From c8451a9dc707bef72e860fc12e2258c160c7f586 Mon Sep 17 00:00:00 2001 From: Maksym Zub Date: Wed, 11 Dec 2024 16:20:02 +0100 Subject: [PATCH 01/20] ZK-611: contract deployment environments --- ...ontract.yml => manual-deploy-contract.yml} | 66 +++++++++++++------ Makefile | 2 +- scripts/Shielder.s.sol | 9 ++- 3 files changed, 54 insertions(+), 23 deletions(-) rename .github/workflows/{manual-testnet-deploy-contract.yml => manual-deploy-contract.yml} (51%) diff --git a/.github/workflows/manual-testnet-deploy-contract.yml b/.github/workflows/manual-deploy-contract.yml similarity index 51% rename from .github/workflows/manual-testnet-deploy-contract.yml rename to .github/workflows/manual-deploy-contract.yml index 7fdb3a91..f4fcf0b5 100644 --- a/.github/workflows/manual-testnet-deploy-contract.yml +++ b/.github/workflows/manual-deploy-contract.yml @@ -1,8 +1,18 @@ --- -name: "[TESTNET] Deploy contracts" +name: "Manually Deploy contracts" on: workflow_dispatch: + inputs: + environment: + description: "Environment to deploy to" + required: true + default: "testnet-dev" + type: choice + options: + - "testnet-dev" + - "testnet-stage" + - "mainnet-prod" jobs: deploy-contracts: @@ -34,12 +44,30 @@ jobs: - name: Install deps run: make deps + - name: Set environment-specific variables + id: set-env-vars + run: | + if [ "${{ github.event.inputs.environment }}" == "testnet-dev" ]; then + echo "OWNER_ADDRESS=${{ secrets.CI_TESTNET_ALICE_PUBLIC_KEY }}" >> $GITHUB_ENV + echo "PRIVATE_KEY=${{ secrets.CI_TESTNET_DEPLOYER_PRIVATE_KEY }}" >> $GITHUB_ENV + elif [ "${{ github.event.inputs.environment }}" == "testnet-stage" ]; then + echo "OWNER_ADDRESS=${{ secrets.CI_TESTNET_STAGE_OWNER_ADDRESS }}" >> $GITHUB_ENV + echo "PRIVATE_KEY=${{ secrets.CI_TESTNET_DEPLOYER_PRIVATE_KEY }}" >> $GITHUB_ENV + elif [ "${{ github.event.inputs.environment }}" == "mainnet-prod" ]; then + echo "OWNER_ADDRESS=${{ secrets.MAINNET_PROD_OWNER_ADDRESS }}" >> $GITHUB_ENV + echo "PRIVATE_KEY=${{ secrets.CI_MAINNET_DEPLOYER_PRIVATE_KEY }}" >> $GITHUB_ENV + else + echo "Invalid environment selected!" >&2 + exit 1 + fi + - name: Compile eth contracts run: make compile-contracts - name: Deploy contracts run: | - PRIVATE_KEY=${{ secrets.CI_TESTNET_DEPLOYER_PRIVATE_KEY }} \ + OWNER_ADDRESS=${{ env.OWNER_ADDRESS }} \ + PRIVATE_KEY=${{ env.PRIVATE_KEY }} \ NETWORK=https://rpc.alephzero-testnet.gelato.digital \ make deploy-contracts @@ -86,20 +114,20 @@ jobs: cat contract_spec_with_block_numbers.json # yamllint disable rule:line-length - - name: Store addresses in S3 bucket - shell: bash - env: - AWS_ACCESS_KEY_ID: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_DEV_RW_AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_DEV_RW_AWS_SECRET_ACCESS_KEY }} - AWS_REGION: ${{ secrets.CONTRACTS_S3BUCKET_REGION }} - run: | - aws s3 cp contract_spec_with_block_numbers.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/testnet/l2_dev.json - - - name: Store artifact in S3 bucket - shell: bash - env: - AWS_ACCESS_KEY_ID: ${{ secrets.CONTRACTS_ZKOS_ARTIFACTS_RW_AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.CONTRACTS_ZKOS_ARTIFACTS_RW_AWS_SECRET_ACCESS_KEY }} - AWS_REGION: ${{ secrets.CONTRACTS_S3BUCKET_REGION }} - run: | - aws s3 cp artifacts/Shielder.sol/Shielder.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/artifacts/${{ github.sha }}/eth_shielder/ + # - name: Store addresses in S3 bucket + # shell: bash + # env: + # AWS_ACCESS_KEY_ID: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_DEV_RW_AWS_ACCESS_KEY_ID }} + # AWS_SECRET_ACCESS_KEY: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_DEV_RW_AWS_SECRET_ACCESS_KEY }} + # AWS_REGION: ${{ secrets.CONTRACTS_S3BUCKET_REGION }} + # run: | + # aws s3 cp contract_spec_with_block_numbers.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/testnet/l2_dev.json + + # - name: Store artifact in S3 bucket + # shell: bash + # env: + # AWS_ACCESS_KEY_ID: ${{ secrets.CONTRACTS_ZKOS_ARTIFACTS_RW_AWS_ACCESS_KEY_ID }} + # AWS_SECRET_ACCESS_KEY: ${{ secrets.CONTRACTS_ZKOS_ARTIFACTS_RW_AWS_SECRET_ACCESS_KEY }} + # AWS_REGION: ${{ secrets.CONTRACTS_S3BUCKET_REGION }} + # run: | + # aws s3 cp artifacts/Shielder.sol/Shielder.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/artifacts/${{ github.sha }}/eth_shielder/ diff --git a/Makefile b/Makefile index f5be5939..3406b143 100644 --- a/Makefile +++ b/Makefile @@ -50,7 +50,7 @@ deploy-contracts: # Deploy solidity contracts deploy-contracts: ifeq ($(NETWORK),anvil) $(eval PRIVATE_KEY=0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80) \ - PRIVATE_KEY=$(PRIVATE_KEY) forge script DeployShielderScript --broadcast --rpc-url anvil --sender $(shell cast wallet address $(PRIVATE_KEY)) + PRIVATE_KEY=$(PRIVATE_KEY) OWNER=$(shell cast wallet address $(PRIVATE_KEY)) forge script DeployShielderScript --broadcast --rpc-url anvil --sender $(shell cast wallet address $(PRIVATE_KEY)) else PRIVATE_KEY=$(PRIVATE_KEY) forge script DeployShielderScript --broadcast --rpc-url $(NETWORK) --sender $(shell cast wallet address $(PRIVATE_KEY)) endif diff --git a/scripts/Shielder.s.sol b/scripts/Shielder.s.sol index 3842575e..e495e968 100644 --- a/scripts/Shielder.s.sol +++ b/scripts/Shielder.s.sol @@ -12,8 +12,9 @@ contract DeployShielderScript is Script { function run() external { uint256 privateKey = vm.envUint("PRIVATE_KEY"); - address owner = vm.addr(privateKey); - console2.log("Using", owner, "as broadcaster"); + address owner = vm.envAddress("OWNER_ADDRESS"); + address broadcaster = vm.addr(privateKey); + console2.log("Using", broadcaster, "as broadcaster"); vm.startBroadcast(privateKey); @@ -34,7 +35,9 @@ contract DeployShielderScript is Script { Shielder shielder = Shielder(proxy); console2.log("Shielder deployed at:", address(shielder)); - shielder.unpause(); + if (owner == broadcaster) { + shielder.unpause(); + } vm.stopBroadcast(); } From a411d21ade8e57610473e33ffe7baf8add4048c9 Mon Sep 17 00:00:00 2001 From: Maksym Zub Date: Wed, 11 Dec 2024 16:26:44 +0100 Subject: [PATCH 02/20] upd --- .github/workflows/_check-vars-and-secrets.yml | 17 ++++++++++------- .github/workflows/manual-deploy-contract.yml | 6 +++--- 2 files changed, 13 insertions(+), 10 deletions(-) diff --git a/.github/workflows/_check-vars-and-secrets.yml b/.github/workflows/_check-vars-and-secrets.yml index 60820ab7..bda6db9e 100644 --- a/.github/workflows/_check-vars-and-secrets.yml +++ b/.github/workflows/_check-vars-and-secrets.yml @@ -15,12 +15,14 @@ jobs: if [[ \ -z '${{ vars.SHIELDER_CONTRACT_ADDRESS }}' || \ -z '${{ vars.KUSTOMIZE_VERSION }}' || \ - -z '${{ vars.CI_TESTNET_ALICE_PUBLIC_KEY }} }}' || \ - -z '${{ vars.CI_TESTNET_BOB_PUBLIC_KEY }} }}' || \ - -z '${{ vars.CI_TESTNET_CHARLIE_PUBLIC_KEY }} }}' || \ - -z '${{ vars.CI_TESTNET_TS_SDK_PUBLIC_KEY }} }}' || \ - -z '${{ vars.CI_TESTNET_RELAYER_SIGNER_ADDRESSES }} }}' || \ - -z '${{ vars.CI_TESTNET_FEE_DESTINATION }} }}' + -z '${{ vars.CI_TESTNET_ALICE_PUBLIC_KEY }}' || \ + -z '${{ vars.CI_TESTNET_BOB_PUBLIC_KEY }}' || \ + -z '${{ vars.CI_TESTNET_CHARLIE_PUBLIC_KEY }}' || \ + -z '${{ vars.CI_TESTNET_TS_SDK_PUBLIC_KEY }}' || \ + -z '${{ vars.CI_TESTNET_RELAYER_SIGNER_ADDRESSES }}' || \ + -z '${{ vars.CI_TESTNET_FEE_DESTINATION }}' || \ + -z '${{ vars.CI_TESTNET_STAGE_OWNER_ADDRESS }}' || \ + -z '${{ vars.MAINNET_PROD_OWNER_ADDRESS }}' ]]; then echo '!!! Some repository variables are either missing or empty.' echo '!!! Please check either repository or organization settings.' @@ -55,7 +57,8 @@ jobs: -z '${{ secrets.CONTRACTS_S3BUCKET_REGION }}' || \ -z '${{ secrets.CONTRACTS_S3BUCKET_NAME }}' || \ -z '${{ secrets.CONTRACTS_ZKOS_ARTIFACTS_RW_AWS_ACCESS_KEY_ID }}' || \ - -z '${{ secrets.CONTRACTS_ZKOS_ARTIFACTS_RW_AWS_SECRET_ACCESS_KEY }}' + -z '${{ secrets.CONTRACTS_ZKOS_ARTIFACTS_RW_AWS_SECRET_ACCESS_KEY }}' || \ + -z '${{ secrets.CI_MAINNET_DEPLOYER_PRIVATE_KEY }}' ]]; then echo '!!! Some repository secrets are either missing or empty.' echo '!!! Please check either repository or organization settings.' diff --git a/.github/workflows/manual-deploy-contract.yml b/.github/workflows/manual-deploy-contract.yml index f4fcf0b5..b0f6da9a 100644 --- a/.github/workflows/manual-deploy-contract.yml +++ b/.github/workflows/manual-deploy-contract.yml @@ -48,13 +48,13 @@ jobs: id: set-env-vars run: | if [ "${{ github.event.inputs.environment }}" == "testnet-dev" ]; then - echo "OWNER_ADDRESS=${{ secrets.CI_TESTNET_ALICE_PUBLIC_KEY }}" >> $GITHUB_ENV + echo "OWNER_ADDRESS=${{ vars.CI_TESTNET_ALICE_PUBLIC_KEY }}" >> $GITHUB_ENV echo "PRIVATE_KEY=${{ secrets.CI_TESTNET_DEPLOYER_PRIVATE_KEY }}" >> $GITHUB_ENV elif [ "${{ github.event.inputs.environment }}" == "testnet-stage" ]; then - echo "OWNER_ADDRESS=${{ secrets.CI_TESTNET_STAGE_OWNER_ADDRESS }}" >> $GITHUB_ENV + echo "OWNER_ADDRESS=${{ vars.CI_TESTNET_STAGE_OWNER_ADDRESS }}" >> $GITHUB_ENV echo "PRIVATE_KEY=${{ secrets.CI_TESTNET_DEPLOYER_PRIVATE_KEY }}" >> $GITHUB_ENV elif [ "${{ github.event.inputs.environment }}" == "mainnet-prod" ]; then - echo "OWNER_ADDRESS=${{ secrets.MAINNET_PROD_OWNER_ADDRESS }}" >> $GITHUB_ENV + echo "OWNER_ADDRESS=${{ vars.MAINNET_PROD_OWNER_ADDRESS }}" >> $GITHUB_ENV echo "PRIVATE_KEY=${{ secrets.CI_MAINNET_DEPLOYER_PRIVATE_KEY }}" >> $GITHUB_ENV else echo "Invalid environment selected!" >&2 From b0e5051aac83ef1f88957cd88b82bf21fd1a6449 Mon Sep 17 00:00:00 2001 From: Maksym Zub Date: Wed, 11 Dec 2024 16:28:29 +0100 Subject: [PATCH 03/20] upd --- .github/workflows/_check-vars-and-secrets.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/_check-vars-and-secrets.yml b/.github/workflows/_check-vars-and-secrets.yml index bda6db9e..b0396c3c 100644 --- a/.github/workflows/_check-vars-and-secrets.yml +++ b/.github/workflows/_check-vars-and-secrets.yml @@ -15,14 +15,14 @@ jobs: if [[ \ -z '${{ vars.SHIELDER_CONTRACT_ADDRESS }}' || \ -z '${{ vars.KUSTOMIZE_VERSION }}' || \ - -z '${{ vars.CI_TESTNET_ALICE_PUBLIC_KEY }}' || \ - -z '${{ vars.CI_TESTNET_BOB_PUBLIC_KEY }}' || \ - -z '${{ vars.CI_TESTNET_CHARLIE_PUBLIC_KEY }}' || \ - -z '${{ vars.CI_TESTNET_TS_SDK_PUBLIC_KEY }}' || \ - -z '${{ vars.CI_TESTNET_RELAYER_SIGNER_ADDRESSES }}' || \ - -z '${{ vars.CI_TESTNET_FEE_DESTINATION }}' || \ - -z '${{ vars.CI_TESTNET_STAGE_OWNER_ADDRESS }}' || \ - -z '${{ vars.MAINNET_PROD_OWNER_ADDRESS }}' + -z '${{ vars.CI_TESTNET_ALICE_PUBLIC_KEY }} }}' || \ + -z '${{ vars.CI_TESTNET_BOB_PUBLIC_KEY }} }}' || \ + -z '${{ vars.CI_TESTNET_CHARLIE_PUBLIC_KEY }} }}' || \ + -z '${{ vars.CI_TESTNET_TS_SDK_PUBLIC_KEY }} }}' || \ + -z '${{ vars.CI_TESTNET_RELAYER_SIGNER_ADDRESSES }} }}' || \ + -z '${{ vars.CI_TESTNET_FEE_DESTINATION }} }}' || \ + -z '${{ vars.CI_TESTNET_STAGE_OWNER_ADDRESS }} }}' || \ + -z '${{ vars.MAINNET_PROD_OWNER_ADDRESS }} }}' ]]; then echo '!!! Some repository variables are either missing or empty.' echo '!!! Please check either repository or organization settings.' From e0fccb80c4baae9db54cd26f51128c695f7a4cbe Mon Sep 17 00:00:00 2001 From: Maksym Zub Date: Wed, 11 Dec 2024 16:30:43 +0100 Subject: [PATCH 04/20] upd --- .github/workflows/_check-vars-and-secrets.yml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/_check-vars-and-secrets.yml b/.github/workflows/_check-vars-and-secrets.yml index b0396c3c..bda6db9e 100644 --- a/.github/workflows/_check-vars-and-secrets.yml +++ b/.github/workflows/_check-vars-and-secrets.yml @@ -15,14 +15,14 @@ jobs: if [[ \ -z '${{ vars.SHIELDER_CONTRACT_ADDRESS }}' || \ -z '${{ vars.KUSTOMIZE_VERSION }}' || \ - -z '${{ vars.CI_TESTNET_ALICE_PUBLIC_KEY }} }}' || \ - -z '${{ vars.CI_TESTNET_BOB_PUBLIC_KEY }} }}' || \ - -z '${{ vars.CI_TESTNET_CHARLIE_PUBLIC_KEY }} }}' || \ - -z '${{ vars.CI_TESTNET_TS_SDK_PUBLIC_KEY }} }}' || \ - -z '${{ vars.CI_TESTNET_RELAYER_SIGNER_ADDRESSES }} }}' || \ - -z '${{ vars.CI_TESTNET_FEE_DESTINATION }} }}' || \ - -z '${{ vars.CI_TESTNET_STAGE_OWNER_ADDRESS }} }}' || \ - -z '${{ vars.MAINNET_PROD_OWNER_ADDRESS }} }}' + -z '${{ vars.CI_TESTNET_ALICE_PUBLIC_KEY }}' || \ + -z '${{ vars.CI_TESTNET_BOB_PUBLIC_KEY }}' || \ + -z '${{ vars.CI_TESTNET_CHARLIE_PUBLIC_KEY }}' || \ + -z '${{ vars.CI_TESTNET_TS_SDK_PUBLIC_KEY }}' || \ + -z '${{ vars.CI_TESTNET_RELAYER_SIGNER_ADDRESSES }}' || \ + -z '${{ vars.CI_TESTNET_FEE_DESTINATION }}' || \ + -z '${{ vars.CI_TESTNET_STAGE_OWNER_ADDRESS }}' || \ + -z '${{ vars.MAINNET_PROD_OWNER_ADDRESS }}' ]]; then echo '!!! Some repository variables are either missing or empty.' echo '!!! Please check either repository or organization settings.' From 89ba603c64ee710775f5ace776e7f27e1c0954ce Mon Sep 17 00:00:00 2001 From: Maksym Zub Date: Wed, 11 Dec 2024 16:48:52 +0100 Subject: [PATCH 05/20] upd --- .github/workflows/manual-deploy-contract.yml | 49 +++++++++++++------- 1 file changed, 31 insertions(+), 18 deletions(-) diff --git a/.github/workflows/manual-deploy-contract.yml b/.github/workflows/manual-deploy-contract.yml index b0f6da9a..0c3ff0ca 100644 --- a/.github/workflows/manual-deploy-contract.yml +++ b/.github/workflows/manual-deploy-contract.yml @@ -45,7 +45,6 @@ jobs: run: make deps - name: Set environment-specific variables - id: set-env-vars run: | if [ "${{ github.event.inputs.environment }}" == "testnet-dev" ]; then echo "OWNER_ADDRESS=${{ vars.CI_TESTNET_ALICE_PUBLIC_KEY }}" >> $GITHUB_ENV @@ -113,21 +112,35 @@ jobs: cat contract_spec_with_block_numbers.json + - name: Determine address to store + run: | + if [ "${{ github.event.inputs.environment }}" == "testnet-dev" ]; then + echo "ADDRESSES_S3_PATH=testnet/dev.json" >> $GITHUB_ENV + elif [ "${{ github.event.inputs.environment }}" == "testnet-stage" ]; then + echo "ADDRESSES_S3_PATH=testnet/stage.json" >> $GITHUB_ENV + elif [ "${{ github.event.inputs.environment }}" == "mainnet-prod" ]; then + echo "ADDRESSES_S3_PATH=mainnet/prod.json" >> $GITHUB_ENV + else + echo "Invalid environment selected!" >&2 + exit 1 + fi + # yamllint disable rule:line-length - # - name: Store addresses in S3 bucket - # shell: bash - # env: - # AWS_ACCESS_KEY_ID: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_DEV_RW_AWS_ACCESS_KEY_ID }} - # AWS_SECRET_ACCESS_KEY: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_DEV_RW_AWS_SECRET_ACCESS_KEY }} - # AWS_REGION: ${{ secrets.CONTRACTS_S3BUCKET_REGION }} - # run: | - # aws s3 cp contract_spec_with_block_numbers.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/testnet/l2_dev.json - - # - name: Store artifact in S3 bucket - # shell: bash - # env: - # AWS_ACCESS_KEY_ID: ${{ secrets.CONTRACTS_ZKOS_ARTIFACTS_RW_AWS_ACCESS_KEY_ID }} - # AWS_SECRET_ACCESS_KEY: ${{ secrets.CONTRACTS_ZKOS_ARTIFACTS_RW_AWS_SECRET_ACCESS_KEY }} - # AWS_REGION: ${{ secrets.CONTRACTS_S3BUCKET_REGION }} - # run: | - # aws s3 cp artifacts/Shielder.sol/Shielder.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/artifacts/${{ github.sha }}/eth_shielder/ + - name: Store addresses in S3 bucket + shell: bash + env: + AWS_ACCESS_KEY_ID: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_DEV_RW_AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_DEV_RW_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: ${{ secrets.CONTRACTS_S3BUCKET_REGION }} + run: | + aws s3 cp contract_spec_with_block_numbers.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/${{ env.ADDRESSES_S3_PATH }} + aws s3 cp broadcast/Shielder.s.sol/**/run-latest.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/${{ env.ADDRESSES_S3_PATH }} + + - name: Store artifact in S3 bucket + shell: bash + env: + AWS_ACCESS_KEY_ID: ${{ secrets.CONTRACTS_ZKOS_ARTIFACTS_RW_AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.CONTRACTS_ZKOS_ARTIFACTS_RW_AWS_SECRET_ACCESS_KEY }} + AWS_REGION: ${{ secrets.CONTRACTS_S3BUCKET_REGION }} + run: | + aws s3 cp artifacts/Shielder.sol/Shielder.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/artifacts/${{ github.sha }}/eth_shielder/ From 270ae118d4282a85565f92d3b1c77e965a56aadd Mon Sep 17 00:00:00 2001 From: Maksym Zub Date: Wed, 11 Dec 2024 16:57:57 +0100 Subject: [PATCH 06/20] upd --- .github/workflows/manual-deploy-contract.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/manual-deploy-contract.yml b/.github/workflows/manual-deploy-contract.yml index 0c3ff0ca..8fd3762f 100644 --- a/.github/workflows/manual-deploy-contract.yml +++ b/.github/workflows/manual-deploy-contract.yml @@ -2,6 +2,8 @@ name: "Manually Deploy contracts" on: + pull_request: + workflow_dispatch: inputs: environment: From 4f8bb504f10348df3ec2a5ac5b83daa34294ba86 Mon Sep 17 00:00:00 2001 From: Maksym Zub Date: Wed, 11 Dec 2024 16:58:19 +0100 Subject: [PATCH 07/20] upd --- .github/workflows/manual-deploy-contract.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/manual-deploy-contract.yml b/.github/workflows/manual-deploy-contract.yml index 8fd3762f..0c3ff0ca 100644 --- a/.github/workflows/manual-deploy-contract.yml +++ b/.github/workflows/manual-deploy-contract.yml @@ -2,8 +2,6 @@ name: "Manually Deploy contracts" on: - pull_request: - workflow_dispatch: inputs: environment: From a6418b125373a9cb3f2b24856c54ba85afb999de Mon Sep 17 00:00:00 2001 From: Maksym Zub Date: Wed, 11 Dec 2024 17:12:09 +0100 Subject: [PATCH 08/20] upd --- .github/workflows/manual-deploy-contract.yml | 3 +++ Makefile | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/manual-deploy-contract.yml b/.github/workflows/manual-deploy-contract.yml index 0c3ff0ca..68229a22 100644 --- a/.github/workflows/manual-deploy-contract.yml +++ b/.github/workflows/manual-deploy-contract.yml @@ -19,6 +19,9 @@ jobs: name: Deploy contracts on testnet runs-on: [self-hosted, Linux, X64, medium] steps: + - name: Print environment + run: echo "Environment: ${{ github.event.inputs.environment }}" + - name: GIT | Checkout uses: actions/checkout@v4 diff --git a/Makefile b/Makefile index 3406b143..264878bd 100644 --- a/Makefile +++ b/Makefile @@ -50,7 +50,7 @@ deploy-contracts: # Deploy solidity contracts deploy-contracts: ifeq ($(NETWORK),anvil) $(eval PRIVATE_KEY=0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80) \ - PRIVATE_KEY=$(PRIVATE_KEY) OWNER=$(shell cast wallet address $(PRIVATE_KEY)) forge script DeployShielderScript --broadcast --rpc-url anvil --sender $(shell cast wallet address $(PRIVATE_KEY)) + PRIVATE_KEY=$(PRIVATE_KEY) OWNER_ADDRESS=$(shell cast wallet address $(PRIVATE_KEY)) forge script DeployShielderScript --broadcast --rpc-url anvil --sender $(shell cast wallet address $(PRIVATE_KEY)) else PRIVATE_KEY=$(PRIVATE_KEY) forge script DeployShielderScript --broadcast --rpc-url $(NETWORK) --sender $(shell cast wallet address $(PRIVATE_KEY)) endif From aceb2fa286d282ffe024711f764be6f370e32197 Mon Sep 17 00:00:00 2001 From: Maksym Zub Date: Wed, 11 Dec 2024 17:13:24 +0100 Subject: [PATCH 09/20] upd --- .github/workflows/manual-deploy-contract.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/manual-deploy-contract.yml b/.github/workflows/manual-deploy-contract.yml index 68229a22..31bcc74d 100644 --- a/.github/workflows/manual-deploy-contract.yml +++ b/.github/workflows/manual-deploy-contract.yml @@ -2,6 +2,7 @@ name: "Manually Deploy contracts" on: + pull_request: workflow_dispatch: inputs: environment: From 646b869d14fdc1c4d0a19ef540041c2de3655160 Mon Sep 17 00:00:00 2001 From: Maksym Zub Date: Wed, 11 Dec 2024 17:15:35 +0100 Subject: [PATCH 10/20] upd --- .github/workflows/manual-deploy-contract.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/manual-deploy-contract.yml b/.github/workflows/manual-deploy-contract.yml index 31bcc74d..2a4231a8 100644 --- a/.github/workflows/manual-deploy-contract.yml +++ b/.github/workflows/manual-deploy-contract.yml @@ -21,7 +21,9 @@ jobs: runs-on: [self-hosted, Linux, X64, medium] steps: - name: Print environment - run: echo "Environment: ${{ github.event.inputs.environment }}" + run: | + echo "Environment:" + echo ${{ github.event.inputs.environment }} - name: GIT | Checkout uses: actions/checkout@v4 From 1ec47d539dfa425f21f84fe9e2412cf056686ea8 Mon Sep 17 00:00:00 2001 From: Maksym Zub Date: Wed, 11 Dec 2024 17:16:00 +0100 Subject: [PATCH 11/20] upd --- .github/workflows/manual-deploy-contract.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/manual-deploy-contract.yml b/.github/workflows/manual-deploy-contract.yml index 2a4231a8..7e2ce70d 100644 --- a/.github/workflows/manual-deploy-contract.yml +++ b/.github/workflows/manual-deploy-contract.yml @@ -2,7 +2,6 @@ name: "Manually Deploy contracts" on: - pull_request: workflow_dispatch: inputs: environment: From db2ccdc0ef36d55978fbfa9c6c869addea827e6f Mon Sep 17 00:00:00 2001 From: Maksym Zub Date: Wed, 11 Dec 2024 17:30:08 +0100 Subject: [PATCH 12/20] upd --- .github/workflows/manual-deploy-contract.yml | 5 ++--- Makefile | 3 ++- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/manual-deploy-contract.yml b/.github/workflows/manual-deploy-contract.yml index 7e2ce70d..6c7666ba 100644 --- a/.github/workflows/manual-deploy-contract.yml +++ b/.github/workflows/manual-deploy-contract.yml @@ -21,8 +21,7 @@ jobs: steps: - name: Print environment run: | - echo "Environment:" - echo ${{ github.event.inputs.environment }} + echo "Environment:\"${{ github.event.inputs.environment }}\"" - name: GIT | Checkout uses: actions/checkout@v4 @@ -49,10 +48,10 @@ jobs: - name: Install deps run: make deps + # for "testnet-dev" we use default owner address, as it's not important - name: Set environment-specific variables run: | if [ "${{ github.event.inputs.environment }}" == "testnet-dev" ]; then - echo "OWNER_ADDRESS=${{ vars.CI_TESTNET_ALICE_PUBLIC_KEY }}" >> $GITHUB_ENV echo "PRIVATE_KEY=${{ secrets.CI_TESTNET_DEPLOYER_PRIVATE_KEY }}" >> $GITHUB_ENV elif [ "${{ github.event.inputs.environment }}" == "testnet-stage" ]; then echo "OWNER_ADDRESS=${{ vars.CI_TESTNET_STAGE_OWNER_ADDRESS }}" >> $GITHUB_ENV diff --git a/Makefile b/Makefile index 264878bd..462cdd26 100644 --- a/Makefile +++ b/Makefile @@ -1,5 +1,6 @@ NETWORK ?= anvil PRIVATE_KEY ?= 0xb6b15c8cb491557369f3c7d2c287b053eb229daa9c22138887752191c9520659 # pkey of the dev account `0x3f1Eae7D46d88F08fc2F8ed27FCb2AB183EB2d0E` prefunded with ETH on all networks +OWNER_ADDRESS ?= $(shell cast wallet address $(PRIVATE_KEY)) .PHONY: help help: # Show help for each of the Makefile recipes. @@ -50,7 +51,7 @@ deploy-contracts: # Deploy solidity contracts deploy-contracts: ifeq ($(NETWORK),anvil) $(eval PRIVATE_KEY=0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80) \ - PRIVATE_KEY=$(PRIVATE_KEY) OWNER_ADDRESS=$(shell cast wallet address $(PRIVATE_KEY)) forge script DeployShielderScript --broadcast --rpc-url anvil --sender $(shell cast wallet address $(PRIVATE_KEY)) + PRIVATE_KEY=$(PRIVATE_KEY) forge script DeployShielderScript --broadcast --rpc-url anvil --sender $(shell cast wallet address $(PRIVATE_KEY)) else PRIVATE_KEY=$(PRIVATE_KEY) forge script DeployShielderScript --broadcast --rpc-url $(NETWORK) --sender $(shell cast wallet address $(PRIVATE_KEY)) endif From b86184fb8c66c90afe6c6f1cb62c3c0fef006309 Mon Sep 17 00:00:00 2001 From: Maksym Zub Date: Wed, 11 Dec 2024 17:36:17 +0100 Subject: [PATCH 13/20] upd --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 462cdd26..0ebb0331 100644 --- a/Makefile +++ b/Makefile @@ -51,9 +51,9 @@ deploy-contracts: # Deploy solidity contracts deploy-contracts: ifeq ($(NETWORK),anvil) $(eval PRIVATE_KEY=0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80) \ - PRIVATE_KEY=$(PRIVATE_KEY) forge script DeployShielderScript --broadcast --rpc-url anvil --sender $(shell cast wallet address $(PRIVATE_KEY)) + PRIVATE_KEY=$(PRIVATE_KEY) OWNER_ADDRESS=$(OWNER_ADDRESS) forge script DeployShielderScript --broadcast --rpc-url anvil --sender $(shell cast wallet address $(PRIVATE_KEY)) else - PRIVATE_KEY=$(PRIVATE_KEY) forge script DeployShielderScript --broadcast --rpc-url $(NETWORK) --sender $(shell cast wallet address $(PRIVATE_KEY)) + PRIVATE_KEY=$(PRIVATE_KEY) OWNER_ADDRESS=$(OWNER_ADDRESS) forge script DeployShielderScript --broadcast --rpc-url $(NETWORK) --sender $(shell cast wallet address $(PRIVATE_KEY)) endif .PHONY: generate-poseidon-contracts From 805bacf7eb2349cfe0acdb6ccb08b89d27b12ac9 Mon Sep 17 00:00:00 2001 From: Maksym Zub Date: Wed, 11 Dec 2024 17:46:52 +0100 Subject: [PATCH 14/20] upd --- .github/workflows/manual-deploy-contract.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/manual-deploy-contract.yml b/.github/workflows/manual-deploy-contract.yml index 6c7666ba..57ce7f89 100644 --- a/.github/workflows/manual-deploy-contract.yml +++ b/.github/workflows/manual-deploy-contract.yml @@ -69,8 +69,6 @@ jobs: - name: Deploy contracts run: | - OWNER_ADDRESS=${{ env.OWNER_ADDRESS }} \ - PRIVATE_KEY=${{ env.PRIVATE_KEY }} \ NETWORK=https://rpc.alephzero-testnet.gelato.digital \ make deploy-contracts From 7e8c84cbbcd7ed315ab5e2fb877071eda308fee7 Mon Sep 17 00:00:00 2001 From: Maksym Zub Date: Wed, 11 Dec 2024 18:01:03 +0100 Subject: [PATCH 15/20] upd --- .github/workflows/manual-deploy-contract.yml | 6 +----- tooling-e2e-tests/utils.sh | 5 ++++- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/.github/workflows/manual-deploy-contract.yml b/.github/workflows/manual-deploy-contract.yml index 57ce7f89..2bf12c28 100644 --- a/.github/workflows/manual-deploy-contract.yml +++ b/.github/workflows/manual-deploy-contract.yml @@ -16,13 +16,9 @@ on: jobs: deploy-contracts: - name: Deploy contracts on testnet + name: Deploy contracts on ${{ github.event.inputs.environment }} runs-on: [self-hosted, Linux, X64, medium] steps: - - name: Print environment - run: | - echo "Environment:\"${{ github.event.inputs.environment }}\"" - - name: GIT | Checkout uses: actions/checkout@v4 diff --git a/tooling-e2e-tests/utils.sh b/tooling-e2e-tests/utils.sh index 8e5508b0..a81822d5 100644 --- a/tooling-e2e-tests/utils.sh +++ b/tooling-e2e-tests/utils.sh @@ -57,9 +57,12 @@ mtzero() { #################################################################################################### #### CONTRACTS ##################################################################################### #################################################################################################### +# we don't care about owner, so we use ${ALICE_PUBLIC_KEY} as owner placeholder deploy_contracts() { SHIELDER_CONTRACT_ADDRESS=$( - PRIVATE_KEY="${DEPLOYER_PRIVATE_KEY}" forge script DeployShielderScript \ + PRIVATE_KEY="${DEPLOYER_PRIVATE_KEY}" \ + OWNER_ADDRESS="${ALICE_PUBLIC_KEY}" \ + forge script DeployShielderScript \ --rpc-url "${NODE_RPC_URL}" \ --broadcast \ --non-interactive \ From 5329a34fdba10fb5684cab10c3dfd3d04c0c11ce Mon Sep 17 00:00:00 2001 From: Maksym Zub Date: Wed, 11 Dec 2024 18:20:42 +0100 Subject: [PATCH 16/20] upd --- tooling-e2e-tests/utils.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tooling-e2e-tests/utils.sh b/tooling-e2e-tests/utils.sh index a81822d5..61e54ff4 100644 --- a/tooling-e2e-tests/utils.sh +++ b/tooling-e2e-tests/utils.sh @@ -57,11 +57,10 @@ mtzero() { #################################################################################################### #### CONTRACTS ##################################################################################### #################################################################################################### -# we don't care about owner, so we use ${ALICE_PUBLIC_KEY} as owner placeholder deploy_contracts() { SHIELDER_CONTRACT_ADDRESS=$( PRIVATE_KEY="${DEPLOYER_PRIVATE_KEY}" \ - OWNER_ADDRESS="${ALICE_PUBLIC_KEY}" \ + OWNER_ADDRESS="$(cast wallet address ${DEPLOYER_PRIVATE_KEY})" \ forge script DeployShielderScript \ --rpc-url "${NODE_RPC_URL}" \ --broadcast \ From b331a54b9590f140f920b0d61e4360ae58e8bd15 Mon Sep 17 00:00:00 2001 From: Maksym Zub Date: Thu, 12 Dec 2024 12:38:11 +0100 Subject: [PATCH 17/20] upd --- .github/workflows/manual-deploy-contract.yml | 52 ++++++++++--------- ...shielder-testnet.sh => verify-shielder.sh} | 16 +++--- 2 files changed, 36 insertions(+), 32 deletions(-) rename scripts/{verify-shielder-testnet.sh => verify-shielder.sh} (58%) diff --git a/.github/workflows/manual-deploy-contract.yml b/.github/workflows/manual-deploy-contract.yml index 2bf12c28..97e4878e 100644 --- a/.github/workflows/manual-deploy-contract.yml +++ b/.github/workflows/manual-deploy-contract.yml @@ -7,12 +7,12 @@ on: environment: description: "Environment to deploy to" required: true - default: "testnet-dev" + default: "dev" type: choice options: - - "testnet-dev" - - "testnet-stage" - - "mainnet-prod" + - "dev" + - "stage" + - "prod" jobs: deploy-contracts: @@ -44,17 +44,35 @@ jobs: - name: Install deps run: make deps - # for "testnet-dev" we use default owner address, as it's not important + # for "dev" we use default owner address, as it's not important - name: Set environment-specific variables run: | - if [ "${{ github.event.inputs.environment }}" == "testnet-dev" ]; then + if [ "${{ github.event.inputs.environment }}" == "dev" ]; then echo "PRIVATE_KEY=${{ secrets.CI_TESTNET_DEPLOYER_PRIVATE_KEY }}" >> $GITHUB_ENV - elif [ "${{ github.event.inputs.environment }}" == "testnet-stage" ]; then + echo "NETWORK=https://rpc.alephzero-testnet.gelato.digital" >> $GITHUB_ENV + echo "EXPLORER_URL=https://evm-explorer-testnet.alephzero.org/api" >> $GITHUB_ENV + + echo "ADDRESSES_S3_PATH=testnet/dev.json" >> $GITHUB_ENV + echo "AWS_ACCESS_KEY_ID=${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_DEV_RW_AWS_ACCESS_KEY_ID }}" >> $GITHUB_ENV + echo "AWS_SECRET_ACCESS_KEY=${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_DEV_RW_AWS_SECRET_ACCESS_KEY }}" >> $GITHUB_ENV + elif [ "${{ github.event.inputs.environment }}" == "stage" ]; then echo "OWNER_ADDRESS=${{ vars.CI_TESTNET_STAGE_OWNER_ADDRESS }}" >> $GITHUB_ENV echo "PRIVATE_KEY=${{ secrets.CI_TESTNET_DEPLOYER_PRIVATE_KEY }}" >> $GITHUB_ENV - elif [ "${{ github.event.inputs.environment }}" == "mainnet-prod" ]; then + echo "NETWORK=https://rpc.alephzero-testnet.gelato.digital" >> $GITHUB_ENV + echo "EXPLORER_URL=https://evm-explorer-testnet.alephzero.org/api" >> $GITHUB_ENV + + echo "ADDRESSES_S3_PATH=testnet/stage.json" >> $GITHUB_ENV + echo "AWS_ACCESS_KEY_ID=${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_STAGE_RW_AWS_ACCESS_KEY_ID }}" >> $GITHUB_ENV + echo "AWS_SECRET_ACCESS_KEY=${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_STAGE_RW_AWS_SECRET_ACCESS_KEY }}" >> $GITHUB_ENV + elif [ "${{ github.event.inputs.environment }}" == "prod" ]; then echo "OWNER_ADDRESS=${{ vars.MAINNET_PROD_OWNER_ADDRESS }}" >> $GITHUB_ENV echo "PRIVATE_KEY=${{ secrets.CI_MAINNET_DEPLOYER_PRIVATE_KEY }}" >> $GITHUB_ENV + echo "NETWORK=https://rpc.alephzero.raas.gelato.cloud" >> $GITHUB_ENV + echo "EXPLORER_URL=https://evm-explorer.alephzero.org/api" >> $GITHUB_ENV + + echo "ADDRESSES_S3_PATH=mainnet/prod.json" >> $GITHUB_ENV + echo "AWS_ACCESS_KEY_ID=${{ secrets.CONTRACTS_ZKOS_ADDRESSES_MAINNET_PROD_RW_AWS_ACCESS_KEY_ID }}" >> $GITHUB_ENV + echo "AWS_SECRET_ACCESS_KEY=${{ secrets.CONTRACTS_ZKOS_ADDRESSES_MAINNET_PROD_RW_AWS_SECRET_ACCESS_KEY }}" >> $GITHUB_ENV else echo "Invalid environment selected!" >&2 exit 1 @@ -65,11 +83,10 @@ jobs: - name: Deploy contracts run: | - NETWORK=https://rpc.alephzero-testnet.gelato.digital \ make deploy-contracts - name: Verify Shielder contract - run: ./scripts/verify-shielder-testnet.sh + run: ./scripts/verify-shielder.sh - name: Upload Shielder abi to artifacts uses: actions/upload-artifact@v4 @@ -110,25 +127,10 @@ jobs: cat contract_spec_with_block_numbers.json - - name: Determine address to store - run: | - if [ "${{ github.event.inputs.environment }}" == "testnet-dev" ]; then - echo "ADDRESSES_S3_PATH=testnet/dev.json" >> $GITHUB_ENV - elif [ "${{ github.event.inputs.environment }}" == "testnet-stage" ]; then - echo "ADDRESSES_S3_PATH=testnet/stage.json" >> $GITHUB_ENV - elif [ "${{ github.event.inputs.environment }}" == "mainnet-prod" ]; then - echo "ADDRESSES_S3_PATH=mainnet/prod.json" >> $GITHUB_ENV - else - echo "Invalid environment selected!" >&2 - exit 1 - fi - # yamllint disable rule:line-length - name: Store addresses in S3 bucket shell: bash env: - AWS_ACCESS_KEY_ID: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_DEV_RW_AWS_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_DEV_RW_AWS_SECRET_ACCESS_KEY }} AWS_REGION: ${{ secrets.CONTRACTS_S3BUCKET_REGION }} run: | aws s3 cp contract_spec_with_block_numbers.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/${{ env.ADDRESSES_S3_PATH }} diff --git a/scripts/verify-shielder-testnet.sh b/scripts/verify-shielder.sh similarity index 58% rename from scripts/verify-shielder-testnet.sh rename to scripts/verify-shielder.sh index 8740c1f4..5a7dc406 100755 --- a/scripts/verify-shielder-testnet.sh +++ b/scripts/verify-shielder.sh @@ -2,21 +2,23 @@ set -euo pipefail -LIBRARIES=$(cat broadcast/Shielder.s.sol/2039/run-latest.json | jq -r '.libraries | map("--libraries " + .) | join(" ")') -IMPL_CONTRACT_ADDRESS=$(cat broadcast/Shielder.s.sol/2039/run-latest.json \ +CHAIN_ID=$(cast chain-id --rpc-url ${NETWORK}) + +LIBRARIES=$(cat broadcast/Shielder.s.sol/${CHAIN_ID}/run-latest.json | jq -r '.libraries | map("--libraries " + .) | join(" ")') +IMPL_CONTRACT_ADDRESS=$(cat broadcast/Shielder.s.sol/${CHAIN_ID}/run-latest.json \ | jq -r '.transactions | .[] | select(.transactionType=="CREATE") | select(.contractName=="Shielder") | .contractAddress') -PROXY_CONTRACT_ADDRESS=$(cat broadcast/Shielder.s.sol/2039/run-latest.json \ +PROXY_CONTRACT_ADDRESS=$(cat broadcast/Shielder.s.sol/${CHAIN_ID}/run-latest.json \ | jq -r '.transactions | .[] | select(.transactionType=="CREATE") | select(.contractName=="ERC1967Proxy") | .contractAddress') -PROXY_DEPLOYMENT_TX_HASH=$(cat broadcast/Shielder.s.sol/2039/run-latest.json \ +PROXY_DEPLOYMENT_TX_HASH=$(cat broadcast/Shielder.s.sol/${CHAIN_ID}/run-latest.json \ | jq '.transactions | .[] | select(.transactionType=="CREATE") | select(.contractName=="ERC1967Proxy") | .hash') -PROXY_BLOCK_NUMBER=$(cast to-dec $(cat broadcast/Shielder.s.sol/2039/run-latest.json \ +PROXY_BLOCK_NUMBER=$(cast to-dec $(cat broadcast/Shielder.s.sol/${CHAIN_ID}/run-latest.json \ | jq -r ".receipts | .[] | select(.transactionHash==${PROXY_DEPLOYMENT_TX_HASH}) | .blockNumber")) echo ${PROXY_CONTRACT_ADDRESS} > shielder_address.txt echo ${PROXY_BLOCK_NUMBER} > shielder_block_number.txt -forge verify-contract --rpc-url https://rpc.alephzero-testnet.gelato.digital \ - --verifier blockscout --verifier-url https://evm-explorer-testnet.alephzero.org/api \ +forge verify-contract --rpc-url ${NETWORK} \ + --verifier blockscout --verifier-url ${EXPLORER_URL} \ ${LIBRARIES} \ ${IMPL_CONTRACT_ADDRESS} \ contracts/Shielder.sol:Shielder From 506daaca485fd47bc9d732cca382f9c6522167bb Mon Sep 17 00:00:00 2001 From: Maksym Zub Date: Thu, 12 Dec 2024 12:40:19 +0100 Subject: [PATCH 18/20] upd --- .github/workflows/_check-vars-and-secrets.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/_check-vars-and-secrets.yml b/.github/workflows/_check-vars-and-secrets.yml index bda6db9e..f7bbe686 100644 --- a/.github/workflows/_check-vars-and-secrets.yml +++ b/.github/workflows/_check-vars-and-secrets.yml @@ -54,6 +54,10 @@ jobs: -z '${{ secrets.NPM_PUBLISHING_KEY }}' || \ -z '${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_DEV_RW_AWS_ACCESS_KEY_ID }}' || \ -z '${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_DEV_RW_AWS_SECRET_ACCESS_KEY }}' || \ + -z '${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_STAGE_RW_AWS_ACCESS_KEY_ID }}' || \ + -z '${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_STAGE_RW_AWS_SECRET_ACCESS_KEY }}' || \ + -z '${{ secrets.CONTRACTS_ZKOS_ADDRESSES_MAINNET_PROD_RW_AWS_ACCESS_KEY_ID }}' || \ + -z '${{ secrets.CONTRACTS_ZKOS_ADDRESSES_MAINNET_PROD_RW_AWS_SECRET_ACCESS_KEY }}' || \ -z '${{ secrets.CONTRACTS_S3BUCKET_REGION }}' || \ -z '${{ secrets.CONTRACTS_S3BUCKET_NAME }}' || \ -z '${{ secrets.CONTRACTS_ZKOS_ARTIFACTS_RW_AWS_ACCESS_KEY_ID }}' || \ From d5db6b6f33bc2409e3acd831528df0bace857bcc Mon Sep 17 00:00:00 2001 From: Maksym Zub Date: Thu, 12 Dec 2024 12:57:59 +0100 Subject: [PATCH 19/20] upd --- .github/workflows/manual-deploy-contract.yml | 45 +++++++++++++------- 1 file changed, 30 insertions(+), 15 deletions(-) diff --git a/.github/workflows/manual-deploy-contract.yml b/.github/workflows/manual-deploy-contract.yml index 97e4878e..91cda803 100644 --- a/.github/workflows/manual-deploy-contract.yml +++ b/.github/workflows/manual-deploy-contract.yml @@ -51,28 +51,16 @@ jobs: echo "PRIVATE_KEY=${{ secrets.CI_TESTNET_DEPLOYER_PRIVATE_KEY }}" >> $GITHUB_ENV echo "NETWORK=https://rpc.alephzero-testnet.gelato.digital" >> $GITHUB_ENV echo "EXPLORER_URL=https://evm-explorer-testnet.alephzero.org/api" >> $GITHUB_ENV - - echo "ADDRESSES_S3_PATH=testnet/dev.json" >> $GITHUB_ENV - echo "AWS_ACCESS_KEY_ID=${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_DEV_RW_AWS_ACCESS_KEY_ID }}" >> $GITHUB_ENV - echo "AWS_SECRET_ACCESS_KEY=${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_DEV_RW_AWS_SECRET_ACCESS_KEY }}" >> $GITHUB_ENV elif [ "${{ github.event.inputs.environment }}" == "stage" ]; then echo "OWNER_ADDRESS=${{ vars.CI_TESTNET_STAGE_OWNER_ADDRESS }}" >> $GITHUB_ENV echo "PRIVATE_KEY=${{ secrets.CI_TESTNET_DEPLOYER_PRIVATE_KEY }}" >> $GITHUB_ENV echo "NETWORK=https://rpc.alephzero-testnet.gelato.digital" >> $GITHUB_ENV echo "EXPLORER_URL=https://evm-explorer-testnet.alephzero.org/api" >> $GITHUB_ENV - - echo "ADDRESSES_S3_PATH=testnet/stage.json" >> $GITHUB_ENV - echo "AWS_ACCESS_KEY_ID=${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_STAGE_RW_AWS_ACCESS_KEY_ID }}" >> $GITHUB_ENV - echo "AWS_SECRET_ACCESS_KEY=${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_STAGE_RW_AWS_SECRET_ACCESS_KEY }}" >> $GITHUB_ENV elif [ "${{ github.event.inputs.environment }}" == "prod" ]; then echo "OWNER_ADDRESS=${{ vars.MAINNET_PROD_OWNER_ADDRESS }}" >> $GITHUB_ENV echo "PRIVATE_KEY=${{ secrets.CI_MAINNET_DEPLOYER_PRIVATE_KEY }}" >> $GITHUB_ENV echo "NETWORK=https://rpc.alephzero.raas.gelato.cloud" >> $GITHUB_ENV echo "EXPLORER_URL=https://evm-explorer.alephzero.org/api" >> $GITHUB_ENV - - echo "ADDRESSES_S3_PATH=mainnet/prod.json" >> $GITHUB_ENV - echo "AWS_ACCESS_KEY_ID=${{ secrets.CONTRACTS_ZKOS_ADDRESSES_MAINNET_PROD_RW_AWS_ACCESS_KEY_ID }}" >> $GITHUB_ENV - echo "AWS_SECRET_ACCESS_KEY=${{ secrets.CONTRACTS_ZKOS_ADDRESSES_MAINNET_PROD_RW_AWS_SECRET_ACCESS_KEY }}" >> $GITHUB_ENV else echo "Invalid environment selected!" >&2 exit 1 @@ -128,13 +116,40 @@ jobs: cat contract_spec_with_block_numbers.json # yamllint disable rule:line-length - - name: Store addresses in S3 bucket + - name: Store addresses in S3 bucket (dev) + if: ${{ inputs.environment == 'dev' }} + shell: bash + env: + AWS_REGION: ${{ secrets.CONTRACTS_S3BUCKET_REGION }} + AWS_ACCESS_KEY_ID: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_DEV_RW_AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_DEV_RW_AWS_SECRET_ACCESS_KEY }} + run: | + aws s3 cp contract_spec_with_block_numbers.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/testnet/dev.json + aws s3 cp broadcast/Shielder.s.sol/**/run-latest.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/testnet/dev-broadcast.json + + # yamllint disable rule:line-length + - name: Store addresses in S3 bucket (stage) + if: ${{ inputs.environment == 'stage' }} + shell: bash + env: + AWS_REGION: ${{ secrets.CONTRACTS_S3BUCKET_REGION }} + AWS_ACCESS_KEY_ID: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_STAGE_RW_AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_STAGE_RW_AWS_SECRET_ACCESS_KEY }} + run: | + aws s3 cp contract_spec_with_block_numbers.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/testnet/stage.json + aws s3 cp broadcast/Shielder.s.sol/**/run-latest.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/testnet/stage-broadcast.json + + # yamllint disable rule:line-length + - name: Store addresses in S3 bucket (prod) + if: ${{ inputs.environment == 'prod' }} shell: bash env: AWS_REGION: ${{ secrets.CONTRACTS_S3BUCKET_REGION }} + AWS_ACCESS_KEY_ID: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_MAINNET_PROD_RW_AWS_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_MAINNET_PROD_RW_AWS_SECRET_ACCESS_KEY }} run: | - aws s3 cp contract_spec_with_block_numbers.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/${{ env.ADDRESSES_S3_PATH }} - aws s3 cp broadcast/Shielder.s.sol/**/run-latest.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/${{ env.ADDRESSES_S3_PATH }} + aws s3 cp contract_spec_with_block_numbers.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/mainnet/prod.json + aws s3 cp broadcast/Shielder.s.sol/**/run-latest.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/mainnet/prod-broadcast.json - name: Store artifact in S3 bucket shell: bash From 4a932a2d9cf907b0494508806982e6a04c9d8a34 Mon Sep 17 00:00:00 2001 From: Maksym Zub Date: Thu, 12 Dec 2024 13:00:38 +0100 Subject: [PATCH 20/20] upd --- .github/workflows/manual-deploy-contract.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/manual-deploy-contract.yml b/.github/workflows/manual-deploy-contract.yml index 91cda803..6c874ff2 100644 --- a/.github/workflows/manual-deploy-contract.yml +++ b/.github/workflows/manual-deploy-contract.yml @@ -125,7 +125,7 @@ jobs: AWS_SECRET_ACCESS_KEY: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_DEV_RW_AWS_SECRET_ACCESS_KEY }} run: | aws s3 cp contract_spec_with_block_numbers.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/testnet/dev.json - aws s3 cp broadcast/Shielder.s.sol/**/run-latest.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/testnet/dev-broadcast.json + aws s3 cp broadcast/Shielder.s.sol/2039/run-latest.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/testnet/dev-broadcast.json # yamllint disable rule:line-length - name: Store addresses in S3 bucket (stage) @@ -137,7 +137,7 @@ jobs: AWS_SECRET_ACCESS_KEY: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_STAGE_RW_AWS_SECRET_ACCESS_KEY }} run: | aws s3 cp contract_spec_with_block_numbers.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/testnet/stage.json - aws s3 cp broadcast/Shielder.s.sol/**/run-latest.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/testnet/stage-broadcast.json + aws s3 cp broadcast/Shielder.s.sol/2039/run-latest.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/testnet/stage-broadcast.json # yamllint disable rule:line-length - name: Store addresses in S3 bucket (prod) @@ -149,7 +149,7 @@ jobs: AWS_SECRET_ACCESS_KEY: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_MAINNET_PROD_RW_AWS_SECRET_ACCESS_KEY }} run: | aws s3 cp contract_spec_with_block_numbers.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/mainnet/prod.json - aws s3 cp broadcast/Shielder.s.sol/**/run-latest.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/mainnet/prod-broadcast.json + aws s3 cp broadcast/Shielder.s.sol/41455/run-latest.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/mainnet/prod-broadcast.json - name: Store artifact in S3 bucket shell: bash