From d14e630591cd1aaceefc12080dad6594ab434e4f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Zaremba?= Date: Fri, 14 Feb 2025 18:31:25 +0100 Subject: [PATCH 01/28] Update Charts to enable metrics to be shown through TOR --- charts/tor-proxy/README.md | 4 +--- charts/tor-proxy/values.yaml | 4 +--- charts/validator/templates/tor-onion-service.yaml | 7 +++++++ charts/validator/values.yaml | 6 +++++- 4 files changed, 14 insertions(+), 7 deletions(-) diff --git a/charts/tor-proxy/README.md b/charts/tor-proxy/README.md index 1dda639f..52a2ecf4 100644 --- a/charts/tor-proxy/README.md +++ b/charts/tor-proxy/README.md @@ -20,7 +20,7 @@ A Helm chart for deploying tor-proxy to Kubernetes | autoscaling.maxReplicas | int | `100` | | | autoscaling.minReplicas | int | `1` | | | autoscaling.targetCPUUtilizationPercentage | int | `80` | | -| env.normal.TOR_EXTRA_ARGS | string | `"SocksPort 0.0.0.0:9050\nHiddenServiceDir /var/lib/tor/hidden_services\nHiddenServicePort 8888 127.0.0.1:8080\n"` | | +| env.normal.TOR_EXTRA_ARGS | string | `"SocksPort 0.0.0.0:9050\nHiddenServiceDir /var/lib/tor/hidden_services\nHiddenServicePort 8888 127.0.0.1:8080\nHiddenServicePort 9999 127.0.0.1:9090\n"` | | | extraObjects | list | `[]` | Extra K8s manifests to deploy | | fullnameOverride | string | `""` | | | image.pullPolicy | string | `"IfNotPresent"` | | @@ -54,5 +54,3 @@ A Helm chart for deploying tor-proxy to Kubernetes | tolerations | list | `[]` | | | torConfig | object | `{}` | | ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.13.1](https://github.com/norwoodj/helm-docs/releases/v1.13.1) diff --git a/charts/tor-proxy/values.yaml b/charts/tor-proxy/values.yaml index 839f5344..50e34f71 100644 --- a/charts/tor-proxy/values.yaml +++ b/charts/tor-proxy/values.yaml @@ -43,9 +43,6 @@ service: port: 9050 protocol: TCP ### to add more listeners for webapi, add them here - # hidden1: - # port: 8888 - # protocol: TCP # webapi: # port: 8080 # protocol: TCP @@ -107,6 +104,7 @@ env: SocksPort 0.0.0.0:9050 HiddenServiceDir /var/lib/tor/hidden_services HiddenServicePort 8888 127.0.0.1:8080 + HiddenServicePort 9999 127.0.0.1:9090 torConfig: {} # existingSecret: "existingSecret" ## OR specify a private key diff --git a/charts/validator/templates/tor-onion-service.yaml b/charts/validator/templates/tor-onion-service.yaml index c6076b8b..ef304816 100644 --- a/charts/validator/templates/tor-onion-service.yaml +++ b/charts/validator/templates/tor-onion-service.yaml @@ -14,3 +14,10 @@ spec: name: ghost port: number: {{ .Values.ghost.service.ports.webapi.port }} + - port: + number: 9999 + backend: + service: + name: ghost + port: + number: {{ .Values.ghost.service.ports.metrics.port }} diff --git a/charts/validator/values.yaml b/charts/validator/values.yaml index 844f56ed..2ae929ee 100644 --- a/charts/validator/values.yaml +++ b/charts/validator/values.yaml @@ -143,6 +143,10 @@ ghost: webapi: port: 8080 protocol: TCP + # -- metrics listen port for the validator service + metrics: + port: 9090 + protocol: TCP # to add more port-mappings, add them here: # https: # port: 8443 @@ -225,7 +229,7 @@ ghost: # -- Values for Tor Proxy (subchart of ghost) tor-proxy: - # -- values for tor-proxy, installs [tor-controller](/crds/tor-controller.yaml) and creates an [onionService CRD](/templates/onion-service.yaml) + # -- values for tor-proxy, installs [tor-controller](/crds/tor-controller.yaml) and creates an [onionService CRD](/templates/tor-onion-service.yaml) enabled: true serviceMonitor: From 71788baa3a89674a3ac9ba7af6d9e48f8849ee8b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Zaremba?= Date: Tue, 18 Feb 2025 19:17:11 +0100 Subject: [PATCH 02/28] 9090 --- charts/validator/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/validator/values.yaml b/charts/validator/values.yaml index 2ae929ee..fb49ada1 100644 --- a/charts/validator/values.yaml +++ b/charts/validator/values.yaml @@ -174,7 +174,7 @@ ghost: # port: 8080 # pathType: ImplementationSpecific # - path: /metrics - # port: 9100 + # port: 9090 # pathType: ImplementationSpecific tls: [] # - secretName: chart-example-tls From 5394a6175370798987ea26f2bdc7e04d9943a97b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Zaremba?= Date: Thu, 20 Feb 2025 15:07:23 +0100 Subject: [PATCH 03/28] Drop TOR based metrics (for now) --- charts/validator/templates/tor-onion-service.yaml | 7 ------- charts/validator/values.yaml | 4 ---- 2 files changed, 11 deletions(-) diff --git a/charts/validator/templates/tor-onion-service.yaml b/charts/validator/templates/tor-onion-service.yaml index ef304816..c6076b8b 100644 --- a/charts/validator/templates/tor-onion-service.yaml +++ b/charts/validator/templates/tor-onion-service.yaml @@ -14,10 +14,3 @@ spec: name: ghost port: number: {{ .Values.ghost.service.ports.webapi.port }} - - port: - number: 9999 - backend: - service: - name: ghost - port: - number: {{ .Values.ghost.service.ports.metrics.port }} diff --git a/charts/validator/values.yaml b/charts/validator/values.yaml index fb49ada1..eb35e22f 100644 --- a/charts/validator/values.yaml +++ b/charts/validator/values.yaml @@ -143,10 +143,6 @@ ghost: webapi: port: 8080 protocol: TCP - # -- metrics listen port for the validator service - metrics: - port: 9090 - protocol: TCP # to add more port-mappings, add them here: # https: # port: 8443 From 646b001fd3d0138183e90d6df924335ba96487a8 Mon Sep 17 00:00:00 2001 From: Wesley Charles Blake Date: Thu, 20 Feb 2025 20:50:42 +0200 Subject: [PATCH 04/28] tor metrics fixes --- charts/validator/README.md | 4 ++++ charts/validator/templates/tor-onion-service.yaml | 4 +++- charts/validator/values.yaml | 3 +++ 3 files changed, 10 insertions(+), 1 deletion(-) diff --git a/charts/validator/README.md b/charts/validator/README.md index 57a44939..d0e2da74 100644 --- a/charts/validator/README.md +++ b/charts/validator/README.md @@ -64,6 +64,8 @@ A Helm chart for deploying Chronicle Validator on Kubernetes | ghost.webApi | object | `{"enabled":true,"listenAddr":"0.0.0.0:8080"}` | WEB API (tor-proxy) | | ghost.webApi.enabled | bool | `true` | Enables the web api and deploys the tor-proxy subchart | | ghost.webApi.listenAddr | string | `"0.0.0.0:8080"` | Listen address for the web api | +| metrics.enabled | bool | `true` | | +| metrics.port | int | `9090` | | | serviceMonitor.annotations | object | `{}` | Additional ServiceMonitor annotations | | serviceMonitor.enabled | bool | `false` | If true, a ServiceMonitor CRD is created for a prometheus operator https://github.com/coreos/prometheus-operator | | serviceMonitor.interval | string | `"60s"` | ServiceMonitor scrape interval | @@ -78,3 +80,5 @@ A Helm chart for deploying Chronicle Validator on Kubernetes | tor-proxy | object | `{"enabled":true}` | Values for Tor Proxy (subchart of ghost) | | tor-proxy.enabled | bool | `true` | values for tor-proxy, installs [tor-controller](/crds/tor-controller.yaml) and creates an [onionService CRD](/templates/onion-service.yaml) | +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/charts/validator/templates/tor-onion-service.yaml b/charts/validator/templates/tor-onion-service.yaml index c6076b8b..e143bc58 100644 --- a/charts/validator/templates/tor-onion-service.yaml +++ b/charts/validator/templates/tor-onion-service.yaml @@ -11,6 +11,8 @@ spec: number: 8888 backend: service: - name: ghost + name: {{ include "validator.fullname" . }} port: number: {{ .Values.ghost.service.ports.webapi.port }} + extraConfig: | + HiddenServicePort 9999 ghost-metrics:9090 diff --git a/charts/validator/values.yaml b/charts/validator/values.yaml index eb35e22f..c131c69d 100644 --- a/charts/validator/values.yaml +++ b/charts/validator/values.yaml @@ -228,6 +228,9 @@ tor-proxy: # -- values for tor-proxy, installs [tor-controller](/crds/tor-controller.yaml) and creates an [onionService CRD](/templates/tor-onion-service.yaml) enabled: true +metrics: + enabled: true + port: 9090 serviceMonitor: # -- If true, a ServiceMonitor CRD is created for a prometheus operator # https://github.com/coreos/prometheus-operator From 49c5db084f2ed9e291e55034b9fe9d097aaef544 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Zaremba?= Date: Thu, 20 Feb 2025 23:14:56 +0100 Subject: [PATCH 05/28] Drop TOR based metrics (for now) --- charts/tor-proxy/README.md | 2 +- charts/tor-proxy/values.yaml | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/tor-proxy/README.md b/charts/tor-proxy/README.md index 52a2ecf4..71328021 100644 --- a/charts/tor-proxy/README.md +++ b/charts/tor-proxy/README.md @@ -20,7 +20,7 @@ A Helm chart for deploying tor-proxy to Kubernetes | autoscaling.maxReplicas | int | `100` | | | autoscaling.minReplicas | int | `1` | | | autoscaling.targetCPUUtilizationPercentage | int | `80` | | -| env.normal.TOR_EXTRA_ARGS | string | `"SocksPort 0.0.0.0:9050\nHiddenServiceDir /var/lib/tor/hidden_services\nHiddenServicePort 8888 127.0.0.1:8080\nHiddenServicePort 9999 127.0.0.1:9090\n"` | | +| env.normal.TOR_EXTRA_ARGS | string | `"SocksPort 0.0.0.0:9050\nHiddenServiceDir /var/lib/tor/hidden_services\nHiddenServicePort 8888 127.0.0.1:8080\n"` | | | extraObjects | list | `[]` | Extra K8s manifests to deploy | | fullnameOverride | string | `""` | | | image.pullPolicy | string | `"IfNotPresent"` | | diff --git a/charts/tor-proxy/values.yaml b/charts/tor-proxy/values.yaml index 50e34f71..839f5344 100644 --- a/charts/tor-proxy/values.yaml +++ b/charts/tor-proxy/values.yaml @@ -43,6 +43,9 @@ service: port: 9050 protocol: TCP ### to add more listeners for webapi, add them here + # hidden1: + # port: 8888 + # protocol: TCP # webapi: # port: 8080 # protocol: TCP @@ -104,7 +107,6 @@ env: SocksPort 0.0.0.0:9050 HiddenServiceDir /var/lib/tor/hidden_services HiddenServicePort 8888 127.0.0.1:8080 - HiddenServicePort 9999 127.0.0.1:9090 torConfig: {} # existingSecret: "existingSecret" ## OR specify a private key From adff1adacbcdd1087d977612b14400e1970ff988 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Zaremba?= Date: Thu, 20 Feb 2025 23:16:19 +0100 Subject: [PATCH 06/28] Drop TOR based metrics --- charts/validator/templates/tor-onion-service.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/charts/validator/templates/tor-onion-service.yaml b/charts/validator/templates/tor-onion-service.yaml index e143bc58..696f80ce 100644 --- a/charts/validator/templates/tor-onion-service.yaml +++ b/charts/validator/templates/tor-onion-service.yaml @@ -14,5 +14,3 @@ spec: name: {{ include "validator.fullname" . }} port: number: {{ .Values.ghost.service.ports.webapi.port }} - extraConfig: | - HiddenServicePort 9999 ghost-metrics:9090 From f8292e7cc241d59ea34dd759ee8ffa19ce3eba7e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Zaremba?= Date: Thu, 20 Feb 2025 23:34:50 +0100 Subject: [PATCH 07/28] Consistency --- charts/validator/README.md | 2 -- charts/validator/crds/tor-controller.yaml | 4 ++-- charts/validator/values.yaml | 1 + 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/charts/validator/README.md b/charts/validator/README.md index d0e2da74..0783c9c4 100644 --- a/charts/validator/README.md +++ b/charts/validator/README.md @@ -80,5 +80,3 @@ A Helm chart for deploying Chronicle Validator on Kubernetes | tor-proxy | object | `{"enabled":true}` | Values for Tor Proxy (subchart of ghost) | | tor-proxy.enabled | bool | `true` | values for tor-proxy, installs [tor-controller](/crds/tor-controller.yaml) and creates an [onionService CRD](/templates/onion-service.yaml) | ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/charts/validator/crds/tor-controller.yaml b/charts/validator/crds/tor-controller.yaml index 3ce36cdc..d73d4b81 100644 --- a/charts/validator/crds/tor-controller.yaml +++ b/charts/validator/crds/tor-controller.yaml @@ -12873,7 +12873,7 @@ spec: description: HealthProbeBindAddress is the TCP address that the controller should bind to for serving health probes type: string livenessEndpointName: - description: LivenessEndpointName, defaults to "healthz" + description: LivenessEndpointName, defaults to "livez" type: string readinessEndpointName: description: ReadinessEndpointName, defaults to "readyz" @@ -17813,7 +17813,7 @@ spec: imagePullPolicy: Always livenessProbe: httpGet: - path: /healthz + path: /livez port: 8081 initialDelaySeconds: 15 periodSeconds: 20 diff --git a/charts/validator/values.yaml b/charts/validator/values.yaml index c131c69d..d196a329 100644 --- a/charts/validator/values.yaml +++ b/charts/validator/values.yaml @@ -231,6 +231,7 @@ tor-proxy: metrics: enabled: true port: 9090 + serviceMonitor: # -- If true, a ServiceMonitor CRD is created for a prometheus operator # https://github.com/coreos/prometheus-operator From b699056c062544b74820e5286002b254cfb364ff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Zaremba?= Date: Thu, 20 Feb 2025 23:46:06 +0100 Subject: [PATCH 08/28] Consistency --- charts/validator/values.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/charts/validator/values.yaml b/charts/validator/values.yaml index d196a329..8ac175c1 100644 --- a/charts/validator/values.yaml +++ b/charts/validator/values.yaml @@ -169,9 +169,6 @@ ghost: # - path: /webapi # port: 8080 # pathType: ImplementationSpecific - # - path: /metrics - # port: 9090 - # pathType: ImplementationSpecific tls: [] # - secretName: chart-example-tls # hosts: From 7e47fb9088bb5b14a81ef83b2517c82ec9923c8c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Zaremba?= Date: Tue, 25 Feb 2025 17:01:30 +0100 Subject: [PATCH 09/28] revert readme --- charts/tor-proxy/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/charts/tor-proxy/README.md b/charts/tor-proxy/README.md index 71328021..1dda639f 100644 --- a/charts/tor-proxy/README.md +++ b/charts/tor-proxy/README.md @@ -54,3 +54,5 @@ A Helm chart for deploying tor-proxy to Kubernetes | tolerations | list | `[]` | | | torConfig | object | `{}` | | +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.13.1](https://github.com/norwoodj/helm-docs/releases/v1.13.1) From 84a78c39d53a2b5777a096dbbec8d328d7845a1a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Zaremba?= Date: Thu, 1 May 2025 01:59:32 +0200 Subject: [PATCH 10/28] Prep for VAO --- charts/validator/templates/deployment.yaml | 62 +++++----------------- charts/validator/values.yaml | 60 ++++++--------------- 2 files changed, 30 insertions(+), 92 deletions(-) diff --git a/charts/validator/templates/deployment.yaml b/charts/validator/templates/deployment.yaml index c62d43ab..491d7e6d 100644 --- a/charts/validator/templates/deployment.yaml +++ b/charts/validator/templates/deployment.yaml @@ -70,9 +70,6 @@ spec: name: metrics protocol: TCP {{- end }} - - containerPort: 9100 - name: readiness - protocol: TCP {{- if .Values.ghost.liveness.enabled }} livenessProbe: {{- toYaml .Values.ghost.liveness.livenessProbe | nindent 12 }} @@ -82,17 +79,22 @@ spec: {{- toYaml .Values.ghost.readiness.readinessProbe | nindent 12 }} {{- end }} env: + ### -- WATCHDOG + - name: WATCHDOG_CONFIG_REGISTRY + value: {{ .Values.ghost.watchdogConfigReg | quote }} + {{- if .Values.ghost.watchdogInterval }} + - name: WATCHDOG_INTERVAL + value: {{ .Values.ghost.watchdogInterval | quote }} + - name: WATCHDOG_SCHEDULE + value: "" + {{- end }} ### -- LIBP2P - - name: CFG_LIBP2P_SUBSCRIPTION_BUFFER_SIZE - value: {{ .Values.ghost.libp2pSubscriptionBufferSize | quote }} - - name: CFG_LIBP2P_VALIDATE_QUEUE_SIZE - value: {{ .Values.ghost.libp2pValidateQueueSize | quote }} - name: CFG_LIBP2P_LISTEN_ADDRS value: "/ip4/0.0.0.0/tcp/{{ .Values.ghost.service.ports.libp2p.port | default 8000 }}" {{- if .Values.ghost.ingress.enabled }} {{- range .Values.ghost.ingress.hosts }} - name: CFG_LIBP2P_EXTERNAL_ADDR - value: "/dns/{{ .host }}" + value: "/dns/{{ .host }}" {{- end }} {{- end }} ### -- WEB API @@ -102,7 +104,7 @@ spec: - name: CFG_WEBAPI_LISTEN_ADDR value: {{ .Values.ghost.webApi.listenAddr | quote }} - name: CFG_WEBAPI_SOCKS5_PROXY_ADDR - value: "{{ include "validator.fullname" . }}-socks-tor-svc:9050" + value: "{{ include "validator.fullname" . }}-socks-tor-svc:9050" #??? is this supposed to be hardcoded? - name: CFG_WEB_URL valueFrom: secretKeyRef: @@ -111,9 +113,9 @@ spec: {{- end }} ### -- CHAIN and RPC (target or main chain) - name: CFG_CHAIN_NAME - value: {{ .Values.ghost.chainName | default "eth" | quote}} + value: {{ .Values.ghost.chainName | default "eth" | quote }} - name: CFG_CHAIN_ID - value: {{ .Values.ghost.chainId | default "1" | quote}} + value: {{ .Values.ghost.chainId | default "1" | quote }} {{- if .Values.ghost.rpcUrl }} - name: CFG_CHAIN_RPC_URLS value: {{ .Values.ghost.rpcUrl | quote }} @@ -122,44 +124,6 @@ spec: - name: CFG_CHAIN_TX_TYPE value: {{ .Values.ghost.chainTxType | default "eip1559" quote }} {{- end }} - ### -- CHAIN and RPC (source chain) - {{- if .Values.ghost.arbRpcUrl }} - - name: CFG_ARB_RPC_URLS - value: {{ .Values.ghost.arbRpcUrl | quote }} - {{- end }} - {{- if .Values.ghost.bnbRpcUrl }} - - name: CFG_BNB_RPC_URLS - value: {{ .Values.ghost.bnbRpcUrl | quote }} - {{- end }} - {{- if .Values.ghost.ethRpcUrl }} - - name: CFG_ETH_RPC_URLS - value: {{ .Values.ghost.ethRpcUrl | quote }} - {{- end }} - {{- if .Values.ghost.ethArchRpcUrl }} - - name: CFG_ETH_ARCH_RPC_URLS - value: {{ .Values.ghost.ethArchRpcUrl | quote }} - {{- end }} - {{- if .Values.ghost.gnoRpcUrl }} - - name: CFG_GNO_RPC_URLS - value: {{ .Values.ghost.gnoRpcUrl | quote }} - {{- end }} - {{- if .Values.ghost.mntRpcUrl }} - - name: CFG_MNT_RPC_URLS - value: {{ .Values.ghost.mntRpcUrl | quote }} - {{- end }} - {{- if .Values.ghost.optRpcUrl }} - - name: CFG_OPT_RPC_URLS - value: {{ .Values.ghost.optRpcUrl | quote }} - {{- end }} - {{- if .Values.ghost.polRpcUrl }} - - name: CFG_POL_RPC_URLS - value: {{ .Values.ghost.polRpcUrl | quote }} - {{- end }} - ### -- WATCHDOG - - name: WATCHDOG_CONFIG_REGISTRY - value: {{ .Values.ghost.watchdogConfigReg | quote }} - - name: WATCHDOG_INTERVAL - value: {{ .Values.ghost.watchdogInterval | default "900s" | quote }} ### -- ETH KEYSTORE FROM EXISTING SECRET {{- if .Values.ghost.ethConfig }} - name: CFG_ETH_FROM diff --git a/charts/validator/values.yaml b/charts/validator/values.yaml index 8ac175c1..f64ac85a 100644 --- a/charts/validator/values.yaml +++ b/charts/validator/values.yaml @@ -19,50 +19,30 @@ ghost: # -- chain name for the "target" or "main" chain we use for the validator chainName: eth - # -- RPC url for the "target" or "main" chain we use for the validator. Can be mainnet ethereum or sepolia ethereum - rpcUrl: null # -- chain id for the "target" or "main" chain we use for the validator. Can be mainnet ethereum `1` or sepolia ethereum `11155111` - chainId: '1' - # -- chain tx type for the "target" or "main" chain we use for the validator. Can be mainnet ethereum `eip1559` or sepolia ethereum `legacy` - chainTxType: null + chainId: 1 + # -- chain tx type for the "target" or "main" chain we use for the validator. Can be mainnet ethereum `eip1559` or `legacy` + chainTxType: eip1559 - # -- RPC url where the validator sources data from. (default via protocol or BYO rpc here) - # -- RPC URL for ETH - ethRpcUrl: null - # -- RPC url for ARB - arbRpcUrl: null - # -- RPC url for BNB - bnbRpcUrl: null - # -- RPC url for ETH Archival node - ethArchRpcUrl: null - # -- RPC url for GNO - gnoRpcUrl: null - # -- RPC url for MNT - mntRpcUrl: null - # -- RPC url for OETH (optimism) - optRpcUrl: null - # -- RPC url for Polygon (polygon) - polRpcUrl: null + # -- RPC url for the "target" or "main" chain we use for the validator. Can be mainnet ethereum or sepolia ethereum + rpcUrl: null # -- WATCHDOG onchain config address watchdogConfigReg: "0x94Fea534aef6df5cF66C2DAE5CE0A05d10C068F3" # -- WATCHDOG polling interval (in seconds) - watchdogInterval: "300s" - - # -- libp2p buffer size - libp2pSubscriptionBufferSize: '4096' - # -- libp2p validate queue size - libp2pValidateQueueSize: '4096' + # ---- NB: default behavior is to use a scheduler (like cron), and it is set to `30 */12 * * * *` (more or less) + # ---- if you want to use the *interval*, set this to a value to a duration string and the chart will disable scheduler + #watchdogInterval: "300s" # -- command override for the validator commandOverride: [] - # eg: + # default (baked in the image): # - "/usr/local/bin/watchdog" # - "/usr/local/bin/chronicle-app" # -- args override for the validator argsOverride: [] - # eg: + # eg: - could be used to use a custom config file # - "run" # - "-c" # - "ipfs://Qm......." @@ -94,6 +74,7 @@ ghost: # FOO: bar imagePullSecrets: [] + nameOverride: "" # -- Override the release name to so tor-proxy can work with the default config. NB only change this if you know what you are doing fullnameOverride: "ghost" @@ -152,9 +133,9 @@ ghost: annotations: {} # external-dns.alpha.kubernetes.io/hostname: DOMAIN_NAME - # -- Ingress for the validator (Do not enable ingress, as libp2p does not support path based routing yet) + # -- Ingress for the validator - we should start using it maybe??? ingress: - # -- Disabled by default, since there is a bug in libp2p port assignment for dns based routing + # -- Disabled by default, since there WAS a bug in libp2p port assignment for dns based routing enabled: false className: "" annotations: {} @@ -163,12 +144,9 @@ ghost: hosts: - host: chart-example.local paths: - - path: / - port: 8000 + - port: 8000 + path: / pathType: ImplementationSpecific - # - path: /webapi - # port: 8080 - # pathType: ImplementationSpecific tls: [] # - secretName: chart-example-tls # hosts: @@ -179,7 +157,7 @@ ghost: enabled: true livenessProbe: httpGet: - path: /healthcheck + path: /livez port: 9100 initialDelaySeconds: 30 periodSeconds: 60 @@ -189,7 +167,7 @@ ghost: enabled: true readinessProbe: httpGet: - path: /healthcheck + path: /readyz port: 9100 initialDelaySeconds: 30 periodSeconds: 60 @@ -225,10 +203,6 @@ tor-proxy: # -- values for tor-proxy, installs [tor-controller](/crds/tor-controller.yaml) and creates an [onionService CRD](/templates/tor-onion-service.yaml) enabled: true -metrics: - enabled: true - port: 9090 - serviceMonitor: # -- If true, a ServiceMonitor CRD is created for a prometheus operator # https://github.com/coreos/prometheus-operator From 417727cb10d281e965f905ac2143b826ebd834f9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Zaremba?= Date: Thu, 1 May 2025 02:27:03 +0200 Subject: [PATCH 11/28] update readmes --- charts/spire/README.md | 2 -- charts/spire/values.yaml | 2 +- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/charts/spire/README.md b/charts/spire/README.md index 7874a2c9..59414507 100644 --- a/charts/spire/README.md +++ b/charts/spire/README.md @@ -78,5 +78,3 @@ A Helm chart for deploying Chronicle spire to Kubernetes | tor-proxy.enabled | bool | `true` | | | watch | bool | `false` | | ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/charts/spire/values.yaml b/charts/spire/values.yaml index d86b2b52..3225ae1f 100644 --- a/charts/spire/values.yaml +++ b/charts/spire/values.yaml @@ -150,7 +150,7 @@ logFormat: null # Environment variable listing env: - # non sensitive variables + # non-sensitive variables # refer to https://github.com/chronicleprotocol/oracle-suite/tree/master/cmd/spire#environment-variables normal: {} # CFG_ITEM_SEPARATOR: "\n" From 92e89838ac76df6aea90262ea49542d37bf2f335 Mon Sep 17 00:00:00 2001 From: Wesley Charles Blake Date: Fri, 2 May 2025 15:11:08 +0200 Subject: [PATCH 12/28] resolve RBAC naming issues and conditionally include ports for probes --- charts/validator/templates/clusterrole.yaml | 2 +- charts/validator/templates/clusterrolebinding.yaml | 6 +++--- charts/validator/templates/deployment.yaml | 9 +++++++-- charts/validator/templates/role.yaml | 3 ++- charts/validator/templates/rolebinding.yaml | 7 ++++--- charts/validator/templates/serviceaccount-test.yaml | 2 +- charts/validator/templates/tests/test-logs.yaml | 3 ++- charts/validator/values.yaml | 1 + 8 files changed, 21 insertions(+), 12 deletions(-) diff --git a/charts/validator/templates/clusterrole.yaml b/charts/validator/templates/clusterrole.yaml index 758d30ab..79761007 100644 --- a/charts/validator/templates/clusterrole.yaml +++ b/charts/validator/templates/clusterrole.yaml @@ -1,7 +1,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: {{ include "validator.fullname" . }}-clusterrole + name: {{ include "validator.serviceAccountName" . }}-clusterrole rules: - apiGroups: [""] resources: ["nodes"] diff --git a/charts/validator/templates/clusterrolebinding.yaml b/charts/validator/templates/clusterrolebinding.yaml index dcba399d..bacdd14e 100644 --- a/charts/validator/templates/clusterrolebinding.yaml +++ b/charts/validator/templates/clusterrolebinding.yaml @@ -1,12 +1,12 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: {{ include "validator.fullname" . }}-clusterrolebinding + name: {{ include "validator.serviceAccountName" . }}-clusterrolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: {{ include "validator.fullname" . }}-clusterrole + name: {{ include "validator.serviceAccountName" . }}-clusterrole subjects: - kind: ServiceAccount - name: {{ include "validator.fullname" . }}-serviceaccount + name: {{ include "validator.serviceAccountName" . }} namespace: {{ .Release.Namespace }} diff --git a/charts/validator/templates/deployment.yaml b/charts/validator/templates/deployment.yaml index 491d7e6d..ed90e41e 100644 --- a/charts/validator/templates/deployment.yaml +++ b/charts/validator/templates/deployment.yaml @@ -25,7 +25,7 @@ spec: imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} - serviceAccountName: {{ include "validator.serviceAccountName" . }}-serviceaccount + serviceAccountName: {{ include "validator.serviceAccountName" . }} securityContext: {{- toYaml .Values.ghost.podSecurityContext | nindent 8 }} {{- if .Values.ghost.service.type | quote | eq "NodePort" }} @@ -70,6 +70,11 @@ spec: name: metrics protocol: TCP {{- end }} + {{- if or .Values.ghost.liveness.enabled .Values.ghost.readiness.enabled }} + - containerPort: 9100 + name: probes + protocol: TCP + {{- end }} {{- if .Values.ghost.liveness.enabled }} livenessProbe: {{- toYaml .Values.ghost.liveness.livenessProbe | nindent 12 }} @@ -104,7 +109,7 @@ spec: - name: CFG_WEBAPI_LISTEN_ADDR value: {{ .Values.ghost.webApi.listenAddr | quote }} - name: CFG_WEBAPI_SOCKS5_PROXY_ADDR - value: "{{ include "validator.fullname" . }}-socks-tor-svc:9050" #??? is this supposed to be hardcoded? + value: "{{ include "validator.fullname" . }}-socks-tor-svc:9050" - name: CFG_WEB_URL valueFrom: secretKeyRef: diff --git a/charts/validator/templates/role.yaml b/charts/validator/templates/role.yaml index 2529a93a..36349f9c 100644 --- a/charts/validator/templates/role.yaml +++ b/charts/validator/templates/role.yaml @@ -1,7 +1,8 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: {{ include "validator.fullname" . }}-role + name: {{ include "validator.serviceAccountName" . }}-role + rules: - apiGroups: [""] resources: ["pods", "pods/log", "services"] diff --git a/charts/validator/templates/rolebinding.yaml b/charts/validator/templates/rolebinding.yaml index 44c9a6ae..af3c3e0b 100644 --- a/charts/validator/templates/rolebinding.yaml +++ b/charts/validator/templates/rolebinding.yaml @@ -1,11 +1,12 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: {{ include "validator.fullname" . }}-rolebinding + name: {{ include "validator.serviceAccountName" . }}-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: {{ include "validator.fullname" . }}-role + name: {{ include "validator.serviceAccountName" . }}-role + subjects: - kind: ServiceAccount - name: {{ include "validator.fullname" . }}-serviceaccount + name: {{ include "validator.serviceAccountName" . }}-serviceaccount diff --git a/charts/validator/templates/serviceaccount-test.yaml b/charts/validator/templates/serviceaccount-test.yaml index 6ab1135d..f3ea42fc 100644 --- a/charts/validator/templates/serviceaccount-test.yaml +++ b/charts/validator/templates/serviceaccount-test.yaml @@ -1,4 +1,4 @@ apiVersion: v1 kind: ServiceAccount metadata: - name: {{ include "validator.fullname" . }}-serviceaccount + name: {{ include "validator.serviceAccountName" . }}-test diff --git a/charts/validator/templates/tests/test-logs.yaml b/charts/validator/templates/tests/test-logs.yaml index acb3e4ef..d75aaef6 100644 --- a/charts/validator/templates/tests/test-logs.yaml +++ b/charts/validator/templates/tests/test-logs.yaml @@ -8,7 +8,8 @@ metadata: "helm.sh/hook-weight": "5" "helm.sh/hook": test spec: - serviceAccountName: {{ include "validator.fullname" . }}-serviceaccount + serviceAccountName: {{ include "validator.serviceAccountName" . }}-test + containers: - name: test-ghost-logs image: bitnami/kubectl:latest diff --git a/charts/validator/values.yaml b/charts/validator/values.yaml index f64ac85a..4882c7c1 100644 --- a/charts/validator/values.yaml +++ b/charts/validator/values.yaml @@ -84,6 +84,7 @@ ghost: create: true # -- Annotations to add to the service account annotations: {} + # iam.amazonaws.com/role: arn:aws:iam::123456789012:role/role-name # --The name of the service account to use. # -- If not set and create is true, a name is generated using the fullname template name: "" From 7ad33c0b69ed2f261f8aa7bed4a202ee9e59bf7f Mon Sep 17 00:00:00 2001 From: Wesley Charles Blake Date: Fri, 2 May 2025 15:32:26 +0200 Subject: [PATCH 13/28] updates docs --- charts/spire/Chart.yaml | 2 +- charts/spire/README.md | 4 +++- charts/validator/Chart.yaml | 2 +- charts/validator/README.md | 33 +++++++++++---------------------- charts/validator/values.yaml | 2 +- 5 files changed, 17 insertions(+), 26 deletions(-) diff --git a/charts/spire/Chart.yaml b/charts/spire/Chart.yaml index ca0f3bc7..30845f57 100644 --- a/charts/spire/Chart.yaml +++ b/charts/spire/Chart.yaml @@ -21,7 +21,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.3.1 +version: 0.3.2 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/charts/spire/README.md b/charts/spire/README.md index 59414507..1d9fc37e 100644 --- a/charts/spire/README.md +++ b/charts/spire/README.md @@ -1,6 +1,6 @@ # spire -![Version: 0.3.1](https://img.shields.io/badge/Version-0.3.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.47.8](https://img.shields.io/badge/AppVersion-0.47.8-informational?style=flat-square) +![Version: 0.3.2](https://img.shields.io/badge/Version-0.3.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.47.8](https://img.shields.io/badge/AppVersion-0.47.8-informational?style=flat-square) A Helm chart for deploying Chronicle spire to Kubernetes @@ -78,3 +78,5 @@ A Helm chart for deploying Chronicle spire to Kubernetes | tor-proxy.enabled | bool | `true` | | | watch | bool | `false` | | +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/charts/validator/Chart.yaml b/charts/validator/Chart.yaml index 4f0ec49c..f42f191b 100644 --- a/charts/validator/Chart.yaml +++ b/charts/validator/Chart.yaml @@ -22,7 +22,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.3.26 +version: 0.3.27 # This is the version number of the application being deployed. This version number should be diff --git a/charts/validator/README.md b/charts/validator/README.md index 0783c9c4..0bc27916 100644 --- a/charts/validator/README.md +++ b/charts/validator/README.md @@ -1,6 +1,6 @@ # validator -![Version: 0.3.26](https://img.shields.io/badge/Version-0.3.26-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.57.3](https://img.shields.io/badge/AppVersion-0.57.3-informational?style=flat-square) +![Version: 0.3.27](https://img.shields.io/badge/Version-0.3.27-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.57.3](https://img.shields.io/badge/AppVersion-0.57.3-informational?style=flat-square) A Helm chart for deploying Chronicle Validator on Kubernetes @@ -16,37 +16,27 @@ A Helm chart for deploying Chronicle Validator on Kubernetes | Key | Type | Default | Description | |-----|------|---------|-------------| | extraObjects | list | `[]` | Extra K8s manifests to deploy | -| ghost | object | `{"affinity":{},"arbRpcUrl":null,"argsOverride":[],"bnbRpcUrl":null,"chainId":"1","chainName":"eth","chainTxType":null,"commandOverride":[],"env":{"normal":{}},"ethArchRpcUrl":null,"ethConfig":{},"ethRpcUrl":null,"fullnameOverride":"ghost","gnoRpcUrl":null,"image":{"pullPolicy":"Always","repository":"ghcr.io/chronicleprotocol/ghost","tag":"0.57.3@sha256:cc50f2eb8092dce67584f334cc73ce750a8ede0ca970dd759679df7b40501ee5"},"imagePullSecrets":[],"ingress":{"annotations":{},"className":"","enabled":false,"hosts":[{"host":"chart-example.local","paths":[{"path":"/","pathType":"ImplementationSpecific","port":8000}]}],"tls":[]},"libp2pSubscriptionBufferSize":"4096","libp2pValidateQueueSize":"4096","liveness":{"enabled":true,"livenessProbe":{"httpGet":{"path":"/healthcheck","port":9100},"initialDelaySeconds":30,"periodSeconds":60}},"logFormat":"text","logLevel":"info","metrics":{"enabled":true,"port":9090},"mntRpcUrl":null,"nameOverride":"","nodeSelector":{},"optRpcUrl":null,"podAnnotations":{},"podSecurityContext":{},"polRpcUrl":null,"readiness":{"enabled":true,"readinessProbe":{"httpGet":{"path":"/healthcheck","port":9100},"initialDelaySeconds":30,"periodSeconds":60}},"replicaCount":1,"resources":{},"rpcUrl":null,"securityContext":{},"service":{"annotations":{},"ports":{"libp2p":{"port":8000,"protocol":"TCP"},"webapi":{"port":8080,"protocol":"TCP"}},"type":"LoadBalancer"},"serviceAccount":{"annotations":{},"create":true,"name":""},"tolerations":[],"watchdogConfigReg":"0x94Fea534aef6df5cF66C2DAE5CE0A05d10C068F3","watchdogInterval":"300s","webApi":{"enabled":true,"listenAddr":"0.0.0.0:8080"}}` | Values for Ghost | +| ghost | object | `{"affinity":{},"argsOverride":[],"chainId":1,"chainName":"eth","chainTxType":"eip1559","commandOverride":[],"env":{"normal":{}},"ethConfig":{},"fullnameOverride":"ghost","image":{"pullPolicy":"Always","repository":"ghcr.io/chronicleprotocol/ghost","tag":"0.57.3@sha256:cc50f2eb8092dce67584f334cc73ce750a8ede0ca970dd759679df7b40501ee5"},"imagePullSecrets":[],"ingress":{"annotations":{},"className":"","enabled":false,"hosts":[{"host":"chart-example.local","paths":[{"path":"/","pathType":"ImplementationSpecific","port":8000}]}],"tls":[]},"liveness":{"enabled":true,"livenessProbe":{"httpGet":{"path":"/livez","port":9100},"initialDelaySeconds":30,"periodSeconds":60}},"logFormat":"text","logLevel":"info","metrics":{"enabled":true,"port":9090},"nameOverride":"","nodeSelector":{},"podAnnotations":{},"podSecurityContext":{},"readiness":{"enabled":true,"readinessProbe":{"httpGet":{"path":"/readyz","port":9100},"initialDelaySeconds":30,"periodSeconds":60}},"replicaCount":1,"resources":{},"rpcUrl":null,"securityContext":{},"service":{"annotations":{},"ports":{"libp2p":{"port":8000,"protocol":"TCP"},"webapi":{"port":8080,"protocol":"TCP"}},"type":"LoadBalancer"},"serviceAccount":{"annotations":{},"create":true,"name":""},"tolerations":[],"watchdogConfigReg":"0x94Fea534aef6df5cF66C2DAE5CE0A05d10C068F3","webApi":{"enabled":true,"listenAddr":"0.0.0.0:8080"}}` | Values for Ghost | | ghost.affinity | object | `{}` | pod Affinity spec applied validator | -| ghost.arbRpcUrl | string | `nil` | RPC url for ARB | | ghost.argsOverride | list | `[]` | args override for the validator | -| ghost.bnbRpcUrl | string | `nil` | RPC url for BNB | -| ghost.chainId | string | `"1"` | chain id for the "target" or "main" chain we use for the validator. Can be mainnet ethereum `1` or sepolia ethereum `11155111` | +| ghost.chainId | int | `1` | chain id for the "target" or "main" chain we use for the validator. Can be mainnet ethereum `1` or sepolia ethereum `11155111` | | ghost.chainName | string | `"eth"` | chain name for the "target" or "main" chain we use for the validator | -| ghost.chainTxType | string | `nil` | chain tx type for the "target" or "main" chain we use for the validator. Can be mainnet ethereum `eip1559` or sepolia ethereum `legacy` | +| ghost.chainTxType | string | `"eip1559"` | chain tx type for the "target" or "main" chain we use for the validator. Can be mainnet ethereum `eip1559` or `legacy` | | ghost.commandOverride | list | `[]` | command override for the validator | | ghost.env | object | `{"normal":{}}` | Environment variable listing | | ghost.env.normal | object | `{}` | un-encrypted env vars passed to the pod | -| ghost.ethArchRpcUrl | string | `nil` | RPC url for ETH Archival node | | ghost.ethConfig | object | `{}` | Provide ETH keys from existing secrets : **NB** use only existing secret OR env vars, do not provide both | -| ghost.ethRpcUrl | string | `nil` | RPC URL for ETH | | ghost.fullnameOverride | string | `"ghost"` | Override the release name to so tor-proxy can work with the default config. NB only change this if you know what you are doing | -| ghost.gnoRpcUrl | string | `nil` | RPC url for GNO | | ghost.image.tag | string | `"0.57.3@sha256:cc50f2eb8092dce67584f334cc73ce750a8ede0ca970dd759679df7b40501ee5"` | Overrides the image tag whose default is the chart appVersion. | -| ghost.ingress | object | `{"annotations":{},"className":"","enabled":false,"hosts":[{"host":"chart-example.local","paths":[{"path":"/","pathType":"ImplementationSpecific","port":8000}]}],"tls":[]}` | Ingress for the validator (Do not enable ingress, as libp2p does not support path based routing yet) | -| ghost.ingress.enabled | bool | `false` | Disabled by default, since there is a bug in libp2p port assignment for dns based routing | -| ghost.libp2pSubscriptionBufferSize | string | `"4096"` | libp2p buffer size | -| ghost.libp2pValidateQueueSize | string | `"4096"` | libp2p validate queue size | -| ghost.liveness | object | `{"enabled":true,"livenessProbe":{"httpGet":{"path":"/healthcheck","port":9100},"initialDelaySeconds":30,"periodSeconds":60}}` | Liveness probe : restart the validator if the healthcheck endpoint is not reachable | +| ghost.ingress | object | `{"annotations":{},"className":"","enabled":false,"hosts":[{"host":"chart-example.local","paths":[{"path":"/","pathType":"ImplementationSpecific","port":8000}]}],"tls":[]}` | Ingress for the validator - we should start using it maybe??? | +| ghost.ingress.enabled | bool | `false` | Disabled by default, since there WAS a bug in libp2p port assignment for dns based routing | +| ghost.liveness | object | `{"enabled":true,"livenessProbe":{"httpGet":{"path":"/livez","port":9100},"initialDelaySeconds":30,"periodSeconds":60}}` | Liveness probe : restart the validator if the healthcheck endpoint is not reachable | | ghost.logFormat | string | `"text"` | Log format for the validator, can be one of `json`, `text` | | ghost.logLevel | string | `"info"` | Log level for the validator, can be one of `debug`, `info`, `warning`, `error` | -| ghost.mntRpcUrl | string | `nil` | RPC url for MNT | | ghost.nodeSelector | object | `{}` | Node selector for the validator | -| ghost.optRpcUrl | string | `nil` | RPC url for OETH (optimism) | | ghost.podAnnotations | object | `{}` | Pod annotations for the validator | | ghost.podSecurityContext | object | `{}` | Pod security context for the validator | -| ghost.polRpcUrl | string | `nil` | RPC url for Polygon (polygon) | -| ghost.readiness | object | `{"enabled":true,"readinessProbe":{"httpGet":{"path":"/healthcheck","port":9100},"initialDelaySeconds":30,"periodSeconds":60}}` | Readiness probe : stop the validator if the metrics endpoint is not reachable | +| ghost.readiness | object | `{"enabled":true,"readinessProbe":{"httpGet":{"path":"/readyz","port":9100},"initialDelaySeconds":30,"periodSeconds":60}}` | Readiness probe : stop the validator if the metrics endpoint is not reachable | | ghost.resources | object | `{}` | Resources constraints for the validator, CPU, Memory, etc. | | ghost.rpcUrl | string | `nil` | RPC url for the "target" or "main" chain we use for the validator. Can be mainnet ethereum or sepolia ethereum | | ghost.securityContext | object | `{}` | Security context for the validator | @@ -60,12 +50,9 @@ A Helm chart for deploying Chronicle Validator on Kubernetes | ghost.serviceAccount.name | string | `""` | If not set and create is true, a name is generated using the fullname template | | ghost.tolerations | list | `[]` | Tolerations applied validator | | ghost.watchdogConfigReg | string | `"0x94Fea534aef6df5cF66C2DAE5CE0A05d10C068F3"` | WATCHDOG onchain config address | -| ghost.watchdogInterval | string | `"300s"` | WATCHDOG polling interval (in seconds) | | ghost.webApi | object | `{"enabled":true,"listenAddr":"0.0.0.0:8080"}` | WEB API (tor-proxy) | | ghost.webApi.enabled | bool | `true` | Enables the web api and deploys the tor-proxy subchart | | ghost.webApi.listenAddr | string | `"0.0.0.0:8080"` | Listen address for the web api | -| metrics.enabled | bool | `true` | | -| metrics.port | int | `9090` | | | serviceMonitor.annotations | object | `{}` | Additional ServiceMonitor annotations | | serviceMonitor.enabled | bool | `false` | If true, a ServiceMonitor CRD is created for a prometheus operator https://github.com/coreos/prometheus-operator | | serviceMonitor.interval | string | `"60s"` | ServiceMonitor scrape interval | @@ -78,5 +65,7 @@ A Helm chart for deploying Chronicle Validator on Kubernetes | serviceMonitor.scrapeTimeout | string | `"60s"` | ServiceMonitor scrape timeout | | serviceMonitor.tlsConfig | object | `{}` | ServiceMonitor TLS configuration | | tor-proxy | object | `{"enabled":true}` | Values for Tor Proxy (subchart of ghost) | -| tor-proxy.enabled | bool | `true` | values for tor-proxy, installs [tor-controller](/crds/tor-controller.yaml) and creates an [onionService CRD](/templates/onion-service.yaml) | +| tor-proxy.enabled | bool | `true` | values for tor-proxy, installs [tor-controller](/crds/tor-controller.yaml) and creates an [onionService CRD](/templates/tor-onion-service.yaml) | +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/charts/validator/values.yaml b/charts/validator/values.yaml index 4882c7c1..e0b41f46 100644 --- a/charts/validator/values.yaml +++ b/charts/validator/values.yaml @@ -32,7 +32,7 @@ ghost: # -- WATCHDOG polling interval (in seconds) # ---- NB: default behavior is to use a scheduler (like cron), and it is set to `30 */12 * * * *` (more or less) # ---- if you want to use the *interval*, set this to a value to a duration string and the chart will disable scheduler - #watchdogInterval: "300s" + # watchdogInterval: "300s" # -- command override for the validator commandOverride: [] From 5c33d613eb5213f60518d9869496328f59238523 Mon Sep 17 00:00:00 2001 From: Wesley Charles Blake Date: Fri, 2 May 2025 15:40:38 +0200 Subject: [PATCH 14/28] fix helm test service account RBAC --- charts/validator/templates/rolebinding.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/validator/templates/rolebinding.yaml b/charts/validator/templates/rolebinding.yaml index af3c3e0b..1c75254a 100644 --- a/charts/validator/templates/rolebinding.yaml +++ b/charts/validator/templates/rolebinding.yaml @@ -9,4 +9,4 @@ roleRef: subjects: - kind: ServiceAccount - name: {{ include "validator.serviceAccountName" . }}-serviceaccount + name: {{ include "validator.serviceAccountName" . }}-test From f192f2d7944a8be5635db36970914fdfdb3d95f1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Zaremba?= Date: Fri, 2 May 2025 17:53:02 +0200 Subject: [PATCH 15/28] parametrize ports --- charts/validator/templates/deployment.yaml | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/charts/validator/templates/deployment.yaml b/charts/validator/templates/deployment.yaml index ed90e41e..0d043620 100644 --- a/charts/validator/templates/deployment.yaml +++ b/charts/validator/templates/deployment.yaml @@ -70,11 +70,20 @@ spec: name: metrics protocol: TCP {{- end }} - {{- if or .Values.ghost.liveness.enabled .Values.ghost.readiness.enabled }} - - containerPort: 9100 - name: probes + {{- if .Values.ghost.liveness.enabled }} + {{- if or (not.Values.ghost.readiness.enabled) (and .Values.ghost.readiness.enabled (ne .Values.ghost.liveness.livenessProbe.httpGet.port .Values.ghost.readiness.readinessProbe.httpGet.port))}} + - containerPort: {{ .Values.ghost.liveness.livenessProbe.httpGet.port }} + name: probeLive + protocol: TCP + {{- end }} + {{- end }} + {{- if .Values.ghost.readiness.enabled }} + {{- if or (not .Values.ghost.liveness.enabled) (and .Values.ghost.liveness.enabled (ne .Values.ghost.readiness.readinessProbe.httpGet.port .Values.ghost.liveness.livenessProbe.httpGet.port))}} + - containerPort: {{ .Values.ghost.readiness.readinessProbe.httpGet.port }} + name: probeReady protocol: TCP {{- end }} + {{- end }} {{- if .Values.ghost.liveness.enabled }} livenessProbe: {{- toYaml .Values.ghost.liveness.livenessProbe | nindent 12 }} From 1e69432a11dcb64b6491399cc2dfe071b07ae6d6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Zaremba?= Date: Fri, 2 May 2025 17:59:36 +0200 Subject: [PATCH 16/28] do not change spire --- charts/spire/Chart.yaml | 2 +- charts/spire/README.md | 2 -- charts/spire/values.yaml | 2 +- 3 files changed, 2 insertions(+), 4 deletions(-) diff --git a/charts/spire/Chart.yaml b/charts/spire/Chart.yaml index 30845f57..ca0f3bc7 100644 --- a/charts/spire/Chart.yaml +++ b/charts/spire/Chart.yaml @@ -21,7 +21,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.3.2 +version: 0.3.1 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/charts/spire/README.md b/charts/spire/README.md index 1d9fc37e..44cb83c0 100644 --- a/charts/spire/README.md +++ b/charts/spire/README.md @@ -78,5 +78,3 @@ A Helm chart for deploying Chronicle spire to Kubernetes | tor-proxy.enabled | bool | `true` | | | watch | bool | `false` | | ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/charts/spire/values.yaml b/charts/spire/values.yaml index 3225ae1f..d86b2b52 100644 --- a/charts/spire/values.yaml +++ b/charts/spire/values.yaml @@ -150,7 +150,7 @@ logFormat: null # Environment variable listing env: - # non-sensitive variables + # non sensitive variables # refer to https://github.com/chronicleprotocol/oracle-suite/tree/master/cmd/spire#environment-variables normal: {} # CFG_ITEM_SEPARATOR: "\n" From 94da22ed825df5ba172885b65d55160f06db223a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Zaremba?= Date: Fri, 2 May 2025 18:03:14 +0200 Subject: [PATCH 17/28] revert --- charts/spire/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/charts/spire/README.md b/charts/spire/README.md index 44cb83c0..1d9fc37e 100644 --- a/charts/spire/README.md +++ b/charts/spire/README.md @@ -78,3 +78,5 @@ A Helm chart for deploying Chronicle spire to Kubernetes | tor-proxy.enabled | bool | `true` | | | watch | bool | `false` | | +---------------------------------------------- +Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) From a9c4393aeef6b49c57fc19207d22fcb862be4308 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Zaremba?= Date: Fri, 2 May 2025 18:04:23 +0200 Subject: [PATCH 18/28] revert --- charts/spire/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/spire/README.md b/charts/spire/README.md index 1d9fc37e..7874a2c9 100644 --- a/charts/spire/README.md +++ b/charts/spire/README.md @@ -1,6 +1,6 @@ # spire -![Version: 0.3.2](https://img.shields.io/badge/Version-0.3.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.47.8](https://img.shields.io/badge/AppVersion-0.47.8-informational?style=flat-square) +![Version: 0.3.1](https://img.shields.io/badge/Version-0.3.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.47.8](https://img.shields.io/badge/AppVersion-0.47.8-informational?style=flat-square) A Helm chart for deploying Chronicle spire to Kubernetes From f5f735f4b6a0a6766c19565564e3df424ea96ac7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Zaremba?= Date: Fri, 2 May 2025 20:49:53 +0200 Subject: [PATCH 19/28] update health check paths in README and values files --- charts/validator/README.md | 8 +++----- charts/validator/values.yaml | 8 ++++---- 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/charts/validator/README.md b/charts/validator/README.md index 0bc27916..5285dd16 100644 --- a/charts/validator/README.md +++ b/charts/validator/README.md @@ -16,7 +16,7 @@ A Helm chart for deploying Chronicle Validator on Kubernetes | Key | Type | Default | Description | |-----|------|---------|-------------| | extraObjects | list | `[]` | Extra K8s manifests to deploy | -| ghost | object | `{"affinity":{},"argsOverride":[],"chainId":1,"chainName":"eth","chainTxType":"eip1559","commandOverride":[],"env":{"normal":{}},"ethConfig":{},"fullnameOverride":"ghost","image":{"pullPolicy":"Always","repository":"ghcr.io/chronicleprotocol/ghost","tag":"0.57.3@sha256:cc50f2eb8092dce67584f334cc73ce750a8ede0ca970dd759679df7b40501ee5"},"imagePullSecrets":[],"ingress":{"annotations":{},"className":"","enabled":false,"hosts":[{"host":"chart-example.local","paths":[{"path":"/","pathType":"ImplementationSpecific","port":8000}]}],"tls":[]},"liveness":{"enabled":true,"livenessProbe":{"httpGet":{"path":"/livez","port":9100},"initialDelaySeconds":30,"periodSeconds":60}},"logFormat":"text","logLevel":"info","metrics":{"enabled":true,"port":9090},"nameOverride":"","nodeSelector":{},"podAnnotations":{},"podSecurityContext":{},"readiness":{"enabled":true,"readinessProbe":{"httpGet":{"path":"/readyz","port":9100},"initialDelaySeconds":30,"periodSeconds":60}},"replicaCount":1,"resources":{},"rpcUrl":null,"securityContext":{},"service":{"annotations":{},"ports":{"libp2p":{"port":8000,"protocol":"TCP"},"webapi":{"port":8080,"protocol":"TCP"}},"type":"LoadBalancer"},"serviceAccount":{"annotations":{},"create":true,"name":""},"tolerations":[],"watchdogConfigReg":"0x94Fea534aef6df5cF66C2DAE5CE0A05d10C068F3","webApi":{"enabled":true,"listenAddr":"0.0.0.0:8080"}}` | Values for Ghost | +| ghost | object | `{"affinity":{},"argsOverride":[],"chainId":1,"chainName":"eth","chainTxType":"eip1559","commandOverride":[],"env":{"normal":{}},"ethConfig":{},"fullnameOverride":"ghost","image":{"pullPolicy":"Always","repository":"ghcr.io/chronicleprotocol/ghost","tag":"0.57.3@sha256:cc50f2eb8092dce67584f334cc73ce750a8ede0ca970dd759679df7b40501ee5"},"imagePullSecrets":[],"ingress":{"annotations":{},"className":"","enabled":false,"hosts":[{"host":"chart-example.local","paths":[{"path":"/","pathType":"ImplementationSpecific","port":8000}]}],"tls":[]},"liveness":{"enabled":true,"livenessProbe":{"httpGet":{"path":"/healthz","port":9100},"initialDelaySeconds":30,"periodSeconds":60}},"logFormat":"text","logLevel":"info","metrics":{"enabled":true,"port":9090},"nameOverride":"","nodeSelector":{},"podAnnotations":{},"podSecurityContext":{},"readiness":{"enabled":true,"readinessProbe":{"httpGet":{"path":"/healthz","port":9100},"initialDelaySeconds":30,"periodSeconds":60}},"replicaCount":1,"resources":{},"rpcUrl":null,"securityContext":{},"service":{"annotations":{},"ports":{"libp2p":{"port":8000,"protocol":"TCP"},"webapi":{"port":8080,"protocol":"TCP"}},"type":"LoadBalancer"},"serviceAccount":{"annotations":{},"create":true,"name":""},"tolerations":[],"watchdogConfigReg":"0x94Fea534aef6df5cF66C2DAE5CE0A05d10C068F3","webApi":{"enabled":true,"listenAddr":"0.0.0.0:8080"}}` | Values for Ghost | | ghost.affinity | object | `{}` | pod Affinity spec applied validator | | ghost.argsOverride | list | `[]` | args override for the validator | | ghost.chainId | int | `1` | chain id for the "target" or "main" chain we use for the validator. Can be mainnet ethereum `1` or sepolia ethereum `11155111` | @@ -30,13 +30,13 @@ A Helm chart for deploying Chronicle Validator on Kubernetes | ghost.image.tag | string | `"0.57.3@sha256:cc50f2eb8092dce67584f334cc73ce750a8ede0ca970dd759679df7b40501ee5"` | Overrides the image tag whose default is the chart appVersion. | | ghost.ingress | object | `{"annotations":{},"className":"","enabled":false,"hosts":[{"host":"chart-example.local","paths":[{"path":"/","pathType":"ImplementationSpecific","port":8000}]}],"tls":[]}` | Ingress for the validator - we should start using it maybe??? | | ghost.ingress.enabled | bool | `false` | Disabled by default, since there WAS a bug in libp2p port assignment for dns based routing | -| ghost.liveness | object | `{"enabled":true,"livenessProbe":{"httpGet":{"path":"/livez","port":9100},"initialDelaySeconds":30,"periodSeconds":60}}` | Liveness probe : restart the validator if the healthcheck endpoint is not reachable | +| ghost.liveness | object | `{"enabled":true,"livenessProbe":{"httpGet":{"path":"/healthz","port":9100},"initialDelaySeconds":30,"periodSeconds":60}}` | Liveness probe : restart the validator if the healthcheck endpoint is not reachable | | ghost.logFormat | string | `"text"` | Log format for the validator, can be one of `json`, `text` | | ghost.logLevel | string | `"info"` | Log level for the validator, can be one of `debug`, `info`, `warning`, `error` | | ghost.nodeSelector | object | `{}` | Node selector for the validator | | ghost.podAnnotations | object | `{}` | Pod annotations for the validator | | ghost.podSecurityContext | object | `{}` | Pod security context for the validator | -| ghost.readiness | object | `{"enabled":true,"readinessProbe":{"httpGet":{"path":"/readyz","port":9100},"initialDelaySeconds":30,"periodSeconds":60}}` | Readiness probe : stop the validator if the metrics endpoint is not reachable | +| ghost.readiness | object | `{"enabled":true,"readinessProbe":{"httpGet":{"path":"/healthz","port":9100},"initialDelaySeconds":30,"periodSeconds":60}}` | Readiness probe : stop the validator if the metrics endpoint is not reachable | | ghost.resources | object | `{}` | Resources constraints for the validator, CPU, Memory, etc. | | ghost.rpcUrl | string | `nil` | RPC url for the "target" or "main" chain we use for the validator. Can be mainnet ethereum or sepolia ethereum | | ghost.securityContext | object | `{}` | Security context for the validator | @@ -67,5 +67,3 @@ A Helm chart for deploying Chronicle Validator on Kubernetes | tor-proxy | object | `{"enabled":true}` | Values for Tor Proxy (subchart of ghost) | | tor-proxy.enabled | bool | `true` | values for tor-proxy, installs [tor-controller](/crds/tor-controller.yaml) and creates an [onionService CRD](/templates/tor-onion-service.yaml) | ----------------------------------------------- -Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2) diff --git a/charts/validator/values.yaml b/charts/validator/values.yaml index e0b41f46..2eadf090 100644 --- a/charts/validator/values.yaml +++ b/charts/validator/values.yaml @@ -145,8 +145,8 @@ ghost: hosts: - host: chart-example.local paths: - - port: 8000 - path: / + - path: / + port: 8000 pathType: ImplementationSpecific tls: [] # - secretName: chart-example-tls @@ -158,7 +158,7 @@ ghost: enabled: true livenessProbe: httpGet: - path: /livez + path: /healthz # will be changed to /livez port: 9100 initialDelaySeconds: 30 periodSeconds: 60 @@ -168,7 +168,7 @@ ghost: enabled: true readinessProbe: httpGet: - path: /readyz + path: /healthz # will be changed to /readyz port: 9100 initialDelaySeconds: 30 periodSeconds: 60 From 27fc2f0cdbe3b35886ecff67e19e363d40321fc8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Zaremba?= Date: Fri, 2 May 2025 21:05:52 +0200 Subject: [PATCH 20/28] bump appVersion to 0.58.0 and update ghost image tag --- charts/validator/Chart.yaml | 2 +- charts/validator/README.md | 6 +++--- charts/validator/values.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/charts/validator/Chart.yaml b/charts/validator/Chart.yaml index f42f191b..cae8d39c 100644 --- a/charts/validator/Chart.yaml +++ b/charts/validator/Chart.yaml @@ -29,4 +29,4 @@ version: 0.3.27 # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "0.57.3" +appVersion: "0.58.0" diff --git a/charts/validator/README.md b/charts/validator/README.md index 5285dd16..54e34b88 100644 --- a/charts/validator/README.md +++ b/charts/validator/README.md @@ -1,6 +1,6 @@ # validator -![Version: 0.3.27](https://img.shields.io/badge/Version-0.3.27-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.57.3](https://img.shields.io/badge/AppVersion-0.57.3-informational?style=flat-square) +![Version: 0.3.27](https://img.shields.io/badge/Version-0.3.27-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.58.0](https://img.shields.io/badge/AppVersion-0.58.0-informational?style=flat-square) A Helm chart for deploying Chronicle Validator on Kubernetes @@ -16,7 +16,7 @@ A Helm chart for deploying Chronicle Validator on Kubernetes | Key | Type | Default | Description | |-----|------|---------|-------------| | extraObjects | list | `[]` | Extra K8s manifests to deploy | -| ghost | object | `{"affinity":{},"argsOverride":[],"chainId":1,"chainName":"eth","chainTxType":"eip1559","commandOverride":[],"env":{"normal":{}},"ethConfig":{},"fullnameOverride":"ghost","image":{"pullPolicy":"Always","repository":"ghcr.io/chronicleprotocol/ghost","tag":"0.57.3@sha256:cc50f2eb8092dce67584f334cc73ce750a8ede0ca970dd759679df7b40501ee5"},"imagePullSecrets":[],"ingress":{"annotations":{},"className":"","enabled":false,"hosts":[{"host":"chart-example.local","paths":[{"path":"/","pathType":"ImplementationSpecific","port":8000}]}],"tls":[]},"liveness":{"enabled":true,"livenessProbe":{"httpGet":{"path":"/healthz","port":9100},"initialDelaySeconds":30,"periodSeconds":60}},"logFormat":"text","logLevel":"info","metrics":{"enabled":true,"port":9090},"nameOverride":"","nodeSelector":{},"podAnnotations":{},"podSecurityContext":{},"readiness":{"enabled":true,"readinessProbe":{"httpGet":{"path":"/healthz","port":9100},"initialDelaySeconds":30,"periodSeconds":60}},"replicaCount":1,"resources":{},"rpcUrl":null,"securityContext":{},"service":{"annotations":{},"ports":{"libp2p":{"port":8000,"protocol":"TCP"},"webapi":{"port":8080,"protocol":"TCP"}},"type":"LoadBalancer"},"serviceAccount":{"annotations":{},"create":true,"name":""},"tolerations":[],"watchdogConfigReg":"0x94Fea534aef6df5cF66C2DAE5CE0A05d10C068F3","webApi":{"enabled":true,"listenAddr":"0.0.0.0:8080"}}` | Values for Ghost | +| ghost | object | `{"affinity":{},"argsOverride":[],"chainId":1,"chainName":"eth","chainTxType":"eip1559","commandOverride":[],"env":{"normal":{}},"ethConfig":{},"fullnameOverride":"ghost","image":{"pullPolicy":"Always","repository":"ghcr.io/chronicleprotocol/ghost","tag":"0.58.0@sha256:35addbb175ffaf5f241445ae4e3acba84ed854e2b93501630bb1bbc8318eb0c2"},"imagePullSecrets":[],"ingress":{"annotations":{},"className":"","enabled":false,"hosts":[{"host":"chart-example.local","paths":[{"path":"/","pathType":"ImplementationSpecific","port":8000}]}],"tls":[]},"liveness":{"enabled":true,"livenessProbe":{"httpGet":{"path":"/healthz","port":9100},"initialDelaySeconds":30,"periodSeconds":60}},"logFormat":"text","logLevel":"info","metrics":{"enabled":true,"port":9090},"nameOverride":"","nodeSelector":{},"podAnnotations":{},"podSecurityContext":{},"readiness":{"enabled":true,"readinessProbe":{"httpGet":{"path":"/healthz","port":9100},"initialDelaySeconds":30,"periodSeconds":60}},"replicaCount":1,"resources":{},"rpcUrl":null,"securityContext":{},"service":{"annotations":{},"ports":{"libp2p":{"port":8000,"protocol":"TCP"},"webapi":{"port":8080,"protocol":"TCP"}},"type":"LoadBalancer"},"serviceAccount":{"annotations":{},"create":true,"name":""},"tolerations":[],"watchdogConfigReg":"0x94Fea534aef6df5cF66C2DAE5CE0A05d10C068F3","webApi":{"enabled":true,"listenAddr":"0.0.0.0:8080"}}` | Values for Ghost | | ghost.affinity | object | `{}` | pod Affinity spec applied validator | | ghost.argsOverride | list | `[]` | args override for the validator | | ghost.chainId | int | `1` | chain id for the "target" or "main" chain we use for the validator. Can be mainnet ethereum `1` or sepolia ethereum `11155111` | @@ -27,7 +27,7 @@ A Helm chart for deploying Chronicle Validator on Kubernetes | ghost.env.normal | object | `{}` | un-encrypted env vars passed to the pod | | ghost.ethConfig | object | `{}` | Provide ETH keys from existing secrets : **NB** use only existing secret OR env vars, do not provide both | | ghost.fullnameOverride | string | `"ghost"` | Override the release name to so tor-proxy can work with the default config. NB only change this if you know what you are doing | -| ghost.image.tag | string | `"0.57.3@sha256:cc50f2eb8092dce67584f334cc73ce750a8ede0ca970dd759679df7b40501ee5"` | Overrides the image tag whose default is the chart appVersion. | +| ghost.image.tag | string | `"0.58.0@sha256:35addbb175ffaf5f241445ae4e3acba84ed854e2b93501630bb1bbc8318eb0c2"` | Overrides the image tag whose default is the chart appVersion. | | ghost.ingress | object | `{"annotations":{},"className":"","enabled":false,"hosts":[{"host":"chart-example.local","paths":[{"path":"/","pathType":"ImplementationSpecific","port":8000}]}],"tls":[]}` | Ingress for the validator - we should start using it maybe??? | | ghost.ingress.enabled | bool | `false` | Disabled by default, since there WAS a bug in libp2p port assignment for dns based routing | | ghost.liveness | object | `{"enabled":true,"livenessProbe":{"httpGet":{"path":"/healthz","port":9100},"initialDelaySeconds":30,"periodSeconds":60}}` | Liveness probe : restart the validator if the healthcheck endpoint is not reachable | diff --git a/charts/validator/values.yaml b/charts/validator/values.yaml index 2eadf090..e1a46b54 100644 --- a/charts/validator/values.yaml +++ b/charts/validator/values.yaml @@ -10,7 +10,7 @@ ghost: repository: ghcr.io/chronicleprotocol/ghost pullPolicy: Always # -- Overrides the image tag whose default is the chart appVersion. - tag: "0.57.3@sha256:cc50f2eb8092dce67584f334cc73ce750a8ede0ca970dd759679df7b40501ee5" + tag: "0.58.0@sha256:35addbb175ffaf5f241445ae4e3acba84ed854e2b93501630bb1bbc8318eb0c2" # -- Log level for the validator, can be one of `debug`, `info`, `warning`, `error` logLevel: info From ce8e55a7eee2a874d1fe46da9133cc013b48a436 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Zaremba?= Date: Fri, 2 May 2025 21:10:01 +0200 Subject: [PATCH 21/28] update health check paths in values.yaml --- charts/validator/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/validator/values.yaml b/charts/validator/values.yaml index e1a46b54..19a26461 100644 --- a/charts/validator/values.yaml +++ b/charts/validator/values.yaml @@ -158,7 +158,7 @@ ghost: enabled: true livenessProbe: httpGet: - path: /healthz # will be changed to /livez + path: /healthz # will be changed to /livez port: 9100 initialDelaySeconds: 30 periodSeconds: 60 @@ -168,7 +168,7 @@ ghost: enabled: true readinessProbe: httpGet: - path: /healthz # will be changed to /readyz + path: /healthz # will be changed to /readyz port: 9100 initialDelaySeconds: 30 periodSeconds: 60 From 6af1fc52884e7ed151177b62d6a97fcaa54ca0c3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Zaremba?= Date: Fri, 2 May 2025 21:12:53 +0200 Subject: [PATCH 22/28] bump chart version to 0.4.0 in Chart.yaml and update version badge in README --- charts/validator/Chart.yaml | 2 +- charts/validator/README.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/validator/Chart.yaml b/charts/validator/Chart.yaml index cae8d39c..19fbaf4f 100644 --- a/charts/validator/Chart.yaml +++ b/charts/validator/Chart.yaml @@ -22,7 +22,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.3.27 +version: 0.4.0 # This is the version number of the application being deployed. This version number should be diff --git a/charts/validator/README.md b/charts/validator/README.md index 54e34b88..c9a85931 100644 --- a/charts/validator/README.md +++ b/charts/validator/README.md @@ -1,6 +1,6 @@ # validator -![Version: 0.3.27](https://img.shields.io/badge/Version-0.3.27-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.58.0](https://img.shields.io/badge/AppVersion-0.58.0-informational?style=flat-square) +![Version: 0.4.0](https://img.shields.io/badge/Version-0.4.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.58.0](https://img.shields.io/badge/AppVersion-0.58.0-informational?style=flat-square) A Helm chart for deploying Chronicle Validator on Kubernetes From 065df59113c3124a5056da819b056d1337f4c8a5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Zaremba?= Date: Mon, 5 May 2025 15:31:43 +0200 Subject: [PATCH 23/28] bump chart version to 0.4.0-pre.1 in Chart.yaml --- charts/validator/Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/validator/Chart.yaml b/charts/validator/Chart.yaml index 19fbaf4f..9d89bea4 100644 --- a/charts/validator/Chart.yaml +++ b/charts/validator/Chart.yaml @@ -22,7 +22,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.4.0 +version: 0.4.0-pre.1 # This is the version number of the application being deployed. This version number should be From 864ca6ae914385f7637656d6dc7dca37a30431df Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Zaremba?= Date: Tue, 6 May 2025 13:29:37 +0200 Subject: [PATCH 24/28] update deployment and values files to use chainRpcUrl instead of rpcUrl --- charts/validator/templates/deployment.yaml | 5 ++++- charts/validator/values.yaml | 4 +++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/charts/validator/templates/deployment.yaml b/charts/validator/templates/deployment.yaml index 0d043620..b7e0aeaf 100644 --- a/charts/validator/templates/deployment.yaml +++ b/charts/validator/templates/deployment.yaml @@ -130,7 +130,10 @@ spec: value: {{ .Values.ghost.chainName | default "eth" | quote }} - name: CFG_CHAIN_ID value: {{ .Values.ghost.chainId | default "1" | quote }} - {{- if .Values.ghost.rpcUrl }} + {{- if .Values.ghost.chainRpcUrl }} + - name: CFG_CHAIN_RPC_URLS + value: {{ .Values.ghost.chainRpcUrl | quote }} + {{- else if .Values.ghost.rpcUrl }} - name: CFG_CHAIN_RPC_URLS value: {{ .Values.ghost.rpcUrl | quote }} {{- end }} diff --git a/charts/validator/values.yaml b/charts/validator/values.yaml index 19a26461..f45a6600 100644 --- a/charts/validator/values.yaml +++ b/charts/validator/values.yaml @@ -23,10 +23,12 @@ ghost: chainId: 1 # -- chain tx type for the "target" or "main" chain we use for the validator. Can be mainnet ethereum `eip1559` or `legacy` chainTxType: eip1559 - # -- RPC url for the "target" or "main" chain we use for the validator. Can be mainnet ethereum or sepolia ethereum + chainRpcUrl: null + # Deprecated: use `chainRpcUrl` instead rpcUrl: null + # -- WATCHDOG onchain config address watchdogConfigReg: "0x94Fea534aef6df5cF66C2DAE5CE0A05d10C068F3" # -- WATCHDOG polling interval (in seconds) From 7fde3a3b87e5c8688a4d6b7ba4de08cec3731620 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Zaremba?= Date: Tue, 6 May 2025 13:36:14 +0200 Subject: [PATCH 25/28] bump ghost image tag to 0.58.1 --- charts/validator/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/validator/values.yaml b/charts/validator/values.yaml index f45a6600..eae77384 100644 --- a/charts/validator/values.yaml +++ b/charts/validator/values.yaml @@ -10,7 +10,7 @@ ghost: repository: ghcr.io/chronicleprotocol/ghost pullPolicy: Always # -- Overrides the image tag whose default is the chart appVersion. - tag: "0.58.0@sha256:35addbb175ffaf5f241445ae4e3acba84ed854e2b93501630bb1bbc8318eb0c2" + tag: "0.58.1@sha256:af00d26b85c603960b8a11c3b6500f0993eef3d86d1afea7114fe272cb577474" # -- Log level for the validator, can be one of `debug`, `info`, `warning`, `error` logLevel: info From ee7ec8502eec0dcc4f68d0f5d5d4a2c740b2d4d7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Zaremba?= Date: Tue, 6 May 2025 13:42:44 +0200 Subject: [PATCH 26/28] update health check paths comments in values.yaml --- charts/validator/values.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/charts/validator/values.yaml b/charts/validator/values.yaml index eae77384..cb0c33d5 100644 --- a/charts/validator/values.yaml +++ b/charts/validator/values.yaml @@ -160,7 +160,8 @@ ghost: enabled: true livenessProbe: httpGet: - path: /healthz # will be changed to /livez + # will be changed to /livez + path: /healthz port: 9100 initialDelaySeconds: 30 periodSeconds: 60 @@ -170,7 +171,8 @@ ghost: enabled: true readinessProbe: httpGet: - path: /healthz # will be changed to /readyz + # will be changed to /readyz + path: /healthz port: 9100 initialDelaySeconds: 30 periodSeconds: 60 From 109dd866f94cbf363a6fc1bef4775d71be1f325b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Zaremba?= Date: Tue, 6 May 2025 15:13:06 +0200 Subject: [PATCH 27/28] update liveness probe path and description to use "healthz" --- charts/validator/crds/tor-controller.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/validator/crds/tor-controller.yaml b/charts/validator/crds/tor-controller.yaml index d73d4b81..3ce36cdc 100644 --- a/charts/validator/crds/tor-controller.yaml +++ b/charts/validator/crds/tor-controller.yaml @@ -12873,7 +12873,7 @@ spec: description: HealthProbeBindAddress is the TCP address that the controller should bind to for serving health probes type: string livenessEndpointName: - description: LivenessEndpointName, defaults to "livez" + description: LivenessEndpointName, defaults to "healthz" type: string readinessEndpointName: description: ReadinessEndpointName, defaults to "readyz" @@ -17813,7 +17813,7 @@ spec: imagePullPolicy: Always livenessProbe: httpGet: - path: /livez + path: /healthz port: 8081 initialDelaySeconds: 15 periodSeconds: 20 From e3d31615db59a8aad1dc9fa45efecac3d5eae06c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Zaremba?= Date: Tue, 6 May 2025 15:14:12 +0200 Subject: [PATCH 28/28] update liveness probe path and description to use "healthz" --- charts/validator/values.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/validator/values.yaml b/charts/validator/values.yaml index cb0c33d5..287cee38 100644 --- a/charts/validator/values.yaml +++ b/charts/validator/values.yaml @@ -136,7 +136,7 @@ ghost: annotations: {} # external-dns.alpha.kubernetes.io/hostname: DOMAIN_NAME - # -- Ingress for the validator - we should start using it maybe??? + # -- Ingress for the validator (Do not enable ingress, as libp2p does not support path based routing yet) ingress: # -- Disabled by default, since there WAS a bug in libp2p port assignment for dns based routing enabled: false