Add 'zebrad' tags to instance templates

And add 'one time' commands commented out for managing firewall rules.
2020-06-18 17:52:53 -04:00 · 2020-06-18 17:52:53 -04:00 · c85acde18f
parent f95e7d5595
commit c85acde18f
1 changed files with 22 additions and 3 deletions
--- a/.github/workflows/push.yml
+++ b/.github/workflows/push.yml
@ -46,9 +46,28 @@ jobs:
      run: |
        gcloud compute instance-templates create-with-container "zebrad-$SHORT_BRANCH_NAME-$SHA7" \
          --container-image "gcr.io/$PROJECT_ID/$BRANCH_NAME:$SHA7" \
+          --machine-type n1-highmem-8 \
          --service-account cos-vm@zealous-zebra.iam.gserviceaccount.com \
          --scopes cloud-platform \
-          --machine-type n1-highmem-8 \
+          --tags zebrad \
+
+    # Run once: create firewall rule to allow healthchecks
+    # - name: Create healthcheck firewall rule
+    #   run: |
+    #     gcloud compute firewall-rules create "allow-tracing-health-check" \
+    #     --target-tags zebrad \
+    #     --allow tcp:3000 \
+    #     --source-ranges 130.211.0.0/22,35.191.0.0/16 \
+    #     --description="Allow HTTP requests to our tracing endpoint from Google's probes" \
+
+    # Run once: create firewall rule to allow incoming traffic to the nodes
+    # - name: Create Zcash incoming traffic firewall rule
+    #   run: |
+    #     gcloud compute firewall-rules create "allow-zcash" \
+    #     --target-tags zebrad \
+    #     --allow tcp:8233,tcp:18233 \
+    #     --source-ranges 0.0.0.0/0 \
+    #     --description="Allow incoming Zcash traffic from anywhere" \

    # Deploy managed instance group using the new instance template
    - name: Deploy managed instance group
@ -62,6 +81,6 @@ jobs:
          "zebrad-$SHORT_BRANCH_NAME-$SHA7" \
          --template "zebrad-$SHORT_BRANCH_NAME-$SHA7" \
          --health-check zebrad-tracing-filter \
-          --initial-delay 60 \
+          --initial-delay 180 \
          --region us-central1 \
-          --size 2 \
+          --size 2