AUFN KIDDIN' ME?! #19
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # | |
| name: AUFN KIDDIN' ME?! | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| deployment_type: | |
| description: Type of deployment | |
| type: choice | |
| options: | |
| - Test | |
| - Deployment | |
| default: Test | |
| lab_vm_count: | |
| description: Total number of Lab VMs to deploy | |
| type: number | |
| required: true | |
| default: 2 | |
| reg_pwd: # When using in workflow use ::add-mask::$ to mask the password | |
| description: Password for registry access | |
| type: string | |
| default: "" # NOTE: This needs to be set at runtime via secrets | |
| os_image: | |
| description: Host OS image | |
| type: choice | |
| options: | |
| - Ubuntu | |
| - Rocky9 | |
| default: 'Rocky9' | |
| aufn_branch: | |
| description: Which branch of AUFN to use #Need to use this to alter a-seed-from-nothing.sh | |
| type: string | |
| default: smslab/2023.1 | |
| au_from_seed: | |
| description: Run 'A Universe From Seed'? | |
| type: boolean | |
| default: false | |
| debug_mode: | |
| description: Keep Test up to debug? | |
| type: boolean | |
| default: false | |
| secrets: | |
| BASTION_TEST_PASSWORD: | |
| required: true | |
| CLOUDS_YAML: | |
| required: true | |
| OS_APPLICATION_CREDENTIAL_ID: | |
| required: true | |
| OS_APPLICATION_CREDENTIAL_SECRET: | |
| required: true | |
| jobs: | |
| deploy-aufn: | |
| name: Set up variables and deploy AUFN | |
| environment: ${{ inputs.deployment_type }} | |
| runs-on: arc-aufn-runner-sms | |
| steps: | |
| - name: Install Package | |
| uses: ConorMacBride/install-package@main | |
| with: | |
| apt: git unzip nodejs python3-pip python3-venv openssh-server openssh-client jq | |
| - name: Install sshpass | |
| run: sudo apt-get update && sudo apt-get install -y sshpass | |
| - name: Start the SSH service | |
| run: | | |
| sudo /etc/init.d/ssh start | |
| # - name: Check if 'Deployment' Lab is already deployed | |
| # uses: softwareforgood/check-artifact-v4-existence@v0 | |
| # with: | |
| # name: ${{ inputs.deployment_type }}-terraform-artifacts | |
| # | |
| # or use a ping command to check if the bastion is up | |
| # | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Install terraform | |
| uses: hashicorp/setup-terraform@v2 | |
| - name: Initialise terraform | |
| run: terraform init | |
| - name: Generate clouds.yaml | |
| run: | | |
| cat << EOF > clouds.yaml | |
| ${{ secrets.CLOUDS_YAML }} | |
| EOF | |
| - name: Generate terraform.tfvars | |
| run: | | |
| cat << EOF > terraform.tfvars | |
| lab_count = ${{ inputs.lab_vm_count }} | |
| lab_net_ipv4 = "${{ vars.LAB_NETWORK }}" | |
| image_id = "${{ env.LAB_IMAGE_ID }}" | |
| image_name = "${{ env.LAB_IMAGE_NAME }}" | |
| lab_flavor = "aufn.v1.large" | |
| registry_flavor = "general.v1.medium" | |
| boot_labs_from_volume = true | |
| image_user = "${{ env.LAB_IMAGE_USER }}" | |
| allocate_floating_ips = false | |
| create_bastion = "${{ env.LAB_CREATE_BASTION }}" | |
| EOF | |
| # Conditionally append bastion_floating_ip | |
| if [ "${{ inputs.deployment_type }}" = "Deployment" ]; then | |
| echo 'bastion_floating_ip = "185.45.78.149"' >> terraform.tfvars | |
| fi | |
| env: | |
| LAB_IMAGE_ID: ${{ inputs.os_image == 'Rocky9' && vars.LAB_OS_IMAGE_ROCKY || inputs.os_image == 'Ubuntu' && vars.LAB_OS_IMAGE_UBUNTU }} | |
| LAB_IMAGE_NAME: ${{ inputs.os_image == 'Ubuntu' && 'Ubuntu-22.04' || inputs.os_image }} | |
| LAB_IMAGE_USER: ${{ inputs.os_image == 'Ubuntu' && 'ubuntu' || inputs.os_image == 'Rocky9' && 'rocky' }} | |
| LAB_CREATE_BASTION: ${{ inputs.deployment_type == 'Deployment' && 'true' || 'false' }} | |
| - name: Terraform Plan | |
| run: terraform plan | |
| env: | |
| OS_CLOUD: ${{ vars.OS_CLOUD }} | |
| - name: Terraform Apply | |
| id: tf_apply | |
| run: | | |
| for attempt in $(seq 5); do | |
| if terraform apply -auto-approve; then | |
| echo "Created infrastructure on attempt $attempt" | |
| exit 0 | |
| fi | |
| echo "Failed to create infrastructure on attempt $attempt" | |
| sleep 10 | |
| # Need to add a check to see which part failed and then | |
| # taint and retry once more before declating failure | |
| terraform destroy -auto-approve | |
| sleep 60 | |
| done | |
| echo "Failed to create infrastructure after $attempt attempts" | |
| exit 1 | |
| env: | |
| OS_CLOUD: ${{ vars.OS_CLOUD }} | |
| - name: Get Terraform outputs | |
| id: tf_outputs | |
| run: | | |
| terraform output -json | |
| - name: Write Terraform outputs | |
| run: | | |
| cat << EOF > tf-outputs.yml | |
| ${{ steps.tf_outputs.outputs.stdout }} | |
| EOF | |
| - name: Write out Lab VMs info | |
| run: | | |
| terraform output -raw labs > ssh_list.txt | |
| - name: Run tests on Lab VMs | |
| uses: ./.github/workflows/AUFN-Test.yml | |
| with: | |
| aufn-runner-id: ${{ runner.name }} | |
| au_from_seed: ${{ inputs.au_from_seed }} | |
| os_image: ${{ inputs.os_image }} | |
| if: ${{ inputs.deployment_type == 'Test' }} | |
| - name: Run tests on Lab VMs | |
| uses: ./.github/workflows/AUFN-Deployment.yml | |
| with: | |
| reg_pwd: ${{ inputs.reg_pwd }} | |
| aufn-runner-id: ${{ runner.name }} | |
| au_from_seed: ${{ inputs.au_from_seed }} | |
| os_image: ${{ inputs.os_image }} | |
| if: ${{ inputs.deployment_type == 'Deployment' }} | |
| - name: Destroy Failed or Test Lab VMs | |
| run: terraform destroy -auto-approve | |
| env: | |
| OS_CLOUD: ${{ vars.OS_CLOUD }} | |
| OS_APPLICATION_CREDENTIAL_ID: ${{ secrets.OS_APPLICATION_CREDENTIAL_ID }} | |
| OS_APPLICATION_CREDENTIAL_SECRET: ${{ secrets.OS_APPLICATION_CREDENTIAL_SECRET }} | |
| if: always() #&& (${{ inputs.deployment_type }} == 'Test') |