forked from ethereum-optimism/optimism
-
Notifications
You must be signed in to change notification settings - Fork 3
115 lines (105 loc) · 4.52 KB
/
contracts.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
name: Deploy Contracts
on:
push:
branches:
- alvarof2/contracts
workflow_dispatch:
inputs:
broadcast:
required: false
type: boolean
default: true
l1_rpc_kind:
required: false
type: string
default: 'any'
deployment_context:
required: false
type: string
default: 'test-alvaro'
gs_admin_address:
required: false
type: string
default: '0x19c1696408E63d670ab8177bfafB0D37e9F3ed82'
gs_batcher_address:
required: false
type: string
default: '0x0F82E82268FA5de5070A088e54eAbc2dec07D615'
gs_proposer_address:
required: false
type: string
default: '0x8D20f1E387cDF78c4AF42F61FB48B1Be72056FEb'
gs_sequenncer_address:
required: false
type: string
default: '0xF20B236A87e26D1Ac7290D0F70f637af8145D54e'
jobs:
deploy-contracts:
runs-on: ubuntu-latest
permissions: # Must change the job token permissions to use Akeyless JWT auth
id-token: write
contents: read
if: ${{ ! startsWith(github.triggering_actor, 'akeyless') }}
env:
BROADCAST: ${{ github.event_name == 'push' && 'true' || inputs.broadcast }}
L1_RPC_KIND: ${{ github.event_name == 'push' && 'alchemy' || inputs.l1_rpc_kind }}
DEPLOYMENT_CONTEXT: ${{ github.event_name == 'push' && 'test-alvaro' || inputs.deployment_context }}
GS_ADMIN_ADDRESS: ${{ github.event_name == 'push' && '0x19c1696408E63d670ab8177bfafB0D37e9F3ed82' || inputs.gs_admin_address }}
GS_BATCHER_ADDRESS: ${{ github.event_name == 'push' && '0x0F82E82268FA5de5070A088e54eAbc2dec07D615' || inputs.gs_batcher_address }}
GS_PROPOSER_ADDRESS: ${{ github.event_name == 'push' && '0x8D20f1E387cDF78c4AF42F61FB48B1Be72056FEb' || inputs.gs_proposer_address }}
GS_SEQUENCER_ADDRESS: ${{ github.event_name == 'push' && '0xF20B236A87e26D1Ac7290D0F70f637af8145D54e' || inputs.gs_sequenncer_address }}
steps:
- name: "Get GitHub Token from Akeyless"
id: get_auth_token
uses:
docker://us-west1-docker.pkg.dev/devopsre/akeyless-public/akeyless-action:latest
with:
api-url: https://api.gateway.akeyless.celo-networks-dev.org
access-id: p-kf9vjzruht6l
dynamic-secrets: '{"/dynamic-secrets/keys/github/optimism/contents=write,pull_requests=write":"PAT"}'
- name: "Checkout current PR"
uses: actions/checkout@v4
with:
token: ${{ env.PAT }}
submodules: recursive
fetch-depth: 0
- name: Setup
uses: ./.github/actions/setup
- name: Akeyless get L1 URL
uses: docker://us-west1-docker.pkg.dev/devopsre/akeyless-public/akeyless-action:latest
with:
api-url: https://api.gateway.akeyless.celo-networks-dev.org
access-id: p-kf9vjzruht6l
static-secrets: '{"/static-secrets/devops-circle/alvaro-test-opstack-sepolia/l1-rpc-url":"L1_RPC_URL"}'
- name: Akeyless get GS ADMIN private key
uses: docker://us-west1-docker.pkg.dev/devopsre/akeyless-public/akeyless-action:latest
with:
api-url: https://api.gateway.akeyless.celo-networks-dev.org
access-id: p-kf9vjzruht6l
static-secrets: '{"/static-secrets/devops-circle/alvaro-test-opstack-sepolia/gs-admin-private-key":"GS_ADMIN_PRIVATE_KEY"}'
- name: Deploy L1 contracts
run: |
export IMPL_SALT=$(openssl rand -hex 32)
cd packages/contracts-bedrock
./scripts/getting-started/config.sh
if [[ -z "${BROADCAST}" ]] || [[ $BROADCAST == 'false' ]]
then
echo "Simulating ..."
forge script scripts/Deploy.s.sol:Deploy --private-key $GS_ADMIN_PRIVATE_KEY --rpc-url $L1_RPC_URL --slow
else
echo "Broadcasting ..."
forge script scripts/Deploy.s.sol:Deploy --private-key $GS_ADMIN_PRIVATE_KEY --broadcast --rpc-url $L1_RPC_URL --slow
fi
- name: Generate genesis files
run: |
cd op-node
go run cmd/main.go genesis l2 \
--deploy-config ../packages/contracts-bedrock/deploy-config/$DEPLOYMENT_CONTEXT.json \
--deployment-dir ../packages/contracts-bedrock/deployments/$DEPLOYMENT_CONTEXT/ \
--outfile.l2 genesis.json \
--outfile.rollup rollup.json \
--l1-rpc $L1_RPC_URL
- name: "Commit genesis files"
uses: stefanzweifel/git-auto-commit-action@v5
with:
commit_message: '[Automatic] - Commit genesis files'