Remove unused code #853
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Upgrade" | |
on: | |
push: | |
branches-ignore: | |
- 'develop' | |
pull_request: | |
types: [opened, synchronize, reopened, ready_for_review] | |
paths: | |
- '**.go' | |
- 'go.mod' | |
- 'snap/**' | |
- '.github/workflows/upgrade.yml' | |
- '.github/setup-lxd/**' | |
- 'scripts/dqlite/**' | |
- 'Makefile' | |
- 'make_functions.sh' | |
branches-ignore: | |
- 'develop' | |
workflow_dispatch: | |
permissions: | |
contents: read | |
jobs: | |
Upgrade: | |
name: Upgrade | |
runs-on: ubuntu-latest | |
# Disabled until 3.2.0 is released. | |
if: false && github.event.pull_request.draft == false | |
strategy: | |
fail-fast: false | |
matrix: | |
model_type: ["localhost", "microk8s"] | |
env: | |
CHARM_localhost: apache2 | |
CHARM_microk8s: prometheus-k8s | |
DOCKER_REGISTRY: 10.152.183.69 | |
RUN_TEST: RUN | |
UPGRADE_FLAGS_localhost: --build-agent | |
UPGRADE_FLAGS_microk8s: --agent-stream=develop | |
steps: | |
- name: Install Dependencies | |
if: env.RUN_TEST == 'RUN' | |
shell: bash | |
run: | | |
set -euxo pipefail | |
sudo snap install snapcraft --classic | |
sudo snap install yq | |
sudo snap install juju --channel=3.1/stable | |
mkdir -p ~/.local/share | |
echo "/snap/bin" >> $GITHUB_PATH | |
- name: Checkout | |
if: env.RUN_TEST == 'RUN' | |
uses: actions/checkout@v3 | |
# We use LXD in the microk8s test too, to build the snap. | |
- name: Setup LXD | |
if: env.RUN_TEST == 'RUN' && matrix.model_type == 'localhost' | |
uses: canonical/setup-lxd@4e959f8e0d9c5feb27d44c5e4d9a330a782edee0 | |
- name: Set some variables | |
if: env.RUN_TEST == 'RUN' | |
run: | | |
set -euxo pipefail | |
echo "base-juju-version=$(juju version | cut -d '-' -f 1)" >> $GITHUB_OUTPUT | |
upstreamJujuVersion=$(grep -r "const version =" version/version.go | sed -r 's/^const version = \"(.*)\"$/\1/') | |
echo "upstream-juju-version=${upstreamJujuVersion}" >> $GITHUB_OUTPUT | |
currentStableChannel="$(echo $upstreamJujuVersion | cut -d'.' -f1,2)/stable" | |
currentStableVersion=$(snap info juju | yq ".channels[\"$currentStableChannel\"]" | cut -d' ' -f1) | |
echo "current-stable-juju-version=$currentStableVersion" >> $GITHUB_OUTPUT | |
echo "juju-db-version=4.4" >> $GITHUB_OUTPUT | |
id: vars | |
- name: Set up Go | |
if: env.RUN_TEST == 'RUN' | |
uses: actions/setup-go@v4 | |
with: | |
go-version-file: 'go.mod' | |
cache: true | |
- name: setup env | |
shell: bash | |
run: | | |
echo "GOPATH=$(go env GOPATH)" >> $GITHUB_ENV | |
echo "$(go env GOPATH)/bin" >> $GITHUB_PATH | |
- name: Setup k8s | |
if: env.RUN_TEST == 'RUN' && matrix.model_type == 'microk8s' | |
uses: balchua/microk8s-actions@v0.3.2 | |
with: | |
channel: "1.25-strict/stable" | |
addons: '["dns", "hostpath-storage"]' | |
- name: Setup local caas registry | |
if: env.RUN_TEST == 'RUN' && matrix.model_type == 'microk8s' | |
run: | | |
set -euxo pipefail | |
# Become a CA | |
mkdir ~/certs | |
sudo cp /var/snap/microk8s/current/certs/ca.crt ~/certs/ | |
sudo cp /var/snap/microk8s/current/certs/ca.key ~/certs/ | |
sudo chmod a+wr ~/certs/ca.crt | |
sudo chmod a+wr ~/certs/ca.key | |
# Recognise CA | |
sudo cp ~/certs/ca.crt /usr/local/share/ca-certificates | |
sudo update-ca-certificates | |
sudo mkdir -p /etc/docker/certs.d/${DOCKER_REGISTRY}/ | |
sudo cp ~/certs/ca.crt /etc/docker/certs.d/${DOCKER_REGISTRY}/ | |
# Generate certs | |
openssl req -nodes -newkey rsa:2048 -keyout ~/certs/registry.key -out ~/certs/registry.csr -subj "/CN=registry" | |
openssl x509 -req -in ~/certs/registry.csr -CA ~/certs/ca.crt -CAkey ~/certs/ca.key \ | |
-out ~/certs/registry.crt -CAcreateserial -days 365 -sha256 -extfile .github/registry.ext | |
# Deploy registry | |
sg snap_microk8s "microk8s kubectl create -f .github/reg.yml" | |
# TODO:(jack-w-shaw) Figure out why we need this and do something nicer | |
sudo microk8s refresh-certs --cert ca.crt | |
sudo microk8s refresh-certs --cert server.crt | |
sg snap_microk8s "microk8s status --wait-ready" | |
# Wait for registry | |
sg snap_microk8s "microk8s kubectl wait --for condition=available deployment registry -n container-registry --timeout 180s" || true | |
sg snap_microk8s "microk8s kubectl describe pod -n container-registry" | |
curl https://${DOCKER_REGISTRY}/v2/ | |
- name: Mirror docker images required for juju bootstrap | |
if: env.RUN_TEST == 'RUN' && matrix.model_type == 'microk8s' | |
env: | |
BASE_JUJU_TAG: ${{ steps.vars.outputs.base-juju-version }} | |
JUJU_DB_TAG: ${{ steps.vars.outputs.juju-db-version }} | |
CHARM_BASE: ubuntu-20.04 | |
run: | | |
set -euxo pipefail | |
# Shim in recognition for our CA to jujud-operator | |
BUILD_TEMP=$(mktemp -d) | |
cp ~/certs/ca.crt $BUILD_TEMP/ | |
cat >$BUILD_TEMP/Dockerfile <<EOL | |
FROM jujusolutions/jujud-operator:${BASE_JUJU_TAG} | |
COPY ca.crt /usr/local/share/ca-certificates/ca.crt | |
RUN update-ca-certificates | |
EOL | |
docker build $BUILD_TEMP -t ${DOCKER_REGISTRY}/test-repo/jujud-operator:${BASE_JUJU_TAG} | |
docker push ${DOCKER_REGISTRY}/test-repo/jujud-operator:${BASE_JUJU_TAG} | |
docker pull jujusolutions/juju-db:${JUJU_DB_TAG} | |
docker tag jujusolutions/juju-db:${JUJU_DB_TAG} ${DOCKER_REGISTRY}/test-repo/juju-db:${JUJU_DB_TAG} | |
docker push ${DOCKER_REGISTRY}/test-repo/juju-db:${JUJU_DB_TAG} | |
docker pull jujusolutions/charm-base:${CHARM_BASE} | |
docker tag jujusolutions/charm-base:${CHARM_BASE} ${DOCKER_REGISTRY}/test-repo/charm-base:${CHARM_BASE} | |
docker push ${DOCKER_REGISTRY}/test-repo/charm-base:${CHARM_BASE} | |
- name: Bootstrap Juju - localhost | |
if: env.RUN_TEST == 'RUN' && matrix.model_type == 'localhost' | |
shell: bash | |
run: | | |
set -euxo pipefail | |
juju bootstrap localhost c | |
juju add-model m | |
juju status | |
juju version | |
- name: Bootstrap Juju - microk8s | |
if: env.RUN_TEST == 'RUN' && matrix.model_type == 'microk8s' | |
# TODO: Enabling developer-mode is a bit of a hack to get this working for now. | |
# Ideally, we would mock our own simplestream, similar to Jenkins, to select | |
# and filter with as standard, instead of skipping over them with this flag | |
run: | | |
set -euxo pipefail | |
sg snap_microk8s <<EOF | |
juju bootstrap microk8s c \ | |
--config caas-image-repo="${DOCKER_REGISTRY}/test-repo" \ | |
--config features="[developer-mode]" | |
EOF | |
juju add-model m | |
juju status | |
juju version | |
- name: Deploy some applications | |
if: env.RUN_TEST == 'RUN' | |
shell: bash | |
run: | | |
set -euxo pipefail | |
# On k8s, we have to grant the app access to the cluster. | |
DEPLOY_FLAGS='' | |
if [[ ${{ matrix.model_type }} == 'microk8s' ]]; then | |
DEPLOY_FLAGS='--trust' | |
fi | |
juju deploy ${CHARM_${{ matrix.model_type }}} $DEPLOY_FLAGS | |
juju wait-for application ${CHARM_${{ matrix.model_type }}} | |
.github/verify-${CHARM_${{ matrix.model_type }}}.sh 30 | |
- name: Update Juju | |
if: env.RUN_TEST == 'RUN' | |
shell: bash | |
run: | | |
sudo snap remove juju --purge | |
make go-install | |
- name: Build jujud image | |
if: env.RUN_TEST == 'RUN' && matrix.model_type == 'microk8s' | |
env: | |
UPSTREAM_JUJU_TAG: ${{ steps.vars.outputs.upstream-juju-version }} | |
CURRENT_STABLE_JUJU_TAG: ${{ steps.vars.outputs.current-stable-juju-version }} | |
run: | | |
set -euxo pipefail | |
make operator-image | |
# Shim in recognition for our CA to jujud-operator | |
BUILD_TEMP=$(mktemp -d) | |
cp ~/certs/ca.crt $BUILD_TEMP/ | |
cat >$BUILD_TEMP/Dockerfile <<EOL | |
FROM jujusolutions/jujud-operator:${UPSTREAM_JUJU_TAG} | |
COPY ca.crt /usr/local/share/ca-certificates/ca.crt | |
RUN update-ca-certificates | |
EOL | |
docker build $BUILD_TEMP -t ${DOCKER_REGISTRY}/test-repo/jujud-operator:${UPSTREAM_JUJU_TAG} | |
docker push ${DOCKER_REGISTRY}/test-repo/jujud-operator:${UPSTREAM_JUJU_TAG} | |
BUILD_TEMP=$(mktemp -d) | |
cp ~/certs/ca.crt $BUILD_TEMP/ | |
cat >$BUILD_TEMP/Dockerfile <<EOL | |
FROM jujusolutions/jujud-operator:${CURRENT_STABLE_JUJU_TAG} | |
COPY ca.crt /usr/local/share/ca-certificates/ca.crt | |
RUN update-ca-certificates | |
EOL | |
docker build $BUILD_TEMP -t ${DOCKER_REGISTRY}/test-repo/jujud-operator:${CURRENT_STABLE_JUJU_TAG} | |
docker push ${DOCKER_REGISTRY}/test-repo/jujud-operator:${CURRENT_STABLE_JUJU_TAG} | |
- name: Preflight | |
if: env.RUN_TEST == 'RUN' | |
shell: bash | |
run: | | |
set -euxo pipefail | |
juju status | |
juju version | |
- name: Test upgrade controller | |
if: env.RUN_TEST == 'RUN' | |
shell: bash | |
env: | |
UPSTREAM_JUJU_TAG: ${{ steps.vars.outputs.upstream-juju-version }} | |
CURRENT_STABLE_JUJU_TAG: ${{ steps.vars.outputs.current-stable-juju-version }} | |
run: | | |
set -euxo pipefail | |
OUTPUT=$(juju upgrade-controller --debug ${UPGRADE_FLAGS_${{ matrix.model_type }}}) | |
if [[ $OUTPUT == 'no upgrades available' ]]; then | |
exit 1 | |
fi | |
.github/verify-agent-version.sh ${UPSTREAM_JUJU_TAG} | |
PANIC=$(juju debug-log --replay --no-tail -m controller | grep "panic" || true) | |
if [ "$PANIC" != "" ]; then | |
echo "Panic found:" | |
juju debug-log --replay --no-tail -m controller | |
exit 1 | |
fi | |
.github/verify-${CHARM_${{ matrix.model_type }}}.sh 30 | |
- name: Test upgrade model | |
if: env.RUN_TEST == 'RUN' | |
shell: bash | |
env: | |
UPSTREAM_JUJU_TAG: ${{ steps.vars.outputs.upstream-juju-version }} | |
run: | | |
set -euxo pipefail | |
while true; do | |
juju upgrade-model 2>&1 | tee output.log || true | |
RES=$(cat output.log | grep "upgrade in progress" || echo "NOT-UPGRADING") | |
if [ "$RES" = "NOT-UPGRADING" ]; then | |
break | |
fi | |
done | |
attempt=0 | |
while true; do | |
UPDATED=$((juju show-model m --format=json || echo "") | jq -r '.m."agent-version"') | |
if [[ $UPDATED == $UPSTREAM_JUJU_TAG* ]]; then | |
break | |
fi | |
sleep 10 | |
attempt=$((attempt+1)) | |
if [ "$attempt" -eq 48 ]; then | |
echo "Upgrade model timed out" | |
exit 1 | |
fi | |
done | |
PANIC=$(juju debug-log --replay --no-tail | grep "panic" || true) | |
if [ "$PANIC" != "" ]; then | |
echo "Panic found:" | |
juju debug-log --replay --no-tail | |
exit 1 | |
fi | |
.github/verify-${CHARM_${{ matrix.model_type }}}.sh 30 | |
- name: Wrap up | |
if: env.RUN_TEST == 'RUN' | |
run: | | |
set -euxo pipefail | |
juju version | |
juju status | |
sg snap_microk8s "microk8s kubectl get all -A" || true | |
lxc ls || true |