seb scripts to deploy scroll-sdk on prod

seb-scripts/Makefile-for-prod

@@ -0,0 +1,61 @@
+# bootstrap:
+# 		bash helm-bootstrap.sh
+# 		bash create-env-files.sh
+# 		cd charts/scroll-sdk && time docker run --rm -it -v .:/contracts/volume scrolltech/scroll-stack-contracts:gen-configs-v0.0.9
+
+# bootstrap:
+# 		helm pull ../charts/blockscout
+
+install-db:
+		helm upgrade -i postgresql oci://registry-1.docker.io/bitnamicharts/postgresql --version 15.5.0 --values values/postgres.yaml
+		helm upgrade -i postgresql-blockscout oci://registry-1.docker.io/bitnamicharts/postgresql --version 15.5.0 --values values/postgres-blockscout.yaml
+		helm upgrade -i postgresql-chain-monitor oci://registry-1.docker.io/bitnamicharts/postgresql --version 15.5.0 --values values/postgres-chain-monitor.yaml
+		helm upgrade -i postgresql-l1-explorer oci://registry-1.docker.io/bitnamicharts/postgresql --version 15.5.0 --values values/postgres-l1-explorer.yaml
+		helm upgrade -i postgresql-rollup oci://registry-1.docker.io/bitnamicharts/postgresql --version 15.5.0 --values values/postgres-rollup.yaml
+install:
+		helm upgrade -i scroll-common scroll-common
+		helm upgrade -i l2-sequencer l2-sequencer --values l2-sequencer/values/production.yaml
+		helm upgrade -i coordinator-api coordinator-api --values coordinator-api/values/production.yaml
+		helm upgrade -i balance-checker balance-checker --values balance-checker/values/production.yaml
+		helm upgrade -i blockscout blockscout --values blockscout/values/production.yaml
+		helm upgrade -i bridge-history-api bridge-history-api --values bridge-history-api/values/production.yaml
+		helm upgrade -i bridge-history-fetcher bridge-history-fetcher --values bridge-history-fetcher/values/production.yaml
+		helm upgrade -i chain-monitor chain-monitor --values chain-monitor/values/production.yaml
+		helm upgrade -i coordinator-cron coordinator-cron --values coordinator-cron/values/production.yaml
+		helm upgrade -i frontends frontends --values frontends/values/production.yaml
+		helm upgrade -i gas-oracle gas-oracle --values gas-oracle/values/production.yaml
+		helm upgrade -i l2-bootnode l2-bootnode --values l2-bootnode/values/production.yaml
+		helm upgrade -i l2-rpc l2-rpc --values l2-rpc/values/production.yaml
+		helm upgrade -i rollup-explorer-backend rollup-explorer-backend --values rollup-explorer-backend/values/production.yaml
+		helm upgrade -i rollup-node rollup-node --values rollup-node/values/production.yaml
+		helm upgrade -i contracts contracts --values contracts/values/production.yaml
+
+init-db:
+		./init-db.sh localhost 12345 postgres azerty12345 scroll chain_monitor test1234
+		./init-db.sh localhost 6789 postgres azerty12345 scroll rollup_node test1234
+		./init-db.sh localhost 12344 postgres qwerty12345 scroll bridge_history_user test1234
+
+delete:
+		helm delete balance-checker
+		helm delete blockscout
+		helm delete bridge-history-api
+		helm delete bridge-history-fetcher
+		helm delete chain-monitor
+		helm delete coordinator-api
+		helm delete coordinator-cron
+		helm delete frontends
+		helm delete gas-oracle
+		helm delete l2-bootnode
+		helm delete l2-rpc
+		helm delete l2-sequencer
+		helm delete rollup-explorer-backend
+		helm delete rollup-node
+		helm delete rpc-gateway
+		helm delete scroll-common
+
+delete-db:
+		helm delete postgresql
+		helm delete postgresql-blockscout
+		helm delete postgresql-chain-monitor
+		helm delete postgresql-l1-explorer
+		helm delete postgresql-rollup

seb-scripts/init-db.sh

@@ -0,0 +1,44 @@
+#!/bin/bash
+# Define database name
+PG_HOST=$1
+PG_PORT=$2
+PG_USER=$3
+export PGPASSWORD=$4
+POSTGRES_DB=$5
+DB_NAME="$POSTGRES_DB"
+DB_USER=$6
+DB_PASSWORD=$7
+
+
+# Check if the database exists
+DB_EXISTS=$(psql -h "$PG_HOST" -p "$PG_PORT" -U "$PG_USER" -lqt | cut -d \| -f 1 | grep -qw "$DB_NAME" && echo "true" || echo "false")
+
+# If the database does not exist, create it
+if [ "$DB_EXISTS" == "false" ]; then
+  echo "Creating database $DB_NAME..."
+  createdb -h $PG_HOST -p $PG_PORT -U $PG_USER $DB_NAME
+  echo "Database $DB_NAME created successfully."
+else
+  echo "Database $DB_NAME already exists."
+fi
+
+# Check if the user exists
+USER_EXISTS=$(psql -h $PG_HOST -p $PG_PORT -U $PG_USER -tAc "SELECT 1 FROM pg_roles WHERE rolname='$DB_USER'" | grep -q 1 && echo "true" || echo "false")
+
+# If the user does not exist, create it
+if [ "$USER_EXISTS" == "false" ]; then
+echo "Creating user $DB_USER..."
+psql -h $PG_HOST -p $PG_PORT -U $PG_USER -c "CREATE USER \"$DB_USER\" WITH PASSWORD '$DB_PASSWORD';"
+echo "User $DB_USER created successfully."
+else
+echo "User $DB_USER already exists."
+fi
+
+# Add permission
+psql -h $PG_HOST -p $PG_PORT -U $PG_USER -d $POSTGRES_DB -c "grant connect, create on database $POSTGRES_DB to $DB_USER;"
+psql -h $PG_HOST -p $PG_PORT -U $PG_USER -d $POSTGRES_DB -c "grant all privileges on schema public to $DB_USER;"
+psql -h $PG_HOST -p $PG_PORT -U $PG_USER -d $POSTGRES_DB -c "grant usage, select, update, insert on all tables in schema public to $DB_USER;"
+psql -h $PG_HOST -p $PG_PORT -U $PG_USER -d $POSTGRES_DB -c "GRANT CREATE ON SCHEMA public TO $DB_USER;"
+psql -h $PG_HOST -p $PG_PORT -U $PG_USER -d $POSTGRES_DB -c "alter default privileges in schema public grant select, update, insert on tables to $DB_USER;"
+psql -h $PG_HOST -p $PG_PORT -U $PG_USER -d $POSTGRES_DB -c "grant usage, select on all sequences in schema public to $DB_USER;"
+psql -h $PG_HOST -p $PG_PORT -U $PG_USER -d $POSTGRES_DB -c "alter default privileges in schema public grant usage, select on sequences to $DB_USER;"

seb-scripts/move-and populate-config-files.sh

@@ -0,0 +1,33 @@
+#!/bin/bash
+
+# Define the source directory if the files are located in a specific directory, else use the current directory.
+SOURCE_DIR="."
+
+# Function to copy a file if it exists
+copy_file_if_exists() {
+    local file_name="$1"
+    local target_dir="$2"
+
+    if [[ -f "$SOURCE_DIR/$file_name" ]]; then
+        cp "$SOURCE_DIR/$file_name" "$target_dir"
+        echo "Copied $file_name to $target_dir"
+    else
+        echo "File $file_name does not exist, skipping."
+    fi
+}
+
+# Copy files to their respective directories
+copy_file_if_exists "balance-checker-config.json" "./balance-checker/configs/"
+copy_file_if_exists "bridge-history-config.json" "./bridge-history-api/configs/"
+copy_file_if_exists "bridge-history-config.json" "./bridge-history-fetcher/configs/"
+copy_file_if_exists "chain-monitor-config.json" "./chain-monitor/configs/"
+copy_file_if_exists "coordinator-config.json" "./coordinator-api/configs/"
+copy_file_if_exists "coordinator-config.json" "./coordinator-cron/configs/"
+copy_file_if_exists "frontend-config" "./frontends/configs/"
+copy_file_if_exists "genesis.json" "./scroll-common/configs/"
+copy_file_if_exists "rollup-config.json" "./gas-oracle/configs/"
+copy_file_if_exists "rollup-config.json" "./rollup-node/configs/"
+copy_file_if_exists "rollup-explorer-backend-config.json" "./rollup-explorer-backend/configs/"
+
+# Print a final message
+echo "File copy operation completed."

seb-scripts/push-config-to-aws-secret.sh

@@ -0,0 +1,75 @@
+#!/bin/bash
+
+# Check if region parameter was provided
+if [ $# -eq 0 ]; then
+  echo "Usage: $0 us-east-1"
+  echo "Please provide the aws region."
+  exit 1
+fi
+
+region=$1
+
+# Function to convert env files to json
+convert_to_json() {
+  local file="$1"
+  local json_content="{"
+  while IFS= read -r line; do
+    if [[ -n "$line" ]]; then
+      key=$(echo "$line" | cut -d':' -f1 | xargs)
+      value=$(echo "$line" | cut -d':' -f2- | xargs | sed 's/^"//' | sed 's/"$//')
+      json_content+="\"$key\":\"$value\","
+    fi
+  done < "$file"
+  json_content="${json_content%,}}"
+  echo "$json_content"
+}
+
+# Function to push file content to AWS Secrets Manager
+push_to_aws_secret() {
+  local file_content="$1"
+  local secret_name="$2"
+
+  # Push the content to AWS Secrets Manager
+  aws secretsmanager create-secret --name "scroll/$secret_name" --secret-string "$file_content" --region $region > /dev/null 2>&1
+
+  # Check if the command was successful
+  if [[ $? -eq 0 ]]; then
+    echo "Successfully pushed content of $file_path to AWS Secret $secret_name."
+  else
+    echo "Failed to push content of $file_path to AWS Secret $secret_name."
+  fi
+}
+
+# List all .json files in the secret directory
+json_files=$(cd secrets && ls *.json 2> /dev/null)
+
+# Check if there are any .json files
+if [[ -z "$json_files" ]]; then
+  echo "No .json files found in the secrets directory."
+  exit 1
+fi
+
+# Iterate over each JSON file and push its content to AWS Secrets Manager
+for file in $json_files; do
+  # Extract the base name of the file without the extension to use as the secret name
+  secret_name=$(basename "$file" .json)
+  # Read the content of the file
+  file_content=$(cat "secrets/$file")
+  # Call the function to push the content to AWS Secrets Manager
+  push_to_aws_secret "$file_content" "$secret_name"
+done
+
+# List all .secret.env files
+env_files=$(ls secrets/*.env 2> /dev/null)
+
+# Iterate over each ENV file and push its content to AWS Secrets Manager
+for file in $env_files; do
+  # Transform .env files into a json
+  json_file=$(convert_to_json $file)
+  # Extract the base name of the file without the extension to use as the secret name
+  secret_name=$(basename "$file" .env)
+  secret_name="$secret_name-env"
+
+  # Call the function to push the content to AWS Secrets Manager
+  push_to_aws_secret "$json_file" "$secret_name"
+done