diff --git a/.github/workflows/deploy.nightly.devnet.yml b/.github/workflows/deploy.nightly.devnet.yml index 5a39f969c4..edcf679d2f 100644 --- a/.github/workflows/deploy.nightly.devnet.yml +++ b/.github/workflows/deploy.nightly.devnet.yml @@ -48,7 +48,7 @@ jobs: uses: actions/checkout@v3 with: repository: maticnetwork/terraform-polygon-supernets - ref: jesse/test-nightly + ref: main - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v2 with: @@ -80,17 +80,13 @@ jobs: env: TF_VAR_deployment_name: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} TF_VAR_owner: ${{ secrets.TF_VAR_OWNER }} - - name: Set Terraform log level to WARN - run: echo "TF_LOG=WARN" >> $GITHUB_ENV - name: Configure private keys run: | - export TF_LOG="ERROR" terraform output pk_ansible > ~/devnet_private.key chmod 600 ~/devnet_private.key eval "$(ssh-agent)" ssh-add ~/devnet_private.key - echo $(terraform output -raw geth_private_ip) - terraform output -raw geth_private_ip > rootchain_rpc.txt + terraform output -raw geth_private_ip | grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b" | head -1 | tr -d '\n' > rootchain_rpc.txt - name: Install ansible / botocore / boto3 run: | python3 -m pip install --user ansible @@ -98,14 +94,82 @@ jobs: - name: Configure ansible for nightly build working-directory: ansible run: | - echo -n "viable decrease resist spoil loop vocal foot only become glass satisfy dog pull junior jaguar maple entry donate panel slow innocent try movie snake" > password.txt + echo "${{ secrets.VAULT_PASSWORD_FILE }}" > password.txt cp local-extra-vars.yml.template local-extra-vars.yml sed 's/devnet01/${{ secrets.TF_VAR_DEPLOYMENT_NAME }}/g' inventory/aws_ec2.yml > inventory/aws_ec2.yml.tmp && mv inventory/aws_ec2.yml.tmp inventory/aws_ec2.yml - cat inventory/aws_ec2.yml sed 's/devnet01/${{ secrets.TF_VAR_DEPLOYMENT_NAME }}/g' local-extra-vars.yml > local-extra-vars.yml.tmp && mv local-extra-vars.yml.tmp local-extra-vars.yml ROOTCHAIN_RPC=$(cat ../rootchain_rpc.txt) - echo "\nrootchain_json_rpc: http://$ROOTCHAIN_RPC:8545" >> local-extra-vars.yml - cat local-extra-vars.yml + echo "rootchain_json_rpc: http://$ROOTCHAIN_RPC:8545" >> local-extra-vars.yml + - name: Create script file + working-directory: ansible + run: | + cat > roles/edge/templates/bootstrap.sh <<'EOF' + #!/bin/bash + + main() { + if [[ -d "/var/lib/bootstrap" ]]; then + echo "It appears this network has already been boot strapped" + exit + fi + mkdir /var/lib/bootstrap + pushd /var/lib/bootstrap + + {% for item in hostvars %} + {% if (hostvars[item].tags.Role == "fullnode" or hostvars[item].tags.Role == "validator") %} + polygon-edge polybft-secrets init --data-dir {{ hostvars[item].tags["Name"] }} \ + --chain-id {{ chain_id }} \ + --json \ + --insecure > {{ hostvars[item].tags["Name"] }}.json + {% endif %} + {% endfor %} + + apt update + curl -fsSL https://deb.nodesource.com/setup_18.x | bash - + apt-get install -y nodejs + + pushd /opt/polygon-edge/ + make compile-core-contracts + cp -r /opt/polygon-edge/core-contracts /var/lib/bootstrap/core-contracts/ + popd + + polygon-edge manifest {% for item in hostvars %}{% if (hostvars[item].tags.Role == "validator") %} --validators /dns4/{{ hostvars[item].tags["Name"] }}/tcp/{{ edge_p2p_port }}/p2p/$(cat {{ hostvars[item].tags["Name"] }}.json | jq -r '.[0].node_id'):$(cat {{ hostvars[item].tags["Name"] }}.json | jq -r '.[0].address'):$(cat {{ hostvars[item].tags["Name"] }}.json | jq -r '.[0].bls_pubkey'):$(cat {{ hostvars[item].tags["Name"] }}.json | jq -r '.[0].bls_signature') {% endif %}{% endfor %} \ + --path ./manifest.json \ + --premine-validators 1000000000000000000000000000 \ + --chain-id {{ chain_id }} + + polygon-edge genesis \ + {% for item in hostvars %}{% if (hostvars[item].tags.Role == "validator") %} --validators /dns4/{{ hostvars[item].tags["Name"] }}/tcp/{{ edge_p2p_port }}/p2p/$(cat {{ hostvars[item].tags["Name"] }}.json | jq -r '.[0].node_id'):$(cat {{ hostvars[item].tags["Name"] }}.json | jq -r '.[0].address'):$(cat {{ hostvars[item].tags["Name"] }}.json | jq -r '.[0].bls_pubkey'):$(cat {{ hostvars[item].tags["Name"] }}.json | jq -r '.[0].bls_signature') {% endif %}{% endfor %} \ + --consensus polybft \ + {% for item in hostvars %}{% if (hostvars[item].tags.Role == "fullnode" or hostvars[item].tags.Role == "validator") %} --bootnode /dns4/{{ hostvars[item].tags["Name"] }}/tcp/{{ edge_p2p_port }}/p2p/$(cat {{ hostvars[item].tags["Name"] }}.json | jq -r '.[0].node_id') {% endif %}{% endfor %} \ + {% for address in premine_address %} --premine {{ address }}:1000000000000000000000000000 {% endfor %} + --premine 0x1AB8C3df809b85012a009c0264eb92dB04eD6EFa:1000000000000000000000000000 \ + --premine 0x0000000000000000000000000000000000000000 \ + --block-gas-limit {{ block_gas_limit }} \ + --block-time {{ block_time }}s \ + --chain-id {{ chain_id }} \ + --epoch-size 10 + + polycli wallet create --words 12 --language english | jq '.Addresses[0]' > rootchain-wallet.json + COINBASE_ADDRESS=$(curl -H "Content-Type: application/json" -X POST --data '{"jsonrpc":"2.0","method":"eth_coinbase","params":[],"id":1}' {{ rootchain_json_rpc }} | jq -r '.result') + curl -X POST --data '{"jsonrpc":"2.0","method":"eth_sendTransaction","params":[{"from":"'"$COINBASE_ADDRESS"'","to":"'"$(cat rootchain-wallet.json | jq -r '.ETHAddress')"'","value":"0x3635C9ADC5DEA00000"}],"id":1}' -H "Content-Type: application/json" {{ rootchain_json_rpc }} + sleep 5 + polygon-edge rootchain deploy \ + --deployer-key $(cat rootchain-wallet.json | jq -r '.HexPrivateKey') \ + --json-rpc {{ rootchain_json_rpc }} + + {% for item in hostvars %} + {% if (hostvars[item].tags.Role == "validator") %} + polygon-edge rootchain fund --data-dir {{ hostvars[item].tags["Name"] }} --json-rpc {{ rootchain_json_rpc }} + {% endif %} + {% endfor %} + + tar czf {{ base_dn }}.tar.gz validator* fullnode* genesis.json + popd + } + + main + + EOF - name: Run Ansible working-directory: ansible run: | @@ -115,8 +179,8 @@ jobs: - name: Set rpc url value id: url run: | - touch rpc.txt - terraform output -raw aws_lb_ext_validator_domain | grep -o -E '^ext[^:]*' > rpc.txt + terraform output -raw aws_lb_ext_domain + terraform output -raw aws_lb_ext_domain | grep -o -E '^ext[^:]*' > rpc.txt - uses: actions/upload-artifact@v3 with: name: rpc-url @@ -157,20 +221,19 @@ jobs: uses: actions/checkout@v3 with: repository: maticnetwork/terraform-polygon-supernets - ref: jesse/test-nightly + ref: main - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v2 with: role-to-assume: ${{ secrets.AWS_ROLE_ARN }} aws-region: ${{ secrets.AWS_REGION }} - name: Install Terraform - uses: hashicorp/setup-terraform@v2 + uses: hashicorp/setup-terraform@v2.0.3 with: - terraform_version: 1.4.2 + terraform_version: 1.4.5 - name: Configure terraform for nightly build run: | sed 's/# backend "s3" {}/backend "s3" {}/' main.tf > main.tf.tmp && mv main.tf.tmp main.tf - - name: Terraform Init id: init run: terraform init -backend-config="bucket=polygon-edge-devnet-tf-states" -backend-config="key=state/${{ secrets.TF_VAR_DEPLOYMENT_NAME }}" -backend-config="region=${{ secrets.AWS_REGION }}" diff --git a/.github/workflows/manual.deploy.nightly.devnet.yml b/.github/workflows/manual.deploy.nightly.devnet.yml index 9e2f057a3b..14bfa47be8 100644 --- a/.github/workflows/manual.deploy.nightly.devnet.yml +++ b/.github/workflows/manual.deploy.nightly.devnet.yml @@ -3,12 +3,13 @@ name: Nightly DevNet Workflow (Manual) on: # yamllint disable-line rule:truthy - push: - branches: - - jesse/nightly-loadtest-workflow + pull_request: + branches: [main] workflow_call: {} workflow_dispatch: {} +concurrency: 'manual-nightly-devnet' + permissions: id-token: write contents: read