Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for CI Deployments #22

Merged
merged 5 commits into from
Dec 10, 2024
Merged

Support for CI Deployments #22

merged 5 commits into from
Dec 10, 2024

Conversation

joshuacurtiss
Copy link
Member

These enhancements pave the way for CI deployments via GitHub Actions by installing a self-hosted runner on our target servers. It makes the script for accomplishing that more concise by providing a deploy command that goes through the typical steps for deploying our apps.

Enhancements to the GitHub Actions Runner installer

We already did the footwork of creating a script that helps automate the installation of a GitHub Actions runner. Now that we have real RedHat 9 servers, we were able to identify some necessary changes. For instance:

  • Since most projects will be checked out with root and run in privileged podman containers, the github user that runs the runner service would need to have proper permissions. We don't want to assign more than it needs, so we gave it sudo permissions only for the deploy, docker, and git commands. We accomplish this by writing a separate file just for this purpose in /etc/sudoers.d/.
  • We ensure the runner service is set up to run as the github user.
  • If the chcon command is present, we know we're dealing with an SELinux system. We assign proper contexts so the service will work in SELinux.
  • We automatically assign the runner a label of the hostname of the server.
  • We set it to the latest version available for the runner installer.

The deploy command

The deploy command is made to properly run in a Docker or Podman environment. So, its installation was added as part of the "Docker/Podman" installation step for every environment (currently CentOS, RHEL, and macOS). The command has a nice help screen (deploy --help), but here is a brief description:

It will go through these steps:

  • Login to your Docker repo
  • Stop the application if it is currently running
  • Create a pod (if using podman)
  • Start up the stack using the stack path you point at
  • Install the stack as a service (if using podman)

Some additional notes:

  • If your deployment uses an environment variable name other then .env, you can use --env-file to specify the environment file.
  • The --non-interactive flag skips the docker repository login step, which prompts the user for credentials. This can be used in CI scripts when we can't respond to user prompts.
  • It provides easy ability to redeploy/upgrade, because it stops and starts the stack, and with the --upgrade flag, will pull for fresh images even if it already has them, which benefits configurations that do something like mariadb:10 to always point to the latest of that version.
  • It's intelligent enough to be savvy of the situation where systemctl is not cognizant of newly-created services, and will gracefully handle the situation regardless of a docker, podman, or systemctl situation.

Bringing it all together

The deployment command makes it so that deploying or redeploying a UIC Pharmacy app can be done from one command. This means that deployment CI workflows can be created that are very concise. A good first use case to demonstrate this is prior-auth-drug-search - deploy.yml.

@joshuacurtiss joshuacurtiss added the enhancement New feature or request label Dec 4, 2024
@joshuacurtiss joshuacurtiss requested a review from akamal4 December 4, 2024 22:07
akamal4
akamal4 previously approved these changes Dec 9, 2024
View reviewed changes
@joshuacurtiss
feat: Improve GitHub Actions Runner installer to work with RHEL-9
e010c86 
Generally, the installer was compatible, but there needed to be some SELinux management,
and some changes for a non-native Docker environment like podman.

Additionally, we want the runner to run as a non-root user, but we do need the user to be
able to sudo some commands (deploy, docker, git). So, we add some rules to the sudoers
file so that the github user can't sudo normally but can sudo for just these commands.

Also updated to load the latest version offered by GitHub currently, and put in a check
that pings the GitHub API to see if a newer version exists than what we're offering. If
so, it asks the user if they want to try using the newer version.
@joshuacurtiss
feat: Add deploy script
ab2e2da
@joshuacurtiss
feat: Add deploy script to "Docker" installer on all platforms
32ea725
@joshuacurtiss
docs: Write docs about the deploy script
fac30c2
@akamal4 akamal4 merged commit 56e02f1 into main Dec 10, 2024
3 checks passed
@joshuacurtiss joshuacurtiss deleted the jcurt/deploy-script branch December 10, 2024 17:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@akamal4 akamal4 akamal4 left review comments

Assignees

@akamal4 akamal4

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@joshuacurtiss @akamal4