-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
1d280dd
commit c0c6669
Showing
15 changed files
with
186 additions
and
98 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
name: Snapshot Service Image | ||
|
||
# Cancel workflow if there is a new change to the branch. | ||
concurrency: | ||
group: ${{ github.workflow }}-${{ github.ref }} | ||
cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} | ||
|
||
on: | ||
push: | ||
branches: [main] | ||
merge_group: | ||
pull_request: | ||
branches: [main] | ||
|
||
jobs: | ||
build-and-push-docker-image: | ||
name: Build images and push to GHCR | ||
runs-on: ubuntu-latest | ||
timeout-minutes: 30 | ||
steps: | ||
- name: List cached docker images | ||
run: docker image ls | ||
|
||
- name: Checkout code | ||
uses: actions/checkout@v4 | ||
|
||
- name: Login to Github Packages | ||
uses: docker/login-action@v3 | ||
with: | ||
registry: ghcr.io | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
# This step yields the following labels: | ||
# - date+sha, e.g. 2023-01-19-da4692d, | ||
# - latest, | ||
- name: Docker Meta | ||
id: meta | ||
uses: docker/metadata-action@v5 | ||
with: | ||
images: ghcr.io/chainsafe/forest-snapshot-service | ||
tags: | | ||
type=raw,value={{date 'YYYY-MM-DD'}}-{{sha}} | ||
type=raw,value=latest,enable={{is_default_branch}} | ||
- name: Build image and push to GitHub Container Registry | ||
uses: docker/build-push-action@v5 | ||
with: | ||
context: ./images/snapshot-service/ | ||
build-contexts: | | ||
common=./tf-managed/scripts/ | ||
tags: ${{ steps.meta.outputs.tags }} | ||
labels: ${{ steps.meta.outputs.labels }} | ||
push: ${{ github.ref == 'refs/heads/main' }} | ||
|
||
- name: List docker images | ||
run: docker image ls |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
*.md |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
# Snapshot service Dockerfile. | ||
# It is meant to produce a single snapshot of the given chain in the Filecoin network and upload it to S3 (preferably Cloudflare R2, it should work for other providers as well, but it wasn't tested). | ||
FROM docker:24 | ||
LABEL org.opencontainers.image.description "Forest snapshot service generator and uploader for Filecoin" | ||
|
||
RUN apk add --no-cache \ | ||
ruby \ | ||
ruby-dev \ | ||
docker \ | ||
bash && \ | ||
gem install \ | ||
docker-api \ | ||
slack-ruby-client \ | ||
activesupport | ||
|
||
COPY ./src /opt/snapshot-service | ||
|
||
# `common` is defined via the `--build-context` flag in the `docker build` command, e.g., | ||
# `docker build --build-context common=../../tf-managed/scripts/ -t ghcr.io/chainsafe/forest-snapshot-service:latest .` | ||
# TODO: Change this once `sync-check` is fully-dockerized as well. | ||
# hadolint ignore=DL3022 | ||
COPY --from=common ruby_common /opt/snapshot-service/ruby_common | ||
|
||
WORKDIR /opt/snapshot-service | ||
|
||
CMD ["bash", "run.sh"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
# Forest snapshot service | ||
|
||
This service serves as a Filecoin snapshot generator and uploader. Supported networks are [calibnet](https://docs.filecoin.io/networks/calibration) and [mainnet](https://docs.filecoin.io/networks/mainnet). All S3-compatible providers should work correctly, though it was tested exclusively on Cloudflare R2. | ||
|
||
## Building the image | ||
|
||
```bash | ||
docker build --build-context common=../../tf-managed/scripts/ -t <name>:<tag> . | ||
``` | ||
|
||
## Running the Forest snapshot service | ||
|
||
The container needs additional privileges and access to the docker socket to issue other `docker` commands. | ||
|
||
This command will generate a snapshot for the given network and upload it to an S3 bucket. | ||
```bash | ||
docker run --privileged -v /var/run/docker.sock:/var/run/docker.sock --rm --env-file <variable-file> --env NETWORK_CHAIN=<chain> ghcr.io/chainsafe/forest-snapshot-service:edge | ||
``` | ||
|
||
## Variables (all required) | ||
|
||
```bash | ||
# Details for the snapshot upload | ||
R2_ACCESS_KEY= | ||
R2_SECRET_KEY= | ||
R2_ENDPOINT= | ||
SNAPSHOT_BUCKET= | ||
|
||
# Details for the Slack notifications | ||
SLACK_API_TOKEN= | ||
SLACK_NOTIFICATION_CHANNEL= | ||
|
||
# Network chain - can be either `mainnet` or `calibnet` | ||
NETWORK_CHAIN= | ||
# Forest tag to use. `latest` is the newest stable version. | ||
# See [Forest packages](https://github.com/ChainSafe/forest/pkgs/container/forest) for more. | ||
FOREST_TAG= | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
#!/bin/bash | ||
|
||
set -euo pipefail | ||
|
||
# Assert that all required environment variables are set | ||
: "${R2_ACCESS_KEY:?}" | ||
: "${R2_SECRET_KEY:?}" | ||
: "${R2_ENDPOINT:?}" | ||
: "${SNAPSHOT_BUCKET:?}" | ||
: "${SLACK_API_TOKEN:?}" | ||
: "${SLACK_NOTIFICATION_CHANNEL:?}" | ||
: "${NETWORK_CHAIN:?}" | ||
: "${FOREST_TAG:?}" | ||
|
||
ruby daily_snapshot.rb "$NETWORK_CHAIN" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,5 @@ | ||
#!/bin/bash | ||
|
||
# shellcheck source=/dev/null | ||
source ~/.forest_env | ||
cd "$BASE_FOLDER" || exit | ||
flock -n /tmp/calibnet.lock -c "ruby daily_snapshot.rb calibnet >> logs/calibnet_log.txt 2>&1" | ||
cd "$HOME" || exit | ||
flock -n /tmp/calibnet.lock -c "docker run --privileged -v /var/run/docker.sock:/var/run/docker.sock --rm --env-file .forest_env -e NETWORK_CHAIN=calibnet ghcr.io/chainsafe/forest-snapshot-service:latest >> calibnet_log.txt 2>&1" |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,5 @@ | ||
#!/bin/bash | ||
|
||
# shellcheck source=/dev/null | ||
source ~/.forest_env | ||
cd "$BASE_FOLDER" || exit | ||
flock -n /tmp/mainnet.lock -c "ruby daily_snapshot.rb mainnet > mainnet_log.txt 2>&1" || exit | ||
cd "$HOME" || exit | ||
flock -n /tmp/mainnet.lock -c "docker run --privileged -v /var/run/docker.sock:/var/run/docker.sock --rm --env-file .forest_env -e NETWORK_CHAIN=mainnet ghcr.io/chainsafe/forest-snapshot-service:latest >> mainnet_log.txt 2>&1" |
Oops, something went wrong.