Merge pull request #2588 from saurabhkumarkardam/substrate-main-branc…

…h-updates

[substrate] refactor codebase for effective deployment

platforms/substrate/configuration/roles/create/helm_component/templates/dscp_ipfs_node.tpl

@@ -69,6 +69,6 @@ spec:
  vault:
  address: {{ vault.url }}
  role: vault-role
- authpath: substrate{{ name }}
+ authpath: {{ network.env.type }}{{ name }}
  serviceaccountname: vault-auth
  certsecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/{{ name }}/{{ peer.name }}

platforms/substrate/configuration/roles/create/helm_component/templates/genesis_job.tpl

@@ -29,7 +29,7 @@ spec:
  vault:
  address: {{ vault.url }}
  role: vault-role
- authpath: substrate{{ name }}
+ authpath: {{ network.env.type }}{{ name }}
  serviceaccountname: vault-auth
  certsecretprefix: {{ vault.secret_path | default('secretsv2') }}/{{ name }}
  chain: {{ network.config.chain }}

platforms/substrate/configuration/roles/create/helm_component/templates/node_substrate.tpl

@@ -111,6 +111,6 @@ spec:
  vault:
  address: {{ vault.url }} 
  secretPrefix: {{ vault.secret_path | default('secretsv2') }}/data/{{ name }}
- authPath: substrate{{ name }}
+ authPath: {{ network.env.type }}{{ name }}
  appRole: vault-role
  image: ghcr.io/hyperledger/alpine-utils:1.0 

platforms/substrate/configuration/roles/create/helm_component/templates/substrate_keys_job.tpl

@@ -32,6 +32,6 @@ spec:
  vault:
  address: {{ vault.url }}
  role: vault-role
- authpath: substrate{{ name }}
+ authpath: {{ network.env.type }}{{ name }}
  serviceaccountname: vault-auth
  certsecretprefix: {{ vault.secret_path | default('secretsv2') }}/data/{{ name }}

platforms/substrate/configuration/roles/create/ipfs_bootnode/tasks/main.yaml

@@ -11,7 +11,7 @@
  vars: 
  component_name: "{{ peer.name }}-ipfs-node"
  type: "dscp_ipfs_node"
- storageclass_name: "{{ item.name | lower }}-bevel-storageclass"
+ storageclass_name: "{{ name }}-bevel-storageclass"
  external_url: "{{ item.external_url_suffix }}"
  git_url: "{{ item.gitops.git_url }}"
  git_branch: "{{ item.gitops.branch }}"

platforms/substrate/configuration/roles/create/member_node/tasks/main.yaml

@@ -11,7 +11,7 @@
  vars:
  component_name: "{{ name }}{{ peer.name }}membernode"
  type: "node_substrate"
- storageclass_name: "{{ item.name | lower }}-bevel-storageclass"
+ storageclass_name: "{{ name }}-bevel-storageclass"
  external_url: "{{ item.external_url_suffix }}"
  vault: "{{ item.vault }}"
  git_url: "{{ item.gitops.git_url }}"
@@ -35,7 +35,7 @@
  vars: 
  component_name: "{{ peer.name }}-ipfs-node"
  type: "dscp_ipfs_node"
- storageclass_name: "{{ item.name | lower }}-bevel-storageclass"
+ storageclass_name: "{{ name }}-bevel-storageclass"
  external_url: "{{ item.external_url_suffix }}"
  git_url: "{{ item.gitops.git_url }}"
  git_branch: "{{ item.gitops.branch }}"

platforms/substrate/configuration/roles/create/validator_node/tasks/main.yaml

@@ -11,7 +11,7 @@
  vars:
  component_name: "{{ name }}{{ peer.name }}validatornode"
  type: "node_substrate"
- storageclass_name: "{{ item.cloud_provider }}storageclass"
+ storageclass_name: "{{ name }}-bevel-storageclass"
  external_url: "{{ item.external_url_suffix }}"
  vault: "{{ item.vault }}"
  git_url: "{{ item.gitops.git_url }}"

platforms/substrate/configuration/roles/delete/vault_secrets/tasks/main.yaml

@@ -9,6 +9,7 @@
 #############################################################################################
 
 #############################################################################################
+
 # Delete the Docker credentials
 - name: Delete docker creds
  k8s:
@@ -37,8 +38,8 @@
 # Delete Peer Crypto material
 - name: Delete Peer Crypto material 
  shell: |
- vault kv delete {{ item.vault.secret_path | default('secretsv2') }}/{{ item.name }}/{{ peer.name }}/substrate 
- vault kv delete {{ item.vault.secret_path | default('secretsv2') }}/{{ item.name }}/{{ peer.name }}/ipfs
+ vault kv delete {{ item.vault.secret_path | default('secretsv2') }}/{{ org_name }}/{{ peer.name }}/substrate 
+ vault kv delete {{ item.vault.secret_path | default('secretsv2') }}/{{ org_name }}/{{ peer.name }}/ipfs
  environment:
  VAULT_ADDR: "{{ item.vault.url }}"
  VAULT_TOKEN: "{{ item.vault.root_token }}"

platforms/substrate/configuration/samples/network-sample.yaml

@@ -21,9 +21,12 @@ network:
  # These ports are enabled per cluster, so if you have multiple clusters you do not need so many ports
  # This sample uses a single cluster, so we have to open 4 ports for each Node. These ports are again specified for each organization below
  ambassadorPorts: # Any additional Ambassador ports can be given here, this is valid only if proxy='ambassador'
- portRange: # For a range of ports 
- from: 15010
- to: 15043
+ # Specify a list of individual ports to use
+ ports: [15010, 15023, 15024, 15025, 15033, 15034, 15035, 15043, 15044, 15045]
+ # Alternatively, specify a range of ports to use all ports within the specified range
+ # portRange: 
+ # from: 15010 # Starting port of the range
+ # to: 15045 # Ending port of the range
  # ports: 15020,15021 # For specific ports
  retry_count: 20 # Retry count for the checks on Kubernetes cluster
  external_dns: enabled # Should be enabled if using external-dns for automatic route configuration
@@ -32,9 +35,9 @@ network:
  # Please ensure all required images are built and stored in this registry. 
  # Do not check-in docker_password.
  docker:
- url: "ghcr.io"
- #username: "docker_username"
- #password: "docker_password"
+ url: "docker.io"
+ username: "docker_username"
+ password: "docker_password"
 
  # Following are the configurations for the common Substrate network
  config:

platforms/substrate/configuration/samples/network-substrate.yaml

@@ -17,13 +17,17 @@ network:
  #Environment section for Kubernetes setup
  env:
  type: "substratedev" # tag for the environment. Important to run multiple flux on single cluster
- proxy: ambassador # value has to be 'ambassador' as 'haproxy' has not been implemented for Substrate
+ proxy: ambassador # value has to be 'ambassador' as 'haproxy' has not been implemented for Substrate
+ proxy_namespace: "ambassador" # Namespace for the proxy
  # These ports are enabled per cluster, so if you have multiple clusters you do not need so many ports
  # This sample uses a single cluster, so we have to open 4 ports for each Node. These ports are again specified for each organization below
  ambassadorPorts: # Any additional Ambassador ports can be given here, this is valid only if proxy='ambassador'
- portRange: # For a range of ports 
- from: 15010
- to: 15043
+ # Specify a list of individual ports to use
+ ports: [15010, 15023, 15024, 15025, 15033, 15034, 15035, 15043, 15044, 15045]
+ # Alternatively, specify a range of ports to use all ports within the specified range
+ # portRange: 
+ # from: 15010 # Starting port of the range
+ # to: 15045 # Ending port of the range
  # ports: 15020,15021 # For specific ports
  retry_count: 20 # Retry count for the checks on Kubernetes cluster
  external_dns: enabled # Should be enabled if using external-dns for automatic route configuration
@@ -59,7 +63,7 @@ network:
  name: carrier
  type: superuser
  external_url_suffix: subs.example.com # This is the url suffix that will be added in DNS recordset. Must be different for different clusters
- cloud_provider: gcp # Options: aws, azure, gcp
+ cloud_provider: aws # Options: aws, azure, gcp
  aws:
  access_key: "AWS_ACCESS_KEY" # AWS Access key, only used when cloud_provider=aws
  secret_key: "AWS_SECRET_KEY" # AWS Secret key, only used when cloud_provider=aws

reset.sh

@@ -12,9 +12,8 @@ echo "Starting build process..."
 echo "Adding env variables..."
 export PATH=/root/bin:$PATH
 
-#Path to k8s config file
-KUBECONFIG=/home/bevel/build/config
-
+# Path to k8s config file
+export KUBECONFIG=/home/bevel/build/config
 
 echo "Running the playbook..."
 exec ansible-playbook -vv /home/bevel/platforms/shared/configuration/site.yaml --inventory-file=/home/bevel/platforms/shared/inventory/ -e "@/home/bevel/build/network.yaml" -e 'ansible_python_interpreter=/usr/bin/python3' -e "reset='true'"

run.sh

@@ -12,8 +12,8 @@ echo "Starting build process..."
 echo "Adding env variables..."
 export PATH=/root/bin:$PATH
 
-#Path to k8s config file
-KUBECONFIG=/home/bevel/build/config
+# Path to k8s config file
+export KUBECONFIG=/home/bevel/build/config
 
 echo "Validatin network yaml"
 ajv validate -s /home/bevel/platforms/network-schema.json -d /home/bevel/build/network.yaml