Skip to content

Manually Deploy contracts #24

Manually Deploy contracts

Manually Deploy contracts #24

---
name: "Manually Deploy contracts"
on:
workflow_dispatch:
inputs:
environment:
description: "Environment to deploy to"
required: true
default: "dev"
type: choice
options:
- "dev"
- "stage"
- "prod"
jobs:
deploy-contracts:
name: Deploy contracts on ${{ github.event.inputs.environment }}
runs-on: [self-hosted, Linux, X64, medium]
steps:
- name: GIT | Checkout
uses: actions/checkout@v4
- name: Install Node.js
uses: actions/setup-node@v4
with:
node-version: 18
- name: Prepare Rust env
uses: ./.github/actions/prepare-rust-env
with:
poseidon-gadget-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
zkos-circuits-private-key: ${{ secrets.ZKOS_CIRCUITS_SSH_PRIVATE_KEY }}
- name: Install Foundry
uses: foundry-rs/foundry-toolchain@v1.2.0
with:
cache-key: custom-seed-coverage-${{ github.ref_name }}
cache-restore-keys: |-
contract-suite
version: nightly-31dd1f77fd9156d09836486d97963cec7f555343
- name: Install deps
run: make deps
# for "dev" we use default owner address, as it's not important
- name: Set environment-specific variables
run: |
if [ "${{ github.event.inputs.environment }}" == "dev" ]; then
echo "PRIVATE_KEY=${{ secrets.CI_TESTNET_DEPLOYER_PRIVATE_KEY }}" >> $GITHUB_ENV
echo "NETWORK=https://rpc.alephzero-testnet.gelato.digital" >> $GITHUB_ENV
echo "EXPLORER_URL=https://evm-explorer-testnet.alephzero.org/api" >> $GITHUB_ENV
elif [ "${{ github.event.inputs.environment }}" == "stage" ]; then
echo "OWNER_ADDRESS=${{ vars.CI_TESTNET_STAGE_OWNER_ADDRESS }}" >> $GITHUB_ENV
echo "PRIVATE_KEY=${{ secrets.CI_TESTNET_DEPLOYER_PRIVATE_KEY }}" >> $GITHUB_ENV
echo "NETWORK=https://rpc.alephzero-testnet.gelato.digital" >> $GITHUB_ENV
echo "EXPLORER_URL=https://evm-explorer-testnet.alephzero.org/api" >> $GITHUB_ENV
elif [ "${{ github.event.inputs.environment }}" == "prod" ]; then
echo "OWNER_ADDRESS=${{ vars.MAINNET_PROD_OWNER_ADDRESS }}" >> $GITHUB_ENV
echo "PRIVATE_KEY=${{ secrets.CI_MAINNET_DEPLOYER_PRIVATE_KEY }}" >> $GITHUB_ENV
echo "NETWORK=https://rpc.alephzero.raas.gelato.cloud" >> $GITHUB_ENV
echo "EXPLORER_URL=https://evm-explorer.alephzero.org/api" >> $GITHUB_ENV
else
echo "Invalid environment selected!" >&2
exit 1
fi
- name: Compile eth contracts
run: make compile-contracts
- name: Deploy contracts
run: |
make deploy-contracts
- name: Verify Shielder contract
run: ./scripts/verify-shielder.sh
- name: Upload Shielder abi to artifacts
uses: actions/upload-artifact@v4
with:
name: shielder_abi
path: artifacts/Shielder.sol/Shielder.json
include-hidden-files: true
retention-days: 14
- name: Upload Shielder contract address to artifacts
uses: actions/upload-artifact@v4
with:
name: shielder_address
path: shielder_address.txt
include-hidden-files: true
retention-days: 14
- name: Create a JSON with address
run: |
echo -n $(cat shielder_address.txt | xargs) | jq -Rs '{ shielder: . }' \
> evm_addresses.json
- name: Prepare contract_spec JSON
uses: Cardinal-Cryptography/github-actions/generate-contract-spec@v6
with:
src-files: |-
evm_addresses.json|evm_
dst-file: contract_spec.json
spec-version: "0.1"
contract-version: "${{ github.sha }}"
- name: Add block numbers to contract_spec JSON
shell: bash
run: |
cat contract_spec.json | \
jq ".start_blocks = { evm: \"$(cat shielder_block_number.txt)\" }" \
> contract_spec_with_block_numbers.json
cat contract_spec_with_block_numbers.json
# yamllint disable rule:line-length
- name: Store addresses in S3 bucket (dev)
if: ${{ inputs.environment == 'dev' }}
shell: bash
env:
AWS_REGION: ${{ secrets.CONTRACTS_S3BUCKET_REGION }}
AWS_ACCESS_KEY_ID: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_DEV_RW_AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_DEV_RW_AWS_SECRET_ACCESS_KEY }}
run: |
aws s3 cp contract_spec_with_block_numbers.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/testnet/dev.json
aws s3 cp broadcast/Shielder.s.sol/2039/run-latest.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/testnet/dev-broadcast.json
# yamllint disable rule:line-length
- name: Store addresses in S3 bucket (stage)
if: ${{ inputs.environment == 'stage' }}
shell: bash
env:
AWS_REGION: ${{ secrets.CONTRACTS_S3BUCKET_REGION }}
AWS_ACCESS_KEY_ID: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_STAGE_RW_AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_TESTNET_STAGE_RW_AWS_SECRET_ACCESS_KEY }}
run: |
aws s3 cp contract_spec_with_block_numbers.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/testnet/stage.json
aws s3 cp broadcast/Shielder.s.sol/2039/run-latest.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/testnet/stage-broadcast.json
# yamllint disable rule:line-length
- name: Store addresses in S3 bucket (prod)
if: ${{ inputs.environment == 'prod' }}
shell: bash
env:
AWS_REGION: ${{ secrets.CONTRACTS_S3BUCKET_REGION }}
AWS_ACCESS_KEY_ID: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_MAINNET_PROD_RW_AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.CONTRACTS_ZKOS_ADDRESSES_MAINNET_PROD_RW_AWS_SECRET_ACCESS_KEY }}
run: |
aws s3 cp contract_spec_with_block_numbers.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/mainnet/prod.json
aws s3 cp broadcast/Shielder.s.sol/41455/run-latest.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/addresses/mainnet/prod-broadcast.json
- name: Store artifact in S3 bucket
shell: bash
env:
AWS_ACCESS_KEY_ID: ${{ secrets.CONTRACTS_ZKOS_ARTIFACTS_RW_AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.CONTRACTS_ZKOS_ARTIFACTS_RW_AWS_SECRET_ACCESS_KEY }}
AWS_REGION: ${{ secrets.CONTRACTS_S3BUCKET_REGION }}
run: |
aws s3 cp artifacts/Shielder.sol/Shielder.json s3://${{ secrets.CONTRACTS_S3BUCKET_NAME }}/zkos/artifacts/${{ github.sha }}/eth_shielder/