refactor to support separate workflows

defenseunicorns · Oct 15, 2024 · 4043899 · 4043899
1 parent f1b2ac2
commit 4043899
Show file tree

Hide file tree

Showing 7 changed files with 137 additions and 60 deletions.
diff --git a/.github/test-infra/aws/eks/uds-config.tf b/.github/test-infra/aws/eks/uds-config.tf
@@ -0,0 +1,35 @@
+resource "local_sensitive_file" "uds_config" {
+  filename = "../../../bundles/eks/uds-config.yaml"
+  content = yamlencode({
+    "options" : {
+      "architecture" : "amd64"
+    },
+    "variables" : {
+      "core" : {
+        "loki_chunks_bucket" : module.S3["loki"].bucket_name
+        "loki_ruler_bucket" : module.S3["loki"].bucket_name,
+        "loki_admin_bucket" : module.S3["loki"].bucket_name,
+        "loki_s3_region" : data.aws_region.current.name,
+        "loki_irsa_role_arn" : module.irsa["loki"].role_arn,
+        "velero_use_secret" : false,
+        "velero_irsa_role_arn" : module.irsa["velero"].role_arn,
+        "velero_bucket" : module.S3["velero"].bucket_name,
+        "velero_bucket_region" : data.aws_region.current.name,
+        "velero_bucket_provider_url" : "",
+        "velero_bucket_credential_name" : "",
+        "velero_bucket_credential_key" : "",
+        "grafana_ha" : true,
+        "grafana_pg_host" : element(split(":", module.db.db_instance_endpoint), 0),
+        "grafana_pg_port" : var.db_port,
+        "grafana_pg_database" : var.db_name,
+        "grafana_pg_password" : random_password.db_password.result,
+        "grafana_pg_user" : var.username
+      }
+    }
+  })
+}
+
+resource "local_sensitive_file" "kubeconfig" {
+  filename = "/home/runner/.kube/config"
+  content = azurerm_kubernetes_cluster.aks_cluster.kube_admin_config_raw
+}
diff --git a/.github/test-infra/aws/rke2/uds-config.tf b/.github/test-infra/aws/rke2/uds-config.tf
@@ -0,0 +1,35 @@
+resource "local_sensitive_file" "uds_config" {
+  filename = "../../../bundles/rke2/uds-config.yaml"
+  content = yamlencode({
+    "options" : {
+      "architecture" : "amd64"
+    },
+    "variables" : {
+      "core" : {
+        "loki_chunks_bucket" : module.storage.s3_buckets["loki"].bucket_name
+        "loki_ruler_bucket" : module.storage.s3_buckets["loki"].bucket_name,
+        "loki_admin_bucket" : module.storage.s3_buckets["loki"].bucket_name,
+        "loki_s3_region" : data.aws_region.current.name,
+        "loki_irsa_role_arn" : module.storage.irsa["loki"].bucket_role.arn
+        "velero_use_secret" : false,
+        "velero_irsa_role_arn" : module.storage.irsa["velero"].bucket_role.arn,
+        "velero_bucket" : module.storage.s3_buckets["velero"].bucket_name,
+        "velero_bucket_region" : data.aws_region.current.name,
+        "velero_bucket_provider_url" : ""
+        "velero_bucket_credential_name" : "",
+        "velero_bucket_credential_key" : "",
+        "grafana_ha" : false,
+        "grafana_pg_host" : "\"\"",
+        "grafana_pg_port" : "\"\"",
+        "grafana_pg_database" : "\"\"",
+        "grafana_pg_password" : "\"\"",
+        "grafana_pg_user" : "\"\"",
+      }
+    }
+  })
+}
+
+resource "local_sensitive_file" "kubeconfig" {
+  filename = "/home/runner/.kube/config"
+  content = azurerm_kubernetes_cluster.aks_cluster.kube_admin_config_raw
+}
diff --git a/.github/test-infra/azure/aks/uds-config.tf b/.github/test-infra/azure/aks/uds-config.tf
@@ -5,8 +5,7 @@ resource "local_sensitive_file" "uds_config" {
   filename = "../../../bundles/aks/uds-config.yaml"
   content = yamlencode({
     "options" : {
-      "architecture" : "amd64",
-      "no_progress" : true
+      "architecture" : "amd64"
     },
     "variables" : {
       "core" : {

diff --git a/.github/workflows/nightly-testing.yaml b/.github/workflows/nightly-testing.yaml
@@ -1,44 +1,44 @@
 # Copyright 2024 Defense Unicorns
 # SPDX-License-Identifier: AGPL-3.0-or-later OR LicenseRef-Defense-Unicorns-Commercial
 
-name: Nightly Testing
+# name: Nightly Testing
 
-on:
-  schedule:
-    - cron: '0 6 * * *' # Runs at midnight Mountain every day
-  pull_request:
-    paths:
-      - tasks/iac.yaml
-      - .github/workflows/test-eks.yaml
-      - .github/workflows/test-rke2.yaml
-      - .github/bundles/eks/*
-      - .github/bundles/rke2/*
-      - .github/test-infra/aws/eks/*
-      - .github/test-infra/aws/rke2/*
+# on:
+#   schedule:
+#     - cron: '0 6 * * *' # Runs at midnight Mountain every day
+#   pull_request:
+#     paths:
+#       - tasks/iac.yaml
+#       - .github/workflows/test-eks.yaml
+#       - .github/workflows/test-rke2.yaml
+#       - .github/bundles/eks/*
+#       - .github/bundles/rke2/*
+#       - .github/test-infra/aws/eks/*
+#       - .github/test-infra/aws/rke2/*
 
-# Abort prior jobs in the same workflow / PR
-concurrency:
-  group: test-eks-dev-${{ github.ref }}
-  cancel-in-progress: true
+# # Abort prior jobs in the same workflow / PR
+# concurrency:
+#   group: test-eks-dev-${{ github.ref }}
+#   cancel-in-progress: true
 
-jobs:
-  nightly-testing-eks:
-    name: Test Core on EKS
-    uses: ./.github/workflows/test-eks.yaml
-    strategy:
-      matrix:
-        flavor: [upstream, registry1, unicorn]
-      fail-fast: false
-    with:
-      flavor: ${{ matrix.flavor }}
-    secrets: inherit
-  nightly-testing-rke2:
-    name: Test Core on RKE2
-    uses: ./.github/workflows/test-rke2.yaml
-    strategy:
-      matrix:
-        flavor: [upstream, registry1, unicorn]
-      fail-fast: false
-    with:
-      flavor: ${{ matrix.flavor }}
-    secrets: inherit
+# jobs:
+#   nightly-testing-eks:
+#     name: Test Core on EKS
+#     uses: ./.github/workflows/test-eks.yaml
+#     strategy:
+#       matrix:
+#         flavor: [upstream, registry1, unicorn]
+#       fail-fast: false
+#     with:
+#       flavor: ${{ matrix.flavor }}
+#     secrets: inherit
+#   nightly-testing-rke2:
+#     name: Test Core on RKE2
+#     uses: ./.github/workflows/test-rke2.yaml
+#     strategy:
+#       matrix:
+#         flavor: [upstream, registry1, unicorn]
+#       fail-fast: false
+#     with:
+#       flavor: ${{ matrix.flavor }}
+#     secrets: inherit
diff --git a/.github/workflows/test-aks.yaml b/.github/workflows/test-aks.yaml
@@ -17,7 +17,7 @@ permissions:
   contents: read
 
 jobs:
-  build-and-deploy:
+  test-aks-install:
     strategy:
       matrix:
         flavor: [upstream, registry1, unicorn]

diff --git a/.github/workflows/test-eks.yaml b/.github/workflows/test-eks.yaml
@@ -4,19 +4,23 @@
 name: Test Core On EKS
 
 on:
-  # triggered by nightly-testing.yaml
-  workflow_call:
-    inputs:
-      flavor:
-        required: true
-        type: string
+  schedule:
+    - cron: '0 6 * * *' # Runs at midnight Mountain every day
+  pull_request:
+    paths:
+      - tasks/iac.yaml
+      - .github/bundles/eks/*
+      - .github/test-infra/aws/eks/*
 
 permissions:
   id-token: write
   contents: read
 
 jobs:
   test-eks-install:
+    strategy:
+      matrix:
+        flavor: [upstream, registry1, unicorn]  
     runs-on: ubuntu-latest
     env:
       SHA: ${{ github.sha }}
@@ -28,10 +32,10 @@ jobs:
     steps:
       - name: Set ENV
         run: |
-          echo "UDS_CLUSTER_NAME=uds-ci-${{ inputs.flavor }}-${SHA:0:7}" >> $GITHUB_ENV
-          echo "UDS_STATE_KEY="tfstate/ci/install/${SHA:0:7}-eks-core-${{ inputs.flavor }}-aws.tfstate >> $GITHUB_ENV
+          echo "UDS_CLUSTER_NAME=uds-ci-${{ matrix.flavor }}-${SHA:0:7}" >> $GITHUB_ENV
+          echo "UDS_STATE_KEY="tfstate/ci/install/${SHA:0:7}-eks-core-${{ matrix.flavor }}-aws.tfstate >> $GITHUB_ENV
           echo "TF_VAR_region=${UDS_REGION}" >> $GITHUB_ENV
-          echo "TF_VAR_name=uds-ci-${{ inputs.flavor }}-${SHA:0:7}" >> $GITHUB_ENV
+          echo "TF_VAR_name=uds-ci-${{ matrix.flavor }}-${SHA:0:7}" >> $GITHUB_ENV
           echo "TF_VAR_use_permissions_boundary=true" >> $GITHUB_ENV
           echo "TF_VAR_permissions_boundary_name=${UDS_PERMISSIONS_BOUNDARY_NAME}" >> $GITHUB_ENV
 
@@ -64,7 +68,7 @@ jobs:
           tofu_wrapper: false
 
       - name: Create UDS Core Package
-        run: ZARF_ARCHITECTURE=amd64 uds run -f tasks/create.yaml standard-package --no-progress --set FLAVOR=${{ inputs.flavor }}
+        run: ZARF_ARCHITECTURE=amd64 uds run -f tasks/create.yaml standard-package --no-progress --set FLAVOR=${{ matrix.flavor }}
 
       - name: Create Core Bundle
         run: uds create .github/bundles/eks --confirm

diff --git a/.github/workflows/test-rke2.yaml b/.github/workflows/test-rke2.yaml
@@ -4,19 +4,23 @@
 name: Test Core On RKE2
 
 on:
-  # triggered by nightly-testing.yaml
-  workflow_call:
-    inputs:
-      flavor:
-        required: true
-        type: string
+  schedule:
+    - cron: '0 6 * * *' # Runs at midnight Mountain every day
+  pull_request:
+    paths:
+      - tasks/iac.yaml
+      - .github/bundles/rke2/*
+      - .github/test-infra/aws/rke2/*
 
 permissions:
   id-token: write
   contents: read
 
 jobs:
   test-rke2-install:
+    strategy:
+      matrix:
+        flavor: [upstream, registry1, unicorn]    
     runs-on: ubuntu-latest
     env:
       SHA: ${{ github.sha }}
@@ -28,8 +32,8 @@ jobs:
     steps:
       - name: Set ENV
         run: |
-          echo "UDS_CLUSTER_NAME=uds-ci-${{ inputs.flavor }}-${SHA:0:7}" >> $GITHUB_ENV
-          echo "UDS_STATE_KEY="tfstate/ci/install/${SHA:0:7}-rke2-core-${{ inputs.flavor }}-aws.tfstate >> $GITHUB_ENV
+          echo "UDS_CLUSTER_NAME=uds-ci-${{ matrix.flavor }}-${SHA:0:7}" >> $GITHUB_ENV
+          echo "UDS_STATE_KEY="tfstate/ci/install/${SHA:0:7}-rke2-core-${{ matrix.flavor }}-aws.tfstate >> $GITHUB_ENV
           echo "TF_VAR_region=${UDS_REGION}" >> $GITHUB_ENV
           echo "TF_VAR_run_id=$GITHUB_RUN_ID" >> $GITHUB_ENV
           echo "TF_VAR_use_permissions_boundary=true" >> $GITHUB_ENV
@@ -64,7 +68,7 @@ jobs:
           tofu_wrapper: false
 
       - name: Create UDS Core Package
-        run: ZARF_ARCHITECTURE=amd64 uds run -f tasks/create.yaml standard-package --no-progress --set FLAVOR=${{ inputs.flavor }}
+        run: ZARF_ARCHITECTURE=amd64 uds run -f tasks/create.yaml standard-package --no-progress --set FLAVOR=${{ matrix.flavor }}
 
       - name: Create Core Bundle
         run: uds create .github/bundles/rke2 --confirm