name: Deploy Network on: workflow_dispatch: inputs: jsonInput: description: 'Json input (refer to .pipelines/deploy-node-network-inputs.json)' required: true default: '' defaults: run: working-directory: devops/aws jobs: deploy-node-network: name: Create CloudFormation stack and run Ansible playbook runs-on: ubuntu-latest env: STACK_NAME: ga-deploy-node-network-${{ github.run_number }} steps: - name: Checkout uses: actions/checkout@v2 - name: Set env variables id: myoutputs # set the outputs run: | jsonInput=$(jq -r '.inputs.jsonInput' $GITHUB_EVENT_PATH) export ENCRYPTION_KEY=$(echo $jsonInput | jq -r '.encryptionKey.value') echo ::set-output name=encryptionKey::$ENCRYPTION_KEY echo "::add-mask::$ENCRYPTION_KEY" echo ::set-output name=gitRepo::$(echo $jsonInput | jq -r '.gitRepo.value') echo ::set-output name=branchName::$(echo $jsonInput | jq -r '.branchName.value') echo ::set-output name=keyName::$(echo $jsonInput | jq -r '.keyName.value') echo ::set-output name=numberOfValidators::$(echo $jsonInput | jq -r '.numberOfValidators.value') echo ::set-output name=validatorInstanceType::$(echo $jsonInput | jq -r '.validatorInstanceType.value') echo ::set-output name=buildInstanceType::$(echo $jsonInput | jq -r '.buildInstanceType.value') echo ::set-output name=rpcInstanceType::$(echo $jsonInput | jq -r '.rpcInstanceType.value') echo ::set-output name=ec2AMI::$(echo $jsonInput | jq -r '.ec2AMI.value') echo ::set-output name=networkSuffix::$(echo $jsonInput | jq -r '.networkSuffix.value') echo ::set-output name=deploymentType::$(echo $jsonInput | jq -r '.deploymentType.value') initialBalancesFile=$(echo $jsonInput | jq -r '.initialBalancesFile.value') initialMembersFile=$(echo $jsonInput | jq -r '.initialMembersFile.value') if [ -z "$initialBalancesFile" ] then echo ::set-output name=initialBalancesFilePath::'' else wget $initialBalancesFile -O initial-balances.json echo ::set-output name=initialBalancesFilePath::'initial-balances.json' fi if [ -z "$initialMembersFile" ] then echo ::set-output name=initialMembersFilePath::'' else wget $initialMembersFile -O initial-members.json echo ::set-output name=initialMembersFilePath::'initial-members.json' fi - name: Install Ansible dependencies run: pipx inject ansible-core boto3 botocore - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} aws-region: us-east-1 - name: Deploy to AWS CloudFormation uses: aws-actions/aws-cloudformation-github-deploy@v1 id: deploy_stack with: name: ${{ env.STACK_NAME }} template: devops/aws/cloudformation/infrastructure.yml no-fail-on-empty-changeset: '1' parameter-overrides: >- KeyName=${{ steps.myoutputs.outputs.keyName }}, ValidatorEC2InstanceType=${{ steps.myoutputs.outputs.validatorInstanceType }}, RPCEC2InstanceType=${{ steps.myoutputs.outputs.rpcInstanceType }}, BuildEC2InstanceType=${{ steps.myoutputs.outputs.buildInstanceType }}, EC2AMI=${{ steps.myoutputs.outputs.ec2AMI }}, NumberOfValidators=${{ steps.myoutputs.outputs.numberOfValidators }} - name: Prepare inventory for Ansible run: | ASG=${{ steps.deploy_stack.outputs.AutoScalingId }} VALIDATORS="" INSTANCES=$(aws autoscaling describe-auto-scaling-instances \ --query "AutoScalingInstances[?AutoScalingGroupName=='${ASG}'].InstanceId" --output text); for ID in $INSTANCES do IP=$(aws ec2 describe-instances --instance-ids $ID --query "Reservations[].Instances[].PublicIpAddress" --output text) VALIDATORS+="$IP\n" done echo -e "[build]\n${{ steps.deploy_stack.outputs.BuildPublicIp }}\n" >> inventory echo -e "[validators]\n$VALIDATORS" >> inventory echo -e "[rpc]\n${{ steps.deploy_stack.outputs.RPCPublicIp }}" >> inventory cat inventory - name: Run playbook to compile joystream-node on build server uses: dawidd6/action-ansible-playbook@v2 if: steps.myoutputs.outputs.ec2AMI == '' with: playbook: build-code.yml directory: devops/aws requirements: requirements.yml key: ${{ secrets.SSH_PRIVATE_KEY }} options: | --inventory inventory --extra-vars "branch_name=${{ steps.myoutputs.outputs.branchName }} \ git_repo=${{ steps.myoutputs.outputs.gitRepo }} data_path=mydata" - name: Run playbook to install additional utils on build server uses: dawidd6/action-ansible-playbook@v2 if: steps.myoutputs.outputs.ec2AMI == '' with: playbook: setup-admin.yml directory: devops/aws requirements: requirements.yml key: ${{ secrets.SSH_PRIVATE_KEY }} options: | --inventory inventory - name: Run playbook to configure chain-spec and pioneer uses: dawidd6/action-ansible-playbook@v2 with: playbook: chain-spec-pioneer.yml directory: devops/aws requirements: requirements.yml key: ${{ secrets.SSH_PRIVATE_KEY }} options: | --inventory inventory --extra-vars "network_suffix=${{ steps.myoutputs.outputs.networkSuffix }} data_path=mydata \ number_of_validators=${{ steps.myoutputs.outputs.numberOfValidators }} \ git_repo=${{ steps.myoutputs.outputs.gitRepo }} \ deployment_type=${{ steps.myoutputs.outputs.deploymentType }} \ bucket_name=${{ steps.deploy_stack.outputs.S3BucketName }} \ branch_name=${{ steps.myoutputs.outputs.branchName }} \ initial_members_file=${{ steps.myoutputs.outputs.initialMembersFilePath }} \ initial_balances_file=${{ steps.myoutputs.outputs.initialBalancesFilePath }}" - name: Encrpyt the artifacts run: | 7z a -p${{ steps.myoutputs.outputs.encryptionKey }} chain-data.7z mydata/* - name: Save the output as an artifact uses: actions/upload-artifact@v2 with: name: data-chainspec-auth path: devops/aws/chain-data.7z - name: Print output URL's run: | echo -e "Pioneer URL: https://${{ steps.deploy_stack.outputs.DomainName }}" echo -e "RPC: wss://${{ steps.deploy_stack.outputs.RPCPublicIp }}.nip.io/ws-rpc" - name: Delete CloudFormation Stack if any step failed if: failure() run: | echo "Empty the bucket" aws s3 rm s3://${{ steps.deploy_stack.outputs.S3BucketName }} --recursive || echo "No bucket" echo "Deleting ${{ env.STACK_NAME }} stack" aws cloudformation delete-stack --stack-name ${{ env.STACK_NAME }} echo "Waiting for ${{ env.STACK_NAME }} to be deleted..." aws cloudformation wait stack-delete-complete --stack-name ${{ env.STACK_NAME }}