fix: working on pulumi (#16)

* chore(release): publish

- project: apps-workloads-public-mesh-v2alpha-lighthouse 0.33.0

* fix: stabilizing

* fix: stabilizing

* fix: stabilizing

* fix: stabilizing

* fix: stabilizing

* fix: working on infrastructure with Pulumi

* fix: working on infrastructure with Pulumi

* fix: working on infrastructure with Pulumi

---------

Co-authored-by: Dimy Jeannot <>

Author: dimyjeannot

.config/goreleaser/dockerize.yaml

@@ -1,67 +1,84 @@
 # yaml-language-server: $schema=https://goreleaser.com/static/schema-pro.json
 version: 2
-dockers:
+variables:
+  project_name: ""
+kos:
+  - repositories:
+      - ghcr.io/openecosystems/{{ .Var.project_name }}
+      #- openecosystems/{{ .Var.project_name }}
+    tags:
+      - "{{.Version}}"
+      - "{{.Tag}}"
+      - latest
+      - "{{if not .Prerelease}}stable{{end}}"
+    bare: true
+    preserve_import_paths: false
+    platforms:
+      - linux/amd64
+      - linux/arm64
+      - darwin/amd64
+      - darwin/arm64
+      - windows/amd64
+      - windows/arm64
 
-  - #
-    id: ecosystem
-    goos: linux
-    goarch: amd64
-    goarm: "6"
-    goamd64: "v2"
-
-    # IDs to filter the binaries/packages.
-    #
-    # Make sure to only include the IDs of binaries you want to `COPY` in your
-    # Dockerfile.
-    #
-    # If you include IDs that don't exist or are not available for the current
-    # architecture being built, the build of the image will be skipped.
-    ids:
-      - app
-
-    image_templates:
-      - "openecosystems/ecosystem:latest"
-      - "openecosystems/ecosystem:{{ .Tag }}"
-      - "openecosystems/ecosystem:v{{ .Major }}"
-      - "gcr.io/openecosystems/ecosystem:latest"
-
-    # Skips the docker build.
-    # Could be useful if you want to skip building the windows docker image on
-    # linux, for example
-    #
-    # This option is only available on GoReleaser Pro.
-    # Templates: allowed.
-    skip_build: false
-
-    skip_push: false
-
-    # Path to the Dockerfile (from the project root).
-    #
-    # Default: 'Dockerfile'.
-    # Templates: allowed.
-    dockerfile: "Dockerfile"
-
-    # Use this instead of `dockerfile` if the contents of your Dockerfile are
-    # supposed to go through the template engine as well.
-    #
-    # `dockerfile` is ignored when this is set.
-    #
-    # This feature is only available in GoReleaser Pro.
-    # Templates: allowed.
-    #templated_dockerfile: "{{.Env.DOCKERFILE }}"
-
-    # Valid options are: docker, buildx, podman.
-    use: docker
-
-    build_flag_templates:
-      - "--pull"
-      - "--label=org.opencontainers.image.created={{.Date}}"
-      - "--label=org.opencontainers.image.title={{.ProjectName}}"
-      - "--label=org.opencontainers.image.revision={{.FullCommit}}"
-      - "--label=org.opencontainers.image.version={{.Version}}"
-      - "--platform=linux/arm64"
-
-    # Extra flags to be passed down to the push command.
-    push_flags:
-      - --tls-verify=false
 
+#dockers:
+#  - image_templates: [ "openecosystems/{{ .ProjectName }}:{{ .Version }}-amd64" ]
+#    dockerfile: Dockerfile
+#    use: podman
+#    build_flag_templates:
+#      - --platform=linux/amd64
+#      - --label=org.opencontainers.image.title={{ .ProjectName }}
+#      - --label=org.opencontainers.image.description={{ .ProjectName }}
+#      - --label=org.opencontainers.image.url=https://github.com/openecosystems/{{ .ProjectName }}
+#      - --label=org.opencontainers.image.source=https://github.com/openecosystems/{{ .ProjectName }}
+#      - --label=org.opencontainers.image.version={{ .Version }}
+#      - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}
+#      - --label=org.opencontainers.image.revision={{ .FullCommit }}
+#      - --label=org.opencontainers.image.licenses=Apache-2.0
+#    extra_files:
+#      - spec.yaml
+#      - package.json
+#  - image_templates: ["ghcr.io/openecosystems/{{ .ProjectName }}:{{ .Version }}-amd64"]
+#    dockerfile: Dockerfile
+#    use: podman
+#    build_flag_templates:
+#      - --platform=linux/amd64
+#      - --label=org.opencontainers.image.title={{ .ProjectName }}
+#      - --label=org.opencontainers.image.description={{ .ProjectName }}
+#      - --label=org.opencontainers.image.url=https://github.com/openecosystems/{{ .ProjectName }}
+#      - --label=org.opencontainers.image.source=https://github.com/openecosystems/{{ .ProjectName }}
+#      - --label=org.opencontainers.image.version={{ .Version }}
+#      - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}
+#      - --label=org.opencontainers.image.revision={{ .FullCommit }}
+#      - --label=org.opencontainers.image.licenses=Apache-2.0
+#    extra_files:
+#      - spec.yaml
+#      - package.json
+#  - image_templates: ["ghcr.io/openecosystems/{{ .ProjectName }}:{{ .Version }}-arm64v8"]
+#    goarch: arm64
+#    dockerfile: Dockerfile
+#    use: podman
+#    build_flag_templates:
+#      - --platform=linux/arm64/v8
+#      - --label=org.opencontainers.image.title={{ .ProjectName }}
+#      - --label=org.opencontainers.image.description={{ .ProjectName }}
+#      - --label=org.opencontainers.image.url=https://github.com/openecosystems/{{ .ProjectName }}
+#      - --label=org.opencontainers.image.source=https://github.com/openecosystems/{{ .ProjectName }}
+#      - --label=org.opencontainers.image.version={{ .Version }}
+#      - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}
+#      - --label=org.opencontainers.image.revision={{ .FullCommit }}
+#      - --label=org.opencontainers.image.licenses=Apache-2.0
+#    extra_files:
+#      - spec.yaml
+#      - package.json
+#docker_manifests:
+#  - name_template: ghcr.io/openecosystems/{{ .ProjectName }}:{{ .Version }}
+#    image_templates:
+#      - ghcr.io/openecosystems/{{ .ProjectName }}:{{ .Version }}-amd64
+#      - ghcr.io/openecosystems/{{ .ProjectName }}:{{ .Version }}-arm64v8
+#  - name_template: ghcr.io/openecosystems/{{ .ProjectName }}:latest
+#    image_templates:
+#      - ghcr.io/openecosystems/{{ .ProjectName }}:{{ .Version }}-amd64
+#      - ghcr.io/openecosystems/{{ .ProjectName }}:{{ .Version }}-arm64v8
+#

.github/workflows/nightly.yml

@@ -3,12 +3,16 @@
 name: nightly
 
 on:
-  schedule:
-    - cron:  '0 0 * * 2-6' # At 12:00 AM, Tuesday through Saturday
+  push:
+    branches-ignore:
+      - main
+#on:
+#  schedule:
+#    - cron:  '0 0 * * 2-6' # At 12:00 AM, Tuesday through Saturday
 
-concurrency:
-  group: nightly
-  cancel-in-progress: true
+#concurrency:
+#  group: nightly
+#  cancel-in-progress: true
 
 jobs:
   nightly:

apps/clients/public/cli/v2alpha/oeco/docs/flow.md

@@ -18,8 +18,9 @@ sequenceDiagram
     C-->>M: Validates certificate, <br/> signs, and adds a hostname, <br/> and allocates an <br/> IP address for <br/> mesh addressibility
     M-->>c: Byte buffered response <br/> using the security <br/> model codec
 ```
+
 ## Connector Signature, Validation, and Association
-create a connector account. upload crt to be signed by central ca server. ca server provisions an IP address on the network. and a unique hostname and ip. system.api.organization.mesh/v2alpha/connector. this gets co verted to the nats channel: system.api.organization.b2alpha.connector or mesh.organization.api.system.v2alha.connector
+create a connector account. upload crt to be signed by central ca server. ca server provisions an IP address on the network. and a unique hostname and ip. system.api.organization.mesh/v2alpha/connector. this gets converted to the nats channel: system.api.organization.b2alpha.connector or mesh.organization.api.system.v2alha.connector
 store this hostname in KV. store ip address in KV. ip is key, value is host. host is key, value is ip
 we need a single key to find the next available IP address. ideally not sequentially.
 this will auto register with dns.
@@ -40,3 +41,45 @@ sequenceDiagram
     M-->>U: Byte buffered response <br/> using the security <br/> model codec
 ```
 
+## Traffic Flow Across Ports
+For the Edge Router, there is a single port:
+- 443/tcp
+  - All internet facing traffic goes through this choke point
+
+For the Event Multiplexer, there are three ports:
+- 4222/tcp (Nats over mesh socket)
+    - Nats is accessible over the mesh overlay network
+- 4242/udp (Nebula)
+- 6477/tcp (gRPC/REST/Connect)
+    - Serves as API gateway for both internet and mesh traffic
+    - Available over the public internet only through the event-router
+    - Secured by mTLS
+
+
+```mermaid
+sequenceDiagram
+    autonumber
+    participant c as Client
+    participant R as Edge Router
+    participant M as Multiplexer
+    participant C as Connector
+
+    c->>R: Makes a public-facing request
+    R->>M: Routes request to Multiplexer
+    M->>C: Finds available <br/> Connector, <br/> and routes traffic <br/>with requested codec.
+    C-->>M: Handles request
+    M-->>R: Byte buffered response <br/> using the security <br/> model codec
+    R-->>c: Byte buffered response <br/> using the security <br/> model codec
+
+```
+
+## Traffic Flow Across Meshes
+Once client connection to mesh is established, all traffic no longer goes through edge-router (Ideally it does, revisit this)
+
+Now, .mesh urls are now available. For example: system.api.organization.mesh/v2alpha/connector
+
+There are patient, private, and public ecosystems.
+An organization can create either a private or public ecosystem.
+By default, Open Economic Systems creates a public ecosystem.
+- system.api.oeco.mesh/v2alpha/connector
+

apps/workloads/private/event/v2alpha/event-multiplexer/.goreleaser.yaml

@@ -5,6 +5,7 @@ project_name: apps-workloads-private-event-v2alpha-event-multiplexer
 variables:
   path_to_repo_root: "../../../../../../"
   path_to_project: "apps/workloads/private/event/v2alpha/event-multiplexer"
+  project_name: "event-multiplexer"
 
 dist: ./dist/apps/workloads/private/event/v2alpha/event-multiplexer/release
 
@@ -44,65 +45,3 @@ kos:
       - darwin/arm64
       - windows/amd64
       - windows/arm64
-
-
-#dockers:
-#  - image_templates: [ "openecosystems/{{ .ProjectName }}:{{ .Version }}-amd64" ]
-#    dockerfile: Dockerfile
-#    use: podman
-#    build_flag_templates:
-#      - --platform=linux/amd64
-#      - --label=org.opencontainers.image.title={{ .ProjectName }}
-#      - --label=org.opencontainers.image.description={{ .ProjectName }}
-#      - --label=org.opencontainers.image.url=https://github.com/openecosystems/{{ .ProjectName }}
-#      - --label=org.opencontainers.image.source=https://github.com/openecosystems/{{ .ProjectName }}
-#      - --label=org.opencontainers.image.version={{ .Version }}
-#      - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}
-#      - --label=org.opencontainers.image.revision={{ .FullCommit }}
-#      - --label=org.opencontainers.image.licenses=Apache-2.0
-#    extra_files:
-#      - spec.yaml
-#      - package.json
-#  - image_templates: ["ghcr.io/openecosystems/{{ .ProjectName }}:{{ .Version }}-amd64"]
-#    dockerfile: Dockerfile
-#    use: podman
-#    build_flag_templates:
-#      - --platform=linux/amd64
-#      - --label=org.opencontainers.image.title={{ .ProjectName }}
-#      - --label=org.opencontainers.image.description={{ .ProjectName }}
-#      - --label=org.opencontainers.image.url=https://github.com/openecosystems/{{ .ProjectName }}
-#      - --label=org.opencontainers.image.source=https://github.com/openecosystems/{{ .ProjectName }}
-#      - --label=org.opencontainers.image.version={{ .Version }}
-#      - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}
-#      - --label=org.opencontainers.image.revision={{ .FullCommit }}
-#      - --label=org.opencontainers.image.licenses=Apache-2.0
-#    extra_files:
-#      - spec.yaml
-#      - package.json
-#  - image_templates: ["ghcr.io/openecosystems/{{ .ProjectName }}:{{ .Version }}-arm64v8"]
-#    goarch: arm64
-#    dockerfile: Dockerfile
-#    use: podman
-#    build_flag_templates:
-#      - --platform=linux/arm64/v8
-#      - --label=org.opencontainers.image.title={{ .ProjectName }}
-#      - --label=org.opencontainers.image.description={{ .ProjectName }}
-#      - --label=org.opencontainers.image.url=https://github.com/openecosystems/{{ .ProjectName }}
-#      - --label=org.opencontainers.image.source=https://github.com/openecosystems/{{ .ProjectName }}
-#      - --label=org.opencontainers.image.version={{ .Version }}
-#      - --label=org.opencontainers.image.created={{ time "2006-01-02T15:04:05Z07:00" }}
-#      - --label=org.opencontainers.image.revision={{ .FullCommit }}
-#      - --label=org.opencontainers.image.licenses=Apache-2.0
-#    extra_files:
-#      - spec.yaml
-#      - package.json
-#docker_manifests:
-#  - name_template: ghcr.io/openecosystems/{{ .ProjectName }}:{{ .Version }}
-#    image_templates:
-#      - ghcr.io/openecosystems/{{ .ProjectName }}:{{ .Version }}-amd64
-#      - ghcr.io/openecosystems/{{ .ProjectName }}:{{ .Version }}-arm64v8
-#  - name_template: ghcr.io/openecosystems/{{ .ProjectName }}:latest
-#    image_templates:
-#      - ghcr.io/openecosystems/{{ .ProjectName }}:{{ .Version }}-amd64
-#      - ghcr.io/openecosystems/{{ .ProjectName }}:{{ .Version }}-arm64v8
-#

apps/workloads/public/mesh/v2alpha/cryptographic-mesh/README.md

@@ -41,6 +41,7 @@ ssh-add ~/.ssh/id_ed25519
 
 # Enable CAP_NET for TUN device
 setcap cap_net_admin=+pe /nebula
+setcap cap_net_admin=+pe /lighthouse
 
 
 ## Disable IpV6

apps/workloads/public/mesh/v2alpha/lighthouse/.goreleaser.yaml

@@ -0,0 +1,48 @@
+# yaml-language-server: $schema=https://goreleaser.com/static/schema-pro.json
+version: 2
+project_name: apps-workloads-public-mesh-v2alpha-lighthouse
+
+variables:
+  path_to_repo_root: "../../../../../../"
+  path_to_project: "apps/workloads/public/mesh/v2alpha/lighthouse"
+  project_name: "lighthouse"
+
+dist: ./dist/apps/workloads/public/mesh/v2alpha/lighthouse/release
+
+monorepo:
+  tag_prefix: "apps-workloads-public-mesh-v2alpha-lighthouse/"
+  dir: apps/workloads/public/mesh/v2alpha/lighthouse
+
+includes:
+  - from_file:
+      path: ./.config/goreleaser/goreleaser.workload.yaml
+#  - from_file:
+#      path: ./.config/goreleaser/notarize.yaml
+#  - from_file:
+#      path: ./.config/goreleaser/dockerize.yaml
+
+nightly:
+  version_template: "{{ incpatch .Version }}-devel"
+  tag_name: "apps-workloads-public-mesh-v2alpha-lighthouse/devel"
+  publish_release: true
+  keep_single_release: true
+
+
+kos:
+  - repositories:
+      - ghcr.io/openecosystems/lighthouse
+      #- openecosystems/lighthouse
+    tags:
+      - "{{.Version}}"
+      - "{{.Tag}}"
+      - latest
+      - "{{if not .Prerelease}}stable{{end}}"
+    bare: true
+    preserve_import_paths: false
+    platforms:
+      - linux/amd64
+      - linux/arm64
+      - darwin/amd64
+      - darwin/arm64
+      - windows/amd64
+      - windows/arm64

apps/workloads/public/mesh/v2alpha/lighthouse/CHANGELOG.md

@@ -0,0 +1,10 @@
+## 0.33.0 (2024-12-31)
+
+### 🚀 Features
+
+- additional capabilities ([#1](https://github.com/openecosystems/ecosystem/pull/1))
+- initial commit made open source ([f53e868](https://github.com/openecosystems/ecosystem/commit/f53e868))
+
+### ❤️ Thank You
+
+- Dimy Jeannot @dimyjeannot

apps/workloads/public/mesh/v2alpha/lighthouse/package.json

@@ -1,6 +1,6 @@
 {
   "name": "workloads-public-mesh-v2alpha-lighthouse",
-  "version": "0.32.0",
+  "version": "0.33.0",
   "description": "Cryptographic Mesh Lighthouse",
   "private": true,
   "license": "Apache-2.0"