From c6fb3a7b61d29955c541e5567cae8421c407a996 Mon Sep 17 00:00:00 2001 From: Jeffrey Tang Date: Wed, 8 Jan 2025 09:50:39 -0600 Subject: [PATCH] save Signed-off-by: Jeffrey Tang --- .github/workflows/flow-gcs-test.yaml | 6 ++++++ .github/workflows/script/gcs_test.sh | 9 ++++++++- src/commands/flags.ts | 12 ++++++++++++ src/commands/network.ts | 25 ++++++------------------- src/core/constants.ts | 1 - src/core/profile_manager.ts | 1 + 6 files changed, 33 insertions(+), 21 deletions(-) diff --git a/.github/workflows/flow-gcs-test.yaml b/.github/workflows/flow-gcs-test.yaml index 425e24e97..194cea5e9 100644 --- a/.github/workflows/flow-gcs-test.yaml +++ b/.github/workflows/flow-gcs-test.yaml @@ -62,6 +62,11 @@ jobs: github_token: ${{ secrets.GITHUB_TOKEN }} job_name: "gcs-storage-test (${{ matrix.storageType }})" + - name: Save secret to file + run: | + echo "${{ secrets.GCP_SERVICE_ACCOUNT_TOKEN }}" > google_service.txt + cat google_service.txt + - name: Create GCS bucket # create a new bucket and use job runner id as prefix run: | @@ -105,6 +110,7 @@ jobs: GCS_SECRET_KEY: ${{ secrets.GCP_S3_SECRET_KEY }} BUCKET_NAME: ${{ env.BUCKET_NAME }} STORAGE_TYPE: ${{ matrix.storageType }} + GCP_SERVICE_ACCOUNT_FILE: google_service.txt run: | .github/workflows/script/gcs_test.sh diff --git a/.github/workflows/script/gcs_test.sh b/.github/workflows/script/gcs_test.sh index 6b336cfd2..2b8f83fa1 100755 --- a/.github/workflows/script/gcs_test.sh +++ b/.github/workflows/script/gcs_test.sh @@ -31,6 +31,12 @@ else storageType=${STORAGE_TYPE} fi +if [ -z "${GCP_SERVICE_ACCOUNT_FILE}" ]; then + googleServiceAccountFile="sa.json" +else + googleServiceAccountFile=${GCP_SERVICE_ACCOUNT_FILE} +fi + echo "Using bucket name: ${streamBucket}" echo "Test storage type: ${storageType}" @@ -48,7 +54,8 @@ npm run solo-test -- network deploy -i node1 -n "${SOLO_NAMESPACE}" \ --storage-endpoint "https://storage.googleapis.com" \ --storage-access-key "${GCS_ACCESS_KEY}" --storage-secrets "${GCS_SECRET_KEY}" \ --storage-type "${storageType}" --storage-bucket "${streamBucket}" \ - --backup-bucket "${streamBackupBucket}" + --backup-bucket "${streamBackupBucket}" \ + --google-credential-path ${googleServiceAccountFile} npm run solo-test -- node setup -i node1 -n "${SOLO_NAMESPACE}" npm run solo-test -- node start -i node1 -n "${SOLO_NAMESPACE}" diff --git a/src/commands/flags.ts b/src/commands/flags.ts index 1d19e9711..1d8f05ce4 100644 --- a/src/commands/flags.ts +++ b/src/commands/flags.ts @@ -1686,6 +1686,17 @@ export class Flags { prompt: undefined, }; + static readonly googleCredentialPath: CommandFlag = { + constName: 'googleCredentialPath', + name: 'google-credential-path', + definition: { + defaultValue: '', + describe: 'path of google service account credential file', + type: 'string', + }, + prompt: undefined, + }; + static readonly allFlags: CommandFlag[] = [ Flags.accountId, Flags.amount, @@ -1769,6 +1780,7 @@ export class Flags { Flags.storageEndpoint, Flags.storageBucket, Flags.backupBucket, + Flags.googleCredentialPath, Flags.tlsClusterIssuerType, Flags.tlsPrivateKey, Flags.tlsPublicKey, diff --git a/src/commands/network.ts b/src/commands/network.ts index 3399ab283..101d27247 100644 --- a/src/commands/network.ts +++ b/src/commands/network.ts @@ -78,6 +78,7 @@ export interface NetworkDeployConfigClass { storageEndpoint: string; storageBucket: string; backupBucket: string; + googleCredentialPath: string; } export class NetworkCommand extends BaseCommand { @@ -145,7 +146,8 @@ export class NetworkCommand extends BaseCommand { flags.storageSecrets, flags.storageEndpoint, flags.storageBucket, - flags.backupBucket, + flags.backupBucket, + flags.googleCredentialPath, ]; } @@ -209,20 +211,6 @@ export class NetworkCommand extends BaseCommand { `failed to create Kubernetes secret for storage credentials of type '${config.storageType}'`, ); } - - const isBackupSecretCreated = await this.k8.createSecret( - constants.BACKUP_SECRET_NAME, - namespace, - 'Opaque', - cloudData, - undefined, - true, - ); - if (!isBackupSecretCreated) { - throw new SoloError( - `failed to create Kubernetes secret for backup credentials of type '${config.storageType}'`, - ); - } } catch (e: Error | any) { const errorMessage = 'failed to create Kubernetes storage secret '; this.logger.error(errorMessage, e); @@ -249,6 +237,7 @@ export class NetworkCommand extends BaseCommand { storageEndpoint: string; storageBucket: string; backupBucket: string; + googleCredentialPath: string; }) { let valuesArg = config.chartDirectory ? `-f ${path.join(config.chartDirectory, 'solo-deployment', 'values.yaml')}` @@ -297,10 +286,8 @@ export class NetworkCommand extends BaseCommand { valuesArg += ` --set minio-server.tenant.buckets[0].name=${config.storageBucket}`; } - if (config.backupBucket) { - // valuesArg += ` --set cloud.buckets.backupBucket=${config.backupBucket}`; - // valuesArg += ` --set minio-server.tenant.buckets[1].name=${config.backupBucket}`; - + if (config.backupBucket && config.googleCredentialPath) { + valuesArg += ' --set defaults.sidecars.backupUploader.enabled=true'; valuesArg += ` --set defaults.sidecars.backupUploader.config.backupBucket=${config.backupBucket}`; } diff --git a/src/core/constants.ts b/src/core/constants.ts index 390a7ebf1..75d8c4ad8 100644 --- a/src/core/constants.ts +++ b/src/core/constants.ts @@ -205,7 +205,6 @@ export const IGNORED_NODE_ACCOUNT_ID = '0.0.0'; export const UPLOADER_SECRET_NAME = 'uploader-mirror-secrets'; export const MINIO_SECRET_NAME = 'minio-secrets'; -export const BACKUP_SECRET_NAME = 'backup-uploader-secrets'; export const enum StorageType { MINIO_ONLY = 'minio_only', diff --git a/src/core/profile_manager.ts b/src/core/profile_manager.ts index eaccf31b5..4421ce2a6 100644 --- a/src/core/profile_manager.ts +++ b/src/core/profile_manager.ts @@ -243,6 +243,7 @@ export class ProfileManager { } this._setFileContentsAsValue('hedera.configMaps.configTxt', configTxtPath, yamlRoot); + this._setFileContentsAsValue('hedera.configMaps.saJson', 'sa.json', yamlRoot); this._setFileContentsAsValue( 'hedera.configMaps.log4j2Xml', path.join(stagingDir, 'templates', 'log4j2.xml'),