Skip to content
This repository has been archived by the owner on Nov 15, 2023. It is now read-only.

Commit

Permalink
Merge branch 'master' into ao-optional-polkadot-runtime
Browse files Browse the repository at this point in the history 
* master:
  Bump tokio from 1.10.1 to 1.11.0 (#3821)
  Add words to the dictionnary (#3819)
  Add vault secrets to puplish-rustdoc job (#3816)
  Change pipeline to use Vault (#3722)
  Don't drop UMP queue items if weight exhausted (#3784)
  Fix flaky availability-recovery test (#3812)
  participate in disputes only if haven't voted already (#3796)
  • Loading branch information
@ordian
ordian committed Sep 9, 2021
2 parents 85e3fc5 + ea8b360 commit d10d891
Show file tree
Hide file tree
Showing 12 changed files with 452 additions and 368 deletions.
64 changes: 62 additions & 2 deletions .gitlab-ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,9 @@ variables:
CI_SERVER_NAME: "GitLab CI"
DOCKER_OS: "debian:stretch"
ARCH: "x86_64"
VAULT_SERVER_URL: "https://vault.parity-mgmt-vault.parity.io"
VAULT_AUTH_PATH: "gitlab-parity-io-jwt"
VAULT_AUTH_ROLE: "cicd_gitlab_parity_${CI_PROJECT_NAME}"

default:
cache: {}
Expand Down Expand Up @@ -84,13 +87,63 @@ default:
when: never
- if: $CI_COMMIT_REF_NAME =~ /^[0-9]+$/ # PRs

#### Vault secrets
.vault-secrets: &vault-secrets
secrets:
AWS_ACCESS_KEY_ID:
vault: cicd/gitlab/$CI_PROJECT_PATH/AWS_ACCESS_KEY_ID@kv
file: false
AWS_SECRET_ACCESS_KEY:
vault: cicd/gitlab/$CI_PROJECT_PATH/AWS_SECRET_ACCESS_KEY@kv
file: false
DOCKER_HUB_USER:
vault: cicd/gitlab/parity/DOCKER_HUB_USER@kv
file: false
DOCKER_HUB_PASS:
vault: cicd/gitlab/parity/DOCKER_HUB_PASS@kv
file: false
GITHUB_PR_TOKEN:
vault: cicd/gitlab/parity/GITHUB_PR_TOKEN@kv
file: false
GITHUB_USER:
vault: cicd/gitlab/$CI_PROJECT_PATH/GITHUB_USER@kv
file: false
GITHUB_RELEASE_TOKEN:
vault: cicd/gitlab/$CI_PROJECT_PATH/GITHUB_RELEASE_TOKEN@kv
file: false
GITHUB_TOKEN:
vault: cicd/gitlab/$CI_PROJECT_PATH/GITHUB_TOKEN@kv
file: false
MATRIX_ACCESS_TOKEN:
vault: cicd/gitlab/$CI_PROJECT_PATH/MATRIX_ACCESS_TOKEN@kv
file: false
MATRIX_ROOM_ID:
vault: cicd/gitlab/$CI_PROJECT_PATH/MATRIX_ROOM_ID@kv
file: false
PARITYPR_USER:
vault: cicd/gitlab/$CI_PROJECT_PATH/PARITYPR_USER@kv
file: false
PARITYPR_PASS:
vault: cicd/gitlab/$CI_PROJECT_PATH/PARITYPR_PASS@kv
file: false
PIPELINE_TOKEN:
vault: cicd/gitlab/$CI_PROJECT_PATH/PIPELINE_TOKEN@kv
file: false
REL_MAN_ROOM_ID:
vault: cicd/gitlab/$CI_PROJECT_PATH/REL_MAN_ROOM_ID@kv
file: false
SSH_PRIVATE_KEY:
vault: cicd/gitlab/$CI_PROJECT_PATH/SSH_PRIVATE_KEY@kv
file: false

#### stage: test

check-runtime:
stage: test
image: paritytech/tools:latest
<<: *kubernetes-env
<<: *rules-pr-only
<<: *vault-secrets
variables:
GITLAB_API: "https://gitlab.parity.io/api/v4"
GITHUB_API_PROJECT: "parity%2Finfrastructure%2Fgithub-api"
Expand Down Expand Up @@ -120,6 +173,7 @@ test-deterministic-wasm:
<<: *rules-test
<<: *docker-env
<<: *compiler-info
<<: *vault-secrets
script:
- ./scripts/gitlab/test_deterministic_wasm.sh

Expand All @@ -128,6 +182,7 @@ test-build-linux-stable:
<<: *docker-env
<<: *compiler-info
<<: *collect-artifacts
<<: *vault-secrets
variables:
RUST_TOOLCHAIN: stable
# Enable debug assertions since we are running optimized builds for testing
Expand Down Expand Up @@ -162,6 +217,7 @@ check-runtime-benchmarks:
<<: *rules-test
<<: *docker-env
<<: *compiler-info
<<: *vault-secrets
script:
# Check that the node will compile with `runtime-benchmarks` feature flag.
- ./scripts/gitlab/check_runtime_benchmarks.sh
Expand Down Expand Up @@ -207,6 +263,7 @@ check-transaction-versions:
stage: build
<<: *rules-test
<<: *docker-env
<<: *vault-secrets
needs:
- job: test-build-linux-stable
artifacts: true
Expand Down Expand Up @@ -251,6 +308,7 @@ build-rustdoc:

.build-push-image: &build-push-image
<<: *kubernetes-env
<<: *vault-secrets
image: quay.io/buildah/stable
variables: &image-variables
GIT_STRATEGY: none
Expand Down Expand Up @@ -303,8 +361,8 @@ publish-polkadot-image:
variables:
<<: *image-variables
IMAGE_NAME: docker.io/parity/rococo
DOCKER_USER: ${Docker_Hub_User_Parity}
DOCKER_PASS: ${Docker_Hub_Pass_Parity}
DOCKER_USER: ${DOCKER_HUB_USER}
DOCKER_PASS: ${DOCKER_HUB_PASS}
needs:
- job: test-build-linux-stable
artifacts: true
Expand Down Expand Up @@ -380,6 +438,7 @@ publish-s3-release: &publish-s3
- job: test-build-linux-stable
artifacts: true
<<: *kubernetes-env
<<: *vault-secrets
image: paritytech/awscli:latest
variables:
GIT_STRATEGY: none
Expand Down Expand Up @@ -415,6 +474,7 @@ publish-s3-release: &publish-s3
publish-rustdoc:
stage: publish
<<: *kubernetes-env
<<: *vault-secrets
image: paritytech/tools:latest
variables:
GIT_DEPTH: 100
Expand Down
4 changes: 2 additions & 2 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions bridges/.config/lingua.dic
View file
Original file line number Diff line number Diff line change
Expand Up @@ -106,8 +106,8 @@ pov-block/MS
PoA
PoV/MS
precommit
promethius
promethius'
prometheus
proxying
prune_end
prune_depth
provisioner/MS
Expand Down
39 changes: 30 additions & 9 deletions node/core/dispute-coordinator/src/real/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ use polkadot_node_subsystem_util::rolling_session_window::{
};
use polkadot_primitives::v1::{
BlockNumber, CandidateHash, CandidateReceipt, DisputeStatement, Hash, SessionIndex,
SessionInfo, ValidatorIndex, ValidatorPair, ValidatorSignature,
SessionInfo, ValidatorId, ValidatorIndex, ValidatorPair, ValidatorSignature,
};

use futures::{channel::oneshot, prelude::*};
Expand Down Expand Up @@ -745,8 +745,15 @@ async fn handle_import_statements(
if status != prev_status {
// This branch is only hit when the candidate is freshly disputed -
// status was previously `None`, and now is not.
if prev_status.is_none() {
// No matter what, if the dispute is new, we participate.
if prev_status.is_none() && {
let controlled_indices =
find_controlled_validator_indices(&state.keystore, &validators);
let voted_indices = votes.voted_indices();

!controlled_indices.iter().all(|val_index| voted_indices.contains(&val_index))
} {
// If the dispute is new, we participate UNLESS all our controlled
// keys have already participated.
//
// We also block the coordinator while awaiting our determination
// of whether the vote is available.
Expand Down Expand Up @@ -792,6 +799,22 @@ async fn handle_import_statements(
Ok(())
}

fn find_controlled_validator_indices(
keystore: &LocalKeystore,
validators: &[ValidatorId],
) -> HashSet<ValidatorIndex> {
let mut controlled = HashSet::new();
for (index, validator) in validators.iter().enumerate() {
if keystore.key_pair::<ValidatorPair>(validator).ok().flatten().is_none() {
continue
}

controlled.insert(ValidatorIndex(index as _));
}

controlled
}

async fn issue_local_statement(
ctx: &mut impl SubsystemContext,
overlay_db: &mut OverlayedBackend<'_, impl Backend>,
Expand Down Expand Up @@ -833,22 +856,20 @@ async fn issue_local_statement(
let mut statements = Vec::new();

let voted_indices: HashSet<_> = voted_indices.into_iter().collect();
for (index, validator) in validators.iter().enumerate() {
let index = ValidatorIndex(index as _);
let controlled_indices = find_controlled_validator_indices(&state.keystore, &validators[..]);

for index in controlled_indices {
if voted_indices.contains(&index) {
continue
}
if state.keystore.key_pair::<ValidatorPair>(validator).ok().flatten().is_none() {
continue
}

let keystore = state.keystore.clone() as Arc<_>;
let res = SignedDisputeStatement::sign_explicit(
&keystore,
valid,
candidate_hash,
session,
validator.clone(),
validators[index.0 as usize].clone(),
)
.await;

Expand Down
Loading

0 comments on commit d10d891

Please sign in to comment.