Skip to content
GKE Terraform

GKE Create #13

Sign in to view logs

GKE Create

GKE Create #13

Workflow file for this run

.github/workflows/gke-tf.yaml at 8892297
name: "GKE Terraform"
on:
push:
paths:
- 'gke_tf/**'
branches:
- main
pull_request:
workflow_dispatch:
inputs:
cluster-name:
description: 'Name of GKE cluster to create'
default: "demo-cluster"
gcp-region:
description: 'GCP region to create cluster'
default: "us-central1"
env:
CLUSTER_NAME: ${{ github.event.inputs.cluster-name || 'demo-cluster' }}
GCP_REGION: ${{ github.event.inputs.gcp-region || 'us-central1' }}
GCP_ZONE: ${{ github.event.inputs.gcp-region || 'us-central1' }}-b
jobs:
terraform:
name: "Terraform"
runs-on: ubuntu-latest
env:
GCP_PROJECT_ID: ${{ secrets.GCP_PROJECT }}
TF_VAR_project: ${{ secrets.GCP_PROJECT }}
TF_VAR_cluster_name: ${{ github.env.CLUSTER_NAME }}
TF_VAR_region: ${{ github.env.GCP_REGION }}
TF_VAR_zone: ${{ github.env.GCP_ZONE }}
permissions:
id-token: write
contents: read
defaults:
run:
working-directory: gke_tf
steps:
- name: Checkout
uses: actions/checkout@v3
- id: 'auth'
name: 'Authenticate to Google Cloud'
uses: google-github-actions/[email protected]
with:
create_credentials_file: 'true'
workload_identity_provider: ${{ secrets.WIF_POOL }}
service_account: ${{ secrets.SA_EMAIL }}
- id: create-bucket
name: Create GCP storage bucket
run: |
gcloud storage buckets create gs://${GCP_PROJECT_ID}-${CLUSTER_NAME} --project $GCP_PROJECT_ID --location $GCP_REGION
sed -i 's/REPLACE_BUCKET/${GCP_PROJECT_ID}-${CLUSTER_NAME}/' providers.tf
- name: Terraform Init
id: init
run: terraform init
- name: Terraform Plan
id: plan
if: github.event_name == 'pull_request'
run: terraform plan -no-color
continue-on-error: true
- name: Terraform Plan Status
if: steps.plan.outcome == 'failure'
run: exit 1
- name: Terraform Apply
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
run: terraform apply -auto-approve
bootstrap:
name: bootstrap-cluster
runs-on: ubuntu-latest
needs: terraform
permissions:
id-token: write
contents: read
steps:
- id: 'auth'
name: 'Authenticate to Google Cloud'
uses: google-github-actions/[email protected]
with:
create_credentials_file: 'true'
workload_identity_provider: ${{ secrets.WIF_POOL }}
service_account: ${{ secrets.SA_EMAIL }}
- id: get-credentials
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
uses: google-github-actions/[email protected]
with:
cluster_name: ${{ github.env.CLUSTER_NAME }}
location: ${{ github.env.GCP_REGION }}
credentials: ${{ secrets.GCP_SECRET }}
- id: get-pods
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
run: kubectl get pods -A
- id: install-ingress-nginx
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
run: |
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
helm repo update
helm upgrade --install --wait ingress-nginx ingress-nginx/ingress-nginx \
-n ingress-nginx --create-namespace --version 4.7.1 --wait
- id: install-komodor-watcher
env:
KOMODOR_API_KEY: ${{ secrets.KOMODOR_API_KEY }}
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
run: |
helm repo add komodorio https://helm-charts.komodor.io
helm repo update
helm upgrade --install k8s-watcher komodorio/k8s-watcher --set watcher.actions.basic=true --set watcher.actions.advanced=true \
--set watcher.actions.podExec=true --set metrics.enabled=true \
--set apiKey=$KOMODOR_API_KEY \
--set watcher.clusterName=default \
--set watcher.actions.portforward=true --set watcher.resources.secret=true \
--set watcher.enableHelm=true --set helm.enableActions=true --wait -n k8s-watcher --create-namespace
- id: get-pods-after-bootstrap
if: github.ref == 'refs/heads/main' && github.event_name == 'push'
run: kubectl get pods -A