Merge pull request #7 from renegade-fi/joey/extension-deployments

bin, funds-manager: Add deployment and upgrade scripts
renegade-fi · Jul 21, 2024 · 6ef7200 · 6ef7200
2 parents ec4216b + b9a758b
commit 6ef7200
Show file tree

Hide file tree

Showing 6 changed files with 174 additions and 57 deletions.
diff --git a/bin/build_and_push.sh b/bin/build_and_push.sh
@@ -0,0 +1,40 @@
+#!/bin/sh
+REGION=${REGION:-us-east-2}
+ENVIRONMENT=testnet
+ECR_REGISTRY=377928551571.dkr.ecr.$REGION.amazonaws.com
+
+# Parse command line arguments
+while [[ "$#" -gt 0 ]]; do
+    case $1 in
+        --dockerfile) DOCKERFILE="$2"; shift ;;
+        --ecr-repo) ECR_REPO="$2"; shift ;;
+        --environment) ENVIRONMENT="$2"; shift ;;
+        --region) REGION="$2"; shift ;;
+        *) echo "Unknown parameter: $1"; exit 1 ;;
+    esac
+    shift
+done
+
+# Check if required arguments are provided
+if [ -z "$DOCKERFILE" ] || [ -z "$ECR_REPO" ]; then
+    echo "Usage: $0 --dockerfile <path_to_dockerfile> --ecr-repo <ecr_repository> [--environment <environment>] [--region <aws_region>]"
+    exit 1
+fi
+
+ECR_URL="$ECR_REGISTRY/$ECR_REPO"
+IMAGE_NAME=$ECR_REPO
+
+# Get the current commit hash
+COMMIT_HASH=$(git rev-parse --short HEAD)
+
+# Build the Docker image
+docker build -t $IMAGE_NAME:latest -f "$DOCKERFILE" .
+
+# Login to ECR
+aws ecr get-login-password --region $REGION | docker login --username AWS --password-stdin $ECR_REGISTRY
+
+# Tag and push the image with latest and commit hash
+docker tag $IMAGE_NAME:latest $ECR_URL:latest
+docker tag $IMAGE_NAME:latest $ECR_URL:$COMMIT_HASH
+docker push $ECR_URL:latest
+docker push $ECR_URL:$COMMIT_HASH
diff --git a/bin/deploy.sh b/bin/deploy.sh
@@ -0,0 +1,56 @@
+#!/bin/sh
+set -e
+
+DEFAULT_REGION=us-east-2
+DEFAULT_IMAGE_TAG=$(git rev-parse --short HEAD)
+
+# Parse command line arguments
+while [[ "$#" -gt 0 ]]; do
+    case $1 in
+        --environment) ENVIRONMENT="$2"; shift ;;
+        --resource) RESOURCE="$2"; shift ;;
+        --region) REGION="$2"; shift ;;
+        --image-tag) IMAGE_TAG="$2"; shift ;;
+        *) echo "Unknown parameter: $1"; exit 1 ;;
+    esac
+    shift
+done
+
+# Set defaults if not provided
+REGION=${REGION:-$DEFAULT_REGION}
+IMAGE_TAG=${IMAGE_TAG:-$DEFAULT_IMAGE_TAG}
+
+# Check if required arguments are provided
+if [ -z "$ENVIRONMENT" ] || [ -z "$RESOURCE" ]; then
+    echo "Usage: $0 --environment <env> --resource <resource> [--region <region>] [--image-tag <tag>]"
+    exit 1
+fi
+
+ECR_REGISTRY=377928551571.dkr.ecr.$REGION.amazonaws.com
+
+# Derive values from environment and resource
+CLUSTER_NAME="$ENVIRONMENT-$RESOURCE-cluster"
+SERVICE_NAME="$ENVIRONMENT-$RESOURCE-service"
+TASK_DEF_NAME="$ENVIRONMENT-$RESOURCE-task-def"
+ECR_REPO="$RESOURCE-$ENVIRONMENT"
+
+# Construct full image URI
+ECR_URL="$ECR_REGISTRY/$ECR_REPO"
+FULL_IMAGE_URI="$ECR_URL:$IMAGE_TAG"
+echo "Using image URI: $FULL_IMAGE_URI"
+
+# Fetch the existing definition of the task and create a new revision with the updated URI
+TASK_DEFINITION=$(aws ecs describe-task-definition --task-definition $TASK_DEF_NAME --region $REGION --query 'taskDefinition')
+NEW_TASK_DEF=$(echo $TASK_DEFINITION | \
+  jq --arg IMAGE_URI "$FULL_IMAGE_URI" '.containerDefinitions[0].image = $IMAGE_URI' | \
+  jq 'del(.taskDefinitionArn, .revision, .status, .requiresAttributes, .compatibilities, .registeredAt, .registeredBy)' | \
+  jq -c)
+
+# Register the new task definition
+NEW_TASK_INFO=$(aws ecs register-task-definition --cli-input-json "$NEW_TASK_DEF" --region $REGION)
+NEW_REVISION=$(echo $NEW_TASK_INFO | jq -r '.taskDefinition.revision')
+echo "Created new task revision: $NEW_REVISION"
+
+# Update the ECS cluster to the new revision
+aws ecs update-service --cluster $CLUSTER_NAME --service $SERVICE_NAME --task-definition $TASK_DEF_NAME:$NEW_REVISION --region $REGION >/dev/null 2>&1
+echo "ECS cluster updated to new revision"
diff --git a/dealer/bin/build_and_push.sh b/dealer/bin/build_and_push.sh
diff --git a/dealer/bin/deploy.sh b/dealer/bin/deploy.sh
diff --git a/funds-manager/Dockerfile b/funds-manager/Dockerfile
@@ -0,0 +1,54 @@
+# === Chef === #
+FROM --platform=arm64 rust:latest AS chef
+
+# Create a build dir and add local dependencies
+WORKDIR /build
+
+COPY ./rust-toolchain ./rust-toolchain
+RUN cat rust-toolchain | xargs rustup toolchain install
+
+# Install cargo-chef
+RUN cargo install cargo-chef
+
+# === Sources === #
+FROM chef AS sources
+WORKDIR /build
+COPY ./Cargo.toml ./Cargo.lock ./
+COPY ./funds-manager ./funds-manager
+
+# === Builder === #
+# Pull the sources into their own layer
+FROM chef AS builder
+COPY --from=sources /build /build
+WORKDIR /build
+
+# Install protoc, openssl, and pkg-config
+RUN apt-get update && \
+    apt-get install -y pkg-config libssl-dev libclang-dev libpq-dev
+
+# Update Cargo.toml to include only "funds-manager" in workspace members
+RUN sed -i '/members[[:space:]]*=[[:space:]]*\[/,/\]/c\members = ["funds-manager"]' Cargo.toml
+RUN cargo chef prepare --recipe-path recipe.json --bin funds-manager
+
+# Build only the dependencies to cache them in this layer
+RUN cargo chef cook --release --recipe-path recipe.json
+
+# Disable compiler warnings and enable backtraces for panic debugging
+ENV RUSTFLAGS=-Awarnings
+ENV RUST_BACKTRACE=1
+
+COPY --from=sources /build/funds-manager /build/funds-manager
+WORKDIR /build
+
+RUN cargo build --release -p funds-manager
+
+# === Release stage === #
+FROM --platform=arm64 debian:bookworm-slim
+RUN apt-get update && \
+    apt-get install -y libssl-dev ca-certificates libpq-dev
+
+# Copy the binary from the build stage
+COPY --from=builder /build/target/release/funds-manager /bin/funds-manager
+
+ENTRYPOINT ["/bin/funds-manager"]
+CMD ["--datadog-logging"]
diff --git a/funds-manager/src/main.rs b/funds-manager/src/main.rs
@@ -17,10 +17,7 @@ use ethers::signers::LocalWallet;
 use indexer::Indexer;
 use relayer_client::RelayerClient;
 use renegade_circuit_types::elgamal::DecryptionKey;
-use renegade_util::{
-    err_str, raw_err_str,
-    telemetry::{setup_system_logger, LevelFilter},
-};
+use renegade_util::{err_str, raw_err_str, telemetry::configure_telemetry};
 
 use std::{error::Error, str::FromStr, sync::Arc};
 
@@ -42,6 +39,12 @@ use crate::error::ApiError;
 const BLOCK_POLLING_INTERVAL_MS: u64 = 100;
 /// The default region in which to provision secrets manager secrets
 const DEFAULT_REGION: &str = "us-east-2";
+/// The dummy private key used to instantiate the arbitrum client
+///
+/// We don't need any client functionality using a real private key, so instead
+/// we use the key deployed by Arbitrum on local devnets
+const DUMMY_PRIVATE_KEY: &str =
+    "0xb6b15c8cb491557369f3c7d2c287b053eb229daa9c22138887752191c9520659";
 
 // -------
 // | Cli |
@@ -51,16 +54,16 @@ const DEFAULT_REGION: &str = "us-east-2";
 #[derive(Clone, Debug, Parser)]
 struct Cli {
     /// The URL of the relayer to use
-    #[clap(long)]
+    #[clap(long, env = "RELAYER_URL")]
     relayer_url: String,
     /// The Arbitrum RPC url to use
     #[clap(short, long, env = "RPC_URL")]
     rpc_url: String,
     /// The address of the darkpool contract
-    #[clap(short = 'a', long)]
+    #[clap(short = 'a', long, env = "DARKPOOL_ADDRESS")]
     darkpool_address: String,
     /// The chain to redeem fees for
-    #[clap(long, default_value = "mainnet")]
+    #[clap(long, default_value = "mainnet", env = "CHAIN")]
     chain: Chain,
     /// The fee decryption key to use
     #[clap(long, env = "RELAYER_DECRYPTION_KEY")]
@@ -71,19 +74,19 @@ struct Cli {
     /// is omitted
     #[clap(long, env = "PROTOCOL_DECRYPTION_KEY")]
     protocol_decryption_key: Option<String>,
-    /// The arbitrum private key used to submit transactions
-    #[clap(long = "pkey", env = "ARBITRUM_PRIVATE_KEY")]
-    arbitrum_private_key: String,
     /// The database url
     #[clap(long, env = "DATABASE_URL")]
     db_url: String,
     /// The token address of the USDC token, used to get prices for fee
     /// redemption
-    #[clap(long)]
+    #[clap(long, env = "USDC_MINT")]
     usdc_mint: String,
     /// The port to run the server on
     #[clap(long, default_value = "3000")]
     port: u16,
+    /// Whether to enable datadog formatted logs
+    #[clap(long, default_value = "false")]
+    datadog_logging: bool,
 }
 
 /// The server
@@ -126,8 +129,16 @@ impl Server {
 
 #[tokio::main]
 async fn main() -> Result<(), Box<dyn Error>> {
-    setup_system_logger(LevelFilter::INFO);
     let cli = Cli::parse();
+    configure_telemetry(
+        cli.datadog_logging, // datadog_enabled
+        false,               // otlp_enabled
+        false,               // metrics_enabled
+        "".to_string(),      // collector_endpoint
+        "",                  // statsd_host
+        0,                   // statsd_port
+    )
+    .expect("failed to setup telemetry");
 
     // Parse an AWS config
     let config = aws_config::defaults(BehaviorVersion::latest())
@@ -136,7 +147,7 @@ async fn main() -> Result<(), Box<dyn Error>> {
         .await;
 
     // Build an Arbitrum client
-    let wallet = LocalWallet::from_str(&cli.arbitrum_private_key)?;
+    let wallet = LocalWallet::from_str(DUMMY_PRIVATE_KEY)?;
     let conf = ArbitrumClientConfig {
         darkpool_addr: cli.darkpool_address,
         chain: cli.chain,