Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Proposal: redesign as a JavaScript action #23

Closed
EronWright opened this issue Feb 8, 2020 · 4 comments
Closed

Proposal: redesign as a JavaScript action #23

EronWright opened this issue Feb 8, 2020 · 4 comments
Assignees
@stack72
Milestone
0.53

Comments

@EronWright
Copy link

The current implementation has some interoperability issues that might best be fixed by reworking the Pulumi action to be Javascript-based. The ideal would be for the action to interoperate well with:

  • setup-node to configure authentication (incl. scopes, registries)
  • setup-gcloud to establish a service account
  • actions which manipulate the kubeconfig
  • actions which install and configure tools needed by some Pulumi programs (e.g. Helm)

Yes, the existing action attempts to handle some of the above with limited success. In practice, those setups are needed for other CI steps to be successful (e.g. push an image to GCR) anyway and would best be done in a standard way.

Meanwhile, a Javascript-based implementation would just work better. As an example, I struggled with connecting to Kubernetes from my Pulumi program, due to the auth-helper in kubeconfig not being in the path, following a step which ran gcloud container clusters get-credentials.
@chrsmith chrsmith self-assigned this Feb 10, 2020
@chrsmith
Copy link
Contributor

Thanks for the suggestion @EronWright , you might be right that this would be a better approach. But admittedly I'd need to wrap my head around what that would mean for all of the currently supported use-cases for the pulumi/actions container.

Currently the "actions" container is just a veneer on top of the pulumi/pulumi one, which installs all of the needed SDKs for a Pulumi program to run. (Currently .NET, Go, Python, Node.) And then the actions container fleshes out the entry point.sh to try and download dependencies, etc.

We've definitely seen this as a pain point for a lot of users, and will probably redesign how we organize/distribute our build/runtime containers. e.g.
pulumi/pulumi#2891
pulumi/pulumi#3789

So redesigning the "GitHub Actions" variant to use a better or more robust approach sounds like a good idea. It's just a matter of understanding what the end result would be.

So for example, did you succeed in using GitHub Actions to update a Pulumi stack that uses Kubernetes on GKE? If so, did you "chain" multiple containers together? e.g. (execute setup-gcloud, then execute setup-node, then finally executing a "run-pulumi" type container?) Or did you instead just do it all via the same container and some parameterization? (e.g. "SETUP_STEPS = [ 'setup-node', 'setup-gcloud' ]" or similar?)

Anyways, just trying to get a better understanding of what you you had in-mind. Since we could easily replace our entry point script with a JavaScript file, but that might not on its own be a big improvement.

@EronWright
Copy link
Author

EronWright commented Feb 10, 2020
edited
Loading

Thanks @chrsmith for considering the proposal. The short answer is that I used prepor/github-pulumi which proved to be very effective and I highly recommend as the basis for the official v2 action.

I did compose my job from standard steps. Here's a snippet:

      - name: Setup Google Cloud SDK
        uses: GoogleCloudPlatform/github-actions/setup-gcloud@master
        with:
          version: '276.0.0'
          service_account_email: ${{ secrets.GCP_SA_EMAIL }}
          service_account_key: ${{ secrets.GCP_SA_KEY }}

      - name: Connect to GKE
        run: |
          gcloud container clusters get-credentials $GKE_CLUSTER --zone $GKE_ZONE --project $GCP_PROJECT

      - name: Setup Pulumi
        uses: prepor/setup-pulumi@master
        with:
          version: 1.9.1

      - name: Deploy to GKE (Pulumi Preview)
        uses: prepor/github-pulumi@master
        if: github.event_name == 'pull_request'
        with:
          mode: pr
          comment-on-pr: true
          github-token: ${{ secrets.GITHUB_TOKEN }}
          stack: test
          root: ./deploy
          args: >
            preview
            --config "image=gcr.io/${{ secrets.GCP_PROJECT }}/example/image:${{ github.sha }}"
        env:
          PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}

      - name: Deploy to GKE (Pulumi Up)
        uses: prepor/github-pulumi@master
        if: github.event_name == 'push'
        with:
          mode: push
          github-token: ${{ secrets.GITHUB_TOKEN }}
          stack: test
          root: ./deploy
          args: >
            up
            --config "image=gcr.io/${{ secrets.GCP_PROJECT }}/example/image:${{ github.sha }}"
        env:
          PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}

@simenandre simenandre mentioned this issue Nov 14, 2020
Closed
6 tasks
@stack72 stack72 mentioned this issue Dec 31, 2020
Closed
29 tasks
@stack72
Copy link
Contributor

stack72 commented Dec 31, 2020

Closed as being tracked in #40

@stack72 stack72 closed this as completed Dec 31, 2020
@leezen leezen reopened this Jan 4, 2021
@stack72 stack72 assigned stack72 and unassigned chrsmith Feb 26, 2021
@stack72 stack72 added this to the 0.53 milestone Feb 26, 2021
@stack72
Copy link
Contributor

stack72 commented Feb 26, 2021

I am closing this out as we have just released v2 of our Action which is based on TypeScript and addresses this issue

@stack72 stack72 closed this as completed Feb 26, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@stack72 stack72

Labels
None yet
Projects
None yet
Milestone
0.53
Development

No branches or pull requests
4 participants
@stack72 @leezen @EronWright @chrsmith