chore: change from nomad to k8s (#179)

* chore: change from nomad to k8s

* Update infrastructure/eid-wallet/src/routes/+layout.svelte

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>

* feat: uri extraction

* feat: regitry stuff

* feat: registry using local db

* 📝 Add docstrings to `feat/switch-to-k8s` (#181)

Docstrings generation was requested by @coodos.

* #179 (comment)

The following files were modified:

* `infrastructure/evault-provisioner/src/templates/evault.nomad.ts`

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>

* chore: format

---------

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>

Author: coodos

infrastructure/eid-wallet/src-tauri/gen/apple/eid-wallet.xcodeproj/project.pbxproj

@@ -377,7 +377,7 @@
 				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
 				CODE_SIGN_ENTITLEMENTS = "eid-wallet_iOS/eid-wallet_iOS.entitlements";
 				CODE_SIGN_IDENTITY = "iPhone Developer";
-				DEVELOPMENT_TEAM = 7F2T2WK6DR;
+				DEVELOPMENT_TEAM = 3FS4B734X5;
 				ENABLE_BITCODE = NO;
 				"EXCLUDED_ARCHS[sdk=iphoneos*]" = "arm64-sim x86_64";
 				"EXCLUDED_ARCHS[sdk=iphonesimulator*]" = arm64;
@@ -430,7 +430,7 @@
 				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
 				CODE_SIGN_ENTITLEMENTS = "eid-wallet_iOS/eid-wallet_iOS.entitlements";
 				CODE_SIGN_IDENTITY = "iPhone Developer";
-				DEVELOPMENT_TEAM = 7F2T2WK6DR;
+				DEVELOPMENT_TEAM = 3FS4B734X5;
 				ENABLE_BITCODE = NO;
 				"EXCLUDED_ARCHS[sdk=iphoneos*]" = "arm64-sim x86_64";
 				"EXCLUDED_ARCHS[sdk=iphonesimulator*]" = arm64;

infrastructure/eid-wallet/src/routes/+layout.svelte

@@ -53,6 +53,17 @@ onMount(async () => {
     showSplashScreen = false;
 });
 
+const safeAreaTop = $derived.by(
+    () =>
+        Number.parseFloat(
+            getComputedStyle(document.documentElement).getPropertyValue(
+                "--safe-top",
+            ),
+        ) || 0,
+);
+
+$effect(() => console.log("top", safeAreaTop));
+
 onNavigate((navigation) => {
     if (!document.startViewTransition) return;
 
@@ -88,10 +99,31 @@ onNavigate((navigation) => {
 });
 </script>
 
-{#if showSplashScreen}
-    <SplashScreen />
-{:else}
-    <div class="bg-white h-[100dvh] overflow-scroll">
-        {@render children?.()}
-    </div>
-{/if}
+<main class={`h-[calc(100dvh-${safeAreaTop}px)] overflow-hidden`}>
+    {#if showSplashScreen}
+        <SplashScreen />
+    {:else}
+        <div class={`bg-white h-[calc(100dvh-${safeAreaTop}px)] overflow-auto`}>
+            {@render children?.()}
+        </div>
+    {/if}
+</main>
+
+<style>
+    :root {
+        --safe-bottom: env(safe-area-inset-bottom);
+        --safe-top: env(safe-area-inset-top);
+    }
+
+     :global(body), * {
+         -webkit-overflow-scrolling: touch; /* keeps momentum scrolling on iOS */
+         scrollbar-width: none;             /* Firefox */
+         -ms-overflow-style: none;          /* IE 10+ */
+     }
+
+     /* Hide scrollbar for WebKit (Chrome, Safari) */
+     :global(body::-webkit-scrollbar),
+     *::-webkit-scrollbar {
+         display: none;
+     }
+</style>

infrastructure/evault-core/src/evault.ts

@@ -3,9 +3,9 @@ import { LogService } from "./w3id/log-service";
 import { GraphQLServer } from "./protocol/graphql-server";
 import { registerHttpRoutes } from "./http/server";
 import fastify, {
-  FastifyInstance,
-  FastifyRequest,
-  FastifyReply,
+    FastifyInstance,
+    FastifyRequest,
+    FastifyReply,
 } from "fastify";
 import { renderVoyagerPage } from "graphql-voyager/middleware";
 import { createYoga } from "graphql-yoga";
@@ -17,80 +17,89 @@ import { W3ID } from "./w3id/w3id";
 dotenv.config({ path: path.resolve(__dirname, "../../../.env") });
 
 class EVault {
-  server: FastifyInstance;
-  graphqlServer: GraphQLServer;
-  logService: LogService;
-  driver: Driver;
-
-  constructor() {
-    const uri = process.env.NEO4J_URI || "bolt://localhost:7687";
-    const user = process.env.NEO4J_USER || "neo4j";
-    const password = process.env.NEO4J_PASSWORD || "neo4j";
-
-    if (
-      !process.env.NEO4J_URI ||
-      !process.env.NEO4J_USER ||
-      !process.env.NEO4J_PASSWORD
-    ) {
-      console.warn(
-        "Using default Neo4j connection parameters. Set NEO4J_URI, NEO4J_USER, and NEO4J_PASSWORD environment variables for custom configuration."
-      );
+    server: FastifyInstance;
+    graphqlServer: GraphQLServer;
+    logService: LogService;
+    driver: Driver;
+
+    constructor() {
+        const uri = process.env.NEO4J_URI || "bolt://localhost:7687";
+        const user = process.env.NEO4J_USER || "neo4j";
+        const password = process.env.NEO4J_PASSWORD || "neo4j";
+
+        if (
+            !process.env.NEO4J_URI ||
+            !process.env.NEO4J_USER ||
+            !process.env.NEO4J_PASSWORD
+        ) {
+            console.warn(
+                "Using default Neo4j connection parameters. Set NEO4J_URI, NEO4J_USER, and NEO4J_PASSWORD environment variables for custom configuration.",
+            );
+        }
+
+        this.driver = neo4j.driver(uri, neo4j.auth.basic(user, password));
+
+        const dbService = new DbService(this.driver);
+        this.logService = new LogService(this.driver);
+        this.graphqlServer = new GraphQLServer(dbService);
+
+        this.server = fastify({
+            logger: true,
+        });
     }
 
-    this.driver = neo4j.driver(uri, neo4j.auth.basic(user, password));
-
-    const dbService = new DbService(this.driver);
-    this.logService = new LogService(this.driver);
-    this.graphqlServer = new GraphQLServer(dbService);
-
-    this.server = fastify({
-      logger: true,
-    });
-  }
-
-  async initialize() {
-    await registerHttpRoutes(this.server);
-
-    const w3id = await W3ID.get({
-      id: process.env.W3ID as string,
-      driver: this.driver,
-      password: process.env.ENCRYPTION_PASSWORD,
-    });
-
-    const yoga = this.graphqlServer.init();
-
-    this.server.route({
-      // Bind to the Yoga's endpoint to avoid rendering on any path
-      url: yoga.graphqlEndpoint,
-      method: ["GET", "POST", "OPTIONS"],
-      handler: (req, reply) =>
-        yoga.handleNodeRequestAndResponse(req, reply, {
-          req,
-          reply,
-        }),
-    });
-
-    // Mount Voyager endpoint
-    this.server.get("/voyager", (req: FastifyRequest, reply: FastifyReply) => {
-      reply.type("text/html").send(
-        renderVoyagerPage({
-          endpointUrl: "/graphql",
-        })
-      );
-    });
-  }
-
-  async start() {
-    await this.initialize();
-
-    const port = process.env.NOMAD_PORT_http || process.env.PORT || 4000;
-
-    await this.server.listen({ port: Number(port), host: "0.0.0.0" });
-    console.log(`Server started on http://0.0.0.0:${port}`);
-    console.log(`GraphQL endpoint available at http://0.0.0.0:${port}/graphql`);
-    console.log(`GraphQL Voyager available at http://0.0.0.0:${port}/voyager`);
-    console.log(`API Documentation available at http://0.0.0.0:${port}/docs`);
-  }
+    async initialize() {
+        await registerHttpRoutes(this.server);
+
+        const w3id = await W3ID.get({
+            id: process.env.W3ID as string,
+            driver: this.driver,
+            password: process.env.ENCRYPTION_PASSWORD,
+        });
+
+        const yoga = this.graphqlServer.init();
+
+        this.server.route({
+            // Bind to the Yoga's endpoint to avoid rendering on any path
+            url: yoga.graphqlEndpoint,
+            method: ["GET", "POST", "OPTIONS"],
+            handler: (req, reply) =>
+                yoga.handleNodeRequestAndResponse(req, reply, {
+                    req,
+                    reply,
+                }),
+        });
+
+        // Mount Voyager endpoint
+        this.server.get(
+            "/voyager",
+            (req: FastifyRequest, reply: FastifyReply) => {
+                reply.type("text/html").send(
+                    renderVoyagerPage({
+                        endpointUrl: "/graphql",
+                    }),
+                );
+            },
+        );
+    }
+
+    async start() {
+        await this.initialize();
+
+        const port = process.env.NOMAD_PORT_http || process.env.PORT || 4000;
+
+        await this.server.listen({ port: Number(port), host: "0.0.0.0" });
+        console.log(`Server started on http://0.0.0.0:${port}`);
+        console.log(
+            `GraphQL endpoint available at http://0.0.0.0:${port}/graphql`,
+        );
+        console.log(
+            `GraphQL Voyager available at http://0.0.0.0:${port}/voyager`,
+        );
+        console.log(
+            `API Documentation available at http://0.0.0.0:${port}/docs`,
+        );
+    }
 }
 
 const evault = new EVault();

infrastructure/evault-core/src/w3id/w3id.ts

@@ -7,64 +7,64 @@ import { SecretsStore } from "../secrets/secrets-store";
 import { uint8ArrayToHex } from "../utils/codec";
 
 export class W3ID {
-  private static instance: W3IDClass;
-  private static secretsStore: SecretsStore;
+    private static instance: W3IDClass;
+    private static secretsStore: SecretsStore;
 
-  private constructor() {}
+    private constructor() { }
 
-  static async get(options?: {
-    id: string;
-    driver: Driver;
-    password?: string;
-  }) {
-    if (W3ID.instance) return W3ID.instance;
-    if (!options)
-      throw new Error(
-        "No instance of W3ID exists yet, please create it by passing options"
-      );
+    static async get(options?: {
+        id: string;
+        driver: Driver;
+        password?: string;
+    }) {
+        if (W3ID.instance) return W3ID.instance;
+        if (!options)
+            throw new Error(
+                "No instance of W3ID exists yet, please create it by passing options"
+            );
 
-    // Initialize secrets store if not already done
-    if (!W3ID.secretsStore) {
-      if (!options.password) {
-        throw new Error("Password is required for secrets store");
-      }
-      W3ID.secretsStore = new SecretsStore(
-        process.env.SECRETS_STORE_PATH!,
-        options.password
-      );
-    }
+        // Initialize secrets store if not already done
+        if (!W3ID.secretsStore) {
+            if (!options.password) {
+                throw new Error("Password is required for secrets store");
+            }
+            W3ID.secretsStore = new SecretsStore(
+                process.env.SECRETS_STORE_PATH!,
+                options.password
+            );
+        }
 
-    const repository = new LogService(options.driver);
-    const keyId = `w3id-${options.id}`;
+        const repository = new LogService(options.driver);
+        const keyId = `w3id-${options.id}`;
 
-    try {
-      // Try to get existing seed
-      const { seed, nextKeyHash } = await W3ID.secretsStore.getSeed(keyId);
-      const keyPair = nacl.sign.keyPair.fromSeed(seed);
-      W3ID.instance = await new W3IDBuilder()
-        .withId(options.id)
-        .withRepository(repository)
-        .withGlobal(true)
-        .withSigner(createSigner(keyPair))
-        .withNextKeyHash(nextKeyHash)
-        .build();
-    } catch {
-      // If no seed exists, create new one
-      const keyPair = nacl.sign.keyPair();
-      const nextKeyPair = nacl.sign.keyPair();
-      const nextKeyHash = await hash(uint8ArrayToHex(nextKeyPair.publicKey));
+        try {
+            // Try to get existing seed
+            const { seed, nextKeyHash } = await W3ID.secretsStore.getSeed(keyId);
+            const keyPair = nacl.sign.keyPair.fromSeed(seed);
+            W3ID.instance = await new W3IDBuilder()
+                .withId(options.id)
+                .withRepository(repository)
+                .withGlobal(true)
+                .withSigner(createSigner(keyPair))
+                .withNextKeyHash(nextKeyHash)
+                .build();
+        } catch {
+            // If no seed exists, create new one
+            const keyPair = nacl.sign.keyPair();
+            const nextKeyPair = nacl.sign.keyPair();
+            const nextKeyHash = await hash(uint8ArrayToHex(nextKeyPair.publicKey));
 
-      // Store the seed
-      await W3ID.secretsStore.storeSeed(keyId, keyPair.secretKey, nextKeyHash);
+            // Store the seed
+            await W3ID.secretsStore.storeSeed(keyId, keyPair.secretKey, nextKeyHash);
 
-      W3ID.instance = await new W3IDBuilder()
-        .withId(options.id)
-        .withRepository(repository)
-        .withSigner(createSigner(keyPair))
-        .withNextKeyHash(nextKeyHash)
-        .build();
-    }
+            W3ID.instance = await new W3IDBuilder()
+                .withId(options.id)
+                .withRepository(repository)
+                .withSigner(createSigner(keyPair))
+                .withNextKeyHash(nextKeyHash)
+                .build();
+        }
 
-    return W3ID.instance;
-  }
+        return W3ID.instance;
+    }
 }

infrastructure/evault-provisioner/package.json

@@ -11,10 +11,12 @@
         "test": "vitest"
     },
     "dependencies": {
+        "@kubernetes/client-node": "^1.3.0",
         "axios": "^1.6.7",
         "dotenv": "^16.4.5",
         "express": "^4.18.2",
         "jose": "^5.2.2",
+        "sha256": "^0.2.0",
         "w3id": "workspace:*"
     },
     "devDependencies": {