olas-operate-middleware 0.8.0__py3-none-any.whl → 0.8.1__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {olas_operate_middleware-0.8.0.dist-info → olas_operate_middleware-0.8.1.dist-info}/METADATA +1 -1
- {olas_operate_middleware-0.8.0.dist-info → olas_operate_middleware-0.8.1.dist-info}/RECORD +7 -6
- operate/services/service.py +24 -1
- operate/utils/ssl.py +133 -0
- {olas_operate_middleware-0.8.0.dist-info → olas_operate_middleware-0.8.1.dist-info}/LICENSE +0 -0
- {olas_operate_middleware-0.8.0.dist-info → olas_operate_middleware-0.8.1.dist-info}/WHEEL +0 -0
- {olas_operate_middleware-0.8.0.dist-info → olas_operate_middleware-0.8.1.dist-info}/entry_points.txt +0 -0
|
@@ -77,16 +77,17 @@ operate/services/deployment_runner.py,sha256=eP1bnT3PdkYtPxi-4sZ6-Wopz8u88NkeZx7
|
|
|
77
77
|
operate/services/health_checker.py,sha256=pXtzFTLv4PK1OSbDCZ_RnOnvX31mPYRR16tbC7BsUNw,9754
|
|
78
78
|
operate/services/manage.py,sha256=oDp4kMBAynPYqe3b2LM4kR9xefNxPVmmvO50XwTxFZQ,110310
|
|
79
79
|
operate/services/protocol.py,sha256=0LcZk-zzQ2hYzZAkn_KIQGgT32Bq3_UsbBl7Ert3Ho8,60157
|
|
80
|
-
operate/services/service.py,sha256=
|
|
80
|
+
operate/services/service.py,sha256=O8rEcPBow4bJJBJHB5RkD1fRGagJ843xwrUvFusKe9c,48146
|
|
81
81
|
operate/services/utils/__init__.py,sha256=TvioaZ1mfTRUSCtrQoLNAp4WMVXyqEJqFJM4PxSQCRU,24
|
|
82
82
|
operate/services/utils/mech.py,sha256=W2x4dqodivNKXjWU-Brp40QhoUHsIMyNAO7-caMoR0Q,3821
|
|
83
83
|
operate/services/utils/tendermint.py,sha256=3h9nDb2Z89T0RwUr_AaVjqtymQmsu3u6DAVCfL_k1U0,25591
|
|
84
84
|
operate/utils/__init__.py,sha256=cFNP2XFpjJmDLskN0SzAk5FPdqaeN2Jn4MyVbFHmH2M,3075
|
|
85
85
|
operate/utils/gnosis.py,sha256=Z1IgGfQgKIrI7EyBpGFbJ2RFaeD4Fk_7D4P-_ZQfH6Q,17705
|
|
86
|
+
operate/utils/ssl.py,sha256=O5DrDoZD4T4qQuHP8GLwWUVxQ-1qXeefGp6uDJiF2lM,4308
|
|
86
87
|
operate/wallet/__init__.py,sha256=NGiozD3XhvkBi7_FaOWQ8x1thZPK4uGpokJaeDY_o2w,813
|
|
87
88
|
operate/wallet/master.py,sha256=FQrchjWhJKgif3IXztxS0SHm7aVaAJYFQ-FEXQgxQes,31021
|
|
88
|
-
olas_operate_middleware-0.8.
|
|
89
|
-
olas_operate_middleware-0.8.
|
|
90
|
-
olas_operate_middleware-0.8.
|
|
91
|
-
olas_operate_middleware-0.8.
|
|
92
|
-
olas_operate_middleware-0.8.
|
|
89
|
+
olas_operate_middleware-0.8.1.dist-info/LICENSE,sha256=mdBDB-mWKV5Cz4ejBzBiKqan6Z8zVLAh9xwM64O2FW4,11339
|
|
90
|
+
olas_operate_middleware-0.8.1.dist-info/METADATA,sha256=ltgyVCZTG7zZpoM8KGWVUvkZdf-XMhirfwXlSGl4Xy0,2034
|
|
91
|
+
olas_operate_middleware-0.8.1.dist-info/WHEEL,sha256=b4K_helf-jlQoXBBETfwnf4B04YC67LOev0jo4fX5m8,88
|
|
92
|
+
olas_operate_middleware-0.8.1.dist-info/entry_points.txt,sha256=dM1g2I7ODApKQFcgl5J4NGA7pfBTo6qsUTXM-j2OLlw,44
|
|
93
|
+
olas_operate_middleware-0.8.1.dist-info/RECORD,,
|
operate/services/service.py
CHANGED
|
@@ -88,6 +88,7 @@ from operate.operate_types import (
|
|
|
88
88
|
from operate.resource import LocalResource
|
|
89
89
|
from operate.services.deployment_runner import run_host_deployment, stop_host_deployment
|
|
90
90
|
from operate.services.utils import tendermint
|
|
91
|
+
from operate.utils.ssl import create_ssl_certificate
|
|
91
92
|
|
|
92
93
|
|
|
93
94
|
# pylint: disable=no-member,redefined-builtin,too-many-instance-attributes,too-many-locals
|
|
@@ -686,13 +687,35 @@ class Deployment(LocalResource):
|
|
|
686
687
|
service = Service.load(path=self.path)
|
|
687
688
|
|
|
688
689
|
if use_docker or use_kubernetes:
|
|
689
|
-
|
|
690
|
+
ssl_key_path, ssl_cert_path = create_ssl_certificate(
|
|
691
|
+
ssl_dir=service.path / PERSISTENT_DATA_DIR / "ssl"
|
|
692
|
+
)
|
|
693
|
+
service.update_env_variables_values(
|
|
694
|
+
{
|
|
695
|
+
"STORE_PATH": "/data",
|
|
696
|
+
"SSL_KEY_PATH": (
|
|
697
|
+
Path("/data") / "ssl" / ssl_key_path.name
|
|
698
|
+
).as_posix(),
|
|
699
|
+
"SSL_CERT_PATH": (
|
|
700
|
+
Path("/data") / "ssl" / ssl_cert_path.name
|
|
701
|
+
).as_posix(),
|
|
702
|
+
}
|
|
703
|
+
)
|
|
690
704
|
service.consume_env_variables()
|
|
691
705
|
if use_docker:
|
|
692
706
|
self._build_docker(force=force, chain=chain)
|
|
693
707
|
if use_kubernetes:
|
|
694
708
|
self._build_kubernetes(force=force)
|
|
695
709
|
else:
|
|
710
|
+
ssl_key_path, ssl_cert_path = create_ssl_certificate(
|
|
711
|
+
ssl_dir=service.path / DEPLOYMENT / "ssl"
|
|
712
|
+
)
|
|
713
|
+
service.update_env_variables_values(
|
|
714
|
+
{
|
|
715
|
+
"SSL_KEY_PATH": str(ssl_key_path),
|
|
716
|
+
"SSL_CERT_PATH": str(ssl_cert_path),
|
|
717
|
+
}
|
|
718
|
+
)
|
|
696
719
|
service.consume_env_variables()
|
|
697
720
|
self._build_host(force=force, chain=chain)
|
|
698
721
|
|
operate/utils/ssl.py
ADDED
|
@@ -0,0 +1,133 @@
|
|
|
1
|
+
# -*- coding: utf-8 -*-
|
|
2
|
+
# ------------------------------------------------------------------------------
|
|
3
|
+
#
|
|
4
|
+
# Copyright 2025 Valory AG
|
|
5
|
+
#
|
|
6
|
+
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
7
|
+
# you may not use this file except in compliance with the License.
|
|
8
|
+
# You may obtain a copy of the License at
|
|
9
|
+
#
|
|
10
|
+
# http://www.apache.org/licenses/LICENSE-2.0
|
|
11
|
+
#
|
|
12
|
+
# Unless required by applicable law or agreed to in writing, software
|
|
13
|
+
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
14
|
+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
15
|
+
# See the License for the specific language governing permissions and
|
|
16
|
+
# limitations under the License.
|
|
17
|
+
#
|
|
18
|
+
# ------------------------------------------------------------------------------
|
|
19
|
+
|
|
20
|
+
"""SSL certificate utilities."""
|
|
21
|
+
|
|
22
|
+
import datetime
|
|
23
|
+
import logging
|
|
24
|
+
import typing as t
|
|
25
|
+
from pathlib import Path
|
|
26
|
+
|
|
27
|
+
from cryptography import x509
|
|
28
|
+
from cryptography.hazmat.primitives import hashes, serialization
|
|
29
|
+
from cryptography.hazmat.primitives.asymmetric import rsa
|
|
30
|
+
from cryptography.x509.oid import NameOID
|
|
31
|
+
|
|
32
|
+
|
|
33
|
+
def create_ssl_certificate(
|
|
34
|
+
ssl_dir: Path,
|
|
35
|
+
key_filename: str = "key.pem",
|
|
36
|
+
cert_filename: str = "cert.pem",
|
|
37
|
+
validity_days: int = 365,
|
|
38
|
+
key_size: int = 2048,
|
|
39
|
+
common_name: str = "localhost",
|
|
40
|
+
) -> t.Tuple[Path, Path]:
|
|
41
|
+
"""
|
|
42
|
+
Create SSL certificate and private key files.
|
|
43
|
+
|
|
44
|
+
Args:
|
|
45
|
+
ssl_dir: Path to the ssl directory
|
|
46
|
+
key_filename: Name of the private key file
|
|
47
|
+
cert_filename: Name of the certificate file
|
|
48
|
+
validity_days: Number of days the certificate is valid
|
|
49
|
+
key_size: RSA key size in bits
|
|
50
|
+
common_name: Common name for the certificate
|
|
51
|
+
|
|
52
|
+
Returns:
|
|
53
|
+
Tuple of (key_path, cert_path) as Path objects
|
|
54
|
+
"""
|
|
55
|
+
logger = logging.getLogger(__name__)
|
|
56
|
+
|
|
57
|
+
# Create SSL directory
|
|
58
|
+
ssl_dir.mkdir(parents=True, exist_ok=True)
|
|
59
|
+
|
|
60
|
+
key_path = ssl_dir / key_filename
|
|
61
|
+
cert_path = ssl_dir / cert_filename
|
|
62
|
+
|
|
63
|
+
# Generate RSA private key
|
|
64
|
+
private_key = rsa.generate_private_key(
|
|
65
|
+
public_exponent=65537,
|
|
66
|
+
key_size=key_size,
|
|
67
|
+
)
|
|
68
|
+
|
|
69
|
+
# Create certificate subject and issuer
|
|
70
|
+
subject = issuer = x509.Name(
|
|
71
|
+
[
|
|
72
|
+
x509.NameAttribute(NameOID.COUNTRY_NAME, "CH"),
|
|
73
|
+
x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, "Local"),
|
|
74
|
+
x509.NameAttribute(NameOID.LOCALITY_NAME, "Local"),
|
|
75
|
+
x509.NameAttribute(NameOID.ORGANIZATION_NAME, "Valory AG"),
|
|
76
|
+
x509.NameAttribute(NameOID.COMMON_NAME, common_name),
|
|
77
|
+
]
|
|
78
|
+
)
|
|
79
|
+
|
|
80
|
+
# Create certificate
|
|
81
|
+
cert = (
|
|
82
|
+
x509.CertificateBuilder()
|
|
83
|
+
.subject_name(subject)
|
|
84
|
+
.issuer_name(issuer)
|
|
85
|
+
.public_key(private_key.public_key())
|
|
86
|
+
.serial_number(1)
|
|
87
|
+
.not_valid_before(datetime.datetime.now(datetime.timezone.utc))
|
|
88
|
+
.not_valid_after(
|
|
89
|
+
datetime.datetime.now(datetime.timezone.utc)
|
|
90
|
+
+ datetime.timedelta(days=validity_days)
|
|
91
|
+
)
|
|
92
|
+
.add_extension(
|
|
93
|
+
x509.BasicConstraints(ca=False, path_length=None),
|
|
94
|
+
critical=True,
|
|
95
|
+
)
|
|
96
|
+
.add_extension(
|
|
97
|
+
x509.KeyUsage(
|
|
98
|
+
digital_signature=True,
|
|
99
|
+
key_encipherment=True,
|
|
100
|
+
key_agreement=False,
|
|
101
|
+
key_cert_sign=False,
|
|
102
|
+
crl_sign=False,
|
|
103
|
+
content_commitment=False,
|
|
104
|
+
data_encipherment=False,
|
|
105
|
+
encipher_only=False,
|
|
106
|
+
decipher_only=False,
|
|
107
|
+
),
|
|
108
|
+
critical=True,
|
|
109
|
+
)
|
|
110
|
+
.add_extension(
|
|
111
|
+
x509.ExtendedKeyUsage([x509.ExtendedKeyUsageOID.SERVER_AUTH]),
|
|
112
|
+
critical=True,
|
|
113
|
+
)
|
|
114
|
+
.sign(private_key, hashes.SHA256())
|
|
115
|
+
)
|
|
116
|
+
|
|
117
|
+
# Write private key to file
|
|
118
|
+
with open(key_path, "wb") as f:
|
|
119
|
+
f.write(
|
|
120
|
+
private_key.private_bytes(
|
|
121
|
+
encoding=serialization.Encoding.PEM,
|
|
122
|
+
format=serialization.PrivateFormat.PKCS8,
|
|
123
|
+
encryption_algorithm=serialization.NoEncryption(),
|
|
124
|
+
)
|
|
125
|
+
)
|
|
126
|
+
|
|
127
|
+
# Write certificate to file
|
|
128
|
+
with open(cert_path, "wb") as f:
|
|
129
|
+
f.write(cert.public_bytes(serialization.Encoding.PEM))
|
|
130
|
+
|
|
131
|
+
logger.info(f"SSL certificate created successfully at {key_path} and {cert_path}")
|
|
132
|
+
|
|
133
|
+
return key_path, cert_path
|
|
File without changes
|
|
File without changes
|
{olas_operate_middleware-0.8.0.dist-info → olas_operate_middleware-0.8.1.dist-info}/entry_points.txt
RENAMED
|
File without changes
|