2023-03-01 17:46:40 +01:00
|
|
|
name: Create staging infra (REUSABLE)
|
|
|
|
|
2023-03-02 11:56:14 +01:00
|
|
|
on:
|
2023-03-01 17:46:40 +01:00
|
|
|
workflow_call:
|
|
|
|
inputs:
|
|
|
|
TYPE:
|
|
|
|
required: true
|
|
|
|
type: string
|
|
|
|
secrets:
|
|
|
|
CICD_SECRETS:
|
|
|
|
required: true
|
|
|
|
|
|
|
|
jobs:
|
|
|
|
create:
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
|
|
# Prepare
|
|
|
|
- name: Generate SSH keypair
|
|
|
|
run: ssh-keygen -b 2048 -t rsa -f ~/.ssh/id_rsa -q -N "" && ssh-keygen -f ~/.ssh/id_rsa -y > ~/.ssh/id_rsa.pub && echo -e "Host *\n StrictHostKeyChecking no" > ~/.ssh/ssh_config
|
|
|
|
if: inputs.TYPE != 'k8s'
|
|
|
|
- name: Checkout source code
|
|
|
|
uses: actions/checkout@v3
|
|
|
|
- name: Install terraform
|
|
|
|
uses: hashicorp/setup-terraform@v2
|
|
|
|
- name: Install kubectl
|
|
|
|
uses: azure/setup-kubectl@v3
|
|
|
|
if: inputs.TYPE == 'k8s'
|
|
|
|
- name: Set up Python 3.11
|
|
|
|
uses: actions/setup-python@v4
|
|
|
|
if: inputs.TYPE != 'k8s'
|
|
|
|
with:
|
2023-03-09 10:04:59 +01:00
|
|
|
python-version: "3.11"
|
|
|
|
cache: "pip"
|
2023-03-01 17:46:40 +01:00
|
|
|
- name: Install ansible
|
|
|
|
run: pip install ansible
|
|
|
|
if: inputs.TYPE != 'k8s'
|
|
|
|
- name: Install ansible libs
|
2023-08-21 18:15:09 +02:00
|
|
|
run: ansible-galaxy install --timeout 120 monolithprojects.github_actions_runner,1.18.1 && ansible-galaxy collection install --timeout 120 community.general
|
2023-03-01 17:46:40 +01:00
|
|
|
if: inputs.TYPE != 'k8s'
|
|
|
|
# Create infra
|
|
|
|
- run: ./tests/create.sh ${{ inputs.TYPE }}
|
|
|
|
env:
|
|
|
|
CICD_SECRETS: ${{ secrets.CICD_SECRETS }}
|
2023-08-25 17:51:32 +02:00
|
|
|
REG_USER: ${{ github.actor }}
|
|
|
|
REG_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- run: |
|
2023-08-30 15:19:02 +02:00
|
|
|
tar -cf terraform.tar /tmp/${{ inputs.TYPE }}
|
2023-08-25 17:51:32 +02:00
|
|
|
echo "$SECRET_KEY" > /tmp/.secret_key
|
2023-08-31 06:36:05 +02:00
|
|
|
openssl enc -in terraform.tar -aes-256-cbc -pbkdf2 -iter 100000 -md sha256 -pass file:/tmp/.secret_key -out terraform.tar.enc
|
2023-08-25 17:51:32 +02:00
|
|
|
rm -f /tmp/.secret_key
|
2023-03-01 17:46:40 +01:00
|
|
|
if: always()
|
2023-08-25 17:51:32 +02:00
|
|
|
env:
|
|
|
|
SECRET_KEY: ${{ secrets.SECRET_KEY }}
|
2023-03-01 17:46:40 +01:00
|
|
|
- uses: actions/upload-artifact@v3
|
|
|
|
if: always()
|
|
|
|
with:
|
|
|
|
name: tf-${{ inputs.TYPE }}
|
2023-08-25 17:51:32 +02:00
|
|
|
path: terraform.tar.enc
|