Skip to content

Origin Automated Actions#2854

Draft
sparrowDom wants to merge 66 commits intomasterfrom
sparrowDom/automated-actions-lite
Draft

Origin Automated Actions#2854
sparrowDom wants to merge 66 commits intomasterfrom
sparrowDom/automated-actions-lite

Conversation

@sparrowDom
Copy link
Copy Markdown
Member

@sparrowDom sparrowDom commented Mar 24, 2026
edited
Loading

Summary

This PR introduces a cron runtime supervisor for the Docker deployment that:

  • keeps supercronic scheduling from JSON config
  • adds authenticated REST endpoints for manual action runs
  • exposes API endpoints to inspect configured actions and run status

AWS KMS Signer Usage

Cron/manual actions still execute existing Hardhat tasks, so signer behavior is unchanged and continues to use the repo signer selection logic:

  • If AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY are present, the task path selects AWS KMS signing.
  • KMS signing uses DirectKmsTransactionSigner (purrikey) with the configured relayer key id and region.
  • Transactions are signed by KMS and submitted normally by the task flow.
  • Transaction hashes are emitted in task logs (utils/txLogger), so run-level tx IDs are visible in container logs/Loki.

Cronjobs Configured via JSON

Cron configuration is now JSON-first:

  • Source of truth: contracts/cron/cron-jobs.json
  • Job schema:
    • name (string)
    • schedule (5-field cron expression)
    • enabled (boolean)
    • command (string)
  • Startup rendering validates config and fails fast on:
    • invalid/malformed schema
    • duplicate names
    • invalid schedule shape
    • zero enabled jobs
  • Enabled jobs are rendered to /etc/cronjob (with # <name> comments) and started via supercronic.

Cronjobs Triggered via API

A lightweight Node HTTP server is started with the container runtime and runs alongside supercronic.

  • Auth:
    • Bearer token required for /api/v1/*
    • token env var: ACTION_API_BEARER_TOKEN (required)
  • Trigger endpoint:
    • POST /api/v1/actions/:name/runs
    • returns 202 Accepted with:
      • runId
      • action
      • status
      • statusUrl
      • startedAt
    • includes Location header pointing to run status URL
  • Execution model:
    • async execution (queued -> running -> succeeded|failed)
    • manual triggers are allowed even when enabled=false
    • parallel runs are allowed
    • bounded in-memory run history (default limit 500)

Cron Configuration / Run Status via API

  • GET /api/v1/actions
    • returns configured actions with name, schedule, enabled
  • GET /api/v1/runs/:runId
    • returns run lifecycle + completion metadata:
      • status
      • startedAt
      • finishedAt
      • exitCode
      • signal
  • GET /healthz (no auth)
    • runtime health including whether supercronic is running

Runtime Notes

  • Entrypoint now launches the supervisor (node /app/scripts/cron-supervisor.js).
  • Optional runtime envs:
    • HOST (default 0.0.0.0)
    • PORT (default 8080)
    • ACTION_RUN_HISTORY_LIMIT (default 500)
    • ACTION_WORKDIR (default /app)
  • Logs for a run are available in container stdout/stderr (and Loki), while API returns structured status/metadata.

@codecov
Copy link
Copy Markdown

codecov bot commented Mar 24, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 50.94%. Comparing base (10b029e) to head (ef16785).

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #2854      +/-   ##
==========================================
+ Coverage   49.21%   50.94%   +1.73%     
==========================================
  Files         112      112              
  Lines        4844     4844              
  Branches     1343     1343              
==========================================
+ Hits         2384     2468      +84     
+ Misses       2456     2372      -84     
  Partials        4        4

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@railway-app railway-app bot temporarily deployed to reasonable-success / production March 27, 2026 14:38 Inactive
sparrowDom and others added 19 commits March 27, 2026 16:55
@sparrowDom
make github build the image instead of docker
6858bbd
@sparrowDom
fix node issue
adcb500
@sparrowDom
rename image
80f660a
@sparrowDom
another rename
0371df6
@sparrowDom
fix naming mistakes
9c91e74
@apexearth
Migrate Defender actions to TypeScript hardhat tasks
79075e5 
- Add TypeScript, ESLint TS, and Prettier TS support to contracts/
- Create action() registration pattern for hardhat tasks with Winston logging
- Convert 13 Defender actions to self-registering TS hardhat tasks
- Add Loki transport for centralized logging
- Add healthcheck task for validation
- Fix ssv-scanner dependency (bloxapp → ssvlabs)
- Fix @lodestar/types ESM compatibility via ts-node skipProject
@apexearth
test loki execution and ensure flush
f52fbd3
@apexearth
prettier
c728f99
@apexearth
fix prettier/lint conflict
f42b623
@apexearth
Merge branch 'sparrowDom/automated-actions-lite-chris2' into sparrowD…
e79b58d 
…om/automated-actions-lite
@apexearth
tweak how we log
868b1ec
@apexearth
create docker-compose env for local execution
9ae2bfc
@apexearth
add cron readme
55ccb19
@apexearth
lint fix
baeeafb
@apexearth
path fix
ee58e99
@apexearth
fix output
5db6014
@apexearth
healthcheck fix
a3c6ec1
@apexearth
extract actions out of defender
cd81063
@apexearth
convert files to ts
243dba7
sparrowDom and others added 30 commits April 7, 2026 11:22
@sparrowDom
convert the first action into hardhat and add Skills file
2bd9eca
@sparrowDom
from kebab case to camel case
0bf7b24
@sparrowDom
convert another function
c35f138
@sparrowDom
convert another functino
baad11a
@sparrowDom
some more function creations
5f18017
@sparrowDom
convert rebase
eb14ecb
@sparrowDom
convert and test a couple of more functions
0e7f8f6
@sparrowDom
convert a few more actions
8225116
@sparrowDom
add execute and propose actions
dee9d4d
@sparrowDom
old docker insstance will no longer be required
0dd1349
@sparrowDom
add the beacon chain tasks into the same format
804fc9d
@sparrowDom
fix cronjob collissions
7d7060e
@sparrowDom
Merge remote-tracking branch 'origin/master' into sparrowDom/automate…
194cbe4 
…d-actions-lite
@sparrowDom
add votemarket call
5a587ce
@sparrowDom
separate cross chain message
e1b7857
@sparrowDom
add cross chain actions
5dd743c
@sparrowDom
cross chain strategy actions
ef16785
@sparrowDom
add hyperliquid cron config
b8e6eca
@sparrowDom
add hyper-evm actions
836c9bb
@sparrowDom
add comments explaining frequency
7d9da23
@apexearth
Add structured logging, observability docs, and action runner integra…
42afd0c 
…tion test
@apexearth
Refactor supervisor logging and extract API module
d8b0067 
- Replace console logging with winston/Loki logger in supervisor
- Delete log-events.ts emit wrappers, inline structured logging in action.ts
- Extract HTTP API + run tracking into api.ts, slim supervisor to orchestrator
- Add action.start/action.success events to action framework
- Generate run_id (UUID) per action, remove AUTOMATON_RUN_ID env var
- Add real action.test.ts that exercises createActionHandler() with mock signer
- Delete stale test-action.ts, action-runner.test.ts, snapshot
@sparrowDom @apexearth
Add shared Postgres nonce queue for cross-repo transaction serializat…
0f17acc 
…ion (#2876)

* Add shared Postgres nonce queue for cross-repo transaction serialization

Both origin-dollar and arm-oeth cron containers use the same KMS signer,
risking nonce collisions when transactions are sent concurrently. This adds
a Postgres-backed nonce lock that wraps the signer transparently via
SELECT ... FOR UPDATE, holding the row lock for the full tx lifecycle.

- nonceQueue.ts: withNonceLock + wrapWithNonceQueue signer wrapper
- action.ts: conditionally wraps signer when DATABASE_URL is set
- docker-compose.yml: adds postgres service for local dev
- cron-supervisor.ts: pool cleanup on shutdown
- Includes integration tests verifying lock serialization

* add comment

* add timeout mechanism

* add functionality to replace transaction with higher gas and rebroadcast transaction

* add github tests for the nonce locking mechanism

* add lifecycle tests

* fix lint

* add maximum gas price spending caps per chain

---------

Co-authored-by: Christopher Jacobs <apexearth@gmail.com>
@apexearth
fix healthcheck network
3622428
@sparrowDom
add a config var to increase gas estimate from the provider
f83484c
@sparrowDom
add explicit gas limit
0df4704
@sparrowDom
remove legacy rebase commands
7ddbf79
@sparrowDom
add the ability to store and list the lastest actions and their statu…
f85b979 
…ses issued by the automated actions module
@sparrowDom
persist action name and run-id across the different log messages. All…
f7a6837 
…ow a flag to differentiate between Winston contextualized logs and old way of logs
@sparrowDom
fix logging errors where action name and run id wouldn't get propagat…
647bdd2 
…ed to all logs. Also fix issue where Grafana wouldn't receive most of emitted logs
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@naddison36 naddison36 Awaiting requested review from naddison36 naddison36 will be requested when the pull request is marked ready for review naddison36 is a code owner

@shahthepro shahthepro Awaiting requested review from shahthepro shahthepro will be requested when the pull request is marked ready for review shahthepro is a code owner

@clement-ux clement-ux Awaiting requested review from clement-ux clement-ux will be requested when the pull request is marked ready for review clement-ux is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sparrowDom @apexearth