|
| 1 | +name: Deploy devnet |
| 2 | + |
| 3 | +on: |
| 4 | + workflow_dispatch: |
| 5 | + inputs: |
| 6 | + namespace: |
| 7 | + description: The namespace to deploy to, e.g. smoke |
| 8 | + required: true |
| 9 | + aztec_docker_image: |
| 10 | + description: The Aztec Docker image to use |
| 11 | + required: true |
| 12 | + deployment_mnemonic_secret_name: |
| 13 | + description: The name of the secret which holds the boot node's contract deployment mnemonic |
| 14 | + required: true |
| 15 | + default: testnet-deployment-mnemonic |
| 16 | + respect_tf_lock: |
| 17 | + description: Whether to respect the Terraform lock |
| 18 | + required: false |
| 19 | + default: "true" |
| 20 | + |
| 21 | +concurrency: |
| 22 | + group: ${{ github.workflow }}-${{ github.ref }} |
| 23 | + cancel-in-progress: false |
| 24 | + |
| 25 | +env: |
| 26 | + AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} |
| 27 | + AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} |
| 28 | + CONTRACT_S3_BUCKET: s3://static.aztec.network |
| 29 | + CLUSTER_NAME: aztec-gke |
| 30 | + REGION: us-west1-a |
| 31 | + NAMESPACE: ${{ inputs.namespace }} |
| 32 | + AZTEC_DOCKER_IMAGE: ${{ inputs.aztec_docker_image }} |
| 33 | + |
| 34 | +jobs: |
| 35 | + deploy-network: |
| 36 | + uses: ./.github/workflows/network-deploy.yml@HEAD |
| 37 | + with: |
| 38 | + namespace: ${{ github.event.inputs.namespace }} |
| 39 | + values_file: release-devnet |
| 40 | + aztec_docker_image: ${{ github.event.inputs.aztec_docker_image }} |
| 41 | + deployment_mnemonic_secret_name: ${{ github.event.inputs.deployment_mnemonic_secret_name }} |
| 42 | + respect_tf_lock: ${{ github.event.inputs.respect_tf_lock }} |
| 43 | + |
| 44 | + bootstrap-network: |
| 45 | + runs-on: ubuntu-latest |
| 46 | + needs: deploy-network |
| 47 | + steps: |
| 48 | + - uses: ./.github/ci-setup-action |
| 49 | + |
| 50 | + - name: Configure AWS credentials |
| 51 | + uses: aws-actions/configure-aws-credentials@v1 |
| 52 | + with: |
| 53 | + aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }} |
| 54 | + aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }} |
| 55 | + aws-region: eu-west-2 |
| 56 | + |
| 57 | + - name: Authenticate to Google Cloud |
| 58 | + uses: google-github-actions/auth@v2 |
| 59 | + with: |
| 60 | + credentials_json: ${{ secrets.GCP_SA_KEY }} |
| 61 | + |
| 62 | + - name: Set up Cloud SDK |
| 63 | + uses: google-github-actions/setup-gcloud@v2 |
| 64 | + |
| 65 | + - name: Setup kubectl access |
| 66 | + run: | |
| 67 | + gcloud components install kubectl gke-gcloud-auth-plugin --quiet |
| 68 | + gcloud container clusters get-credentials ${{ env.CLUSTER_NAME }} --region ${{ env.REGION }} |
| 69 | +
|
| 70 | + - name: Bootstrap network |
| 71 | + run: | |
| 72 | + set -eu -o pipefail |
| 73 | +
|
| 74 | + pxe_port_forward_pid="" |
| 75 | + ethereum_port_forward_pid="" |
| 76 | +
|
| 77 | + cleanup() { |
| 78 | + echo "Cleaning up port-forward processes..." |
| 79 | + if [ -n "$pxe_port_forward_pid" ]; then |
| 80 | + kill $pxe_port_forward_pid 2>/dev/null || true |
| 81 | + fi |
| 82 | + if [ -n "$ethereum_port_forward_pid" ]; then |
| 83 | + kill $ethereum_port_forward_pid 2>/dev/null || true |
| 84 | + fi |
| 85 | + } |
| 86 | +
|
| 87 | + trap cleanup EXIT |
| 88 | +
|
| 89 | + echo "Waiting for PXE pods to be ready..." |
| 90 | + if ! kubectl wait --for=condition=ready pod -l app=$NAMESPACE-aztec-network-pxe --timeout=10m; then |
| 91 | + echo "Error: PXE pods did not become ready within timeout" |
| 92 | + exit 1 |
| 93 | + fi |
| 94 | +
|
| 95 | + helm get values $NAMESPACE -n $NAMSPACE -o json --all > helm_values.json |
| 96 | +
|
| 97 | + PXE_PORT="$(jq -r .pxe.service.nodePort helm_values.json)" |
| 98 | + ETHEREUM_PORT="$(jq -r ethereum.service.port helm_values.json)" |
| 99 | + L1_CHAIN_ID="$(jq -r .ethereum.chainId helm_values.json)" |
| 100 | +
|
| 101 | + MNEMONIC="$(jq -r .aztec.l1DeploymentMnemonic helm_values.json)" |
| 102 | + echo "::add-mask::$MNEMONIC" |
| 103 | +
|
| 104 | + rm helm_values.json |
| 105 | +
|
| 106 | + kubectl port-forward -n $NAMESPACE svc/$NAMESPACE-aztec-network-pxe $PXE_PORT & |
| 107 | + pxe_port_forward_pid=$! |
| 108 | + kubectl port-forward -n $NAMSPACE svc/$NAMESPACE-aztec-network-ethereum $ETHEREUM_PORT & |
| 109 | + ethereum_port_forward_pid=$! |
| 110 | +
|
| 111 | + # wait for port-forwards to establish |
| 112 | + sleep 5 |
| 113 | +
|
| 114 | + docker run --rm $AZTEC_DOCKER_IMAGE bootstrap-network \ |
| 115 | + --rpc-url http://127.0.0.1:$PXE_PORT \ |
| 116 | + --l1-rpc-url http://127.0.0.1:$ETHEREUM_PORT \ |
| 117 | + --l1-chain-id $CHAIN_ID \ |
| 118 | + --mnemonic $MNEMONIC \ |
| 119 | + --json | tee ./basic_contracts.json |
| 120 | +
|
| 121 | + aws s3 cp ./basic_contracts.json ${{ env.CONTRACT_S3_BUCKET }}/devnet/basic_contracts.json |
| 122 | +
|
0 commit comments