Merge canton 3.4 into main #2753
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Upgrade to Canton 3.4 [ci] Signed-off-by: Moritz Kiefer <[email protected]> * add missing headers [ci] Signed-off-by: Moritz Kiefer <[email protected]> * fix some more tests [ci] Signed-off-by: Moritz Kiefer <[email protected]> * disable cometbft [ci] Signed-off-by: Moritz Kiefer <[email protected]> --------- Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]>
[ci] fixes #1145 Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]>
fixes #1289 --------- Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]>
[ci] Signed-off-by: Moritz Kiefer <[email protected]>
[ci] Signed-off-by: Moritz Kiefer <[email protected]>
Merge main into canton-3.4
[ci] A few less things to worry about conflicts or getting to compile on upgrades Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]>
[ci] Signed-off-by: Moritz Kiefer <[email protected]>
Merge remote-tracking branch 'origin/main' into canton-3.4
* Undo our changes Signed-off-by: Moritz Kiefer <[email protected]> * Bump Canton commit Signed-off-by: Moritz Kiefer <[email protected]> * Reapply our changes Signed-off-by: Moritz Kiefer <[email protected]> * add missing files Signed-off-by: Moritz Kiefer <[email protected]> * bump commit Signed-off-by: Moritz Kiefer <[email protected]> * Bump Canton binary [ci] Signed-off-by: Moritz Kiefer <[email protected]> * fix bootstrap script [ci] Signed-off-by: Moritz Kiefer <[email protected]> * Bump admin token duration Signed-off-by: Moritz Kiefer <[email protected]> * add log ignore [ci] Signed-off-by: Moritz Kiefer <[email protected]> * format [ci] Signed-off-by: Moritz Kiefer <[email protected]> * try to fix token duration again [ci] Signed-off-by: Moritz Kiefer <[email protected]> * update retry ignore [ci] Signed-off-by: Moritz Kiefer <[email protected]> * More conservative bft reconciliation changes [ci] Signed-off-by: Moritz Kiefer <[email protected]> * fix test and format [ci] Signed-off-by: Moritz Kiefer <[email protected]> * log ignore [ci] Signed-off-by: Moritz Kiefer <[email protected]> * tihi [ci] Signed-off-by: Moritz Kiefer <[email protected]> --------- Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]>
[ci] And hopefully this time I manage to press the right merge button … Signed-off-by: Moritz Kiefer <[email protected]>
…again Merge remote-tracking branch 'origin/main' into canton-3.4
[static] Just makes any migration test an order of magnitude less confusing. Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]>
extracted from #2000 [static] Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Nicu Reut <[email protected]>
[ci] Signed-off-by: Moritz Kiefer <[email protected]>
* Tweak fluent bit configuration (#1940) [static] Based on CILR experience - fix severity parsing - truncate long log messages because otherise stack driver gets angry - make time parsing more lenient - make fluent bit parse its own logs better Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]> * Reduce multi-validator deployment parallelism to 2 (#1938) Signed-off-by: Julien Tinguely <[email protected]> * Bump Canton for KMS resilience fix (#1941) Fixes DACH-NY/canton-network-internal#1337 [ci] Signed-off-by: Martin Florian <[email protected]> * Refactor some form components in sv ui (#1936) - Make form errors a re-usable form component - Make EffectiveField a re-usable field component - Upgrade tanstack-form Signed-off-by: fayi-da <[email protected]> * Docs: Clarifications around validator DR (#1937) Inspired by questions on Slack: https://daholdings.slack.com/archives/C08AP9QR7K4/p1755245551957219?thread_ts=1753278207.186399&cid=C08AP9QR7K4 [static] Signed-off-by: Martin Florian <[email protected]> * Fix tag prefix in stackdriver export (#1944) [static] Don't ask me why fluentbit has mutually incompatible defaults between different filters and outputs … Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]> * query to aggregate traffic purchases over a time period (#1926) * fork part of total supply query * aggregate .amuletPaid to a separate value * use a bracketed start time as well --------- Signed-off-by: Stephen Compall <[email protected]> * Implement DeleteCorruptAcsSnapshotTrigger (#1096) * Implement DeleteCorruptAcsSnapshotTrigger Signed-off-by: Robert Autenrieth <[email protected]> * [static] increase multi validators parallelism to 5 (#1949) Signed-off-by: Julien Tinguely <[email protected]> * Write how-to docs for token standard usage (#1872) --------- Signed-off-by: Oriol Muñoz <[email protected]> * Reduce gcp logging components (#1951) I think I accidentally turned on too much when I tried to disable workloads in favor of our own fluentbit. [static] Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]> * WalletSurviveCantonRestartIntegrationTest: bump wait on participant init (#1952) Fixes DACH-NY/cn-test-failures#5417 The participant did come up eventually and AFAICT the validator app would have continued init if we hadn't stopped that. [static] Signed-off-by: Martin Florian <[email protected]> * Bump cometbft mempool and cache size (#1953) fixes #1934 [ci] I honestly don't have a great reason for choosing these specific values. Doubling seems as good as anything else 🤷 See https://github.com/DACH-NY/canton-network-node/pull/17821/files for an earlier change we made in the same direction. Note that I didn't bump the TTL because I don't see a compelling reason why that helps with anything. Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]> * [static] Add istio rate limits to pulumi (#1798) Signed-off-by: Nicu Reut <[email protected]> * Implement Amulet Rules Proposal Form in new SV UI (#1945) --------- Signed-off-by: fayi-da <[email protected]> * Fix fluentbit log truncation (#1959) [static] I should not be allowed to write lua Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]> * [static] include rate of sequencer events processed in the participant dashboard (#1960) Signed-off-by: Nicu Reut <[email protected]> * move pulumi npm packages into lfdt namespace (#1848) * don't alert a Slack channel unless explicitly set in .envrc.vars (#1913) * don't alert a Slack channel unless explicitly set in .envrc.vars The default for alerting was #team-canton-network-internal-alerts. Now that default is removed; only long-running, production and near-production clusters like dev/test/main should now alert. * also don't default SLACK_ALERT_NOTIFICATION_CHANNEL - suggested by @martinflorian-da; thanks * fail if SLACK_ALERT_NOTIFICATION_CHANNEL defined but not FULL_NAME --------- Signed-off-by: Stephen Compall <[email protected]> * Support running static tests on gh-hosted runners (#1668) Signed-off-by: Itai Segall <[email protected]> Co-authored-by: Stephen Compall <[email protected]> * Revert "Support running static tests on gh-hosted runners (#1668)" (#1966) This reverts commit 13bcefe. Signed-off-by: Itai Segall <[email protected]> * Make pulumi stack parallelism configurable (#1967) * Make pulumi stack parallelism configurable [static] Signed-off-by: Moritz Kiefer <[email protected]> * fmt [static] Signed-off-by: Moritz Kiefer <[email protected]> --------- Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]> * [static] Make the cluster node pools sizes configurable (#1957) Signed-off-by: Nicu Reut <[email protected]> * Try to fix grafana alert expansion (#1970) [static] We still get tons of spam from logger=ngalert.state.manager rule_uid=ady2ks9ehbw1sb org_id=1 t=2025-08-20T07:37:44.687289759Z level=error msg="Error in expanding template" error="failed to expand template '{{- $labels := .Labels -}}{{- $values := .Values -}}{{- $value := .Value -}}{{- if (gt $values.runs.Value 2) -}}\ncritical\n{{- else -}}\nwarning\n{{- end -}}': error executing template __alert_Busy task-based automation: template: __alert_Busy task-based automation:1:84: executing \"__alert_Busy task-based automation\" at <gt $values.runs.Value 2>: error calling gt: incompatible types for comparison" and for the other one. My current theory is: go templates seem to distinguish integers and floats. And we have one missing null check. Would be too easy if it actually told you the mismatching types … Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]> * [ci] More lenient scan rate limit test (#1971) Signed-off-by: Nicu Reut <[email protected]> * Match package name on template filter (#1955) --------- Signed-off-by: Oriol Muñoz <[email protected]> * Document routing of the JSON API (#1973) [static] Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]> * Synchronize on scan processing lock archival (#1969) [ci] fixes DACH-NY/cn-test-failures#5415 Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]> * Add config rendering helper function and enhance splice-participant helm template (#1939) Fixes #1915 Signed-off-by: timpel-fcs <[email protected]> * Remove migrate-istio (#1977) Deletes code, must be good. More seriously this was added 7 months ago so we can pretty confidently assume everything is migrated by now. [static] Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]> * mention BFT success requirement in validator onboarding doc (#1979) We explain the tradeoffs already where we document how to do it, so not going to repeat all that, just linking to it. Onboarding real production nodes shouldn't do this anyway. Reifies this comment <global-synchronizer-foundation/docs#8 (reply in thread)> from @martinflorian-da. Signed-off-by: Stephen Compall <[email protected]> * shorter output/timeout/portability in validator onboarding test scriptlets (#1982) - overall max-time for curl calls - don't try to jq 4xx responses, just fail - jq portability Adapted from this comment <global-synchronizer-foundation/docs#8 (comment)> from @stas-sbi. * grpcurl output has quotes --------- Signed-off-by: Stephen Compall <[email protected]> * Support running static tests on gh-hosted runners (#1978) Signed-off-by: Itai Segall <[email protected]> * Make workflow ids of import updates consistent (#1981) Signed-off-by: Robert Autenrieth <[email protected]> * Further clarify safe ways of bypassing the party limit (#1984) [static] Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]> * Remove todo artifacts (#1986) With the new static test job, CI on forks now fails as it conflicts between that job and the main job. Rather than trying to make it conditional or rename it to avoid the conflict, this just removes the step. Noone has used this for years afaik. [static] Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]> * Mention existing transfer preapproval proposal (#1987) [static] Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]> * vagrant: Restart nix-daemon after mounting cache (#1985) - Makes the initial boot more predictable. - Allows recovering after deleting the cache file without re-creating the VM. To recover run `vagrant up --provision`. Signed-off-by: Stanislav German-Evtushenko <[email protected]> * Filter pr_cluster_test for pull requests (#1988) [static] Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]> * [static] Update release notes for 0.4.12 (#1989) Signed-off-by: Nicu Reut <[email protected]> * stop triggering ciupgrade tests (#1983) Signed-off-by: Itai Segall <[email protected]> * Upgrade Canton to 3.3.0-snapshot.20250821.16057.0.v3719b9e9 (#1994) [ci] Includes the fix for the initial topology validator that is blocking sv runbook reonboarding on cilr atm. Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]> * [ci] Update VERSION to 0.4.13 (#1995) Signed-off-by: Nicu Reut <[email protected]> * run BigQuery integration test daily (#1873) * add run scheduled for 2:17am CET, allow manual run * flexible version selection * log service account email when setting up BQ test --------- Signed-off-by: Stephen Compall <[email protected]> * Add missing CO_TransferPreapprovalSend case in UserWalletTxLogParser (#2006) Signed-off-by: Oriol Muñoz <[email protected]> --------- Signed-off-by: Moritz Kiefer <[email protected]> Signed-off-by: Julien Tinguely <[email protected]> Signed-off-by: Martin Florian <[email protected]> Signed-off-by: fayi-da <[email protected]> Signed-off-by: Stephen Compall <[email protected]> Signed-off-by: Robert Autenrieth <[email protected]> Signed-off-by: Oriol Muñoz <[email protected]> Signed-off-by: Nicu Reut <[email protected]> Signed-off-by: Itai Segall <[email protected]> Signed-off-by: timpel-fcs <[email protected]> Signed-off-by: Stanislav German-Evtushenko <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]> Co-authored-by: Julien Tinguely <[email protected]> Co-authored-by: Martin Florian <[email protected]> Co-authored-by: fayi-da <[email protected]> Co-authored-by: Stephen Compall <[email protected]> Co-authored-by: Robert Autenrieth <[email protected]> Co-authored-by: Oriol Muñoz <[email protected]> Co-authored-by: Nicu Reut <[email protected]> Co-authored-by: Itai Segall <[email protected]> Co-authored-by: Tim <[email protected]> Co-authored-by: Stanislav German-Evtushenko <[email protected]>
* Pass interface ids via package names in ledger API read requests fixes #1932 [ci] It doesn't do very much given that interfaces are not upgradeable but the ledger API warns about that and we agreed with Tudor and Simon that this is better than trying to special case interfaces in the check. Signed-off-by: Moritz Kiefer <[email protected]> * . [ci] Signed-off-by: Moritz Kiefer <[email protected]> * . [ci] Signed-off-by: Moritz Kiefer <[email protected]> --------- Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]>
This doesn't work for BFT nodes as the scan URLs cannot be updated before unpausing the synchronizer and we need the scan URLs for BFT peers. [ci] --------- Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]>
[ci] The split here doesn't really make sense. The one without "domain" in the name bumps the internal API URL. The one with domain in the name bumps the external API URL. Clearly both are domain related. And we always set both because otherwise you get a mismatch since internal and external are the same in integration tests. Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]>
[ci] Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]>
--------- Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]>
[ci] Signed-off-by: Moritz Kiefer <[email protected]>
Seems reasonable to just commit this to make sure we are in sync across multiple tests and people doing those tests. I didn't enable load tests yet as I'd like to bootstrap 16 SVs first and then turn on the load tests [static] Signed-off-by: Moritz Kiefer <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]>
…merge-main Merge remote-tracking branch 'origin/main' into canton-3.4
[static] Signed-off-by: Moritz Kiefer <[email protected]>
Remove accidentally committed lnav-user-1000-work
[static] Signed-off-by: Nicu Reut <[email protected]> Signed-off-by: Moritz Kiefer <[email protected]>
[static] Signed-off-by: Moritz Kiefer <[email protected]>
[static] Signed-off-by: Moritz Kiefer <[email protected]>
[ci] Signed-off-by: Moritz Kiefer <[email protected]>
[ci] Signed-off-by: Moritz Kiefer <[email protected]>
[ci] Signed-off-by: Moritz Kiefer <[email protected]>
This reverts commit 2030865. Signed-off-by: Moritz Kiefer <[email protected]>
[ci] Signed-off-by: Moritz Kiefer <[email protected]>
[ci] fixes #1324 Signed-off-by: Moritz Kiefer <[email protected]>
[ci] Signed-off-by: Moritz Kiefer <[email protected]>
[ci] Signed-off-by: Moritz Kiefer <[email protected]>
…074-merge-main-take-2 3.4: Bump Canton binary+fork and sync up with main
[ci] Signed-off-by: Moritz Kiefer <[email protected]>
[ci] Signed-off-by: Moritz Kiefer <[email protected]>
[ci] Signed-off-by: Moritz Kiefer <[email protected]>
…main Merge remote-tracking branch 'origin/main' into canton-3.4
Add test for reward expiry with old participants
* Bump Canton to 3.4.0-snapshot.20251016.17201.0.vb7d11e6c [ci] This is actually on canton 3.4 release line. Signed-off-by: Moritz Kiefer <[email protected]> * fix unvetting in tests context: DACH-NY/canton#28659 Signed-off-by: Martin Florian <[email protected]> * fix vetting on splitwell domain needs a more proper fix, but not today Signed-off-by: Martin Florian <[email protected]> * remove one more (last) AllowUnvetPackageWithActiveContracts context: DACH-NY/canton#2865 [ci] Signed-off-by: Martin Florian <[email protected]> * thank you scalafmt [static] Signed-off-by: Martin Florian <[email protected]> --------- Signed-off-by: Moritz Kiefer <[email protected]> Signed-off-by: Martin Florian <[email protected]> Co-authored-by: Moritz Kiefer <[email protected]> Co-authored-by: Martin Florian <[email protected]>
Already had the snapshot and should be easy after #2737 Also it Fixes #2689 Signed-off-by: Martin Florian <[email protected]>
[ci] Signed-off-by: Martin Florian <[email protected]>
[ci] Signed-off-by: Martin Florian <[email protected]>
…ets-merge-main-20251017 Merge main into canton-3.4
|
#2754 should trigger a proper |
…2301-final-merge [force] [force] Signed-off-by: Martin Florian <[email protected]>
…301-final-merge Merge main into canton-3.4 [ci]
|
Looks like we flaked once on https://github.com/DACH-NY/cn-test-failures/issues/5948 ; reran |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
https://github.com/DACH-NY/canton-network-internal/issues/2301