diff --git a/.github/scripts/extract_l1_addresses.sh b/.github/scripts/extract_l1_addresses.sh new file mode 100755 index 00000000000..b23d5c4bcca --- /dev/null +++ b/.github/scripts/extract_l1_addresses.sh @@ -0,0 +1,47 @@ +#!/usr/bin/env bash + +FILE_PATH=$1 + +# Read the file line by line +while IFS= read -r line; do + # Extract the hexadecimal address using awk + address=$(echo "$line" | awk '{print $NF}') + + # Assign the address to the respective variable based on the line content + if [[ $line == *"Rollup Address"* ]]; then + export TF_VAR_ROLLUP_CONTRACT_ADDRESS=$address + echo "TF_VAR_ROLLUP_CONTRACT_ADDRESS=$TF_VAR_ROLLUP_CONTRACT_ADDRESS" + elif [[ $line == *"Registry Address"* ]]; then + export TF_VAR_REGISTRY_CONTRACT_ADDRESS=$address + echo "TF_VAR_REGISTRY_CONTRACT_ADDRESS=$TF_VAR_REGISTRY_CONTRACT_ADDRESS" + elif [[ $line == *"Inbox Address"* ]]; then + export TF_VAR_INBOX_CONTRACT_ADDRESS=$address + echo "TF_VAR_INBOX_CONTRACT_ADDRESS=$TF_VAR_INBOX_CONTRACT_ADDRESS" + elif [[ $line == *"Outbox Address"* ]]; then + export TF_VAR_OUTBOX_CONTRACT_ADDRESS=$address + echo "TF_VAR_OUTBOX_CONTRACT_ADDRESS=$TF_VAR_OUTBOX_CONTRACT_ADDRESS" + elif [[ $line == *"Oracle Address"* ]]; then + export TF_VAR_AVAILABILITY_ORACLE_CONTRACT_ADDRESS=$address + echo "TF_VAR_AVAILABILITY_ORACLE_CONTRACT_ADDRESS=$TF_VAR_AVAILABILITY_ORACLE_CONTRACT_ADDRESS" + elif [[ $line == *"Gas Token Address"* ]]; then + export TF_VAR_GAS_TOKEN_CONTRACT_ADDRESS=$address + echo "TF_VAR_GAS_TOKEN_CONTRACT_ADDRESS=$TF_VAR_GAS_TOKEN_CONTRACT_ADDRESS" + elif [[ $line == *"Gas Portal Address"* ]]; then + export TF_VAR_GAS_PORTAL_CONTRACT_ADDRESS=$address + echo "TF_VAR_GAS_PORTAL_CONTRACT_ADDRESS=$TF_VAR_GAS_PORTAL_CONTRACT_ADDRESS" + else + echo "Unknown contract address: $line" + fi +done <"$FILE_PATH" + +# echo all addresses into github env +echo "TF_VAR_ROLLUP_CONTRACT_ADDRESS=$TF_VAR_ROLLUP_CONTRACT_ADDRESS" >>$GITHUB_ENV +echo "TF_VAR_REGISTRY_CONTRACT_ADDRESS=$TF_VAR_REGISTRY_CONTRACT_ADDRESS" >>$GITHUB_ENV +echo "TF_VAR_INBOX_CONTRACT_ADDRESS=$TF_VAR_INBOX_CONTRACT_ADDRESS" >>$GITHUB_ENV +echo "TF_VAR_OUTBOX_CONTRACT_ADDRESS=$TF_VAR_OUTBOX_CONTRACT_ADDRESS" >>$GITHUB_ENV +echo "TF_VAR_AVAILABILITY_ORACLE_CONTRACT_ADDRESS=$TF_VAR_AVAILABILITY_ORACLE_CONTRACT_ADDRESS" >>$GITHUB_ENV +echo "TF_VAR_GAS_TOKEN_CONTRACT_ADDRESS=$TF_VAR_GAS_TOKEN_CONTRACT_ADDRESS" >>$GITHUB_ENV +echo "TF_VAR_GAS_PORTAL_CONTRACT_ADDRESS=$TF_VAR_GAS_PORTAL_CONTRACT_ADDRESS" >>$GITHUB_ENV + +# Set global variable for redeployment of contracts +echo "CONTRACTS_DEPLOYED=1" >>$GITHUB_ENV diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index faccce27cb0..3c4c5462ae9 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,7 +2,8 @@ name: CI on: push: branches: [master] - pull_request: {} + pull_request: + branches-ignore: [devnet] workflow_dispatch: inputs: {} diff --git a/.github/workflows/devnet-deploys.yml b/.github/workflows/devnet-deploys.yml index 1120fef4628..75df1925cc8 100644 --- a/.github/workflows/devnet-deploys.yml +++ b/.github/workflows/devnet-deploys.yml @@ -10,6 +10,8 @@ concurrency: env: DOCKERHUB_PASSWORD: ${{ secrets.DOCKERHUB_PASSWORD }} GIT_COMMIT: ${{ github.sha }} + DEPLOY_TAG: devnet + FILE_PATH: ./l1-contracts/addresses.txt # TF Vars TF_VAR_DOCKERHUB_ACCOUNT: aztecprotocol TF_VAR_CHAIN_ID: 31337 @@ -29,26 +31,49 @@ jobs: secrets: inherit build: + needs: setup runs-on: ${{ github.actor }}-x86 steps: - uses: actions/checkout@v4 - with: { ref: "${{ env.GIT_COMMIT }}" } + with: + ref: "${{ env.GIT_COMMIT }}" + fetch-depth: 0 - uses: ./.github/ci-setup-action with: - dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}" concurrency_key: build-release-artifacts-${{ github.actor }} - - name: "Build & Push images" + dockerhub_password: "${{ secrets.DOCKERHUB_PASSWORD }}" + - name: "Build & Push aztec images" + timeout-minutes: 40 + # Run the build steps for each image with version and arch, push to dockerhub + run: | + earthly-ci --no-output --push ./yarn-project+export-aztec-arch --DIST_TAG=${{ env.DEPLOY_TAG }} + + - name: Check if L1 contracts need deployment + id: check_changes_build + uses: actions/github-script@v7 + with: + script: | + const { execSync } = require('child_process'); + const changedFiles = execSync('git diff --name-only ${{ github.event.before }} ${{ github.sha }}').toString().split('\n'); + const fileChanged = changedFiles.includes('l1-contracts/REDEPLOY'); + return fileChanged + + - name: "Build & Push cli image" + if: steps.check_changes_build.outputs.result == 'true' timeout-minutes: 40 # Run the build steps for each image with version and arch, push to dockerhub run: | - earthly-ci --no-output --push ./yarn-project+export-aztec-arch --DIST_TAG=devnet + earthly-ci --no-output --push ./yarn-project+export-cli --DIST_TAG=${{ env.DEPLOY_TAG }} terraform_deploy: runs-on: ubuntu-latest needs: build steps: - uses: actions/checkout@v4 - with: { ref: "${{ env.GIT_COMMIT }}" } + with: + ref: "${{ env.GIT_COMMIT }}" + fetch-depth: 0 + - uses: ./.github/ci-setup-action - uses: hashicorp/setup-terraform@v3 with: terraform_version: 1.7.5 @@ -60,20 +85,56 @@ jobs: aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: us-west-2 + - name: Check if L1 contracts need deployment + id: check_changes_release + uses: actions/github-script@v7 + with: + script: | + const { execSync } = require('child_process'); + const changedFiles = execSync('git diff --name-only ${{ github.event.before }} ${{ github.sha }}').toString().split('\n'); + const fileChanged = changedFiles.includes('l1-contracts/REDEPLOY'); + return fileChanged + - name: Deploy L1 Contracts + if: steps.check_changes_release.outputs.result == 'true' + run: | + docker pull aztecprotocol/cli:${{ env.DEPLOY_TAG }} + docker run aztecprotocol/cli:${{ env.DEPLOY_TAG }} \ + deploy-l1-contracts -p ${{ secrets.SEQ_1_PUBLISHER_PRIVATE_KEY }} \ + -u https://${{ env.DEPLOY_TAG }}-mainnet-fork.aztec.network:8545/${{ secrets.FORK_API_KEY }} \ + | tee ${{ env.FILE_PATH }} + ./.github/scripts/extract_l1_addresses.sh ${{ env.FILE_PATH }} + + - name: Apply l1-contracts Terraform + if: steps.check_changes_release.outputs.result == 'true' + working-directory: ./l1-contracts/terraform + run: | + terraform init -input=false -backend-config="key=${{ env.DEPLOY_TAG }}/l1-contracts" + terraform apply -input=false -auto-approve + - name: Deploy P2P Bootstrap Nodes working-directory: ./yarn-project/p2p-bootstrap/terraform run: | - terraform init -input=false -backend-config="key=devnet/p2p-bootstrap" + terraform init -input=false -backend-config="key=${{ env.DEPLOY_TAG }}/p2p-bootstrap" terraform apply -input=false -auto-approve + - name: Init Aztec Node Terraform + working-directory: ./yarn-project/aztec/terraform/node + run: | + terraform init -input=false -backend-config="key=${{ env.DEPLOY_TAG }}/aztec-node" + + - name: Taint node filesystem if L1 contracts are redeployed + if: steps.check_changes_release.outputs.result == 'true' + working-directory: ./yarn-project/aztec/terraform/node + run: | + terraform state list | grep 'aws_efs_file_system.node_data_store' | xargs -n1 terraform taint + - name: Deploy Aztec Nodes working-directory: ./yarn-project/aztec/terraform/node run: | - terraform init -input=false -backend-config="key=devnet/aztec-node" terraform apply -input=false -auto-approve - name: Deploy Provers working-directory: ./yarn-project/aztec/terraform/prover run: | - terraform init -input=false -backend-config="key=devnet/prover" + terraform init -input=false -backend-config="key=${{ env.DEPLOY_TAG }}/prover" terraform apply -input=false -auto-approve diff --git a/iac/mainnet-fork/terraform/main.tf b/iac/mainnet-fork/terraform/main.tf index 08198ba5e0b..026469d3920 100644 --- a/iac/mainnet-fork/terraform/main.tf +++ b/iac/mainnet-fork/terraform/main.tf @@ -117,7 +117,7 @@ resource "aws_ecs_task_definition" "aztec_mainnet_fork" { [ { "name": "${var.DEPLOY_TAG}-mainnet-fork", - "image": "${var.DOCKERHUB_ACCOUNT}/mainnet-fork:${var.DEPLOY_TAG}", + "image": "${var.DOCKERHUB_ACCOUNT}/mainnet-fork:aztec-dev", "essential": true, "environment": [ { diff --git a/l1-contracts/Earthfile b/l1-contracts/Earthfile index 2df4d56e48a..5e1e559be62 100644 --- a/l1-contracts/Earthfile +++ b/l1-contracts/Earthfile @@ -3,7 +3,7 @@ VERSION 0.8 build: FROM ../build-images+build WORKDIR /usr/src/l1-contracts - COPY --dir lib scripts src terraform test *.json *.toml *.sh . + COPY --dir lib src terraform test *.json *.toml *.sh . #RUN git init && git add . && yarn lint && yarn slither && yarn slither-has-diff # "slither": "forge clean && forge build --build-info --skip '*/test/**' --force && slither . --checklist --ignore-compile --show-ignored-findings --config-file ./slither.config.json | tee slither_output.md", # "slither-has-diff": "./slither_has_diff.sh" diff --git a/l1-contracts/REDEPLOY b/l1-contracts/REDEPLOY index 8d0fb412c88..fe5516129de 100644 --- a/l1-contracts/REDEPLOY +++ b/l1-contracts/REDEPLOY @@ -1,2 +1,2 @@ # Append value to force redeploy -5 \ No newline at end of file +1 \ No newline at end of file diff --git a/l1-contracts/scripts/ci_deploy_contracts.sh b/l1-contracts/scripts/ci_deploy_contracts.sh deleted file mode 100755 index 73dcf50f1a8..00000000000 --- a/l1-contracts/scripts/ci_deploy_contracts.sh +++ /dev/null @@ -1,96 +0,0 @@ -#!/usr/bin/env bash - -set -euo pipefail - -export ETHEREUM_HOST=https://$DEPLOY_TAG-mainnet-fork.aztec.network:8545/$FORK_API_KEY - -REPOSITORY="l1-contracts" - -CONTENT_HASH=$(calculate_content_hash $REPOSITORY) - -echo "Last successfully published commit: $CONTENT_HASH" - -# Check if image hash has already been deployed. -if check_rebuild "cache-$CONTENT_HASH-$DEPLOY_TAG-deployed" $REPOSITORY; then - echo "No changes detected, no contract deploy necessary." - # Set global variable for redeployment of contracts - echo export CONTRACTS_DEPLOYED=0 >>$BASH_ENV - exit 0 -fi - -# Login to pull our ecr images with docker. -retry ecr_login - -# Contract addresses will be saved in the serve directory -mkdir -p serve -FILE_PATH=./serve/contract_addresses.json -CLI_IMAGE=$(calculate_image_uri cli) -retry docker pull $CLI_IMAGE - -# remove 0x prefix from private key -PRIVATE_KEY=${CONTRACT_PUBLISHER_PRIVATE_KEY#0x} - -# Retries up to 3 times with 10 second intervals -ATTEMPTS=3 -for i in $(seq 1 $ATTEMPTS); do - docker run \ - $CLI_IMAGE \ - deploy-l1-contracts -u $ETHEREUM_HOST -p $PRIVATE_KEY | tee $FILE_PATH && break - [ "$i" != "$ATTEMPTS" ] && sleep 10 -done - -## Result format is: -# Rollup Address: 0xe33d37702bb94e83ca09e7dc804c9f4c4ab8ee4a -# Registry Address: 0xf02a70628c4e0d7c41f231f9af24c1678a030438 -# L1 -> L2 Inbox Address: 0xdf34a07c7da15630d3b5d6bb17651d548a6e9d8f -# L2 -> L1 Outbox address: 0xf6b1b3c2c393fe55fe577a1f528bd72a76589ab0 -# Contract Deployment Emitter Address: 0xf3ecc6e9428482a74687ee5f7b96f4dff8781454 -# Availability Oracle Address: 0x610178da211fef7d417bc0e6fed39f05609ad788 -# Gas Token Address: 0x9e4b815648c4a98a9bce6a899cecbaf3758cf23c -# Gas Portal Address: 0xda5dea39534f67f33deb38ec3b1e438fa893bf2c - -# Read the file line by line -while IFS= read -r line; do - # Extract the hexadecimal address using awk - address=$(echo "$line" | awk '{print $NF}') - - # Assign the address to the respective variable based on the line content - if [[ $line == *"Rollup"* ]]; then - export TF_VAR_ROLLUP_CONTRACT_ADDRESS=$address - echo "TF_VAR_ROLLUP_CONTRACT_ADDRESS=$TF_VAR_ROLLUP_CONTRACT_ADDRESS" - elif [[ $line == *"Registry"* ]]; then - export TF_VAR_REGISTRY_CONTRACT_ADDRESS=$address - echo "TF_VAR_REGISTRY_CONTRACT_ADDRESS=$TF_VAR_REGISTRY_CONTRACT_ADDRESS" - elif [[ $line == *"Inbox"* ]]; then - export TF_VAR_INBOX_CONTRACT_ADDRESS=$address - echo "TF_VAR_INBOX_CONTRACT_ADDRESS=$TF_VAR_INBOX_CONTRACT_ADDRESS" - elif [[ $line == *"Outbox"* ]]; then - export TF_VAR_OUTBOX_CONTRACT_ADDRESS=$address - echo "TF_VAR_OUTBOX_CONTRACT_ADDRESS=$TF_VAR_OUTBOX_CONTRACT_ADDRESS" - elif [[ $line == *"Oracle"* ]]; then - export TF_VAR_AVAILABILITY_ORACLE_CONTRACT_ADDRESS=$address - echo "TF_VAR_AVAILABILITY_ORACLE_CONTRACT_ADDRESS=$TF_VAR_AVAILABILITY_ORACLE_CONTRACT_ADDRESS" - elif [[ $line == *"Gas Token"* ]]; then - export TF_VAR_GAS_TOKEN_CONTRACT_ADDRESS=$address - echo "TF_VAR_GAS_TOKEN_CONTRACT_ADDRESS=$TF_VAR_GAS_TOKEN_CONTRACT_ADDRESS" - elif [[ $line == *"Gas Portal"* ]]; then - export TF_VAR_GAS_PORTAL_CONTRACT_ADDRESS=$address - echo "TF_VAR_GAS_PORTAL_CONTRACT_ADDRESS=$TF_VAR_GAS_PORTAL_CONTRACT_ADDRESS" - else - echo "Unknown contract address: $line" - fi -done <"$FILE_PATH" - -if [ "$DRY_DEPLOY" -eq 1 ]; then - echo "DRY_DEPLOY: deploy_terraform l1-contracts ./terraform" - echo "DRY_DEPLOY: tag_remote_image $REPOSITORY cache-$CONTENT_HASH cache-$CONTENT_HASH-$DEPLOY_TAG-deployed" -else - # Write TF state variables - deploy_terraform l1-contracts ./terraform - - # Tag the image as deployed. - retry tag_remote_image $REPOSITORY cache-$CONTENT_HASH cache-$CONTENT_HASH-$DEPLOY_TAG-deployed -fi - -# Set global variable for redeployment of contracts -echo export CONTRACTS_DEPLOYED=1 >>$BASH_ENV diff --git a/noir/Earthfile b/noir/Earthfile index 718321420eb..6cee66f45c7 100644 --- a/noir/Earthfile +++ b/noir/Earthfile @@ -259,4 +259,4 @@ bench-publish-acir-bb: RUN mkdir -p ./log RUN docker run -v "$(pwd)/log":/log -e LOG_FILE=/log/bench-acir.jsonl --rm aztecprotocol/barretenberg-acir-benches:$AZTEC_DOCKER_TAG ./bench_acir_tests.sh - DO ../+UPLOAD_LOGS --PULL_REQUEST=$PULL_REQUEST --BRANCH=$BRANCH --COMMIT_HASH=$COMMIT_HASH + DO ../+UPLOAD_LOGS --PULL_REQUEST=$PULL_REQUEST --BRANCH=$BRANCH --COMMIT_HASH=$COMMIT_HASH \ No newline at end of file diff --git a/yarn-project/Earthfile b/yarn-project/Earthfile index 162949f4a43..220f8292c8e 100644 --- a/yarn-project/Earthfile +++ b/yarn-project/Earthfile @@ -114,7 +114,7 @@ rollup-verifier-contract: RUN --entrypoint write-contract -c RootRollupArtifact -n UltraVerifier.sol SAVE ARTIFACT /usr/src/bb /usr/src/bb -txe: +txe: FROM +build RUN yarn workspaces focus @aztec/txe --production && yarn cache clean # Remove a bunch of stuff that we don't need that takes up space. @@ -175,10 +175,47 @@ aztec-faucet-build: aztec-faucet: FROM ubuntu:noble RUN apt update && apt install nodejs curl -y && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* - COPY +aztec-faucet/usr/src /usr/src + COPY +aztec-faucet-build/usr/src /usr/src ENTRYPOINT ["node", "--no-warnings", "/usr/src/yarn-project/aztec-faucet/dest/bin/index.js"] LET port=8080 +export-aztec-faucet: + FROM +aztec-faucet + ARG DIST_TAG="latest" + ARG ARCH + SAVE IMAGE --push aztecprotocol/aztec-faucet:${DIST_TAG}${ARCH:+-$ARCH} + +cli-build: + FROM +build + RUN yarn workspaces focus @aztec/cli --production && yarn cache clean + RUN rm -rf \ + ../noir-projects \ + ../l1-contracts \ + ../barretenberg/ts/src \ + ../barretenberg/ts/dest/node-cjs \ + ../barretenberg/ts/dest/browser \ + aztec.js/dest/main.js \ + end-to-end \ + **/src \ + **/artifacts + SAVE ARTIFACT /usr/src /usr/src + +cli: + FROM ubuntu:noble + RUN apt update && apt install nodejs curl -y && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + COPY +cli-build/usr/src /usr/src + + RUN mkdir /cache && chmod 777 /cache + ENV XDG_CACHE_HOME /cache + VOLUME "/cache" + ENTRYPOINT ["node", "--no-warnings", "/usr/src/yarn-project/cli/dest/bin/index.js"] + +export-cli: + FROM +cli + ARG DIST_TAG="latest" + ARG ARCH + SAVE IMAGE --push aztecprotocol/cli:${DIST_TAG}${ARCH:+-$ARCH} + # We care about creating a slimmed down e2e image because we have to serialize it from earthly to docker for running. end-to-end-prod: FROM +build @@ -247,12 +284,6 @@ export-aztec-arch: ARG ARCH SAVE IMAGE --push aztecprotocol/aztec:${DIST_TAG}${ARCH:+-$ARCH} -export-aztec-faucet: - FROM +aztec-faucet - ARG DIST_TAG="latest" - ARG ARCH - SAVE IMAGE --push aztecprotocol/aztec-faucet:${DIST_TAG}${ARCH:+-$ARCH} - export-end-to-end: ARG EARTHLY_GIT_HASH FROM +end-to-end diff --git a/yarn-project/ethereum/src/deploy_l1_contracts.ts b/yarn-project/ethereum/src/deploy_l1_contracts.ts index d8d145b9538..c6feb14af17 100644 --- a/yarn-project/ethereum/src/deploy_l1_contracts.ts +++ b/yarn-project/ethereum/src/deploy_l1_contracts.ts @@ -116,7 +116,7 @@ export function createL1Clients( } /** - * Deploys the aztec L1 contracts; Rollup, Contract Deployment Emitter & (optionally) Decoder Helper. + * Deploys the aztec L1 contracts; Rollup & (optionally) Decoder Helper. * @param rpcUrl - URL of the ETH RPC to use for deployment. * @param account - Private Key or HD Account that will deploy the contracts. * @param chain - The chain instance to deploy to.