feat(coprocessor): solana host-listener poc scaffold and feedback loop #5218
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: gateway-contracts-upgrade-tests | |
| permissions: {} | |
| on: | |
| pull_request: | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| # Define common environment variables here: | |
| # - DOTENV_CONFIG_PATH: The path to the environment file, used for loading variables used for upgrades | |
| # - HARDHAT_NETWORK: Should match the network from the docker-compose.yml's services | |
| # - CHAIN_ID_GATEWAY: Should match the chain ID used in the anvil node in the docker-compose.yml file | |
| # - RPC_URL: The port should match the one used in the anvil node in the docker-compose.yml file | |
| env: | |
| DOTENV_CONFIG_PATH: .env.example | |
| HARDHAT_NETWORK: staging | |
| CHAIN_ID_GATEWAY: 54321 | |
| RPC_URL: http://localhost:8546 | |
| jobs: | |
| check-changes: | |
| name: gateway-contracts-upgrade-tests/check-changes | |
| permissions: | |
| actions: 'read' # Required to read workflow run information | |
| contents: 'read' # Required to checkout repository code | |
| pull-requests: 'read' # Required to read pull request information | |
| runs-on: ubuntu-latest | |
| outputs: | |
| changes-gw-contracts: ${{ steps.filter.outputs.gw-contracts }} | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| persist-credentials: 'false' | |
| - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 | |
| id: filter | |
| with: | |
| filters: | | |
| gw-contracts: | |
| - .github/workflows/gateway-contracts-upgrade-tests.yml | |
| - gateway-contracts/** | |
| sc-upgrade: | |
| name: gateway-contracts-upgrade-tests/sc-upgrade (bpr) | |
| needs: check-changes | |
| if: ${{ needs.check-changes.outputs.changes-gw-contracts == 'true' }} | |
| permissions: | |
| contents: 'read' # Required to checkout repository code | |
| checks: 'write' # Required to create GitHub checks for test results | |
| packages: 'read' # Required to read GitHub packages/container registry | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout previous release code | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| # This version should be updated whenever we release new contract versions or | |
| # touch a contract upgrade path. | |
| ref: v0.10.0 | |
| path: previous-fhevm | |
| persist-credentials: 'false' | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 | |
| - name: Login to Docker Registry | |
| uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and start Docker services from previous release | |
| working-directory: previous-fhevm/gateway-contracts | |
| run: | | |
| make docker-compose-build | |
| make docker-compose-up | |
| - name: Check smart contract deployment from previous release | |
| working-directory: previous-fhevm/gateway-contracts | |
| run: | | |
| ## Check Contracts Deployment | |
| timeout 300s bash -c 'while docker ps --filter "name=deploy-gateway-contracts" --format "{{.Status}}" | grep -q "Up"; do sleep 5; done' | |
| docker compose logs deploy-gateway-contracts > deployment_logs.txt | |
| EXIT_CODE_SC=$(docker inspect --format='{{.State.ExitCode}}' deploy-gateway-contracts) | |
| # display logs for debugging | |
| # cat deployment_logs.txt | |
| if [ "$EXIT_CODE_SC" -ne 0 ]; then | |
| echo "Deployment failed with exit code $EXIT_CODE_SC" | |
| exit 1 | |
| elif ! grep -q "Contract deployment done!" deployment_logs.txt; then | |
| echo "Deployment did not complete successfully - 'Contract deployment done!' message not found in logs" | |
| exit 1 | |
| else | |
| echo "Deployment completed successfully with expected completion message" | |
| fi | |
| - name: Checkout current code | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| persist-credentials: 'false' | |
| path: current-fhevm | |
| - name: Install dependencies | |
| working-directory: current-fhevm/gateway-contracts | |
| run: npm ci | |
| # This step prepares the directory for upgrading contracts: | |
| # 1) Copy contracts from previous version to directory `./previous-contracts`: upgrade tasks | |
| # require access to the previous implementations | |
| # 2) Copy addresses from previous version to root directory: the upgrade tasks need to use the | |
| # internal addresses that have been deployed (ie, the previous version's addresses) | |
| - name: Prepare contracts for upgrades | |
| working-directory: current-fhevm/gateway-contracts | |
| run: | | |
| cp -r ../../previous-fhevm/gateway-contracts/contracts ./previous-contracts | |
| docker cp deploy-gateway-contracts:/app/addresses ./ | |
| # TODO: We should instead automatically detect if the contract needs to be upgraded | |
| # See https://github.com/zama-ai/fhevm-internal/issues/379 | |
| - name: Upgrade GatewayConfig contract | |
| working-directory: current-fhevm/gateway-contracts | |
| if: false | |
| run: | | |
| npx hardhat task:upgradeGatewayConfig \ | |
| --current-implementation previous-contracts/GatewayConfig.sol:GatewayConfig \ | |
| --new-implementation contracts/GatewayConfig.sol:GatewayConfig \ | |
| --use-internal-proxy-address true \ | |
| --verify-contract false | |
| # TODO: We should instead automatically detect if the contract needs to be upgraded | |
| # See https://github.com/zama-ai/fhevm-internal/issues/379 | |
| - name: Upgrade Decryption contract | |
| working-directory: current-fhevm/gateway-contracts | |
| if: false | |
| run: | | |
| npx hardhat task:upgradeDecryption \ | |
| --current-implementation previous-contracts/Decryption.sol:Decryption \ | |
| --new-implementation contracts/Decryption.sol:Decryption \ | |
| --use-internal-proxy-address true \ | |
| --verify-contract false | |
| # TODO: We should instead automatically detect if the contract needs to be upgraded | |
| # See https://github.com/zama-ai/fhevm-internal/issues/379 | |
| - name: Upgrade CiphertextCommits contract | |
| working-directory: current-fhevm/gateway-contracts | |
| if: false | |
| run: | | |
| npx hardhat task:upgradeCiphertextCommits \ | |
| --current-implementation previous-contracts/CiphertextCommits.sol:CiphertextCommits \ | |
| --new-implementation contracts/CiphertextCommits.sol:CiphertextCommits \ | |
| --use-internal-proxy-address true \ | |
| --verify-contract false | |
| # TODO: We should instead automatically detect if the contract needs to be upgraded | |
| # See https://github.com/zama-ai/fhevm-internal/issues/379 | |
| - name: Upgrade InputVerification contract | |
| working-directory: current-fhevm/gateway-contracts | |
| if: false | |
| run: | | |
| npx hardhat task:upgradeInputVerification \ | |
| --current-implementation previous-contracts/InputVerification.sol:InputVerification \ | |
| --new-implementation contracts/InputVerification.sol:InputVerification \ | |
| --use-internal-proxy-address true \ | |
| --verify-contract false | |
| # TODO: We should instead automatically detect if the contract needs to be upgraded | |
| # See https://github.com/zama-ai/fhevm-internal/issues/379 | |
| - name: Upgrade MultichainACL contract | |
| working-directory: current-fhevm/gateway-contracts | |
| if: false | |
| run: | | |
| npx hardhat task:upgradeMultichainACL \ | |
| --current-implementation previous-contracts/MultichainACL.sol:MultichainACL \ | |
| --new-implementation contracts/MultichainACL.sol:MultichainACL \ | |
| --use-internal-proxy-address true \ | |
| --verify-contract false | |
| # TODO: We should instead automatically detect if the contract needs to be upgraded | |
| # See https://github.com/zama-ai/fhevm-internal/issues/379 | |
| - name: Upgrade KMSGeneration contract | |
| working-directory: current-fhevm/gateway-contracts | |
| if: false | |
| run: | | |
| npx hardhat task:upgradeKMSGeneration \ | |
| --current-implementation previous-contracts/KMSGeneration.sol:KMSGeneration \ | |
| --new-implementation contracts/KMSGeneration.sol:KMSGeneration \ | |
| --use-internal-proxy-address true \ | |
| --verify-contract false | |
| # TODO: We should instead automatically detect if the contract needs to be upgraded | |
| # See https://github.com/zama-ai/fhevm-internal/issues/379 | |
| - name: Upgrade ProtocolPayment contract | |
| working-directory: current-fhevm/gateway-contracts | |
| if: false | |
| run: | | |
| npx hardhat task:upgradeProtocolPayment \ | |
| --current-implementation previous-contracts/ProtocolPayment.sol:ProtocolPayment \ | |
| --new-implementation contracts/ProtocolPayment.sol:ProtocolPayment \ | |
| --use-internal-proxy-address true \ | |
| --verify-contract false | |
| - name: Clean up | |
| working-directory: previous-fhevm/gateway-contracts | |
| if: always() | |
| run: | | |
| make docker-compose-down |