Merge pull request #22 from cardano-scaling/multi-version-explorer-de…

…ployment

Multi version explorer deployment

.github/workflows/cd.yaml

@@ -3,7 +3,7 @@ name: "CD"
 on:
   workflow_run:
     workflows: ["Docker"]
-    branches: [ "master", "multi-version-explorer-deployment" ]
+    branches: ["master"]
     types:
       - completed
   workflow_dispatch:
@@ -16,7 +16,7 @@ jobs:
     - name: 📥 Checkout repository
       uses: actions/checkout@v4
 
-    - name: ⛄ Deploy with nixos
+    - name: 🐳 Deploy with docker compose
       run: |
-        # TODO: update nixos config to docker pull
-        /run/current-system/sw/bin/nixos-rebuild switch --flake .
+        /run/current-system/sw/bin/docker compose pull
+        /run/current-system/sw/bin/docker compose up -d

.github/workflows/docker.yaml

@@ -0,0 +1,91 @@
+# This workflow builds docker images on 'master' and for all release tags. The
+# 'latest' docker tag on the registry will always point to the latest pushed
+# version, likely the one built from 'master', so referring to the versioned
+# images is suggested.
+name: Docker
+
+# Limit concurrent runs of this workflow within a single PR
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
+on:
+  push:
+    branches: [ "master" ]
+    tags: [ "*.*.*" ]
+  workflow_dispatch:
+    inputs:
+      ref_name:
+        type: string
+        description: 'Point-in-time to build the custom docker images'
+        required: true
+        default: "master"
+
+permissions:
+  packages: write
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+    - name: 📥 Checkout repository
+      uses: actions/checkout@v4
+      with:
+        ref: ${{ github.event.inputs.ref_name || '' }}
+
+    - name: 🐳 Login to GitHub Container Registry
+      uses: docker/login-action@v3
+      with:
+        registry: ghcr.io
+        username: ${{ github.actor }}
+        password: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: ❄ Prepare nix
+      uses: cachix/install-nix-action@v30
+      with:
+        extra_nix_config: |
+          accept-flake-config = true
+          log-lines = 1000
+
+    - name: ❄ Cachix cache of nix derivations
+      uses: cachix/cachix-action@v15
+      with:
+        name: cardano-scaling
+        authToken: '${{ secrets.CACHIX_CARDANO_SCALING_AUTH_TOKEN }}'
+
+    - name: 🔨 Build image using nix
+      run: |
+        IMAGE_NAME=ghcr.io/${{github.repository_owner}}/hydra-explorer
+        echo "IMAGE_NAME=${IMAGE_NAME}" >> $GITHUB_ENV
+        nix build .#docker
+        ./result | docker load
+
+        # Determine whether we are building a tag and if yes, set a VERSION_NAME
+        BUILDING_TAG=${{github.ref_type == 'tag'}}
+        [[ ${BUILDING_TAG} = true ]] && \
+          VERSION_NAME=${{github.ref_name}}
+
+        # Use 'FROM' instruction to use docker build with --label
+        echo "FROM hydra-explorer" | docker build \
+          --label org.opencontainers.image.source=${{github.repositoryUrl}} \
+          --label org.opencontainers.image.licenses=Apache-2.0 \
+          --label org.opencontainers.image.created=$(date -Is) \
+          --label org.opencontainers.image.revision=${{github.sha}} \
+          --label org.opencontainers.image.version=${VERSION_NAME:-unstable} \
+          --tag ${IMAGE_NAME}:unstable -
+
+        # Also tag with semver and 'latest' if we are building a tag
+        [[ ${BUILDING_TAG} = true ]] && \
+          docker tag ${IMAGE_NAME}:unstable ${IMAGE_NAME}:${{github.ref_name}}
+        [[ ${BUILDING_TAG} = true ]] && \
+          docker tag ${IMAGE_NAME}:unstable ${IMAGE_NAME}:latest
+        # Tag image with workflow dispatch ref_name
+        [[ ${{github.event_name == 'workflow_dispatch'}} = true ]] && \
+          docker tag ${IMAGE_NAME}:unstable ${IMAGE_NAME}:${{github.event.inputs.ref_name}}
+
+        docker images
+        docker inspect ${IMAGE_NAME}:unstable
+
+    - name: 📤 Push to registry
+      run: |
+        docker push -a ${IMAGE_NAME}

docker-compose.yaml

@@ -0,0 +1,86 @@
+# Hydra explorer instance with it's chain observers as it is deployed to
+# explorer.hydra.family
+version: "3.9"
+
+networks:
+  hydra-explorer:
+    driver: bridge
+
+services:
+  hydra-explorer:
+    image: ghcr.io/cardano-scaling/hydra-explorer:unstable
+    ports:
+      - "80:8000"
+    command:
+      [ "--client-port", "8000"
+      , "--observer-port", "8001" # not bound to host
+      ]
+    networks:
+      - hydra-explorer
+    restart: always
+
+  # List of hydra-chain-observers
+
+  hydra-chain-observer-preview-unstable:
+    image: ghcr.io/cardano-scaling/hydra-chain-observer:unstable
+    volumes:
+      - "/data/cardano/preview:/data"
+    command:
+      [ "--node-socket", "/data/node.socket"
+      , "--testnet-magic", "2"
+      # NOTE: Block in which 0.20.0 scripts were published
+      , "--start-chain-from", "71938562.2c5fc734343ad1bf8ce2df999421cca15dffdd2b8e1909dad7127b9eaacf8b9c"
+      # NOTE: Reachable via hydra-explorer network
+      , "--explorer", "http://hydra-explorer:8001"
+      ]
+    networks:
+      - hydra-explorer
+    restart: always
+
+  hydra-chain-observer-preprod-unstable:
+    image: ghcr.io/cardano-scaling/hydra-chain-observer:unstable
+    volumes:
+      - "/data/cardano/preprod:/data"
+    command:
+      [ "--node-socket", "/data/node.socket"
+      , "--testnet-magic", "1"
+      # NOTE: Block in which 0.20.0 scripts were published
+      , "--start-chain-from", "82913877.aa62d900ecbd6a073e1b5bb8c014413365c26a3675bd81dc567013340bf94ec3"
+      # NOTE: Reachable via hydra-explorer network
+      , "--explorer", "http://hydra-explorer:8001"
+      ]
+    networks:
+      - hydra-explorer
+    restart: always
+
+  # One cardano node per network
+
+  cardano-node-preview:
+    image: ghcr.io/intersectmbo/cardano-node:10.1.4
+    volumes:
+      - /data/cardano/preview:/data
+    environment:
+      - CARDANO_CONFIG=/data/config.json
+      - CARDANO_TOPOLOGY=/data/topology.json
+      - CARDANO_DATABASE_PATH=/data/db
+      - CARDANO_SOCKET_PATH=/data/node.socket # used by cardano-node
+      - CARDANO_NODE_SOCKET_PATH=/data/node.socket # used by cardano-cli
+      - CARDANO_LOG_DIR=/data/logs
+    command:
+      [ "run" ]
+    restart: always
+
+  cardano-node-preprod:
+    image: ghcr.io/intersectmbo/cardano-node:10.1.4
+    volumes:
+      - /data/cardano/preprod:/data
+    environment:
+      - CARDANO_CONFIG=/data/config.json
+      - CARDANO_TOPOLOGY=/data/topology.json
+      - CARDANO_DATABASE_PATH=/data/db
+      - CARDANO_SOCKET_PATH=/data/node.socket # used by cardano-node
+      - CARDANO_NODE_SOCKET_PATH=/data/node.socket # used by cardano-cli
+      - CARDANO_LOG_DIR=/data/logs
+    command:
+      [ "run" ]
+    restart: always

flake.nix

@@ -41,53 +41,42 @@
     agenix.url = "github:ryantm/agenix";
   };
 
-  outputs = inputs:
-    let
-      systems = [
-        "x86_64-linux"
-        "x86_64-darwin"
-        "aarch64-darwin"
-        "aarch64-linux"
-      ];
-    in
-    inputs.iogx.lib.mkFlake {
-
-      nixpkgsArgs.overlays = [
-        inputs.nix-npm-buildpackage.overlays.default
-        (final: prev: {
-          cardano-node = inputs.cardano-node.packages.${final.system}.cardano-node;
-          cardano-cli = inputs.cardano-node.packages.${final.system}.cardano-cli;
-          hydra-chain-observer = inputs.hydra.packages.${final.system}.hydra-chain-observer;
-          hydra-node = inputs.hydra.packages.${final.system}.hydra-node;
-        })
-      ];
-
-      inherit inputs;
-      inherit systems;
-
-      repoRoot = ./.;
-
-      flake = _: {
-        nixosConfigurations.hydra-explorer =
-          inputs.nixpkgs.lib.nixosSystem
-            {
-              system = "x86_64-linux";
-              specialArgs = inputs;
-              modules = [
-                {
-                  imports = [
-                    "${inputs.nixpkgs}/nixos/modules/virtualisation/amazon-image.nix"
-                    (import ./nix/hydra-explorer-configuration.nix)
-                  ];
-                }
-                inputs.agenix.nixosModules.default
-              ];
-            };
-      };
+  outputs = inputs: inputs.iogx.lib.mkFlake {
+    inherit inputs;
+    systems = [ "x86_64-linux" "x86_64-darwin" "aarch64-darwin" "aarch64-linux" ];
+    repoRoot = ./.;
+
+    nixpkgsArgs.overlays = [
+      inputs.nix-npm-buildpackage.overlays.default
+      (final: prev: {
+        cardano-node = inputs.cardano-node.packages.${final.system}.cardano-node;
+        cardano-cli = inputs.cardano-node.packages.${final.system}.cardano-cli;
+        hydra-chain-observer = inputs.hydra.packages.${final.system}.hydra-chain-observer;
+        hydra-node = inputs.hydra.packages.${final.system}.hydra-node;
+      })
+    ];
 
-      outputs = import ./nix/outputs.nix;
+    flake = _: {
+      nixosConfigurations.explorer =
+        inputs.nixpkgs.lib.nixosSystem
+          {
+            system = "x86_64-linux";
+            specialArgs = inputs;
+            modules = [
+              {
+                imports = [
+                  "${inputs.nixpkgs}/nixos/modules/virtualisation/amazon-image.nix"
+                  (import ./nix/hydra-explorer-configuration.nix)
+                ];
+              }
+              inputs.agenix.nixosModules.default
+            ];
+          };
     };
 
+    outputs = import ./nix/outputs.nix;
+  };
+
   nixConfig = {
     extra-substituters = [
       "https://cache.iog.io"

nix/hydra-explorer-configuration.nix

@@ -1,7 +1,9 @@
-{ pkgs, lib, inputs, ... }:
+{ pkgs, lib, inputs, config, ... }:
 {
   networking = {
-    hostName = "hydra-explorer";
+    # NOTE: This is not hydra-explorer as a container running on this host will
+    # use that dns name.
+    hostName = "explorer";
     firewall = {
       allowedTCPPorts = [ 22 80 443 ];
       enable = true;
@@ -53,45 +55,8 @@
     };
   };
 
-  # Use podman to manage containers
-  virtualisation.podman.enable = true;
-  virtualisation.podman.dockerCompat = true;
-
-  # Cardano node used by Hydra smoke tests and explorer instance
-  # TODO: add multiple instances of cardano-node and hydra-chain-observer
-  # TODO: initialize /data/cardano/preview correctly on a fresh machine
-  virtualisation.oci-containers.containers.cardano-node-preview = {
-    image = "ghcr.io/intersectmbo/cardano-node:10.1.3";
-    volumes = [
-      "/data/cardano/preview:/data"
-    ];
-    cmd = [ "run" ];
-    environment = {
-      CARDANO_CONFIG = "/data/config.json";
-      CARDANO_TOPOLOGY = "/data/topology.json";
-      CARDANO_DATABASE_PATH = "/data/db";
-      CARDANO_SOCKET_PATH = "/data/node.socket"; # used by cardano-node
-      CARDANO_NODE_SOCKET_PATH = "/data/node.socket"; # used by cardano-cli
-      CARDANO_LOG_DIR = "/data/logs";
-    };
-  };
-
-  virtualisation.oci-containers.containers.hydra-explorer = {
-    image = "ghcr.io/cardano-scaling/hydra-explorer:0.19.0";
-    volumes = [
-      "/data/cardano/preview:/data"
-    ];
-    ports = [
-      "80:8080"
-    ];
-    cmd = builtins.concatLists [
-      [ "--node-socket" "/data/node.socket" ]
-      [ "--testnet-magic" "2" ]
-      [ "--api-port" "8080" ]
-      # NOTE: Block in which current master scripts were published
-      [ "--start-chain-from" "49533501.e364500a42220ea47314215679b7e42e9bbb81fa69d1366fe738d8aef900f7ee" ]
-    ];
-  };
+  # Use docker to manage containers
+  virtualisation.docker.enable = true;
 
   services.openssh = {
     settings.PasswordAuthentication = false;

nix/outputs.nix

@@ -4,9 +4,30 @@ let
   project = repoRoot.nix.project;
 in
 [
-  {
+  project.flake
+  rec {
     packages.hydra-explorer-web = import ../hydra-explorer/web/hydra-explorer.nix { inherit pkgs; };
 
+    packages.hydra-explorer-static =
+      project.cross.musl64.cabalProject.hsPkgs.hydra-explorer.components.exes.hydra-explorer;
+
+    packages.docker = pkgs.dockerTools.streamLayeredImage {
+      name = "hydra-explorer";
+      tag = "latest";
+      created = "now";
+      config = {
+        Entrypoint = [ "${packages.hydra-explorer-static}/bin/hydra-explorer" ];
+        WorkingDir = "/";
+      };
+      # Copy the static files to /static in the docker image
+      contents = [
+        (pkgs.runCommand "hydra-explorer-static-files" { } ''
+          mkdir $out
+          ln -s ${packages.hydra-explorer-web} $out/static
+        '')
+      ];
+    };
+
     # A place to hack on the image to see how it works.
     packages.qemu = inputs.nixos-generators.nixosGenerate {
       inherit system;
@@ -27,7 +48,4 @@ in
       ];
     };
   }
-  (
-    project.flake
-  )
 ]