From 10373a0e64d6008b2b2b84283700165c8c21f9a9 Mon Sep 17 00:00:00 2001 From: otherview Date: Wed, 20 Dec 2023 11:40:08 +0000 Subject: [PATCH] Add validator flow --- .../manual-deploy-testnet-validator.yml | 231 ++++++++++++++++++ 1 file changed, 231 insertions(+) create mode 100644 .github/workflows/manual-deploy-testnet-validator.yml diff --git a/.github/workflows/manual-deploy-testnet-validator.yml b/.github/workflows/manual-deploy-testnet-validator.yml new file mode 100644 index 0000000000..cbc5d4ad00 --- /dev/null +++ b/.github/workflows/manual-deploy-testnet-validator.yml @@ -0,0 +1,231 @@ +# Deploys an Ten validator on Azure for Testnet +# +# This script uses GitHub Environments for variables (vars) and secrets - these are configured on GitHub and +# the environments match the input.testnet_type options +# + +name: '[M] Deploy Testnet Validator' +run-name: '[M] Deploy Testnet Validator ( ${{ github.event.inputs.testnet_type }} )' +on: + workflow_dispatch: + inputs: + testnet_type: + description: 'Testnet Type' + required: true + default: 'dev-testnet' + type: choice + options: + - 'dev-testnet' + - 'uat-testnet' + - 'sepolia-testnet' + log_level: + description: 'Log Level 1-Error 5-Trace' + required: true + default: 3 + type: number + node_private_key: + description: 'Node Private Key' + required: true + type: string + node_account_address: + description: 'Node Account Address' + required: true + type: string + node_l1_ws_url: + description: 'Node L1 Connection String' + required: true + type: string + MGMT_CONTRACT_ADDR: + description: 'Management Contract Addr' + required: true + type: string + MSG_BUS_CONTRACT_ADDR: + description: 'Message bus Contract Addr' + required: true + type: string + L1_START_HASH: + description: 'L1 Starting Hash' + required: true + type: string + HOC_ERC20_ADDR: + description: 'HOC ERC20 Contract Addr' + required: true + type: string + POC_ERC20_ADDR: + description: 'POC ERC20 Contract Addr' + required: true + type: string + +jobs: + build: + runs-on: ubuntu-latest + environment: + name: ${{ github.event.inputs.testnet_type }} + + + steps: + - name: 'Print GitHub variables' + # This is a useful record of what the environment variables were at the time the job ran, for debugging and reference + run: | + echo "GitHub Variables = ${{ toJSON(vars) }}" + + - uses: actions/checkout@v3 + + - uses: actions/setup-go@v4 + with: + go-version: 1.20.4 + + - name: 'Login via Azure CLI' + uses: azure/login@v1 + with: + creds: ${{ secrets.AZURE_CREDENTIALS }} + + - name: 'Login to Azure docker registry' + uses: azure/docker-login@v1 + with: + login-server: testnetobscuronet.azurecr.io + username: testnetobscuronet + password: ${{ secrets.REGISTRY_PASSWORD }} + + - name: 'Build and push obscuro node images' + run: | + DOCKER_BUILDKIT=1 docker build -t ${{ vars.DOCKER_BUILD_TAG_ENCLAVE }} --build-arg TESTMODE=true -f dockerfiles/enclave.Dockerfile . + docker push ${{ vars.DOCKER_BUILD_TAG_ENCLAVE }} + DOCKER_BUILDKIT=1 docker build -t ${{ vars.DOCKER_BUILD_TAG_HOST }} -f dockerfiles/host.Dockerfile . + docker push ${{ vars.DOCKER_BUILD_TAG_HOST }} + DOCKER_BUILDKIT=1 docker build -t ${{ vars.DOCKER_BUILD_TAG_L2_HARDHAT_DEPLOYER }} -f tools/hardhatdeployer/Dockerfile . + docker push ${{ vars.DOCKER_BUILD_TAG_L2_HARDHAT_DEPLOYER }} + + deploy: + needs: build + runs-on: ubuntu-latest + environment: + name: ${{ github.event.inputs.testnet_type }} + + + steps: + - name: 'Extract branch name' + shell: bash + run: | + echo "Branch Name: ${GITHUB_REF_NAME}" + echo "BRANCH_NAME=${GITHUB_REF_NAME}" >> $GITHUB_ENV + + - name: 'Login via Azure CLI' + uses: azure/login@v1 + with: + creds: ${{ secrets.AZURE_CREDENTIALS }} + + - name: 'Create VM for Obscuro node-${{ matrix.host_id }} on Azure' + uses: azure/CLI@v1 + with: + inlineScript: | + az vm create -g Testnet -n "${{ vars.AZURE_RESOURCE_PREFIX }}-${{ matrix.host_id }}-${{ GITHUB.RUN_NUMBER }}" \ + --admin-username obscurouser --admin-password "${{ secrets.OBSCURO_NODE_VM_PWD }}" \ + --public-ip-address-dns-name "obscuronode-${{ matrix.host_id }}-${{ github.event.inputs.testnet_type }}-${{ GITHUB.RUN_NUMBER }}" \ + --tags deploygroup=ObscuroNode-${{ github.event.inputs.testnet_type }}-${{ GITHUB.RUN_NUMBER }} ${{ vars.AZURE_DEPLOY_GROUP_L2 }}=true \ + --vnet-name ${{ github.event.inputs.testnet_type }}-virtual-network --subnet ${{ github.event.inputs.testnet_type }}-sub-network \ + --size Standard_DC8_v2 --storage-sku StandardSSD_LRS --image ObscuroConfUbuntu \ + --public-ip-sku Standard --authentication-type password + + - name: 'Open Obscuro node-${{ matrix.host_id }} ports on Azure' + uses: azure/CLI@v1 + with: + inlineScript: | + az vm open-port -g Testnet -n "${{ vars.AZURE_RESOURCE_PREFIX }}-${{ matrix.host_id }}-${{ GITHUB.RUN_NUMBER }}" --port 80,81,6060,6061,10000 + + # To overcome issues with critical VM resources being unavailable, we need to wait for the VM to be ready + - name: 'Allow time for VM initialization' + shell: bash + run: sleep 60 + + - name: 'Start Obscuro node-${{ matrix.host_id }} on Azure' + uses: azure/CLI@v1 + with: + inlineScript: | + az vm run-command invoke -g Testnet -n "${{ vars.AZURE_RESOURCE_PREFIX }}-${{ matrix.host_id }}-${{ GITHUB.RUN_NUMBER }}" \ + --command-id RunShellScript \ + --scripts 'mkdir -p /home/obscuro \ + && git clone --depth 1 -b ${{ env.BRANCH_NAME }} https://github.com/ten-protocol/go-ten.git /home/obscuro/go-obscuro \ + && docker network create --driver bridge node_network || true \ + && docker run -d --name datadog-agent \ + --network node_network \ + -e DD_API_KEY=${{ secrets.DD_API_KEY }} \ + -e DD_LOGS_ENABLED=true \ + -e DD_LOGS_CONFIG_CONTAINER_COLLECT_ALL=true \ + -e DD_LOGS_CONFIG_AUTO_MULTI_LINE_DETECTION=true \ + -e DD_CONTAINER_EXCLUDE_LOGS="name:datadog-agent" \ + -e DD_SITE="datadoghq.eu" \ + -v /var/run/docker.sock:/var/run/docker.sock:ro \ + -v /proc/:/host/proc/:ro \ + -v /opt/datadog-agent/run:/opt/datadog-agent/run:rw \ + -v /sys/fs/cgroup/:/host/sys/fs/cgroup:ro \ + datadog/agent:latest \ + && cd /home/obscuro/go-obscuro/ \ + && sudo go run /home/obscuro/go-obscuro/go/node/cmd \ + -is_genesis=false \ + -node_type=validator \ + -is_sgx_enabled=true \ + -host_id=${{ github.event.inputs.node_account_address }} \ + -l1_ws_url=${{ github.event.inputs.node_l1_ws_url }} \ + -management_contract_addr=${{ github.event.inputs.MGMT_CONTRACT_ADDR }} \ + -message_bus_contract_addr=${{ github.event.inputs.MSG_BUS_CONTRACT_ADDR }} \ + -l1_start=${{ github.event.inputs.L1_START_HASH }} \ + -private_key=${{ github.event.inputs.node_private_key }} \ + -sequencer_id=${{ vars.ACCOUNT_ADDR_NODE_0 }} \ + -host_public_p2p_addr=obscuronode-${{ matrix.host_id }}-${{ github.event.inputs.testnet_type }}-${{ GITHUB.RUN_NUMBER }}.uksouth.cloudapp.azure.com:10000 \ + -host_p2p_port=10000 \ + -enclave_docker_image=${{ vars.L2_ENCLAVE_DOCKER_BUILD_TAG }} \ + -host_docker_image=${{ vars.L2_HOST_DOCKER_BUILD_TAG }} \ + -is_debug_namespace_enabled=true \ + -log_level=${{ github.event.inputs.log_level }} \ + -batch_interval=${{ vars.L2_BATCH_INTERVAL }} \ + -max_batch_interval=${{ vars.L2_MAX_BATCH_INTERVAL }} \ + -rollup_interval=${{ vars.L2_ROLLUP_INTERVAL }} \ + -l1_chain_id=${{ vars.L1_CHAIN_ID }} \ + start' + + + update-loadbalancer: + needs: + - build + - deploy + runs-on: ubuntu-latest + environment: + name: ${{ github.event.inputs.testnet_type }} + steps: + - uses: actions/checkout@v3 + + - name: 'Login via Azure CLI' + uses: azure/login@v1 + with: + creds: ${{ secrets.AZURE_CREDENTIALS }} + + - name: 'Remove existing backend nodes from the load balancer' + run: ./.github/workflows/runner-scripts/testnet-clear-loadbalancer.sh ${{ github.event.inputs.testnet_type }} + + - name: 'Add load balancer address pool to the IP configuration' + uses: azure/CLI@v1 + with: + inlineScript: | + az network nic ip-config address-pool add \ + --address-pool ${{ github.event.inputs.testnet_type }}-backend-pool \ + --ip-config-name ipconfig${{ vars.AZURE_RESOURCE_PREFIX }}-1-${{ GITHUB.RUN_NUMBER }} \ + --nic-name ${{ vars.AZURE_RESOURCE_PREFIX }}-1-${{ GITHUB.RUN_NUMBER }}VMNic \ + --resource-group Testnet \ + --lb-name ${{ github.event.inputs.testnet_type }}-loadbalancer + + check-obscuro-is-healthy: + needs: + - build + - deploy + runs-on: ubuntu-latest + environment: + name: ${{ github.event.inputs.testnet_type }} + steps: + - uses: actions/checkout@v3 + + - name: "Wait until obscuro node is healthy" + shell: bash + run: | + ./.github/workflows/runner-scripts/wait-node-healthy.sh --host=obscuronode-0-${{ github.event.inputs.testnet_type }}-${{ GITHUB.RUN_NUMBER }}.uksouth.cloudapp.azure.com + ./.github/workflows/runner-scripts/wait-node-healthy.sh --host=obscuronode-1-${{ github.event.inputs.testnet_type }}-${{ GITHUB.RUN_NUMBER }}.uksouth.cloudapp.azure.com