Skip to content

Commit

Permalink
Development: Add support for new Docker based test servers with GitHu…
Browse files Browse the repository at this point in the history 
…b deployment (#6492)
  • Loading branch information
@Hialus
Hialus authored May 19, 2023
1 parent cf74c01 commit 26fcca0
Show file tree
Hide file tree
Showing 5 changed files with 536 additions and 104 deletions.
97 changes: 1 addition & 96 deletions .github/workflows/build-deploy.yml → .github/workflows/build.yml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
name: Build & Deploy
name: Build

on:
pull_request:
Expand Down Expand Up @@ -127,98 +127,3 @@ jobs:
# TODO: Push to Docker Hub (develop + tag)

# TODO: Push to Chair Harbour (??)

deploy:
if: ${{ github.event_name == 'pull_request' }}
needs: build
runs-on: ubuntu-latest
strategy:
matrix:
include:
- environment: artemistest5
url: https://artemistest5.ase.in.tum.de
environment:
url: ${{ matrix.url }}
name: ${{ matrix.environment }}
steps:
- name: Check "lock:${{ matrix.environment }}" label
uses: actions/github-script@v6
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
const opts = github.rest.issues.listForRepo.endpoint.merge({
owner: context.repo.owner,
repo: context.repo.repo,
labels: ['lock:${{ matrix.environment }}']
})
const issues = await github.paginate(opts)
if (issues.length == 1 && (!context.issue || issues[0].number != context.issue.number)) {
core.setFailed(`Testserver "${{ matrix.environment }}" is already in use by PR #${issues[0].number}.`);
} else if (issues.length > 1) {
core.setFailed('Testserver "${{ matrix.environment }}" is already in use by multiple PRs. Check PRs with label "lock:${{ matrix.environment }}"!');
} else if (context.issue && context.issue.number) {
await github.rest.issues.addLabels({
issue_number: context.issue.number,
owner: context.repo.owner,
repo: context.repo.repo,
labels: ['lock:${{ matrix.environment }}']
})
}
- name: Download Artifact
uses: actions/download-artifact@v3
with:
name: Artemis.war
- name: Store Artifact Name
id: artifact-name
run: echo "::set-output name=war-file::$(ls)"

# Download artemis-server-cli from GH without cloning the Repo
- name: Fetch Artemis CLI
run: |
wget ${{ env.RAW_URL }}/artemis-server-cli
chmod +x artemis-server-cli
- name: Install OpenVPN
run: sudo apt-get --assume-yes --no-install-recommends install openvpn
# Fill config from Secret (https://tum.eduvpn.lrz.de/vpn-user-portal/configurations)
- name: Configure LRZ eduVPN
run: echo "${{ secrets.LRZ_OVPN_CONFIG }}" > lrz.ovpn
- name: Connect VPN
run: sudo openvpn --config "lrz.ovpn" --log "vpn.log" --daemon
- name: Wait for a VPN connection. Ping nas.ads.mwn.de (only accessible inside MWN)
run: until ping -c1 nas.ads.mwn.de; do sleep 2; done
timeout-minutes: 2

# Configure SSH Key
- name: Setup SSH Keys and known_hosts
env:
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
DEPLOYMENT_HOSTS: "${{ secrets.DEPLOYMENT_HOSTS }}"
SSH_PRIVATE_KEY: "${{ secrets.SSH_PRIVATE_KEY }}"
run: |
mkdir -p ~/.ssh
for host in $DEPLOYMENT_HOSTS; do
ssh-keyscan $host >> ~/.ssh/known_hosts
done
ssh-agent -a $SSH_AUTH_SOCK > /dev/null
ssh-add - <<< $SSH_PRIVATE_KEY
- name: Deploy Artemis WAR artifact
env:
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
DEPLOYMENT_HOSTS: "${{ secrets.DEPLOYMENT_HOSTS }}"
DEPLOYMENT_USER: ${{ secrets.DEPLOYMENT_USER }}
WAR_FILE: ./${{steps.artifact-name.outputs.war-file}}
run: |
for host in $DEPLOYMENT_HOSTS; do
./artemis-server-cli deploy $DEPLOYMENT_USER@$host -w $WAR_FILE -y
sleep 20
done
# Always disconnect from VPN
- name: Disconnect VPN
run: |
sudo killall openvpn
rm lrz.ovpn
if: always()
20 changes: 20 additions & 0 deletions .github/workflows/pullrequest-closed.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ on:
types: [closed]

jobs:
# If a PR is closed the docker image should be deleted to save space
purge-image:
name: Delete image from ghcr.io
runs-on: ubuntu-latest
Expand All @@ -17,3 +18,22 @@ jobs:
token: ${{ secrets.GH_TOKEN_ADD_TO_PROJECT }}
tag: pr-${{ github.event.pull_request.number }}
untagged-older-than: 28

# If a PR is closed it should no longer lock any testservers
remove-testserver-locks:
runs-on: ubuntu-latest
steps:
- uses: actions-ecosystem/action-remove-labels@v1
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
labels: |
lock:artemis-test1
lock:artemis-test2
lock:artemis-test3
lock:artemis-test4
lock:artemis-test5
lock:artemis-test6
lock:artemis-test7
lock:artemis-test8
lock:artemis-test9
lock:artemis-test10
25 changes: 17 additions & 8 deletions .github/workflows/testserver-locks.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,15 +5,24 @@ on:
types: [labeled]
issues:
types: [labeled]

jobs:
# Disallow adding testserver locks to PRs manually
noManualSetOfLockLabel:
runs-on: ubuntu-latest
steps:

- uses: actions-ecosystem/action-remove-labels@v1
if: startsWith(github.event.label.name, 'lock:artemistest') || startsWith(join(github.event.pull_request.labels.*.name), 'lock:artemisteste')
with:
github_token: ${{ secrets.github_token }}
labels: |
lock:artemistest5
- uses: actions-ecosystem/action-remove-labels@v1
if: startsWith(github.event.label.name, 'lock:artemis-test') || startsWith(join(github.event.pull_request.labels.*.name), 'lock:artemis-test')
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
labels: |
lock:artemis-test1
lock:artemis-test2
lock:artemis-test3
lock:artemis-test4
lock:artemis-test5
lock:artemis-test6
lock:artemis-test7
lock:artemis-test8
lock:artemis-test9
lock:artemis-test10
Loading

0 comments on commit 26fcca0

Please sign in to comment.