feat: add workflow for node execution

[cbermudez97]

No description provided.

[Copilot]

Pull request overview

This PR adds comprehensive infrastructure for executing Arbitrum nodes with automated workflow orchestration. The implementation includes configuration updates for block processing timeouts, block hash verification settings, and a complete CI/CD pipeline for deploying and managing custom nodes.

Key Changes:

• Updated Arbitrum mainnet configurations with new block processing timeouts (60000ms) and block hash verification settings
• Added GitHub Actions workflow for deploying custom nodes with configurable parameters (chain selection, timeout, SSH keys, firewall rules)
• Implemented Python script for generating node deployment configurations with Docker Compose orchestration for Nethermind and Nitro services

Reviewed changes

Copilot reviewed 7 out of 7 changed files in this pull request and generated 15 comments.

Show a summary per file

File	Description
src/Nethermind.Arbitrum/Properties/configs/arbitrum-mainnet.json	Adds Arbitrum and VerifyBlockHash configuration sections with block processing timeout and verification settings
src/Nethermind.Arbitrum/Properties/configs/arbitrum-mainnet-archive.json	Updates block processing timeout to 60000ms and adds VerifyBlockHash configuration
scripts/wait_for_workflow.sh	Implements workflow monitoring script that waits for GitHub Actions workflows to trigger and complete
scripts/setup_script.sh.j2	Jinja2 template for node setup including Docker installation, registry authentication, and container orchestration
scripts/generate_custom_node_data.py	Python script generating deployment configurations for Nethermind and Nitro nodes with environment-based configuration
.github/workflows/run-node.yml	GitHub Actions workflow orchestrating node deployment with inputs for images, chain selection, and security settings
.editorconfig	Adds Python-specific indentation settings (4 spaces)

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The command options for apt-get install should include the -y flag for non-interactive installation, similar to lines 23 and 27. Without it, the installation may prompt for user confirmation and hang the script.

Suggested change

	sudo apt-get install ca-certificates curl
	sudo apt-get install -y ca-certificates curl

[Copilot]

The comment "TODO: Add more flags options as needed" suggests incomplete functionality. If this is intentional for future expansion, consider removing the TODO or creating a tracking issue for the additional flags that need to be implemented.

Suggested change

	# TODO: Add more flags options as needed
	# Additional Nethermind flag options can be added here if required in the future.

[Copilot]

The docker login command uses the -p flag with {{ docker_registry.password }} directly on the command line, which exposes the registry password in the process list to any local user or monitoring system and can also surface in host-level telemetry. An attacker with local access could capture these credentials and use them to pull or push images or otherwise impersonate the registry account. Use a method that does not place the password in the command line (for example, passing it via standard input) so the secret is never visible in process arguments or logs.

Suggested change

	docker login {{ docker_registry.url }} -u "{{ docker_registry.username }}" -p "{{ docker_registry.password }}"
	printf '%s\n' '{{ docker_registry.password }}' | docker login {{ docker_registry.url }} -u "{{ docker_registry.username }}" --password-stdin

[github-actions]

Package	Line Rate	Branch Rate	Health
Nethermind.Arbitrum	80%	57%	✔
Summary	80% (8242 / 10270)	57% (1985 / 3483)	✔

Minimum allowed line rate is 60%