diff --git a/charts/evm-rollup/Chart.yaml b/charts/evm-rollup/Chart.yaml index 096c152ff7..d2f2154d51 100644 --- a/charts/evm-rollup/Chart.yaml +++ b/charts/evm-rollup/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.25.3 +version: 0.25.4 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/charts/evm-rollup/templates/configmap.yaml b/charts/evm-rollup/templates/configmap.yaml index 10fc39d5fa..21fd5df39c 100644 --- a/charts/evm-rollup/templates/configmap.yaml +++ b/charts/evm-rollup/templates/configmap.yaml @@ -35,6 +35,7 @@ data: OTEL_SERVICE_NAME: "{{ tpl .Values.otel.serviceNamePrefix . }}-conductor" {{- if not .Values.global.dev }} {{- else }} + ASTRIA_CONDUCTOR_NO_CELESTIA_AUTH: "{{ not .Values.config.celestia.token }}" {{- end }} --- apiVersion: v1 diff --git a/charts/evm-stack/Chart.lock b/charts/evm-stack/Chart.lock index 0721955d81..b531f1528a 100644 --- a/charts/evm-stack/Chart.lock +++ b/charts/evm-stack/Chart.lock @@ -1,7 +1,7 @@ dependencies: - name: evm-rollup repository: file://../evm-rollup - version: 0.25.3 + version: 0.25.4 - name: composer repository: file://../composer version: 0.1.1 @@ -17,5 +17,5 @@ dependencies: - name: blockscout-stack repository: https://blockscout.github.io/helm-charts version: 1.6.2 -digest: sha256:75189d68ee2ddbb135ec487b4aee663fd2d096ae19608efc2d6ebfdec9d8c4a0 -generated: "2024-08-12T22:12:07.880246+03:00" +digest: sha256:695498fcbe82a100ca333b058196730eed9173df8528871585f40453c182d964 +generated: "2024-08-15T12:40:34.762702-07:00" diff --git a/charts/evm-stack/Chart.yaml b/charts/evm-stack/Chart.yaml index e1cc2a2465..ec97e8def6 100644 --- a/charts/evm-stack/Chart.yaml +++ b/charts/evm-stack/Chart.yaml @@ -15,11 +15,11 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.3.2 +version: 0.3.3 dependencies: - name: evm-rollup - version: 0.25.3 + version: 0.25.4 repository: "file://../evm-rollup" - name: composer version: 0.1.1 diff --git a/crates/astria-conductor/local.env.example b/crates/astria-conductor/local.env.example index ee3c50e7f6..6237d3109b 100644 --- a/crates/astria-conductor/local.env.example +++ b/crates/astria-conductor/local.env.example @@ -6,9 +6,15 @@ # 12000 milliseconds is the default Celestia block time. ASTRIA_CONDUCTOR_CELESTIA_BLOCK_TIME_MS=12000 +# Disable using the auth header with celestia jsonrpc. Celestia nodes can be run +# without authentication, in which case this should be set to true. +ASTRIA_CONDUCTOR_NO_CELESTIA_AUTH=false + # The bearer token to retrieve sequencer blocks as blobs from Celestia. # The token is obtained by running `celestia bridge auth ` -# on the host running the celestia node. +# on the host running the celestia node. +# +# Only used if ASTRIA_CONDUCTOR_NO_CELESTIA_AUTH is set to false ASTRIA_CONDUCTOR_CELESTIA_BEARER_TOKEN="" # The URL of the celestia node to fetch blocks from. This URL must contain diff --git a/crates/astria-conductor/src/celestia/builder.rs b/crates/astria-conductor/src/celestia/builder.rs index a14246ddee..7860d439ee 100644 --- a/crates/astria-conductor/src/celestia/builder.rs +++ b/crates/astria-conductor/src/celestia/builder.rs @@ -19,7 +19,7 @@ use crate::{ pub(crate) struct Builder { pub(crate) celestia_block_time: Duration, pub(crate) celestia_http_endpoint: String, - pub(crate) celestia_token: String, + pub(crate) celestia_token: Option, pub(crate) executor: executor::Handle, pub(crate) sequencer_cometbft_client: SequencerClient, pub(crate) sequencer_requests_per_second: u32, @@ -41,7 +41,7 @@ impl Builder { metrics, } = self; - let celestia_client = create_celestia_client(celestia_http_endpoint, &celestia_token) + let celestia_client = create_celestia_client(celestia_http_endpoint, celestia_token) .wrap_err("failed initializing client for Celestia HTTP RPC")?; Ok(Reader { @@ -56,16 +56,21 @@ impl Builder { } } -fn create_celestia_client(endpoint: String, bearer_token: &str) -> eyre::Result { +fn create_celestia_client( + endpoint: String, + bearer_token: Option, +) -> eyre::Result { use jsonrpsee::http_client::{ HeaderMap, HttpClientBuilder, }; let mut headers = HeaderMap::new(); - let auth_value = format!("Bearer {bearer_token}").parse().wrap_err( - "failed to construct Authorization header value from provided Celestia bearer token", - )?; - headers.insert(http::header::AUTHORIZATION, auth_value); + if let Some(token) = bearer_token { + let auth_value = format!("Bearer {token}").parse().wrap_err( + "failed to construct Authorization header value from provided Celestia bearer token", + )?; + headers.insert(http::header::AUTHORIZATION, auth_value); + } let client = HttpClientBuilder::default() .set_headers(headers) .build(endpoint) diff --git a/crates/astria-conductor/src/conductor.rs b/crates/astria-conductor/src/conductor.rs index b924294db2..ff857257f3 100644 --- a/crates/astria-conductor/src/conductor.rs +++ b/crates/astria-conductor/src/conductor.rs @@ -141,9 +141,15 @@ impl Conductor { } if cfg.execution_commit_level.is_with_firm() { + let celestia_token = if cfg.no_celestia_auth { + None + } else { + Some(cfg.celestia_bearer_token) + }; + let reader = celestia::Builder { celestia_http_endpoint: cfg.celestia_node_http_url, - celestia_token: cfg.celestia_bearer_token, + celestia_token, celestia_block_time: Duration::from_millis(cfg.celestia_block_time_ms), executor: executor_handle.clone(), sequencer_cometbft_client: sequencer_cometbft_client.clone(), diff --git a/crates/astria-conductor/src/config.rs b/crates/astria-conductor/src/config.rs index 699f95f1c9..3ee6a96723 100644 --- a/crates/astria-conductor/src/config.rs +++ b/crates/astria-conductor/src/config.rs @@ -44,6 +44,9 @@ pub struct Config { /// URL of the Celestia Node HTTP RPC pub celestia_node_http_url: String, + /// Disables using the bearer token auth header for the Celestia jsonrpc + pub no_celestia_auth: bool, + /// The JWT bearer token supplied with each jsonrpc call pub celestia_bearer_token: String, diff --git a/crates/astria-conductor/tests/blackbox/helpers/mod.rs b/crates/astria-conductor/tests/blackbox/helpers/mod.rs index 6ea3c75e72..ff07a3b0f6 100644 --- a/crates/astria-conductor/tests/blackbox/helpers/mod.rs +++ b/crates/astria-conductor/tests/blackbox/helpers/mod.rs @@ -468,6 +468,7 @@ fn make_config() -> Config { Config { celestia_block_time_ms: 12000, celestia_node_http_url: "http://127.0.0.1:26658".into(), + no_celestia_auth: false, celestia_bearer_token: CELESTIA_BEARER_TOKEN.into(), sequencer_grpc_url: "http://127.0.0.1:8080".into(), sequencer_cometbft_url: "http://127.0.0.1:26657".into(), diff --git a/dev/values/rollup/dev.yaml b/dev/values/rollup/dev.yaml index d45305ad24..11d8da3f19 100644 --- a/dev/values/rollup/dev.yaml +++ b/dev/values/rollup/dev.yaml @@ -100,7 +100,7 @@ evm-rollup: celestia: rpc: "http://celestia-service.astria-dev-cluster.svc.cluster.local:26658" - token: "http://celestia-service.astria-dev-cluster.svc.cluster.local:5353" + token: "" resources: conductor: