From 6dcf804ccaf439e667e7c817b1b35c917aaca0d6 Mon Sep 17 00:00:00 2001 From: Richard Hoop Date: Wed, 6 Mar 2024 20:35:45 -0600 Subject: [PATCH] added charts for k8 and fixed jenkins for deploys --- Jenkinsfile | 79 ++++++- charts/specular/Chart.yaml | 6 + charts/specular/templates/config.yaml | 16 ++ charts/specular/templates/debug-pod.yaml | 49 ++++ charts/specular/templates/generator-pod.yaml | 45 ++++ charts/specular/templates/ingress.yaml | 31 +++ charts/specular/templates/l1-geth-pod.yaml | 65 ++++++ .../specular/templates/l1-geth-service.yaml | 19 ++ charts/specular/templates/sidecar-pod.yaml | 54 +++++ charts/specular/templates/sp-geth-pod.yaml | 82 +++++++ .../specular/templates/sp-geth-service.yaml | 20 ++ charts/specular/templates/sp-magi-pod.yaml | 64 ++++++ .../sp-workspace-persistentvolume-claim.yaml | 17 ++ .../sp-workspace-persistentvolume.yaml | 19 ++ charts/specular/templates/tx-fuzz-pod.yaml | 35 +++ charts/specular/values-testnet.yaml | 169 ++++++++++++++ charts/specular/values.yaml | 213 ++++++++++++++++++ 17 files changed, 975 insertions(+), 8 deletions(-) create mode 100644 charts/specular/Chart.yaml create mode 100644 charts/specular/templates/config.yaml create mode 100644 charts/specular/templates/debug-pod.yaml create mode 100644 charts/specular/templates/generator-pod.yaml create mode 100644 charts/specular/templates/ingress.yaml create mode 100644 charts/specular/templates/l1-geth-pod.yaml create mode 100644 charts/specular/templates/l1-geth-service.yaml create mode 100644 charts/specular/templates/sidecar-pod.yaml create mode 100644 charts/specular/templates/sp-geth-pod.yaml create mode 100644 charts/specular/templates/sp-geth-service.yaml create mode 100644 charts/specular/templates/sp-magi-pod.yaml create mode 100644 charts/specular/templates/sp-workspace-persistentvolume-claim.yaml create mode 100644 charts/specular/templates/sp-workspace-persistentvolume.yaml create mode 100644 charts/specular/templates/tx-fuzz-pod.yaml create mode 100644 charts/specular/values-testnet.yaml create mode 100644 charts/specular/values.yaml diff --git a/Jenkinsfile b/Jenkinsfile index 91452c5db..fa1db5e52 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -10,7 +10,7 @@ pipeline { // checkout git checkout scmGit( userRemoteConfigs: [ - [ credentialsId: 'jenkins-specular', url: 'github.com:SpecularL2/specular.git'] + [ credentialsId: 'jenkins-specular', url: 'github.com:SpecularL2/specular-build-test.git'] ], branches: [[name: '*/PR-*'], [name: '*/develop']], ) @@ -23,12 +23,17 @@ pipeline { sh 'chmod -R 777 workspace' } } - stage('create build image') { + stage('create build image for pr') { + when { + not { + branch 'develop' + } + } steps{ script { docker.withRegistry('https://792926601177.dkr.ecr.us-east-2.amazonaws.com', 'ecr:us-east-2:builder') { docker.build( - registry + ":e2e-pr-$BUILD_NUMBER", + registry + ":e2e-pr-$GIT_COMMIT", "-f docker/e2e.Dockerfile ." ) } @@ -36,30 +41,88 @@ pipeline { } } } + stage('create build image for devnet') { + when { + branch 'develop' + } + steps{ + script { + docker.withRegistry('https://792926601177.dkr.ecr.us-east-2.amazonaws.com', 'ecr:us-east-2:builder') { + def e2eContainer = docker.build( + registry + ":e2e-$GIT_COMMIT", + "-f docker/e2e.Dockerfile ." + ) + e2eContainer.push() + e2eContainer.push("e2e-latest") + } + + } + } + } stage('e2e-test') { + when { + not { + branch 'develop' + } + } parallel { stage('transactions') { steps { - sh "docker run -w /specular/workspace 792926601177.dkr.ecr.us-east-2.amazonaws.com/specular-platform:e2e-pr-$BUILD_NUMBER ../sbin/run_e2e_tests.sh transactions" + sh "docker run -w /specular/workspace 792926601177.dkr.ecr.us-east-2.amazonaws.com/specular-platform:e2e-pr-$GIT_COMMIT ../sbin/run_e2e_tests.sh transactions" } } stage('deposit') { steps { - sh "docker run -w /specular/workspace 792926601177.dkr.ecr.us-east-2.amazonaws.com/specular-platform:e2e-pr-$BUILD_NUMBER ../sbin/run_e2e_tests.sh deposit" + sh "docker run -w /specular/workspace 792926601177.dkr.ecr.us-east-2.amazonaws.com/specular-platform:e2e-pr-$GIT_COMMIT ../sbin/run_e2e_tests.sh deposit" } } stage('erc20') { steps { - sh "docker run -w /specular/workspace 792926601177.dkr.ecr.us-east-2.amazonaws.com/specular-platform:e2e-pr-$BUILD_NUMBER ../sbin/run_e2e_tests.sh erc20" + sh "docker run -w /specular/workspace 792926601177.dkr.ecr.us-east-2.amazonaws.com/specular-platform:e2e-pr-$GIT_COMMIT ../sbin/run_e2e_tests.sh erc20" } } stage('withdraw') { steps { - sh "docker run -w /specular/workspace 792926601177.dkr.ecr.us-east-2.amazonaws.com/specular-platform:e2e-pr-$BUILD_NUMBER ../sbin/run_e2e_tests.sh withdraw" + sh "docker run -w /specular/workspace 792926601177.dkr.ecr.us-east-2.amazonaws.com/specular-platform:e2e-pr-$GIT_COMMIT ../sbin/run_e2e_tests.sh withdraw" } } } } - + stage('publish images') { + when { + branch "develop" + } + steps { + script { + docker.withRegistry('https://792926601177.dkr.ecr.us-east-2.amazonaws.com', 'ecr:us-east-2:builder') { + def spcContainer = docker.build(registry + ":$GIT_COMMIT", "-f docker/specular.Dockerfile .") + spcContainer.push() + spcContainer.push("specular-latest") + } + } + } + } + stage('upgrade helm') { + when { + branch "develop" + } + steps { + dir('charts/specular') { + withCredentials([[ + $class: 'AmazonWebServicesCredentialsBinding', + credentialsId: "builder", + accessKeyVariable: 'AWS_ACCESS_KEY_ID', + secretKeyVariable: 'AWS_SECRET_ACCESS_KEY' + ]]) { + script { + sh ''' + aws eks update-kubeconfig --region us-east-2 --name specular-staging-eks + kubectl config use-context arn:aws:eks:us-east-2:792926601177:cluster/specular-staging-eks + helm upgrade specular . -n specular --set image.tag=$GIT_COMMIT''' + } + } + } + } + } } } diff --git a/charts/specular/Chart.yaml b/charts/specular/Chart.yaml new file mode 100644 index 000000000..86d477b30 --- /dev/null +++ b/charts/specular/Chart.yaml @@ -0,0 +1,6 @@ +name: specular +description: Specular L2 Network +version: 0.0.1 +apiVersion: v2 +keywords: + - specular diff --git a/charts/specular/templates/config.yaml b/charts/specular/templates/config.yaml new file mode 100644 index 000000000..92d496a55 --- /dev/null +++ b/charts/specular/templates/config.yaml @@ -0,0 +1,16 @@ + +apiVersion: v1 +kind: ConfigMap +metadata: + name: specular-config +data: +{{- range $i, $value := .Values.configMaps }} + {{ $i }}: | + {{- range $ii, $item := $value }} + {{ $item.name }}={{ $item.value }} + {{- end }} +{{- end }} +{{- range $name, $value := .Values.jsonMaps }} + {{ $name }}: | + {{ $value | toJson }} +{{- end }} diff --git a/charts/specular/templates/debug-pod.yaml b/charts/specular/templates/debug-pod.yaml new file mode 100644 index 000000000..cf8bed396 --- /dev/null +++ b/charts/specular/templates/debug-pod.yaml @@ -0,0 +1,49 @@ +{{- if .Values.enabled.debug -}} +apiVersion: v1 +kind: Pod +metadata: + name: debug-container + namespace: specular +spec: + # initContainers: + # - name: wait-for-sp-geth + # image: busybox:latest + # command: ["sh", "-c", "echo '{{ .Values.image.tag }}' > /tmp/release"] + # volumeMounts: + # - mountPath: /tmp + # name: {{ .Values.volume.efs.name }} + containers: + - name: debug-container + image: nginx + volumeMounts: + - mountPath: /tmp/workspace + name: {{ .Values.volume.efs.name }} +{{- range $i, $value := .Values.volume.configVolumeMounts.paths }} + - name: {{ $.Values.volume.configVolumeMounts.name }} + mountPath: /tmp/workspace/{{ $value }} + subPath: {{ $value }} +{{- end }} +{{- if not .Values.generator.deploy }} + {{- range $i, $value := .Values.volume.secrets }} + - name: secret-volume + mountPath: /tmp/workspace/{{ $value.file }} + subPath: {{ $value.file }} + readOnly: true + {{- end }} +{{- end }} + workingDir: /tmp/workspace + restartPolicy: OnFailure + volumes: + - name: {{ .Values.volume.efs.name }} + persistentVolumeClaim: + claimName: {{ .Values.volume.efs.name }} + - name: {{ .Values.volume.configVolumeMounts.name }} + configMap: + name: {{ .Values.volume.configVolumeMounts.name }} +{{- if not .Values.generator.deploy }} + - name: secret-volume + secret: + secretName: l2-secrets +{{- end }} +status: {} +{{- end -}} diff --git a/charts/specular/templates/generator-pod.yaml b/charts/specular/templates/generator-pod.yaml new file mode 100644 index 000000000..6774f16dd --- /dev/null +++ b/charts/specular/templates/generator-pod.yaml @@ -0,0 +1,45 @@ +apiVersion: v1 +kind: Pod +metadata: + creationTimestamp: null + labels: + io.specular.network/sp-network: "true" + io.specular.service: generator + name: generator +spec: + containers: + - name: generator + command: ["bash", "-c", "{{ .Values.generator.command }}"] + image: "{{ .Values.image.registry }}/{{ .Values.image.name }}:{{ .Values.image.tag }}" + resources: + {{- .Values.default_resources | toYaml | nindent 10 }} + volumeMounts: + - mountPath: {{ .Values.volume.efs.mountPath }} + name: {{ .Values.volume.efs.name }} +{{- range $i, $value := .Values.volume.configVolumeMounts.paths }} + - name: {{ $.Values.volume.configVolumeMounts.name }} + mountPath: {{ $.Values.volume.efs.mountPath }}/{{ $value }} + subPath: {{ $value }} +{{- end }} +{{- if not .Values.generator.deploy }} + {{- range $i, $value := .Values.volume.secrets }} + - name: secret-volume + mountPath: {{ $.Values.volume.efs.mountPath }}/{{ $value.file }} + subPath: {{ $value.file }} + readOnly: true + {{- end }} +{{- end }} + restartPolicy: Never + volumes: + - name: {{ .Values.volume.efs.name }} + persistentVolumeClaim: + claimName: {{ .Values.volume.efs.name }} + - name: {{ .Values.volume.configVolumeMounts.name }} + configMap: + name: {{ .Values.volume.configVolumeMounts.name }} +{{- if not .Values.generator.deploy }} + - name: secret-volume + secret: + secretName: l2-secrets +{{- end }} +status: {} diff --git a/charts/specular/templates/ingress.yaml b/charts/specular/templates/ingress.yaml new file mode 100644 index 000000000..374b168e2 --- /dev/null +++ b/charts/specular/templates/ingress.yaml @@ -0,0 +1,31 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: specular-ingress + namespace: specular + annotations: + + # nginx.ingress.kubernetes.io/ssl-redirect: "true" + # nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + nginx.ingress.kubernetes.io/rewrite-target: / + nginx.ingress.kubernetes.io/backend-protocol: "HTTP" +spec: + ingressClassName: nginx + rules: + - host: {{ .Values.environment }}.specular.network + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: sp-geth + port: + number: 4011 + - path: /ws + pathType: Prefix + backend: + service: + name: sp-geth + port: + number: 4012 diff --git a/charts/specular/templates/l1-geth-pod.yaml b/charts/specular/templates/l1-geth-pod.yaml new file mode 100644 index 000000000..3cb8b8ff0 --- /dev/null +++ b/charts/specular/templates/l1-geth-pod.yaml @@ -0,0 +1,65 @@ +{{- if .Values.enabled.l1Geth -}} +apiVersion: v1 +kind: Pod +metadata: + creationTimestamp: null + labels: + io.specular.network/sp-network: "true" + io.specular.service: l1-geth + name: l1-geth +spec: + initContainers: + - name: wait-for-sp-generator + image: busybox:latest + command: ["sh", "-c", "until [ -f /tmp/.generate_secrets.sh.lock ]; do sleep 2; done"] + volumeMounts: + - mountPath: /tmp + name: {{ .Values.volume.efs.name }} + containers: + - name: l1-geth + command: ["bash", "-c", "../sbin/entrypoint.sh start start_l1.sh -c -d -w -y"] + image: "{{ .Values.image.registry }}/{{ .Values.image.name }}:{{ .Values.image.tag }}" + livenessProbe: + exec: + command: ["sh", "-c", "test -e /specular/workspace/.start_l1.sh.lock"] + failureThreshold: 300 + initialDelaySeconds: 60 + periodSeconds: 1 + lifecycle: + preStop: + exec: + command: ["sh", "-c", "rm -f /specular/workspace/.*.lock"] + ports: + - containerPort: 8545 + hostPort: 8545 + protocol: TCP + resources: + {{- .Values.default_resources | toYaml | nindent 10 }} + tty: true + volumeMounts: + - mountPath: {{ .Values.volume.efs.mountPath }} + name: {{ .Values.volume.efs.name }} +{{- range $i, $value := .Values.volume.configVolumeMounts.paths }} + - name: {{ $.Values.volume.configVolumeMounts.name }} + mountPath: {{ $.Values.volume.efs.mountPath }}/{{ $value }} + subPath: {{ $value }} +{{- end }} +{{- if not .Values.generator.deploy }} + {{- range $i, $value := .Values.volume.secrets }} + - name: secret-volume + mountPath: {{ $.Values.volume.efs.mountPath }}/{{ $value.file }} + subPath: {{ $value.file }} + readOnly: true + {{- end }} +{{- end }} + workingDir: {{ .Values.volume.efs.mountPath }} + restartPolicy: Always + volumes: + - name: {{ .Values.volume.efs.name }} + persistentVolumeClaim: + claimName: {{ .Values.volume.efs.name }} + - name: {{ .Values.volume.configVolumeMounts.name }} + configMap: + name: {{ .Values.volume.configVolumeMounts.name }} +status: {} +{{- end -}} diff --git a/charts/specular/templates/l1-geth-service.yaml b/charts/specular/templates/l1-geth-service.yaml new file mode 100644 index 000000000..83d95edcc --- /dev/null +++ b/charts/specular/templates/l1-geth-service.yaml @@ -0,0 +1,19 @@ +{{- if .Values.enabled.l1Geth -}} +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + io.specular.service: l1-geth + name: l1-geth +spec: + ports: + - name: "8545" + port: 8545 + targetPort: 8545 + - name: "8546" + port: 8546 + targetPort: 8546 + selector: + io.specular.service: l1-geth +{{- end -}} diff --git a/charts/specular/templates/sidecar-pod.yaml b/charts/specular/templates/sidecar-pod.yaml new file mode 100644 index 000000000..0c12b7c3f --- /dev/null +++ b/charts/specular/templates/sidecar-pod.yaml @@ -0,0 +1,54 @@ +apiVersion: v1 +kind: Pod +metadata: + creationTimestamp: null + labels: + io.specular.network/sp-network: "true" + io.specular.service: sidecar + name: sidecar +spec: + initContainers: + - name: wait-for-sp-geth + image: busybox:latest + command: ["sh", "-c", "until [ -f /tmp/.start_sp_magi.sh.lock ]; do sleep 2; done"] + volumeMounts: + - mountPath: /tmp + name: {{ .Values.volume.efs.name }} + containers: + - command: ["bash", "-c", "../sbin/entrypoint.sh start start_sidecar.sh"] + image: "{{ .Values.image.registry }}/{{ .Values.image.name }}:{{ .Values.image.tag }}" + name: sidecar + resources: + {{- .Values.default_resources | toYaml | nindent 10 }} + volumeMounts: + - mountPath: {{ .Values.volume.efs.mountPath }} + name: {{ .Values.volume.efs.name }} +{{- range $i, $value := .Values.volume.configVolumeMounts.paths }} + - name: {{ $.Values.volume.configVolumeMounts.name }} + mountPath: {{ $.Values.volume.efs.mountPath }}/{{ $value }} + subPath: {{ $value }} +{{- end }} +{{- if not .Values.generator.deploy }} + {{- range $i, $value := .Values.volume.secrets }} + - name: secret-volume + mountPath: {{ $.Values.volume.efs.mountPath }}/{{ $value.file }} + subPath: {{ $value.file }} + readOnly: true + {{- end }} +{{- end }} + workingDir: {{ .Values.volume.efs.mountPath }} + terminationGracePeriodSeconds: 60 + restartPolicy: OnFailure + volumes: + - name: {{ .Values.volume.efs.name }} + persistentVolumeClaim: + claimName: {{ .Values.volume.efs.name }} + - name: {{ .Values.volume.configVolumeMounts.name }} + configMap: + name: {{ .Values.volume.configVolumeMounts.name }} +{{- if not .Values.generator.deploy }} + - name: secret-volume + secret: + secretName: l2-secrets +{{- end }} +status: {} diff --git a/charts/specular/templates/sp-geth-pod.yaml b/charts/specular/templates/sp-geth-pod.yaml new file mode 100644 index 000000000..333667c74 --- /dev/null +++ b/charts/specular/templates/sp-geth-pod.yaml @@ -0,0 +1,82 @@ +apiVersion: v1 +kind: Pod +metadata: + creationTimestamp: null + labels: + io.specular.network/sp-network: "true" + io.specular.service: sp-geth + name: sp-geth +spec: + initContainers: +{{- if .Values.enabled.l1Geth }} + - name: wait-for-l1 + image: busybox:latest + command: ["sh", "-c", "until [ -f /tmp/.start_l1.sh.lock ]; do sleep 2; done"] + volumeMounts: + - mountPath: /tmp + name: {{ .Values.volume.efs.name }} +{{- end }} + - name: wait-for-sp-generator + image: busybox:latest + command: ["sh", "-c", "until [ -f /tmp/.generate_secrets.sh.lock ]; do sleep 2; done"] + volumeMounts: + - mountPath: /tmp + name: {{ .Values.volume.efs.name }} + containers: + - name: sp-geth + command: ["bash", "-c", "../sbin/entrypoint.sh start start_sp_geth.sh -c -w"] + image: "{{ .Values.image.registry }}/{{ .Values.image.name }}:{{ .Values.image.tag }}" + livenessProbe: + exec: + command: ["sh", "-c", "test -e /specular/workspace/.start_sp_geth.sh.lock"] + failureThreshold: 300 + initialDelaySeconds: 20 + periodSeconds: 1 + lifecycle: + preStop: + exec: + command: ["sh", "-c", "rm -f /specular/workspace/.start_sp_geth.sh.lock"] + ports: + - containerPort: 4011 + hostPort: 4011 + protocol: TCP + - containerPort: 4012 + hostPort: 4012 + protocol: TCP + - containerPort: 4013 + hostPort: 4013 + protocol: TCP + resources: + {{- .Values.default_resources | toYaml | nindent 10 }} + volumeMounts: + - mountPath: {{ .Values.volume.efs.mountPath }} + name: {{ .Values.volume.efs.name }} +{{- range $i, $value := .Values.volume.configVolumeMounts.paths }} + - name: {{ $.Values.volume.configVolumeMounts.name }} + mountPath: {{ $.Values.volume.efs.mountPath }}/{{ $value }} + subPath: {{ $value }} +{{- end }} +{{- if not .Values.generator.deploy }} + {{- range $i, $value := .Values.volume.secrets }} + - name: secret-volume + mountPath: {{ $.Values.volume.efs.mountPath }}/{{ $value.file }} + subPath: {{ $value.file }} + readOnly: true + {{- end }} +{{- end }} + workingDir: {{ .Values.volume.efs.mountPath }} + terminationGracePeriodSeconds: 15 + restartPolicy: OnFailure + volumes: + - name: {{ .Values.volume.efs.name }} + persistentVolumeClaim: + claimName: {{ .Values.volume.efs.name }} + - name: {{ .Values.volume.configVolumeMounts.name }} + configMap: + name: {{ .Values.volume.configVolumeMounts.name }} +{{- if not .Values.generator.deploy }} + - name: secret-volume + secret: + secretName: l2-secrets +{{- end }} +status: {} diff --git a/charts/specular/templates/sp-geth-service.yaml b/charts/specular/templates/sp-geth-service.yaml new file mode 100644 index 000000000..93969c5aa --- /dev/null +++ b/charts/specular/templates/sp-geth-service.yaml @@ -0,0 +1,20 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + io.specular.service: sp-geth + name: sp-geth +spec: + ports: + - name: "4011" + port: 4011 + targetPort: 4011 + - name: "4012" + port: 4012 + targetPort: 4012 + - name: "4013" + port: 4013 + targetPort: 4013 + selector: + io.specular.service: sp-geth diff --git a/charts/specular/templates/sp-magi-pod.yaml b/charts/specular/templates/sp-magi-pod.yaml new file mode 100644 index 000000000..9b457db13 --- /dev/null +++ b/charts/specular/templates/sp-magi-pod.yaml @@ -0,0 +1,64 @@ +apiVersion: v1 +kind: Pod +metadata: + creationTimestamp: null + labels: + io.specular.network/sp-network: "true" + io.specular.service: sp-magi + name: sp-magi +spec: + initContainers: + - name: wait-for-sp-geth + image: busybox:latest + command: ["sh", "-c", "until [ -f /tmp/.start_sp_geth.sh.lock ]; do sleep 2; done"] + volumeMounts: + - mountPath: /tmp + name: {{ .Values.volume.efs.name }} + containers: + - name: sp-magi + command: ["bash", "-c", "../sbin/entrypoint.sh start start_sp_magi.sh"] + image: "{{ .Values.image.registry }}/{{ .Values.image.name }}:{{ .Values.image.tag }}" + livenessProbe: + exec: + command: ["sh", "-c", "test -e /specular/workspace/.start_sp_magi.sh.lock"] + failureThreshold: 300 + initialDelaySeconds: 20 + periodSeconds: 10 + lifecycle: + preStop: + exec: + command: ["sh", "-c", "rm -f /specular/workspace/.start_sp_magi.sh.lock"] + resources: + {{- .Values.default_resources | toYaml | nindent 10 }} + volumeMounts: + - mountPath: {{ .Values.volume.efs.mountPath }} + name: {{ .Values.volume.efs.name }} +{{- range $i, $value := .Values.volume.configVolumeMounts.paths }} + - name: {{ $.Values.volume.configVolumeMounts.name }} + mountPath: {{ $.Values.volume.efs.mountPath }}/{{ $value }} + subPath: {{ $value }} +{{- end }} +{{- if not .Values.generator.deploy }} + {{- range $i, $value := .Values.volume.secrets }} + - name: secret-volume + mountPath: {{ $.Values.volume.efs.mountPath }}/{{ $value.file }} + subPath: {{ $value.file }} + readOnly: true + {{- end }} +{{- end }} + workingDir: {{ .Values.volume.efs.mountPath }} + terminationGracePeriodSeconds: 60 + restartPolicy: OnFailure + volumes: + - name: {{ .Values.volume.efs.name }} + persistentVolumeClaim: + claimName: {{ .Values.volume.efs.name }} + - name: {{ .Values.volume.configVolumeMounts.name }} + configMap: + name: {{ .Values.volume.configVolumeMounts.name }} +{{- if not .Values.generator.deploy }} + - name: secret-volume + secret: + secretName: l2-secrets +{{- end }} +status: {} diff --git a/charts/specular/templates/sp-workspace-persistentvolume-claim.yaml b/charts/specular/templates/sp-workspace-persistentvolume-claim.yaml new file mode 100644 index 000000000..9175653b9 --- /dev/null +++ b/charts/specular/templates/sp-workspace-persistentvolume-claim.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: {{ .Values.volume.efs.name }} +spec: + accessModes: + - ReadWriteMany + storageClassName: efs-sc + resources: + requests: + storage: 5Gi +--- +kind: StorageClass +apiVersion: storage.k8s.io/v1 +metadata: + name: efs-sc +provisioner: efs.csi.aws.com diff --git a/charts/specular/templates/sp-workspace-persistentvolume.yaml b/charts/specular/templates/sp-workspace-persistentvolume.yaml new file mode 100644 index 000000000..625228eac --- /dev/null +++ b/charts/specular/templates/sp-workspace-persistentvolume.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: PersistentVolume +metadata: + creationTimestamp: null + labels: + io.specular.service: {{ .Values.volume.efs.name }} + name: {{ .Values.volume.efs.name }} +spec: + capacity: + storage: 5Gi + volumeMode: Filesystem + accessModes: + - ReadWriteMany + persistentVolumeReclaimPolicy: Retain + storageClassName: efs-sc + csi: + driver: efs.csi.aws.com + volumeHandle: {{ .Values.efsHandle }} +status: {} diff --git a/charts/specular/templates/tx-fuzz-pod.yaml b/charts/specular/templates/tx-fuzz-pod.yaml new file mode 100644 index 000000000..bfa37a89c --- /dev/null +++ b/charts/specular/templates/tx-fuzz-pod.yaml @@ -0,0 +1,35 @@ +{{- if .Values.enabled.txFuzz -}} +apiVersion: v1 +kind: Pod +metadata: + creationTimestamp: null + labels: + io.specular.network/sp-network: "true" + io.specular.service: tx-fuzz + name: tx-fuzz +spec: + initContainers: + - name: wait-for-sp-magi + image: busybox:latest + command: ["sh", "-c", "until [ -f /tmp/.start_sp_magi.sh.lock ]; do sleep 2; done"] + volumeMounts: + - mountPath: /tmp + name: {{ .Values.volume.efs.name }} + containers: + - name: tx-fuzz + command: ["sh", "-c", "/entrypoint.sh"] + image: "{{ .Values.tx_fuzz_image.registry }}/{{ .Values.tx_fuzz_image.name }}:{{ .Values.tx_fuzz_image.tag }}" + resources: + {{- .Values.default_resources | toYaml | nindent 10 }} + tty: true + volumeMounts: + - mountPath: /tmp + name: {{ .Values.volume.efs.name }} + workingDir: /tmp + restartPolicy: Always + volumes: + - name: {{ .Values.volume.efs.name }} + persistentVolumeClaim: + claimName: {{ .Values.volume.efs.name }} +status: {} +{{- end -}} diff --git a/charts/specular/values-testnet.yaml b/charts/specular/values-testnet.yaml new file mode 100644 index 000000000..c82d55787 --- /dev/null +++ b/charts/specular/values-testnet.yaml @@ -0,0 +1,169 @@ +environment: testnet +efsHandle: fs-0c92a9d4cfc864548 + +enabled: + txFuzz: false + l1Geth: false + generator: true + infura: true + debug: true + +generator: + command: "../sbin/entrypoint.sh deploy" + deploy: false + +configMaps: + .sp_geth.env: + - name: NETWORK_ID + value: "93481" + - name: ADDRESS + value: "0.0.0.0" + - name: HTTP_PORT + value: "4011" + - name: WS_PORT + value: "4012" + - name: AUTH_PORT + value: "4013" + - name: GENESIS_PATH + value: "./genesis.json" + - name: DATA_DIR + value: "./sp-geth-data/" + - name: JWT_SECRET_PATH + value: "./jwt_secret.txt" + - name: GETH_LOG_FORMAT + value: "json" + - name: ARCHIVE_NODE + value: "true" + + .sp_magi.env: + - name: NETWORK + value: "./sp_rollup.json" + - name: JWT_SECRET_PATH + value: "./jwt_secret.txt" + - name: L1_RPC_URL + value: "http://l1.sepolia.specular.network:8545" + - name: L2_RPC_URL + value: "http://$SP_GETH_SERVICE_HOST:$SP_GETH_SERVICE_PORT_4011" + - name: L2_ENGINE_URL + value: "http://$SP_GETH_SERVICE_HOST:$SP_GETH_SERVICE_PORT_4013" + - name: RPC_PORT + value: "10500" + - name: SYNC_MODE + value: "full" + - name: DEVNET + value: "false" + - name: SEQUENCER + value: "true" + - name: SEQUENCER_MAX_SAFE_LAG + value: 400 + - name: SEQUENCER_PK_FILE + value: "./sequencer_pk.txt" + - name: WATCHER_DELAY + value: 4000 + + .contracts.env: + - name: SEQUENCER_ADDRESS + value: "0x09855Fcb2c3e81D6bd1d0e5Ef8539FE7633D86F8" + - name: VALIDATOR_ADDRESS + value: "0x67332221f1Fe840bBeBF8abe665C19ba7898d9A7" + - name: DEPLOYER_ADDRESS + value: "0xDB12435226eB458F66F598A817a68CfD44D90F65" + + .genesis.env: + - name: GENESIS_CFG_PATH + value: "./genesis_config.json" + - name: GENESIS_PATH + value: "./genesis.json" + - name: BASE_ROLLUP_CFG_PATH + value: "./base_sp_rollup.json" + - name: ROLLUP_CFG_PATH + value: "./sp_rollup.json" + - name: GENESIS_EXPORTED_HASH_PATH + value: "./genesis_hash.json" + - name: L1_NETWORK + value: "sepolia" + - name: L1_STACK + value: "geth" + - name: L1_ENDPOINT + value: "ws://l1.sepolia.specular.network:8546" + - name: L1_PERIOD + value: "12" + + .paths.env: + - name: BIN_DIR + value: "/usr/local/bin" + - name: CONTRACTS_DIR + value: "/specular/contracts" + - name: CONFIG_DIR + value: "/specular/config" + - name: OPS_GENESIS_BIN + value: "/usr/local/bin/genesis" + - name: OPS_DIR + value: "/specular/ops" + - name: L1_GETH_BIN + value: "/usr/local/bin/geth" + - name: SP_GETH_BIN + value: "/usr/local/bin/geth" + - name: SP_MAGI_BIN + value: "/usr/local/bin/magi" + - name: SIDECAR_BIN + value: "/usr/local/bin/sidecar" + - name: WAIT_DIR + value: "/specular/workspace" + + .sidecar.env: + - name: ROLLUP_CFG_PATH + value: "./sp_rollup.json" + - name: L1_ENDPOINT + value: "ws://l1.sepolia.specular.network:8546" + - name: L2_ENDPOINT + value: "http://$SP_GETH_SERVICE_HOST:$SP_GETH_SERVICE_PORT_4011" + - name: DISSEMINATOR + value: "true" + - name: DISSEMINATOR_PK_PATH + value: "./sequencer_pk.txt" + - name: DISSEMINATOR_SUB_SAFETY_MARGIN + value: "8" + - name: DISSEMINATOR_TARGET_BATCH_SIZE + value: "4096" + - name: DISSEMINATOR_MAX_BATCH_SIZE + value: 120000 + - name: VALIDATOR + value: "true" + - name: VALIDATOR_PK_PATH + value: "./validator_pk.txt" + - name: DISSEMINATOR_MAX_SAFE_LAG + value: 400 + - name: DISSEMINATOR_MAX_SAFE_LAG_DELTA + value: 100 + - name: DISSEMINATOR_INTERVAL + value: 1 + +jsonMaps: + base_sp_rollup.json: + block_time: 2 + max_sequencer_drift: 600 + seq_window_size: 3600 + l1_chain_id: 11155111 + + genesis_config.json: + l2ChainID: 93481 + l2GenesisBlockNonce: "0x0" + l2GenesisBlockGasLimit: "0x0" + l2GenesisBlockDifficulty: "0x0" + l2GenesisBlockNumber: "0x0" + l2GenesisBlockGasUsed: "0x0" + l2GenesisBlockBaseFeePerGas: "0x1" + l2GenesisBlockExtraData: 0x + l2PredeployOwner: "0x000000000000000000000000000000000000dEaD" + l2FeesWithdrawalAddress: "0x000000000000000000000000000000000000dEaD" + l2FeesMinWithdrwalAmount: "0x0" + l1FeeOverhead: "0x1" + l1FeeScalar: "0x1" + alloc: + "2a00000000000000000000000000000000000011": + balance: "1000000000000000000000000000" + "0x3c44cdddb6a900fa2b585dd299e03d12fa4293bc": + balance: "1000000000000000000000000000" + "0x90F79bf6EB2c4f870365E785982E1f101E93b906": + balance: "1000000000000000000000000000" diff --git a/charts/specular/values.yaml b/charts/specular/values.yaml new file mode 100644 index 000000000..b6e2d20f5 --- /dev/null +++ b/charts/specular/values.yaml @@ -0,0 +1,213 @@ +## Define the specular image to work with - these are for devnet +## please override with helm install -n specular specular . -f values-testnet.yaml + +environment: devnet +efsHandle: fs-01f3b83e0ef40fe2d +enabled: + txFuzz: true + l1Geth: true + generator: true + infura: false + debug: true + +generator: + command: "../sbin/generate_secrets.sh -d -j -y -w" + deploy: true + +image: + name: specular-platform + tag: 55826901e8116c4da3cbb47e73c1815edcec7579 + registry: 792926601177.dkr.ecr.us-east-2.amazonaws.com + +tx_fuzz_image: + name: specular-platform + tag: tx-fuzz-004 + registry: 792926601177.dkr.ecr.us-east-2.amazonaws.com + +default_resources: + requests: + memory: "128Mi" + cpu: "250m" + limits: + memory: "1024Mi" + cpu: "2000m" + +volume: + efs: + mountPath: /specular/workspace + name: sp-workspace + configVolumeMounts: + name: specular-config + paths: + - .sidecar.env + - .sp_magi.env + - .paths.env + - .genesis.env + # - .contracts.env + - .sp_geth.env + - genesis_config.json + - base_sp_rollup.json + secrets: + - name: INFURA_KEY + file: infura_pk.txt + + - name: DEPLOYER_PRIVATE_KEY + file: deployer_pk.txt + + - name: SEQUENCER_PRIVATE_KEY + file: sequencer_pk.txt + + - name: VALIDATOR_PRIV_KEY + file: validator_pk.txt + +configMaps: + .sp_geth.env: + - name: NETWORK_ID + value: "13527" + - name: ADDRESS + value: "0.0.0.0" + - name: HTTP_PORT + value: "4011" + - name: WS_PORT + value: "4012" + - name: AUTH_PORT + value: "4013" + - name: GENESIS_PATH + value: "./genesis.json" + - name: DATA_DIR + value: "./sp_geth-data/" + - name: JWT_SECRET_PATH + value: "./jwt_secret.txt" + + .sp_magi.env: + - name: NETWORK + value: "./sp_rollup.json" + - name: JWT_SECRET_PATH + value: "./jwt_secret.txt" + - name: L1_RPC_URL + value: "http://$L1_GETH_SERVICE_HOST:$L1_GETH_SERVICE_PORT_8545" + - name: L2_RPC_URL + value: "http://$SP_GETH_SERVICE_HOST:$SP_GETH_SERVICE_PORT_4011" + - name: L2_ENGINE_URL + value: "http://$SP_GETH_SERVICE_HOST:$SP_GETH_SERVICE_PORT_4013" + - name: RPC_PORT + value: "10500" + - name: SYNC_MODE + value: "full" + - name: DEVNET + value: "true" + - name: SEQUENCER + value: "true" + - name: SEQUENCER_MAX_SAFE_LAG + value: "200" + - name: SEQUENCER_PK_FILE + value: "./sequencer_pk.txt" + - name: WATCHER_DELAY + value: "4000" + + .contracts.env: + - name: SEQUENCER_ADDRESS + value: "0xf39fd6e51aad88f6f4ce6ab8827279cfffb92266" + - name: VALIDATOR_ADDRESS + value: "0x70997970c51812dc3a010c7d01b50e0d17dc79c8" + - name: DEPLOYER_ADDRESS + value: "0x3C44CdDdB6a900fa2b585dd299e03d12FA4293BC" + + .genesis.env: + - name: GENESIS_CFG_PATH + value: "./genesis_config.json" + - name: GENESIS_PATH + value: "./genesis.json" + - name: BASE_ROLLUP_CFG_PATH + value: "./base_sp_rollup.json" + - name: ROLLUP_CFG_PATH + value: "./sp_rollup.json" + - name: GENESIS_EXPORTED_HASH_PATH + value: "./genesis_hash.json" + - name: L1_NETWORK + value: "localhost" + - name: L1_STACK + value: "geth" + - name: L1_ENDPOINT + value: "ws://$L1_GETH_SERVICE_HOST:$L1_GETH_SERVICE_PORT_8546" + - name: L1_PERIOD + value: "12" + + .paths.env: + - name: BIN_DIR + value: "/usr/local/bin" + - name: CONTRACTS_DIR + value: "/specular/contracts" + - name: CONFIG_DIR + value: "/specular/config" + - name: OPS_GENESIS_BIN + value: "/usr/local/bin/genesis" + - name: OPS_DIR + value: "/specular/ops" + - name: L1_GETH_BIN + value: "/usr/local/bin/geth" + - name: SP_GETH_BIN + value: "/usr/local/bin/geth" + - name: SP_MAGI_BIN + value: "/usr/local/bin/magi" + - name: SIDECAR_BIN + value: "/usr/local/bin/sidecar" + - name: WAIT_DIR + value: "/specular/workspace" + + .sidecar.env: + - name: ROLLUP_CFG_PATH + value: "./sp_rollup.json" + - name: L1_ENDPOINT + value: "ws://$L1_GETH_SERVICE_HOST:$L1_GETH_SERVICE_PORT_8546" + - name: L2_ENDPOINT + value: "http://$SP_GETH_SERVICE_HOST:$SP_GETH_SERVICE_PORT_4011" + - name: DISSEMINATOR + value: "true" + - name: DISSEMINATOR_PK_PATH + value: "./sequencer_pk.txt" + - name: DISSEMINATOR_SUB_SAFETY_MARGIN + value: "8" + - name: DISSEMINATOR_TARGET_BATCH_SIZE + value: "4096" + - name: DISSEMINATOR_MAX_BATCH_SIZE + value: 120000 + - name: VALIDATOR + value: "true" + - name: VALIDATOR_PK_PATH + value: "./validator_pk.txt" + - name: DISSEMINATOR_MAX_SAFE_LAG + value: 400 + - name: DISSEMINATOR_MAX_SAFE_LAG_DELTA + value: 100 + - name: DISSEMINATOR_INTERVAL + value: 1 + +jsonMaps: + base_sp_rollup.json: + block_time: 2 + max_sequencer_drift: 600 + seq_window_size: 3600 + l1_chain_id: 1337 + + genesis_config.json: + l2ChainID: 13527 + l2GenesisBlockNonce: "0x0" + l2GenesisBlockGasLimit: "0x0" + l2GenesisBlockDifficulty: "0x0" + l2GenesisBlockNumber: "0x0" + l2GenesisBlockGasUsed: "0x0" + l2GenesisBlockBaseFeePerGas: "0x1" + l2GenesisBlockExtraData: 0x + l2PredeployOwner: "0x000000000000000000000000000000000000dEaD" + l2FeesWithdrawalAddress: "0x000000000000000000000000000000000000dEaD" + l2FeesMinWithdrwalAmount: "0x0" + l1FeeOverhead: "0x1" + l1FeeScalar: "0x1" + alloc: + "0x2a00000000000000000000000000000000000011": + balance: "1000000000000000000000000000" + "0x3c44cdddb6a900fa2b585dd299e03d12fa4293bc": + balance: "1000000000000000000000000000" + "0x90F79bf6EB2c4f870365E785982E1f101E93b906": + balance: "1000000000000000000000000000"