From a520dbe3fe9a13dc91d41c1f4c23485d3b7c497e Mon Sep 17 00:00:00 2001 From: Cole Killian Date: Tue, 15 Jun 2021 14:39:03 -0700 Subject: [PATCH 1/3] feat: replace wisp-prod with secrets.GKE_CLUSTER This makes the GKE_CLUSTER name in the dev and prod github workflows more configurable by setting it through a github secret. --- .github/workflows/dev.yaml | 81 +++++++++++++++++------------------ .github/workflows/prod.yaml | 85 ++++++++++++++++++------------------- 2 files changed, 82 insertions(+), 84 deletions(-) diff --git a/.github/workflows/dev.yaml b/.github/workflows/dev.yaml index f629522..eb6d1b8 100644 --- a/.github/workflows/dev.yaml +++ b/.github/workflows/dev.yaml @@ -20,50 +20,49 @@ jobs: name: Setup, Build, Tag, Publish, and Deploy runs-on: ubuntu-latest steps: + # Checkout Commit + - name: Checkout + uses: actions/checkout@v2 - # Checkout Commit - - name: Checkout - uses: actions/checkout@v2 + # Setup gcloud CLI + - uses: GoogleCloudPlatform/github-actions/setup-gcloud@master + with: + service_account_key: ${{ secrets.GKE_SA_KEY }} + project_id: ${{ secrets.GKE_PROJECT }} - # Setup gcloud CLI - - uses: GoogleCloudPlatform/github-actions/setup-gcloud@master - with: - service_account_key: ${{ secrets.GKE_SA_KEY }} - project_id: ${{ secrets.GKE_PROJECT }} + # Configure Docker to use the gcloud command-line tool as a credential + # helper for authentication + - run: |- + gcloud --quiet auth configure-docker + - run: |- + gcloud container clusters get-credentials "$GKE_CLUSTER" --zone "$GKE_ZONE" - # Configure Docker to use the gcloud command-line tool as a credential - # helper for authentication - - run: |- - gcloud --quiet auth configure-docker - - run: |- - gcloud container clusters get-credentials "$GKE_CLUSTER" --zone "$GKE_ZONE" + # Build the Docker image + - name: Build + run: | + docker build -t "$DOCKER_ORGANIZATION"/"$IMAGE":dev-$(echo ${GITHUB_SHA} | cut -c1-8) . - # Build the Docker image - - name: Build - run: | - docker build -t "$DOCKER_ORGANIZATION"/"$IMAGE":dev-$(echo ${GITHUB_SHA} | cut -c1-8) . - - # Tag the Docker image - - name: Tag - run: | - docker tag "$DOCKER_ORGANIZATION"/"$IMAGE":dev-$(echo ${GITHUB_SHA} | cut -c1-8) "$DOCKER_ORGANIZATION"/"$IMAGE":dev-latest + # Tag the Docker image + - name: Tag + run: | + docker tag "$DOCKER_ORGANIZATION"/"$IMAGE":dev-$(echo ${GITHUB_SHA} | cut -c1-8) "$DOCKER_ORGANIZATION"/"$IMAGE":dev-latest - # Push the Docker image to Dockerhub - - name: Publish - run: | - docker login -u=$DOCKER_USERNAME -p=$DOCKER_PASSWORD - docker push $DOCKER_ORGANIZATION/$IMAGE - env: - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - - # Install helm for use in pipeline - - name: Install helm - run: | - wget -q -O get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 - chmod 700 get_helm.sh - ./get_helm.sh + # Push the Docker image to Dockerhub + - name: Publish + run: | + docker login -u=$DOCKER_USERNAME -p=$DOCKER_PASSWORD + docker push $DOCKER_ORGANIZATION/$IMAGE + env: + DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - # Deploy the Docker image to the GKE cluster - - name: Deploy - run: |- - helm upgrade --atomic --install dev-gateway ./chart/wisp-gateway/ --namespace dev --set image.tag=dev-$(echo ${GITHUB_SHA} | cut -c1-8) --set service.loadBalancerIP=34.95.10.234 \ No newline at end of file + # Install helm for use in pipeline + - name: Install helm + run: | + wget -q -O get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 + chmod 700 get_helm.sh + ./get_helm.sh + + # Deploy the Docker image to the GKE cluster + - name: Deploy + run: |- + helm upgrade --atomic --install dev-gateway ./chart/wisp-gateway/ --namespace dev --set image.tag=dev-$(echo ${GITHUB_SHA} | cut -c1-8) --set service.loadBalancerIP=34.95.10.234 diff --git a/.github/workflows/prod.yaml b/.github/workflows/prod.yaml index 01e6e55..9596de6 100644 --- a/.github/workflows/prod.yaml +++ b/.github/workflows/prod.yaml @@ -10,9 +10,9 @@ env: GITHUB_SHA: ${{ github.sha }} DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - DOCKER_ORGANIZATION: ${{ secrets.DOCKER_ORGANIZATION }} + DOCKER_ORGANIZATION: ${{ secrets.DOCKER_ORGANIZATION }} PROJECT_ID: ${{ secrets.GKE_PROJECT }} - GKE_CLUSTER: wisp-prod + GKE_CLUSTER: ${{ secrets.GKE_CLUSTER }} GKE_ZONE: northamerica-northeast1-c IMAGE: wisp-gateway @@ -21,50 +21,49 @@ jobs: name: Setup, Build, Tag, and Publish runs-on: ubuntu-latest steps: + # Checkout Commit + - name: Checkout + uses: actions/checkout@v2 - # Checkout Commit - - name: Checkout - uses: actions/checkout@v2 - - # Setup gcloud CLI - - uses: GoogleCloudPlatform/github-actions/setup-gcloud@master - with: - service_account_key: ${{ secrets.GKE_SA_KEY }} - project_id: ${{ secrets.GKE_PROJECT }} + # Setup gcloud CLI + - uses: GoogleCloudPlatform/github-actions/setup-gcloud@master + with: + service_account_key: ${{ secrets.GKE_SA_KEY }} + project_id: ${{ secrets.GKE_PROJECT }} - # Configure Docker to use the gcloud command-line tool as a credential - # helper for authentication - - run: |- - gcloud --quiet auth configure-docker - - run: |- - gcloud container clusters get-credentials "$GKE_CLUSTER" --zone "$GKE_ZONE" + # Configure Docker to use the gcloud command-line tool as a credential + # helper for authentication + - run: |- + gcloud --quiet auth configure-docker + - run: |- + gcloud container clusters get-credentials "$GKE_CLUSTER" --zone "$GKE_ZONE" - # Build the Docker image - - name: Build - run: | - docker build -t "$DOCKER_ORGANIZATION"/"$IMAGE":$(echo ${GITHUB_SHA} | cut -c1-8) . - - # Tag the Docker image - - name: Tag - run: | - docker tag "$DOCKER_ORGANIZATION"/"$IMAGE":$(echo ${GITHUB_SHA} | cut -c1-8) "$DOCKER_ORGANIZATION"/"$IMAGE":latest + # Build the Docker image + - name: Build + run: | + docker build -t "$DOCKER_ORGANIZATION"/"$IMAGE":$(echo ${GITHUB_SHA} | cut -c1-8) . - # Push the Docker image to Dockerhub - - name: Publish - run: | - docker login -u=$DOCKER_USERNAME -p=$DOCKER_PASSWORD - docker push $DOCKER_ORGANIZATION/$IMAGE - env: - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} + # Tag the Docker image + - name: Tag + run: | + docker tag "$DOCKER_ORGANIZATION"/"$IMAGE":$(echo ${GITHUB_SHA} | cut -c1-8) "$DOCKER_ORGANIZATION"/"$IMAGE":latest - # Install helm for use in pipeline - - name: Install helm - run: | - wget -q -O get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 - chmod 700 get_helm.sh - ./get_helm.sh + # Push the Docker image to Dockerhub + - name: Publish + run: | + docker login -u=$DOCKER_USERNAME -p=$DOCKER_PASSWORD + docker push $DOCKER_ORGANIZATION/$IMAGE + env: + DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - # Deploy to GKE cluster using helm - - name: Deploy - run: |- - helm upgrade --atomic --install prod-gateway ./chart/wisp-gateway/ --namespace prod --set image.tag=$(echo ${GITHUB_SHA} | cut -c1-8) --set replicaCount=2 --set service.loadBalancerIP=35.203.108.72 \ No newline at end of file + # Install helm for use in pipeline + - name: Install helm + run: | + wget -q -O get_helm.sh https://raw.githubusercontent.com/helm/helm/master/scripts/get-helm-3 + chmod 700 get_helm.sh + ./get_helm.sh + + # Deploy to GKE cluster using helm + - name: Deploy + run: |- + helm upgrade --atomic --install prod-gateway ./chart/wisp-gateway/ --namespace prod --set image.tag=$(echo ${GITHUB_SHA} | cut -c1-8) --set replicaCount=2 --set service.loadBalancerIP=35.203.108.72 From d4690d63a6d99a2c2eb7fa9fcd1bb8bf53050fe9 Mon Sep 17 00:00:00 2001 From: Cole Killian Date: Tue, 15 Jun 2021 17:51:28 -0700 Subject: [PATCH 2/3] feat: make LOAD_BALANCER_IP a secret --- .github/workflows/dev.yaml | 7 ++++--- .github/workflows/prod.yaml | 3 ++- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/dev.yaml b/.github/workflows/dev.yaml index eb6d1b8..cc41e2f 100644 --- a/.github/workflows/dev.yaml +++ b/.github/workflows/dev.yaml @@ -9,9 +9,10 @@ on: env: GITHUB_SHA: ${{ github.sha }} DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_ORGANIZATION: ${{ secrets.DOCKER_ORGANIZATION }} + DOCKER_ORGANIZATION: ${{ secrets.DOCKER_ORGANIZATION }} PROJECT_ID: ${{ secrets.GKE_PROJECT }} - GKE_CLUSTER: wisp-prod + GKE_CLUSTER: ${{ secrets.GKE_CLUSTER }} + LOAD_BALANCER_IP: ${{ secrets.DEV_LOAD_BALANCER_IP }} GKE_ZONE: northamerica-northeast1-c IMAGE: wisp-gateway @@ -65,4 +66,4 @@ jobs: # Deploy the Docker image to the GKE cluster - name: Deploy run: |- - helm upgrade --atomic --install dev-gateway ./chart/wisp-gateway/ --namespace dev --set image.tag=dev-$(echo ${GITHUB_SHA} | cut -c1-8) --set service.loadBalancerIP=34.95.10.234 + helm upgrade --atomic --install dev-gateway ./chart/wisp-gateway/ --namespace dev --set image.tag=dev-$(echo ${GITHUB_SHA} | cut -c1-8) --set service.loadBalancerIP=${LOAD_BALANCER_IP} diff --git a/.github/workflows/prod.yaml b/.github/workflows/prod.yaml index 9596de6..2302d06 100644 --- a/.github/workflows/prod.yaml +++ b/.github/workflows/prod.yaml @@ -13,6 +13,7 @@ env: DOCKER_ORGANIZATION: ${{ secrets.DOCKER_ORGANIZATION }} PROJECT_ID: ${{ secrets.GKE_PROJECT }} GKE_CLUSTER: ${{ secrets.GKE_CLUSTER }} + LOAD_BALANCER_IP: ${{ secrets.PROD_LOAD_BALANCER_IP }} GKE_ZONE: northamerica-northeast1-c IMAGE: wisp-gateway @@ -66,4 +67,4 @@ jobs: # Deploy to GKE cluster using helm - name: Deploy run: |- - helm upgrade --atomic --install prod-gateway ./chart/wisp-gateway/ --namespace prod --set image.tag=$(echo ${GITHUB_SHA} | cut -c1-8) --set replicaCount=2 --set service.loadBalancerIP=35.203.108.72 + helm upgrade --atomic --install prod-gateway ./chart/wisp-gateway/ --namespace prod --set image.tag=$(echo ${GITHUB_SHA} | cut -c1-8) --set replicaCount=2 --set service.loadBalancerIP=${LOAD_BALANCER_IP} From f51079b16ab985b9d84a9aa4e77149eff938aed8 Mon Sep 17 00:00:00 2001 From: Cole Killian Date: Tue, 15 Jun 2021 17:56:30 -0700 Subject: [PATCH 3/3] feat: convert GKE_ZONE to a github secret --- .github/workflows/dev.yaml | 5 +++-- .github/workflows/prod.yaml | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/dev.yaml b/.github/workflows/dev.yaml index cc41e2f..0ba464a 100644 --- a/.github/workflows/dev.yaml +++ b/.github/workflows/dev.yaml @@ -9,11 +9,12 @@ on: env: GITHUB_SHA: ${{ github.sha }} DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} + DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} DOCKER_ORGANIZATION: ${{ secrets.DOCKER_ORGANIZATION }} PROJECT_ID: ${{ secrets.GKE_PROJECT }} GKE_CLUSTER: ${{ secrets.GKE_CLUSTER }} LOAD_BALANCER_IP: ${{ secrets.DEV_LOAD_BALANCER_IP }} - GKE_ZONE: northamerica-northeast1-c + GKE_ZONE: ${{ secrets.GKE_ZONE }} IMAGE: wisp-gateway jobs: @@ -25,7 +26,7 @@ jobs: - name: Checkout uses: actions/checkout@v2 - # Setup gcloud CLI + # Setup gcloud CLI - uses: GoogleCloudPlatform/github-actions/setup-gcloud@master with: service_account_key: ${{ secrets.GKE_SA_KEY }} diff --git a/.github/workflows/prod.yaml b/.github/workflows/prod.yaml index 2302d06..9cbda2e 100644 --- a/.github/workflows/prod.yaml +++ b/.github/workflows/prod.yaml @@ -14,7 +14,7 @@ env: PROJECT_ID: ${{ secrets.GKE_PROJECT }} GKE_CLUSTER: ${{ secrets.GKE_CLUSTER }} LOAD_BALANCER_IP: ${{ secrets.PROD_LOAD_BALANCER_IP }} - GKE_ZONE: northamerica-northeast1-c + GKE_ZONE: ${{ secrets.GKE_ZONE }} IMAGE: wisp-gateway jobs: