From 591e636b1d1b63d645527edb653b4a74fefaa0b8 Mon Sep 17 00:00:00 2001 From: Simon Planinschek Date: Thu, 19 Feb 2026 15:59:32 +0100 Subject: [PATCH 1/2] add action to set up S3 preview deployments --- setup-s3-preview/action.yml | 62 ++++++++++++++++++++++++ setup-s3-preview/job-template.yml | 80 +++++++++++++++++++++++++++++++ 2 files changed, 142 insertions(+) create mode 100644 setup-s3-preview/action.yml create mode 100644 setup-s3-preview/job-template.yml diff --git a/setup-s3-preview/action.yml b/setup-s3-preview/action.yml new file mode 100644 index 0000000..c6e3758 --- /dev/null +++ b/setup-s3-preview/action.yml @@ -0,0 +1,62 @@ +name: 'Setup S3 Preview' +description: 'Creates an S3 preview prefix by copying from the main prefix' +inputs: + deployment-name: + description: 'Name of the deployment (used for ConfigMap name)' + required: true + namespace: + description: 'Kubernetes namespace' + required: true + preview-number: + description: 'Preview number (PR number)' + required: true + secret-name: + description: 'Name of the secret containing AWS credentials' + required: false + default: 'app-secrets' + +runs: + using: "composite" + steps: + - name: Prepare setup-s3 job + run: | + JOB_NAME="prepare-s3-preview-${{ inputs.preview-number }}" + CONFIGMAP_NAME="${{ inputs.deployment-name }}-environments" + + # Create a temporary file for the manifest + cp ${{ github.action_path }}/job-template.yml job-setup-s3.yml + + # Replace placeholders + sed -i "s/JOB_NAME_PLACEHOLDER/$JOB_NAME/g" job-setup-s3.yml + sed -i "s/CONFIGMAP_NAME_PLACEHOLDER/$CONFIGMAP_NAME/g" job-setup-s3.yml + sed -i "s/SECRET_NAME_PLACEHOLDER/${{ inputs.secret-name }}/g" job-setup-s3.yml + sed -i "s/PREVIEW_NUMBER_PLACEHOLDER/${{ inputs.preview-number }}/g" job-setup-s3.yml + + echo "Prepared job manifest: job-setup-s3.yml" + shell: bash + + - name: Create setup-s3 job + run: | + kubectl apply --namespace ${{ inputs.namespace }} -f job-setup-s3.yml + shell: bash + + - name: Wait for setup-s3 job to complete + run: | + JOB_NAME="prepare-s3-preview-${{ inputs.preview-number }}" + NAMESPACE="${{ inputs.namespace }}" + + echo "Waiting for job $JOB_NAME in namespace $NAMESPACE..." + + if kubectl wait --namespace $NAMESPACE --for=condition=complete --timeout=10m job/$JOB_NAME; then + echo "Job finished with status: Complete" + kubectl logs job/$JOB_NAME --namespace $NAMESPACE + elif kubectl wait --namespace $NAMESPACE --for=condition=failed --timeout=1s job/$JOB_NAME; then + echo "Job finished with status: Failed" + kubectl logs job/$JOB_NAME --namespace $NAMESPACE + exit 1 + else + echo "Timeout waiting for job to complete." + kubectl logs job/$JOB_NAME --namespace $NAMESPACE || true + exit 1 + fi + shell: bash diff --git a/setup-s3-preview/job-template.yml b/setup-s3-preview/job-template.yml new file mode 100644 index 0000000..039f24e --- /dev/null +++ b/setup-s3-preview/job-template.yml @@ -0,0 +1,80 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: JOB_NAME_PLACEHOLDER +spec: + ttlSecondsAfterFinished: 60 + template: + spec: + restartPolicy: Never + containers: + - name: prepare-s3-preview + image: amazon/aws-cli:2 + command: [ "bash", "-c" ] + args: + - | + set -e + + echo "### START $(date --iso-8601=seconds) ###" + + S3_ARGS="" + if [ -n "$S3_ENDPOINT" ]; then + S3_ARGS="--endpoint-url $S3_ENDPOINT" + fi + + S3_MAIN_PREFIX="s3://$S3_BUCKET/main/" + S3_PREVIEW_PREFIX="s3://$S3_BUCKET/preview-$PREVIEW_NUMBER/" + + echo "Checking if $S3_PREVIEW_PREFIX already exists..." + if [ "$(aws s3 $S3_ARGS ls "$S3_PREVIEW_PREFIX" | wc -l)" -gt 0 ]; then + echo "$S3_PREVIEW_PREFIX already exists. Skipping setup." + echo "Script finished successfully!" + echo "### END $(date --iso-8601=seconds) ###" + exit 0 + fi + + echo "Syncing from $S3_MAIN_PREFIX to $S3_PREVIEW_PREFIX ..." + aws s3 $S3_ARGS sync "$S3_MAIN_PREFIX" "$S3_PREVIEW_PREFIX" + + echo "Script finished successfully!" + echo "### END $(date --iso-8601=seconds) ###" + env: + - name: S3_BUCKET + valueFrom: + configMapKeyRef: + name: CONFIGMAP_NAME_PLACEHOLDER + key: S3_BUCKET + - name: S3_ENDPOINT + valueFrom: + configMapKeyRef: + name: CONFIGMAP_NAME_PLACEHOLDER + key: S3_ENDPOINT + optional: true + - name: AWS_REGION + valueFrom: + configMapKeyRef: + name: CONFIGMAP_NAME_PLACEHOLDER + key: AWS_REGION + - name: AWS_DEFAULT_REGION + valueFrom: + configMapKeyRef: + name: CONFIGMAP_NAME_PLACEHOLDER + key: AWS_REGION + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: SECRET_NAME_PLACEHOLDER + key: AWS_ACCESS_KEY_ID + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: SECRET_NAME_PLACEHOLDER + key: AWS_SECRET_ACCESS_KEY + - name: AWS_SESSION_TOKEN + valueFrom: + secretKeyRef: + name: SECRET_NAME_PLACEHOLDER + key: AWS_SESSION_TOKEN + optional: true + - name: PREVIEW_NUMBER + value: "PREVIEW_NUMBER_PLACEHOLDER" From 0b43955cca51e0ff5b0aa7c2df8eb658047efc49 Mon Sep 17 00:00:00 2001 From: Simon Planinschek Date: Thu, 19 Feb 2026 15:59:37 +0100 Subject: [PATCH 2/2] add action to teardown S3 preview deployments --- teardown-s3-preview/action.yml | 62 ++++++++++++++++++++++ teardown-s3-preview/job-template.yml | 79 ++++++++++++++++++++++++++++ 2 files changed, 141 insertions(+) create mode 100644 teardown-s3-preview/action.yml create mode 100644 teardown-s3-preview/job-template.yml diff --git a/teardown-s3-preview/action.yml b/teardown-s3-preview/action.yml new file mode 100644 index 0000000..fe9e667 --- /dev/null +++ b/teardown-s3-preview/action.yml @@ -0,0 +1,62 @@ +name: 'Teardown S3 Preview' +description: 'Deletes the S3 preview prefix' +inputs: + deployment-name: + description: 'Name of the deployment (used for ConfigMap name)' + required: true + namespace: + description: 'Kubernetes namespace' + required: true + preview-number: + description: 'Preview number (PR number)' + required: true + secret-name: + description: 'Name of the secret containing AWS credentials' + required: false + default: 'app-secrets' + +runs: + using: "composite" + steps: + - name: Prepare teardown-s3 job + run: | + JOB_NAME="teardown-s3-preview-${{ inputs.preview-number }}" + CONFIGMAP_NAME="${{ inputs.deployment-name }}-environments" + + # Create a temporary file for the manifest + cp ${{ github.action_path }}/job-template.yml job-teardown-s3.yml + + # Replace placeholders + sed -i "s/JOB_NAME_PLACEHOLDER/$JOB_NAME/g" job-teardown-s3.yml + sed -i "s/CONFIGMAP_NAME_PLACEHOLDER/$CONFIGMAP_NAME/g" job-teardown-s3.yml + sed -i "s/SECRET_NAME_PLACEHOLDER/${{ inputs.secret-name }}/g" job-teardown-s3.yml + sed -i "s/PREVIEW_NUMBER_PLACEHOLDER/${{ inputs.preview-number }}/g" job-teardown-s3.yml + + echo "Prepared job manifest: job-teardown-s3.yml" + shell: bash + + - name: Create teardown-s3 job + run: | + kubectl apply --namespace ${{ inputs.namespace }} -f job-teardown-s3.yml + shell: bash + + - name: Wait for teardown-s3 job to complete + run: | + JOB_NAME="teardown-s3-preview-${{ inputs.preview-number }}" + NAMESPACE="${{ inputs.namespace }}" + + echo "Waiting for job $JOB_NAME in namespace $NAMESPACE..." + + if kubectl wait --namespace $NAMESPACE --for=condition=complete --timeout=5m job/$JOB_NAME; then + echo "Job finished with status: Complete" + kubectl logs job/$JOB_NAME --namespace $NAMESPACE + elif kubectl wait --namespace $NAMESPACE --for=condition=failed --timeout=1s job/$JOB_NAME; then + echo "Job finished with status: Failed" + kubectl logs job/$JOB_NAME --namespace $NAMESPACE + exit 1 + else + echo "Timeout waiting for job to complete." + kubectl logs job/$JOB_NAME --namespace $NAMESPACE || true + exit 1 + fi + shell: bash diff --git a/teardown-s3-preview/job-template.yml b/teardown-s3-preview/job-template.yml new file mode 100644 index 0000000..48a61c0 --- /dev/null +++ b/teardown-s3-preview/job-template.yml @@ -0,0 +1,79 @@ +apiVersion: batch/v1 +kind: Job +metadata: + name: JOB_NAME_PLACEHOLDER +spec: + ttlSecondsAfterFinished: 60 + template: + spec: + restartPolicy: Never + containers: + - name: teardown-s3-preview + image: amazon/aws-cli:2 + command: [ "bash", "-c" ] + args: + - | + set -e + + echo "### START $(date --iso-8601=seconds) ###" + + S3_ARGS="" + if [ -n "$S3_ENDPOINT" ]; then + S3_ARGS="--endpoint-url $S3_ENDPOINT" + fi + + S3_PREVIEW_PREFIX="s3://$S3_BUCKET/preview-$PREVIEW_NUMBER/" + + echo "Checking if $S3_PREVIEW_PREFIX exists..." + if [ "$(aws s3 $S3_ARGS ls "$S3_PREVIEW_PREFIX" | wc -l)" -eq 0 ]; then + echo "$S3_PREVIEW_PREFIX does not exist or is empty. Skipping teardown." + echo "Script finished successfully!" + echo "### END $(date --iso-8601=seconds) ###" + exit 0 + fi + + echo "Removing $S3_PREVIEW_PREFIX recursively..." + aws s3 $S3_ARGS rm "$S3_PREVIEW_PREFIX" --recursive + + echo "Script finished successfully!" + echo "### END $(date --iso-8601=seconds) ###" + env: + - name: S3_BUCKET + valueFrom: + configMapKeyRef: + name: CONFIGMAP_NAME_PLACEHOLDER + key: S3_BUCKET + - name: S3_ENDPOINT + valueFrom: + configMapKeyRef: + name: CONFIGMAP_NAME_PLACEHOLDER + key: S3_ENDPOINT + optional: true + - name: AWS_REGION + valueFrom: + configMapKeyRef: + name: CONFIGMAP_NAME_PLACEHOLDER + key: AWS_REGION + - name: AWS_DEFAULT_REGION + valueFrom: + configMapKeyRef: + name: CONFIGMAP_NAME_PLACEHOLDER + key: AWS_REGION + - name: AWS_ACCESS_KEY_ID + valueFrom: + secretKeyRef: + name: SECRET_NAME_PLACEHOLDER + key: AWS_ACCESS_KEY_ID + - name: AWS_SECRET_ACCESS_KEY + valueFrom: + secretKeyRef: + name: SECRET_NAME_PLACEHOLDER + key: AWS_SECRET_ACCESS_KEY + - name: AWS_SESSION_TOKEN + valueFrom: + secretKeyRef: + name: SECRET_NAME_PLACEHOLDER + key: AWS_SESSION_TOKEN + optional: true + - name: PREVIEW_NUMBER + value: "PREVIEW_NUMBER_PLACEHOLDER"