Skip to content

Commit

Permalink
Merge branch 'apache:master' into master
Browse files Browse the repository at this point in the history
  • Loading branch information
edman124 authored Oct 30, 2023
2 parents f2d81cb + 28f6e33 commit 09727b4
Show file tree
Hide file tree
Showing 910 changed files with 26,197 additions and 22,116 deletions.
10 changes: 5 additions & 5 deletions .github/actions/common-rc-validation/action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -36,19 +36,19 @@ runs:
shell: bash
run: |
echo "---------------------Downloading Python Staging RC----------------------------"
wget ${PYTHON_RC_DOWNLOAD_URL}/${RELEASE_VER}/python/apache-beam-${RELEASE_VER}.zip
wget ${PYTHON_RC_DOWNLOAD_URL}/${RELEASE_VER}/python/apache-beam-${RELEASE_VER}.zip.sha512
if [[ ! -f apache-beam-$RELEASE_VER.zip ]]; then
wget ${PYTHON_RC_DOWNLOAD_URL}/${RELEASE_VER}/python/apache-beam-${RELEASE_VER}.tar.gz
wget ${PYTHON_RC_DOWNLOAD_URL}/${RELEASE_VER}/python/apache-beam-${RELEASE_VER}.tar.gz.sha512
if [[ ! -f apache-beam-$RELEASE_VER.tar.gz ]]; then
{ echo "Fail to download Python Staging RC files." ;exit 1; }
fi
echo "--------------------------Verifying Hashes------------------------------------"
sha512sum -c apache-beam-${RELEASE_VER}.zip.sha512
sha512sum -c apache-beam-${RELEASE_VER}.tar.gz.sha512
`which pip` install --upgrade pip
`which pip` install --upgrade setuptools
- name: Installing python SDK
shell: bash
run: pip install apache-beam-${RELEASE_VER}.zip[gcp]
run: pip install apache-beam-${RELEASE_VER}.tar.gz[gcp]

4 changes: 1 addition & 3 deletions .github/actions/setup-action/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,4 @@ runs:
- name: expose gcloud path
shell: bash
run: |
echo KUBELET_GCLOUD_CONFIG_PATH=/var/lib/kubelet/pods/$POD_UID/volumes/kubernetes.io~empty-dir/gcloud >> $GITHUB_ENV
- name: Setup environment
uses: ./.github/actions/setup-environment-action
echo KUBELET_GCLOUD_CONFIG_PATH=/var/lib/kubelet/pods/$POD_UID/volumes/kubernetes.io~empty-dir/gcloud >> $GITHUB_ENV
6 changes: 5 additions & 1 deletion .github/actions/setup-environment-action/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,10 @@ inputs:
required: false
description: 'Install Go version'
default: ''
disable-cache:
required: false
description: 'Whether to disable the gradle cache'
default: false

runs:
using: "composite"
Expand All @@ -48,7 +52,7 @@ runs:
- name: Setup Gradle
uses: gradle/gradle-build-action@v2
with:
cache-read-only: false
cache-read-only: ${{ inputs.disable-cache }}
- name: Install Go
if: ${{ inputs.go-version != '' }}
uses: actions/setup-go@v3
Expand Down
61 changes: 61 additions & 0 deletions .github/build.gradle
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* License); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an AS IS BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/

buildscript {
repositories {
mavenCentral()
}
dependencies {
classpath group: 'org.yaml', name: 'snakeyaml', version: '2.2'
}
}

/** check that yml are valid */
task check {
doLast {
fileTree("${project.projectDir}/workflows").matching {
include "*.yml"
include "*.yaml"
}.each {
def fname = it.getName()
// attempt load yml to make sure its valid
def workflow = new org.yaml.snakeyaml.Yaml().load(it.newInputStream())

// additional guards for running all tests functionality
// TODO(yathu) expand this also to post commits prior teardown Jenkins postcommits
if ( fname.startsWith("beam_PreCommit")) {
List paths
try {
paths = workflow.getAt(true).pull_request_target.paths as List
} catch (Exception e) {
throw new GradleException("Fail to get the trigger path for ${fname}. " +
"Make sure precommit has a pull_request_target trigger.", e)
}
// precommit should triggered by this specific file
if (paths != null && !paths.contains('release/trigger_all_tests.json')) {
throw new GradleException("Error validating ${fname}: " +
"Please add 'release/trigger_all_tests.json' to the trigger path for release verification run properly")
}
}
}
}
}

task preCommit {
dependsOn check
}
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ spec:
name: ${name}
minReplicas: ${min_runners}
maxReplicas: ${max_runners}
%{~ if webhook_scaling == "true" ~}
%{~ if webhook_scaling ~}
scaleUpTriggers:
- githubEvent:
workflowJob: {}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,9 @@ metadata:
name: ${name}
spec:
template:
metadata:
annotations:
cluster-autoscaler.kubernetes.io/safe-to-evict: "false"
spec:
%{~ if selector == true ~}
nodeSelector:
Expand Down
12 changes: 8 additions & 4 deletions .github/gh-actions-self-hosted-runners/arc/environments/beam.env
Original file line number Diff line number Diff line change
Expand Up @@ -20,14 +20,18 @@
project_id = "apache-beam-testing"
region = "us-central1"
zone = "us-central1-b"
environment = "beam"
environment = "beam-prod"
ingress_domain = "action.beam.apache.org"
organization = "apache"
repository = "beam"
github_app_id_secret_name = "gh-app_id"
github_app_install_id_secret_name = "gh-app_installation_id"
github_private_key_secret_name = "gh-pem_key"
deploy_webhook = "true"
existing_vpc_name = "default"
existing_ip_name = "beam-arc-webhook-ip"
subnetwork_cidr_range = "10.119.0.0/20"
service_account_id = "[email protected]"
runner_group = "beam"
main_runner = {
name = "main-runner"
Expand All @@ -37,7 +41,7 @@ main_runner = {
max_node_count = "24"
min_replicas = "1"
max_replicas = "200"
webhook_scaling = true
webhook_scaling = false
disk_size_gb = 200
requests = {
cpu = "2"
Expand All @@ -52,7 +56,7 @@ additional_runner_pools = [{
max_node_count = "10"
min_replicas = "1"
max_replicas = "10"
webhook_scaling = "true"
webhook_scaling = false
requests = {
cpu = "1500m"
memory = "5Gi"
Expand All @@ -69,7 +73,7 @@ additional_runner_pools = [{
max_node_count = "10"
min_replicas = "1"
max_replicas = "10"
webhook_scaling = "true"
webhook_scaling = false
requests = {
cpu = "7.5"
memory = "5Gi"
Expand Down
16 changes: 14 additions & 2 deletions .github/gh-actions-self-hosted-runners/arc/gke.tf
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ resource "google_container_cluster" "actions-runner-gke" {
project = var.project_id
location = var.zone
initial_node_count = 1
network = google_compute_network.actions-runner-network.id
network = data.google_compute_network.actions-runner-network.id
subnetwork = google_compute_subnetwork.actions-runner-subnetwork.id
remove_default_node_pool = true

Expand All @@ -45,6 +45,7 @@ resource "google_container_node_pool" "main-actions-runner-pool" {
oauth_scopes = [
"https://www.googleapis.com/auth/cloud-platform"
]
service_account = data.google_service_account.service_account.email
tags = ["actions-runner-pool"]
}
}
Expand Down Expand Up @@ -72,6 +73,7 @@ resource "google_container_node_pool" "additional_runner_pools" {
oauth_scopes = [
"https://www.googleapis.com/auth/cloud-platform"
]
service_account = data.google_service_account.service_account.email
tags = ["actions-runner-pool"]
labels = {
"runner-pool" = each.value.name
Expand All @@ -90,5 +92,15 @@ resource "google_container_node_pool" "additional_runner_pools" {


resource "google_compute_global_address" "actions-runner-ip" {
name = "${var.environment}-actions-runner-ip"
count = var.deploy_webhook == "true" && var.existing_ip_name == "" ? 1 : 0
name = "${var.environment}-actions-runner-ip"
}

data "google_compute_global_address" "actions-runner-ip" {
count = var.deploy_webhook == "true" ? 1 : 0
name = var.existing_ip_name == "" ? google_compute_global_address.actions-runner-ip[0].name : var.existing_ip_name
}

data google_service_account "service_account" {
account_id = var.service_account_id
}
1 change: 1 addition & 0 deletions .github/gh-actions-self-hosted-runners/arc/kubernetes.tf
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ resource "kubectl_manifest" "arc_autoscaler" {
depends_on = [helm_release.arc]
}
resource "kubectl_manifest" "arc_webhook_certificate" {
count = var.deploy_webhook != "false" ? 1 : 0
yaml_body = templatefile("config/arc_certificate.tpl", { ingress_domain = var.ingress_domain })
override_namespace = "arc"
depends_on = [helm_release.arc]
Expand Down
8 changes: 3 additions & 5 deletions .github/gh-actions-self-hosted-runners/arc/locals.tf
Original file line number Diff line number Diff line change
Expand Up @@ -19,20 +19,18 @@


locals {
subnetwork_cidr_range = "10.128.0.0/20"
arc_values = {
"githubWebhookServer.enabled" = "true"
"githubWebhookServer.enabled" = "${var.deploy_webhook}"
"authSecret.create" = "true"
"authSecret.github_app_id" = data.google_secret_manager_secret_version.github_app_id.secret_data
"authSecret.github_app_installation_id" = data.google_secret_manager_secret_version.github_app_install_id.secret_data
"authSecret.github_app_private_key" = data.google_secret_manager_secret_version.github_private_key.secret_data
"githubWebhookServer.ingress.enabled" = "true"
"githubWebhookServer.ingress.enabled" = "${var.deploy_webhook}"
"githubWebhookServer.ingress.hosts[0].host" = var.ingress_domain
"githubWebhookServer.ingress.hosts[0].paths[0].path" = "/"
"githubWebhookServer.ingress.hosts[0].paths[0].pathType" = "ImplementationSpecific"
"githubWebhookServer.service.type" = "NodePort"
#"githubWebhookServer.ingress.tls[0].hosts[0]" = var.ingress_domain
"githubWebhookServer.ingress.annotations.kubernetes\\.io/ingress\\.global-static-ip-name" = google_compute_global_address.actions-runner-ip.name
"githubWebhookServer.ingress.annotations.kubernetes\\.io/ingress\\.global-static-ip-name" = var.deploy_webhook != "false" ? data.google_compute_global_address.actions-runner-ip[0].name : "not-configured"
"githubWebhookServer.ingress.annotations.networking\\.gke\\.io/managed-certificates" = "managed-cert"
"githubWebhookServer.ingress.annotations.kubernetes\\.io/ingress\\.class" = "gce"
}
Expand Down
10 changes: 8 additions & 2 deletions .github/gh-actions-self-hosted-runners/arc/network.tf
Original file line number Diff line number Diff line change
Expand Up @@ -18,15 +18,21 @@
#

resource "google_compute_network" "actions-runner-network" {
count = var.existing_vpc_name == "" ? 1 : 0
project = var.project_id
name = "${var.environment}-actions-runner-network"
auto_create_subnetworks = false
}
data "google_compute_network" "actions-runner-network" {
name = var.existing_vpc_name == "" ? google_compute_network.actions-runner-network[0].name : var.existing_vpc_name
project = var.project_id
}


resource "google_compute_subnetwork" "actions-runner-subnetwork" {
ip_cidr_range = local.subnetwork_cidr_range
ip_cidr_range = var.subnetwork_cidr_range
name = "${var.environment}-actions-runner-subnetwork"
network = google_compute_network.actions-runner-network.id
network = data.google_compute_network.actions-runner-network.id
region = var.region
project = var.project_id
}
3 changes: 1 addition & 2 deletions .github/gh-actions-self-hosted-runners/arc/outputs.tf
Original file line number Diff line number Diff line change
Expand Up @@ -24,9 +24,8 @@ output "cluster_endpoint" {
value = google_container_cluster.actions-runner-gke.endpoint
}
output "ingress_ip" {
value = google_compute_global_address.actions-runner-ip.address
value = var.deploy_webhook != "false" ? data.google_compute_global_address.actions-runner-ip[0].address : "Not Configured"
}

output "get_kubeconfig_command" {
value = "gcloud container clusters get-credentials ${google_container_cluster.actions-runner-gke.name} --region ${var.zone} --project ${var.project_id}"
}
Expand Down
6 changes: 3 additions & 3 deletions .github/gh-actions-self-hosted-runners/arc/provider.tf
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@

terraform {
backend "gcs" {
prefix = "test-state"
prefix = "prod"
}

required_providers {
Expand All @@ -28,8 +28,8 @@ terraform {
version = "~> 4.62.0"
}
kubectl = {
source = "gavinbunney/kubectl"
version = ">= 1.7.0"
source = "alekc/kubectl"
version = ">= 2.0.2"
}
}
}
Expand Down
17 changes: 17 additions & 0 deletions .github/gh-actions-self-hosted-runners/arc/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,23 @@ variable "deploy_webhook" {
description = "Enable Github Webhook deployment. use this if the Github App has permissions to create webhooks"
default = "false"
}
variable "existing_vpc_name" {
description = "Name of existing VPC to use for deployment"
default = ""
}
variable "existing_ip_name" {
description = "Name of existing IP to use for ingress"
default = ""
}
variable "subnetwork_cidr_range" {
description = "CIDR range for subnetwork"
default = "10.128.0.0/20"

}
variable "service_account_id" {
description = "ID of service account to use for deployment. This can be Name, full Email or Fully Qualified Path"
default = ""
}
variable "runner_group" {
description = "value for the runner group label"
default = ""
Expand Down
Loading

0 comments on commit 09727b4

Please sign in to comment.