PKI2-196 change to openlan org (#1097)

* Add new cluster deployer GH action

Signed-off-by: Carsten Schafer <Carsten.Schafer@kinarasystems.com>

* New version of dev01 deploy

Signed-off-by: Carsten Schafer <Carsten.Schafer@kinarasystems.com>

---------

Signed-off-by: Carsten Schafer <Carsten.Schafer@kinarasystems.com>
Co-authored-by: Carsten Schafer <Carsten.Schafer@kinarasystems.com>

Author: carsten989

.github/workflows/cgw-dev-deployment.yaml

@@ -5,6 +5,9 @@ defaults:
     shell: bash
 
 env:
+  AWS_EKS_NAME: tip-openlan-lab
+  K8S_VERSION: "1.36.1"
+  HELMFILE_VERSION: "1.5.2"
   AWS_DEFAULT_OUTPUT: json
   AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
   AWS_ACCESS_KEY_ID: ${{ secrets.AWS_CLIENT_ID }}
@@ -41,9 +44,8 @@ on:
         description: 'Namespace (normally openlan-CONFIGNAME)'
         required: false
       cluster:
-        default: "tip-wlan-main"
-        #other: "tip-wlan-qa"
-        description: "AWS cluster name: tip-wlan-main or tip-wlan-qa"
+        default: "tip-openlan-lab"
+        description: "AWS cluster name: tip-openlan-lab"
         required: false
       region:
         default: "ap-south-1"
@@ -115,13 +117,14 @@ jobs:
 
       - name: Install kubectl, helmfile and plugins
         run: |
-          curl -s -LO "https://dl.k8s.io/release/v1.27.14/bin/linux/amd64/kubectl"
+          curl -s -LO "https://dl.k8s.io/release/${{ env.K8S_VERSION }}/bin/linux/amd64/kubectl"
           sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
-          curl -s -LO "https://github.com/helmfile/helmfile/releases/download/v0.165.0/helmfile_0.165.0_linux_amd64.tar.gz"
-          tar xvzf helmfile_0.165.0_linux_amd64.tar.gz helmfile
+          curl -s -LO \
+            "https://github.com/helmfile/helmfile/releases/download/v${{ env.HELMFILE_VERSION }}/helmfile_${{ env.HELMFILE_VERSION }}/helmfile_${{ env.HELMFILE_VERSION }}_linux_amd64.tar.gz"
+          tar xvzf helmfile_${{ env.HELMFILE_VERSION }}_linux_amd64.tar.gz helmfile
           sudo install -o root -g root -m 0755 helmfile /usr/local/bin/helmfile
-          helm plugin install https://github.com/aslafy-z/helm-git --version 0.16.0
-          helm plugin install https://github.com/databus23/helm-diff
+          helm plugin install https://github.com/aslafy-z/helm-git --version 1.5.2
+          helm plugin install https://github.com/databus23/helm-diff --version 3.15.7
 
       - name: Create certificate file
         working-directory: wlan-cloud-ucentral-deploy/cgw

.github/workflows/cloud-sdk-dev-deployment.yaml

@@ -0,0 +1,198 @@
+name: New Deploy DEV01 OpenWIFI Cloud SDK
+
+defaults:
+  run:
+    shell: bash
+
+env:
+  AWS_EKS_NAME: tip-openlan-lab
+  K8S_VERSION: "1.36.1"
+  AWS_DEFAULT_OUTPUT: json
+  AWS_DEFAULT_REGION: ap-south-1
+  AWS_ACCOUNT_ID: ${{ secrets.AWS_ACCOUNT_ID }}
+  AWS_ACCESS_KEY_ID: ${{ secrets.AWS_CLIENT_ID }}
+  AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_CLIENT_KEY }}
+
+  # Insta certs:
+  #WEBSOCKET_CERT: ${{ secrets.INSTA_WEBSOCKET_CERT }}
+  #WEBSOCKET_KEY: ${{ secrets.INSTA_WEBSOCKET_KEY }}
+  # DigiCert certs:
+  WEBSOCKET_CERT: ${{ secrets.DIGICERT_CERT }}
+  WEBSOCKET_KEY: ${{ secrets.DIGICERT_KEY }}
+
+  # https://stackoverflow.com/questions/59977364/github-actions-how-use-strategy-matrix-with-script
+  # Required object fiels per environment:
+  # - namespace - namespace suffix that will used added for the Kubernetes environment (i.e. if you pass 'test', kubernetes namespace will be named 'openwifi-test')
+  # - deploy_method - deployment method for the chart deployment (supported methods - 'git' (will use helm-git from assembly chart) and 'bundle' (will use chart stored in the Artifactory0
+  # - chart_version - version of chart to be deployed from assembly chart (for 'git' method git ref may be passed, for 'bundle' method version of chart may be passed)
+  # - owgw_version - OpenWIFI Gateway version to deploy (will be used for Docker image tag and git branch for Helm chart if git deployment is required)
+  # - owsec_version - OpenWIFI Security version to deploy (will be used for Docker image tag and git branch for Helm chart if git deployment is required)
+  # - owfms_version - OpenWIFI Firmware version to deploy (will be used for Docker image tag and git branch for Helm chart if git deployment is required)
+  # - owprov_version - OpenWIFI Provisioning version to deploy (will be used for Docker image tag and git branch for Helm chart if git deployment is required)
+  # - owanalytics_version - OpenWIFI Analytics version to deploy (will be used for Docker image tag and git branch for Helm chart if git deployment is required)
+  # - owsub_version - OpenWIFI Subscription (Userportal) version to deploy (will be used for Docker image tag and git branch for Helm chart if git deployment is required)
+  # - owrrm_version - OpenWIFI radio resource management service version to deploy (will be used for Docker image tag and git branch for Helm chart if git deployment is required)
+  # - owgwui_version - OpenWIFI Web UI version to deploy (will be used for Docker image tag and git branch for Helm chart if git deployment is required)
+  # - owprovui_version - OpenWIFI Provisioning Web UI version to deploy (will be used for Docker image tag and git branch for Helm chart if git deployment is required)
+  testbeds: '[
+    {
+      "namespace": "dev01",
+      "deploy_method": "git",
+      "chart_version": "${{ github.event.inputs.chart_version }}",
+      "owgw_version": "master",
+      "owsec_version": "main",
+      "owfms_version": "main",
+      "owprov_version": "main",
+      "owanalytics_version": "main",
+      "owsub_version": "main",
+      "owrrm_version": "main",
+      "owgwui_version": "main",
+      "owprovui_version": "main"
+    }
+  ]'
+
+on:
+  workflow_dispatch:
+    inputs:
+      chart_version:
+        description: 'Chart version to deploy eg: v4.1.0, if force latest not set'
+        required: true
+        default: 'main'
+      force_latest:
+        default: 'false'
+        description: 'Force deployment of the latest versions of all microservices ignoring matrix versions'
+        required: true
+      id:
+        description: 'run identifier'
+        required: false
+
+jobs:
+  id:
+    name: Workflow ID Provider
+    runs-on: ubuntu-latest
+    steps:
+      - name: ${{ github.event.inputs.id }}
+        run: echo run identifier ${{ inputs.id }}
+
+  generate-matrix:
+    name: Generate matrix for build
+    runs-on: ubuntu-latest
+    needs:
+      - id
+    outputs:
+      matrix: ${{ steps.set-matrix.outputs.matrix }}
+    steps:
+    - name: generate-matrix
+      id: set-matrix
+      run: |
+        cat >> $GITHUB_OUTPUT << EOF
+        matrix={"include":${{ env.testbeds }}}
+        EOF
+
+  deploy:
+    name: Update OpenWIFI Cloud SDK instances
+    runs-on: ubuntu-latest
+    needs:
+      - id
+      - generate-matrix
+    strategy:
+      matrix: ${{ fromJson( needs.generate-matrix.outputs.matrix ) }}
+      fail-fast: false
+    steps:
+
+    - name: Checkout repo with Helm values
+      uses: actions/checkout@v4
+      with:
+        repository: Telecominfraproject/wlan-cloud-ucentral-deploy
+        path: wlan-cloud-ucentral-deploy
+        ref: ${{ matrix.chart_version }}
+
+    - name: Prepare certificates from secrets
+      working-directory: wlan-cloud-ucentral-deploy/chart/environment-values
+      run: |
+        echo "${{ env.WEBSOCKET_CERT }}" | base64 -d > cert.pem
+        echo "${{ env.WEBSOCKET_KEY }}" | base64 -d > key.pem
+
+    - name: Fetch kubeconfig
+      run: |
+        aws eks update-kubeconfig --name ${{ env.AWS_EKS_NAME }}
+
+    - name: Install kubectl
+      run: |
+        curl -s -LO "https://dl.k8s.io/release/${{ env.K8S_VERSION }}/bin/linux/amd64/kubectl"
+        sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
+
+    - name: Deploy OpenWIFI Cloud SDK
+      working-directory: wlan-cloud-ucentral-deploy/chart/environment-values
+      run: |
+        export NAMESPACE=${{ matrix.namespace }}
+        export RTTY_TOKEN=${{ secrets.RTTY_TOKEN }}
+        export OWGW_AUTH_USERNAME=${{ secrets.UCENTRALGW_AUTH_USERNAME }}
+        export OWGW_AUTH_PASSWORD=${{ secrets.UCENTRALGW_AUTH_PASSWORD }}
+        export OWFMS_S3_SECRET=${{ secrets.UCENTRALFMS_S3_SECRET }}
+        export OWFMS_S3_KEY=${{ secrets.UCENTRALFMS_S3_KEY }}
+        export CERT_LOCATION=cert.pem
+        export KEY_LOCATION=key.pem
+        export OWSEC_NEW_PASSWORD=${{ secrets.OWSEC_NEW_PASSWORD }}
+        export MAILER_USERNAME=${{ secrets.MAILER_USERNAME }}
+        export MAILER_PASSWORD=${{ secrets.MAILER_PASSWORD }}
+        export IPTOCOUNTRY_IPINFO_TOKEN=${{ secrets.IPTOCOUNTRY_IPINFO_TOKEN }}
+        export DOMAIN=lab.open-lan.org
+        export CERTIFICATE_ARN=arn:aws:acm:ap-south-1:289708231103:certificate/2da39707-c340-48ec-a819-0014126548af
+        # use insta + digicert chaincerts here
+        export VALUES_FILE_LOCATION=values.openwifi-qa.yaml,values.openwifi-qa.single-external-db.yaml,values.openwifi-qa.separate-lbs.yaml
+        if [[ "${{ github.event.inputs.force_latest }}" == "false" ]]; then
+          export DEPLOY_METHOD=${{ matrix.deploy_method }}
+          export CHART_VERSION=${{ matrix.chart_version }}
+          export OWGW_VERSION=${{ matrix.owgw_version }}
+          export OWGWUI_VERSION=${{ matrix.owgwui_version }}
+          export OWSEC_VERSION=${{ matrix.owsec_version }}
+          export OWFMS_VERSION=${{ matrix.owfms_version }}
+          export OWPROV_VERSION=${{ matrix.owprov_version }}
+          export OWPROVUI_VERSION=${{ matrix.owprovui_version }}
+          export OWANALYTICS_VERSION=${{ matrix.owanalytics_version }}
+          export OWSUB_VERSION=${{ matrix.owsub_version }}
+          export OWRRM_VERSION=${{ matrix.owrrm_version }}
+        else
+          export DEPLOY_METHOD=git
+          export CHART_VERSION=main
+          export OWGW_VERSION=master
+          export OWGWUI_VERSION=main
+          export OWSEC_VERSION=main
+          export OWFMS_VERSION=main
+          export OWPROV_VERSION=main
+          export OWPROVUI_VERSION=main
+          export OWANALYTICS_VERSION=main
+          export OWSUB_VERSION=main
+          export OWRRM_VERSION=main
+        fi
+        ./deploy.sh
+
+    - name: Show resource state on deployment failure
+      if: failure()
+      run: |
+        kubectl get pods --namespace openwifi-${{ matrix.namespace }}
+        kubectl get services --namespace openwifi-${{ matrix.namespace }}
+        kubectl get persistentvolumeclaims --namespace openwifi-${{ matrix.namespace }}
+
+    - name: Describe pods on deployment failure
+      if: failure()
+      run: |
+        kubectl describe pods --namespace openwifi-${{ matrix.namespace }}
+
+    - name: Describe services on deployment failure
+      if: failure()
+      run: |
+        kubectl describe services --namespace openwifi-${{ matrix.namespace }}
+
+    - name: Describe persistentvolumeclaims on deployment failure
+      if: failure()
+      run: |
+        kubectl describe persistentvolumeclaims --namespace openwifi-${{ matrix.namespace }}
+
+    - name: Rollback Cloud SDK
+      #if: failure()
+      # don't roll back so easier to diagnose issues
+      if: false
+      run: |
+        helm rollback tip-openwifi --namespace openwifi-${{ matrix.namespace }} --wait --timeout 20m

.github/workflows/cloud-sdk-qa-deployment.yaml

@@ -130,7 +130,6 @@ jobs:
         export MAILER_USERNAME=${{ secrets.MAILER_USERNAME }}
         export MAILER_PASSWORD=${{ secrets.MAILER_PASSWORD }}
         export IPTOCOUNTRY_IPINFO_TOKEN=${{ secrets.IPTOCOUNTRY_IPINFO_TOKEN }}
-        export EXTRA_VALUES='owgw.configProperties.logging\.level=information'
         ./deploy.sh
 
     - name: Show resource state on deployment failure