Work around this bug: https://github.com/python/cpython/pull/14064 (#941)

Otherwise we sometimes see errors like:

```
cerc-webapp-deployer:   File "/root/.shiv/laconic-so_0f937aa98c2748ef9af8585d6f441dbc01546ace0d6660cbb159d1e5040aeddf/site-packages/stack_orchestrator/deploy/webapp/deploy_webapp_from_registry.py", line 671, in command
cerc-webapp-deployer:     shutil.rmtree(tempdir)
cerc-webapp-deployer:   File "/usr/lib/python3.10/shutil.py", line 725, in rmtree
cerc-webapp-deployer:     _rmtree_safe_fd(fd, path, onerror)
cerc-webapp-deployer:   File "/usr/lib/python3.10/shutil.py", line 681, in _rmtree_safe_fd
cerc-webapp-deployer:     onerror(os.unlink, fullname, sys.exc_info())
cerc-webapp-deployer:   File "/usr/lib/python3.10/shutil.py", line 679, in _rmtree_safe_fd
cerc-webapp-deployer:     os.unlink(entry.name, dir_fd=topfd)
cerc-webapp-deployer: FileNotFoundError: [Errno 2] No such file or directory: 'S.gpg-agent.extra'
```

Reviewed-on: #941
Co-authored-by: Thomas E Lackey <telackey@bozemanpass.com>
Co-committed-by: Thomas E Lackey <telackey@bozemanpass.com>

.gitea/workflows/test-k8s-deployment-control.yml

@@ -0,0 +1,69 @@
+name: K8s Deployment Control Test
+
+on:
+  pull_request:
+    branches: '*'
+  push:
+    branches: '*'
+    paths:
+      - '!**'
+      - '.gitea/workflows/triggers/test-k8s-deployment-control'
+      - '.gitea/workflows/test-k8s-deployment-control.yml'
+      - 'tests/k8s-deployment-control/run-test.sh'
+  schedule: # Note: coordinate with other tests to not overload runners at the same time of day
+    - cron: '3 30 * * *'
+
+jobs:
+  test:
+    name: "Run deployment control suite on kind/k8s"
+    runs-on: ubuntu-22.04
+    steps:
+      - name: "Clone project repository"
+        uses: actions/checkout@v3
+      # At present the stock setup-python action fails on Linux/aarch64
+      # Conditional steps below workaroud this by using deadsnakes for that case only
+      - name: "Install Python for ARM on Linux"
+        if: ${{ runner.arch == 'arm64' && runner.os == 'Linux' }}
+        uses: deadsnakes/action@v3.0.1
+        with:
+          python-version: '3.8'
+      - name: "Install Python cases other than ARM on Linux"
+        if: ${{ ! (runner.arch == 'arm64' && runner.os == 'Linux') }}
+        uses: actions/setup-python@v4
+        with:
+          python-version: '3.8'
+      - name: "Print Python version"
+        run: python3 --version
+      - name: "Install shiv"
+        run: pip install shiv
+      - name: "Generate build version file"
+        run: ./scripts/create_build_tag_file.sh
+      - name: "Build local shiv package"
+        run: ./scripts/build_shiv_package.sh
+      - name: "Check cgroups version"
+        run: mount | grep cgroup
+      - name: "Install kind"
+        run: ./tests/scripts/install-kind.sh
+      - name: "Install Kubectl"
+        run: ./tests/scripts/install-kubectl.sh
+      - name: "Run k8s deployment control test"
+        run: |
+          source /opt/bash-utils/cgroup-helper.sh
+          join_cgroup
+          ./tests/k8s-deployment-control/run-test.sh
+      - name: Notify Vulcanize Slack on CI failure
+        if: ${{ always() && github.ref_name == 'main' }}
+        uses: ravsamhq/notify-slack-action@v2
+        with:
+          status: ${{ job.status }}
+          notify_when: 'failure'
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.VULCANIZE_SLACK_CI_ALERTS }}
+      - name: Notify DeepStack Slack on CI failure
+        if: ${{ always() && github.ref_name == 'main' }}
+        uses: ravsamhq/notify-slack-action@v2
+        with:
+          status: ${{ job.status }}
+          notify_when: 'failure'
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.DEEPSTACK_SLACK_CI_ALERTS }}

docs/k8s-deployment-enhancements.md

@@ -0,0 +1,27 @@
+# K8S Deployment Enhancements
+## Controlling pod placement
+The placement of pods created as part of a stack deployment can be controlled to either avoid certain nodes, or require certain nodes.
+### Pod/Node Affinity
+Node affinity rules applied to pods target node labels. The effect is that a pod can only be placed on a node having the specified label value. Note that other pods that do not have any node affinity rules can also be placed on those same nodes. Thus node affinity for a pod controls where that pod can be placed, but does not control where other pods are placed.
+
+Node affinity for stack pods is specified in the deployment's `spec.yml` file as follows:
+```
+node-affinities:
+  - label: nodetype
+    value: typeb
+```
+This example denotes that the stack's pods should only be placed on nodes that have the label `nodetype` with value `typeb`.
+### Node Taint Toleration
+K8s nodes can be given one or more "taints". These are special fields (distinct from labels) with a name (key) and optional value.
+When placing pods, the k8s scheduler will only assign a pod to a tainted node if the pod posesses a corresponding "toleration".
+This is metadata associated with the pod that specifies that the pod "tolerates" a given taint.
+Therefore taint toleration provides a mechanism by which only certain pods can be placed on specific nodes, and provides a complementary mechanism to node affinity.
+
+Taint toleration for stack pods is specified in the deployment's `spec.yml` file as follows:
+```
+node-tolerations:
+  - key: nodetype
+    value: typeb
+```
+This example denotes that the stack's pods will tolerate a taint: `nodetype=typeb`
+

requirements.txt

@@ -11,3 +11,5 @@ tomli==2.0.1
 validators==0.22.0
 kubernetes>=28.1.0
 humanfriendly>=10.0
+python-gnupg>=0.5.2
+requests>=2.3.2

stack_orchestrator/constants.py

@@ -35,5 +35,7 @@ security_key = "security"
 annotations_key = "annotations"
 labels_key = "labels"
 replicas_key = "replicas"
+node_affinities_key = "node-affinities"
+node_tolerations_key = "node-tolerations"
 kind_config_filename = "kind-config.yml"
 kube_config_filename = "kubeconfig.yml"

stack_orchestrator/data/container-build/cerc-ping-pub/build.sh

@@ -4,5 +4,9 @@ source ${CERC_CONTAINER_BASE_DIR}/build-base.sh
 SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
 
 # Two-stage build is to allow us to pick up both the upstream repo's files, and local files here for config
-docker build -t cerc/ping-pub-base:local ${build_command_args} -f $SCRIPT_DIR/Dockerfile.base $CERC_REPO_BASE_DIR/explorer
+docker build -t cerc/ping-pub-base:local ${build_command_args} -f $SCRIPT_DIR/Dockerfile.base $CERC_REPO_BASE_DIR/cosmos-explorer
+if [[ $? -ne 0 ]]; then
+    echo "FATAL: Base container build failed, exiting"
+    exit 1
+fi
 docker build -t cerc/ping-pub:local ${build_command_args} -f $SCRIPT_DIR/Dockerfile $SCRIPT_DIR

stack_orchestrator/data/stacks/mainnet-laconic/deploy/commands.py

@@ -138,8 +138,9 @@ def _set_listen_address(config_dir: Path):
         sys.exit(1)
     with open(config_file_path, "r") as input_file:
         config_file_content = input_file.read()
-        existing_pattern = r'^pprof_laddr = "localhost:6060"'
-        replace_with = 'pprof_laddr = "0.0.0.0:6060"'
+        existing_pattern = r'^laddr = "tcp://127.0.0.1:26657"'
+        replace_with = 'laddr = "tcp://0.0.0.0:26657"'
+        print(f"Replacing in: {config_file_path}")
         config_file_content = re.sub(existing_pattern, replace_with, config_file_content, flags=re.MULTILINE)
     with open(config_file_path, "w") as output_file:
         output_file.write(config_file_content)
@@ -369,7 +370,6 @@ def init(command_context: DeployCommandContext):
 
 
 def get_state(command_context: DeployCommandContext):
-    print("Here we get state")
     return State.CONFIGURED
 
 

stack_orchestrator/data/stacks/mainnet-laconic/stack.yml

@@ -10,7 +10,7 @@ repos:
   - git.vdb.to/cerc-io/registry-sdk
   - git.vdb.to/cerc-io/laconic-registry-cli
   - git.vdb.to/cerc-io/laconic-console
-  - github.com/ping-pub/explorer
+  - git.vdb.to/cerc-io/cosmos-explorer
 npms:
   - registry-sdk
   - laconic-registry-cli

stack_orchestrator/data/stacks/package-registry/README.md

@@ -2,4 +2,28 @@
 
 The Package Registry Stack supports a build environment that requires a package registry (initially for NPM packages only).
 
-Setup instructions can be found [here](../build-support/README.md).
+## Setup
+
+* Setup required repos and build containers:
+
+  ```bash
+  laconic-so --stack package-registry setup-repositories
+  laconic-so --stack package-registry build-containers
+  ```
+
+* Create a deployment:
+
+  ```bash
+  laconic-so --stack package-registry deploy init --output package-registry-spec.yml
+  # Update port mapping in the laconic-loaded.spec file to resolve port conflicts on host if any
+
+  laconic-so --stack package-registry deploy create --deployment-dir package-registry-deployment --spec-file package-registry-spec.yml
+  ```
+
+* Start the deployment:
+
+  ```bash
+  laconic-so deployment --dir package-registry-deployment start
+  ```
+
+* The local gitea registry can now be accessed at <http://localhost:3000> (the username and password can be taken from the deployment logs)

stack_orchestrator/deploy/compose/deploy_docker.py

@@ -29,14 +29,14 @@ class DockerDeployer(Deployer):
                                    compose_env_file=compose_env_file)
         self.type = type
 
-    def up(self, detach, services):
+    def up(self, detach, skip_cluster_management, services):
         if not opts.o.dry_run:
             try:
                 return self.docker.compose.up(detach=detach, services=services)
             except DockerException as e:
                 raise DeployerException(e)
 
-    def down(self, timeout, volumes):
+    def down(self, timeout, volumes, skip_cluster_management):
         if not opts.o.dry_run:
             try:
                 return self.docker.compose.down(timeout=timeout, volumes=volumes)

stack_orchestrator/deploy/deploy.py

@@ -91,7 +91,7 @@ def create_deploy_context(
     return DeployCommandContext(stack, cluster_context, deployer)
 
 
-def up_operation(ctx, services_list, stay_attached=False):
+def up_operation(ctx, services_list, stay_attached=False, skip_cluster_management=False):
     global_context = ctx.parent.parent.obj
     deploy_context = ctx.obj
     cluster_context = deploy_context.cluster_context
@@ -102,18 +102,18 @@ def up_operation(ctx, services_list, stay_attached=False):
         print(f"Running compose up with container_exec_env: {container_exec_env}, extra_args: {services_list}")
     for pre_start_command in cluster_context.pre_start_commands:
         _run_command(global_context, cluster_context.cluster, pre_start_command)
-    deploy_context.deployer.up(detach=not stay_attached, services=services_list)
+    deploy_context.deployer.up(detach=not stay_attached, skip_cluster_management=skip_cluster_management, services=services_list)
     for post_start_command in cluster_context.post_start_commands:
         _run_command(global_context, cluster_context.cluster, post_start_command)
     _orchestrate_cluster_config(global_context, cluster_context.config, deploy_context.deployer, container_exec_env)
 
 
-def down_operation(ctx, delete_volumes, extra_args_list):
+def down_operation(ctx, delete_volumes, extra_args_list, skip_cluster_management=False):
     timeout_arg = None
     if extra_args_list:
         timeout_arg = extra_args_list[0]
     # Specify shutdown timeout (default 10s) to give services enough time to shutdown gracefully
-    ctx.obj.deployer.down(timeout=timeout_arg, volumes=delete_volumes)
+    ctx.obj.deployer.down(timeout=timeout_arg, volumes=delete_volumes, skip_cluster_management=skip_cluster_management)
 
 
 def status_operation(ctx):

stack_orchestrator/deploy/deployer.py

@@ -20,11 +20,11 @@ from pathlib import Path
 class Deployer(ABC):
 
     @abstractmethod
-    def up(self, detach, services):
+    def up(self, detach, skip_cluster_management, services):
         pass
 
     @abstractmethod
-    def down(self, timeout, volumes):
+    def down(self, timeout, volumes, skip_cluster_management):
         pass
 
     @abstractmethod

stack_orchestrator/deploy/deployment.py

@@ -61,47 +61,57 @@ def make_deploy_context(ctx) -> DeployCommandContext:
                                  cluster_name, env_file, deployment_type)
 
 
+# TODO: remove legacy up command since it's an alias for start
 @command.command()
 @click.option("--stay-attached/--detatch-terminal", default=False, help="detatch or not to see container stdout")
+@click.option("--skip-cluster-management/--perform-cluster-management",
+              default=False, help="Skip cluster initialization/tear-down (only for kind-k8s deployments)")
 @click.argument('extra_args', nargs=-1)  # help: command: up <service1> <service2>
 @click.pass_context
-def up(ctx, stay_attached, extra_args):
+def up(ctx, stay_attached, skip_cluster_management, extra_args):
     ctx.obj = make_deploy_context(ctx)
     services_list = list(extra_args) or None
-    up_operation(ctx, services_list, stay_attached)
+    up_operation(ctx, services_list, stay_attached, skip_cluster_management)
 
 
 # start is the preferred alias for up
 @command.command()
 @click.option("--stay-attached/--detatch-terminal", default=False, help="detatch or not to see container stdout")
+@click.option("--skip-cluster-management/--perform-cluster-management",
+              default=False, help="Skip cluster initialization/tear-down (only for kind-k8s deployments)")
 @click.argument('extra_args', nargs=-1)  # help: command: up <service1> <service2>
 @click.pass_context
-def start(ctx, stay_attached, extra_args):
+def start(ctx, stay_attached, skip_cluster_management, extra_args):
     ctx.obj = make_deploy_context(ctx)
     services_list = list(extra_args) or None
-    up_operation(ctx, services_list, stay_attached)
+    up_operation(ctx, services_list, stay_attached, skip_cluster_management)
 
 
+# TODO: remove legacy up command since it's an alias for stop
 @command.command()
 @click.option("--delete-volumes/--preserve-volumes", default=False, help="delete data volumes")
+@click.option("--skip-cluster-management/--perform-cluster-management",
+              default=False, help="Skip cluster initialization/tear-down (only for kind-k8s deployments)")
 @click.argument('extra_args', nargs=-1)  # help: command: down <service1> <service2>
 @click.pass_context
-def down(ctx, delete_volumes, extra_args):
+def down(ctx, delete_volumes, skip_cluster_management, extra_args):
     # Get the stack config file name
     # TODO: add cluster name and env file here
     ctx.obj = make_deploy_context(ctx)
-    down_operation(ctx, delete_volumes, extra_args)
+    down_operation(ctx, delete_volumes, extra_args, skip_cluster_management)
 
 
 # stop is the preferred alias for down
 @command.command()
 @click.option("--delete-volumes/--preserve-volumes", default=False, help="delete data volumes")
+@click.option("--skip-cluster-management/--perform-cluster-management",
+              default=False, help="Skip cluster initialization/tear-down (only for kind-k8s deployments)")
 @click.argument('extra_args', nargs=-1)  # help: command: down <service1> <service2>
 @click.pass_context
-def stop(ctx, delete_volumes, extra_args):
+def stop(ctx, delete_volumes, skip_cluster_management, extra_args):
     # TODO: add cluster name and env file here
     ctx.obj = make_deploy_context(ctx)
-    down_operation(ctx, delete_volumes, extra_args)
+    down_operation(ctx, delete_volumes, extra_args, skip_cluster_management)
 
 
 @command.command()

stack_orchestrator/deploy/k8s/cluster_info.py

@@ -14,6 +14,7 @@
 # along with this program.  If not, see <http:#www.gnu.org/licenses/>.
 
 import os
+import base64
 
 from kubernetes import client
 from typing import Any, List, Set
@@ -86,7 +87,7 @@ class ClusterInfo:
             for service_name in services:
                 service_info = services[service_name]
                 if "ports" in service_info:
-                    for raw_port in service_info["ports"]:
+                    for raw_port in [str(p) for p in service_info["ports"]]:
                         if opts.o.debug:
                             print(f"service port: {raw_port}")
                         if ":" in raw_port:
@@ -260,12 +261,12 @@ class ClusterInfo:
             for f in os.listdir(cfg_map_path):
                 full_path = os.path.join(cfg_map_path, f)
                 if os.path.isfile(full_path):
-                    data[f] = open(full_path, 'rt').read()
+                    data[f] = base64.b64encode(open(full_path, 'rb').read()).decode('ASCII')
 
             spec = client.V1ConfigMap(
                 metadata=client.V1ObjectMeta(name=f"{self.app_name}-{cfg_map_name}",
                                              labels={"configmap-label": cfg_map_name}),
-                data=data
+                binary_data=data
             )
             result.append(spec)
         return result
@@ -365,6 +366,8 @@ class ClusterInfo:
 
         annotations = None
         labels = {"app": self.app_name}
+        affinity = None
+        tolerations = None
 
         if self.spec.get_annotations():
             annotations = {}
@@ -377,12 +380,52 @@ class ClusterInfo:
                 for service_name in services:
                     labels[key.replace("{name}", service_name)] = value
 
+        if self.spec.get_node_affinities():
+            affinities = []
+            for rule in self.spec.get_node_affinities():
+                # TODO add some input validation here
+                label_name = rule['label']
+                label_value = rule['value']
+                affinities.append(client.V1NodeSelectorTerm(
+                            match_expressions=[client.V1NodeSelectorRequirement(
+                                key=label_name,
+                                operator="In",
+                                values=[label_value]
+                            )]
+                        )
+                    )
+            affinity = client.V1Affinity(
+                node_affinity=client.V1NodeAffinity(
+                    required_during_scheduling_ignored_during_execution=client.V1NodeSelector(
+                        node_selector_terms=affinities
+                    ))
+                )
+
+        if self.spec.get_node_tolerations():
+            tolerations = []
+            for toleration in self.spec.get_node_tolerations():
+                # TODO add some input validation here
+                toleration_key = toleration['key']
+                toleration_value = toleration['value']
+                tolerations.append(client.V1Toleration(
+                    effect="NoSchedule",
+                    key=toleration_key,
+                    operator="Equal",
+                    value=toleration_value
+                ))
+
         template = client.V1PodTemplateSpec(
             metadata=client.V1ObjectMeta(
                 annotations=annotations,
                 labels=labels
             ),
-            spec=client.V1PodSpec(containers=containers, image_pull_secrets=image_pull_secrets, volumes=volumes),
+            spec=client.V1PodSpec(
+                containers=containers,
+                image_pull_secrets=image_pull_secrets,
+                volumes=volumes,
+                affinity=affinity,
+                tolerations=tolerations
+                ),
         )
         spec = client.V1DeploymentSpec(
             replicas=self.spec.get_replicas(),

stack_orchestrator/deploy/k8s/deploy_k8s.py

@@ -52,12 +52,14 @@ class K8sDeployer(Deployer):
     networking_api: client.NetworkingV1Api
     k8s_namespace: str = "default"
     kind_cluster_name: str
+    skip_cluster_management: bool
     cluster_info: ClusterInfo
     deployment_dir: Path
     deployment_context: DeploymentContext
 
     def __init__(self, type, deployment_context: DeploymentContext, compose_files, compose_project_name, compose_env_file) -> None:
         self.type = type
+        self.skip_cluster_management = False
         # TODO: workaround pending refactoring above to cope with being created with a null deployment_context
         if deployment_context is None:
             return
@@ -183,6 +185,7 @@ class K8sDeployer(Deployer):
         if len(host_parts) == 2:
             host_as_wild = f"*.{host_parts[1]}"
 
+        # TODO: resolve method deprecation below
         now = datetime.utcnow().replace(tzinfo=timezone.utc)
         fmt = "%Y-%m-%dT%H:%M:%S%z"
 
@@ -203,15 +206,16 @@ class K8sDeployer(Deployer):
                                 return cert
         return None
 
-    def up(self, detach, services):
+    def up(self, detach, skip_cluster_management, services):
+        self.skip_cluster_management = skip_cluster_management
         if not opts.o.dry_run:
-            if self.is_kind():
+            if self.is_kind() and not self.skip_cluster_management:
                 # Create the kind cluster
                 create_cluster(self.kind_cluster_name, self.deployment_dir.joinpath(constants.kind_config_filename))
                 # Ensure the referenced containers are copied into kind
                 load_images_into_kind(self.kind_cluster_name, self.cluster_info.image_set)
             self.connect_api()
-            if self.is_kind():
+            if self.is_kind() and not self.skip_cluster_management:
                 # Now configure an ingress controller (not installed by default in kind)
                 install_ingress_for_kind()
                 # Wait for ingress to start (deployment provisioning will fail unless this is done)
@@ -260,7 +264,8 @@ class K8sDeployer(Deployer):
                     print("NodePort created:")
                     print(f"{nodeport_resp}")
 
-    def down(self, timeout, volumes):  # noqa: C901
+    def down(self, timeout, volumes, skip_cluster_management):  # noqa: C901
+        self.skip_cluster_management = skip_cluster_management
         self.connect_api()
         # Delete the k8s objects
 
@@ -358,7 +363,7 @@ class K8sDeployer(Deployer):
             if opts.o.debug:
                 print("No nodeport to delete")
 
-        if self.is_kind():
+        if self.is_kind() and not self.skip_cluster_management:
             # Destroy the kind cluster
             destroy_cluster(self.kind_cluster_name)
 

stack_orchestrator/deploy/spec.py

@@ -120,6 +120,12 @@ class Spec:
     def get_replicas(self):
         return self.obj.get(constants.replicas_key, 1)
 
+    def get_node_affinities(self):
+        return self.obj.get(constants.node_affinities_key, [])
+
+    def get_node_tolerations(self):
+        return self.obj.get(constants.node_tolerations_key, [])
+
     def get_labels(self):
         return self.obj.get(constants.labels_key, {})
 

stack_orchestrator/deploy/webapp/deploy_webapp_from_registry.py

@@ -21,16 +21,28 @@ import sys
 import tempfile
 import time
 import uuid
+import yaml
 
 import click
+import gnupg
 
 from stack_orchestrator.deploy.images import remote_image_exists
 from stack_orchestrator.deploy.webapp import deploy_webapp
-from stack_orchestrator.deploy.webapp.util import (LaconicRegistryClient, TimedLogger,
-                                                   build_container_image, push_container_image,
-                                                   file_hash, deploy_to_k8s, publish_deployment,
-                                                   hostname_for_deployment_request, generate_hostname_for_app,
-                                                   match_owner, skip_by_tag)
+from stack_orchestrator.deploy.webapp.util import (
+    AttrDict,
+    LaconicRegistryClient,
+    TimedLogger,
+    build_container_image,
+    push_container_image,
+    file_hash,
+    deploy_to_k8s,
+    publish_deployment,
+    hostname_for_deployment_request,
+    generate_hostname_for_app,
+    match_owner,
+    skip_by_tag,
+    confirm_payment,
+)
 
 
 def process_app_deployment_request(
@@ -45,12 +57,19 @@ def process_app_deployment_request(
     image_registry,
     force_rebuild,
     fqdn_policy,
-    logger
+    recreate_on_deploy,
+    webapp_deployer_record,
+    gpg,
+    private_key_passphrase,
+    config_upload_dir,
+    logger,
 ):
     logger.log("BEGIN - process_app_deployment_request")
 
     # 1. look up application
-    app = laconic.get_record(app_deployment_request.attributes.application, require=True)
+    app = laconic.get_record(
+        app_deployment_request.attributes.application, require=True
+    )
     logger.log(f"Retrieved app record {app_deployment_request.attributes.application}")
 
     # 2. determine dns
@@ -61,32 +80,64 @@ def process_app_deployment_request(
         if "allow" == fqdn_policy or "preexisting" == fqdn_policy:
             fqdn = requested_name
         else:
-            raise Exception(f"{requested_name} is invalid: only unqualified hostnames are allowed.")
+            raise Exception(
+                f"{requested_name} is invalid: only unqualified hostnames are allowed."
+            )
     else:
         fqdn = f"{requested_name}.{default_dns_suffix}"
 
+    # Normalize case (just in case)
+    fqdn = fqdn.lower()
+
     # 3. check ownership of existing dnsrecord vs this request
     dns_lrn = f"{dns_record_namespace}/{fqdn}"
     dns_record = laconic.get_record(dns_lrn)
     if dns_record:
         matched_owner = match_owner(app_deployment_request, dns_record)
         if not matched_owner and dns_record.attributes.request:
-            matched_owner = match_owner(app_deployment_request, laconic.get_record(dns_record.attributes.request, require=True))
+            matched_owner = match_owner(
+                app_deployment_request,
+                laconic.get_record(dns_record.attributes.request, require=True),
+            )
 
         if matched_owner:
             logger.log(f"Matched DnsRecord ownership: {matched_owner}")
         else:
-            raise Exception("Unable to confirm ownership of DnsRecord %s for request %s" %
-                            (dns_lrn, app_deployment_request.id))
+            raise Exception(
+                "Unable to confirm ownership of DnsRecord %s for request %s"
+                % (dns_lrn, app_deployment_request.id)
+            )
     elif "preexisting" == fqdn_policy:
-        raise Exception(f"No pre-existing DnsRecord {dns_lrn} could be found for request {app_deployment_request.id}.")
+        raise Exception(
+            f"No pre-existing DnsRecord {dns_lrn} could be found for request {app_deployment_request.id}."
+        )
 
     # 4. get build and runtime config from request
+    env = {}
+    if app_deployment_request.attributes.config:
+        if "ref" in app_deployment_request.attributes.config:
+            with open(
+                f"{config_upload_dir}/{app_deployment_request.attributes.config.ref}",
+                "rb",
+            ) as file:
+                record_owner = laconic.get_owner(app_deployment_request)
+                decrypted = gpg.decrypt_file(file, passphrase=private_key_passphrase)
+                parsed = AttrDict(yaml.safe_load(decrypted.data))
+                if record_owner not in parsed.authorized:
+                    raise Exception(
+                        f"{record_owner} not authorized to access config {app_deployment_request.attributes.config.ref}"
+                    )
+                if "env" in parsed.config:
+                    env.update(parsed.config.env)
+
+        if "env" in app_deployment_request.attributes.config:
+            env.update(app_deployment_request.attributes.config.env)
+
     env_filename = None
-    if app_deployment_request.attributes.config and "env" in app_deployment_request.attributes.config:
+    if env:
         env_filename = tempfile.mktemp()
-        with open(env_filename, 'w') as file:
-            for k, v in app_deployment_request.attributes.config["env"].items():
+        with open(env_filename, "w") as file:
+            for k, v in env.items():
                 file.write("%s=%s\n" % (k, shlex.quote(str(v))))
 
     # 5. determine new or existing deployment
@@ -95,7 +146,10 @@ def process_app_deployment_request(
     if app_deployment_request.attributes.deployment:
         app_deployment_lrn = app_deployment_request.attributes.deployment
     if not app_deployment_lrn.startswith(deployment_record_namespace):
-        raise Exception("Deployment CRN %s is not in a supported namespace" % app_deployment_request.attributes.deployment)
+        raise Exception(
+            "Deployment LRN %s is not in a supported namespace"
+            % app_deployment_request.attributes.deployment
+        )
 
     deployment_record = laconic.get_record(app_deployment_lrn)
     deployment_dir = os.path.join(deployment_parent_dir, fqdn)
@@ -108,20 +162,37 @@ def process_app_deployment_request(
     #   b. check for deployment directory (create if necessary)
     if not os.path.exists(deployment_dir):
         if deployment_record:
-            raise Exception("Deployment record %s exists, but not deployment dir %s. Please remove name." %
-                            (app_deployment_lrn, deployment_dir))
-        logger.log(f"Creating webapp deployment in: {deployment_dir} with container id: {deployment_container_tag}")
-        deploy_webapp.create_deployment(ctx, deployment_dir, deployment_container_tag,
-                                        f"https://{fqdn}", kube_config, image_registry, env_filename)
+            raise Exception(
+                "Deployment record %s exists, but not deployment dir %s. Please remove name."
+                % (app_deployment_lrn, deployment_dir)
+            )
+        logger.log(
+            f"Creating webapp deployment in: {deployment_dir} with container id: {deployment_container_tag}"
+        )
+        deploy_webapp.create_deployment(
+            ctx,
+            deployment_dir,
+            deployment_container_tag,
+            f"https://{fqdn}",
+            kube_config,
+            image_registry,
+            env_filename,
+        )
     elif env_filename:
         shutil.copyfile(env_filename, deployment_config_file)
 
     needs_k8s_deploy = False
     if force_rebuild:
-        logger.log("--force-rebuild is enabled so the container will always be built now, even if nothing has changed in the app")
+        logger.log(
+            "--force-rebuild is enabled so the container will always be built now, even if nothing has changed in the app"
+        )
     # 6. build container (if needed)
     # TODO: add a comment that explains what this code is doing (not clear to me)
-    if not deployment_record or deployment_record.attributes.application != app.id or force_rebuild:
+    if (
+        not deployment_record
+        or deployment_record.attributes.application != app.id
+        or force_rebuild
+    ):
         needs_k8s_deploy = True
         # check if the image already exists
         shared_tag_exists = remote_image_exists(image_registry, app_image_shared_tag)
@@ -142,7 +213,9 @@ def process_app_deployment_request(
         else:
             extra_build_args = []  # TODO: pull from request
             logger.log(f"Building container image: {deployment_container_tag}")
-            build_container_image(app, deployment_container_tag, extra_build_args, logger)
+            build_container_image(
+                app, deployment_container_tag, extra_build_args, logger
+            )
             logger.log("Build complete")
             logger.log(f"Pushing container image: {deployment_container_tag}")
             push_container_image(deployment_dir, logger)
@@ -157,16 +230,15 @@ def process_app_deployment_request(
         logger.log("Requested app is already deployed, skipping build and image push")
 
     # 7. update config (if needed)
-    if not deployment_record or file_hash(deployment_config_file) != deployment_record.attributes.meta.config:
+    if (
+        not deployment_record
+        or file_hash(deployment_config_file) != deployment_record.attributes.meta.config
+    ):
         needs_k8s_deploy = True
 
     # 8. update k8s deployment
     if needs_k8s_deploy:
-        deploy_to_k8s(
-            deployment_record,
-            deployment_dir,
-            logger
-        )
+        deploy_to_k8s(deployment_record, deployment_dir, recreate_on_deploy, logger)
 
     logger.log("Publishing deployment to registry.")
     publish_deployment(
@@ -178,7 +250,8 @@ def process_app_deployment_request(
         dns_lrn,
         deployment_dir,
         app_deployment_request,
-        logger
+        webapp_deployer_record,
+        logger,
     )
     logger.log("Publication complete.")
     logger.log("END - process_app_deployment_request")
@@ -195,37 +268,129 @@ def dump_known_requests(filename, requests, status="SEEN"):
         return
     known_requests = load_known_requests(filename)
     for r in requests:
-        known_requests[r.id] = {
-            "createTime": r.createTime,
-            "status": status
-        }
+        known_requests[r.id] = {"createTime": r.createTime, "status": status}
     with open(filename, "w") as f:
         json.dump(known_requests, f)
 
 
 @click.command()
 @click.option("--kube-config", help="Provide a config file for a k8s deployment")
-@click.option("--laconic-config", help="Provide a config file for laconicd", required=True)
-@click.option("--image-registry", help="Provide a container image registry url for this k8s cluster")
-@click.option("--deployment-parent-dir", help="Create deployment directories beneath this directory", required=True)
+@click.option(
+    "--laconic-config", help="Provide a config file for laconicd", required=True
+)
+@click.option(
+    "--image-registry",
+    help="Provide a container image registry url for this k8s cluster",
+)
+@click.option(
+    "--deployment-parent-dir",
+    help="Create deployment directories beneath this directory",
+    required=True,
+)
 @click.option("--request-id", help="The ApplicationDeploymentRequest to process")
-@click.option("--discover", help="Discover and process all pending ApplicationDeploymentRequests", is_flag=True, default=False)
-@click.option("--state-file", help="File to store state about previously seen requests.")
-@click.option("--only-update-state", help="Only update the state file, don't process any requests anything.", is_flag=True)
+@click.option(
+    "--discover",
+    help="Discover and process all pending ApplicationDeploymentRequests",
+    is_flag=True,
+    default=False,
+)
+@click.option(
+    "--state-file", help="File to store state about previously seen requests."
+)
+@click.option(
+    "--only-update-state",
+    help="Only update the state file, don't process any requests anything.",
+    is_flag=True,
+)
 @click.option("--dns-suffix", help="DNS domain to use eg, laconic.servesthe.world")
-@click.option("--fqdn-policy", help="How to handle requests with an FQDN: prohibit, allow, preexisting", default="prohibit")
-@click.option("--record-namespace-dns", help="eg, lrn://laconic/dns")
-@click.option("--record-namespace-deployments", help="eg, lrn://laconic/deployments")
-@click.option("--dry-run", help="Don't do anything, just report what would be done.", is_flag=True)
-@click.option("--include-tags", help="Only include requests with matching tags (comma-separated).", default="")
-@click.option("--exclude-tags", help="Exclude requests with matching tags (comma-separated).", default="")
-@click.option("--force-rebuild", help="Rebuild even if the image already exists.", is_flag=True)
-@click.option("--log-dir", help="Output build/deployment logs to directory.", default=None)
+@click.option(
+    "--fqdn-policy",
+    help="How to handle requests with an FQDN: prohibit, allow, preexisting",
+    default="prohibit",
+)
+@click.option("--record-namespace-dns", help="eg, lrn://laconic/dns", required=True)
+@click.option(
+    "--record-namespace-deployments",
+    help="eg, lrn://laconic/deployments",
+    required=True,
+)
+@click.option(
+    "--dry-run", help="Don't do anything, just report what would be done.", is_flag=True
+)
+@click.option(
+    "--include-tags",
+    help="Only include requests with matching tags (comma-separated).",
+    default="",
+)
+@click.option(
+    "--exclude-tags",
+    help="Exclude requests with matching tags (comma-separated).",
+    default="",
+)
+@click.option(
+    "--force-rebuild", help="Rebuild even if the image already exists.", is_flag=True
+)
+@click.option(
+    "--recreate-on-deploy",
+    help="Remove and recreate deployments instead of updating them.",
+    is_flag=True,
+)
+@click.option(
+    "--log-dir", help="Output build/deployment logs to directory.", default=None
+)
+@click.option(
+    "--min-required-payment",
+    help="Requests must have a minimum payment to be processed (in alnt)",
+    default=0,
+)
+@click.option("--lrn", help="The LRN of this deployer.", required=True)
+@click.option(
+    "--all-requests",
+    help="Handle requests addressed to anyone (by default only requests to"
+    "my payment address are examined).",
+    is_flag=True,
+)
+@click.option(
+    "--config-upload-dir",
+    help="The directory containing uploaded config.",
+    required=True,
+)
+@click.option(
+    "--private-key-file", help="The private key for decrypting config.", required=True
+)
+@click.option(
+    "--private-key-passphrase",
+    help="The passphrase for the private key.",
+    required=True,
+)
 @click.pass_context
-def command(ctx, kube_config, laconic_config, image_registry, deployment_parent_dir,  # noqa: C901
-            request_id, discover, state_file, only_update_state,
-            dns_suffix, fqdn_policy, record_namespace_dns, record_namespace_deployments, dry_run,
-            include_tags, exclude_tags, force_rebuild, log_dir):
+def command(  # noqa: C901
+    ctx,
+    kube_config,
+    laconic_config,
+    image_registry,
+    deployment_parent_dir,
+    request_id,
+    discover,
+    state_file,
+    only_update_state,
+    dns_suffix,
+    fqdn_policy,
+    record_namespace_dns,
+    record_namespace_deployments,
+    dry_run,
+    include_tags,
+    exclude_tags,
+    force_rebuild,
+    recreate_on_deploy,
+    log_dir,
+    min_required_payment,
+    lrn,
+    config_upload_dir,
+    private_key_file,
+    private_key_passphrase,
+    all_requests,
+):
     if request_id and discover:
         print("Cannot specify both --request-id and --discover", file=sys.stderr)
         sys.exit(2)
@@ -239,33 +404,76 @@ def command(ctx, kube_config, laconic_config, image_registry, deployment_parent_
         sys.exit(2)
 
     if not only_update_state:
-        if not record_namespace_dns or not record_namespace_deployments or not dns_suffix:
-            print("--dns-suffix, --record-namespace-dns, and --record-namespace-deployments are all required", file=sys.stderr)
+        if (
+            not record_namespace_dns
+            or not record_namespace_deployments
+            or not dns_suffix
+        ):
+            print(
+                "--dns-suffix, --record-namespace-dns, and --record-namespace-deployments are all required",
+                file=sys.stderr,
+            )
             sys.exit(2)
 
     if fqdn_policy not in ["prohibit", "allow", "preexisting"]:
-        print("--fqdn-policy must be one of 'prohibit', 'allow', or 'preexisting'", file=sys.stderr)
+        print(
+            "--fqdn-policy must be one of 'prohibit', 'allow', or 'preexisting'",
+            file=sys.stderr,
+        )
         sys.exit(2)
 
+    tempdir = tempfile.mkdtemp()
+    gpg = gnupg.GPG(gnupghome=tempdir)
+
+    # Import the deployer's public key
+    result = gpg.import_keys(open(private_key_file, "rb").read())
+    if 1 != result.imported:
+        print(
+            f"Failed to load private key file: {private_key_file}.",
+            file=sys.stderr,
+        )
+        sys.exit(2)
+
+    main_logger = TimedLogger(file=sys.stderr)
+
+    try:
         # Split CSV and clean up values.
         include_tags = [tag.strip() for tag in include_tags.split(",") if tag]
         exclude_tags = [tag.strip() for tag in exclude_tags.split(",") if tag]
 
-    laconic = LaconicRegistryClient(laconic_config)
+        laconic = LaconicRegistryClient(laconic_config, log_file=sys.stderr)
+        webapp_deployer_record = laconic.get_record(lrn, require=True)
+        payment_address = webapp_deployer_record.attributes.paymentAddress
+        main_logger.log(f"Payment address: {payment_address}")
+
+        if min_required_payment and not payment_address:
+            print(
+                f"Minimum payment required, but no payment address listed for deployer: {lrn}.",
+                file=sys.stderr,
+            )
+            sys.exit(2)
 
         # Find deployment requests.
         # single request
         if request_id:
+            main_logger.log(f"Retrieving request {request_id}...")
             requests = [laconic.get_record(request_id, require=True)]
         # all requests
         elif discover:
+            main_logger.log("Discovering deployment requests...")
+            if all_requests:
                 requests = laconic.app_deployment_requests()
+            else:
+                requests = laconic.app_deployment_requests({"deployer": lrn})
 
         if only_update_state:
             if not dry_run:
                 dump_known_requests(state_file, requests)
             return
 
+        previous_requests = {}
+        if state_file:
+            main_logger.log(f"Loading known requests from {state_file}...")
             previous_requests = load_known_requests(state_file)
 
         # Collapse related requests.
@@ -274,68 +482,133 @@ def command(ctx, kube_config, laconic_config, image_registry, deployment_parent_
         requests_by_name = {}
         skipped_by_name = {}
         for r in requests:
-        if r.id in previous_requests and previous_requests[r.id].get("status", "") != "RETRY":
-            print(f"Skipping request {r.id}, we've already seen it.")
+            main_logger.log(f"BEGIN: Examining request {r.id}")
+            result = "PENDING"
+            try:
+                if (
+                    r.id in previous_requests
+                    and previous_requests[r.id].get("status", "") != "RETRY"
+                ):
+                    main_logger.log(f"Skipping request {r.id}, we've already seen it.")
+                    result = "SKIP"
                     continue
 
                 app = laconic.get_record(r.attributes.application)
                 if not app:
-            print("Skipping request %s, cannot locate app." % r.id)
+                    main_logger.log(f"Skipping request {r.id}, cannot locate app.")
+                    result = "ERROR"
                     continue
 
                 requested_name = r.attributes.dns
                 if not requested_name:
                     requested_name = generate_hostname_for_app(app)
-            print("Generating name %s for request %s." % (requested_name, r.id))
+                    main_logger.log(
+                        "Generating name %s for request %s." % (requested_name, r.id)
+                    )
 
-        if requested_name in skipped_by_name or requested_name in requests_by_name:
-            print("Ignoring request %s, it has been superseded." % r.id)
+                if (
+                    requested_name in skipped_by_name
+                    or requested_name in requests_by_name
+                ):
+                    main_logger.log(
+                        "Ignoring request %s, it has been superseded." % r.id
+                    )
+                    result = "SKIP"
                     continue
 
                 if skip_by_tag(r, include_tags, exclude_tags):
-            print("Skipping request %s, filtered by tag (include %s, exclude %s, present %s)" % (r.id,
-                                                                                                 include_tags,
-                                                                                                 exclude_tags,
-                                                                                                 r.attributes.tags))
+                    main_logger.log(
+                        "Skipping request %s, filtered by tag (include %s, exclude %s, present %s)"
+                        % (r.id, include_tags, exclude_tags, r.attributes.tags)
+                    )
                     skipped_by_name[requested_name] = r
+                    result = "SKIP"
                     continue
 
-        print("Found request %s to run application %s on %s." % (r.id, r.attributes.application, requested_name))
+                main_logger.log(
+                    "Found pending request %s to run application %s on %s."
+                    % (r.id, r.attributes.application, requested_name)
+                )
                 requests_by_name[requested_name] = r
+            except Exception as e:
+                result = "ERROR"
+                main_logger.log(f"ERROR examining request {r.id}: " + str(e))
+            finally:
+                main_logger.log(f"DONE Examining request {r.id} with result {result}.")
+                if result in ["ERROR"]:
+                    dump_known_requests(state_file, [r], status=result)
 
         # Find deployments.
+        main_logger.log("Discovering existing app deployments...")
+        if all_requests:
             deployments = laconic.app_deployments()
+        else:
+            deployments = laconic.app_deployments({"deployer": lrn})
         deployments_by_request = {}
         for d in deployments:
             if d.attributes.request:
                 deployments_by_request[d.attributes.request] = d
 
         # Find removal requests.
+        main_logger.log("Discovering deployment removal and cancellation requests...")
         cancellation_requests = {}
         removal_requests = laconic.app_deployment_removal_requests()
         for r in removal_requests:
             if r.attributes.request:
                 cancellation_requests[r.attributes.request] = r
 
-    requests_to_execute = []
+        requests_to_check_for_payment = []
         for r in requests_by_name.values():
-        if r.id in cancellation_requests and match_owner(cancellation_requests[r.id], r):
-            print(f"Found deployment cancellation request for {r.id} at {cancellation_requests[r.id].id}")
+            if r.id in cancellation_requests and match_owner(
+                cancellation_requests[r.id], r
+            ):
+                main_logger.log(
+                    f"Found deployment cancellation request for {r.id} at {cancellation_requests[r.id].id}"
+                )
             elif r.id in deployments_by_request:
-            print(f"Found satisfied request for {r.id} at {deployments_by_request[r.id].id}")
+                main_logger.log(
+                    f"Found satisfied request for {r.id} at {deployments_by_request[r.id].id}"
+                )
             else:
-            if r.id not in previous_requests:
-                print(f"Request {r.id} needs to processed.")
-                requests_to_execute.append(r)
-            else:
-                print(
+                if (
+                    r.id in previous_requests
+                    and previous_requests[r.id].get("status", "") != "RETRY"
+                ):
+                    main_logger.log(
                         f"Skipping unsatisfied request {r.id} because we have seen it before."
                     )
+                else:
+                    main_logger.log(f"Request {r.id} needs to processed.")
+                    requests_to_check_for_payment.append(r)
 
-    print("Found %d unsatisfied request(s) to process." % len(requests_to_execute))
+        requests_to_execute = []
+        if min_required_payment:
+            for r in requests_to_check_for_payment:
+                main_logger.log(f"{r.id}: Confirming payment...")
+                if confirm_payment(
+                    laconic,
+                    r,
+                    payment_address,
+                    min_required_payment,
+                    main_logger,
+                ):
+                    main_logger.log(f"{r.id}: Payment confirmed.")
+                    requests_to_execute.append(r)
+                else:
+                    main_logger.log(
+                        f"Skipping request {r.id}: unable to verify payment."
+                    )
+                    dump_known_requests(state_file, [r], status="UNPAID")
+        else:
+            requests_to_execute = requests_to_check_for_payment
+
+        main_logger.log(
+            "Found %d unsatisfied request(s) to process." % len(requests_to_execute)
+        )
 
         if not dry_run:
             for r in requests_to_execute:
+                main_logger.log(f"DEPLOYING {r.id}: BEGIN")
                 dump_known_requests(state_file, [r], "DEPLOYING")
                 status = "ERROR"
                 run_log_file = None
@@ -347,12 +620,16 @@ def command(ctx, kube_config, laconic_config, image_registry, deployment_parent_
                         if not os.path.exists(run_log_dir):
                             os.mkdir(run_log_dir)
                         run_log_file_path = os.path.join(run_log_dir, f"{run_id}.log")
-                    print(f"Directing deployment logs to: {run_log_file_path}")
+                        main_logger.log(
+                            f"Directing deployment logs to: {run_log_file_path}"
+                        )
                         run_log_file = open(run_log_file_path, "wt")
-                    run_reg_client = LaconicRegistryClient(laconic_config, log_file=run_log_file)
+                        run_reg_client = LaconicRegistryClient(
+                            laconic_config, log_file=run_log_file
+                        )
 
-                logger = TimedLogger(run_id, run_log_file)
-                logger.log("Processing ...")
+                    build_logger = TimedLogger(run_id, run_log_file)
+                    build_logger.log("Processing ...")
                     process_app_deployment_request(
                         ctx,
                         run_reg_client,
@@ -365,14 +642,30 @@ def command(ctx, kube_config, laconic_config, image_registry, deployment_parent_
                         image_registry,
                         force_rebuild,
                         fqdn_policy,
-                    logger
+                        recreate_on_deploy,
+                        webapp_deployer_record,
+                        gpg,
+                        private_key_passphrase,
+                        config_upload_dir,
+                        build_logger,
                     )
                     status = "DEPLOYED"
                 except Exception as e:
-                logger.log("ERROR: " + str(e))
+                    main_logger.log(f"ERROR {r.id}:" + str(e))
+                    build_logger.log("ERROR: " + str(e))
                 finally:
-                if logger:
-                    logger.log(f"DONE with status {status}", show_step_time=False, show_total_time=True)
+                    main_logger.log(f"DEPLOYING {r.id}: END - {status}")
+                    if build_logger:
+                        build_logger.log(
+                            f"DONE with status {status}",
+                            show_step_time=False,
+                            show_total_time=True,
+                        )
                     dump_known_requests(state_file, [r], status)
                     if run_log_file:
                         run_log_file.close()
+    except Exception as e:
+        main_logger.log("UNCAUGHT ERROR:" + str(e))
+        raise e
+    finally:
+        shutil.rmtree(tempdir, ignore_errors=True)

stack_orchestrator/deploy/webapp/publish_webapp_deployer.py

@@ -0,0 +1,91 @@
+# Copyright ©2023 Vulcanize
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http:#www.gnu.org/licenses/>.
+
+import base64
+import click
+import sys
+import yaml
+
+from urllib.parse import urlparse
+
+from stack_orchestrator.deploy.webapp.util import LaconicRegistryClient
+
+
+@click.command()
+@click.option(
+    "--laconic-config", help="Provide a config file for laconicd", required=True
+)
+@click.option("--api-url", help="The API URL of the deployer.", required=True)
+@click.option(
+    "--public-key-file",
+    help="The public key to use.  This should be a binary file.",
+    required=True,
+)
+@click.option(
+    "--lrn", help="eg, lrn://laconic/deployers/my.deployer.name", required=True
+)
+@click.option(
+    "--payment-address",
+    help="The address to which payments should be made.  "
+    "Default is the current laconic account.",
+    default=None,
+)
+@click.option(
+    "--min-required-payment",
+    help="List the minimum required payment (in alnt) to process a deployment request.",
+    default=0,
+)
+@click.option(
+    "--dry-run",
+    help="Don't publish anything, just report what would be done.",
+    is_flag=True,
+)
+@click.pass_context
+def command(  # noqa: C901
+    ctx,
+    laconic_config,
+    api_url,
+    public_key_file,
+    lrn,
+    payment_address,
+    min_required_payment,
+    dry_run,
+):
+    laconic = LaconicRegistryClient(laconic_config)
+    if not payment_address:
+        payment_address = laconic.whoami().address
+
+    pub_key = base64.b64encode(open(public_key_file, "rb").read()).decode("ASCII")
+    hostname = urlparse(api_url).hostname
+    webapp_deployer_record = {
+        "record": {
+            "type": "WebappDeployer",
+            "version": "1.0.0",
+            "apiUrl": api_url,
+            "name": hostname,
+            "publicKey": pub_key,
+            "paymentAddress": payment_address,
+        }
+    }
+
+    if min_required_payment:
+        webapp_deployer_record["record"][
+            "minimumPayment"
+        ] = f"{min_required_payment}alnt"
+
+    if dry_run:
+        yaml.dump(webapp_deployer_record, sys.stdout)
+        return
+
+    laconic.publish(webapp_deployer_record, [lrn])

stack_orchestrator/deploy/webapp/request_webapp_deployment.py

@@ -0,0 +1,175 @@
+# Copyright ©2023 Vulcanize
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+import base64
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http:#www.gnu.org/licenses/>.
+
+import shutil
+import sys
+import tempfile
+from datetime import datetime
+
+import gnupg
+import click
+import requests
+import yaml
+
+from stack_orchestrator.deploy.webapp.util import (
+    LaconicRegistryClient,
+)
+from dotenv import dotenv_values
+
+
+def fatal(msg: str):
+    print(msg, file=sys.stderr)
+    sys.exit(1)
+
+
+@click.command()
+@click.option(
+    "--laconic-config", help="Provide a config file for laconicd", required=True
+)
+@click.option(
+    "--app",
+    help="The LRN of the application to deploy.",
+    required=True,
+)
+@click.option(
+    "--deployer",
+    help="The LRN of the deployer to process this request.",
+    required=True,
+)
+@click.option("--env-file", help="environment file for webapp")
+@click.option("--config-ref", help="The ref of an existing config upload to use.")
+@click.option(
+    "--make-payment",
+    help="The payment to make (in alnt).  The value should be a number or 'auto' to use the deployer's minimum required payment.",
+)
+@click.option(
+    "--use-payment", help="The TX id of an existing, unused payment", default=None
+)
+@click.option("--dns", help="the DNS name to request (default is autogenerated)")
+@click.option(
+    "--dry-run",
+    help="Don't publish anything, just report what would be done.",
+    is_flag=True,
+)
+@click.pass_context
+def command(
+    ctx,
+    laconic_config,
+    app,
+    deployer,
+    env_file,
+    config_ref,
+    make_payment,
+    use_payment,
+    dns,
+    dry_run,
+):  # noqa: C901
+    tempdir = tempfile.mkdtemp()
+    try:
+        laconic = LaconicRegistryClient(laconic_config)
+
+        app_record = laconic.get_record(app)
+        if not app_record:
+            fatal(f"Unable to locate app: {app}")
+
+        deployer_record = laconic.get_record(deployer)
+        if not deployer_record:
+            fatal(f"Unable to locate deployer: {deployer}")
+
+        if env_file and config_ref:
+            fatal("Cannot use --env-file and --config-ref at the same time.")
+
+        # If env_file
+        if env_file:
+            gpg = gnupg.GPG(gnupghome=tempdir)
+
+            # Import the deployer's public key
+            result = gpg.import_keys(
+                base64.b64decode(deployer_record.attributes.publicKey)
+            )
+            if 1 != result.imported:
+                fatal("Failed to import deployer's public key.")
+
+            recip = gpg.list_keys()[0]["uids"][0]
+
+            # Wrap the config
+            config = {
+                # Include account (and payment?) details
+                "authorized": [laconic.whoami().address],
+                "config": {"env": dict(dotenv_values(env_file))},
+            }
+            serialized = yaml.dump(config)
+
+            # Encrypt
+            result = gpg.encrypt(serialized, recip, always_trust=True, armor=False)
+            if not result.ok:
+                fatal("Failed to encrypt config.")
+
+            # Upload it to the deployer's API
+            response = requests.post(
+                f"{deployer_record.attributes.apiUrl}/upload/config",
+                data=result.data,
+                headers={"Content-Type": "application/octet-stream"},
+            )
+            if not response.ok:
+                response.raise_for_status()
+
+            config_ref = response.json()["id"]
+
+        deployment_request = {
+            "record": {
+                "type": "ApplicationDeploymentRequest",
+                "application": app,
+                "version": "1.0.0",
+                "name": f"{app_record.attributes.name}@{app_record.attributes.version}",
+                "deployer": deployer,
+                "meta": {"when": str(datetime.utcnow())},
+            }
+        }
+
+        if config_ref:
+            deployment_request["record"]["config"] = {"ref": config_ref}
+
+        if dns:
+            deployment_request["record"]["dns"] = dns.lower()
+
+        if make_payment:
+            amount = 0
+            if dry_run:
+                deployment_request["record"]["payment"] = "DRY_RUN"
+            elif "auto" == make_payment:
+                if "minimumPayment" in deployer_record.attributes:
+                    amount = int(
+                        deployer_record.attributes.minimumPayment.replace("alnt", "")
+                    )
+            else:
+                amount = make_payment
+            if amount:
+                receipt = laconic.send_tokens(
+                    deployer_record.attributes.paymentAddress, amount
+                )
+                deployment_request["record"]["payment"] = receipt.tx.hash
+                print("Payment TX:", receipt.tx.hash)
+        elif use_payment:
+            deployment_request["record"]["payment"] = use_payment
+
+        if dry_run:
+            print(yaml.dump(deployment_request))
+            return
+
+        # Send the request
+        laconic.publish(deployment_request)
+    finally:
+        shutil.rmtree(tempdir, ignore_errors=True)

stack_orchestrator/deploy/webapp/undeploy_webapp_from_registry.py

@@ -20,18 +20,33 @@ import sys
 
 import click
 
-from stack_orchestrator.deploy.webapp.util import LaconicRegistryClient, match_owner, skip_by_tag
+from stack_orchestrator.deploy.webapp.util import (
+    TimedLogger,
+    LaconicRegistryClient,
+    match_owner,
+    skip_by_tag,
+    confirm_payment,
+)
+
+main_logger = TimedLogger(file=sys.stderr)
 
 
-def process_app_removal_request(ctx,
+def process_app_removal_request(
+    ctx,
     laconic: LaconicRegistryClient,
     app_removal_request,
     deployment_parent_dir,
     delete_volumes,
-                                delete_names):
-    deployment_record = laconic.get_record(app_removal_request.attributes.deployment, require=True)
+    delete_names,
+    webapp_deployer_record,
+):
+    deployment_record = laconic.get_record(
+        app_removal_request.attributes.deployment, require=True
+    )
     dns_record = laconic.get_record(deployment_record.attributes.dns, require=True)
-    deployment_dir = os.path.join(deployment_parent_dir, dns_record.attributes.name)
+    deployment_dir = os.path.join(
+        deployment_parent_dir, dns_record.attributes.name.lower()
+    )
 
     if not os.path.exists(deployment_dir):
         raise Exception("Deployment directory %s does not exist." % deployment_dir)
@@ -41,13 +56,18 @@ def process_app_removal_request(ctx,
 
     # Or of the original deployment request.
     if not matched_owner and deployment_record.attributes.request:
-        matched_owner = match_owner(app_removal_request, laconic.get_record(deployment_record.attributes.request, require=True))
+        matched_owner = match_owner(
+            app_removal_request,
+            laconic.get_record(deployment_record.attributes.request, require=True),
+        )
 
     if matched_owner:
-        print("Matched deployment ownership:", matched_owner)
+        main_logger.log("Matched deployment ownership:", matched_owner)
     else:
-        raise Exception("Unable to confirm ownership of deployment %s for removal request %s" %
-                        (deployment_record.id, app_removal_request.id))
+        raise Exception(
+            "Unable to confirm ownership of deployment %s for removal request %s"
+            % (deployment_record.id, app_removal_request.id)
+        )
 
     # TODO(telackey): Call the function directly.  The easiest way to build the correct click context is to
     # exec the process, but it would be better to refactor so we could just call down_operation with the
@@ -64,8 +84,13 @@ def process_app_removal_request(ctx,
             "version": "1.0.0",
             "request": app_removal_request.id,
             "deployment": deployment_record.id,
+            "deployer": webapp_deployer_record.names[0],
         }
     }
+
+    if app_removal_request.attributes.payment:
+        removal_record["record"]["payment"] = app_removal_request.attributes.payment
+
     laconic.publish(removal_record)
 
     if delete_names:
@@ -97,22 +122,80 @@ def dump_known_requests(filename, requests):
 
 
 @click.command()
-@click.option("--laconic-config", help="Provide a config file for laconicd", required=True)
-@click.option("--deployment-parent-dir", help="Create deployment directories beneath this directory", required=True)
+@click.option(
+    "--laconic-config", help="Provide a config file for laconicd", required=True
+)
+@click.option(
+    "--deployment-parent-dir",
+    help="Create deployment directories beneath this directory",
+    required=True,
+)
 @click.option("--request-id", help="The ApplicationDeploymentRemovalRequest to process")
-@click.option("--discover", help="Discover and process all pending ApplicationDeploymentRemovalRequests",
-              is_flag=True, default=False)
-@click.option("--state-file", help="File to store state about previously seen requests.")
-@click.option("--only-update-state", help="Only update the state file, don't process any requests anything.", is_flag=True)
-@click.option("--delete-names/--preserve-names", help="Delete all names associated with removed deployments.", default=True)
-@click.option("--delete-volumes/--preserve-volumes", default=True, help="delete data volumes")
-@click.option("--dry-run", help="Don't do anything, just report what would be done.", is_flag=True)
-@click.option("--include-tags", help="Only include requests with matching tags (comma-separated).", default="")
-@click.option("--exclude-tags", help="Exclude requests with matching tags (comma-separated).", default="")
+@click.option(
+    "--discover",
+    help="Discover and process all pending ApplicationDeploymentRemovalRequests",
+    is_flag=True,
+    default=False,
+)
+@click.option(
+    "--state-file", help="File to store state about previously seen requests."
+)
+@click.option(
+    "--only-update-state",
+    help="Only update the state file, don't process any requests anything.",
+    is_flag=True,
+)
+@click.option(
+    "--delete-names/--preserve-names",
+    help="Delete all names associated with removed deployments.",
+    default=True,
+)
+@click.option(
+    "--delete-volumes/--preserve-volumes", default=True, help="delete data volumes"
+)
+@click.option(
+    "--dry-run", help="Don't do anything, just report what would be done.", is_flag=True
+)
+@click.option(
+    "--include-tags",
+    help="Only include requests with matching tags (comma-separated).",
+    default="",
+)
+@click.option(
+    "--exclude-tags",
+    help="Exclude requests with matching tags (comma-separated).",
+    default="",
+)
+@click.option(
+    "--min-required-payment",
+    help="Requests must have a minimum payment to be processed (in alnt)",
+    default=0,
+)
+@click.option("--lrn", help="The LRN of this deployer.", required=True)
+@click.option(
+    "--all-requests",
+    help="Handle requests addressed to anyone (by default only requests to"
+    "my payment address are examined).",
+    is_flag=True,
+)
 @click.pass_context
-def command(ctx, laconic_config, deployment_parent_dir,
-            request_id, discover, state_file, only_update_state,
-            delete_names, delete_volumes, dry_run, include_tags, exclude_tags):
+def command(  # noqa: C901
+    ctx,
+    laconic_config,
+    deployment_parent_dir,
+    request_id,
+    discover,
+    state_file,
+    only_update_state,
+    delete_names,
+    delete_volumes,
+    dry_run,
+    include_tags,
+    exclude_tags,
+    min_required_payment,
+    lrn,
+    all_requests,
+):
     if request_id and discover:
         print("Cannot specify both --request-id and --discover", file=sys.stderr)
         sys.exit(2)
@@ -129,34 +212,55 @@ def command(ctx, laconic_config, deployment_parent_dir,
     include_tags = [tag.strip() for tag in include_tags.split(",") if tag]
     exclude_tags = [tag.strip() for tag in exclude_tags.split(",") if tag]
 
-    laconic = LaconicRegistryClient(laconic_config)
+    laconic = LaconicRegistryClient(laconic_config, log_file=sys.stderr)
+    deployer_record = laconic.get_record(lrn, require=True)
+    payment_address = deployer_record.attributes.paymentAddress
+    main_logger.log(f"Payment address: {payment_address}")
+
+    if min_required_payment and not payment_address:
+        print(
+            f"Minimum payment required, but no payment address listed for deployer: {lrn}.",
+            file=sys.stderr,
+        )
+        sys.exit(2)
 
     # Find deployment removal requests.
     # single request
     if request_id:
+        main_logger.log(f"Retrieving request {request_id}...")
         requests = [laconic.get_record(request_id, require=True)]
         # TODO: assert record type
     # all requests
     elif discover:
+        main_logger.log("Discovering removal requests...")
+        if all_requests:
             requests = laconic.app_deployment_removal_requests()
+        else:
+            requests = laconic.app_deployment_removal_requests({"deployer": lrn})
 
     if only_update_state:
         if not dry_run:
             dump_known_requests(state_file, requests)
         return
 
+    previous_requests = {}
+    if state_file:
+        main_logger.log(f"Loading known requests from {state_file}...")
         previous_requests = load_known_requests(state_file)
+
     requests.sort(key=lambda r: r.createTime)
     requests.reverse()
 
     # Find deployments.
-    deployments = {}
-    for d in laconic.app_deployments(all=True):
-        deployments[d.id] = d
+    named_deployments = {}
+    main_logger.log("Discovering app deployments...")
+    for d in laconic.app_deployments(all=False):
+        named_deployments[d.id] = d
 
     # Find removal requests.
     removals_by_deployment = {}
     removals_by_request = {}
+    main_logger.log("Discovering deployment removals...")
     for r in laconic.app_deployment_removals():
         if r.attributes.deployment:
             # TODO: should we handle CRNs?
@@ -165,33 +269,69 @@ def command(ctx, laconic_config, deployment_parent_dir,
     one_per_deployment = {}
     for r in requests:
         if not r.attributes.deployment:
-            print(f"Skipping removal request {r.id} since it was a cancellation.")
+            main_logger.log(
+                f"Skipping removal request {r.id} since it was a cancellation."
+            )
         elif r.attributes.deployment in one_per_deployment:
-            print(f"Skipping removal request {r.id} since it was superseded.")
+            main_logger.log(f"Skipping removal request {r.id} since it was superseded.")
         else:
             one_per_deployment[r.attributes.deployment] = r
 
-    requests_to_execute = []
+    requests_to_check_for_payment = []
     for r in one_per_deployment.values():
-        if skip_by_tag(r, include_tags, exclude_tags):
-            print("Skipping removal request %s, filtered by tag (include %s, exclude %s, present %s)" % (r.id,
-                                                                                                         include_tags,
-                                                                                                         exclude_tags,
-                                                                                                         r.attributes.tags))
+        try:
+            if r.attributes.deployment not in named_deployments:
+                main_logger.log(
+                    f"Skipping removal request {r.id} for {r.attributes.deployment} because it does"
+                    f"not appear to refer to a live, named deployment."
+                )
+            elif skip_by_tag(r, include_tags, exclude_tags):
+                main_logger.log(
+                    "Skipping removal request %s, filtered by tag (include %s, exclude %s, present %s)"
+                    % (r.id, include_tags, exclude_tags, r.attributes.tags)
+                )
             elif r.id in removals_by_request:
-            print(f"Found satisfied request for {r.id} at {removals_by_request[r.id].id}")
+                main_logger.log(
+                    f"Found satisfied request for {r.id} at {removals_by_request[r.id].id}"
+                )
             elif r.attributes.deployment in removals_by_deployment:
-            print(
+                main_logger.log(
                     f"Found removal record for indicated deployment {r.attributes.deployment} at "
-                f"{removals_by_deployment[r.attributes.deployment].id}")
+                    f"{removals_by_deployment[r.attributes.deployment].id}"
+                )
             else:
                 if r.id not in previous_requests:
-                print(f"Request {r.id} needs to processed.")
+                    main_logger.log(f"Request {r.id} needs to processed.")
+                    requests_to_check_for_payment.append(r)
+                else:
+                    main_logger.log(
+                        f"Skipping unsatisfied request {r.id} because we have seen it before."
+                    )
+        except Exception as e:
+            main_logger.log(f"ERROR examining {r.id}: {e}")
+
+    requests_to_execute = []
+    if min_required_payment:
+        for r in requests_to_check_for_payment:
+            main_logger.log(f"{r.id}: Confirming payment...")
+            if confirm_payment(
+                laconic,
+                r,
+                payment_address,
+                min_required_payment,
+                main_logger,
+            ):
+                main_logger.log(f"{r.id}: Payment confirmed.")
                 requests_to_execute.append(r)
             else:
-                print(f"Skipping unsatisfied request {r.id} because we have seen it before.")
+                main_logger.log(f"Skipping request {r.id}: unable to verify payment.")
+                dump_known_requests(state_file, [r])
+    else:
+        requests_to_execute = requests_to_check_for_payment
 
-    print("Found %d unsatisfied request(s) to process." % len(requests_to_execute))
+    main_logger.log(
+        "Found %d unsatisfied request(s) to process." % len(requests_to_execute)
+    )
 
     if not dry_run:
         for r in requests_to_execute:
@@ -202,7 +342,10 @@ def command(ctx, laconic_config, deployment_parent_dir,
                     r,
                     os.path.abspath(deployment_parent_dir),
                     delete_volumes,
-                    delete_names
+                    delete_names,
+                    deployer_record,
                 )
+            except Exception as e:
+                main_logger.log(f"ERROR processing removal request {r.id}: {e}")
             finally:
                 dump_known_requests(state_file, [r])

stack_orchestrator/deploy/webapp/util.py

@@ -1,4 +1,4 @@
-# Copyright © 2023 Vulcanize
+# = str(min_required_payment) Copyright © 2023 Vulcanize
 
 # This program is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Affero General Public License as published by
@@ -22,7 +22,6 @@ import subprocess
 import sys
 import tempfile
 import uuid
-
 import yaml
 
 
@@ -83,6 +82,84 @@ def match_owner(recordA, *records):
     return None
 
 
+def is_lrn(name_or_id: str):
+    if name_or_id:
+        return str(name_or_id).startswith("lrn://")
+    return False
+
+
+def is_id(name_or_id: str):
+    return not is_lrn(name_or_id)
+
+
+def confirm_payment(laconic, record, payment_address, min_amount, logger):
+    req_owner = laconic.get_owner(record)
+    if req_owner == payment_address:
+        # No need to confirm payment if the sender and recipient are the same account.
+        return True
+
+    if not record.attributes.payment:
+        logger.log(f"{record.id}: no payment tx info")
+        return False
+
+    tx = laconic.get_tx(record.attributes.payment)
+    if not tx:
+        logger.log(f"{record.id}: cannot locate payment tx")
+        return False
+
+    if tx.code != 0:
+        logger.log(
+            f"{record.id}: payment tx {tx.hash} was not successful - code: {tx.code}, log: {tx.log}"
+        )
+        return False
+
+    if tx.sender != req_owner:
+        logger.log(
+            f"{record.id}: payment sender {tx.sender} in tx {tx.hash} does not match deployment "
+            f"request owner {req_owner}"
+        )
+        return False
+
+    if tx.recipient != payment_address:
+        logger.log(
+            f"{record.id}: payment recipient {tx.recipient} in tx {tx.hash} does not match {payment_address}"
+        )
+        return False
+
+    pay_denom = "".join([i for i in tx.amount if not i.isdigit()])
+    if pay_denom != "alnt":
+        logger.log(
+            f"{record.id}: {pay_denom} in tx {tx.hash} is not an expected payment denomination"
+        )
+        return False
+
+    pay_amount = int("".join([i for i in tx.amount if i.isdigit()]))
+    if pay_amount < min_amount:
+        logger.log(
+            f"{record.id}: payment amount {tx.amount} is less than minimum {min_amount}"
+        )
+        return False
+
+    # Check if the payment was already used on a
+    used = laconic.app_deployments(
+        {"deployer": payment_address, "payment": tx.hash}, all=True
+    )
+    if len(used):
+        logger.log(f"{record.id}: payment {tx.hash} already used on deployment {used}")
+        return False
+
+    used = laconic.app_deployment_removals(
+        {"deployer": payment_address, "payment": tx.hash}, all=True
+    )
+    if len(used):
+        logger.log(
+            f"{record.id}: payment {tx.hash} already used on deployment removal {used}"
+        )
+        return False
+
+    return True
+
+
 class LaconicRegistryClient:
     def __init__(self, config_file, log_file=None):
         self.config_file = config_file
@@ -90,10 +167,94 @@ class LaconicRegistryClient:
         self.cache = AttrDict(
             {
                 "name_or_id": {},
+                "accounts": {},
+                "txs": {},
             }
         )
 
-    def list_records(self, criteria={}, all=False):
+    def whoami(self, refresh=False):
+        if not refresh and "whoami" in self.cache:
+            return self.cache["whoami"]
+
+        args = ["laconic", "-c", self.config_file, "registry", "account", "get"]
+        results = [
+            AttrDict(r) for r in json.loads(logged_cmd(self.log_file, *args)) if r
+        ]
+
+        if len(results):
+            self.cache["whoami"] = results[0]
+            return results[0]
+
+        return None
+
+    def get_owner(self, record, require=False):
+        bond = self.get_bond(record.bondId, require)
+        if bond:
+            return bond.owner
+
+        return bond
+
+    def get_account(self, address, refresh=False, require=False):
+        if not refresh and address in self.cache["accounts"]:
+            return self.cache["accounts"][address]
+
+        args = [
+            "laconic",
+            "-c",
+            self.config_file,
+            "registry",
+            "account",
+            "get",
+            "--address",
+            address,
+        ]
+        results = [
+            AttrDict(r) for r in json.loads(logged_cmd(self.log_file, *args)) if r
+        ]
+        if len(results):
+            self.cache["accounts"][address] = results[0]
+            return results[0]
+
+        if require:
+            raise Exception("Cannot locate account:", address)
+        return None
+
+    def get_bond(self, id, require=False):
+        if id in self.cache.name_or_id:
+            return self.cache.name_or_id[id]
+
+        args = [
+            "laconic",
+            "-c",
+            self.config_file,
+            "registry",
+            "bond",
+            "get",
+            "--id",
+            id,
+        ]
+        results = [
+            AttrDict(r) for r in json.loads(logged_cmd(self.log_file, *args)) if r
+        ]
+        self._add_to_cache(results)
+        if len(results):
+            return results[0]
+
+        if require:
+            raise Exception("Cannot locate bond:", id)
+        return None
+
+    def list_bonds(self):
+        args = ["laconic", "-c", self.config_file, "registry", "bond", "list"]
+        results = [
+            AttrDict(r) for r in json.loads(logged_cmd(self.log_file, *args)) if r
+        ]
+        self._add_to_cache(results)
+        return results
+
+    def list_records(self, criteria=None, all=False):
+        if criteria is None:
+            criteria = {}
         args = ["laconic", "-c", self.config_file, "registry", "record", "list"]
 
         if all:
@@ -104,22 +265,17 @@ class LaconicRegistryClient:
                 args.append("--%s" % k)
                 args.append(str(v))
 
-        results = [AttrDict(r) for r in json.loads(logged_cmd(self.log_file, *args))]
+        results = [
+            AttrDict(r) for r in json.loads(logged_cmd(self.log_file, *args)) if r
+        ]
 
         # Most recent records first
         results.sort(key=lambda r: r.createTime)
         results.reverse()
+        self._add_to_cache(results)
 
         return results
 
-    def is_lrn(self, name_or_id: str):
-        if name_or_id:
-            return str(name_or_id).startswith("lrn://")
-        return False
-
-    def is_id(self, name_or_id: str):
-        return not self.is_lrn(name_or_id)
-
     def _add_to_cache(self, records):
         if not records:
             return
@@ -129,6 +285,7 @@ class LaconicRegistryClient:
             if p.names:
                 for lrn in p.names:
                     self.cache["name_or_id"][lrn] = p
+            if p.attributes and p.attributes.type:
                 if p.attributes.type not in self.cache:
                     self.cache[p.attributes.type] = []
                 self.cache[p.attributes.type].append(p)
@@ -142,7 +299,9 @@ class LaconicRegistryClient:
 
         args = ["laconic", "-c", self.config_file, "registry", "name", "resolve", name]
 
-        parsed = [AttrDict(r) for r in json.loads(logged_cmd(self.log_file, *args))]
+        parsed = [
+            AttrDict(r) for r in json.loads(logged_cmd(self.log_file, *args)) if r
+        ]
         if parsed:
             self._add_to_cache(parsed)
             return parsed[0]
@@ -158,7 +317,7 @@ class LaconicRegistryClient:
         if name_or_id in self.cache.name_or_id:
             return self.cache.name_or_id[name_or_id]
 
-        if self.is_lrn(name_or_id):
+        if is_lrn(name_or_id):
             return self.resolve(name_or_id)
 
         args = [
@@ -172,7 +331,9 @@ class LaconicRegistryClient:
             name_or_id,
         ]
 
-        parsed = [AttrDict(r) for r in json.loads(logged_cmd(self.log_file, *args))]
+        parsed = [
+            AttrDict(r) for r in json.loads(logged_cmd(self.log_file, *args)) if r
+        ]
         if len(parsed):
             self._add_to_cache(parsed)
             return parsed[0]
@@ -181,37 +342,84 @@ class LaconicRegistryClient:
             raise Exception("Cannot locate record:", name_or_id)
         return None
 
-    def app_deployment_requests(self, all=True):
-        return self.list_records({"type": "ApplicationDeploymentRequest"}, all)
+    def get_tx(self, txHash, require=False):
+        if txHash in self.cache["txs"]:
+            return self.cache["txs"][txHash]
 
-    def app_deployments(self, all=True):
-        return self.list_records({"type": "ApplicationDeploymentRecord"}, all)
+        args = [
+            "laconic",
+            "-c",
+            self.config_file,
+            "registry",
+            "tokens",
+            "gettx",
+            "--hash",
+            txHash,
+        ]
 
-    def app_deployment_removal_requests(self, all=True):
-        return self.list_records({"type": "ApplicationDeploymentRemovalRequest"}, all)
+        parsed = None
+        try:
+            parsed = AttrDict(json.loads(logged_cmd(self.log_file, *args)))
+        except:  # noqa: E722
+            pass
 
-    def app_deployment_removals(self, all=True):
-        return self.list_records({"type": "ApplicationDeploymentRemovalRecord"}, all)
+        if parsed:
+            self.cache["txs"][txHash] = parsed
+            return parsed
 
-    def publish(self, record, names=[]):
+        if require:
+            raise Exception("Cannot locate tx:", hash)
+
+    def app_deployment_requests(self, criteria=None, all=True):
+        if criteria is None:
+            criteria = {}
+        criteria = criteria.copy()
+        criteria["type"] = "ApplicationDeploymentRequest"
+        return self.list_records(criteria, all)
+
+    def app_deployments(self, criteria=None, all=True):
+        if criteria is None:
+            criteria = {}
+        criteria = criteria.copy()
+        criteria["type"] = "ApplicationDeploymentRecord"
+        return self.list_records(criteria, all)
+
+    def app_deployment_removal_requests(self, criteria=None, all=True):
+        if criteria is None:
+            criteria = {}
+        criteria = criteria.copy()
+        criteria["type"] = "ApplicationDeploymentRemovalRequest"
+        return self.list_records(criteria, all)
+
+    def app_deployment_removals(self, criteria=None, all=True):
+        if criteria is None:
+            criteria = {}
+        criteria = criteria.copy()
+        criteria["type"] = "ApplicationDeploymentRemovalRecord"
+        return self.list_records(criteria, all)
+
+    def publish(self, record, names=None):
+        if names is None:
+            names = []
         tmpdir = tempfile.mkdtemp()
         try:
             record_fname = os.path.join(tmpdir, "record.yml")
-            record_file = open(record_fname, 'w')
+            record_file = open(record_fname, "w")
             yaml.dump(record, record_file)
             record_file.close()
-            print(open(record_fname, 'r').read(), file=self.log_file)
+            print(open(record_fname, "r").read(), file=self.log_file)
 
             new_record_id = json.loads(
                 logged_cmd(
                     self.log_file,
-                    "laconic", "-c",
+                    "laconic",
+                    "-c",
                     self.config_file,
                     "registry",
                     "record",
                     "publish",
                     "--filename",
-                    record_fname
+                    record_fname,
                 )
             )["id"]
             for name in names:
@@ -221,10 +429,47 @@ class LaconicRegistryClient:
             logged_cmd(self.log_file, "rm", "-rf", tmpdir)
 
     def set_name(self, name, record_id):
-        logged_cmd(self.log_file, "laconic", "-c", self.config_file, "registry", "name", "set", name, record_id)
+        logged_cmd(
+            self.log_file,
+            "laconic",
+            "-c",
+            self.config_file,
+            "registry",
+            "name",
+            "set",
+            name,
+            record_id,
+        )
 
     def delete_name(self, name):
-        logged_cmd(self.log_file, "laconic", "-c", self.config_file, "registry", "name", "delete", name)
+        logged_cmd(
+            self.log_file,
+            "laconic",
+            "-c",
+            self.config_file,
+            "registry",
+            "name",
+            "delete",
+            name,
+        )
+
+    def send_tokens(self, address, amount, type="alnt"):
+        args = [
+            "laconic",
+            "-c",
+            self.config_file,
+            "registry",
+            "tokens",
+            "send",
+            "--address",
+            address,
+            "--quantity",
+            str(amount),
+            "--type",
+            type,
+        ]
+
+        return AttrDict(json.loads(logged_cmd(self.log_file, *args)))
 
 
 def file_hash(filename):
@@ -248,7 +493,9 @@ def determine_base_container(clone_dir, app_type="webapp"):
     return base_container
 
 
-def build_container_image(app_record, tag, extra_build_args=[], logger=None):
+def build_container_image(app_record, tag, extra_build_args=None, logger=None):
+    if extra_build_args is None:
+        extra_build_args = []
     tmpdir = tempfile.mkdtemp()
 
     # TODO: determine if this code could be calling into the Python git library like setup-repositories
@@ -265,9 +512,15 @@ def build_container_image(app_record, tag, extra_build_args=[], logger=None):
         if github_token:
             logger.log("Github token detected, setting it in the git environment")
             git_config_args = [
-                "git", "config", "--global", f"url.https://{github_token}:@github.com/.insteadOf", "https://github.com/"
+                "git",
+                "config",
+                "--global",
+                f"url.https://{github_token}:@github.com/.insteadOf",
+                "https://github.com/",
             ]
-            result = subprocess.run(git_config_args, stdout=logger.file, stderr=logger.file)
+            result = subprocess.run(
+                git_config_args, stdout=logger.file, stderr=logger.file
+            )
             result.check_returncode()
         if ref:
             # TODO: Determing branch or hash, and use depth 1 if we can.
@@ -275,30 +528,50 @@ def build_container_image(app_record, tag, extra_build_args=[], logger=None):
             # Never prompt
             git_env["GIT_TERMINAL_PROMPT"] = "0"
             try:
-                subprocess.check_call(["git", "clone", repo, clone_dir], env=git_env, stdout=logger.file, stderr=logger.file)
+                subprocess.check_call(
+                    ["git", "clone", repo, clone_dir],
+                    env=git_env,
+                    stdout=logger.file,
+                    stderr=logger.file,
+                )
             except Exception as e:
                 logger.log(f"git clone failed.  Is the repository {repo} private?")
                 raise e
             try:
-                subprocess.check_call(["git", "checkout", ref], cwd=clone_dir, env=git_env, stdout=logger.file, stderr=logger.file)
+                subprocess.check_call(
+                    ["git", "checkout", ref],
+                    cwd=clone_dir,
+                    env=git_env,
+                    stdout=logger.file,
+                    stderr=logger.file,
+                )
             except Exception as e:
                 logger.log(f"git checkout failed.  Does ref {ref} exist?")
                 raise e
         else:
             # TODO: why is this code different vs the branch above (run vs check_call, and no prompt disable)?
-            result = subprocess.run(["git", "clone", "--depth", "1", repo, clone_dir], stdout=logger.file, stderr=logger.file)
+            result = subprocess.run(
+                ["git", "clone", "--depth", "1", repo, clone_dir],
+                stdout=logger.file,
+                stderr=logger.file,
+            )
             result.check_returncode()
 
-        base_container = determine_base_container(clone_dir, app_record.attributes.app_type)
+        base_container = determine_base_container(
+            clone_dir, app_record.attributes.app_type
+        )
 
         logger.log("Building webapp ...")
         build_command = [
             sys.argv[0],
             "--verbose",
             "build-webapp",
-            "--source-repo", clone_dir,
-            "--tag", tag,
-            "--base-container", base_container
+            "--source-repo",
+            clone_dir,
+            "--tag",
+            tag,
+            "--base-container",
+            base_container,
         ]
         if extra_build_args:
             build_command.append("--extra-build-args")
@@ -312,27 +585,41 @@ def build_container_image(app_record, tag, extra_build_args=[], logger=None):
 
 def push_container_image(deployment_dir, logger):
     logger.log("Pushing images ...")
-    result = subprocess.run([sys.argv[0], "deployment", "--dir", deployment_dir, "push-images"],
-                            stdout=logger.file, stderr=logger.file)
+    result = subprocess.run(
+        [sys.argv[0], "deployment", "--dir", deployment_dir, "push-images"],
+        stdout=logger.file,
+        stderr=logger.file,
+    )
     result.check_returncode()
     logger.log("Finished pushing images.")
 
 
-def deploy_to_k8s(deploy_record, deployment_dir, logger):
-    if not deploy_record:
-        command = "start"
-    else:
-        command = "update"
-
+def deploy_to_k8s(deploy_record, deployment_dir, recreate, logger):
     logger.log("Deploying to k8s ...")
+
+    if recreate:
+        commands_to_run = ["stop", "start"]
+    else:
+        if not deploy_record:
+            commands_to_run = ["start"]
+        else:
+            commands_to_run = ["update"]
+
+    for command in commands_to_run:
         logger.log(f"Running {command} command on deployment dir: {deployment_dir}")
-    result = subprocess.run([sys.argv[0], "deployment", "--dir", deployment_dir, command],
-                            stdout=logger.file, stderr=logger.file)
+        result = subprocess.run(
+            [sys.argv[0], "deployment", "--dir", deployment_dir, command],
+            stdout=logger.file,
+            stderr=logger.file,
+        )
         result.check_returncode()
+        logger.log(f"Finished {command} command on deployment dir: {deployment_dir}")
+
     logger.log("Finished deploying to k8s.")
 
 
-def publish_deployment(laconic: LaconicRegistryClient,
+def publish_deployment(
+    laconic: LaconicRegistryClient,
     app_record,
     deploy_record,
     deployment_lrn,
@@ -340,11 +627,15 @@ def publish_deployment(laconic: LaconicRegistryClient,
     dns_lrn,
     deployment_dir,
     app_deployment_request=None,
-                       logger=None):
+    webapp_deployer_record=None,
+    logger=None,
+):
     if not deploy_record:
         deploy_ver = "0.0.1"
     else:
-        deploy_ver = "0.0.%d" % (int(deploy_record.attributes.version.split(".")[-1]) + 1)
+        deploy_ver = "0.0.%d" % (
+            int(deploy_record.attributes.version.split(".")[-1]) + 1
+        )
 
     if not dns_record:
         dns_ver = "0.0.1"
@@ -362,9 +653,7 @@ def publish_deployment(laconic: LaconicRegistryClient,
             "version": dns_ver,
             "name": fqdn,
             "resource_type": "A",
-            "meta": {
-                "so": uniq.hex
-            },
+            "meta": {"so": uniq.hex},
         }
     }
     if app_deployment_request:
@@ -384,12 +673,19 @@ def publish_deployment(laconic: LaconicRegistryClient,
             "dns": dns_id,
             "meta": {
                 "config": file_hash(os.path.join(deployment_dir, "config.env")),
-                "so": uniq.hex
+                "so": uniq.hex,
             },
         }
     }
     if app_deployment_request:
         new_deployment_record["record"]["request"] = app_deployment_request.id
+        if app_deployment_request.attributes.payment:
+            new_deployment_record["record"][
+                "payment"
+            ] = app_deployment_request.attributes.payment
+
+    if webapp_deployer_record:
+        new_deployment_record["record"]["deployer"] = webapp_deployer_record.names[0]
 
     if logger:
         logger.log("Publishing ApplicationDeploymentRecord.")
@@ -400,7 +696,9 @@ def publish_deployment(laconic: LaconicRegistryClient,
 def hostname_for_deployment_request(app_deployment_request, laconic):
     dns_name = app_deployment_request.attributes.dns
     if not dns_name:
-        app = laconic.get_record(app_deployment_request.attributes.application, require=True)
+        app = laconic.get_record(
+            app_deployment_request.attributes.application, require=True
+        )
         dns_name = generate_hostname_for_app(app)
     elif dns_name.startswith("lrn://"):
         record = laconic.get_record(dns_name, require=True)

stack_orchestrator/main.py

@@ -24,7 +24,9 @@ from stack_orchestrator.build import build_webapp
 from stack_orchestrator.deploy.webapp import (run_webapp,
                                               deploy_webapp,
                                               deploy_webapp_from_registry,
-                                              undeploy_webapp_from_registry)
+                                              undeploy_webapp_from_registry,
+                                              publish_webapp_deployer,
+                                              request_webapp_deployment)
 from stack_orchestrator.deploy import deploy
 from stack_orchestrator import version
 from stack_orchestrator.deploy import deployment
@@ -61,6 +63,8 @@ cli.add_command(run_webapp.command, "run-webapp")
 cli.add_command(deploy_webapp.command, "deploy-webapp")
 cli.add_command(deploy_webapp_from_registry.command, "deploy-webapp-from-registry")
 cli.add_command(undeploy_webapp_from_registry.command, "undeploy-webapp-from-registry")
+cli.add_command(publish_webapp_deployer.command, "publish-deployer-to-registry")
+cli.add_command(request_webapp_deployment.command, "request-webapp-deployment")
 cli.add_command(deploy.command, "deploy")  # deploy is an alias for deploy-system
 cli.add_command(deploy.command, "deploy-system")
 cli.add_command(deployment.command, "deployment")

tests/k8s-deployment-control/run-test.sh

@@ -0,0 +1,222 @@
+#!/usr/bin/env bash
+set -e
+if [ -n "$CERC_SCRIPT_DEBUG" ]; then
+    set -x
+    # Dump environment variables for debugging
+    echo "Environment variables:"
+    env
+fi
+
+if [ "$1" == "from-path" ]; then
+    TEST_TARGET_SO="laconic-so"
+else
+    TEST_TARGET_SO=$( ls -t1 ./package/laconic-so* | head -1 )
+fi
+
+# Helper functions: TODO move into a separate file
+wait_for_pods_started () {
+    for i in {1..50}
+    do
+        local ps_output=$( $TEST_TARGET_SO deployment --dir $test_deployment_dir ps )
+
+        if [[ "$ps_output" == *"Running containers:"* ]]; then
+            # if ready, return
+            return
+        else
+            # if not ready, wait
+            sleep 5
+        fi
+    done
+    # Timed out, error exit
+    echo "waiting for pods to start: FAILED"
+    delete_cluster_exit
+}
+
+wait_for_log_output () {
+    for i in {1..50}
+    do
+
+        local log_output=$( $TEST_TARGET_SO deployment --dir $test_deployment_dir logs )
+
+        if [[ ! -z "$log_output" ]]; then
+            # if ready, return
+            return
+        else
+            # if not ready, wait
+            sleep 5
+        fi
+    done
+    # Timed out, error exit
+    echo "waiting for pods log content: FAILED"
+    delete_cluster_exit
+}
+
+delete_cluster_exit () {
+    $TEST_TARGET_SO deployment --dir $test_deployment_dir stop --delete-volumes
+    exit 1
+}
+
+# Set a non-default repo dir
+export CERC_REPO_BASE_DIR=~/stack-orchestrator-test/repo-base-dir
+echo "Testing this package: $TEST_TARGET_SO"
+echo "Test version command"
+reported_version_string=$( $TEST_TARGET_SO version )
+echo "Version reported is: ${reported_version_string}"
+echo "Cloning repositories into: $CERC_REPO_BASE_DIR"
+rm -rf $CERC_REPO_BASE_DIR
+mkdir -p $CERC_REPO_BASE_DIR
+$TEST_TARGET_SO --stack test setup-repositories
+$TEST_TARGET_SO --stack test build-containers
+# Test basic stack-orchestrator deploy to k8s
+test_deployment_dir=$CERC_REPO_BASE_DIR/test-deployment-dir
+test_deployment_spec=$CERC_REPO_BASE_DIR/test-deployment-spec.yml
+
+# Create a deployment that we can use to check our test cases
+$TEST_TARGET_SO --stack test deploy --deploy-to k8s-kind init --output $test_deployment_spec
+# Check the file now exists
+if [ ! -f "$test_deployment_spec" ]; then
+    echo "deploy init test: spec file not present"
+    echo "deploy init test: FAILED"
+    exit 1
+fi
+echo "deploy init test: passed"
+
+$TEST_TARGET_SO --stack test deploy create --spec-file $test_deployment_spec --deployment-dir $test_deployment_dir
+# Check the deployment dir exists
+if [ ! -d "$test_deployment_dir" ]; then
+    echo "deploy create test: deployment directory not present"
+    echo "deploy create test: FAILED"
+    exit 1
+fi
+echo "deploy create test: passed"
+# Check the file writted by the create command in the stack now exists
+if [ ! -f "$test_deployment_dir/create-file" ]; then
+    echo "deploy create test: create output file not present"
+    echo "deploy create test: FAILED"
+    exit 1
+fi
+echo "deploy create output file test: passed"
+
+# At this point the deployment's kind-config.yml will look like this:
+# kind: Cluster
+# apiVersion: kind.x-k8s.io/v1alpha4
+# nodes:
+# - role: control-plane
+#   kubeadmConfigPatches:
+#     - |
+#       kind: InitConfiguration
+#       nodeRegistration:
+#         kubeletExtraArgs:
+#           node-labels: "ingress-ready=true"
+#   extraPortMappings:
+#   - containerPort: 80
+#    hostPort: 80
+
+# We need to change it to this:
+# Note we also turn up the log level on the scheduler in order to diagnose placement errors
+# See logs like: kubectl -n kube-system logs kube-scheduler-laconic-f185cd245d8dba98-control-plane
+kind_config_file=${test_deployment_dir}/kind-config.yml
+cat << EOF > ${kind_config_file} 
+kind: Cluster
+apiVersion: kind.x-k8s.io/v1alpha4
+kubeadmConfigPatches:
+- |
+  kind: ClusterConfiguration
+  scheduler:
+    extraArgs:
+      v: "3"
+nodes:
+- role: control-plane
+  kubeadmConfigPatches:
+    - |
+      kind: InitConfiguration
+      nodeRegistration:
+        kubeletExtraArgs:
+          node-labels: "ingress-ready=true"
+  extraPortMappings:
+  - containerPort: 80
+    hostPort: 80
+- role: worker
+  labels:
+    nodetype: a
+- role: worker
+  labels:
+    nodetype: b
+- role: worker
+  labels:
+    nodetype: c
+  kubeadmConfigPatches:
+  - |
+    kind: JoinConfiguration
+    nodeRegistration:
+      taints:
+        - key: "nodeavoid"
+          value: "c"
+          effect: "NoSchedule"
+EOF
+
+# At this point we should have 4 nodes, three labeled like this:
+# $ kubectl get nodes --show-labels=true
+# NAME                                     STATUS   ROLES           AGE     VERSION   LABELS
+# laconic-3af549a3ba0e3a3c-control-plane   Ready    control-plane   2m37s   v1.30.0   ...,ingress-ready=true
+# laconic-3af549a3ba0e3a3c-worker          Ready    <none>          2m18s   v1.30.0   ...,nodetype=a
+# laconic-3af549a3ba0e3a3c-worker2         Ready    <none>          2m18s   v1.30.0   ...,nodetype=b
+# laconic-3af549a3ba0e3a3c-worker3         Ready    <none>          2m18s   v1.30.0   ...,nodetype=c
+
+# And with taints like this:
+# $ kubectl get nodes -o custom-columns=NAME:.metadata.name,TAINTS:.spec.taints --no-headers
+# laconic-3af549a3ba0e3a3c-control-plane   [map[effect:NoSchedule key:node-role.kubernetes.io/control-plane]]
+# laconic-3af549a3ba0e3a3c-worker          <none>
+# laconic-3af549a3ba0e3a3c-worker2         <none>
+# laconic-3af549a3ba0e3a3c-worker3         [map[effect:NoSchedule key:nodeavoid value:c]]
+
+# We can now modify the deployment spec file to require a set of affinity and/or taint combinations
+# then bring up the deployment and check that the pod is scheduled to an expected node.
+
+# Add a requirement to schedule on a node labeled nodetype=c and
+# a toleration such that no other pods schedule on that node
+deployment_spec_file=${test_deployment_dir}/spec.yml
+cat << EOF >> ${deployment_spec_file}
+node-affinities:
+  - label: nodetype
+    value: c
+node-tolerations:
+  - key: nodeavoid
+    value: c
+EOF
+
+# Get the deployment ID so we can generate low level kubectl commands later
+deployment_id=$(cat ${test_deployment_dir}/deployment.yml | cut -d ' ' -f 2)
+
+# Try to start the deployment
+$TEST_TARGET_SO deployment --dir $test_deployment_dir start
+wait_for_pods_started
+# Check logs command works
+wait_for_log_output
+sleep 1
+log_output_1=$( $TEST_TARGET_SO deployment --dir $test_deployment_dir logs )
+if [[ "$log_output_1" == *"filesystem is fresh"* ]]; then
+    echo "deployment of pod test: passed"
+else
+    echo "deployment pod test: FAILED"
+    echo $log_output_1
+    delete_cluster_exit
+fi
+
+# The deployment's pod should be scheduled onto node: worker3
+# Check that's what happened
+# Get get the node onto which the stack pod has been deployed
+deployment_node=$(kubectl get pods -l app=${deployment_id} -o=jsonpath='{.items..spec.nodeName}')
+expected_node=${deployment_id}-worker3
+echo "Stack pod deployed to node: ${deployment_node}"
+if [[ ${deployment_node} == ${expected_node} ]]; then
+    echo "deployment of pod test: passed"
+else
+    echo "deployment pod test: FAILED"
+    echo "Stack pod deployed to node: ${deployment_node}, expected node: ${expected_node}"
+    delete_cluster_exit
+fi
+
+# Stop and clean up
+$TEST_TARGET_SO deployment --dir $test_deployment_dir stop --delete-volumes
+echo "Test passed"