Merge pull request #470 from XinFinOrg/dev-upgrade

Dev upgrade monthly to master
XinFinOrg · Mar 11, 2024 · a55f9b5 · a55f9b5
2 parents 1720858 + 45ccc37
commit a55f9b5
Show file tree

Hide file tree

Showing 77 changed files with 2,797 additions and 1,425 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,176 @@
+name: CI
+
+on:
+  push:
+    branches:
+      - '*'
+    tags:
+      - '*'
+
+env:
+  GOPROXY: https://proxy.golang.org
+  GO111MODULE: on
+  tf_version: "1.3.0"
+  tf_init_cli_options: "-input=false"
+  tf_validation_cli_options: ""
+  tf_plan_cli_options: "-lock=false -input=false"
+  tf_apply_cli_options: "-auto-approve -input=false"
+
+jobs:
+  tests:
+    env:
+      GOPATH: ${{ github.workspace }}
+      GOBIN: ${{ github.workspace }}/bin
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: ${{ env.GOPATH }}/src/XDPoSChain
+    strategy:
+      matrix:
+        include:
+          - name: A-B tests
+            script: go run build/ci.go test -coverage $(go list ./... | grep "github.com/XinFinOrg/XDPoSChain/[a-b].*")
+          - name: C-[a-m] tests
+            script: go run build/ci.go test -coverage $(go list ./... | grep "github.com/XinFinOrg/XDPoSChain/c[a-m].*")
+          - name: C-[n-o] tests
+            script: go run build/ci.go test -coverage $(go list ./... | grep "github.com/XinFinOrg/XDPoSChain/c[n-o].*")
+          - name: C-[p-z] tests
+            script: go run build/ci.go test -coverage $(go list ./... | grep "github.com/XinFinOrg/XDPoSChain/c[p-z].*")
+          - name: D-I tests
+            script: go run build/ci.go test -coverage $(go list ./... | grep "github.com/XinFinOrg/XDPoSChain/[d-i].*")
+          - name: J-N tests
+            script: go run build/ci.go test -coverage $(go list ./... | grep "github.com/XinFinOrg/XDPoSChain/[j-n].*")
+          - name: O-R tests
+            script: go run build/ci.go test -coverage $(go list ./... | grep "github.com/XinFinOrg/XDPoSChain/[o-r].*")
+          - name: S tests
+            script: go run build/ci.go test -coverage $(go list ./... | grep "github.com/XinFinOrg/XDPoSChain/s.*")
+          - name: T-Z tests
+            script: go run build/ci.go test -coverage $(go list ./... | grep "github.com/XinFinOrg/XDPoSChain/[t-z].*")
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+        with:
+          path: ${{ env.GOPATH }}/src/XDPoSChain
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          cache: false
+          go-version: '1.21.x'
+      - name: Run tests
+        run: ${{ matrix.script }}
+        env:
+          GO111MODULE: auto
+
+  tag_build:
+    runs-on: ubuntu-latest
+    needs: tests
+    if: startsWith(github.ref, 'refs/tags/')
+    steps:
+      - uses: actions/checkout@v4
+      - name: Login to Docker Hub
+        run: echo ${{ secrets.DOCKER_PASSWORD }} | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin
+      - name: Build Docker image
+        run: docker build -t xinfinorg/xdposchain:${GITHUB_REF#refs/tags/} -f cicd/Dockerfile .
+      - name: Push Docker image
+        run: docker push xinfinorg/xdposchain:${GITHUB_REF#refs/tags/}
+
+  devnet_build_push:
+    runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/dev-upgrade' && !startsWith(github.ref, 'refs/tags/')
+    needs: tests
+    steps:
+      - uses: actions/checkout@v4
+      - name: Login to Docker Hub
+        run: echo ${{ secrets.DOCKER_PASSWORD }} | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin
+      - name: Build and Push Docker images
+        run: |
+          docker pull xinfinorg/devnet:latest
+          docker tag xinfinorg/devnet:latest xinfinorg/devnet:previous
+          docker rmi xinfinorg/devnet:latest
+          docker build -t xinfinorg/devnet:latest -f cicd/Dockerfile .
+          docker push xinfinorg/devnet:latest
+          docker push xinfinorg/devnet:previous
+
+  devnet_terraform_apply:
+    runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/dev-upgrade' && !startsWith(github.ref, 'refs/tags/')
+    needs: devnet_build_push
+    environment: devnet
+    env:
+      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+    steps:
+      - uses: actions/checkout@v4
+      - name: Terraform Apply
+        run: |
+          cd cicd/devnet/terraform
+          terraform init ${{ env.tf_init_cli_options }}
+          terraform apply ${{ env.tf_apply_cli_options }}
+          sleep 5
+          source .env
+          for ((i=$us_east_2_start;i<$us_east_2_end;i++)); do
+            echo "Force deploy xdc-$i"
+            aws ecs update-service --region us-east-2 --cluster devnet-xdcnode-cluster --service ecs-service-xdc$i --force-new-deployment --no-cli-pager | head -n 10;
+          done
+          for ((i=$eu_west_1_start;i<$eu_west_1_end;i++)); do
+            echo "Force deploy xdc-$i"
+            aws ecs update-service --region eu-west-1 --cluster devnet-xdcnode-cluster --service ecs-service-xdc$i --force-new-deployment --no-cli-pager | head -n 10;
+          done
+          for ((i=$ap_southeast_2_start;i<$ap_southeast_2_end;i++)); do
+            echo "Force deploy xdc-$i"
+            aws ecs update-service --region ap-southeast-2 --cluster devnet-xdcnode-cluster --service ecs-service-xdc$i --force-new-deployment --no-cli-pager | head -n 10;
+          done
+          aws ecs update-service --region ap-southeast-1 --cluster devnet-xdcnode-cluster --service ecs-service-rpc1 --force-new-deployment --no-cli-pager | head -n 10;
+
+  rpcnode_terraform_apply:
+    runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/dev-upgrade' && !startsWith(github.ref, 'refs/tags/')
+    needs: devnet_build_push
+    env:
+      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+    steps:
+      - uses: actions/checkout@v4
+      - name: Terraform Apply
+        run: |
+          cd cicd/terraform
+          terraform init ${{ env.tf_init_cli_options }}
+          terraform apply ${{ env.tf_apply_cli_options }}
+
+  testnet_dev-upgrade_node:
+    runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/dev-upgrade' && !startsWith(github.ref, 'refs/tags/')
+    needs: rpcnode_terraform_apply
+    environment: testnet
+    env:
+      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+    steps:
+      - uses: actions/checkout@v4
+      - name: ECS Update
+        run: |
+          aws ecs update-service --region ap-southeast-1 --cluster testnet-xdcnode-cluster --service ecs-service-testnet-rpc1 --force-new-deployment --no-cli-pager | head -n 10;
+
+  mainnet_dev-upgrade_node:
+    runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/dev-upgrade' && !startsWith(github.ref, 'refs/tags/')
+    needs: rpcnode_terraform_apply
+    environment: mainnet
+    env:
+      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+    steps:
+      - uses: actions/checkout@v4
+      - name: ECS Update
+        run: |
+          aws ecs update-service --region ap-southeast-1 --cluster mainnet-xdcnode-cluster --service ecs-service-mainnet-rpc1 --force-new-deployment --no-cli-pager | head -n 10;
+
+  devnet_send_notification:
+    runs-on: ubuntu-latest
+    needs: devnet_terraform_apply
+    if: github.ref == 'refs/heads/dev-upgrade' && !startsWith(github.ref, 'refs/tags/')
+    steps:
+      - uses: actions/checkout@v4
+      - name: Send deployment notification
+        run: |
+          curl --location --request POST "66.94.98.186:8080/deploy?environment=devnet&service=xdc&version=${GITHUB_SHA}"
diff --git a/.gitignore b/.gitignore
@@ -50,7 +50,6 @@ profile.cov
 **/yarn-error.log
 coverage.txt
 go.sum
-cicd/devnet/terraform/.terraform*
+**/.terraform*
 cicd/devnet/tmp
-.env
 cicd/devnet/terraform/node-config.json
diff --git a/.travis.yml → .travis.yml.bak b/.travis.yml → .travis.yml.bak
diff --git a/accounts/keystore/file_cache.go b/accounts/keystore/file_cache.go
@@ -61,7 +61,7 @@ func (fc *fileCache) scan(keyDir string) (mapset.Set, mapset.Set, mapset.Set, er
 		if err != nil {
 			log.Warn("scan get FileInfo", "err", err, "path", path)
 		}
-		if skipKeyFile(fiInfo) {
+		if fiInfo == nil || skipKeyFile(fiInfo) {
 			log.Trace("Ignoring file on account scan", "path", path)
 			continue
 		}
@@ -94,7 +94,8 @@ func (fc *fileCache) scan(keyDir string) (mapset.Set, mapset.Set, mapset.Set, er
 // skipKeyFile ignores editor backups, hidden files and folders/symlinks.
 func skipKeyFile(fi os.FileInfo) bool {
 	// Skip editor backups and UNIX-style hidden files.
-	if strings.HasSuffix(fi.Name(), "~") || strings.HasPrefix(fi.Name(), ".") {
+	name := fi.Name()
+	if strings.HasSuffix(name, "~") || strings.HasPrefix(name, ".") {
 		return true
 	}
 	// Skip misc special files, directories (yes, symlinks too).

diff --git a/cicd/README.md b/cicd/README.md
@@ -6,5 +6,5 @@ docker build  -f cicd/Dockerfile .
 ```
 ## Docker Run
 ```
-docker run -it -e NETWORK=devnet -e PRIVATE_KEYS=$KEY $IMAGE
+docker run -it -e NETWORK=devnet -e PRIVATE_KEY=$KEY $IMAGE
 ``
diff --git a/cicd/devnet/start.sh b/cicd/devnet/start.sh
@@ -7,10 +7,10 @@ then
         exit 1
   fi
   echo $PRIVATE_KEY >> /tmp/key
-  wallet=$(XDC account import --password .pwd --datadir /work/xdcchain /tmp/key | awk -v FS="({|})" '{print $2}')
+  wallet=$(XDC account import --password .pwd --datadir /work/xdcchain /tmp/key | awk -F '[{}]' '{print $2}')
   XDC --datadir /work/xdcchain init /work/genesis.json
 else
-  wallet=$(XDC account list --datadir /work/xdcchain | head -n 1 | awk -v FS="({|})" '{print $2}')
+  wallet=$(XDC account list --datadir /work/xdcchain | head -n 1 | awk -F '[{}]' '{print $2}')
 fi
 
 input="/work/bootnodes.list"
@@ -80,6 +80,6 @@ XDC --ethstats ${netstats} --gcmode archive \
 --rpcapi admin,db,eth,debug,net,shh,txpool,personal,web3,XDPoS \
 --rpcvhosts "*" --unlock "${wallet}" --password /work/.pwd --mine \
 --gasprice "1" --targetgaslimit "420000000" --verbosity ${log_level} \
---periodicprofile --debugdatadir /work/xdcchain \
---ws --wsaddr=0.0.0.0 --wsport $ws_port \
+--debugdatadir /work/xdcchain \
+--enable-0x-prefix --ws --wsaddr=0.0.0.0 --wsport $ws_port \
 --wsorigins "*" 2>&1 >>/work/xdcchain/xdc.log | tee -a /work/xdcchain/xdc.log
diff --git a/cicd/devnet/terraform/module/region/container-definition.tpl b/cicd/devnet/terraform/module/region/container-definition.tpl
@@ -3,7 +3,7 @@
     "name": "tfXdcNode",
     "image": "xinfinorg/${image_environment}:${image_tag}",
     "environment": [
-      {"name": "PRIVATE_KEYS", "value": "${private_keys}"},
+      {"name": "PRIVATE_KEY", "value": "${private_key}"},
       {"name": "LOG_LEVEL", "value": "${log_level}"},
       {"name": "NODE_NAME", "value": "${node_name}"},
       {"name": "NETWORK", "value": "${chain_network}"}

diff --git a/cicd/devnet/terraform/module/region/ecs.tf b/cicd/devnet/terraform/module/region/ecs.tf
@@ -6,7 +6,7 @@ data template_file devnet_container_definition {
     image_environment = "${lookup(each.value, "imageEnvironment", "devnet")}"
     image_tag = "${lookup(each.value, "imageTag", "latest")}"
     node_name = "${each.key}"
-    private_keys = "${each.value.pk}"
+    private_key = "${each.value.pk}"
     cloudwatch_group = "tf-${each.key}"
     cloudwatch_region = "${var.region}"
     log_level = "${lookup(each.value, "logLevel", "${var.logLevel}")}"

diff --git a/cicd/mainnet/start.sh b/cicd/mainnet/start.sh
@@ -7,10 +7,10 @@ then
         exit 1
   fi
   echo $PRIVATE_KEY >> /tmp/key
-  wallet=$(XDC account import --password .pwd --datadir /work/xdcchain /tmp/key | awk -v FS="({|})" '{print $2}')
+  wallet=$(XDC account import --password .pwd --datadir /work/xdcchain /tmp/key | awk -F '[{}]' '{print $2}')
   XDC --datadir /work/xdcchain init /work/genesis.json
 else
-  wallet=$(XDC account list --datadir /work/xdcchain | head -n 1 | awk -v FS="({|})" '{print $2}')
+  wallet=$(XDC account list --datadir /work/xdcchain | head -n 1 | awk -F '[{}]' '{print $2}')
 fi
 
 input="/work/bootnodes.list"
@@ -76,9 +76,9 @@ XDC --ethstats ${netstats} --gcmode archive \
 --datadir /work/xdcchain --networkid 50 \
 -port $port --rpc --rpccorsdomain "*" --rpcaddr 0.0.0.0 \
 --rpcport $rpc_port \
---rpcapi admin,db,eth,debug,miner,net,shh,txpool,personal,web3,XDPoS \
+--rpcapi admin,db,eth,debug,net,shh,txpool,personal,web3,XDPoS \
 --rpcvhosts "*" --unlock "${wallet}" --password /work/.pwd --mine \
 --gasprice "1" --targetgaslimit "420000000" --verbosity ${log_level} \
---periodicprofile --debugdatadir /work/xdcchain \
---ws --wsaddr=0.0.0.0 --wsport $ws_port \
+--debugdatadir /work/xdcchain \
+--enable-0x-prefix --ws --wsaddr=0.0.0.0 --wsport $ws_port \
 --wsorigins "*" 2>&1 >>/work/xdcchain/xdc.log | tee -a /work/xdcchain/xdc.log
diff --git a/cicd/terraform/.env b/cicd/terraform/.env
@@ -0,0 +1,13 @@
+log_level=3
+
+# Ohio
+us_east_2_start=0
+us_east_2_end=36
+
+# Ireland
+eu_west_1_start=37
+eu_west_1_end=72
+
+# Sydney
+ap_southeast_2_start=73
+ap_southeast_2_end=108
diff --git a/cicd/terraform/iam.tf b/cicd/terraform/iam.tf
@@ -0,0 +1,28 @@
+# IAM policies
+data "aws_iam_policy_document" "xdc_ecs_tasks_execution_role" {
+  statement {
+    actions = ["sts:AssumeRole"]
+
+    principals {
+      type        = "Service"
+      identifiers = ["ecs-tasks.amazonaws.com"]
+    }
+  }
+}
+
+# Create the role
+resource "aws_iam_role" "xdc_ecs_tasks_execution_role" {
+  name               = "xdc-ecs-task-execution-role"
+  assume_role_policy = "${data.aws_iam_policy_document.xdc_ecs_tasks_execution_role.json}"
+}
+
+# Attached the AWS managed policies to the new role
+resource "aws_iam_role_policy_attachment" "xdc_ecs_tasks_execution_role" {
+  for_each = toset([
+    "arn:aws:iam::aws:policy/AmazonElasticFileSystemClientFullAccess", 
+    "arn:aws:iam::aws:policy/service-role/AmazonECSTaskExecutionRolePolicy",
+    "arn:aws:iam::aws:policy/AmazonElasticFileSystemsUtils"
+  ])
+  role       = aws_iam_role.xdc_ecs_tasks_execution_role.name
+  policy_arn = each.value
+}
diff --git a/cicd/terraform/main.tf b/cicd/terraform/main.tf
@@ -0,0 +1,59 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 5.13.1"
+    }
+  }
+}
+
+# Default
+provider "aws" {
+  region  = "us-east-1"
+}
+
+# WARNING: APSE-1 will only be used to host rpc node
+# Workaround to avoid conflicts with existing ecs cluster in existing regions
+provider "aws" {
+  alias = "ap-southeast-1"
+  region  = "ap-southeast-1"
+}
+
+module "testnet-rpc" {
+  source = "./module/region"
+  region = "ap-southeast-1"
+  nodeKeys = local.rpcTestnetNodeKeys
+  enableFixedIp = true
+  logLevel = local.logLevel
+  xdc_ecs_tasks_execution_role_arn = aws_iam_role.xdc_ecs_tasks_execution_role.arn
+
+  cpu = 1024
+  memory = 4096
+
+  network = "testnet"
+  vpc_cidr = "10.1.0.0/16"
+  subnet_cidr = "10.1.0.0/20"
+  providers = {
+    aws = aws.ap-southeast-1
+  }
+}
+
+module "mainnet-rpc" {
+  source = "./module/region"
+  region = "ap-southeast-1"
+  nodeKeys = local.rpcMainnetNodeKeys
+  enableFixedIp = true
+  logLevel = local.logLevel
+  xdc_ecs_tasks_execution_role_arn = aws_iam_role.xdc_ecs_tasks_execution_role.arn
+
+  cpu = 1024
+  memory = 4096
+
+  network = "mainnet"
+  vpc_cidr = "10.2.0.0/16"
+  subnet_cidr = "10.2.0.0/20"
+  providers = {
+    aws = aws.ap-southeast-1
+  }
+}
+