From 9f824f6c30ee00bc9f7282ad6d5913f104d2dd6e Mon Sep 17 00:00:00 2001 From: Ali Behjati Date: Wed, 17 Aug 2022 10:46:41 +0000 Subject: [PATCH 01/10] npm audit fix --- third_party/pyth/price-service/package-lock.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/third_party/pyth/price-service/package-lock.json b/third_party/pyth/price-service/package-lock.json index 3f06571327..7ce9de19bb 100644 --- a/third_party/pyth/price-service/package-lock.json +++ b/third_party/pyth/price-service/package-lock.json @@ -7599,9 +7599,9 @@ "integrity": "sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==" }, "node_modules/protobufjs": { - "version": "6.11.2", - "resolved": "https://registry.npmjs.org/protobufjs/-/protobufjs-6.11.2.tgz", - "integrity": "sha512-4BQJoPooKJl2G9j3XftkIXjoC9C0Av2NOrWmbLWT1vH32GcSUHjM0Arra6UfTsVyfMAuFzaLucXn1sadxJydAw==", + "version": "6.11.3", + "resolved": "https://registry.npmjs.org/protobufjs/-/protobufjs-6.11.3.tgz", + "integrity": "sha512-xL96WDdCZYdU7Slin569tFX712BxsxslWwAfAhCYjQKGTq7dAU91Lomy6nLLhh/dyGhk/YH4TwTSRxTzhuHyZg==", "hasInstallScript": true, "dependencies": { "@protobufjs/aspromise": "^1.1.2", @@ -14723,9 +14723,9 @@ } }, "protobufjs": { - "version": "6.11.2", - "resolved": "https://registry.npmjs.org/protobufjs/-/protobufjs-6.11.2.tgz", - "integrity": "sha512-4BQJoPooKJl2G9j3XftkIXjoC9C0Av2NOrWmbLWT1vH32GcSUHjM0Arra6UfTsVyfMAuFzaLucXn1sadxJydAw==", + "version": "6.11.3", + "resolved": "https://registry.npmjs.org/protobufjs/-/protobufjs-6.11.3.tgz", + "integrity": "sha512-xL96WDdCZYdU7Slin569tFX712BxsxslWwAfAhCYjQKGTq7dAU91Lomy6nLLhh/dyGhk/YH4TwTSRxTzhuHyZg==", "requires": { "@protobufjs/aspromise": "^1.1.2", "@protobufjs/base64": "^1.1.2", From 8257bf5280a2ae4183cae450295ee8bd8c153258 Mon Sep 17 00:00:00 2001 From: Ali Behjati Date: Wed, 17 Aug 2022 10:46:53 +0000 Subject: [PATCH 02/10] Update package name --- third_party/pyth/price-service/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/third_party/pyth/price-service/package.json b/third_party/pyth/price-service/package.json index 20d3484151..3262d82e7c 100644 --- a/third_party/pyth/price-service/package.json +++ b/third_party/pyth/price-service/package.json @@ -1,5 +1,5 @@ { - "name": "@pythnetwork/price-service", + "name": "@pythnetwork/pyth-price-service", "version": "1.0.0", "description": "Pyth Price Service", "main": "index.js", From 39ddaaa2f1af569b42764e2d7e884a46e67c8ad9 Mon Sep 17 00:00:00 2001 From: Ali Behjati Date: Wed, 17 Aug 2022 10:58:02 +0000 Subject: [PATCH 03/10] Remove guardian image and use official ones --- Dockerfile.guardian | 26 -------------------------- Tiltfile | 6 ------ devnet/node.yaml | 2 +- devnet/spy.yaml | 4 ++-- 4 files changed, 3 insertions(+), 35 deletions(-) delete mode 100644 Dockerfile.guardian diff --git a/Dockerfile.guardian b/Dockerfile.guardian deleted file mode 100644 index 9178edafd7..0000000000 --- a/Dockerfile.guardian +++ /dev/null @@ -1,26 +0,0 @@ -# syntax=docker.io/docker/dockerfile:1.3@sha256:42399d4635eddd7a9b8a24be879d2f9a930d0ed040a61324cfdf59ef1357b3b2 -FROM docker.io/golang:1.17.5@sha256:90d1ab81f3d157ca649a9ff8d251691b810d95ea6023a03cdca139df58bca599 - -RUN apt-get update -qq && apt-get install -yq unzip - -WORKDIR /app - -# After 2.8.7.1 -ARG WORMHOLE_VERSION=73307397bcbb4bd8dc11bdb8324d6f50ac83f133 -ADD https://github.com/certusone/wormhole/archive/${WORMHOLE_VERSION}.zip . -RUN unzip ${WORMHOLE_VERSION}.zip && rm -rf ${WORMHOLE_VERSION}.zip -ARG WORMHOLE_DIR=/app/wormhole-${WORMHOLE_VERSION} - -WORKDIR $WORMHOLE_DIR/tools -RUN CGO_ENABLED=0 ./build.sh - -WORKDIR $WORMHOLE_DIR -RUN tools/bin/buf lint && tools/bin/buf generate - -WORKDIR ${WORMHOLE_DIR}/node/tools -RUN go build -mod=readonly -o /dlv github.com/go-delve/delve/cmd/dlv - -WORKDIR ${WORMHOLE_DIR}/node -RUN go build -race -gcflags="all=-N -l" --ldflags '-extldflags "-Wl,--allow-multiple-definition"' -mod=readonly -o /guardiand github.com/certusone/wormhole/node - -ENTRYPOINT /guardiand diff --git a/Tiltfile b/Tiltfile index 2a8ba17324..07cb87727d 100644 --- a/Tiltfile +++ b/Tiltfile @@ -75,12 +75,6 @@ local_resource( ) -docker_build( - ref = "guardiand-image", - context = ".", - dockerfile = "Dockerfile.guardian", -) - def build_node_yaml(): node_yaml = read_yaml_stream("devnet/node.yaml") diff --git a/devnet/node.yaml b/devnet/node.yaml index 08f4800822..3b47f22ceb 100644 --- a/devnet/node.yaml +++ b/devnet/node.yaml @@ -53,7 +53,7 @@ spec: path: bigtable-key.json containers: - name: guardiand - image: guardiand-image + image: ghcr.io/certusone/guardiand:v2.8.8.1 volumeMounts: - mountPath: /run/node name: node-rundir diff --git a/devnet/spy.yaml b/devnet/spy.yaml index 3780b34e4c..f0b486f0d8 100644 --- a/devnet/spy.yaml +++ b/devnet/spy.yaml @@ -35,12 +35,12 @@ spec: terminationGracePeriodSeconds: 0 containers: - name: spy - image: guardiand-image + image: ghcr.io/certusone/guardiand:v2.8.8.1 command: - /guardiand - spy - --nodeKey - - /tmp/node.key + - /node.key - --spyRPC - "[::]:7072" # Hardcoded devnet bootstrap (generated from deterministic key in guardiand) From c4c35529fd38448752943798356a34ab094ebdb1 Mon Sep 17 00:00:00 2001 From: Ali Behjati Date: Wed, 17 Aug 2022 11:03:24 +0000 Subject: [PATCH 04/10] Update README --- third_party/pyth/price-service/README.md | 25 +++++++++--------------- 1 file changed, 9 insertions(+), 16 deletions(-) diff --git a/third_party/pyth/price-service/README.md b/third_party/pyth/price-service/README.md index 590c1d659a..b19a84d3b3 100644 --- a/third_party/pyth/price-service/README.md +++ b/third_party/pyth/price-service/README.md @@ -1,39 +1,32 @@ # Pyth Price Service -This service exposes a REST api to provide latest attestation message for a price feed id. +This service exposes a REST and WS api to provide latest attestation message for a price feed id. ## Build -To build the spy_guardian docker container: +To build the pyth_price_service docker container from the repo root: ``` -$ docker build -f Dockerfile.spy_guardian -t spy_guardian . -``` - -To build the pyth_price_service docker container: - -``` -$ docker build -f Dockerfile.pyth_price_service -t pyth_price_service . +$ docker build -f third_party/pyth/price-service/Dockerfile.pyth_price_service -t pyth_price_service . ``` Run the spy_guardian docker container in TestNet: ``` -$ docker run --platform linux/amd64 -d --network=host spy_guardian \ +$ docker run --platform linux/amd64 -d --network=host ghcr.io/certusone/guardiand:v2.8.8.1 spy \ +--nodeKey /node.key --spyRPC "[::]:7073" \ --bootstrap /dns4/wormhole-testnet-v2-bootstrap.certus.one/udp/8999/quic/p2p/12D3KooWBY9ty9CXLBXGQzMuqkziLntsVcyz4pk1zWaJRvJn6Mmt \ ---network /wormhole/testnet/2/1 \ ---spyRPC "[::]:7073" +--network /wormhole/testnet/2/1 ``` Or run the spy_guardian docker container in MainNet: For the MainNet gossip network parameters, see https://github.com/certusone/wormhole-networks/blob/master/mainnetv2/info.md ``` -$ docker run --platform linux/amd64 -d --network=host spy_guardian \ +$ docker run --platform linux/amd64 -d --network=host ghcr.io/certusone/guardiand:v2.8.8.1 spy \ +--nodeKey /node.key --spyRPC "[::]:7073" \ --bootstrap \ --network \ ---spyRPC "[::]:7073" - ``` Then to run the pyth_price_service docker container using a config file called @@ -43,7 +36,7 @@ following: ``` $ docker run \ --volume=${HOME}/pyth_price_service:/var/pyth_price_service \ --e pyth_price_service_CONFIG=/var/pyth_price_service/env \ +-e PYTH_PRICE_SERVICE_CONFIG=/var/pyth_price_service/env \ --network=host \ -d \ pyth_price_service From dce8727ca9a447c321c0d1365085e7e53e668e6a Mon Sep 17 00:00:00 2001 From: Ali Behjati Date: Wed, 17 Aug 2022 11:03:39 +0000 Subject: [PATCH 05/10] Fix config file name --- third_party/pyth/price-service/src/index.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/third_party/pyth/price-service/src/index.ts b/third_party/pyth/price-service/src/index.ts index 90f15571b8..5f3fabbbc3 100644 --- a/third_party/pyth/price-service/src/index.ts +++ b/third_party/pyth/price-service/src/index.ts @@ -8,8 +8,8 @@ import { RestAPI } from "./rest"; import { WebSocketAPI } from "./ws"; let configFile: string = ".env"; -if (process.env.PYTH_RELAY_CONFIG) { - configFile = process.env.PYTH_RELAY_CONFIG; +if (process.env.PYTH_PRICE_SERVICE_CONFIG) { + configFile = process.env.PYTH_PRICE_SERVICE_CONFIG; } console.log("Loading config file [%s]", configFile); From dcbf2e806a709dbdcc5f1cf04771e98b5dbbb993 Mon Sep 17 00:00:00 2001 From: Ali Behjati Date: Wed, 17 Aug 2022 11:49:47 +0000 Subject: [PATCH 06/10] Add publish dockerhub image --- .github/workflows/publish-dockerhub.yml | 40 +++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 .github/workflows/publish-dockerhub.yml diff --git a/.github/workflows/publish-dockerhub.yml b/.github/workflows/publish-dockerhub.yml new file mode 100644 index 0000000000..b7e1b702aa --- /dev/null +++ b/.github/workflows/publish-dockerhub.yml @@ -0,0 +1,40 @@ +name: Publish Images to Dockerhub +on: + release: + types: + - created +env: + DOCKER_HUB: docker.io + DOCKER_USER: ${{ secrets.DOCKER_IO_USER }} +jobs: + publish-pyth-price-service: + name: Publish Pyth price service + if: ${{ startsWith(github.ref, 'refs/tags/pyth-price-service-v') }} + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + + - name: Initialize Environment + run: | + set -eux + PREFIX="refs/tags/pyth-price-service-" + VERSION="${GITHUB_REF:${#PREFIX}}" + echo "DOCKER_IMAGE=pyth-price-service:${VERSION}" >> "${GITHUB_ENV}" + + - name: Build Docker Image + run: | + set -eux + DOCKER_BUILDKIT=1 docker build -f Dockerfile.wasm -o type=local,dest=. . + DOCKER_BUILDKIT=1 docker build -t "${DOCKER_IMAGE}" -f \ + third_party/pyth/price-service/Dockerfile.price_service . + + - name: Publish Docker Image + run: | + function publish() { + set -eux + PUB_IMAGE="${DOCKER_HUB}/${DOCKER_USER}/${DOCKER_IMAGE}" + docker login "${DOCKER_HUB}" -u "${DOCKER_USER}" --password-stdin + docker image tag "${DOCKER_IMAGE}" "${PUB_IMAGE}" + docker image push "${PUB_IMAGE}" + } + echo "${{ secrets.DOCKER_IO_PASS }}" | publish From 1c7b413e50573e4dd55e0c6cbbc4567d60fcca62 Mon Sep 17 00:00:00 2001 From: Ali Behjati Date: Thu, 18 Aug 2022 11:26:45 +0000 Subject: [PATCH 07/10] Remove dockerhub and improve aws image actions To support both version and manual trigger --- ...image-push.yml => attester-image-push.yml} | 40 ++++++++---------- .../workflows/price-service-image-push.yml | 42 +++++++++++++++++++ 2 files changed, 60 insertions(+), 22 deletions(-) rename .github/workflows/{image-push.yml => attester-image-push.yml} (50%) create mode 100644 .github/workflows/price-service-image-push.yml diff --git a/.github/workflows/image-push.yml b/.github/workflows/attester-image-push.yml similarity index 50% rename from .github/workflows/image-push.yml rename to .github/workflows/attester-image-push.yml index f6989c63cd..be52acb774 100644 --- a/.github/workflows/image-push.yml +++ b/.github/workflows/attester-image-push.yml @@ -1,36 +1,32 @@ name: Build and Push Images on: push: - branches: [ main ] - pull_request: - branches: [ main ] - + tags: + - pyth-attester-v* + workflow_dispatch: + inputs: + dispatch_description: + description: "Dispatch description" + required: true + type: string permissions: contents: read id-token: write jobs: - price-service-image: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - uses: aws-actions/configure-aws-credentials@v1 - with: - role-to-assume: arn:aws:iam::192824654885:role/github-actions-ecr - aws-region: eu-west-2 - - uses: aws-actions/amazon-ecr-login@v1 - id: ecr_login - - run: | - DOCKER_BUILDKIT=1 docker build -f Dockerfile.wasm -o type=local,dest=. . - DOCKER_BUILDKIT=1 docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f third_party/pyth/price-service/Dockerfile.price_service . - docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG - env: - ECR_REGISTRY: ${{ steps.ecr_login.outputs.registry }} - ECR_REPOSITORY: xc-server - IMAGE_TAG: ${{ github.sha }} p2w-attest-image: runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 + - name: Set image tag to version of the git tag + if: ${{ startsWith(github.ref, 'refs/tags/pyth-attester-v') }} + run: | + PREFIX="refs/tags/pyth-attester-" + VERSION="${GITHUB_REF:${#PREFIX}}" + echo "IMAGE_TAG=${VERSION}" >> "${GITHUB_ENV}" + - name: Set image tag to the git commit hash + if: ${{ !startsWith(github.ref, 'refs/tags/pyth-attester-v') }} + run: | + echo "IMAGE_TAG=${{ github.sha }}" >> "${GITHUB_ENV}" - uses: aws-actions/configure-aws-credentials@v1 with: role-to-assume: arn:aws:iam::192824654885:role/github-actions-ecr diff --git a/.github/workflows/price-service-image-push.yml b/.github/workflows/price-service-image-push.yml new file mode 100644 index 0000000000..69a3ab7e03 --- /dev/null +++ b/.github/workflows/price-service-image-push.yml @@ -0,0 +1,42 @@ +name: Build and Push Images +on: + push: + tags: + - pyth-price-service-v* + workflow_dispatch: + inputs: + dispatch_description: + description: "Dispatch description" + required: true + type: string +permissions: + contents: read + id-token: write +jobs: + price-service-image: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Set image tag to version of the git tag + if: ${{ startsWith(github.ref, 'refs/tags/pyth-price-service-v') }} + run: | + PREFIX="refs/tags/pyth-price-service-" + VERSION="${GITHUB_REF:${#PREFIX}}" + echo "IMAGE_TAG=${VERSION}" >> "${GITHUB_ENV}" + - name: Set image tag to the git commit hash + if: ${{ !startsWith(github.ref, 'refs/tags/pyth-price-service-v') }} + run: | + echo "IMAGE_TAG=${{ github.sha }}" >> "${GITHUB_ENV}" + - uses: aws-actions/configure-aws-credentials@v1 + with: + role-to-assume: arn:aws:iam::192824654885:role/github-actions-ecr + aws-region: eu-west-2 + - uses: aws-actions/amazon-ecr-login@v1 + id: ecr_login + - run: | + DOCKER_BUILDKIT=1 docker build -f Dockerfile.wasm -o type=local,dest=. . + DOCKER_BUILDKIT=1 docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f third_party/pyth/price-service/Dockerfile.price_service . + docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG + env: + ECR_REGISTRY: ${{ steps.ecr_login.outputs.registry }} + ECR_REPOSITORY: xc-server From fe7f92479cde1fed6a7a3e285fa7bd4b6a6600bd Mon Sep 17 00:00:00 2001 From: Ali Behjati Date: Thu, 18 Aug 2022 11:29:26 +0000 Subject: [PATCH 08/10] Small bugfix --- .github/workflows/attester-image-push.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/attester-image-push.yml b/.github/workflows/attester-image-push.yml index be52acb774..32f4fa0143 100644 --- a/.github/workflows/attester-image-push.yml +++ b/.github/workflows/attester-image-push.yml @@ -40,4 +40,3 @@ jobs: env: ECR_REGISTRY: ${{ steps.ecr_login.outputs.registry }} ECR_REPOSITORY: xc-attest - IMAGE_TAG: ${{ github.sha }} From e18936dda040369335f8d32446f99221ff9801a7 Mon Sep 17 00:00:00 2001 From: Ali Behjati Date: Thu, 18 Aug 2022 12:24:11 +0000 Subject: [PATCH 09/10] Delete dockerhub action file --- .github/workflows/publish-dockerhub.yml | 40 ------------------------- 1 file changed, 40 deletions(-) delete mode 100644 .github/workflows/publish-dockerhub.yml diff --git a/.github/workflows/publish-dockerhub.yml b/.github/workflows/publish-dockerhub.yml deleted file mode 100644 index b7e1b702aa..0000000000 --- a/.github/workflows/publish-dockerhub.yml +++ /dev/null @@ -1,40 +0,0 @@ -name: Publish Images to Dockerhub -on: - release: - types: - - created -env: - DOCKER_HUB: docker.io - DOCKER_USER: ${{ secrets.DOCKER_IO_USER }} -jobs: - publish-pyth-price-service: - name: Publish Pyth price service - if: ${{ startsWith(github.ref, 'refs/tags/pyth-price-service-v') }} - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - - name: Initialize Environment - run: | - set -eux - PREFIX="refs/tags/pyth-price-service-" - VERSION="${GITHUB_REF:${#PREFIX}}" - echo "DOCKER_IMAGE=pyth-price-service:${VERSION}" >> "${GITHUB_ENV}" - - - name: Build Docker Image - run: | - set -eux - DOCKER_BUILDKIT=1 docker build -f Dockerfile.wasm -o type=local,dest=. . - DOCKER_BUILDKIT=1 docker build -t "${DOCKER_IMAGE}" -f \ - third_party/pyth/price-service/Dockerfile.price_service . - - - name: Publish Docker Image - run: | - function publish() { - set -eux - PUB_IMAGE="${DOCKER_HUB}/${DOCKER_USER}/${DOCKER_IMAGE}" - docker login "${DOCKER_HUB}" -u "${DOCKER_USER}" --password-stdin - docker image tag "${DOCKER_IMAGE}" "${PUB_IMAGE}" - docker image push "${PUB_IMAGE}" - } - echo "${{ secrets.DOCKER_IO_PASS }}" | publish From 45e7df17552601734e0960979f8bee1b146acf1f Mon Sep 17 00:00:00 2001 From: Ali Behjati Date: Fri, 19 Aug 2022 11:59:52 +0000 Subject: [PATCH 10/10] Use aws public repo --- .github/workflows/attester-image-push.yml | 13 ++++++++----- .github/workflows/price-service-image-push.yml | 13 ++++++++----- 2 files changed, 16 insertions(+), 10 deletions(-) diff --git a/.github/workflows/attester-image-push.yml b/.github/workflows/attester-image-push.yml index 32f4fa0143..6d3e594a14 100644 --- a/.github/workflows/attester-image-push.yml +++ b/.github/workflows/attester-image-push.yml @@ -27,16 +27,19 @@ jobs: if: ${{ !startsWith(github.ref, 'refs/tags/pyth-attester-v') }} run: | echo "IMAGE_TAG=${{ github.sha }}" >> "${GITHUB_ENV}" - - uses: aws-actions/configure-aws-credentials@v1 + - uses: aws-actions/configure-aws-credentials@8a84b07f2009032ade05a88a28750d733cc30db1 with: role-to-assume: arn:aws:iam::192824654885:role/github-actions-ecr aws-region: eu-west-2 - - uses: aws-actions/amazon-ecr-login@v1 - id: ecr_login + - uses: docker/login-action@v2 + with: + registry: public.ecr.aws + env: + AWS_REGION: us-east-1 - run: | DOCKER_BUILDKIT=1 docker build -f Dockerfile.client -t bridge-client . DOCKER_BUILDKIT=1 docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f third_party/pyth/Dockerfile.p2w-attest . docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG env: - ECR_REGISTRY: ${{ steps.ecr_login.outputs.registry }} - ECR_REPOSITORY: xc-attest + ECR_REGISTRY: public.ecr.aws + ECR_REPOSITORY: pyth-network/xc-attest diff --git a/.github/workflows/price-service-image-push.yml b/.github/workflows/price-service-image-push.yml index 69a3ab7e03..4988f930a6 100644 --- a/.github/workflows/price-service-image-push.yml +++ b/.github/workflows/price-service-image-push.yml @@ -27,16 +27,19 @@ jobs: if: ${{ !startsWith(github.ref, 'refs/tags/pyth-price-service-v') }} run: | echo "IMAGE_TAG=${{ github.sha }}" >> "${GITHUB_ENV}" - - uses: aws-actions/configure-aws-credentials@v1 + - uses: aws-actions/configure-aws-credentials@8a84b07f2009032ade05a88a28750d733cc30db1 with: role-to-assume: arn:aws:iam::192824654885:role/github-actions-ecr aws-region: eu-west-2 - - uses: aws-actions/amazon-ecr-login@v1 - id: ecr_login + - uses: docker/login-action@v2 + with: + registry: public.ecr.aws + env: + AWS_REGION: us-east-1 - run: | DOCKER_BUILDKIT=1 docker build -f Dockerfile.wasm -o type=local,dest=. . DOCKER_BUILDKIT=1 docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f third_party/pyth/price-service/Dockerfile.price_service . docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG env: - ECR_REGISTRY: ${{ steps.ecr_login.outputs.registry }} - ECR_REPOSITORY: xc-server + ECR_REGISTRY: public.ecr.aws + ECR_REPOSITORY: pyth-network/xc-server