diff --git a/charts/node/Chart.yaml b/charts/node/Chart.yaml index 40ea3a28..44ff468c 100644 --- a/charts/node/Chart.yaml +++ b/charts/node/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: node description: A Helm chart to deploy Substrate/Polkadot nodes type: application -version: 5.14.0 +version: 5.15.0 maintainers: - name: Parity url: https://github.com/paritytech/helm-charts diff --git a/charts/node/README.md b/charts/node/README.md index 0fd950b9..71b8abe6 100644 --- a/charts/node/README.md +++ b/charts/node/README.md @@ -18,7 +18,7 @@ This is intended behaviour. Make sure to run `git add -A` once again to stage ch # Substrate/Polkadot node Helm chart -![Version: 5.14.0](https://img.shields.io/badge/Version-5.14.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) +![Version: 5.15.0](https://img.shields.io/badge/Version-5.15.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ## Overview The Polkadot Helm Chart provides a convenient way to deploy and manage a Polkadot blockchain node in a Kubernetes cluster. @@ -428,7 +428,7 @@ If you're running a collator node: | node.customChainspec | bool | `false` | Use the file defined in `node.customChainspecPath` as the chainspec. Ensure that the file is either mounted or generated with an init container. | | node.customChainspecPath | string | `"/chain-data/chainspec.json"` | Node may require custom name for chainspec file. ref: moonbeam https://github.com/PureStake/moonbeam/issues/1104#issuecomment-996787548 Note: path should start with /chain-data/ since this folder mount in init container download-chainspec. | | node.customChainspecUrl | string | `nil` | URL to retrive custom chain spec | -| node.customNodeKey | list | `[]` | List of the custom node key(s) for all pods in statefulset. | +| node.customNodeKey | list | `[]` | List of custom node key(s) for all pods in the StatefulSet Alternatively, use `.seed` to derive node key(s). | | node.enableOffchainIndexing | bool | `false` | Enable Offchain Indexing. https://docs.substrate.io/fundamentals/offchain-operations/ | | node.enableSidecarLivenessProbe | bool | `false` | Enable Node liveness probe through `paritytech/ws-health-exporter` running as a sidecar container | | node.enableSidecarReadinessProbe | bool | `false` | Enable Node readiness probe through `paritytech/ws-health-exporter` running as a sidecar container | diff --git a/charts/node/templates/customNodeKeySecret.yaml b/charts/node/templates/customNodeKeySecret.yaml index 89c74836..22cf7d2b 100644 --- a/charts/node/templates/customNodeKeySecret.yaml +++ b/charts/node/templates/customNodeKeySecret.yaml @@ -6,11 +6,17 @@ kind: Secret metadata: name: {{ $fullname }}-custom-node-key data: -{{- if eq ( typeOf .Values.node.customNodeKey ) "string" }} +{{- if kindIs "string" .Values.node.customNodeKey }} custom-node-key: {{ .Values.node.customNodeKey | mustRegexFind "^[0-9a-zA-Z]{64}$" | b64enc }} -{{- else }} -{{- range $index, $key := .Values.node.customNodeKey }} +{{- else if kindIs "slice" .Values.node.customNodeKey }} + {{- range $index, $key := .Values.node.customNodeKey }} custom-node-key-{{ $index }}: {{ $key | mustRegexFind "^[0-9a-zA-Z]{64}$" | b64enc }} -{{- end }} + {{- end }} +{{- else if kindIs "map" .Values.node.customNodeKey }} + {{- range $index := until (max .Values.autoscaling.maxReplicas .Values.node.replicas | int) }} + custom-node-key-{{ $index }}: {{ printf "%s/%s/%d" ($.Values.node.customNodeKey.seed | mustRegexFind "^.{64,}$") (default $fullname $.Values.node.customNodeKey.extraDerivation) $index | sha256sum | mustRegexFind "^[0-9a-zA-Z]{64}$" | b64enc }} + {{- end }} +{{- else }} + {{- fail (printf "ERROR: '.Values.node.customNodeKey' is invalid. Expected type 'string', 'slice', or 'map', but got: '%s'" (kindOf .Values.node.customNodeKey)) }} {{- end }} {{ end }} diff --git a/charts/node/templates/statefulset.yaml b/charts/node/templates/statefulset.yaml index 4bef0417..b5ab180d 100644 --- a/charts/node/templates/statefulset.yaml +++ b/charts/node/templates/statefulset.yaml @@ -603,9 +603,9 @@ spec: --node-key-file /keystore/node-key \ {{- else if .Values.node.customNodeKey }} {{- if eq ( typeOf .Values.node.customNodeKey ) "string" }} - --node-key $(cat /custom-node-key/custom-node-key) \ + --node-key-file /custom-node-key/custom-node-key \ {{- else }} - --node-key $(cat /custom-node-key/custom-node-key-${POD_INDEX}) \ + --node-key-file /custom-node-key/custom-node-key-${POD_INDEX} \ {{- end }} {{- else if .Values.node.existingSecrets.nodeKey }} --node-key $(cat /custom-node-key/{{ .Values.node.existingSecrets.nodeKey.secretKey }}{{ if .Values.node.existingSecrets.nodeKey.appendPodIndex }}-${POD_INDEX}{{ end }}) \ diff --git a/charts/node/values.yaml b/charts/node/values.yaml index 300c1bb8..072c2a82 100644 --- a/charts/node/values.yaml +++ b/charts/node/values.yaml @@ -432,8 +432,22 @@ node: # -- If enabled, generate a persistent volume to use for the keys persistGeneratedNodeKey: false - # -- List of the custom node key(s) for all pods in statefulset. + # -- List of custom node key(s) for all pods in the StatefulSet + # Alternatively, use `.seed` to derive node key(s). customNodeKey: [] + # + # Example configurations: + # customNodeKey: + # - aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa + # - bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb + # + # OR + # + # customNodeKey: + # seed: "Any secure, long, random string of at least 64 characters or longer" + # extraDerivation: "" # Optional. The `extraDerivation` value (default: release name) + # # and pod index will be appended to the seed to derive a new node key. + # -- Expose metrics via Prometheus format in /metrics endpoint. # Passes the following args to the Polkadot binary: