Deploy to Testserver #13636
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to Testserver with Helios | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| HELIOS_TRIGGERED_BY: | |
| description: "Username that triggered deployment" | |
| required: true | |
| type: string | |
| HELIOS_BRANCH_NAME: | |
| description: "Which branch to deploy" | |
| required: true | |
| type: string | |
| HELIOS_BRANCH_HEAD_SHA: | |
| description: "SHA of the branch to deploy" | |
| required: true | |
| type: string | |
| HELIOS_ENVIRONMENT_NAME: | |
| description: "Which environment to deploy (e.g. artemis-test7.artemis.cit.tum.de, etc.)." | |
| required: true | |
| type: string | |
| HELIOS_RAW_URL: | |
| description: "URL to the raw content of the repository in the format https://raw.githubusercontent.com/:owner/:repo/:sha" | |
| required: true | |
| type: string | |
| HELIOS_BUILD: | |
| description: "Whether to also build or just deploy the existing Docker image" | |
| required: true | |
| type: boolean | |
| HELIOS_PR_NUMBER: | |
| description: "PR number that triggered deployment" | |
| required: false | |
| type: string | |
| HELIOS_BUILD_TAG: | |
| description: "Docker tag to use if we are building or pulling an existing image" | |
| required: false | |
| type: string | |
| concurrency: ${{ github.event.inputs.HELIOS_ENVIRONMENT_NAME }} | |
| env: | |
| CI: true | |
| RAW_URL: ${{ github.event.inputs.HELIOS_RAW_URL }} | |
| jobs: | |
| # Print the inputs for debugging | |
| validate-inputs: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Validate Build Tag Input Exists | |
| if: ${{ github.event.inputs.HELIOS_BUILD == 'true' && github.event.inputs.HELIOS_BUILD_TAG == '' }} | |
| run: | | |
| echo "::error::HELIOS_BUILD is true but no HELIOS_BUILD_TAG was provided." | |
| exit 1 | |
| - name: Validate PR Number Input Exists | |
| if: ${{ github.event.inputs.HELIOS_BUILD == 'false' && github.event.inputs.HELIOS_PR_NUMBER == '' }} | |
| run: | | |
| echo "::error::HELIOS_BUILD is false but no HELIOS_PR_NUMBER was provided." | |
| exit 1 | |
| - name: Print Inputs | |
| run: | | |
| echo "RAW_URL: ${{ env.RAW_URL }}" | |
| echo "Triggered by: ${{ github.event.inputs.HELIOS_TRIGGERED_BY }}" | |
| echo "Branch: ${{ github.event.inputs.HELIOS_BRANCH_NAME }}" | |
| echo "SHA: ${{ github.event.inputs.HELIOS_BRANCH_HEAD_SHA }}" | |
| echo "PR Number: ${{ github.event.inputs.HELIOS_PR_NUMBER }}" | |
| echo "Environment: ${{ github.event.inputs.HELIOS_ENVIRONMENT_NAME }}" | |
| echo "Need Build? ${{ github.event.inputs.HELIOS_BUILD }}" | |
| echo "Build Tag? ${{ github.event.inputs.HELIOS_BUILD_TAG }}" | |
| # Build the Docker image (branch without PR) | |
| conditional-build: | |
| if: ${{ github.event.inputs.HELIOS_BUILD == 'true' }} | |
| needs: [ validate-inputs ] | |
| uses: ./.github/workflows/build.yml | |
| with: | |
| sha: ${{ github.event.inputs.HELIOS_BRANCH_HEAD_SHA }} | |
| tag: ${{ github.event.inputs.HELIOS_BUILD_TAG }} | |
| raw_url: ${{ github.event.inputs.HELIOS_RAW_URL }} | |
| # Check if the build has run successfully (PR) | |
| check-existing-build: | |
| if: ${{ github.event.inputs.HELIOS_BUILD == 'false' }} | |
| needs: [ validate-inputs ] | |
| runs-on: ubuntu-latest | |
| steps: | |
| # Check if the build has run successfully (PR) | |
| - name: Get latest successful build for branch | |
| id: check_build | |
| uses: octokit/[email protected] | |
| with: | |
| route: GET /repos/${{ github.repository }}/actions/workflows/build.yml/runs?event=pull_request&status=success&head_sha=${{ github.event.inputs.HELIOS_BRANCH_HEAD_SHA }} | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Fail if no successful build found | |
| if: ${{ steps.check_build.conclusion == 'success' && fromJSON(steps.check_build.outputs.data).total_count == 0 }} | |
| run: | | |
| echo "::error::No successful build found for branch '${{ github.event.inputs.HELIOS_BRANCH_NAME }}' with SHA '${{ github.event.inputs.HELIOS_BRANCH_HEAD_SHA }}'." | |
| exit 1 | |
| # Check which test server to deploy to based on the label | |
| filter-matrix: | |
| needs: [ conditional-build, check-existing-build ] | |
| # Run if either job is successful | |
| if: ${{ needs.conditional-build.result == 'success' || needs.check-existing-build.result == 'success'}} | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| include: | |
| # TODO: Add those variables under the repository environment settings (GitHub) or set it under Helios repository settings | |
| # Commented out environments are not yet available and will be enabled in the future | |
| - environment: artemis-test1.artemis.cit.tum.de | |
| label-identifier: artemis-test1 | |
| url: https://artemis-test1.artemis.cit.tum.de | |
| user: deployment | |
| hosts: artemis-test1.artemis.cit.tum.de | |
| folder: /opt/artemis | |
| - environment: artemis-test2.artemis.cit.tum.de | |
| label-identifier: artemis-test2 | |
| url: https://artemis-test2.artemis.cit.tum.de | |
| user: deployment | |
| hosts: artemis-test2.artemis.cit.tum.de | |
| folder: /opt/artemis | |
| - environment: artemis-test3.artemis.cit.tum.de | |
| label-identifier: artemis-test3 | |
| url: https://artemis-test3.artemis.cit.tum.de | |
| user: deployment | |
| hosts: artemis-test3.artemis.cit.tum.de | |
| folder: /opt/artemis | |
| - environment: artemis-test4.artemis.cit.tum.de | |
| label-identifier: artemis-test4 | |
| url: https://artemis-test4.artemis.cit.tum.de | |
| user: deployment | |
| hosts: artemis-test4.artemis.cit.tum.de | |
| folder: /opt/artemis | |
| - environment: artemis-test5.artemis.cit.tum.de | |
| label-identifier: artemis-test5 | |
| url: https://artemis-test5.artemis.cit.tum.de | |
| user: deployment | |
| hosts: artemis-test5.artemis.cit.tum.de | |
| folder: /opt/artemis | |
| - environment: artemis-test6.artemis.cit.tum.de | |
| label-identifier: artemis-test6 | |
| url: https://artemis-test6.artemis.cit.tum.de | |
| user: deployment | |
| hosts: artemis-test6.artemis.cit.tum.de | |
| folder: /opt/artemis | |
| host_keys: | | |
| - environment: artemis-test7.artemis.cit.tum.de | |
| label-identifier: artemis-test7 | |
| url: https://artemis-test7.artemis.cit.tum.de | |
| user: deployment | |
| hosts: artemis-test7.artemis.cit.tum.de | |
| folder: /opt/artemis | |
| host_keys: | | |
| #- environment: artemis-test8.artemis.cit.tum.de | |
| # label-identifier: artemis-test8 | |
| # url: https://artemis-test8.artemis.cit.tum.de | |
| # user: deployment | |
| # hosts: artemis-test8.artemis.cit.tum.de | |
| # folder: /opt/artemis | |
| - environment: artemis-test9.artemis.cit.tum.de | |
| label-identifier: artemis-test9 | |
| url: https://artemis-test9.artemis.cit.tum.de | |
| user: deployment | |
| hosts: artemis-test9.artemis.cit.tum.de | |
| folder: /opt/artemis | |
| host_keys: | | |
| #- environment: artemis-test10.artemis.cit.tum.de | |
| # label-identifier: artemis-test10 | |
| # url: https://artemis-test10.artemis.cit.tum.de | |
| # user: deployment | |
| # hosts: artemis-test10.artemis.cit.tum.de | |
| # folder: /opt/artemis | |
| outputs: | |
| TS1: ${{ steps.filter.outputs.artemis-test1 || '' }} | |
| TS2: ${{ steps.filter.outputs.artemis-test2 || '' }} | |
| TS3: ${{ steps.filter.outputs.artemis-test3 || '' }} | |
| TS4: ${{ steps.filter.outputs.artemis-test4 || '' }} | |
| TS5: ${{ steps.filter.outputs.artemis-test5 || '' }} | |
| TS6: ${{ steps.filter.outputs.artemis-test6 || '' }} | |
| TS7: ${{ steps.filter.outputs.artemis-test7 || '' }} | |
| #TS8: ${{ steps.filter.outputs.artemis-test8 || '' }} | |
| TS9: ${{ steps.filter.outputs.artemis-test9 || '' }} | |
| #TS10: ${{ steps.filter.outputs.artemis-test10 || '' }} | |
| steps: | |
| - run: | | |
| echo "matrix.hosts = ${{ matrix.hosts }}" | |
| echo "HELIOS_ENVIRONMENT_NAME = ${{ github.event.inputs.HELIOS_ENVIRONMENT_NAME }}" | |
| echo "$DEPLOY_LABEL" | |
| echo '${{ github.event.inputs.HELIOS_ENVIRONMENT_NAME == matrix.hosts }}' | |
| - id: filter | |
| env: | |
| MATRIX_JSON: ${{ toJSON(matrix) }} | |
| if: ${{ github.event.inputs.HELIOS_ENVIRONMENT_NAME == matrix.hosts }} | |
| run: | | |
| MATRIX_JSON=${MATRIX_JSON//$'\n'/} | |
| echo "${{ matrix.label-identifier }}=$MATRIX_JSON" >> $GITHUB_OUTPUT | |
| # Process the output of the filter step to create a valid matrix for the deploy step | |
| process-matrix: | |
| needs: [ filter-matrix ] | |
| runs-on: ubuntu-latest | |
| outputs: | |
| matrix: ${{ steps.process.outputs.matrix }} | |
| steps: | |
| - id: process | |
| env: | |
| MATRIX_JSON: ${{ toJSON(needs.filter-matrix.outputs.*) }} | |
| run: | | |
| MATRIX_JSON=${MATRIX_JSON//$'\n'/} | |
| MATRIX_JSON=${MATRIX_JSON//$'"{'/'{'} | |
| MATRIX_JSON=${MATRIX_JSON//$'}"'/'}'} | |
| MATRIX_JSON=${MATRIX_JSON//$'\\"'/'"'} | |
| echo "$MATRIX_JSON" | |
| echo "matrix=$MATRIX_JSON" >> $GITHUB_OUTPUT | |
| # Deploy to the test servers | |
| deploy: | |
| needs: [ process-matrix ] | |
| runs-on: ubuntu-latest | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| include: ${{ fromJSON(needs.process-matrix.outputs.matrix) }} | |
| environment: | |
| name: ${{ matrix.environment }} | |
| url: ${{ matrix.url }} | |
| env: | |
| DEPLOYMENT_USER: ${{ matrix.user }} | |
| DEPLOYMENT_HOSTS: ${{ matrix.hosts }} | |
| DEPLOYMENT_FOLDER: ${{ matrix.folder }} | |
| GATEWAY_USER: "jump" | |
| GATEWAY_HOST: "gateway.artemis.in.tum.de:2010" | |
| GATEWAY_HOST_PUBLIC_KEY: "[gateway.artemis.in.tum.de]:2010 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKtTLiKRILjKZ+Qg4ReWKsG7mLDXkzHfeY5nalSQUNQ4" | |
| steps: | |
| - name: Compute Tag | |
| uses: actions/github-script@v7 | |
| id: compute-tag | |
| with: | |
| result-encoding: string | |
| script: | | |
| // Check if HELIOS_BUILD input is true | |
| if (context.payload.inputs.HELIOS_BUILD === 'true') { | |
| return context.payload.inputs.HELIOS_BUILD_TAG; | |
| } | |
| // Use the "pr-<pr-number>" format for pull requests | |
| if (context.payload.inputs.HELIOS_BUILD === 'false') { | |
| const prNumber = '${{ github.event.inputs.HELIOS_PR_NUMBER }}'; | |
| return `pr-${prNumber}`; | |
| } | |
| return "FALSE"; | |
| # Download artemis-server-cli from GH without cloning the Repo | |
| - name: Fetch Artemis CLI | |
| run: | | |
| wget ${{ env.RAW_URL }}/artemis-server-cli | |
| chmod +x artemis-server-cli | |
| # Configure SSH Key | |
| - name: Setup SSH Keys and known_hosts | |
| env: | |
| SSH_AUTH_SOCK: /tmp/ssh_agent.sock | |
| GATEWAY_SSH_KEY: "${{ secrets.DEPLOYMENT_GATEWAY_SSH_KEY }}" | |
| DEPLOYMENT_SSH_KEY: "${{ secrets.DEPLOYMENT_SSH_KEY }}" | |
| run: | | |
| mkdir -p ~/.ssh | |
| ssh-agent -a $SSH_AUTH_SOCK > /dev/null | |
| ssh-add - <<< $GATEWAY_SSH_KEY | |
| ssh-add - <<< $DEPLOYMENT_SSH_KEY | |
| cat - <<< $GATEWAY_HOST_PUBLIC_KEY >> ~/.ssh/known_hosts | |
| - name: Deploy Artemis with Docker | |
| env: | |
| SSH_AUTH_SOCK: /tmp/ssh_agent.sock | |
| TAG: ${{ steps.compute-tag.outputs.result }} | |
| run: | | |
| for host in $DEPLOYMENT_HOSTS; do | |
| ./artemis-server-cli docker-deploy "$DEPLOYMENT_USER@$host" -g "$GATEWAY_USER@$GATEWAY_HOST" -t $TAG -b ${{ github.event.inputs.HELIOS_BRANCH_NAME }} -d $DEPLOYMENT_FOLDER -y | |
| done |