-
Notifications
You must be signed in to change notification settings - Fork 40
229 lines (204 loc) · 10.5 KB
/
manual-deploy-obscuro-gateway.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
# Deploys Ten Gateway on Azure for Testnet
# Builds the Ten Gateway image, pushes the image to dockerhub and starts the Ten Gateway on Azure VM
name: '[M] Deploy Ten Gateway'
run-name: '[M] Deploy Ten Gateway Backend ( ${{ github.event.inputs.testnet_type }} )'
on:
workflow_dispatch:
inputs:
testnet_type:
description: 'Environment'
required: true
default: 'dev-testnet'
type: choice
options:
- 'dev-testnet'
- 'uat-testnet'
- 'sepolia-testnet'
instance_type:
description: 'Instance'
required: true
default: 'primary'
type: choice
options:
- 'primary'
- 'dexynth'
jobs:
validate-inputs:
runs-on: ubuntu-latest
steps:
- name: 'Check if deployment is allowed'
run: |
if [[ "${{ github.event.inputs.instance_type }}" == "Dexynth" && "${{ github.event.inputs.testnet_type }}" != "sepolia-testnet" ]]; then
echo "Error: Dexynth can only be deployed to sepolia-testnet."
exit 1
fi
build-and-deploy:
runs-on: ubuntu-latest
environment:
name: ${{ github.event.inputs.testnet_type }}
steps:
- name: 'Set up environment variables'
id: setup_env
run: |
INSTANCE_SUFFIX=""
INSTANCE_PREFIX=""
if [[ "${{ github.event.inputs.instance_type }}" != "primary" ]]; then
INSTANCE_SUFFIX="-${{ github.event.inputs.instance_type }}"
INSTANCE_PREFIX="${{ github.event.inputs.instance_type }}-"
fi
echo "INSTANCE_SUFFIX=$INSTANCE_SUFFIX" >> $GITHUB_ENV
echo "INSTANCE_PREFIX=$INSTANCE_PREFIX" >> $GITHUB_ENV
# Set infrastructure variables
PUBLIC_IP="${{ github.event.inputs.testnet_type }}-OG-static${INSTANCE_SUFFIX}"
DNS_NAME="obscurogateway-${{ github.event.inputs.testnet_type }}${INSTANCE_SUFFIX}"
VM_NAME="${{ github.event.inputs.testnet_type }}-OG-${{ github.run_number }}${INSTANCE_SUFFIX}"
DEPLOY_GROUP="ObscuroGateway-${{ github.event.inputs.testnet_type }}-${{ github.run_number }}${INSTANCE_SUFFIX}"
VNET_NAME="ObscuroGateway-${{ github.event.inputs.testnet_type }}-01VNET${INSTANCE_SUFFIX}"
SUBNET_NAME="ObscuroGateway-${{ github.event.inputs.testnet_type }}-01Subnet${INSTANCE_SUFFIX}"
echo "PUBLIC_IP=$PUBLIC_IP" >> $GITHUB_ENV
echo "DNS_NAME=$DNS_NAME" >> $GITHUB_ENV
echo "VM_NAME=$VM_NAME" >> $GITHUB_ENV
echo "DEPLOY_GROUP=$DEPLOY_GROUP" >> $GITHUB_ENV
echo "VNET_NAME=$VNET_NAME" >> $GITHUB_ENV
echo "SUBNET_NAME=$SUBNET_NAME" >> $GITHUB_ENV
# Set instance-specific variables
declare -a VAR_NAMES=(
"DOCKER_BUILD_TAG_GATEWAY"
"AZURE_DEPLOY_GROUP_GATEWAY"
"L2_RPC_URL_VALIDATOR"
"GATEWAY_RATE_LIMIT_USER_COMPUTE_TIME"
"GATEWAY_RATE_LIMIT_WINDOW"
"GATEWAY_MAX_CONCURRENT_REQUESTS_PER_USER"
)
for VAR_NAME in "${VAR_NAMES[@]}"; do
FULL_VAR_NAME="${INSTANCE_PREFIX}${VAR_NAME}"
VAR_VALUE=$(jq -r --arg key "$FULL_VAR_NAME" '.[$key] // empty' <<< '${{ toJson(vars) }}')
if [[ -n "$VAR_VALUE" ]]; then
echo "${VAR_NAME}=${VAR_VALUE}" >> $GITHUB_ENV
else
echo "Warning: ${FULL_VAR_NAME} not found in vars" >&2
fi
done
- name: 'Print environment variables'
# This is a useful record of what the environment variables were at the time the job ran, for debugging and reference
run: |
echo "INSTANCE_SUFFIX: $INSTANCE_SUFFIX"
echo "INSTANCE_PREFIX: $INSTANCE_PREFIX"
echo "PUBLIC_IP: $PUBLIC_IP"
echo "DNS_NAME: $DNS_NAME"
echo "VM_NAME: $VM_NAME"
echo "DEPLOY_GROUP: $DEPLOY_GROUP"
echo "VNET_NAME: $VNET_NAME"
echo "SUBNET_NAME: $SUBNET_NAME"
echo "DOCKER_BUILD_TAG_GATEWAY: $DOCKER_BUILD_TAG_GATEWAY"
echo "AZURE_DEPLOY_GROUP_GATEWAY: $AZURE_DEPLOY_GROUP_GATEWAY"
echo "L2_RPC_URL_VALIDATOR: $L2_RPC_URL_VALIDATOR"
echo "GATEWAY_RATE_LIMIT_USER_COMPUTE_TIME: $GATEWAY_RATE_LIMIT_USER_COMPUTE_TIME"
echo "GATEWAY_RATE_LIMIT_WINDOW: $GATEWAY_RATE_LIMIT_WINDOW"
echo "GATEWAY_MAX_CONCURRENT_REQUESTS_PER_USER: $GATEWAY_MAX_CONCURRENT_REQUESTS_PER_USER"
- name: 'Print GitHub variables'
# This is a useful record of what the environment variables were at the time the job ran, for debugging and reference
run: |
echo "GitHub Variables = ${{ toJSON(vars) }}"
- uses: actions/checkout@v4
- name: 'Extract branch name'
shell: bash
run: |
echo "Branch Name: ${GITHUB_REF_NAME}"
echo "BRANCH_NAME=${GITHUB_REF_NAME}" >> $GITHUB_ENV
- name: 'Set up Docker'
uses: docker/setup-buildx-action@v1
- name: 'Login to Azure docker registry'
uses: azure/docker-login@v1
with:
login-server: testnetobscuronet.azurecr.io
username: testnetobscuronet
password: ${{ secrets.REGISTRY_PASSWORD }}
- name: 'Login via Azure CLI'
uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: Build and Push Docker Image
run: |
DOCKER_BUILDKIT=1 docker build --build-arg TESTNET_TYPE=${{ github.event.inputs.testnet_type }} -t ${{ env.DOCKER_BUILD_TAG_GATEWAY }} -f ./tools/walletextension/Dockerfile .
docker push ${{ env.DOCKER_BUILD_TAG_GATEWAY }}
# This will fail some deletions due to resource dependencies ( ie. you must first delete the vm before deleting the disk)
- name: 'Delete deployed VMs'
uses: azure/CLI@v1
with:
inlineScript: |
$(az resource list --tag ${{ env.AZURE_DEPLOY_GROUP_GATEWAY }}=true --query '[]."id"' -o tsv | xargs -n1 az resource delete --verbose -g Testnet --ids) || true
# This will clean up any lingering dependencies - might fail if there are no resources to cleanup
- name: 'Delete VMs dependencies'
uses: azure/CLI@v1
with:
inlineScript: |
$(az resource list --tag ${{ env.AZURE_DEPLOY_GROUP_GATEWAY }}=true --query '[]."id"' -o tsv | xargs -n1 az resource delete --verbose -g Testnet --ids) || true
- name: 'Ensure VM Static Public IP Exists'
uses: azure/CLI@v1
with:
inlineScript: |
az network public-ip show -g Testnet -n "${{ env.PUBLIC_IP }}" || az network public-ip create -g Testnet -n "${{ env.PUBLIC_IP }}" --allocation-method Static --sku Standard
- name: 'Assign/Update DNS Name for Public IP'
uses: azure/CLI@v1
with:
inlineScript: |
existing_dns_name=$(az network public-ip show -g Testnet -n "${{ env.PUBLIC_IP }}" --query dnsSettings.domainNameLabel -o tsv)
if [ -z "$existing_dns_name" ]; then
az network public-ip update -g Testnet -n "${{ env.PUBLIC_IP }}" --dns-name "${{ env.DNS_NAME }}"
fi
- name: 'Create VM for Gateway node on Azure'
uses: azure/CLI@v1
with:
inlineScript: |
az vm create -g Testnet -n "${{ env.VM_NAME }}" \
--admin-username obscurouser --admin-password "${{ secrets.OBSCURO_NODE_VM_PWD }}" \
--public-ip-address "${{ env.PUBLIC_IP }}" \
--tags deploygroup="${{ env.DEPLOY_GROUP }}" ${{ env.AZURE_DEPLOY_GROUP_GATEWAY }}=true \
--vnet-name "${{ env.VNET_NAME }}" --subnet "${{ env.SUBNET_NAME }}" \
--size Standard_D4_v5 --image Canonical:0001-com-ubuntu-server-focal:20_04-lts-gen2:latest \
--authentication-type password
- name: 'Open Ten node-${{ matrix.host_id }} ports on Azure'
uses: azure/CLI@v1
with:
inlineScript: |
az vm open-port -g Testnet -n "${{ env.VM_NAME }}" --port 80,81
# To overcome issues with critical VM resources being unavailable, we need to wait for the VM to be ready
- name: 'Allow time for VM initialization'
shell: bash
run: sleep 30
- name: 'Start Ten Gateway on Azure'
uses: azure/CLI@v1
with:
inlineScript: |
az vm run-command invoke -g Testnet -n "${{ env.VM_NAME }}" \
--command-id RunShellScript \
--scripts 'mkdir -p /home/obscuro \
&& sudo apt-get update \
&& sudo apt-get install -y gcc \
&& sudo snap refresh && sudo snap install --channel=1.18 go --classic \
&& curl -fsSL https://get.docker.com -o get-docker.sh && sh ./get-docker.sh \
&& git clone --depth 1 -b ${{ env.BRANCH_NAME }} https://github.com/ten-protocol/go-ten.git /home/obscuro/go-obscuro \
&& docker network create --driver bridge node_network || true \
&& docker run -d --name datadog-agent \
--network node_network \
-e DD_API_KEY=${{ secrets.DD_API_KEY }} \
-e DD_LOGS_ENABLED=true \
-e DD_LOGS_CONFIG_CONTAINER_COLLECT_ALL=true \
-e DD_LOGS_CONFIG_AUTO_MULTI_LINE_DETECTION=true \
-e DD_CONTAINER_EXCLUDE_LOGS="name:datadog-agent" \
-e DD_SITE="datadoghq.eu" \
-v /var/run/docker.sock:/var/run/docker.sock:ro \
-v /proc/:/host/proc/:ro \
-v /opt/datadog-agent/run:/opt/datadog-agent/run:rw \
-v /sys/fs/cgroup/:/host/sys/fs/cgroup:ro \
--log-opt max-file=3 --log-opt max-size=10m \
datadog/agent:latest \
&& cd /home/obscuro/go-obscuro/ \
&& docker run -d -p 80:80 -p 81:81 --name "${{ env.VM_NAME }}" \
-e OBSCURO_GATEWAY_VERSION="${{ GITHUB.RUN_NUMBER }}-${{ GITHUB.SHA }}" \
--log-opt max-file=3 --log-opt max-size=10m \
${{ env.DOCKER_BUILD_TAG_GATEWAY }} \
-host=0.0.0.0 -port=80 -portWS=81 -nodeHost=${{ env.L2_RPC_URL_VALIDATOR }} -verbose=true \
-logPath=sys_out -dbType=mariaDB -dbConnectionURL="obscurouser:${{ secrets.OBSCURO_GATEWAY_MARIADB_USER_PWD }}@tcp(obscurogateway-mariadb-${{ github.event.inputs.testnet_type }}.uksouth.cloudapp.azure.com:3306)/ogdb" \
-rateLimitUserComputeTime=${{ env.GATEWAY_RATE_LIMIT_USER_COMPUTE_TIME }} -rateLimitWindow=${{ env.GATEWAY_RATE_LIMIT_WINDOW }} -maxConcurrentRequestsPerUser=${{ env.GATEWAY_MAX_CONCURRENT_REQUESTS_PER_USER }} '