Skip to content

[M] Upgrade Testnet L2 ( sepolia-testnet ) #328

[M] Upgrade Testnet L2 ( sepolia-testnet )

[M] Upgrade Testnet L2 ( sepolia-testnet ) #328

# Upgrades an existing Obscuro network on Azure for Testnet and Dev Testnet.
# The Obscuro network is composed of 2 Obscuro nodes running on individual VMs with SGX. At the moment the workflow can
# either be triggered manually as a workflow dispatch, or as a scheduled task. When manually triggered the testnet type
# (dev-testnet or testnet) can be supplied as an input argument. When triggered as a scheduled task, we always default
# to a dev-testnet deployment. A scheduled deployment of dev-testnet will additionally kick off the E2E tests via
# repository dispatch.
#
# The scheduled deployment runs at 03:05 on every day-of-week.
#
# This script uses GitHub Environments for variables (vars) and secrets - these are configured on GitHub and
# the environments match the input.testnet_type options
name: '[M] Upgrade Testnet L2'
run-name: '[M] Upgrade Testnet L2 ( ${{ github.event.inputs.testnet_type }} )'
on:
# schedule:
# - cron: '05 03 * * *'
workflow_dispatch:
inputs:
testnet_type:
description: 'Testnet Type'
required: true
default: 'dev-testnet'
type: choice
options:
- 'dev-testnet'
- 'uat-testnet'
- 'sepolia-testnet'
log_level:
description: 'Log Level 1-Error 5-Trace'
required: true
default: 3
type: number
jobs:
build:
runs-on: ubuntu-latest
environment:
name: ${{ github.event.inputs.testnet_type }}
# Map a step output to a job output
outputs:
VM_BUILD_NUMBER: ${{ steps.outputVars.outputs.VM_BUILD_NUMBER }}
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: 1.20.4
- name: 'Print GitHub variables'
# This is a useful record of what the environment variables were at the time the job ran, for debugging and reference
run: |
echo "GitHub Variables = ${{ toJSON(vars) }}"
- name: 'Login via Azure CLI'
uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: 'Fetch latest VM hostnames by env tag and extract build number'
id: fetch_hostnames
run: |
VM_HOSTNAME=$(az vm list --query "[?tags.\"${{ vars.AZURE_DEPLOY_GROUP_L2 }}\"=='true'].{Name:name}[0]" -g Testnet -o tsv)
VM_BUILD_NUMBER=$(echo $VM_HOSTNAME | perl -ne 'if (/(-[0-9]{1}-)(\d+)/) { print $2 }') # Extract build number from VM hostname, e.g. D-0-321 -> 321
echo "VM_BUILD_NUMBER=${VM_BUILD_NUMBER}" >> $GITHUB_ENV
echo "VM_HOSTNAME: ${VM_HOSTNAME}"
echo "VM_BUILD_NUMBER: ${VM_BUILD_NUMBER}"
if ! [[ $VM_BUILD_NUMBER =~ ^[0-9]+$ ]]; then # fail if build number is not a number
echo "Error: Hostname lookup or regex extraction of build number failed."
exit 1
fi
- name: 'Output env vars'
id: outputVars
run: |
echo "VM_BUILD_NUMBER=${{ env.VM_BUILD_NUMBER }}" >> $GITHUB_OUTPUT
- name: 'Login to Azure docker registry'
uses: azure/docker-login@v1
with:
login-server: testnetobscuronet.azurecr.io
username: testnetobscuronet
password: ${{ secrets.REGISTRY_PASSWORD }}
- name: 'Build and push obscuro node images'
run: |
DOCKER_BUILDKIT=1 docker build -t ${{ vars.L2_ENCLAVE_DOCKER_BUILD_TAG }} -f dockerfiles/enclave.Dockerfile .
docker push ${{ vars.L2_ENCLAVE_DOCKER_BUILD_TAG }}
DOCKER_BUILDKIT=1 docker build -t ${{ vars.L2_HOST_DOCKER_BUILD_TAG }} -f dockerfiles/host.Dockerfile .
docker push ${{ vars.L2_HOST_DOCKER_BUILD_TAG }}
deploy:
needs: build
runs-on: ubuntu-latest
environment:
name: ${{ github.event.inputs.testnet_type }}
strategy:
matrix:
host_id: [ 0,1 ]
include:
# Ensure there is a single genesis node
- is_genesis: true
host_id: 0
- is_genesis: false
host_id: 1
# Ensure there is a single sequencer
- node_type: sequencer
host_id: 0
- node_type: validator
host_id: 1
# Hardcoded lookup keys because GH actions doesn't let you build them inline with the host_id
- node_pk_lookup: ACCOUNT_PK_NODE_0
host_id: 0
- node_pk_lookup: ACCOUNT_PK_NODE_1
host_id: 1
- node_addr_lookup: ACCOUNT_ADDR_NODE_0
host_id: 0
- node_addr_lookup: ACCOUNT_ADDR_NODE_1
host_id: 1
- node_l1_ws_lookup: L1_WS_URL_0
host_id: 0
- node_l1_ws_lookup: L1_WS_URL_1
host_id: 1
steps:
- name: 'Extract branch name'
shell: bash
run: |
echo "Branch Name: ${GITHUB_REF_NAME}"
echo "BRANCH_NAME=${GITHUB_REF_NAME}" >> $GITHUB_ENV
- name: 'Login via Azure CLI'
uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: 'Update Obscuro node-${{ matrix.host_id }} on Azure'
uses: azure/CLI@v1
with:
inlineScript: |
az vm run-command invoke -g Testnet -n "${{ vars.AZURE_RESOURCE_PREFIX }}-${{ matrix.host_id }}-${{ needs.build.outputs.VM_BUILD_NUMBER }}" \
--command-id RunShellScript \
--scripts '
docker pull ${{ vars.L2_HOST_DOCKER_BUILD_TAG }} \
&& docker pull ${{ vars.L2_ENCLAVE_DOCKER_BUILD_TAG }} \
&& rm -rf /home/obscuro/go-obscuro \
&& git clone --depth 1 -b ${{ env.BRANCH_NAME }} https://github.com/ten-protocol/go-ten.git /home/obscuro/go-obscuro \
&& cd /home/obscuro/go-obscuro/ \
&& sudo go run /home/obscuro/go-obscuro/go/node/cmd \
-is_genesis=${{ matrix.is_genesis }} \
-node_type=${{ matrix.node_type }} \
-is_sgx_enabled=true \
-host_id=${{ vars[matrix.node_addr_lookup] }} \
-l1_ws_url=${{ secrets[matrix.node_l1_ws_lookup] }} \
-private_key=${{ secrets[matrix.node_pk_lookup] }} \
-sequencer_id=${{ vars.ACCOUNT_ADDR_NODE_0 }} \
-host_public_p2p_addr=obscuronode-${{ matrix.host_id }}-${{ github.event.inputs.testnet_type }}-${{ needs.build.outputs.VM_BUILD_NUMBER }}.uksouth.cloudapp.azure.com:10000 \
-host_p2p_port=10000 \
-enclave_docker_image=${{ vars.L2_ENCLAVE_DOCKER_BUILD_TAG }} \
-host_docker_image=${{ vars.L2_HOST_DOCKER_BUILD_TAG }} \
-log_level=${{ github.event.inputs.log_level }} \
-batch_interval=${{ vars.L2_BATCH_INTERVAL }} \
-max_batch_interval=${{ vars.L2_MAX_BATCH_INTERVAL }} \
-rollup_interval=${{ vars.L2_ROLLUP_INTERVAL }} \
-l1_chain_id=${{ vars.L1_CHAIN_ID }} \
upgrade'
check-obscuro-is-healthy:
needs:
- build
- deploy
runs-on: ubuntu-latest
environment:
name: ${{ github.event.inputs.testnet_type }}
steps:
- uses: actions/checkout@v3
- name: "Wait until obscuro node is healthy"
shell: bash
run: |
./.github/workflows/runner-scripts/wait-node-healthy.sh --host=obscuronode-0-${{ github.event.inputs.testnet_type }}-${{ needs.build.outputs.VM_BUILD_NUMBER }}.uksouth.cloudapp.azure.com
./.github/workflows/runner-scripts/wait-node-healthy.sh --host=obscuronode-1-${{ github.event.inputs.testnet_type }}-${{ needs.build.outputs.VM_BUILD_NUMBER }}.uksouth.cloudapp.azure.com
deploy-faucet-on-dispatch:
uses: ./.github/workflows/manual-deploy-testnet-faucet.yml
if: ${{ github.event_name == 'workflow_dispatch' }}
with:
testnet_type: ${{ github.event.inputs.testnet_type }}
secrets: inherit
needs:
- check-obscuro-is-healthy
deploy-faucet-on-schedule:
uses: ./.github/workflows/manual-deploy-testnet-faucet.yml
if: ${{ github.event_name == 'schedule' }}
with:
testnet_type: 'dev-testnet'
secrets: inherit
needs:
- check-obscuro-is-healthy
obscuro-test-signal-on-dispatch:
runs-on: ubuntu-latest
environment:
name: ${{ github.event.inputs.testnet_type }}
needs:
- deploy-faucet-on-dispatch
steps:
- name: 'Send a repository dispatch to obscuro-test on upgrade of dev-testnet'
if: ${{ github.event.inputs.testnet_type == 'dev-testnet' }}
run: |
curl -XPOST -H "Authorization: Bearer ${{ secrets.GH_TOKEN }}" -H "Accept:application/vnd.github" -H "Content-Type:application/json" https://api.github.com/repos/ten-protocol/ten-test/dispatches --data '{ "event_type": "dev_testnet_upgraded", "client_payload": { "ref": "${{ github.ref_name }}" }'
- name: 'Send a repository dispatch to obscuro-test on upgrade of uat-testnet'
if: ${{ github.event.inputs.testnet_type == 'uat-testnet' }}
run: |
curl -XPOST -H "Authorization: Bearer ${{ secrets.GH_TOKEN }}" -H "Accept:application/vnd.github" -H "Content-Type:application/json" https://api.github.com/repos/ten-protocol/ten-test/dispatches --data '{ "event_type": "uat_testnet_upgraded", "client_payload": { "ref": "${{ github.ref_name }}" }'
obscuro-test-signal-on-schedule:
runs-on: ubuntu-latest
environment:
name: ${{ github.event.inputs.testnet_type }}
needs:
- deploy-faucet-on-schedule
steps:
- name: 'Send a repository dispatch to obscuro-test on upgrade of dev-testnet'
run: |
curl -XPOST -H "Authorization: Bearer ${{ secrets.GH_TOKEN }}" -H "Accept:application/vnd.github" -H "Content-Type:application/json" https://api.github.com/repos/ten-protocol/ten-test/dispatches --data '{ "event_type": "dev_testnet_upgraded", "client_payload": { "ref": "${{ github.ref_name }}" }'