Skip to content

Commit 2f65d05

Browse files
matifalipull[bot]
matifali
authored and
pull[bot]
committed
chore: improve PR deployments (#15430)
1 parent 69d9c66 commit 2f65d05

File tree

2 files changed

+27
-14
lines changed

2 files changed

+27
-14
lines changed

.github/workflows/ci.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -211,7 +211,7 @@ jobs:
211211
212212
- name: Check workflow files
213213
run: |
214-
bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash) 1.6.22
214+
bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash) 1.7.4
215215
./actionlint -color -shellcheck= -ignore "set-output"
216216
shell: bash
217217

.github/workflows/pr-deploy.yaml

Lines changed: 26 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -110,7 +110,7 @@ jobs:
110110
set -euo pipefail
111111
mkdir -p ~/.kube
112112
echo "${{ secrets.PR_DEPLOYMENTS_KUBECONFIG_BASE64 }}" | base64 --decode > ~/.kube/config
113-
chmod 644 ~/.kube/config
113+
chmod 600 ~/.kube/config
114114
export KUBECONFIG=~/.kube/config
115115
116116
- name: Check if the helm deployment already exists
@@ -284,7 +284,7 @@ jobs:
284284
set -euo pipefail
285285
mkdir -p ~/.kube
286286
echo "${{ secrets.PR_DEPLOYMENTS_KUBECONFIG_BASE64 }}" | base64 --decode > ~/.kube/config
287-
chmod 644 ~/.kube/config
287+
chmod 600 ~/.kube/config
288288
export KUBECONFIG=~/.kube/config
289289
290290
- name: Check if image exists
@@ -421,14 +421,14 @@ jobs:
421421
"${DEST}" version
422422
mv "${DEST}" /usr/local/bin/coder
423423
424-
- name: Create first user, template and workspace
424+
- name: Create first user
425425
if: needs.get_info.outputs.NEW == 'true' || github.event.inputs.deploy == 'true'
426426
id: setup_deployment
427+
env:
428+
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
427429
run: |
428430
set -euo pipefail
429431
430-
# Create first user
431-
432432
# create a masked random password 12 characters long
433433
password=$(openssl rand -base64 16 | tr -d "=+/" | cut -c1-12)
434434
@@ -437,20 +437,22 @@ jobs:
437437
echo "password=$password" >> $GITHUB_OUTPUT
438438
439439
coder login \
440-
--first-user-username coder \
440+
--first-user-username pr${{ env.PR_NUMBER }}-admin \
441441
--first-user-email pr${{ env.PR_NUMBER }}@coder.com \
442442
--first-user-password $password \
443443
--first-user-trial=false \
444444
--use-token-as-session \
445445
https://${{ env.PR_HOSTNAME }}
446446
447-
# Create template
448-
cd ./.github/pr-deployments/template
449-
coder templates push -y --variable namespace=pr${{ env.PR_NUMBER }} kubernetes
447+
# Create a user for the github.actor
448+
# TODO: update once https://github.com/coder/coder/issues/15466 is resolved
449+
# coder users create \
450+
# --username ${{ github.actor }} \
451+
# --login-type github
450452
451-
# Create workspace
452-
coder create --template="kubernetes" kube --parameter cpu=2 --parameter memory=4 --parameter home_disk_size=2 -y
453-
coder stop kube -y
453+
# promote the user to admin role
454+
# coder org members edit-role ${{ github.actor }} organization-admin
455+
# TODO: update once https://github.com/coder/internal/issues/207 is resolved
454456
455457
- name: Send Slack notification
456458
if: needs.get_info.outputs.NEW == 'true' || github.event.inputs.deploy == 'true'
@@ -462,7 +464,7 @@ jobs:
462464
"pr_url": "'"${{ env.PR_URL }}"'",
463465
"pr_title": "'"${{ env.PR_TITLE }}"'",
464466
"pr_access_url": "'"https://${{ env.PR_HOSTNAME }}"'",
465-
"pr_username": "'"test"'",
467+
"pr_username": "'"pr${{ env.PR_NUMBER }}-admin"'",
466468
"pr_email": "'"pr${{ env.PR_NUMBER }}@coder.com"'",
467469
"pr_password": "'"${{ steps.setup_deployment.outputs.password }}"'",
468470
"pr_actor": "'"${{ github.actor }}"'"
@@ -495,3 +497,14 @@ jobs:
495497
cc: @${{ github.actor }}
496498
reactions: rocket
497499
reactions-edit-mode: replace
500+
501+
- name: Create template and workspace
502+
if: needs.get_info.outputs.NEW == 'true' || github.event.inputs.deploy == 'true'
503+
run: |
504+
set -euo pipefail
505+
cd .github/pr-deployments/template
506+
coder templates push -y --variable namespace=pr${{ env.PR_NUMBER }} kubernetes
507+
508+
# Create workspace
509+
coder create --template="kubernetes" kube --parameter cpu=2 --parameter memory=4 --parameter home_disk_size=2 -y
510+
coder stop kube -y

0 commit comments

Comments
 (0)