hyperlane-xyz
diff --git a/‎typescript/infra/config/docker.ts‎
Lines changed: 1 addition & 0 deletions b/‎typescript/infra/config/docker.ts‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎typescript/infra/config/environments/mainnet3/funding.ts‎
Lines changed: 1 addition & 1 deletion b/‎typescript/infra/config/environments/mainnet3/funding.ts‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎typescript/infra/config/environments/testnet4/funding.ts‎
Lines changed: 1 addition & 1 deletion b/‎typescript/infra/config/environments/testnet4/funding.ts‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎typescript/infra/helm/key-funder/templates/addresses-external-secret.yaml‎
Lines changed: 0 additions & 31 deletions b/‎typescript/infra/helm/key-funder/templates/addresses-external-secret.yaml‎
Lines changed: 0 additions & 31 deletions
diff --git a/‎typescript/infra/helm/key-funder/templates/configmap.yaml‎
Lines changed: 9 additions & 0 deletions b/‎typescript/infra/helm/key-funder/templates/configmap.yaml‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎typescript/infra/helm/key-funder/templates/cron-job.yaml‎
Lines changed: 21 additions & 44 deletions b/‎typescript/infra/helm/key-funder/templates/cron-job.yaml‎
Lines changed: 21 additions & 44 deletions
diff --git a/‎typescript/infra/helm/key-funder/templates/env-var-external-secret.yaml‎
Lines changed: 3 additions & 14 deletions b/‎typescript/infra/helm/key-funder/templates/env-var-external-secret.yaml‎
Lines changed: 3 additions & 14 deletions
diff --git a/‎typescript/infra/helm/key-funder/values.yaml‎
Lines changed: 7 additions & 10 deletions b/‎typescript/infra/helm/key-funder/values.yaml‎
Lines changed: 7 additions & 10 deletions
diff --git a/‎typescript/infra/scripts/funding/deploy-key-funder.ts‎
Lines changed: 34 additions & 16 deletions b/‎typescript/infra/scripts/funding/deploy-key-funder.ts‎
Lines changed: 34 additions & 16 deletions
@@ -1,6 +1,7 @@
 export const DockerImageRepos = {
   AGENT: 'gcr.io/abacus-labs-dev/hyperlane-agent',
   MONOREPO: 'gcr.io/abacus-labs-dev/hyperlane-monorepo',
+  KEYFUNDER: 'gcr.io/abacus-labs-dev/hyperlane-keyfunder',
   WARP_MONITOR: 'gcr.io/abacus-labs-dev/hyperlane-warp-monitor',
   REBALANCER: 'gcr.io/abacus-labs-dev/hyperlane-rebalancer',
 } as const;
 
@@ -36,7 +36,7 @@ export const keyFunderConfig: KeyFunderConfig<
   typeof mainnet3SupportedChainNames
 > = {
   docker: {
-    repo: DockerImageRepos.MONOREPO,
+    repo: DockerImageRepos.KEYFUNDER,
     tag: mainnetDockerTags.keyFunder,
   },
   // We're currently using the same deployer/key funder key as mainnet2.
 
@@ -10,7 +10,7 @@ export const keyFunderConfig: KeyFunderConfig<
   typeof testnet4SupportedChainNames
 > = {
   docker: {
-    repo: DockerImageRepos.MONOREPO,
+    repo: DockerImageRepos.KEYFUNDER,
     tag: testnetDockerTags.keyFunder,
   },
   // We're currently using the same deployer key as testnet2.
 
@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: key-funder-config
+  labels:
+    {{- include "hyperlane.labels" . | nindent 4 }}
+data:
+  keyfunder.yaml: |
+{{ .Values.hyperlane.keyfunderConfig | indent 4 }}
@@ -10,7 +10,7 @@ spec:
   jobTemplate:
     spec:
       backoffLimit: 0
-      activeDeadlineSeconds: 14400 # 60 * 60 * 4 seconds = 4 hours
+      activeDeadlineSeconds: 14400
       template:
         metadata:
           labels:
@@ -21,52 +21,29 @@ spec:
           - name: key-funder
             image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
             imagePullPolicy: IfNotPresent
-            command:
-            - pnpm
-            - exec
-            - tsx
-            - ./typescript/infra/scripts/funding/fund-keys-from-deployer.ts
-            - -e
-            - {{ .Values.hyperlane.runEnv }}
-            - --context
-            - {{ .Values.hyperlane.contextFundingFrom }}
-{{- range $context, $roles := .Values.hyperlane.contextsAndRolesToFund }}
-            - --contexts-and-roles
-            - {{ $context }}={{ join "," $roles }}
-{{- end }}
-{{- range $chain, $balance := .Values.hyperlane.desiredBalancePerChain }}
-            - --desired-balance-per-chain
-            - {{ $chain }}={{ $balance }}
-{{- end }}
-{{- range $chain, $balance := .Values.hyperlane.desiredKathyBalancePerChain }}
-            - --desired-kathy-balance-per-chain
-            - {{ $chain }}={{ $balance }}
-{{- end }}
-{{- range $chain, $balance := .Values.hyperlane.desiredRebalancerBalancePerChain }}
-            - --desired-rebalancer-balance-per-chain
-            - {{ $chain }}={{ $balance }}
-{{- end }}
-{{- range $chain, $balance := .Values.hyperlane.igpClaimThresholdPerChain }}
-            - --igp-claim-threshold-per-chain
-            - {{ $chain }}={{ $balance }}
-{{- end }}
-{{- if .Values.hyperlane.chainsToSkip }}
-            - --chain-skip-override
-{{- range $index, $chain := .Values.hyperlane.chainsToSkip }}
-            - {{ $chain }}
-{{- end }}
-{{- end }}
             env:
-            - name: PROMETHEUS_PUSH_GATEWAY
-              value: {{ .Values.infra.prometheusPushGateway }}
+            - name: LOG_FORMAT
+              value: json
+            - name: LOG_LEVEL
+              value: info
+            - name: KEYFUNDER_CONFIG_FILE
+              value: /config/keyfunder.yaml
+            {{- if .Values.hyperlane.registryUri }}
+            - name: REGISTRY_URI
+              value: {{ .Values.hyperlane.registryUri }}
+            {{- end }}
+            {{- if .Values.hyperlane.skipIgpClaim }}
+            - name: SKIP_IGP_CLAIM
+              value: "true"
+            {{- end }}
             envFrom:
             - secretRef:
                 name: key-funder-env-var-secret
             volumeMounts:
-            - name: key-funder-addresses-secret
-              mountPath: /addresses-secret
+            - name: config
+              mountPath: /config
+              readOnly: true
           volumes:
-          - name: key-funder-addresses-secret
-            secret:
-              secretName: key-funder-addresses-secret
-              defaultMode: 0400
+          - name: config
+            configMap:
+              name: key-funder-config
@@ -9,7 +9,6 @@ spec:
     name: {{ include "hyperlane.cluster-secret-store.name" . }}
     kind: ClusterSecretStore
   refreshInterval: "1h"
-  # The secret that will be created
   target:
     name: key-funder-env-var-secret
     template:
@@ -20,24 +19,14 @@ spec:
         annotations:
           update-on-redeploy: "{{ now }}"
       data:
-        GCP_SECRET_OVERRIDES_ENABLED: "true"
-        GCP_SECRET_OVERRIDE_HYPERLANE_{{ .Values.hyperlane.runEnv | upper }}_KEY_DEPLOYER: {{ print "'{{ .deployer_key | toString }}'" }}
-{{/*
-   * For each network, create an environment variable with the RPC endpoint.
-   * The templating of external-secrets will use the data section below to know how
-   * to replace the correct value in the created secret.
-   */}}
+        HYP_KEY: {{ print "'{{ $json := .funder_key | fromJson }}{{ $json.privateKey }}'" }}
         {{- range .Values.hyperlane.chains }}
-        GCP_SECRET_OVERRIDE_{{ $.Values.hyperlane.runEnv | upper }}_RPC_ENDPOINTS_{{ . | upper }}: {{ printf "'{{ .%s_rpcs | toString }}'" . }}
+        RPC_URL_{{ . | upper | replace "-" "_" }}: {{ printf "'{{ index (.%s_rpcs | fromJson) 0 }}'" . }}
         {{- end }}
   data:
-  - secretKey: deployer_key
+  - secretKey: funder_key
     remoteRef:
       key: {{ printf "hyperlane-%s-key-deployer" .Values.hyperlane.runEnv }}
-{{/*
-   * For each network, load the secret in GCP secret manager with the form: environment-rpc-endpoint-network,
-   * and associate it with the secret key networkname_rpc.
-   */}}
   {{- range .Values.hyperlane.chains }}
   - secretKey: {{ printf "%s_rpcs" . }}
     remoteRef:
 
@@ -1,18 +1,15 @@
 image:
-  repository: gcr.io/hyperlane-labs-dev/hyperlane-monorepo
-  tag:
+  repository: gcr.io/abacus-labs-dev/hyperlane-keyfunder
+  tag: latest
 hyperlane:
-  runEnv: testnet2
-  # Used for fetching secrets
+  runEnv: testnet4
   chains: []
   chainsToSkip: []
-  contextFundingFrom: hyperlane
-  # key = context, value = array of roles to fund
-  contextsAndRolesToFund:
-    hyperlane:
-      - relayer
+  registryUri: ''
+  keyfunderConfig: ''
+  skipIgpClaim: false
 cronjob:
-  schedule: '*/10 * * * *' # Every 10 minutes
+  schedule: '*/10 * * * *'
   successfulJobsHistoryLimit: 6
   failedJobsHistoryLimit: 10
 externalSecrets:
 
@@ -1,12 +1,21 @@
+import { confirm, input } from '@inquirer/prompts';
 import chalk from 'chalk';
+import { readFileSync } from 'fs';
+import { join } from 'path';
 
 import { Contexts } from '../../config/contexts.js';
 import { KeyFunderHelmManager } from '../../src/funding/key-funder.js';
-import { checkMonorepoImageExists } from '../../src/utils/gcloud.js';
+import { validateRegistryCommit } from '../../src/utils/git.js';
 import { HelmCommand } from '../../src/utils/helm.js';
+import { getMonorepoRoot } from '../../src/utils/utils.js';
 import { assertCorrectKubeContext } from '../agent-utils.js';
 import { getConfigsBasedOnArgs } from '../core-utils.js';
 
+function readRegistryRc(): string {
+  const registryRcPath = join(getMonorepoRoot(), '.registryrc');
+  return readFileSync(registryRcPath, 'utf-8').trim();
+}
+
 async function main() {
   const { agentConfig, envConfig, environment } = await getConfigsBasedOnArgs();
   if (agentConfig.context != Contexts.Hyperlane)
@@ -16,23 +25,32 @@ async function main() {
 
   await assertCorrectKubeContext(envConfig);
 
-  if (envConfig.keyFunderConfig?.docker.tag) {
-    const exists = await checkMonorepoImageExists(
-      envConfig.keyFunderConfig.docker.tag,
-    );
-    if (!exists) {
-      console.log(
-        chalk.red(
-          `Attempted to deploy key funder with image tag ${chalk.bold(
-            envConfig.keyFunderConfig.docker.tag,
-          )}, but it has not been published to GCR.`,
-        ),
-      );
-      process.exit(1);
-    }
+  const defaultRegistryCommit = readRegistryRc();
+  console.log(
+    chalk.gray(
+      `Using registry commit from .registryrc: ${defaultRegistryCommit}`,
+    ),
+  );
+
+  const shouldOverride = await confirm({
+    message: 'Do you want to override the registry version?',
+    default: false,
+  });
+
+  let registryCommit = defaultRegistryCommit;
+  if (shouldOverride) {
+    registryCommit = await input({
+      message:
+        'Enter the registry version to use (can be a commit, branch or tag):',
+    });
   }
 
-  const manager = KeyFunderHelmManager.forEnvironment(environment);
+  await validateRegistryCommit(registryCommit);
+
+  const manager = KeyFunderHelmManager.forEnvironment(
+    environment,
+    registryCommit,
+  );
   await manager.runHelmCommand(HelmCommand.InstallOrUpgrade);
 }