name: Neon Deploy prod on: workflow_dispatch: inputs: dockerTag: description: 'Docker tag to deploy' required: true type: string branch: description: 'Branch or commit used for deploy scripts and configs' required: true type: string default: 'release' deployStorage: description: 'Deploy storage' required: true type: boolean default: true deployProxy: description: 'Deploy proxy' required: true type: boolean default: true deployStorageBroker: description: 'Deploy storage-broker' required: true type: boolean default: true disclamerAcknowledged: description: 'I confirm that there is an emergency and I can not use regular release workflow' required: true type: boolean default: false concurrency: group: deploy-prod cancel-in-progress: false jobs: deploy-prod-new: runs-on: prod container: image: 093970136003.dkr.ecr.eu-central-1.amazonaws.com/ansible:latest options: --user root --privileged if: inputs.deployStorage && inputs.disclamerAcknowledged defaults: run: shell: bash strategy: matrix: target_region: [ us-east-2, us-west-2, eu-central-1, ap-southeast-1 ] environment: name: prod-${{ matrix.target_region }} steps: - name: Checkout uses: actions/checkout@v3 with: submodules: true fetch-depth: 0 ref: ${{ inputs.branch }} - name: Redeploy run: | export DOCKER_TAG=${{ inputs.dockerTag }} cd "$(pwd)/.github/ansible" ./get_binaries.sh ansible-galaxy collection install sivel.toiletwater ansible-playbook -v deploy.yaml -i prod.${{ matrix.target_region }}.hosts.yaml -e @ssm_config -e CONSOLE_API_TOKEN=${{ secrets.NEON_PRODUCTION_API_KEY }} -e SENTRY_URL_PAGESERVER=${{ secrets.SENTRY_URL_PAGESERVER }} -e SENTRY_URL_SAFEKEEPER=${{ secrets.SENTRY_URL_SAFEKEEPER }} rm -f neon_install.tar.gz .neon_current_version deploy-proxy-prod-new: runs-on: prod container: 093970136003.dkr.ecr.eu-central-1.amazonaws.com/ansible:latest if: inputs.deployProxy && inputs.disclamerAcknowledged defaults: run: shell: bash strategy: matrix: include: - target_region: us-east-2 target_cluster: prod-us-east-2-delta deploy_link_proxy: true deploy_legacy_scram_proxy: false - target_region: us-west-2 target_cluster: prod-us-west-2-eta deploy_link_proxy: false deploy_legacy_scram_proxy: true - target_region: eu-central-1 target_cluster: prod-eu-central-1-gamma deploy_link_proxy: false deploy_legacy_scram_proxy: false - target_region: ap-southeast-1 target_cluster: prod-ap-southeast-1-epsilon deploy_link_proxy: false deploy_legacy_scram_proxy: false environment: name: prod-${{ matrix.target_region }} steps: - name: Checkout uses: actions/checkout@v3 with: submodules: true fetch-depth: 0 ref: ${{ inputs.branch }} - name: Configure environment run: | helm repo add neondatabase https://neondatabase.github.io/helm-charts aws --region ${{ matrix.target_region }} eks update-kubeconfig --name ${{ matrix.target_cluster }} - name: Re-deploy scram proxy run: | DOCKER_TAG=${{ inputs.dockerTag }} helm upgrade neon-proxy-scram neondatabase/neon-proxy --namespace neon-proxy --create-namespace --install --atomic -f .github/helm-values/${{ matrix.target_cluster }}.neon-proxy-scram.yaml --set image.tag=${DOCKER_TAG} --set settings.sentryUrl=${{ secrets.SENTRY_URL_PROXY }} --wait --timeout 15m0s - name: Re-deploy link proxy if: matrix.deploy_link_proxy run: | DOCKER_TAG=${{ inputs.dockerTag }} helm upgrade neon-proxy-link neondatabase/neon-proxy --namespace neon-proxy --create-namespace --install --atomic -f .github/helm-values/${{ matrix.target_cluster }}.neon-proxy-link.yaml --set image.tag=${DOCKER_TAG} --set settings.sentryUrl=${{ secrets.SENTRY_URL_PROXY }} --wait --timeout 15m0s - name: Re-deploy legacy scram proxy if: matrix.deploy_legacy_scram_proxy run: | DOCKER_TAG=${{ inputs.dockerTag }} helm upgrade neon-proxy-scram-legacy neondatabase/neon-proxy --namespace neon-proxy --create-namespace --install --atomic -f .github/helm-values/${{ matrix.target_cluster }}.neon-proxy-scram-legacy.yaml --set image.tag=${DOCKER_TAG} --set settings.sentryUrl=${{ secrets.SENTRY_URL_PROXY }} --wait --timeout 15m0s deploy-storage-broker-prod-new: runs-on: prod container: 093970136003.dkr.ecr.eu-central-1.amazonaws.com/ansible:latest if: inputs.deployStorageBroker && inputs.disclamerAcknowledged defaults: run: shell: bash strategy: matrix: include: - target_region: us-east-2 target_cluster: prod-us-east-2-delta - target_region: us-west-2 target_cluster: prod-us-west-2-eta - target_region: eu-central-1 target_cluster: prod-eu-central-1-gamma - target_region: ap-southeast-1 target_cluster: prod-ap-southeast-1-epsilon environment: name: prod-${{ matrix.target_region }} steps: - name: Checkout uses: actions/checkout@v3 with: submodules: true fetch-depth: 0 ref: ${{ inputs.branch }} - name: Configure environment run: | helm repo add neondatabase https://neondatabase.github.io/helm-charts aws --region ${{ matrix.target_region }} eks update-kubeconfig --name ${{ matrix.target_cluster }} - name: Deploy storage-broker run: helm upgrade neon-storage-broker-lb neondatabase/neon-storage-broker --namespace neon-storage-broker-lb --create-namespace --install --atomic -f .github/helm-values/${{ matrix.target_cluster }}.neon-storage-broker.yaml --set image.tag=${{ inputs.dockerTag }} --set settings.sentryUrl=${{ secrets.SENTRY_URL_BROKER }} --wait --timeout 5m0s