diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 6b8c2810..b2173d74 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -16,6 +16,7 @@ /charts/cert-manager/ @gehlotanish @Manjeet-Nethermind /charts/common/ @aivarasko @matilote /charts/dirk/ @aivarasko @matilote +/charts/dlcbtc-attestor/ @gehlotanish /charts/ethereum-node/ @gehlotanish @Manjeet-Nethermind /charts/execution-beacon/ @aivarasko @AntiD2ta @matilote /charts/external-dns/ @gehlotanish @Manjeet-Nethermind diff --git a/charts/dlcbtc-attestor/.helmignore b/charts/dlcbtc-attestor/.helmignore new file mode 100644 index 00000000..0e8a0eb3 --- /dev/null +++ b/charts/dlcbtc-attestor/.helmignore @@ -0,0 +1,23 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/charts/dlcbtc-attestor/Chart.yaml b/charts/dlcbtc-attestor/Chart.yaml new file mode 100644 index 00000000..513ae85f --- /dev/null +++ b/charts/dlcbtc-attestor/Chart.yaml @@ -0,0 +1,6 @@ +apiVersion: v2 +name: dlc-link-attestor +description: A Helm chart for Kubernetes +type: application +version: 0.1.0 +appVersion: "1.5.0" \ No newline at end of file diff --git a/charts/dlcbtc-attestor/README.md b/charts/dlcbtc-attestor/README.md new file mode 100644 index 00000000..8578bba3 --- /dev/null +++ b/charts/dlcbtc-attestor/README.md @@ -0,0 +1,66 @@ +# Helm Chart for DLC Attestor + +This Helm chart deploys the DLC Attestor application with customizable settings for replica count, image configuration, security, affinity, monitoring, and more. The deployment supports various blockchain networks for attestation purposes. + +## Values Configuration + +### Global Values + +| Parameter | Description | Default | +|-------------------------|------------------------------------------------------|-------------------------------------------------| +| `global.replicaCount` | Number of replicas to deploy | `1` | +| `global.image.repository` | Container image repository | `public.ecr.aws/dlc-link/dlc-attestor` | +| `global.image.tag` | Container image tag | `v1.5.4-testnet` | +| `global.image.imagePullPolicy` | Image pull policy | `IfNotPresent` | +| `global.externalSecrets.enabled` | Enable external secrets integration | `true` | +| `global.externalSecrets.secretStoreRef` | External secret store reference name | `secretStoreRef` | +| `global.serviceAccount.create` | Create a service account | `false` | +| `global.imagePullSecrets` | Secrets to use for pulling images | `artifactory-general-secret` | +| `global.nodeSelector` | Node selector for pod assignment | `{k8s.scaleway.com/pool-name: workloads-pool-nl-ams-2, beta.kubernetes.io/instance-type: PLAY2-MICRO}` | +| `global.tolerations` | Tolerations for pod assignment | `{}` | +| `global.affinity` | Affinity rules for pod assignment | `{}` | +| `global.sessionAffinity.enabled` | Enable session affinity | `false` | +| `global.sessionAffinity.timeoutSeconds` | Session duration (in seconds) | `86400` | +| `global.healthProbe.consensus.livenessProbe` | Liveness probe configuration | `{}` | +| `global.healthProbe.consensus.readinessProbe` | Readiness probe configuration | `{}` | +| `global.service.svcHeadless` | Create headless service | `false` | +| `global.service.type` | Service type | `ClusterIP` | +| `global.service.externalTrafficPolicy` | External traffic policy | `Cluster` | +| `global.service.Ports` | Ports exposed by the service | See [Service Ports](#service-ports) | + +### ConfigMap Configuration + +The `configMap.config` section specifies key-value pairs for configuring the DLC attestor application. The configuration is templated and includes environment-specific variables like `ATTESTOR_NAME`, `BITCOIN_CORE_RPC_ENDPOINT`, and more. + +### Environment Variables + +Define container environment variables under the `env` section: + +| Name | Description | Example Value | +|--------------------------|---------------------------------------------------|-----------------------------------------------| +| `ATTESTOR_NAME` | Name of the attestor | `nethermind` | + +### Monitoring + +The `metrics` section allows configuring monitoring with Prometheus through a `ServiceMonitor`. + +| Parameter | Description | Default | +|-------------------------|------------------------------------------------------|-------------------------------------------------| +| `metrics.enabled` | Enable metrics scraping | `true` | +| `metrics.serviceMonitor.interval` | Scrape interval | `30s` | +| `metrics.serviceMonitor.honorLabels` | Whether to honor metric labels | `false` | + +### Service Ports + +The application exposes multiple service ports: + +| Port Name | Port Number | Protocol | +|--------------------------------|-------------|---------------| +| `ATTESTOR_BACKEND_PORT` | `8811` | `TCP` | +| `BLOCKCHAIN_INTERFACE_PORT` | `8801` | `TCP` | + +### Miscellaneous + +Additional Kubernetes objects can be specified using `extraObjects`. + +--- diff --git a/charts/dlcbtc-attestor/templates/_capabilities.tpl b/charts/dlcbtc-attestor/templates/_capabilities.tpl new file mode 100644 index 00000000..1b8c0117 --- /dev/null +++ b/charts/dlcbtc-attestor/templates/_capabilities.tpl @@ -0,0 +1,126 @@ +{{/* + ====== Return the target Kubernetes version ====== +*/}} +{{- define "common.capabilities.kubeVersion" -}} +{{- if .Values.global }} + {{- if .Values.global.kubeVersion }} + {{- .Values.global.kubeVersion -}} + {{- else }} + {{- default .Capabilities.KubeVersion.Version .Values.kubeVersion -}} + {{- end -}} +{{- else }} +{{- default .Capabilities.KubeVersion.Version .Values.kubeVersion -}} +{{- end -}} +{{- end -}} + +{{/* + ====== Return the appropriate apiVersion for poddisruptionbudget. ====== +*/}} +{{- define "common.capabilities.policy.apiVersion" -}} +{{- if semverCompare "<1.21-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "policy/v1beta1" -}} +{{- else -}} +{{- print "policy/v1" -}} +{{- end -}} +{{- end -}} + +{{/* + ====== Return the appropriate apiVersion for networkpolicy. ====== +*/}} +{{- define "common.capabilities.networkPolicy.apiVersion" -}} +{{- if semverCompare "<1.7-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "extensions/v1beta1" -}} +{{- else -}} +{{- print "networking.k8s.io/v1" -}} +{{- end -}} +{{- end -}} + +{{/* + ====== Return the appropriate apiVersion for cronjob. ====== +*/}} +{{- define "common.capabilities.cronjob.apiVersion" -}} +{{- if semverCompare "<1.21-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "batch/v1beta1" -}} +{{- else -}} +{{- print "batch/v1" -}} +{{- end -}} +{{- end -}} + +{{/* + ====== Return the appropriate apiVersion for deployment. ====== +*/}} +{{- define "common.capabilities.deployment.apiVersion" -}} +{{- if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "extensions/v1beta1" -}} +{{- else -}} +{{- print "apps/v1" -}} +{{- end -}} +{{- end -}} + +{{/* + ====== Return the appropriate apiVersion for statefulset.====== +*/}} +{{- define "common.capabilities.statefulset.apiVersion" -}} +{{- if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "apps/v1beta1" -}} +{{- else -}} +{{- print "apps/v1" -}} +{{- end -}} +{{- end -}} + +{{/* + ====== Return the appropriate apiVersion for ingress. ====== +*/}} +{{- define "common.capabilities.ingress.apiVersion" -}} +{{- if .Values.ingress -}} +{{- if .Values.ingress.apiVersion -}} +{{- .Values.ingress.apiVersion -}} +{{- else if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "extensions/v1beta1" -}} +{{- else if semverCompare "<1.19-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "networking.k8s.io/v1beta1" -}} +{{- else -}} +{{- print "networking.k8s.io/v1" -}} +{{- end }} +{{- else if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "extensions/v1beta1" -}} +{{- else if semverCompare "<1.19-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "networking.k8s.io/v1beta1" -}} +{{- else -}} +{{- print "networking.k8s.io/v1" -}} +{{- end -}} +{{- end -}} + +{{/* + ====== Return the appropriate apiVersion for RBAC resources. ====== +*/}} +{{- define "common.capabilities.rbac.apiVersion" -}} +{{- if semverCompare "<1.17-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "rbac.authorization.k8s.io/v1beta1" -}} +{{- else -}} +{{- print "rbac.authorization.k8s.io/v1" -}} +{{- end -}} +{{- end -}} + +{{/* + ====== Return the appropriate apiVersion for CRDs. ====== +*/}} +{{- define "common.capabilities.crd.apiVersion" -}} +{{- if semverCompare "<1.19-0" (include "common.capabilities.kubeVersion" .) -}} +{{- print "apiextensions.k8s.io/v1beta1" -}} +{{- else -}} +{{- print "apiextensions.k8s.io/v1" -}} +{{- end -}} +{{- end -}} + +{{/* +Returns true if the used Helm version is 3.3+. +A way to check the used Helm version was not introduced until version 3.3.0 with .Capabilities.HelmVersion, which contains an additional "{}}" structure. +This check is introduced as a regexMatch instead of {{ if .Capabilities.HelmVersion }} because checking for the key HelmVersion in <3.3 results in a "interface not found" error. +**To be removed when the catalog's minimun Helm version is 3.3** +*/}} +{{- define "common.capabilities.supportsHelmVersion" -}} +{{- if regexMatch "{(v[0-9])*[^}]*}}$" (.Capabilities | toString ) }} + {{- true -}} +{{- end -}} +{{- end -}} diff --git a/charts/dlcbtc-attestor/templates/_helpers.tpl b/charts/dlcbtc-attestor/templates/_helpers.tpl new file mode 100644 index 00000000..1ef1bfd6 --- /dev/null +++ b/charts/dlcbtc-attestor/templates/_helpers.tpl @@ -0,0 +1,79 @@ +{{/* + ====== Basic ====== +*/}} + +{{- define "dlcbtc.namespace" -}} +{{- default .Release.Namespace -}} +{{- end -}} + +{{- define "dlcbtc.release" -}} +{{- default .Release.Name -}} +{{- end -}} + +{{- define "dlcbtc.name" -}} +{{- printf "%s-%s" .Chart.Name .Release.Name | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{- define "dlcbtc.names.chartWithoutVersion" -}} +{{- printf "%s" .Chart.Name | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{- define "dlcbtc.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + +{{/* + ====== Labels ====== +*/}} + +{{- define "dlcbtc.metaLabels" -}} +app.kubernetes.io/name: {{ template "dlcbtc.name" . }} +helm.sh/chart: {{ include "dlcbtc.names.chartWithoutVersion" . }} +app.kubernetes.io/managed-by: "{{ .Release.Service }}" +{{- range $key, $value := .Values.global.extraLabels }} +{{ $key }}: {{ include "dlcbtc.renderTpl" (dict "value" $value "context" $) | quote }} +{{- end }} +{{- end -}} + +{{- define "dlcbtc.matchLabels" -}} +app.kubernetes.io/name: {{ template "dlcbtc.name" . }} +helm.sh/chart: {{ include "dlcbtc.names.chartWithoutVersion" . }} +app.kubernetes.io/managed-by: "{{ .Release.Service }}" +{{- range $key, $value := .Values.global.extraMatchLabels }} +{{ $key }}: {{ include "dlcbtc.renderTplMatchLables" (dict "value" $value "context" $) | quote }} +{{- end }} +{{- end -}} + +{{- define "dlcbtc.statefulset" -}} +app.kubernetes.io/name: {{ template "dlcbtc.name" . }} +helm.sh/chart: {{ include "dlcbtc.names.chartWithoutVersion" . }} +app.kubernetes.io/managed-by: "{{ .Release.Service }}" +{{- range $key, $value := .Values.global.extraLabels }} +{{ $key }}: {{ include "dlcbtc.renderTplStatefulset" (dict "value" $value "context" $) | quote }} +{{- end }} +{{- end -}} + +{{- define "dlcbtc.renderTpl" -}} + {{- if typeIs "string" .value }} +{{- tpl .value .context }} + {{- else }} +{{- tpl (.value | toYaml) .context }} + {{- end }} +{{- end -}} + +{{- define "dlcbtc.renderTplMatchLables" -}} + {{- if typeIs "string" .value }} +{{- tpl .value .context }} + {{- else }} +{{- tpl (.value | toYaml) .context }} + {{- end }} +{{- end -}} + +{{- define "dlcbtc.renderTplStatefulset" -}} + {{- if typeIs "string" .value }} +{{- tpl .value .context }} + {{- else }} +{{- tpl (.value | toYaml) .context }} + {{- end }} +{{- end -}} \ No newline at end of file diff --git a/charts/dlcbtc-attestor/templates/configmap.yaml b/charts/dlcbtc-attestor/templates/configmap.yaml new file mode 100644 index 00000000..1ec3b075 --- /dev/null +++ b/charts/dlcbtc-attestor/templates/configmap.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "dlcbtc.name" . }} + namespace: {{ template "dlcbtc.namespace" . }} + labels: + {{- include "dlcbtc.metaLabels" . | nindent 4 }} +data: + config.toml: | +{{ .Values.configMap.config | indent 4 }} \ No newline at end of file diff --git a/charts/dlcbtc-attestor/templates/deployment.yaml b/charts/dlcbtc-attestor/templates/deployment.yaml new file mode 100644 index 00000000..4d83efc5 --- /dev/null +++ b/charts/dlcbtc-attestor/templates/deployment.yaml @@ -0,0 +1,75 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "dlcbtc.name" . }} + namespace: {{ template "dlcbtc.namespace" . }} + labels: + {{- include "dlcbtc.metaLabels" . | nindent 4 }} +spec: + replicas: {{ .Values.global.replicaCount }} + podManagementPolicy: "Parallel" + selector: + matchLabels: + {{- include "dlcbtc.matchLabels" . | nindent 6 }} + serviceName: {{ include "dlcbtc.name" . }} + template: + metadata: + labels: + {{- include "dlcbtc.matchLabels" . | nindent 8 }} + spec: + {{- with (.Values.global.imagePullSecrets) }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.affinity }} + affinity: + {{ toYaml . | nindent 8 | trim }} + {{- end }} + {{- with .Values.global.tolerations }} + tolerations: + {{ toYaml . | nindent 8 | trim }} + {{- end }} + {{- with .Values.global.nodeSelector }} + nodeSelector: + {{ toYaml . | nindent 8 | trim }} + {{- end }} + securityContext: + {{- toYaml .Values.global.podSecurityContext | nindent 8 }} + serviceAccountName: {{ include "dlcbtc.name" . }} + containers: + - name: dlc-link-attestor + image: "{{ .Values.global.image.repository }}:{{ .Values.global.image.tag }}" + imagePullPolicy: {{ .Values.global.image.imagePullPolicy }} + ports: + {{- range $idx, $Port := .Values.global.service.Ports }} + - name: {{ $Port.name }} + containerPort: {{ $Port.port }} + protocol: {{ $Port.protocol }} + {{- end }} + volumeMounts: + - name: config-volume + mountPath: /app/attestor/config.toml + subPath: config.toml + {{- if .Values.global.externalSecrets.enabled }} + - name: external-secrets + mountPath: /external-secrets + readOnly: true + {{- end }} + env: {{- toYaml .Values.env | nindent 12 }} + {{- with .Values.global.healthProbe.consensus.livenessProbe }} + livenessProbe: + {{ toYaml . | nindent 12 | trim }} + {{- end}} + {{- with .Values.global.healthProbe.consensus.readinessProbe}} + readinessProbe: + {{ toYaml . | nindent 12 | trim }} + {{- end}} + volumes: + - name: config-volume + configMap: + name: {{ template "dlcbtc.name" . }} + {{- if .Values.global.externalSecrets.enabled }} + - name: external-secrets + secret: + secretName: eso-{{ include "dlcbtc.name" . }} + {{- end }} \ No newline at end of file diff --git a/charts/dlcbtc-attestor/templates/extraObjects.yaml b/charts/dlcbtc-attestor/templates/extraObjects.yaml new file mode 100644 index 00000000..5a23b5e7 --- /dev/null +++ b/charts/dlcbtc-attestor/templates/extraObjects.yaml @@ -0,0 +1,8 @@ +{{- range .Values.extraObjects }} +--- +{{- if kindIs "map" . }} +{{ tpl (toYaml .) $ }} +{{- else }} +{{ tpl . $ }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/charts/dlcbtc-attestor/templates/secret.yaml b/charts/dlcbtc-attestor/templates/secret.yaml new file mode 100644 index 00000000..1b63276a --- /dev/null +++ b/charts/dlcbtc-attestor/templates/secret.yaml @@ -0,0 +1,20 @@ +--- +{{- if .Values.global.externalSecrets.enabled }} +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: {{ template "dlcbtc.name" . }} + namespace: {{ template "dlcbtc.namespace" . }} + labels: + {{- include "dlcbtc.metaLabels" . | nindent 4 }} +spec: + refreshInterval: 10m + secretStoreRef: + name: {{ .Values.global.externalSecrets.secretStoreRef.name }} + kind: {{ .Values.global.externalSecrets.secretStoreRef.kind }} + target: + name: eso-{{ include "dlcbtc.name" . }} + creationPolicy: Owner + data: + {{- .Values.global.externalSecrets.data | toYaml | trim | nindent 2 }} +{{- end }} \ No newline at end of file diff --git a/charts/dlcbtc-attestor/templates/service.yaml b/charts/dlcbtc-attestor/templates/service.yaml new file mode 100644 index 00000000..b52f02c1 --- /dev/null +++ b/charts/dlcbtc-attestor/templates/service.yaml @@ -0,0 +1,31 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ template "dlcbtc.name" . }} + namespace: {{ template "dlcbtc.namespace" . }} + labels: + {{- include "dlcbtc.matchLabels" . | nindent 4 }} +spec: +{{- if .Values.global.sessionAffinity.enabled }} + sessionAffinity: ClientIP + sessionAffinityConfig: + clientIP: + timeoutSeconds: {{ .Values.global.sessionAffinity.timeoutSeconds }} +{{- end }} + type: {{ .Values.global.service.type }} # ClusterIP, NodePort, LoadBalancer, or ExternalName +{{- if .Values.global.service.externalTrafficPolicy }} + externalTrafficPolicy: {{ .Values.global.service.externalTrafficPolicy }} +{{- end }} +{{- if .Values.global.service.svcHeadless}} + clusterIP: None +{{- end }} + ports: + {{- range $idx, $Port := .Values.global.service.Ports }} + - name: {{ $Port.name }} + port: {{ $Port.port }} + targetPort: {{ $Port.name }} + protocol: {{ $Port.protocol }} + {{- end }} + selector: + {{- include "dlcbtc.matchLabels" . | nindent 4 }} \ No newline at end of file diff --git a/charts/dlcbtc-attestor/templates/serviceAccount.yaml b/charts/dlcbtc-attestor/templates/serviceAccount.yaml new file mode 100644 index 00000000..b786ea56 --- /dev/null +++ b/charts/dlcbtc-attestor/templates/serviceAccount.yaml @@ -0,0 +1,13 @@ +{{- if .Values.global.serviceAccount.create -}} +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ template "dlcbtc.name" . }} + namespace: {{ template "dlcbtc.namespace" . }} + labels: + {{- include "dlcbtc.matchLabels" . | nindent 4 }} + {{- with .Values.global.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/charts/dlcbtc-attestor/templates/serviceMonitor.yaml b/charts/dlcbtc-attestor/templates/serviceMonitor.yaml new file mode 100644 index 00000000..1b47fa04 --- /dev/null +++ b/charts/dlcbtc-attestor/templates/serviceMonitor.yaml @@ -0,0 +1,35 @@ +--- +{{- if .Values.metrics.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "dlcbtc.name" . }} + namespace: {{ template "dlcbtc.namespace" . }} + labels: + {{- include "dlcbtc.metaLabels" . | nindent 4 }} +spec: + endpoints: + - path: /metrics + port: ATTESTOR_BACKEND_PORT + {{- if .Values.metrics.serviceMonitor.interval }} + interval: {{ .Values.metrics.serviceMonitor.interval }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} + scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.honorLabels }} + honorLabels: {{ .Values.metrics.serviceMonitor.honorLabels }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.relabelings }} + relabelings: {{- toYaml .Values.metrics.serviceMonitor.relabelings | nindent 6 }} + {{- end }} + {{- if .Values.metrics.serviceMonitor.metricRelabelings }} + metricRelabelings: {{- toYaml .Values.metrics.serviceMonitor.metricRelabelings | nindent 6 }} + {{- end }} + namespaceSelector: + matchNames: + - {{ template "dlcbtc.namespace" . }} + selector: + matchLabels: + {{- include "dlcbtc.metaLabels" . | nindent 6 }} +{{- end }} \ No newline at end of file diff --git a/charts/dlcbtc-attestor/values.yaml b/charts/dlcbtc-attestor/values.yaml new file mode 100644 index 00000000..0481ea21 --- /dev/null +++ b/charts/dlcbtc-attestor/values.yaml @@ -0,0 +1,214 @@ +########## +# Global # +########## +global: + replicaCount: 1 + image: + imagePullPolicy: IfNotPresent + repository: public.ecr.aws/dlc-link/dlc-attestor + tag: v1.5.4-testnet + + externalSecrets: + enabled: false + secretStoreRef: + name: secretStoreRef + kind: SecretStore + data: [] + + # -- Service account + # ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ + # + serviceAccount: + create: false + annotations: {} + + # This section can be used to configure some extra labels that will be added to each Kubernetes object generated. + extraLabels: {} + extraMatchLabels: {} + + # -- Credentials to fetch images from private registry + # ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + # + imagePullSecrets: {} + + # -- Node labels for pod assignment + # ref: https://kubernetes.io/docs/user-guide/node-selection/ + # + nodeSelector: {} + + # -- Tolerations for pod assignment + # ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ + # + tolerations: {} + + # -- Affinity for pod assignment + # ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity + # + affinity: {} + ## Example: + ## affinity: + ## podAntiAffinity: + ## requiredDuringSchedulingIgnoredDuringExecution: + ## - labelSelector: + ## matchExpressions: + ## - key: app.kubernetes.io/name + ## operator: In + ## values: + ## - prysm + ## topologyKey: kubernetes.io/hostname + + # -- Pod Security Context + # ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ + # + podSecurityContext: {} + ## Example + # podSecurityContext: + # runAsNonRoot: true + # runAsUser: 10000 + # fsGroup: 10000 + + securityContext: {} + ## Example + # securityContext: + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 10000 + # capabilities: + # drop: + # - ALL + + sessionAffinity: + # -- Whether to enable session affinity or not + enabled: false + # -- The session duration in seconds + timeoutSeconds: 86400 + + healthProbe: + consensus: + livenessProbe: {} + # httpGet: + # path: /health + # port: 26657 + # scheme: HTTP + # initialDelaySeconds: 30 + # periodSeconds: 10 + # failureThreshold: 3 + readinessProbe: {} + # httpGet: + # path: /health + # port: 26657 + # scheme: HTTP + # initialDelaySeconds: 30 + # periodSeconds: 10 + # failureThreshold: 3 + + service: + svcHeadless: false + type: ClusterIP + externalTrafficPolicy: "Cluster" + Ports: + - name: ATTESTOR_BACKEND_PORT + port: 8811 + protocol: TCP + - name: BLOCKCHAIN_INTERFACE_PORT + port: 8801 + protocol: TCP + +############# +# dlcBtc # +############# + +configMap: + config: | + name = "${ATTESTOR_NAME}" + ip = "127.0.0.1" + port = 8811 + bitcoincore_rpc_url = "${BITCOIN_CORE_RPC_ENDPOINT}" + bitcoincore_rpc_username = "${BITCOIN_CORE_RPC_USERNAME}" + bitcoincore_rpc_password = "${BITCOIN_CORE_RPC_PASSWORD}" + periodic_check_interval_seconds = 120 + required_btc_confirmations = 6 + num_recent_events_to_sync = 10 + blockchain_interface_port = 8801 + evm_deployment_environment = "testnet" + + [db] + database_url = "${DATABASE_URL}" + migration = true + max_connections = 5 + + [[chains]] + network = "arbsepolia" + chain_type = "evm" + endpoint = "${ARB_SEP_ENDPOINT}" + private_key = "${EVM_PRIVATE_KEY}" + api_key = "${INFURA_API_KEY}" + + [[chains]] + network = "basesepolia" + chain_type = "evm" + endpoint = "${BASE_SEP_ENDPOINT}" + private_key = "${EVM_PRIVATE_KEY}" + api_key = "${INFURA_API_KEY}" + + [[chains]] + network = "sepolia" + chain_type = "evm" + endpoint = "${SEPOLIA_ENDPOINT}" + private_key = "${EVM_PRIVATE_KEY}" + api_key = "${INFURA_API_KEY}" + + [[chains]] + network = "xrpl-testnet" + chain_type = "ripple" + endpoint = "ws://54.159.133.135:6005" + private_key = "${XRPL_SEED}" + issuer_address = "ra3oyRVfy4yD4NJPrVcewvDtisZ3FhkcYL" + + [tss] + old_threshold = 4 + new_threshold = 5 + + participants = [ + { name = "attestor-1", domain = "https://testnet.dlc.link/attestor-1" }, + { name = "attestor-2", domain = "https://testnet.dlc.link/attestor-2" }, + { name = "attestor-3", domain = "https://testnet.dlc.link/attestor-3" }, + { name = "despread-1", domain = "https://attestor.testnet.dlc.despreadlabs.io" }, + { name = "HashKeyCloud-1", domain = "http://103.164.81.14:8811" }, + { name = "LinkPool-0", domain = "https://arb-sepolia-dlc-attestor-0.public.linkpool.io/jK245aUH8GvfgFp5fmUKdnTJLlS9nnAz" }, + { name = "stakin-testnet-1", domain = "http://dlc-testnet.stakin-nodes.com:8811" }, + { name = "nethermind", domain = "http://dlc.testnet.nethermind.dev" } + ] + coordinator = { name = "attestor-1", domain = "https://testnet.dlc.link/attestor-1" } + coordinator_pubkey = "0293fb8715a2c59fe60ee28b13e2e03677617742c7e2fcf52a27d58be7b35473cf" + +## Container ENV +env: + - name: ATTESTOR_NAME + value: "nethermind" + +# -- Monitoring +metrics: + enabled: true + serviceMonitor: + interval: 30s + # -- The timeout after which the scrape is ended + scrapeTimeout: "" + # -- Metrics RelabelConfigs to apply to samples before scraping. + relabelings: [] + # -- Metrics RelabelConfigs to apply to samples before ingestion. + metricRelabelings: [] + # -- Specify honorLabels parameter to add the scrape endpoint + honorLabels: false + +################# +# Miscellaneous # +################# + +extraObjects: [] +# - apiVersion: v1 +# kind: Secret +# metadata: +# name: '{{ include "generic-app.fullname" . }}' +# stringData: +# SOME_SECRET: "" \ No newline at end of file