ci: workflow updates for infrastructure-as-code and

kubelet-metrics-reexporter
kloudlite · Oct 9, 2024 · ec4178e · ec4178e
1 parent f4d0fcb
commit ec4178e
Show file tree

Hide file tree

Showing 6 changed files with 244 additions and 173 deletions.
diff --git a/.github/workflows/iac.yml b/.github/workflows/iac.yml
diff --git a/.github/workflows/infrastructure-as-code.yml b/.github/workflows/infrastructure-as-code.yml
@@ -0,0 +1,140 @@
+name: infrastructure-as-code
+
+on:
+  workflow_call:
+    inputs:
+      working_directory: 
+        description: "cd into this directory"
+        required: true
+        type: string
+
+      image_name_prefix:
+        description: "image name prefix to use for container images"
+        required: true
+        type: string
+
+    secrets:
+      # GITHUB_TOKEN:
+      #   required: true
+      CACHIX_AUTH_TOKEN:
+        required: true
+      CACHIX_CACHE_NAME:
+        required: true
+
+permissions:
+  contents: read
+  packages: write
+
+jobs:
+  build-images:
+    strategy:
+      fail-fast: true
+      matrix:
+        name:
+          - iac-job
+          - aws-spot-node-terminator
+          - gcp-spot-node-terminator
+
+    runs-on: ubuntu-latest
+    name: build container images 
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          submodules: recursive
+          fetch-depth: 0
+
+      - name: setup env (on workflow_call)
+        shell: bash
+        run: |+
+          echo "WORKING_DIR=${{ inputs.working_directory }}" | tee -a $GITHUB_ENV | tee -a $GITHUB_OUTPUT
+          echo "IMAGE_NAME_PREFIX=${{ inputs.image_name_prefix }}" | tee -a $GITHUB_ENV | tee -a $GITHUB_OUTPUT
+
+      - name: setup nix (with cachix)
+        uses: kloudlite/actions/setup-nix-cachix@v1
+        with:
+          flake_lock: ${{ env.WORKING_DIR }}/flake.lock
+          nix_develop_arguments: ${{ env.WORKING_DIR }}/#default
+
+          cachix_cache_name: ${{ secrets.CACHIX_CACHE_NAME }}
+          cachix_auth_token: ${{ secrets.CACHIX_AUTH_TOKEN }}
+
+      - name: setup docker
+        uses: kloudlite/actions/setup-docker@v1
+        with:
+          docker_registry: "ghcr.io"
+          docker_username: ${{ github.actor }}
+          docker_password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: generate image tag
+        uses: kloudlite/actions/generate-image-tag@v1
+
+      - name: builds iac job image
+        if: ${{ matrix.name == 'iac-job' }}
+        working-directory: ${{ env.WORKING_DIR }}
+        shell: bash
+        run: |
+          task local:build:iac-job Image="$IMAGE_NAME_PREFIX/iac-job:${IMAGE_TAG}"
+
+      - name: builds gcp-spot-node-terminator
+        if: ${{ matrix.name == 'gcp-spot-node-terminator' }}
+        working-directory: ${{ env.WORKING_DIR }}/cmd/gcp-spot-node-terminator
+        shell: bash
+        run: |
+          task container:build-and-push image="$IMAGE_NAME_PREFIX/cmd/gcp-spot-node-terminator:$IMAGE_TAG" push=true dockerArgs=""
+
+      - name: builds aws spot node terminator
+        if: ${{ matrix.name == 'aws-spot-node-terminator'}}
+        working-directory: ${{env.WORKING_DIR}}/cmd/aws-spot-node-terminator
+        shell: bash
+        run: |
+          task container:build-and-push image="$IMAGE_NAME_PREFIX/cmd/aws-spot-node-terminator:$IMAGE_TAG" push=true dockerArgs=""
+
+  build-k3s-runner-and-binary:
+    runs-on: ubuntu-latest
+    env:
+      k3s_version: "v1.30.5+k3s1"
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          submodules: recursive
+          fetch-depth: 0
+
+      - name: setup env (on workflow_call)
+        shell: bash
+        run: |+
+          echo "WORKING_DIR=${{ inputs.working_directory }}" | tee -a $GITHUB_ENV | tee -a $GITHUB_OUTPUT
+          echo "IMAGE_NAME_PREFIX=${{ inputs.image_name_prefix }}" | tee -a $GITHUB_ENV | tee -a $GITHUB_OUTPUT
+
+      - name: setup nix (with cachix)
+        uses: kloudlite/actions/setup-nix-cachix@v1
+        with:
+          flake_lock: ${{ env.WORKING_DIR }}/flake.lock
+          nix_develop_arguments: ${{ env.WORKING_DIR }}/#default
+
+          cachix_cache_name: ${{ secrets.CACHIX_CACHE_NAME }}
+          cachix_auth_token: ${{ secrets.CACHIX_AUTH_TOKEN }}
+
+      - name: build k3s runner
+        shell: bash
+        working-directory: ${{env.WORKING_DIR}}/cmd/k3s-runner
+        run: |+
+          GOARCH=amd64 task build
+          GOARCH=arm64 task build
+
+      - name: download supported k3s binary
+        shell: bash
+        working-directory: ${{ env.WORKING_DIR }}/cmd/k3s-runner
+        run: |+
+          echo "$PWD"
+          mkdir -p ./bin
+          curl -L0 "https://github.com/k3s-io/k3s/releases/download/$k3s_version/k3s" > ./bin/k3s-amd64
+          cp ./bin/k3s-amd64 ./bin/k3s
+          curl -L0 "https://github.com/k3s-io/k3s/releases/download/$k3s_version/k3s-arm64" > ./bin/k3s-arm64
+
+      - name: Upload Artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: k3s
+          path: ${{ env.WORKING_DIR }}/cmd/k3s-runner/bin/*
diff --git a/.github/workflows/kubelet-metrics-reexporter.yml b/.github/workflows/kubelet-metrics-reexporter.yml
@@ -1,4 +1,35 @@
-name: build kubelet metrics reexporter
+# name: build kubelet metrics reexporter
+#
+# on:
+#   workflow_call:
+#
+# permissions:
+#   contents: read
+#   packages: write
+#
+# jobs:
+#   release:
+#     runs-on: ubuntu-latest
+#
+#     permissions:
+#       contents: read
+#       packages: write
+#
+#     steps:
+#       - name: Checkout
+#         uses: actions/checkout@v4
+#         with:
+#           submodules: recursive
+#           fetch-depth: 0
+#
+#       - name: build-and-push
+#         uses: ./kubelet-metrics-reexporter/.github/actions/build-with-nix
+#         with:
+#           github_token: ${{ secrets.GITHUB_TOKEN }}
+#           cachix_auth_token: ${{ secrets.CACHIX_AUTH_TOKEN }}
+#           git_directory: "./kubelet-metrics-reexporter"
+
+name: kubelet metrics reexporter
 
 on:
   workflow_call:
@@ -10,6 +41,8 @@ permissions:
 jobs:
   release:
     runs-on: ubuntu-latest
+    env:
+      SUBMODULE: kubelet-metrics-reexporter
 
     permissions:
       contents: read
@@ -22,9 +55,45 @@ jobs:
           submodules: recursive
           fetch-depth: 0
 
-      - name: build-and-push
-        uses: ./kubelet-metrics-reexporter/.github/actions/build-with-nix
+      - name: setup-docker
+        uses: kloudlite/actions/setup-docker@v1
+        with:
+          docker_registry: "ghcr.io"
+          docker_username: ${{ github.actor }}
+          docker_password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: setup-go-cache
+        uses: kloudlite/actions/setup-cache-go@v1
         with:
-          github_token: ${{ secrets.GITHUB_TOKEN }}
-          cachix_auth_token: ${{ secrets.CACHIX_AUTH_TOKEN }}
-          git_directory: "./kubelet-metrics-reexporter"
+          cache_key: "kubelet-metrics-reexporter"
+
+      - name: use nix flakes
+        uses: kloudlite/actions/setup-nix-cachix@v1
+        with:
+          flake_lock: ${{ env.SUBMODULE }}/flake.lock
+          nix_develop_arguments: "${{ env.SUBMODULE }}/#default"
+
+          cachix_cache_name: ${{ secrets.CACHIX_CACHE_NAME }}
+          cachix_auth_token: ${{ secrets.CACHIX_AUTH_TOKEN}}
+
+      - name: generate image tag
+        uses: kloudlite/actions/generate-image-tag@v1
+
+      - name: Build And Push Image
+        working-directory: ${{ env.SUBMODULE }}
+        if: ${{ env.IMAGE_TAG != '' }}
+        shell: bash
+        run: |+
+          set +e
+          image_name="ghcr.io/${{ github.repository }}/${{ env.SUBMODULE }}"
+
+          docker manifest inspect $image_name:$IMAGE_TAG
+          exit_status=$?
+          if [ $exit_status -eq 0 ]; then
+            [ "$OVERRIDE_PUSHED_IMAGE" = "false" ] && echo "image ($image_name:$IMAGE_TAG) already exists, and override image is disable, exiting" && exit 0
+            echo "image exists, but override pushed image is set to true. proceeding with building image"
+          fi
+          set -e
+
+          task container:build-and-push image="$image_name:$IMAGE_TAG"
+