Skip to content

Commit

Permalink
Actions (#14)
Browse files Browse the repository at this point in the history 
* refactor Github workflows and actions

* wrap secrets and env variables in {raw} tags

* wrap inputs variables in {raw} tags

* wrap secrets and env variables in {raw} tags

* wrap inputs variables in {raw} tags

* wrap inputs variables in {raw} tags

* bump versions
  • Loading branch information
@lpm0073
lpm0073 authored Jun 7, 2022
1 parent 7634c27 commit d434d45
Show file tree
Hide file tree
Showing 10 changed files with 367 additions and 885 deletions.
83 changes: 83 additions & 0 deletions {{cookiecutter.github_repo_name}}/.github/actions/tutor/k8s/deploy/action.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,83 @@
#------------------------------------------------------------------------------
# written by: mcdaniel
# date: june-2022
#
#------------------------------------------------------------------------------
name: Deploy Open edX to Kubernetes
branding:
icon: 'cloud'
color: 'orange'
inputs:
environment-id:
description: 'The Open edX platform environment. Examples: prod, qa, dev'
required: true
type: string
namespace:
description: 'The Kubernetes namesapce to which the Open edX platform environment will be deployed. Example: openedx-prod'
required: true
type: string

runs:
using: "composite"
steps:
# ---------------------------------------------------------------------------------
# Configure k8s add-on resources
#
# note that the Kubernetes additional config data is locally
# stored in ci/tutor-deploy/environments/prod/k8s/
# in Kubernetes manifest yaml format
# ---------------------------------------------------------------------------------
- name: Create Kubernetes add-on resources
shell: bash
run: |-
# Create kubernetes ingress and other environment resources
kubectl apply -f "ci/tutor-deploy/environments/{% raw %}${{ inputs.environment-id }}{% endraw %}/k8s"
#------------------------------------------------------------------------
# IV. Merge all of the configuration data into Tutor's Open edX
# configuration files: config.yml, lms.env.json, cms.env.json
#
# In this step we're combining three sources of data:
# 1. sensitive configuration data retrieved from Kubernetes secrets in section II above
# 2. Open edx application and services configuration data created here in section III
# 3. LMS and CMS application configuration data stored in our repo at ci/tutor-deploy/environments/prod/settings_merge.json
#------------------------------------------------------------------------
- name: Patch Generated Configuration (Static)
shell: bash
run: |-
echo "config.yml full path: $(tutor config printroot)/config.yml"
cat "$(tutor config printroot)/config.yml"
echo ""
echo ""
cd $(tutor config printroot)/env/apps/openedx/config/
mv lms.env.json lms.env.json.orig
jq -s '.[0] * .[1]' lms.env.json.orig "$GITHUB_WORKSPACE/ci/tutor-deploy/environments/{% raw %}${{ inputs.environment-id }}{% endraw %}/settings_merge.json" > lms.env.json
echo 'Tutor lms.env.json contents:'
cat lms.env.json
echo ""
echo ""
mv cms.env.json cms.env.json.orig
jq -s '.[0] * .[1]' cms.env.json.orig "$GITHUB_WORKSPACE/ci/tutor-deploy/environments/{% raw %}${{ inputs.environment-id }}{% endraw %}/settings_merge.json" > cms.env.json
rm *orig
echo 'Tutor cms.env.json contents:'
cat cms.env.json
echo ""
echo ""
#------------------------------------------------------------------------
# V. Deploy Open edX
#------------------------------------------------------------------------
- name: Deploy Tutor
shell: bash
run: |-
tutor k8s start
- name: Run tutor init
shell: bash
run: |-
tutor k8s init
78 changes: 78 additions & 0 deletions {{cookiecutter.github_repo_name}}/.github/workflows/build.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
#------------------------------------------------------------------------------
# written by: mcdaniel
# date: june-2022
#
# usage: top-level workflow. Initiated manually from Github Actions console page
# Builds all Docker containers.
#------------------------------------------------------------------------------
name: Build Containers

on:
workflow_dispatch:

jobs:
deploy:
runs-on: ubuntu-latest
env:
ENABLE_BACKUP: true
ENABLE_CREDENTIALS: true
ENABLE_MFE: true

SUBDOMAIN: {{ cookiecutter.environment_subdomain }}
DOMAIN_NAME: {{ cookiecutter.global_root_domain }}
SITE_NAME: {{ cookiecutter.global_platform_name }}
AWS_REGION: {{ cookiecutter.global_aws_region }}

CUSTOM_THEME_REPOSITORY: {{ cookiecutter.ci_build_theme_repository }}
CUSTOM_THEME_REPOSITORY_REF: {{ cookiecutter.ci_build_theme_ref }}

CUSTOM_PLUGIN_REPOSITORY: {{ cookiecutter.ci_build_plugin_repository }}
CUSTOM_PLUGIN_REPOSITORY_ORGANIZATION: {{ cookiecutter.ci_build_plugin_org }}
CUSTOM_PLUGIN_REPOSITORY_REF: {{ cookiecutter.ci_build_plugin_ref }}

CUSTOM_XBLOCK_REPOSITORY: {{ cookiecutter.ci_build_xblock_repository }}
CUSTOM_XBLOCK_REPOSITORY_ORGANIZATION: {{ cookiecutter.ci_build_xblock_org }}
CUSTOM_XBLOCK_REPOSITORY_REF: {{ cookiecutter.ci_build_xblock_ref }}

steps:
- uses: actions/[email protected]

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2

- name: Configure AWS credentials
uses: aws-actions/[email protected]
with:
aws-access-key-id: {% raw %}${{ secrets.AWS_ACCESS_KEY_ID }}{% endraw %}
aws-secret-access-key: {% raw %}${{ secrets.AWS_SECRET_ACCESS_KEY }}{% endraw %}
aws-region: ${AWS_REGION}

- name: Build Backup
if: {% raw %}${{ env.ENABLE_BACKUP == 'true' }}{% endraw %}
uses: openedx-actions/[email protected]

- name: Build Credentials
if: {% raw %}${{ env.ENABLE_CREDENTIALS == 'true' }}{% endraw %}
uses: openedx-actions/[email protected]

- name: Build MFE
if: {% raw %}${{ env.ENABLE_MFE == 'true' }}{% endraw %}
uses: openedx-actions/[email protected]
with:
subdomain: ${SUBDOMAIN}
domain-name: ${DOMAIN_NAME}
site-name: ${SITE_NAME}

- name: Build openedx
uses: openedx-actions/[email protected]
with:
custom-theme-repository: {% raw %}${{ inputs.custom-theme-repository }}{% endraw %}
custom-theme-repository-ref: {% raw %}${{ inputs.custom-theme-repository-ref }}{% endraw %}

custom-plugin-repository: {% raw %}${{ inputs.custom-plugin-repository }}{% endraw %}
custom-plugin-repository-organization: {% raw %}${{ inputs.custom-plugin-repository-organization }}{% endraw %}
custom-plugin-repository-ref: {% raw %}${{ inputs.custom-plugin-repository-ref }}{% endraw %}

custom-xblock-repository: {% raw %}${{ inputs.custom-xblock-repository }}{% endraw %}
custom-xblock-repository-organization: {% raw %}${{ inputs.custom-xblock-repository-organization }}{% endraw %}
custom-xblock-repository-ref: {% raw %}${{ inputs.custom-xblock-repository-ref }}{% endraw %}
206 changes: 206 additions & 0 deletions ...ecutter.github_repo_name}}/.github/workflows/deploy_{{cookiecutter.environment_name}}.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,206 @@
#------------------------------------------------------------------------------
# written by: mcdaniel
# date: june-2022
#
# usage: top-level workflow. Initiated manually from Github Actions console page
# Deploys a Tutor-created openedx Docker image to the Kubernetes cluster.
#------------------------------------------------------------------------------
name: Deploy {{ cookiecutter.environment_name }}

on:
workflow_dispatch:

jobs:
deploy:
runs-on: ubuntu-latest
env:
# common settings
# --------------------------------------------
AWS_ACCOUNT_NUMBER: '{{ cookiecutter.global_account_id }}'
AWS_ECR_HOST: 'dkr.ecr.{{ cookiecutter.global_aws_region }}.amazonaws.com'
AWS_REGION: {{ cookiecutter.global_aws_region }}

# environment settings
# --------------------------------------------
ENVIRONMENT_ID: {{ cookiecutter.environment_name }}
NAMESPACE: openedx-{{ cookiecutter.environment_name }}

# feature flags for optional tutor modules
# --------------------------------------------
DEBUG_MODE: false
ENABLE_BACKUP: true
ENABLE_CREDENTIALS: false
ENABLE_DISCOVERY: true
ENABLE_ECOMMERCE: false
ENABLE_FORUM: true
ENABLE_MFE: true
ENABLE_NOTES: true
ENABLE_S3: true
ENABLE_XQUEUE: false

steps:
- name: Checkout
uses: actions/[email protected]

- name: Configure AWS credentials
uses: aws-actions/[email protected]
with:
aws-access-key-id: {% raw %}${{ secrets.AWS_ACCESS_KEY_ID }}{% endraw %}
aws-secret-access-key: {% raw %}${{ secrets.AWS_SECRET_ACCESS_KEY }}{% endraw %}
aws-region: {% raw %}${{ env.AWS_REGION }}{% endraw %}

- name: Initialize environment
uses: openedx-actions/[email protected]
with:
namespace: {% raw %}${{ env.NAMESPACE }}{% endraw %}

# ---------------------------------------------------------------------------------
# initialize workflow environment variables
# ---------------------------------------------------------------------------------
- name: Intialize AWS_ECR_URI
shell: bash
run: |-
echo "AWS_ECR_URI={% raw %}${{ env.AWS_ACCOUNT_NUMBER }}{% endraw %}.{% raw %}${{ env.AWS_ECR_HOST }}{% endraw %}" >> $GITHUB_ENV
- name: Intialize AWS ECR repo URIs
shell: bash
run: |-
echo "AWS_ECR_REPOSITORY_BACKUP=${AWS_ECR_URI}/openedx_backup:latest" >> $GITHUB_ENV
echo "AWS_ECR_REPOSITORY_CREDENTIALS=${AWS_ECR_URI}/openedx_credentials:latest" >> $GITHUB_ENV
echo "AWS_ECR_REPOSITORY_MFE=${AWS_ECR_URI}/openedx_mfe:latest" >> $GITHUB_ENV
echo "AWS_ECR_REPOSITORY_OPENEDX=${AWS_ECR_URI}/openedx:latest" >> $GITHUB_ENV
# note that values like $LMS_HOSTNAME come from this repo
# in /ci/tutor-deploy/environments/{{ cookiecutter.environment_name }}/config.yml
- name: Load additional environment specific settings
shell: bash
run: |-
echo "TUTOR_LMS_HOST=$LMS_HOSTNAME" >> $GITHUB_ENV
echo "TUTOR_CMS_HOST=$CMS_HOSTNAME" >> $GITHUB_ENV
echo "TUTOR_DOCKER_IMAGE_OPENEDX=${AWS_ECR_REPOSITORY_OPENEDX}" >> $GITHUB_ENV
echo "OPENEDX_COMMON_VERSION=open-release/maple.3" >> $GITHUB_ENV
- name: Load environment specific settings (direct)
shell: bash
run: |-
# Pin the instalation ID with the Kubernetes namespace. It needs to be unique and static per instalation.
cat ci/tutor-deploy/environments/${ENVIRONMENT_ID}/config.yml >> $GITHUB_ENV
# ---------------------------------------------------------------------------------
# Configure optional tutor plugins
# ---------------------------------------------------------------------------------
- name: Enable tutor plugin - S3
uses: openedx-actions/[email protected]
if: {% raw %}${{ env.ENABLE_S3 == 'true' }}{% endraw %}
with:
namespace: {% raw %}${{ env.NAMESPACE }}{% endraw %}

- name: Enable tutor plugin - Backup
uses: openedx-actions/[email protected]
if: {% raw %}${{ env.ENABLE_BACKUP == 'true' }}{% endraw %}
with:
aws-ecr-uri: ${AWS_ECR_REPOSITORY_BACKUPS}
namespace: {% raw %}${{ env.NAMESPACE }}{% endraw %}

- name: Enable tutor plugin - Discovery
uses: openedx-actions/[email protected]
if: {% raw %}${{ env.ENABLE_DISCOVERY == 'true' }}{% endraw %}
with:
namespace: {% raw %}${{ env.NAMESPACE }}{% endraw %}

- name: Enable tutor plugin - MFE
uses: openedx-actions/[email protected]
if: {% raw %}${{ env.ENABLE_MFE == 'true' }}{% endraw %}
with:
aws-ecr-uri: ${AWS_ECR_REPOSITORY_MFE}

- name: Enable tutor plugin - Credentials
uses: openedx-actions/[email protected]
if: {% raw %}${{ env.ENABLE_CREDENTIALS == 'true' }}{% endraw %}
with:
namespace: {% raw %}${{ env.NAMESPACE }}{% endraw %}
aws-ecr-uri: ${AWS_ECR_REPOSITORY_CREDENTIALS}
common-logo-url: {{ cookiecutter.global_platform_logo_url }}

- name: Enable tutor plugin - Xqueue
uses: openedx-actions/[email protected]
if: {% raw %}${{ env.ENABLE_XQUEUE == 'true' }}{% endraw %}
with:
namespace: {% raw %}${{ env.NAMESPACE }}{% endraw %}

- name: Enable tutor plugin - Notes
uses: openedx-actions/[email protected]
if: {% raw %}${{ env.ENABLE_NOTES == 'true' }}{% endraw %}
with:
namespace: {% raw %}${{ env.NAMESPACE }}{% endraw %}

- name: Enable tutor plugin - Ecommerce
uses: openedx-actions/[email protected]
if: {% raw %}${{ env.ENABLE_ECOMMERCE == 'true' }}{% endraw %}
with:
namespace: {% raw %}${{ env.NAMESPACE }}{% endraw %}

- name: Enable tutor plugin - Forum
uses: openedx-actions/[email protected]
if: {% raw %}${{ env.ENABLE_FORUM == 'true' }}{% endraw %}

# ---------------------------------------------------------------------------------
# Configure backend services
# ---------------------------------------------------------------------------------
- name: Configure SMTP
uses: openedx-actions/[email protected]
with:
aws-ses-iam-key: {% raw %}${{ secrets.aws-ses-iam-key }}{% endraw %}
aws-ses-iam-secret: {% raw %}${{ secrets.aws-ses-iam-secret }}{% endraw %}
aws-region: {% raw %}${{ env.AWS_REGION }}{% endraw %}

- name: Configure Redis
uses: openedx-actions/[email protected]
with:
namespace: {% raw %}${{ env.NAMESPACE }}{% endraw %}

- name: Configure MySQL
uses: openedx-actions/[email protected]
with:
namespace: {% raw %}${{ env.NAMESPACE }}{% endraw %}

- name: Dump tutor config
uses: openedx-actions/[email protected]

# ---------------------------------------------------------------------------------
# Add your custom configuration tasks here ....
# ---------------------------------------------------------------------------------
- name: Configure 3rd Party Authentication
shell: bash
run: |-
tutor config save --set OPENEDX_FACEBOOK_APP_ID="{% raw %}${{ inputs.facebook-app-id }}{% endraw %}" \
--set OPENEDX_FACEBOOK_APP_SECRET="{% raw %}${{ inputs.facebook-app-secret }}{% endraw %}"
- name: Fetch JWT token
uses: openedx-actions/[email protected]
with:
namespace: {% raw %}${{ env.NAMESPACE }}{% endraw %}


# see: https://github.com/Medality-Health/openedx_devops/blob/main/terraform/modules/kubernetes_secrets/main.tf
- name: Configure edx secret
uses: openedx-actions/[email protected]


# ---------------------------------------------------------------------------------
# Deploy
# ---------------------------------------------------------------------------------
- name: Deploy to Kubernetes
uses: ./.github/actions/tutor/k8s/deploy
with:
environment-id: {{ cookiecutter.environment_name }}
namespace: {% raw %}${{ env.NAMESPACE }}{% endraw %}

- name: Set theme
shell: bash
run: |-
tutor k8s settheme edx-theme
- name: Create admin user
uses: openedx-actions/[email protected]
Loading

0 comments on commit d434d45

Please sign in to comment.