(base_image: ubuntu) self-hosted test run #110

Workflow file for this run

.github/workflows/dsh-testing.yaml at 10585fa

	name: DevZero self-hosted deployment
	run-name: '(base_image: ${{ github.event.inputs.base_image }}) self-hosted test run'

	on:
	# push:
	# paths:
	# - 'self-hosted/terraform/examples/aws/**'
	# branches:
	# - main
	# schedule:
	# - cron: '0 3 * * *'
	workflow_dispatch:
	inputs:
	base_image:
	description: "Select the base image"
	required: true
	default: "al2023"
	type: choice
	options:
	- al2023
	- ubuntu

	jobs:
	setup-and-test:
	runs-on: ubuntu-latest

	strategy:
	matrix:
	eks_version: ["1.25", "1.30", "1.31"]
	fail-fast: false

	name: '(base_image: ${{ github.event.inputs.base_image }}) (eks_version: ${{ matrix.eks_version }})'

	permissions:
	id-token: write
	contents: read

	steps:
	- name: Checkout Repository
	uses: actions/checkout@v4

	- name: Configure AWS Credential
	uses: aws-actions/configure-aws-credentials@v4
	with:
	role-to-assume: arn:aws:iam::484907513542:role/github-actions-oidc-role
	aws-region: us-west-1
	role-duration-seconds: 7200

	- name: Set up Terraform
	uses: hashicorp/setup-terraform@v3
	with:
	terraform_version: 1.5.7

	- name: Install yq
	run: \|
	sudo wget https://github.com/mikefarah/yq/releases/download/v4.15.1/yq_linux_amd64 -O /usr/local/bin/yq
	sudo chmod +x /usr/local/bin/yq

	- name : Add SHORT_SHA Environment Variable
	id : short-sha
	shell: bash
	run : \|
	# creating a 4-char long SHA
	echo "SHORT_SHA=`git rev-parse --short=3 HEAD`" >> $GITHUB_ENV

	- name : Generate unique job identifier
	id : job-identifier
	shell: bash
	run : \|
	# replace `.` in k8s version with `-` so that the same job identifier can be used in various places
	K8S_VERSION=$(echo ${{ matrix.eks_version }} \| sed 's/\./-/')
	echo "JOB_IDENTIFIER=gh-${K8S_VERSION}-${{ github.event.inputs.base_image }}-${SHORT_SHA}" >> $GITHUB_ENV

	- name: Add Backend Override (Base Cluster)
	run: \|
	cd terraform/examples/aws/base-cluster
	cat <<EOF > backend_override.tf
	terraform {
	backend "s3" {
	bucket = "dsh-tf-state"
	key = "${JOB_IDENTIFIER}/base-cluster/terraform.tfstate"
	region = "us-west-1"
	}
	}
	EOF

	- name: Set EKS version v${{ matrix.eks_version }} (Base Cluster)
	run: \|
	echo "" >> terraform/examples/aws/base-cluster/terraform.tfvars
	echo "# Setting eks cluster version" >> terraform/examples/aws/base-cluster/terraform.tfvars
	echo "cluster_version = \"${{ matrix.eks_version }}\"" >> terraform/examples/aws/base-cluster/terraform.tfvars

	# DevZero currently doesnt publish a base AMI for Kubernetes 1.25, but local testing has indicated that we can use the 1.30 version
	# AMIs available https://us-west-1.console.aws.amazon.com/ec2/home?region=us-west-1#Images:visibility=public-images;imageName=:devzero;v=3
	# TODO (debo): this is currently kind of a hack to make sure that the 1.25 test uses the 1.30 node
	if [ "${{ matrix.eks_version }}" == "1.25" ]; then
	echo "# Using ami_version 1.30 for EKS 1.25 as a workaround" >> terraform/examples/aws/base-cluster/terraform.tfvars
	echo "ami_version = \"1.30\"" >> terraform/examples/aws/base-cluster/terraform.tfvars
	fi

	- name: Initialize and Apply Terraform (Base Cluster)
	run: \|
	cd terraform/examples/aws/base-cluster
	terraform init
	if [ "${{ github.event.inputs.base_image }}" == "al2023" ]; then
	terraform apply -auto-approve -var="cluster_name=$JOB_IDENTIFIER"
	else
	terraform apply -auto-approve -var="cluster_name=$JOB_IDENTIFIER" -var="base_image=ubuntu"
	fi

	- name: Update Cluster-Extensions tfvars
	run: \|
	cat <<EOT > terraform/examples/aws/cluster-extensions/terraform.tfvars
	region = "us-west-1"
	enable_cluster_autoscaler = false
	cluster_name = "$JOB_IDENTIFIER"
	domain = "$JOB_IDENTIFIER.ci.selfzero.net"
	EOT

	- name: Add Backend Override (Cluster Extensions)
	run: \|
	cd terraform/examples/aws/cluster-extensions
	cat <<EOF > backend_override.tf
	terraform {
	backend "s3" {
	bucket = "dsh-tf-state"
	key = "${JOB_IDENTIFIER}/cluster-extensions/terraform.tfstate"
	region = "us-west-1"
	}
	}
	EOF

	- name: Initialize and Apply Cluster-Extensions
	run: \|
	cd terraform/examples/aws/cluster-extensions
	terraform init
	terraform apply -auto-approve

	- name: Configure Kubernetes Access
	run: \|
	aws eks update-kubeconfig --region us-west-1 --name $JOB_IDENTIFIER

	- name: Deploy Control Plane Dependencies (and modify domains)
	run: \|
	cd charts/dz-control-plane-deps
	find values -type f -exec sed -i'.bak' "s/example\.com/$JOB_IDENTIFIER\.ci\.selfzero\.net/g" {} \; && find values -name "*.bak" -delete
	make install

	- name: Update values.yaml for dz-control-plane
	env:
	BACKEND_LICENSE_KEY: ${{ secrets.BACKEND_LICENSE_KEY }}
	run: \|
	# setting credentials enable to false since we will explicitly feed the dockerhub creds to kubernetes api
	# also setting image.pullsecrets to empty to make sure that each of the deployments dont try to pull their relevant OCI images from this registry
	# backend license key is ... needed

	yq e '.credentials.enable = false \| .backend.licenseKey = strenv(BACKEND_LICENSE_KEY) \| .image.pullSecrets = []' -i charts/dz-control-plane/values.yaml

	- name: Deploy DevZero Control Plane (after configuring kubernetes to use dockerhub creds, and patching all the deployments to point to the right domain)
	env:
	DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
	DOCKERHUB_TOKEN: ${{ secrets.DOCKERHUB_TOKEN }}
	run: \|
	cd charts/dz-control-plane
	make add-docker-creds
	find . -name "values.yaml" -exec sed -i'.bak' "s/example\.com/$JOB_IDENTIFIER\.ci\.selfzero\.net/g" {} \; && find . -name "values.yaml.bak" -delete
	make install

	- name: Validate Control Plane
	run: \|
	echo -e "\nPods in namespace devzero:"
	kubectl get pods -n devzero
	chmod +x .github/scripts/dsh-pod-test.sh
	.github/scripts/dsh-pod-test.sh
	echo -e "\nIngress in namespace devzero:"
	kubectl get ingress -n devzero

	- name: Deploy Data Plane Dependencies
	run: \|
	cd charts/dz-data-plane-deps
	find values -type f -exec sed -i'.bak' "s/example\.com/$JOB_IDENTIFIER\.ci\.selfzero\.net/g" {} \; && find values -name "*.bak" -delete
	make install

	- name: Deploy DevZero Data Plane
	run: \|
	cd charts/dz-data-plane
	find . -name "values.yaml" -exec sed -i'.bak' "s/example\.com/$JOB_IDENTIFIER\.ci\.selfzero\.net/g" {} \; && find . -name "values.yaml.bak" -delete
	make install

	- name: Validate Data Plane
	run: \|
	kubectl get pods -n devzero-self-hosted
	kubectl get ingress -n devzero-self-hosted

	- name: '[helm] Destroy data-plane'
	if: always()
	run: \|
	cd charts/dz-data-plane
	make delete

	- name: '[helm] Destroy data-plane-deps'
	if: always()
	run: \|
	cd charts/dz-data-plane-deps
	make delete

	- name: '[helm] Destroy control-plane'
	if: always()
	run: \|
	cd charts/dz-control-plane
	make delete

	- name: '[helm] Destroy control-plane-deps'
	if: always()
	run: \|
	cd charts/dz-control-plane-deps
	make delete

	- name: '[terraform] Destroy cluster-extensions'
	if: always()
	run: \|
	cd terraform/examples/aws/cluster-extensions
	terraform destroy -auto-approve

	- name: '[terraform] Destroy base-cluster'
	if: always()
	run: \|
	cd terraform/examples/aws/base-cluster
	terraform destroy -auto-approve

	- name: '[aws-cli] clean up volumes explicitly'
	if: always()
	run: \|
	for volume_id in $(aws ec2 describe-volumes --filters "Name=status,Values=available" "Name=tag:Name,Values=${JOB_IDENTIFIER}*" --query "Volumes[].VolumeId" --output text); do
	echo "Deleting volume: $volume_id"
	aws ec2 delete-volume --volume-id $volume_id
	done

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

(base_image: ubuntu) self-hosted test run #110

Workflow file

(base_image: ubuntu) self-hosted test run #110

Uh oh!

Workflow file for this run