Create DAppNode Anchor package #1
Conversation
operator/entrypoint.sh
Outdated
| # If Import Operator setup mode is selected, use the --password-file flag to decrypt the private key | ||
| if [ "${SETUP_MODE}" = "Import Operator" ]; then | ||
| PASSWORD_FILE_PATH="/root/.anchor/password.txt" | ||
| EXTRA_OPTS=$(add_flag_to_extra_opts_safely "${EXTRA_OPTS}" "--password-file=${PASSWORD_FILE_PATH}") |
There was a problem hiding this comment.
Extra options should be left empty as it is variable we usually reserve for user to add their own flags.
There was a problem hiding this comment.
So I am following how the Lighthouse package is doing:
https://github.com/dappnode/DAppNodePackage-lighthouse-generic/blob/7edd60a27ccbfbe6311e9dc5880996c29797302b/validator/entrypoint.sh#L16-L21
I tested that it works, like if I go to the config later to add extra flags in EXTRA_OPTS (e.g., --target-peers 10), then the flag will get added, together with --password-file if Import Operator is selected.
Is this the wrong way to add extra flag?
There was a problem hiding this comment.
Nothing inherently wrong with it, it can be set to something without any issue, it is just worth nothing that then it allows user to change and remove that flag. Whether that should be allowed or not, it's a design option.
We have usually preferred to leave that empty as it passes arguments without any validation and make configuration options through dedicated environment variables.
| @@ -0,0 +1,52 @@ | |||
| version: "2" | |||
| fields: | |||
| - id: setup-mode | |||
There was a problem hiding this comment.
I see that this env is checked only if it is "Import operator". Does Anchor create keys automatically in the other case? If not, this can be either removed, or note can be put in description that only importing is currently supported.
There was a problem hiding this comment.
Does Anchor create keys automatically in the other case
Yes, if select New Operator, Anchor will automatically create the key, I have written a short guide in the Readme file in this case (though I am not sure if that's the best way to do in this case, pending reviews from Anchor team)
anchor node on its own without an existing key will create a new pair of unencrypted key
anchor keygen can create encrypted key but it's not included in this package yet, just wanted to get some feedback on its current form and see where to go next
There was a problem hiding this comment.
That's completely fine, however there needs to be way then to retrieve that private key from the package. Take a look at this. SSV package's implementation is here.
Retrieval of encrypted key and password file would be also nice. Also, one thing to consider is should password be passed as password file, or would it be more convenient to pass it as environment variable. Convenient from user perspective.
Co-authored-by: 3alpha <lg@shardlabs.io>
…AppNodePackage-Anchor into create-Anchor-package
This is the PR to create a DAppNode package for Anchor. It currently only has
anchor nodeability to run a SSV node. It supports importing an existing encrypted private key. Tested and the package is able to start Anchor and use the imported key successfully. However I am sure there are still some fine details/bugs that can be tuned/improved.