wireapp · smatting · Sep 25, 2024 · Sep 26, 2024 · Sep 26, 2024 · Sep 26, 2024
@@ -63,10 +63,10 @@ jobs:
         env:
           HCLOUD_TOKEN: '${{ secrets.HCLOUD_TOKEN }}'
 
-      - name: Clean up hetzner environment; just in case
-        if: always()
-        run: (cd terraform/examples/wire-server-deploy-offline-hetzner ; terraform init && terraform destroy -auto-approve)
-        env:
-          HCLOUD_TOKEN: '${{ secrets.HCLOUD_TOKEN }}'
+      # - name: Clean up hetzner environment; just in case
+      #   if: always()
+      #   run: (cd terraform/examples/wire-server-deploy-offline-hetzner ; terraform init && terraform destroy -auto-approve)
+      #   env:
+      #     HCLOUD_TOKEN: '${{ secrets.HCLOUD_TOKEN }}'
 
 
@@ -1,9 +1,9 @@
 - hosts: all
   become: true
   vars:
-    artifact_hash: d8fe36747614968ea73ebd43d47b99364c52f9c1
-    ubuntu_version: 22.04.4
-    ssh_pubkey: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDPTGTo1lTqd3Ym/75MRyQvj8xZINO/GI6FzfIadSe5c backend+hetzner-dedicated-operator@wire.com"
+    artifact_hash: dd7b682ba14c65116fa9a87b1dc80787bbad16bb
+    ubuntu_version: 22.04.5
+    ssh_pubkey: "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBantLLGJX/7S6zT+ixyNdQ81XSboOkErYo7Bi9tUIwX"
   tasks:
   - name: set ipv4 forward
     sysctl:
@@ -40,7 +40,7 @@
       - docker.io
       - telnet
       - python3-lxml
-      - qemu
+      - qemu-system-x86
       - qemu-kvm
       - qemu-utils
       - libvirt-clients

@@ -0,0 +1 @@
+webapp.wiab-autodeploy.wire.link
@@ -2,6 +2,17 @@
 # shellcheck disable=SC2087
 set -Eeuo pipefail
 
+
+#
+# Problems discovered while running this script
+#
+# - on first run "virsh" not found. This seems to be installed only later 
+# - change cleanup user logic: user should specify whether to clean. The script should warn if it's not in clean state, but never die
+# - if `bash bin/offline-vm-setup.sh` fails then this script doesn't seem to notice it
+# - the `offline-vm-setup.sh` seems to stop the python server before the vm installation can make use of it. Probably the virsh install commands run in the background and don't block the main script long enough for the python server to be still alive
+#
+#
+
 msg() {
   echo >&2 -e "${1-}"
 }
@@ -28,7 +39,7 @@ Running the script without any arguments requires one interaction - confirming t
 For CI usage, it's recommended to invoke "--force-redeploy".
 
 It is likely desirable to invoke the script with "--artifact-hash" and / or "--target-domain" as well. These are the hardcoded fallback values:
- * artifact-hash = 5c06158547bc57846eadaa2be5c813ec43be9b59
+ * artifact-hash = dd7b682ba14c65116fa9a87b1dc80787bbad16bb
  * target-domain = wiab-autodeploy.wire.link
 
 Available options:
@@ -78,7 +89,7 @@ parse_params() {
 
 parse_params "$@"
 
-ARTIFACT_HASH="${ARTIFACT_HASH:-5c06158547bc57846eadaa2be5c813ec43be9b59}"
+ARTIFACT_HASH="${ARTIFACT_HASH:-dd7b682ba14c65116fa9a87b1dc80787bbad16bb}"
 TARGET_SYSTEM="${TARGET_SYSTEM:-wiab-autodeploy.wire.link}"
 FORCE_REDEPLOY="${FORCE_REDEPLOY:-0}"
 SUBDOMAINS="account assets coturn federator inbucket nginz-https nginz-ssl sft teams webapp"
@@ -104,14 +115,14 @@ if ssh -q -o ConnectTimeout=5 -p "$SSH_PORT" "$SSH_USER"@webapp."$TARGET_SYSTEM"
   msg ""
   msg "INFO: Successfully logged into $TARGET_SYSTEM as $SSH_USER"
 else
-  die "ERROR: Can't log into $TARGET_SYSTEM via SSH, please check SSH connectivity."
+  die "ERROR: Can't log into webapp.$TARGET_SYSTEM via SSH, please check SSH connectivity."
 fi
 
-if curl --head --silent --fail https://s3-eu-west-1.amazonaws.com/public.wire.com/artifacts/wire-server-deploy-static-"$ARTIFACT_HASH".tgz >/dev/null 2>&1 ; then
-  msg "INFO: Artifact exists https://s3-eu-west-1.amazonaws.com/public.wire.com/artifacts/wire-server-deploy-static-$ARTIFACT_HASH.tgz"
-else
-  die "ERROR: No artifact found via https://s3-eu-west-1.amazonaws.com/public.wire.com/artifacts/wire-server-deploy-static-$ARTIFACT_HASH.tgz"
-fi
+# if curl --head --silent --fail https://s3-eu-west-1.amazonaws.com/public.wire.com/artifacts/wire-server-deploy-static-"$ARTIFACT_HASH".tgz >/dev/null 2>&1 ; then
+#   msg "INFO: Artifact exists https://s3-eu-west-1.amazonaws.com/public.wire.com/artifacts/wire-server-deploy-static-$ARTIFACT_HASH.tgz"
+# else
+#   die "ERROR: No artifact found via https://s3-eu-west-1.amazonaws.com/public.wire.com/artifacts/wire-server-deploy-static-$ARTIFACT_HASH.tgz"
+# fi
 
 system_cleanup_meta() {
   msg ""
@@ -126,12 +137,15 @@ system_cleanup
 EOT
 }
 
+# TODO:: Check if virsh is available. If not (fresh install) then you don't need to check 
+# for 
 system_cleanup() {
-  for VM in $(virsh list --all --name); do virsh destroy "$VM"; virsh undefine "$VM" --remove-all-storage; done
-  docker system prune -a -f
-  rm -f /home/$DEMO_USER/.ssh/known_hosts
-  rm -rf /home/$DEMO_USER/wire-server-deploy
-  rm -f /home/$DEMO_USER/wire-server-deploy-static-*.tgz
+  echo "doing nothing"
+  # for VM in $(virsh list --all --name); do virsh destroy "$VM"; virsh undefine "$VM" --remove-all-storage; done
+  # docker system prune -a -f
+  # rm -f /home/$DEMO_USER/.ssh/known_hosts
+  # rm -rf /home/$DEMO_USER/wire-server-deploy
+  # rm -f /home/$DEMO_USER/wire-server-deploy-static-*.tgz
 }
 
 preprovision_hetzner() {
@@ -144,12 +158,14 @@ preprovision_hetzner() {
 }
 
 remote_deployment() {
+  set -e
   msg() {
     echo >&2 -e "${1-}"
   }
   cd $SCRIPT_DIR &>/dev/null || exit 1
 
   bash bin/offline-vm-setup.sh
+
   msg ""
   while sudo virsh list --all | grep -Fq running; do
     sleep 20
@@ -170,8 +186,7 @@ remote_deployment() {
   ZAUTH_CONTAINER=$(sudo docker load -i "$SCRIPT_DIR"/containers-adminhost/quay.io_wire_zauth_*.tar | awk '{print $3}')
   export ZAUTH_CONTAINER
   WSD_CONTAINER=$(sudo docker load -i "$SCRIPT_DIR"/containers-adminhost/container-wire-server-deploy.tgz | awk '{print $3}')
-  d() {
-    sudo docker run --network=host -v "${SSH_AUTH_SOCK:-nonexistent}":/ssh-agent -e SSH_AUTH_SOCK=/ssh-agent -v "$HOME"/.ssh:/root/.ssh -v "$PWD":/wire-server-deploy "$WSD_CONTAINER" "$@"
+  d() { sudo docker run --network=host -v "${SSH_AUTH_SOCK:-nonexistent}":/ssh-agent -e SSH_AUTH_SOCK=/ssh-agent -v "$HOME"/.ssh:/root/.ssh -v "$PWD":/wire-server-deploy "$WSD_CONTAINER" "$@"
   }
   export -f d
 
@@ -405,7 +420,7 @@ if [ "$DO_SYSTEM_CLEANUP" = true ] && [ "$FORCE_REDEPLOY" = 1 ]; then
 fi
 
 msg "INFO: Commencing Wire-in-a-box deployment on $TARGET_SYSTEM."
-preprovision_hetzner
+# preprovision_hetzner
 ssh -p "$SSH_PORT" "$DEMO_USER"@webapp."$TARGET_SYSTEM" "bash -s" <<EOT
 # Making relevant vars and functions available to remote shell via SSH
 $(declare -p DEMO_USER TARGET_SYSTEM SCRIPT_DIR)

@@ -108,7 +108,7 @@ else
   VM_IP=(192.168.122.10 192.168.122.21 192.168.122.22 192.168.122.23 192.168.122.31 192.168.122.32 192.168.122.33)
   VM_VCPU=(2 6 6 6 4 4 4)
   VM_RAM=(4096 8192 8192 8192 8192 8192 8192)
-  VM_DISK=(100 100 100 100 350 350 350)
+  VM_DISK=(100 100 100 100 100 100 100)
 fi
 
 if [[ -f "$HOME"/.ssh/authorized_keys && -s "$HOME"/.ssh/authorized_keys ]]; then

@@ -2,11 +2,11 @@
 
 set -euo pipefail
 
-function cleanup {
-  (cd terraform/examples/wire-server-deploy-offline-hetzner ; terraform destroy -auto-approve)
-  echo done
-}
-trap cleanup EXIT
+# function cleanup {
+#   (cd terraform/examples/wire-server-deploy-offline-hetzner ; terraform destroy -auto-approve)
+#   echo done
+# }
+# trap cleanup EXIT
 (cd terraform/examples/wire-server-deploy-offline-hetzner ; terraform init ; terraform apply -auto-approve )
 adminhost=$(cd terraform/examples/wire-server-deploy-offline-hetzner ; terraform output adminhost)
 adminhost="${adminhost//\"/}" # remove extra quotes around the returned string

@@ -4,7 +4,7 @@ set -euo pipefail
 INCREMENTAL="${INCREMENTAL:-0}"
 
 # Default exclude list
-HELM_CHART_EXCLUDE_LIST="inbucket"
+HELM_CHART_EXCLUDE_LIST="aws-ingress,backoffice,calling-test,fluent-bit,inbucket,k8ssandra-test-cluster,kibana,nginx-ingress-controller,restund"
 
 # Parse the HELM_CHART_EXCLUDE_LIST argument
 for arg in "$@"
@@ -202,7 +202,7 @@ pull_charts() {
   echo "Pulling charts done."
 }
 
-wire_build="https://raw.githubusercontent.com/wireapp/wire-builds/c5729427af29609b904958e2d369573bae3daac6/build.json"
+wire_build="https://raw.githubusercontent.com/wireapp/wire-builds/4ec9c06fecc0d13aa62f25f719da48a3a48bd514/build.json"
 wire_build_chart_release "$wire_build" | pull_charts
 
 # Uncomment if you want to create non-wire-build release