constellation/.github/actions/constellation_create/action.yml

name: constellation_create
description: "Create a new Constellation cluster."
inputs:
  workerNodesCount:
    description: "Number of worker nodes to spawn."
    required: true
  controlNodesCount:
    description: "Number of control-plane nodes to spawn."
    required: true
  autoscale:
    description: "Enable / Disable autoscaling."
    required: true
  cloudProvider:
    description: "Either 'gcp' or 'azure'."
    required: true
  machineType:
    description: "Machine type of VM to spawn."
    required: true
runs:
  using: 'composite'
  steps:
  - name: Install wireguard
    run: sudo apt-get update && sudo apt-get install wireguard iproute2 jq -y
    shell: bash
  - name: Install kubectl
    run: |
      curl -LO https://dl.k8s.io/release/v1.23.0/bin/linux/amd64/kubectl
      install kubectl /usr/local/bin
    shell: bash
  - name: Install yq
    run: |
      sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CC86BB64
      sudo add-apt-repository ppa:rmescandon/yq
      sudo apt update
      sudo apt install yq -y
    shell: bash

  - name: Constellation config generate
    run: |
      constellation config generate ${{ inputs.cloudProvider }}
    shell: bash

  - name: Set latest Azure image
    run: |
      LATEST_AZURE_IMAGE=$(az sig image-version list --resource-group constellation-images --gallery-name Constellation --gallery-image-definition constellation-coreos --query "sort_by([], &publishingProfile.publishedDate)[].id" -o table | tail -n 1)
      yq eval -i "(.provider.azure.image) = \"${LATEST_AZURE_IMAGE}\"" constellation-conf.yaml
    shell: bash
    if: ${{ inputs.cloudProvider == 'azure' }}
  - name: Set latest GCP image
    run: |
      LATEST_GCP_IMAGE_TIMESTAMP=$(gcloud compute images list --filter="name~'constellation-coreos-\d{10}'" --sort-by=creationTimestamp --project constellation-images --format="table(name)" | tail -n 1 | cut -d '-' -f3)
      yq eval -i "(.provider.gcp.image) = \"projects/constellation-images/global/images/constellation-coreos-${LATEST_GCP_IMAGE_TIMESTAMP}\"" constellation-conf.yaml
    shell: bash
    if: ${{ inputs.cloudProvider == 'gcp' }}

  - name: Constellation create
    run: |
      echo "Creating cluster using config:"
      cat constellation-conf.yaml
      constellation create ${{ inputs.cloudProvider }} -c ${{ inputs.controlNodesCount }} -w ${{ inputs.workerNodesCount }} -t ${{ inputs.machineType }} --name e2e-test -y
    shell: bash
  - name: Upload constellation-state.json
    uses: actions/upload-artifact@v3
    with:
      name: constellation-state.json
      path: constellation-state.json
    if: ${{ always() && !env.ACT }}

  - name: Read Coordinator IP (Azure)
    run: |
      echo CONSTELL_IP=$(jq -r .azurecoordinators[].PublicIP constellation-state.json) >> $GITHUB_ENV
    shell: bash
    if: ${{ inputs.cloudProvider == 'azure' }}
  - name: Read Coordinator IP (GCP)
    run: |
      echo CONSTELL_IP=$(jq -r .gcpcoordinators[].PublicIP constellation-state.json) >> $GITHUB_ENV
    shell: bash
    if: ${{ inputs.cloudProvider == 'gcp' }}

  - name: Constellation init
    run: |
      if [ ${{ inputs.autoscale }} = true ]; then autoscale=--autoscale; fi
      constellation init ${autoscale}
    shell: bash

  - name: Fetch PCRs
    run: |
      pcr-reader --constell-ip ${{ env.CONSTELL_IP }} -o measurements.go
    shell: bash
  - name: Upload measurements
    uses: actions/upload-artifact@v3
    with:
      name: measurements.go
      path: measurements.go
    if: ${{ !env.ACT }}

  - name: Configure VPN connection
    run: wg-quick up ./wg0.conf
    shell: bash