Force a rebuild #188

Workflow file for this run

.github/workflows/devnet-deploys.yml at 413049e

	name: Deploy to devnet
	on:
	push:
	branches: [devnet]

	concurrency:
	group: ${{ github.workflow }}-${{ github.ref }}
	cancel-in-progress: true

	env:
	DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }}
	GIT_COMMIT: ${{ github.sha }}
	DEPLOY_TAG: devnet
	L1_CHAIN_ID: 677692
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	# TF Vars
	TF_VAR_DOCKERHUB_ACCOUNT: aztecprotocol
	TF_VAR_L1_CHAIN_ID: 677692
	TF_VAR_BOOTNODE_1_PRIVATE_KEY: ${{ secrets.BOOTNODE_1_PRIVATE_KEY }}
	TF_VAR_BOOTNODE_2_PRIVATE_KEY: ${{ secrets.BOOTNODE_2_PRIVATE_KEY }}
	TF_VAR_SEQUENCER_PRIVATE_KEYS: '["${{ secrets.SEQ_1_PUBLISHER_PRIVATE_KEY }}"]'
	TF_VAR_NODE_P2P_PRIVATE_KEYS: '[""]'
	TF_VAR_DEPLOY_TAG: devnet
	TF_VAR_IMAGE_TAG: ${{ github.sha }}
	TF_VAR_API_KEY: ${{ secrets.FORK_API_KEY }}
	TF_VAR_FORK_MNEMONIC: ${{ secrets.FORK_MNEMONIC }}
	TF_VAR_INFURA_API_KEY: ${{ secrets.INFURA_API_KEY }}
	TF_VAR_FAUCET_ACCOUNT_INDEX: 5
	CONTRACT_S3_BUCKET: s3://aztec-devnet-deployments

	jobs:
	setup:
	uses: ./.github/workflows/setup-runner.yml
	with:
	username: master
	runner_type: builder-x86
	secrets: inherit
	build:
	needs: setup
	runs-on: ${{ github.actor }}-x86
	steps:
	- uses: actions/checkout@v4
	with:
	ref: "${{ env.GIT_COMMIT }}"
	fetch-depth: 0
	- uses: ./.github/ci-setup-action
	with:
	concurrency_key: build-release-artifacts-${{ github.actor }}
	dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}"
	- name: Check if only workflow flows have changed
	id: check_only_workflow_changes
	uses: actions/github-script@v7
	with:
	script: \|
	const { execSync } = require('child_process');
	const changedFiles = execSync('git diff --name-only ${{ github.event.before }} ${{ github.sha }}')
	.toString()
	.split('\n')
	.filter(line => line);
	const prefixesToIgnore = ['.github', 'iac'];
	const suffixesToIgnore = ['.tf'];
	return changedFiles.every(file => (
	prefixesToIgnore.some(prefix => file.startsWith(prefix)) \|\|
	suffixesToIgnore.some(suffix => file.endsWith(suffix))
	));
	- name: "Build & Push aztec images"
	timeout-minutes: 40
	if: steps.check_only_workflow_changes.outputs.result == 'false'
	run: \|
	earthly-ci --no-output --push ./yarn-project+export-aztec-arch --DIST_TAG=${{ env.DEPLOY_TAG }}
	earthly-ci --no-output --push ./yarn-project+export-aztec-arch --DIST_TAG=${{ github.sha }}

	- name: Check if mainnet fork needs deployment
	id: check_fork_changes
	uses: actions/github-script@v7
	with:
	script: \|
	const { execSync } = require('child_process');
	const changedFiles = execSync('git diff --name-only ${{ github.event.before }} ${{ github.sha }}').toString().split('\n');
	const fileChanged = changedFiles.some(file => file.startsWith('iac/mainnet-fork'));
	return fileChanged

	- name: Build & push mainnet fork image
	if: steps.check_fork_changes.outputs.result == 'true'
	run: \|
	earthly-ci \
	--no-output --push ./iac/mainnet-fork+export-mainnet-fork --DIST_TAG=${{ env.DEPLOY_TAG }}

	terraform_deploy:
	runs-on: ubuntu-latest
	needs: build
	steps:
	- uses: actions/checkout@v4
	with:
	ref: "${{ env.GIT_COMMIT }}"
	fetch-depth: 0
	- uses: ./.github/ci-setup-action
	- uses: hashicorp/setup-terraform@v3
	with:
	terraform_version: 1.7.5

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v1
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: eu-west-2

	- name: Deploy mainnet fork
	working-directory: ./iac/mainnet-fork/terraform
	run: \|
	terraform init -input=false -backend-config="key=${{ env.DEPLOY_TAG }}/mainnet-fork"
	terraform apply -input=false -auto-approve -replace="aws_efs_file_system.aztec_mainnet_fork_data_store"

	- name: Wait for mainnet fork deployment
	run: \|
	./.github/scripts/wait_for_infra.sh mainnet-fork ${{ env.DEPLOY_TAG }} ${{ secrets.FORK_API_KEY }}

	- name: Deploy L1 Contracts
	run: \|
	docker pull aztecprotocol/aztec:${{ env.DEPLOY_TAG }}
	docker run aztecprotocol/aztec:${{ env.DEPLOY_TAG }} deploy-l1-contracts \
	--private-key ${{ secrets.SEQ_1_PUBLISHER_PRIVATE_KEY }} \
	--rpc-url https://${{ env.DEPLOY_TAG }}-mainnet-fork.aztec.network:8545/${{ secrets.FORK_API_KEY }} \
	--l1-chain-id ${{ env.L1_CHAIN_ID }} \
	--json \
	\| tee ./l1-contract_addresses.json

	# upload contract addresses to S3
	aws s3 cp ./l1-contract_addresses.json ${{ env.CONTRACT_S3_BUCKET }}/l1_contract_addresses.json

	# export contract addresses so they can be used by subsequent terraform deployments
	function extract() {
	jq -r ".$1" ./l1-contract_addresses.json
	}

	echo "TF_VAR_ROLLUP_CONTRACT_ADDRESS=$(extract rollupAddress)" >>$GITHUB_ENV
	echo "TF_VAR_REGISTRY_CONTRACT_ADDRESS=$(extract registryAddress)" >>$GITHUB_ENV
	echo "TF_VAR_INBOX_CONTRACT_ADDRESS=$(extract inboxAddress)" >>$GITHUB_ENV
	echo "TF_VAR_OUTBOX_CONTRACT_ADDRESS=$(extract outboxAddress)" >>$GITHUB_ENV
	echo "TF_VAR_AVAILABILITY_ORACLE_CONTRACT_ADDRESS=$(extract availabilityOracleAddress)" >>$GITHUB_ENV
	echo "TF_VAR_GAS_TOKEN_CONTRACT_ADDRESS=$(extract gasTokenAddress)" >>$GITHUB_ENV
	echo "TF_VAR_GAS_PORTAL_CONTRACT_ADDRESS=$(extract gasPortalAddress)" >>$GITHUB_ENV

	- name: Apply l1-contracts Terraform
	working-directory: ./l1-contracts/terraform
	run: \|
	terraform init -input=false -backend-config="key=${{ env.DEPLOY_TAG }}/l1-contracts"
	terraform apply -input=false -auto-approve

	- name: Init Aztec Node Terraform
	working-directory: ./yarn-project/aztec/terraform/node
	run: \|
	terraform init -input=false -backend-config="key=${{ env.DEPLOY_TAG }}/aztec-node"

	- name: Deploy Aztec Nodes
	working-directory: ./yarn-project/aztec/terraform/node
	run: \|
	terraform apply -input=false -auto-approve -replace="aws_efs_file_system.node_data_store"

	- name: Deploy Provers
	working-directory: ./yarn-project/aztec/terraform/prover
	run: \|
	terraform init -input=false -backend-config="key=${{ env.DEPLOY_TAG }}/prover"
	terraform apply -input=false -auto-approve

	- name: Deploy PXE
	working-directory: ./yarn-project/aztec/terraform/pxe
	run: \|
	terraform init -input=false -backend-config="key=${{ env.DEPLOY_TAG }}/pxe"
	terraform apply -input=false -auto-approve

	- name: Deploy P2P Bootstrap Nodes
	working-directory: ./yarn-project/p2p-bootstrap/terraform
	run: \|
	terraform init -input=false -backend-config="key=${{ env.DEPLOY_TAG }}/p2p-bootstrap"
	terraform apply -input=false -auto-approve

	bootstrap:
	runs-on: ubuntu-latest
	needs: terraform_deploy
	steps:
	- uses: actions/checkout@v4
	with:
	ref: "${{ env.GIT_COMMIT }}"
	fetch-depth: 0

	- uses: ./.github/ci-setup-action

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v1
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: eu-west-2

	- name: Wait for PXE to be available
	run: \|
	./.github/scripts/wait_for_infra.sh pxe ${{ env.DEPLOY_TAG }} ${{ secrets.FORK_API_KEY }}

	- name: Deploy protocol contracts
	run: \|
	set -e
	docker pull aztecprotocol/aztec:${{ env.DEPLOY_TAG }}
	docker run aztecprotocol/aztec:${{ env.DEPLOY_TAG }} deploy-protocol-contracts \
	--rpc-url https://api.aztec.network/${{ env.DEPLOY_TAG }}/aztec-pxe/${{ secrets.FORK_API_KEY }} \
	--l1-chain-id ${{ env.L1_CHAIN_ID }} \
	--json \
	\| tee ./protocol-contracts.json

	aws s3 cp ./protocol-contracts.json ${{ env.CONTRACT_S3_BUCKET }}/protocol-contracts.json

	- name: Bootstrap devnet
	run: \|
	set -e
	docker run aztecprotocol/aztec:${{ env.DEPLOY_TAG }} bootstrap-devnet \
	--rpc-url https://api.aztec.network/${{ env.DEPLOY_TAG }}/aztec-pxe/${{ secrets.FORK_API_KEY }} \
	--l1-rpc-url https://${{ env.DEPLOY_TAG }}-mainnet-fork.aztec.network:8545/${{ secrets.FORK_API_KEY }} \
	--l1-chain-id ${{ env.L1_CHAIN_ID }} \
	--l1-private-key ${{ secrets.SEQ_1_PUBLISHER_PRIVATE_KEY }} \
	--json \
	\| tee ./devnet-contracts.json

	aws s3 cp ./devnet-contracts.json ${{ env.CONTRACT_S3_BUCKET }}/devnet-contracts.json

	deploy-faucet:
	runs-on: ubuntu-latest
	needs: [terraform_deploy, bootstrap]
	steps:
	- uses: actions/checkout@v4
	with:
	ref: "${{ env.GIT_COMMIT }}"
	fetch-depth: 0
	- uses: ./.github/ci-setup-action
	- uses: hashicorp/setup-terraform@v3
	with:
	terraform_version: 1.7.5

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v1
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: eu-west-2

	- name: Retrieve contract addresses
	run: \|
	set -e
	aws s3 cp ${{ env.CONTRACT_S3_BUCKET }}/l1_contract_addresses.json ./l1-contract_addresses.json
	aws s3 cp ${{ env.CONTRACT_S3_BUCKET }}/devnet-contracts.json ./devnet-contracts.json

	echo "TF_VAR_GAS_TOKEN_CONTRACT_ADDRESS=$(jq -r '.gasTokenAddress' ./l1-contract_addresses.json)" >>$GITHUB_ENV
	echo "TF_VAR_DEV_COIN_CONTRACT_ADDRESS=$(jq -r '.devCoinL1' ./devnet-contracts.json)" >>$GITHUB_ENV

	- name: Deploy Faucet
	working-directory: ./yarn-project/aztec-faucet
	run: \|
	terraform init -input=false -backend-config="key=${{ env.DEPLOY_TAG }}/aztec-faucet"
	terraform apply -input=false -auto-approve

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Force a rebuild #188

Workflow file

Force a rebuild #188

Jobs

Run details

Workflow file for this run