ci: improve nightly eks test (zarf-dev#2759)

Signed-off-by: Austin Abro <[email protected]>

.github/workflows/nightly-eks.yml

@@ -41,7 +41,7 @@ jobs:
           role-to-assume: ${{ secrets.AWS_NIGHTLY_ROLE }}
           role-session-name: ${{ github.job || github.event.client_payload.pull_request.head.sha || github.sha }}
           aws-region: us-east-1
-          role-duration-seconds: 3600
+          role-duration-seconds: 7200
 
       - name: Build the eks package
         run: ./build/zarf package create packages/distros/eks -o build --confirm
@@ -57,6 +57,22 @@ jobs:
       - name: Run tests
         run: make test-e2e-with-cluster ARCH=amd64
 
+      - name: get pods
+        if: always()
+        run: kubectl get pods -n kiwix -o yaml
+
+      - name: describe pod
+        if: always()
+        run: kubectl describe pods -n kiwix
+
+      - name: get nodes
+        if: always()
+        run: kubectl get nodes -o yaml
+
+      - name: describe nodes
+        if: always()
+        run: kubectl describe nodes
+
       - name: Teardown the cluster
         if: always()
         run: |

examples/kiwix/manifests/deployment.yaml

@@ -6,6 +6,8 @@ metadata:
   labels:
     app: kiwix-serve
 spec:
+  strategy:
+    type: Recreate
   selector:
     matchLabels:
       app: kiwix-serve

packages/distros/eks/eks.yaml

@@ -4,29 +4,27 @@ kind: ClusterConfig
 metadata:
   name: ###ZARF_VAR_EKS_CLUSTER_NAME###
   region: ###ZARF_VAR_EKS_CLUSTER_REGION###
-  version: "###ZARF_VAR_EKS_CLUSTER_VERSION###"
   tags:
-    PermissionsBoundary: "zarf_dev_base_policy"
+    PermissionsBoundary: "###ZARF_VAR_PERMISSIONS_BOUNDARY_TAG###"
 
 iam:
   withOIDC: true
-  serviceRolePermissionsBoundary: "arn:aws:iam::173911864621:policy/zarf_dev_base_policy"
+  serviceRolePermissionsBoundary: "###ZARF_VAR_PERMISSIONS_BOUNDARY_ARN###"
 
 addons:
   - name: aws-ebs-csi-driver
-    version: "###ZARF_VAR_EBS_DRIVER_VERSION###"
     attachPolicyARNs:
       - arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy
-    permissionsBoundary: "arn:aws:iam::173911864621:policy/zarf_dev_base_policy"
+    permissionsBoundary: "###ZARF_VAR_PERMISSIONS_BOUNDARY_ARN###"
     tags:
-      PermissionsBoundary: "zarf_dev_base_policy"
+      PermissionsBoundary: "###ZARF_VAR_PERMISSIONS_BOUNDARY_TAG###"
 
   - name: vpc-cni
     attachPolicyARNs:
       - arn:aws:iam::aws:policy/AmazonEKS_CNI_Policy
-    permissionsBoundary: "arn:aws:iam::173911864621:policy/zarf_dev_base_policy"
+    permissionsBoundary: "###ZARF_VAR_PERMISSIONS_BOUNDARY_ARN###"
     tags:
-      PermissionsBoundary: "zarf_dev_base_policy"
+      PermissionsBoundary: "###ZARF_VAR_PERMISSIONS_BOUNDARY_TAG###"
 
 managedNodeGroups:
 - instanceType: ###ZARF_VAR_EKS_INSTANCE_TYPE###
@@ -35,6 +33,6 @@ managedNodeGroups:
   maxSize: 6
   spot: true
   tags:
-    PermissionsBoundary: "zarf_dev_base_policy"
+    PermissionsBoundary: "###ZARF_VAR_PERMISSIONS_BOUNDARY_TAG###"
   iam:
-    instanceRolePermissionsBoundary: "arn:aws:iam::173911864621:policy/zarf_dev_base_policy"
+    instanceRolePermissionsBoundary: "###ZARF_VAR_PERMISSIONS_BOUNDARY_ARN###"

packages/distros/eks/zarf.yaml

@@ -17,13 +17,13 @@ variables:
     description: The AWS region to setup the cluster and associated networking
     default: us-east-1
 
-  - name: EKS_CLUSTER_VERSION
-    description: The Kubernetes version to use for the cluster
-    default: "1.27"
+  - name: PERMISSIONS_BOUNDARY_ARN
+    description: The ARN of the IAM permissions boundary to apply to the cluster resources
+    default: arn:aws:iam::173911864621:policy/zarf_dev_base_policy
 
-  - name: EBS_DRIVER_VERSION
-    description: The AEBS driver version to use for the cluster (must be available on the K8s version)
-    default: "v1.21.0-eksbuild.1"
+  - name: PERMISSIONS_BOUNDARY_TAG
+    description: The tag to apply to the cluster resources to indicate the permissions boundary
+    default: zarf_dev_base_policy
 
 components:
   - name: load-eksctl