Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: move forest-mainnet and forest-calibnet droplets from /terraform to /tf-managed #408

Merged
merged 24 commits into from
Feb 21, 2024
Merged

feat: move forest-mainnet and forest-calibnet droplets from /terraform to /tf-managed #408

merged 24 commits into from
Feb 21, 2024

Conversation

aatifsyed
Copy link
Contributor

@aatifsyed aatifsyed commented Feb 15, 2024
edited
Loading

@aatifsyed aatifsyed requested a review from a team as a code owner February 15, 2024 18:39
@aatifsyed aatifsyed requested review from LesnyRumcajs and elmattic and removed request for a team February 15, 2024 18:39
@github-actions GitHub Actions
Copy link

github-actions bot commented Feb 15, 2024
edited
Loading

Forest: forest-calibnet Infrastructure Plan: success

Show Plan 
data.digitalocean_ssh_keys.keys: Reading...
data.digitalocean_project.forest_project: Reading...
data.digitalocean_ssh_keys.keys: Read complete after 0s [id=ssh_keys/8656000852680004208]
data.digitalocean_project.forest_project: Read complete after 2s [id=da5e6601-7fd9-4d02-951e-390f7feb3411]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # digitalocean_droplet.forest will be created
  + resource "digitalocean_droplet" "forest" {
      + backups              = false
      + created_at           = (known after apply)
      + disk                 = (known after apply)
      + graceful_shutdown    = false
      + id                   = (known after apply)
      + image                = "docker-20-04"
      + ipv4_address         = (known after apply)
      + ipv4_address_private = (known after apply)
      + ipv6                 = false
      + ipv6_address         = (known after apply)
      + locked               = (known after apply)
      + memory               = (known after apply)
      + monitoring           = true
      + name                 = "prod-forest-calibnet"
      + price_hourly         = (known after apply)
      + price_monthly        = (known after apply)
      + private_networking   = (known after apply)
      + region               = "fra1"
      + resize_disk          = true
      + size                 = "s-4vcpu-16gb-amd"
      + ssh_keys             = [
          + "00:a0:c0:54:5f:40:22:10:52:8a:04:48:f9:c8:db:00",
          + "04:77:74:e8:81:92:9d:1e:cb:d3:5d:0d:fa:83:56:f6",
          + "31:fd:e9:da:70:df:ef:33:af:a2:ea:a1:fd:69:a7:9d",
          + "37:1e:1a:fc:25:2d:5a:a7:1f:49:b2:6d:53:5c:0e:45",
          + "41:91:6d:f9:f7:27:44:30:7f:a4:6f:36:e8:97:ad:cb",
          + "5a:a8:6d:02:66:21:e9:f7:27:b2:1c:6e:89:0f:65:77",
          + "77:09:d9:32:61:65:81:08:d1:e2:50:9b:ec:28:02:62",
          + "88:95:97:77:a1:1f:bf:e8:3a:84:20:7d:a9:4c:74:6d",
          + "99:ea:ec:bf:9f:d1:b2:52:02:b2:78:a2:57:25:a0:e7",
          + "9c:18:88:44:c4:d6:74:84:07:9a:3c:9a:f6:17:f3:e4",
          + "b6:03:52:e0:49:14:03:90:19:37:69:c3:c7:d0:e7:69",
          + "bb:7a:cc:18:56:7a:cb:2b:07:d7:8b:30:86:b8:b5:41",
          + "c7:f9:b0:49:24:aa:30:36:4e:5f:d4:a3:ab:43:49:e8",
          + "d3:6d:af:8e:a4:b9:8f:b8:38:2b:56:06:5f:38:48:a7",
          + "e4:0e:85:24:75:5e:f3:b1:77:c4:7d:a2:3a:1e:00:b1",
          + "f7:de:2d:83:ce:e7:c3:13:2c:ca:3a:f0:4b:4e:46:da",
          + "fa:48:60:7b:b0:c4:86:70:e9:fa:e9:f8:fb:c7:2e:72",
          + "fa:62:10:64:1b:77:eb:78:a5:ba:e0:86:ff:76:7e:97",
          + "fe:42:94:20:d0:a9:24:67:5f:de:78:c1:bb:8b:6c:92",
        ]
      + status               = (known after apply)
      + tags                 = [
          + "iac",
          + "prod",
        ]
      + urn                  = (known after apply)
      + vcpus                = (known after apply)
      + volume_ids           = (known after apply)
      + vpc_uuid             = (known after apply)
    }

  # digitalocean_firewall.forest_firewall will be created
  + resource "digitalocean_firewall" "forest_firewall" {
      + created_at      = (known after apply)
      + droplet_ids     = (known after apply)
      + id              = (known after apply)
      + name            = "prod-forest-calibnet-firewall"
      + pending_changes = (known after apply)
      + status          = (known after apply)

      + inbound_rule {
          + port_range                = "1234"
          + protocol                  = "tcp"
          + source_addresses          = [
              + "0.0.0.0/0",
              + "::/0",
            ]
          + source_droplet_ids        = []
          + source_kubernetes_ids     = []
          + source_load_balancer_uids = []
          + source_tags               = []
        }
      + inbound_rule {
          + port_range                = "22"
          + protocol                  = "tcp"
          + source_addresses          = [
              + "0.0.0.0/0",
              + "::/0",
            ]
          + source_droplet_ids        = []
          + source_kubernetes_ids     = []
          + source_load_balancer_uids = []
          + source_tags               = []
        }
      + inbound_rule {
          + port_range                = "80"
          + protocol                  = "tcp"
          + source_addresses          = [
              + "0.0.0.0/0",
              + "::/0",
            ]
          + source_droplet_ids        = []
          + source_kubernetes_ids     = []
          + source_load_balancer_uids = []
          + source_tags               = []
        }

      + outbound_rule {
          + destination_addresses          = [
              + "0.0.0.0/0",
              + "::/0",
            ]
          + destination_droplet_ids        = []
          + destination_kubernetes_ids     = []
          + destination_load_balancer_uids = []
          + destination_tags               = []
          + protocol                       = "icmp"
        }
      + outbound_rule {
          + destination_addresses          = [
              + "0.0.0.0/0",
              + "::/0",
            ]
          + destination_droplet_ids        = []
          + destination_kubernetes_ids     = []
          + destination_load_balancer_uids = []
          + destination_tags               = []
          + port_range                     = "123"
          + protocol                       = "udp"
        }
      + outbound_rule {
          + destination_addresses          = [
              + "0.0.0.0/0",
              + "::/0",
            ]
          + destination_droplet_ids        = []
          + destination_kubernetes_ids     = []
          + destination_load_balancer_uids = []
          + destination_tags               = []
          + port_range                     = "53"
          + protocol                       = "udp"
        }
      + outbound_rule {
          + destination_addresses          = [
              + "0.0.0.0/0",
              + "::/0",
            ]
          + destination_droplet_ids        = []
          + destination_kubernetes_ids     = []
          + destination_load_balancer_uids = []
          + destination_tags               = []
          + port_range                     = "all"
          + protocol                       = "tcp"
        }
    }

  # digitalocean_project_resources.connect_forest_project will be created
  + resource "digitalocean_project_resources" "connect_forest_project" {
      + id        = (known after apply)
      + project   = "da5e6601-7fd9-4d02-951e-390f7feb3411"
      + resources = (known after apply)
    }

  # local_sensitive_file.bootstrap_script will be created
  + resource "local_sensitive_file" "bootstrap_script" {
      + content              = (sensitive value)
      + content_base64sha256 = (known after apply)
      + content_base64sha512 = (known after apply)
      + content_md5          = (known after apply)
      + content_sha1         = (known after apply)
      + content_sha256       = (known after apply)
      + content_sha512       = (known after apply)
      + directory_permission = "0700"
      + file_permission      = "0700"
      + filename             = "bootstrap.bash"
      + id                   = (known after apply)
    }

Plan: 4 to add, 0 to change, 0 to destroy.

Changes to Outputs:
  + ip = [
      + (known after apply),
    ]

─────────────────────────────────────────────────────────────────────────────

Saved the plan to: /home/runner/work/forest-iac/forest-iac/tfplan

To perform exactly these actions, run the following command to apply:
    terraform apply "/home/runner/work/forest-iac/forest-iac/tfplan"

@github-actions GitHub Actions
Copy link

github-actions bot commented Feb 15, 2024
edited
Loading

Forest: forest-mainnet Infrastructure Plan: success

Show Plan 
data.digitalocean_ssh_keys.keys: Reading...
data.digitalocean_project.forest_project: Reading...
data.digitalocean_ssh_keys.keys: Read complete after 0s [id=ssh_keys/8656000852680004208]
data.digitalocean_project.forest_project: Read complete after 2s [id=da5e6601-7fd9-4d02-951e-390f7feb3411]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # digitalocean_droplet.forest will be created
  + resource "digitalocean_droplet" "forest" {
      + backups              = false
      + created_at           = (known after apply)
      + disk                 = (known after apply)
      + graceful_shutdown    = false
      + id                   = (known after apply)
      + image                = "docker-20-04"
      + ipv4_address         = (known after apply)
      + ipv4_address_private = (known after apply)
      + ipv6                 = false
      + ipv6_address         = (known after apply)
      + locked               = (known after apply)
      + memory               = (known after apply)
      + monitoring           = true
      + name                 = "prod-forest-mainnet"
      + price_hourly         = (known after apply)
      + price_monthly        = (known after apply)
      + private_networking   = (known after apply)
      + region               = "fra1"
      + resize_disk          = true
      + size                 = "s-4vcpu-16gb-amd"
      + ssh_keys             = [
          + "00:a0:c0:54:5f:40:22:10:52:8a:04:48:f9:c8:db:00",
          + "04:77:74:e8:81:92:9d:1e:cb:d3:5d:0d:fa:83:56:f6",
          + "31:fd:e9:da:70:df:ef:33:af:a2:ea:a1:fd:69:a7:9d",
          + "37:1e:1a:fc:25:2d:5a:a7:1f:49:b2:6d:53:5c:0e:45",
          + "41:91:6d:f9:f7:27:44:30:7f:a4:6f:36:e8:97:ad:cb",
          + "5a:a8:6d:02:66:21:e9:f7:27:b2:1c:6e:89:0f:65:77",
          + "77:09:d9:32:61:65:81:08:d1:e2:50:9b:ec:28:02:62",
          + "88:95:97:77:a1:1f:bf:e8:3a:84:20:7d:a9:4c:74:6d",
          + "99:ea:ec:bf:9f:d1:b2:52:02:b2:78:a2:57:25:a0:e7",
          + "9c:18:88:44:c4:d6:74:84:07:9a:3c:9a:f6:17:f3:e4",
          + "b6:03:52:e0:49:14:03:90:19:37:69:c3:c7:d0:e7:69",
          + "bb:7a:cc:18:56:7a:cb:2b:07:d7:8b:30:86:b8:b5:41",
          + "c7:f9:b0:49:24:aa:30:36:4e:5f:d4:a3:ab:43:49:e8",
          + "d3:6d:af:8e:a4:b9:8f:b8:38:2b:56:06:5f:38:48:a7",
          + "e4:0e:85:24:75:5e:f3:b1:77:c4:7d:a2:3a:1e:00:b1",
          + "f7:de:2d:83:ce:e7:c3:13:2c:ca:3a:f0:4b:4e:46:da",
          + "fa:48:60:7b:b0:c4:86:70:e9:fa:e9:f8:fb:c7:2e:72",
          + "fa:62:10:64:1b:77:eb:78:a5:ba:e0:86:ff:76:7e:97",
          + "fe:42:94:20:d0:a9:24:67:5f:de:78:c1:bb:8b:6c:92",
        ]
      + status               = (known after apply)
      + tags                 = [
          + "iac",
          + "prod",
        ]
      + urn                  = (known after apply)
      + vcpus                = (known after apply)
      + volume_ids           = (known after apply)
      + vpc_uuid             = (known after apply)
    }

  # digitalocean_firewall.forest_firewall will be created
  + resource "digitalocean_firewall" "forest_firewall" {
      + created_at      = (known after apply)
      + droplet_ids     = (known after apply)
      + id              = (known after apply)
      + name            = "prod-forest-mainnet-firewall"
      + pending_changes = (known after apply)
      + status          = (known after apply)

      + inbound_rule {
          + port_range                = "1234"
          + protocol                  = "tcp"
          + source_addresses          = [
              + "0.0.0.0/0",
              + "::/0",
            ]
          + source_droplet_ids        = []
          + source_kubernetes_ids     = []
          + source_load_balancer_uids = []
          + source_tags               = []
        }
      + inbound_rule {
          + port_range                = "22"
          + protocol                  = "tcp"
          + source_addresses          = [
              + "0.0.0.0/0",
              + "::/0",
            ]
          + source_droplet_ids        = []
          + source_kubernetes_ids     = []
          + source_load_balancer_uids = []
          + source_tags               = []
        }
      + inbound_rule {
          + port_range                = "80"
          + protocol                  = "tcp"
          + source_addresses          = [
              + "0.0.0.0/0",
              + "::/0",
            ]
          + source_droplet_ids        = []
          + source_kubernetes_ids     = []
          + source_load_balancer_uids = []
          + source_tags               = []
        }

      + outbound_rule {
          + destination_addresses          = [
              + "0.0.0.0/0",
              + "::/0",
            ]
          + destination_droplet_ids        = []
          + destination_kubernetes_ids     = []
          + destination_load_balancer_uids = []
          + destination_tags               = []
          + protocol                       = "icmp"
        }
      + outbound_rule {
          + destination_addresses          = [
              + "0.0.0.0/0",
              + "::/0",
            ]
          + destination_droplet_ids        = []
          + destination_kubernetes_ids     = []
          + destination_load_balancer_uids = []
          + destination_tags               = []
          + port_range                     = "123"
          + protocol                       = "udp"
        }
      + outbound_rule {
          + destination_addresses          = [
              + "0.0.0.0/0",
              + "::/0",
            ]
          + destination_droplet_ids        = []
          + destination_kubernetes_ids     = []
          + destination_load_balancer_uids = []
          + destination_tags               = []
          + port_range                     = "53"
          + protocol                       = "udp"
        }
      + outbound_rule {
          + destination_addresses          = [
              + "0.0.0.0/0",
              + "::/0",
            ]
          + destination_droplet_ids        = []
          + destination_kubernetes_ids     = []
          + destination_load_balancer_uids = []
          + destination_tags               = []
          + port_range                     = "all"
          + protocol                       = "tcp"
        }
    }

  # digitalocean_project_resources.connect_forest_project will be created
  + resource "digitalocean_project_resources" "connect_forest_project" {
      + id        = (known after apply)
      + project   = "da5e6601-7fd9-4d02-951e-390f7feb3411"
      + resources = (known after apply)
    }

  # local_sensitive_file.bootstrap_script will be created
  + resource "local_sensitive_file" "bootstrap_script" {
      + content              = (sensitive value)
      + content_base64sha256 = (known after apply)
      + content_base64sha512 = (known after apply)
      + content_md5          = (known after apply)
      + content_sha1         = (known after apply)
      + content_sha256       = (known after apply)
      + content_sha512       = (known after apply)
      + directory_permission = "0700"
      + file_permission      = "0700"
      + filename             = "bootstrap.bash"
      + id                   = (known after apply)
    }

Plan: 4 to add, 0 to change, 0 to destroy.

Changes to Outputs:
  + ip = [
      + (known after apply),
    ]

─────────────────────────────────────────────────────────────────────────────

Saved the plan to: /home/runner/work/forest-iac/forest-iac/tfplan

To perform exactly these actions, run the following command to apply:
    terraform apply "/home/runner/work/forest-iac/forest-iac/tfplan"

LesnyRumcajs
LesnyRumcajs reviewed Feb 16, 2024
View reviewed changes
Copy link
Member

@LesnyRumcajs LesnyRumcajs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking good.

.github/workflows/deploy-forest-calibnet.yml Outdated Show resolved Hide resolved
.github/workflows/deploy-forest-calibnet.yml Outdated Show resolved Hide resolved
.github/workflows/deploy-forest-calibnet.yml Outdated Show resolved Hide resolved
.github/workflows/deploy-forest-calibnet.yml Outdated Show resolved Hide resolved
.github/workflows/deploy-forest-mainnet.yml Outdated Show resolved Hide resolved
tf-managed/live/environments/dev/applications/forest-calibnet/terragrunt.hcl Show resolved Hide resolved
tf-managed/modules/forest-in-docker-in-droplet/main.tf Outdated Show resolved Hide resolved
@aatifsyed
mark: aatifsyed/migrate-forest-calibnet
b242b06
@aatifsyed
run: cp -r tf-managed/modules/daily-snapshot/ tf-managed/modules/fore…
036b306 
…st-calibnet
@aatifsyed
run: rm tf-managed/modules/forest-calibnet/monitoring/ -r
98f20eb
@aatifsyed
run: rm tf-managed/modules/forest-calibnet/service/calibnet_cron_job …
46abd0d 
…tf-managed/modules/forest-calibnet/service/init.sh tf-managed/modules/forest-calibnet/service/mainnet_cron_job tf-managed/modules/forest-calibnet/service/newrelic_fail2ban.sh
@aatifsyed
run: cp terraform/modules/filecoin_node/forest.sh tf-managed/modules/…
41355a0 
…forest-calibnet/service/forest.sh
@aatifsyed
run: cat terraform/modules/filecoin_node/variable.tf terraform/forest…
7a8a3b3 
…-calibnet/variable.tf > tf-managed/modules/forest-calibnet/variable.tf
@aatifsyed
run: cp terraform/modules/filecoin_node/firewall.tf tf-managed/module…
96c7d10 
…s/forest-calibnet/firewall.tf
@aatifsyed
wip
8dc9e8b
@aatifsyed
run: cargo run --manifest-path ./ignored/sort-dedup-variable/Cargo.to…
b4ae5c8 
…ml tf-managed/modules/forest-calibnet/variable.tf
@aatifsyed
feat: initial deployment works
5deb5c2
@aatifsyed
refactor: firewall rules, redundant variables, bootstrapping
87aaef6
@aatifsyed
refactor: rename module
6347abb
@aatifsyed
run: cp tf-managed/live/environments/dev-ympk5i4p/applications/forest…
5008005 
…-calibnet/ tf-managed/live/environments/dev/applications/ -r
@aatifsyed
feat: mainnet application
d22db5e
@aatifsyed
docs: chain variable
10b60bd
@aatifsyed
run: rm -r terraform/modules/ terraform/forest-calibnet/ terraform/fo…
54160b3 
…rest-mainnet/
@aatifsyed
run: cp -r tf-managed/live/environments/dev/applications/forest-calib…
76d1fac 
…net tf-managed/live/environments/dev/applications/forest-mainnet tf-managed/live/environments/prod/applications/
@aatifsyed
chore: copy deploy-snapshot-monitoring for workflows
08f4067
@aatifsyed
run: mv tf-managed/modules/forest-in-docker-in-droplet/ tf-managed/mo…
cbb1fdc 
…dules/forest-droplet
@aatifsyed
refactor: forest-in-docker-in-droplet -> forest-droplet
28341ff
@aatifsyed
refactor: droplet_size is a mandatory param
09b12f4
@aatifsyed
fix: workflows
59ce134
@aatifsyed
chore: formatting
890b77a
@aatifsyed aatifsyed force-pushed the aatifsyed/migrate-forest-calibnet branch 2 times, most recently from 3b37de6 to 1863239 Compare February 19, 2024 12:41
LesnyRumcajs
LesnyRumcajs approved these changes Feb 20, 2024
View reviewed changes
Copy link
Member

@LesnyRumcajs LesnyRumcajs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please use the PR template for documentation purposes, and let's create a follow-up issue for #373, for monitoring purposes.

tf-managed/modules/forest-droplet/main.tf Show resolved Hide resolved
@aatifsyed aatifsyed enabled auto-merge (squash) February 20, 2024 14:19
This was referenced Feb 20, 2024
Closed
Closed
@aatifsyed aatifsyed merged commit 912113f into main Feb 21, 2024
11 checks passed
@aatifsyed aatifsyed deleted the aatifsyed/migrate-forest-calibnet branch February 21, 2024 09:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@elmattic elmattic elmattic approved these changes

@LesnyRumcajs LesnyRumcajs LesnyRumcajs approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@aatifsyed @LesnyRumcajs @elmattic