diff --git a/.changeset/seven-seals-pull.md b/.changeset/seven-seals-pull.md new file mode 100644 index 00000000..5898ca2b --- /dev/null +++ b/.changeset/seven-seals-pull.md @@ -0,0 +1,5 @@ +--- +"@cartesi/cli": patch +--- + +validator container will run with cartesi unprivileged user diff --git a/apps/cli/src/baseCommand.ts b/apps/cli/src/baseCommand.ts index cf618c45..ecd45eba 100644 --- a/apps/cli/src/baseCommand.ts +++ b/apps/cli/src/baseCommand.ts @@ -78,7 +78,7 @@ export abstract class BaseCommand extends Command { protected async getApplicationAddress(): Promise
{ // fixed value, as we do deterministic deployment with a zero hash - return getAddress("0xab7528bb862fb57e8a2bcd567a2e929a0be56a5e"); + return getAddress("0x60ec77594cdaa4ec2263c0d7436d70e37164c69f"); } protected async getAddressBook(): Promise { diff --git a/apps/cli/src/commands/doctor.ts b/apps/cli/src/commands/doctor.ts index a730f3af..e1547ae7 100644 --- a/apps/cli/src/commands/doctor.ts +++ b/apps/cli/src/commands/doctor.ts @@ -8,7 +8,7 @@ export default class DoctorCommand extends BaseCommand { static examples = ["<%= config.bin %> <%= command.id %>"]; private static MINIMUM_DOCKER_VERSION = "23.0.0"; // Replace with our minimum required Docker version - private static MINIMUM_DOCKER_COMPOSE_VERSION = "2.21.0"; // Replace with our minimum required Docker Compose version + private static MINIMUM_DOCKER_COMPOSE_VERSION = "2.30.0"; // Replace with our minimum required Docker Compose version private static MINIMUM_BUILDX_VERSION = "0.13.0"; // Replace with our minimum required Buildx version private async checkDocker(): Promise { diff --git a/apps/cli/src/config.ts b/apps/cli/src/config.ts index 19d12e78..e2cec485 100644 --- a/apps/cli/src/config.ts +++ b/apps/cli/src/config.ts @@ -74,7 +74,7 @@ export class InvalidStringArrayError extends Error { const DEFAULT_FORMAT = "ext2"; const DEFAULT_RAM = "128Mi"; const DEFAULT_RAM_IMAGE = "/usr/share/cartesi-machine/images/linux.bin"; -export const DEFAULT_SDK = "cartesi/sdk:0.12.0-alpha.3"; +export const DEFAULT_SDK = "cartesi/sdk:0.12.0-alpha.5"; type Builder = "directory" | "docker" | "empty" | "none" | "tar"; type DriveFormat = "ext2" | "sqfs"; diff --git a/apps/cli/src/node/DockerfileDeploy.txt b/apps/cli/src/node/DockerfileDeploy.txt index d1412cb2..3ee73917 100644 --- a/apps/cli/src/node/DockerfileDeploy.txt +++ b/apps/cli/src/node/DockerfileDeploy.txt @@ -1,4 +1,4 @@ -FROM cartesi/rollups-node:1.5.1 +FROM cartesi/rollups-node:devel ENV CARTESI_SNAPSHOT_DIR=/usr/share/rollups-node/snapshot ENV CARTESI_HTTP_ADDRESS=0.0.0.0 COPY --chown=cartesi:cartesi . ${CARTESI_SNAPSHOT_DIR} diff --git a/apps/cli/src/node/default.env b/apps/cli/src/node/default.env index a415d636..0c5c255f 100644 --- a/apps/cli/src/node/default.env +++ b/apps/cli/src/node/default.env @@ -1,27 +1,46 @@ # cartesi/rollups-node -CARTESI_LOG_LEVEL="${CARTESI_LOG_LEVEL:-error}" -CARTESI_HTTP_ADDRESS="${CARTESI_HTTP_ADDRESS:-0.0.0.0}" -CARTESI_HTTP_PORT="${CARTESI_HTTP_PORT:-10000}" -CARTESI_FEATURE_HOST_MODE="${CARTESI_FEATURE_HOST_MODE:-false}" -CARTESI_FEATURE_READER_MODE_ENABLED="${CARTESI_FEATURE_READER_MODE_ENABLED:-false}" -CARTESI_FEATURE_DISABLE_CLAIMER="${CARTESI_FEATURE_DISABLE_CLAIMER:-false}" -CARTESI_FEATURE_DISABLE_MACHINE_HASH_CHECK="${CARTESI_FEATURE_DISABLE_MACHINE_HASH_CHECK:-true}" + +#logs +CARTESI_LOG_LEVEL="${CARTESI_LOG_LEVEL:-info}" +CARTESI_LOG_PRETTY_ENABLED="${CARTESI_LOG_PRETTY_ENABLED:-false}" + +# features +CARTESI_FEATURE_INPUT_READER_ENABLED="${CARTESI_FEATURE_INPUT_READER_ENABLED:-true}" +CARTESI_FEATURE_CLAIM_SUBMISSION_ENABLED="${CARTESI_FEATURE_CLAIM_SUBMISSION_ENABLED:-true}" +CARTESI_FEATURE_MACHINE_HASH_CHECK_ENABLED="${CARTESI_FEATURE_MACHINE_HASH_CHECK_ENABLED:-false}" + +# rollups CARTESI_EPOCH_LENGTH="${CARTESI_EPOCH_LENGTH:-720}" +CARTESI_EVM_READER_RETRY_POLICY_MAX_RETRIES="${CARTESI_EVM_READER_RETRY_POLICY_MAX_RETRIES:-3}" +CARTESI_EVM_READER_RETRY_POLICY_MAX_DELAY="${CARTESI_EVM_READER_RETRY_POLICY_MAX_DELAY:-3}" +CARTESI_ADVANCER_POLLING_INTERVAL="${CARTESI_ADVANCER_POLLING_INTERVAL:-7}" +CARTESI_VALIDATOR_POLLING_INTERVAL="${CARTESI_VALIDATOR_POLLING_INTERVAL:-7}" +CARTESI_CLAIMER_POLLING_INTERVAL="${CARTESI_CLAIMER_POLLING_INTERVAL:-7}" +CARTESI_MAX_STARTUP_TIME="${CARTESI_MAX_STARTUP_TIME:-5}" + +# blockchain CARTESI_BLOCKCHAIN_ID="${CARTESI_BLOCKCHAIN_ID:-31337}" CARTESI_BLOCKCHAIN_HTTP_ENDPOINT="${CARTESI_BLOCKCHAIN_HTTP_ENDPOINT:-http://anvil:8545}" CARTESI_BLOCKCHAIN_WS_ENDPOINT="${CARTESI_BLOCKCHAIN_WS_ENDPOINT:-ws://anvil:8545}" -CARTESI_BLOCKCHAIN_IS_LEGACY="${CARTESI_BLOCKCHAIN_IS_LEGACY:-false}" -CARTESI_BLOCKCHAIN_FINALITY_OFFSET="${CARTESI_BLOCKCHAIN_FINALITY_OFFSET:-0}" +CARTESI_LEGACY_BLOCKCHAIN_ENABLED="${CARTESI_LEGACY_BLOCKCHAIN_ENABLED:-false}" +CARTESI_EVM_READER_DEFAULT_BLOCK="${CARTESI_EVM_READER_DEFAULT_BLOCK:-latest}" CARTESI_BLOCKCHAIN_BLOCK_TIMEOUT="${CARTESI_BLOCKCHAIN_BLOCK_TIMEOUT:-60}" -CARTESI_CONTRACTS_APPLICATION_ADDRESS="${CARTESI_CONTRACTS_APPLICATION_ADDRESS:-0xab7528bb862fb57e8a2bcd567a2e929a0be56a5e}" -CARTESI_CONTRACTS_INPUT_BOX_DEPLOYMENT_BLOCK_NUMBER="${CARTESI_CONTRACTS_INPUT_BOX_DEPLOYMENT_BLOCK_NUMBER:-22}" -CARTESI_CONTRACTS_HISTORY_ADDRESS="${CARTESI_CONTRACTS_HISTORY_ADDRESS:-0x325272217ae6815b494bf38ced004c5eb8a7cda7}" -CARTESI_CONTRACTS_AUTHORITY_ADDRESS="${CARTESI_CONTRACTS_AUTHORITY_ADDRESS:-0x58c93f83fb3304730c95aad2e360cdb88b782010}" -CARTESI_CONTRACTS_INPUT_BOX_ADDRESS="${CARTESI_CONTRACTS_INPUT_BOX_ADDRESS:-0x59b22D57D4f067708AB0c00552767405926dc768}" -CARTESI_SNAPSHOT_DIR="${CARTESI_SNAPSHOT_DIR:-/usr/share/cartesi/snapshot}" + +# contracts +CARTESI_CONTRACTS_INPUT_BOX_ADDRESS="${CARTESI_CONTRACTS_INPUT_BOX_ADDRESS:-0x593E5BCf894D6829Dd26D0810DA7F064406aebB6}" +CARTESI_CONTRACTS_INPUT_BOX_DEPLOYMENT_BLOCK_NUMBER="${CARTESI_CONTRACTS_INPUT_BOX_DEPLOYMENT_BLOCK_NUMBER:-7}" +CARTESI_CONTRACTS_APPLICATION_FACTORY_ADDRESS="${CARTESI_CONTRACTS_APPLICATION_FACTORY_ADDRESS:-0xd7d4d184b82b1a4e08f304DDaB0A2A7a301C2620}" +CARTESI_CONTRACTS_AUTHORITY_FACTORY_ADDRESS="${CARTESI_CONTRACTS_AUTHORITY_FACTORY_ADDRESS:-0xB897F7Fe78f220aE34B7FA9493092701a873Ed45}" + +# snapshot +CARTESI_SNAPSHOT_DIR="${CARTESI_SNAPSHOT_DIR:-/usr/share/rollups-node/snapshot}" + +# auth CARTESI_AUTH_MNEMONIC="${CARTESI_AUTH_MNEMONIC:-test test test test test test test test test test test junk}" -CARTESI_POSTGRES_ENDPOINT="${CARTESI_POSTGRES_ENDPOINT:-postgres://postgres:password@database:5432/postgres}" -CARTESI_EXPERIMENTAL_SERVER_MANAGER_BYPASS_LOG="${CARTESI_EXPERIMENTAL_SERVER_MANAGER_BYPASS_LOG:-false}" -# server-manager -SM_DEADLINE_MACHINE="${SM_DEADLINE_MACHINE:-30000}" +# postgres +CARTESI_POSTGRES_ENDPOINT="${CARTESI_POSTGRES_ENDPOINT:-postgres://postgres:password@database:5432/postgres?sslmode=disable}" + +# http +CARTESI_INSPECT_PORT=${CARTESI_INSPECT_PORT:-10012} +CARTESI_INSPECT_ADDRESS=${CARTESI_INSPECT_ADDRESS:-0.0.0.0:$CARTESI_INSPECT_PORT} diff --git a/apps/cli/src/node/docker-compose-anvil.yaml b/apps/cli/src/node/docker-compose-anvil.yaml index d2f64a32..30490675 100644 --- a/apps/cli/src/node/docker-compose-anvil.yaml +++ b/apps/cli/src/node/docker-compose-anvil.yaml @@ -1,6 +1,6 @@ services: anvil: - image: cartesi/sdk:0.12.0-alpha.3 + image: cartesi/sdk:0.12.0-alpha.5 command: [ "devnet", @@ -19,27 +19,30 @@ services: - 8545:8545 dapp_deployer: - image: cartesi/sdk:0.12.0-alpha.3 + image: cartesi/rollups-node:devel restart: on-failure depends_on: - anvil: + validator: condition: service_started + env_file: + - ${CARTESI_BIN_PATH}/node/default.env command: - [ - "cast", - "send", - "--rpc-url", - "http://anvil:8545", - "--private-key", - "0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80", - "0x4C11C7F82D6D56a726f9B53dd99af031AFd86BB6", - "deployContracts(address,address,bytes32,bytes32)", - "0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266", - "720", - "0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266", - "0x0000000000000000000000000000000000000000000000000000000000000000", - "0x0000000000000000000000000000000000000000000000000000000000000000", - ] + - /bin/bash + - -c + - -x + - | + cartesi-rollups-cli app deploy \ + --print-json \ + --postgres-endpoint "$$CARTESI_POSTGRES_ENDPOINT" \ + --rpc-url "$$CARTESI_BLOCKCHAIN_HTTP_ENDPOINT" \ + --inputbox-block-number "$$CARTESI_CONTRACTS_INPUT_BOX_DEPLOYMENT_BLOCK_NUMBER" \ + --mnemonic "$$CARTESI_AUTH_MNEMONIC" \ + --epoch-length "$$CARTESI_EPOCH_LENGTH" \ + --app-factory "$$CARTESI_CONTRACTS_APPLICATION_FACTORY_ADDRESS" \ + --authority-factory "$$CARTESI_CONTRACTS_AUTHORITY_FACTORY_ADDRESS" \ + --app-owner "0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266" \ + --template-path $$CARTESI_SNAPSHOT_DIR \ + --name "dapp" prompt: image: debian:bookworm-slim diff --git a/apps/cli/src/node/docker-compose-bundler.yaml b/apps/cli/src/node/docker-compose-bundler.yaml index dd29c4cc..d6ae5fd3 100644 --- a/apps/cli/src/node/docker-compose-bundler.yaml +++ b/apps/cli/src/node/docker-compose-bundler.yaml @@ -1,6 +1,6 @@ services: alto: - image: cartesi/sdk:0.12.0-alpha.3 + image: cartesi/sdk:0.12.0-alpha.5 command: - "alto" - "--entrypoints" diff --git a/apps/cli/src/node/docker-compose-database.yaml b/apps/cli/src/node/docker-compose-database.yaml index e5a66dc4..1086c9ef 100644 --- a/apps/cli/src/node/docker-compose-database.yaml +++ b/apps/cli/src/node/docker-compose-database.yaml @@ -8,3 +8,19 @@ services: retries: 5 environment: - POSTGRES_PASSWORD=password + + migration: + image: cartesi/rollups-node:devel + command: + - /bin/bash + - -c + - -x + - | + cartesi-rollups-cli db upgrade -p "$$CARTESI_POSTGRES_ENDPOINT" + + depends_on: + database: + condition: service_healthy + restart: "no" + env_file: + - ${CARTESI_BIN_PATH}/node/default.env diff --git a/apps/cli/src/node/docker-compose-paymaster.yaml b/apps/cli/src/node/docker-compose-paymaster.yaml index 3b819afe..b7265ba4 100644 --- a/apps/cli/src/node/docker-compose-paymaster.yaml +++ b/apps/cli/src/node/docker-compose-paymaster.yaml @@ -1,6 +1,6 @@ services: mock-verifying-paymaster: - image: cartesi/sdk:0.12.0-alpha.3 + image: cartesi/sdk:0.12.0-alpha.5 command: "mock-verifying-paymaster" environment: - ALTO_RPC=http://alto:4337 diff --git a/apps/cli/src/node/docker-compose-snapshot-volume.yaml b/apps/cli/src/node/docker-compose-snapshot-volume.yaml index 0862b2a3..46c04b93 100644 --- a/apps/cli/src/node/docker-compose-snapshot-volume.yaml +++ b/apps/cli/src/node/docker-compose-snapshot-volume.yaml @@ -1,7 +1,7 @@ services: dapp_deployer: volumes: - - ./.cartesi/image:/usr/share/cartesi/snapshot:ro + - ./.cartesi/image:/usr/share/rollups-node/snapshot:ro validator: volumes: diff --git a/apps/cli/src/node/docker-compose-validator.yaml b/apps/cli/src/node/docker-compose-validator.yaml index 81f7dba8..3ae6ce20 100644 --- a/apps/cli/src/node/docker-compose-validator.yaml +++ b/apps/cli/src/node/docker-compose-validator.yaml @@ -1,22 +1,33 @@ services: validator: - image: cartesi/rollups-node:1.5.1 + image: cartesi/rollups-node:devel depends_on: - dapp_deployer: + migration: condition: service_completed_successfully + anvil: + condition: service_healthy expose: - "10000" healthcheck: - test: ["CMD", "curl", "-f", "http://localhost:10000/healthz"] + test: ["CMD", "curl", "-f", "http://localhost:10000/livez"] interval: 10s timeout: 1s retries: 5 + post_start: + - command: + - /bin/bash + - -c + - | + mkdir -p "$CARTESI_SNAPSHOT_DIR" + cp --recursive /tmp/snapshot/* "$CARTESI_SNAPSHOT_DIR" + user: root command: - /bin/bash - -c - | - mkdir -p "$CARTESI_SNAPSHOT_DIR" - cp --recursive /tmp/snapshot/* "$CARTESI_SNAPSHOT_DIR" + while ! stat "$CARTESI_SNAPSHOT_DIR" &>/dev/null; do + sleep 0.5 + done exec cartesi-rollups-node env_file: @@ -45,7 +56,7 @@ services: inspect_server: loadBalancer: servers: - - url: "http://validator:10000/inspect" + - url: "http://validator:10012/inspect" TRAEFIK_CONFIG_GRAPHQL_SERVER: | http: routers: