dummy operator deployments #71
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy holoclis to prod[mainnet] | |
| permissions: | |
| id-token: write | |
| contents: read # This is required for actions/checkout@v2 | |
| env: | |
| AWS_REGION: us-west-2 | |
| IAM_ROLE: arn:aws:iam::177635894328:role/Github_role_to_access_ECR | |
| ECR_REPOSITORY: holo-cli # notice: the same for all cli apps | |
| # | |
| IMAGE_TAG: mainnet-${{ github.sha }} | |
| # | |
| CLUSTER_NAME: prod0 | |
| # | |
| AWS_KEY_ID: ${{ secrets.PROD0_CICD_USER_AWS_ACCESS_KEY_ID }} | |
| AWS_ACCESS_KEY: ${{ secrets.PROD0_CICD_USER_AWS_SECRET_ACCESS_KEY }} | |
| # | |
| # MAINNET_HOLOGRAPH_INDEXER_HOST: 'http://blondie-holo-api.mainnet.svc.cluster.local:443' | |
| # MAINNET_HOLOGRAPH_OPERATOR_HOST: 'http://blondie-holo-api.mainnet.svc.cluster.local:443' | |
| # | |
| MAINNET_HOLO_INDEXER_PASSWORD: ${{ secrets.MAINNET_HOLO_INDEXER_PASSWORD }} | |
| MAINNET_HOLO_OPERATOR_PASSWORD: ${{ secrets.MAINNET_HOLO_OPERATOR_PASSWORD }} | |
| V2_MAINNET_HOLO_OPERATOR_PASSWORD: ${{ secrets.V2_MAINNET_HOLO_OPERATOR_PASSWORD }} | |
| # | |
| # set the RPC endpoints config files | |
| INDEXER_HOLO_CONFIG_FILE_DATA: mainnet-config-file | |
| OPERATOR_HOLO_CONFIG_FILE_DATA: mainnet-config-file | |
| # | |
| HOLOGRAPH_ENVIRONMENT: mainnet | |
| HOLOGRAPH_ADDRESS: ${{ secrets.MAINNET_HOLOGRAPH_ADDRESS }} | |
| BLOCK_PROCESSING_VERSION: 'V2' | |
| # | |
| MAINNET_DOMAIN: 'holograph.xyz' # needed only for the health checks | |
| # | |
| # MAINNET_COMMON_NAMESPACE: 'mainnet' | |
| MAINNET_COMMON_NAMESPACE_V2: 'mainnet-cli-dummies' | |
| ####################################### | |
| # MAINNET_HOLO_INDEXER_HELM_CHART_VERSION: 0.1.85 | |
| # INDEXER_RELEASE_NAME: 'blondie-indexer-mainnet' # format -> [release_name]-indexer-[env] | |
| # INDEXER_RELEASE_NAME_V2: 'blondie-indexer-mainnet-v2' | |
| # | |
| MAINNET_HOLO_OPERATOR_HELM_CHART_VERSION: 0.1.16 | |
| # OPERATOR_RELEASE_NAME: 'blondie-operator-mainnet' # format -> [release_name]-operator-[env] | |
| # OPERATOR_RELEASE_NAME_V2: 'blondie-operator-mainnet-v2' | |
| OPERATOR_RELEASE_NAME_V2: 'apozo-oper' | |
| ####################################### | |
| # notice: the trigger | |
| on: | |
| push: | |
| branches: | |
| - 'feat/dummy-mainnet-operators' | |
| # Excluded branches | |
| - '!develop' | |
| - '!main' | |
| - '!master' | |
| # notice: the trigger | |
| #on: | |
| # pull_request: | |
| # branches: | |
| # - 'mainnet' | |
| # types: [closed] | |
| jobs: | |
| deploy-to-prod-mainnet: | |
| # if: github.event.pull_request.merged == true # so no workflow runs when some PR is just closed without being merged | |
| name: Deploy-to-prod[mainnet] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Use Githubs federated identity with AWS | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| role-to-assume: ${{ env.IAM_ROLE }} | |
| aws-region: ${{ env.AWS_REGION }} | |
| - name: Get secrets from AWS Secrets Manager | |
| uses: aws-actions/aws-secretsmanager-get-secrets@v1 | |
| with: | |
| aws-region: ${{ env.AWS_REGION }} | |
| secret-ids: | | |
| MAINNET_INDEXER_V1 | |
| MAINNET_OPERATOR_V1 | |
| MAINNET_INDEXER_V2 | |
| MAINNET_OPERATOR_V2 | |
| COMMON | |
| parse-json-secrets: true # to be able to get the json k/v pairs | |
| - name: Login to ECR | |
| id: login-ecr | |
| uses: aws-actions/amazon-ecr-login@v1 | |
| - name: Checkout the code | |
| uses: actions/checkout@v2 | |
| # This is a separate action that sets up buildx runner | |
| - name: Set up Docker Buildx | |
| id: buildx | |
| uses: docker/setup-buildx-action@v2 | |
| # So now you can use Actions' own caching! | |
| - name: Cache Docker layers | |
| uses: actions/cache@v2 | |
| with: | |
| path: /tmp/.buildx-cache | |
| key: ${{ runner.os }}-single-buildx-${{ github.sha }} | |
| restore-keys: | | |
| ${{ runner.os }}-single-buildx | |
| # And make it available for builds | |
| - name: Build image | |
| uses: docker/build-push-action@v2 | |
| with: | |
| context: . | |
| builder: ${{ steps.buildx.outputs.name }} | |
| file: Dockerfile | |
| build-args: AWS_ECR_URL=${{ steps.login-ecr.outputs.registry }} | |
| platforms: linux/amd64 | |
| tags: ${{ steps.login-ecr.outputs.registry }}/${{ env.ECR_REPOSITORY }}:${{ env.IMAGE_TAG }} | |
| cache-from: type=local,src=/tmp/.buildx-cache | |
| cache-to: type=local,dest=/tmp/.buildx-cache-new | |
| push: true # set false to deactivate the push to ECR | |
| # This ugly bit is necessary if you don't want your cache to grow forever until it hits GitHub's limit of 5GB. | |
| # https://github.com/docker/build-push-action/issues/252 & https://github.com/moby/buildkit/issues/1896 | |
| - name: Move cache | |
| run: | | |
| rm -rf /tmp/.buildx-cache | |
| mv /tmp/.buildx-cache-new /tmp/.buildx-cache | |
| - name: Configure AWS creds to access EKS | |
| # TIP: the deployment user must be in the masters group in the aws-auth config map in the cluster | |
| uses: aws-actions/configure-aws-credentials@v1 | |
| with: | |
| aws-access-key-id: ${{ env.AWS_KEY_ID }} #notice: unique for each env | |
| aws-secret-access-key: ${{ env.AWS_ACCESS_KEY }} #notice: unique for each env | |
| aws-region: ${{ env.AWS_REGION }} | |
| # NOTICE: --- OPERATOR --- | |
| - name: Pull the holograph-operator helm chart version x.x.x from ECR | |
| shell: bash | |
| env: | |
| # | |
| CHART_REPO: holo-operator | |
| CHART_VERSION: ${{ env.MAINNET_HOLO_OPERATOR_HELM_CHART_VERSION }} | |
| # | |
| ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} | |
| run: | | |
| helm pull oci://$ECR_REGISTRY/$CHART_REPO --version $CHART_VERSION | |
| helm pull --untar oci://$ECR_REGISTRY/$CHART_REPO --version $CHART_VERSION | |
| - name: -> V2 -- Deploy OPERATOR cli in MAINNET [namespace -> ${{ env.MAINNET_COMMON_NAMESPACE_V2 }}] | |
| uses: tensor-hq/eksctl-helm-action@main | |
| env: | |
| RELEASE_NAME: ${{ env.OPERATOR_RELEASE_NAME_V2 }} # notice | |
| HOLOGRAPH_VERSION: "V2" | |
| # | |
| ENABLE_DEBUG: 'true' | |
| ENABLE_SYNC: 'true' | |
| HEALTHCHECK: 'true' | |
| MODE: 'auto' | |
| ENABLE_UNSAFE: 'true' | |
| ENABLE_PROCESS_BLOCK_RANGE: 'true' # undefined/true | |
| UPDATE_BLOCK_HEIGHT: 'api' # api/file/disable | |
| # | |
| ENABLE_PROCESS_BLOCK_RANGE_arbitrum: 'true' # undefined/true | |
| ENABLE_PROCESS_BLOCK_RANGE_optimism: 'true' | |
| ENABLE_PROCESS_BLOCK_RANGE_binance: 'true' | |
| ENABLE_PROCESS_BLOCK_RANGE_mantle: 'true' | |
| ENABLE_PROCESS_BLOCK_RANGE_zora: 'true' | |
| ENABLE_PROCESS_BLOCK_RANGE_avalanche: 'true' | |
| ENABLE_PROCESS_BLOCK_RANGE_ethereum: 'true' | |
| ENABLE_PROCESS_BLOCK_RANGE_polygon: 'true' | |
| ENABLE_PROCESS_BLOCK_RANGE_base: 'true' | |
| ENABLE_PROCESS_BLOCK_RANGE_linea: 'true' | |
| # | |
| AVALANCHE_NETWORK: 'avalanche' | |
| POLYGON_NETWORK: '{polygon}' | |
| BINANCE_NETWORK: 'binanceSmartChain' | |
| MANTLE_NETWORK: '{mantle}' | |
| ETHEREUM_NETWORK: '{eth}' | |
| OPTIMISM_NETWORK: '{optimism}' | |
| ARBITRUM_NETWORK: '{arbitrumOne}' | |
| ZORA_NETWORK: '{zora}' | |
| BASE_NETWORK: '{base}' | |
| LINEA_NETWORK: '{linea}' | |
| with: | |
| eks_cluster: ${{ env.CLUSTER_NAME }} | |
| command: |- | |
| helm upgrade --install $RELEASE_NAME \ | |
| holo-operator-${{ env.MAINNET_HOLO_OPERATOR_HELM_CHART_VERSION }}.tgz \ | |
| -n ${{ env.MAINNET_COMMON_NAMESPACE_V2 }} \ | |
| \ | |
| --set HOLO_CLI_CMD=terminator \ | |
| \ | |
| --set dummy_deployment_namespace=mainnet-cli-dummies \ | |
| \ | |
| --set image.repository=${{ env.ECR_REPOSITORY }} \ | |
| --set image.image_tag=${{ env.IMAGE_TAG }} \ | |
| --set config_file_data=${{ env.OPERATOR_HOLO_CONFIG_FILE_DATA }} \ | |
| --set holo_operator_password=${{ env.V2_MAINNET_HOLO_OPERATOR_PASSWORD }} \ | |
| --set HOLO_OPERATOR_HOST=$MAINNET_OPERATOR_V2_HOLO_OPERATOR_HOST \ | |
| --set OPERATOR_API_KEY=$MAINNET_OPERATOR_V2_OPERATOR_API_KEY \ | |
| --set HOLOGRAPH_ENVIRONMENT=${{ env.HOLOGRAPH_ENVIRONMENT }} \ | |
| --set HOLOGRAPH_ADDRESS=${{ env.HOLOGRAPH_ADDRESS }} \ | |
| --set HOLOGRAPH_VERSION=${{ env.HOLOGRAPH_VERSION }} \ | |
| \ | |
| --set ENABLE_DEBUG=$ENABLE_DEBUG \ | |
| --set ENABLE_SYNC=$ENABLE_SYNC \ | |
| --set HEALTHCHECK=$HEALTHCHECK \ | |
| --set MODE=$MODE \ | |
| --set ENABLE_UNSAFE="${ENABLE_UNSAFE}" \ | |
| --set UPDATE_BLOCK_HEIGHT=$UPDATE_BLOCK_HEIGHT \ | |
| \ | |
| --set ENABLE_PROCESS_BLOCK_RANGE.arbitrum=$ENABLE_PROCESS_BLOCK_RANGE_arbitrum \ | |
| --set ENABLE_PROCESS_BLOCK_RANGE.binance=$ENABLE_PROCESS_BLOCK_RANGE_binance \ | |
| --set ENABLE_PROCESS_BLOCK_RANGE.avalanche=$ENABLE_PROCESS_BLOCK_RANGE_avalanche \ | |
| --set ENABLE_PROCESS_BLOCK_RANGE.optimism=$ENABLE_PROCESS_BLOCK_RANGE_optimism \ | |
| --set ENABLE_PROCESS_BLOCK_RANGE.ethereum=$ENABLE_PROCESS_BLOCK_RANGE_ethereum \ | |
| --set ENABLE_PROCESS_BLOCK_RANGE.polygon=$ENABLE_PROCESS_BLOCK_RANGE_polygon \ | |
| --set ENABLE_PROCESS_BLOCK_RANGE.mantle=$ENABLE_PROCESS_BLOCK_RANGE_mantle \ | |
| --set ENABLE_PROCESS_BLOCK_RANGE.zora=$ENABLE_PROCESS_BLOCK_RANGE_zora \ | |
| --set ENABLE_PROCESS_BLOCK_RANGE.base=$ENABLE_PROCESS_BLOCK_RANGE_base \ | |
| --set ENABLE_PROCESS_BLOCK_RANGE.linea=$ENABLE_PROCESS_BLOCK_RANGE_linea \ | |
| \ | |
| --set AVALANCHE_NETWORK="${AVALANCHE_NETWORK}" \ | |
| --set POLYGON_NETWORK="${POLYGON_NETWORK}" \ | |
| --set BINANCE_NETWORK="${BINANCE_NETWORK}" \ | |
| --set MANTLE_NETWORK="${MANTLE_NETWORK}" \ | |
| --set ETHEREUM_NETWORK="${ETHEREUM_NETWORK}" \ | |
| --set OPTIMISM_NETWORK="${OPTIMISM_NETWORK}" \ | |
| --set ARBITRUM_NETWORK="${ARBITRUM_NETWORK}" \ | |
| --set ZORA_NETWORK="${ZORA_NETWORK}" \ | |
| --set BASE_NETWORK="${BASE_NETWORK}" \ | |
| --set LINEA_NETWORK="${LINEA_NETWORK}" \ | |
| \ | |
| --set mainnet_rpc_config_values.avalanche_rpc_url=$MAINNET_OPERATOR_V2_AVALANCHE_RPC_URL \ | |
| --set mainnet_rpc_config_values.polygon_rpc_url=$MAINNET_OPERATOR_V2_POLYGON_RPC_URL \ | |
| --set mainnet_rpc_config_values.binance_rpc_url=$MAINNET_OPERATOR_V2_BINANCE_SMART_CHAIN_RPC_URL \ | |
| --set mainnet_rpc_config_values.mantle_rpc_url=$MAINNET_OPERATOR_V2_MANTLE_RPC_URL \ | |
| --set mainnet_rpc_config_values.ethereum_rpc_url=$MAINNET_OPERATOR_V2_ETHEREUM_RPC_URL \ | |
| --set mainnet_rpc_config_values.optimism_rpc_url=$MAINNET_OPERATOR_V2_OPTIMISM_RPC_URL \ | |
| --set mainnet_rpc_config_values.arbitrum_rpc_url=$MAINNET_OPERATOR_V2_ARBITRUM_ONE_RPC_URL \ | |
| --set mainnet_rpc_config_values.zora_rpc_url=$MAINNET_OPERATOR_V2_ZORA_RPC_URL \ | |
| --set mainnet_rpc_config_values.base_rpc_url=$MAINNET_OPERATOR_V2_BASE_RPC_URL \ | |
| --set mainnet_rpc_config_values.linea_rpc_url=$MAINNET_OPERATOR_V2_LINEA_RPC_URL \ | |
| \ | |
| --set mainnet_rpc_config_values.private_key=$MAINNET_OPERATOR_V2_PRIVATE_KEY \ | |
| --set mainnet_rpc_config_values.address=$MAINNET_OPERATOR_V2_MAINNET_V2_WALLET_ADDRESS \ | |
| \ | |
| --set autoscaling.enabled=false \ | |
| --set replicaCountAvalanche=0 \ | |
| --set replicaCountPolygon=0 \ | |
| --set replicaCountBinance=0 \ | |
| --set replicaCountMantle=0 \ | |
| --set replicaCountEthereum=0 \ | |
| --set replicaCountArbitrum=0 \ | |
| --set replicaCountOptimism=0 \ | |
| --set replicaCountBase=0 \ | |
| --set replicaCountLinea=0 \ | |
| --set replicaCountZora=0 \ | |
| \ | |
| --set datadog_tags.env=${{ env.CLUSTER_NAME }} \ | |
| --set datadog_tags.service=$RELEASE_NAME \ | |
| --set datadog_tags.version=$RELEASE_NAME-${{ env.MAINNET_HOLO_OPERATOR_HELM_CHART_VERSION }} \ | |
| \ | |
| --values ./holo-operator/values-v2-mainnet-iv.yaml | |