fix: updated gh-actions, added no-apl (#1772)

Ani1357 · j-zimnowoda · CasLubbers · web-flow · commit af373259f2d7 · 2024-10-28T13:31:23.000Z
Co-authored-by: jeho &lt;17126497+j-zimnowoda@users.noreply.github.com&gt;
Co-authored-by: CasLubbers &lt;clubbers@akamai.com&gt;
diff --git a/.github/workflows/integration-on-schedule-minimal-no-admin-pass.yml b/.github/workflows/integration-on-schedule-minimal-no-admin-pass.yml
diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
@@ -43,15 +43,17 @@ on:
         options:
           - minimal
           - minimal-with-team
-          - monitoring-with-team
           - full
           - upgrade
+          - no-apl
       domain_zone:
         type: choice
         description: 'Select Domain Zone'
         options:
           - Zone-1
           - Zone-2
+          - Random
+          - DNS-Integration
       kms:
         type: choice
         description: Should APL encrypt secrets in values repo (DNS or KMS is turned on)?
@@ -117,11 +119,14 @@ jobs:
           case "${{ inputs.domain_zone }}" in
             "Zone-1") LINODE_CLUSTER_NAME=${{ github.actor }}-1 ;;
             "Zone-2") LINODE_CLUSTER_NAME=${{ github.actor }}-2 ;;
+            "Random") LINODE_CLUSTER_NAME=${{ github.actor }}-$RANDOM ;;
+            "DNS-Integration") LINODE_CLUSTER_NAME=apl-test-${{ inputs.install_profile }} ;;
           esac
-
+          [[ ${{ inputs.install_profile }} == 'no-apl' ]] && LINODE_CLUSTER_NAME=$LINODE_CLUSTER_NAME-no-apl
           if [[ $(linode-cli lke clusters-list --json | jq --arg name "$LINODE_CLUSTER_NAME" '[.[] | select(.label == $name)] | length > 0') == "true" ]]; then
-            echo "An LKE cluster for Zone-1 named \"$LINODE_CLUSTER_NAME\" already exists."
-            echo "Please delete the cluster before recreating it. Exiting workflow..."
+            echo "An LKE cluster with the same name ($LINODE_CLUSTER_NAME) already exists."
+            echo "Visit https://cloud.linode.com/kubernetes/clusters to delete your cluster"
+            echo "Exiting workflow..."
             exit 1
           fi
       - id: k8s-versions
@@ -155,30 +160,33 @@ jobs:
           case "${{ inputs.domain_zone }}" in
             "Zone-1") LINODE_CLUSTER_NAME=${{ github.actor }}-1 ;;
             "Zone-2") LINODE_CLUSTER_NAME=${{ github.actor }}-2 ;;
-            "DNS-Integration") LINODE_CLUSTER_NAME=nightly-apl-test-$RANDOM ;;
+            "Random") LINODE_CLUSTER_NAME=${{ github.actor }}-$RANDOM ;;
+            "DNS-Integration") LINODE_CLUSTER_NAME=apl-test-${{ inputs.install_profile }} ;;
           esac
+          [[ ${{ inputs.install_profile }} == 'no-apl' ]] && LINODE_CLUSTER_NAME=$LINODE_CLUSTER_NAME-no-apl
           echo LINODE_CLUSTER_NAME=$LINODE_CLUSTER_NAME >> $GITHUB_ENV
       - name: Determine exact k8s version
         run: |
           echo LINODE_K8S_VERSION=$(linode-cli lke versions-list --json | jq -ce --arg version "$(echo ${{ matrix.kubernetes_versions }} | sed -E 's/^([0-9]+\.[0-9])$/\10/')" '.[] | select(.id | tostring | startswith($version)) | .id') >> $GITHUB_ENV
-      - name: Creating domain for scheduled integration test
+      - name: Determine domain name to use for scheduled integration test
         env:
           EDGEDNS_ZONE: ${{ secrets.EDGEDNS_ZONE }}
-        if: ${{ inputs.domain_zone == 'DNS-Integration' }}
+        if: ${{ inputs.domain_zone == 'DNS-Integration' && inputs.install_profile != 'no-apl'}}
         run: |
-          # Generating a random 5 char string
           RAND=$(openssl rand -hex 4)
           DOMAIN="integration-${RAND}.${EDGEDNS_ZONE}"
           echo "::add-mask::$DOMAIN"
           echo DOMAIN=$DOMAIN >> $GITHUB_ENV
-
-      - name: Determine domain name to use
-        if: ${{ inputs.domain_zone != 'DNS-Integration' }}
+      - name: Determine domain name
+        if: ${{ inputs.domain_zone != 'DNS-Integration' && inputs.install_profile != 'no-apl' }}
+        env:
+          EDGEDNS_ZONE: ${{ secrets.EDGEDNS_ZONE }}
         run: |
           # Mapping of domain_zone to domain names
           case "${{ inputs.domain_zone }}" in
-            "Zone-1") DOMAIN=$(jq '."${{ github.actor }}"[0]' <<< ${{ env.DEV_DOMAINS }}) ;;
-            "Zone-2") DOMAIN=$(jq '."${{ github.actor }}"[1]' <<< ${{ env.DEV_DOMAINS }}) ;;
+            "Zone-1") DOMAIN=$(jq -r '."${{ github.actor }}"[0]' <<< ${{ env.DEV_DOMAINS }}) ;;
+            "Zone-2") DOMAIN=$(jq -r '."${{ github.actor }}"[1]' <<< ${{ env.DEV_DOMAINS }}) ;;
+            "Random") DOMAIN="$(openssl rand -hex 4)$(date +"%d%m%y").${EDGEDNS_ZONE}" ;;
           esac
 
           echo "::add-mask::$DOMAIN"
@@ -217,6 +225,7 @@ jobs:
             sleep 30
           done
       - name: Save kubectl config with auth token and Get kubectl environment and create docker secret
+        if: ${{ inputs.install_profile != 'no-apl' }}
         run: |
           # Get the kubeconfig from linode-cli
           kubeconfig=$(linode-cli lke kubeconfig-view ${{ env.LINODE_CLUSTER_ID }} --text | sed 1d | base64 --decode)
@@ -235,14 +244,17 @@ jobs:
           echo "Kubectl context set to linode"
           echo LINODE_CLUSTER_CONTEXT=`kubectl config current-context` >> $GITHUB_ENV
       - name: Create image pull secret on test cluster
+        if: ${{ inputs.install_profile != 'no-apl' }}
         run: |
           kubectl create secret docker-registry reg-otomi-github \
             --docker-server=${{ env.CACHE_REGISTRY }} \
             --docker-username=${{ env.BOT_USERNAME }} \
             --docker-password='${{ secrets.BOT_PULL_TOKEN }}'
       - name: Checkout
+        if: ${{ inputs.install_profile != 'no-apl' }}
         uses: actions/checkout@v4
       - name: Prepare APL chart
+        if: ${{ inputs.install_profile != 'no-apl' }}
         run: |
           ref=${{ github.event.pull_request.head.ref || github.ref }}
           tag=${ref##*/}
@@ -261,6 +273,7 @@ jobs:
             - reg-otomi-github
           EOF
       - name: APL install
+        if: ${{ inputs.install_profile != 'no-apl' }}
         env:
           LETSENCRYPT_STAGING: ${{ secrets.LETSENCRYPT_STAGING }}
           LETSENCRYPT_PRODUCTION: ${{ secrets.LETSENCRYPT_PRODUCTION }}
@@ -325,10 +338,13 @@ jobs:
           done
 
           pip3 install edgegrid-python requests
-          python3 bin/edgedns_A_record.py create $DOMAIN $PUB_IP
+          python3 bin/edgedns_A_record.py create "*.${DOMAIN}" $PUB_IP || \
+            (echo "Will try to recreate it" && \
+            python3 bin/edgedns_A_record.py delete "*.${DOMAIN}" && \
+            python3 bin/edgedns_A_record.py create "*.${DOMAIN}" $PUB_IP)
 
-          wait $HELM_PID
 
+          wait $HELM_PID
       - name: Gather k8s events on failure
         if: failure()
         run: |
@@ -340,25 +356,25 @@ jobs:
       - name: Gather APL logs on failure
         if: failure()
         run: |
-          kubectl logs jobs/otomi --tail 150
+          kubectl logs jobs/otomi-apl --tail 150
       - name: Gather otomi-e2e logs on failure
         if: failure()
         run: |
           kubectl logs -n maintenance -l app.kubernetes.io/instance=job-e2e --tail 15000
       - name: Remove the test cluster
-        if: ${{ inputs.domain_zone == 'DNS-Integration' }}
+        if: ${{ always() && inputs.domain_zone == 'DNS-Integration' }}
         run: |
           linode-cli lke cluster-delete ${{ env.LINODE_CLUSTER_ID }}
       - name: Delete Domain
-        if: ${{ inputs.domain_zone == 'DNS-Integration' }}
+        if: ${{ always() && inputs.domain_zone == 'DNS-Integration' }}
         env:
           EDGEDNS_ACCESS_TOKEN: ${{ secrets.EDGEDNS_ACCESS_TOKEN }}
           EDGEDNS_CLIENT_TOKEN: ${{ secrets.EDGEDNS_CLIENT_TOKEN }}
           EDGEDNS_CLIENT_SECRET: ${{ secrets.EDGEDNS_CLIENT_SECRET }}
           EDGEDNS_ZONE: ${{ secrets.EDGEDNS_ZONE }}
           EDGEDNS_HOST: ${{ secrets.EDGEDNS_HOST }}
         run: |
-          python3 bin/edgedns_A_record.py delete $DOMAIN
+          python3 bin/edgedns_A_record.py delete "*.${DOMAIN}"
       - name: Slack Notification
         if: always()
         uses: rtCamp/action-slack-notify@v2
diff --git a/bin/edgedns_A_record.py b/bin/edgedns_A_record.py
@@ -2,6 +2,7 @@
 import sys
 from akamai.edgegrid import EdgeGridAuth
 from requests import Session, HTTPError
+import json
 
 EDGEDNS_ZONE = os.environ.get('EDGEDNS_ZONE')
 EDGEDNS_HOST = os.environ.get('EDGEDNS_HOST')
@@ -24,13 +25,10 @@ def create_session():
     })
     return session
 
-# Function to construct the DNS API URL
-def construct_dns_url(domain, record_type="A"):
-    return f"https://{EDGEDNS_HOST}/config-dns/v2/zones/{EDGEDNS_ZONE}/names/{domain}/types/{record_type}"
 
 # Function to create DNS record
 def create_dns_record(session, domain, ip):
-    url = construct_dns_url(domain)
+    url = f"https://{EDGEDNS_HOST}/config-dns/v2/zones/{EDGEDNS_ZONE}/names/{domain}/types/A"
     data = {
         "name": domain,
         "rdata": [ip],
@@ -43,26 +41,48 @@ def create_dns_record(session, domain, ip):
         response.raise_for_status()
         print(f"DNS record created successfully !")
     except HTTPError as e:
-        print(f"Failed to create DNS record!")
+        response_json = json.loads(e.response.text)
+        print(f"Failed to create DNS record: {response_json['title']} ")
+        sys.exit(1)
 
 # Function to delete DNS record
 def delete_dns_record(session, domain):
-    url = construct_dns_url(domain)
+    url = f"https://{EDGEDNS_HOST}/config-dns/v2/zones/{EDGEDNS_ZONE}/names/{domain}/types/A"
 
     try:
         response = session.delete(url)
         response.raise_for_status()
         print(f"DNS record deleted successfully!")
     except HTTPError as e:
-        print(f"Failed to delete DNS record!")
+        response_json = json.loads(e.response.text)
+        print(f"Failed to delete DNS record: {response_json['title']}")
+        sys.exit(1)
+
+# Function to list A records
+def list_a_records(session):
+    url = f"https://{EDGEDNS_HOST}/config-dns/v2/zones/{EDGEDNS_ZONE}/recordsets?types=A&showAll=true"
+
+    try:
+        response = session.get(url)
+        response.raise_for_status()
+        records = response.json().get("recordsets", [])
+        if not records:
+            print("No A records found.")
+        else:
+            for record in records:
+                print(record['name'])
+    except HTTPError as e:
+        response_json = json.loads(e.response.text)
+        print(f"Failed to list DNS records: {response_json['title']}")
+        sys.exit(1)
 
 def main():
-    if len(sys.argv) < 3 or (sys.argv[1].lower() == "create" and len(sys.argv) != 4):
+    if len(sys.argv) < 2 or (sys.argv[1].lower() == "create" and len(sys.argv) != 4):
         print("Usage: python edgedns_A_record.py <action> <domain> [<ip>]")
         sys.exit(1)
 
     action = sys.argv[1].lower()
-    domain = sys.argv[2].lower()
+    domain = sys.argv[2].lower() if len(sys.argv) > 2 else None
     ip = sys.argv[3] if action == "create" else None
 
     session = create_session()
@@ -74,8 +94,10 @@ def main():
         create_dns_record(session, domain, ip)
     elif action == "delete":
         delete_dns_record(session, domain)
+    elif action == "list":
+        list_a_records(session)
     else:
-        print("Invalid action. Use 'create' or 'delete'.")
+        print("Invalid action. Use 'create', 'delete', or 'list'.")
         sys.exit(1)
 
 if __name__ == "__main__":
