Conversation
|
Stacked on top of This PR contains only the Rust demo/doc changes and uses the Rust SDK directly for setup/teardown instead of shell scripts. |
natefikru
force-pushed
the
natefikru/eng-3860-consensus-demo-rust
branch
2 times, most recently
from
b0dcf2f to
b49de8a
Compare
natefikru
force-pushed
the
natefikru/eng-3860-consensus-approvals
branch
from
7016b93 to
52d511f
Compare
natefikru
force-pushed
the
natefikru/eng-3860-consensus-demo-rust
branch
from
b49de8a to
bed0560
Compare
Drop SSH-specific signing in favor of sign_raw_payload via TurnkeyClient. Replace CLI credential flags with env vars matching rust-sdk/examples. Remove unused user tag from demo state. Simplify docs.
natefikru
force-pushed
the
natefikru/eng-3860-consensus-demo-rust
branch
from
bed0560 to
16a7ae6
Compare
Add setup.sh, sign.sh, and teardown.sh scripts for the consensus demo. The sign script uses the tk CLI directly to demonstrate the end-to-end consensus flow. Remove localhost and internal stack references from docs and code.
Remove the Rust example's Sign subcommand and related SDK imports. Signing is done exclusively through the tk CLI via sign.sh, which is the point of the demo. Delete setup.sh and teardown.sh wrappers since the Rust example handles those directly. Clean up code and restructure docs as a numbered walkthrough.
natefikru
changed the base branch from
natefikru/eng-3860-consensus-approvals
to
main
Move sign.sh, README, and main.rs into tk/examples/consensus_demo/. Remove scripts/ and docs/consensus-demo.md. Update all path references in READMEs, sign.sh, and the Rust example output.
There was a problem hiding this comment.
Lets make this follow a similar format to how the rust SDK examples work: https://github.com/tkhq/rust-sdk/tree/main/examples
After thinking about it for a little bit, I want to try and keep the demo logic as simple as possible. I think to do this we should have the examples assume there are two static toml config files, one for a human root user and one for an agent. They would both be part of the same org, but the human is a root user while the agent is a non-root user. Similar to the rust SDK examples, the setup for both can be manual.
So the actual script would just be a single main function
- load configs for human and agent
- create a consensus policy that requires two approvers (can be super simple since we just want the agent request to return consensus needed)
- shell out to the CLI to do git-sign with the agent (use env override to specify path to agent config toml)
- take the activity id returned in the result of the git-sign error and use that shell out to the CLI to call activity approve from the human
And thats it. I think we don't need to worry about cleanup for now (its just the policy in this case). Once we get the CLI commands for resource create/delete we can show how to use them to setup an org such that it can be used for this demo, but I don't think that should be automated
2 participants
Summary
consensus_demo) that provisions demo resources (Ed25519 private key, agent user, consensus policy) via the Turnkey Rust SDKsign.shscript that drives thetkCLI (tk ssh public-key,tk ssh git-sign) to trigger a consensus-gated signing requesttk activity approve <fingerprint>with root credentialsFiles changed
tk/examples/consensus_demo.rs: Setup and teardown subcommands usingturnkey_clientdirectlyscripts/consensus-demo/sign.sh: Shell script that sources agent credentials and signs viatkCLIdocs/consensus-demo.md: Step-by-step walkthrough of the full demo flowtk/Cargo.toml: Addedserdeandturnkey_clientdev-dependencies for the exampleREADME.md,tk/README.md: Added link to consensus demo docsHow to test