name: Neon Deploy dev on: workflow_dispatch: inputs: dockerTag: description: 'Docker tag to deploy' required: true type: string branch: description: 'Branch or commit used for deploy scripts and configs' required: true type: string default: 'main' deployStorage: description: 'Deploy storage' required: true type: boolean default: true deployProxy: description: 'Deploy proxy' required: true type: boolean default: true deployStorageBroker: description: 'Deploy storage-broker' required: true type: boolean default: true deployPgSniRouter: description: 'Deploy pg-sni-router' required: true type: boolean default: true env: AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_DEV }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_KEY_DEV }} concurrency: group: deploy-dev cancel-in-progress: false jobs: deploy-storage-new: runs-on: [ self-hosted, gen3, small ] container: image: 369495373322.dkr.ecr.eu-central-1.amazonaws.com/ansible:pinned options: --user root --privileged if: inputs.deployStorage defaults: run: shell: bash strategy: matrix: # TODO(sergey): Fix storage deploy in eu-central-1 target_region: [ eu-west-1, us-east-2] environment: name: dev-${{ matrix.target_region }} steps: - name: Checkout uses: actions/checkout@v3 with: submodules: true fetch-depth: 0 ref: ${{ inputs.branch }} - name: Redeploy run: | export DOCKER_TAG=${{ inputs.dockerTag }} cd "$(pwd)/.github/ansible" ./get_binaries.sh ansible-galaxy collection install sivel.toiletwater ansible-playbook -v deploy.yaml -i staging.${{ matrix.target_region }}.hosts.yaml -e @ssm_config -e CONSOLE_API_TOKEN=${{ secrets.NEON_STAGING_API_KEY }} -e SENTRY_URL_PAGESERVER=${{ secrets.SENTRY_URL_PAGESERVER }} -e SENTRY_URL_SAFEKEEPER=${{ secrets.SENTRY_URL_SAFEKEEPER }} rm -f neon_install.tar.gz .neon_current_version - name: Cleanup ansible folder run: rm -rf ~/.ansible deploy-proxy-new: runs-on: [ self-hosted, gen3, small ] container: 369495373322.dkr.ecr.eu-central-1.amazonaws.com/ansible:pinned if: inputs.deployProxy defaults: run: shell: bash strategy: matrix: include: - target_region: us-east-2 target_cluster: dev-us-east-2-beta deploy_link_proxy: true deploy_legacy_scram_proxy: true - target_region: eu-west-1 target_cluster: dev-eu-west-1-zeta deploy_link_proxy: false deploy_legacy_scram_proxy: false environment: name: dev-${{ matrix.target_region }} steps: - name: Checkout uses: actions/checkout@v3 with: submodules: true fetch-depth: 0 ref: ${{ inputs.branch }} - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v1-node16 with: role-to-assume: arn:aws:iam::369495373322:role/github-runner aws-region: eu-central-1 role-skip-session-tagging: true role-duration-seconds: 1800 - name: Configure environment run: | helm repo add neondatabase https://neondatabase.github.io/helm-charts aws --region ${{ matrix.target_region }} eks update-kubeconfig --name ${{ matrix.target_cluster }} - name: Re-deploy scram proxy run: | DOCKER_TAG=${{ inputs.dockerTag }} helm upgrade neon-proxy-scram neondatabase/neon-proxy --namespace neon-proxy --create-namespace --install --atomic -f .github/helm-values/${{ matrix.target_cluster }}.neon-proxy-scram.yaml --set image.tag=${DOCKER_TAG} --set settings.sentryUrl=${{ secrets.SENTRY_URL_PROXY }} --wait --timeout 15m0s - name: Re-deploy link proxy if: matrix.deploy_link_proxy run: | DOCKER_TAG=${{ inputs.dockerTag }} helm upgrade neon-proxy-link neondatabase/neon-proxy --namespace neon-proxy --create-namespace --install --atomic -f .github/helm-values/${{ matrix.target_cluster }}.neon-proxy-link.yaml --set image.tag=${DOCKER_TAG} --set settings.sentryUrl=${{ secrets.SENTRY_URL_PROXY }} --wait --timeout 15m0s - name: Re-deploy legacy scram proxy if: matrix.deploy_legacy_scram_proxy run: | DOCKER_TAG=${{ inputs.dockerTag }} helm upgrade neon-proxy-scram-legacy neondatabase/neon-proxy --namespace neon-proxy --create-namespace --install --atomic -f .github/helm-values/${{ matrix.target_cluster }}.neon-proxy-scram-legacy.yaml --set image.tag=${DOCKER_TAG} --set settings.sentryUrl=${{ secrets.SENTRY_URL_PROXY }} --wait --timeout 15m0s - name: Cleanup helm folder run: rm -rf ~/.cache deploy-preview-proxy-new: runs-on: [ self-hosted, gen3, small ] container: 369495373322.dkr.ecr.eu-central-1.amazonaws.com/ansible:pinned if: inputs.deployProxy defaults: run: shell: bash strategy: matrix: include: - target_region: eu-central-1 target_cluster: dev-eu-central-1-alpha environment: name: dev-${{ matrix.target_region }} steps: - name: Checkout uses: actions/checkout@v3 with: submodules: true fetch-depth: 0 ref: ${{ inputs.branch }} - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v1-node16 with: role-to-assume: arn:aws:iam::369495373322:role/github-runner aws-region: eu-central-1 role-skip-session-tagging: true role-duration-seconds: 1800 - name: Configure environment run: | helm repo add neondatabase https://neondatabase.github.io/helm-charts aws --region ${{ matrix.target_region }} eks update-kubeconfig --name ${{ matrix.target_cluster }} - name: Re-deploy preview proxies run: | DOCKER_TAG=${{ inputs.dockerTag }} for PREVIEW_NAME in helium argon krypton xenon radon oganesson hydrogen nitrogen oxygen fluorine chlorine; do export PREVIEW_NAME envsubst <.github/helm-values/preview-template.neon-proxy-scram.yaml >preview-${PREVIEW_NAME}.neon-proxy-scram.yaml helm upgrade neon-proxy-scram-${PREVIEW_NAME} neondatabase/neon-proxy --namespace neon-proxy-${PREVIEW_NAME} --create-namespace --install --atomic -f preview-${PREVIEW_NAME}.neon-proxy-scram.yaml --set image.tag=${DOCKER_TAG} --set settings.sentryUrl=${{ secrets.SENTRY_URL_PROXY }} --wait --timeout 15m0s done - name: Cleanup helm folder run: rm -rf ~/.cache deploy-storage-broker-new: runs-on: [ self-hosted, gen3, small ] container: 369495373322.dkr.ecr.eu-central-1.amazonaws.com/ansible:pinned if: inputs.deployStorageBroker defaults: run: shell: bash strategy: matrix: include: - target_region: us-east-2 target_cluster: dev-us-east-2-beta - target_region: eu-west-1 target_cluster: dev-eu-west-1-zeta - target_region: eu-central-1 target_cluster: dev-eu-central-1-alpha environment: name: dev-${{ matrix.target_region }} steps: - name: Checkout uses: actions/checkout@v3 with: submodules: true fetch-depth: 0 ref: ${{ inputs.branch }} - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v1-node16 with: role-to-assume: arn:aws:iam::369495373322:role/github-runner aws-region: eu-central-1 role-skip-session-tagging: true role-duration-seconds: 1800 - name: Configure environment run: | helm repo add neondatabase https://neondatabase.github.io/helm-charts aws --region ${{ matrix.target_region }} eks update-kubeconfig --name ${{ matrix.target_cluster }} - name: Deploy storage-broker run: helm upgrade neon-storage-broker-lb neondatabase/neon-storage-broker --namespace neon-storage-broker-lb --create-namespace --install --atomic -f .github/helm-values/${{ matrix.target_cluster }}.neon-storage-broker.yaml --set image.tag=${{ inputs.dockerTag }} --set settings.sentryUrl=${{ secrets.SENTRY_URL_BROKER }} --wait --timeout 5m0s - name: Cleanup helm folder run: rm -rf ~/.cache deploy-pg-sni-router: runs-on: [ self-hosted, gen3, small ] container: 369495373322.dkr.ecr.eu-central-1.amazonaws.com/ansible:pinned if: inputs.deployPgSniRouter defaults: run: shell: bash strategy: matrix: include: - target_region: us-east-2 target_cluster: dev-us-east-2-beta - target_region: eu-west-1 target_cluster: dev-eu-west-1-zeta - target_region: eu-central-1 target_cluster: dev-eu-central-1-alpha environment: name: dev-${{ matrix.target_region }} steps: - name: Checkout uses: actions/checkout@v3 with: submodules: true fetch-depth: 0 ref: ${{ inputs.branch }} - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v1-node16 with: role-to-assume: arn:aws:iam::369495373322:role/github-runner aws-region: eu-central-1 role-skip-session-tagging: true role-duration-seconds: 1800 - name: Configure environment run: | helm repo add neondatabase https://neondatabase.github.io/helm-charts aws --region ${{ matrix.target_region }} eks update-kubeconfig --name ${{ matrix.target_cluster }} - name: Deploy pg-sni-router run: helm upgrade neon-pg-sni-router neondatabase/neon-pg-sni-router --namespace neon-pg-sni-router --create-namespace --install --atomic -f .github/helm-values/${{ matrix.target_cluster }}.pg-sni-router.yaml --set image.tag=${{ inputs.dockerTag }} --set settings.sentryUrl=${{ secrets.SENTRY_URL_BROKER }} --wait --timeout 15m0s - name: Cleanup helm folder run: rm -rf ~/.cache