputs.version }}/monerod ./monerod - name: Monero Regtest Daemon shell: bash diff --git a/orchestration/src/coins/monero.rs b/orchestration/src/coins/monero.rs index 963a4b3e7..1101da782 100644 --- a/orchestration/src/coins/monero.rs +++ b/orchestration/src/coins/monero.rs @@ -21,7 +21,7 @@ RUN apk --no-cache add gnupg RUN wget https://downloads.getmonero.org/cli/monero-linux-x64-v${MONERO_VERSION}.tar.bz2 # Verify Binary -- fingerprint from https://github.com/monero-project/monero-site/issues/1949 -ADD ./temp/hashes-v${MONERO_VERSION}.txt . +ADD orchestration/coins/monero/temp/hashes-v${MONERO_VERSION}.txt . RUN gpg --keyserver hkp://keyserver.ubuntu.com:80 --keyserver-options no-self-sigs-only --receive-keys 81AC591FE9C4B65C5806AFC3F0AF4D462A0BDF92 && \ gpg --verify hashes-v${MONERO_VERSION}.txt && \ grep "$(sha256sum monero-linux-x64-v${MONERO_VERSION}.tar.bz2 | cut -c 1-64)" hashes-v${MONERO_VERSION}.txt From 9abb977d7085c2b2afb32abbc76910f9833970c5 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 10:57:22 -0500 Subject: [PATCH 15/46] Attempt storing monerod in /usr/bin --- .github/actions/monero/action.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/actions/monero/action.yml b/.github/actions/monero/action.yml index 0370b5f1f..ae32e4151 100644 --- a/.github/actions/monero/action.yml +++ b/.github/actions/monero/action.yml @@ -5,7 +5,7 @@ inputs: version: description: "Version to download and run" required: false - default: v0.18.2.0 + default: v0.18.3.0 runs: using: "composite" @@ -14,7 +14,7 @@ runs: id: cache-monerod uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 with: - path: monerod + path: /usr/bin/monerod key: monerod-${{ runner.os }}-${{ runner.arch }}-${{ inputs.version }} - name: Download the Monero Daemon @@ -37,8 +37,8 @@ runs: wget https://downloads.getmonero.org/cli/$FILE tar -xvf $FILE - mv monero-x86_64-linux-gnu-${{ inputs.version }}/monerod ./monerod + mv monero-x86_64-linux-gnu-${{ inputs.version }}/monerod /usr/bin/monerod - name: Monero Regtest Daemon shell: bash - run: ./orchestration/coins/monero/scripts/entry-dev.sh + run: PATH=$PATH:/usr/bin ./orchestration/coins/monero/scripts/entry-dev.sh From fc7f7652f2a401b21f91b13f75c745754637234f Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 11:01:42 -0500 Subject: [PATCH 16/46] Use sudo to move into /usr/bin in CI --- .github/actions/monero-wallet-rpc/action.yml | 2 +- .github/actions/monero/action.yml | 4 +++- .github/actions/test-dependencies/action.yml | 2 +- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/actions/monero-wallet-rpc/action.yml b/.github/actions/monero-wallet-rpc/action.yml index 0e8aa7c79..e7d327c3f 100644 --- a/.github/actions/monero-wallet-rpc/action.yml +++ b/.github/actions/monero-wallet-rpc/action.yml @@ -5,7 +5,7 @@ inputs: version: description: "Version to download and run" required: false - default: v0.18.2.0 + default: v0.18.3.0 runs: using: "composite" diff --git a/.github/actions/monero/action.yml b/.github/actions/monero/action.yml index ae32e4151..146a198b1 100644 --- a/.github/actions/monero/action.yml +++ b/.github/actions/monero/action.yml @@ -37,7 +37,9 @@ runs: wget https://downloads.getmonero.org/cli/$FILE tar -xvf $FILE - mv monero-x86_64-linux-gnu-${{ inputs.version }}/monerod /usr/bin/monerod + sudo mv monero-x86_64-linux-gnu-${{ inputs.version }}/monerod /usr/bin/monerod + sudo chmod 777 /usr/bin/monerod + sudo chmod +x /usr/bin/monerod - name: Monero Regtest Daemon shell: bash diff --git a/.github/actions/test-dependencies/action.yml b/.github/actions/test-dependencies/action.yml index e4492dbb6..3716e5bd8 100644 --- a/.github/actions/test-dependencies/action.yml +++ b/.github/actions/test-dependencies/action.yml @@ -5,7 +5,7 @@ inputs: monero-version: description: "Monero version to download and run as a regtest node" required: false - default: v0.18.2.0 + default: v0.18.3.0 bitcoin-version: description: "Bitcoin version to download and run as a regtest node" From f11ed6873c0100da72cf43404c6a419f33a9a167 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 11:07:32 -0500 Subject: [PATCH 17/46] Correct 18.3.0 to 18.3.1 --- .github/actions/monero-wallet-rpc/action.yml | 2 +- .github/actions/monero/action.yml | 2 +- .github/actions/test-dependencies/action.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/actions/monero-wallet-rpc/action.yml b/.github/actions/monero-wallet-rpc/action.yml index e7d327c3f..cb3424af0 100644 --- a/.github/actions/monero-wallet-rpc/action.yml +++ b/.github/actions/monero-wallet-rpc/action.yml @@ -5,7 +5,7 @@ inputs: version: description: "Version to download and run" required: false - default: v0.18.3.0 + default: v0.18.3.1 runs: using: "composite" diff --git a/.github/actions/monero/action.yml b/.github/actions/monero/action.yml index 146a198b1..77aa52f9c 100644 --- a/.github/actions/monero/action.yml +++ b/.github/actions/monero/action.yml @@ -5,7 +5,7 @@ inputs: version: description: "Version to download and run" required: false - default: v0.18.3.0 + default: v0.18.3.1 runs: using: "composite" diff --git a/.github/actions/test-dependencies/action.yml b/.github/actions/test-dependencies/action.yml index 3716e5bd8..a19e17046 100644 --- a/.github/actions/test-dependencies/action.yml +++ b/.github/actions/test-dependencies/action.yml @@ -5,7 +5,7 @@ inputs: monero-version: description: "Monero version to download and run as a regtest node" required: false - default: v0.18.3.0 + default: v0.18.3.1 bitcoin-version: description: "Bitcoin version to download and run as a regtest node" From 8806f2c7eb7258e8f6e05daa6f4a10f8e20821ca Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 11:12:23 -0500 Subject: [PATCH 18/46] Escape * with quotes --- orchestration/coins/monero/scripts/entry-dev.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/orchestration/coins/monero/scripts/entry-dev.sh b/orchestration/coins/monero/scripts/entry-dev.sh index c9576a543..b258b2fd6 100755 --- a/orchestration/coins/monero/scripts/entry-dev.sh +++ b/orchestration/coins/monero/scripts/entry-dev.sh @@ -6,5 +6,5 @@ RPC_PASS="${RPC_PASS:=seraidex}" # Run Monero monerod --non-interactive --regtest --offline --fixed-difficulty=1 \ --no-zmq --rpc-bind-ip=0.0.0.0 --rpc-bind-port=18081 --confirm-external-bind \ - --rpc-access-control-origins * --disable-rpc-ban \ + --rpc-access-control-origins "*" --disable-rpc-ban \ --rpc-login=$RPC_USER:$RPC_PASS From 168cf849d98d7543b23039636c3c98e2c5740440 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 11:38:46 -0500 Subject: [PATCH 19/46] Update deny.toml, ADD orchestration in runtime Dockerfile --- deny.toml | 2 ++ orchestration/runtime/Dockerfile | 3 ++- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/deny.toml b/deny.toml index 1fe2cd86e..2e516b996 100644 --- a/deny.toml +++ b/deny.toml @@ -65,6 +65,8 @@ exceptions = [ { allow = ["AGPL-3.0"], name = "serai-runtime" }, { allow = ["AGPL-3.0"], name = "serai-node" }, + { allow = ["AGPL-3.0"], name = "serai-orchestrator" }, + { allow = ["AGPL-3.0"], name = "mini-serai" }, { allow = ["AGPL-3.0"], name = "serai-docker-tests" }, diff --git a/orchestration/runtime/Dockerfile b/orchestration/runtime/Dockerfile index fd8ecf077..53df3a1c5 100644 --- a/orchestration/runtime/Dockerfile +++ b/orchestration/runtime/Dockerfile @@ -13,6 +13,7 @@ RUN apt install clang -y RUN rustup target add wasm32-unknown-unknown # Add files for build +ADD patches /serai/patches ADD common /serai/common ADD crypto /serai/crypto ADD coins /serai/coins @@ -20,9 +21,9 @@ ADD message-queue /serai/message-queue ADD processor /serai/processor ADD coordinator /serai/coordinator ADD substrate /serai/substrate +ADD orchestration /serai/orchestration ADD mini /serai/mini ADD tests /serai/tests -ADD patches /serai/patches ADD Cargo.toml /serai ADD Cargo.lock /serai ADD AGPL-3.0 /serai From b897d4a48cb174f94153489b68215a8499a949b0 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 13:15:58 -0500 Subject: [PATCH 20/46] Add --detach to the Monero GH CI --- .github/actions/monero/action.yml | 2 +- orchestration/coins/monero/scripts/entry-dev.sh | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/actions/monero/action.yml b/.github/actions/monero/action.yml index 77aa52f9c..c9558acf9 100644 --- a/.github/actions/monero/action.yml +++ b/.github/actions/monero/action.yml @@ -43,4 +43,4 @@ runs: - name: Monero Regtest Daemon shell: bash - run: PATH=$PATH:/usr/bin ./orchestration/coins/monero/scripts/entry-dev.sh + run: PATH=$PATH:/usr/bin ./orchestration/coins/monero/scripts/entry-dev.sh --detach diff --git a/orchestration/coins/monero/scripts/entry-dev.sh b/orchestration/coins/monero/scripts/entry-dev.sh index b258b2fd6..675d44382 100755 --- a/orchestration/coins/monero/scripts/entry-dev.sh +++ b/orchestration/coins/monero/scripts/entry-dev.sh @@ -7,4 +7,5 @@ RPC_PASS="${RPC_PASS:=seraidex}" monerod --non-interactive --regtest --offline --fixed-difficulty=1 \ --no-zmq --rpc-bind-ip=0.0.0.0 --rpc-bind-port=18081 --confirm-external-bind \ --rpc-access-control-origins "*" --disable-rpc-ban \ - --rpc-login=$RPC_USER:$RPC_PASS + --rpc-login=$RPC_USER:$RPC_PASS \ + $1 From 60098f59a7f63adf0e5fd4b7a71f9a6008708c47 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 13:49:21 -0500 Subject: [PATCH 21/46] Diversify dockerfiles by network --- .github/actions/monero-wallet-rpc/action.yml | 2 +- .github/actions/monero/action.yml | 2 +- .github/workflows/coordinator-tests.yml | 6 +- .github/workflows/message-queue-tests.yml | 4 +- .github/workflows/processor-tests.yml | 6 +- .../coins/bitcoin/scripts/run.sh} | 0 .../coins/ethereum/scripts/run.sh} | 0 .../coins/monero-wallet-rpc/scripts/run.sh} | 0 .../coins/monero/scripts/run.sh} | 0 .../coins/monero/temp/hashes-v0.18.3.1.txt | 0 orchestration/{ => dev}/coordinator/.folder | 0 orchestration/{ => dev}/message-queue/.folder | 0 .../{ => dev}/processor/bitcoin/.folder | 0 .../{ => dev}/processor/ethereum/.folder | 0 .../{ => dev}/processor/monero/.folder | 0 .../entry-dev.sh => dev/serai/scripts/run.sh} | 0 orchestration/src/coins/bitcoin.rs | 2 +- orchestration/src/coins/monero.rs | 2 +- orchestration/src/coordinator.rs | 12 +++- orchestration/src/main.rs | 61 +++++++++++++++---- orchestration/src/message_queue.rs | 7 +-- orchestration/src/processor.rs | 10 ++- orchestration/src/serai.rs | 3 +- .../testnet/coins/bitcoin/scripts/run.sh | 3 + .../testnet/coins/ethereum/scripts/run.sh | 3 + .../testnet/coins/monero/scripts/run.sh | 3 + .../coins/monero/temp/hashes-v0.18.3.1.txt | 49 +++++++++++++++ orchestration/testnet/coordinator/.folder | 0 orchestration/testnet/message-queue/.folder | 0 .../testnet/processor/bitcoin/.folder | 0 .../testnet/processor/ethereum/.folder | 0 .../testnet/processor/monero/.folder | 0 orchestration/testnet/serai/scripts/run.sh | 3 + tests/docker/src/lib.rs | 1 + 34 files changed, 142 insertions(+), 37 deletions(-) rename orchestration/{coins/bitcoin/scripts/entry-dev.sh => dev/coins/bitcoin/scripts/run.sh} (100%) mode change 100755 => 100644 rename orchestration/{coins/ethereum/scripts/entry-dev.sh => dev/coins/ethereum/scripts/run.sh} (100%) mode change 100755 => 100644 rename orchestration/{coins/monero-wallet-rpc/scripts/entry-dev.sh => dev/coins/monero-wallet-rpc/scripts/run.sh} (100%) rename orchestration/{coins/monero/scripts/entry-dev.sh => dev/coins/monero/scripts/run.sh} (100%) mode change 100755 => 100644 rename orchestration/{ => dev}/coins/monero/temp/hashes-v0.18.3.1.txt (100%) rename orchestration/{ => dev}/coordinator/.folder (100%) rename orchestration/{ => dev}/message-queue/.folder (100%) rename orchestration/{ => dev}/processor/bitcoin/.folder (100%) rename orchestration/{ => dev}/processor/ethereum/.folder (100%) rename orchestration/{ => dev}/processor/monero/.folder (100%) rename orchestration/{serai/scripts/entry-dev.sh => dev/serai/scripts/run.sh} (100%) mode change 100755 => 100644 create mode 100644 orchestration/testnet/coins/bitcoin/scripts/run.sh create mode 100644 orchestration/testnet/coins/ethereum/scripts/run.sh create mode 100644 orchestration/testnet/coins/monero/scripts/run.sh create mode 100644 orchestration/testnet/coins/monero/temp/hashes-v0.18.3.1.txt create mode 100644 orchestration/testnet/coordinator/.folder create mode 100644 orchestration/testnet/message-queue/.folder create mode 100644 orchestration/testnet/processor/bitcoin/.folder create mode 100644 orchestration/testnet/processor/ethereum/.folder create mode 100644 orchestration/testnet/processor/monero/.folder create mode 100755 orchestration/testnet/serai/scripts/run.sh diff --git a/.github/actions/monero-wallet-rpc/action.yml b/.github/actions/monero-wallet-rpc/action.yml index cb3424af0..3d0dedae3 100644 --- a/.github/actions/monero-wallet-rpc/action.yml +++ b/.github/actions/monero-wallet-rpc/action.yml @@ -41,4 +41,4 @@ runs: - name: Monero Wallet RPC shell: bash - run: ./monero-wallet-rpc --disable-rpc-login --rpc-bind-port 6061 --allow-mismatched-daemon-version --wallet-dir ./ --detach + run: ./monero-wallet-rpc --disable-rpc-login --rpc-bind-port 18082 --allow-mismatched-daemon-version --wallet-dir ./ --detach diff --git a/.github/actions/monero/action.yml b/.github/actions/monero/action.yml index c9558acf9..66178d234 100644 --- a/.github/actions/monero/action.yml +++ b/.github/actions/monero/action.yml @@ -43,4 +43,4 @@ runs: - name: Monero Regtest Daemon shell: bash - run: PATH=$PATH:/usr/bin ./orchestration/coins/monero/scripts/entry-dev.sh --detach + run: PATH=$PATH:/usr/bin ./orchestration/dev/coins/monero/scripts/run.sh --detach diff --git a/.github/workflows/coordinator-tests.yml b/.github/workflows/coordinator-tests.yml index cf32e9305..7cc4d7b36 100644 --- a/.github/workflows/coordinator-tests.yml +++ b/.github/workflows/coordinator-tests.yml @@ -9,9 +9,8 @@ on: - "crypto/**" - "coins/**" - "message-queue/**" - - "orchestration/message-queue/**" - "coordinator/**" - - "orchestration/coordinator/**" + - "orchestration/**" - "tests/docker/**" - "tests/coordinator/**" @@ -21,9 +20,8 @@ on: - "crypto/**" - "coins/**" - "message-queue/**" - - "orchestration/message-queue/**" - "coordinator/**" - - "orchestration/coordinator/**" + - "orchestration/**" - "tests/docker/**" - "tests/coordinator/**" diff --git a/.github/workflows/message-queue-tests.yml b/.github/workflows/message-queue-tests.yml index e6a5cfbf3..273af237f 100644 --- a/.github/workflows/message-queue-tests.yml +++ b/.github/workflows/message-queue-tests.yml @@ -8,7 +8,7 @@ on: - "common/**" - "crypto/**" - "message-queue/**" - - "orchestration/message-queue/**" + - "orchestration/**" - "tests/docker/**" - "tests/message-queue/**" @@ -17,7 +17,7 @@ on: - "common/**" - "crypto/**" - "message-queue/**" - - "orchestration/message-queue/**" + - "orchestration/**" - "tests/docker/**" - "tests/message-queue/**" diff --git a/.github/workflows/processor-tests.yml b/.github/workflows/processor-tests.yml index f124cecea..88f4429cf 100644 --- a/.github/workflows/processor-tests.yml +++ b/.github/workflows/processor-tests.yml @@ -9,9 +9,8 @@ on: - "crypto/**" - "coins/**" - "message-queue/**" - - "orchestration/message-queue/**" - "processor/**" - - "orchestration/processor/**" + - "orchestration/**" - "tests/docker/**" - "tests/processor/**" @@ -21,9 +20,8 @@ on: - "crypto/**" - "coins/**" - "message-queue/**" - - "orchestration/message-queue/**" - "processor/**" - - "orchestration/processor/**" + - "orchestration/**" - "tests/docker/**" - "tests/processor/**" diff --git a/orchestration/coins/bitcoin/scripts/entry-dev.sh b/orchestration/dev/coins/bitcoin/scripts/run.sh old mode 100755 new mode 100644 similarity index 100% rename from orchestration/coins/bitcoin/scripts/entry-dev.sh rename to orchestration/dev/coins/bitcoin/scripts/run.sh diff --git a/orchestration/coins/ethereum/scripts/entry-dev.sh b/orchestration/dev/coins/ethereum/scripts/run.sh old mode 100755 new mode 100644 similarity index 100% rename from orchestration/coins/ethereum/scripts/entry-dev.sh rename to orchestration/dev/coins/ethereum/scripts/run.sh diff --git a/orchestration/coins/monero-wallet-rpc/scripts/entry-dev.sh b/orchestration/dev/coins/monero-wallet-rpc/scripts/run.sh similarity index 100% rename from orchestration/coins/monero-wallet-rpc/scripts/entry-dev.sh rename to orchestration/dev/coins/monero-wallet-rpc/scripts/run.sh diff --git a/orchestration/coins/monero/scripts/entry-dev.sh b/orchestration/dev/coins/monero/scripts/run.sh old mode 100755 new mode 100644 similarity index 100% rename from orchestration/coins/monero/scripts/entry-dev.sh rename to orchestration/dev/coins/monero/scripts/run.sh diff --git a/orchestration/coins/monero/temp/hashes-v0.18.3.1.txt b/orchestration/dev/coins/monero/temp/hashes-v0.18.3.1.txt similarity index 100% rename from orchestration/coins/monero/temp/hashes-v0.18.3.1.txt rename to orchestration/dev/coins/monero/temp/hashes-v0.18.3.1.txt diff --git a/orchestration/coordinator/.folder b/orchestration/dev/coordinator/.folder similarity index 100% rename from orchestration/coordinator/.folder rename to orchestration/dev/coordinator/.folder diff --git a/orchestration/message-queue/.folder b/orchestration/dev/message-queue/.folder similarity index 100% rename from orchestration/message-queue/.folder rename to orchestration/dev/message-queue/.folder diff --git a/orchestration/processor/bitcoin/.folder b/orchestration/dev/processor/bitcoin/.folder similarity index 100% rename from orchestration/processor/bitcoin/.folder rename to orchestration/dev/processor/bitcoin/.folder diff --git a/orchestration/processor/ethereum/.folder b/orchestration/dev/processor/ethereum/.folder similarity index 100% rename from orchestration/processor/ethereum/.folder rename to orchestration/dev/processor/ethereum/.folder diff --git a/orchestration/processor/monero/.folder b/orchestration/dev/processor/monero/.folder similarity index 100% rename from orchestration/processor/monero/.folder rename to orchestration/dev/processor/monero/.folder diff --git a/orchestration/serai/scripts/entry-dev.sh b/orchestration/dev/serai/scripts/run.sh old mode 100755 new mode 100644 similarity index 100% rename from orchestration/serai/scripts/entry-dev.sh rename to orchestration/dev/serai/scripts/run.sh diff --git a/orchestration/src/coins/bitcoin.rs b/orchestration/src/coins/bitcoin.rs index da9730878..5ca10f95d 100644 --- a/orchestration/src/coins/bitcoin.rs +++ b/orchestration/src/coins/bitcoin.rs @@ -37,7 +37,7 @@ COPY --from=bitcoin --chown=bitcoin bitcoind /bin EXPOSE 8332 8333 ADD /orchestration/coins/bitcoin/scripts /scripts -CMD ["/scripts/entry-dev.sh"] +CMD ["/scripts/run.sh"] "#; let run = os(Os::Debian, "", "bitcoin") + RUN_BITCOIN; diff --git a/orchestration/src/coins/monero.rs b/orchestration/src/coins/monero.rs index 1101da782..978d5576d 100644 --- a/orchestration/src/coins/monero.rs +++ b/orchestration/src/coins/monero.rs @@ -38,7 +38,7 @@ COPY --from=monero --chown=monero {monero_binary} /bin EXPOSE {ports} ADD /orchestration/coins/{folder}/scripts /scripts -CMD ["/scripts/entry-dev.sh"] +CMD ["/scripts/run.sh"] "#); let run = crate::os( diff --git a/orchestration/src/coordinator.rs b/orchestration/src/coordinator.rs index ca0ea1d96..4669f13ab 100644 --- a/orchestration/src/coordinator.rs +++ b/orchestration/src/coordinator.rs @@ -1,10 +1,16 @@ use std::{path::Path}; -use crate::{Os, mimalloc, os, build_serai_service, write_dockerfile}; +use crate::{Network, Os, mimalloc, os, build_serai_service, write_dockerfile}; -pub fn coordinator(orchestration_path: &Path) { +pub fn coordinator(orchestration_path: &Path, network: Network) { + let db = network.db(); + let longer_reattempts = if network == Network::Dev { "longer-reattempts" } else { "" }; let setup = mimalloc(Os::Debian).to_string() + - &build_serai_service(false, "parity-db longer-reattempts", "serai-coordinator"); + &build_serai_service( + network.release(), + &format!("{db} {longer_reattempts}"), + "serai-coordinator", + ); const ADDITIONAL_ROOT: &str = r#" # Install ca-certificates diff --git a/orchestration/src/main.rs b/orchestration/src/main.rs index 491a81f38..81a793f69 100644 --- a/orchestration/src/main.rs +++ b/orchestration/src/main.rs @@ -20,13 +20,33 @@ use coordinator::coordinator; mod serai; use serai::serai; -pub fn write_dockerfile(path: PathBuf, dockerfile: &str) { - if let Ok(existing) = fs::read_to_string(&path).as_ref() { - if existing == dockerfile { - return; +#[derive(Clone, Copy, PartialEq, Eq, Debug, PartialOrd, Ord, Hash)] +pub enum Network { + Dev, + Testnet, +} + +impl Network { + pub fn db(&self) -> &'static str { + match self { + Network::Dev => "parity-db", + Network::Testnet => "rocksdb", + } + } + + pub fn release(&self) -> bool { + match self { + Network::Dev => false, + Network::Testnet => true, + } + } + + pub fn folder(&self) -> &'static str { + match self { + Network::Dev => "dev", + Network::Testnet => "testnet", } } - fs::File::create(path).unwrap().write_all(dockerfile.as_bytes()).unwrap(); } #[derive(Clone, Copy, PartialEq, Eq, Debug, PartialOrd, Ord, Hash)] @@ -124,7 +144,16 @@ RUN --mount=type=cache,target=/root/.cargo \ "#) } -fn main() { +pub fn write_dockerfile(path: PathBuf, dockerfile: &str) { + if let Ok(existing) = fs::read_to_string(&path).as_ref() { + if existing == dockerfile { + return; + } + } + fs::File::create(path).unwrap().write_all(dockerfile.as_bytes()).unwrap(); +} + +fn dockerfiles(network: Network) { let orchestration_path = { let mut repo_path = env::current_exe().unwrap(); repo_path.pop(); @@ -135,21 +164,29 @@ fn main() { let mut orchestration_path = repo_path.clone(); orchestration_path.push("orchestration"); + orchestration_path.push(network.folder()); orchestration_path }; bitcoin(&orchestration_path); ethereum(&orchestration_path); monero(&orchestration_path); - monero_wallet_rpc(&orchestration_path); + if network == Network::Dev { + monero_wallet_rpc(&orchestration_path); + } - message_queue(&orchestration_path); + message_queue(&orchestration_path, network); - processor(&orchestration_path, "bitcoin"); - processor(&orchestration_path, "ethereum"); - processor(&orchestration_path, "monero"); + processor(&orchestration_path, network, "bitcoin"); + processor(&orchestration_path, network, "ethereum"); + processor(&orchestration_path, network, "monero"); - coordinator(&orchestration_path); + coordinator(&orchestration_path, network); serai(&orchestration_path); } + +fn main() { + dockerfiles(Network::Dev); + dockerfiles(Network::Testnet); +} diff --git a/orchestration/src/message_queue.rs b/orchestration/src/message_queue.rs index 3b5ec122f..b20ac747d 100644 --- a/orchestration/src/message_queue.rs +++ b/orchestration/src/message_queue.rs @@ -1,11 +1,10 @@ use std::{path::Path}; -use crate::{Os, mimalloc, os, build_serai_service, write_dockerfile}; +use crate::{Network, Os, mimalloc, os, build_serai_service, write_dockerfile}; -pub fn message_queue(orchestration_path: &Path) { - // TODO: Only use parity-db in a test environment +pub fn message_queue(orchestration_path: &Path, network: Network) { let setup = mimalloc(Os::Debian).to_string() + - &build_serai_service(false, "parity-db", "serai-message-queue"); + &build_serai_service(network.release(), network.db(), "serai-message-queue"); const RUN_MESSAGE_QUEUE: &str = r#" # Copy the Message Queue binary and relevant license diff --git a/orchestration/src/processor.rs b/orchestration/src/processor.rs index 65cb7267c..9e6b0015c 100644 --- a/orchestration/src/processor.rs +++ b/orchestration/src/processor.rs @@ -1,10 +1,14 @@ use std::{path::Path}; -use crate::{Os, mimalloc, os, build_serai_service, write_dockerfile}; +use crate::{Network, Os, mimalloc, os, build_serai_service, write_dockerfile}; -pub fn processor(orchestration_path: &Path, coin: &'static str) { +pub fn processor(orchestration_path: &Path, network: Network, coin: &'static str) { let setup = mimalloc(Os::Debian).to_string() + - &build_serai_service(false, &format!("binaries parity-db {coin}"), "serai-processor"); + &build_serai_service( + network.release(), + &format!("binaries {} {coin}", network.db()), + "serai-processor", + ); const ADDITIONAL_ROOT: &str = r#" # Install ca-certificates diff --git a/orchestration/src/serai.rs b/orchestration/src/serai.rs index 2917aa8fa..26349ae9e 100644 --- a/orchestration/src/serai.rs +++ b/orchestration/src/serai.rs @@ -3,6 +3,7 @@ use std::{path::Path}; use crate::{Os, mimalloc, os, build_serai_service, write_dockerfile}; pub fn serai(orchestration_path: &Path) { + // Always builds in release for performance reasons let setup = mimalloc(Os::Debian).to_string() + &build_serai_service(true, "", "serai-node"); // TODO: Review the ports exposed here @@ -15,7 +16,7 @@ COPY --from=builder --chown=serai /serai/AGPL-3.0 . EXPOSE 30333 9615 9933 9944 ADD /orchestration/serai/scripts /scripts -CMD ["/scripts/entry-dev.sh"] +CMD ["/scripts/run.sh"] "#; let run = os(Os::Debian, "", "serai") + RUN_SERAI; diff --git a/orchestration/testnet/coins/bitcoin/scripts/run.sh b/orchestration/testnet/coins/bitcoin/scripts/run.sh new file mode 100644 index 000000000..d87f29eec --- /dev/null +++ b/orchestration/testnet/coins/bitcoin/scripts/run.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +exit 1 diff --git a/orchestration/testnet/coins/ethereum/scripts/run.sh b/orchestration/testnet/coins/ethereum/scripts/run.sh new file mode 100644 index 000000000..2bb8d868b --- /dev/null +++ b/orchestration/testnet/coins/ethereum/scripts/run.sh @@ -0,0 +1,3 @@ +#!/bin/sh + +exit 1 diff --git a/orchestration/testnet/coins/monero/scripts/run.sh b/orchestration/testnet/coins/monero/scripts/run.sh new file mode 100644 index 000000000..2bb8d868b --- /dev/null +++ b/orchestration/testnet/coins/monero/scripts/run.sh @@ -0,0 +1,3 @@ +#!/bin/sh + +exit 1 diff --git a/orchestration/testnet/coins/monero/temp/hashes-v0.18.3.1.txt b/orchestration/testnet/coins/monero/temp/hashes-v0.18.3.1.txt new file mode 100644 index 000000000..ff23e4a83 --- /dev/null +++ b/orchestration/testnet/coins/monero/temp/hashes-v0.18.3.1.txt @@ -0,0 +1,49 @@ +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA256 + +# This GPG-signed message exists to confirm the SHA256 sums of Monero binaries. +# +# Please verify the signature against the key for binaryFate in the +# source code repository (/utils/gpg_keys). +# +# +## CLI +fc6a93eabc3fd524ff1ceedbf502b8d43c61a7805728b7ed5f9e7204e26b91f5 monero-android-armv7-v0.18.3.1.tar.bz2 +6d9c7d31942dde86ce39757fd55027448ceb260b60b3c8d32ed018211eb4f1e4 monero-android-armv8-v0.18.3.1.tar.bz2 +3e2d9964a9e52c146b4d26b5eb53e691b3ba88e2468dc4fbfee4c318a367a90e monero-freebsd-x64-v0.18.3.1.tar.bz2 +2ea2c8898cbab88f49423f4f6c15f2a94046cb4bbe827493dd061edc0fd5f1ca monero-linux-armv7-v0.18.3.1.tar.bz2 +445032e88dc07e51ac5fff7034752be530d1c4117d8d605100017bcd87c7b21f monero-linux-armv8-v0.18.3.1.tar.bz2 +23af572fdfe3459b9ab97e2e9aa7e3c11021c955d6064b801a27d7e8c21ae09d monero-linux-x64-v0.18.3.1.tar.bz2 +c8553558dece79a4c23e1114fdf638b15e46899d7cf0af41457f18bbbee83986 monero-linux-x86-v0.18.3.1.tar.bz2 +915288b023cb5811e626e10052adc6ac5323dd283c5a25b91059b0fb86a21fb6 monero-mac-armv8-v0.18.3.1.tar.bz2 +7f8bd9364ef16482b418aa802a65be0e4cc660c794bb5d77b2d17bc84427883a monero-mac-x64-v0.18.3.1.tar.bz2 +35dcc4bee4caad3442659d37837e0119e4649a77f2e3b5e80dd6d9b8fc4fb6ad monero-win-x64-v0.18.3.1.zip +5bcbeddce32b50ebe18289d0560ebf779441526ec84d73b6a83094f092365271 monero-win-x86-v0.18.3.1.zip +4d217e2aa61a6f105054dddbab52c0301f52766e88783de2480316c5a8661e0c monero-source-v0.18.3.1.tar.bz2 +# +## GUI +792271147ad71a2eaa02fc37d61d72cd92f2f9857dcc09ea032f48481f87e279 monero-gui-install-win-x64-v0.18.3.1.exe +06f6e600db51205116d52522964cf9b96337d7b5cb1e101730ccb0039b30e15b monero-gui-linux-x64-v0.18.3.1.tar.bz2 +b0c8d07f8d8ade49d08419b196ddb9f691717ef05cae066e220db707e4dfedc4 monero-gui-mac-armv8-v0.18.3.1.dmg +8ae53f0908f9bc03452f23d5092bf1eb1d2ad9f1224580486b486cf0a2020401 monero-gui-mac-x64-v0.18.3.1.dmg +f263ce5863fd87ea959f79420e28ef0002649fa02bd57ae34efda926bdcf1a70 monero-gui-win-x64-v0.18.3.1.zip +045a84e343423a62ed617f200465b290267ff0a071375fdfc49ea02dcdb1a785 monero-gui-source-v0.18.3.1.tar.bz2 +# +# +# ~binaryFate +-----BEGIN PGP SIGNATURE----- + +iQIzBAEBCAAdFiEEgaxZH+nEtlxYBq/D8K9NRioL35IFAmUljRIACgkQ8K9NRioL +35IJjBAAqzoh4saUkTPWPAXOdLMLEcpJ5TvzQpImBNKzegjVMV4VYm+0llZw5uMP +/9OvkW7Ho5nLfslsF+C/qkfTc+EXm4h7J7iOyIpj8sr52RttfXjecEla5Ah75qZk +X9puVFd18nEDMktrNp4tkx/WQvzxpPAnsIRwsrX912rOc0jPwqCZ1DFn5JsB4KsK +dSjyWdRjKuxbMv+97GEpxiG6wAkN5lnEzj9LFZcaOLHAtBhxfZhwDBWTWFdPp2cM +TL3dNkMgpONGBEpX/7PJTFbmfba8gRZy7jXFVI0KqLLJC+6vpfGGr+NSX1zdIqrR +Z0Dvl3AA43E/Cjl5ma4L381wEul+7qFB2HN+fB1S6nNHzn/zWVepjD4bvgPvQiVI +d7PK5jhrX9c0XkR4kQrtPoONJW6blhoGiM2CWCfrifXzGA51WvZ1Vc5s8yuUG2p7 +e5+7c6AWFqOIP/8RexPx4ViYmFqE59P9/JCs+JRNgo7A2/JHGCyjdZalmt3/79Bf +aBmfv5mcPe/zPbngU9W6DfKbysYozv2/IQ5nUknU8Qgnaq3PADN2Xx5GlAsC69e0 +tZid955OAmtVzMjNO0KPiGEea2t/a8f3lSir2Irdz/LwIv8RID5/VeyafnUoOvGl +kv15IYnJAQ7vjlskoE/Tzaym/LSaILOHzU5CskI/HjG+7P50mo4= +=6gw4 +-----END PGP SIGNATURE----- diff --git a/orchestration/testnet/coordinator/.folder b/orchestration/testnet/coordinator/.folder new file mode 100644 index 000000000..e69de29bb diff --git a/orchestration/testnet/message-queue/.folder b/orchestration/testnet/message-queue/.folder new file mode 100644 index 000000000..e69de29bb diff --git a/orchestration/testnet/processor/bitcoin/.folder b/orchestration/testnet/processor/bitcoin/.folder new file mode 100644 index 000000000..e69de29bb diff --git a/orchestration/testnet/processor/ethereum/.folder b/orchestration/testnet/processor/ethereum/.folder new file mode 100644 index 000000000..e69de29bb diff --git a/orchestration/testnet/processor/monero/.folder b/orchestration/testnet/processor/monero/.folder new file mode 100644 index 000000000..e69de29bb diff --git a/orchestration/testnet/serai/scripts/run.sh b/orchestration/testnet/serai/scripts/run.sh new file mode 100755 index 000000000..d87f29eec --- /dev/null +++ b/orchestration/testnet/serai/scripts/run.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +exit 1 diff --git a/tests/docker/src/lib.rs b/tests/docker/src/lib.rs index d2ff1ecac..c2af364e4 100644 --- a/tests/docker/src/lib.rs +++ b/tests/docker/src/lib.rs @@ -59,6 +59,7 @@ pub fn build(name: String) { let mut orchestration_path = repo_path.clone(); orchestration_path.push("orchestration"); + orchestration_path.push("dev"); let mut dockerfile_path = orchestration_path.clone(); if HashSet::from(["bitcoin", "ethereum", "monero"]).contains(name.as_str()) { From 105b1d60a39a4dff4d4195c540bf954b242205f1 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 14:00:02 -0500 Subject: [PATCH 22/46] Fixes to network-diversified orchestration --- orchestration/src/coins/bitcoin.rs | 12 ++++++------ orchestration/src/coins/monero.rs | 21 ++++++++++++++------- orchestration/src/main.rs | 9 +++++---- orchestration/src/serai.rs | 15 +++++++++------ 4 files changed, 34 insertions(+), 23 deletions(-) diff --git a/orchestration/src/coins/bitcoin.rs b/orchestration/src/coins/bitcoin.rs index 5ca10f95d..94b7b2529 100644 --- a/orchestration/src/coins/bitcoin.rs +++ b/orchestration/src/coins/bitcoin.rs @@ -1,9 +1,9 @@ use std::{path::Path}; -use crate::{Os, mimalloc, os, write_dockerfile}; +use crate::{Network, Os, mimalloc, os, write_dockerfile}; #[rustfmt::skip] -pub fn bitcoin(orchestration_path: &Path) { +pub fn bitcoin(orchestration_path: &Path, network: Network) { const DOWNLOAD_BITCOIN: &str = r#" FROM alpine:latest as bitcoin @@ -31,16 +31,16 @@ RUN mv bitcoin-${BITCOIN_VERSION}/bin/bitcoind . let setup = mimalloc(Os::Debian).to_string() + DOWNLOAD_BITCOIN; - const RUN_BITCOIN: &str = r#" + let run_bitcoin = format!(r#" COPY --from=bitcoin --chown=bitcoin bitcoind /bin EXPOSE 8332 8333 -ADD /orchestration/coins/bitcoin/scripts /scripts +ADD /orchestration/{}/coins/bitcoin/scripts /scripts CMD ["/scripts/run.sh"] -"#; +"#, network.folder()); - let run = os(Os::Debian, "", "bitcoin") + RUN_BITCOIN; + let run = os(Os::Debian, "", "bitcoin") + &run_bitcoin; let res = setup + &run; let mut bitcoin_path = orchestration_path.to_path_buf(); diff --git a/orchestration/src/coins/monero.rs b/orchestration/src/coins/monero.rs index 978d5576d..5a027f1a9 100644 --- a/orchestration/src/coins/monero.rs +++ b/orchestration/src/coins/monero.rs @@ -1,9 +1,9 @@ use std::{path::Path}; -use crate::{Os, mimalloc, write_dockerfile}; +use crate::{Network, Os, mimalloc, write_dockerfile}; #[rustfmt::skip] -fn monero_internal(os: Os, orchestration_path: &Path, folder: &str, monero_binary: &str, ports: &str) { +fn monero_internal(network: Network, os: Os, orchestration_path: &Path, folder: &str, monero_binary: &str, ports: &str) { const DOWNLOAD_MONERO: &str = r#" FROM alpine:latest as monero @@ -37,9 +37,9 @@ COPY --from=monero --chown=monero {monero_binary} /bin EXPOSE {ports} -ADD /orchestration/coins/{folder}/scripts /scripts +ADD /orchestration/{}/coins/{folder}/scripts /scripts CMD ["/scripts/run.sh"] -"#); +"#, network.folder()); let run = crate::os( os, @@ -56,10 +56,17 @@ CMD ["/scripts/run.sh"] write_dockerfile(monero_path, &res); } -pub fn monero(orchestration_path: &Path) { - monero_internal(Os::Alpine, orchestration_path, "monero", "monerod", "18080 18081") +pub fn monero(orchestration_path: &Path, network: Network) { + monero_internal(network, Os::Alpine, orchestration_path, "monero", "monerod", "18080 18081") } pub fn monero_wallet_rpc(orchestration_path: &Path) { - monero_internal(Os::Debian, orchestration_path, "monero-wallet-rpc", "monero-wallet-rpc", "18082") + monero_internal( + Network::Dev, + Os::Debian, + orchestration_path, + "monero-wallet-rpc", + "monero-wallet-rpc", + "18082", + ) } diff --git a/orchestration/src/main.rs b/orchestration/src/main.rs index 81a793f69..1e1b7ebce 100644 --- a/orchestration/src/main.rs +++ b/orchestration/src/main.rs @@ -1,4 +1,5 @@ -// TODO: Differentiate development/testnet/mainnet (including parity-db usage) +// TODO: Generate randomized RPC credentials for all services +// TODO: Generate keys for a validator and the infra use std::{env, path::PathBuf, io::Write, fs}; @@ -168,9 +169,9 @@ fn dockerfiles(network: Network) { orchestration_path }; - bitcoin(&orchestration_path); + bitcoin(&orchestration_path, network); ethereum(&orchestration_path); - monero(&orchestration_path); + monero(&orchestration_path, network); if network == Network::Dev { monero_wallet_rpc(&orchestration_path); } @@ -183,7 +184,7 @@ fn dockerfiles(network: Network) { coordinator(&orchestration_path, network); - serai(&orchestration_path); + serai(&orchestration_path, network); } fn main() { diff --git a/orchestration/src/serai.rs b/orchestration/src/serai.rs index 26349ae9e..b72ae1012 100644 --- a/orchestration/src/serai.rs +++ b/orchestration/src/serai.rs @@ -1,13 +1,14 @@ use std::{path::Path}; -use crate::{Os, mimalloc, os, build_serai_service, write_dockerfile}; +use crate::{Network, Os, mimalloc, os, build_serai_service, write_dockerfile}; -pub fn serai(orchestration_path: &Path) { +pub fn serai(orchestration_path: &Path, network: Network) { // Always builds in release for performance reasons let setup = mimalloc(Os::Debian).to_string() + &build_serai_service(true, "", "serai-node"); // TODO: Review the ports exposed here - const RUN_SERAI: &str = r#" + let run_serai = format!( + r#" # Copy the Serai binary and relevant license COPY --from=builder --chown=serai /serai/bin/serai-node /bin/ COPY --from=builder --chown=serai /serai/AGPL-3.0 . @@ -15,11 +16,13 @@ COPY --from=builder --chown=serai /serai/AGPL-3.0 . # Run the Serai node EXPOSE 30333 9615 9933 9944 -ADD /orchestration/serai/scripts /scripts +ADD /orchestration/{}/serai/scripts /scripts CMD ["/scripts/run.sh"] -"#; +"#, + network.folder() + ); - let run = os(Os::Debian, "", "serai") + RUN_SERAI; + let run = os(Os::Debian, "", "serai") + &run_serai; let res = setup + &run; let mut serai_path = orchestration_path.to_path_buf(); From 7468898c81931881cfd863e353a9e2363d9e653d Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 14:00:15 -0500 Subject: [PATCH 23/46] Bitcoin and Monero testnet scripts --- orchestration/testnet/coins/bitcoin/scripts/run.sh | 7 ++++++- orchestration/testnet/coins/monero/scripts/run.sh | 9 ++++++++- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/orchestration/testnet/coins/bitcoin/scripts/run.sh b/orchestration/testnet/coins/bitcoin/scripts/run.sh index d87f29eec..8f7584c31 100644 --- a/orchestration/testnet/coins/bitcoin/scripts/run.sh +++ b/orchestration/testnet/coins/bitcoin/scripts/run.sh @@ -1,3 +1,8 @@ #!/bin/bash -exit 1 +RPC_USER="${RPC_USER:=serai}" +RPC_PASS="${RPC_PASS:=seraidex}" + +bitcoind -txindex -testnet -port=8333 \ + -rpcuser=$RPC_USER -rpcpassword=$RPC_PASS \ + -rpcbind=0.0.0.0 -rpcallowip=0.0.0.0/0 -rpcport=8332 diff --git a/orchestration/testnet/coins/monero/scripts/run.sh b/orchestration/testnet/coins/monero/scripts/run.sh index 2bb8d868b..d1ce89fa3 100644 --- a/orchestration/testnet/coins/monero/scripts/run.sh +++ b/orchestration/testnet/coins/monero/scripts/run.sh @@ -1,3 +1,10 @@ #!/bin/sh -exit 1 +RPC_USER="${RPC_USER:=serai}" +RPC_PASS="${RPC_PASS:=seraidex}" + +# Run Monero +monerod --non-interactive --testnet \ + --no-zmq --rpc-bind-ip=0.0.0.0 --rpc-bind-port=18081 --confirm-external-bind \ + --rpc-access-control-origins "*" --disable-rpc-ban \ + --rpc-login=$RPC_USER:$RPC_PASS From 9bdab210e7c1a3a41b8ad46d5ff68bf5f71b717a Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 14:08:20 -0500 Subject: [PATCH 24/46] Permissions and tweaks --- .../dev/coins/bitcoin/scripts/run.sh | 0 .../dev/coins/ethereum/scripts/run.sh | 0 .../coins/monero-wallet-rpc/scripts/run.sh | 0 orchestration/dev/coins/monero/scripts/run.sh | 0 orchestration/dev/serai/scripts/run.sh | 0 orchestration/src/coins/bitcoin.rs | 9 ++++--- orchestration/src/coins/ethereum.rs | 1 - orchestration/src/coins/monero.rs | 26 ++++++++++++------- orchestration/src/main.rs | 20 ++++++++------ orchestration/src/mimalloc.rs | 1 - .../testnet/coins/bitcoin/scripts/run.sh | 0 .../testnet/coins/ethereum/scripts/run.sh | 0 .../testnet/coins/monero/scripts/run.sh | 0 tests/docker/src/lib.rs | 4 ++- 14 files changed, 38 insertions(+), 23 deletions(-) mode change 100644 => 100755 orchestration/dev/coins/bitcoin/scripts/run.sh mode change 100644 => 100755 orchestration/dev/coins/ethereum/scripts/run.sh mode change 100644 => 100755 orchestration/dev/coins/monero-wallet-rpc/scripts/run.sh mode change 100644 => 100755 orchestration/dev/coins/monero/scripts/run.sh mode change 100644 => 100755 orchestration/dev/serai/scripts/run.sh mode change 100644 => 100755 orchestration/testnet/coins/bitcoin/scripts/run.sh mode change 100644 => 100755 orchestration/testnet/coins/ethereum/scripts/run.sh mode change 100644 => 100755 orchestration/testnet/coins/monero/scripts/run.sh diff --git a/orchestration/dev/coins/bitcoin/scripts/run.sh b/orchestration/dev/coins/bitcoin/scripts/run.sh old mode 100644 new mode 100755 diff --git a/orchestration/dev/coins/ethereum/scripts/run.sh b/orchestration/dev/coins/ethereum/scripts/run.sh old mode 100644 new mode 100755 diff --git a/orchestration/dev/coins/monero-wallet-rpc/scripts/run.sh b/orchestration/dev/coins/monero-wallet-rpc/scripts/run.sh old mode 100644 new mode 100755 diff --git a/orchestration/dev/coins/monero/scripts/run.sh b/orchestration/dev/coins/monero/scripts/run.sh old mode 100644 new mode 100755 diff --git a/orchestration/dev/serai/scripts/run.sh b/orchestration/dev/serai/scripts/run.sh old mode 100644 new mode 100755 diff --git a/orchestration/src/coins/bitcoin.rs b/orchestration/src/coins/bitcoin.rs index 94b7b2529..a36f45bf2 100644 --- a/orchestration/src/coins/bitcoin.rs +++ b/orchestration/src/coins/bitcoin.rs @@ -2,8 +2,8 @@ use std::{path::Path}; use crate::{Network, Os, mimalloc, os, write_dockerfile}; -#[rustfmt::skip] pub fn bitcoin(orchestration_path: &Path, network: Network) { + #[rustfmt::skip] const DOWNLOAD_BITCOIN: &str = r#" FROM alpine:latest as bitcoin @@ -31,14 +31,17 @@ RUN mv bitcoin-${BITCOIN_VERSION}/bin/bitcoind . let setup = mimalloc(Os::Debian).to_string() + DOWNLOAD_BITCOIN; - let run_bitcoin = format!(r#" + let run_bitcoin = format!( + r#" COPY --from=bitcoin --chown=bitcoin bitcoind /bin EXPOSE 8332 8333 ADD /orchestration/{}/coins/bitcoin/scripts /scripts CMD ["/scripts/run.sh"] -"#, network.folder()); +"#, + network.folder() + ); let run = os(Os::Debian, "", "bitcoin") + &run_bitcoin; let res = setup + &run; diff --git a/orchestration/src/coins/ethereum.rs b/orchestration/src/coins/ethereum.rs index 48db596d7..2e15d3709 100644 --- a/orchestration/src/coins/ethereum.rs +++ b/orchestration/src/coins/ethereum.rs @@ -1,6 +1,5 @@ use std::path::Path; -#[rustfmt::skip] pub fn ethereum(_orchestration_path: &Path) { // TODO } diff --git a/orchestration/src/coins/monero.rs b/orchestration/src/coins/monero.rs index 5a027f1a9..ead76db9e 100644 --- a/orchestration/src/coins/monero.rs +++ b/orchestration/src/coins/monero.rs @@ -2,8 +2,15 @@ use std::{path::Path}; use crate::{Network, Os, mimalloc, write_dockerfile}; -#[rustfmt::skip] -fn monero_internal(network: Network, os: Os, orchestration_path: &Path, folder: &str, monero_binary: &str, ports: &str) { +fn monero_internal( + network: Network, + os: Os, + orchestration_path: &Path, + folder: &str, + monero_binary: &str, + ports: &str, +) { + #[rustfmt::skip] const DOWNLOAD_MONERO: &str = r#" FROM alpine:latest as monero @@ -32,20 +39,21 @@ RUN tar -xvjf monero-linux-x64-v${MONERO_VERSION}.tar.bz2 --strip-components=1 let setup = mimalloc(os).to_string() + DOWNLOAD_MONERO; - let run_monero = format!(r#" + let run_monero = format!( + r#" COPY --from=monero --chown=monero {monero_binary} /bin EXPOSE {ports} ADD /orchestration/{}/coins/{folder}/scripts /scripts CMD ["/scripts/run.sh"] -"#, network.folder()); +"#, + network.folder() + ); - let run = crate::os( - os, - if os == Os::Alpine { "RUN apk --no-cache add gcompat" } else { "" }, - "monero" - ) + &run_monero; + let run = + crate::os(os, if os == Os::Alpine { "RUN apk --no-cache add gcompat" } else { "" }, "monero") + + &run_monero; let res = setup + &run; let mut monero_path = orchestration_path.to_path_buf(); diff --git a/orchestration/src/main.rs b/orchestration/src/main.rs index 1e1b7ebce..56760725d 100644 --- a/orchestration/src/main.rs +++ b/orchestration/src/main.rs @@ -56,10 +56,10 @@ enum Os { Debian, } -#[rustfmt::skip] fn os(os: Os, additional_root: &str, user: &str) -> String { match os { - Os::Alpine => format!(r#" + Os::Alpine => format!( + r#" FROM alpine:latest as image COPY --from=mimalloc-alpine libmimalloc.so /usr/lib @@ -74,9 +74,11 @@ RUN adduser -S -s /sbin/nologin -D {user} USER {user} WORKDIR /home/{user} -"#), +"# + ), - Os::Debian => format!(r#" + Os::Debian => format!( + r#" FROM debian:bookworm-slim as image COPY --from=mimalloc-debian libmimalloc.so /usr/lib @@ -90,16 +92,17 @@ RUN useradd --system --create-home --shell /sbin/nologin {user} USER {user} WORKDIR /home/{user} -"#), +"# + ), } } -#[rustfmt::skip] fn build_serai_service(release: bool, features: &str, package: &str) -> String { let profile = if release { "release" } else { "debug" }; let profile_flag = if release { "--release" } else { "" }; - format!(r#" + format!( + r#" FROM rust:1.75-slim-bookworm as builder COPY --from=mimalloc-debian libmimalloc.so /usr/lib @@ -142,7 +145,8 @@ RUN --mount=type=cache,target=/root/.cargo \ mkdir /serai/bin && \ cargo build {profile_flag} --features "{features}" -p {package} && \ mv /serai/target/{profile}/{package} /serai/bin -"#) +"# + ) } pub fn write_dockerfile(path: PathBuf, dockerfile: &str) { diff --git a/orchestration/src/mimalloc.rs b/orchestration/src/mimalloc.rs index cb401d6b2..cb400ca60 100644 --- a/orchestration/src/mimalloc.rs +++ b/orchestration/src/mimalloc.rs @@ -1,6 +1,5 @@ use crate::Os; -#[rustfmt::skip] pub fn mimalloc(os: Os) -> &'static str { const ALPINE_MIMALLOC: &str = r#" FROM alpine:latest as mimalloc-alpine diff --git a/orchestration/testnet/coins/bitcoin/scripts/run.sh b/orchestration/testnet/coins/bitcoin/scripts/run.sh old mode 100644 new mode 100755 diff --git a/orchestration/testnet/coins/ethereum/scripts/run.sh b/orchestration/testnet/coins/ethereum/scripts/run.sh old mode 100644 new mode 100755 diff --git a/orchestration/testnet/coins/monero/scripts/run.sh b/orchestration/testnet/coins/monero/scripts/run.sh old mode 100644 new mode 100755 diff --git a/tests/docker/src/lib.rs b/tests/docker/src/lib.rs index c2af364e4..611abf008 100644 --- a/tests/docker/src/lib.rs +++ b/tests/docker/src/lib.rs @@ -59,7 +59,9 @@ pub fn build(name: String) { let mut orchestration_path = repo_path.clone(); orchestration_path.push("orchestration"); - orchestration_path.push("dev"); + if name != "runtime" { + orchestration_path.push("dev"); + } let mut dockerfile_path = orchestration_path.clone(); if HashSet::from(["bitcoin", "ethereum", "monero"]).contains(name.as_str()) { From 9ec4edca66a8032f6dd762350fcf4763c3cea4b3 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 14:11:55 -0500 Subject: [PATCH 25/46] Flatten scripts folders --- .github/actions/monero/action.yml | 2 +- orchestration/dev/coins/bitcoin/{scripts => }/run.sh | 0 orchestration/dev/coins/ethereum/{scripts => }/run.sh | 0 .../dev/coins/monero-wallet-rpc/{scripts => }/run.sh | 0 .../dev/coins/monero/{temp => }/hashes-v0.18.3.1.txt | 0 orchestration/dev/coins/monero/{scripts => }/run.sh | 0 orchestration/dev/serai/{scripts => }/run.sh | 0 orchestration/src/coins/bitcoin.rs | 4 ++-- orchestration/src/coins/monero.rs | 6 +++--- orchestration/src/serai.rs | 4 ++-- orchestration/testnet/coins/bitcoin/{scripts => }/run.sh | 0 orchestration/testnet/coins/ethereum/{scripts => }/run.sh | 0 .../testnet/coins/monero/{temp => }/hashes-v0.18.3.1.txt | 0 orchestration/testnet/coins/monero/{scripts => }/run.sh | 0 orchestration/testnet/serai/{scripts => }/run.sh | 0 15 files changed, 8 insertions(+), 8 deletions(-) rename orchestration/dev/coins/bitcoin/{scripts => }/run.sh (100%) rename orchestration/dev/coins/ethereum/{scripts => }/run.sh (100%) rename orchestration/dev/coins/monero-wallet-rpc/{scripts => }/run.sh (100%) rename orchestration/dev/coins/monero/{temp => }/hashes-v0.18.3.1.txt (100%) rename orchestration/dev/coins/monero/{scripts => }/run.sh (100%) rename orchestration/dev/serai/{scripts => }/run.sh (100%) rename orchestration/testnet/coins/bitcoin/{scripts => }/run.sh (100%) rename orchestration/testnet/coins/ethereum/{scripts => }/run.sh (100%) rename orchestration/testnet/coins/monero/{temp => }/hashes-v0.18.3.1.txt (100%) rename orchestration/testnet/coins/monero/{scripts => }/run.sh (100%) rename orchestration/testnet/serai/{scripts => }/run.sh (100%) diff --git a/.github/actions/monero/action.yml b/.github/actions/monero/action.yml index 66178d234..8dff093a5 100644 --- a/.github/actions/monero/action.yml +++ b/.github/actions/monero/action.yml @@ -43,4 +43,4 @@ runs: - name: Monero Regtest Daemon shell: bash - run: PATH=$PATH:/usr/bin ./orchestration/dev/coins/monero/scripts/run.sh --detach + run: PATH=$PATH:/usr/bin ./orchestration/dev/coins/monero/run.sh --detach diff --git a/orchestration/dev/coins/bitcoin/scripts/run.sh b/orchestration/dev/coins/bitcoin/run.sh similarity index 100% rename from orchestration/dev/coins/bitcoin/scripts/run.sh rename to orchestration/dev/coins/bitcoin/run.sh diff --git a/orchestration/dev/coins/ethereum/scripts/run.sh b/orchestration/dev/coins/ethereum/run.sh similarity index 100% rename from orchestration/dev/coins/ethereum/scripts/run.sh rename to orchestration/dev/coins/ethereum/run.sh diff --git a/orchestration/dev/coins/monero-wallet-rpc/scripts/run.sh b/orchestration/dev/coins/monero-wallet-rpc/run.sh similarity index 100% rename from orchestration/dev/coins/monero-wallet-rpc/scripts/run.sh rename to orchestration/dev/coins/monero-wallet-rpc/run.sh diff --git a/orchestration/dev/coins/monero/temp/hashes-v0.18.3.1.txt b/orchestration/dev/coins/monero/hashes-v0.18.3.1.txt similarity index 100% rename from orchestration/dev/coins/monero/temp/hashes-v0.18.3.1.txt rename to orchestration/dev/coins/monero/hashes-v0.18.3.1.txt diff --git a/orchestration/dev/coins/monero/scripts/run.sh b/orchestration/dev/coins/monero/run.sh similarity index 100% rename from orchestration/dev/coins/monero/scripts/run.sh rename to orchestration/dev/coins/monero/run.sh diff --git a/orchestration/dev/serai/scripts/run.sh b/orchestration/dev/serai/run.sh similarity index 100% rename from orchestration/dev/serai/scripts/run.sh rename to orchestration/dev/serai/run.sh diff --git a/orchestration/src/coins/bitcoin.rs b/orchestration/src/coins/bitcoin.rs index a36f45bf2..1ae0438df 100644 --- a/orchestration/src/coins/bitcoin.rs +++ b/orchestration/src/coins/bitcoin.rs @@ -37,8 +37,8 @@ COPY --from=bitcoin --chown=bitcoin bitcoind /bin EXPOSE 8332 8333 -ADD /orchestration/{}/coins/bitcoin/scripts /scripts -CMD ["/scripts/run.sh"] +ADD /orchestration/{}/coins/bitcoin/run.sh / +CMD ["/run.sh"] "#, network.folder() ); diff --git a/orchestration/src/coins/monero.rs b/orchestration/src/coins/monero.rs index ead76db9e..a2dfa5639 100644 --- a/orchestration/src/coins/monero.rs +++ b/orchestration/src/coins/monero.rs @@ -28,7 +28,7 @@ RUN apk --no-cache add gnupg RUN wget https://downloads.getmonero.org/cli/monero-linux-x64-v${MONERO_VERSION}.tar.bz2 # Verify Binary -- fingerprint from https://github.com/monero-project/monero-site/issues/1949 -ADD orchestration/coins/monero/temp/hashes-v${MONERO_VERSION}.txt . +ADD orchestration/coins/monero/hashes-v${MONERO_VERSION}.txt . RUN gpg --keyserver hkp://keyserver.ubuntu.com:80 --keyserver-options no-self-sigs-only --receive-keys 81AC591FE9C4B65C5806AFC3F0AF4D462A0BDF92 && \ gpg --verify hashes-v${MONERO_VERSION}.txt && \ grep "$(sha256sum monero-linux-x64-v${MONERO_VERSION}.tar.bz2 | cut -c 1-64)" hashes-v${MONERO_VERSION}.txt @@ -45,8 +45,8 @@ COPY --from=monero --chown=monero {monero_binary} /bin EXPOSE {ports} -ADD /orchestration/{}/coins/{folder}/scripts /scripts -CMD ["/scripts/run.sh"] +ADD /orchestration/{}/coins/{folder}/run.sh / +CMD ["/run.sh"] "#, network.folder() ); diff --git a/orchestration/src/serai.rs b/orchestration/src/serai.rs index b72ae1012..e12397f23 100644 --- a/orchestration/src/serai.rs +++ b/orchestration/src/serai.rs @@ -16,8 +16,8 @@ COPY --from=builder --chown=serai /serai/AGPL-3.0 . # Run the Serai node EXPOSE 30333 9615 9933 9944 -ADD /orchestration/{}/serai/scripts /scripts -CMD ["/scripts/run.sh"] +ADD /orchestration/{}/serai/run.sh / +CMD ["/run.sh"] "#, network.folder() ); diff --git a/orchestration/testnet/coins/bitcoin/scripts/run.sh b/orchestration/testnet/coins/bitcoin/run.sh similarity index 100% rename from orchestration/testnet/coins/bitcoin/scripts/run.sh rename to orchestration/testnet/coins/bitcoin/run.sh diff --git a/orchestration/testnet/coins/ethereum/scripts/run.sh b/orchestration/testnet/coins/ethereum/run.sh similarity index 100% rename from orchestration/testnet/coins/ethereum/scripts/run.sh rename to orchestration/testnet/coins/ethereum/run.sh diff --git a/orchestration/testnet/coins/monero/temp/hashes-v0.18.3.1.txt b/orchestration/testnet/coins/monero/hashes-v0.18.3.1.txt similarity index 100% rename from orchestration/testnet/coins/monero/temp/hashes-v0.18.3.1.txt rename to orchestration/testnet/coins/monero/hashes-v0.18.3.1.txt diff --git a/orchestration/testnet/coins/monero/scripts/run.sh b/orchestration/testnet/coins/monero/run.sh similarity index 100% rename from orchestration/testnet/coins/monero/scripts/run.sh rename to orchestration/testnet/coins/monero/run.sh diff --git a/orchestration/testnet/serai/scripts/run.sh b/orchestration/testnet/serai/run.sh similarity index 100% rename from orchestration/testnet/serai/scripts/run.sh rename to orchestration/testnet/serai/run.sh From 2f18b76b68c36c7399f0089dc342e33ed5d70c33 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 14:55:40 -0500 Subject: [PATCH 26/46] Add missing folder specification to Monero Dockerfile --- orchestration/src/coins/monero.rs | 30 +++++++++++++----------------- 1 file changed, 13 insertions(+), 17 deletions(-) diff --git a/orchestration/src/coins/monero.rs b/orchestration/src/coins/monero.rs index a2dfa5639..8f6828e74 100644 --- a/orchestration/src/coins/monero.rs +++ b/orchestration/src/coins/monero.rs @@ -10,34 +10,30 @@ fn monero_internal( monero_binary: &str, ports: &str, ) { + const MONERO_VERSION: &str = "0.18.3.1"; + #[rustfmt::skip] - const DOWNLOAD_MONERO: &str = r#" + let download_monero = format!(r#" FROM alpine:latest as monero -# https://downloads.getmonero.org/cli/monero-linux-x64-v0.18.3.1.tar.bz2 -# Verification will fail if MONERO_VERSION doesn't match the latest -# due to the way monero publishes releases. They overwrite a single hashes.txt -# file with each release, meaning we can only grab the SHA256 of the latest -# release. -# Most publish a asc file for each release / build architecture ¯\_(ツ)_/¯ -ENV MONERO_VERSION=0.18.3.1 - RUN apk --no-cache add gnupg # Download Monero -RUN wget https://downloads.getmonero.org/cli/monero-linux-x64-v${MONERO_VERSION}.tar.bz2 +RUN wget https://downloads.getmonero.org/cli/monero-linux-x64-v{MONERO_VERSION}.tar.bz2 # Verify Binary -- fingerprint from https://github.com/monero-project/monero-site/issues/1949 -ADD orchestration/coins/monero/hashes-v${MONERO_VERSION}.txt . +ADD orchestration/{}/coins/monero/hashes-v{MONERO_VERSION}.txt . RUN gpg --keyserver hkp://keyserver.ubuntu.com:80 --keyserver-options no-self-sigs-only --receive-keys 81AC591FE9C4B65C5806AFC3F0AF4D462A0BDF92 && \ - gpg --verify hashes-v${MONERO_VERSION}.txt && \ - grep "$(sha256sum monero-linux-x64-v${MONERO_VERSION}.tar.bz2 | cut -c 1-64)" hashes-v${MONERO_VERSION}.txt + gpg --verify hashes-v{MONERO_VERSION}.txt && \ + grep "$(sha256sum monero-linux-x64-v{MONERO_VERSION}.tar.bz2 | cut -c 1-64)" hashes-v{MONERO_VERSION}.txt # Extract it -RUN tar -xvjf monero-linux-x64-v${MONERO_VERSION}.tar.bz2 --strip-components=1 -"#; +RUN tar -xvjf monero-linux-x64-v{MONERO_VERSION}.tar.bz2 --strip-components=1 +"#, + network.folder(), + ); - let setup = mimalloc(os).to_string() + DOWNLOAD_MONERO; + let setup = mimalloc(os).to_string() + &download_monero; let run_monero = format!( r#" @@ -48,7 +44,7 @@ EXPOSE {ports} ADD /orchestration/{}/coins/{folder}/run.sh / CMD ["/run.sh"] "#, - network.folder() + network.folder(), ); let run = From a7e61559e3b1e879982cb865bfccfb4fca997e3f Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Sun, 4 Feb 2024 15:45:11 -0500 Subject: [PATCH 27/46] Have monero-wallet-rpc specify the monerod login --- .github/actions/monero-wallet-rpc/action.yml | 7 ++++++- orchestration/dev/coins/monero-wallet-rpc/run.sh | 6 +++--- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/.github/actions/monero-wallet-rpc/action.yml b/.github/actions/monero-wallet-rpc/action.yml index 3d0dedae3..3192bb95b 100644 --- a/.github/actions/monero-wallet-rpc/action.yml +++ b/.github/actions/monero-wallet-rpc/action.yml @@ -41,4 +41,9 @@ runs: - name: Monero Wallet RPC shell: bash - run: ./monero-wallet-rpc --disable-rpc-login --rpc-bind-port 18082 --allow-mismatched-daemon-version --wallet-dir ./ --detach + run: | + ./monero-wallet-rpc --allow-mismatched-daemon-version \ + --daemon-address 0.0.0.0:18081 --daemon-login serai:seraidex \ + --disable-rpc-login --rpc-bind-port 18082 \ + --wallet-dir ./ \ + --detach diff --git a/orchestration/dev/coins/monero-wallet-rpc/run.sh b/orchestration/dev/coins/monero-wallet-rpc/run.sh index 500b1b34d..e886c9e86 100755 --- a/orchestration/dev/coins/monero-wallet-rpc/run.sh +++ b/orchestration/dev/coins/monero-wallet-rpc/run.sh @@ -1,7 +1,7 @@ #!/bin/sh monero-wallet-rpc \ - --disable-rpc-login \ - --rpc-bind-ip=0.0.0.0 --confirm-external-bind \ - --daemon-address monero:18081 --allow-mismatched-daemon-version \ + --allow-mismatched-daemon-version \ + --daemon-address monero:18081 --daemon-login serai:seraidex \ + --disable-rpc-login --rpc-bind-ip=0.0.0.0 --rpc-bind-port 18082 --confirm-external-bind \ --wallet-dir /home/monero From 2408017e8c61fc4d736a1f341eaef8c41babf446 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Mon, 5 Feb 2024 02:59:25 -0500 Subject: [PATCH 28/46] Have the Docker CMD specify env variables inserted at time of Dockerfile generation They're overrideable with the global enviornment as for tests. This enables variable generation in orchestrator and output to productionized Docker files without creating a life-long file within the Docker container. --- common/env/src/lib.rs | 3 ++- orchestration/src/coordinator.rs | 21 +++++++++++++++++---- orchestration/src/message_queue.rs | 23 +++++++++++++++++++---- orchestration/src/processor.rs | 24 ++++++++++++++++++++---- 4 files changed, 58 insertions(+), 13 deletions(-) diff --git a/common/env/src/lib.rs b/common/env/src/lib.rs index 7b5cd049d..bace84fd3 100644 --- a/common/env/src/lib.rs +++ b/common/env/src/lib.rs @@ -3,6 +3,7 @@ // Obtain a variable from the Serai environment/secret store. pub fn var(variable: &str) -> Option { - // TODO: Move this to Kubernetes + // TODO: Move this to a proper secret store + // TODO: Unset this variable std::env::var(variable).ok() } diff --git a/orchestration/src/coordinator.rs b/orchestration/src/coordinator.rs index 4669f13ab..62b5c543b 100644 --- a/orchestration/src/coordinator.rs +++ b/orchestration/src/coordinator.rs @@ -17,16 +17,29 @@ pub fn coordinator(orchestration_path: &Path, network: Network) { RUN apt install -y ca-certificates "#; - const RUN_COORDINATOR: &str = r#" + let env_vars = [ + ("MESSAGE_QUEUE_KEY", ""), + ("DB_PATH", "./coordinator-db"), + ("SERAI_KEY", ""), + ("RUST_LOG", "serai_coordinator=debug,tributary_chain=debug,tendermint=debug"), + ]; + let mut env_vars_str = String::new(); + for (env_var, value) in env_vars { + env_vars_str += &format!(r#"{env_var}="${{{env_var}:='{value}'}}" "#); + } + + let run_coordinator = format!( + r#" # Copy the Coordinator binary and relevant license COPY --from=builder --chown=coordinator /serai/bin/serai-coordinator /bin/ COPY --from=builder --chown=coordinator /serai/AGPL-3.0 . # Run coordinator -CMD ["serai-coordinator"] -"#; +CMD {env_vars_str} serai-coordinator +"# + ); - let run = os(Os::Debian, ADDITIONAL_ROOT, "coordinator") + RUN_COORDINATOR; + let run = os(Os::Debian, ADDITIONAL_ROOT, "coordinator") + &run_coordinator; let res = setup + &run; let mut coordinator_path = orchestration_path.to_path_buf(); diff --git a/orchestration/src/message_queue.rs b/orchestration/src/message_queue.rs index b20ac747d..a36fca71f 100644 --- a/orchestration/src/message_queue.rs +++ b/orchestration/src/message_queue.rs @@ -6,17 +6,32 @@ pub fn message_queue(orchestration_path: &Path, network: Network) { let setup = mimalloc(Os::Debian).to_string() + &build_serai_service(network.release(), network.db(), "serai-message-queue"); - const RUN_MESSAGE_QUEUE: &str = r#" + let env_vars = [ + ("COORDINATOR_KEY", ""), + ("BITCOIN_KEY", ""), + ("ETHEREUM_KEY", ""), + ("MONERO_KEY", ""), + ("DB_PATH", "./message-queue-db"), + ("RUST_LOG", "serai_message_queue=trace"), + ]; + let mut env_vars_str = String::new(); + for (env_var, value) in env_vars { + env_vars_str += &format!(r#"{env_var}="${{{env_var}:='{value}'}}" "#); + } + + let run_message_queue = format!( + r#" # Copy the Message Queue binary and relevant license COPY --from=builder --chown=messagequeue /serai/bin/serai-message-queue /bin COPY --from=builder --chown=messagequeue /serai/AGPL-3.0 . # Run message-queue EXPOSE 2287 -CMD ["serai-message-queue"] -"#; +CMD {env_vars_str} serai-message-queue +"# + ); - let run = os(Os::Debian, "", "messagequeue") + RUN_MESSAGE_QUEUE; + let run = os(Os::Debian, "", "messagequeue") + &run_message_queue; let res = setup + &run; let mut message_queue_path = orchestration_path.to_path_buf(); diff --git a/orchestration/src/processor.rs b/orchestration/src/processor.rs index 9e6b0015c..5b22ecb6e 100644 --- a/orchestration/src/processor.rs +++ b/orchestration/src/processor.rs @@ -15,16 +15,32 @@ pub fn processor(orchestration_path: &Path, network: Network, coin: &'static str RUN apt install -y ca-certificates "#; - const RUN_PROCESSOR: &str = r#" + let env_vars = [ + ("MESSAGE_QUEUE_KEY", ""), + ("ENTROPY", ""), + ("NETWORK", ""), + ("NETWORK_RPC_LOGIN", ""), + ("NETWORK_RPC_PORT", ""), + ("DB_PATH", "./processor-db"), + ("RUST_LOG", "serai_processor=debug"), + ]; + let mut env_vars_str = String::new(); + for (env_var, value) in env_vars { + env_vars_str += &format!(r#"{env_var}="${{{env_var}:='{value}'}}" "#); + } + + let run_processor = format!( + r#" # Copy the Processor binary and relevant license COPY --from=builder --chown=processor /serai/bin/serai-processor /bin/ COPY --from=builder --chown=processor /serai/AGPL-3.0 . # Run processor -CMD ["serai-processor"] -"#; +CMD {env_vars_str} serai-processor +"# + ); - let run = os(Os::Debian, ADDITIONAL_ROOT, "processor") + RUN_PROCESSOR; + let run = os(Os::Debian, ADDITIONAL_ROOT, "processor") + &run_processor; let res = setup + &run; let mut processor_path = orchestration_path.to_path_buf(); From 36fe2db35f8dd81a3fe6dd56b492022b6b9b3c6b Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Mon, 5 Feb 2024 03:07:59 -0500 Subject: [PATCH 29/46] Don't add Dockerfiles into Docker containers now that they have secrets Solely add the source code for them as needed to satisfy the workspace bounds. --- orchestration/runtime/Dockerfile | 3 ++- orchestration/src/main.rs | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/orchestration/runtime/Dockerfile b/orchestration/runtime/Dockerfile index 53df3a1c5..c05df2ee2 100644 --- a/orchestration/runtime/Dockerfile +++ b/orchestration/runtime/Dockerfile @@ -21,7 +21,8 @@ ADD message-queue /serai/message-queue ADD processor /serai/processor ADD coordinator /serai/coordinator ADD substrate /serai/substrate -ADD orchestration /serai/orchestration +ADD orchestration/Cargo.toml /serai/orchestration/Cargo.toml +ADD orchestration/src /serai/orchestration/src ADD mini /serai/mini ADD tests /serai/tests ADD Cargo.toml /serai diff --git a/orchestration/src/main.rs b/orchestration/src/main.rs index 56760725d..53b105775 100644 --- a/orchestration/src/main.rs +++ b/orchestration/src/main.rs @@ -128,7 +128,8 @@ ADD message-queue /serai/message-queue ADD processor /serai/processor ADD coordinator /serai/coordinator ADD substrate /serai/substrate -ADD orchestration /serai/orchestration +ADD orchestration/Cargo.toml /serai/orchestration/Cargo.toml +ADD orchestration/src /serai/orchestration/src ADD mini /serai/mini ADD tests /serai/tests ADD Cargo.toml /serai From a4aa7b028609c728cb9180f037a9beb45fd4204c Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Mon, 5 Feb 2024 03:36:49 -0500 Subject: [PATCH 30/46] Download arm64 Monero on arm64 --- orchestration/src/coins/monero.rs | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/orchestration/src/coins/monero.rs b/orchestration/src/coins/monero.rs index 8f6828e74..d6129306d 100644 --- a/orchestration/src/coins/monero.rs +++ b/orchestration/src/coins/monero.rs @@ -12,6 +12,14 @@ fn monero_internal( ) { const MONERO_VERSION: &str = "0.18.3.1"; + let arch = match std::env::consts::ARCH { + // We probably would run this without issues yet it's not worth needing to provide support for + "x86" | "arm" => panic!("unsupported architecture, please download a 64-bit OS"), + "x86_64" => "x64", + "aarch64" => "armv8", + _ => panic!("unsupported architecture"), + }; + #[rustfmt::skip] let download_monero = format!(r#" FROM alpine:latest as monero @@ -19,16 +27,16 @@ FROM alpine:latest as monero RUN apk --no-cache add gnupg # Download Monero -RUN wget https://downloads.getmonero.org/cli/monero-linux-x64-v{MONERO_VERSION}.tar.bz2 +RUN wget https://downloads.getmonero.org/cli/monero-linux-{arch}-v{MONERO_VERSION}.tar.bz2 # Verify Binary -- fingerprint from https://github.com/monero-project/monero-site/issues/1949 ADD orchestration/{}/coins/monero/hashes-v{MONERO_VERSION}.txt . RUN gpg --keyserver hkp://keyserver.ubuntu.com:80 --keyserver-options no-self-sigs-only --receive-keys 81AC591FE9C4B65C5806AFC3F0AF4D462A0BDF92 && \ gpg --verify hashes-v{MONERO_VERSION}.txt && \ - grep "$(sha256sum monero-linux-x64-v{MONERO_VERSION}.tar.bz2 | cut -c 1-64)" hashes-v{MONERO_VERSION}.txt + grep "$(sha256sum monero-linux-{arch}-v{MONERO_VERSION}.tar.bz2 | cut -c 1-64)" hashes-v{MONERO_VERSION}.txt # Extract it -RUN tar -xvjf monero-linux-x64-v{MONERO_VERSION}.tar.bz2 --strip-components=1 +RUN tar -xvjf monero-linux-{arch}-v{MONERO_VERSION}.tar.bz2 --strip-components=1 "#, network.folder(), ); From 8fd624736a638e50e1a55a412e3b312098416500 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Mon, 5 Feb 2024 03:53:56 -0500 Subject: [PATCH 31/46] Ensure constant host architecture when reproducibly building the wasm Host architecture, for some reason, can effect the generated code despite the target architecture always being foreign to the host architecture. --- orchestration/runtime/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/orchestration/runtime/Dockerfile b/orchestration/runtime/Dockerfile index c05df2ee2..c91731f24 100644 --- a/orchestration/runtime/Dockerfile +++ b/orchestration/runtime/Dockerfile @@ -1,4 +1,4 @@ -FROM rust:1.75.0-slim-bookworm as builder +FROM --platform=linux/amd64 rust:1.75.0-slim-bookworm as builder # Move to a Debian package snapshot RUN rm -rf /etc/apt/sources.list.d/debian.sources && \ From 497bb3b2959f5bc77eff07ca9f6ae40527a080d5 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Mon, 5 Feb 2024 20:27:12 -0500 Subject: [PATCH 32/46] Randomly generate infrastructure keys --- Cargo.lock | 9 +++ orchestration/Cargo.toml | 10 +++ orchestration/src/coins/bitcoin.rs | 2 +- orchestration/src/coins/monero.rs | 4 +- orchestration/src/coordinator.rs | 20 ++++-- orchestration/src/main.rs | 77 ++++++++++++++++++++--- orchestration/src/message_queue.rs | 23 ++++--- orchestration/src/processor.rs | 41 +++++++++--- orchestration/src/serai.rs | 2 +- orchestration/testnet/coins/monero/run.sh | 2 +- 10 files changed, 156 insertions(+), 34 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 152ed22de..5c3817c93 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -7663,6 +7663,15 @@ dependencies = [ [[package]] name = "serai-orchestrator" version = "0.0.1" +dependencies = [ + "ciphersuite", + "flexible-transcript", + "hex", + "rand_chacha", + "rand_core", + "zalloc", + "zeroize", +] [[package]] name = "serai-primitives" diff --git a/orchestration/Cargo.toml b/orchestration/Cargo.toml index 9588be262..fffd248af 100644 --- a/orchestration/Cargo.toml +++ b/orchestration/Cargo.toml @@ -16,3 +16,13 @@ rustdoc-args = ["--cfg", "docsrs"] workspace = true [dependencies] +hex = { version = "0.4", default-features = false, features = ["std"] } + +zeroize = { version = "1", default-features = false, features = ["std"] } +rand_core = { version = "0.6", default-features = false, features = ["std", "getrandom"] } +rand_chacha = { version = "0.3", default-features = false, features = ["std"] } + +transcript = { package = "flexible-transcript", path = "../crypto/transcript", default-features = false, features = ["std", "recommended"] } +ciphersuite = { path = "../crypto/ciphersuite", default-features = false, features = ["std", "ristretto"] } + +zalloc = { path = "../common/zalloc" } diff --git a/orchestration/src/coins/bitcoin.rs b/orchestration/src/coins/bitcoin.rs index 1ae0438df..a5c8b21c0 100644 --- a/orchestration/src/coins/bitcoin.rs +++ b/orchestration/src/coins/bitcoin.rs @@ -40,7 +40,7 @@ EXPOSE 8332 8333 ADD /orchestration/{}/coins/bitcoin/run.sh / CMD ["/run.sh"] "#, - network.folder() + network.label() ); let run = os(Os::Debian, "", "bitcoin") + &run_bitcoin; diff --git a/orchestration/src/coins/monero.rs b/orchestration/src/coins/monero.rs index d6129306d..dcdc58b1d 100644 --- a/orchestration/src/coins/monero.rs +++ b/orchestration/src/coins/monero.rs @@ -38,7 +38,7 @@ RUN gpg --keyserver hkp://keyserver.ubuntu.com:80 --keyserver-options no-self-si # Extract it RUN tar -xvjf monero-linux-{arch}-v{MONERO_VERSION}.tar.bz2 --strip-components=1 "#, - network.folder(), + network.label(), ); let setup = mimalloc(os).to_string() + &download_monero; @@ -52,7 +52,7 @@ EXPOSE {ports} ADD /orchestration/{}/coins/{folder}/run.sh / CMD ["/run.sh"] "#, - network.folder(), + network.label(), ); let run = diff --git a/orchestration/src/coordinator.rs b/orchestration/src/coordinator.rs index 62b5c543b..c537434ae 100644 --- a/orchestration/src/coordinator.rs +++ b/orchestration/src/coordinator.rs @@ -1,8 +1,17 @@ use std::{path::Path}; +use zeroize::Zeroizing; + +use ciphersuite::{group::ff::PrimeField, Ciphersuite, Ristretto}; + use crate::{Network, Os, mimalloc, os, build_serai_service, write_dockerfile}; -pub fn coordinator(orchestration_path: &Path, network: Network) { +#[allow(clippy::needless_pass_by_value)] +pub fn coordinator( + orchestration_path: &Path, + network: Network, + coordinator_key: Zeroizing<::F>, +) { let db = network.db(); let longer_reattempts = if network == Network::Dev { "longer-reattempts" } else { "" }; let setup = mimalloc(Os::Debian).to_string() + @@ -18,10 +27,11 @@ RUN apt install -y ca-certificates "#; let env_vars = [ - ("MESSAGE_QUEUE_KEY", ""), - ("DB_PATH", "./coordinator-db"), - ("SERAI_KEY", ""), - ("RUST_LOG", "serai_coordinator=debug,tributary_chain=debug,tendermint=debug"), + ("MESSAGE_QUEUE_KEY", hex::encode(coordinator_key.to_repr())), + ("DB_PATH", "./coordinator-db".to_string()), + ("SERAI_KEY", String::new()), // TODO + ("SERAI_HOSTNAME", format!("serai-{}", network.label())), + ("RUST_LOG", "serai_coordinator=debug,tributary_chain=debug,tendermint=debug".to_string()), ]; let mut env_vars_str = String::new(); for (env_var, value) in env_vars { diff --git a/orchestration/src/main.rs b/orchestration/src/main.rs index 53b105775..2c08fa1b3 100644 --- a/orchestration/src/main.rs +++ b/orchestration/src/main.rs @@ -1,8 +1,18 @@ // TODO: Generate randomized RPC credentials for all services // TODO: Generate keys for a validator and the infra +use core::ops::Deref; use std::{env, path::PathBuf, io::Write, fs}; +use zeroize::Zeroizing; + +use rand_core::{RngCore, SeedableRng, OsRng}; +use rand_chacha::ChaCha20Rng; + +use transcript::{Transcript, RecommendedTranscript}; + +use ciphersuite::{group::ff::Field, Ciphersuite, Ristretto}; + mod mimalloc; use mimalloc::mimalloc; @@ -21,6 +31,10 @@ use coordinator::coordinator; mod serai; use serai::serai; +#[global_allocator] +static ALLOCATOR: zalloc::ZeroizingAlloc = + zalloc::ZeroizingAlloc(std::alloc::System); + #[derive(Clone, Copy, PartialEq, Eq, Debug, PartialOrd, Ord, Hash)] pub enum Network { Dev, @@ -42,7 +56,7 @@ impl Network { } } - pub fn folder(&self) -> &'static str { + pub fn label(&self) -> &'static str { match self { Network::Dev => "dev", Network::Testnet => "testnet", @@ -170,7 +184,7 @@ fn dockerfiles(network: Network) { let mut orchestration_path = repo_path.clone(); orchestration_path.push("orchestration"); - orchestration_path.push(network.folder()); + orchestration_path.push(network.label()); orchestration_path }; @@ -181,13 +195,58 @@ fn dockerfiles(network: Network) { monero_wallet_rpc(&orchestration_path); } - message_queue(&orchestration_path, network); - - processor(&orchestration_path, network, "bitcoin"); - processor(&orchestration_path, network, "ethereum"); - processor(&orchestration_path, network, "monero"); - - coordinator(&orchestration_path, network); + // Generate entropy for the infrastructure keys + let mut entropy = [0; 32]; + OsRng.fill_bytes(&mut entropy); + let mut transcript = RecommendedTranscript::new(b"Serai Orchestrator Transcript"); + transcript.append_message(b"entropy", entropy); + let mut new_rng = |label| ChaCha20Rng::from_seed(transcript.rng_seed(label)); + + let mut message_queue_keys_rng = new_rng(b"message_queue_keys"); + let mut key_pair = || { + let key = Zeroizing::new(::F::random(&mut message_queue_keys_rng)); + let public = Ristretto::generator() * key.deref(); + (key, public) + }; + let coordinator_key = key_pair(); + let bitcoin_key = key_pair(); + let ethereum_key = key_pair(); + let monero_key = key_pair(); + + message_queue( + &orchestration_path, + network, + coordinator_key.1, + bitcoin_key.1, + ethereum_key.1, + monero_key.1, + ); + + let mut processor_entropy_rng = new_rng(b"processor_entropy"); + let mut new_entropy = || { + let mut res = Zeroizing::new([0; 32]); + processor_entropy_rng.fill_bytes(res.as_mut()); + res + }; + processor( + &orchestration_path, + network, + "bitcoin", + coordinator_key.1, + bitcoin_key.0, + new_entropy(), + ); + processor( + &orchestration_path, + network, + "ethereum", + coordinator_key.1, + ethereum_key.0, + new_entropy(), + ); + processor(&orchestration_path, network, "monero", coordinator_key.1, monero_key.0, new_entropy()); + + coordinator(&orchestration_path, network, coordinator_key.0); serai(&orchestration_path, network); } diff --git a/orchestration/src/message_queue.rs b/orchestration/src/message_queue.rs index a36fca71f..fb1a94213 100644 --- a/orchestration/src/message_queue.rs +++ b/orchestration/src/message_queue.rs @@ -1,18 +1,27 @@ use std::{path::Path}; +use ciphersuite::{group::GroupEncoding, Ciphersuite, Ristretto}; + use crate::{Network, Os, mimalloc, os, build_serai_service, write_dockerfile}; -pub fn message_queue(orchestration_path: &Path, network: Network) { +pub fn message_queue( + orchestration_path: &Path, + network: Network, + coordinator_key: ::G, + bitcoin_key: ::G, + ethereum_key: ::G, + monero_key: ::G, +) { let setup = mimalloc(Os::Debian).to_string() + &build_serai_service(network.release(), network.db(), "serai-message-queue"); let env_vars = [ - ("COORDINATOR_KEY", ""), - ("BITCOIN_KEY", ""), - ("ETHEREUM_KEY", ""), - ("MONERO_KEY", ""), - ("DB_PATH", "./message-queue-db"), - ("RUST_LOG", "serai_message_queue=trace"), + ("COORDINATOR_KEY", hex::encode(coordinator_key.to_bytes())), + ("BITCOIN_KEY", hex::encode(bitcoin_key.to_bytes())), + ("ETHEREUM_KEY", hex::encode(ethereum_key.to_bytes())), + ("MONERO_KEY", hex::encode(monero_key.to_bytes())), + ("DB_PATH", "./message-queue-db".to_string()), + ("RUST_LOG", "serai_message_queue=trace".to_string()), ]; let mut env_vars_str = String::new(); for (env_var, value) in env_vars { diff --git a/orchestration/src/processor.rs b/orchestration/src/processor.rs index 5b22ecb6e..4c37eb451 100644 --- a/orchestration/src/processor.rs +++ b/orchestration/src/processor.rs @@ -1,8 +1,20 @@ use std::{path::Path}; +use zeroize::Zeroizing; + +use ciphersuite::{group::ff::PrimeField, Ciphersuite, Ristretto}; + use crate::{Network, Os, mimalloc, os, build_serai_service, write_dockerfile}; -pub fn processor(orchestration_path: &Path, network: Network, coin: &'static str) { +#[allow(clippy::needless_pass_by_value)] +pub fn processor( + orchestration_path: &Path, + network: Network, + coin: &'static str, + _coordinator_key: ::G, + coin_key: Zeroizing<::F>, + entropy: Zeroizing<[u8; 32]>, +) { let setup = mimalloc(Os::Debian).to_string() + &build_serai_service( network.release(), @@ -15,14 +27,27 @@ pub fn processor(orchestration_path: &Path, network: Network, coin: &'static str RUN apt install -y ca-certificates "#; + // TODO: Randomly generate these + const RPC_USER: &str = "serai"; + const RPC_PASS: &str = "seraidex"; + // TODO: Isolate networks + let hostname = format!("{coin}-{}", network.label()); + let port = match coin { + "bitcoin" => 8332, + "ethereum" => return, // TODO + "monero" => 18081, + _ => panic!("unrecognized external network"), + }; + let env_vars = [ - ("MESSAGE_QUEUE_KEY", ""), - ("ENTROPY", ""), - ("NETWORK", ""), - ("NETWORK_RPC_LOGIN", ""), - ("NETWORK_RPC_PORT", ""), - ("DB_PATH", "./processor-db"), - ("RUST_LOG", "serai_processor=debug"), + ("MESSAGE_QUEUE_KEY", hex::encode(coin_key.to_repr())), + ("ENTROPY", hex::encode(entropy.as_ref())), + ("NETWORK", coin.to_string()), + ("NETWORK_RPC_LOGIN", format!("{RPC_USER}:{RPC_PASS}")), + ("NETWORK_RPC_HOSTNAME", hostname), + ("NETWORK_RPC_PORT", format!("{port}")), + ("DB_PATH", "./processor-db".to_string()), + ("RUST_LOG", "serai_processor=debug".to_string()), ]; let mut env_vars_str = String::new(); for (env_var, value) in env_vars { diff --git a/orchestration/src/serai.rs b/orchestration/src/serai.rs index e12397f23..ac677dd58 100644 --- a/orchestration/src/serai.rs +++ b/orchestration/src/serai.rs @@ -19,7 +19,7 @@ EXPOSE 30333 9615 9933 9944 ADD /orchestration/{}/serai/run.sh / CMD ["/run.sh"] "#, - network.folder() + network.label() ); let run = os(Os::Debian, "", "serai") + &run_serai; diff --git a/orchestration/testnet/coins/monero/run.sh b/orchestration/testnet/coins/monero/run.sh index d1ce89fa3..a4ef851a5 100755 --- a/orchestration/testnet/coins/monero/run.sh +++ b/orchestration/testnet/coins/monero/run.sh @@ -4,7 +4,7 @@ RPC_USER="${RPC_USER:=serai}" RPC_PASS="${RPC_PASS:=seraidex}" # Run Monero -monerod --non-interactive --testnet \ +monerod --non-interactive --stagenet \ --no-zmq --rpc-bind-ip=0.0.0.0 --rpc-bind-port=18081 --confirm-external-bind \ --rpc-access-control-origins "*" --disable-rpc-ban \ --rpc-login=$RPC_USER:$RPC_PASS From 370a7bf20bc52c11471a2bcaa6bdda14f50ae506 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Wed, 7 Feb 2024 09:49:55 -0500 Subject: [PATCH 33/46] Have orchestrator generate a key, be able to create/start containers --- Cargo.lock | 1 + orchestration/Cargo.toml | 2 + orchestration/src/coordinator.rs | 4 +- orchestration/src/docker.rs | 48 ++++++++ orchestration/src/main.rs | 196 +++++++++++++++++++++++++++---- orchestration/src/processor.rs | 3 +- 6 files changed, 232 insertions(+), 22 deletions(-) create mode 100644 orchestration/src/docker.rs diff --git a/Cargo.lock b/Cargo.lock index 5c3817c93..cc16da23d 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -7667,6 +7667,7 @@ dependencies = [ "ciphersuite", "flexible-transcript", "hex", + "home", "rand_chacha", "rand_core", "zalloc", diff --git a/orchestration/Cargo.toml b/orchestration/Cargo.toml index fffd248af..fca380661 100644 --- a/orchestration/Cargo.toml +++ b/orchestration/Cargo.toml @@ -26,3 +26,5 @@ transcript = { package = "flexible-transcript", path = "../crypto/transcript", d ciphersuite = { path = "../crypto/ciphersuite", default-features = false, features = ["std", "ristretto"] } zalloc = { path = "../common/zalloc" } + +home = "0.5" diff --git a/orchestration/src/coordinator.rs b/orchestration/src/coordinator.rs index c537434ae..df9ed6e20 100644 --- a/orchestration/src/coordinator.rs +++ b/orchestration/src/coordinator.rs @@ -11,6 +11,7 @@ pub fn coordinator( orchestration_path: &Path, network: Network, coordinator_key: Zeroizing<::F>, + serai_key: Zeroizing<::F>, ) { let db = network.db(); let longer_reattempts = if network == Network::Dev { "longer-reattempts" } else { "" }; @@ -27,9 +28,10 @@ RUN apt install -y ca-certificates "#; let env_vars = [ + ("MESSAGE_QUEUE_RPC", format!("serai-{}-message-queue", network.label())), ("MESSAGE_QUEUE_KEY", hex::encode(coordinator_key.to_repr())), ("DB_PATH", "./coordinator-db".to_string()), - ("SERAI_KEY", String::new()), // TODO + ("SERAI_KEY", hex::encode(serai_key.to_repr())), ("SERAI_HOSTNAME", format!("serai-{}", network.label())), ("RUST_LOG", "serai_coordinator=debug,tributary_chain=debug,tendermint=debug".to_string()), ]; diff --git a/orchestration/src/docker.rs b/orchestration/src/docker.rs new file mode 100644 index 000000000..45aff177c --- /dev/null +++ b/orchestration/src/docker.rs @@ -0,0 +1,48 @@ +use std::{collections::HashSet, path::Path, env, process::Command}; + +use crate::Network; + +pub fn build(orchestration_path: &Path, network: Network, name: &str) { + // Else, hold the lock while we build + let mut repo_path = env::current_exe().unwrap(); + repo_path.pop(); + if repo_path.as_path().ends_with("deps") { + repo_path.pop(); + } + assert!(repo_path.as_path().ends_with("debug") || repo_path.as_path().ends_with("release")); + repo_path.pop(); + assert!(repo_path.as_path().ends_with("target")); + repo_path.pop(); + + let mut dockerfile_path = orchestration_path.to_path_buf(); + if HashSet::from(["bitcoin", "ethereum", "monero"]).contains(name) { + dockerfile_path = dockerfile_path.join("coins"); + } + if name.contains("-processor") { + dockerfile_path = + dockerfile_path.join("processor").join(name.split('-').next().unwrap()).join("Dockerfile"); + } else { + dockerfile_path = dockerfile_path.join(name).join("Dockerfile"); + } + + println!("Building {}...", &name); + + if !Command::new("docker") + .current_dir(&repo_path) + .arg("build") + .arg("-f") + .arg(dockerfile_path) + .arg(".") + .arg("-t") + .arg(format!("serai-{}-{name}-img", network.label())) + .spawn() + .unwrap() + .wait() + .unwrap() + .success() + { + panic!("failed to build {name}"); + } + + println!("Built!"); +} diff --git a/orchestration/src/main.rs b/orchestration/src/main.rs index 2c08fa1b3..449236802 100644 --- a/orchestration/src/main.rs +++ b/orchestration/src/main.rs @@ -2,7 +2,7 @@ // TODO: Generate keys for a validator and the infra use core::ops::Deref; -use std::{env, path::PathBuf, io::Write, fs}; +use std::{collections::HashSet, env, path::PathBuf, io::Write, fs, process::Command}; use zeroize::Zeroizing; @@ -11,7 +11,13 @@ use rand_chacha::ChaCha20Rng; use transcript::{Transcript, RecommendedTranscript}; -use ciphersuite::{group::ff::Field, Ciphersuite, Ristretto}; +use ciphersuite::{ + group::{ + ff::{Field, PrimeField}, + GroupEncoding, + }, + Ciphersuite, Ristretto, +}; mod mimalloc; use mimalloc::mimalloc; @@ -31,6 +37,8 @@ use coordinator::coordinator; mod serai; use serai::serai; +mod docker; + #[global_allocator] static ALLOCATOR: zalloc::ZeroizingAlloc = zalloc::ZeroizingAlloc(std::alloc::System); @@ -173,20 +181,22 @@ pub fn write_dockerfile(path: PathBuf, dockerfile: &str) { fs::File::create(path).unwrap().write_all(dockerfile.as_bytes()).unwrap(); } +fn orchestration_path(network: Network) -> PathBuf { + let mut repo_path = env::current_exe().unwrap(); + repo_path.pop(); + assert!(repo_path.as_path().ends_with("debug")); + repo_path.pop(); + assert!(repo_path.as_path().ends_with("target")); + repo_path.pop(); + + let mut orchestration_path = repo_path.clone(); + orchestration_path.push("orchestration"); + orchestration_path.push(network.label()); + orchestration_path +} + fn dockerfiles(network: Network) { - let orchestration_path = { - let mut repo_path = env::current_exe().unwrap(); - repo_path.pop(); - assert!(repo_path.as_path().ends_with("debug")); - repo_path.pop(); - assert!(repo_path.as_path().ends_with("target")); - repo_path.pop(); - - let mut orchestration_path = repo_path.clone(); - orchestration_path.push("orchestration"); - orchestration_path.push(network.label()); - orchestration_path - }; + let orchestration_path = orchestration_path(network); bitcoin(&orchestration_path, network); ethereum(&orchestration_path); @@ -195,9 +205,14 @@ fn dockerfiles(network: Network) { monero_wallet_rpc(&orchestration_path); } + // TODO: Generate infra keys in key_gen, yet service entropy here? + // Generate entropy for the infrastructure keys - let mut entropy = [0; 32]; - OsRng.fill_bytes(&mut entropy); + let mut entropy = Zeroizing::new([0; 32]); + // Only use actual entropy if this isn't a development environment + if network != Network::Dev { + OsRng.fill_bytes(entropy.as_mut()); + } let mut transcript = RecommendedTranscript::new(b"Serai Orchestrator Transcript"); transcript.append_message(b"entropy", entropy); let mut new_rng = |label| ChaCha20Rng::from_seed(transcript.rng_seed(label)); @@ -246,12 +261,153 @@ fn dockerfiles(network: Network) { ); processor(&orchestration_path, network, "monero", coordinator_key.1, monero_key.0, new_entropy()); - coordinator(&orchestration_path, network, coordinator_key.0); + let serai_key = { + let serai_key = Zeroizing::new( + fs::read(home::home_dir().unwrap().join(".serai").join(network.label()).join("key")) + .expect("couldn't read key for this network"), + ); + let mut serai_key_repr = + Zeroizing::new(<::F as PrimeField>::Repr::default()); + serai_key_repr.as_mut().copy_from_slice(serai_key.as_ref()); + Zeroizing::new(::F::from_repr(*serai_key_repr).unwrap()) + }; + + coordinator(&orchestration_path, network, coordinator_key.0, serai_key); serai(&orchestration_path, network); } +fn key_gen(network: Network) { + let key = ::F::random(&mut OsRng); + let serai_dir = home::home_dir().unwrap().join(".serai"); + fs::create_dir(&serai_dir).expect("couldn't create ~/.serai"); + + fs::create_dir(serai_dir.join(network.label())).expect("couldn't create ~/.serai/{network}"); + fs::write(serai_dir.join(network.label()).join("key"), key.to_repr()) + .expect("couldn't write key"); + println!( + "Public Key: {}", + hex::encode((::generator() * key).to_bytes()) + ); +} + +fn start(network: Network, services: HashSet) { + for service in services { + println!("Starting {service}"); + let name = match service.as_ref() { + "serai" => "serai", + "coordinator" => "coordinator", + "message-queue" => "message-queue", + "bitcoin-daemon" => "bitcoin", + "bitcoin-processor" => "bitcoin-processor", + "monero-daemon" => "monero", + "monero-processor" => "monero-processor", + "monero-wallet-rpc" => "monero-wallet-rpc", + _ => panic!("starting unrecognized service"), + }; + + // Build it, if it wasn't already built + let docker_name = format!("serai-{}-{name}", network.label()); + let docker_image = format!("{docker_name}-img"); + if !Command::new("docker") + .arg("inspect") + .arg("-f") + .arg("{{ .Metadata.LastTagTime }}") + .arg(&docker_image) + .status() + .unwrap() + .success() + { + println!("Building {service}"); + docker::build(&orchestration_path(network), network, name); + } + + if !Command::new("docker").arg("inspect").arg(&docker_name).status().unwrap().success() { + // Create the docker container + println!("Creating new container for {service}"); + assert!( + Command::new("docker") + .arg("create") + .arg("--name") + .arg(&docker_name) + .arg("--network") + .arg("bridge") + .arg(docker_image) + .status() + .unwrap() + .success(), + "couldn't create the container" + ); + } + + // Start it + // TODO: Check it successfully started + println!("Starting existing container for {service}"); + let _ = Command::new("docker").arg("start").arg(docker_name).output(); + } +} + fn main() { - dockerfiles(Network::Dev); - dockerfiles(Network::Testnet); + let help = || -> ! { + println!( + r#" +Serai Orchestrator v0.0.1 + +Commands: + key_gen *network* + Generates a key for the validator. + + setup *network* + Generate infrastructure keys and the Dockerfiles for every Serai service. + + start *network* [service1, service2...] + Start the specified services for the specified network ("dev" or "testnet"). + + - `serai` + - `coordinator` + - `message-queue` + - `bitcoin-daemon` + - `bitcoin-processor` + - `monero-daemon` + - `monero-processor` + - `monero-wallet-rpc` (if "dev") + + are valid services. + + `*network*-processor` will automatically start `*network*-daemon`. +"# + ); + std::process::exit(1); + }; + + let mut args = env::args(); + args.next(); + let command = args.next(); + let network = match args.next().as_ref().map(AsRef::as_ref) { + Some("dev") => Network::Dev, + Some("testnet") => Network::Testnet, + Some(_) => panic!(r#"unrecognized network. only "dev" and "testnet" are recognized"#), + None => help(), + }; + + match command.as_ref().map(AsRef::as_ref) { + Some("key_gen") => { + key_gen(network); + } + Some("setup") => { + dockerfiles(network); + } + Some("start") => { + let mut services = HashSet::new(); + for arg in args { + if let Some(ext_network) = arg.strip_suffix("-processor") { + services.insert(ext_network.to_string() + "-daemon"); + } + services.insert(arg); + } + + start(network, services); + } + _ => help(), + } } diff --git a/orchestration/src/processor.rs b/orchestration/src/processor.rs index 4c37eb451..8f809a135 100644 --- a/orchestration/src/processor.rs +++ b/orchestration/src/processor.rs @@ -31,7 +31,7 @@ RUN apt install -y ca-certificates const RPC_USER: &str = "serai"; const RPC_PASS: &str = "seraidex"; // TODO: Isolate networks - let hostname = format!("{coin}-{}", network.label()); + let hostname = format!("serai-{}-{coin}", network.label()); let port = match coin { "bitcoin" => 8332, "ethereum" => return, // TODO @@ -40,6 +40,7 @@ RUN apt install -y ca-certificates }; let env_vars = [ + ("MESSAGE_QUEUE_RPC", format!("serai-{}-message_queue", network.label())), ("MESSAGE_QUEUE_KEY", hex::encode(coin_key.to_repr())), ("ENTROPY", hex::encode(entropy.as_ref())), ("NETWORK", coin.to_string()), From be87288ac51c057bedcdd7542c171b8fb50fe1d0 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Wed, 7 Feb 2024 11:06:35 -0500 Subject: [PATCH 34/46] Ensure bash is used over sh --- orchestration/dev/coins/ethereum/run.sh | 2 +- orchestration/dev/coins/monero-wallet-rpc/run.sh | 2 +- orchestration/dev/coins/monero/run.sh | 2 +- orchestration/testnet/coins/ethereum/run.sh | 2 +- orchestration/testnet/coins/monero/run.sh | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/orchestration/dev/coins/ethereum/run.sh b/orchestration/dev/coins/ethereum/run.sh index 0b86ff69d..922016dca 100755 --- a/orchestration/dev/coins/ethereum/run.sh +++ b/orchestration/dev/coins/ethereum/run.sh @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash geth --dev --networkid 5208 --datadir "eth-devnet" \ --http --http.api "web3,net,eth,miner" \ diff --git a/orchestration/dev/coins/monero-wallet-rpc/run.sh b/orchestration/dev/coins/monero-wallet-rpc/run.sh index e886c9e86..d2a457126 100755 --- a/orchestration/dev/coins/monero-wallet-rpc/run.sh +++ b/orchestration/dev/coins/monero-wallet-rpc/run.sh @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash monero-wallet-rpc \ --allow-mismatched-daemon-version \ diff --git a/orchestration/dev/coins/monero/run.sh b/orchestration/dev/coins/monero/run.sh index 675d44382..1c6550185 100755 --- a/orchestration/dev/coins/monero/run.sh +++ b/orchestration/dev/coins/monero/run.sh @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash RPC_USER="${RPC_USER:=serai}" RPC_PASS="${RPC_PASS:=seraidex}" diff --git a/orchestration/testnet/coins/ethereum/run.sh b/orchestration/testnet/coins/ethereum/run.sh index 2bb8d868b..d87f29eec 100755 --- a/orchestration/testnet/coins/ethereum/run.sh +++ b/orchestration/testnet/coins/ethereum/run.sh @@ -1,3 +1,3 @@ -#!/bin/sh +#!/bin/bash exit 1 diff --git a/orchestration/testnet/coins/monero/run.sh b/orchestration/testnet/coins/monero/run.sh index a4ef851a5..b705ab5b3 100755 --- a/orchestration/testnet/coins/monero/run.sh +++ b/orchestration/testnet/coins/monero/run.sh @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash RPC_USER="${RPC_USER:=serai}" RPC_PASS="${RPC_PASS:=seraidex}" From 95aa08873addfe25e14ae3a504d060804fa84b1e Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Wed, 7 Feb 2024 11:09:08 -0500 Subject: [PATCH 35/46] Clean dated docs --- docs/Getting Started.md | 17 ----------------- 1 file changed, 17 deletions(-) diff --git a/docs/Getting Started.md b/docs/Getting Started.md index 4500efc1e..70d7868a4 100644 --- a/docs/Getting Started.md +++ b/docs/Getting Started.md @@ -70,24 +70,7 @@ Running tests requires: - A properly configured Bitcoin regtest node (available via Docker) - A properly configured Monero regtest node (available via Docker) - A properly configured monero-wallet-rpc instance (available via Docker) -- A debug Serai node (`cd substrate/node && cargo build`) ``` cargo test --all-features ``` - -### Run Serai in Development Mode - -``` -./target/release/serai-node --dev -``` - -### Run Serai with Orchestration - -Under `/orchestration`, you can find our orchestration components for running -the entire infrastructure of Serai in a local environment using Docker Compose -or Kubernetes. - -[Run Serai with Docker Compose](../orchestration/README.md) - -[Run Serai with Kubernetes](../orchestration/kubernetes/README.md) From 22a3039dc003d9de408722abe682dba9cd34d19a Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Wed, 7 Feb 2024 11:37:05 -0500 Subject: [PATCH 36/46] Change how quoting occurs --- orchestration/src/coordinator.rs | 2 +- orchestration/src/docker.rs | 1 - orchestration/src/message_queue.rs | 2 +- orchestration/src/processor.rs | 2 +- 4 files changed, 3 insertions(+), 4 deletions(-) diff --git a/orchestration/src/coordinator.rs b/orchestration/src/coordinator.rs index df9ed6e20..bdfaa6bad 100644 --- a/orchestration/src/coordinator.rs +++ b/orchestration/src/coordinator.rs @@ -37,7 +37,7 @@ RUN apt install -y ca-certificates ]; let mut env_vars_str = String::new(); for (env_var, value) in env_vars { - env_vars_str += &format!(r#"{env_var}="${{{env_var}:='{value}'}}" "#); + env_vars_str += &format!(r#"{env_var}=${{{env_var}:="{value}"}} "#); } let run_coordinator = format!( diff --git a/orchestration/src/docker.rs b/orchestration/src/docker.rs index 45aff177c..b67d62adf 100644 --- a/orchestration/src/docker.rs +++ b/orchestration/src/docker.rs @@ -3,7 +3,6 @@ use std::{collections::HashSet, path::Path, env, process::Command}; use crate::Network; pub fn build(orchestration_path: &Path, network: Network, name: &str) { - // Else, hold the lock while we build let mut repo_path = env::current_exe().unwrap(); repo_path.pop(); if repo_path.as_path().ends_with("deps") { diff --git a/orchestration/src/message_queue.rs b/orchestration/src/message_queue.rs index fb1a94213..ef6bdcbfc 100644 --- a/orchestration/src/message_queue.rs +++ b/orchestration/src/message_queue.rs @@ -25,7 +25,7 @@ pub fn message_queue( ]; let mut env_vars_str = String::new(); for (env_var, value) in env_vars { - env_vars_str += &format!(r#"{env_var}="${{{env_var}:='{value}'}}" "#); + env_vars_str += &format!(r#"{env_var}=${{{env_var}:="{value}"}} "#); } let run_message_queue = format!( diff --git a/orchestration/src/processor.rs b/orchestration/src/processor.rs index 8f809a135..e2afde09d 100644 --- a/orchestration/src/processor.rs +++ b/orchestration/src/processor.rs @@ -52,7 +52,7 @@ RUN apt install -y ca-certificates ]; let mut env_vars_str = String::new(); for (env_var, value) in env_vars { - env_vars_str += &format!(r#"{env_var}="${{{env_var}:='{value}'}}" "#); + env_vars_str += &format!(r#"{env_var}=${{{env_var}:="{value}"}} "#); } let run_processor = format!( From bd3b563959140cb58c55feb8d65c7e9e8784b1b9 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Wed, 7 Feb 2024 23:55:27 -0500 Subject: [PATCH 37/46] Standardize to sh --- orchestration/dev/coins/bitcoin/run.sh | 2 +- orchestration/dev/coins/ethereum/run.sh | 2 +- orchestration/dev/coins/monero-wallet-rpc/run.sh | 2 +- orchestration/dev/coins/monero/run.sh | 2 +- orchestration/dev/serai/run.sh | 2 +- orchestration/testnet/coins/bitcoin/run.sh | 2 +- orchestration/testnet/coins/ethereum/run.sh | 2 +- orchestration/testnet/coins/monero/run.sh | 2 +- orchestration/testnet/serai/run.sh | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/orchestration/dev/coins/bitcoin/run.sh b/orchestration/dev/coins/bitcoin/run.sh index a157fb583..7d3c1b7bb 100755 --- a/orchestration/dev/coins/bitcoin/run.sh +++ b/orchestration/dev/coins/bitcoin/run.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh RPC_USER="${RPC_USER:=serai}" RPC_PASS="${RPC_PASS:=seraidex}" diff --git a/orchestration/dev/coins/ethereum/run.sh b/orchestration/dev/coins/ethereum/run.sh index 922016dca..0b86ff69d 100755 --- a/orchestration/dev/coins/ethereum/run.sh +++ b/orchestration/dev/coins/ethereum/run.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh geth --dev --networkid 5208 --datadir "eth-devnet" \ --http --http.api "web3,net,eth,miner" \ diff --git a/orchestration/dev/coins/monero-wallet-rpc/run.sh b/orchestration/dev/coins/monero-wallet-rpc/run.sh index d2a457126..e886c9e86 100755 --- a/orchestration/dev/coins/monero-wallet-rpc/run.sh +++ b/orchestration/dev/coins/monero-wallet-rpc/run.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh monero-wallet-rpc \ --allow-mismatched-daemon-version \ diff --git a/orchestration/dev/coins/monero/run.sh b/orchestration/dev/coins/monero/run.sh index 1c6550185..675d44382 100755 --- a/orchestration/dev/coins/monero/run.sh +++ b/orchestration/dev/coins/monero/run.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh RPC_USER="${RPC_USER:=serai}" RPC_PASS="${RPC_PASS:=seraidex}" diff --git a/orchestration/dev/serai/run.sh b/orchestration/dev/serai/run.sh index 5c5d69b74..44e9969f8 100755 --- a/orchestration/dev/serai/run.sh +++ b/orchestration/dev/serai/run.sh @@ -1,3 +1,3 @@ -#!/bin/bash +#!/bin/sh serai-node --unsafe-rpc-external --rpc-cors all --chain local --$SERAI_NAME diff --git a/orchestration/testnet/coins/bitcoin/run.sh b/orchestration/testnet/coins/bitcoin/run.sh index 8f7584c31..d11ea08a8 100755 --- a/orchestration/testnet/coins/bitcoin/run.sh +++ b/orchestration/testnet/coins/bitcoin/run.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh RPC_USER="${RPC_USER:=serai}" RPC_PASS="${RPC_PASS:=seraidex}" diff --git a/orchestration/testnet/coins/ethereum/run.sh b/orchestration/testnet/coins/ethereum/run.sh index d87f29eec..2bb8d868b 100755 --- a/orchestration/testnet/coins/ethereum/run.sh +++ b/orchestration/testnet/coins/ethereum/run.sh @@ -1,3 +1,3 @@ -#!/bin/bash +#!/bin/sh exit 1 diff --git a/orchestration/testnet/coins/monero/run.sh b/orchestration/testnet/coins/monero/run.sh index b705ab5b3..a4ef851a5 100755 --- a/orchestration/testnet/coins/monero/run.sh +++ b/orchestration/testnet/coins/monero/run.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh RPC_USER="${RPC_USER:=serai}" RPC_PASS="${RPC_PASS:=seraidex}" diff --git a/orchestration/testnet/serai/run.sh b/orchestration/testnet/serai/run.sh index d87f29eec..2bb8d868b 100755 --- a/orchestration/testnet/serai/run.sh +++ b/orchestration/testnet/serai/run.sh @@ -1,3 +1,3 @@ -#!/bin/bash +#!/bin/sh exit 1 From 8e6d4df4cc6a4ad4b501d00d0f8de9d156aae8ea Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Thu, 8 Feb 2024 00:21:46 -0500 Subject: [PATCH 38/46] Have Docker test build the dev Dockerfiles --- tests/docker/src/lib.rs | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/tests/docker/src/lib.rs b/tests/docker/src/lib.rs index 611abf008..6df010441 100644 --- a/tests/docker/src/lib.rs +++ b/tests/docker/src/lib.rs @@ -22,6 +22,7 @@ pub fn fresh_logs_folder(first: bool, label: &str) -> String { logs_path.to_str().unwrap().to_string() } +// TODO: Merge this with what's in serai-orchestrator/have serai-orchestrator perform building static BUILT: OnceLock>> = OnceLock::new(); pub fn build(name: String) { let built = BUILT.get_or_init(|| Mutex::new(HashMap::new())); @@ -48,6 +49,26 @@ pub fn build(name: String) { .arg("run") .arg("-p") .arg("serai-orchestrator") + .arg("--") + .arg("key_gen") + .arg("dev") + .spawn() + .unwrap() + .wait() + .unwrap() + .success() + { + panic!("failed to run the orchestrator"); + } + + if !Command::new("cargo") + .current_dir(&repo_path) + .arg("run") + .arg("-p") + .arg("serai-orchestrator") + .arg("--") + .arg("setup") + .arg("dev") .spawn() .unwrap() .wait() From 8af0fe1f40eaf750173dfdec92c097028c8a8815 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Thu, 8 Feb 2024 00:30:05 -0500 Subject: [PATCH 39/46] Only key_gen once --- orchestration/src/main.rs | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/orchestration/src/main.rs b/orchestration/src/main.rs index 449236802..f65085b7f 100644 --- a/orchestration/src/main.rs +++ b/orchestration/src/main.rs @@ -278,13 +278,18 @@ fn dockerfiles(network: Network) { } fn key_gen(network: Network) { + let serai_dir = home::home_dir().unwrap().join(".serai").join(network.label()); + let key_file = serai_dir.join("key"); + if fs::File::open(&key_file).is_ok() { + println!("already created key"); + return; + } + let key = ::F::random(&mut OsRng); - let serai_dir = home::home_dir().unwrap().join(".serai"); - fs::create_dir(&serai_dir).expect("couldn't create ~/.serai"); - fs::create_dir(serai_dir.join(network.label())).expect("couldn't create ~/.serai/{network}"); - fs::write(serai_dir.join(network.label()).join("key"), key.to_repr()) - .expect("couldn't write key"); + let _ = fs::create_dir_all(&serai_dir); + fs::write(key_file, key.to_repr()).expect("couldn't write key"); + println!( "Public Key: {}", hex::encode((::generator() * key).to_bytes()) From c8a2e3b31824784b2e1286bbcec41ec1c195701a Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Thu, 8 Feb 2024 03:22:19 -0500 Subject: [PATCH 40/46] cargo update Adds a patch for zstd and reconciles the breaking nightly change which just occurred. --- .github/nightly-version | 2 +- Cargo.lock | 102 +++++++++++++++++----------------------- Cargo.toml | 18 +++++-- patches/zstd/Cargo.toml | 17 +++++++ patches/zstd/src/lib.rs | 1 + 5 files changed, 76 insertions(+), 64 deletions(-) create mode 100644 patches/zstd/Cargo.toml create mode 100644 patches/zstd/src/lib.rs diff --git a/.github/nightly-version b/.github/nightly-version index d7aace133..4a8f1e33b 100644 --- a/.github/nightly-version +++ b/.github/nightly-version @@ -1 +1 @@ -nightly-2024-02-01 +nightly-2024-02-07 diff --git a/Cargo.lock b/Cargo.lock index cc16da23d..0a7863888 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -139,9 +139,9 @@ dependencies = [ [[package]] name = "anstyle" -version = "1.0.5" +version = "1.0.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2faccea4cc4ab4a667ce676a30e8ec13922a692c99bb8f5b11f1502c72e04220" +checksum = "8901269c6307e8d93993578286ac0edf7f195079ffff5ebdeea6a59ffb7e36bc" [[package]] name = "anstyle-parse" @@ -747,9 +747,9 @@ checksum = "c3ac9f8b63eca6fd385229b3675f6cc0dc5c8a5c8a54a59d4f52ffd670d87b0c" [[package]] name = "bytemuck" -version = "1.14.1" +version = "1.14.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed2490600f404f2b94c167e31d3ed1d5f3c225a0f3b80230053b3e0b7b962bd9" +checksum = "ea31d69bda4949c1c1562c1e6f042a1caefac98cdc8a298260a2ff41c1e2d42b" [[package]] name = "byteorder" @@ -1289,9 +1289,9 @@ dependencies = [ [[package]] name = "curve25519-dalek" -version = "4.1.1" +version = "4.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e89b8c6a2e4b1f45971ad09761aafb85514a84744b67a95e32c3cc1352d1f65c" +checksum = "0a677b8922c94e01bdbb12126b0bc852f00447528dee1782229af9c720c3f348" dependencies = [ "cfg-if", "cpufeatures", @@ -1675,9 +1675,9 @@ dependencies = [ [[package]] name = "ed25519-dalek" -version = "2.1.0" +version = "2.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1f628eaec48bfd21b865dc2950cfa014450c01d2fa2b69a86c2fd5844ec523c0" +checksum = "4a3daa8e81a3963a60642bcc1f90a670680bd4a77535faa384e9d1c79d620871" dependencies = [ "curve25519-dalek", "ed25519", @@ -2114,9 +2114,9 @@ dependencies = [ [[package]] name = "fiat-crypto" -version = "0.2.5" +version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "27573eac26f4dd11e2b1916c3fe1baa56407c83c71a773a8ba17ec0bca03b6b7" +checksum = "1676f435fc1dadde4d03e43f5d62b259e1ce5f40bd4ffb21db2b42ebe59c1382" [[package]] name = "file-per-thread-logger" @@ -2783,9 +2783,9 @@ checksum = "95505c38b4572b2d910cecb0281560f54b440a19336cbbcb27bf6ce6adc6f5a8" [[package]] name = "hermit-abi" -version = "0.3.4" +version = "0.3.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5d3d0e0f38255e7fa3cf31335b3a56f05febd18025f4db5ef7a0cfb4f8da651f" +checksum = "d0c62115964e08cb8039170eb33c1d0e2388a256930279edca206fff675f82c3" [[package]] name = "hex" @@ -3271,9 +3271,9 @@ dependencies = [ [[package]] name = "js-sys" -version = "0.3.67" +version = "0.3.68" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9a1d36f1235bc969acba30b7f5990b864423a6068a10f7c90ae8f0112e3a59d1" +checksum = "406cda4b368d531c842222cf9d2600a9a4acce8d29423695379c6868a143a9ee" dependencies = [ "wasm-bindgen", ] @@ -4694,9 +4694,9 @@ dependencies = [ [[package]] name = "num-complex" -version = "0.4.4" +version = "0.4.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1ba157ca0885411de85d6ca030ba7e2a83a28636056c7c699b07c8b6f7383214" +checksum = "23c6602fda94a57c990fe0df199a035d83576b496aa29f4e634a8ac6004e68a6" dependencies = [ "num-traits", ] @@ -4713,11 +4713,10 @@ dependencies = [ [[package]] name = "num-integer" -version = "0.1.45" +version = "0.1.46" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "225d3389fb3509a24c93f5c29eb6bde2586b98d9f016636dff58d7c6f7569cd9" +checksum = "7969661fd2958a5cb096e56c8e1ad0444ac2bbcd0061bd28660485a44879858f" dependencies = [ - "autocfg", "num-traits", ] @@ -4735,9 +4734,9 @@ dependencies = [ [[package]] name = "num-traits" -version = "0.2.17" +version = "0.2.18" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "39e3200413f237f41ab11ad6d161bc7239c84dcb631773ccd7de3dfe4b5c267c" +checksum = "da0df0e5185db44f69b44f26786fe401b6c293d1907744beaa7fa62b2e5a517a" dependencies = [ "autocfg", "libm", @@ -5291,9 +5290,9 @@ checksum = "626dec3cac7cc0e1577a2ec3fc496277ec2baa084bebad95bb6fdbfae235f84c" [[package]] name = "polling" -version = "3.3.2" +version = "3.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "545c980a3880efd47b2e262f6a4bb6daad6555cf3367aa9c4e52895f69537a41" +checksum = "30054e72317ab98eddd8561db0f6524df3367636884b7b21b703e4b280a84a14" dependencies = [ "cfg-if", "concurrent-queue", @@ -9083,13 +9082,12 @@ checksum = "69758bda2e78f098e4ccb393021a0963bb3442eac05f135c30f61b7370bbafae" [[package]] name = "tempfile" -version = "3.9.0" +version = "3.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "01ce4141aa927a6d1bd34a041795abd0db1cccba5d5f24b009f694bdf3a1f3fa" +checksum = "a365e8cd18e44762ef95d87f284f4b5cd04107fec2ff3052bd6a3e6069669e67" dependencies = [ "cfg-if", "fastrand", - "redox_syscall 0.4.1", "rustix", "windows-sys 0.52.0", ] @@ -9818,9 +9816,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" [[package]] name = "wasm-bindgen" -version = "0.2.90" +version = "0.2.91" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b1223296a201415c7fad14792dbefaace9bd52b62d33453ade1c5b5f07555406" +checksum = "c1e124130aee3fb58c5bdd6b639a0509486b0338acaaae0c84a5124b0f588b7f" dependencies = [ "cfg-if", "wasm-bindgen-macro", @@ -9828,9 +9826,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-backend" -version = "0.2.90" +version = "0.2.91" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fcdc935b63408d58a32f8cc9738a0bffd8f05cc7c002086c6ef20b7312ad9dcd" +checksum = "c9e7e1900c352b609c8488ad12639a311045f40a35491fb69ba8c12f758af70b" dependencies = [ "bumpalo", "log", @@ -9843,9 +9841,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-futures" -version = "0.4.40" +version = "0.4.41" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bde2032aeb86bdfaecc8b261eef3cba735cc426c1f3a3416d1e0791be95fc461" +checksum = "877b9c3f61ceea0e56331985743b13f3d25c406a7098d45180fb5f09bc19ed97" dependencies = [ "cfg-if", "js-sys", @@ -9855,9 +9853,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro" -version = "0.2.90" +version = "0.2.91" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3e4c238561b2d428924c49815533a8b9121c664599558a5d9ec51f8a1740a999" +checksum = "b30af9e2d358182b5c7449424f017eba305ed32a7010509ede96cdc4696c46ed" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -9865,9 +9863,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.90" +version = "0.2.91" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bae1abb6806dc1ad9e560ed242107c0f6c84335f1749dd4e8ddb012ebd5e25a7" +checksum = "642f325be6301eb8107a83d12a8ac6c1e1c54345a7ef1a9261962dfefda09e66" dependencies = [ "proc-macro2", "quote", @@ -9878,9 +9876,9 @@ dependencies = [ [[package]] name = "wasm-bindgen-shared" -version = "0.2.90" +version = "0.2.91" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4d91413b1c31d7539ba5ef2451af3f0b833a005eb27a631cec32bc0635a8602b" +checksum = "4f186bd2dcf04330886ce82d6f33dd75a7bfcf69ecf5763b89fcde53b6ac9838" [[package]] name = "wasm-encoder" @@ -10185,9 +10183,9 @@ dependencies = [ [[package]] name = "web-sys" -version = "0.3.67" +version = "0.3.68" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "58cd2333b6e0be7a39605f0e255892fd7418a682d8da8fe042fe25128794d2ed" +checksum = "96565907687f7aceb35bc5fc03770a8a0471d82e479f25832f54a0e3f4b28446" dependencies = [ "js-sys", "wasm-bindgen", @@ -10420,9 +10418,9 @@ checksum = "dff9641d1cd4be8d1a070daf9e3773c5f67e78b4d9d42263020c057706765c04" [[package]] name = "winnow" -version = "0.5.37" +version = "0.5.39" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a7cad8365489051ae9f054164e459304af2e7e9bb407c958076c8bf4aef52da5" +checksum = "5389a154b01683d28c77f8f68f49dea75f0a4da32557a58f68ee51ebba472d29" dependencies = [ "memchr", ] @@ -10467,9 +10465,9 @@ dependencies = [ [[package]] name = "x25519-dalek" -version = "2.0.0" +version = "2.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fb66477291e7e8d2b0ff1bcb900bf29489a9692816d79874bea351e7a8b6de96" +checksum = "c7e468321c81fb07fa7f4c636c3972b9100f0346e5b6a9f2bd0603a52f7ed277" dependencies = [ "curve25519-dalek", "rand_core", @@ -10583,10 +10581,8 @@ dependencies = [ [[package]] name = "zstd" version = "0.11.2+zstd.1.5.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "20cc960326ece64f010d2d2107537f26dc589a6573a316bd5b1dba685fa5fde4" dependencies = [ - "zstd-safe 5.0.2+zstd.1.5.2", + "zstd 0.12.4", ] [[package]] @@ -10595,17 +10591,7 @@ version = "0.12.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1a27595e173641171fc74a1232b7b1c7a7cb6e18222c11e9dfb9888fa424c53c" dependencies = [ - "zstd-safe 6.0.6", -] - -[[package]] -name = "zstd-safe" -version = "5.0.2+zstd.1.5.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1d2a5585e04f9eea4b2a3d1eca508c4dee9592a89ef6f450c11719da0726f4db" -dependencies = [ - "libc", - "zstd-sys", + "zstd-safe", ] [[package]] diff --git a/Cargo.toml b/Cargo.toml index 6304b28db..25601c46e 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,11 +1,17 @@ [workspace] resolver = "2" members = [ - "patches/is-terminal", + # Version patches + "patches/zstd", + "patches/proc-macro-crate", + + # std patches "patches/matches", + "patches/is-terminal", + + # Rewrites/redirects "patches/option-ext", "patches/directories-next", - "patches/proc-macro-crate", "common/std-shims", "common/zalloc", @@ -104,6 +110,11 @@ lazy_static = { git = "https://github.com/rust-lang-nursery/lazy-static.rs", rev # Needed due to dockertest's usage of `Rc`s when we need `Arc`s dockertest = { git = "https://github.com/kayabaNerve/dockertest-rs", branch = "arc" } +# wasmtime pulls in an old version for this +zstd = { path = "patches/zstd" } +# proc-macro-crate 2 binds to an old version of toml for msrv so we patch to 3 +proc-macro-crate = { path = "patches/proc-macro-crate" } + # is-terminal now has an std-based solution with an equivalent API is-terminal = { path = "patches/is-terminal" } # So does matches @@ -117,9 +128,6 @@ matches = { path = "patches/matches" } option-ext = { path = "patches/option-ext" } directories-next = { path = "patches/directories-next" } -# proc-macro-crate 2 binds to an old version of toml for msrv so we patch to 3 -proc-macro-crate = { path = "patches/proc-macro-crate" } - [workspace.lints.clippy] unwrap_or_default = "allow" borrow_as_ptr = "deny" diff --git a/patches/zstd/Cargo.toml b/patches/zstd/Cargo.toml new file mode 100644 index 000000000..f7bf11d6b --- /dev/null +++ b/patches/zstd/Cargo.toml @@ -0,0 +1,17 @@ +[package] +name = "zstd" +version = "0.11.2+zstd.1.5.2" +description = "zstd which patches to the latest update" +license = "MIT" +repository = "https://github.com/serai-dex/serai/tree/develop/patches/zstd" +authors = ["Luke Parker "] +keywords = [] +edition = "2021" +rust-version = "1.70" + +[package.metadata.docs.rs] +all-features = true +rustdoc-args = ["--cfg", "docsrs"] + +[dependencies] +zstd = "0.12" diff --git a/patches/zstd/src/lib.rs b/patches/zstd/src/lib.rs new file mode 100644 index 000000000..b698a9b25 --- /dev/null +++ b/patches/zstd/src/lib.rs @@ -0,0 +1 @@ +pub use zstd::*; From cc1d4f493a6719b00b0e78bb8c75b5ecb8eef6a5 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Thu, 8 Feb 2024 05:07:53 -0500 Subject: [PATCH 41/46] Use a dedicated network for Serai Also fixes SERAI_HOSTNAME passed to coordinator. --- orchestration/src/coordinator.rs | 2 +- orchestration/src/main.rs | 12 +++++++++++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/orchestration/src/coordinator.rs b/orchestration/src/coordinator.rs index bdfaa6bad..a8556a009 100644 --- a/orchestration/src/coordinator.rs +++ b/orchestration/src/coordinator.rs @@ -32,7 +32,7 @@ RUN apt install -y ca-certificates ("MESSAGE_QUEUE_KEY", hex::encode(coordinator_key.to_repr())), ("DB_PATH", "./coordinator-db".to_string()), ("SERAI_KEY", hex::encode(serai_key.to_repr())), - ("SERAI_HOSTNAME", format!("serai-{}", network.label())), + ("SERAI_HOSTNAME", format!("serai-{}-serai", network.label())), ("RUST_LOG", "serai_coordinator=debug,tributary_chain=debug,tendermint=debug".to_string()), ]; let mut env_vars_str = String::new(); diff --git a/orchestration/src/main.rs b/orchestration/src/main.rs index f65085b7f..4fe1b65c8 100644 --- a/orchestration/src/main.rs +++ b/orchestration/src/main.rs @@ -297,6 +297,16 @@ fn key_gen(network: Network) { } fn start(network: Network, services: HashSet) { + // Create the serai network + Command::new("docker") + .arg("network") + .arg("create") + .arg("--driver") + .arg("bridge") + .arg("serai") + .output() + .unwrap(); + for service in services { println!("Starting {service}"); let name = match service.as_ref() { @@ -336,7 +346,7 @@ fn start(network: Network, services: HashSet) { .arg("--name") .arg(&docker_name) .arg("--network") - .arg("bridge") + .arg("serai") .arg(docker_image) .status() .unwrap() From 51edd8205ea245b5a39e3efee94a7d2d626b4a8d Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Thu, 8 Feb 2024 08:31:40 -0500 Subject: [PATCH 42/46] Support providing a key over the env for the Serai node --- Cargo.lock | 6 ++ substrate/node/Cargo.toml | 9 +++ substrate/node/src/command.rs | 11 ++-- substrate/node/src/keystore.rs | 107 +++++++++++++++++++++++++++++++++ substrate/node/src/main.rs | 2 + substrate/node/src/service.rs | 59 +++++++++++------- 6 files changed, 167 insertions(+), 27 deletions(-) create mode 100644 substrate/node/src/keystore.rs diff --git a/Cargo.lock b/Cargo.lock index 0a7863888..b1d9755c0 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -7628,8 +7628,10 @@ dependencies = [ "clap", "frame-benchmarking", "futures-util", + "hex", "jsonrpsee", "pallet-transaction-payment-rpc", + "rand_core", "sc-authority-discovery", "sc-basic-authorship", "sc-cli", @@ -7646,6 +7648,8 @@ dependencies = [ "sc-telemetry", "sc-transaction-pool", "sc-transaction-pool-api", + "schnorrkel", + "serai-env", "serai-runtime", "sp-api", "sp-block-builder", @@ -7653,10 +7657,12 @@ dependencies = [ "sp-consensus-babe", "sp-core", "sp-io", + "sp-keystore", "sp-timestamp", "substrate-build-script-utils", "substrate-frame-rpc-system", "tokio", + "zeroize", ] [[package]] diff --git a/substrate/node/Cargo.toml b/substrate/node/Cargo.toml index c34f70445..1a0a21395 100644 --- a/substrate/node/Cargo.toml +++ b/substrate/node/Cargo.toml @@ -20,7 +20,14 @@ workspace = true name = "serai-node" [dependencies] +zeroize = "1" +rand_core = "0.6" +hex = "0.4" + +schnorrkel = "0.11" + sp-core = { git = "https://github.com/serai-dex/substrate" } +sp-keystore = { git = "https://github.com/serai-dex/substrate" } sp-timestamp = { git = "https://github.com/serai-dex/substrate" } sp-io = { git = "https://github.com/serai-dex/substrate" } sp-blockchain = { git = "https://github.com/serai-dex/substrate" } @@ -61,6 +68,8 @@ sc-rpc-api = { git = "https://github.com/serai-dex/substrate" } substrate-frame-rpc-system = { git = "https://github.com/serai-dex/substrate" } pallet-transaction-payment-rpc = { git = "https://github.com/serai-dex/substrate" } +serai-env = { path = "../../common/env" } + [build-dependencies] substrate-build-script-utils = { git = "https://github.com/serai-dex/substrate" } diff --git a/substrate/node/src/command.rs b/substrate/node/src/command.rs index 91df761b5..3588f95f0 100644 --- a/substrate/node/src/command.rs +++ b/substrate/node/src/command.rs @@ -58,23 +58,23 @@ pub fn run() -> sc_cli::Result<()> { Some(Subcommand::CheckBlock(cmd)) => cli.create_runner(cmd)?.async_run(|config| { let PartialComponents { client, task_manager, import_queue, .. } = - service::new_partial(&config)?; + service::new_partial(&config)?.0; Ok((cmd.run(client, import_queue), task_manager)) }), Some(Subcommand::ExportBlocks(cmd)) => cli.create_runner(cmd)?.async_run(|config| { - let PartialComponents { client, task_manager, .. } = service::new_partial(&config)?; + let PartialComponents { client, task_manager, .. } = service::new_partial(&config)?.0; Ok((cmd.run(client, config.database), task_manager)) }), Some(Subcommand::ExportState(cmd)) => cli.create_runner(cmd)?.async_run(|config| { - let PartialComponents { client, task_manager, .. } = service::new_partial(&config)?; + let PartialComponents { client, task_manager, .. } = service::new_partial(&config)?.0; Ok((cmd.run(client, config.chain_spec), task_manager)) }), Some(Subcommand::ImportBlocks(cmd)) => cli.create_runner(cmd)?.async_run(|config| { let PartialComponents { client, task_manager, import_queue, .. } = - service::new_partial(&config)?; + service::new_partial(&config)?.0; Ok((cmd.run(client, import_queue), task_manager)) }), @@ -83,7 +83,8 @@ pub fn run() -> sc_cli::Result<()> { } Some(Subcommand::Revert(cmd)) => cli.create_runner(cmd)?.async_run(|config| { - let PartialComponents { client, task_manager, backend, .. } = service::new_partial(&config)?; + let PartialComponents { client, task_manager, backend, .. } = + service::new_partial(&config)?.0; let aux_revert = Box::new(|client: Arc, backend, blocks| { sc_consensus_babe::revert(client.clone(), backend, blocks)?; sc_consensus_grandpa::revert(client, blocks)?; diff --git a/substrate/node/src/keystore.rs b/substrate/node/src/keystore.rs new file mode 100644 index 000000000..333cd9c3a --- /dev/null +++ b/substrate/node/src/keystore.rs @@ -0,0 +1,107 @@ +use zeroize::Zeroize; +use rand_core::RngCore; + +use sp_core::{crypto::*, ed25519, sr25519}; +use sp_keystore::*; + +pub struct Keystore(sr25519::Pair); + +impl Keystore { + pub fn from_env() -> Option { + let mut key_hex = serai_env::var("KEY")?; + let mut key = hex::decode(&key_hex).expect("KEY from environment wasn't hex"); + key_hex.zeroize(); + + assert_eq!(key.len(), 32, "KEY from environment wasn't 32 bytes"); + key.extend([0; 32]); + rand_core::OsRng.fill_bytes(&mut key[32 ..]); + + let res = Self(sr25519::Pair::from(schnorrkel::SecretKey::from_bytes(&key).unwrap())); + key.zeroize(); + Some(res) + } +} + +impl sp_keystore::Keystore for Keystore { + fn sr25519_public_keys(&self, _: KeyTypeId) -> Vec { + vec![self.0.public()] + } + + fn sr25519_generate_new(&self, _: KeyTypeId, _: Option<&str>) -> Result { + panic!("asked to generate an sr25519 key"); + } + + fn sr25519_sign( + &self, + _: KeyTypeId, + public: &sr25519::Public, + msg: &[u8], + ) -> Result, Error> { + if public == &self.0.public() { + Ok(Some(self.0.sign(msg))) + } else { + Ok(None) + } + } + + fn sr25519_vrf_sign( + &self, + _: KeyTypeId, + public: &sr25519::Public, + data: &sr25519::vrf::VrfSignData, + ) -> Result, Error> { + if public == &self.0.public() { + Ok(Some(self.0.vrf_sign(data))) + } else { + Ok(None) + } + } + + fn sr25519_vrf_output( + &self, + _: KeyTypeId, + public: &sr25519::Public, + input: &sr25519::vrf::VrfInput, + ) -> Result, Error> { + if public == &self.0.public() { + Ok(Some(self.0.vrf_output(input))) + } else { + Ok(None) + } + } + + fn ed25519_public_keys(&self, _: KeyTypeId) -> Vec { + panic!("asked for ed25519 keys"); + } + + fn ed25519_generate_new(&self, _: KeyTypeId, _: Option<&str>) -> Result { + panic!("asked to generate an ed25519 key"); + } + + fn ed25519_sign( + &self, + _: KeyTypeId, + _: &ed25519::Public, + _: &[u8], + ) -> Result, Error> { + panic!("asked to produce an ed25519 signature"); + } + + fn insert(&self, _: KeyTypeId, _: &str, _: &[u8]) -> Result<(), ()> { + panic!("asked to insert a key"); + } + + fn keys(&self, _: KeyTypeId) -> Result>, Error> { + Ok(vec![self.0.public().0.to_vec()]) + } + + fn has_keys(&self, public_keys: &[(Vec, KeyTypeId)]) -> bool { + let our_key = self.0.public().0; + for (public_key, _) in public_keys { + if our_key != public_key.as_slice() { + return false; + } + } + true + } +} diff --git a/substrate/node/src/main.rs b/substrate/node/src/main.rs index b44f83d80..5f33b51bf 100644 --- a/substrate/node/src/main.rs +++ b/substrate/node/src/main.rs @@ -1,3 +1,5 @@ +mod keystore; + mod chain_spec; mod service; diff --git a/substrate/node/src/service.rs b/substrate/node/src/service.rs index 5a124eeba..686e4c39a 100644 --- a/substrate/node/src/service.rs +++ b/substrate/node/src/service.rs @@ -58,7 +58,9 @@ fn create_inherent_data_providers( (BabeInherent::from_timestamp_and_slot_duration(*timestamp, slot_duration), timestamp) } -pub fn new_partial(config: &Configuration) -> Result { +pub fn new_partial( + config: &Configuration, +) -> Result<(PartialComponents, Arc), ServiceError> { let telemetry = config .telemetry_endpoints .clone() @@ -87,6 +89,13 @@ pub fn new_partial(config: &Configuration) -> Result = + if let Some(keystore) = crate::keystore::Keystore::from_env() { + Arc::new(keystore) + } else { + keystore_container.keystore() + }; + let telemetry = telemetry.map(|(worker, telemetry)| { task_manager.spawn_handle().spawn("telemetry", None, worker.run()); telemetry @@ -137,29 +146,35 @@ pub fn new_partial(config: &Configuration) -> Result Result { - let sc_service::PartialComponents { - client, - backend, - mut task_manager, - import_queue, + let ( + sc_service::PartialComponents { + client, + backend, + mut task_manager, + keystore_container: _, + import_queue, + select_chain, + transaction_pool, + other: (block_import, babe_link, grandpa_link, shared_voter_state, mut telemetry), + }, keystore_container, - select_chain, - transaction_pool, - other: (block_import, babe_link, grandpa_link, shared_voter_state, mut telemetry), - } = new_partial(&config)?; + ) = new_partial(&config)?; let mut net_config = sc_network::config::FullNetworkConfiguration::new(&config.network); let grandpa_protocol_name = @@ -195,7 +210,7 @@ pub fn new_full(config: Configuration) -> Result { sc_offchain::OffchainWorkers::new(sc_offchain::OffchainWorkerOptions { runtime_api_provider: client.clone(), is_validator: config.role.is_authority(), - keystore: Some(keystore_container.keystore()), + keystore: Some(keystore_container.clone()), offchain_db: backend.offchain_storage(), transaction_pool: Some(OffchainTransactionPoolFactory::new(transaction_pool.clone())), network_provider: network.clone(), @@ -207,7 +222,7 @@ pub fn new_full(config: Configuration) -> Result { } let role = config.role.clone(); - let keystore = keystore_container.keystore(); + let keystore = keystore_container; let prometheus_registry = config.prometheus_registry().cloned(); // TODO: Ensure we're considered as an authority is a validator of an external network From b60e2f1a38e4fae8321fc517992e9d8b189c6e9e Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Thu, 8 Feb 2024 09:39:05 -0500 Subject: [PATCH 43/46] Enable and document running daemons for tests via serai-orchestrator Has running containers under the dev network port forward the RPC ports. --- coins/bitcoin/tests/runner.rs | 2 +- docs/Getting Started.md | 15 ++++++++ .../dev/coins/monero-wallet-rpc/run.sh | 2 +- orchestration/src/docker.rs | 2 +- orchestration/src/main.rs | 38 +++++++------------ 5 files changed, 32 insertions(+), 27 deletions(-) diff --git a/coins/bitcoin/tests/runner.rs b/coins/bitcoin/tests/runner.rs index 6491d5384..bc471279a 100644 --- a/coins/bitcoin/tests/runner.rs +++ b/coins/bitcoin/tests/runner.rs @@ -12,7 +12,7 @@ pub fn SEQUENTIAL() -> &'static Mutex<()> { #[allow(dead_code)] pub(crate) async fn rpc() -> Rpc { - let rpc = Rpc::new("http://serai:seraidex@127.0.0.1:18443".to_string()).await.unwrap(); + let rpc = Rpc::new("http://serai:seraidex@127.0.0.1:8332".to_string()).await.unwrap(); // If this node has already been interacted with, clear its chain if rpc.get_latest_block_number().await.unwrap() > 0 { diff --git a/docs/Getting Started.md b/docs/Getting Started.md index 70d7868a4..0034d69d4 100644 --- a/docs/Getting Started.md +++ b/docs/Getting Started.md @@ -71,6 +71,21 @@ Running tests requires: - A properly configured Monero regtest node (available via Docker) - A properly configured monero-wallet-rpc instance (available via Docker) +To start the required daemons, one may run: + +``` +cargo run -p serai-orchestrator -- key_gen dev +cargo run -p serai-orchestrator -- setup dev +``` + +and then: + +``` +cargo run -p serai-orchestrator -- start dev bitcoin-daemon monero-daemon monero-wallet-rpc +``` + +Finally, to run the tests: + ``` cargo test --all-features ``` diff --git a/orchestration/dev/coins/monero-wallet-rpc/run.sh b/orchestration/dev/coins/monero-wallet-rpc/run.sh index e886c9e86..5c7aeb70c 100755 --- a/orchestration/dev/coins/monero-wallet-rpc/run.sh +++ b/orchestration/dev/coins/monero-wallet-rpc/run.sh @@ -2,6 +2,6 @@ monero-wallet-rpc \ --allow-mismatched-daemon-version \ - --daemon-address monero:18081 --daemon-login serai:seraidex \ + --daemon-address serai-dev-monero:18081 --daemon-login serai:seraidex \ --disable-rpc-login --rpc-bind-ip=0.0.0.0 --rpc-bind-port 18082 --confirm-external-bind \ --wallet-dir /home/monero diff --git a/orchestration/src/docker.rs b/orchestration/src/docker.rs index b67d62adf..2523bfaa0 100644 --- a/orchestration/src/docker.rs +++ b/orchestration/src/docker.rs @@ -14,7 +14,7 @@ pub fn build(orchestration_path: &Path, network: Network, name: &str) { repo_path.pop(); let mut dockerfile_path = orchestration_path.to_path_buf(); - if HashSet::from(["bitcoin", "ethereum", "monero"]).contains(name) { + if HashSet::from(["bitcoin", "ethereum", "monero", "monero-wallet-rpc"]).contains(name) { dockerfile_path = dockerfile_path.join("coins"); } if name.contains("-processor") { diff --git a/orchestration/src/main.rs b/orchestration/src/main.rs index 4fe1b65c8..983ec6da6 100644 --- a/orchestration/src/main.rs +++ b/orchestration/src/main.rs @@ -321,36 +321,26 @@ fn start(network: Network, services: HashSet) { _ => panic!("starting unrecognized service"), }; - // Build it, if it wasn't already built + // Build it + println!("Building {service}"); + docker::build(&orchestration_path(network), network, name); + let docker_name = format!("serai-{}-{name}", network.label()); let docker_image = format!("{docker_name}-img"); - if !Command::new("docker") - .arg("inspect") - .arg("-f") - .arg("{{ .Metadata.LastTagTime }}") - .arg(&docker_image) - .status() - .unwrap() - .success() - { - println!("Building {service}"); - docker::build(&orchestration_path(network), network, name); - } - if !Command::new("docker").arg("inspect").arg(&docker_name).status().unwrap().success() { // Create the docker container println!("Creating new container for {service}"); + let mut command = Command::new("docker"); + let command = command.arg("create").arg("--name").arg(&docker_name); + let command = command.arg("--network").arg("serai"); + let command = match name { + "bitcoin" => command.arg("-p").arg("8332:8332"), + "monero" => command.arg("-p").arg("18081:18081"), + "monero-wallet-rpc" => command.arg("-p").arg("18082:18082"), + _ => command, + }; assert!( - Command::new("docker") - .arg("create") - .arg("--name") - .arg(&docker_name) - .arg("--network") - .arg("serai") - .arg(docker_image) - .status() - .unwrap() - .success(), + command.arg(docker_image).status().unwrap().success(), "couldn't create the container" ); } From 38c079cb2bb0a9095e6d74db843c6e550374e2b9 Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Thu, 8 Feb 2024 11:46:07 -0500 Subject: [PATCH 44/46] Use volumes for bitcoin/monero --- orchestration/dev/coins/bitcoin/run.sh | 3 +- orchestration/dev/coins/monero/run.sh | 1 + orchestration/src/coins/bitcoin.rs | 3 +- orchestration/src/coins/monero.rs | 9 +++-- orchestration/src/main.rs | 43 ++++++++++++++++++---- orchestration/testnet/coins/bitcoin/run.sh | 3 +- orchestration/testnet/coins/monero/run.sh | 3 +- 7 files changed, 51 insertions(+), 14 deletions(-) diff --git a/orchestration/dev/coins/bitcoin/run.sh b/orchestration/dev/coins/bitcoin/run.sh index 7d3c1b7bb..a1d89b696 100755 --- a/orchestration/dev/coins/bitcoin/run.sh +++ b/orchestration/dev/coins/bitcoin/run.sh @@ -5,4 +5,5 @@ RPC_PASS="${RPC_PASS:=seraidex}" bitcoind -txindex -regtest --port=8333 \ -rpcuser=$RPC_USER -rpcpassword=$RPC_PASS \ - -rpcbind=0.0.0.0 -rpcallowip=0.0.0.0/0 -rpcport=8332 + -rpcbind=0.0.0.0 -rpcallowip=0.0.0.0/0 -rpcport=8332 \ + --datadir=/volume diff --git a/orchestration/dev/coins/monero/run.sh b/orchestration/dev/coins/monero/run.sh index 675d44382..212002da8 100755 --- a/orchestration/dev/coins/monero/run.sh +++ b/orchestration/dev/coins/monero/run.sh @@ -8,4 +8,5 @@ monerod --non-interactive --regtest --offline --fixed-difficulty=1 \ --no-zmq --rpc-bind-ip=0.0.0.0 --rpc-bind-port=18081 --confirm-external-bind \ --rpc-access-control-origins "*" --disable-rpc-ban \ --rpc-login=$RPC_USER:$RPC_PASS \ + --data-dir=/volume \ $1 diff --git a/orchestration/src/coins/bitcoin.rs b/orchestration/src/coins/bitcoin.rs index a5c8b21c0..13c86bad7 100644 --- a/orchestration/src/coins/bitcoin.rs +++ b/orchestration/src/coins/bitcoin.rs @@ -43,7 +43,8 @@ CMD ["/run.sh"] network.label() ); - let run = os(Os::Debian, "", "bitcoin") + &run_bitcoin; + let run = + os(Os::Debian, "RUN mkdir /volume && chown bitcoin:bitcoin /volume", "bitcoin") + &run_bitcoin; let res = setup + &run; let mut bitcoin_path = orchestration_path.to_path_buf(); diff --git a/orchestration/src/coins/monero.rs b/orchestration/src/coins/monero.rs index dcdc58b1d..1113fcf64 100644 --- a/orchestration/src/coins/monero.rs +++ b/orchestration/src/coins/monero.rs @@ -55,9 +55,12 @@ CMD ["/run.sh"] network.label(), ); - let run = - crate::os(os, if os == Os::Alpine { "RUN apk --no-cache add gcompat" } else { "" }, "monero") + - &run_monero; + let run = crate::os( + os, + &("RUN mkdir /volume && chown monero /volume\r\n".to_string() + + if os == Os::Alpine { "RUN apk --no-cache add gcompat" } else { "" }), + "monero", + ) + &run_monero; let res = setup + &run; let mut monero_path = orchestration_path.to_path_buf(); diff --git a/orchestration/src/main.rs b/orchestration/src/main.rs index 983ec6da6..1da537bb8 100644 --- a/orchestration/src/main.rs +++ b/orchestration/src/main.rs @@ -88,11 +88,13 @@ COPY --from=mimalloc-alpine libmimalloc.so /usr/lib ENV LD_PRELOAD=libmimalloc.so RUN apk update && apk upgrade -{additional_root} -# Switch to a non-root user # System user (not a human), shell of nologin, no password assigned RUN adduser -S -s /sbin/nologin -D {user} + +{additional_root} + +# Switch to a non-root user USER {user} WORKDIR /home/{user} @@ -107,10 +109,12 @@ COPY --from=mimalloc-debian libmimalloc.so /usr/lib RUN echo "/usr/lib/libmimalloc.so" >> /etc/ld.so.preload RUN apt update && apt upgrade -y && apt autoremove -y && apt clean + +RUN useradd --system --create-home --shell /sbin/nologin {user} + {additional_root} # Switch to a non-root user -RUN useradd --system --create-home --shell /sbin/nologin {user} USER {user} WORKDIR /home/{user} @@ -327,16 +331,41 @@ fn start(network: Network, services: HashSet) { let docker_name = format!("serai-{}-{name}", network.label()); let docker_image = format!("{docker_name}-img"); - if !Command::new("docker").arg("inspect").arg(&docker_name).status().unwrap().success() { + if !Command::new("docker") + .arg("container") + .arg("inspect") + .arg(&docker_name) + .status() + .unwrap() + .success() + { // Create the docker container println!("Creating new container for {service}"); + let volume = format!("serai-{}-{name}-volume:/volume", network.label()); let mut command = Command::new("docker"); let command = command.arg("create").arg("--name").arg(&docker_name); let command = command.arg("--network").arg("serai"); let command = match name { - "bitcoin" => command.arg("-p").arg("8332:8332"), - "monero" => command.arg("-p").arg("18081:18081"), - "monero-wallet-rpc" => command.arg("-p").arg("18082:18082"), + "bitcoin" => { + let command = command.arg("--volume").arg(volume); + if network == Network::Dev { + command.arg("-p").arg("8332:8332") + } else { + command + } + } + "monero" => { + let command = command.arg("--volume").arg(volume); + if network == Network::Dev { + command.arg("-p").arg("18081:18081") + } else { + command + } + } + "monero-wallet-rpc" => { + assert_eq!(network, Network::Dev, "monero-wallet-rpc is only for dev"); + command.arg("-p").arg("18082:18082") + } _ => command, }; assert!( diff --git a/orchestration/testnet/coins/bitcoin/run.sh b/orchestration/testnet/coins/bitcoin/run.sh index d11ea08a8..dbec375ac 100755 --- a/orchestration/testnet/coins/bitcoin/run.sh +++ b/orchestration/testnet/coins/bitcoin/run.sh @@ -5,4 +5,5 @@ RPC_PASS="${RPC_PASS:=seraidex}" bitcoind -txindex -testnet -port=8333 \ -rpcuser=$RPC_USER -rpcpassword=$RPC_PASS \ - -rpcbind=0.0.0.0 -rpcallowip=0.0.0.0/0 -rpcport=8332 + -rpcbind=0.0.0.0 -rpcallowip=0.0.0.0/0 -rpcport=8332 \ + --datadir=/volume diff --git a/orchestration/testnet/coins/monero/run.sh b/orchestration/testnet/coins/monero/run.sh index a4ef851a5..baf287857 100755 --- a/orchestration/testnet/coins/monero/run.sh +++ b/orchestration/testnet/coins/monero/run.sh @@ -7,4 +7,5 @@ RPC_PASS="${RPC_PASS:=seraidex}" monerod --non-interactive --stagenet \ --no-zmq --rpc-bind-ip=0.0.0.0 --rpc-bind-port=18081 --confirm-external-bind \ --rpc-access-control-origins "*" --disable-rpc-ban \ - --rpc-login=$RPC_USER:$RPC_PASS + --rpc-login=$RPC_USER:$RPC_PASS \ + --data-dir=/volume From 0aa93e241be42e33b59fdc2a367d073a75d2f71e Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Thu, 8 Feb 2024 11:48:31 -0500 Subject: [PATCH 45/46] Use bitcoin's run.sh in GH CI --- .github/actions/bitcoin/action.yml | 9 +-------- orchestration/dev/coins/bitcoin/run.sh | 3 ++- 2 files changed, 3 insertions(+), 9 deletions(-) diff --git a/.github/actions/bitcoin/action.yml b/.github/actions/bitcoin/action.yml index e15cc26e9..903108680 100644 --- a/.github/actions/bitcoin/action.yml +++ b/.github/actions/bitcoin/action.yml @@ -37,11 +37,4 @@ runs: - name: Bitcoin Regtest Daemon shell: bash - run: | - RPC_USER=serai - RPC_PASS=seraidex - - bitcoind -txindex -regtest \ - -rpcuser=$RPC_USER -rpcpassword=$RPC_PASS \ - -rpcbind=127.0.0.1 -rpcbind=$(hostname) -rpcallowip=0.0.0.0/0 \ - -daemon + run: PATH=$PATH:/usr/bin ./orchestration/dev/coins/bitcoin/run.sh -daemon diff --git a/orchestration/dev/coins/bitcoin/run.sh b/orchestration/dev/coins/bitcoin/run.sh index a1d89b696..36ea9532a 100755 --- a/orchestration/dev/coins/bitcoin/run.sh +++ b/orchestration/dev/coins/bitcoin/run.sh @@ -6,4 +6,5 @@ RPC_PASS="${RPC_PASS:=seraidex}" bitcoind -txindex -regtest --port=8333 \ -rpcuser=$RPC_USER -rpcpassword=$RPC_PASS \ -rpcbind=0.0.0.0 -rpcallowip=0.0.0.0/0 -rpcport=8332 \ - --datadir=/volume + --datadir=/volume \ + $1 From 1636d1daa8b7ea0939fca2008dbbb5526ba7a42e Mon Sep 17 00:00:00 2001 From: Luke Parker Date: Thu, 8 Feb 2024 11:55:40 -0500 Subject: [PATCH 46/46] Only use the volume for testnet (not dev) --- orchestration/dev/coins/bitcoin/run.sh | 1 - orchestration/dev/coins/monero/run.sh | 1 - orchestration/src/main.rs | 6 ++---- 3 files changed, 2 insertions(+), 6 deletions(-) diff --git a/orchestration/dev/coins/bitcoin/run.sh b/orchestration/dev/coins/bitcoin/run.sh index 36ea9532a..da7c95a8b 100755 --- a/orchestration/dev/coins/bitcoin/run.sh +++ b/orchestration/dev/coins/bitcoin/run.sh @@ -6,5 +6,4 @@ RPC_PASS="${RPC_PASS:=seraidex}" bitcoind -txindex -regtest --port=8333 \ -rpcuser=$RPC_USER -rpcpassword=$RPC_PASS \ -rpcbind=0.0.0.0 -rpcallowip=0.0.0.0/0 -rpcport=8332 \ - --datadir=/volume \ $1 diff --git a/orchestration/dev/coins/monero/run.sh b/orchestration/dev/coins/monero/run.sh index 212002da8..675d44382 100755 --- a/orchestration/dev/coins/monero/run.sh +++ b/orchestration/dev/coins/monero/run.sh @@ -8,5 +8,4 @@ monerod --non-interactive --regtest --offline --fixed-difficulty=1 \ --no-zmq --rpc-bind-ip=0.0.0.0 --rpc-bind-port=18081 --confirm-external-bind \ --rpc-access-control-origins "*" --disable-rpc-ban \ --rpc-login=$RPC_USER:$RPC_PASS \ - --data-dir=/volume \ $1 diff --git a/orchestration/src/main.rs b/orchestration/src/main.rs index 1da537bb8..60e4ee740 100644 --- a/orchestration/src/main.rs +++ b/orchestration/src/main.rs @@ -347,19 +347,17 @@ fn start(network: Network, services: HashSet) { let command = command.arg("--network").arg("serai"); let command = match name { "bitcoin" => { - let command = command.arg("--volume").arg(volume); if network == Network::Dev { command.arg("-p").arg("8332:8332") } else { - command + command.arg("--volume").arg(volume) } } "monero" => { - let command = command.arg("--volume").arg(volume); if network == Network::Dev { command.arg("-p").arg("18081:18081") } else { - command + command.arg("--volume").arg(volume) } } "monero-wallet-rpc" => {