Skip to content

ci: use a wildcard subdomain for PR deployments #8801

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 27 commits into from
Aug 1, 2023
Merged

ci: use a wildcard subdomain for PR deployments #8801

merged 27 commits into from
Aug 1, 2023

Conversation

matifali
Copy link
Member

@matifali matifali commented Jul 30, 2023
edited
Loading

Wildcard apps now work as expected.
image
We were hitting letsencrypt rate limits for certs because of deleting and recreating certs with each deployment. I tried to fix that by creating certificates in a shared namespace and copying them to the PR namespace.

@matifali matifali requested a review from bpmct July 30, 2023 05:58
@matifali matifali marked this pull request as ready for review July 30, 2023 06:05
@matifali matifali marked this pull request as draft July 30, 2023 19:46
@matifali matifali marked this pull request as ready for review July 31, 2023 06:29
@matifali
Copy link
Member Author

matifali commented Aug 1, 2023

/deploy-pr --skip-build --experiments *, single_tailnet

@github-actions
Copy link

github-actions bot commented Aug 1, 2023
edited
Loading

✔️ Deployed PR 8801 successfully.
🚀 Access the deployment link here.
⚠️ This deployment will be deleted when the PR is closed.

@matifali matifali requested a review from BrunoQuaresma August 1, 2023 04:25
@matifali matifali enabled auto-merge (squash) August 1, 2023 04:26
@matifali matifali requested a review from johnstcn August 1, 2023 10:49
johnstcn
johnstcn approved these changes Aug 1, 2023
View reviewed changes
Copy link
Member

@johnstcn johnstcn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks fine to me, but we will need to be careful of LetsEncrypt rate limits. If we run into further issues we may need to look into using self-signed certificates.

@matifali matifali merged commit 6a12912 into main Aug 1, 2023
@matifali matifali deleted the use-wildcard-domain branch August 1, 2023 11:02
@github-actions github-actions bot locked and limited conversation to collaborators Aug 1, 2023
@matifali
Copy link
Member Author

matifali commented Aug 1, 2023

The letsencrypt is 50 certs per domain per week. Now we have a different domain for each PR and are preserving the certificates by creating them in a shared namespace to avoid recreating them if one already exists.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@johnstcn johnstcn johnstcn approved these changes

@bpmct bpmct Awaiting requested review from bpmct

@BrunoQuaresma BrunoQuaresma Awaiting requested review from BrunoQuaresma

Assignees

@matifali matifali

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@matifali @johnstcn