ecadlabs · jevonearth · Jul 30, 2021 · Jul 30, 2021 · Sep 14, 2021 · Sep 14, 2021
diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-FROM node:lts-alpine
+FROM node:14-alpine
 
 ADD package.json package.json
 ADD package-lock.json package-lock.json

diff --git a/README.md b/README.md
@@ -0,0 +1,24 @@
+## key-gen 
+
+The key-gen service will sign or provide secrets for pre-funded Tezos accounts. This service is helpful for testing and development workflows where the user needs to sign operations.
+
+The service requires a main "funder account." Key-gen generates a new pool of accounts in the target chain and funds each from the main funder account. Key-gen will maintain the size of the address pools.
+
+key-gen is used in Taquito's CI/CD integration tests and allows them to run in parallel, making CI/CD jobs finish sooner. The Taquito test suite will fetch a new secret from key-gen or request key-gen to sign an operation. 
+
+## Configuration files
+
+### Managing Authenticaion `accounts-config.json`
+
+The key-gen API offers basic authentication which is configured in the `accounts-config.json` file. 
+
+```json
+{
+  "flextesanet-t0k3n": { 			// The auth token exptected in the `Authorization:` HTTP header
+    "flextesanet": { 				// The network name, corresponds to entries in `pools.config.json`
+      "regular": "flextesanet", 		// Referts to a config entry in `pools-config.json`
+      "ephemeral": "ephemeral-keys-flextesanet" // Refers to a config entry in `ephemeral-config.json`
+    }
+  }
+}
+```
diff --git a/accounts-config.json b/accounts-config.json
@@ -6,9 +6,21 @@
     }
   },
   "taquito-example": {
-    "babylonnet": {
-      "regular": "taquito-example-babylonnet",
-      "ephemeral": "ephemeral-keys-babylonnet"
+    "granadanet": {
+      "regular": "taquito-example-granadanet",
+      "ephemeral": "ephemeral-keys-granadanet"
+    },
+    "edonet": {
+      "regular": "taquito-example-edonet",
+      "ephemeral": "ephemeral-keys-edonet"
+    },
+    "florencenet": {
+      "regular": "taquito-example-florencenet",
+      "ephemeral": "ephemeral-keys-florencenet"
+    },
+    "flextesanet": {
+      "regular": "taquito-example-flextesanet",
+      "ephemeral": "ephemeral-keys-flextesanet"
     }
   }
 }
diff --git a/accounts-config.single.json b/accounts-config.single.json
@@ -0,0 +1,14 @@
+{
+  "ligo-ide": {
+    "babylonnet": {
+      "regular": "ligo-ide-babylonnet",
+      "ephemeral": "ephemeral-keys-babylonnet"
+    }
+  },
+  "taquito-example": {
+    "flextesanet": {
+      "regular": "taquito-example-flextesanet",
+      "ephemeral": "ephemeral-keys-flextesanet"
+    }
+  }
+}
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -2,6 +2,8 @@ version: '3'
 services:
   redis:
     image: bitnami/redis
+    logging:
+        driver: json-file
     ports:
       - 6379:6379
     environment:
@@ -10,7 +12,14 @@ services:
       - /bitnami/redis/data
   signatory:
     image: ecadlabs/signatory:latest
+    logging:
+        driver: json-file
     ports:
       - 6732:6732
     volumes:
-      - ./signatory.yaml:/app/signatory.yaml
+      - ./signatory.yaml:/etc/signatory.yaml
+      - ./key_gen_funder.key:/etc/key_gen_funder.key
+networks:
+  default:
+    external: true
+    name: github_runner
diff --git a/ephemeral-config.json b/ephemeral-config.json
@@ -1,7 +1,22 @@
 {
-  "ephemeral-keys-babylonnet": {
-    "maxAmount": 1,
-    "expire": 3600,
-    "pool-id": "ephemeral-keys-babylonnet"
+  "ephemeral-keys-granadanet": {
+    "maxAmount": 30,
+    "expire": 300,
+    "pool-id": "ephemeral-keys-granadanet"
+  },
+  "ephemeral-keys-edonet": {
+    "maxAmount": 30,
+    "expire": 300,
+    "pool-id": "ephemeral-keys-edonet"
+  },
+  "ephemeral-keys-florencenet": {
+    "maxAmount": 30,
+    "expire": 300,
+    "pool-id": "ephemeral-keys-florencenet"
+  },
+  "ephemeral-keys-flextesanet": {
+    "maxAmount": 30,
+    "expire": 300,
+    "pool-id": "ephemeral-keys-flextesanet"
   }
-}
+}
diff --git a/ephemeral-config.single.json b/ephemeral-config.single.json
@@ -0,0 +1,7 @@
+{
+  "ephemeral-keys-flextesanet": {
+    "maxAmount": 300,
+    "expire": 300,
+    "pool-id": "ephemeral-keys-flextesanet"
+  }
+}
diff --git a/examples/flextesa/accounts-config.json b/examples/flextesa/accounts-config.json
@@ -0,0 +1,9 @@
+{
+  "flextesanet-t0k3n": {
+    "flextesanet": {
+      "regular": "flextesanet",
+      "ephemeral": "ephemeral-keys-flextesanet"
+    }
+  }
+}
+
diff --git a/examples/flextesa/docker-compose.yml b/examples/flextesa/docker-compose.yml
@@ -0,0 +1,38 @@
+version: '3'
+services:
+  redis:
+    image: bitnami/redis
+    environment:
+      - REDIS_PASSWORD=password123
+    volumes:
+      - /bitnami/redis/data
+  signatory:
+    image: ecadlabs/signatory:latest
+    volumes:
+      - ./signatory.yaml:/etc/signatory.yaml
+      - ./key_gen_funder.key:/etc/key_gen_funder.key
+  key-gen:
+    image: ecadlabs/tezos-key-gen-api:flextesa
+    ports:
+      - "${KEYGEN_PORT_MAPPING:-3000:3000}"
+      #- 3001:3001 #Prometheus metrics
+    environment:
+      - REDIS_HOST=redis
+      - REDIS_PASSWORD=password123
+    volumes:
+      - ./pools-config.json:/pools-config.json
+      - ./accounts-config.json:/accounts-config.json
+      - ./ephemeral-config.json:/ephemeral-config.json
+  flextesa:
+    image: "${FLEXTESA_IMAGE:-tqtezos/flextesa:20210602}"
+    environment:
+      - TEZOS_LOG=rpc -> INFO
+    ports:
+      - "${FLEXTESA_RPC_PORT_MAPPING:-8732:20000}"
+    command: "${FLEXTESA_BOX:-flobox} start"
+
+networks:
+  default:
+    external: true
+    name: flextesa
+
diff --git a/examples/flextesa/ephemeral-config.json b/examples/flextesa/ephemeral-config.json
@@ -0,0 +1,7 @@
+{
+  "ephemeral-keys-flextesanet": {
+    "maxAmount": 30,
+    "expire": 300,
+    "pool-id": "ephemeral-keys-flextesanet-alice"
+  }
+}
diff --git a/examples/flextesa/key_gen_funder.key b/examples/flextesa/key_gen_funder.key
@@ -0,0 +1,6 @@
+[
+  {
+    "name": "key_alice",
+    "value": "unencrypted:edsk3QoqBuvdamxouPhin7swCvkQNgq4jP5KZPbwWNnwdZpSpJiEbq"
+  }
+]
diff --git a/examples/flextesa/pools-config.json b/examples/flextesa/pools-config.json
@@ -0,0 +1,21 @@
+{
+  "flextesanet": {
+    "funderPKH": "tz1VSUr8wwNhLAzempoch5d6hLRiTh8Cjcjb",
+    "remoteSignerUrl": "http://signatory:6732",
+    "batchSize": 500,
+    "targetBuffer": 100,
+    "tzAmount": 20,
+    "rpcUrl": "http://flextesa:20000/",
+    "redisListName": "example:flextesanet-alice:address-pool"
+  },
+  "ephemeral-keys-flextesanet-alice": {
+    "funderPKH": "tz1VSUr8wwNhLAzempoch5d6hLRiTh8Cjcjb",
+    "remoteSignerUrl": "http://signatory:6732",
+    "batchSize": 500,
+    "targetBuffer": 100,
+    "tzAmount": 20,
+    "autoRefillDurationMS": 30000,
+    "rpcUrl": "http://flextesa:20000/",
+    "redisListName": "ephemeral-keys:flextesanet:address-pool"
+  }
+}
diff --git a/examples/flextesa/signatory.yaml b/examples/flextesa/signatory.yaml
@@ -0,0 +1,24 @@
+server:
+  # Default port 6732
+  address: :6732
+  # Default port 9583
+  utility_address: :9583
+vaults:
+  local_file_keys:
+    driver: file
+    config:
+      # tz1Rb18fBaZxkzDgFGAbcBZzxLCYdxyLryVX
+      file: /etc/key_gen_funder.key
+# List enabled public keys hashes here
+tezos:
+  tz1VSUr8wwNhLAzempoch5d6hLRiTh8Cjcjb: #Flextesa well known account "Alice"
+    allowed_operations:
+      # List of [generic, block, endorsement]
+      - generic
+      - block
+      - endorsement
+    allowed_kinds:
+      # List of [endorsement, ballot, reveal, transaction, origination, delegation, seed_nonce_revelation, activate_account]
+      - transaction
+      - endorsement
+      - reveal
diff --git a/key_gen_funder.key b/key_gen_funder.key
@@ -0,0 +1 @@
+[{ "name": "key_gen_funder", "value": "unencrypted:edskRonBXEZFZPjsMiqsa9YaECifKjHJCGiUeLmyT5Fc6aF4ppgDRcUsdfkp8X8pvD1RcZ8jShDqSjXGj5rNxdatHEeQznFw5C" }]