From 4ef35fa24155604ecb5e76237566639c760f2925 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C5=BDiga=20Kokelj?= Date: Fri, 23 Aug 2024 12:36:56 +0200 Subject: [PATCH] refactor gateway deployment script --- .../manual-deploy-obscuro-gateway.yml | 106 ++++++++++++++---- 1 file changed, 82 insertions(+), 24 deletions(-) diff --git a/.github/workflows/manual-deploy-obscuro-gateway.yml b/.github/workflows/manual-deploy-obscuro-gateway.yml index bf8c1825d1..e8c5e53dbc 100644 --- a/.github/workflows/manual-deploy-obscuro-gateway.yml +++ b/.github/workflows/manual-deploy-obscuro-gateway.yml @@ -1,13 +1,13 @@ -# Deploys Obscuro Gateway on Azure for Testnet -# Builds the Obscuro Gateway image, pushes the image to dockerhub and starts the Obscuro Gateway on Azure VM +# Deploys Ten Gateway on Azure for Testnet +# Builds the Ten Gateway image, pushes the image to dockerhub and starts the Ten Gateway on Azure VM -name: '[M] Deploy Obscuro Gateway' -run-name: '[M] Deploy Obscuro Gateway ( ${{ github.event.inputs.testnet_type }} )' +name: '[M] Deploy Ten Gateway' +run-name: '[M] Deploy Ten Gateway Backend ( ${{ github.event.inputs.testnet_type }} )' on: workflow_dispatch: inputs: testnet_type: - description: 'Testnet Type' + description: 'Environment' required: true default: 'dev-testnet' type: choice @@ -15,13 +15,71 @@ on: - 'dev-testnet' - 'uat-testnet' - 'sepolia-testnet' + instance_type: + description: 'Instance' + required: true + default: 'primary' + type: choice + options: + - 'primary' + - 'dexynth' jobs: + validate-inputs: + runs-on: ubuntu-latest + steps: + - name: 'Check if deployment is allowed' + run: | + if [[ "${{ github.event.inputs.instance_type }}" == "Dexynth" && "${{ github.event.inputs.testnet_type }}" != "sepolia-testnet" ]]; then + echo "Error: Dexynth can only be deployed to sepolia-testnet." + exit 1 + fi + build-and-deploy: runs-on: ubuntu-latest environment: name: ${{ github.event.inputs.testnet_type }} + env: + # Set environment variables based on the instance type + # (use the instance type as a prefix for the environment variables and avoid using the suffix for the primary instance) + INSTANCE_SUFFIX: ${{ github.event.inputs.instance_type == 'primary' && '' || format('-{}', github.event.inputs.instance_type) }} + INSTANCE_PREFIX: ${{ github.event.inputs.instance_type == 'primary' && '' || format('{}-', github.event.inputs.instance_type) }} + + # Set infrastructure variables which need to be unique for each environment & instance combination + PUBLIC_IP: ${{ github.event.inputs.testnet_type }}-OG-static${{ env.INSTANCE_SUFFIX }} + DNS_NAME: obscurogateway-${{ github.event.inputs.testnet_type }}${{ env.INSTANCE_SUFFIX }} + VM_NAME: ${{ github.event.inputs.testnet_type }}-OG-${{ github.run_number }}${{ env.INSTANCE_SUFFIX }} + DEPLOY_GROUP: ObscuroGateway-${{ github.event.inputs.testnet_type }}-${{ GITHUB.RUN_NUMBER }}${{ env.INSTANCE_SUFFIX }} + VNET_NAME: ObscuroGateway-${{ github.event.inputs.testnet_type }}-01VNET${{ env.INSTANCE_SUFFIX }} + SUBNET_NAME: ObscuroGateway-${{ github.event.inputs.testnet_type }}-01Subnet${{ env.INSTANCE_SUFFIX }} + + # Set variables that are unique for each instance type + DOCKER_BUILD_TAG_GATEWAY: ${{ vars[format('{}DOCKER_BUILD_TAG_GATEWAY', env.INSTANCE_PREFIX)] }} + AZURE_DEPLOY_GROUP_GATEWAY: ${{ vars[format('{}AZURE_DEPLOY_GROUP_GATEWAY', env.INSTANCE_PREFIX)] }} + L2_RPC_URL_VALIDATOR: ${{ vars[format('{}L2_RPC_URL_VALIDATOR', env.INSTANCE_PREFIX)] }} + GATEWAY_RATE_LIMIT_USER_COMPUTE_TIME: ${{ vars[format('{}GATEWAY_RATE_LIMIT_USER_COMPUTE_TIME', env.INSTANCE_PREFIX)] }} + GATEWAY_RATE_LIMIT_WINDOW: ${{ vars[format('{}GATEWAY_RATE_LIMIT_WINDOW', env.INSTANCE_PREFIX)] }} + GATEWAY_MAX_CONCURRENT_REQUESTS_PER_USER: ${{ vars[format('{}GATEWAY_MAX_CONCURRENT_REQUESTS_PER_USER', env.INSTANCE_PREFIX)] }} + steps: + - name: 'Print environment variables' + # This is a useful record of what the environment variables were at the time the job ran, for debugging and reference + run: | + echo "INSTANCE_SUFFIX: $INSTANCE_SUFFIX" + echo "INSTANCE_PREFIX: $INSTANCE_PREFIX" + echo "PUBLIC_IP: $PUBLIC_IP" + echo "DNS_NAME: $DNS_NAME" + echo "VM_NAME: $VM_NAME" + echo "DEPLOY_GROUP: $DEPLOY_GROUP" + echo "VNET_NAME: $VNET_NAME" + echo "SUBNET_NAME: $SUBNET_NAME" + echo "DOCKER_BUILD_TAG_GATEWAY: $DOCKER_BUILD_TAG_GATEWAY" + echo "AZURE_DEPLOY_GROUP_GATEWAY: $AZURE_DEPLOY_GROUP_GATEWAY" + echo "L2_RPC_URL_VALIDATOR: $L2_RPC_URL_VALIDATOR" + echo "GATEWAY_RATE_LIMIT_USER_COMPUTE_TIME: $GATEWAY_RATE_LIMIT_USER_COMPUTE_TIME" + echo "GATEWAY_RATE_LIMIT_WINDOW: $GATEWAY_RATE_LIMIT_WINDOW" + echo "GATEWAY_MAX_CONCURRENT_REQUESTS_PER_USER: $GATEWAY_MAX_CONCURRENT_REQUESTS_PER_USER" + - name: 'Print GitHub variables' # This is a useful record of what the environment variables were at the time the job ran, for debugging and reference run: | @@ -52,66 +110,66 @@ jobs: - name: Build and Push Docker Image run: | - DOCKER_BUILDKIT=1 docker build --build-arg TESTNET_TYPE=${{ github.event.inputs.testnet_type }} -t ${{ vars.DOCKER_BUILD_TAG_GATEWAY }} -f ./tools/walletextension/Dockerfile . - docker push ${{ vars.DOCKER_BUILD_TAG_GATEWAY }} + DOCKER_BUILDKIT=1 docker build --build-arg TESTNET_TYPE=${{ github.event.inputs.testnet_type }} -t ${{ env.DOCKER_BUILD_TAG_GATEWAY }} -f ./tools/walletextension/Dockerfile . + docker push ${{ env.DOCKER_BUILD_TAG_GATEWAY }} # This will fail some deletions due to resource dependencies ( ie. you must first delete the vm before deleting the disk) - name: 'Delete deployed VMs' uses: azure/CLI@v1 with: inlineScript: | - $(az resource list --tag ${{ vars.AZURE_DEPLOY_GROUP_GATEWAY }}=true --query '[]."id"' -o tsv | xargs -n1 az resource delete --verbose -g Testnet --ids) || true + $(az resource list --tag ${{ env.AZURE_DEPLOY_GROUP_GATEWAY }}=true --query '[]."id"' -o tsv | xargs -n1 az resource delete --verbose -g Testnet --ids) || true # This will clean up any lingering dependencies - might fail if there are no resources to cleanup - name: 'Delete VMs dependencies' uses: azure/CLI@v1 with: inlineScript: | - $(az resource list --tag ${{ vars.AZURE_DEPLOY_GROUP_GATEWAY }}=true --query '[]."id"' -o tsv | xargs -n1 az resource delete --verbose -g Testnet --ids) || true + $(az resource list --tag ${{ env.AZURE_DEPLOY_GROUP_GATEWAY }}=true --query '[]."id"' -o tsv | xargs -n1 az resource delete --verbose -g Testnet --ids) || true - name: 'Ensure VM Static Public IP Exists' uses: azure/CLI@v1 with: inlineScript: | - az network public-ip show -g Testnet -n "${{ github.event.inputs.testnet_type }}-OG-static" || az network public-ip create -g Testnet -n "${{ github.event.inputs.testnet_type }}-OG-static" --allocation-method Static --sku Standard + az network public-ip show -g Testnet -n "${{ env.PUBLIC_IP }}" || az network public-ip create -g Testnet -n "${{ env.PUBLIC_IP }}" --allocation-method Static --sku Standard - name: 'Assign/Update DNS Name for Public IP' uses: azure/CLI@v1 with: inlineScript: | - existing_dns_name=$(az network public-ip show -g Testnet -n "${{ github.event.inputs.testnet_type }}-OG-static" --query dnsSettings.domainNameLabel -o tsv) + existing_dns_name=$(az network public-ip show -g Testnet -n "${{ env.PUBLIC_IP }}" --query dnsSettings.domainNameLabel -o tsv) if [ -z "$existing_dns_name" ]; then - az network public-ip update -g Testnet -n "${{ github.event.inputs.testnet_type }}-OG-static" --dns-name "obscurogateway-${{ github.event.inputs.testnet_type }}" + az network public-ip update -g Testnet -n "${{ env.PUBLIC_IP }}" --dns-name "${{ env.DNS_NAME }}" fi - name: 'Create VM for Gateway node on Azure' uses: azure/CLI@v1 with: inlineScript: | - az vm create -g Testnet -n "${{ github.event.inputs.testnet_type }}-OG-${{ GITHUB.RUN_NUMBER }}" \ + az vm create -g Testnet -n "${{ env.VM_NAME }}" \ --admin-username obscurouser --admin-password "${{ secrets.OBSCURO_NODE_VM_PWD }}" \ - --public-ip-address "${{ github.event.inputs.testnet_type }}-OG-static" \ - --tags deploygroup=ObscuroGateway-${{ github.event.inputs.testnet_type }}-${{ GITHUB.RUN_NUMBER }} ${{ vars.AZURE_DEPLOY_GROUP_GATEWAY }}=true \ - --vnet-name ObscuroGateway-${{ github.event.inputs.testnet_type }}-01VNET --subnet ObscuroGateway-${{ github.event.inputs.testnet_type }}-01Subnet \ + --public-ip-address "${{ env.PUBLIC_IP }}" \ + --tags deploygroup="${{ env.DEPLOY_GROUP }}" ${{ env.AZURE_DEPLOY_GROUP_GATEWAY }}=true \ + --vnet-name "${{ env.VNET_NAME }}" --subnet "${{ env.SUBNET_NAME }}" \ --size Standard_D4_v5 --image Canonical:0001-com-ubuntu-server-focal:20_04-lts-gen2:latest \ --authentication-type password - - name: 'Open Obscuro node-${{ matrix.host_id }} ports on Azure' + - name: 'Open Ten node-${{ matrix.host_id }} ports on Azure' uses: azure/CLI@v1 with: inlineScript: | - az vm open-port -g Testnet -n "${{ github.event.inputs.testnet_type }}-OG-${{ GITHUB.RUN_NUMBER }}" --port 80,81 + az vm open-port -g Testnet -n "${{ env.VM_NAME }}" --port 80,81 # To overcome issues with critical VM resources being unavailable, we need to wait for the VM to be ready - name: 'Allow time for VM initialization' shell: bash run: sleep 30 - - name: 'Start Obscuro gateway on Azure' + - name: 'Start Ten Gateway on Azure' uses: azure/CLI@v1 with: inlineScript: | - az vm run-command invoke -g Testnet -n "${{ github.event.inputs.testnet_type }}-OG-${{ GITHUB.RUN_NUMBER }}" \ + az vm run-command invoke -g Testnet -n "${{ env.VM_NAME }}" \ --command-id RunShellScript \ --scripts 'mkdir -p /home/obscuro \ && sudo apt-get update \ @@ -135,10 +193,10 @@ jobs: --log-opt max-file=3 --log-opt max-size=10m \ datadog/agent:latest \ && cd /home/obscuro/go-obscuro/ \ - && docker run -d -p 80:80 -p 81:81 --name ${{ github.event.inputs.testnet_type }}-OG-${{ GITHUB.RUN_NUMBER }} \ + && docker run -d -p 80:80 -p 81:81 --name "${{ env.VM_NAME }}" \ -e OBSCURO_GATEWAY_VERSION="${{ GITHUB.RUN_NUMBER }}-${{ GITHUB.SHA }}" \ --log-opt max-file=3 --log-opt max-size=10m \ - ${{ vars.DOCKER_BUILD_TAG_GATEWAY }} \ - -host=0.0.0.0 -port=80 -portWS=81 -nodeHost=${{ vars.L2_RPC_URL_VALIDATOR }} -verbose=true \ + ${{ env.DOCKER_BUILD_TAG_GATEWAY }} \ + -host=0.0.0.0 -port=80 -portWS=81 -nodeHost=${{ env.L2_RPC_URL_VALIDATOR }} -verbose=true \ -logPath=sys_out -dbType=mariaDB -dbConnectionURL="obscurouser:${{ secrets.OBSCURO_GATEWAY_MARIADB_USER_PWD }}@tcp(obscurogateway-mariadb-${{ github.event.inputs.testnet_type }}.uksouth.cloudapp.azure.com:3306)/ogdb" \ - -rateLimitUserComputeTime=${{ vars.GATEWAY_RATE_LIMIT_USER_COMPUTE_TIME }} -rateLimitWindow=${{ vars.GATEWAY_RATE_LIMIT_WINDOW }} -maxConcurrentRequestsPerUser=${{ vars.GATEWAY_MAX_CONCURRENT_REQUESTS_PER_USER }} ' + -rateLimitUserComputeTime=${{ env.GATEWAY_RATE_LIMIT_USER_COMPUTE_TIME }} -rateLimitWindow=${{ env.GATEWAY_RATE_LIMIT_WINDOW }} -maxConcurrentRequestsPerUser=${{ env.GATEWAY_MAX_CONCURRENT_REQUESTS_PER_USER }} '