Provision EKS Cluster #901

Workflow file for this run

.github/workflows/provision-cluster.yaml at 5b628cd

	name: Provision EKS Cluster

	on:
	create:
	branches: '**'

	env:
	AWS_REGION: "eu-north-1"
	CLUSTERCTL_VERSION: "v1.2.3"
	CLUSTER_AWS_ADM_VERSION: "v1.5.0"
	EKSCTL_VERSION: "v0.144.0"
	FLUX_VERSION: "v2.0.0-rc.5"

	jobs:
	provision-cluster:
	if: startsWith(github.event.ref, 'cluster-')
	runs-on: ubuntu-latest
	outputs:
	CLUSTER_NAME: ${{ steps.outputs.outputs.CLUSTER_NAME }}
	STATUS: ${{ job.status }}
	STATUS_EMOJI: ${{ steps.outputs.outputs.STATUS_EMOJI }}
	SLACK_MESSAGE: ${{ steps.outputs.outputs.SLACK_MESSAGE }}
	permissions:
	id-token: write
	contents: read
	steps:
	- uses: actions/checkout@v3

	- name: Install aws-cli
	run: \|
	curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
	unzip awscliv2.zip
	sudo ./aws/install --update
	aws --version
	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v1-node16
	with:
	# role-to-assume: arn:aws:iam::894516026745:role/WeaveEksGithubActions
	aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
	aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	aws-region: ${{ env.AWS_REGION }}

	- name: Install eksctl
	run: \|
	curl --silent --location "https://github.com/weaveworks/eksctl/releases/download/${{ env.EKSCTL_VERSION }}/eksctl_$(uname -s)_amd64.tar.gz" \| tar xz -C /tmp
	sudo mv /tmp/eksctl /usr/local/bin
	eksctl version

	- name: Install helm
	uses: azure/setup-helm@v3.5
	with:
	version: v3.8.2

	- name: Install kubectl
	uses: Azure/setup-kubectl@v3.2
	with:
	version: v1.23.7

	- name: Install flux
	run: \|
	VER=$(echo ${{ env.FLUX_VERSION }} \| sed 's/^[^0-9]*//')
	curl --silent --location https://github.com/fluxcd/flux2/releases/download/${{ env.FLUX_VERSION }}/flux_${VER}_$(uname -s)_amd64.tar.gz \| tar xz -C /tmp
	sudo mv /tmp/flux /usr/local/bin
	flux version --client

	- name: Install clusterctl
	run: \|
	curl -L https://github.com/kubernetes-sigs/cluster-api/releases/download/${{ env.CLUSTERCTL_VERSION }}/clusterctl-linux-amd64 -o clusterctl
	chmod +x ./clusterctl
	sudo mv ./clusterctl /usr/local/bin/clusterctl
	clusterctl version

	- name: install clusterawsadm
	run: \|
	curl -L https://github.com/kubernetes-sigs/cluster-api-provider-aws/releases/download/${{ env.CLUSTER_AWS_ADM_VERSION }}/clusterawsadm-linux-amd64 -o clusterawsadm
	chmod +x clusterawsadm
	sudo mv clusterawsadm /usr/local/bin
	clusterawsadm version

	- name: install clusterawsadm stack
	run: \|
	STACK=$(aws cloudformation list-stacks --stack-status-filter CREATE_COMPLETE --region ${{ env.AWS_REGION }} \| grep wge-capi-cluster-api-provider-aws-sigs-k8s-io \|\| true)
	echo "Stack: $STACK"
	if [ -z "$STACK" ]; then
	echo "Create clusterawsadm stack"
	clusterawsadm bootstrap iam create-cloudformation-stack --config ./eksctl-clusters/aws_bootstrap_config.yaml --region=${{ env.AWS_REGION }}
	fi

	- name: Provision Cluster
	run: \|
	export GITHUB_TOKEN=${{ secrets.WEAVE_GITOPS_BOT_TOKEN_CLUSTERS_CONFIG }}
	export BRANCH_NAME=${{ github.event.ref }}
	export CLUSTER_NAME=${BRANCH_NAME#*cluster-}
	echo "cluster_name=${CLUSTER_NAME}" >> $GITHUB_ENV
	echo "Provisioning $CLUSTER_NAME cluster ..."
	$GITHUB_WORKSPACE/eksctl-clusters/scripts/provision-cluster.sh --cluster-name $CLUSTER_NAME

	- name: Check running clusters
	run: \|
	eksctl get clusters --region ${{ env.AWS_REGION }}

	- name: Add WW roles to aws-auth config-map
	if: always()
	run: \|
	# Check if the cluster was successfully installed in AWS
	export CLUSTER_EXISTS=$(eksctl get clusters --region ${{ env.AWS_REGION }} -n ${{ env.cluster_name }} 2> /dev/null)
	if [ -n "$CLUSTER_EXISTS" ]; then
	# Add Admin role
	eksctl create iamidentitymapping --cluster ${{ env.cluster_name }} --region ${{ env.AWS_REGION }} \
	--arn "arn:aws:iam::894516026745:role/AdministratorAccess" --group system:masters --username admin
	# Add Editor role
	eksctl create iamidentitymapping --cluster ${{ env.cluster_name }} --region ${{ env.AWS_REGION }} \
	--arn "arn:aws:iam::894516026745:role/WeaveEksEditor" --group system:masters --username admin
	# Add GithubActions role
	eksctl create iamidentitymapping --cluster ${{ env.cluster_name }} --region ${{ env.AWS_REGION }} \
	--arn "arn:aws:iam::894516026745:role/WeaveEksGithubActions" --group system:masters --username admin
	fi

	- name: kubeconfig
	run: \|
	echo ${{ env.cluster_name }}
	eksctl utils write-kubeconfig --region ${{ env.AWS_REGION }} --cluster ${{ env.cluster_name }} --kubeconfig=$HOME/.kube/config
	kubectl get nodes

	- name: clusterctl init --infrastructure aws
	run: \|
	export AWS_B64ENCODED_CREDENTIALS=$(clusterawsadm bootstrap credentials encode-as-profile --region ${{ env.AWS_REGION }})
	export EXP_EKS=true
	export EXP_MACHINE_POOL=true
	export CAPA_EKS_IAM=true
	export EXP_CLUSTER_RESOURCE_SET=true

	clusterctl init --infrastructure aws
	kubectl get deploy -A

	- name: outputs
	if: always()
	id: outputs
	run: \|
	echo "CLUSTER_NAME=${{ env.cluster_name }}" >> $GITHUB_OUTPUT
	if [ "${{ job.status }}" == "success" ]; then
	echo "STATUS_EMOJI=greentick" >> $GITHUB_OUTPUT
	echo "SLACK_MESSAGE=Cluster has been provisioned successfully! You can access the UI through https://${{ env.cluster_name }}.eng-sandbox.weave.works" >> $GITHUB_OUTPUT
	elif [ "${{ job.status }}" == "failure" ]; then
	echo "STATUS_EMOJI=failed" >> $GITHUB_OUTPUT
	echo "SLACK_MESSAGE=Cluster failed to be provisioned!!" >> $GITHUB_OUTPUT
	fi

	slack-notifications:
	if: always() && startsWith(github.event.ref, 'cluster-')
	needs:
	- provision-cluster
	uses: ./.github/workflows/slack-notification.yaml
	with:
	header-text: "PROVISION CLUSTER: ${{ needs.provision-cluster.outputs.CLUSTER_NAME }} "
	message: " :${{ needs.provision-cluster.outputs.STATUS_EMOJI }}: ${{ needs.provision-cluster.outputs.SLACK_MESSAGE }}"
	secrets:
	SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Provision EKS Cluster #901

Workflow file

Provision EKS Cluster #901

Jobs

Run details

Workflow file for this run