Skip to content

Manually Deploy contracts #14

Manually Deploy contracts

Manually Deploy contracts #14

---
name: "Manually Deploy contracts"
on:
workflow_dispatch:
inputs:
environment:
description: "Environment to deploy to"
required: true
default: "testnet-dev"
type: choice
options:
- "testnet-dev"
- "testnet-stage"
- "mainnet-prod"
jobs:
deploy-contracts:
name: Deploy contracts on ${{ github.event.inputs.environment }}
runs-on: [self-hosted, Linux, X64, medium]
steps:
- name: GIT | Checkout
uses: actions/checkout@v4
- name: Install Node.js
uses: actions/setup-node@v4
with:
node-version: 18
- name: Prepare Rust env
uses: ./.github/actions/prepare-rust-env
with:
poseidon-gadget-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
zkos-circuits-private-key: ${{ secrets.ZKOS_CIRCUITS_SSH_PRIVATE_KEY }}
- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1.2.0
with:
cache-key: custom-seed-coverage-${{ github.ref_name }}
cache-restore-keys: |-
contract-suite
version: nightly-31dd1f77fd9156d09836486d97963cec7f555343
- name: Install deps
run: make deps
# for "testnet-dev" we use default owner address, as it's not important
- name: Set environment-specific variables
run: |
if [ "${{ github.event.inputs.environment }}" == "testnet-dev" ]; then
echo "PRIVATE_KEY=${{ secrets.CI_TESTNET_DEPLOYER_PRIVATE_KEY }}" >> $GITHUB_ENV
elif [ "${{ github.event.inputs.environment }}" == "testnet-stage" ]; then
echo "OWNER_ADDRESS=${{ vars.CI_TESTNET_STAGE_OWNER_ADDRESS }}" >> $GITHUB_ENV
echo "PRIVATE_KEY=${{ secrets.CI_TESTNET_DEPLOYER_PRIVATE_KEY }}" >> $GITHUB_ENV
elif [ "${{ github.event.inputs.environment }}" == "mainnet-prod" ]; then
echo "OWNER_ADDRESS=${{ vars.MAINNET_PROD_OWNER_ADDRESS }}" >> $GITHUB_ENV
echo "PRIVATE_KEY=${{ secrets.CI_MAINNET_DEPLOYER_PRIVATE_KEY }}" >> $GITHUB_ENV
else
echo "Invalid environment selected!" >&2
exit 1
fi
- name: Compile eth contracts
run: make compile-contracts
- name: Deploy contracts
run: |
NETWORK=https://rpc.alephzero-testnet.gelato.digital \
make deploy-contracts
- name: Verify Shielder contract
run: ./scripts/verify-shielder-testnet.sh
- name: Upload Shielder abi to artifacts
uses: actions/upload-artifact@v4
with:
name: shielder_abi
path: artifacts/Shielder.sol/Shielder.json
include-hidden-files: true
retention-days: 14
- name: Upload Shielder contract address to artifacts
uses: actions/upload-artifact@v4
with:
name: shielder_address
path: shielder_address.txt
include-hidden-files: true
retention-days: 14
- name: Create a JSON with address
run: |
echo -n $(cat shielder_address.txt | xargs) | jq -Rs '{ shielder: . }' \
> evm_addresses.json
- name: Prepare contract_spec JSON
uses: Cardinal-Cryptography/github-actions/generate-contract-spec@v6
with:
src-files: |-
evm_addresses.json|evm_
dst-file: contract_spec.json
spec-version: "0.1"
contract-version: "${{ github.sha }}"
- name: Add block numbers to contract_spec JSON
shell: bash
run: |
cat contract_spec.json | \
jq ".start_blocks = { evm: \"$(cat shielder_block_number.txt)\" }" \
> contract_spec_with_block_numbers.json
cat contract_spec_with_block_numbers.json
- name: Determine address to store
run: |
if [ "${{ github.event.inputs.environment }}" == "testnet-dev" ]; then
echo "ADDRESSES_S3_PATH=testnet/dev.json" >> $GITHUB_ENV
elif [ "${{ github.event.inputs.environment }}" == "testnet-stage" ]; then
echo "ADDRESSES_S3_PATH=testnet/stage.json" >> $GITHUB_ENV
elif [ "${{ github.event.inputs.environment }}" == "mainnet-prod" ]; then
echo "ADDRESSES_S3_PATH=mainnet/prod.json" >> $GITHUB_ENV
else
echo "Invalid environment selected!" >&2
exit 1
fi
# yamllint disable rule:line-length
- name: Store addresses in S3 bucket
shell: bash
env:
AWS_ACCESS_KEY_ID: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_DEV_RW_AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_DEV_RW_AWS_SECRET_ACCESS_KEY }}
AWS_REGION: ${{ secrets.CONTRACTS_S3BUCKET_REGION }}
run: |
aws s3 cp contract_spec_with_block_numbers.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/${{ env.ADDRESSES_S3_PATH }}
aws s3 cp broadcast/Shielder.s.sol/**/run-latest.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/${{ env.ADDRESSES_S3_PATH }}
- name: Store artifact in S3 bucket
shell: bash
env:
AWS_ACCESS_KEY_ID: ${{ secrets.CONTRACTS_ZKOS_ARTIFACTS_RW_AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.CONTRACTS_ZKOS_ARTIFACTS_RW_AWS_SECRET_ACCESS_KEY }}
AWS_REGION: ${{ secrets.CONTRACTS_S3BUCKET_REGION }}
run: |
aws s3 cp artifacts/Shielder.sol/Shielder.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/artifacts/${{ github.sha }}/eth_shielder/