Skip to content

Stage online install #14

Stage online install

Stage online install #14

Workflow file for this run

---
name: Stage online install
on:
workflow_dispatch:
env:
DO_PAT: ${{secrets.DIGITALOCEAN_ACCESS_TOKEN}}
AWS_ACCESS_KEY_ID: ${{secrets.DIGITALOCEAN_SPACES_ACCESS_TOKEN}}
AWS_SECRET_ACCESS_KEY: ${{secrets.DIGITALOCEAN_SPACES_SECRET_KEY}}
REGION: ${{secrets.DIGITALOCEAN_REGION}}
MOUNT_POINT: "/opt/rkub"
BUCKET: "rkub-github-action-${{ github.run_id }}"
#BUCKET: "terraform-backend-github"
CONTROLLER_COUNT: "1"
WORKER_COUNT: "1"
SIZE: "s-2vcpu-4gb"
AIRGAP: "false"
jobs:
bucket:
name: Bucket
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Set up S3cmd cli tool
uses: s3-actions/s3cmd@main
with:
provider: digitalocean
region: ${{secrets.DIGITALOCEAN_REGION}}
access_key: ${{secrets.DIGITALOCEAN_SPACES_ACCESS_TOKEN}}
secret_key: ${{secrets.DIGITALOCEAN_SPACES_SECRET_KEY}}
- name: Create Space Bucket
run: |
sed -i -e 's/signature_v2.*$/signature_v2 = True/' ~/.s3cfg
if [[ $BUCKET != "terraform-backend-github" ]]; then s3cmd mb s3://${BUCKET}; fi
sleep 10
deploy:
name: Deploy
runs-on: ubuntu-latest
needs: [ Bucket ]
timeout-minutes: 20
defaults:
run:
shell: bash
working-directory: ./test
steps:
- name: Checkout files
uses: actions/checkout@v4
- name: Setup Terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_version: "1.7.3"
- name: Terraform Init
id: init
run: |
cd ./DO/infra
terraform init -backend-config="bucket=${BUCKET}"
- name: Terraform Validate
id: validate
run: |
cd ./DO/infra
terraform validate -no-color
- name: Terraform Plan
id: plan
run: |
cd ./DO/infra
terraform plan -out=terraform.tfplan \
-var "GITHUB_RUN_ID=$GITHUB_RUN_ID" \
-var "token=${DO_PAT}" \
-var "worker_count=${WORKER_COUNT}" \
-var "controller_count=${CONTROLLER_COUNT}" \
-var "instance_size=${SIZE}" \
-var "spaces_access_key_id=${{secrets.DIGITALOCEAN_SPACES_ACCESS_TOKEN}}" \
-var "spaces_access_key_secret=${{secrets.DIGITALOCEAN_SPACES_SECRET_KEY}}" \
-var "mount_point=${MOUNT_POINT}" \
-var "airgap=${AIRGAP}" \
-var "terraform_backend_bucket_name=${BUCKET}"
continue-on-error: true
- name: Terraform Plan Status
if: steps.plan.outcome == 'failure'
run: exit 1
- name: Terraform Apply
run: |
cd ./DO/infra
terraform apply terraform.tfplan
# No relative path allowed
- name: Inventory artifacts
uses: actions/upload-artifact@v4
with:
name: inventory
path: |
${{ github.workspace }}/test/inventory/hosts.ini
if-no-files-found: error
retention-days: 1
- name: Save Secret
id: save_secret
run: |
echo "SSH_PRIVATE_KEY=$( cat ${{ github.workspace }}/test/DO/infra/.key.private )" >> $GITHUB_ENV
reachable:
name: Reachable
runs-on: ubuntu-latest
needs: [ Deploy ]
timeout-minutes: 10
defaults:
run:
shell: bash
working-directory: ./test
steps:
- name: Checkout files
uses: actions/checkout@v4
- name: Download inventory
uses: actions/download-artifact@v4
with:
name: inventory
- name: Check if inventory present
run: |
ls -la ${{ github.workspace }}/inventory
ls -la ${{ github.workspace }}/test
ls -la ${{ github.workspace }}/
cat ${{ github.workspace }}/hosts.ini
- name: Get key and hosts.ini
run: |
cp ${{ github.workspace }}/hosts.ini inventory/hosts.ini
echo "${{ env.SSH_PRIVATE_KEY }}"" > DO/infra/.key.private
shell: bash
- name: Set up Python
id: setup_python
uses: actions/setup-python@v5
with:
python-version: 3.9
- name: Install dependencies
run: |
python -m pip install --upgrade pip
pip3 install ansible
ansible --version
- name: Test if reachable
run: |
ANSIBLE_HOST_KEY_CHECKING=False ansible RKE2_CLUSTER -m ping -u root
- name: Wait for cloud-init to finish
run: |
ANSIBLE_HOST_KEY_CHECKING=False ansible RKE2_CLUSTER -m shell -a "cloud-init status --wait" -u root -v
install:
name: Install
runs-on: ubuntu-latest
needs: [ Reachable ]
timeout-minutes: 60
defaults:
run:
shell: bash
working-directory: ./test
steps:
- name: Checkout files
uses: actions/checkout@v4
- name: Install requirements
run: |
cd ..
make prerequis
- name: Download inventory
uses: actions/download-artifact@v4
with:
name: inventory
- name: Get key and hosts.ini
run: |
cp ${{ github.workspace }}/hosts.ini inventory/hosts.ini
cp ${{ github.workspace }}/.key.private DO/infra/.key.private
cp ${{ github.workspace }}/.key.pub DO/infra/.key.pub
shell: bash
- name: Run playbook install.yml
run: |
ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -u root playbooks/install.yml -e "airgap=false" -e "method=tarball"
#- name: Run playbook rancher.yml
# run: |
# ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -u root playbooks/rancher.yml
#- name: Run playbook longhorn.yml
# run: |
# ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -u root playbooks/longhorn.yml
#- name: Run playbook neuvector.yml
# run: |
# ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -u root playbooks/neuvector.yml
test:
name: Test
runs-on: ubuntu-latest
needs: [ Install ]
timeout-minutes: 10
defaults:
run:
shell: bash
working-directory: ./test
steps:
- name: Checkout files
uses: actions/checkout@v4
- name: Download inventory
uses: actions/download-artifact@v4
with:
name: inventory
- name: Get key and hosts.ini
run: |
cp ${{ github.workspace }}/hosts.ini inventory/hosts.ini
cp ${{ github.workspace }}/.key.private DO/infra/.key.private
cp ${{ github.workspace }}/.key.pub DO/infra/.key.pub
shell: bash
- name: Install dependencies
run: |
python3 -m pip install --upgrade pip
python3 -m pip install -U pytest-testinfra ansible pytest-sugar pytest
ansible --version
- name: Run Python Tests
run: |
export DEFAULT_PRIVATE_KEY_FILE=.key
python3 -m pytest --hosts=RKE2_CONTROLLERS --ansible-inventory=inventory/hosts.ini --force-ansible --connection=ansible basic_server_tests.py
python3 -m pytest --hosts=RKE2_WORKERS --ansible-inventory=inventory/hosts.ini --force-ansible --connection=ansible basic_agent_tests.py
delay:
name: Delay
runs-on: ubuntu-latest
needs: [ Test ]
if: always()
steps:
- name: Delay 10min
uses: whatnick/wait-action@master
with:
time: '600s'
cleanup:
name: Cleanup
runs-on: ubuntu-latest
needs: [ Delay ]
if: always()
timeout-minutes: 30
defaults:
run:
shell: bash
working-directory: ./test/DO/infra
steps:
- name: Checkout files
uses: actions/checkout@v4
- name: Setup Terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_version: "1.7.3"
- name: Terraform Init
id: init
run: |
terraform init -backend-config="bucket=${BUCKET}"
continue-on-error: true
- name: Terraform plan delete stack
id: plan
run: |
terraform plan -destroy -out=terraform.tfplan \
-var "GITHUB_RUN_ID=$GITHUB_RUN_ID" \
-var "token=${DO_PAT}" \
-var "worker_count=${WORKER_COUNT}" \
-var "controller_count=${CONTROLLER_COUNT}" \
-var "instance_size=${SIZE}" \
-var "spaces_access_key_id=${{secrets.DIGITALOCEAN_SPACES_ACCESS_TOKEN}}" \
-var "spaces_access_key_secret=${{secrets.DIGITALOCEAN_SPACES_SECRET_KEY}}" \
-var "mount_point=${MOUNT_POINT}" \
-var "airgap=false" \
-var "terraform_backend_bucket_name=${BUCKET}"
continue-on-error: true
- name: Terraform Apply
run: |
terraform apply terraform.tfplan
continue-on-error: true
- name: Set up S3cmd cli tool
uses: s3-actions/s3cmd@main
with:
provider: digitalocean
region: ${{secrets.DIGITALOCEAN_REGION}}
access_key: ${{secrets.DIGITALOCEAN_SPACES_ACCESS_TOKEN}}
secret_key: ${{secrets.DIGITALOCEAN_SPACES_SECRET_KEY}}
- name: Remove Space bucket
run: |
sed -i -e 's/signature_v2.*$/signature_v2 = True/' ~/.s3cfg
if [[ $BUCKET != "terraform-backend-github" ]]; then s3cmd rb s3://${BUCKET} --recursive; fi
sleep 10