fix(ssh): add a fixed SSH key to use with `gcloud` (#5671)
* fix: use a fixed ssh key for `gcloud compute ssh` * fix: typo * fix: add missing SSH key installation steps
This commit is contained in:
Gustavo Valverde
GitHub
parent
6446e0ec1b
commit
7353a9be5b
|
|
@ -329,6 +329,7 @@ jobs:
|
||||||
saves_to_disk: true
|
saves_to_disk: true
|
||||||
disk_suffix: checkpoint
|
disk_suffix: checkpoint
|
||||||
height_grep_text: 'flushing database to disk .*height.*=.*Height.*\('
|
height_grep_text: 'flushing database to disk .*height.*=.*Height.*\('
|
||||||
|
secrets: inherit
|
||||||
# We want to prevent multiple checkpoint syncs running at the same time,
|
# We want to prevent multiple checkpoint syncs running at the same time,
|
||||||
# but we don't want to cancel running syncs on `main` if a new PR gets merged,
|
# but we don't want to cancel running syncs on `main` if a new PR gets merged,
|
||||||
# because we might never get a finished sync.
|
# because we might never get a finished sync.
|
||||||
|
|
@ -355,6 +356,7 @@ jobs:
|
||||||
needs_zebra_state: true
|
needs_zebra_state: true
|
||||||
saves_to_disk: false
|
saves_to_disk: false
|
||||||
disk_suffix: checkpoint
|
disk_suffix: checkpoint
|
||||||
|
secrets: inherit
|
||||||
|
|
||||||
# zebrad cached tip state tests
|
# zebrad cached tip state tests
|
||||||
|
|
||||||
|
|
@ -387,6 +389,7 @@ jobs:
|
||||||
saves_to_disk: true
|
saves_to_disk: true
|
||||||
disk_suffix: tip
|
disk_suffix: tip
|
||||||
height_grep_text: 'current_height.*=.*Height.*\('
|
height_grep_text: 'current_height.*=.*Height.*\('
|
||||||
|
secrets: inherit
|
||||||
# We want to prevent multiple full zebrad syncs running at the same time,
|
# We want to prevent multiple full zebrad syncs running at the same time,
|
||||||
# but we don't want to cancel running syncs on `main` if a new PR gets merged,
|
# but we don't want to cancel running syncs on `main` if a new PR gets merged,
|
||||||
# because we might never get a finished sync.
|
# because we might never get a finished sync.
|
||||||
|
|
@ -428,6 +431,7 @@ jobs:
|
||||||
root_state_path: '/var/cache'
|
root_state_path: '/var/cache'
|
||||||
zebra_state_dir: 'zebrad-cache'
|
zebra_state_dir: 'zebrad-cache'
|
||||||
height_grep_text: 'current_height.*=.*Height.*\('
|
height_grep_text: 'current_height.*=.*Height.*\('
|
||||||
|
secrets: inherit
|
||||||
|
|
||||||
# lightwalletd cached tip state tests
|
# lightwalletd cached tip state tests
|
||||||
|
|
||||||
|
|
@ -460,6 +464,7 @@ jobs:
|
||||||
zebra_state_dir: 'zebrad-cache'
|
zebra_state_dir: 'zebrad-cache'
|
||||||
lwd_state_dir: 'lwd-cache'
|
lwd_state_dir: 'lwd-cache'
|
||||||
height_grep_text: '(current_height.*=.*Height.*\()|(Adding block to cache )'
|
height_grep_text: '(current_height.*=.*Height.*\()|(Adding block to cache )'
|
||||||
|
secrets: inherit
|
||||||
# We want to prevent multiple lightwalletd full syncs running at the same time,
|
# We want to prevent multiple lightwalletd full syncs running at the same time,
|
||||||
# but we don't want to cancel running syncs on `main` if a new PR gets merged,
|
# but we don't want to cancel running syncs on `main` if a new PR gets merged,
|
||||||
# because we might never get a finished sync.
|
# because we might never get a finished sync.
|
||||||
|
|
@ -496,6 +501,7 @@ jobs:
|
||||||
zebra_state_dir: 'zebrad-cache'
|
zebra_state_dir: 'zebrad-cache'
|
||||||
lwd_state_dir: 'lwd-cache'
|
lwd_state_dir: 'lwd-cache'
|
||||||
height_grep_text: '(current_height.*=.*Height.*\()|(Adding block to cache )'
|
height_grep_text: '(current_height.*=.*Height.*\()|(Adding block to cache )'
|
||||||
|
secrets: inherit
|
||||||
|
|
||||||
# Test that Zebra can answer a synthetic RPC call, using a cached Zebra tip state
|
# Test that Zebra can answer a synthetic RPC call, using a cached Zebra tip state
|
||||||
#
|
#
|
||||||
|
|
@ -520,6 +526,7 @@ jobs:
|
||||||
disk_suffix: tip
|
disk_suffix: tip
|
||||||
root_state_path: '/var/cache'
|
root_state_path: '/var/cache'
|
||||||
zebra_state_dir: 'zebrad-cache'
|
zebra_state_dir: 'zebrad-cache'
|
||||||
|
secrets: inherit
|
||||||
|
|
||||||
# Test that Zebra can handle a lightwalletd send transaction RPC call, using a cached Zebra tip state
|
# Test that Zebra can handle a lightwalletd send transaction RPC call, using a cached Zebra tip state
|
||||||
#
|
#
|
||||||
|
|
@ -546,6 +553,7 @@ jobs:
|
||||||
root_state_path: '/var/cache'
|
root_state_path: '/var/cache'
|
||||||
zebra_state_dir: 'zebrad-cache'
|
zebra_state_dir: 'zebrad-cache'
|
||||||
lwd_state_dir: 'lwd-cache'
|
lwd_state_dir: 'lwd-cache'
|
||||||
|
secrets: inherit
|
||||||
# We want to prevent multiple lightwalletd send transaction tests running at the same time,
|
# We want to prevent multiple lightwalletd send transaction tests running at the same time,
|
||||||
# but we don't want to cancel running tests on `main` if a new PR gets merged,
|
# but we don't want to cancel running tests on `main` if a new PR gets merged,
|
||||||
# because we might never get a finished test.
|
# because we might never get a finished test.
|
||||||
|
|
@ -580,6 +588,7 @@ jobs:
|
||||||
root_state_path: '/var/cache'
|
root_state_path: '/var/cache'
|
||||||
zebra_state_dir: 'zebrad-cache'
|
zebra_state_dir: 'zebrad-cache'
|
||||||
lwd_state_dir: 'lwd-cache'
|
lwd_state_dir: 'lwd-cache'
|
||||||
|
secrets: inherit
|
||||||
|
|
||||||
# Test that Zebra can handle a submit block RPC call, using a cached Zebra tip state
|
# Test that Zebra can handle a submit block RPC call, using a cached Zebra tip state
|
||||||
#
|
#
|
||||||
|
|
@ -605,3 +614,4 @@ jobs:
|
||||||
disk_suffix: tip
|
disk_suffix: tip
|
||||||
root_state_path: '/var/cache'
|
root_state_path: '/var/cache'
|
||||||
zebra_state_dir: 'zebrad-cache'
|
zebra_state_dir: 'zebrad-cache'
|
||||||
|
secrets: inherit
|
||||||
|
|
|
||||||
|
|
@ -125,6 +125,17 @@ jobs:
|
||||||
with:
|
with:
|
||||||
short-length: 7
|
short-length: 7
|
||||||
|
|
||||||
|
# Install our SSH secret
|
||||||
|
- name: Install private SSH key
|
||||||
|
uses: shimataro/ssh-key-action@v2.4.0
|
||||||
|
with:
|
||||||
|
key: ${{ secrets.GCP_SSH_PRIVATE_KEY }}
|
||||||
|
name: google_compute_engine
|
||||||
|
known_hosts: unnecessary
|
||||||
|
|
||||||
|
- name: Generate public SSH key
|
||||||
|
run: ssh-keygen -y -f ~/.ssh/google_compute_engine > ~/.ssh/google_compute_engine.pub
|
||||||
|
|
||||||
# Setup gcloud CLI
|
# Setup gcloud CLI
|
||||||
- name: Authenticate to Google Cloud
|
- name: Authenticate to Google Cloud
|
||||||
id: auth
|
id: auth
|
||||||
|
|
@ -146,11 +157,11 @@ jobs:
|
||||||
--boot-disk-type pd-ssd \
|
--boot-disk-type pd-ssd \
|
||||||
--image-project=cos-cloud \
|
--image-project=cos-cloud \
|
||||||
--image-family=cos-stable \
|
--image-family=cos-stable \
|
||||||
--create-disk name="${{ inputs.test_id }}-${{ env.GITHUB_SHA_SHORT }}",device-name="${{ inputs.test_id }}-${{ env.GITHUB_SHA_SHORT }}",size=300GB,type=pd-ssd \
|
--create-disk=name="${{ inputs.test_id }}-${{ env.GITHUB_SHA_SHORT }}",device-name="${{ inputs.test_id }}-${{ env.GITHUB_SHA_SHORT }}",size=300GB,type=pd-ssd \
|
||||||
--container-image=gcr.io/google-containers/busybox \
|
--container-image=gcr.io/google-containers/busybox \
|
||||||
--machine-type ${{ env.MACHINE_TYPE }} \
|
--machine-type ${{ env.MACHINE_TYPE }} \
|
||||||
--scopes cloud-platform \
|
--scopes cloud-platform \
|
||||||
--metadata=google-monitoring-enabled=TRUE,google-logging-enabled=TRUE,enable-oslogin=TRUE \
|
--metadata=google-monitoring-enabled=TRUE,google-logging-enabled=TRUE \
|
||||||
--metadata-from-file=startup-script=.github/workflows/scripts/gcp-vm-startup-script.sh \
|
--metadata-from-file=startup-script=.github/workflows/scripts/gcp-vm-startup-script.sh \
|
||||||
--tags ${{ inputs.app_name }} \
|
--tags ${{ inputs.app_name }} \
|
||||||
--zone ${{ env.ZONE }}
|
--zone ${{ env.ZONE }}
|
||||||
|
|
@ -162,7 +173,6 @@ jobs:
|
||||||
- name: Create ${{ inputs.test_id }} Docker volume
|
- name: Create ${{ inputs.test_id }} Docker volume
|
||||||
run: |
|
run: |
|
||||||
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
||||||
--ssh-key-expire-after=30s \
|
|
||||||
--zone ${{ env.ZONE }} \
|
--zone ${{ env.ZONE }} \
|
||||||
--ssh-flag="-o ServerAliveInterval=5" \
|
--ssh-flag="-o ServerAliveInterval=5" \
|
||||||
--ssh-flag="-o ConnectionAttempts=20" \
|
--ssh-flag="-o ConnectionAttempts=20" \
|
||||||
|
|
@ -196,6 +206,17 @@ jobs:
|
||||||
with:
|
with:
|
||||||
short-length: 7
|
short-length: 7
|
||||||
|
|
||||||
|
# Install our SSH secret
|
||||||
|
- name: Install private SSH key
|
||||||
|
uses: shimataro/ssh-key-action@v2.4.0
|
||||||
|
with:
|
||||||
|
key: ${{ secrets.GCP_SSH_PRIVATE_KEY }}
|
||||||
|
name: google_compute_engine
|
||||||
|
known_hosts: unnecessary
|
||||||
|
|
||||||
|
- name: Generate public SSH key
|
||||||
|
run: ssh-keygen -y -f ~/.ssh/google_compute_engine > ~/.ssh/google_compute_engine.pub
|
||||||
|
|
||||||
# Setup gcloud CLI
|
# Setup gcloud CLI
|
||||||
- name: Authenticate to Google Cloud
|
- name: Authenticate to Google Cloud
|
||||||
id: auth
|
id: auth
|
||||||
|
|
@ -212,7 +233,6 @@ jobs:
|
||||||
- name: Launch ${{ inputs.test_id }} test
|
- name: Launch ${{ inputs.test_id }} test
|
||||||
run: |
|
run: |
|
||||||
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
||||||
--ssh-key-expire-after=30s \
|
|
||||||
--zone ${{ env.ZONE }} \
|
--zone ${{ env.ZONE }} \
|
||||||
--ssh-flag="-o ServerAliveInterval=5" \
|
--ssh-flag="-o ServerAliveInterval=5" \
|
||||||
--ssh-flag="-o ConnectionAttempts=20" \
|
--ssh-flag="-o ConnectionAttempts=20" \
|
||||||
|
|
@ -256,6 +276,17 @@ jobs:
|
||||||
NETWORK_CAPS=${{ inputs.network }}
|
NETWORK_CAPS=${{ inputs.network }}
|
||||||
echo "NETWORK=${NETWORK_CAPS,,}" >> $GITHUB_ENV
|
echo "NETWORK=${NETWORK_CAPS,,}" >> $GITHUB_ENV
|
||||||
|
|
||||||
|
# Install our SSH secret
|
||||||
|
- name: Install private SSH key
|
||||||
|
uses: shimataro/ssh-key-action@v2.4.0
|
||||||
|
with:
|
||||||
|
key: ${{ secrets.GCP_SSH_PRIVATE_KEY }}
|
||||||
|
name: google_compute_engine
|
||||||
|
known_hosts: unnecessary
|
||||||
|
|
||||||
|
- name: Generate public SSH key
|
||||||
|
run: ssh-keygen -y -f ~/.ssh/google_compute_engine > ~/.ssh/google_compute_engine.pub
|
||||||
|
|
||||||
# Setup gcloud CLI
|
# Setup gcloud CLI
|
||||||
- name: Authenticate to Google Cloud
|
- name: Authenticate to Google Cloud
|
||||||
id: auth
|
id: auth
|
||||||
|
|
@ -366,11 +397,11 @@ jobs:
|
||||||
--boot-disk-type pd-ssd \
|
--boot-disk-type pd-ssd \
|
||||||
--image-project=cos-cloud \
|
--image-project=cos-cloud \
|
||||||
--image-family=cos-stable \
|
--image-family=cos-stable \
|
||||||
--create-disk image=${{ env.CACHED_DISK_NAME }},name="${{ inputs.test_id }}-${{ env.GITHUB_SHA_SHORT }}",device-name="${{ inputs.test_id }}-${{ env.GITHUB_SHA_SHORT }}",size=300GB,type=pd-ssd \
|
--create-disk=image=${{ env.CACHED_DISK_NAME }},name="${{ inputs.test_id }}-${{ env.GITHUB_SHA_SHORT }}",device-name="${{ inputs.test_id }}-${{ env.GITHUB_SHA_SHORT }}",size=300GB,type=pd-ssd \
|
||||||
--container-image=gcr.io/google-containers/busybox \
|
--container-image=gcr.io/google-containers/busybox \
|
||||||
--machine-type ${{ env.MACHINE_TYPE }} \
|
--machine-type ${{ env.MACHINE_TYPE }} \
|
||||||
--scopes cloud-platform \
|
--scopes cloud-platform \
|
||||||
--metadata=google-monitoring-enabled=TRUE,google-logging-enabled=TRUE,enable-oslogin=TRUE \
|
--metadata=google-monitoring-enabled=TRUE,google-logging-enabled=TRUE \
|
||||||
--metadata-from-file=startup-script=.github/workflows/scripts/gcp-vm-startup-script.sh \
|
--metadata-from-file=startup-script=.github/workflows/scripts/gcp-vm-startup-script.sh \
|
||||||
--tags ${{ inputs.app_name }} \
|
--tags ${{ inputs.app_name }} \
|
||||||
--zone ${{ env.ZONE }}
|
--zone ${{ env.ZONE }}
|
||||||
|
|
@ -384,7 +415,6 @@ jobs:
|
||||||
- name: Create ${{ inputs.test_id }} Docker volume
|
- name: Create ${{ inputs.test_id }} Docker volume
|
||||||
run: |
|
run: |
|
||||||
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
||||||
--ssh-key-expire-after=30s \
|
|
||||||
--zone ${{ env.ZONE }} \
|
--zone ${{ env.ZONE }} \
|
||||||
--ssh-flag="-o ServerAliveInterval=5" \
|
--ssh-flag="-o ServerAliveInterval=5" \
|
||||||
--ssh-flag="-o ConnectionAttempts=20" \
|
--ssh-flag="-o ConnectionAttempts=20" \
|
||||||
|
|
@ -416,6 +446,17 @@ jobs:
|
||||||
with:
|
with:
|
||||||
short-length: 7
|
short-length: 7
|
||||||
|
|
||||||
|
# Install our SSH secret
|
||||||
|
- name: Install private SSH key
|
||||||
|
uses: shimataro/ssh-key-action@v2.4.0
|
||||||
|
with:
|
||||||
|
key: ${{ secrets.GCP_SSH_PRIVATE_KEY }}
|
||||||
|
name: google_compute_engine
|
||||||
|
known_hosts: unnecessary
|
||||||
|
|
||||||
|
- name: Generate public SSH key
|
||||||
|
run: ssh-keygen -y -f ~/.ssh/google_compute_engine > ~/.ssh/google_compute_engine.pub
|
||||||
|
|
||||||
# Setup gcloud CLI
|
# Setup gcloud CLI
|
||||||
- name: Authenticate to Google Cloud
|
- name: Authenticate to Google Cloud
|
||||||
id: auth
|
id: auth
|
||||||
|
|
@ -452,7 +493,6 @@ jobs:
|
||||||
if: ${{ (inputs.needs_zebra_state && !inputs.needs_lwd_state) && inputs.test_id != 'lwd-full-sync' }}
|
if: ${{ (inputs.needs_zebra_state && !inputs.needs_lwd_state) && inputs.test_id != 'lwd-full-sync' }}
|
||||||
run: |
|
run: |
|
||||||
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
||||||
--ssh-key-expire-after=30s \
|
|
||||||
--zone ${{ env.ZONE }} \
|
--zone ${{ env.ZONE }} \
|
||||||
--ssh-flag="-o ServerAliveInterval=5" \
|
--ssh-flag="-o ServerAliveInterval=5" \
|
||||||
--ssh-flag="-o ConnectionAttempts=20" \
|
--ssh-flag="-o ConnectionAttempts=20" \
|
||||||
|
|
@ -501,7 +541,6 @@ jobs:
|
||||||
if: ${{ (inputs.needs_zebra_state && inputs.needs_lwd_state) || inputs.test_id == 'lwd-full-sync' }}
|
if: ${{ (inputs.needs_zebra_state && inputs.needs_lwd_state) || inputs.test_id == 'lwd-full-sync' }}
|
||||||
run: |
|
run: |
|
||||||
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
||||||
--ssh-key-expire-after=30s \
|
|
||||||
--zone ${{ env.ZONE }} \
|
--zone ${{ env.ZONE }} \
|
||||||
--ssh-flag="-o ServerAliveInterval=5" \
|
--ssh-flag="-o ServerAliveInterval=5" \
|
||||||
--ssh-flag="-o ConnectionAttempts=20" \
|
--ssh-flag="-o ConnectionAttempts=20" \
|
||||||
|
|
@ -543,6 +582,17 @@ jobs:
|
||||||
with:
|
with:
|
||||||
short-length: 7
|
short-length: 7
|
||||||
|
|
||||||
|
# Install our SSH secret
|
||||||
|
- name: Install private SSH key
|
||||||
|
uses: shimataro/ssh-key-action@v2.4.0
|
||||||
|
with:
|
||||||
|
key: ${{ secrets.GCP_SSH_PRIVATE_KEY }}
|
||||||
|
name: google_compute_engine
|
||||||
|
known_hosts: unnecessary
|
||||||
|
|
||||||
|
- name: Generate public SSH key
|
||||||
|
run: ssh-keygen -y -f ~/.ssh/google_compute_engine > ~/.ssh/google_compute_engine.pub
|
||||||
|
|
||||||
# Setup gcloud CLI
|
# Setup gcloud CLI
|
||||||
- name: Authenticate to Google Cloud
|
- name: Authenticate to Google Cloud
|
||||||
id: auth
|
id: auth
|
||||||
|
|
@ -566,7 +616,6 @@ jobs:
|
||||||
- name: Show logs for ${{ inputs.test_id }} test (sprout)
|
- name: Show logs for ${{ inputs.test_id }} test (sprout)
|
||||||
run: |
|
run: |
|
||||||
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
||||||
--ssh-key-expire-after=30s \
|
|
||||||
--zone ${{ env.ZONE }} \
|
--zone ${{ env.ZONE }} \
|
||||||
--ssh-flag="-o ServerAliveInterval=5" \
|
--ssh-flag="-o ServerAliveInterval=5" \
|
||||||
--ssh-flag="-o ConnectionAttempts=20" \
|
--ssh-flag="-o ConnectionAttempts=20" \
|
||||||
|
|
@ -608,6 +657,17 @@ jobs:
|
||||||
with:
|
with:
|
||||||
short-length: 7
|
short-length: 7
|
||||||
|
|
||||||
|
# Install our SSH secret
|
||||||
|
- name: Install private SSH key
|
||||||
|
uses: shimataro/ssh-key-action@v2.4.0
|
||||||
|
with:
|
||||||
|
key: ${{ secrets.GCP_SSH_PRIVATE_KEY }}
|
||||||
|
name: google_compute_engine
|
||||||
|
known_hosts: unnecessary
|
||||||
|
|
||||||
|
- name: Generate public SSH key
|
||||||
|
run: ssh-keygen -y -f ~/.ssh/google_compute_engine > ~/.ssh/google_compute_engine.pub
|
||||||
|
|
||||||
# Setup gcloud CLI
|
# Setup gcloud CLI
|
||||||
- name: Authenticate to Google Cloud
|
- name: Authenticate to Google Cloud
|
||||||
id: auth
|
id: auth
|
||||||
|
|
@ -624,7 +684,6 @@ jobs:
|
||||||
- name: Show logs for ${{ inputs.test_id }} test (heartwood)
|
- name: Show logs for ${{ inputs.test_id }} test (heartwood)
|
||||||
run: |
|
run: |
|
||||||
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
||||||
--ssh-key-expire-after=30s \
|
|
||||||
--zone ${{ env.ZONE }} \
|
--zone ${{ env.ZONE }} \
|
||||||
--ssh-flag="-o ServerAliveInterval=5" \
|
--ssh-flag="-o ServerAliveInterval=5" \
|
||||||
--ssh-flag="-o ConnectionAttempts=20" \
|
--ssh-flag="-o ConnectionAttempts=20" \
|
||||||
|
|
@ -663,6 +722,17 @@ jobs:
|
||||||
with:
|
with:
|
||||||
short-length: 7
|
short-length: 7
|
||||||
|
|
||||||
|
# Install our SSH secret
|
||||||
|
- name: Install private SSH key
|
||||||
|
uses: shimataro/ssh-key-action@v2.4.0
|
||||||
|
with:
|
||||||
|
key: ${{ secrets.GCP_SSH_PRIVATE_KEY }}
|
||||||
|
name: google_compute_engine
|
||||||
|
known_hosts: unnecessary
|
||||||
|
|
||||||
|
- name: Generate public SSH key
|
||||||
|
run: ssh-keygen -y -f ~/.ssh/google_compute_engine > ~/.ssh/google_compute_engine.pub
|
||||||
|
|
||||||
# Setup gcloud CLI
|
# Setup gcloud CLI
|
||||||
- name: Authenticate to Google Cloud
|
- name: Authenticate to Google Cloud
|
||||||
id: auth
|
id: auth
|
||||||
|
|
@ -679,7 +749,6 @@ jobs:
|
||||||
- name: Show logs for ${{ inputs.test_id }} test (canopy)
|
- name: Show logs for ${{ inputs.test_id }} test (canopy)
|
||||||
run: |
|
run: |
|
||||||
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
||||||
--ssh-key-expire-after=30s \
|
|
||||||
--zone ${{ env.ZONE }} \
|
--zone ${{ env.ZONE }} \
|
||||||
--ssh-flag="-o ServerAliveInterval=5" \
|
--ssh-flag="-o ServerAliveInterval=5" \
|
||||||
--ssh-flag="-o ConnectionAttempts=20" \
|
--ssh-flag="-o ConnectionAttempts=20" \
|
||||||
|
|
@ -720,6 +789,17 @@ jobs:
|
||||||
with:
|
with:
|
||||||
short-length: 7
|
short-length: 7
|
||||||
|
|
||||||
|
# Install our SSH secret
|
||||||
|
- name: Install private SSH key
|
||||||
|
uses: shimataro/ssh-key-action@v2.4.0
|
||||||
|
with:
|
||||||
|
key: ${{ secrets.GCP_SSH_PRIVATE_KEY }}
|
||||||
|
name: google_compute_engine
|
||||||
|
known_hosts: unnecessary
|
||||||
|
|
||||||
|
- name: Generate public SSH key
|
||||||
|
run: ssh-keygen -y -f ~/.ssh/google_compute_engine > ~/.ssh/google_compute_engine.pub
|
||||||
|
|
||||||
# Setup gcloud CLI
|
# Setup gcloud CLI
|
||||||
- name: Authenticate to Google Cloud
|
- name: Authenticate to Google Cloud
|
||||||
id: auth
|
id: auth
|
||||||
|
|
@ -736,7 +816,6 @@ jobs:
|
||||||
- name: Show logs for ${{ inputs.test_id }} test (1740k)
|
- name: Show logs for ${{ inputs.test_id }} test (1740k)
|
||||||
run: |
|
run: |
|
||||||
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
||||||
--ssh-key-expire-after=30s \
|
|
||||||
--zone ${{ env.ZONE }} \
|
--zone ${{ env.ZONE }} \
|
||||||
--ssh-flag="-o ServerAliveInterval=5" \
|
--ssh-flag="-o ServerAliveInterval=5" \
|
||||||
--ssh-flag="-o ConnectionAttempts=20" \
|
--ssh-flag="-o ConnectionAttempts=20" \
|
||||||
|
|
@ -779,6 +858,17 @@ jobs:
|
||||||
with:
|
with:
|
||||||
short-length: 7
|
short-length: 7
|
||||||
|
|
||||||
|
# Install our SSH secret
|
||||||
|
- name: Install private SSH key
|
||||||
|
uses: shimataro/ssh-key-action@v2.4.0
|
||||||
|
with:
|
||||||
|
key: ${{ secrets.GCP_SSH_PRIVATE_KEY }}
|
||||||
|
name: google_compute_engine
|
||||||
|
known_hosts: unnecessary
|
||||||
|
|
||||||
|
- name: Generate public SSH key
|
||||||
|
run: ssh-keygen -y -f ~/.ssh/google_compute_engine > ~/.ssh/google_compute_engine.pub
|
||||||
|
|
||||||
# Setup gcloud CLI
|
# Setup gcloud CLI
|
||||||
- name: Authenticate to Google Cloud
|
- name: Authenticate to Google Cloud
|
||||||
id: auth
|
id: auth
|
||||||
|
|
@ -795,7 +885,6 @@ jobs:
|
||||||
- name: Show logs for ${{ inputs.test_id }} test (1760k)
|
- name: Show logs for ${{ inputs.test_id }} test (1760k)
|
||||||
run: |
|
run: |
|
||||||
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
||||||
--ssh-key-expire-after=30s \
|
|
||||||
--zone ${{ env.ZONE }} \
|
--zone ${{ env.ZONE }} \
|
||||||
--ssh-flag="-o ServerAliveInterval=5" \
|
--ssh-flag="-o ServerAliveInterval=5" \
|
||||||
--ssh-flag="-o ConnectionAttempts=20" \
|
--ssh-flag="-o ConnectionAttempts=20" \
|
||||||
|
|
@ -838,6 +927,17 @@ jobs:
|
||||||
with:
|
with:
|
||||||
short-length: 7
|
short-length: 7
|
||||||
|
|
||||||
|
# Install our SSH secret
|
||||||
|
- name: Install private SSH key
|
||||||
|
uses: shimataro/ssh-key-action@v2.4.0
|
||||||
|
with:
|
||||||
|
key: ${{ secrets.GCP_SSH_PRIVATE_KEY }}
|
||||||
|
name: google_compute_engine
|
||||||
|
known_hosts: unnecessary
|
||||||
|
|
||||||
|
- name: Generate public SSH key
|
||||||
|
run: ssh-keygen -y -f ~/.ssh/google_compute_engine > ~/.ssh/google_compute_engine.pub
|
||||||
|
|
||||||
# Setup gcloud CLI
|
# Setup gcloud CLI
|
||||||
- name: Authenticate to Google Cloud
|
- name: Authenticate to Google Cloud
|
||||||
id: auth
|
id: auth
|
||||||
|
|
@ -854,7 +954,6 @@ jobs:
|
||||||
- name: Show logs for ${{ inputs.test_id }} test (1780k)
|
- name: Show logs for ${{ inputs.test_id }} test (1780k)
|
||||||
run: |
|
run: |
|
||||||
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
||||||
--ssh-key-expire-after=30s \
|
|
||||||
--zone ${{ env.ZONE }} \
|
--zone ${{ env.ZONE }} \
|
||||||
--ssh-flag="-o ServerAliveInterval=5" \
|
--ssh-flag="-o ServerAliveInterval=5" \
|
||||||
--ssh-flag="-o ConnectionAttempts=20" \
|
--ssh-flag="-o ConnectionAttempts=20" \
|
||||||
|
|
@ -898,6 +997,17 @@ jobs:
|
||||||
with:
|
with:
|
||||||
short-length: 7
|
short-length: 7
|
||||||
|
|
||||||
|
# Install our SSH secret
|
||||||
|
- name: Install private SSH key
|
||||||
|
uses: shimataro/ssh-key-action@v2.4.0
|
||||||
|
with:
|
||||||
|
key: ${{ secrets.GCP_SSH_PRIVATE_KEY }}
|
||||||
|
name: google_compute_engine
|
||||||
|
known_hosts: unnecessary
|
||||||
|
|
||||||
|
- name: Generate public SSH key
|
||||||
|
run: ssh-keygen -y -f ~/.ssh/google_compute_engine > ~/.ssh/google_compute_engine.pub
|
||||||
|
|
||||||
# Setup gcloud CLI
|
# Setup gcloud CLI
|
||||||
- name: Authenticate to Google Cloud
|
- name: Authenticate to Google Cloud
|
||||||
id: auth
|
id: auth
|
||||||
|
|
@ -914,7 +1024,6 @@ jobs:
|
||||||
- name: Show logs for ${{ inputs.test_id }} test (1800k)
|
- name: Show logs for ${{ inputs.test_id }} test (1800k)
|
||||||
run: |
|
run: |
|
||||||
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
||||||
--ssh-key-expire-after=30s \
|
|
||||||
--zone ${{ env.ZONE }} \
|
--zone ${{ env.ZONE }} \
|
||||||
--ssh-flag="-o ServerAliveInterval=5" \
|
--ssh-flag="-o ServerAliveInterval=5" \
|
||||||
--ssh-flag="-o ConnectionAttempts=20" \
|
--ssh-flag="-o ConnectionAttempts=20" \
|
||||||
|
|
@ -957,6 +1066,17 @@ jobs:
|
||||||
with:
|
with:
|
||||||
short-length: 7
|
short-length: 7
|
||||||
|
|
||||||
|
# Install our SSH secret
|
||||||
|
- name: Install private SSH key
|
||||||
|
uses: shimataro/ssh-key-action@v2.4.0
|
||||||
|
with:
|
||||||
|
key: ${{ secrets.GCP_SSH_PRIVATE_KEY }}
|
||||||
|
name: google_compute_engine
|
||||||
|
known_hosts: unnecessary
|
||||||
|
|
||||||
|
- name: Generate public SSH key
|
||||||
|
run: ssh-keygen -y -f ~/.ssh/google_compute_engine > ~/.ssh/google_compute_engine.pub
|
||||||
|
|
||||||
# Setup gcloud CLI
|
# Setup gcloud CLI
|
||||||
- name: Authenticate to Google Cloud
|
- name: Authenticate to Google Cloud
|
||||||
id: auth
|
id: auth
|
||||||
|
|
@ -973,7 +1093,6 @@ jobs:
|
||||||
- name: Show logs for ${{ inputs.test_id }} test (1820k)
|
- name: Show logs for ${{ inputs.test_id }} test (1820k)
|
||||||
run: |
|
run: |
|
||||||
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
||||||
--ssh-key-expire-after=30s \
|
|
||||||
--zone ${{ env.ZONE }} \
|
--zone ${{ env.ZONE }} \
|
||||||
--ssh-flag="-o ServerAliveInterval=5" \
|
--ssh-flag="-o ServerAliveInterval=5" \
|
||||||
--ssh-flag="-o ConnectionAttempts=20" \
|
--ssh-flag="-o ConnectionAttempts=20" \
|
||||||
|
|
@ -1013,6 +1132,17 @@ jobs:
|
||||||
with:
|
with:
|
||||||
short-length: 7
|
short-length: 7
|
||||||
|
|
||||||
|
# Install our SSH secret
|
||||||
|
- name: Install private SSH key
|
||||||
|
uses: shimataro/ssh-key-action@v2.4.0
|
||||||
|
with:
|
||||||
|
key: ${{ secrets.GCP_SSH_PRIVATE_KEY }}
|
||||||
|
name: google_compute_engine
|
||||||
|
known_hosts: unnecessary
|
||||||
|
|
||||||
|
- name: Generate public SSH key
|
||||||
|
run: ssh-keygen -y -f ~/.ssh/google_compute_engine > ~/.ssh/google_compute_engine.pub
|
||||||
|
|
||||||
# Setup gcloud CLI
|
# Setup gcloud CLI
|
||||||
- name: Authenticate to Google Cloud
|
- name: Authenticate to Google Cloud
|
||||||
id: auth
|
id: auth
|
||||||
|
|
@ -1031,7 +1161,6 @@ jobs:
|
||||||
- name: Show logs for ${{ inputs.test_id }} test (checkpoint)
|
- name: Show logs for ${{ inputs.test_id }} test (checkpoint)
|
||||||
run: |
|
run: |
|
||||||
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
||||||
--ssh-key-expire-after=30s \
|
|
||||||
--zone ${{ env.ZONE }} \
|
--zone ${{ env.ZONE }} \
|
||||||
--ssh-flag="-o ServerAliveInterval=5" \
|
--ssh-flag="-o ServerAliveInterval=5" \
|
||||||
--ssh-flag="-o ConnectionAttempts=20" \
|
--ssh-flag="-o ConnectionAttempts=20" \
|
||||||
|
|
@ -1075,6 +1204,17 @@ jobs:
|
||||||
with:
|
with:
|
||||||
short-length: 7
|
short-length: 7
|
||||||
|
|
||||||
|
# Install our SSH secret
|
||||||
|
- name: Install private SSH key
|
||||||
|
uses: shimataro/ssh-key-action@v2.4.0
|
||||||
|
with:
|
||||||
|
key: ${{ secrets.GCP_SSH_PRIVATE_KEY }}
|
||||||
|
name: google_compute_engine
|
||||||
|
known_hosts: unnecessary
|
||||||
|
|
||||||
|
- name: Generate public SSH key
|
||||||
|
run: ssh-keygen -y -f ~/.ssh/google_compute_engine > ~/.ssh/google_compute_engine.pub
|
||||||
|
|
||||||
# Setup gcloud CLI
|
# Setup gcloud CLI
|
||||||
- name: Authenticate to Google Cloud
|
- name: Authenticate to Google Cloud
|
||||||
id: auth
|
id: auth
|
||||||
|
|
@ -1100,7 +1240,6 @@ jobs:
|
||||||
- name: Result of ${{ inputs.test_id }} test
|
- name: Result of ${{ inputs.test_id }} test
|
||||||
run: |
|
run: |
|
||||||
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
||||||
--ssh-key-expire-after=30s \
|
|
||||||
--zone ${{ env.ZONE }} \
|
--zone ${{ env.ZONE }} \
|
||||||
--ssh-flag="-o ServerAliveInterval=5" \
|
--ssh-flag="-o ServerAliveInterval=5" \
|
||||||
--ssh-flag="-o ConnectionAttempts=20" \
|
--ssh-flag="-o ConnectionAttempts=20" \
|
||||||
|
|
@ -1164,6 +1303,17 @@ jobs:
|
||||||
LONG_GITHUB_REF=${{ env.GITHUB_REF_SLUG_URL }}
|
LONG_GITHUB_REF=${{ env.GITHUB_REF_SLUG_URL }}
|
||||||
echo "SHORT_GITHUB_REF=${LONG_GITHUB_REF:0:12}" >> $GITHUB_ENV
|
echo "SHORT_GITHUB_REF=${LONG_GITHUB_REF:0:12}" >> $GITHUB_ENV
|
||||||
|
|
||||||
|
# Install our SSH secret
|
||||||
|
- name: Install private SSH key
|
||||||
|
uses: shimataro/ssh-key-action@v2.4.0
|
||||||
|
with:
|
||||||
|
key: ${{ secrets.GCP_SSH_PRIVATE_KEY }}
|
||||||
|
name: google_compute_engine
|
||||||
|
known_hosts: unnecessary
|
||||||
|
|
||||||
|
- name: Generate public SSH key
|
||||||
|
run: ssh-keygen -y -f ~/.ssh/google_compute_engine > ~/.ssh/google_compute_engine.pub
|
||||||
|
|
||||||
# Setup gcloud CLI
|
# Setup gcloud CLI
|
||||||
- name: Authenticate to Google Cloud
|
- name: Authenticate to Google Cloud
|
||||||
id: auth
|
id: auth
|
||||||
|
|
@ -1225,7 +1375,6 @@ jobs:
|
||||||
|
|
||||||
DOCKER_LOGS=$( \
|
DOCKER_LOGS=$( \
|
||||||
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
gcloud compute ssh ${{ inputs.test_id }}-${{ env.GITHUB_REF_SLUG_URL }}-${{ env.GITHUB_SHA_SHORT }} \
|
||||||
--ssh-key-expire-after=30s \
|
|
||||||
--zone ${{ env.ZONE }} \
|
--zone ${{ env.ZONE }} \
|
||||||
--ssh-flag="-o ServerAliveInterval=5" \
|
--ssh-flag="-o ServerAliveInterval=5" \
|
||||||
--ssh-flag="-o ConnectionAttempts=20" \
|
--ssh-flag="-o ConnectionAttempts=20" \
|
||||||
|
|
@ -1362,15 +1511,3 @@ jobs:
|
||||||
else
|
else
|
||||||
gcloud compute instances delete "${INSTANCE}" --zone "${{ env.ZONE }}" --delete-disks all --quiet
|
gcloud compute instances delete "${INSTANCE}" --zone "${{ env.ZONE }}" --delete-disks all --quiet
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Deletes SSH keys generated during this workflow run, as GCP has a limit of SSH keys
|
|
||||||
# that can exist at the same time in the OS Login metadata. Not deleting this keys
|
|
||||||
# could cause the following error:
|
|
||||||
# `Login profile size exceeds 32 KiB. Delete profile values to make additional space`
|
|
||||||
- name: Delete temporal SSH keys
|
|
||||||
continue-on-error: true
|
|
||||||
run: |
|
|
||||||
for i in $(gcloud compute os-login ssh-keys list --format="table[no-heading](value.fingerprint)") --impersonate-service-account=github-service-account@zealous-zebra.iam.gserviceaccount.com; do
|
|
||||||
echo "$i";
|
|
||||||
gcloud compute os-login ssh-keys remove --key "$i" --impersonate-service-account=github-service-account@zealous-zebra.iam.gserviceaccount.com || true;
|
|
||||||
done
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue