From 3ecf50fe49ed0967bc28e434bc1f88183b013585 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rub=C3=A9n=20Torrero=20Marijnissen?= Date: Tue, 23 Apr 2024 12:40:41 +0100 Subject: [PATCH 1/3] Add RPM tests for SP3, SP4, SP5 --- .github/workflows/ci.yaml | 270 +++++++++++++++++++++++++++++++++++++- 1 file changed, 268 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 4fc3c22..46f5b5b 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -22,7 +22,7 @@ jobs: - name: Run ansible-lint uses: ansible/ansible-lint-action@v6 - + build-and-push-container-images: name: Build and push container images runs-on: ubuntu-latest @@ -62,6 +62,273 @@ jobs: cache-from: type=gha cache-to: type=gha,mode=max + deploy-test-sp3-rpm: + name: Run the playbook on SLES 15 SP3 + runs-on: ubuntu-latest + needs: [build-and-push-container-images] + env: + TEST_SP3_HOST_IP: ${{ secrets.TEST_SP3_HOST_IP }} + steps: + - name: Checkout repo + uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Install galaxy deps + run: ansible-galaxy install -r requirements.yml + - name: Run playbook + uses: dawidd6/action-ansible-playbook@v2 + with: + playbook: playbook.yml + key: ${{ secrets.SSH_MACHINE_KEY }} + inventory: | + all: + vars: + ansible_user: ${{ secrets.TEST_HOST_USER }} + children: + trento-server: + hosts: + server: + ansible_host: ${{ secrets.TEST_SP3_HOST_IP }} + postgres-hosts: + hosts: + server: + ansible_host: ${{ secrets.TEST_SP3_HOST_IP }} + rabbitmq-hosts: + hosts: + server: + ansible_host: ${{ secrets.TEST_SP3_HOST_IP }} + options: | + --extra-vars "web_postgres_password='trento' \ + wanda_postgres_password='wanda' \ + rabbitmq_password='trento' \ + prometheus_url='http://localhost' \ + trento_server_name='trento-deployment.example.com' \ + web_admin_password='adminpassword' \ + enable_api_key='false' \ + nginx_vhost_listen_port='443' \ + nginx_ssl_cert_as_base64='true' \ + nginx_ssl_key_as_base64='true' \ + nginx_ssl_cert='${{ secrets.SSL_CERT }}' \ + nginx_ssl_key='${{ secrets.SSL_KEY }}' \ + install_method='rpm'" + - name: Test readyness + run: curl -k "https://$TEST_SP3_HOST_IP/api/readyz" + - name: Run playbook cleanup + uses: dawidd6/action-ansible-playbook@v2 + with: + playbook: playbook.cleanup.yml + key: ${{ secrets.SSH_MACHINE_KEY }} + inventory: | + all: + vars: + ansible_user: ${{ secrets.TEST_HOST_USER }} + children: + trento-server: + hosts: + server: + ansible_host: ${{ secrets.TEST_SP3_HOST_IP }} + postgres-hosts: + hosts: + server: + ansible_host: ${{ secrets.TEST_SP3_HOST_IP }} + rabbitmq-hosts: + hosts: + server: + ansible_host: ${{ secrets.TEST_SP3_HOST_IP }} + options: | + --extra-vars "web_postgres_password='trento' \ + wanda_postgres_password='wanda' \ + rabbitmq_password='trento' \ + prometheus_url='http://localhost' \ + trento_server_name='trento-deployment.example.com' \ + web_admin_password='adminpassword' \ + enable_api_key='false' \ + nginx_vhost_listen_port='443' \ + nginx_ssl_cert_as_base64='true' \ + nginx_ssl_key_as_base64='true' \ + nginx_ssl_cert='${{ secrets.SSL_CERT }}' \ + nginx_ssl_key='${{ secrets.SSL_KEY }}' \ + install_method='rpm'" + + deploy-test-sp4-rpm: + name: Run the playbook on SLES 15 SP4 + runs-on: ubuntu-latest + needs: [build-and-push-container-images] + env: + TEST_SP4_HOST_IP: ${{ secrets.TEST_SP4_HOST_IP }} + steps: + - name: Checkout repo + uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Install galaxy deps + run: ansible-galaxy install -r requirements.yml + - name: Run playbook + uses: dawidd6/action-ansible-playbook@v2 + with: + playbook: playbook.yml + key: ${{ secrets.SSH_MACHINE_KEY }} + inventory: | + all: + vars: + ansible_user: ${{ secrets.TEST_HOST_USER }} + children: + trento-server: + hosts: + server: + ansible_host: ${{ secrets.TEST_SP4_HOST_IP }} + postgres-hosts: + hosts: + server: + ansible_host: ${{ secrets.TEST_SP4_HOST_IP }} + rabbitmq-hosts: + hosts: + server: + ansible_host: ${{ secrets.TEST_SP4_HOST_IP }} + options: | + --extra-vars "web_postgres_password='trento' \ + wanda_postgres_password='wanda' \ + rabbitmq_password='trento' \ + prometheus_url='http://localhost' \ + trento_server_name='trento-deployment.example.com' \ + web_admin_password='adminpassword' \ + enable_api_key='false' \ + nginx_vhost_listen_port='443' \ + nginx_ssl_cert_as_base64='true' \ + nginx_ssl_key_as_base64='true' \ + nginx_ssl_cert='${{ secrets.SSL_CERT }}' \ + nginx_ssl_key='${{ secrets.SSL_KEY }}' \ + install_method='rpm'" + - name: Test readyness + run: curl -k "https://$TEST_SP4_HOST_IP/api/readyz" + - name: Run playbook cleanup + uses: dawidd6/action-ansible-playbook@v2 + with: + playbook: playbook.cleanup.yml + key: ${{ secrets.SSH_MACHINE_KEY }} + inventory: | + all: + vars: + ansible_user: ec2-user + children: + trento-server: + hosts: + server: + ansible_host: ${{ secrets.TEST_SP4_HOST_IP }} + ansible_user: ${{ secrets.TEST_HOST_USER }} + postgres-hosts: + hosts: + server: + ansible_host: ${{ secrets.TEST_SP4_HOST_IP }} + ansible_user: ${{ secrets.TEST_HOST_USER }} + rabbitmq-hosts: + hosts: + server: + ansible_host: ${{ secrets.TEST_SP4_HOST_IP }} + ansible_user: ${{ secrets.TEST_HOST_USER }} + options: | + --extra-vars "web_postgres_password='trento' \ + wanda_postgres_password='wanda' \ + rabbitmq_password='trento' \ + prometheus_url='http://localhost' \ + trento_server_name='trento-deployment.example.com' \ + web_admin_password='adminpassword' \ + enable_api_key='false' \ + nginx_vhost_listen_port='443' \ + nginx_ssl_cert_as_base64='true' \ + nginx_ssl_key_as_base64='true' \ + nginx_ssl_cert='${{ secrets.SSL_CERT }}' \ + nginx_ssl_key='${{ secrets.SSL_KEY }}' \ + install_method='rpm'" + + deploy-test-sp5-rpm: + name: Run the playbook on SLES 15 SP5 + runs-on: ubuntu-latest + needs: [build-and-push-container-images] + env: + TEST_SP5_HOST_IP: ${{ secrets.TEST_SP5_HOST_IP }} + steps: + - name: Checkout repo + uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Install galaxy deps + run: ansible-galaxy install -r requirements.yml + - name: Run playbook + uses: dawidd6/action-ansible-playbook@v2 + with: + playbook: playbook.yml + key: ${{ secrets.SSH_MACHINE_KEY }} + inventory: | + all: + vars: + ansible_user: ${{ secrets.TEST_HOST_USER }} + children: + trento-server: + hosts: + server: + ansible_host: ${{ secrets.TEST_SP5_HOST_IP }} + postgres-hosts: + hosts: + server: + ansible_host: ${{ secrets.TEST_SP5_HOST_IP }} + rabbitmq-hosts: + hosts: + server: + ansible_host: ${{ secrets.TEST_SP5_HOST_IP }} + options: | + --extra-vars "web_postgres_password='trento' \ + wanda_postgres_password='wanda' \ + rabbitmq_password='trento' \ + prometheus_url='http://localhost' \ + trento_server_name='trento-deployment.example.com' \ + web_admin_password='adminpassword' \ + enable_api_key='false' \ + nginx_vhost_listen_port='443' \ + nginx_ssl_cert_as_base64='true' \ + nginx_ssl_key_as_base64='true' \ + nginx_ssl_cert='${{ secrets.SSL_CERT }}' \ + nginx_ssl_key='${{ secrets.SSL_KEY }}' \ + install_method='rpm'" + - name: Test readyness + run: curl -k "https://$TEST_SP5_HOST_IP/api/readyz" + - name: Run playbook cleanup + uses: dawidd6/action-ansible-playbook@v2 + with: + playbook: playbook.cleanup.yml + key: ${{ secrets.SSH_MACHINE_KEY }} + inventory: | + all: + vars: + ansible_user: ${{ secrets.TEST_HOST_USER }} + children: + trento-server: + hosts: + server: + ansible_host: ${{ secrets.TEST_SP5_HOST_IP }} + postgres-hosts: + hosts: + server: + ansible_host: ${{ secrets.TEST_SP5_HOST_IP }} + rabbitmq-hosts: + hosts: + server: + ansible_host: ${{ secrets.TEST_SP5_HOST_IP }} + options: | + --extra-vars "web_postgres_password='trento' \ + wanda_postgres_password='wanda' \ + rabbitmq_password='trento' \ + prometheus_url='http://localhost' \ + trento_server_name='trento-deployment.example.com' \ + web_admin_password='adminpassword' \ + enable_api_key='false' \ + nginx_vhost_listen_port='443' \ + nginx_ssl_cert_as_base64='true' \ + nginx_ssl_key_as_base64='true' \ + nginx_ssl_cert='${{ secrets.SSL_CERT }}' \ + nginx_ssl_key='${{ secrets.SSL_KEY }}' \ + install_method='rpm'" + create-artifact: runs-on: ubuntu-20.04 needs: [ansible-lint] @@ -108,4 +375,3 @@ jobs: repo_token: ${{ secrets.GITHUB_TOKEN }} file: trento-ansible.tgz tag: ${{ github.ref }} - \ No newline at end of file From f137b4e41c3b9af1d447a008da61a0e1e7e64dfb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rub=C3=A9n=20Torrero=20Marijnissen?= Date: Thu, 25 Apr 2024 15:44:33 +0100 Subject: [PATCH 2/3] Use matrix & pin to ubuntu-22-04 --- .github/workflows/ci.yaml | 215 ++++---------------------------------- 1 file changed, 23 insertions(+), 192 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 46f5b5b..0962d34 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -25,7 +25,7 @@ jobs: build-and-push-container-images: name: Build and push container images - runs-on: ubuntu-latest + runs-on: ubuntu-22.04 if: github.event_name == 'release' || (github.event_name == 'push' && github.ref_name == 'main') needs: [ansible-lint] permissions: @@ -62,12 +62,22 @@ jobs: cache-from: type=gha cache-to: type=gha,mode=max - deploy-test-sp3-rpm: - name: Run the playbook on SLES 15 SP3 - runs-on: ubuntu-latest + deploy-test-rpm: + name: Run the playbook on SLES 15 ${{ matrix.sp_version }} + runs-on: ubuntu-22.04 needs: [build-and-push-container-images] + strategy: + matrix: + sp_version: ['SP3', 'SP4', 'SP5'] + include: + - sp_version: 'SP3' + host_ip: ${{ secrets.TEST_SP3_HOST_IP }} + - sp_version: 'SP4' + host_ip: ${{ secrets.TEST_SP4_HOST_IP }} + - sp_version: 'SP5' + host_ip: ${{ secrets.TEST_SP5_HOST_IP }} env: - TEST_SP3_HOST_IP: ${{ secrets.TEST_SP3_HOST_IP }} + TEST_HOST_IP: ${{ matrix.host_ip }} steps: - name: Checkout repo uses: actions/checkout@v4 @@ -88,15 +98,15 @@ jobs: trento-server: hosts: server: - ansible_host: ${{ secrets.TEST_SP3_HOST_IP }} + ansible_host: ${{ env.TEST_HOST_IP }} postgres-hosts: hosts: server: - ansible_host: ${{ secrets.TEST_SP3_HOST_IP }} + ansible_host: ${{ env.TEST_HOST_IP }} rabbitmq-hosts: hosts: server: - ansible_host: ${{ secrets.TEST_SP3_HOST_IP }} + ansible_host: ${{ env.TEST_HOST_IP }} options: | --extra-vars "web_postgres_password='trento' \ wanda_postgres_password='wanda' \ @@ -111,8 +121,8 @@ jobs: nginx_ssl_cert='${{ secrets.SSL_CERT }}' \ nginx_ssl_key='${{ secrets.SSL_KEY }}' \ install_method='rpm'" - - name: Test readyness - run: curl -k "https://$TEST_SP3_HOST_IP/api/readyz" + - name: Test readiness + run: curl -k "https://${{ env.TEST_HOST_IP }}/api/readyz" - name: Run playbook cleanup uses: dawidd6/action-ansible-playbook@v2 with: @@ -126,194 +136,15 @@ jobs: trento-server: hosts: server: - ansible_host: ${{ secrets.TEST_SP3_HOST_IP }} + ansible_host: ${{ env.TEST_HOST_IP }} postgres-hosts: hosts: server: - ansible_host: ${{ secrets.TEST_SP3_HOST_IP }} + ansible_host: ${{ env.TEST_HOST_IP }} rabbitmq-hosts: hosts: server: - ansible_host: ${{ secrets.TEST_SP3_HOST_IP }} - options: | - --extra-vars "web_postgres_password='trento' \ - wanda_postgres_password='wanda' \ - rabbitmq_password='trento' \ - prometheus_url='http://localhost' \ - trento_server_name='trento-deployment.example.com' \ - web_admin_password='adminpassword' \ - enable_api_key='false' \ - nginx_vhost_listen_port='443' \ - nginx_ssl_cert_as_base64='true' \ - nginx_ssl_key_as_base64='true' \ - nginx_ssl_cert='${{ secrets.SSL_CERT }}' \ - nginx_ssl_key='${{ secrets.SSL_KEY }}' \ - install_method='rpm'" - - deploy-test-sp4-rpm: - name: Run the playbook on SLES 15 SP4 - runs-on: ubuntu-latest - needs: [build-and-push-container-images] - env: - TEST_SP4_HOST_IP: ${{ secrets.TEST_SP4_HOST_IP }} - steps: - - name: Checkout repo - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Install galaxy deps - run: ansible-galaxy install -r requirements.yml - - name: Run playbook - uses: dawidd6/action-ansible-playbook@v2 - with: - playbook: playbook.yml - key: ${{ secrets.SSH_MACHINE_KEY }} - inventory: | - all: - vars: - ansible_user: ${{ secrets.TEST_HOST_USER }} - children: - trento-server: - hosts: - server: - ansible_host: ${{ secrets.TEST_SP4_HOST_IP }} - postgres-hosts: - hosts: - server: - ansible_host: ${{ secrets.TEST_SP4_HOST_IP }} - rabbitmq-hosts: - hosts: - server: - ansible_host: ${{ secrets.TEST_SP4_HOST_IP }} - options: | - --extra-vars "web_postgres_password='trento' \ - wanda_postgres_password='wanda' \ - rabbitmq_password='trento' \ - prometheus_url='http://localhost' \ - trento_server_name='trento-deployment.example.com' \ - web_admin_password='adminpassword' \ - enable_api_key='false' \ - nginx_vhost_listen_port='443' \ - nginx_ssl_cert_as_base64='true' \ - nginx_ssl_key_as_base64='true' \ - nginx_ssl_cert='${{ secrets.SSL_CERT }}' \ - nginx_ssl_key='${{ secrets.SSL_KEY }}' \ - install_method='rpm'" - - name: Test readyness - run: curl -k "https://$TEST_SP4_HOST_IP/api/readyz" - - name: Run playbook cleanup - uses: dawidd6/action-ansible-playbook@v2 - with: - playbook: playbook.cleanup.yml - key: ${{ secrets.SSH_MACHINE_KEY }} - inventory: | - all: - vars: - ansible_user: ec2-user - children: - trento-server: - hosts: - server: - ansible_host: ${{ secrets.TEST_SP4_HOST_IP }} - ansible_user: ${{ secrets.TEST_HOST_USER }} - postgres-hosts: - hosts: - server: - ansible_host: ${{ secrets.TEST_SP4_HOST_IP }} - ansible_user: ${{ secrets.TEST_HOST_USER }} - rabbitmq-hosts: - hosts: - server: - ansible_host: ${{ secrets.TEST_SP4_HOST_IP }} - ansible_user: ${{ secrets.TEST_HOST_USER }} - options: | - --extra-vars "web_postgres_password='trento' \ - wanda_postgres_password='wanda' \ - rabbitmq_password='trento' \ - prometheus_url='http://localhost' \ - trento_server_name='trento-deployment.example.com' \ - web_admin_password='adminpassword' \ - enable_api_key='false' \ - nginx_vhost_listen_port='443' \ - nginx_ssl_cert_as_base64='true' \ - nginx_ssl_key_as_base64='true' \ - nginx_ssl_cert='${{ secrets.SSL_CERT }}' \ - nginx_ssl_key='${{ secrets.SSL_KEY }}' \ - install_method='rpm'" - - deploy-test-sp5-rpm: - name: Run the playbook on SLES 15 SP5 - runs-on: ubuntu-latest - needs: [build-and-push-container-images] - env: - TEST_SP5_HOST_IP: ${{ secrets.TEST_SP5_HOST_IP }} - steps: - - name: Checkout repo - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Install galaxy deps - run: ansible-galaxy install -r requirements.yml - - name: Run playbook - uses: dawidd6/action-ansible-playbook@v2 - with: - playbook: playbook.yml - key: ${{ secrets.SSH_MACHINE_KEY }} - inventory: | - all: - vars: - ansible_user: ${{ secrets.TEST_HOST_USER }} - children: - trento-server: - hosts: - server: - ansible_host: ${{ secrets.TEST_SP5_HOST_IP }} - postgres-hosts: - hosts: - server: - ansible_host: ${{ secrets.TEST_SP5_HOST_IP }} - rabbitmq-hosts: - hosts: - server: - ansible_host: ${{ secrets.TEST_SP5_HOST_IP }} - options: | - --extra-vars "web_postgres_password='trento' \ - wanda_postgres_password='wanda' \ - rabbitmq_password='trento' \ - prometheus_url='http://localhost' \ - trento_server_name='trento-deployment.example.com' \ - web_admin_password='adminpassword' \ - enable_api_key='false' \ - nginx_vhost_listen_port='443' \ - nginx_ssl_cert_as_base64='true' \ - nginx_ssl_key_as_base64='true' \ - nginx_ssl_cert='${{ secrets.SSL_CERT }}' \ - nginx_ssl_key='${{ secrets.SSL_KEY }}' \ - install_method='rpm'" - - name: Test readyness - run: curl -k "https://$TEST_SP5_HOST_IP/api/readyz" - - name: Run playbook cleanup - uses: dawidd6/action-ansible-playbook@v2 - with: - playbook: playbook.cleanup.yml - key: ${{ secrets.SSH_MACHINE_KEY }} - inventory: | - all: - vars: - ansible_user: ${{ secrets.TEST_HOST_USER }} - children: - trento-server: - hosts: - server: - ansible_host: ${{ secrets.TEST_SP5_HOST_IP }} - postgres-hosts: - hosts: - server: - ansible_host: ${{ secrets.TEST_SP5_HOST_IP }} - rabbitmq-hosts: - hosts: - server: - ansible_host: ${{ secrets.TEST_SP5_HOST_IP }} + ansible_host: ${{ env.TEST_HOST_IP }} options: | --extra-vars "web_postgres_password='trento' \ wanda_postgres_password='wanda' \ From 621aac6d84dbafbdf06243418f967f0777acd273 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rub=C3=A9n=20Torrero=20Marijnissen?= Date: Thu, 25 Apr 2024 16:29:28 +0100 Subject: [PATCH 3/3] Use dereference trick for secrets in matrix --- .github/workflows/ci.yaml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 0962d34..53a52e9 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -68,16 +68,15 @@ jobs: needs: [build-and-push-container-images] strategy: matrix: - sp_version: ['SP3', 'SP4', 'SP5'] include: - sp_version: 'SP3' - host_ip: ${{ secrets.TEST_SP3_HOST_IP }} + host_ip: TEST_SP3_HOST_IP - sp_version: 'SP4' - host_ip: ${{ secrets.TEST_SP4_HOST_IP }} + host_ip: TEST_SP4_HOST_IP - sp_version: 'SP5' - host_ip: ${{ secrets.TEST_SP5_HOST_IP }} + host_ip: TEST_SP5_HOST_IP env: - TEST_HOST_IP: ${{ matrix.host_ip }} + TEST_HOST_IP: ${{ secrets[matrix.host_ip] }} steps: - name: Checkout repo uses: actions/checkout@v4