From b345fb2ceadcb92570b3604be53cdbda8e8d078e Mon Sep 17 00:00:00 2001 From: Shreerang Kale Date: Tue, 10 Jun 2025 16:56:14 +0530 Subject: [PATCH] Add initial TMKMS stack --- .../compose/docker-compose-tmkms.yml | 10 ++++ stack-orchestrator/config/tmkms/run.sh | 12 ++++ .../container-build/tmkms/Dockerfile | 56 +++++++++++++++++++ .../container-build/tmkms/build.sh | 9 +++ stack-orchestrator/stacks/tmkms/stack.yml | 9 +++ 5 files changed, 96 insertions(+) create mode 100644 stack-orchestrator/compose/docker-compose-tmkms.yml create mode 100755 stack-orchestrator/config/tmkms/run.sh create mode 100644 stack-orchestrator/container-build/tmkms/Dockerfile create mode 100755 stack-orchestrator/container-build/tmkms/build.sh create mode 100644 stack-orchestrator/stacks/tmkms/stack.yml diff --git a/stack-orchestrator/compose/docker-compose-tmkms.yml b/stack-orchestrator/compose/docker-compose-tmkms.yml new file mode 100644 index 0000000..ed15609 --- /dev/null +++ b/stack-orchestrator/compose/docker-compose-tmkms.yml @@ -0,0 +1,10 @@ +services: + tmkms: + restart: unless-stopped + image: cerc/tmkms:local + command: ["bash", "-c", "/opt/run.sh"] + volumes: + - ./tmkms:/root + - ../config/tmkms/run.sh:/opt/run.sh + ports: + - "26659" diff --git a/stack-orchestrator/config/tmkms/run.sh b/stack-orchestrator/config/tmkms/run.sh new file mode 100755 index 0000000..45a016a --- /dev/null +++ b/stack-orchestrator/config/tmkms/run.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +if [[ -n "$CERC_SCRIPT_DEBUG" ]]; then + set -x +fi + +set -e + +TMKMS_HOME=/root/.tmkms + +echo "Starting tmkms..." +tmkms start --config $TMKMS_HOME/tmkms.toml diff --git a/stack-orchestrator/container-build/tmkms/Dockerfile b/stack-orchestrator/container-build/tmkms/Dockerfile new file mode 100644 index 0000000..ccd1473 --- /dev/null +++ b/stack-orchestrator/container-build/tmkms/Dockerfile @@ -0,0 +1,56 @@ +# -------- Stage 1: Build -------- +FROM debian:bookworm-slim AS builder + +ARG BACKEND=softsign +ARG VERSION=main + +# Install build dependencies +RUN apt-get update && \ + DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ + build-essential \ + clang \ + curl \ + git \ + pkg-config \ + libsodium-dev \ + libssl-dev \ + ca-certificates && \ + apt-get clean && rm -rf /var/lib/apt/lists/* + +# Create non-root user +RUN useradd -m builder +USER builder +WORKDIR /home/builder + +ENV PATH="/home/builder/.cargo/bin:$PATH" + +# Install Rust +RUN curl https://sh.rustup.rs -sSf | sh -s -- -y && \ + rustup component add rustfmt clippy + +# Clone and build TMKMS +RUN git clone --depth 1 --branch ${VERSION} https://github.com/iqlusioninc/tmkms.git && \ + cd tmkms && \ + cargo build --release --features=${BACKEND} + +# -------- Stage 2: Runtime -------- +FROM debian:bookworm-slim + +# Install runtime dependencies only +RUN apt-get update && \ + DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ + libssl3 \ + libsodium23 \ + ca-certificates && \ + apt-get clean && rm -rf /var/lib/apt/lists/* + +# Copy compiled binary +COPY --from=builder /home/builder/tmkms/target/release/tmkms /usr/local/bin/tmkms + +# Create runtime user +RUN useradd -m tmkmsuser +USER tmkmsuser +WORKDIR /home/tmkmsuser + +# Default command, override with `docker run ... bash` etc. +CMD ["tmkms"] diff --git a/stack-orchestrator/container-build/tmkms/build.sh b/stack-orchestrator/container-build/tmkms/build.sh new file mode 100755 index 0000000..e929727 --- /dev/null +++ b/stack-orchestrator/container-build/tmkms/build.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env bash + +# Build cerc/tmkms +source ${CERC_CONTAINER_BASE_DIR}/build-base.sh + +# See: https://stackoverflow.com/a/246128/1701505 +SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) + +docker build -t cerc/tmkms:local ${build_command_args} -f ${SCRIPT_DIR}/Dockerfile ${CERC_REPO_BASE_DIR}/tmkms diff --git a/stack-orchestrator/stacks/tmkms/stack.yml b/stack-orchestrator/stacks/tmkms/stack.yml new file mode 100644 index 0000000..f254a19 --- /dev/null +++ b/stack-orchestrator/stacks/tmkms/stack.yml @@ -0,0 +1,9 @@ +version: "1.0" +name: tmkms +description: "TMKMS for signing consensus messages" +repos: + - https://github.com/iqlusioninc/tmkms.git@v0.14.0 +containers: + - cerc/tmkms +pods: + - tmkms