From f682f72e9d3a04582afa8bce2fc48c260d7025b8 Mon Sep 17 00:00:00 2001 From: Jesse Lee Date: Tue, 4 Apr 2023 03:18:10 -0400 Subject: [PATCH 01/13] DVT-561 Add nightly build loadtest workflow --- .github/workflows/devnet.yml | 189 +++++++++++++++ .github/workflows/jesse-test-nightly.yml | 39 +++ .github/workflows/loadtest.yml | 290 ++++++++++++----------- 3 files changed, 374 insertions(+), 144 deletions(-) create mode 100644 .github/workflows/devnet.yml create mode 100644 .github/workflows/jesse-test-nightly.yml diff --git a/.github/workflows/devnet.yml b/.github/workflows/devnet.yml new file mode 100644 index 0000000000..f81bb358b3 --- /dev/null +++ b/.github/workflows/devnet.yml @@ -0,0 +1,189 @@ +--- + +name: Build Devnet +on: # yamllint disable-line rule:truthy + workflow_dispatch: + inputs: + runner: + description: The runner to execute on + default: 'ubuntu-latest' + type: choice + options: + - ubuntu-latest + - devnet + - testnet + environment: + description: The environment to run against + required: false + type: environment + workflow_call: + inputs: + environment: + description: The environment to run against + type: string + required: true + runner: + required: true + type: string + description: The runner label to use + secrets: + AWS_ROLE_ARN: + required: true + AWS_REGION: + required: true + TF_VAR_AWS_PROFILE: + required: true + TF_VAR_COMPANY_NAME: + required: true + TF_VAR_CREATE_SSH_KEY: + required: true + TF_VAR_DEPLOYMENT_NAME: + required: true + TF_VAR_DEVNET_KEY_VALUE: + required: true + TF_VAR_EXPLORER_RDS_MASTER_PASSWORD: + required: true + TF_VAR_JUMPBOX_SSH_ACCESS: + required: true + TF_VAR_OWNER: + required: true + SLACK_PERFORMANCE_WEBHOOK_URL: + required: true + DD_API_KEY: + required: true + LOADTEST_MNEMONIC: + required: true + VAULT_PASSWORD_FILE: + required: true + ANSIBLE_PRIVATE_SSH: + required: true + +jobs: + build: + runs-on: ubuntu-latest + environment: ${{ inputs.environment }} + steps: + - name: Checkout code + uses: actions/checkout@v3 + with: + repository: maticnetwork/terraform-polygon-supernets + ref: polygon-edge-nightly-build + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + role-to-assume: ${{ secrets.AWS_ROLE_ARN }} + aws-region: ${{ secrets.AWS_REGION }} + - name: Install Terraform + uses: hashicorp/setup-terraform@v2 + with: + terraform_version: 1.4.4 + - name: Terraform Init + id: init + run: terraform init + - name: Terraform Validate + id: validate + run: terraform validate -no-color + - name: Terraform Plan + id: plan + run: terraform plan -out=tfplan -no-color + continue-on-error: true + env: + TF_VAR_explorer_rds_master_password: ${{ secrets.TF_VAR_EXPLORER_RDS_MASTER_PASSWORD }} + TF_VAR_deployment_name: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} + TF_VAR_company_name: ${{ secrets.TF_VAR_COMPANY_NAME }} + TF_VAR_owner: ${{ secrets.TF_VAR_OWNER }} + TF_VAR_aws_profile: ${{ secrets.TF_VAR_AWS_PROFILE }} + TF_VAR_create_ssh_key: ${{ secrets.TF_VAR_CREATE_SSH_KEY }} + TF_VAR_devnet_key_value: ${{ secrets.TF_VAR_DEVNET_KEY_VALUE }} + TF_VAR_jumpbox_ssh_access: ${{ secrets.TF_VAR_JUMPBOX_SSH_ACCESS }} + # - name: Retrieve state file from s3 + # run: aws s3 cp s3://polygon-edge-devnet-tf-states/state/nightly-build state.json + - name: Terraform Apply + id: apply + run: terraform apply -auto-approve tfplan + continue-on-error: true + env: + TF_VAR_explorer_rds_master_password: ${{ secrets.TF_VAR_EXPLORER_RDS_MASTER_PASSWORD }} + TF_VAR_deployment_name: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} + TF_VAR_company_name: ${{ secrets.TF_VAR_COMPANY_NAME }} + TF_VAR_owner: ${{ secrets.TF_VAR_OWNER }} + TF_VAR_aws_profile: ${{ secrets.TF_VAR_AWS_PROFILE }} + TF_VAR_create_ssh_key: ${{ secrets.TF_VAR_CREATE_SSH_KEY }} + TF_VAR_devnet_key_value: ${{ secrets.TF_VAR_DEVNET_KEY_VALUE }} + TF_VAR_jumpbox_ssh_access: ${{ secrets.TF_VAR_JUMPBOX_SSH_ACCESS }} + - name: Install ansible / botocore / boto3 + run: | + python3 -m pip install --user ansible + pip install boto3 botocore + - name: Run Ansible + working-directory: ansible + run: | + touch password.txt + echo "${{ secrets.VAULT_PASSWORD_FILE }}" > password.txt + mkdir ~/cert + touch ~/cert/2022-07-05-devnets-generic.key + echo "${{ secrets.ANSIBLE_PRIVATE_SSH }}" > ~/cert/2022-07-05-devnets-generic.key + chmod 600 ~/cert/2022-07-05-devnets-generic.key + ansible-inventory --graph + ansible-galaxy install -r requirements.yml + ansible-playbook --inventory inventory/aws_ec2.yml --vault-password-file=password.txt --extra-vars "@local-extra-vars.yml" site.yml + - name: Set rpc url value + id: url + run: | + touch rpc.txt + terraform output -raw aws_lb_ext_validator_domain | grep -o -E '^ext[^:]*' > rpc.txt + - uses: actions/upload-artifact@v3 + with: + name: rpc-url + path: rpc.txt + loadtest: + needs: build + uses: ./.github/workflows/loadtest.yml + name: Load Test Nightly Build + secrets: + SLACK_PERFORMANCE_WEBHOOK_URL: ${{ secrets.SLACK_PERFORMANCE_WEBHOOK_URL }} + DD_API_KEY: ${{ secrets.DD_API_KEY }} + LOADTEST_MNEMONIC: ${{ secrets.LOADTEST_MNEMONIC }} + with: + runner: ${{ inputs.runner }} + environment: ${{ inputs.environment }} + scenario: multiple_EOA + + # destroy_devnet: + # needs: loadtest + # if: always() + # name: Destroy Nightly Build + # runs-on: ubuntu-latest + # environment: ${{ inputs.environment }} + # steps: + # - name: Checkout code + # uses: actions/checkout@v3 + # with: + # repository: maticnetwork/terraform-polygon-supernets + # ref: polygon-edge-nightly-build + # - name: Configure AWS Credentials + # uses: aws-actions/configure-aws-credentials@v2 + # with: + # role-to-assume: ${{ secrets.AWS_ROLE_ARN }} + # aws-region: ${{ secrets.AWS_REGION }} + # - name: Install Terraform + # uses: hashicorp/setup-terraform@v2 + # with: + # terraform_version: 1.4.2 + # - name: Terraform Init + # id: init + # run: terraform init + # - name: Retrieve state file from s3 + # run: aws s3 cp s3://polygon-edge-devnet-tf-states/state/nightly-build state.json + # - name: Terraform Destroy + # id: destroy + # run: terraform destroy -auto-approve -state=state.json + # env: + # TF_VAR_explorer_rds_master_password: ${{ secrets.TF_VAR_EXPLORER_RDS_MASTER_PASSWORD }} + # TF_VAR_deployment_name: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} + # TF_VAR_company_name: ${{ secrets.TF_VAR_COMPANY_NAME }} + # TF_VAR_owner: ${{ secrets.TF_VAR_OWNER }} + # TF_VAR_aws_profile: ${{ secrets.TF_VAR_AWS_PROFILE }} + # TF_VAR_create_ssh_key: ${{ secrets.TF_VAR_CREATE_SSH_KEY }} + # TF_VAR_devnet_key_value: ${{ secrets.TF_VAR_DEVNET_KEY_VALUE }} + # TF_VAR_jumpbox_ssh_access: ${{ secrets.TF_VAR_JUMPBOX_SSH_ACCESS }} \ No newline at end of file diff --git a/.github/workflows/jesse-test-nightly.yml b/.github/workflows/jesse-test-nightly.yml new file mode 100644 index 0000000000..716b354606 --- /dev/null +++ b/.github/workflows/jesse-test-nightly.yml @@ -0,0 +1,39 @@ +--- +name: Nightly DevNet Workflow - Jesse +on: # yamllint disable-line rule:truthy + push: + branches: + - main + - develop + pull_request: + workflow_call: {} + workflow_dispatch: {} + +permissions: + id-token: write + contents: read + security-events: write + +jobs: + devnet: + name: Build Devnet + uses: ./.github/workflows/devnet.yml + secrets: + AWS_REGION: ${{ secrets.AWS_REGION }} + AWS_ROLE_ARN: ${{ secrets.AWS_ROLE_ARN }} + TF_VAR_AWS_PROFILE: ${{ secrets.TF_VAR_AWS_PROFILE }} + TF_VAR_COMPANY_NAME: ${{ secrets.TF_VAR_COMPANY_NAME }} + TF_VAR_CREATE_SSH_KEY: ${{ secrets.TF_VAR_CREATE_SSH_KEY }} + TF_VAR_DEPLOYMENT_NAME: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} + TF_VAR_DEVNET_KEY_VALUE: ${{ secrets.TF_VAR_DEVNET_KEY_VALUE }} + TF_VAR_EXPLORER_RDS_MASTER_PASSWORD: ${{ secrets.TF_VAR_EXPLORER_RDS_MASTER_PASSWORD }} + TF_VAR_JUMPBOX_SSH_ACCESS: ${{ secrets.TF_VAR_JUMPBOX_SSH_ACCESS }} + TF_VAR_OWNER: ${{ secrets.TF_VAR_OWNER }} + SLACK_PERFORMANCE_WEBHOOK_URL: ${{ secrets.SLACK_PERFORMANCE_WEBHOOK_URL }} + DD_API_KEY: ${{ secrets.DD_API_KEY }} + LOADTEST_MNEMONIC: ${{ secrets.LOADTEST_MNEMONIC }} + VAULT_PASSWORD_FILE: ${{ secrets.VAULT_PASSWORD_FILE }} + ANSIBLE_PRIVATE_SSH: ${{ secrets.ANSIBLE_PRIVATE_SSH }} + with: + runner: devnet + environment: devnet \ No newline at end of file diff --git a/.github/workflows/loadtest.yml b/.github/workflows/loadtest.yml index 6a4df96ca6..c3ab6c0e1a 100644 --- a/.github/workflows/loadtest.yml +++ b/.github/workflows/loadtest.yml @@ -1,147 +1,149 @@ --- - name: Load Test - on: # yamllint disable-line rule:truthy - workflow_dispatch: - inputs: - runner: - description: The runner to execute on - default: 'ubuntu-latest' - type: choice - options: - - ubuntu-latest - - devnet - - testnet - environment: - description: The environment to run against - required: false - type: environment - scenario: - default: 'simple' - description: The scenario to run - type: string - duration: - default: '2m' - description: Duration of the test - required: false - type: string - workflow_call: - inputs: - environment: - description: The environment to run against - type: string - required: true - runner: - required: true - type: string - description: The runner label to use - scenario: - required: true - description: The mode for the stress test - type: string - duration: - default: '2m' - description: Duration of the test - required: false - type: string - secrets: - SLACK_PERFORMANCE_WEBHOOK_URL: - required: true - DD_API_KEY: - required: true - LOADTEST_RPC_URL: - required: true - LOADTEST_MNEMONIC: - required: true +name: Load Test +on: # yamllint disable-line rule:truthy + workflow_dispatch: + inputs: + runner: + description: The runner to execute on + default: 'ubuntu-latest' + type: choice + options: + - ubuntu-latest + - devnet + - testnet + environment: + description: The environment to run against + required: false + type: environment + scenario: + default: 'simple' + description: The scenario to run + type: string + duration: + default: '2m' + description: Duration of the test + required: false + type: string + workflow_call: + inputs: + environment: + description: The environment to run against + type: string + required: true + runner: + required: true + type: string + description: The runner label to use + scenario: + required: true + description: The mode for the stress test + type: string + duration: + default: '2m' + description: Duration of the test + required: false + type: string + secrets: + SLACK_PERFORMANCE_WEBHOOK_URL: + required: true + DD_API_KEY: + required: true + LOADTEST_MNEMONIC: + required: true - - jobs: - run_k6: - environment: ${{ inputs.environment }} - runs-on: ubuntu-latest - steps: - - name: Install Go - uses: actions/setup-go@v3 - with: - go-version: 1.19.x - - - name: Checkout code - uses: actions/checkout@v3 - - - uses: datadog/agent-github-action@v1.3 - with: - api_key: ${{ secrets.DD_API_KEY }} - - - name: Install xk6 - run: | - go install go.k6.io/xk6/cmd/xk6@latest - xk6 build --with github.com/distribworks/xk6-ethereum@5c6e782669953f1e5d1f44509e610fb2e3d22238 - - - name: Install JQ - run: | - mkdir -p $HOME/.local/bin - curl -sLo $HOME/.local/bin/jq https://github.com/stedolan/jq/releases/download/jq-1.5/jq-linux64 && chmod +x $HOME/.local/bin/jq - echo "$HOME/.local/bin" >> $GITHUB_PATH +jobs: + run_k6: + environment: ${{ inputs.environment }} + runs-on: ubuntu-latest + steps: + - name: Install Go + uses: actions/setup-go@v3 + with: + go-version: 1.19.x - - id: k6 - name: Run scenario - run: | - ./k6 run --out statsd loadtest/scenarios/${{ inputs.scenario }}.js - echo "tps_avg=$(cat summary.json | jq -r '.metrics.ethereum_tps.values.avg')" >> $GITHUB_OUTPUT - echo "tps_max=$(cat summary.json | jq -r '.metrics.ethereum_tps.values.max')" >> $GITHUB_OUTPUT - echo "iterations=$(cat summary.json | jq -r '.metrics.iterations.values.count')" >> $GITHUB_OUTPUT - echo "block=$(cat summary.json | jq -r '.metrics.ethereum_block.values.count')" >> $GITHUB_OUTPUT - echo "ttm=$(cat summary.json | jq -r '.metrics.ethereum_time_to_mine.values.avg')" >> $GITHUB_OUTPUT - echo "gas_avg=$(cat summary.json | jq -r '.metrics.ethereum_gas_used.values.avg')" >> $GITHUB_OUTPUT - echo "gas_max=$(cat summary.json | jq -r '.metrics.ethereum_gas_used.values.max')" >> $GITHUB_OUTPUT - env: - K6_STATSD_ENABLE_TAGS: true - RPC_URL: ${{ secrets.LOADTEST_RPC_URL }} - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_PERFORMANCE_WEBHOOK_URL }} - LOADTEST_MNEMONIC: ${{ secrets.LOADTEST_MNEMONIC }} - LOADTEST_DURATION: ${{ inputs.duration }} - - - name: Notify Slack - uses: slackapi/slack-github-action@v1.23.0 - env: - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_PERFORMANCE_WEBHOOK_URL }} - SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK - with: - payload: | - { - "blocks": [ - { - "type": "header", - "text": { - "type": "plain_text", - "text": "K6 Loadtest Results" - } - }, - { - "type": "section", - "text": { - "type": "mrkdwn", - "text": "*Scenario*: `${{ inputs.scenario }}`\n *Average TPS*: `${{ steps.k6.outputs.tps_avg }}`\n*Max TPS*: `${{ steps.k6.outputs.tps_max }}`\n*Transactions*: `${{ steps.k6.outputs.iterations }}`\n*Block Number*: `${{ steps.k6.outputs.block }}`\n*Time to Mine*: `${{ steps.k6.outputs.ttm }}`\n*Average Gas Used*: `${{ steps.k6.outputs.gas_avg }}`\n*Max Gas Used*: `${{ steps.k6.outputs.gas_max }}`" - } - }, - { - "type": "divider" - }, - { - "type": "context", - "elements": [ - { - "type": "mrkdwn", - "text": "Environment: `${{ inputs.environment }}`" - }, - { - "type": "mrkdwn", - "text": "JSON-RPC Endpoint: ${{ secrets.LOADTEST_RPC_URL }}" - }, - { - "type": "mrkdwn", - "text": "Workflow: <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|Results>" - } - ] - } - ] - } + - name: Checkout code + uses: actions/checkout@v3 + + - uses: datadog/agent-github-action@v1.3 + with: + api_key: ${{ secrets.DD_API_KEY }} + + - name: Install xk6 + run: | + go install go.k6.io/xk6/cmd/xk6@latest + xk6 build --with github.com/distribworks/xk6-ethereum@5c6e782669953f1e5d1f44509e610fb2e3d22238 + + - name: Install JQ + run: | + mkdir -p $HOME/.local/bin + curl -sLo $HOME/.local/bin/jq https://github.com/stedolan/jq/releases/download/jq-1.5/jq-linux64 && chmod +x $HOME/.local/bin/jq + echo "$HOME/.local/bin" >> $GITHUB_PATH + + - name: Download artifact to get rpc url + uses: actions/download-artifact@v3 + with: + name: rpc-url + - run: echo "RPC_URL=http://$(cat rpc.txt)" >> $GITHUB_ENV + + - id: k6 + name: Run scenario + run: | + ./k6 run --out statsd loadtest/scenarios/${{ inputs.scenario }}.js + echo "tps_avg=$(cat summary.json | jq -r '.metrics.ethereum_tps.values.avg')" >> $GITHUB_OUTPUT + echo "tps_max=$(cat summary.json | jq -r '.metrics.ethereum_tps.values.max')" >> $GITHUB_OUTPUT + echo "iterations=$(cat summary.json | jq -r '.metrics.iterations.values.count')" >> $GITHUB_OUTPUT + echo "block=$(cat summary.json | jq -r '.metrics.ethereum_block.values.count')" >> $GITHUB_OUTPUT + echo "ttm=$(cat summary.json | jq -r '.metrics.ethereum_time_to_mine.values.avg')" >> $GITHUB_OUTPUT + echo "gas_avg=$(cat summary.json | jq -r '.metrics.ethereum_gas_used.values.avg')" >> $GITHUB_OUTPUT + echo "gas_max=$(cat summary.json | jq -r '.metrics.ethereum_gas_used.values.max')" >> $GITHUB_OUTPUT + env: + K6_STATSD_ENABLE_TAGS: true + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_PERFORMANCE_WEBHOOK_URL }} + LOADTEST_MNEMONIC: ${{ secrets.LOADTEST_MNEMONIC }} + LOADTEST_DURATION: ${{ inputs.duration }} + + - name: Notify Slack + uses: slackapi/slack-github-action@v1.23.0 + env: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_PERFORMANCE_WEBHOOK_URL }} + SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK + with: + payload: | + { + "blocks": [ + { + "type": "header", + "text": { + "type": "plain_text", + "text": "K6 Loadtest Results" + } + }, + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": "*Scenario*: `${{ inputs.scenario }}`\n *Average TPS*: `${{ steps.k6.outputs.tps_avg }}`\n*Max TPS*: `${{ steps.k6.outputs.tps_max }}`\n*Transactions*: `${{ steps.k6.outputs.iterations }}`\n*Block Number*: `${{ steps.k6.outputs.block }}`\n*Time to Mine*: `${{ steps.k6.outputs.ttm }}`\n*Average Gas Used*: `${{ steps.k6.outputs.gas_avg }}`\n*Max Gas Used*: `${{ steps.k6.outputs.gas_max }}`" + } + }, + { + "type": "divider" + }, + { + "type": "context", + "elements": [ + { + "type": "mrkdwn", + "text": "Environment: `${{ inputs.environment }}`" + }, + { + "type": "mrkdwn", + "text": "JSON-RPC Endpoint: ${{ env.RPC_URL }}" + }, + { + "type": "mrkdwn", + "text": "Workflow: <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|Results>" + } + ] + } + ] + } From 730d106c5c8ea80a1c9db420a946235740abec9d Mon Sep 17 00:00:00 2001 From: Jesse Lee Date: Tue, 4 Apr 2023 03:44:44 -0400 Subject: [PATCH 02/13] keep state for now --- .github/workflows/devnet.yml | 63 ++++++++++++++++++------------------ 1 file changed, 31 insertions(+), 32 deletions(-) diff --git a/.github/workflows/devnet.yml b/.github/workflows/devnet.yml index f81bb358b3..a739b2892b 100644 --- a/.github/workflows/devnet.yml +++ b/.github/workflows/devnet.yml @@ -80,37 +80,36 @@ jobs: - name: Terraform Init id: init run: terraform init - - name: Terraform Validate - id: validate - run: terraform validate -no-color - - name: Terraform Plan - id: plan - run: terraform plan -out=tfplan -no-color - continue-on-error: true - env: - TF_VAR_explorer_rds_master_password: ${{ secrets.TF_VAR_EXPLORER_RDS_MASTER_PASSWORD }} - TF_VAR_deployment_name: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} - TF_VAR_company_name: ${{ secrets.TF_VAR_COMPANY_NAME }} - TF_VAR_owner: ${{ secrets.TF_VAR_OWNER }} - TF_VAR_aws_profile: ${{ secrets.TF_VAR_AWS_PROFILE }} - TF_VAR_create_ssh_key: ${{ secrets.TF_VAR_CREATE_SSH_KEY }} - TF_VAR_devnet_key_value: ${{ secrets.TF_VAR_DEVNET_KEY_VALUE }} - TF_VAR_jumpbox_ssh_access: ${{ secrets.TF_VAR_JUMPBOX_SSH_ACCESS }} - # - name: Retrieve state file from s3 - # run: aws s3 cp s3://polygon-edge-devnet-tf-states/state/nightly-build state.json - - name: Terraform Apply - id: apply - run: terraform apply -auto-approve tfplan - continue-on-error: true - env: - TF_VAR_explorer_rds_master_password: ${{ secrets.TF_VAR_EXPLORER_RDS_MASTER_PASSWORD }} - TF_VAR_deployment_name: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} - TF_VAR_company_name: ${{ secrets.TF_VAR_COMPANY_NAME }} - TF_VAR_owner: ${{ secrets.TF_VAR_OWNER }} - TF_VAR_aws_profile: ${{ secrets.TF_VAR_AWS_PROFILE }} - TF_VAR_create_ssh_key: ${{ secrets.TF_VAR_CREATE_SSH_KEY }} - TF_VAR_devnet_key_value: ${{ secrets.TF_VAR_DEVNET_KEY_VALUE }} - TF_VAR_jumpbox_ssh_access: ${{ secrets.TF_VAR_JUMPBOX_SSH_ACCESS }} + # - name: Terraform Validate + # id: validate + # run: terraform validate -no-color + # - name: Terraform Plan + # id: plan + # run: terraform plan -out=tfplan -no-color + # continue-on-error: true + # env: + # TF_VAR_explorer_rds_master_password: ${{ secrets.TF_VAR_EXPLORER_RDS_MASTER_PASSWORD }} + # TF_VAR_deployment_name: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} + # TF_VAR_company_name: ${{ secrets.TF_VAR_COMPANY_NAME }} + # TF_VAR_owner: ${{ secrets.TF_VAR_OWNER }} + # TF_VAR_aws_profile: ${{ secrets.TF_VAR_AWS_PROFILE }} + # TF_VAR_create_ssh_key: ${{ secrets.TF_VAR_CREATE_SSH_KEY }} + # TF_VAR_devnet_key_value: ${{ secrets.TF_VAR_DEVNET_KEY_VALUE }} + # TF_VAR_jumpbox_ssh_access: ${{ secrets.TF_VAR_JUMPBOX_SSH_ACCESS }} + - name: Retrieve state file from s3 + run: aws s3 cp s3://polygon-edge-devnet-tf-states/state/nightly-build state.json + # - name: Terraform Apply + # id: apply + # run: terraform apply -auto-approve tfplan + # env: + # TF_VAR_explorer_rds_master_password: ${{ secrets.TF_VAR_EXPLORER_RDS_MASTER_PASSWORD }} + # TF_VAR_deployment_name: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} + # TF_VAR_company_name: ${{ secrets.TF_VAR_COMPANY_NAME }} + # TF_VAR_owner: ${{ secrets.TF_VAR_OWNER }} + # TF_VAR_aws_profile: ${{ secrets.TF_VAR_AWS_PROFILE }} + # TF_VAR_create_ssh_key: ${{ secrets.TF_VAR_CREATE_SSH_KEY }} + # TF_VAR_devnet_key_value: ${{ secrets.TF_VAR_DEVNET_KEY_VALUE }} + # TF_VAR_jumpbox_ssh_access: ${{ secrets.TF_VAR_JUMPBOX_SSH_ACCESS }} - name: Install ansible / botocore / boto3 run: | python3 -m pip install --user ansible @@ -131,7 +130,7 @@ jobs: id: url run: | touch rpc.txt - terraform output -raw aws_lb_ext_validator_domain | grep -o -E '^ext[^:]*' > rpc.txt + terraform output -raw -state=state.json aws_lb_ext_validator_domain | grep -o -E '^ext[^:]*' > rpc.txt - uses: actions/upload-artifact@v3 with: name: rpc-url From 1919d0f483aa659e1c08c1a86b5a3e73a1f09813 Mon Sep 17 00:00:00 2001 From: Jesse Lee Date: Tue, 4 Apr 2023 10:55:24 -0400 Subject: [PATCH 03/13] add loadtest to the nightly flow --- .github/workflows/deploy.nightly.devnet.yml | 186 +++++++++++++++++++ .github/workflows/devnet.yml | 188 -------------------- .github/workflows/jesse-test-nightly.yml | 7 +- .github/workflows/nightly.yml | 32 ++++ 4 files changed, 220 insertions(+), 193 deletions(-) create mode 100644 .github/workflows/deploy.nightly.devnet.yml delete mode 100644 .github/workflows/devnet.yml diff --git a/.github/workflows/deploy.nightly.devnet.yml b/.github/workflows/deploy.nightly.devnet.yml new file mode 100644 index 0000000000..9a779d7887 --- /dev/null +++ b/.github/workflows/deploy.nightly.devnet.yml @@ -0,0 +1,186 @@ +--- + +name: Build Devnet +on: # yamllint disable-line rule:truthy + workflow_dispatch: + inputs: + environment: + description: The environment to run against + required: false + type: environment + workflow_call: + inputs: + environment: + description: The environment to run against + type: string + required: true + secrets: + AWS_ROLE_ARN: + required: true + AWS_REGION: + required: true + TF_VAR_AWS_PROFILE: + required: true + TF_VAR_COMPANY_NAME: + required: true + TF_VAR_CREATE_SSH_KEY: + required: true + TF_VAR_DEPLOYMENT_NAME: + required: true + TF_VAR_DEVNET_KEY_VALUE: + required: true + TF_VAR_EXPLORER_RDS_MASTER_PASSWORD: + required: true + TF_VAR_JUMPBOX_SSH_ACCESS: + required: true + TF_VAR_OWNER: + required: true + SLACK_PERFORMANCE_WEBHOOK_URL: + required: true + DD_API_KEY: + required: true + LOADTEST_MNEMONIC: + required: true + VAULT_PASSWORD_FILE: + required: true + ANSIBLE_PRIVATE_SSH: + required: true + +jobs: + build: + runs-on: ubuntu-latest + environment: ${{ inputs.environment }} + steps: + - name: Checkout code + uses: actions/checkout@v3 + with: + repository: maticnetwork/terraform-polygon-supernets + ref: polygon-edge-nightly-build + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + role-to-assume: ${{ secrets.AWS_ROLE_ARN }} + aws-region: ${{ secrets.AWS_REGION }} + - name: Install Terraform + uses: hashicorp/setup-terraform@v2 + with: + terraform_version: 1.4.4 + - name: Terraform Init + id: init + run: terraform init + - name: Terraform Validate + id: validate + run: terraform validate -no-color + - name: Terraform Plan + id: plan + run: terraform plan -out=tfplan -no-color + continue-on-error: true + env: + TF_VAR_explorer_rds_master_password: ${{ secrets.TF_VAR_EXPLORER_RDS_MASTER_PASSWORD }} + TF_VAR_deployment_name: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} + TF_VAR_company_name: ${{ secrets.TF_VAR_COMPANY_NAME }} + TF_VAR_owner: ${{ secrets.TF_VAR_OWNER }} + TF_VAR_aws_profile: ${{ secrets.TF_VAR_AWS_PROFILE }} + TF_VAR_create_ssh_key: ${{ secrets.TF_VAR_CREATE_SSH_KEY }} + TF_VAR_devnet_key_value: ${{ secrets.TF_VAR_DEVNET_KEY_VALUE }} + TF_VAR_jumpbox_ssh_access: ${{ secrets.TF_VAR_JUMPBOX_SSH_ACCESS }} + - name: Terraform Apply + id: apply + run: terraform apply -auto-approve tfplan + env: + TF_VAR_explorer_rds_master_password: ${{ secrets.TF_VAR_EXPLORER_RDS_MASTER_PASSWORD }} + TF_VAR_deployment_name: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} + TF_VAR_company_name: ${{ secrets.TF_VAR_COMPANY_NAME }} + TF_VAR_owner: ${{ secrets.TF_VAR_OWNER }} + TF_VAR_aws_profile: ${{ secrets.TF_VAR_AWS_PROFILE }} + TF_VAR_create_ssh_key: ${{ secrets.TF_VAR_CREATE_SSH_KEY }} + TF_VAR_devnet_key_value: ${{ secrets.TF_VAR_DEVNET_KEY_VALUE }} + TF_VAR_jumpbox_ssh_access: ${{ secrets.TF_VAR_JUMPBOX_SSH_ACCESS }} + - name: Install ansible / botocore / boto3 + run: | + python3 -m pip install --user ansible + pip install boto3 botocore + - name: Run Ansible + working-directory: ansible + run: | + touch password.txt + echo "${{ secrets.VAULT_PASSWORD_FILE }}" > password.txt + mkdir ~/cert + touch ~/cert/2022-07-05-devnets-generic.key + echo "${{ secrets.ANSIBLE_PRIVATE_SSH }}" > ~/cert/2022-07-05-devnets-generic.key + chmod 600 ~/cert/2022-07-05-devnets-generic.key + ansible-inventory --graph + ansible-galaxy install -r requirements.yml + ansible-playbook --inventory inventory/aws_ec2.yml --vault-password-file=password.txt --extra-vars "@local-extra-vars.yml" site.yml + - name: Set rpc url value + id: url + run: | + touch rpc.txt + terraform output -raw aws_lb_ext_validator_domain | grep -o -E '^ext[^:]*' > rpc.txt + - uses: actions/upload-artifact@v3 + with: + name: rpc-url + path: rpc.txt + + loadtest1: + needs: build + uses: ./.github/workflows/loadtest.yml + name: Load Test Nightly Build - multiple_EOA + secrets: + SLACK_PERFORMANCE_WEBHOOK_URL: ${{ secrets.SLACK_PERFORMANCE_WEBHOOK_URL }} + DD_API_KEY: ${{ secrets.DD_API_KEY }} + LOADTEST_MNEMONIC: ${{ secrets.LOADTEST_MNEMONIC }} + with: + environment: ${{ inputs.environment }} + scenario: multiple_EOA + + loadtest2: + needs: loadtest1 + uses: ./.github/workflows/loadtest.yml + name: Load Test Nightly Build - multiple_ERC20 + secrets: + SLACK_PERFORMANCE_WEBHOOK_URL: ${{ secrets.SLACK_PERFORMANCE_WEBHOOK_URL }} + DD_API_KEY: ${{ secrets.DD_API_KEY }} + LOADTEST_MNEMONIC: ${{ secrets.LOADTEST_MNEMONIC }} + with: + environment: ${{ inputs.environment }} + scenario: multiple_ERC20 + + destroy_devnet: + needs: [loadtest1, loadtest2] + if: always() + name: Destroy Nightly Build + runs-on: ubuntu-latest + environment: ${{ inputs.environment }} + steps: + - name: Checkout code + uses: actions/checkout@v3 + with: + repository: maticnetwork/terraform-polygon-supernets + ref: polygon-edge-nightly-build + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + role-to-assume: ${{ secrets.AWS_ROLE_ARN }} + aws-region: ${{ secrets.AWS_REGION }} + - name: Install Terraform + uses: hashicorp/setup-terraform@v2 + with: + terraform_version: 1.4.2 + - name: Terraform Init + id: init + run: terraform init + - name: Retrieve state file from s3 + run: aws s3 cp s3://polygon-edge-devnet-tf-states/state/nightly-build state.json + - name: Terraform Destroy + id: destroy + run: terraform destroy -auto-approve -state=state.json + env: + TF_VAR_explorer_rds_master_password: ${{ secrets.TF_VAR_EXPLORER_RDS_MASTER_PASSWORD }} + TF_VAR_deployment_name: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} + TF_VAR_company_name: ${{ secrets.TF_VAR_COMPANY_NAME }} + TF_VAR_owner: ${{ secrets.TF_VAR_OWNER }} + TF_VAR_aws_profile: ${{ secrets.TF_VAR_AWS_PROFILE }} + TF_VAR_create_ssh_key: ${{ secrets.TF_VAR_CREATE_SSH_KEY }} + TF_VAR_devnet_key_value: ${{ secrets.TF_VAR_DEVNET_KEY_VALUE }} + TF_VAR_jumpbox_ssh_access: ${{ secrets.TF_VAR_JUMPBOX_SSH_ACCESS }} \ No newline at end of file diff --git a/.github/workflows/devnet.yml b/.github/workflows/devnet.yml deleted file mode 100644 index a739b2892b..0000000000 --- a/.github/workflows/devnet.yml +++ /dev/null @@ -1,188 +0,0 @@ ---- - -name: Build Devnet -on: # yamllint disable-line rule:truthy - workflow_dispatch: - inputs: - runner: - description: The runner to execute on - default: 'ubuntu-latest' - type: choice - options: - - ubuntu-latest - - devnet - - testnet - environment: - description: The environment to run against - required: false - type: environment - workflow_call: - inputs: - environment: - description: The environment to run against - type: string - required: true - runner: - required: true - type: string - description: The runner label to use - secrets: - AWS_ROLE_ARN: - required: true - AWS_REGION: - required: true - TF_VAR_AWS_PROFILE: - required: true - TF_VAR_COMPANY_NAME: - required: true - TF_VAR_CREATE_SSH_KEY: - required: true - TF_VAR_DEPLOYMENT_NAME: - required: true - TF_VAR_DEVNET_KEY_VALUE: - required: true - TF_VAR_EXPLORER_RDS_MASTER_PASSWORD: - required: true - TF_VAR_JUMPBOX_SSH_ACCESS: - required: true - TF_VAR_OWNER: - required: true - SLACK_PERFORMANCE_WEBHOOK_URL: - required: true - DD_API_KEY: - required: true - LOADTEST_MNEMONIC: - required: true - VAULT_PASSWORD_FILE: - required: true - ANSIBLE_PRIVATE_SSH: - required: true - -jobs: - build: - runs-on: ubuntu-latest - environment: ${{ inputs.environment }} - steps: - - name: Checkout code - uses: actions/checkout@v3 - with: - repository: maticnetwork/terraform-polygon-supernets - ref: polygon-edge-nightly-build - - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@v2 - with: - role-to-assume: ${{ secrets.AWS_ROLE_ARN }} - aws-region: ${{ secrets.AWS_REGION }} - - name: Install Terraform - uses: hashicorp/setup-terraform@v2 - with: - terraform_version: 1.4.4 - - name: Terraform Init - id: init - run: terraform init - # - name: Terraform Validate - # id: validate - # run: terraform validate -no-color - # - name: Terraform Plan - # id: plan - # run: terraform plan -out=tfplan -no-color - # continue-on-error: true - # env: - # TF_VAR_explorer_rds_master_password: ${{ secrets.TF_VAR_EXPLORER_RDS_MASTER_PASSWORD }} - # TF_VAR_deployment_name: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} - # TF_VAR_company_name: ${{ secrets.TF_VAR_COMPANY_NAME }} - # TF_VAR_owner: ${{ secrets.TF_VAR_OWNER }} - # TF_VAR_aws_profile: ${{ secrets.TF_VAR_AWS_PROFILE }} - # TF_VAR_create_ssh_key: ${{ secrets.TF_VAR_CREATE_SSH_KEY }} - # TF_VAR_devnet_key_value: ${{ secrets.TF_VAR_DEVNET_KEY_VALUE }} - # TF_VAR_jumpbox_ssh_access: ${{ secrets.TF_VAR_JUMPBOX_SSH_ACCESS }} - - name: Retrieve state file from s3 - run: aws s3 cp s3://polygon-edge-devnet-tf-states/state/nightly-build state.json - # - name: Terraform Apply - # id: apply - # run: terraform apply -auto-approve tfplan - # env: - # TF_VAR_explorer_rds_master_password: ${{ secrets.TF_VAR_EXPLORER_RDS_MASTER_PASSWORD }} - # TF_VAR_deployment_name: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} - # TF_VAR_company_name: ${{ secrets.TF_VAR_COMPANY_NAME }} - # TF_VAR_owner: ${{ secrets.TF_VAR_OWNER }} - # TF_VAR_aws_profile: ${{ secrets.TF_VAR_AWS_PROFILE }} - # TF_VAR_create_ssh_key: ${{ secrets.TF_VAR_CREATE_SSH_KEY }} - # TF_VAR_devnet_key_value: ${{ secrets.TF_VAR_DEVNET_KEY_VALUE }} - # TF_VAR_jumpbox_ssh_access: ${{ secrets.TF_VAR_JUMPBOX_SSH_ACCESS }} - - name: Install ansible / botocore / boto3 - run: | - python3 -m pip install --user ansible - pip install boto3 botocore - - name: Run Ansible - working-directory: ansible - run: | - touch password.txt - echo "${{ secrets.VAULT_PASSWORD_FILE }}" > password.txt - mkdir ~/cert - touch ~/cert/2022-07-05-devnets-generic.key - echo "${{ secrets.ANSIBLE_PRIVATE_SSH }}" > ~/cert/2022-07-05-devnets-generic.key - chmod 600 ~/cert/2022-07-05-devnets-generic.key - ansible-inventory --graph - ansible-galaxy install -r requirements.yml - ansible-playbook --inventory inventory/aws_ec2.yml --vault-password-file=password.txt --extra-vars "@local-extra-vars.yml" site.yml - - name: Set rpc url value - id: url - run: | - touch rpc.txt - terraform output -raw -state=state.json aws_lb_ext_validator_domain | grep -o -E '^ext[^:]*' > rpc.txt - - uses: actions/upload-artifact@v3 - with: - name: rpc-url - path: rpc.txt - loadtest: - needs: build - uses: ./.github/workflows/loadtest.yml - name: Load Test Nightly Build - secrets: - SLACK_PERFORMANCE_WEBHOOK_URL: ${{ secrets.SLACK_PERFORMANCE_WEBHOOK_URL }} - DD_API_KEY: ${{ secrets.DD_API_KEY }} - LOADTEST_MNEMONIC: ${{ secrets.LOADTEST_MNEMONIC }} - with: - runner: ${{ inputs.runner }} - environment: ${{ inputs.environment }} - scenario: multiple_EOA - - # destroy_devnet: - # needs: loadtest - # if: always() - # name: Destroy Nightly Build - # runs-on: ubuntu-latest - # environment: ${{ inputs.environment }} - # steps: - # - name: Checkout code - # uses: actions/checkout@v3 - # with: - # repository: maticnetwork/terraform-polygon-supernets - # ref: polygon-edge-nightly-build - # - name: Configure AWS Credentials - # uses: aws-actions/configure-aws-credentials@v2 - # with: - # role-to-assume: ${{ secrets.AWS_ROLE_ARN }} - # aws-region: ${{ secrets.AWS_REGION }} - # - name: Install Terraform - # uses: hashicorp/setup-terraform@v2 - # with: - # terraform_version: 1.4.2 - # - name: Terraform Init - # id: init - # run: terraform init - # - name: Retrieve state file from s3 - # run: aws s3 cp s3://polygon-edge-devnet-tf-states/state/nightly-build state.json - # - name: Terraform Destroy - # id: destroy - # run: terraform destroy -auto-approve -state=state.json - # env: - # TF_VAR_explorer_rds_master_password: ${{ secrets.TF_VAR_EXPLORER_RDS_MASTER_PASSWORD }} - # TF_VAR_deployment_name: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} - # TF_VAR_company_name: ${{ secrets.TF_VAR_COMPANY_NAME }} - # TF_VAR_owner: ${{ secrets.TF_VAR_OWNER }} - # TF_VAR_aws_profile: ${{ secrets.TF_VAR_AWS_PROFILE }} - # TF_VAR_create_ssh_key: ${{ secrets.TF_VAR_CREATE_SSH_KEY }} - # TF_VAR_devnet_key_value: ${{ secrets.TF_VAR_DEVNET_KEY_VALUE }} - # TF_VAR_jumpbox_ssh_access: ${{ secrets.TF_VAR_JUMPBOX_SSH_ACCESS }} \ No newline at end of file diff --git a/.github/workflows/jesse-test-nightly.yml b/.github/workflows/jesse-test-nightly.yml index 716b354606..f43984cf77 100644 --- a/.github/workflows/jesse-test-nightly.yml +++ b/.github/workflows/jesse-test-nightly.yml @@ -3,9 +3,7 @@ name: Nightly DevNet Workflow - Jesse on: # yamllint disable-line rule:truthy push: branches: - - main - - develop - pull_request: + - jesse/nightly-loadtest-workflow workflow_call: {} workflow_dispatch: {} @@ -17,7 +15,7 @@ permissions: jobs: devnet: name: Build Devnet - uses: ./.github/workflows/devnet.yml + uses: ./.github/workflows/deploy.nightly.devnet.yml secrets: AWS_REGION: ${{ secrets.AWS_REGION }} AWS_ROLE_ARN: ${{ secrets.AWS_ROLE_ARN }} @@ -35,5 +33,4 @@ jobs: VAULT_PASSWORD_FILE: ${{ secrets.VAULT_PASSWORD_FILE }} ANSIBLE_PRIVATE_SSH: ${{ secrets.ANSIBLE_PRIVATE_SSH }} with: - runner: devnet environment: devnet \ No newline at end of file diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index e783f978a2..d61db0df1e 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -5,6 +5,11 @@ on: # yamllint disable-line rule:truthy # * is a special character in YAML so you have to quote this string - cron: '0 0 * * *' +permissions: + id-token: write + contents: read + security-events: write + jobs: build: name: Build @@ -42,6 +47,33 @@ jobs: name: Nightly Notifications runs-on: ubuntu-latest needs: [build, test, e2e, e2eibft, property, fuzz] + + loadtest: + name: Build Devnet + uses: ./.github/workflows/deploy.nightly.devnet.yml + secrets: + AWS_REGION: ${{ secrets.AWS_REGION }} + AWS_ROLE_ARN: ${{ secrets.AWS_ROLE_ARN }} + TF_VAR_AWS_PROFILE: ${{ secrets.TF_VAR_AWS_PROFILE }} + TF_VAR_COMPANY_NAME: ${{ secrets.TF_VAR_COMPANY_NAME }} + TF_VAR_CREATE_SSH_KEY: ${{ secrets.TF_VAR_CREATE_SSH_KEY }} + TF_VAR_DEPLOYMENT_NAME: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} + TF_VAR_DEVNET_KEY_VALUE: ${{ secrets.TF_VAR_DEVNET_KEY_VALUE }} + TF_VAR_EXPLORER_RDS_MASTER_PASSWORD: ${{ secrets.TF_VAR_EXPLORER_RDS_MASTER_PASSWORD }} + TF_VAR_JUMPBOX_SSH_ACCESS: ${{ secrets.TF_VAR_JUMPBOX_SSH_ACCESS }} + TF_VAR_OWNER: ${{ secrets.TF_VAR_OWNER }} + SLACK_PERFORMANCE_WEBHOOK_URL: ${{ secrets.SLACK_PERFORMANCE_WEBHOOK_URL }} + DD_API_KEY: ${{ secrets.DD_API_KEY }} + LOADTEST_MNEMONIC: ${{ secrets.LOADTEST_MNEMONIC }} + VAULT_PASSWORD_FILE: ${{ secrets.VAULT_PASSWORD_FILE }} + ANSIBLE_PRIVATE_SSH: ${{ secrets.ANSIBLE_PRIVATE_SSH }} + with: + environment: devnet + + notification: + name: Nightly Notifications + runs-on: ubuntu-latest + needs: [build, test, e2e, e2eibft, property, fuzz, loadtest] if: success() || failure() steps: - name: Notify Slack From 0aab1863c4a05e4431dfb75464314713a7a7201b Mon Sep 17 00:00:00 2001 From: Jesse Lee Date: Tue, 4 Apr 2023 10:57:08 -0400 Subject: [PATCH 04/13] trigger with PR --- .github/workflows/jesse-test-nightly.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/jesse-test-nightly.yml b/.github/workflows/jesse-test-nightly.yml index f43984cf77..bb3c04455c 100644 --- a/.github/workflows/jesse-test-nightly.yml +++ b/.github/workflows/jesse-test-nightly.yml @@ -4,6 +4,7 @@ on: # yamllint disable-line rule:truthy push: branches: - jesse/nightly-loadtest-workflow + pull_request: workflow_call: {} workflow_dispatch: {} From 0fdc93e91bdc22b856499b8e2f77d9b16faff89e Mon Sep 17 00:00:00 2001 From: Jesse Lee Date: Tue, 4 Apr 2023 11:00:53 -0400 Subject: [PATCH 05/13] fix input runner situation --- .github/workflows/jesse-test-nightly.yml | 1 - .github/workflows/loadtest.yml | 4 ---- 2 files changed, 5 deletions(-) diff --git a/.github/workflows/jesse-test-nightly.yml b/.github/workflows/jesse-test-nightly.yml index bb3c04455c..f43984cf77 100644 --- a/.github/workflows/jesse-test-nightly.yml +++ b/.github/workflows/jesse-test-nightly.yml @@ -4,7 +4,6 @@ on: # yamllint disable-line rule:truthy push: branches: - jesse/nightly-loadtest-workflow - pull_request: workflow_call: {} workflow_dispatch: {} diff --git a/.github/workflows/loadtest.yml b/.github/workflows/loadtest.yml index c3ab6c0e1a..f3e7f5860e 100644 --- a/.github/workflows/loadtest.yml +++ b/.github/workflows/loadtest.yml @@ -30,10 +30,6 @@ on: # yamllint disable-line rule:truthy description: The environment to run against type: string required: true - runner: - required: true - type: string - description: The runner label to use scenario: required: true description: The mode for the stress test From f2707af1088be13e0e3162cc377f3f6b3afde870 Mon Sep 17 00:00:00 2001 From: Jesse Lee Date: Tue, 4 Apr 2023 11:43:21 -0400 Subject: [PATCH 06/13] add some comments --- .github/workflows/jesse-test-nightly.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/jesse-test-nightly.yml b/.github/workflows/jesse-test-nightly.yml index f43984cf77..2b7053be9c 100644 --- a/.github/workflows/jesse-test-nightly.yml +++ b/.github/workflows/jesse-test-nightly.yml @@ -1,5 +1,7 @@ --- -name: Nightly DevNet Workflow - Jesse +### This manually triggers the edge nightly build loadtest when pushed to jesse/nightly-loadtest-workflow + +name: Nightly DevNet Workflow (Manual) on: # yamllint disable-line rule:truthy push: branches: From a6cb7f8895830b9a22072172e38625e5f22f0286 Mon Sep 17 00:00:00 2001 From: Jesse Lee Date: Tue, 4 Apr 2023 11:51:56 -0400 Subject: [PATCH 07/13] rename --- .github/workflows/jesse-test-nightly.yml | 38 ------------------------ 1 file changed, 38 deletions(-) delete mode 100644 .github/workflows/jesse-test-nightly.yml diff --git a/.github/workflows/jesse-test-nightly.yml b/.github/workflows/jesse-test-nightly.yml deleted file mode 100644 index 2b7053be9c..0000000000 --- a/.github/workflows/jesse-test-nightly.yml +++ /dev/null @@ -1,38 +0,0 @@ ---- -### This manually triggers the edge nightly build loadtest when pushed to jesse/nightly-loadtest-workflow - -name: Nightly DevNet Workflow (Manual) -on: # yamllint disable-line rule:truthy - push: - branches: - - jesse/nightly-loadtest-workflow - workflow_call: {} - workflow_dispatch: {} - -permissions: - id-token: write - contents: read - security-events: write - -jobs: - devnet: - name: Build Devnet - uses: ./.github/workflows/deploy.nightly.devnet.yml - secrets: - AWS_REGION: ${{ secrets.AWS_REGION }} - AWS_ROLE_ARN: ${{ secrets.AWS_ROLE_ARN }} - TF_VAR_AWS_PROFILE: ${{ secrets.TF_VAR_AWS_PROFILE }} - TF_VAR_COMPANY_NAME: ${{ secrets.TF_VAR_COMPANY_NAME }} - TF_VAR_CREATE_SSH_KEY: ${{ secrets.TF_VAR_CREATE_SSH_KEY }} - TF_VAR_DEPLOYMENT_NAME: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} - TF_VAR_DEVNET_KEY_VALUE: ${{ secrets.TF_VAR_DEVNET_KEY_VALUE }} - TF_VAR_EXPLORER_RDS_MASTER_PASSWORD: ${{ secrets.TF_VAR_EXPLORER_RDS_MASTER_PASSWORD }} - TF_VAR_JUMPBOX_SSH_ACCESS: ${{ secrets.TF_VAR_JUMPBOX_SSH_ACCESS }} - TF_VAR_OWNER: ${{ secrets.TF_VAR_OWNER }} - SLACK_PERFORMANCE_WEBHOOK_URL: ${{ secrets.SLACK_PERFORMANCE_WEBHOOK_URL }} - DD_API_KEY: ${{ secrets.DD_API_KEY }} - LOADTEST_MNEMONIC: ${{ secrets.LOADTEST_MNEMONIC }} - VAULT_PASSWORD_FILE: ${{ secrets.VAULT_PASSWORD_FILE }} - ANSIBLE_PRIVATE_SSH: ${{ secrets.ANSIBLE_PRIVATE_SSH }} - with: - environment: devnet \ No newline at end of file From a97df234b489aa73284e53468801d0182dd09490 Mon Sep 17 00:00:00 2001 From: Jesse Lee Date: Tue, 4 Apr 2023 13:56:57 -0400 Subject: [PATCH 08/13] added output of load test to the nightly build notification --- .github/workflows/deploy.nightly.devnet.yml | 11 +++++- .github/workflows/loadtest.yml | 7 ++++ .../manual.deploy.nightly.devnet.yml | 38 +++++++++++++++++++ .github/workflows/nightly.yml | 7 ++++ 4 files changed, 61 insertions(+), 2 deletions(-) create mode 100644 .github/workflows/manual.deploy.nightly.devnet.yml diff --git a/.github/workflows/deploy.nightly.devnet.yml b/.github/workflows/deploy.nightly.devnet.yml index 9a779d7887..9dafe56921 100644 --- a/.github/workflows/deploy.nightly.devnet.yml +++ b/.github/workflows/deploy.nightly.devnet.yml @@ -14,6 +14,13 @@ on: # yamllint disable-line rule:truthy description: The environment to run against type: string required: true + outputs: + workflow_output_loadtest1: + description: "Loadtest output" + value: ${{ jobs.loadtest1.outputs.loadtest_output_failure }} + workflow_output_loadtest2: + description: "Loadtest output" + value: ${{ jobs.loadtest2.outputs.loadtest_output_failure }} secrets: AWS_ROLE_ARN: required: true @@ -71,10 +78,10 @@ jobs: - name: Terraform Validate id: validate run: terraform validate -no-color + continue-on-error: true - name: Terraform Plan id: plan run: terraform plan -out=tfplan -no-color - continue-on-error: true env: TF_VAR_explorer_rds_master_password: ${{ secrets.TF_VAR_EXPLORER_RDS_MASTER_PASSWORD }} TF_VAR_deployment_name: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} @@ -99,7 +106,7 @@ jobs: - name: Install ansible / botocore / boto3 run: | python3 -m pip install --user ansible - pip install boto3 botocore + python3 -m pip install boto3 botocore - name: Run Ansible working-directory: ansible run: | diff --git a/.github/workflows/loadtest.yml b/.github/workflows/loadtest.yml index f3e7f5860e..a1bb9e9e1d 100644 --- a/.github/workflows/loadtest.yml +++ b/.github/workflows/loadtest.yml @@ -51,6 +51,8 @@ jobs: run_k6: environment: ${{ inputs.environment }} runs-on: ubuntu-latest + outputs: + loadtest_output_failure: ${{ steps.run_k6_failure.outputs.test_output }} steps: - name: Install Go uses: actions/setup-go@v3 @@ -97,6 +99,11 @@ jobs: SLACK_WEBHOOK_URL: ${{ secrets.SLACK_PERFORMANCE_WEBHOOK_URL }} LOADTEST_MNEMONIC: ${{ secrets.LOADTEST_MNEMONIC }} LOADTEST_DURATION: ${{ inputs.duration }} + + - name: Run tests failed + if: failure() + id: run_k6_failure + run: echo "test_output=false" >> $GITHUB_OUTPUT - name: Notify Slack uses: slackapi/slack-github-action@v1.23.0 diff --git a/.github/workflows/manual.deploy.nightly.devnet.yml b/.github/workflows/manual.deploy.nightly.devnet.yml new file mode 100644 index 0000000000..2b7053be9c --- /dev/null +++ b/.github/workflows/manual.deploy.nightly.devnet.yml @@ -0,0 +1,38 @@ +--- +### This manually triggers the edge nightly build loadtest when pushed to jesse/nightly-loadtest-workflow + +name: Nightly DevNet Workflow (Manual) +on: # yamllint disable-line rule:truthy + push: + branches: + - jesse/nightly-loadtest-workflow + workflow_call: {} + workflow_dispatch: {} + +permissions: + id-token: write + contents: read + security-events: write + +jobs: + devnet: + name: Build Devnet + uses: ./.github/workflows/deploy.nightly.devnet.yml + secrets: + AWS_REGION: ${{ secrets.AWS_REGION }} + AWS_ROLE_ARN: ${{ secrets.AWS_ROLE_ARN }} + TF_VAR_AWS_PROFILE: ${{ secrets.TF_VAR_AWS_PROFILE }} + TF_VAR_COMPANY_NAME: ${{ secrets.TF_VAR_COMPANY_NAME }} + TF_VAR_CREATE_SSH_KEY: ${{ secrets.TF_VAR_CREATE_SSH_KEY }} + TF_VAR_DEPLOYMENT_NAME: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} + TF_VAR_DEVNET_KEY_VALUE: ${{ secrets.TF_VAR_DEVNET_KEY_VALUE }} + TF_VAR_EXPLORER_RDS_MASTER_PASSWORD: ${{ secrets.TF_VAR_EXPLORER_RDS_MASTER_PASSWORD }} + TF_VAR_JUMPBOX_SSH_ACCESS: ${{ secrets.TF_VAR_JUMPBOX_SSH_ACCESS }} + TF_VAR_OWNER: ${{ secrets.TF_VAR_OWNER }} + SLACK_PERFORMANCE_WEBHOOK_URL: ${{ secrets.SLACK_PERFORMANCE_WEBHOOK_URL }} + DD_API_KEY: ${{ secrets.DD_API_KEY }} + LOADTEST_MNEMONIC: ${{ secrets.LOADTEST_MNEMONIC }} + VAULT_PASSWORD_FILE: ${{ secrets.VAULT_PASSWORD_FILE }} + ANSIBLE_PRIVATE_SSH: ${{ secrets.ANSIBLE_PRIVATE_SSH }} + with: + environment: devnet \ No newline at end of file diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index d61db0df1e..fde46dbef4 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -141,6 +141,13 @@ jobs: "text": "Fuzz tests ${{ needs.fuzz.outputs.workflow_output == '' && ':white_check_mark:' || ':x: `failed`' }}" } }, + { + "type": "section", + "text": { + "type": "mrkdwn", + "text": "Load tests ${{ needs.loadtest.outputs.workflow_output == '' && ':white_check_mark:' || ':x: `failed`' }}" + } + }, { "type": "divider" }, From dfcd3e24052e378dc551ae42aed5f145c2aff488 Mon Sep 17 00:00:00 2001 From: Jesse Lee Date: Fri, 21 Apr 2023 14:19:59 -0400 Subject: [PATCH 09/13] changes to the nightly flow for new edge version --- .github/workflows/deploy.nightly.devnet.yml | 40 ++++++------------- .../manual.deploy.nightly.devnet.yml | 6 --- .github/workflows/nightly.yml | 5 --- 3 files changed, 13 insertions(+), 38 deletions(-) diff --git a/.github/workflows/deploy.nightly.devnet.yml b/.github/workflows/deploy.nightly.devnet.yml index 9dafe56921..6d033dc97a 100644 --- a/.github/workflows/deploy.nightly.devnet.yml +++ b/.github/workflows/deploy.nightly.devnet.yml @@ -28,18 +28,8 @@ on: # yamllint disable-line rule:truthy required: true TF_VAR_AWS_PROFILE: required: true - TF_VAR_COMPANY_NAME: - required: true - TF_VAR_CREATE_SSH_KEY: - required: true TF_VAR_DEPLOYMENT_NAME: required: true - TF_VAR_DEVNET_KEY_VALUE: - required: true - TF_VAR_EXPLORER_RDS_MASTER_PASSWORD: - required: true - TF_VAR_JUMPBOX_SSH_ACCESS: - required: true TF_VAR_OWNER: required: true SLACK_PERFORMANCE_WEBHOOK_URL: @@ -50,8 +40,6 @@ on: # yamllint disable-line rule:truthy required: true VAULT_PASSWORD_FILE: required: true - ANSIBLE_PRIVATE_SSH: - required: true jobs: build: @@ -72,9 +60,12 @@ jobs: uses: hashicorp/setup-terraform@v2 with: terraform_version: 1.4.4 + - name: Configure terraform for nightly build + run: | + sed 's/# backend "s3" {}/backend "s3" {}/' main.tf > main.tf.tmp && mv main.tf.tmp main.tf - name: Terraform Init id: init - run: terraform init + run: terraform init -backend-config="bucket=polygon-edge-devnet-tf-states" -backend-config="key=state/${{ secrets.TF_VAR_DEPLOYMENT_NAME }}" -backend-config="region=${{ secrets.AWS_REGION }}" - name: Terraform Validate id: validate run: terraform validate -no-color @@ -83,26 +74,23 @@ jobs: id: plan run: terraform plan -out=tfplan -no-color env: - TF_VAR_explorer_rds_master_password: ${{ secrets.TF_VAR_EXPLORER_RDS_MASTER_PASSWORD }} TF_VAR_deployment_name: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} - TF_VAR_company_name: ${{ secrets.TF_VAR_COMPANY_NAME }} TF_VAR_owner: ${{ secrets.TF_VAR_OWNER }} TF_VAR_aws_profile: ${{ secrets.TF_VAR_AWS_PROFILE }} - TF_VAR_create_ssh_key: ${{ secrets.TF_VAR_CREATE_SSH_KEY }} - TF_VAR_devnet_key_value: ${{ secrets.TF_VAR_DEVNET_KEY_VALUE }} - TF_VAR_jumpbox_ssh_access: ${{ secrets.TF_VAR_JUMPBOX_SSH_ACCESS }} - name: Terraform Apply id: apply run: terraform apply -auto-approve tfplan env: - TF_VAR_explorer_rds_master_password: ${{ secrets.TF_VAR_EXPLORER_RDS_MASTER_PASSWORD }} TF_VAR_deployment_name: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} - TF_VAR_company_name: ${{ secrets.TF_VAR_COMPANY_NAME }} TF_VAR_owner: ${{ secrets.TF_VAR_OWNER }} TF_VAR_aws_profile: ${{ secrets.TF_VAR_AWS_PROFILE }} - TF_VAR_create_ssh_key: ${{ secrets.TF_VAR_CREATE_SSH_KEY }} - TF_VAR_devnet_key_value: ${{ secrets.TF_VAR_DEVNET_KEY_VALUE }} - TF_VAR_jumpbox_ssh_access: ${{ secrets.TF_VAR_JUMPBOX_SSH_ACCESS }} + - name: Configure private keys + run: | + terraform output pk_ansible > ~/devnet_private.key + chmod 600 ~/devnet_private.key + eval "$(ssh-agent)" + ssh-add ~/devnet_private.key + terraform output -raw geth_private_ip > rootchain_rpc.txt - name: Install ansible / botocore / boto3 run: | python3 -m pip install --user ansible @@ -112,10 +100,8 @@ jobs: run: | touch password.txt echo "${{ secrets.VAULT_PASSWORD_FILE }}" > password.txt - mkdir ~/cert - touch ~/cert/2022-07-05-devnets-generic.key - echo "${{ secrets.ANSIBLE_PRIVATE_SSH }}" > ~/cert/2022-07-05-devnets-generic.key - chmod 600 ~/cert/2022-07-05-devnets-generic.key + cp local-extra-vars.yml.template local-extra-vars.yml + echo "\nrootchain_json_rpc: http://$(cat ../rootchain_rpc.txt):8545" >> local-extra-vars.yml ansible-inventory --graph ansible-galaxy install -r requirements.yml ansible-playbook --inventory inventory/aws_ec2.yml --vault-password-file=password.txt --extra-vars "@local-extra-vars.yml" site.yml diff --git a/.github/workflows/manual.deploy.nightly.devnet.yml b/.github/workflows/manual.deploy.nightly.devnet.yml index 2b7053be9c..3d809d1936 100644 --- a/.github/workflows/manual.deploy.nightly.devnet.yml +++ b/.github/workflows/manual.deploy.nightly.devnet.yml @@ -22,17 +22,11 @@ jobs: AWS_REGION: ${{ secrets.AWS_REGION }} AWS_ROLE_ARN: ${{ secrets.AWS_ROLE_ARN }} TF_VAR_AWS_PROFILE: ${{ secrets.TF_VAR_AWS_PROFILE }} - TF_VAR_COMPANY_NAME: ${{ secrets.TF_VAR_COMPANY_NAME }} - TF_VAR_CREATE_SSH_KEY: ${{ secrets.TF_VAR_CREATE_SSH_KEY }} TF_VAR_DEPLOYMENT_NAME: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} - TF_VAR_DEVNET_KEY_VALUE: ${{ secrets.TF_VAR_DEVNET_KEY_VALUE }} - TF_VAR_EXPLORER_RDS_MASTER_PASSWORD: ${{ secrets.TF_VAR_EXPLORER_RDS_MASTER_PASSWORD }} - TF_VAR_JUMPBOX_SSH_ACCESS: ${{ secrets.TF_VAR_JUMPBOX_SSH_ACCESS }} TF_VAR_OWNER: ${{ secrets.TF_VAR_OWNER }} SLACK_PERFORMANCE_WEBHOOK_URL: ${{ secrets.SLACK_PERFORMANCE_WEBHOOK_URL }} DD_API_KEY: ${{ secrets.DD_API_KEY }} LOADTEST_MNEMONIC: ${{ secrets.LOADTEST_MNEMONIC }} VAULT_PASSWORD_FILE: ${{ secrets.VAULT_PASSWORD_FILE }} - ANSIBLE_PRIVATE_SSH: ${{ secrets.ANSIBLE_PRIVATE_SSH }} with: environment: devnet \ No newline at end of file diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index fde46dbef4..0a125ad511 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -56,17 +56,12 @@ jobs: AWS_ROLE_ARN: ${{ secrets.AWS_ROLE_ARN }} TF_VAR_AWS_PROFILE: ${{ secrets.TF_VAR_AWS_PROFILE }} TF_VAR_COMPANY_NAME: ${{ secrets.TF_VAR_COMPANY_NAME }} - TF_VAR_CREATE_SSH_KEY: ${{ secrets.TF_VAR_CREATE_SSH_KEY }} TF_VAR_DEPLOYMENT_NAME: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} - TF_VAR_DEVNET_KEY_VALUE: ${{ secrets.TF_VAR_DEVNET_KEY_VALUE }} - TF_VAR_EXPLORER_RDS_MASTER_PASSWORD: ${{ secrets.TF_VAR_EXPLORER_RDS_MASTER_PASSWORD }} - TF_VAR_JUMPBOX_SSH_ACCESS: ${{ secrets.TF_VAR_JUMPBOX_SSH_ACCESS }} TF_VAR_OWNER: ${{ secrets.TF_VAR_OWNER }} SLACK_PERFORMANCE_WEBHOOK_URL: ${{ secrets.SLACK_PERFORMANCE_WEBHOOK_URL }} DD_API_KEY: ${{ secrets.DD_API_KEY }} LOADTEST_MNEMONIC: ${{ secrets.LOADTEST_MNEMONIC }} VAULT_PASSWORD_FILE: ${{ secrets.VAULT_PASSWORD_FILE }} - ANSIBLE_PRIVATE_SSH: ${{ secrets.ANSIBLE_PRIVATE_SSH }} with: environment: devnet From e5ed7950aabead7177cf38d3a20e5c94e4a8e117 Mon Sep 17 00:00:00 2001 From: Jesse Lee Date: Fri, 21 Apr 2023 15:21:21 -0400 Subject: [PATCH 10/13] more changes for the new template --- .github/workflows/deploy.nightly.devnet.yml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/.github/workflows/deploy.nightly.devnet.yml b/.github/workflows/deploy.nightly.devnet.yml index 6d033dc97a..bed0bf3f74 100644 --- a/.github/workflows/deploy.nightly.devnet.yml +++ b/.github/workflows/deploy.nightly.devnet.yml @@ -90,18 +90,22 @@ jobs: chmod 600 ~/devnet_private.key eval "$(ssh-agent)" ssh-add ~/devnet_private.key - terraform output -raw geth_private_ip > rootchain_rpc.txt + terraform output -raw geth_private_ip > rootchain_rpc.txt - name: Install ansible / botocore / boto3 run: | python3 -m pip install --user ansible python3 -m pip install boto3 botocore - - name: Run Ansible + - name: Configure ansible for nightly build working-directory: ansible run: | - touch password.txt echo "${{ secrets.VAULT_PASSWORD_FILE }}" > password.txt cp local-extra-vars.yml.template local-extra-vars.yml + sed 's/devnet01/${{ secrets.TF_VAR_DEPLOYMENT_NAME }}/g' inventory/aws_ec2.yml > inventory/aws_ec2.yml.tmp && mv inventory/aws_ec2.yml.tmp inventory/aws_ec2.yml + sed 's/devnet01/${{ secrets.TF_VAR_DEPLOYMENT_NAME }}/g' local-extra-vars.yml > local-extra-vars.yml.tmp && mv local-extra-vars.yml.tmp local-extra-vars.yml echo "\nrootchain_json_rpc: http://$(cat ../rootchain_rpc.txt):8545" >> local-extra-vars.yml + - name: Run Ansible + working-directory: ansible + run: | ansible-inventory --graph ansible-galaxy install -r requirements.yml ansible-playbook --inventory inventory/aws_ec2.yml --vault-password-file=password.txt --extra-vars "@local-extra-vars.yml" site.yml From 582607213c17aa283f6a2300483845957e35d182 Mon Sep 17 00:00:00 2001 From: Jesse Lee Date: Mon, 24 Apr 2023 10:06:08 -0400 Subject: [PATCH 11/13] fix to work with the latest version of edge --- .github/workflows/deploy.nightly.devnet.yml | 110 ++++++++++++++---- .../manual.deploy.nightly.devnet.yml | 8 +- .github/workflows/nightly.yml | 1 - 3 files changed, 91 insertions(+), 28 deletions(-) diff --git a/.github/workflows/deploy.nightly.devnet.yml b/.github/workflows/deploy.nightly.devnet.yml index bed0bf3f74..edcf679d2f 100644 --- a/.github/workflows/deploy.nightly.devnet.yml +++ b/.github/workflows/deploy.nightly.devnet.yml @@ -26,8 +26,6 @@ on: # yamllint disable-line rule:truthy required: true AWS_REGION: required: true - TF_VAR_AWS_PROFILE: - required: true TF_VAR_DEPLOYMENT_NAME: required: true TF_VAR_OWNER: @@ -50,16 +48,16 @@ jobs: uses: actions/checkout@v3 with: repository: maticnetwork/terraform-polygon-supernets - ref: polygon-edge-nightly-build + ref: main - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v2 with: role-to-assume: ${{ secrets.AWS_ROLE_ARN }} aws-region: ${{ secrets.AWS_REGION }} - name: Install Terraform - uses: hashicorp/setup-terraform@v2 + uses: hashicorp/setup-terraform@v2.0.3 with: - terraform_version: 1.4.4 + terraform_version: 1.4.5 - name: Configure terraform for nightly build run: | sed 's/# backend "s3" {}/backend "s3" {}/' main.tf > main.tf.tmp && mv main.tf.tmp main.tf @@ -76,21 +74,19 @@ jobs: env: TF_VAR_deployment_name: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} TF_VAR_owner: ${{ secrets.TF_VAR_OWNER }} - TF_VAR_aws_profile: ${{ secrets.TF_VAR_AWS_PROFILE }} - name: Terraform Apply id: apply run: terraform apply -auto-approve tfplan env: TF_VAR_deployment_name: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} TF_VAR_owner: ${{ secrets.TF_VAR_OWNER }} - TF_VAR_aws_profile: ${{ secrets.TF_VAR_AWS_PROFILE }} - name: Configure private keys run: | terraform output pk_ansible > ~/devnet_private.key chmod 600 ~/devnet_private.key eval "$(ssh-agent)" ssh-add ~/devnet_private.key - terraform output -raw geth_private_ip > rootchain_rpc.txt + terraform output -raw geth_private_ip | grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b" | head -1 | tr -d '\n' > rootchain_rpc.txt - name: Install ansible / botocore / boto3 run: | python3 -m pip install --user ansible @@ -102,7 +98,78 @@ jobs: cp local-extra-vars.yml.template local-extra-vars.yml sed 's/devnet01/${{ secrets.TF_VAR_DEPLOYMENT_NAME }}/g' inventory/aws_ec2.yml > inventory/aws_ec2.yml.tmp && mv inventory/aws_ec2.yml.tmp inventory/aws_ec2.yml sed 's/devnet01/${{ secrets.TF_VAR_DEPLOYMENT_NAME }}/g' local-extra-vars.yml > local-extra-vars.yml.tmp && mv local-extra-vars.yml.tmp local-extra-vars.yml - echo "\nrootchain_json_rpc: http://$(cat ../rootchain_rpc.txt):8545" >> local-extra-vars.yml + ROOTCHAIN_RPC=$(cat ../rootchain_rpc.txt) + echo "rootchain_json_rpc: http://$ROOTCHAIN_RPC:8545" >> local-extra-vars.yml + - name: Create script file + working-directory: ansible + run: | + cat > roles/edge/templates/bootstrap.sh <<'EOF' + #!/bin/bash + + main() { + if [[ -d "/var/lib/bootstrap" ]]; then + echo "It appears this network has already been boot strapped" + exit + fi + mkdir /var/lib/bootstrap + pushd /var/lib/bootstrap + + {% for item in hostvars %} + {% if (hostvars[item].tags.Role == "fullnode" or hostvars[item].tags.Role == "validator") %} + polygon-edge polybft-secrets init --data-dir {{ hostvars[item].tags["Name"] }} \ + --chain-id {{ chain_id }} \ + --json \ + --insecure > {{ hostvars[item].tags["Name"] }}.json + {% endif %} + {% endfor %} + + apt update + curl -fsSL https://deb.nodesource.com/setup_18.x | bash - + apt-get install -y nodejs + + pushd /opt/polygon-edge/ + make compile-core-contracts + cp -r /opt/polygon-edge/core-contracts /var/lib/bootstrap/core-contracts/ + popd + + polygon-edge manifest {% for item in hostvars %}{% if (hostvars[item].tags.Role == "validator") %} --validators /dns4/{{ hostvars[item].tags["Name"] }}/tcp/{{ edge_p2p_port }}/p2p/$(cat {{ hostvars[item].tags["Name"] }}.json | jq -r '.[0].node_id'):$(cat {{ hostvars[item].tags["Name"] }}.json | jq -r '.[0].address'):$(cat {{ hostvars[item].tags["Name"] }}.json | jq -r '.[0].bls_pubkey'):$(cat {{ hostvars[item].tags["Name"] }}.json | jq -r '.[0].bls_signature') {% endif %}{% endfor %} \ + --path ./manifest.json \ + --premine-validators 1000000000000000000000000000 \ + --chain-id {{ chain_id }} + + polygon-edge genesis \ + {% for item in hostvars %}{% if (hostvars[item].tags.Role == "validator") %} --validators /dns4/{{ hostvars[item].tags["Name"] }}/tcp/{{ edge_p2p_port }}/p2p/$(cat {{ hostvars[item].tags["Name"] }}.json | jq -r '.[0].node_id'):$(cat {{ hostvars[item].tags["Name"] }}.json | jq -r '.[0].address'):$(cat {{ hostvars[item].tags["Name"] }}.json | jq -r '.[0].bls_pubkey'):$(cat {{ hostvars[item].tags["Name"] }}.json | jq -r '.[0].bls_signature') {% endif %}{% endfor %} \ + --consensus polybft \ + {% for item in hostvars %}{% if (hostvars[item].tags.Role == "fullnode" or hostvars[item].tags.Role == "validator") %} --bootnode /dns4/{{ hostvars[item].tags["Name"] }}/tcp/{{ edge_p2p_port }}/p2p/$(cat {{ hostvars[item].tags["Name"] }}.json | jq -r '.[0].node_id') {% endif %}{% endfor %} \ + {% for address in premine_address %} --premine {{ address }}:1000000000000000000000000000 {% endfor %} + --premine 0x1AB8C3df809b85012a009c0264eb92dB04eD6EFa:1000000000000000000000000000 \ + --premine 0x0000000000000000000000000000000000000000 \ + --block-gas-limit {{ block_gas_limit }} \ + --block-time {{ block_time }}s \ + --chain-id {{ chain_id }} \ + --epoch-size 10 + + polycli wallet create --words 12 --language english | jq '.Addresses[0]' > rootchain-wallet.json + COINBASE_ADDRESS=$(curl -H "Content-Type: application/json" -X POST --data '{"jsonrpc":"2.0","method":"eth_coinbase","params":[],"id":1}' {{ rootchain_json_rpc }} | jq -r '.result') + curl -X POST --data '{"jsonrpc":"2.0","method":"eth_sendTransaction","params":[{"from":"'"$COINBASE_ADDRESS"'","to":"'"$(cat rootchain-wallet.json | jq -r '.ETHAddress')"'","value":"0x3635C9ADC5DEA00000"}],"id":1}' -H "Content-Type: application/json" {{ rootchain_json_rpc }} + sleep 5 + polygon-edge rootchain deploy \ + --deployer-key $(cat rootchain-wallet.json | jq -r '.HexPrivateKey') \ + --json-rpc {{ rootchain_json_rpc }} + + {% for item in hostvars %} + {% if (hostvars[item].tags.Role == "validator") %} + polygon-edge rootchain fund --data-dir {{ hostvars[item].tags["Name"] }} --json-rpc {{ rootchain_json_rpc }} + {% endif %} + {% endfor %} + + tar czf {{ base_dn }}.tar.gz validator* fullnode* genesis.json + popd + } + + main + + EOF - name: Run Ansible working-directory: ansible run: | @@ -112,8 +179,8 @@ jobs: - name: Set rpc url value id: url run: | - touch rpc.txt - terraform output -raw aws_lb_ext_validator_domain | grep -o -E '^ext[^:]*' > rpc.txt + terraform output -raw aws_lb_ext_domain + terraform output -raw aws_lb_ext_domain | grep -o -E '^ext[^:]*' > rpc.txt - uses: actions/upload-artifact@v3 with: name: rpc-url @@ -154,30 +221,27 @@ jobs: uses: actions/checkout@v3 with: repository: maticnetwork/terraform-polygon-supernets - ref: polygon-edge-nightly-build + ref: main - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v2 with: role-to-assume: ${{ secrets.AWS_ROLE_ARN }} aws-region: ${{ secrets.AWS_REGION }} - name: Install Terraform - uses: hashicorp/setup-terraform@v2 + uses: hashicorp/setup-terraform@v2.0.3 with: - terraform_version: 1.4.2 + terraform_version: 1.4.5 + - name: Configure terraform for nightly build + run: | + sed 's/# backend "s3" {}/backend "s3" {}/' main.tf > main.tf.tmp && mv main.tf.tmp main.tf - name: Terraform Init id: init - run: terraform init + run: terraform init -backend-config="bucket=polygon-edge-devnet-tf-states" -backend-config="key=state/${{ secrets.TF_VAR_DEPLOYMENT_NAME }}" -backend-config="region=${{ secrets.AWS_REGION }}" - name: Retrieve state file from s3 - run: aws s3 cp s3://polygon-edge-devnet-tf-states/state/nightly-build state.json + run: aws s3 cp s3://polygon-edge-devnet-tf-states/state/${{ secrets.TF_VAR_DEPLOYMENT_NAME }} state.json - name: Terraform Destroy id: destroy run: terraform destroy -auto-approve -state=state.json env: - TF_VAR_explorer_rds_master_password: ${{ secrets.TF_VAR_EXPLORER_RDS_MASTER_PASSWORD }} TF_VAR_deployment_name: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} - TF_VAR_company_name: ${{ secrets.TF_VAR_COMPANY_NAME }} - TF_VAR_owner: ${{ secrets.TF_VAR_OWNER }} - TF_VAR_aws_profile: ${{ secrets.TF_VAR_AWS_PROFILE }} - TF_VAR_create_ssh_key: ${{ secrets.TF_VAR_CREATE_SSH_KEY }} - TF_VAR_devnet_key_value: ${{ secrets.TF_VAR_DEVNET_KEY_VALUE }} - TF_VAR_jumpbox_ssh_access: ${{ secrets.TF_VAR_JUMPBOX_SSH_ACCESS }} \ No newline at end of file + TF_VAR_owner: ${{ secrets.TF_VAR_OWNER }} \ No newline at end of file diff --git a/.github/workflows/manual.deploy.nightly.devnet.yml b/.github/workflows/manual.deploy.nightly.devnet.yml index 3d809d1936..14bfa47be8 100644 --- a/.github/workflows/manual.deploy.nightly.devnet.yml +++ b/.github/workflows/manual.deploy.nightly.devnet.yml @@ -3,12 +3,13 @@ name: Nightly DevNet Workflow (Manual) on: # yamllint disable-line rule:truthy - push: - branches: - - jesse/nightly-loadtest-workflow + pull_request: + branches: [main] workflow_call: {} workflow_dispatch: {} +concurrency: 'manual-nightly-devnet' + permissions: id-token: write contents: read @@ -21,7 +22,6 @@ jobs: secrets: AWS_REGION: ${{ secrets.AWS_REGION }} AWS_ROLE_ARN: ${{ secrets.AWS_ROLE_ARN }} - TF_VAR_AWS_PROFILE: ${{ secrets.TF_VAR_AWS_PROFILE }} TF_VAR_DEPLOYMENT_NAME: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} TF_VAR_OWNER: ${{ secrets.TF_VAR_OWNER }} SLACK_PERFORMANCE_WEBHOOK_URL: ${{ secrets.SLACK_PERFORMANCE_WEBHOOK_URL }} diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 0a125ad511..c4a3de2024 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -54,7 +54,6 @@ jobs: secrets: AWS_REGION: ${{ secrets.AWS_REGION }} AWS_ROLE_ARN: ${{ secrets.AWS_ROLE_ARN }} - TF_VAR_AWS_PROFILE: ${{ secrets.TF_VAR_AWS_PROFILE }} TF_VAR_COMPANY_NAME: ${{ secrets.TF_VAR_COMPANY_NAME }} TF_VAR_DEPLOYMENT_NAME: ${{ secrets.TF_VAR_DEPLOYMENT_NAME }} TF_VAR_OWNER: ${{ secrets.TF_VAR_OWNER }} From 5e4df34f1aa1f920054247cb8a3c45250d30cc43 Mon Sep 17 00:00:00 2001 From: Jesse Lee Date: Mon, 24 Apr 2023 10:13:56 -0400 Subject: [PATCH 12/13] change branch to develop --- .github/workflows/manual.deploy.nightly.devnet.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/manual.deploy.nightly.devnet.yml b/.github/workflows/manual.deploy.nightly.devnet.yml index 14bfa47be8..c79a7fae95 100644 --- a/.github/workflows/manual.deploy.nightly.devnet.yml +++ b/.github/workflows/manual.deploy.nightly.devnet.yml @@ -4,7 +4,7 @@ name: Nightly DevNet Workflow (Manual) on: # yamllint disable-line rule:truthy pull_request: - branches: [main] + branches: [develop] workflow_call: {} workflow_dispatch: {} From fa5b9e3af2abfc01f5f9485b91d12d58c125f045 Mon Sep 17 00:00:00 2001 From: Jesse Lee Date: Mon, 24 Apr 2023 11:10:42 -0400 Subject: [PATCH 13/13] do not build manual PR --- .github/workflows/manual.deploy.nightly.devnet.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/manual.deploy.nightly.devnet.yml b/.github/workflows/manual.deploy.nightly.devnet.yml index c79a7fae95..facbb56a3b 100644 --- a/.github/workflows/manual.deploy.nightly.devnet.yml +++ b/.github/workflows/manual.deploy.nightly.devnet.yml @@ -3,8 +3,6 @@ name: Nightly DevNet Workflow (Manual) on: # yamllint disable-line rule:truthy - pull_request: - branches: [develop] workflow_call: {} workflow_dispatch: {}