168 lines
5.5 KiB
Bash
168 lines
5.5 KiB
Bash
#!/usr/bin/env bash
|
|
# Load deployment .env and require common vars.
|
|
# Usage: source "$SCRIPT_DIR/lib/deployment/dotenv.sh"
|
|
# Optional: load_deployment_env [--repo-root <path>]
|
|
#
|
|
# Correct dotenv file (in order):
|
|
# 1. ENV_FILE if set and the file exists (e.g. export ENV_FILE=/path/to/.env)
|
|
# 2. PROJECT_ROOT/.env (repo root; PROJECT_ROOT = scripts/lib/deployment/../.. when unset)
|
|
# So: use repo-root .env by default; set ENV_FILE to use a different file.
|
|
|
|
_LIB_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
|
[[ -z "${PROJECT_ROOT:-}" ]] && PROJECT_ROOT="$(cd "$_LIB_DIR/../../.." && pwd)"
|
|
source "$_LIB_DIR/../forge-scope.sh"
|
|
|
|
_dep_dotenv_source() {
|
|
local f="$1"
|
|
[[ -f "$f" ]] || return 0
|
|
local had_nounset=0
|
|
if [[ $- == *u* ]]; then
|
|
had_nounset=1
|
|
set +u
|
|
fi
|
|
set -a
|
|
# shellcheck disable=SC1090
|
|
source "$f"
|
|
set +a
|
|
(( had_nounset )) && set -u
|
|
}
|
|
|
|
_dep_export_from_private_key() {
|
|
[[ -n "${DEPLOYER_ADDRESS:-}" || -z "${PRIVATE_KEY:-}" ]] && return 0
|
|
command -v cast >/dev/null 2>&1 || return 0
|
|
local deployer_addr
|
|
deployer_addr="$(cast wallet address "$PRIVATE_KEY" 2>/dev/null || true)"
|
|
[[ -n "$deployer_addr" ]] || return 0
|
|
export DEPLOYER_ADDRESS="$deployer_addr"
|
|
export DEPLOYER="${DEPLOYER:-$deployer_addr}"
|
|
}
|
|
|
|
normalize_private_key_env() {
|
|
[[ -n "${PRIVATE_KEY:-}" ]] || return 0
|
|
if [[ "${PRIVATE_KEY#0x}" == "$PRIVATE_KEY" ]]; then
|
|
export PRIVATE_KEY="0x$PRIVATE_KEY"
|
|
fi
|
|
}
|
|
|
|
require_private_key_env() {
|
|
local hint="${1:-Set PRIVATE_KEY in smom-dbis-138/.env, repo .env, or ~/.secure-secrets/private-keys.env.}"
|
|
normalize_private_key_env
|
|
if [[ -z "${PRIVATE_KEY:-}" ]]; then
|
|
echo "ERROR: PRIVATE_KEY not available. $hint" >&2
|
|
return 1
|
|
fi
|
|
return 0
|
|
}
|
|
|
|
derive_deployer_address() {
|
|
if [[ -n "${DEPLOYER_ADDRESS:-}" ]]; then
|
|
printf '%s\n' "$DEPLOYER_ADDRESS"
|
|
return 0
|
|
fi
|
|
normalize_private_key_env
|
|
if [[ -z "${PRIVATE_KEY:-}" ]]; then
|
|
return 1
|
|
fi
|
|
command -v cast >/dev/null 2>&1 || return 1
|
|
local deployer_addr
|
|
deployer_addr="$(cast wallet address "$PRIVATE_KEY" 2>/dev/null || true)"
|
|
[[ -n "$deployer_addr" ]] || return 1
|
|
export DEPLOYER_ADDRESS="$deployer_addr"
|
|
export DEPLOYER="${DEPLOYER:-$deployer_addr}"
|
|
printf '%s\n' "$deployer_addr"
|
|
}
|
|
|
|
require_deployer_address() {
|
|
local deployer_addr
|
|
require_private_key_env "${1:-Set PRIVATE_KEY in smom-dbis-138/.env, repo .env, or ~/.secure-secrets/private-keys.env.}" || return 1
|
|
deployer_addr="$(derive_deployer_address || true)"
|
|
if [[ -z "$deployer_addr" ]]; then
|
|
echo "ERROR: Could not derive DEPLOYER_ADDRESS from PRIVATE_KEY." >&2
|
|
return 1
|
|
fi
|
|
printf '%s\n' "$deployer_addr"
|
|
}
|
|
|
|
# Preferred .env: ENV_FILE if set and readable; else PROJECT_ROOT/.env (repo root).
|
|
load_deployment_env() {
|
|
local root="${PROJECT_ROOT}"
|
|
while [[ $# -gt 0 ]]; do
|
|
case "$1" in
|
|
--repo-root) root="$2"; shift 2 ;;
|
|
*) shift ;;
|
|
esac
|
|
done
|
|
export PROJECT_ROOT="$root"
|
|
local dotenv="${root}/.env"
|
|
[[ -n "${ENV_FILE:-}" && -f "${ENV_FILE}" ]] && dotenv="${ENV_FILE}"
|
|
_dep_dotenv_source "$dotenv"
|
|
if [[ -z "${ENV_FILE:-}" ]]; then
|
|
_dep_dotenv_source "${root}/smom-dbis-138/.env"
|
|
fi
|
|
local secure_secrets_file="${SECURE_SECRETS_FILE:-$HOME/.secure-secrets/private-keys.env}"
|
|
if [[ -f "$secure_secrets_file" ]]; then
|
|
local had_nounset_secure=0
|
|
if [[ $- == *u* ]]; then
|
|
had_nounset_secure=1
|
|
set +u
|
|
fi
|
|
set -a
|
|
# shellcheck disable=SC1090
|
|
source "$secure_secrets_file"
|
|
set +a
|
|
(( had_nounset_secure )) && set -u
|
|
fi
|
|
local keeper_secret_file="${KEEPER_SECRET_FILE:-$HOME/.secure-secrets/chain138-keeper.env}"
|
|
if [[ -z "${KEEPER_PRIVATE_KEY:-}" && -f "$keeper_secret_file" ]]; then
|
|
local had_nounset_keeper=0
|
|
if [[ $- == *u* ]]; then
|
|
had_nounset_keeper=1
|
|
set +u
|
|
fi
|
|
set -a
|
|
# shellcheck disable=SC1090
|
|
source "$keeper_secret_file"
|
|
set +a
|
|
(( had_nounset_keeper )) && set -u
|
|
fi
|
|
if [[ -z "${PRIVATE_KEY:-}" && -n "${DEPLOYER_PRIVATE_KEY:-}" ]]; then
|
|
export PRIVATE_KEY="$DEPLOYER_PRIVATE_KEY"
|
|
fi
|
|
normalize_private_key_env
|
|
_dep_export_from_private_key
|
|
export CHAIN_651940_RPC_URL="${CHAIN_651940_RPC_URL:-${ALL_MAINNET_RPC:-}}"
|
|
export CHAIN_651940_RPC="${CHAIN_651940_RPC:-${CHAIN_651940_RPC_URL:-${ALL_MAINNET_RPC:-}}}"
|
|
export ALLTRA_MAINNET_RPC="${ALLTRA_MAINNET_RPC:-${ALL_MAINNET_RPC:-${CHAIN_651940_RPC_URL:-${CHAIN_651940_RPC:-}}}}"
|
|
# Trailing CR/LF on RPC URL lines breaks cast/curl; strip common RPC vars after load.
|
|
local _k _v
|
|
for _k in RPC_URL_138 RPC_URL CHAIN138_RPC ETHEREUM_MAINNET_RPC GNOSIS_MAINNET_RPC GNOSIS_RPC \
|
|
CRONOS_RPC_URL CRONOS_RPC CELO_MAINNET_RPC CELO_RPC BSC_RPC_URL POLYGON_MAINNET_RPC \
|
|
BASE_MAINNET_RPC OPTIMISM_MAINNET_RPC ARBITRUM_MAINNET_RPC AVALANCHE_RPC_URL WEMIX_RPC WEMIX_MAINNET_RPC \
|
|
ALL_MAINNET_RPC ALLTRA_MAINNET_RPC CHAIN_651940_RPC CHAIN_651940_RPC_URL; do
|
|
_v="${!_k:-}"
|
|
[[ -z "$_v" ]] && continue
|
|
_v="${_v%$'\r'}"
|
|
_v="${_v%$'\n'}"
|
|
export "$_k=$_v"
|
|
done
|
|
}
|
|
|
|
# Require vars for mainnet LP funding (G4). Fails with message if missing.
|
|
require_fund_lp_env() {
|
|
load_deployment_env
|
|
: "${LIQUIDITY_POOL_ETH_MAINNET:=${LIQUIDITY_POOL:-}}"
|
|
if [[ -z "${LIQUIDITY_POOL_ETH_MAINNET:-}" ]]; then
|
|
echo "Set LIQUIDITY_POOL_ETH_MAINNET (or LIQUIDITY_POOL) in .env" >&2
|
|
return 1
|
|
fi
|
|
if [[ -z "${ETHEREUM_MAINNET_RPC:-}" ]]; then
|
|
echo "Set ETHEREUM_MAINNET_RPC in .env" >&2
|
|
return 1
|
|
fi
|
|
if [[ -z "${PRIVATE_KEY:-}" ]]; then
|
|
echo "Set PRIVATE_KEY in .env" >&2
|
|
return 1
|
|
fi
|
|
return 0
|
|
}
|