Merge pull request #376 from neo4j/pipeline-improvements

Pipeline improvements
neo4j · Jan 28, 2025 · a124c35 · a124c35
2 parents 76874d8 + 7b0083a
commit a124c35
Show file tree

Hide file tree

Showing 4 changed files with 155 additions and 68 deletions.
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -33,73 +33,79 @@ env:
   IPS_USERNAME: ${{ secrets.IPS_USERNAME }}
   IPS_EMAIL: ${{ secrets.IPS_EMAIL }}
 
-jobs:
+  RESOURCE_PREFIX: ghactions
 
-  current-date:
-    name: Current Date
+jobs:
+  cleanup:
+    name: Cleanup Previous Resources
     runs-on: ubuntu-latest
     steps:
-      - name: Set Current Date
-        id: currentDate
-        run: |
-          CURRENT_DATE=$(date +'%Y-%m-%d-%s')
-          echo "CURRENT_DATE=${CURRENT_DATE}" >> $GITHUB_OUTPUT
-    outputs:
-      CURRENT_DATE: ${{ steps.currentDate.outputs.CURRENT_DATE }}
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Authenticate Service Account
+        uses: 'google-github-actions/auth@v2'
+        with:
+          credentials_json: '${{ secrets.GCLOUD_SERVICE_KEY }}'
+
+      - name: 'Set up Cloud SDK'
+        uses: 'google-github-actions/setup-gcloud@v2'
+        with:
+          version: '>= 363.0.0'
+
+      - name: Run Cleanup
+        run: ./bin/gcloud/cleanup_resources
 
   gke-setup:
     name: Debian GKE Creation
+    needs: [cleanup]
     runs-on: ubuntu-latest
-    needs:
-      - current-date
     env:
-      CURRENT_DATE: ${{ needs.current-date.outputs.CURRENT_DATE }}
+      RUN_ID: ${{ github.run_id }}-${{ github.run_attempt }}
     steps:
       - name: Checkout
         uses: actions/checkout@v4
 
       - name: Authenticate Service Account
-        id: serviceAccount
-        run: |
-          ./bin/gcloud/auth
+        uses: 'google-github-actions/auth@v2'
+        with:
+          credentials_json: '${{ secrets.GCLOUD_SERVICE_KEY }}'
 
       - name: Create GKE Cluster
         run: |
-          export CLOUDSDK_CONTAINER_CLUSTER=ghactions-${CURRENT_DATE}
+          export CLOUDSDK_CONTAINER_CLUSTER=${RESOURCE_PREFIX}-${RUN_ID}
           ./bin/gcloud/create_cluster
     outputs:
-      CLOUDSDK_CONTAINER_CLUSTER: "ghactions-${{ env.CURRENT_DATE }}"
+      CLOUDSDK_CONTAINER_CLUSTER: "${{ env.RESOURCE_PREFIX }}-${{ env.RUN_ID }}"
 
   gke-setup-redhat:
     name: RedHat GKE Creation
+    needs: [cleanup]
     runs-on: ubuntu-latest
-    needs:
-      - current-date
     env:
-      CURRENT_DATE: ${{ needs.current-date.outputs.CURRENT_DATE }}
+      RUN_ID: ${{ github.run_id }}-${{ github.run_attempt }}
     steps:
       - name: Checkout
         uses: actions/checkout@v4
 
       - name: Authenticate Service Account
-        id: serviceAccount
-        run: |
-          ./bin/gcloud/auth
+        uses: 'google-github-actions/auth@v2'
+        with:
+          credentials_json: '${{ secrets.GCLOUD_SERVICE_KEY }}'
 
       - name: Create GKE Cluster
         run: |
-          export CLOUDSDK_CONTAINER_CLUSTER=ghactions-redhat-${CURRENT_DATE}
+          export CLOUDSDK_CONTAINER_CLUSTER=${RESOURCE_PREFIX}-redhat-${RUN_ID}
           ./bin/gcloud/create_cluster
     outputs:
-      CLOUDSDK_CONTAINER_CLUSTER_REDHAT: "ghactions-redhat-${{ env.CURRENT_DATE }}"
+      CLOUDSDK_CONTAINER_CLUSTER_REDHAT: "${{ env.RESOURCE_PREFIX }}-redhat-${{ env.RUN_ID }}"
 
   build-reverseproxy-backup:
     name: ReverseProxy and Backup Docker Image build
+    needs: [cleanup]
     runs-on: ubuntu-latest
-    needs:
-      - current-date
     env:
-      CURRENT_DATE: ${{ needs.current-date.outputs.CURRENT_DATE }}
+      RUN_ID: ${{ github.run_id }}-${{ github.run_attempt }}
     steps:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
@@ -116,25 +122,24 @@ jobs:
         with:
           context: "{{defaultContext}}:neo4j-reverse-proxy"
           push: true
-          tags: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/reverseproxy:${{ env.CURRENT_DATE }}"
+          tags: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/reverseproxy:${{ env.RUN_ID }}"
           provenance: false
 
       - name: Build and push neo4j operations image
         uses: docker/build-push-action@v5
         with:
           context: "{{defaultContext}}:neo4j/neo4j-operations"
           push: true
-          tags: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-operations:${{ env.CURRENT_DATE }}"
+          tags: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-operations:${{ env.RUN_ID }}"
           provenance: false
 
-
       - name: Build and push backup image
         uses: docker/build-push-action@v5
         if: ${{ !inputs.RELEASE }}
         with:
           context: "{{defaultContext}}:neo4j-admin"
           push: true
-          tags: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-admin:${{ env.CURRENT_DATE }}"
+          tags: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-admin:${{ env.RUN_ID }}"
           provenance: false
           build-args: |
             IMAGE=${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j:enterprise-dev
@@ -146,7 +151,7 @@ jobs:
         with:
           context: "{{defaultContext}}:neo4j-admin"
           push: true
-          tags: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-admin:ubi9-${{ env.CURRENT_DATE }}"
+          tags: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-admin:ubi9-${{ env.RUN_ID }}"
           provenance: false
           build-args: |
             IMAGE=${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j:enterprise-dev-ubi9
@@ -158,7 +163,7 @@ jobs:
         with:
           context: "{{defaultContext}}:neo4j-admin"
           push: true
-          tags: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-admin:${{ env.CURRENT_DATE }}"
+          tags: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-admin:${{ env.RUN_ID }}"
           provenance: false
           build-args: |
             IMAGE=neo4j:${{ inputs.NEO4J_VERSION }}-enterprise
@@ -170,27 +175,26 @@ jobs:
         with:
           context: "{{defaultContext}}:neo4j-admin"
           push: true
-          tags: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-admin:ubi9-${{ env.CURRENT_DATE }}"
+          tags: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-admin:ubi9-${{ env.RUN_ID }}"
           provenance: false
           build-args: |
             IMAGE=neo4j:${{ inputs.NEO4J_VERSION }}-enterprise-ubi9
             DISTRIBUTION=redhat
 
-
   run-enterprise-tests:
     name: Debian Enterprise tests
     needs:
       - gke-setup
       - build-reverseproxy-backup
-      - current-date
     runs-on: ubuntu-latest
     env:
+      RUN_ID: ${{ github.run_id }}-${{ github.run_attempt }}
       NEO4J_EDITION: "enterprise"
       CLOUDSDK_CONTAINER_CLUSTER: ${{ needs.gke-setup.outputs.CLOUDSDK_CONTAINER_CLUSTER }}
       NEO4J_DOCKER_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j:enterprise-dev"
-      NEO4J_REVERSE_PROXY_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/reverseproxy:${{ needs.current-date.outputs.CURRENT_DATE }}"
-      NEO4J_DOCKER_BACKUP_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-admin:${{ needs.current-date.outputs.CURRENT_DATE }}"
-      NEO4J_OPERATIONS_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-operations:${{ needs.current-date.outputs.CURRENT_DATE }}"
+      NEO4J_REVERSE_PROXY_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/reverseproxy:${{ github.run_id }}-${{ github.run_attempt }}"
+      NEO4J_DOCKER_BACKUP_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-admin:${{ github.run_id }}-${{ github.run_attempt }}"
+      NEO4J_OPERATIONS_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-operations:${{ github.run_id }}-${{ github.run_attempt }}"
     container:
       image: ${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/githubactions:latest
       credentials:
@@ -241,15 +245,15 @@ jobs:
     needs:
       - gke-setup
       - build-reverseproxy-backup
-      - current-date
     runs-on: ubuntu-latest
     env:
+      RUN_ID: ${{ github.run_id }}-${{ github.run_attempt }}
       NEO4J_EDITION: "community"
       CLOUDSDK_CONTAINER_CLUSTER: ${{ needs.gke-setup.outputs.CLOUDSDK_CONTAINER_CLUSTER }}
-      NEO4J_REVERSE_PROXY_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/reverseproxy:${{ needs.current-date.outputs.CURRENT_DATE }}"
       NEO4J_DOCKER_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j:community-dev"
-      NEO4J_DOCKER_BACKUP_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-admin:${{ needs.current-date.outputs.CURRENT_DATE }}"
-      NEO4J_OPERATIONS_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-operations:${{ needs.current-date.outputs.CURRENT_DATE }}"
+      NEO4J_REVERSE_PROXY_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/reverseproxy:${{ github.run_id }}-${{ github.run_attempt }}"
+      NEO4J_DOCKER_BACKUP_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-admin:${{ github.run_id }}-${{ github.run_attempt }}"
+      NEO4J_OPERATIONS_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-operations:${{ github.run_id }}-${{ github.run_attempt }}"
     container:
       image: ${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/githubactions:latest
       credentials:
@@ -300,15 +304,15 @@ jobs:
     needs:
       - gke-setup-redhat
       - build-reverseproxy-backup
-      - current-date
     runs-on: ubuntu-latest
     env:
+      RUN_ID: ${{ github.run_id }}-${{ github.run_attempt }}
       NEO4J_EDITION: "enterprise"
       CLOUDSDK_CONTAINER_CLUSTER: ${{ needs.gke-setup-redhat.outputs.CLOUDSDK_CONTAINER_CLUSTER_REDHAT }}
       NEO4J_DOCKER_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j:enterprise-dev-ubi9"
-      NEO4J_REVERSE_PROXY_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/reverseproxy:${{ needs.current-date.outputs.CURRENT_DATE }}"
-      NEO4J_DOCKER_BACKUP_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-admin:ubi9-${{ needs.current-date.outputs.CURRENT_DATE }}"
-      NEO4J_OPERATIONS_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-operations:${{ needs.current-date.outputs.CURRENT_DATE }}"
+      NEO4J_REVERSE_PROXY_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/reverseproxy:${{ github.run_id }}-${{ github.run_attempt }}"
+      NEO4J_DOCKER_BACKUP_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-admin:ubi9-${{ github.run_id }}-${{ github.run_attempt }}"
+      NEO4J_OPERATIONS_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-operations:${{ github.run_id }}-${{ github.run_attempt }}"
     container:
       image: ${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/githubactions:latest
       credentials:
@@ -359,15 +363,15 @@ jobs:
     needs:
       - gke-setup-redhat
       - build-reverseproxy-backup
-      - current-date
     runs-on: ubuntu-latest
     env:
+      RUN_ID: ${{ github.run_id }}-${{ github.run_attempt }}
       NEO4J_EDITION: "community"
       CLOUDSDK_CONTAINER_CLUSTER: ${{ needs.gke-setup-redhat.outputs.CLOUDSDK_CONTAINER_CLUSTER_REDHAT }}
       NEO4J_DOCKER_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j:community-dev-ubi9"
-      NEO4J_REVERSE_PROXY_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/reverseproxy:${{ needs.current-date.outputs.CURRENT_DATE }}"
-      NEO4J_DOCKER_BACKUP_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-admin:ubi9-${{ needs.current-date.outputs.CURRENT_DATE }}"
-      NEO4J_OPERATIONS_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-operations:${{ needs.current-date.outputs.CURRENT_DATE }}"
+      NEO4J_REVERSE_PROXY_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/reverseproxy:${{ github.run_id }}-${{ github.run_attempt }}"
+      NEO4J_DOCKER_BACKUP_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-admin:ubi9-${{ github.run_id }}-${{ github.run_attempt }}"
+      NEO4J_OPERATIONS_IMG: "${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/neo4j-operations:${{ github.run_id }}-${{ github.run_attempt }}"
     container:
       image: ${{ vars.ARTIFACT_REGISTRY_REPO_NAME }}/githubactions:latest
       credentials:
@@ -424,7 +428,6 @@ jobs:
       - run-community-tests
       - gke-setup
     steps:
-
       - name: Checkout
         uses: actions/checkout@v4
 
@@ -453,7 +456,6 @@ jobs:
       - run-community-tests-redhat
       - gke-setup-redhat
     steps:
-
       - name: Checkout
         uses: actions/checkout@v4
 

diff --git a/bin/gcloud/cleanup_resources b/bin/gcloud/cleanup_resources
@@ -0,0 +1,75 @@
+#!/usr/bin/env bash
+
+# This script cleans up GCP resources that might be left over from previous test runs
+
+set -o pipefail -o errtrace -o errexit -o nounset
+shopt -s inherit_errexit
+[[ -n "${TRACE:-}" ]] && set -o xtrace
+
+# Required env vars
+CLOUDSDK_COMPUTE_ZONE="${CLOUDSDK_COMPUTE_ZONE:?CLOUDSDK_COMPUTE_ZONE is required}"
+RESOURCE_PREFIX="${RESOURCE_PREFIX:-ghactions}"
+
+# Clean up any existing clusters 
+echo "Cleaning up any existing clusters..."
+CLUSTERS=$(gcloud container clusters list --format="get(name)" --filter="name ~ ^${RESOURCE_PREFIX}-.*")
+if [ -n "$CLUSTERS" ]; then
+    while read -r cluster; do
+        if [ -n "$cluster" ]; then
+            echo "Deleting cluster: $cluster"
+            gcloud container clusters delete "$cluster" --zone="${CLOUDSDK_COMPUTE_ZONE}" --quiet || true
+        fi
+    done <<< "$CLUSTERS"
+fi
+
+# Clean up any orphaned persistent disks
+echo "Cleaning up orphaned persistent disks..."
+DISKS=$(gcloud compute disks list \
+    --filter="zone=${CLOUDSDK_COMPUTE_ZONE} AND (name:${RESOURCE_PREFIX}-* OR name:neo4j-data-disk-${RESOURCE_PREFIX}-*)" \
+    --format="get(name)")
+if [ -n "$DISKS" ]; then
+    while read -r disk; do
+        if [ -n "$disk" ]; then
+            echo "Deleting disk: $disk"
+            gcloud compute disks delete "$disk" --zone="${CLOUDSDK_COMPUTE_ZONE}" --quiet || true
+        fi
+    done <<< "$DISKS"
+fi
+
+# Clean up test-related container images older than 24 hours
+if [[ -n "${ARTIFACT_REGISTRY_REPO_NAME:-}" ]]; then
+    echo "Cleaning up old test-related container images..."
+    CUTOFF_TIME=$(date -u -d "24 hours ago" +"%Y-%m-%dT%H:%M:%SZ")
+
+    # Define the test-related image patterns
+    TEST_IMAGE_PATTERNS=(
+        "reverseproxy"
+        "neo4j-operations"
+        "neo4j-admin"
+    )
+
+    for pattern in "${TEST_IMAGE_PATTERNS[@]}"; do
+
+        IMAGES=$(gcloud container images list --repository="${ARTIFACT_REGISTRY_REPO_NAME}" \
+            --format="get(name)" --filter="name ~ .*${pattern}.*" 2>/dev/null || true)
+
+        if [ -n "$IMAGES" ]; then
+            while read -r image; do
+                if [ -n "$image" ]; then
+                    OLD_TAGS=$(gcloud container images list-tags "$image" \
+                        --filter="timestamp.datetime < '${CUTOFF_TIME}'" \
+                        --format="get(digest)" 2>/dev/null || true)
+
+                    while read -r digest; do
+                        if [ -n "$digest" ]; then
+                            echo "Deleting old image: $image@$digest"
+                            gcloud container images delete --quiet "${image}@${digest}" 2>/dev/null || true
+                        fi
+                    done <<< "$OLD_TAGS"
+                fi
+            done <<< "$IMAGES"
+        fi
+    done
+else
+    echo "Skipping image cleanup - ARTIFACT_REGISTRY_REPO_NAME not set"
+fi 
diff --git a/bin/gcloud/create_cluster b/bin/gcloud/create_cluster
@@ -14,25 +14,26 @@ CLOUDSDK_CONTAINER_CLUSTER="${CLOUDSDK_CONTAINER_CLUSTER:?CLOUDSDK_CONTAINER_CLU
 CLOUDSDK_COMPUTE_ZONE="${CLOUDSDK_COMPUTE_ZONE:?CLOUDSDK_COMPUTE_ZONE is required}"
 #KUBECONFIG="${KUBECONFIG:?KUBECONFIG is required}"
 
-# Parameters
-NODE_MACHINE="e2-standard-4"
+NODE_MACHINE="${NODE_MACHINE:-e2-standard-4}"
 NUM_NODES="${NUM_NODES:-11}"
+RELEASE_CHANNEL="${RELEASE_CHANNEL:-stable}"
+DISK_TYPE="${DISK_TYPE:-pd-ssd}"
+DISK_SIZE="${DISK_SIZE:-40}"
+MAX_PODS_PER_NODE="${MAX_PODS_PER_NODE:-30}"
 
 # For more info on release channels see https://cloud.google.com/kubernetes-engine/docs/concepts/release-channels
-RELEASE_CHANNEL="stable"
-# make a new Kubernetes cluster
+# create a new Kubernetes cluster
 #
 gcloud container clusters create "${CLOUDSDK_CONTAINER_CLUSTER}" \
-     --release-channel=${RELEASE_CHANNEL} \
+     --release-channel="${RELEASE_CHANNEL}" \
      --zone="${CLOUDSDK_COMPUTE_ZONE}" \
      --num-nodes="${NUM_NODES}" \
      --workload-pool="${CLOUDSDK_CORE_PROJECT}.svc.id.goog" \
      --preemptible --machine-type="${NODE_MACHINE}" --image-type="COS_CONTAINERD" \
-     --disk-type="pd-ssd" --disk-size="40" \
-     --max-pods-per-node=30 --enable-ip-alias \
+     --disk-type="${DISK_TYPE}" --disk-size="${DISK_SIZE}" \
+     --max-pods-per-node="${MAX_PODS_PER_NODE}" --enable-ip-alias \
      --enable-shielded-nodes --metadata=disable-legacy-endpoints=true --no-enable-basic-auth
 
-
 # Configure kubectl
 gcloud container clusters get-credentials "${CLOUDSDK_CONTAINER_CLUSTER}"