diff --git a/Jenkinsfile b/Jenkinsfile index c181afb64..3bc054cb5 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -90,7 +90,7 @@ pipeline { } stage('publish images') { when { - branch "develop" + branch "develop" } steps { script { @@ -104,25 +104,25 @@ pipeline { } stage('upgrade helm') { when { - branch "develop" + branch "develop" } - steps { + steps { dir('charts/specular') { - withCredentials([[ - $class: 'AmazonWebServicesCredentialsBinding', - credentialsId: "builder", - accessKeyVariable: 'AWS_ACCESS_KEY_ID', - secretKeyVariable: 'AWS_SECRET_ACCESS_KEY' - ]]) { + withCredentials([[ + $class: 'AmazonWebServicesCredentialsBinding', + credentialsId: "builder", + accessKeyVariable: 'AWS_ACCESS_KEY_ID', + secretKeyVariable: 'AWS_SECRET_ACCESS_KEY' + ]]) { script { - sh ''' + sh ''' aws eks update-kubeconfig --region us-east-2 --name specular-staging-eks kubectl config use-context arn:aws:eks:us-east-2:792926601177:cluster/specular-staging-eks helm upgrade specular . -n specular --set image.tag=$GIT_COMMIT''' } discordSend description: "Jenkins Pipeline Build", footer: "Current release is $GIT_COMMIT", link: env.BUILD_URL, result: currentBuild.currentResult, title: JOB_NAME, webhookURL: "https://discord.com/api/webhooks/1219404082184196147/C70F8jtuyODjExk-Xk7hWOaxY-IBQefDumqbTJYlKdOMt2uzmA4ehS3uaO28SwuGgzwi" - } + } } } } diff --git a/Jenkinsfile-build-test b/Jenkinsfile-build-test new file mode 100644 index 000000000..d2d3fe042 --- /dev/null +++ b/Jenkinsfile-build-test @@ -0,0 +1,130 @@ +pipeline { + agent any + environment{ + registry = "792926601177.dkr.ecr.us-east-2.amazonaws.com/specular-platform" + } + + stages { + stage('prepare workspace') { + steps { + // checkout git + checkout scmGit( + userRemoteConfigs: [ + [ credentialsId: 'jenkins-specular', url: 'github.com:SpecularL2/specular-build-test.git'] + ], + branches: [[name: '*/PR-*'], [name: '*/develop']], + ) + // submodules + sh "git submodule update --init --recursive" + // make our workspace dir + sh "rm -rf workspace && mkdir workspace" + // env files + sh 'cp -a config/local_docker/. workspace/' + sh 'chmod -R 777 workspace' + } + } + stage('create build image for pr') { + when { + not { + branch 'develop' + } + } + steps{ + script { + docker.withRegistry('https://792926601177.dkr.ecr.us-east-2.amazonaws.com', 'ecr:us-east-2:builder') { + docker.build( + registry + ":e2e-pr-$GIT_COMMIT", + "-f docker/e2e.Dockerfile ." + ) + } + + } + } + } + stage('create build image for devnet') { + when { + branch 'develop' + } + steps{ + script { + docker.withRegistry('https://792926601177.dkr.ecr.us-east-2.amazonaws.com', 'ecr:us-east-2:builder') { + def e2eContainer = docker.build( + registry + ":e2e-$GIT_COMMIT", + "-f docker/e2e.Dockerfile ." + ) + e2eContainer.push() + e2eContainer.push("e2e-latest") + } + + } + } + } + stage('e2e-test') { + when { + not { + branch 'develop' + } + } + parallel { + stage('transactions') { + steps { + sh "docker run -w /specular/workspace 792926601177.dkr.ecr.us-east-2.amazonaws.com/specular-platform:e2e-pr-$GIT_COMMIT ../sbin/run_e2e_tests.sh transactions" + } + } + stage('deposit') { + steps { + sh "docker run -w /specular/workspace 792926601177.dkr.ecr.us-east-2.amazonaws.com/specular-platform:e2e-pr-$GIT_COMMIT ../sbin/run_e2e_tests.sh deposit" + } + } + stage('erc20') { + steps { + sh "docker run -w /specular/workspace 792926601177.dkr.ecr.us-east-2.amazonaws.com/specular-platform:e2e-pr-$GIT_COMMIT ../sbin/run_e2e_tests.sh erc20" + } + } + stage('withdraw') { + steps { + sh "docker run -w /specular/workspace 792926601177.dkr.ecr.us-east-2.amazonaws.com/specular-platform:e2e-pr-$GIT_COMMIT ../sbin/run_e2e_tests.sh withdraw" + } + } + } + } + stage('publish images') { + when { + branch "develop" + } + steps { + script { + docker.withRegistry('https://792926601177.dkr.ecr.us-east-2.amazonaws.com', 'ecr:us-east-2:builder') { + def spcContainer = docker.build(registry + ":$GIT_COMMIT", "-f docker/specular.Dockerfile .") + spcContainer.push() + spcContainer.push("specular-latest") + } + } + } + } + stage('upgrade helm') { + when { + branch "develop" + } + steps { + dir('charts/specular') { + withCredentials([[ + $class: 'AmazonWebServicesCredentialsBinding', + credentialsId: "builder", + accessKeyVariable: 'AWS_ACCESS_KEY_ID', + secretKeyVariable: 'AWS_SECRET_ACCESS_KEY' + ]]) { + script { + sh ''' + aws eks update-kubeconfig --region us-east-2 --name specular-staging-eks + kubectl config use-context arn:aws:eks:us-east-2:792926601177:cluster/specular-staging-eks + helm upgrade specular . -n specular --set image.tag=$GIT_COMMIT''' + } + discordSend description: "Jenkins Pipeline Build *IGNORE*", footer: "Current release is $GIT_COMMIT", link: env.BUILD_URL, result: currentBuild.currentResult, title: JOB_NAME, webhookURL: "https://discord.com/api/webhooks/1219404082184196147/C70F8jtuyODjExk-Xk7hWOaxY-IBQefDumqbTJYlKdOMt2uzmA4ehS3uaO28SwuGgzwi" + + } + } + } + } + } +} diff --git a/charts/specular/templates/debug-pod.yaml b/charts/specular/templates/debug-pod.yaml index cf8bed396..45eeddc2a 100644 --- a/charts/specular/templates/debug-pod.yaml +++ b/charts/specular/templates/debug-pod.yaml @@ -23,14 +23,12 @@ spec: mountPath: /tmp/workspace/{{ $value }} subPath: {{ $value }} {{- end }} -{{- if not .Values.generator.deploy }} {{- range $i, $value := .Values.volume.secrets }} - name: secret-volume mountPath: /tmp/workspace/{{ $value.file }} subPath: {{ $value.file }} readOnly: true {{- end }} -{{- end }} workingDir: /tmp/workspace restartPolicy: OnFailure volumes: @@ -40,10 +38,8 @@ spec: - name: {{ .Values.volume.configVolumeMounts.name }} configMap: name: {{ .Values.volume.configVolumeMounts.name }} -{{- if not .Values.generator.deploy }} - name: secret-volume secret: secretName: l2-secrets -{{- end }} status: {} {{- end -}} diff --git a/charts/specular/templates/generator-pod.yaml b/charts/specular/templates/generator-pod.yaml index 6774f16dd..3878c97f2 100644 --- a/charts/specular/templates/generator-pod.yaml +++ b/charts/specular/templates/generator-pod.yaml @@ -21,14 +21,16 @@ spec: mountPath: {{ $.Values.volume.efs.mountPath }}/{{ $value }} subPath: {{ $value }} {{- end }} -{{- if not .Values.generator.deploy }} {{- range $i, $value := .Values.volume.secrets }} - name: secret-volume mountPath: {{ $.Values.volume.efs.mountPath }}/{{ $value.file }} subPath: {{ $value.file }} readOnly: true - {{- end }} {{- end }} + lifecycle: + preStop: + exec: + command: ["sh", "-c", "rm -f /specular/workspace/.*.lock"] restartPolicy: Never volumes: - name: {{ .Values.volume.efs.name }} @@ -37,9 +39,7 @@ spec: - name: {{ .Values.volume.configVolumeMounts.name }} configMap: name: {{ .Values.volume.configVolumeMounts.name }} -{{- if not .Values.generator.deploy }} - name: secret-volume secret: secretName: l2-secrets -{{- end }} status: {} diff --git a/charts/specular/templates/l1-geth-pod.yaml b/charts/specular/templates/l1-geth-pod.yaml index 3cb8b8ff0..59b1cf4cb 100644 --- a/charts/specular/templates/l1-geth-pod.yaml +++ b/charts/specular/templates/l1-geth-pod.yaml @@ -44,14 +44,12 @@ spec: mountPath: {{ $.Values.volume.efs.mountPath }}/{{ $value }} subPath: {{ $value }} {{- end }} -{{- if not .Values.generator.deploy }} {{- range $i, $value := .Values.volume.secrets }} - name: secret-volume mountPath: {{ $.Values.volume.efs.mountPath }}/{{ $value.file }} subPath: {{ $value.file }} readOnly: true {{- end }} -{{- end }} workingDir: {{ .Values.volume.efs.mountPath }} restartPolicy: Always volumes: @@ -61,5 +59,8 @@ spec: - name: {{ .Values.volume.configVolumeMounts.name }} configMap: name: {{ .Values.volume.configVolumeMounts.name }} + - name: secret-volume + secret: + secretName: l2-secrets status: {} {{- end -}} diff --git a/charts/specular/templates/sidecar-pod.yaml b/charts/specular/templates/sidecar-pod.yaml index 0c12b7c3f..270a8c2ed 100644 --- a/charts/specular/templates/sidecar-pod.yaml +++ b/charts/specular/templates/sidecar-pod.yaml @@ -28,14 +28,12 @@ spec: mountPath: {{ $.Values.volume.efs.mountPath }}/{{ $value }} subPath: {{ $value }} {{- end }} -{{- if not .Values.generator.deploy }} {{- range $i, $value := .Values.volume.secrets }} - name: secret-volume mountPath: {{ $.Values.volume.efs.mountPath }}/{{ $value.file }} subPath: {{ $value.file }} readOnly: true {{- end }} -{{- end }} workingDir: {{ .Values.volume.efs.mountPath }} terminationGracePeriodSeconds: 60 restartPolicy: OnFailure @@ -46,9 +44,7 @@ spec: - name: {{ .Values.volume.configVolumeMounts.name }} configMap: name: {{ .Values.volume.configVolumeMounts.name }} -{{- if not .Values.generator.deploy }} - name: secret-volume secret: secretName: l2-secrets -{{- end }} status: {} diff --git a/charts/specular/templates/sp-geth-pod.yaml b/charts/specular/templates/sp-geth-pod.yaml index 333667c74..3d60c4561 100644 --- a/charts/specular/templates/sp-geth-pod.yaml +++ b/charts/specular/templates/sp-geth-pod.yaml @@ -56,14 +56,12 @@ spec: mountPath: {{ $.Values.volume.efs.mountPath }}/{{ $value }} subPath: {{ $value }} {{- end }} -{{- if not .Values.generator.deploy }} {{- range $i, $value := .Values.volume.secrets }} - name: secret-volume mountPath: {{ $.Values.volume.efs.mountPath }}/{{ $value.file }} subPath: {{ $value.file }} readOnly: true {{- end }} -{{- end }} workingDir: {{ .Values.volume.efs.mountPath }} terminationGracePeriodSeconds: 15 restartPolicy: OnFailure @@ -74,9 +72,7 @@ spec: - name: {{ .Values.volume.configVolumeMounts.name }} configMap: name: {{ .Values.volume.configVolumeMounts.name }} -{{- if not .Values.generator.deploy }} - name: secret-volume secret: secretName: l2-secrets -{{- end }} status: {} diff --git a/charts/specular/templates/sp-magi-pod.yaml b/charts/specular/templates/sp-magi-pod.yaml index 9b457db13..2f54b6d3a 100644 --- a/charts/specular/templates/sp-magi-pod.yaml +++ b/charts/specular/templates/sp-magi-pod.yaml @@ -38,14 +38,12 @@ spec: mountPath: {{ $.Values.volume.efs.mountPath }}/{{ $value }} subPath: {{ $value }} {{- end }} -{{- if not .Values.generator.deploy }} {{- range $i, $value := .Values.volume.secrets }} - name: secret-volume mountPath: {{ $.Values.volume.efs.mountPath }}/{{ $value.file }} subPath: {{ $value.file }} readOnly: true {{- end }} -{{- end }} workingDir: {{ .Values.volume.efs.mountPath }} terminationGracePeriodSeconds: 60 restartPolicy: OnFailure @@ -56,9 +54,7 @@ spec: - name: {{ .Values.volume.configVolumeMounts.name }} configMap: name: {{ .Values.volume.configVolumeMounts.name }} -{{- if not .Values.generator.deploy }} - name: secret-volume secret: secretName: l2-secrets -{{- end }} status: {} diff --git a/charts/specular/values-testnet.yaml b/charts/specular/values-testnet.yaml index be01dd8a8..5f794a24b 100644 --- a/charts/specular/values-testnet.yaml +++ b/charts/specular/values-testnet.yaml @@ -8,10 +8,6 @@ enabled: infura: true debug: true -generator: - command: "../sbin/entrypoint.sh deploy" - deploy: false - volume: efs: mountPath: /specular/workspace @@ -40,6 +36,10 @@ volume: - name: VALIDATOR_PRIV_KEY file: validator_pk.txt +generator: + command: "../sbin/entrypoint.sh deploy" + deploy: false + configMaps: .sp_geth.env: - name: NETWORK_ID @@ -116,6 +116,8 @@ configMaps: value: "ws://l1.sepolia.specular.network:8546" - name: L1_PERIOD value: "12" + - name: REDEPLOY + value: "true" .paths.env: - name: BIN_DIR diff --git a/charts/specular/values.yaml b/charts/specular/values.yaml index a67417d8c..48c59e79e 100644 --- a/charts/specular/values.yaml +++ b/charts/specular/values.yaml @@ -132,6 +132,8 @@ configMaps: value: "ws://$L1_GETH_SERVICE_HOST:$L1_GETH_SERVICE_PORT_8546" - name: L1_PERIOD value: "12" + - name: REDEPLOY + value: "true" .paths.env: - name: BIN_DIR diff --git a/sbin/entrypoint.sh b/sbin/entrypoint.sh index f00a42af6..ea34f541b 100755 --- a/sbin/entrypoint.sh +++ b/sbin/entrypoint.sh @@ -27,8 +27,17 @@ case "$1" in deploy) # Run the main container command. echo "Running deploy for genesis and JWT" - /specular/sbin/generate_jwt_secret.sh - /specular/sbin/deploy_l1_contracts.sh -y + + + if [[ "$REDEPLOY" = true ]]; then + rm -f .deployed + /specular/sbin/clean.sh + /specular/sbin/generate_jwt_secret.sh + /specular/sbin/deploy_l1_contracts.sh -y + + fi + + touch .generate_secrets.sh.lock ;; start) shift