Artemis Staging Deployment #14426
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Artemis Staging Deployment | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| branch: | |
| description: 'Branch to deploy' | |
| required: true | |
| concurrency: staging | |
| env: | |
| build_workflow_name: build.yml | |
| jobs: | |
| check-build-status: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| build_workflow_run_id: ${{ steps.set_build_workflow_id.outputs.workflow_id }} | |
| steps: | |
| - name: Get latest build workflow run | |
| id: get_workflow_run | |
| uses: octokit/[email protected] | |
| with: | |
| route: GET /repos/${{ github.repository }}/actions/workflows/${{ env.build_workflow_name }}/runs?branch=${{ github.event.inputs.branch }}&per_page=1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Set build workflow ID | |
| id: set_build_workflow_id | |
| run: | | |
| WORKFLOW_ID=$(echo '${{ steps.get_workflow_run.outputs.data }}' | jq -r '.workflow_runs[0].id') | |
| echo "workflow_id=$WORKFLOW_ID" >> $GITHUB_OUTPUT | |
| - name: Check for war artifact | |
| id: verify_artifact | |
| uses: octokit/[email protected] | |
| with: | |
| route: GET /repos/${{ github.repository }}/actions/runs/${{ steps.set_build_workflow_id.outputs.workflow_id }}/artifacts?name=Artemis.war | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Verify artifact exists | |
| id: check_result | |
| run: | | |
| TOTAL_COUNT=$(echo '${{ steps.verify_artifact.outputs.data }}' | jq -r '.total_count') | |
| if [ "$TOTAL_COUNT" -gt 0 ]; then | |
| echo "Found Artemis.war artifact in latest build" | |
| else | |
| echo "::error::No Artemis.war artifact found in latest build!" | |
| exit 1 | |
| fi | |
| deploy: | |
| needs: check-build-status | |
| runs-on: [self-hosted, ase-large-ubuntu] | |
| environment: | |
| name: artemis-staging-localci.artemis.cit.tum.de | |
| url: ${{ vars.DEPLOYMENT_URL }} | |
| env: | |
| DEPLOYMENT_HOSTS_PRIMARY: ${{ vars.DEPLOYMENT_HOSTS_PRIMARY}} | |
| DEPLOYMENT_HOSTS_SECONDARY: ${{ vars.DEPLOYMENT_HOSTS_SECONDARY}} | |
| DEPLOYMENT_USER: ${{ vars.DEPLOYMENT_USER }} | |
| DEPLOYMENT_FOLDER: ${{ vars.DEPLOYMENT_FOLDER }} | |
| HEALTH_CHECK_URL: "${{vars.DEPLOYMENT_URL}}/management/health" | |
| WORKFLOW_RUN_ID: ${{needs.check-build-status.outputs.build_workflow_run_id}} | |
| timeout-minutes: 10 | |
| steps: | |
| - name: Download artifact | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: Artemis.war | |
| path: artifacts | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| run-id: ${{ env.WORKFLOW_RUN_ID }} | |
| - name: Setup SSH and Test Connectivity | |
| env: | |
| DEPLOYMENT_SSH_KEY: ${{ secrets.DEPLOYMENT_SSH_KEY }} | |
| SSH_AUTH_SOCK: /tmp/ssh_agent_${{ github.run_id }}.sock | |
| DEPLOYMENT_HOST_PUBLIC_KEYS: ${{ vars.DEPLOYMENT_HOST_PUBLIC_KEYS }} | |
| run: | | |
| mkdir -p ~/.ssh | |
| chmod 700 ~/.ssh | |
| # Debug key format (safely) | |
| echo "Checking key format..." | |
| echo "$DEPLOYMENT_SSH_KEY" | grep -c "BEGIN RSA PRIVATE KEY" || echo "No BEGIN line found" | |
| echo "$DEPLOYMENT_SSH_KEY" | grep -c "END RSA PRIVATE KEY" || echo "No END line found" | |
| # Write key with proper formatting | |
| echo "$DEPLOYMENT_SSH_KEY" | sed 's/\\n/\n/g' > ~/.ssh/id_rsa | |
| chmod 600 ~/.ssh/id_rsa | |
| # Verify key file format (safely) | |
| echo "Key file structure:" | |
| grep "BEGIN" ~/.ssh/id_rsa || echo "No BEGIN line in file" | |
| grep "END" ~/.ssh/id_rsa || echo "No END line in file" | |
| # Create SSH config | |
| cat > ~/.ssh/config << EOF | |
| Host * | |
| StrictHostKeyChecking no | |
| UserKnownHostsFile=/dev/null | |
| EOF | |
| chmod 600 ~/.ssh/config | |
| # Test SSH with debug output | |
| echo "Testing SSH connection..." | |
| ssh -v -o StrictHostKeyChecking=no \ | |
| -i ~/.ssh/id_rsa \ | |
| $DEPLOYMENT_USER@$DEPLOYMENT_HOSTS_PRIMARY 'echo "test"' | |
| - name: Phase 1 - Stop Secondary Nodes | |
| run: | | |
| HOSTS_SPACE_SEPARATED=$(echo "$DEPLOYMENT_HOSTS_SECONDARY" | tr -d '\r' | tr '\n' ' ' | awk '{$1=$1};1') | |
| echo "Debug: Hosts list: $HOSTS_SPACE_SEPARATED" | |
| for node in $HOSTS_SPACE_SEPARATED | |
| do | |
| SSH="ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ~/.ssh/id_rsa -l $DEPLOYMENT_USER $node" | |
| echo "[INFO] Stop artemis.service on ${node} ..." | |
| $SSH sudo systemctl stop artemis | |
| done | |
| - name: Phase 1 - Deploy to Primary Node | |
| run: | | |
| echo "[INFO] Deploy on $DEPLOYMENT_HOSTS_PRIMARY ..." | |
| SSH="ssh -o LogLevel=DEBUG3 -o ConnectTimeout=120 -i id_rsa -l $DEPLOYMENT_USER $DEPLOYMENT_HOSTS_PRIMARY" | |
| # Remove old artemis.war | |
| echo "[INFO] Remove old artemis.war ..." | |
| $SSH rm /opt/artemis/artemis.war.old | |
| # Copy new artemis.war to node | |
| echo "[INFO] Copy new artemis.war ..." | |
| scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ~/.ssh/id_rsa artifacts/*.war $DEPLOYMENT_USER@$DEPLOYMENT_HOSTS_PRIMARY:/opt/artemis/artemis.war.new | |
| # Stop Artemis-Service on node | |
| echo "[INFO] Stop artemis.service ..." | |
| $SSH sudo systemctl stop artemis | |
| # Replace old artemis.war | |
| echo "[INFO] Rename old artemis.war ..." | |
| $SSH mv /opt/artemis/artemis.war /opt/artemis/artemis.war.old | |
| echo "[INFO] Rename new artemis.war ..." | |
| $SSH mv /opt/artemis/artemis.war.new /opt/artemis/artemis.war | |
| # Start Artemis-Service on node | |
| echo "[INFO] Start artemis.service ..." | |
| $SSH sudo systemctl start artemis | |
| - name: Verify Primary Node Deployment | |
| id: verify_deployment | |
| run: | | |
| while true; do | |
| echo "Performing health check..." | |
| RESPONSE=$(curl -s -f $HEALTH_CHECK_URL || echo '{"status":"DOWN"}') | |
| STATUS=$(echo $RESPONSE | jq -r '.status') | |
| if [ "$STATUS" = "UP" ]; then | |
| echo "Health check passed! Application is UP" | |
| exit 0 | |
| else | |
| echo "Health check failed. Status: $STATUS" | |
| echo "Waiting 10 seconds before next attempt..." | |
| sleep 10 | |
| fi | |
| done | |
| - name: Phase 2 - Deploy to Secondary Nodes | |
| run: | | |
| HOSTS_SPACE_SEPARATED=$(echo "$DEPLOYMENT_HOSTS_SECONDARY" | tr -d '\r' | tr '\n' ' ' | awk '{$1=$1};1') | |
| echo "Debug: Hosts list: $HOSTS_SPACE_SEPARATED" | |
| # Deploy to secondary nodes | |
| for node in $HOSTS_SPACE_SEPARATED | |
| do | |
| echo "##################################################################################################" | |
| echo "[INFO] Deploy on $node ..." | |
| echo "##################################################################################################" | |
| # Build SSH-command | |
| SSH="ssh -o LogLevel=ERROR -i id_rsa -l $DEPLOYMENT_USER $node" | |
| # Remove old artemis.war | |
| echo "[INFO] Remove old artemis.war ..." | |
| $SSH rm /opt/artemis/artemis.war.old | |
| # Copy new artemis.war to node | |
| echo "[INFO] Copy new artemis.war ..." | |
| scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ~/.ssh/id_rsa artifacts/*.war $DEPLOYMENT_USER@$node:/opt/artemis/artemis.war.new | |
| # Stop Artemis-Service on node | |
| echo "[INFO] Stop artemis.service ..." | |
| $SSH sudo systemctl stop artemis | |
| # Replace old artemis.war | |
| echo "[INFO] Rename old artemis.war ..." | |
| $SSH mv /opt/artemis/artemis.war /opt/artemis/artemis.war.old | |
| echo "[INFO] Rename new artemis.war ..." | |
| $SSH mv /opt/artemis/artemis.war.new /opt/artemis/artemis.war | |
| # Start Artemis-Service on node | |
| echo "[INFO] Start artemis.service ..." | |
| $SSH sudo systemctl start artemis | |
| done | |