From a15d587d69b56cf119fae7fb3e34d2ff431b3ca6 Mon Sep 17 00:00:00 2001 From: Justin Woodson Date: Mon, 9 Dec 2024 11:36:31 -0500 Subject: [PATCH 01/11] init eks env in pr pipeline --- .github/workflows/build_and_test.yml | 9 +++ .github/workflows/build_frontend_image.yml | 61 +++++++++++++++++ .github/workflows/deploy_to_eks.yml | 66 +------------------ .github/workflows/manual_deploy_to_eks.yml | 29 ++++++++ .../workflows/pr_teardown_env_on_close.yml | 34 ++++++++++ 5 files changed, 136 insertions(+), 63 deletions(-) create mode 100644 .github/workflows/build_frontend_image.yml create mode 100644 .github/workflows/manual_deploy_to_eks.yml create mode 100644 .github/workflows/pr_teardown_env_on_close.yml diff --git a/.github/workflows/build_and_test.yml b/.github/workflows/build_and_test.yml index 6911f81dcb..9e2b13a990 100644 --- a/.github/workflows/build_and_test.yml +++ b/.github/workflows/build_and_test.yml @@ -18,8 +18,17 @@ jobs: secrets: inherit with: env: test + + Build_easi-frontend_image: + uses: ./.github/workflows/build_frontend_image.yml + secrets: inherit Run_Tests: uses: ./.github/workflows/run_tests.yml needs: [Build_Application_Images,Build_Test_Frontend_Assets] secrets: inherit + + Deploy_to_EKS: + uses: ./.github/workflows/deploy_to_eks.yml + needs: [Build_Application_Images,Build_easi-frontend_image] + secrets: inherit diff --git a/.github/workflows/build_frontend_image.yml b/.github/workflows/build_frontend_image.yml new file mode 100644 index 0000000000..04410fa345 --- /dev/null +++ b/.github/workflows/build_frontend_image.yml @@ -0,0 +1,61 @@ +name: Build easi-frontend image + +on: + workflow_call: + +env: + GIT_HASH: ${{ github.sha }} + GIT_REF_NAME: ${{ github.ref }} + +permissions: + id-token: write + contents: read + +jobs: + build_easi-frontend_image: + runs-on: ubuntu-latest + steps: + - name: Check out code + uses: actions/checkout@v4 + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4.0.2 + with: + role-to-assume: ${{ secrets.AWS_INFRA_OIDC_ROLE_TO_ASSUME }} + aws-region: us-west-2 + - name: Login to Amazon ECR + id: login-ecr + uses: aws-actions/amazon-ecr-login@v2 + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Set env vars with direnv # This allows docker build of FE files to pull from .envrc + uses: HatsuneMiku3939/direnv-action@v1 + - name: Calculate build args + id: calculate-build-args + run: | + echo "VITE_LD_CLIENT_ID=${VITE_LD_CLIENT_ID}" >> $GITHUB_OUTPUT + echo "VITE_OKTA_CLIENT_ID=${VITE_OKTA_CLIENT_ID}" >> $GITHUB_OUTPUT + echo "VITE_OKTA_SERVER_ID=${VITE_OKTA_SERVER_ID}" >> $GITHUB_OUTPUT + echo "VITE_OKTA_ISSUER=${VITE_OKTA_ISSUER}" >> $GITHUB_OUTPUT + echo "VITE_OKTA_DOMAIN=${VITE_OKTA_DOMAIN}" >> $GITHUB_OUTPUT + echo "VITE_OKTA_REDIRECT_URI=${VITE_OKTA_REDIRECT_URI}" >> $GITHUB_OUTPUT + - name: Build, tag, and push image to Amazon ECR + uses: docker/build-push-action@v6 + with: + context: . + file: Dockerfile.frontend_k8s + push: true + cache-to: type=gha,mode=max,scope=${{ env.GIT_REF_NAME }}-easi-frontend + cache-from: type=gha,scope=${{ env.GIT_REF_NAME }}-easi-frontend + tags: ${{ steps.login-ecr.outputs.registry }}/easi-frontend:${{ env.GIT_HASH }} + build-args: | + VITE_LD_CLIENT_ID=${{ steps.calculate-build-args.outputs.VITE_LD_CLIENT_ID }} + VITE_OKTA_CLIENT_ID=${{ steps.calculate-build-args.outputs.VITE_OKTA_CLIENT_ID }} + VITE_OKTA_SERVER_ID=${{ steps.calculate-build-args.outputs.VITE_OKTA_SERVER_ID }} + VITE_OKTA_ISSUER=${{ steps.calculate-build-args.outputs.VITE_OKTA_ISSUER }} + VITE_OKTA_DOMAIN=${{ steps.calculate-build-args.outputs.VITE_OKTA_DOMAIN }} + VITE_OKTA_REDIRECT_URI=${{ steps.calculate-build-args.outputs.VITE_OKTA_REDIRECT_URI }} diff --git a/.github/workflows/deploy_to_eks.yml b/.github/workflows/deploy_to_eks.yml index b2f4070704..e3e6af01bf 100644 --- a/.github/workflows/deploy_to_eks.yml +++ b/.github/workflows/deploy_to_eks.yml @@ -1,78 +1,18 @@ -name: Deploy To EKS +name: Deploy branch environment to EKS on: - workflow_dispatch: + workflow_call: + permissions: id-token: write contents: read env: - EASI_APP_NODE_VERSION: "18.20.4" GIT_HASH: ${{ github.sha }} - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} - GIT_REF_NAME: ${{ github.ref }} jobs: - - build_easi-frontend_image: - runs-on: ubuntu-latest - steps: - - name: Check out code - uses: actions/checkout@v4 - - name: Login to Docker Hub - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v4.0.2 - with: - role-to-assume: ${{ secrets.AWS_INFRA_OIDC_ROLE_TO_ASSUME }} - aws-region: us-west-2 - - name: Login to Amazon ECR - id: login-ecr - uses: aws-actions/amazon-ecr-login@v2 - - name: Setup Docker Buildx - uses: docker/setup-buildx-action@v3 - - name: Set env vars with direnv # This allows docker build of FE files to pull from .envrc - uses: HatsuneMiku3939/direnv-action@v1 - - name: Calculate build args - id: calculate-build-args - run: | - echo "VITE_LD_CLIENT_ID=${VITE_LD_CLIENT_ID}" >> $GITHUB_OUTPUT - echo "VITE_OKTA_CLIENT_ID=${VITE_OKTA_CLIENT_ID}" >> $GITHUB_OUTPUT - echo "VITE_OKTA_SERVER_ID=${VITE_OKTA_SERVER_ID}" >> $GITHUB_OUTPUT - echo "VITE_OKTA_ISSUER=${VITE_OKTA_ISSUER}" >> $GITHUB_OUTPUT - echo "VITE_OKTA_DOMAIN=${VITE_OKTA_DOMAIN}" >> $GITHUB_OUTPUT - echo "VITE_OKTA_REDIRECT_URI=${VITE_OKTA_REDIRECT_URI}" >> $GITHUB_OUTPUT - - name: Build, tag, and push image to Amazon ECR - uses: docker/build-push-action@v6 - with: - context: . - file: Dockerfile.frontend_k8s - push: true - cache-to: type=gha,mode=max,scope=${{ env.GIT_REF_NAME }}-easi-frontend - cache-from: type=gha,scope=${{ env.GIT_REF_NAME }}-easi-frontend - tags: ${{ steps.login-ecr.outputs.registry }}/easi-frontend:${{ env.GIT_HASH }} - build-args: | - VITE_LD_CLIENT_ID=${{ steps.calculate-build-args.outputs.VITE_LD_CLIENT_ID }} - VITE_OKTA_CLIENT_ID=${{ steps.calculate-build-args.outputs.VITE_OKTA_CLIENT_ID }} - VITE_OKTA_SERVER_ID=${{ steps.calculate-build-args.outputs.VITE_OKTA_SERVER_ID }} - VITE_OKTA_ISSUER=${{ steps.calculate-build-args.outputs.VITE_OKTA_ISSUER }} - VITE_OKTA_DOMAIN=${{ steps.calculate-build-args.outputs.VITE_OKTA_DOMAIN }} - VITE_OKTA_REDIRECT_URI=${{ steps.calculate-build-args.outputs.VITE_OKTA_REDIRECT_URI }} - - name: Announce failure - if: ${{ failure() }} - run: | - ./scripts/github-action-announce-broken-branch - - Build_Application_Images: - uses: ./.github/workflows/build_application_images.yml - secrets: inherit - Deploy_to_EKS: - needs: [build_easi-frontend_image, Build_Application_Images] runs-on: ubuntu-latest environment: "dev" steps: diff --git a/.github/workflows/manual_deploy_to_eks.yml b/.github/workflows/manual_deploy_to_eks.yml new file mode 100644 index 0000000000..a32d008918 --- /dev/null +++ b/.github/workflows/manual_deploy_to_eks.yml @@ -0,0 +1,29 @@ +name: Manual deploy To EKS + +on: + workflow_dispatch: + +permissions: + id-token: write + contents: read + +env: + EASI_APP_NODE_VERSION: "18.20.4" + GIT_HASH: ${{ github.sha }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} + GIT_REF_NAME: ${{ github.ref }} + +jobs: + + Build_easi-frontend_image: + uses: ./.github/workflows/build_frontend_image.yml + secrets: inherit + + Build_Application_Images: + uses: ./.github/workflows/build_application_images.yml + secrets: inherit + + Deploy_to_EKS: + needs: [Build_easi-frontend_image, Build_Application_Images] + uses: ./.github/workflows/deploy_to_eks.yml + secrets: inherit \ No newline at end of file diff --git a/.github/workflows/pr_teardown_env_on_close.yml b/.github/workflows/pr_teardown_env_on_close.yml new file mode 100644 index 0000000000..cc1ed98e70 --- /dev/null +++ b/.github/workflows/pr_teardown_env_on_close.yml @@ -0,0 +1,34 @@ +name: Teardown branch environment in EKS on PR close + +on: + pull_request: + types: [closed] + + +permissions: + id-token: write + contents: read + +env: + GIT_HASH: ${{ github.sha }} + GIT_REF_NAME: ${{ github.ref }} + +jobs: + Teardown_env: + name: Teardown EKS branch environment + runs-on: ubuntu-latest + environment: "dev" + steps: + - name: Check out code + uses: actions/checkout@v4 + - name: Configure AWS credentials + uses: aws-actions/configure-aws-credentials@v4.0.2 + with: + role-to-assume: ${{ secrets.AWS_OIDC_ROLE_TO_ASSUME }} + aws-region: us-west-2 + - name: Update kubeconfig + run: aws eks update-kubeconfig --name dev-easi-poc-cluster --region us-west-2 + - name: Teardown branch environment + run: | + NAMESPACE=$(git rev-parse --abbrev-ref HEAD | sed -E 's/^(EASI-[0-9]*|NOREF).*/\1/' | tr '[:upper:]' '[:lower:]') + kubectl delete namespace "$NAMESPACE" --force --ignore-not-found From 8463cb2e4f376f1c7fa6fd04ee3150f8bd7b7f84 Mon Sep 17 00:00:00 2001 From: Justin Woodson Date: Mon, 9 Dec 2024 16:21:59 -0500 Subject: [PATCH 02/11] use PR number as namespace --- .github/workflows/build_and_test.yml | 2 ++ .github/workflows/deploy_to_eks.yml | 7 +++++++ .github/workflows/manual_deploy_to_eks.yml | 2 +- .github/workflows/pr_teardown_env_on_close.yml | 4 ++-- 4 files changed, 12 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build_and_test.yml b/.github/workflows/build_and_test.yml index 9e2b13a990..bd33eb0cb1 100644 --- a/.github/workflows/build_and_test.yml +++ b/.github/workflows/build_and_test.yml @@ -32,3 +32,5 @@ jobs: uses: ./.github/workflows/deploy_to_eks.yml needs: [Build_Application_Images,Build_easi-frontend_image] secrets: inherit + with: + namespace: easi-pr-${{ github.event.number }} diff --git a/.github/workflows/deploy_to_eks.yml b/.github/workflows/deploy_to_eks.yml index e3e6af01bf..c1fb537441 100644 --- a/.github/workflows/deploy_to_eks.yml +++ b/.github/workflows/deploy_to_eks.yml @@ -2,6 +2,10 @@ name: Deploy branch environment to EKS on: workflow_call: + inputs: + namespace: + required: false + type: string permissions: @@ -32,6 +36,9 @@ jobs: run: aws eks update-kubeconfig --name dev-easi-poc-cluster --region us-west-2 - name: Deploy to EKS run: | + if [ -z "${{ inputs.namespace }}" ]; then + . ./scripts/deploy_eks_env.sh -n ${{ inputs.namespace }} + else . ./scripts/deploy_eks_env.sh echo "# EKS Ingress URLs" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY diff --git a/.github/workflows/manual_deploy_to_eks.yml b/.github/workflows/manual_deploy_to_eks.yml index a32d008918..87e52adfeb 100644 --- a/.github/workflows/manual_deploy_to_eks.yml +++ b/.github/workflows/manual_deploy_to_eks.yml @@ -26,4 +26,4 @@ jobs: Deploy_to_EKS: needs: [Build_easi-frontend_image, Build_Application_Images] uses: ./.github/workflows/deploy_to_eks.yml - secrets: inherit \ No newline at end of file + secrets: inherit diff --git a/.github/workflows/pr_teardown_env_on_close.yml b/.github/workflows/pr_teardown_env_on_close.yml index cc1ed98e70..2b8eb25dba 100644 --- a/.github/workflows/pr_teardown_env_on_close.yml +++ b/.github/workflows/pr_teardown_env_on_close.yml @@ -12,6 +12,7 @@ permissions: env: GIT_HASH: ${{ github.sha }} GIT_REF_NAME: ${{ github.ref }} + PR_NUMBER: ${{ github.event.number }} jobs: Teardown_env: @@ -30,5 +31,4 @@ jobs: run: aws eks update-kubeconfig --name dev-easi-poc-cluster --region us-west-2 - name: Teardown branch environment run: | - NAMESPACE=$(git rev-parse --abbrev-ref HEAD | sed -E 's/^(EASI-[0-9]*|NOREF).*/\1/' | tr '[:upper:]' '[:lower:]') - kubectl delete namespace "$NAMESPACE" --force --ignore-not-found + kubectl delete namespace "easi-pr-$PR_NUMBER" --force --ignore-not-found From 3d043d91613a5b37ab822757085120cfd9d53ea6 Mon Sep 17 00:00:00 2001 From: Justin Woodson Date: Mon, 9 Dec 2024 16:34:08 -0500 Subject: [PATCH 03/11] if else whoopsie --- .github/workflows/deploy_to_eks.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/deploy_to_eks.yml b/.github/workflows/deploy_to_eks.yml index c1fb537441..3f846a08d9 100644 --- a/.github/workflows/deploy_to_eks.yml +++ b/.github/workflows/deploy_to_eks.yml @@ -39,7 +39,8 @@ jobs: if [ -z "${{ inputs.namespace }}" ]; then . ./scripts/deploy_eks_env.sh -n ${{ inputs.namespace }} else - . ./scripts/deploy_eks_env.sh + . ./scripts/deploy_eks_env.sh + fi echo "# EKS Ingress URLs" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY echo "- [EASi](http://${EASI_INGRESS})" >> $GITHUB_STEP_SUMMARY From c9c16addd37a90365d683e02e78886656bcc5e6a Mon Sep 17 00:00:00 2001 From: Justin Woodson Date: Mon, 9 Dec 2024 16:45:38 -0500 Subject: [PATCH 04/11] correct conditional --- .github/workflows/deploy_to_eks.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy_to_eks.yml b/.github/workflows/deploy_to_eks.yml index 3f846a08d9..e97adff6d0 100644 --- a/.github/workflows/deploy_to_eks.yml +++ b/.github/workflows/deploy_to_eks.yml @@ -36,7 +36,7 @@ jobs: run: aws eks update-kubeconfig --name dev-easi-poc-cluster --region us-west-2 - name: Deploy to EKS run: | - if [ -z "${{ inputs.namespace }}" ]; then + if [ -n "${{ inputs.namespace }}" ]; then . ./scripts/deploy_eks_env.sh -n ${{ inputs.namespace }} else . ./scripts/deploy_eks_env.sh From b75b45d981b660f8588eb0070fb76390f15e427a Mon Sep 17 00:00:00 2001 From: Justin Woodson Date: Tue, 10 Dec 2024 01:21:39 -0500 Subject: [PATCH 05/11] streamline EKS deployment by removing namespace deletion and adding resource cleanup while keeping ingress --- scripts/deploy_eks_env.sh | 20 +++----------------- scripts/k8s_dev.sh | 13 ++++--------- 2 files changed, 7 insertions(+), 26 deletions(-) diff --git a/scripts/deploy_eks_env.sh b/scripts/deploy_eks_env.sh index ba2d894c43..ecc2007f26 100755 --- a/scripts/deploy_eks_env.sh +++ b/scripts/deploy_eks_env.sh @@ -58,15 +58,6 @@ fi validate_namespace "$NAMESPACE" echo "Namespace is set to: $NAMESPACE" -# Delete namespace if it exists -if kubectl get ns "$NAMESPACE" > /dev/null 2>&1; then - echo "❄️ Deleting ${NAMESPACE} namespace ❄️" - kubectl delete ns "$NAMESPACE" --force || { - echo "Failed to delete namespace ${NAMESPACE}" - exit 1 - } -fi - # Create Namespace! ( echo "❄️ Creating Namespace via Kubectl ❄️" @@ -77,8 +68,6 @@ fi # Generate and deploy ingress resources ( echo "❄️ Creating Ingress resources via Kustomize ❄️" - TEMPDIR=$(mktemp -d ../tmp.ingress.XXXXX) - cd "$TEMPDIR" || exit kustomize create --resources ../deploy/overlays/pr/ingress kustomize edit set namespace "$NAMESPACE" kustomize build > manifest-ingress.yaml @@ -94,8 +83,6 @@ fi echo "❄️ Deploying Ingress Objects via Kubectl ❄️" kubectl apply -n "$NAMESPACE" -f manifest-ingress.yaml - - rm -rf "$TEMPDIR" ) # TODO: Fine tune this sleep time, or engineer around it. @@ -112,9 +99,10 @@ export EMAIL_INGRESS # Generate and deploy EASI resources ( + echo "❄️ Deleting old resources in namespace, if they exist ❄️" + kubectl delete all --all -n "$NAMESPACE" + echo "❄️ Creating EASi resources via Kustomize ❄️" - TEMPDIR=$(mktemp -d ../tmp.easi.XXXXX) - cd "$TEMPDIR" || exit kustomize create --resources ../deploy/overlays/pr/easi kustomize edit set namespace "$NAMESPACE" kustomize edit set image easi-backend=840301899071.dkr.ecr.us-west-2.amazonaws.com/easi-backend:"$GIT_HASH" @@ -133,8 +121,6 @@ export EMAIL_INGRESS echo "❄️ Deploying Ingress Objects via Kubectl ❄️" kubectl apply -n "$NAMESPACE" -f manifest-easi.yaml - - rm -rf "$TEMPDIR" ) diff --git a/scripts/k8s_dev.sh b/scripts/k8s_dev.sh index 48d7a8152e..ed97d9bcfe 100755 --- a/scripts/k8s_dev.sh +++ b/scripts/k8s_dev.sh @@ -81,15 +81,6 @@ fi # Run validate_namespace validate_namespace "$NAMESPACE" -# Delete namespace if it exists -if kubectl get ns "$NAMESPACE" > /dev/null 2>&1; then - echo "❄️ Clear ${NAMESPACE} namespace ❄️" - kubectl delete ns "$NAMESPACE" || { - echo "Failed to delete namespace ${NAMESPACE}" - exit 1 - } -fi - APPLICATION_VERSION="$(git rev-parse @)" APPLICATION_DATETIME="$(date --rfc-3339='seconds' --utc)" APPLICATION_TS="$(date --date="$APPLICATION_DATETIME" '+%s')" @@ -153,6 +144,10 @@ delete_temp_dir() { ( TEMPDIR=$(mktemp -d ../tmp.easi.XXXXX) cd "$TEMPDIR" || exit + echo "❄️ Deleting old resources in namespace, if they exist ❄️" + kubectl delete all --all -n "$NAMESPACE" + + echo "❄️ Creating EASi resources via Kustomize ❄️" kustomize create --resources ../deploy/base/easi kustomize edit set namespace "$NAMESPACE" kustomize build > manifest.yaml From cb2f03a920d759b82dbaf0f225c830330db447ea Mon Sep 17 00:00:00 2001 From: Justin Woodson Date: Tue, 10 Dec 2024 01:44:05 -0500 Subject: [PATCH 06/11] create temporary directories for ingress and EASI resources --- scripts/deploy_eks_env.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/scripts/deploy_eks_env.sh b/scripts/deploy_eks_env.sh index ecc2007f26..f0e836f0e8 100755 --- a/scripts/deploy_eks_env.sh +++ b/scripts/deploy_eks_env.sh @@ -68,6 +68,7 @@ echo "Namespace is set to: $NAMESPACE" # Generate and deploy ingress resources ( echo "❄️ Creating Ingress resources via Kustomize ❄️" + mkdir -p ../tmp.ingress && cd ../tmp.ingress kustomize create --resources ../deploy/overlays/pr/ingress kustomize edit set namespace "$NAMESPACE" kustomize build > manifest-ingress.yaml @@ -99,6 +100,7 @@ export EMAIL_INGRESS # Generate and deploy EASI resources ( + mkdir -p ../tmp.easi && cd ../tmp.easi echo "❄️ Deleting old resources in namespace, if they exist ❄️" kubectl delete all --all -n "$NAMESPACE" @@ -123,6 +125,7 @@ export EMAIL_INGRESS kubectl apply -n "$NAMESPACE" -f manifest-easi.yaml ) +rm -rf ../tmp.ingress/kustomization.yaml ../tmp.easi/kustomization.yaml echo "EASI: http://$EASI_INGRESS" echo "Mailcatcher: http://$EMAIL_INGRESS" From 3d9d15462e368963b13278c2af85dd30bd3b259e Mon Sep 17 00:00:00 2001 From: Justin Woodson Date: Tue, 10 Dec 2024 01:45:15 -0500 Subject: [PATCH 07/11] refactor deployment script to use persistent temporary directories and separate manifest files for ingress and EASi resources --- scripts/k8s_dev.sh | 38 +++++++++++++++----------------------- 1 file changed, 15 insertions(+), 23 deletions(-) diff --git a/scripts/k8s_dev.sh b/scripts/k8s_dev.sh index ed97d9bcfe..aa176ecdc6 100755 --- a/scripts/k8s_dev.sh +++ b/scripts/k8s_dev.sh @@ -115,12 +115,6 @@ export APPLICATION_TS echo "❄️ Deploying EASi via Kustomize ❄️" -delete_temp_dir() { - if [ -d "$TEMPDIR" ]; then - rm -rf "$TEMPDIR" - fi -} - # Create Namespace! ( echo "❄️ Creating Namespace via Kubectl ❄️" @@ -128,37 +122,35 @@ delete_temp_dir() { ) ( - TEMPDIR=$(mktemp -d ../tmp.ingress.XXXXX) - cd "$TEMPDIR" || exit + mkdir -p ../tmp.ingress && cd ../tmp.ingress kustomize create --resources ../deploy/base/ingress kustomize edit set namespace "$NAMESPACE" - kustomize build > manifest.yaml + kustomize build > manifest-ingress.yaml - sed -i'' -E "s/easi.localdev.me/${NAMESPACE}.localdev.me/" manifest.yaml - sed -i'' -E "s/email.localdev.me/${NAMESPACE}-email.localdev.me/" manifest.yaml - sed -i'' -E "s/minio.localdev.me/${NAMESPACE}-minio.localdev.me/" manifest.yaml - kubectl apply -f manifest.yaml - trap delete_temp_dir EXIT + sed -i'' -E "s/easi.localdev.me/${NAMESPACE}.localdev.me/" manifest-ingress.yaml + sed -i'' -E "s/email.localdev.me/${NAMESPACE}-email.localdev.me/" manifest-ingress.yaml + sed -i'' -E "s/minio.localdev.me/${NAMESPACE}-minio.localdev.me/" manifest-ingress.yaml + kubectl apply -f manifest-ingress.yaml ) ( - TEMPDIR=$(mktemp -d ../tmp.easi.XXXXX) - cd "$TEMPDIR" || exit + mkdir -p ../tmp.easi && cd ../tmp.easi echo "❄️ Deleting old resources in namespace, if they exist ❄️" kubectl delete all --all -n "$NAMESPACE" echo "❄️ Creating EASi resources via Kustomize ❄️" kustomize create --resources ../deploy/base/easi kustomize edit set namespace "$NAMESPACE" - kustomize build > manifest.yaml - sed -i'' -E "s/easi-frontend:latest/easi-frontend:${NAMESPACE}/" manifest.yaml - sed -i'' -E "s/easi-backend:latest/easi-backend:${NAMESPACE}/" manifest.yaml - sed -i'' -E "s/cedarproxy:latest/cedarproxy:${NAMESPACE}/" manifest.yaml - sed -i'' -E "s/db-migrate:latest/db-migrate:${NAMESPACE}/" manifest.yaml - kubectl apply -f manifest.yaml - trap delete_temp_dir EXIT + kustomize build > manifest-easi.yaml + sed -i'' -E "s/easi-frontend:latest/easi-frontend:${NAMESPACE}/" manifest-easi.yaml + sed -i'' -E "s/easi-backend:latest/easi-backend:${NAMESPACE}/" manifest-easi.yaml + sed -i'' -E "s/cedarproxy:latest/cedarproxy:${NAMESPACE}/" manifest-easi.yaml + sed -i'' -E "s/db-migrate:latest/db-migrate:${NAMESPACE}/" manifest-easi.yaml + kubectl apply -f manifest-easi.yaml ) +rm -rf ../tmp.ingress ../tmp.easi + echo "❄️ EASi: http://${NAMESPACE}.localdev.me ❄️" echo "❄️ Mailcatcher: http://${NAMESPACE}-email.localdev.me ❄️" echo "❄️ Minio: http://${NAMESPACE}-minio.localdev.me ❄️" From 9f3c1cafcd366ee14180829e911fb79b51deea79 Mon Sep 17 00:00:00 2001 From: Justin Woodson Date: Tue, 10 Dec 2024 11:51:36 -0500 Subject: [PATCH 08/11] Update descriptions for inputs --- .github/workflows/deploy_to_eks.yml | 10 +++++++++- .github/workflows/manual_deploy_to_eks.yml | 7 +++++++ .github/workflows/pr_teardown_env_on_close.yml | 1 + 3 files changed, 17 insertions(+), 1 deletion(-) diff --git a/.github/workflows/deploy_to_eks.yml b/.github/workflows/deploy_to_eks.yml index e97adff6d0..6ad4880995 100644 --- a/.github/workflows/deploy_to_eks.yml +++ b/.github/workflows/deploy_to_eks.yml @@ -6,7 +6,7 @@ on: namespace: required: false type: string - + description: 'The namespace to use when deploying to EKS. If not passed, a namespace will attempt to be automatically generated from the branch name.' permissions: id-token: write @@ -46,3 +46,11 @@ jobs: echo "- [EASi](http://${EASI_INGRESS})" >> $GITHUB_STEP_SUMMARY echo "- [Mailcatcher](http://${EMAIL_INGRESS})" >> $GITHUB_STEP_SUMMARY echo "- [Minio Console](http://${MINIO_CONSOLE_INGRESS})" >> $GITHUB_STEP_SUMMARY + + - name: Comment on PR + if: github.event_name == 'pull_request' + uses: thollander/actions-comment-pull-request@v3 + with: + message: | + Hello world ! :wave: + reactions: eyes, rocket diff --git a/.github/workflows/manual_deploy_to_eks.yml b/.github/workflows/manual_deploy_to_eks.yml index 87e52adfeb..4db9857ea8 100644 --- a/.github/workflows/manual_deploy_to_eks.yml +++ b/.github/workflows/manual_deploy_to_eks.yml @@ -2,6 +2,11 @@ name: Manual deploy To EKS on: workflow_dispatch: + inputs: + namespace: + required: false + type: string + description: 'The namespace to use when deploying to EKS. If not passed, a namespace will attempt to be automatically generated from the branch name.' permissions: id-token: write @@ -27,3 +32,5 @@ jobs: needs: [Build_easi-frontend_image, Build_Application_Images] uses: ./.github/workflows/deploy_to_eks.yml secrets: inherit + with: + namespace: ${{ github.event.inputs.namespace }} diff --git a/.github/workflows/pr_teardown_env_on_close.yml b/.github/workflows/pr_teardown_env_on_close.yml index 2b8eb25dba..eeac85bef9 100644 --- a/.github/workflows/pr_teardown_env_on_close.yml +++ b/.github/workflows/pr_teardown_env_on_close.yml @@ -30,5 +30,6 @@ jobs: - name: Update kubeconfig run: aws eks update-kubeconfig --name dev-easi-poc-cluster --region us-west-2 - name: Teardown branch environment + # The "easi-pr-" prefix needs to match the prefix in build_and_test.yml so that we delete the correct namespace run: | kubectl delete namespace "easi-pr-$PR_NUMBER" --force --ignore-not-found From 99f81451f7886abe555d2733eb1ed9b48e929337 Mon Sep 17 00:00:00 2001 From: Justin Woodson Date: Tue, 10 Dec 2024 12:18:57 -0500 Subject: [PATCH 09/11] Update namespace prefix in workflows and adjust PR teardown script --- .github/workflows/build_and_test.yml | 2 +- .github/workflows/deploy_to_eks.yml | 13 ++++++++++++- .github/workflows/pr_teardown_env_on_close.yml | 2 +- 3 files changed, 14 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build_and_test.yml b/.github/workflows/build_and_test.yml index bd33eb0cb1..cb64a2a082 100644 --- a/.github/workflows/build_and_test.yml +++ b/.github/workflows/build_and_test.yml @@ -33,4 +33,4 @@ jobs: needs: [Build_Application_Images,Build_easi-frontend_image] secrets: inherit with: - namespace: easi-pr-${{ github.event.number }} + namespace: easi-${{ github.event.number }} diff --git a/.github/workflows/deploy_to_eks.yml b/.github/workflows/deploy_to_eks.yml index 6ad4880995..173ed1b89d 100644 --- a/.github/workflows/deploy_to_eks.yml +++ b/.github/workflows/deploy_to_eks.yml @@ -11,6 +11,7 @@ on: permissions: id-token: write contents: read + pull-requests: write env: GIT_HASH: ${{ github.sha }} @@ -46,11 +47,21 @@ jobs: echo "- [EASi](http://${EASI_INGRESS})" >> $GITHUB_STEP_SUMMARY echo "- [Mailcatcher](http://${EMAIL_INGRESS})" >> $GITHUB_STEP_SUMMARY echo "- [Minio Console](http://${MINIO_CONSOLE_INGRESS})" >> $GITHUB_STEP_SUMMARY - + + #TODO: Remove this step + - name: Set outputs + id: set-outputs + run: | + echo "${{ github.event }}" + echo "${{ github.event_name }}" + echo "${{ github.event.pull_request }}" + - name: Comment on PR if: github.event_name == 'pull_request' uses: thollander/actions-comment-pull-request@v3 with: + comment-tag: ingress-urls message: | Hello world ! :wave: + This is a comment on ${{ github.event.number }} reactions: eyes, rocket diff --git a/.github/workflows/pr_teardown_env_on_close.yml b/.github/workflows/pr_teardown_env_on_close.yml index eeac85bef9..f7e18bb88c 100644 --- a/.github/workflows/pr_teardown_env_on_close.yml +++ b/.github/workflows/pr_teardown_env_on_close.yml @@ -32,4 +32,4 @@ jobs: - name: Teardown branch environment # The "easi-pr-" prefix needs to match the prefix in build_and_test.yml so that we delete the correct namespace run: | - kubectl delete namespace "easi-pr-$PR_NUMBER" --force --ignore-not-found + kubectl delete namespace "easi-$PR_NUMBER" --force --ignore-not-found From 69816a1e4fde3b184d247bc50d637f5103acf4db Mon Sep 17 00:00:00 2001 From: Justin Woodson Date: Tue, 10 Dec 2024 12:42:14 -0500 Subject: [PATCH 10/11] set ingress URLs as outputs and update PR comment --- .github/workflows/deploy_to_eks.yml | 24 +++++++++--------------- 1 file changed, 9 insertions(+), 15 deletions(-) diff --git a/.github/workflows/deploy_to_eks.yml b/.github/workflows/deploy_to_eks.yml index 173ed1b89d..c7e7cb164c 100644 --- a/.github/workflows/deploy_to_eks.yml +++ b/.github/workflows/deploy_to_eks.yml @@ -36,32 +36,26 @@ jobs: - name: Update kubeconfig run: aws eks update-kubeconfig --name dev-easi-poc-cluster --region us-west-2 - name: Deploy to EKS + id: deploy-to-eks run: | if [ -n "${{ inputs.namespace }}" ]; then . ./scripts/deploy_eks_env.sh -n ${{ inputs.namespace }} else . ./scripts/deploy_eks_env.sh fi - echo "# EKS Ingress URLs" >> $GITHUB_STEP_SUMMARY - echo "" >> $GITHUB_STEP_SUMMARY - echo "- [EASi](http://${EASI_INGRESS})" >> $GITHUB_STEP_SUMMARY - echo "- [Mailcatcher](http://${EMAIL_INGRESS})" >> $GITHUB_STEP_SUMMARY - echo "- [Minio Console](http://${MINIO_CONSOLE_INGRESS})" >> $GITHUB_STEP_SUMMARY - - #TODO: Remove this step - - name: Set outputs - id: set-outputs - run: | - echo "${{ github.event }}" - echo "${{ github.event_name }}" - echo "${{ github.event.pull_request }}" + echo "EASI_INGRESS=http://${EASI_INGRESS}" >> $GITHUB_OUTPUT + echo "EMAIL_INGRESS=http://${EMAIL_INGRESS}" >> $GITHUB_OUTPUT + echo "MINIO_CONSOLE_INGRESS=http://${MINIO_CONSOLE_INGRESS}" >> $GITHUB_OUTPUT - name: Comment on PR if: github.event_name == 'pull_request' uses: thollander/actions-comment-pull-request@v3 with: comment-tag: ingress-urls + pr-number: ${{ github.event.number }} message: | - Hello world ! :wave: - This is a comment on ${{ github.event.number }} + # EKS Ingress URLs + - [EASi]({{ steps.deploy-to-eks.outputs.EASI_INGRESS }}) + - [Mailcatcher]({{ steps.deploy-to-eks.outputs.EMAIL_INGRESS }}) + - [Minio Console]({{ steps.deploy-to-eks.outputs.MINIO_CONSOLE_INGRESS }}) reactions: eyes, rocket From 0cbefa0bd82f885add5c03a7a68925077f05c329 Mon Sep 17 00:00:00 2001 From: Justin Woodson Date: Tue, 10 Dec 2024 12:47:42 -0500 Subject: [PATCH 11/11] fix output format --- .github/workflows/deploy_to_eks.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/deploy_to_eks.yml b/.github/workflows/deploy_to_eks.yml index c7e7cb164c..375e9e02cc 100644 --- a/.github/workflows/deploy_to_eks.yml +++ b/.github/workflows/deploy_to_eks.yml @@ -55,7 +55,7 @@ jobs: pr-number: ${{ github.event.number }} message: | # EKS Ingress URLs - - [EASi]({{ steps.deploy-to-eks.outputs.EASI_INGRESS }}) - - [Mailcatcher]({{ steps.deploy-to-eks.outputs.EMAIL_INGRESS }}) - - [Minio Console]({{ steps.deploy-to-eks.outputs.MINIO_CONSOLE_INGRESS }}) + - [EASi](${{ steps.deploy-to-eks.outputs.EASI_INGRESS }}) + - [Mailcatcher](${{ steps.deploy-to-eks.outputs.EMAIL_INGRESS }}) + - [Minio Console](${{ steps.deploy-to-eks.outputs.MINIO_CONSOLE_INGRESS }}) reactions: eyes, rocket