From d220b8088add0958186bb735753588e371d1ddf1 Mon Sep 17 00:00:00 2001 From: Mitch Gildenberg Date: Mon, 4 Mar 2024 09:09:37 -0500 Subject: [PATCH 01/18] fixups --- chains/solana/devnet-pull.yaml | 2 ++ charts/pull-service/templates/oracle-deployment.yaml | 5 +---- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/chains/solana/devnet-pull.yaml b/chains/solana/devnet-pull.yaml index a7e0021..b249364 100644 --- a/chains/solana/devnet-pull.yaml +++ b/chains/solana/devnet-pull.yaml @@ -1,3 +1,5 @@ +attestationProgramId: "FnaRmqv87EE7M7DJNpaWRHC9rPA2WrDJpnvvbGp4irPA" +attestationQueue: "9qcc43cB7G2Fr11mJscJbystDmdFnWpcg3PKyjuadUK6" chain: "solana" cluster: "devnet" heartbeatInterval: "30" diff --git a/charts/pull-service/templates/oracle-deployment.yaml b/charts/pull-service/templates/oracle-deployment.yaml index 7f2387f..9152ab2 100644 --- a/charts/pull-service/templates/oracle-deployment.yaml +++ b/charts/pull-service/templates/oracle-deployment.yaml @@ -62,10 +62,7 @@ spec: name: ENABLE_GATEWAY value: "0" - - name: ENABLE_PUSH_ORACLE - value: {{ if eq $component "push" }}"1"{{ else }}"0"{{ end }} - - - name: ENABLE_PULL_ORACLE + name: ENABLE_ORACLE value: {{ if eq $component "pull" }}"1"{{ else }}"0"{{ end }} - name: ENABLE_GUARDIAN From fd7c4f2e7b93aec59c13c6761559fbd09d7bcd33 Mon Sep 17 00:00:00 2001 From: Mitch Gildenberg Date: Mon, 4 Mar 2024 09:30:49 -0500 Subject: [PATCH 02/18] fixups --- chains/solana/devnet-pull.yaml | 1 - charts/pull-service/templates/oracle-deployment.yaml | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/chains/solana/devnet-pull.yaml b/chains/solana/devnet-pull.yaml index b249364..d98e17e 100644 --- a/chains/solana/devnet-pull.yaml +++ b/chains/solana/devnet-pull.yaml @@ -1,5 +1,4 @@ attestationProgramId: "FnaRmqv87EE7M7DJNpaWRHC9rPA2WrDJpnvvbGp4irPA" -attestationQueue: "9qcc43cB7G2Fr11mJscJbystDmdFnWpcg3PKyjuadUK6" chain: "solana" cluster: "devnet" heartbeatInterval: "30" diff --git a/charts/pull-service/templates/oracle-deployment.yaml b/charts/pull-service/templates/oracle-deployment.yaml index 9152ab2..7a755a5 100644 --- a/charts/pull-service/templates/oracle-deployment.yaml +++ b/charts/pull-service/templates/oracle-deployment.yaml @@ -63,7 +63,7 @@ spec: value: "0" - name: ENABLE_ORACLE - value: {{ if eq $component "pull" }}"1"{{ else }}"0"{{ end }} + value: {{ if or (eq $component "pull") (eq $component "push") }}"1"{{ else }}"0"{{ end }} - name: ENABLE_GUARDIAN value: {{ if eq $component "guardian" }}"1"{{ else }}"0"{{ end }} From 0d8dbb850efa3d1a4a563762ec0dde8a63db6a51 Mon Sep 17 00:00:00 2001 From: Mitch Gildenberg Date: Mon, 4 Mar 2024 10:10:02 -0500 Subject: [PATCH 03/18] fixups --- charts/pull-service/templates/oracle-deployment.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/charts/pull-service/templates/oracle-deployment.yaml b/charts/pull-service/templates/oracle-deployment.yaml index 7a755a5..7f2387f 100644 --- a/charts/pull-service/templates/oracle-deployment.yaml +++ b/charts/pull-service/templates/oracle-deployment.yaml @@ -62,8 +62,11 @@ spec: name: ENABLE_GATEWAY value: "0" - - name: ENABLE_ORACLE - value: {{ if or (eq $component "pull") (eq $component "push") }}"1"{{ else }}"0"{{ end }} + name: ENABLE_PUSH_ORACLE + value: {{ if eq $component "push" }}"1"{{ else }}"0"{{ end }} + - + name: ENABLE_PULL_ORACLE + value: {{ if eq $component "pull" }}"1"{{ else }}"0"{{ end }} - name: ENABLE_GUARDIAN value: {{ if eq $component "guardian" }}"1"{{ else }}"0"{{ end }} From 02ed0a31181f014d75b196318bc131e5d51a480c Mon Sep 17 00:00:00 2001 From: PringBlocks Date: Tue, 5 Mar 2024 01:18:52 +0700 Subject: [PATCH 04/18] add config for equinix cluster --- chains/solana/devnet-pull-equinix.yaml | 41 ++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 chains/solana/devnet-pull-equinix.yaml diff --git a/chains/solana/devnet-pull-equinix.yaml b/chains/solana/devnet-pull-equinix.yaml new file mode 100644 index 0000000..b1e608c --- /dev/null +++ b/chains/solana/devnet-pull-equinix.yaml @@ -0,0 +1,41 @@ +attestationProgramId: "FnaRmqv87EE7M7DJNpaWRHC9rPA2WrDJpnvvbGp4irPA" +chain: "solana" +cluster: "devnet" +heartbeatInterval: "30" +infisicalSecretKey: "SOLANA_KEY" +infisicalSecretSlug: "dev" +ipfsApiUrl: https://ipfs.infura.io:5001 +ipfsKey: "2OuGHppwQzKcS9HErVCZ12ngIIr" +ipfsSecret: "cbfd29f500aee37e0b4139dabdbe396a" +jupiterSwapApiKey: "3a3b41bc06d49f9c89a8550ff84072be" +namespace: "devnet-pull" +networkId: "devnet" +pagerdutyEventKey: "redacted" +rpcUrl: "https://switchbo-switchbo-6225.devnet.rpcpool.com/f6fb9f02-0777-498b-b8f5-67cbb1fc0d14" +solanaMainnetRpc: "https://switchbo-switchbo-6225.devnet.rpcpool.com/f6fb9f02-0777-498b-b8f5-67cbb1fc0d14" +wssUrl: "wss://switchbo-switchbo-6225.devnet.rpcpool.com/f6fb9f02-0777-498b-b8f5-67cbb1fc0d14" +gateway: + host: "pull-gateway.switchboard.xyz" + image: "docker.io/switchboardlabs/pull-oracle:v18" +oracle: + image: "docker.io/switchboardlabs/pull-oracle:v18" + authority: "2KgowxogBrGqRcgXQEmqFvC3PGtCu66qERNJevYW8Ajh" + guardian: + queue: "RH4MXRCHriboKoPynKsGacC61D9QHa1hVXLFXMX9QNc" + key: "8ktDbWs5dBipxmnZsHKhmSN5sqswunUNKzeR8KZ3XgNy" + host: "guardian-oracle.switchboard.xyz" + push: + queue: "uPeRMdfPmrPqgRWSrjAnAkH78RqAhe5kXoW6vBYRqFX" + key: "8AGNUUHphu8YevPoTGTbcbsJLKBe2F6byukfoPUWSHWm" + host: "push-oracle.switchboard.xyz" + pull: + queue: "v1k9qvCuvYgDkAcTExnrkt2BPNENfVVpowp5d7PYKAa" + key: "CFf1HHQrJ1Eji4SScfxCLrao89Eg6FTrkyPBLBERLFjS" + host: "pull-oracle.switchboard.xyz" + +# command: shell +sgx: + type: "azure" + memoryMiB: 32Mi + cpu: 1500m + From 6bc0894f3f9a166b42ced7f32b43e8ea69754be4 Mon Sep 17 00:00:00 2001 From: Mitch Gildenberg Date: Mon, 4 Mar 2024 15:17:01 -0500 Subject: [PATCH 05/18] fixups --- .../templates/oracle-deployment.yaml | 466 ++++++++++++++++++ .../templates/qvn-deployment.yaml | 318 ++++++++++++ 2 files changed, 784 insertions(+) create mode 100644 charts/switchboard-oracle/templates/oracle-deployment.yaml create mode 100644 charts/switchboard-oracle/templates/qvn-deployment.yaml diff --git a/charts/switchboard-oracle/templates/oracle-deployment.yaml b/charts/switchboard-oracle/templates/oracle-deployment.yaml new file mode 100644 index 0000000..1ce991f --- /dev/null +++ b/charts/switchboard-oracle/templates/oracle-deployment.yaml @@ -0,0 +1,466 @@ +{{- $values := .Values -}} +{{- range $index, $key := .Values.oracleKeys }} +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + chain: {{ $.Values.chain }} + app: function-manager + should_scrape: scrape + queue: {{ $key.queue }} + oracleID: {{ $key.name }} + azure.workload.identity/use: "true" + name: {{ $.Values.chain }}-{{ $key.queue }}-{{ $.Values.appType}}-{{ $key.name }} + namespace: {{ $.Values.namespace }} +spec: + replicas: 1 + selector: + matchLabels: + app: oracle + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + template: + metadata: + labels: + chain: {{ $.Values.chain }} + app: oracle + queue: {{ $key.queue }} + should_scrape: scrape + spec: + serviceAccountName: {{ $.Values.serviceAccount }} + {{ if ne $.Values.appType "dind" }} + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - oracle + topologyKey: kubernetes.io/hostname + {{ end }} + dnsPolicy: ClusterFirst + containers: + # {{ if eq $.Values.appType "dind" }} +# + # - image: sking2600/azure-secret-inject + # name: secret-injector + # volumeMounts: + # - name: shared-data + # mountPath: /pod-data +# + # command: ["/bin/sh", "-c"] + # args: + # - node index.js {{ $values.azureVaultUrl }} {{ $values.azureSecretName }} > /pod-data/secret + # {{ end }} + - image: {{ if $key.image }}{{ $key.image }}{{ else }}{{ $values.image }}{{ end }} + env: + - + name: CHAIN + value: {{ $values.chain | quote }} + - + name: CLUSTER + value: {{ $values.cluster }} + - + name: NETWORK_ID + value: {{ $values.networkId }} + - + name: PROGRAM_ID + value: {{ $values.pid }} + - + name: CONTAINER_TIMEOUT + value: {{ $values.containerTimeout | default "15" | quote }} + - + name: NUM_WORKERS + value: {{ $values.numWorkers | default "10" | quote }} + - + name: HEARTBEAT_INTERVAL + value: {{ if $key.heartbeatInterval }}{{ $key.heartbeatInterval | quote }}{{ else }}{{ $values.heartbeatInterval | default "30" | quote }}{{ end }} + - + name: ORACLE_KEY + value: {{ $key.data | quote}} + - + name: EVM_ORACLE_KEY + value: {{ $key.data | quote}} + - + name: PAYER_SECRET + {{ if $values.infisicalSecretKey }} + valueFrom: + secretKeyRef: + name: infisical-secret + key: {{ $values.infisicalSecretKey | quote }} + {{ else }} + value: {{ $key.payerSecret }} + {{ end }} + - name: RUST_LOG + value: "info" + - + name: RPC_URL + value: {{ if $key.rpcUrl }}{{ $key.rpcUrl }}{{ else }}{{ $values.rpcUrl }}{{ end }} + - + name: QVN_URL + value: {{ if $key.qvnUrl }}{{ $key.qvnUrl }}{{ else }}{{ $values.qvnUrl }}{{ end }} + - + name: WSS_URL + value: {{ if $key.wssUrl }}{{ $key.wssUrl }}{{ else }}{{ $values.wssUrl }}{{ end }} + - + name: WSS_RPC_URL + value: {{ if $key.wssUrl }}{{ $key.wssUrl }}{{ else }}{{ $values.wssUrl }}{{ end }} + - + name: BACKUP_RPC_URL_1 + value: {{ if $key.backupRpc1 }}{{ $key.backupRpc1 }}{{ else }}{{ $values.backupRpc1 }}{{ end }} + - + name: BACKUP_RPC_URL_2 + value: {{ if $key.backupRpc2 }}{{ $key.backupRpc2 }}{{ else }}{{ $values.backupRpc2 }}{{ end }} + - + name: TELEMETRY_FEED_RESULT_PUSH_INTERVAL_MS + value: {{ if $key.telemetryFeedResultPushIntervalMs }}{{ $key.telemetryFeedResultPushIntervalMs | quote }}{{ else }}{{ $values.telemetryFeedResultPushIntervalMs | default "5000" | quote }}{{ end }} + - + name: TELEMETRY_FEED_RESULT_PUSH_URL + value: {{ if $key.telemetryFeedResultPushUrl }}{{ $key.telemetryFeedResultPushUrl }}{{ else }}{{ $values.telemetryFeedResultPushUrl }}{{ end }} + # TASK RUNNER CONFIG + - + name: TASK_RUNNER_SOLANA_RPC + value: {{ $values.solanaMainnetRpc | default "https://switchboard.rpcpool.com/ec20ad2831092cfcef66d677539a" }} + - + name: GCP_CONFIG_BUCKET + value: {{ $values.gcpConfigBucket }} + - + name: JUPITER_SWAP_API_KEY + value: {{ $values.jupiterSwapApiKey | default "3a3b41bc06d49f9c89a8550ff84072be" }} + # APTOS / EVM / SUI + - + name: BATCH_SAVE_RESULT_INTERVAL + value: {{ if $key.batchSaveResultInterval }}{{ $key.batchSaveResultInterval | quote }}{{ else }}{{ $values.batchSaveResultInterval | quote }}{{ end }} + # EVM + - + name: UPDATE_SEARCH_REFRESH_INTERVAL + value: {{ if $key.updateSearchRefreshInterval }}{{ $key.updateSearchRefreshInterval | quote }}{{ else }}{{ $values.updateSearchRefreshInterval | quote }}{{ end }} + - + name: IPFS_API_URL + value: {{ if $key.ipfsApiUrl }}{{ $key.ipfsApiUrl | quote }}{{ else }}{{ $values.ipfsApiUrl | quote }}{{ end }} + - + name: INFURA_IPFS_CREDENTIALS + value: {{ if $key.infuraIpfsCredentials }}{{ $key.infuraIpfsCredentials | quote }}{{ else }}{{ $values.infuraIpfsCredentials | quote }}{{ end }} + - + name: CONTRACT_ADDRESS + value: {{ if $key.contractAddress }}{{ $key.contractAddress | quote }}{{ else }}{{ $values.contractAddress | quote }}{{ end }} + - + name: CHAIN_ID + value: {{ if $key.evmChainId }}{{ $key.evmChainId | quote }}{{ else }}{{ $values.evmChainId | quote }}{{ end }} + - + name: EVM_CHAIN_ID + value: {{ if $key.evmChainId }}{{ $key.evmChainId | quote }}{{ else }}{{ $values.evmChainId | quote }}{{ end }} + - + name: UPDATE_SEARCH_INTERVAL + value: {{ if $key.updateSearchInterval }}{{ $key.updateSearchInterval | quote }}{{ else }}{{ $values.updateSearchInterval | quote }}{{ end }} + # V3 + - + name: FUNDING_AMOUNT + value: {{ if $key.fundingAmount }}{{ $key.fundingAmount | quote }}{{ else }}{{ $values.fundingAmount | quote }}{{ end }} + - + name: FUNDING_THRESHOLD + value: {{ if $key.fundingThreshold }}{{ $key.fundingThreshold | quote }}{{ else }}{{ $values.fundingThreshold | quote }}{{ end }} + - + name: FUNDING_CHECK_INTERVAL + value: {{ if $key.fundingCheckInterval }}{{ $key.fundingCheckInterval | quote }}{{ else }}{{ $values.fundingCheckInterval | quote }}{{ end }} + # NEAR + - + name: NEAR_NAMED_ACCOUNT + value: {{ $values.namedAccount }} + - + name: NEAR_NO_LOGS + value: "1" + - # Disable using the built-in near event listener for mainnet and use AWS + name: NEAR_LAKE_LISTENER + value: {{ if $key.nearLakeListener }}{{ $key.nearLakeListener | quote }}{{ else }}{{ $values.nearLakeListener | default "0" | quote }}{{ end }} + # SOLANA + - + name: SOLANA_DISABLE_REST_CONNECTION + value: {{ if $key.disableRestConnection }}{{ $key.disableRestConnection | quote }}{{ else }}{{ $values.disableRestConnection | default "0" | quote }}{{ end }} + - + name: SOLANA_SAVE_RESULT_COMPUTE_UNITS + value: {{ if $key.saveResultComputeUnits }}{{ $key.saveResultComputeUnits | quote }}{{ else }}{{ $values.saveResultComputeUnits | quote }}{{ end }} + - + name: SOLANA_COMPUTE_UNIT_PRICE + value: {{ $values.computeUnitPrice | default "1" | quote }} + - + name: QUEUE + value: {{ $key.queueAddress | quote }} + - + name: QUOTE_KEY + value: {{ $key.quoteAddress | quote }} + - + name: SAS_QUEUE + value: {{ $key.sasQueue | quote }} + - + name: DISABLE_NONCE_QUEUE + value: {{ if $key.disableNonceQueue }}{{ $key.disableNonceQueue | quote }}{{ else }}{{ $values.disableNonceQueue | default "0" | quote }}{{ end }} + - + name: NONCE_QUEUE_SIZE + value: {{ if $key.nonceQueueSize }}{{ $key.nonceQueueSize | quote }}{{ else }}{{ $values.nonceQueueSize | default "1000" | quote }}{{ end }} + - # Auto reconnect event watcher after 1hr + name: SOLANA_EVENT_WATCHER_AUTORECONNECT + value: {{ if $key.autoreconnectEvents }}{{ $key.autoreconnectEvents | quote }}{{ else }}{{ $values.autoreconnectEvents | default "0" | quote }}{{ end }} + - + name: SOLANA_BLOCKHASH_REFRESH_RATE + value: {{ if $key.blockhashRefreshRate }}{{ $key.blockhashRefreshRate | quote }}{{ else }}{{ $values.blockhashRefreshRate | quote }}{{ end }} + - + name: ORACLE_QUEUE_KEY + value: {{ $key.oracleQueueKey | quote }} + - + name: SOLANA_ORACLE_QUEUE_KEY + value: {{ $key.oracleQueueKey | quote }} + + # STARKNET + - + name: STARKNET_PAYER_ADDRESS + value: {{ if $key.starknetPayerAddress }}{{ $key.starknetPayerAddress }}{{ else }}{{ $values.starknetPayerAddress }}{{ end }} + # PERFORMANCE + - + name: EVENT_LOOP_STALL_INTERVAL_ERROR + value: {{ if $key.eventLoopStallThreshold }}{{ $key.eventLoopStallThreshold | quote }}{{ else }}{{ $values.eventLoopStallThreshold | quote }}{{ end }} + - + name: LAST_EVENT_STALENESS_THRESHOLD + value: {{ if $key.lastEventStalenessThreshold }}{{ $key.lastEventStalenessThreshold | quote }}{{ else }}{{ $values.lastEventStalenessThreshold | quote }}{{ end }} + - + name: LAST_RESPONSE_STALENESS_THRESHOLD + value: {{ if $key.lastResponseStalenessThreshold }}{{ $key.lastResponseStalenessThreshold | quote }}{{ else }}{{ $values.lastResponseStalenessThreshold | quote }}{{ end }} + # METRICS + - + name: METRICS_EXPORTER + value: {{ $values.metricsExporter }} + # ALERTING + - + name: VERBOSE + value: {{ if $key.verbose }}{{ $key.verbose | quote }}{{ else }}{{ $values.verbose | default "0" | quote }}{{ end }} + - + name: DEBUG + value: {{ if $key.debug }}{{ $key.debug | quote }}{{ else }} {{ $values.debug | default "0" | quote }}{{ end }} + - + name: PAGERDUTY_EVENT_KEY + value: {{ if $key.pagerdutyEventKey }}{{ $key.pagerdutyEventKey }}{{ else }}{{ $values.pagerdutyEventKey }}{{ end }} + # SECRETS + - + name: GOOGLE_PAYER_SECRET_PATH + value: {{ if $key.googlePayerSecretPath }}{{ $key.googlePayerSecretPath }}{{ else }}{{ $values.googlePayerSecretPath }}{{ end }} + - + name: GOOGLE_APPLICATION_CREDENTIALS + value: {{ $values.googleApplicationCredentials }} + + - + name: AWS_ACCESS_KEY_ID + value: {{ $values.awsAccessKeyId }} + - + name: AWS_SECRET_ACCESS_KEY + value: {{ $values.awsSecretAccessKey }} + - + name: AZURE_PAYER_SECRET_PATH + value: {{ if $key.azureSecretPath }}{{ $key.azureSecretPath }}{{ else }}{{ $values.azureSecretPath }}{{ end }} + + # Node JS Oracle Workerpool Config + - + name: TASK_RUNNER_WORKER_DISABLED + value: {{ if $key.workerpoolDisabled }}{{ $key.workerpoolDisabled | quote }}{{ else }}{{ $values.workerpoolDisabled | default "0" | quote }}{{ end }} + - + name: TASK_RUNNER_WORKER_JSON_PATH_DISABLED + value: {{ if $key.workerpoolJsonPathDisabled }}{{ $key.workerpoolJsonPathDisabled | quote }}{{ else }}{{ $values.workerpoolJsonPathDisabled | default "0" | quote }}{{ end }} + - + name: TASK_RUNNER_WORKER_TWAP_DISABLED + value: {{ if $key.workerpoolTwapDisabled }}{{ $key.workerpoolTwapDisabled | quote }}{{ else }}{{ $values.workerpoolTwapDisabled | default "0" | quote }}{{ end }} + + {{ if eq $.Values.appType "dind" }} + - + name: DOCKER_USER + value: {{ $values.dockerUser }} + - + name: DOCKER_KEY + value: {{ $values.dockerKey }} + - + name: IPFS_URL + value: {{ $values.ipfsUrl }} + - + name: IPFS_KEY + value: {{ $values.ipfsKey }} + - + name: IPFS_SECRET + value: {{ $values.ipfsSecret }} + {{ end }} + + # IMAGE / RESOURCES + imagePullPolicy: IfNotPresent #Always + name: {{ $values.chain }}-oracle + {{ if eq $.Values.appType "dind" }} + command: ["/bin/sh"] + args: ["-c", "while true; do bash /boot.sh; done"] + {{ end }} + {{ if eq $values.command "shell" }} + command: ["/bin/sh"] + args: ["-c", "while true; do echo hello; sleep 10;done"] + {{ end }} + {{ if eq $key.command "enableSourceMaps" }} + command: ["/bin/bash"] + args: ["-c", "while true ; do node --unhandled-rejections=warn --enable-source-maps ./dist/index.js; echo restarting in 10 seconds; sleep 10; done",] + {{ end }} + {{ if eq $.Values.appType "dind" }} + # command: ["/bin/sh"] + # args: ["-c", "dockerd"] + securityContext: + privileged: true + {{ end }} + + ports: + - name: web + containerPort: 9090 + protocol: TCP + - name: liveness-port + containerPort: 8080 + protocol: TCP + + # {{ if ne $values.command "shell" }} + # # https://github.com/kubernetes/kubernetes/issues/89898#issuecomment-876539217 + # # Wait for the container to startup and signal they are ready to receive traffic from k8s + # startupProbe: + # httpGet: + # path: /healthz + # port: liveness-port + # initialDelaySeconds: 5 + # failureThreshold: 30 + # periodSeconds: 5 + # timeoutSeconds: 10 + # # Check whether the pod is ready to receive traffic. If this fails it will create a new pod + # livenessProbe: + # exec: + # command: + # - sh + # - -c + # - "curl --fail http://localhost:8080/healthz || exit 1 " + # initialDelaySeconds: 10 + # periodSeconds: 30 + # failureThreshold: 3 + # timeoutSeconds: 5 + # {{ end }} + + {{ if $values.sgx.type }} + # SGX ORACLE + resources: + limits: + cpu: 2500m + memory: 4000Mi + {{ if eq $values.sgx.type "azure" }} + sgx.intel.com/epc: 25Mi + sgx.intel.com/enclave: 1 + sgx.intel.com/provision: 1 + {{ end }} + requests: + cpu: 2500m + memory: 3900Mi + {{ if eq $values.sgx.type "azure" }} + sgx.intel.com/epc: 25Mi + sgx.intel.com/enclave: 1 + sgx.intel.com/provision: 1 + {{ end }} + {{ if not $values.command }} + livenessProbe: + httpGet: + path: /metrics + port: 9090 + initialDelaySeconds: 60 + failureThreshold: 10 + periodSeconds: 10 + timeoutSeconds: 10 + {{ end }} + + {{ else }} + # LEGACY ORACLE + # startupProbe: + # httpGet: + # path: /healthz + # port: liveness-port + # initialDelaySeconds: 5 + # failureThreshold: 30 + # periodSeconds: 5 + # timeoutSeconds: 10 + # Check whether the pod is ready to receive traffic. If this fails it will create a new pod + # livenessProbe: + # exec: + # command: + # - sh + # - -c + # - "curl --fail http://localhost:8080/healthz || exit 1" + # initialDelaySeconds: 10 + # periodSeconds: 30 + # failureThreshold: 3 + # timeoutSeconds: 5 + resources: + limits: + cpu: 4000m + memory: 3Gi + requests: + cpu: 3500m + memory: 3Gi + {{ end }} + + {{ if $values.sgx.type }} + volumeMounts: + # - name: docker-graph-storage + # mountPath: /var/lib/docker + - mountPath: /home/credentials/ + name: google-cloud-key + - mountPath: /dev/sgx/enclave + name: dev-sgx-enclave + - mountPath: /dev/sgx/provision + name: dev-sgx-provision + # - mountPath: /var/run/docker.sock + # name: docker-socket + {{ if eq $.Values.appType "dind" }} + - mountPath: /home/dotenv + name: dind-dotenv + - mountPath: /var/lib/docker + name: docker-layers + {{ end }} + # {{ if eq $.Values.registryMirror true }} + # - name: docker-config + # mountPath: /etc/docker/daemon.json + # subPath: daemon.json + + # {{ end }} + # - mountPath: /dev/isgx + # name: dev-isgx + + volumes: + - name: google-cloud-key + secret: + secretName: {{ $.Values.appType}}-service-account + {{ if eq $.Values.appType "dind" }} + - name: dind-dotenv + secret: + secretName: dind-dotenv + - name: docker-layers + persistentVolumeClaim: + claimName: {{ $.Values.pvcName}} + # - name: docker-socket + # hostPath: + # path: /var/run/docker.sock + # type: Socket + {{- end }} + - name: shared-data + emptyDir: {} + - name: dev-sgx-enclave + hostPath: + path: /dev/sgx/enclave + - name: dev-sgx-provision + hostPath: + path: /dev/sgx/provision + {{ end }} + # - name: dev-isgx + # hostPath: + # path: /dev/isgx + + + +--- +{{ end }} diff --git a/charts/switchboard-oracle/templates/qvn-deployment.yaml b/charts/switchboard-oracle/templates/qvn-deployment.yaml new file mode 100644 index 0000000..9dcd224 --- /dev/null +++ b/charts/switchboard-oracle/templates/qvn-deployment.yaml @@ -0,0 +1,318 @@ +{{ if eq $.Values.appType "dind" }} +{{- $values := .Values -}} +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + chain: {{ $.Values.chain }} + app: qvn + should_scrape: scrape + azure.workload.identity/use: "true" + name: qvn + namespace: {{ $.Values.namespace }} +spec: + replicas: 1 + selector: + matchLabels: + app: qvn + strategy: + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + template: + metadata: + labels: + chain: {{ $.Values.chain }} + app: qvn + should_scrape: scrape + spec: + serviceAccountName: {{ $.Values.serviceAccount }} + affinity: + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - qvn + topologyKey: kubernetes.io/hostname + hostNetwork: false + + containers: + # - image: "docker.io/switchboardlabs/qvn:latest" + - image: {{ if $values.qvnImage }}{{ $values.qvnImage }}{{ else }}{{ "docker.io/switchboardlabs/qvn:latest" }}{{ end }} + env: + - + name: CHAIN + value: {{ $values.chain }} + - + name: CLUSTER + value: {{ $values.cluster }} + - + name: NETWORK_ID + value: {{ $values.networkId }} + - + name: PROGRAM_ID + value: {{ $values.pid }} + - + name: HEARTBEAT_INTERVAL + value: {{ $values.heartbeatInterval | default "30" | quote }} + - + name: ORACLE_KEY + value: {{ $values.oracleKey | quote }} + - + name: EVM_ORACLE_KEY + value: {{ $values.evmOracleKey | quote}} + - + name: PAYER_SECRET + {{ if $values.infisicalSecretKey }} + valueFrom: + secretKeyRef: + name: infisical-secret + key: {{ $values.infisicalSecretKey }} + {{ else }} + value: {{ $values.payerSecret }} + {{ end }} + - + name: RPC_URL + value: {{ $values.rpcUrl }} + - + name: WSS_URL + value: {{ $values.wssUrl }} + - + name: WSS_RPC_URL + value: {{ $values.wssUrl }} + - + name: BACKUP_RPC_URL_1 + value: {{ $values.backupRpc1 }} + - + name: BACKUP_RPC_URL_2 + value: {{ $values.backupRpc2 }} + - + name: TELEMETRY_FEED_RESULT_PUSH_INTERVAL_MS + value: {{ $values.telemetryFeedResultPushIntervalMs | default "5000" | quote }} + - + name: TELEMETRY_FEED_RESULT_PUSH_URL + value: {{ $values.telemetryFeedResultPushUrl }} + # TASK RUNNER CONFIG + - + name: TASK_RUNNER_SOLANA_RPC + value: {{ $values.solanaMainnetRpc | default "https://switchboard.rpcpool.com/ec20ad2831092cfcef66d677539a" }} + - + name: GCP_CONFIG_BUCKET + value: {{ $values.gcpConfigBucket }} + - + name: JUPITER_SWAP_API_KEY + value: {{ $values.jupiterSwapApiKey | default "3a3b41bc06d49f9c89a8550ff84072be" }} + # APTOS / EVM / SUI + - + name: BATCH_SAVE_RESULT_INTERVAL + value: {{ $values.batchSaveResultInterval | quote }} + # EVM + - + name: UPDATE_SEARCH_REFRESH_INTERVAL + value: {{ $values.updateSearchRefreshInterval | quote }} + - + name: IPFS_API_URL + value: {{ $values.ipfsApiUrl | quote }} + - + name: INFURA_IPFS_CREDENTIALS + value: {{ $values.infuraIpfsCredentials | quote }} + - + name: CONTRACT_ADDRESS + value: {{ $values.contractAddress | quote }} + - + name: CHAIN_ID + value: {{ $values.evmChainId | quote }} + - + name: EVM_CHAIN_ID + value: {{ $values.evmChainId | quote }} + - + name: UPDATE_SEARCH_INTERVAL + value: {{ $values.updateSearchInterval | quote }} + # V3 + - + name: FUNDING_AMOUNT + value: {{ $values.fundingAmount | quote }} + - + name: FUNDING_THRESHOLD + value: {{ $values.fundingThreshold | quote }} + - + name: FUNDING_CHECK_INTERVAL + value: {{ $values.fundingCheckInterval | quote }} + # SOLANA + - + name: SOLANA_DISABLE_REST_CONNECTION + value: {{ $values.disableRestConnection | default "0" | quote }} + - + name: SOLANA_SAVE_RESULT_COMPUTE_UNITS + value: {{ $values.saveResultComputeUnits | quote }} + - + name: SOLANA_COMPUTE_UNIT_PRICE + value: {{ $values.computeUnitPrice | default "1" | quote }} + - + name: QUEUE + value: {{ $values.queueAddress | default "null" | quote }} + - + name: QUOTE_KEY + value: {{ $values.quoteAddress | default "null" | quote }} + - + name: SAS_QUEUE + value: {{ $values.sasQueue | default "null" | quote }} + - + name: DISABLE_NONCE_QUEUE + value: {{ $values.disableNonceQueue | default "0" | quote }} + - + name: NONCE_QUEUE_SIZE + value: {{ $values.nonceQueueSize | default "1000" | quote }} + - # Auto reconnect event watcher after 1hr + name: SOLANA_EVENT_WATCHER_AUTORECONNECT + value: {{ $values.autoreconnectEvents | default "0" | quote }} + - + name: SOLANA_BLOCKHASH_REFRESH_RATE + value: {{ $values.blockhashRefreshRate | quote }} + - + name: ORACLE_QUEUE_KEY + value: {{ $values.oracleQueueKey | default "null" | quote }} + - + name: SOLANA_ORACLE_QUEUE_KEY + value: {{ $values.oracleQueueKey | default "null" | quote }} + + # PERFORMANCE + - + name: EVENT_LOOP_STALL_INTERVAL_ERROR + value: {{ $values.eventLoopStallThreshold | quote }} + - + name: LAST_EVENT_STALENESS_THRESHOLD + value: {{ $values.lastEventStalenessThreshold | quote }} + - + name: LAST_RESPONSE_STALENESS_THRESHOLD + value: {{ $values.lastResponseStalenessThreshold | quote }} + # METRICS + - + name: METRICS_EXPORTER + value: {{ $values.metricsExporter | default "null" | quote }} + # ALERTING + - + name: VERBOSE + value: {{ $values.verbose | default "0" | quote }} + - + name: DEBUG + value: {{ $values.debug | default "0" | quote }} + - + name: PAGERDUTY_EVENT_KEY + value: {{ $values.pagerdutyEventKey | default "" | quote }} + # SECRETS + - + name: GOOGLE_PAYER_SECRET_PATH + value: {{ $values.googlePayerSecretPath }} + - + name: GOOGLE_APPLICATION_CREDENTIALS + value: {{ $values.googleApplicationCredentials }} + + - + name: AWS_ACCESS_KEY_ID + value: {{ $values.awsAccessKeyId }} + - + name: AWS_SECRET_ACCESS_KEY + value: {{ $values.awsSecretAccessKey }} + - + name: AZURE_PAYER_SECRET_PATH + value: {{ $values.azureSecretPath }} + - + name: DOCKER_USER + value: {{ $values.dockerUser }} + - + name: DOCKER_KEY + value: {{ $values.dockerKey }} + - + name: IPFS_URL + value: {{ $values.ipfsUrl }} + - + name: IPFS_KEY + value: {{ $values.ipfsKey }} + - + name: IPFS_SECRET + value: {{ $values.ipfsSecret }} + + # IMAGE / RESOURCES + imagePullPolicy: Always + name: "qvn" + {{ if eq $values.command "shell" }} + command: ["/bin/sh"] + args: ["-c", "while true; do echo hello; sleep 10;done"] + {{ end }} + securityContext: + privileged: true + + ports: + - name: web + containerPort: 9090 + protocol: TCP + - name: liveness-port + containerPort: 8080 + protocol: TCP + + # SGX ORACLE + resources: + limits: + cpu: 1700m + memory: 1700Mi + {{ if eq $values.sgx.type "azure" }} + sgx.intel.com/epc: 25Mi + sgx.intel.com/enclave: 1 + sgx.intel.com/provision: 1 + {{ end }} + requests: + cpu: 1500m + memory: 1600Mi + {{ if eq $values.sgx.type "azure" }} + sgx.intel.com/epc: 25Mi + sgx.intel.com/enclave: 1 + sgx.intel.com/provision: 1 + {{ end }} + # livenessProbe: + # httpGet: + # path: /metrics + # port: 9090 + # initialDelaySeconds: 60 + # failureThreshold: 10 + # periodSeconds: 10 + # timeoutSeconds: 10 + + + volumeMounts: + - mountPath: /home/credentials/ + name: google-cloud-key + - mountPath: /var/run/aesmd + name: var-run-aesmd + - mountPath: /dev/sgx/enclave + name: dev-sgx-enclave + - mountPath: /dev/sgx/provision + name: dev-sgx-provision + # - mountPath: /var/run/docker.sock + # name: docker-socket + - mountPath: /home/dotenv + name: dind-dotenv + + volumes: + - name: google-cloud-key + secret: + secretName: {{ $.Values.appType}}-service-account + - name: dind-dotenv + secret: + secretName: dind-dotenv + - name: shared-data + emptyDir: {} + - name: var-run-aesmd + hostPath: + path: /var/run/aesmd/ + - name: dev-sgx-enclave + hostPath: + path: /dev/sgx/enclave + - name: dev-sgx-provision + hostPath: + path: /dev/sgx/provision + +{{ end }} From e04472f86568e7d80ae33ba9b606976dcc2cd0f2 Mon Sep 17 00:00:00 2001 From: PringBlocks Date: Fri, 8 Mar 2024 18:22:59 +0700 Subject: [PATCH 06/18] add boostrap script --- scripts/bootstrap.ts | 145 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 145 insertions(+) create mode 100644 scripts/bootstrap.ts diff --git a/scripts/bootstrap.ts b/scripts/bootstrap.ts new file mode 100644 index 0000000..8cc1957 --- /dev/null +++ b/scripts/bootstrap.ts @@ -0,0 +1,145 @@ +import * as anchor from "@coral-xyz/anchor"; +import * as spl from "@solana/spl-token"; +import type { AccountInfo, AccountMeta } from "@solana/web3.js"; +import { + AddressLookupTableProgram, + Connection, + Keypair, + MessageV0, + PublicKey, + sendAndConfirmTransaction, + SystemProgram, + Transaction, + TransactionInstruction, + TransactionMessage, + VersionedTransaction, +} from "@solana/web3.js"; +import { Big, BigUtils, bs58 } from "@switchboard-xyz/common"; +import { OracleJob } from "@switchboard-xyz/common"; +import * as sb from "@switchboard-xyz/solana.js"; +import { toBufferLE } from "bigint-buffer"; +import * as crypto from "crypto"; +import * as fs from "fs"; +const assert = require("assert"); + +const walletFile = "your wallet file json here"; +const payerFile = "your payer file json here" +let PID = new PublicKey("sbattyXrzedoNATfc4L31wC9Mhxsi1BmFhTiN8gDshx"); +// PID = new PublicKey("CR1hCrkKveeWrYYs5kk7rasRM2AH1vZy8s8fn42NBwkq"); +const RPC_URL = "https://api.devnet.solana.com"; + + +async function fetchLatestSlotHash( + connection: Connection +): Promise<[bigint, string]> { + const slotHashesSysvarKey = new PublicKey( + "SysvarS1otHashes111111111111111111111111111" + ); + const accountInfo = await connection.getAccountInfo(slotHashesSysvarKey, { + commitment: "confirmed", + dataSlice: { length: 40, offset: 8 }, + }); + let buffer = accountInfo!.data; + const slotNumber = buffer.readBigUInt64LE(); + buffer = buffer.slice(8); + return [slotNumber, bs58.encode(buffer)]; +} + +async function initWalletFromFile(filePath: string): Promise { + // Read the file + const secretKeyString: string = fs.readFileSync(filePath, { + encoding: "utf8", + }); + const secretKey: Uint8Array = Uint8Array.from(JSON.parse(secretKeyString)); + + // Create a keypair from the secret key + const keypair: Keypair = Keypair.fromSecretKey(secretKey); + + // Create a wallet + const wallet: anchor.Wallet = new anchor.Wallet(keypair); + + return wallet; +} + +async function initKeypairFromFile(filePath: string): Promise { + // Read the file + const secretKeyString: string = fs.readFileSync(filePath, { + encoding: "utf8", + }); + const secretKey: Uint8Array = Uint8Array.from(JSON.parse(secretKeyString)); + + // Create a keypair from the secret key + const keypair: Keypair = Keypair.fromSecretKey(secretKey); + + return keypair; +} + +async function keypairFromJson(secretKeyString: string): Promise { + const secretKey: Uint8Array = Uint8Array.from(JSON.parse(secretKeyString)); + + // Create a keypair from the secret key + return Keypair.fromSecretKey(secretKey); +} + +export function logEnvVariables( + env: Array<[string, string | anchor.web3.PublicKey]>, + pre = "Make sure to add the following to your .env file:" +) { + console.log( + `\n${pre}\n\t${env + .map(([key, value]) => `${key.toUpperCase()}=${value}`) + .join("\n\t")}\n` + ); +} + +(async () => { + const connection = new Connection( + RPC_URL, + "confirmed" + ); + + const wallet = await initWalletFromFile(walletFile); + const devnetPayer = await initKeypairFromFile(payerFile); + const provider = new anchor.AnchorProvider(connection, wallet, {}); + const idl = await anchor.Program.fetchIdl(PID, provider); + const program = new anchor.Program(idl!, PID, provider); + const switchboardProgram = sb.SwitchboardProgram.from( + connection, + devnetPayer, + sb.SB_V2_PID, + PID + ); + + const [slotNumber, slotHash] = await fetchLatestSlotHash(connection); + const bootstrappedQueue = (await sb.AttestationQueueAccount.bootstrapNewQueue( + switchboardProgram + )) as any; + console.log(bootstrappedQueue); + + const attestationQueueAccount = bootstrappedQueue.attestationQueue.account; + const verifierOracleAccount = bootstrappedQueue.verifier.account; + const quoteKeypair2 = Keypair.generate(); + + const [verifier2, signature] = await attestationQueueAccount.createVerifier({ + createPermissions: true, + keypair: quoteKeypair2, + enable: true, + queueAuthorityPubkey: devnetPayer.publicKey, + authority: devnetPayer.publicKey, + queueAccount: attestationQueueAccount.publicKey, + registryKey: new Uint8Array(64).fill(0), + }); + console.log(verifier2.publicKey); + + logEnvVariables([ + ["SWITCHBOARD_ATTESTATION_QUEUE_KEY", attestationQueueAccount.publicKey], + ["SWITCHBOARD_VERIFIER_ORACLE_KEY", verifierOracleAccount.publicKey], + ["SWITCHBOARD_VERIFIER_ORACLE_KEY2", verifier2.publicKey.toString()], + ]); + + const y = bootstrappedQueue.signatures.map((s: any, i: any): any => { + return { name: `bootstrap_queue #${i + 1}`, tx: s }; + }); + console.log(y); + return; +})(); From bff96d871e21c8f528fc02381e3df69ed2506ec2 Mon Sep 17 00:00:00 2001 From: Mitch Gildenberg Date: Wed, 13 Mar 2024 10:26:07 -0400 Subject: [PATCH 07/18] checkpoint armada synchronize --- chains/solana/devnet-pull-equinix.yaml | 4 ---- charts/pull-service/templates/oracle-deployment.yaml | 3 --- 2 files changed, 7 deletions(-) diff --git a/chains/solana/devnet-pull-equinix.yaml b/chains/solana/devnet-pull-equinix.yaml index b1e608c..57087ec 100644 --- a/chains/solana/devnet-pull-equinix.yaml +++ b/chains/solana/devnet-pull-equinix.yaml @@ -1,12 +1,8 @@ -attestationProgramId: "FnaRmqv87EE7M7DJNpaWRHC9rPA2WrDJpnvvbGp4irPA" chain: "solana" cluster: "devnet" heartbeatInterval: "30" infisicalSecretKey: "SOLANA_KEY" infisicalSecretSlug: "dev" -ipfsApiUrl: https://ipfs.infura.io:5001 -ipfsKey: "2OuGHppwQzKcS9HErVCZ12ngIIr" -ipfsSecret: "cbfd29f500aee37e0b4139dabdbe396a" jupiterSwapApiKey: "3a3b41bc06d49f9c89a8550ff84072be" namespace: "devnet-pull" networkId: "devnet" diff --git a/charts/pull-service/templates/oracle-deployment.yaml b/charts/pull-service/templates/oracle-deployment.yaml index 7f2387f..e5ec36f 100644 --- a/charts/pull-service/templates/oracle-deployment.yaml +++ b/charts/pull-service/templates/oracle-deployment.yaml @@ -134,9 +134,6 @@ spec: name: IPFS_KEY value: {{ $values.ipfsKey | quote }} # SOLANA - - - name: SWITCHBOARD_ATTESTATION_PROGRAM_ID - value: {{ $values.attestationProgramId | quote }} - name: ORACLE_AUTHORITY value: {{ $values.oracle.authority }} From 898ea28ea68d070a20eb953c23f43f1ad3907ac2 Mon Sep 17 00:00:00 2001 From: Mitch Gildenberg Date: Wed, 13 Mar 2024 10:48:35 -0400 Subject: [PATCH 08/18] cp --- chains/solana/devnet-pull-equinix.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/chains/solana/devnet-pull-equinix.yaml b/chains/solana/devnet-pull-equinix.yaml index 57087ec..082d873 100644 --- a/chains/solana/devnet-pull-equinix.yaml +++ b/chains/solana/devnet-pull-equinix.yaml @@ -12,21 +12,21 @@ solanaMainnetRpc: "https://switchbo-switchbo-6225.devnet.rpcpool.com/f6fb9f02-07 wssUrl: "wss://switchbo-switchbo-6225.devnet.rpcpool.com/f6fb9f02-0777-498b-b8f5-67cbb1fc0d14" gateway: host: "pull-gateway.switchboard.xyz" - image: "docker.io/switchboardlabs/pull-oracle:v18" + image: "docker.io/switchboardlabs/pull-oracle:dev-RC_03_13_24_14_17" oracle: - image: "docker.io/switchboardlabs/pull-oracle:v18" + image: "docker.io/switchboardlabs/pull-oracle:dev-RC_03_13_24_14_17" authority: "2KgowxogBrGqRcgXQEmqFvC3PGtCu66qERNJevYW8Ajh" guardian: - queue: "RH4MXRCHriboKoPynKsGacC61D9QHa1hVXLFXMX9QNc" - key: "8ktDbWs5dBipxmnZsHKhmSN5sqswunUNKzeR8KZ3XgNy" + queue: "71wi6H1ByDG9qnRd5Ef8PSKoKH8rJ7pve7NDvB7Y4tqi" + key: "Ewq5ec637q9pvzZH5xBHtqxqUPSjo1j4sB1nXeeGNRHo" host: "guardian-oracle.switchboard.xyz" push: queue: "uPeRMdfPmrPqgRWSrjAnAkH78RqAhe5kXoW6vBYRqFX" key: "8AGNUUHphu8YevPoTGTbcbsJLKBe2F6byukfoPUWSHWm" host: "push-oracle.switchboard.xyz" pull: - queue: "v1k9qvCuvYgDkAcTExnrkt2BPNENfVVpowp5d7PYKAa" - key: "CFf1HHQrJ1Eji4SScfxCLrao89Eg6FTrkyPBLBERLFjS" + queue: "5Qv744yu7DmEbU669GmYRqL9kpQsyYsaVKdR8YiBMTaP" + key: "BfvoZHYSxgJe4P7jbt9HTqJHip7Lf3xRB1QNszEPrhCx" host: "pull-oracle.switchboard.xyz" # command: shell From bcbe5d4f8fe13829fb9e8914994567401fdb963e Mon Sep 17 00:00:00 2001 From: Mitch Gildenberg Date: Wed, 20 Mar 2024 11:21:43 -0400 Subject: [PATCH 09/18] add infisical turnup script --- charts/pull-service/templates/oracle-deployment.yaml | 7 +++---- scripts/ingress-init.sh | 6 ++++++ 2 files changed, 9 insertions(+), 4 deletions(-) create mode 100644 scripts/ingress-init.sh diff --git a/charts/pull-service/templates/oracle-deployment.yaml b/charts/pull-service/templates/oracle-deployment.yaml index e5ec36f..2062c89 100644 --- a/charts/pull-service/templates/oracle-deployment.yaml +++ b/charts/pull-service/templates/oracle-deployment.yaml @@ -178,14 +178,13 @@ spec: {{ end }} - ports: - name: web containerPort: {{ $config.port }} protocol: TCP - - name: metrics - containerPort: {{ $values.metricsPort }} - protocol: TCP + # - name: metrics + # containerPort: {{ $values.metricsPort }} + # protocol: TCP # - name: liveness-port # containerPort: {{ $values.metricsPort }} # protocol: TCP diff --git a/scripts/ingress-init.sh b/scripts/ingress-init.sh new file mode 100644 index 0000000..785870e --- /dev/null +++ b/scripts/ingress-init.sh @@ -0,0 +1,6 @@ +helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx || true +helm upgrade -i ingress-nginx ingress-nginx/ingress-nginx \ + --namespace ingress-nginx \ + --create-namespace \ + --timeout 600s \ + --debug From 9f3c3f697c01ed85ad679a5b832f22fae2809d9e Mon Sep 17 00:00:00 2001 From: PringBlocks <85567190+PringBlocks@users.noreply.github.com> Date: Fri, 8 Mar 2024 18:25:32 +0700 Subject: [PATCH 10/18] rebase --- charts/pull-service/templates/oracle-deployment.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/charts/pull-service/templates/oracle-deployment.yaml b/charts/pull-service/templates/oracle-deployment.yaml index 2062c89..7f9d111 100644 --- a/charts/pull-service/templates/oracle-deployment.yaml +++ b/charts/pull-service/templates/oracle-deployment.yaml @@ -182,9 +182,15 @@ spec: - name: web containerPort: {{ $config.port }} protocol: TCP +<<<<<<< HEAD # - name: metrics # containerPort: {{ $values.metricsPort }} # protocol: TCP +======= + - name: metrics + containerPort: {{ $values.metricsPort }} + protocol: TCP +>>>>>>> f3f7327 (rebase) # - name: liveness-port # containerPort: {{ $values.metricsPort }} # protocol: TCP From 2ea13a10340d0e3b8c6eec8459704c251fba3d5a Mon Sep 17 00:00:00 2001 From: PringBlocks Date: Mon, 11 Mar 2024 20:52:18 +0700 Subject: [PATCH 11/18] refine pull model yaml and bootstrap script --- chains/solana/devnet-pull.yaml | 1 - scripts/bootstrap.ts | 14 ++++++++++++-- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/chains/solana/devnet-pull.yaml b/chains/solana/devnet-pull.yaml index d98e17e..a7e0021 100644 --- a/chains/solana/devnet-pull.yaml +++ b/chains/solana/devnet-pull.yaml @@ -1,4 +1,3 @@ -attestationProgramId: "FnaRmqv87EE7M7DJNpaWRHC9rPA2WrDJpnvvbGp4irPA" chain: "solana" cluster: "devnet" heartbeatInterval: "30" diff --git a/scripts/bootstrap.ts b/scripts/bootstrap.ts index 8cc1957..ef5edca 100644 --- a/scripts/bootstrap.ts +++ b/scripts/bootstrap.ts @@ -23,12 +23,14 @@ import * as fs from "fs"; const assert = require("assert"); const walletFile = "your wallet file json here"; +// example "/Users/mgild/switchboard_environments_v2/devnet/upgrade_authority/test.json" const payerFile = "your payer file json here" let PID = new PublicKey("sbattyXrzedoNATfc4L31wC9Mhxsi1BmFhTiN8gDshx"); // PID = new PublicKey("CR1hCrkKveeWrYYs5kk7rasRM2AH1vZy8s8fn42NBwkq"); const RPC_URL = "https://api.devnet.solana.com"; + async function fetchLatestSlotHash( connection: Connection ): Promise<[bigint, string]> { @@ -93,13 +95,21 @@ export function logEnvVariables( } (async () => { + const ORACLE_IP = "127.0.0.1"; + + let PID = new PublicKey("sbattyXrzedoNATfc4L31wC9Mhxsi1BmFhTiN8gDshx"); + PID = sb.SB_ON_DEMAND_PID; const connection = new Connection( RPC_URL, "confirmed" ); - const wallet = await initWalletFromFile(walletFile); - const devnetPayer = await initKeypairFromFile(payerFile); + const wallet = await initWalletFromFile( + walletFile + ); + const devnetPayer = await initKeypairFromFile( + payerFile + ); const provider = new anchor.AnchorProvider(connection, wallet, {}); const idl = await anchor.Program.fetchIdl(PID, provider); const program = new anchor.Program(idl!, PID, provider); From e3a5a598cd4a4be883033b4b8df515c0d57cf0e4 Mon Sep 17 00:00:00 2001 From: Mitch Gildenberg Date: Mon, 4 Mar 2024 08:20:17 -0500 Subject: [PATCH 12/18] fixups --- chains/solana/devnet-pull.yaml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/chains/solana/devnet-pull.yaml b/chains/solana/devnet-pull.yaml index a7e0021..1ddf23f 100644 --- a/chains/solana/devnet-pull.yaml +++ b/chains/solana/devnet-pull.yaml @@ -6,29 +6,29 @@ infisicalSecretSlug: "dev" jupiterSwapApiKey: "3a3b41bc06d49f9c89a8550ff84072be" namespace: "devnet-pull" networkId: "devnet" -pagerdutyEventKey: "redacted" -rpcUrl: "redacted" -solanaMainnetRpc: "redacted" -wssUrl: "redacted" +pagerdutyEventKey: "FILL_IN_HERE>" +rpcUrl: "" +solanaMainnetRpc: "" +wssUrl: "" gateway: - host: "pull-gateway.switchboard.xyz" + host: "" image: "docker.io/switchboardlabs/pull-oracle:dev-RC_03_11_24_00_40" #you can get the keys below by running scripts/bootstrap.ts oracle: image: "docker.io/switchboardlabs/pull-oracle:dev-RC_03_11_24_00_40" - authority: "2KgowxogBrGqRcgXQEmqFvC3PGtCu66qERNJevYW8Ajh" + authority: "" guardian: queue: "RH4MXRCHriboKoPynKsGacC61D9QHa1hVXLFXMX9QNc" - key: "redacted" - host: "guardian-oracle.switchboard.xyz" + host: "" + key: "" push: queue: "uPeRMdfPmrPqgRWSrjAnAkH78RqAhe5kXoW6vBYRqFX" - key: "redacted" - host: "push-oracle.switchboard.xyz" + host: "" + key: "" pull: queue: "v1k9qvCuvYgDkAcTExnrkt2BPNENfVVpowp5d7PYKAa" - key: "redacted" - host: "pull-oracle.switchboard.xyz" + host: "" + key: "" # command: shell From ea424a29b49c15a4eaae0d2265008772a42fdff0 Mon Sep 17 00:00:00 2001 From: Mitch Gildenberg Date: Mon, 4 Mar 2024 08:23:01 -0500 Subject: [PATCH 13/18] fixups --- scripts/anneal.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/anneal.sh b/scripts/anneal.sh index 076d6f2..afbf1b2 100644 --- a/scripts/anneal.sh +++ b/scripts/anneal.sh @@ -7,6 +7,6 @@ elif [ "$1" == "equinix-devnet" ]; then cp ~/.kube/config-equinix ~/.kube/config helm upgrade -i pull-oracle-devnet ./charts/pull-service/ -f ./chains/solana/devnet-pull-equinix.yaml else - echo "Invalid argument. Please use either 'mainnet' or 'devnet'." + echo "Invalid argument. Please use either 'equinix-devnet' or 'devnet'." fi From 72c8aad10497c6fafba296ad3d4459acd328f93a Mon Sep 17 00:00:00 2001 From: Mitch Gildenberg Date: Mon, 4 Mar 2024 09:09:37 -0500 Subject: [PATCH 14/18] fixups --- chains/solana/devnet-pull.yaml | 7 ------- charts/pull-service/templates/oracle-deployment.yaml | 5 +---- 2 files changed, 1 insertion(+), 11 deletions(-) diff --git a/chains/solana/devnet-pull.yaml b/chains/solana/devnet-pull.yaml index 1ddf23f..9e15406 100644 --- a/chains/solana/devnet-pull.yaml +++ b/chains/solana/devnet-pull.yaml @@ -30,10 +30,3 @@ oracle: host: "" key: "" -# command: shell - -# sgx: -# type: "azure" -# memoryMiB: 32Mi -# cpu: 1500m - diff --git a/charts/pull-service/templates/oracle-deployment.yaml b/charts/pull-service/templates/oracle-deployment.yaml index 7f9d111..df6feaa 100644 --- a/charts/pull-service/templates/oracle-deployment.yaml +++ b/charts/pull-service/templates/oracle-deployment.yaml @@ -62,10 +62,7 @@ spec: name: ENABLE_GATEWAY value: "0" - - name: ENABLE_PUSH_ORACLE - value: {{ if eq $component "push" }}"1"{{ else }}"0"{{ end }} - - - name: ENABLE_PULL_ORACLE + name: ENABLE_ORACLE value: {{ if eq $component "pull" }}"1"{{ else }}"0"{{ end }} - name: ENABLE_GUARDIAN From be2dc919685639cf6b0fcd7ea77cdaf23710a2a6 Mon Sep 17 00:00:00 2001 From: Mitch Gildenberg Date: Mon, 4 Mar 2024 09:30:49 -0500 Subject: [PATCH 15/18] fixups --- charts/pull-service/templates/oracle-deployment.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/pull-service/templates/oracle-deployment.yaml b/charts/pull-service/templates/oracle-deployment.yaml index df6feaa..ff1d3c1 100644 --- a/charts/pull-service/templates/oracle-deployment.yaml +++ b/charts/pull-service/templates/oracle-deployment.yaml @@ -63,7 +63,7 @@ spec: value: "0" - name: ENABLE_ORACLE - value: {{ if eq $component "pull" }}"1"{{ else }}"0"{{ end }} + value: {{ if or (eq $component "pull") (eq $component "push") }}"1"{{ else }}"0"{{ end }} - name: ENABLE_GUARDIAN value: {{ if eq $component "guardian" }}"1"{{ else }}"0"{{ end }} From 7bc9ea2dbe9da2cad286b6a8cbdd8ff0396eadfb Mon Sep 17 00:00:00 2001 From: Mitch Gildenberg Date: Mon, 4 Mar 2024 10:10:02 -0500 Subject: [PATCH 16/18] fixups --- charts/pull-service/templates/oracle-deployment.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/charts/pull-service/templates/oracle-deployment.yaml b/charts/pull-service/templates/oracle-deployment.yaml index ff1d3c1..7f9d111 100644 --- a/charts/pull-service/templates/oracle-deployment.yaml +++ b/charts/pull-service/templates/oracle-deployment.yaml @@ -62,8 +62,11 @@ spec: name: ENABLE_GATEWAY value: "0" - - name: ENABLE_ORACLE - value: {{ if or (eq $component "pull") (eq $component "push") }}"1"{{ else }}"0"{{ end }} + name: ENABLE_PUSH_ORACLE + value: {{ if eq $component "push" }}"1"{{ else }}"0"{{ end }} + - + name: ENABLE_PULL_ORACLE + value: {{ if eq $component "pull" }}"1"{{ else }}"0"{{ end }} - name: ENABLE_GUARDIAN value: {{ if eq $component "guardian" }}"1"{{ else }}"0"{{ end }} From e61a2478ca51342f8e1860ac4500dfc0c73d78b8 Mon Sep 17 00:00:00 2001 From: Mitch Gildenberg Date: Wed, 20 Mar 2024 11:21:43 -0400 Subject: [PATCH 17/18] add infisical turnup script --- charts/pull-service/templates/oracle-deployment.yaml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/charts/pull-service/templates/oracle-deployment.yaml b/charts/pull-service/templates/oracle-deployment.yaml index 7f9d111..1551781 100644 --- a/charts/pull-service/templates/oracle-deployment.yaml +++ b/charts/pull-service/templates/oracle-deployment.yaml @@ -182,15 +182,9 @@ spec: - name: web containerPort: {{ $config.port }} protocol: TCP -<<<<<<< HEAD - # - name: metrics - # containerPort: {{ $values.metricsPort }} - # protocol: TCP -======= - name: metrics containerPort: {{ $values.metricsPort }} protocol: TCP ->>>>>>> f3f7327 (rebase) # - name: liveness-port # containerPort: {{ $values.metricsPort }} # protocol: TCP From 6b5735d25619a9b9701891ce239ea879f238d265 Mon Sep 17 00:00:00 2001 From: Mitch Gildenberg Date: Wed, 20 Mar 2024 17:02:41 -0400 Subject: [PATCH 18/18] rm dead files --- .../templates/oracle-deployment.yaml | 466 ------------------ .../templates/qvn-deployment.yaml | 318 ------------ 2 files changed, 784 deletions(-) delete mode 100644 charts/switchboard-oracle/templates/oracle-deployment.yaml delete mode 100644 charts/switchboard-oracle/templates/qvn-deployment.yaml diff --git a/charts/switchboard-oracle/templates/oracle-deployment.yaml b/charts/switchboard-oracle/templates/oracle-deployment.yaml deleted file mode 100644 index 1ce991f..0000000 --- a/charts/switchboard-oracle/templates/oracle-deployment.yaml +++ /dev/null @@ -1,466 +0,0 @@ -{{- $values := .Values -}} -{{- range $index, $key := .Values.oracleKeys }} -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - chain: {{ $.Values.chain }} - app: function-manager - should_scrape: scrape - queue: {{ $key.queue }} - oracleID: {{ $key.name }} - azure.workload.identity/use: "true" - name: {{ $.Values.chain }}-{{ $key.queue }}-{{ $.Values.appType}}-{{ $key.name }} - namespace: {{ $.Values.namespace }} -spec: - replicas: 1 - selector: - matchLabels: - app: oracle - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - template: - metadata: - labels: - chain: {{ $.Values.chain }} - app: oracle - queue: {{ $key.queue }} - should_scrape: scrape - spec: - serviceAccountName: {{ $.Values.serviceAccount }} - {{ if ne $.Values.appType "dind" }} - affinity: - podAntiAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - oracle - topologyKey: kubernetes.io/hostname - {{ end }} - dnsPolicy: ClusterFirst - containers: - # {{ if eq $.Values.appType "dind" }} -# - # - image: sking2600/azure-secret-inject - # name: secret-injector - # volumeMounts: - # - name: shared-data - # mountPath: /pod-data -# - # command: ["/bin/sh", "-c"] - # args: - # - node index.js {{ $values.azureVaultUrl }} {{ $values.azureSecretName }} > /pod-data/secret - # {{ end }} - - image: {{ if $key.image }}{{ $key.image }}{{ else }}{{ $values.image }}{{ end }} - env: - - - name: CHAIN - value: {{ $values.chain | quote }} - - - name: CLUSTER - value: {{ $values.cluster }} - - - name: NETWORK_ID - value: {{ $values.networkId }} - - - name: PROGRAM_ID - value: {{ $values.pid }} - - - name: CONTAINER_TIMEOUT - value: {{ $values.containerTimeout | default "15" | quote }} - - - name: NUM_WORKERS - value: {{ $values.numWorkers | default "10" | quote }} - - - name: HEARTBEAT_INTERVAL - value: {{ if $key.heartbeatInterval }}{{ $key.heartbeatInterval | quote }}{{ else }}{{ $values.heartbeatInterval | default "30" | quote }}{{ end }} - - - name: ORACLE_KEY - value: {{ $key.data | quote}} - - - name: EVM_ORACLE_KEY - value: {{ $key.data | quote}} - - - name: PAYER_SECRET - {{ if $values.infisicalSecretKey }} - valueFrom: - secretKeyRef: - name: infisical-secret - key: {{ $values.infisicalSecretKey | quote }} - {{ else }} - value: {{ $key.payerSecret }} - {{ end }} - - name: RUST_LOG - value: "info" - - - name: RPC_URL - value: {{ if $key.rpcUrl }}{{ $key.rpcUrl }}{{ else }}{{ $values.rpcUrl }}{{ end }} - - - name: QVN_URL - value: {{ if $key.qvnUrl }}{{ $key.qvnUrl }}{{ else }}{{ $values.qvnUrl }}{{ end }} - - - name: WSS_URL - value: {{ if $key.wssUrl }}{{ $key.wssUrl }}{{ else }}{{ $values.wssUrl }}{{ end }} - - - name: WSS_RPC_URL - value: {{ if $key.wssUrl }}{{ $key.wssUrl }}{{ else }}{{ $values.wssUrl }}{{ end }} - - - name: BACKUP_RPC_URL_1 - value: {{ if $key.backupRpc1 }}{{ $key.backupRpc1 }}{{ else }}{{ $values.backupRpc1 }}{{ end }} - - - name: BACKUP_RPC_URL_2 - value: {{ if $key.backupRpc2 }}{{ $key.backupRpc2 }}{{ else }}{{ $values.backupRpc2 }}{{ end }} - - - name: TELEMETRY_FEED_RESULT_PUSH_INTERVAL_MS - value: {{ if $key.telemetryFeedResultPushIntervalMs }}{{ $key.telemetryFeedResultPushIntervalMs | quote }}{{ else }}{{ $values.telemetryFeedResultPushIntervalMs | default "5000" | quote }}{{ end }} - - - name: TELEMETRY_FEED_RESULT_PUSH_URL - value: {{ if $key.telemetryFeedResultPushUrl }}{{ $key.telemetryFeedResultPushUrl }}{{ else }}{{ $values.telemetryFeedResultPushUrl }}{{ end }} - # TASK RUNNER CONFIG - - - name: TASK_RUNNER_SOLANA_RPC - value: {{ $values.solanaMainnetRpc | default "https://switchboard.rpcpool.com/ec20ad2831092cfcef66d677539a" }} - - - name: GCP_CONFIG_BUCKET - value: {{ $values.gcpConfigBucket }} - - - name: JUPITER_SWAP_API_KEY - value: {{ $values.jupiterSwapApiKey | default "3a3b41bc06d49f9c89a8550ff84072be" }} - # APTOS / EVM / SUI - - - name: BATCH_SAVE_RESULT_INTERVAL - value: {{ if $key.batchSaveResultInterval }}{{ $key.batchSaveResultInterval | quote }}{{ else }}{{ $values.batchSaveResultInterval | quote }}{{ end }} - # EVM - - - name: UPDATE_SEARCH_REFRESH_INTERVAL - value: {{ if $key.updateSearchRefreshInterval }}{{ $key.updateSearchRefreshInterval | quote }}{{ else }}{{ $values.updateSearchRefreshInterval | quote }}{{ end }} - - - name: IPFS_API_URL - value: {{ if $key.ipfsApiUrl }}{{ $key.ipfsApiUrl | quote }}{{ else }}{{ $values.ipfsApiUrl | quote }}{{ end }} - - - name: INFURA_IPFS_CREDENTIALS - value: {{ if $key.infuraIpfsCredentials }}{{ $key.infuraIpfsCredentials | quote }}{{ else }}{{ $values.infuraIpfsCredentials | quote }}{{ end }} - - - name: CONTRACT_ADDRESS - value: {{ if $key.contractAddress }}{{ $key.contractAddress | quote }}{{ else }}{{ $values.contractAddress | quote }}{{ end }} - - - name: CHAIN_ID - value: {{ if $key.evmChainId }}{{ $key.evmChainId | quote }}{{ else }}{{ $values.evmChainId | quote }}{{ end }} - - - name: EVM_CHAIN_ID - value: {{ if $key.evmChainId }}{{ $key.evmChainId | quote }}{{ else }}{{ $values.evmChainId | quote }}{{ end }} - - - name: UPDATE_SEARCH_INTERVAL - value: {{ if $key.updateSearchInterval }}{{ $key.updateSearchInterval | quote }}{{ else }}{{ $values.updateSearchInterval | quote }}{{ end }} - # V3 - - - name: FUNDING_AMOUNT - value: {{ if $key.fundingAmount }}{{ $key.fundingAmount | quote }}{{ else }}{{ $values.fundingAmount | quote }}{{ end }} - - - name: FUNDING_THRESHOLD - value: {{ if $key.fundingThreshold }}{{ $key.fundingThreshold | quote }}{{ else }}{{ $values.fundingThreshold | quote }}{{ end }} - - - name: FUNDING_CHECK_INTERVAL - value: {{ if $key.fundingCheckInterval }}{{ $key.fundingCheckInterval | quote }}{{ else }}{{ $values.fundingCheckInterval | quote }}{{ end }} - # NEAR - - - name: NEAR_NAMED_ACCOUNT - value: {{ $values.namedAccount }} - - - name: NEAR_NO_LOGS - value: "1" - - # Disable using the built-in near event listener for mainnet and use AWS - name: NEAR_LAKE_LISTENER - value: {{ if $key.nearLakeListener }}{{ $key.nearLakeListener | quote }}{{ else }}{{ $values.nearLakeListener | default "0" | quote }}{{ end }} - # SOLANA - - - name: SOLANA_DISABLE_REST_CONNECTION - value: {{ if $key.disableRestConnection }}{{ $key.disableRestConnection | quote }}{{ else }}{{ $values.disableRestConnection | default "0" | quote }}{{ end }} - - - name: SOLANA_SAVE_RESULT_COMPUTE_UNITS - value: {{ if $key.saveResultComputeUnits }}{{ $key.saveResultComputeUnits | quote }}{{ else }}{{ $values.saveResultComputeUnits | quote }}{{ end }} - - - name: SOLANA_COMPUTE_UNIT_PRICE - value: {{ $values.computeUnitPrice | default "1" | quote }} - - - name: QUEUE - value: {{ $key.queueAddress | quote }} - - - name: QUOTE_KEY - value: {{ $key.quoteAddress | quote }} - - - name: SAS_QUEUE - value: {{ $key.sasQueue | quote }} - - - name: DISABLE_NONCE_QUEUE - value: {{ if $key.disableNonceQueue }}{{ $key.disableNonceQueue | quote }}{{ else }}{{ $values.disableNonceQueue | default "0" | quote }}{{ end }} - - - name: NONCE_QUEUE_SIZE - value: {{ if $key.nonceQueueSize }}{{ $key.nonceQueueSize | quote }}{{ else }}{{ $values.nonceQueueSize | default "1000" | quote }}{{ end }} - - # Auto reconnect event watcher after 1hr - name: SOLANA_EVENT_WATCHER_AUTORECONNECT - value: {{ if $key.autoreconnectEvents }}{{ $key.autoreconnectEvents | quote }}{{ else }}{{ $values.autoreconnectEvents | default "0" | quote }}{{ end }} - - - name: SOLANA_BLOCKHASH_REFRESH_RATE - value: {{ if $key.blockhashRefreshRate }}{{ $key.blockhashRefreshRate | quote }}{{ else }}{{ $values.blockhashRefreshRate | quote }}{{ end }} - - - name: ORACLE_QUEUE_KEY - value: {{ $key.oracleQueueKey | quote }} - - - name: SOLANA_ORACLE_QUEUE_KEY - value: {{ $key.oracleQueueKey | quote }} - - # STARKNET - - - name: STARKNET_PAYER_ADDRESS - value: {{ if $key.starknetPayerAddress }}{{ $key.starknetPayerAddress }}{{ else }}{{ $values.starknetPayerAddress }}{{ end }} - # PERFORMANCE - - - name: EVENT_LOOP_STALL_INTERVAL_ERROR - value: {{ if $key.eventLoopStallThreshold }}{{ $key.eventLoopStallThreshold | quote }}{{ else }}{{ $values.eventLoopStallThreshold | quote }}{{ end }} - - - name: LAST_EVENT_STALENESS_THRESHOLD - value: {{ if $key.lastEventStalenessThreshold }}{{ $key.lastEventStalenessThreshold | quote }}{{ else }}{{ $values.lastEventStalenessThreshold | quote }}{{ end }} - - - name: LAST_RESPONSE_STALENESS_THRESHOLD - value: {{ if $key.lastResponseStalenessThreshold }}{{ $key.lastResponseStalenessThreshold | quote }}{{ else }}{{ $values.lastResponseStalenessThreshold | quote }}{{ end }} - # METRICS - - - name: METRICS_EXPORTER - value: {{ $values.metricsExporter }} - # ALERTING - - - name: VERBOSE - value: {{ if $key.verbose }}{{ $key.verbose | quote }}{{ else }}{{ $values.verbose | default "0" | quote }}{{ end }} - - - name: DEBUG - value: {{ if $key.debug }}{{ $key.debug | quote }}{{ else }} {{ $values.debug | default "0" | quote }}{{ end }} - - - name: PAGERDUTY_EVENT_KEY - value: {{ if $key.pagerdutyEventKey }}{{ $key.pagerdutyEventKey }}{{ else }}{{ $values.pagerdutyEventKey }}{{ end }} - # SECRETS - - - name: GOOGLE_PAYER_SECRET_PATH - value: {{ if $key.googlePayerSecretPath }}{{ $key.googlePayerSecretPath }}{{ else }}{{ $values.googlePayerSecretPath }}{{ end }} - - - name: GOOGLE_APPLICATION_CREDENTIALS - value: {{ $values.googleApplicationCredentials }} - - - - name: AWS_ACCESS_KEY_ID - value: {{ $values.awsAccessKeyId }} - - - name: AWS_SECRET_ACCESS_KEY - value: {{ $values.awsSecretAccessKey }} - - - name: AZURE_PAYER_SECRET_PATH - value: {{ if $key.azureSecretPath }}{{ $key.azureSecretPath }}{{ else }}{{ $values.azureSecretPath }}{{ end }} - - # Node JS Oracle Workerpool Config - - - name: TASK_RUNNER_WORKER_DISABLED - value: {{ if $key.workerpoolDisabled }}{{ $key.workerpoolDisabled | quote }}{{ else }}{{ $values.workerpoolDisabled | default "0" | quote }}{{ end }} - - - name: TASK_RUNNER_WORKER_JSON_PATH_DISABLED - value: {{ if $key.workerpoolJsonPathDisabled }}{{ $key.workerpoolJsonPathDisabled | quote }}{{ else }}{{ $values.workerpoolJsonPathDisabled | default "0" | quote }}{{ end }} - - - name: TASK_RUNNER_WORKER_TWAP_DISABLED - value: {{ if $key.workerpoolTwapDisabled }}{{ $key.workerpoolTwapDisabled | quote }}{{ else }}{{ $values.workerpoolTwapDisabled | default "0" | quote }}{{ end }} - - {{ if eq $.Values.appType "dind" }} - - - name: DOCKER_USER - value: {{ $values.dockerUser }} - - - name: DOCKER_KEY - value: {{ $values.dockerKey }} - - - name: IPFS_URL - value: {{ $values.ipfsUrl }} - - - name: IPFS_KEY - value: {{ $values.ipfsKey }} - - - name: IPFS_SECRET - value: {{ $values.ipfsSecret }} - {{ end }} - - # IMAGE / RESOURCES - imagePullPolicy: IfNotPresent #Always - name: {{ $values.chain }}-oracle - {{ if eq $.Values.appType "dind" }} - command: ["/bin/sh"] - args: ["-c", "while true; do bash /boot.sh; done"] - {{ end }} - {{ if eq $values.command "shell" }} - command: ["/bin/sh"] - args: ["-c", "while true; do echo hello; sleep 10;done"] - {{ end }} - {{ if eq $key.command "enableSourceMaps" }} - command: ["/bin/bash"] - args: ["-c", "while true ; do node --unhandled-rejections=warn --enable-source-maps ./dist/index.js; echo restarting in 10 seconds; sleep 10; done",] - {{ end }} - {{ if eq $.Values.appType "dind" }} - # command: ["/bin/sh"] - # args: ["-c", "dockerd"] - securityContext: - privileged: true - {{ end }} - - ports: - - name: web - containerPort: 9090 - protocol: TCP - - name: liveness-port - containerPort: 8080 - protocol: TCP - - # {{ if ne $values.command "shell" }} - # # https://github.com/kubernetes/kubernetes/issues/89898#issuecomment-876539217 - # # Wait for the container to startup and signal they are ready to receive traffic from k8s - # startupProbe: - # httpGet: - # path: /healthz - # port: liveness-port - # initialDelaySeconds: 5 - # failureThreshold: 30 - # periodSeconds: 5 - # timeoutSeconds: 10 - # # Check whether the pod is ready to receive traffic. If this fails it will create a new pod - # livenessProbe: - # exec: - # command: - # - sh - # - -c - # - "curl --fail http://localhost:8080/healthz || exit 1 " - # initialDelaySeconds: 10 - # periodSeconds: 30 - # failureThreshold: 3 - # timeoutSeconds: 5 - # {{ end }} - - {{ if $values.sgx.type }} - # SGX ORACLE - resources: - limits: - cpu: 2500m - memory: 4000Mi - {{ if eq $values.sgx.type "azure" }} - sgx.intel.com/epc: 25Mi - sgx.intel.com/enclave: 1 - sgx.intel.com/provision: 1 - {{ end }} - requests: - cpu: 2500m - memory: 3900Mi - {{ if eq $values.sgx.type "azure" }} - sgx.intel.com/epc: 25Mi - sgx.intel.com/enclave: 1 - sgx.intel.com/provision: 1 - {{ end }} - {{ if not $values.command }} - livenessProbe: - httpGet: - path: /metrics - port: 9090 - initialDelaySeconds: 60 - failureThreshold: 10 - periodSeconds: 10 - timeoutSeconds: 10 - {{ end }} - - {{ else }} - # LEGACY ORACLE - # startupProbe: - # httpGet: - # path: /healthz - # port: liveness-port - # initialDelaySeconds: 5 - # failureThreshold: 30 - # periodSeconds: 5 - # timeoutSeconds: 10 - # Check whether the pod is ready to receive traffic. If this fails it will create a new pod - # livenessProbe: - # exec: - # command: - # - sh - # - -c - # - "curl --fail http://localhost:8080/healthz || exit 1" - # initialDelaySeconds: 10 - # periodSeconds: 30 - # failureThreshold: 3 - # timeoutSeconds: 5 - resources: - limits: - cpu: 4000m - memory: 3Gi - requests: - cpu: 3500m - memory: 3Gi - {{ end }} - - {{ if $values.sgx.type }} - volumeMounts: - # - name: docker-graph-storage - # mountPath: /var/lib/docker - - mountPath: /home/credentials/ - name: google-cloud-key - - mountPath: /dev/sgx/enclave - name: dev-sgx-enclave - - mountPath: /dev/sgx/provision - name: dev-sgx-provision - # - mountPath: /var/run/docker.sock - # name: docker-socket - {{ if eq $.Values.appType "dind" }} - - mountPath: /home/dotenv - name: dind-dotenv - - mountPath: /var/lib/docker - name: docker-layers - {{ end }} - # {{ if eq $.Values.registryMirror true }} - # - name: docker-config - # mountPath: /etc/docker/daemon.json - # subPath: daemon.json - - # {{ end }} - # - mountPath: /dev/isgx - # name: dev-isgx - - volumes: - - name: google-cloud-key - secret: - secretName: {{ $.Values.appType}}-service-account - {{ if eq $.Values.appType "dind" }} - - name: dind-dotenv - secret: - secretName: dind-dotenv - - name: docker-layers - persistentVolumeClaim: - claimName: {{ $.Values.pvcName}} - # - name: docker-socket - # hostPath: - # path: /var/run/docker.sock - # type: Socket - {{- end }} - - name: shared-data - emptyDir: {} - - name: dev-sgx-enclave - hostPath: - path: /dev/sgx/enclave - - name: dev-sgx-provision - hostPath: - path: /dev/sgx/provision - {{ end }} - # - name: dev-isgx - # hostPath: - # path: /dev/isgx - - - ---- -{{ end }} diff --git a/charts/switchboard-oracle/templates/qvn-deployment.yaml b/charts/switchboard-oracle/templates/qvn-deployment.yaml deleted file mode 100644 index 9dcd224..0000000 --- a/charts/switchboard-oracle/templates/qvn-deployment.yaml +++ /dev/null @@ -1,318 +0,0 @@ -{{ if eq $.Values.appType "dind" }} -{{- $values := .Values -}} -apiVersion: apps/v1 -kind: Deployment -metadata: - labels: - chain: {{ $.Values.chain }} - app: qvn - should_scrape: scrape - azure.workload.identity/use: "true" - name: qvn - namespace: {{ $.Values.namespace }} -spec: - replicas: 1 - selector: - matchLabels: - app: qvn - strategy: - rollingUpdate: - maxSurge: 1 - maxUnavailable: 0 - template: - metadata: - labels: - chain: {{ $.Values.chain }} - app: qvn - should_scrape: scrape - spec: - serviceAccountName: {{ $.Values.serviceAccount }} - affinity: - podAntiAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: app - operator: In - values: - - qvn - topologyKey: kubernetes.io/hostname - hostNetwork: false - - containers: - # - image: "docker.io/switchboardlabs/qvn:latest" - - image: {{ if $values.qvnImage }}{{ $values.qvnImage }}{{ else }}{{ "docker.io/switchboardlabs/qvn:latest" }}{{ end }} - env: - - - name: CHAIN - value: {{ $values.chain }} - - - name: CLUSTER - value: {{ $values.cluster }} - - - name: NETWORK_ID - value: {{ $values.networkId }} - - - name: PROGRAM_ID - value: {{ $values.pid }} - - - name: HEARTBEAT_INTERVAL - value: {{ $values.heartbeatInterval | default "30" | quote }} - - - name: ORACLE_KEY - value: {{ $values.oracleKey | quote }} - - - name: EVM_ORACLE_KEY - value: {{ $values.evmOracleKey | quote}} - - - name: PAYER_SECRET - {{ if $values.infisicalSecretKey }} - valueFrom: - secretKeyRef: - name: infisical-secret - key: {{ $values.infisicalSecretKey }} - {{ else }} - value: {{ $values.payerSecret }} - {{ end }} - - - name: RPC_URL - value: {{ $values.rpcUrl }} - - - name: WSS_URL - value: {{ $values.wssUrl }} - - - name: WSS_RPC_URL - value: {{ $values.wssUrl }} - - - name: BACKUP_RPC_URL_1 - value: {{ $values.backupRpc1 }} - - - name: BACKUP_RPC_URL_2 - value: {{ $values.backupRpc2 }} - - - name: TELEMETRY_FEED_RESULT_PUSH_INTERVAL_MS - value: {{ $values.telemetryFeedResultPushIntervalMs | default "5000" | quote }} - - - name: TELEMETRY_FEED_RESULT_PUSH_URL - value: {{ $values.telemetryFeedResultPushUrl }} - # TASK RUNNER CONFIG - - - name: TASK_RUNNER_SOLANA_RPC - value: {{ $values.solanaMainnetRpc | default "https://switchboard.rpcpool.com/ec20ad2831092cfcef66d677539a" }} - - - name: GCP_CONFIG_BUCKET - value: {{ $values.gcpConfigBucket }} - - - name: JUPITER_SWAP_API_KEY - value: {{ $values.jupiterSwapApiKey | default "3a3b41bc06d49f9c89a8550ff84072be" }} - # APTOS / EVM / SUI - - - name: BATCH_SAVE_RESULT_INTERVAL - value: {{ $values.batchSaveResultInterval | quote }} - # EVM - - - name: UPDATE_SEARCH_REFRESH_INTERVAL - value: {{ $values.updateSearchRefreshInterval | quote }} - - - name: IPFS_API_URL - value: {{ $values.ipfsApiUrl | quote }} - - - name: INFURA_IPFS_CREDENTIALS - value: {{ $values.infuraIpfsCredentials | quote }} - - - name: CONTRACT_ADDRESS - value: {{ $values.contractAddress | quote }} - - - name: CHAIN_ID - value: {{ $values.evmChainId | quote }} - - - name: EVM_CHAIN_ID - value: {{ $values.evmChainId | quote }} - - - name: UPDATE_SEARCH_INTERVAL - value: {{ $values.updateSearchInterval | quote }} - # V3 - - - name: FUNDING_AMOUNT - value: {{ $values.fundingAmount | quote }} - - - name: FUNDING_THRESHOLD - value: {{ $values.fundingThreshold | quote }} - - - name: FUNDING_CHECK_INTERVAL - value: {{ $values.fundingCheckInterval | quote }} - # SOLANA - - - name: SOLANA_DISABLE_REST_CONNECTION - value: {{ $values.disableRestConnection | default "0" | quote }} - - - name: SOLANA_SAVE_RESULT_COMPUTE_UNITS - value: {{ $values.saveResultComputeUnits | quote }} - - - name: SOLANA_COMPUTE_UNIT_PRICE - value: {{ $values.computeUnitPrice | default "1" | quote }} - - - name: QUEUE - value: {{ $values.queueAddress | default "null" | quote }} - - - name: QUOTE_KEY - value: {{ $values.quoteAddress | default "null" | quote }} - - - name: SAS_QUEUE - value: {{ $values.sasQueue | default "null" | quote }} - - - name: DISABLE_NONCE_QUEUE - value: {{ $values.disableNonceQueue | default "0" | quote }} - - - name: NONCE_QUEUE_SIZE - value: {{ $values.nonceQueueSize | default "1000" | quote }} - - # Auto reconnect event watcher after 1hr - name: SOLANA_EVENT_WATCHER_AUTORECONNECT - value: {{ $values.autoreconnectEvents | default "0" | quote }} - - - name: SOLANA_BLOCKHASH_REFRESH_RATE - value: {{ $values.blockhashRefreshRate | quote }} - - - name: ORACLE_QUEUE_KEY - value: {{ $values.oracleQueueKey | default "null" | quote }} - - - name: SOLANA_ORACLE_QUEUE_KEY - value: {{ $values.oracleQueueKey | default "null" | quote }} - - # PERFORMANCE - - - name: EVENT_LOOP_STALL_INTERVAL_ERROR - value: {{ $values.eventLoopStallThreshold | quote }} - - - name: LAST_EVENT_STALENESS_THRESHOLD - value: {{ $values.lastEventStalenessThreshold | quote }} - - - name: LAST_RESPONSE_STALENESS_THRESHOLD - value: {{ $values.lastResponseStalenessThreshold | quote }} - # METRICS - - - name: METRICS_EXPORTER - value: {{ $values.metricsExporter | default "null" | quote }} - # ALERTING - - - name: VERBOSE - value: {{ $values.verbose | default "0" | quote }} - - - name: DEBUG - value: {{ $values.debug | default "0" | quote }} - - - name: PAGERDUTY_EVENT_KEY - value: {{ $values.pagerdutyEventKey | default "" | quote }} - # SECRETS - - - name: GOOGLE_PAYER_SECRET_PATH - value: {{ $values.googlePayerSecretPath }} - - - name: GOOGLE_APPLICATION_CREDENTIALS - value: {{ $values.googleApplicationCredentials }} - - - - name: AWS_ACCESS_KEY_ID - value: {{ $values.awsAccessKeyId }} - - - name: AWS_SECRET_ACCESS_KEY - value: {{ $values.awsSecretAccessKey }} - - - name: AZURE_PAYER_SECRET_PATH - value: {{ $values.azureSecretPath }} - - - name: DOCKER_USER - value: {{ $values.dockerUser }} - - - name: DOCKER_KEY - value: {{ $values.dockerKey }} - - - name: IPFS_URL - value: {{ $values.ipfsUrl }} - - - name: IPFS_KEY - value: {{ $values.ipfsKey }} - - - name: IPFS_SECRET - value: {{ $values.ipfsSecret }} - - # IMAGE / RESOURCES - imagePullPolicy: Always - name: "qvn" - {{ if eq $values.command "shell" }} - command: ["/bin/sh"] - args: ["-c", "while true; do echo hello; sleep 10;done"] - {{ end }} - securityContext: - privileged: true - - ports: - - name: web - containerPort: 9090 - protocol: TCP - - name: liveness-port - containerPort: 8080 - protocol: TCP - - # SGX ORACLE - resources: - limits: - cpu: 1700m - memory: 1700Mi - {{ if eq $values.sgx.type "azure" }} - sgx.intel.com/epc: 25Mi - sgx.intel.com/enclave: 1 - sgx.intel.com/provision: 1 - {{ end }} - requests: - cpu: 1500m - memory: 1600Mi - {{ if eq $values.sgx.type "azure" }} - sgx.intel.com/epc: 25Mi - sgx.intel.com/enclave: 1 - sgx.intel.com/provision: 1 - {{ end }} - # livenessProbe: - # httpGet: - # path: /metrics - # port: 9090 - # initialDelaySeconds: 60 - # failureThreshold: 10 - # periodSeconds: 10 - # timeoutSeconds: 10 - - - volumeMounts: - - mountPath: /home/credentials/ - name: google-cloud-key - - mountPath: /var/run/aesmd - name: var-run-aesmd - - mountPath: /dev/sgx/enclave - name: dev-sgx-enclave - - mountPath: /dev/sgx/provision - name: dev-sgx-provision - # - mountPath: /var/run/docker.sock - # name: docker-socket - - mountPath: /home/dotenv - name: dind-dotenv - - volumes: - - name: google-cloud-key - secret: - secretName: {{ $.Values.appType}}-service-account - - name: dind-dotenv - secret: - secretName: dind-dotenv - - name: shared-data - emptyDir: {} - - name: var-run-aesmd - hostPath: - path: /var/run/aesmd/ - - name: dev-sgx-enclave - hostPath: - path: /dev/sgx/enclave - - name: dev-sgx-provision - hostPath: - path: /dev/sgx/provision - -{{ end }}