feat(cat-gateway): adds deployment

.config/dictionaries/project.dic

@@ -102,6 +102,7 @@ endfunction
 Eternl
 EUTXO
 extn
+eventdb
 fetchval
 Filecoin
 fmtchk
@@ -152,6 +153,7 @@ keychains
 Keyhash
 keyserver
 keyspace
+keyspaces
 KUBECONFIG
 kubernetescrd
 kubetail
@@ -254,6 +256,7 @@ ripgrep
 ristretto
 rlib
 rngs
+rolname
 RPATH
 ruleset
 rustc
@@ -306,6 +309,7 @@ Toastify
 todos
 toggleable
 tojunit
+tolerations
 tomjs
 topbar
 Traceback

catalyst-gateway/Earthfile

@@ -84,9 +84,16 @@ all-hosts-build:
 # package : Create a deployable container for catalyst-gateway
 package:
     FROM debian:12.7-slim
-    WORKDIR /cat-gateway
+
+    WORKDIR /app
+    RUN apt-get update && apt-get install -y curl python3 python3-pip
+    RUN pip3 install --break-system-packages cqlsh
+    RUN curl https://certs.secureserver.net/repository/sf-class2-root.crt -o /tmp/keyspaces.crt
+
     COPY +build/cat-gateway .
-    ENTRYPOINT [ "./cat-gateway", "run" ]
+    COPY entrypoint.sh .
+
+    ENTRYPOINT [ "/bin/bash", "entrypoint.sh" ]
 
 # Publish cat-gateway
 docker:

catalyst-gateway/bin/src/db/index/schema/cql/namespace.cql

@@ -1,4 +1,3 @@
 -- Create the namespace in the DB.
 -- Template.
-CREATE KEYSPACE IF NOT EXISTS {{keyspace}}
-    With replication = {'class': 'NetworkTopologyStrategy','replication_factor': 1};
+CREATE KEYSPACE IF NOT EXISTS {{keyspace}} WITH REPLICATION =  {{options}};

catalyst-gateway/bin/src/db/index/schema/mod.rs

@@ -187,7 +187,10 @@ async fn create_namespace(
     // which transforms `<`, `>` symbols to `&lt`, `&gt`
     reg.register_escape_fn(|s| s.into());
     let query = reg
-        .render_template(CREATE_NAMESPACE_CQL, &json!({"keyspace": keyspace}))
+        .render_template(
+            CREATE_NAMESPACE_CQL,
+            &json!({"keyspace": keyspace,"options": cfg.deployment.clone().to_string()}),
+        )
         .context(format!("Keyspace: {keyspace}"))?;
 
     // Create the Keyspace if it doesn't exist already.

catalyst-gateway/bin/src/service/api/health/live_get.rs

@@ -22,6 +22,7 @@ fn is_live() -> bool {
 
 /// Endpoint responses.
 #[derive(ApiResponse)]
+#[allow(dead_code)]
 pub(crate) enum Responses {
     /// Service is OK and can keep running.
     #[oai(status = 204)]
@@ -45,9 +46,11 @@ pub(crate) type AllResponses = WithErrorResponses<Responses>;
 /// by an endpoint in a short window.
 #[allow(clippy::unused_async)]
 pub(crate) async fn endpoint() -> AllResponses {
-    if is_live() {
-        Responses::NoContent.into()
-    } else {
-        Responses::ServiceUnavailable.into()
-    }
+    // TODO: Needs engineering discussion
+    // if is_live() {
+    // Responses::NoContent.into()
+    // } else {
+    // Responses::ServiceUnavailable.into()
+    // }
+    Responses::NoContent.into()
 }

catalyst-gateway/bin/src/service/api/health/mod.rs

@@ -1,7 +1,10 @@
 //! Health Endpoints
 use poem_openapi::{param::Query, OpenApi};
 
-use crate::service::common::{auth::api_key::InternalApiKeyAuthorization, tags::ApiTags};
+use crate::service::common::{
+    auth::{api_key::InternalApiKeyAuthorization, none::NoAuthorization},
+    tags::ApiTags,
+};
 
 mod inspection_get;
 mod live_get;
@@ -28,7 +31,7 @@ impl HealthApi {
         method = "get",
         operation_id = "healthStarted"
     )]
-    async fn started_get(&self, _auth: InternalApiKeyAuthorization) -> started_get::AllResponses {
+    async fn started_get(&self, _auth: NoAuthorization) -> started_get::AllResponses {
         started_get::endpoint().await
     }
 
@@ -46,7 +49,7 @@ impl HealthApi {
         method = "get",
         operation_id = "healthReady"
     )]
-    async fn ready_get(&self, _auth: InternalApiKeyAuthorization) -> ready_get::AllResponses {
+    async fn ready_get(&self, _auth: NoAuthorization) -> ready_get::AllResponses {
         ready_get::endpoint().await
     }
 
@@ -59,7 +62,7 @@ impl HealthApi {
     /// *This endpoint is for internal use of the service deployment infrastructure.
     /// It may not be exposed publicly. Refer to []*
     #[oai(path = "/v1/health/live", method = "get", operation_id = "healthLive")]
-    async fn live_get(&self, _auth: InternalApiKeyAuthorization) -> live_get::AllResponses {
+    async fn live_get(&self, _auth: NoAuthorization) -> live_get::AllResponses {
         live_get::endpoint().await
     }
 

catalyst-gateway/bin/src/settings/cassandra_db.rs

@@ -59,6 +59,9 @@ pub(crate) struct EnvVars {
 
     /// Maximum Configured Batch size.
     pub(crate) max_batch_size: i64,
+
+    /// Config options for deployment i.e replication strategy
+    pub(crate) deployment: StringEnvVar,
 }
 
 impl EnvVars {
@@ -91,6 +94,10 @@ impl EnvVars {
                 MIN_BATCH_SIZE,
                 MAX_BATCH_SIZE,
             ),
+            deployment: StringEnvVar::new(
+                &format!("CASSANDRA_{name}_DEPLOYMENT"),
+                "{'class': 'NetworkTopologyStrategy','replication_factor': 1}".into(),
+            ),
         }
     }
 

catalyst-gateway/blueprint.cue

@@ -1,6 +1,224 @@
 version: "1.0.0"
 project: {
 	name: "gateway"
+	ci: {
+		targets: {
+			test: privileged: true
+		}
+	}
+	deployment: {
+		on: {
+			merge: {}
+		}
+		environment: "dev"
+		modules: main: {
+			name:    "app"
+			version: "0.3.2"
+			values: {
+				deployment: {
+					containers: gateway: {
+						image: {
+							name: _ @forge(name="CONTAINER_IMAGE")
+							tag:  _ @forge(name="GIT_HASH_OR_TAG")
+						}
+
+						env: {
+							"RUST_LOG": {
+								value: "error,cat_gateway=info,cardano_chain_follower=info"
+							}
+							"CASSANDRA_VOLATILE_URL": {
+								secret: {
+									name: "gateway"
+									key:  "cassandra-volatile-url"
+								}
+							}
+							"CASSANDRA_VOLATILE_USERNAME": {
+								secret: {
+									name: "gateway"
+									key:  "cassandra-volatile-username"
+								}
+							}
+							"CASSANDRA_VOLATILE_PASSWORD": {
+								secret: {
+									name: "gateway"
+									key:  "cassandra-volatile-password"
+								}
+							}
+
+							"CASSANDRA_VOLATILE_DEPLOYMENT": {
+								secret: {
+									name: "gateway"
+									key:  "cassandra-volatile-deployment"
+								}
+							}
+							"CASSANDRA_PERSISTENT_URL": {
+								secret: {
+									name: "gateway"
+									key:  "cassandra-persistent-url"
+								}
+							}
+							"CASSANDRA_PERSISTENT_USERNAME": {
+								secret: {
+									name: "gateway"
+									key:  "cassandra-persistent-username"
+								}
+							}
+							"CASSANDRA_PERSISTENT_PASSWORD": {
+								secret: {
+									name: "gateway"
+									key:  "cassandra-persistent-password"
+								}
+							}
+							"CASSANDRA_PERSISTENT_DEPLOYMENT": {
+								secret: {
+									name: "gateway"
+									key:  "cassandra-persistent-deployment"
+								}
+							}
+							"INTERNAL_API_KEY": {
+								secret: {
+									name: "gateway"
+									key:  "api-key"
+								}
+							}
+							"EVENT_DB_URL": {
+								secret: {
+									name: "db-url"
+									key:  "url"
+								}
+							}
+
+                            "RBAC_OFF": {
+                                value: "true"
+                            }
+						}
+
+						port: 3030
+						probes: {
+							liveness: path:  "/api/v1/health/live"
+							readiness: path: "/api/v1/health/ready"
+						}
+						mounts: data: {
+							ref: volume: name: "data"
+							path:     "/root/.local/share/cat-gateway"
+							readOnly: false
+						}
+						resources: {
+							requests: {
+								cpu:    "1"
+								memory: "8Gi"
+							}
+							limits: {
+								cpu:    "8"
+								memory: "12Gi"
+							}
+						}
+					}
+
+					nodeSelector: {
+						"node-group": "catalyst-gateway"
+					}
+					serviceAccount: "catalyst-gateway"
+					strategy:       "Recreate"
+					tolerations: [
+						{
+							key:      "app"
+							operator: "Equal"
+							value:    "catalyst-gateway"
+							effect:   "NoSchedule"
+						},
+					]
+				}
+
+				jobs: migration: containers: main: {
+					image: {
+						name: "332405224602.dkr.ecr.eu-central-1.amazonaws.com/catalyst-voices/gateway-event-db"
+						tag:  _ @forge(name="GIT_HASH_OR_TAG")
+					}
+
+					env: {
+						DB_HOST: {
+							secret: {
+								name: "db"
+								key:  "host"
+							}
+						}
+						DB_PORT: {
+							secret: {
+								name: "db"
+								key:  "port"
+							}
+						}
+						DB_NAME: {
+							value: "gateway"
+						}
+						DB_DESCRIPTION: {
+							value: "Gateway Event Database"
+						}
+						DB_SUPERUSER: {
+							secret: {
+								name: "db-root"
+								key:  "username"
+							}
+						}
+						DB_SUPERUSER_PASSWORD: {
+							secret: {
+								name: "db-root"
+								key:  "password"
+							}
+						}
+						DB_USER: {
+							secret: {
+								name: "db"
+								key:  "username"
+							}
+						}
+						DB_USER_PASSWORD: {
+							secret: {
+								name: "db"
+								key:  "password"
+							}
+						}
+						INIT_AND_DROP_DB: {
+							value: "true"
+						}
+						WITH_MIGRATIONS: {
+							value: "true"
+						}
+					}
+				}
+
+				ingress: subdomain: "gateway"
+
+				secrets: {
+					db: {
+						ref: "db/gateway"
+					}
+					"db-root": {
+						ref: "db/root_account"
+					}
+					"db-url": {
+						ref: "db/gateway"
+						template: url: "postgres://{{ .username }}:{{ .password }}@{{ .host }}:{{ .port }}/gateway"
+					}
+					gateway: {
+						ref: "gateway"
+					}
+				}
+
+				service: {
+					port: 80
+					scrape: {}
+				}
+
+				volumes: data: {
+					class: "ebs-io1"
+					size:  "250Gi"
+				}
+			}
+		}
+	}
+
 	release: {
 		docker: {
 			on: {