From f92fbeabf79b02602a29484d6a1275afb5ce5cc5 Mon Sep 17 00:00:00 2001 From: mrekucci Date: Mon, 24 Jun 2024 19:01:43 +0200 Subject: [PATCH] feat: upload built artifacts to the target machine --- infrastructure/nomad/playbooks/deploy.yml | 64 +++++++++++++++---- infrastructure/nomad/playbooks/init.yml | 9 +++ .../{version.nomad.j2 => artifacts.nomad.j2} | 51 ++++++++++++++- .../templates/services/mev-commit.xyz.hcl.j2 | 1 + .../playbooks/templates/services/nomad.hcl.j2 | 16 +++-- .../playbooks/templates/services/vault.hcl.j2 | 1 + .../nomad/playbooks/variables/profiles.yml | 12 ++-- 7 files changed, 127 insertions(+), 27 deletions(-) rename infrastructure/nomad/playbooks/templates/jobs/{version.nomad.j2 => artifacts.nomad.j2} (51%) diff --git a/infrastructure/nomad/playbooks/deploy.yml b/infrastructure/nomad/playbooks/deploy.yml index 3fbc0981a..c64d5d111 100644 --- a/infrastructure/nomad/playbooks/deploy.yml +++ b/infrastructure/nomad/playbooks/deploy.yml @@ -135,12 +135,18 @@ else profiles[profile].jobs }} - - name: Ensure "{{ ansible_env.HOME }}/{{ env }}" Directory Exists - ansible.builtin.file: + - name: Determine "{{ ansible_env.HOME }}/{{ env }}" Status + ansible.builtin.stat: path: "{{ ansible_env.HOME }}/{{ env }}" - state: directory - mode: "0744" - recurse: yes + register: env_dir + + - name: Check "{{ ansible_env.HOME }}/{{ env }}" Directory Exists + assert: + that: + - env_dir.stat.isdir is defined + - env_dir.stat.isdir + fail_msg: "The directory {{ ansible_env.HOME }}/{{ env }} does not exist." + success_msg: "The directory {{ ansible_env.HOME }}/{{ env }} exists." - name: Read Existing "meta.json" ansible.builtin.shell: | @@ -462,13 +468,12 @@ run_once: true when: build_artifacts - - name: Upload Artifacts Async + - name: Upload Artifacts Async to AWS S3 amazon.aws.aws_s3: bucket: "{{ aws_s3_bucket }}" object: "{{ item.path | basename }}" src: "{{ item.path }}" mode: put - tags: "{{ {'AutoDelete': 'true'} if env == 'devenv' else {} }}" loop: "{{ upload_artifacts.files }}" loop_control: label: "{{ item.path | basename }}" @@ -477,7 +482,7 @@ delegate_to: localhost run_once: true register: upload_artifacts_async - when: build_artifacts and (upload_artifacts.files | default([])) | length > 0 + when: build_artifacts and upload_artifacts.matched > 0 and env != 'devenv' - name: Wait for Upload Artifacts Async to Complete ansible.builtin.async_status: @@ -491,7 +496,23 @@ label: "{{ item.item.path | basename }}" delegate_to: localhost run_once: true - when: build_artifacts and (upload_artifacts.files | default([])) | length > 0 + when: build_artifacts and upload_artifacts.matched > 0 and env != 'devenv' + + - name: Ensure Target Directory Exists and is Empty + ansible.builtin.shell: | + rm -rf {{ ansible_env.HOME }}/{{ env }}/artifacts/ && mkdir {{ ansible_env.HOME }}/{{ env }}/artifacts/ + args: + executable: bash + when: build_artifacts and upload_artifacts.matched > 0 and env == 'devenv' + + - name: Copy Artifacts to Target Machine + ansible.builtin.copy: + src: "{{ item.path }}" + dest: "{{ ansible_env.HOME }}/{{ env }}/artifacts/{{ item.path | basename }}" + loop: "{{ upload_artifacts.files }}" + loop_control: + label: "{{ item.path | basename }}" + when: build_artifacts and upload_artifacts.matched > 0 and env == 'devenv' - name: Push Generated Secrets to Vault ansible.builtin.uri: @@ -508,13 +529,13 @@ delegate_to: localhost no_log: true - - name: Cleanup Artifacts + - name: Cleanup Built Artifacts ansible.builtin.file: path: "{{ dist_dir }}" state: absent delegate_to: localhost run_once: true - when: build_artifacts and (upload_artifacts.files | default([])) | length > 0 + when: build_artifacts and upload_artifacts.matched > 0 - name: Delete "meta.json" file: @@ -550,16 +571,21 @@ ansible.builtin.shell: | RESULT="$(nomad run {{ ansible_env.HOME }}/{{ env }}/{{ job.name }}.nomad 2>&1)" if [ $? -ne 0 ]; then - echo "Failed to deploy {{ job.name }}: ${RESULT}" + echo "Failed to deploy {{ job.name }}: ${RESULT}." exit 1 fi TIMEOUT=300 START_TIME=$(date +%s) - JOB_TYPE=$(nomad job status -json "{{ job.name }}" | jq -r '.[0].Allocations[0].JobType') + RESULT=$(nomad job status -json "{{ job.name }}") + if [ $? -ne 0 ]; then + echo "Failed to get job status for {{ job.name }}: ${RESULT}." + exit 1 + fi + JOB_TYPE=$(echo "${RESULT}" | jq -r '.[0].Allocations[0].JobType') while true; do - STATUS=$(nomad job status -json "{{ job.name }}" | jq -r '.[0].Allocations[0].ClientStatus') + STATUS=$(echo "${RESULT}" | jq -r '.[0].Allocations[0].ClientStatus') case "${JOB_TYPE}" in service) @@ -573,7 +599,12 @@ fi ;; *) + {% if env != 'devenv' %} break + {% else %} + echo "Unknown job type: ${JOB_TYPE}" + exit 1 + {% endif %} ;; esac @@ -585,6 +616,11 @@ fi sleep 1 + RESULT=$(nomad job status -json "{{ job.name }}") + if [ $? -ne 0 ]; then + echo "Failed to get job status for {{ job.name }}: ${RESULT}." + exit 1 + fi done args: executable: bash diff --git a/infrastructure/nomad/playbooks/init.yml b/infrastructure/nomad/playbooks/init.yml index e0a87883b..6277b7150 100644 --- a/infrastructure/nomad/playbooks/init.yml +++ b/infrastructure/nomad/playbooks/init.yml @@ -113,6 +113,15 @@ fail_msg: "The profile name is not set correctly." success_msg: "The profile name is set to: {{ profile }}." + - name: Ensure "{{ env }}" Directory Exists + ansible.builtin.file: + path: "~{{ hostvars[inventory_hostname].ansible_user }}/{{ env }}" + state: directory + mode: "0744" + recurse: yes + become: true + become_user: "{{ hostvars[inventory_hostname].ansible_user }}" + tasks: - name: Add DataDog Repository Key ansible.builtin.apt_key: diff --git a/infrastructure/nomad/playbooks/templates/jobs/version.nomad.j2 b/infrastructure/nomad/playbooks/templates/jobs/artifacts.nomad.j2 similarity index 51% rename from infrastructure/nomad/playbooks/templates/jobs/version.nomad.j2 rename to infrastructure/nomad/playbooks/templates/jobs/artifacts.nomad.j2 index df35695e1..98fe992ea 100644 --- a/infrastructure/nomad/playbooks/templates/jobs/version.nomad.j2 +++ b/infrastructure/nomad/playbooks/templates/jobs/artifacts.nomad.j2 @@ -1,8 +1,8 @@ #jinja2: trim_blocks:True, lstrip_blocks:True - -# This job exists only to provide deployment information to the Nomad UI. -job "{{ environments[env].version }}" { +job "{% if env != 'devenv' %}{{ environments[env].version }}{% else %}artifacts-{{ environments[env].version }}{% endif %}" { datacenters = ["{{ datacenter }}"] + + {% if env != 'devenv' %} type = "batch" priority = 1 @@ -11,6 +11,7 @@ job "{{ environments[env].version }}" { periodic { cron = "0 0 1 1 6" } + {% endif %} meta { CHAIN_ID = "{{ environments[env].chain_id }}" @@ -22,7 +23,10 @@ job "{{ environments[env].version }}" { TIMESTAMP = "{{ now(utc=true, fmt='%a %Y-%m-%d %H:%M:%S UTC') }}" } + {% if env != 'devenv' %} group "info" { + count = 1 + task "dummy" { driver = "exec" @@ -37,4 +41,45 @@ job "{{ environments[env].version }}" { } } } + {% else %} + group "artifacts-group" { + count = 1 + + network { + mode = "bridge" + + port "http" { + static = 1111 + } + } + + volume "artifacts-volume" { + type = "host" + source = "artifacts-volume" + read_only = true + } + + task "artifacts" { + driver = "exec" + + service { + name = "artifacts" + port = "http" + tags = ["http"] + provider = "nomad" + } + + volume_mount { + volume = "artifacts-volume" + destination = "/local/artifacts" + read_only = true + } + + config { + command = "python3" + args = ["-m", "http.server", "1111", "--directory", "/local/artifacts"] + } + } + } + {% endif %} } diff --git a/infrastructure/nomad/playbooks/templates/services/mev-commit.xyz.hcl.j2 b/infrastructure/nomad/playbooks/templates/services/mev-commit.xyz.hcl.j2 index ce9afb905..9a46761a9 100644 --- a/infrastructure/nomad/playbooks/templates/services/mev-commit.xyz.hcl.j2 +++ b/infrastructure/nomad/playbooks/templates/services/mev-commit.xyz.hcl.j2 @@ -1,3 +1,4 @@ +#jinja2: trim_blocks:True, lstrip_blocks:True server { listen 443 ssl http2; diff --git a/infrastructure/nomad/playbooks/templates/services/nomad.hcl.j2 b/infrastructure/nomad/playbooks/templates/services/nomad.hcl.j2 index adfc3cb08..b39d408ff 100644 --- a/infrastructure/nomad/playbooks/templates/services/nomad.hcl.j2 +++ b/infrastructure/nomad/playbooks/templates/services/nomad.hcl.j2 @@ -1,15 +1,16 @@ +#jinja2: trim_blocks:True, lstrip_blocks:True data_dir = "/opt/nomad/data" bind_addr = "0.0.0.0" -{% if nomad_servers_defined -%} +{% if nomad_servers_defined %} server { - enabled = true + enabled = true bootstrap_expect = 1 - raft_protocol = 3 + raft_protocol = 3 } {% endif %} -{% if nomad_clients_defined -%} +{% if nomad_clients_defined %} client { enabled = true servers = ["{{ nomad_server_ip }}:4647"] @@ -24,6 +25,11 @@ client { "/usr" = "/usr" "/opt" = "/opt" } + {% if env == "devenv" %} + host_volume "artifacts-volume" { + path = "/home/{{ hostvars[inventory_hostname].ansible_user }}/{{ env }}/artifacts" + } + {% endif %} } {% endif %} @@ -37,7 +43,7 @@ log_level = "DEBUG" enable_syslog = true syslog_facility = "LOCAL0" -{% if nomad_servers_defined -%} +{% if nomad_servers_defined %} advertise { http = "{{ ansible_host }}:4646" rpc = "{{ ansible_host }}:4647" diff --git a/infrastructure/nomad/playbooks/templates/services/vault.hcl.j2 b/infrastructure/nomad/playbooks/templates/services/vault.hcl.j2 index 234bfe20e..a7ce994d1 100644 --- a/infrastructure/nomad/playbooks/templates/services/vault.hcl.j2 +++ b/infrastructure/nomad/playbooks/templates/services/vault.hcl.j2 @@ -1,3 +1,4 @@ +#jinja2: trim_blocks:True, lstrip_blocks:True ui = true api_addr = "{{ vault_address }}" diff --git a/infrastructure/nomad/playbooks/variables/profiles.yml b/infrastructure/nomad/playbooks/variables/profiles.yml index 744a1447e..a0085605f 100644 --- a/infrastructure/nomad/playbooks/variables/profiles.yml +++ b/infrastructure/nomad/playbooks/variables/profiles.yml @@ -26,9 +26,9 @@ artifacts: path: p2p jobs: - version: &version_job - name: version - template: version.nomad.j2 + artifacts: &artifacts_job + name: artifacts + template: artifacts.nomad.j2 datadog_agent_logs_collector: &datadog_agent_logs_collector_job name: datadog-agent-logs-collector @@ -504,6 +504,7 @@ jobs: profiles: ci: jobs: + - *artifacts_job - *mev_commit_geth_bootnode1_job - *mev_commit_geth_signer_node1_job - *mev_commit_geth_member_node_job @@ -520,7 +521,7 @@ profiles: devnet: jobs: - - *version_job + - *artifacts_job - *datadog_agent_logs_collector_job - *mev_commit_geth_bootnode1_job - *mev_commit_geth_signer_node1_job @@ -539,6 +540,7 @@ profiles: testnet: jobs: + - *artifacts_job - *datadog_agent_logs_collector_job - *mev_commit_geth_bootnode1_job - *mev_commit_geth_signer_node1_job @@ -554,7 +556,7 @@ profiles: stressnet: jobs: - - *version_job + - *artifacts_job - *datadog_agent_logs_collector_job - *mev_commit_geth_bootnode1_job - *mev_commit_geth_signer_node1_job