scripts/deployment/deploy-verify-chain138.sh

#!/usr/bin/env bash
# R15: Deployment automation — check env → deploy (optional) → verify → update config.
# Usage: ./scripts/deployment/deploy-verify-chain138.sh [--dry-run] [--deploy] [--verify-only]
#   --dry-run    Print steps only; do not run deploy or verify (exit 0).
#   --deploy     Run phased deploy (01_DeployCore, 02_DeployBridges) before verify. Omit to verify only.
#   --verify-only  Skip deploy; run on-chain check + Blockscout verification only.
# Requires: LAN/VPN to Chain 138 RPC and Blockscout. PRIVATE_KEY and RPC_URL_138 read from dotenv (root .env, then smom-dbis-138/.env).
# See: docs/03-deployment/CONTRACT_DEPLOYMENT_RUNBOOK.md

set -euo pipefail

SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
cd "$PROJECT_ROOT"

# Load PRIVATE_KEY and RPC from dotenv
[[ -f "${SCRIPT_DIR}/../lib/load-project-env.sh" ]] && source "${SCRIPT_DIR}/../lib/load-project-env.sh" 2>/dev/null || true

DRY_RUN=false
DO_DEPLOY=false
VERIFY_ONLY=false
for a in "$@"; do
  [[ "$a" == "--dry-run" ]]    && DRY_RUN=true
  [[ "$a" == "--deploy" ]]     && DO_DEPLOY=true
  [[ "$a" == "--verify-only" ]] && VERIFY_ONLY=true
done

echo "=== Deploy & Verify Chain 138 (R15) ==="
echo ""

if $DRY_RUN; then
  echo "1. Check env: PRIVATE_KEY and RPC_URL_138 read from dotenv (smom-dbis-138/.env or root .env)"
  echo "2. Config validation: bash scripts/validation/validate-config-files.sh"
  echo "3. Deploy (if --deploy): cd smom-dbis-138 && bash scripts/deployment/deploy-contracts-unified.sh --mode ordered"
  echo "4. On-chain check: bash scripts/verify/check-contracts-on-chain-138.sh"
  echo "5. Blockscout verify: source smom-dbis-138/.env; bash scripts/verify/run-contract-verification-with-proxy.sh"
  echo "6. Reconcile .env: bash scripts/verify/reconcile-env-canonical.sh --print (update smom-dbis-138/.env from output)"
  echo ""
  echo "Usage: $0 [--dry-run] [--deploy] [--verify-only]"
  exit 0
fi

# 1. Env check (PRIVATE_KEY already loaded from dotenv above; re-source smom .env if present)
[[ -f "smom-dbis-138/.env" ]] && source smom-dbis-138/.env 2>/dev/null || true
PRIVATE_KEY="${PRIVATE_KEY:-${CHAIN138_PRIVATE_KEY:-}}"
# RPC_URL_138 = Chain 138 Core (load-project-env sets it from .env or config)
if [[ -z "${PRIVATE_KEY:-}" ]]; then
  echo "PRIVATE_KEY (or CHAIN138_PRIVATE_KEY) not set. Set in smom-dbis-138/.env or root .env."
  exit 1
fi
if [[ -z "${RPC_URL_138:-}" ]]; then
  echo "RPC_URL_138 not set. Set in smom-dbis-138/.env or root .env (standard for Chain ID 138 RPC)."
  exit 1
fi
echo "[OK] Env present (PRIVATE_KEY and RPC from dotenv)"

# 2. Config validation
echo "2. Config validation..."
bash scripts/validation/validate-config-files.sh
echo ""

# 3. Deploy (optional)
if $DO_DEPLOY && ! $VERIFY_ONLY; then
  echo "3. Deploy (ordered)..."
  (cd smom-dbis-138 && bash scripts/deployment/deploy-contracts-unified.sh --mode ordered)
  echo ""
else
  echo "3. Deploy skipped (use --deploy to run)"
fi

# 4. On-chain check
echo "4. On-chain check..."
SKIP_EXIT=1 bash scripts/verify/check-contracts-on-chain-138.sh || true
echo ""

# 5. Blockscout verification (may require LAN)
echo "5. Blockscout verification..."
source smom-dbis-138/.env 2>/dev/null || true
if bash scripts/verify/run-contract-verification-with-proxy.sh 2>/dev/null; then
  echo "[OK] Verification run completed"
else
  echo "[WARN] Verification failed or Blockscout unreachable (run from LAN). See CONTRACT_DEPLOYMENT_RUNBOOK."
fi
echo ""

# 6. Reconcile
echo "6. Reconcile .env (canonical list):"
bash scripts/verify/reconcile-env-canonical.sh --print
echo ""
echo "=== Done. Update smom-dbis-138/.env from reconcile output if needed. ==="
Sync all local changes: docs, config, scripts, submodule refs, verification evidence Co-authored-by: Cursor <cursoragent@cursor.com> 2026-02-21 15:46:06 -08:00			`#!/usr/bin/env bash`
			`# R15: Deployment automation — check env → deploy (optional) → verify → update config.`
			`# Usage: ./scripts/deployment/deploy-verify-chain138.sh [--dry-run] [--deploy] [--verify-only]`
			`# --dry-run Print steps only; do not run deploy or verify (exit 0).`
			`# --deploy Run phased deploy (01_DeployCore, 02_DeployBridges) before verify. Omit to verify only.`
			`# --verify-only Skip deploy; run on-chain check + Blockscout verification only.`
			`# Requires: LAN/VPN to Chain 138 RPC and Blockscout. PRIVATE_KEY and RPC_URL_138 read from dotenv (root .env, then smom-dbis-138/.env).`
			`# See: docs/03-deployment/CONTRACT_DEPLOYMENT_RUNBOOK.md`

			`set -euo pipefail`

			`SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"`
			`PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"`
			`cd "$PROJECT_ROOT"`

			`# Load PRIVATE_KEY and RPC from dotenv`
			`[[ -f "${SCRIPT_DIR}/../lib/load-project-env.sh" ]] && source "${SCRIPT_DIR}/../lib/load-project-env.sh" 2>/dev/null \|\| true`

			`DRY_RUN=false`
			`DO_DEPLOY=false`
			`VERIFY_ONLY=false`
			`for a in "$@"; do`
			`[[ "$a" == "--dry-run" ]] && DRY_RUN=true`
			`[[ "$a" == "--deploy" ]] && DO_DEPLOY=true`
			`[[ "$a" == "--verify-only" ]] && VERIFY_ONLY=true`
			`done`

			`echo "=== Deploy & Verify Chain 138 (R15) ==="`
			`echo ""`

			`if $DRY_RUN; then`
			`echo "1. Check env: PRIVATE_KEY and RPC_URL_138 read from dotenv (smom-dbis-138/.env or root .env)"`
			`echo "2. Config validation: bash scripts/validation/validate-config-files.sh"`
			`echo "3. Deploy (if --deploy): cd smom-dbis-138 && bash scripts/deployment/deploy-contracts-unified.sh --mode ordered"`
			`echo "4. On-chain check: bash scripts/verify/check-contracts-on-chain-138.sh"`
			`echo "5. Blockscout verify: source smom-dbis-138/.env; bash scripts/verify/run-contract-verification-with-proxy.sh"`
			`echo "6. Reconcile .env: bash scripts/verify/reconcile-env-canonical.sh --print (update smom-dbis-138/.env from output)"`
			`echo ""`
			`echo "Usage: $0 [--dry-run] [--deploy] [--verify-only]"`
			`exit 0`
			`fi`

			`# 1. Env check (PRIVATE_KEY already loaded from dotenv above; re-source smom .env if present)`
			`[[ -f "smom-dbis-138/.env" ]] && source smom-dbis-138/.env 2>/dev/null \|\| true`
			`PRIVATE_KEY="${PRIVATE_KEY:-${CHAIN138_PRIVATE_KEY:-}}"`
			`# RPC_URL_138 = Chain 138 Core (load-project-env sets it from .env or config)`
			`if [[ -z "${PRIVATE_KEY:-}" ]]; then`
			`echo "PRIVATE_KEY (or CHAIN138_PRIVATE_KEY) not set. Set in smom-dbis-138/.env or root .env."`
			`exit 1`
			`fi`
			`if [[ -z "${RPC_URL_138:-}" ]]; then`
			`echo "RPC_URL_138 not set. Set in smom-dbis-138/.env or root .env (standard for Chain ID 138 RPC)."`
			`exit 1`
			`fi`
			`echo "[OK] Env present (PRIVATE_KEY and RPC from dotenv)"`

			`# 2. Config validation`
			`echo "2. Config validation..."`
			`bash scripts/validation/validate-config-files.sh`
			`echo ""`

			`# 3. Deploy (optional)`
			`if $DO_DEPLOY && ! $VERIFY_ONLY; then`
			`echo "3. Deploy (ordered)..."`
			`(cd smom-dbis-138 && bash scripts/deployment/deploy-contracts-unified.sh --mode ordered)`
			`echo ""`
			`else`
			`echo "3. Deploy skipped (use --deploy to run)"`
			`fi`

			`# 4. On-chain check`
			`echo "4. On-chain check..."`
			`SKIP_EXIT=1 bash scripts/verify/check-contracts-on-chain-138.sh \|\| true`
			`echo ""`

			`# 5. Blockscout verification (may require LAN)`
			`echo "5. Blockscout verification..."`
			`source smom-dbis-138/.env 2>/dev/null \|\| true`
			`if bash scripts/verify/run-contract-verification-with-proxy.sh 2>/dev/null; then`
			`echo "[OK] Verification run completed"`
			`else`
			`echo "[WARN] Verification failed or Blockscout unreachable (run from LAN). See CONTRACT_DEPLOYMENT_RUNBOOK."`
			`fi`
			`echo ""`

			`# 6. Reconcile`
			`echo "6. Reconcile .env (canonical list):"`
			`bash scripts/verify/reconcile-env-canonical.sh --print`
			`echo ""`
			`echo "=== Done. Update smom-dbis-138/.env from reconcile output if needed. ==="`