-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
f9a36bd
commit cc913b1
Showing
1 changed file
with
96 additions
and
30 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,47 +1,113 @@ | ||
| name: Configure Docker (Ubuntu) | ||
| name: Deploy Cerulean Infratructure | ||
| description: |- | ||
| A GitHub action to configure the installed Docker daemon on an Ubuntu GitHub Actions runner | ||
| This action deploys the Cerulean infrastructure | ||
| inputs: | ||
| environment: | ||
| description: |- | ||
| Target environment of infrastructure deployment | ||
| required: true | ||
| python-version: | ||
| description: |- | ||
| Which Python version to use | ||
| default: '3.9' | ||
| pulumi-version: | ||
| description: |- | ||
| Which Pulumi version to use | ||
| required: true | ||
| pulumi-stack-passphrase: | ||
| description: |- | ||
| The passphrahse to encrypt secrets in the Pulumi stack | ||
| required: true | ||
|
|
||
| runs: | ||
| using: composite | ||
| using: "composite" | ||
| steps: | ||
| - id: create-directory | ||
| name: Create Docker data directory | ||
| - name: Install Python | ||
| uses: actions/setup-python@v5 | ||
| with: | ||
| python-version: ${{ inputs.python-version }} | ||
|
|
||
| - name: Get pip cache dir | ||
| id: pip-cache | ||
| shell: bash | ||
| run: | | ||
| df -H | ||
| if ! test -d /mnt; then | ||
| echo "::error title=Error::Missing directory /mnt" | ||
| exit 1 | ||
| fi | ||
| sudo mkdir /mnt/docker-data | ||
| sudo chmod 777 /mnt/docker-data | ||
| - id: stop-docker | ||
| name: Stop Docker Daemon | ||
| python -m pip install pip --upgrade | ||
| echo "PIP_CACHE_DIR=$(python -m pip cache dir)" >> $GITHUB_ENV | ||
| - name: Cache pip | ||
| uses: actions/cache@v4 | ||
| with: | ||
| path: ${{ env.PIP_CACHE_DIR }} | ||
| key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements*.txt') }} | ||
| restore-keys: | | ||
| ${{ runner.os }}-pip- | ||
| - name: Configure GCP Credentials | ||
| uses: google-github-actions/auth@v2 | ||
| with: | ||
| workload_identity_provider: "projects/734798842681/locations/global/workloadIdentityPools/my-pool/providers/gh-provider" | ||
| service_account: "[email protected]" | ||
|
|
||
| - name: Configure AWS credentials | ||
| uses: aws-actions/configure-aws-credentials@v4 | ||
| with: | ||
| role-to-assume: arn:aws:iam::162277344632:role/CeruleanCloudDeploy | ||
| aws-region: eu-central-1 | ||
|
|
||
| - name: Configure docker | ||
| shell: bash | ||
| run: | | ||
| sudo systemctl stop docker | ||
| gcloud auth configure-docker -q | ||
| - id: configure-docker-data-root | ||
| name: Configure Docker for new data directory | ||
| - name: Install Pulumi requirements | ||
| shell: bash | ||
| run: | | ||
| if ! test -d /etc/docker; then | ||
| sudo mkdir -p /etc/docker | ||
| fi | ||
| pip install -r requirements-pulumi.txt | ||
| jq < /etc/docker/daemon.json '. += { "data-root": "/mnt/docker-data" }' > /tmp/daemon.json | ||
| sudo cp /tmp/daemon.json /etc/docker/daemon.json | ||
| cat /etc/docker/daemon.json | ||
| - name: Build Container Images | ||
| uses: pulumi/actions@v5 | ||
| id: pulumi-images | ||
| env: | ||
| PULUMI_CONFIG_PASSPHRASE: ${{ inputs.pulumi-stack-passphrase }} | ||
| with: | ||
| pulumi-version: ${{ inputs.pulumi-version }} | ||
| work-dir: images/ | ||
| command: up | ||
| stack-name: ${{ inputs.environment }} | ||
|
|
||
| - id: start-docker | ||
| name: Start Docker Daemon | ||
| # Copy shared database_client.py files | ||
| - name: Copy Shared File | ||
| shell: bash | ||
| run: | | ||
| sudo systemctl start docker | ||
| - id: configure-artifact-registry | ||
| name: Configure Artifact Registry Authentication | ||
| mkdir -p cerulean_cloud/cloud_function_ais_analysis/cerulean_cloud/ | ||
| cp cerulean_cloud/database_client.py cerulean_cloud/cloud_function_ais_analysis/cerulean_cloud/database_client.py | ||
| cp cerulean_cloud/database_schema.py cerulean_cloud/cloud_function_ais_analysis/cerulean_cloud/database_schema.py | ||
| cp cerulean_cloud/structured_logger.py cerulean_cloud/cloud_function_ais_analysis/cerulean_cloud/structured_logger.py | ||
| cp cerulean_cloud/__init__.py cerulean_cloud/cloud_function_ais_analysis/cerulean_cloud/__init__.py | ||
| - name: Deploy Infrastructure | ||
| uses: pulumi/actions@v5 | ||
| id: pulumi | ||
| env: | ||
| PULUMI_CONFIG_PASSPHRASE: ${{ inputs.pulumi-stack-passphrase }} | ||
| MODEL: ${{ steps.pulumi-images.outputs.model }} | ||
| with: | ||
| pulumi-version: ${{ inputs.pulumi-version }} | ||
| command: up | ||
| stack-name: ${{ inputs.environment }} | ||
| refresh: true | ||
| diff: true | ||
| comment-on-summary: true | ||
|
|
||
| - name: Start Google Cloud SQL Proxy | ||
| uses: wagnerpereira/gce-cloudsql-proxy-action@v2 | ||
| with: | ||
| instance: ${{ steps.pulumi.outputs.database_instance_name }} | ||
|
|
||
| - name: Run database migrations | ||
| shell: bash | ||
| env: | ||
| DB_URL: ${{ steps.pulumi.outputs.database_url_alembic }} | ||
| run: | | ||
| gcloud auth configure-docker europe-west1-docker.pkg.dev -q | ||
| pip install -r requirements.txt && alembic upgrade head |