rename service

Author: DaMandal0rian

k8s/README.md

@@ -42,7 +42,7 @@ k8s/
 - Kubernetes cluster (version 1.19+)
 - `kubectl` configured to access your cluster
 - Kustomize (built into kubectl v1.14+)
-- Docker image published to `ghcr.io/graphprotocol/service-quality-oracle`
+- Docker image published to `ghcr.io/graphprotocol/rewards-eligibility-oracle`
 - **Storage class configured** (see Storage Configuration below)
 
 ## Quick Start
@@ -74,7 +74,7 @@ vim config.secret.yaml
 ./apply.sh
 
 # Monitor
-kubectl logs -f deployment/service-quality-oracle -n service-quality-oracle
+kubectl logs -f deployment/rewards-eligibility-oracle -n rewards-eligibility-oracle
 ```
 
 ### 3. Deploy to Mainnet
@@ -96,7 +96,7 @@ vim config.yaml
 ./apply.sh
 
 # Monitor
-kubectl logs -f deployment/service-quality-oracle -n service-quality-oracle
+kubectl logs -f deployment/rewards-eligibility-oracle -n rewards-eligibility-oracle
 ```
 
 ## Environment Configuration
@@ -133,6 +133,7 @@ kubectl get storageclass
 ```
 
 **Common storage classes by platform:**
+
 - **AWS EKS**: `gp2`, `gp3`, `ebs-csi`
 - **Google GKE**: `standard`, `ssd`
 - **Azure AKS**: `managed-premium`, `managed`
@@ -149,13 +150,13 @@ kubectl get storageclass
 ### View Logs
 
 ```bash
-kubectl logs -f deployment/service-quality-oracle -n service-quality-oracle
+kubectl logs -f deployment/rewards-eligibility-oracle -n rewards-eligibility-oracle
 ```
 
 ### Check Status
 
 ```bash
-kubectl get all -n service-quality-oracle
+kubectl get all -n rewards-eligibility-oracle
 ```
 
 ### Delete Environment
@@ -177,10 +178,11 @@ kubectl delete -k .
 
 The service uses **two persistent volumes** to maintain state across pod restarts:
 
-- **`service-quality-oracle-data` (10GB)**: Circuit breaker state, last run tracking, BigQuery cache, CSV outputs
-- **`service-quality-oracle-logs` (5GB)**: Application logs
+- **`rewards-eligibility-oracle-data` (10GB)**: Circuit breaker state, last run tracking, BigQuery cache, CSV outputs
+- **`rewards-eligibility-oracle-logs` (5GB)**: Application logs
 
 **Mount points:**
+
 - `/app/data` → Critical state files (circuit breaker, cache, outputs)
 - `/app/logs` → Application logs
 
@@ -190,17 +192,20 @@ The service uses **two persistent volumes** to maintain state across pod restart
 **Sensitive credentials** → `Secret` (generated from `config.secret.yaml`)
 
 This separation provides:
+
 - ✅ Easy configuration updates without rebuilding images
 - ✅ Secure credential management with base64 encoding
 - ✅ Clear separation of concerns
 
 ### Resource Allocation
 
 **Requests (guaranteed):**
+
 - CPU: 250m (0.25 cores)
 - Memory: 512M
 
 **Limits (maximum):**
+
 - CPU: 1000m (1.0 core)
 - Memory: 1G
 
@@ -217,7 +222,7 @@ With persistent volumes, the service maintains:
 
 The deployment uses **file-based health checks** (same as docker-compose):
 
-**Liveness probe:** Checks `/app/healthcheck` file modification time  
+**Liveness probe:** Checks `/app/healthcheck` file modification time
 **Readiness probe:** Verifies `/app/healthcheck` file exists
 
 ## Troubleshooting
@@ -226,11 +231,11 @@ The deployment uses **file-based health checks** (same as docker-compose):
 
 ```bash
 # Check events
-kubectl describe pod -l app=service-quality-oracle
+kubectl describe pod -l app=rewards-eligibility-oracle
 
 # Common issues:
 # - Missing secrets
-# - PVC provisioning failures  
+# - PVC provisioning failures
 # - Image pull errors
 ```
 
@@ -241,28 +246,28 @@ kubectl describe pod -l app=service-quality-oracle
 kubectl get pvc
 
 # Check if volumes are mounted correctly
-kubectl exec -it deployment/service-quality-oracle -- ls -la /app/data
+kubectl exec -it deployment/rewards-eligibility-oracle -- ls -la /app/data
 ```
 
 ### Debug Configuration
 
 ```bash
 # Check environment variables
-kubectl exec -it deployment/service-quality-oracle -- env | grep -E "(BIGQUERY|BLOCKCHAIN)"
+kubectl exec -it deployment/rewards-eligibility-oracle -- env | grep -E "(BIGQUERY|BLOCKCHAIN)"
 
 # Verify secrets are mounted
-kubectl exec -it deployment/service-quality-oracle -- ls -la /etc/secrets
+kubectl exec -it deployment/rewards-eligibility-oracle -- ls -la /etc/secrets
 ```
 
 ## Security
 
-✅ **Never commit actual secrets** - `config.secret.yaml` files contain placeholders only  
-✅ **Mainnet deployment safety checks** for production secrets  
-✅ **Non-root containers** with dropped capabilities  
-✅ **Service account** with minimal BigQuery permissions  
-✅ **Private key** stored in Kubernetes secrets (base64 encoded)  
-✅ **Resource limits** prevent resource exhaustion  
-✅ **Workload Identity** configured for secure GCP access  
+✅ **Never commit actual secrets** - `config.secret.yaml` files contain placeholders only
+✅ **Mainnet deployment safety checks** for production secrets
+✅ **Non-root containers** with dropped capabilities
+✅ **Service account** with minimal BigQuery permissions
+✅ **Private key** stored in Kubernetes secrets (base64 encoded)
+✅ **Resource limits** prevent resource exhaustion
+✅ **Workload Identity** configured for secure GCP access
 ✅ **SSD storage with retention** for data persistence
 
 ## Production Considerations

k8s/base/deployment.yaml

@@ -1,18 +1,18 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: service-quality-oracle
+  name: rewards-eligibility-oracle
   labels:
-    app: service-quality-oracle
+    app: rewards-eligibility-oracle
 spec:
   replicas: 1  # Single instance due to state management
   selector:
     matchLabels:
-      app: service-quality-oracle
+      app: rewards-eligibility-oracle
   template:
     metadata:
       labels:
-        app: service-quality-oracle
+        app: rewards-eligibility-oracle
       annotations:
         prometheus.io/scrape: "true"
         prometheus.io/path: "/metrics"
@@ -21,52 +21,52 @@ spec:
       imagePullSecrets:
         - name: docker-registry
       containers:
-      - name: service-quality-oracle
-        image: ghcr.io/graphprotocol/service-quality-oracle:latest
+      - name: rewards-eligibility-oracle
+        image: ghcr.io/graphprotocol/rewards-eligibility-oracle:latest
         imagePullPolicy: IfNotPresent
         ports:
           - containerPort: 8000
             name: metrics
         envFrom:
         # Load all non-sensitive configuration from ConfigMap
         - configMapRef:
-            name: service-quality-oracle-config
+            name: rewards-eligibility-oracle-config
         env:
         # Secrets from Kubernetes Secret
         - name: GOOGLE_APPLICATION_CREDENTIALS
           valueFrom:
             secretKeyRef:
-              name: service-quality-oracle-secrets
+              name: rewards-eligibility-oracle-secrets
               key: google-credentials
         - name: BLOCKCHAIN_PRIVATE_KEY
           valueFrom:
             secretKeyRef:
-              name: service-quality-oracle-secrets
+              name: rewards-eligibility-oracle-secrets
               key: blockchain-private-key
         - name: ETHERSCAN_API_KEY
           valueFrom:
             secretKeyRef:
-              name: service-quality-oracle-secrets
+              name: rewards-eligibility-oracle-secrets
               key: etherscan-api-key
         - name: ARBITRUM_API_KEY
           valueFrom:
             secretKeyRef:
-              name: service-quality-oracle-secrets
+              name: rewards-eligibility-oracle-secrets
               key: arbitrum-api-key
         - name: STUDIO_API_KEY
           valueFrom:
             secretKeyRef:
-              name: service-quality-oracle-secrets
+              name: rewards-eligibility-oracle-secrets
               key: studio-api-key
         - name: STUDIO_DEPLOY_KEY
           valueFrom:
             secretKeyRef:
-              name: service-quality-oracle-secrets
+              name: rewards-eligibility-oracle-secrets
               key: studio-deploy-key
         - name: SLACK_WEBHOOK_URL
           valueFrom:
             secretKeyRef:
-              name: service-quality-oracle-secrets
+              name: rewards-eligibility-oracle-secrets
               key: slack-webhook-url
         volumeMounts:
         - name: data-volume
@@ -78,7 +78,7 @@ spec:
             memory: "512M"  # Match docker-compose reservations
             cpu: "250m"
           limits:
-            memory: "1G"    # Match docker-compose limits  
+            memory: "1G"    # Match docker-compose limits
             cpu: "1000m"    # Match docker-compose '1.0' cpus
         # Use file-based healthcheck like docker-compose (not HTTP)
         livenessProbe:
@@ -94,7 +94,7 @@ spec:
         readinessProbe:
           exec:
             command:
-            - python  
+            - python
             - -c
             - "import os; assert os.path.exists('/app/healthcheck'), 'Healthcheck file missing'"
           initialDelaySeconds: 10
@@ -111,9 +111,9 @@ spec:
       volumes:
       - name: data-volume
         persistentVolumeClaim:
-          claimName: service-quality-oracle-data
+          claimName: rewards-eligibility-oracle-data
       - name: logs-volume
         persistentVolumeClaim:
-          claimName: service-quality-oracle-logs
-      serviceAccountName: service-quality-oracle
+          claimName: rewards-eligibility-oracle-logs
+      serviceAccountName: rewards-eligibility-oracle
       restartPolicy: Always

k8s/base/namespace.yaml

@@ -1,6 +1,6 @@
 apiVersion: v1
 kind: Namespace
 metadata:
-  name: service-quality-oracle
+  name: rewards-eligibility-oracle
   labels:
-    name: service-quality-oracle
+    name: rewards-eligibility-oracle

k8s/base/podmonitor.yaml

@@ -1,13 +1,13 @@
 apiVersion: monitoring.coreos.com/v1
 kind: PodMonitor
 metadata:
-  name: service-quality-oracle
+  name: rewards-eligibility-oracle
   labels:
-    app: service-quality-oracle
+    app: rewards-eligibility-oracle
 spec:
   selector:
     matchLabels:
-      app: service-quality-oracle
+      app: rewards-eligibility-oracle
   podMetricsEndpoints:
   - port: metrics
     path: /metrics

k8s/base/service.yaml

@@ -1,12 +1,12 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: service-quality-oracle
+  name: rewards-eligibility-oracle
   labels:
-    app: service-quality-oracle
+    app: rewards-eligibility-oracle
 spec:
   selector:
-    app: service-quality-oracle
+    app: rewards-eligibility-oracle
   ports:
     - name: metrics
       port: 8000

k8s/base/serviceaccount.yaml

@@ -1,9 +1,9 @@
 apiVersion: v1
 kind: ServiceAccount
 metadata:
-  name: service-quality-oracle
+  name: rewards-eligibility-oracle
   labels:
-    app: service-quality-oracle
+    app: rewards-eligibility-oracle
   annotations:
-    iam.gke.io/gcp-service-account: service-quality[email protected]
+    iam.gke.io/gcp-service-account: rewards-eligibility[email protected]
 automountServiceAccountToken: false

k8s/base/servicemonitor.yaml

@@ -1,13 +1,13 @@
 apiVersion: monitoring.coreos.com/v1
 kind: ServiceMonitor
 metadata:
-  name: service-quality-oracle
+  name: rewards-eligibility-oracle
   labels:
-    app: service-quality-oracle
+    app: rewards-eligibility-oracle
 spec:
   selector:
     matchLabels:
-      app: service-quality-oracle
+      app: rewards-eligibility-oracle
   endpoints:
   - port: metrics
     path: /metrics

k8s/configmap.yaml

@@ -0,0 +1,55 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: rewards-eligibility-oracle-config
+  labels:
+    app: rewards-eligibility-oracle
+data:
+  # BigQuery Configuration
+  BIGQUERY_LOCATION_ID: "US"
+  BIGQUERY_PROJECT_ID: "graph-mainnet"
+  BIGQUERY_DATASET_ID: "internal_metrics"
+  BIGQUERY_TABLE_ID: "metrics_indexer_attempts"
+  BIGQUERY_CURATION_TABLE_ID: "metrics_curator_signals"
+  BIGQUERY_CURATOR_MAINNET_TABLE_ID: "curator_name_signal_dimensions_daily"
+  BIGQUERY_CURATOR_ARBITRUM_TABLE_ID: "curator_name_signal_dimensions_arbitrum_daily"
+  BIGQUERY_SUBGRAPH_LOOKUP_TABLE_ID: "subgraph_version_id_lookup"
+  BIGQUERY_ANALYSIS_PERIOD_DAYS: "28"
+
+  # Blockchain Configuration (Arbitrum Sepolia)
+  BLOCKCHAIN_CONTRACT_ADDRESS: "0x6d5550698F930210c3f50efe744bF51C55D791f6"
+  BLOCKCHAIN_FUNCTION_NAME: "allowIndexers"
+  BLOCKCHAIN_CHAIN_ID: "421614"
+  BLOCK_EXPLORER_URL: "https://sepolia.arbiscan.io"
+  TX_TIMEOUT_SECONDS: "30"
+
+  # RPC Provider URLs (Arbitrum Sepolia)
+  BLOCKCHAIN_RPC_URL_1: "https://arbitrum-sepolia.drpc.org"
+  BLOCKCHAIN_RPC_URL_2: "https://sepolia-rollup.arbitrum.io/rpc"
+  BLOCKCHAIN_RPC_URL_3: "https://api.zan.top/arb-sepolia"
+  BLOCKCHAIN_RPC_URL_4: "https://arbitrum-sepolia.gateway.tenderly.co"
+
+  # Scheduling Configuration
+  SCHEDULED_RUN_TIME: "10:00"
+
+  # Subgraph URLs
+  SUBGRAPH_URL_PRE_PRODUCTION: "https://api.studio.thegraph.com/query/110664/issuance-eligibility-oracle/v0.1.4"
+  SUBGRAPH_URL_PRODUCTION: "https://gateway.thegraph.com/api/subgraphs/id/"
+
+  # Processing Configuration
+  BATCH_SIZE: "125"
+  MAX_AGE_BEFORE_DELETION: "120"
+
+  # Caching Configuration
+  CACHE_MAX_AGE_MINUTES: "30"
+  FORCE_BIGQUERY_REFRESH: "false"
+
+  # Eligibility Criteria
+  MIN_ONLINE_DAYS: "5"
+  MIN_SUBGRAPHS: "10"
+  MAX_LATENCY_MS: "5000"
+  MAX_BLOCKS_BEHIND: "50000"
+  MIN_CURATION_SIGNAL: "500"
+
+  # Runtime Configuration
+  RUN_ON_STARTUP: "true"