chore: add demonet deploy workflows (#509)

.github/workflows/demonet_deploy.yml

@@ -0,0 +1,66 @@
+name: Deploy Demonet
+
+on: workflow_dispatch
+
+jobs:
+  solver-build-deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          context: app
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: us-east-1
+
+      - name: Login to Amazon ECR
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v1
+        with:
+          mask-password: "true"
+
+      - name: Solver build, tag, and push image to Amazon ECR
+        id: build-image
+        env:
+          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
+          ECR_REPOSITORY_SOLVER: ${{ secrets.ECR_REPOSITORY_SOLVER }}
+        run: |
+          docker build \
+            -t $ECR_REPOSITORY_SOLVER \
+            -f ./docker/solver/Dockerfile \
+            --build-arg="expose_via=cloudflare" \
+            --build-arg="network=demonet" \
+            .
+          docker tag $ECR_REPOSITORY_SOLVER:latest $ECR_REGISTRY/$ECR_REPOSITORY_SOLVER:latest
+          docker push $ECR_REGISTRY/$ECR_REPOSITORY_SOLVER:latest
+
+      - name: Solver deploy to EC2 instance
+        uses: appleboy/ssh-action@master
+        env:
+          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
+          ECR_REPOSITORY_SOLVER: ${{ secrets.ECR_REPOSITORY_SOLVER }}
+          DEMONET_DOPPLER_TOKEN_SOLVER: ${{ secrets.DEMONET_DOPPLER_TOKEN_SOLVER }}
+        with:
+          host: ${{ secrets.DEMONET_EC2_HOST_SOLVER }}
+          username: ${{ secrets.DEMONET_EC2_USERNAME_SOLVER }}
+          key: ${{ secrets.DEMONET_EC2_PRIVATE_KEY_SOLVER }}
+          envs: ECR_REGISTRY, ECR_REPOSITORY_SOLVER, DEMONET_DOPPLER_TOKEN_SOLVER
+          script_stop: true
+          script: |
+            docker stop solver || true
+            docker rm solver || true
+            aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin $ECR_REGISTRY
+            docker system prune -af
+            docker pull $ECR_REGISTRY/$ECR_REPOSITORY_SOLVER:latest
+            docker run \
+              -d \
+              --restart always \
+              --name solver \
+              --log-opt max-size=100m \
+              -e DOPPLER_TOKEN=$DEMONET_DOPPLER_TOKEN_SOLVER \
+              $ECR_REGISTRY/$ECR_REPOSITORY_SOLVER:latest

.github/workflows/demonet_deploy_chain.yml

@@ -0,0 +1,72 @@
+name: Deploy Demonet chain
+
+on: workflow_dispatch
+
+jobs:
+  chain-build-deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          context: app
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: us-east-1
+
+      - name: Login to Amazon ECR
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v1
+        with:
+          mask-password: "true"
+
+      - name: Chain build, tag, and push image to Amazon ECR
+        id: build-image
+        env:
+          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
+          ECR_REPOSITORY_CHAIN: ${{ secrets.ECR_REPOSITORY_CHAIN }}
+          CLOUDFLARE_TOKEN_HTTP: ${{ secrets.DEMONET_CLOUDFLARE_TOKEN_HTTP }}
+          CLOUDFLARE_TOKEN_WS: ${{ secrets.DEMONET_CLOUDFLARE_TOKEN_WS }}
+          ADMIN_ADDRESS: ${{ secrets.DEMONET_ADMIN_ADDRESS }}
+        run: |
+          docker build \
+            -t $ECR_REPOSITORY_CHAIN \
+            -f ./docker/chain/Dockerfile \
+            --build-arg="admin_address=${ADMIN_ADDRESS}" \
+            --build-arg="expose_via=cloudflare" \
+            --build-arg="cloudflare_token_http=${CLOUDFLARE_TOKEN_HTTP}"\
+            --build-arg="cloudflare_token_ws=${CLOUDFLARE_TOKEN_WS}"\
+            --build-arg="network=demonet" \
+            --build-arg="chain_id=412347" \
+            .
+          docker tag $ECR_REPOSITORY_CHAIN:latest $ECR_REGISTRY/$ECR_REPOSITORY_CHAIN:latest
+          docker push $ECR_REGISTRY/$ECR_REPOSITORY_CHAIN:latest
+
+      - name: Chain deploy to EC2 instance
+        uses: appleboy/ssh-action@master
+        env:
+          ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
+          ECR_REPOSITORY_CHAIN: ${{ secrets.ECR_REPOSITORY_CHAIN }}
+        with:
+          host: ${{ secrets.DEMONET_EC2_HOST_CHAIN }}
+          username: ${{ secrets.DEMONET_EC2_USERNAME_CHAIN }}
+          key: ${{ secrets.DEMONET_EC2_PRIVATE_KEY_CHAIN }}
+          envs: ECR_REGISTRY, ECR_REPOSITORY_CHAIN
+          script_stop: true
+          script: |
+            docker stop chain || true
+            docker rm chain || true
+            aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin $ECR_REGISTRY
+            docker system prune -af
+            docker system prune --volumes -f
+            docker pull $ECR_REGISTRY/$ECR_REPOSITORY_CHAIN:latest
+            docker run \
+              -d \
+              --restart always \
+              --privileged \
+              --name chain \
+              $ECR_REGISTRY/$ECR_REPOSITORY_CHAIN:latest

.github/workflows/devnet_deploy_chain.yml

@@ -22,7 +22,7 @@ jobs:
         id: login-ecr
         uses: aws-actions/amazon-ecr-login@v1
         with:
-          mask-password: 'true'
+          mask-password: "true"
 
       - name: Chain build, tag, and push image to Amazon ECR
         id: build-image

docker/chain/Dockerfile

@@ -3,7 +3,8 @@ ARG arch=amd64
 
 FROM docker:24.0.5-dind AS base
 ARG admin_address="0xf39Fd6e51aad88F6F4ce6aB8827279cffFb92266"
-
+ARG network="devnet"
+ARG chain_id=412346
 
 RUN apk update
 RUN apk add bash
@@ -28,7 +29,7 @@ RUN echo "docker run -d --name devnet -p 0.0.0.0:8547:8547 -p 0.0.0.0:8548:8548
   "   --node.dangerous.no-l1-listener "\
   "   --node.parent-chain-reader.enable=false "\
   "   --parent-chain.id=1337 "\
-  "   --chain.id=412346 "\
+  "   --chain.id=${chain_id} "\
   "   --persistent.chain /tmp/dev-test "\
   "   --node.sequencer "\
   "   --execution.sequencer.enable "\
@@ -51,22 +52,20 @@ RUN echo "done" >> run
 
 RUN echo "cd hardhat" >> run
 RUN echo "npm install" >> run
-RUN echo "npx hardhat deploy --network devnet" >> run
-RUN echo "npx hardhat run scripts/fund-services-ether.ts  --network devnet" >> run
-RUN echo "npx hardhat run scripts/fund-services-tokens.ts  --network devnet " >> run
-RUN echo "npx hardhat run scripts/print-l2-config.ts  --network devnet" >> run
+RUN echo "npx hardhat deploy --network ${network}" >> run
+RUN echo "npx hardhat run scripts/fund-services-ether.ts  --network ${network}" >> run
+RUN echo "npx hardhat run scripts/fund-services-tokens.ts  --network ${network}" >> run
+RUN echo "npx hardhat run scripts/print-l2-config.ts  --network ${network}" >> run
 RUN echo "cd .." >> run
 RUN echo "./stack go-bindings" >> run
 
-
-
 FROM base AS expose-cloudflare
 ARG cloudflare_token_http="not-a-token"
 ARG cloudflare_token_ws="not-a-token"
 
 RUN wget https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64
-RUN echo "./cloudflared-linux-amd64 tunnel run --token $cloudflare_token_http  &" >> run
-RUN echo "./cloudflared-linux-amd64 tunnel run --token $cloudflare_token_ws &" >> run
+RUN echo "./cloudflared-linux-amd64 tunnel run --token ${cloudflare_token_http}  &" >> run
+RUN echo "./cloudflared-linux-amd64 tunnel run --token ${cloudflare_token_ws} &" >> run
 RUN chmod +x cloudflared-linux-amd64
 
 FROM base AS expose-local