Merge pull request #6 from ObolNetwork/luke/feedback-items

Encorporate feedback for ansible charts

.github/pull_request_template.md

@@ -0,0 +1,14 @@
+<!-- 🎉🚀 Thanks for submitting a PR!
+📐 Format this PR template as follows:
+   - 1️⃣ PR title (above): concise overview
+   - 2️⃣ PR body: Replace 'body...' with detailed description of the change.
+   - 3️⃣️ ticket: Replace #000 with link to a GitHub issue (or 'none' if PR is trivial).
+   - 🌱 Starting with an issue, outlining the problem and proposed solution, is highly encouraged.
+   - 🧪 Make sure you completed all tests and satisfied acceptance specified in the issue, if any.
+   - 📘 Make sure you have made any necessary documentation changes
+   - 🐘🐁 We do trunk based development; small PRs on stable main branch.
+💀 Delete these instructions
+-->
+body...
+
+ticket: #000

.github/workflows/add-issue-to-project.yaml

@@ -0,0 +1,22 @@
+# This is a basic workflow adding every issue in this repo to the Obol Project Management Board.
+name: Add Issue To Project
+
+# Controls when the workflow will run - new issues
+on:
+  issues:
+    types:
+      - opened
+
+# This workflow contains a single job called "build"
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    # Steps
+    steps:
+      - name: Add Issue To Project
+        uses: actions/[email protected]
+        with:
+          # URL of the project to add issues to
+          project-url: https://github.com/orgs/ObolNetwork/projects/7
+          # A GitHub personal access token with write access to the project, need org admin's token with repo and project permissions, need to store the token outside the script if public
+          github-token: ${{ secrets.GH_ORG_ADMIN_SECRET }}

.github/workflows/label-issue.yaml

@@ -0,0 +1,21 @@
+name: Label issues
+on:
+  issues:
+    types:
+      - reopened
+      - opened
+jobs:
+  label_issues:
+    runs-on: ubuntu-latest
+    permissions:
+      issues: write
+    steps:
+      - uses: actions/github-script@v6
+        with:
+          script: |
+            github.rest.issues.addLabels({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              labels: ["ansible", "platform"]
+            })

.github/workflows/pre-commit.yaml

@@ -0,0 +1,18 @@
+name: ansible-lint
+on:
+  pull_request:
+  push:
+    branches:
+      - main
+jobs:
+  build:
+    name: Ansible Lint
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+
+      - name: Run ansible-lint
+        uses: ansible/ansible-lint-action@v6

.gitignore

@@ -0,0 +1 @@
+*.pem

.pre-commit-config.yaml

@@ -0,0 +1,5 @@
+- repo: https://github.com/ansible-community/ansible-lint.git
+  rev: v6.15.0
+  hooks:
+    - id: ansible-lint
+      files: \.(yaml|yml)$

CODEOWNERS

@@ -0,0 +1,4 @@
+# This file sets up the designated owners of the infrastructure repo. 
+# All PR's will require a review from a member of the codeowners team.
+
+* @ObolNetwork/platform

README.md

@@ -5,8 +5,8 @@ Obol's Ansible Playbooks
 
 ## Available playbooks
 
-- [`charon-node`](charon-node.yml)
-- [`charon-cluster`](charon-cluster.yml)
+- [`charon_node`](charon_node.yml)
+- [`charon_cluster`](charon_cluster.yml)
 
 ## Before you begin
 
@@ -68,6 +68,14 @@ You have the followin charon artifacts generated locally under a .charon folder
 - nodeX/charon-enr-private-key
 - nodeX/cluster-lock
 
+### Install dependancies
+
+Install the dependant ansible packages by running:
+
+```
+ansible-galaxy install -r requirements.yml
+```
+
 ### Run the role
 
 ```

charon-cluster.yml

@@ -13,5 +13,5 @@
       changed_when: docker_valid != 0
 
   roles:
-    - docker-install
-    - charon-cluster
+    - docker_install
+    - charon_cluster

charon-node.yml

@@ -15,6 +15,6 @@
   roles:
     - name: Install Docker
       when: docker_valid.failed
-      role: docker-install
+      role: docker_install
     - name: Setup and run charon-node
-      role: charon-node
+      role: charon_node

group_vars/all.yml

@@ -7,92 +7,91 @@ node_index: '0'
 
 ## Charon command line options
 ## ref: https://docs.obol.tech/docs/charon/charon_cli_reference
-node_config:
-  # -- The path to the validator keys folder. (default ".charon/validator_keys/")
-  validator_keys_dir: '.charon/validator_keys'
+# -- The path to the validator keys folder. (default ".charon/validator_keys/")
+validator_keys_dir: '.charon/validator_keys'
 
-  # -- The path to the charon enr private key file. (default ".charon/charon-enr-private-key")
-  private_key_file: '.charon/charon-enr-private-key'
+# -- The path to the charon enr private key file. (default ".charon/charon-enr-private-key")
+private_key_file: '.charon/charon-enr-private-key'
 
-  # -- The path to the cluster lock file defining distributed validator cluster. (default ".charon/cluster-lock.json")
-  lock_file: './.charon/cluster-lock.json'
+# -- The path to the cluster lock file defining distributed validator cluster. (default ".charon/cluster-lock.json")
+lock_file: './.charon/cluster-lock.json'
 
-  # -- Comma separated list of one or more beacon node endpoint URLs.
-  beacon_node_endpoints: "{{ undef(hint='You must specify your beacon node endpoints') }}"
+# -- Comma separated list of one or more beacon node endpoint URLs.
+beacon_node_endpoints: "{{ undef(hint='You must specify your beacon node endpoints') }}"
 
-  # -- Enables the builder api. Will only produce builder blocks. Builder API must also be enabled on the validator client.
-  # Beacon node must be connected to a builder-relay to access the builder network.
-  builder_api: ''
+# -- Enables the builder api. Will only produce builder blocks. Builder API must also be enabled on the validator client.
+# Beacon node must be connected to a builder-relay to access the builder network.
+builder_api: ''
 
-  # -- Minimum feature set to enable by default: alpha, beta, or stable. Warning: modify at own risk. (default "stable")
-  feature_set: 'stable'
+# -- Minimum feature set to enable by default: alpha, beta, or stable. Warning: modify at own risk. (default "stable")
+feature_set: 'stable'
 
-  # -- Comma-separated list of features to disable, overriding the default minimum feature set.
-  feature_set_disable: ''
+# -- Comma-separated list of features to disable, overriding the default minimum feature set.
+feature_set_disable: ''
 
-  # -- Comma-separated list of features to enable, overriding the default minimum feature set.
-  feature_set_enable: ''
+# -- Comma-separated list of features to enable, overriding the default minimum feature set.
+feature_set_enable: ''
 
-  # -- Listening address for jaeger tracing.
-  jaeger_address: 'jaeger:6831'
+# -- Listening address for jaeger tracing.
+jaeger_address: 'jaeger:6831'
 
-  # -- Service name used for jaeger tracing. (default "charon")
-  jaeger_service: 'charon'
+# -- Service name used for jaeger tracing. (default "charon")
+jaeger_service: 'charon'
 
-  # -- Log format; console, logfmt or json (default "console")
-  log_format: 'json'
+# -- Log format; console, logfmt or json (default "console")
+log_format: 'json'
 
-  # -- Log level; debug, info, warn or error (default "info")
-  log_level: 'info'
+# -- Log level; debug, info, warn or error (default "info")
+log_level: 'info'
 
-  # -- Enables sending of logfmt structured logs to these Loki log aggregation server addresses. This is in addition to normal
-  # stderr logs.
-  loki_addresses: ''
+# -- Enables sending of logfmt structured logs to these Loki log aggregation server addresses. This is in addition to normal
+# stderr logs.
+loki_addresses: ''
 
-  # -- Service label sent with logs to Loki. (default "charon")
-  loki_service: 'charon'
+# -- Service label sent with logs to Loki. (default "charon")
+loki_service: 'charon'
 
-  # -- Listening address (ip and port) for the monitoring API (prometheus, pprof). (default "127.0.0.1:3620")
-  monitoring_address: '0.0.0.0:3620'
+# -- Listening address (ip and port) for the monitoring API (prometheus, pprof). (default "127.0.0.1:3620")
+monitoring_address: '0.0.0.0:3620'
 
-  # -- Disables cluster definition and lock file verification.
-  no_verify: 'false'
+# -- Disables cluster definition and lock file verification.
+no_verify: 'false'
 
-  # -- Comma-separated list of CIDR subnets for allowing only certain peer connections. Example: 192.168.0.0/16 would permit
-  # connections to peers on your local network only. The default is to accept all connections.
-  p2p_allowlist: ''
+# -- Comma-separated list of CIDR subnets for allowing only certain peer connections. Example: 192.168.0.0/16 would permit
+# connections to peers on your local network only. The default is to accept all connections.
+p2p_allowlist: ''
 
-  # -- Comma-separated list of CIDR subnets for disallowing certain peer connections. Example: 192.168.0.0/16 would disallow
-  # connections to peers on your local network. The default is to accept all connections.
-  p2p_denylist: ''
+# -- Comma-separated list of CIDR subnets for disallowing certain peer connections. Example: 192.168.0.0/16 would disallow
+# connections to peers on your local network. The default is to accept all connections.
+p2p_denylist: ''
 
-  # -- Disables TCP port reuse for outgoing libp2p connections.
-  p2p_disable_reuseport: ''
+# -- Disables TCP port reuse for outgoing libp2p connections.
+p2p_disable_reuseport: ''
 
-  # -- The DNS hostname advertised by libp2p. This may be used to advertise an external DNS.
-  p2p_external_hostname: ''
+# -- The DNS hostname advertised by libp2p. This may be used to advertise an external DNS.
+p2p_external_hostname: ''
 
-  # -- The IP address advertised by libp2p. This may be used to advertise an external IP.
-  p2p_external_ip: ''
+# -- The IP address advertised by libp2p. This may be used to advertise an external IP.
+p2p_external_ip: ''
 
-  # -- Comma-separated list of libp2p relay URLs or multiaddrs. (default [https://0.relay.obol.tech/enr,http://bootnode.lb.gcp.obol.tech:3640/enr])
-  p2p_relays: 'https://0.relay.obol.tech/enr,http://bootnode.lb.gcp.obol.tech:3640/enr'
+# -- Comma-separated list of libp2p relay URLs or multiaddrs. (default [https://0.relay.obol.tech/enr,http://bootnode.lb.gcp.obol.tech:3640/enr])
+p2p_relays: 'https://0.relay.obol.tech/enr,http://bootnode.lb.gcp.obol.tech:3640/enr'
 
-  # -- Comma-separated list of listening TCP addresses (ip and port) for libP2P traffic. Empty default doesn't bind to local port
-  # therefore only supports outgoing connections.
-  p2p_tcp_address: '0.0.0.0:3610'
+# -- Comma-separated list of listening TCP addresses (ip and port) for libP2P traffic. Empty default doesn't bind to local port
+# therefore only supports outgoing connections.
+p2p_tcp_address: '0.0.0.0:3610'
 
-  # -- Enables an internal mock beacon node for running a simnet.
-  simnet_beacon_mock: ''
+# -- Enables an internal mock beacon node for running a simnet.
+simnet_beacon_mock: ''
 
-  # -- The directory containing the simnet validator key shares. (default ".charon/validator_keys")
-  simnet_validator_keys_dir: ''
+# -- The directory containing the simnet validator key shares. (default ".charon/validator_keys")
+simnet_validator_keys_dir: ''
 
-  # -- Enables an internal mock validator client when running a simnet. Requires simnet-beacon-mock.
-  simnet_validator_mock: ''
+# -- Enables an internal mock validator client when running a simnet. Requires simnet-beacon-mock.
+simnet_validator_mock: ''
 
-  # -- Enables additional synthetic block proposal duties. Used for testing of rare duties.
-  synthetic_block_proposals: ''
+# -- Enables additional synthetic block proposal duties. Used for testing of rare duties.
+synthetic_block_proposals: ''
 
-  # -- Listening address (ip and port) for validator-facing traffic proxying the beacon-node API. (default "127.0.0.1:3600")
-  validator_api_address: '0.0.0.0:3600'
+# -- Listening address (ip and port) for validator-facing traffic proxying the beacon-node API. (default "127.0.0.1:3600")
+validator_api_address: '0.0.0.0:3600'

requirements.yml

@@ -0,0 +1,2 @@
+collections:
+  - name: community.docker