From f662bf60436bb17adcb0c6296d1931638e5e9105 Mon Sep 17 00:00:00 2001
From: shane knapp <incomplete@gmail.com>
Date: Wed, 25 Sep 2024 16:01:03 -0700
Subject: [PATCH 1/2] fixing typo

---
 .github/workflows/deploy-hubs.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/deploy-hubs.yaml b/.github/workflows/deploy-hubs.yaml
index af2108954..39a5ffa1d 100644
--- a/.github/workflows/deploy-hubs.yaml
+++ b/.github/workflows/deploy-hubs.yaml
@@ -1,5 +1,5 @@
 # This workflow will determine if the base hub image and/or single-user server
-# image for any or all hubs has has changed, and if so, deploy accordingly.
+# image for any or all hubs has changed, and if so, deploy accordingly.
 #
 name: Deploy staging and prod hubs
 on:

From 9f70c68eac830232ef8b3fbcd8ce7986edf89626 Mon Sep 17 00:00:00 2001
From: shane knapp <incomplete@gmail.com>
Date: Wed, 25 Sep 2024 16:01:23 -0700
Subject: [PATCH 2/2] workflow for deploying edx hub

---
 .github/workflows/deploy-edx-hub.yaml | 179 ++++++++++++++++++++++++++
 1 file changed, 179 insertions(+)
 create mode 100644 .github/workflows/deploy-edx-hub.yaml

diff --git a/.github/workflows/deploy-edx-hub.yaml b/.github/workflows/deploy-edx-hub.yaml
new file mode 100644
index 000000000..7d338fe02
--- /dev/null
+++ b/.github/workflows/deploy-edx-hub.yaml
@@ -0,0 +1,179 @@
+# This workflow will determine if the edx hub image and/or single-user server
+# image has changed, and if so, deploy accordingly.
+#
+name: Deploy edx staging and prod hub
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - staging
+      - prod
+
+jobs:
+  deploy-edx-hub-to-staging:
+    if: github.event_name == 'push' && github.ref == 'refs/heads/staging'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Get PR labels
+        id: pr-labels
+        uses: irby/get-labels-on-push@v1.0.1
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Check edx hub changes that need deploying from the labels on the merge commit to staging
+        run: |
+          echo "PR labels: ${{ steps.pr-labels.outputs.labels }}"
+          for label in $(echo -e "${{ steps.pr-labels.outputs.labels }}"); do
+            if [[ "$label" == hub-edx ]]; then
+              echo "DEPLOY=1" >> $GITHUB_ENV
+            fi
+          done
+
+      - name: Check out the image repo
+        if: ${{ env.DEPLOY }}
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # OR "2" -> To retrieve the preceding commit.
+
+      - name: Setup python
+        if: ${{ env.DEPLOY }}
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
+
+      - name: Install dependencies
+        if: ${{ env.DEPLOY }}
+        run: |
+          python -m pip install --upgrade pip
+          pip install -r requirements.txt
+          pip install --force-reinstall git+https://github.com/shaneknapp/hubploy.git@major-refactor
+
+      - name: Auth to gcloud
+        if: ${{ env.DEPLOY }}
+        uses: google-github-actions/auth@v2
+        with:
+          credentials_json: ${{ secrets.GKE_KEY_EDX }}
+          project_id: ${{ secrets.GCP_PROJECT_ID_EDX }}
+
+      - name: Install Google Cloud SDK
+        if: ${{ env.DEPLOY }}
+        uses: google-github-actions/setup-gcloud@v2
+        with:
+          install_components: 'gke-gcloud-auth-plugin'
+
+      - name: Install SOPS
+        if: ${{ env.DEPLOY }}
+        run: |
+          mkdir -p ${HOME}/bin
+          curl -sSL https://github.com/getsops/sops/releases/download/v3.9.0/sops-v3.9.0.linux.amd64 -o ${HOME}/bin/sops
+          chmod 755 ${HOME}/bin/sops
+          echo "${HOME}/bin" >> $GITHUB_PATH
+
+      - name: Store SOPS secret in a file
+        if: ${{ env.DEPLOY }}
+        run: |
+          cat << EOF > ${HOME}/sops.key
+          ${{ secrets.SOPS_KEY }}
+          EOF
+          echo "GOOGLE_APPLICATION_CREDENTIALS=${HOME}/sops.key" >> $GITHUB_ENV
+
+      - name: Install Helm
+        if: ${{ env.DEPLOY }}
+        run: |
+            curl -L https://get.helm.sh/helm-v3.13.3-linux-amd64.tar.gz | tar -xzf -
+            mv linux-amd64/helm /usr/local/bin
+            helm repo add jupyterhub https://jupyterhub.github.io/helm-chart/
+            helm repo update
+
+      - name: Deploy hub to staging
+        if: ${{ env.DEPLOY }}
+        run: |
+          while read deployment; do
+            echo "Deploying single-user image and hub config to ${deployment}"
+            hubploy --verbose deploy --timeout 30m ${deployment} hub staging
+            echo
+          done < <(python .github/scripts/determine-hub-deployments.py --only-deploy edx)
+
+  deploy-edx-hub-to-prod:
+    if: github.event_name == 'push' && github.ref == 'refs/heads/prod'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Get PR labels
+        id: pr-labels
+        uses: irby/get-labels-on-push@v1.0.1
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Check edx hub changes that need deploying from the labels on the merge commit to prod
+        run: |
+          echo "PR labels: ${{ steps.pr-labels.outputs.labels }}"
+          for label in $(echo -e "${{ steps.pr-labels.outputs.labels }}"); do
+            if [[ "$label" == hub-edx ]]; then
+              echo "DEPLOY=1" >> $GITHUB_ENV
+            fi
+          done
+
+      - name: Check out the image repo
+        if: ${{ env.DEPLOY }}
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0  # OR "2" -> To retrieve the preceding commit.
+
+      - name: Setup python
+        if: ${{ env.DEPLOY }}
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
+
+      - name: Install dependencies
+        if: ${{ env.DEPLOY }}
+        run: |
+          python -m pip install --upgrade pip
+          pip install -r requirements.txt
+          pip install --force-reinstall git+https://github.com/shaneknapp/hubploy.git@major-refactor
+
+      - name: Auth to gcloud
+        if: ${{ env.DEPLOY }}
+        uses: google-github-actions/auth@v2
+        with:
+          credentials_json: ${{ secrets.GKE_KEY_EDX }}
+          project_id: ${{ secrets.GCP_PROJECT_ID_EDX }}
+
+      - name: Install Google Cloud SDK
+        if: ${{ env.DEPLOY }}
+        uses: google-github-actions/setup-gcloud@v2
+        with:
+          install_components: 'gke-gcloud-auth-plugin'
+
+      - name: Install SOPS
+        if: ${{ env.DEPLOY }}
+        run: |
+          mkdir -p ${HOME}/bin
+          curl -sSL https://github.com/getsops/sops/releases/download/v3.9.0/sops-v3.9.0.linux.amd64 -o ${HOME}/bin/sops
+          chmod 755 ${HOME}/bin/sops
+          echo "${HOME}/bin" >> $GITHUB_PATH
+
+      - name: Store SOPS secret in a file
+        if: ${{ env.DEPLOY }}
+        run: |
+          cat << EOF > ${HOME}/sops.key
+          ${{ secrets.SOPS_KEY }}
+          EOF
+          echo "GOOGLE_APPLICATION_CREDENTIALS=${HOME}/sops.key" >> $GITHUB_ENV
+
+      - name: Install Helm
+        if: ${{ env.DEPLOY }}
+        run: |
+            curl -L https://get.helm.sh/helm-v3.13.3-linux-amd64.tar.gz | tar -xzf -
+            mv linux-amd64/helm /usr/local/bin
+            helm repo add jupyterhub https://jupyterhub.github.io/helm-chart/
+            helm repo update
+
+      - name: Deploy hub to prod
+        if: ${{ env.DEPLOY }}
+        run: |
+          while read deployment; do
+            echo "Deploying single-user image and hub config to ${deployment}"
+            hubploy --verbose deploy --timeout 30m ${deployment} hub prod
+            echo
+          done < <(python .github/scripts/determine-hub-deployments.py --only-deploy edx)