-
Notifications
You must be signed in to change notification settings - Fork 38
241 lines (216 loc) · 10.9 KB
/
manual-upgrade-testnet-l2.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
# Upgrades an existing Obscuro network on Azure for Testnet and Dev Testnet.
# The Obscuro network is composed of 2 Obscuro nodes running on individual VMs with SGX. At the moment the workflow can
# either be triggered manually as a workflow dispatch, or as a scheduled task. When manually triggered the testnet type
# (dev-testnet or testnet) can be supplied as an input argument. When triggered as a scheduled task, we always default
# to a dev-testnet deployment. A scheduled deployment of dev-testnet will additionally kick off the E2E tests via
# repository dispatch.
#
# The scheduled deployment runs at 03:05 on every day-of-week.
name: '[M] Upgrade Testnet L2'
on:
schedule:
- cron: '05 03 * * *'
workflow_dispatch:
inputs:
testnet_type:
description: 'Testnet Type'
required: true
default: 'dev-testnet'
type: choice
options:
- 'dev-testnet'
- 'testnet'
log_level:
description: 'Log Level 1-Error 5-Trace'
required: true
default: 3
type: number
jobs:
build:
runs-on: ubuntu-latest
# Map a step output to a job output
outputs:
L2_ENCLAVE_DOCKER_BUILD_TAG: ${{ steps.outputVars.outputs.L2_ENCLAVE_DOCKER_BUILD_TAG }}
L2_HOST_DOCKER_BUILD_TAG: ${{ steps.outputVars.outputs.L2_HOST_DOCKER_BUILD_TAG }}
RESOURCE_TAG_NAME: ${{ steps.outputVars.outputs.RESOURCE_TAG_NAME }}
RESOURCE_STARTING_NAME: ${{ steps.outputVars.outputs.RESOURCE_STARTING_NAME }}
RESOURCE_TESTNET_NAME: ${{ steps.outputVars.outputs.RESOURCE_TESTNET_NAME }}
L1_HOST: ${{ steps.outputVars.outputs.L1_HOST }}
VM_BUILD_NUMBER: ${{ steps.outputVars.outputs.VM_BUILD_NUMBER }}
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: 1.20.4
- name: 'Login via Azure CLI'
uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: 'Sets env vars for testnet'
if: ${{ github.event.inputs.testnet_type == 'testnet' }}
run: |
echo "L2_ENCLAVE_DOCKER_BUILD_TAG=testnetobscuronet.azurecr.io/obscuronet/enclave:latest" >> $GITHUB_ENV
echo "L2_HOST_DOCKER_BUILD_TAG=testnetobscuronet.azurecr.io/obscuronet/host:latest" >> $GITHUB_ENV
echo "RESOURCE_TAG_NAME=testnetlatest" >> $GITHUB_ENV
echo "RESOURCE_STARTING_NAME=T" >> $GITHUB_ENV
echo "RESOURCE_TESTNET_NAME=testnet" >> $GITHUB_ENV
echo "L1_HOST=testnet-eth2network.uksouth.cloudapp.azure.com" >> $GITHUB_ENV
- name: 'Sets env vars for dev-testnet'
if: ${{ (github.event.inputs.testnet_type == 'dev-testnet') || (github.event_name == 'schedule') }}
run: |
echo "L2_ENCLAVE_DOCKER_BUILD_TAG=testnetobscuronet.azurecr.io/obscuronet/dev_enclave:latest" >> $GITHUB_ENV
echo "L2_HOST_DOCKER_BUILD_TAG=testnetobscuronet.azurecr.io/obscuronet/dev_host:latest" >> $GITHUB_ENV
echo "RESOURCE_TAG_NAME=devtestnetlatest" >> $GITHUB_ENV
echo "RESOURCE_STARTING_NAME=D" >> $GITHUB_ENV
echo "RESOURCE_TESTNET_NAME=devtestnet" >> $GITHUB_ENV
echo "L1_HOST=dev-testnet-eth2network.uksouth.cloudapp.azure.com" >> $GITHUB_ENV
- name: 'Fetch latest VM hostnames by env tag and extract build number'
id: fetch_hostnames
run: |
VM_HOSTNAME=$(az vm list --query "[?tags.${{env.RESOURCE_TAG_NAME}}=='true'].{Name:name}[0]" -g Testnet -o tsv)
VM_BUILD_NUMBER=$(echo $VM_HOSTNAME | perl -ne 'if (/(-[0-9]{1}-)(\d+)/) { print $2 }') # Extract build number from VM hostname, e.g. D-0-321 -> 321
echo "VM_BUILD_NUMBER=${VM_BUILD_NUMBER}" >> $GITHUB_ENV
echo "VM_HOSTNAME: ${VM_HOSTNAME}"
echo "VM_BUILD_NUMBER: ${VM_BUILD_NUMBER}"
if ! [[ $VM_BUILD_NUMBER =~ ^[0-9]+$ ]]; then # fail if build number is not a number
echo "Error: Hostname lookup or regex extraction of build number failed."
exit 1
fi
- name: 'Output env vars'
id: outputVars
run: |
echo "L2_ENCLAVE_DOCKER_BUILD_TAG=${{env.L2_ENCLAVE_DOCKER_BUILD_TAG}}" >> $GITHUB_OUTPUT
echo "L2_HOST_DOCKER_BUILD_TAG=${{env.L2_HOST_DOCKER_BUILD_TAG}}" >> $GITHUB_OUTPUT
echo "RESOURCE_TAG_NAME=${{env.RESOURCE_TAG_NAME}}" >> $GITHUB_OUTPUT
echo "RESOURCE_STARTING_NAME=${{env.RESOURCE_STARTING_NAME}}" >> $GITHUB_OUTPUT
echo "RESOURCE_TESTNET_NAME=${{env.RESOURCE_TESTNET_NAME}}" >> $GITHUB_OUTPUT
echo "L1_HOST=${{env.L1_HOST}}" >> $GITHUB_OUTPUT
echo "VM_BUILD_NUMBER=${{env.VM_BUILD_NUMBER}}" >> $GITHUB_OUTPUT
- name: 'Login to Azure docker registry'
uses: azure/docker-login@v1
with:
login-server: testnetobscuronet.azurecr.io
username: testnetobscuronet
password: ${{ secrets.REGISTRY_PASSWORD }}
- name: 'Build and push obscuro node images'
run: |
DOCKER_BUILDKIT=1 docker build -t ${{env.L2_ENCLAVE_DOCKER_BUILD_TAG}} -f dockerfiles/enclave.Dockerfile .
docker push ${{env.L2_ENCLAVE_DOCKER_BUILD_TAG}}
DOCKER_BUILDKIT=1 docker build -t ${{env.L2_HOST_DOCKER_BUILD_TAG}} -f dockerfiles/host.Dockerfile .
docker push ${{env.L2_HOST_DOCKER_BUILD_TAG}}
deploy:
needs: build
runs-on: ubuntu-latest
strategy:
matrix:
host_id: [ 0,1 ]
include:
# Hardcoded host addresses
- host_addr: 0x0000000000000000000000000000000000000000
host_id: 0
- host_addr: 0x0000000000000000000000000000000000000001
host_id: 1
# Hardcoded host prefunded keys
- node_pk_str: GETHNETWORK_PREFUNDED_PKSTR_0
host_id: 0
- node_pk_str: GETHNETWORK_PREFUNDED_PKSTR_1
host_id: 1
- node_pk_addr: GETHNETWORK_PREFUNDED_ADDR_0
host_id: 0
- node_pk_addr: GETHNETWORK_PREFUNDED_ADDR_1
host_id: 1
# Ensure there is a single genesis node
- is_genesis: true
host_id: 0
- is_genesis: false
host_id: 1
# Ensure there is a single sequencer
- node_type: sequencer
host_id: 0
- node_type: validator
host_id: 1
steps:
- name: 'Extract branch name'
shell: bash
run: |
echo "Branch Name: ${GITHUB_REF_NAME}"
echo "BRANCH_NAME=${GITHUB_REF_NAME}" >> $GITHUB_ENV
- name: 'Login via Azure CLI'
uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: 'Update Obscuro node-${{ matrix.host_id }} on Azure'
uses: azure/CLI@v1
with:
inlineScript: |
az vm run-command invoke -g Testnet -n "${{needs.build.outputs.RESOURCE_STARTING_NAME}}-${{ matrix.host_id }}-${{needs.build.outputs.VM_BUILD_NUMBER}}" \
--command-id RunShellScript \
--scripts '
docker pull ${{needs.build.outputs.L2_HOST_DOCKER_BUILD_TAG}} \
&& docker pull ${{needs.build.outputs.L2_ENCLAVE_DOCKER_BUILD_TAG}} \
&& rm -rf /home/obscuro/go-obscuro \
&& git clone --depth 1 -b ${{ env.BRANCH_NAME }} https://github.com/obscuronet/go-obscuro.git /home/obscuro/go-obscuro \
&& cd /home/obscuro/go-obscuro/ \
&& sudo go run /home/obscuro/go-obscuro/go/node/cmd \
-is_genesis=${{ matrix.is_genesis }} \
-node_type=${{ matrix.node_type }} \
-is_sgx_enabled=true \
-host_id=${{ secrets[matrix.node_pk_addr] }} \
-l1_host=${{needs.build.outputs.L1_HOST}} \
-private_key=${{ secrets[matrix.node_pk_str] }} \
-sequencer_id=${{ secrets.GETHNETWORK_PREFUNDED_ADDR_0 }} \
-host_public_p2p_addr=obscuronode-${{ matrix.host_id }}-${{needs.build.outputs.RESOURCE_TESTNET_NAME}}-${{needs.build.outputs.VM_BUILD_NUMBER}}.uksouth.cloudapp.azure.com:10000 \
-host_p2p_port=10000 \
-enclave_docker_image=${{needs.build.outputs.L2_ENCLAVE_DOCKER_BUILD_TAG}} \
-host_docker_image=${{needs.build.outputs.L2_HOST_DOCKER_BUILD_TAG}} \
-log_level=${{ github.event.inputs.log_level }} \
upgrade'
check-obscuro-is-healthy:
needs:
- build
- deploy
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: "Wait until obscuro node is healthy"
shell: bash
run: |
./.github/workflows/runner-scripts/wait-node-healthy.sh --host=obscuronode-0-${{needs.build.outputs.RESOURCE_TESTNET_NAME}}-${{needs.build.outputs.VM_BUILD_NUMBER}}.uksouth.cloudapp.azure.com
./.github/workflows/runner-scripts/wait-node-healthy.sh --host=obscuronode-1-${{needs.build.outputs.RESOURCE_TESTNET_NAME}}-${{needs.build.outputs.VM_BUILD_NUMBER}}.uksouth.cloudapp.azure.com
deploy-faucet-on-dispatch:
uses: ./.github/workflows/manual-deploy-testnet-faucet.yml
if: ${{ github.event_name == 'workflow_dispatch' }}
with:
testnet_type: ${{ github.event.inputs.testnet_type }}
secrets: inherit
needs:
- check-obscuro-is-healthy
deploy-faucet-on-schedule:
uses: ./.github/workflows/manual-deploy-testnet-faucet.yml
if: ${{ github.event_name == 'schedule' }}
with:
testnet_type: 'dev-testnet'
secrets: inherit
needs:
- check-obscuro-is-healthy
obscuro-test-signal-on-dispatch:
runs-on: ubuntu-latest
needs:
- deploy-faucet-on-dispatch
steps:
- name: 'Send a repository dispatch to obscuro-test on upgrade of dev-testnet'
if: ${{ github.event.inputs.testnet_type == 'dev-testnet' }}
run: |
curl -XPOST -H "Authorization: Bearer ${{ secrets.GH_TOKEN }}" -H "Accept:application/vnd.github" -H "Content-Type:application/json" https://api.github.com/repos/obscuronet/obscuro-test/dispatches --data '{ "event_type": "dev_testnet_upgraded", "client_payload": { "ref": "${{ github.ref_name }}" }'
- name: 'Send a repository dispatch to obscuro-test on upgrade of testnet'
if: ${{ github.event.inputs.testnet_type == 'testnet' }}
run: |
curl -XPOST -H "Authorization: Bearer ${{ secrets.GH_TOKEN }}" -H "Accept:application/vnd.github" -H "Content-Type:application/json" https://api.github.com/repos/obscuronet/obscuro-test/dispatches --data '{ "event_type": "testnet_upgraded", "client_payload": { "ref": "${{ github.ref_name }}" }'
obscuro-test-signal-on-schedule:
runs-on: ubuntu-latest
needs:
- deploy-faucet-on-schedule
steps:
- name: 'Send a repository dispatch to obscuro-test on upgrade of dev-testnet'
run: |
curl -XPOST -H "Authorization: Bearer ${{ secrets.GH_TOKEN }}" -H "Accept:application/vnd.github" -H "Content-Type:application/json" https://api.github.com/repos/obscuronet/obscuro-test/dispatches --data '{ "event_type": "dev_testnet_upgraded", "client_payload": { "ref": "${{ github.ref_name }}" }'