Skip to content

ci: use a wildcard subdomain for PR deployments #8801

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 27 commits into from
Aug 1, 2023
Merged

ci: use a wildcard subdomain for PR deployments #8801

Changes from 1 commit
Commits
Show all changes
27 commits
Select commit Hold shift + click to select a range
0f00e25
wip
matifali Jul 27, 2023
0093621
fmt
matifali Jul 30, 2023
f3f6669
fix binary path
matifali Jul 30, 2023
198c429
fix
matifali Jul 30, 2023
6bd5c80
fix info in slack notification
matifali Jul 30, 2023
27f37ce
run in subshell
matifali Jul 30, 2023
41c9d70
fix credentials output
matifali Jul 30, 2023
e76c683
change username
matifali Jul 30, 2023
2e74a83
Merge branch 'main' into use-wildcard-domain
matifali Jul 30, 2023
67858e4
Update pr-cleanup.yaml
matifali Jul 30, 2023
e526434
Typo
matifali Jul 30, 2023
1fbf9ff
use subshells
matifali Jul 30, 2023
5ed660e
allow custom experiments
matifali Jul 30, 2023
b1e9663
handle extra experiments
matifali Jul 30, 2023
382ecca
handle concurrency
matifali Jul 30, 2023
7ad2857
update
matifali Jul 30, 2023
81cf4c3
fixup
matifali Jul 30, 2023
48d8871
add experiments flag
matifali Jul 30, 2023
af9b588
wip
matifali Jul 30, 2023
bc881dc
use coder ingress
matifali Jul 31, 2023
dac8997
fix EOF
matifali Jul 31, 2023
c9daeaf
fix lint
matifali Jul 31, 2023
8192128
double quotes
matifali Jul 31, 2023
3e6d936
store secret in a shared namespace
matifali Aug 1, 2023
5ade8b7
sanitize secret
matifali Aug 1, 2023
176a78d
use subshell
matifali Aug 1, 2023
86f22d1
url encoding
matifali Aug 1, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
wip
  • Loading branch information
@matifali
matifali committed Jul 30, 2023
commit af9b588d4bd20370bcaf4cafebf5f8e8f90b5a09
39 changes: 35 additions & 4 deletions .github/workflows/pr-deploy.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -184,16 +184,39 @@ jobs:
kubectl delete namespace "pr${{ env.PR_NUMBER }}" || true
kubectl create namespace "pr${{ env.PR_NUMBER }}"

- name: Check and Create Certificate
run: |
# Using kubectl to check if a Certificate resource already exists
# we are doing this to avoid letsenrypt rate limits
if ! kubectl get certificate pr${{ env.PR_NUMBER }}-tls -n pr${{ env.PR_NUMBER }} > /dev/null 2>&1; then
echo "Certificate doesn't exist. Creating a new one."
cat <<EOF | kubectl apply -f -
apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
name: pr${{ env.PR_NUMBER }}-tls
namespace: pr${{ env.PR_NUMBER }}
spec:
secretName: pr${{ env.PR_NUMBER }}-tls
issuerRef:
name: letsencrypt
kind: ClusterIssuer
dnsNames:
- "${{ env.PR_DEPLOYMENT_ACCESS_URL }}"
- "*.${{ env.PR_DEPLOYMENT_ACCESS_URL }}"
EOF
else
echo "Certificate exists."
fi

- name: Setup ingress
run: |
cat <<EOF > ingress.yaml
cat <<EOF > kubectl apply -f -
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: pr${{ env.PR_NUMBER }}
namespace: pr${{ env.PR_NUMBER }}
annotations:
cert-manager.io/cluster-issuer: letsencrypt
spec:
tls:
- hosts:
Expand Down Expand Up @@ -222,7 +245,6 @@ jobs:
port:
number: 80
EOF
kubectl apply -f ingress.yaml

- name: Set up PostgreSQL database
run: |
Expand Down Expand Up @@ -257,6 +279,15 @@ jobs:
pullPolicy: Always
service:
type: ClusterIP
ingress:
enable: true
className: traefik
host: ${{ env.PR_DEPLOYMENT_ACCESS_URL }}
wildcardHost: "*.${{ env.PR_DEPLOYMENT_ACCESS_URL }}"
tls:
enable: true
secretName: pr${{ env.PR_NUMBER }}-tls
wildcardSecretName: pr${{ env.PR_NUMBER }}-tls
env:
- name: "CODER_ACCESS_URL"
value: "https://${{ env.PR_DEPLOYMENT_ACCESS_URL }}"
Expand Down