Merge pull request 'multi-port-service' (#980) from multi-port-service into main

Reviewed-on: cerc-io/stack-orchestrator#980

.gitea/workflows/fixturenet-eth-test.yml

@@ -1,48 +0,0 @@
-name: Fixturenet-Eth-Test
-
-on:
-  push:
-    branches: '*'
-    paths:
-      - '!**'
-      - '.gitea/workflows/triggers/fixturenet-eth-test'
-
-# Needed until we can incorporate docker startup into the executor container
-env:
-  DOCKER_HOST: unix:///var/run/dind.sock
-
-
-jobs:
-  test:
-    name: "Run an Ethereum fixturenet test"
-    runs-on: ubuntu-latest
-    steps:
-      - name: "Clone project repository"
-        uses: actions/checkout@v3
-      # At present the stock setup-python action fails on Linux/aarch64
-      # Conditional steps below workaroud this by using deadsnakes for that case only
-      - name: "Install Python for ARM on Linux"
-        if: ${{ runner.arch == 'arm64' && runner.os == 'Linux' }}
-        uses: deadsnakes/action@v3.0.1
-        with:
-          python-version: '3.8'
-      - name: "Install Python cases other than ARM on Linux"
-        if: ${{ ! (runner.arch == 'arm64' && runner.os == 'Linux') }}
-        uses: actions/setup-python@v4
-        with:
-          python-version: '3.8'
-      - name: "Print Python version"
-        run: python3 --version
-      - name: "Install shiv"
-        run: pip install shiv
-      - name: "Generate build version file"
-        run: ./scripts/create_build_tag_file.sh
-      - name: "Build local shiv package"
-        run: ./scripts/build_shiv_package.sh
-      - name: Start dockerd # Also needed until we can incorporate into the executor
-        run: |
-          dockerd -H $DOCKER_HOST --userland-proxy=false &
-          sleep 5
-      - name: "Run fixturenet-eth tests"
-        run: ./tests/fixturenet-eth/run-test.sh
-

.gitea/workflows/fixturenet-laconicd-test.yml

@@ -11,7 +11,7 @@ on:
 
 jobs:
   test:
-    name: "Run an Laconicd fixturenet test"
+    name: "Run Laconicd fixturenet and Laconic CLI tests"
     runs-on: ubuntu-latest
     steps:
       - name: 'Update'
@@ -39,10 +39,28 @@ jobs:
       - name: "Print Python version"
         run: python3 --version
       - name: "Install shiv"
-        run: pip install shiv
+        run: pip install shiv==1.0.6
       - name: "Generate build version file"
         run: ./scripts/create_build_tag_file.sh
       - name: "Build local shiv package"
         run: ./scripts/build_shiv_package.sh
       - name: "Run fixturenet-laconicd tests"
         run: ./tests/fixturenet-laconicd/run-test.sh
+      - name: "Run laconic CLI tests"
+        run: ./tests/fixturenet-laconicd/run-cli-test.sh
+      - name: Notify Vulcanize Slack on CI failure
+        if: ${{ always() && github.ref_name == 'main' }}
+        uses: ravsamhq/notify-slack-action@v2
+        with:
+          status: ${{ job.status }}
+          notify_when: 'failure'
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.VULCANIZE_SLACK_CI_ALERTS }}
+      - name: Notify DeepStack Slack on CI failure
+        if: ${{ always() && github.ref_name == 'main' }}
+        uses: ravsamhq/notify-slack-action@v2
+        with:
+          status: ${{ job.status }}
+          notify_when: 'failure'
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.DEEPSTACK_SLACK_CI_ALERTS }}

.gitea/workflows/lint.yml

@@ -19,3 +19,19 @@ jobs:
           python-version: '3.8'
       - name : "Run flake8"
         uses: py-actions/flake8@v2
+      - name: Notify Vulcanize Slack on CI failure
+        if: ${{ always() && github.ref_name == 'main' }}
+        uses: ravsamhq/notify-slack-action@v2
+        with:
+          status: ${{ job.status }}
+          notify_when: 'failure'
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.VULCANIZE_SLACK_CI_ALERTS }}
+      - name: Notify DeepStack Slack on CI failure
+        if: ${{ always() && github.ref_name == 'main' }}
+        uses: ravsamhq/notify-slack-action@v2
+        with:
+          status: ${{ job.status }}
+          notify_when: 'failure'
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.DEEPSTACK_SLACK_CI_ALERTS }}

.gitea/workflows/publish.yml

@@ -35,7 +35,7 @@ jobs:
       - name: "Print Python version"
         run: python3 --version
       - name: "Install shiv"
-        run: pip install shiv
+        run: pip install shiv==1.0.6
       - name: "Build local shiv package"
         id: build
         run: |
@@ -54,3 +54,19 @@ jobs:
           # Hack using endsWith to workaround Gitea sometimes sending "publish-test" vs "refs/heads/publish-test"
           draft: ${{ endsWith('publish-test', github.ref ) }}
           files: ./laconic-so
+      - name: Notify Vulcanize Slack on CI failure
+        if: ${{ always() && github.ref_name == 'main' }}
+        uses: ravsamhq/notify-slack-action@v2
+        with:
+          status: ${{ job.status }}
+          notify_when: 'failure'
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.VULCANIZE_SLACK_CI_ALERTS }}
+      - name: Notify DeepStack Slack on CI failure
+        if: ${{ always() && github.ref_name == 'main' }}
+        uses: ravsamhq/notify-slack-action@v2
+        with:
+          status: ${{ job.status }}
+          notify_when: 'failure'
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.DEEPSTACK_SLACK_CI_ALERTS }}

.gitea/workflows/test-container-registry.yml

@@ -0,0 +1,69 @@
+name: Container Registry Test
+
+on:
+  push:
+    branches: '*'
+    paths:
+      - '!**'
+      - '.gitea/workflows/triggers/test-container-registry'
+      - '.gitea/workflows/test-container-registry.yml'
+      - 'tests/container-registry/run-test.sh'
+  schedule: # Note: coordinate with other tests to not overload runners at the same time of day
+    - cron: '6 19 * * *'
+
+jobs:
+  test:
+    name: "Run contaier registry hosting test on kind/k8s"
+    runs-on: ubuntu-22.04
+    steps:
+      - name: "Clone project repository"
+        uses: actions/checkout@v3
+      # At present the stock setup-python action fails on Linux/aarch64
+      # Conditional steps below workaroud this by using deadsnakes for that case only
+      - name: "Install Python for ARM on Linux"
+        if: ${{ runner.arch == 'arm64' && runner.os == 'Linux' }}
+        uses: deadsnakes/action@v3.0.1
+        with:
+          python-version: '3.8'
+      - name: "Install Python cases other than ARM on Linux"
+        if: ${{ ! (runner.arch == 'arm64' && runner.os == 'Linux') }}
+        uses: actions/setup-python@v4
+        with:
+          python-version: '3.8'
+      - name: "Print Python version"
+        run: python3 --version
+      - name: "Install shiv"
+        run: pip install shiv==1.0.6
+      - name: "Generate build version file"
+        run: ./scripts/create_build_tag_file.sh
+      - name: "Build local shiv package"
+        run: ./scripts/build_shiv_package.sh
+      - name: "Check cgroups version"
+        run: mount | grep cgroup
+      - name: "Install kind"
+        run: ./tests/scripts/install-kind.sh
+      - name: "Install Kubectl"
+        run: ./tests/scripts/install-kubectl.sh
+      - name: "Install ed" # Only needed until we remove the need to edit the spec file
+        run: apt update && apt install -y ed
+      - name: "Run container registry deployment test"
+        run: |
+          source /opt/bash-utils/cgroup-helper.sh
+          join_cgroup
+          ./tests/container-registry/run-test.sh
+      - name: Notify Vulcanize Slack on CI failure
+        if: ${{ always() && github.ref_name == 'main' }}
+        uses: ravsamhq/notify-slack-action@v2
+        with:
+          status: ${{ job.status }}
+          notify_when: 'failure'
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.VULCANIZE_SLACK_CI_ALERTS }}
+      - name: Notify DeepStack Slack on CI failure
+        if: ${{ always() && github.ref_name == 'main' }}
+        uses: ravsamhq/notify-slack-action@v2
+        with:
+          status: ${{ job.status }}
+          notify_when: 'failure'
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.DEEPSTACK_SLACK_CI_ALERTS }}

.gitea/workflows/test-database.yml

@@ -33,7 +33,7 @@ jobs:
       - name: "Print Python version"
         run: python3 --version
       - name: "Install shiv"
-        run: pip install shiv
+        run: pip install shiv==1.0.6
       - name: "Generate build version file"
         run: ./scripts/create_build_tag_file.sh
       - name: "Build local shiv package"
@@ -49,4 +49,19 @@ jobs:
           source /opt/bash-utils/cgroup-helper.sh
           join_cgroup
           ./tests/database/run-test.sh
-
+      - name: Notify Vulcanize Slack on CI failure
+        if: ${{ always() && github.ref_name == 'main' }}
+        uses: ravsamhq/notify-slack-action@v2
+        with:
+          status: ${{ job.status }}
+          notify_when: 'failure'
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.VULCANIZE_SLACK_CI_ALERTS }}
+      - name: Notify DeepStack Slack on CI failure
+        if: ${{ always() && github.ref_name == 'main' }}
+        uses: ravsamhq/notify-slack-action@v2
+        with:
+          status: ${{ job.status }}
+          notify_when: 'failure'
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.DEEPSTACK_SLACK_CI_ALERTS }}

.gitea/workflows/test-deploy.yml

@@ -2,7 +2,8 @@ name: Deploy Test
 
 on:
   pull_request:
-    branches: '*'
+    branches:
+      - main
   push:
     branches:
       - main
@@ -10,9 +11,6 @@ on:
     paths-ignore:
       - '.gitea/workflows/triggers/*'
 
-# Needed until we can incorporate docker startup into the executor container
-env:
-  DOCKER_HOST: unix:///var/run/dind.sock
 
 jobs:
   test:
@@ -36,14 +34,26 @@ jobs:
       - name: "Print Python version"
         run: python3 --version
       - name: "Install shiv"
-        run: pip install shiv
+        run: pip install shiv==1.0.6
       - name: "Generate build version file"
         run: ./scripts/create_build_tag_file.sh
       - name: "Build local shiv package"
         run: ./scripts/build_shiv_package.sh
-      - name: Start dockerd # Also needed until we can incorporate into the executor
-        run: |
-          dockerd -H $DOCKER_HOST --userland-proxy=false &
-          sleep 5
       - name: "Run deploy tests"
         run: ./tests/deploy/run-deploy-test.sh
+      - name: Notify Vulcanize Slack on CI failure
+        if: ${{ always() && github.ref_name == 'main' }}
+        uses: ravsamhq/notify-slack-action@v2
+        with:
+          status: ${{ job.status }}
+          notify_when: 'failure'
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.VULCANIZE_SLACK_CI_ALERTS }}
+      - name: Notify DeepStack Slack on CI failure
+        if: ${{ always() && github.ref_name == 'main' }}
+        uses: ravsamhq/notify-slack-action@v2
+        with:
+          status: ${{ job.status }}
+          notify_when: 'failure'
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.DEEPSTACK_SLACK_CI_ALERTS }}

.gitea/workflows/test-external-stack.yml

@@ -1,22 +1,19 @@
-name: Fixturenet-Eth-Plugeth-Test
+name: External Stack Test
 
 on:
   push:
     branches: '*'
     paths:
       - '!**'
-      - '.gitea/workflows/triggers/fixturenet-eth-plugeth-test'
+      - '.gitea/workflows/triggers/test-external-stack'
+      - '.gitea/workflows/test-external-stack.yml'
+      - 'tests/external-stack/run-test.sh'
   schedule: # Note: coordinate with other tests to not overload runners at the same time of day
-    - cron: '2 14 * * *'
+    - cron: '8 19 * * *'
-
-# Needed until we can incorporate docker startup into the executor container
-env:
-  DOCKER_HOST: unix:///var/run/dind.sock
-
 
 jobs:
   test:
-    name: "Run an Ethereum plugeth fixturenet test"
+    name: "Run external stack test suite"
     runs-on: ubuntu-latest
     steps:
       - name: "Clone project repository"
@@ -36,14 +33,26 @@ jobs:
       - name: "Print Python version"
         run: python3 --version
       - name: "Install shiv"
-        run: pip install shiv
+        run: pip install shiv==1.0.6
       - name: "Generate build version file"
         run: ./scripts/create_build_tag_file.sh
       - name: "Build local shiv package"
         run: ./scripts/build_shiv_package.sh
-      - name: Start dockerd # Also needed until we can incorporate into the executor
+      - name: "Run external stack tests"
-        run: |
+        run: ./tests/external-stack/run-test.sh
-          dockerd -H $DOCKER_HOST --userland-proxy=false &
+      - name: Notify Vulcanize Slack on CI failure
-          sleep 5
+        if: ${{ always() && github.ref_name == 'main' }}
-      - name: "Run fixturenet-eth tests"
+        uses: ravsamhq/notify-slack-action@v2
-        run: ./tests/fixturenet-eth-plugeth/run-test.sh
+        with:
+          status: ${{ job.status }}
+          notify_when: 'failure'
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.VULCANIZE_SLACK_CI_ALERTS }}
+      - name: Notify DeepStack Slack on CI failure
+        if: ${{ always() && github.ref_name == 'main' }}
+        uses: ravsamhq/notify-slack-action@v2
+        with:
+          status: ${{ job.status }}
+          notify_when: 'failure'
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.DEEPSTACK_SLACK_CI_ALERTS }}

.gitea/workflows/test-k8s-deploy.yml

@@ -2,7 +2,8 @@ name: K8s Deploy Test
 
 on:
   pull_request:
-    branches: '*'
+    branches:
+      - main
   push:
     branches: '*'
     paths:
@@ -35,7 +36,7 @@ jobs:
       - name: "Print Python version"
         run: python3 --version
       - name: "Install shiv"
-        run: pip install shiv
+        run: pip install shiv==1.0.6
       - name: "Generate build version file"
         run: ./scripts/create_build_tag_file.sh
       - name: "Build local shiv package"
@@ -51,4 +52,19 @@ jobs:
           source /opt/bash-utils/cgroup-helper.sh
           join_cgroup
           ./tests/k8s-deploy/run-deploy-test.sh
-
+      - name: Notify Vulcanize Slack on CI failure
+        if: ${{ always() && github.ref_name == 'main' }}
+        uses: ravsamhq/notify-slack-action@v2
+        with:
+          status: ${{ job.status }}
+          notify_when: 'failure'
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.VULCANIZE_SLACK_CI_ALERTS }}
+      - name: Notify DeepStack Slack on CI failure
+        if: ${{ always() && github.ref_name == 'main' }}
+        uses: ravsamhq/notify-slack-action@v2
+        with:
+          status: ${{ job.status }}
+          notify_when: 'failure'
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.DEEPSTACK_SLACK_CI_ALERTS }}

.gitea/workflows/test-k8s-deployment-control.yml

@@ -0,0 +1,70 @@
+name: K8s Deployment Control Test
+
+on:
+  pull_request:
+    branches:
+      - main
+  push:
+    branches: '*'
+    paths:
+      - '!**'
+      - '.gitea/workflows/triggers/test-k8s-deployment-control'
+      - '.gitea/workflows/test-k8s-deployment-control.yml'
+      - 'tests/k8s-deployment-control/run-test.sh'
+  schedule: # Note: coordinate with other tests to not overload runners at the same time of day
+    - cron: '3 30 * * *'
+
+jobs:
+  test:
+    name: "Run deployment control suite on kind/k8s"
+    runs-on: ubuntu-22.04
+    steps:
+      - name: "Clone project repository"
+        uses: actions/checkout@v3
+      # At present the stock setup-python action fails on Linux/aarch64
+      # Conditional steps below workaroud this by using deadsnakes for that case only
+      - name: "Install Python for ARM on Linux"
+        if: ${{ runner.arch == 'arm64' && runner.os == 'Linux' }}
+        uses: deadsnakes/action@v3.0.1
+        with:
+          python-version: '3.8'
+      - name: "Install Python cases other than ARM on Linux"
+        if: ${{ ! (runner.arch == 'arm64' && runner.os == 'Linux') }}
+        uses: actions/setup-python@v4
+        with:
+          python-version: '3.8'
+      - name: "Print Python version"
+        run: python3 --version
+      - name: "Install shiv"
+        run: pip install shiv==1.0.6
+      - name: "Generate build version file"
+        run: ./scripts/create_build_tag_file.sh
+      - name: "Build local shiv package"
+        run: ./scripts/build_shiv_package.sh
+      - name: "Check cgroups version"
+        run: mount | grep cgroup
+      - name: "Install kind"
+        run: ./tests/scripts/install-kind.sh
+      - name: "Install Kubectl"
+        run: ./tests/scripts/install-kubectl.sh
+      - name: "Run k8s deployment control test"
+        run: |
+          source /opt/bash-utils/cgroup-helper.sh
+          join_cgroup
+          ./tests/k8s-deployment-control/run-test.sh
+      - name: Notify Vulcanize Slack on CI failure
+        if: ${{ always() && github.ref_name == 'main' }}
+        uses: ravsamhq/notify-slack-action@v2
+        with:
+          status: ${{ job.status }}
+          notify_when: 'failure'
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.VULCANIZE_SLACK_CI_ALERTS }}
+      - name: Notify DeepStack Slack on CI failure
+        if: ${{ always() && github.ref_name == 'main' }}
+        uses: ravsamhq/notify-slack-action@v2
+        with:
+          status: ${{ job.status }}
+          notify_when: 'failure'
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.DEEPSTACK_SLACK_CI_ALERTS }}

.gitea/workflows/test-webapp.yml

@@ -2,7 +2,8 @@ name: Webapp Test
 
 on:
   pull_request:
-    branches: '*'
+    branches:
+      - main
   push:
     branches:
       - main
@@ -10,10 +11,6 @@ on:
     paths-ignore:
       - '.gitea/workflows/triggers/*'
 
-# Needed until we can incorporate docker startup into the executor container
-env:
-  DOCKER_HOST: unix:///var/run/dind.sock
-
 jobs:
   test:
     name: "Run webapp test suite"
@@ -36,16 +33,28 @@ jobs:
       - name: "Print Python version"
         run: python3 --version
       - name: "Install shiv"
-        run: pip install shiv
+        run: pip install shiv==1.0.6
       - name: "Generate build version file"
         run: ./scripts/create_build_tag_file.sh
       - name: "Build local shiv package"
         run: ./scripts/build_shiv_package.sh
       - name: "Install wget" # 20240109 - Only needed until the executors are updated.
         run: apt update && apt install -y wget
-      - name: Start dockerd # Also needed until we can incorporate into the executor
-        run: |
-          dockerd -H $DOCKER_HOST --userland-proxy=false &
-          sleep 5
       - name: "Run webapp tests"
         run: ./tests/webapp-test/run-webapp-test.sh
+      - name: Notify Vulcanize Slack on CI failure
+        if: ${{ always() && github.ref_name == 'main' }}
+        uses: ravsamhq/notify-slack-action@v2
+        with:
+          status: ${{ job.status }}
+          notify_when: 'failure'
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.VULCANIZE_SLACK_CI_ALERTS }}
+      - name: Notify DeepStack Slack on CI failure
+        if: ${{ always() && github.ref_name == 'main' }}
+        uses: ravsamhq/notify-slack-action@v2
+        with:
+          status: ${{ job.status }}
+          notify_when: 'failure'
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.DEEPSTACK_SLACK_CI_ALERTS }}

.gitea/workflows/test.yml

@@ -10,9 +10,6 @@ on:
     paths-ignore:
       - '.gitea/workflows/triggers/*'
 
-# Needed until we can incorporate docker startup into the executor container
-env:
-  DOCKER_HOST: unix:///var/run/dind.sock
 
 jobs:
   test:
@@ -36,16 +33,26 @@ jobs:
       - name: "Print Python version"
         run: python3 --version
       - name: "Install shiv"
-        run: pip install shiv
+        run: pip install shiv==1.0.6
       - name: "Generate build version file"
         run: ./scripts/create_build_tag_file.sh
       - name: "Build local shiv package"
         run: ./scripts/build_shiv_package.sh
-      - name: Start dockerd # Also needed until we can incorporate into the executor
-        run: |
-          dockerd -H $DOCKER_HOST --userland-proxy=false &
-          sleep 5
       - name: "Run smoke tests"
         run: ./tests/smoke-test/run-smoke-test.sh
-
+      - name: Notify Vulcanize Slack on CI failure
-
+        if: ${{ always() && github.ref_name == 'main' }}
+        uses: ravsamhq/notify-slack-action@v2
+        with:
+          status: ${{ job.status }}
+          notify_when: 'failure'
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.VULCANIZE_SLACK_CI_ALERTS }}
+      - name: Notify DeepStack Slack on CI failure
+        if: ${{ always() && github.ref_name == 'main' }}
+        uses: ravsamhq/notify-slack-action@v2
+        with:
+          status: ${{ job.status }}
+          notify_when: 'failure'
+        env:
+          SLACK_WEBHOOK_URL: ${{ secrets.DEEPSTACK_SLACK_CI_ALERTS }}

.gitea/workflows/triggers/fixturenet-eth-plugeth-test

@@ -1,3 +0,0 @@
-Change this file to trigger running the fixturenet-eth-plugeth-test CI job
-trigger
-trigger

.gitea/workflows/triggers/fixturenet-eth-test

@@ -1,2 +0,0 @@
-Change this file to trigger running the fixturenet-eth-test CI job
-

.gitea/workflows/triggers/fixturenet-laconicd-test

@@ -1,3 +1,10 @@
 Change this file to trigger running the fixturenet-laconicd-test CI job
 Trigger
 Trigger
+Trigger
+Trigger
+Trigger
+Trigger
+Trigger
+Trigger
+Trigger

.gitea/workflows/triggers/test-container-registry

@@ -0,0 +1,3 @@
+Change this file to trigger running the test-container-registry CI job
+Triggered: 2026-01-21
+Triggered: 2026-01-21 19:28:29

.gitea/workflows/triggers/test-database

@@ -1,2 +1,2 @@
 Change this file to trigger running the test-database CI job
-Trigger test run
+Trigger test run

.gitea/workflows/triggers/test-external-stack

@@ -0,0 +1,2 @@
+Change this file to trigger running the external-stack CI job
+trigger

.github/workflows/triggers/fixturenet-eth-test

@@ -1,2 +1 @@
 Change this file to trigger running the fixturenet-eth-test CI job
-

.pre-commit-config.yaml

@@ -0,0 +1,34 @@
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v5.0.0
+    hooks:
+      - id: trailing-whitespace
+      - id: end-of-file-fixer
+      - id: check-yaml
+        args: ['--allow-multiple-documents']
+      - id: check-json
+      - id: check-merge-conflict
+      - id: check-added-large-files
+
+  - repo: https://github.com/psf/black
+    rev: 23.12.1
+    hooks:
+      - id: black
+        language_version: python3
+
+  - repo: https://github.com/PyCQA/flake8
+    rev: 7.1.1
+    hooks:
+      - id: flake8
+        args: ['--max-line-length=88', '--extend-ignore=E203,W503,E402']
+
+  - repo: https://github.com/RobertCraigie/pyright-python
+    rev: v1.1.345
+    hooks:
+      - id: pyright
+
+  - repo: https://github.com/adrienverge/yamllint
+    rev: v1.35.1
+    hooks:
+      - id: yamllint
+        args: [-d, relaxed]

AI-FRIENDLY-PLAN.md

@@ -0,0 +1,151 @@
+# Plan: Make Stack-Orchestrator AI-Friendly
+
+## Goal
+
+Make the stack-orchestrator repository easier for AI tools (Claude Code, Cursor, Copilot) to understand and use for generating stacks, including adding a `create-stack` command.
+
+---
+
+## Part 1: Documentation & Context Files
+
+### 1.1 Add CLAUDE.md
+
+Create a root-level context file for AI assistants.
+
+**File:** `CLAUDE.md`
+
+Contents:
+- Project overview (what stack-orchestrator does)
+- Stack creation workflow (step-by-step)
+- File naming conventions
+- Required vs optional fields in stack.yml
+- Common patterns and anti-patterns
+- Links to example stacks (simple, medium, complex)
+
+### 1.2 Add JSON Schema for stack.yml
+
+Create formal validation schema.
+
+**File:** `schemas/stack-schema.json`
+
+Benefits:
+- AI tools can validate generated stacks
+- IDEs provide autocomplete
+- CI can catch errors early
+
+### 1.3 Add Template Stack with Comments
+
+Create an annotated template for reference.
+
+**File:** `stack_orchestrator/data/stacks/_template/stack.yml`
+
+```yaml
+# Stack definition template - copy this directory to create a new stack
+version: "1.2"  # Required: 1.0, 1.1, or 1.2
+name: my-stack  # Required: lowercase, hyphens only
+description: "Human-readable description"  # Optional
+repos:          # Git repositories to clone
+  - github.com/org/repo
+containers:     # Container images to build (must have matching container-build/)
+  - cerc/my-container
+pods:           # Deployment units (must have matching docker-compose-{pod}.yml)
+  - my-pod
+```
+
+### 1.4 Document Validation Rules
+
+Create explicit documentation of constraints currently scattered in code.
+
+**File:** `docs/stack-format.md`
+
+Contents:
+- Container names must start with `cerc/`
+- Pod names must match compose file: `docker-compose-{pod}.yml`
+- Repository format: `host/org/repo[@ref]`
+- Stack directory name should match `name` field
+- Version field options and differences
+
+---
+
+## Part 2: Add `create-stack` Command
+
+### 2.1 Command Overview
+
+```bash
+laconic-so create-stack --repo github.com/org/my-app [--name my-app] [--type webapp]
+```
+
+**Behavior:**
+1. Parse repo URL to extract app name (if --name not provided)
+2. Create `stacks/{name}/stack.yml`
+3. Create `container-build/cerc-{name}/Dockerfile` and `build.sh`
+4. Create `compose/docker-compose-{name}.yml`
+5. Update list files (repository-list.txt, container-image-list.txt, pod-list.txt)
+
+### 2.2 Files to Create
+
+| File | Purpose |
+|------|---------|
+| `stack_orchestrator/create/__init__.py` | Package init |
+| `stack_orchestrator/create/create_stack.py` | Command implementation |
+
+### 2.3 Files to Modify
+
+| File | Change |
+|------|--------|
+| `stack_orchestrator/main.py` | Add import and `cli.add_command()` |
+
+### 2.4 Command Options
+
+| Option | Required | Description |
+|--------|----------|-------------|
+| `--repo` | Yes | Git repository URL (e.g., github.com/org/repo) |
+| `--name` | No | Stack name (defaults to repo name) |
+| `--type` | No | Template type: webapp, service, empty (default: webapp) |
+| `--force` | No | Overwrite existing files |
+
+### 2.5 Template Types
+
+| Type | Base Image | Port | Use Case |
+|------|------------|------|----------|
+| webapp | node:20-bullseye-slim | 3000 | React/Vue/Next.js apps |
+| service | python:3.11-slim | 8080 | Python backend services |
+| empty | none | none | Custom from scratch |
+
+---
+
+## Part 3: Implementation Summary
+
+### New Files (6)
+
+1. `CLAUDE.md` - AI assistant context
+2. `schemas/stack-schema.json` - Validation schema
+3. `stack_orchestrator/data/stacks/_template/stack.yml` - Annotated template
+4. `docs/stack-format.md` - Stack format documentation
+5. `stack_orchestrator/create/__init__.py` - Package init
+6. `stack_orchestrator/create/create_stack.py` - Command implementation
+
+### Modified Files (1)
+
+1. `stack_orchestrator/main.py` - Register create-stack command
+
+---
+
+## Verification
+
+```bash
+# 1. Command appears in help
+laconic-so --help | grep create-stack
+
+# 2. Dry run works
+laconic-so --dry-run create-stack --repo github.com/org/test-app
+
+# 3. Creates all expected files
+laconic-so create-stack --repo github.com/org/test-app
+ls stack_orchestrator/data/stacks/test-app/
+ls stack_orchestrator/data/container-build/cerc-test-app/
+ls stack_orchestrator/data/compose/docker-compose-test-app.yml
+
+# 4. Build works with generated stack
+laconic-so --stack test-app build-containers
+```

CLAUDE.md

@@ -0,0 +1,50 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code when working with the stack-orchestrator project.
+
+## Some rules to follow
+NEVER speculate about the cause of something
+NEVER assume your hypotheses are true without evidence
+
+ALWAYS clearly state when something is a hypothesis
+ALWAYS use evidence from the systems your interacting with to support your claims and hypotheses
+
+## Key Principles
+
+### Development Guidelines
+- **Single responsibility** - Each component has one clear purpose
+- **Fail fast** - Let errors propagate, don't hide failures
+- **DRY/KISS** - Minimize duplication and complexity
+
+## Development Philosophy: Conversational Literate Programming
+
+### Approach
+This project follows principles inspired by literate programming, where development happens through explanatory conversation rather than code-first implementation.
+
+### Core Principles
+- **Documentation-First**: All changes begin with discussion of intent and reasoning
+- **Narrative-Driven**: Complex systems are explained through conversational exploration
+- **Justification Required**: Every coding task must have a corresponding TODO.md item explaining the "why"
+- **Iterative Understanding**: Architecture and implementation evolve through dialogue
+
+### Working Method
+1. **Explore and Understand**: Read existing code to understand current state
+2. **Discuss Architecture**: Workshop complex design decisions through conversation
+3. **Document Intent**: Update TODO.md with clear justification before coding
+4. **Explain Changes**: Each modification includes reasoning and context
+5. **Maintain Narrative**: Conversations serve as living documentation of design evolution
+
+### Implementation Guidelines
+- Treat conversations as primary documentation
+- Explain architectural decisions before implementing
+- Use TODO.md as the "literate document" that justifies all work
+- Maintain clear narrative threads across sessions
+- Workshop complex ideas before coding
+
+This approach treats the human-AI collaboration as a form of **conversational literate programming** where understanding emerges through dialogue before code implementation.
+
+## Insights and Observations
+
+### Design Principles
+- **When something times out that doesn't mean it needs a longer timeout it means something that was expected never happened, not that we need to wait longer for it.**
+- **NEVER change a timeout because you believe something truncated, you don't understand timeouts, don't edit them unless told to explicitly by user.**

LICENSE

@@ -658,4 +658,4 @@
                                    You should also get your employer (if you work as a programmer) or school,
                                  if any, to sign a "copyright disclaimer" for the program, if necessary.
                                  For more information on this, and how to apply and follow the GNU AGPL, see
-                                 <http://www.gnu.org/licenses/>.
+                                 <http://www.gnu.org/licenses/>.

README.md

@@ -26,7 +26,7 @@ curl -SL https://github.com/docker/compose/releases/download/v2.11.2/docker-comp
 chmod +x ~/.docker/cli-plugins/docker-compose
 ```
 
-Next decide on a directory where you would like to put the stack-orchestrator program. Typically this would be 
+Next decide on a directory where you would like to put the stack-orchestrator program. Typically this would be
 a "user" binary directory such as `~/bin` or perhaps `/usr/local/laconic` or possibly just the current working directory.
 
 Now, having selected that directory, download the latest release from [this page](https://git.vdb.to/cerc-io/stack-orchestrator/tags) into it (we're using `~/bin` below for concreteness but edit to suit if you selected a different directory). Also be sure that the destination directory exists and is writable:
@@ -78,5 +78,3 @@ See the [CONTRIBUTING.md](/docs/CONTRIBUTING.md) for developer mode install.
 ## Platform Support
 
 Native aarm64 is _not_ currently supported. x64 emulation on ARM64 macos should work (not yet tested).
-
-

STACK-CREATION-GUIDE.md

@@ -0,0 +1,413 @@
+# Implementing `laconic-so create-stack` Command
+
+A plan for adding a new CLI command to scaffold stack files automatically.
+
+---
+
+## Overview
+
+Add a `create-stack` command that generates all required files for a new stack:
+
+```bash
+laconic-so create-stack --name my-stack --type webapp
+```
+
+**Output:**
+```
+stack_orchestrator/data/
+├── stacks/my-stack/stack.yml
+├── container-build/cerc-my-stack/
+│   ├── Dockerfile
+│   └── build.sh
+└── compose/docker-compose-my-stack.yml
+
+Updated: repository-list.txt, container-image-list.txt, pod-list.txt
+```
+
+---
+
+## CLI Architecture Summary
+
+### Command Registration Pattern
+
+Commands are Click functions registered in `main.py`:
+
+```python
+# main.py (line ~70)
+from stack_orchestrator.create import create_stack
+cli.add_command(create_stack.command, "create-stack")
+```
+
+### Global Options Access
+
+```python
+from stack_orchestrator.opts import opts
+
+if not opts.o.quiet:
+    print("message")
+if opts.o.dry_run:
+    print("(would create files)")
+```
+
+### Key Utilities
+
+| Function | Location | Purpose |
+|----------|----------|---------|
+| `get_yaml()` | `util.py` | YAML parser (ruamel.yaml) |
+| `get_stack_path(stack)` | `util.py` | Resolve stack directory path |
+| `error_exit(msg)` | `util.py` | Print error and exit(1) |
+
+---
+
+## Files to Create
+
+### 1. Command Module
+
+**`stack_orchestrator/create/__init__.py`**
+```python
+# Empty file to make this a package
+```
+
+**`stack_orchestrator/create/create_stack.py`**
+```python
+import click
+import os
+from pathlib import Path
+from shutil import copy
+from stack_orchestrator.opts import opts
+from stack_orchestrator.util import error_exit, get_yaml
+
+# Template types
+STACK_TEMPLATES = {
+    "webapp": {
+        "description": "Web application with Node.js",
+        "base_image": "node:20-bullseye-slim",
+        "port": 3000,
+    },
+    "service": {
+        "description": "Backend service",
+        "base_image": "python:3.11-slim",
+        "port": 8080,
+    },
+    "empty": {
+        "description": "Minimal stack with no defaults",
+        "base_image": None,
+        "port": None,
+    },
+}
+
+
+def get_data_dir() -> Path:
+    """Get path to stack_orchestrator/data directory"""
+    return Path(__file__).absolute().parent.parent.joinpath("data")
+
+
+def validate_stack_name(name: str) -> None:
+    """Validate stack name follows conventions"""
+    import re
+    if not re.match(r'^[a-z0-9][a-z0-9-]*[a-z0-9]$', name) and len(name) > 2:
+        error_exit(f"Invalid stack name '{name}'. Use lowercase alphanumeric with hyphens.")
+    if name.startswith("cerc-"):
+        error_exit("Stack name should not start with 'cerc-' (container names will add this prefix)")
+
+
+def create_stack_yml(stack_dir: Path, name: str, template: dict, repo_url: str) -> None:
+    """Create stack.yml file"""
+    config = {
+        "version": "1.2",
+        "name": name,
+        "description": template.get("description", f"Stack: {name}"),
+        "repos": [repo_url] if repo_url else [],
+        "containers": [f"cerc/{name}"],
+        "pods": [name],
+    }
+
+    stack_dir.mkdir(parents=True, exist_ok=True)
+    with open(stack_dir / "stack.yml", "w") as f:
+        get_yaml().dump(config, f)
+
+
+def create_dockerfile(container_dir: Path, name: str, template: dict) -> None:
+    """Create Dockerfile"""
+    base_image = template.get("base_image", "node:20-bullseye-slim")
+    port = template.get("port", 3000)
+
+    dockerfile_content = f'''# Build stage
+FROM {base_image} AS builder
+
+WORKDIR /app
+COPY package*.json ./
+RUN npm ci
+COPY . .
+RUN npm run build
+
+# Production stage
+FROM {base_image}
+
+WORKDIR /app
+COPY package*.json ./
+RUN npm ci --only=production
+COPY --from=builder /app/dist ./dist
+
+EXPOSE {port}
+CMD ["npm", "run", "start"]
+'''
+
+    container_dir.mkdir(parents=True, exist_ok=True)
+    with open(container_dir / "Dockerfile", "w") as f:
+        f.write(dockerfile_content)
+
+
+def create_build_script(container_dir: Path, name: str) -> None:
+    """Create build.sh script"""
+    build_script = f'''#!/usr/bin/env bash
+# Build cerc/{name}
+
+source ${{CERC_CONTAINER_BASE_DIR}}/build-base.sh
+
+SCRIPT_DIR=$( cd -- "$( dirname -- "${{BASH_SOURCE[0]}}" )" &> /dev/null && pwd )
+
+docker build -t cerc/{name}:local \\
+    -f ${{SCRIPT_DIR}}/Dockerfile \\
+    ${{build_command_args}} \\
+    ${{CERC_REPO_BASE_DIR}}/{name}
+'''
+
+    build_path = container_dir / "build.sh"
+    with open(build_path, "w") as f:
+        f.write(build_script)
+
+    # Make executable
+    os.chmod(build_path, 0o755)
+
+
+def create_compose_file(compose_dir: Path, name: str, template: dict) -> None:
+    """Create docker-compose file"""
+    port = template.get("port", 3000)
+
+    compose_content = {
+        "version": "3.8",
+        "services": {
+            name: {
+                "image": f"cerc/{name}:local",
+                "restart": "unless-stopped",
+                "ports": [f"${{HOST_PORT:-{port}}}:{port}"],
+                "environment": {
+                    "NODE_ENV": "${NODE_ENV:-production}",
+                },
+            }
+        }
+    }
+
+    with open(compose_dir / f"docker-compose-{name}.yml", "w") as f:
+        get_yaml().dump(compose_content, f)
+
+
+def update_list_file(data_dir: Path, filename: str, entry: str) -> None:
+    """Add entry to a list file if not already present"""
+    list_path = data_dir / filename
+
+    # Read existing entries
+    existing = set()
+    if list_path.exists():
+        with open(list_path, "r") as f:
+            existing = set(line.strip() for line in f if line.strip())
+
+    # Add new entry
+    if entry not in existing:
+        with open(list_path, "a") as f:
+            f.write(f"{entry}\n")
+
+
+@click.command()
+@click.option("--name", required=True, help="Name of the new stack (lowercase, hyphens)")
+@click.option("--type", "stack_type", default="webapp",
+              type=click.Choice(list(STACK_TEMPLATES.keys())),
+              help="Stack template type")
+@click.option("--repo", help="Git repository URL (e.g., github.com/org/repo)")
+@click.option("--force", is_flag=True, help="Overwrite existing files")
+@click.pass_context
+def command(ctx, name: str, stack_type: str, repo: str, force: bool):
+    """Create a new stack with all required files.
+
+    Examples:
+
+        laconic-so create-stack --name my-app --type webapp
+
+        laconic-so create-stack --name my-service --type service --repo github.com/org/repo
+    """
+    # Validate
+    validate_stack_name(name)
+
+    template = STACK_TEMPLATES[stack_type]
+    data_dir = get_data_dir()
+
+    # Define paths
+    stack_dir = data_dir / "stacks" / name
+    container_dir = data_dir / "container-build" / f"cerc-{name}"
+    compose_dir = data_dir / "compose"
+
+    # Check for existing files
+    if not force:
+        if stack_dir.exists():
+            error_exit(f"Stack already exists: {stack_dir}\nUse --force to overwrite")
+        if container_dir.exists():
+            error_exit(f"Container build dir exists: {container_dir}\nUse --force to overwrite")
+
+    # Dry run check
+    if opts.o.dry_run:
+        print(f"Would create stack '{name}' with template '{stack_type}':")
+        print(f"  - {stack_dir}/stack.yml")
+        print(f"  - {container_dir}/Dockerfile")
+        print(f"  - {container_dir}/build.sh")
+        print(f"  - {compose_dir}/docker-compose-{name}.yml")
+        print(f"  - Update repository-list.txt")
+        print(f"  - Update container-image-list.txt")
+        print(f"  - Update pod-list.txt")
+        return
+
+    # Create files
+    if not opts.o.quiet:
+        print(f"Creating stack '{name}' with template '{stack_type}'...")
+
+    create_stack_yml(stack_dir, name, template, repo)
+    if opts.o.verbose:
+        print(f"  Created {stack_dir}/stack.yml")
+
+    create_dockerfile(container_dir, name, template)
+    if opts.o.verbose:
+        print(f"  Created {container_dir}/Dockerfile")
+
+    create_build_script(container_dir, name)
+    if opts.o.verbose:
+        print(f"  Created {container_dir}/build.sh")
+
+    create_compose_file(compose_dir, name, template)
+    if opts.o.verbose:
+        print(f"  Created {compose_dir}/docker-compose-{name}.yml")
+
+    # Update list files
+    if repo:
+        update_list_file(data_dir, "repository-list.txt", repo)
+        if opts.o.verbose:
+            print(f"  Added {repo} to repository-list.txt")
+
+    update_list_file(data_dir, "container-image-list.txt", f"cerc/{name}")
+    if opts.o.verbose:
+        print(f"  Added cerc/{name} to container-image-list.txt")
+
+    update_list_file(data_dir, "pod-list.txt", name)
+    if opts.o.verbose:
+        print(f"  Added {name} to pod-list.txt")
+
+    # Summary
+    if not opts.o.quiet:
+        print(f"\nStack '{name}' created successfully!")
+        print(f"\nNext steps:")
+        print(f"  1. Edit {stack_dir}/stack.yml")
+        print(f"  2. Customize {container_dir}/Dockerfile")
+        print(f"  3. Run: laconic-so --stack {name} build-containers")
+        print(f"  4. Run: laconic-so --stack {name} deploy-system up")
+```
+
+### 2. Register Command in main.py
+
+**Edit `stack_orchestrator/main.py`**
+
+Add import:
+```python
+from stack_orchestrator.create import create_stack
+```
+
+Add command registration (after line ~78):
+```python
+cli.add_command(create_stack.command, "create-stack")
+```
+
+---
+
+## Implementation Steps
+
+### Step 1: Create module structure
+```bash
+mkdir -p stack_orchestrator/create
+touch stack_orchestrator/create/__init__.py
+```
+
+### Step 2: Create the command file
+Create `stack_orchestrator/create/create_stack.py` with the code above.
+
+### Step 3: Register in main.py
+Add the import and `cli.add_command()` line.
+
+### Step 4: Test the command
+```bash
+# Show help
+laconic-so create-stack --help
+
+# Dry run
+laconic-so --dry-run create-stack --name test-app --type webapp
+
+# Create a stack
+laconic-so create-stack --name test-app --type webapp --repo github.com/org/test-app
+
+# Verify
+ls -la stack_orchestrator/data/stacks/test-app/
+cat stack_orchestrator/data/stacks/test-app/stack.yml
+```
+
+---
+
+## Template Types
+
+| Type | Base Image | Port | Use Case |
+|------|------------|------|----------|
+| `webapp` | node:20-bullseye-slim | 3000 | React/Vue/Next.js apps |
+| `service` | python:3.11-slim | 8080 | Python backend services |
+| `empty` | none | none | Custom from scratch |
+
+---
+
+## Future Enhancements
+
+1. **Interactive mode** - Prompt for values if not provided
+2. **More templates** - Go, Rust, database stacks
+3. **Template from existing** - `--from-stack existing-stack`
+4. **External stack support** - Create in custom directory
+5. **Validation command** - `laconic-so validate-stack --name my-stack`
+
+---
+
+## Files Modified
+
+| File | Change |
+|------|--------|
+| `stack_orchestrator/create/__init__.py` | New (empty) |
+| `stack_orchestrator/create/create_stack.py` | New (command implementation) |
+| `stack_orchestrator/main.py` | Add import and `cli.add_command()` |
+
+---
+
+## Verification
+
+```bash
+# 1. Command appears in help
+laconic-so --help | grep create-stack
+
+# 2. Dry run works
+laconic-so --dry-run create-stack --name verify-test --type webapp
+
+# 3. Full creation works
+laconic-so create-stack --name verify-test --type webapp
+ls stack_orchestrator/data/stacks/verify-test/
+ls stack_orchestrator/data/container-build/cerc-verify-test/
+ls stack_orchestrator/data/compose/docker-compose-verify-test.yml
+
+# 4. Build works
+laconic-so --stack verify-test build-containers
+
+# 5. Cleanup
+rm -rf stack_orchestrator/data/stacks/verify-test
+rm -rf stack_orchestrator/data/container-build/cerc-verify-test
+rm stack_orchestrator/data/compose/docker-compose-verify-test.yml
+```

TODO.md

@@ -0,0 +1,16 @@
+# TODO
+
+## Features Needed
+
+### Update Stack Command
+We need an "update stack" command in stack orchestrator and cleaner documentation regarding how to do continuous deployment with and without payments.
+
+**Context**: Currently, `deploy init` generates a spec file and `deploy create` creates a deployment directory. The `deployment update` command (added by Thomas Lackey) only syncs env vars and restarts - it doesn't regenerate configurations. There's a gap in the workflow for updating stack configurations after initial deployment.
+
+## Architecture Refactoring
+
+### Separate Deployer from Stack Orchestrator CLI
+The deployer logic should be decoupled from the CLI tool to allow independent development and reuse.
+
+### Separate Stacks from Stack Orchestrator Repo
+Stacks should live in their own repositories, not bundled with the orchestrator tool. This allows stacks to evolve independently and be maintained by different teams.

docs/cli.md

@@ -51,7 +51,7 @@ $ laconic-so build-npms --include <package-name>
 ```
 e.g.
 ```
-$ laconic-so build-npms --include laconic-sdk
+$ laconic-so build-npms --include registry-sdk
 ```
 Build the packages for a stack:
 ```

docs/docker-compose-deployment.md

@@ -0,0 +1,550 @@
+# Docker Compose Deployment Guide
+
+## Introduction
+
+### What is a Deployer?
+
+In stack-orchestrator, a **deployer** provides a uniform interface for orchestrating containerized applications. This guide focuses on Docker Compose deployments, which is the default and recommended deployment mode.
+
+While stack-orchestrator also supports Kubernetes (`k8s`) and Kind (`k8s-kind`) deployments, those are out of scope for this guide. See the [Kubernetes Enhancements](./k8s-deployment-enhancements.md) documentation for advanced deployment options.
+
+## Prerequisites
+
+To deploy stacks using Docker Compose, you need:
+
+- Docker Engine (20.10+)
+- Docker Compose plugin (v2.0+)
+- Python 3.8+
+- stack-orchestrator installed (`laconic-so`)
+
+**That's it!** No additional infrastructure is required. If you have Docker installed, you're ready to deploy.
+
+## Deployment Workflow
+
+The typical deployment workflow consists of four main steps:
+
+1. **Setup repositories and build containers** (first time only)
+2. **Initialize deployment specification**
+3. **Create deployment directory**
+4. **Start and manage services**
+
+## Quick Start Example
+
+Here's a complete example using the built-in `test` stack:
+
+```bash
+# Step 1: Setup (first time only)
+laconic-so --stack test setup-repositories
+laconic-so --stack test build-containers
+
+# Step 2: Initialize deployment spec
+laconic-so --stack test deploy init --output test-spec.yml
+
+# Step 3: Create deployment directory
+laconic-so --stack test deploy create \
+  --spec-file test-spec.yml \
+  --deployment-dir test-deployment
+
+# Step 4: Start services
+laconic-so deployment --dir test-deployment start
+
+# View running services
+laconic-so deployment --dir test-deployment ps
+
+# View logs
+laconic-so deployment --dir test-deployment logs
+
+# Stop services (preserves data)
+laconic-so deployment --dir test-deployment stop
+```
+
+## Deployment Workflows
+
+Stack-orchestrator supports two deployment workflows:
+
+### 1. Deployment Directory Workflow (Recommended)
+
+This workflow creates a persistent deployment directory that contains all configuration and data.
+
+**When to use:**
+- Production deployments
+- When you need to preserve configuration
+- When you want to manage multiple deployments
+- When you need persistent volume data
+
+**Example:**
+
+```bash
+# Initialize deployment spec
+laconic-so --stack fixturenet-eth deploy init --output eth-spec.yml
+
+# Optionally edit eth-spec.yml to customize configuration
+
+# Create deployment directory
+laconic-so --stack fixturenet-eth deploy create \
+  --spec-file eth-spec.yml \
+  --deployment-dir my-eth-deployment
+
+# Start the deployment
+laconic-so deployment --dir my-eth-deployment start
+
+# Manage the deployment
+laconic-so deployment --dir my-eth-deployment ps
+laconic-so deployment --dir my-eth-deployment logs
+laconic-so deployment --dir my-eth-deployment stop
+```
+
+### 2. Quick Deploy Workflow
+
+This workflow deploys directly without creating a persistent deployment directory.
+
+**When to use:**
+- Quick testing
+- Temporary deployments
+- Simple stacks that don't require customization
+
+**Example:**
+
+```bash
+# Start the stack directly
+laconic-so --stack test deploy up
+
+# Check service status
+laconic-so --stack test deploy port test 80
+
+# View logs
+laconic-so --stack test deploy logs
+
+# Stop (preserves volumes)
+laconic-so --stack test deploy down
+
+# Stop and remove volumes
+laconic-so --stack test deploy down --delete-volumes
+```
+
+## Real-World Example: Ethereum Fixturenet
+
+Deploy a local Ethereum testnet with Geth and Lighthouse:
+
+```bash
+# Setup (first time only)
+laconic-so --stack fixturenet-eth setup-repositories
+laconic-so --stack fixturenet-eth build-containers
+
+# Initialize with default configuration
+laconic-so --stack fixturenet-eth deploy init --output eth-spec.yml
+
+# Create deployment
+laconic-so --stack fixturenet-eth deploy create \
+  --spec-file eth-spec.yml \
+  --deployment-dir fixturenet-eth-deployment
+
+# Start the network
+laconic-so deployment --dir fixturenet-eth-deployment start
+
+# Check status
+laconic-so deployment --dir fixturenet-eth-deployment ps
+
+# Access logs from specific service
+laconic-so deployment --dir fixturenet-eth-deployment logs fixturenet-eth-geth-1
+
+# Stop the network (preserves blockchain data)
+laconic-so deployment --dir fixturenet-eth-deployment stop
+
+# Start again - blockchain data is preserved
+laconic-so deployment --dir fixturenet-eth-deployment start
+
+# Clean up everything including data
+laconic-so deployment --dir fixturenet-eth-deployment stop --delete-volumes
+```
+
+## Configuration
+
+### Passing Configuration Parameters
+
+Configuration can be passed in three ways:
+
+**1. At init time via `--config` flag:**
+
+```bash
+laconic-so --stack test deploy init --output spec.yml \
+  --config PARAM1=value1,PARAM2=value2
+```
+
+**2. Edit the spec file after init:**
+
+```bash
+# Initialize
+laconic-so --stack test deploy init --output spec.yml
+
+# Edit spec.yml
+vim spec.yml
+```
+
+Example spec.yml:
+```yaml
+stack: test
+config:
+  PARAM1: value1
+  PARAM2: value2
+```
+
+**3. Docker Compose defaults:**
+
+Environment variables defined in the stack's `docker-compose-*.yml` files are used as defaults. Configuration from the spec file overrides these defaults.
+
+### Port Mapping
+
+By default, services are accessible on randomly assigned host ports. To find the mapped port:
+
+```bash
+# Find the host port for container port 80 on service 'webapp'
+laconic-so deployment --dir my-deployment port webapp 80
+
+# Output example: 0.0.0.0:32768
+```
+
+To configure fixed ports, edit the spec file before creating the deployment:
+
+```yaml
+network:
+  ports:
+    webapp:
+      - '8080:80'  # Maps host port 8080 to container port 80
+    api:
+      - '3000:3000'
+```
+
+Then create the deployment:
+
+```bash
+laconic-so --stack my-stack deploy create \
+  --spec-file spec.yml \
+  --deployment-dir my-deployment
+```
+
+### Volume Persistence
+
+Volumes are preserved between stop/start cycles by default:
+
+```bash
+# Stop but keep data
+laconic-so deployment --dir my-deployment stop
+
+# Start again - data is still there
+laconic-so deployment --dir my-deployment start
+```
+
+To completely remove all data:
+
+```bash
+# Stop and delete all volumes
+laconic-so deployment --dir my-deployment stop --delete-volumes
+```
+
+Volume data is stored in `<deployment-dir>/data/`.
+
+## Common Operations
+
+### Viewing Logs
+
+```bash
+# All services, continuous follow
+laconic-so deployment --dir my-deployment logs --follow
+
+# Last 100 lines from all services
+laconic-so deployment --dir my-deployment logs --tail 100
+
+# Specific service only
+laconic-so deployment --dir my-deployment logs webapp
+
+# Combine options
+laconic-so deployment --dir my-deployment logs --tail 50 --follow webapp
+```
+
+### Executing Commands in Containers
+
+```bash
+# Execute a command in a running service
+laconic-so deployment --dir my-deployment exec webapp ls -la
+
+# Interactive shell
+laconic-so deployment --dir my-deployment exec webapp /bin/bash
+
+# Run command with specific environment variables
+laconic-so deployment --dir my-deployment exec webapp env VAR=value command
+```
+
+### Checking Service Status
+
+```bash
+# List all running services
+laconic-so deployment --dir my-deployment ps
+
+# Check using Docker directly
+docker ps
+```
+
+### Updating a Running Deployment
+
+If you need to change configuration after deployment:
+
+```bash
+# 1. Edit the spec file
+vim my-deployment/spec.yml
+
+# 2. Regenerate configuration
+laconic-so deployment --dir my-deployment update
+
+# 3. Restart services to apply changes
+laconic-so deployment --dir my-deployment stop
+laconic-so deployment --dir my-deployment start
+```
+
+## Multi-Service Deployments
+
+Many stacks deploy multiple services that work together:
+
+```bash
+# Deploy a stack with multiple services
+laconic-so --stack laconicd-with-console deploy init --output spec.yml
+laconic-so --stack laconicd-with-console deploy create \
+  --spec-file spec.yml \
+  --deployment-dir laconicd-deployment
+
+laconic-so deployment --dir laconicd-deployment start
+
+# View all services
+laconic-so deployment --dir laconicd-deployment ps
+
+# View logs from specific services
+laconic-so deployment --dir laconicd-deployment logs laconicd
+laconic-so deployment --dir laconicd-deployment logs console
+```
+
+## ConfigMaps
+
+ConfigMaps allow you to mount configuration files into containers:
+
+```bash
+# 1. Create the config directory in your deployment
+mkdir -p my-deployment/data/my-config
+echo "database_url=postgres://localhost" > my-deployment/data/my-config/app.conf
+
+# 2. Reference in spec file
+vim my-deployment/spec.yml
+```
+
+Add to spec.yml:
+```yaml
+configmaps:
+  my-config: ./data/my-config
+```
+
+```bash
+# 3. Restart to apply
+laconic-so deployment --dir my-deployment stop
+laconic-so deployment --dir my-deployment start
+```
+
+The files will be mounted in the container at `/config/` (or as specified by the stack).
+
+## Deployment Directory Structure
+
+A typical deployment directory contains:
+
+```
+my-deployment/
+├── compose/
+│   └── docker-compose-*.yml    # Generated compose files
+├── config.env                   # Environment variables
+├── deployment.yml              # Deployment metadata
+├── spec.yml                    # Deployment specification
+└── data/                       # Volume mounts and configs
+    ├── service-data/           # Persistent service data
+    └── config-maps/            # ConfigMap files
+```
+
+## Troubleshooting
+
+### Common Issues
+
+**Problem: "Cannot connect to Docker daemon"**
+
+```bash
+# Ensure Docker is running
+docker ps
+
+# Start Docker if needed (macOS)
+open -a Docker
+
+# Start Docker (Linux)
+sudo systemctl start docker
+```
+
+**Problem: "Port already in use"**
+
+```bash
+# Either stop the conflicting service or use different ports
+# Edit spec.yml before creating deployment:
+
+network:
+  ports:
+    webapp:
+      - '8081:80'  # Use 8081 instead of 8080
+```
+
+**Problem: "Image not found"**
+
+```bash
+# Build containers first
+laconic-so --stack your-stack build-containers
+```
+
+**Problem: Volumes not persisting**
+
+```bash
+# Check if you used --delete-volumes when stopping
+# Volume data is in: <deployment-dir>/data/
+
+# Don't use --delete-volumes if you want to keep data:
+laconic-so deployment --dir my-deployment stop
+
+# Only use --delete-volumes when you want to reset completely:
+laconic-so deployment --dir my-deployment stop --delete-volumes
+```
+
+**Problem: Services not starting**
+
+```bash
+# Check logs for errors
+laconic-so deployment --dir my-deployment logs
+
+# Check Docker container status
+docker ps -a
+
+# Try stopping and starting again
+laconic-so deployment --dir my-deployment stop
+laconic-so deployment --dir my-deployment start
+```
+
+### Inspecting Deployment State
+
+```bash
+# Check deployment directory structure
+ls -la my-deployment/
+
+# Check running containers
+docker ps
+
+# Check container details
+docker inspect <container-name>
+
+# Check networks
+docker network ls
+
+# Check volumes
+docker volume ls
+```
+
+## CLI Commands Reference
+
+### Stack Operations
+
+```bash
+# Clone required repositories
+laconic-so --stack <name> setup-repositories
+
+# Build container images
+laconic-so --stack <name> build-containers
+```
+
+### Deployment Initialization
+
+```bash
+# Initialize deployment spec with defaults
+laconic-so --stack <name> deploy init --output <spec-file>
+
+# Initialize with configuration
+laconic-so --stack <name> deploy init --output <spec-file> \
+  --config PARAM1=value1,PARAM2=value2
+```
+
+### Deployment Creation
+
+```bash
+# Create deployment directory from spec
+laconic-so --stack <name> deploy create \
+  --spec-file <spec-file> \
+  --deployment-dir <dir>
+```
+
+### Deployment Management
+
+```bash
+# Start all services
+laconic-so deployment --dir <dir> start
+
+# Stop services (preserves volumes)
+laconic-so deployment --dir <dir> stop
+
+# Stop and remove volumes
+laconic-so deployment --dir <dir> stop --delete-volumes
+
+# List running services
+laconic-so deployment --dir <dir> ps
+
+# View logs
+laconic-so deployment --dir <dir> logs [--tail N] [--follow] [service]
+
+# Show mapped port
+laconic-so deployment --dir <dir> port <service> <private-port>
+
+# Execute command in service
+laconic-so deployment --dir <dir> exec <service> <command>
+
+# Update configuration
+laconic-so deployment --dir <dir> update
+```
+
+### Quick Deploy Commands
+
+```bash
+# Start stack directly
+laconic-so --stack <name> deploy up
+
+# Stop stack
+laconic-so --stack <name> deploy down [--delete-volumes]
+
+# View logs
+laconic-so --stack <name> deploy logs
+
+# Show port mapping
+laconic-so --stack <name> deploy port <service> <port>
+```
+
+## Related Documentation
+
+- [CLI Reference](./cli.md) - Complete CLI command documentation
+- [Adding a New Stack](./adding-a-new-stack.md) - Creating custom stacks
+- [Specification](./spec.md) - Internal structure and design
+- [Kubernetes Enhancements](./k8s-deployment-enhancements.md) - Advanced K8s deployment options
+- [Web App Deployment](./webapp.md) - Deploying web applications
+
+## Examples
+
+For more examples, see the test scripts:
+- `scripts/quick-deploy-test.sh` - Quick deployment example
+- `tests/deploy/run-deploy-test.sh` - Comprehensive test showing all features
+
+## Summary
+
+- Docker Compose is the default and recommended deployment mode
+- Two workflows: deployment directory (recommended) or quick deploy
+- The standard workflow is: setup → build → init → create → start
+- Configuration is flexible with multiple override layers
+- Volume persistence is automatic unless explicitly deleted
+- All deployment state is contained in the deployment directory
+- For Kubernetes deployments, see separate K8s documentation
+
+You're now ready to deploy stacks using stack-orchestrator with Docker Compose!

docs/fetching-containers.md

@@ -0,0 +1,9 @@
+# Fetching pre-built container images
+When Stack Orchestrator deploys a stack containing a suite of one or more containers it expects images for those containers to be on the local machine with a tag of the form `<image-name>:local` Images for these containers can be built from source (and optionally base container images from public registries) with the `build-containers` subcommand.
+
+However, the task of building a large number of containers from source may consume considerable time and machine resources. This is where the `fetch-containers` subcommand steps in. It is designed to work exactly like `build-containers` but instead the images, pre-built, are fetched from an image registry then re-tagged for deployment. It can be used in place of `build-containers` for any stack provided the necessary containers, built for the local machine architecture (e.g. arm64 or x86-64) have already been published in an image registry.
+## Usage
+To use `fetch-containers`, provide an image registry path, a username and token/password with read access to the registry, and optionally specify `--force-local-overwrite`. If this argument is not specified, if there is already a locally built or previously fetched image for a stack container on the machine, it will not be overwritten and a warning issued.
+```
+$ laconic-so --stack mobymask-v3-demo fetch-containers --image-registry git.vdb.to/cerc-io --registry-username <registry-user> --registry-token <registry-token> --force-local-overwrite
+```

docs/gitea-with-laconicd-fixturenet.md

@@ -7,7 +7,7 @@ Deploy a local Gitea server, publish NPM packages to it, then use those packages
 ```bash
 laconic-so --stack build-support build-containers
 laconic-so --stack package-registry setup-repositories
-laconic-so --stack package-registry build-containers 
+laconic-so --stack package-registry build-containers
 laconic-so --stack package-registry deploy up
 ```
 
@@ -56,7 +56,7 @@ laconic-so --stack fixturenet-laconicd build-npms
 Navigate to the Gitea console and switch to the `cerc-io` user then find the `Packages` tab to confirm that these two npm packages have been published:
 
 - `@cerc-io/laconic-registry-cli`
-- `@cerc-io/laconic-sdk`
+- `@cerc-io/registry-sdk`
 
 ### Build and deploy fixturenet containers
 
@@ -74,7 +74,7 @@ laconic-so --stack fixturenet-laconicd deploy logs
 ### Test with the registry CLI
 
 ```bash
-laconic-so --stack fixturenet-laconicd deploy exec cli "laconic cns status"
+laconic-so --stack fixturenet-laconicd deploy exec cli "laconic registry status"
 ```
 
 Try additional CLI commands, documented [here](https://github.com/cerc-io/laconic-registry-cli#operations).

docs/helm-chart-generation.md

@@ -0,0 +1,113 @@
+# Helm Chart Generation
+
+Generate Kubernetes Helm charts from stack compose files using Kompose.
+
+## Prerequisites
+
+Install Kompose:
+
+```bash
+# Linux
+curl -L https://github.com/kubernetes/kompose/releases/download/v1.34.0/kompose-linux-amd64 -o kompose
+chmod +x kompose
+sudo mv kompose /usr/local/bin/
+
+# macOS
+brew install kompose
+
+# Verify
+kompose version
+```
+
+## Usage
+
+### 1. Create spec file
+
+```bash
+laconic-so --stack <stack-name> deploy --deploy-to k8s init \
+  --kube-config ~/.kube/config \
+  --output spec.yml
+```
+
+### 2. Generate Helm chart
+
+```bash
+laconic-so --stack <stack-name> deploy create \
+  --spec-file spec.yml \
+  --deployment-dir my-deployment \
+  --helm-chart
+```
+
+### 3. Deploy to Kubernetes
+
+```bash
+helm install my-release my-deployment/chart
+kubectl get pods -n zenith
+```
+
+## Output Structure
+
+```bash
+my-deployment/
+├── spec.yml              # Reference
+├── stack.yml             # Reference
+└── chart/                # Helm chart
+  ├── Chart.yaml
+  ├── README.md
+  └── templates/
+    └── *.yaml
+```
+
+## Example
+
+```bash
+# Generate chart for stage1-zenithd
+laconic-so --stack stage1-zenithd deploy --deploy-to k8s init \
+  --kube-config ~/.kube/config \
+  --output stage1-spec.yml
+
+laconic-so --stack stage1-zenithd deploy create \
+  --spec-file stage1-spec.yml \
+  --deployment-dir stage1-deployment \
+  --helm-chart
+
+# Deploy
+helm install stage1-zenithd stage1-deployment/chart
+```
+
+## Production Deployment (TODO)
+
+### Local Development
+
+```bash
+# Access services using port-forward
+kubectl port-forward service/zenithd 26657:26657
+kubectl port-forward service/nginx-api-proxy 1317:80
+kubectl port-forward service/cosmos-explorer 4173:4173
+```
+
+### Production Access Options
+
+- Option 1: Ingress + cert-manager (Recommended)
+  - Install ingress-nginx + cert-manager
+  - Point DNS to cluster LoadBalancer IP
+  - Auto-provisions Let's Encrypt TLS certs
+  - Access: `https://api.zenith.example.com`
+- Option 2: Cloud LoadBalancer
+  - Use cloud provider's LoadBalancer service type
+  - Point DNS to assigned external IP
+  - Manual TLS cert management
+- Option 3: Bare Metal (MetalLB + Ingress)
+  - MetalLB provides LoadBalancer IPs from local network
+  - Same Ingress setup as cloud
+- Option 4: NodePort + External Proxy
+  - Expose services on 30000-32767 range
+  - External nginx/Caddy proxies 80/443 → NodePort
+  - Manual cert management
+
+### Changes Needed
+
+- Add Ingress template to charts
+- Add TLS configuration to values.yaml
+- Document cert-manager setup
+- Add production deployment guide

docs/k8s-deployment-enhancements.md

@@ -0,0 +1,26 @@
+# K8S Deployment Enhancements
+## Controlling pod placement
+The placement of pods created as part of a stack deployment can be controlled to either avoid certain nodes, or require certain nodes.
+### Pod/Node Affinity
+Node affinity rules applied to pods target node labels. The effect is that a pod can only be placed on a node having the specified label value. Note that other pods that do not have any node affinity rules can also be placed on those same nodes. Thus node affinity for a pod controls where that pod can be placed, but does not control where other pods are placed.
+
+Node affinity for stack pods is specified in the deployment's `spec.yml` file as follows:
+```
+node-affinities:
+  - label: nodetype
+    value: typeb
+```
+This example denotes that the stack's pods should only be placed on nodes that have the label `nodetype` with value `typeb`.
+### Node Taint Toleration
+K8s nodes can be given one or more "taints". These are special fields (distinct from labels) with a name (key) and optional value.
+When placing pods, the k8s scheduler will only assign a pod to a tainted node if the pod posesses a corresponding "toleration".
+This is metadata associated with the pod that specifies that the pod "tolerates" a given taint.
+Therefore taint toleration provides a mechanism by which only certain pods can be placed on specific nodes, and provides a complementary mechanism to node affinity.
+
+Taint toleration for stack pods is specified in the deployment's `spec.yml` file as follows:
+```
+node-tolerations:
+  - key: nodetype
+    value: typeb
+```
+This example denotes that the stack's pods will tolerate a taint: `nodetype=typeb`

docs/laconicd-with-console.md

@@ -1,9 +1,8 @@
 # Running a laconicd fixturenet with console
 
-The following tutorial explains the steps to run a laconicd fixturenet with CLI and web console that displays records in the registry. It is designed as an introduction to Stack Orchestrator and to showcase one component of the Laconic Stack. Prior to Stack Orchestrator, the following 4 repositories had to be cloned and setup manually:
+The following tutorial explains the steps to run a laconicd fixturenet with CLI and web console that displays records in the registry. It is designed as an introduction to Stack Orchestrator and to showcase one component of the Laconic Stack. Prior to Stack Orchestrator, the following repositories had to be cloned and setup manually:
 
 - https://git.vdb.to/cerc-io/laconicd
-- https://git.vdb.to/cerc-io/laconic-sdk
 - https://git.vdb.to/cerc-io/laconic-registry-cli
 - https://git.vdb.to/cerc-io/laconic-console
 
@@ -11,136 +10,144 @@ Now, with Stack Orchestrator, it is a few quick commands. Additionally, the `doc
 
 ## Setup laconic-so
 
-To avoid hiccups on Mac M1/M2 and any local machine nuances that may affect the user experience, this tutorial is focused on using a fresh Digital Ocean (DO) droplet with similar specs: 
+To avoid hiccups on Mac M1/M2 and any local machine nuances that may affect the user experience, this tutorial is focused on using a fresh Digital Ocean (DO) droplet with similar specs:
 16 GB Memory / 8 Intel vCPUs / 160 GB Disk.
 
 1. Login to the droplet as root (either by SSH key or password set in the DO console)
+    ```
+    ssh root@IP
+    ```
 
-```
+1. Get the install script, give it executable permissions, and run it:
-ssh root@IP
-```
 
-2. Get the install script, give it executable permissions, and run it:
+    ```
+    curl -o install.sh https://raw.githubusercontent.com/cerc-io/stack-orchestrator/main/scripts/quick-install-linux.sh
+    ```
+    ```
+    chmod +x install.sh
+    ```
+    ```
+    bash install.sh
+    ```
 
-```
+1. Confirm docker was installed and activate the changes in `~/.profile`:
-curl -o install.sh https://raw.githubusercontent.com/cerc-io/stack-orchestrator/main/scripts/quick-install-linux.sh
-```
-```
-chmod +x install.sh
-```
-```
-bash install.sh
-```
 
-3. Confirm docker was installed and activate the changes in `~/.profile`:
+    ```
+    docker run hello-world
+   ```
+   ```
+   source ~/.profile
+   ```
 
-```
+1. Verify installation:
-docker run hello-world
-```
-```
-source ~/.profile
-```
 
-4. Verify installation:
+    ```
-
+    laconic-so version
-```
+    ```
-laconic-so version
-```
 
 ## Setup the laconic fixturenet stack
 
 1. Get the repositories
 
-```
+    ```
-laconic-so --stack fixturenet-laconic-loaded setup-repositories --include git.vdb.to/cerc-io/laconicd,git.vdb.to/cerc-io/laconic-sdk,git.vdb.to/cerc-io/laconic-registry-cli,git.vdb.to/cerc-io/laconic-console
+    laconic-so --stack fixturenet-laconic-loaded setup-repositories --include git.vdb.to/cerc-io/laconicd
-```
+    ```
 
-2. Set this environment variable to the Laconic self-hosted Gitea instance:
+1. Build the containers:
 
-```
+    ```
-export CERC_NPM_REGISTRY_URL=https://git.vdb.to/api/packages/cerc-io/npm/
+    laconic-so --stack fixturenet-laconic-loaded build-containers
-```
+    ```
 
-3. Build the containers:
+    It's possible to run into an `ESOCKETTIMEDOUT` error, e.g., `error An unexpected error occurred: "https://registry.yarnpkg.com/@material-ui/icons/-/icons-4.11.3.tgz: ESOCKETTIMEDOUT"`. This may happen even if you have a great internet connection. In that case, re-run the `build-containers` command.
 
-```
-laconic-so --stack fixturenet-laconic-loaded build-containers
-```
 
-It's possible to run into an `ESOCKETTIMEDOUT` error, e.g., `error An unexpected error occurred: "https://registry.yarnpkg.com/@material-ui/icons/-/icons-4.11.3.tgz: ESOCKETTIMEDOUT"`. This may happen even if you have a great internet connection. In that case, re-run the `build-containers` command.
+1. Set this environment variable to your droplet's IP address or fully qualified DNS host name if it has one:
 
-4. Set this environment variable to your droplet's IP address:
+    ```
+    export BACKEND_ENDPOINT=http://<your-IP-or-hostname>:9473
+    ```
+    e.g.
+    ```
+    export BACKEND_ENDPOINT=http://my-test-server.example.com:9473
+    ```
 
-```
+1. Create a deployment directory for the stack:
-export LACONIC_HOSTED_ENDPOINT=http://<your-IP>
+    ```
-```
+    laconic-so --stack fixturenet-laconic-loaded deploy init --output laconic-loaded.spec --map-ports-to-host any-same --config LACONIC_HOSTED_ENDPOINT=$BACKEND_ENDPOINT
 
-5. Deploy the stack:
+    # Update port mapping in the laconic-loaded.spec file to resolve port conflicts on host if any
+    ```
+    ```
+    laconic-so --stack fixturenet-laconic-loaded deploy create --deployment-dir laconic-loaded-deployment --spec-file laconic-loaded.spec
+    ```
+2. Start the stack:
 
-```
+    ```
-laconic-so --stack fixturenet-laconic-loaded deploy up
+    laconic-so deployment --dir laconic-loaded-deployment start
-```
+    ```
 
-6. Check the logs:
+3. Check the logs:
 
-```
+    ```
-laconic-so --stack fixturenet-laconic-loaded deploy logs
+    laconic-so deployment --dir laconic-loaded-deployment logs
-```
+    ```
 
-You'll see output from `laconicd` and the block height should be >1 to confirm it is running:
+    You'll see output from `laconicd` and the block height should be >1 to confirm it is running:
 
-```
+    ```
-laconic-5cd0a80c1442c3044c8b295d26426bae-laconicd-1         | 9:29PM INF indexed block exents height=12 module=txindex server=node
+    laconicd-1         | 6:12AM INF indexed block events height=16 module=txindex
-laconic-5cd0a80c1442c3044c8b295d26426bae-laconicd-1         | 9:30PM INF Timed out dur=4976.960115 height=13 module=consensus round=0 server=node step=1
+    laconicd-1         | 6:12AM INF Timed out dur=2993.893332 height=17 module=consensus round=0 step=RoundStepNewHeight
-laconic-5cd0a80c1442c3044c8b295d26426bae-laconicd-1         | 9:30PM INF received proposal module=consensus proposal={"Type":32,"block_id":{"hash":"D26C088A711F912ADB97888C269F628DA33153795621967BE44DCB43C3D03CA4","parts":{"hash":"22411A20B7F14CDA33244420FBDDAF24450C0628C7A06034FF22DAC3699DDCC8","total":1}},"height":13,"pol_round":-1,"round":0,"signature":"DEuqnaQmvyYbUwckttJmgKdpRu6eVm9i+9rQ1pIrV2PidkMNdWRZBLdmNghkIrUzGbW8Xd7UVJxtLRmwRASgBg==","timestamp":"2023-04-18T21:30:01.49450663Z"} server=node
+    laconicd-1         | 6:12AM INF received proposal module=consensus proposal="Proposal{17/0 (E15D03C180CE607AE8340A1325A0C134DFB4E1ADD992E173C701EBD362523267:1:DF138772FEF0, -1) 6A6F3B0A42B3 @ 2024-07-25T06:12:31.952967053Z}" proposer=86970D950BC9C16F3991A52D9C6DC55BA478A7C6
-laconic-5cd0a80c1442c3044c8b295d26426bae-laconicd-1         | 9:30PM INF received complete proposal block hash=D26C088A711F912ADB97888C269F628DA33153795621967BE44DCB43C3D03CA4 height=13 module=consensus server=node
+    laconicd-1         | 6:12AM INF received complete proposal block hash=E15D03C180CE607AE8340A1325A0C134DFB4E1ADD992E173C701EBD362523267 height=17 module=consensus
-laconic-5cd0a80c1442c3044c8b295d26426bae-laconicd-1         | 9:30PM INF finalizing commit of block hash={} height=13 module=consensus num_txs=0 root=1A8CA1AF139CCC80EC007C6321D8A63A46A793386EE2EDF9A5CA0AB2C90728B7 server=node
+    laconicd-1         | 6:12AM INF finalizing commit of block hash=E15D03C180CE607AE8340A1325A0C134DFB4E1ADD992E173C701EBD362523267 height=17 module=consensus num_txs=0 root=AF4941107DC718ED1425E77A3DC7F1154FB780B7A7DE20288DC43442203527E3
-laconic-5cd0a80c1442c3044c8b295d26426bae-laconicd-1         | 9:30PM INF minted coins from module account amount=2059730459416582643aphoton from=mint module=x/bank
+    laconicd-1         | 6:12AM INF finalized block block_app_hash=26A665360BB1EE64E54F97F2A5AB7F621B33A86D9896574000C05DE63F43F788 height=17 module=state num_txs_res=0 num_val_updates=0
-laconic-5cd0a80c1442c3044c8b295d26426bae-laconicd-1         | 9:30PM INF executed block height=13 module=state num_invalid_txs=0 num_valid_txs=0 server=node
+    laconicd-1         | 6:12AM INF executed block app_hash=26A665360BB1EE64E54F97F2A5AB7F621B33A86D9896574000C05DE63F43F788 height=17 module=state
-laconic-5cd0a80c1442c3044c8b295d26426bae-laconicd-1         | 9:30PM INF commit synced commit=436F6D6D697449447B5B363520313037203630203232372039352038352032303820313334203231392032303520313433203130372031343920313431203139203139322038362031323720362031383520323533203137362031333820313735203135392031383620323334203135382031323120313431203230342037335D3A447D
+    laconicd-1         | 6:12AM INF committed state block_app_hash=AF4941107DC718ED1425E77A3DC7F1154FB780B7A7DE20288DC43442203527E3 height=17 module=state
-laconic-5cd0a80c1442c3044c8b295d26426bae-laconicd-1         | 9:30PM INF committed state app_hash=416B3CE35F55D086DBCD8F6B958D13C0567F06B9FDB08AAF9FBAEA9E798DCC49 height=13 module=state num_txs=0 server=node
+    laconicd-1         | 6:12AM INF indexed block events height=17 module=txindex
-laconic-5cd0a80c1442c3044c8b295d26426bae-laconicd-1         | 9:30PM INF indexed block exents height=13 module=txindex server=node
+    ```
-```
 
-7. Confirm operation of the registry CLI:
+4. Confirm operation of the registry CLI:
 
-```
+   ```
-laconic-so --stack fixturenet-laconic-loaded deploy exec cli "laconic cns status"
+   laconic-so deployment --dir laconic-loaded-deployment exec cli "laconic registry status"
-```
+   ```
 
-```
+   ```
-{
+   {
-  "version": "0.3.0",
+     "version": "0.3.0",
-  "node": {
+     "node": {
-    "id": "4216af2ac9f68bda33a38803fc1b5c9559312c1d",
+       "id": "6e072894aa1f5d9535a1127a0d7a7f8e65100a2c",
-    "network": "laconic_9000-1",
+       "network": "laconic_9000-1",
-    "moniker": "localtestnet"
+       "moniker": "localtestnet"
-  },
+     },
-  "sync": {
+     "sync": {
-    "latest_block_hash": "1BDF4CB9AE2390DA65BCF997C83133C18014FCDDCAE03708488F0B56FCEEA429",
+       "latestBlockHash": "260102C283D0411CFBA0270F7DC182650FFCA737A2F6F652A985F6065696F590",
-    "latest_block_height": "5",
+       "latestBlockHeight": "49",
-    "latest_block_time": "2023-08-09 16:00:30.386903172 +0000 UTC",
+       "latestBlockTime": "2024-07-25 06:14:05.626744215 +0000 UTC",
-    "catching_up": false
+       "catchingUp": false
-  },
+     },
-  "validator": {
+     "validator": {
-    "address": "651FBC700B747C76E90ACFC18CC9508C3D0905B9",
+       "address": "86970D950BC9C16F3991A52D9C6DC55BA478A7C6",
-    "voting_power": "1000000000000000"
+       "votingPower": "1000000000000000"
-  },
+     },
-  "validators": [
+     "validators": [
-    {
+       {
-      "address": "651FBC700B747C76E90ACFC18CC9508C3D0905B9",
+         "address": "86970D950BC9C16F3991A52D9C6DC55BA478A7C6",
-      "voting_power": "1000000000000000",
+         "votingPower": "1000000000000000",
-      "proposer_priority": "0"
+         "proposerPriority": "0"
-    }
+       }
-  ],
+     ],
-  "num_peers": "0",
+     "numPeers": "0",
-  "peers": [],
+     "peers": [],
-  "disk_usage": "292.0K"
+     "diskUsage": "688K"
-}
+   }
-```
+   ```
 
 ## Configure Digital Ocean firewall
 
+(Note this step may not be necessary depending on the droplet image used)
+
 Let's open some ports.
 
 1. In the Digital Ocean web console, navigate to your droplet's main page. Select the "Networking" tab and scroll down to "Firewall".
@@ -179,13 +186,13 @@ wns
 1. The following command will create a bond and publish a record:
 
 ```
-laconic-so --stack fixturenet-laconic-loaded deploy exec cli ./scripts/create-demo-records.sh
+laconic-so deployment --dir laconic-loaded-deployment exec cli ./scripts/create-demo-records.sh
 ```
 
 You'll get an output like:
 
 ```
-Balance is: 99998999999999998999600000
+Balance is: 9.9999e+25
 Created bond with id: dd88e8d6f9567b32b28e70552aea4419c5dd3307ebae85a284d1fe38904e301a
 Published demo-record-1.yml with id: bafyreierh3xnfivexlscdwubvczmddsnf46uytyfvrbdhkjzztvsz6ruly
 ```
@@ -216,5 +223,5 @@ record:
 - e.g,:
 
 ```
-laconic-so --stack fixturenet-laconic-loaded deploy exec cli "laconic cns record list"
+laconic-so deployment --dir laconic-loaded-deployment exec cli "laconic registry record list"
 ```

docs/release-process.md

@@ -26,4 +26,3 @@ $ ./scripts/tag_new_release.sh 1 0 17
 $ ./scripts/build_shiv_package.sh
 $ ./scripts/publish_shiv_package_github.sh 1 0 17
 ```
-

docs/spec.md

@@ -4,9 +4,9 @@ Note: this page is out of date (but still useful) - it will no longer be useful
 
 ## Implementation
 
-The orchestrator's operation is driven by files shown below. 
+The orchestrator's operation is driven by files shown below.
 
-- `repository-list.txt` contains the list of git repositories; 
+- `repository-list.txt` contains the list of git repositories;
 - `container-image-list.txt` contains the list of container image names
 - `pod-list.txt` specifies the set of compose components (corresponding to individual docker-compose-xxx.yml files which may in turn specify more than one container).
 - `container-build/` contains the files required to build each container image

docs/webapp.md

@@ -7,7 +7,7 @@ compilation and static page generation are separated in the `build-webapp` and `
 
 This offers much more flexibilty than standard Next.js build methods, since any environment variables accessed
 via `process.env`, whether for pages or for API, will have values drawn from their runtime deployment environment,
-not their build environment. 
+not their build environment.
 
 ## Building
 

laconic-network-deployment.md

@@ -0,0 +1,128 @@
+# Deploying to the Laconic Network
+
+## Overview
+
+The Laconic network uses a **registry-based deployment model** where everything is published as blockchain records.
+
+## Key Documentation in stack-orchestrator
+
+- `docs/laconicd-with-console.md` - Setting up a laconicd network
+- `docs/webapp.md` - Webapp building/running
+- `stack_orchestrator/deploy/webapp/` - Implementation (14 modules)
+
+## Core Concepts
+
+### LRN (Laconic Resource Name)
+Format: `lrn://laconic/[namespace]/[name]`
+
+Examples:
+- `lrn://laconic/deployers/my-deployer-name`
+- `lrn://laconic/dns/example.com`
+- `lrn://laconic/deployments/example.com`
+
+### Registry Record Types
+
+| Record Type | Purpose |
+|-------------|---------|
+| `ApplicationRecord` | Published app metadata |
+| `WebappDeployer` | Deployment service offering |
+| `ApplicationDeploymentRequest` | User's request to deploy |
+| `ApplicationDeploymentAuction` | Optional bidding for deployers |
+| `ApplicationDeploymentRecord` | Completed deployment result |
+
+## Deployment Workflows
+
+### 1. Direct Deployment
+
+```
+User publishes ApplicationDeploymentRequest
+    → targets specific WebappDeployer (by LRN)
+    → includes payment TX hash
+    → Deployer picks up request, builds, deploys, publishes result
+```
+
+### 2. Auction-Based Deployment
+
+```
+User publishes ApplicationDeploymentAuction
+    → Deployers bid (commit/reveal phases)
+    → Winner selected
+    → User publishes request targeting winner
+```
+
+## Key CLI Commands
+
+### Publish a Deployer Service
+```bash
+laconic-so publish-webapp-deployer --laconic-config config.yml \
+  --api-url https://deployer-api.example.com \
+  --name my-deployer \
+  --payment-address laconic1... \
+  --minimum-payment 1000alnt
+```
+
+### Request Deployment (User Side)
+```bash
+laconic-so request-webapp-deployment --laconic-config config.yml \
+  --app lrn://laconic/apps/my-app \
+  --deployer lrn://laconic/deployers/xyz \
+  --make-payment auto
+```
+
+### Run Deployer Service (Deployer Side)
+```bash
+laconic-so deploy-webapp-from-registry --laconic-config config.yml --discover
+```
+
+## Laconic Config File
+
+All tools require a laconic config file (`laconic.toml`):
+
+```toml
+[cosmos]
+address_prefix = "laconic"
+chain_id = "laconic_9000-1"
+endpoint = "http://localhost:26657"
+key = "<account-name>"
+password = "<account-password>"
+```
+
+## Setting Up a Local Laconicd Network
+
+```bash
+# Clone and build
+laconic-so --stack fixturenet-laconic-loaded setup-repositories
+laconic-so --stack fixturenet-laconic-loaded build-containers
+laconic-so --stack fixturenet-laconic-loaded deploy create
+laconic-so deployment --dir laconic-loaded-deployment start
+
+# Check status
+laconic-so deployment --dir laconic-loaded-deployment exec cli "laconic registry status"
+```
+
+## Key Implementation Files
+
+| File | Purpose |
+|------|---------|
+| `publish_webapp_deployer.py` | Register deployment service on network |
+| `publish_deployment_auction.py` | Create auction for deployers to bid on |
+| `handle_deployment_auction.py` | Monitor and bid on auctions (deployer-side) |
+| `request_webapp_deployment.py` | Create deployment request (user-side) |
+| `deploy_webapp_from_registry.py` | Process requests and deploy (deployer-side) |
+| `request_webapp_undeployment.py` | Request app removal |
+| `undeploy_webapp_from_registry.py` | Process removal requests |
+| `util.py` | LaconicRegistryClient - all registry interactions |
+
+## Payment System
+
+- **Token Denom**: `alnt` (Laconic network tokens)
+- **Payment Options**:
+  - `--make-payment`: Create new payment with amount (or "auto" for deployer's minimum)
+  - `--use-payment`: Reference existing payment TX
+
+## What's NOT Well-Documented
+
+1. No end-to-end tutorial for full deployment workflow
+2. Stack publishing (vs webapp) process unclear
+3. LRN naming conventions not formally specified
+4. Payment economics and token mechanics

pyproject.toml

@@ -0,0 +1,110 @@
+[build-system]
+requires = ["setuptools>=61.0", "wheel"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "laconic-stack-orchestrator"
+version = "1.1.0"
+description = "Orchestrates deployment of the Laconic stack"
+readme = "README.md"
+license = {text = "GNU Affero General Public License"}
+authors = [
+    {name = "Cerc", email = "info@cerc.io"}
+]
+requires-python = ">=3.8"
+classifiers = [
+    "Programming Language :: Python :: 3.8",
+    "Operating System :: OS Independent",
+]
+dependencies = [
+    "python-decouple>=3.8",
+    "python-dotenv==1.0.0",
+    "GitPython>=3.1.32",
+    "tqdm>=4.65.0",
+    "python-on-whales>=0.64.0",
+    "click>=8.1.6",
+    "PyYAML>=6.0.1",
+    "ruamel.yaml>=0.17.32",
+    "pydantic==1.10.9",
+    "tomli==2.0.1",
+    "validators==0.22.0",
+    "kubernetes>=28.1.0",
+    "humanfriendly>=10.0",
+    "python-gnupg>=0.5.2",
+    "requests>=2.3.2",
+]
+
+[project.optional-dependencies]
+dev = [
+    "pytest>=7.0.0",
+    "pytest-cov>=4.0.0",
+    "black>=22.0.0",
+    "flake8>=5.0.0",
+    "pyright>=1.1.0",
+    "yamllint>=1.28.0",
+    "pre-commit>=3.0.0",
+]
+
+[project.scripts]
+laconic-so = "stack_orchestrator.main:cli"
+
+[project.urls]
+Homepage = "https://git.vdb.to/cerc-io/stack-orchestrator"
+
+[tool.setuptools.packages.find]
+where = ["."]
+
+[tool.setuptools.package-data]
+"*" = ["data/**"]
+
+[tool.black]
+line-length = 88
+target-version = ['py38']
+
+[tool.flake8]
+max-line-length = 88
+extend-ignore = ["E203", "W503", "E402"]
+
+[tool.pyright]
+pythonVersion = "3.9"
+typeCheckingMode = "basic"
+reportMissingImports = "none"
+reportMissingModuleSource = "none"
+reportUnusedImport = "error"
+include = ["stack_orchestrator/**/*.py", "tests/**/*.py"]
+exclude = ["**/build/**", "**/__pycache__/**"]
+
+[tool.mypy]
+python_version = "3.8"
+warn_return_any = true
+warn_unused_configs = true
+disallow_untyped_defs = true
+
+[tool.pytest.ini_options]
+testpaths = ["tests"]
+python_files = ["test_*.py"]
+python_classes = ["Test*"]
+python_functions = ["test_*"]
+markers = [
+    "slow: marks tests as slow (deselect with '-m \"not slow\"')",
+    "e2e: marks tests as end-to-end (requires real infrastructure)",
+]
+addopts = [
+    "--cov",
+    "--cov-report=term-missing",
+    "--cov-report=html",
+    "--strict-markers",
+]
+asyncio_default_fixture_loop_scope = "function"
+
+[tool.coverage.run]
+source = ["stack_orchestrator"]
+disable_warnings = ["couldnt-parse"]
+
+[tool.coverage.report]
+exclude_lines = [
+    "pragma: no cover",
+    "def __repr__",
+    "raise AssertionError",
+    "raise NotImplementedError",
+]

pyrightconfig.json

@@ -0,0 +1,9 @@
+{
+  "pythonVersion": "3.9",
+  "typeCheckingMode": "basic",
+  "reportMissingImports": "none",
+  "reportMissingModuleSource": "none",
+  "reportUnusedImport": "error",
+  "include": ["stack_orchestrator/**/*.py", "tests/**/*.py"],
+  "exclude": ["**/build/**", "**/__pycache__/**"]
+}

requirements.txt

@@ -11,3 +11,5 @@ tomli==2.0.1
 validators==0.22.0
 kubernetes>=28.1.0
 humanfriendly>=10.0
+python-gnupg>=0.5.2
+requests>=2.3.2

scripts/publish_shiv_package_github.sh

@@ -4,7 +4,7 @@
 # https://github.com/cerc-io/github-release-api
 # User must define: CERC_GH_RELEASE_SCRIPTS_DIR
 # pointing to the location of that cloned repository
-# e.g. 
+# e.g.
 # cd ~/projects
 # git clone https://github.com/cerc-io/github-release-api
 # cd ./stack-orchestrator

scripts/quick-deploy-test.sh

@@ -12,8 +12,8 @@ spec_file_name="${stack_name}-spec.yml"
 deployment_dir_name="${stack_name}-deployment"
 rm -f ${spec_file_name}
 rm -rf ${deployment_dir_name}
-laconic-so --stack ${stack_name} deploy --deploy-to k8s-kind init --output ${spec_file_name}
+laconic-so --stack ${stack_name} deploy --deploy-to compose init --output ${spec_file_name}
-laconic-so --stack ${stack_name} deploy --deploy-to k8s-kind create --deployment-dir ${deployment_dir_name} --spec-file ${spec_file_name}
+laconic-so --stack ${stack_name} deploy --deploy-to compose create --deployment-dir ${deployment_dir_name} --spec-file ${spec_file_name}
 #laconic-so deployment --dir ${deployment_dir_name} start
 #laconic-so deployment --dir ${deployment_dir_name} ps
 #laconic-so deployment --dir ${deployment_dir_name} stop

scripts/quick-install-linux.sh

@@ -94,7 +94,7 @@ sudo apt -y install jq
 # laconic-so depends on git
 sudo apt -y install git
 # curl used below
-sudo apt -y install curl 
+sudo apt -y install curl
 # docker repo add depends on gnupg and updated ca-certificates
 sudo apt -y install ca-certificates gnupg
 

scripts/tag_new_release.sh

@@ -3,7 +3,7 @@
 # Uses this script package to tag a new release:
 # User must define: CERC_GH_RELEASE_SCRIPTS_DIR
 # pointing to the location of that cloned repository
-# e.g. 
+# e.g.
 # cd ~/projects
 # git clone https://github.com/cerc-io/github-release-api
 # cd ./stack-orchestrator

setup.py

@@ -1,30 +1,34 @@
-# See https://medium.com/nerd-for-tech/how-to-build-and-distribute-a-cli-tool-with-python-537ae41d9d78
+# See
+# https://medium.com/nerd-for-tech/how-to-build-and-distribute-a-cli-tool-with-python-537ae41d9d78
 from setuptools import setup, find_packages
+
 with open("README.md", "r", encoding="utf-8") as fh:
     long_description = fh.read()
 with open("requirements.txt", "r", encoding="utf-8") as fh:
     requirements = fh.read()
+with open("stack_orchestrator/data/version.txt", "r", encoding="utf-8") as fh:
+    version = fh.readlines()[-1].strip(" \n")
 setup(
-    name='laconic-stack-orchestrator',
+    name="laconic-stack-orchestrator",
-    version='1.0.12',
+    version=version,
-    author='Cerc',
+    author="Cerc",
-    author_email='info@cerc.io',
+    author_email="info@cerc.io",
-    license='GNU Affero General Public License',
+    license="GNU Affero General Public License",
-    description='Orchestrates deployment of the Laconic stack',
+    description="Orchestrates deployment of the Laconic stack",
     long_description=long_description,
     long_description_content_type="text/markdown",
-    url='https://git.vdb.to/cerc-io/stack-orchestrator',
+    url="https://git.vdb.to/cerc-io/stack-orchestrator",
-    py_modules=['stack_orchestrator'],
+    py_modules=["stack_orchestrator"],
     packages=find_packages(),
     install_requires=[requirements],
-    python_requires='>=3.7',
+    python_requires=">=3.7",
     include_package_data=True,
-    package_data={'': ['data/**']},
+    package_data={"": ["data/**"]},
     classifiers=[
         "Programming Language :: Python :: 3.8",
         "Operating System :: OS Independent",
     ],
     entry_points={
-        'console_scripts': ['laconic-so=stack_orchestrator.main:cli'],
+        "console_scripts": ["laconic-so=stack_orchestrator.main:cli"],
-    }
+    },
 )

stack_orchestrator/base.py

@@ -23,11 +23,10 @@ def get_stack(config, stack):
     if stack == "package-registry":
         return package_registry_stack(config, stack)
     else:
-        return base_stack(config, stack)
+        return default_stack(config, stack)
 
 
 class base_stack(ABC):
-
     def __init__(self, config, stack):
         self.config = config
         self.stack = stack
@@ -41,15 +40,27 @@ class base_stack(ABC):
         pass
 
 
-class package_registry_stack(base_stack):
+class default_stack(base_stack):
+    """Default stack implementation for stacks without specific handling."""
 
+    def ensure_available(self):
+        return True
+
+    def get_url(self):
+        return None
+
+
+class package_registry_stack(base_stack):
     def ensure_available(self):
         self.url = "<no registry url set>"
         # Check if we were given an external registry URL
         url_from_environment = os.environ.get("CERC_NPM_REGISTRY_URL")
         if url_from_environment:
             if self.config.verbose:
-                print(f"Using package registry url from CERC_NPM_REGISTRY_URL: {url_from_environment}")
+                print(
+                    f"Using package registry url from CERC_NPM_REGISTRY_URL: "
+                    f"{url_from_environment}"
+                )
             self.url = url_from_environment
         else:
             # Otherwise we expect to use the local package-registry stack
@@ -62,10 +73,16 @@ class package_registry_stack(base_stack):
                 # TODO: get url from deploy-stack
                 self.url = "http://gitea.local:3000/api/packages/cerc-io/npm/"
             else:
-                # If not, print a message about how to start it and return fail to the caller
+                # If not, print a message about how to start it and return fail to the
-                print("ERROR: The package-registry stack is not running, and no external registry "
+                # caller
-                      "specified with CERC_NPM_REGISTRY_URL")
+                print(
-                print("ERROR: Start the local package registry with: laconic-so --stack package-registry deploy-system up")
+                    "ERROR: The package-registry stack is not running, "
+                    "and no external registry specified with CERC_NPM_REGISTRY_URL"
+                )
+                print(
+                    "ERROR: Start the local package registry with: "
+                    "laconic-so --stack package-registry deploy-system up"
+                )
                 return False
         return True
 
@@ -76,7 +93,9 @@ class package_registry_stack(base_stack):
 def get_npm_registry_url():
     # If an auth token is not defined, we assume the default should be the cerc registry
     # If an auth token is defined, we assume the local gitea should be used.
-    default_npm_registry_url = "http://gitea.local:3000/api/packages/cerc-io/npm/" if config(
+    default_npm_registry_url = (
-        "CERC_NPM_AUTH_TOKEN", default=None
+        "http://gitea.local:3000/api/packages/cerc-io/npm/"
-        ) else "https://git.vdb.to/api/packages/cerc-io/npm/"
+        if config("CERC_NPM_AUTH_TOKEN", default=None)
+        else "https://git.vdb.to/api/packages/cerc-io/npm/"
+    )
     return config("CERC_NPM_REGISTRY_URL", default=default_npm_registry_url)

stack_orchestrator/build/build_containers.py

@@ -18,27 +18,34 @@
 # env vars:
 # CERC_REPO_BASE_DIR defaults to ~/cerc
 
-# TODO: display the available list of containers; allow re-build of either all or specific containers
+# TODO: display the available list of containers;
+# allow re-build of either all or specific containers
 
 import os
 import sys
 from decouple import config
 import subprocess
 import click
-import importlib.resources
 from pathlib import Path
-from stack_orchestrator.util import include_exclude_check, get_parsed_stack_config, stack_is_external
+from stack_orchestrator.opts import opts
+from stack_orchestrator.util import include_exclude_check, stack_is_external, error_exit
 from stack_orchestrator.base import get_npm_registry_url
+from stack_orchestrator.build.build_types import BuildContext
+from stack_orchestrator.build.publish import publish_image
+from stack_orchestrator.build.build_util import get_containers_in_scope
 
 # TODO: find a place for this
-#    epilog="Config provided either in .env or settings.ini or env vars: CERC_REPO_BASE_DIR (defaults to ~/cerc)"
+#    epilog="Config provided either in .env or settings.ini or env vars:
+#    CERC_REPO_BASE_DIR (defaults to ~/cerc)"
 
 
-def make_container_build_env(dev_root_path: str,
+def make_container_build_env(
-                             container_build_dir: str,
+    dev_root_path: str,
-                             debug: bool,
+    container_build_dir: str,
-                             force_rebuild: bool,
+    debug: bool,
-                             extra_build_args: str):
+    force_rebuild: bool,
+    extra_build_args: str,
+):
     container_build_env = {
         "CERC_NPM_REGISTRY_URL": get_npm_registry_url(),
         "CERC_GO_AUTH_TOKEN": config("CERC_GO_AUTH_TOKEN", default=""),
@@ -47,11 +54,15 @@ def make_container_build_env(dev_root_path: str,
         "CERC_CONTAINER_BASE_DIR": container_build_dir,
         "CERC_HOST_UID": f"{os.getuid()}",
         "CERC_HOST_GID": f"{os.getgid()}",
-        "DOCKER_BUILDKIT": config("DOCKER_BUILDKIT", default="0")
+        "DOCKER_BUILDKIT": config("DOCKER_BUILDKIT", default="0"),
     }
     container_build_env.update({"CERC_SCRIPT_DEBUG": "true"} if debug else {})
     container_build_env.update({"CERC_FORCE_REBUILD": "true"} if force_rebuild else {})
-    container_build_env.update({"CERC_CONTAINER_EXTRA_BUILD_ARGS": extra_build_args} if extra_build_args else {})
+    container_build_env.update(
+        {"CERC_CONTAINER_EXTRA_BUILD_ARGS": extra_build_args}
+        if extra_build_args
+        else {}
+    )
     docker_host_env = os.getenv("DOCKER_HOST")
     if docker_host_env:
         container_build_env.update({"DOCKER_HOST": docker_host_env})
@@ -59,130 +70,176 @@ def make_container_build_env(dev_root_path: str,
     return container_build_env
 
 
-def process_container(stack: str,
+def process_container(build_context: BuildContext) -> bool:
-                      container,
+    if not opts.o.quiet:
-                      container_build_dir: str,
+        print(f"Building: {build_context.container}")
-                      container_build_env: dict,
-                      dev_root_path: str,
-                      quiet: bool,
-                      verbose: bool,
-                      dry_run: bool,
-                      continue_on_error: bool,
-                      ):
-    if not quiet:
-        print(f"Building: {container}")
 
-    default_container_tag = f"{container}:local"
+    default_container_tag = f"{build_context.container}:local"
-    container_build_env.update({"CERC_DEFAULT_CONTAINER_IMAGE_TAG": default_container_tag})
+    build_context.container_build_env.update(
+        {"CERC_DEFAULT_CONTAINER_IMAGE_TAG": default_container_tag}
+    )
 
     # Check if this is in an external stack
-    if stack_is_external(stack):
+    if stack_is_external(build_context.stack):
-        container_parent_dir = Path(stack).joinpath("container-build")
+        container_parent_dir = Path(build_context.stack).parent.parent.joinpath(
-        temp_build_dir = container_parent_dir.joinpath(container.replace("/", "-"))
+            "container-build"
+        )
+        temp_build_dir = container_parent_dir.joinpath(
+            build_context.container.replace("/", "-")
+        )
         temp_build_script_filename = temp_build_dir.joinpath("build.sh")
         # Now check if the container exists in the external stack.
         if not temp_build_script_filename.exists():
             # If not, revert to building an internal container
-            container_parent_dir = container_build_dir
+            container_parent_dir = build_context.container_build_dir
     else:
-        container_parent_dir = container_build_dir
+        container_parent_dir = build_context.container_build_dir
 
-    build_dir = container_parent_dir.joinpath(container.replace("/", "-"))
+    build_dir = container_parent_dir.joinpath(build_context.container.replace("/", "-"))
     build_script_filename = build_dir.joinpath("build.sh")
 
-    if verbose:
+    if opts.o.verbose:
         print(f"Build script filename: {build_script_filename}")
     if os.path.exists(build_script_filename):
         build_command = build_script_filename.as_posix()
     else:
-        if verbose:
+        if opts.o.verbose:
-            print(f"No script file found: {build_script_filename}, using default build script")
+            print(
-        repo_dir = container.split('/')[1]
+                f"No script file found: {build_script_filename}, "
-        # TODO: make this less of a hack -- should be specified in some metadata somewhere
+                "using default build script"
-        # Check if we have a repo for this container. If not, set the context dir to the container-build subdir
+            )
-        repo_full_path = os.path.join(dev_root_path, repo_dir)
+        repo_dir = build_context.container.split("/")[1]
-        repo_dir_or_build_dir = repo_full_path if os.path.exists(repo_full_path) else build_dir
+        # TODO: make this less of a hack -- should be specified in
-        build_command = os.path.join(container_build_dir,
+        # some metadata somewhere. Check if we have a repo for this
-                                     "default-build.sh") + f" {default_container_tag} {repo_dir_or_build_dir}"
+        # container. If not, set the context dir to container-build subdir
-    if not dry_run:
+        repo_full_path = os.path.join(build_context.dev_root_path, repo_dir)
+        repo_dir_or_build_dir = (
+            repo_full_path if os.path.exists(repo_full_path) else build_dir
+        )
+        build_command = (
+            os.path.join(build_context.container_build_dir, "default-build.sh")
+            + f" {default_container_tag} {repo_dir_or_build_dir}"
+        )
+    if not opts.o.dry_run:
         # No PATH at all causes failures with podman.
-        if "PATH" not in container_build_env:
+        if "PATH" not in build_context.container_build_env:
-            container_build_env["PATH"] = os.environ["PATH"]
+            build_context.container_build_env["PATH"] = os.environ["PATH"]
-        if verbose:
+        if opts.o.verbose:
-            print(f"Executing: {build_command} with environment: {container_build_env}")
+            print(
-        build_result = subprocess.run(build_command, shell=True, env=container_build_env)
+                f"Executing: {build_command} with environment: "
-        if verbose:
+                f"{build_context.container_build_env}"
+            )
+        build_result = subprocess.run(
+            build_command, shell=True, env=build_context.container_build_env
+        )
+        if opts.o.verbose:
             print(f"Return code is: {build_result.returncode}")
         if build_result.returncode != 0:
-            print(f"Error running build for {container}")
+            return False
-            if not continue_on_error:
+        else:
-                print("FATAL Error: container build failed and --continue-on-error not set, exiting")
+            return True
-                sys.exit(1)
-            else:
-                print("****** Container Build Error, continuing because --continue-on-error is set")
     else:
         print("Skipped")
+        return True
 
 
 @click.command()
-@click.option('--include', help="only build these containers")
+@click.option("--include", help="only build these containers")
-@click.option('--exclude', help="don\'t build these containers")
+@click.option("--exclude", help="don't build these containers")
-@click.option("--force-rebuild", is_flag=True, default=False, help="Override dependency checking -- always rebuild")
+@click.option(
+    "--force-rebuild",
+    is_flag=True,
+    default=False,
+    help="Override dependency checking -- always rebuild",
+)
 @click.option("--extra-build-args", help="Supply extra arguments to build")
+@click.option(
+    "--publish-images",
+    is_flag=True,
+    default=False,
+    help="Publish the built images in the specified image registry",
+)
+@click.option(
+    "--image-registry", help="Specify the image registry for --publish-images"
+)
 @click.pass_context
-def command(ctx, include, exclude, force_rebuild, extra_build_args):
+def command(
-    '''build the set of containers required for a complete stack'''
+    ctx,
+    include,
+    exclude,
+    force_rebuild,
+    extra_build_args,
+    publish_images,
+    image_registry,
+):
+    """build the set of containers required for a complete stack"""
 
-    quiet = ctx.obj.quiet
-    verbose = ctx.obj.verbose
-    dry_run = ctx.obj.dry_run
-    debug = ctx.obj.debug
     local_stack = ctx.obj.local_stack
     stack = ctx.obj.stack
-    continue_on_error = ctx.obj.continue_on_error
 
-    # See: https://stackoverflow.com/questions/25389095/python-get-path-of-root-project-structure
+    # See: https://stackoverflow.com/questions/25389095/
-    container_build_dir = Path(__file__).absolute().parent.parent.joinpath("data", "container-build")
+    # python-get-path-of-root-project-structure
+    container_build_dir = (
+        Path(__file__).absolute().parent.parent.joinpath("data", "container-build")
+    )
 
     if local_stack:
-        dev_root_path = os.getcwd()[0:os.getcwd().rindex("stack-orchestrator")]
+        dev_root_path = os.getcwd()[0 : os.getcwd().rindex("stack-orchestrator")]
-        print(f'Local stack dev_root_path (CERC_REPO_BASE_DIR) overridden to: {dev_root_path}')
+        print(
+            f"Local stack dev_root_path (CERC_REPO_BASE_DIR) overridden to: "
+            f"{dev_root_path}"
+        )
     else:
-        dev_root_path = os.path.expanduser(config("CERC_REPO_BASE_DIR", default="~/cerc"))
+        dev_root_path = os.path.expanduser(
+            config("CERC_REPO_BASE_DIR", default="~/cerc")
+        )
 
-    if not quiet:
+    if not opts.o.quiet:
-        print(f'Dev Root is: {dev_root_path}')
+        print(f"Dev Root is: {dev_root_path}")
 
     if not os.path.isdir(dev_root_path):
-        print('Dev root directory doesn\'t exist, creating')
+        print("Dev root directory doesn't exist, creating")
 
-    # See: https://stackoverflow.com/a/20885799/1701505
+    if publish_images:
-    from stack_orchestrator import data
+        if not image_registry:
-    with importlib.resources.open_text(data, "container-image-list.txt") as container_list_file:
+            error_exit("--image-registry must be supplied with --publish-images")
-        all_containers = container_list_file.read().splitlines()
 
-    containers_in_scope = []
+    containers_in_scope = get_containers_in_scope(stack)
-    if stack:
-        stack_config = get_parsed_stack_config(stack)
-        containers_in_scope = stack_config['containers']
-    else:
-        containers_in_scope = all_containers
 
-    if verbose:
+    container_build_env = make_container_build_env(
-        print(f'Containers: {containers_in_scope}')
+        dev_root_path,
-        if stack:
+        container_build_dir,
-            print(f"Stack: {stack}")
+        opts.o.debug,
-
+        force_rebuild,
-    container_build_env = make_container_build_env(dev_root_path,
+        extra_build_args,
-                                                   container_build_dir,
+    )
-                                                   debug,
-                                                   force_rebuild,
-                                                   extra_build_args)
 
     for container in containers_in_scope:
         if include_exclude_check(container, include, exclude):
-            process_container(stack, container, container_build_dir, container_build_env,
+            build_context = BuildContext(
-                              dev_root_path, quiet, verbose, dry_run, continue_on_error)
+                stack,
+                container,
+                container_build_dir,
+                container_build_env,
+                dev_root_path,
+            )
+            result = process_container(build_context)
+            if result:
+                if publish_images:
+                    publish_image(f"{container}:local", image_registry)
+            else:
+                print(f"Error running build for {build_context.container}")
+                if not opts.o.continue_on_error:
+                    error_exit(
+                        "container build failed and --continue-on-error "
+                        "not set, exiting"
+                    )
+                    sys.exit(1)
+                else:
+                    print(
+                        "****** Container Build Error, continuing because "
+                        "--continue-on-error is set"
+                    )
         else:
-            if verbose:
+            if opts.o.verbose:
                 print(f"Excluding: {container}")

stack_orchestrator/build/build_npms.py

@@ -32,14 +32,18 @@ builder_js_image_name = "cerc/builder-js:local"
 
 
 @click.command()
-@click.option('--include', help="only build these packages")
+@click.option("--include", help="only build these packages")
-@click.option('--exclude', help="don\'t build these packages")
+@click.option("--exclude", help="don't build these packages")
-@click.option("--force-rebuild", is_flag=True, default=False,
+@click.option(
-              help="Override existing target package version check -- force rebuild")
+    "--force-rebuild",
+    is_flag=True,
+    default=False,
+    help="Override existing target package version check -- force rebuild",
+)
 @click.option("--extra-build-args", help="Supply extra arguments to build")
 @click.pass_context
 def command(ctx, include, exclude, force_rebuild, extra_build_args):
-    '''build the set of npm packages required for a complete stack'''
+    """build the set of npm packages required for a complete stack"""
 
     quiet = ctx.obj.quiet
     verbose = ctx.obj.verbose
@@ -65,45 +69,54 @@ def command(ctx, include, exclude, force_rebuild, extra_build_args):
         sys.exit(1)
 
     if local_stack:
-        dev_root_path = os.getcwd()[0:os.getcwd().rindex("stack-orchestrator")]
+        dev_root_path = os.getcwd()[0 : os.getcwd().rindex("stack-orchestrator")]
-        print(f'Local stack dev_root_path (CERC_REPO_BASE_DIR) overridden to: {dev_root_path}')
+        print(
+            f"Local stack dev_root_path (CERC_REPO_BASE_DIR) overridden to: "
+            f"{dev_root_path}"
+        )
     else:
-        dev_root_path = os.path.expanduser(config("CERC_REPO_BASE_DIR", default="~/cerc"))
+        dev_root_path = os.path.expanduser(
+            config("CERC_REPO_BASE_DIR", default="~/cerc")
+        )
 
     build_root_path = os.path.join(dev_root_path, "build-trees")
 
     if verbose:
-        print(f'Dev Root is: {dev_root_path}')
+        print(f"Dev Root is: {dev_root_path}")
 
     if not os.path.isdir(dev_root_path):
-        print('Dev root directory doesn\'t exist, creating')
+        print("Dev root directory doesn't exist, creating")
         os.makedirs(dev_root_path)
     if not os.path.isdir(dev_root_path):
-        print('Build root directory doesn\'t exist, creating')
+        print("Build root directory doesn't exist, creating")
         os.makedirs(build_root_path)
 
     # See: https://stackoverflow.com/a/20885799/1701505
     from stack_orchestrator import data
-    with importlib.resources.open_text(data, "npm-package-list.txt") as package_list_file:
+
+    with importlib.resources.open_text(
+        data, "npm-package-list.txt"
+    ) as package_list_file:
         all_packages = package_list_file.read().splitlines()
 
     packages_in_scope = []
     if stack:
         stack_config = get_parsed_stack_config(stack)
         # TODO: syntax check the input here
-        packages_in_scope = stack_config['npms']
+        packages_in_scope = stack_config["npms"]
     else:
         packages_in_scope = all_packages
 
     if verbose:
-        print(f'Packages: {packages_in_scope}')
+        print(f"Packages: {packages_in_scope}")
 
     def build_package(package):
         if not quiet:
             print(f"Building npm package: {package}")
         repo_dir = package
         repo_full_path = os.path.join(dev_root_path, repo_dir)
-        # Copy the repo and build that to avoid propagating JS tooling file changes back into the cloned repo
+        # Copy the repo and build that to avoid propagating
+        # JS tooling file changes back into the cloned repo
         repo_copy_path = os.path.join(build_root_path, repo_dir)
         # First delete any old build tree
         if os.path.isdir(repo_copy_path):
@@ -116,41 +129,63 @@ def command(ctx, include, exclude, force_rebuild, extra_build_args):
             print(f"Copying build tree from: {repo_full_path} to: {repo_copy_path}")
         if not dry_run:
             copytree(repo_full_path, repo_copy_path)
-        build_command = ["sh", "-c", f"cd /workspace && build-npm-package-local-dependencies.sh {npm_registry_url}"]
+        build_command = [
+            "sh",
+            "-c",
+            "cd /workspace && "
+            f"build-npm-package-local-dependencies.sh {npm_registry_url}",
+        ]
         if not dry_run:
             if verbose:
                 print(f"Executing: {build_command}")
             # Originally we used the PEP 584 merge operator:
-            # envs = {"CERC_NPM_AUTH_TOKEN": npm_registry_url_token} | ({"CERC_SCRIPT_DEBUG": "true"} if debug else {})
+            # envs = {"CERC_NPM_AUTH_TOKEN": npm_registry_url_token} |
-            # but that isn't available in Python 3.8 (default in Ubuntu 20) so for now we use dict.update:
+            #        ({"CERC_SCRIPT_DEBUG": "true"} if debug else {})
-            envs = {"CERC_NPM_AUTH_TOKEN": npm_registry_url_token,
+            # but that isn't available in Python 3.8 (default in Ubuntu 20)
-                    "LACONIC_HOSTED_CONFIG_FILE": "config-hosted.yml"  # Convention used by our web app packages
+            # so for now we use dict.update:
-                    }
+            envs = {
+                "CERC_NPM_AUTH_TOKEN": npm_registry_url_token,
+                # Convention used by our web app packages
+                "LACONIC_HOSTED_CONFIG_FILE": "config-hosted.yml",
+            }
             envs.update({"CERC_SCRIPT_DEBUG": "true"} if debug else {})
             envs.update({"CERC_FORCE_REBUILD": "true"} if force_rebuild else {})
-            envs.update({"CERC_CONTAINER_EXTRA_BUILD_ARGS": extra_build_args} if extra_build_args else {})
+            envs.update(
+                {"CERC_CONTAINER_EXTRA_BUILD_ARGS": extra_build_args}
+                if extra_build_args
+                else {}
+            )
             try:
-                docker.run(builder_js_image_name,
+                docker.run(
-                           remove=True,
+                    builder_js_image_name,
-                           interactive=True,
+                    remove=True,
-                           tty=True,
+                    interactive=True,
-                           user=f"{os.getuid()}:{os.getgid()}",
+                    tty=True,
-                           envs=envs,
+                    user=f"{os.getuid()}:{os.getgid()}",
-                           # TODO: detect this host name in npm_registry_url rather than hard-wiring it
+                    envs=envs,
-                           add_hosts=[("gitea.local", "host-gateway")],
+                    # TODO: detect this host name in npm_registry_url
-                           volumes=[(repo_copy_path, "/workspace")],
+                    # rather than hard-wiring it
-                           command=build_command
+                    add_hosts=[("gitea.local", "host-gateway")],
-                           )
+                    volumes=[(repo_copy_path, "/workspace")],
-                # Note that although the docs say that build_result should contain
+                    command=build_command,
-                # the command output as a string, in reality it is always the empty string.
+                )
-                # Since we detect errors via catching exceptions below, we can safely ignore it here.
+                # Note that although the docs say that build_result should
+                # contain the command output as a string, in reality it is
+                # always the empty string. Since we detect errors via catching
+                # exceptions below, we can safely ignore it here.
             except DockerException as e:
                 print(f"Error executing build for {package} in container:\n {e}")
                 if not continue_on_error:
-                    print("FATAL Error: build failed and --continue-on-error not set, exiting")
+                    print(
+                        "FATAL Error: build failed and --continue-on-error "
+                        "not set, exiting"
+                    )
                     sys.exit(1)
                 else:
-                    print("****** Build Error, continuing because --continue-on-error is set")
+                    print(
+                        "****** Build Error, continuing because "
+                        "--continue-on-error is set"
+                    )
 
         else:
             print("Skipped")
@@ -168,6 +203,12 @@ def _ensure_prerequisites():
     # Tell the user how to build it if not
     images = docker.image.list(builder_js_image_name)
     if len(images) == 0:
-        print(f"FATAL: builder image: {builder_js_image_name} is required but was not found")
+        print(
-        print("Please run this command to create it: laconic-so --stack build-support build-containers")
+            f"FATAL: builder image: {builder_js_image_name} is required "
+            "but was not found"
+        )
+        print(
+            "Please run this command to create it: "
+            "laconic-so --stack build-support build-containers"
+        )
         sys.exit(1)

stack_orchestrator/build/build_types.py

@@ -0,0 +1,28 @@
+# Copyright © 2024 Vulcanize
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http:#www.gnu.org/licenses/>.
+
+
+from dataclasses import dataclass
+from pathlib import Path
+from typing import Mapping
+
+
+@dataclass
+class BuildContext:
+    stack: str
+    container: str
+    container_build_dir: Path
+    container_build_env: Mapping[str, str]
+    dev_root_path: str

stack_orchestrator/build/build_util.py

@@ -0,0 +1,43 @@
+# Copyright © 2024 Vulcanize
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http:#www.gnu.org/licenses/>.
+
+import importlib.resources
+
+from stack_orchestrator.opts import opts
+from stack_orchestrator.util import get_parsed_stack_config, warn_exit
+
+
+def get_containers_in_scope(stack: str):
+    containers_in_scope = []
+    if stack:
+        stack_config = get_parsed_stack_config(stack)
+        if "containers" not in stack_config or stack_config["containers"] is None:
+            warn_exit(f"stack {stack} does not define any containers")
+        containers_in_scope = stack_config["containers"]
+    else:
+        # See: https://stackoverflow.com/a/20885799/1701505
+        from stack_orchestrator import data
+
+        with importlib.resources.open_text(
+            data, "container-image-list.txt"
+        ) as container_list_file:
+            containers_in_scope = container_list_file.read().splitlines()
+
+    if opts.o.verbose:
+        print(f"Containers: {containers_in_scope}")
+        if stack:
+            print(f"Stack: {stack}")
+
+    return containers_in_scope

stack_orchestrator/build/build_webapp.py

@@ -18,67 +18,117 @@
 # env vars:
 # CERC_REPO_BASE_DIR defaults to ~/cerc
 
-# TODO: display the available list of containers; allow re-build of either all or specific containers
+# TODO: display the available list of containers;
+# allow re-build of either all or specific containers
 
 import os
+import sys
+
 from decouple import config
 import click
 from pathlib import Path
 from stack_orchestrator.build import build_containers
-from stack_orchestrator.deploy.webapp.util import determine_base_container
+from stack_orchestrator.deploy.webapp.util import determine_base_container, TimedLogger
+from stack_orchestrator.build.build_types import BuildContext
 
 
 @click.command()
-@click.option('--base-container')
+@click.option("--base-container")
-@click.option('--source-repo', help="directory containing the webapp to build", required=True)
+@click.option(
-@click.option("--force-rebuild", is_flag=True, default=False, help="Override dependency checking -- always rebuild")
+    "--source-repo", help="directory containing the webapp to build", required=True
+)
+@click.option(
+    "--force-rebuild",
+    is_flag=True,
+    default=False,
+    help="Override dependency checking -- always rebuild",
+)
 @click.option("--extra-build-args", help="Supply extra arguments to build")
 @click.option("--tag", help="Container tag (default: cerc/<app_name>:local)")
 @click.pass_context
 def command(ctx, base_container, source_repo, force_rebuild, extra_build_args, tag):
-    '''build the specified webapp container'''
+    """build the specified webapp container"""
+    logger = TimedLogger()
 
-    quiet = ctx.obj.quiet
-    verbose = ctx.obj.verbose
-    dry_run = ctx.obj.dry_run
     debug = ctx.obj.debug
+    verbose = ctx.obj.verbose
     local_stack = ctx.obj.local_stack
     stack = ctx.obj.stack
-    continue_on_error = ctx.obj.continue_on_error
 
-    # See: https://stackoverflow.com/questions/25389095/python-get-path-of-root-project-structure
+    # See: https://stackoverflow.com/questions/25389095/
-    container_build_dir = Path(__file__).absolute().parent.parent.joinpath("data", "container-build")
+    # python-get-path-of-root-project-structure
+    container_build_dir = (
+        Path(__file__).absolute().parent.parent.joinpath("data", "container-build")
+    )
 
     if local_stack:
-        dev_root_path = os.getcwd()[0:os.getcwd().rindex("stack-orchestrator")]
+        dev_root_path = os.getcwd()[0 : os.getcwd().rindex("stack-orchestrator")]
-        print(f'Local stack dev_root_path (CERC_REPO_BASE_DIR) overridden to: {dev_root_path}')
+        logger.log(
+            f"Local stack dev_root_path (CERC_REPO_BASE_DIR) overridden to: "
+            f"{dev_root_path}"
+        )
     else:
-        dev_root_path = os.path.expanduser(config("CERC_REPO_BASE_DIR", default="~/cerc"))
+        dev_root_path = os.path.expanduser(
+            config("CERC_REPO_BASE_DIR", default="~/cerc")
+        )
 
-    if not quiet:
+    if verbose:
-        print(f'Dev Root is: {dev_root_path}')
+        logger.log(f"Dev Root is: {dev_root_path}")
 
     if not base_container:
         base_container = determine_base_container(source_repo)
 
     # First build the base container.
-    container_build_env = build_containers.make_container_build_env(dev_root_path, container_build_dir, debug,
+    container_build_env = build_containers.make_container_build_env(
-                                                                    force_rebuild, extra_build_args)
+        dev_root_path, container_build_dir, debug, force_rebuild, extra_build_args
+    )
 
-    build_containers.process_container(None, base_container, container_build_dir, container_build_env, dev_root_path, quiet,
+    if verbose:
-                                       verbose, dry_run, continue_on_error)
+        logger.log(f"Building base container: {base_container}")
 
-    # Now build the target webapp.  We use the same build script, but with a different Dockerfile and work dir.
+    build_context_1 = BuildContext(
+        stack,
+        base_container,
+        container_build_dir,
+        container_build_env,
+        dev_root_path,
+    )
+    ok = build_containers.process_container(build_context_1)
+    if not ok:
+        logger.log("ERROR: Build failed.")
+        sys.exit(1)
+
+    if verbose:
+        logger.log(f"Base container {base_container} build finished.")
+
+    # Now build the target webapp. We use the same build script,
+    # but with a different Dockerfile and work dir.
     container_build_env["CERC_WEBAPP_BUILD_RUNNING"] = "true"
     container_build_env["CERC_CONTAINER_BUILD_WORK_DIR"] = os.path.abspath(source_repo)
-    container_build_env["CERC_CONTAINER_BUILD_DOCKERFILE"] = os.path.join(container_build_dir,
+    container_build_env["CERC_CONTAINER_BUILD_DOCKERFILE"] = os.path.join(
-                                                                          base_container.replace("/", "-"),
+        container_build_dir, base_container.replace("/", "-"), "Dockerfile.webapp"
-                                                                          "Dockerfile.webapp")
+    )
     if not tag:
         webapp_name = os.path.abspath(source_repo).split(os.path.sep)[-1]
-        container_build_env["CERC_CONTAINER_BUILD_TAG"] = f"cerc/{webapp_name}:local"
+        tag = f"cerc/{webapp_name}:local"
-    else:
-        container_build_env["CERC_CONTAINER_BUILD_TAG"] = tag
 
-    build_containers.process_container(None, base_container, container_build_dir, container_build_env, dev_root_path, quiet,
+    container_build_env["CERC_CONTAINER_BUILD_TAG"] = tag
-                                       verbose, dry_run, continue_on_error)
+
+    if verbose:
+        logger.log(f"Building app container: {tag}")
+
+    build_context_2 = BuildContext(
+        stack,
+        base_container,
+        container_build_dir,
+        container_build_env,
+        dev_root_path,
+    )
+    ok = build_containers.process_container(build_context_2)
+    if not ok:
+        logger.log("ERROR: Build failed.")
+        sys.exit(1)
+
+    if verbose:
+        logger.log(f"App container {base_container} build finished.")
+        logger.log("build-webapp complete", show_step_time=False, show_total_time=True)

stack_orchestrator/build/fetch_containers.py

@@ -0,0 +1,232 @@
+# Copyright © 2024 Vulcanize
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http:#www.gnu.org/licenses/>.
+
+import click
+from dataclasses import dataclass
+import json
+import platform
+from python_on_whales import DockerClient
+from python_on_whales.components.manifest.cli_wrapper import ManifestCLI, ManifestList
+from python_on_whales.utils import run
+import requests
+from typing import List
+
+from stack_orchestrator.opts import opts
+from stack_orchestrator.util import include_exclude_check, error_exit
+from stack_orchestrator.build.build_util import get_containers_in_scope
+
+# Experimental fetch-container command
+
+
+@dataclass
+class RegistryInfo:
+    registry: str
+    registry_username: str
+    registry_token: str
+
+
+# Extending this code to support the --verbose option, cnosider contributing upstream
+# https://github.com/gabrieldemarmiesse/python-on-whales/blob/master/python_on_whales/components/manifest/cli_wrapper.py#L129
+class ExtendedManifestCLI(ManifestCLI):
+    def inspect_verbose(self, x: str) -> ManifestList:
+        """Returns a Docker manifest list object."""
+        json_str = run(self.docker_cmd + ["manifest", "inspect", "--verbose", x])
+        return json.loads(json_str)
+
+
+def _local_tag_for(container: str):
+    return f"{container}:local"
+
+
+# See: https://docker-docs.uclv.cu/registry/spec/api/
+# Emulate this:
+# $ curl -u "my-username:my-token" -X GET \
+#   "https://<container-registry-hostname>/v2/cerc-io/cerc/test-container/tags/list"
+# {"name":"cerc-io/cerc/test-container","tags":["202402232130","202402232208"]}
+def _get_tags_for_container(container: str, registry_info: RegistryInfo) -> List[str]:
+    # registry looks like: git.vdb.to/cerc-io
+    registry_parts = registry_info.registry.split("/")
+    url = f"https://{registry_parts[0]}/v2/{registry_parts[1]}/{container}/tags/list"
+    if opts.o.debug:
+        print(f"Fetching tags from: {url}")
+    response = requests.get(
+        url, auth=(registry_info.registry_username, registry_info.registry_token)
+    )
+    if response.status_code == 200:
+        tag_info = response.json()
+        if opts.o.debug:
+            print(f"container tags list: {tag_info}")
+        tags_array = tag_info["tags"]
+        return tags_array
+    else:
+        error_exit(
+            f"failed to fetch tags from image registry, "
+            f"status code: {response.status_code}"
+        )
+
+
+def _find_latest(candidate_tags: List[str]):
+    # Lex sort should give us the latest first
+    sorted_candidates = sorted(candidate_tags)
+    if opts.o.debug:
+        print(f"sorted candidates: {sorted_candidates}")
+    return sorted_candidates[-1]
+
+
+def _filter_for_platform(
+    container: str, registry_info: RegistryInfo, tag_list: List[str]
+) -> List[str]:
+    filtered_tags = []
+    this_machine = platform.machine()
+    # Translate between Python and docker platform names
+    if this_machine == "x86_64":
+        this_machine = "amd64"
+    if this_machine == "aarch64":
+        this_machine = "arm64"
+    if opts.o.debug:
+        print(f"Python says the architecture is: {this_machine}")
+    docker = DockerClient()
+    for tag in tag_list:
+        remote_tag = f"{registry_info.registry}/{container}:{tag}"
+        manifest_cmd = ExtendedManifestCLI(docker.client_config)
+        manifest = manifest_cmd.inspect_verbose(remote_tag)
+        if opts.o.debug:
+            print(f"manifest: {manifest}")
+        image_architecture = manifest["Descriptor"]["platform"]["architecture"]
+        if opts.o.debug:
+            print(f"image_architecture: {image_architecture}")
+        if this_machine == image_architecture:
+            filtered_tags.append(tag)
+    if opts.o.debug:
+        print(f"Tags filtered for platform: {filtered_tags}")
+    return filtered_tags
+
+
+def _get_latest_image(container: str, registry_info: RegistryInfo):
+    all_tags = _get_tags_for_container(container, registry_info)
+    tags_for_platform = _filter_for_platform(container, registry_info, all_tags)
+    if len(tags_for_platform) > 0:
+        latest_tag = _find_latest(tags_for_platform)
+        return f"{container}:{latest_tag}"
+    else:
+        return None
+
+
+def _fetch_image(tag: str, registry_info: RegistryInfo):
+    docker = DockerClient()
+    remote_tag = f"{registry_info.registry}/{tag}"
+    if opts.o.debug:
+        print(f"Attempting to pull this image: {remote_tag}")
+    docker.image.pull(remote_tag)
+
+
+def _exists_locally(container: str):
+    docker = DockerClient()
+    return docker.image.exists(_local_tag_for(container))
+
+
+def _add_local_tag(remote_tag: str, registry: str, local_tag: str):
+    docker = DockerClient()
+    docker.image.tag(f"{registry}/{remote_tag}", local_tag)
+
+
+@click.command()
+@click.option("--include", help="only fetch these containers")
+@click.option("--exclude", help="don't fetch these containers")
+@click.option(
+    "--force-local-overwrite",
+    is_flag=True,
+    default=False,
+    help="Overwrite a locally built image, if present",
+)
+@click.option(
+    "--image-registry", required=True, help="Specify the image registry to fetch from"
+)
+@click.option(
+    "--registry-username", required=True, help="Specify the image registry username"
+)
+@click.option(
+    "--registry-token", required=True, help="Specify the image registry access token"
+)
+@click.pass_context
+def command(
+    ctx,
+    include,
+    exclude,
+    force_local_overwrite,
+    image_registry,
+    registry_username,
+    registry_token,
+):
+    """EXPERIMENTAL: fetch the images for a stack from remote registry"""
+
+    registry_info = RegistryInfo(image_registry, registry_username, registry_token)
+    docker = DockerClient()
+    if not opts.o.quiet:
+        print("Logging into container registry:")
+    docker.login(
+        registry_info.registry,
+        registry_info.registry_username,
+        registry_info.registry_token,
+    )
+    # Generate list of target containers
+    stack = ctx.obj.stack
+    containers_in_scope = get_containers_in_scope(stack)
+    all_containers_found = True
+    for container in containers_in_scope:
+        local_tag = _local_tag_for(container)
+        if include_exclude_check(container, include, exclude):
+            if opts.o.debug:
+                print(f"Processing: {container}")
+            # For each container, attempt to find the latest of a set of
+            # images with the correct name and platform in the specified registry
+            image_to_fetch = _get_latest_image(container, registry_info)
+            if not image_to_fetch:
+                print(f"Warning: no image found to fetch for container: {container}")
+                all_containers_found = False
+                continue
+            if opts.o.debug:
+                print(f"Fetching: {image_to_fetch}")
+            _fetch_image(image_to_fetch, registry_info)
+            # Now check if the target container already exists exists locally already
+            if _exists_locally(container):
+                if not opts.o.quiet:
+                    print(f"Container image {container} already exists locally")
+                # if so, fail unless the user specified force-local-overwrite
+                if force_local_overwrite:
+                    # In that case remove the existing :local tag
+                    if not opts.o.quiet:
+                        print(
+                            f"Warning: overwriting local tag from this image: "
+                            f"{container} because --force-local-overwrite was specified"
+                        )
+                else:
+                    if not opts.o.quiet:
+                        print(
+                            f"Skipping local tagging for this image: {container} "
+                            "because that would overwrite an existing :local tagged "
+                            "image, use --force-local-overwrite to do so."
+                        )
+                    continue
+            # Tag the fetched image with the :local tag
+            _add_local_tag(image_to_fetch, image_registry, local_tag)
+        else:
+            if opts.o.verbose:
+                print(f"Excluding: {container}")
+    if not all_containers_found:
+        print(
+            "Warning: couldn't find usable images for one or more containers, "
+            "this stack will not deploy"
+        )

stack_orchestrator/build/publish.py

@@ -0,0 +1,48 @@
+# Copyright © 2024 Vulcanize
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Affero General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Affero General Public License for more details.
+
+# You should have received a copy of the GNU Affero General Public License
+# along with this program.  If not, see <http:#www.gnu.org/licenses/>.
+
+from datetime import datetime
+from python_on_whales import DockerClient
+
+from stack_orchestrator.opts import opts
+from stack_orchestrator.util import error_exit
+
+
+def _publish_tag_for_image(local_image_tag: str, remote_repo: str, version: str):
+    # Turns image tags of the form: foo/bar:local into remote.repo/org/bar:deploy
+    (image_name, image_version) = local_image_tag.split(":")
+    if image_version == "local":
+        return f"{remote_repo}/{image_name}:{version}"
+    else:
+        error_exit("Asked to publish a non-locally built image")
+
+
+def publish_image(local_tag, registry):
+    if opts.o.verbose:
+        print(f"Publishing this image: {local_tag} to this registry: {registry}")
+    docker = DockerClient()
+    # Figure out the target image tag
+    # Eventually this version will be generated from the source repo state
+    # Using a timestemp is an intermediate step
+    version = datetime.now().strftime("%Y%m%d%H%M")
+    remote_tag = _publish_tag_for_image(local_tag, registry, version)
+    # Tag the image thus
+    if opts.o.debug:
+        print(f"Tagging {local_tag} to {remote_tag}")
+    docker.image.tag(local_tag, remote_tag)
+    # Push it to the desired registry
+    if opts.o.verbose:
+        print(f"Pushing image {remote_tag}")
+    docker.image.push(remote_tag)

stack_orchestrator/constants.py

@@ -34,5 +34,13 @@ volumes_key = "volumes"
 security_key = "security"
 annotations_key = "annotations"
 labels_key = "labels"
+replicas_key = "replicas"
+node_affinities_key = "node-affinities"
+node_tolerations_key = "node-tolerations"
 kind_config_filename = "kind-config.yml"
 kube_config_filename = "kubeconfig.yml"
+cri_base_filename = "cri-base.json"
+unlimited_memlock_key = "unlimited-memlock"
+runtime_class_key = "runtime-class"
+high_memlock_runtime = "high-memlock"
+high_memlock_spec_filename = "high-memlock-spec.json"

stack_orchestrator/data/compose/docker-compose-container-registry.yml

@@ -0,0 +1,15 @@
+services:
+  registry:
+    image: registry:2.8
+    restart: always
+    environment:
+      REGISTRY_LOG_LEVEL: ${REGISTRY_LOG_LEVEL}
+    volumes:
+      - config:/config:ro
+      - registry-data:/var/lib/registry
+    ports:
+      - "5000"
+
+volumes:
+  config:
+  registry-data:

stack_orchestrator/data/compose/docker-compose-fixturenet-blast.yml

@@ -0,0 +1,80 @@
+
+# From: https://raw.githubusercontent.com/blast-io/deployment/master/docker-compose.yml
+services:
+  # generate jwt.txt if it's absent
+  generate-jwt:
+    image: blastio/openssl
+    volumes:
+      - blast-data:/blast:rw
+    command: >
+      sh -c "[ ! -f /blast/jwt.txt ] && openssl rand -hex 32 | tr -d '\n' > /blast/jwt.txt || exit 0"
+  # initialise geth db
+  geth-init:
+    image: blastio/blast-geth:${NETWORK:-testnet-sepolia}
+    volumes:
+      - blast-data:/blast:rw
+      - ../config/fixturenet-blast/genesis.json:/blast/genesis.json
+    entrypoint: /bin/sh
+    command: >
+      -c "[ ! -d /blast/${GETH_DATA_DIR:-blast-geth-data}/geth ] && /usr/local/bin/geth init --datadir=/blast/${GETH_DATA_DIR:-blast-geth-data} /blast/genesis.json || exit 0"
+    depends_on:
+      generate-jwt:
+        condition: service_completed_successfully
+    env_file:
+      - ../config/fixturenet-blast/${NETWORK:-fixturenet}.config
+  blast-geth:
+    image: blastio/blast-geth:${NETWORK:-testnet-sepolia}
+    volumes:
+      - blast-data:/blast
+    ports:
+      - "9545"
+      - "9546"
+    command: >
+      --datadir=/blast/${GETH_DATA_DIR:-blast-geth-data}
+      --http
+      --http.corsdomain="*"
+      --http.vhosts="*"
+      --http.addr=0.0.0.0
+      --http.port=9545
+      --http.api=web3,debug,eth,txpool,net,engine
+      --ws
+      --ws.addr=0.0.0.0
+      --ws.port=9546
+      --ws.origins="*"
+      --ws.api=debug,eth,txpool,net,engine
+      --authrpc.addr="0.0.0.0"
+      --authrpc.port="8551"
+      --authrpc.vhosts="*"
+      --authrpc.jwtsecret=/blast/jwt.txt
+      --syncmode=full
+      --gcmode=archive
+      --nodiscover
+      --maxpeers=0
+      --rollup.disabletxpoolgossip=true
+    env_file:
+      - ../config/fixturenet-blast/${NETWORK:-fixturenet}.config
+    depends_on:
+      geth-init:
+        condition: service_completed_successfully
+  op-node:
+    image: blastio/blast-optimism:${NETWORK:-testnet-sepolia}
+    volumes:
+      - blast-data:/blast
+      - ../config/fixturenet-blast/rollup.json:/blast/rollup.json
+    ports:
+      - "9003"
+    command: >
+      op-node
+      --l1="${CERC_L1_RPC}"
+      --l1.rpckind="any"
+      --l1.trustrpc=true
+      --l2="http://blast-geth:8551"
+      --l2.jwt-secret=/blast/jwt.txt
+      --rollup.config="/blast/rollup.json"
+    depends_on:
+      - blast-geth
+    env_file:
+      - ../config/fixturenet-blast/${NETWORK:-fixturenet}.config
+
+volumes:
+  blast-data:

stack_orchestrator/data/compose/docker-compose-fixturenet-laconicd.yml

@@ -2,7 +2,11 @@ services:
   laconicd:
     restart: unless-stopped
     image: cerc/laconicd:local
-    command: ["sh", "/docker-entrypoint-scripts.d/create-fixturenet.sh"]
+    command: ["bash", "/docker-entrypoint-scripts.d/create-fixturenet.sh"]
+    environment:
+      TEST_AUCTION_ENABLED: ${TEST_AUCTION_ENABLED:-false}
+      TEST_REGISTRY_EXPIRY: ${TEST_REGISTRY_EXPIRY:-false}
+      ONBOARDING_ENABLED: ${ONBOARDING_ENABLED:-false}
     volumes:
       # The cosmos-sdk node's database directory:
       - laconicd-data:/root/.laconicd
@@ -16,15 +20,14 @@ services:
       - "26657"
       - "26656"
       - "9473"
-      - "8545"
-      - "8546"
       - "9090"
-      - "9091"
       - "1317"
+
   cli:
     image: cerc/laconic-registry-cli:local
     volumes:
       - ../config/fixturenet-laconicd/registry-cli-config-template.yml:/registry-cli-config-template.yml
+      - ${BASE_DIR:-~/cerc}/laconic-registry-cli:/laconic-registry-cli
 
 volumes:
   laconicd-data:

stack_orchestrator/data/compose/docker-compose-fixturenet-plugeth.yml

@@ -6,6 +6,7 @@ services:
       - ../config/fixturenet-eth/fixturenet-eth.env
     environment:
       RUN_BOOTNODE: "true"
+      CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG}
     image: cerc/fixturenet-plugeth-plugeth:local
     volumes:
       - fixturenet_plugeth_bootnode_geth_data:/root/ethdata

stack_orchestrator/data/compose/docker-compose-grafana.yml

@@ -2,16 +2,24 @@ version: "3.7"
 
 services:
   grafana:
-    image: grafana/grafana:10.2.2
+    image: grafana/grafana:10.2.3
     restart: always
     environment:
       GF_SERVER_ROOT_URL: ${GF_SERVER_ROOT_URL}
+      CERC_GRAFANA_ALERTS_SUBGRAPH_IDS: ${CERC_GRAFANA_ALERTS_SUBGRAPH_IDS}
     volumes:
       - ../config/monitoring/grafana/provisioning:/etc/grafana/provisioning
       - ../config/monitoring/grafana/dashboards:/etc/grafana/dashboards
+      - ../config/monitoring/update-grafana-alerts-config.sh:/update-grafana-alerts-config.sh
       - grafana_storage:/var/lib/grafana
+    user: root
+    entrypoint: ["bash", "-c"]
+    command: |
+      "/update-grafana-alerts-config.sh && /run.sh"
     ports:
       - "3000"
+    extra_hosts:
+      - "host.docker.internal:host-gateway"
     healthcheck:
       test: ["CMD", "nc", "-vz", "localhost", "3000"]
       interval: 30s

stack_orchestrator/data/compose/docker-compose-graph-node.yml

@@ -16,8 +16,13 @@ services:
       postgres_pass: password
       postgres_db: graph-node
       ethereum: ${ETH_NETWORKS:-lotus-fixturenet:http://lotus-node-1:1234/rpc/v1}
+      # Env varaibles reference: https://git.vdb.to/cerc-io/graph-node/src/branch/master/docs/environment-variables.md
       GRAPH_LOG: debug
       ETHEREUM_REORG_THRESHOLD: 3
+      GRAPH_ETHEREUM_JSON_RPC_TIMEOUT: ${GRAPH_ETHEREUM_JSON_RPC_TIMEOUT:-180}
+      GRAPH_ETHEREUM_REQUEST_RETRIES: ${GRAPH_ETHEREUM_REQUEST_RETRIES:-10}
+      GRAPH_ETHEREUM_MAX_BLOCK_RANGE_SIZE: ${GRAPH_ETHEREUM_MAX_BLOCK_RANGE_SIZE:-2000}
+      GRAPH_ETHEREUM_BLOCK_INGESTOR_MAX_CONCURRENT_JSON_RPC_CALLS_FOR_TXN_RECEIPTS: ${GRAPH_ETHEREUM_BLOCK_INGESTOR_MAX_CONCURRENT_JSON_RPC_CALLS_FOR_TXN_RECEIPTS:-1000}
     entrypoint: ["bash", "-c"]
     # Wait for ETH RPC endpoint to be up when running with fixturenet-lotus
     command: |
@@ -27,6 +32,7 @@ services:
       - "8001"
       - "8020"
       - "8030"
+      - "8040"
     healthcheck:
       test: ["CMD", "nc", "-vz", "localhost", "8020"]
       interval: 30s

stack_orchestrator/data/compose/docker-compose-laconic-explorer.yml

@@ -0,0 +1,10 @@
+services:
+  laconic-explorer:
+    restart: unless-stopped
+    image: cerc/ping-pub:local
+    environment:
+      - LACONIC_LACONICD_API_URL=${LACONIC_LACONICD_API_URL:-http://localhost:1317}
+      - LACONIC_LACONICD_RPC_URL=${LACONIC_LACONICD_RPC_URL:-http://localhost:26657}
+      - LACONIC_LACONICD_CHAIN_ID=${LACONIC_LACONICD_CHAIN_ID:-chain-id-not-set}
+    ports:
+      - "5173"

stack_orchestrator/data/compose/docker-compose-laconicd.yml

@@ -14,4 +14,3 @@ services:
       - "9090"
       - "9091"
       - "1317"
-

stack_orchestrator/data/compose/docker-compose-mainnet-blast.yml

@@ -0,0 +1,83 @@
+
+# From: https://raw.githubusercontent.com/blast-io/deployment/master/docker-compose.yml
+services:
+  # generate jwt.txt if it's absent
+  generate-jwt:
+    image: blastio/openssl
+    volumes:
+      - blast-data:/blast:rw
+    command: >
+      sh -c "[ ! -f /blast/jwt.txt ] && openssl rand -hex 32 | tr -d '\n' > /blast/jwt.txt || exit 0"
+  # initialise geth db
+  geth-init:
+    image: blastio/blast-geth:${NETWORK:-mainnet}
+    volumes:
+      - blast-data:/blast:rw
+    entrypoint: /bin/sh
+    command: >
+      -c "[ ! -d /blast/${GETH_DATA_DIR:-blast-geth-data}/geth ] && /usr/local/bin/geth init --datadir=/blast/${GETH_DATA_DIR:-blast-geth-data} /blast/genesis.json || exit 0"
+    depends_on:
+      generate-jwt:
+        condition: service_completed_successfully
+    env_file:
+      - ../config/mainnet-blast/${NETWORK:-mainnet}.config
+  blast-geth:
+    image: blastio/blast-geth:${NETWORK:-mainnet}
+    volumes:
+      - blast-data:/blast
+    ports:
+      - "9545"
+      - "9546"
+      - "6060"
+    command: >
+      --datadir=/blast/${GETH_DATA_DIR:-blast-geth-data}
+      --http
+      --http.corsdomain="*"
+      --http.vhosts="*"
+      --http.addr=0.0.0.0
+      --http.port=9545
+      --http.api=web3,debug,eth,txpool,net,engine
+      --ws
+      --ws.addr=0.0.0.0
+      --ws.port=9546
+      --ws.origins="*"
+      --ws.api=debug,eth,txpool,net,engine
+      --authrpc.addr="0.0.0.0"
+      --authrpc.port="8551"
+      --authrpc.vhosts="*"
+      --authrpc.jwtsecret=/blast/jwt.txt
+      --syncmode=full
+      --metrics
+      --metrics.addr=0.0.0.0
+      --gcmode=archive
+      --nodiscover
+      --maxpeers=0
+      --rollup.disabletxpoolgossip=true
+    env_file:
+      - ../config/mainnet-blast/${NETWORK:-mainnet}.config
+    depends_on:
+      geth-init:
+        condition: service_completed_successfully
+  op-node:
+    image: blastio/blast-optimism:${NETWORK:-mainnet}
+    volumes:
+      - blast-data:/blast
+    ports:
+      - "9003"
+      - "7300"
+    command: >
+      op-node
+      --l1="https://eth-mainnet-1.vdb.to/"
+      --metrics.enabled
+      --l1.rpckind="any"
+      --l1.trustrpc=true
+      --l2="http://blast-geth:8551"
+      --l2.jwt-secret=/blast/jwt.txt
+      --rollup.config="/blast/rollup.json"
+    depends_on:
+      - blast-geth
+    env_file:
+      - ../config/mainnet-blast/${NETWORK:-mainnet}.config
+
+volumes:
+  blast-data:

stack_orchestrator/data/compose/docker-compose-mars-v2.yml

@@ -0,0 +1,12 @@
+version: "3.2"
+
+services:
+  mars:
+    image: cerc/mars-v2:local
+    restart: always
+    ports:
+      - "3000:3000"
+    environment:
+      - URL_OSMOSIS_REST=https://lcd-osmosis.blockapsis.com
+      - URL_OSMOSIS_RPC=https://rpc-osmosis.blockapsis.com
+      - WALLET_CONNECT_ID=0x0x0x0x0x0x0x0x0x0x0x0x0x0x0x0x0x0x0x0x

stack_orchestrator/data/compose/docker-compose-mars.yml

@@ -17,4 +17,3 @@ services:
       - URL_NEUTRON_TEST_REST=https://rest-palvus.pion-1.ntrn.tech
       - URL_NEUTRON_TEST_RPC=https://rpc-palvus.pion-1.ntrn.tech
       - WALLET_CONNECT_ID=0x0x0x0x0x0x0x0x0x0x0x0x0x0x0x0x0x0x0x0x
-

stack_orchestrator/data/compose/docker-compose-prom-server.yml

@@ -28,15 +28,37 @@ services:
     extra_hosts:
       - "host.docker.internal:host-gateway"
 
-  chain-head-exporter:
+  ethereum-chain-head-exporter:
     image: cerc/watcher-ts:local
     restart: always
     working_dir: /app/packages/cli
     environment:
-      ETH_RPC_ENDPOINT: ${CERC_ETH_RPC_ENDPOINT}
+      ETH_RPC_ENDPOINT: ${CERC_ETH_RPC_ENDPOINT:-https://mainnet.infura.io/v3}
-      FIL_RPC_ENDPOINT: ${CERC_FIL_RPC_ENDPOINT}
       ETH_RPC_API_KEY: ${CERC_INFURA_KEY}
-      PORT: ${CERC_METRICS_PORT}
+    command: ["sh", "-c", "yarn export-metrics:chain-heads"]
+    ports:
+      - '5000'
+    extra_hosts:
+      - "host.docker.internal:host-gateway"
+
+  filecoin-chain-head-exporter:
+    image: cerc/watcher-ts:local
+    restart: always
+    working_dir: /app/packages/cli
+    environment:
+      ETH_RPC_ENDPOINT: ${CERC_FIL_RPC_ENDPOINT:-https://api.node.glif.io/rpc/v1}
+    command: ["sh", "-c", "yarn export-metrics:chain-heads"]
+    ports:
+      - '5000'
+    extra_hosts:
+      - "host.docker.internal:host-gateway"
+
+  graph-node-upstream-head-exporter:
+    image: cerc/watcher-ts:local
+    restart: always
+    working_dir: /app/packages/cli
+    environment:
+      ETH_RPC_ENDPOINT: ${GRAPH_NODE_RPC_ENDPOINT}
     command: ["sh", "-c", "yarn export-metrics:chain-heads"]
     ports:
       - '5000'

stack_orchestrator/data/compose/docker-compose-reth.yml

@@ -32,4 +32,4 @@ services:
 volumes:
   reth_data:
   lighthouse_data:
-  shared_data:
+  shared_data:

stack_orchestrator/data/compose/docker-compose-test-database.yml

@@ -12,7 +12,7 @@ services:
       POSTGRES_INITDB_ARGS: "-E UTF8 --locale=C"
     ports:
       - "5432"
-    
+
   test-client:
     image: cerc/test-database-client:local
 

stack_orchestrator/data/compose/docker-compose-test.yml

@@ -6,6 +6,7 @@ services:
       CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG}
       CERC_TEST_PARAM_1: ${CERC_TEST_PARAM_1:-FAILED}
       CERC_TEST_PARAM_2: "CERC_TEST_PARAM_2_VALUE"
+      CERC_TEST_PARAM_3: ${CERC_TEST_PARAM_3:-FAILED}
     volumes:
       - test-data-bind:/data
       - test-data-auto:/data2

stack_orchestrator/data/compose/docker-compose-watcher-ajna.yml

@@ -0,0 +1,78 @@
+version: '3.2'
+
+services:
+  ajna-watcher-db:
+    restart: unless-stopped
+    image: postgres:14-alpine
+    environment:
+      - POSTGRES_USER=vdbm
+      - POSTGRES_MULTIPLE_DATABASES=ajna-watcher,ajna-watcher-job-queue
+      - POSTGRES_EXTENSION=ajna-watcher-job-queue:pgcrypto
+      - POSTGRES_PASSWORD=password
+    volumes:
+      - ../config/postgresql/multiple-postgressql-databases.sh:/docker-entrypoint-initdb.d/multiple-postgressql-databases.sh
+      - ajna_watcher_db_data:/var/lib/postgresql/data
+    ports:
+      - "5432"
+    healthcheck:
+      test: ["CMD", "nc", "-v", "localhost", "5432"]
+      interval: 20s
+      timeout: 5s
+      retries: 15
+      start_period: 10s
+
+  ajna-watcher-job-runner:
+    restart: unless-stopped
+    depends_on:
+      ajna-watcher-db:
+        condition: service_healthy
+    image: cerc/watcher-ajna:local
+    environment:
+      CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG}
+      CERC_ETH_RPC_ENDPOINTS: ${CERC_ETH_RPC_ENDPOINTS}
+    command: ["bash", "./start-job-runner.sh"]
+    volumes:
+      - ../config/watcher-ajna/watcher-config-template.toml:/app/environments/watcher-config-template.toml
+      - ../config/watcher-ajna/start-job-runner.sh:/app/start-job-runner.sh
+    ports:
+      - "9000"
+    healthcheck:
+      test: ["CMD", "nc", "-vz", "127.0.0.1", "9000"]
+      interval: 20s
+      timeout: 5s
+      retries: 15
+      start_period: 5s
+    extra_hosts:
+      - "host.docker.internal:host-gateway"
+
+  ajna-watcher-server:
+    restart: unless-stopped
+    depends_on:
+      ajna-watcher-db:
+        condition: service_healthy
+      ajna-watcher-job-runner:
+        condition: service_healthy
+    image: cerc/watcher-ajna:local
+    environment:
+      CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG}
+      CERC_ETH_RPC_ENDPOINTS: ${CERC_ETH_RPC_ENDPOINTS}
+    command: ["bash", "./start-server.sh"]
+    volumes:
+      - ../config/watcher-ajna/watcher-config-template.toml:/app/environments/watcher-config-template.toml
+      - ../config/watcher-ajna/start-server.sh:/app/start-server.sh
+      - ajna_watcher_gql_logs_data:/app/gql-logs
+    ports:
+      - "3008"
+      - "9001"
+    healthcheck:
+      test: ["CMD", "nc", "-vz", "127.0.0.1", "3008"]
+      interval: 20s
+      timeout: 5s
+      retries: 15
+      start_period: 5s
+    extra_hosts:
+      - "host.docker.internal:host-gateway"
+
+volumes:
+  ajna_watcher_db_data:
+  ajna_watcher_gql_logs_data:

stack_orchestrator/data/compose/docker-compose-watcher-azimuth.yml

@@ -32,8 +32,8 @@ services:
         condition: service_healthy
     environment:
       CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG}
-      CERC_IPLD_ETH_RPC: ${CERC_IPLD_ETH_RPC}
+      CERC_ETH_RPC_ENDPOINTS: ${CERC_ETH_RPC_ENDPOINTS}
-      CERC_IPLD_ETH_GQL: ${CERC_IPLD_ETH_GQL}
+      CERC_IPLD_ETH_GQL_ENDPOINT: ${CERC_IPLD_ETH_GQL_ENDPOINT}
       CERC_HISTORICAL_BLOCK_RANGE: 500
       CONTRACT_ADDRESS: 0x223c067F8CF28ae173EE5CafEa60cA44C335fecB
       CONTRACT_NAME: Azimuth
@@ -47,7 +47,7 @@ services:
     ports:
       - "9000"
     healthcheck:
-      test: ["CMD", "nc", "-vz", "localhost", "9000"]
+      test: ["CMD", "nc", "-vz", "127.0.0.1", "9000"]
       interval: 20s
       timeout: 5s
       retries: 15
@@ -66,18 +66,20 @@ services:
         condition: service_healthy
     environment:
       CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG}
-      CERC_IPLD_ETH_RPC: ${CERC_IPLD_ETH_RPC}
+      CERC_ETH_RPC_ENDPOINTS: ${CERC_ETH_RPC_ENDPOINTS}
-      CERC_IPLD_ETH_GQL: ${CERC_IPLD_ETH_GQL}
+      CERC_IPLD_ETH_GQL_ENDPOINT: ${CERC_IPLD_ETH_GQL_ENDPOINT}
     working_dir: /app/packages/azimuth-watcher
     command: "./start-server.sh"
     volumes:
       - ../config/watcher-azimuth/watcher-config-template.toml:/app/packages/azimuth-watcher/environments/watcher-config-template.toml
       - ../config/watcher-azimuth/merge-toml.js:/app/packages/azimuth-watcher/merge-toml.js
       - ../config/watcher-azimuth/start-server.sh:/app/packages/azimuth-watcher/start-server.sh
+      - azimuth_watcher_gql_logs_data:/app/packages/azimuth-watcher/gql-logs
     ports:
       - "3001"
+      - "9001"
     healthcheck:
-      test: ["CMD", "nc", "-vz", "localhost", "3001"]
+      test: ["CMD", "nc", "-vz", "127.0.0.1", "3001"]
       interval: 20s
       timeout: 5s
       retries: 15
@@ -94,8 +96,8 @@ services:
         condition: service_healthy
     environment:
       CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG}
-      CERC_IPLD_ETH_RPC: ${CERC_IPLD_ETH_RPC}
+      CERC_ETH_RPC_ENDPOINTS: ${CERC_ETH_RPC_ENDPOINTS}
-      CERC_IPLD_ETH_GQL: ${CERC_IPLD_ETH_GQL}
+      CERC_IPLD_ETH_GQL_ENDPOINT: ${CERC_IPLD_ETH_GQL_ENDPOINT}
       CONTRACT_ADDRESS: 0x325f68d32BdEe6Ed86E7235ff2480e2A433D6189
       CONTRACT_NAME: Censures
       STARTING_BLOCK: 6784954
@@ -108,7 +110,7 @@ services:
     ports:
       - "9002"
     healthcheck:
-      test: ["CMD", "nc", "-vz", "localhost", "9002"]
+      test: ["CMD", "nc", "-vz", "127.0.0.1", "9002"]
       interval: 20s
       timeout: 5s
       retries: 15
@@ -127,18 +129,20 @@ services:
         condition: service_healthy
     environment:
       CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG}
-      CERC_IPLD_ETH_RPC: ${CERC_IPLD_ETH_RPC}
+      CERC_ETH_RPC_ENDPOINTS: ${CERC_ETH_RPC_ENDPOINTS}
-      CERC_IPLD_ETH_GQL: ${CERC_IPLD_ETH_GQL}
+      CERC_IPLD_ETH_GQL_ENDPOINT: ${CERC_IPLD_ETH_GQL_ENDPOINT}
     working_dir: /app/packages/censures-watcher
     command: "./start-server.sh"
     volumes:
       - ../config/watcher-azimuth/watcher-config-template.toml:/app/packages/censures-watcher/environments/watcher-config-template.toml
       - ../config/watcher-azimuth/merge-toml.js:/app/packages/censures-watcher/merge-toml.js
       - ../config/watcher-azimuth/start-server.sh:/app/packages/censures-watcher/start-server.sh
+      - censures_watcher_gql_logs_data:/app/packages/censures-watcher/gql-logs
     ports:
       - "3002"
+      - "9003"
     healthcheck:
-      test: ["CMD", "nc", "-vz", "localhost", "3002"]
+      test: ["CMD", "nc", "-vz", "127.0.0.1", "3002"]
       interval: 20s
       timeout: 5s
       retries: 15
@@ -155,8 +159,8 @@ services:
         condition: service_healthy
     environment:
       CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG}
-      CERC_IPLD_ETH_RPC: ${CERC_IPLD_ETH_RPC}
+      CERC_ETH_RPC_ENDPOINTS: ${CERC_ETH_RPC_ENDPOINTS}
-      CERC_IPLD_ETH_GQL: ${CERC_IPLD_ETH_GQL}
+      CERC_IPLD_ETH_GQL_ENDPOINT: ${CERC_IPLD_ETH_GQL_ENDPOINT}
       CONTRACT_ADDRESS: 0xe7e7f69b34D7d9Bd8d61Fb22C33b22708947971A
       CONTRACT_NAME: Claims
       STARTING_BLOCK: 6784941
@@ -169,7 +173,7 @@ services:
     ports:
       - "9004"
     healthcheck:
-      test: ["CMD", "nc", "-vz", "localhost", "9004"]
+      test: ["CMD", "nc", "-vz", "127.0.0.1", "9004"]
       interval: 20s
       timeout: 5s
       retries: 15
@@ -188,18 +192,20 @@ services:
         condition: service_healthy
     environment:
       CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG}
-      CERC_IPLD_ETH_RPC: ${CERC_IPLD_ETH_RPC}
+      CERC_ETH_RPC_ENDPOINTS: ${CERC_ETH_RPC_ENDPOINTS}
-      CERC_IPLD_ETH_GQL: ${CERC_IPLD_ETH_GQL}
+      CERC_IPLD_ETH_GQL_ENDPOINT: ${CERC_IPLD_ETH_GQL_ENDPOINT}
     working_dir: /app/packages/claims-watcher
     command: "./start-server.sh"
     volumes:
       - ../config/watcher-azimuth/watcher-config-template.toml:/app/packages/claims-watcher/environments/watcher-config-template.toml
       - ../config/watcher-azimuth/merge-toml.js:/app/packages/claims-watcher/merge-toml.js
       - ../config/watcher-azimuth/start-server.sh:/app/packages/claims-watcher/start-server.sh
+      - claims_watcher_gql_logs_data:/app/packages/claims-watcher/gql-logs
     ports:
       - "3003"
+      - "9005"
     healthcheck:
-      test: ["CMD", "nc", "-vz", "localhost", "3003"]
+      test: ["CMD", "nc", "-vz", "127.0.0.1", "3003"]
       interval: 20s
       timeout: 5s
       retries: 15
@@ -216,8 +222,8 @@ services:
         condition: service_healthy
     environment:
       CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG}
-      CERC_IPLD_ETH_RPC: ${CERC_IPLD_ETH_RPC}
+      CERC_ETH_RPC_ENDPOINTS: ${CERC_ETH_RPC_ENDPOINTS}
-      CERC_IPLD_ETH_GQL: ${CERC_IPLD_ETH_GQL}
+      CERC_IPLD_ETH_GQL_ENDPOINT: ${CERC_IPLD_ETH_GQL_ENDPOINT}
       CONTRACT_ADDRESS: 0x8C241098C3D3498Fe1261421633FD57986D74AeA
       CONTRACT_NAME: ConditionalStarRelease
       STARTING_BLOCK: 6828004
@@ -230,7 +236,7 @@ services:
     ports:
       - "9006"
     healthcheck:
-      test: ["CMD", "nc", "-vz", "localhost", "9006"]
+      test: ["CMD", "nc", "-vz", "127.0.0.1", "9006"]
       interval: 20s
       timeout: 5s
       retries: 15
@@ -249,18 +255,20 @@ services:
         condition: service_healthy
     environment:
       CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG}
-      CERC_IPLD_ETH_RPC: ${CERC_IPLD_ETH_RPC}
+      CERC_ETH_RPC_ENDPOINTS: ${CERC_ETH_RPC_ENDPOINTS}
-      CERC_IPLD_ETH_GQL: ${CERC_IPLD_ETH_GQL}
+      CERC_IPLD_ETH_GQL_ENDPOINT: ${CERC_IPLD_ETH_GQL_ENDPOINT}
     working_dir: /app/packages/conditional-star-release-watcher
     command: "./start-server.sh"
     volumes:
       - ../config/watcher-azimuth/watcher-config-template.toml:/app/packages/conditional-star-release-watcher/environments/watcher-config-template.toml
       - ../config/watcher-azimuth/merge-toml.js:/app/packages/conditional-star-release-watcher/merge-toml.js
       - ../config/watcher-azimuth/start-server.sh:/app/packages/conditional-star-release-watcher/start-server.sh
+      - conditional_star_release_watcher_gql_logs_data:/app/packages/conditional-star-release-watcher/gql-logs
     ports:
       - "3004"
+      - "9007"
     healthcheck:
-      test: ["CMD", "nc", "-vz", "localhost", "3004"]
+      test: ["CMD", "nc", "-vz", "127.0.0.1", "3004"]
       interval: 20s
       timeout: 5s
       retries: 15
@@ -277,8 +285,8 @@ services:
         condition: service_healthy
     environment:
       CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG}
-      CERC_IPLD_ETH_RPC: ${CERC_IPLD_ETH_RPC}
+      CERC_ETH_RPC_ENDPOINTS: ${CERC_ETH_RPC_ENDPOINTS}
-      CERC_IPLD_ETH_GQL: ${CERC_IPLD_ETH_GQL}
+      CERC_IPLD_ETH_GQL_ENDPOINT: ${CERC_IPLD_ETH_GQL_ENDPOINT}
       CONTRACT_ADDRESS: 0xf6b461fE1aD4bd2ce25B23Fe0aff2ac19B3dFA76
       CONTRACT_NAME: DelegatedSending
       STARTING_BLOCK: 6784956
@@ -291,7 +299,7 @@ services:
     ports:
       - "9008"
     healthcheck:
-      test: ["CMD", "nc", "-vz", "localhost", "9008"]
+      test: ["CMD", "nc", "-vz", "127.0.0.1", "9008"]
       interval: 20s
       timeout: 5s
       retries: 15
@@ -310,18 +318,20 @@ services:
         condition: service_healthy
     environment:
       CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG}
-      CERC_IPLD_ETH_RPC: ${CERC_IPLD_ETH_RPC}
+      CERC_ETH_RPC_ENDPOINTS: ${CERC_ETH_RPC_ENDPOINTS}
-      CERC_IPLD_ETH_GQL: ${CERC_IPLD_ETH_GQL}
+      CERC_IPLD_ETH_GQL_ENDPOINT: ${CERC_IPLD_ETH_GQL_ENDPOINT}
     working_dir: /app/packages/delegated-sending-watcher
     command: "./start-server.sh"
     volumes:
       - ../config/watcher-azimuth/watcher-config-template.toml:/app/packages/delegated-sending-watcher/environments/watcher-config-template.toml
       - ../config/watcher-azimuth/merge-toml.js:/app/packages/delegated-sending-watcher/merge-toml.js
       - ../config/watcher-azimuth/start-server.sh:/app/packages/delegated-sending-watcher/start-server.sh
+      - delegated_sending_watcher_gql_logs_data:/app/packages/delegated-sending-watcher/gql-logs
     ports:
       - "3005"
+      - "9009"
     healthcheck:
-      test: ["CMD", "nc", "-vz", "localhost", "3005"]
+      test: ["CMD", "nc", "-vz", "127.0.0.1", "3005"]
       interval: 20s
       timeout: 5s
       retries: 15
@@ -338,8 +348,8 @@ services:
         condition: service_healthy
     environment:
       CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG}
-      CERC_IPLD_ETH_RPC: ${CERC_IPLD_ETH_RPC}
+      CERC_ETH_RPC_ENDPOINTS: ${CERC_ETH_RPC_ENDPOINTS}
-      CERC_IPLD_ETH_GQL: ${CERC_IPLD_ETH_GQL}
+      CERC_IPLD_ETH_GQL_ENDPOINT: ${CERC_IPLD_ETH_GQL_ENDPOINT}
       CONTRACT_ADDRESS: 0x33EeCbf908478C10614626A9D304bfe18B78DD73
       CONTRACT_NAME: Ecliptic
       STARTING_BLOCK: 13692129
@@ -352,7 +362,7 @@ services:
     ports:
       - "9010"
     healthcheck:
-      test: ["CMD", "nc", "-vz", "localhost", "9010"]
+      test: ["CMD", "nc", "-vz", "127.0.0.1", "9010"]
       interval: 20s
       timeout: 5s
       retries: 15
@@ -371,18 +381,20 @@ services:
         condition: service_healthy
     environment:
       CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG}
-      CERC_IPLD_ETH_RPC: ${CERC_IPLD_ETH_RPC}
+      CERC_ETH_RPC_ENDPOINTS: ${CERC_ETH_RPC_ENDPOINTS}
-      CERC_IPLD_ETH_GQL: ${CERC_IPLD_ETH_GQL}
+      CERC_IPLD_ETH_GQL_ENDPOINT: ${CERC_IPLD_ETH_GQL_ENDPOINT}
     working_dir: /app/packages/ecliptic-watcher
     command: "./start-server.sh"
     volumes:
       - ../config/watcher-azimuth/watcher-config-template.toml:/app/packages/ecliptic-watcher/environments/watcher-config-template.toml
       - ../config/watcher-azimuth/merge-toml.js:/app/packages/ecliptic-watcher/merge-toml.js
       - ../config/watcher-azimuth/start-server.sh:/app/packages/ecliptic-watcher/start-server.sh
+      - ecliptic_watcher_gql_logs_data:/app/packages/ecliptic-watcher/gql-logs
     ports:
       - "3006"
+      - "9011"
     healthcheck:
-      test: ["CMD", "nc", "-vz", "localhost", "3006"]
+      test: ["CMD", "nc", "-vz", "127.0.0.1", "3006"]
       interval: 20s
       timeout: 5s
       retries: 15
@@ -399,8 +411,8 @@ services:
         condition: service_healthy
     environment:
       CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG}
-      CERC_IPLD_ETH_RPC: ${CERC_IPLD_ETH_RPC}
+      CERC_ETH_RPC_ENDPOINTS: ${CERC_ETH_RPC_ENDPOINTS}
-      CERC_IPLD_ETH_GQL: ${CERC_IPLD_ETH_GQL}
+      CERC_IPLD_ETH_GQL_ENDPOINT: ${CERC_IPLD_ETH_GQL_ENDPOINT}
       CONTRACT_ADDRESS: 0x86cd9cd0992F04231751E3761De45cEceA5d1801
       CONTRACT_NAME: LinearStarRelease
       STARTING_BLOCK: 6784943
@@ -413,7 +425,7 @@ services:
     ports:
       - "9012"
     healthcheck:
-      test: ["CMD", "nc", "-vz", "localhost", "9012"]
+      test: ["CMD", "nc", "-vz", "127.0.0.1", "9012"]
       interval: 20s
       timeout: 5s
       retries: 15
@@ -432,18 +444,20 @@ services:
         condition: service_healthy
     environment:
       CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG}
-      CERC_IPLD_ETH_RPC: ${CERC_IPLD_ETH_RPC}
+      CERC_ETH_RPC_ENDPOINTS: ${CERC_ETH_RPC_ENDPOINTS}
-      CERC_IPLD_ETH_GQL: ${CERC_IPLD_ETH_GQL}
+      CERC_IPLD_ETH_GQL_ENDPOINT: ${CERC_IPLD_ETH_GQL_ENDPOINT}
     working_dir: /app/packages/linear-star-release-watcher
     command: "./start-server.sh"
     volumes:
       - ../config/watcher-azimuth/watcher-config-template.toml:/app/packages/linear-star-release-watcher/environments/watcher-config-template.toml
       - ../config/watcher-azimuth/merge-toml.js:/app/packages/linear-star-release-watcher/merge-toml.js
       - ../config/watcher-azimuth/start-server.sh:/app/packages/linear-star-release-watcher/start-server.sh
+      - linear_star_release_watcher_gql_logs_data:/app/packages/linear-star-release-watcher/gql-logs
     ports:
       - "3007"
+      - "9013"
     healthcheck:
-      test: ["CMD", "nc", "-vz", "localhost", "3007"]
+      test: ["CMD", "nc", "-vz", "127.0.0.1", "3007"]
       interval: 20s
       timeout: 5s
       retries: 15
@@ -460,8 +474,8 @@ services:
         condition: service_healthy
     environment:
       CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG}
-      CERC_IPLD_ETH_RPC: ${CERC_IPLD_ETH_RPC}
+      CERC_ETH_RPC_ENDPOINTS: ${CERC_ETH_RPC_ENDPOINTS}
-      CERC_IPLD_ETH_GQL: ${CERC_IPLD_ETH_GQL}
+      CERC_IPLD_ETH_GQL_ENDPOINT: ${CERC_IPLD_ETH_GQL_ENDPOINT}
       CONTRACT_ADDRESS: 0x7fEcaB617c868Bb5996d99D95200D2Fa708218e4
       CONTRACT_NAME: Polls
       STARTING_BLOCK: 6784912
@@ -474,7 +488,7 @@ services:
     ports:
       - "9014"
     healthcheck:
-      test: ["CMD", "nc", "-vz", "localhost", "9014"]
+      test: ["CMD", "nc", "-vz", "127.0.0.1", "9014"]
       interval: 20s
       timeout: 5s
       retries: 15
@@ -493,18 +507,20 @@ services:
         condition: service_healthy
     environment:
       CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG}
-      CERC_IPLD_ETH_RPC: ${CERC_IPLD_ETH_RPC}
+      CERC_ETH_RPC_ENDPOINTS: ${CERC_ETH_RPC_ENDPOINTS}
-      CERC_IPLD_ETH_GQL: ${CERC_IPLD_ETH_GQL}
+      CERC_IPLD_ETH_GQL_ENDPOINT: ${CERC_IPLD_ETH_GQL_ENDPOINT}
     working_dir: /app/packages/polls-watcher
     command: "./start-server.sh"
     volumes:
       - ../config/watcher-azimuth/watcher-config-template.toml:/app/packages/polls-watcher/environments/watcher-config-template.toml
       - ../config/watcher-azimuth/merge-toml.js:/app/packages/polls-watcher/merge-toml.js
       - ../config/watcher-azimuth/start-server.sh:/app/packages/polls-watcher/start-server.sh
+      - polls_watcher_gql_logs_data:/app/packages/polls-watcher/gql-logs
     ports:
       - "3008"
+      - "9015"
     healthcheck:
-      test: ["CMD", "nc", "-vz", "localhost", "3008"]
+      test: ["CMD", "nc", "-vz", "127.0.0.1", "3008"]
       interval: 20s
       timeout: 5s
       retries: 15
@@ -542,7 +558,7 @@ services:
     ports:
       - "0.0.0.0:4000:4000"
     healthcheck:
-      test: ["CMD", "nc", "-vz", "localhost", "4000"]
+      test: ["CMD", "nc", "-vz", "127.0.0.1", "4000"]
       interval: 20s
       timeout: 5s
       retries: 15
@@ -552,3 +568,11 @@ services:
 
 volumes:
   watcher_db_data:
+  azimuth_watcher_gql_logs_data:
+  censures_watcher_gql_logs_data:
+  claims_watcher_gql_logs_data:
+  conditional_star_release_watcher_gql_logs_data:
+  delegated_sending_watcher_gql_logs_data:
+  ecliptic_watcher_gql_logs_data:
+  linear_star_release_watcher_gql_logs_data:
+  polls_watcher_gql_logs_data:

stack_orchestrator/data/compose/docker-compose-watcher-merkl-sushiswap-v3.yml

@@ -29,7 +29,7 @@ services:
     image: cerc/watcher-merkl-sushiswap-v3:local
     environment:
       CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG}
-      CERC_ETH_RPC_ENDPOINT: ${CERC_ETH_RPC_ENDPOINT}
+      CERC_ETH_RPC_ENDPOINTS: ${CERC_ETH_RPC_ENDPOINTS}
     command: ["bash", "./start-job-runner.sh"]
     volumes:
       - ../config/watcher-merkl-sushiswap-v3/watcher-config-template.toml:/app/environments/watcher-config-template.toml
@@ -37,7 +37,7 @@ services:
     ports:
       - "9002:9000"
     healthcheck:
-      test: ["CMD", "nc", "-v", "localhost", "9000"]
+      test: ["CMD", "nc", "-vz", "127.0.0.1", "9000"]
       interval: 20s
       timeout: 5s
       retries: 15
@@ -55,16 +55,17 @@ services:
     image: cerc/watcher-merkl-sushiswap-v3:local
     environment:
       CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG}
-      CERC_ETH_RPC_ENDPOINT: ${CERC_ETH_RPC_ENDPOINT}
+      CERC_ETH_RPC_ENDPOINTS: ${CERC_ETH_RPC_ENDPOINTS}
     command: ["bash", "./start-server.sh"]
     volumes:
       - ../config/watcher-merkl-sushiswap-v3/watcher-config-template.toml:/app/environments/watcher-config-template.toml
       - ../config/watcher-merkl-sushiswap-v3/start-server.sh:/app/start-server.sh
+      - merkl_sushiswap_v3_watcher_gql_logs_data:/app/gql-logs
     ports:
       - "127.0.0.1:3007:3008"
       - "9003:9001"
     healthcheck:
-      test: ["CMD", "nc", "-v", "localhost", "3008"]
+      test: ["CMD", "nc", "-vz", "127.0.0.1", "3008"]
       interval: 20s
       timeout: 5s
       retries: 15
@@ -74,3 +75,4 @@ services:
 
 volumes:
   merkl_sushiswap_v3_watcher_db_data:
+  merkl_sushiswap_v3_watcher_gql_logs_data:

stack_orchestrator/data/compose/docker-compose-watcher-sushiswap-v3.yml

@@ -29,7 +29,7 @@ services:
     image: cerc/watcher-sushiswap-v3:local
     environment:
       CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG}
-      CERC_ETH_RPC_ENDPOINT: ${CERC_ETH_RPC_ENDPOINT}
+      CERC_ETH_RPC_ENDPOINTS: ${CERC_ETH_RPC_ENDPOINTS}
     command: ["bash", "./start-job-runner.sh"]
     volumes:
       - ../config/watcher-sushiswap-v3/watcher-config-template.toml:/app/environments/watcher-config-template.toml
@@ -37,7 +37,7 @@ services:
     ports:
       - "9000:9000"
     healthcheck:
-      test: ["CMD", "nc", "-v", "localhost", "9000"]
+      test: ["CMD", "nc", "-vz", "127.0.0.1", "9000"]
       interval: 20s
       timeout: 5s
       retries: 15
@@ -55,16 +55,17 @@ services:
     image: cerc/watcher-sushiswap-v3:local
     environment:
       CERC_SCRIPT_DEBUG: ${CERC_SCRIPT_DEBUG}
-      CERC_ETH_RPC_ENDPOINT: ${CERC_ETH_RPC_ENDPOINT}
+      CERC_ETH_RPC_ENDPOINTS: ${CERC_ETH_RPC_ENDPOINTS}
     command: ["bash", "./start-server.sh"]
     volumes:
       - ../config/watcher-sushiswap-v3/watcher-config-template.toml:/app/environments/watcher-config-template.toml
       - ../config/watcher-sushiswap-v3/start-server.sh:/app/start-server.sh
+      - sushiswap_v3_watcher_gql_logs_data:/app/gql-logs
     ports:
       - "127.0.0.1:3008:3008"
       - "9001:9001"
     healthcheck:
-      test: ["CMD", "nc", "-v", "localhost", "3008"]
+      test: ["CMD", "nc", "-vz", "127.0.0.1", "3008"]
       interval: 20s
       timeout: 5s
       retries: 15
@@ -74,3 +75,4 @@ services:
 
 volumes:
   sushiswap_v3_watcher_db_data:
+  sushiswap_v3_watcher_gql_logs_data:

stack_orchestrator/data/config/fixturenet-blast/fixturenet.config

@@ -0,0 +1,2 @@
+GETH_ROLLUP_SEQUENCERHTTP=https://sequencer.s2.testblast.io
+OP_NODE_P2P_BOOTNODES=enr:-J-4QM3GLUFfKMSJQuP1UvuKQe8DyovE7Eaiit0l6By4zjTodkR4V8NWXJxNmlg8t8rP-Q-wp3jVmeAOml8cjMj__ROGAYznzb_HgmlkgnY0gmlwhA-cZ_eHb3BzdGFja4X947FQAIlzZWNwMjU2azGhAiuDqvB-AsVSRmnnWr6OHfjgY8YfNclFy9p02flKzXnOg3RjcIJ2YYN1ZHCCdmE,enr:-J-4QDCVpByqQ8nFqCS9aHicqwUfXgzFDslvpEyYz19lvkHLIdtcIGp2d4q5dxHdjRNTO6HXCsnIKxUeuZSPcEbyVQCGAYznzz0RgmlkgnY0gmlwhANiQfuHb3BzdGFja4X947FQAIlzZWNwMjU2azGhAy3AtF2Jh_aPdOohg506Hjmtx-fQ1AKmu71C7PfkWAw9g3RjcIJ2YYN1ZHCCdmE

stack_orchestrator/data/config/fixturenet-blast/genesis.json

@@ -0,0 +1,57 @@
+{
+  "config": {
+    "chainId": 608943043,
+    "homesteadBlock": 0,
+    "eip150Block": 0,
+    "eip155Block": 0,
+    "eip158Block": 0,
+    "byzantiumBlock": 0,
+    "constantinopleBlock": 0,
+    "petersburgBlock": 0,
+    "istanbulBlock": 0,
+    "muirGlacierBlock": 0,
+    "berlinBlock": 0,
+    "londonBlock": 0,
+    "arrowGlacierBlock": 0,
+    "grayGlacierBlock": 0,
+    "mergeNetsplitBlock": 0,
+    "shanghaiTime": 0,
+    "bedrockBlock": 0,
+    "regolithTime": 0,
+    "canyonTime": 0,
+    "terminalTotalDifficulty": 0,
+    "terminalTotalDifficultyPassed": true,
+    "optimism": {
+      "eip1559Elasticity": 6,
+      "eip1559Denominator": 50,
+      "eip1559DenominatorCanyon": 250
+    }
+  },
+  "alloc": {
+    "0000000000000000000000000000000000000000": {
+      "balance": "0x1"
+    },
+    "4200000000000000000000000000000000000000": {
+      "code": "0x60806040526004361061004e5760003560e01c80633659cfe6146100655780634f1ef286146100855780635c60da1b146100ae5780638f283970146100db578063f851a440146100fb5761005d565b3661005d5761005b610110565b005b61005b610110565b34801561007157600080fd5b5061005b610080366004610521565b6101c8565b61009861009336600461053c565b61020e565b6040516100a591906105bf565b60405180910390f35b3480156100ba57600080fd5b506100c361033e565b6040516001600160a01b0390911681526020016100a5565b3480156100e757600080fd5b5061005b6100f6366004610521565b6103a9565b34801561010757600080fd5b506100c36103e4565b600061013a7f360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc5490565b90506001600160a01b0381166101a55760405162461bcd60e51b815260206004820152602560248201527f50726f78793a20696d706c656d656e746174696f6e206e6f7420696e697469616044820152641b1a5e995960da1b60648201526084015b60405180910390fd5b3660008037600080366000845af43d6000803e806101c2573d6000fd5b503d6000f35b600080516020610625833981519152546001600160a01b0316336001600160a01b031614806101f5575033155b156102065761020381610432565b50565b610203610110565b60606102266000805160206106258339815191525490565b6001600160a01b0316336001600160a01b03161480610243575033155b1561032f5761025184610432565b600080856001600160a01b0316858560405161026e929190610614565b600060405180830381855af49150503d80600081146102a9576040519150601f19603f3d011682016040523d82523d6000602084013e6102ae565b606091505b5091509150816103265760405162461bcd60e51b815260206004820152603960248201527f50726f78793a2064656c656761746563616c6c20746f206e657720696d706c6560448201527f6d656e746174696f6e20636f6e7472616374206661696c656400000000000000606482015260840161019c565b91506103379050565b610337610110565b9392505050565b60006103566000805160206106258339815191525490565b6001600160a01b0316336001600160a01b03161480610373575033155b1561039e57507f360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc5490565b6103a6610110565b90565b600080516020610625833981519152546001600160a01b0316336001600160a01b031614806103d6575033155b15610206576102038161048e565b60006103fc6000805160206106258339815191525490565b6001600160a01b0316336001600160a01b03161480610419575033155b1561039e57506000805160206106258339815191525490565b7f360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc8181556040516001600160a01b038316907fbc7cd75a20ee27fd9adebab32041f755214dbc6bffa90cc0225b39da2e5c2d3b90600090a25050565b60006104a66000805160206106258339815191525490565b600080516020610625833981519152838155604080516001600160a01b0380851682528616602082015292935090917f7e644d79422f17c01e4894b5f4f588d331ebfa28653d42ae832dc59e38c9798f910160405180910390a1505050565b80356001600160a01b038116811461051c57600080fd5b919050565b60006020828403121561053357600080fd5b61033782610505565b60008060006040848603121561055157600080fd5b61055a84610505565b9250602084013567ffffffffffffffff8082111561057757600080fd5b818601915086601f83011261058b57600080fd5b81358181111561059a57600080fd5b8760208285010111156105ac57600080fd5b6020830194508093505050509250925092565b600060208083528351808285015260005b818110156105ec578581018301518582016040015282016105d0565b818111156105fe576000604083870101525b50601f01601f1916929092016040019392505050565b818382376000910190815291905056feb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103a164736f6c634300080f000a",
+      "storage": {
+        "0x360894a13ba1a3210667c828492db98dca3e2076cc3735a920a3ca505d382bbc": "0x000000000000000000000000c0d3c0d3c0d3c0d3c0d3c0d3c0d3c0d3c0d30000",
+        "0xb53127684a568b3173ae13b9f8a6016e243e63b6e8ee1178d6a717850b5d6103": "0x0000000000000000000000004200000000000000000000000000000000000018"
+      },
+      "balance": "0x0",
+      "flags": 1
+    }
+  },
+  "nonce": "0x0",
+  "timestamp": "0x659b7460",
+  "extraData": "0x424544524f434b",
+  "gasLimit": "0x1c9c380",
+  "difficulty": "0x0",
+  "mixHash": "0x0000000000000000000000000000000000000000000000000000000000000000",
+  "coinbase": "0x4200000000000000000000000000000000000011",
+  "number": "0x0",
+  "gasUsed": "0x0",
+  "parentHash": "0x0000000000000000000000000000000000000000000000000000000000000000",
+  "baseFeePerGas": "0x3b9aca00",
+  "excessBlobGas": null,
+  "blobGasUsed": null
+}

stack_orchestrator/data/config/fixturenet-blast/rollup.json

@@ -0,0 +1,31 @@
+{
+  "genesis": {
+    "l1": {
+      "hash": "0x17728cf4d8e0b4f292d2390a869fd7c632d39e72efb00ca3462b4387c6aa2437",
+      "number": 5044255
+    },
+    "l2": {
+      "hash": "0x26a1c0faad7b041f34569a1bb383f00ab74b335883a44bed53e9f41ced5fd906",
+      "number": 0
+    },
+    "l2_time": 1704686688,
+    "system_config": {
+      "batcherAddr": "0xba26fee2fa917443e05e65de8d4350bcd2f59222",
+      "overhead": "0x00000000000000000000000000000000000000000000000000000000000000bc",
+      "scalar": "0x00000000000000000000000000000000000000000000000000000000000a6fe0",
+      "gasLimit": 30000000
+    }
+  },
+  "block_time": 2,
+  "max_sequencer_drift": 600,
+  "seq_window_size": 3600,
+  "channel_timeout": 300,
+  "l1_chain_id": 11155111,
+  "l2_chain_id": 608943043,
+  "regolith_time": 0,
+  "canyon_time": 0,
+  "batch_inbox_address": "0x1c3b85a2108784eab6a4bf56cdd6f722e415b331",
+  "deposit_contract_address": "0x2757e4430e694f27b73ec9c02257cab3a498c8c5",
+  "l1_system_config_address": "0x329faf078c364a316e08bf6a17b7eee6ae75a613",
+  "protocol_versions_address": "0x0000000000000000000000000000000000000000"
+}

stack_orchestrator/data/config/fixturenet-eth-metrics/grafana/etc/dashboards/fixturenet_dashboard.json

@@ -1411,4 +1411,4 @@
   "uid": "nT9VeZoVk",
   "version": 2,
   "weekStart": ""
-}
+}

stack_orchestrator/data/config/fixturenet-eth/fixturenet-eth.env

@@ -22,4 +22,7 @@ CERC_STATEDIFF_DB_LOG_STATEMENTS="${CERC_STATEDIFF_DB_LOG_STATEMENTS:-false}"
 CERC_STATEDIFF_WORKERS=2
 
 CERC_GETH_VMODULE="statediff/*=5,rpc/*=5"
-CERC_GETH_VERBOSITY=${CERC_GETH_VERBOSITY:-3}
+CERC_GETH_VERBOSITY=${CERC_GETH_VERBOSITY:-3}
+
+# Used by Lighthouse
+SECONDS_PER_ETH1_BLOCK=${SECONDS_PER_ETH1_BLOCK:-3}

stack_orchestrator/data/config/fixturenet-laconicd/create-fixturenet.sh

@@ -8,68 +8,68 @@ KEY="mykey"
 CHAINID="laconic_9000-1"
 MONIKER="localtestnet"
 KEYRING="test"
-KEYALGO="eth_secp256k1"
+KEYALGO="secp256k1"
-LOGLEVEL="info"
+LOGLEVEL="${LOGLEVEL:-info}"
-# trace evm
+DENOM="alnt"
-TRACE="--trace"
+
-# TRACE=""
 
 if [ "$1" == "clean" ] || [ ! -d "$HOME/.laconicd/data/blockstore.db" ]; then
   # validate dependencies are installed
-  command -v jq > /dev/null 2>&1 || { echo >&2 "jq not installed. More info: https://stedolan.github.io/jq/download/"; exit 1; }
+  command -v jq > /dev/null 2>&1 || {
+    echo >&2 "jq not installed. More info: https://stedolan.github.io/jq/download/"
+    exit 1
+  }
 
   # remove existing daemon and client
   rm -rf $HOME/.laconicd/*
-  rm -rf $HOME/.laconic/*
 
   if [ -n "`which make`" ]; then
     make install
   fi
 
-  laconicd config keyring-backend $KEYRING
+  laconicd config set client chain-id $CHAINID
-  laconicd config chain-id $CHAINID
+  laconicd config set client keyring-backend $KEYRING
 
   # if $KEY exists it should be deleted
   laconicd keys add $KEY --keyring-backend $KEYRING --algo $KEYALGO
 
   # Set moniker and chain-id for Ethermint (Moniker can be anything, chain-id must be an integer)
-  laconicd init $MONIKER --chain-id $CHAINID
+  laconicd init $MONIKER --chain-id $CHAINID --default-denom $DENOM
 
-  # Change parameter token denominations to aphoton
+  update_genesis() {
-  cat $HOME/.laconicd/config/genesis.json | jq '.app_state["staking"]["params"]["bond_denom"]="aphoton"' > $HOME/.laconicd/config/tmp_genesis.json && mv $HOME/.laconicd/config/tmp_genesis.json $HOME/.laconicd/config/genesis.json
+    jq "$1" $HOME/.laconicd/config/genesis.json > $HOME/.laconicd/config/tmp_genesis.json &&
-  cat $HOME/.laconicd/config/genesis.json | jq '.app_state["crisis"]["constant_fee"]["denom"]="aphoton"' > $HOME/.laconicd/config/tmp_genesis.json && mv $HOME/.laconicd/config/tmp_genesis.json $HOME/.laconicd/config/genesis.json
+      mv $HOME/.laconicd/config/tmp_genesis.json $HOME/.laconicd/config/genesis.json
-  cat $HOME/.laconicd/config/genesis.json | jq '.app_state["gov"]["deposit_params"]["min_deposit"][0]["denom"]="aphoton"' > $HOME/.laconicd/config/tmp_genesis.json && mv $HOME/.laconicd/config/tmp_genesis.json $HOME/.laconicd/config/genesis.json
+  }
-  cat $HOME/.laconicd/config/genesis.json | jq '.app_state["mint"]["params"]["mint_denom"]="aphoton"' > $HOME/.laconicd/config/tmp_genesis.json && mv $HOME/.laconicd/config/tmp_genesis.json $HOME/.laconicd/config/genesis.json
-  # Custom modules
-  cat $HOME/.laconicd/config/genesis.json | jq '.app_state["registry"]["params"]["record_rent"]["denom"]="aphoton"' > $HOME/.laconicd/config/tmp_genesis.json && mv $HOME/.laconicd/config/tmp_genesis.json $HOME/.laconicd/config/genesis.json
-  cat $HOME/.laconicd/config/genesis.json | jq '.app_state["registry"]["params"]["authority_rent"]["denom"]="aphoton"' > $HOME/.laconicd/config/tmp_genesis.json && mv $HOME/.laconicd/config/tmp_genesis.json $HOME/.laconicd/config/genesis.json
-  cat $HOME/.laconicd/config/genesis.json | jq '.app_state["registry"]["params"]["authority_auction_commit_fee"]["denom"]="aphoton"' > $HOME/.laconicd/config/tmp_genesis.json && mv $HOME/.laconicd/config/tmp_genesis.json $HOME/.laconicd/config/genesis.json
-  cat $HOME/.laconicd/config/genesis.json | jq '.app_state["registry"]["params"]["authority_auction_reveal_fee"]["denom"]="aphoton"' > $HOME/.laconicd/config/tmp_genesis.json && mv $HOME/.laconicd/config/tmp_genesis.json $HOME/.laconicd/config/genesis.json
-  cat $HOME/.laconicd/config/genesis.json | jq '.app_state["registry"]["params"]["authority_auction_minimum_bid"]["denom"]="aphoton"' > $HOME/.laconicd/config/tmp_genesis.json && mv $HOME/.laconicd/config/tmp_genesis.json $HOME/.laconicd/config/genesis.json
 
   if [[ "$TEST_REGISTRY_EXPIRY" == "true" ]]; then
     echo "Setting timers for expiry tests."
 
-    cat $HOME/.laconicd/config/genesis.json | jq '.app_state["registry"]["params"]["record_rent_duration"]="60s"' > $HOME/.laconicd/config/tmp_genesis.json && mv $HOME/.laconicd/config/tmp_genesis.json $HOME/.laconicd/config/genesis.json
+    update_genesis '.app_state["registry"]["params"]["record_rent_duration"]="60s"'
-    cat $HOME/.laconicd/config/genesis.json | jq '.app_state["registry"]["params"]["authority_grace_period"]="60s"' > $HOME/.laconicd/config/tmp_genesis.json && mv $HOME/.laconicd/config/tmp_genesis.json $HOME/.laconicd/config/genesis.json
+    update_genesis '.app_state["registry"]["params"]["authority_grace_period"]="60s"'
-    cat $HOME/.laconicd/config/genesis.json | jq '.app_state["registry"]["params"]["authority_rent_duration"]="60s"' > $HOME/.laconicd/config/tmp_genesis.json && mv $HOME/.laconicd/config/tmp_genesis.json $HOME/.laconicd/config/genesis.json
+    update_genesis '.app_state["registry"]["params"]["authority_rent_duration"]="60s"'
   fi
 
   if [[ "$TEST_AUCTION_ENABLED" == "true" ]]; then
     echo "Enabling auction and setting timers."
 
-    cat $HOME/.laconicd/config/genesis.json | jq '.app_state["registry"]["params"]["authority_auction_enabled"]=true' > $HOME/.laconicd/config/tmp_genesis.json && mv $HOME/.laconicd/config/tmp_genesis.json $HOME/.laconicd/config/genesis.json
+    update_genesis '.app_state["registry"]["params"]["authority_auction_enabled"]=true'
-    cat $HOME/.laconicd/config/genesis.json | jq '.app_state["registry"]["params"]["authority_rent_duration"]="60s"' > $HOME/.laconicd/config/tmp_genesis.json && mv $HOME/.laconicd/config/tmp_genesis.json $HOME/.laconicd/config/genesis.json
+    update_genesis '.app_state["registry"]["params"]["authority_rent_duration"]="60s"'
-    cat $HOME/.laconicd/config/genesis.json | jq '.app_state["registry"]["params"]["authority_grace_period"]="300s"' > $HOME/.laconicd/config/tmp_genesis.json && mv $HOME/.laconicd/config/tmp_genesis.json $HOME/.laconicd/config/genesis.json
+    update_genesis '.app_state["registry"]["params"]["authority_grace_period"]="300s"'
-    cat $HOME/.laconicd/config/genesis.json | jq '.app_state["registry"]["params"]["authority_auction_commits_duration"]="60s"' > $HOME/.laconicd/config/tmp_genesis.json && mv $HOME/.laconicd/config/tmp_genesis.json $HOME/.laconicd/config/genesis.json
+    update_genesis '.app_state["registry"]["params"]["authority_auction_commits_duration"]="60s"'
-    cat $HOME/.laconicd/config/genesis.json | jq '.app_state["registry"]["params"]["authority_auction_reveals_duration"]="60s"' > $HOME/.laconicd/config/tmp_genesis.json && mv $HOME/.laconicd/config/tmp_genesis.json $HOME/.laconicd/config/genesis.json
+    update_genesis '.app_state["registry"]["params"]["authority_auction_reveals_duration"]="60s"'
+  fi
+
+  if [[ "$ONBOARDING_ENABLED" == "true" ]]; then
+    echo "Enabling validator onboarding."
+
+    update_genesis '.app_state["onboarding"]["params"]["onboarding_enabled"]=true'
   fi
 
   # increase block time (?)
-  cat $HOME/.laconicd/config/genesis.json | jq '.consensus_params["block"]["time_iota_ms"]="1000"' > $HOME/.laconicd/config/tmp_genesis.json && mv $HOME/.laconicd/config/tmp_genesis.json $HOME/.laconicd/config/genesis.json
+  update_genesis '.consensus["params"]["block"]["time_iota_ms"]="1000"'
 
   # Set gas limit in genesis
-  cat $HOME/.laconicd/config/genesis.json | jq '.consensus_params["block"]["max_gas"]="10000000"' > $HOME/.laconicd/config/tmp_genesis.json && mv $HOME/.laconicd/config/tmp_genesis.json $HOME/.laconicd/config/genesis.json
+  update_genesis '.consensus["params"]["block"]["max_gas"]="10000000"'
 
   # disable produce empty block
   if [[ "$OSTYPE" == "darwin"* ]]; then
@@ -78,48 +78,39 @@ if [ "$1" == "clean" ] || [ ! -d "$HOME/.laconicd/data/blockstore.db" ]; then
       sed -i 's/create_empty_blocks = true/create_empty_blocks = false/g' $HOME/.laconicd/config/config.toml
   fi
 
-  if [[ $1 == "pending" ]]; then
+  # Enable telemetry (prometheus metrics: http://localhost:1317/metrics?format=prometheus)
-    if [[ "$OSTYPE" == "darwin"* ]]; then
+  if [[ "$OSTYPE" == "darwin"* ]]; then
-        sed -i '' 's/create_empty_blocks_interval = "0s"/create_empty_blocks_interval = "30s"/g' $HOME/.laconicd/config/config.toml
+    sed -i '' 's/enabled = false/enabled = true/g' $HOME/.laconicd/config/app.toml
-        sed -i '' 's/timeout_propose = "3s"/timeout_propose = "30s"/g' $HOME/.laconicd/config/config.toml
+    sed -i '' 's/prometheus-retention-time = 0/prometheus-retention-time = 60/g' $HOME/.laconicd/config/app.toml
-        sed -i '' 's/timeout_propose_delta = "500ms"/timeout_propose_delta = "5s"/g' $HOME/.laconicd/config/config.toml
+    sed -i '' 's/prometheus = false/prometheus = true/g' $HOME/.laconicd/config/config.toml
-        sed -i '' 's/timeout_prevote = "1s"/timeout_prevote = "10s"/g' $HOME/.laconicd/config/config.toml
+  else
-        sed -i '' 's/timeout_prevote_delta = "500ms"/timeout_prevote_delta = "5s"/g' $HOME/.laconicd/config/config.toml
+    sed -i 's/enabled = false/enabled = true/g' $HOME/.laconicd/config/app.toml
-        sed -i '' 's/timeout_precommit = "1s"/timeout_precommit = "10s"/g' $HOME/.laconicd/config/config.toml
+    sed -i 's/prometheus-retention-time = 0/prometheus-retention-time = 60/g' $HOME/.laconicd/config/app.toml
-        sed -i '' 's/timeout_precommit_delta = "500ms"/timeout_precommit_delta = "5s"/g' $HOME/.laconicd/config/config.toml
+    sed -i 's/prometheus = false/prometheus = true/g' $HOME/.laconicd/config/config.toml
-        sed -i '' 's/timeout_commit = "5s"/timeout_commit = "150s"/g' $HOME/.laconicd/config/config.toml
-        sed -i '' 's/timeout_broadcast_tx_commit = "10s"/timeout_broadcast_tx_commit = "150s"/g' $HOME/.laconicd/config/config.toml
-    else
-        sed -i 's/create_empty_blocks_interval = "0s"/create_empty_blocks_interval = "30s"/g' $HOME/.laconicd/config/config.toml
-        sed -i 's/timeout_propose = "3s"/timeout_propose = "30s"/g' $HOME/.laconicd/config/config.toml
-        sed -i 's/timeout_propose_delta = "500ms"/timeout_propose_delta = "5s"/g' $HOME/.laconicd/config/config.toml
-        sed -i 's/timeout_prevote = "1s"/timeout_prevote = "10s"/g' $HOME/.laconicd/config/config.toml
-        sed -i 's/timeout_prevote_delta = "500ms"/timeout_prevote_delta = "5s"/g' $HOME/.laconicd/config/config.toml
-        sed -i 's/timeout_precommit = "1s"/timeout_precommit = "10s"/g' $HOME/.laconicd/config/config.toml
-        sed -i 's/timeout_precommit_delta = "500ms"/timeout_precommit_delta = "5s"/g' $HOME/.laconicd/config/config.toml
-        sed -i 's/timeout_commit = "5s"/timeout_commit = "150s"/g' $HOME/.laconicd/config/config.toml
-        sed -i 's/timeout_broadcast_tx_commit = "10s"/timeout_broadcast_tx_commit = "150s"/g' $HOME/.laconicd/config/config.toml
-    fi
   fi
 
   # Allocate genesis accounts (cosmos formatted addresses)
-  laconicd add-genesis-account $KEY 100000000000000000000000000aphoton --keyring-backend $KEYRING
+  # 10^30 alnt | 10^12 lnt
+  laconicd genesis add-genesis-account $KEY 1000000000000000000000000000000$DENOM --keyring-backend $KEYRING
 
   # Sign genesis transaction
-  laconicd gentx $KEY 1000000000000000000000aphoton --keyring-backend $KEYRING --chain-id $CHAINID
+  # 10^24 alnt | 10^6 lnt
+  laconicd genesis gentx $KEY 1000000000000000000000000$DENOM --keyring-backend $KEYRING --chain-id $CHAINID
 
   # Collect genesis tx
-  laconicd collect-gentxs
+  laconicd genesis collect-gentxs
 
   # Run this to ensure everything worked and that the genesis file is setup correctly
-  laconicd validate-genesis
+  laconicd genesis validate
-
-  if [[ $1 == "pending" ]]; then
-    echo "pending mode is on, please wait for the first block committed."
-  fi
 else
   echo "Using existing database at $HOME/.laconicd.  To replace, run '`basename $0` clean'"
 fi
 
 # Start the node (remove the --pruning=nothing flag if historical queries are not needed)
-laconicd start --pruning=nothing --evm.tracer=json $TRACE --log_level $LOGLEVEL --minimum-gas-prices=0.0001aphoton --json-rpc.api eth,txpool,personal,net,debug,web3,miner --api.enable --gql-server --gql-playground
+laconicd start \
+  --pruning=nothing \
+  --log_level $LOGLEVEL \
+  --minimum-gas-prices=1$DENOM \
+  --api.enable \
+  --rpc.laddr="tcp://0.0.0.0:26657" \
+  --gql-server --gql-playground

stack_orchestrator/data/config/fixturenet-laconicd/registry-cli-config-template.yml

@@ -1,9 +1,9 @@
 services:
-  cns:
+  registry:
-    restEndpoint: 'http://laconicd:1317'
+    rpcEndpoint: 'http://laconicd:26657'
     gqlEndpoint: 'http://laconicd:9473/api'
     userKey: REPLACE_WITH_MYKEY
     bondId:
     chainId: laconic_9000-1
     gas: 350000
-    fees: 200000aphoton
+    fees: 2000000alnt

stack_orchestrator/data/config/fixturenet-optimism/optimism-contracts/deploy-contracts.sh

@@ -65,7 +65,7 @@ if [ -n "$CERC_L1_ADDRESS" ] && [ -n "$CERC_L1_PRIV_KEY" ]; then
   # Sequencer
   SEQ=$(echo "$wallet3" | awk '/Address:/{print $2}')
   SEQ_KEY=$(echo "$wallet3" | awk '/Private key:/{print $3}')
-  
+
   echo "Funding accounts."
   wait_for_block 1 300
   cast send --from $ADMIN --rpc-url $CERC_L1_RPC --value 5ether $PROPOSER --private-key $ADMIN_KEY

stack_orchestrator/data/config/fixturenet-pocket/genesis.json

@@ -56,7 +56,7 @@
                             "value": "!validator-pubkey"
                         }
                     }
-                } 
+                }
             ],
             "supply": []
         },
@@ -269,4 +269,4 @@
             "claims": null
         }
     }
-}
+}

stack_orchestrator/data/config/keycloak/import/cerc-realm.json

@@ -2084,4 +2084,4 @@
   "clientPolicies": {
     "policies": []
   }
-}
+}

stack_orchestrator/data/config/mainnet-blast/keycloak.env

@@ -0,0 +1,32 @@
+POSTGRES_DB=keycloak
+POSTGRES_USER=keycloak
+POSTGRES_PASSWORD=keycloak
+# Don't change this unless you also change the healthcheck in docker-compose-mainnet-eth-keycloak.yml
+PGPORT=35432
+KC_DB=postgres
+KC_DB_URL_HOST=keycloak-db
+KC_DB_URL_PORT=${PGPORT}
+KC_DB_URL_DATABASE=${POSTGRES_DB}
+KC_DB_USERNAME=${POSTGRES_USER}
+KC_DB_PASSWORD=${POSTGRES_PASSWORD}
+KC_DB_SCHEMA=public
+KC_HOSTNAME=localhost
+KC_HTTP_ENABLED="true"
+KC_HTTP_RELATIVE_PATH="/auth"
+KC_HOSTNAME_STRICT_HTTPS="false"
+KEYCLOAK_ADMIN=admin
+KEYCLOAK_ADMIN_PASSWORD=admin
+X_API_CHECK_REALM=cerc
+X_API_CHECK_CLIENT_ID="%user_id%"
+
+
+# keycloak-reg-api
+CERC_KCUSERREG_LISTEN_PORT=9292
+CERC_KCUSERREG_LISTEN_ADDR='0.0.0.0'
+CERC_KCUSERREG_API_URL='http://keycloak:8080/auth'
+CERC_KCUSERREG_REG_USER="${KEYCLOAK_ADMIN}"
+CERC_KCUSERREG_REG_PW="${KEYCLOAK_ADMIN_PASSWORD}"
+CERC_KCUSERREG_REG_CLIENT_ID='admin-cli'
+CERC_KCUSERREG_TARGET_REALM=cerc
+CERC_KCUSERREG_TARGET_GROUPS=eth
+CERC_KCUSERREG_CREATE_ENABLED=true

stack_orchestrator/data/config/mainnet-blast/lighthouse.env

@@ -0,0 +1,33 @@
+# Enable startup script debug output.
+CERC_SCRIPT_DEBUG=false
+
+# Specify any other lighthouse CLI options.
+LIGHTHOUSE_OPTS=""
+
+# Override the advertised public IP (optional)
+# --enr-address
+#LIGHTHOUSE_ENR_ADDRESS=""
+
+# --checkpoint-sync-url
+LIGHTHOUSE_CHECKPOINT_SYNC_URL="https://beaconstate.ethstaker.cc"
+
+# --checkpoint-sync-url-timeout
+LIGHTHOUSE_CHECKPOINT_SYNC_URL_TIMEOUT=300
+
+# --datadir
+LIGHTHOUSE_DATADIR=/data
+
+# --debug-level
+LIGHTHOUSE_DEBUG_LEVEL=info
+
+# --http-port
+LIGHTHOUSE_HTTP_PORT=5052
+
+# --execution-jwt
+LIGHTHOUSE_JWTSECRET=/etc/mainnet-eth/jwtsecret
+
+# --metrics-port
+LIGHTHOUSE_METRICS_PORT=5054
+
+# --port --enr-udp-port --enr-tcp-port
+LIGHTHOUSE_NETWORK_PORT=9000

stack_orchestrator/data/config/mainnet-blast/mainnet.config

@@ -0,0 +1,2 @@
+GETH_ROLLUP_SEQUENCERHTTP=https://sequencer.blast.io
+OP_NODE_P2P_BOOTNODES=enr:-J64QGwHl9uYLfC_cnmxSA6wQH811nkOWJDWjzxqkEUlJoZHWvI66u-BXgVcPCeMUmg0dBpFQAPotFchG67FHJMZ9OSGAY3d6wevgmlkgnY0gmlwhANizeSHb3BzdGFja4Sx_AQAiXNlY3AyNTZrMaECg4pk0cskPAyJ7pOmo9E6RqGBwV-Lex4VS9a3MQvu7PWDdGNwgnZhg3VkcIJ2YQ,enr:-J64QDge2jYBQtcNEpRqmKfci5E5BHAhNBjgv4WSdwH1_wPqbueq2bDj38-TSW8asjy5lJj1Xftui6Or8lnaYFCqCI-GAY3d6wf3gmlkgnY0gmlwhCO2D9yHb3BzdGFja4Sx_AQAiXNlY3AyNTZrMaEDo4aCTq7pCEN8om9U5n_VyWdambGnQhwHNwKc8o-OicaDdGNwgnZhg3VkcIJ2YQ

stack_orchestrator/data/config/mainnet-blast/rollup.json

@@ -0,0 +1,31 @@
+{
+    "genesis": {
+      "l1": {
+        "hash": "0xfcfb8d586bdae763f1189988789211c69eb893a895e7ba48be3ca6289f0941b7",
+        "number": 19300102
+      },
+      "l2": {
+        "hash": "0xb689b35ef29d0bec5816938e0e52683c7257d2e325420ea69b739a2be4754b89",
+        "number": 0
+      },
+      "l2_time": 1708809815,
+      "system_config": {
+        "batcherAddr": "0x415c8893d514f9bc5211d36eeda4183226b84aa7",
+        "overhead": "0x00000000000000000000000000000000000000000000000000000000000000bc",
+        "scalar": "0x00000000000000000000000000000000000000000000000000000000000a6fe0",
+        "gasLimit": 30000000
+      }
+    },
+    "block_time": 2,
+    "max_sequencer_drift": 600,
+    "seq_window_size": 3600,
+    "channel_timeout": 300,
+    "l1_chain_id": 1,
+    "l2_chain_id": 81457,
+    "regolith_time": 0,
+    "canyon_time": 0,
+    "batch_inbox_address": "0xff00000000000000000000000000000000081457",
+    "deposit_contract_address": "0x0ec68c5b10f21effb74f2a5c61dfe6b08c0db6cb",
+    "l1_system_config_address": "0x5531dcff39ec1ec727c4c5d2fc49835368f805a9",
+    "protocol_versions_address": "0x0000000000000000000000000000000000000000"
+  }

stack_orchestrator/data/config/mainnet-blast/run-lighthouse.sh

@@ -0,0 +1,30 @@
+#!/bin/bash
+if [[ "true" == "$CERC_SCRIPT_DEBUG" ]]; then
+    set -x
+fi
+
+ENR_OPTS=""
+if [[ -n "$LIGHTHOUSE_ENR_ADDRESS" ]]; then
+  ENR_OPTS="--enr-address $LIGHTHOUSE_ENR_ADDRESS"
+fi
+
+exec lighthouse bn \
+  --checkpoint-sync-url "$LIGHTHOUSE_CHECKPOINT_SYNC_URL" \
+  --checkpoint-sync-url-timeout ${LIGHTHOUSE_CHECKPOINT_SYNC_URL_TIMEOUT} \
+  --datadir "$LIGHTHOUSE_DATADIR" \
+  --debug-level $LIGHTHOUSE_DEBUG_LEVEL \
+  --disable-deposit-contract-sync \
+  --disable-upnp \
+  --enr-tcp-port $LIGHTHOUSE_NETWORK_PORT \
+  --enr-udp-port $LIGHTHOUSE_NETWORK_PORT \
+  --execution-endpoint "$LIGHTHOUSE_EXECUTION_ENDPOINT" \
+  --execution-jwt /etc/mainnet-eth/jwtsecret \
+  --http \
+  --http-address 0.0.0.0 \
+  --http-port $LIGHTHOUSE_HTTP_PORT \
+  --metrics \
+  --metrics-address=0.0.0.0 \
+  --metrics-port $LIGHTHOUSE_METRICS_PORT \
+  --network mainnet \
+  --port $LIGHTHOUSE_NETWORK_PORT \
+  $ENR_OPTS $LIGHTHOUSE_OPTS

stack_orchestrator/data/config/mainnet-eth-keycloak/import/cerc-realm.json

@@ -2388,4 +2388,4 @@
   "clientPolicies": {
     "policies": []
   }
-}
+}

stack_orchestrator/data/config/mainnet-eth-keycloak/scripts/keycloak-mirror/keycloak-mirror.py

@@ -12,7 +12,10 @@ from fabric import Connection
 
 
 def dump_src_db_to_file(db_host, db_port, db_user, db_password, db_name, file_name):
-    command = f"pg_dump -h {db_host} -p {db_port} -U {db_user} -d {db_name} -c --inserts -f {file_name}"
+    command = (
+        f"pg_dump -h {db_host} -p {db_port} -U {db_user} "
+        f"-d {db_name} -c --inserts -f {file_name}"
+    )
     my_env = os.environ.copy()
     my_env["PGPASSWORD"] = db_password
     print(f"Exporting from {db_host}:{db_port}/{db_name} to {file_name}... ", end="")

stack_orchestrator/data/config/mainnet-go-opera/go-opera.env

@@ -1 +0,0 @@
-

stack_orchestrator/data/config/mainnet-laconicd/registry-cli-config-template.yml

@@ -1,9 +1,9 @@
 services:
-  cns:
+  registry:
-    restEndpoint: 'http://laconicd:1317'
+    rpcEndpoint: 'http://laconicd:26657'
     gqlEndpoint: 'http://laconicd:9473/api'
     userKey: REPLACE_WITH_MYKEY
     bondId:
     chainId: laconic_9000-1
     gas: 250000
-    fees: 200000aphoton
+    fees: 2000000alnt

stack_orchestrator/data/config/mainnet-laconicd/scripts/run-laconicd.sh

@@ -1,18 +1,15 @@
 #!/bin/sh
-if [[ -n "$CERC_SCRIPT_DEBUG" ]]; then
+if [ -n "$CERC_SCRIPT_DEBUG" ]; then
     set -x
 fi
 
 #TODO: pass these in from the caller
-TRACE="--trace"
 LOGLEVEL="info"
 
 laconicd start \
     --pruning=nothing \
-    --evm.tracer=json $TRACE \
     --log_level $LOGLEVEL \
-    --minimum-gas-prices=0.0001aphoton \
+    --minimum-gas-prices=1alnt \
-    --json-rpc.api eth,txpool,personal,net,debug,web3,miner \
     --api.enable \
     --gql-server \
     --gql-playground