From c86d3986d4a279bcbf0293d3daeca9d72c7fdcb9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=98=D0=B2=D0=B0=D0=BD=20Vandot?= Date: Thu, 30 May 2024 01:06:44 +0200 Subject: [PATCH 1/2] chore: disable debug api (#395) * chore: disable debug api * chore: remove debug-api flags * chore: move readiness and liveness to api port * chore: wip * chore: remove debug * chore: remove debug * fix: lint --------- Co-authored-by: Acha Bill --- cmd/beekeeper/cmd/cluster.go | 2 +- cmd/beekeeper/cmd/node_funder.go | 8 +- config/config.yaml | 6 - config/helm-cluster.yaml | 3 - config/local.yaml | 5 - config/mainnet.yaml | 3 - config/staging.yaml | 3 - config/testnet-giant.yaml | 6 - config/testnet.yaml | 6 - pkg/bee/api/api.go | 9 + pkg/bee/{debugapi => api}/debugstore.go | 2 +- pkg/bee/{debugapi => api}/node.go | 2 +- pkg/bee/{debugapi => api}/pingpong.go | 2 +- pkg/bee/{debugapi => api}/postage.go | 2 +- pkg/bee/{debugapi => api}/stake.go | 2 +- pkg/bee/client.go | 101 ++++--- pkg/bee/debugapi/debugapi.go | 252 ------------------ pkg/bee/debugapi/errors.go | 35 --- pkg/bee/debugapi/errors_test.go | 128 --------- pkg/check/stake/stake.go | 4 +- pkg/config/bee.go | 2 - pkg/config/cluster.go | 28 +- pkg/config/nodegroup.go | 2 - pkg/k8s/customresource/ingressroute/client.go | 8 +- pkg/k8s/ingress/client.go | 8 +- pkg/operator/operator.go | 2 +- pkg/orchestration/cluster.go | 44 +-- pkg/orchestration/k8s/helpers.go | 12 +- pkg/orchestration/k8s/node_orchestrator.go | 107 -------- pkg/orchestration/k8s/nodegroup.go | 18 +- pkg/orchestration/node.go | 5 - pkg/orchestration/nodegroup.go | 12 +- scripts/suite.sh | 28 +- 33 files changed, 120 insertions(+), 737 deletions(-) rename pkg/bee/{debugapi => api}/debugstore.go (96%) rename pkg/bee/{debugapi => api}/node.go (99%) rename pkg/bee/{debugapi => api}/pingpong.go (96%) rename pkg/bee/{debugapi => api}/postage.go (99%) rename pkg/bee/{debugapi => api}/stake.go (98%) delete mode 100644 pkg/bee/debugapi/debugapi.go delete mode 100644 pkg/bee/debugapi/errors.go delete mode 100644 pkg/bee/debugapi/errors_test.go diff --git a/cmd/beekeeper/cmd/cluster.go b/cmd/beekeeper/cmd/cluster.go index 393ba59b3..859049832 100644 --- a/cmd/beekeeper/cmd/cluster.go +++ b/cmd/beekeeper/cmd/cluster.go @@ -226,7 +226,7 @@ func setupNodes(ctx context.Context, clusterConfig config.Cluster, cfg *config.C if clusterConfig.IsUsingStaticEndpoints() { for nodeName, endpoint := range v.GetEndpoints() { - beeOpt := orchestration.WithURLs(endpoint.APIURL, endpoint.DebugAPIURL) + beeOpt := orchestration.WithURL(endpoint.APIURL) nodeCount++ go setupOrAddNode(ctx, false, ng, nodeName, orchestration.NodeOptions{ Config: &bConfig, diff --git a/cmd/beekeeper/cmd/node_funder.go b/cmd/beekeeper/cmd/node_funder.go index 37cabc873..ebdf83ab6 100644 --- a/cmd/beekeeper/cmd/node_funder.go +++ b/cmd/beekeeper/cmd/node_funder.go @@ -133,14 +133,14 @@ func (nf *nodeLister) List(ctx context.Context, namespace string) (nodes []funde return nil, fmt.Errorf("namespace not provided") } - ingressHosts, err := nf.k8sClient.Ingress.ListDebugNodesHosts(ctx, namespace) + ingressHosts, err := nf.k8sClient.Ingress.ListAPINodesHosts(ctx, namespace) if err != nil { - return nil, fmt.Errorf("list ingress debug nodes hosts: %s", err.Error()) + return nil, fmt.Errorf("list ingress api nodes hosts: %s", err.Error()) } - ingressRouteHosts, err := nf.k8sClient.IngressRoute.ListDebugNodesHosts(ctx, namespace) + ingressRouteHosts, err := nf.k8sClient.IngressRoute.ListAPINodesHosts(ctx, namespace) if err != nil { - return nil, fmt.Errorf("list ingress route debug nodes hosts: %s", err.Error()) + return nil, fmt.Errorf("list ingress route api nodes hosts: %s", err.Error()) } ingressHosts = append(ingressHosts, ingressRouteHosts...) diff --git a/config/config.yaml b/config/config.yaml index c69f2ba3d..e27c23f84 100644 --- a/config/config.yaml +++ b/config/config.yaml @@ -10,9 +10,6 @@ clusters: api-domain: staging.internal api-insecure-tls: true api-scheme: https - debug-api-domain: staging.internal - debug-api-insecure-tls: true - debug-api-scheme: https admin-password: test funding: eth: 0.1 @@ -103,7 +100,6 @@ node-groups: nginx.ingress.kubernetes.io/session-cookie-path: "default" nginx.ingress.kubernetes.io/ssl-redirect: "true" ingress-class: "nginx-internal" - ingress-debug-class: "nginx-internal" labels: app.kubernetes.io/component: "node" app.kubernetes.io/name: "bee" @@ -140,8 +136,6 @@ bee-configs: db-block-cache-capacity: 33554432 db-write-buffer-size: 33554432 db-disable-seeks-compaction: false - debug-api-addr: ":1635" - debug-api-enable: true full-node: true nat-addr: "" mainnet: false diff --git a/config/helm-cluster.yaml b/config/helm-cluster.yaml index 84c936f49..ff12eb752 100644 --- a/config/helm-cluster.yaml +++ b/config/helm-cluster.yaml @@ -8,9 +8,6 @@ clusters: api-domain: staging.internal api-insecure-tls: true api-scheme: https - debug-api-domain: staging.internal - debug-api-insecure-tls: true - debug-api-scheme: https node-groups: bee: bee-config: default diff --git a/config/local.yaml b/config/local.yaml index 9acf49c3d..c381ccc28 100644 --- a/config/local.yaml +++ b/config/local.yaml @@ -7,8 +7,6 @@ clusters: disable-namespace: true api-domain: localhost api-scheme: http - debug-api-domain: localhost - debug-api-scheme: http admin-password: test funding: eth: 0.1 @@ -119,7 +117,6 @@ node-groups: nginx.ingress.kubernetes.io/session-cookie-path: "default" nginx.ingress.kubernetes.io/ssl-redirect: "true" ingress-class: "traefik" - ingress-debug-class: "traefik" labels: app.kubernetes.io/component: "node" app.kubernetes.io/name: "bee" @@ -163,8 +160,6 @@ bee-configs: db-block-cache-capacity: 33554432 db-write-buffer-size: 33554432 db-disable-seeks-compaction: false - debug-api-addr: ":1635" - debug-api-enable: true full-node: true mainnet: false nat-addr: "" diff --git a/config/mainnet.yaml b/config/mainnet.yaml index e2e868b74..e3b1c9cee 100644 --- a/config/mainnet.yaml +++ b/config/mainnet.yaml @@ -9,9 +9,6 @@ clusters: api-domain: gateway.ethswarm.org api-insecure-tls: true api-scheme: https - debug-api-domain: bee-gateway.mainnet.internal - debug-api-insecure-tls: true - debug-api-scheme: https funding: eth: 0.1 gbzz: 2.0 diff --git a/config/staging.yaml b/config/staging.yaml index 23e58ea9e..f0c9e18c6 100644 --- a/config/staging.yaml +++ b/config/staging.yaml @@ -9,9 +9,6 @@ clusters: api-domain: staging.ethswarm.org api-insecure-tls: true api-scheme: https - debug-api-domain: staging.internal - debug-api-insecure-tls: true - debug-api-scheme: https funding: eth: 0.1 gbzz: 2.0 diff --git a/config/testnet-giant.yaml b/config/testnet-giant.yaml index a44f94368..8f21f8c43 100644 --- a/config/testnet-giant.yaml +++ b/config/testnet-giant.yaml @@ -9,9 +9,6 @@ clusters: api-domain: staging.internal api-insecure-tls: true api-scheme: https - debug-api-domain: staging.internal - debug-api-insecure-tls: true - debug-api-scheme: https funding: eth: 0.1 gbzz: 2.0 @@ -51,7 +48,6 @@ node-groups: nginx.ingress.kubernetes.io/session-cookie-path: "default" nginx.ingress.kubernetes.io/ssl-redirect: "true" ingress-class: "nginx-internal" - ingress-debug-class: "nginx-internal" labels: app.kubernetes.io/component: "node" app.kubernetes.io/name: "bee" @@ -88,8 +84,6 @@ bee-configs: db-block-cache-capacity: 33554432 db-write-buffer-size: 33554432 db-disable-seeks-compaction: false - debug-api-addr: ":1635" - debug-api-enable: true full-node: true mainnet: false nat-addr: "" diff --git a/config/testnet.yaml b/config/testnet.yaml index d5b947475..b76bef31f 100644 --- a/config/testnet.yaml +++ b/config/testnet.yaml @@ -9,9 +9,6 @@ clusters: api-domain: staging.internal api-insecure-tls: true api-scheme: https - debug-api-domain: staging.internal - debug-api-insecure-tls: true - debug-api-scheme: https funding: eth: 0.1 gbzz: 2.0 @@ -48,7 +45,6 @@ node-groups: nginx.ingress.kubernetes.io/session-cookie-path: "default" nginx.ingress.kubernetes.io/ssl-redirect: "true" ingress-class: "nginx-internal" - ingress-debug-class: "nginx-internal" labels: app.kubernetes.io/component: "node" app.kubernetes.io/name: "bee" @@ -90,8 +86,6 @@ bee-configs: db-block-cache-capacity: 33554432 db-write-buffer-size: 33554432 db-disable-seeks-compaction: false - debug-api-addr: ":1635" - debug-api-enable: true full-node: true nat-addr: "" mainnet: false diff --git a/pkg/bee/api/api.go b/pkg/bee/api/api.go index 6e488dc12..d6814b5a2 100644 --- a/pkg/bee/api/api.go +++ b/pkg/bee/api/api.go @@ -44,6 +44,11 @@ type Client struct { SOC *SOCService Stewardship *StewardshipService Auth *AuthService + + Node *NodeService + PingPong *PingPongService + Postage *PostageService + Stake *StakingService } // ClientOptions holds optional parameters for the Client. @@ -82,6 +87,10 @@ func newClient(httpClient *http.Client) (c *Client) { c.SOC = (*SOCService)(&c.service) c.Stewardship = (*StewardshipService)(&c.service) c.Auth = (*AuthService)(&c.service) + c.Node = (*NodeService)(&c.service) + c.PingPong = (*PingPongService)(&c.service) + c.Postage = (*PostageService)(&c.service) + c.Stake = (*StakingService)(&c.service) return c } diff --git a/pkg/bee/debugapi/debugstore.go b/pkg/bee/api/debugstore.go similarity index 96% rename from pkg/bee/debugapi/debugstore.go rename to pkg/bee/api/debugstore.go index b8ded424a..66f6750cc 100644 --- a/pkg/bee/debugapi/debugstore.go +++ b/pkg/bee/api/debugstore.go @@ -1,4 +1,4 @@ -package debugapi +package api import ( "context" diff --git a/pkg/bee/debugapi/node.go b/pkg/bee/api/node.go similarity index 99% rename from pkg/bee/debugapi/node.go rename to pkg/bee/api/node.go index c1fef49f3..fca3e4f94 100644 --- a/pkg/bee/debugapi/node.go +++ b/pkg/bee/api/node.go @@ -1,4 +1,4 @@ -package debugapi +package api import ( "context" diff --git a/pkg/bee/debugapi/pingpong.go b/pkg/bee/api/pingpong.go similarity index 96% rename from pkg/bee/debugapi/pingpong.go rename to pkg/bee/api/pingpong.go index 9be838771..bc9e050c8 100644 --- a/pkg/bee/debugapi/pingpong.go +++ b/pkg/bee/api/pingpong.go @@ -1,4 +1,4 @@ -package debugapi +package api import ( "context" diff --git a/pkg/bee/debugapi/postage.go b/pkg/bee/api/postage.go similarity index 99% rename from pkg/bee/debugapi/postage.go rename to pkg/bee/api/postage.go index 9c1b9f471..7b6dd65a4 100644 --- a/pkg/bee/debugapi/postage.go +++ b/pkg/bee/api/postage.go @@ -1,4 +1,4 @@ -package debugapi +package api import ( "context" diff --git a/pkg/bee/debugapi/stake.go b/pkg/bee/api/stake.go similarity index 98% rename from pkg/bee/debugapi/stake.go rename to pkg/bee/api/stake.go index 34e14cf5c..cf809147c 100644 --- a/pkg/bee/debugapi/stake.go +++ b/pkg/bee/api/stake.go @@ -1,4 +1,4 @@ -package debugapi +package api import ( "context" diff --git a/pkg/bee/client.go b/pkg/bee/client.go index 353c9037f..adc4a98bc 100644 --- a/pkg/bee/client.go +++ b/pkg/bee/client.go @@ -16,7 +16,6 @@ import ( "github.com/ethereum/go-ethereum/common" "github.com/ethersphere/bee/pkg/swarm" "github.com/ethersphere/beekeeper/pkg/bee/api" - "github.com/ethersphere/beekeeper/pkg/bee/debugapi" "github.com/ethersphere/beekeeper/pkg/logging" ) @@ -24,22 +23,19 @@ const retryCount int = 5 // Client manages communication with the Bee node type Client struct { - api *api.Client - debug *debugapi.Client - opts ClientOptions - log logging.Logger + api *api.Client + opts ClientOptions + log logging.Logger // number of times to retry call retry int } // ClientOptions holds optional parameters for the Client. type ClientOptions struct { - APIURL *url.URL - APIInsecureTLS bool - DebugAPIURL *url.URL - DebugAPIInsecureTLS bool - Retry int - Restricted bool + APIURL *url.URL + APIInsecureTLS bool + Retry int + Restricted bool } // NewClient returns Bee client @@ -55,11 +51,6 @@ func NewClient(opts ClientOptions, log logging.Logger) (c *Client) { TLSClientConfig: &tls.Config{InsecureSkipVerify: opts.APIInsecureTLS}, }}, Restricted: opts.Restricted}) } - if opts.DebugAPIURL != nil { - c.debug = debugapi.NewClient(opts.DebugAPIURL, &debugapi.ClientOptions{HTTPClient: &http.Client{Transport: &http.Transport{ - TLSClientConfig: &tls.Config{InsecureSkipVerify: opts.DebugAPIInsecureTLS}, - }}, Restricted: opts.Restricted}) - } if opts.Retry > 0 { c.retry = opts.Retry } @@ -82,7 +73,7 @@ func (c *Client) Config() ClientOptions { // Addresses returns node's addresses func (c *Client) Addresses(ctx context.Context) (resp Addresses, err error) { - a, err := c.debug.Node.Addresses(ctx) + a, err := c.api.Node.Addresses(ctx) if err != nil { return Addresses{}, fmt.Errorf("get addresses: %w", err) } @@ -118,7 +109,7 @@ type Accounting struct { // Accounting returns node's accounts with all peers func (c *Client) Accounting(ctx context.Context) (resp Accounting, err error) { - r, err := c.debug.Node.Accounting(ctx) + r, err := c.api.Node.Accounting(ctx) if err != nil { return Accounting{}, fmt.Errorf("get accounting: %w", err) } @@ -150,7 +141,7 @@ type Balance struct { // Balance returns node's balance with a given peer func (c *Client) Balance(ctx context.Context, a swarm.Address) (resp Balance, err error) { - b, err := c.debug.Node.Balance(ctx, a) + b, err := c.api.Node.Balance(ctx, a) if err != nil { return Balance{}, fmt.Errorf("get balance with node %s: %w", a.String(), err) } @@ -168,7 +159,7 @@ type Balances struct { // Balances returns node's balances func (c *Client) Balances(ctx context.Context) (resp Balances, err error) { - r, err := c.debug.Node.Balances(ctx) + r, err := c.api.Node.Balances(ctx) if err != nil { return Balances{}, fmt.Errorf("get balances: %w", err) } @@ -235,13 +226,13 @@ func (c *Client) DownloadFile(ctx context.Context, a swarm.Address, opts *api.Do // HasChunk returns true/false if node has a chunk func (c *Client) HasChunk(ctx context.Context, a swarm.Address) (bool, error) { - return c.debug.Node.HasChunk(ctx, a) + return c.api.Node.HasChunk(ctx, a) } func (c *Client) HasChunks(ctx context.Context, a []swarm.Address) (has []bool, count int, err error) { has = make([]bool, len(a)) for i, addr := range a { - v, err := c.debug.Node.HasChunk(ctx, addr) + v, err := c.api.Node.HasChunk(ctx, addr) if err != nil { return nil, 0, err } @@ -255,11 +246,11 @@ func (c *Client) HasChunks(ctx context.Context, a []swarm.Address) (has []bool, // Overlay returns node's overlay address func (c *Client) Overlay(ctx context.Context) (o swarm.Address, err error) { - var a debugapi.Addresses + var a api.Addresses for r := 0; r < c.retry; r++ { time.Sleep(2 * time.Duration(r) * time.Second) - a, err = c.debug.Node.Addresses(ctx) + a, err = c.api.Node.Addresses(ctx) if err != nil { continue } @@ -275,7 +266,7 @@ func (c *Client) Overlay(ctx context.Context) (o swarm.Address, err error) { // Peers returns addresses of node's peers func (c *Client) Peers(ctx context.Context) (peers []swarm.Address, err error) { - ps, err := c.debug.Node.Peers(ctx) + ps, err := c.api.Node.Peers(ctx) if err != nil { return nil, fmt.Errorf("get peers: %w", err) } @@ -310,7 +301,7 @@ func (c *Client) GetPins(ctx context.Context) ([]swarm.Address, error) { // Ping pings other node func (c *Client) Ping(ctx context.Context, node swarm.Address) (rtt string, err error) { - r, err := c.debug.PingPong.Ping(ctx, node) + r, err := c.api.PingPong.Ping(ctx, node) if err != nil { return "", fmt.Errorf("ping node %s: %w", node, err) } @@ -362,7 +353,7 @@ type Settlement struct { // Settlement returns node's settlement with a given peer func (c *Client) Settlement(ctx context.Context, a swarm.Address) (resp Settlement, err error) { - b, err := c.debug.Node.Settlement(ctx, a) + b, err := c.api.Node.Settlement(ctx, a) if err != nil { return Settlement{}, fmt.Errorf("get settlement with node %s: %w", a.String(), err) } @@ -386,7 +377,7 @@ func (c *Client) CreatePostageBatch(ctx context.Context, amount int64, depth uin } c.log.Infof("reserve state (prior to buying the batch):%s", rs.String()) } - id, err := c.debug.Postage.CreatePostageBatch(ctx, amount, depth, label) + id, err := c.api.Postage.CreatePostageBatch(ctx, amount, depth, label) if err != nil { return "", fmt.Errorf("create postage stamp: %w", err) } @@ -396,7 +387,7 @@ func (c *Client) CreatePostageBatch(ctx context.Context, amount int64, depth uin // wait for the stamp to become usable for i := 0; i < 900; i++ { time.Sleep(1 * time.Second) - state, err := c.debug.Postage.PostageStamp(ctx, id) + state, err := c.api.Postage.PostageStamp(ctx, id) if err != nil { continue } @@ -449,13 +440,13 @@ func (c *Client) GetOrCreateBatch(ctx context.Context, amount int64, depth uint6 } // PostageBatches returns the list of batches of node -func (c *Client) PostageBatches(ctx context.Context) ([]debugapi.PostageStampResponse, error) { - return c.debug.Postage.PostageBatches(ctx) +func (c *Client) PostageBatches(ctx context.Context) ([]api.PostageStampResponse, error) { + return c.api.Postage.PostageBatches(ctx) } // PostageStamp returns the batch by ID -func (c *Client) PostageStamp(ctx context.Context, batchID string) (debugapi.PostageStampResponse, error) { - return c.debug.Postage.PostageStamp(ctx, batchID) +func (c *Client) PostageStamp(ctx context.Context, batchID string) (api.PostageStampResponse, error) { + return c.api.Postage.PostageStamp(ctx, batchID) } // TopupPostageBatch tops up the given batch with the amount per chunk @@ -465,7 +456,7 @@ func (c *Client) TopUpPostageBatch(ctx context.Context, batchID string, amount i return fmt.Errorf("unable to retrieve batch details: %w", err) } - err = c.debug.Postage.TopUpPostageBatch(ctx, batchID, amount, gasPrice) + err = c.api.Postage.TopUpPostageBatch(ctx, batchID, amount, gasPrice) if err != nil { return err } @@ -489,12 +480,12 @@ func (c *Client) TopUpPostageBatch(ctx context.Context, batchID string, amount i // DilutePostageBatch dilutes the given batch by increasing the depth func (c *Client) DilutePostageBatch(ctx context.Context, batchID string, depth uint64, gasPrice string) error { - batch, err := c.debug.Postage.PostageStamp(ctx, batchID) + batch, err := c.api.Postage.PostageStamp(ctx, batchID) if err != nil { return fmt.Errorf("unable to retrieve batch details: %w", err) } - err = c.debug.Postage.DilutePostageBatch(ctx, batchID, depth, gasPrice) + err = c.api.Postage.DilutePostageBatch(ctx, batchID, depth, gasPrice) if err != nil { return err } @@ -502,7 +493,7 @@ func (c *Client) DilutePostageBatch(ctx context.Context, batchID string, depth u for i := 0; i < 60; i++ { time.Sleep(time.Second) - b, err := c.debug.Postage.PostageStamp(ctx, batchID) + b, err := c.api.Postage.PostageStamp(ctx, batchID) if err != nil { return err } @@ -517,8 +508,8 @@ func (c *Client) DilutePostageBatch(ctx context.Context, batchID string, depth u } // ReserveState returns reserve radius, available capacity, inner and outer radiuses -func (c *Client) ReserveState(ctx context.Context) (debugapi.ReserveState, error) { - return c.debug.Postage.ReserveState(ctx) +func (c *Client) ReserveState(ctx context.Context) (api.ReserveState, error) { + return c.api.Postage.ReserveState(ctx) } // SendPSSMessage triggers a PSS message with a topic and recipient address @@ -545,7 +536,7 @@ type Settlements struct { // Settlements returns node's settlements func (c *Client) Settlements(ctx context.Context) (resp Settlements, err error) { - r, err := c.debug.Node.Settlements(ctx) + r, err := c.api.Node.Settlements(ctx) if err != nil { return Settlements{}, fmt.Errorf("get settlements: %w", err) } @@ -584,7 +575,7 @@ type CashoutStatusResponse struct { } func (c *Client) CashoutStatus(ctx context.Context, a swarm.Address) (resp CashoutStatusResponse, err error) { - r, err := c.debug.Node.CashoutStatus(ctx, a) + r, err := c.api.Node.CashoutStatus(ctx, a) if err != nil { return CashoutStatusResponse{}, fmt.Errorf("cashout: %w", err) } @@ -612,7 +603,7 @@ func (c *Client) CashoutStatus(ctx context.Context, a swarm.Address) (resp Casho } func (c *Client) Cashout(ctx context.Context, a swarm.Address) (resp string, err error) { - r, err := c.debug.Node.Cashout(ctx, a) + r, err := c.api.Node.Cashout(ctx, a) if err != nil { return "", fmt.Errorf("cashout: %w", err) } @@ -626,7 +617,7 @@ type ChequebookBalanceResponse struct { } func (c *Client) ChequebookBalance(ctx context.Context) (resp ChequebookBalanceResponse, err error) { - r, err := c.debug.Node.ChequebookBalance(ctx) + r, err := c.api.Node.ChequebookBalance(ctx) if err != nil { return ChequebookBalanceResponse{}, fmt.Errorf("cashout: %w", err) } @@ -652,19 +643,19 @@ type Topology struct { // Bin represents Kademlia bin type Bin struct { - Population int `json:"population"` - Connected int `json:"connected"` - DisconnectedPeers []debugapi.PeerInfo `json:"disconnectedPeers"` - ConnectedPeers []debugapi.PeerInfo `json:"connectedPeers"` + Population int `json:"population"` + Connected int `json:"connected"` + DisconnectedPeers []api.PeerInfo `json:"disconnectedPeers"` + ConnectedPeers []api.PeerInfo `json:"connectedPeers"` } // Topology returns Kademlia topology func (c *Client) Topology(ctx context.Context) (topology Topology, err error) { - var t debugapi.Topology + var t api.Topology for r := 0; r < c.retry; r++ { time.Sleep(2 * time.Duration(r) * time.Second) - t, err = c.debug.Node.Topology(ctx) + t, err = c.api.Node.Topology(ctx) if err != nil { continue } @@ -708,7 +699,7 @@ func (c *Client) Topology(ctx context.Context) (topology Topology, err error) { // Underlay returns node's underlay addresses func (c *Client) Underlay(ctx context.Context) ([]string, error) { - a, err := c.debug.Node.Addresses(ctx) + a, err := c.api.Node.Addresses(ctx) if err != nil { return nil, fmt.Errorf("get underlay: %w", err) } @@ -836,22 +827,22 @@ func (c *Client) Refresh(ctx context.Context, securityToken string) (string, err // DepositStake deposits stake func (c *Client) DepositStake(ctx context.Context, amount *big.Int) (string, error) { - return c.debug.Stake.DepositStake(ctx, amount) + return c.api.Stake.DepositStake(ctx, amount) } // GetStake returns stake amount func (c *Client) GetStake(ctx context.Context) (*big.Int, error) { - return c.debug.Stake.GetStakedAmount(ctx) + return c.api.Stake.GetStakedAmount(ctx) } // WithdrawStake withdraws stake func (c *Client) WithdrawStake(ctx context.Context) (string, error) { - return c.debug.Stake.WithdrawStake(ctx) + return c.api.Stake.WithdrawStake(ctx) } // WalletBalance fetches the balance for the given token func (c *Client) WalletBalance(ctx context.Context, token string) (*big.Int, error) { - resp, err := c.debug.Node.Wallet(ctx) + resp, err := c.api.Node.Wallet(ctx) if err != nil { return nil, err } @@ -865,7 +856,7 @@ func (c *Client) WalletBalance(ctx context.Context, token string) (*big.Int, err // Withdraw transfers token from eth address to the provided address func (c *Client) Withdraw(ctx context.Context, token, addr string, amount int64) error { - resp, err := c.debug.Node.Withdraw(ctx, token, addr, amount) + resp, err := c.api.Node.Withdraw(ctx, token, addr, amount) if err != nil { return err } diff --git a/pkg/bee/debugapi/debugapi.go b/pkg/bee/debugapi/debugapi.go deleted file mode 100644 index d2ff7e9f4..000000000 --- a/pkg/bee/debugapi/debugapi.go +++ /dev/null @@ -1,252 +0,0 @@ -package debugapi - -import ( - "bytes" - "context" - "encoding/json" - "fmt" - "io" - "net/http" - "net/url" - "strings" - - "github.com/ethersphere/beekeeper" - "github.com/ethersphere/beekeeper/pkg/bee/api" -) - -const contentType = "application/json; charset=utf-8" - -var userAgent = "beekeeper/" + beekeeper.Version - -// Client manages communication with the Bee Debug API. -type Client struct { - httpClient *http.Client // HTTP client must handle authentication implicitly. - service service // Reuse a single struct instead of allocating one for each service on the heap. - - // Services that API provides. - Node *NodeService - PingPong *PingPongService - Postage *PostageService - Stake *StakingService - restricted bool -} - -// ClientOptions holds optional parameters for the Client. -type ClientOptions struct { - HTTPClient *http.Client - Restricted bool -} - -// NewClient constructs a new Client. -func NewClient(baseURL *url.URL, o *ClientOptions) (c *Client) { - if o == nil { - o = new(ClientOptions) - } - if o.HTTPClient == nil { - o.HTTPClient = new(http.Client) - } - - c = newClient(httpClientWithTransport(baseURL, o.HTTPClient)) - c.restricted = o.Restricted - - return c -} - -// newClient constructs a new *Client with the provided http Client, which -// should handle authentication implicitly, and sets all API services. -func newClient(httpClient *http.Client) (c *Client) { - c = &Client{httpClient: httpClient} - c.service.client = c - c.Node = (*NodeService)(&c.service) - c.PingPong = (*PingPongService)(&c.service) - c.Postage = (*PostageService)(&c.service) - c.Stake = (*StakingService)(&c.service) - return c -} - -func httpClientWithTransport(baseURL *url.URL, c *http.Client) *http.Client { - if c == nil { - c = new(http.Client) - } - - transport := c.Transport - if transport == nil { - transport = http.DefaultTransport - } - - if !strings.HasSuffix(baseURL.Path, "/") { - baseURL.Path += "/" - } - - c.Transport = roundTripperFunc(func(r *http.Request) (resp *http.Response, err error) { - r.Header.Set("User-Agent", userAgent) - u, err := baseURL.Parse(r.URL.String()) - if err != nil { - return nil, err - } - r.URL = u - return transport.RoundTrip(r) - }) - return c -} - -// requestJSON handles the HTTP request response cycle. It JSON encodes the request -// body, creates an HTTP request with provided method on a path with required -// headers and decodes request body if the v argument is not nil and content type is -// application/json. -func (c *Client) requestJSON(ctx context.Context, method, path string, body, v interface{}) (err error) { - var bodyBuffer io.ReadWriter - if body != nil { - bodyBuffer = new(bytes.Buffer) - if err = encodeJSON(bodyBuffer, body); err != nil { - return err - } - } - - return c.request(ctx, method, path, bodyBuffer, v) -} - -// requestWithHeader handles the HTTP request response cycle. -func (c *Client) requestWithHeader(ctx context.Context, method, path string, header http.Header, body io.Reader, v interface{}) (err error) { - req, err := http.NewRequest(method, path, body) - if err != nil { - return err - } - req = req.WithContext(ctx) - - req.Header = header - req.Header.Add("Accept", contentType) - - if c.restricted && req.Header.Get("Authorization") == "" { - key, err := api.GetToken(path, method) - if err != nil { - return err - } - req.Header.Set("Authorization", "Bearer "+key) - } - - r, err := c.httpClient.Do(req) - if err != nil { - return err - } - - if err = responseErrorHandler(r); err != nil { - return err - } - - if v != nil && strings.Contains(r.Header.Get("Content-Type"), "application/json") { - _ = json.NewDecoder(r.Body).Decode(&v) - return err - } - - return err -} - -// request handles the HTTP request response cycle. -func (c *Client) request(ctx context.Context, method, path string, body io.Reader, v interface{}) (err error) { - req, err := http.NewRequest(method, path, body) - if err != nil { - return err - } - req = req.WithContext(ctx) - - if body != nil { - req.Header.Set("Content-Type", contentType) - } - req.Header.Set("Accept", contentType) - - if c.restricted && req.Header.Get("Authorization") == "" { - key, err := api.GetToken(path, method) - if err != nil { - return err - } - req.Header.Set("Authorization", "Bearer "+key) - } - - r, err := c.httpClient.Do(req) - if err != nil { - return err - } - defer drain(r.Body) - - if err = responseErrorHandler(r); err != nil { - return err - } - - if v != nil && strings.Contains(r.Header.Get("Content-Type"), "application/json") { - return json.NewDecoder(r.Body).Decode(&v) - } - return nil -} - -// encodeJSON writes a JSON-encoded v object to the provided writer with -// SetEscapeHTML set to false. -func encodeJSON(w io.Writer, v interface{}) (err error) { - enc := json.NewEncoder(w) - enc.SetEscapeHTML(false) - return enc.Encode(v) -} - -// drain discards all of the remaining data from the reader and closes it, -// asynchronously. -func drain(r io.ReadCloser) { - go func() { - // Panicking here does not put data in - // an inconsistent state. - defer func() { - _ = recover() - }() - - _, _ = io.Copy(io.Discard, r) - r.Close() - }() -} - -type messageResponse struct { - Message string `json:"message"` -} - -// responseErrorHandler returns an error based on the HTTP status code or nil if -// the status code is from 200 to 299. -// The error will include the message from standardized JSON-encoded error response -// if it is not the same as the status text. -func responseErrorHandler(r *http.Response) (err error) { - if r.StatusCode/100 == 2 { - // no error if response in 2xx range - return nil - } - - var e messageResponse - if strings.Contains(r.Header.Get("Content-Type"), "application/json") { - if err = json.NewDecoder(r.Body).Decode(&e); err != nil && err != io.EOF { - return err - } - } - - err = NewHTTPStatusError(r.StatusCode) - // add message to the error if it is not already the same as the status text - if e.Message != "" && e.Message != http.StatusText(r.StatusCode) { - return fmt.Errorf("response message %q: status: %w", e.Message, err) - } - return err -} - -// service is the base type for all API service providing the Client instance -// for them to use. -type service struct { - client *Client -} - -// Bool is a helper routine that allocates a new bool value to store v and -// returns a pointer to it. -func Bool(v bool) (p *bool) { return &v } - -// roundTripperFunc type is an adapter to allow the use of ordinary functions as -// http.RoundTripper interfaces. If f is a function with the appropriate -// signature, roundTripperFunc(f) is a http.RoundTripper that calls f. -type roundTripperFunc func(*http.Request) (*http.Response, error) - -// RoundTrip calls f(r). -func (f roundTripperFunc) RoundTrip(r *http.Request) (*http.Response, error) { - return f(r) -} diff --git a/pkg/bee/debugapi/errors.go b/pkg/bee/debugapi/errors.go deleted file mode 100644 index 8b42ba269..000000000 --- a/pkg/bee/debugapi/errors.go +++ /dev/null @@ -1,35 +0,0 @@ -package debugapi - -import ( - "errors" - "fmt" - "net/http" -) - -// HTTPStatusError represents the error derived from the HTTP response status -// code. -type HTTPStatusError struct { - Code int -} - -// NewHTTPStatusError creates a new instance of HTTPStatusError based on the -// provided code. -func NewHTTPStatusError(code int) *HTTPStatusError { - return &HTTPStatusError{ - Code: code, - } -} - -func (e *HTTPStatusError) Error() string { - return fmt.Sprintf("%d %s", e.Code, http.StatusText(e.Code)) -} - -// IsHTTPStatusErrorCode return whether the error is HTTPStatusError with a -// specific HTTP status code. -func IsHTTPStatusErrorCode(err error, code int) bool { - var e *HTTPStatusError - if errors.As(err, &e) { - return e.Code == code - } - return false -} diff --git a/pkg/bee/debugapi/errors_test.go b/pkg/bee/debugapi/errors_test.go deleted file mode 100644 index d07a65dca..000000000 --- a/pkg/bee/debugapi/errors_test.go +++ /dev/null @@ -1,128 +0,0 @@ -package debugapi - -import ( - "encoding/json" - "errors" - "fmt" - "io" - "net/http" - "net/http/httptest" - "testing" -) - -func TestIsHTTPStatusErrorCode(t *testing.T) { - if ok := IsHTTPStatusErrorCode(NewHTTPStatusError(http.StatusBadGateway), http.StatusBadGateway); !ok { - t.Fatal("got false") - } - if ok := IsHTTPStatusErrorCode(NewHTTPStatusError(http.StatusBadGateway), http.StatusInternalServerError); ok { - t.Fatal("got true") - } - if ok := IsHTTPStatusErrorCode(nil, http.StatusTeapot); ok { - t.Fatal("got true") - } - if ok := IsHTTPStatusErrorCode(io.EOF, http.StatusTeapot); ok { - t.Fatal("got true") - } -} - -func TestResponseErrorHandler(t *testing.T) { - for _, tc := range []struct { - name string - handler http.Handler - err error - }{ - { - name: "blank", - handler: http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {}), - }, - { - name: "status ok", - handler: http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { - w.WriteHeader(http.StatusOK) - }), - }, - { - name: "status created", - handler: http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { - w.WriteHeader(http.StatusCreated) - }), - }, - { - name: "status only", - handler: http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { - w.WriteHeader(http.StatusBadRequest) - }), - err: NewHTTPStatusError(http.StatusBadRequest), - }, - { - name: "status only 2", - handler: http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { - w.WriteHeader(http.StatusInternalServerError) - }), - err: NewHTTPStatusError(http.StatusInternalServerError), - }, - { - name: "no data", - handler: http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { - w.WriteHeader(http.StatusInternalServerError) - w.Header().Set("Content-Type", contentType) - }), - err: NewHTTPStatusError(http.StatusInternalServerError), - }, - { - name: "no message", - handler: http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { - w.WriteHeader(http.StatusInternalServerError) - w.Header().Set("Content-Type", contentType) - _, _ = w.Write(encodeMessageResponse(t, "")) - }), - err: NewHTTPStatusError(http.StatusInternalServerError), - }, - { - name: "custom message", - handler: http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { - w.Header().Set("Content-Type", contentType) - w.WriteHeader(http.StatusInternalServerError) - _, _ = w.Write(encodeMessageResponse(t, "custom message")) - }), - err: fmt.Errorf("response message %q: status: %w", "custom message", NewHTTPStatusError(http.StatusInternalServerError)), - }, - } { - t.Run(tc.name, func(t *testing.T) { - recorder := httptest.NewRecorder() - tc.handler.ServeHTTP(recorder, nil) - - gotErr := responseErrorHandler(recorder.Result()) - - if tc.err == nil && gotErr == nil { - return // all fine - } - - var e *HTTPStatusError - if !errors.As(gotErr, &e) { - t.Fatalf("got error %v, want %v", gotErr, tc.err) - } else if e.Code != recorder.Code { - t.Fatalf("got error code %v, want %v", e.Code, recorder.Code) - } - - gotErrMessage := gotErr.Error() - wantErrMessage := tc.err.Error() - if gotErrMessage != wantErrMessage { - t.Fatalf("got error message %q, want %q", gotErrMessage, wantErrMessage) - } - }) - } -} - -func encodeMessageResponse(t *testing.T, message string) []byte { - t.Helper() - - data, err := json.Marshal(messageResponse{ - Message: message, - }) - if err != nil { - t.Fatal(err) - } - - return data -} diff --git a/pkg/check/stake/stake.go b/pkg/check/stake/stake.go index 0aa142238..4d8ad2ed1 100644 --- a/pkg/check/stake/stake.go +++ b/pkg/check/stake/stake.go @@ -4,11 +4,11 @@ import ( "context" "errors" "fmt" + "github.com/ethersphere/beekeeper/pkg/bee/api" "math/big" "github.com/ethereum/go-ethereum/accounts/abi/bind" "github.com/ethersphere/beekeeper/pkg/bee" - "github.com/ethersphere/beekeeper/pkg/bee/debugapi" "github.com/ethersphere/beekeeper/pkg/beekeeper" "github.com/ethersphere/beekeeper/pkg/logging" "github.com/ethersphere/beekeeper/pkg/orchestration" @@ -90,7 +90,7 @@ func (c *Check) Run(ctx context.Context, cluster orchestration.Cluster, opts int // depositing insufficient amount should fail _, err = client.DepositStake(ctx, o.InsufficientAmount) - if !debugapi.IsHTTPStatusErrorCode(err, 400) { + if !api.IsHTTPStatusErrorCode(err, 400) { return fmt.Errorf("deposit insufficient stake amount: expected code %v, got %v", 400, err) } diff --git a/pkg/config/bee.go b/pkg/config/bee.go index 2d2536348..2691742e5 100644 --- a/pkg/config/bee.go +++ b/pkg/config/bee.go @@ -26,8 +26,6 @@ type BeeConfig struct { DbBlockCacheCapacity *int `yaml:"db-block-cache-capacity"` DbWriteBufferSize *int `yaml:"db-write-buffer-size"` DbDisableSeeksCompaction *bool `yaml:"db-disable-seeks-compaction"` - DebugAPIAddr *string `yaml:"debug-api-addr"` - DebugAPIEnable *bool `yaml:"debug-api-enable"` FullNode *bool `yaml:"full-node"` NATAddr *string `yaml:"nat-addr"` Mainnet *bool `yaml:"mainnet"` diff --git a/pkg/config/cluster.go b/pkg/config/cluster.go index 8b66f02d2..7871ecf01 100644 --- a/pkg/config/cluster.go +++ b/pkg/config/cluster.go @@ -11,19 +11,16 @@ type Cluster struct { // parent to inherit settings from *Inherit `yaml:",inline"` // Cluster configuration - Name *string `yaml:"name"` - Namespace *string `yaml:"namespace"` - DisableNamespace *bool `yaml:"disable-namespace"` - UseStaticEndpoints *bool `yaml:"use-static-endpoints"` - APIDomain *string `yaml:"api-domain"` - APIInsecureTLS *bool `yaml:"api-insecure-tls"` - APIScheme *string `yaml:"api-scheme"` - DebugAPIDomain *string `yaml:"debug-api-domain"` - DebugAPIInsecureTLS *bool `yaml:"debug-api-insecure-tls"` - DebugAPIScheme *string `yaml:"debug-api-scheme"` - Funding *Funding `yaml:"funding"` - NodeGroups *map[string]ClusterNodeGroup `yaml:"node-groups"` - AdminPassword *string `yaml:"admin-password"` + Name *string `yaml:"name"` + Namespace *string `yaml:"namespace"` + DisableNamespace *bool `yaml:"disable-namespace"` + UseStaticEndpoints *bool `yaml:"use-static-endpoints"` + APIDomain *string `yaml:"api-domain"` + APIInsecureTLS *bool `yaml:"api-insecure-tls"` + APIScheme *string `yaml:"api-scheme"` + Funding *Funding `yaml:"funding"` + NodeGroups *map[string]ClusterNodeGroup `yaml:"node-groups"` + AdminPassword *string `yaml:"admin-password"` } // ClusterNodeGroup represents node group in the cluster @@ -47,9 +44,8 @@ type ClusterNode struct { } type NodeEndpoint struct { - Name string `yaml:"name"` - APIURL string `yaml:"api-url"` - DebugAPIURL string `yaml:"debug-api-url"` + Name string `yaml:"name"` + APIURL string `yaml:"api-url"` } type Clef struct { diff --git a/pkg/config/nodegroup.go b/pkg/config/nodegroup.go index c3d995dc5..4a6beeda2 100644 --- a/pkg/config/nodegroup.go +++ b/pkg/config/nodegroup.go @@ -19,8 +19,6 @@ type NodeGroup struct { ImagePullSecrets *[]string `yaml:"image-pull-secrets"` IngressAnnotations *map[string]string `yaml:"ingress-annotations"` IngressClass *string `yaml:"ingress-class"` - IngressDebugAnnotations *map[string]string `yaml:"ingress-debug-annotations"` - IngressDebugClass *string `yaml:"ingress-debug-class"` Labels *map[string]string `yaml:"labels"` NodeSelector *map[string]string `yaml:"node-selector"` PersistenceEnabled *bool `yaml:"persistence-enabled"` diff --git a/pkg/k8s/customresource/ingressroute/client.go b/pkg/k8s/customresource/ingressroute/client.go index 8cdd6478e..d18fec747 100644 --- a/pkg/k8s/customresource/ingressroute/client.go +++ b/pkg/k8s/customresource/ingressroute/client.go @@ -82,8 +82,8 @@ func (c *Client) Delete(ctx context.Context, name, namespace string) (err error) return } -// ListDebugNodesHosts list Ingresses that are nodes -func (c *Client) ListDebugNodesHosts(ctx context.Context, namespace string) (nodes []ingress.NodeInfo, err error) { +// ListAPINodesHosts list Ingresses that are nodes +func (c *Client) ListAPINodesHosts(ctx context.Context, namespace string) (nodes []ingress.NodeInfo, err error) { ingressRoutes, err := c.clientset.IngressRoutes(namespace).List(ctx, metav1.ListOptions{ LabelSelector: "app.kubernetes.io/name=bee", }) @@ -96,12 +96,12 @@ func (c *Client) ListDebugNodesHosts(ctx context.Context, namespace string) (nod if ingressRoutes != nil { for _, ingressRoute := range ingressRoutes.Items { - if strings.HasSuffix(ingressRoute.Name, "-debug") { + if strings.HasSuffix(ingressRoute.Name, "-api") { for _, route := range ingressRoute.Spec.Routes { host := route.GetHost() if host != "" { nodes = append(nodes, ingress.NodeInfo{ - Name: strings.TrimSuffix(ingressRoute.Name, "-debug"), + Name: strings.TrimSuffix(ingressRoute.Name, "-api"), Host: host, }) } diff --git a/pkg/k8s/ingress/client.go b/pkg/k8s/ingress/client.go index e756c8055..57a0d7f54 100644 --- a/pkg/k8s/ingress/client.go +++ b/pkg/k8s/ingress/client.go @@ -76,8 +76,8 @@ func (c *Client) Delete(ctx context.Context, name, namespace string) (err error) return } -// ListDebugNodesHosts list Ingresses that are nodes -func (c *Client) ListDebugNodesHosts(ctx context.Context, namespace string) (nodes []NodeInfo, err error) { +// ListAPINodesHosts list Ingresses that are nodes +func (c *Client) ListAPINodesHosts(ctx context.Context, namespace string) (nodes []NodeInfo, err error) { ingreses, err := c.clientset.NetworkingV1().Ingresses(namespace).List(ctx, metav1.ListOptions{ LabelSelector: "app.kubernetes.io/name=bee", }) @@ -89,11 +89,11 @@ func (c *Client) ListDebugNodesHosts(ctx context.Context, namespace string) (nod } for _, ingress := range ingreses.Items { - if strings.HasSuffix(ingress.Name, "-debug") { + if strings.HasSuffix(ingress.Name, "-api") { for _, rule := range ingress.Spec.Rules { if rule.Host != "" { nodes = append(nodes, NodeInfo{ - Name: strings.TrimSuffix(ingress.Name, "-debug"), + Name: strings.TrimSuffix(ingress.Name, "-api"), Host: rule.Host, }) } diff --git a/pkg/operator/operator.go b/pkg/operator/operator.go index 7b35dbaa2..50512b552 100644 --- a/pkg/operator/operator.go +++ b/pkg/operator/operator.go @@ -106,7 +106,7 @@ func (c *Client) processPodIP(ctx context.Context, podIp string) (bee.Addresses, // bee.Addresses is struct that represents response with field Ethereum string url := &url.URL{ Scheme: "http", - Host: podIp + ":1635", // it is possible to extract debug port from service + Host: podIp + ":1633", // it is possible to extract port from service Path: "/addresses", } diff --git a/pkg/orchestration/cluster.go b/pkg/orchestration/cluster.go index f6d2443fe..78817c822 100644 --- a/pkg/orchestration/cluster.go +++ b/pkg/orchestration/cluster.go @@ -43,19 +43,16 @@ type Cluster interface { // ClusterOptions represents Bee cluster options type ClusterOptions struct { - Annotations map[string]string - APIDomain string - APIInsecureTLS bool - APIScheme string - DebugAPIDomain string - DebugAPIInsecureTLS bool - DebugAPIScheme string - K8SClient *k8s.Client - SwapClient swap.Client - Labels map[string]string - Namespace string - DisableNamespace bool - AdminPassword string + Annotations map[string]string + APIDomain string + APIInsecureTLS bool + APIScheme string + K8SClient *k8s.Client + SwapClient swap.Client + Labels map[string]string + Namespace string + DisableNamespace bool + AdminPassword string } // ClusterAddresses represents addresses of all nodes in the cluster @@ -129,24 +126,3 @@ func (c ClusterOptions) IngressHost(name string) string { } return fmt.Sprintf("%s.%s.%s", name, c.Namespace, c.APIDomain) } - -// DebugAPIURL generates URL for node's DebugAPI -func (c ClusterOptions) DebugAPIURL(name string) (u *url.URL, err error) { - if c.DisableNamespace { - u, err = url.Parse(fmt.Sprintf("%s://%s-debug.%s", c.DebugAPIScheme, name, c.DebugAPIDomain)) - } else { - u, err = url.Parse(fmt.Sprintf("%s://%s-debug.%s.%s", c.DebugAPIScheme, name, c.Namespace, c.DebugAPIDomain)) - } - if err != nil { - return nil, fmt.Errorf("bad debug API url for node %s: %w", name, err) - } - return -} - -// IngressDebugHost generates host for node's DebugAPI ingress -func (c ClusterOptions) IngressDebugHost(name string) string { - if c.DisableNamespace { - return fmt.Sprintf("%s-debug.%s", name, c.DebugAPIDomain) - } - return fmt.Sprintf("%s-debug.%s.%s", name, c.Namespace, c.DebugAPIDomain) -} diff --git a/pkg/orchestration/k8s/helpers.go b/pkg/orchestration/k8s/helpers.go index c9fe50bee..5218beb3b 100644 --- a/pkg/orchestration/k8s/helpers.go +++ b/pkg/orchestration/k8s/helpers.go @@ -25,8 +25,6 @@ db-open-files-limit: {{.DbOpenFilesLimit}} db-block-cache-capacity: {{.DbBlockCacheCapacity}} db-write-buffer-size: {{.DbWriteBufferSize}} db-disable-seeks-compaction: {{.DbDisableSeeksCompaction}} -debug-api-addr: {{.DebugAPIAddr}} -debug-api-enable: {{.DebugAPIEnable}} full-node: {{.FullNode}} mainnet: {{.Mainnet}} nat-addr: {{.NATAddr}} @@ -110,7 +108,6 @@ type setContainersOptions struct { Image string ImagePullPolicy string PortAPI int32 - PortDebug int32 PortP2P int32 PersistenceEnabled bool ResourcesLimitCPU string @@ -138,11 +135,6 @@ func setContainers(o setContainersOptions) (c containers.Containers) { ContainerPort: o.PortAPI, Protocol: "TCP", }, - { - Name: "debug", - ContainerPort: o.PortDebug, - Protocol: "TCP", - }, { Name: "p2p", ContainerPort: o.PortP2P, @@ -153,7 +145,7 @@ func setContainers(o setContainersOptions) (c containers.Containers) { InitialDelaySeconds: 5, Handler: containers.HTTPGetHandler{ Path: "/health", - Port: "debug", + Port: "api", }, }}, ReadinessProbe: containers.Probe{HTTPGet: &containers.HTTPGetProbe{ @@ -163,7 +155,7 @@ func setContainers(o setContainersOptions) (c containers.Containers) { // because Beekeeper does funding it needs node to be ready before it is funded // if Bee readiness is changed to be ready before funding, path can be set to "/readiness" Path: "/health", - Port: "debug", + Port: "api", }, }}, Resources: containers.Resources{ diff --git a/pkg/orchestration/k8s/node_orchestrator.go b/pkg/orchestration/k8s/node_orchestrator.go index 69ec063b3..d94c99047 100644 --- a/pkg/orchestration/k8s/node_orchestrator.go +++ b/pkg/orchestration/k8s/node_orchestrator.go @@ -200,85 +200,6 @@ func (n *nodeOrchestrator) Create(ctx context.Context, o orchestration.CreateOpt n.log.Infof("ingress %s is set in namespace %s", apiIn, o.Namespace) } - // debug API - portDebug, err := parsePort(o.Config.DebugAPIAddr) - if err != nil { - return fmt.Errorf("parsing Debug port from config: %s", err) - } - - // debug service - debugSvc := fmt.Sprintf("%s-debug", o.Name) - if _, err := n.k8s.Service.Set(ctx, debugSvc, o.Namespace, service.Options{ - Annotations: o.Annotations, - Labels: o.Labels, - ServiceSpec: service.Spec{ - Ports: service.Ports{{ - AppProtocol: "TCP", - Name: "debug", - Protocol: "TCP", - Port: portDebug, - TargetPort: "debug", - }}, - Selector: o.Selector, - Type: "ClusterIP", - }, - }); err != nil { - return fmt.Errorf("set service in namespace %s: %w", o.Namespace, err) - } - n.log.Infof("service %s is set in namespace %s", debugSvc, o.Namespace) - - if o.IngressDebugClass == "traefik" { - // debug service's ingressroute - debugIn := fmt.Sprintf("%s-debug", o.Name) - if _, err := n.k8s.IngressRoute.Set(ctx, debugIn, o.Namespace, ingressroute.Options{ - Annotations: mergeMaps(o.Annotations, o.IngressAnnotations), - Labels: o.Labels, - Spec: ingressroute.IngressRouteSpec{ - Routes: []ingressroute.Route{ - { - Kind: "Rule", - Match: fmt.Sprintf("Host(\"%s.localhost\") && PathPrefix(\"/\")", debugIn), - Services: []ingressroute.Service{ - { - Kind: "Service", - Name: debugIn, - Namespace: "local", - Port: "debug", - }, - }, - }, - }, - }, - }); err != nil { - return fmt.Errorf("set ingressroute in namespace %s: %w", o.Namespace, err) - } - n.log.Infof("ingressroute %s is set in namespace %s", debugIn, o.Namespace) - } else { - // debug service's ingress - debugIn := fmt.Sprintf("%s-debug", o.Name) - if _, err := n.k8s.Ingress.Set(ctx, debugIn, o.Namespace, ingress.Options{ - Annotations: mergeMaps(o.Annotations, o.IngressDebugAnnotations), - Labels: o.Labels, - Spec: ingress.Spec{ - Class: o.IngressDebugClass, - Rules: ingress.Rules{{ - Host: o.IngressDebugHost, - Paths: ingress.Paths{{ - Backend: ingress.Backend{ - ServiceName: debugSvc, - ServicePortName: "debug", - }, - Path: "/", - PathType: "ImplementationSpecific", - }}, - }}, - }, - }); err != nil { - return fmt.Errorf("set ingress in namespace %s: %w", o.Namespace, err) - } - n.log.Infof("ingress %s is set in namespace %s", debugIn, o.Namespace) - } - // p2p service portP2P, err := parsePort(o.Config.P2PAddr) if err != nil { @@ -329,13 +250,6 @@ func (n *nodeOrchestrator) Create(ctx context.Context, o orchestration.CreateOpt Port: portAPI, TargetPort: "api", }, - { - AppProtocol: "TCP", - Name: "debug", - Protocol: "TCP", - Port: portDebug, - TargetPort: "debug", - }, { AppProtocol: "TCP", Name: "p2p", @@ -386,7 +300,6 @@ func (n *nodeOrchestrator) Create(ctx context.Context, o orchestration.CreateOpt Image: o.Image, ImagePullPolicy: o.ImagePullPolicy, PortAPI: portAPI, - PortDebug: portDebug, PortP2P: portP2P, PersistenceEnabled: o.PersistenceEnabled, ResourcesLimitCPU: o.ResourcesLimitCPU, @@ -457,26 +370,6 @@ func (n *nodeOrchestrator) Delete(ctx context.Context, name string, namespace st } n.log.Infof("service %s is deleted in namespace %s", p2pSvc, namespace) - // debug service's ingress - debugIn := fmt.Sprintf("%s-debug", name) - if err := n.k8s.Ingress.Delete(ctx, debugIn, namespace); err != nil { - return fmt.Errorf("deleting ingress in namespace %s: %w", namespace, err) - } - n.log.Infof("ingress %s is deleted in namespace %s", debugIn, namespace) - - // debug service's ingress route - if err := n.k8s.IngressRoute.Delete(ctx, debugIn, namespace); err != nil { - return fmt.Errorf("deleting ingress route in namespace %s: %w", namespace, err) - } - n.log.Infof("ingress route %s is deleted in namespace %s", debugIn, namespace) - - // debug service - debugSvc := fmt.Sprintf("%s-debug", name) - if err := n.k8s.Service.Delete(ctx, debugSvc, namespace); err != nil { - return fmt.Errorf("deleting service in namespace %s: %w", namespace, err) - } - n.log.Infof("service %s is deleted in namespace %s", debugSvc, namespace) - // api service's ingress apiIn := fmt.Sprintf("%s-api", name) if err := n.k8s.Ingress.Delete(ctx, apiIn, namespace); err != nil { diff --git a/pkg/orchestration/k8s/nodegroup.go b/pkg/orchestration/k8s/nodegroup.go index 52e2bef8b..755ac920e 100644 --- a/pkg/orchestration/k8s/nodegroup.go +++ b/pkg/orchestration/k8s/nodegroup.go @@ -51,16 +51,11 @@ func NewNodeGroup(name string, copts orchestration.ClusterOptions, no orchestrat // AddNode adss new node to the node group func (g *NodeGroup) AddNode(ctx context.Context, name string, o orchestration.NodeOptions, opts ...orchestration.BeeClientOption) (err error) { var aURL *url.URL - var dURL *url.URL aURL, err = g.clusterOpts.ApiURL(name) if err != nil { return fmt.Errorf("API URL %s: %w", name, err) } - dURL, err = g.clusterOpts.DebugAPIURL(name) - if err != nil { - return fmt.Errorf("debug API URL %s: %w", name, err) - } // TODO: make more granular, check every sub-option var config *orchestration.Config @@ -71,12 +66,10 @@ func (g *NodeGroup) AddNode(ctx context.Context, name string, o orchestration.No } beeClientOpts := bee.ClientOptions{ - APIURL: aURL, - APIInsecureTLS: g.clusterOpts.APIInsecureTLS, - DebugAPIURL: dURL, - DebugAPIInsecureTLS: g.clusterOpts.DebugAPIInsecureTLS, - Retry: 5, - Restricted: config.Restricted, + APIURL: aURL, + APIInsecureTLS: g.clusterOpts.APIInsecureTLS, + Retry: 5, + Restricted: config.Restricted, } for _, opt := range opts { @@ -345,9 +338,6 @@ func (g *NodeGroup) CreateNode(ctx context.Context, name string) (err error) { IngressAnnotations: g.opts.IngressAnnotations, IngressClass: g.opts.IngressClass, IngressHost: g.clusterOpts.IngressHost(name), - IngressDebugAnnotations: g.opts.IngressDebugAnnotations, - IngressDebugClass: g.opts.IngressDebugClass, - IngressDebugHost: g.clusterOpts.IngressDebugHost(name), Labels: labels, LibP2PKey: n.LibP2PKey(), NodeSelector: g.opts.NodeSelector, diff --git a/pkg/orchestration/node.go b/pkg/orchestration/node.go index d09a18ec4..85dde23f1 100644 --- a/pkg/orchestration/node.go +++ b/pkg/orchestration/node.go @@ -100,9 +100,6 @@ type CreateOptions struct { IngressAnnotations map[string]string IngressClass string IngressHost string - IngressDebugAnnotations map[string]string - IngressDebugClass string - IngressDebugHost string LibP2PKey string NodeSelector map[string]string PersistenceEnabled bool @@ -135,8 +132,6 @@ type Config struct { DbBlockCacheCapacity int // size of block cache of the database in bytes DbWriteBufferSize int // size of the database write buffer in bytes DbDisableSeeksCompaction bool // disables DB compactions triggered by seeks - DebugAPIAddr string // debug HTTP API listen address - DebugAPIEnable bool // enable debug HTTP API FullNode bool // cause the node to start in full mode Mainnet bool // enable mainnet NATAddr string // NAT exposed address diff --git a/pkg/orchestration/nodegroup.go b/pkg/orchestration/nodegroup.go index 0b4d48657..369a7b465 100644 --- a/pkg/orchestration/nodegroup.go +++ b/pkg/orchestration/nodegroup.go @@ -49,8 +49,6 @@ type NodeGroupOptions struct { ImagePullSecrets []string IngressAnnotations map[string]string IngressClass string - IngressDebugAnnotations map[string]string - IngressDebugClass string Labels map[string]string NodeSelector map[string]string PersistenceEnabled bool @@ -101,21 +99,15 @@ type NodeGroupTopologies map[string]bee.Topology // BeeClientOption represents bee client option type BeeClientOption func(*bee.ClientOptions) error -// WithAPIURL returns BeeClientOption with given api url and debug api url -func WithURLs(apiURL, debugAPIURL string) BeeClientOption { +// WithURL returns BeeClientOption with given api url +func WithURL(apiURL string) BeeClientOption { return func(o *bee.ClientOptions) error { api, err := url.Parse(apiURL) if err != nil { return fmt.Errorf("invalid api url: %w", err) } - debug, err := url.Parse(debugAPIURL) - if err != nil { - return fmt.Errorf("invalid debug api url: %w", err) - } - o.APIURL = api - o.DebugAPIURL = debug return nil } } diff --git a/scripts/suite.sh b/scripts/suite.sh index a89624a07..7982a97ff 100755 --- a/scripts/suite.sh +++ b/scripts/suite.sh @@ -28,60 +28,60 @@ declare -x BEEKEEPER_BIN="../dist/beekeeper" _fullconnectivity() { echo "*** FULLCONNECTIVITY ***" - "${BEEKEEPER_BIN}" check fullconnectivity --api-scheme http --debug-api-scheme http ${NAMESPACE_OPTION} --debug-api-domain "${DOMAIN}" --api-domain "${DOMAIN}" --node-count "${REPLICA}" + "${BEEKEEPER_BIN}" check fullconnectivity --api-scheme http ${NAMESPACE_OPTION} --api-domain "${DOMAIN}" --node-count "${REPLICA}" } _pingpong() { echo "*** PINGPONG ***" - "${BEEKEEPER_BIN}" check pingpong --api-scheme http --debug-api-scheme http ${NAMESPACE_OPTION} --debug-api-domain "${DOMAIN}" --api-domain "${DOMAIN}" --node-count "${REPLICA}" + "${BEEKEEPER_BIN}" check pingpong --api-scheme http ${NAMESPACE_OPTION} --api-domain "${DOMAIN}" --node-count "${REPLICA}" } _balances() { echo "*** BALANCES ***" - "${BEEKEEPER_BIN}" check balances --api-scheme http --debug-api-scheme http ${NAMESPACE_OPTION} --debug-api-domain "${DOMAIN}" --api-domain "${DOMAIN}" --node-count "${REPLICA}" --upload-node-count "${REPLICA}" + "${BEEKEEPER_BIN}" check balances --api-scheme http ${NAMESPACE_OPTION} --api-domain "${DOMAIN}" --node-count "${REPLICA}" --upload-node-count "${REPLICA}" } _settlements() { echo "*** SETTLEMENTS ***" - "${BEEKEEPER_BIN}" check settlements --api-scheme http --debug-api-scheme http ${NAMESPACE_OPTION} --debug-api-domain "${DOMAIN}" --api-domain "${DOMAIN}" --node-count "${REPLICA}" -t 50000000000 --upload-node-count "${REPLICA}" --expect-settlements=false + "${BEEKEEPER_BIN}" check settlements --api-scheme http ${NAMESPACE_OPTION} --api-domain "${DOMAIN}" --node-count "${REPLICA}" -t 50000000000 --upload-node-count "${REPLICA}" --expect-settlements=false } _cashout() { echo "*** CASHOUT ***" - "${BEEKEEPER_BIN}" check cashout --api-scheme http --debug-api-scheme http ${NAMESPACE_OPTION} --debug-api-domain "${DOMAIN}" --api-domain "${DOMAIN}" --node-count "${REPLICA}" + "${BEEKEEPER_BIN}" check cashout --api-scheme http ${NAMESPACE_OPTION} --api-domain "${DOMAIN}" --node-count "${REPLICA}" } _pushsync() { echo "*** PUSHSYNC ***" - "${BEEKEEPER_BIN}" check pushsync --api-scheme http --debug-api-scheme http ${NAMESPACE_OPTION} --debug-api-domain "${DOMAIN}" --api-domain "${DOMAIN}" --node-count "${REPLICA}" --upload-node-count "${REPLICA}" --chunks-per-node 3 - "${BEEKEEPER_BIN}" check pushsync --api-scheme http --debug-api-scheme http ${NAMESPACE_OPTION} --debug-api-domain "${DOMAIN}" --api-domain "${DOMAIN}" --node-count "${REPLICA}" --upload-node-count "${REPLICA}" --chunks-per-node 3 --upload-chunks + "${BEEKEEPER_BIN}" check pushsync --api-scheme http ${NAMESPACE_OPTION} --api-domain "${DOMAIN}" --node-count "${REPLICA}" --upload-node-count "${REPLICA}" --chunks-per-node 3 + "${BEEKEEPER_BIN}" check pushsync --api-scheme http ${NAMESPACE_OPTION} --api-domain "${DOMAIN}" --node-count "${REPLICA}" --upload-node-count "${REPLICA}" --chunks-per-node 3 --upload-chunks } _retrieval() { echo "*** RETRIEVAL ***" - "${BEEKEEPER_BIN}" check retrieval --api-scheme http --debug-api-scheme http ${NAMESPACE_OPTION} --debug-api-domain "${DOMAIN}" --api-domain "${DOMAIN}" --node-count "${REPLICA}" --upload-node-count "${REPLICA}" --chunks-per-node 3 + "${BEEKEEPER_BIN}" check retrieval --api-scheme http ${NAMESPACE_OPTION} --api-domain "${DOMAIN}" --node-count "${REPLICA}" --upload-node-count "${REPLICA}" --chunks-per-node 3 } _pullsync() { echo "*** PULLSYNC ***" - "${BEEKEEPER_BIN}" check pullsync --api-scheme http --debug-api-scheme http ${NAMESPACE_OPTION} --debug-api-domain "${DOMAIN}" --api-domain "${DOMAIN}" --node-count "${REPLICA}" --upload-node-count "${REPLICA}" --chunks-per-node 3 + "${BEEKEEPER_BIN}" check pullsync --api-scheme http ${NAMESPACE_OPTION} --api-domain "${DOMAIN}" --node-count "${REPLICA}" --upload-node-count "${REPLICA}" --chunks-per-node 3 } _manifest() { echo "*** MANIFEST ***" - "${BEEKEEPER_BIN}" check manifest --api-scheme http --debug-api-scheme http ${NAMESPACE_OPTION} --debug-api-domain "${DOMAIN}" --api-domain "${DOMAIN}" --node-count "${REPLICA}" + "${BEEKEEPER_BIN}" check manifest --api-scheme http ${NAMESPACE_OPTION} --api-domain "${DOMAIN}" --node-count "${REPLICA}" } _fileretrieval() { echo "*** FILERETRIEVAL ***" - "${BEEKEEPER_BIN}" check fileretrieval --api-scheme http --debug-api-scheme http ${NAMESPACE_OPTION} --debug-api-domain "${DOMAIN}" --api-domain "${DOMAIN}" --node-count "${REPLICA}" + "${BEEKEEPER_BIN}" check fileretrieval --api-scheme http ${NAMESPACE_OPTION} --api-domain "${DOMAIN}" --node-count "${REPLICA}" } _localpinning() { echo "*** LOCALPINNING ***" - "${BEEKEEPER_BIN}" check localpinning --api-scheme http --debug-api-scheme http ${NAMESPACE_OPTION} --debug-api-domain "${DOMAIN}" --api-domain "${DOMAIN}" --node-count "${REPLICA}" - "${BEEKEEPER_BIN}" check localpinning --api-scheme http --debug-api-scheme http ${NAMESPACE_OPTION} --debug-api-domain "${DOMAIN}" --api-domain "${DOMAIN}" --node-count "${REPLICA}" --large-file-disk-ratio 2 - "${BEEKEEPER_BIN}" check localpinning --api-scheme http --debug-api-scheme http ${NAMESPACE_OPTION} --debug-api-domain "${DOMAIN}" --api-domain "${DOMAIN}" --node-count "${REPLICA}" --large-file-disk-ratio 2 --large-file-count 10 + "${BEEKEEPER_BIN}" check localpinning --api-scheme http ${NAMESPACE_OPTION} --api-domain "${DOMAIN}" --node-count "${REPLICA}" + "${BEEKEEPER_BIN}" check localpinning --api-scheme http ${NAMESPACE_OPTION} --api-domain "${DOMAIN}" --node-count "${REPLICA}" --large-file-disk-ratio 2 + "${BEEKEEPER_BIN}" check localpinning --api-scheme http ${NAMESPACE_OPTION} --api-domain "${DOMAIN}" --node-count "${REPLICA}" --large-file-disk-ratio 2 --large-file-count 10 } From f6e52a9c969ffe21f5d864224e835b33284dae4c Mon Sep 17 00:00:00 2001 From: Acha Bill <57879913+acha-bill@users.noreply.github.com> Date: Fri, 31 May 2024 13:58:27 +0100 Subject: [PATCH 2/2] feat: remove auth (#399) * feat: remove auth (wip) * chore: remove restricted configs * chore: rebase * chore: lint * chore: lint * chore: test * fix: number of full nodes * chore: rever test --- config/config.yaml | 7 - config/local.yaml | 25 +--- config/restricted.yaml | 15 -- pkg/bee/api/api.go | 39 +----- pkg/bee/api/auth.go | 175 ------------------------ pkg/bee/api/auth_test.go | 27 ---- pkg/bee/client.go | 15 +- pkg/check/authenticated/authenticate.go | 120 ---------------- pkg/check/pss/pss.go | 13 +- pkg/config/bee.go | 3 - pkg/config/check.go | 20 --- pkg/config/cluster.go | 1 - pkg/orchestration/cluster.go | 1 - pkg/orchestration/k8s/helpers.go | 3 - pkg/orchestration/k8s/nodegroup.go | 1 - pkg/orchestration/node.go | 3 - pkg/test/auth.go | 11 -- pkg/test/case.go | 4 - pkg/test/node.go | 4 - 19 files changed, 9 insertions(+), 478 deletions(-) delete mode 100644 config/restricted.yaml delete mode 100644 pkg/bee/api/auth.go delete mode 100644 pkg/bee/api/auth_test.go delete mode 100644 pkg/check/authenticated/authenticate.go delete mode 100644 pkg/test/auth.go diff --git a/config/config.yaml b/config/config.yaml index e27c23f84..aeaa5fee4 100644 --- a/config/config.yaml +++ b/config/config.yaml @@ -356,13 +356,6 @@ checks: postage-depth: 17 postage-topup-amount: 100 postage-new-depth: 18 - authenticate: - type: authenticate - timeout: 5m - options: - role: consumer - admin-password: test - restricted-group-name: restricted stake: type: stake timeout: 5m diff --git a/config/local.yaml b/config/local.yaml index c381ccc28..a5feee56e 100644 --- a/config/local.yaml +++ b/config/local.yaml @@ -43,18 +43,13 @@ clusters: bee: bee-config: bee-local-dns config: local-dns - count: 2 + count: 3 mode: node light: bee-config: bee-local-light config: local-light count: 2 mode: node - restricted: - mode: node - bee-config: bee-local-restricted - config: bee-local-restricted - count: 1 local-clef: _inherit: "local" node-groups: @@ -140,8 +135,6 @@ node-groups: _inherit: "local" local-light: _inherit: "local" - bee-local-restricted: - _inherit: "local" # bee-configs defines Bee configuration that can be assigned to node-groups bee-configs: @@ -177,9 +170,6 @@ bee-configs: staking-address: "0xfc28330f1ecE0ef2371B724E0D19c1EE60B728b2" redistribution-address: "0x09Ad42a7d020244920309FfA14EA376dd2D3b7d5" resolver-options: "" - restricted: false - token-encryption-key: "" - admin-password: "" chequebook-enable: true swap-enable: true swap-endpoint: "ws://geth-swap:8546" @@ -209,12 +199,6 @@ bee-configs: _inherit: "bee-local" clef-signer-enable: true clef-signer-endpoint: "http://localhost:8550" - bee-local-restricted: - _inherit: "bee-local" - bootnode: /dnsaddr/localhost - restricted: true - token-encryption-key: testtest - admin-password: $2a$12$Ltg3M2W53Xv9wwJ2.iAv4e4gWELrrr8D2dYat7wNdY2xArdmOSL1i bootnode-local-clef: _inherit: "bee-local" clef-signer-enable: true @@ -367,13 +351,6 @@ checks: postage-depth: 17 postage-topup-amount: 100 postage-new-depth: 18 - ci-authenticate: - type: authenticate - timeout: 5m - options: - role: consumer - admin-password: test - restricted-group-name: restricted ci-stake: type: stake timeout: 5m diff --git a/config/restricted.yaml b/config/restricted.yaml deleted file mode 100644 index ef0f995c9..000000000 --- a/config/restricted.yaml +++ /dev/null @@ -1,15 +0,0 @@ -# bee config for restricted nodes -bee-configs: - restricted: - _inherit: default - restricted: true - token-encryption-key: testtest - admin-password: $2a$12$Ltg3M2W53Xv9wwJ2.iAv4e4gWELrrr8D2dYat7wNdY2xArdmOSL1i - -# node groups for restricted nodes -node-groups: - restricted: - _inherit: default - image: ethersphere/bee:latest - image-pull-policy: Always - persistence-enabled: true diff --git a/pkg/bee/api/api.go b/pkg/bee/api/api.go index d6814b5a2..2e43c84d9 100644 --- a/pkg/bee/api/api.go +++ b/pkg/bee/api/api.go @@ -31,7 +31,6 @@ var userAgent = "beekeeper/" + beekeeper.Version type Client struct { httpClient *http.Client // HTTP client must handle authentication implicitly. service service // Reuse a single struct instead of allocating one for each service on the heap. - restricted bool // Services that API provides. Bytes *BytesService @@ -43,18 +42,15 @@ type Client struct { PSS *PSSService SOC *SOCService Stewardship *StewardshipService - Auth *AuthService - - Node *NodeService - PingPong *PingPongService - Postage *PostageService - Stake *StakingService + Node *NodeService + PingPong *PingPongService + Postage *PostageService + Stake *StakingService } // ClientOptions holds optional parameters for the Client. type ClientOptions struct { HTTPClient *http.Client - Restricted bool } // NewClient constructs a new Client. @@ -67,8 +63,6 @@ func NewClient(baseURL *url.URL, o *ClientOptions) (c *Client) { } c = newClient(httpClientWithTransport(baseURL, o.HTTPClient)) - c.restricted = o.Restricted - return } @@ -86,7 +80,6 @@ func newClient(httpClient *http.Client) (c *Client) { c.PSS = (*PSSService)(&c.service) c.SOC = (*SOCService)(&c.service) c.Stewardship = (*StewardshipService)(&c.service) - c.Auth = (*AuthService)(&c.service) c.Node = (*NodeService)(&c.service) c.PingPong = (*PingPongService)(&c.service) c.Postage = (*PostageService)(&c.service) @@ -149,14 +142,6 @@ func (c *Client) request(ctx context.Context, method, path string, body io.Reade } req.Header.Set("Accept", contentType) - if c.restricted && req.Header.Get("Authorization") == "" { - key, err := GetToken(path, method) - if err != nil { - return err - } - req.Header.Set("Authorization", "Bearer "+key) - } - r, err := c.httpClient.Do(req) if err != nil { return err @@ -195,14 +180,6 @@ func (c *Client) requestData(ctx context.Context, method, path string, body io.R } req.Header.Set("Accept", contentType) - if c.restricted && req.Header.Get("Authorization") == "" { - key, err := GetToken(path, method) - if err != nil { - return nil, err - } - req.Header.Set("Authorization", "Bearer "+key) - } - if opts != nil && opts.Cache != nil { req.Header.Set(swarmCacheDownloadHeader, strconv.FormatBool(*opts.Cache)) } @@ -233,14 +210,6 @@ func (c *Client) requestWithHeader(ctx context.Context, method, path string, hea req.Header = header req.Header.Add("Accept", contentType) - if c.restricted && req.Header.Get("Authorization") == "" { - key, err := GetToken(path, method) - if err != nil { - return err - } - req.Header.Set("Authorization", "Bearer "+key) - } - r, err := c.httpClient.Do(req) if err != nil { return err diff --git a/pkg/bee/api/auth.go b/pkg/bee/api/auth.go deleted file mode 100644 index 00357a41d..000000000 --- a/pkg/bee/api/auth.go +++ /dev/null @@ -1,175 +0,0 @@ -package api - -import ( - "bytes" - "context" - "encoding/base64" - "encoding/json" - "fmt" - "net/http" - "regexp" - "strings" -) - -// AuthService represents Bee's Auth service -type AuthService service - -// AuthResponse represents authentication response -type AuthResponse struct { - Key string `json:"key"` -} - -func (a *AuthService) Refresh(ctx context.Context, securityToken string) (string, error) { - header := make(http.Header) - header.Set("Content-Type", "application/json") - header.Set("Accept", "application/json") - header.Set("Authorization", "Bearer "+securityToken) - - data, err := json.Marshal(struct { - Expiry int `json:"expiry"` - }{Expiry: 30}) - if err != nil { - return "", err - } - - var resp AuthResponse - err = a.client.requestWithHeader(ctx, http.MethodPost, "/refresh", header, bytes.NewReader(data), &resp) - if err != nil { - return "", err - } - - return resp.Key, nil -} - -// Authenticate gets the bearer security token based on given credentials -func (a *AuthService) Authenticate(ctx context.Context, role, password string) (string, error) { - plain := fmt.Sprintf("test:%s", password) - encoded := base64.StdEncoding.EncodeToString([]byte(plain)) - - header := make(http.Header) - header.Set("Content-Type", "application/json") - header.Set("Accept", "application/json") - header.Set("Authorization", "Basic "+encoded) - - data, err := json.Marshal(struct { - Role string `json:"role"` - Expiry int `json:"expiry"` - }{Role: role, Expiry: 30}) - if err != nil { - return "", err - } - - var resp AuthResponse - err = a.client.requestWithHeader(ctx, http.MethodPost, "/auth", header, bytes.NewReader(data), &resp) - if err != nil { - return "", err - } - - return resp.Key, nil -} - -const ( - TokenConsumer = "CP5tR8Zqd2txobVbWn02+YXZ6YEXDBjl8lq1cYaRHDJLE7rldjGBft5r2imUTAnExkQoSoBWSywCG93feYF5jtDN3kHpxcwKrm0Mz/JJknYZFzcZml8=" - TokenCreator = "v2ACGxBiGJf3Jyos7MX/vq8nrp8zTVx/mT3wtGPXA/ayNBQdIZLIgd/gNlWoaS5r6AQ22zUAYa4hcbx93bKyUmIaKSJBuOGz/Sz0/dnUAZjkocF0pg==" - TokenMaintainer = "MZhpzQUMPyNMmbrQMKcTBLzHpLpz3JB1CKuFVuHH+yqzZI6kzdjWI4OOhGw1l5NonvwZMhxTOlCmsmW2Fq/dRLgvn8EiKyOKNDsYcK8es94IwkMwKLcebw==" - TokenAccountant = "3jpNFZwiVDAFeMEDi5tvSZ8czxgZjZr6AWaRSB0ApVueucGXpLbMVvU38HPxJtTIjEtW6BUtFb8EEkKfsw12coM+JngWNaRm9bWwJsCoG8b69oCklGK2sw==" -) - -var roles = map[string]string{ - "consumer": TokenConsumer, - "creator": TokenCreator, - "maintainer": TokenMaintainer, - "accountant": TokenAccountant, -} - -func GetToken(path, method string) (string, error) { - roleName := getRole(path, method) - - if roleName == "" { - return "", fmt.Errorf("role not found for path '%s' and method %s", path, method) - } - - return roles[roleName], nil -} - -func getRole(path, method string) string { - for _, v := range policies { - if v[2] != method { - if !strings.Contains(v[2], fmt.Sprintf("(%s)", method)) { - continue - } - } - re := regexp.MustCompile(v[1]) - if re.Match([]byte(path)) { - return v[0] - } - } - - return "" -} - -var policies = [][]string{ - {"consumer", "/bytes/*", "GET"}, - {"creator", "/bytes", "POST"}, - {"consumer", "/chunks/*", "GET"}, - {"creator", "/chunks", "POST"}, - {"consumer", "/bzz/*", "GET"}, - {"creator", "/bzz/*", "PATCH"}, - {"creator", "/bzz", "POST"}, - {"creator", "/bzz\\?*", "POST"}, - {"consumer", "/bzz/*/*", "GET"}, - {"creator", "/tags", "GET"}, - {"creator", "/tags\\?*", "GET"}, - {"creator", "/tags", "POST"}, - {"creator", "/tags/*", "(GET)|(DELETE)|(PATCH)"}, - {"creator", "/pins/*", "(GET)|(DELETE)|(POST)"}, - {"maintainer", "/pins", "GET"}, - {"creator", "/pss/send/*", "POST"}, - {"consumer", "/pss/subscribe/*", "GET"}, - {"creator", "/soc/*/*", "POST"}, - {"creator", "/feeds/*/*", "POST"}, - {"consumer", "/feeds/*/*", "GET"}, - {"maintainer", "/stamps", "GET"}, - {"maintainer", "/stamps/*", "GET"}, - {"maintainer", "/stamps/*/*", "POST"}, - {"maintainer", "/stamps/topup/*/*", "PATCH"}, - {"maintainer", "/stamps/dilute/*/*", "PATCH"}, - {"maintainer", "/addresses", "GET"}, - {"maintainer", "/blocklist", "GET"}, - {"maintainer", "/connect/*", "POST"}, - {"maintainer", "/peers", "GET"}, - {"maintainer", "/peers/*", "DELETE"}, - {"maintainer", "/pingpong/*", "POST"}, - {"maintainer", "/topology", "GET"}, - {"maintainer", "/welcome-message", "(GET)|(POST)"}, - {"maintainer", "/balances", "GET"}, - {"maintainer", "/balances/*", "GET"}, - {"maintainer", "/accounting", "GET"}, - {"maintainer", "/chequebook/cashout/*", "GET"}, - {"accountant", "/chequebook/cashout/*", "POST"}, - {"accountant", "/chequebook/withdraw", "POST"}, - {"accountant", "/chequebook/withdraw\\?*", "POST"}, - {"accountant", "/chequebook/deposit", "POST"}, - {"accountant", "/chequebook/deposit\\?*", "POST"}, - {"maintainer", "/chequebook/cheque/*", "GET"}, - {"maintainer", "/chequebook/cheque", "GET"}, - {"maintainer", "/chequebook/address", "GET"}, - {"maintainer", "/chequebook/balance", "GET"}, - {"maintainer", "/wallet", "GET"}, - {"maintainer", "/wallet/withdraw/*", "POST"}, - {"maintainer", "/chunks/*", "(GET)|(DELETE)"}, - {"maintainer", "/reservestate", "GET"}, - {"maintainer", "/chainstate", "GET"}, - {"maintainer", "/settlements/*", "GET"}, - {"maintainer", "/settlements", "GET"}, - {"maintainer", "/transactions", "GET"}, - {"consumer", "/transactions/*", "GET"}, - {"accountant", "/transactions/*", "(POST)|(DELETE)"}, - {"consumer", "/consumed", "GET"}, - {"consumer", "/consumed/*", "GET"}, - {"consumer", "/chunks/stream", "GET"}, - {"creator", "/stewardship/*", "GET"}, - {"consumer", "/stewardship/*", "PUT"}, - {"maintainer", "/stake/*", "POST"}, - {"maintainer", "/stake", "(GET)|(DELETE)"}, -} diff --git a/pkg/bee/api/auth_test.go b/pkg/bee/api/auth_test.go deleted file mode 100644 index 95f92a499..000000000 --- a/pkg/bee/api/auth_test.go +++ /dev/null @@ -1,27 +0,0 @@ -package api - -import "testing" - -func TestGetRole(t *testing.T) { - tt := []struct { - desc string - path, method string - expectedRole string - }{ - {desc: "plain", expectedRole: "creator", path: "/bytes", method: "POST"}, - {desc: "query param", expectedRole: "creator", path: "/v1/bzz?name=settlements-2", method: "POST"}, - {desc: "multi method 1", expectedRole: "creator", path: "/tags", method: "POST"}, - {desc: "multi method 2", expectedRole: "creator", path: "/tags", method: "GET"}, - {desc: "one level", expectedRole: "consumer", path: "/bytes/123", method: "GET"}, - {desc: "two levels", expectedRole: "maintainer", path: "/stamps/1/17", method: "POST"}, - {desc: "topup", expectedRole: "maintainer", path: "/stamps/topup/d8e1c/100", method: "PATCH"}, - {desc: "dilute", expectedRole: "maintainer", path: "/stamps/dilute/d8e1c/100", method: "PATCH"}, - } - for _, tc := range tt { - t.Run(tc.desc, func(t *testing.T) { - if got := getRole(tc.path, tc.method); got != tc.expectedRole { - t.Errorf("expected %s, got %s", tc.expectedRole, got) - } - }) - } -} diff --git a/pkg/bee/client.go b/pkg/bee/client.go index adc4a98bc..c7379bd1d 100644 --- a/pkg/bee/client.go +++ b/pkg/bee/client.go @@ -35,7 +35,6 @@ type ClientOptions struct { APIURL *url.URL APIInsecureTLS bool Retry int - Restricted bool } // NewClient returns Bee client @@ -49,7 +48,7 @@ func NewClient(opts ClientOptions, log logging.Logger) (c *Client) { if opts.APIURL != nil { c.api = api.NewClient(opts.APIURL, &api.ClientOptions{HTTPClient: &http.Client{Transport: &http.Transport{ TLSClientConfig: &tls.Config{InsecureSkipVerify: opts.APIInsecureTLS}, - }}, Restricted: opts.Restricted}) + }}}) } if opts.Retry > 0 { c.retry = opts.Retry @@ -813,18 +812,6 @@ func (c *Client) Reupload(ctx context.Context, ref swarm.Address) error { return c.api.Stewardship.Reupload(ctx, ref) } -// Authenticate -func (c *Client) Authenticate(ctx context.Context, role, password string) (string, error) { - resp, err := c.api.Auth.Authenticate(ctx, role, password) - return resp, err -} - -// Refresh -func (c *Client) Refresh(ctx context.Context, securityToken string) (string, error) { - resp, err := c.api.Auth.Refresh(ctx, securityToken) - return resp, err -} - // DepositStake deposits stake func (c *Client) DepositStake(ctx context.Context, amount *big.Int) (string, error) { return c.api.Stake.DepositStake(ctx, amount) diff --git a/pkg/check/authenticated/authenticate.go b/pkg/check/authenticated/authenticate.go deleted file mode 100644 index c26aa9de9..000000000 --- a/pkg/check/authenticated/authenticate.go +++ /dev/null @@ -1,120 +0,0 @@ -package authenticated - -import ( - "context" - "errors" - "fmt" - - "github.com/ethersphere/beekeeper/pkg/beekeeper" - "github.com/ethersphere/beekeeper/pkg/logging" - "github.com/ethersphere/beekeeper/pkg/orchestration" - test "github.com/ethersphere/beekeeper/pkg/test" -) - -// Options represents check options -type Options struct { - DryRun bool - Role string - AdminPassword string - RestrictedGroupName string -} - -// NewDefaultOptions returns new default options -func NewDefaultOptions() (opts Options) { - return -} - -// compile check whether Check implements interface -var _ beekeeper.Action = (*Check)(nil) - -// Check instance -type Check struct { - logger logging.Logger -} - -// NewCheck returns new check -func NewCheck(logger logging.Logger) beekeeper.Action { - return &Check{ - logger: logger, - } -} - -func (c *Check) Run(ctx context.Context, cluster orchestration.Cluster, opts interface{}) (err error) { - o, ok := opts.(Options) - if !ok { - return fmt.Errorf("invalid options type") - } - - if o.DryRun { - c.logger.Info("running authenticated check (dry run mode)") - return dryRun(ctx, cluster, o) - } - - caseOpts := test.CaseOptions{ - AdminPassword: o.AdminPassword, - RestrictedGroupName: o.RestrictedGroupName, - Role: o.Role, - } - - checkCase, err := test.NewCheckCase(ctx, cluster, caseOpts, c.logger) - if err != nil { - return err - } - - // filter func - restricted := func(bee *test.BeeV2) bool { - return bee.Restricted() - } - - // testing closure - checkAuth := testAuth(ctx, o, c.logger) - - // execute test - if err := checkCase.Bees().Filter(restricted).ForEach(checkAuth); err != nil { - return err - } - - return -} - -func testAuth(ctx context.Context, o Options, logger logging.Logger) test.ConsumeFunc { - return func(bee *test.BeeV2) error { - logger.Info("testing authentication on %s", bee.Name()) - - // refresh with bad token - if _, err := bee.RefreshAuthToken(ctx, "bad-token"); err == nil { - return errors.New("expected error when making a call while unauthenticated") - } - - // auth with bad password - token, err := bee.Authenticate(ctx, "wrong-password") - if err == nil { - return fmt.Errorf("expected error when authenticating with bad credentials") - } - if token != "" { - return fmt.Errorf("want empty token got %s", token) - } - - // successful auth - token, err = bee.Authenticate(ctx, o.AdminPassword) - if err != nil { - return fmt.Errorf("authenticate: %w", err) - } - - // successful refresh - newToken, err := bee.RefreshAuthToken(ctx, token) - if err != nil { - return fmt.Errorf("refresh: %w", err) - } - if newToken == "" { - return fmt.Errorf("got empty token, want %s", token) - } - - return nil - } -} - -// dryRun does nothing -func dryRun(ctx context.Context, cluster orchestration.Cluster, opts interface{}) error { - return nil // success -} diff --git a/pkg/check/pss/pss.go b/pkg/check/pss/pss.go index d33bcd777..b6bce4626 100644 --- a/pkg/check/pss/pss.go +++ b/pkg/check/pss/pss.go @@ -9,7 +9,6 @@ import ( "time" "github.com/ethersphere/beekeeper/pkg/bee" - "github.com/ethersphere/beekeeper/pkg/bee/api" "github.com/ethersphere/beekeeper/pkg/beekeeper" "github.com/ethersphere/beekeeper/pkg/logging" "github.com/ethersphere/beekeeper/pkg/orchestration" @@ -130,7 +129,7 @@ func (c *Check) testPss(nodeAName, nodeBName string, clients map[string]*bee.Cli } c.logger.Infof("node %s: batched id %s", nodeAName, batchID) - ch, close, err := listenWebsocket(ctx, nodeB.Config().APIURL.Host, nodeB.Config().Restricted, testTopic, c.logger) + ch, close, err := listenWebsocket(ctx, nodeB.Config().APIURL.Host, testTopic, c.logger) if err != nil { cancel() return err @@ -168,19 +167,13 @@ func (c *Check) testPss(nodeAName, nodeBName string, clients map[string]*bee.Cli return nil } -func listenWebsocket(ctx context.Context, host string, setHeader bool, topic string, logger logging.Logger) (<-chan string, func(), error) { +func listenWebsocket(ctx context.Context, host string, topic string, logger logging.Logger) (<-chan string, func(), error) { dialer := &websocket.Dialer{ Proxy: http.ProxyFromEnvironment, HandshakeTimeout: 45 * time.Second, } - var header http.Header - if setHeader { - header = make(http.Header) - header.Add("Authorization", "Bearer "+api.TokenConsumer) - } - - ws, _, err := dialer.DialContext(ctx, fmt.Sprintf("ws://%s/pss/subscribe/%s", host, topic), header) + ws, _, err := dialer.DialContext(ctx, fmt.Sprintf("ws://%s/pss/subscribe/%s", host, topic), http.Header{}) if err != nil { return nil, nil, err } diff --git a/pkg/config/bee.go b/pkg/config/bee.go index 2691742e5..b83f1b6c6 100644 --- a/pkg/config/bee.go +++ b/pkg/config/bee.go @@ -43,9 +43,6 @@ type BeeConfig struct { StakingAddress *string `yaml:"staking-address"` StorageIncentivesEnable *string `yaml:"storage-incentives-enable"` ResolverOptions *string `yaml:"resolver-options"` - Restricted *bool `yaml:"restricted"` - TokenEncryptionKey *string `yaml:"token-encryption-key"` - AdminPassword *string `yaml:"admin-password"` ChequebookEnable *bool `yaml:"chequebook-enable"` SwapEnable *bool `yaml:"swap-enable"` SwapEndpoint *string `yaml:"swap-endpoint"` diff --git a/pkg/config/check.go b/pkg/config/check.go index a6ecc6269..60165a627 100644 --- a/pkg/config/check.go +++ b/pkg/config/check.go @@ -10,7 +10,6 @@ import ( "github.com/ethersphere/beekeeper/pkg/check/stake" "github.com/ethersphere/beekeeper/pkg/beekeeper" - "github.com/ethersphere/beekeeper/pkg/check/authenticated" "github.com/ethersphere/beekeeper/pkg/check/balances" "github.com/ethersphere/beekeeper/pkg/check/cashout" "github.com/ethersphere/beekeeper/pkg/check/datadurability" @@ -475,25 +474,6 @@ var Checks = map[string]CheckType{ return opts, nil }, }, - "authenticate": { - NewAction: authenticated.NewCheck, - NewOptions: func(checkGlobalConfig CheckGlobalConfig, check Check) (interface{}, error) { - checkOpts := new(struct { - DryRun *bool `yaml:"dry-run"` - Role *string `yaml:"role"` - AdminPassword *string `yaml:"admin-password"` - RestrictedGroupName *string `yaml:"restricted-group-name"` - }) - if err := check.Options.Decode(checkOpts); err != nil { - return nil, fmt.Errorf("decoding check %s options: %w", check.Type, err) - } - opts := authenticated.NewDefaultOptions() - if err := applyCheckConfig(checkGlobalConfig, checkOpts, &opts); err != nil { - return nil, fmt.Errorf("applying options: %w", err) - } - return opts, nil - }, - }, "longavailability": { NewAction: longavailability.NewCheck, NewOptions: func(checkGlobalConfig CheckGlobalConfig, check Check) (interface{}, error) { diff --git a/pkg/config/cluster.go b/pkg/config/cluster.go index 7871ecf01..4407ac4cd 100644 --- a/pkg/config/cluster.go +++ b/pkg/config/cluster.go @@ -20,7 +20,6 @@ type Cluster struct { APIScheme *string `yaml:"api-scheme"` Funding *Funding `yaml:"funding"` NodeGroups *map[string]ClusterNodeGroup `yaml:"node-groups"` - AdminPassword *string `yaml:"admin-password"` } // ClusterNodeGroup represents node group in the cluster diff --git a/pkg/orchestration/cluster.go b/pkg/orchestration/cluster.go index 78817c822..5eab5a33c 100644 --- a/pkg/orchestration/cluster.go +++ b/pkg/orchestration/cluster.go @@ -52,7 +52,6 @@ type ClusterOptions struct { Labels map[string]string Namespace string DisableNamespace bool - AdminPassword string } // ClusterAddresses represents addresses of all nodes in the cluster diff --git a/pkg/orchestration/k8s/helpers.go b/pkg/orchestration/k8s/helpers.go index 5218beb3b..671abb589 100644 --- a/pkg/orchestration/k8s/helpers.go +++ b/pkg/orchestration/k8s/helpers.go @@ -42,9 +42,6 @@ redistribution-address: {{ .RedistributionAddress }} staking-address: {{ .StakingAddress }} storage-incentives-enable: {{ .StorageIncentivesEnable }} resolver-options: {{.ResolverOptions}} -restricted: {{.Restricted}} -token-encryption-key: {{.TokenEncryptionKey}} -admin-password: {{.AdminPassword}} chequebook-enable: {{.ChequebookEnable}} swap-enable: {{.SwapEnable}} swap-endpoint: {{.SwapEndpoint}} diff --git a/pkg/orchestration/k8s/nodegroup.go b/pkg/orchestration/k8s/nodegroup.go index 755ac920e..647dd3953 100644 --- a/pkg/orchestration/k8s/nodegroup.go +++ b/pkg/orchestration/k8s/nodegroup.go @@ -69,7 +69,6 @@ func (g *NodeGroup) AddNode(ctx context.Context, name string, o orchestration.No APIURL: aURL, APIInsecureTLS: g.clusterOpts.APIInsecureTLS, Retry: 5, - Restricted: config.Restricted, } for _, opt := range opts { diff --git a/pkg/orchestration/node.go b/pkg/orchestration/node.go index 85dde23f1..413abb0da 100644 --- a/pkg/orchestration/node.go +++ b/pkg/orchestration/node.go @@ -146,9 +146,6 @@ type Config struct { PostageContractStartBlock uint64 // postage stamp address PriceOracleAddress string // price Oracle address ResolverOptions string // ENS compatible API endpoint for a TLD and with contract address, can be repeated, format [tld:][contract-addr@]url - Restricted bool // start node in restricted mode - TokenEncryptionKey string // username for API authentication - AdminPassword string // password hash for API authentication ChequebookEnable bool // enable chequebook SwapEnable bool // enable swap SwapEndpoint string // swap ethereum blockchain endpoint diff --git a/pkg/test/auth.go b/pkg/test/auth.go deleted file mode 100644 index e896b6488..000000000 --- a/pkg/test/auth.go +++ /dev/null @@ -1,11 +0,0 @@ -package bee - -import "context" - -func (b *BeeV2) RefreshAuthToken(ctx context.Context, token string) (string, error) { - return b.client.Refresh(ctx, token) -} - -func (b *BeeV2) Authenticate(ctx context.Context, password string) (string, error) { - return b.client.Authenticate(ctx, b.opts.Role, password) -} diff --git a/pkg/test/case.go b/pkg/test/case.go index a4484b81f..716182792 100644 --- a/pkg/test/case.go +++ b/pkg/test/case.go @@ -32,10 +32,6 @@ type CaseOptions struct { PostageLabel string Seed int64 PostageDepth uint64 - - AdminPassword string - RestrictedGroupName string - Role string } func NewCheckCase(ctx context.Context, cluster orchestration.Cluster, caseOpts CaseOptions, logger logging.Logger) (*CheckCase, error) { diff --git a/pkg/test/node.go b/pkg/test/node.go index 64f2caf65..1503753d3 100644 --- a/pkg/test/node.go +++ b/pkg/test/node.go @@ -28,10 +28,6 @@ func (b *BeeV2) Name() string { return b.name } -func (b *BeeV2) Restricted() bool { - return b.client.Config().Restricted -} - func (b *BeeV2) DownloadChunk(ctx context.Context, ref swarm.Address) ([]byte, error) { return b.client.DownloadChunk(ctx, ref, "", nil) }