[M] Deploy Ten Gateway Backend ( dev-testnet ) #420
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Deploys Ten Gateway on Azure for Testnet | ||
# Builds the Ten Gateway image, pushes the image to dockerhub and starts the Ten Gateway on Azure VM | ||
name: '[M] Deploy Ten Gateway' | ||
run-name: '[M] Deploy Ten Gateway Backend ( ${{ github.event.inputs.testnet_type }} )' | ||
on: | ||
workflow_dispatch: | ||
inputs: | ||
testnet_type: | ||
description: 'Environment' | ||
required: true | ||
default: 'dev-testnet' | ||
type: choice | ||
options: | ||
- 'dev-testnet' | ||
- 'uat-testnet' | ||
- 'sepolia-testnet' | ||
instance_type: | ||
description: 'Instance' | ||
required: true | ||
default: 'primary' | ||
type: choice | ||
options: | ||
- 'primary' | ||
- 'dexynth' | ||
jobs: | ||
validate-inputs: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: 'Check if deployment is allowed' | ||
run: | | ||
if [[ "${{ github.event.inputs.instance_type }}" == "Dexynth" && "${{ github.event.inputs.testnet_type }}" != "sepolia-testnet" ]]; then | ||
echo "Error: Dexynth can only be deployed to sepolia-testnet." | ||
exit 1 | ||
fi | ||
build-and-deploy: | ||
runs-on: ubuntu-latest | ||
environment: | ||
name: ${{ github.event.inputs.testnet_type }} | ||
steps: | ||
- name: 'Set up environment variables' | ||
id: setup_env | ||
run: | | ||
Check failure on line 45 in .github/workflows/manual-deploy-obscuro-gateway.yml GitHub Actions / [M] Deploy Ten GatewayInvalid workflow file
|
||
INSTANCE_SUFFIX="" | ||
INSTANCE_PREFIX="" | ||
if [[ "${{ github.event.inputs.instance_type }}" != "primary" ]]; then | ||
INSTANCE_SUFFIX="-${{ github.event.inputs.instance_type }}" | ||
INSTANCE_PREFIX="${{ github.event.inputs.instance_type }}-" | ||
fi | ||
echo "INSTANCE_SUFFIX=$INSTANCE_SUFFIX" >> $GITHUB_ENV | ||
echo "INSTANCE_PREFIX=$INSTANCE_PREFIX" >> $GITHUB_ENV | ||
# Set infrastructure variables | ||
PUBLIC_IP="${{ github.event.inputs.testnet_type }}-OG-static${INSTANCE_SUFFIX}" | ||
DNS_NAME="obscurogateway-${{ github.event.inputs.testnet_type }}${INSTANCE_SUFFIX}" | ||
VM_NAME="${{ github.event.inputs.testnet_type }}-OG-${{ github.run_number }}${INSTANCE_SUFFIX}" | ||
DEPLOY_GROUP="ObscuroGateway-${{ github.event.inputs.testnet_type }}-${{ github.run_number }}${INSTANCE_SUFFIX}" | ||
VNET_NAME="ObscuroGateway-${{ github.event.inputs.testnet_type }}-01VNET${INSTANCE_SUFFIX}" | ||
SUBNET_NAME="ObscuroGateway-${{ github.event.inputs.testnet_type }}-01Subnet${INSTANCE_SUFFIX}" | ||
echo "PUBLIC_IP=$PUBLIC_IP" >> $GITHUB_ENV | ||
echo "DNS_NAME=$DNS_NAME" >> $GITHUB_ENV | ||
echo "VM_NAME=$VM_NAME" >> $GITHUB_ENV | ||
echo "DEPLOY_GROUP=$DEPLOY_GROUP" >> $GITHUB_ENV | ||
echo "VNET_NAME=$VNET_NAME" >> $GITHUB_ENV | ||
echo "SUBNET_NAME=$SUBNET_NAME" >> $GITHUB_ENV | ||
# Set instance-specific variables by constructing the full key before accessing vars | ||
DOCKER_BUILD_TAG_KEY="${INSTANCE_PREFIX}DOCKER_BUILD_TAG_GATEWAY" | ||
AZURE_DEPLOY_GROUP_KEY="${INSTANCE_PREFIX}AZURE_DEPLOY_GROUP_GATEWAY" | ||
L2_RPC_URL_KEY="${INSTANCE_PREFIX}L2_RPC_URL_VALIDATOR" | ||
GATEWAY_RATE_LIMIT_USER_COMPUTE_TIME_KEY="${INSTANCE_PREFIX}GATEWAY_RATE_LIMIT_USER_COMPUTE_TIME" | ||
GATEWAY_RATE_LIMIT_WINDOW_KEY="${INSTANCE_PREFIX}GATEWAY_RATE_LIMIT_WINDOW" | ||
GATEWAY_MAX_CONCURRENT_REQUESTS_KEY="${INSTANCE_PREFIX}GATEWAY_MAX_CONCURRENT_REQUESTS_PER_USER" | ||
DOCKER_BUILD_TAG_GATEWAY="${{ vars[DOCKER_BUILD_TAG_KEY] }}" | ||
AZURE_DEPLOY_GROUP_GATEWAY="${{ vars[AZURE_DEPLOY_GROUP_KEY] }}" | ||
L2_RPC_URL_VALIDATOR="${{ vars[L2_RPC_URL_KEY] }}" | ||
GATEWAY_RATE_LIMIT_USER_COMPUTE_TIME="${{ vars[GATEWAY_RATE_LIMIT_USER_COMPUTE_TIME_KEY] }}" | ||
GATEWAY_RATE_LIMIT_WINDOW="${{ vars[GATEWAY_RATE_LIMIT_WINDOW_KEY] }}" | ||
GATEWAY_MAX_CONCURRENT_REQUESTS_PER_USER="${{ vars[GATEWAY_MAX_CONCURRENT_REQUESTS_KEY] }}" | ||
echo "DOCKER_BUILD_TAG_GATEWAY=$DOCKER_BUILD_TAG_GATEWAY" >> $GITHUB_ENV | ||
echo "AZURE_DEPLOY_GROUP_GATEWAY=$AZURE_DEPLOY_GROUP_GATEWAY" >> $GITHUB_ENV | ||
echo "L2_RPC_URL_VALIDATOR=$L2_RPC_URL_VALIDATOR" >> $GITHUB_ENV | ||
echo "GATEWAY_RATE_LIMIT_USER_COMPUTE_TIME=$GATEWAY_RATE_LIMIT_USER_COMPUTE_TIME" >> $GITHUB_ENV | ||
echo "GATEWAY_RATE_LIMIT_WINDOW=$GATEWAY_RATE_LIMIT_WINDOW" >> $GITHUB_ENV | ||
echo "GATEWAY_MAX_CONCURRENT_REQUESTS_PER_USER=$GATEWAY_MAX_CONCURRENT_REQUESTS_PER_USER" >> $GITHUB_ENV | ||
- name: 'Print environment variables' | ||
# This is a useful record of what the environment variables were at the time the job ran, for debugging and reference | ||
run: | | ||
echo "INSTANCE_SUFFIX: $INSTANCE_SUFFIX" | ||
echo "INSTANCE_PREFIX: $INSTANCE_PREFIX" | ||
echo "PUBLIC_IP: $PUBLIC_IP" | ||
echo "DNS_NAME: $DNS_NAME" | ||
echo "VM_NAME: $VM_NAME" | ||
echo "DEPLOY_GROUP: $DEPLOY_GROUP" | ||
echo "VNET_NAME: $VNET_NAME" | ||
echo "SUBNET_NAME: $SUBNET_NAME" | ||
echo "DOCKER_BUILD_TAG_GATEWAY: $DOCKER_BUILD_TAG_GATEWAY" | ||
echo "AZURE_DEPLOY_GROUP_GATEWAY: $AZURE_DEPLOY_GROUP_GATEWAY" | ||
echo "L2_RPC_URL_VALIDATOR: $L2_RPC_URL_VALIDATOR" | ||
echo "GATEWAY_RATE_LIMIT_USER_COMPUTE_TIME: $GATEWAY_RATE_LIMIT_USER_COMPUTE_TIME" | ||
echo "GATEWAY_RATE_LIMIT_WINDOW: $GATEWAY_RATE_LIMIT_WINDOW" | ||
echo "GATEWAY_MAX_CONCURRENT_REQUESTS_PER_USER: $GATEWAY_MAX_CONCURRENT_REQUESTS_PER_USER" | ||
- name: 'Print GitHub variables' | ||
# This is a useful record of what the environment variables were at the time the job ran, for debugging and reference | ||
run: | | ||
echo "GitHub Variables = ${{ toJSON(vars) }}" | ||
- uses: actions/checkout@v4 | ||
- name: 'Extract branch name' | ||
shell: bash | ||
run: | | ||
echo "Branch Name: ${GITHUB_REF_NAME}" | ||
echo "BRANCH_NAME=${GITHUB_REF_NAME}" >> $GITHUB_ENV | ||
- name: 'Set up Docker' | ||
uses: docker/setup-buildx-action@v1 | ||
- name: 'Login to Azure docker registry' | ||
uses: azure/docker-login@v1 | ||
with: | ||
login-server: testnetobscuronet.azurecr.io | ||
username: testnetobscuronet | ||
password: ${{ secrets.REGISTRY_PASSWORD }} | ||
- name: 'Login via Azure CLI' | ||
uses: azure/login@v1 | ||
with: | ||
creds: ${{ secrets.AZURE_CREDENTIALS }} | ||
- name: Build and Push Docker Image | ||
run: | | ||
DOCKER_BUILDKIT=1 docker build --build-arg TESTNET_TYPE=${{ github.event.inputs.testnet_type }} -t ${{ env.DOCKER_BUILD_TAG_GATEWAY }} -f ./tools/walletextension/Dockerfile . | ||
docker push ${{ env.DOCKER_BUILD_TAG_GATEWAY }} | ||
# This will fail some deletions due to resource dependencies ( ie. you must first delete the vm before deleting the disk) | ||
- name: 'Delete deployed VMs' | ||
uses: azure/CLI@v1 | ||
with: | ||
inlineScript: | | ||
$(az resource list --tag ${{ env.AZURE_DEPLOY_GROUP_GATEWAY }}=true --query '[]."id"' -o tsv | xargs -n1 az resource delete --verbose -g Testnet --ids) || true | ||
# This will clean up any lingering dependencies - might fail if there are no resources to cleanup | ||
- name: 'Delete VMs dependencies' | ||
uses: azure/CLI@v1 | ||
with: | ||
inlineScript: | | ||
$(az resource list --tag ${{ env.AZURE_DEPLOY_GROUP_GATEWAY }}=true --query '[]."id"' -o tsv | xargs -n1 az resource delete --verbose -g Testnet --ids) || true | ||
- name: 'Ensure VM Static Public IP Exists' | ||
uses: azure/CLI@v1 | ||
with: | ||
inlineScript: | | ||
az network public-ip show -g Testnet -n "${{ env.PUBLIC_IP }}" || az network public-ip create -g Testnet -n "${{ env.PUBLIC_IP }}" --allocation-method Static --sku Standard | ||
- name: 'Assign/Update DNS Name for Public IP' | ||
uses: azure/CLI@v1 | ||
with: | ||
inlineScript: | | ||
existing_dns_name=$(az network public-ip show -g Testnet -n "${{ env.PUBLIC_IP }}" --query dnsSettings.domainNameLabel -o tsv) | ||
if [ -z "$existing_dns_name" ]; then | ||
az network public-ip update -g Testnet -n "${{ env.PUBLIC_IP }}" --dns-name "${{ env.DNS_NAME }}" | ||
fi | ||
- name: 'Create VM for Gateway node on Azure' | ||
uses: azure/CLI@v1 | ||
with: | ||
inlineScript: | | ||
az vm create -g Testnet -n "${{ env.VM_NAME }}" \ | ||
--admin-username obscurouser --admin-password "${{ secrets.OBSCURO_NODE_VM_PWD }}" \ | ||
--public-ip-address "${{ env.PUBLIC_IP }}" \ | ||
--tags deploygroup="${{ env.DEPLOY_GROUP }}" ${{ env.AZURE_DEPLOY_GROUP_GATEWAY }}=true \ | ||
--vnet-name "${{ env.VNET_NAME }}" --subnet "${{ env.SUBNET_NAME }}" \ | ||
--size Standard_D4_v5 --image Canonical:0001-com-ubuntu-server-focal:20_04-lts-gen2:latest \ | ||
--authentication-type password | ||
- name: 'Open Ten node-${{ matrix.host_id }} ports on Azure' | ||
uses: azure/CLI@v1 | ||
with: | ||
inlineScript: | | ||
az vm open-port -g Testnet -n "${{ env.VM_NAME }}" --port 80,81 | ||
# To overcome issues with critical VM resources being unavailable, we need to wait for the VM to be ready | ||
- name: 'Allow time for VM initialization' | ||
shell: bash | ||
run: sleep 30 | ||
- name: 'Start Ten Gateway on Azure' | ||
uses: azure/CLI@v1 | ||
with: | ||
inlineScript: | | ||
az vm run-command invoke -g Testnet -n "${{ env.VM_NAME }}" \ | ||
--command-id RunShellScript \ | ||
--scripts 'mkdir -p /home/obscuro \ | ||
&& sudo apt-get update \ | ||
&& sudo apt-get install -y gcc \ | ||
&& sudo snap refresh && sudo snap install --channel=1.18 go --classic \ | ||
&& curl -fsSL https://get.docker.com -o get-docker.sh && sh ./get-docker.sh \ | ||
&& git clone --depth 1 -b ${{ env.BRANCH_NAME }} https://github.com/ten-protocol/go-ten.git /home/obscuro/go-obscuro \ | ||
&& docker network create --driver bridge node_network || true \ | ||
&& docker run -d --name datadog-agent \ | ||
--network node_network \ | ||
-e DD_API_KEY=${{ secrets.DD_API_KEY }} \ | ||
-e DD_LOGS_ENABLED=true \ | ||
-e DD_LOGS_CONFIG_CONTAINER_COLLECT_ALL=true \ | ||
-e DD_LOGS_CONFIG_AUTO_MULTI_LINE_DETECTION=true \ | ||
-e DD_CONTAINER_EXCLUDE_LOGS="name:datadog-agent" \ | ||
-e DD_SITE="datadoghq.eu" \ | ||
-v /var/run/docker.sock:/var/run/docker.sock:ro \ | ||
-v /proc/:/host/proc/:ro \ | ||
-v /opt/datadog-agent/run:/opt/datadog-agent/run:rw \ | ||
-v /sys/fs/cgroup/:/host/sys/fs/cgroup:ro \ | ||
--log-opt max-file=3 --log-opt max-size=10m \ | ||
datadog/agent:latest \ | ||
&& cd /home/obscuro/go-obscuro/ \ | ||
&& docker run -d -p 80:80 -p 81:81 --name "${{ env.VM_NAME }}" \ | ||
-e OBSCURO_GATEWAY_VERSION="${{ GITHUB.RUN_NUMBER }}-${{ GITHUB.SHA }}" \ | ||
--log-opt max-file=3 --log-opt max-size=10m \ | ||
${{ env.DOCKER_BUILD_TAG_GATEWAY }} \ | ||
-host=0.0.0.0 -port=80 -portWS=81 -nodeHost=${{ env.L2_RPC_URL_VALIDATOR }} -verbose=true \ | ||
-logPath=sys_out -dbType=mariaDB -dbConnectionURL="obscurouser:${{ secrets.OBSCURO_GATEWAY_MARIADB_USER_PWD }}@tcp(obscurogateway-mariadb-${{ github.event.inputs.testnet_type }}.uksouth.cloudapp.azure.com:3306)/ogdb" \ | ||
-rateLimitUserComputeTime=${{ env.GATEWAY_RATE_LIMIT_USER_COMPUTE_TIME }} -rateLimitWindow=${{ env.GATEWAY_RATE_LIMIT_WINDOW }} -maxConcurrentRequestsPerUser=${{ env.GATEWAY_MAX_CONCURRENT_REQUESTS_PER_USER }} ' |