| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195 |
- name: Deploy Network
- on:
- workflow_dispatch:
- inputs:
- jsonInput:
- description: 'Json input (refer to .pipelines/deploy-node-network-inputs.json)'
- required: true
- default: ''
- defaults:
- run:
- working-directory: devops/aws
- jobs:
- deploy-node-network:
- name: Create CloudFormation stack and run Ansible playbook
- runs-on: ubuntu-latest
- env:
- STACK_NAME: ga-deploy-node-network-${{ github.run_number }}
- steps:
- - name: Checkout
- uses: actions/checkout@v2
- - name: Set env variables
- id: myoutputs # set the outputs
- run: |
- jsonInput=$(jq -r '.inputs.jsonInput' $GITHUB_EVENT_PATH)
- export ENCRYPTION_KEY=$(echo $jsonInput | jq -r '.encryptionKey.value')
- echo ::set-output name=encryptionKey::$ENCRYPTION_KEY
- echo "::add-mask::$ENCRYPTION_KEY"
- echo ::set-output name=gitRepo::$(echo $jsonInput | jq -r '.gitRepo.value')
- echo ::set-output name=branchName::$(echo $jsonInput | jq -r '.branchName.value')
- echo ::set-output name=keyName::$(echo $jsonInput | jq -r '.keyName.value')
- echo ::set-output name=numberOfValidators::$(echo $jsonInput | jq -r '.numberOfValidators.value')
- echo ::set-output name=validatorInstanceType::$(echo $jsonInput | jq -r '.validatorInstanceType.value')
- echo ::set-output name=buildInstanceType::$(echo $jsonInput | jq -r '.buildInstanceType.value')
- echo ::set-output name=rpcInstanceType::$(echo $jsonInput | jq -r '.rpcInstanceType.value')
- echo ::set-output name=ec2AMI::$(echo $jsonInput | jq -r '.ec2AMI.value')
- echo ::set-output name=networkSuffix::$(echo $jsonInput | jq -r '.networkSuffix.value')
- echo ::set-output name=deploymentType::$(echo $jsonInput | jq -r '.deploymentType.value')
- echo ::set-output name=volumeSize::$(echo $jsonInput | jq -r '.volumeSize.value')
- echo ::set-output name=rpcVolumeSize::$(echo $jsonInput | jq -r '.rpcVolumeSize.value')
- echo ::set-output name=skipChainSetup::$(echo $jsonInput | jq -r '.skipChainSetup.value')
- echo ::set-output name=runtimeProfile::$(echo $jsonInput | jq -r '.runtimeProfile.value')
- initialBalancesFile=$(echo $jsonInput | jq -r '.initialBalancesFile.value')
- initialMembersFile=$(echo $jsonInput | jq -r '.initialMembersFile.value')
- if [ -z "$initialBalancesFile" ]
- then
- echo ::set-output name=initialBalancesFilePath::''
- else
- wget $initialBalancesFile -O initial-balances.json
- echo ::set-output name=initialBalancesFilePath::'initial-balances.json'
- fi
- if [ -z "$initialMembersFile" ]
- then
- echo ::set-output name=initialMembersFilePath::''
- else
- wget $initialMembersFile -O initial-members.json
- echo ::set-output name=initialMembersFilePath::'initial-members.json'
- fi
- - name: Install Ansible dependencies
- run: pipx inject ansible-core boto3 botocore
- - name: Configure AWS credentials
- uses: aws-actions/configure-aws-credentials@v1
- with:
- aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
- aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
- aws-region: us-east-1
- - name: Check if CloudFormation stack exists
- id: stack_exists
- run: |
- if aws cloudformation describe-stacks --stack-name ${{ env.STACK_NAME }} >/dev/null 2>/dev/null; then
- echo "Stack already exists"
- exit 1
- else
- echo "Stack does not exist"
- fi
- - name: Deploy to AWS CloudFormation
- uses: aws-actions/aws-cloudformation-github-deploy@v1
- id: deploy_stack
- with:
- name: ${{ env.STACK_NAME }}
- template: devops/aws/cloudformation/infrastructure.yml
- no-fail-on-empty-changeset: '1'
- parameter-overrides: >-
- KeyName=${{ steps.myoutputs.outputs.keyName }},
- ValidatorEC2InstanceType=${{ steps.myoutputs.outputs.validatorInstanceType }},
- RPCEC2InstanceType=${{ steps.myoutputs.outputs.rpcInstanceType }},
- BuildEC2InstanceType=${{ steps.myoutputs.outputs.buildInstanceType }},
- EC2AMI=${{ steps.myoutputs.outputs.ec2AMI }},
- NumberOfValidators=${{ steps.myoutputs.outputs.numberOfValidators }},
- VolumeSize=${{ steps.myoutputs.outputs.volumeSize }},
- RPCVolumeSize=${{ steps.myoutputs.outputs.rpcVolumeSize }}
- - name: Prepare inventory for Ansible
- run: |
- ASG=${{ steps.deploy_stack.outputs.AutoScalingId }}
- VALIDATORS=""
- INSTANCES=$(aws autoscaling describe-auto-scaling-instances \
- --query "AutoScalingInstances[?AutoScalingGroupName=='${ASG}'].InstanceId" --output text);
- for ID in $INSTANCES
- do
- IP=$(aws ec2 describe-instances --instance-ids $ID --query "Reservations[].Instances[].PublicIpAddress" --output text)
- VALIDATORS+="$IP\n"
- done
- echo -e "[build]\n${{ steps.deploy_stack.outputs.BuildPublicIp }}\n" >> inventory
- echo -e "[validators]\n$VALIDATORS" >> inventory
- echo -e "[rpc]\n${{ steps.deploy_stack.outputs.RPCPublicIp }}" >> inventory
- cat inventory
- - name: Run playbook to setup all hosts and compile joystream-node
- uses: dawidd6/action-ansible-playbook@v2
- # Build binaries if AMI not specified
- if: steps.myoutputs.outputs.ec2AMI == ''
- with:
- playbook: build-code.yml
- directory: devops/aws
- requirements: requirements.yml
- key: ${{ secrets.SSH_PRIVATE_KEY }}
- options: |
- --inventory inventory
- --extra-vars "branch_name=${{ steps.myoutputs.outputs.branchName }} \
- git_repo=${{ steps.myoutputs.outputs.gitRepo }} data_path=mydata \
- runtime_profile=${{ steps.myoutputs.outputs.runtimeProfile }}"
- - name: Run playbook to install additional utils on build server
- uses: dawidd6/action-ansible-playbook@v2
- if: steps.myoutputs.outputs.ec2AMI == ''
- with:
- playbook: setup-build-server.yml
- directory: devops/aws
- requirements: requirements.yml
- key: ${{ secrets.SSH_PRIVATE_KEY }}
- options: |
- --inventory inventory
- - name: Run playbook to configure chain-spec
- uses: dawidd6/action-ansible-playbook@v2
- with:
- playbook: configure-network.yml
- directory: devops/aws
- requirements: requirements.yml
- key: ${{ secrets.SSH_PRIVATE_KEY }}
- options: |
- --inventory inventory
- --extra-vars "network_suffix=${{ steps.myoutputs.outputs.networkSuffix }} data_path=mydata \
- number_of_validators=${{ steps.myoutputs.outputs.numberOfValidators }} \
- git_repo=${{ steps.myoutputs.outputs.gitRepo }} \
- deployment_type=${{ steps.myoutputs.outputs.deploymentType }} \
- branch_name=${{ steps.myoutputs.outputs.branchName }} \
- initial_members_file=${{ steps.myoutputs.outputs.initialMembersFilePath }} \
- initial_balances_file=${{ steps.myoutputs.outputs.initialBalancesFilePath }} \
- skip_chain_setup=${{ steps.myoutputs.outputs.skipChainSetup }}"
- - name: Terminate Build instance
- continue-on-error: true
- run: |
- echo "Deleting build instance with id ${{ steps.deploy_stack.outputs.BuildInstanceId }}"
- aws ec2 terminate-instances --instance-ids ${{ steps.deploy_stack.outputs.BuildInstanceId }}
- - name: Encrpyt the artifacts
- run: |
- 7z a -p${{ steps.myoutputs.outputs.encryptionKey }} chain-data.7z mydata/*
- - name: Save the output as an artifact
- uses: actions/upload-artifact@v2
- with:
- name: data-chainspec-auth
- path: devops/aws/chain-data.7z
- - name: Save the endpoints file as an artifact
- uses: actions/upload-artifact@v2
- with:
- name: endpoints
- path: devops/aws/endpoints.json
- - name: Delete CloudFormation Stack if any step failed
- # Skip only if stack already existed or all steps passed succesfully
- if: ( failure() || cancelled() ) && steps.stack_exists.outcome != 'failure'
- run: |
- echo "Deleting ${{ env.STACK_NAME }} stack"
- aws cloudformation delete-stack --stack-name ${{ env.STACK_NAME }}
- echo "Waiting for ${{ env.STACK_NAME }} to be deleted..."
- aws cloudformation wait stack-delete-complete --stack-name ${{ env.STACK_NAME }}
|
