diff --git a/.github/workflows/deploy-lnt.llvm.org.yaml b/.github/workflows/deploy-lnt.llvm.org.yaml new file mode 100644 index 00000000..8809bde3 --- /dev/null +++ b/.github/workflows/deploy-lnt.llvm.org.yaml @@ -0,0 +1,34 @@ +name: Deploy lnt.llvm.org + +on: + push: + tags: + - 'v*' + +permissions: + contents: read + +jobs: + deploy: + runs-on: ubuntu-24.04 + + steps: + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 + + - name: Setup Terraform + uses: hashicorp/setup-terraform@v3 + + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} + aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + + - name: Initialize Terraform + run: terraform init + + - name: Apply Terraform changes + run: terraform apply -auto-approve + env: + TF_VAR_lnt_db_password: ${{ secrets.LNT_DB_PASSWORD }} + TF_VAR_lnt_auth_token: ${{ secrets.LNT_AUTH_TOKEN }} diff --git a/docker/lnt.llvm.org/ec2-startup.sh.tpl b/docker/lnt.llvm.org/ec2-startup.sh.tpl new file mode 100644 index 00000000..a5d714da --- /dev/null +++ b/docker/lnt.llvm.org/ec2-startup.sh.tpl @@ -0,0 +1,17 @@ +#!/bin/bash + +# +# This is a template for the startup script that gets run on the EC2 +# instance running lnt.llvm.org. This template gets filled in by the +# Terraform configuration file. +# + +sudo yum update -y +sudo amazon-linux-extras install docker docker-compose-plugin -y +sudo service docker start +sudo usermod -a -G docker ec2-user +sudo chkconfig docker on + +LNT_DB_PASSWORD=${__db_password__} +LNT_AUTH_TOKEN=${__auth_token__} +docker compose --file compose.yaml up diff --git a/docker/lnt.llvm.org/main.tf b/docker/lnt.llvm.org/main.tf new file mode 100644 index 00000000..a91a7120 --- /dev/null +++ b/docker/lnt.llvm.org/main.tf @@ -0,0 +1,48 @@ +# +# Terraform file for deploying lnt.llvm.org. +# + +provider "aws" { + region = "us-west-2" +} + +variable "lnt_db_password" { + type = string + description = "The database password for the lnt.llvm.org database." + sensitive = true +} + +variable "lnt_auth_token" { + type = string + description = "The authentication token to perform destructive operations on lnt.llvm.org." + sensitive = true +} + +data "cloudinit_config" "startup_scripts" { + base64_encode = true + part { + filename = "ec2-startup.sh" + content_type = "text/x-shellscript" + content = templatefile("${path.module}/ec2-startup.sh.tpl", { + __db_password__ = var.lnt_db_password, + __auth_token__ = var.lnt_auth_token, + }) + } + + part { + filename = "compose.yaml" + content_type = "text/cloud-config" + content = file("${path.module}/../compose.yaml") + } +} + +resource "aws_instance" "docker_server" { + ami = "ami-0c97bd51d598d45e4" # Amazon Linux 2023 kernel-6.12 AMI in us-west-2 + instance_type = "t2.micro" + key_name = "test-key-name" # TODO + tags = { + Name = "lnt.llvm.org" + } + + user_data_base64 = data.cloudinit_config.startup_scripts.rendered +} diff --git a/docs/developer_guide.rst b/docs/developer_guide.rst index 06879d99..4b83ab91 100644 --- a/docs/developer_guide.rst +++ b/docs/developer_guide.rst @@ -84,3 +84,14 @@ install the development dependencies, and then run the following commands from t This requires setting up the right API token, see `the official documentation `_ for details. You can replace ``--repository testpypi`` with ``--repository pypi`` once you are actually ready to publish the package. + +Deploying lnt.llvm.org +---------------------- + +The `lnt.llvm.org `_ instance gets re-deployed automatically on every tag +that gets pushed to main via a Github Action. Manually deploying the instance is also possible +by directly using Terraform:: + + cd docker/lnt.llvm.org + terraform init + terraform apply -var # see docker/lnt.llvm.org/main.tf for required variables