save

Signed-off-by: Jeffrey Tang <[email protected]>
hashgraph · Jan 8, 2025 · c6fb3a7 · c6fb3a7
1 parent 1ad3d00
commit c6fb3a7
Show file tree

Hide file tree

Showing 6 changed files with 33 additions and 21 deletions.
diff --git a/.github/workflows/flow-gcs-test.yaml b/.github/workflows/flow-gcs-test.yaml
@@ -62,6 +62,11 @@ jobs:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           job_name: "gcs-storage-test (${{ matrix.storageType }})"
 
+      - name: Save secret to file
+        run: |
+          echo "${{ secrets.GCP_SERVICE_ACCOUNT_TOKEN }}" > google_service.txt
+          cat google_service.txt
+
       - name: Create GCS bucket
         # create a new bucket and use job runner id as prefix
         run: |
@@ -105,6 +110,7 @@ jobs:
           GCS_SECRET_KEY: ${{ secrets.GCP_S3_SECRET_KEY }}
           BUCKET_NAME: ${{ env.BUCKET_NAME }}
           STORAGE_TYPE: ${{ matrix.storageType }}
+          GCP_SERVICE_ACCOUNT_FILE: google_service.txt
         run: |
           .github/workflows/script/gcs_test.sh
 

diff --git a/.github/workflows/script/gcs_test.sh b/.github/workflows/script/gcs_test.sh
@@ -31,6 +31,12 @@ else
   storageType=${STORAGE_TYPE}
 fi
 
+if [ -z "${GCP_SERVICE_ACCOUNT_FILE}" ]; then
+  googleServiceAccountFile="sa.json"
+else
+  googleServiceAccountFile=${GCP_SERVICE_ACCOUNT_FILE}
+fi
+
 echo "Using bucket name: ${streamBucket}"
 echo "Test storage type: ${storageType}"
 
@@ -48,7 +54,8 @@ npm run solo-test -- network deploy -i node1 -n "${SOLO_NAMESPACE}" \
   --storage-endpoint "https://storage.googleapis.com" \
   --storage-access-key "${GCS_ACCESS_KEY}" --storage-secrets "${GCS_SECRET_KEY}" \
   --storage-type "${storageType}" --storage-bucket "${streamBucket}" \
-  --backup-bucket "${streamBackupBucket}"
+  --backup-bucket "${streamBackupBucket}" \
+  --google-credential-path ${googleServiceAccountFile}
 
 npm run solo-test -- node setup -i node1 -n "${SOLO_NAMESPACE}"
 npm run solo-test -- node start -i node1 -n "${SOLO_NAMESPACE}"

diff --git a/src/commands/flags.ts b/src/commands/flags.ts
@@ -1686,6 +1686,17 @@ export class Flags {
     prompt: undefined,
   };
 
+  static readonly googleCredentialPath: CommandFlag = {
+    constName: 'googleCredentialPath',
+    name: 'google-credential-path',
+    definition: {
+      defaultValue: '',
+      describe: 'path of google service account credential file',
+      type: 'string',
+    },
+    prompt: undefined,
+  };
+
   static readonly allFlags: CommandFlag[] = [
     Flags.accountId,
     Flags.amount,
@@ -1769,6 +1780,7 @@ export class Flags {
     Flags.storageEndpoint,
     Flags.storageBucket,
     Flags.backupBucket,
+    Flags.googleCredentialPath,
     Flags.tlsClusterIssuerType,
     Flags.tlsPrivateKey,
     Flags.tlsPublicKey,

diff --git a/src/commands/network.ts b/src/commands/network.ts
@@ -78,6 +78,7 @@ export interface NetworkDeployConfigClass {
   storageEndpoint: string;
   storageBucket: string;
   backupBucket: string;
+  googleCredentialPath: string;
 }
 
 export class NetworkCommand extends BaseCommand {
@@ -145,7 +146,8 @@ export class NetworkCommand extends BaseCommand {
       flags.storageSecrets,
       flags.storageEndpoint,
       flags.storageBucket,
-        flags.backupBucket,
+      flags.backupBucket,
+      flags.googleCredentialPath,
     ];
   }
 
@@ -209,20 +211,6 @@ export class NetworkCommand extends BaseCommand {
           `failed to create Kubernetes secret for storage credentials of type '${config.storageType}'`,
         );
       }
-
-      const isBackupSecretCreated = await this.k8.createSecret(
-        constants.BACKUP_SECRET_NAME,
-        namespace,
-        'Opaque',
-        cloudData,
-        undefined,
-        true,
-      );
-      if (!isBackupSecretCreated) {
-        throw new SoloError(
-          `failed to create Kubernetes secret for backup credentials of type '${config.storageType}'`,
-        );
-      }
     } catch (e: Error | any) {
       const errorMessage = 'failed to create Kubernetes storage secret ';
       this.logger.error(errorMessage, e);
@@ -249,6 +237,7 @@ export class NetworkCommand extends BaseCommand {
     storageEndpoint: string;
     storageBucket: string;
     backupBucket: string;
+    googleCredentialPath: string;
   }) {
     let valuesArg = config.chartDirectory
       ? `-f ${path.join(config.chartDirectory, 'solo-deployment', 'values.yaml')}`
@@ -297,10 +286,8 @@ export class NetworkCommand extends BaseCommand {
       valuesArg += ` --set minio-server.tenant.buckets[0].name=${config.storageBucket}`;
     }
 
-    if (config.backupBucket) {
-      // valuesArg += ` --set cloud.buckets.backupBucket=${config.backupBucket}`;
-      // valuesArg += ` --set minio-server.tenant.buckets[1].name=${config.backupBucket}`;
-
+    if (config.backupBucket && config.googleCredentialPath) {
+      valuesArg += ' --set defaults.sidecars.backupUploader.enabled=true';
       valuesArg += ` --set defaults.sidecars.backupUploader.config.backupBucket=${config.backupBucket}`;
     }
 

diff --git a/src/core/constants.ts b/src/core/constants.ts
@@ -205,7 +205,6 @@ export const IGNORED_NODE_ACCOUNT_ID = '0.0.0';
 
 export const UPLOADER_SECRET_NAME = 'uploader-mirror-secrets';
 export const MINIO_SECRET_NAME = 'minio-secrets';
-export const BACKUP_SECRET_NAME = 'backup-uploader-secrets';
 
 export const enum StorageType {
   MINIO_ONLY = 'minio_only',

diff --git a/src/core/profile_manager.ts b/src/core/profile_manager.ts
@@ -243,6 +243,7 @@ export class ProfileManager {
     }
 
     this._setFileContentsAsValue('hedera.configMaps.configTxt', configTxtPath, yamlRoot);
+    this._setFileContentsAsValue('hedera.configMaps.saJson', 'sa.json', yamlRoot);
     this._setFileContentsAsValue(
       'hedera.configMaps.log4j2Xml',
       path.join(stagingDir, 'templates', 'log4j2.xml'),