olas-operate-middleware 0.8.0__py3-none-any.whl → 0.8.2__py3-none-any.whl

{olas_operate_middleware-0.8.0.dist-info → olas_operate_middleware-0.8.2.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: olas-operate-middleware
-Version: 0.8.0
+Version: 0.8.2
 Summary: 
 Author: David Vilela
 Author-email: dvilelaf@gmail.com

{olas_operate_middleware-0.8.0.dist-info → olas_operate_middleware-0.8.2.dist-info}/RECORD

@@ -77,16 +77,17 @@ operate/services/deployment_runner.py,sha256=eP1bnT3PdkYtPxi-4sZ6-Wopz8u88NkeZx7
 operate/services/health_checker.py,sha256=pXtzFTLv4PK1OSbDCZ_RnOnvX31mPYRR16tbC7BsUNw,9754
 operate/services/manage.py,sha256=oDp4kMBAynPYqe3b2LM4kR9xefNxPVmmvO50XwTxFZQ,110310
 operate/services/protocol.py,sha256=0LcZk-zzQ2hYzZAkn_KIQGgT32Bq3_UsbBl7Ert3Ho8,60157
-operate/services/service.py,sha256=2fQeRbjc4PBzRQ4jD9peKjAwBMKABS_hNoe-BrRutPc,47250
+operate/services/service.py,sha256=O8rEcPBow4bJJBJHB5RkD1fRGagJ843xwrUvFusKe9c,48146
 operate/services/utils/__init__.py,sha256=TvioaZ1mfTRUSCtrQoLNAp4WMVXyqEJqFJM4PxSQCRU,24
 operate/services/utils/mech.py,sha256=W2x4dqodivNKXjWU-Brp40QhoUHsIMyNAO7-caMoR0Q,3821
 operate/services/utils/tendermint.py,sha256=3h9nDb2Z89T0RwUr_AaVjqtymQmsu3u6DAVCfL_k1U0,25591
 operate/utils/__init__.py,sha256=cFNP2XFpjJmDLskN0SzAk5FPdqaeN2Jn4MyVbFHmH2M,3075
-operate/utils/gnosis.py,sha256=Z1IgGfQgKIrI7EyBpGFbJ2RFaeD4Fk_7D4P-_ZQfH6Q,17705
+operate/utils/gnosis.py,sha256=XG6mhCs2yW5eRgv9fZbo1XRwAnPFTmYeMyEl3kQbauA,17729
+operate/utils/ssl.py,sha256=O5DrDoZD4T4qQuHP8GLwWUVxQ-1qXeefGp6uDJiF2lM,4308
 operate/wallet/__init__.py,sha256=NGiozD3XhvkBi7_FaOWQ8x1thZPK4uGpokJaeDY_o2w,813
 operate/wallet/master.py,sha256=FQrchjWhJKgif3IXztxS0SHm7aVaAJYFQ-FEXQgxQes,31021
-olas_operate_middleware-0.8.0.dist-info/LICENSE,sha256=mdBDB-mWKV5Cz4ejBzBiKqan6Z8zVLAh9xwM64O2FW4,11339
-olas_operate_middleware-0.8.0.dist-info/METADATA,sha256=8L8vv-OR6f3STUGttsNhvOr9Gb-C4-vZ4mhm5E18p2A,2034
-olas_operate_middleware-0.8.0.dist-info/WHEEL,sha256=b4K_helf-jlQoXBBETfwnf4B04YC67LOev0jo4fX5m8,88
-olas_operate_middleware-0.8.0.dist-info/entry_points.txt,sha256=dM1g2I7ODApKQFcgl5J4NGA7pfBTo6qsUTXM-j2OLlw,44
-olas_operate_middleware-0.8.0.dist-info/RECORD,,
+olas_operate_middleware-0.8.2.dist-info/LICENSE,sha256=mdBDB-mWKV5Cz4ejBzBiKqan6Z8zVLAh9xwM64O2FW4,11339
+olas_operate_middleware-0.8.2.dist-info/METADATA,sha256=i89MsA1eS1fGtd_px0-C7mjA87RnciD9A6DqPYO0Dig,2034
+olas_operate_middleware-0.8.2.dist-info/WHEEL,sha256=b4K_helf-jlQoXBBETfwnf4B04YC67LOev0jo4fX5m8,88
+olas_operate_middleware-0.8.2.dist-info/entry_points.txt,sha256=dM1g2I7ODApKQFcgl5J4NGA7pfBTo6qsUTXM-j2OLlw,44
+olas_operate_middleware-0.8.2.dist-info/RECORD,,

operate/services/service.py

@@ -88,6 +88,7 @@ from operate.operate_types import (
 from operate.resource import LocalResource
 from operate.services.deployment_runner import run_host_deployment, stop_host_deployment
 from operate.services.utils import tendermint
+from operate.utils.ssl import create_ssl_certificate
 
 
 # pylint: disable=no-member,redefined-builtin,too-many-instance-attributes,too-many-locals
@@ -686,13 +687,35 @@ class Deployment(LocalResource):
         service = Service.load(path=self.path)
 
         if use_docker or use_kubernetes:
-            service.update_env_variables_values({"STORE_PATH": "/data"})
+            ssl_key_path, ssl_cert_path = create_ssl_certificate(
+                ssl_dir=service.path / PERSISTENT_DATA_DIR / "ssl"
+            )
+            service.update_env_variables_values(
+                {
+                    "STORE_PATH": "/data",
+                    "SSL_KEY_PATH": (
+                        Path("/data") / "ssl" / ssl_key_path.name
+                    ).as_posix(),
+                    "SSL_CERT_PATH": (
+                        Path("/data") / "ssl" / ssl_cert_path.name
+                    ).as_posix(),
+                }
+            )
             service.consume_env_variables()
             if use_docker:
                 self._build_docker(force=force, chain=chain)
             if use_kubernetes:
                 self._build_kubernetes(force=force)
         else:
+            ssl_key_path, ssl_cert_path = create_ssl_certificate(
+                ssl_dir=service.path / DEPLOYMENT / "ssl"
+            )
+            service.update_env_variables_values(
+                {
+                    "SSL_KEY_PATH": str(ssl_key_path),
+                    "SSL_CERT_PATH": str(ssl_cert_path),
+                }
+            )
             service.consume_env_variables()
             self._build_host(force=force, chain=chain)
 

operate/utils/gnosis.py

@@ -526,6 +526,7 @@ def drain_eoa(
             Chain.ARBITRUM_ONE,
             Chain.BASE,
             Chain.OPTIMISTIC,
+            Chain.MODE,
         ):
             chain_fee += ledger_api.get_l1_data_fee(tx)
 

operate/utils/ssl.py

@@ -0,0 +1,133 @@
+# -*- coding: utf-8 -*-
+# ------------------------------------------------------------------------------
+#
+#   Copyright 2025 Valory AG
+#
+#   Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#   You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#   Unless required by applicable law or agreed to in writing, software
+#   distributed under the License is distributed on an "AS IS" BASIS,
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#   See the License for the specific language governing permissions and
+#   limitations under the License.
+#
+# ------------------------------------------------------------------------------
+
+"""SSL certificate utilities."""
+
+import datetime
+import logging
+import typing as t
+from pathlib import Path
+
+from cryptography import x509
+from cryptography.hazmat.primitives import hashes, serialization
+from cryptography.hazmat.primitives.asymmetric import rsa
+from cryptography.x509.oid import NameOID
+
+
+def create_ssl_certificate(
+    ssl_dir: Path,
+    key_filename: str = "key.pem",
+    cert_filename: str = "cert.pem",
+    validity_days: int = 365,
+    key_size: int = 2048,
+    common_name: str = "localhost",
+) -> t.Tuple[Path, Path]:
+    """
+    Create SSL certificate and private key files.
+
+    Args:
+        ssl_dir: Path to the ssl directory
+        key_filename: Name of the private key file
+        cert_filename: Name of the certificate file
+        validity_days: Number of days the certificate is valid
+        key_size: RSA key size in bits
+        common_name: Common name for the certificate
+
+    Returns:
+        Tuple of (key_path, cert_path) as Path objects
+    """
+    logger = logging.getLogger(__name__)
+
+    # Create SSL directory
+    ssl_dir.mkdir(parents=True, exist_ok=True)
+
+    key_path = ssl_dir / key_filename
+    cert_path = ssl_dir / cert_filename
+
+    # Generate RSA private key
+    private_key = rsa.generate_private_key(
+        public_exponent=65537,
+        key_size=key_size,
+    )
+
+    # Create certificate subject and issuer
+    subject = issuer = x509.Name(
+        [
+            x509.NameAttribute(NameOID.COUNTRY_NAME, "CH"),
+            x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, "Local"),
+            x509.NameAttribute(NameOID.LOCALITY_NAME, "Local"),
+            x509.NameAttribute(NameOID.ORGANIZATION_NAME, "Valory AG"),
+            x509.NameAttribute(NameOID.COMMON_NAME, common_name),
+        ]
+    )
+
+    # Create certificate
+    cert = (
+        x509.CertificateBuilder()
+        .subject_name(subject)
+        .issuer_name(issuer)
+        .public_key(private_key.public_key())
+        .serial_number(1)
+        .not_valid_before(datetime.datetime.now(datetime.timezone.utc))
+        .not_valid_after(
+            datetime.datetime.now(datetime.timezone.utc)
+            + datetime.timedelta(days=validity_days)
+        )
+        .add_extension(
+            x509.BasicConstraints(ca=False, path_length=None),
+            critical=True,
+        )
+        .add_extension(
+            x509.KeyUsage(
+                digital_signature=True,
+                key_encipherment=True,
+                key_agreement=False,
+                key_cert_sign=False,
+                crl_sign=False,
+                content_commitment=False,
+                data_encipherment=False,
+                encipher_only=False,
+                decipher_only=False,
+            ),
+            critical=True,
+        )
+        .add_extension(
+            x509.ExtendedKeyUsage([x509.ExtendedKeyUsageOID.SERVER_AUTH]),
+            critical=True,
+        )
+        .sign(private_key, hashes.SHA256())
+    )
+
+    # Write private key to file
+    with open(key_path, "wb") as f:
+        f.write(
+            private_key.private_bytes(
+                encoding=serialization.Encoding.PEM,
+                format=serialization.PrivateFormat.PKCS8,
+                encryption_algorithm=serialization.NoEncryption(),
+            )
+        )
+
+    # Write certificate to file
+    with open(cert_path, "wb") as f:
+        f.write(cert.public_bytes(serialization.Encoding.PEM))
+
+    logger.info(f"SSL certificate created successfully at {key_path} and {cert_path}")
+
+    return key_path, cert_path