feat(deploy): on-chain binary publish + reusable publish workflow (CD-loop publish side)#160
Merged
Merged
Conversation
… publish-binary * blueprints.tsv: replace "no_v0_published" with "v0=<sha>; release=v0.1.3" for ids 13/14/15/16 — all four ai-trading blueprints now have a genesis binary version on-chain (Base Sepolia, setActiveBinaryVersion confirmed). * publish-binary.sh: poll getBinaryVersionCount up to 5x after publishBinaryVersion to ride out the read-back gap immediately following cast send (where the call occasionally still sees stale state and parses to 0 → version_id=-1 → setActive reverts). Fail loudly with a clear error if the publish landed but the read still says 0 after retries.
…e in one shot Reusable operator go-live script for any blueprint, compiled against tnt-core's own ITangle interfaces so selectors always match the deployment (the reliable path when cargo-tangle bindings are version-skewed — symptom UnknownSelector on requestService). Env-driven: TANGLE_CORE / BLUEPRINT_ID / OPERATOR_KEY / OPERATOR_ADDR / OPERATOR_PUBKEY / OPERATOR_RPC. Proven: ai-trading blueprint 13, service 0 ACTIVE on Base Sepolia.
Add a workflow_call trigger alongside workflow_dispatch so a blueprint repo's release CI can invoke the on-chain publish directly. Inputs mirror the manual trigger; PUBLISH_RPC_URL and BLUEPRINT_OWNER_KEY are exposed as workflow_call secrets so the owner key stays in tnt-core. The shared job reads inputs.*/secrets.* identically for both triggers.
drewstone
previously approved these changes
May 30, 2026
drewstone
left a comment
drewstone
left a comment
Contributor
There was a problem hiding this comment.
✅ Auto-approved tangletools PR — 73ccc4ab
This PR was opened by the trusted tangletools automation account.
The full PR reviewer audit still runs separately and will publish findings if it detects issues.
tangletools · auto-approval · reason: tangletools_author · 2026-05-30T16:07:28Z
Contributor
Author
🔍 Reviewing
|
| Pass | Status | ETA |
|---|---|---|
| opencode DeepSeek v4 Pro | Running (8 min) | ~5-15 min |
| Kimi Code K2.6 | Running (8 min) | ~5-15 min |
Agent review running. Reads the actual code. This comment updates in place.
tangletools · #160 · model: kimi-for-coding · started 2026-05-30T16:17:17Z
…blueprint-agnostic) The script is generic protocol ops (registerOperator → requestService → approveService for any BLUEPRINT_ID env). Only its name/comments were trading-specific; rename + de-trading the docs so tnt-core stays blueprint-agnostic. Logic unchanged.
drewstone
approved these changes
May 30, 2026
drewstone
left a comment
drewstone
left a comment
Contributor
There was a problem hiding this comment.
✅ Auto-approved tangletools PR — 8f15ced0
This PR was opened by the trusted tangletools automation account.
The full PR reviewer audit still runs separately and will publish findings if it detects issues.
tangletools · auto-approval · reason: tangletools_author · 2026-05-30T16:17:47Z
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The publish + CD-trigger half of the blueprint upgrade loop. Carries the v0/on-chain publish work plus the new reusability that lets a blueprint repo's release CI auto-publish.
deploy/publish-binary.sh/publish-trading-v0.sh/register-blueprints.sh— compute sha256 + content-addressed URI, callpublishBinaryVersion+setActiveBinaryVersion(owner key stays here).RequestTradingServiceone-shot register+request+approve..github/workflows/publish-blueprint-binary.ymlgains aworkflow_calltrigger (alongsideworkflow_dispatch), exposing the same inputs + the privileged secrets (PUBLISH_RPC_URL,BLUEPRINT_OWNER_KEY). This letstangle-network/ai-trading-blueprint's release CI (PR Payments rearchitecture: RFQ hardening + multi-asset bill weighting + facet split for EIP-170 #133 there) trigger an on-chain publish on everyv*tag — closing the publish side of the loop.actionlint: clean.Pairs with ai-trading-blueprint#133 (release trigger + operator approval UI) and the already-shipped manager watcher/swap pipeline. Must be on
mainso the cross-repogh workflow run --ref mainresolves.