Skip to content

node: add seed-per-node support #376

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
nprt merged 6 commits into from
Mar 3, 2026
Merged

node: add seed-per-node support #376

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
976bf10
add vaultKeyAppendPodIndex for aura keys
nprt Mar 3, 2026
2306357
fix indentation; add example values
nprt Mar 3, 2026
2f679a1
fix: correct annotation indentation for vault keys and nodeKey
eduardspa Mar 3, 2026
0d1e347
bump chart version to 5.17.0
eduardspa Mar 3, 2026
6b61a1f
update helm-docs generated README
eduardspa Mar 3, 2026
b4dd51d
Merge branch 'main' into nprt/node-add-multikey-support
nprt Mar 3, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion charts/node/Chart.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ apiVersion: v2
name: node
description: A Helm chart to deploy Substrate/Polkadot nodes
type: application
version: 5.16.0
version: 5.17.0
maintainers:
- name: Parity
url: https://github.com/paritytech/helm-charts
Expand Down
2 changes: 1 addition & 1 deletion charts/node/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ This is intended behaviour. Make sure to run `git add -A` once again to stage ch

# Substrate/Polkadot node Helm chart

![Version: 5.16.0](https://img.shields.io/badge/Version-5.16.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)
![Version: 5.17.0](https://img.shields.io/badge/Version-5.17.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square)

## Overview
The Polkadot Helm Chart provides a convenient way to deploy and manage a Polkadot blockchain node in a Kubernetes cluster.
Expand Down
29 changes: 19 additions & 10 deletions charts/node/templates/statefulset.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,14 +37,22 @@ spec:
metadata:
{{- if or .Values.podAnnotations .Values.node.vault.keys .Values.node.vault.nodeKey }}
annotations:
{{- with .Values.podAnnotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- range $keys := .Values.node.vault.keys }}
{{- with .Values.podAnnotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- range $keys := .Values.node.vault.keys }}
{{- if .vaultKeyAppendPodIndex }}
{{- range $index := until ($.Values.node.replicas | int) }}
vault.hashicorp.com/agent-inject-secret-{{ $keys.name }}-{{ $index }}: {{ $keys.vaultPath | squote }}
vault.hashicorp.com/agent-inject-template-{{ $keys.name }}-{{ $index }}: |
{{`{{ with secret "`}}{{ $keys.vaultPath }}{{`" }}{{ .Data.data.`}}{{ printf "%s_%s" $keys.vaultKey ($index | toString) }}{{` }}{{ end }}`}}
{{- end }}
{{- else }}
vault.hashicorp.com/agent-inject-secret-{{ .name }}: {{ .vaultPath | squote }}
vault.hashicorp.com/agent-inject-template-{{ .name }}: |
{{`{{ with secret "`}}{{ .vaultPath }}{{`" }}{{ .Data.data.`}}{{ .vaultKey }}{{` }}{{ end }}`}}
{{- end }}
{{- end }}
{{- end }}
{{- if .Values.node.vault.nodeKey }}
{{- if .Values.node.vault.nodeKey.vaultKeyAppendPodIndex }}
{{- range $index := until (.Values.node.replicas | int) }}
Expand Down Expand Up @@ -421,8 +429,9 @@ spec:
echo "Inserted node key at ${NODE_KEY_PATH} with peer-id: ${NODE_PEER_ID}"
{{- end }}
{{- range $keys := .Values.node.vault.keys }}
if [ ! -f /vault/secrets/{{ .name }} ]; then
echo "Error: File /vault/secrets/{{ .name }} does not exist"
KEY_PATH="/vault/secrets/{{ .name }}{{ if .vaultKeyAppendPodIndex }}-${HOSTNAME##*-}{{ end }}"
if [ ! -f ${KEY_PATH} ]; then
echo "Error: File ${KEY_PATH} does not exist"
exit 1
fi
{{ $.Values.node.command }} key insert \
Expand All @@ -433,11 +442,11 @@ spec:
--chain {{ $.Values.node.customChainspecPath }} \
{{- end }}
{{- if .extraDerivation }}
--suri "$(cat /vault/secrets/{{ .name }}){{ .extraDerivation }}" \
--suri "$(cat ${KEY_PATH}){{ .extraDerivation }}" \
{{- else }}
--suri "/vault/secrets/{{ .name }}" \
--suri "$(cat ${KEY_PATH})" \
{{- end }}
&& echo "Inserted key {{ .name }} (type={{ .type }}, scheme={{ .scheme }}) into Keystore" \
&& echo "Inserted key {{ .name }} (type={{ .type }}, scheme={{ .scheme }}) from ${KEY_PATH} into Keystore" \
|| echo "Failed to insert key {{ .name }} (type={{ .type }}, scheme={{ .scheme }}) into Keystore."
{{- end }}
resources:
Expand Down
2 changes: 2 additions & 0 deletions charts/node/values.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -421,11 +421,13 @@ node:
# vaultPath: kv/secret/grankey
# vaultKey: gran
# extraDerivation: //
# vaultKeyAppendPodIndex: false
# - name: babekey
# type: type
# scheme: scheme
# vaultPath: kv/secrets/babeKey
# vaultKey: babe
# vaultKeyAppendPodIndex: false

# -- Node key to use via vault
nodeKey: {}
Expand Down