Fix wiab automation (#742)

Created new Github Action to deploy the new artifact on a dedicated hetzner machine.
wireapp · Nov 4, 2024 · e7643e9 · e7643e9
1 parent 5123a7e
commit e7643e9
Show file tree

Hide file tree

Showing 5 changed files with 74 additions and 18 deletions.
diff --git a/.github/workflows/custom-artifact.yml b/.github/workflows/custom-artifact.yml
@@ -5,7 +5,7 @@ on:
   workflow_dispatch:
 jobs:
   offline:
-    name: Prepare custom offline package
+    name: Prepare custom offline package # Do not change this name, it is used to trigger deploy-wiab workflow
     # Useful to skip expensive CI when writing docs
     if: "!contains(github.event.head_commit.message, 'skip ci')"
     runs-on:
@@ -54,6 +54,11 @@ jobs:
         env:
           DOCKER_LOGIN: '${{ secrets.DOCKER_LOGIN }}'
 
+      # Set output for deploy-wiab workflow to start
+      - name: Set output to trigger dependent workflow
+        if: success()
+        run: echo "::set-output name=trigger_next_workflow::true"
+
       - name: Deploy offline environment to hetzner
         run: |
           ./offline/cd.sh

diff --git a/.github/workflows/deploy-wiab.yml b/.github/workflows/deploy-wiab.yml
@@ -0,0 +1,37 @@
+name: Deploy on Hetzner WIAB setup
+on:
+  workflow_run:
+    workflows: ["Prepare custom offline package"]
+    types:
+      - completed
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    concurrency:
+      group: autodeploy-script
+      cancel-in-progress: false
+
+    steps:
+      # Step 1: Checkout the repository code
+      - name: Checkout code
+        uses: actions/checkout@v3
+
+      # Step 2: Set up SSH key for remote access
+      - name: Set up SSH key
+        uses: webfactory/[email protected]
+        with:
+          ssh-private-key: ${{ secrets.WIAB_PRIVATE_SSH_KEY }}
+
+      # Step 3: Get the latest commit SHA, for the artifact
+      - name: Get latest commit SHA
+        id: get_commit_sha
+        run: |
+          COMMIT_SHA=$(git rev-parse HEAD)
+          echo "commit_sha=$COMMIT_SHA" >> $GITHUB_ENV
+
+      # Step 4: Run the autodeploy script
+      - name: Run Auto Deploy Script
+        run: |
+          cd bin
+          ./autodeploy.sh --artifact-hash ${{ env.COMMIT_SHA }} --target-domain wiab-test-box.wire.link --force-redeploy
diff --git a/ansible/hetzner-single-deploy.yml b/ansible/hetzner-single-deploy.yml
@@ -2,7 +2,7 @@
   become: true
   vars:
     artifact_hash: d8fe36747614968ea73ebd43d47b99364c52f9c1
-    ubuntu_version: 22.04.4
+    ubuntu_version: 22.04.5
     ssh_pubkey: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDPTGTo1lTqd3Ym/75MRyQvj8xZINO/GI6FzfIadSe5c [email protected]"
   tasks:
   - name: set ipv4 forward
@@ -171,7 +171,6 @@
         stat:
           path: /home/demo/wire-server-deploy-static-{{ artifact_hash }}.tgz
           get_checksum: False
-          get_md5: False
         register: artifact_archive_file_check
       - name: download wire-server-deploy archive
         shell:
@@ -182,7 +181,6 @@
         stat:
           path: /home/demo/wire-server-deploy/containers-helm.tar
           get_checksum: False
-          get_md5: False
         register: artifact_folder_content_check
       - name: unpack wire-server-deploy archive
         unarchive:
@@ -194,7 +192,6 @@
         stat:
           path: /home/demo/wire-server-deploy/ubuntu.iso
           get_checksum: False
-          get_md5: False
         register: iso_file_check
       - name: download ubuntu {{ ubuntu_version }} iso
         shell:

diff --git a/bin/autodeploy.sh b/bin/autodeploy.sh
@@ -92,6 +92,7 @@ msg ""
 msg "INFO: starting Wire-in-a-box deployment for $TARGET_SYSTEM using artifact ID $ARTIFACT_HASH"
 msg ""
 
+
 for SUBDOMAIN in $SUBDOMAINS; do
   if host "$SUBDOMAIN"."$TARGET_SYSTEM" >/dev/null 2>&1 ; then
     msg "INFO: DNS A record exists: $SUBDOMAIN.$TARGET_SYSTEM"
@@ -100,13 +101,14 @@ for SUBDOMAIN in $SUBDOMAINS; do
   fi
 done
 
-if ssh -q -o ConnectTimeout=5 -p "$SSH_PORT" "$SSH_USER"@webapp."$TARGET_SYSTEM" id | grep -q "$SSH_USER"; then
+if ssh -q -o StrictHostKeyChecking=no -o ConnectTimeout=5 -p "$SSH_PORT" "$SSH_USER"@webapp."$TARGET_SYSTEM" id | grep -q "$SSH_USER"; then
   msg ""
   msg "INFO: Successfully logged into $TARGET_SYSTEM as $SSH_USER"
 else
   die "ERROR: Can't log into $TARGET_SYSTEM via SSH, please check SSH connectivity."
 fi
 
+
 if curl --head --silent --fail https://s3-eu-west-1.amazonaws.com/public.wire.com/artifacts/wire-server-deploy-static-"$ARTIFACT_HASH".tgz >/dev/null 2>&1 ; then
   msg "INFO: Artifact exists https://s3-eu-west-1.amazonaws.com/public.wire.com/artifacts/wire-server-deploy-static-$ARTIFACT_HASH.tgz"
 else
@@ -118,7 +120,7 @@ system_cleanup_meta() {
   msg "INFO: Cleaning up all VMs, docker resources and wire-server-deploy files on $TARGET_SYSTEM."
   msg ""
   sleep 5
-  ssh -p "$SSH_PORT" "$SSH_USER"@webapp."$TARGET_SYSTEM" "bash -s" <<EOT
+  ssh -p "$SSH_PORT" -o StrictHostKeyChecking=no "$SSH_USER"@webapp."$TARGET_SYSTEM" "bash -s" <<EOT
 # Making relevant vars and functions available to remote shell via SSH
 $(declare -p DEMO_USER)
 $(declare -f system_cleanup)
@@ -127,8 +129,12 @@ EOT
 }
 
 system_cleanup() {
-  for VM in $(virsh list --all --name); do virsh destroy "$VM"; virsh undefine "$VM" --remove-all-storage; done
-  docker system prune -a -f
+  if which virsh > /dev/null; then
+    for VM in $(virsh list --all --name); do virsh destroy "$VM"; virsh undefine "$VM" --remove-all-storage; done
+  fi
+  if which docker > /dev/null; then
+    docker system prune -a -f
+  fi
   rm -f /home/$DEMO_USER/.ssh/known_hosts
   rm -rf /home/$DEMO_USER/wire-server-deploy
   rm -f /home/$DEMO_USER/wire-server-deploy-static-*.tgz
@@ -139,8 +145,13 @@ preprovision_hetzner() {
   msg "INFO: running local ansible playbook for inital server deployment."
   msg "INFO: This will setup up the Hetzner system with basic defaults, download and unpack the wire-server-deploy artifact."
   sleep 5
-  export LC_ALL="C.UTF-8";
-  ansible-playbook ../ansible/hetzner-single-deploy.yml -e "artifact_hash=$ARTIFACT_HASH" -i $SSH_USER@webapp."$TARGET_SYSTEM", --diff 
+  # on Mac devices C.UTF-8 is not available
+  if [[ $(uname) == "Darwin" ]]; then
+    export LC_ALL=en_US.UTF-8
+  else
+    export LC_ALL=C.UTF-8
+  fi
+  ansible-playbook ../ansible/hetzner-single-deploy.yml -e "artifact_hash=$ARTIFACT_HASH" -e "ansible_ssh_common_args='-o ServerAliveInterval=30 -o ServerAliveCountMax=10 -o ControlMaster=auto -o ControlPersist=180m'" -i $SSH_USER@webapp."$TARGET_SYSTEM", --diff
 }
 
 remote_deployment() {
@@ -367,21 +378,22 @@ EOF
   d helm upgrade --install coturn ./charts/coturn --values values/coturn/values.yaml --values values/coturn/secrets.yaml
 }
 
-EXISTING_INSTALL=$(ssh -p "$SSH_PORT" "$SSH_USER"@webapp."$TARGET_SYSTEM" "ls /home/$DEMO_USER/wire-server-deploy-static-*.tgz 2>/dev/null" || true)
-EXISTING_VMS=$(ssh -p "$SSH_PORT" "$SSH_USER"@webapp."$TARGET_SYSTEM" "virsh list --all --name")
-EXISTING_CONTAINERS=$(ssh -p "$SSH_PORT" "$SSH_USER"@webapp."$TARGET_SYSTEM" "docker ps -q --all")
+EXISTING_INSTALL=$(ssh -p "$SSH_PORT" -o StrictHostKeyChecking=no "$SSH_USER"@webapp."$TARGET_SYSTEM" "ls /home/$DEMO_USER/wire-server-deploy-static-*.tgz 2>/dev/null" || echo "false")
+EXISTING_VMS=$(ssh -p "$SSH_PORT" -o StrictHostKeyChecking=no "$SSH_USER"@webapp."$TARGET_SYSTEM" "virsh list --all --name" || echo "false")
+EXISTING_CONTAINERS=$(ssh -p "$SSH_PORT" -o StrictHostKeyChecking=no "$SSH_USER"@webapp."$TARGET_SYSTEM" "docker ps -q --all" || echo "false")
 
-if [[ "$EXISTING_INSTALL" ]]; then
+if [[ "$EXISTING_INSTALL" != "false" && -n "$EXISTING_INSTALL" ]]; then
   msg ""
   msg "WARNING: existing wire-server-deploy installation found: $EXISTING_INSTALL"
   DO_SYSTEM_CLEANUP=true
 fi
-if [[ "$EXISTING_VMS" ]]; then
+if [[ "$EXISTING_VMS" != "false" && -n "$EXISTING_VMS" ]]; then
   msg ""
   msg "WARNING: existing libvirt VMs found: $EXISTING_VMS"
   DO_SYSTEM_CLEANUP=true
 fi
-if [[ "$EXISTING_CONTAINERS" ]]; then
+if [[ "$EXISTING_CONTAINERS" != "false" && -n "$EXISTING_CONTAINERS"  ]]; then
+  echo "$EXISTING_CONTAINERS"
   msg ""
   msg "WARNING: existing Docker containers found."
   DO_SYSTEM_CLEANUP=true
@@ -406,7 +418,7 @@ fi
 
 msg "INFO: Commencing Wire-in-a-box deployment on $TARGET_SYSTEM."
 preprovision_hetzner
-ssh -p "$SSH_PORT" "$DEMO_USER"@webapp."$TARGET_SYSTEM" "bash -s" <<EOT
+ssh -p "$SSH_PORT" -o StrictHostKeyChecking=no -o ServerAliveInterval=30 -o ServerAliveCountMax=10 "$DEMO_USER"@webapp."$TARGET_SYSTEM" "bash -s" <<EOT
 # Making relevant vars and functions available to remote shell via SSH
 $(declare -p DEMO_USER TARGET_SYSTEM SCRIPT_DIR)
 $(declare -f remote_deployment)

diff --git a/bin/offline-vm-setup.sh b/bin/offline-vm-setup.sh
@@ -223,3 +223,8 @@ for (( i=0; i<${#VM_NAME[@]}; i++ )); do
     sleep 20
   fi
 done
+
+while sudo virsh list --all | grep -Fq running; do
+  sleep 20
+  msg "INFO: VM deployment still in progress ..."
+done