Merge branch 'main' into alchemix-mainnet

connext · Jul 7, 2023 · f87eb49 · f87eb49
2 parents 1bf4421 + b4eccab
commit f87eb49
Show file tree

Hide file tree

Showing 263 changed files with 392,397 additions and 213,898 deletions.
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -6,6 +6,6 @@
 /packages/agents/ @preethamr @liu-zhipeng @wanglonghong @sanchaymittal @rhlsthrm
 /packages/agents/sdk/ @just-a-node @sanchaymittal @rhlsthrm
 /packages/deployments/ @LayneHaber @rhlsthrm @liu-zhipeng
-/packages/examples/ @just-a-node @rhlsthrm @sanchaymittal
+/packages/examples/ @just-a-node @rhlsthrm @sanchaymittal @preethamr
 /packages/integration/ @LayneHaber @preethamr @rhlsthrm
 /packages/utils/ @preethamr @liu-zhipeng @wanglonghong @rhlsthrm
diff --git a/.github/workflows/build-test-deploy.yml b/.github/workflows/build-test-deploy.yml
@@ -61,6 +61,9 @@ jobs:
           node-version: "18"
           cache: "yarn"
 
+      - name: Check Yarn version
+        run: yarn --version
+
       - name: Validate using commitlint
         if: github.ref != 'refs/heads/testnet-prod' || github.ref != 'refs/heads/prod'
         uses: wagoid/commitlint-github-action@v5
@@ -104,7 +107,8 @@ jobs:
             "packages/adapters/txservice:@connext/nxtp-txservice"
             "packages/adapters/subgraph:@connext/nxtp-adapters-subgraph"
             "packages/adapters/cache:@connext/nxtp-adapters-cache"
-            "packages/agents/sdk:@connext/sdk"
+            "packages/agents/sdk:@connext/sdk-core"
+            "packages/agents/sdk-wrapper:@connext/sdk"
           )
 
           for entry in "${workspaces[@]}"; do
@@ -1115,6 +1119,7 @@ jobs:
       TF_VAR_full_image_name_sequencer_subscriber: ${{ fromJSON(needs.e2e-tests.outputs.sequencer-subscriber-tags).tags[0] }}
       TF_VAR_full_image_name_relayer: ${{ fromJSON(needs.e2e-tests.outputs.relayer-tags).tags[0] }}
       TF_VAR_full_image_name_watcher: ${{ fromJSON(needs.e2e-tests.outputs.watcher-tags).tags[0] }}
+      TF_VAR_full_image_name_lighthouse_prover_subscriber: ${{ fromJSON(needs.e2e-tests.outputs.lighthouse-prover-subscriber-tags).tags[0] }}
       TF_VAR_lighthouse_image_tag: ${{ github.sha }}
 
     runs-on: ubuntu-latest
@@ -1241,7 +1246,7 @@ jobs:
       router-publisher-tags: ${{ needs.e2e-tests.outputs.router-publisher-tags }}
       router-subscriber-tags: ${{ needs.e2e-tests.outputs.router-subscriber-tags }}
       router-executor-tags: ${{ needs.e2e-tests.outputs.router-executor-tags }}
-      lighthouse-prover-subscriber-tags: ${{ fromJSON(needs.e2e-tests.outputs.lighthouse-prover-subscriber-tags).tags[0] }}
+      lighthouse-prover-subscriber-tags: ${{ needs.e2e-tests.outputs.lighthouse-prover-subscriber-tags }}
       relayer-tags: ${{ needs.e2e-tests.outputs.relayer-tags }}
       watcher-tags: ${{ needs.e2e-tests.outputs.watcher-tags }}
       sdk-server-tags: ${{ needs.e2e-tests.outputs.sdk-server-tags }}

diff --git a/.husky/commit-msg b/.husky/commit-msg
@@ -1,4 +1,2 @@
 #!/usr/bin/env sh
-. "$(dirname -- "$0")/_/husky.sh"
-
 yarn dlx commitlint --edit $1
diff --git a/README.md b/README.md
@@ -61,7 +61,7 @@
 
 ## Connext Architecture
 
-The Connext architecture can be seen as a layered system, as follows:
+The Connext architecture can be seen as a layered system, as follows.
 
 | Layer                            | Protocol/Stakeholders                  |
 | -------------------------------- | -------------------------------------- |

diff --git a/ops/env/testnet/core/secrets.prod.json b/ops/env/testnet/core/secrets.prod.json
@@ -5,6 +5,7 @@
 	"optgoerli_alchemy_key_1": "ENC[AES256_GCM,data:IKvEQW3u/ShLXgt90ZyvbwSgaoWSVjNKucefr1ZUOks=,iv:KNkyaDV+MoVJ4GmQDwxn/drHeTNXAtJ+IdXkh5r1UxY=,tag:7stNWMB0nmWqOrqZwsOENw==,type:str]",
 	"arbgoerli_alchemy_key_0": "ENC[AES256_GCM,data:FznvthayCWL5gQrBs4GSyRkZrXg1fAXTpuvHoZ0Brmw=,iv:h/Ln5MiegVXtUgCWB65hwfCVhRht9cr2Fw4QbUO4ZPg=,tag:r1ueHnIDTKcQBxVRmirvfg==,type:str]",
 	"arbgoerli_alchemy_key_1": "ENC[AES256_GCM,data:AoJEiPuHviI14XuFJP7/GFTbEd5UfLHXq3OefHwV3BQ=,iv:tvvt76MHKvXcsVOl+Lk2t6PjazzhS/tBXbVWuJ1JL8w=,tag:KS9pom1Fz9o7DLsPuxLrRQ==,type:str]",
+	"mumbai_alchemy_key_0": "ENC[AES256_GCM,data:VolMxEjn8+QnY13VzDpEWenyv1CBjvyjcLMb1l/xlrw=,iv:BWvw9p/3JYsLpqdszm5JIasoxjypghjaff/BJ2QIOtM=,tag:M/AN6XyOJoAL7/RNWy7SuQ==,type:str]",
 	"blast_key": "ENC[AES256_GCM,data:aOV48KWCE0L4tjHc+Tdt4oQBFGbTRKeb+2DMFI4Y7LGjYNke,iv:wv3W/M2ZKTFpj28WAUZIvPKOc4kvsWqabDd+qoVTdg4=,tag:gWHQBWTVIjT0PymIHOROnQ==,type:str]",
 	"infura_key": "ENC[AES256_GCM,data:xLJ5hNQ15pRWC7HwEX478tkJBv1czUM7LGufL+wIgsI=,iv:ZWrq2/0iXMTe+V6+0owJ4A3WczTMUYANEM6mUV/b8II=,tag:Uw8BBlJg6LkaVPMya9fMrA==,type:str]",
 	"admin_token_router": "ENC[AES256_GCM,data:V0FuvFfMBS0=,iv:MW6eOYjcM8xgMGpr3204tYvFsm3IVXNTAUjBmcs2YRc=,tag:lLfG206oCZvEUn7jeWTEyw==,type:str]",
@@ -13,14 +14,15 @@
 	"sequencer_web3_signer_private_key": "ENC[AES256_GCM,data:LKvTW3OXzOuoPCUcHSTzhJ9GUYZk1wXLZGeILQRI6Rby6F/uRzANeSRqlYQScpZFPWQsHP4kr4w0CAN87YKb+gBC,iv:FNTTCOjwsVNhq+aBY6wvciDMDC/k0me36OVueVg0KKc=,tag:HZZwkikhZvthv+NaegYaFA==,type:str]",
 	"rmq_mgt_password": "ENC[AES256_GCM,data:Oi9s0fu4N/f7fAfOrOzT,iv:dPo0CPlK/jW++lrvn8BXvBEUFYM1/zR/wQ18IbLFB1Y=,tag:S2poo/5rwURMmflFGkVFaQ==,type:str]",
 	"dd_api_key": "ENC[AES256_GCM,data:rIb32o+5nSbWcnlP2Mh809lyUX9YBPmdiLb2sMZjlKU=,iv:7FEHx2G+2f0DDXkpJbhg22olEFi84MJ5wGae7AWymLw=,tag:Uw30LcE7I6gSHpoOkHkkMw==,type:str]",
-	"gelato_api_key": "ENC[AES256_GCM,data:hO9Iu+2/P9VvjKdAD2bPUo3umAo40H8o4znXHjmU/eYRSoQeValKPQ6XYHE=,iv:e2wzAorK7Xi74ZjcseV7MXMYpzyZbshjTda26OCOCoE=,tag:6kJTtFFbGGX1Lp6eX1oRow==,type:str]",
+	"gelato_api_key": "ENC[AES256_GCM,data:4OclSfsgqoUaLlP2VCPHuBWHjyNhqacfcHSVIuITTT+3MS472H+/cDAD/Jo=,iv:FQxUG/iDcRYJfJ9+HmGKqVmMzQj2q+jYl97Ilk39iBM=,tag:P4P8+9T6NhKy/Le3tnlaPg==,type:str]",
 	"postgres_password": "ENC[AES256_GCM,data:B1oNgHFUYpPq0yW0nQ8g,iv:+S3cX5vplDOG6E7lOoP9i5gxZNImoJa15Lpq1hTt0lY=,tag:kz712HJLrstZJms8zwbHZA==,type:str]",
 	"lighthouse_prover_heartbeat": "ENC[AES256_GCM,data:oK1YZySKHGLzEQK1c9lIXV8+tSr7xUcE,iv:AbmAilQ6OKgsULAhf7FKPQnx+t7qhT16JKScfgx73c8=,tag:AGxzf4RhHF8KK3w/+aEPxw==,type:str]",
 	"lighthouse_processor_heartbeat": "ENC[AES256_GCM,data:jP4KFfz+YlpcDsV+RzyHpskYyUGppfyy,iv:VcyoHBwSvsN/hiZ5S44euEjjbJXOEX0/PwqGpy1IJMw=,tag:oatM6EgA5fU2zfZz2KPm5A==,type:str]",
 	"lighthouse_propagate_heartbeat": "ENC[AES256_GCM,data:ngWH/ENDrnuZWThozPT+NO1DWZ4eFgKH,iv:MJDorgIdm4o+vm1wgpwgqk9783sHi95sgfd0XXzStSM=,tag:3lCtngMWTyUf27+fz8yQRQ==,type:str]",
 	"lighthouse_send_outbound_root_heartbeat": "ENC[AES256_GCM,data:rK5ImySl4pZdI6Ag4sAZ84cECd/NTz1k,iv:450J2HvaXXf3p4fN1GAGFMQWRjBWKQI4KfqsiZh9gug=,tag:EE6dpf0QRLw7Z4c/RvVFSA==,type:str]",
 	"relayer_web3_signer_private_key": "ENC[AES256_GCM,data:zUtd3IiSb3GWERzM5aRQG0WInleSduWFkg6NJb/oIAJ4o4nMp1q+hWhPC2dEpma1lppbX9tkmydxAgrzr16u7MAa,iv:exruQBT5UsbagQiibyS88od/nmWHRs5wCPWetuFY4QY=,tag:G8QhkoxQYpqf0SioA/NBCQ==,type:str]",
 	"linea_node": "ENC[AES256_GCM,data:I1fqRfyk3iF0xsSd2OuyxCBdF2odFVRjYJg=,iv:sZlgP202Q7Q2gPGmefezi+8XNqWo8qV7SQzlGUHl1Ig=,tag:m7yczphoaziyedJMAL6AAg==,type:str]",
+	"optgoerli_alchemy_key_for_lh": "ENC[AES256_GCM,data:is7Xn79cWf8JIQEu5MPbdpy7kGKXmMDGbqnq5xxMinE=,iv:6UpjIqrMb0PNytb37aOH5clr4/GMVSIFGtO3T0NfYr8=,tag:JKhE5xQLR5wpMxOMscXvVQ==,type:str]",
 	"sops": {
 		"kms": [
 			{
@@ -34,8 +36,8 @@
 		"azure_kv": null,
 		"hc_vault": null,
 		"age": null,
-		"lastmodified": "2023-05-05T15:11:36Z",
-		"mac": "ENC[AES256_GCM,data:7QVkpinkhx3R1gwdTKmVRFZ5E9Yfvsgx5vHfnl/B4F5xiL2RPD+gglPqVP41h5i03VfltSsQtRaOzw4Bw935Eq/8Tr5ypr2vIb9hnMys4yq5lQDXEj2/dXsRRRp1EHAMwD2lFFa8OBJdqUwFQ3Ocl1Nj6UNtvPGohaEx6frctME=,iv:rKID/71rb1/Pg9YvoCIakkFgchvF9MCs9pqUUMS7B20=,tag:vkYdru8bzYNk93Cd++Vkew==,type:str]",
+		"lastmodified": "2023-06-20T08:53:00Z",
+		"mac": "ENC[AES256_GCM,data:03ff0KH7+dCzZrc/SHwl4DdInbZ5ArBveoDKQRRWStKX8r5aYxoVNGVLRv5GtJvg/sWRBodUxJfpXXr/C2N2TseMAbCcFeQz23LmJgQwljSvq9hC33Seupf5MUl0EX1+ibFkpLAmxYyhTKCiLMKNh7GvjTKxF6jt5CcOW+b1RyI=,iv:g9XXrnV7+SCwJT87RzIIGa+woRlhpLTAnUq46mCGfZk=,tag:8/1fuUCINRamsbQRpKyXTQ==,type:str]",
 		"pgp": null,
 		"unencrypted_suffix": "_unencrypted",
 		"version": "3.7.3"

diff --git a/ops/mainnet/prod/backend/config.tf b/ops/mainnet/prod/backend/config.tf
@@ -21,15 +21,66 @@ locals {
     { name = "STAGE", value = var.stage }
   ]
 
+  sdk_server_env_vars = [
+    { name = "SDK_SERVER_CONFIG", value = local.local_sdk_server_config },
+    { name = "ENVIRONMENT", value = var.environment },
+    { name = "STAGE", value = var.stage },
+    { name = "DD_PROFILING_ENABLED", value = "true" },
+    { name = "DD_ENV", value = "${var.environment}-${var.stage}" },
+  ]
+
+  local_sdk_server_config = jsonencode({
+    logLevel = "debug"
+    chains = {
+      "6648936" = {
+        providers = ["https://rpc.ankr.com/eth/"]
+      }
+      "1869640809" = {
+        providers = ["https://rpc.ankr.com/optimism"]
+      }
+      "1886350457" = {
+        providers = ["https://rpc.ankr.com/polygon"]
+      }
+      "1634886255" = {
+        providers = ["https://rpc.ankr.com/arbitrum	"]
+      }
+      "6450786" = {
+        providers = ["https://rpc.ankr.com/bsc"]
+      }
+      "6778479" = {
+        providers = ["https://rpc.ankr.com/gnosis"]
+      }
+    }
+
+    # The following are defined in variables.tf and don't map to the
+    # definitions of environment and network in agent configs.
+    environment = var.stage
+    network     = var.environment
+
+    redis = {
+      enabled        = true
+      expirationTime = 10
+      host           = module.sdk_server_cache.redis_instance_address,
+      port           = module.sdk_server_cache.redis_instance_port
+    }
+
+    server = {
+      http = {
+        host = "0.0.0.0"
+        port = 8080
+      }
+    }
+  })
+
   local_cartographer_config = jsonencode({
     logLevel = "debug"
     chains = {
-      "6648936"    = {}
-      "1869640809" = {}
-      "1886350457" = {}
-      "1634886255" = {}
-      "6450786"    = {}
-      "6778479"    = {}
+      "6648936"    = { confirmations = 10 }
+      "1869640809" = { confirmations = 1 }
+      "1886350457" = { confirmations = 200 }
+      "1634886255" = { confirmations = 1 }
+      "6450786"    = { confirmations = 50 }
+      "6778479"    = { confirmations = 100 }
     }
     environment = var.stage
     healthUrls = {

diff --git a/ops/mainnet/prod/backend/main.tf b/ops/mainnet/prod/backend/main.tf
@@ -21,6 +21,9 @@ data "aws_iam_role" "ecr_admin_role" {
 data "aws_route53_zone" "primary" {
   zone_id = "Z03634792TWUEHHQ5L0YX"
 }
+locals {
+  db_alarm_emails = ["carlo@connext.network", "rahul@connext.network", "preetham@connext.network", "sanchay@connext.network"]
+}
 
 module "cartographer_db" {
   domain                = "cartographer"
@@ -52,6 +55,17 @@ module "cartographer_db" {
   db_subnet_group_subnet_ids = module.network.public_subnets
   publicly_accessible        = true
 }
+module "cartographer-db-alarms" {
+  source                                  = "../../../modules/db-alarms"
+  db_instance_name                        = module.cartographer_db.db_instance_name
+  db_instance_id                          = module.cartographer_db.db_instance_id
+  is_replica                              = false
+  enable_cpu_utilization_alarm            = true
+  enable_free_storage_space_too_low_alarm = true
+  stage                                   = var.stage
+  environment                             = var.environment
+  sns_topic_subscription_emails           = local.db_alarm_emails
+}
 
 module "cartographer_db_replica" {
   domain              = "cartographer"
@@ -88,6 +102,17 @@ module "cartographer_db_replica" {
   publicly_accessible   = module.cartographer_db.db_publicly_accessible
 }
 
+module "cartographer-db-replica-alarms" {
+  source                                  = "../../../modules/db-alarms"
+  db_instance_name                        = module.cartographer_db.db_instance_name
+  db_instance_id                          = module.cartographer_db.db_instance_id
+  is_replica                              = true
+  enable_cpu_utilization_alarm            = true
+  enable_free_storage_space_too_low_alarm = true
+  stage                                   = var.stage
+  environment                             = var.environment
+  sns_topic_subscription_emails           = local.db_alarm_emails
+}
 module "postgrest" {
   source                   = "../../../modules/service"
   region                   = var.region
@@ -117,6 +142,58 @@ module "postgrest" {
   domain                   = var.domain
 }
 
+module "sdk-server" {
+  source                   = "../../../modules/service"
+  region                   = var.region
+  dd_api_key               = var.dd_api_key
+  zone_id                  = data.aws_route53_zone.primary.zone_id
+  execution_role_arn       = data.aws_iam_role.ecr_admin_role.arn
+  cluster_id               = module.ecs.ecs_cluster_id
+  vpc_id                   = module.network.vpc_id
+  private_subnets          = module.network.private_subnets
+  lb_subnets               = module.network.public_subnets
+  internal_lb              = false
+  docker_image             = var.full_image_name_sdk_server
+  container_family         = "sdk-server"
+  health_check_path        = "/ping"
+  container_port           = 8080
+  loadbalancer_port        = 80
+  cpu                      = 1024
+  memory                   = 2048
+  instance_count           = 2
+  timeout                  = 180
+  environment              = var.environment
+  stage                    = var.stage
+  ingress_cdir_blocks      = ["0.0.0.0/0"]
+  ingress_ipv6_cdir_blocks = []
+  service_security_groups  = flatten([module.network.allow_all_sg, module.network.ecs_task_sg])
+  cert_arn                 = var.certificate_arn
+  container_env_vars       = local.sdk_server_env_vars
+  domain                   = var.domain
+}
+
+module "sdk_server_cache" {
+  source                        = "../../../modules/redis"
+  stage                         = var.stage
+  environment                   = var.environment
+  family                        = "sdk-server"
+  sg_id                         = module.network.ecs_task_sg
+  vpc_id                        = module.network.vpc_id
+  cache_subnet_group_subnet_ids = module.network.public_subnets
+}
+
+module "sdk_server_auto_scaling" {
+  source           = "../../../modules/auto-scaling"
+  stage            = var.stage
+  environment      = var.environment
+  domain           = var.domain
+  ecs_service_name = module.sdk-server.service_name
+  ecs_cluster_name = module.ecs.ecs_cluster_name
+  min_capacity     = 2
+  max_capacity     = 10
+}
+
+
 module "cartographer-routers-lambda-cron" {
   source              = "../../../modules/lambda"
   ecr_repository_name = "nxtp-cartographer"

diff --git a/ops/mainnet/prod/backend/outputs.tf b/ops/mainnet/prod/backend/outputs.tf
@@ -30,6 +30,11 @@ output "postgrest-service-endpoint" {
   value = module.postgrest.service_endpoint
 }
 
+output "sdk-server-service-endpoint" {
+  value = module.sdk-server.service_endpoint
+}
+
+
 output "db-instance-endpoint" {
   value = module.cartographer_db.db_instance_endpoint
 }

diff --git a/ops/mainnet/prod/backend/variables.tf b/ops/mainnet/prod/backend/variables.tf
@@ -31,6 +31,12 @@ variable "cartographer_image_tag" {
   default     = "ghcr.io/connext/cartographer-routers:0.2.0-beta.10"
 }
 
+variable "full_image_name_sdk_server" {
+  type        = string
+  description = "sdk-server image name"
+  default     = "latest"
+}
+
 variable "certificate_arn" {
   default = "arn:aws:acm:us-east-2:679752396206:certificate/eecbb4dd-f537-40f0-afdb-233ee066ba80"
 }