werft/deploy: Trigger VM creation before container builds

Signed-off-by: ArthurSens <arthursens2005@gmail.com>

Author: ArthurSens

.werft/build.ts

@@ -45,7 +45,7 @@ async function run(context: any) {
     const config = jobConfig(werft, context)
 
     await validateChanges(werft, config)
-    await prepare(werft)
+    await prepare(werft, config)
     await buildAndPublish(werft, config)
     await coverage(werft, config)
 

.werft/jobs/build/deploy-to-preview-environment.ts

@@ -19,7 +19,7 @@ const STACKDRIVER_SERVICEACCOUNT = JSON.parse(fs.readFileSync(`/mnt/secrets/moni
 const phases = {
     PREDEPLOY: 'predeploy',
     DEPLOY: 'deploy',
-    VM: 'vm'
+    VM: 'Ensure VM Readiness'
 }
 
 // Werft slices for deploy phase via installer
@@ -38,7 +38,7 @@ const installerSlices = {
 }
 
 const vmSlices = {
-    BOOT_VM: 'Booting VM',
+    VM_READINESS: 'Waiting for VM readiness',
     START_KUBECTL_PORT_FORWARDS: 'Start kubectl port forwards',
     COPY_CERT_MANAGER_RESOURCES: 'Copy CertManager resources from core-dev',
     INSTALL_LETS_ENCRYPT_ISSUER: 'Install Lets Encrypt issuer',
@@ -101,32 +101,16 @@ export async function deployToPreviewEnvironment(werft: Werft, jobConfig: JobCon
     exec(`kubectl get secret ${withVM ? 'preview-envs-authproviders-harvester' : 'preview-envs-authproviders'} --namespace=keys -o jsonpath="{.data.authProviders}" > auth-provider-secret.yml`, { silent: true })
 
     if (withVM) {
-        werft.phase(phases.VM, "Start VM");
+        werft.phase(phases.VM, "Ensuring VM is ready for deployment");
 
         werft.log(vmSlices.COPY_CERT_MANAGER_RESOURCES, 'Copy over CertManager resources from core-dev')
         exec(`kubectl get secret clouddns-dns01-solver-svc-acct -n certmanager -o yaml | sed 's/namespace: certmanager/namespace: cert-manager/g' > clouddns-dns01-solver-svc-acct.yaml`, { slice: vmSlices.COPY_CERT_MANAGER_RESOURCES })
         exec(`kubectl get clusterissuer letsencrypt-issuer-gitpod-core-dev -o yaml | sed 's/letsencrypt-issuer-gitpod-core-dev/letsencrypt-issuer/g' > letsencrypt-issuer.yaml`, { slice: vmSlices.COPY_CERT_MANAGER_RESOURCES })
         werft.done(vmSlices.COPY_CERT_MANAGER_RESOURCES)
 
-        const existingVM = VM.vmExists({ name: destname })
-        if (!existingVM) {
-            werft.log(vmSlices.BOOT_VM, 'Starting VM')
-            VM.startVM({ name: destname })
-            werft.currentPhaseSpan.setAttribute("werft.harvester.created_vm", true)
-        } else if (cleanSlateDeployment) {
-            werft.log(vmSlices.BOOT_VM, 'Removing existing namespace')
-            VM.deleteVM({ name: destname })
-            werft.log(vmSlices.BOOT_VM, 'Starting VM')
-            VM.startVM({ name: destname })
-            werft.currentPhaseSpan.setAttribute("werft.harvester.created_vm", true)
-        } else {
-            werft.log(vmSlices.BOOT_VM, 'VM already exists')
-            werft.currentPhaseSpan.setAttribute("werft.harvester.created_vm", false)
-        }
-
-        werft.log(vmSlices.BOOT_VM, 'Waiting for VM to be ready')
-        VM.waitForVM({ name: destname, timeoutSeconds: 60 * 10, slice: vmSlices.BOOT_VM })
-        werft.done(vmSlices.BOOT_VM)
+        werft.log(vmSlices.VM_READINESS, 'Wait for VM readiness')
+        VM.waitForVMReadiness({ name: destname, timeoutSeconds: 60 * 10, slice: vmSlices.VM_READINESS })
+        werft.done(vmSlices.VM_READINESS)
 
         werft.log(vmSlices.START_KUBECTL_PORT_FORWARDS, 'Starting SSH port forwarding')
         VM.startSSHProxy({ name: destname, slice: vmSlices.START_KUBECTL_PORT_FORWARDS })

.werft/jobs/build/prepare.ts

@@ -1,16 +1,26 @@
 import { exec } from '../../util/shell';
 import { Werft } from "../../util/werft";
+import * as VM from '../../vm/vm'
 import { GCLOUD_SERVICE_ACCOUNT_PATH } from "./const";
+import { JobConfig } from './job-config';
 
 const phaseName = "prepare";
+const prepareSlices = {
+    CONFIGURE_CORE_DEV: "Configuring core-dev access.",
+    BOOT_VM: "Booting VM."
+}
 
-export async function prepare(werft: Werft) {
+export async function prepare(werft: Werft, config: JobConfig) {
     werft.phase(phaseName);
     try {
+        werft.log(prepareSlices.CONFIGURE_CORE_DEV, prepareSlices.CONFIGURE_CORE_DEV)
         compareWerftAndGitpodImage()
         activateCoreDevServiceAccount()
         configureDocker()
         configureCoreDevAccess()
+        werft.done(prepareSlices.CONFIGURE_CORE_DEV)
+
+        decideHarvesterVMCreation(werft, config)
     } catch (err) {
         werft.fail(phaseName, err);
     }
@@ -27,26 +37,51 @@ function compareWerftAndGitpodImage() {
 }
 
 function activateCoreDevServiceAccount() {
-    const rc = exec(`gcloud auth activate-service-account --key-file "${GCLOUD_SERVICE_ACCOUNT_PATH}"`, { slice: phaseName }).code;
+    const rc = exec(`gcloud auth activate-service-account --key-file "${GCLOUD_SERVICE_ACCOUNT_PATH}"`, { slice: prepareSlices.CONFIGURE_CORE_DEV }).code;
 
     if (rc != 0) {
         throw new Error("Failed to activate core-dev service account.")
     }
 }
 
 function configureDocker() {
-    const rcDocker = exec("gcloud auth configure-docker --quiet", { slice: phaseName }).code;
-    const rcDockerRegistry = exec("gcloud auth configure-docker europe-docker.pkg.dev --quiet", { slice: phaseName }).code;
+    const rcDocker = exec("gcloud auth configure-docker --quiet", { slice: prepareSlices.CONFIGURE_CORE_DEV }).code;
+    const rcDockerRegistry = exec("gcloud auth configure-docker europe-docker.pkg.dev --quiet", { slice: prepareSlices.CONFIGURE_CORE_DEV }).code;
 
     if (rcDocker != 0 || rcDockerRegistry != 0) {
         throw new Error("Failed to configure docker with gcloud.")
     }
 }
 
 function configureCoreDevAccess() {
-    const rc = exec('gcloud container clusters get-credentials core-dev --zone europe-west1-b --project gitpod-core-dev', { slice: phaseName }).code;
+    const rc = exec('gcloud container clusters get-credentials core-dev --zone europe-west1-b --project gitpod-core-dev', { slice: prepareSlices.CONFIGURE_CORE_DEV }).code;
 
     if (rc != 0) {
         throw new Error("Failed to get core-dev kubeconfig credentials.")
     }
-}
+}
+
+function decideHarvesterVMCreation(werft: Werft, config: JobConfig) {
+    if (config.withVM && !VM.vmExists({ name: config.previewEnvironment.destname })) {
+        prepareVM(werft, config)
+    } else {
+        werft.currentPhaseSpan.setAttribute("werft.harvester.created_vm", false)
+    }
+    werft.done(prepareSlices.BOOT_VM)
+}
+
+function prepareVM(werft: Werft, config: JobConfig) {
+    if (config.cleanSlateDeployment) {
+        werft.log(prepareSlices.BOOT_VM, "Cleaning previously created VM")
+        VM.deleteVM({ name: config.previewEnvironment.destname })
+    }
+    createVM(werft, config, prepareSlices.BOOT_VM)
+}
+
+// createVM only triggers the VM creation.
+// Readiness is not guaranted.
+function createVM(werft: Werft, config: JobConfig, slice: string) {
+    werft.log(slice, 'Booting  VM')
+    VM.startVM({ name: config.previewEnvironment.destname })
+    werft.currentPhaseSpan.setAttribute("werft.harvester.created_vm", true)
+}

.werft/vm/vm.ts

@@ -123,7 +123,7 @@ export function vmExists(options: { name: string }) {
  * Wait until the VM Instance reaches the Running status.
  * If the VM Instance doesn't reach Running before the timeoutMS it will throw an Error.
  */
-export function waitForVM(options: { name: string, timeoutSeconds: number, slice: string }) {
+export function waitForVMReadiness(options: { name: string, timeoutSeconds: number, slice: string }) {
     const werft = getGlobalWerftInstance()
     const namespace = `preview-${options.name}`