Skip to content
This repository has been archived by the owner on Dec 5, 2021. It is now read-only.

WIP: Inomurko/vault integration #188

Open
wants to merge 348 commits into
base: develop
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from 250 commits
Commits
Show all changes
348 commits
Select commit Hold shift + click to select a range
87de994
helper scripts to test with local registry
cypherhat Mar 30, 2020
a5c6027
add image config to k8s terraform and update consul post-install hooks
callensm Mar 30, 2020
9c82bee
Merge branch 'core-infra' of github.com:omisego/immutability-eth-plug…
callensm Mar 30, 2020
21ee9d1
revert secret management and fix consul retry-join logic
callensm Mar 30, 2020
df481e6
fix consul agent start commands
callensm Mar 31, 2020
540c5b8
remove togglable tls and fix consul agent / server joining
callensm Mar 31, 2020
c4f4878
add consul set disruption budget to help with scaling
callensm Mar 31, 2020
01bc2b5
configure plugin directory and turn off UI.
cypherhat Apr 2, 2020
239e967
configure plugin directory and turn off UI.
cypherhat Apr 2, 2020
fca6e3f
fix terraform for destroy orphan k8s secrets, parameterized vault ser…
callensm Apr 3, 2020
3a45221
Merge branch 'core-infra' of github.com:omisego/immutability-eth-plug…
callensm Apr 3, 2020
b1e9e51
fix consul dns and ui, resolve node name conflicts with vault sidecar…
callensm Apr 4, 2020
8b2f2b9
test backup and restore - use recovery flag for restore
cypherhat Apr 5, 2020
fdb3313
k8s terraform conditional data sources
callensm Apr 8, 2020
82f8976
add vault ha address environment variables
callensm Apr 8, 2020
ee858bd
update recovery docs and tf output
callensm Apr 9, 2020
ed9d492
add gcr creating to main infrastructure scripts
callensm Apr 17, 2020
61bb3d1
update README and bash script to tag and push gcr.io images
callensm Apr 17, 2020
88af210
remove local testing k8s tf code for cleanup
callensm Apr 18, 2020
4b13d3d
add the ability to supply a gas price - this overrides the estimated …
cypherhat Jun 6, 2020
a6817d6
Removed unnecessary functionality
cypherhat Jun 13, 2020
9a0c626
smoke test for user supplied gas price
cypherhat Jun 14, 2020
d52d34c
Started API documentation
cypherhat Jun 14, 2020
045f518
Documentation - API.md file
cypherhat Jun 20, 2020
15cc952
Merge pull request #11 from omgnetwork/core-infra
JBunCE Aug 13, 2020
e61fd21
Ino's request: is there a way to actually use storage I could backup …
cypherhat Aug 12, 2020
7faf20d
use go 1.14 as builder. remove vendored deps. remove activateChildCha…
cypherhat Aug 16, 2020
8a74ae7
stupid gitignore - was preventing vault.hcl
cypherhat Aug 16, 2020
490e714
Ino's request: is there a way to actually use storage I could backup …
cypherhat Aug 12, 2020
d692589
update gcr process
callensm Aug 14, 2020
c22a6f7
replace helm charts with public vault chart
callensm Aug 14, 2020
900583d
gcr and infrastructure tf upgrade
callensm Aug 16, 2020
5f53a75
fix gcr service account role bindings
callensm Aug 16, 2020
60ade44
strip consul from terraform and helm charts
callensm Aug 16, 2020
73ca112
remove unused terraform
callensm Aug 16, 2020
73527f5
update naming of omisego to omgnetwork in scripts
callensm Aug 19, 2020
90cf6f3
restructure infrastructure directory for both tf and helm
callensm Aug 20, 2020
01c4449
Initial helm chart to support raft + auto unseal
ftcjeff Aug 20, 2020
dbb039f
placeholder for vault helm image and tag overrides
callensm Aug 20, 2020
ba4eca4
adjust helm overrides and terraform gcp kms"
callensm Aug 20, 2020
f3351cd
Updating the helm chart to be easier to use:
ftcjeff Aug 21, 2020
0345ae6
Removing the local vault helm chart since we're using the official one
ftcjeff Aug 21, 2020
d54f837
Adding my changelog edits
ftcjeff Aug 22, 2020
d098a9a
Moved some refactor to new features
ftcjeff Aug 22, 2020
f10d45e
golang 1.14 as the builder; support snapshotting
cypherhat Aug 22, 2020
9af0df8
nuke the unsealer directory
callensm Aug 22, 2020
2a24996
update changelog and infura egress rule
callensm Aug 22, 2020
8b76ecc
update version file and add circleci config
callensm Aug 22, 2020
b56683c
Updating the README for working between vault and minikube
ftcjeff Aug 23, 2020
6720c19
separate KMS process, documentation overhaul, terraform cleanup
callensm Aug 23, 2020
8482a14
update docs, scripts, helm overrides
callensm Aug 24, 2020
7b17cf4
need folder to exist for circleci - works locally
cypherhat Aug 25, 2020
f4b0903
Adding in the affinity changes and helm/tls documentation
ftcjeff Aug 25, 2020
62b248c
test to see which user is running
cypherhat Aug 25, 2020
f058283
using different directories in an effort to get circleci to build
cypherhat Aug 25, 2020
dd55dd4
changing the user
cypherhat Aug 25, 2020
4c9690d
Improvements for RAFT handling, Addition of PVCs
ftcjeff Aug 26, 2020
a1927f3
Setting vault back to version 1.5.2
ftcjeff Aug 26, 2020
aa72b92
Fix the vault-overrides to account for raft peering
ftcjeff Aug 27, 2020
2429dd0
remove docker-compose up from circleci - impedance mismatch with design
cypherhat Aug 27, 2020
c7ff692
Updates to run the vault helm chart on GKE
ftcjeff Aug 28, 2020
23c6f5f
Increase number of vault nodes, enable audit
ftcjeff Aug 28, 2020
ff5cef7
Turning on UI
ftcjeff Aug 28, 2020
9a74d99
Automate more of the initial setup, increase node pool size
ftcjeff Aug 29, 2020
f96eea1
Create the gen_overrides.sh script and enable audit logging
ftcjeff Aug 29, 2020
c21e804
Minor edits to the README
ftcjeff Aug 29, 2020
19538b4
Merge pull request #14 from omgnetwork/infra_v2
callensm Aug 30, 2020
2df84c9
Add Regional/SSD StorageClasses for data
ftcjeff Sep 2, 2020
c00e50f
add loadbalancer service to helm overrides
callensm Sep 4, 2020
5f97bc9
Merge branch 'infra_v2' of github.com:omgnetwork/immutability-eth-plu…
callensm Sep 4, 2020
c088a71
Merge
ftcjeff Sep 9, 2020
76f3c0a
Remove unnecessary log message
ftcjeff Sep 9, 2020
1631142
Update the README to remove the port-forward note
ftcjeff Sep 9, 2020
4ab834a
Fix unbound variables
ftcjeff Sep 9, 2020
1526b29
Adding notes on Backup / Restore of Vault RAFT Snapshots
ftcjeff Sep 9, 2020
e6eb640
datadog overrides for helm
callensm Sep 14, 2020
40bfbc6
Merge branch 'infra_v2' of github.com:omgnetwork/immutability-eth-plu…
callensm Sep 14, 2020
c108ab3
install gcloud sdk into ubuntu machine for circleci
callensm Sep 14, 2020
5f46f17
persist docker image
callensm Sep 14, 2020
f6fbdb4
readd circleci job filters
callensm Sep 14, 2020
a6f0d11
Merge pull request #18 from omgnetwork/infra_v2
Sep 16, 2020
ba71bc6
clean out provider versions file for terraform
callensm Sep 18, 2020
7cc9951
readd datadog to terraform for cidr block data
callensm Sep 18, 2020
aa5c700
dont execute tests just migrate
Sep 18, 2020
7f2c1d7
Merge pull request #19 from omgnetwork/inomurko/dont_run_tests
cypherhat Sep 18, 2020
0bca8b8
Adding in the process for updating certs, updating overrides a bit
ftcjeff Sep 20, 2020
4a6491a
only --build on test
cypherhat Sep 22, 2020
8998e88
Merge branch 'infra_v2' of github.com:omgnetwork/immutability-eth-plu…
cypherhat Sep 22, 2020
587cde0
fix errorneous path in the documentation; create skinny vault
cypherhat Sep 22, 2020
79fae88
remove testing
cypherhat Sep 22, 2020
1bcb8ba
bringing network code back into the branch for experimentation
cypherhat Sep 26, 2020
5cfb52f
remove submitDepositBlocker
cypherhat Oct 2, 2020
7588ca4
pull nonce if present
Oct 2, 2020
d4e390c
test in ci and nonce
Oct 2, 2020
7043860
own mounted volumes
Oct 2, 2020
f28e8df
sequential nonce
Oct 2, 2020
b5988dc
Merge pull request #20 from omgnetwork/inomurko/nonce
cypherhat Oct 2, 2020
d7acda8
update testing, strict API
Oct 3, 2020
aa8dfb8
idk go
Oct 3, 2020
ac43de3
correct path
Oct 3, 2020
37c2979
stand up vault
Oct 3, 2020
e347124
rm dependencies
Oct 3, 2020
11798c4
Adding scripts for backup and restore
ftcjeff Oct 3, 2020
46dd614
Document the backup/restore scripts
ftcjeff Oct 3, 2020
267b712
Updating the CHANGELOG
ftcjeff Oct 3, 2020
530ca73
Add a guard
ftcjeff Oct 4, 2020
b89e873
stricter API, abort when empty
Oct 5, 2020
ed440cd
stricter API, abort when empty
Oct 5, 2020
be3f76e
Merge pull request #21 from omgnetwork/inomurko/nonce
cypherhat Oct 5, 2020
6c903bb
Updating changelog
ftcjeff Oct 6, 2020
dbc3d04
Merge pull request #22 from omgnetwork/infra_v2
immutajeff Oct 6, 2020
cb1ec0e
Updated the date in changelog
ftcjeff Oct 6, 2020
f2e678d
Adding back in the VPN VPC
ftcjeff Oct 9, 2020
d95625b
combine old vpn with current infrastructure terraform scripts
callensm Oct 12, 2020
c8c6c28
resolve cluster pod and service cidr blocks not being added to vpc pe…
callensm Oct 14, 2020
a099a38
update docs for vpn and cidr block changes
callensm Oct 15, 2020
8c14a8f
hotfix docs and firewall rule source
callensm Oct 15, 2020
c756c5a
accidentally checked in executable
cypherhat Oct 15, 2020
2be8256
update firewall rule for omgnetwork cidrs
callensm Nov 3, 2020
28f06d5
Merge branch 'infra_v2' of github.com:omisego/immutability-eth-plugin…
callensm Nov 3, 2020
bcf5869
Fix the location of the CACERT file
ftcjeff Nov 9, 2020
002c576
remove openvpn instance from infrastructure terraform
callensm Nov 10, 2020
61738d1
block root as base64, rem unused paths, validate config input
Nov 13, 2020
b22d13e
Merge pull request #25 from omgnetwork/inomurko/infra_v2_API_updatge
Nov 14, 2020
c57a3b3
add dns peering for gke
callensm Nov 14, 2020
f689917
refactor base64 decoding and slicing
Nov 16, 2020
457a829
check block root size
Nov 17, 2020
3623d19
nonce should be 1
Nov 17, 2020
026fd64
nonce should be 1
Nov 17, 2020
4122360
Merge pull request #26 from omgnetwork/inomurko/fix_base64
Nov 17, 2020
cf67c28
Adding load balancer support
ftcjeff Nov 17, 2020
baf66c9
fix: ensure pods have k8s labels
Nov 23, 2020
42f732d
Disable ui and ingress
ftcjeff Nov 24, 2020
0096aab
Fix gen_overrides script and add note to readme
ftcjeff Nov 24, 2020
e120b38
Merge pull request #28 from omgnetwork/add-k8s-labels-to-pods
Nov 24, 2020
db7e2fc
Change LB to choose vault-active instead of vault
ftcjeff Nov 24, 2020
816108a
Merge branch 'master' into infra_v2
ftcjeff Nov 24, 2020
8ea630a
Merge pull request #27 from omgnetwork/infra_v2
immutajeff Nov 24, 2020
44f11a0
feat: k8s self-signed issuer with cert-manager
Nov 26, 2020
0b30e37
fix: add missing -c flag to gen_overrides.sh
Nov 26, 2020
16b4d42
chore: remove gen_certs.sh and certs dir
Nov 26, 2020
f38e9be
feat: create custom vault chart with certificate
Nov 26, 2020
7122705
chore: move storage to the vault chart
Nov 26, 2020
7b3a149
chore: remove deprecated vault-overrides.yaml
Nov 26, 2020
de13b94
docs: update usage of vault chart
Nov 27, 2020
803ffea
fix: update tls filenames
Nov 27, 2020
6a9b2fe
fix: serialise docker-compose network creation
Nov 27, 2020
fb0a56d
fix: add sleep to prevent docker network race condition
Nov 27, 2020
8d3c835
Merge pull request #34 from omgnetwork/fix-flaky-circleci
Nov 27, 2020
d92d228
Merge pull request #33 from omgnetwork/use-cert-manager
Nov 30, 2020
ee2ba3b
feat(terraform): make vault cluster dev-ready
Dec 2, 2020
d9006f6
fix: move all /home/vault to /vault
Dec 2, 2020
a483a6a
Merge pull request #35 from omgnetwork/rehome-vault
Dec 2, 2020
d2e75c5
feat: add issuers for self-signed / letsencrypt certificates
Dec 3, 2020
7ebc467
feat: add Traefik for ingress
Dec 3, 2020
8f55a41
feat: use ingress with SSL for Vault, update Vault image
Dec 3, 2020
0b25eab
docs: update supporting scripts and documentation
Dec 3, 2020
62ef352
Merge pull request #36 from omgnetwork/deploy-to-dev
Dec 4, 2020
ca2a49c
expanding config/ adding test validation
InoMurko Jul 6, 2021
40ddcde
fix tests
InoMurko Jul 6, 2021
1a19db2
test everything and valite
InoMurko Jul 6, 2021
abe9c34
Merge pull request #38 from omgnetwork/inomurko/config_l1_l2_support
InoMurko Jul 7, 2021
5226dd4
generate go bindings for contracts with go-e abigen
InoMurko Jul 7, 2021
c9bb7f3
Merge pull request #39 from omgnetwork/inomurko/ovm_contract_bindings
InoMurko Jul 7, 2021
216d321
appendStateBatch call API
InoMurko Jul 8, 2021
b0308d2
appendStateBatch call API tests working
InoMurko Jul 11, 2021
5545cda
re-enable pathOvmAppendSequencerBatch, figure out how to manually cal…
InoMurko Jul 11, 2021
2f3f94a
enabled tests, raw calldata submission
InoMurko Jul 12, 2021
2b2e044
revert go.sum
InoMurko Jul 12, 2021
a26cedb
Merge pull request #40 from omgnetwork/inomurko/ovm_contract_bindings
InoMurko Jul 12, 2021
e91fdc9
Merge remote-tracking branch 'immutability/master' into inomurko/immu…
InoMurko Jul 12, 2021
6e22d75
Immutability into monorepo, into omgx subfolder
InoMurko Jul 12, 2021
4594011
run the test scripts against the vault in GH actions
InoMurko Jul 13, 2021
317b836
run the test scripts against the vault in GH actions
InoMurko Jul 13, 2021
7fd8d6a
adding aws automation and docker build for vault
petardenev Jul 14, 2021
8803503
Merge branch 'inomurko/vault-integration' of github.com:omgnetwork/op…
petardenev Jul 14, 2021
b0cb441
enable push of vault container to aws
petardenev Jul 14, 2021
e0162c3
delete cirleci files, logs from docker compose
InoMurko Jul 14, 2021
145e200
Merge branch 'inomurko/vault-integration' of github.com:omgnetwork/op…
InoMurko Jul 14, 2021
7178e72
enable push of vault container to aws
petardenev Jul 14, 2021
dc2632e
Merge branch 'inomurko/vault-integration' of github.com:omgnetwork/op…
petardenev Jul 14, 2021
96df717
funding accounts
InoMurko Jul 14, 2021
5b71103
Merge branch 'inomurko/vault-integration' of github.com:omgnetwork/op…
InoMurko Jul 14, 2021
9ef0a69
Merge branch 'develop' of github.com:omgnetwork/optimism into inomurk…
InoMurko Jul 15, 2021
c8bed6a
Merge branch 'develop' of github.com:omgnetwork/optimism into inomurk…
InoMurko Jul 15, 2021
76253fb
local provisioning, docs
InoMurko Jul 18, 2021
64d32d4
Merge branch 'inomurko/vault-integration' of github.com:omgnetwork/op…
InoMurko Jul 18, 2021
6fba564
Merge branch 'develop' of github.com:omgnetwork/optimism into inomurk…
InoMurko Jul 18, 2021
250103f
build vault on master
InoMurko Jul 18, 2021
45040f1
extract tests, play the data exchange game between Vault and Deployer…
InoMurko Jul 19, 2021
26ffb1e
vault tests
InoMurko Jul 20, 2021
b2cda2b
Merge branch 'develop' of github.com:omgnetwork/optimism into inomurk…
InoMurko Jul 20, 2021
05b9c30
vault tests, vault replicas 0, wait for vault
InoMurko Jul 20, 2021
3be2686
vault tests, vault replicas 0, wait for vault
InoMurko Jul 20, 2021
207f87e
trap exits
InoMurko Jul 20, 2021
8a36533
Signer vs address coming from vault wrapper
InoMurko Jul 20, 2021
34244f2
Merge branch 'develop' of github.com:omgnetwork/optimism into inomurk…
InoMurko Aug 23, 2021
f7a3d4f
adapt to new docker infra files
InoMurko Aug 23, 2021
19cd399
passing transactions via vault for proposer and sequencer
InoMurko Aug 30, 2021
f2837cd
adapt to new docker infra files
InoMurko Aug 31, 2021
8bca8d3
vault test execution
InoMurko Aug 31, 2021
51d142b
vault test execution
InoMurko Aug 31, 2021
3f42e1e
ec2 execution of vault tests
InoMurko Aug 31, 2021
228a383
ec2 execution of vault tests
InoMurko Aug 31, 2021
7d17111
ec2 execution of vault tests
InoMurko Aug 31, 2021
2f9f84c
ec2 execution of vault tests
InoMurko Aug 31, 2021
dc26e70
adapt to new docker infra files
InoMurko Aug 31, 2021
d490c95
ec2 execution of vault tests
InoMurko Aug 31, 2021
d2c1431
remove old-contracts package from production code
InoMurko Sep 6, 2021
7b7b48c
Merge branch 'develop' of github.com:omgnetwork/optimism into inomurk…
InoMurko Sep 6, 2021
89f75ab
fixing unittests to accommodate integration
InoMurko Sep 7, 2021
083aebf
uncomment guards
InoMurko Sep 8, 2021
246b2ce
vault overlay for batch_submitter
InoMurko Sep 10, 2021
cae7c63
Merge branch 'develop' of github.com:omgnetwork/optimism into inomurk…
InoMurko Sep 10, 2021
d492bc8
batch submitter uses l1Provider if in vault mode to initialize Canoni…
InoMurko Sep 10, 2021
784ffe1
Merge branch 'develop' of github.com:omgnetwork/optimism into inomurk…
InoMurko Sep 10, 2021
d2bf1a6
disable tls for vault, pass in vault url and token for batch submitte…
InoMurko Sep 13, 2021
62f14cc
fix integration request with vault
InoMurko Sep 13, 2021
eadf520
debug contexts in pathOvmAppendSequencerBatch
InoMurko Sep 14, 2021
dd53872
Merge branch 'develop' of github.com:omgnetwork/optimism into inomurk…
InoMurko Sep 14, 2021
906b8d8
end2end vault tests
InoMurko Sep 14, 2021
9a1b862
Merge branch 'develop' of github.com:omgnetwork/optimism into inomurk…
InoMurko Sep 14, 2021
dff0f9b
build containers
InoMurko Sep 14, 2021
8d0e541
Merge branch 'develop' of github.com:omgnetwork/optimism into inomurk…
InoMurko Sep 15, 2021
e1952fb
end2end state submission
InoMurko Sep 15, 2021
c4ed353
30m token policy
InoMurko Sep 15, 2021
4103b1b
Merge branch 'develop' of github.com:omgnetwork/optimism into inomurk…
InoMurko Sep 15, 2021
e65826b
cleanup
InoMurko Sep 16, 2021
a541153
Merge branch 'develop' of github.com:omgnetwork/optimism into inomurk…
InoMurko Sep 16, 2021
6668121
wait for transaction
InoMurko Sep 16, 2021
7bc0f50
allow docker to push ${github_sha} to hub.docker.com and then to buil…
petardenev Sep 20, 2021
6ad9db2
vault aws backend, vault agent for token rotation
InoMurko Sep 21, 2021
202f08d
Merge branch 'develop' of github.com:omgnetwork/optimism into inomurk…
InoMurko Sep 22, 2021
eee449d
fix the filesystem import in batch submitter vault.ts
InoMurko Sep 22, 2021
638a70e
push first containers to hub.docker.com and then run aws automation t…
petardenev Sep 22, 2021
17a71a7
return the sink token content
InoMurko Sep 22, 2021
be9c02a
Merge branch 'inomurko/vault-integration' of github.com:omgnetwork/op…
InoMurko Sep 22, 2021
0157775
fix .github/workflows/omgx-publish-develop.yml
petardenev Sep 22, 2021
50de098
estimate gas from the provider, fix transaction hash responses if the…
InoMurko Sep 22, 2021
07ffc5c
Merge branch 'inomurko/vault-integration' of github.com:omgnetwork/op…
InoMurko Sep 22, 2021
6238578
estimate gas from the provider, fix transaction hash responses if the…
InoMurko Sep 22, 2021
ea7119c
disabling some services in the .github/workflows/omgx-publish-develop…
petardenev Sep 22, 2021
6f230c5
fix .github/workflows/omgx-publish-develop.yml
petardenev Sep 22, 2021
6ef5d62
remove transaction-monitor from building automation
petardenev Sep 22, 2021
f557b70
adding vault.sh and secret2env to vault dir
petardenev Sep 23, 2021
40ae82e
Merge branch 'develop' into inomurko/vault-integration
InoMurko Sep 23, 2021
f91bc01
Merge branch 'develop' into inomurko/vault-integration
InoMurko Sep 27, 2021
689505a
remove call to appendQueueBatch
InoMurko Sep 28, 2021
705e176
Merge branch 'develop' into inomurko/vault-integration
InoMurko Sep 29, 2021
6c55731
adding vault-unsealer that uses aws kms to encrypt the keys and store…
petardenev Oct 4, 2021
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
80 changes: 0 additions & 80 deletions .circleci/config.yml

This file was deleted.

9 changes: 4 additions & 5 deletions .github/workflows/deploy2aws-integration.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,13 +26,12 @@ jobs:
run: |
cd ops_omgx
./cfn-devenv.sh stop --stack-name integration
./cfn-devenv.sh restart --stack-name integration --service-name l1-proxy
./cfn-devenv.sh restart --stack-name integration --service-name deployer
./cfn-devenv.sh stop --stack-name integration-replica

- name: Update All other services
run: |
cd ops_omgx
rm -rf cloudformation/deployer-rinkeby.yaml
rm -rf cloudformation/deployer-rinkeby.yaml cloudformation/dummy-transaction.yaml cloudformation/omgx-monitor.yaml
./cfn-devenv.sh update --stack-name integration --secret-name ${{ github.event.inputs.secretname }} --deploy-tag ${{ github.sha }}
cd cloudformation
aws cloudformation update-stack --stack-name integration-l1l2test --capabilities CAPABILITY_NAMED_IAM --template-body=file://04-l1-l2-test-scheduled-ecs-task.yaml --region us-east-1 --parameters ParameterKey=SecretName,ParameterValue=${{ github.event.inputs.secretname }}
./cfn-devenv.sh restart --stack-name integration
./cfn-devenv.sh restart --stack-name integration-replica
34 changes: 29 additions & 5 deletions .github/workflows/omgx-publish-develop.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ on:
push:
branches:
- 'develop'
- 'mm/dtl-deployer-combined'
- 'inomurko/vault-integration'

jobs:

Expand Down Expand Up @@ -61,17 +61,16 @@ jobs:
working-directory: ./ops
run: |
./scripts/build-ci.sh

- name: Rename and retag the optimism images
working-directory: ./ops
run: |
for i in $(docker images --format "{{.Repository}}:{{.Tag}}" | grep omgx); do
docker image tag "$i" omgx/$(echo $i | awk -F'/' '{print $2}' | awk -F':' '{print $1}'):latest
docker image tag "$i" omgx/$(echo $i | awk -F'/' '{print $2}' | awk -F':' '{print $1}'):${{ github.sha }}
done

for i in $(docker images --format "{{.Repository}}:{{.Tag}}" | grep ethereumoptimism); do
docker image tag "$i" omgx/$(echo $i | awk -F'/' '{print $2}' | awk -F':' '{print $1}'):latest
docker image tag "$i" omgx/$(echo $i | awk -F'/' '{print $2}' | awk -F':' '{print $1}'):latest
docker image tag "$i" omgx/$(echo $i | awk -F'/' '{print $2}' | awk -F':' '{print $1}'):${{ github.sha }}
docker image tag "$i" omgx/$(echo $i | awk -F'/' '{print $2}' | awk -F':' '{print $1}'):${{ github.sha }}
done
docker images

Expand Down Expand Up @@ -104,3 +103,28 @@ jobs:
github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }}
label: ${{ needs.start-runner.outputs.label }}
ec2-instance-id: ${{ needs.start-runner.outputs.ec2-instance-id }}

push2aws:
needs: stop-runner
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2

- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-1

- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_ACCESS_TOKEN_USERNAME }}
password: ${{ secrets.DOCKERHUB_ACCESS_TOKEN_SECRET }}

- name: Build and push docker images to AWS
run: |
cd ops_omgx
rm -rf cloudformation/deployer-rinkeby.yaml cloudformation/dummy-transaction.yaml cloudformation/omgx-monitor.yaml cloudformation/blockexplorer-blockscout.yaml cloudformation/transaction-monitor.yaml
./cfn-devenv.sh push2aws --from-tag ${{ github.sha }} --deploy-tag ${{ github.sha }}
110 changes: 110 additions & 0 deletions .github/workflows/vault.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,110 @@
name: Vault tests


on:
push:
paths:
- 'packages/omgx/immutability/**'
branches:
- 'master'
- 'develop'
- '*rc'
- 'regenesis/*'
pull_request:
paths:
- 'packages/omgx/immutability/**'
branches:
- 'master'
- 'develop'
- '*rc'
- 'regenesis/*'
workflow_dispatch:

defaults:
run:
working-directory: ./ops

jobs:
start-runner:
name: Start self-hosted EC2 runner
runs-on: ubuntu-latest
outputs:
label: ${{ steps.start-ec2-runner.outputs.label }}
ec2-instance-id: ${{ steps.start-ec2-runner.outputs.ec2-instance-id }}
steps:
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ secrets.AWS_REGION }}
- name: Start EC2 runner
id: start-ec2-runner
uses: machulav/ec2-github-runner@v2
with:
mode: start
github-token: ${{ secrets.GH_PERSONAL_ACCESS_TOKEN }}
ec2-image-id: ami-00b46fa1102c70ff2
ec2-instance-type: t2.xlarge
subnet-id: subnet-905870ae
security-group-id: sg-0855631d714870b32

vault_tests:
needs: start-runner
runs-on: ${{ needs.start-runner.outputs.label }}
env:
DATA_DIR: "vault/data/immutability/config"
steps:
- uses: actions/checkout@v2
- name: Run vault and execute tests
working-directory: ./ops
run: |
mkdir -p $DATA_DIR
sudo chown -R 100:1000 $DATA_DIR && sudo chmod -R 777 $DATA_DIR
RUN_TEST=true TEST=true docker-compose -f docker-compose.yml -f ../packages/omgx/immutability/docker/docker-compose-vault-test.yml up -d --build builder l1_chain deployer vault

- name: Building logs
working-directory: ./ops
run: |
sleep 60s
docker-compose -f docker-compose.yml -f ../packages/omgx/immutability/docker/docker-compose-vault-test.yml logs

- name: Wait for Vault
working-directory: ./ops
run: |
while [ $(docker-compose -f docker-compose.yml -f ../packages/omgx/immutability/docker/docker-compose-vault-test.yml logs | grep -c "Done with tests.") -ne 1 ];
do
sleep 1
echo "Waiting for Vault..."
done
echo "Vault has executed tests"
docker-compose -f docker-compose.yml -f ../packages/omgx/immutability/docker/docker-compose-vault-test.yml logs

- name: Test validation
working-directory: ./ops
run: exit $(docker-compose -f docker-compose.yml -f ../packages/omgx/immutability/docker/docker-compose-vault-test.yml logs | grep -c "DID NOT PASS THE REQUIRED TEST")

- name: Build the services
working-directory: ./ops
run: ./scripts/build-ci.sh

- name: Bring the stack up
working-directory: ./ops
run: |
docker-compose -f docker-compose.yml -f ../packages/omgx/immutability/docker/docker-compose-vault-test.yml down
rm -rf vault/
docker-compose -f docker-compose.yml -f ../packages/omgx/immutability/docker/docker-compose-vault-test.yml up -d

- name: Wait for the Sequencer node
working-directory: ./ops
run: ./scripts/wait-for-sequencer.sh

- name: Start background logging
working-directory: ./ops
run: docker-compose -f docker-compose.yml logs --follow &

- name: Run the integration tests
working-directory: ./ops
run: docker-compose run integration_tests


3 changes: 3 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,9 @@ env-mainnet.yml

.serverless

ops/vault/data
append-sequencer-batch.hcl
append-state-batch-proposer.hcl
# subgraph
build
generated
Expand Down
15 changes: 15 additions & 0 deletions ops/docker-compose-nobuild.yml
Original file line number Diff line number Diff line change
Expand Up @@ -209,3 +209,18 @@ services:
environment:
GAS_PRICE_ORACLE_ETHEREUM_HTTP_URL: http://l2geth:8545
GAS_PRICE_ORACLE_PRIVATE_KEY: "0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80"

vault:
image: omgx/vault
deploy:
replicas: 0
ports:
- "127.0.0.1:8200:8200"
volumes:
- "/tmp/vault_auth:/vault/config:rw"
entrypoint:
- "/bin/sh"
- -ec
- |
sleep 2
/vault/vault.sh
46 changes: 0 additions & 46 deletions ops/docker-compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -339,52 +339,6 @@ services:
L2_CHAINID: 31338 #unfortunately, elsewhere the L2_CHAINID is called CHAIN_ID
<< : *integration_pk

# good idea, but never actually used?
# # and, tests for all the OMGX-specific services
# omgx_test_contracts:
# image: omgx/builder
# deploy:
# replicas: 0
# build:
# context: ..
# dockerfile: ./ops/docker/Dockerfile.monorepo
# entrypoint:
# - "/bin/sh"
# - -ecx
# - |
# cd /optimism/packages/omgx/contracts
# yarn test:integration
# environment:
# L1_NODE_WEB3_URL: http://l1_chain:8545
# L2_NODE_WEB3_URL: http://l2geth:8545
# URL: http://deployer:8081/addresses.json
# OMGX_URL: http://omgx_deployer:8079/addresses.json
# TEST_PRIVATE_KEY_1: "0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80"
# TEST_PRIVATE_KEY_2: "0x8b3a350cf5c34c9194ca85829a2df0ec3153be0318b5e2d3348e872092edffba"
# TEST_PRIVATE_KEY_3: "0x92db14e403b83dfe3df233f83dfa3a0d7096f21ca9b0d6d6b8d88b2b4ec1564e"

# omgx_test_relayer:
# image: omgx/builder
# deploy:
# replicas: 0
# build:
# context: ..
# dockerfile: ./ops/docker/Dockerfile.monorepo
# entrypoint:
# - "/bin/sh"
# - -ecx
# - |
# cd /optimism/packages/omgx/message-relayer-fast
# yarn test:integration
# environment:
# L1_NODE_WEB3_URL: http://l1_chain:8545
# L2_NODE_WEB3_URL: http://l2geth:8545
# URL: http://deployer:8081/addresses.json
# OMGX_URL: http://omgx_deployer:8079/addresses.json
# TEST_PRIVATE_KEY_1: "0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80"
# TEST_PRIVATE_KEY_2: "0x8b3a350cf5c34c9194ca85829a2df0ec3153be0318b5e2d3348e872092edffba"
# TEST_PRIVATE_KEY_3: "0x92db14e403b83dfe3df233f83dfa3a0d7096f21ca9b0d6d6b8d88b2b4ec1564e"

# gas price system
gas_oracle:
depends_on:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -10,14 +10,17 @@ RUN apk update && apk add git openssh gcc musl-dev linux-headers

WORKDIR /app

COPY go.mod .
COPY go.sum .
COPY packages/omgx/immutability/go.mod .
COPY packages/omgx/immutability/go.sum .
COPY packages/omgx/immutability/config/vault.hcl .

# Get deps - will also be cached if we won't change mod/sum
RUN go version
RUN go mod download

COPY / .
COPY ./ops/scripts/vault.sh .

COPY packages/omgx/immutability/ .
RUN mkdir -p /app/bin \
&& CGO_ENABLED=1 GOOS=linux go build -a -i -o /app/bin/immutability-eth-plugin . \
&& sha256sum -b /app/bin/immutability-eth-plugin > /app/bin/SHA256SUMS
Expand All @@ -29,7 +32,7 @@ FROM vault:latest
# we pass epoch time so it always upgrades
ARG always_upgrade
RUN echo ${always_upgrade} > /dev/null && apk update && apk upgrade
RUN apk add bash openssl jq
RUN apk add bash openssl jq curl
USER vault
WORKDIR /vault
RUN mkdir -p /vault/ca \
Expand All @@ -39,4 +42,8 @@ RUN mkdir -p /vault/ca \
# Install the plugin.
COPY --from=build /app/bin/immutability-eth-plugin /vault/plugins/immutability-eth-plugin
COPY --from=build /app/bin/SHA256SUMS /vault/plugins/SHA256SUMS
COPY --from=build /app/vault.sh /vault/vault.sh
COPY --from=build /app/vault.hcl /vault/config/
COPY --from=build /app/vault.hcl /vault/vault.hcl
COPY ./ops/scripts/provision_vault.sh .
HEALTHCHECK CMD nc -zv 127.0.0.1 8900 || exit 1
Loading