(jc-operator) Jcloud operator manual deployment

(jc-operator) Jcloud operator manual deployment #526

Workflow file for this run

.github/workflows/operator-manual-deploy-pipeline.yml at e58f9bb

	name: "(jc-operator) Jcloud operator manual deployment"

	on:
	workflow_dispatch:
	inputs:
	branch:
	description: Pass the jina-operator branch
	required: true
	default: main
	deploy_token:
	description: Deploy Token
	default: ""
	required: true
	environment:
	type: choice
	description: Deploy Environment
	required: true
	options:
	- ci
	- dev
	- prod
	eks_region:
	description: EKS Region
	default: "us-east-1"
	required: true
	workflow_call:
	inputs:
	branch:
	required: true
	type: string
	deploy_token:
	required: true
	type: string
	environment:
	required: true
	type: string
	eks_region:
	required: true
	type: string

	permissions:
	id-token: write # This is required for requesting the JWT
	contents: read # This is required for actions/checkout

	jobs:
	token-check:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/github-script@v3
	with:
	script: \|
	core.setFailed('token are not equivalent!')
	if: github.event.inputs.deploy_token != env.deploy_token
	env:
	deploy_token: ${{ secrets.JCLOUD_DEPLOY_TOKEN }}
	build-operator:
	needs: token-check
	runs-on: ubuntu-latest
	outputs:
	sha: ${{ steps.build_image.outputs.sha }}
	env:
	ENVIRONMENT: ${{ github.event.inputs.environment }}
	steps:
	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v1
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: us-east-1
	- uses: actions/checkout@v3
	with:
	repository: jina-ai/jina-operator
	ref: ${{ github.event.inputs.branch }}
	token: ${{ secrets.JINA_DEV_BOT }}
	- name: Set up Golang 1.19
	uses: actions/setup-go@v3
	with:
	go-version: 1.19
	- name: Run setup script for Operator
	run: \|
	# cd is a hack to work with other branches (remove later)
	if [ -d "$GITHUB_WORKSPACE/operator/config/scripts/setup" ]; then
	cd $GITHUB_WORKSPACE/operator/config/scripts/setup
	go mod tidy
	go run setup.go
	fi
	env:
	MONGO_URI: ${{ secrets.JC_CI_MONGO_URI }}
	if: github.event.inputs.environment != 'prod'
	- name: Set environment variables
	run: \|
	# Short name for current branch. For PRs, use target branch (base ref)
	GIT_BRANCH=${GITHUB_BASE_REF:-${GITHUB_REF#refs/heads/}}
	echo "GIT_BRANCH=$GIT_BRANCH" >> $GITHUB_ENV
	- name: Build Image
	id: build_image
	run: \|
	cd $GITHUB_WORKSPACE
	if [[ $GIT_BRANCH == 'main' ]]; then
	TAG="latest"
	else
	if [[ "${{ github.event.inputs.branch }}" == "" ]]; then
	TAG="${{ env.GIT_BRANCH }}"
	else
	TAG="${{ github.event.inputs.branch }}"
	fi
	fi
	bash ./deployment/scripts/docker-build-push.sh 253352124568.dkr.ecr.us-east-2.amazonaws.com jcloud-operator:${TAG} operator/
	image_fullname=`docker inspect --format='{{index .RepoDigests 0}}' 253352124568.dkr.ecr.us-east-2.amazonaws.com/jcloud-operator:${TAG}`
	sha=`echo ${image_fullname}\|cut -d @ -f 2`
	echo "sha=${sha#sha256:}" >> $GITHUB_OUTPUT
	build-api-manager:
	needs: token-check
	runs-on: ubuntu-latest
	outputs:
	sha: ${{ steps.build_image.outputs.sha }}
	env:
	ENVIRONMENT: ${{ github.event.inputs.environment }}
	steps:
	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v1
	with:
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: us-east-1
	- uses: actions/checkout@v3
	with:
	repository: jina-ai/jina-operator
	ref: ${{ github.event.inputs.branch }}
	token: ${{ secrets.JINA_DEV_BOT }}
	- name: Set up Golang 1.19
	uses: actions/setup-go@v3
	with:
	go-version: 1.19
	- name: Run setup script for API
	run: \|
	# cd is a hack to work with other branches (remove later)
	if [ -d "$GITHUB_WORKSPACE/api/test/scripts" ]; then
	cd $GITHUB_WORKSPACE/api/test/scripts
	go mod tidy
	go run setup.go
	fi
	env:
	MONGO_URI: ${{ secrets.JC_CI_MONGO_URI }}
	if: github.event.inputs.environment != 'prod'
	- name: Set environment variables
	run: \|
	# Short name for current branch. For PRs, use target branch (base ref)
	GIT_BRANCH=${GITHUB_BASE_REF:-${GITHUB_REF#refs/heads/}}
	echo "GIT_BRANCH=$GIT_BRANCH" >> $GITHUB_ENV
	- name: Build Image
	id: build_image
	run: \|
	cd $GITHUB_WORKSPACE
	if [[ $GIT_BRANCH == 'main' ]]; then
	TAG="latest"
	else
	if [[ "${{ github.event.inputs.branch }}" == "" ]]; then
	TAG="${{ env.GIT_BRANCH }}"
	else
	TAG="${{ github.event.inputs.branch }}"
	fi
	fi
	bash ./deployment/scripts/docker-build-push.sh 253352124568.dkr.ecr.us-east-2.amazonaws.com jcloud-api-manager:${TAG} api/
	image_fullname=`docker inspect --format='{{index .RepoDigests 0}}' 253352124568.dkr.ecr.us-east-2.amazonaws.com/jcloud-api-manager:${TAG}`
	sha=`echo ${image_fullname}\|cut -d @ -f 2`
	echo "sha=${sha#sha256:}" >> $GITHUB_OUTPUT
	terraform-deploy:
	runs-on: ubuntu-latest
	if: ${{ github.event.inputs.environment == 'ci' }}
	steps:
	- name: wait for dispatch finish
	shell: bash
	run: \|
	rs=$(curl -H "Authorization: token ${{ secrets.JINA_DEV_BOT }}" \
	https://api.github.com/repos/jina-ai/jina-infra/actions/workflows \
	\|jq ".workflows \|sort_by(.id)[]\| .path=\".github/workflows/jcloud-deploy.yml\""\|jq -n '[inputs][-1]')
	id=$(echo $rs\|jq ".id")
	create_at=$(echo $rs\|jq -r ".created_at")
	if [[ ! -z ${id} ]]; then
	for i in {1..180}
	do
	unfinish_id=$(curl -H "Authorization: token ${{ secrets.JINA_DEV_BOT }}" \
	https://api.github.com/repos/jina-ai/jina-infra/actions/workflows/${id}/runs \
	\|jq ".workflow_runs\|sort_by(.id)[]\|select(.status!=\"completed\")\|.id")
	echo "latest retrive workflow id ${id} status ${unfinish_id}, ${i}"
	if [[ ${#a} -gt 0 ]]; then
	echo "wait for pevious job to finish"
	sleep 6
	if [[ ${i} -eq 180 ]];then
	echo "wait timeout, quit"
	exit 0
	fi
	else
	exit 0
	fi
	done
	fi
	exit 0
	- name: Repository Dispatch
	uses: peter-evans/repository-dispatch@v2
	id: dispatch
	with:
	token: ${{ secrets.JINA_DEV_BOT }}
	repository: jina-ai/jina-infra
	event-type: jcloud-infra-deploy
	client-payload: '{"release_token": "${{ secrets.WOLF_INFRA_TOKEN }}", "env": "ci", "destroy_cluster": "false"}'
	- name: wait for dispatch finish
	shell: bash
	run: \|
	sleep 3
	rs=$(curl -H "Authorization: token ${{ secrets.JINA_DEV_BOT }}" \
	https://api.github.com/repos/jina-ai/jina-infra/actions/workflows \
	\|jq ".workflows \|sort_by(.id)[]\| .path=\".github/workflows/jcloud-deploy.yml\""\|jq -n '[inputs][-1]')
	id=$(echo $rs\|jq ".id")
	create_at=$(echo $rs\|jq -r ".created_at")
	if [[ $(expr $(date +%s) - $(data -d ${create_at} +%s)) -le 60 ]]; then
	if [[ ! -z ${id} ]]; then
	for i in {1..300}
	do
	conclusion=$(curl -H "Authorization: token ${{ secrets.JINA_DEV_BOT }}" \
	https://api.github.com/repos/jina-ai/jina-infra/actions/workflows/${id}/runs \
	\|jq ".workflow_runs\|sort_by(.id)[]"\|jq -nr '[inputs][-1].conclusion')
	echo "latest retrive workflow id ${id} conclusion ${conclusion}, ${i}"
	if [[ ${conclusion} == "success" ]]; then
	exit 0
	elif [[ ${conclusion} == "failure" ]]; then
	echo "job failure"
	exit 1
	fi
	sleep 6
	done
	fi
	fi
	failed to get dispatched job, please check the status of workflow jcloud-deploy.yml in jina-infra repo
	exit 1
	deployment-ci:
	needs: [build-api-manager, build-operator, terraform-deploy]
	runs-on: ubuntu-latest
	if: ${{ github.event.inputs.environment == 'ci' }}
	env:
	ENVIRONMENT: ${{ github.event.inputs.environment }}
	steps:
	- uses: actions/checkout@v3
	with:
	repository: jina-ai/jina-operator
	ref: ${{ github.event.inputs.branch }}
	token: ${{ secrets.JINA_DEV_BOT }}
	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v2
	with:
	role-to-assume: arn:aws:iam::458227521111:role/github-reader-jina-infra
	role-session-name: jinainfraapply
	aws-region: us-east-1
	- name: Get remote state
	uses: dflook/terraform-remote-state@v1
	id: remote-state
	with:
	backend_type: s3
	backend_config: \|
	bucket=jina-infra-terraform-state
	key=jcloud/ci/eks
	region=us-east-1
	- name: Set environment variables
	run: \|
	# Short name for current branch. For PRs, use target branch (base ref)
	GIT_BRANCH=${GITHUB_BASE_REF:-${GITHUB_REF#refs/heads/}}
	echo "GIT_BRANCH=$GIT_BRANCH" >> $GITHUB_ENV
	- name: helm clean
	run: \|
	aws eks update-kubeconfig --region ${{ steps.remote-state.outputs.region }} --name ${{ steps.remote-state.outputs.cluster_name }}
	if helm list -n jcloud \| grep -q jcloud-operator; then
	helm uninstall -n jcloud jcloud-operator
	fi
	kubectl delete -f $GITHUB_WORKSPACE/deployment/charts/jcloud-operator/crds/ \|\| true
	if: github.event.inputs.environment != 'prod'
	- name: "Update Helm Charts Image sha"
	run: \|
	sudo snap install yq
	yq -i ".apimanager.image.sha=\"${{needs.build-api-manager.outputs.sha}}\"" .github/ci/${{ github.event.inputs.environment }}-values.yaml
	yq -i ".operator.image.sha=\"${{needs.build-operator.outputs.sha}}\"" .github/ci/${{ github.event.inputs.environment }}-values.yaml
	cat .github/ci/${{ github.event.inputs.environment }}-values.yaml
	- name: helm deploy
	run: \|
	cd $GITHUB_WORKSPACE
	aws eks update-kubeconfig --region ${{ steps.remote-state.outputs.region }} --name ${{ steps.remote-state.outputs.cluster_name }}
	if [[ -f "$GITHUB_WORKSPACE/api/internals/instances/instances.yml" ]]; then
	set +e
	kubectl get configmap jcloud-instances -n jcloud
	if [[ $? -eq 0 ]]; then
	kubectl delete configmap jcloud-instances -n jcloud
	fi
	kubectl create configmap jcloud-instances --from-file=instances.yml=$GITHUB_WORKSPACE/api/internals/instances/instances.yml -n jcloud
	fi
	set -e
	kubectl apply -f deployment/charts/jcloud-operator/crds/
	if [[ $GIT_BRANCH == 'main' ]]; then
	bash ./deployment/scripts/deploy.sh -r ${{ steps.remote-state.outputs.region }} -n ${{ steps.remote-state.outputs.cluster_name }} \
	-f .github/ci/${{ github.event.inputs.environment }}-values.yaml \
	--registry 253352124568.dkr.ecr.us-east-2.amazonaws.com --tag latest
	else
	if [[ "${{ github.event.inputs.branch }}" == "" ]]; then
	bash ./deployment/scripts/deploy.sh -r ${{ steps.remote-state.outputs.region }} -n ${{ steps.remote-state.outputs.cluster_name }} \
	-f .github/ci/${{ github.event.inputs.environment }}-values.yaml \
	--registry 253352124568.dkr.ecr.us-east-2.amazonaws.com --tag latest
	else
	bash ./deployment/scripts/deploy.sh -r ${{ steps.remote-state.outputs.region }} -n ${{ steps.remote-state.outputs.cluster_name }} \
	-f .github/ci/${{ github.event.inputs.environment }}-values.yaml \
	--registry 253352124568.dkr.ecr.us-east-2.amazonaws.com --tag ${{ github.event.inputs.branch }}
	fi
	fi
	- name: set env
	run: \|
	kubectl set env deploy/jcloud-operator-api-manager -n jcloud MONGO_URI="${{ secrets.JC_CI_MONGO_URI }}" LIST_USER_TOKEN="${{ secrets.LIST_USER_TOKEN }}" JCLOUD_M2M_TOKEN="${{ secrets.JCLOUD_M2M_TOKEN }}"
	kubectl set env deploy/jcloud-operator -n jcloud MONGO_URI="${{ secrets.JC_CI_MONGO_URI }}" JCLOUD_M2M_TOKEN="${{ secrets.JCLOUD_M2M_TOKEN }}"
	deployment:
	needs: [build-api-manager, build-operator]
	runs-on: ubuntu-latest
	if: ${{ github.event.inputs.environment == 'dev' }}
	env:
	ENVIRONMENT: ${{ github.event.inputs.environment }}
	steps:
	- uses: actions/checkout@v3
	with:
	repository: jina-ai/jina-operator
	ref: ${{ github.event.inputs.branch }}
	token: ${{ secrets.JINA_DEV_BOT }}
	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v3
	with:
	role-to-assume: arn:aws:iam::253352124568:role/github-reader-jina-infra
	role-session-name: jinainfraapply
	aws-region: us-east-1
	- name: Get remote state
	uses: dflook/terraform-remote-state@v1
	id: remote-state
	with:
	backend_type: s3
	backend_config: \|
	bucket=jina-terraform-state
	key=jcloud/${{ github.event.inputs.environment }}/eks/${{ github.event.inputs.eks_region }}
	region=us-east-2
	- name: Set environment variables
	run: \|
	# Short name for current branch. For PRs, use target branch (base ref)
	GIT_BRANCH=${GITHUB_BASE_REF:-${GITHUB_REF#refs/heads/}}
	echo "GIT_BRANCH=$GIT_BRANCH" >> $GITHUB_ENV
	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v3
	with:
	role-to-assume: arn:aws:iam::253352124568:role/jcloud-admin-role
	role-session-name: jcloud-deploy
	aws-region: us-east-2
	unset-current-credentials: true
	- name: helm clean
	run: \|
	aws eks update-kubeconfig --region ${{ steps.remote-state.outputs.region }} --name ${{ steps.remote-state.outputs.cluster_name }}
	if helm list -n jcloud \| grep -q jcloud-operator; then
	helm uninstall -n jcloud jcloud-operator
	fi
	kubectl delete -f $GITHUB_WORKSPACE/deployment/charts/jcloud-operator/crds/ \|\| true
	if: github.event.inputs.environment != 'prod'
	- name: "Update Helm Charts Image sha"
	run: \|
	sudo snap install yq
	yq -i ".apimanager.image.sha=\"${{needs.build-api-manager.outputs.sha}}\"" .github/ci/${{ github.event.inputs.environment }}-values.yaml
	yq -i ".operator.image.sha=\"${{needs.build-operator.outputs.sha}}\"" .github/ci/${{ github.event.inputs.environment }}-values.yaml
	cat .github/ci/${{ github.event.inputs.environment }}-values.yaml
	- name: helm deploy
	run: \|
	cd $GITHUB_WORKSPACE
	aws eks update-kubeconfig --region ${{ steps.remote-state.outputs.region }} --name ${{ steps.remote-state.outputs.cluster_name }}
	if [[ -f "$GITHUB_WORKSPACE/api/internals/instances/instances.yml" ]]; then
	set +e
	kubectl get configmap jcloud-instances -n jcloud
	if [[ $? -eq 0 ]]; then
	kubectl delete configmap jcloud-instances -n jcloud
	fi
	kubectl create configmap jcloud-instances --from-file=instances.yml=$GITHUB_WORKSPACE/api/internals/instances/instances.yml -n jcloud
	fi
	set -e
	kubectl apply -f deployment/charts/jcloud-operator/crds/
	if [[ $GIT_BRANCH == 'main' ]]; then
	bash ./deployment/scripts/deploy.sh -r ${{ steps.remote-state.outputs.region }} -n ${{ steps.remote-state.outputs.cluster_name }} \
	-f .github/ci/${{ github.event.inputs.environment }}-values.yaml \
	--registry 253352124568.dkr.ecr.us-east-2.amazonaws.com --tag latest
	else
	if [[ "${{ github.event.inputs.branch }}" == "" ]]; then
	bash ./deployment/scripts/deploy.sh -r ${{ steps.remote-state.outputs.region }} -n ${{ steps.remote-state.outputs.cluster_name }} \
	-f .github/ci/${{ github.event.inputs.environment }}-values.yaml \
	--registry 253352124568.dkr.ecr.us-east-2.amazonaws.com --tag latest
	else
	bash ./deployment/scripts/deploy.sh -r ${{ steps.remote-state.outputs.region }} -n ${{ steps.remote-state.outputs.cluster_name }} \
	-f .github/ci/${{ github.event.inputs.environment }}-values.yaml \
	--registry 253352124568.dkr.ecr.us-east-2.amazonaws.com --tag ${{ github.event.inputs.branch }}
	fi
	fi
	- name: check if certificate exists
	id: check_cert
	if: ${{ github.event.inputs.environment }} == "dev" \|\| ${{ github.event.inputs.environment }} == "prod"
	run: \|
	cert_name=$([[ "${{ github.event.inputs.environment }}" == "prod" ]] && echo "wolf-tls" \|\| echo "wolf-dev-tls" )
	echo "cert=`kubectl get cert -n jcloud $cert_name -o name`" >> $GITHUB_OUTPUT
	- name: deploy certificate
	if: steps.check_cert.outputs.cert == ''
	run: \|
	cert_name=$([[ "${{ github.event.inputs.environment }}" == "prod" ]] && echo "wolf-tls" \|\| echo "wolf-dev-tls" )
	dns_name=$([[ "${{ github.event.inputs.environment }}" == "prod" ]] && echo ".wolf.jina.ai" \|\| echo ".dev.wolf.jina.ai" )
	cat <<EOF \| kubectl apply -f -
	apiVersion: cert-manager.io/v1
	kind: Certificate
	metadata:
	name: $cert_name
	namespace: jcloud
	spec:
	dnsNames:
	- '$dns_name'
	issuerRef:
	group: cert-manager.io
	kind: ClusterIssuer
	name: letsencrypt-$cert_name
	secretName: $cert_name
	usages:
	- digital signature
	- key encipherment
	EOF
	- name: set env
	run: \|
	if [[ ${{ github.event.inputs.environment }} != "prod" ]]; then
	kubectl set env deploy/jcloud-operator-api-manager -n jcloud MONGO_URI="${{ secrets.JC_CI_MONGO_URI }}" LIST_USER_TOKEN="${{ secrets.LIST_USER_TOKEN }}" JCLOUD_M2M_TOKEN="${{ secrets.JCLOUD_M2M_TOKEN }}"
	kubectl set env deploy/flow-jcloud-operator -n jcloud MONGO_URI="${{ secrets.JC_CI_MONGO_URI }}" JCLOUD_M2M_TOKEN="${{ secrets.JCLOUD_M2M_TOKEN }}"
	kubectl set env deploy/deployment-jcloud-operator -n jcloud MONGO_URI="${{ secrets.JC_CI_MONGO_URI }}" JCLOUD_M2M_TOKEN="${{ secrets.JCLOUD_M2M_TOKEN }}"
	else
	kubectl set env deploy/jcloud-operator-api-manager -n jcloud MONGO_URI="${{ secrets.PROD_MONGO_URI }}" LIST_USER_TOKEN="${{ secrets.LIST_USER_TOKEN }}" GRAFANA_AUTH_TOKEN="${{ secrets.GRAFANA_AUTH_TOKEN }}" JCLOUD_M2M_TOKEN="${{ secrets.JCLOUD_M2M_TOKEN }}"
	kubectl set env deploy/flow-jcloud-operator -n jcloud MONGO_URI="${{ secrets.PROD_MONGO_URI }}" JCLOUD_M2M_TOKEN="${{ secrets.JCLOUD_M2M_TOKEN }}"
	kubectl set env deploy/deployment-jcloud-operator -n jcloud MONGO_URI="${{ secrets.PROD_MONGO_URI }}" JCLOUD_M2M_TOKEN="${{ secrets.JCLOUD_M2M_TOKEN }}"
	fi
	deployment-prod:
	needs: [build-api-manager, build-operator]
	runs-on: ubuntu-latest
	if: ${{ github.event.inputs.environment == 'prod' }}
	env:
	ENVIRONMENT: ${{ github.event.inputs.environment }}
	steps:
	- uses: actions/checkout@v3
	with:
	repository: jina-ai/jina-operator
	ref: ${{ github.event.inputs.branch }}
	token: ${{ secrets.JINA_DEV_BOT }}
	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v2
	with:
	role-to-assume: arn:aws:iam::317254068723:role/github-reader-jina-infra
	role-session-name: jinainfraapply
	aws-region: us-east-1
	- name: Get remote state
	uses: dflook/terraform-remote-state@v1
	id: remote-state
	with:
	backend_type: s3
	backend_config: \|
	bucket=jcloud-prod-infra-terraform-state
	key=jcloud/prod/eks/us-east-1
	region=us-east-1
	- name: Set environment variables
	run: \|
	# Short name for current branch. For PRs, use target branch (base ref)
	GIT_BRANCH=${GITHUB_BASE_REF:-${GITHUB_REF#refs/heads/}}
	echo "GIT_BRANCH=$GIT_BRANCH" >> $GITHUB_ENV
	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v2
	with:
	role-to-assume: arn:aws:iam::317254068723:role/jcloud-admin-role
	unset-current-credentials: true
	role-session-name: jcloud-deploy
	aws-region: us-east-1
	- name: helm clean
	run: \|
	aws eks update-kubeconfig --region ${{ steps.remote-state.outputs.region }} --name ${{ steps.remote-state.outputs.cluster_name }}
	if helm list -n jcloud \| grep -q jcloud-operator; then
	helm uninstall -n jcloud jcloud-operator
	fi
	kubectl delete -f $GITHUB_WORKSPACE/deployment/charts/jcloud-operator/crds/ \|\| true
	if: github.event.inputs.environment != 'prod'
	- name: "Update Helm Charts Image sha"
	run: \|
	sudo snap install yq
	yq -i ".apimanager.image.sha=\"${{needs.build-api-manager.outputs.sha}}\"" .github/ci/${{ github.event.inputs.environment }}-values.yaml
	yq -i ".operator.image.sha=\"${{needs.build-operator.outputs.sha}}\"" .github/ci/${{ github.event.inputs.environment }}-values.yaml
	cat .github/ci/${{ github.event.inputs.environment }}-values.yaml
	- name: helm deploy
	run: \|
	cd $GITHUB_WORKSPACE
	aws eks update-kubeconfig --region ${{ steps.remote-state.outputs.region }} --name ${{ steps.remote-state.outputs.cluster_name }}
	if [[ -f "$GITHUB_WORKSPACE/api/internals/instances/instances.yml" ]]; then
	set +e
	kubectl get configmap jcloud-instances -n jcloud
	if [[ $? -eq 0 ]]; then
	kubectl delete configmap jcloud-instances -n jcloud
	fi
	kubectl create configmap jcloud-instances --from-file=instances.yml=$GITHUB_WORKSPACE/api/internals/instances/instances.yml -n jcloud
	fi
	set -e
	kubectl apply -f deployment/charts/jcloud-operator/crds/
	if [[ $GIT_BRANCH == 'main' ]]; then
	bash ./deployment/scripts/deploy.sh -r ${{ steps.remote-state.outputs.region }} -n ${{ steps.remote-state.outputs.cluster_name }} \
	-f .github/ci/${{ github.event.inputs.environment }}-values.yaml \
	--registry 253352124568.dkr.ecr.us-east-2.amazonaws.com --tag latest
	else
	if [[ "${{ github.event.inputs.branch }}" == "" ]]; then
	bash ./deployment/scripts/deploy.sh -r ${{ steps.remote-state.outputs.region }} -n ${{ steps.remote-state.outputs.cluster_name }} \
	-f .github/ci/${{ github.event.inputs.environment }}-values.yaml \
	--registry 253352124568.dkr.ecr.us-east-2.amazonaws.com --tag latest
	else
	bash ./deployment/scripts/deploy.sh -r ${{ steps.remote-state.outputs.region }} -n ${{ steps.remote-state.outputs.cluster_name }} \
	-f .github/ci/${{ github.event.inputs.environment }}-values.yaml \
	--registry 253352124568.dkr.ecr.us-east-2.amazonaws.com --tag ${{ github.event.inputs.branch }}
	fi
	fi
	- name: check if certificate exists
	id: check_cert
	if: ${{ github.event.inputs.environment }} == "dev" \|\| ${{ github.event.inputs.environment }} == "prod"
	run: \|
	cert_name=$([[ "${{ github.event.inputs.environment }}" == "prod" ]] && echo "wolf-tls" \|\| echo "wolf-dev-tls" )
	echo "cert=`kubectl get cert -n jcloud $cert_name -o name`" >> $GITHUB_OUTPUT
	- name: deploy certificate
	if: steps.check_cert.outputs.cert == ''
	run: \|
	cert_name=$([[ "${{ github.event.inputs.environment }}" == "prod" ]] && echo "wolf-tls" \|\| echo "wolf-dev-tls" )
	dns_name=$([[ "${{ github.event.inputs.environment }}" == "prod" ]] && echo ".wolf.jina.ai" \|\| echo ".dev.wolf.jina.ai" )
	cat <<EOF \| kubectl apply -f -
	apiVersion: cert-manager.io/v1
	kind: Certificate
	metadata:
	name: $cert_name
	namespace: jcloud
	spec:
	dnsNames:
	- '$dns_name'
	issuerRef:
	group: cert-manager.io
	kind: ClusterIssuer
	name: letsencrypt-$cert_name
	secretName: $cert_name
	usages:
	- digital signature
	- key encipherment
	EOF
	- name: set env
	run: \|
	if [[ ${{ github.event.inputs.environment }} != "prod" ]]; then
	kubectl set env deploy/jcloud-operator-api-manager -n jcloud MONGO_URI="${{ secrets.JC_CI_MONGO_URI }}" LIST_USER_TOKEN="${{ secrets.LIST_USER_TOKEN }}" JCLOUD_M2M_TOKEN="${{ secrets.JCLOUD_M2M_TOKEN }}"
	kubectl set env deploy/flow-jcloud-operator -n jcloud MONGO_URI="${{ secrets.JC_CI_MONGO_URI }}" JCLOUD_M2M_TOKEN="${{ secrets.JCLOUD_M2M_TOKEN }}"
	kubectl set env deploy/deployment-jcloud-operator -n jcloud MONGO_URI="${{ secrets.JC_CI_MONGO_URI }}" JCLOUD_M2M_TOKEN="${{ secrets.JCLOUD_M2M_TOKEN }}"
	else
	kubectl set env deploy/jcloud-operator-api-manager -n jcloud MONGO_URI="${{ secrets.PROD_MONGO_URI }}" LIST_USER_TOKEN="${{ secrets.LIST_USER_TOKEN }}" GRAFANA_AUTH_TOKEN="${{ secrets.GRAFANA_AUTH_TOKEN }}" JCLOUD_M2M_TOKEN="${{ secrets.JCLOUD_M2M_TOKEN }}"
	kubectl set env deploy/flow-jcloud-operator -n jcloud MONGO_URI="${{ secrets.PROD_MONGO_URI }}" JCLOUD_M2M_TOKEN="${{ secrets.JCLOUD_M2M_TOKEN }}"
	kubectl set env deploy/deployment-jcloud-operator -n jcloud MONGO_URI="${{ secrets.PROD_MONGO_URI }}" JCLOUD_M2M_TOKEN="${{ secrets.JCLOUD_M2M_TOKEN }}"
	fi

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

(jc-operator) Jcloud operator manual deployment #526

Workflow file

(jc-operator) Jcloud operator manual deployment #526

Jobs

Run details

Workflow file for this run