feat: remove private repository ssh workarounds

.github/workflows/nightly.yml

@@ -40,15 +40,6 @@ jobs:
           macos-latest, # macos-arm64
         ]
     steps:
-      # TODO: Remove when iota-sim is public https://github.com/iotaledger/iota/issues/2149
-      - name: Set up SSH (MacOs only)
-        if: ${{ matrix.os == 'macos-latest' }}
-        uses: MrSquaare/ssh-setup-action@2d028b70b5e397cf8314c6eaea229a6c3e34977a # pin@v3
-        with:
-          host: github.com
-          private-key: ${{ secrets.SSH_PRIVATE_KEY_IOTA_CI }}
-          private-key-name: github-ppk
-
       - name: Install postgres (MacOS arm64)
         if: ${{ matrix.os == 'macos-latest' }}
         shell: bash

.github/workflows/release.yml

@@ -146,15 +146,6 @@ jobs:
           sudo rm -rf ~/Library/Developer/Xcode/iOS\ DeviceSupport/*
           df -h /
 
-      # TODO: Remove when iota-sim is public https://github.com/iotaledger/iota/issues/2149
-      - name: Set up SSH (MacOs only)
-        if: ${{ matrix.os == 'macos-latest' }}
-        uses: MrSquaare/ssh-setup-action@2d028b70b5e397cf8314c6eaea229a6c3e34977a # pin@v3
-        with:
-          host: github.com
-          private-key: ${{ secrets.SSH_PRIVATE_KEY_IOTA_CI }}
-          private-key-name: github-ppk
-
       - name: Cargo build for ${{ matrix.os }} platform
         shell: bash
         # Currently building in release mode, but we could also have debug builds for testing

.github/workflows/release_docker.yml

@@ -45,7 +45,7 @@ jobs:
         id: meta-node
         uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # pin@v5
         with:
-          images: docker-registry.iota.org/iota-node
+          images: iotaledger/iota-node
           # mapping semver tags to networks
           # v{MAJOR}.{MINOR}.{PATCH}-alpha -> alphanet
           # v{MAJOR}.{MINOR}.{PATCH}-beta -> devnet
@@ -67,14 +67,6 @@ jobs:
           password: ${{ secrets.DOCKER_REGISTRY_PASSWORD }}
           registry: ${{ secrets.DOCKER_REGISTRY_URL }}
 
-      # TODO: Remove when iota-sim is public https://github.com/iotaledger/iota/issues/2149
-      - name: Set up SSH
-        uses: MrSquaare/ssh-setup-action@2d028b70b5e397cf8314c6eaea229a6c3e34977a # pin@v3
-        with:
-          host: github.com
-          private-key: ${{ secrets.SSH_PRIVATE_KEY_IOTA_CI }}
-          private-key-name: github-ppk
-
       - name: Get git revision and build date
         id: git-info
         run: |
@@ -84,7 +76,6 @@ jobs:
       - name: Build and push Docker image for iota-node
         uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # pin@v6
         with:
-          ssh: default
           context: .
           file: docker/iota-node/Dockerfile
           platforms: linux/amd64
@@ -113,7 +104,7 @@ jobs:
         id: meta-indexer
         uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # pin@v5
         with:
-          images: docker-registry.iota.org/iota-indexer
+          images: iotaledger/iota-indexer
           # mapping semver tags to networks
           # v{MAJOR}.{MINOR}.{PATCH}-alpha -> alphanet
           # v{MAJOR}.{MINOR}.{PATCH}-beta -> devnet
@@ -135,14 +126,6 @@ jobs:
           password: ${{ secrets.DOCKER_REGISTRY_PASSWORD }}
           registry: ${{ secrets.DOCKER_REGISTRY_URL }}
 
-      # TODO: Remove when iota-sim is public https://github.com/iotaledger/iota/issues/2149
-      - name: Set up SSH
-        uses: MrSquaare/ssh-setup-action@2d028b70b5e397cf8314c6eaea229a6c3e34977a # pin@v3
-        with:
-          host: github.com
-          private-key: ${{ secrets.SSH_PRIVATE_KEY_IOTA_CI }}
-          private-key-name: github-ppk
-
       - name: Get git revision and build date
         id: git-info
         run: |
@@ -152,7 +135,6 @@ jobs:
       - name: Build and push Docker image for iota-indexer
         uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # pin@v6
         with:
-          ssh: default
           context: .
           file: docker/iota-indexer/Dockerfile
           platforms: linux/amd64
@@ -181,7 +163,7 @@ jobs:
         id: meta-tools
         uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # pin@v5
         with:
-          images: docker-registry.iota.org/iota-tools
+          images: iotaledger/iota-tools
           # mapping semver tags to networks
           # v{MAJOR}.{MINOR}.{PATCH}-alpha -> alphanet
           # v{MAJOR}.{MINOR}.{PATCH}-beta -> devnet
@@ -203,14 +185,6 @@ jobs:
           password: ${{ secrets.DOCKER_REGISTRY_PASSWORD }}
           registry: ${{ secrets.DOCKER_REGISTRY_URL }}
 
-      # TODO: Remove when iota-sim is public https://github.com/iotaledger/iota/issues/2149
-      - name: Set up SSH
-        uses: MrSquaare/ssh-setup-action@2d028b70b5e397cf8314c6eaea229a6c3e34977a # pin@v3
-        with:
-          host: github.com
-          private-key: ${{ secrets.SSH_PRIVATE_KEY_IOTA_CI }}
-          private-key-name: github-ppk
-
       - name: Get git revision and build date
         id: git-info
         run: |
@@ -220,7 +194,6 @@ jobs:
       - name: Build and push Docker image for iota-tools
         uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # pin@v6
         with:
-          ssh: default
           context: .
           file: docker/iota-tools/Dockerfile
           platforms: linux/amd64
@@ -249,7 +222,7 @@ jobs:
         id: meta-tools
         uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # pin@v5
         with:
-          images: docker-registry.iota.org/iota-graphql-rpc
+          images: iotaledger/iota-graphql-rpc
           # mapping semver tags to networks
           # v{MAJOR}.{MINOR}.{PATCH}-alpha -> alphanet
           # v{MAJOR}.{MINOR}.{PATCH}-beta -> devnet
@@ -271,14 +244,6 @@ jobs:
           password: ${{ secrets.DOCKER_REGISTRY_PASSWORD }}
           registry: ${{ secrets.DOCKER_REGISTRY_URL }}
 
-      # TODO: Remove when iota-sim is public https://github.com/iotaledger/iota/issues/2149
-      - name: Set up SSH
-        uses: MrSquaare/ssh-setup-action@2d028b70b5e397cf8314c6eaea229a6c3e34977a # pin@v3
-        with:
-          host: github.com
-          private-key: ${{ secrets.SSH_PRIVATE_KEY_IOTA_CI }}
-          private-key-name: github-ppk
-
       - name: Get git revision and build date
         id: git-info
         run: |
@@ -288,7 +253,6 @@ jobs:
       - name: Build and push Docker image for iota-graphql-rpc
         uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # pin@v6
         with:
-          ssh: default
           context: .
           file: docker/iota-graphql-rpc/Dockerfile
           platforms: linux/amd64

Cargo.toml

@@ -274,7 +274,7 @@ leb128 = "0.2.5"
 lru = "0.12"
 mockall = "0.11.4"
 more-asserts = "0.3.1"
-msim = { git = "ssh://git@github.com/iotaledger/iota-sim.git", rev = "8fe1939f4bf1e54d0638756c82aaa6c29212e2bb", package = "msim" }
+msim = { git = "https://github.com/iotaledger/iota-sim.git", rev = "f16ef50ba7d874fe1f0960f248f6c651a634d6a5", package = "msim" }
 nonempty = "0.9.0"
 notify = "6.1.1"
 num-bigint = "0.4.4"
@@ -409,7 +409,7 @@ iota-rosetta = { path = "crates/iota-rosetta" }
 iota-rpc-loadgen = { path = "crates/iota-rpc-loadgen" }
 iota-sdk = { path = "crates/iota-sdk" }
 # core-types with json format for REST API
-iota-sdk2 = { package = "iota-rust-sdk", git = "ssh://git@github.com/iotaledger/iota-rust-sdk.git", rev = "d605da95029e74376f0f39a95526bb1a5c0ebd7a", features = ["hash", "serde", "schemars"] }
+iota-sdk2 = { package = "iota-rust-sdk", git = "https://github.com/iotaledger/iota-rust-sdk.git", rev = "d605da95029e74376f0f39a95526bb1a5c0ebd7a", features = ["hash", "serde", "schemars"] }
 iota-simulator = { path = "crates/iota-simulator" }
 iota-snapshot = { path = "crates/iota-snapshot" }
 iota-source-validation = { path = "crates/iota-source-validation" }

crates/iota-proc-macros/Cargo.toml

@@ -18,4 +18,4 @@ quote.workspace = true
 syn = { version = "2.0", features = ["full", "fold", "extra-traits"] }
 
 [target.'cfg(msim)'.dependencies]
-msim-macros = { git = "ssh://git@github.com/iotaledger/iota-sim.git", rev = "8fe1939f4bf1e54d0638756c82aaa6c29212e2bb", package = "msim-macros" }
+msim-macros = { git = "https://github.com/iotaledger/iota-sim.git", rev = "f16ef50ba7d874fe1f0960f248f6c651a634d6a5", package = "msim-macros" }

crates/iota-rosetta/docker/iota-rosetta-devnet/Dockerfile

@@ -8,30 +8,13 @@ ENV PATH="/root/.cargo/bin:${PATH}"
 
 FROM chef AS builder
 
-# TODO: Remove when iota-sim is public https://github.com/iotaledger/iota/issues/2149
-RUN mkdir -p -m 0700 ~/.ssh && ssh-keyscan github.com >> ~/.ssh/known_hosts
-RUN --mount=type=ssh <<EOT
-  set -e
-  echo "Setting Git SSH protocol"
-  (
-    set +e
-    ssh -T git@github.com
-    if [ ! "$?" = "1" ]; then
-      echo "No GitHub SSH key loaded, exiting..."
-      exit 1
-    fi
-  )
-EOT
-ENV CARGO_NET_GIT_FETCH_WITH_CLI=true
-
 RUN git clone https://github.com/iotaledger/iota .
 RUN git checkout devnet
 
 RUN curl -sSfL https://raw.githubusercontent.com/coinbase/rosetta-cli/master/scripts/install.sh | sh -s
 RUN curl -fLJO https://github.com/iotaledger/iota-genesis/raw/main/devnet/genesis.blob
 
-# TODO: Remove "--mount=type=ssh" when iota-sim is public https://github.com/iotaledger/iota/issues/2149
-RUN --mount=type=ssh cargo build --release --bin iota --bin iota-rosetta --bin iota-node
+RUN cargo build --release --bin iota --bin iota-rosetta --bin iota-node
 
 # Production Image
 FROM ubuntu:latest AS runtime

crates/iota-rosetta/docker/iota-rosetta-devnet/build.sh

@@ -20,8 +20,7 @@ echo "build date: \t$BUILD_DATE"
 echo "git revision: \t$GIT_REVISION"
 echo
 
-# TODO: Remove "--ssh default" when iota-sim is public https://github.com/iotaledger/iota/issues/2149
-docker build --ssh default -f "$DOCKERFILE" "$REPO_ROOT" \
+docker build -f "$DOCKERFILE" "$REPO_ROOT" \
 	-t iotaledger/iota-rosetta-devnet \
 	--build-arg GIT_REVISION="$GIT_REVISION" \
 	--build-arg BUILD_DATE="$BUILD_DATE" \

crates/iota-rosetta/docker/iota-rosetta-local/Dockerfile

@@ -9,22 +9,6 @@ ENV PATH="/root/.cargo/bin:${PATH}"
 # Build application
 FROM chef AS builder
 
-# TODO: Remove when iota-sim is public https://github.com/iotaledger/iota/issues/2149
-RUN mkdir -p -m 0700 ~/.ssh && ssh-keyscan github.com >> ~/.ssh/known_hosts
-RUN --mount=type=ssh <<EOT
-  set -e
-  echo "Setting Git SSH protocol"
-  (
-    set +e
-    ssh -T git@github.com
-    if [ ! "$?" = "1" ]; then
-      echo "No GitHub SSH key loaded, exiting..."
-      exit 1
-    fi
-  )
-EOT
-ENV CARGO_NET_GIT_FETCH_WITH_CLI=true
-
 RUN curl -sSfL https://raw.githubusercontent.com/coinbase/rosetta-cli/master/scripts/install.sh | sh -s
 
 COPY Cargo.toml Cargo.lock ./
@@ -34,8 +18,7 @@ COPY iota-execution iota-execution
 COPY external-crates external-crates
 COPY docs docs
 
-# TODO: Remove "--mount=type=ssh" when iota-sim is public https://github.com/iotaledger/iota/issues/2149
-RUN --mount=type=ssh cargo build --release --bin iota --bin iota-rosetta
+RUN cargo build --release --bin iota --bin iota-rosetta
 
 # Production Image
 FROM ubuntu:latest AS runtime

crates/iota-rosetta/docker/iota-rosetta-local/build.sh

@@ -20,8 +20,7 @@ echo "build date: \t$BUILD_DATE"
 echo "git revision: \t$GIT_REVISION"
 echo
 
-# TODO: Remove "--ssh default" when iota-sim is public https://github.com/iotaledger/iota/issues/2149
-docker build --ssh default -f "$DOCKERFILE" "$REPO_ROOT" \
+docker build -f "$DOCKERFILE" "$REPO_ROOT" \
 	-t iotaledger/iota-rosetta-local \
 	--build-arg GIT_REVISION="$GIT_REVISION" \
 	--build-arg BUILD_DATE="$BUILD_DATE" \

crates/iota/tests/cli_tests.rs

@@ -4183,7 +4183,6 @@ async fn test_faucet() -> Result<(), anyhow::Error> {
     Ok(())
 }
 
-#[ignore = "until the repo is public https://github.com/iotaledger/iota/issues/3741"]
 #[tokio::test]
 async fn test_move_new() -> Result<(), anyhow::Error> {
     let current_dir = std::env::current_dir()?;

deny.toml

@@ -231,7 +231,7 @@ allow-git = [
   "https://github.com/iotaledger/tokio-madsim-fork.git",
   "https://github.com/nextest-rs/datatest-stable.git",
   "https://github.com/zhiburt/tabled.git",
-  "ssh://git@github.com/iotaledger/iota-rust-sdk.git",
+  "https://github.com/iotaledger/iota-rust-sdk.git",
   "https://github.com/bmwill/openapiv3.git",
   "https://github.com/bmwill/axum-server.git",
 ]

docker/deterministic-canary/Dockerfile

@@ -39,24 +39,7 @@ RUN cargo new canary
 
 WORKDIR canary
 
-# TODO: Remove when iota-sim is public https://github.com/iotaledger/iota/issues/2149
-RUN mkdir -p -m 0700 ~/.ssh && ssh-keyscan github.com >> ~/.ssh/known_hosts
-RUN --mount=type=ssh <<EOT
-  set -e
-  echo "Setting Git SSH protocol"
-  (
-    set +e
-    ssh -T git@github.com
-    if [ ! "$?" = "1" ]; then
-      echo "No GitHub SSH key loaded, exiting..."
-      exit 1
-    fi
-  )
-EOT
-ENV CARGO_NET_GIT_FETCH_WITH_CLI=true
-
-# TODO: Remove "--mount=type=ssh" when iota-sim is public https://github.com/iotaledger/iota/issues/2149
-RUN --mount=type=ssh cargo fetch
+RUN cargo fetch
 
 FROM fetch AS build
 
@@ -81,8 +64,7 @@ ENV RUSTFLAGS='-C target-feature=+crt-static -C codegen-units=1'
 ENV GIT_REVISION=${GIT_REVISION}
 ENV PROFILE=${PROFILE}
 
-# TODO: Remove "--mount=type=ssh" when iota-sim is public https://github.com/iotaledger/iota/issues/2149
-RUN --mount=type=ssh --network=none cargo build --target x86_64-unknown-linux-musl --frozen --profile ${PROFILE}
+RUN --network=none cargo build --target x86_64-unknown-linux-musl --frozen --profile ${PROFILE}
 
 FROM scratch AS install
 

docker/deterministic-canary/build.sh

@@ -27,8 +27,7 @@ echo
 export DOCKER_BUILDKIT=1
 export SOURCE_DATE_EPOCH=1
 
-# TODO: Remove "--ssh default" when iota-sim is public https://github.com/iotaledger/iota/issues/2149
-docker build --ssh default -f "$DOCKERFILE" "$REPO_ROOT" \
+docker build -f "$DOCKERFILE" "$REPO_ROOT" \
 	--build-arg PROFILE="$PROFILE" \
 	--platform "$PLATFORM" \
 	--output type=oci,rewrite-timestamp=true,force-compression=true,tar=false,dest=$OCI_OUTPUT/canary,name=canary \