GCE Based Multichain (#458)

* multichain on a VM
near · Mar 6, 2024 · 6a79bd5 · 6a79bd5
1 parent bc4c134
commit 6a79bd5
Show file tree

Hide file tree

Showing 19 changed files with 2,126 additions and 0 deletions.
diff --git a/.github/workflows/multichain-prod.yml b/.github/workflows/multichain-prod.yml
@@ -0,0 +1,58 @@
+name: Deploy Multichain Prod.
+on:
+  workflow_dispatch:
+    inputs:
+      network:
+        type: choice
+        options:
+          - mainnet
+          - testnet
+        description: mainnet or testnet network
+        required: true
+      image:
+        description: Full Artifact Registry image with tag (e.g. us-east1-docker.pkg.dev/pagoda-discovery-platform-prod/multichain/multichain-< testnet | mainnet >)
+        required: true
+      tag:
+        description: Image tag that you wish to deploy, either by SHA or Version/latest
+
+jobs:
+  build-mpc-recovery:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        name: "Checkout mpc-recovery"
+
+      - name: Login to Artifact Registry
+        uses: docker/login-action@v2
+        with:
+          registry: us-east1-docker.pkg.dev
+          username: _json_key
+          password: ${{ secrets.GCP_CREDENTIALS_PROD }}
+
+      - name: Build Docker image and push to Google Artifact Registry
+        id: docker-push-tagged
+        uses: docker/build-push-action@v4
+        with:
+          push: true
+          file: ./Dockerfile.multichain
+          tags: "${{ github.event.inputs.image }}:${{ github.event.inputs.tag }}"
+
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - id: 'auth'
+        uses: 'google-github-actions/auth@v2'
+        with:
+          credentials_json: '${{ secrets.GCP_CREDENTIALS_PROD }}'
+
+      - name: 'Set up Cloud SDK'
+        uses: 'google-github-actions/setup-gcloud@v2'
+
+      - name: 'Set project'
+        run: 'gcloud config set project pagoda-discovery-platform-prod'
+
+      - name: 'Update Nodes'
+        run: |
+          gcloud compute instances update-container multichain-${{ github.event.inputs.network }}-0
+          gcloud compute instances update-container multichain-${{ github.event.inputs.network }}-1
+          gcloud compute instances update-container multichain-${{ github.event.inputs.network }}-2
diff --git a/.gitignore b/.gitignore
@@ -4,3 +4,4 @@
 
 flamegraph*.svg
 tmp
+*.log
diff --git a/infra/modules/instance-from-tpl/main.tf b/infra/modules/instance-from-tpl/main.tf
@@ -0,0 +1,83 @@
+locals {
+  hostname      = var.hostname == "" ? "default" : var.hostname
+  num_instances = length(var.static_ips) == 0 ? var.num_instances : length(var.static_ips)
+
+  # local.static_ips is the same as var.static_ips with a dummy element appended
+  # at the end of the list to work around "list does not have any elements so cannot
+  # determine type" error when var.static_ips is empty
+  static_ips = concat(var.static_ips, ["NOT_AN_IP"])
+
+  zones = length(var.zones) == 0 ? data.google_compute_zones.available.names : var.zones
+
+  instance_group_count = min(
+    local.num_instances,
+    length(local.zones),
+  )
+}
+
+###############
+# Data Sources
+###############
+
+data "google_compute_zones" "available" {
+  project = var.project_id
+  region  = var.region
+  status  = "UP"
+}
+
+resource "google_compute_instance_from_template" "compute_instance" {
+  provider = google
+  count    = local.num_instances
+  name     = local.hostname
+  project  = var.project_id
+  zone     = local.zones[count.index % length(local.zones)]
+
+  network_interface {
+    network            = var.network
+    subnetwork         = var.subnetwork
+    subnetwork_project = var.subnetwork_project
+    network_ip         = length(var.static_ips) == 0 ? "" : element(local.static_ips, count.index)
+
+    dynamic "access_config" {
+      # convert to map to use lookup function with default value
+      for_each = lookup({ for k, v in var.access_config : k => v }, count.index, [])
+      content {
+        nat_ip       = access_config.value.nat_ip
+        network_tier = access_config.value.network_tier
+      }
+    }
+
+    dynamic "ipv6_access_config" {
+      # convert to map to use lookup function with default value
+      for_each = lookup({ for k, v in var.ipv6_access_config : k => v }, count.index, [])
+      content {
+        network_tier = ipv6_access_config.value.network_tier
+      }
+    }
+  }
+
+  dynamic "network_interface" {
+    for_each = var.additional_networks
+    content {
+      network            = network_interface.value.network
+      subnetwork         = network_interface.value.subnetwork
+      subnetwork_project = network_interface.value.subnetwork_project
+      network_ip         = length(network_interface.value.network_ip) > 0 ? network_interface.value.network_ip : null
+      dynamic "access_config" {
+        for_each = network_interface.value.access_config
+        content {
+          nat_ip       = access_config.value.nat_ip
+          network_tier = access_config.value.network_tier
+        }
+      }
+      dynamic "ipv6_access_config" {
+        for_each = network_interface.value.ipv6_access_config
+        content {
+          network_tier = ipv6_access_config.value.network_tier
+        }
+      }
+    }
+  }
+
+  source_instance_template = var.instance_template
+}