Skip to content

Commit

Permalink
Automated CipherNode deployment (#195)
Browse files Browse the repository at this point in the history
* Add Dockerfiles

* Expose Udp port

* Update Entry point for CN

* Dev compose

* delete old compose

* push image to ecr

* Update ECS Deployment Workflow

* Update ECS Deployment Workflow

* Update ECS Deployment Workflow

* Update node version to 22

* Update Entrypoint

* Use Docker Swarm to manage Ciphernodes

* Mount Secrets

* Switch to ghcr.io

* Update image tag

* Deploy to EC2

* Testing EC2 Deployment

* Optional mdns

* Update Configs

* Update config

* Update Deployment workflow

* Bypass overlay and use host network

* Env substitution (#203)

* Env substitution works

* Move to dev-dependencies

* Formatting

* Ensure that there are no quotes or anything around substitution

* use non normal env vars to avoid future issues

* merge main and update workflow deployment

* Update Dockerfile and add deployments artifacts

---------

Co-authored-by: гλ <contact@rudiyardley.com>
  • Loading branch information
hmzakhalid and ryardley authored Dec 10, 2024
1 parent 3a89686 commit 44aac5b
Show file tree
Hide file tree
Showing 24 changed files with 549 additions and 94 deletions.
86 changes: 86 additions & 0 deletions .github/workflows/ec2-deployment.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,86 @@
name: Build and Deploy Ciphernode

on:
push:
branches:
- release
- main
paths:
- 'packages/ciphernode/**'
- 'packages/evm/contracts/**'
pull_request:
branches:
- release
- main
paths:
- 'packages/ciphernode/**'
- 'packages/evm/contracts/**'

env:
DOCKERFILE_PATH: packages/ciphernode/Dockerfile
IMAGE_NAME: ghcr.io/gnosisguild/ciphernode

permissions:
contents: read
packages: write

jobs:
build:
name: Build Image
runs-on: ubuntu-latest
outputs:
image_tag: ${{ steps.version.outputs.version }}
steps:
- uses: actions/checkout@v3

- name: Generate version tag
id: version
run: echo "version=$(date +'%Y%m%d')-${GITHUB_SHA::8}" >> $GITHUB_OUTPUT

- name: Log in to GitHub Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Build image
env:
IMAGE_TAG: ${{ steps.version.outputs.version }}
run: |
docker build -t $IMAGE_NAME:${{ steps.version.outputs.version }} -f $DOCKERFILE_PATH .
docker push $IMAGE_NAME:$IMAGE_TAG
- name: Push to GHCR
if: github.ref == 'refs/heads/release'
env:
IMAGE_TAG: ${{ steps.version.outputs.version }}
run: |
docker tag $IMAGE_NAME:$IMAGE_TAG $IMAGE_NAME:latest
docker push $IMAGE_NAME:latest
deploy:
name: Deploy to Production
needs: build
runs-on: ubuntu-latest
environment:
name: production
if: github.ref == 'refs/heads/release'

steps:
- name: Deploy to EC2
uses: appleboy/ssh-action@v1.2.0
with:
host: ${{ secrets.EC2_HOST }}
username: ${{ secrets.EC2_USERNAME }}
key: ${{ secrets.EC2_KEY }}
script: |
IMAGE_TAG="${{ needs.build.outputs.image_tag }}"
echo "Deploying version: $IMAGE_TAG"
docker pull $IMAGE_NAME:$IMAGE_TAG
cd /home/ec2-user/enclave
git pull
docker stack deploy -c docker-compose.yml ciphernode-stack
16 changes: 16 additions & 0 deletions docker-compose.dev.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
services:
cn1:
networks:
- cn-network
cn2:
networks:
- cn-network
cn3:
networks:
- cn-network
aggregator:
networks:
- cn-network

networks:
cn-network:
102 changes: 102 additions & 0 deletions docker-compose.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,102 @@
services:
cn1:
image: ghcr.io/gnosisguild/ciphernode:latest
volumes:
- ./configs/cn1.yaml:/home/ciphernode/.config/enclave/config.yaml:ro
- cn1-data:/home/ciphernode/.local/share/enclave
secrets:
- secrets.json
environment:
RUST_LOG: "info"
AGGREGATOR: "false"
ports:
- target: 9091
published: 9091
protocol: udp
mode: host
deploy:
replicas: 1
networks:
- global-network


cn2:
image: ghcr.io/gnosisguild/ciphernode:latest
depends_on:
- cn1
volumes:
- ./configs/cn2.yaml:/home/ciphernode/.config/enclave/config.yaml:ro
- cn2-data:/home/ciphernode/.local/share/enclave
secrets:
- secrets.json
environment:
RUST_LOG: "info"
AGGREGATOR: "false"
ports:
- target: 9092
published: 9092
protocol: udp
mode: host
deploy:
replicas: 1
networks:
- global-network

cn3:
image: ghcr.io/gnosisguild/ciphernode:latest
depends_on:
- cn1
volumes:
- ./configs/cn3.yaml:/home/ciphernode/.config/enclave/config.yaml:ro
- cn3-data:/home/ciphernode/.local/share/enclave
secrets:
- secrets.json
environment:
RUST_LOG: "info"
AGGREGATOR: "false"
ports:
- target: 9093
published: 9093
protocol: udp
mode: host
deploy:
replicas: 1
networks:
- global-network


aggregator:
image: ghcr.io/gnosisguild/ciphernode:latest
depends_on:
- cn1
volumes:
- ./configs/agg.yaml:/home/ciphernode/.config/enclave/config.yaml:ro
- agg-data:/home/ciphernode/.local/share/enclave
secrets:
- secrets.json
environment:
RUST_LOG: "info"
AGGREGATOR: "true"
ports:
- target: 9094
published: 9094
protocol: udp
mode: host
deploy:
replicas: 1
networks:
- global-network

secrets:
secrets.json:
file: ./configs/secrets.json

volumes:
cn1-data:
cn2-data:
cn3-data:
agg-data:

networks:
global-network:
driver: overlay
55 changes: 33 additions & 22 deletions packages/ciphernode/Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 2 additions & 0 deletions packages/ciphernode/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@ clap = { version = "4.5.17", features = ["derive"] }
cipher = { path = "./cipher" }
dirs = "5.0.1"
data = { path = "./data" }
shellexpand = "3.1.0"
figment = { version = "0.10.19", features = ["yaml", "test"] }
fhe_rs = { package = "fhe", git = "https://github.com/gnosisguild/fhe.rs", version = "0.1.0-beta.7" }
fhe-traits = { git = "https://github.com/gnosisguild/fhe.rs", version = "0.1.0-beta.7" }
Expand All @@ -54,6 +55,7 @@ serde = { version = "1.0.208", features = ["derive"] }
serde_json = { version = "1.0.133" }
sled = "0.34.7"
sha2 = "0.10.8"
tempfile = "3.14.0"
tokio = { version = "1.38", features = ["full"] }
tracing = "0.1.37"
tracing-subscriber = { version = "0.3", features = ["env-filter"] }
Expand Down
Loading

0 comments on commit 44aac5b

Please sign in to comment.