From 362197b942c97c08756f641e28dd30d32f22e7a0 Mon Sep 17 00:00:00 2001 From: Calin Martinconi Date: Thu, 12 Sep 2024 13:47:32 +0300 Subject: [PATCH] chore: remove clef references (#415) * chore: remove clef references * chore: remove unused set init containers options struct --- cmd/beekeeper/cmd/cluster.go | 7 +- config/config.yaml | 20 ---- config/local.yaml | 55 --------- config/testnet-giant.yaml | 4 - config/testnet.yaml | 4 - pkg/config/bee.go | 2 - pkg/config/cluster.go | 6 - pkg/config/nodegroup.go | 2 - pkg/orchestration/k8s/helpers.go | 132 --------------------- pkg/orchestration/k8s/node.go | 22 ---- pkg/orchestration/k8s/node_orchestrator.go | 43 ------- pkg/orchestration/k8s/nodegroup.go | 54 ++------- pkg/orchestration/node.go | 20 +--- pkg/orchestration/nodegroup.go | 2 - 14 files changed, 18 insertions(+), 355 deletions(-) diff --git a/cmd/beekeeper/cmd/cluster.go b/cmd/beekeeper/cmd/cluster.go index 859049832..a0664a997 100644 --- a/cmd/beekeeper/cmd/cluster.go +++ b/cmd/beekeeper/cmd/cluster.go @@ -294,12 +294,7 @@ func setupNodeOptions(node config.ClusterNode, bConfig *orchestration.Config) or nOptions := orchestration.NodeOptions{ Config: bConfig, } - if len(node.Clef.Key) > 0 { - nOptions.ClefKey = node.Clef.Key - } - if len(node.Clef.Password) > 0 { - nOptions.ClefPassword = node.Clef.Password - } + if len(node.LibP2PKey) > 0 { nOptions.LibP2PKey = node.LibP2PKey } diff --git a/config/config.yaml b/config/config.yaml index 88d5f6622..943d0afe5 100644 --- a/config/config.yaml +++ b/config/config.yaml @@ -26,16 +26,10 @@ clusters: nodes: - name: bootnode-0 bootnodes: /dns4/bootnode-1-headless.%s.svc.cluster.local/tcp/1634/p2p/16Uiu2HAmMw7Uj6vfraD9BYx3coDs6MK6pAmActE8fsfaZwigsaB6 - # clef: - # key: '{"address":"1c4bc31fb44362ee7523a715913ef88cb2124d9c","crypto":{"cipher":"aes-128-ctr","ciphertext":"d71ca74e969857e215fbf61b8474bcec90b54b87a77d9c4ba586471b98068510","cipherparams":{"iv":"a542cef23e0cd4cd3934d100f92dc0c6"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":64,"p":1,"r":8,"salt":"d9fafd5fedbf0901a8b23581f8995ec72df2450f7f504019e450cc5a1d95b6aa"},"mac":"4da3db2eb5f363193786f19587d7f3312b873e9e7564a1eae42032aa603d11c7"},"id":"961e0366-c6b2-42d7-b96b-7d8efa622aaf","version":3}' - # password: clefbeesecret libp2p-key: '{"address":"aa6675fb77f3f84304a00d5ea09902d8a500364091a457cf21e05a41875d48f7","crypto":{"cipher":"aes-128-ctr","ciphertext":"93effebd3f015f496367e14218cb26d22de8f899e1d7b7686deb6ab43c876ea5","cipherparams":{"iv":"627434462c2f960d37338022d27fc92e"},"kdf":"scrypt","kdfparams":{"n":32768,"r":8,"p":1,"dklen":32,"salt":"a59e72e725fe3de25dd9c55aa55a93ed0e9090b408065a7204e2f505653acb70"},"mac":"dfb1e7ad93252928a7ff21ea5b65e8a4b9bda2c2e09cb6a8ac337da7a3568b8c"},"version":3}' swarm-key: '{"address":"f176839c150e52fe30e5c2b5c648465c6fdfa532","crypto":{"cipher":"aes-128-ctr","ciphertext":"352af096f0fca9dfbd20a6861bde43d988efe7f179e0a9ffd812a285fdcd63b9","cipherparams":{"iv":"613003f1f1bf93430c92629da33f8828"},"kdf":"scrypt","kdfparams":{"n":32768,"r":8,"p":1,"dklen":32,"salt":"ad1d99a4c64c95c26131e079e8c8a82221d58bf66a7ceb767c33a4c376c564b8"},"mac":"cafda1bc8ca0ffc2b22eb69afd1cf5072fd09412243443be1b0c6832f57924b6"},"version":3}' - name: bootnode-1 bootnodes: /dns4/bootnode-0-headless.%s.svc.cluster.local/tcp/1634/p2p/16Uiu2HAm6i4dFaJt584m2jubyvnieEECgqM2YMpQ9nusXfy8XFzL - # clef: - # key: '{"address":"9ce69a62ca736b28a08baf2aad48349d218f3182","crypto":{"cipher":"aes-128-ctr","ciphertext":"aada885f0cb71c315c6d9a5948db4ff2a6532474b9b434ea4180b8ddc12cec81","cipherparams":{"iv":"df719b7645ee3617a68e5691bd0e991d"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":64,"p":1,"r":8,"salt":"b7bce85125a786cf8928fc46105aa9027cbb486437317f2a929702e795f7e554"},"mac":"f577f7ad401b00c832c677c2141538645da18397dcc6e3cd4b2e2f6ee5a60f28"},"id":"f6c14462-fc98-4807-a159-d514bdd61f7d","version":3}' - # password: clefbeesecret libp2p-key: '{"address":"03348ecf3adae1d05dc16e475a83c94e49e28a4d3c7db5eccbf5ca4ea7f688ddcdfe88acbebef2037c68030b1a0a367a561333e5c5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470","crypto":{"cipher":"aes-128-ctr","ciphertext":"0d0ff25e9b03292e622c5a09ec00c2acb7ff5882f02dd2f00a26ac6d3292a434","cipherparams":{"iv":"cd4082caf63320b306fe885796ba224f"},"kdf":"scrypt","kdfparams":{"n":32768,"r":8,"p":1,"dklen":32,"salt":"a4d63d56c539eb3eff2a235090127486722fa2c836cf735d50d673b730cebc3f"},"mac":"aad40da9c1e742e2b01bb8f76ba99ace97ccb0539cea40e31eb6b9bb64a3f36a"},"version":3}' swarm-key: '{"address":"ebe269e07161c68a942a3a7fce6b4ed66867d6f0","crypto":{"cipher":"aes-128-ctr","ciphertext":"06b550c35b46099aea8f6c9f799497d34bd5ebc13af79c7cdb2a1037227544ad","cipherparams":{"iv":"fa088e69b1849e40f190a5f69f0555f8"},"kdf":"scrypt","kdfparams":{"n":32768,"r":8,"p":1,"dklen":32,"salt":"42b4f2815c0042d02eed916a7a74ecdc005f1f7eae0cfb5837c15f469df9ddba"},"mac":"23e3d0594ab94587258a33cc521edbde009b887a6f117ed7a3422d1c95123568"},"version":3}' bee: @@ -53,16 +47,6 @@ clusters: - name: bee-2 api-url: https://bee-2.beekeeper.testnet.internal debug-api-url: https://bee-2-debug.beekeeper.testnet.internal - # nodes: - # - clef: - # key: '{"address":"4558ab6d518bf60b813eeba3077eed986027c5da","crypto":{"cipher":"aes-128-ctr","ciphertext":"1bbeffa438a8b8fd592a46323fe0168d8d8e2625085ca8550023b5c0bd48a126","cipherparams":{"iv":"3f369a742a465aaf5e3025864639421a"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":64,"p":1,"r":8,"salt":"4c2c1fde6491213ea3c6021c82a70327bc0a056569a6e7c2a3fda9e486c0f090"},"mac":"f733b77f675acf0539e7d3d60735408c6efd43893dc0d5b0f94124b0197f89dd"},"id":"1e526dc4-60bd-4c4d-897d-f284806abf2b","version":3}' - # password: clefbeesecret - # - clef: - # key: '{"address":"24d7ed323121dedde08d1a9bbd9d054b839daeb8","crypto":{"cipher":"aes-128-ctr","ciphertext":"ea7572730209e815078fd6a32abce9cceeeb2aabe44908bc212005cd3e705ed0","cipherparams":{"iv":"05d4ef77ecfe7a95b970b04998314303"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":64,"p":1,"r":8,"salt":"6b3b75689f29a6cbe458cafdadddbb42e2b4256e9729570fb4b1077a09a1b9fb"},"mac":"729d8049519daee7559a856fc11f9166fffe9ceef3533f288ba335d9fdcab392"},"id":"009aafd5-e803-46c0-a061-bf314a81cf79","version":3}' - # password: clefbeesecret - # - clef: - # key: '{"address":"59ad7a86e3115e50af278edb46917bb1d447172a","crypto":{"cipher":"aes-128-ctr","ciphertext":"0cade286ef24fba2f8272ff8f76aca11b572296d89e7e98adffadca950a9ae87","cipherparams":{"iv":"064b28702c7b6e8d3f6b5e384522bd9a"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":64,"p":1,"r":8,"salt":"be9030a16c79c4fb77bbfc0b5597791e3cf3ad506abd7ccee48809fe2a98fea0"},"mac":"d91202f50ad0bd709cbc8da7195ce08510e7299d394761392af5f184ebe0b94f"},"id":"551210c5-c319-4f19-9179-d6e86a60c45d","version":3}' - # password: clefbeesecret light: mode: node bee-config: light-node @@ -84,8 +68,6 @@ clusters: node-groups: default: _inherit: "" - clef-image: ethersphere/clef:latest - clef-image-pull-policy: Always image: ethersphere/bee:latest image-pull-policy: Always image-pull-secrets: [regcred] @@ -128,8 +110,6 @@ bee-configs: bootnodes: "" bootnode-mode: false cache-capacity: 1000000 - clef-signer-enable: false - clef-signer-endpoint: "http://localhost:8550" cors-allowed-origins: "" data-dir: "/home/bee/.bee" db-open-files-limit: 200 diff --git a/config/local.yaml b/config/local.yaml index d2a1d924e..72e06bb08 100644 --- a/config/local.yaml +++ b/config/local.yaml @@ -19,8 +19,6 @@ clusters: nodes: - name: bootnode-0 bootnodes: /dns4/bootnode-0-headless.%s.svc.cluster.local/tcp/1634/p2p/QmaHzvd3iZduu275CMkMVZKwbsjXSyH3GJRj4UvFJApKcb - # clef-key: '{"address":"1c4bc31fb44362ee7523a715913ef88cb2124d9c","crypto":{"cipher":"aes-128-ctr","ciphertext":"d71ca74e969857e215fbf61b8474bcec90b54b87a77d9c4ba586471b98068510","cipherparams":{"iv":"a542cef23e0cd4cd3934d100f92dc0c6"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":64,"p":1,"r":8,"salt":"d9fafd5fedbf0901a8b23581f8995ec72df2450f7f504019e450cc5a1d95b6aa"},"mac":"4da3db2eb5f363193786f19587d7f3312b873e9e7564a1eae42032aa603d11c7"},"id":"961e0366-c6b2-42d7-b96b-7d8efa622aaf","version":3}' - # clef-password: clefbeesecret libp2p-key: '{"address":"28678fe31f09f722d53e77ca2395569f19959fa5","crypto":{"cipher":"aes-128-ctr","ciphertext":"0ff319684c4f8decf9c998047febe3417cfc45832b8bb62fd818183d54cf5d0183bfa021ed95addce3b33e83ce7ee73e926f00eea8241d96b349266a4d299829d3d22db0d536315b52b34db4a6778bfd3ce7631ad7256ea0bb9c50abea9de35d740b6fdc50caf929b1d19494690d9ed649105d02c14f5ec49d","cipherparams":{"iv":"4e9a50fb5852b5e61964f696be78066b"},"kdf":"scrypt","kdfparams":{"n":32768,"r":8,"p":1,"dklen":32,"salt":"4d513e81647e4150bb648ed8d2dda28d460802336bf24d620119eac66ae0c0c4"},"mac":"9ae71db96e5ddc1c214538d42082212bbbe53aeac09fcc3e3a8eff815648331e"},"version":3,"id":"ae3bc991-d89f-405a-9e6a-60e27347e22d"}' swarm-key: '{"address":"f176839c150e52fe30e5c2b5c648465c6fdfa532","crypto":{"cipher":"aes-128-ctr","ciphertext":"352af096f0fca9dfbd20a6861bde43d988efe7f179e0a9ffd812a285fdcd63b9","cipherparams":{"iv":"613003f1f1bf93430c92629da33f8828"},"kdf":"scrypt","kdfparams":{"n":32768,"r":8,"p":1,"dklen":32,"salt":"ad1d99a4c64c95c26131e079e8c8a82221d58bf66a7ceb767c33a4c376c564b8"},"mac":"cafda1bc8ca0ffc2b22eb69afd1cf5072fd09412243443be1b0c6832f57924b6"},"version":3}' bee: @@ -50,31 +48,6 @@ clusters: config: local-light count: 2 mode: node - local-clef: - _inherit: "local" - node-groups: - bootnode: - mode: bootnode - bee-config: bootnode-local-clef - config: local-clef - nodes: - - name: bootnode-0 - bootnodes: /dns4/bootnode-0-headless.%s.svc.cluster.local/tcp/1634/p2p/QmaHzvd3iZduu275CMkMVZKwbsjXSyH3GJRj4UvFJApKcb - libp2p-key: '{"address":"28678fe31f09f722d53e77ca2395569f19959fa5","crypto":{"cipher":"aes-128-ctr","ciphertext":"0ff319684c4f8decf9c998047febe3417cfc45832b8bb62fd818183d54cf5d0183bfa021ed95addce3b33e83ce7ee73e926f00eea8241d96b349266a4d299829d3d22db0d536315b52b34db4a6778bfd3ce7631ad7256ea0bb9c50abea9de35d740b6fdc50caf929b1d19494690d9ed649105d02c14f5ec49d","cipherparams":{"iv":"4e9a50fb5852b5e61964f696be78066b"},"kdf":"scrypt","kdfparams":{"n":32768,"r":8,"p":1,"dklen":32,"salt":"4d513e81647e4150bb648ed8d2dda28d460802336bf24d620119eac66ae0c0c4"},"mac":"9ae71db96e5ddc1c214538d42082212bbbe53aeac09fcc3e3a8eff815648331e"},"version":3,"id":"ae3bc991-d89f-405a-9e6a-60e27347e22d"}' - clef: - key: '{"address":"1c4bc31fb44362ee7523a715913ef88cb2124d9c","crypto":{"cipher":"aes-128-ctr","ciphertext":"d71ca74e969857e215fbf61b8474bcec90b54b87a77d9c4ba586471b98068510","cipherparams":{"iv":"a542cef23e0cd4cd3934d100f92dc0c6"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":64,"p":1,"r":8,"salt":"d9fafd5fedbf0901a8b23581f8995ec72df2450f7f504019e450cc5a1d95b6aa"},"mac":"4da3db2eb5f363193786f19587d7f3312b873e9e7564a1eae42032aa603d11c7"},"id":"961e0366-c6b2-42d7-b96b-7d8efa622aaf","version":3}' - password: clefbeesecret - bee: - bee-config: bee-local-clef - config: local-clef - mode: node - nodes: - - clef: - key: '{"address":"4558ab6d518bf60b813eeba3077eed986027c5da","crypto":{"cipher":"aes-128-ctr","ciphertext":"1bbeffa438a8b8fd592a46323fe0168d8d8e2625085ca8550023b5c0bd48a126","cipherparams":{"iv":"3f369a742a465aaf5e3025864639421a"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":64,"p":1,"r":8,"salt":"4c2c1fde6491213ea3c6021c82a70327bc0a056569a6e7c2a3fda9e486c0f090"},"mac":"f733b77f675acf0539e7d3d60735408c6efd43893dc0d5b0f94124b0197f89dd"},"id":"1e526dc4-60bd-4c4d-897d-f284806abf2b","version":3}' - password: clefbeesecret - - clef: - key: '{"address":"24d7ed323121dedde08d1a9bbd9d054b839daeb8","crypto":{"cipher":"aes-128-ctr","ciphertext":"ea7572730209e815078fd6a32abce9cceeeb2aabe44908bc212005cd3e705ed0","cipherparams":{"iv":"05d4ef77ecfe7a95b970b04998314303"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":64,"p":1,"r":8,"salt":"6b3b75689f29a6cbe458cafdadddbb42e2b4256e9729570fb4b1077a09a1b9fb"},"mac":"729d8049519daee7559a856fc11f9166fffe9ceef3533f288ba335d9fdcab392"},"id":"009aafd5-e803-46c0-a061-bf314a81cf79","version":3}' - password: clefbeesecret local-gc: _inherit: "local" node-groups: @@ -97,8 +70,6 @@ clusters: node-groups: local: _inherit: "" - clef-image: ethersphere/clef:latest - clef-image-pull-policy: Always image: k3d-registry.localhost:5000/ethersphere/bee:latest image-pull-policy: Always ingress-annotations: @@ -129,8 +100,6 @@ node-groups: update-strategy: "RollingUpdate" local-dns: _inherit: "local" - local-clef: - _inherit: "local" local-gc: _inherit: "local" local-light: @@ -145,8 +114,6 @@ bee-configs: bootnodes: "" bootnode-mode: false cache-capacity: 20000 - clef-signer-enable: false - clef-signer-endpoint: "" cors-allowed-origins: "" data-dir: "/home/bee/.bee" db-open-files-limit: 200 @@ -195,15 +162,6 @@ bee-configs: _inherit: "bee-local" bootnode: /dnsaddr/localhost full-node: false - bee-local-clef: - _inherit: "bee-local" - clef-signer-enable: true - clef-signer-endpoint: "http://localhost:8550" - bootnode-local-clef: - _inherit: "bee-local" - clef-signer-enable: true - clef-signer-endpoint: "http://localhost:8550" - bootnode-mode: true bee-local-gc: _inherit: "bee-local" cache-capacity: 10 @@ -315,19 +273,6 @@ checks: wait-before-download: 15s timeout: 15m type: settlements - ci-settlements-clef: - options: - dry-run: false - expect-settlements: true - file-name: settlements - file-size: 14680064 # 14mb = 14*1024*1024 - postage-amount: 1000 - postage-depth: 20 - threshold: 100000000 - upload-node-count: 3 - wait-before-download: 35s - timeout: 10m - type: settlements ci-smoke: options: content-size: 5000000 diff --git a/config/testnet-giant.yaml b/config/testnet-giant.yaml index 8f21f8c43..efebfdc2e 100644 --- a/config/testnet-giant.yaml +++ b/config/testnet-giant.yaml @@ -32,8 +32,6 @@ clusters: node-groups: testnet-giant: _inherit: "" - clef-image: ethersphere/clef:latest - clef-image-pull-policy: Always image: ethersphere/bee:latest image-pull-policy: Always image-pull-secrets: [regcred] @@ -76,8 +74,6 @@ bee-configs: bootnodes: "" bootnode-mode: false cache-capacity: 1000000 - clef-signer-enable: false - clef-signer-endpoint: "http://localhost:8550" cors-allowed-origins: "" data-dir: "/home/bee/.bee" db-open-files-limit: 200 diff --git a/config/testnet.yaml b/config/testnet.yaml index b76bef31f..ea286e4f1 100644 --- a/config/testnet.yaml +++ b/config/testnet.yaml @@ -29,8 +29,6 @@ clusters: node-groups: testnet: _inherit: "" - clef-image: ethersphere/clef:latest - clef-image-pull-policy: Always image: ethersphere/bee:latest image-pull-policy: Always image-pull-secrets: [regcred] @@ -78,8 +76,6 @@ bee-configs: bootnodes: "/dnsaddr/testnet.ethswarm.org" bootnode-mode: false cache-capacity: 1000000 - clef-signer-enable: false - clef-signer-endpoint: "http://localhost:8550" cors-allowed-origins: "" data-dir: "/home/bee/.bee" db-open-files-limit: 200 diff --git a/pkg/config/bee.go b/pkg/config/bee.go index b83f1b6c6..4c3c58d17 100644 --- a/pkg/config/bee.go +++ b/pkg/config/bee.go @@ -18,8 +18,6 @@ type BeeConfig struct { Bootnodes *string `yaml:"bootnodes"` BootnodeMode *bool `yaml:"bootnode-mode"` CacheCapacity *uint64 `yaml:"cache-capacity"` - ClefSignerEnable *bool `yaml:"clef-signer-enable"` - ClefSignerEndpoint *string `yaml:"clef-signer-endpoint"` CORSAllowedOrigins *string `yaml:"cors-allowed-origins"` DataDir *string `yaml:"data-dir"` DbOpenFilesLimit *int `yaml:"db-open-files-limit"` diff --git a/pkg/config/cluster.go b/pkg/config/cluster.go index 4407ac4cd..c5621ed5d 100644 --- a/pkg/config/cluster.go +++ b/pkg/config/cluster.go @@ -37,7 +37,6 @@ type ClusterNodeGroup struct { type ClusterNode struct { Name string `yaml:"name"` Bootnodes string `yaml:"bootnodes"` - Clef Clef `yaml:"clef"` LibP2PKey string `yaml:"libp2p-key"` SwarmKey string `yaml:"swarm-key"` } @@ -47,11 +46,6 @@ type NodeEndpoint struct { APIURL string `yaml:"api-url"` } -type Clef struct { - Key string `yaml:"key"` - Password string `yaml:"password"` -} - // Export exports Cluster to orchestration.ClusterOptions, skipping all other extra fields func (c *Cluster) Export() (o orchestration.ClusterOptions) { localVal := reflect.ValueOf(c).Elem() diff --git a/pkg/config/nodegroup.go b/pkg/config/nodegroup.go index 4a6beeda2..8c74df4ff 100644 --- a/pkg/config/nodegroup.go +++ b/pkg/config/nodegroup.go @@ -12,8 +12,6 @@ type NodeGroup struct { *Inherit `yaml:",inline"` // node group configuration Annotations *map[string]string `yaml:"annotations"` - ClefImage *string `yaml:"clef-image"` - ClefImagePullPolicy *string `yaml:"clef-image-pull-policy"` Image *string `yaml:"image"` ImagePullPolicy *string `yaml:"image-pull-policy"` ImagePullSecrets *[]string `yaml:"image-pull-secrets"` diff --git a/pkg/orchestration/k8s/helpers.go b/pkg/orchestration/k8s/helpers.go index 671abb589..628d1a457 100644 --- a/pkg/orchestration/k8s/helpers.go +++ b/pkg/orchestration/k8s/helpers.go @@ -17,8 +17,6 @@ block-time: {{ .BlockTime }} bootnode: {{.Bootnodes}} bootnode-mode: {{.BootnodeMode}} cache-capacity: {{.CacheCapacity}} -clef-signer-enable: {{.ClefSignerEnable}} -clef-signer-endpoint: {{.ClefSignerEndpoint}} cors-allowed-origins: {{.CORSAllowedOrigins}} data-dir: {{.DataDir}} db-open-files-limit: {{.DbOpenFilesLimit}} @@ -58,48 +56,6 @@ withdrawal-addresses-whitelist: {{.WithdrawAddress}} ` ) -type setInitContainersOptions struct { - ClefEnabled bool - ClefSecretEnabled bool - ClefImage string - ClefImagePullPolicy string - ClefPassword string - LibP2PEnabled bool - SwarmEnabled bool -} - -func setInitContainers(o setInitContainersOptions) (inits containers.Containers) { - if o.ClefEnabled { - inits = append(inits, containers.Container{ - Name: "init-clef", - Image: o.ClefImage, - ImagePullPolicy: o.ClefImagePullPolicy, - Command: []string{"sh", "-c", "/entrypoint.sh init; echo 'clef initialization done';"}, - VolumeMounts: setClefVolumeMounts(setClefVolumeMountsOptions{ - ClefEnabled: o.ClefEnabled, - ClefSecretEnabled: o.ClefSecretEnabled, - }), - }) - } - if o.LibP2PEnabled || o.SwarmEnabled { - inits = append(inits, containers.Container{ - Name: "init-bee", - Image: "ethersphere/busybox:1.33", - Command: []string{"sh", "-c", `mkdir -p /home/bee/.bee/keys; -chown -R 999:999 /home/bee/.bee/keys; -echo 'bee initialization done';`}, - VolumeMounts: containers.VolumeMounts{ - { - Name: "data", - MountPath: "home/bee/.bee", - }, - }, - }) - } - - return -} - type setContainersOptions struct { Name string Image string @@ -111,11 +67,6 @@ type setContainersOptions struct { ResourcesLimitMemory string ResourcesRequestCPU string ResourcesRequestMemory string - ClefEnabled bool - ClefSecretEnabled bool - ClefImage string - ClefImagePullPolicy string - ClefPassword string LibP2PEnabled bool SwarmEnabled bool } @@ -175,26 +126,6 @@ func setContainers(o setContainersOptions) (c containers.Containers) { }), }) - if o.ClefEnabled { - c = append(c, containers.Container{ - Name: "clef", - Image: o.ClefImage, - ImagePullPolicy: o.ClefImagePullPolicy, - Command: []string{"sh", "-c", "/entrypoint.sh run;"}, - Ports: containers.Ports{ - { - Name: "api", - ContainerPort: int32(8550), - Protocol: "TCP", - }, - }, - VolumeMounts: setClefVolumeMounts(setClefVolumeMountsOptions{ - ClefEnabled: o.ClefEnabled, - ClefSecretEnabled: o.ClefSecretEnabled, - }), - }) - } - return } @@ -234,44 +165,10 @@ func setBeeVolumeMounts(o setBeeVolumeMountsOptions) (volumeMounts containers.Vo return } -type setClefVolumeMountsOptions struct { - ClefEnabled bool - ClefSecretEnabled bool -} - -func setClefVolumeMounts(o setClefVolumeMountsOptions) (volumeMounts containers.VolumeMounts) { - if o.ClefEnabled { - volumeMounts = append(volumeMounts, containers.VolumeMount{ - Name: "clef", - MountPath: "/app/data", - ReadOnly: false, - }) - if o.ClefSecretEnabled { - volumeMounts = append(volumeMounts, containers.VolumeMount{ - Name: "clef-key", - MountPath: "/app/data/keystore/clef.key", - SubPath: "clef.key", - ReadOnly: true, - }) - volumeMounts = append(volumeMounts, containers.VolumeMount{ - Name: "clef-secret", - MountPath: "/app/data/password", - SubPath: "password", - ReadOnly: true, - }) - } - } - - return -} - type setVolumesOptions struct { ConfigCM string KeysSecret string - ClefSecret string PersistenceEnabled bool - ClefEnabled bool - ClefSecretEnabled bool LibP2PEnabled bool SwarmEnabled bool } @@ -290,35 +187,6 @@ func setVolumes(o setVolumesOptions) (volumes pod.Volumes) { }, }) } - if o.ClefEnabled { - volumes = append(volumes, pod.Volume{ - EmptyDir: &pod.EmptyDirVolume{ - Name: "clef", - }, - }) - if o.ClefSecretEnabled { - volumes = append(volumes, pod.Volume{ - Secret: &pod.SecretVolume{ - Name: "clef-key", - SecretName: o.ClefSecret, - Items: pod.Items{{ - Key: "key", - Value: "clef.key", - }}, - }, - }) - volumes = append(volumes, pod.Volume{ - Secret: &pod.SecretVolume{ - Name: "clef-secret", - SecretName: o.ClefSecret, - Items: pod.Items{{ - Key: "password", - Value: "password", - }}, - }, - }) - } - } if o.LibP2PEnabled { volumes = append(volumes, pod.Volume{ Secret: &pod.SecretVolume{ diff --git a/pkg/orchestration/k8s/node.go b/pkg/orchestration/k8s/node.go index 614de2c91..5dbb7cb12 100644 --- a/pkg/orchestration/k8s/node.go +++ b/pkg/orchestration/k8s/node.go @@ -44,16 +44,6 @@ func (n Node) Config() *orchestration.Config { return n.opts.Config } -// ClefKey returns node's clefKey -func (n Node) ClefKey() string { - return n.opts.ClefKey -} - -// ClefPassword returns node's clefPassword -func (n Node) ClefPassword() string { - return n.opts.ClefPassword -} - // LibP2PKey returns node's libP2PKey func (n Node) LibP2PKey() string { return n.opts.LibP2PKey @@ -70,18 +60,6 @@ func (n Node) SetSwarmKey(key string) orchestration.Node { return n } -// SetClefKey sets node's Clef key -func (n Node) SetClefKey(key string) orchestration.Node { - n.opts.ClefKey = key - return n -} - -// SetClefKey sets node's Clef key -func (n Node) SetClefPassword(password string) orchestration.Node { - n.opts.ClefPassword = password - return n -} - // Create implements orchestration.Node. // Subtle: this method shadows the method (NodeOrchestrator).Create of Node.NodeOrchestrator. func (n Node) Create(ctx context.Context, o orchestration.CreateOptions) (err error) { diff --git a/pkg/orchestration/k8s/node_orchestrator.go b/pkg/orchestration/k8s/node_orchestrator.go index d94c99047..b9db858cc 100644 --- a/pkg/orchestration/k8s/node_orchestrator.go +++ b/pkg/orchestration/k8s/node_orchestrator.go @@ -91,24 +91,6 @@ func (n *nodeOrchestrator) Create(ctx context.Context, o orchestration.CreateOpt } n.log.Infof("secret %s is set in namespace %s", keysSecret, o.Namespace) - // secret with clef key and pass - clefSecretEnabled := len(o.ClefKey) > 0 && len(o.ClefPassword) > 0 - clefSecret := fmt.Sprintf("%s-clef", o.Name) - if o.Config.ClefSignerEnable && clefSecretEnabled { - clefSecretData := map[string]string{ - "key": o.ClefKey, - "password": o.ClefPassword, - } - if _, err := n.k8s.Secret.Set(ctx, clefSecret, o.Namespace, secret.Options{ - Annotations: o.Annotations, - Labels: o.Labels, - StringData: clefSecretData, - }); err != nil { - return fmt.Errorf("set secret in namespace %s: %w", o.Namespace, err) - } - n.log.Infof("secret %s is set in namespace %s", clefSecret, o.Namespace) - } - // service account svcAccount := o.Name if _, err := n.k8s.ServiceAccount.Set(ctx, svcAccount, o.Namespace, serviceaccount.Options{ @@ -268,7 +250,6 @@ func (n *nodeOrchestrator) Create(ctx context.Context, o orchestration.CreateOpt // statefulset sSet := o.Name - clefEnabled := o.Config.ClefSignerEnable libP2PEnabled := len(o.LibP2PKey) > 0 swarmEnabled := len(o.SwarmKey) > 0 @@ -286,15 +267,6 @@ func (n *nodeOrchestrator) Create(ctx context.Context, o orchestration.CreateOpt Annotations: o.Annotations, Labels: o.Labels, Spec: pod.PodSpec{ - InitContainers: setInitContainers(setInitContainersOptions{ - ClefEnabled: clefEnabled, - ClefSecretEnabled: clefSecretEnabled, - ClefImage: o.ClefImage, - ClefImagePullPolicy: o.ClefImagePullPolicy, - ClefPassword: o.ClefPassword, - LibP2PEnabled: libP2PEnabled, - SwarmEnabled: swarmEnabled, - }), Containers: setContainers(setContainersOptions{ Name: sSet, Image: o.Image, @@ -306,11 +278,6 @@ func (n *nodeOrchestrator) Create(ctx context.Context, o orchestration.CreateOpt ResourcesLimitMemory: o.ResourcesLimitMemory, ResourcesRequestCPU: o.ResourcesRequestCPU, ResourcesRequestMemory: o.ResourcesRequestMemory, - ClefEnabled: clefEnabled, - ClefSecretEnabled: clefSecretEnabled, - ClefImage: o.ClefImage, - ClefImagePullPolicy: o.ClefImagePullPolicy, - ClefPassword: o.ClefPassword, LibP2PEnabled: libP2PEnabled, SwarmEnabled: swarmEnabled, }), @@ -324,9 +291,6 @@ func (n *nodeOrchestrator) Create(ctx context.Context, o orchestration.CreateOpt ConfigCM: configCM, KeysSecret: keysSecret, PersistenceEnabled: o.PersistenceEnabled, - ClefEnabled: clefEnabled, - ClefSecretEnabled: clefSecretEnabled, - ClefSecret: clefSecret, LibP2PEnabled: libP2PEnabled, SwarmEnabled: swarmEnabled, }), @@ -397,13 +361,6 @@ func (n *nodeOrchestrator) Delete(ctx context.Context, name string, namespace st } n.log.Infof("serviceaccount %s is deleted in namespace %s", svcAccount, namespace) - // secret with clef key - clefSecret := fmt.Sprintf("%s-clef", name) - if err := n.k8s.Secret.Delete(ctx, clefSecret, namespace); err != nil { - return fmt.Errorf("deleting secret in namespace %s: %w", namespace, err) - } - n.log.Infof("secret %s is deleted in namespace %s", clefSecret, namespace) - // secret with keys keysSecret := fmt.Sprintf("%s-keys", name) if err = n.k8s.Secret.Delete(ctx, keysSecret, namespace); err != nil { diff --git a/pkg/orchestration/k8s/nodegroup.go b/pkg/orchestration/k8s/nodegroup.go index 647dd3953..5611efe96 100644 --- a/pkg/orchestration/k8s/nodegroup.go +++ b/pkg/orchestration/k8s/nodegroup.go @@ -81,12 +81,10 @@ func (g *NodeGroup) AddNode(ctx context.Context, name string, o orchestration.No client := bee.NewClient(beeClientOpts, g.log) n := NewNode(name, orchestration.NodeOptions{ - ClefKey: o.ClefKey, - ClefPassword: o.ClefPassword, - Client: client, - Config: config, - LibP2PKey: o.LibP2PKey, - SwarmKey: o.SwarmKey, + Client: client, + Config: config, + LibP2PKey: o.LibP2PKey, + SwarmKey: o.SwarmKey, }, g.nodeOrchestrator, g.log) g.addNode(n) @@ -327,10 +325,6 @@ func (g *NodeGroup) CreateNode(ctx context.Context, name string) (err error) { Name: name, Namespace: g.clusterOpts.Namespace, Annotations: g.opts.Annotations, - ClefImage: g.opts.ClefImage, - ClefImagePullPolicy: g.opts.ClefImagePullPolicy, - ClefKey: n.ClefKey(), - ClefPassword: n.ClefPassword(), Image: g.opts.Image, ImagePullPolicy: g.opts.ImagePullPolicy, ImagePullSecrets: g.opts.ImagePullSecrets, @@ -672,41 +666,19 @@ func (g *NodeGroup) PregenerateSwarmKey(ctx context.Context, name string) (err e if !n.Config().SwapEnable || !n.Config().ChequebookEnable { var swarmKey string - if n.Config().ClefSignerEnable { - if n.ClefKey() == "" { - password := n.ClefPassword() - if password == "" { - password = "clefbeesecret" - n = n.SetClefPassword(password) - } - swarmKey, err = utils.CreateSwarmKey(password) - if err != nil { - return fmt.Errorf("create Clef key for node %s: %w", name, err) - } - - n = n.SetClefKey(swarmKey) - - if err := g.setNode(name, n); err != nil { - return fmt.Errorf("setting node %s: %w", name, err) - } - } else { - swarmKey = n.ClefKey() + if n.SwarmKey() == "" { + swarmKey, err = utils.CreateSwarmKey(n.Config().Password) + if err != nil { + return fmt.Errorf("create Swarm key for node %s: %w", name, err) } - } else { - if n.SwarmKey() == "" { - swarmKey, err = utils.CreateSwarmKey(n.Config().Password) - if err != nil { - return fmt.Errorf("create Swarm key for node %s: %w", name, err) - } - n = n.SetSwarmKey(swarmKey) + n = n.SetSwarmKey(swarmKey) - if err := g.setNode(name, n); err != nil { - return fmt.Errorf("setting node %s: %w", name, err) - } - } else { - swarmKey = n.SwarmKey() + if err := g.setNode(name, n); err != nil { + return fmt.Errorf("setting node %s: %w", name, err) } + } else { + swarmKey = n.SwarmKey() } var key utils.EncryptedKey diff --git a/pkg/orchestration/node.go b/pkg/orchestration/node.go index 413abb0da..893dc6a9d 100644 --- a/pkg/orchestration/node.go +++ b/pkg/orchestration/node.go @@ -15,14 +15,10 @@ import ( var ErrNotSet = errors.New("orchestration client not set") type Node interface { - ClefKey() string - ClefPassword() string Client() *bee.Client Config() *Config LibP2PKey() string Name() string - SetClefKey(key string) Node - SetClefPassword(key string) Node SetSwarmKey(key string) Node SwarmKey() string Create(ctx context.Context, o CreateOptions) (err error) @@ -73,12 +69,10 @@ func (ek EncryptedKey) GetEthAddress() (string, error) { // NodeOptions holds optional parameters for the Node. type NodeOptions struct { - ClefKey string - ClefPassword string - Client *bee.Client - Config *Config - LibP2PKey string - SwarmKey EncryptedKey + Client *bee.Client + Config *Config + LibP2PKey string + SwarmKey EncryptedKey } // CreateOptions represents available options for creating node @@ -89,10 +83,6 @@ type CreateOptions struct { Name string Namespace string Annotations map[string]string - ClefImage string - ClefImagePullPolicy string - ClefKey string - ClefPassword string Labels map[string]string Image string ImagePullPolicy string @@ -124,8 +114,6 @@ type Config struct { Bootnodes string // initial nodes to connect to BootnodeMode bool // cause the node to always accept incoming connections CacheCapacity uint64 // cache capacity in chunks, multiply by 4096 (MaxChunkSize) to get approximate capacity in bytes - ClefSignerEnable bool // enable clef signer - ClefSignerEndpoint string // clef signer endpoint CORSAllowedOrigins string // origins with CORS headers enabled DataDir string // data directory DbOpenFilesLimit int // number of open files allowed by database diff --git a/pkg/orchestration/nodegroup.go b/pkg/orchestration/nodegroup.go index 369a7b465..446a8eff6 100644 --- a/pkg/orchestration/nodegroup.go +++ b/pkg/orchestration/nodegroup.go @@ -41,8 +41,6 @@ type NodeGroup interface { // NodeGroupOptions represents node group options type NodeGroupOptions struct { Annotations map[string]string - ClefImage string - ClefImagePullPolicy string BeeConfig *Config Image string ImagePullPolicy string