Merge pull request #1504 from ntampakas/ecs_coordinator

feat: GH Actions workflow to support coordinator auto-deployment to Fargate
privacy-scaling-explorations · May 23, 2024 · 321a0c9 · 321a0c9
2 parents 9cb775f + f418062
commit 321a0c9
Show file tree

Hide file tree

Showing 4 changed files with 99 additions and 0 deletions.
diff --git a/.github/scripts/build.sh b/.github/scripts/build.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+set -ex
+
+cp coordinator/.env.example coordinator/.env
+
+sed -i "s|^\(COORDINATOR_RPC_URL=\).*|\1$1|" coordinator/.env
+sed -i "s|^\(COORDINATOR_ADDRESS=\).*|\1$2|" coordinator/.env
+sed -i "s|^\(COORDINATOR_ALLOWED_ORIGIN=\).*|\1$3|" coordinator/.env
+
+aws ecr get-login-password --region eu-central-1 | docker login --username AWS --password-stdin 490752553772.dkr.ecr.eu-central-1.amazonaws.com
+
+docker build -t maci-coordinator -f coordinator/apps/Dockerfile .
+docker tag maci-coordinator:latest 490752553772.dkr.ecr.eu-central-1.amazonaws.com/maci-coordinator:latest
+docker push 490752553772.dkr.ecr.eu-central-1.amazonaws.com/maci-coordinator:latest
+
+exit 0
diff --git a/.github/scripts/deploy.sh b/.github/scripts/deploy.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+set -ex
+
+tasks="maci-coordinator"
+for task in $tasks; do
+  maci_coordinator_revision=$(aws ecs describe-task-definition --task-definition $task --query "taskDefinition.revision")
+  aws ecs update-service --cluster maci-coordinator --service $task --force-new-deployment --task-definition $task:$maci_coordinator_revision
+done
+
+for loop in {1..3}; do
+  [ "$loop" -eq 3 ] && exit 1
+  aws ecs wait services-stable --cluster maci-coordinator --services $tasks && break || continue
+done
diff --git a/.github/workflows/coordinator-deploy.yml b/.github/workflows/coordinator-deploy.yml
@@ -0,0 +1,37 @@
+name: CoordinatorDeploy
+on:
+  push:
+    branches:
+      - dev
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  deploy:
+    runs-on: ubuntu-22.04
+    permissions:
+      id-token: write
+      contents: read
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          persist-credentials: false
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: arn:aws:iam::490752553772:role/maci-coordinator-ecs-deploy-slc
+          role-duration-seconds: 2700
+          aws-region: eu-central-1
+
+      - name: Build and Push images to ECR
+        run: |
+          .github/scripts/build.sh ${{ secrets.COORDINATOR_RPC_URL }} ${{ secrets.COORDINATOR_ADDRESS }} ${{ secrets.COORDINATOR_ALLOWED_ORIGIN }}
+
+      - name: Create Deployment
+        run: |
+          .github/scripts/deploy.sh
diff --git a/coordinator/apps/Dockerfile b/coordinator/apps/Dockerfile
@@ -0,0 +1,33 @@
+# Copy source code and build the project
+FROM node:20-alpine as builder
+
+WORKDIR /builder
+
+COPY . .
+
+RUN npm i -g pnpm@8
+RUN pnpm install --frozen-lockfile --prefer-offline
+RUN pnpm run build
+
+# Create image by copying build artifacts
+FROM node:20-alpine as runner
+RUN npm i -g pnpm@8
+
+RUN mkdir -p ~/rapidsnark/build; \
+    wget -qO ~/rapidsnark/build/prover https://maci-devops-zkeys.s3.ap-northeast-2.amazonaws.com/rapidsnark-linux-amd64-1c137; \
+    chmod +x ~/rapidsnark/build/prover
+RUN wget -qO ~/circom https://github.com/iden3/circom/releases/download/v2.1.6/circom-linux-amd64; \
+    chmod +x ~/circom; \
+    mv ~/circom /bin
+
+USER node
+ARG PORT=3000
+
+WORKDIR ./maci
+COPY --chown=node:node  --from=builder /builder/ ./
+WORKDIR /maci/coordinator
+RUN pnpm run download-zkeys:test
+RUN pnpm run generate-keypair
+
+EXPOSE ${PORT}
+CMD ["node", "build/ts/main.js"]