Skip to content

Commit

Permalink
Merge branch 'main' into chore/auto-snap-release
Browse files Browse the repository at this point in the history
  • Loading branch information
jcortejoso authored Oct 26, 2023
2 parents f370dc6 + 757b590 commit 758bb7a
Show file tree
Hide file tree
Showing 65 changed files with 4,732 additions and 4,777 deletions.
5 changes: 5 additions & 0 deletions .changeset/odd-foxes-boil.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
'@celo/odis-identifiers': major
---

Initial Release. Move functions Enum from @celo/base
5 changes: 5 additions & 0 deletions .changeset/tasty-gifts-itch.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
'@celo/odis-identifiers': minor
---

Add Github Prefix
44 changes: 44 additions & 0 deletions .github/workflows/odis-combiner-container.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
---
name: Build ODIS combiner image

on:
push:
paths:
- 'dockerfiles/phone-number-privacy/Dockerfile-combiner'
- 'packages/phone-number-privacy/combiner/**'
branches:
- main
pull_request:
paths:
- 'dockerfiles/phone-number-privacy/Dockerfile-combiner'
- 'packages/phone-number-privacy/combiner/**'
workflow_dispatch:

jobs:
odis-combiner-build-dev:
uses: celo-org/reusable-workflows/.github/workflows/[email protected]
name: Build us-west1-docker.pkg.dev/devopsre/dev-images/odis-combiner
if: |
github.ref != 'refs/heads/main'
with:
workload-id-provider: projects/1094498259535/locations/global/workloadIdentityPools/gh-social-connect/providers/github-by-repos
service-account: '[email protected]'
artifact-registry: us-west1-docker.pkg.dev/devopsre/dev-images/odis-combiner
tag: ${{ github.sha }}
context: .
file: dockerfiles/phone-number-privacy/Dockerfile-combiner
trivy: true

odis-combiner-build:
uses: celo-org/reusable-workflows/.github/workflows/[email protected]
name: Build us-west1-docker.pkg.dev/devopsre/social-connect/odis-combiner
if: |
github.ref == 'refs/heads/main'
with:
workload-id-provider: projects/1094498259535/locations/global/workloadIdentityPools/gh-social-connect-main/providers/github-by-repos
service-account: '[email protected]'
artifact-registry: us-west1-docker.pkg.dev/devopsre/social-connect/odis-combiner
tag: ${{ github.sha }}
context: .
file: dockerfiles/phone-number-privacy/Dockerfile-combiner
trivy: true
4 changes: 4 additions & 0 deletions .github/workflows/social-connect.yml
Original file line number Diff line number Diff line change
Expand Up @@ -188,12 +188,16 @@ jobs:
uses: ./.github/actions/sync-workspace
with:
package-json-checksum: ${{ needs.install-dependencies.outputs.package-json-checksum }}
- name: Run Odis Identifier Tests
run: |
yarn --cwd=packages/odis-identifiers test
- name: Run Encrypted Backup tests
run: |
yarn --cwd=packages/sdk/encrypted-backup test
- name: Run Identity Tests
run: |
yarn --cwd=packages/sdk/identity test
- name: Upload Jest Test Results
uses: actions/upload-artifact@v3
with:
Expand Down
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -107,3 +107,4 @@ scripts/failedSDKs.json

packages/protocol/types/typechain-mento/*.d.ts
tmp
packages/odis-identifiers/lib
42 changes: 42 additions & 0 deletions dockerfiles/phone-number-privacy/Dockerfile-combiner
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
##### Gathering dependencies
FROM scratch AS packages

# Copy phone-number-privacy package and its dependency closure.
# Assemble all dependencies into the packages folder so the second stage can select whether to
# include all packages, or just the phone-number-privacy packages.
WORKDIR /celo-phone-number-privacy/
COPY packages/phone-number-privacy/combiner packages/phone-number-privacy/combiner
COPY packages/phone-number-privacy/common packages/phone-number-privacy/common
COPY packages/sdk/encrypted-backup packages/sdk/encrypted-backup
COPY packages/sdk/identity packages/sdk/identity

##### Main stage
FROM node:18
LABEL org.opencontainers.image.authors="[email protected]"

WORKDIR /celo-phone-number-privacy/

# Copy monorepo settings
COPY lerna.json package.json yarn.lock ./

# Makes build fail if it doesn't copy git, will be removed after build
COPY .git .git

# Setting ONLY_PUBLISHED_DEPENDENCIES to true or any non-empty string results in only the
# phone-number-privacy package being copied into the image, and therefore it will only build using
# published dependencies. Setting ONLY_PUBLISHED_DEPENDENCIES to "" will copy in all dependecies.
ARG ONLY_PUBLISHED_DEPENDENCIES=""
ARG PACKAGE_SELECTOR=${ONLY_PUBLISHED_DEPENDENCIES:+phone-number-privacy/combiner}
COPY --from=packages celo-phone-number-privacy/packages/${PACKAGE_SELECTOR} packages/${PACKAGE_SELECTOR}

# Install dependencies and build.
RUN yarn install --network-timeout 100000 --frozen-lockfile && yarn cache clean
RUN yarn build

RUN rm -r .git

# Setup and run the combiner application.
ENV NODE_ENV production
WORKDIR /celo-phone-number-privacy/packages/phone-number-privacy/combiner
EXPOSE 8080
ENTRYPOINT ["yarn", "start:docker"]
68 changes: 68 additions & 0 deletions docs/kubernetes-deployment/combiner/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,68 @@
# Kubernetes Deployment

ODIS Combiner can be deployed in Kubernetes with a Helm chart.

## Helm chart

ODIS combiner Helm chart templates are available [here](https://github.com/celo-org/charts/tree/main/charts/odis-combiner). The chart is available through a public GCP Artifact Registry `oci://us-west1-docker.pkg.dev/devopsre/clabs-public-oci/odis-combiner`.

Hence the ODIS combiner can be deployed as follows in your Kubernetes cluster:

```bash
helm upgrade -install <RELEASE_NAME> oci://us-west1-docker.pkg.dev/devopsre/clabs-public-oci/odis-combiner -n <NAMESPACE> --create-namespace -f <VALUES_FILE_PATH> [--version <VERSION>]
```

Notice the following:

- `<RELEASE_NAME>`: Name of the Helm release.
- `<NAMESPACE>`: Kubernetes namespace to deploy the Helm chart.
- `<VALUES_FILE_PATH>`: Path to your `values.yaml` file that define the Helm deployment. You can use the examples under [./values] as a guide, but you will have to modify it according to your needs. You can find a table defining the values file [here](https://github.com/celo-org/charts/tree/main/charts/odis-combiner#values).
- `<VERSION>`: The version of the Helm chart. If omitted, it will use the latest version (available at the [chart's README](https://github.com/celo-org/charts/tree/main/charts/odis-combiner#odis-combiner) as a GitHub badge).

## cLabs Developers

For cLabs developers, this section contains links and information for useful deployments.

> :warning: You will need to be a cLabs employee with appropiate permissions to access these links.
ODIS combiner is deployed in the following clusters:

- Staging: cluster `integration-tests`, namespace `odis-combiner-staging` with this [`values-staging.yaml` file](./values/values-staging.yaml).
- URL: `https://odis-combiner-staging.integration-tests.celo-networks-dev.org`
- Alfajores: cluster `alfajores`, namespace `odis-combiner-alfajores` with this [`values-alfajores.yaml` file](./values/values-alfajores.yaml).
- URL: `https://odis-combiner-alfajores.alfajores.celo-testnet.org`
- Mainnet: cluster `mainnet`, namespace `odis-combiner-mainnet` with this [`values-mainnet.yaml` file](./values/values-mainnet.yaml).
- URL: `https://odis-combiner-mainnet.mainnet.celo-testnet.org`

### Modifying the deployment

There are 2 main ways to modify the ODIS combiner deployment in Kubernetes.

- Directly modify the deployment in GCP console.
- Use [Helm](https://helm.sh/).

#### Directly modify the deployment in GCP console

You can access the ODIS deployment following these links. There you can edit the deployment and modify any value as needed (image, Env. Vars., etc.).

- [Staging](https://console.cloud.google.com/kubernetes/deployment/us-west1-b/integration-tests/odis-combiner-staging/odis-combiner-staging/yaml/view?project=celo-testnet&supportedpurview=project)
- [Alfajores](https://console.cloud.google.com/kubernetes/deployment/us-west1-a/alfajores/odis-combiner-alfajores/odis-combiner-alfajores/yaml/view?project=celo-testnet-production&supportedpurview=project)
- [Mainnet](https://console.cloud.google.com/kubernetes/deployment/us-west1-a/mainnet/odis-combiner-mainnet/odis-combiner-mainnet/overview?project=celo-testnet-production&supportedpurview=project)

#### Use Helm

1. Ensure you are connected to the correct Kubernetes cluster (staging, alfajores or mainnet).
2. Get the currently deployed Helm chart values:

```bash
helm get values -n odis-combiner-<staging|alfajores|mainnet> odis-combiner-<staging|alfajores|mainnet> -o yaml > ./values/values-<staging|alfajores|mainnet>.yaml
```

3. Modify the values file accordingly
4. Deploy the new release:

```bash
helm upgrade -install odis-combiner-<staging|alfajores|mainnet> oci://us-west1-docker.pkg.dev/devopsre/clabs-public-oci/odis-combiner -n odis-combiner-<staging|alfajores|mainnet> -f ./values/values-<staging|alfajores|mainnet>.yaml --create-namespace --version <VERSION>
```

5. Ensure there are no sensitive values in the `./values/values-<staging|alfajores|mainnet>.yaml` file and commit it to this repo.
92 changes: 92 additions & 0 deletions docs/kubernetes-deployment/combiner/values/values-alfajores.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,92 @@
nameOverride: ""
fullnameOverride: ""
replicaCount: 1
image:
repository: us-west1-docker.pkg.dev/devopsre/dev-images/odis-combiner
pullPolicy: Always
tag: "85baf6c3854aff588d88332addd709d544ebd6c4"
imagePullSecrets: []
serviceAccount:
create: true
annotations: {}
name: ""
env:
tracing:
enabled: true
endpoint: "https://grafana-agent.odis-alfajores-signer-3.celo-networks-dev.org/api/traces"
serviceName: "odis-combiner-alfajores-k8s"
log:
format: stackdriver
level: trace
blockchain:
blockchainProvider: "https://alfajores-forno.celo-testnet.org"
blockchainApiKeyExistingSecret: "odis-combiner-forno-key"
domain:
domainEnabled: true
domainFullNodeDelayMs: "100"
domainFullNodeRetryCount: "5"
domainFullNodeTimeoutMs: "1000"
domainKeysCurrentVersion: "1"
domainKeysVersions: '[{"keyVersion":1,"threshold":2,"polynomial":"0200000000000000f99af1c8fbcb0a15945ff0f23f0e93b86c101f48250c911b4ab4b15004723f93eea98c8ffd4e166535757b46c0522a0167a40224c88ba43c13685bf2f159e63394416cb41432b320e69e3e0810aa8fa1e1b0c7dcc948fc5742f2b8d752b65081f10d83821b4e2cf90b56cc4fc8c98dc00e5f24f2c5b53fa8ad7c2ebd3963c9223cf95209692d267a4f8084edfc0b5f01f7a31d82bf5421c544b6258749c691b79e6f36d9ba963ead6f25b9986b6bcb7d45b5edb33a616af630b4ce17bf552c81","pubKey":"+ZrxyPvLChWUX/DyPw6TuGwQH0glDJEbSrSxUARyP5PuqYyP/U4WZTV1e0bAUioBZ6QCJMiLpDwTaFvy8VnmM5RBbLQUMrMg5p4+CBCqj6HhsMfcyUj8V0LyuNdStlCB"},{"keyVersion":2,"threshold":2,"polynomial":"0200000000000000f99af1c8fbcb0a15945ff0f23f0e93b86c101f48250c911b4ab4b15004723f93eea98c8ffd4e166535757b46c0522a0167a40224c88ba43c13685bf2f159e63394416cb41432b320e69e3e0810aa8fa1e1b0c7dcc948fc5742f2b8d752b65081f10d83821b4e2cf90b56cc4fc8c98dc00e5f24f2c5b53fa8ad7c2ebd3963c9223cf95209692d267a4f8084edfc0b5f01f7a31d82bf5421c544b6258749c691b79e6f36d9ba963ead6f25b9986b6bcb7d45b5edb33a616af630b4ce17bf552c81","pubKey":"+ZrxyPvLChWUX/DyPw6TuGwQH0glDJEbSrSxUARyP5PuqYyP/U4WZTV1e0bAUioBZ6QCJMiLpDwTaFvy8VnmM5RBbLQUMrMg5p4+CBCqj6HhsMfcyUj8V0LyuNdStlCB"}]'
domainOdisServicesSigners: '[{"url": "https://odis-alfajores-signer2.azurefd.net"},{"url": "https://odis-alfajores-signer3.azurefd.net"},{"url": "https://odis-alfajores-signer-1-b.azurefd.net"}]'
domainOdisServicesTimeoutMillisecond: "5000"
domainServiceName: "odis_combiner"
domainShouldAuthenticate: true
domainShouldCheckQuota: false
pnp:
pnpEnabled: true
pnpFullNodeDelayMs: "100"
pnpFullNodeRetryCount: "5"
pnpFullNodeTimeoutMs: "1000"
pnpKeysCurrentVersion: "1"
pnpKeysVersions: '[{"keyVersion":1,"threshold":2,"polynomial":"0200000000000000ec5b161ac167995bd17cc0e9cf3f79369efac1fff5b0f68ad0e83dca207e3fc41b8e20bc155ebb3416a7b3d87364490169032189aa7380c47a0a464864fbe0c106e803197ae4959165e7067b95775cee2c74a78d7a67406764f342e5a4b99a003a510287524c9437b12ebb0bfdc7ea46078b807d1b665966961784bd71c4227c272b01c0fcd19c5b92226c1aac324b010abef36192e8ff3abb25686b3e6707bc747b129c32e572b5850db8446bd8f0af9a3fbf6b579793002b1b68528ca4ac00","pubKey":"kPoRxWdEdZ/Nd3uQnp3FJFs54zuiS+ksqvOm9x8vY6KHPG8jrfqysvIRU0wtqYsBKA7SoAsICMBv8C/Fb2ZpDOqhSqvr/sZbZoHmQfvbqrzbtDIPvUIrHgRS0ydJCMsA"},{"keyVersion":2,"threshold":2,"polynomial":"0200000000000000ec5b161ac167995bd17cc0e9cf3f79369efac1fff5b0f68ad0e83dca207e3fc41b8e20bc155ebb3416a7b3d87364490169032189aa7380c47a0a464864fbe0c106e803197ae4959165e7067b95775cee2c74a78d7a67406764f342e5a4b99a003a510287524c9437b12ebb0bfdc7ea46078b807d1b665966961784bd71c4227c272b01c0fcd19c5b92226c1aac324b010abef36192e8ff3abb25686b3e6707bc747b129c32e572b5850db8446bd8f0af9a3fbf6b579793002b1b68528ca4ac00","pubKey":"kPoRxWdEdZ/Nd3uQnp3FJFs54zuiS+ksqvOm9x8vY6KHPG8jrfqysvIRU0wtqYsBKA7SoAsICMBv8C/Fb2ZpDOqhSqvr/sZbZoHmQfvbqrzbtDIPvUIrHgRS0ydJCMsA"}]'
pnpMockDeck: "0xbf8a2b73baf8402f8fe906ad3f42b560bf14b39f7df7797ece9e293d6f162188"
pnpOdisServicesSigners: '[{"url": "https://odis-alfajores-signer2.azurefd.net"},{"url": "https://odis-alfajores-signer3.azurefd.net"},{"url": "https://odis-alfajores-signer-1-b.azurefd.net"}]'
pnpOdisServicesTimeoutMilliseconds: "5000"
pnpServiceName: "odis_combiner"
pnpShouldAuthenticate: true
pnpShouldCheckQuota: false
pnpShouldMockAccountService: false
service:
serviceName: "odis-combiner-k8s"
podAnnotations:
prometheus.io/path: /metrics
prometheus.io/port: "8080"
prometheus.io/scrape: "true"
podSecurityContext: {}
securityContext: {}
ingress:
enabled: true
className: "nginx"
annotations:
kubernetes.io/tls-acme: "true"
hosts:
- host: odis-combiner-alfajores.alfajores.celo-testnet.org
paths:
- path: /
pathType: ImplementationSpecific
tls:
- secretName: odis-combiner-alfajores.alfajores.celo-testnet.org-tls
hosts:
- odis-combiner-alfajores.alfajores.celo-testnet.org
livenessProbe:
timeoutSeconds: 30
initialDelaySeconds: 60
httpGet:
path: /status
port: http
readinessProbe:
timeoutSeconds: 30
initialDelaySeconds: 60
httpGet:
path: /status
port: http
resources: {}
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 3
targetCPUUtilizationPercentage: 80
nodeSelector: {}
tolerations: []
affinity: {}
Loading

0 comments on commit 758bb7a

Please sign in to comment.