Merge pull request #311 from JoinColony/feat/M1-proxy-colonies

feat: Proxy colonies M1

Author: bassgeta

.github/workflows/build-deploy-proxy.yaml

@@ -0,0 +1,220 @@
+name: Block ingestor proxy chain - Build and deploy
+
+on: 
+
+  workflow_dispatch: # Allows manual workflow trigger
+  repository_dispatch: # Allows API workflow trigger
+    types: [cdapp-block-ingestor-proxy-chain]
+  
+  # push:
+  #   branches:
+  #     - master # Automatically deploy on commits to master
+  #   paths-ignore:
+  #     - '.github/**'
+  #     - '**.md'
+
+concurrency:
+  group: cdapp-block-ingestor-proxy-chain
+  cancel-in-progress: true
+
+# Set global env variables
+env:
+  AWS_REGION: eu-west-2
+  ECR_REPOSITORY: ${{ secrets.AWS_ACCOUNT_ID_QA }}.dkr.ecr.eu-west-2.amazonaws.com/cdapp/block-ingestor-proxy-chain
+  COMMIT_HASH: ${{ github.event.client_payload.COMMIT_HASH != null && github.event.client_payload.COMMIT_HASH || github.sha }}
+
+jobs:
+
+  # Build cdapp block-ingestor and push to AWS ECR
+  buildAndPush:
+
+    runs-on: ubuntu-latest
+
+    steps:
+
+      - name: Echo Env Vars through Context
+        run: |
+          echo "$GITHUB_CONTEXT"
+
+      - name: Configure AWS credentials                          
+        uses: aws-actions/configure-aws-credentials@v2           
+        with:                                                    
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_QA }}        
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_QA }}
+          aws-region: ${{ env.AWS_REGION }}
+
+      - name: Login to Amazon ECR            
+        id: login-ecr                        
+        uses: aws-actions/amazon-ecr-login@v1
+      
+      - name: Checkout                                  
+        uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Checkout relevant branch
+        run:
+          git checkout ${{ github.event.client_payload.COMMIT_HASH != null && github.event.client_payload.COMMIT_HASH || github.sha }}
+      
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+        
+      - name: Build and push
+        uses: docker/build-push-action@v3
+        with:
+          context: ${{ github.workspace }}
+          file: ./Dockerfile
+          push: true
+          build-args: |
+            BUILD_TARGET=proxy-chain
+          tags: |
+            ${{ env.ECR_REPOSITORY }}:run-${{ github.run_number }}
+            ${{ env.ECR_REPOSITORY }}:${{ env.COMMIT_HASH }}
+      
+      - uses: sarisia/actions-status-discord@c193626e5ce172002b8161e116aa897de7ab5383
+        if: always()
+        with:
+          webhook: ${{ secrets.DISCORD_WEBHOOK }}
+          title: "Build and push cdapp block-ingestor"
+
+  # Deploy cdapp block-ingestor to QA environment
+  deployQA:
+
+    needs: buildAndPush
+
+    runs-on: ubuntu-latest
+
+    env:
+      NAMESPACE: cdapp
+      CLUSTER_NAME: qa-cluster
+      ENVIRONMENT_TAG: qa
+      REPOSITORY_NAME: cdapp/block-ingestor-proxy-chain
+
+    steps:
+
+    - name: Configure AWS credentials for ECR                          
+      uses: aws-actions/configure-aws-credentials@v2           
+      with:                                                    
+        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_QA }}        
+        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_QA }}
+        aws-region: ${{ env.AWS_REGION }}
+    
+    - name: Login to Amazon ECR            
+      id: login-ecr                        
+      uses: aws-actions/amazon-ecr-login@v1
+    
+    - name: Echo current image and tag new image
+      run: |
+        echo -e "Getting image info...\n"
+
+        echo -e "###### Current image being used ######\n"
+        SHA256=$(aws ecr batch-get-image --repository-name ${{ env.REPOSITORY_NAME }} --image-ids imageTag=${{ env.ENVIRONMENT_TAG }} --output json | jq '.images[].imageId.imageDigest')
+        aws ecr batch-get-image --repository-name ${{ env.REPOSITORY_NAME }} --image-ids imageDigest=$SHA256 --output json | jq '.images[].imageId'
+        
+        echo -e "\n###### Tagging new image with environment tag ######"
+        MANIFEST=$(aws ecr batch-get-image --repository-name ${{ env.REPOSITORY_NAME }} --image-ids imageTag=${{ env.COMMIT_HASH }} --output json | jq --raw-output --join-output '.images[0].imageManifest')
+        aws ecr put-image --repository-name ${{ env.REPOSITORY_NAME }} --image-tag ${{ env.ENVIRONMENT_TAG }} --image-manifest "$MANIFEST"
+        
+        echo -e "\n###### New image being used ######\n"
+        SHA256=$(aws ecr batch-get-image --repository-name ${{ env.REPOSITORY_NAME }} --image-ids imageTag=${{ env.ENVIRONMENT_TAG }} --output json | jq '.images[].imageId.imageDigest')
+        aws ecr batch-get-image --repository-name ${{ env.REPOSITORY_NAME }} --image-ids imageDigest=$SHA256 --output json | jq '.images[].imageId'
+    
+    - name: Configure AWS credentials for EKS                         
+      uses: aws-actions/configure-aws-credentials@v2           
+      with:                                                    
+        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_QA }}        
+        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_QA }}
+        role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID_QA }}:role/eks-admin
+        role-session-name: github-cicd
+        role-duration-seconds: 1200
+        aws-region: ${{ env.AWS_REGION }}
+
+    - name: Configure AWS EKS
+      run: |
+        aws eks --region ${{ env.AWS_REGION }} update-kubeconfig --name ${{ env.CLUSTER_NAME }}
+
+    - name: Deploy to Kubernetes cluster
+      run: |
+        kubectl rollout restart deployment/cdapp-block-ingestor-${{ env.ENVIRONMENT_TAG }}-polygon-amoy -n ${{ env.NAMESPACE }}
+
+    - name: Validate Kubernetes deployment
+      run: |
+        kubectl rollout status deployment/cdapp-block-ingestor-${{ env.ENVIRONMENT_TAG }}-polygon-amoy -n ${{ env.NAMESPACE }}
+    
+    - uses: sarisia/actions-status-discord@c193626e5ce172002b8161e116aa897de7ab5383
+      if: always()
+      with:
+        webhook: ${{ secrets.DISCORD_WEBHOOK }}
+        title: "Deploy cdapp block-ingestor to ${{ env.ENVIRONMENT_TAG }}-polygon-amoy"
+
+  # Deploy cdapp block-ingestor to Prod environment
+  deployProd:
+
+    needs: deployQA
+
+    environment: prod
+
+    runs-on: ubuntu-latest
+
+    env:
+      NAMESPACE: cdapp
+      CLUSTER_NAME: prod-cluster
+      ENVIRONMENT_TAG: prod
+      REPOSITORY_NAME: cdapp/block-ingestor-proxy-chain
+
+    steps:
+
+    - name: Configure AWS credentials for ECR                          
+      uses: aws-actions/configure-aws-credentials@v2           
+      with:                                                    
+        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_QA }}        
+        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_QA }}
+        aws-region: ${{ env.AWS_REGION }}
+    
+    - name: Login to Amazon ECR            
+      id: login-ecr                        
+      uses: aws-actions/amazon-ecr-login@v1
+    
+    - name: Echo current image and tag new image
+      run: |
+        echo -e "Getting image info...\n"
+
+        echo -e "###### Current image being used ######\n"
+        SHA256=$(aws ecr batch-get-image --repository-name ${{ env.REPOSITORY_NAME }} --image-ids imageTag=${{ env.ENVIRONMENT_TAG }} --output json | jq '.images[].imageId.imageDigest')
+        aws ecr batch-get-image --repository-name ${{ env.REPOSITORY_NAME }} --image-ids imageDigest=$SHA256 --output json | jq '.images[].imageId'
+        
+        echo -e "\n###### Tagging new image with environment tag ######"
+        MANIFEST=$(aws ecr batch-get-image --repository-name ${{ env.REPOSITORY_NAME }} --image-ids imageTag=${{ env.COMMIT_HASH }} --output json | jq --raw-output --join-output '.images[0].imageManifest')
+        aws ecr put-image --repository-name ${{ env.REPOSITORY_NAME }} --image-tag ${{ env.ENVIRONMENT_TAG }} --image-manifest "$MANIFEST"
+        
+        echo -e "\n###### New image being used ######\n"
+        SHA256=$(aws ecr batch-get-image --repository-name ${{ env.REPOSITORY_NAME }} --image-ids imageTag=${{ env.ENVIRONMENT_TAG }} --output json | jq '.images[].imageId.imageDigest')
+        aws ecr batch-get-image --repository-name ${{ env.REPOSITORY_NAME }} --image-ids imageDigest=$SHA256 --output json | jq '.images[].imageId'
+    
+    - name: Configure AWS credentials for EKS                         
+      uses: aws-actions/configure-aws-credentials@v2           
+      with:                                                    
+        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_PROD }}        
+        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_PROD }}
+        role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID_PROD }}:role/eks-admin
+        role-session-name: github-cicd
+        role-duration-seconds: 1200
+        aws-region: ${{ env.AWS_REGION }}
+
+    - name: Configure AWS EKS
+      run: |
+        aws eks --region ${{ env.AWS_REGION }} update-kubeconfig --name ${{ env.CLUSTER_NAME }}
+
+    - name: Deploy to Kubernetes cluster
+      run: |
+        kubectl rollout restart deployment/cdapp-block-ingestor-${{ env.ENVIRONMENT_TAG }}-polygon-mainnet -n ${{ env.NAMESPACE }}
+
+    - name: Validate Kubernetes deployment
+      run: |
+        kubectl rollout status deployment/cdapp-block-ingestor-${{ env.ENVIRONMENT_TAG }}-polygon-mainnet -n ${{ env.NAMESPACE }}
+    
+    - uses: sarisia/actions-status-discord@c193626e5ce172002b8161e116aa897de7ab5383
+      if: always()
+      with:
+        webhook: ${{ secrets.DISCORD_WEBHOOK }}
+        title: "Deploy cdapp block-ingestor to ${{ env.ENVIRONMENT_TAG }}-polygon-mainnet"

.github/workflows/build-deploy.yaml

@@ -1,4 +1,4 @@
-name: Build and deploy cdapp block-ingestor docker image
+name: Block ingestor main chain - Build and deploy
 
 on: 
 
@@ -65,6 +65,8 @@ jobs:
           context: ${{ github.workspace }}
           file: ./Dockerfile
           push: true
+          build-args: |
+            BUILD_TARGET=main-chain
           tags: |
             ${{ env.ECR_REPOSITORY }}:run-${{ github.run_number }}
             ${{ env.ECR_REPOSITORY }}:${{ env.COMMIT_HASH }}

Dockerfile

@@ -1,3 +1,6 @@
+# Declare the build argument at the top
+ARG BUILD_TARGET=main-chain
+
 FROM node:20-slim AS base
 ENV PNPM_HOME="/pnpm"
 ENV PATH="$PNPM_HOME:$PATH"
@@ -25,3 +28,16 @@ COPY --from=build /workspace /workspace
 WORKDIR /workspace/apps/proxy-chain
 CMD ["pnpm", "--filter", "@joincolony/proxy-chain", "prod"]
 
+# Final stage that will be used
+FROM ${BUILD_TARGET} AS final
+
+# Re-declare the build argument in the final stage
+ARG BUILD_TARGET
+
+# Add labels and echo build info
+LABEL build_type=${BUILD_TARGET}
+RUN echo "🏗️ Building ${BUILD_TARGET} version of block-ingestor" && \
+    echo "📦 Final build target: ${BUILD_TARGET}"
+
+# Keep existing CMD from the selected stage
+

apps/main-chain/src/eventListeners/colony.ts

@@ -115,10 +115,6 @@ export const setupListenersForColonies = async (): Promise<void> => {
     ContractEventsSignatures.ReputationMiningCycleComplete,
     handleReputationMiningCycleComplete,
   );
-  addProxyColoniesEventListener(
-    ContractEventsSignatures.ProxyColonyRequested,
-    handleProxyColonyRequested,
-  );
 };
 
 export const setupListenersForColony = (
@@ -175,6 +171,12 @@ export const setupListenersForColony = (
     ),
   );
 
+  addProxyColoniesEventListener(
+    ContractEventsSignatures.ProxyColonyRequested,
+    colonyAddress,
+    handleProxyColonyRequested,
+  );
+
   /*
    * @NOTE Setup both token event listners
    *

apps/main-chain/src/eventListeners/proxyColonies.ts

@@ -9,12 +9,14 @@ import eventManager from '~eventManager';
 
 export const addProxyColoniesEventListener = (
   eventSignature: ContractEventsSignatures,
+  colonyAddress: string,
   handler: EventHandler,
 ): void =>
   eventManager.addEventListener({
     type: EventListenerType.ProxyColonies,
     eventSignature,
     topics: [utils.id(eventSignature)],
-    address: process.env.CHAIN_NETWORK_CONTRACT ?? '',
+    address: colonyAddress,
+    colonyAddress,
     handler,
   });

apps/main-chain/src/handlers/colonies/colonyAdded.ts

@@ -19,9 +19,6 @@ import { getColonyContributorId } from '~utils/contributors';
 import { tryFetchGraphqlQuery } from '~utils/graphql';
 import { createUniqueColony } from './helpers/createUniqueColony';
 import { output } from '@joincolony/utils';
-import rpcProvider from '~provider';
-import networkClient from '~networkClient';
-import { getTransactionSignerAddress } from '~utils/transactions';
 import { getColonyCreationSalt } from './helpers/validateCreationSalt';
 
 export default async (event: ContractEvent): Promise<void> => {

apps/main-chain/src/handlers/metadataDelta/handlers/disableProxyColony.ts

@@ -0,0 +1,67 @@
+import { Id } from '@colony/colony-js';
+import {
+  ColonyActionType,
+  GetProxyColonyDocument,
+  GetProxyColonyQuery,
+  GetProxyColonyQueryVariables,
+  UpdateProxyColonyDocument,
+  UpdateProxyColonyMutation,
+  UpdateProxyColonyMutationVariables,
+} from '@joincolony/graphql';
+import { ContractEvent } from '@joincolony/blocks';
+import {
+  DisableProxyColonyOperation,
+  getColonyFromDB,
+  getDomainDatabaseId,
+  writeActionFromEvent,
+} from '~utils';
+import amplifyClient from '~amplifyClient';
+
+export const handleDisableProxyColony = async (
+  event: ContractEvent,
+  operation: DisableProxyColonyOperation,
+): Promise<void> => {
+  const { contractAddress: colonyAddress } = event;
+  const { agent: initiatorAddress } = event.args;
+
+  const foreignChainId = operation.payload[0];
+
+  const colony = await getColonyFromDB(colonyAddress);
+  if (!colony) {
+    return;
+  }
+
+  const proxyColonyId = `${colonyAddress}_${foreignChainId}`;
+
+  const item = await amplifyClient.query<
+    GetProxyColonyQuery,
+    GetProxyColonyQueryVariables
+  >(GetProxyColonyDocument, {
+    id: proxyColonyId,
+  });
+
+  // If the proxy colony is already disabled, we early-return
+  if (!item?.data?.getProxyColony?.isActive) {
+    return;
+  }
+
+  await amplifyClient.mutate<
+    UpdateProxyColonyMutation,
+    UpdateProxyColonyMutationVariables
+  >(UpdateProxyColonyDocument, {
+    input: {
+      id: proxyColonyId,
+      isActive: false,
+    },
+  });
+
+  await writeActionFromEvent(event, colonyAddress, {
+    type: ColonyActionType.RemoveProxyColony,
+    initiatorAddress,
+    targetChainId: Number(foreignChainId),
+    multiChainInfo: {
+      completed: true,
+    },
+    fromDomainId: getDomainDatabaseId(colonyAddress, Id.RootDomain),
+  });
+};