Conversation
* feat(nodectl): v0.3.0 migration * refactor: make fmt * fix(service): update DEPLOY_AMOUNT comment for clarity on gas costs * ci: add nodectl container release workflow * ci: add nodectl release workflow with cross-platform binaries and dry-run * ci: dry-run auto-trigger from branch, remove artifact upload * ci: add fail-fast: false to binary build matrix * ci: use native runners instead of cross, fix macOS Intel * ci: drop macOS Intel target from nodectl builds * ci: remove nodectl release dry-run workflow * docs: rewrite RELEASE.md for monorepo workflow, drop develop branch --------- Co-authored-by: inyellowbus <inyellowbus@gmail.com>
- Add instructions for exposing the REST API externally and fix default HTTP bind address - Enhance Helm chart service and network policy configurations for external access - Add first elections guide and manual staking instructions to nodectl docs
There was a problem hiding this comment.
Pull request overview
Release PR for nodectl v0.3.0, expanding the node-control service with JWT auth + Swagger bearer support, richer elections/validators monitoring, CLI UX improvements (tables/json/filter), and Helm/CI/release process updates.
Changes:
- Add JWT-based REST authentication with runtime-config hot reload, Swagger
bearerAuth, and new CLI auth/login flows. - Extend elections/validators snapshots (participants view, validator key metadata, next vset/p36 support) and CLI table output + filtering.
- Bump crate/chart versions to 0.3.0, refresh docs/changelog, and add a dedicated nodectl release workflow.
Reviewed changes
Copilot reviewed 51 out of 52 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| src/node-control/ton-http-api-client/src/v2/client_json_rpc.rs | Improves JSON-RPC error context messages. |
| src/node-control/ton-http-api-client/Cargo.toml | Bumps crate version and removes unused deps. |
| src/node-control/service/src/http/http_server_task.rs | Always-instantiated JWT auth + middleware-based enforcement; elections response/query additions; OpenAPI bearer auth scheme. |
| src/node-control/service/src/http/auth_tests.rs | Updates auth tests for new JwtAuth API + always-present auth manager. |
| src/node-control/service/src/contracts/contracts_task.rs | Raises deploy balance threshold and updates docs/comments. |
| src/node-control/service/src/auth/middleware.rs | Auth decision moved to “live config” check for runtime enable/disable. |
| src/node-control/service/src/auth/jwt.rs | Refactors JwtAuth construction and makes token TTL caller-provided for hot reload. |
| src/node-control/service/Cargo.toml | Version bump + dependency cleanup. |
| src/node-control/nodectl/src/app_cli_args.rs | Extends --version output with build metadata. |
| src/node-control/nodectl/Cargo.toml | Adds build script hook and bumps version/metadata. |
| src/node-control/elections/src/runner_tests.rs | Adds coverage for lifecycle statuses, participant stake stats, p36 access, and pubkey encoding changes. |
| src/node-control/elections/src/runner.rs | Adds p36 support, stake submission history, our-participants snapshot, and richer validator key metadata in snapshots. |
| src/node-control/elections/src/providers/traits.rs | Extends provider trait with get_next_vset. |
| src/node-control/elections/src/providers/default.rs | Implements config param 36 parsing for “next vset” support. |
| src/node-control/elections/Cargo.toml | Version bump + dependency cleanup. |
| src/node-control/docs/nodectl-setup.md | Reorders setup flow and adds REST auth configuration section. |
| src/node-control/docs/nodectl-security.md | Adds operational-state model + detailed TTL/TLS/auth behavior docs. |
| src/node-control/control-client/src/config_params.rs | Generalizes validator set parsing; adds p36 parser. |
| src/node-control/control-client/Cargo.toml | Version bump + dependency cleanup. |
| src/node-control/contracts/Cargo.toml | Version bump + dependency cleanup. |
| src/node-control/common/src/ton_utils.rs | Adds TON display helpers for CLI formatting. |
| src/node-control/common/src/snapshot.rs | Extends snapshot schema (our participants, stake min/max, validator key metadata, validation range, etc.). |
| src/node-control/common/src/app_config.rs | Makes auth enabled by default; default bind changes; updates auth docs. |
| src/node-control/common/Cargo.toml | Version bump + dependency cleanup. |
| src/node-control/commands/src/commands/nodectl/utils.rs | Improves warnings, adds TON API connectivity check, refactors wallet address/info helpers. |
| src/node-control/commands/src/commands/nodectl/service_api_cmd.rs | Adds elections/validators table/json output + filtering and auth token/url behavior updates. |
| src/node-control/commands/src/commands/nodectl/output_format.rs | Introduces shared OutputFormat enum. |
| src/node-control/commands/src/commands/nodectl/mod.rs | Exposes new output_format module. |
| src/node-control/commands/src/commands/nodectl/master_wallet_cmd.rs | Adds --format support and richer master-wallet output. |
| src/node-control/commands/src/commands/nodectl/config_wallet_cmd.rs | Adds wallet ls json/table, TON API graceful degradation, and manual stake command + confirmations. |
| src/node-control/commands/src/commands/nodectl/config_pool_cmd.rs | Adds --format + unified TON API warning + structured output views. |
| src/node-control/commands/src/commands/nodectl/config_node_cmd.rs | Adds --format + JSON output for node listing. |
| src/node-control/commands/src/commands/nodectl/config_log_cmd.rs | Switches to shared OutputFormat. |
| src/node-control/commands/src/commands/nodectl/config_elections_cmd.rs | Switches to shared OutputFormat. |
| src/node-control/commands/src/commands/nodectl/config_bind_cmd.rs | Adds --format + JSON output for bindings listing. |
| src/node-control/commands/src/commands/nodectl/auth_cmd.rs | Updates auth enable/disabled messaging. |
| src/node-control/commands/Cargo.toml | Version bump + dependency cleanup. |
| src/node-control/README.md | Documents new auth flows, REST API behavior, new flags, and manual stake. |
| src/node-control/CHANGELOG.md | Adds v0.3.0 changelog entry in Keep-a-Changelog format. |
| src/Cargo.lock | Updates lockfile for version bumps and dependency removals. |
| nodectl/CHANGELOG.md | Removes obsolete duplicate changelog (now consolidated). |
| helm/nodectl/values.yaml | Bumps image tag; adds service/networkPolicy options and docs. |
| helm/nodectl/templates/service.yaml | Adds service fields (clusterIP/LB IP/externalTrafficPolicy/nodePort/targetPort). |
| helm/nodectl/templates/networkpolicy.yaml | Replaces allowCIDRs with allowFrom peers. |
| helm/nodectl/docs/setup.md | Adds REST auth setup guidance; updates probe/bind notes. |
| helm/nodectl/docs/first-elections.md | Adds first-elections migration/staking guidance doc. |
| helm/nodectl/README.md | Links new docs. |
| helm/nodectl/Chart.yaml | Chart/appVersion bump. |
| helm/nodectl/CHANGELOG.md | Adds chart v0.2.0 entry documenting new values. |
| RELEASE.md | Updates release branching/tagging and CI/release process docs. |
| .github/workflows/nodectl-release.yml | Adds multi-platform binary + container publishing workflow for nodectl tags. |
| .github/workflows/ci.yml | Narrows PR CI branches to master + release/**. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| ); | ||
| println!(" {}", "─".repeat(125).dimmed()); | ||
|
|
||
| let red_dash = Cow::Borrowed(&"-".red()); |
There was a problem hiding this comment.
let red_dash = Cow::Borrowed(&"-".red()); stores a reference to a temporary ColoredString produced by "-".red(). That temporary will be dropped immediately, so this won’t compile (borrowed value does not live long enough). Store the colored dash in a local variable first (e.g., keep a ColoredString), or use Cow::Owned instead of borrowing a temporary.
Suggested change
| let red_dash = Cow::Borrowed(&"-".red()); | |
| let red_dash = Cow::Owned("-".red()); |
ITBear
approved these changes
Mar 25, 2026
Lapo4kaKek
approved these changes
Mar 25, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Added
NODECTL_API_TOKENenv support; newauthandapi loginCLI commands/v1/electionsAPI endpoint andnodectl api electionsCLI table with participation lifecycle tracking (Idle → Participating → Submitted → Accepted → Elected → Validating), stake sums, and election metadata/v1/validatorsAPI endpoint andnodectl api validatorscommand displays validator information including validator key with election ID, created/expires timestamps, validator status, key ID, and ADNL addressvalidator-0-control.ton.svc.cluster.local) in addition to IP addressesbearerAuthsecurity scheme to OpenAPI spec; Swagger UI now shows an "Authorize" button for Bearer token authentication--filterfor elections and validators API —nodectl api electionsandnodectl api validatorsaccept--filter=<name>to limit output to specific nodes--format=json|tableflag — added--format=json|tableflag to allconfig ... lssubcommands (config bind ls,config elections ls,config log ls,config node ls,config pool ls,config wallet ls,master-wallet ls)Changed
config wallet lsnow displays addresses in bounceable URL-safe base64 formatrr_cursorinitial value starting from 1 instead of 0wallet ls— wallet listing no longer fails when TON API is unreachable; addresses are still displayed with-for unavailable state/balance fields; unified warning formatnodectl --versionnow prints build artifacts (git hash, build date, features)nodectlsecurity model, added documentation for first elections with Rust node, added documentation for REST API authenticationFixed
Statecolumn alignment inwallet ls— adjusted column width to fix misalignment inconfig wallet lsoutputElectionsStatus,NodeListRequest, and nested election schemas (OurElectionParticipant,ParticipationStatus,StakeSubmission) in OpenAPI components, fixing Swagger resolver errors