feat: allow external cardano-wallet (tls) and cardano-db-sync

Signed-off-by: Kranium Gikos Mendoza <[email protected]>

Author: womfoo

infrastructure/charts/node/Chart.lock

@@ -0,0 +1,6 @@
+dependencies:
+- name: nginx
+  repository: https://charts.bitnami.com/bitnami
+  version: 16.0.7
+digest: sha256:fbb6b2644c14ff1f2d2010bfb1892de4ad59837a811bc10850a67158be138af7
+generated: "2024-05-10T16:54:55.415234401+10:00"

infrastructure/charts/node/Chart.yaml

@@ -19,4 +19,8 @@ version: 2.4.1
 # follow Semantic Versioning. They should reflect the version the application is using.
 # It is recommended to use it with quotes.
 appVersion: "2.4.1"
-dependencies: []
+dependencies:
+- name: nginx
+  repository: https://charts.bitnami.com/bitnami
+  version: 16.0.7
+  condition: vdr.externalResources.wallet.tls

infrastructure/charts/node/templates/configmap-nginx.yaml

@@ -0,0 +1,15 @@
+{{- if .Values.vdr.externalResources.wallet.tls }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: wallet-nginx-proxy
+data:
+  server-block.conf: |
+    server {
+      listen 8080;
+      location / {
+        resolver 8.8.8.8;
+        proxy_pass https://{{ .Values.vdr.externalResources.wallet.host }}$uri$is_args$args;
+      }
+    }
+{{- end }}

infrastructure/charts/node/templates/deployment.yaml

@@ -47,6 +47,26 @@ spec:
             value: {{ .Values.server.refereshAndSubmitPeriod | quote }}
           - name: NODE_CARDANO_CONFIRMATION_BLOCKS
             value: {{ .Values.server.confirmationBlocks | quote }}
+          {{- if and (eq "cardano" .Values.server.ledger) (not (empty .Values.vdr.externalResources.wallet.host)) }}
+          - name: NODE_CARDANO_WALLET_API_HOST
+            value: "{{ .Release.Name }}-wallet"
+          - name: NODE_CARDANO_WALLET_ID
+            valueFrom:
+              secretKeyRef:
+                name: "{{ .Values.secrets.cardanoWallet }}"
+                key: id
+                optional: false
+          - name: NODE_CARDANO_WALLET_PASSPHRASE
+            valueFrom:
+              secretKeyRef:
+                name: "{{ .Values.secrets.cardanoWallet }}"
+                key: passphrase
+                optional: false
+          - name: NODE_CARDANO_WALLET_API_PORT
+            value: 80
+          - name: NODE_CARDANO_PAYMENT_ADDRESS
+            value: "{{ .Values.vdr.externalResources.wallet.payment_address }}"
+          {{- else if "cardano" .Values.server.ledger }}
           - name: NODE_CARDANO_WALLET_API_HOST
             value: "{{ .Values.vdr.cardanoNode }}.{{ .Values.vdr.cardanoNamespace }}"
           - name: NODE_CARDANO_WALLET_ID
@@ -69,7 +89,25 @@ spec:
                 name: "{{ .Values.vdr.cardanoNode }}-{{ .Values.vdr.cardanoWallet }}"
                 key: address
                 optional: false
-          {{- if eq "cardano" .Values.server.ledger }}
+          {{- end }}
+          {{- if and (eq "cardano" .Values.server.ledger) (not (empty .Values.vdr.externalResources.db_sync.host)) }}
+          - name: NODE_CARDANO_DB_SYNC_USERNAME
+            valueFrom:
+              secretKeyRef:
+                name: "{{ .Values.secrets.cardanoDbSync }}"
+                key: username
+                optional: false
+          - name: NODE_CARDANO_DB_SYNC_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: "{{ .Values.secrets.cardanoDbSync }}"
+                key: password
+                optional: false
+          - name: NODE_CARDANO_DB_SYNC_DATABASE
+            value: "{{ .Values.vdr.externalResources.db_sync.database }}"
+          - name: NODE_CARDANO_DB_SYNC_HOST
+            value: "{{ .Values.vdr.externalResources.db_sync.host }}"
+          {{- else if "cardano" .Values.server.ledger }}
           - name: NODE_CARDANO_DB_SYNC_USERNAME
             valueFrom:
               secretKeyRef:

infrastructure/charts/node/templates/externalsecret.yaml

@@ -36,3 +36,38 @@ spec:
   dataFrom:
     - extract:
         key: {{ .Values.vdr.cardanoWallet }}
+
+---
+# Requires wallet to be created (atm it's done through terraform module)
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: "{{ .Values.secrets.cardanoWallet }}"
+  namespace: {{ .Release.Namespace }}
+  labels:
+      {{ template "labels.common" . }}
+spec:
+  refreshInterval: "0"
+  secretStoreRef:
+    name: {{ .Values.secrets.secretStore }}
+    kind: ClusterSecretStore
+  dataFrom:
+    - extract:
+        key: "{{ .Values.secrets.cardanoWallet }}"
+---
+# Requires wallet to be created (atm it's done through terraform module)
+apiVersion: external-secrets.io/v1beta1
+kind: ExternalSecret
+metadata:
+  name: "{{ .Values.secrets.cardanoDbSync }}"
+  namespace: {{ .Release.Namespace }}
+  labels:
+      {{ template "labels.common" . }}
+spec:
+  refreshInterval: "0"
+  secretStoreRef:
+    name: {{ .Values.secrets.secretStore }}
+    kind: ClusterSecretStore
+  dataFrom:
+    - extract:
+        key: "{{ .Values.secrets.cardanoDbSync }}"

infrastructure/charts/node/values.yaml

@@ -11,6 +11,8 @@ ingress:
 secrets:
   secretStore: chart-base-secretstore
   dockerRegistryToken: chart-base-docker-registry-token
+  # cardanoWallet: must contain wallet_id and passphrase
+  # cardanoDbSync: must contain username and password
 
 server:
   ledger: "in-memory"
@@ -39,6 +41,21 @@ database:
     numberOfInstances: 2
 
 vdr:
+  externalResources:
+    wallet:
+      # host:
+      # payment_address:
+      # tls always true ATM
+      tls: true
+    db_sync:
+      # host":
+      # database":
   cardanoNode: atala-cardano-dev-preprod
   cardanoNamespace: cardano-stack
   cardanoWallet: dev-k8s-cardano-wallet
+
+nginx:
+  nameOverride: "wallet"
+  service:
+    type: "ClusterIP"
+  existingServerBlockConfigmap: wallet-nginx-proxy