From 1f90d898c8bea267ec63ae9b34607b5f1d1c7bfd Mon Sep 17 00:00:00 2001 From: Caner Derici Date: Fri, 22 Sep 2023 10:11:01 -0600 Subject: [PATCH] Add workflow to use loadbalancer tunnel to juju controller on k8s This is doing preciely the same scenario that's explained in https://discourse.charmhub.io/t/a-generic-way-to-communicate-with-a-juju-controller-on-a-k8s-cluster-with-the-juju-terraform-provider/10967 --- .github/workflows/k8s_tunnel.yml | 132 +++++++++++++++++++++++++++++++ 1 file changed, 132 insertions(+) create mode 100644 .github/workflows/k8s_tunnel.yml diff --git a/.github/workflows/k8s_tunnel.yml b/.github/workflows/k8s_tunnel.yml new file mode 100644 index 00000000..16fd6906 --- /dev/null +++ b/.github/workflows/k8s_tunnel.yml @@ -0,0 +1,132 @@ +name: Tunnel to Juju controller via load balancer on k8s + +on: + pull_request: + paths-ignore: + - "README.md" + - "project-docs/**" + push: + branches: + - "main" + paths-ignore: + - "README.md" + - "project-docs/**" + +# Testing only needs permissions to read the repository contents. +permissions: + contents: read + +jobs: + # Ensure project builds before running testing matrix + build: + name: Build + runs-on: ubuntu-latest + timeout-minutes: 5 + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v4 + - run: go build -v . + + # Run acceptance tests in a matrix with Terraform CLI versions + add-machine-test: + name: Add Machine + needs: build + runs-on: ubuntu-latest + env: + ACTIONS_ALLOW_IPV6: false + strategy: + fail-fast: false + matrix: + # Only on lxd + cloud: + - "microk8s" + terraform: + - "1.5.*" + timeout-minutes: 60 + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v4 + with: + go-version-file: "go.mod" + cache: true + # set up terraform + - uses: hashicorp/setup-terraform@v2 + with: + terraform_version: ${{ matrix.terraform }} + terraform_wrapper: false + # set up snap, lxd, tox, Juju, bootstrap a controller, etc. + - name: Setup operator environment + uses: charmed-kubernetes/actions-operator@main + with: + provider: ${{ matrix.cloud }} + juju-channel: 2.9/stable + - name: "Set environment to configure provider" + # language=bash + run: | + CONTROLLER=$(juju whoami --format yaml | yq .controller) + + echo "JUJU_CONTROLLER_ADDRESSES=$(juju show-controller | yq .$CONTROLLER.details.api-endpoints | yq -r '. | join(",")')" >> $GITHUB_ENV + echo "JUJU_USERNAME=$(juju show-controller | yq .$CONTROLLER.account.user)" >> $GITHUB_ENV + echo "JUJU_PASSWORD=$(cat ~/.local/share/juju/accounts.yaml | yq .controllers.$CONTROLLER.password)" >> $GITHUB_ENV + echo "JUJU_CA_CERT<> $GITHUB_ENV + juju show-controller | yq .$CONTROLLER.details.ca-cert >> $GITHUB_ENV + echo "EOF" >> $GITHUB_ENV + - run: go mod download + - run: | + # enable ingress and metallb to + sudo microk8s enable ingress + sudo microk8s enable metallb + + # get the service layout + microk8s.kubectl get services -n controller-$CONTROLLER controller-service + + # bring up the load balancer service + microk8s.kubectl apply -f - < ./terraform_config.tf + provider "juju" { + controller_addresses = \$LB_IP + username = \$JUJU_USERNAME + password = \$JUJU_PASSWORD + ca_certificate = \$JUJU_CA_CERT + } + + resource "juju_model" "testmodel" { + name = "test-model" + } + + resource "juju_application" "testapp" { + name = "ubuntu" + model = juju_model.testmodel.name + + charm { + name = "ubuntu" + } + } + EOF + + terraform init && terraform plan && terraform apply --auto-approve +