Skip to content

Commit 7a909c6

Browse files
authored
feat: merge-train/spartan (#20675)
BEGIN_COMMIT_OVERRIDE fix: flag stripping error (#20655) chore: encode LOG_LEVEL (#20678) chore: HA setup metrics (#20400) chore: (A-544) reimplement tx dropping for testing (#20651) chore(e2e): reload keystore with HA setup (#20685) feat: adding mempool transactions (#20679) feat: run low priority eviction rule on chain_pruned (#20687) feat(ci): add ci-network-bench label for spartan benchmarks (#20698) END_COMMIT_OVERRIDE
2 parents 15d2cb0 + f0ff0b1 commit 7a909c6

File tree

51 files changed

+1796
-446
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

51 files changed

+1796
-446
lines changed

.github/workflows/ci3.yml

Lines changed: 97 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -238,6 +238,103 @@ jobs:
238238
--data "$data"
239239
fi
240240
241+
# Spartan network benchmarks triggered on-demand from a PR label.
242+
# Runs TPS and proving benchmarks in parallel, uploads results to a PR-specific
243+
# path on the benchmark dashboard so nightly (bench/next) is never affected.
244+
# One-time use: label is removed after the job runs.
245+
ci-network-bench:
246+
name: ${{ matrix.bench_type }}
247+
runs-on: ubuntu-latest
248+
strategy:
249+
fail-fast: false
250+
matrix:
251+
include:
252+
- bench_type: benchmark
253+
ci3_cmd: network-bench
254+
scenario: tps-scenario
255+
namespace_suffix: bench
256+
download_cmd: gh-spartan-bench
257+
timeout: 300
258+
- bench_type: proving-benchmark
259+
ci3_cmd: network-proving-bench
260+
scenario: prove-n-tps-fake
261+
namespace_suffix: proving-bench
262+
download_cmd: gh-spartan-proving-bench
263+
timeout: 240
264+
needs: ci
265+
if: github.event.pull_request.head.repo.fork != true && github.event.pull_request.draft == false && contains(github.event.pull_request.labels.*.name, 'ci-network-bench') && (needs.ci.result == 'success' || needs.ci.result == 'skipped')
266+
steps:
267+
- name: Remove label (one-time use)
268+
env:
269+
GH_TOKEN: ${{ secrets.AZTEC_BOT_GITHUB_TOKEN }}
270+
run: gh pr edit ${{ github.event.pull_request.number }} --remove-label ci-network-bench --repo ${{ github.repository }} || true
271+
272+
- name: Checkout
273+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
274+
with:
275+
ref: ${{ github.event.pull_request.head.sha || github.sha }}
276+
277+
- name: Run Network Benchmarks
278+
timeout-minutes: ${{ matrix.timeout }}
279+
env:
280+
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
281+
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
282+
GITHUB_TOKEN: ${{ secrets.AZTEC_BOT_GITHUB_TOKEN }}
283+
BUILD_INSTANCE_SSH_KEY: ${{ secrets.BUILD_INSTANCE_SSH_KEY }}
284+
GCP_SA_KEY: ${{ secrets.GCP_SA_KEY }}
285+
GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }}
286+
# For pushing docker images built from the PR
287+
DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
288+
DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
289+
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
290+
RUN_ID: ${{ github.run_id }}
291+
AWS_SHUTDOWN_TIME: ${{ matrix.timeout }}
292+
NO_SPOT: 1
293+
run: |
294+
namespace=pr-${{ github.event.pull_request.number }}-${{ matrix.namespace_suffix }}
295+
echo "NAMESPACE=$namespace" >> $GITHUB_ENV
296+
set -x
297+
./.github/ci3.sh ${{ matrix.ci3_cmd }} ${{ matrix.scenario }} "$namespace"
298+
299+
- name: Cleanup network resources
300+
if: always()
301+
env:
302+
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
303+
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
304+
GITHUB_TOKEN: ${{ secrets.AZTEC_BOT_GITHUB_TOKEN }}
305+
BUILD_INSTANCE_SSH_KEY: ${{ secrets.BUILD_INSTANCE_SSH_KEY }}
306+
GCP_SA_KEY: ${{ secrets.GCP_SA_KEY }}
307+
GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT_ID }}
308+
NO_SPOT: 1
309+
run: ./.github/ci3.sh network-teardown ${{ matrix.scenario }} "${NAMESPACE}" || true
310+
311+
- name: Download benchmarks
312+
if: always()
313+
env:
314+
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
315+
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
316+
run: |
317+
if ./ci.sh ${{ matrix.download_cmd }}; then
318+
echo "ENABLE_DEPLOY_BENCH=1" >> $GITHUB_ENV
319+
fi
320+
321+
- name: Upload benchmarks
322+
if: always() && env.ENABLE_DEPLOY_BENCH == '1'
323+
uses: benchmark-action/github-action-benchmark@4de1bed97a47495fc4c5404952da0499e31f5c29
324+
with:
325+
name: Spartan
326+
benchmark-data-dir-path: "bench/pr-${{ github.event.pull_request.number }}"
327+
tool: "customSmallerIsBetter"
328+
output-file-path: ./bench-out/bench.json
329+
gh-repository: github.com/AztecProtocol/benchmark-page-data
330+
github-token: ${{ secrets.AZTEC_BOT_GITHUB_TOKEN }}
331+
auto-push: true
332+
ref: ${{ github.event.pull_request.head.sha || github.sha }}
333+
alert-threshold: "120%"
334+
comment-on-alert: false
335+
fail-on-alert: false
336+
max-items-in-chart: 100
337+
241338
# KIND-based e2e tests that run on a local Kubernetes cluster.
242339
# One-time use: label is removed after the job runs.
243340
ci-network-kind:

docs/docs-operate/operators/reference/changelog/v4.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -119,13 +119,13 @@ The admin JSON-RPC endpoint now supports auto-generated API key authentication.
119119

120120
```bash
121121
--admin-api-key-hash <hex> ($AZTEC_ADMIN_API_KEY_HASH) # Use a pre-generated SHA-256 key hash
122-
--no-admin-api-key ($AZTEC_NO_ADMIN_API_KEY) # Disable auth entirely
122+
--disable-admin-api-key ($AZTEC_DISABLE_ADMIN_API_KEY) # Disable auth entirely
123123
--reset-admin-api-key ($AZTEC_RESET_ADMIN_API_KEY) # Force key regeneration
124124
```
125125

126-
**Helm charts**: Admin API key auth is disabled by default (`noAdminApiKey: true`). Set to `false` in production values to enable.
126+
**Helm charts**: Admin API key auth is disabled by default (`disableAdminApiKey: true`). Set to `false` in production values to enable.
127127

128-
**Migration**: No action required — auth is opt-out. To enable, ensure `--no-admin-api-key` is not set and note the key printed at startup.
128+
**Migration**: No action required — auth is opt-out. To enable, ensure `--disable-admin-api-key` is not set and note the key printed at startup.
129129

130130
### Transaction pool error codes for RPC callers
131131

release-image/bootstrap.sh

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -160,8 +160,12 @@ function push_pr {
160160
echo $DOCKERHUB_PASSWORD | docker login -u ${DOCKERHUB_USERNAME:-aztecprotocolci} --password-stdin
161161
docker tag aztecprotocol/aztec:$COMMIT_HASH aztecprotocol/aztecdev:$COMMIT_HASH
162162
do_or_dryrun docker push aztecprotocol/aztecdev:$COMMIT_HASH
163-
docker tag aztecprotocol/aztec-prover-agent:$COMMIT_HASH aztecprotocol/aztec-prover-agent-dev:$COMMIT_HASH
164-
do_or_dryrun docker push aztecprotocol/aztec-prover-agent-dev:$COMMIT_HASH
163+
# Best-effort: push prover-agent image if available.
164+
if docker tag aztecprotocol/aztec-prover-agent:$COMMIT_HASH aztecprotocol/aztec-prover-agent-dev:$COMMIT_HASH 2>/dev/null; then
165+
do_or_dryrun docker push aztecprotocol/aztec-prover-agent-dev:$COMMIT_HASH || echo "Warning: failed to push prover-agent-dev image, continuing."
166+
else
167+
echo "Warning: prover-agent image not found locally, skipping push."
168+
fi
165169
}
166170

167171
case "$cmd" in

spartan/aztec-node/templates/_pod-template.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -193,8 +193,8 @@ spec:
193193
{{- if .Values.node.adminApiKeyHash }}
194194
- name: AZTEC_ADMIN_API_KEY_HASH
195195
value: {{ .Values.node.adminApiKeyHash | quote }}
196-
{{- else if .Values.node.noAdminApiKey }}
197-
- name: AZTEC_NO_ADMIN_API_KEY
196+
{{- else if .Values.node.disableAdminApiKey }}
197+
- name: AZTEC_DISABLE_ADMIN_API_KEY
198198
value: "true"
199199
{{- end }}
200200
- name: LOG_LEVEL

spartan/aztec-node/values.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -106,7 +106,7 @@ node:
106106

107107
# -- Disable admin API key authentication.
108108
# Set to false in production to enable API key auth.
109-
noAdminApiKey: true
109+
disableAdminApiKey: true
110110

111111
# the address that will receive block or proof rewards
112112
coinbase:

spartan/aztec-validator/values.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ validator:
2626

2727
node:
2828
# Set to false in production to enable API key auth.
29-
noAdminApiKey: true
29+
disableAdminApiKey: true
3030
configMap:
3131
envEnabled: true
3232
secret:

spartan/environments/tps-scenario.env

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -78,7 +78,6 @@ PROVER_L1_PRIORITY_FEE_RETRY_BUMP_PERCENTAGE=0
7878

7979
# Enable latency mesaruement for p2p messages
8080
DEBUG_P2P_INSTRUMENT_MESSAGES=true
81-
P2P_DROP_TX=true
8281
P2P_DROP_TX_CHANCE=0.2
8382

8483
# Inject artificial delay of proof verification for all nodes

0 commit comments

Comments
 (0)