From 0528d4e0b58746c39dab86ccb6c1917616c27ee6 Mon Sep 17 00:00:00 2001 From: Arham Jain Date: Tue, 15 Oct 2024 13:33:03 +0530 Subject: [PATCH 1/7] ci(docker): added docker workflow and updated some config variables to env --- .github/workflows/docker.yml | 49 ++++++++++++++++++++++++++++++++++++ src/config.ts | 12 ++++----- 2 files changed, 55 insertions(+), 6 deletions(-) create mode 100644 .github/workflows/docker.yml diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml new file mode 100644 index 00000000..d5561d51 --- /dev/null +++ b/.github/workflows/docker.yml @@ -0,0 +1,49 @@ +# +name: Create and publish a Docker image + +on: + push: + branches: ['dev'] + pull_request: + branches: ['dev'] + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + +jobs: + build-and-push-image: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + attestations: write + id-token: write + steps: + - name: Checkout repository + uses: actions/checkout@v4 + - name: Log in to the Container registry + uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + - name: Build and push Docker image + id: push + uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4 + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + - name: Generate artifact attestation + uses: actions/attest-build-provenance@v1 + with: + subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}} + subject-digest: ${{ steps.push.outputs.digest }} + push-to-registry: true diff --git a/src/config.ts b/src/config.ts index ca650843..621a6bfe 100644 --- a/src/config.ts +++ b/src/config.ts @@ -118,7 +118,7 @@ export const CONFIG: Config = { port: Number(process.env.LOG_SERVER_PORT) || 4446, }, ip: '0.0.0.0', - port: 8080, + port: Number(process.env.RPC_PORT) || 8080, chainId: 8082, nodeIpInfo: { externalIp: process.env.NODE_EXTERNAL_IP || '127.0.0.1', @@ -129,23 +129,23 @@ export const CONFIG: Config = { askLocalHostForArchiver: true, rotationInterval: 60, faucetServerUrl: process.env.FAUCET_URL || 'https://faucet.liberty10.shardeum.org', - queryFromValidator: true, + queryFromValidator: Boolean(process.env.QUERY_FROM_VALIDATOR) || true, explorerUrl: process.env.EXPLORER_URL || 'http://127.0.0.1:6001', queryFromExplorer: false, generateTxTimestamp: true, - nodelistRefreshInterval: 30000, + nodelistRefreshInterval: Number(process.env.NODELIST_REFRESH_INTERVAL) || 30000, defaultRequestRetry: 5, - gasEstimateMethod: 'serviceValidator', //serviceValidator or replayEngine or validator + gasEstimateMethod: process.env.GAS_ESTIMATE_METHOD || 'serviceValidator', //serviceValidator or replayEngine or validator gasEstimateInvalidationIntervalInMs: 1000 * 60 * 60 * 2, // 2 hours gasEstimateUseCache: false, - staticGasEstimate: '0x5B8D80', // comment out rather than delete this line + staticGasEstimate: process.env.STATIC_GAS_ESTIMATE || '0x5B8D80', // comment out rather than delete this line defaultRequestTimeout: { default: 2000, contract: 7000, account: 10000, full_nodelist: 10000, }, - aalgWarmup: false, + aalgWarmup: Boolean(process.env.AALG_WARMUP) || true, aalgWarmupServiceTPS: 10, recordTxStatus: false, // not safe for production, keep this off. Known issue. rateLimit: false, From de5e285d7fde64aa3a04274aa1bd0b99d6f68cd3 Mon Sep 17 00:00:00 2001 From: Arham Jain Date: Tue, 15 Oct 2024 13:57:51 +0530 Subject: [PATCH 2/7] fix(workflow): docker push workflow fix --- .github/workflows/docker.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index d5561d51..da61937f 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -1,4 +1,3 @@ -# name: Create and publish a Docker image on: From e84fb914eb7cfd1632985053cda89196333a3c32 Mon Sep 17 00:00:00 2001 From: Arham Jain Date: Tue, 15 Oct 2024 14:03:30 +0530 Subject: [PATCH 3/7] feat(ci): updateing to use tags got actions instead of commit hashes --- .github/workflows/docker.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index da61937f..1dc29334 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -22,21 +22,22 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 - name: Log in to the Container registry - uses: docker/login-action@65b78e6e13532edd9afa3aa52ac7964289d1a9c1 + uses: docker/login-action@v3 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Extract metadata (tags, labels) for Docker id: meta - uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7 + uses: docker/metadata-action@v5 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} - name: Build and push Docker image id: push - uses: docker/build-push-action@f2a1d5e99d037542a71f64918e516c093c6f3fc4 + uses: docker/build-push-action@v6 with: context: . + file: Dockerfile push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} From 14d034e1bd8eaa92f9ca2f3914330d3840a85a3b Mon Sep 17 00:00:00 2001 From: chrypnotoad Date: Tue, 15 Oct 2024 11:02:26 -0500 Subject: [PATCH 4/7] move permissions to root --- .github/workflows/docker.yml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 1dc29334..e9aa11dc 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -10,14 +10,15 @@ env: REGISTRY: ghcr.io IMAGE_NAME: ${{ github.repository }} +permissions: + contents: read + packages: write + attestations: write + id-token: write + jobs: build-and-push-image: runs-on: ubuntu-latest - permissions: - contents: read - packages: write - attestations: write - id-token: write steps: - name: Checkout repository uses: actions/checkout@v4 From 930a1f59463f04937e6e59f9bf6d209ce53845f3 Mon Sep 17 00:00:00 2001 From: chrypnotoad Date: Tue, 15 Oct 2024 11:05:23 -0500 Subject: [PATCH 5/7] Update docker.yml --- .github/workflows/docker.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index e9aa11dc..1f6b8afd 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -42,6 +42,7 @@ jobs: push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} + secrets: ${{ secrets.GITHUB_TOKEN }} - name: Generate artifact attestation uses: actions/attest-build-provenance@v1 with: From 21ea8180360770d85737cbeac3abff7fc4dc5611 Mon Sep 17 00:00:00 2001 From: chrypnotoad Date: Tue, 15 Oct 2024 11:09:35 -0500 Subject: [PATCH 6/7] Update docker.yml --- .github/workflows/docker.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 1f6b8afd..990ce3ca 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -42,7 +42,8 @@ jobs: push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - secrets: ${{ secrets.GITHUB_TOKEN }} + ecrets: | + GIT_AUTH_TOKEN= ${{ secrets.GITHUB_TOKEN }} - name: Generate artifact attestation uses: actions/attest-build-provenance@v1 with: From a88c03866af972e778e1a956b043a73ca9f14a61 Mon Sep 17 00:00:00 2001 From: chrypnotoad Date: Tue, 15 Oct 2024 11:09:56 -0500 Subject: [PATCH 7/7] Update docker.yml --- .github/workflows/docker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 990ce3ca..4af7abda 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -42,7 +42,7 @@ jobs: push: true tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} - ecrets: | + secrets: | GIT_AUTH_TOKEN= ${{ secrets.GITHUB_TOKEN }} - name: Generate artifact attestation uses: actions/attest-build-provenance@v1