0xPolygon · leovct · Jan 20, 2025 · Jan 20, 2025 · Jan 21, 2025 · Jan 21, 2025
@@ -0,0 +1,48 @@
+# Workflow for automatically building and pushing the config image to the Antithesis registry.
+name: Antithesis Docker Image Builder
+
+on:
+  pull_request:
+  workflow_dispatch:
+
+env:
+  ANTITHESIS_REGISTRY: us-central1-docker.pkg.dev
+  ANTITHESIS_REPOSITORY: molten-verve-216720/polygon-repository
+
+concurrency:
+  group: antithesis-build-and-push-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: docker/login-action@v3
+        with:
+          registry: ${{ env.ANTITHESIS_REGISTRY }}
+          username: _json_key
+          password: ${{ secrets.ANTITHESIS_JSON_LOGIN_KEY }}
+        # This step will only execute if the necessary secrets are available, preventing failures
+        # on pull requests from forked repositories.
+        if: ${{ env.ANTITHESIS_JSON_LOGIN_KEY }}
+        env:
+          ANTITHESIS_JSON_LOGIN_KEY: ${{ secrets.ANTITHESIS_JSON_LOGIN_KEY }}
+
+      - name: Build and push config image
+        uses: docker/build-push-action@v6
+        with:
+          context: docker
+          file: docker/antithesis.Dockerfile
+          push: true
+          tags: |
+            ${{ env.ANTITHESIS_REGISTRY }}/${{ env.ANTITHESIS_REPOSITORY}}/config:antithesis-latest,
+            ${{ env.ANTITHESIS_REGISTRY }}/${{ env.ANTITHESIS_REPOSITORY}}/config:${{ github.sha }}
+        # This step will only execute if the necessary secrets are available, preventing failures
+        # on pull requests from forked repositories.
+        if: ${{ env.ANTITHESIS_JSON_LOGIN_KEY }}
+        env:
+          ANTITHESIS_JSON_LOGIN_KEY: ${{ secrets.ANTITHESIS_JSON_LOGIN_KEY }}
@@ -7,7 +7,7 @@ on:
   pull_request:
   push:
     branches:
-      - '**'
+      - "**"
 
 concurrency:
   group: deploy-${{ github.event.pull_request.number || github.ref }}
@@ -409,9 +409,9 @@ jobs:
 
       - name: Install polycli
         run: |
-          tmp_dir=$(mktemp -d) 
-          curl -L "https://github.com/0xPolygon/polygon-cli/releases/download/${{ env.POLYCLI_VERSION }}/polycli_${{ env.POLYCLI_VERSION }}_linux_amd64.tar.gz" | tar -xz -C "$tmp_dir" 
-          mv "$tmp_dir"/* /usr/local/bin/polycli 
+          tmp_dir=$(mktemp -d)
+          curl -L "https://github.com/0xPolygon/polygon-cli/releases/download/${{ env.POLYCLI_VERSION }}/polycli_${{ env.POLYCLI_VERSION }}_linux_amd64.tar.gz" | tar -xz -C "$tmp_dir"
+          mv "$tmp_dir"/* /usr/local/bin/polycli
           rm -rf "$tmp_dir"
           sudo chmod +x /usr/local/bin/polycli
           /usr/local/bin/polycli version
@@ -426,7 +426,7 @@ jobs:
         # This step will only execute if the necessary secrets are available, preventing failures
         # on pull requests from forked repositories.
         if: ${{ env.agglayer_prover_sp1_key && env.agglayer_prover_sp1_key != '' }}
-        env :
+        env:
           agglayer_prover_sp1_key: ${{ secrets.SP1_PRIVATE_KEY }}
 
       - name: Deploy L1 chain and a first CDK L2 chain (cdk-erigon sequencer + cdk stack)
@@ -577,7 +577,7 @@ jobs:
           fi
         env:
           agglayer_prover_sp1_key: ${{ secrets.SP1_PRIVATE_KEY }}
-          
+
       - name: Dump enclave
         if: ${{ !cancelled() }}
         run: kurtosis enclave dump ${{ env.ENCLAVE_NAME }} ./dump

@@ -21,7 +21,7 @@ jobs:
   zkevm-contracts:
     runs-on: ubuntu-latest
     timeout-minutes: 30
-    steps:      
+    steps:
       - uses: actions/checkout@v4
       - uses: docker/setup-buildx-action@v3
       - uses: docker/login-action@v3

@@ -5,6 +5,12 @@ on:
   schedule:
     - cron: 0 6 * * * # Run this workflow every day at 6 AM Paris time (UTC+2).
   workflow_dispatch:
+    inputs:
+      param_file:
+        description: This parameter file will be used when running Antithesis tests
+        required: false
+        type: string
+        default: .github/tests/fork13-new-cdk-stack-cdk-validium.yml
 
 concurrency:
   group: nightly-${{ github.event.pull_request.number || github.ref }}
@@ -13,7 +19,58 @@ concurrency:
 env:
   ENCLAVE_NAME: cdk
 
+  # Antithesis parameters.
+  ANTITHESIS_REGISTRY: us-central1-docker.pkg.dev
+  ANTITHESIS_REPOSITORY: molten-verve-216720/polygon-repository
+  ANTITHESIS_TENANT: polygon
+  ANTITHESIS_NOTEBOOK: polygon
+
+  # This parameter file will be used when running Antithesis tests using the nightly schedule.
+  DEFAULT_ANTITHESIS_PARAM_FILE: .github/tests/fork13-new-cdk-stack-cdk-validium.yml
+
 jobs:
+  # Trigger Antithesis tests.
+  # Note that the configuration docker image must have been pushed into the Antithesis registry.
+  antithesis:
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set the parameter file to be used in Antithesis tests
+        run: echo "PARAM_FILE=${{ github.event_name == 'workflow_dispatch' && inputs.param_file || env.DEFAULT_ANTITHESIS_PARAM_FILE }}" >> $GITHUB_ENV
+
+      - name: Trigger Antithesis tests
+        uses: antithesishq/antithesis-trigger-action@main
+        with:
+          username: ${{ secrets.ANTITHESIS_USERNAME }}
+          password: ${{ secrets.ANTITHESIS_PASSWORD }}
+          github_token: ${{ secrets.ANTITHESIS_PAT }}
+
+          tenant: ${{ env.ANTITHESIS_TENANT }}
+          notebook_name: ${{ env.ANTITHESIS_NOTEBOOK }}
+          test_name: cdk
+
+          config_image: ${{ env.ANTITHESIS_REGISTRY }}/${{ env.ANTITHESIS_REPOSITORY}}/config:antithesis-latest
+          description: Kurtosis CDK tests
+          email_recipients: ${{ secrets.ANTITHESIS_EMAIL_RECIPIENTS }} # this is a ";" delimited list (e.g. "[email protected];[email protected]").
+          additional_parameters: |-
+            custom.configuration=${{ env.PARAM_FILE }}
+            custom.duration="1.0" # in hours (min 0.5 hours)
+
+        # This step will only execute if the necessary secrets are available, preventing failures
+        # on pull requests from forked repositories.
+        if: ${{ env.ANTITHESIS_USERNAME && env.ANTITHESIS_PASSWORD && env.ANTITHESIS_PAT && env.ANTITHESIS_EMAIL_RECIPIENTS }}
+        env:
+          ANTITHESIS_USERNAME: ${{ secrets.ANTITHESIS_USERNAME }}
+          ANTITHESIS_PASSWORD: ${{ secrets.ANTITHESIS_PASSWORD }}
+          ANTITHESIS_PAT: ${{ secrets.ANTITHESIS_PAT }}
+          ANTITHESIS_EMAIL_RECIPIENTS: ${{ secrets.ANTITHESIS_EMAIL_RECIPIENTS }}
+
   # Deploy a standalone zkevm permisionless node against Cardona Sepolia Tesnet.
   cardona-sepolia-testnet-pless-zkevm-node:
     runs-on: ubuntu-latest

@@ -22,32 +22,32 @@ jobs:
     runs-on: ubuntu-latest
     timeout-minutes: 10
     steps:
-    - uses: actions/checkout@v4
+      - uses: actions/checkout@v4
 
-    - name: Checkout cdk repository
-      uses: actions/checkout@v4
-      with:
-        repository: 0xPolygon/cdk
-        path: cdk
-        ref: ${{ env.CDK_VERSION }}
+      - name: Checkout cdk repository
+        uses: actions/checkout@v4
+        with:
+          repository: 0xPolygon/cdk
+          path: cdk
+          ref: ${{ env.CDK_VERSION }}
 
-    - uses: actions/setup-go@v5
-      with:
-        go-version: 1.22.x
-        cache-dependency-path: cdk/go.sum
+      - uses: actions/setup-go@v5
+        with:
+          go-version: 1.22.x
+          cache-dependency-path: cdk/go.sum
 
-    - name: Build cdk docker image
-      working-directory: cdk
-      run: make build-docker
+      - name: Build cdk docker image
+        working-directory: cdk
+        run: make build-docker
 
-    - name: Save cdk image to archive
-      run: docker save --output /tmp/cdk.tar cdk
+      - name: Save cdk image to archive
+        run: docker save --output /tmp/cdk.tar cdk
 
-    - name: Upload archive
-      uses: actions/upload-artifact@v4
-      with:
-        name: cdk
-        path: /tmp/cdk.tar
+      - name: Upload archive
+        uses: actions/upload-artifact@v4
+        with:
+          name: cdk
+          path: /tmp/cdk.tar
 
   cdk-e2e-tests:
     if: false
@@ -64,79 +64,79 @@ jobs:
           - "fork12-rollup"
           - "fork12-pessimistic"
     steps:
-    - uses: actions/checkout@v4
-
-    - name: Login to Docker Hub
-      uses: docker/login-action@v3
-      with:
-        username: ${{ secrets.DOCKERHUB_USERNAME }}
-        password: ${{ secrets.DOCKERHUB_TOKEN }}
-      # This step will only execute if the necessary secrets are available, preventing failures
-      # on pull requests from forked repositories.
-      if: ${{ env.DOCKERHUB_USERNAME && env.DOCKERHUB_TOKEN }}
-      env:
-        DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
-        DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
-
-    - name: Install Kurtosis CDK tools
-      uses: ./.github/actions/setup-kurtosis-cdk
-
-    - name: Install polycli
-      run: |
-        tmp_dir=$(mktemp -d)
-        curl -L "https://github.com/0xPolygon/polygon-cli/releases/download/${{ env.POLYCLI_VERSION }}/polycli_${{ env.POLYCLI_VERSION }}_linux_amd64.tar.gz" | tar -xz -C "$tmp_dir"
-        mv "$tmp_dir"/* /usr/local/bin/polycli
-        rm -rf "$tmp_dir"
-        sudo chmod +x /usr/local/bin/polycli
-        /usr/local/bin/polycli version
-
-    - name: Checkout cdk repository
-      uses: actions/checkout@v4
-      with:
-        repository: 0xPolygon/cdk
-        path: cdk
-        ref: ${{ env.CDK_VERSION }}
-
-    - name: Setup bats
-      uses: bats-core/[email protected]
-
-    - name: Download cdk archive
-      uses: actions/download-artifact@v4
-      with:
-        name: cdk
-        path: /tmp
-
-    - name: Load cdk image
-      run: |
-        docker load --input /tmp/cdk.tar
-        docker image ls -a
-
-    - name: Run e2e tests
-      working-directory: cdk/test
-      run: make test-e2e-${{ matrix.e2e-group }}
-      # Some of the test environments, the pessimistic envs, require the SP1 private key.
-      # This check makes sure that such environments will be tested only if the necessary secrets
-      # are available, preventing failures on pull requests from forked repositories.
-      if: ${{ !contains(matrix.e2e-group, 'pessimistic') || (contains(matrix.e2e-group, 'pessimistic') && env.agglayer_prover_sp1_key) }}
-      env:
-        KURTOSIS_FOLDER: ${{ github.workspace }}
-        BATS_LIB_PATH: /usr/lib/
-        agglayer_prover_sp1_key: ${{ secrets.SP1_PRIVATE_KEY }}
-
-    - name: Dump enclave
-      if: failure()
-      run: kurtosis enclave dump cdk ./dump
-
-    - name: Generate archive name
-      if: failure()
-      run: |
-        archive_name="dump_cdk_e2e_test_${{matrix.e2e-group}}_${{ github.run_id }}"
-        echo "ARCHIVE_NAME=${archive_name}" >> "$GITHUB_ENV"
-        echo "Generated archive name: ${archive_name}"
-
-    - name: Upload logs
-      if: failure()
-      uses: actions/upload-artifact@v4
-      with:
-        name: ${{ env.ARCHIVE_NAME }}
-        path: ./dump
+      - uses: actions/checkout@v4
+
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+        # This step will only execute if the necessary secrets are available, preventing failures
+        # on pull requests from forked repositories.
+        if: ${{ env.DOCKERHUB_USERNAME && env.DOCKERHUB_TOKEN }}
+        env:
+          DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
+          DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      - name: Install Kurtosis CDK tools
+        uses: ./.github/actions/setup-kurtosis-cdk
+
+      - name: Install polycli
+        run: |
+          tmp_dir=$(mktemp -d)
+          curl -L "https://github.com/0xPolygon/polygon-cli/releases/download/${{ env.POLYCLI_VERSION }}/polycli_${{ env.POLYCLI_VERSION }}_linux_amd64.tar.gz" | tar -xz -C "$tmp_dir"
+          mv "$tmp_dir"/* /usr/local/bin/polycli
+          rm -rf "$tmp_dir"
+          sudo chmod +x /usr/local/bin/polycli
+          /usr/local/bin/polycli version
+
+      - name: Checkout cdk repository
+        uses: actions/checkout@v4
+        with:
+          repository: 0xPolygon/cdk
+          path: cdk
+          ref: ${{ env.CDK_VERSION }}
+
+      - name: Setup bats
+        uses: bats-core/[email protected]
+
+      - name: Download cdk archive
+        uses: actions/download-artifact@v4
+        with:
+          name: cdk
+          path: /tmp
+
+      - name: Load cdk image
+        run: |
+          docker load --input /tmp/cdk.tar
+          docker image ls -a
+
+      - name: Run e2e tests
+        working-directory: cdk/test
+        run: make test-e2e-${{ matrix.e2e-group }}
+        # Some of the test environments, the pessimistic envs, require the SP1 private key.
+        # This check makes sure that such environments will be tested only if the necessary secrets
+        # are available, preventing failures on pull requests from forked repositories.
+        if: ${{ !contains(matrix.e2e-group, 'pessimistic') || (contains(matrix.e2e-group, 'pessimistic') && env.agglayer_prover_sp1_key) }}
+        env:
+          KURTOSIS_FOLDER: ${{ github.workspace }}
+          BATS_LIB_PATH: /usr/lib/
+          agglayer_prover_sp1_key: ${{ secrets.SP1_PRIVATE_KEY }}
+
+      - name: Dump enclave
+        if: failure()
+        run: kurtosis enclave dump cdk ./dump
+
+      - name: Generate archive name
+        if: failure()
+        run: |
+          archive_name="dump_cdk_e2e_test_${{matrix.e2e-group}}_${{ github.run_id }}"
+          echo "ARCHIVE_NAME=${archive_name}" >> "$GITHUB_ENV"
+          echo "Generated archive name: ${archive_name}"
+
+      - name: Upload logs
+        if: failure()
+        uses: actions/upload-artifact@v4
+        with:
+          name: ${{ env.ARCHIVE_NAME }}
+          path: ./dump
@@ -135,3 +135,9 @@ $ docker images --filter "reference=local/toolbox"
 REPOSITORY       TAG    IMAGE ID       CREATED         SIZE
 local/toolbox   local   3f85f026aaf9   2 seconds ago   490MB
 ```
+
+### Antithesis
+
+```bash
+docker build --tag kurtosis-cdk-antithesis --file antithesis.Dockerfile .
+```