Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: update agent and add log_visibility support #3782

Merged
merged 9 commits into from
Jun 11, 2024
Merged

feat: update agent and add log_visibility support #3782

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
1ccfbbb
feat: update agent and add log_visibility support
sesi200 Jun 5, 2024
ddf3e75
update schema
sesi200 Jun 5, 2024
b4363ba
clippy
sesi200 Jun 5, 2024
44f85b9
Merge branch 'master' into SDK-1543-log-visibility
sesi200 Jun 6, 2024
4fdd46c
rm .call_and_wait()
sesi200 Jun 6, 2024
db691cb
clippy
sesi200 Jun 6, 2024
2e6f784
address feedback
sesi200 Jun 7, 2024
c02017a
Merge branch 'master' into SDK-1543-log-visibility
sesi200 Jun 7, 2024
caf6b15
Update src/dfx-core/src/error/dfx_config.rs
sesi200 Jun 10, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 6 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,12 @@ different replica version or different replica options.

It doesn't apply to `--pocketic` because PocketIC does not yet persist any data.

### feat: `log_visibility` canister setting

Adds support for the `log_visibility` canister setting, which configures which users are allowed to read a canister's logs.
Valid options are `controllers` and `public`. The setting can be used with the `--log-visibility` flag in `dfx canister create`
and `dfx canister update-settings`, or in `dfx.json` under `canisters[].initialization_values.log_visibility`.

## Dependencies

### Frontend canister
Expand Down
28 changes: 16 additions & 12 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 3 additions & 3 deletions Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,11 +21,11 @@ license = "Apache-2.0"
[workspace.dependencies]
candid = "0.10.4"
candid_parser = "0.1.4"
ic-agent = { git = "https://github.com/dfinity/agent-rs.git", rev = "8273d321e9a09fd8373bd4e38b0676ec6ad9c260" }
ic-agent = "0.36.0"
ic-asset = { path = "src/canisters/frontend/ic-asset" }
ic-cdk = "0.13.1"
ic-identity-hsm = { git = "https://github.com/dfinity/agent-rs.git", rev = "8273d321e9a09fd8373bd4e38b0676ec6ad9c260" }
ic-utils = { git = "https://github.com/dfinity/agent-rs.git", rev = "8273d321e9a09fd8373bd4e38b0676ec6ad9c260" }
ic-identity-hsm = "0.36.0"
ic-utils = "0.36.0"

aes-gcm = "0.10.3"
anyhow = "1.0.56"
Expand Down
2 changes: 2 additions & 0 deletions docs/cli-reference/dfx-canister.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -255,6 +255,7 @@ You can use the following options with the `dfx canister create` command.
| `--memory-allocation <memory>` | Specifies how much memory the canister is allowed to use in total. This should be a value in the range [0..12 GiB]. A setting of 0 means the canister will have access to memory on a “best-effort” basis: It will only be charged for the memory it uses, but at any point in time may stop running if it tries to allocate more memory when there isn’t space available on the subnet. |
| `--reserved-cycles-limit <limit>` | Specifies the upper limit for the canister's reserved cycles. |
| `--wasm-memory-limit <limit>` | Specifies a soft upper limit for the canister's heap memory. |
| `--log-visibility <visibility>` | Specifies who is allowed to read the canister's logs. Can be either "controllers" or "public". |
| `--no-wallet` | Performs the call with the user Identity as the Sender of messages. Bypasses the Wallet canister. Enabled by default. |
| `--with-cycles <number-of-cycles>` | Specifies the initial cycle balance to deposit into the newly created canister. The specified amount needs to take the canister create fee into account. This amount is deducted from the wallet's cycle balance. |
| `--specified-id <PRINCIPAL>` | Attempts to create the canister with this Canister ID |
Expand Down Expand Up @@ -993,6 +994,7 @@ You can specify the following options for the `dfx canister update-settings` com
| `--memory-allocation <allocation>` | Specifies how much memory the canister is allowed to use in total. This should be a value in the range [0..12 GiB]. A setting of 0 means the canister will have access to memory on a “best-effort” basis: It will only be charged for the memory it uses, but at any point in time may stop running if it tries to allocate more memory when there isn’t space available on the subnet. |
| `--reserved-cycles-limit <limit>` | Specifies the upper limit of the canister's reserved cycles. |
| `--wasm-memory-limit <limit>` | Specifies a soft upper limit for the canister's heap memory. |
| `--log-visibility <visibility>` | Specifies who is allowed to read the canister's logs. Can be either "controllers" or "public". |
| `--remove-controller <principal>` | Removes a principal from the list of controllers of the canister. |
| `--freezing-threshold <seconds>` | Set the [freezing threshold](https://internetcomputer.org/docs/current/references/ic-interface-spec/#ic-create_canister) in seconds for a canister. This should be a value in the range [0..2^64^-1]. Very long thresholds require the `--confirm-very-long-freezing-threshold` option. |
| `-y`, `--yes` | Skips yes/no checks by answering 'yes'. Such checks can result in loss of control, so this is not recommended outside of CI. |
Expand Down
34 changes: 22 additions & 12 deletions docs/dfx-json-schema.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@
"integer",
"string"
],
"pattern": "^[0-9]+( *([KkMmGgTtPpEeZzYy]i?)?B)?$"
"pattern": "^[0-9]+( *([KkMmGgTtPpEeZzYy]i?)?[Bb])?$"
},
"CanisterDeclarationsConfig": {
"title": "Declarations Configuration",
Expand Down Expand Up @@ -136,6 +136,13 @@
}
}
},
"CanisterLogVisibility": {
"type": "string",
"enum": [
"controllers",
"public"
]
},
"CanisterMetadataSection": {
"title": "Canister Metadata Configuration",
"description": "Configures a custom metadata section for the canister wasm. dfx uses the first definition of a given name matching the current network, ignoring any of the same name that follow.",
Expand Down Expand Up @@ -209,7 +216,7 @@
},
"package": {
"title": "Package Name",
"description": "Name of the rust package that compiles to this canister's Wasm binary.",
"description": "Name of the rust package that compiles to this canister's Wasm.",
"type": "string"
},
"type": {
Expand Down Expand Up @@ -410,6 +417,7 @@
"default": {
"compute_allocation": null,
"freezing_threshold": null,
"log_visibility": null,
"memory_allocation": null,
"reserved_cycles_limit": null,
"wasm_memory_limit": null
Expand Down Expand Up @@ -440,7 +448,6 @@
"optimize": {
"title": "Optimize Canister Wasm",
"description": "Invoke wasm level optimizations after building the canister. Optimization level can be set to \"cycles\" to optimize for cycle usage, \"size\" to optimize for binary size, or any of \"O4, O3, O2, O1, O0, Oz, Os\". Disabled by default. If this option is specified, the `shrink` option will be ignored.",
"default": null,
"anyOf": [
{
"$ref": "#/definitions/WasmOptLevel"
Expand All @@ -463,7 +470,6 @@
"pullable": {
"title": "Pullable",
"description": "Defines required properties so that this canister is ready for `dfx deps pull` by other projects.",
"default": null,
"anyOf": [
{
"$ref": "#/definitions/Pullable"
Expand All @@ -476,7 +482,6 @@
"remote": {
"title": "Remote Configuration",
"description": "Used to mark the canister as 'remote' on certain networks.",
"default": null,
"anyOf": [
{
"$ref": "#/definitions/ConfigCanistersCanisterRemote"
Expand Down Expand Up @@ -505,7 +510,6 @@
"tech_stack": {
"title": "Tech Stack",
"description": "Defines the tech stack used to build this canister.",
"default": null,
"anyOf": [
{
"$ref": "#/definitions/TechStack"
Expand Down Expand Up @@ -637,7 +641,6 @@
"nodes": {
"title": "Available Nodes",
"description": "Addresses of nodes to connect to (in case discovery from seeds is not possible/sufficient).",
"default": null,
"type": [
"array",
"null"
Expand Down Expand Up @@ -917,7 +920,6 @@
"compute_allocation": {
"title": "Compute Allocation",
"description": "Must be a number between 0 and 100, inclusively. It indicates how much compute power should be guaranteed to this canister, expressed as a percentage of the maximum compute power that a single canister can allocate.",
"default": null,
"anyOf": [
{
"$ref": "#/definitions/PossiblyStr_for_uint64"
Expand All @@ -930,16 +932,26 @@
"freezing_threshold": {
"title": "Freezing Threshold",
"description": "Freezing threshould of the canister, measured in seconds. Valid inputs are numbers (seconds) or strings parsable by humantime (e.g. \"15days 2min 2s\").",
"default": null,
"type": [
"string",
"null"
]
},
"log_visibility": {
"title": "Log Visibility",
"description": "Specifies who is allowed to read the canister's logs.\n\nCan be \"public\" or \"controllers\".",
"anyOf": [
{
"$ref": "#/definitions/CanisterLogVisibility"
},
{
"type": "null"
}
]
},
"memory_allocation": {
"title": "Memory Allocation",
"description": "Maximum memory (in bytes) this canister is allowed to occupy. Can be specified as an integer, or as an SI unit string (e.g. \"4KB\", \"2 MiB\")",
"default": null,
"anyOf": [
{
"$ref": "#/definitions/Byte"
Expand All @@ -952,7 +964,6 @@
"reserved_cycles_limit": {
"title": "Reserved Cycles Limit",
"description": "Specifies the upper limit of the canister's reserved cycles balance.\n\nReserved cycles are cycles that the system sets aside for future use by the canister. If a subnet's storage exceeds 450 GiB, then every time a canister allocates new storage bytes, the system sets aside some amount of cycles from the main balance of the canister. These reserved cycles will be used to cover future payments for the newly allocated bytes. The reserved cycles are not transferable and the amount of reserved cycles depends on how full the subnet is.\n\nA setting of 0 means that the canister will trap if it tries to allocate new storage while the subnet's memory usage exceeds 450 GiB.",
"default": null,
"type": [
"integer",
"null"
Expand All @@ -963,7 +974,6 @@
"wasm_memory_limit": {
"title": "Wasm Memory Limit",
"description": "Specifies a soft limit (in bytes) on the Wasm memory usage of the canister.\n\nUpdate calls, timers, heartbeats, installs, and post-upgrades fail if the Wasm memory usage exceeds this limit. The main purpose of this setting is to protect against the case when the canister reaches the hard 4GiB limit.\n\nMust be a number of bytes between 0 and 2^48 (i.e. 256 TiB), inclusive. Can be specified as an integer, or as an SI unit string (e.g. \"4KB\", \"2 MiB\")",
"default": null,
"anyOf": [
{
"$ref": "#/definitions/Byte"
Expand Down
1 change: 0 additions & 1 deletion docs/networks-json-schema.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,6 @@
"nodes": {
"title": "Available Nodes",
"description": "Addresses of nodes to connect to (in case discovery from seeds is not possible/sufficient).",
"default": null,
"type": [
"array",
"null"
Expand Down
14 changes: 14 additions & 0 deletions e2e/tests-dfx/create.bash
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -328,6 +328,7 @@ teardown() {
"memory_allocation": "2 GiB",
"reserved_cycles_limit": 1000000000000,
"wasm_memory_limit": "1 GiB",
"log_visibility": "public",
}' dfx.json | sponge dfx.json
dfx_start
assert_command dfx deploy e2e_project_backend --no-wallet
Expand All @@ -337,4 +338,17 @@ teardown() {
assert_contains 'Reserved cycles limit: 1_000_000_000_000'
assert_contains 'Wasm memory limit: 1_073_741_824'
assert_contains 'Freezing threshold: 604_800'
assert_contains 'Log visibility: public'
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we update an existing test to show that dfx by default creates canister with controllers log visibility?

}

@test "create with default settings" {
dfx_start
assert_command dfx deploy e2e_project_backend
assert_command dfx canister status e2e_project_backend
assert_contains 'Memory allocation: 0'
assert_contains 'Compute allocation: 0'
assert_contains 'Reserved cycles limit: 5_000_000_000_000'
assert_contains 'Wasm memory limit: 0'
assert_contains 'Freezing threshold: 2_592_000'
assert_contains 'Log visibility: controllers'
}
14 changes: 14 additions & 0 deletions e2e/tests-dfx/update_settings.bash
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,20 @@ teardown() {
assert_contains "Canister exceeded its current Wasm memory limit of 8 bytes"
}

@test "set log visibility" {
dfx_new
dfx_start
assert_command dfx deploy e2e_project_backend
assert_command dfx canister status e2e_project_backend
assert_contains "Log visibility: controllers"
assert_command dfx canister update-settings e2e_project_backend --log-visibility public
assert_command dfx canister status e2e_project_backend
assert_contains "Log visibility: public"
assert_command dfx canister update-settings e2e_project_backend --log-visibility controllers
assert_command dfx canister status e2e_project_backend
assert_contains "Log visibility: controllers"
}

@test "set controller" {
# Create two identities
assert_command dfx identity new --storage-mode plaintext alice
Expand Down
10 changes: 1 addition & 9 deletions src/canisters/frontend/ic-asset/src/canister_api/methods/batch.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,6 @@ pub(crate) async fn create_batch(canister: &Canister<'_>) -> Result<Nat, AgentEr
.with_arg(&create_batch_args)
.build()
.map(|result: (CreateBatchResponse,)| (result.0.batch_id,))
.call_and_wait()
.await;
match response {
Ok((batch_id,)) => break Ok(batch_id),
Expand Down Expand Up @@ -57,13 +56,7 @@ pub(crate) async fn submit_commit_batch<T: CandidType + Sync>(
.build();

loop {
match canister
.update(method_name)
.with_arg(&arg)
.build()
.call_and_wait()
.await
{
match canister.update(method_name).with_arg(&arg).build().await {
Ok(()) => return Ok(()),
Err(agent_err) if !retryable(&agent_err) => {
return Err(agent_err);
Expand Down Expand Up @@ -107,7 +100,6 @@ pub(crate) async fn compute_evidence(
.with_arg(arg)
.build()
.map(|result: (Option<ByteBuf>,)| (result.0,))
.call_and_wait()
.await
{
Ok(x) => return Ok(x.0),
Expand Down
2 changes: 0 additions & 2 deletions src/dfx-core/src/canister/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,6 @@ YOU WILL LOSE ALL DATA IN THE CANISTER.
.with_raw_arg(args.to_vec())
.with_mode(mode);
install_builder
.call_and_wait()
.await
.map_err(CanisterInstallError::InstallWasmError)
}
Expand All @@ -87,7 +86,6 @@ YOU WILL LOSE ALL DATA IN THE CANISTER.
Argument::from_candid((install_args,)),
0,
)
.call_and_wait()
.await
.map_err(CanisterInstallError::InstallWasmError)
}
Expand Down
Loading
Loading