-
Notifications
You must be signed in to change notification settings - Fork 20
266 lines (258 loc) · 11.9 KB
/
site_deploy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
# This workflow will deploy the VCell full application (server +- client) to alpha or release
name: CD-sites
# Controls when the workflow will run
on:
workflow_dispatch:
inputs:
vcell_version:
description: 'version.major.minor'
required: true
default: '7.6.0'
vcell_build:
description: 'build number'
required: true
default: '18'
vcell_site:
description: 'rel or alpha or test'
required: true
default: 'alpha'
server_only:
description: 'Deploy only the server components?'
required: true
default: 'false'
jobs:
build:
name: Build client installers
runs-on: ubuntu-20.04
steps:
- name: checkout tag
uses: actions/checkout@v4
with:
ref: ${{ github.event.inputs.vcell_version }}.${{ github.event.inputs.vcell_build }}
- name: setup global environment variables
run: |
echo "VCELL_VERSION=${{ github.event.inputs.vcell_version }}" >> $GITHUB_ENV
echo "VCELL_BUILD=${{ github.event.inputs.vcell_build }}" >> $GITHUB_ENV
echo "VCELL_SITE=${{ github.event.inputs.vcell_site }}" >> $GITHUB_ENV
echo "VCELL_TAG=`git rev-parse --short HEAD`" >> $GITHUB_ENV
echo "VCELL_REPO_NAMESPACE=ghcr.io/virtualcell" >> $GITHUB_ENV
echo "VCELL_DEPLOY_REMOTE_DIR=/share/apps/vcell3/deployed_github" >> $GITHUB_ENV
echo "VCELL_WEBHELP_REMOTE_DIR=/share/apps/vcell3/apache_webroot/htdocs/webstart/VCell_Tutorials/VCell_Help" >> $GITHUB_ENV
if [ "${{ github.event.inputs.vcell_site }}" == "rel" ]; then\
echo "VCELL_MANAGER_NODE=vcellapi.cam.uchc.edu" >> $GITHUB_ENV;\
echo "VCELL_INSTALLER_REMOTE_DIR="/share/apps/vcell3/apache_webroot/htdocs/webstart/Rel"" >> $GITHUB_ENV;\
else if [ "${{ github.event.inputs.vcell_site }}" == "alpha" ]; then\
echo "VCELL_MANAGER_NODE=vcellapi.cam.uchc.edu" >> $GITHUB_ENV;\
echo "VCELL_INSTALLER_REMOTE_DIR="/share/apps/vcell3/apache_webroot/htdocs/webstart/Alpha"" >> $GITHUB_ENV;\
else if [ "${{ github.event.inputs.vcell_site }}" == "test" ]; then\
echo "VCELL_MANAGER_NODE=vcellapi.cam.uchc.edu" >> $GITHUB_ENV;\
echo "VCELL_INSTALLER_REMOTE_DIR="/share/apps/vcell3/apache_webroot/htdocs/webstart/Test"" >> $GITHUB_ENV;\
else echo "Unknown site name ${{ github.event.inputs.vcell_site }}"; exit 1; fi; fi; fi
- name: setup ssh-agent
uses: webfactory/[email protected]
with:
ssh-private-key: ${{ secrets.VC_KEY }}
- name: get installer secrets
run: |
ssh-keyscan $VCELL_MANAGER_NODE >> ~/.ssh/known_hosts
sudo mkdir /usr/local/deploy
sudo chmod 777 /usr/local/deploy
cd /usr/local/deploy
scp ${{ secrets.CD_FULL_USER }}@${VCELL_MANAGER_NODE}:${VCELL_DEPLOY_REMOTE_DIR}/deploy_dir_2023_07_30.tar .
cd ..
sudo tar -xvf deploy/deploy_dir_2023_07_30.tar
sudo chmod 777 -R deploy
- name: setup config
run: |
cd docker/swarm
export VCELL_CONFIG_FILE_NAME="server_${VCELL_SITE}_${VCELL_VERSION}_${VCELL_BUILD}_${VCELL_TAG}.config"
echo "VCELL_CONFIG_FILE_NAME=$VCELL_CONFIG_FILE_NAME" >> $GITHUB_ENV
echo "| $VCELL_SITE | $VCELL_REPO_NAMESPACE | $VCELL_TAG | $VCELL_VERSION | $VCELL_BUILD | $VCELL_CONFIG_FILE_NAME |"
./serverconfig-uch.sh $VCELL_SITE $VCELL_REPO_NAMESPACE $VCELL_TAG $VCELL_VERSION $VCELL_BUILD $VCELL_CONFIG_FILE_NAME
env | grep VCELL > variables
- name: send home config file and variables
run: |
scp docker/build/admin/vcell-su.sh ${{ secrets.CD_FULL_USER }}@${VCELL_MANAGER_NODE}:${VCELL_DEPLOY_REMOTE_DIR}/config
scp docker/swarm/$VCELL_CONFIG_FILE_NAME ${{ secrets.CD_FULL_USER }}@${VCELL_MANAGER_NODE}:${VCELL_DEPLOY_REMOTE_DIR}
scp docker/swarm/variables ${{ secrets.CD_FULL_USER }}@${VCELL_MANAGER_NODE}:${VCELL_DEPLOY_REMOTE_DIR}/variables_$VCELL_TAG
- name: upload variables
uses: actions/upload-artifact@v3
with:
name: variables
path: docker/swarm/variables
retention-days: 1
# - name: build client installers
# if: ${{ github.event.inputs.server_only != 'true' }}
# run: |
# cd docker/swarm
# echo "${{ secrets.GITHUB_TOKEN }}" | sudo docker login ghcr.io -u ${{ github.actor }} --password-stdin
# sudo docker pull $VCELL_REPO_NAMESPACE/vcell-clientgen:$VCELL_TAG
# ./generate_installers.sh ./${VCELL_CONFIG_FILE_NAME}
# - name: upload generated installers
# if: ${{ github.event.inputs.server_only != 'true' }}
# uses: actions/upload-artifact@v3
# with:
# name: installers
# path: docker/swarm/generated_installers
# retention-days: 1
- name: Setup tmate session
if: ${{ failure() }}
uses: mxschmitt/action-tmate@v3
# notarize:
# name: Notarize the MacOS client
# runs-on: macos-latest
# needs: build
# steps:
# - name: download generated installers
# if: ${{ github.event.inputs.server_only != 'true' }}
# uses: actions/download-artifact@v3
# - name: notarize mac installer
# if: ${{ github.event.inputs.server_only != 'true' }}
# run: |
# set -x
# set +e
# cd installers
# export MAC_INSTALLER=`ls *dmg`
# xcrun notarytool submit --output-format normal --no-progress --no-wait --team-id "${{ secrets.MACTEAMID }}" --apple-id "${{ secrets.MACID }}" --password "${{ secrets.MACPW }}" $MAC_INSTALLER > submit_output
# echo "output returned by notarytool submit:"
# cat submit_output
# cat submit_output | grep "id:" | cut -d ':' -f2 > UUID
# for minutes in {1..5}
# do
# sleep 60
# xcrun notarytool info --output-format normal --no-progress --team-id "${{ secrets.MACTEAMID }}" --apple-id "${{ secrets.MACID }}" --password "${{ secrets.MACPW }}" `cat UUID` > info_output
# echo "output returned by notarytool info:"
# cat info_output
# grep -q Accepted info_output
# if [[ $? == 0 ]]; then
# echo "notarized succesfully"
# break
# else
# echo "wait another minute and check again"
# fi
# done
# grep -q Accepted info_output
# if [[ $? == 0 ]]; then
# xcrun stapler staple $MAC_INSTALLER
# else
# echo "notarization did not succeed in 5 minutes, giving up"
# exit 1
# fi
# - name: update generated installers
# if: ${{ github.event.inputs.server_only != 'true' }}
# uses: actions/upload-artifact@v3
# with:
# name: installers
# path: installers
# retention-days: 1
# - name: Setup tmate session
# uses: mxschmitt/action-tmate@v3
# if: ${{ failure() }}
deploy:
name: Deploy to site
runs-on: ubuntu-20.04
needs: build
steps:
- name: checkout tag
uses: actions/checkout@v4
with:
ref: ${{ github.event.inputs.vcell_version }}.${{ github.event.inputs.vcell_build }}
- name: retrieve installers and variables
uses: actions/download-artifact@v3
- name: setenv
run: |
for line in $(cat variables/variables); do echo $line >> $GITHUB_ENV; done
# - name: stage installers
# if: ${{ github.event.inputs.server_only != 'true' }}
# run: |
# cd installers
# mkdir ../docker/swarm/generated_installers
# mv * ../docker/swarm/generated_installers
- name: setup ssh-agent
uses: webfactory/[email protected]
with:
ssh-private-key: ${{ secrets.VC_KEY }}
- name: retrieve config file
run: |
set -ux
ssh-keyscan $VCELL_MANAGER_NODE >> ~/.ssh/known_hosts
cd docker/swarm
scp ${{ secrets.CD_FULL_USER }}@${VCELL_MANAGER_NODE}:${VCELL_DEPLOY_REMOTE_DIR}/${VCELL_CONFIG_FILE_NAME} .
- name: setup java 17 with maven cache (for documentation build)
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '17'
cache: 'maven'
- name: build documentation for web help
if: ${{ github.event.inputs.server_only != 'true' }}
run: |
set -ux
mvn clean install -DskipTests
# - name: deploy installers and web help to vcell.org
# run: |
# set -ux
# cd docker/swarm
# ssh -t vcell@${VCELL_MANAGER_NODE} sudo docker login -u ${{ github.actor }} -p "${{ secrets.GITHUB_TOKEN }}" ghcr.io
# if ${{ github.event.inputs.server_only != 'true' }}; then
# # build and install the client installers, and the web help (kubernetes cluster deployments are separate)
# ./deploy-action-kubernetes.sh \
# --ssh-user vcell \
# --webhelp-local-dir ../../vcell-client/target/classes/vcellDoc \
# --webhelp-deploy-dir $VCELL_WEBHELP_REMOTE_DIR \
# ${VCELL_MANAGER_NODE} \
# ./${VCELL_CONFIG_FILE_NAME}
# export VCELL_SITE_CAMEL=`cat $VCELL_CONFIG_FILE_NAME | grep VCELL_SITE_CAMEL | cut -d"=" -f2`
# ssh vcell@${VCELL_MANAGER_NODE} \
# installer_deploy_dir=$VCELL_INSTALLER_REMOTE_DIR vcell_siteCamel=$VCELL_SITE_CAMEL vcell_version=$VCELL_VERSION vcell_build=$VCELL_BUILD \
# 'bash -s' < link-installers.sh
# fi
- name: Find VCellDoc Directory
run: |
set -ux
find / -type d -name "vcellDoc"
- name: Deploy Web Help
run: |
set -ux
webhelp_local_dir="../../vcell-client/target/classes/vcellDoc"
ssh_user="vcell"
webhelp_deploy_dir="${VCELL_WEBHELP_REMOTE_DIR}"
manager_node="${VCELL_MANAGER_NODE}"
if [[ -z "${webhelp_deploy_dir}" || -z "${manager_node}" ]]; then
echo "Error: VCELL_WEBHELP_REMOTE_DIR or manager_node is not set."
fi
if ! rsync -a -vvv "${webhelp_local_dir}/topics" "$ssh_user@$manager_node:${webhelp_deploy_dir}";
then
echo "failed to copy html files in topic directory to webhelp deploy directory";
fi
if ! scp "${webhelp_local_dir}/VCellHelpTOC.html" "$ssh_user@$manager_node:${webhelp_deploy_dir}/index.html";
then
echo "failed to index.html to webhelp deploy directory";
fi
# - name: Capitalize first character of site name
# id: capitalize
# run: |
# SITE="${{ github.event.inputs.vcell_site }}"
# SITE_CAPITALIZED="$(tr '[:lower:]' '[:upper:]' <<< ${SITE:0:1})${SITE:1}"
# VCELL_SWVERSION="${SITE_CAPITALIZED}_Version_${{ github.event.inputs.vcell_version }}_build_${{ github.event.inputs.vcell_build}}"
# KUSTOMIZE_OVERLAY='not-specified'
# if [ "${{ github.event.inputs.vcell_site }}" == "rel" ]; then KUSTOMIZE_OVERLAY="prod"; fi
# if [ "${{ github.event.inputs.vcell_site }}" == "alpha" ]; then KUSTOMIZE_OVERLAY="dev"; fi
# if [ "${{ github.event.inputs.vcell_site }}" == "test" ]; then KUSTOMIZE_OVERLAY="stage"; fi
# CONTAINER_IMAGE_TAG="${{ github.event.inputs.vcell_version }}.${{ github.event.inputs.vcell_build}}"
# echo "VCELL_SWVERSION=${VCELL_SWVERSION}" >> $GITHUB_ENV
# echo "KUSTOMIZE_OVERLAY=${KUSTOMIZE_OVERLAY}" >> $GITHUB_ENV
# echo "CONTAINER_IMAGE_TAG=${CONTAINER_IMAGE_TAG}" >> $GITHUB_ENV
# - name: Call webhook to deploy to kubernetes cluster (overlay 'prod', 'dev' or 'stage')
# run: |
# git_sha=$(git rev-parse --short "$GITHUB_SHA")
# echo '{"ref": "main","inputs":{"overlay": "'${KUSTOMIZE_OVERLAY}'","tag":"'${CONTAINER_IMAGE_TAG}'","swversion": "'${VCELL_SWVERSION}'"}}' >body
# curl -X POST 'https://api.github.com/repos/virtualcell/vcell-fluxcd/actions/workflows/deploy.yaml/dispatches' \
# -H 'Authorization: Bearer ${{ secrets.ACTION_TOKEN }}' \
# -H 'Content-Type: application/json' \
# --data "@body"
- name: Setup tmate session 3
uses: mxschmitt/action-tmate@v3
with:
limit-access-to-actor: true
# if: ${{ failure() }}