UNPKG

@fairmint/canton-node-sdk

Version:

Canton Node SDK

sdk.canton.fairmint.com

Fairmint/canton-node-sdk

85 lines (66 loc) 3.38 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
# Variables relevant only for local dev (and not for CI) should go here. Anything required also in CI should be in .envrc.vars instead. use_flake_subdir() { # Newer versions of direnv have watch_dir but the ancient version in # Ubuntu does not so we just manually watch all (git-tracked) files. for file in $(git ls-files nix); do watch_file $file done mkdir -p "$(direnv_layout_dir)" if [ -z "$ARTIFACTORY_PASSWORD" ] || [ "${OSS_ONLY:-}" == 1 ] || [ "${OSS_ONLY:-}" == "true" ]; then eval "$(nix print-dev-env --profile "$(direnv_layout_dir)/flake-profile" "path:nix#oss" "$@")" else eval "$(nix print-dev-env --profile "$(direnv_layout_dir)/flake-profile" "path:nix" "$@")" fi } # Private .envrc [[ -f .envrc.private ]] && [[ -z "$IGNORE_PRIVATE_ENVRC" ]] && source_env .envrc.private || true # TODO(DACH-NY/canton-network-node#3876) work around for $TMPDIR is removed. #3876 to investigate more OLD_TMPDIR=${TMPDIR-unset} use flake_subdir # TODO(DACH-NY/canton-network-node#3876) work around for $TMPDIR is removed. #3876 to investigate more [ $OLD_TMPDIR != "unset" ] && export TMPDIR=$OLD_TMPDIR source_env .envrc.vars source "${TOOLS_LIB}/libcli.source" source_env .envrc.validate export ENTERPRISE_ARTIFACTORY_DOCKER_REGISTRY=digitalasset-canton-enterprise-docker.jfrog.io # Configure docker access for cluster and integration tests ## Read current credentials function read_docker_creds() { local repo="$1" local cred_helper=$(cat ~/.docker/config.json | jq -r ".credHelpers.\"$repo\" // .credsStore" ) if [[ -z "$cred_helper" || "$cred_helper" == "null" ]]; then # read the credentials directly from config.json echo $(cat ~/.docker/config.json | jq -r ".auths.\"$repo\".auth" | base64 -d) else # read the credentials using the credential helper echo $(echo $repo | docker-credential-$cred_helper get | jq -r '(.Username + ":" + .Secret)' 2>/dev/null) fi } function check_docker_creds() { local docker_creds="$1" [[ -z "$docker_creds" || "$docker_creds" == "null" || "$docker_creds" != "$ARTIFACTORY_USER:$ARTIFACTORY_PASSWORD" ]] && \ ## And artifactory user and password are set [[ -n "$ARTIFACTORY_USER" && -n "$ARTIFACTORY_PASSWORD" ]] } function check_docker_creds_ghcr() { local docker_creds="$1" [[ -z "$docker_creds" || "$docker_creds" == "null" || "$docker_creds" != "$GH_USER:$GH_TOKEN" ]] && \ [[ -n "$GH_USER" && -n "$GH_TOKEN" ]] } DOCKER_CREDS=$(read_docker_creds "$GHCR") if check_docker_creds_ghcr "$DOCKER_CREDS"; then echo "Logging into $GHCR" echo $GH_TOKEN | docker login "$GHCR" -u "$GH_USER" --password-stdin fi DOCKER_CREDS=$(read_docker_creds "$ENTERPRISE_ARTIFACTORY_DOCKER_REGISTRY") if check_docker_creds "$DOCKER_CREDS"; then echo "Logging into $ENTERPRISE_ARTIFACTORY_DOCKER_REGISTRY" echo $ARTIFACTORY_PASSWORD | docker login "$ENTERPRISE_ARTIFACTORY_DOCKER_REGISTRY" -u "$ARTIFACTORY_USER" --password-stdin fi # re-export CIRCLECI_TOKEN (which we use in many places) as CIRCLECI_CLI_TOKEN (which `circleci` cli tool picks up) export CIRCLECI_CLI_TOKEN="${CIRCLECI_TOKEN}" # Do not tag local docker images with a git commit to simplify referencing these images from helm charts export SPLICECLUSTER_STATIC_DIRTY_VERSION=1 # ensure the logs directory exists mkdir -p $LOGS_PATH export K9S_CONFIG_DIR=$SPLICE_ROOT/.k9s