GH action to generate report #10
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Generate Data Usage Report | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| jobs: | |
| generate_data_usage_report: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v3 | |
| - name: Configure AWS credentials | |
| uses: aws-actions/configure-aws-credentials@v3 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| # TODO param region | |
| aws-region: us-east-2 | |
| - name: Assume JupyterhubProvisioningRole | |
| # TODO param ProvisioningRoleARN and name ^ | |
| run: | | |
| ROLE_ARN="arn:aws:iam::278212569472:role/JupyterhubProvisioningRole" | |
| CREDS=$(aws sts assume-role --role-arn $ROLE_ARN --role-session-name "GitHubActionsSession") | |
| export AWS_ACCESS_KEY_ID=$(echo $CREDS | jq -r '.Credentials.AccessKeyId') | |
| export AWS_SECRET_ACCESS_KEY=$(echo $CREDS | jq -r '.Credentials.SecretAccessKey') | |
| export AWS_SESSION_TOKEN=$(echo $CREDS | jq -r '.Credentials.SessionToken') | |
| - name: Configure kubectl with AWS EKS | |
| # TODO param name, region role-arn | |
| run: | | |
| aws eks update-kubeconfig --name eks-dandihub --region us-east-2 --role-arn arn:aws:iam::278212569472:role/JupyterhubProvisioningRole | |
| - name: Sanity check | |
| run: | | |
| kubectl get pods -n jupyterhub | |
| # Step 4: Deploy Hello World Pod from manifest | |
| - name: Deploy Hello World Pod | |
| run: | | |
| kubectl apply -f .github/manifests/hello-world-pod.yaml | |
| # Step 5: Wait for Pod to Complete | |
| - name: Wait for Hello World Pod to complete | |
| run: | | |
| kubectl wait --for=condition=Ready pod/hello-world-pod --timeout=300s # 5 minutes | |
| continue-on-error: true # Allow the workflow to continue even if this step fails | |
| # Step 6: Get Pod Logs to verify it ran successfully, only if Step 5 succeeds | |
| - name: Get Hello World Pod logs | |
| run: | | |
| kubectl logs hello-world-pod | |
| if: ${{ success() }} # Only run this step if the previous step was successful | |
| # Step 7: Cleanup - Always run this step, even if previous steps fail | |
| - name: Delete Hello World Pod | |
| run: | | |
| kubectl delete pod hello-world-pod | |
| if: ${{ always() }} # Always run this step, even if other steps fail |