diff --git a/stack_orchestrator/deploy/webapp/deploy_webapp_from_registry.py b/stack_orchestrator/deploy/webapp/deploy_webapp_from_registry.py index 810590c9..7fa2e255 100644 --- a/stack_orchestrator/deploy/webapp/deploy_webapp_from_registry.py +++ b/stack_orchestrator/deploy/webapp/deploy_webapp_from_registry.py @@ -33,6 +33,7 @@ from stack_orchestrator.deploy.webapp.util import ( LaconicRegistryClient, TimedLogger, build_container_image, + confirm_auction, push_container_image, file_hash, deploy_to_k8s, @@ -585,23 +586,20 @@ def command( # noqa: C901 requests_to_execute = [] for r in requests_to_check_for_payment: - # Check if auction id is set if r.attributes.auction: if auction_requests: - # Check if the deployer payment address is an auction winner - auction_id = r.attributes.auction - auction = laconic.get_auction(auction_id) - if not auction: - main_logger.log( - f"Skipping request {r.id}: unable to locate auction: {auction_id}" - ) - dump_known_requests(state_file, [r], status="SKIP") - elif payment_address in auction.winnerAddresses: - main_logger.log(f"{r.id}: auction winnner address confirmed.") + if confirm_auction( + laconic, + r, + lrn, + payment_address, + main_logger + ): + main_logger.log(f"{r.id}: Auction confirmed.") requests_to_execute.append(r) else: main_logger.log( - f"Skipping request {r.id}: deployer payment address not found in auction winners." + f"Skipping request {r.id}: unable to verify auction." ) dump_known_requests(state_file, [r], status="SKIP") else: diff --git a/stack_orchestrator/deploy/webapp/request_webapp_deployment.py b/stack_orchestrator/deploy/webapp/request_webapp_deployment.py index 88ab4f6f..4cd6e046 100644 --- a/stack_orchestrator/deploy/webapp/request_webapp_deployment.py +++ b/stack_orchestrator/deploy/webapp/request_webapp_deployment.py @@ -112,6 +112,10 @@ def command( # noqa: C901 if not auction: fatal(f"Unable to locate auction: {auction_id}") + # Check auction owner + if auction.ownerAddress != laconic.whoami().address: + fatal(f"Auction owner mismatch") + # Check auction kind if auction.kind != AUCTION_KIND_PROVIDER: fatal(f"Auction kind needs to be ${AUCTION_KIND_PROVIDER}, got {auction.kind}") diff --git a/stack_orchestrator/deploy/webapp/util.py b/stack_orchestrator/deploy/webapp/util.py index 32013048..8a4f321a 100644 --- a/stack_orchestrator/deploy/webapp/util.py +++ b/stack_orchestrator/deploy/webapp/util.py @@ -752,12 +752,15 @@ def publish_deployment( }, } } + if app_deployment_request: new_deployment_record["record"]["request"] = app_deployment_request.id - if app_deployment_request.attributes.payment: - new_deployment_record["record"][ - "payment" - ] = app_deployment_request.attributes.payment + + # Set auction or payment id from request + if app_deployment_request.attributes.auction: + new_deployment_record["record"]["auction"] = app_deployment_request.attributes.auction + elif app_deployment_request.attributes.payment: + new_deployment_record["record"]["payment"] = app_deployment_request.attributes.payment if webapp_deployer_record: new_deployment_record["record"]["deployer"] = webapp_deployer_record.names[0] @@ -873,3 +876,25 @@ def confirm_payment(laconic: LaconicRegistryClient, record, payment_address, min return False return True + + +def confirm_auction(laconic: LaconicRegistryClient, record, deployer_lrn, payment_address, logger): + auction_id = record.attributes.auction + auction = laconic.get_auction(auction_id) + + if not auction: + logger.log(f"{record.id}: unable to locate auction {auction_id}") + return False + + # Check if the deployer payment address is in auction winners list + if payment_address not in auction.winnerAddresses: + logger.log(f"{record.id}: deployer payment address not in auction winners.") + return False + + # Check if the auction was already used on a deployment + used = laconic.app_deployments({"deployer": deployer_lrn, "auction": auction_id}, all=True) + if len(used): + logger.log(f"{record.id}: auction {auction_id} already used on deployment {used}") + return False + + return True