Merge pull request 'Configure/deploy RSKj' (#326) from feature/deploy_rsk_testnet into master
Reviewed-on: #326
This commit is contained in:
commit
aa98b07f33
|
@ -1,4 +1,6 @@
|
|||
/.chef/encrypted_data_bag_secret
|
||||
.chef/chef_guid
|
||||
/.bundle/
|
||||
/.vagrant/
|
||||
/.kitchen
|
||||
/nodes/vagrant-node.json
|
||||
|
|
|
@ -0,0 +1,4 @@
|
|||
{
|
||||
"name": "rsk-testnet-1",
|
||||
"public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JU46rCyLGOi5OdeeE2M\nobUUxO+Jqd9t9bP75Pyj0uH8WaxNv1PIdWZJiR+fcE+draBV86/YLxHzOFvsnMi+\nE/qgeXLKErGtTSb12mWq0gYv/wz9uqRbtcsv40gpu2BtNv9ycdXYACB/s0ipnuUO\nX/os4YHDvWV1cshwzgsQ87ad7OdT/Nldggtp4go60TkBi49VaftiJzYqVm1ey3xz\nd7+EsQWqhQHAac6POEuPjwNuM2valf/8+nI4Uday/CiFrDDV1SffRG30sd4rJF15\nh1S1Kxyetr72EmQwIGbJuDJL7eUU7blXjg6UtTxDDsl6rYUO5s/j7wZLoFhmC854\npQIDAQAB\n-----END PUBLIC KEY-----\n"
|
||||
}
|
|
@ -0,0 +1,53 @@
|
|||
{
|
||||
"name": "rsk-testnet-1",
|
||||
"normal": {
|
||||
"knife_zero": {
|
||||
"host": "10.1.1.136"
|
||||
}
|
||||
},
|
||||
"automatic": {
|
||||
"fqdn": "rsk-testnet-1",
|
||||
"os": "linux",
|
||||
"os_version": "5.4.0-1026-kvm",
|
||||
"hostname": "rsk-testnet-1",
|
||||
"ipaddress": "192.168.122.196",
|
||||
"roles": [
|
||||
|
||||
],
|
||||
"recipes": [
|
||||
"kosmos-base",
|
||||
"kosmos-base::default",
|
||||
"apt::default",
|
||||
"timezone_iii::default",
|
||||
"timezone_iii::debian",
|
||||
"ntp::default",
|
||||
"ntp::apparmor",
|
||||
"kosmos-base::systemd_emails",
|
||||
"apt::unattended-upgrades",
|
||||
"kosmos-base::firewall",
|
||||
"kosmos-postfix::default",
|
||||
"postfix::default",
|
||||
"postfix::_common",
|
||||
"postfix::_attributes",
|
||||
"postfix::sasl_auth",
|
||||
"hostname::default"
|
||||
],
|
||||
"platform": "ubuntu",
|
||||
"platform_version": "20.04",
|
||||
"cloud": null,
|
||||
"chef_packages": {
|
||||
"ohai": {
|
||||
"version": "16.13.0",
|
||||
"ohai_root": "/opt/chef/embedded/lib/ruby/gems/2.7.0/gems/ohai-16.13.0/lib/ohai"
|
||||
},
|
||||
"chef": {
|
||||
"version": "16.13.16",
|
||||
"chef_root": "/opt/chef/embedded/lib/ruby/gems/2.7.0/gems/chef-16.13.16/lib",
|
||||
"chef_effortless": null
|
||||
}
|
||||
}
|
||||
},
|
||||
"run_list": [
|
||||
"recipe[kosmos-base]"
|
||||
]
|
||||
}
|
|
@ -0,0 +1,32 @@
|
|||
# Delivery for Local Phases Execution
|
||||
#
|
||||
# This file allows you to execute test phases locally on a workstation or
|
||||
# in a CI pipeline. The delivery-cli will read this file and execute the
|
||||
# command(s) that are configured for each phase. You can customize them
|
||||
# by just modifying the phase key on this file.
|
||||
#
|
||||
# By default these phases are configured for Cookbook Workflow only
|
||||
#
|
||||
|
||||
[local_phases]
|
||||
unit = "echo skipping unit phase."
|
||||
lint = "chef exec cookstyle"
|
||||
# foodcritic has been deprecated in favor of cookstyle so we skip the syntax
|
||||
# phase now.
|
||||
syntax = "echo skipping syntax phase. Use lint phase instead."
|
||||
provision = "chef exec kitchen create"
|
||||
deploy = "chef exec kitchen converge"
|
||||
smoke = "chef exec kitchen verify"
|
||||
# The functional phase is optional, you can define it by uncommenting
|
||||
# the line below and running the command: `delivery local functional`
|
||||
# functional = ""
|
||||
cleanup = "chef exec kitchen destroy"
|
||||
|
||||
# Remote project.toml file
|
||||
#
|
||||
# Instead of the local phases above, you may specify a remote URI location for
|
||||
# the `project.toml` file. This is useful for teams that wish to centrally
|
||||
# manage the behavior of the `delivery local` command across many different
|
||||
# projects.
|
||||
#
|
||||
# remote_file = "https://url/project.toml"
|
|
@ -0,0 +1,25 @@
|
|||
.vagrant
|
||||
*~
|
||||
*#
|
||||
.#*
|
||||
\#*#
|
||||
.*.sw[a-z]
|
||||
*.un~
|
||||
|
||||
# Bundler
|
||||
Gemfile.lock
|
||||
gems.locked
|
||||
bin/*
|
||||
.bundle/*
|
||||
|
||||
# test kitchen
|
||||
.kitchen/
|
||||
kitchen.local.yml
|
||||
|
||||
# Chef Infra
|
||||
Berksfile.lock
|
||||
.zero-knife.rb
|
||||
Policyfile.lock.json
|
||||
|
||||
.idea/
|
||||
|
|
@ -0,0 +1,3 @@
|
|||
source 'https://supermarket.chef.io'
|
||||
|
||||
metadata
|
|
@ -0,0 +1,7 @@
|
|||
# kosmos_rsk CHANGELOG
|
||||
|
||||
This file is used to list changes made in each version of the kosmos_rsk cookbook.
|
||||
|
||||
## 0.1.0
|
||||
|
||||
Initial release.
|
|
@ -0,0 +1,3 @@
|
|||
Copyright 2021 The Authors
|
||||
|
||||
All rights reserved, do not redistribute.
|
|
@ -0,0 +1,3 @@
|
|||
# kosmos_rsk
|
||||
|
||||
Configures/deploys RSK-related software.
|
|
@ -0,0 +1,2 @@
|
|||
node.default['rskj']['version'] = '2.2.0~focal'
|
||||
node.default['rskj']['network'] = 'testnet'
|
|
@ -0,0 +1,115 @@
|
|||
# Put files/directories that should be ignored in this file when uploading
|
||||
# to a Chef Infra Server or Supermarket.
|
||||
# Lines that start with '# ' are comments.
|
||||
|
||||
# OS generated files #
|
||||
######################
|
||||
.DS_Store
|
||||
ehthumbs.db
|
||||
Icon?
|
||||
nohup.out
|
||||
Thumbs.db
|
||||
.envrc
|
||||
|
||||
# EDITORS #
|
||||
###########
|
||||
.#*
|
||||
.project
|
||||
.settings
|
||||
*_flymake
|
||||
*_flymake.*
|
||||
*.bak
|
||||
*.sw[a-z]
|
||||
*.tmproj
|
||||
*~
|
||||
\#*
|
||||
REVISION
|
||||
TAGS*
|
||||
tmtags
|
||||
.vscode
|
||||
.editorconfig
|
||||
|
||||
## COMPILED ##
|
||||
##############
|
||||
*.class
|
||||
*.com
|
||||
*.dll
|
||||
*.exe
|
||||
*.o
|
||||
*.pyc
|
||||
*.so
|
||||
*/rdoc/
|
||||
a.out
|
||||
mkmf.log
|
||||
|
||||
# Testing #
|
||||
###########
|
||||
.circleci/*
|
||||
.codeclimate.yml
|
||||
.delivery/*
|
||||
.foodcritic
|
||||
.kitchen*
|
||||
.mdlrc
|
||||
.overcommit.yml
|
||||
.rspec
|
||||
.rubocop.yml
|
||||
.travis.yml
|
||||
.watchr
|
||||
.yamllint
|
||||
azure-pipelines.yml
|
||||
Dangerfile
|
||||
examples/*
|
||||
features/*
|
||||
Guardfile
|
||||
kitchen.yml*
|
||||
mlc_config.json
|
||||
Procfile
|
||||
Rakefile
|
||||
spec/*
|
||||
test/*
|
||||
|
||||
# SCM #
|
||||
#######
|
||||
.git
|
||||
.gitattributes
|
||||
.gitconfig
|
||||
.github/*
|
||||
.gitignore
|
||||
.gitkeep
|
||||
.gitmodules
|
||||
.svn
|
||||
*/.bzr/*
|
||||
*/.git
|
||||
*/.hg/*
|
||||
*/.svn/*
|
||||
|
||||
# Berkshelf #
|
||||
#############
|
||||
Berksfile
|
||||
Berksfile.lock
|
||||
cookbooks/*
|
||||
tmp
|
||||
|
||||
# Bundler #
|
||||
###########
|
||||
vendor/*
|
||||
Gemfile
|
||||
Gemfile.lock
|
||||
|
||||
# Policyfile #
|
||||
##############
|
||||
Policyfile.rb
|
||||
Policyfile.lock.json
|
||||
|
||||
# Documentation #
|
||||
#############
|
||||
CODE_OF_CONDUCT*
|
||||
CONTRIBUTING*
|
||||
documentation/*
|
||||
TESTING*
|
||||
UPGRADING*
|
||||
|
||||
# Vagrant #
|
||||
###########
|
||||
.vagrant
|
||||
Vagrantfile
|
|
@ -0,0 +1,52 @@
|
|||
---
|
||||
driver:
|
||||
name: dokken
|
||||
pull_platform_image: false
|
||||
pull_chef_image: false
|
||||
memory_limit: 2147483648 # 2GB
|
||||
volumes:
|
||||
# saves the apt archieves outside of the container
|
||||
- /var/cache/apt/archives/:/var/cache/apt/archives/
|
||||
## The forwarded_port port feature lets you connect to ports on the VM guest via
|
||||
## localhost on the host.
|
||||
## see also: https://www.vagrantup.com/docs/networking/forwarded_ports
|
||||
# network:
|
||||
# - ["forwarded_port", { guest: 4444, host: 4444 }]
|
||||
|
||||
transport:
|
||||
name: dokken
|
||||
|
||||
provisioner:
|
||||
name: dokken
|
||||
clean_dokken_sandbox: false
|
||||
# You may wish to disable always updating cookbooks in CI or other testing environments.
|
||||
# For example:
|
||||
# always_update_cookbooks: <%= !ENV['CI'] %>
|
||||
# always_update_cookbooks: false
|
||||
|
||||
## product_name and product_version specifies a specific Chef product and version to install.
|
||||
## see the Chef documentation for more details: https://docs.chef.io/workstation/config_yml_kitchen/
|
||||
# product_name: chef
|
||||
# product_version: 16
|
||||
|
||||
verifier:
|
||||
name: inspec
|
||||
|
||||
platforms:
|
||||
- name: ubuntu-20.04
|
||||
driver:
|
||||
image: dokken/ubuntu-20.04
|
||||
privileged: true
|
||||
pid_one_command: /usr/lib/systemd/systemd
|
||||
intermediate_instructions:
|
||||
# prevent APT from deleting the APT folder
|
||||
- RUN rm /etc/apt/apt.conf.d/docker-clean
|
||||
|
||||
suites:
|
||||
- name: rskj
|
||||
run_list:
|
||||
- recipe[kosmos_rsk::rskj]
|
||||
verifier:
|
||||
inspec_tests:
|
||||
- test/integration/rskj
|
||||
attributes:
|
|
@ -0,0 +1,11 @@
|
|||
name 'kosmos_rsk'
|
||||
maintainer 'Kosmos Developers'
|
||||
maintainer_email 'ops@kosmos.org'
|
||||
license 'MIT'
|
||||
description 'Installs/configures RSK and related software'
|
||||
version '0.1.0'
|
||||
chef_version '>= 15.0'
|
||||
issues_url 'https://gitea.kosmos.org/kosmos/chef/issues'
|
||||
source_url 'https://gitea.kosmos.org/kosmos/chef'
|
||||
|
||||
depends 'firewall'
|
|
@ -0,0 +1,39 @@
|
|||
#
|
||||
# Cookbook:: kosmos_rsk
|
||||
# Recipe:: rskj
|
||||
#
|
||||
|
||||
group 'rsk' do
|
||||
gid 888
|
||||
end
|
||||
|
||||
user 'rsk' do
|
||||
uid 888
|
||||
gid 888
|
||||
home '/var/lib/rsk'
|
||||
shell '/sbin/nologin'
|
||||
end
|
||||
|
||||
apt_repository 'rskj' do
|
||||
uri 'ppa:rsksmart/rskj'
|
||||
key '5EED9995C84A49BC02D4F507DF10691F518C7BEA'
|
||||
end
|
||||
|
||||
apt_package 'rskj' do
|
||||
response_file 'rskj-preseed.cfg.erb'
|
||||
response_file_variables network: node['rskj']['network']
|
||||
options '--assume-yes'
|
||||
version node['rskj']['version']
|
||||
end
|
||||
|
||||
service "rsk" do
|
||||
action [:enable, :start]
|
||||
end
|
||||
|
||||
include_recipe 'firewall'
|
||||
|
||||
firewall_rule 'rskj' do
|
||||
port [4444,50505]
|
||||
protocol :tcp
|
||||
command :allow
|
||||
end
|
|
@ -0,0 +1,6 @@
|
|||
#_preseed_V1
|
||||
# Do you agree to the terms of the applicable licenses?
|
||||
rskj shared/accepted-rsk-license-v1-1 boolean true
|
||||
# Choose a configuration environment to run your node.
|
||||
# Choices: mainnet, testnet, regtest
|
||||
rskj shared/config select <%= @network %>
|
|
@ -0,0 +1,23 @@
|
|||
# InSpec test for recipe kosmos_rsk::rskj
|
||||
|
||||
# The Chef InSpec reference, with examples and extensive documentation, can be
|
||||
# found at https://docs.chef.io/inspec/resources/
|
||||
|
||||
describe user('rsk') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe package('rskj') do
|
||||
it { should be_installed }
|
||||
its('version') { should eq '2.2.0~focal' }
|
||||
end
|
||||
|
||||
describe service('rsk') do
|
||||
it { should be_enabled }
|
||||
it { should be_installed }
|
||||
it { should be_running }
|
||||
end
|
||||
|
||||
describe port(4444) do
|
||||
it { should be_listening }
|
||||
end
|
Loading…
Reference in New Issue