diff --git a/.github/workflows/deploy-eth-devnet.yml b/.github/workflows/deploy-eth-devnet.yml index 35627ca29f9b..72bfe8588f59 100644 --- a/.github/workflows/deploy-eth-devnet.yml +++ b/.github/workflows/deploy-eth-devnet.yml @@ -59,6 +59,11 @@ on: required: false type: string default: "false" + mnemonic: + description: The mnemonic to use for the eth devnet + required: false + type: string + default: "test test test test test test test test test test test junk" secrets: GCP_SA_KEY: description: The JSON key for the GCP service account @@ -66,6 +71,19 @@ on: KUBECONFIG_B64: description: The base64 encoded kubeconfig required: true + outputs: + rpc_url: + description: The RPC URL for the eth devnet + value: ${{ jobs.deploy_eth_devnet.outputs.rpc_url }} + ws_url: + description: The WebSocket URL for the eth devnet + value: ${{ jobs.deploy_eth_devnet.outputs.ws_url }} + beacon_url: + description: The Beacon URL for the eth devnet + value: ${{ jobs.deploy_eth_devnet.outputs.beacon_url }} + chain_id: + description: The chain ID for the eth devnet + value: ${{ jobs.deploy_eth_devnet.outputs.chain_id }} workflow_dispatch: inputs: @@ -114,10 +132,20 @@ on: required: false type: string default: "false" + mnemonic: + description: The mnemonic to use for the eth devnet + required: false + type: string + default: "test test test test test test test test test test test junk" jobs: deploy_eth_devnet: runs-on: ubuntu-latest + outputs: + rpc_url: ${{ steps.get-eth-devnet-results.outputs.rpc_url }} + ws_url: ${{ steps.get-eth-devnet-results.outputs.ws_url }} + beacon_url: ${{ steps.get-eth-devnet-results.outputs.beacon_url }} + chain_id: ${{ steps.get-eth-devnet-results.outputs.chain_id }} env: TF_STATE_BUCKET: aztec-terraform REGION: us-west1-a @@ -131,6 +159,11 @@ jobs: TF_VAR_RESOURCE_PROFILE: ${{ inputs.resource_profile || 'prod' }} steps: + - name: Mask the mnemonic + id: mask-mnemonic + run: | + echo "::add-mask::${{ inputs.mnemonic }}" + - name: Debug inputs run: | echo "cluster: ${{ inputs.cluster }}" @@ -179,3 +212,27 @@ jobs: working-directory: ./spartan/terraform/deploy-eth-devnet run: | terraform apply tfplan + + - name: Get eth devnet deployment results + id: get-eth-devnet-results + working-directory: ./spartan/terraform/deploy-eth-devnet + + run: | + echo "=== Eth Devnet Deployment Results ===" + + # Get outputs from the eth-devnet deployment + RPC_URL=$(terraform output -raw eth_execution_rpc_url) + WS_URL=$(terraform output -raw eth_execution_ws_url) + BEACON_URL=$(terraform output -raw eth_beacon_api_url) + CHAIN_ID=$(terraform output -raw chain_id) + + echo "RPC_URL: $RPC_URL" + echo "WS_URL: $WS_URL" + echo "BEACON_URL: $BEACON_URL" + echo "CHAIN_ID: $CHAIN_ID" + + # Export as outputs for other steps + echo "rpc_url=$RPC_URL" >> $GITHUB_OUTPUT + echo "ws_url=$WS_URL" >> $GITHUB_OUTPUT + echo "beacon_url=$BEACON_URL" >> $GITHUB_OUTPUT + echo "chain_id=$CHAIN_ID" >> $GITHUB_OUTPUT diff --git a/.github/workflows/deploy-scenario-network.yml b/.github/workflows/deploy-scenario-network.yml new file mode 100644 index 000000000000..3ee75d0b737a --- /dev/null +++ b/.github/workflows/deploy-scenario-network.yml @@ -0,0 +1,140 @@ +name: Deploy Scenario Network + +on: + workflow_call: + inputs: + cluster: + description: The cluster to deploy to, e.g. aztec-gke-private or kind + required: true + type: string + namespace: + description: The namespace to deploy to + required: true + type: string + ref: + description: The branch name to deploy from + required: true + type: string + default: "next" + aztec_docker_image: + description: The Docker image to use for the Aztec contracts + required: true + type: string + default: "aztecprotocol/aztec:8ebe8d7c45190b002c77e29358f2b307a23b5336" + devnet_mnemonic: + description: The mnemonic to use for the devnet + required: true + type: string + default: "test test test test test test test test test test test junk" + rollup_deployment_mnemonic: + description: The mnemonic to use for the rollup deployment + required: true + type: string + default: "test test test test test test test test test test test junk" + secrets: + GCP_SA_KEY: + description: The JSON key for the GCP service account + required: true + KUBECONFIG_B64: + description: The base64 encoded kubeconfig + required: true + + workflow_dispatch: + inputs: + cluster: + description: The cluster to deploy to, e.g. aztec-gke-private or kind + required: true + type: string + default: "kind" + namespace: + description: The namespace to deploy to + required: true + type: string + default: "eth-devnet" + ref: + description: The branch name to deploy from. + required: true + type: string + default: "next" + aztec_docker_image: + description: The Docker image to use for the Aztec contracts + required: true + type: string + default: "aztecprotocol/aztec:8ebe8d7c45190b002c77e29358f2b307a23b5336" + devnet_mnemonic: + description: The mnemonic to use for the devnet + required: true + type: string + default: "test test test test test test test test test test test junk" + rollup_deployment_mnemonic: + description: The mnemonic to use for the rollup deployment + required: true + type: string + default: "test test test test test test test test test test test junk" + +jobs: + # First job: Deploy the Eth Devnet + scenario_dispatch_deploy_eth_devnet: + uses: ./.github/workflows/deploy-eth-devnet.yml + with: + cluster: ${{ inputs.cluster }} + namespace: ${{ inputs.namespace }} + ref: ${{ inputs.ref }} + # Prefilled values for scenario network + chain_id: 1337 + block_time: 4 # Faster block time for scenario testing + gas_limit: "32000000" # Higher gas limit for complex scenarios + resource_profile: ${{ inputs.cluster == 'kind' && 'dev' || 'prod' }} + create_static_ips: ${{ inputs.cluster == 'kind' && 'false' || 'true' }} + run_terraform_destroy: "false" + mnemonic: ${{ inputs.devnet_mnemonic }} + secrets: + GCP_SA_KEY: ${{ secrets.GCP_SA_KEY }} + KUBECONFIG_B64: ${{ secrets.KUBECONFIG_B64 }} + + scenario_dispatch_deploy_rollup_contracts: + needs: scenario_dispatch_deploy_eth_devnet + uses: ./.github/workflows/deploy-rollup-contracts.yml + with: + cluster: ${{ inputs.cluster }} + namespace: ${{ inputs.namespace }} + ref: ${{ inputs.ref }} + l1_rpc_urls: ${{ needs.scenario_dispatch_deploy_eth_devnet.outputs.rpc_url }} + l1_chain_id: ${{ needs.scenario_dispatch_deploy_eth_devnet.outputs.chain_id }} + aztec_docker_image: ${{ inputs.aztec_docker_image }} + mnemonic: ${{ inputs.rollup_deployment_mnemonic }} + salt: "456" + # indices 1,2,3,4 on the junk mnemonic + validators: "0x70997970C51812dc3A010C7d01b50e0d17dc79C8,0x3C44CdDdB6a900fa2b585dd299e03d12FA4293BC,0x90F79bf6EB2c4f870365E785982E1f101E93b906,0x15d34AAf54267DB7D7c367839AAf71A00a2C6A65" + sponsored_fpc: true + real_verifier: true + # Aztec environment variables + aztec_slot_duration: 12 + aztec_epoch_duration: 32 + aztec_target_committee_size: 4 + aztec_proof_submission_epochs: 1 + aztec_activation_threshold: 100 + aztec_ejection_threshold: 50 + aztec_slashing_quorum: 6 + aztec_slashing_round_size: 10 + aztec_governance_proposer_quorum: 6 + aztec_governance_proposer_round_size: 10 + aztec_mana_target: 1000000 + aztec_proving_cost_per_mana: 100 + secrets: + GCP_SA_KEY: ${{ secrets.GCP_SA_KEY }} + KUBECONFIG_B64: ${{ secrets.KUBECONFIG_B64 }} + + deploy_scenario_network: + needs: scenario_dispatch_deploy_rollup_contracts + runs-on: ubuntu-latest + env: + TF_STATE_BUCKET: aztec-terraform + REGION: us-west1-a + # Common Terraform variables as environment variables + TF_VAR_NAMESPACE: ${{ inputs.namespace || 'eth-devnet' }} + + steps: + - name: Deploy scenario network + run: | + echo "Deployed scenario network!" diff --git a/spartan/terraform/deploy-eth-devnet/main.tf b/spartan/terraform/deploy-eth-devnet/main.tf index b036bf5e0368..1139401e91be 100644 --- a/spartan/terraform/deploy-eth-devnet/main.tf +++ b/spartan/terraform/deploy-eth-devnet/main.tf @@ -40,10 +40,7 @@ provider "helm" { } } -# Get mnemonic from Google Secret Manager -data "google_secret_manager_secret_version" "mnemonic_latest" { - secret = var.MNEMONIC_SECRET_NAME -} + # Static IP addresses for eth-devnet services resource "google_compute_address" "eth_execution_ip" { @@ -76,18 +73,19 @@ resource "null_resource" "generate_genesis" { chain_id = var.CHAIN_ID block_time = var.BLOCK_TIME gas_limit = var.GAS_LIMIT - mnemonic = data.google_secret_manager_secret_version.mnemonic_latest.secret_data + mnemonic = var.MNEMONIC } provisioner "local-exec" { command = <<-EOT cd ../../eth-devnet + rm -rf out/ tmp/ # Set environment variables for genesis generation export CHAIN_ID=${var.CHAIN_ID} export BLOCK_TIME=${var.BLOCK_TIME} export GAS_LIMIT="${var.GAS_LIMIT}" - export MNEMONIC="${data.google_secret_manager_secret_version.mnemonic_latest.secret_data}" + export MNEMONIC="${var.MNEMONIC}" export PREFUNDED_MNEMONIC_INDICES="${var.PREFUNDED_MNEMONIC_INDICES}" # Use a custom directory for Foundry installation to avoid permission issues @@ -126,7 +124,7 @@ resource "helm_release" "eth_devnet" { set { name = "ethereum.validator.mnemonic" - value = data.google_secret_manager_secret_version.mnemonic_latest.secret_data + value = var.MNEMONIC } @@ -151,3 +149,26 @@ resource "helm_release" "eth_devnet" { wait_for_jobs = false } +data "kubernetes_service" "eth_execution" { + count = var.CREATE_STATIC_IPS ? 0 : 1 + provider = kubernetes.gke-cluster + + metadata { + name = "${var.RELEASE_PREFIX}-eth-execution" + namespace = var.NAMESPACE + } + + depends_on = [helm_release.eth_devnet] +} + +data "kubernetes_service" "eth_beacon" { + count = var.CREATE_STATIC_IPS ? 0 : 1 + provider = kubernetes.gke-cluster + + metadata { + name = "${var.RELEASE_PREFIX}-eth-beacon" + namespace = var.NAMESPACE + } + + depends_on = [helm_release.eth_devnet] +} diff --git a/spartan/terraform/deploy-eth-devnet/outputs.tf b/spartan/terraform/deploy-eth-devnet/outputs.tf index 4f50de34a5e7..f8fe04fe0e00 100644 --- a/spartan/terraform/deploy-eth-devnet/outputs.tf +++ b/spartan/terraform/deploy-eth-devnet/outputs.tf @@ -1,26 +1,26 @@ output "eth_execution_ip" { - description = "Static IP address for Ethereum execution client" - value = var.CREATE_STATIC_IPS ? google_compute_address.eth_execution_ip[0].address : null + description = "IP address for Ethereum execution client (Static IP or Cluster IP)" + value = var.CREATE_STATIC_IPS ? google_compute_address.eth_execution_ip[0].address : data.kubernetes_service.eth_execution[0].spec[0].cluster_ip } output "eth_beacon_ip" { - description = "Static IP address for Ethereum beacon client" - value = var.CREATE_STATIC_IPS ? google_compute_address.eth_beacon_ip[0].address : null + description = "IP address for Ethereum beacon client (Static IP or Cluster IP)" + value = var.CREATE_STATIC_IPS ? google_compute_address.eth_beacon_ip[0].address : data.kubernetes_service.eth_beacon[0].spec[0].cluster_ip } output "eth_execution_rpc_url" { description = "Ethereum execution RPC URL" - value = var.CREATE_STATIC_IPS ? "http://${google_compute_address.eth_execution_ip[0].address}:8545" : null + value = var.CREATE_STATIC_IPS ? "http://${google_compute_address.eth_execution_ip[0].address}:8545" : "http://${data.kubernetes_service.eth_execution[0].spec[0].cluster_ip}:8545" } output "eth_execution_ws_url" { description = "Ethereum execution WebSocket URL" - value = var.CREATE_STATIC_IPS ? "ws://${google_compute_address.eth_execution_ip[0].address}:8546" : null + value = var.CREATE_STATIC_IPS ? "ws://${google_compute_address.eth_execution_ip[0].address}:8546" : "ws://${data.kubernetes_service.eth_execution[0].spec[0].cluster_ip}:8546" } output "eth_beacon_api_url" { description = "Ethereum beacon API URL" - value = var.CREATE_STATIC_IPS ? "http://${google_compute_address.eth_beacon_ip[0].address}:5052" : null + value = var.CREATE_STATIC_IPS ? "http://${google_compute_address.eth_beacon_ip[0].address}:5052" : "http://${data.kubernetes_service.eth_beacon[0].spec[0].cluster_ip}:5052" } output "chain_id" { diff --git a/spartan/terraform/deploy-eth-devnet/variables.tf b/spartan/terraform/deploy-eth-devnet/variables.tf index 71bd8c5c1b3a..bb774cf00a44 100644 --- a/spartan/terraform/deploy-eth-devnet/variables.tf +++ b/spartan/terraform/deploy-eth-devnet/variables.tf @@ -34,6 +34,12 @@ variable "ETH_DEVNET_VALUES" { default = "eth-devnet.yaml" } +variable "MNEMONIC" { + description = "The mnemonic to use for the eth devnet" + type = string + default = "test test test test test test test test test test test junk" + sensitive = true +} variable "CREATE_STATIC_IPS" { diff --git a/spartan/terraform/deploy-rollup-contracts/main.tf b/spartan/terraform/deploy-rollup-contracts/main.tf index 92cd212c14cb..f9ed1a36677e 100644 --- a/spartan/terraform/deploy-rollup-contracts/main.tf +++ b/spartan/terraform/deploy-rollup-contracts/main.tf @@ -31,7 +31,7 @@ locals { ["--l1-rpc-urls", var.L1_RPC_URLS], ["--mnemonic", var.MNEMONIC], ["--l1-chain-id", tostring(var.L1_CHAIN_ID)], - # ["--validators", var.VALIDATORS], + ["--validators", var.VALIDATORS], ["--json"], # Always output JSON for easier parsing var.SALT != null ? ["--salt", tostring(var.SALT)] : [], var.SPONSORED_FPC ? ["--sponsored-fpc"] : [],