devnet,docs: remove agent build and deployment

Change-Id: I04ab07f6db21918297e891de5475f61d22f58cc5
2021-07-20 22:39:32 +02:00 · 2021-07-20 22:39:32 +02:00 · ce6b39e3be
parent 95473e1eb0
commit ce6b39e3be
6 changed files with 8 additions and 76 deletions
--- a/Dockerfile.client
+++ b/Dockerfile.client
@ -19,8 +19,6 @@ RUN --mount=type=cache,target=/usr/local/cargo,from=rust,source=/usr/local/cargo
    cargo install --version =1.7.0 solana-cli && \
    cargo install --version =2.0.12 spl-token-cli && \
    cargo build --manifest-path ./bridge/Cargo.toml --package client --release && \
-    cargo build --manifest-path ./bridge/Cargo.toml --package agent --release && \
    cp /usr/local/cargo/bin/solana /usr/local/bin && \
    cp /usr/local/cargo/bin/spl-token /usr/local/bin && \
-    cp bridge/target/release/client /usr/local/bin && \
-    cp bridge/target/release/agent /usr/local/bin
+    cp bridge/target/release/client /usr/local/bin
--- a/8
+++ b/8
@ -32,11 +32,3 @@ $(BIN)/guardiand: dirs generate
 	cd bridge && go build -ldflags "-X github.com/certusone/wormhole/bridge/pkg/version.version=${VERSION}" \
 	  -mod=readonly -o ../$(BIN)/guardiand \
 	  github.com/certusone/wormhole/bridge
-
-.PHONY: agent
-agent: $(BIN)/guardiand-solana-agent
-
-.PHONY: $(BIN)/guardiand-solana-agent
-$(BIN)/guardiand-solana-agent: dirs
-	cd solana/agent && cargo build --release
-	cp solana/target/release/agent $(BIN)/guardiand-solana-agent
--- a/6
+++ b/6
@ -77,13 +77,13 @@ k8s_resource(
    ],
 )

-# solana agent and cli (runs alongside bridge)
+# solana client cli (used for devnet setup)

 docker_build(
-    ref = "solana-agent",
+    ref = "solana-client",
    context = ".",
    only = ["./proto", "./solana"],
-    dockerfile = "Dockerfile.agent",
+    dockerfile = "Dockerfile.client",

    # Ignore target folders from local (non-container) development.
    ignore = ["./solana/target", "./solana/agent/target", "./solana/cli/target"],
--- a/devnet/bridge.yaml
+++ b/devnet/bridge.yaml
@ -107,19 +107,3 @@ spec:
            - containerPort: 7070
              name: public-grpc
              protocol: TCP
-        - name: agent
-          image: solana-agent
-          volumeMounts:
-            - mountPath: /run/bridge
-              name: bridge-rundir
-          command:
-            - /usr/local/bin/agent
-            - --bridge=Bridge1p5gheXUvJ6jGWGeCsgPKgnE3YgdGKRVCMY9o
-            - --rpc=http://solana-devnet:8899
-            - --ws=ws://solana-devnet:8900
-            - --socket=/run/bridge/agent.sock
-            - --keypair=id.json
-          ports:
-            - containerPort: 9000
-              name: grpc
-              protocol: TCP
--- a/devnet/solana-devnet.yaml
+++ b/devnet/solana-devnet.yaml
@ -78,7 +78,7 @@ spec:
              port: rpc
              path: /health
        - name: setup
-          image: solana-agent
+          image: solana-client
          command:
            - /usr/src/solana/devnet_setup.sh
          startupProbe:
--- a/docs/operations.md
+++ b/docs/operations.md
@ -78,15 +78,13 @@ git checkout v0.1.2
 Then, compile the release binaries as an unprivileged build user:

 ```bash
-make agent bridge
+make bridge
 ```
    
 You'll end up with the following binaries in `build/`:

 - `guardiand` is the main Wormhole bridge node software.
- `guardiand-solana-agent` is a helper service which runs alongside Wormhole and exposes a gRPC API
-  for Wormhole to interact with Solana and the Wormhole contract on Solana.
-  
+
 Consider these recommendations, not a tutorial to be followed blindly. You'll want to integrate this with your
 existing build pipeline. If you need Dockerfile examples, you can take a look at our devnet deployment.

@ -100,7 +98,7 @@ to disk. Please create a GitHub issue if this extra capability represents an ope
 ## Key Generation

 To generate a guardian key, install guardiand first. If you generate the key on a separate machine, you may want to
-compile guardiand only, without compiling the agent or installing it:
+compile guardiand only without installing it:

    make bridge
    sudo setcap cap_ipc_lock=+ep ./build/bin/guardiand
@ -125,7 +123,6 @@ Example systemd unit for `guardiand.service`, including the right capabilities a
 Description=Wormhole Bridge guardian daemon
 Documentation=https://github.com/certusone/wormhole
 Requires=network.target
-Wants=guardiand-solana-agent.service
 After=network.target

 [Service]
@ -140,7 +137,6 @@ ExecStart=/usr/local/bin/guardiand bridge \
    --bridgeKey /path/to/your/guardian.key \
    --ethRPC ws://your-eth-node:8545 \
    --adminSocket /run/guardiand/admin.socket \
-    --agentRPC /run/guardiand/agent.socket \
    --solanaBridgeAddress "<see launch repo>" \
    --solanaRPC http://solana-host:8899 \
    --solanaWS ws://solana-devnet:8900
@ -163,39 +159,6 @@ LimitMEMLOCK=infinity
 WantedBy=multi-user.target
 ```

-And `guardiand-solana-agent.service`:
-
-```
-# /etc/systemd/system/guardiand-solana-agent.service
-[Unit]
-Description=Wormhole Bridge Solana agent
-Documentation=https://github.com/certusone/wormhole
-Requires=network.target
-
-[Service]
-User=wormhole
-Group=wormhole
-ExecStart=/usr/local/bin/guardiand-solana-agent \
-    --bridge "<see launch repo>" \
-    --rpc http://solana-host:8899 \
-    --ws ws://solana-devnet:8900 \
-    --keypair /path/to/feepayer.key \
-    --socket /run/guardiand/agent.socket
-RuntimeDirectory=guardiand
-RuntimeDirectoryMode=700
-RuntimeDirectoryPreserve=yes
-PermissionsStartOnly=yes
-PrivateTmp=yes
-PrivateDevices=yes
-NoNewPrivileges=yes
-Restart=on-failure 
-RestartSec=5s
-LimitNOFILE=65536
-
-[Install]
-WantedBy=multi-user.target
-```
-
 You need to open port 8999/udp in your firewall for the P2P network. Nothing else has to be exposed externally.

 ### Kubernetes
@ -247,11 +210,6 @@ You'll have to manage the following keys:
   An attacker could potentially use it to censor your messages on the network. Other than that, it's not very
   critical and can be rotated. The node will automatically create a node key at the path you specify if it doesn't exist.
 
- - The **Solana fee payer** account supplied to wormhole-solana-agent. This is a hot wallet which should hold
-   ~10 SOL to pay for VAA submissions. The Wormhole protocol includes a subsidization mechanism which uses transfer
-   fees to reimburse guardians, so during normal operation, you shouldn't have to top up the account (but by
-   all means, set up monitoring for it!).
-   
 - _\[The **Terra fee payer** account. Terra support is still a work in progress - more details on this later\]._ 

 For production, we strongly recommend to either encrypt your disks, and/or take care to never have keys touch the disk.