-
Notifications
You must be signed in to change notification settings - Fork 0
/
action.yaml
311 lines (277 loc) · 10.5 KB
/
action.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
name: 'Deploy Ollama and Open WebUI'
description: 'Deploy your own LLM (large language model) like llama3 with a web based UI to an EC2 instance.'
inputs:
checkout:
description: 'Whether to checkout the repo. Set to true if your deployment relies on files in the repository.'
required: true
default: 'true'
# AWS Configuration
aws_access_key_id:
description: 'AWS access key ID.'
required: true
aws_secret_access_key:
description: 'AWS secret access key.'
required: true
aws_session_token:
description: 'AWS session token.'
required: false
aws_default_region:
description: 'AWS region to deploy resources.'
required: true
aws_resource_identifier:
description: 'Unique identifier for AWS resource naming to avoid conflicts.'
required: true
aws_extra_tags:
description: 'Additional tags to apply to all AWS resources created.'
required: false
# ENV files
env_aws_secret:
description: 'AWS secret environment variable for the application.'
required: true
env_repo:
description: 'Repository environment variable for deployment configuration.'
required: false
env_ghs:
description: 'GitHub secret for deployment actions.'
required: false
env_ghv:
description: 'GitHub variable for additional configuration.'
required: false
# EC2 Instance config
aws_ec2_instance_type:
description: 'Type of AWS EC2 instance to deploy.'
required: false
default: 'inf1.xlarge'
aws_ec2_instance_profile:
description: 'IAM profile to attach to the EC2 instance.'
required: false
aws_ec2_create_keypair_sm:
description: 'Create a key pair using AWS Secrets Manager.'
required: false
aws_ec2_instance_vol_size:
description: 'Volume size for the EC2 instance in GB. Default: 20'
required: true
default: '20'
aws_ec2_additional_tags:
description: 'Additional tags for the EC2 instance.'
required: false
aws_ec2_ami_filter:
description: 'Filter to select the AMI for the EC2 instance.'
required: true
infrastructure_only:
description: 'If set to true, only the infrastructure is deployed without deploying the application.'
required: false
default: 'false'
docker_cloudwatch_skip_destroy:
description: 'Set to true to skip destroying the CloudWatch log group on deletion.'
required: false
default: 'false'
# app specific config
disable-signup:
description: 'Disable user signup for the application.'
required: false
default: 'false'
# app_volume_ui:
# description: 'Volume mapping for the UI service.'
# required: false
# default: './open-webui:/app/backend/data'
# app_volume_ollama:
# description: 'Volume mapping for the Ollama service.'
# required: false
# default: './ollama:/root/.ollama'
# Stack Management
tf_stack_destroy:
description: 'Whether to destroy the Terraform stack on completion.'
required: false
default: 'false'
tf_state_file_name:
description: 'The name of the Terraform state file.'
required: true
tf_state_file_name_append:
description: 'Append a suffix to the state file name to allow unique state management.'
required: false
tf_state_bucket:
description: 'The S3 bucket name where the Terraform state file will be stored.'
required: true
tf_state_bucket_destroy:
description: 'Whether to destroy the state bucket on stack completion.'
required: false
# Domains
aws_domain_name:
description: 'The domain name to be used with this deployment.'
required: true
aws_sub_domain:
description: 'Subdomain to deploy the application.'
required: false
aws_root_domain:
description: 'Root domain under which the subdomain will be created.'
required: true
aws_cert_arn:
description: 'ARN of an existing AWS Certificate Manager certificate to use.'
required: false
aws_create_root_cert:
description: 'Whether to create a new certificate for the root domain.'
required: false
aws_create_sub_cert:
description: 'Whether to create a new certificate for the subdomain.'
required: false
aws_no_cert:
description: 'Set to true to disable SSL certificate setup.'
required: false
default: 'false'
# VPC Inputs
aws_vpc_create:
description: 'Whether to create a new VPC for this deployment.'
required: false
default: 'false'
aws_vpc_name:
description: 'The name of the VPC to be created or used.'
required: false
aws_vpc_cidr_block:
description: 'The CIDR block for the VPC.'
required: true
aws_vpc_public_subnets:
description: 'List of public subnet CIDRs for the VPC.'
required: true
aws_vpc_private_subnets:
description: 'List of private subnet CIDRs for the VPC.'
required: true
aws_vpc_availability_zones:
description: 'Availability zones to use within the VPC.'
required: true
aws_vpc_id:
description: 'The ID of an existing VPC where resources will be deployed.'
required: false
aws_vpc_subnet_id:
description: 'The ID of an existing subnet within the VPC to use.'
required: false
aws_vpc_additional_tags:
description: 'Additional tags for the VPC.'
required: false
outputs:
vm_url:
description: 'The URL of the generated app'
value: ${{ steps.deploy.outputs.vm_url }}
runs:
using: 'composite'
steps:
- name: Checkout
if: ${{ inputs.checkout == 'true' }}
uses: actions/checkout@v2
- name: Invert boolean Variable
shell: bash
id: set-cert
if: ${{ inputs.aws_no_cert == 'false' }}
run: echo "enable_cert=true" >> $GITHUB_OUTPUT
# - name: Copy User Files
# if: ${{ inputs.infrastructure_only == 'false' }}
# shell: bash
# env:
# GITHUB_ACTION_PATH: ${{ github.action_path }}
# run: |
# echo "Copying User Files"
# new_path=$GITHUB_ACTION_PATH/some-meaningfully-named-directory
# mkdir -p $new_path
# cp $GITHUB_WORKSPACE/${{ inputs.app_volume_ui }}/* "$new_path"
- name: Copy Deployment Config
if: ${{ inputs.infrastructure_only == 'false' }}
shell: bash
env:
GITHUB_ACTION_PATH: ${{ github.action_path }}
APP_SUBDIR: gha-deployment
run: |
app_path=$GITHUB_WORKSPACE/$APP_SUBDIR
echo "Copying app Repo"
mkdir -p "$app_path"
cp -r $GITHUB_ACTION_PATH/. "$app_path"
echo "removing operations dir"
rm -rf $app_path/operations
# if inputs.disable-signup == 'true, then remove the signup page
# env var: ENABLE_SIGNUP=false
- name: Set app env config
id: set-app-env-config
shell: bash
env:
GITHUB_ACTION_PATH: ${{ github.action_path }}
APP_SUBDIR: gha-deployment
DISABLE_SIGNUP: ${{ inputs.disable-signup }}
run: |
app_path=$GITHUB_WORKSPACE/$APP_SUBDIR
filename="auto.gha.app.env"
echo "::group::Set up GHA generated app config"
echo "checking if disable-signup is set ($DISABLE_SIGNUP)"
if [ "$DISABLE_SIGNUP" == "true" ]; then
echo "Disabling signup"
echo "ENABLE_SIGNUP=false" >> $app_path/$filename
else
echo "Enabling signup"
echo "ENABLE_SIGNUP=true" >> $app_path/$filename
fi
echo ""
echo "::endgroup::"
- name: Deploy with Bitovi Commons
id: deploy
uses: bitovi/github-actions-commons@v0.0.13
with:
# Current repo vars
checkout: false
gh_action_repo: ${{ github.action_path }}
# gh_action_input_ansible: operations/deployment/ansible
ansible_skip: ${{ inputs.infrastructure_only }}
# AWS
aws_access_key_id: ${{ inputs.aws_access_key_id }}
aws_secret_access_key: ${{ inputs.aws_secret_access_key }}
aws_session_token: ${{ inputs.aws_session_token }}
aws_default_region: ${{ inputs.aws_default_region }}
aws_resource_identifier: ${{ inputs.aws_resource_identifier }}
aws_additional_tags: ${{ inputs.aws_extra_tags }}
# Docker
docker_install: true
docker_cloudwatch_enable: true
docker_cloudwatch_skip_destroy: ${{ inputs.docker_cloudwatch_skip_destroy }}
docker_repo_app_directory: 'gha-deployment'
# EC2
aws_ec2_instance_create: true
aws_ec2_ami_filter: ${{ inputs.aws_ec2_ami_filter }}
aws_ec2_iam_instance_profile: ${{ inputs.aws_ec2_instance_profile }}
aws_ec2_instance_type: ${{ inputs.aws_ec2_instance_type }}
aws_ec2_instance_public_ip: true
aws_ec2_create_keypair_sm: ${{ inputs.aws_ec2_create_keypair_sm }}
aws_ec2_instance_root_vol_size: ${{ inputs.aws_ec2_instance_vol_size }}
aws_ec2_additional_tags: ${{ inputs.aws_ec2_additional_tags }}
# aws_ec2_port_list: "3011,11434"
# AWS ELB
aws_elb_create: true
aws_elb_listen_port: "3011,11434"
aws_elb_app_port: "3011,11434"
aws_elb_healthcheck: "TCP:11434"
# Stack management
tf_stack_destroy: ${{ inputs.tf_stack_destroy }}
tf_state_file_name: ${{ inputs.tf_state_file_name }}
tf_state_file_name_append: ${{ inputs.tf_state_file_name_append }}
tf_state_bucket: ${{ inputs.tf_state_bucket }}
tf_state_bucket_destroy: ${{ inputs.tf_state_bucket_destroy }}
tf_state_bucket_provider: 'aws'
# AWS Route53 Domains and Certificates
aws_r53_enable: true
aws_r53_domain_name: ${{ inputs.aws_domain_name }}
aws_r53_sub_domain_name: ${{ inputs.aws_sub_domain }}
aws_r53_root_domain_deploy: ${{ inputs.aws_root_domain }}
aws_r53_enable_cert: ${{ steps.set-cert.outputs.enable_cert }}
aws_r53_cert_arn: ${{ inputs.aws_cert_arn }}
aws_r53_create_root_cert: ${{ inputs.aws_create_root_cert }}
aws_r53_create_sub_cert: ${{ inputs.aws_create_sub_cert }}
aws_vpc_create: ${{ inputs.aws_vpc_create }}
aws_vpc_name: ${{ inputs.aws_vpc_name }}
aws_vpc_cidr_block: ${{ inputs.aws_vpc_cidr_block }}
aws_vpc_public_subnets: ${{ inputs.aws_vpc_public_subnets }}
aws_vpc_private_subnets: ${{ inputs.aws_vpc_private_subnets }}
aws_vpc_availability_zones: ${{ inputs.aws_vpc_availability_zones }}
aws_vpc_id: ${{ inputs.aws_vpc_id }}
aws_vpc_subnet_id: ${{ inputs.aws_vpc_subnet_id }}
aws_vpc_additional_tags: ${{ inputs.aws_vpc_additional_tags }}
# ENV files
env_aws_secret: ${{ inputs.env_aws_secret }}
env_repo: ${{ inputs.env_repo }}
env_ghs: ${{ inputs.env_ghs }}
env_ghv: ${{ inputs.env_ghv }}