diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml deleted file mode 100644 index fef28e09a..000000000 --- a/.github/workflows/release.yaml +++ /dev/null @@ -1,31 +0,0 @@ -name: Helm Charts - -on: - push: - branches: - - "!*" - tags: - - "v*" - -jobs: - release: - name: Release - runs-on: ubuntu-latest - steps: - - name: Set up Cloud SDK - uses: google-github-actions/setup-gcloud@v0 - with: - project_id: ${{ secrets.GCP_PROJECT_ID }} - service_account_key: ${{ secrets.GCLOUD_SERVICE_ACCOUNT_KEY }} - export_default_credentials: true - - name: Checkout - uses: actions/checkout@v2 - with: - fetch-depth: 2 - - name: Deploy Helm Charts - run: ./scripts/chart.sh - - uses: sarisia/actions-status-discord@v1 - if: always() - with: - webhook: ${{ secrets.DISCORD_WEBHOOK }} - title: "Release" diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 08d19605c..000000000 --- a/.gitignore +++ /dev/null @@ -1,9 +0,0 @@ -.idea - -# ignore fetched subcharts -**/charts/**/charts - -# ignore testing files -**/override.yaml - -.DS_Store diff --git a/charts/common/.helmignore b/charts/common/.helmignore deleted file mode 100644 index 0e8a0eb36..000000000 --- a/charts/common/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/charts/common/Chart.yaml b/charts/common/Chart.yaml deleted file mode 100644 index 3ba50b92c..000000000 --- a/charts/common/Chart.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: v2 -name: common -description: A Library Helm Chart for grouping common logic between stakewise charts. This chart is not deployable by itself. - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: library - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -# Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.0.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. Versions are not expected to -# follow Semantic Versioning. They should reflect the version the application is using. -# It is recommended to use it with quotes. -appVersion: "1.0.0" diff --git a/charts/common/templates/_capabilities.tpl b/charts/common/templates/_capabilities.tpl deleted file mode 100644 index b94212bbe..000000000 --- a/charts/common/templates/_capabilities.tpl +++ /dev/null @@ -1,128 +0,0 @@ -{{/* vim: set filetype=mustache: */}} - -{{/* -Return the target Kubernetes version -*/}} -{{- define "common.capabilities.kubeVersion" -}} -{{- if .Values.global }} - {{- if .Values.global.kubeVersion }} - {{- .Values.global.kubeVersion -}} - {{- else }} - {{- default .Capabilities.KubeVersion.Version .Values.kubeVersion -}} - {{- end -}} -{{- else }} -{{- default .Capabilities.KubeVersion.Version .Values.kubeVersion -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for poddisruptionbudget. -*/}} -{{- define "common.capabilities.policy.apiVersion" -}} -{{- if semverCompare "<1.21-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "policy/v1beta1" -}} -{{- else -}} -{{- print "policy/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for networkpolicy. -*/}} -{{- define "common.capabilities.networkPolicy.apiVersion" -}} -{{- if semverCompare "<1.7-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "extensions/v1beta1" -}} -{{- else -}} -{{- print "networking.k8s.io/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for cronjob. -*/}} -{{- define "common.capabilities.cronjob.apiVersion" -}} -{{- if semverCompare "<1.21-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "batch/v1beta1" -}} -{{- else -}} -{{- print "batch/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for deployment. -*/}} -{{- define "common.capabilities.deployment.apiVersion" -}} -{{- if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "extensions/v1beta1" -}} -{{- else -}} -{{- print "apps/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for statefulset. -*/}} -{{- define "common.capabilities.statefulset.apiVersion" -}} -{{- if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "apps/v1beta1" -}} -{{- else -}} -{{- print "apps/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for ingress. -*/}} -{{- define "common.capabilities.ingress.apiVersion" -}} -{{- if .Values.ingress -}} -{{- if .Values.ingress.apiVersion -}} -{{- .Values.ingress.apiVersion -}} -{{- else if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "extensions/v1beta1" -}} -{{- else if semverCompare "<1.19-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "networking.k8s.io/v1beta1" -}} -{{- else -}} -{{- print "networking.k8s.io/v1" -}} -{{- end }} -{{- else if semverCompare "<1.14-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "extensions/v1beta1" -}} -{{- else if semverCompare "<1.19-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "networking.k8s.io/v1beta1" -}} -{{- else -}} -{{- print "networking.k8s.io/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for RBAC resources. -*/}} -{{- define "common.capabilities.rbac.apiVersion" -}} -{{- if semverCompare "<1.17-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "rbac.authorization.k8s.io/v1beta1" -}} -{{- else -}} -{{- print "rbac.authorization.k8s.io/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Return the appropriate apiVersion for CRDs. -*/}} -{{- define "common.capabilities.crd.apiVersion" -}} -{{- if semverCompare "<1.19-0" (include "common.capabilities.kubeVersion" .) -}} -{{- print "apiextensions.k8s.io/v1beta1" -}} -{{- else -}} -{{- print "apiextensions.k8s.io/v1" -}} -{{- end -}} -{{- end -}} - -{{/* -Returns true if the used Helm version is 3.3+. -A way to check the used Helm version was not introduced until version 3.3.0 with .Capabilities.HelmVersion, which contains an additional "{}}" structure. -This check is introduced as a regexMatch instead of {{ if .Capabilities.HelmVersion }} because checking for the key HelmVersion in <3.3 results in a "interface not found" error. -**To be removed when the catalog's minimun Helm version is 3.3** -*/}} -{{- define "common.capabilities.supportsHelmVersion" -}} -{{- if regexMatch "{(v[0-9])*[^}]*}}$" (.Capabilities | toString ) }} - {{- true -}} -{{- end -}} -{{- end -}} diff --git a/charts/common/templates/_labels.tpl b/charts/common/templates/_labels.tpl deleted file mode 100644 index 04e211181..000000000 --- a/charts/common/templates/_labels.tpl +++ /dev/null @@ -1,34 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Kubernetes standard labels -*/}} -{{- define "common.labels.standard" -}} -app.kubernetes.io/name: {{ include "common.names.name" . }} -helm.sh/chart: {{ include "common.names.chart" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- if .Values.additionalLabels }} -{{- toYaml .Values.additionalLabels | nindent 0 }} -{{- end }} -{{- end -}} - -{{- define "common.labels.statefulset" -}} -app.kubernetes.io/name: {{ include "common.names.name" . }} -helm.sh/chart: {{ include "common.names.chartWithoutVersion" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- if .Values.additionalLabels }} -{{- toYaml .Values.additionalLabels | nindent 0 }} -{{- end }} -{{- end -}} - -{{/* -Labels to use on deploy.spec.selector.matchLabels and svc.spec.selector -*/}} -{{- define "common.labels.matchLabels" -}} -app.kubernetes.io/name: {{ include "common.names.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- if .Values.additionalLabels }} -{{- toYaml .Values.additionalLabels | nindent 0 }} -{{- end }} -{{- end -}} diff --git a/charts/common/templates/_names.tpl b/charts/common/templates/_names.tpl deleted file mode 100644 index 128e6b372..000000000 --- a/charts/common/templates/_names.tpl +++ /dev/null @@ -1,78 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "common.names.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "common.names.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{- define "common.names.chartWithoutVersion" -}} -{{- printf "%s" .Chart.Name | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "common.names.fullname" -}} -{{- if .Values.fullnameOverride -}} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- .Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create a default fully qualified dependency name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -Usage: -{{ include "common.names.dependency.fullname" (dict "chartName" "dependency-chart-name" "chartValues" .Values.dependency-chart "context" $) }} -*/}} -{{- define "common.names.dependency.fullname" -}} -{{- if .chartValues.fullnameOverride -}} -{{- .chartValues.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .chartName .chartValues.nameOverride -}} -{{- if contains $name .context.Release.Name -}} -{{- .context.Release.Name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s" .context.Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create the name of the service account to use -*/}} -{{- define "common.names.serviceAccountName" -}} -{{- if or .Values.global.serviceAccount.create .Values.serviceAccount.create }} -{{- default (include "common.names.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} - -{{/* -Create the name of the cluster role -*/}} -{{- define "common.names.clusterRoleName" -}} -{{- if or .Values.global.rbac.create .Values.rbac.create }} -{{- default (include "common.names.fullname" .) .Values.rbac.name }} -{{- else }} -{{- default "default" .Values.rbac.name }} -{{- end }} -{{- end }} diff --git a/charts/common/values.yaml b/charts/common/values.yaml deleted file mode 100644 index 3eb33ca75..000000000 --- a/charts/common/values.yaml +++ /dev/null @@ -1,5 +0,0 @@ -## stakewise/common -## It is required by CI/CD tools and processes. -## @skip exampleValue -## -exampleValue: common-chart \ No newline at end of file diff --git a/charts/execution-beacon/.helmignore b/charts/execution-beacon/.helmignore deleted file mode 100644 index 0e8a0eb36..000000000 --- a/charts/execution-beacon/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/charts/execution-beacon/Chart.lock b/charts/execution-beacon/Chart.lock deleted file mode 100644 index cf81c09bd..000000000 --- a/charts/execution-beacon/Chart.lock +++ /dev/null @@ -1,6 +0,0 @@ -dependencies: -- name: common - repository: file://../common - version: 1.0.0 -digest: sha256:07cebde439abe4ba19bb28e844b7419dab83c7f613886416aaf3ec08e8059144 -generated: "2023-01-11T16:47:14.095745+02:00" diff --git a/charts/execution-beacon/Chart.yaml b/charts/execution-beacon/Chart.yaml deleted file mode 100644 index a80aa323c..000000000 --- a/charts/execution-beacon/Chart.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v2 -name: execution-beacon -version: 0.0.1 -appVersion: 0.0.1 -kubeVersion: "^1.23.0-0" -description: Execution and Beacon -type: application -keywords: - - ethereum - - blockchain - - nethermind - - prysm - - p2p -home: https://www.ethereum.org/ - -dependencies: - - name: common - repository: file://../common - version: 1.0.0 diff --git a/charts/execution-beacon/templates/_helpers.yaml b/charts/execution-beacon/templates/_helpers.yaml deleted file mode 100644 index e57c452df..000000000 --- a/charts/execution-beacon/templates/_helpers.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{- define "execution.p2pPort" -}} -{{- printf "30303" -}} -{{- end -}} -{{- define "prysm.p2pPort" -}} -{{- printf "13000" -}} -{{- end -}} -{{- define "lighthouse.p2pPort" -}} -{{- printf "9000" -}} -{{- end -}} -{{- define "teku.p2pPort" -}} -{{- printf "9000" -}} -{{- end -}} -{{- define "nimbus.p2pPort" -}} -{{- printf "9000" -}} -{{- end -}} -{{- define "lodestar.p2pPort" -}} -{{- printf "9000" -}} -{{- end -}} - -{{- define "beacon.p2pPort" -}} -{{- $p2pPort := index (dict "lighthouse" (include "lighthouse.p2pPort" .) "teku" (include "teku.p2pPort" .) "prysm" (include "prysm.p2pPort" .) "nimbus" (include "nimbus.p2pPort" .) "lodestar" (include "lodestar.p2pPort" .)) .Values.beacon.client -}} -{{- if $p2pPort -}} -{{- $p2pPort -}} -{{- else -}} -{{- fail "Invalid beacon client specified" -}} -{{- end -}} -{{- end -}} \ No newline at end of file diff --git a/charts/execution-beacon/templates/clusterrole.yaml b/charts/execution-beacon/templates/clusterrole.yaml deleted file mode 100644 index 6d7136bd1..000000000 --- a/charts/execution-beacon/templates/clusterrole.yaml +++ /dev/null @@ -1,10 +0,0 @@ -{{- if or .Values.global.rbac.create .Values.rbac.create }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: {{ include "common.names.clusterRoleName" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} -rules: -{{- toYaml .Values.rbac.clusterRules | nindent 0 }} -{{- end }} diff --git a/charts/execution-beacon/templates/clusterrolebinding.yaml b/charts/execution-beacon/templates/clusterrolebinding.yaml deleted file mode 100644 index 87d636dac..000000000 --- a/charts/execution-beacon/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if or .Values.global.rbac.create .Values.rbac.create }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: {{ include "common.names.clusterRoleName" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ include "common.names.clusterRoleName" . }} -subjects: - - kind: ServiceAccount - name: {{ include "common.names.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} -{{- end }} diff --git a/charts/execution-beacon/templates/configmap.yaml b/charts/execution-beacon/templates/configmap.yaml deleted file mode 100644 index 775d3824e..000000000 --- a/charts/execution-beacon/templates/configmap.yaml +++ /dev/null @@ -1,38 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.names.fullname" . }}-init - labels: - {{- include "common.labels.standard" . | nindent 4 }} -data: - init.sh: | - #!/bin/sh -{{- if or (and .Values.execution.persistence.enabled .Values.execution.initChownData) (and .Values.beacon.persistence.enabled .Values.beacon.initChownData) }} - mkdir -p /data && chown -R {{ .Values.global.securityContext.runAsUser }}:{{ .Values.global.securityContext.runAsUser }} /data; -{{- end }} - echo "Namespace: ${POD_NAMESPACE} Pod: ${POD_NAME}"; -{{- if .Values.global.p2pNodePort.enabled }} - {{- if eq .Values.global.p2pNodePort.type "LoadBalancer" }} - until [ -n "$(kubectl -n ${POD_NAMESPACE} get svc/${POD_NAME} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')" ]; do echo "Waiting for load balancer to get an IP" && sleep 10; done; - export EXTERNAL_EXECUTION_PORT=$(kubectl -n ${POD_NAMESPACE} get services -l "client=execution,pod in (${POD_NAME}), type in (p2p)" -o jsonpath='{.items[0].spec.ports[0].nodePort}'); - export EXTERNAL_BEACON_PORT=$(kubectl -n ${POD_NAMESPACE} get services -l "client=beacon,pod in (${POD_NAME}), type in (p2p)" -o jsonpath='{.items[0].spec.ports[0].nodePort}'); - export EXTERNAL_IP=$(kubectl -n ${POD_NAMESPACE} get svc/${POD_NAME} -o jsonpath='{.status.loadBalancer.ingress[0].ip}'); - {{- else }} - export EXTERNAL_EXECUTION_PORT=$(kubectl get services -l "client=execution,pod in (${POD_NAME}), type in (p2p)" -o jsonpath='{.items[0].spec.ports[0].nodePort}'); - export EXTERNAL_BEACON_PORT=$(kubectl get services -l "client=beacon,pod in (${POD_NAME}), type in (p2p)" -o jsonpath='{.items[0].spec.ports[0].nodePort}'); - export EXTERNAL_IP=$(kubectl get nodes "${NODE_NAME}" -o jsonpath='{.status.addresses[?(@.type=="ExternalIP")].address}'); - {{- end }} - echo "EXTERNAL_EXECUTION_PORT=$EXTERNAL_EXECUTION_PORT" > /env/init-nodeport; - echo "EXTERNAL_BEACON_PORT=$EXTERNAL_BEACON_PORT" >> env/init-nodeport; - echo "EXTERNAL_IP=$EXTERNAL_IP" >> /env/init-nodeport; - cat /env/init-nodeport; - {{- if eq .Values.beacon.client "prysm" }} - touch /data/beacon/config.yaml; - echo "p2p-host-ip: $EXTERNAL_IP" > /data/beacon/config.yaml; - echo "p2p-tcp-port: $EXTERNAL_BEACON_PORT" >> /data/beacon/config.yaml; - echo "p2p-udp-port: $EXTERNAL_BEACON_PORT" >> /data/beacon/config.yaml; - echo "Updated Prysm config.yaml file at /data/beacon/config.yaml"; - {{- end }} - if [ -f "/data/beacon/config.yaml" ]; then echo "Beacon client config:" && cat "/data/beacon/config.yaml"; fi; -{{- end }} \ No newline at end of file diff --git a/charts/execution-beacon/templates/prometheusrules.yaml b/charts/execution-beacon/templates/prometheusrules.yaml deleted file mode 100644 index 77b880355..000000000 --- a/charts/execution-beacon/templates/prometheusrules.yaml +++ /dev/null @@ -1,153 +0,0 @@ -{{- if and (or .Values.execution.metrics.enabled .Values.beacon.metrics.enabled) - (or .Values.execution.metrics.prometheusRule.enabled .Values.beacon.metrics.prometheusRule.enabled) }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ include "common.names.fullname" . }}-execution - {{- if .Values.execution.metrics.prometheusRule.namespace }} - namespace: {{ .Values.execution.metrics.prometheusRule.namespace }} - {{- else }} - namespace: {{ .Release.Namespace | quote }} - {{- end }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.execution.metrics.prometheusRule.additionalLabels }} - {{- toYaml .Values.execution.metrics.prometheusRule.additionalLabels | nindent 4 }} - {{- end }} -spec: - groups: - {{- with .Values.execution.metrics.prometheusRule.rules }} - - name: {{ include "common.names.fullname" $ }} - rules: {{- tpl (toYaml .) $ | nindent 8 }} - {{- end }} - {{- if .Values.execution.metrics.prometheusRule.default }} - {{- if eq .Values.execution.client "geth" }} - - name: {{ include "common.names.fullname" $ }}-default - rules: - - alert: GethNodeDown - expr: up{job="{{ include "common.names.fullname" . }}"} == 0 - for: 5m - labels: - severity: critical - annotations: - summary: Geth Node {{ printf "{{ $labels.instance }}" }} down - description: Geth Node {{ printf "{{ $labels.instance }}" }} is down - {{- else if eq .Values.execution.client "nethermind" }} - - name: {{ include "common.names.fullname" $ }}-default - rules: - - alert: NethermindNodeDown - expr: up{job="{{ include "common.names.fullname" . }}"} == 0 - for: 5m - labels: - severity: critical - annotations: - summary: Nethermind Node {{ printf "{{ $labels.instance }}" }} down - description: Nethermind Node {{ printf "{{ $labels.instance }}" }} is down - {{- end }} - {{- end }} ---- -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ include "common.names.fullname" . }}-beacon - {{- if .Values.beacon.metrics.prometheusRule.namespace }} - namespace: {{ .Values.beacon.metrics.prometheusRule.namespace }} - {{- else }} - namespace: {{ .Release.Namespace | quote }} - {{- end }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.beacon.metrics.prometheusRule.additionalLabels }} - {{- toYaml .Values.beacon.metrics.prometheusRule.additionalLabels | nindent 4 }} - {{- end }} -spec: - groups: - {{- with .Values.beacon.metrics.prometheusRule.rules }} - - name: {{ include "common.names.fullname" $ }} - rules: {{- tpl (toYaml .) $ | nindent 8 }} - {{- end }} - {{- if .Values.beacon.metrics.prometheusRule.default }} - {{- if eq .Values.beacon.client "lighthouse" }} - - name: {{ include "common.names.fullname" $ }}-default - rules: - - alert: LighthouseBeaconNodeDown - expr: up{job='{{ include "common.names.fullname" . }}'} == 0 - for: 1m - labels: - severity: critical - annotations: - summary: Lighthouse beacon node is down - description: Check {{ printf "{{ $labels.pod }}" }} beacon node in namespace {{ printf "{{ $labels.namespace }}" }} - - alert: LighthouseBeaconNodeIsNotConnectedToEth1Node - expr: sync_eth1_connected{job='{{ include "common.names.fullname" . }}'} == 0 - for: 1m - labels: - severity: critical - annotations: - summary: Lighthouse beacon node is not connected to eth1 node - description: Check {{ printf "{{ $labels.pod }}" }} beacon node in namespace {{ printf "{{ $labels.namespace }}" }} - - alert: LighthouseBeaconNodeIsOutOfSync - expr: sync_eth2_synced{job='{{ include "common.names.fullname" . }}'} == 0 - for: 3m - labels: - severity: critical - annotations: - summary: Lighthouse beacon node is out of sync - description: Check {{ printf "{{ $labels.pod }}" }} beacon node in namespace {{ printf "{{ $labels.namespace }}" }} - {{- else if eq .Values.beacon.client "prysm" }} - - name: {{ include "common.names.fullname" $ }}-default - rules: - - alert: PrysmBeaconNodeDown - expr: up{job='{{ include "common.names.fullname" . }}'} == 0 - for: 1m - labels: - severity: critical - annotations: - summary: Prysm beacon node is down - description: Check {{ printf "{{ $labels.pod }}" }} beacon node in namespace {{ printf "{{ $labels.namespace }}" }} - - alert: Prysm50SlotsBehind - expr: beacon_clock_time_slot{job='{{ include "common.names.fullname" . }}'}-beacon_head_slot{job='{{ include "common.names.fullname" . }}'} > 50 - for: 2m - labels: - severity: critical - annotations: - summary: Prysm beacon node is out of sync - description: Check {{ printf "{{ $labels.pod }}" }} beacon node in namespace {{ printf "{{ $labels.namespace }}" }} - - alert: PrysmParticipationRateLessThen66Percent - expr: beacon_prev_epoch_target_gwei{job='{{ include "common.names.fullname" . }}'}/beacon_prev_epoch_active_gwei{job='{{ include "common.names.fullname" . }}'}*100 < 66 - for: 5m - labels: - severity: critical - annotations: - summary: Prysm beacon node participation rate less then 66% - description: Check {{ printf "{{ $labels.pod }}" }} beacon node in namespace {{ printf "{{ $labels.namespace }}" }} - - alert: PrysmBeaconNodeRestarted - expr: (time()-process_start_time_seconds{job='{{ include "common.names.fullname" . }}'})/3600 < 0.1 - for: 1m - labels: - severity: warning - annotations: - summary: Prysm beacon node was restarted - description: Check {{ printf "{{ $labels.pod }}" }} beacon node in namespace {{ printf "{{ $labels.namespace }}" }} - {{- else if eq .Values.beacon.client "teku" }} - - name: {{ include "common.names.fullname" $ }}-default - rules: - - alert: TekuBeaconNodeDown - expr: up{job='{{ include "common.names.fullname" . }}'} == 0 - for: 1m - labels: - severity: critical - annotations: - summary: Teku beacon node is down - description: Check {{ printf "{{ $labels.pod }}" }} beacon node in namespace {{ printf "{{ $labels.namespace }}" }} - - alert: Teku50SlotsBehind - expr: beacon_slot{job='{{ include "common.names.fullname" . }}'}-beacon_head_slot{job='{{ include "common.names.fullname" . }}'} > 50 - for: 2m - labels: - severity: critical - annotations: - summary: Teku beacon node is out of sync - description: Check {{ printf "{{ $labels.pod }}" }} beacon node in namespace {{ printf "{{ $labels.namespace }}" }} - {{- end }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/charts/execution-beacon/templates/role.yaml b/charts/execution-beacon/templates/role.yaml deleted file mode 100644 index dfbc0fe48..000000000 --- a/charts/execution-beacon/templates/role.yaml +++ /dev/null @@ -1,10 +0,0 @@ -{{- if or .Values.global.rbac.create .Values.rbac.create -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ include "common.names.fullname" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} -rules: -{{- toYaml .Values.rbac.rules | nindent 0 }} -{{- end }} diff --git a/charts/execution-beacon/templates/rolebinding.yaml b/charts/execution-beacon/templates/rolebinding.yaml deleted file mode 100644 index 1fdb617ba..000000000 --- a/charts/execution-beacon/templates/rolebinding.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- if or .Values.global.rbac.create .Values.rbac.create }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ include "common.names.serviceAccountName" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ include "common.names.serviceAccountName" . }} -subjects: - - kind: ServiceAccount - name: {{ include "common.names.serviceAccountName" . }} -{{- end }} diff --git a/charts/execution-beacon/templates/secret.yaml b/charts/execution-beacon/templates/secret.yaml deleted file mode 100644 index bd00d306b..000000000 --- a/charts/execution-beacon/templates/secret.yaml +++ /dev/null @@ -1,30 +0,0 @@ -{{- if .Values.global.JWTSecret }} -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.names.fullname" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} -type: Opaque -data: - jwtsecret: {{ .Values.global.JWTSecret | b64enc | quote }} -{{- end }} ---- -{{- if .Values.global.externalSecrets.enabled }} -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: eso-{{ include "common.names.fullname" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} -spec: - refreshInterval: 10m - secretStoreRef: - name: {{ .Values.global.externalSecrets.secretStoreRef.name }} - kind: {{ .Values.global.externalSecrets.secretStoreRef.kind }} - target: - name: eso-{{ include "common.names.fullname" . }} - creationPolicy: Owner - data: - {{- .Values.global.externalSecrets.data | toYaml | trim | nindent 2 }} -{{- end }} \ No newline at end of file diff --git a/charts/execution-beacon/templates/service-p2p.yaml b/charts/execution-beacon/templates/service-p2p.yaml deleted file mode 100644 index 0e02f11c5..000000000 --- a/charts/execution-beacon/templates/service-p2p.yaml +++ /dev/null @@ -1,79 +0,0 @@ -{{- if .Values.global.p2pNodePort.enabled -}} -{{- range $i, $e := until (int .Values.global.replicaCount) }} -{{- $portExecution := add $.Values.global.p2pNodePort.startAtExecution $i -}} -{{- $portBeacon := add $.Values.global.p2pNodePort.startAtBeacon $i -}} -{{- if hasKey $.Values.global.p2pNodePort.replicaToNodePort ($i | toString) -}} - {{ $portExecution = index $.Values.global.p2pNodePort.replicaToNodePort ($i | toString) }} - {{ $portBeacon = index $.Values.global.p2pNodePort.replicaToNodePort ($i | toString) }} -{{- end }} - ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.names.fullname" $ }}-execution-{{ $i }} - labels: - {{- include "common.labels.standard" $ | nindent 4 }} - pod: "{{ include "common.names.fullname" $ }}-{{ $i }}" - type: p2p - client: execution - {{- with $.Values.global.p2pNodePort.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - type: {{ $.Values.global.p2pNodePort.type }} - externalTrafficPolicy: Local - ports: - - name: p2p-tcp-exec - port: {{ include "execution.p2pPort" $ }} - protocol: TCP - targetPort: {{ $portExecution }} - nodePort: {{ $portExecution }} - {{- if eq $.Values.global.p2pNodePort.type "NodePort" }} - - name: p2p-udp-exec - port: {{ include "execution.p2pPort" $ }} - protocol: UDP - targetPort: {{ $portExecution }} - nodePort: {{ $portExecution }} - {{- end }} - selector: - {{- include "common.labels.matchLabels" $ | nindent 4 }} - statefulset.kubernetes.io/pod-name: "{{ include "common.names.fullname" $ }}-{{ $i }}" - ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.names.fullname" $ }}-beacon-{{ $i }} - labels: - {{- include "common.labels.standard" $ | nindent 4 }} - pod: "{{ include "common.names.fullname" $ }}-{{ $i }}" - type: p2p - client: beacon - {{- with $.Values.global.p2pNodePort.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - type: {{ $.Values.global.p2pNodePort.type }} - externalTrafficPolicy: Local - ports: - - name: p2p-tcp-beacon - port: {{ include "beacon.p2pPort" $ }} - protocol: TCP - targetPort: {{ $portBeacon }} - nodePort: {{ $portBeacon }} - {{- if eq $.Values.global.p2pNodePort.type "NodePort" }} - - name: p2p-udp-beacon - port: {{ include "beacon.p2pPort" $ }} - protocol: UDP - targetPort: {{ $portBeacon }} - nodePort: {{ $portBeacon }} - {{- end }} - selector: - {{- include "common.labels.matchLabels" $ | nindent 4 }} - statefulset.kubernetes.io/pod-name: "{{ include "common.names.fullname" $ }}-{{ $i }}" - -{{- end }} -{{- end }} diff --git a/charts/execution-beacon/templates/service.yaml b/charts/execution-beacon/templates/service.yaml deleted file mode 100644 index 29d0c4d24..000000000 --- a/charts/execution-beacon/templates/service.yaml +++ /dev/null @@ -1,74 +0,0 @@ ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.names.fullname" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} - pod: "{{ include "common.names.fullname" . }}" - type: api - execution: {{ .Values.execution.client }} - beacon: {{ .Values.beacon.client }} -{{- if and .Values.execution.metrics.enabled .Values.execution.metrics.svcAnnotations }} - annotations: - {{ toYaml .Values.execution.metrics.svcAnnotations | nindent 4 | trim }} -{{- else }} - annotations: - {{ toYaml .Values.beacon.metrics.svcAnnotations | nindent 4 | trim }} -{{- end }} -spec: -{{- if .Values.global.sessionAffinity.enabled }} - sessionAffinity: ClientIP - sessionAffinityConfig: - clientIP: - timeoutSeconds: {{ .Values.global.sessionAffinity.timeoutSeconds }} -{{- end }} - type: ClusterIP -{{- if .Values.global.service.svcHeadless }} - clusterIP: None -{{- end }} - ports: - {{- if .Values.execution.jsonrpc.enabled }} - - name: jsonrpc-exec - port: {{ .Values.execution.jsonrpc.http.port }} - targetPort: jsonrpc-exec - - port: {{ .Values.execution.jsonrpc.engine.port }} - targetPort: engine-exec - name: engine-exec - {{- end }} - {{- if eq .Values.execution.client "erigon" }} - - name: grpc-exec - protocol: TCP - port: {{ .Values.execution.jsonrpc.grpc.port }} - targetPort: grpc-exec - {{- end }} - {{- if .Values.execution.jsonrpc.websocket.enabled }} - - name: ws-exec - port: {{ .Values.execution.jsonrpc.websocket.port }} - targetPort: ws-exec - protocol: TCP - {{- end }} - {{- if .Values.execution.metrics.enabled }} - - name: metrics-exec - port: {{ .Values.execution.metrics.port }} - targetPort: metrics-exec - protocol: TCP - {{- end }} - {{- if and (eq .Values.execution.client "prysm") .Values.beacon.grpc.enabled }} - - name: {{ .Values.beacon.grpc.portName }}-beacon - port: {{ .Values.beacon.grpc.port }} - targetPort: {{ .Values.beacon.grpc.portName }} - {{- end }} - {{- if .Values.beacon.restApi.enabled }} - - name: http-beacon - port: {{ index .Values.beacon.restApi.portMap .Values.beacon.client }} - targetPort: http-beacon - {{- end }} - {{- if and .Values.global.metrics.enabled .Values.beacon.metrics.enabled }} - - name: metrics-beacon - port: {{ .Values.beacon.metrics.port }} - targetPort: metrics-beacon - {{- end }} - selector: - {{- include "common.labels.matchLabels" . | nindent 4 }} - diff --git a/charts/execution-beacon/templates/serviceaccount.yaml b/charts/execution-beacon/templates/serviceaccount.yaml deleted file mode 100644 index 749322716..000000000 --- a/charts/execution-beacon/templates/serviceaccount.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.global.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "common.names.serviceAccountName" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/execution-beacon/templates/servicemonitor.yaml b/charts/execution-beacon/templates/servicemonitor.yaml deleted file mode 100644 index 543c5d0bb..000000000 --- a/charts/execution-beacon/templates/servicemonitor.yaml +++ /dev/null @@ -1,86 +0,0 @@ -{{- if and (or .Values.execution.metrics.enabled .Values.beacon.metrics.enabled) - (or .Values.execution.metrics.serviceMonitor.enabled .Values.beacon.metrics.serviceMonitor.enabled) }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ template "common.names.fullname" . }}-execution - {{- if .Values.execution.metrics.serviceMonitor.namespace }} - namespace: {{ .Values.execution.metrics.serviceMonitor.namespace }} - {{- else }} - namespace: {{ .Release.Namespace | quote }} - {{- end }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.execution.metrics.serviceMonitor.additionalLabels }} - {{- toYaml .Values.execution.metrics.serviceMonitor.additionalLabels | nindent 4 }} - {{- end }} -spec: - endpoints: - - port: metrics-exec - {{- if eq .Values.execution.client "geth" }} - path: /debug/metrics/prometheus - {{- else }} - path: /metrics - {{- end }} - {{- if .Values.execution.metrics.serviceMonitor.interval }} - interval: {{ .Values.execution.metrics.serviceMonitor.interval }} - {{- end }} - {{- if .Values.execution.metrics.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.execution.metrics.serviceMonitor.scrapeTimeout }} - {{- end }} - {{- if .Values.execution.metrics.serviceMonitor.honorLabels }} - honorLabels: {{ .Values.execution.metrics.serviceMonitor.honorLabels }} - {{- end }} - {{- if .Values.execution.metrics.serviceMonitor.relabelings }} - relabelings: {{- toYaml .Values.execution.metrics.serviceMonitor.relabelings | nindent 6 }} - {{- end }} - {{- if .Values.execution.metrics.serviceMonitor.metricRelabelings }} - metricRelabelings: {{- toYaml .Values.execution.metrics.serviceMonitor.metricRelabelings | nindent 6 }} - {{- end }} - namespaceSelector: - matchNames: - - {{ .Release.Namespace }} - selector: - matchLabels: - {{- include "common.labels.matchLabels" . | nindent 6 }} ---- -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ template "common.names.fullname" . }}-beacon - {{- if .Values.beacon.metrics.serviceMonitor.namespace }} - namespace: {{ .Values.beacon.metrics.serviceMonitor.namespace }} - {{- else }} - namespace: {{ .Release.Namespace | quote }} - {{- end }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.beacon.metrics.serviceMonitor.additionalLabels }} - {{- toYaml .Values.beacon.metrics.serviceMonitor.additionalLabels | nindent 4 }} - {{- end }} -spec: - endpoints: - - port: metrics-beacon - path: /metrics - {{- if .Values.beacon.metrics.serviceMonitor.interval }} - interval: {{ .Values.beacon.metrics.serviceMonitor.interval }} - {{- end }} - {{- if .Values.beacon.metrics.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.beacon.metrics.serviceMonitor.scrapeTimeout }} - {{- end }} - {{- if .Values.beacon.metrics.serviceMonitor.honorLabels }} - honorLabels: {{ .Values.beacon.metrics.serviceMonitor.honorLabels }} - {{- end }} - {{- if .Values.beacon.metrics.serviceMonitor.relabelings }} - relabelings: {{- toYaml .Values.beacon.metrics.serviceMonitor.relabelings | nindent 6 }} - {{- end }} - {{- if .Values.beacon.metrics.serviceMonitor.metricRelabelings }} - metricRelabelings: {{- toYaml .Values.beacon.metrics.serviceMonitor.metricRelabelings | nindent 6 }} - {{- end }} - namespaceSelector: - matchNames: - - {{ .Release.Namespace }} - selector: - matchLabels: - {{- include "common.labels.matchLabels" . | nindent 6 }} -{{- end }} diff --git a/charts/execution-beacon/templates/statefulset.yaml b/charts/execution-beacon/templates/statefulset.yaml deleted file mode 100644 index 9e136db87..000000000 --- a/charts/execution-beacon/templates/statefulset.yaml +++ /dev/null @@ -1,778 +0,0 @@ ---- -apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }} -kind: StatefulSet -metadata: - name: {{ include "common.names.fullname" . }} - labels: - {{- include "common.labels.statefulset" . | nindent 4 }} -spec: - replicas: {{ .Values.global.replicaCount }} - podManagementPolicy: "Parallel" - selector: - matchLabels: - {{- include "common.labels.matchLabels" . | nindent 6 }} - serviceName: {{ include "common.names.fullname" . }} - template: - metadata: - labels: - {{- include "common.labels.matchLabels" . | nindent 8 }} - execution: {{ .Values.execution.client }} - beacon: {{ .Values.beacon.client }} - annotations: - checksum/configmap: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} - spec: - {{- with (concat .Values.global.imagePullSecrets .Values.global.imagePullSecrets) }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.global.affinity }} - affinity: - {{ toYaml . | nindent 8 | trim }} - {{- end }} - {{- with .Values.global.tolerations }} - tolerations: - {{ toYaml . | nindent 8 | trim }} - {{- end }} - {{- with .Values.global.nodeSelector }} - nodeSelector: - {{ toYaml . | nindent 8 | trim }} - {{- end }} - {{- with .Values.global.securityContext }} - securityContext: - {{ toYaml . | nindent 8 | trim }} - {{- end }} - {{- if .Values.global.terminationGracePeriodSeconds }} - terminationGracePeriodSeconds: {{ .Values.global.terminationGracePeriodSeconds }} - {{- end }} - serviceAccountName: {{ include "common.names.fullname" . }} - priorityClassName: {{ .Values.global.priorityClassName | quote }} - initContainers: - {{/* - Container used for initialising data directory and setting right values for ports and external_ip - */}} - - name: init - image: "{{ .Values.global.initImage.repository }}:{{ .Values.global.initImage.tag }}" - imagePullPolicy: {{ .Values.global.initImage.pullPolicy }} - securityContext: - runAsNonRoot: false - runAsUser: 0 - env: - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: NODE_NAME - valueFrom: - fieldRef: - fieldPath: spec.nodeName - command: ['/bin/sh', '/scripts/init.sh'] - volumeMounts: - - name: data-execution - mountPath: /data/execution - - name: data-beacon - mountPath: /data/beacon - - name: env-nodeport - mountPath: /env - - name: scripts-init - mountPath: /scripts - {{/* - Container used for initialising nimbus checkpoint sync - */}} - {{- if and (eq .Values.beacon.client "nimbus") .Values.beacon.checkPointSync.enabled }} - - name: init-nimbus - image: "{{ (pluck .Values.beacon.client .Values.global.image.beacon | first ).repository }}:{{ (pluck .Values.beacon.client .Values.global.image.beacon | first ).tag }}" - imagePullPolicy: {{ .Values.beacon.imagePullPolicy }} - command: - - sh - - -ac - - > - exec /home/user/nimbus-eth2/build/nimbus_beacon_node - trustedNodeSync - --backfill=false - --network={{ .Values.global.network }} - --data-dir=/data/beacon - --trusted-node-url={{ .Values.beacon.checkPointSync.url }} - volumeMounts: - - name: data-beacon - mountPath: /data/beacon - {{- end }} - containers: - {{/* - Container used for Execution clients: Nethermind, Geth, Besu, Erigon - */}} - - name: execution - image: "{{ (pluck .Values.execution.client .Values.global.image.execution | first ).repository }}:{{ (pluck .Values.execution.client .Values.global.image.execution | first ).tag }}" - imagePullPolicy: {{ .Values.global.image.imagePullPolicy }} - command: - - sh - - -ac - - > - {{- if .Values.global.p2pNodePort.enabled }} - . /env/init-nodeport; - {{- end }} - {{/* - Configuration for Nethermind execution client - */}} - {{- if eq .Values.execution.client "nethermind" }} - exec /nethermind/Nethermind.Runner - {{- if eq .Values.global.network "gnosis" }} - --config=xdai - {{- else }} - --config={{ .Values.global.network }} - {{- end }} - --datadir=/data/execution - {{- if .Values.execution.jsonrpc.enabled }} - --JsonRpc.Enabled={{ .Values.execution.jsonrpc.enabled }} - --JsonRpc.EnabledModules={{ .Values.execution.jsonrpc.namespaces.nethermind | join "," }} - --JsonRpc.Host={{ .Values.execution.jsonrpc.host }} - --JsonRpc.Port={{ .Values.execution.jsonrpc.http.port }} - {{- if .Values.execution.healthchecks.enabled }} - --HealthChecks.Enabled={{ .Values.execution.healthchecks.enabled }} - --HealthChecks.Slug={{ .Values.execution.healthchecks.slug }} - --HealthChecks.PollingInterval={{ .Values.execution.healthchecks.pollingInterval }} - --HealthChecks.LowStorageSpaceShutdownThreshold={{ .Values.execution.healthchecks.lowStorageSpaceShutdownThreshold }} - --HealthChecks.LowStorageSpaceWarningThreshold={{ .Values.execution.healthchecks.lowStorageSpaceWarningThreshold }} - {{- if .Values.execution.jsonrpc.websocket.enabled }} - --JsonRpc.WebSocketsPort={{ .Values.execution.jsonrpc.websocket.port }} - {{- end }} - {{- end }} - {{- end }} - {{- if or .Values.global.JWTSecret .Values.global.externalSecrets.enabled }} - {{- if .Values.global.externalSecrets.enabled }} - --JsonRpc.JwtSecretFile=/external-secrets/JWT_SECRET - {{- else }} - --JsonRpc.JwtSecretFile=/secret/jwtsecret - {{- end }} - --JsonRpc.EnginePort={{ .Values.execution.jsonrpc.engine.port }} - --JsonRpc.EngineHost={{ .Values.execution.jsonrpc.host }} - --JsonRpc.EngineEnabledModules={{ .Values.execution.jsonrpc.namespaces.nethermind | join "," }} - {{- end }} - {{- if and .Values.global.metrics.enabled .Values.execution.metrics.enabled }} - --Metrics.Enabled={{ .Values.execution.metrics.enabled }} - --Metrics.ExposePort={{ .Values.execution.metrics.port }} - --Metrics.NodeName=$POD_NAME - {{- end }} - --Network.MaxActivePeers={{ .Values.execution.targetPeers }} - {{- if .Values.global.p2pNodePort.enabled }} - --Network.ExternalIp=$EXTERNAL_IP - --Network.P2PPort=$EXTERNAL_EXECUTION_PORT - --Network.DiscoveryPort=$EXTERNAL_EXECUTION_PORT - {{- else }} - --Network.ExternalIp=$POD_IP - --Network.P2PPort={{ include "execution.p2pPort" . }} - --Network.DiscoveryPort={{ include "execution.p2pPort" . }} - {{- end }} - {{- if .Values.execution.terminalTotalDifficulty }} - --Merge.TerminalTotalDifficulty={{ .Values.execution.terminalTotalDifficulty }} - {{- end }} - {{/* - Configuration for Geth execution client - */}} - {{- else if eq .Values.execution.client "geth" }} - exec geth - --syncmode=snap - --datadir=/data/execution - --ethash.dagdir=/data/execution/.ethash - --ipcdisable - --{{ .Values.global.network }} - {{- if or .Values.global.JWTSecret .Values.global.externalSecrets.enabled }} - --authrpc.jwtsecret=/external-secrets/JWT_SECRET - {{- else }} - --authrpc.jwtsecret=/secret/jwtsecret - {{- end }} - --authrpc.addr={{ .Values.execution.jsonrpc.host }} - --authrpc.port={{ .Values.execution.jsonrpc.engine.port }} - --authrpc.vhosts={{ .Values.execution.jsonrpc.engine.hostAllowList | join "," }} - {{- if .Values.execution.jsonrpc.enabled }} - --http - --http.addr={{ .Values.execution.jsonrpc.host }} - --http.port={{ .Values.execution.jsonrpc.http.port }} - --http.corsdomain={{ .Values.execution.jsonrpc.http.corsOrigins | join "," }} - --http.vhosts={{ .Values.execution.jsonrpc.http.hostAllowList | join "," }} - --http.api={{ .Values.execution.jsonrpc.namespaces.geth | join "," }} - {{- if .Values.execution.jsonrpc.websocket.enabled }} - --ws - --ws.addr={{ .Values.execution.jsonrpc.host }} - --ws.port={{ .Values.execution.jsonrpc.websocket.port }} - --ws.origins={{ .Values.execution.jsonrpc.websocket.origins }} - --ws.api={{ .Values.execution.jsonrpc.namespaces.geth | join "," }} - {{- end }} - {{- end }} - --maxpeers={{ .Values.execution.targetPeers }} - {{- if .Values.global.p2pNodePort.enabled }} - --nat=extip:$EXTERNAL_IP - --port=$EXTERNAL_EXECUTION_PORT - {{- else }} - --nat=extip:$POD_IP - --port={{ include "execution.p2pPort" . }} - {{- end }} - {{- if .Values.execution.terminalTotalDifficulty }} - --override.geth.terminaltotaldifficulty={{ .Values.execution.terminalTotalDifficulty }} - {{- end }} - {{- if and .Values.global.metrics.enabled .Values.execution.metrics.enabled }} - --metrics - --metrics.port={{ .Values.execution.metrics.port }} - --metrics.addr={{ .Values.execution.metrics.host }} - {{- end }} - {{/* - Configuration for Besu execution client - */}} - {{- else if eq .Values.execution.client "besu" }} - exec /opt/besu/bin/besu - --network={{ .Values.global.network }} - --data-path=/data/execution - --sync-mode=X_SNAP - --p2p-enabled=true - {{- if or .Values.global.JWTSecret .Values.global.externalSecrets.enabled }} - --engine-jwt-secret=/external-secrets/JWT_SECRET - {{- else }} - --engine-jwt-secret=/secret/jwtsecret - {{- end }} - --engine-rpc-enabled=true - --engine-host-allowlist={{ .Values.execution.jsonrpc.engine.hostAllowList | join "," }} - --engine-rpc-port={{ .Values.execution.jsonrpc.engine.port | join "," }} - {{- if .Values.execution.jsonrpc.enabled }} - --rpc-http-enabled=true - --rpc-http-host={{ .Values.execution.jsonrpc.host }} - --rpc-http-port={{ .Values.execution.jsonrpc.http.port }} - --rpc-http-cors-origins={{ .Values.execution.jsonrpc.http.corsOrigins | join "," }} - --host-allowlist={{ .Values.execution.jsonrpc.http.hostAllowList | join "," }} - {{- end }} - {{- if and .Values.global.metrics.enabled .Values.execution.metrics.enabled }} - --metrics-enabled=true - --metrics.port={{ .Values.execution.metrics.port }} - --metrics.addr={{ .Values.execution.metrics.host }} - {{- end }} - {{/* - Configuration for Erigon execution client - */}} - {{- else if eq .Values.execution.client "erigon" }} - exec erigon - --datadir=/data/execution - --private.api.addr={{ .Values.execution.privateApiAddr }} - --chain={{ .Values.global.network }} - {{- if .Values.global.p2pNodePort.enabled }} - --nat=extip:$EXTERNAL_IP - --port=$EXTERNAL_EXECUTION_PORT - {{- else }} - --nat=extip:$POD_IP - --port={{ include "execution.p2pPort" . }} - {{- end }} - {{- if .Values.execution.terminalTotalDifficulty }} - --override.terminaltotaldifficulty={{ .Values.execution.terminalTotalDifficulty }} - {{- end }} - {{- if or .Values.global.JWTSecret .Values.global.externalSecrets.enabled }} - --authrpc.jwtsecret=/external-secrets/JWT_SECRET - {{- else }} - --authrpc.jwtsecret=/secret/jwtsecret - {{- end }} - --authrpc.addr={{ .Values.execution.jsonrpc.host }} - --authrpc.port={{ .Values.execution.jsonrpc.engine.port }} - --authrpc.vhosts={{ .Values.execution.jsonrpc.engine.hostAllowList | join "," }} - {{- if .Values.execution.jsonrpc.enabled }} - --http - --http.addr={{ .Values.execution.jsonrpc.host }} - --http.port={{ .Values.execution.jsonrpc.http.port }} - --http.corsdomain={{ .Values.execution.jsonrpc.http.corsOrigins | join "," }} - --http.vhosts={{ .Values.execution.jsonrpc.http.hostAllowList | join "," }} - --http.api={{ .Values.execution.jsonrpc.namespaces.erigon | join "," }} - {{- if .Values.execution.jsonrpc.websocket.enabled }} - --ws - {{- end }} - {{- end }} - {{- range .Values.extraFlags }} - {{ . }} - {{- end }} - {{- if .Values.global.metrics.enabled }} - --metrics - --metrics.addr={{ .Values.execution.metrics.host }} - --metrics.port={{ .Values.execution.metrics.port }} - {{- end }} - {{- end }} - {{- range .Values.execution.extraFlags }} - {{ . }} - {{- end }} - env: - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - {{- if .Values.execution.javaOpts.enabled }} - - name: BESU_OPTS - value: {{ .Values.execution.javaOpts.maxHeapSize }} - {{- end }} - ports: - {{- if eq .Values.execution.client "erigon" }} - - name: grpc-exec - protocol: TCP - containerPort: {{ .Values.execution.jsonrpc.grpc.port }} - {{- end }} - {{- if .Values.execution.jsonrpc.enabled }} - - name: engine-exec - containerPort: {{ .Values.execution.jsonrpc.engine.port }} - - name: jsonrpc-exec - containerPort: {{ .Values.execution.jsonrpc.http.port }} - {{- if .Values.execution.jsonrpc.websocket.enabled }} - - name: ws-exec - containerPort: {{ .Values.execution.jsonrpc.websocket.port }} - {{- end }} - {{- end }} - {{- if and .Values.global.metrics.enabled .Values.execution.metrics.enabled }} - - name: metrics-exec - containerPort: {{ .Values.execution.metrics.port }} - {{- end }} - {{- if .Values.global.p2pNodePort.enabled }} - - name: p2p-tcp-exec - containerPort: {{ include "execution.p2pPort" . }} - protocol: TCP - - name: p2p-udp-exec - containerPort: {{ include "execution.p2pPort" . }} - protocol: UDP - {{- end }} - volumeMounts: - - name: data-execution - mountPath: /data/execution - {{- if .Values.global.externalSecrets.enabled }} - - name: external-secrets - mountPath: /external-secrets - readOnly: true - {{- end }} - {{- if .Values.global.JWTSecret }} - - name: jwtsecret - mountPath: /secret - readOnly: true - {{- end }} - - name: env-nodeport - mountPath: /env - {{- with .Values.execution.resources }} - resources: - {{ toYaml . | nindent 12 | trim }} - {{- end }} - {{/* - Container used for Beacon clients: Prysm, Teku, Lighthouse, Nimbus, Lodestar - */}} - - name: beacon - image: "{{ (pluck .Values.beacon.client .Values.global.image.beacon | first ).repository }}:{{ (pluck .Values.beacon.client .Values.global.image.beacon | first ).tag }}" - imagePullPolicy: {{ .Values.global.image.imagePullPolicy }} - {{/* - Configuration for Prysm beacon client - */}} - {{- if eq .Values.beacon.client "prysm" }} - args: - - "--datadir=/data/beacon" - - "--execution-endpoint=http://localhost:{{ .Values.execution.jsonrpc.engine.port }}" - - "--{{ .Values.global.network }}" - {{- if .Values.beacon.restApi.enabled }} - - "--rpc-host={{ .Values.beacon.restApi.host }}" - - "--rpc-port={{ index .Values.beacon.restApi.portMap "prysm" }}" - {{- end }} - {{- if .Values.global.p2pNodePort.enabled }} - - "--config-file=/data/beacon/config.yaml" - {{- else }} - - "--p2p-host-ip=$(POD_IP)" - - "--p2p-tcp-port={{ include "beacon.p2pPort" . }}" - - "--p2p-udp-port={{ include "beacon.p2pPort" . }}" - {{- end }} - - "--p2p-max-peers={{ index .Values.beacon.targetPeersMap .Values.beacon.client }}" - - "--accept-terms-of-use" - {{- if .Values.global.externalSecrets.enabled }} - - "--jwt-secret=/external-secrets/JWT_SECRET" - {{- else }} - - "--jwt-secret=/secret/jwtsecret" - {{- end }} - {{- if .Values.beacon.builderEndpoint }} - - "--http-mev-relay={{ .Values.beacon.builderEndpoint }}" - {{- end }} - {{- if .Values.beacon.suggestedFeeRecipient }} - - "--suggested-fee-recipient={{ .Values.beacon.suggestedFeeRecipient }}" - {{- end }} - {{- if .Values.beacon.totalDifficultyOverride }} - - "--terminal-total-difficulty-override={{ .Values.beacon.totalDifficultyOverride }}" - {{- end }} - {{- if .Values.beacon.checkPointSync.enabled }} - - "--checkpoint-sync-url={{ .Values.beacon.checkPointSync.url }}" - - "--genesis-beacon-api-url={{ .Values.beacon.checkPointSync.url }}" - {{- end }} - {{- if and .Values.global.metrics.enabled .Values.beacon.metrics.enabled }} - - "--monitoring-port={{ .Values.beacon.metrics.port }}" - - "--monitoring-host={{ .Values.beacon.metrics.host }}" - {{- else }} - - "--disable-monitoring" - {{- end }} - {{- if .Values.beacon.grpc.enabled }} - - "--grpc-gateway-host={{ .Values.beacon.grpc.host }}" - - "--grpc-gateway-port={{ .Values.beacon.grpc.port }}" - {{- else }} - - "--disable-grpc-gateway" - {{- end }} - {{- range .Values.beacon.extraFlags }} - - {{ . | quote }} - {{- end }} - {{/* - Configuration for Teku beacon client - */}} - {{- else if eq .Values.beacon.client "teku" }} - command: - - sh - - -ac - - > - {{- if .Values.global.p2pNodePort.enabled }} - . /env/init-nodeport; - {{- end }} - exec /opt/teku/bin/teku - --network={{ .Values.global.network }} - --data-beacon-path=/data/beacon/teku - --data-path=/data/beacon - --data-storage-archive-frequency={{ .Values.beacon.dataStorageArchiveFrequency }} - --data-storage-mode={{ .Values.beacon.dataStorageMode }} - --data-storage-non-canonical-blocks-enabled={{ .Values.beacon.dataStorageNonCanonicalBlocksEnabled }} - --ee-endpoint=http://localhost:{{ .Values.execution.jsonrpc.engine.port }} - {{- if .Values.global.externalSecrets.enabled }} - --ee-jwt-secret-file=/external-secrets/JWT_SECRET - {{- else }} - --ee-jwt-secret-file=/secret/jwtsecret - {{- end }} - {{- if .Values.beacon.builderEndpoint }} - --builder-endpoint={{ .Values.beacon.builderEndpoint }} - {{- end }} - {{- if .Values.beacon.suggestedFeeRecipient }} - --validators-proposer-default-fee-recipient={{ .Values.beacon.suggestedFeeRecipient }} - {{- end }} - {{- if .Values.beacon.checkPointSync.enabled }} - --initial-state={{ .Values.beacon.checkPointSync.url }}/eth/v2/debug/beacon/states/finalized - {{- end }} - {{- if .Values.beacon.restApi.enabled }} - --rest-api-enabled={{ .Values.beacon.restApi.enabled }} - --rest-api-host-allowlist={{ .Values.beacon.restApi.hostAllowList | join "," }} - --rest-api-interface={{ .Values.beacon.restApi.host }} - --rest-api-port={{ index .Values.beacon.restApi.portMap "teku" }} - --rest-api-cors-origins={{ .Values.beacon.restApi.corsOrigins | join "," }} - {{- end }} - --p2p-enabled=true - --p2p-port={{ include "beacon.p2pPort" . }} - {{- if .Values.global.p2pNodePort.enabled }} - --p2p-advertised-port=$EXTERNAL_BEACON_PORT - --p2p-advertised-ip=$EXTERNAL_IP - {{- else }} - --p2p-advertised-ip=$POD_IP - --p2p-advertised-port={{ include "beacon.p2pPort" . }} - {{- end }} - {{- if and .Values.global.metrics.enabled .Values.beacon.metrics.enabled }} - --metrics-enabled={{ .Values.beacon.metrics.enabled }} - --metrics-categories={{ .Values.beacon.metrics.categories | join "," }} - --metrics-host-allowlist={{ .Values.beacon.metrics.hostAllowList | join "," }} - --metrics-interface={{ .Values.beacon.metrics.host }} - --metrics-port={{ .Values.beacon.metrics.port }} - {{- end }} - {{- range .Values.beacon.extraFlags }} - {{ . | quote }} - {{- end }} - {{/* - Configuration for Lighthouse beacon client - */}} - {{- else if eq .Values.beacon.client "lighthouse" }} - command: - - sh - - -ac - - > - {{- if .Values.global.p2pNodePort.enabled }} - . /env/init-nodeport; - {{- end }} - exec lighthouse - bn - --staking - {{- if .Values.beacon.proposerOnly }} - --proposer-only - {{- end }} - --datadir=/data/beacon - --network={{ .Values.global.network }} - --disable-upnp - --target-peers={{ index .Values.beacon.targetPeersMap .Values.beacon.client }} - {{- if .Values.beacon.restApi.enabled }} - --http - --http-port={{ index .Values.beacon.restApi.portMap "lighthouse" }} - --http-address={{ .Values.beacon.restApi.host }} - --http-allow-origin={{ .Values.beacon.restApi.corsOrigins | join "," }} - {{- end }} - {{- if .Values.beacon.checkPointSync.enabled }} - --checkpoint-sync-url={{ .Values.beacon.checkPointSync.url }} - {{- end }} - {{- if .Values.beacon.builderEndpoint }} - --builder={{ .Values.beacon.builderEndpoint }} - {{- end }} - {{- if .Values.beacon.suggestedFeeRecipient }} - --suggested-fee-recipient={{ .Values.beacon.suggestedFeeRecipient }} - {{- end }} - --execution-endpoint=http://localhost:{{ .Values.execution.jsonrpc.engine.port }} - {{- if .Values.global.externalSecrets.enabled }} - --execution-jwt=/external-secrets/JWT_SECRET - {{- else }} - --execution-jwt=/secret/jwtsecret - {{- end }} - {{- if .Values.global.p2pNodePort.enabled }} - --discovery-port=$EXTERNAL_BEACON_PORT - --port=$EXTERNAL_BEACON_PORT - {{- else }} - --discovery-port={{ include "beacon.p2pPort" . }} - --port={{ include "beacon.p2pPort" . }} - {{- end }} - {{- if and .Values.global.metrics.enabled .Values.beacon.metrics.enabled }} - --metrics - --metrics-port={{ .Values.beacon.metrics.port }} - --metrics-address={{ .Values.beacon.metrics.host }} - {{- end }} - {{- range .Values.beacon.extraFlags }} - {{ . }} - {{- end }} - {{/* - Configuration for Nimbus beacon client - */}} - {{- else if eq .Values.beacon.client "nimbus" }} - command: - - sh - - -ac - - > - {{- if .Values.global.p2pNodePort.enabled }} - . /env/init-nodeport; - {{- end }} - exec /home/user/nimbus-eth2/build/nimbus_beacon_node - --network={{ .Values.global.network }} - --data-dir=/data/beacon - {{- if .Values.global.externalSecrets.enabled }} - --jwt-secret=/external-secrets/JWT_SECRET - {{- else }} - --jwt-secret=/secret/jwtsecret - {{- end }} - --non-interactive - {{- if .Values.beacon.restApi.enabled }} - --rest=true - --rest-port={{ index .Values.beacon.restApi.portMap .Values.beacon.client }} - --rest-address={{ .Values.beacon.restApi.host }} - --rest-allow-origin=={{ .Values.beacon.restApi.hostAllowList | join "," }} - {{- end }} - {{- if .Values.beacon.builderEndpoint }} - --payload-builder=true - --payload-builder-url={{ .Values.beacon.builderEndpoint }} - {{- end }} - {{- if .Values.beacon.suggestedFeeRecipient }} - --suggested-fee-recipient={{ .Values.beacon.suggestedFeeRecipient }} - {{- end }} - --web3-url=http://localhost:{{ .Values.execution.jsonrpc.engine.port }} - --max-peers={{ index .Values.beacon.targetPeersMap .Values.beacon.client }} - --enr-auto-update=true - {{- if .Values.global.p2pNodePort.enabled }} - --nat=extip:$EXTERNAL_IP - --tcp-port=$EXTERNAL_BEACON_PORT - --udp-port=$EXTERNAL_BEACON_PORT - {{- else }} - --tcp-port={{ include "beacon.p2pPort" . }} - --udp-port={{ include "beacon.p2pPort" . }} - {{- end }} - {{- if and .Values.global.metrics.enabled .Values.beacon.metrics.enabled }} - --metrics - --metrics-port={{ .Values.beacon.metrics.port }} - --metrics-address={{ .Values.beacon.metrics.host }} - {{- end }} - {{- range .Values.beacon.extraFlags }} - {{ . }} - {{- end }} - {{/* - Configuration for Lodestar beacon client - */}} - {{- else if eq .Values.beacon.client "lodestar" }} - command: - - sh - - -ac - - > - {{- if .Values.global.p2pNodePort.enabled }} - . /env/init-nodeport; - {{- end }} - exec node - --max-old-space-size=4096 - /usr/app/node_modules/.bin/lodestar - beacon - --network={{ .Values.global.network }} - --dataDir=/data/beacon - {{- if .Values.beacon.checkPointSync.enabled }} - --checkpointSyncUrl={{ .Values.beacon.checkPointSync.url }} - {{- end }} - {{- if .Values.beacon.builderEndpoint }} - --builder - --builder.urls={{ .Values.beacon.builderEndpoint }} - {{- end }} - {{- if .Values.beacon.suggestedFeeRecipient }} - --suggestedFeeRecipient={{ .Values.beacon.suggestedFeeRecipient }} - {{- end }} - {{- if .Values.global.externalSecrets.enabled }} - --jwt-secret=/external-secrets/JWT_SECRET - {{- else }} - --jwt-secret=/secret/jwtsecret - {{- end }} - {{- if .Values.beacon.restApi.enabled }} - --rest - --rest.port={{ index .Values.beacon.restApi.portMap .Values.beacon.client }} - --rest.address={{ .Values.beacon.restApi.host }} - --rest.cors={{ .Values.beacon.restApi.corsOrigins | join "," }} - {{- end }} - --execution.urls=http://127.0.0.1:{{ .Values.execution.jsonrpc.engine.port }} - --targetPeers={{ index .Values.beacon.targetPeersMap .Values.beacon.client }} - {{- if .Values.global.p2pNodePort.enabled }} - --nat - --enr.ip=$EXTERNAL_IP - --enr.tcp=$EXTERNAL_BEACON_PORT - --enr.udp=$EXTERNAL_BEACON_PORT - {{- else }} - --port={{ include "beacon.p2pPort" . }} - {{- end }} - {{- if and .Values.global.metrics.enabled .Values.beacon.metrics.enabled }} - --metrics=true - --metrics.port={{ .Values.beacon.metrics.port }} - --metrics.address={{ .Values.beacon.metrics.host }} - {{- end }} - {{- range .Values.beacon.extraFlags }} - {{ . }} - {{- end }} - {{- end }} - env: - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - {{- if and (eq .Values.beacon.client "teku") .Values.beacon.javaOpts.enabled }} - - name: JAVA_OPTS - value: {{ .Values.beacon.javaOpts.maxHeapSize }} - {{- end }} - ports: - {{- if and (eq .Values.execution.client "prysm") .Values.beacon.grpc.enabled }} - - containerPort: {{ .Values.beacon.grpc.port }} - name: {{ .Values.beacon.grpc.portName }}-beacon - protocol: TCP - {{- end }} - {{- if .Values.global.p2pNodePort.enabled }} - - name: p2p-tcp-beacon - containerPort: {{ include "beacon.p2pPort" . }} - protocol: TCP - - name: p2p-udp-beacon - containerPort: {{ include "beacon.p2pPort" . }} - protocol: UDP - {{- end }} - {{- if .Values.beacon.restApi.enabled }} - - containerPort: {{ index .Values.beacon.restApi.portMap .Values.beacon.client }} - name: http-beacon - protocol: TCP - {{- end }} - {{- if and .Values.global.metrics.enabled .Values.beacon.metrics.enabled }} - - containerPort: {{ .Values.beacon.metrics.port }} - name: metrics-beacon - protocol: TCP - {{- end }} - volumeMounts: - - name: data-beacon - mountPath: /data/beacon - {{- if .Values.global.externalSecrets.enabled }} - - name: external-secrets - mountPath: /external-secrets - readOnly: true - {{- end }} - {{- if .Values.global.JWTSecret }} - - name: jwtsecret - mountPath: /secret - readOnly: true - {{- end }} - - name: env-nodeport - mountPath: /env - {{- with .Values.beacon.resources }} - resources: - {{ toYaml . | nindent 12 | trim }} - {{- end }} - {{- if and .Values.global.ethsider.enabled .Values.beacon.restApi.enabled .Values.execution.jsonrpc.enabled }} - - name: ethsider - image: "{{ .Values.global.ethsider.repository }}:{{ .Values.global.ethsider.tag }}" - imagePullPolicy: {{ .Values.global.ethsider.pullPolicy }} - env: - - name: EXECUTION_ENDPOINT - value: "http://localhost:{{ .Values.execution.jsonrpc.http.port }}" - - name: BEACON_ENDPOINT - value: "http://localhost:{{ index .Values.beacon.restApi.portMap .Values.beacon.client }}" - {{- if .Values.ethsider.livenessProbe.enabled }} - livenessProbe: - initialDelaySeconds: {{ .Values.ethsider.livenessProbe.initialDelaySeconds }} - timeoutSeconds: {{ .Values.ethsider.livenessProbe.timeoutSeconds }} - periodSeconds: {{ .Values.ethsider.livenessProbe.periodSeconds }} - failureThreshold: {{ .Values.ethsider.livenessProbe.failureThreshold }} - successThreshold: {{ .Values.ethsider.livenessProbe.successThreshold }} - httpGet: - path: {{ .Values.ethsider.livenessProbe.httpGet.path }} - port: {{ .Values.ethsider.livenessProbe.httpGet.port }} - scheme: {{ .Values.ethsider.livenessProbe.httpGet.scheme }} - {{- end }} - {{- if .Values.ethsider.readinessProbe.enabled }} - readinessProbe: - initialDelaySeconds: {{ .Values.ethsider.readinessProbe.initialDelaySeconds }} - timeoutSeconds: {{ .Values.ethsider.readinessProbe.timeoutSeconds }} - periodSeconds: {{ .Values.ethsider.readinessProbe.periodSeconds }} - failureThreshold: {{ .Values.ethsider.readinessProbe.failureThreshold }} - successThreshold: {{ .Values.ethsider.readinessProbe.successThreshold }} - httpGet: - path: {{ .Values.ethsider.readinessProbe.httpGet.path }} - port: {{ .Values.ethsider.readinessProbe.httpGet.port }} - scheme: {{ .Values.ethsider.readinessProbe.httpGet.scheme }} - {{- end }} - {{- end }} - volumes: - - name: scripts-init - configMap: - name: {{ include "common.names.fullname" . }}-init - {{- if .Values.global.JWTSecret }} - - name: jwtsecret - secret: - secretName: {{ include "common.names.fullname" . }} - {{- end }} - {{- if .Values.global.externalSecrets.enabled }} - - name: external-secrets - secret: - secretName: eso-{{ include "common.names.fullname" . }} - {{- end }} - - name: env-nodeport - emptyDir: {} - volumeClaimTemplates: - - metadata: - name: data-execution - labels: - {{- include "common.labels.statefulset" . | nindent 10 }} - {{- with .Values.execution.persistence.annotations }} - annotations: - {{ toYaml . | nindent 10 | trim }} - {{- end }} - spec: - accessModes: {{ .Values.execution.persistence.accessModes }} - storageClassName: {{ .Values.execution.persistence.storageClassName }} - resources: - requests: - storage: {{ .Values.execution.persistence.size | quote }} - - metadata: - name: data-beacon - labels: - {{- include "common.labels.statefulset" . | nindent 10 }} - {{- with .Values.beacon.persistence.annotations }} - annotations: - {{ toYaml . | nindent 10 | trim }} - {{- end }} - spec: - accessModes: {{ .Values.beacon.persistence.accessModes }} - storageClassName: {{ .Values.beacon.persistence.storageClassName }} - resources: - requests: - storage: {{ .Values.beacon.persistence.size | quote }} diff --git a/charts/execution-beacon/templates/tests/test-connection-nethermind.yaml b/charts/execution-beacon/templates/tests/test-connection-nethermind.yaml deleted file mode 100644 index e69de29bb..000000000 diff --git a/charts/execution-beacon/templates/tests/test-connection-prysm.yaml b/charts/execution-beacon/templates/tests/test-connection-prysm.yaml deleted file mode 100644 index f5374d447..000000000 --- a/charts/execution-beacon/templates/tests/test-connection-prysm.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- if eq .Values.beacon.client "prysm" }} -apiVersion: v1 -kind: Pod -metadata: - name: "{{ include "common.names.fullname" . }}-test-connection-beacon" - labels: - {{- include "common.labels.standard" . | nindent 4 }} - annotations: - "helm.sh/hook": test -spec: - containers: - - name: wget - image: busybox - command: ['wget'] - args: ['{{ include "common.names.fullname" . }}:{{ .Values.beacon.grpc.port }}'] - restartPolicy: Never -{{- end }} diff --git a/charts/execution-beacon/templates/validate.yaml b/charts/execution-beacon/templates/validate.yaml deleted file mode 100644 index f358d77f6..000000000 --- a/charts/execution-beacon/templates/validate.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{- $jwtSecret := .Values.global.JWTSecret }} -{{- $regex := "^[0-9a-f]{64}$" }} -{{- if and $jwtSecret (not (regexMatch $regex $jwtSecret)) }} -{{- fail "global.JWTSecret must be a 32-byte long hex string" }} -{{- end }} - -{{- $address := .Values.beacon.suggestedFeeRecipient }} -{{- $regex := "^0x[a-fA-F0-9]{40}$" }} -{{- if not $address }} -{{- fail "beacon.suggestedFeeRecipient is required" }} -{{- else if not (regexMatch $regex $address) }} -{{- fail "beacon.suggestedFeeRecipient must be a valid Ethereum address (0x string)" }} -{{- end }} - -# validate checkpoint -# validate builderEndpoint -# validate storagesize for mainnet \ No newline at end of file diff --git a/charts/execution-beacon/values.yaml b/charts/execution-beacon/values.yaml deleted file mode 100644 index 5f7a93ed2..000000000 --- a/charts/execution-beacon/values.yaml +++ /dev/null @@ -1,561 +0,0 @@ -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -global: - replicaCount: 1 - - ## Ethereum network - ## - network: mainnet - - image: - imagePullPolicy: IfNotPresent - execution: - nethermind: - repository: "nethermind/nethermind" - tag: "1.18.1" - geth: - repository: "ethereum/client-go" - tag: "v1.11.6" - bseu: - repository: "hyperledger/besu" - tag: "23.4.1" - erigon: - repository: "thorax/erigon" - tag: "v2.43.1" - beacon: - prysm: - repository: "gcr.io/prysmaticlabs/prysm/beacon-chain" - tag: "v4.0.5" - teku: - repository: "consensys/teku" - tag: "23.5.0" - lighthouse: - repository: "sigp/lighthouse" - tag: "v4.2.0" - nimbus: - repository: "statusim/nimbus-eth2" - tag: "multiarch-v23.5.1" - lodestar: - repository: "chainsafe/lodestar" - tag: "v1.8.0" - - ## JSON Web Token (JWT) authentication is used to secure the communication - ## between the beacon node and execution client. You can generate a JWT using - ## a command line tool, for example: - ## openssl rand -hex 32 > token.txt - ## - JWTSecret: "" - - ## Credentials to fetch images from private registry - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## - imagePullSecrets: [] - # Node labels for pod assignment - ## ref: https://kubernetes.io/docs/user-guide/node-selection/ - ## - nodeSelector: {} - - ## Tolerations for pod assignment - ## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ - ## - tolerations: {} - - ## Affinity for pod assignment - ## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity - ## - ## Example: - ## affinity: - ## podAntiAffinity: - ## requiredDuringSchedulingIgnoredDuringExecution: - ## - labelSelector: - ## matchExpressions: - ## - key: app.kubernetes.io/name - ## operator: In - ## values: - ## - prysm - ## topologyKey: kubernetes.io/hostname - ## - affinity: {} - - ## Used to assign priority to pods - ## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ - ## - priorityClassName: "" - - externalSecrets: - enabled: false - secretStoreRef: - name: secretStoreRef - kind: SecretStore - data: - - secretKey: JWT_SECRET - remoteRef: - key: ethereumValidators - property: jwt - - ethsider: - enabled: false - repository: "nethermindeth/ethsider" - tag: "v0.0.7" - pullPolicy: IfNotPresent - ## Configure liveness and readiness probes - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ - ## NB! readinessProbe and livenessProbe must be disabled before genesis - ## - livenessProbe: - enabled: true - initialDelaySeconds: 900 - timeoutSeconds: 3 - periodSeconds: 30 - failureThreshold: 3 - successThreshold: 1 - httpGet: - path: /eth2/liveness - port: sidecar - scheme: HTTP - - readinessProbe: - enabled: true - initialDelaySeconds: 300 - timeoutSeconds: 3 - periodSeconds: 30 - failureThreshold: 30 - successThreshold: 2 - httpGet: - path: /eth2/readiness - port: sidecar - scheme: HTTP - - service: - svcHeadless: true - - sessionAffinity: - # Whether to enable session affinity or not - enabled: false - # The session duration in seconds - timeoutSeconds: 86400 - - ## Service account - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ - ## - serviceAccount: - create: true - - ## RBAC configuration. - ## ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/ - ## - rbac: - create: true - - ## Termination Grace Period - ## ref: https://kubernetes.io/docs/tasks/run-application/force-delete-stateful-set-pod/#delete-pods - ## - terminationGracePeriodSeconds: 300 - - ## Init image is used to chown data volume, initialise genesis, etc. - ## - initImage: - repository: "bitnami/kubectl" - tag: "1.25" - pullPolicy: IfNotPresent - - ## Monitoring - ## - metrics: - enabled: true - annotations: {} - ## Prometheus Service Monitor - ## ref: https://github.com/coreos/prometheus-operator - ## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint - ## - serviceMonitor: - ## The namespace in which the ServiceMonitor will be created - ## - namespace: "" - ## The interval at which metrics should be scraped - ## - interval: 30s - ## The timeout after which the scrape is ended - ## - scrapeTimeout: "" - ## Metrics RelabelConfigs to apply to samples before scraping. - ## - relabellings: [] - ## Metrics RelabelConfigs to apply to samples before ingestion. - ## - metricRelabelings: [] - ## Specify honorLabels parameter to add the scrape endpoint - ## - honorLabels: false - ## Additional labels that can be used so ServiceMonitor resource(s) can be discovered by Prometheus - ## - additionalLabels: {} - ## Custom PrometheusRule to be defined - ## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions - ## - prometheusRule: - ## Create a default set of Alerts - ## - default: true - ## The namespace in which the prometheusRule will be created - ## - namespace: "" - ## Additional labels for the prometheusRule - ## - additionalLabels: {} - ## Custom Prometheus rules - ## - rules: [] - - ## When p2pNodePort is enabled, your P2P port will be exposed via service type NodePort. - ## This will generate a service for each replica, with a port binding via NodePort. - ## This is useful if you want to expose and announce your node to the Internet. - ## - p2pNodePort: - ## @param p2pNodePort.enabled Expose P2P port via NodePort - ## - enabled: false - ## @param p2pNodePort.annotations - ## - annotations: {} - ## @param p2pNodePort.type - ## Options: NodePort, LoadBalancer - type: NodePort - ## @param p2pNodePort.startAt The ports allocation will start from this value - ## - startAtExecution: 31100 - startAtBeacon: 31200 - ## @param p2pNodePort.replicaToNodePort Overwrite a port for specific replicas - ## @default -- See `values.yaml` for example - replicaToNodePort: {} - # "0": 32345 - # "3": 32348 - - ## Pod Security Context - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ - ## - securityContext: - fsGroup: 1001 - runAsUser: 1001 - -execution: - client: geth - livenessProbe: - enabled: false - readinessProbe: - enabled: false - - ## Whether or not to allocate persistent volume disk for the data directory. - ## In case of node failure, the node data directory will still persist. - ## - persistence: - enabled: true - storageClassName: "" - accessModes: - - ReadWriteOnce - size: 100Gi - annotations: {} - - ## If false, data ownership will not be reset at startup - ## This allows the execution node to be run with an arbitrary user - ## - initChownData: true - - # private api network address, for example: 127.0.0.1:9090, - # empty string means not to start the listener. - # Do not expose to public network. - # Serves remote database interface (default: "127.0.0.1:9090") - privateApiAddr: "127.0.0.1:9090" - - ## Monitoring - ## Additional settings could be made in non-global section. - ## - metrics: - ## Whether to enable metrics collection or not - ## - enabled: true - - port: 8008 - host: "0.0.0.0" - - ## Prometheus Service Monitor - ## ref: https://github.com/coreos/prometheus-operator - ## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint - ## - serviceMonitor: - ## Create ServiceMonitor resource(s) for scraping metrics using PrometheusOperator - ## - enabled: true - - ## Custom PrometheusRule to be defined - ## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions - ## - prometheusRule: - ## Create a custom prometheusRule Resource for scraping metrics using PrometheusOperator - ## - enabled: true - - ## -------------------------- Execution node specific settings ----------------------------------------- - # Manually specify TerminalTotalDifficulty, overriding the bundled setting - terminalTotalDifficulty: "" - - jsonrpc: - enabled: true - namespaces: - nethermind: - - Web3 - - Eth - - Net - - Subscribe - - Health - geth: - - web3 - - eth - - net - - engine - erigon: - - eth - - erigon - - web3 - - net - - engine - host: "0.0.0.0" - grpc: - port: 9090 - http: - port: 8545 - corsOrigins: - - "*" - hostAllowList: - - "*" - websocket: - enabled: true - port: 8546 - origins: "*" - engine: - port: 8551 - hostAllowList: - - "*" - corsOrigins: - - "*" - - ## Besu specific setting - javaOpts: - enabled: false - # This option is used to set java specific values for heap size and should be used if you experience out of memory errors. - # The Xmx option stands for the maximum memory allocation pool for a Java Virtual Machine ( JVM ). - # https://besu.hyperledger.org/en/stable/public-networks/how-to/configure-jvm/manage-memory/ - # Example for kubernetes resources at 8Gi memory: - # maxHeapSize: "-Xmx3g" - maxHeapSize: "" - - # Nethermind HealthChecks module - healthchecks: - enabled: true - slug: "/health" - pollingInterval: 5 - lowStorageSpaceShutdownThreshold: 0 - lowStorageSpaceWarningThreshold: 5 - - targetPeers: 100 - ## Extra flags to pass to the node - ## - extraFlags: [] - resources: {} - -beacon: - client: nimbus - - ## Whether or not to allocate persistent volume disk for the data directory. - ## In case of node failure, the node data directory will still persist. - ## - persistence: - enabled: true - storageClassName: "" - accessModes: - - ReadWriteOnce - size: 100Gi - annotations: {} - - ## If false, data ownership will not be reset at startup - ## This allows the beacon node to be run with an arbitrary user - ## - initChownData: true - - metrics: - ## Whether to enable metrics collection or not - ## - enabled: true - annotations: {} - - port: 9090 - host: "0.0.0.0" - - ## Monitoring - ## Teku Metric categories to enable - categories: - - JVM - - PROCESS - - BEACON - - DISCOVERY - - EVENTBUS - - EXECUTOR - - NETWORK - - STORAGE - - STORAGE_HOT_DB - - STORAGE_FINALIZED_DB - - REMOTE_VALIDATOR - - VALIDATOR - - VALIDATOR_PERFORMANCE - - # List of hostnames to allow, or * to allow any host - hostAllowList: - - "*" - ## Prometheus Service Monitor - ## ref: https://github.com/coreos/prometheus-operator - ## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint - ## - serviceMonitor: - ## Create ServiceMonitor resource(s) for scraping metrics using PrometheusOperator - ## - enabled: true - - ## Custom PrometheusRule to be defined - ## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions - ## - prometheusRule: - ## Create a custom prometheusRule Resource for scraping metrics using PrometheusOperator - ## - enabled: true - - ## To get Beacon node up and running in only a few minutes - ## from a recent finalized checkpoint state rather than syncing from genesis. - ## - checkPointSync: - enabled: false - url: "" - trustedSourceUrl: "" - - ## Post bellatrix, this address will receive the transaction fees produced - ## by any blocks from this node. Default to junk whilst bellatrix is in development state. - ## Validator client can override this value through the preparebeaconproposer api. - ## - suggestedFeeRecipient: "" - - # Lighthouse specific setting - proposerOnly: false - - ## Teku specific setting - javaOpts: - enabled: true - # This option is used to set java specific values for heap size and should be used if you experience out of memory errors. - # The Xmx option stands for the maximum memory allocation pool for a Java Virtual Machine ( JVM ). - # https://besu.hyperledger.org/en/stable/public-networks/how-to/configure-jvm/manage-memory/ - # Example for kubernetes resources at 8Gi memory: - # maxHeapSize: "-Xmx3g" - maxHeapSize: "-Xmx3g" - - ## MEV Boost endpoint - ## - builderEndpoint: "" - # Sets the frequency, in slots, at which to store - # finalized states to disk. This option is ignored - # if --data-storage-mode is set to PRUNE - dataStorageArchiveFrequency: "2048" - # Sets the strategy for handling historical chain data - # (Valid values: ARCHIVE, PRUNE) - dataStorageMode: PRUNE - # Store non-canonical blocks - dataStorageNonCanonicalBlocksEnabled: false - - # Rest API Settings - restApi: - # Enables Beacon Rest API - enabled: true - host: "0.0.0.0" - # Comma-separated list of hostnames to allow, or * - # to allow any host - hostAllowList: - - "*" - corsOrigins: - - "*" - # Port number of Beacon Rest API - portMap: - teku: 5051 - prysm: 8080 - lighthouse: 5052 - nimbus: 5052 - lodestar: 9596 - - grpc: - enabled: true - host: "0.0.0.0" - port: 4000 - portName: "rpc" - - targetPeersMap: - teku: 100 - prysm: 160 - lighthouse: 100 - nimbus: 100 - lodestar: 100 - - ## Sets the total difficulty to manual overrides the default - ## TERMINAL_TOTAL_DIFFICULTY value. WARNING: This flag should be used only if you - ## have a clear understanding that community has decided to override the terminal difficulty. - ## Incorrect usage will result in your node experience consensus failure. - totalDifficultyOverride: "" - - ## Extra flags to pass to the node - ## - extraFlags: [] - resources: {} - -## Service account -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ -## -serviceAccount: - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - -## Provide a name in place of geth for `app:` labels -## -nameOverride: "" - -## Provide a name to substitute for the full names of resources -## -fullnameOverride: "" -# RBAC configuration. -## ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/ -## -rbac: - # The name of the cluster role to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - ## Required ClusterRole rules - ## - clusterRules: - ## Required to obtain the nodes external IP - ## - - apiGroups: [""] - resources: - - "nodes" - verbs: - - "get" - - "list" - - "watch" - ## Required Role rules - ## - rules: - ## Required to get information about the services nodePort. - ## - - apiGroups: [""] - resources: - - "services" - verbs: - - "get" - - "list" - - "watch" \ No newline at end of file diff --git a/charts/mev-boost/.helmignore b/charts/mev-boost/.helmignore deleted file mode 100644 index 0e8a0eb36..000000000 --- a/charts/mev-boost/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/charts/mev-boost/Chart.lock b/charts/mev-boost/Chart.lock deleted file mode 100644 index 216e2517d..000000000 --- a/charts/mev-boost/Chart.lock +++ /dev/null @@ -1,6 +0,0 @@ -dependencies: -- name: common - repository: file://../common - version: 1.0.0 -digest: sha256:07cebde439abe4ba19bb28e844b7419dab83c7f613886416aaf3ec08e8059144 -generated: "2022-07-27T11:12:34.275824+03:00" diff --git a/charts/mev-boost/Chart.yaml b/charts/mev-boost/Chart.yaml deleted file mode 100644 index 10a1c81c9..000000000 --- a/charts/mev-boost/Chart.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: v2 -name: mev-boost -description: mev-boost allows proof-of-stake Ethereum consensus clients to outsource block construction -home: https://boost.flashbots.net/ -keywords: - - ethereum - - blockchain - - mev-boost - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -# Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.1 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. Versions are not expected to -# follow Semantic Versioning. They should reflect the version the application is using. -# It is recommended to use it with quotes. -appVersion: "v1.5.0" - -dependencies: -- name: common - repository: file://../common - version: 1.0.0 diff --git a/charts/mev-boost/templates/_helpers.tpl b/charts/mev-boost/templates/_helpers.tpl deleted file mode 100644 index c144d8f6f..000000000 --- a/charts/mev-boost/templates/_helpers.tpl +++ /dev/null @@ -1,62 +0,0 @@ -{{/* -Expand the name of the chart. -*/}} -{{- define "mev-boost.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "mev-boost.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "mev-boost.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "mev-boost.labels" -}} -helm.sh/chart: {{ include "mev-boost.chart" . }} -{{ include "mev-boost.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "mev-boost.selectorLabels" -}} -app.kubernetes.io/name: {{ include "mev-boost.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "mev-boost.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "mev-boost.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} diff --git a/charts/mev-boost/templates/deployment.yaml b/charts/mev-boost/templates/deployment.yaml deleted file mode 100644 index bb11fed9d..000000000 --- a/charts/mev-boost/templates/deployment.yaml +++ /dev/null @@ -1,76 +0,0 @@ -apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} -kind: Deployment -metadata: - name: {{ include "common.names.fullname" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} -spec: - {{- if not .Values.autoscaling.enabled }} - replicas: {{ .Values.replicaCount }} - {{- end }} - selector: - matchLabels: - {{- include "common.labels.matchLabels" . | nindent 6 }} - template: - metadata: - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "common.labels.matchLabels" . | nindent 8 }} - spec: - {{- with (concat .Values.imagePullSecrets .Values.global.imagePullSecrets) }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "common.names.serviceAccountName" . }} - securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - args: - - -{{ .Values.global.network }} - - -relay-check - {{- range $relay := index .Values.relays .Values.global.network }} - - relay - - "{{ $relay }}" - {{- end }} - - -addr - - 0.0.0.0:{{ .Values.service.port }} - - -loglevel - - {{ .Values.logLevel }} - - -json - {{- range .Values.extraFlags }} - - {{ . | quote }} - {{- end }} - ports: - - name: http - containerPort: {{ .Values.service.port }} - protocol: TCP - livenessProbe: - httpGet: - path: / - port: http - readinessProbe: - httpGet: - path: / - port: http - resources: - {{- toYaml .Values.resources | nindent 12 }} - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/charts/mev-boost/templates/hpa.yaml b/charts/mev-boost/templates/hpa.yaml deleted file mode 100644 index 9db6ea212..000000000 --- a/charts/mev-boost/templates/hpa.yaml +++ /dev/null @@ -1,30 +0,0 @@ -{{- if .Values.autoscaling.enabled }} -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: {{ include "common.names.fullname" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} -spec: - scaleTargetRef: - apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} - kind: Deployment - name: {{ include "common.names.fullname" . }} - minReplicas: {{ .Values.autoscaling.minReplicas }} - maxReplicas: {{ .Values.autoscaling.maxReplicas }} - metrics: - {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} - {{- end }} - {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} - - type: Resource - resource: - name: memory - targetAverageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} - {{- end }} -{{- end }} diff --git a/charts/mev-boost/templates/service.yaml b/charts/mev-boost/templates/service.yaml deleted file mode 100644 index 0c14a8d6f..000000000 --- a/charts/mev-boost/templates/service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.names.fullname" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.service.port }} - targetPort: http - protocol: TCP - name: http - selector: - {{- include "common.labels.matchLabels" . | nindent 4 }} diff --git a/charts/mev-boost/templates/serviceaccount.yaml b/charts/mev-boost/templates/serviceaccount.yaml deleted file mode 100644 index ad5aa4d50..000000000 --- a/charts/mev-boost/templates/serviceaccount.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "common.names.serviceAccountName" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/mev-boost/templates/tests/test-connection.yaml b/charts/mev-boost/templates/tests/test-connection.yaml deleted file mode 100644 index 834231951..000000000 --- a/charts/mev-boost/templates/tests/test-connection.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Pod -metadata: - name: "{{ include "mev-boost.fullname" . }}-test-connection" - labels: - {{- include "mev-boost.labels" . | nindent 4 }} - annotations: - "helm.sh/hook": test -spec: - containers: - - name: wget - image: busybox - command: ['wget'] - args: ['{{ include "mev-boost.fullname" . }}:{{ .Values.service.port }}'] - restartPolicy: Never diff --git a/charts/mev-boost/values.yaml b/charts/mev-boost/values.yaml deleted file mode 100644 index f36859bc5..000000000 --- a/charts/mev-boost/values.yaml +++ /dev/null @@ -1,95 +0,0 @@ -# Default values for mev-boost. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -global: - # Options: mainnet, goerli, sepolia - network: "mainnet" - - ## Credentials to fetch images from private registry - ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ - ## - imagePullSecrets: [] - - serviceAccount: - create: true - -# Relay URLs -relays: - mainnet: - # Flashbots - - "https://0xac6e77dfe25ecd6110b8e780608cce0dab71fdd5ebea22a16c0205200f2f8e2e3ad3b71d3499c54ad14d6c21b41a37ae@boost-relay.flashbots.net" - goerli: - - "https://0xafa4c6985aa049fb79dd37010438cfebeb0f2bd42b115b89dd678dab0670c1de38da0c4e9138c9290a398ecd9a0b3110@builder-relay-goerli.flashbots.net" - sepolia: - - "https://0x845bd072b7cd566f02faeb0a4033ce9399e42839ced64e8b2adcfc859ed1e8e1a5a293336a49feac6d9a5edb779be53a@builder-relay-sepolia.flashbots.net" - -# minimum loglevel: trace, debug, info, warn/warning, error, fatal, panic -logLevel: info - -## Extra flags for mev-boost -## -extraFlags: [] - -replicaCount: 1 - -image: - repository: flashbots/mev-boost - pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. - tag: "v1.5.0" - -imagePullSecrets: [] -nameOverride: "" -fullnameOverride: "" - -serviceAccount: - # Specifies whether a service account should be created - create: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - -podAnnotations: {} - -podSecurityContext: {} - # fsGroup: 2000 - -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - -service: - type: ClusterIP - port: 18550 - -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - -autoscaling: - enabled: false - minReplicas: 1 - maxReplicas: 100 - targetCPUUtilizationPercentage: 80 - # targetMemoryUtilizationPercentage: 80 - -nodeSelector: {} - -tolerations: [] - -affinity: {} diff --git a/charts/posmoni/.helmignore b/charts/posmoni/.helmignore deleted file mode 100644 index 0e8a0eb36..000000000 --- a/charts/posmoni/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/charts/posmoni/Chart.lock b/charts/posmoni/Chart.lock deleted file mode 100644 index bf2e36019..000000000 --- a/charts/posmoni/Chart.lock +++ /dev/null @@ -1,6 +0,0 @@ -dependencies: -- name: common - repository: file://../common - version: 1.0.0 -digest: sha256:07cebde439abe4ba19bb28e844b7419dab83c7f613886416aaf3ec08e8059144 -generated: "2022-05-02T13:36:12.005448244+03:00" diff --git a/charts/posmoni/Chart.yaml b/charts/posmoni/Chart.yaml deleted file mode 100644 index ca446e556..000000000 --- a/charts/posmoni/Chart.yaml +++ /dev/null @@ -1,34 +0,0 @@ -apiVersion: v2 -name: posmoni -description: A Helm chart for installing and configuring Posmoni - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -# Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.1 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. Versions are not expected to -# follow Semantic Versioning. They should reflect the version the application is using. -# It is recommended to use it with quotes. -appVersion: "v0.0.1" - -keywords: - - ethereum - -home: https://nethermind.io/ - -dependencies: -- name: common - repository: file://../common - version: 1.0.0 diff --git a/charts/posmoni/templates/_helpers.tpl b/charts/posmoni/templates/_helpers.tpl deleted file mode 100644 index b1177e68a..000000000 --- a/charts/posmoni/templates/_helpers.tpl +++ /dev/null @@ -1,62 +0,0 @@ -{{/* -Expand the name of the chart. -*/}} -{{- define "posmoni.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "posmoni.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "posmoni.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "posmoni.labels" -}} -helm.sh/chart: {{ include "posmoni.chart" . }} -{{ include "posmoni.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "posmoni.selectorLabels" -}} -app.kubernetes.io/name: {{ include "posmoni.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "posmoni.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "posmoni.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} diff --git a/charts/posmoni/templates/configmap.yaml b/charts/posmoni/templates/configmap.yaml deleted file mode 100644 index b4e021516..000000000 --- a/charts/posmoni/templates/configmap.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.names.fullname" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} -data: - config.yaml: | - {{- toYaml .Values.posmoni | nindent 4 }} - diff --git a/charts/posmoni/templates/service.yaml b/charts/posmoni/templates/service.yaml deleted file mode 100644 index d35d35539..000000000 --- a/charts/posmoni/templates/service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "posmoni.fullname" . }} - labels: - {{- include "posmoni.labels" . | nindent 4 }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.metricsPort }} - targetPort: metrics - protocol: TCP - name: metrics - selector: - {{- include "posmoni.selectorLabels" . | nindent 4 }} diff --git a/charts/posmoni/templates/serviceaccount.yaml b/charts/posmoni/templates/serviceaccount.yaml deleted file mode 100644 index cb2edd11f..000000000 --- a/charts/posmoni/templates/serviceaccount.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if or .Values.global.serviceAccount.create .Values.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "common.names.serviceAccountName" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/posmoni/templates/servicemonitor.yaml b/charts/posmoni/templates/servicemonitor.yaml deleted file mode 100644 index bd99c3387..000000000 --- a/charts/posmoni/templates/servicemonitor.yaml +++ /dev/null @@ -1,41 +0,0 @@ -{{- if .Values.serviceMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ include "common.names.fullname" . }} - {{- if .Values.serviceMonitor.namespace }} - namespace: {{ .Values.serviceMonitor.namespace }} - {{- else }} - namespace: {{ .Release.Namespace | quote }} - {{- end }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.serviceMonitor.additionalLabels }} - {{- toYaml .Values.serviceMonitor.additionalLabels | nindent 4 }} - {{- end }} -spec: - endpoints: - - port: metrics - path: /metrics - {{- if .Values.serviceMonitor.interval }} - interval: {{ .Values.serviceMonitor.interval }} - {{- end }} - {{- if .Values.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.serviceMonitor.scrapeTimeout }} - {{- end }} - {{- if .Values.serviceMonitor.honorLabels }} - honorLabels: {{ .Values.serviceMonitor.honorLabels }} - {{- end }} - {{- if .Values.serviceMonitor.relabelings }} - relabelings: {{- toYaml .Values.serviceMonitor.relabelings | nindent 6 }} - {{- end }} - {{- if .Values.serviceMonitor.metricRelabelings }} - metricRelabelings: {{- toYaml .Values.serviceMonitor.metricRelabelings | nindent 6 }} - {{- end }} - namespaceSelector: - matchNames: - - {{ .Release.Namespace }} - selector: - matchLabels: - {{- include "common.labels.matchLabels" . | nindent 6 }} -{{- end }} \ No newline at end of file diff --git a/charts/posmoni/templates/statefulset.yaml b/charts/posmoni/templates/statefulset.yaml deleted file mode 100644 index e49cefd8e..000000000 --- a/charts/posmoni/templates/statefulset.yaml +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }} -kind: StatefulSet -metadata: - name: {{ include "common.names.fullname" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - {{- include "common.labels.matchLabels" . | nindent 6 }} - serviceName: {{ include "common.names.fullname" . }} - template: - metadata: - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "common.labels.matchLabels" . | nindent 8 }} - spec: - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "posmoni.serviceAccountName" . }} - securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - args: - - ethereum - - --config - - /config/config.yaml - ports: - - name: metrics - containerPort: {{ .Values.metricsPort }} - protocol: TCP - livenessProbe: - httpGet: - path: /metrics - port: metrics - initialDelaySeconds: 900 - timeoutSeconds: 3 - periodSeconds: 30 - failureThreshold: 3 - successThreshold: 1 - readinessProbe: - httpGet: - path: /metrics - port: metrics - initialDelaySeconds: 60 - timeoutSeconds: 3 - periodSeconds: 30 - failureThreshold: 3 - successThreshold: 1 - resources: - {{- toYaml .Values.resources | nindent 12 }} - volumeMounts: - - name: config - mountPath: /config - volumes: - - name: config - configMap: - name: {{ include "common.names.fullname" . }} diff --git a/charts/posmoni/values.yaml b/charts/posmoni/values.yaml deleted file mode 100644 index f12656b36..000000000 --- a/charts/posmoni/values.yaml +++ /dev/null @@ -1,111 +0,0 @@ -# Default values for web3signer. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -global: - serviceAccount: - create: true - -replicaCount: 1 - -image: - repository: nethermindeth/posmoni - pullPolicy: IfNotPresent - tag: "enable-monitoring" - -posmoni: - logs: - logLevel: INFO - validators: [1,2,3] - consensus: http://localhost:4000 - execution: http://localhost:8545 - -metricsPort: 2112 - -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ -## -serviceAccount: - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - -podAnnotations: {} - -## Pod Security Context -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ -## -podSecurityContext: {} - -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - -service: - type: ClusterIP - port: 80 - -## Configure resource requests and limits. -## ref: http://kubernetes.io/docs/user-guide/compute-resources/ -## -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - -## Node labels for pod assignment -## ref: https://kubernetes.io/docs/user-guide/node-selection/ -## -nodeSelector: {} - -## Tolerations for pod assignment -## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -## -tolerations: {} - -## Affinity for pod assignment -## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -## -affinity: {} - -## Prometheus Service Monitor -## ref: https://github.com/coreos/prometheus-operator -## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint -## -serviceMonitor: - ## @param metrics.serviceMonitor.enabled Create ServiceMonitor resource(s) for scraping metrics using PrometheusOperator - ## - enabled: false - ## @param metrics.serviceMonitor.namespace The namespace in which the ServiceMonitor will be created - ## - namespace: "" - ## @param metrics.serviceMonitor.interval The interval at which metrics should be scraped - ## - interval: 30s - ## @param metrics.serviceMonitor.scrapeTimeout The timeout after which the scrape is ended - ## - scrapeTimeout: "" - ## @param metrics.serviceMonitor.relabellings Metrics RelabelConfigs to apply to samples before scraping. - ## - relabellings: [] - ## @param metrics.serviceMonitor.metricRelabelings Metrics RelabelConfigs to apply to samples before ingestion. - ## - metricRelabelings: [] - ## @param metrics.serviceMonitor.honorLabels Specify honorLabels parameter to add the scrape endpoint - ## - honorLabels: false - ## @param metrics.serviceMonitor.additionalLabels Additional labels that can be used so ServiceMonitor resource(s) can be discovered by Prometheus - ## - additionalLabels: {} diff --git a/charts/validator-ejector/.helmignore b/charts/validator-ejector/.helmignore deleted file mode 100644 index 0e8a0eb36..000000000 --- a/charts/validator-ejector/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/charts/validator-ejector/Chart.lock b/charts/validator-ejector/Chart.lock deleted file mode 100644 index bf2e36019..000000000 --- a/charts/validator-ejector/Chart.lock +++ /dev/null @@ -1,6 +0,0 @@ -dependencies: -- name: common - repository: file://../common - version: 1.0.0 -digest: sha256:07cebde439abe4ba19bb28e844b7419dab83c7f613886416aaf3ec08e8059144 -generated: "2022-05-02T13:36:12.005448244+03:00" diff --git a/charts/validator-ejector/Chart.yaml b/charts/validator-ejector/Chart.yaml deleted file mode 100644 index 1c45fe756..000000000 --- a/charts/validator-ejector/Chart.yaml +++ /dev/null @@ -1,37 +0,0 @@ -apiVersion: v2 -name: validator-ejector -description: A Helm chart for installing and configuring Lido's validator-ejector - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -# Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.1 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. Versions are not expected to -# follow Semantic Versioning. They should reflect the version the application is using. -# It is recommended to use it with quotes. -appVersion: "v0.0.1" - -keywords: - - ethereum - - lido - - validators - - exits - -home: https://nethermind.io/ - -dependencies: -- name: common - repository: file://../common - version: 1.0.0 diff --git a/charts/validator-ejector/templates/_helpers.tpl b/charts/validator-ejector/templates/_helpers.tpl deleted file mode 100644 index 0290a7598..000000000 --- a/charts/validator-ejector/templates/_helpers.tpl +++ /dev/null @@ -1,62 +0,0 @@ -{{/* -Expand the name of the chart. -*/}} -{{- define "ejector.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "ejector.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "ejector.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "ejector.labels" -}} -helm.sh/chart: {{ include "ejector.chart" . }} -{{ include "ejector.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "ejector.selectorLabels" -}} -app.kubernetes.io/name: {{ include "ejector.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "ejector.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "ejector.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/charts/validator-ejector/templates/external-secret.yaml b/charts/validator-ejector/templates/external-secret.yaml deleted file mode 100644 index 8adf62f98..000000000 --- a/charts/validator-ejector/templates/external-secret.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if .Values.global.externalSecrets.enabled }} -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: eso-{{ include "common.names.fullname" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} -spec: - refreshInterval: 10m - secretStoreRef: - name: {{ .Values.global.externalSecrets.secretStoreRef.name }} - kind: {{ .Values.global.externalSecrets.secretStoreRef.kind }} - target: - name: eso-{{ include "common.names.fullname" . }} - creationPolicy: Owner - data: - {{- .Values.global.externalSecrets.data | toYaml | trim | nindent 2 }} -{{- end }} \ No newline at end of file diff --git a/charts/validator-ejector/templates/service.yaml b/charts/validator-ejector/templates/service.yaml deleted file mode 100644 index e87b596b5..000000000 --- a/charts/validator-ejector/templates/service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "ejector.fullname" . }} - labels: - {{- include "ejector.labels" . | nindent 4 }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.ejector.httpPort }} - targetPort: metrics - protocol: TCP - name: metrics - selector: - {{- include "ejector.selectorLabels" . | nindent 4 }} diff --git a/charts/validator-ejector/templates/serviceaccount.yaml b/charts/validator-ejector/templates/serviceaccount.yaml deleted file mode 100644 index cb2edd11f..000000000 --- a/charts/validator-ejector/templates/serviceaccount.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if or .Values.global.serviceAccount.create .Values.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "common.names.serviceAccountName" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/validator-ejector/templates/servicemonitor.yaml b/charts/validator-ejector/templates/servicemonitor.yaml deleted file mode 100644 index bd99c3387..000000000 --- a/charts/validator-ejector/templates/servicemonitor.yaml +++ /dev/null @@ -1,41 +0,0 @@ -{{- if .Values.serviceMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ include "common.names.fullname" . }} - {{- if .Values.serviceMonitor.namespace }} - namespace: {{ .Values.serviceMonitor.namespace }} - {{- else }} - namespace: {{ .Release.Namespace | quote }} - {{- end }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.serviceMonitor.additionalLabels }} - {{- toYaml .Values.serviceMonitor.additionalLabels | nindent 4 }} - {{- end }} -spec: - endpoints: - - port: metrics - path: /metrics - {{- if .Values.serviceMonitor.interval }} - interval: {{ .Values.serviceMonitor.interval }} - {{- end }} - {{- if .Values.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.serviceMonitor.scrapeTimeout }} - {{- end }} - {{- if .Values.serviceMonitor.honorLabels }} - honorLabels: {{ .Values.serviceMonitor.honorLabels }} - {{- end }} - {{- if .Values.serviceMonitor.relabelings }} - relabelings: {{- toYaml .Values.serviceMonitor.relabelings | nindent 6 }} - {{- end }} - {{- if .Values.serviceMonitor.metricRelabelings }} - metricRelabelings: {{- toYaml .Values.serviceMonitor.metricRelabelings | nindent 6 }} - {{- end }} - namespaceSelector: - matchNames: - - {{ .Release.Namespace }} - selector: - matchLabels: - {{- include "common.labels.matchLabels" . | nindent 6 }} -{{- end }} \ No newline at end of file diff --git a/charts/validator-ejector/templates/statefulset.yaml b/charts/validator-ejector/templates/statefulset.yaml deleted file mode 100644 index e52428190..000000000 --- a/charts/validator-ejector/templates/statefulset.yaml +++ /dev/null @@ -1,201 +0,0 @@ -apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }} -kind: StatefulSet -metadata: - name: {{ include "common.names.fullname" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} -spec: - replicas: {{ .Values.global.replicaCount }} - selector: - matchLabels: - {{- include "common.labels.matchLabels" . | nindent 6 }} - serviceName: {{ include "common.names.fullname" . }} - template: - metadata: - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "common.labels.matchLabels" . | nindent 8 }} - spec: - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "ejector.serviceAccountName" . }} - securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} - containers: - - name: loader - image: "{{ .Values.global.loader.repository }}:{{ .Values.global.loader.tag }}" - imagePullPolicy: {{ .Values.global.loader.pullPolicy }} - securityContext: - runAsNonRoot: false - runAsUser: 0 - env: - - name: EIP2335_PASSWORD - valueFrom: - secretKeyRef: - name: eso-{{ include "common.names.fullname" . }} - key: MESSAGES_PASSWORD - - name: ENCRYPTION - value: {{ .Values.loader.ENCRYPTION | quote }} - - name: ENCRYPT_WITH_METADATA - value: {{ .Values.loader.ENCRYPT_WITH_METADATA | quote }} - - name: BEACON_ENDPOINT - value: {{ .Values.loader.BEACON_ENDPOINT | quote }} - - name: CUSTODIAN_WEB3SIGNER_MAPPER - value: {{ .Values.loader.CUSTODIAN_WEB3SIGNER_MAPPER | quote }} - - name: STORAGE_LOCATION - value: {{ .Values.loader.STORAGE_LOCATION | quote }} - - name: FETCH_INTERVAL - value: {{ .Values.loader.FETCH_INTERVAL | quote }} - - name: LOADER_MAPPER - value: {{ .Values.loader.LOADER_MAPPER | quote }} - - name: SIGNER_MAPPER - value: {{ .Values.loader.SIGNER_MAPPER | quote }} - - name: KEY_LOADER_TYPE - value: {{ .Values.loader.KEY_LOADER_TYPE | quote }} - - name: ENCRYPTION_TYPE - value: {{ .Values.loader.ENCRYPTION_TYPE | quote }} - - name: LidoKAPI_OPERATOR_ID - value: {{ .Values.loader.LidoKAPI_OPERATOR_ID | quote }} - - name: LidoKAPI_KEYS_PERCENT - value: {{ .Values.loader.LidoKAPI_KEYS_PERCENT | quote }} - volumeMounts: - - name: data-ejector - mountPath: /data -# - name: init-ejector -# image: "{{ .Values.global.initImage.repository }}:{{ .Values.global.initImage.tag }}" -# imagePullPolicy: {{ .Values.global.initImage.pullPolicy }} -# securityContext: -# runAsNonRoot: false -# runAsUser: 0 -# env: -# - name: POD_NAME -# valueFrom: -# fieldRef: -# fieldPath: metadata.name -# - name: POD_NAMESPACE -# valueFrom: -# fieldRef: -# fieldPath: metadata.namespace -# command: -# - sh -# - -c -# - > -# echo "Namespace: ${POD_NAMESPACE} Pod: ${POD_NAME}"; -# {{- if and .Values.persistence.enabled .Values.initChownData }} -# chown -R {{ .Values.global.securityContext.runAsUser }}:{{ .Values.global.securityContext.runAsUser }} /data | true; -# {{- end }} -# echo "Loading encrypted messages from eth-exit-messages" -# volumeMounts: -# - name: data-ejector -# mountPath: /data - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.global.image.repository }}:{{ .Values.global.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.global.image.pullPolicy }} - env: - - name: EXECUTION_NODE - value: "{{ .Values.ejector.execution }}" - - name: CONSENSUS_NODE - value: "{{ .Values.ejector.consensus }}" - - name: LOCATOR_ADDRESS - value: "{{ .Values.ejector.locatorAddress }}" - - name: STAKING_MODULE_ID - value: "{{ .Values.ejector.stakingModuleId }}" - - name: OPERATOR_ID - value: "{{ .Values.ejector.operatorId }}" - - name: MESSAGES_LOCATION - value: "{{ .Values.ejector.messagesLocation }}" - - name: VALIDATOR_EXIT_WEBHOOK - value: "{{ .Values.ejector.validatorExitWebhook }}" - - name: BLOCKS_PRELOAD - value: "{{ .Values.ejector.blocksPreload }}" - - name: BLOCKS_LOOP - value: "{{ .Values.ejector.blocksLoop }}" - - name: JOB_INTERVAL - value: "{{ .Values.ejector.jobInterval }}" - - name: HTTP_PORT - value: "{{ .Values.ejector.httpPort }}" - - name: RUN_METRICS - value: "{{ .Values.ejector.runMetrics }}" - - name: RUN_HEALTH_CHECK - value: "{{ .Values.ejector.runHealthCheck }}" - - name: LOGGER_LEVEL - value: "{{ .Values.ejector.loggerLevel }}" - - name: LOGGER_FORMAT - value: "{{ .Values.ejector.loggerFormat }}" - - name: DRY_RUN - value: "{{ .Values.ejector.dryRun }}" - {{- if .Values.global.externalSecrets.enabled }} - envFrom: - - secretRef: - name: eso-{{ include "common.names.fullname" . }} - {{- end }} - {{- if .Values.ejector.runMetrics }} - ports: - - name: metrics - containerPort: {{ .Values.ejector.httpPort }} - protocol: TCP - {{- if .Values.ejector.runHealthCheckDISABLED }} - livenessProbe: - httpGet: - path: /metrics - port: metrics - initialDelaySeconds: 30 - timeoutSeconds: 3 - periodSeconds: 30 - failureThreshold: 3 - successThreshold: 1 - readinessProbe: - httpGet: - path: /metrics - port: metrics - initialDelaySeconds: 15 - timeoutSeconds: 3 - periodSeconds: 30 - failureThreshold: 3 - successThreshold: 1 - {{- end }} - {{- end }} - resources: - {{- toYaml .Values.resources | nindent 12 }} - volumeMounts: - - name: data-ejector - mountPath: /data - volumes: - {{- if (not .Values.persistence.enabled) }} - - name: data-ejector - emptyDir: {} - {{- end }} - volumeClaimTemplates: - - metadata: - name: data-ejector - labels: - {{- include "common.labels.statefulset" . | nindent 10 }} - {{- with .Values.persistence.annotations }} - annotations: - {{ toYaml . | nindent 10 | trim }} - {{- end }} - spec: - accessModes: {{ .Values.persistence.accessModes }} - storageClassName: {{ .Values.persistence.storageClassName }} - resources: - requests: - storage: {{ .Values.persistence.size | quote }} \ No newline at end of file diff --git a/charts/validator-ejector/values.yaml b/charts/validator-ejector/values.yaml deleted file mode 100644 index 98a3f1295..000000000 --- a/charts/validator-ejector/values.yaml +++ /dev/null @@ -1,191 +0,0 @@ -# Default values for web3signer. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -global: - serviceAccount: - create: true - - replicaCount: 1 - - externalSecrets: - enabled: false - secretStoreRef: secretStoreRef - data: - - secretKey: MESSAGES_PASSWORD - remoteRef: - key: validatorEjectorSecrets - property: message - - secretKey: LOGGER_SECRETS - remoteRef: - key: validatorEjectorSecrets - property: loggerSecrets - - secretKey: ORACLE_ADDRESSES_ALLOWLIST - remoteRef: - key: validatorEjectorSecrets - property: oracleAddressesAllowlist - - initImage: - repository: "bitnami/kubectl" - tag: "1.26" - pullPolicy: IfNotPresent - - image: - repository: lidofinance/validator-ejector - pullPolicy: IfNotPresent - tag: "dev" - - loader: - repository: nethermindeth/eth-exit-messages - pullPolicy: IfNotPresent - tag: "v0.0.15" - -loader: - EIP2335_PASSWORD: "test" - ENCRYPTION: "EIP2335" - ENCRYPT_WITH_METADATA: "false" - BEACON_ENDPOINT: "http://192.168.11.104:5052" - CUSTODIAN_WEB3SIGNER_MAPPER: '{"custodian1/second": "http://192.168.11.104:9110"}' - STORAGE_LOCATION: "local/" - FETCH_INTERVAL: "60" - SIGNER_MAPPER: '{}' - LOADER_MAPPER: '{}' - KEY_LOADER_TYPE: "WEB3SIGNER" - ENCRYPTION_TYPE: "EIP2335" - LidoKAPI_OPERATOR_ID: "" - LidoKAPI_KEYS_PERCENT: "5" - -ejector: - ## Ethereum Consensus Node endpoint - consensus: "http://localhost:4000" - ## Ethereum Execution Node endpoint - execution: "http://localhost:8545" - ## Address of the Locator contract, can be found in the lido-dao repo - locatorAddress: "0x12cd349E19Ab2ADBE478Fc538A66C059Cf40CFeC" - ## Staking Module ID for which operator ID is set - stakingModuleId: "123" - ## Operator ID in the Node Operators registry, easiest to get from Operators UI - operatorId: "123" - ## Folder to load json exit message files from - messagesLocation: "messages" - ## POST validator info to an endpoint instead of sending out an exit message in order to initiate an exit. - ## Required if you are using webhook mode - validatorExitWebhook: "" - ## Amount of blocks to load events from on start. - ## Increase if daemon was not running for some time. Defaults to a day of blocks - blocksPreload: 7200 - ## Amount of blocks to load events from on every poll. Defaults to 1 epoch - blocksLoop: 32 - ## Time interval in milliseconds to run checks. Defaults to time of 1 epoch - jobInterval: 384000 - ## Port to serve metrics and health check on - httpPort: 2122 - ## Enable metrics endpoint - runMetrics: true - ## Enable health check endpoint - runHealthCheck: true - ## Severity level from which to start showing errors eg info will hide debug messages - loggerLevel: "info" - ## Simple or JSON log output: simple/json - loggerFormat: "simple" - ## Run the service without actually sending out exit messages - dryRun: false - -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ -## -serviceAccount: - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - -podAnnotations: {} - -## Pod Security Context -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ -## -podSecurityContext: {} - -## Whether or not to allocate persistent volume disk for the data directory. -## In case of node failure, the node data directory will still persist. -## -persistence: - enabled: true - storageClassName: "" - accessModes: - - ReadWriteOnce - size: 5Gi - annotations: {} - -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - -service: - type: ClusterIP - port: 80 - -## Configure resource requests and limits. -## ref: http://kubernetes.io/docs/user-guide/compute-resources/ -## -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - -## Node labels for pod assignment -## ref: https://kubernetes.io/docs/user-guide/node-selection/ -## -nodeSelector: {} - -## Tolerations for pod assignment -## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -## -tolerations: {} - -## Affinity for pod assignment -## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -## -affinity: {} - -## Prometheus Service Monitor -## ref: https://github.com/coreos/prometheus-operator -## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint -## -serviceMonitor: - ## @param metrics.serviceMonitor.enabled Create ServiceMonitor resource(s) for scraping metrics using PrometheusOperator - ## - enabled: false - ## @param metrics.serviceMonitor.namespace The namespace in which the ServiceMonitor will be created - ## - namespace: "" - ## @param metrics.serviceMonitor.interval The interval at which metrics should be scraped - ## - interval: 30s - ## @param metrics.serviceMonitor.scrapeTimeout The timeout after which the scrape is ended - ## - scrapeTimeout: "" - ## @param metrics.serviceMonitor.relabellings Metrics RelabelConfigs to apply to samples before scraping. - ## - relabellings: [] - ## @param metrics.serviceMonitor.metricRelabelings Metrics RelabelConfigs to apply to samples before ingestion. - ## - metricRelabelings: [] - ## @param metrics.serviceMonitor.honorLabels Specify honorLabels parameter to add the scrape endpoint - ## - honorLabels: false - ## @param metrics.serviceMonitor.additionalLabels Additional labels that can be used so ServiceMonitor resource(s) can be discovered by Prometheus - ## - additionalLabels: {} diff --git a/charts/validator-kapi/.helmignore b/charts/validator-kapi/.helmignore deleted file mode 100644 index 0e8a0eb36..000000000 --- a/charts/validator-kapi/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/charts/validator-kapi/Chart.lock b/charts/validator-kapi/Chart.lock deleted file mode 100644 index 5d0847921..000000000 --- a/charts/validator-kapi/Chart.lock +++ /dev/null @@ -1,9 +0,0 @@ -dependencies: -- name: common - repository: file://../common - version: 1.0.0 -- name: postgresql - repository: https://charts.bitnami.com/bitnami/ - version: 12.2.6 -digest: sha256:10931c3310ac282e9608cc8d77176b6e16cf8ee299bba34b75d0d96d12145778 -generated: "2023-03-28T21:51:52.672669+02:00" diff --git a/charts/validator-kapi/Chart.yaml b/charts/validator-kapi/Chart.yaml deleted file mode 100644 index cdbaa9401..000000000 --- a/charts/validator-kapi/Chart.yaml +++ /dev/null @@ -1,41 +0,0 @@ -apiVersion: v2 -name: validator-kapi -description: A Helm chart for installing and configuring Lido's validator-kapi - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -# Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.1 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. Versions are not expected to -# follow Semantic Versioning. They should reflect the version the application is using. -# It is recommended to use it with quotes. -appVersion: "v0.0.1" - -keywords: - - ethereum - - lido - - validators - - exits - -home: https://nethermind.io/ - -dependencies: -- name: common - repository: file://../common - version: 1.0.0 -- name: postgresql - version: 12.2.6 - repository: https://charts.bitnami.com/bitnami/ - condition: postgresql.enabled diff --git a/charts/validator-kapi/templates/_helpers.tpl b/charts/validator-kapi/templates/_helpers.tpl deleted file mode 100644 index 88702ceb0..000000000 --- a/charts/validator-kapi/templates/_helpers.tpl +++ /dev/null @@ -1,62 +0,0 @@ -{{/* -Expand the name of the chart. -*/}} -{{- define "kapi.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "kapi.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "kapi.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "kapi.labels" -}} -helm.sh/chart: {{ include "kapi.chart" . }} -{{ include "kapi.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "kapi.selectorLabels" -}} -app.kubernetes.io/name: {{ include "kapi.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "kapi.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "kapi.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} diff --git a/charts/validator-kapi/templates/external-secret.yaml b/charts/validator-kapi/templates/external-secret.yaml deleted file mode 100644 index 8adf62f98..000000000 --- a/charts/validator-kapi/templates/external-secret.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{- if .Values.global.externalSecrets.enabled }} -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: eso-{{ include "common.names.fullname" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} -spec: - refreshInterval: 10m - secretStoreRef: - name: {{ .Values.global.externalSecrets.secretStoreRef.name }} - kind: {{ .Values.global.externalSecrets.secretStoreRef.kind }} - target: - name: eso-{{ include "common.names.fullname" . }} - creationPolicy: Owner - data: - {{- .Values.global.externalSecrets.data | toYaml | trim | nindent 2 }} -{{- end }} \ No newline at end of file diff --git a/charts/validator-kapi/templates/service.yaml b/charts/validator-kapi/templates/service.yaml deleted file mode 100644 index 20e08f080..000000000 --- a/charts/validator-kapi/templates/service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "kapi.fullname" . }} - labels: - {{- include "kapi.labels" . | nindent 4 }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.kapi.port }} - targetPort: api - protocol: TCP - name: api - selector: - {{- include "kapi.selectorLabels" . | nindent 4 }} diff --git a/charts/validator-kapi/templates/serviceaccount.yaml b/charts/validator-kapi/templates/serviceaccount.yaml deleted file mode 100644 index cb2edd11f..000000000 --- a/charts/validator-kapi/templates/serviceaccount.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if or .Values.global.serviceAccount.create .Values.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "common.names.serviceAccountName" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/validator-kapi/templates/servicemonitor.yaml b/charts/validator-kapi/templates/servicemonitor.yaml deleted file mode 100644 index bd99c3387..000000000 --- a/charts/validator-kapi/templates/servicemonitor.yaml +++ /dev/null @@ -1,41 +0,0 @@ -{{- if .Values.serviceMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ include "common.names.fullname" . }} - {{- if .Values.serviceMonitor.namespace }} - namespace: {{ .Values.serviceMonitor.namespace }} - {{- else }} - namespace: {{ .Release.Namespace | quote }} - {{- end }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.serviceMonitor.additionalLabels }} - {{- toYaml .Values.serviceMonitor.additionalLabels | nindent 4 }} - {{- end }} -spec: - endpoints: - - port: metrics - path: /metrics - {{- if .Values.serviceMonitor.interval }} - interval: {{ .Values.serviceMonitor.interval }} - {{- end }} - {{- if .Values.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.serviceMonitor.scrapeTimeout }} - {{- end }} - {{- if .Values.serviceMonitor.honorLabels }} - honorLabels: {{ .Values.serviceMonitor.honorLabels }} - {{- end }} - {{- if .Values.serviceMonitor.relabelings }} - relabelings: {{- toYaml .Values.serviceMonitor.relabelings | nindent 6 }} - {{- end }} - {{- if .Values.serviceMonitor.metricRelabelings }} - metricRelabelings: {{- toYaml .Values.serviceMonitor.metricRelabelings | nindent 6 }} - {{- end }} - namespaceSelector: - matchNames: - - {{ .Release.Namespace }} - selector: - matchLabels: - {{- include "common.labels.matchLabels" . | nindent 6 }} -{{- end }} \ No newline at end of file diff --git a/charts/validator-kapi/templates/statefulset.yaml b/charts/validator-kapi/templates/statefulset.yaml deleted file mode 100644 index c6ad0580a..000000000 --- a/charts/validator-kapi/templates/statefulset.yaml +++ /dev/null @@ -1,102 +0,0 @@ -apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }} -kind: StatefulSet -metadata: - name: {{ include "common.names.fullname" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} -spec: - replicas: {{ .Values.global.replicaCount }} - selector: - matchLabels: - {{- include "common.labels.matchLabels" . | nindent 6 }} - serviceName: {{ include "common.names.fullname" . }} - template: - metadata: - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "common.labels.matchLabels" . | nindent 8 }} - spec: - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "kapi.serviceAccountName" . }} - securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.global.image.repository }}:{{ .Values.global.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.global.image.pullPolicy }} - env: - - name: NODE_ENV - value: "{{ .Values.kapi.env }}" - - name: PORT - value: "{{ .Values.kapi.port }}" - {{- with .Values.postgresql }} - - name: DB_NAME - value: "{{ .auth.database }}" - - name: DB_HOST - value: "{{ .hostname }}" - - name: DB_USER - value: "{{ .auth.username }}" - - name: DB_PASSWORD - value: "{{ .auth.postgresPassword }}" - - name: DB_PORT - value: "{{ .service.ports.postgresql }}" - {{- end }} - - name: CORS_WHITELIST_REGEXP - value: "{{ .Values.kapi.corsWhitelistRegexp }}" - - name: JOB_INTERVAL_REGISTRY - value: "{{ .Values.kapi.jobIntervalRegistry }}" - - name: JOB_INTERVAL_VALIDATORS_REGISTRY - value: "{{ .Values.kapi.jobIntervalValidatorsRegistry }}" - - name: PROVIDER_JSON_RPC_MAX_BATCH_SIZE - value: "{{ .Values.kapi.providerJsonRpcMaxBatchSize }}" - - name: PROVIDER_CONCURRENT_REQUESTS - value: "{{ .Values.kapi.providerConcurrentRequests }}" - - name: PROVIDER_BATCH_AGGREGATION_WAIT_MS - value: "{{ .Values.kapi.providerBatchAggregationWaitMs }}" - - name: LOG_LEVEL - value: "{{ .Values.kapi.logLevel }}" - - name: LOG_FORMAT - value: "{{ .Values.kapi.logFormat }}" - - name: CHAIN_ID - value: "{{ .Values.kapi.chainId }}" - - name: PROVIDERS_URLS - value: "{{ .Values.kapi.execution }}" - - name: CL_API_URLS - value: "{{ .Values.kapi.consensus }}" - - name: GLOBAL_THROTTLE_TTL - value: "{{ .Values.kapi.globalThrottleTTL }}" - - name: GLOBAL_THROTTLE_LIMIT - value: "{{ .Values.kapi.globalThrottleLimit }}" - - name: GLOBAL_CACHE_TTL - value: "{{ .Values.kapi.globalCacheTTL }}" - {{- if .Values.global.externalSecrets.enabled }} - envFrom: - - secretRef: - name: eso-{{ include "common.names.fullname" . }} - {{- end }} - ports: - - name: api - containerPort: {{ .Values.kapi.port }} - protocol: TCP - resources: - {{- toYaml .Values.resources | nindent 12 }} \ No newline at end of file diff --git a/charts/validator-kapi/values.yaml b/charts/validator-kapi/values.yaml deleted file mode 100644 index 0384d22e3..000000000 --- a/charts/validator-kapi/values.yaml +++ /dev/null @@ -1,220 +0,0 @@ -# Default values for web3signer. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -global: - serviceAccount: - create: true - - replicaCount: 1 - - externalSecrets: - enabled: false - secretStoreRef: secretStoreRef - data: - - secretKey: DB_NAME - remoteRef: - key: validatorKapiSecrets - property: dbName - - secretKey: DB_PORT - remoteRef: - key: validatorKapiSecrets - property: dbPort - - secretKey: DB_HOST - remoteRef: - key: validatorKapiSecrets - property: dbHost - - secretKey: DB_USER - remoteRef: - key: validatorKapiSecrets - property: dbUser - - secretKey: DB_PASSWORD - remoteRef: - key: validatorKapiSecrets - property: dbPassword - - image: - repository: lidofinance/lido-keys-api - pullPolicy: IfNotPresent - tag: "stable" - -kapi: - env: "production" - # Application port - port: 3000 - # The number of seconds that each request will last in storage - corsWhitelistRegexp: "" - jobIntervalRegistry: "*/5 * * * * *" - jobIntervalValidatorsRegistry: "*/10 * * * * *" - globlaThrottleTTL: 5 - # FallbackProviderModule request policy parameters - # values below are default - providerJsonRpcMaxBatchSize: 100 - providerConcurrentRequests: 5 - providerBatchAggregationWaitMs: 10 - # The maximum number of requests within the TTL limit - globalThrottleLimit: 100 - # Cache expiration time in seconds - globalCacheTTL: 1 - # Log level: debug, info, notice, warning or error - logLevel: debug - # Log format: simple or json - logFormat: json - # EL Node provider - # You could provide few providers for fallback - execution: http://your_el_node1,http://your_el_node2 - # chain id - chainId: 1 - # It is possible to enable/disable collecting of validators - # value below is default - validatorRegistryEnable: true - # CL api urls - # if VALIDATOR_REGISTRY_ENABLE=false , there are no need to provide CL_API_URLS - consensus: http://your_cl_node1,http://your_cl_node2 - -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ -## -serviceAccount: - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - -podAnnotations: {} - -## Pod Security Context -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ -## -podSecurityContext: {} - -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - -service: - type: ClusterIP - port: 80 - -## PostgreSQL Server -## ref: https://github.com/bitnami/charts/tree/master/bitnami/postgresql -## -postgresql: - enabled: true - volumePermissions: - enabled: true - image: - registry: docker.io - repository: bitnami/bitnami-shell - tag: 11-debian-11-r99 - pullPolicy: Always - securityContext: - runAsUser: 0 - securityContext: - enabled: true - fsGroup: 1001 - containerSecurityContext: - enabled: true - runAsUser: 1001 - rbac: - create: false - hostname: postgresql - audit: - logHostname: true - auth: - username: "postgres" - password: "kapi" - database: "kapi" - postgresPassword: "kapi-admin" - existingSecret: "" - secretKeys: - adminPasswordKey: "" - userPasswordKey: "" - replicationPasswordKey: "" - service: - ports: - postgresql: 5432 - primary: - persistence: - enabled: true - mountPath: /bitnami/postgresql - subPath: '' - accessModes: - - ReadWriteOnce - size: 20Gi - annotations: { } - selector: { } - resources: - requests: - memory: 384Mi - cpu: 250m - networkPolicy: - enabled: false - tls: - enabled: false - metrics: - enabled: true - -## Configure resource requests and limits. -## ref: http://kubernetes.io/docs/user-guide/compute-resources/ -## -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - -## Node labels for pod assignment -## ref: https://kubernetes.io/docs/user-guide/node-selection/ -## -nodeSelector: {} - -## Tolerations for pod assignment -## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -## -tolerations: {} - -## Affinity for pod assignment -## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -## -affinity: {} - -## Prometheus Service Monitor -## ref: https://github.com/coreos/prometheus-operator -## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint -## -serviceMonitor: - ## @param metrics.serviceMonitor.enabled Create ServiceMonitor resource(s) for scraping metrics using PrometheusOperator - ## - enabled: false - ## @param metrics.serviceMonitor.namespace The namespace in which the ServiceMonitor will be created - ## - namespace: "" - ## @param metrics.serviceMonitor.interval The interval at which metrics should be scraped - ## - interval: 30s - ## @param metrics.serviceMonitor.scrapeTimeout The timeout after which the scrape is ended - ## - scrapeTimeout: "" - ## @param metrics.serviceMonitor.relabellings Metrics RelabelConfigs to apply to samples before scraping. - ## - relabellings: [] - ## @param metrics.serviceMonitor.metricRelabelings Metrics RelabelConfigs to apply to samples before ingestion. - ## - metricRelabelings: [] - ## @param metrics.serviceMonitor.honorLabels Specify honorLabels parameter to add the scrape endpoint - ## - honorLabels: false - ## @param metrics.serviceMonitor.additionalLabels Additional labels that can be used so ServiceMonitor resource(s) can be discovered by Prometheus - ## - additionalLabels: {} diff --git a/charts/validators-eso/.helmignore b/charts/validators-eso/.helmignore deleted file mode 100644 index 0e8a0eb36..000000000 --- a/charts/validators-eso/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/charts/validators-eso/Chart.yaml b/charts/validators-eso/Chart.yaml deleted file mode 100644 index 122070347..000000000 --- a/charts/validators-eso/Chart.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: v2 -name: validators-eso -description: A Helm chart for installing validators with the web3signer. - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -# Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.1 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. Versions are not expected to -# follow Semantic Versioning. They should reflect the version the application is using. -# It is recommended to use it with quotes. -appVersion: "v0.0.1" - -keywords: - - ethereum - - blockchain - - lighthouse - - prysm - - teku - - validators - diff --git a/charts/validators-eso/templates/_helpers.tpl b/charts/validators-eso/templates/_helpers.tpl deleted file mode 100644 index c67ba1fef..000000000 --- a/charts/validators-eso/templates/_helpers.tpl +++ /dev/null @@ -1,139 +0,0 @@ -{{/* -Expand the name of the chart. -*/}} -{{- define "validators.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "validators.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "validators.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "validators.labels" -}} -helm.sh/chart: {{ include "validators.chart" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -component: validator -{{- end }} - -{{/* -Additional components labels -*/}} -{{- define "validator.labels" -}} component: validator {{- end }} - -{{/* -Selector labels -*/}} -{{- define "validators.selectorLabels" -}} -app.kubernetes.io/name: {{ include "validators.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -component: validator -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "validators.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "validators.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} - -{{/* -Update permissions on files inside /data directory -*/}} -{{- define "init-chown" -}} -- name: init-chown - image: "{{ .Values.initImageBusybox.repository }}:{{ .Values.initImageBusybox.tag }}" - imagePullPolicy: {{ .Values.initImageBusybox.pullPolicy }} - securityContext: - runAsUser: 0 - command: ["chown", "-R", "{{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.runAsUser }}", "/data"] - volumeMounts: - - name: data - mountPath: /data -{{- end }} - -{{/* -Validator beacon node -*/}} -{{- define "beacon-rpc-node" -}} -{{- if eq $.Values.type "prysm" }} -- "--beacon-rpc-provider={{ $.Values.beaconChainRpcEndpoints | join "," }}" -{{- else if eq $.Values.type "lighthouse" }} -- "--beacon-nodes={{ $.Values.beaconChainRpcEndpoints | join "," }}" -{{- else if eq $.Values.type "teku" }} -- "--beacon-node-api-endpoint={{ $.Values.beaconChainRpcEndpoints | join "," }}" -{{- else if eq $.Values.type "nimbus" }} -- "--beacon-node={{ $.Values.beaconChainRpcEndpoints | join "," }}" -{{- else if eq $.Values.type "lodestar" }} -- "--beaconNodes={{ $.Values.beaconChainRpcEndpoints | join "," }}" -{{- end }} -{{- end }} - -{{/* -Validator graffiti -*/}} -{{- define "validator-graffiti" -}} -{{- if $.Values.graffiti }} -{{- if or (eq $.Values.type "prysm") (eq $.Values.type "lighthouse") }} -- "--graffiti={{ $.Values.graffiti }}" -{{- else if eq $.Values.type "teku" }} -- "--validators-graffiti={{ $.Values.graffiti }}" -{{- end }} -{{- end }} -{{- end }} - -{{/* -Validator web3signer endpoint -*/}} -{{- define "web3signer" -}} -{{- if $.Values.global.label }} -{{- default "http://web3signer-{{ $.Values.global.label }}-web3signer-eso:6174" }} -{{- end }} -{{- end }} - -{{- define "flatten_list" -}} - {{- $output := list -}} - {{- range . -}} - {{- if (kindIs "slice" . ) -}} - {{- $output = (concat $output ( get (fromYaml (include "flatten_list" . ) ) "list" ) ) -}} - {{- else -}} - {{- $output = (append $output . ) -}} - {{- end -}} - {{- end -}} - {{- toYaml (dict "list" $output) -}} -{{- end -}} - -{{- define "flatten" -}} - {{- get ( fromYaml (include "flatten_list" . ) ) "list" | uniq | join "," }} -{{- end -}} \ No newline at end of file diff --git a/charts/validators-eso/templates/configmap.yaml b/charts/validators-eso/templates/configmap.yaml deleted file mode 100644 index 1b29a4645..000000000 --- a/charts/validators-eso/templates/configmap.yaml +++ /dev/null @@ -1,61 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ template "validators.fullname" . }}-init - labels: - {{- include "validators.labels" . | nindent 4 }} -data: - init-beacon-endpoints.sh: | - #!/bin/bash - echo "Looking for beacon endpoints for validator client: $BEACON_CLIENT, counter: $COUNTER" - BEACON_CLIENT=lighthouse - counter=$COUNTER - if [[ -n "${BEACON_CHAIN_RPC_ENDPOINTS_RANDOMIZED}" ]]; then - beacon_endpoints="${BEACON_CHAIN_RPC_ENDPOINTS_RANDOMIZED}" - else - BEACON_PODS=$(kubectl -n ${POD_NAMESPACE} get pods -l "beacon=$BEACON_CLIENT" -o jsonpath='{.items[*].metadata.name}') - BEACON_API_SERVICES=$(kubectl -n ${POD_NAMESPACE} get services -l "type=api,beacon=$BEACON_CLIENT" -o jsonpath='{.items[*].metadata.name}') - # Extract metadata.name fields - IFS=' ' read -r -a beacon_service_names <<< "$BEACON_API_SERVICES" - IFS=' ' read -r -a beacon_pod_names <<< "$BEACON_PODS" - echo "Pod names:" - printf '%s\n' "${beacon_pod_names[@]}" - # Calculate the number of endpoints and pods - num_endpoints=${#beacon_service_names[@]} - num_pods=${#beacon_pod_names[@]} - # Calculate the index range for each pod - if [ "$counter" -ne 0 ]; then - # Calculate the start index based on counter - start_index=$((($counter - 1) % $num_pods)) - # Rearrange the pod names based on start_index - rearranged_pod_names=("${beacon_pod_names[@]:$start_index}" "${beacon_pod_names[@]:0:$start_index}") - else - rearranged_pod_names=("${beacon_pod_names[@]}") - fi - # Variable to store beacon endpoints - beacon_endpoints="" - # Loop through the endpoint range for each pod - for ((i = 0; i < $num_endpoints; i++)); do - service=${beacon_service_names[$i]} - echo "API Service: $service" - # Loop through rearranged_pod_names and echo pods with matching name - for pod in "${rearranged_pod_names[@]}"; do - if [[ $pod == *"$service"* ]]; then - echo " Matching Pod: $pod" - beacon_endpoint="http://$pod.$service.$POD_NAMESPACE:$BEACON_PORT" - # Append the beacon_endpoint to beacon_endpoints - if [ -z "$beacon_endpoints" ]; then - beacon_endpoints="$beacon_endpoint" - else - beacon_endpoints="$beacon_endpoints,$beacon_endpoint" - fi - echo " Beacon Endpoint for Validator: $beacon_endpoint" - fi - done - done - # Store beacon_endpoints in the file - echo "BEACON_ENDPOINTS=$beacon_endpoints" > /data/beacon_endpoints.txt - kubectl annotate pod "$POD_NAME" beacon-endpoints="$beacon_endpoints" --namespace="$POD_NAMESPACE" - cat /data/beacon_endpoints.txt - fi diff --git a/charts/validators-eso/templates/external-secret.yaml b/charts/validators-eso/templates/external-secret.yaml deleted file mode 100644 index 90797da17..000000000 --- a/charts/validators-eso/templates/external-secret.yaml +++ /dev/null @@ -1,22 +0,0 @@ -{{- if .Values.externalSecrets.enabled }} -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: eso-{{ template "validators.fullname" . }} - labels: - {{- include "validators.labels" . | nindent 4 }} -spec: - refreshInterval: 10m - secretStoreRef: - name: {{ .Values.externalSecrets.secretStoreRef.name }} - kind: {{ .Values.externalSecrets.secretStoreRef.kind }} - target: - name: eso-{{ template "validators.fullname" . }} - creationPolicy: Owner - data: - - secretKey: ESO_DB_KEYSTORE_URL - remoteRef: - key: {{ .Values.global.label }}-external-secrets - property: dbKeystoreUrl - {{- .Values.externalSecrets.data | toYaml | trim | nindent 2 }} -{{- end }} \ No newline at end of file diff --git a/charts/validators-eso/templates/prometheusrules.yaml b/charts/validators-eso/templates/prometheusrules.yaml deleted file mode 100644 index 420c5590d..000000000 --- a/charts/validators-eso/templates/prometheusrules.yaml +++ /dev/null @@ -1,22 +0,0 @@ -{{- if and .Values.metrics.enabled .Values.metrics.prometheusRule.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: PrometheusRule -metadata: - name: {{ template "validators.fullname" . }} - {{- if .Values.metrics.prometheusRule.namespace }} - namespace: {{ .Values.metrics.prometheusRule.namespace }} - {{- else }} - namespace: {{ .Release.Namespace | quote }} - {{- end }} - labels: - {{- include "validators.labels" . | nindent 4 }} - {{- if .Values.metrics.prometheusRule.additionalLabels }} - {{- toYaml .Values.metrics.prometheusRule.additionalLabels | nindent 4 }} - {{- end }} -spec: - groups: - {{- with .Values.metrics.prometheusRule.rules }} - - name: {{ template "validators.fullname" $ }} - rules: {{- tpl (toYaml .) $ | nindent 8 }} - {{- end }} -{{- end }} diff --git a/charts/validators-eso/templates/role.yaml b/charts/validators-eso/templates/role.yaml deleted file mode 100644 index f339c496c..000000000 --- a/charts/validators-eso/templates/role.yaml +++ /dev/null @@ -1,10 +0,0 @@ -{{- if and .Values.global.rbac.create .Values.beaconChainRpcEndpointsAutoDiscovery -}} -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: {{ template "validators.fullname" . }} - labels: - {{- include "validators.labels" . | nindent 4 }} -rules: -{{- toYaml .Values.global.rbac.rules | nindent 0 }} -{{- end }} diff --git a/charts/validators-eso/templates/rolebinding.yaml b/charts/validators-eso/templates/rolebinding.yaml deleted file mode 100644 index f986239fa..000000000 --- a/charts/validators-eso/templates/rolebinding.yaml +++ /dev/null @@ -1,15 +0,0 @@ -{{- if or .Values.global.rbac.create .Values.rbac.create }} -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: {{ template "validators.fullname" . }}-binding - labels: - {{- include "validators.labels" . | nindent 4 }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: {{ template "validators.fullname" . }} -subjects: - - kind: ServiceAccount - name: {{ include "validators.serviceAccountName" . }} -{{- end }} diff --git a/charts/validators-eso/templates/serviceaccount.yaml b/charts/validators-eso/templates/serviceaccount.yaml deleted file mode 100644 index 241cc4a97..000000000 --- a/charts/validators-eso/templates/serviceaccount.yaml +++ /dev/null @@ -1,13 +0,0 @@ -{{- if .Values.serviceAccount.create -}} ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ template "validators.serviceAccountName" . }} - labels: - {{- include "validators.labels" . | nindent 4 }} - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} \ No newline at end of file diff --git a/charts/validators-eso/templates/servicemonitor.yaml b/charts/validators-eso/templates/servicemonitor.yaml deleted file mode 100644 index 7316d81dc..000000000 --- a/charts/validators-eso/templates/servicemonitor.yaml +++ /dev/null @@ -1,41 +0,0 @@ -{{- if and .Values.metrics.enabled .Values.metrics.serviceMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ template "validators.fullname" . }} - {{- if .Values.metrics.serviceMonitor.namespace }} - namespace: {{ .Values.metrics.serviceMonitor.namespace }} - {{- else }} - namespace: {{ .Release.Namespace | quote }} - {{- end }} - labels: - {{- include "validators.labels" . | nindent 4 }} - {{- if .Values.metrics.serviceMonitor.additionalLabels }} - {{- toYaml .Values.metrics.serviceMonitor.additionalLabels | nindent 4 }} - {{- end }} -spec: - endpoints: - - port: metrics - path: /metrics - {{- if .Values.metrics.serviceMonitor.interval }} - interval: {{ .Values.metrics.serviceMonitor.interval }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.honorLabels }} - honorLabels: {{ .Values.metrics.serviceMonitor.honorLabels }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.relabelings }} - relabelings: {{- toYaml .Values.metrics.serviceMonitor.relabelings | nindent 6 }} - {{- end }} - {{- if .Values.metrics.serviceMonitor.metricRelabelings }} - metricRelabelings: {{- toYaml .Values.metrics.serviceMonitor.metricRelabelings | nindent 6 }} - {{- end }} - namespaceSelector: - matchNames: - - {{ .Release.Namespace }} - selector: - matchLabels: - {{- include "validators.selectorLabels" . | nindent 6 }} -{{- end }} diff --git a/charts/validators-eso/templates/statefulset.yaml b/charts/validators-eso/templates/statefulset.yaml deleted file mode 100644 index 3fed9649b..000000000 --- a/charts/validators-eso/templates/statefulset.yaml +++ /dev/null @@ -1,234 +0,0 @@ -{{- if .Values.enabled }} -{{- $root := . -}} -{{- $counter := 0 }} -{{- range (untilStep (int .Values.validatorsKeyIndex) (int (add .Values.validatorsKeyIndex .Values.validatorsCount)) 1) }} -{{ $counter = int (add1 $counter) }} - ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ template "validators.fullname" $root }}-validator{{.}} - labels: - {{- include "validator.labels" $root | nindent 4 }} -spec: - replicas: 1 - selector: - matchLabels: - {{- include "validators.selectorLabels" $root | nindent 6 }} - serviceName: {{ template "validators.fullname" $root }} - template: - metadata: - labels: - {{- include "validators.selectorLabels" $root | nindent 8 }} - annotations: - checksum/configmap: {{ include (print $root.Template.BasePath "/configmap.yaml") $root | sha256sum }} - spec: - {{- with (concat $root.Values.imagePullSecrets $root.Values.global.imagePullSecrets) }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $root.Values.terminationGracePeriodSeconds }} - terminationGracePeriodSeconds: {{ . }} - {{- end }} - {{- with $root.Values.affinity }} - affinity: - {{ toYaml . | nindent 8 | trim }} - {{- end }} - {{- with $root.Values.tolerations }} - tolerations: - {{ toYaml . | nindent 8 | trim }} - {{- end }} - {{- with $root.Values.nodeSelector }} - nodeSelector: - {{ toYaml . | nindent 8 | trim }} - {{- end }} - {{- with $root.Values.securityContext }} - securityContext: - {{ toYaml . | nindent 8 | trim }} - {{- end }} - serviceAccountName: "validators" - priorityClassName: {{ $root.Values.priorityClassName | quote }} - initContainers: - # - name: get-configs - # image: "{{ $root.Values.cliImage.repository }}:{{ $root.Values.cliImage.tag }}" - # imagePullPolicy: {{ $root.Values.cliImage.pullPolicy }} - # securityContext: - # runAsUser: 0 - # env: - # - name: WEB3SIGNER_URL - # value: {{ include "web3signer" $root }} - # - name: ESO_DB_KEYSTORE_URL - # valueFrom: - # secretKeyRef: - # name: eso-{{ template "validators.fullname" $root }} - # key: ESO_DB_KEYSTORE_URL - # args: - # - "sync-validator-keys" - # - "--db-url" - # - "$(ESO_DB_KEYSTORE_URL)" - # - "--output-dir" - # - "/data" - # - "--index" - # - "{{ . }}" - # - "--no-of-keys" - # - "{{ $root.Values.validatorsNoOfKeys }}" - # {{- if eq $root.Values.network "sepolia" }} - # - "--network" - # - "goerli" - # {{- else }} - # - "--network" - # - "{{ $root.Values.network }}" - # {{- end }} - # {{- if not $root.Values.enableBuilder }} - # - "--no-proposal-builder-enabled" - # {{- end }} - # volumeMounts: - # - name: data - # mountPath: /data - - name: init-beacon-endpoints - image: "{{ $root.Values.initImageKubectl.repository }}:{{ $root.Values.initImageKubectl.tag }}" - imagePullPolicy: {{ $root.Values.initImageKubectl.pullPolicy }} - securityContext: - runAsUser: 0 - env: - {{- if $.Values.beaconChainRpcEndpointsRandomized }} - - name: BEACON_CHAIN_RPC_ENDPOINTS_RANDOMIZED - value: "{{ $.Values.beaconChainRpcEndpointsRandomized | join "," }}" - {{- end }} - - name: COUNTER - value: "{{ $counter }}" - - name: BEACON_CLIENT - value: "{{ $root.Values.type }}" - - name: BEACON_PORT - value: "{{ index $root.Values.beaconPortMap $root.Values.type }}" - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - command: ['/bin/bash', '/scripts/init-beacon-endpoints.sh'] - volumeMounts: - - name: data - mountPath: /data - - name: scripts-init - mountPath: /scripts - # - name: prepare - # image: "{{ $root.Values.initImageBusybox.repository }}:{{ $root.Values.initImageBusybox.tag }}" - # imagePullPolicy: {{ $root.Values.initImageBusybox.pullPolicy }} - # securityContext: - # runAsUser: 0 - # command: - # - sh - # - -c - # - > - # ls -lha /data; - # mkdir -p /data/lighthouse/validators; - # cp /data/validator_definitions.yml /data/lighthouse/validators/validator_definitions.yml; - # cat /data/signer_keys.yml > /data/config; - # cat /data/config; - # cat /data/proposerConfig.json; - # cat /data/beacon_endpoints.txt - # chown -R {{ $root.Values.securityContext.runAsUser }}:{{ $root.Values.securityContext.runAsUser }} /data; - # volumeMounts: - # - name: data - # mountPath: /data - containers: - - name: validator - image: "{{ (pluck $root.Values.type $root.Values.image | first ).repository }}:{{ (pluck $root.Values.type $root.Values.image | first ).tag }}" - imagePullPolicy: {{ $root.Values.image.pullPolicy }} - env: - - name: BEACON_ENDPOINTS - valueFrom: - fieldRef: - fieldPath: metadata.annotations['beacon-endpoints'] - args: - {{- range (pluck $root.Values.type $root.Values.flags | first) }} - - {{ . | quote }} - {{- end -}} - - {{- if eq $root.Values.type "prysm" }} - - "--{{ $root.Values.network }}" - - "--config-file=/data/config" - - "--validators-external-signer-url={{ include "web3signer" $root }}" - - "--proposer-settings-file=/data/proposerConfig.json" - {{- else if eq $root.Values.type "lighthouse" }} - - "--network={{ $root.Values.network }}" - {{- else if eq $root.Values.type "teku" }} - - "--network=auto" - - "--config-file=/data/config" - - "--validators-external-signer-url={{ include "web3signer" $root }}" - - "--validators-proposer-config=/data/proposerConfig.json" - {{- if $root.Values.enableBuilder }} - - "--validators-proposer-blinded-blocks-enabled=true" - {{- end }} - {{- else if eq $root.Values.type "nimbus" }} - - "--network={{ $root.Values.network }}" - {{- if $root.Values.enableBuilder }} - - "--payload-builder=true" - {{- end }} - {{- else if eq $root.Values.type "lodestar" }} - - "--network={{ $root.Values.network }}" - - "--proposerSettingsFile=/data/proposerConfig.json" - - "--externalSigner.url={{ include "web3signer" $root }}" - {{- end }} - {{- include "validator-graffiti" $ | nindent 12 }} - - {{- if or $.Values.beaconChainRpcEndpointsAutoDiscovery }} - {{- if eq $.Values.type "prysm" }} - - "--beacon-rpc-provider=$(BEACON_ENDPOINTS)" - {{- else if eq $.Values.type "lighthouse" }} - - "--beacon-nodes=$(BEACON_ENDPOINTS)" - {{- else if eq $.Values.type "teku" }} - - "--beacon-node-api-endpoint=$(BEACON_ENDPOINTS)" - {{- else if eq $.Values.type "nimbus" }} - - "--beacon-node=$(BEACON_ENDPOINTS)" - {{- else if eq $.Values.type "lodestar" }} - - "--beaconNodes=$(BEACON_ENDPOINTS)" - {{- end }} - {{- else }} - {{- include "beacon-rpc-node" $ | nindent 12 }} - {{- end }} - - {{- if $root.Values.metrics.enabled }} - {{- range (pluck $root.Values.type $root.Values.metrics.flags | first) }} - - {{ . | quote }} - {{- end }} - {{- end }} - - {{- range (pluck $root.Values.type $root.Values.extraFlags | first) }} - - {{ . | quote }} - {{- end -}} - - {{- if $root.Values.metrics.enabled }} - ports: - - containerPort: {{ $root.Values.metrics.port }} - name: metrics - protocol: TCP - {{- end }} - {{- with (pluck $root.Values.type $root.Values.readinessProbe | first) }} - readinessProbe: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with (pluck $root.Values.type $root.Values.livenessProbe | first) }} - livenessProbe: - {{- toYaml . | nindent 12 }} - {{- end }} - {{- with $root.Values.resources }} - resources: - {{ toYaml . | nindent 12 }} - {{- end }} - volumeMounts: - - name: data - mountPath: /data - volumes: - - name: scripts-init - configMap: - name: {{ template "validators.fullname" $root }}-init - - name: data - emptyDir: {} -{{- end }} -{{- end }} diff --git a/charts/validators-eso/templates/svc.yaml b/charts/validators-eso/templates/svc.yaml deleted file mode 100644 index 824322a70..000000000 --- a/charts/validators-eso/templates/svc.yaml +++ /dev/null @@ -1,16 +0,0 @@ -{{- if .Values.metrics.enabled }} -apiVersion: v1 -kind: Service -metadata: - name: {{ template "validators.fullname" . }} - labels: - {{- include "validators.selectorLabels" . | nindent 4 }} -spec: - selector: - {{- include "validators.selectorLabels" . | nindent 4 }} - type: ClusterIP - ports: - - name: metrics - port: {{ .Values.metrics.port }} - targetPort: metrics -{{- end }} diff --git a/charts/validators-eso/templates/validate.yaml b/charts/validators-eso/templates/validate.yaml deleted file mode 100644 index 5e651174f..000000000 --- a/charts/validators-eso/templates/validate.yaml +++ /dev/null @@ -1,7 +0,0 @@ -{{- if and .Values.beaconChainRpcAutoDiscovery (not .Values.beaconChainRpcEndpoints) (not .Values.beaconChainRpcEndpointsRandomized) }} -{{- fail ".Values.beaconChainRpcEndpoints is empty" }} -{{- end }} - -{{- if not .Values.global.label }} -{{- fail ".Values.global.label is required" }} -{{- end }} \ No newline at end of file diff --git a/charts/validators-eso/values.yaml b/charts/validators-eso/values.yaml deleted file mode 100644 index c4c6bc914..000000000 --- a/charts/validators-eso/values.yaml +++ /dev/null @@ -1,431 +0,0 @@ -# Default values for operator. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -global: - imagePullSecrets: [] - network: mainnet - label: "test" - # RBAC configuration. - ## ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/ - ## - rbac: - create: true - # The name of the cluster role to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - ## Required Role rules - ## - rules: - ## Required to get information about the services nodePort. - ## - - apiGroups: [""] - resources: - - "services" - - "pods" - verbs: - - "list" - - "get" - - "patch" - -## Provide a name in place of operator for `app:` labels -## -nameOverride: "" - -## Provide a name to substitute for the full names of resources -## -fullnameOverride: "" - -## Pod Security Context -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ -## -securityContext: - fsGroup: 1001 - runAsUser: 1001 - -## RBAC configuration. -## ref: https://kubernetes.io/docs/reference/access-authn-authz/rbac/ -## -rbac: - create: true - -## Init image is used to chown data volume, initialise genesis, etc. -## -initImageBusybox: - repository: "busybox" - tag: "1.36.1" - pullPolicy: IfNotPresent - -## Init image is used to chown data volume, initialise genesis, etc. -## -initImageKubectl: - repository: "bitnami/kubectl" - tag: "1.25" - pullPolicy: IfNotPresent - -## CLI image is used to fetch public keys. -## -cliImage: - repository: 238155366538.dkr.ecr.eu-west-1.amazonaws.com/keystores-cli - tag: "v0.0.2" - pullPolicy: IfNotPresent - -externalSecrets: - enabled: false - secretStoreRef: - name: secretStoreRef - kind: SecretStore - data: [] - -## Configuration for validators -## ref: https://lighthouse-book.sigmaprime.io/validator-management.html -## ref: https://docs.prylabs.network/docs/getting-started -## - -## Whether to enable validator statefulset or not -## Can be used to temporarily disable validators -## until synchronization of eth1/eth2 nodes is complete -## -enabled: true - -## What type of validator to use. -## Options for Ethereum: prysm, lighthouse, teku -## Options for Gnosis: prysm, lighthouse -## -type: nimbus - -## If you want to run multiple validator types (e.g lighouse, teku,...) -## you need to adjust the key index to prevent double signing. -## Please be careful with this setting and be aware of boundaries -## of each validator client you would like to run. -## -## Example: -## - 700 Keys in Web3Signer database -## - 4 Lighthouse validators -## - 3 Prysm validators -## -## Deployment 1 => validatorsKeyIndex: 0 -## validatorsCount: 4 -## type: lighthouse -## -## Deployment 2 => validatorsKeyIndex: 4 -## validatorsCount: 3 -## type: prysm -## -## **NB! If you not fully understand what is done here, keep this value at 0 and set validatorsCount to the maximum of -## your keys and do not spin up this Chart multiple times! -validatorsKeyIndex: 0 - -## How many validators to run -## **NB! Each validtor hosts a certain number of keys specified when using CLI sync-db command, -## so the number of validators must be >= (total number of validator keys) / validator capacity specified in CLI -## -validatorsCount: 1 - -validatorsNoOfKeys: 100 - -## Default fee recipient for all validator keys. -## -suggestedFeeRecipient: "0x670B24610DF99b1685aEAC0dfD5307B92e0cF4d7" - -## Whether a builder should be used for proposalConfig -enableBuilder: true - -## Validators image version -## ref: https://gcr.io/prysmaticlabs/prysm/validator -## ref: https://hub.docker.com/r/sigp/lighthouse -image: - pullPolicy: IfNotPresent - prysm: - repository: "gcr.io/prysmaticlabs/prysm/validator" - tag: "v4.0.5" - lighthouse: - repository: "sigp/lighthouse" - tag: "v4.2.0" - teku: - repository: "consensys/teku" - tag: "23.5.0" - nimbus: - repository: "statusim/nimbus-validator-client" - tag: "multiarch-v23.5.1" - lodestar: - repository: "chainsafe/lodestar" - tag: "v1.8.0" - -## Credentials to fetch images from private registry -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ -## -imagePullSecrets: [] - -terminationGracePeriodSeconds: 300 - -## Spearate service account per validator. -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ -## -serviceAccount: - # Specifies whether a service account should be created - create: true - name: "validators" - # Annotations to add to the service account - annotations: {} - -## Node labels for pod assignment -## ref: https://kubernetes.io/docs/user-guide/node-selection/ -## -nodeSelector: {} - -## Tolerations for pod assignment -## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -## -tolerations: {} - -## Affinity for pod assignment -## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -## -affinity: {} - -## used to assign priority to pods -## ref: https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/ -## -priorityClassName: "" - -## Network ID -## Options for Ethereum: mainnet, prater -## Options for Gnosis: gnosis -## -network: "goerli" - -## Validators flags -## -flags: - prysm: - - "--datadir=/data/prysm" - - "--accept-terms-of-use" - - "--disable-rewards-penalties-logging" - - "--disable-account-metrics" - lighthouse: - - "lighthouse" - - "vc" - - "--datadir=/data/lighthouse" - - "--init-slashing-protection" - - "--logfile-compress" - - "--logfile-max-size=64" - - "--logfile-max-number=2" - teku: - - "validator-client" - - "--log-destination=CONSOLE" - - "--data-base-path=/data" - nimbus: - - "--data-dir=/data/nimbus" - - "--non-interactive" - - "--log-level=INFO" - lodestar: - - "validator" - - "--dataDir=/data/lodestar" - - "--logLevel=info" - - -## Validators extra flags -## -extraFlags: - prysm: [] - lighthouse: [] - teku: [] - nimbus: [] - lodestar: [] - -beaconChainRpcEndpointsAutoDiscovery: true - -beaconPortMap: - teku: 5051 - prysm: 8080 - lighthouse: 5052 - nimbus: 5052 - lodestar: 9596 - -## List of Beacon Chain node addresses -## -beaconChainRpcEndpoints: [] - -## Randomize endpoints if specified -## Has a higher priority than beaconChainRpcEndpoints, -## all specified hosts will be randomly assigned to all validators, -## used to more evenly distribute the load -## -beaconChainRpcEndpointsRandomized: [] - -## You can use the graffiti to add a string to your proposed blocks, -## which will be seen on the block explorer. -## ref: https://docs.prylabs.network/docs/prysm-usage/parameters#validator-configuration -## -graffiti: "" - -## Monitoring -## -metrics: - # Whether to enable metrics collection or not - enabled: true - - # Prometheus exporter port - port: 9090 - - # Extra flags to pass for collecting metrics - flags: - prysm: - - "--monitoring-port=9090" - - "--monitoring-host=0.0.0.0" - lighthouse: - - "--metrics" - - "--metrics-port=9090" - - "--metrics-address=0.0.0.0" - teku: - - "--metrics-enabled=true" - - "--metrics-host-allowlist=*" - - "--metrics-interface=0.0.0.0" - - "--metrics-port=9090" - nimbus: - - "--metrics" - - "--metrics-port=9090" - - "--metrics-address=0.0.0.0" - lodestar: - - "--metrics" - - "--metrics.address=0.0.0.0" - - "--metrics.port=9090" - - ## Prometheus Service Monitor - ## ref: https://github.com/coreos/prometheus-operator - ## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint - ## - serviceMonitor: - ## @param metrics.serviceMonitor.enabled Create ServiceMonitor resource(s) for scraping metrics using PrometheusOperator - ## - enabled: false - ## @param metrics.serviceMonitor.namespace The namespace in which the ServiceMonitor will be created - ## - namespace: "" - ## @param metrics.serviceMonitor.interval The interval at which metrics should be scraped - ## - interval: 30s - ## @param metrics.serviceMonitor.scrapeTimeout The timeout after which the scrape is ended - ## - scrapeTimeout: "" - ## @param metrics.serviceMonitor.relabellings Metrics RelabelConfigs to apply to samples before scraping. - ## - relabelings: [] - ## @param metrics.serviceMonitor.metricRelabelings Metrics RelabelConfigs to apply to samples before ingestion. - ## - metricRelabelings: [] - ## @param metrics.serviceMonitor.honorLabels Specify honorLabels parameter to add the scrape endpoint - ## - honorLabels: false - ## @param metrics.serviceMonitor.additionalLabels Additional labels that can be used so ServiceMonitor resource(s) can be discovered by Prometheus - ## - additionalLabels: {} - ## Custom PrometheusRule to be defined - ## ref: https://github.com/coreos/prometheus-operator#customresourcedefinitions - ## - prometheusRule: - ## @param metrics.prometheusRule.enabled Create a custom prometheusRule Resource for scraping metrics using PrometheusOperator - ## - enabled: false - ## @param metrics.prometheusRule.default Create a default set of Alerts - ## - default: true - ## @param metrics.prometheusRule.namespace The namespace in which the prometheusRule will be created - ## - namespace: "" - ## @param metrics.prometheusRule.additionalLabels Additional labels for the prometheusRule - ## - additionalLabels: {} - ## @param metrics.prometheusRule.rules Custom Prometheus rules - ## e.g: - ## rules: - ## - alert: PrysmValidatorHourlyEarningLessOrEqual0 - ## expr: sum(validator_balance) - sum(validator_balance offset 1h) - count(validator_balance > 16)*32 + count(validator_balance offset 1h > 0)*32 - ## for: 5m - ## labels: - ## severity: critical - ## annotations: - ## summary: Prysm validator hourly earning <= 0 - ## description: Check validators immediately. Pod - {{ printf "{{ $labels.pod }}" }}. Namespace - {{ printf "{{ $labels.namespace }}" }} - ## - alert: PrysmValidatorAlotOfErrorsLastHour - ## expr: sum(delta(log_entries_total{job='{{ include "operator.fullname" . }}-validator', level="error"}[1h]) > 0) - ## for: 5m - ## labels: - ## severity: warning - ## annotations: - ## summary: Many validator errors or warnings last hour - ## description: Check validator {{ printf "{{ $labels.pod }}" }}. Namespace - {{ printf "{{ $labels.namespace }}" }} - ## - rules: {} - -## Configure resource requests and limits. -## ref: http://kubernetes.io/docs/user-guide/compute-resources/ -## -resources: {} - -## Configure liveness and readiness probes -## https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-startup-probes/ -## -readinessProbe: - prysm: - initialDelaySeconds: 60 - timeoutSeconds: 1 - periodSeconds: 60 - failureThreshold: 3 - successThreshold: 1 - httpGet: - path: /healthz - port: metrics - scheme: HTTP - lighthouse: - initialDelaySeconds: 60 - timeoutSeconds: 1 - periodSeconds: 60 - failureThreshold: 3 - successThreshold: 1 - httpGet: - path: /metrics - port: metrics - scheme: HTTP - teku: - initialDelaySeconds: 60 - timeoutSeconds: 1 - periodSeconds: 60 - failureThreshold: 3 - successThreshold: 1 - httpGet: - path: /metrics - port: metrics - scheme: HTTP -livenessProbe: - prysm: - initialDelaySeconds: 60 - timeoutSeconds: 1 - periodSeconds: 60 - failureThreshold: 3 - successThreshold: 1 - httpGet: - path: /healthz - port: metrics - scheme: HTTP - lighthouse: - initialDelaySeconds: 60 - timeoutSeconds: 1 - periodSeconds: 60 - failureThreshold: 3 - successThreshold: 1 - httpGet: - path: /metrics - port: metrics - scheme: HTTP - teku: - initialDelaySeconds: 60 - timeoutSeconds: 1 - periodSeconds: 60 - failureThreshold: 3 - successThreshold: 1 - httpGet: - path: /metrics - port: metrics - scheme: HTTP diff --git a/charts/web3signer-eso/.helmignore b/charts/web3signer-eso/.helmignore deleted file mode 100644 index 0e8a0eb36..000000000 --- a/charts/web3signer-eso/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/charts/web3signer-eso/Chart.lock b/charts/web3signer-eso/Chart.lock deleted file mode 100644 index bf2e36019..000000000 --- a/charts/web3signer-eso/Chart.lock +++ /dev/null @@ -1,6 +0,0 @@ -dependencies: -- name: common - repository: file://../common - version: 1.0.0 -digest: sha256:07cebde439abe4ba19bb28e844b7419dab83c7f613886416aaf3ec08e8059144 -generated: "2022-05-02T13:36:12.005448244+03:00" diff --git a/charts/web3signer-eso/Chart.yaml b/charts/web3signer-eso/Chart.yaml deleted file mode 100644 index 191a5e961..000000000 --- a/charts/web3signer-eso/Chart.yaml +++ /dev/null @@ -1,37 +0,0 @@ -apiVersion: v2 -name: web3signer-eso -description: A Helm chart for installing and configuring Web3signer - -# A chart can be either an 'application' or a 'library' chart. -# -# Application charts are a collection of templates that can be packaged into versioned archives -# to be deployed. -# -# Library charts provide useful utilities or functions for the chart developer. They're included as -# a dependency of application charts to inject those utilities and functions into the rendering -# pipeline. Library charts do not define any templates and therefore cannot be deployed. -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -# Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.0.1 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. Versions are not expected to -# follow Semantic Versioning. They should reflect the version the application is using. -# It is recommended to use it with quotes. -appVersion: "v23.3.1" - -keywords: - - web3signer - - ethereum - - blockchain - - lighthouse - - prysm - - teku - -dependencies: -- name: common - repository: file://../common - version: 1.0.0 diff --git a/charts/web3signer-eso/migrations/V00001__initial.sql b/charts/web3signer-eso/migrations/V00001__initial.sql deleted file mode 100644 index d56899802..000000000 --- a/charts/web3signer-eso/migrations/V00001__initial.sql +++ /dev/null @@ -1,20 +0,0 @@ -CREATE TABLE validators ( - id SERIAL PRIMARY KEY, - public_key BYTEA NOT NULL, - UNIQUE(public_key) -); -CREATE TABLE signed_blocks ( - validator_id INTEGER NOT NULL, - slot NUMERIC(20) NOT NULL, - signing_root BYTEA, - FOREIGN KEY(validator_id) REFERENCES validators(id), - UNIQUE (validator_id, slot) -); -CREATE TABLE signed_attestations ( - validator_id INTEGER, - source_epoch NUMERIC(20) NOT NULL, - target_epoch NUMERIC(20) NOT NULL, - signing_root BYTEA, - FOREIGN KEY(validator_id) REFERENCES validators(id), - UNIQUE (validator_id, target_epoch) -); \ No newline at end of file diff --git a/charts/web3signer-eso/migrations/V00002__removeUniqueConstraints.sql b/charts/web3signer-eso/migrations/V00002__removeUniqueConstraints.sql deleted file mode 100644 index 18477a19c..000000000 --- a/charts/web3signer-eso/migrations/V00002__removeUniqueConstraints.sql +++ /dev/null @@ -1,21 +0,0 @@ -DO -$body$ -DECLARE - _signed_block_conn text := ( - SELECT conname - FROM pg_constraint - WHERE conrelid = 'signed_blocks'::regclass - AND contype = 'u'); - - _signed_attestation_conn text := ( - SELECT conname - FROM pg_constraint - WHERE conrelid = 'signed_attestations'::regclass - AND contype = 'u'); -BEGIN - EXECUTE 'ALTER TABLE signed_blocks DROP CONSTRAINT ' || _signed_block_conn; - EXECUTE 'ALTER TABLE signed_attestations DROP CONSTRAINT ' || _signed_attestation_conn; - EXECUTE 'ALTER TABLE signed_blocks ADD COLUMN id SERIAL PRIMARY KEY'; - EXECUTE 'ALTER TABLE signed_attestations ADD COLUMN id SERIAL PRIMARY KEY'; -END -$body$ diff --git a/charts/web3signer-eso/migrations/V00003__addLowWatermark.sql b/charts/web3signer-eso/migrations/V00003__addLowWatermark.sql deleted file mode 100644 index 17e1d7990..000000000 --- a/charts/web3signer-eso/migrations/V00003__addLowWatermark.sql +++ /dev/null @@ -1,8 +0,0 @@ -CREATE TABLE low_watermarks ( - validator_id INTEGER NOT NULL, - slot NUMERIC(20), - target_epoch NUMERIC(20), - source_epoch NUMERIC(20), - FOREIGN KEY(validator_id) REFERENCES validators(id), - UNIQUE (validator_id) -); \ No newline at end of file diff --git a/charts/web3signer-eso/migrations/V00004__addGenesisValidatorsRoot.sql b/charts/web3signer-eso/migrations/V00004__addGenesisValidatorsRoot.sql deleted file mode 100644 index 4e46e078d..000000000 --- a/charts/web3signer-eso/migrations/V00004__addGenesisValidatorsRoot.sql +++ /dev/null @@ -1,4 +0,0 @@ -CREATE TABLE metadata ( - id INTEGER PRIMARY KEY, - genesis_validators_root BYTEA NOT NULL -); \ No newline at end of file diff --git a/charts/web3signer-eso/migrations/V00005__xnor_source_target_low_watermark.sql b/charts/web3signer-eso/migrations/V00005__xnor_source_target_low_watermark.sql deleted file mode 100644 index 764b8508c..000000000 --- a/charts/web3signer-eso/migrations/V00005__xnor_source_target_low_watermark.sql +++ /dev/null @@ -1,6 +0,0 @@ -ALTER TABLE low_watermarks -ADD CONSTRAINT both_epochs_set_or_null -CHECK ( - (target_epoch IS NOT NULL and source_epoch IS NOT NULL) - OR (target_epoch IS NULL and source_epoch IS NULL) -); \ No newline at end of file diff --git a/charts/web3signer-eso/migrations/V00006__signed_data_indexes.sql b/charts/web3signer-eso/migrations/V00006__signed_data_indexes.sql deleted file mode 100644 index e776dd698..000000000 --- a/charts/web3signer-eso/migrations/V00006__signed_data_indexes.sql +++ /dev/null @@ -1,3 +0,0 @@ -CREATE INDEX ON signed_attestations (validator_id, target_epoch); - -CREATE INDEX on signed_blocks (validator_id, slot); \ No newline at end of file diff --git a/charts/web3signer-eso/migrations/V00007__add_db_version.sql b/charts/web3signer-eso/migrations/V00007__add_db_version.sql deleted file mode 100644 index 40e2d28e5..000000000 --- a/charts/web3signer-eso/migrations/V00007__add_db_version.sql +++ /dev/null @@ -1,6 +0,0 @@ -CREATE TABLE database_version ( - id INTEGER PRIMARY KEY, - version INTEGER NOT NULL -); --- Start at version 7, should have previously existed (but now represents migration index). -INSERT INTO database_version (id, version) VALUES (1, 7); \ No newline at end of file diff --git a/charts/web3signer-eso/migrations/V00008__signed_data_unique_constraints.sql b/charts/web3signer-eso/migrations/V00008__signed_data_unique_constraints.sql deleted file mode 100644 index 7fce90f06..000000000 --- a/charts/web3signer-eso/migrations/V00008__signed_data_unique_constraints.sql +++ /dev/null @@ -1,9 +0,0 @@ -ALTER TABLE signed_blocks -ADD CONSTRAINT unique_signed_block -UNIQUE (validator_id, slot); - -ALTER TABLE signed_attestations -ADD CONSTRAINT unique_signed_attestation -UNIQUE (validator_id, target_epoch); - -UPDATE database_version SET version = 8 WHERE id = 1; \ No newline at end of file diff --git a/charts/web3signer-eso/migrations/V00009__upsert_validators.sql b/charts/web3signer-eso/migrations/V00009__upsert_validators.sql deleted file mode 100644 index 2fc17962a..000000000 --- a/charts/web3signer-eso/migrations/V00009__upsert_validators.sql +++ /dev/null @@ -1,61 +0,0 @@ -CREATE OR REPLACE FUNCTION upsert_validators(_vals BYTEA[]) - RETURNS TABLE (v_id integer, v_public_key BYTEA) AS -$$ -BEGIN - RETURN QUERY - WITH - all_rows AS ( - SELECT * - FROM UNNEST(_vals) WITH ORDINALITY AS t(public_key, ordinality) - ), - dist_rows AS ( - SELECT DISTINCT public_key - FROM all_rows - ), - new_rows AS ( - SELECT d.public_key - FROM dist_rows d - LEFT JOIN validators f USING (public_key) - WHERE f.public_key IS NULL - ), - ins AS ( - INSERT INTO validators (public_key) - SELECT public_key - FROM new_rows - ORDER BY public_key - ON CONFLICT DO NOTHING - RETURNING public_key, id - ), - sel AS ( - SELECT public_key, id - FROM ins - UNION ALL - SELECT f.public_key, f.id - FROM dist_rows - JOIN validators f USING (public_key) - ), - ups AS ( - INSERT INTO validators AS f (public_key) - SELECT d.public_key - FROM dist_rows d - LEFT JOIN sel s USING (public_key) - WHERE s.public_key IS NULL - ORDER BY public_key - ON CONFLICT ON CONSTRAINT validators_public_key_key DO UPDATE - SET public_key = f.public_key - RETURNING public_key, id - ), - fin AS ( - SELECT public_key, id - FROM sel - UNION ALL - TABLE ups - ) - SELECT f.id, f.public_key - FROM all_rows a - JOIN fin f USING (public_key) - ORDER BY a.ordinality; -END -$$ LANGUAGE plpgsql; - -UPDATE database_version SET version = 9 WHERE id = 1; \ No newline at end of file diff --git a/charts/web3signer-eso/migrations/V00010__validator_enabled_status.sql b/charts/web3signer-eso/migrations/V00010__validator_enabled_status.sql deleted file mode 100644 index 98a288184..000000000 --- a/charts/web3signer-eso/migrations/V00010__validator_enabled_status.sql +++ /dev/null @@ -1,4 +0,0 @@ -ALTER TABLE validators -ADD COLUMN enabled boolean NOT NULL default true; - -UPDATE database_version SET version = 10 WHERE id = 1; \ No newline at end of file diff --git a/charts/web3signer-eso/migrations/V00011__bigint_indexes.sql b/charts/web3signer-eso/migrations/V00011__bigint_indexes.sql deleted file mode 100644 index ba2f81d60..000000000 --- a/charts/web3signer-eso/migrations/V00011__bigint_indexes.sql +++ /dev/null @@ -1,7 +0,0 @@ -ALTER SEQUENCE signed_attestations_id_seq AS bigint; -ALTER TABLE signed_attestations ALTER COLUMN id TYPE bigint; - -ALTER SEQUENCE signed_blocks_id_seq AS bigint; -ALTER TABLE signed_blocks ALTER COLUMN id TYPE bigint; - -UPDATE database_version SET version = 11 WHERE id = 1; \ No newline at end of file diff --git a/charts/web3signer-eso/templates/_helpers.tpl b/charts/web3signer-eso/templates/_helpers.tpl deleted file mode 100644 index 383404fa2..000000000 --- a/charts/web3signer-eso/templates/_helpers.tpl +++ /dev/null @@ -1,62 +0,0 @@ -{{/* -Expand the name of the chart. -*/}} -{{- define "web3signer.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "web3signer.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "web3signer.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "web3signer.labels" -}} -helm.sh/chart: {{ include "web3signer.chart" . }} -{{ include "web3signer.selectorLabels" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "web3signer.selectorLabels" -}} -app.kubernetes.io/name: {{ include "web3signer.name" . }} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "web3signer.serviceAccountName" -}} -{{- if .Values.serviceAccount.create }} -{{- default (include "web3signer.fullname" .) .Values.serviceAccount.name }} -{{- else }} -{{- default "default" .Values.serviceAccount.name }} -{{- end }} -{{- end }} diff --git a/charts/web3signer-eso/templates/configmap.yaml b/charts/web3signer-eso/templates/configmap.yaml deleted file mode 100644 index 8d1cc478f..000000000 --- a/charts/web3signer-eso/templates/configmap.yaml +++ /dev/null @@ -1,42 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.names.fullname" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} -data: - config.yaml: | - data-path: "/data/web3signer" - key-store-path: "/data/keystore" - eth2.network: {{ .Values.network }} - logging: {{ .Values.loggingLevel }} - eth2.slashing-protection-enabled: true - eth2.slashing-protection-pruning-enabled: true - eth2.slashing-protection-pruning-epochs-to-keep: {{ .Values.pruningEpochToKeep }} - eth2.slashing-protection-pruning-interval: {{ .Values.pruningInterval }} - eth2.slashing-protection-pruning-slots-per-epoch: {{ .Values.slotsPerEpoch }} - metrics-enabled: true - metrics-host: "0.0.0.0" - metrics-port: {{ .Values.metricsPort }} - metrics-host-allowlist: ["*"] - swagger-ui-enabled: true - http-cors-origins: ["*"] - http-listen-host: "0.0.0.0" - http-listen-port: {{ .Values.httpPort }} - http-host-allowlist: ["*"] - ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.names.fullname" . }}-migrations - labels: - {{- include "common.labels.standard" . | nindent 4 }} -data: -{{ $root := . }} -{{- range $path, $_ := .Files.Glob "migrations/**.sql" }} -{{- with $root }} - {{ $path | replace "migrations/" ""}}: |- -{{ .Files.Get $path | indent 4 }} -{{- end }} -{{- end }} diff --git a/charts/web3signer-eso/templates/external-secret.yaml b/charts/web3signer-eso/templates/external-secret.yaml deleted file mode 100644 index 893384c4e..000000000 --- a/charts/web3signer-eso/templates/external-secret.yaml +++ /dev/null @@ -1,38 +0,0 @@ -{{- if .Values.externalSecrets.enabled }} -apiVersion: external-secrets.io/v1beta1 -kind: ExternalSecret -metadata: - name: eso-{{ include "common.names.fullname" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} -spec: - refreshInterval: 10m - secretStoreRef: - name: {{ .Values.externalSecrets.secretStoreRef.name }} - kind: {{ .Values.externalSecrets.secretStoreRef.kind }} - target: - name: eso-{{ include "common.names.fullname" . }} - creationPolicy: Owner - data: - - secretKey: ESO_DECRYPTION_KEY - remoteRef: - key: {{ .Values.global.label }}-external-secrets - property: decryptionKey - - secretKey: ESO_DB_KEYSTORE_URL - remoteRef: - key: {{ .Values.global.label }}-external-secrets - property: dbKeystoreUrl - - secretKey: ESO_DB_URL - remoteRef: - key: {{ .Values.global.label }}-external-secrets - property: dbUrl - - secretKey: ESO_DB_USERNAME - remoteRef: - key: {{ .Values.global.label }}-external-secrets - property: dbUsername - - secretKey: ESO_DB_PASSWORD - remoteRef: - key: {{ .Values.global.label }}-external-secrets - property: dbPassword - {{- .Values.externalSecrets.data | toYaml | trim | nindent 2 }} -{{- end }} diff --git a/charts/web3signer-eso/templates/service.yaml b/charts/web3signer-eso/templates/service.yaml deleted file mode 100644 index d1216e382..000000000 --- a/charts/web3signer-eso/templates/service.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ include "web3signer.fullname" . }} - labels: - {{- include "web3signer.labels" . | nindent 4 }} -spec: - type: {{ .Values.service.type }} - ports: - - port: {{ .Values.httpPort }} - targetPort: http - protocol: TCP - name: http - - port: {{ .Values.metricsPort }} - targetPort: metrics - protocol: TCP - name: metrics - selector: - {{- include "web3signer.selectorLabels" . | nindent 4 }} diff --git a/charts/web3signer-eso/templates/serviceaccount.yaml b/charts/web3signer-eso/templates/serviceaccount.yaml deleted file mode 100644 index cb2edd11f..000000000 --- a/charts/web3signer-eso/templates/serviceaccount.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if or .Values.global.serviceAccount.create .Values.serviceAccount.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "common.names.serviceAccountName" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} - {{- with .Values.serviceAccount.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end }} diff --git a/charts/web3signer-eso/templates/servicemonitor.yaml b/charts/web3signer-eso/templates/servicemonitor.yaml deleted file mode 100644 index bd99c3387..000000000 --- a/charts/web3signer-eso/templates/servicemonitor.yaml +++ /dev/null @@ -1,41 +0,0 @@ -{{- if .Values.serviceMonitor.enabled }} -apiVersion: monitoring.coreos.com/v1 -kind: ServiceMonitor -metadata: - name: {{ include "common.names.fullname" . }} - {{- if .Values.serviceMonitor.namespace }} - namespace: {{ .Values.serviceMonitor.namespace }} - {{- else }} - namespace: {{ .Release.Namespace | quote }} - {{- end }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.serviceMonitor.additionalLabels }} - {{- toYaml .Values.serviceMonitor.additionalLabels | nindent 4 }} - {{- end }} -spec: - endpoints: - - port: metrics - path: /metrics - {{- if .Values.serviceMonitor.interval }} - interval: {{ .Values.serviceMonitor.interval }} - {{- end }} - {{- if .Values.serviceMonitor.scrapeTimeout }} - scrapeTimeout: {{ .Values.serviceMonitor.scrapeTimeout }} - {{- end }} - {{- if .Values.serviceMonitor.honorLabels }} - honorLabels: {{ .Values.serviceMonitor.honorLabels }} - {{- end }} - {{- if .Values.serviceMonitor.relabelings }} - relabelings: {{- toYaml .Values.serviceMonitor.relabelings | nindent 6 }} - {{- end }} - {{- if .Values.serviceMonitor.metricRelabelings }} - metricRelabelings: {{- toYaml .Values.serviceMonitor.metricRelabelings | nindent 6 }} - {{- end }} - namespaceSelector: - matchNames: - - {{ .Release.Namespace }} - selector: - matchLabels: - {{- include "common.labels.matchLabels" . | nindent 6 }} -{{- end }} \ No newline at end of file diff --git a/charts/web3signer-eso/templates/statefulset.yaml b/charts/web3signer-eso/templates/statefulset.yaml deleted file mode 100644 index 5b3d36f61..000000000 --- a/charts/web3signer-eso/templates/statefulset.yaml +++ /dev/null @@ -1,151 +0,0 @@ -apiVersion: {{ include "common.capabilities.statefulset.apiVersion" . }} -kind: StatefulSet -metadata: - name: {{ include "common.names.fullname" . }} - labels: - {{- include "common.labels.standard" . | nindent 4 }} -spec: - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - {{- include "common.labels.matchLabels" . | nindent 6 }} - serviceName: {{ include "common.names.fullname" . }} - template: - metadata: - {{- with .Values.podAnnotations }} - annotations: - {{- toYaml . | nindent 8 }} - {{- end }} - labels: - {{- include "common.labels.matchLabels" . | nindent 8 }} - spec: - {{- with .Values.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with .Values.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "web3signer.serviceAccountName" . }} - securityContext: - {{- toYaml .Values.podSecurityContext | nindent 8 }} - initContainers: - - name: init - image: "{{ .Values.initImage.repository }}:{{ .Values.initImage.tag }}" - imagePullPolicy: {{ .Values.initImage.pullPolicy }} - securityContext: - runAsUser: 0 - command: - - sh - - -ac - - > - mkdir -p /data/web3signer /data/keystore; - chown -R {{ .Values.podSecurityContext.runAsUser }}:{{ .Values.podSecurityContext.fsGroup }} /data/web3signer - envFrom: - - secretRef: - name: eso-{{ include "common.names.fullname" . }} - volumeMounts: - - name: data - mountPath: /data - - name: migrations - image: "{{ .Values.flywayImage.repository }}:{{ .Values.flywayImage.tag }}" - imagePullPolicy: {{ .Values.flywayImage.pullPolicy }} - securityContext: - runAsUser: 0 - args: - - -user=$(ESO_DB_USERNAME) - - -password=$(ESO_DB_PASSWORD) - - -url=$(ESO_DB_URL) - - migrate - # for first time clean may be needed, be careful not remove production db - # flyway -user=$ESO_DB_USERNAME -password=$ESO_DB_PASSWORD -url=$ESO_DB_URL clean -cleanDisabled=false - envFrom: - - secretRef: - name: eso-{{ include "common.names.fullname" . }} - volumeMounts: - - name: migrations - mountPath: /flyway/sql - - name: fetch-keys - image: "{{ .Values.cliImage.repository }}:{{ .Values.cliImage.tag }}" - imagePullPolicy: {{ .Values.cliImage.pullPolicy }} - securityContext: - runAsUser: 0 - envFrom: - - secretRef: - name: eso-{{ include "common.names.fullname" . }} - args: ["sync-web3signer-keys", "--db-url", $(ESO_DB_KEYSTORE_URL), "--output-dir", "/data/keystore", "--decryption-key-env", "ESO_DECRYPTION_KEY_V2"] - volumeMounts: - - name: data - mountPath: /data - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - imagePullPolicy: {{ .Values.image.pullPolicy }} - args: - - --config-file=/config/config.yaml - - --logging={{ .Values.loggingLevel }} - - --idle-connection-timeout-seconds={{ .Values.idleTimeout }} - - eth2 - - --slashing-protection-db-url=$(ESO_DB_URL) - - --slashing-protection-db-username=$(ESO_DB_USERNAME) - - --slashing-protection-db-password=$(ESO_DB_PASSWORD) - env: - - name: JAVA_OPTS - value: {{ .Values.web3signerJavaOpts | quote }} - envFrom: - - secretRef: - name: eso-{{ include "common.names.fullname" . }} - ports: - - name: http - containerPort: {{ .Values.httpPort }} - protocol: TCP - - name: metrics - containerPort: {{ .Values.metricsPort }} - protocol: TCP - livenessProbe: - httpGet: - path: /upcheck - port: http - initialDelaySeconds: 900 - timeoutSeconds: 3 - periodSeconds: 30 - failureThreshold: 3 - successThreshold: 1 - readinessProbe: - httpGet: - path: /upcheck - port: http - initialDelaySeconds: 60 - timeoutSeconds: 3 - periodSeconds: 30 - failureThreshold: 3 - successThreshold: 1 - resources: - {{- toYaml .Values.resources | nindent 12 }} - volumeMounts: - - name: data - mountPath: /data - - name: config - mountPath: /config - volumes: - - name: config - configMap: - name: {{ include "common.names.fullname" . }} - - name: migrations - configMap: - name: {{ include "common.names.fullname" . }}-migrations - - name: data - emptyDir: - medium: Memory - sizeLimit: 128Mi \ No newline at end of file diff --git a/charts/web3signer-eso/templates/validate.yaml b/charts/web3signer-eso/templates/validate.yaml deleted file mode 100644 index a317ac059..000000000 --- a/charts/web3signer-eso/templates/validate.yaml +++ /dev/null @@ -1,3 +0,0 @@ -{{- if not .Values.global.label }} -{{- fail ".Values.global.label is required" }} -{{- end }} \ No newline at end of file diff --git a/charts/web3signer-eso/values.yaml b/charts/web3signer-eso/values.yaml deleted file mode 100644 index 9d36054a5..000000000 --- a/charts/web3signer-eso/values.yaml +++ /dev/null @@ -1,185 +0,0 @@ -# Default values for web3signer. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -global: - label: "" - serviceAccount: - create: true - -replicaCount: 3 - -idleTimeout: 30 - -image: - repository: consensys/web3signer - pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. - tag: "23.3.1" - -## Init image is used to chown data volume, etc. -## -initImage: - repository: busybox - tag: "1.36.1" - pullPolicy: IfNotPresent - -## CLI image is used to fetch private keys. -## -cliImage: - repository: 238155366538.dkr.ecr.eu-west-1.amazonaws.com/keystores-cli - tag: "v0.0.2" - pullPolicy: IfNotPresent - -externalSecrets: - enabled: false - secretStoreRef: - name: secretStoreRef - kind: SecretStore - data: [] - -## Flyawy image is used to apply database migrations -## -flywayImage: - repository: flyway/flyway - tag: "8.5.8-alpine" - pullPolicy: IfNotPresent - -imagePullSecrets: [] - -## Provide a name in place of operator for `app:` labels -## -nameOverride: "" - -## Provide a name to substitute for the full names of resources -## -fullnameOverride: "" - - -## Web3Signer Settings -## ref: https://docs.web3signer.consensys.net/en/latest/Reference/CLI/CLI-Syntax/ -## - -## Network -## Options: mainnet, prater, gnosis -network: "mainnet" - -## Sets logging verbosity. -## Log levels are OFF, FATAL, WARN, INFO, DEBUG, TRACE, ALL. -loggingLevel: "INFO" - -## Number of epochs to keep when pruning the slashing protection database. -## -pruningEpochToKeep: 100 - -## Hours between slashing protection database pruning operations. -## -pruningInterval: 24 - -## Number of slots per epoch. This number multiplied by the number of epochs to keep determines what blocks to keep when pruning the slashing protection database. -## The default is 32 as defined on MainNet/Prater. -## -slotsPerEpoch: 32 - -## Port on which Web3Signer HTTP listens. -## -httpPort: 6174 - -## The port (TCP) on which Prometheus accesses metrics -## -metricsPort: 9000 - -## Java Opts -## -web3signerJavaOpts: "-Xmx1g -Xms1g" - - -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ -## -serviceAccount: - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - -podAnnotations: {} - -## Pod Security Context -## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ -## -podSecurityContext: - fsGroup: 1000 - runAsUser: 1000 - -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 - -service: - type: ClusterIP - port: 80 - -## Configure resource requests and limits. -## ref: http://kubernetes.io/docs/user-guide/compute-resources/ -## -resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - -## Node labels for pod assignment -## ref: https://kubernetes.io/docs/user-guide/node-selection/ -## -nodeSelector: {} - -## Tolerations for pod assignment -## ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ -## -tolerations: {} - -## Affinity for pod assignment -## ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity -## -affinity: {} - -## Prometheus Service Monitor -## ref: https://github.com/coreos/prometheus-operator -## https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint -## -serviceMonitor: - ## @param metrics.serviceMonitor.enabled Create ServiceMonitor resource(s) for scraping metrics using PrometheusOperator - ## - enabled: false - ## @param metrics.serviceMonitor.namespace The namespace in which the ServiceMonitor will be created - ## - namespace: "" - ## @param metrics.serviceMonitor.interval The interval at which metrics should be scraped - ## - interval: 30s - ## @param metrics.serviceMonitor.scrapeTimeout The timeout after which the scrape is ended - ## - scrapeTimeout: "" - ## @param metrics.serviceMonitor.relabellings Metrics RelabelConfigs to apply to samples before scraping. - ## - relabellings: [] - ## @param metrics.serviceMonitor.metricRelabelings Metrics RelabelConfigs to apply to samples before ingestion. - ## - metricRelabelings: [] - ## @param metrics.serviceMonitor.honorLabels Specify honorLabels parameter to add the scrape endpoint - ## - honorLabels: false - ## @param metrics.serviceMonitor.additionalLabels Additional labels that can be used so ServiceMonitor resource(s) can be discovered by Prometheus - ## - additionalLabels: {} diff --git a/scripts/chart.sh b/scripts/chart.sh deleted file mode 100755 index 22fa348a7..000000000 --- a/scripts/chart.sh +++ /dev/null @@ -1,90 +0,0 @@ -#! /usr/bin/env bash - -set -o errexit -set -o nounset -set -o pipefail - -readonly HELM_URL=https://get.helm.sh -readonly HELM_TARBALL=helm-v3.7.1-linux-amd64.tar.gz -readonly REPO_URL=https://charts.stakewise.io/ -readonly GCS_BUCKET=gs://stakewise-charts - -main() { - setup_helm_client - if ! sync_repo charts "$GCS_BUCKET" "$REPO_URL"; then - log_error "Not all charts could be packaged and synced!" - exit 1 - fi -} - -setup_helm_client() { - echo "Setting up Helm client..." - curl --user-agent curl-ci-sync -sSL -o "$HELM_TARBALL" "$HELM_URL/$HELM_TARBALL" - tar xzfv "$HELM_TARBALL" - PATH="$(pwd)/linux-amd64/:$PATH" - # add dependent helm repos - helm repo add bitnami https://charts.bitnami.com/bitnami - helm repo add hashicorp https://helm.releases.hashicorp.com - helm repo add stakewise https://charts.stakewise.io -} - -sync_repo() { - local repo_dir="${1?Specify repo dir}" - local bucket="${2?Specify repo bucket}" - local repo_url="${3?Specify repo url}" - local sync_dir="${repo_dir}-sync" - local index_dir="${repo_dir}-index" - - echo "Syncing repo '$repo_dir'..." - - mkdir -p "$sync_dir" - mkdir -p "$index_dir" - - # Copy the index.yaml file from the bucket. - if ! gsutil cp "$bucket/index.yaml" "$index_dir/index.yaml"; then - log_error "Exiting because unable to copy index locally. Not safe to proceed." - exit 1 - fi - - local return_value=0 - - # Loop around each chart and package. - for dir in "$repo_dir"/*; do - if helm dependency build "$dir"; then - helm package --destination "$sync_dir" "$dir" - else - log_error "Problem building dependencies. Skipping packaging of '$dir'." - return_value=1 - fi - done - - if helm repo index --url "$repo_url" --merge "$index_dir/index.yaml" "$sync_dir"; then - - # Move updated index.yaml to sync folder so we don't push the old one again - mv -f "$sync_dir/index.yaml" "$index_dir/index.yaml" - - # Push all the local chart tarballs to the bucket. - gsutil -m rsync "$sync_dir" "$bucket" - - # Make sure index.yaml is synced last - gsutil cp "$index_dir/index.yaml" "$bucket" - - else - log_error "Exiting because unable to update index. Not safe to push update." - exit 1 - fi - - gsutil -m setmeta -h "Cache-Control:no-cache" "$bucket"/*.tgz - gsutil -m setmeta -h "Cache-Control:no-cache" "$bucket"/index.yaml - - ls -l "$sync_dir" - - return "$return_value" -} - - -log_error() { - printf '\e[31mERROR: %s\n\e[39m' "$1" >&2 -} - -main \ No newline at end of file diff --git a/scripts/dry-run-all.sh b/scripts/dry-run-all.sh deleted file mode 100755 index f62775ab8..000000000 --- a/scripts/dry-run-all.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash - -VALUES_DIR="tests/values" -CHART_PATH="charts/execution-beacon-copy" - -# Iterate through files in the values directory -for file in "$VALUES_DIR"/*.yaml; do - # Extract the filename without the extension - filename=$(basename "$file" .yaml) - - # Run the Helm command with the filename as an argument and redirect the output to /dev/null - helm -n test upgrade --install "$filename" "$CHART_PATH" --create-namespace --dry-run -f "$file" > /dev/null - - # Check the exit code of the Helm command - if [ $? -eq 0 ]; then - echo "Dry run for $filename was successful" - else - echo "Dry run for $filename failed" - fi -done diff --git a/scripts/run-all.sh b/scripts/run-all.sh deleted file mode 100755 index 558fcba1a..000000000 --- a/scripts/run-all.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash - -VALUES_DIR="tests/values" -CHART_PATH="charts/execution-beacon-copy" - -# Iterate through files in the values directory -for file in "$VALUES_DIR"/*.yaml; do - # Extract the filename without the extension - filename=$(basename "$file" .yaml) - - # Run the Helm command with the filename as an argument and redirect the output to /dev/null - helm -n test upgrade --install "$filename" "$CHART_PATH" --create-namespace -f "$file" > /dev/null - - # Check the exit code of the Helm command - if [ $? -eq 0 ]; then - echo "Dry run for $filename was successful" - else - echo "Dry run for $filename failed" - fi -done diff --git a/scripts/run-besu.sh b/scripts/run-besu.sh deleted file mode 100755 index 92cdaa0d5..000000000 --- a/scripts/run-besu.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash - -VALUES_DIR="tests/values" -CHART_PATH="charts/execution-beacon-copy" - -# Iterate through files in the values directory -for file in "$VALUES_DIR"/*.yaml; do - # Extract the filename without the extension - filename=$(basename "$file" .yaml) - - # Check if the filename starts with "besu-" - if [[ $filename == besu-* ]]; then - # Run the Helm command with the filename as an argument and redirect the output to /dev/null - helm -n test upgrade --install "$filename" "$CHART_PATH" --create-namespace -f "$file" > /dev/null - - # Check the exit code of the Helm command - if [ $? -eq 0 ]; then - echo "Dry run for $filename was successful" - else - echo "Dry run for $filename failed" - fi - fi -done diff --git a/scripts/run-erigon.sh b/scripts/run-erigon.sh deleted file mode 100755 index 93a11e787..000000000 --- a/scripts/run-erigon.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash - -VALUES_DIR="tests/values" -CHART_PATH="charts/execution-beacon-copy" - -# Iterate through files in the values directory -for file in "$VALUES_DIR"/*.yaml; do - # Extract the filename without the extension - filename=$(basename "$file" .yaml) - - # Check if the filename starts with "besu-" - if [[ $filename == erigon-* ]]; then - # Run the Helm command with the filename as an argument and redirect the output to /dev/null - helm -n test upgrade --install "$filename" "$CHART_PATH" --create-namespace -f "$file" > /dev/null - - # Check the exit code of the Helm command - if [ $? -eq 0 ]; then - echo "Dry run for $filename was successful" - else - echo "Dry run for $filename failed" - fi - fi -done diff --git a/scripts/run-geth.sh b/scripts/run-geth.sh deleted file mode 100755 index c03adc74f..000000000 --- a/scripts/run-geth.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash - -VALUES_DIR="tests/values" -CHART_PATH="charts/execution-beacon-copy" - -# Iterate through files in the values directory -for file in "$VALUES_DIR"/*.yaml; do - # Extract the filename without the extension - filename=$(basename "$file" .yaml) - - # Check if the filename starts with "besu-" - if [[ $filename == geth-* ]]; then - # Run the Helm command with the filename as an argument and redirect the output to /dev/null - helm -n test upgrade --install "$filename" "$CHART_PATH" --create-namespace -f "$file" > /dev/null - - # Check the exit code of the Helm command - if [ $? -eq 0 ]; then - echo "Dry run for $filename was successful" - else - echo "Dry run for $filename failed" - fi - fi -done diff --git a/scripts/run-nethermind.sh b/scripts/run-nethermind.sh deleted file mode 100755 index e40bf8a0f..000000000 --- a/scripts/run-nethermind.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash - -VALUES_DIR="tests/values" -CHART_PATH="charts/execution-beacon-copy" - -# Iterate through files in the values directory -for file in "$VALUES_DIR"/*.yaml; do - # Extract the filename without the extension - filename=$(basename "$file" .yaml) - - # Check if the filename starts with "besu-" - if [[ $filename == nethermind-* ]]; then - # Run the Helm command with the filename as an argument and redirect the output to /dev/null - helm -n test upgrade --install "$filename" "$CHART_PATH" --create-namespace -f "$file" > /dev/null - - # Check the exit code of the Helm command - if [ $? -eq 0 ]; then - echo "Run for $filename was successful" - else - echo "Run for $filename failed" - fi - fi -done diff --git a/tests/values/besu-lighthouse.yaml b/tests/values/besu-lighthouse.yaml deleted file mode 100644 index 7d227e950..000000000 --- a/tests/values/besu-lighthouse.yaml +++ /dev/null @@ -1,19 +0,0 @@ -execution: - client: besu - livenessProbe: - enabled: false - readinessProbe: - enabled: false -beacon: - client: lighthouse - suggestedFeeRecipient: "0x670B24610DF99b1685aEAC0dfD5307B92e0cF4d7" - checkPointSync: - enabled: true - url: https://checkpoint-sync.goerli.ethpandaops.io - livenessProbe: - enabled: false - readinessProbe: - enabled: false -global: - network: goerli - JWTSecret: "b7f6f8e82d8ba8070a032016828b9cc6667c8c2fc5b3a275971f937fe860b70a" diff --git a/tests/values/besu-lodestar.yaml b/tests/values/besu-lodestar.yaml deleted file mode 100644 index 06a5ae4fa..000000000 --- a/tests/values/besu-lodestar.yaml +++ /dev/null @@ -1,19 +0,0 @@ -execution: - client: besu - livenessProbe: - enabled: false - readinessProbe: - enabled: false -beacon: - client: lodestar - suggestedFeeRecipient: "0x670B24610DF99b1685aEAC0dfD5307B92e0cF4d7" - checkPointSync: - enabled: true - url: https://checkpoint-sync.goerli.ethpandaops.io - livenessProbe: - enabled: false - readinessProbe: - enabled: false -global: - network: goerli - JWTSecret: "b7f6f8e82d8ba8070a032016828b9cc6667c8c2fc5b3a275971f937fe860b70a" diff --git a/tests/values/besu-nimbus.yaml b/tests/values/besu-nimbus.yaml deleted file mode 100644 index 2588ba0ee..000000000 --- a/tests/values/besu-nimbus.yaml +++ /dev/null @@ -1,19 +0,0 @@ -execution: - client: besu - livenessProbe: - enabled: false - readinessProbe: - enabled: false -beacon: - client: nimbus - suggestedFeeRecipient: "0x670B24610DF99b1685aEAC0dfD5307B92e0cF4d7" - checkPointSync: - enabled: true - url: https://checkpoint-sync.goerli.ethpandaops.io - livenessProbe: - enabled: false - readinessProbe: - enabled: false -global: - network: goerli - JWTSecret: "b7f6f8e82d8ba8070a032016828b9cc6667c8c2fc5b3a275971f937fe860b70a" diff --git a/tests/values/besu-prysm.yaml b/tests/values/besu-prysm.yaml deleted file mode 100644 index 8823817dc..000000000 --- a/tests/values/besu-prysm.yaml +++ /dev/null @@ -1,19 +0,0 @@ -execution: - client: besu - livenessProbe: - enabled: false - readinessProbe: - enabled: false -beacon: - client: prysm - suggestedFeeRecipient: "0x670B24610DF99b1685aEAC0dfD5307B92e0cF4d7" - checkPointSync: - enabled: true - url: https://checkpoint-sync.goerli.ethpandaops.io - livenessProbe: - enabled: false - readinessProbe: - enabled: false -global: - network: goerli - JWTSecret: "b7f6f8e82d8ba8070a032016828b9cc6667c8c2fc5b3a275971f937fe860b70a" diff --git a/tests/values/besu-teku.yaml b/tests/values/besu-teku.yaml deleted file mode 100644 index 99302fdda..000000000 --- a/tests/values/besu-teku.yaml +++ /dev/null @@ -1,19 +0,0 @@ -execution: - client: besu - livenessProbe: - enabled: false - readinessProbe: - enabled: false -beacon: - client: teku - suggestedFeeRecipient: "0x670B24610DF99b1685aEAC0dfD5307B92e0cF4d7" - checkPointSync: - enabled: true - url: https://checkpoint-sync.goerli.ethpandaops.io - livenessProbe: - enabled: false - readinessProbe: - enabled: false -global: - network: goerli - JWTSecret: "b7f6f8e82d8ba8070a032016828b9cc6667c8c2fc5b3a275971f937fe860b70a" diff --git a/tests/values/erigon-lighthouse.yaml b/tests/values/erigon-lighthouse.yaml deleted file mode 100644 index 2ede06ef0..000000000 --- a/tests/values/erigon-lighthouse.yaml +++ /dev/null @@ -1,19 +0,0 @@ -execution: - client: erigon - livenessProbe: - enabled: false - readinessProbe: - enabled: false -beacon: - client: lighthouse - suggestedFeeRecipient: "0x670B24610DF99b1685aEAC0dfD5307B92e0cF4d7" - checkPointSync: - enabled: true - url: https://checkpoint-sync.goerli.ethpandaops.io - livenessProbe: - enabled: false - readinessProbe: - enabled: false -global: - network: goerli - JWTSecret: "b7f6f8e82d8ba8070a032016828b9cc6667c8c2fc5b3a275971f937fe860b70a" diff --git a/tests/values/erigon-lodestar.yaml b/tests/values/erigon-lodestar.yaml deleted file mode 100644 index 589129363..000000000 --- a/tests/values/erigon-lodestar.yaml +++ /dev/null @@ -1,19 +0,0 @@ -execution: - client: erigon - livenessProbe: - enabled: false - readinessProbe: - enabled: false -beacon: - client: lodestar - suggestedFeeRecipient: "0x670B24610DF99b1685aEAC0dfD5307B92e0cF4d7" - checkPointSync: - enabled: true - url: https://checkpoint-sync.goerli.ethpandaops.io - livenessProbe: - enabled: false - readinessProbe: - enabled: false -global: - network: goerli - JWTSecret: "b7f6f8e82d8ba8070a032016828b9cc6667c8c2fc5b3a275971f937fe860b70a" diff --git a/tests/values/erigon-nimbus.yaml b/tests/values/erigon-nimbus.yaml deleted file mode 100644 index ded2a2863..000000000 --- a/tests/values/erigon-nimbus.yaml +++ /dev/null @@ -1,19 +0,0 @@ -execution: - client: erigon - livenessProbe: - enabled: false - readinessProbe: - enabled: false -beacon: - client: nimbus - suggestedFeeRecipient: "0x670B24610DF99b1685aEAC0dfD5307B92e0cF4d7" - checkPointSync: - enabled: true - url: https://checkpoint-sync.goerli.ethpandaops.io - livenessProbe: - enabled: false - readinessProbe: - enabled: false -global: - network: goerli - JWTSecret: "b7f6f8e82d8ba8070a032016828b9cc6667c8c2fc5b3a275971f937fe860b70a" diff --git a/tests/values/erigon-prysm.yaml b/tests/values/erigon-prysm.yaml deleted file mode 100644 index 15b57b24e..000000000 --- a/tests/values/erigon-prysm.yaml +++ /dev/null @@ -1,19 +0,0 @@ -execution: - client: erigon - livenessProbe: - enabled: false - readinessProbe: - enabled: false -beacon: - client: prysm - suggestedFeeRecipient: "0x670B24610DF99b1685aEAC0dfD5307B92e0cF4d7" - checkPointSync: - enabled: true - url: https://checkpoint-sync.goerli.ethpandaops.io - livenessProbe: - enabled: false - readinessProbe: - enabled: false -global: - network: goerli - JWTSecret: "b7f6f8e82d8ba8070a032016828b9cc6667c8c2fc5b3a275971f937fe860b70a" diff --git a/tests/values/erigon-teku.yaml b/tests/values/erigon-teku.yaml deleted file mode 100644 index 11afb14a8..000000000 --- a/tests/values/erigon-teku.yaml +++ /dev/null @@ -1,19 +0,0 @@ -execution: - client: erigon - livenessProbe: - enabled: false - readinessProbe: - enabled: false -beacon: - client: teku - suggestedFeeRecipient: "0x670B24610DF99b1685aEAC0dfD5307B92e0cF4d7" - checkPointSync: - enabled: true - url: https://checkpoint-sync.goerli.ethpandaops.io - livenessProbe: - enabled: false - readinessProbe: - enabled: false -global: - network: goerli - JWTSecret: "b7f6f8e82d8ba8070a032016828b9cc6667c8c2fc5b3a275971f937fe860b70a" diff --git a/tests/values/geth-lighthouse.yaml b/tests/values/geth-lighthouse.yaml deleted file mode 100644 index e302d087b..000000000 --- a/tests/values/geth-lighthouse.yaml +++ /dev/null @@ -1,19 +0,0 @@ -execution: - client: geth - livenessProbe: - enabled: false - readinessProbe: - enabled: false -beacon: - client: lighthouse - suggestedFeeRecipient: "0x670B24610DF99b1685aEAC0dfD5307B92e0cF4d7" - checkPointSync: - enabled: true - url: https://checkpoint-sync.goerli.ethpandaops.io - livenessProbe: - enabled: false - readinessProbe: - enabled: false -global: - network: goerli - JWTSecret: "b7f6f8e82d8ba8070a032016828b9cc6667c8c2fc5b3a275971f937fe860b70a" diff --git a/tests/values/geth-lodestar.yaml b/tests/values/geth-lodestar.yaml deleted file mode 100644 index ed43dad51..000000000 --- a/tests/values/geth-lodestar.yaml +++ /dev/null @@ -1,19 +0,0 @@ -execution: - client: geth - livenessProbe: - enabled: false - readinessProbe: - enabled: false -beacon: - client: lodestar - suggestedFeeRecipient: "0x670B24610DF99b1685aEAC0dfD5307B92e0cF4d7" - checkPointSync: - enabled: true - url: https://checkpoint-sync.goerli.ethpandaops.io - livenessProbe: - enabled: false - readinessProbe: - enabled: false -global: - network: goerli - JWTSecret: "b7f6f8e82d8ba8070a032016828b9cc6667c8c2fc5b3a275971f937fe860b70a" diff --git a/tests/values/geth-nimbus.yaml b/tests/values/geth-nimbus.yaml deleted file mode 100644 index 96ff4d455..000000000 --- a/tests/values/geth-nimbus.yaml +++ /dev/null @@ -1,19 +0,0 @@ -execution: - client: geth - livenessProbe: - enabled: false - readinessProbe: - enabled: false -beacon: - client: nimbus - suggestedFeeRecipient: "0x670B24610DF99b1685aEAC0dfD5307B92e0cF4d7" - checkPointSync: - enabled: true - url: https://checkpoint-sync.goerli.ethpandaops.io - livenessProbe: - enabled: false - readinessProbe: - enabled: false -global: - network: goerli - JWTSecret: "b7f6f8e82d8ba8070a032016828b9cc6667c8c2fc5b3a275971f937fe860b70a" diff --git a/tests/values/geth-prysm.yaml b/tests/values/geth-prysm.yaml deleted file mode 100644 index d295b995d..000000000 --- a/tests/values/geth-prysm.yaml +++ /dev/null @@ -1,19 +0,0 @@ -execution: - client: geth - livenessProbe: - enabled: false - readinessProbe: - enabled: false -beacon: - client: prysm - suggestedFeeRecipient: "0x670B24610DF99b1685aEAC0dfD5307B92e0cF4d7" - checkPointSync: - enabled: true - url: https://checkpoint-sync.goerli.ethpandaops.io - livenessProbe: - enabled: false - readinessProbe: - enabled: false -global: - network: goerli - JWTSecret: "b7f6f8e82d8ba8070a032016828b9cc6667c8c2fc5b3a275971f937fe860b70a" diff --git a/tests/values/geth-teku.yaml b/tests/values/geth-teku.yaml deleted file mode 100644 index aedb8d91c..000000000 --- a/tests/values/geth-teku.yaml +++ /dev/null @@ -1,19 +0,0 @@ -execution: - client: geth - livenessProbe: - enabled: false - readinessProbe: - enabled: false -beacon: - client: teku - suggestedFeeRecipient: "0x670B24610DF99b1685aEAC0dfD5307B92e0cF4d7" - checkPointSync: - enabled: true - url: https://checkpoint-sync.goerli.ethpandaops.io - livenessProbe: - enabled: false - readinessProbe: - enabled: false -global: - network: goerli - JWTSecret: "b7f6f8e82d8ba8070a032016828b9cc6667c8c2fc5b3a275971f937fe860b70a" diff --git a/tests/values/nethermind-lighthouse.yaml b/tests/values/nethermind-lighthouse.yaml deleted file mode 100644 index 7d795c196..000000000 --- a/tests/values/nethermind-lighthouse.yaml +++ /dev/null @@ -1,25 +0,0 @@ -execution: - client: nethermind - livenessProbe: - enabled: false - readinessProbe: - enabled: false - persistence: - size: 300Gi -beacon: - client: lighthouse - suggestedFeeRecipient: "0x670B24610DF99b1685aEAC0dfD5307B92e0cF4d7" - checkPointSync: - enabled: true - url: https://checkpoint-sync.goerli.ethpandaops.io - livenessProbe: - enabled: false - readinessProbe: - enabled: false -global: - network: goerli - JWTSecret: "b7f6f8e82d8ba8070a032016828b9cc6667c8c2fc5b3a275971f937fe860b70a" - p2pNodePort: - enabled: true - startAtExecution: 31000 - startAtBeacon: 32000 diff --git a/tests/values/nethermind-lodestar.yaml b/tests/values/nethermind-lodestar.yaml deleted file mode 100644 index 023caaa7c..000000000 --- a/tests/values/nethermind-lodestar.yaml +++ /dev/null @@ -1,25 +0,0 @@ -execution: - client: nethermind - livenessProbe: - enabled: false - readinessProbe: - enabled: false - persistence: - size: 300Gi -beacon: - client: lodestar - suggestedFeeRecipient: "0x670B24610DF99b1685aEAC0dfD5307B92e0cF4d7" - checkPointSync: - enabled: true - url: https://checkpoint-sync.goerli.ethpandaops.io - livenessProbe: - enabled: false - readinessProbe: - enabled: false -global: - network: goerli - JWTSecret: "b7f6f8e82d8ba8070a032016828b9cc6667c8c2fc5b3a275971f937fe860b70a" - p2pNodePort: - enabled: true - startAtExecution: 31100 - startAtBeacon: 32100 diff --git a/tests/values/nethermind-nimbus.yaml b/tests/values/nethermind-nimbus.yaml deleted file mode 100644 index a7db3e1db..000000000 --- a/tests/values/nethermind-nimbus.yaml +++ /dev/null @@ -1,25 +0,0 @@ -execution: - client: nethermind - livenessProbe: - enabled: false - readinessProbe: - enabled: false - persistence: - size: 300Gi -beacon: - client: nimbus - suggestedFeeRecipient: "0x670B24610DF99b1685aEAC0dfD5307B92e0cF4d7" - checkPointSync: - enabled: true - url: https://checkpoint-sync.goerli.ethpandaops.io - livenessProbe: - enabled: false - readinessProbe: - enabled: false -global: - network: goerli - JWTSecret: "b7f6f8e82d8ba8070a032016828b9cc6667c8c2fc5b3a275971f937fe860b70a" - p2pNodePort: - enabled: true - startAtExecution: 31200 - startAtBeacon: 32200 diff --git a/tests/values/nethermind-prysm.yaml b/tests/values/nethermind-prysm.yaml deleted file mode 100644 index 3167c432c..000000000 --- a/tests/values/nethermind-prysm.yaml +++ /dev/null @@ -1,25 +0,0 @@ -execution: - client: nethermind - livenessProbe: - enabled: false - readinessProbe: - enabled: false - persistence: - size: 300Gi -beacon: - client: prysm - suggestedFeeRecipient: "0x670B24610DF99b1685aEAC0dfD5307B92e0cF4d7" - checkPointSync: - enabled: true - url: https://checkpoint-sync.goerli.ethpandaops.io - livenessProbe: - enabled: false - readinessProbe: - enabled: false -global: - network: goerli - JWTSecret: "b7f6f8e82d8ba8070a032016828b9cc6667c8c2fc5b3a275971f937fe860b70a" - p2pNodePort: - enabled: true - startAtExecution: 31300 - startAtBeacon: 32300 diff --git a/tests/values/nethermind-teku.yaml b/tests/values/nethermind-teku.yaml deleted file mode 100644 index 1fc171789..000000000 --- a/tests/values/nethermind-teku.yaml +++ /dev/null @@ -1,25 +0,0 @@ -execution: - client: nethermind - livenessProbe: - enabled: false - readinessProbe: - enabled: false - persistence: - size: 300Gi -beacon: - client: teku - suggestedFeeRecipient: "0x670B24610DF99b1685aEAC0dfD5307B92e0cF4d7" - checkPointSync: - enabled: true - url: https://checkpoint-sync.goerli.ethpandaops.io - livenessProbe: - enabled: false - readinessProbe: - enabled: false -global: - network: goerli - JWTSecret: "b7f6f8e82d8ba8070a032016828b9cc6667c8c2fc5b3a275971f937fe860b70a" - p2pNodePort: - enabled: true - startAtExecution: 31400 - startAtBeacon: 32400