Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2024-10-01 01:36:09 -04:00
Code Issues Packages Projects Releases Wiki Activity
66eef5bc70
constellation/.github/actions/constellation_create/action.yml
Daniel Weiße 042f668d20 AB#2190 Verification service (#232) 
* Add verification service

* Update verify command to use new Constellation verification service

* Deploy verification service on cluster init

* Update pcr-reader to use verification service

* Add verification service build workflow

Signed-off-by: Daniel Weiße <dw@edgeless.systems>

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2022-06-28 17:03:28 +02:00

100 lines
3.5 KiB
YAML
Raw Blame History

name: constellation_create
description: "Create a new Constellation cluster."
inputs:
workerNodesCount:
description: "Number of worker nodes to spawn."
required: true
controlNodesCount:
description: "Number of control-plane nodes to spawn."
required: true
autoscale:
description: "Enable / Disable autoscaling."
required: true
cloudProvider:
description: "Either 'gcp' or 'azure'."
required: true
machineType:
description: "Machine type of VM to spawn."
required: true
runs:
using: 'composite'
steps:
- name: Install wireguard
run: sudo apt-get update && sudo apt-get install wireguard iproute2 jq -y
shell: bash
- name: Install kubectl
run: |
curl -LO https://dl.k8s.io/release/v1.23.0/bin/linux/amd64/kubectl
install kubectl /usr/local/bin
shell: bash
- name: Install yq
run: |
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CC86BB64
sudo add-apt-repository ppa:rmescandon/yq
sudo apt update
sudo apt install yq -y
shell: bash
- name: Constellation config generate
run: |
constellation config generate ${{ inputs.cloudProvider }}
shell: bash
- name: Set latest Azure image
run: |
LATEST_AZURE_IMAGE=$(az sig image-version list --resource-group constellation-images --gallery-name Constellation --gallery-image-definition constellation-coreos --query "sort_by([], &publishingProfile.publishedDate)[].id" -o table | tail -n 1)
yq eval -i "(.provider.azure.image) = \"${LATEST_AZURE_IMAGE}\"" constellation-conf.yaml
shell: bash
if: ${{ inputs.cloudProvider == 'azure' }}
- name: Set latest GCP image
run: |
LATEST_GCP_IMAGE_TIMESTAMP=$(gcloud compute images list --filter="name~'constellation-coreos-\d{10}'" --sort-by=creationTimestamp --project constellation-images --format="table(name)" | tail -n 1 | cut -d '-' -f3)
yq eval -i "(.provider.gcp.image) = \"projects/constellation-images/global/images/constellation-coreos-${LATEST_GCP_IMAGE_TIMESTAMP}\"" constellation-conf.yaml
shell: bash
if: ${{ inputs.cloudProvider == 'gcp' }}
- name: Constellation create
run: |
echo "Creating cluster using config:"
cat constellation-conf.yaml
constellation create ${{ inputs.cloudProvider }} -c ${{ inputs.controlNodesCount }} -w ${{ inputs.workerNodesCount }} -t ${{ inputs.machineType }} --name e2e-test -y
shell: bash
- name: Upload constellation-state.json
uses: actions/upload-artifact@v3
with:
name: constellation-state.json
path: constellation-state.json
if: ${{ always() && !env.ACT }}
- name: Read Coordinator IP (Azure)
run: |
echo CONSTELL_IP=$(jq -r .azurecoordinators[].PublicIP constellation-state.json) >> $GITHUB_ENV
shell: bash
if: ${{ inputs.cloudProvider == 'azure' }}
- name: Read Coordinator IP (GCP)
run: |
echo CONSTELL_IP=$(jq -r .gcpcoordinators[].PublicIP constellation-state.json) >> $GITHUB_ENV
shell: bash
if: ${{ inputs.cloudProvider == 'gcp' }}
- name: Constellation init
run: |
if [ ${{ inputs.autoscale }} = true ]; then autoscale=--autoscale; fi
constellation init ${autoscale}
shell: bash
- name: Fetch PCRs
run: |
pcr-reader --constell-ip ${{ env.CONSTELL_IP }} -o measurements.go
shell: bash
- name: Upload measurements
uses: actions/upload-artifact@v3
with:
name: measurements.go
path: measurements.go
if: ${{ !env.ACT }}
- name: Configure VPN connection
run: wg-quick up ./wg0.conf
shell: bash
Reference in New Issue View Git Blame Copy Permalink