Ghaf infra new environments #276

henrirosten · 2024-10-21T06:16:54Z

Support ghaf-infra deployments as outlined in https://ssrc.atlassian.net/wiki/spaces/SP/pages/1357250598/Ghaf-infra+Environments:

Allow creating four types of different ghaf-infra instances: 'release', 'prod', 'dev', 'priv':
- 'release': ephemeral environment manually spun-up and destroyed for the purpose of making Ghaf SLSA L3 release builds. The ‘release’ environment does not use external builders, but spins-up the builder VMs together with the rest of the infra.
- 'prod': production environment provides the continuous services for Ghaf developers and testers: nix binary cache, as well as the CI environment. Prod environment(s) should run 24/7, minimizing downtime.
- 'dev': development environment serves as the dev environment for ghaf-infra developers - to be able test infra changes before promoting them to ‘prod’. 'dev' environment(s) are therefore otherwise similar to 'prod', except there's no uptime requirements. As an example, 'prod' and 'dev' share the binary cache storage and key.
- 'priv': personal environments for ghaf-infra development and testing.

This change also introduces changes to critical resource storage:

Jenkins artifact storage is moved from environment-specific to persistent storage
Separate persistent storage for 'release'
Separate binary cache storage for 'priv' environments

In addition, the changes in this PR enable creating concurrent ghaf-infra instances of the same type. As an example, we could have two 'prod' deployments (with different names) running concurrently. Similarly, ghaf-infra developers can now have many 'priv' environments running concurrently.

Removes terraform-playground.sh: we should now use terraform-init.sh and the instructions in terraform/README.md to achieve the same functionality.

karim20230

quite large changes -hoping tested well!

terraform/persistent/resources/main.tf

terraform/main.tf

henrirosten · 2024-10-22T12:43:11Z

quite large changes -hoping tested well!

@karim20230 : thanks for the review. I also struggled as to how to split this in smaller, more digestible pieces. I couldn't figure out how to split the first two commits that are required to align with the new setup. Other commits in this PR are smaller, hopefully easier to understand.

Signed-off-by: Henri Rosten <henri.rosten@unikie.com>

henrirosten · 2024-10-24T13:32:02Z

Rebased on latest main

henrirosten temporarily deployed to internal October 21, 2024 06:16 — with GitHub Actions Inactive

henrirosten temporarily deployed to internal October 21, 2024 06:17 — with GitHub Actions Inactive

henrirosten force-pushed the ghaf-infra-new-environments branch from a43f30f to 340fe39 Compare October 21, 2024 06:22

henrirosten temporarily deployed to internal October 21, 2024 06:23 — with GitHub Actions Inactive

henrirosten temporarily deployed to internal October 21, 2024 09:53 — with GitHub Actions Inactive

henrirosten temporarily deployed to internal October 21, 2024 09:54 — with GitHub Actions Inactive

henrirosten force-pushed the ghaf-infra-new-environments branch from 5b2fada to dff761d Compare October 21, 2024 13:20

henrirosten temporarily deployed to internal October 21, 2024 13:20 — with GitHub Actions Inactive

henrirosten temporarily deployed to internal October 21, 2024 13:21 — with GitHub Actions Inactive

henrirosten temporarily deployed to internal October 21, 2024 13:22 — with GitHub Actions Inactive

henrirosten temporarily deployed to internal October 21, 2024 13:23 — with GitHub Actions Inactive

henrirosten marked this pull request as ready for review October 21, 2024 13:49

henrirosten requested a review from a team October 21, 2024 13:49

karim20230 reviewed Oct 22, 2024

View reviewed changes

terraform/persistent/resources/main.tf Outdated Show resolved Hide resolved

terraform/persistent/resources/main.tf Show resolved Hide resolved

terraform/persistent/resources/main.tf Outdated Show resolved Hide resolved

terraform/main.tf Show resolved Hide resolved

henrirosten force-pushed the ghaf-infra-new-environments branch from 61359e5 to eb4eb5a Compare October 22, 2024 12:35

henrirosten temporarily deployed to internal October 22, 2024 12:35 — with GitHub Actions Inactive

henrirosten temporarily deployed to internal October 22, 2024 12:36 — with GitHub Actions Inactive

karim20230 approved these changes Oct 22, 2024

View reviewed changes

henrirosten added 5 commits October 24, 2024 16:29

terraform: New environments storage setup

e8d895a

Signed-off-by: Henri Rosten <henri.rosten@unikie.com>

terraform: Initial release config

27a693a

Signed-off-by: Henri Rosten <henri.rosten@unikie.com>

terraform: Move jenkins artifacts to persistent

b62b3b4

Signed-off-by: Henri Rosten <henri.rosten@unikie.com>

terraform: Update documentation

da630ec

Signed-off-by: Henri Rosten <henri.rosten@unikie.com>

terraform: Remove terraform-playground.sh

a0d1735

Signed-off-by: Henri Rosten <henri.rosten@unikie.com>

henrirosten force-pushed the ghaf-infra-new-environments branch from eb4eb5a to a0d1735 Compare October 24, 2024 13:31

henrirosten temporarily deployed to internal October 24, 2024 13:31 — with GitHub Actions Inactive

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Ghaf infra new environments #276

Ghaf infra new environments #276

henrirosten commented Oct 21, 2024 •

edited

Loading

karim20230 left a comment

henrirosten commented Oct 22, 2024 •

edited

Loading

henrirosten commented Oct 24, 2024

Ghaf infra new environments #276

Are you sure you want to change the base?

Ghaf infra new environments #276

Conversation

henrirosten commented Oct 21, 2024 • edited Loading

karim20230 left a comment

Choose a reason for hiding this comment

henrirosten commented Oct 22, 2024 • edited Loading

henrirosten commented Oct 24, 2024

henrirosten commented Oct 21, 2024 •

edited

Loading

henrirosten commented Oct 22, 2024 •

edited

Loading