validator/release 0.3.7

charts/validator/Chart.yaml

@@ -22,10 +22,11 @@ type: application
 # This is the chart version. This version number should be incremented each time you make changes
 # to the chart and its templates, including the app version.
 # Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 0.3.7-alpha.1
+version: 0.3.7
+
 
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
-appVersion: "0.44.5"
+appVersion: "0.45.7"

charts/validator/README.md

@@ -1,6 +1,6 @@
 # validator
 
-![Version: 0.3.7-alpha.1](https://img.shields.io/badge/Version-0.3.7--alpha.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.44.5](https://img.shields.io/badge/AppVersion-0.44.5-informational?style=flat-square)
+![Version: 0.3.7-alpha.2](https://img.shields.io/badge/Version-0.3.7--alpha.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.45.5](https://img.shields.io/badge/AppVersion-0.45.5-informational?style=flat-square)
 
 A Helm chart for deploying Chronicle Validator on Kubernetes
 
@@ -16,10 +16,11 @@ A Helm chart for deploying Chronicle Validator on Kubernetes
 | Key | Type | Default | Description |
 |-----|------|---------|-------------|
 | extraObjects | list | `[]` | Extra K8s manifests to deploy |
-| ghost | object | `{"affinity":{},"arbRpcUrl":null,"argsOverride":[],"chainId":"1","chainName":"eth","chainTxType":null,"commandOverride":[],"env":{"normal":{}},"ethArchRpcUrl":null,"ethConfig":{},"ethRpcUrl":null,"fullnameOverride":"ghost","gnoRpcUrl":null,"image":{"pullPolicy":"Always","repository":"ghcr.io/chronicleprotocol/ghost","tag":"0.44.5@sha256:1af40235690d2669d9491ab79e4abde07d2d57621ebc012dfb475ca19b4cc9b3"},"imagePullSecrets":[],"ingress":{"annotations":{},"className":"","enabled":false,"hosts":[{"host":"chart-example.local","paths":[{"path":"/","pathType":"ImplementationSpecific","port":8000}]}],"tls":[]},"libP2pSubscriptionBufferSize":"4096","libp2pValidateQueueSize":"4096","liveness":{"enabled":true,"livenessProbe":{"httpGet":{"path":"/healthcheck","port":9100},"initialDelaySeconds":30,"periodSeconds":60}},"logFormat":"text","logLevel":"info","mntRpcUrl":null,"nameOverride":"","nodeSelector":{},"optRpcUrl":null,"podAnnotations":{},"podSecurityContext":{},"polRpcUrl":null,"readiness":{"enabled":true,"readinessProbe":{"httpGet":{"path":"/healthcheck","port":9100},"initialDelaySeconds":30,"periodSeconds":60}},"replicaCount":1,"resources":{},"rpcUrl":null,"securityContext":{},"service":{"annotations":{},"ports":{"libp2p":{"port":8000,"protocol":"TCP"},"webapi":{"port":8080,"protocol":"TCP"}},"type":"LoadBalancer"},"serviceAccount":{"annotations":{},"create":true,"name":""},"tolerations":[],"watchdogConfigReg":"0x94Fea534aef6df5cF66C2DAE5CE0A05d10C068F3","watchdogInterval":"900s","webApi":{"enabled":true,"listenAddr":"0.0.0.0:8080"}}` | Values for Ghost |
+| ghost | object | `{"affinity":{},"arbRpcUrl":null,"argsOverride":[],"bnbRpcUrl":null,"chainId":"1","chainName":"eth","chainTxType":null,"commandOverride":[],"env":{"normal":{}},"ethArchRpcUrl":null,"ethConfig":{},"ethRpcUrl":null,"fullnameOverride":"ghost","gnoRpcUrl":null,"image":{"pullPolicy":"Always","repository":"ghcr.io/chronicleprotocol/ghost","tag":"0.45.5@sha256:35159698537df458eb3de1e80640f902cdf40b02f0b9890e314bdcb66714a112"},"imagePullSecrets":[],"ingress":{"annotations":{},"className":"","enabled":false,"hosts":[{"host":"chart-example.local","paths":[{"path":"/","pathType":"ImplementationSpecific","port":8000}]}],"tls":[]},"libP2pSubscriptionBufferSize":"4096","libp2pValidateQueueSize":"4096","liveness":{"enabled":true,"livenessProbe":{"httpGet":{"path":"/healthcheck","port":9100},"initialDelaySeconds":30,"periodSeconds":60}},"logFormat":"text","logLevel":"info","mntRpcUrl":null,"nameOverride":"","nodeSelector":{},"optRpcUrl":null,"podAnnotations":{},"podSecurityContext":{},"polRpcUrl":null,"readiness":{"enabled":true,"readinessProbe":{"httpGet":{"path":"/healthcheck","port":9100},"initialDelaySeconds":30,"periodSeconds":60}},"replicaCount":1,"resources":{},"rpcUrl":null,"securityContext":{},"service":{"annotations":{},"ports":{"libp2p":{"port":8000,"protocol":"TCP"},"webapi":{"port":8080,"protocol":"TCP"}},"type":"LoadBalancer"},"serviceAccount":{"annotations":{},"create":true,"name":""},"tolerations":[],"watchdogConfigReg":"0x94Fea534aef6df5cF66C2DAE5CE0A05d10C068F3","watchdogInterval":"900s","webApi":{"enabled":true,"listenAddr":"0.0.0.0:8080"}}` | Values for Ghost |
 | ghost.affinity | object | `{}` | pod Affinity spec applied validator |
 | ghost.arbRpcUrl | string | `nil` | RPC url for ARB |
 | ghost.argsOverride | list | `[]` | args override for the validator |
+| ghost.bnbRpcUrl | string | `nil` | RPC url for BNB |
 | ghost.chainId | string | `"1"` | chain id for the "target" or "main" chain we use for the validator. Can be mainnet ethereum `1` or sepolia ethereum `11155111` |
 | ghost.chainName | string | `"eth"` | chain name for the "target" or "main" chain we use for the validator |
 | ghost.chainTxType | string | `nil` | chain tx type for the "target" or "main" chain we use for the validator. Can be mainnet ethereum `eip1559` or sepolia ethereum `legacy` |
@@ -31,7 +32,7 @@ A Helm chart for deploying Chronicle Validator on Kubernetes
 | ghost.ethRpcUrl | string | `nil` | RPC URL for ETH |
 | ghost.fullnameOverride | string | `"ghost"` | Override the release name to so tor-proxy can work with the default config. NB only change this if you know what you are doing |
 | ghost.gnoRpcUrl | string | `nil` | RPC url for GNO |
-| ghost.image.tag | string | `"0.44.5@sha256:1af40235690d2669d9491ab79e4abde07d2d57621ebc012dfb475ca19b4cc9b3"` | Overrides the image tag whose default is the chart appVersion. |
+| ghost.image.tag | string | `"0.45.5@sha256:35159698537df458eb3de1e80640f902cdf40b02f0b9890e314bdcb66714a112"` | Overrides the image tag whose default is the chart appVersion. |
 | ghost.ingress | object | `{"annotations":{},"className":"","enabled":false,"hosts":[{"host":"chart-example.local","paths":[{"path":"/","pathType":"ImplementationSpecific","port":8000}]}],"tls":[]}` | Ingress for the validator (Do not enable ingress, as libp2p does not support path based routing yet) |
 | ghost.ingress.enabled | bool | `false` | Disabled by default, since there is a bug in libp2p port assignment for dns based routing |
 | ghost.libP2pSubscriptionBufferSize | string | `"4096"` | libp2p buffer size |
@@ -44,7 +45,7 @@ A Helm chart for deploying Chronicle Validator on Kubernetes
 | ghost.optRpcUrl | string | `nil` | RPC url for OETH (optimism) |
 | ghost.podAnnotations | object | `{}` | Pod annotations for the validator |
 | ghost.podSecurityContext | object | `{}` | Pod security context for the validator |
-| ghost.polRpcUrl | string | `nil` | RPC url for ZKEVM (polygon zkevm) |
+| ghost.polRpcUrl | string | `nil` | RPC url for Polygon (polygon) |
 | ghost.readiness | object | `{"enabled":true,"readinessProbe":{"httpGet":{"path":"/healthcheck","port":9100},"initialDelaySeconds":30,"periodSeconds":60}}` | Readiness probe : stop the validator if the metrics endpoint is not reachable |
 | ghost.resources | object | `{}` | Resources constraints for the validator, CPU, Memory, etc. |
 | ghost.rpcUrl | string | `nil` | RPC url for the "target" or "main" chain we use for the validator. Can be mainnet ethereum or sepolia ethereum |
@@ -53,7 +54,7 @@ A Helm chart for deploying Chronicle Validator on Kubernetes
 | ghost.service.annotations | object | `{}` | Annotations to add to the service |
 | ghost.service.ports.libp2p | object | `{"port":8000,"protocol":"TCP"}` | libp2p port for the validator service |
 | ghost.service.ports.webapi | object | `{"port":8080,"protocol":"TCP"}` | webapi listen port for the validator service |
-| ghost.service.type | string | `"LoadBalancer"` | Type of service for the validator, can also be `LoadBalancer` |
+| ghost.service.type | string | `"LoadBalancer"` | Type of service for the validator, can also be `LoadBalancer`, `NodePort` is experimental |
 | ghost.serviceAccount.annotations | object | `{}` | Annotations to add to the service account |
 | ghost.serviceAccount.create | bool | `true` | Specifies whether a service account should be created |
 | ghost.serviceAccount.name | string | `""` | If not set and create is true, a name is generated using the fullname template |

charts/validator/templates/clusterrole.yaml

@@ -0,0 +1,8 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: {{ include "validator.fullname" . }}-clusterrole
+rules:
+- apiGroups: [""]
+  resources: ["nodes"]
+  verbs: ["get", "list"]

charts/validator/templates/clusterrolebinding.yaml

@@ -0,0 +1,12 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: {{ include "validator.fullname" . }}-clusterrolebinding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: {{ include "validator.fullname" . }}-clusterrole
+subjects:
+- kind: ServiceAccount
+  name: {{ include "validator.fullname" . }}-serviceaccount
+  namespace: {{ .Release.Namespace }}

charts/validator/templates/configmap-scripts.yaml

@@ -0,0 +1,64 @@
+{{- if .Values.ghost.service.type | quote | eq "NodePort" }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "validator.fullname" . }}-scripts
+  labels:
+    app: {{ include "validator.name" . }}
+data:
+  get-ips.sh: |
+    #!/bin/bash
+
+    # Set the namespace and service name
+    NAMESPACE="{{ .Release.Namespace }}"
+    SERVICE_NAME="{{ include "validator.fullname" . }}"
+
+    {{- if eq .Values.ghost.service.type "NodePort" }}
+    # Get the NodePort of the service
+    NODE_PORT=$(kubectl get svc $SERVICE_NAME -n $NAMESPACE -o jsonpath='{.spec.ports[0].nodePort}')
+
+    # Get POD name
+    POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "validator.fullname" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+
+    # Get NODE that pod is scheduled on
+    NODE_NAME=$(kubectl get pod $POD_NAME -n $NAMESPACE -o jsonpath='{.spec.nodeName}')
+
+    #get the public IP
+    PUBLIC_IP=$(kubectl get node $NODE_NAME  -o jsonpath='{.status.addresses[?(@.type=="ExternalIP")].address}')
+    if [ -z "$PUBLIC_IP" ]; then
+        PUBLIC_IP=$(kubectl get node $NODE_NAME  -o jsonpath='{.status.addresses[?(@.type=="InternalIP")].address}')
+    fi
+
+    {{- else }}
+    echo "Attempt to get public IP for service type other: "
+    get_public_ip() {
+        PUBLIC_IP=$(dig +short -4 myip.opendns.com @resolver1.opendns.com)
+        if [[ "$PUBLIC_IP" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+            echo "$PUBLIC_IP"
+            return
+        fi
+        PUBLIC_IP=$(curl -4s ifconfig.me)
+        if [[ "$PUBLIC_IP" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+            echo "$PUBLIC_IP"
+            return
+        fi
+        PUBLIC_IP=$(curl -4s icanhazip.com)
+        if [[ "$PUBLIC_IP" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+            echo "$PUBLIC_IP"
+            return
+        fi
+        if [[ -n "$PUBLIC_IP" && "$PUBLIC_IP" =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+            echo "$PUBLIC_IP"
+            return
+        fi
+        echo -e "\e[31m[ERROR]: Unable to obtain public IP address!\e[0m"
+        exit 1
+    }
+    export PUBLIC_IP=$(get_public_ip)
+    {{- end }}
+    echo " got the public IP: $PUBLIC_IP"
+    echo " got the NODE_PORT: $NODE_PORT"
+    echo "creating configmap to store PUBLIC_IP and NODE_PORT: ....."
+    kubectl create configmap {{ include "validator.fullname" . }}-podinfo --from-literal=PUBLIC_IP=$PUBLIC_IP --from-literal=NODE_PORT=$NODE_PORT -n $NAMESPACE --dry-run=client -o yaml | kubectl apply -f -
+    echo "configmap created successfully"
+{{- end }}

charts/validator/templates/deployment.yaml

@@ -11,8 +11,9 @@ spec:
       {{- include "validator.selectorLabels" . | nindent 6 }}
   template:
     metadata:
-      {{- with .Values.ghost.podAnnotations }}
       annotations:
+        checksum/config: {{ include (print $.Template.BasePath "/configmap-scripts.yaml") . | sha256sum }}
+      {{- with .Values.ghost.podAnnotations }}
         {{- toYaml . | nindent 8 }}
       {{- end }}
       labels:
@@ -22,9 +23,22 @@ spec:
       imagePullSecrets:
         {{- toYaml . | nindent 8 }}
       {{- end }}
-      serviceAccountName: {{ include "validator.serviceAccountName" . }}
+      serviceAccountName: {{ include "validator.serviceAccountName" . }}-serviceaccount
       securityContext:
         {{- toYaml .Values.ghost.podSecurityContext | nindent 8 }}
+      {{- if .Values.ghost.service.type | quote | eq "NodePort" }}
+      initContainers:
+        - name: init-public-ip
+          image: bitnami/kubectl:latest
+          # command: ["sleep", "9999"]
+          command: ["/bin/bash", "-c"]
+          args:
+            - /scripts/get-ips.sh
+          volumeMounts:
+            - name: scripts
+              mountPath: /scripts/get-ips.sh
+              subPath: get-ips.sh
+      {{- end }}
       containers:
         - name: ghost
           securityContext:
@@ -61,7 +75,6 @@ spec:
           readinessProbe:
             {{- toYaml .Values.ghost.readiness.readinessProbe | nindent 12 }}
           {{- end }}
-
           env:
             ### -- LIBP2P
             - name: CFG_LIBP2P_SUBSCRIPTION_BUFFER_SIZE
@@ -70,12 +83,6 @@ spec:
               value: {{ .Values.ghost.libp2pValidateQueueSize | quote }}
             - name: CFG_LIBP2P_LISTEN_ADDRS
               value: "/ip4/0.0.0.0/tcp/{{ .Values.ghost.service.ports.libp2p.port | default 8000 }}"
-          {{- if eq .Values.ghost.service.type "LoadBalancer" }}
-            - name: CFG_LIBP2P_EXTERNAL_IP
-              valueFrom:
-                fieldRef:
-                  fieldPath: status.hostIP
-          {{- end }}
           {{- if .Values.ghost.ingress.enabled }}
           {{- range .Values.ghost.ingress.hosts }}
             - name: CFG_LIBP2P_EXTERNAL_ADDR
@@ -114,6 +121,10 @@ spec:
             - name: CFG_ARB_RPC_URLS
               value: {{ .Values.ghost.arbRpcUrl | quote }}
               {{- end }}
+              {{- if .Values.ghost.bnbRpcUrl }}
+            - name: CFG_BNB_RPC_URLS
+              value: {{ .Values.ghost.bnbRpcUrl | quote }}
+              {{- end }}
               {{- if .Values.ghost.ethRpcUrl }}
             - name: CFG_ETH_RPC_URLS
               value: {{ .Values.ghost.ethRpcUrl | quote }}
@@ -171,9 +182,34 @@ spec:
             - name: {{ $key }}
               value: {{ $val | quote }}
           {{- end }}
+          {{- if .Values.ghost.service.type | quote | eq "NodePort" }}
+            - name: CFG_LIBP2P_EXTERNAL_IP
+              valueFrom:
+                configMapKeyRef:
+                  name: {{ include "validator.fullname" . }}-podinfo
+                  key: PUBLIC_IP
+            - name: PUBLIC_IP
+              valueFrom:
+                configMapKeyRef:
+                  name: {{ include "validator.fullname" . }}-podinfo
+                  key: PUBLIC_IP
+            - name: NODE_PORT
+              valueFrom:
+                configMapKeyRef:
+                  name: {{ include "validator.fullname" . }}-podinfo
+                  key: NODE_PORT
+          {{- end }}
           resources:
             {{- toYaml .Values.ghost.resources | nindent 12 }}
 
+      {{- if .Values.ghost.service.type | quote | eq "NodePort" }}
+      volumes:
+        - name: scripts
+          configMap:
+            name: {{ include "validator.fullname" . }}-scripts
+            defaultMode: 0755
+      {{- end }}
+
       {{- with .Values.ghost.nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}

charts/validator/templates/role.yaml

@@ -1,8 +1,11 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
-  name: {{ include "validator.fullname" . }}-test
+  name: {{ include "validator.fullname" . }}-role
 rules:
 - apiGroups: [""]
-  resources: ["pods", "pods/log"]
+  resources: ["pods", "pods/log", "services"]
   verbs: ["get", "list"]
+- apiGroups: [""]
+  resources: ["configmaps"]
+  verbs: ["create","delete","get","list","patch","update","watch"]

charts/validator/templates/rolebinding.yaml

@@ -1,11 +1,11 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
-  name: {{ include "validator.fullname" . }}-test
+  name: {{ include "validator.fullname" . }}-rolebinding
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
-  name: {{ include "validator.fullname" . }}-test
+  name: {{ include "validator.fullname" . }}-role
 subjects:
 - kind: ServiceAccount
-  name: {{ include "validator.fullname" . }}-test
+  name: {{ include "validator.fullname" . }}-serviceaccount

charts/validator/templates/serviceaccount-test.yaml

@@ -1,4 +1,4 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: {{ include "validator.fullname" . }}-test
+  name: {{ include "validator.fullname" . }}-serviceaccount

charts/validator/templates/tests/test-logs.yaml

@@ -8,7 +8,7 @@ metadata:
     "helm.sh/hook-weight": "5"
     "helm.sh/hook": test
 spec:
-  serviceAccountName: {{ include "validator.fullname" . }}-test
+  serviceAccountName: {{ include "validator.fullname" . }}-serviceaccount
   containers:
     - name: test-ghost-logs
       image: bitnami/kubectl:latest
@@ -17,5 +17,5 @@ spec:
         - -c
         - |
           echo 'Running tests';
-          kubectl logs --namespace {{ .Release.Namespace }} $(kubectl get pods --namespace {{ .Release.Namespace }} -l 'app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/name=ghost' -o jsonpath='{.items[0].metadata.name}') | grep 'Starting tag=MUSIG'
+          kubectl logs --namespace {{ .Release.Namespace }} $(kubectl get pods --namespace {{ .Release.Namespace }} -l 'app.kubernetes.io/instance={{ .Release.Name }},app.kubernetes.io/name=ghost' -o jsonpath='{.items[0].metadata.name}') | grep 'Data point collected'
   restartPolicy: Never

charts/validator/templates/tests/test-sleep.yaml

@@ -13,5 +13,5 @@ spec:
       image: busybox
       command: ['sleep']
       args:
-        - '30'
+        - '60'
   restartPolicy: Never

charts/validator/values.yaml

@@ -10,7 +10,7 @@ ghost:
     repository: ghcr.io/chronicleprotocol/ghost
     pullPolicy: Always
     # -- Overrides the image tag whose default is the chart appVersion.
-    tag: "0.44.5@sha256:1af40235690d2669d9491ab79e4abde07d2d57621ebc012dfb475ca19b4cc9b3"
+    tag: "0.45.7@sha256:32008d81e18661def3b9c3718096d62834a9985b8ae5b9a288c72434b46a34cb"
 
   # -- Log level for the validator, can be one of `debug`, `info`, `warning`, `error`
   logLevel: info
@@ -31,6 +31,8 @@ ghost:
   ethRpcUrl: null
   # -- RPC url for ARB
   arbRpcUrl: null
+  # -- RPC url for BNB
+  bnbRpcUrl: null
   # -- RPC url for ETH Archival node
   ethArchRpcUrl: null
   # -- RPC url for GNO
@@ -39,7 +41,7 @@ ghost:
   mntRpcUrl: null
   # -- RPC url for OETH (optimism)
   optRpcUrl: null
-  # -- RPC url for ZKEVM (polygon zkevm)
+  # -- RPC url for Polygon (polygon)
   polRpcUrl: null
 
   # -- WATCHDOG onchain config address
@@ -129,7 +131,7 @@ ghost:
 
   # -- Service type for the validator
   service:
-    # -- Type of service for the validator, can also be `LoadBalancer`
+    # -- Type of service for the validator, can also be `LoadBalancer`, `NodePort` is experimental
     type: LoadBalancer
 
     ports: