Deploy to Devnet #321

Workflow file for this run

.github/workflows/deploy-to-devnet.yml at 787c391

	---
	name: Deploy to Devnet

	# This workflow performs automatic deployment of aleph-node to the Devnet environment
	# It does it from the scratch, ie it
	# 1) syncs the validators keys from S3,
	# 2) generates raw chainspec from the deployed aleph-node binary,
	# 3) restart nodes with cleaned db

	on:
	workflow_dispatch:
	schedule:
	- cron: '00 00 * * *'

	concurrency:
	group: ${{ github.ref }}-${{ github.workflow }}

	jobs:
	check-vars-and-secrets:
	name: Check vars and secrets
	uses: ./.github/workflows/_check-vars-and-secrets.yml
	secrets: inherit

	deploy-devnet:
	needs: [check-vars-and-secrets]
	name: Deploy new aleph-node image to EKS
	environment:
	name: devnet
	runs-on: ubuntu-20.04
	env:
	AWS_REGION: eu-central-1
	steps:
	- name: GIT \| Checkout
	uses: actions/checkout@v4

	- name: GIT \| Get branch info & current commit sha.
	id: vars
	shell: bash
	run: \|
	echo "sha_short=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v4
	with:
	aws-access-key-id: ${{ secrets.AWS_DEVNET_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_DEVNET_SECRET_ACCESS_KEY }}
	aws-region: ${{ env.AWS_REGION }}

	- name: GIT \| Checkout argocd apps repo
	uses: actions/checkout@v4
	with:
	repository: Cardinal-Cryptography/${{ secrets.REPO_ARGOCD_APPS_NAME }}
	token: ${{ secrets.CI_GH_TOKEN }}
	path: ${{ secrets.REPO_ARGOCD_APPS_NAME }}

	- name: Init kustomize
	uses: imranismail/setup-kustomize@v2
	with:
	kustomize-version: ${{ vars.KUSTOMIZE_VERSION }}

	- name: Setup kubectl
	uses: azure/setup-kubectl@v3.2
	with:
	version: 'v1.23.6'

	- name: Sync all validator's keystores from S3
	run: \|
	#!/bin/bash
	aws s3 cp s3://${{ secrets.DEVNET_KEYS_S3BUCKET_NAME }}/data data --recursive
	# rename validator paths
	declare -A \
	NAMES=([aleph-node-validator-0]=5D34dL5prEUaGNQtPPZ3yN5Y6BnkfXunKXXz6fo7ZJbLwRRH \
	[aleph-node-validator-1]=5GBNeWRhZc2jXu7D55rBimKYDk8PGk8itRYFTPfC8RJLKG5o \
	[aleph-node-validator-2]=5Dfis6XL8J2P6JHUnUtArnFWndn62SydeP8ee8sG2ky9nfm9 \
	[aleph-node-validator-3]=5F4H97f7nQovyrbiq4ZetaaviNwThSVcFobcA5aGab6167dK \
	[aleph-node-validator-4]=5DiDShBWa1fQx6gLzpf3SFBhMinCoyvHM1BWjPNsmXS8hkrW \
	[aleph-node-validator-5]=5EFb84yH9tpcFuiKUcsmdoF7xeeY3ajG1ZLQimxQoFt9HMKR \
	[aleph-node-validator-6]=5DZLHESsfGrJ5YzT3HuRPXsSNb589xQ4Unubh1mYLodzKdVY \
	[aleph-node-validator-7]=5GHJzqvG6tXnngCpG7B12qjUvbo5e4e9z8Xjidk3CQZHxTPZ \
	[aleph-node-validator-8]=5CUnSsgAyLND3bxxnfNhgWXSe9Wn676JzLpGLgyJv858qhoX \
	[aleph-node-validator-9]=5CVKn7HAZW1Ky4r7Vkgsr7VEW88C2sHgUNDiwHY9Ct2hjU8q)
	for NAME in "${!NAMES[@]}"; do
	mv -v data/$NAME data/${NAMES[$NAME]}
	done

	- name: Generate chainspec
	env:
	RELEASE_TAG: ${{ steps.vars.outputs.sha_short }}
	# yamllint disable rule:line-length
	run: \|
	#!/bin/bash
	aws s3 cp 's3://${{ secrets.DEVNET_KEYS_S3BUCKET_NAME }}/data' data --recursive

	# well-known accounts
	ALICE=5GrwvaEF5zXb26Fz9rcQpDWS57CtERHpNehXCPcNoHGKutQY
	BOB=5FHneW46xGXgs5mUiveU4sbTyGBzmstUspZC92UhjJM694ty
	CHARLIE=5FLSigC9HGRKVhB9FiEo4Y3koPsNmBmLJbpXg2mp1hXcS59Y
	EVE=5HGjWAeFDfFCWPsjFQdVV2Msvz2XtMktvgocEZcCj68kUMaw

	docker run -i -v $(pwd)/data:/data --env RUST_BACKTRACE=1 --entrypoint \
	'/usr/local/bin/aleph-node' '${{ vars.ECR_PUBLIC_REGISTRY }}aleph-node:${{ env.RELEASE_TAG }}' \
	bootstrap-chain --raw --base-path /data --chain-id a0dnet1 \
	--account-ids 5D34dL5prEUaGNQtPPZ3yN5Y6BnkfXunKXXz6fo7ZJbLwRRH,5GBNeWRhZc2jXu7D55rBimKYDk8PGk8itRYFTPfC8RJLKG5o,5Dfis6XL8J2P6JHUnUtArnFWndn62SydeP8ee8sG2ky9nfm9,5F4H97f7nQovyrbiq4ZetaaviNwThSVcFobcA5aGab6167dK,5DiDShBWa1fQx6gLzpf3SFBhMinCoyvHM1BWjPNsmXS8hkrW,5EFb84yH9tpcFuiKUcsmdoF7xeeY3ajG1ZLQimxQoFt9HMKR,5DZLHESsfGrJ5YzT3HuRPXsSNb589xQ4Unubh1mYLodzKdVY,5GHJzqvG6tXnngCpG7B12qjUvbo5e4e9z8Xjidk3CQZHxTPZ,5CUnSsgAyLND3bxxnfNhgWXSe9Wn676JzLpGLgyJv858qhoX,5CVKn7HAZW1Ky4r7Vkgsr7VEW88C2sHgUNDiwHY9Ct2hjU8q \
	--sudo-account-id 5F4SvwaUEQubiqkPF8YnRfcN77cLsT2DfG4vFeQmSXNjR7hD \
	--rich-account-ids $ALICE,$BOB,$CHARLIE,$EVE > chainspec.json
	aws s3 cp chainspec.json 's3://${{ secrets.DEVNET_KEYS_S3BUCKET_NAME }}/chainspec.json'
	# yamllint enable rule:line-length

	- name: Stop and purge db Devnet
	run: \|
	#!/bin/bash
	aws eks --region eu-central-1 update-kubeconfig --name alephzero-devnet-eu-central-1-eks

	kubectl delete sts aleph-node-validator -n devnet --ignore-not-found=true
	kubectl delete pvc -l app=aleph-node-validator -n devnet --ignore-not-found=true

	- name: Start Devnet
	# yamllint disable rule:line-length
	env:
	IMAGE_PLACEHOLDER: ${{ vars.ECR_PUBLIC_REGISTRY }}aleph-node:${{ steps.vars.outputs.sha_short }}
	run: \|
	#!/bin/bash
	cd '${{ secrets.REPO_ARGOCD_APPS_NAME }}/aleph-node-validators/overlays/devnet/eu-central-1'
	kustomize edit set image \
	'aleph-node-validator-image-placeholder=${{ env.IMAGE_PLACEHOLDER }}'
	kustomize build . \| kubectl apply -f -
	sleep 2
	kubectl rollout status --watch --timeout=3600s statefulset/aleph-node-validator -n devnet
	# yamllint enable rule:line-length

	- name: Waiting 5 minutes for validators to boot
	run: \|
	#!/bin/bash
	sleep 300

	- name: GIT \| Commit changes to argocd apps repository.
	uses: EndBug/add-and-commit@v9.1.3
	with:
	author_name: ${{ secrets.AUTOCOMMIT_AUTHOR }}
	author_email: ${{ secrets.AUTOCOMMIT_EMAIL }}
	message: "Update Devnet docker image tag to: ${{ steps.vars.outputs.sha_short }}"
	add: "*.yaml"
	cwd: ${{ secrets.REPO_ARGOCD_APPS_NAME }}

	slack:
	name: Slack notification
	runs-on: ubuntu-20.04
	needs: [deploy-devnet]
	if: always()
	steps:
	- name: Checkout repository
	uses: actions/checkout@v4

	- name: Send Slack message
	uses: ./.github/actions/slack-notification
	with:
	notify-on: "failure"
	env:
	SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_DEV_ONDUTY }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Deploy to Devnet #321

Workflow file

Deploy to Devnet #321

Jobs

Run details

Workflow file for this run