Skip to content

Commit

Permalink
removing eksctl and using aws cli
Browse files Browse the repository at this point in the history
  • Loading branch information
Paramadon committed Jun 28, 2024
1 parent 3fd32af commit 9277d28
Show file tree
Hide file tree
Showing 4 changed files with 377 additions and 74 deletions.
94 changes: 20 additions & 74 deletions .github/workflows/application-signals-java-beta-e2e-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -77,19 +77,8 @@ jobs:

- name: Set up kubeconfig
run: |
aws eks update-kubeconfig --name ${{ inputs.test-java-cluster-name }} --region ${{ env.AWS_DEFAULT_REGION }} --endpoint https://api.beta.us-west-2.wesley.amazonaws.com --kubeconfig /home/runner/.kube/config
echo "Kubeconfig identity below"
aws sts get-caller-identity
pwd
ls
echo "1"
ls ~/
echo "2"
ls ~/.
sleep 10
cat ~/.kube/config
sed -i 's#https://.*\.eks\..*\.amazonaws\.com#https://api.beta.us-west-2.wesley.amazonaws.com#g' ~/.kube/config
cat ~/.kube/config
aws eks update-kubeconfig --name ${{ inputs.test-java-cluster-name }} --region ${{ env.AWS_DEFAULT_REGION }} --endpoint https://api.beta.us-west-2.wesley.amazonaws.com


- name: Install eksctl
Expand All @@ -100,72 +89,30 @@ jobs:
echo "${{ github.workspace }}/eksctl" >> $GITHUB_PATH
- name: Create role for AWS access from the sample app
id: create_service_account
run: |
#!/bin/bash
# Variables
CLUSTER_NAME="cw-agent-eks-addon-test-beta-cluster"
REGION="us-west-2"
ACCOUNT_ID=$(aws sts get-caller-identity --query "Account" --output text)
OIDC_PROVIDER=$(aws eks describe-cluster --name $CLUSTER_NAME --region $REGION --query "cluster.identity.oidc.issuer" --output text | sed -e "s/^https:\/\///")
TESTING_ID=${{ env.TESTING_ID }}
SAMPLE_APP_NAMESPACE= sample-app-namespace
# Create trust policy JSON file
cat <<EOF > trust-policy.json
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Federated": "arn:aws:iam::$ACCOUNT_ID:oidc-provider/$OIDC_PROVIDER"
},
"Action": "sts:AssumeRoleWithWebIdentity",
"Condition": {
"StringEquals": {
"$OIDC_PROVIDER:sub": "system:serviceaccount:$SAMPLE_APP_NAMESPACE:service-account-$TESTING_ID"
}
}
}
]
}
EOF
# Create IAM role
aws iam create-role --role-name eks-s3-access-$TESTING_ID --assume-role-policy-document file://trust-policy.json
# Attach policy to the role
aws iam attach-role-policy --role-name eks-s3-access-$TESTING_ID --policy-arn arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess
# Create service account YAML manifest
cat <<EOF > service-account.yaml
apiVersion: v1
kind: ServiceAccount
metadata:
name: service-account-$TESTING_ID
namespace: $SAMPLE_APP_NAMESPACE
annotations:
eks.amazonaws.com/role-arn: arn:aws:iam::$ACCOUNT_ID:role/eks-s3-access-$TESTING_ID
EOF
# Apply the service account
kubectl apply -f service-account.yaml
echo "IAM service account created and configured successfully."
- name: Set up terraform
uses: hashicorp/setup-terraform@v3
with:
terraform_wrapper: false

- name: Deploy sample app via terraform
working-directory: terraform/eks

- name: Deploy sample app via Terraform
uses: actions/checkout@v2
with:
fetch-depth: 0
run: |
echo "Current directory: $(pwd)"
echo "Listing files in $(pwd):"
ls -la
cd integration-tests/terraform/pulse
echo "Contents of main.tf:"
cat main.tf || echo "main.tf not found"
echo "Contents of variables.tf:"
cat variables.tf || echo "variables.tf not found"
terraform init
terraform validate
terraform apply -auto-approve \
Expand All @@ -175,7 +122,6 @@ jobs:
-var="eks_cluster_name=${{ inputs.test-java-cluster-name }}" \
-var="eks_cluster_context_name=$(kubectl config current-context)" \
-var="test_namespace=${{ env.SAMPLE_APP_NAMESPACE }}" \
-var="service_account_aws_access=service-account-${{ env.TESTING_ID }}" \
-var="sample_app_image=${{ env.SAMPLE_APP_FRONTEND_SERVICE_IMAGE }}" \
-var="sample_remote_app_image=${{ env.SAMPLE_APP_REMOTE_SERVICE_IMAGE }}"
Expand Down
18 changes: 18 additions & 0 deletions integration-tests/terraform/pulse/kubeconfig.tpl
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
apiVersion: v1
clusters:
- cluster:
certificate-authority-data: ${CA_DATA}
server: ${SERVER_ENDPOINT}
name: ${CLUSTER_NAME}
contexts:
- context:
cluster: ${CLUSTER_NAME}
user: terraform_user
name: ${CLUSTER_NAME}
current-context: ${CLUSTER_NAME}
kind: Config
preferences: {}
users:
- name: terraform_user
user:
token: ${TOKEN}
Loading

0 comments on commit 9277d28

Please sign in to comment.