mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-01-03 20:01:01 -05:00
133 lines
5.7 KiB
YAML
133 lines
5.7 KiB
YAML
name: Constellation create
|
|
description: |
|
|
Create a new Constellation cluster using latest CoreOS image.
|
|
inputs:
|
|
workerNodesCount:
|
|
description: "Number of worker nodes to spawn."
|
|
required: true
|
|
controlNodesCount:
|
|
description: "Number of control-plane nodes to spawn."
|
|
required: true
|
|
autoscale:
|
|
description: "Enable / Disable autoscaling."
|
|
required: true
|
|
cloudProvider:
|
|
description: "Either 'gcp' or 'azure'."
|
|
required: true
|
|
machineType:
|
|
description: "Machine type of VM to spawn."
|
|
required: true
|
|
coreosImage:
|
|
description: "CoreOS image to use. The default value 'debug-latest' will select the latest available debug image."
|
|
required: true
|
|
isDebugImage:
|
|
description: "Is CoreOS img a debug img?"
|
|
required: true
|
|
kubernetesVersion:
|
|
description: "Kubernetes version to create the cluster from."
|
|
required: false
|
|
runs:
|
|
using: "composite"
|
|
steps:
|
|
- name: Install kubectl
|
|
run: |
|
|
curl -LO https://dl.k8s.io/release/v1.23.0/bin/linux/amd64/kubectl
|
|
install kubectl /usr/local/bin
|
|
shell: bash
|
|
- name: Install yq jq
|
|
run: |
|
|
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CC86BB64
|
|
sudo add-apt-repository ppa:rmescandon/yq
|
|
sudo apt update
|
|
sudo apt install yq jq -y
|
|
shell: bash
|
|
|
|
- name: Constellation config generate
|
|
run: |
|
|
constellation config generate ${{ inputs.cloudProvider }}
|
|
|
|
yq eval -i \
|
|
"(.provider | select(. | has(\"azure\")).azure.subscription) = \"0d202bbb-4fa7-4af8-8125-58c269a05435\" |
|
|
(.provider | select(. | has(\"azure\")).azure.tenant) = \"adb650a8-5da3-4b15-b4b0-3daf65ff7626\" |
|
|
(.provider | select(. | has(\"azure\")).azure.location) = \"West US\" |
|
|
(.provider | select(. | has(\"azure\")).azure.userAssignedIdentity) = \"/subscriptions/0d202bbb-4fa7-4af8-8125-58c269a05435/resourceGroups/constellation-images/providers/Microsoft.ManagedIdentity/userAssignedIdentities/constellation-dev-identity\" |
|
|
(.provider | select(. | has(\"azure\")).azure.enforcedMeasurements) = [11,12]" \
|
|
constellation-conf.yaml
|
|
yq eval -i \
|
|
"(.provider | select(. | has(\"gcp\")).gcp.project) = \"constellation-331613\" |
|
|
(.provider | select(. | has(\"gcp\")).gcp.region) = \"europe-west3\" |
|
|
(.provider | select(. | has(\"gcp\")).gcp.zone) = \"europe-west3-b\" |
|
|
(.provider | select(. | has(\"gcp\")).gcp.enforcedMeasurements) = [11,12]" \
|
|
constellation-conf.yaml
|
|
|
|
if [ ${{ inputs.kubernetesVersion != '' }} = true ]; then
|
|
yq eval -i "(.kubernetesVersion) = ${{ inputs.kubernetesVersion }}" constellation-conf.yaml
|
|
fi
|
|
shell: bash
|
|
|
|
- name: Set image
|
|
run: |
|
|
case $CSP in
|
|
azure)
|
|
if [ "${{ inputs.coreosImage == 'debug-latest' }}" = true ]
|
|
then
|
|
IMAGE_DEFINITION=$(az sig image-definition list --resource-group constellation-images --gallery-name Constellation_Debug --query "[].name" -o tsv | sort --version-sort | tail -n 1)
|
|
AZURE_IMAGE=$(az sig image-version list --resource-group constellation-images --gallery-name Constellation_Debug --gallery-image-definition ${IMAGE_DEFINITION} --query "sort_by([], &publishingProfile.publishedDate)[].id" -o table | tail -n 1)
|
|
else
|
|
AZURE_IMAGE=${{ inputs.coreosImage }}
|
|
fi
|
|
|
|
yq eval -i "(.provider.azure.image) = \"${AZURE_IMAGE}\"" constellation-conf.yaml
|
|
;;
|
|
gcp)
|
|
if [ "${{ inputs.coreosImage == 'debug-latest' }}" = true ]
|
|
then
|
|
GCP_LATEST_FAMILY=$(gcloud compute images list --project constellation-images --filter="family ~ constellation-debug-v\d+-\d+-\d+" --format="value(family)" | sort --version-sort | tail -n 1)
|
|
GCP_IMAGE_NAME=$(gcloud compute images list --project constellation-images --filter="name ~ constellation-\d{10} AND family:${GCP_LATEST_FAMILY}" --sort-by=creationTimestamp --format="table(name)" | tail -n 1)
|
|
GCP_IMAGE="projects/constellation-images/global/images/${GCP_IMAGE_NAME}"
|
|
else
|
|
GCP_IMAGE=${{ inputs.coreosImage }}
|
|
fi
|
|
|
|
yq eval -i "(.provider.gcp.image) = \"${GCP_IMAGE}\"" constellation-conf.yaml
|
|
;;
|
|
esac
|
|
|
|
shell: bash
|
|
env:
|
|
CSP: ${{ inputs.cloudProvider }}
|
|
|
|
- name: Add debugd firewall rule
|
|
run: |
|
|
yq eval -i '(.ingressFirewall) += {"name": "debugd", "description": "debugd default port", "protocol": "tcp", "iprange": "0.0.0.0/0", "fromport": 4000, "toport": 0}' constellation-conf.yaml
|
|
shell: bash
|
|
if: ${{ inputs.isDebugImage == 'true' }}
|
|
|
|
- name: Constellation create
|
|
run: |
|
|
echo "Creating cluster using config:"
|
|
cat constellation-conf.yaml
|
|
constellation create ${{ inputs.cloudProvider }} -c ${{ inputs.controlNodesCount }} -w ${{ inputs.workerNodesCount }} -t ${{ inputs.machineType }} --name e2e-test -y
|
|
shell: bash
|
|
- name: Upload constellation-state.json
|
|
uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8
|
|
with:
|
|
name: constellation-state.json
|
|
path: constellation-state.json
|
|
if: ${{ always() && !env.ACT }}
|
|
|
|
- name: Cdbg deploy
|
|
run: |
|
|
printf 'cdbg:\n bootstrapperPath: "'$GITHUB_WORKSPACE'/build/bootstrapper"\n' > cdbg-conf.yaml
|
|
echo "Deploying bootstrapper with config:"
|
|
cat ./cdbg-conf.yaml
|
|
cdbg deploy
|
|
shell: bash
|
|
if: ${{ inputs.isDebugImage == 'true' }}
|
|
|
|
- name: Constellation init
|
|
run: |
|
|
if [ ${{ inputs.autoscale }} = true ]; then autoscale=--autoscale; fi
|
|
constellation init ${autoscale}
|
|
shell: bash
|