From b0ef54f9b68e9fdd23f46233eccfec489fd0ba24 Mon Sep 17 00:00:00 2001 From: Arshad Siddique Date: Sun, 16 Jun 2024 12:49:35 +0530 Subject: [PATCH 1/9] Added the automation code --- .github/workflows/ci.yml | 58 +++++++++++++++++++ helm-charts/redis/Chart.yaml | 5 ++ helm-charts/redis/templates/ingress.yaml | 19 ++++++ helm-charts/redis/templates/service.yaml | 10 ++++ helm-charts/redis/templates/statefulset.yaml | 33 +++++++++++ helm-charts/redis/values.yaml | 5 ++ helm-charts/rollouts-demo/Chart.yaml | 5 ++ .../rollouts-demo/templates/ingress.yaml | 18 ++++++ .../rollouts-demo/templates/rollout.yaml | 38 ++++++++++++ .../templates/service-canary.yaml | 13 +++++ .../templates/service-primary.yaml | 14 +++++ helm-charts/rollouts-demo/values.yaml | 4 ++ main.tf | 32 ++++++++++ 13 files changed, 254 insertions(+) create mode 100644 .github/workflows/ci.yml create mode 100644 helm-charts/redis/Chart.yaml create mode 100644 helm-charts/redis/templates/ingress.yaml create mode 100644 helm-charts/redis/templates/service.yaml create mode 100644 helm-charts/redis/templates/statefulset.yaml create mode 100644 helm-charts/redis/values.yaml create mode 100644 helm-charts/rollouts-demo/Chart.yaml create mode 100644 helm-charts/rollouts-demo/templates/ingress.yaml create mode 100644 helm-charts/rollouts-demo/templates/rollout.yaml create mode 100644 helm-charts/rollouts-demo/templates/service-canary.yaml create mode 100644 helm-charts/rollouts-demo/templates/service-primary.yaml create mode 100644 helm-charts/rollouts-demo/values.yaml create mode 100644 main.tf diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..f7958f5 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,58 @@ +name: CI + +on: + push: + branches: + - main + pull_request: + branches: + - main + +jobs: + validate-helm: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Setup Helm + uses: azure/setup-helm@v1 + with: + version: v3.8.0 + + - name: Validate Helm charts + run: | + helm lint helm-charts/redis + helm lint helm-charts/rollouts-demo + + validate-yaml: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Install yamllint + run: sudo apt-get install -y yamllint + + - name: Validate YAML files + run: yamllint . + + terraform-plan: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Setup Terraform + uses: hashicorp/setup-terraform@v2 + with: + terraform_version: 1.0.0 + + - name: Terraform Init + run: terraform init + + - name: Terraform Validate + run: terraform validate + + - name: Terraform Plan + run: terraform plan diff --git a/helm-charts/redis/Chart.yaml b/helm-charts/redis/Chart.yaml new file mode 100644 index 0000000..f9fd25c --- /dev/null +++ b/helm-charts/redis/Chart.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v2 +name: redis +description: A Helm chart for Redis +version: 0.1.0 diff --git a/helm-charts/redis/templates/ingress.yaml b/helm-charts/redis/templates/ingress.yaml new file mode 100644 index 0000000..9b86f3f --- /dev/null +++ b/helm-charts/redis/templates/ingress.yaml @@ -0,0 +1,19 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: redis-ingress +spec: + ingressClassName: nginx + rules: + - host: {{ .Values.ingressHost }} + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: service-redis + port: + number: 6379 + diff --git a/helm-charts/redis/templates/service.yaml b/helm-charts/redis/templates/service.yaml new file mode 100644 index 0000000..ee1e51d --- /dev/null +++ b/helm-charts/redis/templates/service.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: Service +metadata: + name: redis-svc + namespace: default +spec: + ports: + - port: 6379 + selector: + app: redis diff --git a/helm-charts/redis/templates/statefulset.yaml b/helm-charts/redis/templates/statefulset.yaml new file mode 100644 index 0000000..d63e326 --- /dev/null +++ b/helm-charts/redis/templates/statefulset.yaml @@ -0,0 +1,33 @@ +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: redis + namespace: default +spec: + serviceName: "redis" + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: redis + template: + metadata: + labels: + app: redis + spec: + containers: + - name: redis + image: {{ .Values.image }} + ports: + - containerPort: 6379 + volumeMounts: + - name: redis-data + mountPath: /data + volumeClaimTemplates: + - metadata: + name: redis-data + spec: + accessModes: [ "ReadWriteOnce" ] + resources: + requests: + storage: {{ .Values.storage }} diff --git a/helm-charts/redis/values.yaml b/helm-charts/redis/values.yaml new file mode 100644 index 0000000..5873e40 --- /dev/null +++ b/helm-charts/redis/values.yaml @@ -0,0 +1,5 @@ +--- +replicaCount: 1 +image: "redis:latest" +storage: "1Gi" +ingressHost: "redis.local" diff --git a/helm-charts/rollouts-demo/Chart.yaml b/helm-charts/rollouts-demo/Chart.yaml new file mode 100644 index 0000000..3663561 --- /dev/null +++ b/helm-charts/rollouts-demo/Chart.yaml @@ -0,0 +1,5 @@ +--- +apiVersion: v2 +name: rollouts-demo +description: A Helm chart for Rollouts Demo +version: 0.1.0 diff --git a/helm-charts/rollouts-demo/templates/ingress.yaml b/helm-charts/rollouts-demo/templates/ingress.yaml new file mode 100644 index 0000000..47f3a19 --- /dev/null +++ b/helm-charts/rollouts-demo/templates/ingress.yaml @@ -0,0 +1,18 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: rollouts-demo-primary +spec: + ingressClassName: nginx + rules: + - host: {{ .Values.ingressHost }} + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: rollouts-demo-primary + port: + number: 80 diff --git a/helm-charts/rollouts-demo/templates/rollout.yaml b/helm-charts/rollouts-demo/templates/rollout.yaml new file mode 100644 index 0000000..3de4651 --- /dev/null +++ b/helm-charts/rollouts-demo/templates/rollout.yaml @@ -0,0 +1,38 @@ +--- +apiVersion: argoproj.io/v1alpha1 +kind: Rollout +metadata: + name: rollouts-demo +spec: + replicas: {{ .Values.replicas }} + strategy: + canary: + canaryService: rollouts-demo-canary + stableService: rollouts-demo-primary + trafficRouting: + nginx: + stableIngress: rollouts-demo-primary + steps: + - setWeight: 20 + - pause: {} + revisionHistoryLimit: 2 + selector: + matchLabels: + app: rollouts-demo + template: + metadata: + labels: + app: rollouts-demo + spec: + containers: + - name: rollouts-demo + image: {{ .Values.image }} + ports: + - name: http + containerPort: 8080 + protocol: TCP + resources: + requests: + memory: 32Mi + cpu: 5m + diff --git a/helm-charts/rollouts-demo/templates/service-canary.yaml b/helm-charts/rollouts-demo/templates/service-canary.yaml new file mode 100644 index 0000000..b9f243c --- /dev/null +++ b/helm-charts/rollouts-demo/templates/service-canary.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: rollouts-demo-canary +spec: + ports: + - port: 80 + targetPort: http + protocol: TCP + name: http + selector: + app: rollouts-demo diff --git a/helm-charts/rollouts-demo/templates/service-primary.yaml b/helm-charts/rollouts-demo/templates/service-primary.yaml new file mode 100644 index 0000000..57315b4 --- /dev/null +++ b/helm-charts/rollouts-demo/templates/service-primary.yaml @@ -0,0 +1,14 @@ +--- +apiVersion: v1 +kind: Service +metadata: + name: rollouts-demo-primary +spec: + ports: + - port: 80 + targetPort: http + protocol: TCP + name: http + selector: + app: rollouts-demo + diff --git a/helm-charts/rollouts-demo/values.yaml b/helm-charts/rollouts-demo/values.yaml new file mode 100644 index 0000000..2b508e9 --- /dev/null +++ b/helm-charts/rollouts-demo/values.yaml @@ -0,0 +1,4 @@ +--- +replicas: 4 +image: "argoproj/rollouts-demo:green" +ingressHost: "rollouts-demo.local" diff --git a/main.tf b/main.tf new file mode 100644 index 0000000..0b81c9e --- /dev/null +++ b/main.tf @@ -0,0 +1,32 @@ +provider "kubernetes" { + config_path = "~/.kube/config" +} + +provider "helm" { + kubernetes { + config_path = "~/.kube/config" + } +} + +resource "helm_release" "redis" { + name = "redis" + chart = "./helm-charts/redis" + + values = [ + file("./helm-charts/redis/values.yaml") + ] +} + +resource "helm_release" "rollouts_demo" { + name = "rollouts-demo" + chart = "./helm-charts/rollouts-demo" + + values = [ + file("./helm-charts/rollouts-demo/values.yaml") + ] + + provisioner "local-exec" { + command = "kubectl argo rollouts set image rollouts-demo rollouts-demo=argoproj/rollouts-demo:blue" + on_failure = continue + } +} From a29533fa4f329d99e62c95cde3dd57a3c6220f67 Mon Sep 17 00:00:00 2001 From: Arshad Siddique <84400897+arshadsiddique@users.noreply.github.com> Date: Sun, 16 Jun 2024 12:56:57 +0530 Subject: [PATCH 2/9] Updated ci.yml --- .github/workflows/ci.yml | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f7958f5..095d5bb 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -25,18 +25,6 @@ jobs: helm lint helm-charts/redis helm lint helm-charts/rollouts-demo - validate-yaml: - runs-on: ubuntu-latest - steps: - - name: Checkout code - uses: actions/checkout@v3 - - - name: Install yamllint - run: sudo apt-get install -y yamllint - - - name: Validate YAML files - run: yamllint . - terraform-plan: runs-on: ubuntu-latest steps: From 7e2b08450d03612846390a395d11b222d38ec361 Mon Sep 17 00:00:00 2001 From: Arshad Siddique <84400897+arshadsiddique@users.noreply.github.com> Date: Sun, 16 Jun 2024 13:01:52 +0530 Subject: [PATCH 3/9] Update ci.yml --- .github/workflows/ci.yml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 095d5bb..50c5bf4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -44,3 +44,17 @@ jobs: - name: Terraform Plan run: terraform plan + + - name: Comment PR with Terraform Plan + if: github.event_name == 'pull_request' + uses: actions/github-script@v6 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + script: | + const planOutput = `### Terraform Plan\n\`\`\`\n${{ steps.plan.outputs.stdout }}\n\`\`\``; + github.rest.issues.createComment({ + issue_number: context.payload.pull_request.number, + owner: context.repo.owner, + repo: context.repo.repo, + body: planOutput + }); From 84d09722bcad972cd06932be477b3c7ead57494e Mon Sep 17 00:00:00 2001 From: Arshad Siddique <84400897+arshadsiddique@users.noreply.github.com> Date: Sun, 16 Jun 2024 13:07:02 +0530 Subject: [PATCH 4/9] Update ci.yml --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 50c5bf4..4e6046e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -49,7 +49,7 @@ jobs: if: github.event_name == 'pull_request' uses: actions/github-script@v6 with: - github-token: ${{ secrets.GITHUB_TOKEN }} + github-token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} script: | const planOutput = `### Terraform Plan\n\`\`\`\n${{ steps.plan.outputs.stdout }}\n\`\`\``; github.rest.issues.createComment({ From f86818108b6774100b5921c5a41d71bfa7f16857 Mon Sep 17 00:00:00 2001 From: Arshad Siddique <84400897+arshadsiddique@users.noreply.github.com> Date: Sun, 16 Jun 2024 13:15:17 +0530 Subject: [PATCH 5/9] Update ci.yml --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4e6046e..2cdbd74 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -44,14 +44,14 @@ jobs: - name: Terraform Plan run: terraform plan - + - name: Comment PR with Terraform Plan if: github.event_name == 'pull_request' uses: actions/github-script@v6 with: github-token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} script: | - const planOutput = `### Terraform Plan\n\`\`\`\n${{ steps.plan.outputs.stdout }}\n\`\`\``; + const planOutput = `### Terraform Plan\n\`\`\`\n${{ steps.show.outputs.stdout }}\n\`\`\``; github.rest.issues.createComment({ issue_number: context.payload.pull_request.number, owner: context.repo.owner, From 536ae15383b4650a031c6b3d5fff0524ac5235bf Mon Sep 17 00:00:00 2001 From: Arshad Siddique <84400897+arshadsiddique@users.noreply.github.com> Date: Sun, 16 Jun 2024 13:19:12 +0530 Subject: [PATCH 6/9] Update ci.yml --- .github/workflows/ci.yml | 26 ++++++++++++++++++++++---- 1 file changed, 22 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2cdbd74..b2a73da 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -43,7 +43,23 @@ jobs: run: terraform validate - name: Terraform Plan - run: terraform plan + id: plan + run: terraform plan -no-color -out=tfplan + continue-on-error: true + + - name: Show Terraform Plan + id: show + run: terraform show -json tfplan > tfplan.json + + - name: Format Terraform Plan Output + id: format + run: | + echo "### Terraform Plan" > plan.md + echo '```' >> plan.md + cat tfplan.json | jq -r '.resource_changes[] | select(.change.actions | contains(["create","update","delete"])) | [.type, .name, .change.actions[]] | @tsv' >> plan.md + echo '```' >> plan.md + env: + PR_NUMBER: ${{ github.event.pull_request.number }} - name: Comment PR with Terraform Plan if: github.event_name == 'pull_request' @@ -51,10 +67,12 @@ jobs: with: github-token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} script: | - const planOutput = `### Terraform Plan\n\`\`\`\n${{ steps.show.outputs.stdout }}\n\`\`\``; + const fs = require('fs'); + const plan = fs.readFileSync('plan.md', 'utf8'); github.rest.issues.createComment({ - issue_number: context.payload.pull_request.number, + issue_number: context.issue.number, owner: context.repo.owner, repo: context.repo.repo, - body: planOutput + body: plan }); + From c640d863d6e4337c7afe175538d1077677ec8fc2 Mon Sep 17 00:00:00 2001 From: Arshad Siddique <84400897+arshadsiddique@users.noreply.github.com> Date: Sun, 16 Jun 2024 13:21:49 +0530 Subject: [PATCH 7/9] Update ci.yml --- .github/workflows/ci.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b2a73da..5ec2a56 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -51,6 +51,11 @@ jobs: id: show run: terraform show -json tfplan > tfplan.json + - name: Debug JSON Output + run: | + echo "Content of tfplan.json:" + cat tfplan.json + - name: Format Terraform Plan Output id: format run: | @@ -58,8 +63,6 @@ jobs: echo '```' >> plan.md cat tfplan.json | jq -r '.resource_changes[] | select(.change.actions | contains(["create","update","delete"])) | [.type, .name, .change.actions[]] | @tsv' >> plan.md echo '```' >> plan.md - env: - PR_NUMBER: ${{ github.event.pull_request.number }} - name: Comment PR with Terraform Plan if: github.event_name == 'pull_request' @@ -75,4 +78,3 @@ jobs: repo: context.repo.repo, body: plan }); - From 7f4532144bcbabd5ea483e1036efe2d277538a15 Mon Sep 17 00:00:00 2001 From: Arshad Siddique <84400897+arshadsiddique@users.noreply.github.com> Date: Sun, 16 Jun 2024 13:23:34 +0530 Subject: [PATCH 8/9] Update ci.yml --- .github/workflows/ci.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 5ec2a56..70dbfc4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -49,7 +49,9 @@ jobs: - name: Show Terraform Plan id: show - run: terraform show -json tfplan > tfplan.json + run: | + terraform show -json tfplan > tfplan.json + cat tfplan.json - name: Debug JSON Output run: | @@ -63,12 +65,14 @@ jobs: echo '```' >> plan.md cat tfplan.json | jq -r '.resource_changes[] | select(.change.actions | contains(["create","update","delete"])) | [.type, .name, .change.actions[]] | @tsv' >> plan.md echo '```' >> plan.md + env: + PR_NUMBER: ${{ github.event.pull_request.number }} - name: Comment PR with Terraform Plan if: github.event_name == 'pull_request' uses: actions/github-script@v6 with: - github-token: ${{ secrets.PERSONAL_ACCESS_TOKEN }} + github-token: ${{ secrets.GITHUB_TOKEN }} script: | const fs = require('fs'); const plan = fs.readFileSync('plan.md', 'utf8'); From c0e6bac7607c2ab9f7ff2f7ec4302d4c6b0c790b Mon Sep 17 00:00:00 2001 From: Arshad Siddique <84400897+arshadsiddique@users.noreply.github.com> Date: Sun, 16 Jun 2024 13:25:12 +0530 Subject: [PATCH 9/9] Update ci.yml --- .github/workflows/ci.yml | 39 +-------------------------------------- 1 file changed, 1 insertion(+), 38 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 70dbfc4..93916f4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -44,41 +44,4 @@ jobs: - name: Terraform Plan id: plan - run: terraform plan -no-color -out=tfplan - continue-on-error: true - - - name: Show Terraform Plan - id: show - run: | - terraform show -json tfplan > tfplan.json - cat tfplan.json - - - name: Debug JSON Output - run: | - echo "Content of tfplan.json:" - cat tfplan.json - - - name: Format Terraform Plan Output - id: format - run: | - echo "### Terraform Plan" > plan.md - echo '```' >> plan.md - cat tfplan.json | jq -r '.resource_changes[] | select(.change.actions | contains(["create","update","delete"])) | [.type, .name, .change.actions[]] | @tsv' >> plan.md - echo '```' >> plan.md - env: - PR_NUMBER: ${{ github.event.pull_request.number }} - - - name: Comment PR with Terraform Plan - if: github.event_name == 'pull_request' - uses: actions/github-script@v6 - with: - github-token: ${{ secrets.GITHUB_TOKEN }} - script: | - const fs = require('fs'); - const plan = fs.readFileSync('plan.md', 'utf8'); - github.rest.issues.createComment({ - issue_number: context.issue.number, - owner: context.repo.owner, - repo: context.repo.repo, - body: plan - }); + run: terraform plan