From d494bc8c6ad4c6f1008838b2a8d91e044ab53d63 Mon Sep 17 00:00:00 2001 From: Matt <98158711+BedrockSquirrel@users.noreply.github.com> Date: Fri, 20 Oct 2023 10:27:44 +0100 Subject: [PATCH] Update deployment scripts to use standardised env vars (#1608) --- .../manual-deploy-testnet-faucet.yml | 36 ++---- .../workflows/manual-deploy-testnet-l1.yml | 59 ++++------ .../workflows/manual-deploy-testnet-l2.yml | 106 ++++++++---------- .../manual-recover-network-funds.yml | 13 ++- .../workflows/manual-upgrade-testnet-l2.yml | 63 ++++------- 5 files changed, 109 insertions(+), 168 deletions(-) diff --git a/.github/workflows/manual-deploy-testnet-faucet.yml b/.github/workflows/manual-deploy-testnet-faucet.yml index de5088af70..9550c78ef8 100644 --- a/.github/workflows/manual-deploy-testnet-faucet.yml +++ b/.github/workflows/manual-deploy-testnet-faucet.yml @@ -32,7 +32,14 @@ on: jobs: build-and-deploy: runs-on: ubuntu-latest + environment: + name: ${{ github.event.inputs.testnet_type }} steps: + - name: 'Print GitHub variables' + # This is a useful record of what the environment variables were at the time the job ran, for debugging and reference + run: | + echo "GitHub Variables = ${{ toJSON(vars) }}" + - run: echo "Workflow_dispatch inputs ${{ github.event.inputs.testnet_type }}" - run: echo "Workflow_call inputs ${{ inputs.testnet_type }}" @@ -41,27 +48,6 @@ jobs: - name: 'Set up Docker' uses: docker/setup-buildx-action@v1 - - name: 'Sets env vars for testnet' - if: ${{ inputs.testnet_type == 'uat-testnet' }} - run: | - echo "FAUCET_BUILD_TAG=testnetobscuronet.azurecr.io/obscuronet/faucet_uat_testnet:latest" >> $GITHUB_ENV - echo "TESTNET_ADDR=erpc.uat-testnet.obscu.ro" >> $GITHUB_ENV - echo "DEFAULT_FAUCET_AMOUNT=100" >> $GITHUB_ENV - - - name: 'Sets env vars for dev-testnet' - if: ${{ inputs.testnet_type == 'dev-testnet' }} - run: | - echo "FAUCET_BUILD_TAG=testnetobscuronet.azurecr.io/obscuronet/faucet_dev_testnet:latest" >> $GITHUB_ENV - echo "TESTNET_ADDR=erpc.dev-testnet.obscu.ro" >> $GITHUB_ENV - echo "DEFAULT_FAUCET_AMOUNT=100" >> $GITHUB_ENV - - - name: 'Sets env vars for sepolia-testnet' - if: ${{ inputs.testnet_type == 'sepolia-testnet' }} - run: | - echo "FAUCET_BUILD_TAG=testnetobscuronet.azurecr.io/obscuronet/faucet_sepolia_testnet:latest" >> $GITHUB_ENV - echo "TESTNET_ADDR=erpc.sepolia-testnet.obscu.ro" >> $GITHUB_ENV - echo "DEFAULT_FAUCET_AMOUNT=0.5" >> $GITHUB_ENV - - name: 'Login to Azure docker registry' uses: azure/docker-login@v1 with: @@ -76,20 +62,20 @@ jobs: - name: Build and Push Docker Image run: | - DOCKER_BUILDKIT=1 docker build -t ${{env.FAUCET_BUILD_TAG}} -f tools/faucet/Dockerfile . - docker push ${{env.FAUCET_BUILD_TAG}} + DOCKER_BUILDKIT=1 docker build -t ${{ vars.DOCKER_BUILD_TAG_FAUCET }} -f tools/faucet/Dockerfile . + docker push ${{ vars.DOCKER_BUILD_TAG_FAUCET }} - name: 'Deploy to Azure Container Instances' uses: 'azure/aci-deploy@v1' with: resource-group: ${{ secrets.RESOURCE_GROUP }} dns-name-label: ${{ inputs.testnet_type }}-faucet - image: ${{ env.FAUCET_BUILD_TAG }} + image: ${{ vars.DOCKER_BUILD_TAG_FAUCET }} name: ${{ inputs.testnet_type }}-faucet location: 'uksouth' restart-policy: 'Never' environment-variables: PORT=80 - command-line: ./faucet --nodeHost ${{ env.TESTNET_ADDR }} --pk ${{ secrets.FAUCET_PK }} --jwtSecret ${{ secrets.FAUCET_JWT_SECRET }} --defaultAmount ${{ env.DEFAULT_FAUCET_AMOUNT }} + command-line: ./faucet --nodeHost ${{ vars.L2_RPC_URL_VALIDATOR }} --pk ${{ secrets.FAUCET_PK }} --jwtSecret ${{ secrets.FAUCET_JWT_SECRET }} --defaultAmount ${{ vars.FAUCET_PAY_AMOUNT }} ports: '80' cpu: 2 memory: 2 diff --git a/.github/workflows/manual-deploy-testnet-l1.yml b/.github/workflows/manual-deploy-testnet-l1.yml index b7ca94b874..42715aa7a4 100644 --- a/.github/workflows/manual-deploy-testnet-l1.yml +++ b/.github/workflows/manual-deploy-testnet-l1.yml @@ -7,7 +7,7 @@ # WebSocket: 9000, 9001 # # Exposes the following addresses: (only accessible internally) -# testnet-eth2network-DEPLOYNUMBER.uksouth.azurecontainer.io +# uat-testnet-eth2network-DEPLOYNUMBER.uksouth.azurecontainer.io # or # dev-testnet-eth2network-DEPLOYNUMBER.uksouth.azurecontainer.io # @@ -34,32 +34,16 @@ jobs: name: ${{ github.event.inputs.testnet_type }} steps: + - name: 'Print GitHub variables' + # This is a useful record of what the environment variables were at the time the job ran, for debugging and reference + run: | + echo "GitHub Variables = ${{ toJSON(vars) }}" + - uses: actions/checkout@v3 - name: 'Set up Docker' uses: docker/setup-buildx-action@v1 - - name: 'Sets env vars for testnet' - if: ${{ github.event.inputs.testnet_type == 'uat-testnet' }} - run: | - echo "ETH2NETWORK_BUILD_TAG=testnetobscuronet.azurecr.io/obscuronet/uat_testnet_eth2network:latest" >> $GITHUB_ENV - echo "L1_DOCKER_BUILD_TAG=testnetobscuronet.azurecr.io/obscuronet/uat_testnet_l1network:latest" >> $GITHUB_ENV - echo "L1_CONTAINER_NAME=uat_testnet-eth2network" >> $GITHUB_ENV - echo "RESOURCE_TAG_NAME=uat-testnet-l1-latest" >> $GITHUB_ENV - echo "RESOURCE_NAME=uat-testnet-eth2network" >> $GITHUB_ENV - echo "TEST_BRIDGE_ADDRESS=0xE09a37ABc1A63441404007019E5BC7517bE2c43f" >> $GITHUB_ENV - - - name: 'Sets env vars for dev-testnet' - if: ${{ github.event.inputs.testnet_type == 'dev-testnet' }} - run: | - echo "ETH2NETWORK_BUILD_TAG=testnetobscuronet.azurecr.io/obscuronet/dev_testnet_eth2network:latest" >> $GITHUB_ENV - echo "L1_DOCKER_BUILD_TAG=testnetobscuronet.azurecr.io/obscuronet/dev_testnet_l1network:latest" >> $GITHUB_ENV - echo "L1_CONTAINER_NAME=dev-testnet-eth2network" >> $GITHUB_ENV - echo "RESOURCE_TAG_NAME=dev-testnet-l1-latest" >> $GITHUB_ENV - echo "RESOURCE_NAME=dev-testnet-eth2network" >> $GITHUB_ENV - echo "TEST_BRIDGE_ADDRESS=0xE09a37ABc1A63441404007019E5BC7517bE2c43f" >> $GITHUB_ENV - - - name: 'Login via Azure CLI' uses: azure/login@v1 with: @@ -76,34 +60,33 @@ jobs: # DOCKER_BUILDKIT=1 will enable the new docker build kit that allows us to use build only caches on RUN commands. # Tag the same image with 2 tags and push with the -a flag which pushes all images run: | - DOCKER_BUILDKIT=1 docker build -t ${{env.ETH2NETWORK_BUILD_TAG}} -t ${{env.L1_DOCKER_BUILD_TAG}} -f testnet/eth2network.Dockerfile . - docker push ${{env.L1_DOCKER_BUILD_TAG}} - docker push ${{env.ETH2NETWORK_BUILD_TAG}} + DOCKER_BUILDKIT=1 docker build -t ${{ vars.DOCKER_BUILD_TAG_ETH2NETWORK }} -f testnet/eth2network.Dockerfile . + docker push ${{ vars.DOCKER_BUILD_TAG_ETH2NETWORK }} # This will fail some deletions due to resource dependencies ( ie. you must first delete the vm before deleting the disk) - name: 'Delete deployed VMs' uses: azure/CLI@v1 with: inlineScript: | - $(az resource list --tag ${{env.RESOURCE_TAG_NAME}}=true --query '[]."id"' -o tsv | xargs -n1 az resource delete --verbose -g Testnet --ids) || true + $(az resource list --tag ${{ vars.AZURE_DEPLOY_GROUP_L1 }}=true --query '[]."id"' -o tsv | xargs -n1 az resource delete --verbose -g Testnet --ids) || true # This will clean up any lingering dependencies - might fail if there are no resources to cleanup - name: 'Delete VMs dependencies' uses: azure/CLI@v1 with: inlineScript: | - $(az resource list --tag ${{env.RESOURCE_TAG_NAME}}=true --query '[]."id"' -o tsv | xargs -n1 az resource delete --verbose -g Testnet --ids) || true + $(az resource list --tag ${{ vars.AZURE_DEPLOY_GROUP_L1 }}=true --query '[]."id"' -o tsv | xargs -n1 az resource delete --verbose -g Testnet --ids) || true - - name: 'Create VM for "${{env.RESOURCE_NAME}}-${{ GITHUB.RUN_NUMBER }}" on Azure' + - name: 'Create VM for "${{ github.event.inputs.testnet_type }}-eth2network-${{ GITHUB.RUN_NUMBER }}" on Azure' uses: azure/CLI@v1 with: inlineScript: | - az vm create -g Testnet -n "${{env.RESOURCE_NAME}}-${{ GITHUB.RUN_NUMBER }}" \ + az vm create -g Testnet -n "${{ github.event.inputs.testnet_type }}-eth2network-${{ GITHUB.RUN_NUMBER }}" \ --admin-username obscurouser --admin-password "${{ secrets.OBSCURO_NODE_VM_PWD }}" \ - --public-ip-address-dns-name "${{ env.RESOURCE_NAME }}" \ - --tags ${{env.RESOURCE_TAG_NAME}}=true \ - --vnet-name ${{env.RESOURCE_NAME}}-01VNET --subnet ${{env.RESOURCE_NAME}}-01Subnet \ + --public-ip-address-dns-name "${{ github.event.inputs.testnet_type }}-eth2network" \ + --tags ${{ vars.AZURE_DEPLOY_GROUP_L1 }}=true \ + --vnet-name ${{ github.event.inputs.testnet_type }}-eth2network-01VNET --subnet ${{ github.event.inputs.testnet_type }}-eth2network-01Subnet \ --size Standard_D3_v2 --image Canonical:0001-com-ubuntu-server-jammy:22_04-lts:latest \ --public-ip-sku Basic --authentication-type password @@ -111,18 +94,18 @@ jobs: uses: azure/CLI@v1 with: inlineScript: | - az vm open-port -g Testnet -n "${{env.RESOURCE_NAME}}-${{ GITHUB.RUN_NUMBER }}" --port 8025,8026,9000,9001 + az vm open-port -g Testnet -n "${{ github.event.inputs.testnet_type }}-eth2network-${{ GITHUB.RUN_NUMBER }}" --port 8025,8026,9000,9001 # To overcome issues with critical VM resources being unavailable, we need to wait for the VM to be ready - name: 'Allow time for VM initialization' shell: bash run: sleep 60 - - name: 'Start l1 ${{env.RESOURCE_NAME}}-${{ GITHUB.RUN_NUMBER }} on Azure' + - name: 'Start l1 ${{ github.event.inputs.testnet_type }}-eth2network-${{ GITHUB.RUN_NUMBER }} on Azure' uses: azure/CLI@v1 with: inlineScript: | - az vm run-command invoke -g Testnet -n "${{env.RESOURCE_NAME}}-${{ GITHUB.RUN_NUMBER }}" \ + az vm run-command invoke -g Testnet -n "${{ github.event.inputs.testnet_type }}-eth2network-${{ GITHUB.RUN_NUMBER }}" \ --command-id RunShellScript \ --scripts 'mkdir -p /home/obscuro \ && sudo apt-get update \ @@ -145,10 +128,8 @@ jobs: datadog/agent:latest \ && docker run -d \ -p 8025:8025 -p 8026:8026 -p 9000:9000 -p 9001:9001 \ - --entrypoint /home/obscuro/go-obscuro/integration/eth2network/main/main ${{ env.ETH2NETWORK_BUILD_TAG }} \ + --entrypoint /home/obscuro/go-obscuro/integration/eth2network/main/main ${{ vars.DOCKER_BUILD_TAG_ETH2NETWORK }} \ --blockTimeSecs=15 --slotsPerEpoch=2 --slotsPerSecond=15 \ --numNodes=1 --gethHTTPStartPort=8025 --gethWSStartPort=9000 \ --logToFile=false \ - --prefundedAddrs="${{ vars.WORKER_ADDR }},${{ vars.NODE_WALLET_ADDR_0 }},${{ vars.NODE_WALLET_ADDR_1 }},${{ env.TEST_BRIDGE_ADDRESS }}"' - - + --prefundedAddrs="${{ vars.ACCOUNT_ADDR_WORKER }},${{ vars.ACCOUNT_ADDR_NODE_0 }},${{ vars.ACCOUNT_ADDR_NODE_1 }},${{ vars.ACCOUNT_ADDR_L1_BRIDGE_TEST }}"' diff --git a/.github/workflows/manual-deploy-testnet-l2.yml b/.github/workflows/manual-deploy-testnet-l2.yml index 4ea71928b7..d0db3f9ba7 100644 --- a/.github/workflows/manual-deploy-testnet-l2.yml +++ b/.github/workflows/manual-deploy-testnet-l2.yml @@ -42,33 +42,17 @@ jobs: steps: + - name: 'Print GitHub variables' + # This is a useful record of what the environment variables were at the time the job ran, for debugging and reference + run: | + echo "GitHub Variables = ${{ toJSON(vars) }}" + - uses: actions/checkout@v3 - uses: actions/setup-go@v4 with: go-version: 1.20.4 - - name: 'Print GitHub variables' - # This is a useful record of what the environment variables were at the time the job ran, for debugging and reference - run: | - echo "L2_ENCLAVE_DOCKER_BUILD_TAG=${{vars.L2_ENCLAVE_DOCKER_BUILD_TAG}}" - echo "L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG=${{vars.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG}}" - echo "L2_HOST_DOCKER_BUILD_TAG=${{vars.L2_HOST_DOCKER_BUILD_TAG}}" - - echo "RESOURCE_STARTING_NAME=${{vars.RESOURCE_STARTING_NAME}}" - echo "RESOURCE_TAG_NAME=${{vars.RESOURCE_TAG_NAME}}" - echo "RESOURCE_TESTNET_NAME=${{vars.RESOURCE_TESTNET_NAME}}" - - echo "L1_CHAIN_ID=${{vars.L1_CHAIN_ID}}" - echo "NODE_WALLET_ADDR_0=${{vars.NODE_WALLET_ADDR_0}}" - echo "NODE_WALLET_ADDR_1=${{vars.NODE_WALLET_ADDR_1}}" - echo "WORKER_ADDR=${{vars.WORKER_ADDR}}" - - echo "BATCH_INTERVAL=${{vars.BATCH_INTERVAL}}" - echo "L2_MAX_BATCH_INTERVAL=${{vars.L2_MAX_BATCH_INTERVAL}}" - echo "ROLLUP_INTERVAL=${{vars.ROLLUP_INTERVAL}}" - echo "FAUCET_FUNDS=${{vars.FAUCET_FUNDS}}" - - name: 'Login via Azure CLI' uses: azure/login@v1 with: @@ -83,12 +67,12 @@ jobs: - name: 'Build and push obscuro node images' run: | - DOCKER_BUILDKIT=1 docker build -t ${{vars.L2_ENCLAVE_DOCKER_BUILD_TAG}} -f dockerfiles/enclave.Dockerfile . - docker push ${{vars.L2_ENCLAVE_DOCKER_BUILD_TAG}} - DOCKER_BUILDKIT=1 docker build -t ${{vars.L2_HOST_DOCKER_BUILD_TAG}} -f dockerfiles/host.Dockerfile . - docker push ${{vars.L2_HOST_DOCKER_BUILD_TAG}} - DOCKER_BUILDKIT=1 docker build -t ${{vars.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG}} -f tools/hardhatdeployer/Dockerfile . - docker push ${{vars.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG}} + DOCKER_BUILDKIT=1 docker build -t ${{ vars.DOCKER_BUILD_TAG_ENCLAVE }} -f dockerfiles/enclave.Dockerfile . + docker push ${{ vars.DOCKER_BUILD_TAG_ENCLAVE }} + DOCKER_BUILDKIT=1 docker build -t ${{ vars.DOCKER_BUILD_TAG_HOST }} -f dockerfiles/host.Dockerfile . + docker push ${{ vars.DOCKER_BUILD_TAG_HOST }} + DOCKER_BUILDKIT=1 docker build -t ${{ vars.DOCKER_BUILD_TAG_L2_HARDHAT_DEPLOYER }} -f tools/hardhatdeployer/Dockerfile . + docker push ${{ vars.DOCKER_BUILD_TAG_L2_HARDHAT_DEPLOYER }} - name: 'Deploy Contracts' id: deployContracts @@ -96,8 +80,8 @@ jobs: run: | go run ./testnet/launcher/l1contractdeployer/cmd \ -l1_http_url=${{ secrets.L1_HTTP_URL }} \ - -private_key=${{ secrets.WORKER_PK }} \ - -docker_image=${{vars.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG}} \ + -private_key=${{ secrets.ACCOUNT_PK_WORKER }} \ + -docker_image=${{ vars.DOCKER_BUILD_TAG_L2_HARDHAT_DEPLOYER }} \ -contracts_env_file=./testnet/.env source ./testnet/.env echo "Contracts deployed to $MGMTCONTRACTADDR" @@ -119,14 +103,14 @@ jobs: uses: azure/CLI@v1 with: inlineScript: | - $(az resource list --tag ${{vars.RESOURCE_TAG_NAME}}=true --query '[]."id"' -o tsv | xargs -n1 az resource delete --verbose -g Testnet --ids) || true + $(az resource list --tag ${{ vars.AZURE_DEPLOY_GROUP_L2 }}=true --query '[]."id"' -o tsv | xargs -n1 az resource delete --verbose -g Testnet --ids) || true # This will clean up any lingering dependencies - might fail if there are no resources to cleanup - name: 'Delete VMs dependencies' uses: azure/CLI@v1 with: inlineScript: | - $(az resource list --tag ${{vars.RESOURCE_TAG_NAME}}=true --query '[]."id"' -o tsv | xargs -n1 az resource delete --verbose -g Testnet --ids) || true + $(az resource list --tag ${{ vars.AZURE_DEPLOY_GROUP_L2 }}=true --query '[]."id"' -o tsv | xargs -n1 az resource delete --verbose -g Testnet --ids) || true - name: 'Upload L1 deployer container logs' uses: actions/upload-artifact@v3 @@ -157,13 +141,13 @@ jobs: - node_type: validator host_id: 1 # Hardcoded lookup keys because GH actions doesn't let you build them inline with the host_id - - node_pk_lookup: NODE_WALLET_PK_0 + - node_pk_lookup: ACCOUNT_PK_NODE_0 host_id: 0 - - node_pk_lookup: NODE_WALLET_PK_1 + - node_pk_lookup: ACCOUNT_PK_NODE_1 host_id: 1 - - node_addr_lookup: NODE_WALLET_ADDR_0 + - node_addr_lookup: ACCOUNT_ADDR_NODE_0 host_id: 0 - - node_addr_lookup: NODE_WALLET_ADDR_1 + - node_addr_lookup: ACCOUNT_ADDR_NODE_1 host_id: 1 - node_l1_ws_lookup: L1_WS_URL_0 host_id: 0 @@ -192,11 +176,11 @@ jobs: uses: azure/CLI@v1 with: inlineScript: | - az vm create -g Testnet -n "${{vars.RESOURCE_STARTING_NAME}}-${{ matrix.host_id }}-${{ GITHUB.RUN_NUMBER }}" \ + az vm create -g Testnet -n "${{ vars.AZURE_RESOURCE_PREFIX }}-${{ matrix.host_id }}-${{ GITHUB.RUN_NUMBER }}" \ --admin-username obscurouser --admin-password "${{ secrets.OBSCURO_NODE_VM_PWD }}" \ - --public-ip-address-dns-name "obscuronode-${{ matrix.host_id }}-${{vars.RESOURCE_TESTNET_NAME}}-${{ GITHUB.RUN_NUMBER }}" \ - --tags deploygroup=ObscuroNode-${{vars.RESOURCE_TESTNET_NAME}}-${{ GITHUB.RUN_NUMBER }} ${{vars.RESOURCE_TAG_NAME}}=true \ - --vnet-name ${{vars.RESOURCE_TESTNET_NAME}}-virtual-network --subnet ${{vars.RESOURCE_TESTNET_NAME}}-sub-network \ + --public-ip-address-dns-name "obscuronode-${{ matrix.host_id }}-${{ github.event.inputs.testnet_type }}-${{ GITHUB.RUN_NUMBER }}" \ + --tags deploygroup=ObscuroNode-${{ github.event.inputs.testnet_type }}-${{ GITHUB.RUN_NUMBER }} ${{ vars.AZURE_DEPLOY_GROUP_L2 }}=true \ + --vnet-name ${{ github.event.inputs.testnet_type }}-virtual-network --subnet ${{ github.event.inputs.testnet_type }}-sub-network \ --size Standard_DC8_v2 --storage-sku StandardSSD_LRS --image ObscuroConfUbuntu \ --public-ip-sku Standard --authentication-type password @@ -204,7 +188,7 @@ jobs: uses: azure/CLI@v1 with: inlineScript: | - az vm open-port -g Testnet -n "${{vars.RESOURCE_STARTING_NAME}}-${{ matrix.host_id }}-${{ GITHUB.RUN_NUMBER }}" --port 80,81,6060,6061,10000 + az vm open-port -g Testnet -n "${{ vars.AZURE_RESOURCE_PREFIX }}-${{ matrix.host_id }}-${{ GITHUB.RUN_NUMBER }}" --port 80,81,6060,6061,10000 # To overcome issues with critical VM resources being unavailable, we need to wait for the VM to be ready - name: 'Allow time for VM initialization' @@ -215,7 +199,7 @@ jobs: uses: azure/CLI@v1 with: inlineScript: | - az vm run-command invoke -g Testnet -n "${{vars.RESOURCE_STARTING_NAME}}-${{ matrix.host_id }}-${{ GITHUB.RUN_NUMBER }}" \ + az vm run-command invoke -g Testnet -n "${{ vars.AZURE_RESOURCE_PREFIX }}-${{ matrix.host_id }}-${{ GITHUB.RUN_NUMBER }}" \ --command-id RunShellScript \ --scripts 'mkdir -p /home/obscuro \ && git clone --depth 1 -b ${{ env.BRANCH_NAME }} https://github.com/obscuronet/go-obscuro.git /home/obscuro/go-obscuro \ @@ -244,17 +228,17 @@ jobs: -message_bus_contract_addr=${{needs.build.outputs.MSG_BUS_CONTRACT_ADDR}} \ -l1_start=${{needs.build.outputs.L1_START_HASH}} \ -private_key=${{ secrets[matrix.node_pk_lookup] }} \ - -sequencer_id=${{ vars.NODE_WALLET_ADDR_0 }} \ - -host_public_p2p_addr=obscuronode-${{ matrix.host_id }}-${{vars.RESOURCE_TESTNET_NAME}}-${{ GITHUB.RUN_NUMBER }}.uksouth.cloudapp.azure.com:10000 \ + -sequencer_id=${{ vars.ACCOUNT_ADDR_NODE_0 }} \ + -host_public_p2p_addr=obscuronode-${{ matrix.host_id }}-${{ github.event.inputs.testnet_type }}-${{ GITHUB.RUN_NUMBER }}.uksouth.cloudapp.azure.com:10000 \ -host_p2p_port=10000 \ - -enclave_docker_image=${{vars.L2_ENCLAVE_DOCKER_BUILD_TAG}} \ - -host_docker_image=${{vars.L2_HOST_DOCKER_BUILD_TAG}} \ + -enclave_docker_image=${{ vars.L2_ENCLAVE_DOCKER_BUILD_TAG }} \ + -host_docker_image=${{ vars.L2_HOST_DOCKER_BUILD_TAG }} \ -is_debug_namespace_enabled=true \ -log_level=${{ github.event.inputs.log_level }} \ - -batch_interval=${{vars.BATCH_INTERVAL}} \ - -max_batch_interval=${{vars.L2_MAX_BATCH_INTERVAL}} \ - -rollup_interval=${{vars.ROLLUP_INTERVAL}} \ - -l1_chain_id=${{vars.L1_CHAIN_ID}} \ + -batch_interval=${{ vars.L2_BATCH_INTERVAL }} \ + -max_batch_interval=${{ vars.L2_MAX_BATCH_INTERVAL }} \ + -rollup_interval=${{ vars.L2_ROLLUP_INTERVAL }} \ + -l1_chain_id=${{ vars.L1_CHAIN_ID }} \ start' @@ -274,18 +258,18 @@ jobs: creds: ${{ secrets.AZURE_CREDENTIALS }} - name: 'Remove existing backend nodes from the load balancer' - run: ./.github/workflows/runner-scripts/testnet-clear-loadbalancer.sh ${{vars.RESOURCE_TESTNET_NAME}} + run: ./.github/workflows/runner-scripts/testnet-clear-loadbalancer.sh ${{ github.event.inputs.testnet_type }} - name: 'Add load balancer address pool to the IP configuration' uses: azure/CLI@v1 with: inlineScript: | az network nic ip-config address-pool add \ - --address-pool ${{vars.RESOURCE_TESTNET_NAME}}-backend-pool \ - --ip-config-name ipconfig${{vars.RESOURCE_STARTING_NAME}}-1-${{ GITHUB.RUN_NUMBER }} \ - --nic-name ${{vars.RESOURCE_STARTING_NAME}}-1-${{ GITHUB.RUN_NUMBER }}VMNic \ + --address-pool ${{ github.event.inputs.testnet_type }}-backend-pool \ + --ip-config-name ipconfig${{ vars.AZURE_RESOURCE_PREFIX }}-1-${{ GITHUB.RUN_NUMBER }} \ + --nic-name ${{ vars.AZURE_RESOURCE_PREFIX }}-1-${{ GITHUB.RUN_NUMBER }}VMNic \ --resource-group Testnet \ - --lb-name ${{vars.RESOURCE_TESTNET_NAME}}-loadbalancer + --lb-name ${{ github.event.inputs.testnet_type }}-loadbalancer check-obscuro-is-healthy: needs: @@ -300,8 +284,8 @@ jobs: - name: "Wait until obscuro node is healthy" shell: bash run: | - ./.github/workflows/runner-scripts/wait-node-healthy.sh --host=obscuronode-0-${{vars.RESOURCE_TESTNET_NAME}}-${{ GITHUB.RUN_NUMBER }}.uksouth.cloudapp.azure.com - ./.github/workflows/runner-scripts/wait-node-healthy.sh --host=obscuronode-1-${{vars.RESOURCE_TESTNET_NAME}}-${{ GITHUB.RUN_NUMBER }}.uksouth.cloudapp.azure.com + ./.github/workflows/runner-scripts/wait-node-healthy.sh --host=obscuronode-0-${{ github.event.inputs.testnet_type }}-${{ GITHUB.RUN_NUMBER }}.uksouth.cloudapp.azure.com + ./.github/workflows/runner-scripts/wait-node-healthy.sh --host=obscuronode-1-${{ github.event.inputs.testnet_type }}-${{ GITHUB.RUN_NUMBER }}.uksouth.cloudapp.azure.com deploy-l2-contracts: needs: @@ -318,16 +302,16 @@ jobs: shell: bash run: | go run ./testnet/launcher/l2contractdeployer/cmd \ - -l2_host=obscuronode-0-${{vars.RESOURCE_TESTNET_NAME}}-${{ GITHUB.RUN_NUMBER }}.uksouth.cloudapp.azure.com \ + -l2_host=obscuronode-0-${{ github.event.inputs.testnet_type }}-${{ GITHUB.RUN_NUMBER }}.uksouth.cloudapp.azure.com \ -l1_http_url=${{ secrets.L1_HTTP_URL }} \ -l2_ws_port=81 \ - -private_key=${{ secrets.WORKER_PK }} \ + -private_key=${{ secrets.ACCOUNT_PK_WORKER }} \ -l2_private_key=8dfb8083da6275ae3e4f41e3e8a8c19d028d32c9247e24530933782f2a05035b \ -l2_hoc_private_key=6e384a07a01263518a09a5424c7b6bbfc3604ba7d93f47e3a455cbdd7f9f0682 \ -l2_poc_private_key=4bfe14725e685901c062ccd4e220c61cf9c189897b6c78bd18d7f51291b2b8f8 \ -message_bus_contract_addr=${{ needs.build.outputs.MSG_BUS_CONTRACT_ADDR }} \ - -docker_image=${{vars.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG}} \ - -faucet_funds=${{vars.FAUCET_FUNDS}} + -docker_image=${{ vars.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG }} \ + -faucet_funds=${{ vars.FAUCET_FUNDS }} - name: 'Save L2 deployer container logs' run: | @@ -345,7 +329,7 @@ jobs: name: 'Trigger Faucet deployment for dev- / testnet on a new deployment' uses: ./.github/workflows/manual-deploy-testnet-faucet.yml with: - testnet_type: ${{github.event.inputs.testnet_type}} + testnet_type: ${{ github.event.inputs.testnet_type }} secrets: inherit needs: - check-obscuro-is-healthy diff --git a/.github/workflows/manual-recover-network-funds.yml b/.github/workflows/manual-recover-network-funds.yml index e065310d5e..4d722a12da 100644 --- a/.github/workflows/manual-recover-network-funds.yml +++ b/.github/workflows/manual-recover-network-funds.yml @@ -29,6 +29,11 @@ jobs: environment: name: ${{ github.event.inputs.testnet_type }} steps: + - name: 'Print GitHub variables' + # This is a useful record of what the environment variables were at the time the job ran, for debugging and reference + run: | + echo "GitHub Variables = ${{ toJSON(vars) }}" + - uses: actions/checkout@v3 - name: 'Login to Azure docker registry' @@ -40,8 +45,8 @@ jobs: - name: 'Build and push docker image' run: | - DOCKER_BUILDKIT=1 docker build -t ${{vars.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG}} -f tools/hardhatdeployer/Dockerfile . - docker push ${{vars.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG}} + DOCKER_BUILDKIT=1 docker build -t ${{ vars.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG }} -f tools/hardhatdeployer/Dockerfile . + docker push ${{ vars.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG }} - name: 'Deploy L2 contracts' id: deployL2Contracts @@ -49,9 +54,9 @@ jobs: run: | go run ./testnet/launcher/fundsrecovery/cmd \ -l1_http_url=${{ secrets.L1_HTTP_URL }} \ - -private_key=${{ secrets.WORKER_PK }} \ + -private_key=${{ secrets.ACCOUNT_PK_WORKER }} \ -mgmt_contract_addr=${{ github.event.inputs.mgmt_contract_addr }} \ - -docker_image=${{vars.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG}} \ + -docker_image=${{ vars.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG }} \ -acc_to_pay=${{ github.event.inputs.acc_to_pay }} - name: 'Save container logs on failure' diff --git a/.github/workflows/manual-upgrade-testnet-l2.yml b/.github/workflows/manual-upgrade-testnet-l2.yml index 9f62f28c57..562e386289 100644 --- a/.github/workflows/manual-upgrade-testnet-l2.yml +++ b/.github/workflows/manual-upgrade-testnet-l2.yml @@ -52,22 +52,7 @@ jobs: - name: 'Print GitHub variables' # This is a useful record of what the environment variables were at the time the job ran, for debugging and reference run: | - echo "L2_ENCLAVE_DOCKER_BUILD_TAG=${{vars.L2_ENCLAVE_DOCKER_BUILD_TAG}}" - echo "L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG=${{vars.L2_HARDHATDEPLOYER_DOCKER_BUILD_TAG}}" - echo "L2_HOST_DOCKER_BUILD_TAG=${{vars.L2_HOST_DOCKER_BUILD_TAG}}" - - echo "RESOURCE_STARTING_NAME=${{vars.RESOURCE_STARTING_NAME}}" - echo "RESOURCE_TAG_NAME=${{vars.RESOURCE_TAG_NAME}}" - echo "RESOURCE_TESTNET_NAME=${{vars.RESOURCE_TESTNET_NAME}}" - - echo "L1_CHAIN_ID=${{vars.L1_CHAIN_ID}}" - echo "NODE_WALLET_ADDR_0=${{vars.NODE_WALLET_ADDR_0}}" - echo "NODE_WALLET_ADDR_1=${{vars.NODE_WALLET_ADDR_1}}" - echo "WORKER_ADDR=${{vars.WORKER_ADDR}}" - - echo "BATCH_INTERVAL=${{vars.BATCH_INTERVAL}}" - echo "L2_MAX_BATCH_INTERVAL=${{vars.L2_MAX_BATCH_INTERVAL}}" - echo "ROLLUP_INTERVAL=${{vars.ROLLUP_INTERVAL}}" + echo "GitHub Variables = ${{ toJSON(vars) }}" - name: 'Login via Azure CLI' uses: azure/login@v1 @@ -77,7 +62,7 @@ jobs: - name: 'Fetch latest VM hostnames by env tag and extract build number' id: fetch_hostnames run: | - VM_HOSTNAME=$(az vm list --query "[?tags.\"${{vars.RESOURCE_TAG_NAME}}\"=='true'].{Name:name}[0]" -g Testnet -o tsv) + VM_HOSTNAME=$(az vm list --query "[?tags.\"${{ vars.AZURE_DEPLOY_GROUP_L2 }}\"=='true'].{Name:name}[0]" -g Testnet -o tsv) VM_BUILD_NUMBER=$(echo $VM_HOSTNAME | perl -ne 'if (/(-[0-9]{1}-)(\d+)/) { print $2 }') # Extract build number from VM hostname, e.g. D-0-321 -> 321 echo "VM_BUILD_NUMBER=${VM_BUILD_NUMBER}" >> $GITHUB_ENV echo "VM_HOSTNAME: ${VM_HOSTNAME}" @@ -90,7 +75,7 @@ jobs: - name: 'Output env vars' id: outputVars run: | - echo "VM_BUILD_NUMBER=${{env.VM_BUILD_NUMBER}}" >> $GITHUB_OUTPUT + echo "VM_BUILD_NUMBER=${{ env.VM_BUILD_NUMBER }}" >> $GITHUB_OUTPUT - name: 'Login to Azure docker registry' uses: azure/docker-login@v1 @@ -101,10 +86,10 @@ jobs: - name: 'Build and push obscuro node images' run: | - DOCKER_BUILDKIT=1 docker build -t ${{vars.L2_ENCLAVE_DOCKER_BUILD_TAG}} -f dockerfiles/enclave.Dockerfile . - docker push ${{vars.L2_ENCLAVE_DOCKER_BUILD_TAG}} - DOCKER_BUILDKIT=1 docker build -t ${{vars.L2_HOST_DOCKER_BUILD_TAG}} -f dockerfiles/host.Dockerfile . - docker push ${{vars.L2_HOST_DOCKER_BUILD_TAG}} + DOCKER_BUILDKIT=1 docker build -t ${{ vars.L2_ENCLAVE_DOCKER_BUILD_TAG }} -f dockerfiles/enclave.Dockerfile . + docker push ${{ vars.L2_ENCLAVE_DOCKER_BUILD_TAG }} + DOCKER_BUILDKIT=1 docker build -t ${{ vars.L2_HOST_DOCKER_BUILD_TAG }} -f dockerfiles/host.Dockerfile . + docker push ${{ vars.L2_HOST_DOCKER_BUILD_TAG }} deploy: needs: build @@ -127,13 +112,13 @@ jobs: - node_type: validator host_id: 1 # Hardcoded lookup keys because GH actions doesn't let you build them inline with the host_id - - node_pk_lookup: NODE_WALLET_PK_0 + - node_pk_lookup: ACCOUNT_PK_NODE_0 host_id: 0 - - node_pk_lookup: NODE_WALLET_PK_1 + - node_pk_lookup: ACCOUNT_PK_NODE_1 host_id: 1 - - node_addr_lookup: NODE_WALLET_ADDR_0 + - node_addr_lookup: ACCOUNT_ADDR_NODE_0 host_id: 0 - - node_addr_lookup: NODE_WALLET_ADDR_1 + - node_addr_lookup: ACCOUNT_ADDR_NODE_1 host_id: 1 - node_l1_ws_lookup: L1_WS_URL_0 host_id: 0 @@ -156,11 +141,11 @@ jobs: uses: azure/CLI@v1 with: inlineScript: | - az vm run-command invoke -g Testnet -n "${{vars.RESOURCE_STARTING_NAME}}-${{ matrix.host_id }}-${{needs.build.outputs.VM_BUILD_NUMBER}}" \ + az vm run-command invoke -g Testnet -n "${{ vars.AZURE_RESOURCE_PREFIX }}-${{ matrix.host_id }}-${{ needs.build.outputs.VM_BUILD_NUMBER }}" \ --command-id RunShellScript \ --scripts ' - docker pull ${{vars.L2_HOST_DOCKER_BUILD_TAG}} \ - && docker pull ${{vars.L2_ENCLAVE_DOCKER_BUILD_TAG}} \ + docker pull ${{ vars.L2_HOST_DOCKER_BUILD_TAG }} \ + && docker pull ${{ vars.L2_ENCLAVE_DOCKER_BUILD_TAG }} \ && rm -rf /home/obscuro/go-obscuro \ && git clone --depth 1 -b ${{ env.BRANCH_NAME }} https://github.com/obscuronet/go-obscuro.git /home/obscuro/go-obscuro \ && cd /home/obscuro/go-obscuro/ \ @@ -171,16 +156,16 @@ jobs: -host_id=${{ vars[matrix.node_addr_lookup] }} \ -l1_ws_url=${{ secrets[matrix.node_l1_ws_lookup] }} \ -private_key=${{ secrets[matrix.node_pk_lookup] }} \ - -sequencer_id=${{ vars.NODE_WALLET_ADDR_0 }} \ - -host_public_p2p_addr=obscuronode-${{ matrix.host_id }}-${{vars.RESOURCE_TESTNET_NAME}}-${{needs.build.outputs.VM_BUILD_NUMBER}}.uksouth.cloudapp.azure.com:10000 \ + -sequencer_id=${{ vars.ACCOUNT_ADDR_NODE_0 }} \ + -host_public_p2p_addr=obscuronode-${{ matrix.host_id }}-${{ github.event.inputs.testnet_type }}-${{ needs.build.outputs.VM_BUILD_NUMBER }}.uksouth.cloudapp.azure.com:10000 \ -host_p2p_port=10000 \ - -enclave_docker_image=${{vars.L2_ENCLAVE_DOCKER_BUILD_TAG}} \ - -host_docker_image=${{vars.L2_HOST_DOCKER_BUILD_TAG}} \ + -enclave_docker_image=${{ vars.L2_ENCLAVE_DOCKER_BUILD_TAG }} \ + -host_docker_image=${{ vars.L2_HOST_DOCKER_BUILD_TAG }} \ -log_level=${{ github.event.inputs.log_level }} \ - -batch_interval=${{vars.BATCH_INTERVAL}} \ - -max_batch_interval=${{vars.L2_MAX_BATCH_INTERVAL}} \ - -rollup_interval=${{vars.ROLLUP_INTERVAL}} \ - -l1_chain_id=${{vars.L1_CHAIN_ID}} \ + -batch_interval=${{ vars.L2_BATCH_INTERVAL }} \ + -max_batch_interval=${{ vars.L2_MAX_BATCH_INTERVAL }} \ + -rollup_interval=${{ vars.L2_ROLLUP_INTERVAL }} \ + -l1_chain_id=${{ vars.L1_CHAIN_ID }} \ upgrade' check-obscuro-is-healthy: @@ -196,8 +181,8 @@ jobs: - name: "Wait until obscuro node is healthy" shell: bash run: | - ./.github/workflows/runner-scripts/wait-node-healthy.sh --host=obscuronode-0-${{vars.RESOURCE_TESTNET_NAME}}-${{needs.build.outputs.VM_BUILD_NUMBER}}.uksouth.cloudapp.azure.com - ./.github/workflows/runner-scripts/wait-node-healthy.sh --host=obscuronode-1-${{vars.RESOURCE_TESTNET_NAME}}-${{needs.build.outputs.VM_BUILD_NUMBER}}.uksouth.cloudapp.azure.com + ./.github/workflows/runner-scripts/wait-node-healthy.sh --host=obscuronode-0-${{ github.event.inputs.testnet_type }}-${{ needs.build.outputs.VM_BUILD_NUMBER }}.uksouth.cloudapp.azure.com + ./.github/workflows/runner-scripts/wait-node-healthy.sh --host=obscuronode-1-${{ github.event.inputs.testnet_type }}-${{ needs.build.outputs.VM_BUILD_NUMBER }}.uksouth.cloudapp.azure.com deploy-faucet-on-dispatch: uses: ./.github/workflows/manual-deploy-testnet-faucet.yml