diff --git a/.editorconfig b/.editorconfig index 08b6675d..8c900079 100644 --- a/.editorconfig +++ b/.editorconfig @@ -24,3 +24,7 @@ indent_size = 2 [*.{yml,yaml}] indent_style = space indent_size = 2 + +[Tiltfile] +indent_style = space +indent_size = 4 diff --git a/.github/workflows/check-py.yml b/.github/workflows/check-py.yml new file mode 100644 index 00000000..abd98a66 --- /dev/null +++ b/.github/workflows/check-py.yml @@ -0,0 +1,22 @@ +name: Check Python code + +on: + push: + paths: + - '**/Tiltfile' + - '**.py' + - '.github/workflows/check-py.yml' + +jobs: + check-fmt: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Check format + uses: psf/black@stable + with: + options: '--line-length 100 --include Tiltfile --check' diff --git a/.gitmodules b/.gitmodules index 4ccda555..7e090732 100644 --- a/.gitmodules +++ b/.gitmodules @@ -5,5 +5,5 @@ path = contracts/lib/openzeppelin-contracts url = https://github.com/openzeppelin/openzeppelin-contracts [submodule "constellation"] - path = constellation + path = deploy/constellation/constellation-src url = https://github.com/comrade-coop/constellation diff --git a/Dockerfile b/Dockerfile index 4d1db619..86071de1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,59 +2,73 @@ ## common: ## -FROM docker.io/library/golang:1.22.6@sha256:367bb5295d3103981a86a572651d8297d6973f2ec8b62f716b007860e22cbc25 as build-common -# 1.21-bookworm +FROM docker.io/library/golang:1.23.1-bookworm@sha256:1a5326b07cbab12f4fd7800425f2cf25ff2bd62c404ef41b56cb99669a710a83 as build-dependencies ENV DEBIAN_FRONTEND=noninteractive RUN apt-get update && apt-get install -y protobuf-compiler libgpgme-dev && rm -rf /var/lib/apt/lists/* -RUN go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.31.0 && go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.3.0 && go install github.com/ethereum/go-ethereum/cmd/abigen@v1.13.3 +RUN go install google.golang.org/protobuf/cmd/protoc-gen-go@v1.31.0 && go install google.golang.org/grpc/cmd/protoc-gen-go-grpc@v1.3.0 && go install github.com/ethereum/go-ethereum/cmd/abigen@v1.14.9 + +FROM build-dependencies AS build-common WORKDIR /app COPY go.mod go.sum ./ -RUN go mod download && go mod verify +RUN --mount=type=cache,target=/root/.cache/go-build go mod download && go mod verify COPY pkg ./pkg -FROM docker.io/debian@sha256:2bc5c236e9b262645a323e9088dfa3bb1ecb16cc75811daf40a23a824d665be9 as run-common -# bookworm-slim, bookworm-20231120-slim matching golang:1.21-bookworm +FROM docker.io/debian:bookworm-20240904-slim@sha256:a629e796d77a7b2ff82186ed15d01a493801c020eed5ce6adaa2704356f15a1c as run-common +# matching golang:1.23.1-bookworm above RUN apt-get update && apt-get install -y libgpgme11 curl jq && rm -rf /var/lib/apt/lists/* ## p2p-helper: ## -FROM build-common as build-p2p-helper +FROM build-common AS build-p2p-helper COPY cmd/ipfs-p2p-helper ./cmd/ipfs-p2p-helper RUN --mount=type=cache,target=/root/.cache/go-build go build -v -o /usr/local/bin/ipfs-p2p-helper ./cmd/ipfs-p2p-helper -FROM run-common as p2p-helper +FROM run-common AS p2p-helper COPY --from=build-p2p-helper /usr/local/bin/ipfs-p2p-helper /usr/local/bin/ipfs-p2p-helper ENTRYPOINT ["ipfs-p2p-helper"] +FROM run-common AS p2p-helper-copy-local + +COPY ./bin/ipfs-p2p-helper /usr/local/bin/ipfs-p2p-helper + +ENTRYPOINT ["ipfs-p2p-helper"] + ## server: ## -FROM build-common as build-server +FROM build-common AS build-server COPY cmd/tpodserver ./cmd/tpodserver RUN --mount=type=cache,target=/root/.cache/go-build go build -v -o /usr/local/bin/tpodserver ./cmd/tpodserver +# RUN --mount=type=cache,target=/root/.cache/go-build --mount=type=bind,source=.,target=/app go build -v -o /usr/local/bin/tpodserver ./cmd/tpodserver -FROM run-common as server +FROM run-common AS server COPY --from=build-server /usr/local/bin/tpodserver /usr/local/bin/tpodserver ENTRYPOINT ["tpodserver"] +FROM run-common AS server-copy-local + +COPY ./bin/tpodserver /usr/local/bin/tpodserver + +ENTRYPOINT ["tpodserver"] + ## autoscaler: ## -FROM build-common as build-autoscaler +FROM build-common AS build-autoscaler COPY autoscaler ./autoscaler RUN --mount=type=cache,target=/root/.cache/go-build go build -v -o /usr/local/bin/autoscaler ./autoscaler -FROM run-common as autoscaler +FROM run-common AS autoscaler COPY --from=build-autoscaler /usr/local/bin/autoscaler /usr/local/bin/autoscaler @@ -72,3 +86,9 @@ FROM run-common as tpod-proxy COPY --from=build-tpod-proxy /usr/local/bin/tpod-proxy /usr/local/bin/tpod-proxy ENTRYPOINT ["tpod-proxy"] + +FROM run-common AS tpod-proxy-copy-local + +COPY ./bin/proxy /usr/local/bin/tpod-proxy + +ENTRYPOINT ["tpod-proxy"] diff --git a/README.md b/README.md index aa98a3a1..b8f0162b 100644 --- a/README.md +++ b/README.md @@ -36,10 +36,12 @@ Before running the various tests, Make sure the following dependencies are insta - **[kubectl](https://kubernetes.io/docs/tasks/tools/install-kubectl-linux/)**: The Kubernetes command-line tool for managing Kubernetes clusters. - **[docker](https://docs.docker.com/engine/install/)**: platform for developing, shipping, and running applications using containerization. - **[jq](https://jqlang.github.io/jq/)**: lightweight and flexible command-line JSON processor. -- **[minikube](https://minikube.sigs.k8s.io/docs/start/)**: tool that runs a single-node Kubernetes cluster locally. +- **[kind](https://kind.sigs.k8s.io/docs/user/quick-start/)**: tool that runs a single-node Kubernetes cluster locally. +- **[ctlptl](https://github.com/tilt-dev/ctlptl/)**: An utility for declaratively setting up local Kubernetes clusters. +- **[tilt](https://docs.tilt.dev/install.html)**: A toolkit automating the process of setting up a new local development cluster. - **[helm](https://helm.sh/)**: package manager for Kubernetes - **[helmfile](https://github.com/helmfile/helmfile)**: declarative configuration tool for Helm. -- **[forge, cast, anvil](https://github.com/foundry-rs/foundry)**: tools for building Ethereum-based applications. +- **[forge, cast, anvil](https://github.com/foundry-rs/foundry)**: tools for building Ethereum-based applications. - **[ipfs](https://docs.ipfs.tech/install/command-line/#install-official-binary-distributions)**: The InterPlanetary File System - **[constellation](https://docs.edgeless.systems/constellation/getting-started/first-steps-local)**: Constellation is a Kubernetes engine that provides a secure and confidential way to run Kubernetes clusters. (Needed in `test/e2e/constellation`). @@ -55,30 +57,35 @@ npm i && turbo sync ``` > Rerun `turbo sync` whenever you change files under the `proto/` and `contracts/` folders. -To start a local environment for e.g. integration-testing or evaluating the project, you can use the end-to-end tests in the `test/e2e` folder. +To start a local environment for e.g. integration-testing or evaluating the project, you can use `tilt` with Tiltfile in the `test/e2e` folder. -Typical development involves running the minikube end-to-end test, which can be done using the following command: +You can use it, for example, by running the following commands: ```bash -./test/e2e/minikube/run-test.sh +# Create a kind cluster: +ctlptl create cluster kind --registry=ctlptl-registry --kubernetes-version=v1.31.0 +# Start tilt and run the nginx test: +tilt up -- --include ./test/e2e/nginx/Tiltfile ``` -The command, after all dependencies are met, will proceed to start a local docker registry and test ethereum node, build and upload the project to them, then spin up a minikube cluster and deploy all necessary prerequisites into it, and finally deploying a pod from a [manifest file](spec/MANIFEST.md) into the cluster and then querying it over HTTP. It should display the curl command used to query the pod, and you should be able to use it yourself after the script is finished. +The first command will spin up a kind cluster with a local registry. Then, the second command will, after checking that any additional dependencies are met, then deploy all necessary prerequisites into local cluster, and finally deploying a pod from a [manifest file](spec/MANIFEST.md) into the cluster. + -Once you are done playing around with the tests, simply run the following command to delete and stop the minikube cluster: +Once you are done playing around with the test, run the following commands to clean up: ```bash -test/e2e/minikube/run-test.sh teardown +# Clean up the local cluster: +tilt down -- --include ./test/e2e/nginx/Tiltfile +# Delete up the local cluster: +ctlptl create delete kind ``` -(or alternatively, pass `teardown full` to also stop any local docker containers used by the test) - ## Contributing diff --git a/Tiltfile b/Tiltfile new file mode 100644 index 00000000..d6252e89 --- /dev/null +++ b/Tiltfile @@ -0,0 +1,30 @@ +# -*- mode: Python -*- +# SPDX-License-Identifier: GPL-3.0 + + +config.define_string_list("include") +config.define_string("allow-context") +config.define_bool("deploy-stack") +cfg = config.parse() + +if "allow-context" in cfg: + allow_k8s_contexts(cfg["allow-context"]) + +load( + "./deploy/Tiltfile", + "apocryph_resource", + "apocryph_build_with_builder", + "deploy_apocryph_stack", + "deploy_apocryph_local", +) + +if cfg.get("deploy-stack", True): + apocryph_build_with_builder() + deploy_apocryph_stack() + deploy_apocryph_local() +else: + apocryph_build_with_builder(skip_images=True) + deploy_apocryph_local(resource_deps=[]) + +for f in cfg.get("include", []): + load_dynamic(f) diff --git a/cmd/trustedpods/deploy.go b/cmd/trustedpods/deploy.go index 6fd4dd5b..028e8ad1 100644 --- a/cmd/trustedpods/deploy.go +++ b/cmd/trustedpods/deploy.go @@ -7,6 +7,7 @@ import ( "crypto/rand" "fmt" "math/big" + "os" "path/filepath" "github.com/comrade-coop/apocryph/pkg/abi" @@ -187,12 +188,11 @@ var deployPodCmd = &cobra.Command{ } } - ctrdClient, err := ipcr.GetContainerdClient("k8s.io") - if err != nil { - return err - } - if uploadImages { + ctrdClient, err := ipcr.GetContainerdClient("k8s.io") + if err != nil { + return err + } err = publisher.UploadImages(cmd.Context(), ctrdClient, ipfsApi, pod, deployment) if err != nil { return err @@ -254,7 +254,7 @@ var deletePodCmd = &cobra.Command{ Use: fmt.Sprintf("delete [%s|deployment.yaml]", publisher.DefaultPodFile), Aliases: []string{"undeploy"}, Short: "Delete a pod from a local deployment", - Args: cobra.MaximumNArgs(1), + Args: cobra.MaximumNArgs(2), GroupID: "main", RunE: func(cmd *cobra.Command, args []string) error { _, deploymentFile, _, deployment, err := publisher.ReadPodAndDeployment(args, manifestFormat, deploymentFormat) @@ -300,6 +300,27 @@ var deletePodCmd = &cobra.Command{ }, } +var podNamespaceCmd = &cobra.Command{ + Use: fmt.Sprintf("namespace [%s|deployment.yaml]", publisher.DefaultPodFile), + Short: "Get a pod's expected namespace in kubernetes", + Long: "Temporary command, may be removed once/if namespaces are implemented differently.", + GroupID: "lowlevel", + Args: cobra.MaximumNArgs(1), + RunE: func(cmd *cobra.Command, args []string) error { + _, _, _, deployment, err := publisher.ReadPodAndDeployment(args, manifestFormat, deploymentFormat) + if err != nil { + return err + } + configureDeployment(deployment) + + ns := pbcon.NamespaceFromTokenParts(common.BytesToAddress(deployment.Payment.PublisherAddress), common.Hash(deployment.Payment.PodID)) + + _, err = fmt.Fprintln(os.Stdout, ns) + + return err + }, +} + func init() { podCmd.AddCommand(deployPodCmd) podCmd.AddCommand(deletePodCmd) @@ -313,4 +334,7 @@ func init() { deletePodCmd.Flags().AddFlagSet(deploymentFlags) deletePodCmd.Flags().AddFlagSet(syncFlags) + podCmd.AddCommand(podNamespaceCmd) + podNamespaceCmd.Flags().AddFlagSet(deploymentFlags) + podNamespaceCmd.Flags().AddFlagSet(fundFlags) } diff --git a/cmd/trustedpods/flags.go b/cmd/trustedpods/flags.go index 1985fb06..3e1586d0 100644 --- a/cmd/trustedpods/flags.go +++ b/cmd/trustedpods/flags.go @@ -67,10 +67,10 @@ var _ = func() error { podFlags.StringVar(&manifestFormat, "format", "", fmt.Sprintf("Manifest format. One of %v (leave empty to auto-detect)", pb.FormatNames)) - deploymentFlags.StringVar(&manifestFormat, "deployment-format", "", fmt.Sprintf("Deployment format. One of %v (leave empty to auto-detect)", pb.FormatNames)) + deploymentFlags.StringVar(&deploymentFormat, "deployment-format", "", fmt.Sprintf("Deployment format. One of %v (leave empty to auto-detect)", pb.FormatNames)) deploymentFlags.StringVar(&providerPeer, "provider", "", "provider peer id") deploymentFlags.StringVar(&providerEthAddress, "provider-eth", "", "provider public address") - deploymentFlags.Int64Var(&expirationOffset, "token-expiration", 10, "authentication token expires after token-expiration seconds (expired after 10 seconds by default)") + deploymentFlags.Int64Var(&expirationOffset, "token-expiration", 60, "authentication token expires after token-expiration seconds (expires after 1 minute by default) (note: might need higher values with providers with out-of-sync clocks)") deploymentFlags.StringVar(&ipfsApi, "ipfs", "/ip4/127.0.0.1/tcp/5001", "multiaddr where the ipfs/kubo api can be accessed") deploymentFlags.BoolVar(&authorize, "authorize", false, "Create a key pair for the application and authorize the returned addresses to control the payment channel") deploymentFlags.BoolVar(&verify, "verify", false, "verify the pod images (requires certificate-identity & certificate-oidc-issuer flags)") @@ -100,7 +100,9 @@ var _ = func() error { fundFlags.Int64Var(&unlockTime, "unlock-time", 5*60, "time for unlocking tokens (in seconds)") syncFlags.AddFlag(uploadFlags.Lookup("ipfs")) - syncFlags.StringVar(&publisherKey, "ethereum-key", "", "account string (private key | http[s]://clef#account | /keystore#account | account (in default keystore))") + syncFlags.AddFlag(fundFlags.Lookup("ethereum-key")) + syncFlags.AddFlag(fundFlags.Lookup("ethereum-rpc")) + syncFlags.AddFlag(fundFlags.Lookup("pod-id")) registryFlags.StringVar(&ipfsApi, "ipfs", "/ip4/127.0.0.1/tcp/5001", "multiaddr where the ipfs/kubo api can be accessed") registryFlags.StringVar(®istryContractAddress, "registry-contract", "", "registry contract address") @@ -116,6 +118,7 @@ var _ = func() error { registryFlags.StringVar(&tableId, "id", "", "table id") registryFlags.StringVar(®ion, "region", "", "filter providers by region, Ex: us-east-8") registryFlags.AddFlag(fundFlags.Lookup("ethereum-key")) + registryFlags.AddFlag(fundFlags.Lookup("ethereum-rpc")) return nil }() diff --git a/deploy/.gitignore b/deploy/.gitignore new file mode 100644 index 00000000..8a7a16fb --- /dev/null +++ b/deploy/.gitignore @@ -0,0 +1 @@ +/keys/ diff --git a/deploy/Tiltfile b/deploy/Tiltfile new file mode 100644 index 00000000..9865347f --- /dev/null +++ b/deploy/Tiltfile @@ -0,0 +1,568 @@ +# -*- mode: Python -*- +# SPDX-License-Identifier: GPL-3.0 + +# For more on Extensions, see: https://docs.tilt.dev/extensions.html +load("ext://restart_process", "docker_build_with_restart") +load("ext://namespace", "namespace_create") +load("ext://helm_resource", "helm_resource", "helm_repo") + +local( + "which jq forge cast helm kubectl docker cosign >/dev/null", echo_off=True +) # Check dependencies +cluster_ip = local( + "kubectl get no -o jsonpath --template '{$.items[0].status.addresses[?(.type==\"InternalIP\")].address}'" +) +deploy_dir = os.getcwd() + + +def cosign_keypair(cosign_key="cosign-key", cosign_key_path="deploy/keys", *args, **kwargs): + local_resource( + cosign_key, + "mkdir -p %s; cd %s; [ -f %s.key ] || echo | cosign generate-key-pair --output-key-prefix %s" + % (cosign_key_path, cosign_key_path, cosign_key, cosign_key), + allow_parallel=True, + *args, + **kwargs, + ) + + +def cosign_sign_image( + result_image, + source_image, + source_image_is_dep=True, + cosign_flags="", + image_deps=[], + *args, + **kwargs, +): + cosign_command = ( + "echo | cosign sign --allow-http-registry=true %s $(docker inspect --format='{{index .RepoDigests 0}}' $EXPECTED_REF)" + % (cosign_flags) + ) + if source_image_is_dep: + custom_build( + result_image, + "docker tag $TILT_IMAGE_0 $EXPECTED_REF && docker push $EXPECTED_REF && %s" + % (cosign_command,), + image_deps=[source_image] + image_deps, + **kwargs, + ) + else: + custom_build( + result_image, + "docker pull %s && docker tag %s $EXPECTED_REF && docker push $EXPECTED_REF && %s" + % (source_image, source_image, cosign_command), + image_deps=image_deps, + **kwargs, + ) + + +def cosign_sign_image_key( + *args, + cosign_key="cosign-key", + cosign_key_path="deploy/keys", + deps=[], + **kwargs, +): + cosign_sign_image( + cosign_flags="-y --key=%s/%s.key" % (cosign_key_path, cosign_key), + deps=deps + [cosign_key_path], + *args, + **kwargs, + ) + + +# NOTE: Might need to run `chmod o+rw /run/containerd/containerd.sock` for some forms of image upload to work. +def apocryph_resource( + name, + manifest_file, + builder="apocryph-go-builder", + docker_ipfs="ipfs-local", + ethereum_resource="anvil-deploy-contracts", + ethereum_namespace="eth", + private_key="0x5de4111afa1a4b94908f83103eb1f1706367c2e68ca870fc3fb9a804cdab365a", + pod_id="0x00", + payment_contract="", + registry_contract="", + funds=10000000000000000000000, + upload_images=True, + flags=[], + apply_flags=[], + delete_flags=[], + resource_deps=[], + image_deps=[], + image_containers=[], + deploy_script_json=deploy_dir + "/../contracts/broadcast/Deploy.s.sol/31337/run-latest.json", + *args, + **kwargs, +): + if payment_contract == "": + payment_contract = "$(jq .returns.payment.value %s -r)" % deploy_script_json + if registry_contract == "": + registry_contract = "$(jq .returns.registry.value %s -r)" % deploy_script_json + + # ethereum_port = ( + # "$(kubectl get svc -n %s eth-rpc -o jsonpath --template '{$.spec.ports[0].nodePort}')" + # % ethereum_namespace + # ) + + if type(manifest_file) == "string": + manifest = read_yaml(manifest_file) + elif type(manifest_file) == "blob": + manifest = decode_yaml(manifest_file) + else: + fail("Unsupported type for manifest_file: %s" % type(manifest_file)) + manifest_json = encode_json(manifest) + + manifest_jq_filter = "." + for i, (image, container) in enumerate(zip(image_deps, image_containers)): + if type(container) == "int": + manifest_jq_filter += "| .containers[%s].image=$TILT_IMAGE_%s " % (container, i) + elif type(container) == "string": + manifest_jq_filter += ( + '| (.containers[] | select(.name==\\"%s\\") | .image |= $TILT_IMAGE_%s)' + % (container, i) + ) + else: + fail("Unsupported type for container: %s" % type(container)) + manifest_cmd = 'echo "$MANIFEST_JSON" | jq "%s" --indent 0' % (manifest_jq_filter,) + + common_flags = [ + "--format", + "json", + "--pod-id", + pod_id, + "--ethereum-key", + private_key, + "--ipfs", + "/ip4/127.0.0.1/tcp/5001", # TODO: use docker's routing! e.g. '/dns4/%s/tcp/5001' % docker_ipfs + "--ethereum-rpc", + "http://127.0.0.1:8549", + # "http://%s:%s" % (cluster_ip, ethereum_port), + ] + flags + apply_flags = [ + "--registry-contract", + registry_contract, + "--payment-contract", + payment_contract, + "--upload-images=%s" % ("true" if upload_images else "false"), + "--funds", + str(funds), + ] + apply_flags + + # namespace = local('bash -c "cast keccak (cast concat-hex (cast wallet address %s) (cast to-int256 %s)) | xxd -r -p | base32"' % (private_key, pod_id)) + namespace_cmd = "echo {} | " + cmdline_in_builder( + " ".join(["./bin/trustedpods", "pod", "namespace", "-"] + common_flags), + builder, + interactive=True, + ) + + deploy_cmd = ( + manifest_cmd + + " | " + + cmdline_in_builder( + " ".join(["./bin/trustedpods", "pod", "deploy", "-"] + common_flags + apply_flags), + builder, + interactive=True, + ) + ) + kubectl_command = "kubectl get all -o yaml -n $(%s)" % namespace_cmd + apply_cmd = "set -ex; " + deploy_cmd + " 1>&2" + " && " + kubectl_command + + delete_cmd = ( + manifest_cmd + + " | " + + cmdline_in_builder( + " ".join(["./bin/trustedpods", "pod", "delete", "-"] + common_flags + delete_flags), + builder, + interactive=True, + ) + ) + + k8s_custom_deploy( + name, + apply_cmd=apply_cmd, + apply_env={"MANIFEST_JSON": manifest_json}, + delete_cmd=delete_cmd, + delete_env={"MANIFEST_JSON": manifest_json}, + image_selector="", + live_update=[], + container_selector="", + deps=[], # bin/trustedpods + image_deps=image_deps, + ) + k8s_resource( + name, + resource_deps=resource_deps + [builder, docker_ipfs, ethereum_resource], + pod_readiness="ignore", + *args, + **kwargs, + ) + + +def docker_ipfs_resource( + name, + image, + remote_ipfs_namespace="ipfs", + resource_deps=[], + kwargs_dc={}, + kwargs_config={}, + *args, + **kwargs, +): + # if config.tilt_subcommand != "down": + services = { + name: { + "image": image, + "container_name": name, + "network_mode": "host", # TODO: Figure out a way to use docker's routing! (host likely only used for ipfs) + "volumes": [ + "ipfs-data:/data/ipfs", + "%s/configure-ipfs.sh:/container-init.d/050-configure.sh:ro" % deploy_dir, + ], + }, + } + docker_compose(encode_yaml({"services": services, "volumes": {"ipfs-data": {}}})) + dc_resource(name, *args, **(kwargs | kwargs_dc)) + # Ideally there would be a better way to do this (other than hardcoding the ipfs privkey) + remote_peerid = ( + "$(kubectl exec -n ipfs $(kubectl get po -n %s -o name) -- ipfs config Identity.PeerID)" + % (remote_ipfs_namespace,) + ) + remote_port = ( + "$(kubectl get svc -n %s ipfs-swarm -o jsonpath --template '{$.spec.ports[0].nodePort}')" + % (remote_ipfs_namespace,) + ) + config_cmd = "ipfs swarm peering add /ip4/%s/udp/%s/quic-v1/webtransport/p2p/%s" % ( + cluster_ip, + remote_port, + remote_peerid, + ) + local_resource( + name + "-config", + "docker exec %s %s" % (name, config_cmd), + resource_deps=resource_deps + [name], + allow_parallel=True, + *args, + **(kwargs | kwargs_config), + ) + + +def builder_resource( + name, + image, + dir=".", + write_dir="", + builder_dir="/app", + volumes=[], + volumes_conf={}, + entrypoint=["sleep", "infinity"], + *args, + **kwargs, +): + services = { + name: { + "image": image, + "container_name": name, + "entrypoint": entrypoint, + "working_dir": builder_dir, + "network_mode": "host", # TODO: Figure out a way to use docker's routing! (host likely only used for ipfs) + "volumes": ( + [ + "%s:%s" % (dir, builder_dir), + ] + if write_dir == "" + else [ + "%s:%s:ro" % (dir, builder_dir), + "%s/%s:%s/%s:rw" % (dir, write_dir, builder_dir, write_dir), + ] + ) + + volumes, + }, + } + docker_compose(encode_yaml({"services": services, "volumes": volumes_conf})) + dc_resource(name, *args, **kwargs) + + +def local_resource_in_builder(name, cmd, builder, resource_deps=[], *args, **kwargs): + local_resource( + name, + cmdline_in_builder(cmd, builder), + resource_deps=resource_deps + [builder], + *args, + **kwargs, + ) + + +def cmdline_in_builder(cmd, builder, *, interactive=False): + flags = [] + if interactive: + flags += ["-i"] + if type(cmd) == "list": + return ["docker", "exec"] + flags + [builder] + cmd + else: + return "docker exec %s %s %s" % (" ".join(flags), builder, cmd) + + +def apocryph_build_with_builder( + root_dir=deploy_dir + "/..", + cosign_key=None, + cosign_key_path="deploy/keys/", + skip_images=False, +): + if cosign_key == None: + cosign_key = "cosign-key" + cosign_keypair(cosign_key, cosign_key_path) + + docker_build( + "comradecoop/apocryph/go-builder", + root_dir, + dockerfile=root_dir + "/Dockerfile", + target="build-dependencies", + only=[root_dir + "/Dockerfile"], + ) + builder_resource( + "apocryph-go-builder", + "comradecoop/apocryph/go-builder", + dir=root_dir, + write_dir="bin", + volumes=["go-cache:/root/.cache/go-build", "go-mod-cache:/go/pkg/mod"], + volumes_conf={"go-cache": {}, "go-mod-cache": {}}, + ) + + local_resource_in_builder( + "tpodserver-go-compile", + 'go build -v -buildvcs=false -ldflags="-s -w" -o bin/ ./cmd/tpodserver ./cmd/ipfs-p2p-helper ./cmd/trustedpods ./pkg/proxy', + "apocryph-go-builder", + deps=[root_dir + "/cmd", root_dir + "/pkg"], + allow_parallel=True, + ) + + if not skip_images: + docker_build_with_restart( + "comradecoop/apocryph/server", + root_dir, + dockerfile="./Dockerfile", + target="server-copy-local", + entrypoint=["/usr/local/bin/tpodserver"], + only=[root_dir + "/bin"], + live_update=[ + sync(root_dir + "/bin", "/usr/local/bin/"), + ], + ) + docker_build_with_restart( + "comradecoop/apocryph/p2p-helper", + root_dir, + dockerfile="./Dockerfile", + target="p2p-helper-copy-local", + entrypoint=["/usr/local/bin/ipfs-p2p-helper"], + only=[root_dir + "/bin"], + live_update=[ + sync(root_dir + "/bin", "/usr/local/bin/"), + ], + ) + + # https://stackoverflow.com/a/33511811 for $(docker inspect --format ...) + docker_build_with_restart( + "comradecoop/apocryph/tpod-proxy-unsigned", + root_dir, + dockerfile="./Dockerfile", + target="tpod-proxy-copy-local", + entrypoint=["/usr/local/bin/tpod-proxy"], + only=[root_dir + "/bin"], + live_update=[ + sync(root_dir + "/bin", "/usr/local/bin/"), + ], + ) + + cosign_sign_image_key( + "comradecoop/apocryph/tpod-proxy", + "comradecoop/apocryph/tpod-proxy-unsigned", + cosign_key=cosign_key, + cosign_key_path=cosign_key_path, + live_update=[ + sync(root_dir + "/bin", "/usr/local/bin/"), + ], + ) + + +""" # TODO: Need to also build a trustedpods image for use with apocryph_resource... +def apocryph_build_with_dockerfile(): + docker_build( + "comradecoop/apocryph/server", + ".", + dockerfile="./Dockerfile", + target="server", + only=["./go.mod", "./go.sum", "./pkg", "./cmd/tpodserver"], + ) + docker_build( + "comradecoop/apocryph/p2p-helper", + ".", + dockerfile="./Dockerfile", + target="p2p-helper", + only=["./go.mod", "./go.sum", "./pkg", "./cmd/ipfs.p2p-helper"], + ) +""" + + +def deploy_apocryph_stack( + root_dir=deploy_dir + "/..", + deployer_key="0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80", + cosign_key="cosign-key", + cosign_key_path="deploy/keys/", +): + # TODO: Run metrics-server!! + + update_settings(k8s_upsert_timeout_secs=160) + + # NOTE: Code below duplicates ./constellation/helmfile.yaml + helm_repo("kedacore", "https://kedacore.github.io/charts") + helm_repo("ingress-nginx-chart", "https://kubernetes.github.io/ingress-nginx") + helm_repo("prometheus-community", "https://prometheus-community.github.io/helm-charts") + helm_repo("grafana", "https://grafana.github.io/helm-charts") + helm_repo("sigstore", "https://sigstore.github.io/helm-charts") + + helm_resource( + "policy-controller", + "sigstore/policy-controller", + namespace="policy-controller", + resource_deps=["sigstore"], + labels=["apocryph-deps"], + flags=["--create-namespace"], + ) + helm_resource( + "keda", + "kedacore/keda", + namespace="keda", + resource_deps=["kedacore"], + labels=["apocryph-deps"], + flags=["--create-namespace"], + ) + helm_resource( + "ingress-nginx", + "ingress-nginx-chart/ingress-nginx", + namespace="keda", + resource_deps=["ingress-nginx-chart"], + labels=["apocryph-deps", "flaky"], + flags=["--create-namespace"], + ) + k8s_yaml(root_dir + "/deploy/charts/keda/ingress.yml") + k8s_resource( + objects=["keda-ingress:ingress"], + new_name="keda-ingress", + resource_deps=["ingress-nginx", "keda-http-addon"], + labels=["apocryph-deps", "flaky"], + ) + + helm_resource( + "keda-http-addon", + "kedacore/keda-add-ons-http", + namespace="keda", + resource_deps=["kedacore", "keda"], + labels=["apocryph-deps"], + flags=[ + "--set=interceptor.replicas.min=1", + "--set=interceptor.waitTimeout=40s", + "--set=scaler.replicas=1", + "--create-namespace", + ], + ) + helm_resource( + "prometheus", + "prometheus-community/prometheus", + namespace="prometheus", + resource_deps=["prometheus-community"], + labels=["apocryph-deps"], + flags=[ + "--set=alertmanager.enabled=false", + "--set=prometheus-node-exporter.enabled=false", + "--create-namespace", + ], + ) + helm_resource( + "loki", + "grafana/loki-stack", + namespace="loki", + deps=[root_dir + "/deploy/charts/loki/values.yml"], + resource_deps=["grafana"], + labels=["apocryph-deps"], + flags=["-f", root_dir + "/deploy/charts/loki/values.yml", "--create-namespace"], + ) + + namespace_create("eth") + # TODO: Recreate anvil when we have new contracts code + k8s_yaml(listdir(root_dir + "/deploy/charts/eth/")) + k8s_resource("anvil", labels=["apocryph-dev"]) + + helm_resource( + "ipfs", + root_dir + "/deploy/charts/ipfs/", + namespace="ipfs", + deps=[root_dir + "/charts/deploy/ipfs/"], + labels=["apocryph"], + flags=["--set=swarm.announceIp=%s" % cluster_ip, "--create-namespace"], + image_keys=["p2phelper.image"], + image_deps=["comradecoop/apocryph/p2p-helper"], + ) + + helm_resource( + "trustedpods", + root_dir + "/deploy/charts/trustedpods/", + namespace="trustedpods", + deps=[root_dir + "/deploy/charts/trustedpods/", cosign_key_path], + resource_deps=["anvil", "ipfs", "loki", "anvil-deploy-contracts", "policy-controller"], + labels=["apocryph"], + image_keys=["image", "policy.image"], + image_deps=["comradecoop/apocryph/server", "comradecoop/apocryph/tpod-proxy"], + flags=[ + "--set-json", + "policy.issuer=false", + "--set-json", + "policy.subject=false", + "--set-file", + "policy.key=%s/%s.pub" % (cosign_key_path, cosign_key), + # "policy.key=%s/%s.pub" % (root_dir, 'cosign'), # TODO: For some reason it still works with this + "--create-namespace", + ], + ) + # NOTE: Code above duplicates ./constellation/helmfile.yaml + + +def deploy_apocryph_local( + root_dir=deploy_dir + "/..", + deployer_key="0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80", + cosign_key="cosign-key", + cosign_key_path="deploy/keys/", + resource_deps=["ipfs", "anvil"], +): + if len(resource_deps) == 0: # HACK + local_resource( + "ingress-nginx-portforward", + serve_cmd="kubectl port-forward -n keda svc/ingress-nginx-controller 8004:80", + ) + local_resource( + "anvil-portforward", + serve_cmd="kubectl port-forward -n eth svc/eth-rpc 8549:8545", + ) + else: + k8s_resource(workload="ingress-nginx", port_forwards=["8004:80"]) + k8s_resource(workload="anvil", port_forwards=["8549:8545"]) + + docker_ipfs_resource( + "ipfs-local", + "docker.io/ipfs/kubo:v0.23.0", + "ipfs", + labels=["apocryph-dev", "flaky"], + resource_deps=resource_deps, + ) + + local_resource( # TODO: Move to container! + "anvil-deploy-contracts", + labels=["apocryph", "flaky"], + dir="./contracts/", + # [ -f ./broadcast/Deploy.s.sol/31337/run-latest.json ] || + cmd="forge script script/Deploy.s.sol --rpc-url http://127.0.0.1:8549 --private-key %s --broadcast" + % (deployer_key,), + resource_deps=resource_deps, + deps=["./contracts/src", "./contracts/script", "./contracts/lib"], + ) diff --git a/test/e2e/constellation/miniconstellation/eth/anvil.yml b/deploy/charts/eth/anvil-proxy.yml similarity index 55% rename from test/e2e/constellation/miniconstellation/eth/anvil.yml rename to deploy/charts/eth/anvil-proxy.yml index 4b6adbb1..4e9dd200 100644 --- a/test/e2e/constellation/miniconstellation/eth/anvil.yml +++ b/deploy/charts/eth/anvil-proxy.yml @@ -6,12 +6,13 @@ metadata: labels: app: eth spec: + type: ClusterIP + selector: + app: anvil ports: - name: jsonrpc port: 8545 - targetPort: jsonrpc - selector: - provide: eth-rpc + targetPort: 8545 --- apiVersion: apps/v1 kind: Deployment @@ -27,15 +28,11 @@ spec: metadata: labels: app: anvil - provide: eth-rpc spec: containers: - name: anvil - image: ghcr.io/foundry-rs/foundry:nightly-619f3c56302b5a665164002cb98263cd9812e4d5 - command: ["anvil", "--state", "/data/anvil-state"] + image: ghcr.io/foundry-rs/foundry:nightly-25f24e677a6a32a62512ad4f561995589ac2c7dc # comradecoop/apocryph/test-anvil ports: - - name: jsonrpc - containerPort: 8545 - env: - - name: ANVIL_IP_ADDR - value: 0.0.0.0 + - containerPort: 8545 + command: ["anvil", "--host", "0.0.0.0"] + diff --git a/deploy/charts/ipfs/Chart.yaml b/deploy/charts/ipfs/Chart.yaml new file mode 100644 index 00000000..b0f6f39b --- /dev/null +++ b/deploy/charts/ipfs/Chart.yaml @@ -0,0 +1,24 @@ +apiVersion: v2 +name: ipfs +description: A Helm chart for Kubernetes + +# A chart can be either an 'application' or a 'library' chart. +# +# Application charts are a collection of templates that can be packaged into versioned archives +# to be deployed. +# +# Library charts provide useful utilities or functions for the chart developer. They're included as +# a dependency of application charts to inject those utilities and functions into the rendering +# pipeline. Library charts do not define any templates and therefore cannot be deployed. +type: application + +# This is the chart version. This version number should be incremented each time you make changes +# to the chart and its templates, including the app version. +# Versions are expected to follow Semantic Versioning (https://semver.org/) +version: 0.1.0 + +# This is the version number of the application being deployed. This version number should be +# incremented each time you make changes to the application. Versions are not expected to +# follow Semantic Versioning. They should reflect the version the application is using. +# It is recommended to use it with quotes. +appVersion: "0.30.0" diff --git a/deploy/charts/ipfs/templates/NOTES.txt b/deploy/charts/ipfs/templates/NOTES.txt new file mode 100644 index 00000000..5e95a349 --- /dev/null +++ b/deploy/charts/ipfs/templates/NOTES.txt @@ -0,0 +1,3 @@ +__ _ ___ _ _ __ _ _ _ +| \|_\ / | |_)|_(_ |\ |/ \| \|_ +|_/|_ \/ _|_| | __) | \|\_/|_/|_ diff --git a/test/e2e/minikube/ipfs/ipfs.yml b/deploy/charts/ipfs/templates/ipfs.yml similarity index 79% rename from test/e2e/minikube/ipfs/ipfs.yml rename to deploy/charts/ipfs/templates/ipfs.yml index 7168832f..15fe9d53 100644 --- a/test/e2e/minikube/ipfs/ipfs.yml +++ b/deploy/charts/ipfs/templates/ipfs.yml @@ -2,7 +2,6 @@ apiVersion: v1 kind: Service metadata: name: ipfs-rpc - namespace: ipfs labels: app: ipfs spec: @@ -18,7 +17,6 @@ apiVersion: v1 kind: Service metadata: name: ipfs-swarm - namespace: ipfs labels: app: ipfs spec: @@ -27,10 +25,12 @@ spec: port: 4001 protocol: TCP targetPort: swarm-tcp + nodePort: {{ .Values.swarm.nodePort }} - name: swarm-udp port: 4001 protocol: UDP targetPort: swarm-udp + nodePort: {{ .Values.swarm.nodePort }} type: NodePort selector: app: ipfs @@ -39,23 +39,26 @@ apiVersion: v1 kind: ConfigMap metadata: name: ipfs-config - namespace: ipfs data: configure.sh: | #!/bin/sh set -ex ipfs config --json Experimental.Libp2pStreamMounting true + {{ if .Values.swarm.announceIp }} + ipfs config --json Addresses.Announce '["/ip4/{{ .Values.swarm.announceIp }}/tcp/{{ .Values.swarm.nodePort }}", "/ip4/{{ .Values.swarm.announceIp }}/udp/{{ .Values.swarm.nodePort }}/quic", "/ip4/{{ .Values.swarm.announceIp }}/udp/{{ .Values.swarm.nodePort }}/quic-v1", "/ip4/{{ .Values.swarm.announceIp }}/udp/{{ .Values.swarm.nodePort }}/quic-v1/webtransport"]' + {{ end }} + --- apiVersion: apps/v1 kind: StatefulSet metadata: name: ipfs - namespace: ipfs spec: replicas: 1 selector: matchLabels: app: ipfs + serviceName: ipfs-rpc template: metadata: labels: @@ -86,8 +89,8 @@ spec: - name: IPFS_PROFILE value: - name: p2p-helper - image: host.minikube.internal:5000/comradecoop/apocryph/p2p-helper - command: ["ipfs-p2p-helper", "run", "--ipfs", "/ip4/127.0.0.1/tcp/5001"] + image: {{ .Values.p2phelper.image }} + args: ["run", "--ipfs", "/ip4/127.0.0.1/tcp/5001"] volumes: - name: init-scripts configMap: diff --git a/test/e2e/minikube/ipfs/serviceaccount.yml b/deploy/charts/ipfs/templates/serviceaccount.yml similarity index 97% rename from test/e2e/minikube/ipfs/serviceaccount.yml rename to deploy/charts/ipfs/templates/serviceaccount.yml index b0961dbc..b70d0f9e 100644 --- a/test/e2e/minikube/ipfs/serviceaccount.yml +++ b/deploy/charts/ipfs/templates/serviceaccount.yml @@ -4,7 +4,6 @@ metadata: labels: app: ipfs name: ipfs-p2p-serviceaccount - namespace: ipfs # --- # apiVersion: rbac.authorization.k8s.io/v1 # kind: ClusterRole diff --git a/deploy/charts/ipfs/values.yaml b/deploy/charts/ipfs/values.yaml new file mode 100644 index 00000000..e25d35c8 --- /dev/null +++ b/deploy/charts/ipfs/values.yaml @@ -0,0 +1,5 @@ +swarm: + nodePort: 30629 + announceIp: 127.0.0.1 +p2phelper: + image: comradecoop/apocryph/p2p-helper diff --git a/test/e2e/constellation/miniconstellation/keda/ingress.yml b/deploy/charts/keda/ingress.yml similarity index 100% rename from test/e2e/constellation/miniconstellation/keda/ingress.yml rename to deploy/charts/keda/ingress.yml diff --git a/test/e2e/constellation/miniconstellation/loki/values.yml b/deploy/charts/loki/values.yml similarity index 100% rename from test/e2e/constellation/miniconstellation/loki/values.yml rename to deploy/charts/loki/values.yml diff --git a/test/e2e/minikube/trustedpods/.helmignore b/deploy/charts/trustedpods/.helmignore similarity index 100% rename from test/e2e/minikube/trustedpods/.helmignore rename to deploy/charts/trustedpods/.helmignore diff --git a/test/e2e/minikube/trustedpods/Chart.yaml b/deploy/charts/trustedpods/Chart.yaml similarity index 100% rename from test/e2e/minikube/trustedpods/Chart.yaml rename to deploy/charts/trustedpods/Chart.yaml diff --git a/test/e2e/minikube/trustedpods/templates/NOTES.txt b/deploy/charts/trustedpods/templates/NOTES.txt similarity index 100% rename from test/e2e/minikube/trustedpods/templates/NOTES.txt rename to deploy/charts/trustedpods/templates/NOTES.txt diff --git a/deploy/charts/trustedpods/templates/proxypolicy.yml b/deploy/charts/trustedpods/templates/proxypolicy.yml new file mode 100644 index 00000000..01f1d852 --- /dev/null +++ b/deploy/charts/trustedpods/templates/proxypolicy.yml @@ -0,0 +1,21 @@ +{{ if .Values.policy.enable }} +apiVersion: policy.sigstore.dev/v1beta1 +kind: ClusterImagePolicy +metadata: + name: tpod-proxy-policy +spec: + images: + - glob: {{.Values.policy.imageGlob|quote}} + authorities: + {{ if .Values.policy.issuer }} + - keyless: + identities: + - issuer: {{ .Values.policy.issuer | quote }} + subject: {{ .Values.policy.subject | quote }} + {{ end }} + {{ if .Values.policy.key }} + - key: + data: |{{ .Values.policy.key | nindent 10 }} + {{ end }} +{{ end }} +--- diff --git a/test/e2e/constellation/miniconstellation/trustedpods/serviceaccount.yml b/deploy/charts/trustedpods/templates/serviceaccount.yml similarity index 100% rename from test/e2e/constellation/miniconstellation/trustedpods/serviceaccount.yml rename to deploy/charts/trustedpods/templates/serviceaccount.yml diff --git a/test/e2e/minikube/trustedpods/templates/tpodserver.yml b/deploy/charts/trustedpods/templates/tpodserver.yml similarity index 73% rename from test/e2e/minikube/trustedpods/templates/tpodserver.yml rename to deploy/charts/trustedpods/templates/tpodserver.yml index 8609b811..3fa803f0 100644 --- a/test/e2e/minikube/trustedpods/templates/tpodserver.yml +++ b/deploy/charts/trustedpods/templates/tpodserver.yml @@ -71,9 +71,8 @@ spec: spec: containers: - name: tpodserver - image: host.minikube.internal:5000/comradecoop/apocryph/server - command: [ - "tpodserver", "listen", + image: {{ .Values.image }} + args: ["listen", "--address", "0.0.0.0:8080", "--config", "config.yaml", "--ipfs", "/dns4/ipfs-rpc.ipfs.svc.cluster.local/tcp/5001", @@ -95,16 +94,13 @@ spec: - name: containerd-socket mountPath: /run/containerd/containerd.sock - name: tpodmonitor - image: host.minikube.internal:5000/comradecoop/apocryph/server - command: [ - "tpodserver", "monitor", + image: {{ .Values.image }} + args: ["monitor", "--config", "config.yaml", "--prometheus", "http://prometheus-server.prometheus.svc.cluster.local:80/", "--ethereum-rpc", "http://eth-rpc.eth.svc.cluster.local:8545", "--ethereum-key", {{ .Values.ethKey }}, # TODO= anvil.accounts[1] ] - ports: - - containerPort: 8080 volumeMounts: - name: configs mountPath: /config.yaml @@ -121,3 +117,37 @@ spec: hostPath: path: /run/containerd/containerd.sock serviceAccountName: tpodserver-serviceaccount +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: tpodserver-register + namespace: trustedpods +spec: + ttlSecondsAfterFinished: 10 + template: + spec: + restartPolicy: OnFailure + containers: + - name: tpodregister + image: {{ .Values.image }} + args: ["registry", "register", + "--config", "config.yaml", + "--ipfs", "/dns4/ipfs-rpc.ipfs.svc.cluster.local/tcp/5001", + "--ethereum-rpc", "http://eth-rpc.eth.svc.cluster.local:8545", + "--ethereum-key", {{ .Values.ethKey }}, # TODO= anvil.accounts[1] prvkey + "--token-contract", {{ .Values.tokenContract }}, + "--registry-contract", {{ .Values.registryContract }}, + ] + volumeMounts: + - name: configs + mountPath: /config.yaml + subPath: config.yaml + readOnly: true + volumes: + - name: configs + configMap: + name: trustedpods-configs + items: + - key: config.yaml + path: config.yaml diff --git a/deploy/charts/trustedpods/values.yaml b/deploy/charts/trustedpods/values.yaml new file mode 100644 index 00000000..8979ef9c --- /dev/null +++ b/deploy/charts/trustedpods/values.yaml @@ -0,0 +1,12 @@ +image: "comradecoop/apocryph/server" +ethKey: "0x59c6995e998f97a5a0044966f0945389dc9e86dae88c7a8412f4603b6b78690d" +withdraw: + address: "0x70997970C51812dc3A010C7d01b50e0d17dc79C8" +tokenContract: "0x5FbDB2315678afecb367f032d93F642f64180aa3" +registryContract: "0x9fE46736679d2D9a65F0992F2272dE9f3c7fa6e0" +policy: + enable: false + issuer: https://github.com/login/oauth + subject: comrade@email.example + image: comradecoop/apocryph/tpod-proxy:latest + imageGlob: "**apocryph/tpod-proxy**" diff --git a/deploy/configure-ipfs.sh b/deploy/configure-ipfs.sh new file mode 100755 index 00000000..6ac41fb6 --- /dev/null +++ b/deploy/configure-ipfs.sh @@ -0,0 +1,4 @@ +#!/bin/sh + +ipfs config --json Experimental.Libp2pStreamMounting true +ipfs config Addresses.Gateway /ip4/127.0.0.1/tcp/8082 diff --git a/test/e2e/constellation/qemu/build.sh b/deploy/constellation/build-qemu.sh similarity index 69% rename from test/e2e/constellation/qemu/build.sh rename to deploy/constellation/build-qemu.sh index 9137326c..8308f7a2 100755 --- a/test/e2e/constellation/qemu/build.sh +++ b/deploy/constellation/build-qemu.sh @@ -1,52 +1,48 @@ #!/bin/sh set -e + +which helmfile >/dev/null +which basel >/dev/null || { echo "Install Bazel, ideally through Bazelisk, https://bazel.build/install/bazelisk"; exit 1; } +which nix >/dev/null || { echo "Install Nix, https://nixos.org/download/"; exit 1; } + set -v -CHART_PATH="$1" SUFFIX=$RANDOM -CONSTELLATION_PATH="../../../../constellation" WORKSPACE_PATH="$HOME/.apocryph/constellation-$SUFFIX" echo "WORKSPACE_PATH:: $WORKSPACE_PATH" -CURRENT_DIR=$(pwd) -if [ -n "$2" ]; then - STEP=${2:-1} +SCRIPT_DIR=$(realpath $(dirname "$0")) +HELMFILE_PATH="$SCRIPT_DIR/helmfile.yaml" +CONSTELLATION_SRC="$SCRIPT_DIR/constellation-src" + +if [ -n "$1" ]; then + STEP=${1:-1} eval "set -v; $(sed -n "/## $STEP: /{:a;n;p;ba};" $0)" exit fi -# Check the number of arguments -if [ "$#" -lt 1 ]; then - echo "Usage: $0 " - exit 1 -fi - if [ "$1" = "teardown" ]; then - ( cd $WORKSPACE_PATH; constellation terminate ) + sudo rm -r "$WORKSPACE_PATH" exit 0 fi -sudo chmod o+rw /run/containerd/containerd.sock - ## 0: Generate helm template and inject it into constellation base image -helmfile template -f "$CHART_PATH" > "$CONSTELLATION_PATH/image/base/mkosi.skeleton/usr/lib/helmfile-template" +helmfile template -f "$HELMFILE_PATH" --kube-version 1.30.0 > "$CONSTELLATION_SRC/image/base/mkosi.skeleton/usr/lib/helmfile-template" ## 1: Build modified image -cd $CURRENT_DIR -cd "$CONSTELLATION_PATH" +pushd "$CONSTELLATION_SRC" bazel run //:tidy +popd ## 1.1: Build the image -cd $CURRENT_DIR -cd "$CONSTELLATION_PATH" +pushd "$CONSTELLATION_SRC" bazel build //image/system:qemu_stable - +popd ## 2: create & configure constellation workspace set -e set -v -cd "$CURRENT_DIR" -cd "$CONSTELLATION_PATH" +pushd "$CONSTELLATION_SRC" # Get the new image measurements link=$(readlink -f bazel-out/k8-opt/bin/image/system/qemu_qemu-vtpm_stable) output=$(bazel run --run_under="sudo -E" //image/measured-boot/cmd $link/constellation.raw "/tmp/custom-measurements.json" 2>&1) # second arg needed @@ -60,13 +56,10 @@ echo "PCR4: $PCR4" echo "PCR9: $PCR9" echo "PCR11: $PCR11" -if [ -d "$WORKSPACE_PATH" ]; then - cd "$WORKSPACE_PATH" && constellation terminate 2>/dev/null - sudo rm -r "$WORKSPACE_PATH" -fi +popd mkdir -p "$WORKSPACE_PATH" -cd "$WORKSPACE_PATH" +pushd "$WORKSPACE_PATH" constellation config generate qemu @@ -84,8 +77,9 @@ version=$(echo "$output" | grep -oP 'Version:\s+\K\S+' | head -n 1) # Copy the image & rename it to the current constellation version to bypass downloading upstream image cp $link/constellation.raw "$version.raw" +popd -export KUBECONFIG="$HOME/.apocryph/constellation-$SUFFIX/constellation-admin.conf" +export KUBECONFIG="$WORKSPACE_PATH/constellation-admin.conf" diff --git a/constellation b/deploy/constellation/constellation-src similarity index 100% rename from constellation rename to deploy/constellation/constellation-src diff --git a/deploy/constellation/deploy-miniconstellation.sh b/deploy/constellation/deploy-miniconstellation.sh new file mode 100755 index 00000000..c29b0d37 --- /dev/null +++ b/deploy/constellation/deploy-miniconstellation.sh @@ -0,0 +1,76 @@ +#!/usr/bin/env bash +# SPDX-License-Identifier: GPL-3.0 + +set -e + +which sed >/dev/null +which helmfile >/dev/null; which helm >/dev/null; which kubectl >/dev/null +which constellation >/dev/null || { echo "Install Constellation, https://docs.edgeless.systems/constellation/getting-started/first-steps-local#software-installation-on-ubuntu"; exit 1; } + +WORKSPACE_PATH="$HOME/.apocryph/constellation-mini" +SCRIPT_DIR=$(realpath $(dirname "$0")) +REPO_DIR="$SCRIPT_DIR/../../" + +# based on https://stackoverflow.com/a/31269848 / https://bobcopeland.com/blog/2012/10/goto-in-bash/ +if [ -n "$1" ]; then + STEP=${1:-1} + eval "set -v; $(sed -n "/## $STEP: /{:a;n;p;ba};" $0)" + exit +fi + +echo -e "\e[1;32m---" +echo "Note: To skip steps, use '$0 '" +echo " e.g. to skip ahead to configuring IPFS, run '$0 1.2'" +echo -e "---\e[0m" + +set -v + +## 1: Start Miniconstellation ## + +echo 'CONSTELLATION_PATH='$CONSTELLATION_PATH + +mkdir -p $WORKSPACE_PATH +pushd "$WORKSPACE_PATH" + +constellation mini up || true + +kubectl patch -n kube-system configmap ip-masq-agent --type merge -p '{"data":{"config": "{\"masqLinkLocal\":true,\"nonMasqueradeCIDRs\":[]}"}}' +kubectl rollout restart -n kube-system daemonset cilium +kubectl delete pod -l k8s-app=join-service -n kube-system + +popd + +## 2: Apply the Helm configuration ## + +pushd "$SCRIPT_DIR" + +# IMAGE_PREFIX=$(uuidgen) +# docker build -t ttl.sh/$IMAGE_PREFIX-apocryph-server:1h . --target server-copy-local +# docker push ttl.sh/$IMAGE_PREFIX-apocryph-server:1h +## replace ghcr.io/comrade-coop/apocryph/server:master with ttl.sh/$IMAGE_PREFIX-apocryph-server:1h in helmfile.yaml + +helmfile sync || kubectl wait --namespace keda --for=condition=available deployment/ingress-nginx-controller && helmfile sync + +popd + +echo "Run \`$0 example\` to also run a tilt example" +echo "Run \`$0 teardown\` to stop everything" +exit 0 + +## example: Start a tilt example ## + +pushd "$REPO_DIR" + +tilt up -- --deploy-stack=False --include ./test/e2e/nginx/Tiltfile --allow-context 'mini-qemu-admin@mini-qemu' + +popd + +exit 0 +## teardown: Stop Miniconstellation ## + +pushd "$REPO_DIR" + +constellation mini down + +popd + diff --git a/deploy/constellation/deploy-qemu.sh b/deploy/constellation/deploy-qemu.sh new file mode 100755 index 00000000..e385f64d --- /dev/null +++ b/deploy/constellation/deploy-qemu.sh @@ -0,0 +1,64 @@ +#!/bin/bash +set -e +set -v + +which constellation >/dev/null; which kubectl >/dev/null; which tilt >/dev/null + +WORKSPACE_PATH=$(echo "$HOME/.apocryph/constellation-"*) +SCRIPT_DIR=$(realpath $(dirname "$0")) +REPO_DIR="$SCRIPT_DIR/../../" + +# based on https://stackoverflow.com/a/31269848 / https://bobcopeland.com/blog/2012/10/goto-in-bash/ +if [ -n "$1" ]; then + STEP=${1:-1} + eval "set -v; $(sed -n "/## $STEP: /{:a;n;p;ba};" $0)" + exit +fi + +echo -e "\e[1;32m---" +echo "Note: To skip steps, use '$0 '" +echo -e "---\e[0m" + +## 0: Build custom OS image & run the cluster ## + +"$SCRIPT_DIR/build-qemu.sh" + +## 1: Start the Constellation cluster ## + +pushd "$WORKSPACE_PATH" +constellation terminate || true +constellation apply -y +popd + +## 1.1: Wait for the setup ## + +export KUBECONFIG="$WORKSPACE_PATH/constellation-admin.conf" + +kubectl wait --namespace keda --for=condition=available deployment/ingress-nginx-controller +kubectl wait --namespace prometheus --for=condition=available deployment/prometheus-kube-state-metrics +kubectl wait --namespace prometheus --for=condition=available deployment/prometheus-prometheus-pushgateway +kubectl wait --namespace prometheus --for=condition=available deployment/prometheus-server +kubectl wait --namespace ipfs --for=condition=available StatefulSet/ipfs +kubectl wait --namespace trustedpods --for=condition=available deployment/tpodserver + +echo "Run \`$0 example\` to also run a tilt example" +echo "Run \`$0 teardown\` to stop everything" + +exit 0 +## example: start tilt + +pushd "$REPO_DIR" + +tilt up -- --deploy-stack=False --include ./test/e2e/nginx/Tiltfile + +popd + +exit 0 +## teardown: Stop the Constellation cluster ## + +pushd "$REPO_DIR" + +constellation terminate + +popd + diff --git a/test/e2e/minikube/helmfile.yaml b/deploy/constellation/helmfile-gcp.yaml similarity index 50% rename from test/e2e/minikube/helmfile.yaml rename to deploy/constellation/helmfile-gcp.yaml index f34e863b..b4939df6 100644 --- a/test/e2e/minikube/helmfile.yaml +++ b/deploy/constellation/helmfile-gcp.yaml @@ -1,3 +1,4 @@ +# NOTE: Code below duplicates deploy_apocryph_stack in ../Tiltfile repositories: - name: kedacore url: https://kedacore.github.io/charts @@ -9,34 +10,52 @@ repositories: url: https://grafana.github.io/helm-charts - name: sigstore url: https://sigstore.github.io/helm-charts + releases: + - name: namespaces # Helmfile exclusive, see https://github.com/helm/helm/issues/9813 + namespace: default + chart: ./namespaces + + - name: policy-controller + namespace: policy-controller + chart: sigstore/policy-controller + needs: + - default/namespaces + - name: keda namespace: keda chart: kedacore/keda + needs: + - default/namespaces + - name: ingress-nginx namespace: keda chart: ingress-nginx/ingress-nginx - hooks: - - events: ['postsync'] - showlogs: true - command: 'kubectl' - args: - - 'wait' - - '--namespace' - - 'keda' - - '--for=condition=available' - - 'deployment/ingress-nginx-controller' - - '--timeout=500000s' + needs: + - default/namespaces + + - name: keda-ingress + chart: ../charts/keda + namespace: keda + needs: + - keda-http-addon + - ingress-nginx # NOTE: nginx admission controllers typically fails to wait long enough for nginx to start at this step + - default/namespaces + - name: keda-http-addon namespace: keda chart: kedacore/keda-add-ons-http set: - name: interceptor.replicas.min value: 1 + - name: scaler.replicas + value: 1 - name: interceptor.waitTimeout value: 40s needs: - keda + - default/namespaces + - name: prometheus chart: prometheus-community/prometheus namespace: prometheus @@ -45,26 +64,44 @@ releases: value: false - name: prometheus-node-exporter.enabled value: false - - name: keda-fixes - chart: ./keda - namespace: keda + - name: server.persistentVolume.size # Helmfile exclusive, reduce prometheus PV + value: 1Gi needs: - - keda-http-addon - - ingress-nginx # NOTE: nginx admission controllers typically fails to wait long enough for nginx to start at this step - - name: ipfs - chart: ./ipfs - namespace: ipfs + - default/namespaces + - name: loki chart: grafana/loki-stack namespace: loki values: - - ./loki/values.yml - - name: trustedpods - chart: ./trustedpods - namespace: trustedpods + - ../charts/loki/values.yml + needs: + - default/namespaces + + - name: ipfs + chart: ../charts/ipfs + namespace: ipfs + set: + - name: swarm.announceIp # Helmfile exclusive, don't change announce IP + value: false + - name: p2phelper.image # Helmfile exclusive, use ghcr images + value: ghcr.io/comrade-coop/apocryph/p2p-helper:master + needs: + - default/namespaces + - name: eth - chart: ./eth + chart: ../charts/eth namespace: eth - - name: policy-controller - chart: sigstore/policy-controller - namespace: policy-controller + needs: + - default/namespaces + + - name: trustedpods + chart: ../charts/trustedpods + namespace: trustedpods + set: + - name: policy.enable # Helmfile exclusive, disable policy + value: false + - name: image # Helmfile exclusive, use ghcr images + value: ghcr.io/comrade-coop/apocryph/server:master + needs: + - default/namespaces +# NOTE: Code above duplicates deploy_apocryph_stack in ../Tiltfile diff --git a/deploy/constellation/helmfile.yaml b/deploy/constellation/helmfile.yaml new file mode 100644 index 00000000..952f8e69 --- /dev/null +++ b/deploy/constellation/helmfile.yaml @@ -0,0 +1,126 @@ +# NOTE: Code below duplicates deploy_apocryph_stack in ../Tiltfile +repositories: + - name: kedacore + url: https://kedacore.github.io/charts + - name: ingress-nginx + url: https://kubernetes.github.io/ingress-nginx + - name: prometheus-community + url: https://prometheus-community.github.io/helm-charts + - name: grafana + url: https://grafana.github.io/helm-charts + - name: sigstore + url: https://sigstore.github.io/helm-charts + - name: local-path-provisioner # Helmfile exclusive, constellation qemu doesn't have PV-s yet + # For url, see also https://github.com/rancher/local-path-provisioner/issues/89 + url: git+https://github.com/rancher/local-path-provisioner@deploy/chart?ref=master + +releases: + - name: namespaces # Helmfile exclusive, see https://github.com/helm/helm/issues/9813 + namespace: default + chart: ./namespaces + + - name: local-path-storage # Helmfile exclusive, constellation qemu/mini doesn't have PV-s yet + namespace: local-path-storage + chart: local-path-provisioner/local-path-provisioner + set: + - name: storageClass.defaultClass + value: true + needs: + - default/namespaces + + - name: policy-controller + namespace: policy-controller + chart: sigstore/policy-controller + needs: + - default/namespaces + + - name: keda + namespace: keda + chart: kedacore/keda + needs: + - default/namespaces + + - name: ingress-nginx + namespace: keda + chart: ingress-nginx/ingress-nginx + set: # Helmfile exclusive, we don't have LoadBalancer in miniconstellation (TODO) + - name: controller.service.type + value: NodePort + - name: controller.service.nodePorts.http + value: 32080 + - name: controller.service.nodePorts.https + value: 32443 + needs: + - default/namespaces + + - name: keda-ingress + chart: ../charts/keda + namespace: keda + needs: + - keda-http-addon + - ingress-nginx # NOTE: nginx admission controllers typically fails to wait long enough for nginx to start at this step + - default/namespaces + + - name: keda-http-addon + namespace: keda + chart: kedacore/keda-add-ons-http + set: + - name: interceptor.replicas.min + value: 1 + - name: scaler.replicas + value: 1 + - name: interceptor.waitTimeout + value: 40s + needs: + - keda + - default/namespaces + + - name: prometheus + chart: prometheus-community/prometheus + namespace: prometheus + set: + - name: alertmanager.enabled + value: false + - name: prometheus-node-exporter.enabled + value: false + - name: server.persistentVolume.size # Helmfile exclusive, reduce prometheus PV + value: 1Gi + needs: + - default/namespaces + + - name: loki + chart: grafana/loki-stack + namespace: loki + values: + - ../charts/loki/values.yml + needs: + - default/namespaces + + - name: ipfs + chart: ../charts/ipfs + namespace: ipfs + set: + - name: swarm.announceIp # Helmfile exclusive, assume the IP of miniconstellation + value: 10.42.1.100 + - name: p2phelper.image # Helmfile exclusive, use ghcr images + value: ghcr.io/comrade-coop/apocryph/p2p-helper:master + needs: + - default/namespaces + + - name: eth + chart: ../charts/eth + namespace: eth + needs: + - default/namespaces + + - name: trustedpods + chart: ../charts/trustedpods + namespace: trustedpods + set: + - name: policy.enable # Helmfile exclusive, disable policy + value: false + - name: image # Helmfile exclusive, use ghcr images + value: ghcr.io/comrade-coop/apocryph/server:master + needs: + - default/namespaces +# NOTE: Code above duplicates deploy_apocryph_stack in ../Tiltfile diff --git a/test/e2e/constellation/miniconstellation/namespaces/namespaces.yml b/deploy/constellation/namespaces/namespaces.yml similarity index 71% rename from test/e2e/constellation/miniconstellation/namespaces/namespaces.yml rename to deploy/constellation/namespaces/namespaces.yml index e45a671d..fb8a53df 100644 --- a/test/e2e/constellation/miniconstellation/namespaces/namespaces.yml +++ b/deploy/constellation/namespaces/namespaces.yml @@ -5,6 +5,11 @@ metadata: --- apiVersion: v1 kind: Namespace +metadata: + name: policy-controller +--- +apiVersion: v1 +kind: Namespace metadata: name: trustedpods --- @@ -27,3 +32,8 @@ apiVersion: v1 kind: Namespace metadata: name: prometheus +--- +apiVersion: v1 +kind: Namespace +metadata: + name: local-path-storage diff --git a/test/e2e/minikube/deploy-pod.sh b/deploy/deploy-pod.sh similarity index 90% rename from test/e2e/minikube/deploy-pod.sh rename to deploy/deploy-pod.sh index ee26370f..0557a494 100755 --- a/test/e2e/minikube/deploy-pod.sh +++ b/deploy/deploy-pod.sh @@ -13,9 +13,9 @@ set -x ## Configure provider/in-cluster IPFS and publisher IPFS ## minikube profile c1 -../common/scripts/swarm-connect.sh +../test/e2e/common/scripts/swarm-connect.sh -go run ../../../cmd/trustedpods/ pod deploy $POD \ +go run ../cmd/trustedpods/ pod deploy $POD \ --ethereum-key "$PUBLISHER_KEY" \ --payment-contract "$PAYMENT_CONTRACT" \ --registry-contract "$REGISTRY_CONTRACT" \ diff --git a/go.mod b/go.mod index 7d062433..ac03adb4 100644 --- a/go.mod +++ b/go.mod @@ -2,7 +2,7 @@ module github.com/comrade-coop/apocryph go 1.22.5 -toolchain go1.22.6 +toolchain go1.23.1 require ( connectrpc.com/connect v1.14.0 @@ -12,9 +12,9 @@ require ( github.com/containerd/log v0.1.0 github.com/containerd/nerdctl v1.7.4 github.com/containers/ocicrypt v1.1.10 - github.com/ethereum/go-ethereum v1.13.15 + github.com/ethereum/go-ethereum v1.14.9 github.com/go-jose/go-jose/v3 v3.0.3 - github.com/golang/protobuf v1.5.4 + github.com/golang/protobuf v1.5.4 // indirect github.com/google/go-containerregistry v0.20.1 github.com/gorilla/websocket v1.5.3 github.com/hashicorp/raft v1.6.1 @@ -84,7 +84,7 @@ require ( github.com/ProtonMail/go-crypto v0.0.0-20230923063757-afb1ddc0824c // indirect github.com/StackExchange/wmi v1.2.1 // indirect github.com/ThalesIgnite/crypto11 v1.2.5 // indirect - github.com/VictoriaMetrics/fastcache v1.12.1 // indirect + github.com/VictoriaMetrics/fastcache v1.12.2 // indirect github.com/agnivade/levenshtein v1.1.1 // indirect github.com/alibabacloud-go/alibabacloud-gateway-spi v0.0.4 // indirect github.com/alibabacloud-go/cr-20160607 v1.0.1 // indirect @@ -121,12 +121,11 @@ require ( github.com/awslabs/soci-snapshotter v0.4.1 // indirect github.com/benbjohnson/clock v1.3.5 // indirect github.com/beorn7/perks v1.0.1 // indirect - github.com/bits-and-blooms/bitset v1.10.0 // indirect + github.com/bits-and-blooms/bitset v1.13.0 // indirect github.com/blang/semver v3.5.1+incompatible // indirect github.com/blang/semver/v4 v4.0.0 // indirect - github.com/blendle/zapdriver v1.3.1 // indirect github.com/boltdb/bolt v1.3.1 // indirect - github.com/btcsuite/btcd/btcec/v2 v2.3.2 // indirect + github.com/btcsuite/btcd/btcec/v2 v2.3.4 // indirect github.com/btcsuite/btcd/chaincfg/chainhash v1.0.2 // indirect github.com/bufbuild/protovalidate-go v0.3.2 // indirect github.com/buildkite/agent/v3 v3.76.2 // indirect @@ -140,11 +139,11 @@ require ( github.com/clbanning/mxj/v2 v2.7.0 // indirect github.com/cloudflare/circl v1.3.7 // indirect github.com/cockroachdb/apd/v3 v3.2.1 // indirect - github.com/cockroachdb/errors v1.8.1 // indirect - github.com/cockroachdb/logtags v0.0.0-20190617123548-eb05cc24525f // indirect - github.com/cockroachdb/pebble v0.0.0-20230928194634-aa077af62593 // indirect - github.com/cockroachdb/redact v1.0.8 // indirect - github.com/cockroachdb/sentry-go v0.6.1-cockroachdb.2 // indirect + github.com/cockroachdb/errors v1.11.3 // indirect + github.com/cockroachdb/fifo v0.0.0-20240606204812-0bbfbd93a7ce // indirect + github.com/cockroachdb/logtags v0.0.0-20230118201751-21c54148d20b // indirect + github.com/cockroachdb/pebble v1.1.2 // indirect + github.com/cockroachdb/redact v1.1.5 // indirect github.com/cockroachdb/tokenbucket v0.0.0-20230807174530-cc333fc44b06 // indirect github.com/common-nighthawk/go-figure v0.0.0-20210622060536-734e95fb86be // indirect github.com/consensys/bavard v0.1.13 // indirect @@ -174,13 +173,13 @@ require ( github.com/coreos/go-systemd/v22 v22.5.0 // indirect github.com/cpuguy83/go-md2man/v2 v2.0.4 // indirect github.com/crackcomm/go-gitignore v0.0.0-20170627025303-887ab5e44cc3 // indirect - github.com/crate-crypto/go-ipa v0.0.0-20231025140028-3c0104f4b233 // indirect - github.com/crate-crypto/go-kzg-4844 v0.7.0 // indirect + github.com/crate-crypto/go-ipa v0.0.0-20240223125850-b1e8a79f509c // indirect + github.com/crate-crypto/go-kzg-4844 v1.0.0 // indirect github.com/cyberphone/json-canonicalization v0.0.0-20231011164504-785e29786b46 // indirect github.com/cyphar/filepath-securejoin v0.2.4 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/davidlazar/go-crypto v0.0.0-20200604182044-b73af7476f6c // indirect - github.com/deckarep/golang-set/v2 v2.1.0 // indirect + github.com/deckarep/golang-set/v2 v2.6.0 // indirect github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0 // indirect github.com/deepmap/oapi-codegen v1.6.0 // indirect github.com/digitorus/pkcs7 v0.0.0-20230818184609-3a137a874352 // indirect @@ -199,21 +198,21 @@ require ( github.com/elastic/gosigar v0.14.2 // indirect github.com/emicklei/go-restful/v3 v3.11.2 // indirect github.com/emicklei/proto v1.12.1 // indirect - github.com/ethereum/c-kzg-4844 v0.4.0 // indirect + github.com/ethereum/c-kzg-4844 v1.0.0 // indirect + github.com/ethereum/go-verkle v0.1.1-0.20240829091221-dffa7562dbe9 // indirect github.com/evanphx/json-patch/v5 v5.9.0 // indirect github.com/facebookgo/atomicfile v0.0.0-20151019160806-2de1f203e7d5 // indirect github.com/fahedouch/go-logrotate v0.2.0 // indirect github.com/fatih/color v1.16.0 // indirect github.com/felixge/httpsnoop v1.0.4 // indirect github.com/ferranbt/fastssz v0.1.2 // indirect - github.com/fjl/memsize v0.0.2 // indirect github.com/fluent/fluent-logger-golang v1.9.0 // indirect github.com/flynn/noise v1.1.0 // indirect github.com/francoispqt/gojay v1.2.13 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect github.com/fxamacker/cbor/v2 v2.7.0 // indirect github.com/gballet/go-libpcsclite v0.0.0-20190607065134-2772fd86a8ff // indirect - github.com/gballet/go-verkle v0.1.1-0.20231031103413-a67434b50f46 // indirect + github.com/getsentry/sentry-go v0.27.0 // indirect github.com/go-chi/chi v4.1.2+incompatible // indirect github.com/go-ini/ini v1.67.0 // indirect github.com/go-jose/go-jose/v4 v4.0.2 // indirect @@ -262,7 +261,7 @@ require ( github.com/hashicorp/go-immutable-radix v1.3.1 // indirect github.com/hashicorp/go-msgpack/v2 v2.1.2 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect - github.com/hashicorp/go-retryablehttp v0.7.7 // indirect + github.com/hashicorp/go-retryablehttp v0.7.7 github.com/hashicorp/go-rootcerts v1.0.2 // indirect github.com/hashicorp/go-secure-stdlib/parseutil v0.1.8 // indirect github.com/hashicorp/go-secure-stdlib/strutil v0.1.2 // indirect @@ -273,7 +272,7 @@ require ( github.com/hashicorp/vault/api v1.14.0 // indirect github.com/holiman/billy v0.0.0-20240216141850-2abb0c79d3c4 // indirect github.com/holiman/bloomfilter/v2 v2.0.3 // indirect - github.com/holiman/uint256 v1.2.4 // indirect + github.com/holiman/uint256 v1.3.1 // indirect github.com/huin/goupnp v1.3.0 // indirect github.com/imdario/mergo v0.3.16 // indirect github.com/in-toto/in-toto-golang v0.9.0 // indirect @@ -517,7 +516,7 @@ require ( k8s.io/klog/v2 v2.130.1 // indirect k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect - knative.dev/pkg v0.0.0-20240116073220-b488e7be5902 // indirect + knative.dev/pkg v0.0.0-20240116073220-b488e7be5902 lukechampine.com/blake3 v1.2.2 // indirect rsc.io/tmplfunc v0.0.3 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect diff --git a/go.sum b/go.sum index d1fd7163..0d7abc49 100644 --- a/go.sum +++ b/go.sum @@ -56,7 +56,6 @@ github.com/AdamKorcz/go-fuzz-headers-1 v0.0.0-20230919221257-8b5d3ce2d11d h1:zjq github.com/AdamKorcz/go-fuzz-headers-1 v0.0.0-20230919221257-8b5d3ce2d11d/go.mod h1:XNqJ7hv2kY++g8XEHREpi+JqZo3+0l+CH2egBVN4yqM= github.com/AliyunContainerService/ack-ram-tool/pkg/credentials/alibabacloudsdkgo/helper v0.2.0 h1:8+4G8JaejP8Xa6W46PzJEwisNgBXMvFcz78N6zG/ARw= github.com/AliyunContainerService/ack-ram-tool/pkg/credentials/alibabacloudsdkgo/helper v0.2.0/go.mod h1:GgeIE+1be8Ivm7Sh4RgwI42aTtC9qrcj+Y9Y6CjJhJs= -github.com/AndreasBriese/bbloom v0.0.0-20190306092124-e2d15f34fcf9/go.mod h1:bOvUY6CB00SOBii9/FifXqc0awNKxLFCL/+pkDPuyl8= github.com/AndreasBriese/bbloom v0.0.0-20190825152654-46b345b51c96 h1:cTp8I5+VIoKjsnZuH8vjyaysT/ses3EvZeaV/1UkF2M= github.com/AndreasBriese/bbloom v0.0.0-20190825152654-46b345b51c96/go.mod h1:bOvUY6CB00SOBii9/FifXqc0awNKxLFCL/+pkDPuyl8= github.com/Azure/azure-sdk-for-go v68.0.0+incompatible h1:fcYLmCpyNYRnvJbPerq7U0hS+6+I79yEDJBqVNcqUzU= @@ -102,13 +101,9 @@ github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03 github.com/BurntSushi/toml v1.3.2 h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8= github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/CloudyKit/fastprinter v0.0.0-20170127035650-74b38d55f37a/go.mod h1:EFZQ978U7x8IRnstaskI3IysnWY5Ao3QgZUKOXlsAdw= -github.com/CloudyKit/jet v2.1.3-0.20180809161101-62edd43e4f88+incompatible/go.mod h1:HPYO+50pSWkPoj9Q/eq0aRGByCL6ScRlUmiEX5Zgm+w= github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= github.com/DataDog/zstd v1.5.2 h1:vUG4lAyuPCXO0TLbXvPv7EB7cNK1QV/luu55UHLrrn8= github.com/DataDog/zstd v1.5.2/go.mod h1:g4AWEaM3yOg3HYfnJ3YIawPnVdXJh9QME85blwSAmyw= -github.com/Joker/hpp v1.0.0/go.mod h1:8x5n+M1Hp5hC0g8okX3sR3vFQwynaX/UgSOM9MeBKzY= -github.com/Joker/jade v1.0.1-0.20190614124447-d475f43051e7/go.mod h1:6E6s8o2AE4KhCrqr6GRJjdC/gNfTdxkIXvuGZZda2VM= github.com/Jorropo/jsync v1.0.1 h1:6HgRolFZnsdfzRUj+ImB9og1JYOxQoReSywkHOGSaUU= github.com/Jorropo/jsync v1.0.1/go.mod h1:jCOZj3vrBCri3bSU3ErUYvevKlnbssrXeCivybS5ABQ= github.com/Masterminds/semver/v3 v3.2.1 h1:RN9w6+7QoMeJVGyfmbcgs28Br8cvmnucEXnY0rYXWg0= @@ -121,16 +116,14 @@ github.com/OneOfOne/xxhash v1.2.8 h1:31czK/TI9sNkxIKfaUfGlU47BAxQ0ztGgd9vPyqimf8 github.com/OneOfOne/xxhash v1.2.8/go.mod h1:eZbhyaAYD41SGSSsnmcpxVoRiQ/MPUTjUdIIOT9Um7Q= github.com/ProtonMail/go-crypto v0.0.0-20230923063757-afb1ddc0824c h1:kMFnB0vCcX7IL/m9Y5LO+KQYv+t1CQOiFe6+SV2J7bE= github.com/ProtonMail/go-crypto v0.0.0-20230923063757-afb1ddc0824c/go.mod h1:EjAoLdwvbIOoOQr3ihjnSoLZRtE8azugULFRteWMNc0= -github.com/Shopify/goreferrer v0.0.0-20181106222321-ec9c9a553398/go.mod h1:a1uqRtAwp2Xwc6WNPJEufxJ7fx3npB4UV/JOLmbu5I0= github.com/StackExchange/wmi v1.2.1 h1:VIkavFPXSjcnS+O8yTq7NI32k0R5Aj+v39y29VYDOSA= github.com/StackExchange/wmi v1.2.1/go.mod h1:rcmrprowKIVzvc+NUiLncP2uuArMWLCbu9SBzvHz7e8= github.com/ThalesIgnite/crypto11 v1.2.5 h1:1IiIIEqYmBvUYFeMnHqRft4bwf/O36jryEUpY+9ef8E= github.com/ThalesIgnite/crypto11 v1.2.5/go.mod h1:ILDKtnCKiQ7zRoNxcp36Y1ZR8LBPmR2E23+wTQe/MlE= -github.com/VictoriaMetrics/fastcache v1.12.1 h1:i0mICQuojGDL3KblA7wUNlY5lOK6a4bwt3uRKnkZU40= -github.com/VictoriaMetrics/fastcache v1.12.1/go.mod h1:tX04vaqcNoQeGLD+ra5pU5sWkuxnzWhEzLwhP9w653o= +github.com/VictoriaMetrics/fastcache v1.12.2 h1:N0y9ASrJ0F6h0QaC3o6uJb3NIZ9VKLjCM7NQbSmF7WI= +github.com/VictoriaMetrics/fastcache v1.12.2/go.mod h1:AmC+Nzz1+3G2eCPapF6UcsnkThDcMsQicp4xDukwJYI= github.com/agnivade/levenshtein v1.1.1 h1:QY8M92nrzkmr798gCo3kmMyqXFzdQVpxLlGPRBij0P8= github.com/agnivade/levenshtein v1.1.1/go.mod h1:veldBMzWxcCG2ZvUTKD2kJNRdCk5hVbJomOvKkmgYbo= -github.com/ajg/form v1.5.1/go.mod h1:uL1WgH+h2mgNtvBq0339dVnzXdBETtL2LeUXaIv25UY= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= @@ -190,7 +183,6 @@ github.com/antlr4-go/antlr/v4 v4.13.0 h1:lxCg3LAv+EUK6t1i0y1V6/SLeUi0eKEKdhQAlS8 github.com/antlr4-go/antlr/v4 v4.13.0/go.mod h1:pfChB/xh/Unjila75QW7+VU4TSnWnnk9UTnmpPaOR2g= github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0 h1:jfIu9sQUG6Ig+0+Ap1h4unLjW6YQJpKZVmUzxsD4E/Q= github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0/go.mod h1:t2tdKJDJF9BV14lnkjHmOQgcvEKgtqs5a1N3LNdJhGE= -github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= github.com/armon/go-metrics v0.4.1 h1:hR91U9KYmb6bLBYLQjyM+3j+rcd/UhE+G78SFnF8gJA= github.com/armon/go-metrics v0.4.1/go.mod h1:E6amYzXo6aW1tqzoZGT755KkbgrJsSdpwZ+3JqfkOG4= github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 h1:DklsrG3dyBCFEj5IhUbnKptjxatkF07cF2ak3yi77so= @@ -233,7 +225,6 @@ github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20231024185945- github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20231024185945-8841054dbdb8/go.mod h1:2JF49jcDOrLStIXN/j/K1EKRq8a8R2qRnlZA6/o/c7c= github.com/awslabs/soci-snapshotter v0.4.1 h1:f1TdTG5QZ1B6umgSPQfM1pSXDlMZu+raCKWP4QkRYL8= github.com/awslabs/soci-snapshotter v0.4.1/go.mod h1:faOXa3a6SsMRln4misZi82nAa4ez8Nu9i5N39kQyukY= -github.com/aymerick/raymond v2.0.3-0.20180322193309-b565731e1464+incompatible/go.mod h1:osfaiScAUVup+UC9Nfq76eWqDhXlp+4UYaA8uhTBO6g= github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/benbjohnson/clock v1.3.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA= github.com/benbjohnson/clock v1.3.5 h1:VvXlSJBzZpA/zum6Sj74hxwYI2DIxRWuNIoXAzHZz5o= @@ -242,8 +233,8 @@ github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= -github.com/bits-and-blooms/bitset v1.10.0 h1:ePXTeiPEazB5+opbv5fr8umg2R/1NlzgDsyepwsSr88= -github.com/bits-and-blooms/bitset v1.10.0/go.mod h1:7hO7Gc7Pp1vODcmWvKMRA9BNmbv6a/7QIWpPxHddWR8= +github.com/bits-and-blooms/bitset v1.13.0 h1:bAQ9OPNFYbGHV6Nez0tmNI0RiEu7/hxlYJRUA0wFAVE= +github.com/bits-and-blooms/bitset v1.13.0/go.mod h1:7hO7Gc7Pp1vODcmWvKMRA9BNmbv6a/7QIWpPxHddWR8= github.com/blang/semver v3.5.1+incompatible h1:cQNTCjp13qL8KC3Nbxr/y2Bqb63oX6wdnnjpJbkM4JQ= github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM= @@ -255,8 +246,8 @@ github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dR github.com/boltdb/bolt v1.3.1 h1:JQmyP4ZBrce+ZQu0dY660FMfatumYDLun9hBCUVIkF4= github.com/boltdb/bolt v1.3.1/go.mod h1:clJnj/oiGkjum5o1McbSZDSLxVThjynRyGBgiAx27Ps= github.com/bradfitz/go-smtpd v0.0.0-20170404230938-deb6d6237625/go.mod h1:HYsPBTaaSFSlLx/70C2HPIMNZpVV8+vt/A+FMnYP11g= -github.com/btcsuite/btcd/btcec/v2 v2.3.2 h1:5n0X6hX0Zk+6omWcihdYvdAlGf2DfasC0GMf7DClJ3U= -github.com/btcsuite/btcd/btcec/v2 v2.3.2/go.mod h1:zYzJ8etWJQIv1Ogk7OzpWjowwOdXY1W/17j2MW85J04= +github.com/btcsuite/btcd/btcec/v2 v2.3.4 h1:3EJjcN70HCu/mwqlUsGK8GcNVyLVxFDlWurTXGPFfiQ= +github.com/btcsuite/btcd/btcec/v2 v2.3.4/go.mod h1:zYzJ8etWJQIv1Ogk7OzpWjowwOdXY1W/17j2MW85J04= github.com/btcsuite/btcd/chaincfg/chainhash v1.0.2 h1:KdUfX2zKommPRa+PD0sWZUyXe9w277ABlgELO7H04IM= github.com/btcsuite/btcd/chaincfg/chainhash v1.0.2/go.mod h1:7SFka0XMvUgj3hfZtydOrQY2mwhPclbT2snogU7SQQc= github.com/bufbuild/protovalidate-go v0.3.2 h1:7sG1R83PkCzOZb3P187gAchWFLHY6LQ8aVoUw6Wp9es= @@ -310,25 +301,22 @@ github.com/cloudflare/circl v1.3.7/go.mod h1:sRTcRWXGLrKw6yIGJ+l7amYJFfAXbZG0kBS github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/cockroachdb/apd/v3 v3.2.1 h1:U+8j7t0axsIgvQUqthuNm82HIrYXodOV2iWLWtEaIwg= github.com/cockroachdb/apd/v3 v3.2.1/go.mod h1:klXJcjp+FffLTHlhIG69tezTDvdP065naDsHzKhYSqc= -github.com/cockroachdb/datadriven v1.0.0/go.mod h1:5Ib8Meh+jk1RlHIXej6Pzevx/NLlNvQB9pmSBZErGA4= github.com/cockroachdb/datadriven v1.0.3-0.20230413201302-be42291fc80f h1:otljaYPt5hWxV3MUfO5dFPFiOXg9CyG5/kCfayTqsJ4= github.com/cockroachdb/datadriven v1.0.3-0.20230413201302-be42291fc80f/go.mod h1:a9RdTaap04u637JoCzcUoIcDmvwSUtcUFtT/C3kJlTU= -github.com/cockroachdb/errors v1.6.1/go.mod h1:tm6FTP5G81vwJ5lC0SizQo374JNCOPrHyXGitRJoDqM= -github.com/cockroachdb/errors v1.8.1 h1:A5+txlVZfOqFBDa4mGz2bUWSp0aHElvHX2bKkdbQu+Y= -github.com/cockroachdb/errors v1.8.1/go.mod h1:qGwQn6JmZ+oMjuLwjWzUNqblqk0xl4CVV3SQbGwK7Ac= -github.com/cockroachdb/logtags v0.0.0-20190617123548-eb05cc24525f h1:o/kfcElHqOiXqcou5a3rIlMc7oJbMQkeLk0VQJ7zgqY= -github.com/cockroachdb/logtags v0.0.0-20190617123548-eb05cc24525f/go.mod h1:i/u985jwjWRlyHXQbwatDASoW0RMlZ/3i9yJHE2xLkI= -github.com/cockroachdb/pebble v0.0.0-20230928194634-aa077af62593 h1:aPEJyR4rPBvDmeyi+l/FS/VtA00IWvjeFvjen1m1l1A= -github.com/cockroachdb/pebble v0.0.0-20230928194634-aa077af62593/go.mod h1:6hk1eMY/u5t+Cf18q5lFMUA1Rc+Sm5I6Ra1QuPyxXCo= -github.com/cockroachdb/redact v1.0.8 h1:8QG/764wK+vmEYoOlfobpe12EQcS81ukx/a4hdVMxNw= -github.com/cockroachdb/redact v1.0.8/go.mod h1:BVNblN9mBWFyMyqK1k3AAiSxhvhfK2oOZZ2lK+dpvRg= -github.com/cockroachdb/sentry-go v0.6.1-cockroachdb.2 h1:IKgmqgMQlVJIZj19CdocBeSfSaiCbEBZGKODaixqtHM= -github.com/cockroachdb/sentry-go v0.6.1-cockroachdb.2/go.mod h1:8BT+cPK6xvFOcRlk0R8eg+OTkcqI6baNH4xAkpiYVvQ= +github.com/cockroachdb/errors v1.11.3 h1:5bA+k2Y6r+oz/6Z/RFlNeVCesGARKuC6YymtcDrbC/I= +github.com/cockroachdb/errors v1.11.3/go.mod h1:m4UIW4CDjx+R5cybPsNrRbreomiFqt8o1h1wUVazSd8= +github.com/cockroachdb/fifo v0.0.0-20240606204812-0bbfbd93a7ce h1:giXvy4KSc/6g/esnpM7Geqxka4WSqI1SZc7sMJFd3y4= +github.com/cockroachdb/fifo v0.0.0-20240606204812-0bbfbd93a7ce/go.mod h1:9/y3cnZ5GKakj/H4y9r9GTjCvAFta7KLgSHPJJYc52M= +github.com/cockroachdb/logtags v0.0.0-20230118201751-21c54148d20b h1:r6VH0faHjZeQy818SGhaone5OnYfxFR/+AzdY3sf5aE= +github.com/cockroachdb/logtags v0.0.0-20230118201751-21c54148d20b/go.mod h1:Vz9DsVWQQhf3vs21MhPMZpMGSht7O/2vFW2xusFUVOs= +github.com/cockroachdb/pebble v1.1.2 h1:CUh2IPtR4swHlEj48Rhfzw6l/d0qA31fItcIszQVIsA= +github.com/cockroachdb/pebble v1.1.2/go.mod h1:4exszw1r40423ZsmkG/09AFEG83I0uDgfujJdbL6kYU= +github.com/cockroachdb/redact v1.1.5 h1:u1PMllDkdFfPWaNGMyLD1+so+aq3uUItthCFqzwPJ30= +github.com/cockroachdb/redact v1.1.5/go.mod h1:BVNblN9mBWFyMyqK1k3AAiSxhvhfK2oOZZ2lK+dpvRg= github.com/cockroachdb/tokenbucket v0.0.0-20230807174530-cc333fc44b06 h1:zuQyyAKVxetITBuuhv3BI9cMrmStnpT18zmgmTxunpo= github.com/cockroachdb/tokenbucket v0.0.0-20230807174530-cc333fc44b06/go.mod h1:7nc4anLGjupUW/PeY5qiNYsdNXj7zopG+eqsS7To5IQ= github.com/codahale/rfc6979 v0.0.0-20141003034818-6a90f24967eb h1:EDmT6Q9Zs+SbUoc7Ik9EfrFqcylYqgPZ9ANSbTAntnE= github.com/codahale/rfc6979 v0.0.0-20141003034818-6a90f24967eb/go.mod h1:ZjrT6AXHbDs86ZSdt/osfBi5qfexBrKUdONk989Wnk4= -github.com/codegangsta/inject v0.0.0-20150114235600-33e0aa1cb7c0/go.mod h1:4Zcjuz89kmFXt9morQgcfYZAYZ5n8WHjt81YYWIwtTM= github.com/common-nighthawk/go-figure v0.0.0-20210622060536-734e95fb86be h1:J5BL2kskAlV9ckgEsNQXscjIaLiOYiZ75d4e94E6dcQ= github.com/common-nighthawk/go-figure v0.0.0-20210622060536-734e95fb86be/go.mod h1:mk5IQ+Y0ZeO87b858TlA645sVcEcbiX6YqP98kt+7+w= github.com/consensys/bavard v0.1.13 h1:oLhMLOFGTLdlda/kma4VOJazblc7IM5y5QPd2A/YjhQ= @@ -387,28 +375,24 @@ github.com/containernetworking/plugins v1.4.0 h1:+w22VPYgk7nQHw7KT92lsRmuToHvb7w github.com/containernetworking/plugins v1.4.0/go.mod h1:UYhcOyjefnrQvKvmmyEKsUA+M9Nfn7tqULPpH0Pkcj0= github.com/containers/ocicrypt v1.1.10 h1:r7UR6o8+lyhkEywetubUUgcKFjOWOaWz8cEBrCPX0ic= github.com/containers/ocicrypt v1.1.10/go.mod h1:YfzSSr06PTHQwSTUKqDSjish9BeW1E4HUmreluQcMd8= -github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= -github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk= github.com/coreos/go-iptables v0.7.0 h1:XWM3V+MPRr5/q51NuWSgU0fqMad64Zyxs8ZUoMsamr8= github.com/coreos/go-iptables v0.7.0/go.mod h1:Qe8Bv2Xik5FyTXwgIbLAnv2sWSBmvWdFETJConOQ//Q= github.com/coreos/go-oidc/v3 v3.11.0 h1:Ia3MxdwpSw702YW0xgfmP1GVCMA9aEFWu12XUZ3/OtI= github.com/coreos/go-oidc/v3 v3.11.0/go.mod h1:gE3LgjOgFoHi9a4ce4/tJczr0Ai2/BoDhf0r5lltWI0= -github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= github.com/coreos/go-systemd v0.0.0-20181012123002-c6f51f82210d/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4= github.com/coreos/go-systemd/v22 v22.1.0/go.mod h1:xO0FLkIi5MaZafQlIrOotqXZ90ih+1atmu1JpKERPPk= github.com/coreos/go-systemd/v22 v22.5.0 h1:RrqgGjYQKalulkV8NGVIfkXQf6YYmOyiJKk8iXXhfZs= github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= -github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE= github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.4 h1:wfIWP927BUkWJb2NmU/kNDYIBTh/ziUX91+lVfRxZq4= github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/crackcomm/go-gitignore v0.0.0-20170627025303-887ab5e44cc3 h1:HVTnpeuvF6Owjd5mniCL8DEXo7uYXdQEmOP4FJbV5tg= github.com/crackcomm/go-gitignore v0.0.0-20170627025303-887ab5e44cc3/go.mod h1:p1d6YEZWvFzEh4KLyvBcVSnrfNDDvK2zfK/4x2v/4pE= -github.com/crate-crypto/go-ipa v0.0.0-20231025140028-3c0104f4b233 h1:d28BXYi+wUpz1KBmiF9bWrjEMacUEREV6MBi2ODnrfQ= -github.com/crate-crypto/go-ipa v0.0.0-20231025140028-3c0104f4b233/go.mod h1:geZJZH3SzKCqnz5VT0q/DyIG/tvu/dZk+VIfXicupJs= -github.com/crate-crypto/go-kzg-4844 v0.7.0 h1:C0vgZRk4q4EZ/JgPfzuSoxdCq3C3mOZMBShovmncxvA= -github.com/crate-crypto/go-kzg-4844 v0.7.0/go.mod h1:1kMhvPgI0Ky3yIa+9lFySEBUBXkYxeOi8ZF1sYioxhc= +github.com/crate-crypto/go-ipa v0.0.0-20240223125850-b1e8a79f509c h1:uQYC5Z1mdLRPrZhHjHxufI8+2UG/i25QG92j0Er9p6I= +github.com/crate-crypto/go-ipa v0.0.0-20240223125850-b1e8a79f509c/go.mod h1:geZJZH3SzKCqnz5VT0q/DyIG/tvu/dZk+VIfXicupJs= +github.com/crate-crypto/go-kzg-4844 v1.0.0 h1:TsSgHwrkTKecKJ4kadtHi4b3xHW5dCFUDFnUp1TsawI= +github.com/crate-crypto/go-kzg-4844 v1.0.0/go.mod h1:1kMhvPgI0Ky3yIa+9lFySEBUBXkYxeOi8ZF1sYioxhc= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/creack/pty v1.1.19 h1:tUN6H7LWqNx4hQVxomd0CVsDwaDr9gaRQaI4GpSmrsA= github.com/creack/pty v1.1.19/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4= @@ -427,8 +411,8 @@ github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davidlazar/go-crypto v0.0.0-20200604182044-b73af7476f6c h1:pFUpOrbxDR6AkioZ1ySsx5yxlDQZ8stG2b88gTPxgJU= github.com/davidlazar/go-crypto v0.0.0-20200604182044-b73af7476f6c/go.mod h1:6UhI8N9EjYm1c2odKpFpAYeR8dsBeM7PtzQhRgxRr9U= -github.com/deckarep/golang-set/v2 v2.1.0 h1:g47V4Or+DUdzbs8FxCCmgb6VYd+ptPAngjM6dtGktsI= -github.com/deckarep/golang-set/v2 v2.1.0/go.mod h1:VAky9rY/yGXJOLEDv3OMci+7wtDpOF4IN+y82NBOac4= +github.com/deckarep/golang-set/v2 v2.6.0 h1:XfcQbWM1LlMB8BsJ8N9vW5ehnnPVIw0je80NsVHagjM= +github.com/deckarep/golang-set/v2 v2.6.0/go.mod h1:VAky9rY/yGXJOLEDv3OMci+7wtDpOF4IN+y82NBOac4= github.com/decred/dcrd/crypto/blake256 v1.0.1 h1:7PltbUIQB7u/FfZ39+DGa/ShuMyJ5ilcvdfma9wOH6Y= github.com/decred/dcrd/crypto/blake256 v1.0.1/go.mod h1:2OfgNZ5wDpcsFmHmCK5gZTPcCXqlm2ArzUIkw9czNJo= github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0 h1:rpfIENRNNilwHwZeG5+P150SMrnNEcHYvcCuK6dPZSg= @@ -437,7 +421,6 @@ github.com/deepmap/oapi-codegen v1.6.0 h1:w/d1ntwh91XI0b/8ja7+u5SvA4IFfM0UNNLmiD github.com/deepmap/oapi-codegen v1.6.0/go.mod h1:ryDa9AgbELGeB+YEXE1dR53yAjHwFvE9iAUlWl9Al3M= github.com/depcheck-test/depcheck-test v0.0.0-20220607135614-199033aaa936 h1:foGzavPWwtoyBvjWyKJYDYsyzy+23iBV7NKTwdk+LRY= github.com/depcheck-test/depcheck-test v0.0.0-20220607135614-199033aaa936/go.mod h1:ttKPnOepYt4LLzD+loXQ1rT6EmpyIYHro7TAJuIIlHo= -github.com/dgraph-io/badger v1.6.0/go.mod h1:zwt7syl517jmP8s94KqSxTlM6IMsdhYy6psNgSztDR4= github.com/dgraph-io/badger v1.6.2 h1:mNw0qs90GVgGGWylh0umH5iag1j6n/PeJtNvL6KY/x8= github.com/dgraph-io/badger v1.6.2/go.mod h1:JW2yswe3V058sS0kZ2h/AXeDSqFjxnZcRrVH//y2UQE= github.com/dgraph-io/badger/v3 v3.2103.5 h1:ylPa6qzbjYRQMU6jokoj4wzcaweHylt//CH0AKt0akg= @@ -445,7 +428,6 @@ github.com/dgraph-io/badger/v3 v3.2103.5/go.mod h1:4MPiseMeDQ3FNCYwRbbcBOGJLf5js github.com/dgraph-io/ristretto v0.1.1 h1:6CWw5tJNgpegArSHpNHJKldNeq03FQCwYvfMVWajOK8= github.com/dgraph-io/ristretto v0.1.1/go.mod h1:S1GPSBCYCIhmVNfcth17y2zZtQT6wzkzgwUve0VDWWA= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= -github.com/dgryski/go-farm v0.0.0-20190423205320-6a90982ecee2/go.mod h1:SqUrOPUnsFjfmXRMNPybcSiG0BgUW2AuFH8PAnS2iTw= github.com/dgryski/trifles v0.0.0-20200323201526-dd97f9abfb48 h1:fRzb/w+pyskVMQ+UbP35JkH8yB7MYb4q/qhBarqZE6g= github.com/dgryski/trifles v0.0.0-20200323201526-dd97f9abfb48/go.mod h1:if7Fbed8SFyPtHLHbg49SI7NAdJiC5WIA09pe59rfAA= github.com/digitorus/pkcs7 v0.0.0-20230713084857-e76b763bdc49/go.mod h1:SKVExuS+vpu2l9IoOc0RwqE7NYnb0JlcFHFnEJkVDzc= @@ -477,7 +459,6 @@ github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDD github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY= github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto= -github.com/eknkc/amber v0.0.0-20171010120322-cdade1c07385/go.mod h1:0vRUJqYpeSZifjYj7uP3BG/gKcuzL9xWVV/Y+cK33KM= github.com/elastic/gosigar v0.12.0/go.mod h1:iXRIGg2tLnu7LBdpqzyQfGDEidKCfWcCMS0WKyPWoMs= github.com/elastic/gosigar v0.14.2 h1:Dg80n8cr90OZ7x+bAax/QjoW/XqTI11RmA79ZwIm9/4= github.com/elastic/gosigar v0.14.2/go.mod h1:iXRIGg2tLnu7LBdpqzyQfGDEidKCfWcCMS0WKyPWoMs= @@ -491,11 +472,12 @@ github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1m github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/envoyproxy/protoc-gen-validate v1.0.4 h1:gVPz/FMfvh57HdSJQyvBtF00j8JU4zdyUgIUNhlgg0A= github.com/envoyproxy/protoc-gen-validate v1.0.4/go.mod h1:qys6tmnRsYrQqIhm2bvKZH4Blx/1gTIZ2UKVY1M+Yew= -github.com/etcd-io/bbolt v1.3.3/go.mod h1:ZF2nL25h33cCyBtcyWeZ2/I3HQOfTP+0PIEvHjkjCrw= -github.com/ethereum/c-kzg-4844 v0.4.0 h1:3MS1s4JtA868KpJxroZoepdV0ZKBp3u/O5HcZ7R3nlY= -github.com/ethereum/c-kzg-4844 v0.4.0/go.mod h1:VewdlzQmpT5QSrVhbBuGoCdFJkpaJlO1aQputP83wc0= -github.com/ethereum/go-ethereum v1.13.15 h1:U7sSGYGo4SPjP6iNIifNoyIAiNjrmQkz6EwQG+/EZWo= -github.com/ethereum/go-ethereum v1.13.15/go.mod h1:TN8ZiHrdJwSe8Cb6x+p0hs5CxhJZPbqB7hHkaUXcmIU= +github.com/ethereum/c-kzg-4844 v1.0.0 h1:0X1LBXxaEtYD9xsyj9B9ctQEZIpnvVDeoBx8aHEwTNA= +github.com/ethereum/c-kzg-4844 v1.0.0/go.mod h1:VewdlzQmpT5QSrVhbBuGoCdFJkpaJlO1aQputP83wc0= +github.com/ethereum/go-ethereum v1.14.9 h1:J7iwXDrtUyE9FUjUYbd4c9tyzwMh6dTJsKzo9i6SrwA= +github.com/ethereum/go-ethereum v1.14.9/go.mod h1:QeW+MtTpRdBEm2pUFoonByee8zfHv7kGp0wK0odvU1I= +github.com/ethereum/go-verkle v0.1.1-0.20240829091221-dffa7562dbe9 h1:8NfxH2iXvJ60YRB8ChToFTUzl8awsc3cJ8CbLjGIl/A= +github.com/ethereum/go-verkle v0.1.1-0.20240829091221-dffa7562dbe9/go.mod h1:M3b90YRnzqKyyzBEWJGqj8Qff4IDeXnzFw0P9bFw3uk= github.com/evanphx/json-patch v5.8.1+incompatible h1:2toJaoe7/rNa1zpeQx0UnVEjqk6z2ecyA20V/zg8vTU= github.com/evanphx/json-patch v5.8.1+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= @@ -504,18 +486,13 @@ github.com/facebookgo/atomicfile v0.0.0-20151019160806-2de1f203e7d5 h1:BBso6MBKW github.com/facebookgo/atomicfile v0.0.0-20151019160806-2de1f203e7d5/go.mod h1:JpoxHjuQauoxiFMl1ie8Xc/7TfLuMZ5eOCONd1sUBHg= github.com/fahedouch/go-logrotate v0.2.0 h1:UR9Fv8MDVfWwnkirmFHck+tRSWzqOwRjVRLMpQgSxaI= github.com/fahedouch/go-logrotate v0.2.0/go.mod h1:1RL/yr7LntS4zadAC6FT6yB/C1CQt3V6eHAZzymfwzE= -github.com/fasthttp-contrib/websocket v0.0.0-20160511215533-1f3b11f56072/go.mod h1:duJ4Jxv5lDcvg4QuQr0oowTf7dz4/CR8NtyCooz9HL8= github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= -github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M= github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= github.com/ferranbt/fastssz v0.1.2 h1:Dky6dXlngF6Qjc+EfDipAkE83N5I5DE68bY6O0VLNPk= github.com/ferranbt/fastssz v0.1.2/go.mod h1:X5UPrE2u1UJjxHA8X54u04SBwdAQjG2sFtWs39YxyWs= -github.com/fjl/memsize v0.0.2 h1:27txuSD9or+NZlnOWdKUxeBzTAUkWCVh+4Gf2dWFOzA= -github.com/fjl/memsize v0.0.2/go.mod h1:VvhXpOYNQvB+uIk2RvXzuaQtkQJzzIx6lSBe1xv7hi0= -github.com/flosch/pongo2 v0.0.0-20190707114632-bbf5a6c351f4/go.mod h1:T9YF2M40nIgbVgp3rreNmTged+9HrbNTIQf1PsaIiTA= github.com/fluent/fluent-logger-golang v1.9.0 h1:zUdY44CHX2oIUc7VTNZc+4m+ORuO/mldQDA7czhWXEg= github.com/fluent/fluent-logger-golang v1.9.0/go.mod h1:2/HCT/jTy78yGyeNGQLGQsjF3zzzAuy6Xlk6FCMV5eU= github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568/go.mod h1:xEzjJPgXI435gkrCt3MPfRiAkVrwSbHsst4LCFVfpJc= @@ -538,17 +515,13 @@ github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ= github.com/gabriel-vasile/mimetype v1.4.3 h1:in2uUcidCuFcDKtdcBxlR0rJ1+fsokWf+uqxgUFjbI0= github.com/gabriel-vasile/mimetype v1.4.3/go.mod h1:d8uq/6HKRL6CGdk+aubisF/M5GcPfT7nKyLpA0lbSSk= -github.com/gavv/httpexpect v2.0.0+incompatible/go.mod h1:x+9tiU1YnrOvnB725RkpoLv1M62hOWzwo5OXotisrKc= github.com/gballet/go-libpcsclite v0.0.0-20190607065134-2772fd86a8ff h1:tY80oXqGNY4FhTFhk+o9oFHGINQ/+vhlm8HFzi6znCI= github.com/gballet/go-libpcsclite v0.0.0-20190607065134-2772fd86a8ff/go.mod h1:x7DCsMOv1taUwEWCzT4cmDeAkigA5/QCwUodaVOe8Ww= -github.com/gballet/go-verkle v0.1.1-0.20231031103413-a67434b50f46 h1:BAIP2GihuqhwdILrV+7GJel5lyPV3u1+PgzrWLc0TkE= -github.com/gballet/go-verkle v0.1.1-0.20231031103413-a67434b50f46/go.mod h1:QNpY22eby74jVhqH4WhDLDwxc/vqsern6pW+u2kbkpc= github.com/getkin/kin-openapi v0.53.0/go.mod h1:7Yn5whZr5kJi6t+kShccXS8ae1APpYTW6yheSwk8Yi4= +github.com/getsentry/sentry-go v0.27.0 h1:Pv98CIbtB3LkMWmXi4Joa5OOcwbmnX88sF5qbK3r3Ps= +github.com/getsentry/sentry-go v0.27.0/go.mod h1:lc76E2QywIyW8WuBnwl8Lc4bkmQH4+w1gwTf25trprY= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= -github.com/gin-contrib/sse v0.0.0-20190301062529-5545eab6dad3/go.mod h1:VJ0WA2NBN22VlZ2dKZQPAPnyWw5XTlK1KymzLKsr59s= -github.com/gin-gonic/gin v1.4.0/go.mod h1:OW2EZn3DO8Ln9oIKOvM++LBO+5UPHJJDH72/q/3rZdM= github.com/gliderlabs/ssh v0.1.1/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0= -github.com/go-check/check v0.0.0-20180628173108-788fd7840127/go.mod h1:9ES+weclKsC9YodN5RgxqK/VD9HM9JsCSh7rNhMZE98= github.com/go-chi/chi v4.1.2+incompatible h1:fGFk2Gmi/YKXk0OmGfBh0WgmN3XB8lVnEyNz34tQRec= github.com/go-chi/chi v4.1.2+incompatible/go.mod h1:eB3wogJHnLi3x/kFX2A+IbTBlXxmMeXJVKy9tTv1XzQ= github.com/go-chi/chi/v5 v5.0.0/go.mod h1:BBug9lr0cqtdAhsu6R4AAdvufI0/XBzAQSsUqJpoZOs= @@ -574,7 +547,6 @@ github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= -github.com/go-martini/martini v0.0.0-20170121215854-22fa46961aab/go.mod h1:/P9AEU963A2AYjv4d1V5eVL1CQbEJq6aCNHDDjibzu8= github.com/go-ole/go-ole v1.2.5/go.mod h1:pprOEPIfldk/42T2oK7lQ4v4JSDwmV0As9GaiUsvbm0= github.com/go-ole/go-ole v1.3.0 h1:Dt6ye7+vXGIKZ7Xtk4s6/xVdGDQynvom7xCFEdWr6uE= github.com/go-ole/go-ole v1.3.0/go.mod h1:5LS6F96DhAwUc7C+1HLexzMXY1xGRSryjyPPKW6zv78= @@ -617,22 +589,16 @@ github.com/go-test/deep v1.1.1/go.mod h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncV github.com/go-yaml/yaml v2.1.0+incompatible/go.mod h1:w2MrLa16VYP0jy6N7M5kHaCkaLENm+P+Tv+MfurjSw0= github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y= github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8= -github.com/gobwas/httphead v0.0.0-20180130184737-2c6c146eadee/go.mod h1:L0fX3K22YWvt/FAX9NnzrNzcI4wNYi9Yku4O0LKYflo= -github.com/gobwas/pool v0.2.0/go.mod h1:q8bcK0KcYlCgd9e7WYLm9LpyS+YeLd8JVDW6WezmKEw= -github.com/gobwas/ws v1.0.2/go.mod h1:szmBTxLgaFppYjEmNtny/v3w89xOydFnnZMcgRRu/EM= github.com/godbus/dbus/v5 v5.0.3/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/godbus/dbus/v5 v5.1.0 h1:4KLkAxT3aOY8Li4FRJe/KvhoNFFxo0m6fNuFUO8QJUk= github.com/godbus/dbus/v5 v5.1.0/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/gofrs/flock v0.12.1 h1:MTLVXXHf8ekldpJk3AKicLij9MdwOWkZ+a/jHHZby9E= github.com/gofrs/flock v0.12.1/go.mod h1:9zxTsyu5xtJ9DK+1tFZyibEV7y3uwDxPPfbxeeHCoD0= -github.com/gogo/googleapis v0.0.0-20180223154316-0cd9801be74a/go.mod h1:gf4bu3Q80BeJ6H1S1vYPm8/ELATdvryBaNFGgqEef3s= github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= -github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/gogo/status v1.1.0/go.mod h1:BFv9nrluPLmrS0EmGVvLaPNmRosr9KapBYd5/hpY1WM= github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg= @@ -672,7 +638,6 @@ github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEW github.com/golang/snappy v0.0.5-0.20220116011046-fa5810519dcb h1:PBC98N2aIaM3XXiurYmW7fx4GZkL8feAMVq7nEjURHk= github.com/golang/snappy v0.0.5-0.20220116011046-fa5810519dcb/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golangci/lint-1 v0.0.0-20181222135242-d2cdd8c08219/go.mod h1:/X8TswGSh1pIozq4ZwCfxS0WA5JGXguxk94ar/4c87Y= -github.com/gomodule/redigo v1.7.1-0.20190724094224-574c33c3df38/go.mod h1:B4C85qUVwatsJoIUNIfCRsp7qO0iAmpGFZ4EELWSbC4= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/cel-go v0.20.1 h1:nDx9r8S3L4pE61eDdt8igGj8rf5kjYR3ILxWIpWNi84= @@ -742,7 +707,6 @@ github.com/gopherjs/gopherjs v0.0.0-20200217142428-fce0ec30dd00/go.mod h1:wJfORR github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So= github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY= github.com/gorilla/mux v1.8.1/go.mod h1:AKf9I4AEqPTmMytcMc0KkNouC66V3BtZ4qD5fmWSiMQ= -github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aNNg= github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE= github.com/graph-gophers/graphql-go v1.3.0 h1:Eb9x/q6MFpCLz7jBCiP/WTxjSDrYLR1QY41SORZyNJ0= @@ -785,14 +749,12 @@ github.com/hashicorp/go-sockaddr v1.0.6/go.mod h1:uoUUmtwU7n9Dv3O4SNLeFvg0SxQ3ly github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-uuid v1.0.1 h1:fv1ep09latC32wFoVwnqcnKJGnMSdBanPczbHAYm1BE= github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= -github.com/hashicorp/go-version v1.2.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v1.0.2 h1:dV3g9Z/unq5DpblPpw+Oqcv4dU/1omnb4Ok8iPY6p1c= github.com/hashicorp/golang-lru v1.0.2/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= github.com/hashicorp/golang-lru/v2 v2.0.7 h1:a+bsQ5rvGLjzHuww6tVxozPZFVghXaHOwFs4luLUK2k= github.com/hashicorp/golang-lru/v2 v2.0.7/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM= -github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= github.com/hashicorp/hcl v1.0.1-vault-5 h1:kI3hhbbyzr4dldA8UdTb7ZlVVlI2DACdCfz31RPDgJM= github.com/hashicorp/hcl v1.0.1-vault-5/go.mod h1:XYhtn6ijBSAj6n4YqAaf7RBPS4I06AItNorpy+MoQNM= github.com/hashicorp/raft v1.6.1 h1:v/jm5fcYHvVkL0akByAp+IDdDSzCNCGhdO6VdB56HIM= @@ -807,22 +769,19 @@ github.com/holiman/billy v0.0.0-20240216141850-2abb0c79d3c4 h1:X4egAf/gcS1zATw6w github.com/holiman/billy v0.0.0-20240216141850-2abb0c79d3c4/go.mod h1:5GuXa7vkL8u9FkFuWdVvfR5ix8hRB7DbOAaYULamFpc= github.com/holiman/bloomfilter/v2 v2.0.3 h1:73e0e/V0tCydx14a0SCYS/EWCxgwLZ18CZcZKVu0fao= github.com/holiman/bloomfilter/v2 v2.0.3/go.mod h1:zpoh+gs7qcpqrHr3dB55AMiJwo0iURXE7ZOP9L9hSkA= -github.com/holiman/uint256 v1.2.4 h1:jUc4Nk8fm9jZabQuqr2JzednajVmBpC+oiTiXZJEApU= -github.com/holiman/uint256 v1.2.4/go.mod h1:EOMSn4q6Nyt9P6efbI3bueV4e1b3dGlUCXeiRV4ng7E= +github.com/holiman/uint256 v1.3.1 h1:JfTzmih28bittyHM8z360dCjIA9dbPIBlcTI6lmctQs= +github.com/holiman/uint256 v1.3.1/go.mod h1:EOMSn4q6Nyt9P6efbI3bueV4e1b3dGlUCXeiRV4ng7E= github.com/howeyc/gopass v0.0.0-20210920133722-c8aef6fb66ef h1:A9HsByNhogrvm9cWb28sjiS3i7tcKCkflWFEkHfuAgM= github.com/howeyc/gopass v0.0.0-20210920133722-c8aef6fb66ef/go.mod h1:lADxMC39cJJqL93Duh1xhAs4I2Zs8mKS89XWXFGp9cs= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= github.com/huin/goupnp v1.3.0 h1:UvLUlWDNpoUdYzb2TCn+MuTWtcjXKSza2n6CBdQ0xXc= github.com/huin/goupnp v1.3.0/go.mod h1:gnGPsThkYa7bFi/KWmEysQRf48l2dvR5bxr2OFckNX8= -github.com/hydrogen18/memlistener v0.0.0-20141126152155-54553eb933fb/go.mod h1:qEIFzExnS6016fRpRfxrExeVn2gbClQA99gQhnIcdhE= github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= -github.com/imkira/go-interpol v1.1.0/go.mod h1:z0h2/2T3XF8kyEPpRgJ3kmNv+C43p+I/CoI+jC3w2iA= github.com/in-toto/in-toto-golang v0.9.0 h1:tHny7ac4KgtsfrG6ybU8gVOZux2H8jN05AXJ9EBM1XU= github.com/in-toto/in-toto-golang v0.9.0/go.mod h1:xsBVrVsHNsB61++S6Dy2vWosKhuA3lUTQd+eF9HdeMo= -github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/influxdata/influxdb-client-go/v2 v2.4.0 h1:HGBfZYStlx3Kqvsv1h2pJixbCl/jhnFtxpKFAv9Tu5k= @@ -907,10 +866,6 @@ github.com/ipld/go-codec-dagpb v1.6.0 h1:9nYazfyu9B1p3NAgfVdpRco3Fs2nFC72DqVsMj6 github.com/ipld/go-codec-dagpb v1.6.0/go.mod h1:ANzFhfP2uMJxRBr8CE+WQWs5UsNa0pYtmKZ+agnUw9s= github.com/ipld/go-ipld-prime v0.21.0 h1:n4JmcpOlPDIxBcY037SVfpd1G+Sj1nKZah0m6QH9C2E= github.com/ipld/go-ipld-prime v0.21.0/go.mod h1:3RLqy//ERg/y5oShXXdx5YIp50cFGOanyMctpPjsvxQ= -github.com/iris-contrib/blackfriday v2.0.0+incompatible/go.mod h1:UzZ2bDEoaSGPbkg6SAB4att1aAwTmVIx/5gCVqeyUdI= -github.com/iris-contrib/go.uuid v2.0.0+incompatible/go.mod h1:iz2lgM/1UnEf1kP0L/+fafWORmlnuysV2EMP8MW+qe0= -github.com/iris-contrib/i18n v0.0.0-20171121225848-987a633949d0/go.mod h1:pMCz62A0xJL6I+umB2YTlFRwWXaDFA0jy+5HzGiJjqI= -github.com/iris-contrib/schema v0.0.1/go.mod h1:urYA3uvUNG1TIIjOSCzHr9/LmbQo8LrOcOqfqxa4hXw= github.com/jackpal/go-nat-pmp v1.0.2 h1:KzKSgb7qkJvOUTqYl9/Hg/me3pWgBmERKrTGD7BdWus= github.com/jackpal/go-nat-pmp v1.0.2/go.mod h1:QPH045xvCAeXUZOxsnwmrtiCoxIr9eob+4orBN1SBKc= github.com/jbenet/go-cienv v0.1.0/go.mod h1:TqNnHUmJgXau0nCzC7kXWeotg3J9W34CUv5Djy1+FlA= @@ -940,25 +895,14 @@ github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1 github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo= github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= -github.com/juju/errors v0.0.0-20181118221551-089d3ea4e4d5/go.mod h1:W54LbzXuIE0boCoNJfwqpmkKJ1O4TCTZMetAt6jGk7Q= -github.com/juju/loggo v0.0.0-20180524022052-584905176618/go.mod h1:vgyd7OREkbtVEN/8IXZe5Ooef3LQePvuBm9UWj6ZL8U= -github.com/juju/testing v0.0.0-20180920084828-472a3e8b2073/go.mod h1:63prj8cnj0tU0S9OHjGJn+b1h0ZghCndfnbQolrYTwA= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= -github.com/k0kubun/colorstring v0.0.0-20150214042306-9440f1994b88/go.mod h1:3w7q1U84EfirKl04SVQ/s7nPm1ZPhiXd34z40TNz36k= -github.com/kataras/golog v0.0.9/go.mod h1:12HJgwBIZFNGL0EJnMRhmvGA0PQGx8VFwrZtM4CqbAk= -github.com/kataras/iris/v12 v12.0.1/go.mod h1:udK4vLQKkdDqMGJJVd/msuMtN6hpYJhg/lSzuxjhO+U= -github.com/kataras/neffos v0.0.10/go.mod h1:ZYmJC07hQPW67eKuzlfY7SO3bC0mw83A3j6im82hfqw= -github.com/kataras/pio v0.0.0-20190103105442-ea782b38602d/go.mod h1:NV88laa9UiiDuX9AhMbDPkGYSPugBOV6yTZB1l2K9Z0= github.com/kedacore/http-add-on v0.7.0 h1:IkUwtuXKxX9SuCR22DUYlSEZsiTYzidMXOYioZllNVE= github.com/kedacore/http-add-on v0.7.0/go.mod h1:9p7l/LYb8hLCqrpFyuSr5C8fiwqlX9/ch8tGDbSGIUA= github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= -github.com/klauspost/compress v1.8.2/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A= -github.com/klauspost/compress v1.9.0/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A= github.com/klauspost/compress v1.17.8 h1:YcnTYrq7MikUT7k0Yb5eceMmALQPYBW/Xltxn0NAMnU= github.com/klauspost/compress v1.17.8/go.mod h1:Di0epgTjJY877eYKx5yC51cX2A2Vl2ibi7bDH9ttBbw= -github.com/klauspost/cpuid v1.2.1/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek= github.com/klauspost/cpuid/v2 v2.2.7 h1:ZWSB3igEs+d0qvnxR/ZBzXVmxkgt8DdzP6m9pfuVLDM= github.com/klauspost/cpuid/v2 v2.2.7/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= @@ -977,7 +921,6 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= -github.com/labstack/echo/v4 v4.1.11/go.mod h1:i541M3Fj6f76NZtHSj7TXnyM8n2gaodfvfxNnFqi74g= github.com/labstack/echo/v4 v4.2.1/go.mod h1:AA49e0DZ8kk5jTOOCKNuPR6oTnBS0dYiM4FW1e6jwpg= github.com/labstack/gommon v0.3.0/go.mod h1:MULnywXg0yavhxWKc+lOruYdAhDwPK9wf0OL7NoOu+k= github.com/leanovate/gopter v0.2.9 h1:fQjYxZaynp97ozCzfOyOuAGOU4aU/z37zf/tOujFk7c= @@ -1033,7 +976,6 @@ github.com/libp2p/go-yamux/v4 v4.0.1/go.mod h1:NWjl8ZTLOGlozrXSOZ/HlfG++39iKNnM5 github.com/libp2p/zeroconf/v2 v2.2.0 h1:Cup06Jv6u81HLhIj1KasuNM/RHHrJ8T7wOTS4+Tv53Q= github.com/libp2p/zeroconf/v2 v2.2.0/go.mod h1:fuJqLnUwZTshS3U/bMRJ3+ow/v9oid1n0DmyYyNO1Xs= github.com/lunixbochs/vtclean v1.0.0/go.mod h1:pHhQNgMf3btfWnGBVipUOjRYhoOsdGqdm/+2c2E2WMI= -github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY= github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0= github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= @@ -1051,7 +993,6 @@ github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA= github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= -github.com/mattn/go-isatty v0.0.7/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ= github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= @@ -1064,12 +1005,8 @@ github.com/mattn/go-runewidth v0.0.3/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzp github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U= github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= -github.com/mattn/goveralls v0.0.2/go.mod h1:8d1ZMHsd7fW6IRPKQh46F2WRpyib5/X4FOpevwGNQEw= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/mediocregopher/mediocre-go-lib v0.0.0-20181029021733-cb65787f37ed/go.mod h1:dSsfyI2zABAdhcbvkXqgxOxrCsbYeHCPgrZkku60dSg= -github.com/mediocregopher/radix/v3 v3.3.0/go.mod h1:EmfVyvspXz1uZEyPBMyGK+kjWiKQGvsUt6O3Pj+LDCQ= github.com/microcosm-cc/bluemonday v1.0.1/go.mod h1:hsXNsILzKxV+sX77C5b8FSuKF00vh2OMYv+xgHpAMF4= -github.com/microcosm-cc/bluemonday v1.0.2/go.mod h1:iVP4YcDBq+n/5fb23BhYFvIMq/leAFZyRl6bYmGDlGc= github.com/miekg/dns v1.1.41/go.mod h1:p6aan82bvRIyn+zDIv9xYNUpwa73JcSh9BKwknJysuI= github.com/miekg/dns v1.1.58 h1:ca2Hdkz+cDg/7eNF6V56jjzuZ4aCAE+DbVkILdQWG/4= github.com/miekg/dns v1.1.58/go.mod h1:Ypv+3b/KadlvW9vJfXOTf300O4UqaHFzFCuHz+rPkBY= @@ -1090,7 +1027,6 @@ github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0= github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0= -github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= @@ -1122,7 +1058,6 @@ github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lN github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= -github.com/moul/http2curl v1.0.0/go.mod h1:8UbvGypXm98wA/IqH45anm5Y2Z6ep6O31QGOAZ3H0fQ= github.com/mozillazg/docker-credential-acr-helper v0.3.0 h1:DVWFZ3/O8BP6Ue3iS/Olw+G07u1hCq1EOVCDZZjCIBI= github.com/mozillazg/docker-credential-acr-helper v0.3.0/go.mod h1:cZlu3tof523ujmLuiNUb6JsjtHcNA70u1jitrrdnuyA= github.com/mr-tron/base58 v1.1.2/go.mod h1:BinMc/sQntlIE1frQmRFPUoPA1Zkr8VRgBdjWI2mNwc= @@ -1160,9 +1095,6 @@ github.com/multiformats/go-varint v0.0.7/go.mod h1:r8PUYw/fD/SjBCiKOoDlGF6QawOEL github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/nats-io/nats.go v1.8.1/go.mod h1:BrFz9vVn0fU3AcH9Vn4Kd7W0NpJ651tD5omQ3M8LwxM= -github.com/nats-io/nkeys v0.0.2/go.mod h1:dab7URMsZm6Z/jp9Z5UGa87Uutgc2mVpXLC4B7TDb/4= -github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c= github.com/neelance/astrewrite v0.0.0-20160511093645-99348263ae86/go.mod h1:kHJEU3ofeGjhHklVoIGuVj85JJwZ6kWPaJwCIxgnFmo= github.com/neelance/sourcemap v0.0.0-20151028013722-8c68805598ab/go.mod h1:Qr6/a/Q4r9LP1IltGz7tA7iOK1WonHEYhu1HRBA7ZiM= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= @@ -1180,7 +1112,6 @@ github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= -github.com/onsi/ginkgo v1.13.0/go.mod h1:+REjRxOmWfHCjfv9TTWB1jD1Frx4XydAD3zm1lskyM0= github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0= github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU= @@ -1216,7 +1147,6 @@ github.com/pbnjay/memory v0.0.0-20210728143218-7b4eea64cf58 h1:onHthvaw9LFnH4t2D github.com/pbnjay/memory v0.0.0-20210728143218-7b4eea64cf58/go.mod h1:DXv8WO4yhMYhSNPKjeNKa5WY9YCIEBRbNzFFPJbWO6Y= github.com/pborman/uuid v1.2.1 h1:+ZZIw58t/ozdjRaXh/3awHfmWRbzYxJoAdNJxe/3pvw= github.com/pborman/uuid v1.2.1/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= -github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= github.com/pelletier/go-toml v1.9.5 h1:4yBQzkHv+7BHq2PQUZF3Mx0IYxG7LsP222s7Agd3ve8= github.com/pelletier/go-toml v1.9.5/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c= github.com/pelletier/go-toml/v2 v2.2.2 h1:aYUidT7k73Pcl9nb2gScu7NSrKCSHIDE89b3+6Wq+LM= @@ -1340,7 +1270,6 @@ github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQD github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/rwcarlsen/goexif v0.0.0-20190401172101-9e8deecbddbd/go.mod h1:hPqNNc0+uJM6H+SuU8sEs5K5IQeKccPqeSjfgcKGgPk= -github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk= github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc= github.com/sagikazarmark/locafero v0.4.0 h1:HApY1R9zGo4DBgr7dqsTH/JJxLTTsOt7u6keLGt6kNQ= @@ -1353,13 +1282,11 @@ github.com/sassoftware/relic v7.2.1+incompatible h1:Pwyh1F3I0r4clFJXkSI8bOyJINGq github.com/sassoftware/relic v7.2.1+incompatible/go.mod h1:CWfAxv73/iLZ17rbyhIEq3K9hs5w6FpNMdUT//qR+zk= github.com/sassoftware/relic/v7 v7.6.2 h1:rS44Lbv9G9eXsukknS4mSjIAuuX+lMq/FnStgmZlUv4= github.com/sassoftware/relic/v7 v7.6.2/go.mod h1:kjmP0IBVkJZ6gXeAu35/KCEfca//+PKM6vTAsyDPY+k= -github.com/sclevine/agouti v3.0.0+incompatible/go.mod h1:b4WX9W9L1sfQKXeJf1mUTLZKJ48R1S7H23Ji7oFO5Bw= github.com/secure-systems-lab/go-securesystemslib v0.8.0 h1:mr5An6X45Kb2nddcFlbmfHkLguCE9laoZCUzEEpIZXA= github.com/secure-systems-lab/go-securesystemslib v0.8.0/go.mod h1:UH2VZVuJfCYR8WgMlCU1uFsOUU+KeyrTWcSS73NBOzU= github.com/segmentio/ksuid v1.0.4 h1:sBo2BdShXjmcugAMwjugoGUdUV0pcxY5mW4xKRn3v4c= github.com/segmentio/ksuid v1.0.4/go.mod h1:/XUiZBD3kVx5SmUOl55voK5yeAbBNNIed+2O73XgrPE= github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= -github.com/sergi/go-diff v1.1.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM= github.com/sergi/go-diff v1.3.1 h1:xkr+Oxo4BOQKmkn/B9eMK0g5Kg/983T9DqqPHwYqD+8= github.com/sergi/go-diff v1.3.1/go.mod h1:aMJSSKb2lpPvRNec0+w3fl7LP9IOFzdc9Pa4NFbPK1I= github.com/shibumi/go-pathspec v1.3.0 h1:QUyMZhFo0Md5B8zV8x2tesohbb5kfbpTi9rBnKh5dkI= @@ -1435,20 +1362,14 @@ github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIK github.com/sourcegraph/syntaxhighlight v0.0.0-20170531221838-bd320f5d308e/go.mod h1:HuIsMU8RRBOtsCgI77wP899iHVBQpCmg4ErYMZB+2IA= github.com/spaolacci/murmur3 v1.1.0 h1:7c1g84S4BPRrfL5Xrdp6fOJ206sU9y293DDHaoy0bLI= github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= -github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8= github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY= -github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= github.com/spf13/cast v1.6.0 h1:GEiTHELF+vaR5dhz3VqZfFSzZjYbgeKDpBxQVS4GYJ0= github.com/spf13/cast v1.6.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= -github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU= github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM= github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y= -github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= -github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= -github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= github.com/spf13/viper v1.19.0 h1:RWq5SEjt8o25SROyN3z2OrDB9l7RPd3lwTWU8EcEdcI= github.com/spf13/viper v1.19.0/go.mod h1:GQUN9bilAbhU/jgc1bKs99f/suXKeUMct8Adx5+Ntkg= github.com/spiffe/go-spiffe/v2 v2.3.0 h1:g2jYNb/PDMB8I7mBGL2Zuq/Ur6hUhoroxGQFyD6tTj8= @@ -1520,20 +1441,15 @@ github.com/tyler-smith/go-bip39 v1.1.0 h1:5eUemwrMargf3BSLRRCalXT93Ns6pQJIjYQN2n github.com/tyler-smith/go-bip39 v1.1.0/go.mod h1:gUYDtqQw1JS3ZJ8UWVcGTGqqr6YIN3CWg+kkNaLt55U= github.com/ucarion/urlpath v0.0.0-20200424170820-7ccc79b76bbb h1:Ywfo8sUltxogBpFuMOFRrrSifO788kAFxmvVw31PtQQ= github.com/ucarion/urlpath v0.0.0-20200424170820-7ccc79b76bbb/go.mod h1:ikPs9bRWicNw3S7XpJ8sK/smGwU9WcSVU3dy9qahYBM= -github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= -github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= github.com/ugorji/go/codec v1.2.12 h1:9LC83zGrHhuUA9l16C9AHXAqEV/2wBQ4nkvumAE65EE= github.com/ugorji/go/codec v1.2.12/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg= github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/urfave/cli v1.22.10/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/urfave/cli/v2 v2.25.7 h1:VAzn5oq403l5pHjc4OhD54+XGO9cdKVL/7lDjF+iKUs= github.com/urfave/cli/v2 v2.25.7/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ= -github.com/urfave/negroni v1.0.0/go.mod h1:Meg73S6kFm/4PpbYdq35yYWoCZ9mS/YSx+lKnmiohz4= github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= -github.com/valyala/fasthttp v1.6.0/go.mod h1:FstJa9V+Pj9vQ7OJie2qMHdwemEDaDiSdBnvPM1Su9w= github.com/valyala/fasttemplate v1.0.1/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8= github.com/valyala/fasttemplate v1.2.1/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+qRAEEKiv+SiQ= -github.com/valyala/tcplisten v0.0.0-20161114210144-ceec8f93295a/go.mod h1:v3UYOV9WzVtRmSR+PDvWpU/qWl4Wa5LApYYX4ZtKbio= github.com/vbatts/tar-split v0.11.5 h1:3bHCTIheBm1qFTcgh9oPu+nNBtX+XJIupG/vacinCts= github.com/vbatts/tar-split v0.11.5/go.mod h1:yZbwRsSeGjusneWgA781EKej9HF8vme8okylkAeNKLk= github.com/viant/assertly v0.4.8/go.mod h1:aGifi++jvCrUaklKEKT0BU95igDNaqkvz+49uaYMPRU= @@ -1563,16 +1479,12 @@ github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/xanzy/go-gitlab v0.107.0 h1:P2CT9Uy9yN9lJo3FLxpMZ4xj6uWcpnigXsjvqJ6nd2Y= github.com/xanzy/go-gitlab v0.107.0/go.mod h1:wKNKh3GkYDMOsGmnfuX+ITCmDuSDWFO0G+C4AygL9RY= -github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb h1:zGWFAtiMcyryUHoUjUJX0/lt1H2+i2Ka2n+D3DImSNo= github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 h1:EzJWgHovont7NscjpAxXsDA8S8BMYve8Y5+7cuRE7R0= github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= -github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= -github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 h1:bAn7/zixMGCfxrRTfdpNzjtPYqr8smhKouy9mxVdGPU= github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8= -github.com/yalp/jsonpath v0.0.0-20180802001716-5cc68e5049a0/go.mod h1:/LWChgwKmvncFJFHJ7Gvn9wZArjbV5/FppcK2fKk/tI= github.com/yashtewari/glob-intersection v0.2.0 h1:8iuHdN88yYuCzCdjt0gDe+6bAhUwBeEWqThExu54RFg= github.com/yashtewari/glob-intersection v0.2.0/go.mod h1:LK7pIC3piUjovexikBbJ26Yml7g8xa5bsjfx2v1fwok= github.com/ysmood/fetchup v0.2.3 h1:ulX+SonA0Vma5zUFXtv52Kzip/xe7aj4vqT5AJwQ+ZQ= @@ -1587,9 +1499,6 @@ github.com/ysmood/leakless v0.9.0 h1:qxCG5VirSBvmi3uynXFkcnLMzkphdh3xx5FtrORwDCU github.com/ysmood/leakless v0.9.0/go.mod h1:R8iAXPRaG97QJwqxs74RdwzcRHT1SWCGTNqY8q0JvMQ= github.com/yuchanns/srslog v1.1.0 h1:CEm97Xxxd8XpJThE0gc/XsqUGgPufh5u5MUjC27/KOk= github.com/yuchanns/srslog v1.1.0/go.mod h1:HsLjdv3XV02C3kgBW2bTyW6i88OQE+VYJZIxrPKPPak= -github.com/yudai/gojsondiff v1.0.0/go.mod h1:AY32+k2cwILAkW1fbgxQ5mUmMiZFgLIV+FBNExI05xg= -github.com/yudai/golcs v0.0.0-20170316035057-ecda9a501e82/go.mod h1:lgjkn3NuSvDfVJdfcVVdX+jpBxNmX4rDAzaS45IcYoM= -github.com/yudai/pp v2.0.1+incompatible/go.mod h1:PuxR/8QJ7cyCkFp/aUDS+JY727OFEZkTdatxwunjIkc= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.1.30/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -1640,7 +1549,6 @@ go.opentelemetry.io/proto/otlp v1.3.1 h1:TrMUixzpM0yuc/znrFTP9MMRh8trP93mkCiDVeX go.opentelemetry.io/proto/otlp v1.3.1/go.mod h1:0X1WI4de4ZsLrrJNLAQbFeLCm3T7yBkR0XqQ7niQU+8= go.step.sm/crypto v0.51.1 h1:ktUg/2hetEMiBAqgz502ktZDGoDoGrcHFg3XpkmkvvA= go.step.sm/crypto v0.51.1/go.mod h1:PdrhttNU/tG9/YsVd4fdlysBN+UV503p0o2irFZQlAw= -go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= go.uber.org/dig v1.17.1 h1:Tga8Lz8PcYNsWsyHMZ1Vm0OQOUaJNDyvPImgbAu9YSc= @@ -1652,13 +1560,11 @@ go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/mock v0.4.0 h1:VcM4ZOtdbR4f6VXfiOpwpVJDL6lCReaZ6mw31wqh7KU= go.uber.org/mock v0.4.0/go.mod h1:a6FSlNadKUHUa9IP5Vyt1zh4fC7uAwxMutEAscFbkZc= -go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= go.uber.org/multierr v1.5.0/go.mod h1:FeouvMocqHpRaaGuG9EjoKcStLC43Zu/fmqdUMPcKYU= go.uber.org/multierr v1.6.0/go.mod h1:cdWPpRnG4AhwMwsgIHip0KRBQjJy5kYEpYjJxpXp9iU= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA= -go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.16.0/go.mod h1:MA8QOfq0BHJwdXa996Y4dYkAqRKB8/1K1QMMZVaNZjQ= go.uber.org/zap v1.19.1/go.mod h1:j3DNczoxDZroyBnOT1L/Q79cfUMGZxlv/9dzN7SM1rI= go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= @@ -1670,13 +1576,11 @@ go4.org v0.0.0-20230225012048-214862532bf5/go.mod h1:F57wTi5Lrj6WLyswp5EYV1ncrEb golang.org/x/build v0.0.0-20190111050920-041ab4dc3f9d/go.mod h1:OWs+y06UdEOHN4y+MfF/py+xQ/tYqIWW03b70/CG9Rw= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20181030102418-4d3f4d9ffa16/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190313024323-a1f597ede03a/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191219195013-becbf705a915/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200510223506-06a226fb4e37/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= @@ -1743,12 +1647,10 @@ golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73r golang.org/x/net v0.0.0-20181029044818-c44066c5c816/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181106065722-10aee1819953/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190313220215-9f648a60d977/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190327091125-710a502c58a2/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= @@ -1756,7 +1658,6 @@ golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200222125558-5a598a2470a0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= @@ -1819,7 +1720,6 @@ golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5h golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181029174526-d69651ed3497/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -1830,7 +1730,6 @@ golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190626221950-04f50cda93cb/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -1848,7 +1747,6 @@ golang.org/x/sys v0.0.0-20200217220822-9197077df867/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200509044756-6aff5f38e54f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200602225109-6fdc65e7d980/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200728102440-3e129f6d46b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200826173525-f9321e4c35a6/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -1884,6 +1782,7 @@ golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= @@ -1936,13 +1835,11 @@ golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGm golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181030000716-a0a13e073c7b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20181221001348-537d06c36207/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190327201419-c70d86f8b7cf/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= @@ -2005,7 +1902,6 @@ google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7 google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/genproto v0.0.0-20180518175338-11a468237815/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20180831171423-11092d34479b/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20181029155118-b69ba1387ce2/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= @@ -2030,7 +1926,6 @@ google.golang.org/genproto/googleapis/api v0.0.0-20240725223205-93522f1f2a9f h1: google.golang.org/genproto/googleapis/api v0.0.0-20240725223205-93522f1f2a9f/go.mod h1:AHT0dDg3SoMOgZGnZk29b5xTbPHMoEC8qthmBLJCpys= google.golang.org/genproto/googleapis/rpc v0.0.0-20240730163845-b1a4ccb954bf h1:liao9UHurZLtiEwBgT9LMOnKYsHze6eA6w1KQCMVN2Q= google.golang.org/genproto/googleapis/rpc v0.0.0-20240730163845-b1a4ccb954bf/go.mod h1:Ue6ibwXGpU+dqIcODieyLOcgj7z8+IcskoNIgZxtrFY= -google.golang.org/grpc v1.12.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= google.golang.org/grpc v1.16.0/go.mod h1:0JHn/cJsOMiMfNA9+DeHDlAU7KAAB5GDlYFpa9MZMio= google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= @@ -2042,7 +1937,6 @@ google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQ google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.27.1/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -google.golang.org/grpc v1.29.1/go.mod h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk= google.golang.org/grpc v1.31.0/go.mod h1:N36X2cJ7JwdamYAgDz+s+rVMFjt3numwzf/HckM8pak= google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc= google.golang.org/grpc v1.65.0 h1:bs/cUb4lp1G5iImFFd3u5ixQzweKizoZJAwBNLR42lc= @@ -2073,14 +1967,11 @@ gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4= gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= -gopkg.in/go-playground/assert.v1 v1.2.1/go.mod h1:9RXL0bg/zibRAgZUYszZSwO/z8Y/a8bDuhia5mkpMnE= -gopkg.in/go-playground/validator.v8 v8.18.2/go.mod h1:RX2a/7Ha8BgOhfk7j780h4/u/RRjR0eouCJSH80/M2Y= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/ini.v1 v1.56.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.67.0 h1:Dgnx+6+nfE+IfzjUEISNeydPJh9AXNNsWbGP9KzCsOA= gopkg.in/ini.v1 v1.67.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= -gopkg.in/mgo.v2 v2.0.0-20180705113604-9856a29383ce/go.mod h1:yeKp02qBN3iKW1OzL3MGk2IdtZzaj7SFntXj72NppTA= gopkg.in/natefinch/lumberjack.v2 v2.2.1 h1:bBRl1b0OH9s/DuPhuXpNl+VtCaJXFZ5/uEFST95x9zc= gopkg.in/natefinch/lumberjack.v2 v2.2.1/go.mod h1:YD8tP3GAjkrDg1eZH7EGmyESg/lsYskCTPBJVb9jqSc= gopkg.in/square/go-jose.v2 v2.6.0 h1:NGk74WTnPKBNUhNzQX7PYcTLUjoq7mzKk2OKbvwk2iI= diff --git a/pkg/abi/IERC20.abi.go b/pkg/abi/IERC20.abi.go index 1ed492ae..31ac79fa 100644 --- a/pkg/abi/IERC20.abi.go +++ b/pkg/abi/IERC20.abi.go @@ -31,7 +31,7 @@ var ( // IERC20MetaData contains all meta data concerning the IERC20 contract. var IERC20MetaData = &bind.MetaData{ - ABI: "[{\"type\":\"function\",\"name\":\"allowance\",\"inputs\":[{\"name\":\"owner\",\"type\":\"address\",\"internalType\":\"address\"},{\"name\":\"spender\",\"type\":\"address\",\"internalType\":\"address\"}],\"outputs\":[{\"name\":\"\",\"type\":\"uint256\",\"internalType\":\"uint256\"}],\"stateMutability\":\"view\"},{\"type\":\"function\",\"name\":\"approve\",\"inputs\":[{\"name\":\"spender\",\"type\":\"address\",\"internalType\":\"address\"},{\"name\":\"amount\",\"type\":\"uint256\",\"internalType\":\"uint256\"}],\"outputs\":[{\"name\":\"\",\"type\":\"bool\",\"internalType\":\"bool\"}],\"stateMutability\":\"nonpayable\"},{\"type\":\"function\",\"name\":\"balanceOf\",\"inputs\":[{\"name\":\"account\",\"type\":\"address\",\"internalType\":\"address\"}],\"outputs\":[{\"name\":\"\",\"type\":\"uint256\",\"internalType\":\"uint256\"}],\"stateMutability\":\"view\"},{\"type\":\"function\",\"name\":\"decimals\",\"inputs\":[],\"outputs\":[{\"name\":\"\",\"type\":\"uint8\",\"internalType\":\"uint8\"}],\"stateMutability\":\"view\"},{\"type\":\"function\",\"name\":\"name\",\"inputs\":[],\"outputs\":[{\"name\":\"\",\"type\":\"string\",\"internalType\":\"string\"}],\"stateMutability\":\"view\"},{\"type\":\"function\",\"name\":\"symbol\",\"inputs\":[],\"outputs\":[{\"name\":\"\",\"type\":\"string\",\"internalType\":\"string\"}],\"stateMutability\":\"view\"},{\"type\":\"function\",\"name\":\"totalSupply\",\"inputs\":[],\"outputs\":[{\"name\":\"\",\"type\":\"uint256\",\"internalType\":\"uint256\"}],\"stateMutability\":\"view\"},{\"type\":\"function\",\"name\":\"transfer\",\"inputs\":[{\"name\":\"to\",\"type\":\"address\",\"internalType\":\"address\"},{\"name\":\"amount\",\"type\":\"uint256\",\"internalType\":\"uint256\"}],\"outputs\":[{\"name\":\"\",\"type\":\"bool\",\"internalType\":\"bool\"}],\"stateMutability\":\"nonpayable\"},{\"type\":\"function\",\"name\":\"transferFrom\",\"inputs\":[{\"name\":\"from\",\"type\":\"address\",\"internalType\":\"address\"},{\"name\":\"to\",\"type\":\"address\",\"internalType\":\"address\"},{\"name\":\"amount\",\"type\":\"uint256\",\"internalType\":\"uint256\"}],\"outputs\":[{\"name\":\"\",\"type\":\"bool\",\"internalType\":\"bool\"}],\"stateMutability\":\"nonpayable\"},{\"type\":\"event\",\"name\":\"Approval\",\"inputs\":[{\"name\":\"owner\",\"type\":\"address\",\"indexed\":true,\"internalType\":\"address\"},{\"name\":\"spender\",\"type\":\"address\",\"indexed\":true,\"internalType\":\"address\"},{\"name\":\"value\",\"type\":\"uint256\",\"indexed\":false,\"internalType\":\"uint256\"}],\"anonymous\":false},{\"type\":\"event\",\"name\":\"Transfer\",\"inputs\":[{\"name\":\"from\",\"type\":\"address\",\"indexed\":true,\"internalType\":\"address\"},{\"name\":\"to\",\"type\":\"address\",\"indexed\":true,\"internalType\":\"address\"},{\"name\":\"value\",\"type\":\"uint256\",\"indexed\":false,\"internalType\":\"uint256\"}],\"anonymous\":false}]", + ABI: "[{\"type\":\"function\",\"name\":\"allowance\",\"inputs\":[{\"name\":\"owner\",\"type\":\"address\",\"internalType\":\"address\"},{\"name\":\"spender\",\"type\":\"address\",\"internalType\":\"address\"}],\"outputs\":[{\"name\":\"\",\"type\":\"uint256\",\"internalType\":\"uint256\"}],\"stateMutability\":\"view\"},{\"type\":\"function\",\"name\":\"approve\",\"inputs\":[{\"name\":\"spender\",\"type\":\"address\",\"internalType\":\"address\"},{\"name\":\"value\",\"type\":\"uint256\",\"internalType\":\"uint256\"}],\"outputs\":[{\"name\":\"\",\"type\":\"bool\",\"internalType\":\"bool\"}],\"stateMutability\":\"nonpayable\"},{\"type\":\"function\",\"name\":\"balanceOf\",\"inputs\":[{\"name\":\"account\",\"type\":\"address\",\"internalType\":\"address\"}],\"outputs\":[{\"name\":\"\",\"type\":\"uint256\",\"internalType\":\"uint256\"}],\"stateMutability\":\"view\"},{\"type\":\"function\",\"name\":\"totalSupply\",\"inputs\":[],\"outputs\":[{\"name\":\"\",\"type\":\"uint256\",\"internalType\":\"uint256\"}],\"stateMutability\":\"view\"},{\"type\":\"function\",\"name\":\"transfer\",\"inputs\":[{\"name\":\"to\",\"type\":\"address\",\"internalType\":\"address\"},{\"name\":\"value\",\"type\":\"uint256\",\"internalType\":\"uint256\"}],\"outputs\":[{\"name\":\"\",\"type\":\"bool\",\"internalType\":\"bool\"}],\"stateMutability\":\"nonpayable\"},{\"type\":\"function\",\"name\":\"transferFrom\",\"inputs\":[{\"name\":\"from\",\"type\":\"address\",\"internalType\":\"address\"},{\"name\":\"to\",\"type\":\"address\",\"internalType\":\"address\"},{\"name\":\"value\",\"type\":\"uint256\",\"internalType\":\"uint256\"}],\"outputs\":[{\"name\":\"\",\"type\":\"bool\",\"internalType\":\"bool\"}],\"stateMutability\":\"nonpayable\"},{\"type\":\"event\",\"name\":\"Approval\",\"inputs\":[{\"name\":\"owner\",\"type\":\"address\",\"indexed\":true,\"internalType\":\"address\"},{\"name\":\"spender\",\"type\":\"address\",\"indexed\":true,\"internalType\":\"address\"},{\"name\":\"value\",\"type\":\"uint256\",\"indexed\":false,\"internalType\":\"uint256\"}],\"anonymous\":false},{\"type\":\"event\",\"name\":\"Transfer\",\"inputs\":[{\"name\":\"from\",\"type\":\"address\",\"indexed\":true,\"internalType\":\"address\"},{\"name\":\"to\",\"type\":\"address\",\"indexed\":true,\"internalType\":\"address\"},{\"name\":\"value\",\"type\":\"uint256\",\"indexed\":false,\"internalType\":\"uint256\"}],\"anonymous\":false}]", } // IERC20ABI is the input ABI used to generate the binding from. @@ -242,99 +242,6 @@ func (_IERC20 *IERC20CallerSession) BalanceOf(account common.Address) (*big.Int, return _IERC20.Contract.BalanceOf(&_IERC20.CallOpts, account) } -// Decimals is a free data retrieval call binding the contract method 0x313ce567. -// -// Solidity: function decimals() view returns(uint8) -func (_IERC20 *IERC20Caller) Decimals(opts *bind.CallOpts) (uint8, error) { - var out []interface{} - err := _IERC20.contract.Call(opts, &out, "decimals") - - if err != nil { - return *new(uint8), err - } - - out0 := *abi.ConvertType(out[0], new(uint8)).(*uint8) - - return out0, err - -} - -// Decimals is a free data retrieval call binding the contract method 0x313ce567. -// -// Solidity: function decimals() view returns(uint8) -func (_IERC20 *IERC20Session) Decimals() (uint8, error) { - return _IERC20.Contract.Decimals(&_IERC20.CallOpts) -} - -// Decimals is a free data retrieval call binding the contract method 0x313ce567. -// -// Solidity: function decimals() view returns(uint8) -func (_IERC20 *IERC20CallerSession) Decimals() (uint8, error) { - return _IERC20.Contract.Decimals(&_IERC20.CallOpts) -} - -// Name is a free data retrieval call binding the contract method 0x06fdde03. -// -// Solidity: function name() view returns(string) -func (_IERC20 *IERC20Caller) Name(opts *bind.CallOpts) (string, error) { - var out []interface{} - err := _IERC20.contract.Call(opts, &out, "name") - - if err != nil { - return *new(string), err - } - - out0 := *abi.ConvertType(out[0], new(string)).(*string) - - return out0, err - -} - -// Name is a free data retrieval call binding the contract method 0x06fdde03. -// -// Solidity: function name() view returns(string) -func (_IERC20 *IERC20Session) Name() (string, error) { - return _IERC20.Contract.Name(&_IERC20.CallOpts) -} - -// Name is a free data retrieval call binding the contract method 0x06fdde03. -// -// Solidity: function name() view returns(string) -func (_IERC20 *IERC20CallerSession) Name() (string, error) { - return _IERC20.Contract.Name(&_IERC20.CallOpts) -} - -// Symbol is a free data retrieval call binding the contract method 0x95d89b41. -// -// Solidity: function symbol() view returns(string) -func (_IERC20 *IERC20Caller) Symbol(opts *bind.CallOpts) (string, error) { - var out []interface{} - err := _IERC20.contract.Call(opts, &out, "symbol") - - if err != nil { - return *new(string), err - } - - out0 := *abi.ConvertType(out[0], new(string)).(*string) - - return out0, err - -} - -// Symbol is a free data retrieval call binding the contract method 0x95d89b41. -// -// Solidity: function symbol() view returns(string) -func (_IERC20 *IERC20Session) Symbol() (string, error) { - return _IERC20.Contract.Symbol(&_IERC20.CallOpts) -} - -// Symbol is a free data retrieval call binding the contract method 0x95d89b41. -// -// Solidity: function symbol() view returns(string) -func (_IERC20 *IERC20CallerSession) Symbol() (string, error) { - return _IERC20.Contract.Symbol(&_IERC20.CallOpts) -} - // TotalSupply is a free data retrieval call binding the contract method 0x18160ddd. // // Solidity: function totalSupply() view returns(uint256) @@ -368,65 +275,65 @@ func (_IERC20 *IERC20CallerSession) TotalSupply() (*big.Int, error) { // Approve is a paid mutator transaction binding the contract method 0x095ea7b3. // -// Solidity: function approve(address spender, uint256 amount) returns(bool) -func (_IERC20 *IERC20Transactor) Approve(opts *bind.TransactOpts, spender common.Address, amount *big.Int) (*types.Transaction, error) { - return _IERC20.contract.Transact(opts, "approve", spender, amount) +// Solidity: function approve(address spender, uint256 value) returns(bool) +func (_IERC20 *IERC20Transactor) Approve(opts *bind.TransactOpts, spender common.Address, value *big.Int) (*types.Transaction, error) { + return _IERC20.contract.Transact(opts, "approve", spender, value) } // Approve is a paid mutator transaction binding the contract method 0x095ea7b3. // -// Solidity: function approve(address spender, uint256 amount) returns(bool) -func (_IERC20 *IERC20Session) Approve(spender common.Address, amount *big.Int) (*types.Transaction, error) { - return _IERC20.Contract.Approve(&_IERC20.TransactOpts, spender, amount) +// Solidity: function approve(address spender, uint256 value) returns(bool) +func (_IERC20 *IERC20Session) Approve(spender common.Address, value *big.Int) (*types.Transaction, error) { + return _IERC20.Contract.Approve(&_IERC20.TransactOpts, spender, value) } // Approve is a paid mutator transaction binding the contract method 0x095ea7b3. // -// Solidity: function approve(address spender, uint256 amount) returns(bool) -func (_IERC20 *IERC20TransactorSession) Approve(spender common.Address, amount *big.Int) (*types.Transaction, error) { - return _IERC20.Contract.Approve(&_IERC20.TransactOpts, spender, amount) +// Solidity: function approve(address spender, uint256 value) returns(bool) +func (_IERC20 *IERC20TransactorSession) Approve(spender common.Address, value *big.Int) (*types.Transaction, error) { + return _IERC20.Contract.Approve(&_IERC20.TransactOpts, spender, value) } // Transfer is a paid mutator transaction binding the contract method 0xa9059cbb. // -// Solidity: function transfer(address to, uint256 amount) returns(bool) -func (_IERC20 *IERC20Transactor) Transfer(opts *bind.TransactOpts, to common.Address, amount *big.Int) (*types.Transaction, error) { - return _IERC20.contract.Transact(opts, "transfer", to, amount) +// Solidity: function transfer(address to, uint256 value) returns(bool) +func (_IERC20 *IERC20Transactor) Transfer(opts *bind.TransactOpts, to common.Address, value *big.Int) (*types.Transaction, error) { + return _IERC20.contract.Transact(opts, "transfer", to, value) } // Transfer is a paid mutator transaction binding the contract method 0xa9059cbb. // -// Solidity: function transfer(address to, uint256 amount) returns(bool) -func (_IERC20 *IERC20Session) Transfer(to common.Address, amount *big.Int) (*types.Transaction, error) { - return _IERC20.Contract.Transfer(&_IERC20.TransactOpts, to, amount) +// Solidity: function transfer(address to, uint256 value) returns(bool) +func (_IERC20 *IERC20Session) Transfer(to common.Address, value *big.Int) (*types.Transaction, error) { + return _IERC20.Contract.Transfer(&_IERC20.TransactOpts, to, value) } // Transfer is a paid mutator transaction binding the contract method 0xa9059cbb. // -// Solidity: function transfer(address to, uint256 amount) returns(bool) -func (_IERC20 *IERC20TransactorSession) Transfer(to common.Address, amount *big.Int) (*types.Transaction, error) { - return _IERC20.Contract.Transfer(&_IERC20.TransactOpts, to, amount) +// Solidity: function transfer(address to, uint256 value) returns(bool) +func (_IERC20 *IERC20TransactorSession) Transfer(to common.Address, value *big.Int) (*types.Transaction, error) { + return _IERC20.Contract.Transfer(&_IERC20.TransactOpts, to, value) } // TransferFrom is a paid mutator transaction binding the contract method 0x23b872dd. // -// Solidity: function transferFrom(address from, address to, uint256 amount) returns(bool) -func (_IERC20 *IERC20Transactor) TransferFrom(opts *bind.TransactOpts, from common.Address, to common.Address, amount *big.Int) (*types.Transaction, error) { - return _IERC20.contract.Transact(opts, "transferFrom", from, to, amount) +// Solidity: function transferFrom(address from, address to, uint256 value) returns(bool) +func (_IERC20 *IERC20Transactor) TransferFrom(opts *bind.TransactOpts, from common.Address, to common.Address, value *big.Int) (*types.Transaction, error) { + return _IERC20.contract.Transact(opts, "transferFrom", from, to, value) } // TransferFrom is a paid mutator transaction binding the contract method 0x23b872dd. // -// Solidity: function transferFrom(address from, address to, uint256 amount) returns(bool) -func (_IERC20 *IERC20Session) TransferFrom(from common.Address, to common.Address, amount *big.Int) (*types.Transaction, error) { - return _IERC20.Contract.TransferFrom(&_IERC20.TransactOpts, from, to, amount) +// Solidity: function transferFrom(address from, address to, uint256 value) returns(bool) +func (_IERC20 *IERC20Session) TransferFrom(from common.Address, to common.Address, value *big.Int) (*types.Transaction, error) { + return _IERC20.Contract.TransferFrom(&_IERC20.TransactOpts, from, to, value) } // TransferFrom is a paid mutator transaction binding the contract method 0x23b872dd. // -// Solidity: function transferFrom(address from, address to, uint256 amount) returns(bool) -func (_IERC20 *IERC20TransactorSession) TransferFrom(from common.Address, to common.Address, amount *big.Int) (*types.Transaction, error) { - return _IERC20.Contract.TransferFrom(&_IERC20.TransactOpts, from, to, amount) +// Solidity: function transferFrom(address from, address to, uint256 value) returns(bool) +func (_IERC20 *IERC20TransactorSession) TransferFrom(from common.Address, to common.Address, value *big.Int) (*types.Transaction, error) { + return _IERC20.Contract.TransferFrom(&_IERC20.TransactOpts, from, to, value) } // IERC20ApprovalIterator is returned from FilterApproval and is used to iterate over the raw logs and unpacked data for Approval events raised by the IERC20 contract. diff --git a/pkg/abi/generate.go b/pkg/abi/generate.go index 9dc44a5e..c8da011d 100644 --- a/pkg/abi/generate.go +++ b/pkg/abi/generate.go @@ -1,7 +1,7 @@ // SPDX-License-Identifier: GPL-3.0 // Dependencies: -// - github.com/ethereum/go-ethereum/cmd/abigen@v1.13.3 +// - github.com/ethereum/go-ethereum/cmd/abigen@v1.14.9 // - forge build ran in ../../contracts //go:generate abigen --pkg abi --type MockToken --out ./MockToken.abi.go --abi ../../contracts/out/MockToken.sol/MockToken.abi.json diff --git a/pkg/kubernetes/namespaces.go b/pkg/kubernetes/namespaces.go index fd1b8a1e..c4d3224d 100644 --- a/pkg/kubernetes/namespaces.go +++ b/pkg/kubernetes/namespaces.go @@ -40,7 +40,7 @@ func NewTrustedPodsNamespace(name string, pod *pb.Pod, paymentChannel *pb.Paymen }, } // force container image verification - if pod.VerificationSettings.ForcePolicy { + if pod.VerificationSettings.GetForcePolicy() { log.Println("Image verification is Set") namespace.Labels[SigstorePolicy] = "true" } diff --git a/pkg/kubernetes/pods.go b/pkg/kubernetes/pods.go index 4ecd6c80..2a45988c 100644 --- a/pkg/kubernetes/pods.go +++ b/pkg/kubernetes/pods.go @@ -118,6 +118,9 @@ func ApplyPodRequest( Args: container.Command, WorkingDir: container.WorkingDir, } + if container.GetImage().GetCid() == nil { + containerSpec.ImagePullPolicy = corev1.PullIfNotPresent // HACK: Allow URL-only images for easier testing + } if podManifest.KeyPair != nil { // save as hex to parse later as hex @@ -292,7 +295,7 @@ func ApplyPodRequest( } podTemplate.Spec.Volumes = append(podTemplate.Spec.Volumes, volumeSpec) } - + if podManifest.VerificationSettings.GetPublicVerifiability() == true { verificationHost := podManifest.VerificationSettings.GetVerificationHost() if verificationHost == "" && len(httpSO.Spec.Hosts) > 0 { @@ -352,6 +355,10 @@ func ApplyPodRequest( AnnotationVerificationInfo: string(annotationValuesJson), } + if httpSO.Spec.ScaleTargetRef.Service == "" { // No scaler configured - just deploy min replicas + startupReplicas = int32(podManifest.Replicas.GetMin()) + } + err = updateOrCreate(ctx, deploymentName, "Deployment", namespace, deployment, client, update) if err != nil { return err @@ -404,6 +411,12 @@ func convertResourceList(resources []*pb.Resource) corev1.ResourceList { quantity = *resource.NewQuantity(int64(q.Amount), resource.BinarySI) case *pb.Resource_AmountMillis: quantity = *resource.NewMilliQuantity(int64(q.AmountMillis), resource.BinarySI) + case *pb.Resource_AmountKibi: + quantity = *resource.NewQuantity(int64(q.AmountKibi) * 1024, resource.BinarySI) + case *pb.Resource_AmountMebi: + quantity = *resource.NewQuantity(int64(q.AmountMebi) * 1024 * 1024, resource.BinarySI) + case *pb.Resource_AmountGibi: + quantity = *resource.NewQuantity(int64(q.AmountGibi) * 1024 * 1024 * 1024, resource.BinarySI) } result[corev1.ResourceName(res.Resource)] = quantity } diff --git a/pkg/proto-ts/pod_pb.ts b/pkg/proto-ts/pod_pb.ts index f56b22af..23834532 100644 --- a/pkg/proto-ts/pod_pb.ts +++ b/pkg/proto-ts/pod_pb.ts @@ -667,10 +667,36 @@ export class Resource extends Message { case: "amount"; } | { /** + * /1000 + * * @generated from field: uint64 amountMillis = 3; */ value: bigint; case: "amountMillis"; + } | { + /** + * *1024 + * + * @generated from field: uint64 amountKibi = 4; + */ + value: bigint; + case: "amountKibi"; + } | { + /** + * *1024^2 + * + * @generated from field: uint64 amountMebi = 5; + */ + value: bigint; + case: "amountMebi"; + } | { + /** + * *1024^3 + * + * @generated from field: uint64 amountGibi = 6; + */ + value: bigint; + case: "amountGibi"; } | { case: undefined; value?: undefined } = { case: undefined }; constructor(data?: PartialMessage) { @@ -684,6 +710,9 @@ export class Resource extends Message { { no: 1, name: "resource", kind: "scalar", T: 9 /* ScalarType.STRING */ }, { no: 2, name: "amount", kind: "scalar", T: 4 /* ScalarType.UINT64 */, oneof: "quantity" }, { no: 3, name: "amountMillis", kind: "scalar", T: 4 /* ScalarType.UINT64 */, oneof: "quantity" }, + { no: 4, name: "amountKibi", kind: "scalar", T: 4 /* ScalarType.UINT64 */, oneof: "quantity" }, + { no: 5, name: "amountMebi", kind: "scalar", T: 4 /* ScalarType.UINT64 */, oneof: "quantity" }, + { no: 6, name: "amountGibi", kind: "scalar", T: 4 /* ScalarType.UINT64 */, oneof: "quantity" }, ]); static fromBinary(bytes: Uint8Array, options?: Partial): Resource { diff --git a/pkg/proto/deployment.pb.go b/pkg/proto/deployment.pb.go index 0c18f9d3..620b51af 100644 --- a/pkg/proto/deployment.pb.go +++ b/pkg/proto/deployment.pb.go @@ -399,8 +399,8 @@ var file_deployment_proto_rawDesc = []byte{ 0x0a, 0x10, 0x64, 0x65, 0x70, 0x6c, 0x6f, 0x79, 0x6d, 0x65, 0x6e, 0x74, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x12, 0x1c, 0x61, 0x70, 0x6f, 0x63, 0x72, 0x79, 0x70, 0x68, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2e, 0x76, 0x30, 0x2e, 0x64, 0x65, 0x70, 0x6c, 0x6f, 0x79, 0x6d, 0x65, 0x6e, 0x74, - 0x1a, 0x13, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2d, 0x70, 0x6f, 0x64, 0x2e, - 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x09, 0x70, 0x6f, 0x64, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, + 0x1a, 0x09, 0x70, 0x6f, 0x64, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x1a, 0x13, 0x70, 0x72, 0x6f, + 0x76, 0x69, 0x73, 0x69, 0x6f, 0x6e, 0x2d, 0x70, 0x6f, 0x64, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x22, 0xe7, 0x03, 0x0a, 0x0a, 0x44, 0x65, 0x70, 0x6c, 0x6f, 0x79, 0x6d, 0x65, 0x6e, 0x74, 0x12, 0x28, 0x0a, 0x0f, 0x70, 0x6f, 0x64, 0x4d, 0x61, 0x6e, 0x69, 0x66, 0x65, 0x73, 0x74, 0x46, 0x69, 0x6c, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0f, 0x70, 0x6f, 0x64, 0x4d, 0x61, 0x6e, @@ -524,8 +524,8 @@ func file_deployment_proto_init() { if File_deployment_proto != nil { return } - file_provision_pod_proto_init() file_pod_proto_init() + file_provision_pod_proto_init() if !protoimpl.UnsafeEnabled { file_deployment_proto_msgTypes[0].Exporter = func(v interface{}, i int) interface{} { switch v := v.(*Deployment); i { diff --git a/pkg/proto/generate.go b/pkg/proto/generate.go index f5a5514c..c51e6678 100644 --- a/pkg/proto/generate.go +++ b/pkg/proto/generate.go @@ -3,7 +3,7 @@ // Dependencies: // - protoc // - google.golang.org/protobuf/cmd/protoc-gen-go@v1.31.0 -// - connectrpc.com/connect/cmd/protoc-gen-connect-go@v1.12.0 +// - connectrpc.com/connect/cmd/protoc-gen-connect-go@v1.16.2 //go:generate protoc -I=../../proto --go_out=paths=source_relative:. ../../proto/pod.proto //go:generate protoc -I=../../proto --go_out=paths=source_relative:. ../../proto/pricing.proto diff --git a/pkg/proto/marshal.go b/pkg/proto/marshal.go index fd2429a7..d4c611c1 100644 --- a/pkg/proto/marshal.go +++ b/pkg/proto/marshal.go @@ -111,6 +111,15 @@ func UnmarshalFile(path string, format string, m protoreflect.ProtoMessage) erro return Unmarshal(format, bytes, m) } +func UnmarshalStdin(format string, m protoreflect.ProtoMessage) error { + bytes, err := io.ReadAll(os.Stdin) + if err != nil { + return err + } + + return Unmarshal(format, bytes, m) +} + func MarshalFile(path string, format string, m protoreflect.ProtoMessage) error { file, err := os.OpenFile(path, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0644) if err != nil { @@ -129,3 +138,13 @@ func MarshalFile(path string, format string, m protoreflect.ProtoMessage) error _, err = file.Write(bytes) return err } + +func MarshalStdout(format string, m protoreflect.ProtoMessage) error { + bytes, err := Marshal(format, m) + if err != nil { + return err + } + + _, err = os.Stdout.Write(bytes) + return err +} diff --git a/pkg/proto/pod.pb.go b/pkg/proto/pod.pb.go index eb24af7c..1f321fca 100644 --- a/pkg/proto/pod.pb.go +++ b/pkg/proto/pod.pb.go @@ -620,6 +620,9 @@ type Resource struct { // // *Resource_Amount // *Resource_AmountMillis + // *Resource_AmountKibi + // *Resource_AmountMebi + // *Resource_AmountGibi Quantity isResource_Quantity `protobuf_oneof:"quantity"` } @@ -683,6 +686,27 @@ func (x *Resource) GetAmountMillis() uint64 { return 0 } +func (x *Resource) GetAmountKibi() uint64 { + if x, ok := x.GetQuantity().(*Resource_AmountKibi); ok { + return x.AmountKibi + } + return 0 +} + +func (x *Resource) GetAmountMebi() uint64 { + if x, ok := x.GetQuantity().(*Resource_AmountMebi); ok { + return x.AmountMebi + } + return 0 +} + +func (x *Resource) GetAmountGibi() uint64 { + if x, ok := x.GetQuantity().(*Resource_AmountGibi); ok { + return x.AmountGibi + } + return 0 +} + type isResource_Quantity interface { isResource_Quantity() } @@ -692,13 +716,31 @@ type Resource_Amount struct { } type Resource_AmountMillis struct { - AmountMillis uint64 `protobuf:"varint,3,opt,name=amountMillis,proto3,oneof"` + AmountMillis uint64 `protobuf:"varint,3,opt,name=amountMillis,proto3,oneof"` // /1000 +} + +type Resource_AmountKibi struct { + AmountKibi uint64 `protobuf:"varint,4,opt,name=amountKibi,proto3,oneof"` // *1024 +} + +type Resource_AmountMebi struct { + AmountMebi uint64 `protobuf:"varint,5,opt,name=amountMebi,proto3,oneof"` // *1024^2 +} + +type Resource_AmountGibi struct { + AmountGibi uint64 `protobuf:"varint,6,opt,name=amountGibi,proto3,oneof"` // *1024^3 } func (*Resource_Amount) isResource_Quantity() {} func (*Resource_AmountMillis) isResource_Quantity() {} +func (*Resource_AmountKibi) isResource_Quantity() {} + +func (*Resource_AmountMebi) isResource_Quantity() {} + +func (*Resource_AmountGibi) isResource_Quantity() {} + type Key struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache @@ -806,9 +848,9 @@ type VerificationSettings struct { sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - ForcePolicy bool `protobuf:"varint,1,opt,name=ForcePolicy,proto3" json:"ForcePolicy,omitempty"` - PublicVerifiability bool `protobuf:"varint,2,opt,name=PublicVerifiability,proto3" json:"PublicVerifiability,omitempty"` - VerificationHost string `protobuf:"bytes,3,opt,name=VerificationHost,proto3" json:"VerificationHost,omitempty"` + ForcePolicy bool `protobuf:"varint,1,opt,name=forcePolicy,proto3" json:"forcePolicy,omitempty"` + PublicVerifiability bool `protobuf:"varint,2,opt,name=publicVerifiability,proto3" json:"publicVerifiability,omitempty"` + VerificationHost string `protobuf:"bytes,3,opt,name=verificationHost,proto3" json:"verificationHost,omitempty"` } func (x *VerificationSettings) Reset() { @@ -1304,33 +1346,40 @@ var file_pod_proto_rawDesc = []byte{ 0x34, 0x0a, 0x15, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x50, 0x65, 0x6e, 0x64, 0x69, 0x6e, 0x67, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x15, 0x74, 0x61, 0x72, 0x67, 0x65, 0x74, 0x50, 0x65, 0x6e, 0x64, 0x69, 0x6e, 0x67, 0x52, 0x65, 0x71, - 0x75, 0x65, 0x73, 0x74, 0x73, 0x22, 0x72, 0x0a, 0x08, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, - 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x01, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x18, 0x0a, - 0x06, 0x61, 0x6d, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x48, 0x00, 0x52, - 0x06, 0x61, 0x6d, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x24, 0x0a, 0x0c, 0x61, 0x6d, 0x6f, 0x75, 0x6e, - 0x74, 0x4d, 0x69, 0x6c, 0x6c, 0x69, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x04, 0x48, 0x00, 0x52, - 0x0c, 0x61, 0x6d, 0x6f, 0x75, 0x6e, 0x74, 0x4d, 0x69, 0x6c, 0x6c, 0x69, 0x73, 0x42, 0x0a, 0x0a, - 0x08, 0x71, 0x75, 0x61, 0x6e, 0x74, 0x69, 0x74, 0x79, 0x22, 0x19, 0x0a, 0x03, 0x4b, 0x65, 0x79, - 0x12, 0x12, 0x0a, 0x04, 0x64, 0x61, 0x74, 0x61, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x04, - 0x64, 0x61, 0x74, 0x61, 0x22, 0x49, 0x0a, 0x07, 0x4b, 0x65, 0x79, 0x50, 0x61, 0x69, 0x72, 0x12, - 0x1e, 0x0a, 0x0a, 0x70, 0x72, 0x69, 0x76, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x18, 0x02, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x0a, 0x70, 0x72, 0x69, 0x76, 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x12, - 0x1e, 0x0a, 0x0a, 0x70, 0x75, 0x62, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x03, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x0a, 0x70, 0x75, 0x62, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x22, - 0x96, 0x01, 0x0a, 0x14, 0x56, 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, - 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, 0x20, 0x0a, 0x0b, 0x46, 0x6f, 0x72, 0x63, - 0x65, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18, 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x46, - 0x6f, 0x72, 0x63, 0x65, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x12, 0x30, 0x0a, 0x13, 0x50, 0x75, - 0x62, 0x6c, 0x69, 0x63, 0x56, 0x65, 0x72, 0x69, 0x66, 0x69, 0x61, 0x62, 0x69, 0x6c, 0x69, 0x74, - 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x13, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x56, - 0x65, 0x72, 0x69, 0x66, 0x69, 0x61, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x79, 0x12, 0x2a, 0x0a, 0x10, - 0x56, 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x6f, 0x73, 0x74, - 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x10, 0x56, 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, 0x61, - 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x6f, 0x73, 0x74, 0x42, 0x2c, 0x5a, 0x2a, 0x67, 0x69, 0x74, 0x68, - 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x6f, 0x6d, 0x72, 0x61, 0x64, 0x65, 0x2d, 0x63, - 0x6f, 0x6f, 0x70, 0x2f, 0x61, 0x70, 0x6f, 0x63, 0x72, 0x79, 0x70, 0x68, 0x2f, 0x70, 0x6b, 0x67, - 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x75, 0x65, 0x73, 0x74, 0x73, 0x22, 0xd8, 0x01, 0x0a, 0x08, 0x52, 0x65, 0x73, 0x6f, 0x75, 0x72, + 0x63, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x72, 0x65, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x18, + 0x0a, 0x06, 0x61, 0x6d, 0x6f, 0x75, 0x6e, 0x74, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x48, 0x00, + 0x52, 0x06, 0x61, 0x6d, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x24, 0x0a, 0x0c, 0x61, 0x6d, 0x6f, 0x75, + 0x6e, 0x74, 0x4d, 0x69, 0x6c, 0x6c, 0x69, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x04, 0x48, 0x00, + 0x52, 0x0c, 0x61, 0x6d, 0x6f, 0x75, 0x6e, 0x74, 0x4d, 0x69, 0x6c, 0x6c, 0x69, 0x73, 0x12, 0x20, + 0x0a, 0x0a, 0x61, 0x6d, 0x6f, 0x75, 0x6e, 0x74, 0x4b, 0x69, 0x62, 0x69, 0x18, 0x04, 0x20, 0x01, + 0x28, 0x04, 0x48, 0x00, 0x52, 0x0a, 0x61, 0x6d, 0x6f, 0x75, 0x6e, 0x74, 0x4b, 0x69, 0x62, 0x69, + 0x12, 0x20, 0x0a, 0x0a, 0x61, 0x6d, 0x6f, 0x75, 0x6e, 0x74, 0x4d, 0x65, 0x62, 0x69, 0x18, 0x05, + 0x20, 0x01, 0x28, 0x04, 0x48, 0x00, 0x52, 0x0a, 0x61, 0x6d, 0x6f, 0x75, 0x6e, 0x74, 0x4d, 0x65, + 0x62, 0x69, 0x12, 0x20, 0x0a, 0x0a, 0x61, 0x6d, 0x6f, 0x75, 0x6e, 0x74, 0x47, 0x69, 0x62, 0x69, + 0x18, 0x06, 0x20, 0x01, 0x28, 0x04, 0x48, 0x00, 0x52, 0x0a, 0x61, 0x6d, 0x6f, 0x75, 0x6e, 0x74, + 0x47, 0x69, 0x62, 0x69, 0x42, 0x0a, 0x0a, 0x08, 0x71, 0x75, 0x61, 0x6e, 0x74, 0x69, 0x74, 0x79, + 0x22, 0x19, 0x0a, 0x03, 0x4b, 0x65, 0x79, 0x12, 0x12, 0x0a, 0x04, 0x64, 0x61, 0x74, 0x61, 0x18, + 0x01, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x04, 0x64, 0x61, 0x74, 0x61, 0x22, 0x49, 0x0a, 0x07, 0x4b, + 0x65, 0x79, 0x50, 0x61, 0x69, 0x72, 0x12, 0x1e, 0x0a, 0x0a, 0x70, 0x72, 0x69, 0x76, 0x61, 0x74, + 0x65, 0x4b, 0x65, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x70, 0x72, 0x69, 0x76, + 0x61, 0x74, 0x65, 0x4b, 0x65, 0x79, 0x12, 0x1e, 0x0a, 0x0a, 0x70, 0x75, 0x62, 0x41, 0x64, 0x64, + 0x72, 0x65, 0x73, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0a, 0x70, 0x75, 0x62, 0x41, + 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x22, 0x96, 0x01, 0x0a, 0x14, 0x56, 0x65, 0x72, 0x69, 0x66, + 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x53, 0x65, 0x74, 0x74, 0x69, 0x6e, 0x67, 0x73, 0x12, + 0x20, 0x0a, 0x0b, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x50, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x08, 0x52, 0x0b, 0x66, 0x6f, 0x72, 0x63, 0x65, 0x50, 0x6f, 0x6c, 0x69, 0x63, + 0x79, 0x12, 0x30, 0x0a, 0x13, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x56, 0x65, 0x72, 0x69, 0x66, + 0x69, 0x61, 0x62, 0x69, 0x6c, 0x69, 0x74, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x13, + 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x56, 0x65, 0x72, 0x69, 0x66, 0x69, 0x61, 0x62, 0x69, 0x6c, + 0x69, 0x74, 0x79, 0x12, 0x2a, 0x0a, 0x10, 0x76, 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, + 0x69, 0x6f, 0x6e, 0x48, 0x6f, 0x73, 0x74, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x10, 0x76, + 0x65, 0x72, 0x69, 0x66, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x48, 0x6f, 0x73, 0x74, 0x42, + 0x2c, 0x5a, 0x2a, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x6f, + 0x6d, 0x72, 0x61, 0x64, 0x65, 0x2d, 0x63, 0x6f, 0x6f, 0x70, 0x2f, 0x61, 0x70, 0x6f, 0x63, 0x72, + 0x79, 0x70, 0x68, 0x2f, 0x70, 0x6b, 0x67, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x06, 0x70, + 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -1574,6 +1623,9 @@ func file_pod_proto_init() { file_pod_proto_msgTypes[6].OneofWrappers = []interface{}{ (*Resource_Amount)(nil), (*Resource_AmountMillis)(nil), + (*Resource_AmountKibi)(nil), + (*Resource_AmountMebi)(nil), + (*Resource_AmountGibi)(nil), } file_pod_proto_msgTypes[11].OneofWrappers = []interface{}{ (*Container_Port_HostHttpHost)(nil), diff --git a/pkg/proto/protoconnect/interceptors.go b/pkg/proto/protoconnect/interceptors.go index f13d6662..d2e677d9 100644 --- a/pkg/proto/protoconnect/interceptors.go +++ b/pkg/proto/protoconnect/interceptors.go @@ -127,7 +127,7 @@ func (a authInterceptor) authenticate(header http.Header) (common.Address, error if err != nil { return common.Address{}, connect.NewError(connect.CodeDataLoss, fmt.Errorf("Failed Unmarshalling token")) } - if time.Now().After(token.ExpirationTime) { + if time.Now().UTC().After(token.ExpirationTime) { return common.Address{}, connect.NewError(connect.CodeDeadlineExceeded, fmt.Errorf("Token Expired")) } @@ -142,7 +142,7 @@ func (a authInterceptor) authenticate(header http.Header) (common.Address, error // verify publisherAddress in namespace is same one signed in token ns := header.Get(NamespaceHeader) - nsExpected := namespaceFromTokenParts(token.Publisher, token.PodId) + nsExpected := NamespaceFromTokenParts(token.Publisher, token.PodId) if ns == "" { header.Set(NamespaceHeader, nsExpected) } else if ns != nsExpected { @@ -152,7 +152,7 @@ func (a authInterceptor) authenticate(header http.Header) (common.Address, error return token.Publisher, nil } -func namespaceFromTokenParts(publisher common.Address, podId common.Hash) string { +func NamespaceFromTokenParts(publisher common.Address, podId common.Hash) string { namespaceParts := []byte{} namespaceParts = append(namespaceParts, publisher[:]...) namespaceParts = append(namespaceParts, podId[:]...) @@ -218,7 +218,7 @@ func (a *AuthInterceptorClient) getOrCreateToken(operation string) (serializedTo tokenData := Token{ PodId: a.podId, Operation: operation, - ExpirationTime: time.Now().Add(a.expirationOffset), + ExpirationTime: time.Now().UTC().Add(a.expirationOffset), Publisher: a.publisher, } tokenDataBytes, err := json.Marshal(tokenData) diff --git a/pkg/provider/download.go b/pkg/provider/download.go index fffe37d6..11ed7b7a 100644 --- a/pkg/provider/download.go +++ b/pkg/provider/download.go @@ -35,13 +35,12 @@ func DownloadSecrets(ctx context.Context, ipfs iface.CoreAPI, pod *pb.Pod) (map[ func DownloadImages(ctx context.Context, client *containerd.Client, ipfsAddress, localRegistry string, pod *pb.Pod) (map[string]string, error) { result := make(map[string]string) for _, c := range pod.Containers { - exists, err := ipcr.ImageExists(ctx, client, c.Image.Url) - if err != nil { - return nil, err - } - if !exists { - target := string(c.Image.Url) - err = ipcr.PullImage(ctx, client, ipfsAddress, string(c.Image.Cid), target) + if c.Image.Cid != nil { + target := c.Image.Url + if target == "" { + target = string(c.Image.Cid) + } + err := ipcr.PullImage(ctx, client, ipfsAddress, string(c.Image.Cid), target) if err != nil { return nil, err } @@ -50,6 +49,14 @@ func DownloadImages(ctx context.Context, client *containerd.Client, ipfsAddress, if err != nil { return nil, err } + } else { + exists, err := ipcr.ImageExists(ctx, client, c.Image.Url) + if err != nil { + return nil, err + } + if !exists { + log.Printf("Warning: Image %v does not exist locally.\n", c.Image.Url) + } } result[c.Name] = c.Image.Url } diff --git a/pkg/publisher/connect.go b/pkg/publisher/connect.go index 4dac0237..bf8387a5 100644 --- a/pkg/publisher/connect.go +++ b/pkg/publisher/connect.go @@ -6,7 +6,6 @@ import ( "context" "errors" "fmt" - "net/http" "net/rpc" "net/url" "os" @@ -17,6 +16,7 @@ import ( pb "github.com/comrade-coop/apocryph/pkg/proto" pbcon "github.com/comrade-coop/apocryph/pkg/proto/protoconnect" "github.com/libp2p/go-libp2p/core/peer" + retryablehttp "github.com/hashicorp/go-retryablehttp" tpipfs "github.com/comrade-coop/apocryph/pkg/ipfs" ) @@ -45,8 +45,11 @@ func ConnectToProvider(ipfsP2p *ipfs.P2pApi, deployment *pb.Deployment, intercep } pingClient.Close() + retryClient := retryablehttp.NewClient() + retryClient.RetryMax = 8 + client := pbcon.NewProvisionPodServiceClient( - http.DefaultClient, + retryClient.StandardClient(), url.String(), connect.WithInterceptors(interceptor), ) @@ -85,6 +88,13 @@ func SendToProvider(ctx context.Context, ipfsP2p *ipfs.P2pApi, pod *pb.Pod, depl } else { request := &pb.UpdatePodRequest{ Pod: pod, + Payment: &pb.PaymentChannel{ + ChainID: deployment.Payment.ChainID, + ProviderAddress: deployment.Provider.EthereumAddress, + ContractAddress: deployment.Payment.PaymentContractAddress, + PublisherAddress: deployment.Payment.PublisherAddress, + PodID: deployment.Payment.PodID, + }, } response, err = client.UpdatePod(ctx, connect.NewRequest(request)) @@ -106,7 +116,7 @@ func SendToProvider(ctx context.Context, ipfsP2p *ipfs.P2pApi, pod *pb.Pod, depl request := &pb.DeletePodRequest{} response, err := client.DeletePod(ctx, connect.NewRequest(request)) if err != nil { - return nil, fmt.Errorf("Failed executing update pod request: %w", err) + return nil, fmt.Errorf("Failed executing delete pod request: %w", err) } if response.Msg.Error != "" { return nil, fmt.Errorf("Error from provider: %w", errors.New(response.Msg.Error)) diff --git a/pkg/publisher/deployment.go b/pkg/publisher/deployment.go index aa9c9ad1..e84d92af 100644 --- a/pkg/publisher/deployment.go +++ b/pkg/publisher/deployment.go @@ -31,7 +31,7 @@ var DefaultPodFile = "manifest.yaml" const PrivateKeySize = 256 / 8 -func GenerateDeploymentFilename(podFile string, deploymentFormat string) (deploymentFile string, relPodFile string, err error) { +func GenerateDeploymentFilename(podFile string, deploymentFormat string) (deploymentFile string, err error) { if deploymentFormat == "" { deploymentFormat = "yaml" } @@ -56,18 +56,11 @@ func GenerateDeploymentFilename(podFile string, deploymentFormat string) (deploy deploymentFile = filepath.Join(deploymentRoot, deploymentFilename) - absDeploymentFile, err := filepath.Abs(deploymentFile) - if err != nil { - return - } - relPodFile, err = filepath.Rel(filepath.Dir(absDeploymentFile), absPodFile) - return } func ReadPodAndDeployment(args []string, manifestFormat string, deploymentFormat string) (podFile string, deploymentFile string, pod *pb.Pod, deployment *pb.Deployment, err error) { deployment = &pb.Deployment{} - readDeployment := false switch len(args) { case 0: @@ -84,23 +77,48 @@ func ReadPodAndDeployment(args []string, manifestFormat string, deploymentFormat // Get the name of the deployment file if it was not passed in the args if deploymentFile == "" { - deploymentFile, deployment.PodManifestFile, err = GenerateDeploymentFilename(podFile, deploymentFormat) + deploymentFile, err = GenerateDeploymentFilename(podFile, deploymentFormat) if err != nil { err = fmt.Errorf("Failed resolving deployment file path: %w", err) return } } - if !readDeployment { + if deploymentFile != "-" { err = pb.UnmarshalFile(deploymentFile, deploymentFormat, deployment) - if err != nil && !errors.Is(err, fs.ErrNotExist) { - err = fmt.Errorf("Failed reading deployment file %s: %w", deploymentFile, err) + } else { + err = pb.UnmarshalStdin(deploymentFormat, deployment) + } + if err != nil && !errors.Is(err, fs.ErrNotExist) { + err = fmt.Errorf("Failed reading deployment file %s: %w", deploymentFile, err) + return + } + + if deployment.PodManifestFile == "" { + var absPodFile string + var absDeploymentFile string + absPodFile, err = filepath.Abs(podFile) + if err != nil { + return + } + + absDeploymentFile, err = filepath.Abs(deploymentFile) + if err != nil { + return + } + deployment.PodManifestFile, err = filepath.Rel(filepath.Dir(absDeploymentFile), absPodFile) + if err != nil { return } } pod = &pb.Pod{} - err = pb.UnmarshalFile(podFile, manifestFormat, pod) + if podFile != "-" { + err = pb.UnmarshalFile(podFile, manifestFormat, pod) + } else { + err = pb.UnmarshalStdin(manifestFormat, pod) + } + if err != nil { err = fmt.Errorf("Failed reading manifest file %s: %w", podFile, err) } @@ -109,7 +127,12 @@ func ReadPodAndDeployment(args []string, manifestFormat string, deploymentFormat } func SaveDeployment(deploymentFile string, deploymentFormat string, deployment *pb.Deployment) error { - err := pb.MarshalFile(deploymentFile, deploymentFormat, deployment) + var err error + if deploymentFile != "-" { + err = pb.MarshalFile(deploymentFile, deploymentFormat, deployment) + } else { + err = pb.MarshalStdout(deploymentFormat, deployment) + } if err != nil { return fmt.Errorf("Failed saving deployment file: %w", err) } diff --git a/proto/pod.proto b/proto/pod.proto index 69bbc23f..f2e9110a 100644 --- a/proto/pod.proto +++ b/proto/pod.proto @@ -96,7 +96,10 @@ message Resource { string resource = 1; oneof quantity { uint64 amount = 2; - uint64 amountMillis = 3; + uint64 amountMillis = 3; // /1000 + uint64 amountKibi = 4; // *1024 + uint64 amountMebi = 5; // *1024^2 + uint64 amountGibi = 6; // *1024^3 } } diff --git a/test/e2e/attestation/Tiltfile b/test/e2e/attestation/Tiltfile new file mode 100644 index 00000000..2515d543 --- /dev/null +++ b/test/e2e/attestation/Tiltfile @@ -0,0 +1,46 @@ +# -*- mode: Python -*- +# SPDX-License-Identifier: GPL-3.0 + +load("../../../deploy/Tiltfile", "apocryph_resource") + +# TODO: Untested + +cosign_sign_image( + "comradecoop/example/nginx-hello", + "nginxdemos/nginx-hello@sha256:d1484a2f11e5cdf0cd89eae88124c74d6a26a337cbbb7e7db3576386e1bcd49a", + False, + "-y", +) + +apocryph_resource( + "nginx-attestation-example", + "../common/manifests/manifest-attestation-nginx.yaml", + upload_images=False, + apply_flags=["--mint-funds"], + labels=["apocryph-pod"], + image_deps=["comradecoop/example/nginx-hello"], + image_containers=["nginx"], +) + +manifest_host = "example-attest.tpodinfo.localhost" # TODO copied from :/test/e2e/common/manifests/manifest-attestation-nginx.yaml + +curl_cmd = 'curl --connect-timeout 40 -H "Host: %s" localhost:8004 --fail-with-body' % manifest_host + +k8s_resource(workload="ingress-nginx", port_forwards=["8004:80"]) +local_resource( + "nginx-attestation-example-query", + [ + "bash", + "-c", + " ".join( + [ + "set -xeuo pipefail;", + "while ! %s; do sleep 10; done;" % curl_cmd, + "%s;" % curl_cmd, + ] + ), + ], + labels=["apocryph-pod"], + trigger_mode=TRIGGER_MODE_MANUAL, + auto_init=False, +) diff --git a/test/e2e/common/manifests/manifest-attestation-nginx.yaml b/test/e2e/common/manifests/manifest-attestation-nginx.yaml index 174d458a..3222d20b 100644 --- a/test/e2e/common/manifests/manifest-attestation-nginx.yaml +++ b/test/e2e/common/manifests/manifest-attestation-nginx.yaml @@ -4,7 +4,7 @@ containers: url: ttl.sh/nginx-hello@sha256:631c081135cc6a81ad685f39d107d9eb6140d3a2265b0aa6792346f06936de72 ports: - containerPort: '8080' - hostHttpHost: example.local + hostHttpHost: example-attest.localhost name: internal resourceRequests: - amountMillis: '10' diff --git a/test/e2e/common/manifests/manifest-nginx.yaml b/test/e2e/common/manifests/manifest-nginx.yaml index ce595829..f54524ef 100644 --- a/test/e2e/common/manifests/manifest-nginx.yaml +++ b/test/e2e/common/manifests/manifest-nginx.yaml @@ -4,7 +4,7 @@ containers: url: docker.io/nginxdemos/nginx-hello:latest ports: - containerPort: '8080' - hostHttpHost: example.local + hostHttpHost: example.localhost name: internal resourceRequests: - amountMillis: '10' diff --git a/test/e2e/constellation/miniconstellation/helmfile.yaml b/test/e2e/constellation/miniconstellation/helmfile.yaml deleted file mode 100644 index 88b18727..00000000 --- a/test/e2e/constellation/miniconstellation/helmfile.yaml +++ /dev/null @@ -1,77 +0,0 @@ -repositories: - - name: kedacore - url: https://kedacore.github.io/charts - - name: ingress-nginx - url: https://kubernetes.github.io/ingress-nginx - - name: prometheus-community - url: https://prometheus-community.github.io/helm-charts - - name: grafana - url: https://grafana.github.io/helm-charts - -releases: - - name: namespaces - chart: ./namespaces - - name: keda - namespace: keda - chart: kedacore/keda - - name: ingress-nginx - namespace: keda - chart: ingress-nginx/ingress-nginx - hooks: - - events: ['postsync'] - showlogs: true - command: 'kubectl' - args: - - 'wait' - - '--namespace' - - 'keda' - - '--for=condition=available' - - 'deployment/ingress-nginx-controller' - - '--timeout=800s' - set: - - name: controller.service.type - value: NodePort - - name: controller.service.nodePorts.http - value: 32080 - - name: controller.service.nodePorts.https - value: 32443 - - name: keda-http-addon - namespace: keda - chart: kedacore/keda-add-ons-http - set: - - name: interceptor.replicas.min - value: 1 - - name: interceptor.waitTimeout - value: 40s - needs: - - keda - - name: prometheus - chart: prometheus-community/prometheus - namespace: prometheus - set: - - name: alertmanager.enabled - value: false - - name: prometheus-node-exporter.enabled - value: false - - name: server.persistentVolume.enabled - value: false - - name: keda-fixes - chart: ./keda - namespace: keda - needs: - - keda-http-addon - - ingress-nginx # NOTE: nginx admission controllers typically fails to wait long enough for nginx to start at this step - - name: ipfs - chart: ./ipfs - namespace: ipfs - - name: loki - chart: grafana/loki-stack - namespace: loki - values: - - ./loki/values.yml - - name: trustedpods - chart: ./trustedpods - namespace: trustedpods - - name: eth - chart: ./eth - namespace: eth diff --git a/test/e2e/constellation/miniconstellation/ipfs/ipfs.yml b/test/e2e/constellation/miniconstellation/ipfs/ipfs.yml deleted file mode 100644 index 1ccab5be..00000000 --- a/test/e2e/constellation/miniconstellation/ipfs/ipfs.yml +++ /dev/null @@ -1,121 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: ipfs-rpc - namespace: ipfs - labels: - app: ipfs -spec: - ports: - - name: rpc - port: 5001 - targetPort: rpc - clusterIP: None - selector: - app: ipfs ---- -apiVersion: v1 -kind: Service -metadata: - name: ipfs-swarm - namespace: ipfs - labels: - app: ipfs -spec: - ports: - - name: swarm-tcp - port: 4001 - protocol: TCP - targetPort: swarm-tcp - nodePort: 32194 - - name: swarm-udp - port: 4001 - protocol: UDP - targetPort: swarm-udp - nodePort: 32194 - type: NodePort - selector: - app: ipfs ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: ipfs-config - namespace: ipfs -data: - configure.sh: | - #!/bin/sh - set -ex - ipfs config --json Experimental.Libp2pStreamMounting true - ipfs config Addresses.AppendAnnounce --json '["/ip4/10.42.1.100/tcp/32194", "/ip4/10.42.1.100/udp/32194/quic", "/ip4/10.42.1.100/udp/32194/quic-v1", "/ip4/10.42.1.100/udp/32194/quic-v1/webtransport"]' ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: ipfs - namespace: ipfs -spec: - replicas: 1 - selector: - matchLabels: - app: ipfs - template: - metadata: - labels: - app: ipfs - spec: - containers: - - name: ipfs - image: docker.io/ipfs/kubo:v0.23.0 - ports: - - name: rpc - containerPort: 5001 - - name: swarm-tcp - containerPort: 4001 - protocol: TCP - - name: swarm-udp - containerPort: 4001 - protocol: UDP - - name: gateway - containerPort: 8080 - volumeMounts: - - name: init-scripts - mountPath: /container-init.d/050-configure.sh - readOnly: true - subPath: 050-configure.sh - env: - - name: IPFS_PROFILE - value: - - name: p2p-helper - image: ghcr.io/comrade-coop/apocryph/p2p-helper:master - command: ["ipfs-p2p-helper", "run", "--ipfs", "/ip4/127.0.0.1/tcp/5001"] - volumes: - - name: init-scripts - configMap: - name: ipfs-config - items: - - key: configure.sh - path: 050-configure.sh - mode: 0555 - serviceAccountName: ipfs-p2p-serviceaccount -# --- -# apiVersion: apps/v1 -# kind: Deployment -# metadata: -# name: ipfs-p2p-helper -# namespace: ipfs -# spec: -# replicas: 1 -# selector: -# matchLabels: -# app: ipfs-p2p-helper -# template: -# metadata: -# labels: -# app: ipfs-p2p-helper -# spec: -# containers: -# - name: p2p-helper -# image: host.minikube.internal:5000/comradecoop/apocryph/p2p-helper -# command: ["ipfs-p2p-helper", "run", "--ipfs", "/dns4/ipfs-rpc.ipfs.svc.cluster.local/tcp/5001"] -# serviceAccountName: ipfs-p2p-serviceaccount diff --git a/test/e2e/constellation/miniconstellation/ipfs/serviceaccount.yml b/test/e2e/constellation/miniconstellation/ipfs/serviceaccount.yml deleted file mode 100644 index b0961dbc..00000000 --- a/test/e2e/constellation/miniconstellation/ipfs/serviceaccount.yml +++ /dev/null @@ -1,29 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app: ipfs - name: ipfs-p2p-serviceaccount - namespace: ipfs -# --- -# apiVersion: rbac.authorization.k8s.io/v1 -# kind: ClusterRole -# metadata: -# name: service-lister -# rules: -# - apiGroups: ["core"] -# resources: ["service"] -# verbs: ["get", "list", "watch"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: ipfs-p2p-cluster-role-binding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: view # TODO! For some reason with the service-lister role, we get random "unknown" errors -subjects: -- kind: ServiceAccount - name: ipfs-p2p-serviceaccount - namespace: ipfs diff --git a/test/e2e/constellation/miniconstellation/run-test.sh b/test/e2e/constellation/miniconstellation/run-test.sh deleted file mode 100755 index 982176a9..00000000 --- a/test/e2e/constellation/miniconstellation/run-test.sh +++ /dev/null @@ -1,174 +0,0 @@ -#!/usr/bin/env bash -# SPDX-License-Identifier: GPL-3.0 - -set -e - -trap 'pkill -f "kubectl port-forward" && kill $(jobs -p) &>/dev/null' EXIT - -cd "$(dirname "$0")" - -which curl >/dev/null; which jq >/dev/null; which xargs >/dev/null; which sed >/dev/null -which go >/dev/null -which ipfs >/dev/null -which forge &>/dev/null || export PATH=$PATH:~/.bin/foundry -which forge >/dev/null; which cast >/dev/null -which helmfile >/dev/null; which helm >/dev/null; which kubectl >/dev/null -which constellation >/dev/null || { echo "Install Constellation, https://docs.edgeless.systems/constellation/getting-started/first-steps-local#software-installation-on-ubuntu"; exit 1; } - -CONSTELLATION_PATH=${CONSTELLATION_PATH:-~/.constellation-root} -mkdir -p $CONSTELLATION_PATH - -if [ "$1" = "teardown" ]; then - ( cd $CONSTELLATION_PATH; constellation mini down ) - exit 0 -fi - -# based on https://stackoverflow.com/a/31269848 / https://bobcopeland.com/blog/2012/10/goto-in-bash/ -if [ -n "$1" ]; then - STEP=${1:-1} - eval "set -v; $(sed -n "/## $STEP: /{:a;n;p;ba};" $0)" - exit -fi - -echo -e "\e[1;32m---" -echo "Note: To skip steps, use '$0 '" -echo " e.g. to skip ahead to configuring IPFS, run '$0 1.2'" -echo -e "---\e[0m" - -set -v - -## 1: Set up the Kubernetes environment ## - -echo 'CONSTELLATION_PATH='$CONSTELLATION_PATH - -( cd $CONSTELLATION_PATH; constellation mini up || true ) - -kubectl patch -n kube-system configmap ip-masq-agent --type merge -p '{"data":{"config": "{\"masqLinkLocal\":true,\"nonMasqueradeCIDRs\":[]}"}}' -kubectl rollout restart -n kube-system daemonset cilium -kubectl delete pod -l k8s-app=join-service -n kube-system - -## 1.0: Deploy contracts to anvil ## - -helmfile apply -l name=eth - -{ while ! kubectl get -n eth endpoints eth-rpc -o json | jq '.subsets[].addresses[].ip' &>/dev/null; do sleep 1; done; } - -[ "$PORT_8545" == "" ] && { PORT_8545="yes" ; kubectl port-forward --namespace eth svc/eth-rpc 8545:8545 & } - -DEPLOYER_KEY=0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80 #TODO= anvil.accounts[0] - -( cd ../../../contracts; forge script script/Deploy.s.sol --private-key "$DEPLOYER_KEY" --rpc-url http://localhost:8545 --broadcast) - -## 1.1: Apply the rest of the Helm configuration ## - -helmfile apply - -## 1.2: Configure provider/in-cluster IPFS and publisher IPFS ## - -{ while ! kubectl get -n ipfs endpoints ipfs-rpc -o json | jq '.subsets[].addresses[].ip' &>/dev/null; do sleep 1; done; } - -[ "$PORT_5004" == "" ] && { PORT_5004="yes" ; kubectl port-forward --namespace ipfs svc/ipfs-rpc 5004:5001 & sleep 0.5; } - -NODE_ADDRESS=$(kubectl get no -o json | jq -r '.items[].status.addresses[] | select(.type == "InternalIP") | .address' | head -n 1) -SWARM_PORT=$(kubectl get svc -n ipfs ipfs-swarm -o json | jq -r '.spec.ports[].nodePort' | head -n 1) - -SWARM_ADDRESSES="[\"/ip4/$NODE_ADDRESS/tcp/$SWARM_PORT\", \"/ip4/$NODE_ADDRESS/udp/$SWARM_PORT/quic\", \"/ip4/$NODE_ADDRESS/udp/$SWARM_PORT/quic-v1\", \"/ip4/$NODE_ADDRESS/udp/$SWARM_PORT/quic-v1/webtransport\"]" - -PROVIDER_IPFS=$(curl -X POST "http://127.0.0.1:5004/api/v0/id" | jq '.ID' -r); echo $PROVIDER_IPFS - -# Unfortunately, we can't restart the ipfs daemon since we don't have persistent storage in miniconstellation. Swarm addresses have been hardcoded. -#O_IPFS_PATH=$IPFS_PATH -#export IPFS_PATH=$(mktemp ipfs.XXXX --tmpdir -d) -#echo /ip4/127.0.0.1/tcp/5004 > $IPFS_PATH/api - -#CONFIG_BEFORE=$(ipfs config Addresses.AppendAnnounce) -#ipfs config Addresses.AppendAnnounce --json "$SWARM_ADDRESSES" -#CONFIG_AFTER=$(ipfs config Addresses.AppendAnnounce) - -#[ "$CONFIG_BEFORE" = "$CONFIG_AFTER" ] || false # Restart ipfs daemon -#export IPFS_PATH=$O_IPFS_PATH - -ipfs id &>/dev/null || ipfs init - -ipfs config --json Experimental.Libp2pStreamMounting true - -[ -n "$IPFS_DAEMON" ] || { IPFS_DAEMON=yes; ipfs daemon & { while ! [ -f ${IPFS_PATH:-~/.ipfs}/api ]; do sleep 0.1; done; } 2>/dev/null; } - -echo "$SWARM_ADDRESSES" | jq -r '.[] + "/p2p/'"$PROVIDER_IPFS"'"' | xargs -n 1 ipfs swarm connect || true - -sleep 1 - -## 1.3: Register the provider - -go run ../../../cmd/tpodserver/ registry register \ - --config ../../common/configs/config.yaml \ - --ipfs /ip4/127.0.0.1/tcp/5001 \ - --ethereum-rpc http://127.0.0.1:8545 \ - --ethereum-key 0x59c6995e998f97a5a0044966f0945389dc9e86dae88c7a8412f4603b6b78690d \ - --token-contract 0x5FbDB2315678afecb367f032d93F642f64180aa3 \ - --registry-contract 0x9fe46736679d2d9a65f0992f2272de9f3c7fa6e0 \ - -## 2: Deploy example manifest to cluster ## - -DEPLOYER_ETH=0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266 #TODO= anvil.accounts[0] -PROVIDER_ETH=0x70997970C51812dc3A010C7d01b50e0d17dc79C8 #TODO= anvil.accounts[1] -PUBLISHER_KEY=0x5de4111afa1a4b94908f83103eb1f1706367c2e68ca870fc3fb9a804cdab365a #TODO= anvil.accounts[2] -PAYMENT_CONTRACT=$(cat ../../../contracts/broadcast/Deploy.s.sol/31337/run-latest.json | jq -r '.returns.payment.value') -REGISTRY_CONTRACT=$(cat ../../../contracts/broadcast/Deploy.s.sol/31337/run-latest.json | jq -r '.returns.registry.value') -FUNDS=10000000000000000000000 - -[ "$PORT_8545" == "" ] && { PORT_8545="yes" ; kubectl port-forward --namespace eth svc/eth-rpc 8545:8545 & } -[ "$PORT_5004" == "" ] && { PORT_5004="yes" ; kubectl port-forward --namespace ipfs svc/ipfs-rpc 5004:5001 & sleep 0.5; } -[ -n "$PROVIDER_IPFS" ] || { PROVIDER_IPFS=$(curl -X POST "http://127.0.0.1:5004/api/v0/id" -s | jq '.ID' -r); echo $PROVIDER_IPFS; } -[ -n "$IPFS_DAEMON" ] || { IPFS_DAEMON=yes; ipfs daemon & { while ! [ -f ${IPFS_PATH:-~/.ipfs}/api ]; do sleep 0.1; done; } 2>/dev/null; } - -set +v -set -x - -go run ../../../cmd/trustedpods/ pod deploy ../common/manifest-guestbook-nostorage.yaml \ - --ethereum-key "$PUBLISHER_KEY" \ - --payment-contract "$PAYMENT_CONTRACT" \ - --registry-contract "$REGISTRY_CONTRACT" \ - --funds "$FUNDS" \ - --upload-images=false \ - --mint-funds - -set +x -set -v - -## 3: Connect and measure balances ## - -DEPLOYER_ETH=0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266 #TODO= anvil.accounts[0] -WITHDRAW_ETH=0x90F79bf6EB2c4f870365E785982E1f101E93b906 # From trustedpods/tpodserver.yml -TOKEN_CONTRACT=$(cat ../../../contracts/broadcast/Deploy.s.sol/31337/run-latest.json | jq -r '.returns.token.value') -NODE_ADDRESS=$(kubectl get no -o json | jq -r '.items[].status.addresses[] | select(.type == "InternalIP") | .address' | head -n 1) -INGRESS_PORT=$(kubectl get svc -n keda ingress-nginx-controller -o json | jq -r '.spec.ports[] | select(.name == "http") | .nodePort' | head -n 1) -INGRESS_URL="http://$NODE_ADDRESS:$INGRESS_PORT"; echo $INGRESS_URL -MANIFEST_HOST=guestbook.localhost # From manifest-guestbook.yaml - -[ "$PORT_8545" == "" ] && { PORT_8545="yes" ; kubectl port-forward --namespace eth svc/eth-rpc 8545:8545 & } - -echo "Provider balance before:" $(cast call "$TOKEN_CONTRACT" "balanceOf(address)" "$WITHDRAW_ETH" | cast to-fixed-point 18) - -set -x - -while ! curl --connect-timeout 40 -H "Host: $MANIFEST_HOST" $INGRESS_URL --fail-with-body; do sleep 10; done -curl -H "Host: $MANIFEST_HOST" $INGRESS_URL/test.html --fail-with-body - -set +x - -sleep 45 - -echo "Provider balance after:" $(cast call "$TOKEN_CONTRACT" "balanceOf(address)" "$WITHDRAW_ETH" | cast to-fixed-point 18) - -## 4: In conclusion.. ## - -set +v - -echo -e "\e[1;32m---" -echo "Note: To interact with the deployed guestbook, run the following" -echo " kubectl port-forward --namespace keda svc/ingress-nginx-controller 1234:80 &" -echo " xdg-open http://guestbook.localhost:1234/" -echo "Note: To stop the minikube cluster/provider, use '$0 teardown'" -echo " and to clean-up everything the script does, use '$0 teardown full'" -echo -e "---\e[0m" diff --git a/test/e2e/constellation/miniconstellation/trustedpods/tpodserver.yml b/test/e2e/constellation/miniconstellation/trustedpods/tpodserver.yml deleted file mode 100644 index de212781..00000000 --- a/test/e2e/constellation/miniconstellation/trustedpods/tpodserver.yml +++ /dev/null @@ -1,122 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: tpodserver - namespace: trustedpods - labels: - app: tpodserver - coop.comrade/apocryph-p2p-helper: "true" - annotations: - coop.comrade/apocryph-p2p-helper: "/x/apocryph/provision-pod/0.0.1" - -spec: - ports: - - port: 8080 - type: ClusterIP - selector: - app: tpodserver ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: trustedpods-configs - namespace: trustedpods -data: - config.yaml: | - pricing: - table: - format: yaml - # filename: pricing.yaml - contents: | - tables: - - paymentContractAddress: "5/FyXnc0ziiPg2fhuxQ+kLs/BRI=" - resources: - - resource: "cpu" - priceForReservation: 200000000000 - - resource: "ram" - priceForReservation: 500 - withdraw: - address: "0x90F79bf6EB2c4f870365E785982E1f101E93b906" - time: 15 - cpu_model: "Intel Xeon Platinum 8452Y Processor" - tee_type: "Secure Enclaves" - info: - format: yaml - contents: | - regions: - - name: "bul" - zone: "east" - num: 1 - - name: "alg" - zone: "west" - num: 2 - multiaddrs: - - "/dns4/kubo.business" - # tokenAddress=$(echo e7f1725E7734CE288F8367e1Bb143E90bb3F0512 | xxd -p -r | base64) ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: tpodserver - namespace: trustedpods -spec: - replicas: 1 - selector: - matchLabels: - app: tpodserver - template: - metadata: - labels: - app: tpodserver - spec: - containers: - - name: tpodserver - image: ghcr.io/comrade-coop/apocryph/server:master - command: [ - "tpodserver", "listen", - "--address", "0.0.0.0:8080", - "--config", "config.yaml", - "--ipfs", "/dns4/ipfs-rpc.ipfs.svc.cluster.local/tcp/5001", - "--oci-registry", "host.minikube.internal:5000", - "--ethereum-rpc", "http://eth-rpc.eth.svc.cluster.local:8545", - "--ethereum-key", "0x59c6995e998f97a5a0044966f0945389dc9e86dae88c7a8412f4603b6b78690d", # TODO= anvil.accounts[1] prvkey - ] - ports: - - containerPort: 8080 - securityContext: - allowPrivilegeEscalation: false - runAsUser: 0 - volumeMounts: - - name: configs - mountPath: /config.yaml - subPath: config.yaml - readOnly: true - - name: containerd-socket - mountPath: /run/containerd/containerd.sock - - name: tpodmonitor - image: ghcr.io/comrade-coop/apocryph/server:master - command: [ - "tpodserver", "monitor", - "--config", "config.yaml", - "--prometheus", "http://prometheus-server.prometheus.svc.cluster.local:80/", - "--ethereum-rpc", "http://eth-rpc.eth.svc.cluster.local:8545", - "--ethereum-key", "0x59c6995e998f97a5a0044966f0945389dc9e86dae88c7a8412f4603b6b78690d", # TODO= anvil.accounts[1] - ] - ports: - - containerPort: 8080 - volumeMounts: - - name: configs - mountPath: /config.yaml - subPath: config.yaml - readOnly: true - volumes: - - name: configs - configMap: - name: trustedpods-configs - items: - - key: config.yaml - path: config.yaml - - name: containerd-socket - hostPath: - path: /run/containerd/containerd.sock - serviceAccountName: tpodserver-serviceaccount diff --git a/test/e2e/constellation/qemu/run-test.sh b/test/e2e/constellation/qemu/run-test.sh deleted file mode 100755 index ed43cd0e..00000000 --- a/test/e2e/constellation/qemu/run-test.sh +++ /dev/null @@ -1,159 +0,0 @@ -#!/bin/bash -set -e -set -v - -WORKSPACE_PATH="$HOME/.apocryph/constellation-" -CURRENT_DIR=$(pwd) - -trap 'pkill -f "kubectl port-forward" && kill $(jobs -p) &>/dev/null' EXIT - -# based on https://stackoverflow.com/a/31269848 / https://bobcopeland.com/blog/2012/10/goto-in-bash/ -if [ -n "$1" ]; then - STEP=${1:-1} - eval "set -v; $(sed -n "/## $STEP: /{:a;n;p;ba};" $0)" - exit -fi - -echo -e "\e[1;32m---" -echo "Note: To skip steps, use '$0 '" -echo -e "---\e[0m" - -## 0: Build build custom OS image & run the cluster - -# use the miniconstellation chart -. ./build.sh ../miniconstellation - -## 1: Start the constellation cluster -cd "$WORKSPACE_PATH"* -constellation terminate -constellation apply -y - -## 1.1: wait for the setup -cd $WORKSPACE_PATH* -CONF_DIR=$(pwd) -export KUBECONFIG="$CONF_DIR/constellation-admin.conf" -cd $CURRENT_DIR -kubectl wait --namespace keda --for=condition=available deployment/ingress-nginx-controller -kubectl wait --namespace prometheus --for=condition=available deployment/prometheus-kube-state-metrics -kubectl wait --namespace prometheus --for=condition=available deployment/prometheus-prometheus-pushgateway -kubectl wait --namespace prometheus --for=condition=available deployment/prometheus-server -kubectl wait --namespace ipfs --for=condition=available StatefulSet/ipfs -kubectl wait --namespace trustedpods --for=condition=available deployment/tpodserver - -## 2: Deploy sample App - -[ "$PORT_8545" == "" ] && { PORT_8545="yes" ; kubectl port-forward --namespace eth svc/eth-rpc 8545:8545 & } - -sleep 2 - -DEPLOYER_KEY=0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80 #TODO= anvil.accounts[0] - -TOKEN_CONTRACT=0x5fbdb2315678afecb367f032d93f642f64180aa3 # TODO= result of forge create - -( cd ../../../../contracts; forge script script/Deploy.s.sol --private-key "$DEPLOYER_KEY" --rpc-url http://127.0.0.1:8545 --broadcast) - -## 2.1: Register the provider -[ "$PORT_5004" == "" ] && { PORT_5004="yes" ; kubectl port-forward --namespace ipfs svc/ipfs-rpc 5004:5001 & sleep 0.5; } - -go run ../../../../cmd/tpodserver registry register \ - --config ../../common/configs/config.yaml \ - --ipfs /ip4/127.0.0.1/tcp/5004 \ - --ethereum-rpc http://127.0.0.1:8545 \ - --ethereum-key 0x59c6995e998f97a5a0044966f0945389dc9e86dae88c7a8412f4603b6b78690d \ - --token-contract 0x5FbDB2315678afecb367f032d93F642f64180aa3 \ - --registry-contract 0x9fe46736679d2d9a65f0992f2272de9f3c7fa6e0 \ - -## 3: Configure provider/in-cluster IPFS and publisher IPFS ## - -{ while ! kubectl get -n ipfs endpoints ipfs-rpc -o json | jq '.subsets[].addresses[].ip' &>/dev/null; do sleep 1; done; } - -[ "$PORT_5004" == "" ] && { PORT_5004="yes" ; kubectl port-forward --namespace ipfs svc/ipfs-rpc 5004:5001 & sleep 0.5; } - -NODE_ADDRESS=$(kubectl get no -o json | jq -r '.items[].status.addresses[] | select(.type == "InternalIP") | .address' | head -n 1) -SWARM_PORT=$(kubectl get svc -n ipfs ipfs-swarm -o json | jq -r '.spec.ports[].nodePort' | head -n 1) - -SWARM_ADDRESSES="[\"/ip4/$NODE_ADDRESS/tcp/$SWARM_PORT\", \"/ip4/$NODE_ADDRESS/udp/$SWARM_PORT/quic\", \"/ip4/$NODE_ADDRESS/udp/$SWARM_PORT/quic-v1\", \"/ip4/$NODE_ADDRESS/udp/$SWARM_PORT/quic-v1/webtransport\"]" - -PROVIDER_IPFS=$(curl -X POST "http://127.0.0.1:5004/api/v0/id" | jq '.ID' -r); echo $PROVIDER_IPFS - -ipfs id &>/dev/null || ipfs init - -ipfs config --json Experimental.Libp2pStreamMounting true - -IPFS_CONFIG="$HOME/.ipfs/config" -# default gateway is already used by libvirt container -NEW_GATEWAY="/ip4/127.0.0.1/tcp/8090" -jq --arg new_gateway "$NEW_GATEWAY" '.Addresses.Gateway = $new_gateway' "$IPFS_CONFIG" > tmp.json && mv tmp.json "$IPFS_CONFIG" - -[ -n "$IPFS_DAEMON" ] || { IPFS_DAEMON=yes; ipfs daemon & { while ! [ -f ${IPFS_PATH:-~/.ipfs}/api ]; do sleep 0.1; done; } 2>/dev/null; } - -echo "$SWARM_ADDRESSES" | jq -r '.[] + "/p2p/'"$PROVIDER_IPFS"'"' | xargs -n 1 ipfs swarm connect || true - -sleep 1 - -# Deploy example manifest to cluster ## - -DEPLOYER_ETH=0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266 #TODO= anvil.accounts[0] -PROVIDER_ETH=0x70997970C51812dc3A010C7d01b50e0d17dc79C8 #TODO= anvil.accounts[1] -PUBLISHER_KEY=0x5de4111afa1a4b94908f83103eb1f1706367c2e68ca870fc3fb9a804cdab365a #TODO= anvil.accounts[2] - -TOKEN_CONTRACT=0x5fbdb2315678afecb367f032d93f642f64180aa3 # TODO= result of forge create -PAYMENT_CONTRACT=0xe7f1725e7734ce288f8367e1bb143e90bb3f0512 # TODO= result of forge create -REGISTRY_CONTRACT=0x9fe46736679d2d9a65f0992f2272de9f3c7fa6e0 # TODO= result of forge create - - -# PAYMENT_CONTRACT=$(cat ../../../../contracts/broadcast/Deploy.s.sol/31337/run-latest.json | jq -r '.returns.payment.value') -# REGISTRY_CONTRACT=$(cat ../../../../contracts/broadcast/Deploy.s.sol/31337/run-latest.json | jq -r '.returns.registry.value') -FUNDS=10000000000000000000000 - - -[ "$PORT_8545" == "" ] && { PORT_8545="yes" ; kubectl port-forward --namespace eth svc/eth-rpc 8545:8545 & } -[ -n "$IPFS_DAEMON" ] || { IPFS_DAEMON=yes; ipfs daemon & { while ! [ -f ${IPFS_PATH:-~/.ipfs}/api ]; do sleep 0.1; done; } 2>/dev/null; } - -set +v -set -x - -go run ../../../../cmd/trustedpods/ pod deploy ../../common/manifest-nginx.yaml \ - --ethereum-key "$PUBLISHER_KEY" \ - --payment-contract "$PAYMENT_CONTRACT" \ - --registry-contract "$REGISTRY_CONTRACT" \ - --funds "$FUNDS" \ - --upload-images=true \ - --mint-funds - -## 4: Connect and measure balances ## - -DEPLOYER_ETH=0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266 #TODO= anvil.accounts[0] -WITHDRAW_ETH=0x90F79bf6EB2c4f870365E785982E1f101E93b906 # From trustedpods/tpodserver.yml -TOKEN_CONTRACT=$(cat ../../../contracts/broadcast/Deploy.s.sol/31337/run-latest.json | jq -r '.returns.token.value') -NODE_ADDRESS=$(kubectl get no -o json | jq -r '.items[].status.addresses[] | select(.type == "InternalIP") | .address' | head -n 1) -INGRESS_PORT=$(kubectl get svc -n keda ingress-nginx-controller -o json | jq -r '.spec.ports[] | select(.name == "http") | .nodePort' | head -n 1) -INGRESS_URL="http://$NODE_ADDRESS:$INGRESS_PORT"; echo $INGRESS_URL -MANIFEST_HOST=example.local # From manifest-guestbook.yaml - -[ "$PORT_8545" == "" ] && { PORT_8545="yes" ; kubectl port-forward --namespace eth svc/eth-rpc 8545:8545 & } - -echo "Provider balance before:" $(cast call "$TOKEN_CONTRACT" "balanceOf(address)" "$WITHDRAW_ETH" | cast to-fixed-point 18) - -set -x - -while ! curl --connect-timeout 40 -H "Host: $MANIFEST_HOST" $INGRESS_URL --fail-with-body; do sleep 10; done -curl -H "Host: $MANIFEST_HOST" $INGRESS_URL --fail-with-body - -set +x - -sleep 45 - -echo "Provider balance after:" $(cast call "$TOKEN_CONTRACT" "balanceOf(address)" "$WITHDRAW_ETH" | cast to-fixed-point 18) - -## 4: In conclusion.. ## - -set +v - -echo -e "\e[1;32m---" -echo "Note: To interact with the deployed guestbook, run the following" -echo " kubectl port-forward --namespace keda svc/ingress-nginx-controller 1234:80 &" -echo " xdg-open http://guestbook.localhost:1234/" -echo "Note: To stop the minikube cluster/provider, use '$0 teardown'" -echo " and to clean-up everything the script does, use '$0 teardown full'" -echo -e "---\e[0m" diff --git a/test/e2e/minikube/eth/anvil-proxy.yml b/test/e2e/minikube/eth/anvil-proxy.yml deleted file mode 100644 index eefb20d7..00000000 --- a/test/e2e/minikube/eth/anvil-proxy.yml +++ /dev/null @@ -1,14 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: eth-rpc - namespace: eth - labels: - app: eth -spec: - type: ExternalName - externalName: host.minikube.internal - ports: - - name: jsonrpc - port: 8545 - targetPort: 8545 diff --git a/test/e2e/minikube/keda/ingress.yml b/test/e2e/minikube/keda/ingress.yml deleted file mode 100644 index f7361082..00000000 --- a/test/e2e/minikube/keda/ingress.yml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: keda-ingress - namespace: keda -spec: - ingressClassName: nginx - defaultBackend: - service: - name: keda-add-ons-http-interceptor-proxy - port: - number: 8080 diff --git a/test/e2e/minikube/loki/values.yml b/test/e2e/minikube/loki/values.yml deleted file mode 100644 index 81b625bb..00000000 --- a/test/e2e/minikube/loki/values.yml +++ /dev/null @@ -1,39 +0,0 @@ -loki: - enabled: true - isDefault: true - url: http://{{(include "loki.serviceName" .)}}:{{ .Values.loki.service.port }} - readinessProbe: - httpGet: - path: /ready - port: http-metrics - initialDelaySeconds: 45 - livenessProbe: - httpGet: - path: /ready - port: http-metrics - initialDelaySeconds: 45 - datasource: - jsonData: "{}" - uid: "" - -promtail: - enabled: true - config: - logLevel: info - serverPort: 3101 - clients: - - url: http://{{ .Release.Name }}:3100/loki/api/v1/push - -fluent-bit: - enabled: false - -grafana: - enabled: true - sidecar: - datasources: - label: "" - labelValue: "" - enabled: true - maxLines: 1000 - image: - tag: 8.3.5 diff --git a/test/e2e/minikube/run-attestation-test.sh b/test/e2e/minikube/run-attestation-test.sh deleted file mode 100755 index 515ab3c8..00000000 --- a/test/e2e/minikube/run-attestation-test.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/sh - -set -e -echo "USAGE: $0 CERTIFICATE_IDENTITY CERTIFICATE_OIDC_ISSUER STEP" -echo "EXAMPLE: $0 example@email.com https://github.com/login/oauth" -set -v -# NOTE: The oidc-issuer for Google is https://accounts.google.com, Microsoft is https://login.microsoftonline.com, GitHub is https://github.com/login/oauth, and GitLab is https://gitlab.com." - -CERTIFICATE_IDENTITY=$1 -CERTIFICATE_OIDC_ISSUER=$2 - -# based on https://stackoverflow.com/a/31269848 / https://bobcopeland.com/blog/2012/10/goto-in-bash/ -if [ -n "$3" ]; then - STEP=${3:-1} - eval "set -v; $(sed -n "/## $STEP: /{:a;n;p;ba};" $0 )" - exit -fi - - -## 1: configure the cluster to support image validation -../common/scripts/redeploy-images.sh --set policy.issuer=$CERTIFICATE_OIDC_ISSUER --set policy.subject=$CERTIFICATE_IDENTITY - -## 2: deploy app -docker pull nginxdemos/nginx-hello@sha256:2ab1f0bef4461020a1aabee4260a1fe93b03ed69d7f72908acca3a7ec33cb1c0 -docker tag docker.io/nginxdemos/nginx-hello:latest ttl.sh/nginx-hello:1h -docker push ttl.sh/nginx-hello:1h - -./deploy-pod.sh ../common/manifests/manifest-attestation-nginx.yaml --certificate-identity $CERTIFICATE_IDENTITY --certificate-oidc-issuer $CERTIFICATE_OIDC_ISSUER - -## 3: Get Application info -INGRESS_URL=$(minikube service -n keda ingress-nginx-controller --url=true -p c1 | head -n 1); echo $INGRESS_URL -MANIFEST_HOST=example.tpodinfo.local # From manifest-nginx.yaml - -while ! curl --connect-timeout 40 -H "Host: $MANIFEST_HOST" $INGRESS_URL --fail-with-body; do sleep 10; done -echo - -go run ../../../cmd/trustedpods verify $INGRESS_URL --host-header $MANIFEST_HOST diff --git a/test/e2e/minikube/run-test.sh b/test/e2e/minikube/run-test.sh deleted file mode 100755 index 1c0a24dc..00000000 --- a/test/e2e/minikube/run-test.sh +++ /dev/null @@ -1,138 +0,0 @@ -#!/usr/bin/env bash -# SPDX-License-Identifier: GPL-3.0 - -set -e - -trap 'pkill -f "kubectl port-forward" && kill $(jobs -p) && pkill $$ &>/dev/null' EXIT - -if [ "$1" = "teardown" ]; then - minikube delete - - if [ "$2" = "full" ]; then - docker rm --force registry - docker rm --force anvil - rm -r /home/ezio/.apocryph/deployment/ - exit 0 - fi - exit 0 -fi - -cd "$(dirname "$0")" - -which curl >/dev/null; which jq >/dev/null; which xargs >/dev/null; which sed >/dev/null -which go >/dev/null -which ipfs >/dev/null -which forge &>/dev/null || export PATH=$PATH:~/.bin/foundry -which forge >/dev/null; which cast >/dev/null -which minikube >/dev/null; which helmfile >/dev/null; which helm >/dev/null; which kubectl >/dev/null -which docker >/dev/null - -# based on https://stackoverflow.com/a/31269848 / https://bobcopeland.com/blog/2012/10/goto-in-bash/ -if [ -n "$1" ]; then - STEP=${1:-1} - eval "set -v; $(sed -n "/## $STEP: /{:a;n;p;ba};" $0)" - exit -fi - -echo -e "\e[1;32m---" -echo "Note: To skip steps, use '$0 '" -echo " e.g. to skip ahead to configuring IPFS, run '$0 1.2'" -echo -e "---\e[0m" - -set -v - -sudo chmod o+rw /run/containerd/containerd.sock - -## 0: Set up the external environment - -# pull registry and foundry images -../common/scripts/pull-images.sh - -## 0.1: Build/tag server and p2p-helper images - -../common/scripts/build-images.sh - -## 0.3: Set up a local ethereum node and deploy contracts to it - -../common/scripts/redeploy-contracts.sh - -## 1: Set up the Kubernetes environment ## - -[ "$(minikube status -f'{{.Kubelet}}')" = "Running" ] || minikube start --insecure-registry='host.minikube.internal:5000' --container-runtime=containerd -p c1 - -minikube addons enable metrics-server -p c1 - -## 1.1: Apply Helm configurations ## - -kubectl delete namespace trustedpods 2>/dev/null || true - -helmfile sync || { while ! kubectl get -n keda endpoints ingress-nginx-controller -o json | jq '.subsets[].addresses[].ip' &>/dev/null; do sleep 1; done; helmfile apply; } - -## 1.2: Wait until all deployments are ready -../common/scripts/wait-deployments.sh - -## 1.3: Register the provider in the marketplace - -[ "$PORT_5004" == "" ] && { PORT_5004="yes" ; kubectl port-forward --namespace ipfs svc/ipfs-rpc 5004:5001 & sleep 0.5; } - -go run ../../../cmd/tpodserver registry register \ - --config ../common/configs/config.yaml \ - --ipfs /ip4/127.0.0.1/tcp/5004 \ - --ethereum-rpc http://127.0.0.1:8545 \ - --ethereum-key 0x59c6995e998f97a5a0044966f0945389dc9e86dae88c7a8412f4603b6b78690d \ - --token-contract 0x5FbDB2315678afecb367f032d93F642f64180aa3 \ - --registry-contract 0x9fe46736679d2d9a65f0992f2272de9f3c7fa6e0 \ - - -## 2: Deploy example manifest to cluster ## - -./deploy-pod.sh ../common/manifests/manifest-nginx.yaml - -## 3: Connect and measure balances ## - -WITHDRAW_ETH=0x90F79bf6EB2c4f870365E785982E1f101E93b906 #TODO copied from trustedpods/tpodserver.yml -TOKEN_CONTRACT=$(cat ../../../contracts/broadcast/Deploy.s.sol/31337/run-latest.json | jq -r '.returns.token.value') -INGRESS_URL=$(minikube service -n keda ingress-nginx-controller --url=true -p c1 | head -n 1); echo $INGRESS_URL -MANIFEST_HOST=example.local # From manifest-nginx.yaml - -echo "Provider balance before:" $(cast call "$TOKEN_CONTRACT" "balanceOf(address)" "$WITHDRAW_ETH" | cast to-fixed-point 18) - -set -x - -while ! curl --connect-timeout 40 -H "Host: $MANIFEST_HOST" $INGRESS_URL --fail-with-body; do sleep 10; done -curl -H "Host: $MANIFEST_HOST" $INGRESS_URL --fail-with-body - -set +x - -sleep 45 - -echo "Provider balance after:" $(cast call "$TOKEN_CONTRACT" "balanceOf(address)" "$WITHDRAW_ETH" | cast to-fixed-point 18) - -## 4: In conclusion.. - -set +v - -echo -e "\e[1;32m---" -echo "Note: To interact with the deployed guestbook, run the following" -echo " kubectl port-forward --namespace keda svc/ingress-nginx-controller 1234:80 &" -echo " xdg-open http://guestbook.localhost:1234/" -echo "Note: To stop the minikube cluster/provider, use '$0 teardown'" -echo " and to clean-up everything the script does, use '$0 teardown full'" -echo -e "---\e[0m" - -exit 0; - -## Env: (debug stuff) - -export PROVIDER_ETH=0x70997970C51812dc3A010C7d01b50e0d17dc79C8 #TODO= anvil.accounts[1] -export PUBLISHER_KEY=$(docker logs anvil | awk '/Private Keys/ {flag=1; next} flag && /^\(2\)/ {print $2; exit}') -export TOKEN_CONTRACT=$(cat ../../../contracts/broadcast/Deploy.s.sol/31337/run-latest.json | jq -r '.returns.token.value') -export PAYMENT_CONTRACT=$(cat ../../../contracts/broadcast/Deploy.s.sol/31337/run-latest.json | jq -r '.returns.payment.value') -export REGISTRY_CONTRACT=$(cat ../../../contracts/broadcast/Deploy.s.sol/31337/run-latest.json | jq -r '.returns.registry.value') -export FUNDS=10000000000000000000000 -export INGRESS_URL=$(minikube service -n keda ingress-nginx-controller --url=true -p c1 | head -n 1); echo $INGRESS_URL -export MANIFEST_HOST=guestbook.localhost # From manifest-guestbook.yaml -[ "$PORT_5004" == "" ] && { PORT_5004="yes" ; kubectl port-forward --namespace ipfs svc/ipfs-rpc 5004:5001 & sleep 0.5; } -[ -n "$PROVIDER_IPFS" ] || { PROVIDER_IPFS=$(curl -X POST "http://127.0.0.1:5004/api/v0/id" -s | jq '.ID' -r); echo $PROVIDER_IPFS; } -[ -n "$IPFS_DAEMON" ] || { IPFS_DAEMON=yes; ipfs daemon & { while ! [ -f ${IPFS_PATH:-~/.ipfs}/api ]; do sleep 0.1; done; } 2>/dev/null; } - diff --git a/test/e2e/minikube/trustedpods/templates/proxypolicy.yml b/test/e2e/minikube/trustedpods/templates/proxypolicy.yml deleted file mode 100644 index d86484cb..00000000 --- a/test/e2e/minikube/trustedpods/templates/proxypolicy.yml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: policy.sigstore.dev/v1beta1 -kind: ClusterImagePolicy -metadata: - name: tpod-proxy-policy -spec: - images: - - glob: {{.Values.policy.image}} - authorities: - - keyless: - identities: - - issuer: {{.Values.policy.issuer}} - subject: {{.Values.policy.subject}} - diff --git a/test/e2e/minikube/trustedpods/templates/serviceaccount.yml b/test/e2e/minikube/trustedpods/templates/serviceaccount.yml deleted file mode 100644 index b6e400b6..00000000 --- a/test/e2e/minikube/trustedpods/templates/serviceaccount.yml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app: tpodserver - name: tpodserver-serviceaccount - namespace: trustedpods -# --- -# apiVersion: rbac.authorization.k8s.io/v1 -# kind: ClusterRole -# metadata: -# name: my-cluster-role -# namespace: trustedpods -# rules: -# - apiGroups: [""] -# resources: ["pods"] -# verbs: ["get", "list"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: tpodserver-cluster-role-binding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: cluster-admin # TODO -subjects: -- kind: ServiceAccount - name: tpodserver-serviceaccount - namespace: trustedpods diff --git a/test/e2e/minikube/trustedpods/values.yaml b/test/e2e/minikube/trustedpods/values.yaml deleted file mode 100644 index 60a4b2dc..00000000 --- a/test/e2e/minikube/trustedpods/values.yaml +++ /dev/null @@ -1,7 +0,0 @@ -ethKey: '0x59c6995e998f97a5a0044966f0945389dc9e86dae88c7a8412f4603b6b78690d' -withdraw: - address: '0x70997970C51812dc3A010C7d01b50e0d17dc79C8' -policy: - issuer: https://github.com/login/oauth - subject: comrade@email.com - image: comradecoop/apocryph/tpod-proxy:latest diff --git a/test/e2e/nginx/Tiltfile b/test/e2e/nginx/Tiltfile new file mode 100644 index 00000000..0f122ab5 --- /dev/null +++ b/test/e2e/nginx/Tiltfile @@ -0,0 +1,54 @@ +# -*- mode: Python -*- +# SPDX-License-Identifier: GPL-3.0 + +load("../../../deploy/Tiltfile", "apocryph_resource", "cluster_ip") + +apocryph_resource( + "nginx-example", + "../common/manifests/manifest-nginx.yaml", + upload_images=True, + apply_flags=["--mint-funds"], + labels=["apocryph-pod", "flaky"], +) + + +withdraw_address = "0x70997970C51812dc3A010C7d01b50e0d17dc79C8" # TODO copied from :/deploy/trustedpods/values.yaml +token_contract = "0x5FbDB2315678afecb367f032d93F642f64180aa3" # TODO copied from :/contracts/broadcast/Deploy.s.sol/31337/run-latest.json +manifest_host = ( + "example.localhost" # TODO copied from :/test/e2e/common/manifests/manifest-nginx.yaml +) + +ethereum_namespace = "eth" +# TODO copied from :/deploy/Tiltfile +ethereum_rpc = ( + "http://%s:$(kubectl get svc -n %s eth-rpc -o jsonpath --template '{$.spec.ports[0].nodePort}')" + % (cluster_ip, ethereum_namespace) +) + +provider_balance_cmd = 'cast call "%s" "balanceOf(address)" "%s" -r %s | cast to-fixed-point 18' % ( + token_contract, + withdraw_address, + ethereum_rpc, +) +curl_cmd = 'curl --connect-timeout 40 -H "Host: %s" localhost:8004 --fail-with-body' % manifest_host + +local_resource( + "nginx-example-measure-and-query", + [ + "bash", + "-c", + " ".join( + [ + "set -xeuo pipefail;", + 'echo -n "Provider balance before:"; %s;' % provider_balance_cmd, + "while ! %s; do sleep 10; done;" % curl_cmd, + "%s;" % curl_cmd, + "sleep 100;", + 'echo -n "Provider balance after:"; %s;' % provider_balance_cmd, + ] + ), + ], + labels=["apocryph-pod"], + trigger_mode=TRIGGER_MODE_MANUAL, + auto_init=False, +)