From 5122d41a99a8c299ddf24bd53945dea48d02cf6f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakub=20Soko=C5=82owski?= Date: Mon, 28 Jun 2021 16:40:15 +0200 Subject: [PATCH] move distribute-validators role to a separate repo MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit https://github.com/status-im/infra-role-dist-validators Signed-off-by: Jakub SokoĊ‚owski --- ansible/requirements.yml | 9 ++- ansible/roles/distribute-validators/README.md | 15 ---- .../distribute-validators/defaults/main.yml | 17 ----- .../distribute-validators/tasks/check.yml | 25 ------- .../distribute-validators/tasks/main.yml | 14 ---- .../distribute-validators/tasks/read.yml | 49 ------------- .../distribute-validators/tasks/write.yml | 68 ------------------- 7 files changed, 7 insertions(+), 190 deletions(-) delete mode 100644 ansible/roles/distribute-validators/README.md delete mode 100644 ansible/roles/distribute-validators/defaults/main.yml delete mode 100644 ansible/roles/distribute-validators/tasks/check.yml delete mode 100644 ansible/roles/distribute-validators/tasks/main.yml delete mode 100644 ansible/roles/distribute-validators/tasks/read.yml delete mode 100644 ansible/roles/distribute-validators/tasks/write.yml diff --git a/ansible/requirements.yml b/ansible/requirements.yml index 0a0d78f..ce5c158 100644 --- a/ansible/requirements.yml +++ b/ansible/requirements.yml @@ -36,12 +36,12 @@ - name: infra-role-beacon-node src: git@github.com:status-im/infra-role-beacon-node.git - version: a14c9afe0293196f8b3cb45e86abcbaee3078d77 + version: 992c8a43a45e06bb1f43f6c440fa03c157422f99 scm: git - name: infra-role-beacon-node-linux src: git@github.com:status-im/infra-role-beacon-node-linux.git - version: e69cebc8bd6bd5bf7f0cc1bb9ebd48a05cb31298 + version: 1e640b4742222406e080a3574150fbc28767ba80 scm: git - name: infra-role-beacon-node-windows @@ -49,6 +49,11 @@ version: 1809e84d48d31cac0b783ed3a2182fdd23e34779 scm: git +- name: infra-role-dist-validators + src: git@github.com:status-im/infra-role-dist-validators.git + version: f6a01c6d84294892199d8a0a4d17940afa36bf3b + scm: git + - name: infra-role-winsw src: git@github.com:status-im/infra-role-winsw.git version: 97275ab7be23bd4041f110ffbd60c509d5e819f3 diff --git a/ansible/roles/distribute-validators/README.md b/ansible/roles/distribute-validators/README.md deleted file mode 100644 index 5fbd43d..0000000 --- a/ansible/roles/distribute-validators/README.md +++ /dev/null @@ -1,15 +0,0 @@ -# Description - -This role copies secrets and validators required for testnets to which Nimbus beacon nodes contribute. - -# Warning - -__This role does not take into account the currently existing layout of validators and secrets!__ - -Take into account what is already in place and which nodes are running and in what order you run this role to avoid a case in which validators on two or more nodes overlap. - -# Details - -You can read about validators and secrets here: -https://status-im.github.io/nimbus-eth2/faq.html#what-exactly-is-a-validator -https://status-im.github.io/nimbus-eth2/keys.html#storage diff --git a/ansible/roles/distribute-validators/defaults/main.yml b/ansible/roles/distribute-validators/defaults/main.yml deleted file mode 100644 index fa2e728..0000000 --- a/ansible/roles/distribute-validators/defaults/main.yml +++ /dev/null @@ -1,17 +0,0 @@ ---- -dist_validators_repo_url: 'git@github.com:status-im/nimbus-private.git' -dist_validators_repo_rev: 'master' -dist_validators_repo_user: 'admin' -dist_validators_repo_path: '/home/{{ dist_validators_repo_user }}/distribute-validators' - -dist_validators_cont_name: ~ -dist_validators_data_path: ~ -dist_validators_name: ~ -dist_validators_path: '{{ dist_validators_repo_path }}/{{ dist_validators_name | mandatory }}/validators' -dist_validators_secrets_path: '{{ dist_validators_repo_path }}/{{ dist_validators_name | mandatory }}/secrets' - -#dist_validators_layout: -# 'node-01': { start: 0, end: 1023 } -# 'node-01': { start: 1024, end: 2047 } - -dist_validators_range: '{{ dist_validators_layout[hostname] | mandatory }}' diff --git a/ansible/roles/distribute-validators/tasks/check.yml b/ansible/roles/distribute-validators/tasks/check.yml deleted file mode 100644 index 7f97742..0000000 --- a/ansible/roles/distribute-validators/tasks/check.yml +++ /dev/null @@ -1,25 +0,0 @@ ---- -- name: Verify number of validators and secrets matches - assert: - that: '{{ (found_validators|length) == (found_secrets|length) }}' - fail_msg: 'Number of total validators and secrets does not match!' - -- name: Extract slice for host - set_fact: - new_validators: '{{ found_validators[dist_validators_range["start"]:dist_validators_range["end"]] }}' - new_secrets: '{{ found_secrets[dist_validators_range["start"]:dist_validators_range["end"]] }}' - -- name: Verify that validators and secrets overlap - assert: - that: '{{ (new_validators|intersect(new_secrets)|length) == (new_validators|length) }}' - fail_msg: 'List of validators and their secrets does not overlap!' - -- name: Check compare existing validators - set_fact: - secrets_diff: '{{ new_secrets|difference(old_secrets) }}' - validators_diff: '{{ new_validators|difference(old_validators) }}' - -- name: Check if validators changed - set_fact: - secrets_changed: '{{ secrets_diff|length > 0 }}' - validators_changed: '{{ validators_diff|length > 0 }}' diff --git a/ansible/roles/distribute-validators/tasks/main.yml b/ansible/roles/distribute-validators/tasks/main.yml deleted file mode 100644 index 7ddbb95..0000000 --- a/ansible/roles/distribute-validators/tasks/main.yml +++ /dev/null @@ -1,14 +0,0 @@ ---- -- name: Find new and old validators - include_tasks: read.yml - when: dist_validators_layout is defined - -- name: Verify if validators changed - include_tasks: check.yml - when: dist_validators_layout is defined - -- name: Copy over validators and secrets - include_tasks: write.yml - when: > - dist_validators_layout is defined and - (secrets_changed or validators_changed) diff --git a/ansible/roles/distribute-validators/tasks/read.yml b/ansible/roles/distribute-validators/tasks/read.yml deleted file mode 100644 index 4af087d..0000000 --- a/ansible/roles/distribute-validators/tasks/read.yml +++ /dev/null @@ -1,49 +0,0 @@ ---- -- name: Clone repo with secrets/validators - git: - repo: '{{ dist_validators_repo_url }}' - dest: '{{ dist_validators_repo_path }}' - version: '{{ dist_validators_repo_rev }}' - update: true - force: true - accept_hostkey: true - become_user: '{{ dist_validators_repo_user }}' - -- name: Find all validators - find: - paths: '{{ dist_validators_path }}' - file_type: directory - recurse: true - depth: 1 - register: found_validators_raw - -- name: Find all secrets - find: - paths: '{{ dist_validators_secrets_path }}' - file_type: file - recurse: true - depth: 1 - register: found_secrets_raw - -- name: Find old validators - find: - paths: '{{ dist_validators_data_path }}/validators' - file_type: directory - recurse: true - depth: 1 - register: old_validators_raw - -- name: Find old secrets - find: - paths: '{{ dist_validators_data_path }}/secrets' - file_type: file - recurse: true - depth: 1 - register: old_secrets_raw - -- name: Extract file paths - set_fact: - found_validators: '{{ found_validators_raw.files | map(attribute="path") | map("basename") | list | sort }}' - found_secrets: '{{ found_secrets_raw.files | map(attribute="path") | map("basename") | list | sort }}' - old_validators: '{{ old_validators_raw.files | map(attribute="path") | map("basename") | list | sort }}' - old_secrets: '{{ old_secrets_raw.files | map(attribute="path") | map("basename") | list | sort }}' diff --git a/ansible/roles/distribute-validators/tasks/write.yml b/ansible/roles/distribute-validators/tasks/write.yml deleted file mode 100644 index 6772cc8..0000000 --- a/ansible/roles/distribute-validators/tasks/write.yml +++ /dev/null @@ -1,68 +0,0 @@ ---- -- name: Create container folder if absent - file: - path: '/docker/{{ dist_validators_cont_name }}' - state: 'directory' - owner: dockremap - group: docker - mode: 0750 - -- name: Stop container if running - command: docker-compose stop - args: - chdir: '/docker/{{ dist_validators_cont_name }}' - ignore_errors: true - -- name: Remove validators/secrets folders - file: - path: '{{ item }}' - state: 'absent' - with_items: - - '{{ dist_validators_data_path }}/validators' - - '{{ dist_validators_data_path }}/secrets' - -- name: Create validators/secrets folders - file: - path: '{{ item }}' - state: 'directory' - owner: dockremap - group: docker - mode: 0700 - with_items: - - '{{ dist_validators_data_path }}/validators' - - '{{ dist_validators_data_path }}/secrets' - -- name: Copy over validators - command: | - rsync -ru --delete --exclude="slashing_protection.sqlite3*" \ - {{ new_validators | join(" ") }} '{{ dist_validators_data_path }}/validators/' - args: - chdir: '{{ dist_validators_path }}' - -- name: Copy over secrets - command: | - rsync -ru --delete {{ new_secrets | join(" ") }} '{{ dist_validators_data_path }}/secrets/' - args: - chdir: '{{ dist_validators_secrets_path }}' - -- name: Adjust folder owner and group - command: chown dockremap:docker -R {{ dist_validators_data_path }} - args: { warn: false } - -- name: Adjust validators dir permissions - shell: chmod 0700 -R {{ dist_validators_data_path }}/validators/* - args: { warn: false } - -- name: Adjust validators file permissions - shell: find '{{ dist_validators_data_path }}/validators/' -type f -exec chmod 0600 {} \; - args: { warn: false } - -- name: Adjust secrets permissions - shell: chmod 0600 -R {{ dist_validators_data_path }}/secrets/* - args: { warn: false } - -- name: Restart container - command: docker-compose start - args: - chdir: '/docker/{{ dist_validators_cont_name }}' - ignore_errors: true