Skip to content
This repository has been archived by the owner on Oct 31, 2024. It is now read-only.

Commit

Permalink
chore: temporary changes to test sts AssumeRole
Browse files Browse the repository at this point in the history
  • Loading branch information
foo0x29a committed Dec 22, 2022
1 parent a7c3ab8 commit 878de7b
Show file tree
Hide file tree
Showing 2 changed files with 70 additions and 49 deletions.
117 changes: 69 additions & 48 deletions .github/workflows/k8s_e2e_tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,51 +5,54 @@ name: E2E tests on Kubernetes
# workflows: [Docker_build_push] # This is the name of the .github/workflows/docker_build_push.yml workflow
# types:
# - completed
on: workflow_dispatch
on:
push:
branches:
- 'feat/terraform-ci'

env:
CERT_SPAMMER_IMAGE: ghcr.io/toposware/cert-spammer:main
TELEMETRY_ENDPOINT: jaeger.tce.devnet-1.toposware.com:6831
SPAM_DURATION_SECONDS: 10
TERRAFORM_INPUTS: >
-var="cluster_name=${{ github.sha }}"
-var="cert_spammer_image=${{ env.CERT_SPAMMER_IMAGE }}"
-var="jaeger_endpoint=${{ env.TELEMETRY_ENDPOINT }}"
-var="jaeger_service_name=${{ github.sha }}
-var="docker_registry_auth_user=${{ github.actor }}"
-var="docker_registry_auth_pwd=${{ secrets.GITHUB_TOKEN }}"
# env:
# CERT_SPAMMER_IMAGE: ghcr.io/toposware/cert-spammer:main
# TELEMETRY_ENDPOINT: jaeger.tce.devnet-1.toposware.com:6831
# SPAM_DURATION_SECONDS: 10
# TERRAFORM_INPUTS: >
# -var="cluster_name=${{ github.sha }}"
# -var="cert_spammer_image=${{ env.CERT_SPAMMER_IMAGE }}"
# -var="jaeger_endpoint=${{ env.TELEMETRY_ENDPOINT }}"
# -var="jaeger_service_name=${{ github.sha }}
# -var="docker_registry_auth_user=${{ github.actor }}"
# -var="docker_registry_auth_pwd=${{ secrets.GITHUB_TOKEN }}"

jobs:
retrieve-docker-tags:
name: Retrieve docker tags from triggering workflow
runs-on: ubuntu-latest
if: ${{ github.event.workflow_run.conclusion == 'success' }}
outputs:
docker_tags: ${{ steps.docker_tags.outputs.result }}
steps:
- name: Retrieve docker tags
id: docker_tags
uses: actions/github-script@v6
with:
script: |
let allArtifacts = await github.rest.actions.listWorkflowRunArtifacts({
owner: context.repo.owner,
repo: context.repo.repo,
run_id: context.payload.workflow_run.id,
});
let matchArtifact = allArtifacts.data.artifacts.filter((artifact) => {
return artifact.name == "docker_tags"
})[0];
let download = await github.rest.actions.downloadArtifact({
owner: context.repo.owner,
repo: context.repo.repo,
artifact_id: matchArtifact.id,
});
return download.data;
result-encoding: string
# retrieve-docker-tags:
# name: Retrieve docker tags from triggering workflow
# runs-on: ubuntu-latest
# if: ${{ github.event.workflow_run.conclusion == 'success' }}
# outputs:
# docker_tags: ${{ steps.docker_tags.outputs.result }}
# steps:
# - name: Retrieve docker tags
# id: docker_tags
# uses: actions/github-script@v6
# with:
# script: |
# let allArtifacts = await github.rest.actions.listWorkflowRunArtifacts({
# owner: context.repo.owner,
# repo: context.repo.repo,
# run_id: context.payload.workflow_run.id,
# });
# let matchArtifact = allArtifacts.data.artifacts.filter((artifact) => {
# return artifact.name == "docker_tags"
# })[0];
# let download = await github.rest.actions.downloadArtifact({
# owner: context.repo.owner,
# repo: context.repo.repo,
# artifact_id: matchArtifact.id,
# });
# return download.data;
# result-encoding: string
k8s:
name: Deploy k8s cluster and run TCE network
needs: retrieve-docker-tags
# needs: retrieve-docker-tags
runs-on: ubuntu-latest
container:
image: hashicorp/terraform:1.2.4
Expand All @@ -58,13 +61,31 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@v3

- name: Enable remote modules download
run: git config --global url."https://${{ secrets.ROBOT_TOPOSWARE_PRIV_REPOS_TOKEN }}@github.com/".insteadOf "https://github.com/"

- name: Configure AWS credentials from topos-devnet-1 account
uses: aws-actions/configure-aws-credentials@v1
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
role-to-assume: arn:aws:iam::129575284029:role/TerraformRole
role-skip-session-tagging: true
role-duration-seconds: 3600
role-session-name: Terraform-TerraformRole-session
aws-region: us-east-1

- name: Terraform init
run: terraform -chdir=./tools/terraform init
working-directory: tools/terraform/topos-devnet-1
run: terraform init -backend-config=backend.conf

- name: Terraform plan
run: terraform -chdir=./tools/terraform plan ${{ env.TERRAFORM_INPUTS }} -var="tce_node_image=${{ needs.retrieve-docker-tags.outputs.docker_tags }}"
- name: Spam certificates for ${{ env.SPAM_DURATION_SECONDS }} seconds
uses: jakejarvis/wait-action@master
with:
time: "${{ env.SPAM_DURATION_SECONDS }}s"
- name: Terraform destroy
run: terraform -chdir=./tools/terraform destroy ${{ env.TERRAFORM_INPUTS }} -var="tce_node_image=${{ needs.retrieve-docker-tags.outputs.docker_tags }}"
working-directory: tools/terraform/topos-devnet-1
run: terraform plan -var-file=terraform.tfvars
# - name: Spam certificates for ${{ env.SPAM_DURATION_SECONDS }} seconds
# uses: jakejarvis/wait-action@master
# with:
# time: "${{ env.SPAM_DURATION_SECONDS }}s"
# - name: Terraform destroy
# run: terraform -chdir=./tools/terraform destroy ${{ env.TERRAFORM_INPUTS }} -var="tce_node_image=${{ needs.retrieve-docker-tags.outputs.docker_tags }}"
2 changes: 1 addition & 1 deletion tools/terraform/topos-devnet-1/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ provider "aws" {
}

module "eks" {
source = "git::git@github.com:toposware/tce-infra.git//terraform/modules/aws/eks"
source = "git::https://github.com/toposware/tce-infra.git//terraform/modules/aws/eks"

name = "topos-devnet-1"
region = var.region
Expand Down

0 comments on commit 878de7b

Please sign in to comment.