diff --git a/.github/workflows/test-molecule.yml b/.github/workflows/test-molecule.yml index 0cc1a1b64..5491f9d1d 100644 --- a/.github/workflows/test-molecule.yml +++ b/.github/workflows/test-molecule.yml @@ -71,6 +71,7 @@ jobs: { role: "update-changes", test: "232" }, { role: "update-changes", test: "235" }, { role: "update-changes", test: "241" }, + { role: "update-changes", test: "242" }, ] fail-fast: false concurrency: molecule-test-${{ matrix.tests.role }}-${{ matrix.tests.test }} diff --git a/controls/pyproject.toml b/controls/pyproject.toml index a2662e1de..bca71f818 100644 --- a/controls/pyproject.toml +++ b/controls/pyproject.toml @@ -4,6 +4,7 @@ version = "0.1.0" description = "A test environment for testing Ansible roles with Molecule." authors = ["stereum.com"] readme = "README.md" +package-mode = false [tool.poetry.dependencies] python = "^3.10" diff --git a/controls/roles/update-changes/molecule/242/converge.yml b/controls/roles/update-changes/molecule/242/converge.yml new file mode 100644 index 000000000..3f84cb4a2 --- /dev/null +++ b/controls/roles/update-changes/molecule/242/converge.yml @@ -0,0 +1,10 @@ +--- +- name: Converge + hosts: all + vars_files: + - ../../../../defaults/stereum_defaults.yaml + + tasks: + - name: "Include update-changes" + include_role: + name: "update-changes" diff --git a/controls/roles/update-changes/molecule/242/molecule.yml b/controls/roles/update-changes/molecule/242/molecule.yml new file mode 100644 index 000000000..f258c82f7 --- /dev/null +++ b/controls/roles/update-changes/molecule/242/molecule.yml @@ -0,0 +1,27 @@ +--- +#dependency: +# name: galaxy +driver: + name: docker +platforms: + - name: "update-changes--2.4.2--ubuntu-24.04" + image: ubuntu:noble + # - name: "configure-updates--default--centos-8" + # image: geerlingguy/docker-centos8-ansible +provisioner: + name: ansible + env: + ANSIBLE_PIPELINING: "True" +lint: | + set -e + yamllint . + ansible-lint . +scenario: + test_sequence: + - destroy + - create + - prepare + - converge + - idempotence + - verify + - destroy diff --git a/controls/roles/update-changes/molecule/242/playbook.yml b/controls/roles/update-changes/molecule/242/playbook.yml new file mode 100644 index 000000000..710c596cf --- /dev/null +++ b/controls/roles/update-changes/molecule/242/playbook.yml @@ -0,0 +1,7 @@ +--- +- name: Converge + hosts: all + tasks: + - name: "Include update-changes" + include_role: + name: "update-changes" diff --git a/controls/roles/update-changes/molecule/242/prepare.yml b/controls/roles/update-changes/molecule/242/prepare.yml new file mode 100644 index 000000000..72fea3087 --- /dev/null +++ b/controls/roles/update-changes/molecule/242/prepare.yml @@ -0,0 +1,67 @@ +--- +- name: Prepare + hosts: all + tasks: + - name: Make sure Stereum's config path exists + file: + path: "/etc/stereum/services" + state: directory + owner: "root" + group: "root" + mode: 0644 + become: yes + + - name: Create ValidatorEjectorService config + copy: + dest: "/etc/stereum/services/365500b1-285c-f88d-7d6c-3cde7b3ed973.yaml" + owner: "root" + group: "root" + mode: 0644 + content: | + service: TekuValidatorService + id: 365500b1-285c-f88d-7d6c-3cde7b3ed973 + configVersion: 1 + command: + - vc + - --beacon-node-api-endpoint=http://stereum-5c7d873b-bf84-5b58-ffcc-7d9c115f5365:5051 + - --network=hoodi + - --logging=INFO + - --data-path=/opt/app/data + - --validators-keystore-locking-enabled=true + - --validators-proposer-default-fee-recipient=0x0000000000000000000000000000000000000000 + - --validators-graffiti-file=/opt/app/graffitis/graffitis.yaml + - --log-destination=CONSOLE + - --metrics-enabled=true + - --metrics-port=8008 + - --metrics-interface=0.0.0.0 + - --metrics-host-allowlist=* + - --metrics-publish-interval=10 + - --validator-api-enabled=true + - --validator-api-port=5052 + - --validator-api-host-allowlist=* + - --validator-api-cors-origins=* + - --validator-api-keystore-file=/opt/app/data/teku_api_keystore + - --validator-api-keystore-password-file=/opt/app/data/teku_api_password.txt + - --validators-builder-registration-default-enabled=true + - --validators-proposer-blinded-blocks-enabled=true + - --doppelganger-detection-enabled=true + entrypoint: + - /opt/teku/bin/teku + env: + JAVA_OPTS: -Xmx4g + image: consensys/teku:25.4.1 + ports: [] + volumes: + - /opt/stereum/teku-365500b1-285c-f88d-7d6c-3cde7b3ed973/data:/opt/app/data + - /opt/stereum/teku-365500b1-285c-f88d-7d6c-3cde7b3ed973/graffitis:/opt/app/graffitis + user: "2000" + autoupdate: true + network: hoodi + dependencies: + executionClients: [] + consensusClients: + - service: TekuBeaconService + id: 5c7d873b-bf84-5b58-ffcc-7d9c115f5365 + mevboost: [] + otherServices: [] + become: yes diff --git a/controls/roles/update-changes/molecule/242/verify.yml b/controls/roles/update-changes/molecule/242/verify.yml new file mode 100644 index 000000000..ba6d9ddb6 --- /dev/null +++ b/controls/roles/update-changes/molecule/242/verify.yml @@ -0,0 +1,24 @@ +--- +- name: Verify + hosts: all + gather_facts: false + tasks: + # TekuValidatorService + - name: Read TekuValidatorService file + slurp: + src: "/etc/stereum/services/365500b1-285c-f88d-7d6c-3cde7b3ed973.yaml" + register: Teku_service_configuration_raw + + - name: Parse Service configurations + set_fact: + Teku_service_configuration: "{{ Teku_service_configuration_raw['content'] | b64decode | from_yaml }}" + + - debug: + msg: "{{ Teku_service_configuration }}" + - debug: + msg: "{{ Teku_service_configuration_raw['content'] | b64decode }}" + + - assert: + that: + - Teku_service_configuration.command | select('match', '--validators-proposer-blinded-blocks-enabled') | length == 0 +# EOF diff --git a/controls/roles/update-changes/tasks/2.4.2/teku_changes.yaml b/controls/roles/update-changes/tasks/2.4.2/teku_changes.yaml new file mode 100644 index 000000000..5eeff40a7 --- /dev/null +++ b/controls/roles/update-changes/tasks/2.4.2/teku_changes.yaml @@ -0,0 +1,19 @@ +--- +- name: Read service file + slurp: + src: "{{ config_file.path }}" + register: service_configuration_raw + +- name: Parse service's configuration + set_fact: + service_configuration: "{{ service_configuration_raw['content'] | b64decode | from_yaml }}" + service_configuration_text: "{{ service_configuration_raw['content'] | b64decode }}" + +- name: Teku Changes + when: service_configuration.service == "TekuValidatorService" + block: + - name: remove --validators-proposer-blinded-blocks-enabled + lineinfile: + path: "{{ config_file.path }}" + regex: "--validators-proposer-blinded-blocks-enabled" + state: absent diff --git a/controls/roles/update-changes/tasks/2.4.2/updates-242.yaml b/controls/roles/update-changes/tasks/2.4.2/updates-242.yaml new file mode 100644 index 000000000..dc1a9f483 --- /dev/null +++ b/controls/roles/update-changes/tasks/2.4.2/updates-242.yaml @@ -0,0 +1,11 @@ +--- +- name: Find service configs + find: + paths: "/etc/stereum/services" + register: service_config_files + +- name: Include Teku Changes + include_tasks: teku_changes.yaml + loop: "{{ service_config_files.files }}" + loop_control: + loop_var: config_file diff --git a/controls/roles/update-changes/tasks/main.yml b/controls/roles/update-changes/tasks/main.yml index 49adcbc7c..a69c8a034 100644 --- a/controls/roles/update-changes/tasks/main.yml +++ b/controls/roles/update-changes/tasks/main.yml @@ -9,4 +9,8 @@ - name: Include 2.4.1 Update Scripts include_tasks: "2.4.1/updates-241.yaml" ignore_errors: yes + +- name: Include 2.4.2 Update Scripts + include_tasks: "2.4.2/updates-242.yaml" + ignore_errors: yes # EOF diff --git a/launcher/src/backend/ethereum-services/TekuValidatorService.js b/launcher/src/backend/ethereum-services/TekuValidatorService.js index caaed3175..343d71f77 100755 --- a/launcher/src/backend/ethereum-services/TekuValidatorService.js +++ b/launcher/src/backend/ethereum-services/TekuValidatorService.js @@ -50,7 +50,6 @@ export class TekuValidatorService extends NodeService { `--validator-api-keystore-file=${dataDir}/teku_api_keystore`, `--validator-api-keystore-password-file=${dataDir}/teku_api_password.txt`, "--validators-builder-registration-default-enabled=true", - "--validators-proposer-blinded-blocks-enabled=true", "--doppelganger-detection-enabled=true", ], // command ["/opt/teku/bin/teku"], // entrypoint