Cloud Demo Environment Provisioning #452

Workflow file for this run

.github/workflows/cloud_demo_environment_provisioning.yaml at 6871a4d

	name: Cloud Demo Environment Provisioning

	on:
	workflow_dispatch:
	inputs:
	name:
	description: 'Username'
	required: true
	is_external:
	description: 'Is External User'
	required: false

	env:
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	AWS_REGION: us-east-1
	KUBE_CONFIG_DATA: ${{ secrets.KUBE_CONFIG_DATA }}
	ECR_REPOSITORY: ld-core-demo
	KUBECTL_VERSION: "v1.23.0"
	DEMO_NAMESPACE: ${{ github.event.inputs.name }}
	LD_PROJECT_KEY: ${{ github.event.inputs.name }}-ld-demo
	LD_API_KEY: ${{ secrets.LD_EAP_API_KEY }}


	jobs:
	provisioning_demo_environment:
	runs-on: ubuntu-latest

	steps:
	- name: Checkout code
	uses: actions/checkout@v3

	- name: Set up Python
	uses: actions/setup-python@v2
	with:
	python-version: "3.9"

	- name: Install dependencies
	run: \|
	python -m pip install --upgrade pip
	pip install -r ./.github/workflows/demo_provisioning_scripts/requirements.txt

	# - name: Create / Setup LaunchDarkly Project
	# id: ld_project_setup
	# run: \|
	# echo "Creating and Setting up LaunchDarkly project for namespace: ${{ env.DEMO_NAMESPACE }}"
	# python ./.github/workflows/demo_provisioning_scripts/DemoBuilder.py

	- name: Create .env file for demo pod
	run: \|
	touch ./.env.production
	echo NEXT_PUBLIC_LD_CLIENT_KEY=${{ env.LD_CLIENT_KEY }} >> ./.env.production
	echo LD_SDK_KEY=${{ env.LD_SDK_KEY }} >> ./.env.production
	echo DB_URL=${{ secrets.DB_URL }} >> ./.env.production
	echo LD_API_KEY=${{ env.LD_API_KEY }} >> ./.env.production
	echo DESTINATIONENV=production >> ./.env.production
	echo PROJECT_KEY=${{ env.LD_PROJECT_KEY }} >> ./.env.production
	echo AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY }} >> ./.env.production
	echo AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} >> ./.env.production

	- name: Login to Amazon ECR
	id: login-ecr
	uses: aws-actions/amazon-ecr-login@v1

	- name: Build, tag, and push image to Amazon ECR
	env:
	ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
	ECR_REPOSITORY: ld-core-demo
	run: \|
	docker build -t $ECR_REGISTRY/$ECR_REPOSITORY:${{ env.DEMO_NAMESPACE }}-${{ github.run_id }} .
	docker push $ECR_REGISTRY/$ECR_REPOSITORY:${{ env.DEMO_NAMESPACE }}-${{ github.run_id }}

	- name: Update K8s Deploy File
	run: python ./.github/workflows/update_k8s_deploy_file.py
	env:
	NAMESPACE: ${{ env.DEMO_NAMESPACE }}
	IS_EXTERNAL: ${{ github.event.inputs.is_external == 'true' && 'true' \|\| (github.event.inputs.is_external == '' && 'false' \|\| 'false') }}
	URL: ${{ env.DEMO_NAMESPACE }}.launchdarklydemos.com
	IMAGE: ${{ steps.login-ecr.outputs.registry }}/ld-core-demo:${{ env.DEMO_NAMESPACE }}-${{ github.run_id }}

	- name: Check Namespace in Kubernetes
	uses: kodermax/kubectl-aws-eks@master
	with:
	args: get namespace ${{ env.DEMO_NAMESPACE }} &>/dev/null && echo "namespace_exists=true" >> $GITHUB_ENV \|\| echo "namespace_exists=false" >> $GITHUB_ENV

	- name: Create Namespace In Kubernetes
	if: env.namespace_exists == 'false'
	uses: kodermax/kubectl-aws-eks@master
	with:
	args: create namespace ${{ env.DEMO_NAMESPACE }}

	- name: Check if Nginx Ingress Controller is installed
	id: check-ingress
	uses: kodermax/kubectl-aws-eks@master
	with:
	args: get namespace ingress-nginx &>/dev/null && echo "ingress_exists=true" >> $GITHUB_ENV \|\| echo "ingress_exists=false" >> $GITHUB_ENV

	- name: Install Nginx Ingress Controller
	if: env.ingress_exists == 'false'
	uses: kodermax/kubectl-aws-eks@master
	with:
	args: \|
	helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx && \
	helm repo update && \
	helm install ingress-nginx ingress-nginx/ingress-nginx \
	--namespace ingress-nginx \
	--create-namespace \
	--set controller.service.annotations."service\.beta\.kubernetes\.io/aws-load-balancer-type"="nlb" \
	--set controller.service.annotations."service\.beta\.kubernetes\.io/aws-load-balancer-ssl-cert"="arn:aws:acm:us-east-1:955116512041:certificate/fa29cb5d-f635-40df-89cc-70db82c93845" \
	--set controller.service.annotations."service\.beta\.kubernetes\.io/aws-load-balancer-ssl-ports"="https" \
	--set controller.service.annotations."service\.beta\.kubernetes\.io/aws-load-balancer-backend-protocol"="ssl" \
	--set controller.service.ports.https=443 \
	--set controller.ingressClassResource.default=true

	- name: Check if cert-manager is installed
	id: check-cert-manager
	uses: kodermax/kubectl-aws-eks@master
	with:
	args: get namespace cert-manager &>/dev/null && echo "cert_manager_exists=true" >> $GITHUB_ENV \|\| echo "cert_manager_exists=false" >> $GITHUB_ENV

	- name: Install cert-manager
	if: env.cert_manager_exists == 'false'
	uses: kodermax/kubectl-aws-eks@master
	with:
	args: \|
	helm repo add jetstack https://charts.jetstack.io && \
	helm repo update && \
	helm install cert-manager jetstack/cert-manager \
	--namespace cert-manager \
	--create-namespace \
	--set installCRDs=true

	- name: Create ClusterIssuer for Let's Encrypt
	if: env.cert_manager_exists == 'false'
	uses: kodermax/kubectl-aws-eks@master
	with:
	args: \|
	# Wait for cert-manager to be ready
	sleep 30

	# Create temporary file for ClusterIssuer
	cat > /tmp/clusterissuer.yaml << 'EOF'
	apiVersion: cert-manager.io/v1
	kind: ClusterIssuer
	metadata:
	name: letsencrypt-prod
	spec:
	acme:
	server: https://acme-v02.api.letsencrypt.org/directory
	email: [email protected]
	privateKeySecretRef:
	name: letsencrypt-prod
	solvers:
	- http01:
	ingress:
	class: nginx
	EOF

	# Apply the ClusterIssuer
	kubectl apply -f /tmp/clusterissuer.yaml

	- name: Applying deploy file to Kubernetes
	uses: kodermax/kubectl-aws-eks@master
	with:
	args: apply -f ./.github/workflows/deploy_files/deploy.yaml -n ${{ env.DEMO_NAMESPACE }}

	- name: Configure AWS credentials
	uses: aws-actions/configure-aws-credentials@v1
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: us-east-1

	- name: Get Nginx Ingress Controller Load Balancer
	id: get-nginx-lb
	uses: kodermax/kubectl-aws-eks@master
	with:
	args: get service -n ingress-nginx ingress-nginx-controller -o jsonpath='{.status.loadBalancer.ingress[0].hostname}' > nginx-lb.txt

	- name: Extract Nginx Ingress Controller Load Balancer Hostname
	id: extract-nginx-lb
	run: \|
	if [ -s nginx-lb.txt ]; then
	NGINX_LB_HOSTNAME=$(cat nginx-lb.txt)
	echo "Found Nginx Ingress Controller hostname: $NGINX_LB_HOSTNAME"
	else
	echo "Nginx Ingress Controller hostname not found, using fallback"
	NGINX_LB_HOSTNAME="k8s-ldcoredemolb-93af62c3af-1176236694.us-east-1.elb.amazonaws.com"
	fi
	echo "NGINX_LB_HOSTNAME=$NGINX_LB_HOSTNAME" >> $GITHUB_ENV
	echo "Using Nginx Ingress Controller at $NGINX_LB_HOSTNAME"

	- name: Add Route 53 Record
	run: \|
	HOSTED_ZONE_ID=$(aws route53 list-hosted-zones-by-name --dns-name "launchdarklydemos.com." --query "HostedZones[0].Id" --output text)
	RECORD_SET_JSON='{
	"Comment": "Creating Alias record that points to Nginx Ingress Controller",
	"Changes": [
	{
	"Action": "UPSERT",
	"ResourceRecordSet": {
	"Name": "${{ env.DEMO_NAMESPACE }}.launchdarklydemos.com",
	"Type": "A",
	"AliasTarget": {
	"HostedZoneId": "Z35SXDOTRQ7X7K",
	"DNSName": "'${{ env.NGINX_LB_HOSTNAME }}'",
	"EvaluateTargetHealth": false
	}
	}
	}
	]
	}'
	aws route53 change-resource-record-sets --hosted-zone-id $HOSTED_ZONE_ID --change-batch "$RECORD_SET_JSON"
	env:
	AWS_REGION: 'us-east-1'

	- name: Delete the deploy file
	run: rm -rf ./.github/workflows/deploy_files

	- name: Remove .env file
	run: rm ./.env.production

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Cloud Demo Environment Provisioning #452

Workflow file

Cloud Demo Environment Provisioning #452

Jobs

Run details

Workflow file for this run