diff --git a/.github/workflows/attester-image-push.yml b/.github/workflows/attester-image-push.yml new file mode 100644 index 00000000..6d3e594a --- /dev/null +++ b/.github/workflows/attester-image-push.yml @@ -0,0 +1,45 @@ +name: Build and Push Images +on: + push: + tags: + - pyth-attester-v* + workflow_dispatch: + inputs: + dispatch_description: + description: "Dispatch description" + required: true + type: string +permissions: + contents: read + id-token: write +jobs: + p2w-attest-image: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Set image tag to version of the git tag + if: ${{ startsWith(github.ref, 'refs/tags/pyth-attester-v') }} + run: | + PREFIX="refs/tags/pyth-attester-" + VERSION="${GITHUB_REF:${#PREFIX}}" + echo "IMAGE_TAG=${VERSION}" >> "${GITHUB_ENV}" + - name: Set image tag to the git commit hash + if: ${{ !startsWith(github.ref, 'refs/tags/pyth-attester-v') }} + run: | + echo "IMAGE_TAG=${{ github.sha }}" >> "${GITHUB_ENV}" + - uses: aws-actions/configure-aws-credentials@8a84b07f2009032ade05a88a28750d733cc30db1 + with: + role-to-assume: arn:aws:iam::192824654885:role/github-actions-ecr + aws-region: eu-west-2 + - uses: docker/login-action@v2 + with: + registry: public.ecr.aws + env: + AWS_REGION: us-east-1 + - run: | + DOCKER_BUILDKIT=1 docker build -f Dockerfile.client -t bridge-client . + DOCKER_BUILDKIT=1 docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f third_party/pyth/Dockerfile.p2w-attest . + docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG + env: + ECR_REGISTRY: public.ecr.aws + ECR_REPOSITORY: pyth-network/xc-attest diff --git a/.github/workflows/image-push.yml b/.github/workflows/image-push.yml deleted file mode 100644 index f6989c63..00000000 --- a/.github/workflows/image-push.yml +++ /dev/null @@ -1,47 +0,0 @@ -name: Build and Push Images -on: - push: - branches: [ main ] - pull_request: - branches: [ main ] - -permissions: - contents: read - id-token: write -jobs: - price-service-image: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - uses: aws-actions/configure-aws-credentials@v1 - with: - role-to-assume: arn:aws:iam::192824654885:role/github-actions-ecr - aws-region: eu-west-2 - - uses: aws-actions/amazon-ecr-login@v1 - id: ecr_login - - run: | - DOCKER_BUILDKIT=1 docker build -f Dockerfile.wasm -o type=local,dest=. . - DOCKER_BUILDKIT=1 docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f third_party/pyth/price-service/Dockerfile.price_service . - docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG - env: - ECR_REGISTRY: ${{ steps.ecr_login.outputs.registry }} - ECR_REPOSITORY: xc-server - IMAGE_TAG: ${{ github.sha }} - p2w-attest-image: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v2 - - uses: aws-actions/configure-aws-credentials@v1 - with: - role-to-assume: arn:aws:iam::192824654885:role/github-actions-ecr - aws-region: eu-west-2 - - uses: aws-actions/amazon-ecr-login@v1 - id: ecr_login - - run: | - DOCKER_BUILDKIT=1 docker build -f Dockerfile.client -t bridge-client . - DOCKER_BUILDKIT=1 docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f third_party/pyth/Dockerfile.p2w-attest . - docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG - env: - ECR_REGISTRY: ${{ steps.ecr_login.outputs.registry }} - ECR_REPOSITORY: xc-attest - IMAGE_TAG: ${{ github.sha }} diff --git a/.github/workflows/price-service-image-push.yml b/.github/workflows/price-service-image-push.yml new file mode 100644 index 00000000..4988f930 --- /dev/null +++ b/.github/workflows/price-service-image-push.yml @@ -0,0 +1,45 @@ +name: Build and Push Images +on: + push: + tags: + - pyth-price-service-v* + workflow_dispatch: + inputs: + dispatch_description: + description: "Dispatch description" + required: true + type: string +permissions: + contents: read + id-token: write +jobs: + price-service-image: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v2 + - name: Set image tag to version of the git tag + if: ${{ startsWith(github.ref, 'refs/tags/pyth-price-service-v') }} + run: | + PREFIX="refs/tags/pyth-price-service-" + VERSION="${GITHUB_REF:${#PREFIX}}" + echo "IMAGE_TAG=${VERSION}" >> "${GITHUB_ENV}" + - name: Set image tag to the git commit hash + if: ${{ !startsWith(github.ref, 'refs/tags/pyth-price-service-v') }} + run: | + echo "IMAGE_TAG=${{ github.sha }}" >> "${GITHUB_ENV}" + - uses: aws-actions/configure-aws-credentials@8a84b07f2009032ade05a88a28750d733cc30db1 + with: + role-to-assume: arn:aws:iam::192824654885:role/github-actions-ecr + aws-region: eu-west-2 + - uses: docker/login-action@v2 + with: + registry: public.ecr.aws + env: + AWS_REGION: us-east-1 + - run: | + DOCKER_BUILDKIT=1 docker build -f Dockerfile.wasm -o type=local,dest=. . + DOCKER_BUILDKIT=1 docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG -f third_party/pyth/price-service/Dockerfile.price_service . + docker push $ECR_REGISTRY/$ECR_REPOSITORY:$IMAGE_TAG + env: + ECR_REGISTRY: public.ecr.aws + ECR_REPOSITORY: pyth-network/xc-server diff --git a/Dockerfile.guardian b/Dockerfile.guardian deleted file mode 100644 index 9178edaf..00000000 --- a/Dockerfile.guardian +++ /dev/null @@ -1,26 +0,0 @@ -# syntax=docker.io/docker/dockerfile:1.3@sha256:42399d4635eddd7a9b8a24be879d2f9a930d0ed040a61324cfdf59ef1357b3b2 -FROM docker.io/golang:1.17.5@sha256:90d1ab81f3d157ca649a9ff8d251691b810d95ea6023a03cdca139df58bca599 - -RUN apt-get update -qq && apt-get install -yq unzip - -WORKDIR /app - -# After 2.8.7.1 -ARG WORMHOLE_VERSION=73307397bcbb4bd8dc11bdb8324d6f50ac83f133 -ADD https://github.com/certusone/wormhole/archive/${WORMHOLE_VERSION}.zip . -RUN unzip ${WORMHOLE_VERSION}.zip && rm -rf ${WORMHOLE_VERSION}.zip -ARG WORMHOLE_DIR=/app/wormhole-${WORMHOLE_VERSION} - -WORKDIR $WORMHOLE_DIR/tools -RUN CGO_ENABLED=0 ./build.sh - -WORKDIR $WORMHOLE_DIR -RUN tools/bin/buf lint && tools/bin/buf generate - -WORKDIR ${WORMHOLE_DIR}/node/tools -RUN go build -mod=readonly -o /dlv github.com/go-delve/delve/cmd/dlv - -WORKDIR ${WORMHOLE_DIR}/node -RUN go build -race -gcflags="all=-N -l" --ldflags '-extldflags "-Wl,--allow-multiple-definition"' -mod=readonly -o /guardiand github.com/certusone/wormhole/node - -ENTRYPOINT /guardiand diff --git a/Tiltfile b/Tiltfile index 2a8ba173..07cb8772 100644 --- a/Tiltfile +++ b/Tiltfile @@ -75,12 +75,6 @@ local_resource( ) -docker_build( - ref = "guardiand-image", - context = ".", - dockerfile = "Dockerfile.guardian", -) - def build_node_yaml(): node_yaml = read_yaml_stream("devnet/node.yaml") diff --git a/devnet/node.yaml b/devnet/node.yaml index 08f48008..3b47f22c 100644 --- a/devnet/node.yaml +++ b/devnet/node.yaml @@ -53,7 +53,7 @@ spec: path: bigtable-key.json containers: - name: guardiand - image: guardiand-image + image: ghcr.io/certusone/guardiand:v2.8.8.1 volumeMounts: - mountPath: /run/node name: node-rundir diff --git a/devnet/spy.yaml b/devnet/spy.yaml index 3780b34e..f0b486f0 100644 --- a/devnet/spy.yaml +++ b/devnet/spy.yaml @@ -35,12 +35,12 @@ spec: terminationGracePeriodSeconds: 0 containers: - name: spy - image: guardiand-image + image: ghcr.io/certusone/guardiand:v2.8.8.1 command: - /guardiand - spy - --nodeKey - - /tmp/node.key + - /node.key - --spyRPC - "[::]:7072" # Hardcoded devnet bootstrap (generated from deterministic key in guardiand) diff --git a/third_party/pyth/price-service/README.md b/third_party/pyth/price-service/README.md index 590c1d65..b19a84d3 100644 --- a/third_party/pyth/price-service/README.md +++ b/third_party/pyth/price-service/README.md @@ -1,39 +1,32 @@ # Pyth Price Service -This service exposes a REST api to provide latest attestation message for a price feed id. +This service exposes a REST and WS api to provide latest attestation message for a price feed id. ## Build -To build the spy_guardian docker container: +To build the pyth_price_service docker container from the repo root: ``` -$ docker build -f Dockerfile.spy_guardian -t spy_guardian . -``` - -To build the pyth_price_service docker container: - -``` -$ docker build -f Dockerfile.pyth_price_service -t pyth_price_service . +$ docker build -f third_party/pyth/price-service/Dockerfile.pyth_price_service -t pyth_price_service . ``` Run the spy_guardian docker container in TestNet: ``` -$ docker run --platform linux/amd64 -d --network=host spy_guardian \ +$ docker run --platform linux/amd64 -d --network=host ghcr.io/certusone/guardiand:v2.8.8.1 spy \ +--nodeKey /node.key --spyRPC "[::]:7073" \ --bootstrap /dns4/wormhole-testnet-v2-bootstrap.certus.one/udp/8999/quic/p2p/12D3KooWBY9ty9CXLBXGQzMuqkziLntsVcyz4pk1zWaJRvJn6Mmt \ ---network /wormhole/testnet/2/1 \ ---spyRPC "[::]:7073" +--network /wormhole/testnet/2/1 ``` Or run the spy_guardian docker container in MainNet: For the MainNet gossip network parameters, see https://github.com/certusone/wormhole-networks/blob/master/mainnetv2/info.md ``` -$ docker run --platform linux/amd64 -d --network=host spy_guardian \ +$ docker run --platform linux/amd64 -d --network=host ghcr.io/certusone/guardiand:v2.8.8.1 spy \ +--nodeKey /node.key --spyRPC "[::]:7073" \ --bootstrap \ --network \ ---spyRPC "[::]:7073" - ``` Then to run the pyth_price_service docker container using a config file called @@ -43,7 +36,7 @@ following: ``` $ docker run \ --volume=${HOME}/pyth_price_service:/var/pyth_price_service \ --e pyth_price_service_CONFIG=/var/pyth_price_service/env \ +-e PYTH_PRICE_SERVICE_CONFIG=/var/pyth_price_service/env \ --network=host \ -d \ pyth_price_service diff --git a/third_party/pyth/price-service/package-lock.json b/third_party/pyth/price-service/package-lock.json index 3f065713..7ce9de19 100644 --- a/third_party/pyth/price-service/package-lock.json +++ b/third_party/pyth/price-service/package-lock.json @@ -7599,9 +7599,9 @@ "integrity": "sha512-24e6ynE2H+OKt4kqsOvNd8kBpV65zoxbA4BVsEOB3ARVWQki/DHzaUoC5KuON/BiccDaCCTZBuOcfZs70kR8bQ==" }, "node_modules/protobufjs": { - "version": "6.11.2", - "resolved": "https://registry.npmjs.org/protobufjs/-/protobufjs-6.11.2.tgz", - "integrity": "sha512-4BQJoPooKJl2G9j3XftkIXjoC9C0Av2NOrWmbLWT1vH32GcSUHjM0Arra6UfTsVyfMAuFzaLucXn1sadxJydAw==", + "version": "6.11.3", + "resolved": "https://registry.npmjs.org/protobufjs/-/protobufjs-6.11.3.tgz", + "integrity": "sha512-xL96WDdCZYdU7Slin569tFX712BxsxslWwAfAhCYjQKGTq7dAU91Lomy6nLLhh/dyGhk/YH4TwTSRxTzhuHyZg==", "hasInstallScript": true, "dependencies": { "@protobufjs/aspromise": "^1.1.2", @@ -14723,9 +14723,9 @@ } }, "protobufjs": { - "version": "6.11.2", - "resolved": "https://registry.npmjs.org/protobufjs/-/protobufjs-6.11.2.tgz", - "integrity": "sha512-4BQJoPooKJl2G9j3XftkIXjoC9C0Av2NOrWmbLWT1vH32GcSUHjM0Arra6UfTsVyfMAuFzaLucXn1sadxJydAw==", + "version": "6.11.3", + "resolved": "https://registry.npmjs.org/protobufjs/-/protobufjs-6.11.3.tgz", + "integrity": "sha512-xL96WDdCZYdU7Slin569tFX712BxsxslWwAfAhCYjQKGTq7dAU91Lomy6nLLhh/dyGhk/YH4TwTSRxTzhuHyZg==", "requires": { "@protobufjs/aspromise": "^1.1.2", "@protobufjs/base64": "^1.1.2", diff --git a/third_party/pyth/price-service/package.json b/third_party/pyth/price-service/package.json index 20d34841..3262d82e 100644 --- a/third_party/pyth/price-service/package.json +++ b/third_party/pyth/price-service/package.json @@ -1,5 +1,5 @@ { - "name": "@pythnetwork/price-service", + "name": "@pythnetwork/pyth-price-service", "version": "1.0.0", "description": "Pyth Price Service", "main": "index.js", diff --git a/third_party/pyth/price-service/src/index.ts b/third_party/pyth/price-service/src/index.ts index 90f15571..5f3fabbb 100644 --- a/third_party/pyth/price-service/src/index.ts +++ b/third_party/pyth/price-service/src/index.ts @@ -8,8 +8,8 @@ import { RestAPI } from "./rest"; import { WebSocketAPI } from "./ws"; let configFile: string = ".env"; -if (process.env.PYTH_RELAY_CONFIG) { - configFile = process.env.PYTH_RELAY_CONFIG; +if (process.env.PYTH_PRICE_SERVICE_CONFIG) { + configFile = process.env.PYTH_PRICE_SERVICE_CONFIG; } console.log("Loading config file [%s]", configFile);