Deploy devnet - v0.6.0 #72
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy | |
| run-name: Deploy ${{ inputs.network }} - ${{ inputs.gitref }} | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| network: | |
| description: 'Deployment instance' | |
| required: true | |
| type: choice | |
| options: | |
| - devnet | |
| - testnet | |
| gitref: | |
| description: 'Version, branch or commit to deploy' | |
| required: true | |
| type: string | |
| permissions: | |
| id-token: write | |
| contents: write | |
| jobs: | |
| deploy: | |
| name: ${{ inputs.network }} - ${{ inputs.gitref }} | |
| # This is our arm64 runner which matches the AWS instance. | |
| runs-on: | |
| labels: ubuntu22-arm-4core | |
| env: | |
| # Define the instance information. | |
| account-id: MIDEN_DEV_ACCOUNT_ID | |
| oidcrole: midendev | |
| instance-id: ${{ inputs.network == 'testnet' && 'TESTNET_INSTANCE_NEW_TF' || 'DEVNET_INSTANCE_TF' }} | |
| # Define the expected package names. | |
| node-package: miden-node-${{ inputs.gitref }}-arm64.deb | |
| faucet-package: miden-faucet-${{ inputs.gitref }}-arm64.deb | |
| steps: | |
| # S3 path where packages are stored; used to send packages to instance as this isn't trivially possible directly. | |
| # This cannot be done in the global env setup as it requires another env variable. | |
| - name: Setup S3 path | |
| run: echo "s3-path=s3://release-artifacts-${{ secrets[env.account-id] }}" >> $GITHUB_ENV | |
| # Checkout repo so we have access to the required workflow actions. | |
| - name: Checkout repo | |
| uses: actions/checkout@main | |
| with: | |
| fetch-depth: 0 | |
| # Download from github if its a version tag referece. | |
| - name: Download from releases | |
| if: ${{ startsWith(inputs.gitref, 'v') }} | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| gh release download ${{ inputs.gitref }} -p ${{ env.node-package }} | |
| gh release download ${{ inputs.gitref }} -p ${{ env.node-package }}.checksum | |
| gh release download ${{ inputs.gitref }} -p ${{ env.faucet-package }} | |
| gh release download ${{ inputs.gitref }} -p ${{ env.faucet-package }}.checksum | |
| sha256sum --check ${{ env.node-package }}.checksum | |
| sha256sum --check ${{ env.faucet-package }}.checksum | |
| # Otherwise build the packages from source. | |
| # | |
| # Note that we cannot build from the currently checked out repo source since that source | |
| # defines our workflow actions, and not the compilation source target. For this reason we | |
| # prefer building the binary using `cargo install ...`. | |
| - name: Build from source | |
| if: ${{ !startsWith(inputs.gitref, 'v') }} | |
| uses: ./.github/actions/build_package | |
| with: | |
| gitref: ${{ inputs.gitref }} | |
| # Configure AWS communication via SSM. | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-region: eu-west-1 | |
| role-to-assume: "arn:aws:iam::${{ secrets[env.account-id] }}:role/${{ env.oidcrole }}-GithubActionsRole" | |
| role-session-name: GithubActionsSession | |
| - name: Install awscli | |
| uses: ./.github/actions/ssm_execute | |
| with: | |
| instance_id: ${{ secrets[env.instance-id] }} | |
| command: | | |
| sudo apt-get udpate; \ | |
| sudo apt install awscli -y | |
| # Move packages to instance using S3. Note that this will clobber the files. | |
| - name: Upload packages to S3 | |
| run: | | |
| mv miden-node.deb ${{ env.node-package }} | |
| mv miden-faucet.deb ${{ env.faucet-package }} | |
| aws s3 cp ${{ env.node-package }} ${{ env.s3-path }}/${{ env.node-package }} | |
| aws s3 cp ${{ env.faucet-package }} ${{ env.s3-path }}/${{ env.faucet-package }} | |
| - name: Download packages to instance | |
| uses: ./.github/actions/ssm_execute | |
| with: | |
| instance_id: ${{ secrets[env.instance-id] }} | |
| command: | | |
| aws s3 cp ${{ env.s3-path }}/${{ env.node-package }} ${{ env.node-package}}; \ | |
| aws s3 cp ${{ env.s3-path }}/${{ env.faucet-package }} ${{ env.faucet-package}} | |
| # Install and launch services on the instance. | |
| - name: Stop miden services | |
| uses: ./.github/actions/ssm_execute | |
| with: | |
| instance_id: ${{ secrets[env.instance-id] }} | |
| command: | | |
| sudo systemctl stop miden-node; \ | |
| sudo systemctl stop miden-faucet; \ | |
| sudo apt remove miden-node miden-faucet -y; | |
| - name: Install packages | |
| uses: ./.github/actions/ssm_execute | |
| with: | |
| instance_id: ${{ secrets[env.instance-id] }} | |
| command: | | |
| dpkg -i ${{ env.node-package }}; \ | |
| dpkg -i ${{ env.faucet-package }} | |
| # The faucet uses the public faucet generated in the genesis block. | |
| - name: Configure environment | |
| uses: ./.github/actions/ssm_execute | |
| with: | |
| instance_id: ${{ secrets[env.instance-id] }} | |
| command: | | |
| sudo /usr/bin/miden-node init -c /etc/opt/miden-node/miden-node.toml -g /etc/opt/miden-node/genesis.toml; \ | |
| sudo /usr/bin/miden-node make-genesis -i /etc/opt/miden-node/genesis.toml -o /opt/miden-node/genesis.dat --force; \ | |
| sudo /usr/bin/miden-faucet init -c /etc/opt/miden-faucet/miden-faucet.toml -f /opt/miden-faucet/accounts/faucet.mac; \ | |
| sudo mkdir /opt/miden-faucet/accounts; \ | |
| sudo cp /opt/miden-node/accounts/faucet.mac /opt/miden-faucet/accounts/faucet.mac; \ | |
| sudo chown -R miden-node /opt/miden-node; \ | |
| sudo chown -R miden-faucet /opt/miden-faucet; | |
| - name: Start miden services | |
| uses: ./.github/actions/ssm_execute | |
| with: | |
| instance_id: ${{ secrets[env.instance-id] }} | |
| command: | | |
| sudo systemctl daemon-reload; \ | |
| sudo systemctl start miden-node; \ | |
| sudo systemctl start miden-faucet; |