chore: Use same admin key on control plane

demeter-run · Nov 5, 2024 · 08c1f0f · 08c1f0f
1 parent 183b696
commit 08c1f0f
Show file tree

Hide file tree

Showing 8 changed files with 41 additions and 13 deletions.
diff --git a/bootstrap/stage1/crd.tf b/bootstrap/stage1/crd.tf
@@ -60,10 +60,6 @@ resource "kubernetes_manifest" "customresourcedefinition_hydradoomnodes_hydra_do
                       }
                       "type" = "array"
                     }
-                    "initialUtxoAddress" = {
-                      "nullable" = true
-                      "type"     = "string"
-                    }
                     "networkId" = {
                       "format"  = "uint8"
                       "minimum" = 0

diff --git a/bootstrap/stage2/control-plane.tf b/bootstrap/stage2/control-plane.tf
@@ -58,6 +58,16 @@ resource "kubernetes_deployment_v1" "control_plane" {
             value = 8000
           }
 
+          env {
+            name  = "ROCKET_ADMIN_KEY_FILE"
+            value = "${local.secret_mount_path}/admin.sk"
+          }
+
+          volume_mount {
+            name       = "secret"
+            mount_path = local.secret_mount_path
+          }
+
           resources {
             limits = {
               cpu    = var.control_plane_resources.limits.cpu
@@ -76,6 +86,13 @@ resource "kubernetes_deployment_v1" "control_plane" {
           }
         }
 
+        volume {
+          name = "secret"
+          config_map {
+            name = local.secret
+          }
+        }
+
         dynamic "toleration" {
           for_each = var.tolerations
 

diff --git a/bootstrap/stage2/deployment.tf b/bootstrap/stage2/deployment.tf
@@ -80,6 +80,11 @@ resource "kubernetes_deployment_v1" "operator" {
             value = var.external_port
           }
 
+          env {
+            name  = "OFFLINE_INITIAL_UTXO_ADDRESS"
+            value = var.admin_addr
+          }
+
           resources {
             limits = {
               cpu    = var.resources.limits.cpu

diff --git a/bootstrap/stage2/main.tf b/bootstrap/stage2/main.tf
@@ -2,6 +2,7 @@ locals {
   operator_component      = "operator"
   configmap               = "hydra-pod-config"
   secret                  = "hydra-pod-admin-key"
+  secret_mount_path       = "/var/secret"
   control_plane_component = "control-plane"
 }
 
@@ -43,6 +44,15 @@ variable "external_port" {
   type = number
 }
 
+variable "admin_key_path" {
+  type = string
+}
+
+variable "admin_addr" {
+  type        = string
+  description = "Must be consistent with admin key, calculated using cardano cli."
+}
+
 variable "tolerations" {
   type = list(object({
     effect   = string

diff --git a/bootstrap/stage2/secret.tf b/bootstrap/stage2/secret.tf
@@ -4,7 +4,8 @@ resource "kubernetes_secret" "admin_key" {
     namespace = var.namespace
   }
   data = {
-    "admin.sk" = "${file("${path.module}/admin.sk")}"
+    # "admin.sk" = "${file("${path.module}/admin.sk")}"
+    "admin.sk" = var.admin_key_path
   }
   type = "Opaque"
 }
diff --git a/docker/dockerfile.hydra b/docker/dockerfile.hydra
@@ -4,8 +4,8 @@ WORKDIR /app
 
 RUN apt-get update && apt-get install -y libssl-dev pkg-config git
 
-RUN git clone https://github.com/scarmuega/hydra-control-plane.git
-RUN cd hydra-control-plane && git checkout feat/k8s-integration
+RUN git clone https://github.com/gonzalezzfelipe/hydra-control-plane.git
+RUN cd hydra-control-plane && git checkout chore/use-admin-key
 
 WORKDIR /app/hydra-control-plane
 RUN cargo build --locked --release

diff --git a/src/config.rs b/src/config.rs
@@ -19,6 +19,7 @@ pub struct Config {
     pub blockfrost_key: String,
     pub external_domain: String,
     pub external_port: String,
+    pub offline_initial_utxo_address: String,
 }
 
 impl Config {
@@ -32,6 +33,8 @@ impl Config {
             blockfrost_key: env::var("BLOCKFROST_KEY").expect("Missing BLOCKFROST_KEY env var"),
             external_domain: env::var("EXTERNAL_DOMAIN").expect("Missing EXTERNAL_DOMAIN env var."),
             external_port: env::var("EXTERNAL_PORT").expect("Missing EXTERNAL_PORT env var."),
+            offline_initial_utxo_address: env::var("OFFLINE_INITIAL_UTXO_ADDRESS")
+                .expect("Missing OFFLINE_INITIAL_UTXO_ADDRESS env var."),
         }
     }
 }
diff --git a/src/custom_resource.rs b/src/custom_resource.rs
@@ -40,7 +40,6 @@ pub static HYDRA_DOOM_NODE_FINALIZER: &str = "hydradoomnode/finalizer";
 #[serde(rename_all = "camelCase")]
 pub struct HydraDoomNodeSpec {
     pub offline: Option<bool>,
-    pub initial_utxo_address: Option<String>,
     // Open head
     pub network_id: u8,
     pub seed_input: String,
@@ -98,7 +97,7 @@ impl HydraDoomNode {
         format!("{}.{}", self.name_any(), config.external_domain,)
     }
 
-    pub fn configmap(&self, _config: &Config, _constants: &K8sConstants) -> ConfigMap {
+    pub fn configmap(&self, config: &Config, _constants: &K8sConstants) -> ConfigMap {
         let name = self.internal_name();
 
         ConfigMap {
@@ -117,10 +116,7 @@ impl HydraDoomNode {
                         }}
                     }}
                 }}"#,
-                    self.spec.initial_utxo_address.clone().unwrap_or(
-                        "addr_test1vphyqcvtwdpuwlmslna29ymaua8e9cswlmllt9wkey345cqgtzv2j"
-                            .to_string()
-                    )
+                    config.offline_initial_utxo_address.clone()
                 ),
             )])),
             ..Default::default()