Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

persist triples #444

Merged
merged 30 commits into from
Feb 13, 2024
Merged

persist triples #444

merged 30 commits into from
Feb 13, 2024

Conversation

ppca
Copy link
Contributor

@ppca ppca commented Jan 31, 2024
edited
Loading

Included in this PR:

  1. when a node starts, it will load the triples from datastore and save it to the triples it has, and triple managers won't be changed. The node start won't crash if such load did not succeed, it will just proceed with empty set of triples.
  2. when the node generates a triple or remove a triple, the change will be persisted to datastore, but failure to persist won't crash the triple generation/removal function.
  3. refactored the GCP logic to instantiate secret storage and triple storage with one GcpService object and share parameters.
  4. integration test now runs with a secret being saved in memory and triples saved to datastore emulator.

About tests:

  1. I've written tests that talk to our gcp datastore to load triples, insert and delete triples, they went thru. But left them out from PR since they relied on certain triples being present in the datastore and also the machine running the integration test must have our gcp authentification.
  2. I wanted to write in integration test to verify the datastore has persisted triples but not yet succeeded. I've put the err message in comment in the integration test, if folks have ideas let me know.
  3. deployed my branch a set of 3 dev nodes, kill one of them, bring it back up to test the functionality. Seems to be working fine. Node here: https://console.cloud.google.com/run/detail/us-east1/multichain-dev-xiangyi-2/logs?project=pagoda-discovery-platform-dev

About encryption:
will do a followup for encryption after this one merges.

@github-actions GitHub Actions
Copy link

github-actions bot commented Jan 31, 2024
edited
Loading

Terraform Feature Environment (dev-444)

Terraform Initialization ⚙️success

Terraform Apply success

Show Apply Plan 

data.external.git_checkout: Reading...
data.external.git_checkout: Read complete after 0s [id=-]
data.google_compute_subnetwork.prod_subnetwork: Reading...
data.google_compute_subnetwork.dev_subnetwork: Reading...
data.google_compute_network.dev_network: Reading...
data.google_compute_network.prod_network: Reading...
google_service_account.service_account: Refreshing state... [id=projects/pagoda-discovery-platform-dev/serviceAccounts/mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
module.mpc-leader-lb.google_compute_region_network_endpoint_group.default_neg: Refreshing state... [id=projects/pagoda-discovery-platform-dev/regions/us-east1/networkEndpointGroups/mpc-dev-444-leader-neg]
data.google_compute_subnetwork.dev_subnetwork: Read complete after 1s [id=projects/pagoda-shared-infrastructure/regions/us-east1/subnetworks/cloudrun-main-dev-us-east1]
data.google_compute_network.prod_network: Read complete after 1s [id=projects/pagoda-shared-infrastructure/global/networks/prod]
module.mpc-leader-lb.google_compute_region_backend_service.default: Refreshing state... [id=projects/pagoda-discovery-platform-dev/regions/us-east1/backendServices/mpc-dev-444-leader-backend-service]
data.google_compute_network.dev_network: Read complete after 1s [id=projects/pagoda-shared-infrastructure/global/networks/dev]
google_project_iam_member.service-account-datastore-user: Refreshing state... [id=pagoda-discovery-platform-dev/roles/datastore.user/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
google_service_account_iam_binding.serivce-account-iam: Refreshing state... [id=projects/pagoda-discovery-platform-dev/serviceAccounts/mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com/roles/iam.serviceAccountUser]
google_secret_manager_secret_iam_member.cipher_key_secret_access[1]: Refreshing state... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-cipher-1-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
google_secret_manager_secret_iam_member.cipher_key_secret_access[0]: Refreshing state... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-cipher-0-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
google_secret_manager_secret_iam_member.fast_auth_partners_secret_access: Refreshing state... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-fast-auth-partners-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
google_secret_manager_secret_iam_member.account_creator_secret_access: Refreshing state... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-recovery-account-creator-sk-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
google_secret_manager_secret_iam_member.secret_share_secret_access[0]: Refreshing state... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-sk-share-0-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
google_secret_manager_secret_iam_member.cipher_key_secret_access[2]: Refreshing state... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-cipher-2-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
data.google_compute_subnetwork.prod_subnetwork: Read complete after 1s [id=projects/pagoda-shared-infrastructure/regions/us-east1/subnetworks/cloudrun-main-prod-us-east1]
google_secret_manager_secret_iam_member.secret_share_secret_access[1]: Refreshing state... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-sk-share-1-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
google_secret_manager_secret_iam_member.secret_share_secret_access[2]: Refreshing state... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-sk-share-2-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
module.mpc-leader-lb.google_compute_region_url_map.default: Refreshing state... [id=projects/pagoda-discovery-platform-dev/regions/us-east1/urlMaps/mpc-dev-444-leader-url-map]
module.signer[2].google_cloud_run_v2_service.signer: Refreshing state... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-2-dev-444]
module.signer[1].google_cloud_run_v2_service.signer: Refreshing state... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-1-dev-444]
module.signer[0].google_cloud_run_v2_service.signer: Refreshing state... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-0-dev-444]
module.mpc-leader-lb.google_compute_region_target_http_proxy.default: Refreshing state... [id=projects/pagoda-discovery-platform-dev/regions/us-east1/targetHttpProxies/mpc-dev-444-leader-http-proxy]
module.mpc-leader-lb.google_compute_forwarding_rule.default: Refreshing state... [id=projects/pagoda-discovery-platform-dev/regions/us-east1/forwardingRules/mpc-dev-444-leader-forwarding-rule]
module.signer[1].google_cloud_run_v2_service_iam_member.allow_all: Refreshing state... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-1-dev-444/roles/run.invoker/allUsers]
module.signer[0].google_cloud_run_v2_service_iam_member.allow_all: Refreshing state... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-0-dev-444/roles/run.invoker/allUsers]
module.signer[2].google_cloud_run_v2_service_iam_member.allow_all: Refreshing state... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-2-dev-444/roles/run.invoker/allUsers]
module.leader.google_cloud_run_v2_service.leader: Refreshing state... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-leader-dev-444]
module.leader.google_cloud_run_v2_service_iam_member.allow_all: Refreshing state... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-leader-dev-444/roles/run.invoker/allUsers]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # module.leader.google_cloud_run_v2_service.leader will be updated in-place
  ~ resource "google_cloud_run_v2_service" "leader" {
        id                      = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-leader-dev-444"
        name                    = "mpc-recovery-leader-dev-444"
        # (17 unchanged attributes hidden)

      ~ template {
            # (6 unchanged attributes hidden)

          ~ containers {
              ~ image   = "us-east1-docker.pkg.dev/pagoda-discovery-platform-dev/mpc-recovery/mpc-recovery-dev:9dbf8b96a2d117c9397618344c958dc82ca77e7c" -> "us-east1-docker.pkg.dev/pagoda-discovery-platform-dev/mpc-recovery/mpc-recovery-dev:b865a8b21a68e7721b82c040ec2ec86585387edd"
                # (2 unchanged attributes hidden)

                # (16 unchanged blocks hidden)
            }

            # (2 unchanged blocks hidden)
        }

        # (1 unchanged block hidden)
    }

  # module.signer[0].google_cloud_run_v2_service.signer will be updated in-place
  ~ resource "google_cloud_run_v2_service" "signer" {
        id                      = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-0-dev-444"
        name                    = "mpc-recovery-signer-0-dev-444"
        # (17 unchanged attributes hidden)

      ~ template {
            # (6 unchanged attributes hidden)

          ~ containers {
              ~ image   = "us-east1-docker.pkg.dev/pagoda-discovery-platform-dev/mpc-recovery/mpc-recovery-dev:9dbf8b96a2d117c9397618344c958dc82ca77e7c" -> "us-east1-docker.pkg.dev/pagoda-discovery-platform-dev/mpc-recovery/mpc-recovery-dev:b865a8b21a68e7721b82c040ec2ec86585387edd"
                # (2 unchanged attributes hidden)

                # (11 unchanged blocks hidden)
            }

            # (2 unchanged blocks hidden)
        }

        # (1 unchanged block hidden)
    }

  # module.signer[1].google_cloud_run_v2_service.signer will be updated in-place
  ~ resource "google_cloud_run_v2_service" "signer" {
        id                      = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-1-dev-444"
        name                    = "mpc-recovery-signer-1-dev-444"
        # (17 unchanged attributes hidden)

      ~ template {
            # (6 unchanged attributes hidden)

          ~ containers {
              ~ image   = "us-east1-docker.pkg.dev/pagoda-discovery-platform-dev/mpc-recovery/mpc-recovery-dev:9dbf8b96a2d117c9397618344c958dc82ca77e7c" -> "us-east1-docker.pkg.dev/pagoda-discovery-platform-dev/mpc-recovery/mpc-recovery-dev:b865a8b21a68e7721b82c040ec2ec86585387edd"
                # (2 unchanged attributes hidden)

                # (11 unchanged blocks hidden)
            }

            # (2 unchanged blocks hidden)
        }

        # (1 unchanged block hidden)
    }

  # module.signer[2].google_cloud_run_v2_service.signer will be updated in-place
  ~ resource "google_cloud_run_v2_service" "signer" {
        id                      = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-2-dev-444"
        name                    = "mpc-recovery-signer-2-dev-444"
        # (17 unchanged attributes hidden)

      ~ template {
            # (6 unchanged attributes hidden)

          ~ containers {
              ~ image   = "us-east1-docker.pkg.dev/pagoda-discovery-platform-dev/mpc-recovery/mpc-recovery-dev:9dbf8b96a2d117c9397618344c958dc82ca77e7c" -> "us-east1-docker.pkg.dev/pagoda-discovery-platform-dev/mpc-recovery/mpc-recovery-dev:b865a8b21a68e7721b82c040ec2ec86585387edd"
                # (2 unchanged attributes hidden)

                # (11 unchanged blocks hidden)
            }

            # (2 unchanged blocks hidden)
        }

        # (1 unchanged block hidden)
    }

Plan: 0 to add, 4 to change, 0 to destroy.
module.signer[0].google_cloud_run_v2_service.signer: Modifying... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-0-dev-444]
module.signer[2].google_cloud_run_v2_service.signer: Modifying... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-2-dev-444]
module.signer[1].google_cloud_run_v2_service.signer: Modifying... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-1-dev-444]
module.signer[2].google_cloud_run_v2_service.signer: Still modifying... [id=projects/pagoda-discovery-platform-dev/...services/mpc-recovery-signer-2-dev-444, 10s elapsed]
module.signer[0].google_cloud_run_v2_service.signer: Still modifying... [id=projects/pagoda-discovery-platform-dev/...services/mpc-recovery-signer-0-dev-444, 10s elapsed]
module.signer[1].google_cloud_run_v2_service.signer: Still modifying... [id=projects/pagoda-discovery-platform-dev/...services/mpc-recovery-signer-1-dev-444, 10s elapsed]
module.signer[2].google_cloud_run_v2_service.signer: Modifications complete after 13s [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-2-dev-444]
module.signer[0].google_cloud_run_v2_service.signer: Still modifying... [id=projects/pagoda-discovery-platform-dev/...services/mpc-recovery-signer-0-dev-444, 20s elapsed]
module.signer[1].google_cloud_run_v2_service.signer: Still modifying... [id=projects/pagoda-discovery-platform-dev/...services/mpc-recovery-signer-1-dev-444, 20s elapsed]
module.signer[1].google_cloud_run_v2_service.signer: Modifications complete after 22s [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-1-dev-444]
module.signer[0].google_cloud_run_v2_service.signer: Modifications complete after 22s [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-0-dev-444]
module.leader.google_cloud_run_v2_service.leader: Modifying... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-leader-dev-444]
module.leader.google_cloud_run_v2_service.leader: Still modifying... [id=projects/pagoda-discovery-platform-dev/...1/services/mpc-recovery-leader-dev-444, 10s elapsed]
module.leader.google_cloud_run_v2_service.leader: Still modifying... [id=projects/pagoda-discovery-platform-dev/...1/services/mpc-recovery-leader-dev-444, 20s elapsed]
module.leader.google_cloud_run_v2_service.leader: Modifications complete after 21s [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-leader-dev-444]

Apply complete! Resources: 0 added, 4 changed, 0 destroyed.

Outputs:

leader_node = "https://mpc-recovery-leader-dev-444-7tk2cmmtcq-ue.a.run.app"

Pusher: @ppca, Action: pull_request, Working Directory: ``, Workflow: Terraform Feature Env

URL: https://mpc-recovery-leader-dev-444-7tk2cmmtcq-ue.a.run.app

@ppca ppca marked this pull request as ready for review February 5, 2024 19:13
@ppca ppca changed the title draft: persist triples persist triples Feb 5, 2024
@ppca ppca mentioned this pull request Feb 7, 2024
Closed
@volovyks volovyks linked an issue Feb 8, 2024 that may be closed by this pull request
Pick a persistent storage solution (let's **not** use Google Datastore this time though) #430
Closed
volovyks
volovyks previously approved these changes Feb 8, 2024
View reviewed changes
Copy link
Collaborator

@volovyks volovyks left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, all the comments are optional or can be addressed in a separate PR.

Overall the only thing that concerns me with triple persistence is more edge cases, stale triples, etc. We should design it in a way that will not introduce new challenges for us and just help to reduce the number of triples that we need to generate after reboot.

  • Do we have a mechanism to delete stale triples? Otherwise, our DB can grow indefinitely.
  • I assume that if some of the triples are not in sync between all the nodes, we will drop this particular protocol, choose the other 2 triples, and try again. Is that so @ChaoticTempest ? It should allow us to overcome read/write failures to DB.

Integration tests:

  • Separate tests for DB are not a priority, let's not waste time on this for now
  • A top-level test that checks the number of triples after node load would be nice to have (separate PR)

integration-tests/src/multichain/mod.rs
.await?;

let storage_options = mpc_recovery_node::storage::Options {
gcp_project_id: Some("multichain-integration".to_string()),
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Probably we want to reuse the variable defined above.

integration-tests/tests/multichain/mod.rs
@@ -38,6 +38,15 @@ async fn test_triples_and_presignatures() -> anyhow::Result<()> {
assert_eq!(state_0.participants.len(), 3);
wait_for::has_at_least_triples(&ctx, 2).await?;
wait_for::has_at_least_presignatures(&ctx, 2).await?;
// TODO: add test that checks #triples in datastore
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would rather create a separate test. In that test, I would:

  • Start 3 nodes
  • Wait for a generation of N triples
  • Stop all 3 nodes
  • Start one of them and check that it has N triples (it will not be able to generate new triples, since other nodes are down)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah I wanted to do this but was not able to access the datastore correctly. The error is as shown a few lines down

node/src/gcp/value.rs

#[derive(Debug, Clone)]
pub enum Value {
BooleanValue(bool),
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it hard to create a place for common code between FastAuth and Multichain codebases? Code duplication is never a good idea. But I understand, we do not want to touch the old codebase.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah I don't want to mess up mpc code since it's working and I'm not sure maybe we retire mpc code base altogether someday so decided to write a new one.

@ppca
Copy link
Contributor Author

ppca commented Feb 8, 2024

Do we have a mechanism to delete stale triples? Otherwise, our DB can grow indefinitely.
-- yeah this is true. I could look into periodically cleaning the datastore table

@ppca
Copy link
Contributor Author

ppca commented Feb 8, 2024
edited
Loading

I assume that if some of the triples are not in sync between all the nodes, we will drop this particular protocol, choose the other 2 triples, and try again.

I think currently if one node goes offline while a protocol is in progress, then that protocol will be stuck forever.
If the protocol for generating triples went thru successfully with all participants, but then I restarted without some triple, then other nodes could potentially try to use the triples I don't have to generate presignature, and that presignature protocol will be stuck forever.
However, as long as presignature_manager.my_len() < 2 && presignature_manager.potential_len() < 10 satisfies, the node will continuously try to generate presignature by picking out distinct pairs (non-overlapping) of triples from triple_manager.mine, given there are >= 2 triples in triple_manager.mine.
Triples will also be repeated generated if triple_manager.mine < 2 and total triples < 10.
So, in most cases, even if there are no synced triples among nodes (all triple_id in all nodes are different), the nodes will be able to generate new presignatures or generate new triples and use them for signature requests. However, there are corner cases like triple_manager.my_len() == 1 yet triple_manager.len() >= 10 where the nodes will be stuck forever. I think @ChaoticTempest 's beacon triple generation might solve this as it continuous stock up triples.

@volovyks
Copy link
Collaborator

volovyks commented Feb 9, 2024

Do we have a mechanism to delete stale triples? Otherwise, our DB can grow indefinitely. -- yeah this is true. I could look into periodically cleaning the datastore table

This PR should be discussed together with #446. Check my last proposition, it may help with this issue,

ChaoticTempest
ChaoticTempest reviewed Feb 9, 2024
View reviewed changes
Copy link
Member

@ChaoticTempest ChaoticTempest left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did a brief scan of this, will do a more in depth one later, but so far looking good for the most part besides some things I mentioned

node/src/protocol/triple.rs Outdated
) -> Self {
let mut mine: VecDeque<TripleId> = VecDeque::new();
let mut all_triples = HashMap::new();
if let Some(triple_data_vec) = triples.clone() {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is this clone() necessary here?

node/src/protocol/triple.rs Outdated
Comment on lines 125 to 150
let mine1 = self.mine.contains(&triple1.id);
let mine2 = self.mine.contains(&triple2.id);
let mut write_lock = self.triple_storage.write().await;
let account_id = &write_lock.account_id();
match write_lock
.delete(TripleData {
account_id: account_id.clone(),
triple: triple1.clone(),
mine: mine1,
})
.await
{
Ok(()) => tracing::info!(id0, "successfully deleted triple"),
Err(error) => tracing::info!(id0, ?error, "delete triple failed"),
}
match write_lock
.delete(TripleData {
account_id: account_id.clone(),
triple: triple2.clone(),
mine: mine2,
})
.await
{
Ok(()) => tracing::info!(id1, "successfully deleted triple"),
Err(error) => tracing::info!(id1, ?error, "delete triple failed"),
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

let's make this into a separate function for easier readability

node/src/protocol/triple.rs Outdated
Comment on lines 295 to 310
let mut write_lock = self.triple_storage.write().await;
let account_id = write_lock.account_id().clone();
for triple in async_triples_to_insert {
let mine = self.mine.contains(&triple.id);
match write_lock
.insert(TripleData {
account_id: account_id.clone(),
triple,
mine,
})
.await
{
Ok(()) => tracing::info!("successfully inserted triple"),
Err(error) => tracing::info!("triple insertion failed: {}", error),
}
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this seems like this could be another separate function inside TripleStorage. Now that I see it again, let's not log on every Ok. The logs will get spammed otherwise

node/src/protocol/triple.rs Outdated
.map(|me| TripleManager::new(participants.clone(), *me, number as usize, 0))
let participants: Vec<Participant> = range.clone().map(Participant::from).collect();
let managers = range
.clone()
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

hmm, why is this a clone instead of an iter or into_iter?

node/src/protocol/triple.rs Outdated
Comment on lines 431 to 432
let runtime = tokio::runtime::Runtime::new().unwrap();
runtime.block_on(async {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you can also do a #[tokio::test] instead on top of the function just so the code here doesn't shift into a different scope

node/src/gcp/mod.rs Outdated
Comment on lines 332 to 333
pub datastore: Option<DatastoreService>,
pub secret_manager: Option<SecretManagerService>,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why are these options? Would be unwieldy to use later when we go and directly reference them everytime?

node/src/protocol/consensus.rs Outdated
Comment on lines 688 to 691
let triple_data = match triple_data_result {
Ok(vec_triple_data) => Some(vec_triple_data),
_ => None,
};
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

youu can shorten this to:

Suggested change
let triple_data = match triple_data_result {
Ok(vec_triple_data) => Some(vec_triple_data),
_ => None,
};
let triple_data = match triple_data_result.ok();

node/src/protocol/state.rs Outdated
pub struct StartedState(pub Option<PersistentNodeData>);
pub struct StartedState {
pub persistent_node_data: Option<PersistentNodeData>,
pub triple_data: Option<Vec<TripleData>>,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why is this an option? I'd imagine this could just be an empty vec by default otherwise

@volovyks
Copy link
Collaborator

Nice work @ppca! Merging.

@volovyks volovyks merged commit 22a3726 into develop Feb 13, 2024
6 checks passed
@github-actions GitHub Actions
Copy link

Terraform Feature Environment Destroy (dev-444)

Terraform Initialization ⚙️success

Terraform Destroy success

Show Destroy Plan 

data.external.git_checkout: Reading...
data.external.git_checkout: Read complete after 0s [id=-]
google_service_account.service_account: Refreshing state... [id=projects/pagoda-discovery-platform-dev/serviceAccounts/mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
data.google_compute_network.dev_network: Reading...
data.google_compute_subnetwork.prod_subnetwork: Reading...
data.google_compute_subnetwork.dev_subnetwork: Reading...
data.google_compute_network.prod_network: Reading...
module.mpc-leader-lb.google_compute_region_network_endpoint_group.default_neg: Refreshing state... [id=projects/pagoda-discovery-platform-dev/regions/us-east1/networkEndpointGroups/mpc-dev-444-leader-neg]
google_secret_manager_secret_iam_member.account_creator_secret_access: Refreshing state... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-recovery-account-creator-sk-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
google_secret_manager_secret_iam_member.fast_auth_partners_secret_access: Refreshing state... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-fast-auth-partners-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
google_project_iam_member.service-account-datastore-user: Refreshing state... [id=pagoda-discovery-platform-dev/roles/datastore.user/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
google_service_account_iam_binding.serivce-account-iam: Refreshing state... [id=projects/pagoda-discovery-platform-dev/serviceAccounts/mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com/roles/iam.serviceAccountUser]
google_secret_manager_secret_iam_member.cipher_key_secret_access[0]: Refreshing state... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-cipher-0-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
data.google_compute_subnetwork.dev_subnetwork: Read complete after 0s [id=projects/pagoda-shared-infrastructure/regions/us-east1/subnetworks/cloudrun-main-dev-us-east1]
google_secret_manager_secret_iam_member.cipher_key_secret_access[1]: Refreshing state... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-cipher-1-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
google_secret_manager_secret_iam_member.cipher_key_secret_access[2]: Refreshing state... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-cipher-2-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
data.google_compute_network.dev_network: Read complete after 0s [id=projects/pagoda-shared-infrastructure/global/networks/dev]
data.google_compute_subnetwork.prod_subnetwork: Read complete after 0s [id=projects/pagoda-shared-infrastructure/regions/us-east1/subnetworks/cloudrun-main-prod-us-east1]
google_secret_manager_secret_iam_member.secret_share_secret_access[1]: Refreshing state... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-sk-share-1-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
google_secret_manager_secret_iam_member.secret_share_secret_access[2]: Refreshing state... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-sk-share-2-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
data.google_compute_network.prod_network: Read complete after 0s [id=projects/pagoda-shared-infrastructure/global/networks/prod]
google_secret_manager_secret_iam_member.secret_share_secret_access[0]: Refreshing state... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-sk-share-0-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
module.mpc-leader-lb.google_compute_region_backend_service.default: Refreshing state... [id=projects/pagoda-discovery-platform-dev/regions/us-east1/backendServices/mpc-dev-444-leader-backend-service]
module.mpc-leader-lb.google_compute_region_url_map.default: Refreshing state... [id=projects/pagoda-discovery-platform-dev/regions/us-east1/urlMaps/mpc-dev-444-leader-url-map]
module.signer[1].google_cloud_run_v2_service.signer: Refreshing state... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-1-dev-444]
module.signer[2].google_cloud_run_v2_service.signer: Refreshing state... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-2-dev-444]
module.signer[0].google_cloud_run_v2_service.signer: Refreshing state... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-0-dev-444]
module.mpc-leader-lb.google_compute_region_target_http_proxy.default: Refreshing state... [id=projects/pagoda-discovery-platform-dev/regions/us-east1/targetHttpProxies/mpc-dev-444-leader-http-proxy]
module.signer[1].google_cloud_run_v2_service_iam_member.allow_all: Refreshing state... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-1-dev-444/roles/run.invoker/allUsers]
module.signer[0].google_cloud_run_v2_service_iam_member.allow_all: Refreshing state... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-0-dev-444/roles/run.invoker/allUsers]
module.signer[2].google_cloud_run_v2_service_iam_member.allow_all: Refreshing state... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-2-dev-444/roles/run.invoker/allUsers]
module.mpc-leader-lb.google_compute_forwarding_rule.default: Refreshing state... [id=projects/pagoda-discovery-platform-dev/regions/us-east1/forwardingRules/mpc-dev-444-leader-forwarding-rule]
module.leader.google_cloud_run_v2_service.leader: Refreshing state... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-leader-dev-444]
module.leader.google_cloud_run_v2_service_iam_member.allow_all: Refreshing state... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-leader-dev-444/roles/run.invoker/allUsers]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  - destroy

Terraform will perform the following actions:

  # google_project_iam_member.service-account-datastore-user will be destroyed
  - resource "google_project_iam_member" "service-account-datastore-user" {
      - etag    = "BwYROPYX/EM=" -> null
      - id      = "pagoda-discovery-platform-dev/roles/datastore.user/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
      - member  = "serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
      - project = "pagoda-discovery-platform-dev" -> null
      - role    = "roles/datastore.user" -> null
    }

  # google_secret_manager_secret_iam_member.account_creator_secret_access will be destroyed
  - resource "google_secret_manager_secret_iam_member" "account_creator_secret_access" {
      - etag      = "BwYROPbFoY4=" -> null
      - id        = "projects/pagoda-discovery-platform-dev/secrets/mpc-recovery-account-creator-sk-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
      - member    = "serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
      - project   = "pagoda-discovery-platform-dev" -> null
      - role      = "roles/secretmanager.secretAccessor" -> null
      - secret_id = "projects/pagoda-discovery-platform-dev/secrets/mpc-recovery-account-creator-sk-dev" -> null
    }

  # google_secret_manager_secret_iam_member.cipher_key_secret_access[0] will be destroyed
  - resource "google_secret_manager_secret_iam_member" "cipher_key_secret_access" {
      - etag      = "BwYROPenYNk=" -> null
      - id        = "projects/pagoda-discovery-platform-dev/secrets/mpc-cipher-0-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
      - member    = "serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
      - project   = "pagoda-discovery-platform-dev" -> null
      - role      = "roles/secretmanager.secretAccessor" -> null
      - secret_id = "projects/pagoda-discovery-platform-dev/secrets/mpc-cipher-0-dev" -> null
    }

  # google_secret_manager_secret_iam_member.cipher_key_secret_access[1] will be destroyed
  - resource "google_secret_manager_secret_iam_member" "cipher_key_secret_access" {
      - etag      = "BwYROPelQEY=" -> null
      - id        = "projects/pagoda-discovery-platform-dev/secrets/mpc-cipher-1-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
      - member    = "serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
      - project   = "pagoda-discovery-platform-dev" -> null
      - role      = "roles/secretmanager.secretAccessor" -> null
      - secret_id = "projects/pagoda-discovery-platform-dev/secrets/mpc-cipher-1-dev" -> null
    }

  # google_secret_manager_secret_iam_member.cipher_key_secret_access[2] will be destroyed
  - resource "google_secret_manager_secret_iam_member" "cipher_key_secret_access" {
      - etag      = "BwYROPenJKw=" -> null
      - id        = "projects/pagoda-discovery-platform-dev/secrets/mpc-cipher-2-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
      - member    = "serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
      - project   = "pagoda-discovery-platform-dev" -> null
      - role      = "roles/secretmanager.secretAccessor" -> null
      - secret_id = "projects/pagoda-discovery-platform-dev/secrets/mpc-cipher-2-dev" -> null
    }

  # google_secret_manager_secret_iam_member.fast_auth_partners_secret_access will be destroyed
  - resource "google_secret_manager_secret_iam_member" "fast_auth_partners_secret_access" {
      - etag      = "BwYROPbFJ6s=" -> null
      - id        = "projects/pagoda-discovery-platform-dev/secrets/mpc-fast-auth-partners-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
      - member    = "serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
      - project   = "pagoda-discovery-platform-dev" -> null
      - role      = "roles/secretmanager.secretAccessor" -> null
      - secret_id = "projects/pagoda-discovery-platform-dev/secrets/mpc-fast-auth-partners-dev" -> null
    }

  # google_secret_manager_secret_iam_member.secret_share_secret_access[0] will be destroyed
  - resource "google_secret_manager_secret_iam_member" "secret_share_secret_access" {
      - etag      = "BwYROPem6ys=" -> null
      - id        = "projects/pagoda-discovery-platform-dev/secrets/mpc-sk-share-0-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
      - member    = "serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
      - project   = "pagoda-discovery-platform-dev" -> null
      - role      = "roles/secretmanager.secretAccessor" -> null
      - secret_id = "projects/pagoda-discovery-platform-dev/secrets/mpc-sk-share-0-dev" -> null
    }

  # google_secret_manager_secret_iam_member.secret_share_secret_access[1] will be destroyed
  - resource "google_secret_manager_secret_iam_member" "secret_share_secret_access" {
      - etag      = "BwYROPem+pA=" -> null
      - id        = "projects/pagoda-discovery-platform-dev/secrets/mpc-sk-share-1-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
      - member    = "serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
      - project   = "pagoda-discovery-platform-dev" -> null
      - role      = "roles/secretmanager.secretAccessor" -> null
      - secret_id = "projects/pagoda-discovery-platform-dev/secrets/mpc-sk-share-1-dev" -> null
    }

  # google_secret_manager_secret_iam_member.secret_share_secret_access[2] will be destroyed
  - resource "google_secret_manager_secret_iam_member" "secret_share_secret_access" {
      - etag      = "BwYROPem9Q4=" -> null
      - id        = "projects/pagoda-discovery-platform-dev/secrets/mpc-sk-share-2-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
      - member    = "serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
      - project   = "pagoda-discovery-platform-dev" -> null
      - role      = "roles/secretmanager.secretAccessor" -> null
      - secret_id = "projects/pagoda-discovery-platform-dev/secrets/mpc-sk-share-2-dev" -> null
    }

  # google_service_account.service_account will be destroyed
  - resource "google_service_account" "service_account" {
      - account_id   = "mpc-recovery-dev-444" -> null
      - disabled     = false -> null
      - display_name = "MPC Recovery dev-444 Account" -> null
      - email        = "mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
      - id           = "projects/pagoda-discovery-platform-dev/serviceAccounts/mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
      - member       = "serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
      - name         = "projects/pagoda-discovery-platform-dev/serviceAccounts/mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
      - project      = "pagoda-discovery-platform-dev" -> null
      - unique_id    = "107317677555377398182" -> null
    }

  # google_service_account_iam_binding.serivce-account-iam will be destroyed
  - resource "google_service_account_iam_binding" "serivce-account-iam" {
      - etag               = "BwYQRGoyTyQ=" -> null
      - id                 = "projects/pagoda-discovery-platform-dev/serviceAccounts/mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com/roles/iam.serviceAccountUser" -> null
      - members            = [
          - "serviceAccount:mpc-recovery@pagoda-discovery-platform-dev.iam.gserviceaccount.com",
        ] -> null
      - role               = "roles/iam.serviceAccountUser" -> null
      - service_account_id = "projects/pagoda-discovery-platform-dev/serviceAccounts/mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
    }

  # module.leader.google_cloud_run_v2_service.leader will be destroyed
  - resource "google_cloud_run_v2_service" "leader" {
      - annotations             = {} -> null
      - conditions              = [
          - {
              - execution_reason     = ""
              - last_transition_time = "2024-02-13T00:48:01.003689Z"
              - message              = ""
              - reason               = ""
              - revision_reason      = ""
              - severity             = ""
              - state                = "CONDITION_SUCCEEDED"
              - type                 = "RoutesReady"
            },
          - {
              - execution_reason     = ""
              - last_transition_time = "2024-01-31T21:18:36.044675Z"
              - message              = ""
              - reason               = ""
              - revision_reason      = ""
              - severity             = ""
              - state                = "CONDITION_SUCCEEDED"
              - type                 = "ConfigurationsReady"
            },
        ] -> null
      - etag                    = "\"CLb4qq4GEKihna8B/cHJvamVjdHMvcGFnb2RhLWRpc2NvdmVyeS1wbGF0Zm9ybS1kZXYvbG9jYXRpb25zL3VzLWVhc3QxL3NlcnZpY2VzL21wYy1yZWNvdmVyeS1sZWFkZXItZGV2LTQ0NA\"" -> null
      - generation              = "21" -> null
      - id                      = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-leader-dev-444" -> null
      - ingress                 = "INGRESS_TRAFFIC_INTERNAL_LOAD_BALANCER" -> null
      - labels                  = {} -> null
      - latest_created_revision = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-leader-dev-444/revisions/mpc-recovery-leader-dev-444-00021-njp" -> null
      - latest_ready_revision   = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-leader-dev-444/revisions/mpc-recovery-leader-dev-444-00021-njp" -> null
      - launch_stage            = "GA" -> null
      - location                = "us-east1" -> null
      - name                    = "mpc-recovery-leader-dev-444" -> null
      - observed_generation     = "21" -> null
      - project                 = "pagoda-discovery-platform-dev" -> null
      - reconciling             = false -> null
      - terminal_condition      = [
          - {
              - execution_reason     = ""
              - last_transition_time = "2024-02-13T00:48:01.059389Z"
              - message              = ""
              - reason               = ""
              - revision_reason      = ""
              - severity             = ""
              - state                = "CONDITION_SUCCEEDED"
              - type                 = "Ready"
            },
        ] -> null
      - traffic_statuses        = [
          - {
              - percent  = 100
              - revision = ""
              - tag      = ""
              - type     = "TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST"
              - uri      = ""
            },
        ] -> null
      - uid                     = "1a901466-0c05-4168-a8ce-54cb2cbbcc21" -> null
      - uri                     = "https://mpc-recovery-leader-dev-444-7tk2cmmtcq-ue.a.run.app" -> null

      - template {
          - annotations                      = {} -> null
          - labels                           = {} -> null
          - max_instance_request_concurrency = 80 -> null
          - service_account                  = "mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
          - session_affinity                 = false -> null
          - timeout                          = "300s" -> null

          - containers {
              - args    = [
                  - "start-leader",
                ] -> null
              - command = [] -> null
              - image   = "us-east1-docker.pkg.dev/pagoda-discovery-platform-dev/mpc-recovery/mpc-recovery-dev:b865a8b21a68e7721b82c040ec2ec86585387edd" -> null

              - env {
                  - name  = "MPC_RECOVERY_WEB_PORT" -> null
                  - value = "3000" -> null
                }
              - env {
                  - name  = "MPC_RECOVERY_SIGN_NODES" -> null
                  - value = "https://mpc-recovery-signer-0-dev-444-7tk2cmmtcq-ue.a.run.app,https://mpc-recovery-signer-1-dev-444-7tk2cmmtcq-ue.a.run.app,https://mpc-recovery-signer-2-dev-444-7tk2cmmtcq-ue.a.run.app" -> null
                }
              - env {
                  - name  = "MPC_RECOVERY_NEAR_RPC" -> null
                  - value = "https://rpc.testnet.near.org" -> null
                }
              - env {
                  - name  = "MPC_RECOVERY_NEAR_ROOT_ACCOUNT" -> null
                  - value = "testnet" -> null
                }
              - env {
                  - name  = "MPC_RECOVERY_ACCOUNT_CREATOR_ID" -> null
                  - value = "mpc-recovery-dev-creator.testnet" -> null
                }
              - env {
                  - name  = "MPC_RECOVERY_GCP_PROJECT_ID" -> null
                  - value = "pagoda-discovery-platform-dev" -> null
                }
              - env {
                  - name  = "MPC_RECOVERY_ENV" -> null
                  - value = "dev-444" -> null
                }
              - env {
                  - name = "MPC_RECOVERY_ACCOUNT_CREATOR_SK" -> null

                  - value_source {
                      - secret_key_ref {
                          - secret  = "mpc-recovery-account-creator-sk-dev" -> null
                          - version = "latest" -> null
                        }
                    }
                }
              - env {
                  - name = "FAST_AUTH_PARTNERS" -> null

                  - value_source {
                      - secret_key_ref {
                          - secret  = "mpc-fast-auth-partners-dev" -> null
                          - version = "latest" -> null
                        }
                    }
                }
              - env {
                  - name  = "MPC_RECOVERY_JWT_SIGNATURE_PK_URL" -> null
                  - value = "https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com" -> null
                }
              - env {
                  - name  = "MPC_RECOVERY_OTLP_ENDPOINT" -> null
                  - value = "https://otel.dev.api.pagoda.co:443/v1/traces" -> null
                }
              - env {
                  - name  = "MPC_RECOVERY_OPENTELEMETRY_LEVEL" -> null
                  - value = "debug" -> null
                }
              - env {
                  - name  = "RUST_LOG" -> null
                  - value = "mpc_recovery=debug" -> null
                }

              - ports {
                  - container_port = 3000 -> null
                  - name           = "http1" -> null
                }

              - resources {
                  - cpu_idle          = false -> null
                  - limits            = {
                      - "cpu"    = "2"
                      - "memory" = "2Gi"
                    } -> null
                  - startup_cpu_boost = false -> null
                }

              - startup_probe {
                  - failure_threshold     = 1 -> null
                  - initial_delay_seconds = 0 -> null
                  - period_seconds        = 240 -> null
                  - timeout_seconds       = 240 -> null

                  - tcp_socket {
                      - port = 3000 -> null
                    }
                }
            }

          - scaling {
              - max_instance_count = 1 -> null
              - min_instance_count = 1 -> null
            }

          - vpc_access {
              - connector = "projects/pagoda-shared-infrastructure/locations/us-east1/connectors/dev-connector1" -> null
              - egress    = "PRIVATE_RANGES_ONLY" -> null
            }
        }

      - traffic {
          - percent = 100 -> null
          - type    = "TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST" -> null
        }
    }

  # module.leader.google_cloud_run_v2_service_iam_member.allow_all will be destroyed
  - resource "google_cloud_run_v2_service_iam_member" "allow_all" {
      - etag     = "BwYQRG0959o=" -> null
      - id       = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-leader-dev-444/roles/run.invoker/allUsers" -> null
      - location = "us-east1" -> null
      - member   = "allUsers" -> null
      - name     = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-leader-dev-444" -> null
      - project  = "pagoda-discovery-platform-dev" -> null
      - role     = "roles/run.invoker" -> null
    }

  # module.mpc-leader-lb.google_compute_forwarding_rule.default will be destroyed
  - resource "google_compute_forwarding_rule" "default" {
      - all_ports               = false -> null
      - allow_global_access     = false -> null
      - allow_psc_global_access = false -> null
      - creation_timestamp      = "2024-01-31T13:18:59.978-08:00" -> null
      - id                      = "projects/pagoda-discovery-platform-dev/regions/us-east1/forwardingRules/mpc-dev-444-leader-forwarding-rule" -> null
      - ip_address              = "10.50.0.19" -> null
      - ip_protocol             = "TCP" -> null
      - is_mirroring_collector  = false -> null
      - label_fingerprint       = "42WmSpB8rSM=" -> null
      - labels                  = {} -> null
      - load_balancing_scheme   = "INTERNAL_MANAGED" -> null
      - name                    = "mpc-dev-444-leader-forwarding-rule" -> null
      - network                 = "https://www.googleapis.com/compute/v1/projects/pagoda-shared-infrastructure/global/networks/dev" -> null
      - network_tier            = "PREMIUM" -> null
      - port_range              = "80-80" -> null
      - ports                   = [] -> null
      - project                 = "pagoda-discovery-platform-dev" -> null
      - region                  = "us-east1" -> null
      - self_link               = "https://www.googleapis.com/compute/v1/projects/pagoda-discovery-platform-dev/regions/us-east1/forwardingRules/mpc-dev-444-leader-forwarding-rule" -> null
      - source_ip_ranges        = [] -> null
      - subnetwork              = "https://www.googleapis.com/compute/v1/projects/pagoda-shared-infrastructure/regions/us-east1/subnetworks/cloudrun-main-dev-us-east1" -> null
      - target                  = "https://www.googleapis.com/compute/v1/projects/pagoda-discovery-platform-dev/regions/us-east1/targetHttpProxies/mpc-dev-444-leader-http-proxy" -> null
    }

  # module.mpc-leader-lb.google_compute_region_backend_service.default will be destroyed
  - resource "google_compute_region_backend_service" "default" {
      - affinity_cookie_ttl_sec         = 0 -> null
      - connection_draining_timeout_sec = 0 -> null
      - creation_timestamp              = "2024-01-31T13:18:15.851-08:00" -> null
      - enable_cdn                      = false -> null
      - fingerprint                     = "78SHgiJwUkk=" -> null
      - health_checks                   = [] -> null
      - id                              = "projects/pagoda-discovery-platform-dev/regions/us-east1/backendServices/mpc-dev-444-leader-backend-service" -> null
      - load_balancing_scheme           = "INTERNAL_MANAGED" -> null
      - name                            = "mpc-dev-444-leader-backend-service" -> null
      - port_name                       = "http" -> null
      - project                         = "pagoda-discovery-platform-dev" -> null
      - protocol                        = "HTTP" -> null
      - region                          = "us-east1" -> null
      - self_link                       = "https://www.googleapis.com/compute/v1/projects/pagoda-discovery-platform-dev/regions/us-east1/backendServices/mpc-dev-444-leader-backend-service" -> null
      - session_affinity                = "NONE" -> null
      - timeout_sec                     = 30 -> null

      - backend {
          - balancing_mode               = "UTILIZATION" -> null
          - capacity_scaler              = 1 -> null
          - failover                     = false -> null
          - group                        = "https://www.googleapis.com/compute/v1/projects/pagoda-discovery-platform-dev/regions/us-east1/networkEndpointGroups/mpc-dev-444-leader-neg" -> null
          - max_connections              = 0 -> null
          - max_connections_per_endpoint = 0 -> null
          - max_connections_per_instance = 0 -> null
          - max_rate                     = 0 -> null
          - max_rate_per_endpoint        = 0 -> null
          - max_rate_per_instance        = 0 -> null
          - max_utilization              = 0 -> null
        }
    }

  # module.mpc-leader-lb.google_compute_region_network_endpoint_group.default_neg will be destroyed
  - resource "google_compute_region_network_endpoint_group" "default_neg" {
      - id                    = "projects/pagoda-discovery-platform-dev/regions/us-east1/networkEndpointGroups/mpc-dev-444-leader-neg" -> null
      - name                  = "mpc-dev-444-leader-neg" -> null
      - network_endpoint_type = "SERVERLESS" -> null
      - project               = "pagoda-discovery-platform-dev" -> null
      - region                = "https://www.googleapis.com/compute/v1/projects/pagoda-discovery-platform-dev/regions/us-east1" -> null
      - self_link             = "https://www.googleapis.com/compute/v1/projects/pagoda-discovery-platform-dev/regions/us-east1/networkEndpointGroups/mpc-dev-444-leader-neg" -> null

      - cloud_run {
          - service = "mpc-recovery-leader-dev-444" -> null
        }
    }

  # module.mpc-leader-lb.google_compute_region_target_http_proxy.default will be destroyed
  - resource "google_compute_region_target_http_proxy" "default" {
      - creation_timestamp = "2024-01-31T13:18:48.627-08:00" -> null
      - id                 = "projects/pagoda-discovery-platform-dev/regions/us-east1/targetHttpProxies/mpc-dev-444-leader-http-proxy" -> null
      - name               = "mpc-dev-444-leader-http-proxy" -> null
      - project            = "pagoda-discovery-platform-dev" -> null
      - proxy_id           = 7619359771079412000 -> null
      - region             = "us-east1" -> null
      - self_link          = "https://www.googleapis.com/compute/v1/projects/pagoda-discovery-platform-dev/regions/us-east1/targetHttpProxies/mpc-dev-444-leader-http-proxy" -> null
      - url_map            = "https://www.googleapis.com/compute/v1/projects/pagoda-discovery-platform-dev/regions/us-east1/urlMaps/mpc-dev-444-leader-url-map" -> null
    }

  # module.mpc-leader-lb.google_compute_region_url_map.default will be destroyed
  - resource "google_compute_region_url_map" "default" {
      - creation_timestamp = "2024-01-31T13:18:37.554-08:00" -> null
      - default_service    = "https://www.googleapis.com/compute/v1/projects/pagoda-discovery-platform-dev/regions/us-east1/backendServices/mpc-dev-444-leader-backend-service" -> null
      - fingerprint        = "xQ7HRPL7PY0=" -> null
      - id                 = "projects/pagoda-discovery-platform-dev/regions/us-east1/urlMaps/mpc-dev-444-leader-url-map" -> null
      - map_id             = 2448377970291050500 -> null
      - name               = "mpc-dev-444-leader-url-map" -> null
      - project            = "pagoda-discovery-platform-dev" -> null
      - region             = "us-east1" -> null
      - self_link          = "https://www.googleapis.com/compute/v1/projects/pagoda-discovery-platform-dev/regions/us-east1/urlMaps/mpc-dev-444-leader-url-map" -> null
    }

  # module.signer[0].google_cloud_run_v2_service.signer will be destroyed
  - resource "google_cloud_run_v2_service" "signer" {
      - annotations             = {} -> null
      - conditions              = [
          - {
              - execution_reason     = ""
              - last_transition_time = "2024-02-13T00:47:39.872206Z"
              - message              = ""
              - reason               = ""
              - revision_reason      = ""
              - severity             = ""
              - state                = "CONDITION_SUCCEEDED"
              - type                 = "RoutesReady"
            },
          - {
              - execution_reason     = ""
              - last_transition_time = "2024-01-31T21:18:10.252408Z"
              - message              = ""
              - reason               = ""
              - revision_reason      = ""
              - severity             = ""
              - state                = "CONDITION_SUCCEEDED"
              - type                 = "ConfigurationsReady"
            },
        ] -> null
      - etag                    = "\"CKD4qq4GEIDZi6ED/cHJvamVjdHMvcGFnb2RhLWRpc2NvdmVyeS1wbGF0Zm9ybS1kZXYvbG9jYXRpb25zL3VzLWVhc3QxL3NlcnZpY2VzL21wYy1yZWNvdmVyeS1zaWduZXItMC1kZXYtNDQ0\"" -> null
      - generation              = "21" -> null
      - id                      = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-0-dev-444" -> null
      - ingress                 = "INGRESS_TRAFFIC_ALL" -> null
      - labels                  = {} -> null
      - latest_created_revision = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-0-dev-444/revisions/mpc-recovery-signer-0-dev-444-00021-7wv" -> null
      - latest_ready_revision   = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-0-dev-444/revisions/mpc-recovery-signer-0-dev-444-00021-7wv" -> null
      - launch_stage            = "GA" -> null
      - location                = "us-east1" -> null
      - name                    = "mpc-recovery-signer-0-dev-444" -> null
      - observed_generation     = "21" -> null
      - project                 = "pagoda-discovery-platform-dev" -> null
      - reconciling             = false -> null
      - terminal_condition      = [
          - {
              - execution_reason     = ""
              - last_transition_time = "2024-02-13T00:47:39.913682Z"
              - message              = ""
              - reason               = ""
              - revision_reason      = ""
              - severity             = ""
              - state                = "CONDITION_SUCCEEDED"
              - type                 = "Ready"
            },
        ] -> null
      - traffic_statuses        = [
          - {
              - percent  = 100
              - revision = ""
              - tag      = ""
              - type     = "TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST"
              - uri      = ""
            },
        ] -> null
      - uid                     = "8bdc8aaa-9bf6-409c-adbe-910e7118954b" -> null
      - uri                     = "https://mpc-recovery-signer-0-dev-444-7tk2cmmtcq-ue.a.run.app" -> null

      - template {
          - annotations                      = {} -> null
          - labels                           = {} -> null
          - max_instance_request_concurrency = 80 -> null
          - service_account                  = "mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
          - session_affinity                 = false -> null
          - timeout                          = "300s" -> null

          - containers {
              - args    = [
                  - "start-sign",
                ] -> null
              - command = [] -> null
              - image   = "us-east1-docker.pkg.dev/pagoda-discovery-platform-dev/mpc-recovery/mpc-recovery-dev:b865a8b21a68e7721b82c040ec2ec86585387edd" -> null

              - env {
                  - name  = "MPC_RECOVERY_WEB_PORT" -> null
                  - value = "3000" -> null
                }
              - env {
                  - name  = "MPC_RECOVERY_NODE_ID" -> null
                  - value = "0" -> null
                }
              - env {
                  - name  = "MPC_RECOVERY_GCP_PROJECT_ID" -> null
                  - value = "pagoda-discovery-platform-dev" -> null
                }
              - env {
                  - name  = "MPC_RECOVERY_ENV" -> null
                  - value = "dev-444" -> null
                }
              - env {
                  - name = "MPC_RECOVERY_CIPHER_KEY" -> null

                  - value_source {
                      - secret_key_ref {
                          - secret  = "mpc-cipher-0-dev" -> null
                          - version = "latest" -> null
                        }
                    }
                }
              - env {
                  - name = "MPC_RECOVERY_SK_SHARE" -> null

                  - value_source {
                      - secret_key_ref {
                          - secret  = "mpc-sk-share-0-dev" -> null
                          - version = "latest" -> null
                        }
                    }
                }
              - env {
                  - name  = "MPC_RECOVERY_JWT_SIGNATURE_PK_URL" -> null
                  - value = "https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com" -> null
                }
              - env {
                  - name  = "RUST_LOG" -> null
                  - value = "mpc_recovery=debug" -> null
                }

              - ports {
                  - container_port = 3000 -> null
                  - name           = "http1" -> null
                }

              - resources {
                  - cpu_idle          = false -> null
                  - limits            = {
                      - "cpu"    = "2"
                      - "memory" = "2Gi"
                    } -> null
                  - startup_cpu_boost = false -> null
                }

              - startup_probe {
                  - failure_threshold     = 1 -> null
                  - initial_delay_seconds = 0 -> null
                  - period_seconds        = 240 -> null
                  - timeout_seconds       = 240 -> null

                  - tcp_socket {
                      - port = 3000 -> null
                    }
                }
            }

          - scaling {
              - max_instance_count = 1 -> null
              - min_instance_count = 1 -> null
            }

          - vpc_access {
              - connector = "projects/pagoda-shared-infrastructure/locations/us-east1/connectors/dev-connector1" -> null
              - egress    = "PRIVATE_RANGES_ONLY" -> null
            }
        }

      - traffic {
          - percent = 100 -> null
          - type    = "TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST" -> null
        }
    }

  # module.signer[0].google_cloud_run_v2_service_iam_member.allow_all will be destroyed
  - resource "google_cloud_run_v2_service_iam_member" "allow_all" {
      - etag     = "BwYQRGu3KBg=" -> null
      - id       = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-0-dev-444/roles/run.invoker/allUsers" -> null
      - location = "us-east1" -> null
      - member   = "allUsers" -> null
      - name     = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-0-dev-444" -> null
      - project  = "pagoda-discovery-platform-dev" -> null
      - role     = "roles/run.invoker" -> null
    }

  # module.signer[1].google_cloud_run_v2_service.signer will be destroyed
  - resource "google_cloud_run_v2_service" "signer" {
      - annotations             = {} -> null
      - conditions              = [
          - {
              - execution_reason     = ""
              - last_transition_time = "2024-02-13T00:47:40.178997Z"
              - message              = ""
              - reason               = ""
              - revision_reason      = ""
              - severity             = ""
              - state                = "CONDITION_SUCCEEDED"
              - type                 = "RoutesReady"
            },
          - {
              - execution_reason     = ""
              - last_transition_time = "2024-01-31T21:18:10.205682Z"
              - message              = ""
              - reason               = ""
              - revision_reason      = ""
              - severity             = ""
              - state                = "CONDITION_SUCCEEDED"
              - type                 = "ConfigurationsReady"
            },
        ] -> null
      - etag                    = "\"CKD4qq4GEOCJm6ED/cHJvamVjdHMvcGFnb2RhLWRpc2NvdmVyeS1wbGF0Zm9ybS1kZXYvbG9jYXRpb25zL3VzLWVhc3QxL3NlcnZpY2VzL21wYy1yZWNvdmVyeS1zaWduZXItMS1kZXYtNDQ0\"" -> null
      - generation              = "21" -> null
      - id                      = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-1-dev-444" -> null
      - ingress                 = "INGRESS_TRAFFIC_ALL" -> null
      - labels                  = {} -> null
      - latest_created_revision = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-1-dev-444/revisions/mpc-recovery-signer-1-dev-444-00021-zjs" -> null
      - latest_ready_revision   = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-1-dev-444/revisions/mpc-recovery-signer-1-dev-444-00021-zjs" -> null
      - launch_stage            = "GA" -> null
      - location                = "us-east1" -> null
      - name                    = "mpc-recovery-signer-1-dev-444" -> null
      - observed_generation     = "21" -> null
      - project                 = "pagoda-discovery-platform-dev" -> null
      - reconciling             = false -> null
      - terminal_condition      = [
          - {
              - execution_reason     = ""
              - last_transition_time = "2024-02-13T00:47:40.254297Z"
              - message              = ""
              - reason               = ""
              - revision_reason      = ""
              - severity             = ""
              - state                = "CONDITION_SUCCEEDED"
              - type                 = "Ready"
            },
        ] -> null
      - traffic_statuses        = [
          - {
              - percent  = 100
              - revision = ""
              - tag      = ""
              - type     = "TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST"
              - uri      = ""
            },
        ] -> null
      - uid                     = "99faebc0-1e5f-4a88-9123-f770710b834e" -> null
      - uri                     = "https://mpc-recovery-signer-1-dev-444-7tk2cmmtcq-ue.a.run.app" -> null

      - template {
          - annotations                      = {} -> null
          - labels                           = {} -> null
          - max_instance_request_concurrency = 80 -> null
          - service_account                  = "mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
          - session_affinity                 = false -> null
          - timeout                          = "300s" -> null

          - containers {
              - args    = [
                  - "start-sign",
                ] -> null
              - command = [] -> null
              - image   = "us-east1-docker.pkg.dev/pagoda-discovery-platform-dev/mpc-recovery/mpc-recovery-dev:b865a8b21a68e7721b82c040ec2ec86585387edd" -> null

              - env {
                  - name  = "MPC_RECOVERY_WEB_PORT" -> null
                  - value = "3000" -> null
                }
              - env {
                  - name  = "MPC_RECOVERY_NODE_ID" -> null
                  - value = "1" -> null
                }
              - env {
                  - name  = "MPC_RECOVERY_GCP_PROJECT_ID" -> null
                  - value = "pagoda-discovery-platform-dev" -> null
                }
              - env {
                  - name  = "MPC_RECOVERY_ENV" -> null
                  - value = "dev-444" -> null
                }
              - env {
                  - name = "MPC_RECOVERY_CIPHER_KEY" -> null

                  - value_source {
                      - secret_key_ref {
                          - secret  = "mpc-cipher-1-dev" -> null
                          - version = "latest" -> null
                        }
                    }
                }
              - env {
                  - name = "MPC_RECOVERY_SK_SHARE" -> null

                  - value_source {
                      - secret_key_ref {
                          - secret  = "mpc-sk-share-1-dev" -> null
                          - version = "latest" -> null
                        }
                    }
                }
              - env {
                  - name  = "MPC_RECOVERY_JWT_SIGNATURE_PK_URL" -> null
                  - value = "https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com" -> null
                }
              - env {
                  - name  = "RUST_LOG" -> null
                  - value = "mpc_recovery=debug" -> null
                }

              - ports {
                  - container_port = 3000 -> null
                  - name           = "http1" -> null
                }

              - resources {
                  - cpu_idle          = false -> null
                  - limits            = {
                      - "cpu"    = "2"
                      - "memory" = "2Gi"
                    } -> null
                  - startup_cpu_boost = false -> null
                }

              - startup_probe {
                  - failure_threshold     = 1 -> null
                  - initial_delay_seconds = 0 -> null
                  - period_seconds        = 240 -> null
                  - timeout_seconds       = 240 -> null

                  - tcp_socket {
                      - port = 3000 -> null
                    }
                }
            }

          - scaling {
              - max_instance_count = 1 -> null
              - min_instance_count = 1 -> null
            }

          - vpc_access {
              - connector = "projects/pagoda-shared-infrastructure/locations/us-east1/connectors/dev-connector1" -> null
              - egress    = "PRIVATE_RANGES_ONLY" -> null
            }
        }

      - traffic {
          - percent = 100 -> null
          - type    = "TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST" -> null
        }
    }

  # module.signer[1].google_cloud_run_v2_service_iam_member.allow_all will be destroyed
  - resource "google_cloud_run_v2_service_iam_member" "allow_all" {
      - etag     = "BwYQRGu4vX4=" -> null
      - id       = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-1-dev-444/roles/run.invoker/allUsers" -> null
      - location = "us-east1" -> null
      - member   = "allUsers" -> null
      - name     = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-1-dev-444" -> null
      - project  = "pagoda-discovery-platform-dev" -> null
      - role     = "roles/run.invoker" -> null
    }

  # module.signer[2].google_cloud_run_v2_service.signer will be destroyed
  - resource "google_cloud_run_v2_service" "signer" {
      - annotations             = {} -> null
      - conditions              = [
          - {
              - execution_reason     = ""
              - last_transition_time = "2024-02-13T00:47:39.881757Z"
              - message              = ""
              - reason               = ""
              - revision_reason      = ""
              - severity             = ""
              - state                = "CONDITION_SUCCEEDED"
              - type                 = "RoutesReady"
            },
          - {
              - execution_reason     = ""
              - last_transition_time = "2024-01-31T21:18:10.256509Z"
              - message              = ""
              - reason               = ""
              - revision_reason      = ""
              - severity             = ""
              - state                = "CONDITION_SUCCEEDED"
              - type                 = "ConfigurationsReady"
            },
        ] -> null
      - etag                    = "\"CKD4qq4GEKj23aYD/cHJvamVjdHMvcGFnb2RhLWRpc2NvdmVyeS1wbGF0Zm9ybS1kZXYvbG9jYXRpb25zL3VzLWVhc3QxL3NlcnZpY2VzL21wYy1yZWNvdmVyeS1zaWduZXItMi1kZXYtNDQ0\"" -> null
      - generation              = "21" -> null
      - id                      = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-2-dev-444" -> null
      - ingress                 = "INGRESS_TRAFFIC_ALL" -> null
      - labels                  = {} -> null
      - latest_created_revision = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-2-dev-444/revisions/mpc-recovery-signer-2-dev-444-00021-vdn" -> null
      - latest_ready_revision   = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-2-dev-444/revisions/mpc-recovery-signer-2-dev-444-00021-vdn" -> null
      - launch_stage            = "GA" -> null
      - location                = "us-east1" -> null
      - name                    = "mpc-recovery-signer-2-dev-444" -> null
      - observed_generation     = "21" -> null
      - project                 = "pagoda-discovery-platform-dev" -> null
      - reconciling             = false -> null
      - terminal_condition      = [
          - {
              - execution_reason     = ""
              - last_transition_time = "2024-02-13T00:47:39.931334Z"
              - message              = ""
              - reason               = ""
              - revision_reason      = ""
              - severity             = ""
              - state                = "CONDITION_SUCCEEDED"
              - type                 = "Ready"
            },
        ] -> null
      - traffic_statuses        = [
          - {
              - percent  = 100
              - revision = ""
              - tag      = ""
              - type     = "TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST"
              - uri      = ""
            },
        ] -> null
      - uid                     = "efdaf560-383e-4412-a19f-f21f19ffe89f" -> null
      - uri                     = "https://mpc-recovery-signer-2-dev-444-7tk2cmmtcq-ue.a.run.app" -> null

      - template {
          - annotations                      = {} -> null
          - labels                           = {} -> null
          - max_instance_request_concurrency = 80 -> null
          - service_account                  = "mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com" -> null
          - session_affinity                 = false -> null
          - timeout                          = "300s" -> null

          - containers {
              - args    = [
                  - "start-sign",
                ] -> null
              - command = [] -> null
              - image   = "us-east1-docker.pkg.dev/pagoda-discovery-platform-dev/mpc-recovery/mpc-recovery-dev:b865a8b21a68e7721b82c040ec2ec86585387edd" -> null

              - env {
                  - name  = "MPC_RECOVERY_WEB_PORT" -> null
                  - value = "3000" -> null
                }
              - env {
                  - name  = "MPC_RECOVERY_NODE_ID" -> null
                  - value = "2" -> null
                }
              - env {
                  - name  = "MPC_RECOVERY_GCP_PROJECT_ID" -> null
                  - value = "pagoda-discovery-platform-dev" -> null
                }
              - env {
                  - name  = "MPC_RECOVERY_ENV" -> null
                  - value = "dev-444" -> null
                }
              - env {
                  - name = "MPC_RECOVERY_CIPHER_KEY" -> null

                  - value_source {
                      - secret_key_ref {
                          - secret  = "mpc-cipher-2-dev" -> null
                          - version = "latest" -> null
                        }
                    }
                }
              - env {
                  - name = "MPC_RECOVERY_SK_SHARE" -> null

                  - value_source {
                      - secret_key_ref {
                          - secret  = "mpc-sk-share-2-dev" -> null
                          - version = "latest" -> null
                        }
                    }
                }
              - env {
                  - name  = "MPC_RECOVERY_JWT_SIGNATURE_PK_URL" -> null
                  - value = "https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com" -> null
                }
              - env {
                  - name  = "RUST_LOG" -> null
                  - value = "mpc_recovery=debug" -> null
                }

              - ports {
                  - container_port = 3000 -> null
                  - name           = "http1" -> null
                }

              - resources {
                  - cpu_idle          = false -> null
                  - limits            = {
                      - "cpu"    = "2"
                      - "memory" = "2Gi"
                    } -> null
                  - startup_cpu_boost = false -> null
                }

              - startup_probe {
                  - failure_threshold     = 1 -> null
                  - initial_delay_seconds = 0 -> null
                  - period_seconds        = 240 -> null
                  - timeout_seconds       = 240 -> null

                  - tcp_socket {
                      - port = 3000 -> null
                    }
                }
            }

          - scaling {
              - max_instance_count = 1 -> null
              - min_instance_count = 1 -> null
            }

          - vpc_access {
              - connector = "projects/pagoda-shared-infrastructure/locations/us-east1/connectors/dev-connector1" -> null
              - egress    = "PRIVATE_RANGES_ONLY" -> null
            }
        }

      - traffic {
          - percent = 100 -> null
          - type    = "TRAFFIC_TARGET_ALLOCATION_TYPE_LATEST" -> null
        }
    }

  # module.signer[2].google_cloud_run_v2_service_iam_member.allow_all will be destroyed
  - resource "google_cloud_run_v2_service_iam_member" "allow_all" {
      - etag     = "BwYQRGu6OUk=" -> null
      - id       = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-2-dev-444/roles/run.invoker/allUsers" -> null
      - location = "us-east1" -> null
      - member   = "allUsers" -> null
      - name     = "projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-2-dev-444" -> null
      - project  = "pagoda-discovery-platform-dev" -> null
      - role     = "roles/run.invoker" -> null
    }

Plan: 0 to add, 0 to change, 24 to destroy.

Changes to Outputs:
  - leader_node = "https://mpc-recovery-leader-dev-444-7tk2cmmtcq-ue.a.run.app" -> null
google_service_account_iam_binding.serivce-account-iam: Destroying... [id=projects/pagoda-discovery-platform-dev/serviceAccounts/mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com/roles/iam.serviceAccountUser]
module.leader.google_cloud_run_v2_service_iam_member.allow_all: Destroying... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-leader-dev-444/roles/run.invoker/allUsers]
module.mpc-leader-lb.google_compute_forwarding_rule.default: Destroying... [id=projects/pagoda-discovery-platform-dev/regions/us-east1/forwardingRules/mpc-dev-444-leader-forwarding-rule]
google_project_iam_member.service-account-datastore-user: Destroying... [id=pagoda-discovery-platform-dev/roles/datastore.user/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
google_service_account_iam_binding.serivce-account-iam: Destruction complete after 4s
module.leader.google_cloud_run_v2_service_iam_member.allow_all: Destruction complete after 5s
module.leader.google_cloud_run_v2_service.leader: Destroying... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-leader-dev-444]
google_project_iam_member.service-account-datastore-user: Destruction complete after 8s
module.mpc-leader-lb.google_compute_forwarding_rule.default: Still destroying... [id=projects/pagoda-discovery-platform-dev/...les/mpc-dev-444-leader-forwarding-rule, 10s elapsed]
module.mpc-leader-lb.google_compute_forwarding_rule.default: Destruction complete after 11s
module.mpc-leader-lb.google_compute_region_target_http_proxy.default: Destroying... [id=projects/pagoda-discovery-platform-dev/regions/us-east1/targetHttpProxies/mpc-dev-444-leader-http-proxy]
module.leader.google_cloud_run_v2_service.leader: Still destroying... [id=projects/pagoda-discovery-platform-dev/...1/services/mpc-recovery-leader-dev-444, 10s elapsed]
module.leader.google_cloud_run_v2_service.leader: Destruction complete after 10s
google_secret_manager_secret_iam_member.account_creator_secret_access: Destroying... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-recovery-account-creator-sk-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
module.signer[2].google_cloud_run_v2_service_iam_member.allow_all: Destroying... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-2-dev-444/roles/run.invoker/allUsers]
module.signer[0].google_cloud_run_v2_service_iam_member.allow_all: Destroying... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-0-dev-444/roles/run.invoker/allUsers]
google_secret_manager_secret_iam_member.fast_auth_partners_secret_access: Destroying... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-fast-auth-partners-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
module.signer[1].google_cloud_run_v2_service_iam_member.allow_all: Destroying... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-1-dev-444/roles/run.invoker/allUsers]
google_secret_manager_secret_iam_member.fast_auth_partners_secret_access: Destruction complete after 4s
google_secret_manager_secret_iam_member.account_creator_secret_access: Destruction complete after 4s
module.signer[0].google_cloud_run_v2_service_iam_member.allow_all: Destruction complete after 4s
module.signer[0].google_cloud_run_v2_service.signer: Destroying... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-0-dev-444]
module.signer[1].google_cloud_run_v2_service_iam_member.allow_all: Destruction complete after 5s
module.signer[1].google_cloud_run_v2_service.signer: Destroying... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-1-dev-444]
module.signer[2].google_cloud_run_v2_service_iam_member.allow_all: Destruction complete after 5s
module.signer[2].google_cloud_run_v2_service.signer: Destroying... [id=projects/pagoda-discovery-platform-dev/locations/us-east1/services/mpc-recovery-signer-2-dev-444]
module.mpc-leader-lb.google_compute_region_target_http_proxy.default: Still destroying... [id=projects/pagoda-discovery-platform-dev/...pProxies/mpc-dev-444-leader-http-proxy, 10s elapsed]
module.mpc-leader-lb.google_compute_region_target_http_proxy.default: Destruction complete after 11s
module.mpc-leader-lb.google_compute_region_url_map.default: Destroying... [id=projects/pagoda-discovery-platform-dev/regions/us-east1/urlMaps/mpc-dev-444-leader-url-map]
module.signer[0].google_cloud_run_v2_service.signer: Still destroying... [id=projects/pagoda-discovery-platform-dev/...services/mpc-recovery-signer-0-dev-444, 10s elapsed]
module.signer[1].google_cloud_run_v2_service.signer: Still destroying... [id=projects/pagoda-discovery-platform-dev/...services/mpc-recovery-signer-1-dev-444, 10s elapsed]
module.signer[2].google_cloud_run_v2_service.signer: Still destroying... [id=projects/pagoda-discovery-platform-dev/...services/mpc-recovery-signer-2-dev-444, 10s elapsed]
module.signer[0].google_cloud_run_v2_service.signer: Destruction complete after 11s
module.signer[1].google_cloud_run_v2_service.signer: Destruction complete after 10s
module.signer[2].google_cloud_run_v2_service.signer: Destruction complete after 10s
google_secret_manager_secret_iam_member.secret_share_secret_access[0]: Destroying... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-sk-share-0-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
google_secret_manager_secret_iam_member.cipher_key_secret_access[2]: Destroying... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-cipher-2-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
google_secret_manager_secret_iam_member.secret_share_secret_access[1]: Destroying... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-sk-share-1-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
google_secret_manager_secret_iam_member.secret_share_secret_access[2]: Destroying... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-sk-share-2-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
google_secret_manager_secret_iam_member.cipher_key_secret_access[1]: Destroying... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-cipher-1-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
google_secret_manager_secret_iam_member.cipher_key_secret_access[0]: Destroying... [id=projects/pagoda-discovery-platform-dev/secrets/mpc-cipher-0-dev/roles/secretmanager.secretAccessor/serviceAccount:mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
module.mpc-leader-lb.google_compute_region_url_map.default: Still destroying... [id=projects/pagoda-discovery-platform-dev/...st1/urlMaps/mpc-dev-444-leader-url-map, 10s elapsed]
module.mpc-leader-lb.google_compute_region_url_map.default: Destruction complete after 10s
module.mpc-leader-lb.google_compute_region_backend_service.default: Destroying... [id=projects/pagoda-discovery-platform-dev/regions/us-east1/backendServices/mpc-dev-444-leader-backend-service]
google_secret_manager_secret_iam_member.secret_share_secret_access[0]: Destruction complete after 4s
google_secret_manager_secret_iam_member.secret_share_secret_access[2]: Destruction complete after 4s
google_secret_manager_secret_iam_member.secret_share_secret_access[1]: Destruction complete after 4s
google_secret_manager_secret_iam_member.cipher_key_secret_access[1]: Destruction complete after 4s
google_secret_manager_secret_iam_member.cipher_key_secret_access[0]: Destruction complete after 4s
google_secret_manager_secret_iam_member.cipher_key_secret_access[2]: Destruction complete after 4s
google_service_account.service_account: Destroying... [id=projects/pagoda-discovery-platform-dev/serviceAccounts/mpc-recovery-dev-444@pagoda-discovery-platform-dev.iam.gserviceaccount.com]
google_service_account.service_account: Destruction complete after 0s
module.mpc-leader-lb.google_compute_region_backend_service.default: Still destroying... [id=projects/pagoda-discovery-platform-dev/...ces/mpc-dev-444-leader-backend-service, 10s elapsed]
module.mpc-leader-lb.google_compute_region_backend_service.default: Destruction complete after 11s
module.mpc-leader-lb.google_compute_region_network_endpoint_group.default_neg: Destroying... [id=projects/pagoda-discovery-platform-dev/regions/us-east1/networkEndpointGroups/mpc-dev-444-leader-neg]
module.mpc-leader-lb.google_compute_region_network_endpoint_group.default_neg: Still destroying... [id=projects/pagoda-discovery-platform-dev/...kEndpointGroups/mpc-dev-444-leader-neg, 10s elapsed]
module.mpc-leader-lb.google_compute_region_network_endpoint_group.default_neg: Destruction complete after 11s

Destroy complete! Resources: 24 destroyed.

Pusher: @volovyks, Action: pull_request, Working Directory: ``, Workflow: Terraform Feature Env (Destroy)

@ChaoticTempest ChaoticTempest deleted the xiangyi/big_table branch February 13, 2024 16:38
@ChaoticTempest ChaoticTempest mentioned this pull request May 25, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ChaoticTempest ChaoticTempest ChaoticTempest approved these changes

@volovyks volovyks volovyks left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Pick a persistent storage solution (let's **not** use Google Datastore this time though)
3 participants
@ppca @volovyks @ChaoticTempest