Adhoc/deploy to railway (#2)

* add gsm and gluex integrations

* update env vars

* Prep for railway deployment

* deploy liquidator contracts

* add hyperevm chain config

* Add cloud formation scripts

* Add github actions

---------

Co-authored-by: alphak3y <alphak3y@protonmail.com>

Author: AndreasKoestler

.dockerignore

@@ -10,7 +10,6 @@
 **/.classpath
 **/.dockerignore
 **/.env
-**/.git
 **/.gitignore
 **/.project
 **/.settings
@@ -31,5 +30,4 @@
 **/secrets.dev.yaml
 **/values.dev.yaml
 LICENSE
-README.md
-**/lib
+README.md

.env.example

@@ -7,8 +7,10 @@ MAINNET_RPC_URL=https://example.rpc.url.com
 BASE_RPC_URL=https://example.base_rpc.url.com
 ARBITRUM_RPC_URL=https://example.arbitrum_rpc.url.com
 
-# Swap API URL
-SWAP_API_URL=https://example.api.url.com
+# GlueX API Configuration
+GLUEX_API_KEY=your_gluex_api_key_here
+GLUEX_API_URL=https://router.gluex.xyz/v1/quote
+GLUEX_UNIQUE_PID=your_unique_partner_id_here
 
 ### OPTIONAL ###
 

.github/actions/cdk-synth/action.yaml

@@ -0,0 +1,60 @@
+name: Deploy CDK Stack
+description: Deploys individual CDK Stacks defined in `cdk/app.py` using Python CDK
+
+inputs:
+  account:
+    description: The AWS account id to deploy to
+    required: false
+    default: "730335381248"
+  region:
+    description: The AWS region to deploy to
+    required: false
+    default: "ap-northeast-1"
+  stacks:
+    description: The stacks to deploy, separated by ' '
+    required: true
+  working-directory:
+    required: false
+    description: An optional working directory where the CDK code is located
+    default: ./
+  deploy-parameters:
+    required: false
+    description: Optional additional parameters for 'cdk-deploy'
+    default: ""
+  python-version:
+    description: The Python version to use
+    required: false
+    default: "3.13"
+
+runs:
+  using: composite
+  steps:
+    - name: Set up Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: ${{ inputs.python-version }}
+
+    - name: Install CDK CLI
+      shell: bash
+      run: npm install -g aws-cdk
+
+    - name: Install Python dependencies
+      shell: bash
+      working-directory: ${{ inputs.working-directory }}/cdk
+      run: |
+        python -m pip install --upgrade pip
+        pip install -r requirements.txt
+
+    - name: Configure AWS credentials
+      uses: aws-actions/configure-aws-credentials@master
+      with:
+        role-to-assume: arn:aws:iam::${{ inputs.account }}:role/github-actions
+        aws-region: ${{ inputs.region }}
+
+    - name: Deploy | cdk
+      shell: bash
+      working-directory: ${{ inputs.working-directory }}
+      env:
+        CDK_DEPLOY_ACCOUNT: ${{ inputs.account }}
+        CDK_DEPLOY_REGION: ${{ inputs.region }}
+      run: cdk synth --exclusively ${{ inputs.stacks }} --require-approval never ${{ inputs.deploy-parameters }}

.github/actions/deploy-cdk-stack/action.yaml

@@ -0,0 +1,60 @@
+name: Deploy CDK Stack
+description: Deploys individual CDK Stacks defined in `cdk/app.py` using Python CDK
+
+inputs:
+  account:
+    description: The AWS account id to deploy to
+    required: false
+    default: "730335381248"
+  region:
+    description: The AWS region to deploy to
+    required: false
+    default: "ap-northeast-1"
+  stacks:
+    description: The stacks to deploy, separated by ' '
+    required: true
+  working-directory:
+    required: false
+    description: An optional working directory where the CDK code is located
+    default: ./
+  deploy-parameters:
+    required: false
+    description: Optional additional parameters for 'cdk-deploy'
+    default: ""
+  python-version:
+    description: The Python version to use
+    required: false
+    default: "3.13"
+
+runs:
+  using: composite
+  steps:
+    - name: Set up Python
+      uses: actions/setup-python@v5
+      with:
+        python-version: ${{ inputs.python-version }}
+
+    - name: Install CDK CLI
+      shell: bash
+      run: npm install -g aws-cdk
+
+    - name: Install Python dependencies
+      shell: bash
+      working-directory: ${{ inputs.working-directory }}/cdk
+      run: |
+        python -m pip install --upgrade pip
+        pip install -r requirements.txt
+
+    - name: Configure AWS credentials
+      uses: aws-actions/configure-aws-credentials@master
+      with:
+        role-to-assume: arn:aws:iam::${{ inputs.account }}:role/github-actions
+        aws-region: ${{ inputs.region }}
+
+    - name: Deploy | cdk
+      shell: bash
+      working-directory: ${{ inputs.working-directory }}
+      env:
+        CDK_DEPLOY_ACCOUNT: ${{ inputs.account }}
+        CDK_DEPLOY_REGION: ${{ inputs.region }}
+      run: cdk deploy --exclusively ${{ inputs.stacks }} --require-approval never ${{ inputs.deploy-parameters }}

.github/workflows/README.md

@@ -0,0 +1,54 @@
+# GitHub Actions Workflows
+
+## Deploy Workflow
+
+The `deploy.yml` workflow automatically deploys the liquidation bot to AWS ECS using CDK when code is pushed to the `main` branch.
+
+### Required GitHub Secrets
+
+Configure the following secrets in your GitHub repository settings (Settings → Secrets and variables → Actions):
+
+**Required:**
+1. **AWS_ACCESS_KEY_ID** - AWS access key with permissions to deploy CDK stacks
+2. **AWS_SECRET_ACCESS_KEY** - AWS secret access key
+3. **AWS_ACCOUNT_ID** - AWS account ID
+4. **SECRET_NAME** - Name of the AWS Secrets Manager secret (e.g., `mewler-liquidation-bot/config`)
+   - The secret must contain `LIQUIDATOR_EOA` and `LIQUIDATOR_PRIVATE_KEY`
+
+**Optional (recommended for security):**
+5. **SECRET_NAME** - Name of the AWS Secrets Manager secret (e.g., `mewler-liquidation-bot/config`)
+6. **GLUEX_API_KEY** - Gluex API key (overrides hardcoded value in app.py)
+7. **GLUEX_UNIQUE_PID** - Gluex unique PID (overrides hardcoded value in app.py)
+8. **MAINNET_RPC_URL** - Mainnet RPC URL (overrides hardcoded value in app.py)
+9. **BASE_RPC_URL** - Base chain RPC URL (overrides hardcoded value in app.py)
+10. **ARBITRUM_RPC_URL** - Arbitrum RPC URL (overrides hardcoded value in app.py)
+11. **SLACK_WEBHOOK_URL** - Slack webhook URL (overrides hardcoded value in app.py)
+
+**Note:** It's recommended to move sensitive values (API keys, RPC URLs with keys) from `cdk/app.py` to GitHub secrets for better security.
+
+### IAM Permissions Required
+
+The AWS credentials need the following permissions:
+- CloudFormation (create/update/delete stacks)
+- ECS (create/update services, task definitions)
+- EC2 (describe VPCs, subnets, security groups)
+- IAM (create roles and policies)
+- ECR (push/pull container images)
+- CloudWatch Logs (create log groups)
+- Secrets Manager (read secrets, if using)
+
+### Workflow Steps
+
+1. Checks out the code
+2. Sets up Python and Node.js
+3. Installs CDK CLI
+4. Configures AWS credentials
+5. Sets up Python virtual environment and installs CDK dependencies
+6. Bootstraps CDK (if needed)
+7. Validates the CDK stack with `cdk synth`
+8. Deploys the stack with `cdk deploy`
+
+### Manual Trigger
+
+The workflow can also be manually triggered from the Actions tab in GitHub.
+

.github/workflows/deploy.yaml

@@ -0,0 +1,29 @@
+name: Workflow | Deploy backend
+
+on:
+    workflow_call:
+        inputs:
+          account:
+            required: true
+            type: string
+            default: "730335381248"
+          region:
+            required: true
+            type: string
+            default: "ap-northeast-1"
+
+jobs:
+  liquidator-backend:
+    runs-on: ubuntu-latest
+    timeout-minutes: 60
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          submodules: "recursive"
+
+      - uses: ./.github/actions/deploy-cdk-stack
+        with:
+          account: ${{ inputs.account }}
+          region: ${{ inputs.region }}
+          stacks: MewlerLiquidationBotStack

.github/workflows/pipelin.yaml

@@ -0,0 +1,36 @@
+name: Deploy to Production
+
+on:
+  push:
+    branches: [main]
+
+  pull_request:
+    branches: [main]
+    
+  workflow_dispatch: {}
+
+permissions:
+  id-token: write
+  contents: read
+  actions: read
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: false
+
+jobs:
+  deploy:
+    if: github.event_name == 'push' || github.event_name == 'workflow_dispatch'
+    name: Deploy | Production
+    uses: ./.github/workflows/deploy.yaml
+    with:
+      account: "730335381248"
+      region: "ap-northeast-1"
+
+  synth:
+    if: github.event_name == 'pull_request'
+    name: Dry Run | Production
+    uses: ./.github/workflows/synth.yaml
+    with:
+      account: "730335381248"
+      region: "ap-northeast-1"

.github/workflows/synth.yaml

@@ -0,0 +1,29 @@
+name: Workflow | Deploy backend
+
+on:
+    workflow_call:
+        inputs:
+          account:
+            required: true
+            type: string
+            default: "730335381248"
+          region:
+            required: true
+            type: string
+            default: "ap-northeast-1"
+
+jobs:
+  liquidator-backend:
+    runs-on: ubuntu-latest
+    timeout-minutes: 60
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          submodules: "recursive"
+
+      - uses: ./.github/actions/cdk-synth
+        with:
+          account: ${{ inputs.account }}
+          region: ${{ inputs.region }}
+          stacks: MewlerLiquidationBotStack

.github/workflows/test.yml

@@ -20,7 +20,9 @@ lcov.info
 
 # Virtual env
 python-venv/
-venv/ 
+venv/
+.venv/
+cdk/.venv/ 
 
 # Logs and save state
 logs/
@@ -31,4 +33,6 @@ __pycache__/
 *.pyo
 *.pyd
 
-/redstone_script/node_modules
+/redstone_script/node_modulescdk.out/
+cdk.context.json
+cdk.out