From abc06c7548864209d2f8ca764380cf51b89634e2 Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 13 Dec 2023 13:45:41 +0000 Subject: [PATCH 01/23] WIP fixing devnet redeploy triggers --- .circleci/config.yml | 29 ++++++++++++++----- build-system/scripts/deploy_service | 9 ++++-- .../scripts/deploy_terraform_and_service | 27 +++++++++++++++++ l1-contracts/scripts/ci_deploy_contracts.sh | 5 ++++ yarn-project/aztec-node/terraform/main.tf | 2 +- 5 files changed, 62 insertions(+), 10 deletions(-) create mode 100644 build-system/scripts/deploy_terraform_and_service diff --git a/.circleci/config.yml b/.circleci/config.yml index fb0ea6e4b9a..3f844b66552 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -976,19 +976,34 @@ jobs: - *checkout - *setup_env - run: - name: "Deploy devnet to AWS" + name: "Deploy P2P bootstrap servers to AWS" command: | should_deploy 0 || exit 0 - export TF_VAR_FAUCET_PRIVATE_KEY=$FAUCET_PRIVATE_KEY - export TF_VAR_BOOTNODE_1_PEER_ID=$BOOTNODE_1_PEER_ID - export TF_VAR_BOOTNODE_2_PEER_ID=$BOOTNODE_2_PEER_ID + # Export variables for Terraform. export TF_VAR_BOOTNODE_1_PRIVATE_KEY=$BOOTNODE_1_PRIVATE_KEY export TF_VAR_BOOTNODE_2_PRIVATE_KEY=$BOOTNODE_2_PRIVATE_KEY + deploy_terraform_and_service p2p-bootstrap "$DEPLOY_TAG-aztec-bootstrap-1,$DEPLOY_TAG-aztec-bootstrap-2" + - run: + name: "Deploy Aztec Nodes to AWS" + command: | + should_deploy 0 || exit 0 + export TF_VAR_BOOTNODE_1_PEER_ID=$BOOTNODE_1_PEER_ID + export TF_VAR_BOOTNODE_2_PEER_ID=$BOOTNODE_2_PEER_ID + export TF_VAR_FAUCET_PRIVATE_KEY=$FAUCET_PRIVATE_KEY export TF_VAR_SEQ_1_PUBLISHER_PRIVATE_KEY=$SEQ_1_PUBLISHER_PRIVATE_KEY export TF_VAR_SEQ_2_PUBLISHER_PRIVATE_KEY=$SEQ_2_PUBLISHER_PRIVATE_KEY - deploy_terraform p2p-bootstrap yarn-project/p2p-bootstrap/terraform - deploy_terraform aztec-node yarn-project/aztec-node/terraform - deploy_terraform aztec-faucet yarn-project/aztec-faucet/terraform + # Check if l1-contracts have changed. + if $CONTRACTS_DEPLOYED -eq 1; then + deploy_terraform_and_service aztec-node yarn-project/aztec-node "$DEPLOY_TAG-aztec-node-1,$DEPLOY_TAG-aztec-node-2" aws_efs_file_system.node_data_store + else + deploy_terraform_and_service aztec-node yarn-project/aztec-node "$DEPLOY_TAG-aztec-node-1,$DEPLOY_TAG-aztec-node-2" + fi + + - run: + name: "Deploy Aztec Faucet to AWS" + command: | + should_deploy 0 || exit 0 + deploy_terraform_and_service aztec-faucet yarn-project/aztec-faucet/terraform # Repeatable config for defining the workflow below. defaults: &defaults diff --git a/build-system/scripts/deploy_service b/build-system/scripts/deploy_service index 83c45128141..d47853f10da 100755 --- a/build-system/scripts/deploy_service +++ b/build-system/scripts/deploy_service @@ -4,6 +4,11 @@ set -eu # Redeploy service with latest image. SERVICE_NAME=$1 -if aws ecs list-services --region $ECR_DEPLOY_REGION --cluster setup | grep "/$SERVICE_NAME\"" > /dev/null; then - aws ecs update-service --region $ECR_DEPLOY_REGION --cluster setup --service $SERVICE_NAME --force-new-deployment + +if aws ecs list-services --region $ECR_DEPLOY_REGION --cluster setup | grep "/$SERVICE_NAME\"" >/dev/null; then + if [ "$DRY_DEPLOY" -eq 1 ]; then + echo "DRY_DEPLOY: aws ecs update-service --region $ECR_DEPLOY_REGION --cluster setup --service $SERVICE_NAME --force-new-deployment" + else + aws ecs update-service --region $ECR_DEPLOY_REGION --cluster setup --service $SERVICE_NAME --force-new-deployment + fi fi diff --git a/build-system/scripts/deploy_terraform_and_service b/build-system/scripts/deploy_terraform_and_service new file mode 100644 index 00000000000..dd118ad4c62 --- /dev/null +++ b/build-system/scripts/deploy_terraform_and_service @@ -0,0 +1,27 @@ +#!/usr/bin/env bash +[ -n "${BUILD_SYSTEM_DEBUG:-}" ] && set -x # conditionally trace +set -eu + +REPOSITORY=$1 +SERVICES=${2:-$REPOSITORY} +TO_TAINT=${3:-} + +cd $(query_manifest projectDir $REPOSITORY) + +# Bail out if nothing changed. +CONTENT_HASH=$(calculate_content_hash $REPOSITORY) +echo "Last successfully deployed commit: $CONTENT_HASH" +if check_rebuild cache-$CONTENT_HASH-$DEPLOY_TAG-deployed $REPOSITORY; then + echo "No changes detected, skipping deployment." + exit 0 +fi + +deploy_terraform $REPOSITORY ./terraform/ "$TO_TAINT" + +# Restart services. +for SERVICE in $SERVICES; do + deploy_service $DEPLOY_TAG-$SERVICE +done + +# Tag the image as deployed. +retry tag_remote_image $REPOSITORY cache-$CONTENT_HASH cache-$CONTENT_HASH-$DEPLOY_TAG-deployed diff --git a/l1-contracts/scripts/ci_deploy_contracts.sh b/l1-contracts/scripts/ci_deploy_contracts.sh index aaedb6f2f7d..1fb1027a66a 100755 --- a/l1-contracts/scripts/ci_deploy_contracts.sh +++ b/l1-contracts/scripts/ci_deploy_contracts.sh @@ -11,6 +11,8 @@ echo "Last successfully published commit: $CONTENT_HASH" # Check if image hash has alredy been deployed. if check_rebuild "cache-$CONTENT_HASH-$DEPLOY_TAG-deployed" $REPOSITORY; then echo "No changes detected, no contract deploy necessary." + # Set global variable for redeployment of contracts + echo export CONTRACTS_DEPLOYED=0 >>$BASH_ENV exit 0 fi @@ -36,3 +38,6 @@ deploy_terraform l1-contracts ./terraform # Tag the image as deployed. retry tag_remote_image $REPOSITORY cache-$CONTENT_HASH cache-$CONTENT_HASH-$DEPLOY_TAG-deployed + +# Set global variable for redeployment of contracts +echo export CONTRACTS_DEPLOYED=1 >>$BASH_ENV diff --git a/yarn-project/aztec-node/terraform/main.tf b/yarn-project/aztec-node/terraform/main.tf index 3ca143b2f33..f51737bf65d 100644 --- a/yarn-project/aztec-node/terraform/main.tf +++ b/yarn-project/aztec-node/terraform/main.tf @@ -110,7 +110,7 @@ resource "aws_efs_file_system" "node_data_store" { provisioned_throughput_in_mibps = 20 tags = { - Name = "${var.DEPLOY_TAG}-node-data" + Name = "${var.DEPLOY_TAG}-node-${count.index + 1}-data" } lifecycle_policy { From b8b50b182222c9d986bb5259e5401b8278f3db2a Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 13 Dec 2023 13:55:38 +0000 Subject: [PATCH 02/23] add dry_deploy capabilites to new script --- .circleci/config.yml | 9 ++++----- ...y_terraform_and_service => deploy_terraform_services} | 6 +++++- 2 files changed, 9 insertions(+), 6 deletions(-) rename build-system/scripts/{deploy_terraform_and_service => deploy_terraform_services} (72%) diff --git a/.circleci/config.yml b/.circleci/config.yml index bcd3a68ff58..041a57d730b 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -959,7 +959,7 @@ jobs: # Export variables for Terraform. export TF_VAR_BOOTNODE_1_PRIVATE_KEY=$BOOTNODE_1_PRIVATE_KEY export TF_VAR_BOOTNODE_2_PRIVATE_KEY=$BOOTNODE_2_PRIVATE_KEY - deploy_terraform_and_service p2p-bootstrap "$DEPLOY_TAG-aztec-bootstrap-1,$DEPLOY_TAG-aztec-bootstrap-2" + deploy_terraform_services p2p-bootstrap "$DEPLOY_TAG-aztec-bootstrap-1,$DEPLOY_TAG-aztec-bootstrap-2" - run: name: "Deploy Aztec Nodes to AWS" command: | @@ -971,16 +971,15 @@ jobs: export TF_VAR_SEQ_2_PUBLISHER_PRIVATE_KEY=$SEQ_2_PUBLISHER_PRIVATE_KEY # Check if l1-contracts have changed. if $CONTRACTS_DEPLOYED -eq 1; then - deploy_terraform_and_service aztec-node yarn-project/aztec-node "$DEPLOY_TAG-aztec-node-1,$DEPLOY_TAG-aztec-node-2" aws_efs_file_system.node_data_store + deploy_terraform_services aztec-node yarn-project/aztec-node "$DEPLOY_TAG-aztec-node-1,$DEPLOY_TAG-aztec-node-2" aws_efs_file_system.node_data_store else - deploy_terraform_and_service aztec-node yarn-project/aztec-node "$DEPLOY_TAG-aztec-node-1,$DEPLOY_TAG-aztec-node-2" + deploy_terraform_services aztec-node yarn-project/aztec-node "$DEPLOY_TAG-aztec-node-1,$DEPLOY_TAG-aztec-node-2" fi - - run: name: "Deploy Aztec Faucet to AWS" command: | should_deploy 0 || exit 0 - deploy_terraform_and_service aztec-faucet yarn-project/aztec-faucet/terraform + deploy_terraform_services aztec-faucet yarn-project/aztec-faucet/terraform # Repeatable config for defining the workflow below. defaults: &defaults diff --git a/build-system/scripts/deploy_terraform_and_service b/build-system/scripts/deploy_terraform_services similarity index 72% rename from build-system/scripts/deploy_terraform_and_service rename to build-system/scripts/deploy_terraform_services index dd118ad4c62..91bf5e6e147 100644 --- a/build-system/scripts/deploy_terraform_and_service +++ b/build-system/scripts/deploy_terraform_services @@ -24,4 +24,8 @@ for SERVICE in $SERVICES; do done # Tag the image as deployed. -retry tag_remote_image $REPOSITORY cache-$CONTENT_HASH cache-$CONTENT_HASH-$DEPLOY_TAG-deployed +if [ "$DRY_DEPLOY" -eq 1 ]; then + echo "DRY_DEPLOY: tag_remote_image $REPOSITORY cache-$CONTENT_HASH cache-$CONTENT_HASH-$DEPLOY_TAG-deployed" +else + retry tag_remote_image $REPOSITORY cache-$CONTENT_HASH cache-$CONTENT_HASH-$DEPLOY_TAG-deployed +fi From 59ee799b9edcba1d3fa7ecc4003eb0271057240a Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 13 Dec 2023 13:57:18 +0000 Subject: [PATCH 03/23] redeploy l1-contracts --- l1-contracts/REDEPLOY | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/l1-contracts/REDEPLOY b/l1-contracts/REDEPLOY index fe5516129de..90bef203f0c 100644 --- a/l1-contracts/REDEPLOY +++ b/l1-contracts/REDEPLOY @@ -1,2 +1,2 @@ # Append value to force redeploy -1 \ No newline at end of file +2 \ No newline at end of file From 8af11fe68b6488d158d1daee6c1fc069710b860f Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 13 Dec 2023 14:22:02 +0000 Subject: [PATCH 04/23] use dry deploy on should_deploy [ci dry-deploy] --- build-system/scripts/should_deploy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build-system/scripts/should_deploy b/build-system/scripts/should_deploy index 283191f51f3..1595ba39ac9 100755 --- a/build-system/scripts/should_deploy +++ b/build-system/scripts/should_deploy @@ -3,7 +3,7 @@ # Right now, that's only if we're master. set -eu -if [ "$BRANCH" == "master" ]; then +if [ "$BRANCH" == "master" ] || [ "$DRY_DEPLOY" -eq 1 ]; then exit 0 else exit 1 From 8e536285f89d7d4060bb7d21410f8c34e7f3b8fa Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 13 Dec 2023 14:56:18 +0000 Subject: [PATCH 05/23] fixes [ci dry-deploy] --- .circleci/config.yml | 2 +- l1-contracts/scripts/ci_deploy_contracts.sh | 15 ++++++++++----- 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 041a57d730b..53341aa2e4b 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -945,7 +945,7 @@ jobs: name: "Deploy mainnet fork" command: | should_deploy || exit 0 - deploy mainnet-fork + deploy_terraform_services mainnet-fork "$DEPLOY_TAG-mainnet-fork" - run: name: "Deploy L1 contracts to mainnet fork" working_directory: l1-contracts diff --git a/l1-contracts/scripts/ci_deploy_contracts.sh b/l1-contracts/scripts/ci_deploy_contracts.sh index 1fb1027a66a..15a0050d34a 100755 --- a/l1-contracts/scripts/ci_deploy_contracts.sh +++ b/l1-contracts/scripts/ci_deploy_contracts.sh @@ -33,11 +33,16 @@ for KEY in ROLLUP_CONTRACT_ADDRESS REGISTRY_CONTRACT_ADDRESS INBOX_CONTRACT_ADDR export TF_VAR_$KEY=$VALUE done -# Write TF state variables -deploy_terraform l1-contracts ./terraform - -# Tag the image as deployed. -retry tag_remote_image $REPOSITORY cache-$CONTENT_HASH cache-$CONTENT_HASH-$DEPLOY_TAG-deployed +if [ -n "${DRY_DEPLOY:-}" ]; then + echo "DRY_DEPLOY: deploy_terraform l1-contracts ./terraform" + echo "DRY_DEPLOY: tag_remote_image $REPOSITORY cache-$CONTENT_HASH cache-$CONTENT_HASH-$DEPLOY_TAG-deployed" +else + # Write TF state variables + deploy_terraform l1-contracts ./terraform + + # Tag the image as deployed. + retry tag_remote_image $REPOSITORY cache-$CONTENT_HASH cache-$CONTENT_HASH-$DEPLOY_TAG-deployed +fi # Set global variable for redeployment of contracts echo export CONTRACTS_DEPLOYED=1 >>$BASH_ENV From 36fae97f30ba2474b6f946982fb181644ad25ae7 Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 13 Dec 2023 15:27:49 +0000 Subject: [PATCH 06/23] fix script file permissions --- build-system/scripts/deploy_terraform_services | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 build-system/scripts/deploy_terraform_services diff --git a/build-system/scripts/deploy_terraform_services b/build-system/scripts/deploy_terraform_services old mode 100644 new mode 100755 From 2560ef3f323e55f4640eb9cca417f4fad7eb5484 Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 13 Dec 2023 15:29:33 +0000 Subject: [PATCH 07/23] [ci dry-deploy] --- l1-contracts/REDEPLOY | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/l1-contracts/REDEPLOY b/l1-contracts/REDEPLOY index 90bef203f0c..5407c1d3c07 100644 --- a/l1-contracts/REDEPLOY +++ b/l1-contracts/REDEPLOY @@ -1,2 +1,2 @@ # Append value to force redeploy -2 \ No newline at end of file +3 \ No newline at end of file From 6fcb3e5eae7eb2763f358dc62e87a561b771a184 Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 13 Dec 2023 16:06:28 +0000 Subject: [PATCH 08/23] export DRY_DEPLOY for use in setup_env [ci dry-deploy] --- build-system/scripts/setup_env | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build-system/scripts/setup_env b/build-system/scripts/setup_env index 3486e5f8653..d51edd95523 100755 --- a/build-system/scripts/setup_env +++ b/build-system/scripts/setup_env @@ -34,7 +34,7 @@ echo "PULL_REQUEST=$PULL_REQUEST" # If the user has requested to perform a "dry deploy", we set the commit tag to fake version, and set DRY_DEPLOY to 1. if [[ "$COMMIT_MESSAGE" == *"[ci dry-deploy]"* ]]; then COMMIT_TAG=v999.999.999 - DRY_DEPLOY=1 + export DRY_DEPLOY=1 fi if should_deploy; then From f7a8a36ba1260f95ac9eb8e5cc4974fde4f4eb75 Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 13 Dec 2023 16:21:19 +0000 Subject: [PATCH 09/23] no -auto-approve for tf plan --- build-system/scripts/deploy_terraform | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build-system/scripts/deploy_terraform b/build-system/scripts/deploy_terraform index f5ff4dc810b..1575b7f46f4 100755 --- a/build-system/scripts/deploy_terraform +++ b/build-system/scripts/deploy_terraform @@ -44,7 +44,7 @@ for RESOURCE in $TO_TAINT; do done if [ "$DRY_DEPLOY" -eq 1 ]; then - terraform plan -input=false -auto-approve + terraform plan -input=false else terraform apply -input=false -auto-approve fi From c2f62f14a4616c73fddbaa36de11205db6423074 Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 13 Dec 2023 16:30:19 +0000 Subject: [PATCH 10/23] [ci dry-deploy] --- build-system/scripts/setup_env | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/build-system/scripts/setup_env b/build-system/scripts/setup_env index d51edd95523..781f5605cb8 100755 --- a/build-system/scripts/setup_env +++ b/build-system/scripts/setup_env @@ -42,9 +42,9 @@ if should_deploy; then # Extract the deploy env from the commit tag, if it has one, e.g. testnet. # If we have one, we look something like v2.1.123-testnet.0. This is a "non production" release. if [[ "$COMMIT_TAG" == *"-"* ]]; then - # Strips the trailing '.XX' from the end of the commit tag + # Strips the trailing '.XX' from the end of the commit tag. TEMP=${COMMIT_TAG%.*} - # Strips the 'vX.Y.ZZZ-' from the front of the commit tag, leaving the e.g. 'testnet' + # Strips the 'vX.Y.ZZZ-' from the front of the commit tag, leaving the e.g. 'testnet'. DEPLOY_ENV=${TEMP##*-} else DEPLOY_ENV=prod From c53c46e209b87133776cdf87c0d7d802a05c6f96 Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 13 Dec 2023 16:47:38 +0000 Subject: [PATCH 11/23] aztec-dev deploy tag on dry runs [ci dry-deploy] --- build-system/scripts/setup_env | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build-system/scripts/setup_env b/build-system/scripts/setup_env index 781f5605cb8..11307eba524 100755 --- a/build-system/scripts/setup_env +++ b/build-system/scripts/setup_env @@ -46,7 +46,7 @@ if should_deploy; then TEMP=${COMMIT_TAG%.*} # Strips the 'vX.Y.ZZZ-' from the front of the commit tag, leaving the e.g. 'testnet'. DEPLOY_ENV=${TEMP##*-} - else + elif [ ! "$DRY_RUN" -eq 1 ]; then DEPLOY_ENV=prod fi else From 562a7f8b082bc2f503992c59cdd1e1431fe717df Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 13 Dec 2023 16:50:53 +0000 Subject: [PATCH 12/23] fix typo [ci dry-deploy] --- build-system/scripts/setup_env | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build-system/scripts/setup_env b/build-system/scripts/setup_env index 11307eba524..b27ec180d1e 100755 --- a/build-system/scripts/setup_env +++ b/build-system/scripts/setup_env @@ -46,7 +46,7 @@ if should_deploy; then TEMP=${COMMIT_TAG%.*} # Strips the 'vX.Y.ZZZ-' from the front of the commit tag, leaving the e.g. 'testnet'. DEPLOY_ENV=${TEMP##*-} - elif [ ! "$DRY_RUN" -eq 1 ]; then + elif [ ! "$DRY_DEPLOY" -eq 1 ]; then DEPLOY_ENV=prod fi else From 3f5f529e0faa83b729d7baeb0ea3375815ea2385 Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 13 Dec 2023 17:06:14 +0000 Subject: [PATCH 13/23] set DEPLOY_ENV to dev [ci dry-deploy] --- build-system/scripts/setup_env | 2 ++ 1 file changed, 2 insertions(+) diff --git a/build-system/scripts/setup_env b/build-system/scripts/setup_env index b27ec180d1e..f5db7733d93 100755 --- a/build-system/scripts/setup_env +++ b/build-system/scripts/setup_env @@ -48,6 +48,8 @@ if should_deploy; then DEPLOY_ENV=${TEMP##*-} elif [ ! "$DRY_DEPLOY" -eq 1 ]; then DEPLOY_ENV=prod + else + DEPLOY_ENV=dev fi else # If we're on master, this is our devnet. From c213ab36d2e64b4cfeabff701ed16a95b67bfbab Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 13 Dec 2023 17:23:42 +0000 Subject: [PATCH 14/23] fix deploy_tf_services args --- .circleci/config.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 53341aa2e4b..a2161edb52f 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -971,15 +971,15 @@ jobs: export TF_VAR_SEQ_2_PUBLISHER_PRIVATE_KEY=$SEQ_2_PUBLISHER_PRIVATE_KEY # Check if l1-contracts have changed. if $CONTRACTS_DEPLOYED -eq 1; then - deploy_terraform_services aztec-node yarn-project/aztec-node "$DEPLOY_TAG-aztec-node-1,$DEPLOY_TAG-aztec-node-2" aws_efs_file_system.node_data_store + deploy_terraform_services aztec-node "$DEPLOY_TAG-aztec-node-1,$DEPLOY_TAG-aztec-node-2" aws_efs_file_system.node_data_store else - deploy_terraform_services aztec-node yarn-project/aztec-node "$DEPLOY_TAG-aztec-node-1,$DEPLOY_TAG-aztec-node-2" + deploy_terraform_services aztec-node "$DEPLOY_TAG-aztec-node-1,$DEPLOY_TAG-aztec-node-2" fi - run: name: "Deploy Aztec Faucet to AWS" command: | should_deploy 0 || exit 0 - deploy_terraform_services aztec-faucet yarn-project/aztec-faucet/terraform + deploy_terraform_services aztec-faucet "$DEPLOY_TAG-faucet" # Repeatable config for defining the workflow below. defaults: &defaults From 30a1a3f617cc39e1dc6d296fc3d115753ee5884e Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 13 Dec 2023 17:39:20 +0000 Subject: [PATCH 15/23] add node/bootnode to build_manifest [ci dry-deploy] --- build_manifest.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/build_manifest.yml b/build_manifest.yml index 00309fad698..59e3c020db5 100644 --- a/build_manifest.yml +++ b/build_manifest.yml @@ -149,6 +149,18 @@ aztec-faucet: dependencies: - yarn-project-prod +aztec-node: + buildDir: yarn-project + projectDir: yarn-project/aztec-node + dependencies: + - yarn-project-prod + +p2p-bootstrap: + buildDir: yarn-project + projectDir: yarn-project/p2p-bootstrap + dependencies: + - yarn-project-prod + cli: buildDir: yarn-project projectDir: yarn-project/cli From 4928c5448be0c54bb696d9db9ba489384f373dfb Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 13 Dec 2023 18:02:48 +0000 Subject: [PATCH 16/23] script improvements [ci dry-deploy] --- .circleci/config.yml | 8 +++---- build-system/scripts/deploy_service | 18 +++++++++++---- .../scripts/deploy_terraform_services | 23 ++++++++++--------- 3 files changed, 29 insertions(+), 20 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index a2161edb52f..4c7c3a95bf5 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -945,7 +945,7 @@ jobs: name: "Deploy mainnet fork" command: | should_deploy || exit 0 - deploy_terraform_services mainnet-fork "$DEPLOY_TAG-mainnet-fork" + deploy_terraform_services iac/mainnet-fork mainnet-fork - run: name: "Deploy L1 contracts to mainnet fork" working_directory: l1-contracts @@ -959,7 +959,7 @@ jobs: # Export variables for Terraform. export TF_VAR_BOOTNODE_1_PRIVATE_KEY=$BOOTNODE_1_PRIVATE_KEY export TF_VAR_BOOTNODE_2_PRIVATE_KEY=$BOOTNODE_2_PRIVATE_KEY - deploy_terraform_services p2p-bootstrap "$DEPLOY_TAG-aztec-bootstrap-1,$DEPLOY_TAG-aztec-bootstrap-2" + deploy_terraform_services yarn-project/p2p-bootstrap aztec-sandbox aztec-bootstrap - run: name: "Deploy Aztec Nodes to AWS" command: | @@ -971,9 +971,9 @@ jobs: export TF_VAR_SEQ_2_PUBLISHER_PRIVATE_KEY=$SEQ_2_PUBLISHER_PRIVATE_KEY # Check if l1-contracts have changed. if $CONTRACTS_DEPLOYED -eq 1; then - deploy_terraform_services aztec-node "$DEPLOY_TAG-aztec-node-1,$DEPLOY_TAG-aztec-node-2" aws_efs_file_system.node_data_store + deploy_terraform_services yarn-project/aztec-node aztec-sandbox aztec-node aws_efs_file_system.node_data_store else - deploy_terraform_services aztec-node "$DEPLOY_TAG-aztec-node-1,$DEPLOY_TAG-aztec-node-2" + deploy_terraform_services yarn-project/aztec-node aztec-sandbox aztec-node fi - run: name: "Deploy Aztec Faucet to AWS" diff --git a/build-system/scripts/deploy_service b/build-system/scripts/deploy_service index d47853f10da..c9bfde69d8c 100755 --- a/build-system/scripts/deploy_service +++ b/build-system/scripts/deploy_service @@ -2,13 +2,21 @@ [ -n "${BUILD_SYSTEM_DEBUG:-}" ] && set -x # conditionally trace set -eu -# Redeploy service with latest image. +# Redeploy services with the latest image that match $DEPLOY_TAG followed by $SERVICE_NAME. SERVICE_NAME=$1 +PATTERN="$DEPLOY_TAG.*$SERVICE_NAME" + +# Fetch list of services +SERVICES=$(aws ecs list-services --region $ECR_DEPLOY_REGION --cluster setup | grep -Eo "arn:aws:ecs:[^:]+:[^:]+:service/[^/]+/$PATTERN") + +# Loop through and update each matching service +for SERVICE_ARN in $SERVICES; do + # Extract the actual service name from ARN + ACTUAL_SERVICE_NAME=$(echo "$SERVICE_ARN" | awk -F/ '{print $NF}') -if aws ecs list-services --region $ECR_DEPLOY_REGION --cluster setup | grep "/$SERVICE_NAME\"" >/dev/null; then if [ "$DRY_DEPLOY" -eq 1 ]; then - echo "DRY_DEPLOY: aws ecs update-service --region $ECR_DEPLOY_REGION --cluster setup --service $SERVICE_NAME --force-new-deployment" + echo "DRY_DEPLOY: aws ecs update-service --region $ECR_DEPLOY_REGION --cluster setup --service $ACTUAL_SERVICE_NAME --force-new-deployment" else - aws ecs update-service --region $ECR_DEPLOY_REGION --cluster setup --service $SERVICE_NAME --force-new-deployment + aws ecs update-service --region $ECR_DEPLOY_REGION --cluster setup --service $ACTUAL_SERVICE_NAME --force-new-deployment fi -fi +done diff --git a/build-system/scripts/deploy_terraform_services b/build-system/scripts/deploy_terraform_services index 91bf5e6e147..b2cbf1b7dad 100755 --- a/build-system/scripts/deploy_terraform_services +++ b/build-system/scripts/deploy_terraform_services @@ -2,30 +2,31 @@ [ -n "${BUILD_SYSTEM_DEBUG:-}" ] && set -x # conditionally trace set -eu -REPOSITORY=$1 -SERVICES=${2:-$REPOSITORY} -TO_TAINT=${3:-} +TF_DIR=$1 +CHECK_REBUILD_REPOSITORY=$2 +SERVICE_NAMES=${3:-$CHECK_REBUILD_REPOSITORY} +TO_TAINT=${4:-} -cd $(query_manifest projectDir $REPOSITORY) +cd $TF_DIR # Bail out if nothing changed. -CONTENT_HASH=$(calculate_content_hash $REPOSITORY) +CONTENT_HASH=$(calculate_content_hash $CHECK_REBUILD_REPOSITORY) echo "Last successfully deployed commit: $CONTENT_HASH" -if check_rebuild cache-$CONTENT_HASH-$DEPLOY_TAG-deployed $REPOSITORY; then +if check_rebuild cache-$CONTENT_HASH-$DEPLOY_TAG-deployed $CHECK_REBUILD_REPOSITORY; then echo "No changes detected, skipping deployment." exit 0 fi -deploy_terraform $REPOSITORY ./terraform/ "$TO_TAINT" +deploy_terraform $TF_DIR ./terraform/ "$TO_TAINT" # Restart services. -for SERVICE in $SERVICES; do - deploy_service $DEPLOY_TAG-$SERVICE +for SERVICE in $SERVICE_NAMES; do + deploy_service $SERVICE done # Tag the image as deployed. if [ "$DRY_DEPLOY" -eq 1 ]; then - echo "DRY_DEPLOY: tag_remote_image $REPOSITORY cache-$CONTENT_HASH cache-$CONTENT_HASH-$DEPLOY_TAG-deployed" + echo "DRY_DEPLOY: tag_remote_image $CHECK_REBUILD_REPOSITORY cache-$CONTENT_HASH cache-$CONTENT_HASH-$DEPLOY_TAG-deployed" else - retry tag_remote_image $REPOSITORY cache-$CONTENT_HASH cache-$CONTENT_HASH-$DEPLOY_TAG-deployed + retry tag_remote_image $CHECK_REBUILD_REPOSITORY cache-$CONTENT_HASH cache-$CONTENT_HASH-$DEPLOY_TAG-deployed fi From 63f3c58523bafc5827a9fe18f642b58e422906ff Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 13 Dec 2023 18:26:06 +0000 Subject: [PATCH 17/23] extract PROJECT_NAME [ci dry-deploy] --- .circleci/config.yml | 8 ++++---- build-system/scripts/deploy_terraform_services | 13 ++++++++----- 2 files changed, 12 insertions(+), 9 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 4c7c3a95bf5..8d06ac230d4 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -945,7 +945,7 @@ jobs: name: "Deploy mainnet fork" command: | should_deploy || exit 0 - deploy_terraform_services iac/mainnet-fork mainnet-fork + deploy_terraform_services iac/mainnet-fork - run: name: "Deploy L1 contracts to mainnet fork" working_directory: l1-contracts @@ -959,7 +959,7 @@ jobs: # Export variables for Terraform. export TF_VAR_BOOTNODE_1_PRIVATE_KEY=$BOOTNODE_1_PRIVATE_KEY export TF_VAR_BOOTNODE_2_PRIVATE_KEY=$BOOTNODE_2_PRIVATE_KEY - deploy_terraform_services yarn-project/p2p-bootstrap aztec-sandbox aztec-bootstrap + deploy_terraform_services yarn-project/p2p-bootstrap aztec-sandbox - run: name: "Deploy Aztec Nodes to AWS" command: | @@ -973,13 +973,13 @@ jobs: if $CONTRACTS_DEPLOYED -eq 1; then deploy_terraform_services yarn-project/aztec-node aztec-sandbox aztec-node aws_efs_file_system.node_data_store else - deploy_terraform_services yarn-project/aztec-node aztec-sandbox aztec-node + deploy_terraform_services yarn-project/aztec-node aztec-sandbox fi - run: name: "Deploy Aztec Faucet to AWS" command: | should_deploy 0 || exit 0 - deploy_terraform_services aztec-faucet "$DEPLOY_TAG-faucet" + deploy_terraform_services yarn-project/aztec-faucet aztec-sandbox # Repeatable config for defining the workflow below. defaults: &defaults diff --git a/build-system/scripts/deploy_terraform_services b/build-system/scripts/deploy_terraform_services index b2cbf1b7dad..3581a3efcd6 100755 --- a/build-system/scripts/deploy_terraform_services +++ b/build-system/scripts/deploy_terraform_services @@ -2,12 +2,15 @@ [ -n "${BUILD_SYSTEM_DEBUG:-}" ] && set -x # conditionally trace set -eu -TF_DIR=$1 -CHECK_REBUILD_REPOSITORY=$2 -SERVICE_NAMES=${3:-$CHECK_REBUILD_REPOSITORY} +PROJECT_DIR=$1 +PROJECT_NAME=$(basename $PROJECT_DIR) +CHECK_REBUILD_REPOSITORY=${2:-$PROJECT_NAME} +SERVICE_NAMES=${3:-$PROJECT_NAME} TO_TAINT=${4:-} -cd $TF_DIR +cd $PROJECT_DIR + +# Extract the repository name from the terraform directory. # Bail out if nothing changed. CONTENT_HASH=$(calculate_content_hash $CHECK_REBUILD_REPOSITORY) @@ -17,7 +20,7 @@ if check_rebuild cache-$CONTENT_HASH-$DEPLOY_TAG-deployed $CHECK_REBUILD_REPOSIT exit 0 fi -deploy_terraform $TF_DIR ./terraform/ "$TO_TAINT" +deploy_terraform $PROJECT_NAME ./terraform/ "$TO_TAINT" # Restart services. for SERVICE in $SERVICE_NAMES; do From 220c7787353803b413f4a73618ca4ee4c20db805 Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 13 Dec 2023 18:32:23 +0000 Subject: [PATCH 18/23] fix grep regex pattern [ci dry-deploy] --- build-system/scripts/deploy_service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build-system/scripts/deploy_service b/build-system/scripts/deploy_service index c9bfde69d8c..794cfdf60bc 100755 --- a/build-system/scripts/deploy_service +++ b/build-system/scripts/deploy_service @@ -4,7 +4,7 @@ set -eu # Redeploy services with the latest image that match $DEPLOY_TAG followed by $SERVICE_NAME. SERVICE_NAME=$1 -PATTERN="$DEPLOY_TAG.*$SERVICE_NAME" +PATTERN="$DEPLOY_TAG.*$SERVICE_NAME.*" # Fetch list of services SERVICES=$(aws ecs list-services --region $ECR_DEPLOY_REGION --cluster setup | grep -Eo "arn:aws:ecs:[^:]+:[^:]+:service/[^/]+/$PATTERN") From 3321ef5c51d4e6f6d7bad9c609d014bd5744b91d Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 13 Dec 2023 18:42:09 +0000 Subject: [PATCH 19/23] [ci dry-deploy] --- build-system/scripts/deploy_service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build-system/scripts/deploy_service b/build-system/scripts/deploy_service index 794cfdf60bc..788da37aab1 100755 --- a/build-system/scripts/deploy_service +++ b/build-system/scripts/deploy_service @@ -9,7 +9,7 @@ PATTERN="$DEPLOY_TAG.*$SERVICE_NAME.*" # Fetch list of services SERVICES=$(aws ecs list-services --region $ECR_DEPLOY_REGION --cluster setup | grep -Eo "arn:aws:ecs:[^:]+:[^:]+:service/[^/]+/$PATTERN") -# Loop through and update each matching service +# Loop through and update each matching service. for SERVICE_ARN in $SERVICES; do # Extract the actual service name from ARN ACTUAL_SERVICE_NAME=$(echo "$SERVICE_ARN" | awk -F/ '{print $NF}') From f8166f4d8f1e10a7195eb0d03f02609fdc74c84f Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 13 Dec 2023 19:49:57 +0000 Subject: [PATCH 20/23] fix ecs naming + don't fail service script [ci dry-deploy] --- build-system/scripts/deploy_service | 5 ++- yarn-project/aztec-faucet/terraform/main.tf | 8 ++-- yarn-project/p2p-bootstrap/terraform/main.tf | 40 ++++++++++---------- 3 files changed, 28 insertions(+), 25 deletions(-) diff --git a/build-system/scripts/deploy_service b/build-system/scripts/deploy_service index 788da37aab1..80fad879ad4 100755 --- a/build-system/scripts/deploy_service +++ b/build-system/scripts/deploy_service @@ -7,7 +7,10 @@ SERVICE_NAME=$1 PATTERN="$DEPLOY_TAG.*$SERVICE_NAME.*" # Fetch list of services -SERVICES=$(aws ecs list-services --region $ECR_DEPLOY_REGION --cluster setup | grep -Eo "arn:aws:ecs:[^:]+:[^:]+:service/[^/]+/$PATTERN") +SERVICES=$(aws ecs list-services --region $ECR_DEPLOY_REGION --cluster setup | grep -Eo "arn:aws:ecs:[^:]+:[^:]+:service/[^/]+/$PATTERN" || true) + +echo "Services to redeploy:" +echo "$SERVICES" # Loop through and update each matching service. for SERVICE_ARN in $SERVICES; do diff --git a/yarn-project/aztec-faucet/terraform/main.tf b/yarn-project/aztec-faucet/terraform/main.tf index 68b0bd5e291..db33a2656c5 100644 --- a/yarn-project/aztec-faucet/terraform/main.tf +++ b/yarn-project/aztec-faucet/terraform/main.tf @@ -86,7 +86,7 @@ resource "aws_ecs_task_definition" "aztec-faucet" { container_definitions = < Date: Wed, 13 Dec 2023 20:09:51 +0000 Subject: [PATCH 21/23] update TF_VARs --- .circleci/config.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 8d06ac230d4..32cced36cce 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -966,9 +966,10 @@ jobs: should_deploy 0 || exit 0 export TF_VAR_BOOTNODE_1_PEER_ID=$BOOTNODE_1_PEER_ID export TF_VAR_BOOTNODE_2_PEER_ID=$BOOTNODE_2_PEER_ID - export TF_VAR_FAUCET_PRIVATE_KEY=$FAUCET_PRIVATE_KEY export TF_VAR_SEQ_1_PUBLISHER_PRIVATE_KEY=$SEQ_1_PUBLISHER_PRIVATE_KEY export TF_VAR_SEQ_2_PUBLISHER_PRIVATE_KEY=$SEQ_2_PUBLISHER_PRIVATE_KEY + export TF_VAR_NODE_1_PRIVATE_KEY=$NODE_1_PRIVATE_KEY + export TF_VAR_NODE_2_PRIVATE_KEY=$NODE_2_PRIVATE_KEY # Check if l1-contracts have changed. if $CONTRACTS_DEPLOYED -eq 1; then deploy_terraform_services yarn-project/aztec-node aztec-sandbox aztec-node aws_efs_file_system.node_data_store @@ -979,6 +980,7 @@ jobs: name: "Deploy Aztec Faucet to AWS" command: | should_deploy 0 || exit 0 + export TF_VAR_FAUCET_PRIVATE_KEY=$FAUCET_PRIVATE_KEY deploy_terraform_services yarn-project/aztec-faucet aztec-sandbox # Repeatable config for defining the workflow below. From 3227d585ae501ce809db749d3b25aec3234f06a6 Mon Sep 17 00:00:00 2001 From: spypsy Date: Wed, 13 Dec 2023 20:11:30 +0000 Subject: [PATCH 22/23] [ci dry-deploy] --- .circleci/config.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 32cced36cce..ba66840200e 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -970,7 +970,7 @@ jobs: export TF_VAR_SEQ_2_PUBLISHER_PRIVATE_KEY=$SEQ_2_PUBLISHER_PRIVATE_KEY export TF_VAR_NODE_1_PRIVATE_KEY=$NODE_1_PRIVATE_KEY export TF_VAR_NODE_2_PRIVATE_KEY=$NODE_2_PRIVATE_KEY - # Check if l1-contracts have changed. + # Check if l1-contracts have changed if $CONTRACTS_DEPLOYED -eq 1; then deploy_terraform_services yarn-project/aztec-node aztec-sandbox aztec-node aws_efs_file_system.node_data_store else From ae135b3e2a466fa70963e4dfc7123f491144b941 Mon Sep 17 00:00:00 2001 From: spypsy Date: Thu, 14 Dec 2023 12:53:37 +0000 Subject: [PATCH 23/23] add comments to new script --- build-system/scripts/deploy_terraform_services | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/build-system/scripts/deploy_terraform_services b/build-system/scripts/deploy_terraform_services index 3581a3efcd6..879ca6a5290 100755 --- a/build-system/scripts/deploy_terraform_services +++ b/build-system/scripts/deploy_terraform_services @@ -2,16 +2,25 @@ [ -n "${BUILD_SYSTEM_DEBUG:-}" ] && set -x # conditionally trace set -eu +# This script deploys a terraform project and restarts related services. + +# The terraform project directory. PROJECT_DIR=$1 +# Extract project name fromm the directory, e.g. yarn-project/aztec-node -> aztec-node PROJECT_NAME=$(basename $PROJECT_DIR) + +# The repository to check for changes. Defaults to the project name +# but can be different for projects that e.g. use the sandbox image. CHECK_REBUILD_REPOSITORY=${2:-$PROJECT_NAME} + +# The services to restart. Defaults to the project name but can be different. SERVICE_NAMES=${3:-$PROJECT_NAME} + +# The terraform resources to taint. Defaults to none. TO_TAINT=${4:-} cd $PROJECT_DIR -# Extract the repository name from the terraform directory. - # Bail out if nothing changed. CONTENT_HASH=$(calculate_content_hash $CHECK_REBUILD_REPOSITORY) echo "Last successfully deployed commit: $CONTENT_HASH"