feat: integrate op-succinct #2951

Workflow file for this run

	---
	# Basic deployment workflow.
	# Note that more advanced use cases are tested in the nightly workflow.
	name: Deploy

	on:
	pull_request:
	push:
	branches: [main]

	concurrency:
	group: deploy-${{ github.event.pull_request.number \|\| github.ref }}
	cancel-in-progress: true

	env:
	POLYCLI_VERSION: v0.1.72 # https://github.com/0xPolygon/polygon-cli/releases/
	ENCLAVE_NAME: cdk

	jobs:
	run-without-args:
	runs-on: ubuntu-latest
	timeout-minutes: 20
	steps:
	- uses: actions/checkout@v4

	- name: Login to Docker Hub
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_TOKEN }}
	# This step will only execute if the necessary secrets are available, preventing failures
	# on pull requests from forked repositories.
	if: ${{ env.DOCKERHUB_USERNAME && env.DOCKERHUB_TOKEN }}
	env:
	DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
	DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}

	- name: Install Kurtosis CDK tools
	uses: ./.github/actions/setup-kurtosis-cdk

	- name: Run Starlark
	run: kurtosis run --enclave=${{ env.ENCLAVE_NAME }} --show-enclave-inspect=false .

	- name: Inspect enclave
	run: kurtosis enclave inspect ${{ env.ENCLAVE_NAME }}

	- name: Monitor CDK chain verified batches (CDK Erigon Permissionless RPC)
	working-directory: .github/scripts
	run: \|
	./monitor-cdk-chain.sh \
	--enclave ${{ env.ENCLAVE_NAME }} \
	--rpc-url $(kurtosis port print ${{ env.ENCLAVE_NAME }} cdk-erigon-rpc-001 rpc)

	- name: Dump enclave
	run: kurtosis enclave dump ${{ env.ENCLAVE_NAME }} ./dump

	- name: Upload enclave dump
	uses: actions/upload-artifact@v4
	with:
	name: dump_run_without_args_${{ github.run_id }}
	path: ./dump

	list-ymls:
	runs-on: ubuntu-latest
	timeout-minutes: 2
	outputs:
	matrix: ${{ steps.set-matrix.outputs.matrix }}
	steps:
	- uses: actions/checkout@v4

	- name: Generate test combinations
	working-directory: .github/tests
	run: ./combine-ymls.sh

	- id: set-matrix
	run: \|
	# Only run a subset of the tests in CI.
	files=$(ls -R ./.github/tests/combinations/*.yml)
	matrix=$(echo "$files" \| jq -R -s -c 'split("\n")[:-1]')
	echo "matrix=$matrix" >> $GITHUB_OUTPUT

	run-with-args:
	needs: list-ymls
	runs-on: ubuntu-latest
	timeout-minutes: 20
	strategy:
	fail-fast: false
	matrix:
	file_name: ${{ fromJson(needs.list-ymls.outputs.matrix) }}
	steps:
	- uses: actions/checkout@v4

	- name: Login to Docker Hub
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_TOKEN }}
	# This step will only execute if the necessary secrets are available, preventing failures
	# on pull requests from forked repositories.
	if: ${{ env.DOCKERHUB_USERNAME && env.DOCKERHUB_TOKEN }}
	env:
	DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
	DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}

	- name: Install Kurtosis CDK tools
	uses: ./.github/actions/setup-kurtosis-cdk

	- name: Run Starlark
	run: kurtosis run --enclave=${{ env.ENCLAVE_NAME }} --args-file=${{ matrix.file_name }} --show-enclave-inspect=false .

	- name: Inspect enclave
	run: kurtosis enclave inspect ${{ env.ENCLAVE_NAME }}

	- name: Monitor CDK chain verified batches (Central RPC)
	run: \|
	result=$(yq --raw-output '.args.consensus_contract_type' ${{ matrix.file_name }})
	if [[ "$result" == "pessimistic" ]]; then
	echo "Skipping block verification as consensus is pessimistic."
	else
	sequencer_type=$(yq --raw-output '.args.sequencer_type' ${{ matrix.file_name }})
	rpc_name=""
	if [[ "$sequencer_type" == "erigon" ]]; then
	rpc_name="cdk-erigon-rpc-001"
	elif [[ "$sequencer_type" == "zkevm" ]]; then
	rpc_name="zkevm-node-rpc-001"
	elif [[ "$sequencer_type" == "null" ]]; then
	rpc_name="cdk-erigon-rpc-001"
	else
	echo "Unknown sequencer type: $sequencer_type"
	exit 1
	fi
	echo "RPC name: $rpc_name"
	./.github/scripts/monitor-cdk-chain.sh \
	--enclave ${{ env.ENCLAVE_NAME }} \
	--rpc-url $(kurtosis port print ${{ env.ENCLAVE_NAME }} $rpc_name rpc)
	fi

	- name: Monitor CDK chain verified batches (zkEVM Permissionless RPC)
	run: \|
	result=$(yq --raw-output '.args.consensus_contract_type' ${{ matrix.file_name }})
	if [[ "$result" == "pessimistic" ]]; then
	echo "Skipping block verification as consensus is pessimistic."
	else
	result=$(yq --raw-output '.args.additional_services // [] \| contains(["pless_zkevm_node"])' ${{ matrix.file_name }})
	if [[ "$result" == "true" ]]; then
	./.github/scripts/monitor-cdk-chain.sh \
	--enclave ${{ env.ENCLAVE_NAME }} \
	--rpc-url $(kurtosis port print ${{ env.ENCLAVE_NAME }} zkevm-node-rpc-pless-001 rpc)
	else
	echo "Skipping batch verification as there is no zkevm permissionless RPC in the environment"
	fi
	fi

	- name: Monitor OP rollup finalized blocks (OP CL RPC)
	run: \|
	result=$(yq --raw-output '.deployment_stages.deploy_optimism_rollup' ${{ matrix.file_name }})
	if [[ "$result" == "true" ]]; then
	./.github/scripts/monitor-op-rollup.sh \
	--enclave ${{ env.ENCLAVE_NAME }} \
	--cl-rpc-url $(kurtosis port print ${{ env.ENCLAVE_NAME }} op-cl-1-op-node-op-geth-op-kurtosis http)
	else
	echo "Skipping block verification as there is no OP rollup in the environment"
	fi

	- name: Dump enclave
	run: kurtosis enclave dump ${{ env.ENCLAVE_NAME }} ./dump

	- name: Generate archive name
	run: \|
	file_name=$(basename "${{ matrix.file_name }}" ".yml")
	archive_name="dump_run_with_args_${file_name}_${{ github.run_id }}"
	echo "ARCHIVE_NAME=${archive_name}" >> "$GITHUB_ENV"
	echo "Generated archive name: ${archive_name}"

	- name: Upload enclave dump
	uses: actions/upload-artifact@v4
	with:
	name: ${{ env.ARCHIVE_NAME }}
	path: ./dump

	additional-services:
	runs-on: ubuntu-latest
	timeout-minutes: 20
	steps:
	- uses: actions/checkout@v4

	- name: Login to Docker Hub
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_TOKEN }}
	# This step will only execute if the necessary secrets are available, preventing failures
	# on pull requests from forked repositories.
	if: ${{ env.DOCKERHUB_USERNAME && env.DOCKERHUB_TOKEN }}
	env:
	DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
	DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}

	- name: Install Kurtosis CDK tools
	uses: ./.github/actions/setup-kurtosis-cdk

	- name: Run Starlark
	run: kurtosis run --enclave=${{ env.ENCLAVE_NAME }} --args-file=./.github/tests/additional-services.yml --show-enclave-inspect=false .

	- name: Inspect enclave
	run: kurtosis enclave inspect ${{ env.ENCLAVE_NAME }}

	- name: Monitor CDK chain verified batches (CDK Erigon Permissionless RPC)
	working-directory: .github/scripts
	run: \|
	./monitor-cdk-chain.sh \
	--enclave ${{ env.ENCLAVE_NAME }} \
	--rpc-url $(kurtosis port print ${{ env.ENCLAVE_NAME }} cdk-erigon-rpc-001 rpc)

	- name: Verify Arpeggio RPC
	run: \|
	result=$(yq '.args.additional_services \| contains(["arpeggio"])' ./.github/tests/additional-services.yml)
	if [ "$result" = "true" ]; then
	cast bn --rpc-url $(kurtosis port print ${{ env.ENCLAVE_NAME }} arpeggio-001 rpc)
	else
	echo "Arpeggio is not deployed."
	fi

	- name: Verify Blutgang RPC
	run: \|
	result=$(yq '.args.additional_services \| contains(["blutgang"])' ./.github/tests/additional-services.yml)
	if [ "$result" = "true" ]; then
	cast bn --rpc-url $(kurtosis port print ${{ env.ENCLAVE_NAME }} blutgang-001 http)
	else
	echo "Blutgang is not deployed."
	fi

	- name: Verify erpc RPC
	run: \|
	result=$(yq '.args.additional_services \| contains(["erpc"])' ./.github/tests/additional-services.yml)
	if [ "$result" = "true" ]; then
	cast bn --rpc-url "$(kurtosis port print ${{ env.ENCLAVE_NAME }} erpc-001 rpc)/main/evm/10101"
	else
	echo "ERPC is not deployed."
	fi

	- name: Verify permissionless zkevm-node rpc
	run: \|
	result=$(yq '.args.additional_services \| contains(["pless_zkevm_node"])' ./.github/tests/additional-services.yml)
	if [ "$result" = "true" ]; then
	cast bn --rpc-url $(kurtosis port print ${{ env.ENCLAVE_NAME }} zkevm-node-rpc-pless-001 rpc)
	else
	echo "Permissionless zkevm-node is not deployed."
	fi

	- name: Verify that Prometheus collects Panoptichain metrics
	run: \|
	result=$(yq '.args.additional_services \| contains(["prometheus_grafana"])' ./.github/tests/additional-services.yml)
	if [ "$result" = "true" ]; then
	echo "Wait for one minute while Prometheus gathers metrics..."
	sleep 60

	echo "Retrieve Panoptichain metrics from Prometheus..."
	panoptichain_metric="panoptichain_system_uptime"
	prometheus_url=$(kurtosis port print ${{ env.ENCLAVE_NAME }} prometheus-001 http)
	prometheus_query=$(curl "$prometheus_url/api/v1/query?query=$panoptichain_metric")
	echo $prometheus_query \| jq
	if [ "$(jq -r '.data.result[0].metric.__name__' <<<$prometheus_query)" == "$panoptichain_metric" ]; then
	echo "✅ Prometheus collects panoptichain metrics!"
	else
	echo "❌ Prometheus does not collect panoptichain metrics..."
	exit 1
	fi
	else
	echo "Prometheus is not deployed."
	fi

	- name: Dump enclave
	run: kurtosis enclave dump ${{ env.ENCLAVE_NAME }} ./dump

	- name: Upload enclave dump
	uses: actions/upload-artifact@v4
	with:
	name: dump_additional_services_${{ github.run_id }}
	path: ./dump

	deploy-to-external-l1:
	runs-on: ubuntu-latest
	timeout-minutes: 30
	steps:
	- uses: actions/checkout@v4

	- name: Login to Docker Hub
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_TOKEN }}
	# This step will only execute if the necessary secrets are available, preventing failures
	# on pull requests from forked repositories.
	if: ${{ env.DOCKERHUB_USERNAME && env.DOCKERHUB_TOKEN }}
	env:
	DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
	DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}

	- name: Install Kurtosis CDK tools
	uses: ./.github/actions/setup-kurtosis-cdk

	- name: Deploy L1 chain
	run: kurtosis run --enclave=${{ env.ENCLAVE_NAME }} --args-file=./.github/tests/external-l1/deploy-local-l1.yml .

	- name: Deploy to local L1 chain
	run: kurtosis run --enclave=${{ env.ENCLAVE_NAME }} --args-file=./.github/tests/external-l1/deploy-cdk-to-local-l1.yml .

	- name: Inspect enclave
	run: kurtosis enclave inspect ${{ env.ENCLAVE_NAME }}

	- name: Monitor CDK chain verified batches (CDK Erigon Permissionless RPC)
	working-directory: .github/scripts
	run: \|
	./monitor-cdk-chain.sh \
	--enclave ${{ env.ENCLAVE_NAME }} \
	--rpc-url "$(kurtosis port print ${{ env.ENCLAVE_NAME }} cdk-erigon-rpc-001 rpc)"

	- name: Dump enclave
	run: kurtosis enclave dump ${{ env.ENCLAVE_NAME }} ./dump

	- name: Upload enclave dump
	uses: actions/upload-artifact@v4
	with:
	name: dump_deploy_to_external_l1_${{ github.run_id }}
	path: ./dump

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: integrate op-succinct #2951

Workflow file

feat: integrate op-succinct #2951

Jobs

Run details

Workflow file for this run