Skip to content

Allow cleanup(test) to run regardless of deployment #227

Allow cleanup(test) to run regardless of deployment

Allow cleanup(test) to run regardless of deployment #227

Workflow file for this run

name: CI
on:
push:
tags-ignore:
- "*"
branches:
- "main"
pull_request:
release:
types: [published]
workflow_dispatch:
jobs:
ansible-lint:
name: Playbook linting
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Run ansible-lint
uses: ansible/ansible-lint-action@v6
build-and-push-container-images:
name: Build and push container images
runs-on: ubuntu-20.04
if: github.event_name == 'release' || (github.event_name == 'push' && github.ref_name == 'main')
needs: [ansible-lint, deploy-test-rpm]
permissions:
contents: read
packages: write
env:
REGISTRY: ghcr.io
IMAGE_REPOSITORY: ghcr.io/${{ github.repository_owner }}/ansible
IMAGE_TAG: "${{ (github.event_name == 'release' && github.event.release.tag_name) || (github.event_name == 'push' && github.ref_name == 'main' && 'rolling') || github.sha }}"
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- uses: docker/setup-buildx-action@v2
- name: Log in to the Container registry
uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@507c2f2dc502c992ad446e3d7a5dfbe311567a96
with:
images: ${{ env.IMAGE_REPOSITORY }}
- name: Build and push container image
uses: docker/build-push-action@v4
with:
context: .
file: "docker/Dockerfile"
push: true
tags: ${{ env.IMAGE_REPOSITORY }}:${{ env.IMAGE_TAG }}
labels: ${{ steps.meta.outputs.labels }}
platforms: "linux/amd64,linux/arm64"
cache-from: type=gha
cache-to: type=gha,mode=max
deploy-test-rpm:
name: Run the playbook on SLES 15 ${{ matrix.sp_version }}
needs: [ansible-lint]
runs-on: ubuntu-20.04
strategy:
matrix:
include:
- sp_version: 'SP3'
host_ip: TEST_SP3_HOST_IP
- sp_version: 'SP4'
host_ip: TEST_SP4_HOST_IP
- sp_version: 'SP5'
host_ip: TEST_SP5_HOST_IP
env:
TEST_HOST_IP: ${{ secrets[matrix.host_ip] }}
steps:
- name: Checkout repo
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Install galaxy deps
run: ansible-galaxy install -r requirements.yml
- name: Run playbook
id: runplaybook
uses: dawidd6/action-ansible-playbook@v2
with:
playbook: playbook.yml
key: ${{ secrets.SSH_MACHINE_KEY }}
inventory: |
all:
vars:
ansible_user: ${{ secrets.TEST_HOST_USER }}
ansible_python_interpreter: /usr/bin/python3
children:
trento-server:
hosts:
server:
ansible_host: ${{ env.TEST_HOST_IP }}
postgres-hosts:
hosts:
server:
ansible_host: ${{ env.TEST_HOST_IP }}
rabbitmq-hosts:
hosts:
server:
ansible_host: ${{ env.TEST_HOST_IP }}
options: |
--extra-vars "web_postgres_password='trento' \
wanda_postgres_password='wanda' \
rabbitmq_password='trento' \
prometheus_url='http://localhost' \
trento_server_name='trento-deployment.example.com' \
web_admin_password='adminpassword' \
enable_api_key='false' \
nginx_vhost_listen_port='443' \
nginx_ssl_cert_as_base64='true' \
nginx_ssl_key_as_base64='true' \
nginx_ssl_cert='${{ secrets.SSL_CERT }}' \
nginx_ssl_key='${{ secrets.SSL_KEY }}' \
install_method='rpm'"
- name: Test readiness
run: curl -k "https://${{ env.TEST_HOST_IP }}/api/readyz"
- name: Run playbook cleanup
uses: dawidd6/action-ansible-playbook@v2
if: success() || steps.runplaybook.conclusion == 'failure'
with:
playbook: playbook.cleanup.yml
key: ${{ secrets.SSH_MACHINE_KEY }}
inventory: |
all:
vars:
ansible_user: ${{ secrets.TEST_HOST_USER }}
ansible_python_interpreter: /usr/bin/python3
children:
trento-server:
hosts:
server:
ansible_host: ${{ env.TEST_HOST_IP }}
postgres-hosts:
hosts:
server:
ansible_host: ${{ env.TEST_HOST_IP }}
rabbitmq-hosts:
hosts:
server:
ansible_host: ${{ env.TEST_HOST_IP }}
options: |
--extra-vars "web_postgres_password='trento' \
wanda_postgres_password='wanda' \
rabbitmq_password='trento' \
prometheus_url='http://localhost' \
trento_server_name='trento-deployment.example.com' \
web_admin_password='adminpassword' \
enable_api_key='false' \
nginx_vhost_listen_port='443' \
nginx_ssl_cert_as_base64='true' \
nginx_ssl_key_as_base64='true' \
nginx_ssl_cert='${{ secrets.SSL_CERT }}' \
nginx_ssl_key='${{ secrets.SSL_KEY }}' \
install_method='rpm'"
create-artifact:
runs-on: ubuntu-20.04
needs: [ansible-lint, deploy-test-rpm]
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Compress tarball
run: |
tar -zcf trento-ansible.tgz roles/ playbook.yml playbook.cleanup.yml requirements.yml README.md
- uses: actions/upload-artifact@v3
with:
name: trento-ansible
path: |
*.tgz
release-rolling:
runs-on: ubuntu-20.04
if: (github.event_name == 'push' && github.ref == 'refs/heads/main')
needs: [create-artifact]
steps:
- uses: actions/download-artifact@v3
with:
name: trento-ansible
- uses: "marvinpinto/[email protected]"
with:
repo_token: "${{ secrets.GITHUB_TOKEN }}"
automatic_release_tag: "rolling"
prerelease: true
title: "Cutting Edge"
files: |
trento-ansible.tgz
release:
runs-on: ubuntu-20.04
if: github.event.release
needs: [create-artifact]
steps:
- uses: actions/download-artifact@v3
with:
name: trento-ansible
- uses: svenstaro/upload-release-action@v2
with:
repo_token: ${{ secrets.GITHUB_TOKEN }}
file: trento-ansible.tgz
tag: ${{ github.ref }}