diff --git a/.gitea/workflows/mainnet-setup.yaml b/.gitea/workflows/mainnet-setup.yaml new file mode 100644 index 0000000..7a6a138 --- /dev/null +++ b/.gitea/workflows/mainnet-setup.yaml @@ -0,0 +1,50 @@ +--- +name: MainnetNodesSetup +run-name: ⚒️ 🚀 + +on: + push: + branches: + - "main" + +jobs: + main-net: + runs-on: ubuntu-latest + strategy: + matrix: + include: + - name: MN1 + key: ${{ secrets.MN1KEY }} + HOST: ${{ env.MN1_HOST }} + PORT: ${{ env.MN1_PORT }} + USERNAME: ${{ env.MN1_USER }} + PASSWORD: ${{ env.MN1_PASS }} + steps: + - uses: actions/checkout@v4 + with: + token: ${{ gitea.token }} + path: ./src + submodules: recursive + - name: copy file via ssh password + uses: appleboy/scp-action@v0.1.7 + with: + host: ${{ matrix.HOST }} + username: ${{ matrix.USERNAME }} + password: ${{ matrix.PASSWORD }} + port: ${{ matrix.PORT }} + source: "src/sub/node-setup" + target: "~/NodeSetup/" + - name: deploying via ssh + uses: appleboy/ssh-action@v1.0.3 + with: + host: ${{ matrix.HOST }} + username: ${{ matrix.USERNAME }} + password: ${{ matrix.PASSWORD }} + port: ${{ matrix.PORT }} + script: | + docker pull ${{ env.DOCKER_IMG }} + COMPOSE_PROJECT_NAME=${{ env.COMPOSE_PROJECT_NAME }} \ + DEPLOYMENT_ENV=${{ env.DEPLOYMENT_ENV }} \ + docker compose \ + -f ${{ env.COMPOSE_FILE }} \ + up ${{ env.COMPOSE_SERVICE_NAME }} -d diff --git a/.gitea/workflows/test.yaml b/.gitea/workflows/test.yaml index 6a59f80..2901931 100644 --- a/.gitea/workflows/test.yaml +++ b/.gitea/workflows/test.yaml @@ -1,3 +1,4 @@ +--- name: SM run-name: 🕵️ on: diff --git a/README.md b/README.md index aa07318..4d1ef43 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,41 @@ # SecretManager -https://lab.stellar.org/account/create \ No newline at end of file +Using [stellar lab](https://lab.stellar.org/account/create) one can derive +secrets that can be used for the Stellar network. + +Furthermore, by using a [Mnemonics](https://github.com/stellar/stellar-protocol/blob/master/ecosystem/sep-0005.md#mnemonic-codes) +derived keys can be indexed for future recoveries. + +This Approach can ensure that keys can be reproduced and are +reproducible. + +[NOTE] Default approaches are not reproducible and are totally random. + +## Purpose of this repo + +- [ ] Create a secret manager for the Stellar network +- [ ] Run CI/CD actions that requires a secret + +### List of Stored Secrets + +- NODES: + + - MN1KEY: Mainnet node key number 1 + - MN2KEY: Mainnet node key number 2 + - MN3KEY: Mainnet node key number 3 + - TN1KEY: Testnet node key number 1 + - TN2KEY: Testnet node key number 2 + +- ISSUERKEY: Used for issuing assets on the Stellar network +- VOTINGKEY: Used for voting for future upgrades +- VAULTKEY: Used for vault + +### List of Actions + +- Initial Setup of nodes: + - Using git runner with combination of secrets stored in this repo + - VPS details are stored in Environment Variables + - Actions are stored in `.github/workflows` + +#### Tutorials + diff --git a/sub/node-setup b/sub/node-setup new file mode 160000 index 0000000..435a3be --- /dev/null +++ b/sub/node-setup @@ -0,0 +1 @@ +Subproject commit 435a3beb27fb7f1778f0187e2b2352e8db2d7634