Add Oracle Aggregator and CCIP Integration

- Introduced Aggregator.sol for Chainlink-compatible oracle functionality, including round-based updates and access control.
- Added OracleWithCCIP.sol to extend Aggregator with CCIP cross-chain messaging capabilities.
- Created .gitmodules to include OpenZeppelin contracts as a submodule.
- Developed a comprehensive deployment guide in NEXT_STEPS_COMPLETE_GUIDE.md for Phase 2 and smart contract deployment.
- Implemented Vite configuration for the orchestration portal, supporting both Vue and React frameworks.
- Added server-side logic for the Multi-Cloud Orchestration Portal, including API endpoints for environment management and monitoring.
- Created scripts for resource import and usage validation across non-US regions.
- Added tests for CCIP error handling and integration to ensure robust functionality.
- Included various new files and directories for the orchestration portal and deployment scripts.

scripts/deployment/update-rpc-security.sh

@@ -0,0 +1,84 @@
+#!/usr/bin/env bash
+# Update RPC Security Configuration
+# Run this after DNS is configured to restrict CORS and host allowlist
+
+set -e
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+source "$SCRIPT_DIR/../lib/init.sh"
+PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
+cd "$PROJECT_ROOT"
+
+
+log_info "=== Updating RPC Security Configuration ==="
+
+# Default domains (update these after DNS deployment)
+RPC_DOMAINS=(
+    "https://rpc.d-bis.org"
+    "https://rpc2.d-bis.org"
+    "https://explorer.d-bis.org"
+)
+
+RPC_HOSTS=(
+    "rpc.d-bis.org"
+    "rpc2.d-bis.org"
+    "localhost"
+    "127.0.0.1"
+)
+
+echo "Updating RPC security with domains: ${RPC_DOMAINS[*]}"
+
+# Update config/rpc/besu-config.toml
+if [ -f "config/rpc/besu-config.toml" ]; then
+    # Create CORS array string
+    CORS_STR=$(printf '"%s",' "${RPC_DOMAINS[@]}" | sed 's/,$//')
+    CORS_STR="[$CORS_STR]"
+    
+    # Create host allowlist string
+    HOSTS_STR=$(printf '"%s",' "${RPC_HOSTS[@]}" | sed 's/,$//')
+    HOSTS_STR="[$HOSTS_STR]"
+    
+    # Update CORS
+    sed -i "s|rpc-http-cors-origins=\[\".*\"\]|rpc-http-cors-origins=$CORS_STR|g" config/rpc/besu-config.toml
+    sed -i "s|rpc-ws-origins=\[\".*\"\]|rpc-ws-origins=$CORS_STR|g" config/rpc/besu-config.toml
+    
+    # Update host allowlist
+    sed -i "s|rpc-http-host-allowlist=\[.*\]|rpc-http-host-allowlist=$HOSTS_STR|g" config/rpc/besu-config.toml
+    
+    log_success "✅ Updated config/rpc/besu-config.toml"
+fi
+
+# Update k8s/base/rpc/statefulset.yaml
+if [ -f "k8s/base/rpc/statefulset.yaml" ]; then
+    CORS_STR=$(printf '"%s",' "${RPC_DOMAINS[@]}" | sed 's/,$//')
+    CORS_STR="[$CORS_STR]"
+    HOSTS_STR=$(printf '"%s",' "${RPC_HOSTS[@]}" | sed 's/,$//')
+    HOSTS_STR="[$HOSTS_STR]"
+    
+    sed -i "s|rpc-http-cors-origins=\[\".*\"\]|rpc-http-cors-origins=$CORS_STR|g" k8s/base/rpc/statefulset.yaml
+    sed -i "s|rpc-ws-origins=\[\".*\"\]|rpc-ws-origins=$CORS_STR|g" k8s/base/rpc/statefulset.yaml
+    sed -i "s|rpc-http-host-allowlist=\[.*\]|rpc-http-host-allowlist=$HOSTS_STR|g" k8s/base/rpc/statefulset.yaml
+    
+    log_success "✅ Updated k8s/base/rpc/statefulset.yaml"
+fi
+
+# Update helm/besu-network/values-rpc.yaml
+if [ -f "helm/besu-network/values-rpc.yaml" ]; then
+    CORS_STR=$(printf '    - "%s"\n' "${RPC_DOMAINS[@]}" | sed 's|https://||g')
+    HOSTS_STR=$(printf '    - "%s"\n' "${RPC_HOSTS[@]}")
+    
+    # Note: Helm values use YAML array format
+    log_warn "⚠️  Helm values need manual update (YAML format)"
+    echo "Update helm/besu-network/values-rpc.yaml:"
+    echo "  corsOrigins:"
+    for domain in "${RPC_DOMAINS[@]}"; do
+        echo "    - \"$domain\"
+    done
+    echo "  hostAllowlist:"
+    for host in "${RPC_HOSTS[@]}"; do
+        echo "    - \"$host\"
+    done
+fi
+
+log_success "✅ RPC security configuration updated"
+log_warn "Note: Restart RPC pods after updating configuration"