metalk8s/.github/workflows/upgrade-test.yaml at 0e37e7ca1e46b60bac985e71c46daf47205c71ec · scality/metalk8s · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
name: Upgrade test

on:
  workflow_call:
    inputs:
      from-artifacts-url:
        description: "Artifacts URL to use to install"
        required: true
        type: string
      to-artifacts-url:
        description: "Artifacts URL to upgrade to"
        required: true
        type: string
      type:
        description: "The type of upgrade ran"
        required: false
        type: string
        default: "unknown"

      enable-debug-when-failure:
        description: "Whether or not debug when failure should be enabled or not"
        required: false
        type: boolean
        default: false

env:
  OS: "rocky-8"
  NODES_COUNT: "0"

jobs:
  upgrade:
    # We need to use those specific gcloud runner so that we have
    # known runner IPs
    runs-on: [self-hosted, ubuntu, large, jammy, gcloud]
    env:
      NAME: upgrade-${{ inputs.type }}
    steps:
      - name: Checkout
        uses: actions/checkout@v5
      - name: Install deps
        run: sudo apt-get update && sudo apt-get install -y isomd5sum

     ## Spawn {{{
      - name: Export environment variables for accessing the cloud
        uses: ./.github/actions/export-cloud-env
        with:
          # Pass all "cloud access" secrets, the action will know which ones to export
          OVH_AUTH_URL: ${{ secrets.OVH_AUTH_URL }}
          OVH_USERNAME: ${{ secrets.OVH_USERNAME }}
          OVH_PASSWORD: ${{ secrets.OVH_PASSWORD }}
          OVH_REGION: ${{ secrets.OVH_REGION }}
      - name: Spawn cluster with Terraform
        uses: ./.github/actions/spawn-cluster
        with:
          # Parameters
          OS: ${{ env.OS }}
          NAME: ${{ env.NAME }}
          NODES_COUNT: ${{ env.NODES_COUNT }}
          # Secrets
          GIT_ACCESS_TOKEN: ${{ secrets.GIT_ACCESS_TOKEN }}
          ARTIFACTS_USER: ${{ secrets.ARTIFACTS_USER }}
          ARTIFACTS_PASSWORD: ${{ secrets.ARTIFACTS_PASSWORD }}
          AUTHORIZED_CIDRS: ${{ vars.AUTHORIZED_CIDRS }}
      - name: Save Terraform context
        if: always()
        uses: ./.github/actions/save-terraform-context
        with:
          NAME: ${{ env.NAME }}
          ARTIFACTS_USER: ${{ secrets.ARTIFACTS_USER }}
          ARTIFACTS_PASSWORD: ${{ secrets.ARTIFACTS_PASSWORD }}
      - name: Copy SSH config to current directory
        run: cp terraform-snapshot/terraform/ssh_config ./
      ## }}}

      # Install source {{{
      - name: Get source MetalK8s ISO
        uses: ./.github/actions/retrieve-iso
        with:
          ARTIFACTS_USER: ${{ secrets.ARTIFACTS_USER }}
          ARTIFACTS_PASSWORD: ${{ secrets.ARTIFACTS_PASSWORD }}
          ARTIFACTS_URL: ${{ inputs.from-artifacts-url }}
      - name: Copy MetalK8s ISO to the Bootstrap node
        uses: ./.github/actions/copy-file-ssh
        with:
          SOURCE_FILE: "metalk8s.iso"
      - name: Generate Bootstrap config
        uses: ./.github/actions/generate-bootstrap
      - name: Mount MetalK8s ISO
        uses: ./.github/actions/mount-iso
      - name: Run Bootstrap
        uses: ./.github/actions/run-bootstrap
      - name: Provision volumes
        uses: ./.github/actions/provision-volumes
      - name: Untaint bootstrap node
        uses: ./.github/actions/untaint
      # }}}

      # Tests source {{{
      - name: Retrieve source product.txt from artifacts
        run: >
          curl --fail -LO -u ${{ secrets.ARTIFACTS_USER }}:${{ secrets.ARTIFACTS_PASSWORD }}
          ${{ inputs.from-artifacts-url }}/product.txt
      - name: Save source git commit in environment
        run: |
          source product.txt
          echo "source_version=$VERSION" >> $GITHUB_ENV
          echo "source_git_commit=$GIT" >>$GITHUB_ENV
      - name: Wait for pods to stabilize
        uses: ./.github/actions/wait-pod-stable
      - name: Prepare bastion to run ${{ env.source_version }} tests
        uses: ./.github/actions/prepare-bastion
        with:
          BRANCH: ${{ env.source_git_commit }}
      - name: Run ${{ env.source_version }} tests from Bastion
        uses: ./.github/actions/bastion-tests
      # }}}

      # Upgrade {{{
      - name: Get target MetalK8s ISO
        uses: ./.github/actions/retrieve-iso
        with:
          ARTIFACTS_USER: ${{ secrets.ARTIFACTS_USER }}
          ARTIFACTS_PASSWORD: ${{ secrets.ARTIFACTS_PASSWORD }}
          ARTIFACTS_URL: ${{ inputs.to-artifacts-url }}
      - name: Retrieve target product.txt from artifacts
        run: >
          curl --fail -LO -u ${{ secrets.ARTIFACTS_USER }}:${{ secrets.ARTIFACTS_PASSWORD }}
          ${{ inputs.to-artifacts-url }}/product.txt
      - name: Save target version in environment
        run: |
          source product.txt
          echo "target_version=$VERSION" >> $GITHUB_ENV
      - name: Copy target MetalK8s ISO to the Bootstrap node
        uses: ./.github/actions/copy-file-ssh
        with:
          SOURCE_FILE: "metalk8s.iso"
          DESTINATION_FILE: "metalk8s-${{ env.target_version }}.iso"
      - name: Add new ISO to the cluster
        uses: ./.github/actions/add-archive
        with:
          archive: "metalk8s-${{ env.target_version }}.iso"
      - name: Run the upgrade
        uses: ./.github/actions/run-upgrade
        with:
          version: ${{ env.target_version }}
      # }}}

      # Tests target {{{
      - name: Wait for pods to stabilize
        uses: ./.github/actions/wait-pod-stable
      - name: Prepare bastion to run ${{ env.target_version }} tests
        uses: ./.github/actions/prepare-bastion
      - name: Run ${{ env.target_version }} tests from Bastion
        uses: ./.github/actions/bastion-tests
      # }}}

      ## Collect logs {{
      - name: Generate and Collect sosreport
        if: always()
        uses: ./.github/actions/sosreport-logs
        with:
          NODES_COUNT: "${{ env.NODES_COUNT }}"
      ## }}

      ## Generate job result {{
      - name: Generate Job result
        if: always()
        uses: ./.github/actions/generate-job-result
        with:
          name: ${{ env.NAME }}
          ARTIFACTS_USER: ${{ secrets.ARTIFACTS_USER }}
          ARTIFACTS_PASSWORD: ${{ secrets.ARTIFACTS_PASSWORD }}
          GIT_ACCESS_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      ## }}

      ## Upload artifacts {{
      - name: Upload artifacts
        if: always()
        uses: scality/action-artifacts@v4
        with:
          method: upload
          url: https://artifacts.scality.net
          user: ${{ secrets.ARTIFACTS_USER }}
          password: ${{ secrets.ARTIFACTS_PASSWORD }}
          source: artifacts
      ## }}
      - name: debug
        if: inputs.enable-debug-when-failure && failure()
        run: sleep 3600

      ## Destroy {{{
      - name: Destroy cluster with Terraform
        if: always()
        uses: ./.github/actions/destroy-cluster
        with:
          # Parameters
          NAME: ${{ env.NAME }}
          # Secrets
          GIT_ACCESS_TOKEN: ${{ secrets.GIT_ACCESS_TOKEN }}
      # }}}