From 235d0a916934cd2e990ccb12f37ea2786217bab6 Mon Sep 17 00:00:00 2001 From: Matt <98158711+BedrockSquirrel@users.noreply.github.com> Date: Tue, 26 Sep 2023 13:46:01 +0100 Subject: [PATCH 1/2] Add sepolia option to L2 GH action scripts (#1529) --- .../workflows/manual-deploy-testnet-l1.yml | 7 +- .../workflows/manual-deploy-testnet-l2.yml | 196 ++++++++---------- .../workflows/manual-upgrade-testnet-l2.yml | 141 ++++++------- contracts/package.json | 4 +- testnet/launcher/l2contractdeployer/docker.go | 2 +- 5 files changed, 165 insertions(+), 185 deletions(-) diff --git a/.github/workflows/manual-deploy-testnet-l1.yml b/.github/workflows/manual-deploy-testnet-l1.yml index fb7877ce3d..492a1638ee 100644 --- a/.github/workflows/manual-deploy-testnet-l1.yml +++ b/.github/workflows/manual-deploy-testnet-l1.yml @@ -14,7 +14,7 @@ # The scheduled deployment runs at 03:05 on every day-of-week from Tuesday through Saturday, for dev-testnet only. name: '[M] Deploy Testnet L1' - +run-name: '[M] Deploy Testnet L1 ( ${{ github.event.inputs.testnet_type }} )' on: workflow_dispatch: inputs: @@ -30,6 +30,9 @@ on: jobs: build-and-deploy: runs-on: ubuntu-latest + environment: + name: ${{ github.event.inputs.testnet_type }} + steps: - uses: actions/checkout@v3 @@ -144,6 +147,6 @@ jobs: --blockTimeSecs=15 --slotsPerEpoch=2 --slotsPerSecond=15 \ --numNodes=1 --gethHTTPStartPort=8025 --gethWSStartPort=9000 \ --logToFile=false \ - --prefundedAddrs="${{ secrets.GETHNETWORK_PREFUNDED_ADDR_WORKER }},${{ secrets.GETHNETWORK_PREFUNDED_ADDR_0 }},${{ secrets.GETHNETWORK_PREFUNDED_ADDR_1 }}"' + --prefundedAddrs="${{ vars.WORKER_ADDR }},${{ vars.NODE_WALLET_ADDR_0 }},${{ vars.NODE_WALLET_ADDR_1 }}"' diff --git a/.github/workflows/manual-deploy-testnet-l2.yml b/.github/workflows/manual-deploy-testnet-l2.yml index 7327160c42..503ee23351 100644 --- a/.github/workflows/manual-deploy-testnet-l2.yml +++ b/.github/workflows/manual-deploy-testnet-l2.yml @@ -1,10 +1,13 @@ # Deploys an Obscuro network on Azure for Testnet and Dev Testnet # # The Obscuro network is composed of 2 obscuro nodes running on individual vms with SGX. At the moment the workflow -# can can onlu be triggered manually as a workflow dispatch. +# can only be triggered manually as a workflow dispatch. # +# This script uses GitHub Environments for variables (vars) and secrets - these are configured on GitHub and +# the environments match the input.testnet_type options name: '[M] Deploy Testnet L2' +run-name: '[M] Deploy Testnet L2 ( ${{ github.event.inputs.testnet_type }} )' on: workflow_dispatch: inputs: @@ -16,6 +19,7 @@ on: options: - 'dev-testnet' - 'testnet' + - 'sepolia-testnet' log_level: description: 'Log Level 1-Error 5-Trace' required: true @@ -25,6 +29,9 @@ on: jobs: build: runs-on: ubuntu-latest + environment: + name: ${{ github.event.inputs.testnet_type }} + # Map a step output to a job output outputs: MGMT_CONTRACT_ADDR: ${{ steps.deployContracts.outputs.MGMT_CONTRACT_ADDR }} @@ -32,16 +39,6 @@ jobs: L1_START_HASH: ${{ steps.deployContracts.outputs.L1_START_HASH }} HOC_ERC20_ADDR: ${{ steps.deployContracts.outputs.HOC_ERC20_ADDR }} POC_ERC20_ADDR: ${{ steps.deployContracts.outputs.POC_ERC20_ADDR }} - L2_ENCLAVE_DOCKER_BUILD_TAG: ${{ steps.outputVars.outputs.L2_ENCLAVE_DOCKER_BUILD_TAG }} - L2_HOST_DOCKER_BUILD_TAG: ${{ steps.outputVars.outputs.L2_HOST_DOCKER_BUILD_TAG }} - L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG: ${{ steps.outputVars.outputs.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG }} - RESOURCE_TAG_NAME: ${{ steps.outputVars.outputs.RESOURCE_TAG_NAME }} - RESOURCE_STARTING_NAME: ${{ steps.outputVars.outputs.RESOURCE_STARTING_NAME }} - RESOURCE_TESTNET_NAME: ${{ steps.outputVars.outputs.RESOURCE_TESTNET_NAME }} - L1_WS_URL: ${{ steps.outputVars.outputs.L1_WS_URL }} - L1_HTTP_URL: ${{ steps.outputVars.outputs.L1_HTTP_URL }} - BATCH_INTERVAL: ${{ steps.outputVars.outputs.BATCH_INTERVAL }} - ROLLUP_INTERVAL: ${{ steps.outputVars.outputs.ROLLUP_INTERVAL }} steps: @@ -51,53 +48,30 @@ jobs: with: go-version: 1.20.4 + - name: 'Print GitHub variables' + # This is a useful record of what the environment variables were at the time the job ran, for debugging and reference + run: | + echo "L2_ENCLAVE_DOCKER_BUILD_TAG=${{vars.L2_ENCLAVE_DOCKER_BUILD_TAG}}" + echo "L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG=${{vars.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG}}" + echo "L2_HOST_DOCKER_BUILD_TAG=${{vars.L2_HOST_DOCKER_BUILD_TAG}}" + + echo "RESOURCE_STARTING_NAME=${{vars.RESOURCE_STARTING_NAME}}" + echo "RESOURCE_TAG_NAME=${{vars.RESOURCE_TAG_NAME}}" + echo "RESOURCE_TESTNET_NAME=${{vars.RESOURCE_TESTNET_NAME}}" + + echo "L1_CHAIN_ID=${{vars.L1_CHAIN_ID}}" + echo "NODE_WALLET_ADDR_0=${{vars.NODE_WALLET_ADDR_0}}" + echo "NODE_WALLET_ADDR_1=${{vars.NODE_WALLET_ADDR_1}}" + echo "WORKER_ADDR=${{vars.WORKER_ADDR}}" + + echo "BATCH_INTERVAL=${{vars.BATCH_INTERVAL}}" + echo "ROLLUP_INTERVAL=${{vars.ROLLUP_INTERVAL}}" + - name: 'Login via Azure CLI' uses: azure/login@v1 with: creds: ${{ secrets.AZURE_CREDENTIALS }} - - name: 'Sets env vars for testnet' - if: ${{ github.event.inputs.testnet_type == 'testnet' }} - run: | - echo "L2_ENCLAVE_DOCKER_BUILD_TAG=testnetobscuronet.azurecr.io/obscuronet/enclave:latest" >> $GITHUB_ENV - echo "L2_HOST_DOCKER_BUILD_TAG=testnetobscuronet.azurecr.io/obscuronet/host:latest" >> $GITHUB_ENV - echo "L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG=testnetobscuronet.azurecr.io/obscuronet/hardhatdeployer:latest" >> $GITHUB_ENV - echo "RESOURCE_TAG_NAME=testnetlatest" >> $GITHUB_ENV - echo "RESOURCE_STARTING_NAME=T" >> $GITHUB_ENV - echo "RESOURCE_TESTNET_NAME=testnet" >> $GITHUB_ENV - echo "L1_WS_URL=ws://testnet-eth2network.uksouth.cloudapp.azure.com:9000" >> $GITHUB_ENV - echo "L1_HTTP_URL=http://testnet-eth2network.uksouth.cloudapp.azure.com:8025" >> $GITHUB_ENV - echo "BATCH_INTERVAL=1s" >> $GITHUB_ENV - echo "ROLLUP_INTERVAL=10s" >> $GITHUB_ENV - - - name: 'Sets env vars for dev-testnet' - if: ${{ (github.event.inputs.testnet_type == 'dev-testnet') }} - run: | - echo "L2_ENCLAVE_DOCKER_BUILD_TAG=testnetobscuronet.azurecr.io/obscuronet/dev_enclave:latest" >> $GITHUB_ENV - echo "L2_HOST_DOCKER_BUILD_TAG=testnetobscuronet.azurecr.io/obscuronet/dev_host:latest" >> $GITHUB_ENV - echo "L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG=testnetobscuronet.azurecr.io/obscuronet/dev_hardhatdeployer:latest" >> $GITHUB_ENV - echo "RESOURCE_TAG_NAME=devtestnetlatest" >> $GITHUB_ENV - echo "RESOURCE_STARTING_NAME=D" >> $GITHUB_ENV - echo "RESOURCE_TESTNET_NAME=devtestnet" >> $GITHUB_ENV - echo "L1_WS_URL=ws://dev-testnet-eth2network.uksouth.cloudapp.azure.com:9000" >> $GITHUB_ENV - echo "L1_HTTP_URL=http://dev-testnet-eth2network.uksouth.cloudapp.azure.com:8025" >> $GITHUB_ENV - echo "BATCH_INTERVAL=1s" >> $GITHUB_ENV - echo "ROLLUP_INTERVAL=10s" >> $GITHUB_ENV - - - name: 'Output env vars' - id: outputVars - run: | - echo "L2_ENCLAVE_DOCKER_BUILD_TAG=${{env.L2_ENCLAVE_DOCKER_BUILD_TAG}}" >> $GITHUB_OUTPUT - echo "L2_HOST_DOCKER_BUILD_TAG=${{env.L2_HOST_DOCKER_BUILD_TAG}}" >> $GITHUB_OUTPUT - echo "L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG=${{env.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG}}" >> $GITHUB_OUTPUT - echo "RESOURCE_TAG_NAME=${{env.RESOURCE_TAG_NAME}}" >> $GITHUB_OUTPUT - echo "RESOURCE_STARTING_NAME=${{env.RESOURCE_STARTING_NAME}}" >> $GITHUB_OUTPUT - echo "RESOURCE_TESTNET_NAME=${{env.RESOURCE_TESTNET_NAME}}" >> $GITHUB_OUTPUT - echo "L1_WS_URL=${{env.L1_WS_URL}}" >> $GITHUB_OUTPUT - echo "L1_HTTP_URL=${{env.L1_HTTP_URL}}" >> $GITHUB_OUTPUT - echo "BATCH_INTERVAL=${{env.BATCH_INTERVAL}}" >> $GITHUB_OUTPUT - echo "ROLLUP_INTERVAL=${{env.ROLLUP_INTERVAL}}" >> $GITHUB_OUTPUT - - name: 'Login to Azure docker registry' uses: azure/docker-login@v1 with: @@ -107,21 +81,21 @@ jobs: - name: 'Build and push obscuro node images' run: | - DOCKER_BUILDKIT=1 docker build -t ${{env.L2_ENCLAVE_DOCKER_BUILD_TAG}} -f dockerfiles/enclave.Dockerfile . - docker push ${{env.L2_ENCLAVE_DOCKER_BUILD_TAG}} - DOCKER_BUILDKIT=1 docker build -t ${{env.L2_HOST_DOCKER_BUILD_TAG}} -f dockerfiles/host.Dockerfile . - docker push ${{env.L2_HOST_DOCKER_BUILD_TAG}} - DOCKER_BUILDKIT=1 docker build -t ${{env.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG}} -f tools/hardhatdeployer/Dockerfile . - docker push ${{env.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG}} + DOCKER_BUILDKIT=1 docker build -t ${{vars.L2_ENCLAVE_DOCKER_BUILD_TAG}} -f dockerfiles/enclave.Dockerfile . + docker push ${{vars.L2_ENCLAVE_DOCKER_BUILD_TAG}} + DOCKER_BUILDKIT=1 docker build -t ${{vars.L2_HOST_DOCKER_BUILD_TAG}} -f dockerfiles/host.Dockerfile . + docker push ${{vars.L2_HOST_DOCKER_BUILD_TAG}} + DOCKER_BUILDKIT=1 docker build -t ${{vars.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG}} -f tools/hardhatdeployer/Dockerfile . + docker push ${{vars.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG}} - name: 'Deploy Contracts' id: deployContracts shell: bash run: | go run ./testnet/launcher/l1contractdeployer/cmd \ - -l1_http_url=${{ env.L1_HTTP_URL }} \ - -private_key=${{ secrets.GETHNETWORK_PREFUNDED_PKSTR_WORKER }} \ - -docker_image=${{env.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG}} \ + -l1_http_url=${{ secrets.L1_HTTP_URL }} \ + -private_key=${{ secrets.WORKER_PK }} \ + -docker_image=${{vars.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG}} \ -contracts_env_file=./testnet/.env source ./testnet/.env echo "Contracts deployed to $MGMTCONTRACTADDR" @@ -144,14 +118,14 @@ jobs: uses: azure/CLI@v1 with: inlineScript: | - $(az resource list --tag ${{env.RESOURCE_TAG_NAME}}=true --query '[]."id"' -o tsv | xargs -n1 az resource delete --verbose -g Testnet --ids) || true + $(az resource list --tag ${{vars.RESOURCE_TAG_NAME}}=true --query '[]."id"' -o tsv | xargs -n1 az resource delete --verbose -g Testnet --ids) || true # This will clean up any lingering dependencies - might fail if there are no resources to cleanup - name: 'Delete VMs dependencies' uses: azure/CLI@v1 with: inlineScript: | - $(az resource list --tag ${{env.RESOURCE_TAG_NAME}}=true --query '[]."id"' -o tsv | xargs -n1 az resource delete --verbose -g Testnet --ids) || true + $(az resource list --tag ${{vars.RESOURCE_TAG_NAME}}=true --query '[]."id"' -o tsv | xargs -n1 az resource delete --verbose -g Testnet --ids) || true - name: 'Upload container logs on failure' uses: actions/upload-artifact@v3 @@ -165,25 +139,13 @@ jobs: deploy: needs: build runs-on: ubuntu-latest + environment: + name: ${{ github.event.inputs.testnet_type }} strategy: matrix: host_id: [ 0,1 ] include: - # Hardcoded host addresses - - host_addr: 0x0000000000000000000000000000000000000000 - host_id: 0 - - host_addr: 0x0000000000000000000000000000000000000001 - host_id: 1 - # Hardcoded host prefunded keys - - node_pk_str: GETHNETWORK_PREFUNDED_PKSTR_0 - host_id: 0 - - node_pk_str: GETHNETWORK_PREFUNDED_PKSTR_1 - host_id: 1 - - node_pk_addr: GETHNETWORK_PREFUNDED_ADDR_0 - host_id: 0 - - node_pk_addr: GETHNETWORK_PREFUNDED_ADDR_1 - host_id: 1 # Ensure there is a single genesis node - is_genesis: true host_id: 0 @@ -194,13 +156,26 @@ jobs: host_id: 0 - node_type: validator host_id: 1 + # Hardcoded lookup keys because GH actions doesn't let you build them inline with the host_id + - node_pk_lookup: NODE_WALLET_PK_0 + host_id: 0 + - node_pk_lookup: NODE_WALLET_PK_1 + host_id: 1 + - node_addr_lookup: NODE_WALLET_ADDR_0 + host_id: 0 + - node_addr_lookup: NODE_WALLET_ADDR_1 + host_id: 1 + - node_l1_ws_lookup: L1_WS_URL_0 + host_id: 0 + - node_l1_ws_lookup: L1_WS_URL_1 + host_id: 1 steps: - name: 'Extract branch name' shell: bash run: | - echo "Branch Name: ${GITHUB_REF_NAME}" - echo "BRANCH_NAME=${GITHUB_REF_NAME}" >> $GITHUB_ENV + echo "Branch Name: ${GITHUB_REF_NAME}" + echo "BRANCH_NAME=${GITHUB_REF_NAME}" >> $GITHUB_ENV # The Azure API will sometimes supersede PUT requests that come in close together. This sleep will stagger the VM requests. # It expects host_id to be an int and then multiplies it by 60s (i.e. host 0: sleep 0, host 1: sleep 60,...) @@ -217,11 +192,11 @@ jobs: uses: azure/CLI@v1 with: inlineScript: | - az vm create -g Testnet -n "${{needs.build.outputs.RESOURCE_STARTING_NAME}}-${{ matrix.host_id }}-${{ GITHUB.RUN_NUMBER }}" \ + az vm create -g Testnet -n "${{vars.RESOURCE_STARTING_NAME}}-${{ matrix.host_id }}-${{ GITHUB.RUN_NUMBER }}" \ --admin-username obscurouser --admin-password "${{ secrets.OBSCURO_NODE_VM_PWD }}" \ - --public-ip-address-dns-name "obscuronode-${{ matrix.host_id }}-${{needs.build.outputs.RESOURCE_TESTNET_NAME}}-${{ GITHUB.RUN_NUMBER }}" \ - --tags deploygroup=ObscuroNode-${{needs.build.outputs.RESOURCE_TESTNET_NAME}}-${{ GITHUB.RUN_NUMBER }} ${{needs.build.outputs.RESOURCE_TAG_NAME}}=true \ - --vnet-name ObscuroHost-${{needs.build.outputs.RESOURCE_TESTNET_NAME}}-01VNET --subnet ObscuroHost-${{needs.build.outputs.RESOURCE_TESTNET_NAME}}-01Subnet \ + --public-ip-address-dns-name "obscuronode-${{ matrix.host_id }}-${{vars.RESOURCE_TESTNET_NAME}}-${{ GITHUB.RUN_NUMBER }}" \ + --tags deploygroup=ObscuroNode-${{vars.RESOURCE_TESTNET_NAME}}-${{ GITHUB.RUN_NUMBER }} ${{vars.RESOURCE_TAG_NAME}}=true \ + --vnet-name ObscuroHost-${{vars.RESOURCE_TESTNET_NAME}}-01VNET --subnet ObscuroHost-${{vars.RESOURCE_TESTNET_NAME}}-01Subnet \ --size Standard_DC4s_v2 --image ObscuroConfUbuntu \ --public-ip-sku Basic --authentication-type password @@ -229,7 +204,7 @@ jobs: uses: azure/CLI@v1 with: inlineScript: | - az vm open-port -g Testnet -n "${{needs.build.outputs.RESOURCE_STARTING_NAME}}-${{ matrix.host_id }}-${{ GITHUB.RUN_NUMBER }}" --port 80,81,6060,6061,10000 + az vm open-port -g Testnet -n "${{vars.RESOURCE_STARTING_NAME}}-${{ matrix.host_id }}-${{ GITHUB.RUN_NUMBER }}" --port 80,81,6060,6061,10000 # To overcome issues with critical VM resources being unavailable, we need to wait for the VM to be ready - name: 'Allow time for VM initialization' @@ -240,7 +215,7 @@ jobs: uses: azure/CLI@v1 with: inlineScript: | - az vm run-command invoke -g Testnet -n "${{needs.build.outputs.RESOURCE_STARTING_NAME}}-${{ matrix.host_id }}-${{ GITHUB.RUN_NUMBER }}" \ + az vm run-command invoke -g Testnet -n "${{vars.RESOURCE_STARTING_NAME}}-${{ matrix.host_id }}-${{ GITHUB.RUN_NUMBER }}" \ --command-id RunShellScript \ --scripts 'mkdir -p /home/obscuro \ && git clone --depth 1 -b ${{ env.BRANCH_NAME }} https://github.com/obscuronet/go-obscuro.git /home/obscuro/go-obscuro \ @@ -263,21 +238,22 @@ jobs: -is_genesis=${{ matrix.is_genesis }} \ -node_type=${{ matrix.node_type }} \ -is_sgx_enabled=true \ - -host_id=${{ secrets[matrix.node_pk_addr] }} \ - -l1_ws_url=${{needs.build.outputs.L1_WS_URL}} \ + -host_id=${{ vars[matrix.node_addr_lookup] }} \ + -l1_ws_url=${{ secrets[matrix.node_l1_ws_lookup] }} \ -management_contract_addr=${{needs.build.outputs.MGMT_CONTRACT_ADDR}} \ -message_bus_contract_addr=${{needs.build.outputs.MSG_BUS_CONTRACT_ADDR}} \ -l1_start=${{needs.build.outputs.L1_START_HASH}} \ - -private_key=${{ secrets[matrix.node_pk_str] }} \ - -sequencer_id=${{ secrets.GETHNETWORK_PREFUNDED_ADDR_0 }} \ - -host_public_p2p_addr=obscuronode-${{ matrix.host_id }}-${{needs.build.outputs.RESOURCE_TESTNET_NAME}}-${{ GITHUB.RUN_NUMBER }}.uksouth.cloudapp.azure.com:10000 \ + -private_key=${{ secrets[matrix.node_pk_lookup] }} \ + -sequencer_id=${{ vars.NODE_WALLET_ADDR_0 }} \ + -host_public_p2p_addr=obscuronode-${{ matrix.host_id }}-${{vars.RESOURCE_TESTNET_NAME}}-${{ GITHUB.RUN_NUMBER }}.uksouth.cloudapp.azure.com:10000 \ -host_p2p_port=10000 \ - -enclave_docker_image=${{needs.build.outputs.L2_ENCLAVE_DOCKER_BUILD_TAG}} \ - -host_docker_image=${{needs.build.outputs.L2_HOST_DOCKER_BUILD_TAG}} \ + -enclave_docker_image=${{vars.L2_ENCLAVE_DOCKER_BUILD_TAG}} \ + -host_docker_image=${{vars.L2_HOST_DOCKER_BUILD_TAG}} \ -is_debug_namespace_enabled=true \ -log_level=${{ github.event.inputs.log_level }} \ - -batch_interval=${{needs.build.outputs.BATCH_INTERVAL}} \ - -rollup_interval=${{needs.build.outputs.ROLLUP_INTERVAL}} \ + -batch_interval=${{vars.BATCH_INTERVAL}} \ + -rollup_interval=${{vars.ROLLUP_INTERVAL}} \ + -l1_chain_id=${{vars.L1_CHAIN_ID}} \ start' @@ -286,6 +262,8 @@ jobs: - build - deploy runs-on: ubuntu-latest + environment: + name: ${{ github.event.inputs.testnet_type }} steps: - uses: actions/checkout@v3 @@ -295,38 +273,42 @@ jobs: creds: ${{ secrets.AZURE_CREDENTIALS }} - name: 'Remove existing backend nodes from the load balancer' - run: ./.github/workflows/runner-scripts/testnet-clear-loadbalancer.sh ${{needs.build.outputs.RESOURCE_TESTNET_NAME}} + run: ./.github/workflows/runner-scripts/testnet-clear-loadbalancer.sh ${{vars.RESOURCE_TESTNET_NAME}} - name: 'Add load balancer address pool to the IP configuration' uses: azure/CLI@v1 with: inlineScript: | az network nic ip-config address-pool add \ - --address-pool Backend-Pool-Obscuro-${{needs.build.outputs.RESOURCE_TESTNET_NAME}} \ - --ip-config-name ipconfig${{needs.build.outputs.RESOURCE_STARTING_NAME}}-1-${{ GITHUB.RUN_NUMBER }} \ - --nic-name ${{needs.build.outputs.RESOURCE_STARTING_NAME}}-1-${{ GITHUB.RUN_NUMBER }}VMNic \ + --address-pool Backend-Pool-Obscuro-${{vars.RESOURCE_TESTNET_NAME}} \ + --ip-config-name ipconfig${{vars.RESOURCE_STARTING_NAME}}-1-${{ GITHUB.RUN_NUMBER }} \ + --nic-name ${{vars.RESOURCE_STARTING_NAME}}-1-${{ GITHUB.RUN_NUMBER }}VMNic \ --resource-group Testnet \ - --lb-name ${{needs.build.outputs.RESOURCE_TESTNET_NAME}}-loadbalancer + --lb-name ${{vars.RESOURCE_TESTNET_NAME}}-loadbalancer check-obscuro-is-healthy: needs: - build - deploy runs-on: ubuntu-latest + environment: + name: ${{ github.event.inputs.testnet_type }} steps: - uses: actions/checkout@v3 - name: "Wait until obscuro node is healthy" shell: bash run: | - ./.github/workflows/runner-scripts/wait-node-healthy.sh --host=obscuronode-0-${{needs.build.outputs.RESOURCE_TESTNET_NAME}}-${{ GITHUB.RUN_NUMBER }}.uksouth.cloudapp.azure.com - ./.github/workflows/runner-scripts/wait-node-healthy.sh --host=obscuronode-1-${{needs.build.outputs.RESOURCE_TESTNET_NAME}}-${{ GITHUB.RUN_NUMBER }}.uksouth.cloudapp.azure.com + ./.github/workflows/runner-scripts/wait-node-healthy.sh --host=obscuronode-0-${{vars.RESOURCE_TESTNET_NAME}}-${{ GITHUB.RUN_NUMBER }}.uksouth.cloudapp.azure.com + ./.github/workflows/runner-scripts/wait-node-healthy.sh --host=obscuronode-1-${{vars.RESOURCE_TESTNET_NAME}}-${{ GITHUB.RUN_NUMBER }}.uksouth.cloudapp.azure.com deploy-l2-contracts: needs: - build - check-obscuro-is-healthy runs-on: ubuntu-latest + environment: + name: ${{ github.event.inputs.testnet_type }} steps: - uses: actions/checkout@v3 @@ -335,15 +317,15 @@ jobs: shell: bash run: | go run ./testnet/launcher/l2contractdeployer/cmd \ - -l2_host=obscuronode-0-${{needs.build.outputs.RESOURCE_TESTNET_NAME}}-${{ GITHUB.RUN_NUMBER }}.uksouth.cloudapp.azure.com \ - -l1_http_url=${{ needs.build.outputs.L1_HTTP_URL }} \ + -l2_host=obscuronode-0-${{vars.RESOURCE_TESTNET_NAME}}-${{ GITHUB.RUN_NUMBER }}.uksouth.cloudapp.azure.com \ + -l1_http_url=${{ secrets.L1_HTTP_URL }} \ -l2_ws_port=81 \ - -private_key=${{ secrets.GETHNETWORK_PREFUNDED_PKSTR_WORKER }} \ + -private_key=${{ secrets.WORKER_PK }} \ -l2_private_key=8dfb8083da6275ae3e4f41e3e8a8c19d028d32c9247e24530933782f2a05035b \ -l2_hoc_private_key=6e384a07a01263518a09a5424c7b6bbfc3604ba7d93f47e3a455cbdd7f9f0682 \ -l2_poc_private_key=4bfe14725e685901c062ccd4e220c61cf9c189897b6c78bd18d7f51291b2b8f8 \ -message_bus_contract_addr=${{ needs.build.outputs.MSG_BUS_CONTRACT_ADDR }} \ - -docker_image=${{needs.build.outputs.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG}} + -docker_image=${{vars.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG}} - name: 'Save container logs on failure' if: failure() @@ -370,6 +352,8 @@ jobs: obscuro-test-repository-dispatch: runs-on: ubuntu-latest + environment: + name: ${{ github.event.inputs.testnet_type }} needs: - deploy-faucet steps: diff --git a/.github/workflows/manual-upgrade-testnet-l2.yml b/.github/workflows/manual-upgrade-testnet-l2.yml index a5dd8fd26a..5d5e772089 100644 --- a/.github/workflows/manual-upgrade-testnet-l2.yml +++ b/.github/workflows/manual-upgrade-testnet-l2.yml @@ -7,9 +7,12 @@ # repository dispatch. # # The scheduled deployment runs at 03:05 on every day-of-week. +# +# This script uses GitHub Environments for variables (vars) and secrets - these are configured on GitHub and +# the environments match the input.testnet_type options name: '[M] Upgrade Testnet L2' - +run-name: '[M] Upgrade Testnet L2 ( ${{ github.event.inputs.testnet_type }} )' on: # schedule: # - cron: '05 03 * * *' @@ -23,6 +26,7 @@ on: options: - 'dev-testnet' - 'testnet' + - 'sepolia-testnet' log_level: description: 'Log Level 1-Error 5-Trace' required: true @@ -32,17 +36,11 @@ on: jobs: build: runs-on: ubuntu-latest + environment: + name: ${{ github.event.inputs.testnet_type }} # Map a step output to a job output outputs: - L2_ENCLAVE_DOCKER_BUILD_TAG: ${{ steps.outputVars.outputs.L2_ENCLAVE_DOCKER_BUILD_TAG }} - L2_HOST_DOCKER_BUILD_TAG: ${{ steps.outputVars.outputs.L2_HOST_DOCKER_BUILD_TAG }} - RESOURCE_TAG_NAME: ${{ steps.outputVars.outputs.RESOURCE_TAG_NAME }} - RESOURCE_STARTING_NAME: ${{ steps.outputVars.outputs.RESOURCE_STARTING_NAME }} - RESOURCE_TESTNET_NAME: ${{ steps.outputVars.outputs.RESOURCE_TESTNET_NAME }} - L1_WS_URL: ${{ steps.outputVars.outputs.L1_WS_URL }} VM_BUILD_NUMBER: ${{ steps.outputVars.outputs.VM_BUILD_NUMBER }} - BATCH_INTERVAL: ${{ steps.outputVars.outputs.BATCH_INTERVAL }} - ROLLUP_INTERVAL: ${{ steps.outputVars.outputs.ROLLUP_INTERVAL }} steps: - uses: actions/checkout@v3 @@ -51,39 +49,34 @@ jobs: with: go-version: 1.20.4 + - name: 'Print GitHub variables' + # This is a useful record of what the environment variables were at the time the job ran, for debugging and reference + run: | + echo "L2_ENCLAVE_DOCKER_BUILD_TAG=${{vars.L2_ENCLAVE_DOCKER_BUILD_TAG}}" + echo "L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG=${{vars.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG}}" + echo "L2_HOST_DOCKER_BUILD_TAG=${{vars.L2_HOST_DOCKER_BUILD_TAG}}" + + echo "RESOURCE_STARTING_NAME=${{vars.RESOURCE_STARTING_NAME}}" + echo "RESOURCE_TAG_NAME=${{vars.RESOURCE_TAG_NAME}}" + echo "RESOURCE_TESTNET_NAME=${{vars.RESOURCE_TESTNET_NAME}}" + + echo "L1_CHAIN_ID=${{vars.L1_CHAIN_ID}}" + echo "NODE_WALLET_ADDR_0=${{vars.NODE_WALLET_ADDR_0}}" + echo "NODE_WALLET_ADDR_1=${{vars.NODE_WALLET_ADDR_1}}" + echo "WORKER_ADDR=${{vars.WORKER_ADDR}}" + + echo "BATCH_INTERVAL=${{vars.BATCH_INTERVAL}}" + echo "ROLLUP_INTERVAL=${{vars.ROLLUP_INTERVAL}}" + - name: 'Login via Azure CLI' uses: azure/login@v1 with: creds: ${{ secrets.AZURE_CREDENTIALS }} - - name: 'Sets env vars for testnet' - if: ${{ github.event.inputs.testnet_type == 'testnet' }} - run: | - echo "L2_ENCLAVE_DOCKER_BUILD_TAG=testnetobscuronet.azurecr.io/obscuronet/enclave:latest" >> $GITHUB_ENV - echo "L2_HOST_DOCKER_BUILD_TAG=testnetobscuronet.azurecr.io/obscuronet/host:latest" >> $GITHUB_ENV - echo "RESOURCE_TAG_NAME=testnetlatest" >> $GITHUB_ENV - echo "RESOURCE_STARTING_NAME=T" >> $GITHUB_ENV - echo "RESOURCE_TESTNET_NAME=testnet" >> $GITHUB_ENV - echo "L1_WS_URL=ws://testnet-eth2network.uksouth.cloudapp.azure.com:9000" >> $GITHUB_ENV - echo "BATCH_INTERVAL=1s" >> $GITHUB_ENV - echo "ROLLUP_INTERVAL=10s" >> $GITHUB_ENV - - - name: 'Sets env vars for dev-testnet' - if: ${{ (github.event.inputs.testnet_type == 'dev-testnet') || (github.event_name == 'schedule') }} - run: | - echo "L2_ENCLAVE_DOCKER_BUILD_TAG=testnetobscuronet.azurecr.io/obscuronet/dev_enclave:latest" >> $GITHUB_ENV - echo "L2_HOST_DOCKER_BUILD_TAG=testnetobscuronet.azurecr.io/obscuronet/dev_host:latest" >> $GITHUB_ENV - echo "RESOURCE_TAG_NAME=devtestnetlatest" >> $GITHUB_ENV - echo "RESOURCE_STARTING_NAME=D" >> $GITHUB_ENV - echo "RESOURCE_TESTNET_NAME=devtestnet" >> $GITHUB_ENV - echo "L1_WS_URL=ws://dev-testnet-eth2network.uksouth.cloudapp.azure.com:9000" >> $GITHUB_ENV - echo "BATCH_INTERVAL=1s" >> $GITHUB_ENV - echo "ROLLUP_INTERVAL=10s" >> $GITHUB_ENV - - name: 'Fetch latest VM hostnames by env tag and extract build number' id: fetch_hostnames run: | - VM_HOSTNAME=$(az vm list --query "[?tags.${{env.RESOURCE_TAG_NAME}}=='true'].{Name:name}[0]" -g Testnet -o tsv) + VM_HOSTNAME=$(az vm list --query "[?tags.${{vars.RESOURCE_TAG_NAME}}=='true'].{Name:name}[0]" -g Testnet -o tsv) VM_BUILD_NUMBER=$(echo $VM_HOSTNAME | perl -ne 'if (/(-[0-9]{1}-)(\d+)/) { print $2 }') # Extract build number from VM hostname, e.g. D-0-321 -> 321 echo "VM_BUILD_NUMBER=${VM_BUILD_NUMBER}" >> $GITHUB_ENV echo "VM_HOSTNAME: ${VM_HOSTNAME}" @@ -96,15 +89,7 @@ jobs: - name: 'Output env vars' id: outputVars run: | - echo "L2_ENCLAVE_DOCKER_BUILD_TAG=${{env.L2_ENCLAVE_DOCKER_BUILD_TAG}}" >> $GITHUB_OUTPUT - echo "L2_HOST_DOCKER_BUILD_TAG=${{env.L2_HOST_DOCKER_BUILD_TAG}}" >> $GITHUB_OUTPUT - echo "RESOURCE_TAG_NAME=${{env.RESOURCE_TAG_NAME}}" >> $GITHUB_OUTPUT - echo "RESOURCE_STARTING_NAME=${{env.RESOURCE_STARTING_NAME}}" >> $GITHUB_OUTPUT - echo "RESOURCE_TESTNET_NAME=${{env.RESOURCE_TESTNET_NAME}}" >> $GITHUB_OUTPUT - echo "L1_WS_URL=${{env.L1_WS_URL}}" >> $GITHUB_OUTPUT echo "VM_BUILD_NUMBER=${{env.VM_BUILD_NUMBER}}" >> $GITHUB_OUTPUT - echo "BATCH_INTERVAL=${{env.BATCH_INTERVAL}}" >> $GITHUB_OUTPUT - echo "ROLLUP_INTERVAL=${{env.ROLLUP_INTERVAL}}" >> $GITHUB_OUTPUT - name: 'Login to Azure docker registry' uses: azure/docker-login@v1 @@ -115,33 +100,21 @@ jobs: - name: 'Build and push obscuro node images' run: | - DOCKER_BUILDKIT=1 docker build -t ${{env.L2_ENCLAVE_DOCKER_BUILD_TAG}} -f dockerfiles/enclave.Dockerfile . - docker push ${{env.L2_ENCLAVE_DOCKER_BUILD_TAG}} - DOCKER_BUILDKIT=1 docker build -t ${{env.L2_HOST_DOCKER_BUILD_TAG}} -f dockerfiles/host.Dockerfile . - docker push ${{env.L2_HOST_DOCKER_BUILD_TAG}} + DOCKER_BUILDKIT=1 docker build -t ${{vars.L2_ENCLAVE_DOCKER_BUILD_TAG}} -f dockerfiles/enclave.Dockerfile . + docker push ${{vars.L2_ENCLAVE_DOCKER_BUILD_TAG}} + DOCKER_BUILDKIT=1 docker build -t ${{vars.L2_HOST_DOCKER_BUILD_TAG}} -f dockerfiles/host.Dockerfile . + docker push ${{vars.L2_HOST_DOCKER_BUILD_TAG}} deploy: needs: build runs-on: ubuntu-latest + environment: + name: ${{ github.event.inputs.testnet_type }} strategy: matrix: host_id: [ 0,1 ] include: - # Hardcoded host addresses - - host_addr: 0x0000000000000000000000000000000000000000 - host_id: 0 - - host_addr: 0x0000000000000000000000000000000000000001 - host_id: 1 - # Hardcoded host prefunded keys - - node_pk_str: GETHNETWORK_PREFUNDED_PKSTR_0 - host_id: 0 - - node_pk_str: GETHNETWORK_PREFUNDED_PKSTR_1 - host_id: 1 - - node_pk_addr: GETHNETWORK_PREFUNDED_ADDR_0 - host_id: 0 - - node_pk_addr: GETHNETWORK_PREFUNDED_ADDR_1 - host_id: 1 # Ensure there is a single genesis node - is_genesis: true host_id: 0 @@ -152,6 +125,19 @@ jobs: host_id: 0 - node_type: validator host_id: 1 + # Hardcoded lookup keys because GH actions doesn't let you build them inline with the host_id + - node_pk_lookup: NODE_WALLET_PK_0 + host_id: 0 + - node_pk_lookup: NODE_WALLET_PK_1 + host_id: 1 + - node_addr_lookup: NODE_WALLET_ADDR_0 + host_id: 0 + - node_addr_lookup: NODE_WALLET_ADDR_1 + host_id: 1 + - node_l1_ws_lookup: L1_WS_URL_0 + host_id: 0 + - node_l1_ws_lookup: L1_WS_URL_1 + host_id: 1 steps: - name: 'Extract branch name' @@ -169,11 +155,11 @@ jobs: uses: azure/CLI@v1 with: inlineScript: | - az vm run-command invoke -g Testnet -n "${{needs.build.outputs.RESOURCE_STARTING_NAME}}-${{ matrix.host_id }}-${{needs.build.outputs.VM_BUILD_NUMBER}}" \ + az vm run-command invoke -g Testnet -n "${{vars.RESOURCE_STARTING_NAME}}-${{ matrix.host_id }}-${{needs.build.outputs.VM_BUILD_NUMBER}}" \ --command-id RunShellScript \ --scripts ' - docker pull ${{needs.build.outputs.L2_HOST_DOCKER_BUILD_TAG}} \ - && docker pull ${{needs.build.outputs.L2_ENCLAVE_DOCKER_BUILD_TAG}} \ + docker pull ${{vars.L2_HOST_DOCKER_BUILD_TAG}} \ + && docker pull ${{vars.L2_ENCLAVE_DOCKER_BUILD_TAG}} \ && rm -rf /home/obscuro/go-obscuro \ && git clone --depth 1 -b ${{ env.BRANCH_NAME }} https://github.com/obscuronet/go-obscuro.git /home/obscuro/go-obscuro \ && cd /home/obscuro/go-obscuro/ \ @@ -181,17 +167,18 @@ jobs: -is_genesis=${{ matrix.is_genesis }} \ -node_type=${{ matrix.node_type }} \ -is_sgx_enabled=true \ - -host_id=${{ secrets[matrix.node_pk_addr] }} \ - -l1_ws_url=${{needs.build.outputs.L1_WS_URL}} \ - -private_key=${{ secrets[matrix.node_pk_str] }} \ - -sequencer_id=${{ secrets.GETHNETWORK_PREFUNDED_ADDR_0 }} \ - -host_public_p2p_addr=obscuronode-${{ matrix.host_id }}-${{needs.build.outputs.RESOURCE_TESTNET_NAME}}-${{needs.build.outputs.VM_BUILD_NUMBER}}.uksouth.cloudapp.azure.com:10000 \ + -host_id=${{ vars[matrix.node_addr_lookup] }} \ + -l1_ws_url=${{ secrets[matrix.node_l1_ws_lookup] }} \ + -private_key=${{ secrets[matrix.node_pk_lookup] }} \ + -sequencer_id=${{ vars.NODE_WALLET_ADDR_0 }} \ + -host_public_p2p_addr=obscuronode-${{ matrix.host_id }}-${{vars.RESOURCE_TESTNET_NAME}}-${{needs.build.outputs.VM_BUILD_NUMBER}}.uksouth.cloudapp.azure.com:10000 \ -host_p2p_port=10000 \ - -enclave_docker_image=${{needs.build.outputs.L2_ENCLAVE_DOCKER_BUILD_TAG}} \ - -host_docker_image=${{needs.build.outputs.L2_HOST_DOCKER_BUILD_TAG}} \ + -enclave_docker_image=${{vars.L2_ENCLAVE_DOCKER_BUILD_TAG}} \ + -host_docker_image=${{vars.L2_HOST_DOCKER_BUILD_TAG}} \ -log_level=${{ github.event.inputs.log_level }} \ - -batch_interval=${{needs.build.outputs.BATCH_INTERVAL}} \ - -rollup_interval=${{needs.build.outputs.ROLLUP_INTERVAL}} \ + -batch_interval=${{vars.BATCH_INTERVAL}} \ + -rollup_interval=${{vars.ROLLUP_INTERVAL}} \ + -l1_chain_id=${{vars.L1_CHAIN_ID}} \ upgrade' check-obscuro-is-healthy: @@ -199,14 +186,16 @@ jobs: - build - deploy runs-on: ubuntu-latest + environment: + name: ${{ github.event.inputs.testnet_type }} steps: - uses: actions/checkout@v3 - name: "Wait until obscuro node is healthy" shell: bash run: | - ./.github/workflows/runner-scripts/wait-node-healthy.sh --host=obscuronode-0-${{needs.build.outputs.RESOURCE_TESTNET_NAME}}-${{needs.build.outputs.VM_BUILD_NUMBER}}.uksouth.cloudapp.azure.com - ./.github/workflows/runner-scripts/wait-node-healthy.sh --host=obscuronode-1-${{needs.build.outputs.RESOURCE_TESTNET_NAME}}-${{needs.build.outputs.VM_BUILD_NUMBER}}.uksouth.cloudapp.azure.com + ./.github/workflows/runner-scripts/wait-node-healthy.sh --host=obscuronode-0-${{vars.RESOURCE_TESTNET_NAME}}-${{needs.build.outputs.VM_BUILD_NUMBER}}.uksouth.cloudapp.azure.com + ./.github/workflows/runner-scripts/wait-node-healthy.sh --host=obscuronode-1-${{vars.RESOURCE_TESTNET_NAME}}-${{needs.build.outputs.VM_BUILD_NUMBER}}.uksouth.cloudapp.azure.com deploy-faucet-on-dispatch: uses: ./.github/workflows/manual-deploy-testnet-faucet.yml @@ -228,6 +217,8 @@ jobs: obscuro-test-signal-on-dispatch: runs-on: ubuntu-latest + environment: + name: ${{ github.event.inputs.testnet_type }} needs: - deploy-faucet-on-dispatch steps: @@ -243,6 +234,8 @@ jobs: obscuro-test-signal-on-schedule: runs-on: ubuntu-latest + environment: + name: ${{ github.event.inputs.testnet_type }} needs: - deploy-faucet-on-schedule steps: diff --git a/contracts/package.json b/contracts/package.json index ec5f52a9bd..bf44fd869e 100644 --- a/contracts/package.json +++ b/contracts/package.json @@ -10,7 +10,7 @@ "author": "", "license": "ISC", "devDependencies": { - "@nomicfoundation/hardhat-toolbox": "^2.0.0", + "@nomicfoundation/hardhat-toolbox": "~2.0.0", "@openzeppelin/contracts": "4.5.0", "@openzeppelin/hardhat-upgrades": "^1.21.0", "@solidstate/hardhat-bytecode-exporter": "^1.1.1", @@ -18,7 +18,7 @@ "hardhat-abi-exporter": "^2.10.1", "hardhat-deploy": "~0.11.22", "node-docker-api": "^1.1.22", - "ts-node": "^10.9.1", + "ts-node": "~10.9.1", "typescript": "^4.9.4" }, "dependencies": { diff --git a/testnet/launcher/l2contractdeployer/docker.go b/testnet/launcher/l2contractdeployer/docker.go index e61ba535d6..248e73d04a 100644 --- a/testnet/launcher/l2contractdeployer/docker.go +++ b/testnet/launcher/l2contractdeployer/docker.go @@ -90,7 +90,7 @@ func (n *ContractDeployer) WaitForFinish() error { defer cli.Close() // make sure the container has finished execution - err = docker.WaitForContainerToFinish(n.containerID, 3*time.Minute) + err = docker.WaitForContainerToFinish(n.containerID, 10*time.Minute) if err != nil { n.PrintLogs(cli) return err From 8096ae05fe421df32ec0188d8732543e85ba6a5d Mon Sep 17 00:00:00 2001 From: Matt <98158711+BedrockSquirrel@users.noreply.github.com> Date: Wed, 27 Sep 2023 11:06:23 +0100 Subject: [PATCH 2/2] Submit L1 Block: fix lock bug (#1558) --- go/host/enclave/guardian.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/go/host/enclave/guardian.go b/go/host/enclave/guardian.go index 6a897feaf9..3686838249 100644 --- a/go/host/enclave/guardian.go +++ b/go/host/enclave/guardian.go @@ -391,10 +391,11 @@ func (g *Guardian) submitL1Block(block *common.L1Block, isLatest bool) (bool, er } receipts, err := g.sl.L1Repo().FetchObscuroReceipts(block) if err != nil { + g.submitDataLock.Unlock() // lock must be released before returning return false, fmt.Errorf("could not fetch obscuro receipts for block=%s - %w", block.Hash(), err) } resp, err := g.enclaveClient.SubmitL1Block(*block, receipts, isLatest) - g.submitDataLock.Unlock() + g.submitDataLock.Unlock() // lock is only guarding the enclave call, so we can release it now if err != nil { if strings.Contains(err.Error(), errutil.ErrBlockAlreadyProcessed.Error()) { // we have already processed this block, let's try the next canonical block