diff --git a/.github/workflows/infrstructure.yml b/.github/workflows/infrstructure.yml index 00ea09fba..f58c0fa9f 100644 --- a/.github/workflows/infrstructure.yml +++ b/.github/workflows/infrstructure.yml @@ -132,8 +132,7 @@ jobs: - name: Configure Control Machine run: | - sudo useradd --create-home ubuntu && sudo usermod --append --groups sudo ubuntu - + ANSIBLE_USER=$([ "${IS_MANUAL_DEPLOYMENT}" == "true" ] && echo "ubuntu" || echo "${USER}") ANSIBLE_CONNECTION="ansible_connection=local" if [ "${IS_MANUAL_DEPLOYMENT}" == "true" ]; then ANSIBLE_CONNECTION="" @@ -153,9 +152,9 @@ jobs: cat <<-EOH > infrastructure/nomad/hosts.ini [nomad_servers] - ${TARGET_MACHINE_IP} ${ANSIBLE_CONNECTION} ansible_user=ubuntu + ${TARGET_MACHINE_IP} ${ANSIBLE_CONNECTION} ansible_user=${ANSIBLE_USER} [nomad_clients] - ${TARGET_MACHINE_IP} ${ANSIBLE_CONNECTION} ansible_user=ubuntu + ${TARGET_MACHINE_IP} ${ANSIBLE_CONNECTION} ansible_user=${ANSIBLE_USER} EOH ansible all --inventory infrastructure/nomad/hosts.ini --module-name ping diff --git a/infrastructure/nomad/playbooks/deploy.yml b/infrastructure/nomad/playbooks/deploy.yml index c64d5d111..e2f662305 100644 --- a/infrastructure/nomad/playbooks/deploy.yml +++ b/infrastructure/nomad/playbooks/deploy.yml @@ -50,7 +50,7 @@ src: "{{ vault_init_file }}" register: vault_init become: true - become_user: "{{ hostvars[inventory_hostname].ansible_user }}" + become_user: "{{ ansible_user }}" no_log: true - name: Parse Vault Initialization File @@ -234,7 +234,7 @@ {% if artifact.keystore is defined %} case "{{ environments[env].secrets }}" in "generate") - PASSPHRASE="{{ lookup('password', '/dev/null', length=1024) }}" + PASSPHRASE="{{ lookup('password', '/dev/null', length=1024, chars=["ascii_letters", "digits", ".,:_"]) }}" RESULT=$( {{ keystore_generator.stdout }} generate \ @@ -575,7 +575,7 @@ exit 1 fi - TIMEOUT=300 + TIMEOUT={% if profile == 'ci' %}600{% else %}300{% endif %} START_TIME=$(date +%s) RESULT=$(nomad job status -json "{{ job.name }}") if [ $? -ne 0 ]; then diff --git a/infrastructure/nomad/playbooks/init.yml b/infrastructure/nomad/playbooks/init.yml index 6277b7150..1ae80bd24 100644 --- a/infrastructure/nomad/playbooks/init.yml +++ b/infrastructure/nomad/playbooks/init.yml @@ -1,11 +1,11 @@ - name: Initialize and Configure Cluster hosts: all become: yes - remote_user: "{{ hostvars[inventory_hostname].ansible_user }}" gather_facts: yes vars: version: "unknown" + ansible_user_home: "/home/{{ hostvars[inventory_hostname].ansible_user }}" nomad_server_ip: "{{ (hostvars[groups['nomad_servers'][0]]['ansible_default_ipv4']['address'] if groups['nomad_servers'] | default([]) | length > 0 else '127.0.0.1') }}" nomad_clients_defined: "{{ groups['nomad_clients'] | length > 0 }}" nomad_servers_defined: "{{ groups['nomad_servers'] | length > 0 }}" @@ -113,14 +113,14 @@ fail_msg: "The profile name is not set correctly." success_msg: "The profile name is set to: {{ profile }}." - - name: Ensure "{{ env }}" Directory Exists + - name: Ensure "{{ ansible_user_home }}/{{ env }}" Directory Exists ansible.builtin.file: - path: "~{{ hostvars[inventory_hostname].ansible_user }}/{{ env }}" + path: "{{ ansible_user_home }}/{{ env }}/artifacts" state: directory mode: "0744" recurse: yes become: true - become_user: "{{ hostvars[inventory_hostname].ansible_user }}" + become_user: "{{ ansible_user }}" tasks: - name: Add DataDog Repository Key @@ -150,7 +150,7 @@ - name: Add PostgreSQL Repository ansible.builtin.apt_repository: - repo: "deb http://apt.postgresql.org/pub/repos/apt {{ ansible_distribution_release }}-pgdg main" + repo: "deb https://apt.postgresql.org/pub/repos/apt {{ ansible_distribution_release }}-pgdg main" state: present filename: pgdg.list @@ -240,7 +240,7 @@ mode: "0400" when: vault_status.json.initialized == false become: true - become_user: "{{ hostvars[inventory_hostname].ansible_user }}" + become_user: "{{ ansible_user }}" no_log: true - name: Determine Vault Seal Status @@ -259,7 +259,7 @@ - vault_status.json.initialized == true - vault_seal_status.json.sealed == true become: true - become_user: "{{ hostvars[inventory_hostname].ansible_user }}" + become_user: "{{ ansible_user }}" no_log: true - name: Parse Vault Initialization File diff --git a/infrastructure/nomad/playbooks/templates/jobs/artifacts.nomad.j2 b/infrastructure/nomad/playbooks/templates/jobs/artifacts.nomad.j2 index 98fe992ea..eaf875527 100644 --- a/infrastructure/nomad/playbooks/templates/jobs/artifacts.nomad.j2 +++ b/infrastructure/nomad/playbooks/templates/jobs/artifacts.nomad.j2 @@ -50,6 +50,7 @@ job "{% if env != 'devenv' %}{{ environments[env].version }}{% else %}artifacts- port "http" { static = 1111 + to = 1111 } } diff --git a/infrastructure/nomad/playbooks/templates/jobs/contracts-deployer.nomad.j2 b/infrastructure/nomad/playbooks/templates/jobs/contracts-deployer.nomad.j2 index e0a8c4144..6d722e239 100644 --- a/infrastructure/nomad/playbooks/templates/jobs/contracts-deployer.nomad.j2 +++ b/infrastructure/nomad/playbooks/templates/jobs/contracts-deployer.nomad.j2 @@ -46,9 +46,15 @@ job "{{ job.name }}" { destination = "local/foundry.sh" } + {% if env != 'devenv' %} artifact { source = "https://primev-infrastructure-artifacts.s3.us-west-2.amazonaws.com/contracts_{{ version }}.tar.gz" } + {% else %} + artifact { + source = "http://{{ ansible_facts['default_ipv4']['address'] }}:1111/contracts_{{ version }}.tar.gz" + } + {% endif %} template { data = <<-EOH diff --git a/infrastructure/nomad/playbooks/templates/jobs/mev-commit-bridge.nomad.j2 b/infrastructure/nomad/playbooks/templates/jobs/mev-commit-bridge.nomad.j2 index 5f846afdd..d6ebbbe4d 100644 --- a/infrastructure/nomad/playbooks/templates/jobs/mev-commit-bridge.nomad.j2 +++ b/infrastructure/nomad/playbooks/templates/jobs/mev-commit-bridge.nomad.j2 @@ -41,13 +41,21 @@ job "{{ job.name }}" { destination = "local/foundry.sh" } + {% if env != 'devenv' %} artifact { source = "https://primev-infrastructure-artifacts.s3.us-west-2.amazonaws.com/contracts_{{ version }}.tar.gz" } - artifact { source = "https://primev-infrastructure-artifacts.s3.us-west-2.amazonaws.com/mev-commit-bridge-relayer_{{ version }}_Linux_{{ target_system_architecture }}.tar.gz" } + {% else %} + artifact { + source = "http://{{ ansible_facts['default_ipv4']['address'] }}:1111/contracts_{{ version }}.tar.gz" + } + artifact { + source = "http://{{ ansible_facts['default_ipv4']['address'] }}:1111/mev-commit-bridge-relayer_{{ version }}_Linux_{{ target_system_architecture }}.tar.gz" + } + {% endif %} template { data = <<-EOH diff --git a/infrastructure/nomad/playbooks/templates/jobs/mev-commit-emulator.nomad.j2 b/infrastructure/nomad/playbooks/templates/jobs/mev-commit-emulator.nomad.j2 index 0861a27eb..1a387c401 100644 --- a/infrastructure/nomad/playbooks/templates/jobs/mev-commit-emulator.nomad.j2 +++ b/infrastructure/nomad/playbooks/templates/jobs/mev-commit-emulator.nomad.j2 @@ -36,9 +36,15 @@ job "{{ job.name }}" { } {% endfor %} + {% if env != 'devenv' %} artifact { source = "https://primev-infrastructure-artifacts.s3.us-west-2.amazonaws.com/{{ job.target_type }}-emulator_{{ version }}_Linux_{{ target_system_architecture }}.tar.gz" } + {% else %} + artifact { + source = "http://{{ ansible_facts['default_ipv4']['address'] }}:1111/{{ job.target_type }}-emulator_{{ version }}_Linux_{{ target_system_architecture }}.tar.gz" + } + {% endif %} template { data = <<-EOH diff --git a/infrastructure/nomad/playbooks/templates/jobs/mev-commit-geth.nomad.j2 b/infrastructure/nomad/playbooks/templates/jobs/mev-commit-geth.nomad.j2 index ac85cf3b9..2f04b0399 100644 --- a/infrastructure/nomad/playbooks/templates/jobs/mev-commit-geth.nomad.j2 +++ b/infrastructure/nomad/playbooks/templates/jobs/mev-commit-geth.nomad.j2 @@ -47,13 +47,21 @@ job "{{ job.name }}" { } {% endfor %} + {% if env != 'devenv' %} artifact { source = "https://primev-infrastructure-artifacts.s3.us-west-2.amazonaws.com/genesis_{{ version }}.json" } - artifact { source = "https://primev-infrastructure-artifacts.s3.us-west-2.amazonaws.com/mev-commit-geth_{{ version }}_Linux_{{ target_system_architecture }}.tar.gz" } + {% else %} + artifact { + source = "http://{{ ansible_facts['default_ipv4']['address'] }}:1111/genesis_{{ version }}.json" + } + artifact { + source = "http://{{ ansible_facts['default_ipv4']['address'] }}:1111/mev-commit-geth_{{ version }}_Linux_{{ target_system_architecture }}.tar.gz" + } + {% endif %} template { data = <<-EOH diff --git a/infrastructure/nomad/playbooks/templates/jobs/mev-commit-oracle.nomad.j2 b/infrastructure/nomad/playbooks/templates/jobs/mev-commit-oracle.nomad.j2 index 99dd9aa27..e96b2c7bc 100644 --- a/infrastructure/nomad/playbooks/templates/jobs/mev-commit-oracle.nomad.j2 +++ b/infrastructure/nomad/playbooks/templates/jobs/mev-commit-oracle.nomad.j2 @@ -136,13 +136,21 @@ job "{{ job.name }}" { } {% endif %} + {% if env != 'devenv' %} artifact { source = "https://primev-infrastructure-artifacts.s3.us-west-2.amazonaws.com/mev-commit-oracle_{{ version }}_Linux_{{ target_system_architecture }}.tar.gz" } - artifact { source = "https://primev-infrastructure-artifacts.s3.us-west-2.amazonaws.com/contracts_{{ version }}.tar.gz" } + {% else %} + artifact { + source = "http://{{ ansible_facts['default_ipv4']['address'] }}:1111/mev-commit-oracle_{{ version }}_Linux_{{ target_system_architecture }}.tar.gz" + } + artifact { + source = "http://{{ ansible_facts['default_ipv4']['address'] }}:1111/contracts_{{ version }}.tar.gz" + } + {% endif %} template { data = <<-EOH diff --git a/infrastructure/nomad/playbooks/templates/jobs/mev-commit.nomad.j2 b/infrastructure/nomad/playbooks/templates/jobs/mev-commit.nomad.j2 index 699b30bb3..c10eeefc9 100644 --- a/infrastructure/nomad/playbooks/templates/jobs/mev-commit.nomad.j2 +++ b/infrastructure/nomad/playbooks/templates/jobs/mev-commit.nomad.j2 @@ -47,9 +47,15 @@ job "{{ job.name }}" { } {% endif %} + {% if env != 'devenv' %} artifact { source = "https://primev-infrastructure-artifacts.s3.us-west-2.amazonaws.com/mev-commit_{{ version }}_Linux_{{ target_system_architecture }}.tar.gz" } + {% else %} + artifact { + source = "http://{{ ansible_facts['default_ipv4']['address'] }}:1111/mev-commit_{{ version }}_Linux_{{ target_system_architecture }}.tar.gz" + } + {% endif %} template { data = <<-EOH diff --git a/infrastructure/nomad/playbooks/templates/services/nomad.hcl.j2 b/infrastructure/nomad/playbooks/templates/services/nomad.hcl.j2 index b39d408ff..648d7292c 100644 --- a/infrastructure/nomad/playbooks/templates/services/nomad.hcl.j2 +++ b/infrastructure/nomad/playbooks/templates/services/nomad.hcl.j2 @@ -27,7 +27,7 @@ client { } {% if env == "devenv" %} host_volume "artifacts-volume" { - path = "/home/{{ hostvars[inventory_hostname].ansible_user }}/{{ env }}/artifacts" + path = "{{ ansible_user_home }}/{{ env }}/artifacts" } {% endif %} }