Skip to content

Commit 664eeda

Browse files
mbruzda-splunkmbruzda-splunk
authored
refactor: introduce parameters to control argo environment (#235)
Added parameters to simplify the process of making changes and testing argo related stuff. This change is backwards compatible Tested here: https://github.com/splunk/splunk-add-on-for-cisco-meraki/actions/runs/7979596198 Backwards compatibility https://github.com/splunk/splunk-add-on-for-okta-identity-cloud/actions/runs/7986170413/job/21806162151 staging
1 parent 50fd907 commit 664eeda

File tree

1 file changed

+48
-16
lines changed

1 file changed

+48
-16
lines changed

.github/workflows/reusable-build-test-release.yml

Lines changed: 48 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,16 @@ on:
88
type: string
99
default: >-
1010
[""]
11+
k8s-environment:
12+
required: false
13+
description: Specifies which environmet to use for k8s testing. ["production", "staging"]
14+
type: string
15+
default: "production"
16+
k8s-manifests-branch:
17+
required: false
18+
description: "branch for k8s manifests to run the tests on"
19+
type: string
20+
default: "main"
1121
secrets:
1222
GH_TOKEN_ADMIN:
1323
description: Github admin token
@@ -77,7 +87,28 @@ jobs:
7787
execute-modinput-labeled: ${{ steps.configure-tests-on-labels.outputs.execute_modinput_functional_labeled }}
7888
execute-scripted_inputs-labeled: ${{ steps.configure-tests-on-labels.outputs.execute_scripted_inputs_labeled }}
7989
execute-requirement-labeled: ${{ steps.configure-tests-on-labels.outputs.execute_requirement_test_labeled }}
90+
s3_bucket_k8s: ${{ steps.k8s-environment.outputs.s3_bucket }}
91+
argo_server_domain_k8s: ${{ steps.k8s-environment.outputs.argo_server_domain }}
92+
argo_token_secret_id_k8s: ${{ steps.k8s-environment.outputs.argo_token_secret_id }}
8093
steps:
94+
- name: set k8s environment
95+
id: k8s-environment
96+
run: |
97+
if [[ ${{ inputs.k8s-environment }} == 'staging' ]]; then
98+
echo "setting up argo variables for staging"
99+
{
100+
echo "s3_bucket=ta-staging-artifacts"
101+
echo "argo_server_domain=argo.staging.wfe.splgdi.com"
102+
echo "argo_token_secret_id=ta-staging-github-workflow-automation-token"
103+
} >> "$GITHUB_OUTPUT"
104+
else
105+
echo "setting up argo variables for production"
106+
{
107+
echo "s3_bucket=ta-production-artifacts"
108+
echo "argo_server_domain=argo.wfe.splgdi.com"
109+
echo "argo_token_secret_id=ta-github-workflow-automation-token"
110+
} >> "$GITHUB_OUTPUT"
111+
fi
81112
- name: skip workflow if description is empty for labeled pr
82113
id: skip-workflow
83114
env:
@@ -678,7 +709,7 @@ jobs:
678709
run: |
679710
echo "name=$(basename "${{ steps.slim.outputs.OUTPUT }}")" >> "$GITHUB_OUTPUT"
680711
basename "${{ steps.slim.outputs.OUTPUT }}"
681-
aws s3 cp "${{ steps.slim.outputs.OUTPUT }}" s3://ta-production-artifacts/ta-apps/
712+
aws s3 cp "${{ steps.slim.outputs.OUTPUT }}" "s3://${{ needs.setup-workflow.outputs.s3_bucket_k8s }}/ta-apps/"
682713
683714
build-3_9:
684715
runs-on: ubuntu-latest
@@ -894,6 +925,7 @@ jobs:
894925

895926
setup:
896927
needs:
928+
- setup-workflow
897929
- build
898930
- test-inventory
899931
if: ${{ !cancelled() && needs.build.result == 'success' }}
@@ -938,23 +970,23 @@ jobs:
938970
JOB_NAME=$(echo "$ADDON_NAME" | tail -c 16)-$(echo "${GITHUB_SHA}" | tail -c 8)-TEST-TYPE-${GITHUB_RUN_ID}
939971
JOB_NAME=${JOB_NAME//[_.]/-}
940972
LABELS="addon-name=${ADDON_NAME}"
941-
ADDON_UPLOAD_PATH="s3://ta-production-artifacts/ta-apps/${{ needs.build.outputs.buildname }}"
973+
ADDON_UPLOAD_PATH="s3://${{ needs.setup-workflow.outputs.s3_bucket_k8s }}/ta-apps/${{ needs.build.outputs.buildname }}"
942974
{
943-
echo "argo-server=argo.wfe.splgdi.com:443"
975+
echo "argo-server=${{ needs.setup-workflow.outputs.argo_server_domain_k8s }}:443"
944976
echo "argo-http1=true"
945977
echo "argo-secure=true"
946978
echo "argo-base-href=\'\'"
947979
echo "argo-namespace=workflows"
948980
echo "argo-workflow-tmpl-name=ta-workflow"
949981
echo "argo-cancel-workflow-tmpl-name=cancel-workflow"
950982
echo "directory-path=/tmp"
951-
echo "s3-bucket=ta-production-artifacts"
983+
echo "s3-bucket=${{ needs.setup-workflow.outputs.s3_bucket_k8s }}"
952984
echo "addon-name=\"$ADDON_NAME\""
953985
echo "job-name=wf-$JOB_NAME"
954986
echo "labels=$LABELS"
955987
echo "addon-upload-path=$ADDON_UPLOAD_PATH"
956988
echo "spl-host-suffix=wfe.splgdi.com"
957-
echo "k8s-manifests-branch=main"
989+
echo "k8s-manifests-branch=${{ inputs.k8s-manifests-branch }}"
958990
} >> "$GITHUB_OUTPUT"
959991
- uses: actions/download-artifact@v3
960992
if: ${{ needs.test-inventory.outputs.ucc_modinput_functional == 'true' && needs.test-inventory.outputs.modinput_functional == 'true'}}
@@ -988,7 +1020,7 @@ jobs:
9881020
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
9891021
run: |
9901022
swagger_name=swagger_$(basename "$BUILD_NAME" .spl)
991-
aws s3 sync "${{ steps.download-openapi.outputs.download-path }}/tmp/restapi_client/" "s3://ta-production-artifacts/ta-apps/$swagger_name/" --exclude "*" --include "README.md" --include "*swagger_client*" --only-show-errors
1023+
aws s3 sync "${{ steps.download-openapi.outputs.download-path }}/tmp/restapi_client/" "s3://${{ needs.setup-workflow.outputs.s3_bucket_k8s }}/ta-apps/$swagger_name/" --exclude "*" --include "README.md" --include "*swagger_client*" --only-show-errors
9921024
9931025
run-knowledge-tests:
9941026
if: ${{ !cancelled() && needs.build.result == 'success' && needs.test-inventory.outputs.knowledge == 'true' && (needs.setup-workflow.outputs.execute-ko == 'Yes' || needs.setup-workflow.outputs.execute-knowledge-labeled == 'true') }}
@@ -1045,7 +1077,7 @@ jobs:
10451077
- name: Read secrets from AWS Secrets Manager into environment variables
10461078
id: get-argo-token
10471079
run: |
1048-
ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id ta-github-workflow-automation-token | jq -r '.SecretString')
1080+
ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id "${{ needs.setup-workflow.outputs.argo_token_secret_id_k8s }}" | jq -r '.SecretString')
10491081
echo "argo-token=$ARGO_TOKEN" >> "$GITHUB_OUTPUT"
10501082
- name: create job name
10511083
id: create-job-name
@@ -1092,7 +1124,7 @@ jobs:
10921124
id: update-argo-token
10931125
if: ${{ !cancelled() }}
10941126
run: |
1095-
ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id ta-github-workflow-automation-token | jq -r '.SecretString')
1127+
ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id "${{ needs.setup-workflow.outputs.argo_token_secret_id_k8s }}" | jq -r '.SecretString')
10961128
echo "argo-token=$ARGO_TOKEN" >> "$GITHUB_OUTPUT"
10971129
- name: calculate timeout
10981130
id: calculate-timeout
@@ -1286,7 +1318,7 @@ jobs:
12861318
- name: Read secrets from AWS Secrets Manager into environment variables
12871319
id: get-argo-token
12881320
run: |
1289-
ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id ta-github-workflow-automation-token | jq -r '.SecretString')
1321+
ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id "${{ needs.setup-workflow.outputs.argo_token_secret_id_k8s }}" | jq -r '.SecretString')
12901322
echo "argo-token=$ARGO_TOKEN" >> "$GITHUB_OUTPUT"
12911323
- name: create job name
12921324
id: create-job-name
@@ -1508,7 +1540,7 @@ jobs:
15081540
- name: Read secrets from AWS Secrets Manager into environment variables
15091541
id: get-argo-token
15101542
run: |
1511-
ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id ta-github-workflow-automation-token | jq -r '.SecretString')
1543+
ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id "${{ needs.setup-workflow.outputs.argo_token_secret_id_k8s }}" | jq -r '.SecretString')
15121544
echo "argo-token=$ARGO_TOKEN" >> "$GITHUB_OUTPUT"
15131545
- name: create job name
15141546
id: create-job-name
@@ -1555,7 +1587,7 @@ jobs:
15551587
id: update-argo-token
15561588
if: ${{ !cancelled() }}
15571589
run: |
1558-
ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id ta-github-workflow-automation-token | jq -r '.SecretString')
1590+
ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id "${{ needs.setup-workflow.outputs.argo_token_secret_id_k8s }}" | jq -r '.SecretString')
15591591
echo "argo-token=$ARGO_TOKEN" >> "$GITHUB_OUTPUT"
15601592
- name: calculate timeout
15611593
id: calculate-timeout
@@ -1737,7 +1769,7 @@ jobs:
17371769
- name: Read secrets from AWS Secrets Manager into environment variables
17381770
id: get-argo-token
17391771
run: |
1740-
ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id ta-github-workflow-automation-token | jq -r '.SecretString')
1772+
ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id "${{ needs.setup-workflow.outputs.argo_token_secret_id_k8s }}" | jq -r '.SecretString')
17411773
echo "argo-token=$ARGO_TOKEN" >> "$GITHUB_OUTPUT"
17421774
- name: create job name
17431775
id: create-job-name
@@ -1796,7 +1828,7 @@ jobs:
17961828
id: update-argo-token
17971829
if: ${{ !cancelled() }}
17981830
run: |
1799-
ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id ta-github-workflow-automation-token | jq -r '.SecretString')
1831+
ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id "${{ needs.setup-workflow.outputs.argo_token_secret_id_k8s }}" | jq -r '.SecretString')
18001832
echo "argo-token=$ARGO_TOKEN" >> "$GITHUB_OUTPUT"
18011833
- name: calculate timeout
18021834
id: calculate-timeout
@@ -1975,7 +2007,7 @@ jobs:
19752007
- name: Read secrets from AWS Secrets Manager into environment variables
19762008
id: get-argo-token
19772009
run: |
1978-
ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id ta-github-workflow-automation-token | jq -r '.SecretString')
2010+
ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id "${{ needs.setup-workflow.outputs.argo_token_secret_id_k8s }}" | jq -r '.SecretString')
19792011
echo "argo-token=$ARGO_TOKEN" >> "$GITHUB_OUTPUT"
19802012
- name: create job name
19812013
id: create-job-name
@@ -2204,7 +2236,7 @@ jobs:
22042236
- name: Read secrets from AWS Secrets Manager into environment variables
22052237
id: get-argo-token
22062238
run: |
2207-
ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id ta-github-workflow-automation-token | jq -r '.SecretString')
2239+
ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id "${{ needs.setup-workflow.outputs.argo_token_secret_id_k8s }}" | jq -r '.SecretString')
22082240
echo "argo-token=$ARGO_TOKEN" >> "$GITHUB_OUTPUT"
22092241
- name: create job name
22102242
id: create-job-name
@@ -2440,7 +2472,7 @@ jobs:
24402472
- name: Read secrets from AWS Secrets Manager into environment variables
24412473
id: get-argo-token
24422474
run: |
2443-
ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id ta-github-workflow-automation-token | jq -r '.SecretString')
2475+
ARGO_TOKEN=$(aws secretsmanager get-secret-value --secret-id "${{ needs.setup-workflow.outputs.argo_token_secret_id_k8s }}" | jq -r '.SecretString')
24442476
echo "argo-token=$ARGO_TOKEN" >> "$GITHUB_OUTPUT"
24452477
- name: create job name
24462478
id: create-job-name

0 commit comments

Comments
 (0)