Skip to content

qa-dev

qa-dev #174

Workflow file for this run

# qa-dev workflow is for attaching to an arbitrary api-server specified in the vars secrets
name: qa-dev
concurrency:
group: dev-ec2
on:
workflow_dispatch:
inputs:
deployment_size:
description: 'deployment size: small | medium | large | xlarge'
required: true
default: 'small'
type: string
pr_or_branch:
description: 'pull request number or branch name'
required: true
default: 'main'
debug_pause:
description: 'time in minutes to pause before tearing down the infra for debugging'
required: false
default: '0'
jobs:
deploy-ec2:
name: deploy-ec2-e2e
runs-on: ubuntu-latest
timeout-minutes: 90
strategy:
fail-fast: false
env:
AWS_REGION: "us-east-1"
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
ANSIBLE_PRIVATE_KEY_FILE: "nexodus.pem"
ANSIBLE_HOST_KEY_CHECKING: "false"
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Determine if pr_or_branch is a PR number
id: check_pr
run: |
if [[ "${{ github.event.inputs.pr_or_branch }}" =~ ^[0-9]+$ ]]; then
echo "is_pr=true" >> "$GITHUB_OUTPUT"
else
echo "is_pr=false" >> "$GITHUB_OUTPUT"
fi
- name: Fetch and checkout PR
if: steps.check_pr.outputs.is_pr == 'true'
run: |
git fetch origin pull/${{ github.event.inputs.pr_or_branch }}/head:pr-${{ github.event.inputs.pr_or_branch }}
git checkout pr-${{ github.event.inputs.pr_or_branch }}
- name: Checkout branch
if: steps.check_pr.outputs.is_pr == 'false'
run: git checkout ${{ github.event.inputs.pr_or_branch }}
- name: Setup Go
uses: ./.github/actions/setup-go-env
- name: Build
run: |
make dist/nexd-linux-amd64
make dist/nexctl-linux-amd64
- name: Copy Binaries to S3
run: |
aws s3 cp ./dist/nexd-linux-amd64 s3://nexodus-io/ec2-e2e/
aws s3 cp ./dist/nexctl-linux-amd64 s3://nexodus-io/ec2-e2e/
- uses: actions/setup-python@v5
with:
python-version: '3.10'
- name: Install Ansible and Dependencies
run: pip3.10 install boto boto3 ansible-vault ansible-core
- name: Install amazon.aws Ansible library
run: ansible-galaxy collection install amazon.aws
- name: Set Deployment Size to Small
if: github.event.inputs.deployment_size == 'small'
run: |
echo "${{ secrets.ANSIBLE_VARS_SMALL }}" > ./ops/ansible/aws/vars.yml
- name: Set Deployment Size to Medium
if: github.event.inputs.deployment_size == 'medium'
run: |
echo "${{ secrets.ANSIBLE_VARS_MEDIUM }}" > ./ops/ansible/aws/vars.yml
- name: Set Deployment Size to Large
if: github.event.inputs.deployment_size == 'large'
run: |
echo "${{ secrets.ANSIBLE_VARS_LARGE }}" > ./ops/ansible/aws/vars.yml
- name: Set Deployment Size to XLarge
if: github.event.inputs.deployment_size == 'xlarge'
run: |
echo "${{ secrets.ANSIBLE_VARS_XLARGE }}" > ./ops/ansible/aws/vars.yml
- name: Create Ansible Secrets
run: |
echo "${{ secrets.ANSIBLE_SSH_KEY }}" > nexodus.pem
chmod 0400 nexodus.pem
echo "${{ secrets.ANSIBLE_VAULT_PASSWORD }}" > vault-secret.txt
chmod 0400 vault-secret.txt
echo "${{ secrets.ROOT_CA }}" > ./ops/ansible/aws/rootCA.pem
chmod 0400 ops/ansible/aws/rootCA.pem
- name: Initialize the api-server Images
run: |
mkdir -p ./ops/ansible/aws/nexd-logs/api-server
ansible-playbook -vvv ./hack/e2e-scripts/aws-e2e-pr-build.yml \
--private-key nexodus.pem \
--extra-vars "target_host=${{ vars.EC2_API_SERVER_ADDR }}" \
--extra-vars "pr_or_branch=${{ github.event.inputs.pr_or_branch }}" \
--extra-vars "ansible_user=ubuntu" \
--extra-vars "debug_pause=${{ github.event.inputs.debug_pause }}"
- name: Deploy EC2 Agent Nodes
run: |
ansible-playbook -vv ./ops/ansible/aws/deploy-ec2.yml \
-i ./ops/ansible/aws/inventory.txt \
--private-key nexodus.pem \
--vault-password-file vault-secret.txt \
--extra-vars "controller_address=${{ vars.EC2_API_SERVER_ADDR }}"
- name: Mesh Connectivity Results
run: |
set -e
/bin/sh -c 'cat ./ops/ansible/aws/*-connectivity-results.txt > ./ops/ansible/aws/mesh-connectivity-results.txt'
cat ./ops/ansible/aws/mesh-connectivity-results.txt
if grep -iq 'Unreachable' ./ops/ansible/aws/mesh-connectivity-results.txt || grep -iq 'Failed' ./ops/ansible/aws/mesh-connectivity-results.txt; then
echo "Connectivity results contain 'Unreachable or Failed' nodes, check the connectivity results and artifacts for details. Failing the job"
exit 1
else
echo "Connectivity results do not contain any 'Unreachable' nodes"
fi
- name: Gather api-server Server Logs
if: always()
run: |
ansible-playbook -vv \
./hack/e2e-scripts/aws-e2e-pr-gather.yml \
--private-key nexodus.pem \
-e "target_host=${{ vars.EC2_API_SERVER_ADDR }} ansible_user=ubuntu"
- name: Terminate EC2 Instances
if: always()
run: |
ansible-playbook -vv ./ops/ansible/aws/terminate-instances.yml \
--private-key nexodus.pem \
--vault-password-file vault-secret.txt
- name: Upload nexd and api-server Logs to Artifacts
if: always()
uses: actions/upload-artifact@v4
with:
name: dev-ec2-artifacts
path: ./ops/ansible/aws/nexd-logs/
retention-days: 10