-
Notifications
You must be signed in to change notification settings - Fork 1
132 lines (111 loc) · 3.93 KB
/
azure-kubernetes-service-end-to-end.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
name: MATLAB Production Server AKS E2E Test
on:
workflow_dispatch:
schedule:
- cron: '0 18 * * 4'
env:
RESOURCE_GROUP: "esteiner-cicd"
# AKS parameters
CLUSTER_NAME: "esteiner-aks"
DNS_PREFIX: "mpstest"
LINUX_ADMIN: "azureuser"
CHART_PATH: "releases/R2023b/matlab-prodserver"
CHART_OVERRIDE_PATH: "values-overrides.yaml"
CONTAINER_REGISTRY: "containers.mathworks.com"
MATLAB_PRODSERVER: "matlab-production-server:latest"
# MATLAB_RUNTIME: "matlab-runtime:latest"
jobs:
deploy-azure-resources:
permissions:
id-token: write
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Azure login
uses: azure/login@v1.4.6
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: Create AKS Cluster
uses: azure/CLI@v1
with:
inlineScript: |
az group list
az deployment group create --resource-group ${{ env.RESOURCE_GROUP }} \
--template-file deployments/aks.bicep --parameters \
clusterName=${{ env.CLUSTER_NAME }} dnsPrefix=${{ env.DNS_PREFIX }} \
linuxAdminUsername=${{ env.LINUX_ADMIN }} sshRSAPublicKey=${{ secrets.SSH_RSA_PUBLIC_KEY }}
deploy-helm-chart:
permissions:
actions: read
contents: read
id-token: write
runs-on: ubuntu-latest
needs: [deploy-azure-resources]
steps:
- uses: actions/checkout@v3
- name: Azure login
uses: azure/login@v1.4.6
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
# Use kubelogin to configure your kubeconfig for Azure auth
- name: Set up kubelogin for non-interactive login
uses: azure/use-kubelogin@v1
with:
kubelogin-version: 'v0.0.25'
# Retrieves your Azure Kubernetes Service cluster's kubeconfig file
- name: Get K8s context
uses: azure/aks-set-context@v3
with:
resource-group: ${{ env.RESOURCE_GROUP }}
cluster-name: ${{ env.CLUSTER_NAME }}
admin: 'false'
use-kubelogin: 'true'
# Create K8s secret for license info
- name: Create license secret
run: |
kubectl delete secret/license --ignore-not-found
kubectl create secret generic license --from-literal=license=${{ secrets.LICENSE }}
# Runs Helm to create manifest files
- name: Bake deployment
uses: azure/k8s-bake@v2
with:
renderEngine: "helm"
helmChart: ${{ env.CHART_PATH }}
overrideFiles: ${{ env.CHART_OVERRIDE_PATH }}
overrides: |
global.agreeToLicense:Yes
global.licenseServer:${{ secrets.LICENSE_SERVER }}
deploymentSettings.cpuRequest:250m
helm-version: "latest"
id: bake
# Deploys application based on manifest files from previous step
- name: Deploy application
uses: azure/k8s-deploy@v4
with:
action: deploy
manifests: ${{ steps.bake.outputs.manifestsBundle }}
images: |
${{ env.CONTAINER_REGISTRY }}/${{ env.MATLAB_PRODSERVER }}
- name: Test application
run: |
kubectl wait pods -l app=mps --for condition=Ready --timeout=180s && kubectl get pods -l app=mps
kubectl port-forward svc/matlab-production-server 9910:9910 &
sleep 2 && curl localhost:9910/api/metrics
delete-azure-resources:
permissions:
id-token: write
runs-on: ubuntu-latest
if: ${{ always() }}
needs: [deploy-azure-resources, deploy-helm-chart]
steps:
- name: Azure login
uses: azure/login@v1.4.6
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: Delete AKS Cluster
uses: azure/CLI@v1
with:
inlineScript: |
az group list
az aks delete --resource-group ${{ env.RESOURCE_GROUP }} \
--name ${{ env.CLUSTER_NAME }} --yes --no-wait