trying out ssh rev forwarding instead of ngrok

patrickhuie19 · Sep 15, 2023 · 4487cd5 · 4487cd5
1 parent 7373933
commit 4487cd5
Show file tree

Hide file tree

Showing 2 changed files with 122 additions and 1 deletion.
diff --git a/.github/workflows/README.md b/.github/workflows/README.md
@@ -12,4 +12,23 @@ To view such traces, fork this repository and configure the following secrets:
     NGROK_USER
     NGROK_PASSWORD
 
-The tracing workflow will log the exposed endpoint, which you can paste into any browser. Visit `/explore` and select traces to view traces.
+The tracing workflow will log the exposed endpoint, which you can paste into any browser. Visit `/explore` and select traces to view traces.
+
+`tracing-ssh.yml`:
+This is a variant of `tracing.yml` that uses ssh reverse port forwarding and vanilla port forwarding instead of ngrok:
+
+```mermaid
+graph TD
+  subgraph "GitHub Runner"
+    A([Grafana UI<br>Container]) -->|Exposes Port 3000| B([Localhost<br>Port 3000])
+  end
+  subgraph "Remote Server"
+    C([Port 3001])
+  end
+  subgraph "Authenticated User's Machine"
+    E[View Grafana UI] -->|Browser Access| D([Localhost<br>Port 8000])
+  end
+  B .->|SSH Reverse Tunnel<br>Port 3000 -> 3001| C
+  D -->|SSH Forward Tunnel<br>Port 3001 -> 8000| C
+
+```
diff --git a/.github/workflows/tracing-ssh.yml b/.github/workflows/tracing-ssh.yml
@@ -0,0 +1,102 @@
+name: Enable Tracing for PR
+
+on:
+  pull_request:
+    types: [opened, synchronize, labeled, unlabeled, closed]
+
+jobs:
+  tracing:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v3
+
+    - name: Check for "enable tracing" label
+      id: check-label
+      run: |
+        label=$(jq -r '.pull_request.labels[].name' "$GITHUB_EVENT_PATH")
+        if [[ "$label" == "enable tracing" ]]; then
+          echo "Enable tracing label found."
+          echo "trace=true" >> $GITHUB_OUTPUT
+        else
+          echo "Enable tracing label not found."
+          echo "trace=true" >> $GITHUB_OUTPUT
+        fi
+        echo "$PWD"
+    - name: Build Example GRPC Server Docker Image
+      if: steps.check-label.outputs.trace == 'true'
+      run: |
+        # Build the Docker image
+        docker build -t example-grpc-server:latest -f ./internal/examples/example-grpc-client-server/server/Dockerfile .
+    - name: Setup Grafana and OpenTelemetry
+      id: docker-setup
+      if: steps.check-label.outputs.trace == 'true'
+      run: |
+        # Create network
+        docker network create tracing_network
+
+        # TODO (issues/8): order here matters
+
+        # Start Grafana
+        cd ./internal/examples/example-otlp-agent-tempo-grafana/
+        docker run -d --network=tracing_network --name=grafana -p 3000:3000 -v $PWD/grafana-datasources.yaml:/etc/grafana/provisioning/datasources/datasources.yaml -e GF_AUTH_ANONYMOUS_ENABLED=true -e GF_AUTH_ANONYMOUS_ORG_ROLE=Admin -e GF_AUTH_DISABLE_LOGIN_FORM=true -e GF_FEATURE_TOGGLES_ENABLE=traceqlEditor grafana/grafana:9.4.3
+
+        # Start Tempo
+        docker run -d --network=tracing_network --name=tempo -v ./tempo.yaml:/etc/tempo.yaml -v $PWD/tempo-data:/tmp/tempo grafana/tempo:latest -config.file=/etc/tempo.yaml
+
+        # Start OpenTelemetry Collector
+        docker run -d --network=tracing_network --name=otel-collector -v $PWD/otel-collector.yaml:/etc/otel-collector.yaml -p 4317:4317 otel/opentelemetry-collector:0.61.0 --config=/etc/otel-collector.yaml
+
+    - name: Reverse SSH Tunneling
+      env: 
+        SSH_KEY: ${{ secrets.SSH_KEY }}
+        SSH_SERVER: ${{ secrets.SSH_SERVER }}
+      run: |
+          eval $(ssh-agent)
+          echo "$SSH_KEY" | ssh-add -
+          # f: background process
+          # N: do not execute a remote command
+          # R: remote port forwarding
+          ssh -o StrictHostKeyChecking=no -f -N -R 3001:localhost:3000 ubuntu@$SSH_SERVER
+          echo "To view Grafana locally:"
+          echo "ssh -i /path/to/key -L 8000:localhost:3001 ubuntu@$SSH_SERVER"
+          echo "Then visit http://localhost:8000 in a browser"
+
+    - name: Run server
+      id: run-server
+      run: |
+        # Start example server
+        docker run -d --network=tracing_network --name=example-grpc-server -p 50051:50051 -e ENABLE_TELEMETRY=true -e TELEMETRY_TARGET=otel-collector:4317 example-grpc-server:latest
+
+    - name: Run client to generate traces
+      run: |
+        cd internal/examples/example-grpc-client-server/client
+        go run .
+    - name: Show Grafana Logs
+      if: steps.check-label.outputs.trace == 'true'
+      run: |
+          docker logs grafana
+    - name: Show Tempo Logs
+      if: steps.check-label.outputs.trace == 'true'
+      run: |
+          docker logs tempo
+    - name: Show OpenTelemetry Collector Logs
+      if: steps.check-label.outputs.trace == 'true'
+      run: |
+          docker logs otel-collector
+    - name: Set sleep time to use in future steps
+      if: steps.check-label.outputs.trace == 'true'
+      run: |
+        echo "SLEEP_TIME=300" >> "$GITHUB_ENV"
+    - name: Keep action running to view traces
+      if: steps.check-label.outputs.trace == 'true'
+      run: |
+        echo "Sleeping for $SLEEP_TIME seconds..."
+        sleep $SLEEP_TIME
+    - name: teardown
+      if: steps.check-label.outputs.trace == 'true' || github.event_name == 'pull_request' && github.event.action == 'closed'
+      run: |
+        # Stop and remove containers
+        docker stop grafana tempo otel-collector example-grpc-server
+        docker rm grafana tempo otel-collector example-grpc-server
+        docker network rm tracing_network