From 2b954cd82b5b13c054419eca9e8b111b012ad830 Mon Sep 17 00:00:00 2001 From: thunkar Date: Mon, 19 Aug 2024 07:59:00 +0000 Subject: [PATCH 01/36] wallet tests on earthly --- aztec-up/bin/.aztec-run | 4 +- aztec-up/bin/aztec-wallet | 2 +- yarn-project/Earthfile | 4 ++ yarn-project/cli-wallet/src/bin/index.ts | 15 +++++- yarn-project/cli-wallet/src/cmds/add_note.ts | 4 +- yarn-project/cli-wallet/src/cmds/index.ts | 4 +- .../cli-wallet/src/storage/wallet_db.ts | 17 +++++-- .../cli-wallet/src/utils/options/fees.ts | 2 +- .../test/flows/shield_and_transfer.sh | 2 +- yarn-project/end-to-end/Earthfile | 29 +++++++++++- .../scripts/docker-compose-wallet.yml | 46 +++++++++++++++++++ 11 files changed, 115 insertions(+), 14 deletions(-) create mode 100644 yarn-project/end-to-end/scripts/docker-compose-wallet.yml diff --git a/aztec-up/bin/.aztec-run b/aztec-up/bin/.aztec-run index cb2d86fdfbf7..48efc36021eb 100755 --- a/aztec-up/bin/.aztec-run +++ b/aztec-up/bin/.aztec-run @@ -120,8 +120,8 @@ if [[ -z "${SKIP_PORT_ASSIGNMENT:-}" ]]; then fi ssh_agent_forwarding="" -if [ -n "${SSH_AUTH_SOCK:-}" ] && [ "$(uname)" != "Darwin" ]; then - ssh_agent_forwarding="-v $(realpath $SSH_AUTH_SOCK):$SSH_AUTH_SOCK" +if [ -n "${SSH_AUTH_SOCK:-}" ]; then + ssh_agent_forwarding="-v /run/host-services/ssh-auth.sock:/run/host-services/ssh-auth.sock -e SSH_AUTH_SOCK=/run/host-services/ssh-auth.sock" fi docker run \ diff --git a/aztec-up/bin/aztec-wallet b/aztec-up/bin/aztec-wallet index 675b8bfeda6e..8a460db786d8 100755 --- a/aztec-up/bin/aztec-wallet +++ b/aztec-up/bin/aztec-wallet @@ -3,7 +3,7 @@ set -euo pipefail export SKIP_PORT_ASSIGNMENT=1 export WALLET_DATA_DIRECTORY=$(dirname $0)/wallet-data -export ENV_VARS_TO_INJECT="WALLET_DATA_DIRECTORY SSH_AUTH_SOCK" +export ENV_VARS_TO_INJECT="WALLET_DATA_DIRECTORY" mkdir -p $WALLET_DATA_DIRECTORY diff --git a/yarn-project/Earthfile b/yarn-project/Earthfile index 6a918d6abb7d..8dfe901d95bf 100644 --- a/yarn-project/Earthfile +++ b/yarn-project/Earthfile @@ -252,6 +252,10 @@ export-end-to-end: FROM +end-to-end SAVE IMAGE aztecprotocol/end-to-end:$EARTHLY_GIT_HASH +export-e2e-cli-wallet: + BUILD +export-aztec + BUILD +export-cli-wallet + export-e2e-test-images: BUILD +export-aztec BUILD +export-end-to-end diff --git a/yarn-project/cli-wallet/src/bin/index.ts b/yarn-project/cli-wallet/src/bin/index.ts index a4bcb9b5d2c0..5bf937164d32 100644 --- a/yarn-project/cli-wallet/src/bin/index.ts +++ b/yarn-project/cli-wallet/src/bin/index.ts @@ -28,7 +28,20 @@ function injectInternalCommands(program: Command, log: LogFn, db: WalletDB) { }); program - .command('add-secret') + .command('get-alias') + .description('Prints a stored alias') + .addArgument(new Argument('', 'Alias to retrieve').choices(Aliases)) + .action(async alias => { + const value = db.tryRetrieveAlias(alias); + if (value) { + log(value); + } else { + throw new Error(`Alias ${alias} not found`); + } + }); + + program + .command('create-secret') .description('Creates an aliased secret to use in other commands') .addOption(createAliasOption('Key to alias the secret with', false).makeOptionMandatory(true)) .action(async (_options, command) => { diff --git a/yarn-project/cli-wallet/src/cmds/add_note.ts b/yarn-project/cli-wallet/src/cmds/add_note.ts index d3560fffac42..94f7a80e1a5b 100644 --- a/yarn-project/cli-wallet/src/cmds/add_note.ts +++ b/yarn-project/cli-wallet/src/cmds/add_note.ts @@ -11,10 +11,10 @@ export async function addNote( storageFieldName: string, artifactPath: string, txHash: TxHash, - noteFields: string[], + noteBody: string[], log: LogFn, ) { - const fields = parseFields(noteFields); + const fields = parseFields(noteBody); const note = new Note(fields); const contractArtifact = await getContractArtifact(artifactPath, log); diff --git a/yarn-project/cli-wallet/src/cmds/index.ts b/yarn-project/cli-wallet/src/cmds/index.ts index 74d8373b6802..5c0e9725ce0e 100644 --- a/yarn-project/cli-wallet/src/cmds/index.ts +++ b/yarn-project/cli-wallet/src/cmds/index.ts @@ -372,13 +372,13 @@ export function injectCommands(program: Command, log: LogFn, debugLogger: DebugL .action(async (noteName, storageFieldName, _options, command) => { const { addNote } = await import('./add_note.js'); const options = command.optsWithGlobals(); - const { contractArtifact: artifactPathPromise, contractAddress, address, rpcUrl, fields, hash } = options; + const { contractArtifact: artifactPathPromise, contractAddress, address, rpcUrl, body, hash } = options; const artifactPath = await artifactPathFromPromiseOrAlias(artifactPathPromise, contractAddress, db); const client = await createCompatibleClient(rpcUrl, debugLogger); const account = await createOrRetrieveAccount(client, address, db); const wallet = await account.getWallet(); - await addNote(wallet, address, contractAddress, noteName, storageFieldName, artifactPath, hash, fields, log); + await addNote(wallet, address, contractAddress, noteName, storageFieldName, artifactPath, hash, body, log); }); return program; diff --git a/yarn-project/cli-wallet/src/storage/wallet_db.ts b/yarn-project/cli-wallet/src/storage/wallet_db.ts index 8ab72ddce99a..1c5d2d9bfccc 100644 --- a/yarn-project/cli-wallet/src/storage/wallet_db.ts +++ b/yarn-project/cli-wallet/src/storage/wallet_db.ts @@ -97,13 +97,24 @@ export class WalletDB { } tryRetrieveAlias(arg: string) { + try { + return this.retrieveAlias(arg); + } catch (e) { + return arg; + } + } + + retrieveAlias(arg: string) { if (Aliases.find(alias => arg.startsWith(`${alias}:`))) { const [type, ...alias] = arg.split(':'); const data = this.#aliases.get(`${type}:${alias.join(':') ?? 'last'}`); - return data ? data.toString() : arg; + if (!data) { + throw new Error(`Could not find alias ${arg}`); + } + return data.toString(); + } else { + throw new Error(`Aliases must start with one of ${Aliases.join(', ')}`); } - - return arg; } async storeAccountMetadata(aliasOrAddress: AztecAddress | string, metadataKey: string, metadata: Buffer) { diff --git a/yarn-project/cli-wallet/src/utils/options/fees.ts b/yarn-project/cli-wallet/src/utils/options/fees.ts index a87ad62d4051..4d0aa45e4ccb 100644 --- a/yarn-project/cli-wallet/src/utils/options/fees.ts +++ b/yarn-project/cli-wallet/src/utils/options/fees.ts @@ -156,7 +156,7 @@ function parsePaymentMethod( } else { ({ claimAmount, claimSecret } = parsed); } - log(`Using Fee Juice for fee payments with claim for ${parsed.claimAmount} tokens`); + log(`Using Fee Juice for fee payments with claim for ${claimAmount} tokens`); return new FeeJuicePaymentMethodWithClaim( sender.getAddress(), BigInt(claimAmount), diff --git a/yarn-project/cli-wallet/test/flows/shield_and_transfer.sh b/yarn-project/cli-wallet/test/flows/shield_and_transfer.sh index 3b3cde77c8f4..2f458555ba2c 100755 --- a/yarn-project/cli-wallet/test/flows/shield_and_transfer.sh +++ b/yarn-project/cli-wallet/test/flows/shield_and_transfer.sh @@ -7,7 +7,7 @@ echo aztec-wallet create-account -a main aztec-wallet deploy token_contract@Token --args accounts:main Test TST 18 -f main -aztec-wallet add-secret -a shield +aztec-wallet create-secret -a shield aztec-wallet send mint_private -ca contracts:last --args 42 secrets:shield:hash -f main aztec-wallet add-note TransparentNote pending_shields -ca contracts:last -h transactions:last -a accounts:main -b 42 secrets:shield:hash aztec-wallet send redeem_shield -ca contracts:last --args accounts:main 42 secrets:shield -f main diff --git a/yarn-project/end-to-end/Earthfile b/yarn-project/end-to-end/Earthfile index 98f9eb6596a2..9adeca8c5f39 100644 --- a/yarn-project/end-to-end/Earthfile +++ b/yarn-project/end-to-end/Earthfile @@ -27,7 +27,7 @@ E2E_COMPOSE_TEST: END # Run our docker compose, ending whenever sandbox ends, filtering out noisy eth_getLogs ENV JOB_NAME=$project_name - RUN $CMD -p $project_name -f $compose_file up --exit-code-from=end-to-end --force-recreate + RUN $CMD -p $project_name -f $compose_file up --exit-code-from=end-to-end --force-recreate E2E_TEST: FUNCTION @@ -253,3 +253,30 @@ bench-prover: e2e-devnet-smoke: DO +E2E_COMPOSE_TEST --test=devnet/e2e_smoke.test.ts --compose_file=scripts/docker-compose-devnet.yml + +e2e-cli-wallet: + ARG test + ARG compose_file=./scripts/docker-compose-wallet.yml + ARG debug="aztec:*" + ARG hardware_concurrency="" + LOCALLY + ENV TEST=$test + ENV DEBUG=$debug + ENV HARDWARE_CONCURRENCY=$hardware_concurrency + IF docker compose > /dev/null 2>&1 + LET CMD="docker compose" + ELSE + LET CMD="docker-compose" + END + # Let docker compose know about the pushed tags above + ENV AZTEC_DOCKER_TAG=$(git rev-parse HEAD) + # Optimize to not cause serial behavior if image already exists + IF ! docker image ls --format '{{.Repository}}:{{.Tag}}' | grep "aztecprotocol/aztec:$AZTEC_DOCKER_TAG" || \ + ! docker image ls --format '{{.Repository}}:{{.Tag}}' | grep "aztecprotocol/cli-wallet:$AZTEC_DOCKER_TAG" + WAIT + BUILD ../+export-e2e-cli-wallet + END + END + # Run our docker compose, ending whenever the wallet finishes running + ENV JOB_NAME=$project_name + RUN $CMD -p e2e-cli-wallet -f $compose_file run cli-wallet --force-recreate \ No newline at end of file diff --git a/yarn-project/end-to-end/scripts/docker-compose-wallet.yml b/yarn-project/end-to-end/scripts/docker-compose-wallet.yml new file mode 100644 index 000000000000..bcd14df6a505 --- /dev/null +++ b/yarn-project/end-to-end/scripts/docker-compose-wallet.yml @@ -0,0 +1,46 @@ +version: '3' +services: + fork: + image: aztecprotocol/foundry:de33b6af53005037b463318d2628b5cfcaf39916 + pull_policy: always + entrypoint: > + sh -c ' + if [ -n "$FORK_BLOCK_NUMBER" ] && [ -n "$FORK_URL" ]; then + exec anvil --silent -p 8545 --host 0.0.0.0 --chain-id 31337 --fork-url "$FORK_URL" --fork-block-number "$FORK_BLOCK_NUMBER" + else + exec anvil --silent -p 8545 --host 0.0.0.0 --chain-id 31337 + fi' + expose: + - '8545' + + sandbox: + image: aztecprotocol/aztec:${AZTEC_DOCKER_TAG:-latest} + command: 'start --sandbox' + environment: + DEBUG: 'aztec:*' + DEBUG_COLORS: 1 + ETHEREUM_HOST: http://fork:8545 + L1_CHAIN_ID: 31337 + ARCHIVER_POLLING_INTERVAL_MS: 50 + P2P_BLOCK_CHECK_INTERVAL_MS: 50 + SEQ_TX_POLLING_INTERVAL_MS: 50 + WS_BLOCK_CHECK_INTERVAL_MS: 50 + PXE_BLOCK_POLLING_INTERVAL_MS: 50 + ARCHIVER_VIEM_POLLING_INTERVAL_MS: 500 + ENABLE_GAS: ${ENABLE_GAS:-} + HARDWARE_CONCURRENCY: ${HARDWARE_CONCURRENCY:-} + expose: + - '8080' + + cli-wallet: + image: aztecprotocol/cli-wallet:${AZTEC_DOCKER_TAG:-latest} + environment: + DEBUG: ${DEBUG:-aztec:*} + DEBUG_COLORS: 1 + PXE_URL: http://sandbox:8080 + entrypoint: './test/test.sh' + volumes: + - ../log:/usr/src/yarn-project/end-to-end/log:rw + depends_on: + - sandbox + - fork From ee580834cd647dde2fdbf1e2315fdc16f29d4adb Mon Sep 17 00:00:00 2001 From: thunkar Date: Mon, 19 Aug 2024 11:43:09 +0200 Subject: [PATCH 02/36] entrypoint for ssh auth sock workaround --- yarn-project/cli-wallet/Dockerfile | 4 +++- yarn-project/cli-wallet/wallet-entrypoint.sh | 8 ++++++++ 2 files changed, 11 insertions(+), 1 deletion(-) create mode 100644 yarn-project/cli-wallet/wallet-entrypoint.sh diff --git a/yarn-project/cli-wallet/Dockerfile b/yarn-project/cli-wallet/Dockerfile index 4cb56e62d095..e5e454f04e36 100644 --- a/yarn-project/cli-wallet/Dockerfile +++ b/yarn-project/cli-wallet/Dockerfile @@ -1,5 +1,7 @@ FROM aztecprotocol/yarn-project AS yarn-project -ENTRYPOINT ["node", "--no-warnings", "/usr/src/yarn-project/cli-wallet/dest/bin/index.js"] + +COPY ./wallet-entrypoint.sh /usr/src/yarn-project/cli-wallet/wallet-entrypoint.sh +ENTRYPOINT ["/usr/src/yarn-project/cli-wallet/wallet-entrypoint.sh"] # The version has been updated in yarn-project. # Adding COMMIT_TAG here to rebuild versioned image. diff --git a/yarn-project/cli-wallet/wallet-entrypoint.sh b/yarn-project/cli-wallet/wallet-entrypoint.sh new file mode 100644 index 000000000000..d842c6040ede --- /dev/null +++ b/yarn-project/cli-wallet/wallet-entrypoint.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +if [ -n "${SSH_AUTH_SOCK:-}" ]; then + chmod a+w /run/host-services/ssh-auth.sock +fi + +node --no-warnings /usr/src/yarn-project/cli-wallet/dest/bin/index.js "$@" + \ No newline at end of file From 42ad181fdcd01aea767243766fa8d30b363c6716 Mon Sep 17 00:00:00 2001 From: thunkar Date: Mon, 19 Aug 2024 14:45:21 +0200 Subject: [PATCH 03/36] revert --- yarn-project/cli-wallet/Dockerfile | 3 +-- yarn-project/cli-wallet/wallet-entrypoint.sh | 8 -------- 2 files changed, 1 insertion(+), 10 deletions(-) delete mode 100644 yarn-project/cli-wallet/wallet-entrypoint.sh diff --git a/yarn-project/cli-wallet/Dockerfile b/yarn-project/cli-wallet/Dockerfile index e5e454f04e36..c047867868c1 100644 --- a/yarn-project/cli-wallet/Dockerfile +++ b/yarn-project/cli-wallet/Dockerfile @@ -1,7 +1,6 @@ FROM aztecprotocol/yarn-project AS yarn-project -COPY ./wallet-entrypoint.sh /usr/src/yarn-project/cli-wallet/wallet-entrypoint.sh -ENTRYPOINT ["/usr/src/yarn-project/cli-wallet/wallet-entrypoint.sh"] +ENTRYPOINT ["node", "--no-warnings", "/usr/src/yarn-project/cli-wallet/dest/bin/index.js"] # The version has been updated in yarn-project. # Adding COMMIT_TAG here to rebuild versioned image. diff --git a/yarn-project/cli-wallet/wallet-entrypoint.sh b/yarn-project/cli-wallet/wallet-entrypoint.sh deleted file mode 100644 index d842c6040ede..000000000000 --- a/yarn-project/cli-wallet/wallet-entrypoint.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash - -if [ -n "${SSH_AUTH_SOCK:-}" ]; then - chmod a+w /run/host-services/ssh-auth.sock -fi - -node --no-warnings /usr/src/yarn-project/cli-wallet/dest/bin/index.js "$@" - \ No newline at end of file From 186b8fc29965e31b11e3edb02e1c5be2e93c4edc Mon Sep 17 00:00:00 2001 From: thunkar Date: Mon, 19 Aug 2024 13:16:29 +0000 Subject: [PATCH 04/36] revert to env variable --- aztec-up/bin/.aztec-run | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aztec-up/bin/.aztec-run b/aztec-up/bin/.aztec-run index 48efc36021eb..a73f415d188b 100755 --- a/aztec-up/bin/.aztec-run +++ b/aztec-up/bin/.aztec-run @@ -121,7 +121,7 @@ fi ssh_agent_forwarding="" if [ -n "${SSH_AUTH_SOCK:-}" ]; then - ssh_agent_forwarding="-v /run/host-services/ssh-auth.sock:/run/host-services/ssh-auth.sock -e SSH_AUTH_SOCK=/run/host-services/ssh-auth.sock" + ssh_agent_forwarding="-v $SSH_AUTH_SOCK:$SSH_AUTH_SOCK -e SSH_AUTH_SOCK=$SSH_AUTH_SOCK" fi docker run \ From b44eb178b368fd34794b81481d1eb3acc8907d71 Mon Sep 17 00:00:00 2001 From: thunkar Date: Mon, 19 Aug 2024 16:06:59 +0200 Subject: [PATCH 05/36] fixes --- aztec-up/bin/.aztec-run | 8 +++++++- aztec-up/bin/aztec-wallet | 2 +- yarn-project/cli-wallet/test/test.sh | 7 ++++++- 3 files changed, 14 insertions(+), 3 deletions(-) diff --git a/aztec-up/bin/.aztec-run b/aztec-up/bin/.aztec-run index a73f415d188b..fd3e932d55f1 100755 --- a/aztec-up/bin/.aztec-run +++ b/aztec-up/bin/.aztec-run @@ -121,7 +121,13 @@ fi ssh_agent_forwarding="" if [ -n "${SSH_AUTH_SOCK:-}" ]; then - ssh_agent_forwarding="-v $SSH_AUTH_SOCK:$SSH_AUTH_SOCK -e SSH_AUTH_SOCK=$SSH_AUTH_SOCK" + ssh_agent_forwarding="-v $(realpath $SSH_AUTH_SOCK):$SSH_AUTH_SOCK" + if [ "$UNAME" == "Darwin" ]; then + # Docker never fixed the issue with SSH_AUTH_SOCK on macOS, so we need to do this workaround if running a user other than root + # in case the user is running the default agent + # https://github.com/docker/for-mac/issues/4242#issuecomment-604890394 + docker run -it --privileged --pid=host ubuntu:noble nsenter -t 1 -m -u -n -i sh -c 'chmod o+w /run/host-services/ssh-auth.sock' + fi fi docker run \ diff --git a/aztec-up/bin/aztec-wallet b/aztec-up/bin/aztec-wallet index 8a460db786d8..c6c9d64add5a 100755 --- a/aztec-up/bin/aztec-wallet +++ b/aztec-up/bin/aztec-wallet @@ -3,7 +3,7 @@ set -euo pipefail export SKIP_PORT_ASSIGNMENT=1 export WALLET_DATA_DIRECTORY=$(dirname $0)/wallet-data -export ENV_VARS_TO_INJECT="WALLET_DATA_DIRECTORY" +export ENV_VARS_TO_INJECT="SSH_AUTH_SOCK WALLET_DATA_DIRECTORY" mkdir -p $WALLET_DATA_DIRECTORY diff --git a/yarn-project/cli-wallet/test/test.sh b/yarn-project/cli-wallet/test/test.sh index 20964d613e7e..c1dea041c975 100755 --- a/yarn-project/cli-wallet/test/test.sh +++ b/yarn-project/cli-wallet/test/test.sh @@ -1,10 +1,15 @@ #!/bin/bash set -e +LOCATION=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) + NOIR_CONTRACTS_PATH=$(realpath ../../../noir-projects/noir-contracts) USE_DOCKER=$1 -export WALLET_DATA_DIRECTORY=$(realpath ./data) + +export WALLET_DATA_DIRECTORY="${LOCATION}/data" + rm -rf $WALLET_DATA_DIRECTORY +mkdir -p $WALLET_DATA_DIRECTORY COMMAND="node --no-warnings $(realpath ../dest/bin/index.js)" From 01497ee610e07745b356bf4222c2c3eeb536678f Mon Sep 17 00:00:00 2001 From: thunkar Date: Mon, 19 Aug 2024 22:47:38 +0200 Subject: [PATCH 06/36] crazy hack --- aztec-up/bin/.aztec-run | 48 +++++++++++++++---- aztec-up/bin/.ssh-hack | 11 +++++ aztec-up/bin/aztec | 4 ++ aztec-up/bin/aztec-wallet | 9 +++- .../bin/link-ssh-auth-sock.plist.template | 16 +++++++ 5 files changed, 78 insertions(+), 10 deletions(-) create mode 100755 aztec-up/bin/.ssh-hack create mode 100644 aztec-up/bin/link-ssh-auth-sock.plist.template diff --git a/aztec-up/bin/.aztec-run b/aztec-up/bin/.aztec-run index fd3e932d55f1..2c0b36dc7ee7 100755 --- a/aztec-up/bin/.aztec-run +++ b/aztec-up/bin/.aztec-run @@ -11,6 +11,7 @@ DEFAULT_PORT=8080 VERSION=${VERSION:-"latest"} AZTEC_PORT=${AZTEC_PORT:-$DEFAULT_PORT} INHERIT_USER=${INHERIT_USER:-1} +SSH_AUTH_SOCK_WARNING_FILE="$(dirname $0)/ssh_auth_sock_warning.lock" if [[ -n "${NETWORK:-}" ]]; then VERSION=$NETWORK @@ -29,6 +30,19 @@ function warn { echo -e "${y}$1${r}" } +mac_ssh_auth_sock_warn() { + echo "" + warn "#####################################################################################" + warn "# WARNING: SSH_AUTH_SOCK is set to the default macOS ssh-agent in /private/tmp/... #" + warn "# Unfortunately this is not supported in Docker and specially problematic if using #" + warn "# VirtioFS (https://github.com/docker/for-mac/issues/6375) #" + warn "# #" + warn "# To get rid of this warning, either set SSH_AUTH_SOCK to a different value or run #" + warn "# aztec ignore-mac-os-default-ssh-agent #" + warn "#####################################################################################" + echo "" +} + if ! command -v docker &>/dev/null; then warn "No docker found." exit 1 @@ -105,7 +119,7 @@ done DOCKER_ENV="-e HOME=$HOME" for env in ${ENV_VARS_TO_INJECT:-}; do - if [ -n "${!env:-}" ]; then + if [[ $env != "SSH_AUTH_SOCK" ]] && [[ -n "${!env:-}" ]]; then # First substitute any reference to localhost with our host gateway. env=${env//localhost/host.docker.internal} # Inject into container. @@ -119,17 +133,29 @@ if [[ -z "${SKIP_PORT_ASSIGNMENT:-}" ]]; then port_assignment="-p $AZTEC_PORT:$AZTEC_PORT" fi +SSH_HACK=false + ssh_agent_forwarding="" -if [ -n "${SSH_AUTH_SOCK:-}" ]; then - ssh_agent_forwarding="-v $(realpath $SSH_AUTH_SOCK):$SSH_AUTH_SOCK" - if [ "$UNAME" == "Darwin" ]; then - # Docker never fixed the issue with SSH_AUTH_SOCK on macOS, so we need to do this workaround if running a user other than root - # in case the user is running the default agent - # https://github.com/docker/for-mac/issues/4242#issuecomment-604890394 - docker run -it --privileged --pid=host ubuntu:noble nsenter -t 1 -m -u -n -i sh -c 'chmod o+w /run/host-services/ssh-auth.sock' +if [[ "$ENV_VARS_TO_INJECT" == *"SSH_AUTH_SOCK"* ]]; then + if [[ "$UNAME" == "Darwin" ]]; then + if [[ "$SSH_AUTH_SOCK" == "/private/tmp/com.apple.launchd."* && ! -f "$SSH_AUTH_SOCK_WARNING_FILE" ]]; then + mac_ssh_auth_sock_warn + fi + .ssh-hack --load + SSH_HACK=true + SSH_AUTH_SOCK="/run/host-services/ssh-auth.sock" + ssh_agent_forwarding="-v $SSH_AUTH_SOCK:$SSH_AUTH_SOCK" + else + ssh_agent_forwarding="-v $(realpath $SSH_AUTH_SOCK):$SSH_AUTH_SOCK" fi + DOCKER_ENV+=" -e SSH_AUTH_SOCK=$SSH_AUTH_SOCK" + echo "" + echo "SSH_AUTH_SOCK is set to ${SSH_AUTH_SOCK}. Enabling SSH agent forwarding." + echo "" fi +echo $DOCKER_ENV + docker run \ -ti \ --rm \ @@ -139,5 +165,9 @@ docker run \ $port_assignment \ ${DOCKER_ENV:-} \ ${DOCKER_HOST_BINDS:-} \ - ${DOCKER_USER:-} \ $IMAGE:$VERSION ${preserved_args[@]:-} + + +if [[ "$SSH_HACK" == "true" ]]; then + ./.ssh-hack --unload +fi \ No newline at end of file diff --git a/aztec-up/bin/.ssh-hack b/aztec-up/bin/.ssh-hack new file mode 100755 index 000000000000..f803ed413e20 --- /dev/null +++ b/aztec-up/bin/.ssh-hack @@ -0,0 +1,11 @@ +#!/bin/bash + +LINK_FILE="$HOME/Library/LaunchAgents/link-ssh-auth-sock.plist" + +if [ "${1:-}" == "--load" ]; then + cat ./link-ssh-auth-sock.plist.template | sed -e "s+NEW_SSH_AUTH_SOCK+$SSH_AUTH_SOCK+g" > "$LINK_FILE" + launchctl load -F "$LINK_FILE" || true +elif [ -e "$LINK_FILE" ]; then + launchctl unload -F "$LINK_FILE" || true + rm -rf "$LINK_FILE" +fi \ No newline at end of file diff --git a/aztec-up/bin/aztec b/aztec-up/bin/aztec index 0989bb64469f..e97d2bc09003 100755 --- a/aztec-up/bin/aztec +++ b/aztec-up/bin/aztec @@ -1,6 +1,8 @@ #!/usr/bin/env bash set -euo pipefail +SSH_AUTH_SOCK_WARNING_FILE="$(dirname $0)/ssh_auth_sock_warning.lock" + # Directory of env_var file TS_ENV_VAR_FILE=/usr/src/yarn-project/foundation/src/config/env_var.ts LOCAL_TS_FILE=./env_var.ts @@ -67,6 +69,8 @@ elif [ "${1:-}" == "start" ]; then readarray -t ENV_VARS_TO_INJECT <"$LOCAL_ENV_VAR_FILE" export ENV_VARS_TO_INJECT="${ENV_VARS_TO_INJECT[*]}" ENV_VARS_TO_INJECT="${ENV_VARS_TO_INJECT[*]}" INHERIT_USER=0 $(dirname $0)/.aztec-run aztecprotocol/aztec "$@" +elif [ "${1:-}" == "ignore-mac-os-default-ssh-agent" ]; then + touch $SSH_AUTH_SOCK_WARNING_FILE else ENV_VARS_TO_INJECT="SECRET_KEY" SKIP_PORT_ASSIGNMENT=1 $(dirname $0)/.aztec-run aztecprotocol/aztec "$@" fi diff --git a/aztec-up/bin/aztec-wallet b/aztec-up/bin/aztec-wallet index c6c9d64add5a..b269ca1731dc 100755 --- a/aztec-up/bin/aztec-wallet +++ b/aztec-up/bin/aztec-wallet @@ -3,8 +3,15 @@ set -euo pipefail export SKIP_PORT_ASSIGNMENT=1 export WALLET_DATA_DIRECTORY=$(dirname $0)/wallet-data -export ENV_VARS_TO_INJECT="SSH_AUTH_SOCK WALLET_DATA_DIRECTORY" + +ENV_VARS_TO_INJECT="WALLET_DATA_DIRECTORY" mkdir -p $WALLET_DATA_DIRECTORY +if [[ "$*" == *"-t ecdsasecp256r1ssh"* ]]; then + ENV_VARS_TO_INJECT="$ENV_VARS_TO_INJECT SSH_AUTH_SOCK" +fi + +export ENV_VARS_TO_INJECT + $(dirname $0)/.aztec-run aztecprotocol/cli-wallet $@ \ No newline at end of file diff --git a/aztec-up/bin/link-ssh-auth-sock.plist.template b/aztec-up/bin/link-ssh-auth-sock.plist.template new file mode 100644 index 000000000000..c97e61c409e8 --- /dev/null +++ b/aztec-up/bin/link-ssh-auth-sock.plist.template @@ -0,0 +1,16 @@ + + + + + Label + link-ssh-auth-sock + ProgramArguments + + /bin/sh + -c + /bin/ln -sf NEW_SSH_AUTH_SOCK $SSH_AUTH_SOCK + + RunAtLoad + + + \ No newline at end of file From 2187cdd79f3be910204ce857d4c203847077d61c Mon Sep 17 00:00:00 2001 From: thunkar Date: Tue, 20 Aug 2024 09:57:18 +0200 Subject: [PATCH 07/36] More crazy workaround --- aztec-up/bin/.aztec-run | 83 ++++++++++--------- aztec-up/bin/.ssh-hack | 34 ++++++-- .../bin/link-ssh-auth-sock.plist.template | 2 +- yarn-project/cli-wallet/src/bin/index.ts | 2 +- 4 files changed, 71 insertions(+), 50 deletions(-) diff --git a/aztec-up/bin/.aztec-run b/aztec-up/bin/.aztec-run index 2c0b36dc7ee7..7edb5e8192a9 100755 --- a/aztec-up/bin/.aztec-run +++ b/aztec-up/bin/.aztec-run @@ -30,19 +30,6 @@ function warn { echo -e "${y}$1${r}" } -mac_ssh_auth_sock_warn() { - echo "" - warn "#####################################################################################" - warn "# WARNING: SSH_AUTH_SOCK is set to the default macOS ssh-agent in /private/tmp/... #" - warn "# Unfortunately this is not supported in Docker and specially problematic if using #" - warn "# VirtioFS (https://github.com/docker/for-mac/issues/6375) #" - warn "# #" - warn "# To get rid of this warning, either set SSH_AUTH_SOCK to a different value or run #" - warn "# aztec ignore-mac-os-default-ssh-agent #" - warn "#####################################################################################" - echo "" -} - if ! command -v docker &>/dev/null; then warn "No docker found." exit 1 @@ -119,6 +106,7 @@ done DOCKER_ENV="-e HOME=$HOME" for env in ${ENV_VARS_TO_INJECT:-}; do + # SSH_AUTH_SOCK must be handled separately if [[ $env != "SSH_AUTH_SOCK" ]] && [[ -n "${!env:-}" ]]; then # First substitute any reference to localhost with our host gateway. env=${env//localhost/host.docker.internal} @@ -133,41 +121,54 @@ if [[ -z "${SKIP_PORT_ASSIGNMENT:-}" ]]; then port_assignment="-p $AZTEC_PORT:$AZTEC_PORT" fi -SSH_HACK=false - ssh_agent_forwarding="" -if [[ "$ENV_VARS_TO_INJECT" == *"SSH_AUTH_SOCK"* ]]; then +if [[ "$ENV_VARS_TO_INJECT" == *"SSH_AUTH_SOCK"* && -n $SSH_AUTH_SOCK ]]; then + echo "" + echo "SSH_AUTH_SOCK is set to ${SSH_AUTH_SOCK:-}. Enabling SSH agent forwarding." + echo "" + CWD=$(dirname $0) if [[ "$UNAME" == "Darwin" ]]; then - if [[ "$SSH_AUTH_SOCK" == "/private/tmp/com.apple.launchd."* && ! -f "$SSH_AUTH_SOCK_WARNING_FILE" ]]; then - mac_ssh_auth_sock_warn + if [[ $SSH_AUTH_SOCK == "/private/tmp/com.apple.launchd."* && ! -f "$SSH_AUTH_SOCK_WARNING_FILE" ]]; then + echo "" + warn "#####################################################################################" + warn "# WARNING: SSH_AUTH_SOCK is set to the default macOS ssh-agent in /private/tmp/... #" + warn "# Unfortunately this is not supported in Docker and specially problematic if using #" + warn "# VirtioFS (https://github.com/docker/for-mac/issues/6375) #" + warn "# #" + warn "# To get rid of this warning, either set SSH_AUTH_SOCK to a different value or run #" + warn "# aztec ignore-mac-os-default-ssh-agent #" + warn "#####################################################################################" + echo "" + exit 1 fi - .ssh-hack --load - SSH_HACK=true - SSH_AUTH_SOCK="/run/host-services/ssh-auth.sock" - ssh_agent_forwarding="-v $SSH_AUTH_SOCK:$SSH_AUTH_SOCK" + # Docker never ssh agent forwarding on macOS, so we need to do this workaround if running a user other than root + # https://github.com/docker/for-mac/issues/4242#issuecomment-604890394 + docker run --rm -it --privileged --pid=host ubuntu:noble nsenter -t 1 -m -u -n -i sh -c 'chmod o+w /run/host-services/ssh-auth.sock' + "$CWD/.ssh-hack" load + DOCKER_SSH_AUTH_SOCK="/run/host-services/ssh-auth.sock" + ssh_agent_forwarding="-v $DOCKER_SSH_AUTH_SOCK:$DOCKER_SSH_AUTH_SOCK" + DOCKER_ENV+=" -e SSH_AUTH_SOCK=$DOCKER_SSH_AUTH_SOCK" + trap "$CWD/.ssh-hack unload" EXIT else ssh_agent_forwarding="-v $(realpath $SSH_AUTH_SOCK):$SSH_AUTH_SOCK" + DOCKER_ENV+=" -e SSH_AUTH_SOCK=$SSH_AUTH_SOCK" fi - DOCKER_ENV+=" -e SSH_AUTH_SOCK=$SSH_AUTH_SOCK" - echo "" - echo "SSH_AUTH_SOCK is set to ${SSH_AUTH_SOCK}. Enabling SSH agent forwarding." - echo "" fi -echo $DOCKER_ENV - -docker run \ - -ti \ - --rm \ - --workdir "$PWD" \ - -v $HOME:$HOME -v cache:/cache \ - $ssh_agent_forwarding \ - $port_assignment \ - ${DOCKER_ENV:-} \ - ${DOCKER_HOST_BINDS:-} \ - $IMAGE:$VERSION ${preserved_args[@]:-} +aztec_run() { + echo "Launching!" + docker run \ + -ti \ + --rm \ + --workdir "$PWD" \ + -v $HOME:$HOME -v cache:/cache \ + $ssh_agent_forwarding \ + $port_assignment \ + ${DOCKER_ENV:-} \ + ${DOCKER_HOST_BINDS:-} \ + ${DOCKER_USER:-} \ + $IMAGE:$VERSION ${preserved_args[@]:-} +} -if [[ "$SSH_HACK" == "true" ]]; then - ./.ssh-hack --unload -fi \ No newline at end of file +aztec_run \ No newline at end of file diff --git a/aztec-up/bin/.ssh-hack b/aztec-up/bin/.ssh-hack index f803ed413e20..b75bf136aa66 100755 --- a/aztec-up/bin/.ssh-hack +++ b/aztec-up/bin/.ssh-hack @@ -1,11 +1,31 @@ #!/bin/bash +# Mac OS hack to override the default ssh agent. The OS doesn't respect the SSH_AUTH_SOCK env var, so +# we have to get creative and symlink the default socket to the one we want to use. This script supports +# doing it permanently via a launch agent. Heavily inspired by https://github.com/docker/for-mac/issues/4242#issuecomment-822027581 + +CWD=$(dirname $0) + LINK_FILE="$HOME/Library/LaunchAgents/link-ssh-auth-sock.plist" +TEMPLATE_FILE="$CWD/link-ssh-auth-sock.plist.template" +ORIGINAL_SSH_AUTH_SOCK=$(launchctl asuser "${UID:-"$(id -u)"}" launchctl getenv SSH_AUTH_SOCK) -if [ "${1:-}" == "--load" ]; then - cat ./link-ssh-auth-sock.plist.template | sed -e "s+NEW_SSH_AUTH_SOCK+$SSH_AUTH_SOCK+g" > "$LINK_FILE" - launchctl load -F "$LINK_FILE" || true -elif [ -e "$LINK_FILE" ]; then - launchctl unload -F "$LINK_FILE" || true - rm -rf "$LINK_FILE" -fi \ No newline at end of file +if [ "${2:-}" == "--permanent" ]; then + if [ "${1:-}" == "load" ]; then + echo "Symlinking $SSH_AUTH_SOCK to $ORIGINAL_SSH_AUTH_SOCK via a launch agent in $LINK_FILE." + cat "$TEMPLATE_FILE" | sed -e "s+NEW_SSH_AUTH_SOCK+$SSH_AUTH_SOCK+g" | sed -e "s+ORIGINAL_SSH_AUTH_SOCK+$ORIGINAL_SSH_AUTH_SOCK+g" > "$LINK_FILE" + launchctl load -F "$LINK_FILE" + elif [ "${1:-}" == "unload" ] && [ -e "$LINK_FILE" ]; then + echo "Unloading launch agent and removing $LINK_FILE." + launchctl unload -F "$LINK_FILE" + rm -rf "$LINK_FILE" + fi +else + if [ "${1:-}" == "load" ]; then + echo "No --permanent flag provided. Symlinking $SSH_AUTH_SOCK to $ORIGINAL_SSH_AUTH_SOCK." + ln -sf $SSH_AUTH_SOCK $ORIGINAL_SSH_AUTH_SOCK + elif [ "${1:-}" == "unload" ] && [ -e "$LINK_FILE" ]; then + echo "Removing link from $SSH_AUTH_SOCK to $ORIGINAL_SSH_AUTH_SOCK." + unlink $SSH_AUTH_SOCK + fi +fi \ No newline at end of file diff --git a/aztec-up/bin/link-ssh-auth-sock.plist.template b/aztec-up/bin/link-ssh-auth-sock.plist.template index c97e61c409e8..83d060941320 100644 --- a/aztec-up/bin/link-ssh-auth-sock.plist.template +++ b/aztec-up/bin/link-ssh-auth-sock.plist.template @@ -8,7 +8,7 @@ /bin/sh -c - /bin/ln -sf NEW_SSH_AUTH_SOCK $SSH_AUTH_SOCK + /bin/ln -sf NEW_SSH_AUTH_SOCK ORIGINAL_SSH_AUTH_SOCK RunAtLoad diff --git a/yarn-project/cli-wallet/src/bin/index.ts b/yarn-project/cli-wallet/src/bin/index.ts index 5bf937164d32..18137bfec619 100644 --- a/yarn-project/cli-wallet/src/bin/index.ts +++ b/yarn-project/cli-wallet/src/bin/index.ts @@ -31,7 +31,7 @@ function injectInternalCommands(program: Command, log: LogFn, db: WalletDB) { .command('get-alias') .description('Prints a stored alias') .addArgument(new Argument('', 'Alias to retrieve').choices(Aliases)) - .action(async alias => { + .action(alias => { const value = db.tryRetrieveAlias(alias); if (value) { log(value); From 87b6d358e5a777c406b747e0c6b358ea4de8b379 Mon Sep 17 00:00:00 2001 From: thunkar Date: Tue, 20 Aug 2024 10:18:54 +0200 Subject: [PATCH 08/36] more fixes --- aztec-up/bin/.aztec-run | 43 +++++++++++++++++++-------------------- aztec-up/bin/.ssh-hack | 6 ++++-- aztec-up/bin/aztec-wallet | 9 +------- 3 files changed, 26 insertions(+), 32 deletions(-) diff --git a/aztec-up/bin/.aztec-run b/aztec-up/bin/.aztec-run index 7edb5e8192a9..c48f9181b503 100755 --- a/aztec-up/bin/.aztec-run +++ b/aztec-up/bin/.aztec-run @@ -122,10 +122,8 @@ if [[ -z "${SKIP_PORT_ASSIGNMENT:-}" ]]; then fi ssh_agent_forwarding="" -if [[ "$ENV_VARS_TO_INJECT" == *"SSH_AUTH_SOCK"* && -n $SSH_AUTH_SOCK ]]; then - echo "" - echo "SSH_AUTH_SOCK is set to ${SSH_AUTH_SOCK:-}. Enabling SSH agent forwarding." - echo "" +if [[ "$ENV_VARS_TO_INJECT" == *"SSH_AUTH_SOCK"* && -n "${SSH_AUTH_SOCK:-}" ]]; then + warn "SSH_AUTH_SOCK is set to ${SSH_AUTH_SOCK:-}. Enabling SSH agent forwarding." CWD=$(dirname $0) if [[ "$UNAME" == "Darwin" ]]; then if [[ $SSH_AUTH_SOCK == "/private/tmp/com.apple.launchd."* && ! -f "$SSH_AUTH_SOCK_WARNING_FILE" ]]; then @@ -148,27 +146,28 @@ if [[ "$ENV_VARS_TO_INJECT" == *"SSH_AUTH_SOCK"* && -n $SSH_AUTH_SOCK ]]; then DOCKER_SSH_AUTH_SOCK="/run/host-services/ssh-auth.sock" ssh_agent_forwarding="-v $DOCKER_SSH_AUTH_SOCK:$DOCKER_SSH_AUTH_SOCK" DOCKER_ENV+=" -e SSH_AUTH_SOCK=$DOCKER_SSH_AUTH_SOCK" - trap "$CWD/.ssh-hack unload" EXIT + ssh_hack_unload() { + $CWD/.ssh-hack unload + } + trap ssh_hack_unload EXIT else ssh_agent_forwarding="-v $(realpath $SSH_AUTH_SOCK):$SSH_AUTH_SOCK" DOCKER_ENV+=" -e SSH_AUTH_SOCK=$SSH_AUTH_SOCK" fi fi -aztec_run() { - echo "Launching!" - docker run \ - -ti \ - --rm \ - --workdir "$PWD" \ - -v $HOME:$HOME -v cache:/cache \ - $ssh_agent_forwarding \ - $port_assignment \ - ${DOCKER_ENV:-} \ - ${DOCKER_HOST_BINDS:-} \ - ${DOCKER_USER:-} \ - $IMAGE:$VERSION ${preserved_args[@]:-} -} - - -aztec_run \ No newline at end of file +echo "" + +docker run \ + -ti \ + --rm \ + --workdir "$PWD" \ + -v $HOME:$HOME -v cache:/cache \ + $ssh_agent_forwarding \ + $port_assignment \ + ${DOCKER_ENV:-} \ + ${DOCKER_HOST_BINDS:-} \ + ${DOCKER_USER:-} \ + $IMAGE:$VERSION ${preserved_args[@]:-} + +echo "" \ No newline at end of file diff --git a/aztec-up/bin/.ssh-hack b/aztec-up/bin/.ssh-hack index b75bf136aa66..9357e393a4c8 100755 --- a/aztec-up/bin/.ssh-hack +++ b/aztec-up/bin/.ssh-hack @@ -22,10 +22,12 @@ if [ "${2:-}" == "--permanent" ]; then fi else if [ "${1:-}" == "load" ]; then - echo "No --permanent flag provided. Symlinking $SSH_AUTH_SOCK to $ORIGINAL_SSH_AUTH_SOCK." + echo "Symlinking $SSH_AUTH_SOCK to $ORIGINAL_SSH_AUTH_SOCK." + mv $ORIGINAL_SSH_AUTH_SOCK $ORIGINAL_SSH_AUTH_SOCK.bak ln -sf $SSH_AUTH_SOCK $ORIGINAL_SSH_AUTH_SOCK - elif [ "${1:-}" == "unload" ] && [ -e "$LINK_FILE" ]; then + elif [ "${1:-}" == "unload" ]; then echo "Removing link from $SSH_AUTH_SOCK to $ORIGINAL_SSH_AUTH_SOCK." unlink $SSH_AUTH_SOCK + mv $ORIGINAL_SSH_AUTH_SOCK.bak $ORIGINAL_SSH_AUTH_SOCK fi fi \ No newline at end of file diff --git a/aztec-up/bin/aztec-wallet b/aztec-up/bin/aztec-wallet index b269ca1731dc..675b8bfeda6e 100755 --- a/aztec-up/bin/aztec-wallet +++ b/aztec-up/bin/aztec-wallet @@ -3,15 +3,8 @@ set -euo pipefail export SKIP_PORT_ASSIGNMENT=1 export WALLET_DATA_DIRECTORY=$(dirname $0)/wallet-data - -ENV_VARS_TO_INJECT="WALLET_DATA_DIRECTORY" +export ENV_VARS_TO_INJECT="WALLET_DATA_DIRECTORY SSH_AUTH_SOCK" mkdir -p $WALLET_DATA_DIRECTORY -if [[ "$*" == *"-t ecdsasecp256r1ssh"* ]]; then - ENV_VARS_TO_INJECT="$ENV_VARS_TO_INJECT SSH_AUTH_SOCK" -fi - -export ENV_VARS_TO_INJECT - $(dirname $0)/.aztec-run aztecprotocol/cli-wallet $@ \ No newline at end of file From a500fbbd07a9a2afee760f540127d62541765da4 Mon Sep 17 00:00:00 2001 From: thunkar Date: Tue, 20 Aug 2024 10:22:54 +0200 Subject: [PATCH 09/36] fix --- aztec-up/bin/.ssh-hack | 2 -- 1 file changed, 2 deletions(-) diff --git a/aztec-up/bin/.ssh-hack b/aztec-up/bin/.ssh-hack index 9357e393a4c8..435c235a1f00 100755 --- a/aztec-up/bin/.ssh-hack +++ b/aztec-up/bin/.ssh-hack @@ -23,11 +23,9 @@ if [ "${2:-}" == "--permanent" ]; then else if [ "${1:-}" == "load" ]; then echo "Symlinking $SSH_AUTH_SOCK to $ORIGINAL_SSH_AUTH_SOCK." - mv $ORIGINAL_SSH_AUTH_SOCK $ORIGINAL_SSH_AUTH_SOCK.bak ln -sf $SSH_AUTH_SOCK $ORIGINAL_SSH_AUTH_SOCK elif [ "${1:-}" == "unload" ]; then echo "Removing link from $SSH_AUTH_SOCK to $ORIGINAL_SSH_AUTH_SOCK." unlink $SSH_AUTH_SOCK - mv $ORIGINAL_SSH_AUTH_SOCK.bak $ORIGINAL_SSH_AUTH_SOCK fi fi \ No newline at end of file From aef2729461d89b0653fb8c55aad4790019c0849d Mon Sep 17 00:00:00 2001 From: thunkar Date: Tue, 20 Aug 2024 11:31:21 +0200 Subject: [PATCH 10/36] working hack --- aztec-up/bin/.aztec-run | 6 +----- aztec-up/bin/.ssh-hack | 12 +++++++----- 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/aztec-up/bin/.aztec-run b/aztec-up/bin/.aztec-run index c48f9181b503..20df90b0e220 100755 --- a/aztec-up/bin/.aztec-run +++ b/aztec-up/bin/.aztec-run @@ -156,8 +156,6 @@ if [[ "$ENV_VARS_TO_INJECT" == *"SSH_AUTH_SOCK"* && -n "${SSH_AUTH_SOCK:-}" ]]; fi fi -echo "" - docker run \ -ti \ --rm \ @@ -168,6 +166,4 @@ docker run \ ${DOCKER_ENV:-} \ ${DOCKER_HOST_BINDS:-} \ ${DOCKER_USER:-} \ - $IMAGE:$VERSION ${preserved_args[@]:-} - -echo "" \ No newline at end of file + $IMAGE:$VERSION ${preserved_args[@]:-} \ No newline at end of file diff --git a/aztec-up/bin/.ssh-hack b/aztec-up/bin/.ssh-hack index 435c235a1f00..5343a2a336f3 100755 --- a/aztec-up/bin/.ssh-hack +++ b/aztec-up/bin/.ssh-hack @@ -12,20 +12,22 @@ ORIGINAL_SSH_AUTH_SOCK=$(launchctl asuser "${UID:-"$(id -u)"}" launchctl getenv if [ "${2:-}" == "--permanent" ]; then if [ "${1:-}" == "load" ]; then - echo "Symlinking $SSH_AUTH_SOCK to $ORIGINAL_SSH_AUTH_SOCK via a launch agent in $LINK_FILE." + launchctl stop $(id -u)/com.openssh.ssh-agent + mv $ORIGINAL_SSH_AUTH_SOCK $ORIGINAL_SSH_AUTH_SOCK.bak cat "$TEMPLATE_FILE" | sed -e "s+NEW_SSH_AUTH_SOCK+$SSH_AUTH_SOCK+g" | sed -e "s+ORIGINAL_SSH_AUTH_SOCK+$ORIGINAL_SSH_AUTH_SOCK+g" > "$LINK_FILE" launchctl load -F "$LINK_FILE" elif [ "${1:-}" == "unload" ] && [ -e "$LINK_FILE" ]; then - echo "Unloading launch agent and removing $LINK_FILE." launchctl unload -F "$LINK_FILE" rm -rf "$LINK_FILE" + rm -rf $ORIGINAL_SSH_AUTH_SOCK + mv $ORIGINAL_SSH_AUTH_SOCK.bak $ORIGINAL_SSH_AUTH_SOCK fi else if [ "${1:-}" == "load" ]; then - echo "Symlinking $SSH_AUTH_SOCK to $ORIGINAL_SSH_AUTH_SOCK." + mv $ORIGINAL_SSH_AUTH_SOCK $ORIGINAL_SSH_AUTH_SOCK.bak ln -sf $SSH_AUTH_SOCK $ORIGINAL_SSH_AUTH_SOCK elif [ "${1:-}" == "unload" ]; then - echo "Removing link from $SSH_AUTH_SOCK to $ORIGINAL_SSH_AUTH_SOCK." - unlink $SSH_AUTH_SOCK + rm -rf $ORIGINAL_SSH_AUTH_SOCK + mv $ORIGINAL_SSH_AUTH_SOCK.bak $ORIGINAL_SSH_AUTH_SOCK fi fi \ No newline at end of file From 3ec319ba7e0381a4ef2f9ba8e276facdcc2b5366 Mon Sep 17 00:00:00 2001 From: thunkar Date: Tue, 20 Aug 2024 12:16:57 +0200 Subject: [PATCH 11/36] fix touchid accounts --- yarn-project/cli-wallet/src/bin/index.ts | 13 ++++++++----- .../cli-wallet/src/storage/wallet_db.ts | 17 ++++++++++++++++- yarn-project/cli-wallet/src/utils/accounts.ts | 2 +- 3 files changed, 25 insertions(+), 7 deletions(-) diff --git a/yarn-project/cli-wallet/src/bin/index.ts b/yarn-project/cli-wallet/src/bin/index.ts index 18137bfec619..638c800d1907 100644 --- a/yarn-project/cli-wallet/src/bin/index.ts +++ b/yarn-project/cli-wallet/src/bin/index.ts @@ -29,14 +29,17 @@ function injectInternalCommands(program: Command, log: LogFn, db: WalletDB) { program .command('get-alias') - .description('Prints a stored alias') - .addArgument(new Argument('', 'Alias to retrieve').choices(Aliases)) + .description('Shows stored aliases') + .addArgument(new Argument('[alias]', 'Alias to retrieve')) .action(alias => { - const value = db.tryRetrieveAlias(alias); - if (value) { + if (alias?.includes(':')) { + const value = db.retrieveAlias(alias); log(value); } else { - throw new Error(`Alias ${alias} not found`); + const aliases = db.listAliases(alias); + for (const { key, value } of aliases) { + log(`${key} -> ${value}`); + } } }); diff --git a/yarn-project/cli-wallet/src/storage/wallet_db.ts b/yarn-project/cli-wallet/src/storage/wallet_db.ts index 1c5d2d9bfccc..5c9747fa7bf0 100644 --- a/yarn-project/cli-wallet/src/storage/wallet_db.ts +++ b/yarn-project/cli-wallet/src/storage/wallet_db.ts @@ -3,6 +3,7 @@ import { type LogFn } from '@aztec/foundation/log'; import { type AztecKVStore, type AztecMap } from '@aztec/kv-store'; import { type AccountType } from '../utils/accounts.js'; +import { extractECDSAPublicKeyFromBase64String } from '../utils/ecdsa.js'; export const Aliases = ['accounts', 'contracts', 'artifacts', 'secrets', 'transactions'] as const; export type AliasType = (typeof Aliases)[number]; @@ -71,7 +72,8 @@ export class WalletDB { await this.#accounts.set(`${address.toString()}-sk`, secretKey.toBuffer()); await this.#accounts.set(`${address.toString()}-salt`, salt.toBuffer()); if (type === 'ecdsasecp256r1ssh' && publicKey) { - await this.storeAccountMetadata(address, 'publicSigningKey', Buffer.from(publicKey)); + const publicSigningKey = extractECDSAPublicKeyFromBase64String(publicKey); + await this.storeAccountMetadata(address, 'publicSigningKey', publicSigningKey); } await this.#aliases.set('accounts:last', Buffer.from(address.toString())); log(`Account stored in database with alias${alias ? `es last & ${alias}` : ' last'}`); @@ -117,6 +119,19 @@ export class WalletDB { } } + listAliases(type?: AliasType) { + let result = []; + if (type && !Aliases.includes(type)) { + throw new Error(`Unknown alias type ${type}`); + } + for (let [key, value] of this.#aliases.entries()) { + if (!type || key.startsWith(`${type}:`)) { + result.push({ key, value: value.toString() }); + } + } + return result; + } + async storeAccountMetadata(aliasOrAddress: AztecAddress | string, metadataKey: string, metadata: Buffer) { const { address } = this.retrieveAccount(aliasOrAddress); await this.#accounts.set(`${address.toString()}-${metadataKey}`, metadata); diff --git a/yarn-project/cli-wallet/src/utils/accounts.ts b/yarn-project/cli-wallet/src/utils/accounts.ts index 0661ad7cf76c..696abe7c0c50 100644 --- a/yarn-project/cli-wallet/src/utils/accounts.ts +++ b/yarn-project/cli-wallet/src/utils/accounts.ts @@ -52,7 +52,7 @@ export async function createOrRetrieveAccount( if (!foundIdentity) { throw new Error(`Identity for public key ${publicKey} not found in the SSH agent`); } - publicSigningKey = extractECDSAPublicKeyFromBase64String(publicKey); + publicSigningKey = extractECDSAPublicKeyFromBase64String(foundIdentity.publicKey); } else { throw new Error('Public key must be provided for ECDSA SSH account'); } From 986f8f1aaf2b151797222370dd287b463d08d3f4 Mon Sep 17 00:00:00 2001 From: thunkar Date: Tue, 20 Aug 2024 12:18:17 +0200 Subject: [PATCH 12/36] formatting --- yarn-project/cli-wallet/src/storage/wallet_db.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/yarn-project/cli-wallet/src/storage/wallet_db.ts b/yarn-project/cli-wallet/src/storage/wallet_db.ts index 5c9747fa7bf0..27f3b2a901b9 100644 --- a/yarn-project/cli-wallet/src/storage/wallet_db.ts +++ b/yarn-project/cli-wallet/src/storage/wallet_db.ts @@ -120,11 +120,11 @@ export class WalletDB { } listAliases(type?: AliasType) { - let result = []; + const result = []; if (type && !Aliases.includes(type)) { throw new Error(`Unknown alias type ${type}`); } - for (let [key, value] of this.#aliases.entries()) { + for (const [key, value] of this.#aliases.entries()) { if (!type || key.startsWith(`${type}:`)) { result.push({ key, value: value.toString() }); } From 3e04868e7e49bd79c4904a9f562d7eba965d254d Mon Sep 17 00:00:00 2001 From: thunkar Date: Tue, 20 Aug 2024 15:26:59 +0200 Subject: [PATCH 13/36] attempt at ci --- yarn-project/Earthfile | 5 +---- yarn-project/end-to-end/Earthfile | 2 +- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/yarn-project/Earthfile b/yarn-project/Earthfile index 8dfe901d95bf..a4680310ca2a 100644 --- a/yarn-project/Earthfile +++ b/yarn-project/Earthfile @@ -252,13 +252,10 @@ export-end-to-end: FROM +end-to-end SAVE IMAGE aztecprotocol/end-to-end:$EARTHLY_GIT_HASH -export-e2e-cli-wallet: - BUILD +export-aztec - BUILD +export-cli-wallet - export-e2e-test-images: BUILD +export-aztec BUILD +export-end-to-end + BUILD +export-cli-wallet format-check: FROM +build diff --git a/yarn-project/end-to-end/Earthfile b/yarn-project/end-to-end/Earthfile index 9adeca8c5f39..1db5d7e39608 100644 --- a/yarn-project/end-to-end/Earthfile +++ b/yarn-project/end-to-end/Earthfile @@ -274,7 +274,7 @@ e2e-cli-wallet: IF ! docker image ls --format '{{.Repository}}:{{.Tag}}' | grep "aztecprotocol/aztec:$AZTEC_DOCKER_TAG" || \ ! docker image ls --format '{{.Repository}}:{{.Tag}}' | grep "aztecprotocol/cli-wallet:$AZTEC_DOCKER_TAG" WAIT - BUILD ../+export-e2e-cli-wallet + BUILD ../+export-e2e-test-images END END # Run our docker compose, ending whenever the wallet finishes running From 4a044bad0b51a2f50d7f1e1a5926f464cdf8d062 Mon Sep 17 00:00:00 2001 From: thunkar Date: Tue, 20 Aug 2024 15:28:19 +0200 Subject: [PATCH 14/36] better comment --- aztec-up/bin/.ssh-hack | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aztec-up/bin/.ssh-hack b/aztec-up/bin/.ssh-hack index 5343a2a336f3..af6abb4f08c7 100755 --- a/aztec-up/bin/.ssh-hack +++ b/aztec-up/bin/.ssh-hack @@ -1,6 +1,6 @@ #!/bin/bash -# Mac OS hack to override the default ssh agent. The OS doesn't respect the SSH_AUTH_SOCK env var, so +# Mac OS hack to override the default ssh agent. Docker for mac doesn't respect the SSH_AUTH_SOCK env var, so # we have to get creative and symlink the default socket to the one we want to use. This script supports # doing it permanently via a launch agent. Heavily inspired by https://github.com/docker/for-mac/issues/4242#issuecomment-822027581 From fc50a0a1f4c842489d2bbf5a8c1501227d34b3c9 Mon Sep 17 00:00:00 2001 From: thunkar Date: Tue, 20 Aug 2024 15:28:48 +0200 Subject: [PATCH 15/36] fixes --- aztec-up/bin/.aztec-run | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/aztec-up/bin/.aztec-run b/aztec-up/bin/.aztec-run index 20df90b0e220..802bf5d0f2cb 100755 --- a/aztec-up/bin/.aztec-run +++ b/aztec-up/bin/.aztec-run @@ -139,7 +139,7 @@ if [[ "$ENV_VARS_TO_INJECT" == *"SSH_AUTH_SOCK"* && -n "${SSH_AUTH_SOCK:-}" ]]; echo "" exit 1 fi - # Docker never ssh agent forwarding on macOS, so we need to do this workaround if running a user other than root + # Docker never fixed ssh agent forwarding on macOS, so we need to do this workaround if running a user other than root # https://github.com/docker/for-mac/issues/4242#issuecomment-604890394 docker run --rm -it --privileged --pid=host ubuntu:noble nsenter -t 1 -m -u -n -i sh -c 'chmod o+w /run/host-services/ssh-auth.sock' "$CWD/.ssh-hack" load From 6afa2208346f2d32f1069cb3a109ecf3e8173813 Mon Sep 17 00:00:00 2001 From: thunkar Date: Tue, 20 Aug 2024 15:29:48 +0200 Subject: [PATCH 16/36] cleanup --- aztec-up/bin/.aztec-run | 6 ++---- aztec-up/bin/aztec | 4 ---- 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/aztec-up/bin/.aztec-run b/aztec-up/bin/.aztec-run index 802bf5d0f2cb..e3b26bce1214 100755 --- a/aztec-up/bin/.aztec-run +++ b/aztec-up/bin/.aztec-run @@ -11,7 +11,6 @@ DEFAULT_PORT=8080 VERSION=${VERSION:-"latest"} AZTEC_PORT=${AZTEC_PORT:-$DEFAULT_PORT} INHERIT_USER=${INHERIT_USER:-1} -SSH_AUTH_SOCK_WARNING_FILE="$(dirname $0)/ssh_auth_sock_warning.lock" if [[ -n "${NETWORK:-}" ]]; then VERSION=$NETWORK @@ -126,15 +125,14 @@ if [[ "$ENV_VARS_TO_INJECT" == *"SSH_AUTH_SOCK"* && -n "${SSH_AUTH_SOCK:-}" ]]; warn "SSH_AUTH_SOCK is set to ${SSH_AUTH_SOCK:-}. Enabling SSH agent forwarding." CWD=$(dirname $0) if [[ "$UNAME" == "Darwin" ]]; then - if [[ $SSH_AUTH_SOCK == "/private/tmp/com.apple.launchd."* && ! -f "$SSH_AUTH_SOCK_WARNING_FILE" ]]; then + if [[ $SSH_AUTH_SOCK == "/private/tmp/com.apple.launchd."* ]]; then echo "" warn "#####################################################################################" warn "# WARNING: SSH_AUTH_SOCK is set to the default macOS ssh-agent in /private/tmp/... #" warn "# Unfortunately this is not supported in Docker and specially problematic if using #" warn "# VirtioFS (https://github.com/docker/for-mac/issues/6375) #" warn "# #" - warn "# To get rid of this warning, either set SSH_AUTH_SOCK to a different value or run #" - warn "# aztec ignore-mac-os-default-ssh-agent #" + warn "# To get rid of this warning, either set SSH_AUTH_SOCK to a different value #" warn "#####################################################################################" echo "" exit 1 diff --git a/aztec-up/bin/aztec b/aztec-up/bin/aztec index e97d2bc09003..0989bb64469f 100755 --- a/aztec-up/bin/aztec +++ b/aztec-up/bin/aztec @@ -1,8 +1,6 @@ #!/usr/bin/env bash set -euo pipefail -SSH_AUTH_SOCK_WARNING_FILE="$(dirname $0)/ssh_auth_sock_warning.lock" - # Directory of env_var file TS_ENV_VAR_FILE=/usr/src/yarn-project/foundation/src/config/env_var.ts LOCAL_TS_FILE=./env_var.ts @@ -69,8 +67,6 @@ elif [ "${1:-}" == "start" ]; then readarray -t ENV_VARS_TO_INJECT <"$LOCAL_ENV_VAR_FILE" export ENV_VARS_TO_INJECT="${ENV_VARS_TO_INJECT[*]}" ENV_VARS_TO_INJECT="${ENV_VARS_TO_INJECT[*]}" INHERIT_USER=0 $(dirname $0)/.aztec-run aztecprotocol/aztec "$@" -elif [ "${1:-}" == "ignore-mac-os-default-ssh-agent" ]; then - touch $SSH_AUTH_SOCK_WARNING_FILE else ENV_VARS_TO_INJECT="SECRET_KEY" SKIP_PORT_ASSIGNMENT=1 $(dirname $0)/.aztec-run aztecprotocol/aztec "$@" fi From 89ac71f3d751f9fe6ed30bea8ce702a40353d3c7 Mon Sep 17 00:00:00 2001 From: thunkar Date: Tue, 20 Aug 2024 15:48:06 +0200 Subject: [PATCH 17/36] different strategy --- yarn-project/end-to-end/Earthfile | 29 ++----------------- .../scripts/docker-compose-wallet.yml | 8 +++-- 2 files changed, 9 insertions(+), 28 deletions(-) diff --git a/yarn-project/end-to-end/Earthfile b/yarn-project/end-to-end/Earthfile index 1db5d7e39608..366164477bcb 100644 --- a/yarn-project/end-to-end/Earthfile +++ b/yarn-project/end-to-end/Earthfile @@ -20,7 +20,8 @@ E2E_COMPOSE_TEST: ENV AZTEC_DOCKER_TAG=$(git rev-parse HEAD) # Optimize to not cause serial behavior if image already exists IF ! docker image ls --format '{{.Repository}}:{{.Tag}}' | grep "aztecprotocol/aztec:$AZTEC_DOCKER_TAG" || \ - ! docker image ls --format '{{.Repository}}:{{.Tag}}' | grep "aztecprotocol/end-to-end:$AZTEC_DOCKER_TAG" + ! docker image ls --format '{{.Repository}}:{{.Tag}}' | grep "aztecprotocol/end-to-end:$AZTEC_DOCKER_TAG" || \ + ! docker image ls --format '{{.Repository}}:{{.Tag}}' | grep "aztecprotocol/cli-wallet:$AZTEC_DOCKER_TAG" WAIT BUILD ../+export-e2e-test-images END @@ -255,28 +256,4 @@ e2e-devnet-smoke: DO +E2E_COMPOSE_TEST --test=devnet/e2e_smoke.test.ts --compose_file=scripts/docker-compose-devnet.yml e2e-cli-wallet: - ARG test - ARG compose_file=./scripts/docker-compose-wallet.yml - ARG debug="aztec:*" - ARG hardware_concurrency="" - LOCALLY - ENV TEST=$test - ENV DEBUG=$debug - ENV HARDWARE_CONCURRENCY=$hardware_concurrency - IF docker compose > /dev/null 2>&1 - LET CMD="docker compose" - ELSE - LET CMD="docker-compose" - END - # Let docker compose know about the pushed tags above - ENV AZTEC_DOCKER_TAG=$(git rev-parse HEAD) - # Optimize to not cause serial behavior if image already exists - IF ! docker image ls --format '{{.Repository}}:{{.Tag}}' | grep "aztecprotocol/aztec:$AZTEC_DOCKER_TAG" || \ - ! docker image ls --format '{{.Repository}}:{{.Tag}}' | grep "aztecprotocol/cli-wallet:$AZTEC_DOCKER_TAG" - WAIT - BUILD ../+export-e2e-test-images - END - END - # Run our docker compose, ending whenever the wallet finishes running - ENV JOB_NAME=$project_name - RUN $CMD -p e2e-cli-wallet -f $compose_file run cli-wallet --force-recreate \ No newline at end of file + DO +E2E_COMPOSE_TEST --test=e2e_cli_wallet --compose_file=scripts/docker-compose-wallet.yml \ No newline at end of file diff --git a/yarn-project/end-to-end/scripts/docker-compose-wallet.yml b/yarn-project/end-to-end/scripts/docker-compose-wallet.yml index bcd14df6a505..146b145bbf63 100644 --- a/yarn-project/end-to-end/scripts/docker-compose-wallet.yml +++ b/yarn-project/end-to-end/scripts/docker-compose-wallet.yml @@ -32,13 +32,17 @@ services: expose: - '8080' - cli-wallet: + end-to-end: image: aztecprotocol/cli-wallet:${AZTEC_DOCKER_TAG:-latest} environment: DEBUG: ${DEBUG:-aztec:*} DEBUG_COLORS: 1 PXE_URL: http://sandbox:8080 - entrypoint: './test/test.sh' + entrypoint: > + sh -c ' + while ! nc -z sandbox 8080; do sleep 1; done; + ./test/test.sh + ' volumes: - ../log:/usr/src/yarn-project/end-to-end/log:rw depends_on: From 9da367e878ac38018d32f36ca168c0859744225b Mon Sep 17 00:00:00 2001 From: thunkar Date: Tue, 20 Aug 2024 15:55:14 +0000 Subject: [PATCH 18/36] ordering --- yarn-project/Earthfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/yarn-project/Earthfile b/yarn-project/Earthfile index a4680310ca2a..262062edeef5 100644 --- a/yarn-project/Earthfile +++ b/yarn-project/Earthfile @@ -254,8 +254,8 @@ export-end-to-end: export-e2e-test-images: BUILD +export-aztec - BUILD +export-end-to-end BUILD +export-cli-wallet + BUILD +export-end-to-end format-check: FROM +build From 8cfa6d3dc6fc47726179e9ac977b8f2a3e8c1f57 Mon Sep 17 00:00:00 2001 From: thunkar Date: Tue, 20 Aug 2024 22:04:41 +0200 Subject: [PATCH 19/36] added image to workflow --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8485b19cba14..308661c5099c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -151,7 +151,7 @@ jobs: builder_type: builder-x86 # these are copied to the tester and expected by the earthly command below # if they fail to copy, it will try to build them on the tester and fail - builder_images_to_copy: aztecprotocol/aztec:${{ env.GIT_COMMIT }} aztecprotocol/end-to-end:${{ env.GIT_COMMIT }} + builder_images_to_copy: aztecprotocol/aztec:${{ env.GIT_COMMIT }} aztecprotocol/end-to-end:${{ env.GIT_COMMIT }} aztecprotocol/cli-wallet:${{ env.GIT_COMMIT }} # command to produce the images in case they don't exist builder_command: scripts/earthly-ci ./yarn-project+export-e2e-test-images run: | From 7f610ad5c0f8a5093d569f583b88ed18d16e8194 Mon Sep 17 00:00:00 2001 From: thunkar Date: Wed, 21 Aug 2024 08:34:16 +0200 Subject: [PATCH 20/36] avoid serializing another image --- yarn-project/Earthfile | 3 +-- yarn-project/end-to-end/Earthfile | 5 ++--- yarn-project/end-to-end/scripts/docker-compose-wallet.yml | 3 ++- 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/yarn-project/Earthfile b/yarn-project/Earthfile index 262062edeef5..00ec6c74d12e 100644 --- a/yarn-project/Earthfile +++ b/yarn-project/Earthfile @@ -189,7 +189,7 @@ export-aztec-faucet: # We care about creating a slimmed down e2e image because we have to serialize it from earthly to docker for running. end-to-end-prod: FROM +cli-base - RUN yarn workspaces focus @aztec/end-to-end --production && yarn cache clean + RUN yarn workspaces focus @aztec/end-to-end @aztec/cli-wallet --production && yarn cache clean COPY --dir +rollup-verifier-contract/usr/src/bb /usr/src SAVE ARTIFACT /usr/src /usr/src @@ -254,7 +254,6 @@ export-end-to-end: export-e2e-test-images: BUILD +export-aztec - BUILD +export-cli-wallet BUILD +export-end-to-end format-check: diff --git a/yarn-project/end-to-end/Earthfile b/yarn-project/end-to-end/Earthfile index 366164477bcb..3f094fccbbbd 100644 --- a/yarn-project/end-to-end/Earthfile +++ b/yarn-project/end-to-end/Earthfile @@ -20,15 +20,14 @@ E2E_COMPOSE_TEST: ENV AZTEC_DOCKER_TAG=$(git rev-parse HEAD) # Optimize to not cause serial behavior if image already exists IF ! docker image ls --format '{{.Repository}}:{{.Tag}}' | grep "aztecprotocol/aztec:$AZTEC_DOCKER_TAG" || \ - ! docker image ls --format '{{.Repository}}:{{.Tag}}' | grep "aztecprotocol/end-to-end:$AZTEC_DOCKER_TAG" || \ - ! docker image ls --format '{{.Repository}}:{{.Tag}}' | grep "aztecprotocol/cli-wallet:$AZTEC_DOCKER_TAG" + ! docker image ls --format '{{.Repository}}:{{.Tag}}' | grep "aztecprotocol/end-to-end:$AZTEC_DOCKER_TAG" WAIT BUILD ../+export-e2e-test-images END END # Run our docker compose, ending whenever sandbox ends, filtering out noisy eth_getLogs ENV JOB_NAME=$project_name - RUN $CMD -p $project_name -f $compose_file up --exit-code-from=end-to-end --force-recreate + RUN $CMD -p $project_name -f $compose_file up --exit-code-from=end-to-end --force-recreate E2E_TEST: FUNCTION diff --git a/yarn-project/end-to-end/scripts/docker-compose-wallet.yml b/yarn-project/end-to-end/scripts/docker-compose-wallet.yml index 146b145bbf63..9251730b3d36 100644 --- a/yarn-project/end-to-end/scripts/docker-compose-wallet.yml +++ b/yarn-project/end-to-end/scripts/docker-compose-wallet.yml @@ -33,11 +33,12 @@ services: - '8080' end-to-end: - image: aztecprotocol/cli-wallet:${AZTEC_DOCKER_TAG:-latest} + image: aztecprotocol/end-to-end:${AZTEC_DOCKER_TAG:-latest} environment: DEBUG: ${DEBUG:-aztec:*} DEBUG_COLORS: 1 PXE_URL: http://sandbox:8080 + workdir: /usr/src/yarn-project/cli-wallet entrypoint: > sh -c ' while ! nc -z sandbox 8080; do sleep 1; done; From 108157b0910aa510036ec470cfb0d5c7207fbfbc Mon Sep 17 00:00:00 2001 From: thunkar Date: Wed, 21 Aug 2024 08:35:19 +0200 Subject: [PATCH 21/36] fixed workflow --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index da98c6f0a315..6588dd5fb2ac 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -152,7 +152,7 @@ jobs: builder_type: builder-x86 # these are copied to the tester and expected by the earthly command below # if they fail to copy, it will try to build them on the tester and fail - builder_images_to_copy: aztecprotocol/aztec:${{ env.GIT_COMMIT }} aztecprotocol/end-to-end:${{ env.GIT_COMMIT }} aztecprotocol/cli-wallet:${{ env.GIT_COMMIT }} + builder_images_to_copy: aztecprotocol/aztec:${{ env.GIT_COMMIT }} aztecprotocol/end-to-end:${{ env.GIT_COMMIT }} # command to produce the images in case they don't exist builder_command: scripts/earthly-ci ./yarn-project+export-e2e-test-images run: | From dc20a62c0c02e6c2c9f8de6432965d9b4f1017a8 Mon Sep 17 00:00:00 2001 From: thunkar Date: Wed, 21 Aug 2024 08:51:01 +0200 Subject: [PATCH 22/36] fix docker compose --- yarn-project/end-to-end/scripts/docker-compose-wallet.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/yarn-project/end-to-end/scripts/docker-compose-wallet.yml b/yarn-project/end-to-end/scripts/docker-compose-wallet.yml index 9251730b3d36..c83ce4718836 100644 --- a/yarn-project/end-to-end/scripts/docker-compose-wallet.yml +++ b/yarn-project/end-to-end/scripts/docker-compose-wallet.yml @@ -38,7 +38,7 @@ services: DEBUG: ${DEBUG:-aztec:*} DEBUG_COLORS: 1 PXE_URL: http://sandbox:8080 - workdir: /usr/src/yarn-project/cli-wallet + working_dir: /usr/src/yarn-project/cli-wallet entrypoint: > sh -c ' while ! nc -z sandbox 8080; do sleep 1; done; From 2601ecf182d72b68cc70f72b25adde71808591f2 Mon Sep 17 00:00:00 2001 From: thunkar Date: Wed, 21 Aug 2024 09:02:15 +0200 Subject: [PATCH 23/36] add missing artifacts --- yarn-project/Earthfile | 1 + 1 file changed, 1 insertion(+) diff --git a/yarn-project/Earthfile b/yarn-project/Earthfile index 00ec6c74d12e..6e10e66464a3 100644 --- a/yarn-project/Earthfile +++ b/yarn-project/Earthfile @@ -191,6 +191,7 @@ end-to-end-prod: FROM +cli-base RUN yarn workspaces focus @aztec/end-to-end @aztec/cli-wallet --production && yarn cache clean COPY --dir +rollup-verifier-contract/usr/src/bb /usr/src + COPY --dir +build/usr/src/noir-projects/noir-contracts/target /usr/src/noir-projects/noir-contracts/target SAVE ARTIFACT /usr/src /usr/src anvil: From d9d2a21adc4ef70066089d952eb8a67913258f47 Mon Sep 17 00:00:00 2001 From: thunkar Date: Wed, 21 Aug 2024 09:07:15 +0200 Subject: [PATCH 24/36] maybe --- yarn-project/Earthfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/yarn-project/Earthfile b/yarn-project/Earthfile index 6e10e66464a3..0721521e6a81 100644 --- a/yarn-project/Earthfile +++ b/yarn-project/Earthfile @@ -191,7 +191,7 @@ end-to-end-prod: FROM +cli-base RUN yarn workspaces focus @aztec/end-to-end @aztec/cli-wallet --production && yarn cache clean COPY --dir +rollup-verifier-contract/usr/src/bb /usr/src - COPY --dir +build/usr/src/noir-projects/noir-contracts/target /usr/src/noir-projects/noir-contracts/target + COPY --dir +build-dev/usr/src/noir-projects/noir-contracts/target /usr/src/noir-projects/noir-contracts/target SAVE ARTIFACT /usr/src /usr/src anvil: From 16962565bd47b28f99c8900c07f93b135a4c4dfa Mon Sep 17 00:00:00 2001 From: thunkar Date: Wed, 21 Aug 2024 09:38:14 +0200 Subject: [PATCH 25/36] fix --- yarn-project/end-to-end/scripts/docker-compose-wallet.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/yarn-project/end-to-end/scripts/docker-compose-wallet.yml b/yarn-project/end-to-end/scripts/docker-compose-wallet.yml index c83ce4718836..267a98af17f1 100644 --- a/yarn-project/end-to-end/scripts/docker-compose-wallet.yml +++ b/yarn-project/end-to-end/scripts/docker-compose-wallet.yml @@ -38,11 +38,11 @@ services: DEBUG: ${DEBUG:-aztec:*} DEBUG_COLORS: 1 PXE_URL: http://sandbox:8080 - working_dir: /usr/src/yarn-project/cli-wallet + working_dir: /usr/src/yarn-project/cli-wallet/test entrypoint: > sh -c ' while ! nc -z sandbox 8080; do sleep 1; done; - ./test/test.sh + ./test.sh ' volumes: - ../log:/usr/src/yarn-project/end-to-end/log:rw From 4c1e286bf685ecb0b23018b2720420805345a2a1 Mon Sep 17 00:00:00 2001 From: thunkar Date: Wed, 21 Aug 2024 09:51:19 +0200 Subject: [PATCH 26/36] fix --- yarn-project/Earthfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/yarn-project/Earthfile b/yarn-project/Earthfile index 0721521e6a81..a29007af1239 100644 --- a/yarn-project/Earthfile +++ b/yarn-project/Earthfile @@ -191,7 +191,7 @@ end-to-end-prod: FROM +cli-base RUN yarn workspaces focus @aztec/end-to-end @aztec/cli-wallet --production && yarn cache clean COPY --dir +rollup-verifier-contract/usr/src/bb /usr/src - COPY --dir +build-dev/usr/src/noir-projects/noir-contracts/target /usr/src/noir-projects/noir-contracts/target + COPY --dir +build-dev/usr/src/noir-projects/noir-contracts /usr/src/noir-projects/noir-contracts SAVE ARTIFACT /usr/src /usr/src anvil: From 3a4acf3cfae10865b4a453f3cdf2cee3c4ad983a Mon Sep 17 00:00:00 2001 From: thunkar Date: Wed, 21 Aug 2024 10:18:49 +0200 Subject: [PATCH 27/36] fix image --- yarn-project/end-to-end/scripts/docker-compose-wallet.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/yarn-project/end-to-end/scripts/docker-compose-wallet.yml b/yarn-project/end-to-end/scripts/docker-compose-wallet.yml index 267a98af17f1..6c30f54a345a 100644 --- a/yarn-project/end-to-end/scripts/docker-compose-wallet.yml +++ b/yarn-project/end-to-end/scripts/docker-compose-wallet.yml @@ -37,6 +37,8 @@ services: environment: DEBUG: ${DEBUG:-aztec:*} DEBUG_COLORS: 1 + ETHEREUM_HOST: http://fork:8545 + L1_CHAIN_ID: 31337 PXE_URL: http://sandbox:8080 working_dir: /usr/src/yarn-project/cli-wallet/test entrypoint: > From d1eca8b681ade79a6d23cbca26ecf8dead5cd8b6 Mon Sep 17 00:00:00 2001 From: thunkar Date: Wed, 21 Aug 2024 10:26:42 +0200 Subject: [PATCH 28/36] remove unused command --- aztec-up/bin/.ssh-hack | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/aztec-up/bin/.ssh-hack b/aztec-up/bin/.ssh-hack index af6abb4f08c7..1ab109d7f0cc 100755 --- a/aztec-up/bin/.ssh-hack +++ b/aztec-up/bin/.ssh-hack @@ -12,7 +12,6 @@ ORIGINAL_SSH_AUTH_SOCK=$(launchctl asuser "${UID:-"$(id -u)"}" launchctl getenv if [ "${2:-}" == "--permanent" ]; then if [ "${1:-}" == "load" ]; then - launchctl stop $(id -u)/com.openssh.ssh-agent mv $ORIGINAL_SSH_AUTH_SOCK $ORIGINAL_SSH_AUTH_SOCK.bak cat "$TEMPLATE_FILE" | sed -e "s+NEW_SSH_AUTH_SOCK+$SSH_AUTH_SOCK+g" | sed -e "s+ORIGINAL_SSH_AUTH_SOCK+$ORIGINAL_SSH_AUTH_SOCK+g" > "$LINK_FILE" launchctl load -F "$LINK_FILE" @@ -30,4 +29,4 @@ else rm -rf $ORIGINAL_SSH_AUTH_SOCK mv $ORIGINAL_SSH_AUTH_SOCK.bak $ORIGINAL_SSH_AUTH_SOCK fi -fi \ No newline at end of file +fi \ No newline at end of file From a7df500719d70276e5763a4675fc53edc6906fc0 Mon Sep 17 00:00:00 2001 From: thunkar Date: Wed, 21 Aug 2024 12:56:58 +0200 Subject: [PATCH 29/36] testing socat solution --- aztec-up/bin/.aztec-run | 35 ++------------------ yarn-project/cli-wallet/Dockerfile | 4 ++- yarn-project/cli-wallet/wallet-entrypoint.sh | 4 +++ 3 files changed, 10 insertions(+), 33 deletions(-) create mode 100644 yarn-project/cli-wallet/wallet-entrypoint.sh diff --git a/aztec-up/bin/.aztec-run b/aztec-up/bin/.aztec-run index e3b26bce1214..70321d7bff0f 100755 --- a/aztec-up/bin/.aztec-run +++ b/aztec-up/bin/.aztec-run @@ -120,38 +120,10 @@ if [[ -z "${SKIP_PORT_ASSIGNMENT:-}" ]]; then port_assignment="-p $AZTEC_PORT:$AZTEC_PORT" fi -ssh_agent_forwarding="" if [[ "$ENV_VARS_TO_INJECT" == *"SSH_AUTH_SOCK"* && -n "${SSH_AUTH_SOCK:-}" ]]; then - warn "SSH_AUTH_SOCK is set to ${SSH_AUTH_SOCK:-}. Enabling SSH agent forwarding." - CWD=$(dirname $0) - if [[ "$UNAME" == "Darwin" ]]; then - if [[ $SSH_AUTH_SOCK == "/private/tmp/com.apple.launchd."* ]]; then - echo "" - warn "#####################################################################################" - warn "# WARNING: SSH_AUTH_SOCK is set to the default macOS ssh-agent in /private/tmp/... #" - warn "# Unfortunately this is not supported in Docker and specially problematic if using #" - warn "# VirtioFS (https://github.com/docker/for-mac/issues/6375) #" - warn "# #" - warn "# To get rid of this warning, either set SSH_AUTH_SOCK to a different value #" - warn "#####################################################################################" - echo "" - exit 1 - fi - # Docker never fixed ssh agent forwarding on macOS, so we need to do this workaround if running a user other than root - # https://github.com/docker/for-mac/issues/4242#issuecomment-604890394 - docker run --rm -it --privileged --pid=host ubuntu:noble nsenter -t 1 -m -u -n -i sh -c 'chmod o+w /run/host-services/ssh-auth.sock' - "$CWD/.ssh-hack" load - DOCKER_SSH_AUTH_SOCK="/run/host-services/ssh-auth.sock" - ssh_agent_forwarding="-v $DOCKER_SSH_AUTH_SOCK:$DOCKER_SSH_AUTH_SOCK" - DOCKER_ENV+=" -e SSH_AUTH_SOCK=$DOCKER_SSH_AUTH_SOCK" - ssh_hack_unload() { - $CWD/.ssh-hack unload - } - trap ssh_hack_unload EXIT - else - ssh_agent_forwarding="-v $(realpath $SSH_AUTH_SOCK):$SSH_AUTH_SOCK" - DOCKER_ENV+=" -e SSH_AUTH_SOCK=$SSH_AUTH_SOCK" - fi + warn "SSH_AUTH_SOCK is set to ${SSH_AUTH_SOCK:-}. Enabling SSH agent forwarding via socat" + socat TCP-LISTEN:12345,reuseaddr,fork UNIX-CLIENT:$SSH_AUTH_SOCK & + trap "trap - SIGTERM && kill -- -$$" SIGINT SIGTERM EXIT fi docker run \ @@ -159,7 +131,6 @@ docker run \ --rm \ --workdir "$PWD" \ -v $HOME:$HOME -v cache:/cache \ - $ssh_agent_forwarding \ $port_assignment \ ${DOCKER_ENV:-} \ ${DOCKER_HOST_BINDS:-} \ diff --git a/yarn-project/cli-wallet/Dockerfile b/yarn-project/cli-wallet/Dockerfile index c047867868c1..ac6d6f3f3279 100644 --- a/yarn-project/cli-wallet/Dockerfile +++ b/yarn-project/cli-wallet/Dockerfile @@ -1,6 +1,8 @@ FROM aztecprotocol/yarn-project AS yarn-project -ENTRYPOINT ["node", "--no-warnings", "/usr/src/yarn-project/cli-wallet/dest/bin/index.js"] +RUN apt update && apt install socat -y + +ENTRYPOINT ["/usr/src/yarn-project/cli-wallet/wallet-entrypoint.sh"] # The version has been updated in yarn-project. # Adding COMMIT_TAG here to rebuild versioned image. diff --git a/yarn-project/cli-wallet/wallet-entrypoint.sh b/yarn-project/cli-wallet/wallet-entrypoint.sh new file mode 100644 index 000000000000..f45cff3a171a --- /dev/null +++ b/yarn-project/cli-wallet/wallet-entrypoint.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +socat UNIX-LISTEN:$HOME/ssh-agent.sock,fork TCP:host.docker.internal:12345 & +SSH_AUTH_SOCK="$HOME/ssh-agent.sock" node --no-warnings /usr/src/yarn-project/cli-wallet/dest/bin/index.js \ No newline at end of file From 0a8f7565c4c08afc5ae83c42857d259df2b9320b Mon Sep 17 00:00:00 2001 From: thunkar Date: Wed, 21 Aug 2024 13:30:22 +0200 Subject: [PATCH 30/36] updated approach --- aztec-up/bin/.aztec-run | 7 ++++--- yarn-project/cli-wallet/wallet-entrypoint.sh | 4 ++-- 2 files changed, 6 insertions(+), 5 deletions(-) mode change 100644 => 100755 yarn-project/cli-wallet/wallet-entrypoint.sh diff --git a/aztec-up/bin/.aztec-run b/aztec-up/bin/.aztec-run index 70321d7bff0f..a959874995d4 100755 --- a/aztec-up/bin/.aztec-run +++ b/aztec-up/bin/.aztec-run @@ -122,8 +122,10 @@ fi if [[ "$ENV_VARS_TO_INJECT" == *"SSH_AUTH_SOCK"* && -n "${SSH_AUTH_SOCK:-}" ]]; then warn "SSH_AUTH_SOCK is set to ${SSH_AUTH_SOCK:-}. Enabling SSH agent forwarding via socat" - socat TCP-LISTEN:12345,reuseaddr,fork UNIX-CLIENT:$SSH_AUTH_SOCK & - trap "trap - SIGTERM && kill -- -$$" SIGINT SIGTERM EXIT + socat TCP-LISTEN:${SSH_AUTH_SOCK_SOCAT_PORT:-12345},reuseaddr,fork UNIX-CLIENT:$SSH_AUTH_SOCK & + SOCAT_PID=$! + trap "kill -9 $SOCAT_PID" SIGINT SIGTERM EXIT + DOCKER_ENV+=" -e SSH_AUTH_SOCK_SOCAT_PORT=${SSH_AUTH_SOCK_SOCAT_PORT:-12345}" fi docker run \ @@ -134,5 +136,4 @@ docker run \ $port_assignment \ ${DOCKER_ENV:-} \ ${DOCKER_HOST_BINDS:-} \ - ${DOCKER_USER:-} \ $IMAGE:$VERSION ${preserved_args[@]:-} \ No newline at end of file diff --git a/yarn-project/cli-wallet/wallet-entrypoint.sh b/yarn-project/cli-wallet/wallet-entrypoint.sh old mode 100644 new mode 100755 index f45cff3a171a..6963cbe8d848 --- a/yarn-project/cli-wallet/wallet-entrypoint.sh +++ b/yarn-project/cli-wallet/wallet-entrypoint.sh @@ -1,4 +1,4 @@ #!/bin/bash -socat UNIX-LISTEN:$HOME/ssh-agent.sock,fork TCP:host.docker.internal:12345 & -SSH_AUTH_SOCK="$HOME/ssh-agent.sock" node --no-warnings /usr/src/yarn-project/cli-wallet/dest/bin/index.js \ No newline at end of file +socat UNIX-LISTEN:$HOME/ssh-agent.internal.sock,fork TCP:host.docker.internal:${SSH_AUTH_SOCK_SOCAT_PORT} & +SSH_AUTH_SOCK="$HOME/ssh-agent.internal.sock" node --no-warnings /usr/src/yarn-project/cli-wallet/dest/bin/index.js $@ \ No newline at end of file From cc5f7be0c73323687294576cf01bbeece1d66f72 Mon Sep 17 00:00:00 2001 From: thunkar Date: Wed, 21 Aug 2024 13:36:51 +0200 Subject: [PATCH 31/36] removed hacks --- aztec-up/bin/.ssh-hack | 32 ------------------- .../bin/link-ssh-auth-sock.plist.template | 16 ---------- 2 files changed, 48 deletions(-) delete mode 100755 aztec-up/bin/.ssh-hack delete mode 100644 aztec-up/bin/link-ssh-auth-sock.plist.template diff --git a/aztec-up/bin/.ssh-hack b/aztec-up/bin/.ssh-hack deleted file mode 100755 index 1ab109d7f0cc..000000000000 --- a/aztec-up/bin/.ssh-hack +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/bash - -# Mac OS hack to override the default ssh agent. Docker for mac doesn't respect the SSH_AUTH_SOCK env var, so -# we have to get creative and symlink the default socket to the one we want to use. This script supports -# doing it permanently via a launch agent. Heavily inspired by https://github.com/docker/for-mac/issues/4242#issuecomment-822027581 - -CWD=$(dirname $0) - -LINK_FILE="$HOME/Library/LaunchAgents/link-ssh-auth-sock.plist" -TEMPLATE_FILE="$CWD/link-ssh-auth-sock.plist.template" -ORIGINAL_SSH_AUTH_SOCK=$(launchctl asuser "${UID:-"$(id -u)"}" launchctl getenv SSH_AUTH_SOCK) - -if [ "${2:-}" == "--permanent" ]; then - if [ "${1:-}" == "load" ]; then - mv $ORIGINAL_SSH_AUTH_SOCK $ORIGINAL_SSH_AUTH_SOCK.bak - cat "$TEMPLATE_FILE" | sed -e "s+NEW_SSH_AUTH_SOCK+$SSH_AUTH_SOCK+g" | sed -e "s+ORIGINAL_SSH_AUTH_SOCK+$ORIGINAL_SSH_AUTH_SOCK+g" > "$LINK_FILE" - launchctl load -F "$LINK_FILE" - elif [ "${1:-}" == "unload" ] && [ -e "$LINK_FILE" ]; then - launchctl unload -F "$LINK_FILE" - rm -rf "$LINK_FILE" - rm -rf $ORIGINAL_SSH_AUTH_SOCK - mv $ORIGINAL_SSH_AUTH_SOCK.bak $ORIGINAL_SSH_AUTH_SOCK - fi -else - if [ "${1:-}" == "load" ]; then - mv $ORIGINAL_SSH_AUTH_SOCK $ORIGINAL_SSH_AUTH_SOCK.bak - ln -sf $SSH_AUTH_SOCK $ORIGINAL_SSH_AUTH_SOCK - elif [ "${1:-}" == "unload" ]; then - rm -rf $ORIGINAL_SSH_AUTH_SOCK - mv $ORIGINAL_SSH_AUTH_SOCK.bak $ORIGINAL_SSH_AUTH_SOCK - fi -fi \ No newline at end of file diff --git a/aztec-up/bin/link-ssh-auth-sock.plist.template b/aztec-up/bin/link-ssh-auth-sock.plist.template deleted file mode 100644 index 83d060941320..000000000000 --- a/aztec-up/bin/link-ssh-auth-sock.plist.template +++ /dev/null @@ -1,16 +0,0 @@ - - - - - Label - link-ssh-auth-sock - ProgramArguments - - /bin/sh - -c - /bin/ln -sf NEW_SSH_AUTH_SOCK ORIGINAL_SSH_AUTH_SOCK - - RunAtLoad - - - \ No newline at end of file From cffa386ba82f57e237d1076578bc584c0059e47b Mon Sep 17 00:00:00 2001 From: thunkar Date: Wed, 21 Aug 2024 13:54:13 +0000 Subject: [PATCH 32/36] better entrypoint --- yarn-project/cli-wallet/wallet-entrypoint.sh | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/yarn-project/cli-wallet/wallet-entrypoint.sh b/yarn-project/cli-wallet/wallet-entrypoint.sh index 6963cbe8d848..c44869759db1 100755 --- a/yarn-project/cli-wallet/wallet-entrypoint.sh +++ b/yarn-project/cli-wallet/wallet-entrypoint.sh @@ -1,4 +1,13 @@ #!/bin/bash -socat UNIX-LISTEN:$HOME/ssh-agent.internal.sock,fork TCP:host.docker.internal:${SSH_AUTH_SOCK_SOCAT_PORT} & -SSH_AUTH_SOCK="$HOME/ssh-agent.internal.sock" node --no-warnings /usr/src/yarn-project/cli-wallet/dest/bin/index.js $@ \ No newline at end of file +SOCKET="$HOME/.aztec/aztec-wallet-$RANDOM.sock" + +cleanup() { + kill -9 $SOCAT_PID + rm -rf $SOCKET +} + +socat UNIX-LISTEN:$SOCKET,fork TCP:host.docker.internal:${SSH_AUTH_SOCK_SOCAT_PORT} & +SOCAT_PID=$! +trap cleanup EXIT SIGKILL SIGTERM +SSH_AUTH_SOCK="$SOCKET" node --no-warnings /usr/src/yarn-project/cli-wallet/dest/bin/index.js $@ From 0ed67c91b074e44ee5bad117f0d614b015d35a87 Mon Sep 17 00:00:00 2001 From: thunkar Date: Wed, 21 Aug 2024 13:57:27 +0000 Subject: [PATCH 33/36] added socat check --- aztec-up/bin/aztec-install | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/aztec-up/bin/aztec-install b/aztec-up/bin/aztec-install index 71eecbbe7855..6a459e77151b 100755 --- a/aztec-up/bin/aztec-install +++ b/aztec-up/bin/aztec-install @@ -75,6 +75,11 @@ if ! command -v docker &>/dev/null; then exit 1 fi +if ! command -v socat &> /dev/null; then + echo "Socat is not installed. Please install socat and try again." + exit 1 +fi + # Check if Docker is running. if ! docker info &>/dev/null; then warn "Docker is not running. Please start Docker and try again." From 7a8de401672bf9f67dc8c82697b8d86aa2d4172e Mon Sep 17 00:00:00 2001 From: thunkar Date: Wed, 21 Aug 2024 14:43:46 +0000 Subject: [PATCH 34/36] restored user override --- aztec-up/bin/.aztec-run | 1 + 1 file changed, 1 insertion(+) diff --git a/aztec-up/bin/.aztec-run b/aztec-up/bin/.aztec-run index a959874995d4..6a9ce24361e8 100755 --- a/aztec-up/bin/.aztec-run +++ b/aztec-up/bin/.aztec-run @@ -136,4 +136,5 @@ docker run \ $port_assignment \ ${DOCKER_ENV:-} \ ${DOCKER_HOST_BINDS:-} \ + ${DOCKER_USER:-} \ $IMAGE:$VERSION ${preserved_args[@]:-} \ No newline at end of file From 53ee7fafeda5cc350cc875983483c2db2a57b4e6 Mon Sep 17 00:00:00 2001 From: thunkar Date: Wed, 21 Aug 2024 14:48:47 +0000 Subject: [PATCH 35/36] updated earthly build for wallet --- yarn-project/Earthfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/yarn-project/Earthfile b/yarn-project/Earthfile index a29007af1239..3d5f3864c433 100644 --- a/yarn-project/Earthfile +++ b/yarn-project/Earthfile @@ -132,9 +132,9 @@ cli-wallet-build: cli-wallet: FROM ubuntu:noble - RUN apt update && apt install nodejs curl -y && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + RUN apt update && apt install nodejs curl socat -y && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* COPY +cli-wallet-build/usr/src /usr/src - ENTRYPOINT ["node", "--no-warnings", "/usr/src/yarn-project/cli-wallet/dest/bin/index.js"] + ENTRYPOINT ["/usr/src/yarn-project/cli-wallet/wallet-entrypoint.sh"] export-cli-wallet: FROM +cli-wallet From 1ef23c7e7500ced64168d315117cbc8ef2b8e8f4 Mon Sep 17 00:00:00 2001 From: thunkar Date: Wed, 21 Aug 2024 14:56:41 +0000 Subject: [PATCH 36/36] handle no SSH_AUTH_SOCK --- yarn-project/cli-wallet/wallet-entrypoint.sh | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/yarn-project/cli-wallet/wallet-entrypoint.sh b/yarn-project/cli-wallet/wallet-entrypoint.sh index c44869759db1..fc02dabead53 100755 --- a/yarn-project/cli-wallet/wallet-entrypoint.sh +++ b/yarn-project/cli-wallet/wallet-entrypoint.sh @@ -1,13 +1,16 @@ #!/bin/bash -SOCKET="$HOME/.aztec/aztec-wallet-$RANDOM.sock" cleanup() { kill -9 $SOCAT_PID rm -rf $SOCKET } -socat UNIX-LISTEN:$SOCKET,fork TCP:host.docker.internal:${SSH_AUTH_SOCK_SOCAT_PORT} & -SOCAT_PID=$! -trap cleanup EXIT SIGKILL SIGTERM -SSH_AUTH_SOCK="$SOCKET" node --no-warnings /usr/src/yarn-project/cli-wallet/dest/bin/index.js $@ +if [[ -n "${SSH_AUTH_SOCK_SOCAT_PORT:-}" ]]; then + SOCKET="$HOME/.aztec/aztec-wallet-$RANDOM.sock" + socat UNIX-LISTEN:$SOCKET,fork TCP:host.docker.internal:${SSH_AUTH_SOCK_SOCAT_PORT} & + SOCAT_PID=$! + trap cleanup EXIT SIGKILL SIGTERM +fi + +SSH_AUTH_SOCK="${SOCKET:-}" node --no-warnings /usr/src/yarn-project/cli-wallet/dest/bin/index.js $@