Skip to content

Commit

Permalink
fix: check and generate the signare key correctly
Browse files Browse the repository at this point in the history
  • Loading branch information
danut13 committed Jun 4, 2024
1 parent 69dcb1e commit 344952d
Show file tree
Hide file tree
Showing 4 changed files with 28 additions and 24 deletions.
20 changes: 10 additions & 10 deletions .github/workflows/ci.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -36,16 +36,6 @@ jobs:
restore-keys: |
${{ runner.os }}-buildx-v1.0-service-node-
- name: Build and load
run: |
docker buildx bake \
--set "*.cache-from=type=local,src=/tmp/.buildx-cache" \
--set "*.cache-to=type=local,dest=/tmp/.buildx-cache-new" \
--set "*.platform=linux/amd64" \
--builder ${{ steps.buildx.outputs.name }} \
-f docker-compose.yml \
--load
- name: Create local keystore
run: |
echo "1234" >> password.keystore
Expand All @@ -64,6 +54,16 @@ jobs:
cat password.key | ./scripts/generate-signer-key.py
mv signer-key*.pem signer_key.pem
- name: Build and load
run: |
docker buildx bake \
--set "*.cache-from=type=local,src=/tmp/.buildx-cache" \
--set "*.cache-to=type=local,dest=/tmp/.buildx-cache-new" \
--set "*.platform=linux/amd64" \
--builder ${{ steps.buildx.outputs.name }} \
-f docker-compose.yml \
--load
# - name: Test image
# run: |
# docker compose up -d
Expand Down
6 changes: 4 additions & 2 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -14,10 +14,12 @@ RUN apt-get update

COPY --from=dev /app/dist/*.deb .

ENV SIGNER_KEY_PASSWORD="something"

RUN if [ -f ./*-signed.deb ]; then \
apt-get install -y --no-install-recommends ./*-signed.deb; \
apt-get install -y --no-install-recommends ./*-signed.deb; \
else \
apt-get install -y --no-install-recommends ./*.deb; \
apt-get install -y --no-install-recommends ./*.deb; \
fi && \
rm -rf *.deb && \
apt-get clean && \
Expand Down
6 changes: 4 additions & 2 deletions docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ services:
APP_URL: http://app:8080
APP_LOG_FILE_ENABLED: false
APP_LOG_FORMAT: human_readable
SIGNER_KEY_PASSWORD: 'pass'
DB_URL: postgresql://pantos-service-node:pantos@db/pantos-service-node
CELERY_BROKER: amqp://pantos-service-node:pantos@broker:5672/pantos-service-node
CELERY_BACKEND: db+postgresql://pantos-service-node:pantos@db/pantos-service-node-celery
Expand Down Expand Up @@ -70,6 +71,7 @@ services:
APP_PORT: 8080
APP_URL: http://app:8080
CELERY_LOG_FORMAT: human_readable
SIGNER_KEY_PASSWORD: 'pass'
CELERY_LOG_FILE_ENABLED: false
DB_URL: postgresql://pantos-service-node:pantos@db/pantos-service-node
CELERY_BROKER: amqp://pantos-service-node:pantos@broker:5672/pantos-service-node
Expand All @@ -90,7 +92,7 @@ services:
image: postgres:latest
restart: on-failure
healthcheck:
test: ["CMD", "pg_isready", "-U", "postgres"]
test: [ "CMD", "pg_isready", "-U", "postgres" ]
interval: 10s
timeout: 5s
retries: 5
Expand All @@ -113,7 +115,7 @@ services:
networks:
pantos-service-node:
healthcheck:
test: ["CMD", "rabbitmqctl", "status"]
test: [ "CMD", "rabbitmqctl", "status" ]
interval: 10s
timeout: 5s
retries: 5
Expand Down
20 changes: 10 additions & 10 deletions linux/debian/postinst
Original file line number Diff line number Diff line change
Expand Up @@ -95,18 +95,18 @@ else
fi

# Signer key
if [ ! -e "${signer_key_file}" || -z "$SIGNER_KEY_PASSWORD" ]; then
if [ ! command -v ssh-keygen ]; then
echo "ssh-keygen is not installed, please install the package with the recommended dependencies to generate the key"
exit 1
fi
echo "Signer key does not exist, generating new one"
read -s -p "Please enter your password for your pem file: " passwd
ssh-keygen -t ed25519 -f "$signer_key_file" -N "$passwd" >/dev/null 2>&1
echo "SIGNER_KEY_PASSWORD='$passwd'" >> ${env_file}
if [ ! -e ${signer_key_file} ] || [ -z ${SIGNER_KEY_PASSWORD} ]; then
# Check if ssh-keygen is installed
if ! command -v ssh-keygen &>/dev/null; then
echo "ssh-keygen is not installed, please install the package with the recommended dependencies to generate the key"
exit 1
fi
echo "Signer key does not exist; generating a new one"
read -s -p "Please enter your password for your PEM file: " passwd
ssh-keygen -t ed25519 -f "$signer_key_file" -N "$passwd" >/dev/null 2>&1
echo "SIGNER_KEY_PASSWORD='$passwd'" >> "${env_file}"
fi


# Offchain bids
if [ ! -e "${offchain_bids_default_file}" ]; then
# if offchain bids default file does not exists, we add it, otherwise do nothing
Expand Down

0 comments on commit 344952d

Please sign in to comment.