From 7888b4379e9a7fda75a97ed96233ddfee6940c85 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jakub=20Soko=C5=82owski?= <jakub@status.im>
Date: Sat, 7 Nov 2020 11:49:53 +0100
Subject: [PATCH] beacon-node-builds: automate building multiple branches
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Jakub Sokołowski <jakub@status.im>
---
 ansible/group_vars/nimbus-master.yml          |  3 +
 ansible/nimbus.yml                            |  5 ++
 .../beacon-node-builds/defaults/main.yml      | 25 +++++++++
 .../roles/beacon-node-builds/files/Dockerfile | 11 ++++
 .../beacon-node-builds/files/dockerignore     |  2 +
 .../roles/beacon-node-builds/tasks/build.yml  | 55 +++++++++++++++++++
 .../beacon-node-builds/tasks/install.yml      |  6 ++
 .../roles/beacon-node-builds/tasks/main.yml   |  5 ++
 .../roles/beacon-node-builds/tasks/user.yml   | 17 ++++++
 .../beacon-node-builds/templates/build.sh.j2  | 36 ++++++++++++
 10 files changed, 165 insertions(+)
 create mode 100644 ansible/roles/beacon-node-builds/defaults/main.yml
 create mode 100644 ansible/roles/beacon-node-builds/files/Dockerfile
 create mode 100644 ansible/roles/beacon-node-builds/files/dockerignore
 create mode 100644 ansible/roles/beacon-node-builds/tasks/build.yml
 create mode 100644 ansible/roles/beacon-node-builds/tasks/install.yml
 create mode 100644 ansible/roles/beacon-node-builds/tasks/main.yml
 create mode 100644 ansible/roles/beacon-node-builds/tasks/user.yml
 create mode 100644 ansible/roles/beacon-node-builds/templates/build.sh.j2

diff --git a/ansible/group_vars/nimbus-master.yml b/ansible/group_vars/nimbus-master.yml
index d737ed9..18e96e8 100644
--- a/ansible/group_vars/nimbus-master.yml
+++ b/ansible/group_vars/nimbus-master.yml
@@ -1,4 +1,7 @@
 ---
+beacon_node_builds_docker_hub_user: '{{lookup("passwordstore", "cloud/DockerHub/user")}}'
+beacon_node_builds_docker_hub_token: '{{lookup("passwordstore", "cloud/DockerHub/token")}}'
+
 # Master host has more memory, but it should be for builds
 beacon_node_mem_limit: '{{ (ansible_memtotal_mb * 0.25) | int }}'
 beacon_node_mem_reserve: '{{ (ansible_memtotal_mb * 0.2) | int }}'
diff --git a/ansible/nimbus.yml b/ansible/nimbus.yml
index 0a432dc..863a008 100644
--- a/ansible/nimbus.yml
+++ b/ansible/nimbus.yml
@@ -7,6 +7,11 @@
         that: 'ansible_version.full is version_compare("2.8", ">=")'
         msg: 'Your Ansible version is lower than 2.8. Upgrade it.'
 
+- name: Configure beacon node builds
+  hosts: nimbus-master
+  roles:
+    - { role: beacon-node-builds,     tags: beacon-node-builds }
+
 - name: Configure shared testnet3 using master
   hosts: nimbus.test[0:3]
   vars:
diff --git a/ansible/roles/beacon-node-builds/defaults/main.yml b/ansible/roles/beacon-node-builds/defaults/main.yml
new file mode 100644
index 0000000..0639f3b
--- /dev/null
+++ b/ansible/roles/beacon-node-builds/defaults/main.yml
@@ -0,0 +1,25 @@
+---
+beacon_node_builds_user: 'nimbus'
+beacon_node_builds_path: '/opt/beacon-node-builds'
+beacon_node_builds_image_name: 'statusteam/nimbus_beacon_node'
+
+# Required for pushing the images
+beacon_node_builds_docker_hub_user: ~
+beacon_node_builds_docker_hub_token: ~
+
+# Timers
+beacon_node_build_timer_timeout: 1200
+
+beacon_node_builds_branches:
+  - name: 'master'
+    branch: 'master'
+    frequency: '*-*-* 02:00:00'
+    batches: [ 'a', 'b' ]
+  - name: 'devel'
+    branch: 'devel'
+    frequency: '*-*-* 10:00:00'
+    batches: [ 'a', 'b' ]
+  - name: 'libp2p'
+    branch: 'nim-libp2p-auto-bump'
+    frequency: '*-*-* 18:00:00'
+    batches: [ 'a', 'b' ]
diff --git a/ansible/roles/beacon-node-builds/files/Dockerfile b/ansible/roles/beacon-node-builds/files/Dockerfile
new file mode 100644
index 0000000..473a58d
--- /dev/null
+++ b/ansible/roles/beacon-node-builds/files/Dockerfile
@@ -0,0 +1,11 @@
+FROM alpine:3.12.1
+
+ARG COMMIT
+
+RUN apk add --no-cache libgcc pcre
+
+COPY repo/build/* /usr/local/bin/
+
+STOPSIGNAL SIGINT
+
+ENTRYPOINT ["/usr/local/bin/beacon_node"]
diff --git a/ansible/roles/beacon-node-builds/files/dockerignore b/ansible/roles/beacon-node-builds/files/dockerignore
new file mode 100644
index 0000000..032b54a
--- /dev/null
+++ b/ansible/roles/beacon-node-builds/files/dockerignore
@@ -0,0 +1,2 @@
+repo
+!repo/build/*
diff --git a/ansible/roles/beacon-node-builds/tasks/build.yml b/ansible/roles/beacon-node-builds/tasks/build.yml
new file mode 100644
index 0000000..5467026
--- /dev/null
+++ b/ansible/roles/beacon-node-builds/tasks/build.yml
@@ -0,0 +1,55 @@
+---
+- name: '{{ item.name }} - Create builds folder'
+  file:
+    path: '{{ beacon_node_builds_path }}'
+    owner: '{{ beacon_node_builds_user }}'
+    group: 'adm'
+    mode: 0755
+    state: 'directory'
+
+- name: '{{ item.name }} - Clone branch'
+  git:
+    repo: 'https://github.com/status-im/nimbus-eth2'
+    version: '{{ item.branch }}'
+    dest: '{{ beacon_node_builds_path }}/{{ item.name }}/repo'
+    update: true
+    force: true
+  become_user: '{{ beacon_node_builds_user }}'
+
+- name: '{{ item.name }} - Create script'
+  template:
+    src: 'build.sh.j2'
+    dest: '{{ beacon_node_builds_path }}/{{ item.name }}/build.sh'
+    owner: '{{ beacon_node_builds_user }}'
+    group: 'adm'
+    mode: 0755
+
+- name: '{{ item.name }} - Create Dockerfile'
+  copy:
+    src: 'Dockerfile'
+    dest: '{{ beacon_node_builds_path }}/{{ item.name }}/Dockerfile'
+    owner: '{{ beacon_node_builds_user }}'
+    group: 'adm'
+    mode: 0644
+
+- name: '{{ item.name }} - Create .dockerignore'
+  copy:
+    src: 'dockerignore'
+    dest: '{{ beacon_node_builds_path }}/{{ item.name }}/.dockerignore'
+    owner: '{{ beacon_node_builds_user }}'
+    group: 'adm'
+    mode: 0644
+
+
+- name: Create timer for rebuilding image
+  include_role: name=systemd-timer
+  vars:
+    systemd_timer_name: 'beacon-node-build-{{ item.name }}'
+    systemd_timer_user: '{{ beacon_node_builds_user }}'
+    systemd_timer_description: 'Docker image build for Nimbus beacon node'
+    systemd_timer_requires_extra: 'docker.service'
+    systemd_timer_start_on_creation: false
+    systemd_timer_frequency: '{{ item.frequency }}'
+    systemd_timer_timeout_sec: '{{ beacon_node_build_timer_timeout }}'
+    systemd_timer_work_dir: '{{ beacon_node_builds_path }}/{{ item.name }}'
+    systemd_timer_script_path: '{{ beacon_node_builds_path }}/{{ item.name }}/build.sh'
diff --git a/ansible/roles/beacon-node-builds/tasks/install.yml b/ansible/roles/beacon-node-builds/tasks/install.yml
new file mode 100644
index 0000000..b459a88
--- /dev/null
+++ b/ansible/roles/beacon-node-builds/tasks/install.yml
@@ -0,0 +1,6 @@
+---
+- name: Install build dependencies
+  apt:
+    name:
+      - build-essential
+      - libpcre3-dev
diff --git a/ansible/roles/beacon-node-builds/tasks/main.yml b/ansible/roles/beacon-node-builds/tasks/main.yml
new file mode 100644
index 0000000..abdad20
--- /dev/null
+++ b/ansible/roles/beacon-node-builds/tasks/main.yml
@@ -0,0 +1,5 @@
+---
+- include_tasks: install.yml
+- include_tasks: user.yml
+- include_tasks: build.yml
+  with_items: '{{ beacon_node_builds_branches }}'
diff --git a/ansible/roles/beacon-node-builds/tasks/user.yml b/ansible/roles/beacon-node-builds/tasks/user.yml
new file mode 100644
index 0000000..6c63c48
--- /dev/null
+++ b/ansible/roles/beacon-node-builds/tasks/user.yml
@@ -0,0 +1,17 @@
+---
+- name: Create user for beacon node builds
+  user:
+    name: '{{ beacon_node_builds_user }}'
+    group: 'adm'
+    groups: ['docker']
+    shell: '/bin/zsh'
+
+- name: Set disable rebase as merge strategy
+  command: git config --global pull.rebase false
+  become_user: '{{ beacon_node_builds_user }}'
+
+- name: Configure access to Docker Hub
+  command: |
+    docker login \
+      --username {{ beacon_node_builds_docker_hub_user | mandatory }} \
+      --password {{ beacon_node_builds_docker_hub_token | mandatory }}
diff --git a/ansible/roles/beacon-node-builds/templates/build.sh.j2 b/ansible/roles/beacon-node-builds/templates/build.sh.j2
new file mode 100644
index 0000000..f914323
--- /dev/null
+++ b/ansible/roles/beacon-node-builds/templates/build.sh.j2
@@ -0,0 +1,36 @@
+#!/usr/bin/env bash
+
+set -e
+
+if [[ "${USER}" != "{{ beacon_node_builds_user }}" ]]; then
+    echo "Incorrect user: ${USER}" >&2
+    echo "Expected: {{ beacon_node_builds_user }}" >&2
+    exit 1
+fi
+
+IMAGE="{{ beacon_node_builds_image_name }}:{{ item.name }}"
+BATCHES=({{ item.batches | join(" ") }})
+
+# Build the Beacon node binaries
+{
+  cd repo
+  COMMIT_BEFORE=$(git rev-parse --short=8 HEAD)
+  git pull
+  COMMIT_AFTER=$(git rev-parse --short=8 HEAD)
+
+  if [[ "${COMMIT_BEFORE}" == "${COMMIT_AFTER}" ]]; then
+      echo "Nothing new to build."
+      exit
+  fi
+
+  make update
+  make \
+    LOG_LEVEL="TRACE" \
+    MAKEFLAGS="-j$(nproc)" \
+    NIMFLAGS="-d:insecure -d:testnet_servers_image" \
+    beacon_node signing_process
+}
+
+# Add binary into a simple Alpine image
+docker build -t "${IMAGE}" --build-arg=COMMIT=${COMMIT_AFTER} .
+docker push "${IMAGE}"