Git config - CDK tests workflow

.github/workflows/blueprints-unit-tests.yml

@@ -0,0 +1,27 @@
+name: blueprints-cdk-tests
+
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  blueprints-cdk-tests:
+    name: Run CDK tests for all blueprints
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        shell: bash
+        working-directory: scripts
+    steps:
+      - uses: actions/checkout@v2
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 19
+          cache: npm
+          cache-dependency-path: package-lock.json
+
+      - name: Install dependencies
+        run: npm ci
+      - name: Run unit tests
+        run: ./run-all-cdk-tests.sh

.vscode/settings.json

@@ -0,0 +1,6 @@
+{
+    "cSpell.words": [
+        "bcuser",
+        "usermod"
+    ]
+}

lib/constructs/ha-rpc-nodes-with-alb.ts

@@ -75,18 +75,22 @@ export class HANodesConstruct extends cdkContructs.Construct {
       }
 
       if (dataVolume.type !== constants.InstanceStoreageDeviceVolumeType){
-          blockDevices.push(
-              {
-                  deviceName: constants.VolumeDeviceNames[arrayIndex],
-                  volume: autoscaling.BlockDeviceVolume.ebs(dataVolume.sizeGiB, {
-                      deleteOnTermination: true,
-                      throughput: dataVolume.throughput,
-                      encrypted: true,
-                      iops: dataVolume.iops,
-                      volumeType: autoscaling.EbsDeviceVolumeType[dataVolume.type.toUpperCase() as keyof typeof autoscaling.EbsDeviceVolumeType],
-                  }),
-              }
-          )
+          const volumeType = dataVolume.type.toUpperCase();
+          const ebsConfig: any = {
+              deleteOnTermination: true,
+              encrypted: true,
+              iops: dataVolume.iops,
+              volumeType: autoscaling.EbsDeviceVolumeType[dataVolume.type.toUpperCase() as keyof typeof autoscaling.EbsDeviceVolumeType],
+          };
+
+          if (volumeType == 'GP3'){
+              ebsConfig.throughput = dataVolume.throughput;
+          }
+
+          blockDevices.push({
+              deviceName: constants.VolumeDeviceNames[arrayIndex],
+              volume: autoscaling.BlockDeviceVolume.ebs(dataVolume.sizeGiB, ebsConfig)
+          })
       }
    });
 

lib/fantom/test/ha-nodes-stack.test.ts

@@ -173,9 +173,9 @@ describe("FantomHANodesStack", () => {
       {
         "CidrIp": "1.2.3.4/5",
         "Description": "Blockchain Node RPC",
-        "FromPort": 8545,
+        "FromPort": 18545,
         "IpProtocol": "tcp",
-        "ToPort": 8545
+        "ToPort": 18545
       }
       ],
       VpcId: Match.anyValue(),
@@ -221,7 +221,7 @@ describe("FantomHANodesStack", () => {
         }
        ],
        LoadBalancerArn: Match.anyValue(),
-       Port: 8545,
+       Port: 18545,
        Protocol: "HTTP"
     })
 
@@ -230,12 +230,12 @@ describe("FantomHANodesStack", () => {
       HealthCheckEnabled: true,
       HealthCheckIntervalSeconds: 30,
       HealthCheckPath: "/",
-      HealthCheckPort: "8545",
+      HealthCheckPort: "18545",
       HealthyThresholdCount: 3,
       Matcher: {
       HttpCode: "200-299"
       },
-      Port: 8545,
+      Port: 18545,
       Protocol: "HTTP",
       TargetGroupAttributes: [
       {

lib/solana/lib/assets/instance/storage/setup.sh

@@ -32,7 +32,8 @@ get_all_empty_nvme_disks () {
   local unmounted_nvme_disks=()
   local sorted_unmounted_nvme_disks
 
-  all_not_mounted_nvme_disks=$(lsblk -lnb | awk '{if ($7=="") {print $1}}' | grep nvme)
+  #The disk will only be mounted when the nvme disk is larger than 100GB to avoid storing blockchain node data directly on the root EBS disk (which is 46GB by default)
+  all_not_mounted_nvme_disks=$(lsblk -lnb | awk '{if ($7 == "" && $4 > 100000000) {print $1}}' | grep nvme)
   all_mounted_nvme_partitions=$(mount | awk '{print $1}' | grep /dev/nvme)
   for disk in ${all_not_mounted_nvme_disks[*]}; do
     if [[ ! "${all_mounted_nvme_partitions[*]}" =~ $disk ]]; then

lib/solana/lib/assets/user-data-ubuntu.sh

@@ -31,22 +31,18 @@ INSTANCE_ID=$(curl -H "X-aws-ec2-metadata-token: $TOKEN" -s http://169.254.169.2
 apt-get -yqq update
 apt-get -yqq install jq unzip python3-pip chrony
 
+ARCH=$(uname -m)
+
 if [ "$ARCH" == "x86_64" ]; then
   CW_AGENT_BINARY_URI=https://s3.amazonaws.com/amazoncloudwatch-agent/ubuntu/amd64/latest/amazon-cloudwatch-agent.deb
-  AWS_CLI_BINARY_URI=https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip
 else
   CW_AGENT_BINARY_URI=https://s3.amazonaws.com/amazoncloudwatch-agent/ubuntu/arm64/latest/amazon-cloudwatch-agent.deb
-  AWS_CLI_BINARY_URI=https://awscli.amazonaws.com/awscli-exe-linux-aarch64.zip
 fi
 
 cd /opt || exit 1
 
-ARCH=$(uname -m)
-
 echo "Intalling AWS CLI"
-curl "$AWS_CLI_BINARY_URI" -o "awscliv2.zip"
-unzip awscliv2.zip
-/opt/aws/install
+snap install aws-cli --classic
 
 echo "Downloading assets zip file"
 aws s3 cp $ASSETS_S3_PATH ./assets.zip --region $AWS_REGION

lib/stacks/sample-configs/.env-sample-follower

@@ -34,8 +34,8 @@ STACKS_NETWORK="mainnet"                                      # Network onto whi
 
 # # Storage configuration
 # STACKS_DATA_VOL_SIZE=512                                    # Volume size in GB for node data storage
-# STACKS_DATA_VOL_TYPE="gp3"                                  # EBS volume type. Example: "gp2", "io1" for high-performance needs
-# STACKS_DATA_VOL_IOPS=12000                                  # IOPS for "io1" volume type. IMPORTANT: Adjust based on performance needs
+# STACKS_DATA_VOL_TYPE="gp3"                                  # EBS volume type. Example: "gp2", "io2" for high-performance needs
+# STACKS_DATA_VOL_IOPS=12000                                  # IOPS for "io2" volume type. IMPORTANT: Adjust based on performance needs
 # STACKS_DATA_VOL_THROUGHPUT=700                              # Throughput in MB/s for "gp3" volume type. Check compatibility with chosen volume type
 
 # # High Availability (HA) configuration

lib/stacks/test/.env-test

@@ -32,9 +32,9 @@ STACKS_MINER_SECRET_ARN="none"                              # Optional. ARN for
 
 # Storage configuration
 STACKS_DATA_VOL_SIZE=128                                    # Volume size in GB for node data storage
-STACKS_DATA_VOL_TYPE="io1"                                  # EBS volume type. Example: "gp2", "io1" for high-performance needs
-STACKS_DATA_VOL_IOPS=500                                    # IOPS for "io1" volume type. IMPORTANT: Adjust based on performance needs
-STACKS_DATA_VOL_THROUGHPUT=600                              # Throughput in MB/s for "gp3" volume type. Check compatibility with chosen volume type
+STACKS_DATA_VOL_TYPE="gp3"                                  # EBS volume type. Example: "gp2", "io2" for high-performance needs
+STACKS_DATA_VOL_IOPS=12000                                  # IOPS for "io2" volume type. IMPORTANT: Adjust based on performance needs
+STACKS_DATA_VOL_THROUGHPUT=700                               # Throughput in MB/s for "gp3" volume type. Check compatibility with chosen volume type
 
 # High Availability (HA) configuration
 STACKS_HA_ALB_HEALTHCHECK_GRACE_PERIOD_MIN=75               # Grace period in minutes for ALB health checks

lib/stacks/test/ha-nodes-stack.test.ts

@@ -98,7 +98,6 @@ describe("StacksHANodesStack", () => {
             "DeleteOnTermination": true,
             "Encrypted": true,
             "Iops": TEST_STACKS_DATA_VOL_IOPS,
-            "Throughput": TEST_STACKS_DATA_VOL_THROUGHPUT,
             "VolumeSize": TEST_STACKS_DATA_VOL_SIZE,
             "VolumeType": TEST_STACKS_DATA_VOL_TYPE
            }

lib/stacks/test/test-constants.ts

@@ -16,9 +16,9 @@ export const TEST_BITCOIN_P2P_PORT: number = 1234
 export const TEST_STACKS_SIGNER_SECRET_ARN: string = "none"
 export const TEST_STACKS_MINER_SECRET_ARN: string = "none"
 export const TEST_STACKS_DATA_VOL_SIZE: number = 128
-export const TEST_STACKS_DATA_VOL_TYPE: string = "io1"
-export const TEST_STACKS_DATA_VOL_IOPS: number = 500
-export const TEST_STACKS_DATA_VOL_THROUGHPUT: number = 600
+export const TEST_STACKS_DATA_VOL_TYPE: string = "gp3"
+export const TEST_STACKS_DATA_VOL_IOPS: number = 12000
+export const TEST_STACKS_DATA_VOL_THROUGHPUT: number = 700
 export const TEST_STACKS_HA_ALB_HEALTHCHECK_GRACE_PERIOD_MIN: number = 75
 export const TEST_STACKS_HA_NODES_HEARTBEAT_DELAY_MIN: number = 12
 export const TEST_STACKS_HA_NUMBER_OF_NODES: number = 3

lib/sui/app.ts

@@ -3,7 +3,7 @@ import "dotenv/config"
 import "source-map-support/register";
 import * as cdk from "aws-cdk-lib";
 import * as nag from "cdk-nag";
-import * as config from "./lib/config/suiConfig";
+import * as config from "./lib/config/node-config";
 import {SuiCommonStack} from "./lib/common-stack";
 import {SuiSingleNodeStack} from "./lib/single-node-stack";
 

lib/sui/lib/config/suiConfig.ts → lib/sui/lib/config/node-config.ts

@@ -1,5 +1,5 @@
 import * as ec2 from "aws-cdk-lib/aws-ec2";
-import * as configTypes from "./suiConfig.interface";
+import * as configTypes from "./node-config.interface";
 import * as constants from "../../../constructs/constants";
 
 

lib/sui/lib/constructs/sui-node-security-group.ts

@@ -27,7 +27,6 @@ export class SuiNodeSecurityGroupConstruct extends cdkConstructs.Construct {
     sg.addIngressRule(ec2.Peer.anyIpv4(), ec2.Port.udp(8084), "Sui P2P");
     sg.addIngressRule(ec2.Peer.anyIpv4(), ec2.Port.tcp(9184), "Sui Metrics");
     sg.addIngressRule(ec2.Peer.ipv4(vpc.vpcCidrBlock), ec2.Port.tcp(9000), "JSON-RPC");
-    sg.addIngressRule(ec2.Peer.ipv4(vpc.vpcCidrBlock), ec2.Port.tcp(22), "SSH");
 
     this.securityGroup = sg
 

lib/sui/lib/single-node-stack.ts

@@ -9,7 +9,7 @@ import * as nodeCwDashboard from "./constructs/node-cw-dashboard"
 import * as cw from 'aws-cdk-lib/aws-cloudwatch';
 import * as nag from "cdk-nag";
 import { SingleNodeConstruct } from "../../constructs/single-node"
-import * as configTypes from "./config/suiConfig.interface";
+import * as configTypes from "./config/node-config.interface";
 import * as constants from "../../constructs/constants";
 import { SuiNodeSecurityGroupConstruct } from "./constructs/sui-node-security-group";
 
@@ -113,7 +113,7 @@ export class SuiSingleNodeStack extends cdk.Stack {
         })
 
         new cw.CfnDashboard(this, 'sui-cw-dashboard', {
-            dashboardName: STACK_NAME,
+            dashboardName: `${STACK_NAME}-${node.instanceId}`,
             dashboardBody: dashboardString,
         });
 

lib/sui/test/.env-test

@@ -1,19 +1,16 @@
 #############################################################
-# Example configuration for Starknet nodes runner app on AWS  #
+# Example configuration for Sui Node Runner app on AWS  #
 #############################################################
-
 ## Set the AWS account is and region for your environment ##
-AWS_ACCOUNT_ID="xxxxxxxxxxx"
-AWS_REGION="us-east-1"                          # Regions supported by Amazon Managed Blockchain Access Ethereum: https://docs.aws.amazon.com/general/latest/gr/managedblockchain.html#managedblockchain-access
+AWS_ACCOUNT_ID="xxxxxxxx"
+AWS_REGION="us-east-1"                     # your region of choice
 
-## Common configuration parameters ##
-STARKNET_L1_ENDPOINT="wss://ethereum-rpc.publicnode.com"
-STARKNET_NETWORK_ID="mainnet"               # All options:  "mainnet", "sepolia", "sepolia-integration"
-STARKNET_NODE_VERSION="v0.11.7"                  # Current required version of Starknet
+## Common configuration parameters #
+SUI_NETWORK_ID="testnet"                   # All options: "mainnet", "testnet" , "devnet"
+SUI_INSTANCE_TYPE="m6i.4xlarge"
 
-STARKNET_INSTANCE_TYPE="m6a.2xlarge"
 # Data volume configuration
-STARKNET_DATA_VOL_TYPE="gp3"                # Other options: "io1" | "io2" | "gp3" | "instance-store" . IMPORTANT: Use "instance-store" option only with instance types that support that feature, like popular for node im4gn, d3, i3en, and i4i instance families
-STARKNET_DATA_VOL_SIZE="250"                # Current required data size to keep both smapshot archive and unarchived version of it
-STARKNET_DATA_VOL_IOPS="3000"               # Max IOPS for EBS volumes (not applicable for "instance-store")
-STARKNET_DATA_VOL_THROUGHPUT="700"          # Max throughput for EBS gp3 volumes (not applicable for "io1" | "io2" | "instance-store")
+SUI_DATA_VOL_TYPE="gp3"                    # Other options: "io1" | "io2" | "gp3"
+SUI_DATA_VOL_SIZE="4000"                   # Current required data size to keep both snapshot archive and unarchived version of it
+SUI_DATA_VOL_IOPS="3000"                   # Max IOPS for EBS volumes
+SUI_DATA_VOL_THROUGHPUT="700"              # Max throughput for EBS gp3 volumes (not applicable for "io1" | "io2")

lib/sui/test/common-stack.test.ts

@@ -0,0 +1,63 @@
+import { Match, Template } from "aws-cdk-lib/assertions";
+import * as cdk from "aws-cdk-lib";
+import * as dotenv from 'dotenv';
+dotenv.config({ path: './test/.env-test' });
+import * as config from "../lib/config/node-config";
+import { SuiCommonStack } from "../lib/common-stack";
+
+describe("SuiCommonStack", () => {
+  test("synthesizes the way we expect", () => {
+    const app = new cdk.App();
+
+    // Create the SuiCommonStack.
+    const suiCommonStack = new SuiCommonStack(app, "sui-common", {
+        env: { account: config.baseConfig.accountId, region: config.baseConfig.region },
+        stackName: `sui-nodes-common`,
+    });
+
+    // Prepare the stack for assertions.
+    const template = Template.fromStack(suiCommonStack);
+
+    // Has EC2 instance role.
+    template.hasResourceProperties("AWS::IAM::Role", {
+      AssumeRolePolicyDocument: {
+        Statement: [
+         {
+          Action: "sts:AssumeRole",
+          Effect: "Allow",
+          Principal: {
+           Service: "ec2.amazonaws.com"
+          }
+         }
+        ]
+       },
+       ManagedPolicyArns: [
+        {
+         "Fn::Join": [
+          "",
+          [
+           "arn:",
+           {
+            Ref: "AWS::Partition"
+           },
+           ":iam::aws:policy/AmazonSSMManagedInstanceCore"
+          ]
+         ]
+        },
+        {
+         "Fn::Join": [
+          "",
+          [
+           "arn:",
+           {
+            "Ref": "AWS::Partition"
+           },
+           ":iam::aws:policy/CloudWatchAgentServerPolicy"
+          ]
+         ]
+        }
+       ]
+    })
+
+ });
+});