[Native K8s] Use <<-EOF syntax instead of an array of strings

majanjua-amzn · majanjua-amzn · commit 5e67a36dc1c2 · 2024-04-02T14:03:57.000-07:00
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -0,0 +1,71 @@
+## Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+## SPDX-License-Identifier: Apache-2.0
+
+## This workflow aims to run the Application Signals end-to-end tests as a canary to
+## test the artifacts for App Signals enablement. It will deploy a sample app and remote
+## service onto an EKS cluster, call the APIs, and validate the generated telemetry,
+## including logs, metrics, and traces.
+name: Testing
+on:
+  push:
+    branches:
+      - k8s
+  workflow_dispatch: # be able to run the workflow on demand
+
+concurrency:
+  group: ${{ github.workflow }}
+  cancel-in-progress: false
+
+permissions:
+  id-token: write
+  contents: read
+
+jobs:
+  e2e-k8s-test-0:
+    uses: ./.github/workflows/appsignals-e2e-k8s-test.yml
+    secrets: inherit
+    with:
+      aws-region: 'us-east-1'
+      caller-workflow-name: 'appsignals-e2e-k8s-canary-test'
+  e2e-k8s-test-1:
+    uses: ./.github/workflows/appsignals-e2e-k8s-test.yml
+    secrets: inherit
+    needs: e2e-k8s-test-0
+    with:
+      aws-region: 'us-east-1'
+      caller-workflow-name: 'appsignals-e2e-k8s-canary-test'
+  e2e-k8s-test-2:
+    uses: ./.github/workflows/appsignals-e2e-k8s-test.yml
+    secrets: inherit
+    needs: e2e-k8s-test-1
+    with:
+      aws-region: 'us-east-1'
+      caller-workflow-name: 'appsignals-e2e-k8s-canary-test'
+  e2e-k8s-test-3:
+    uses: ./.github/workflows/appsignals-e2e-k8s-test.yml
+    secrets: inherit
+    needs: e2e-k8s-test-2
+    with:
+      aws-region: 'us-east-1'
+      caller-workflow-name: 'appsignals-e2e-k8s-canary-test'
+  e2e-k8s-test-4:
+    uses: ./.github/workflows/appsignals-e2e-k8s-test.yml
+    secrets: inherit
+    needs: e2e-k8s-test-3
+    with:
+      aws-region: 'us-east-1'
+      caller-workflow-name: 'appsignals-e2e-k8s-canary-test'
+  e2e-k8s-test-5:
+    uses: ./.github/workflows/appsignals-e2e-k8s-test.yml
+    secrets: inherit
+    needs: e2e-k8s-test-4
+    with:
+      aws-region: 'us-east-1'
+      caller-workflow-name: 'appsignals-e2e-k8s-canary-test'
+  e2e-k8s-test-6:
+    uses: ./.github/workflows/appsignals-e2e-k8s-test.yml
+    secrets: inherit
+    needs: e2e-k8s-test-5
+    with:
+      aws-region: 'us-east-1'
+      caller-workflow-name: 'appsignals-e2e-k8s-canary-test'
diff --git a/terraform/k8s/cleanup/main.tf b/terraform/k8s/cleanup/main.tf
@@ -10,26 +10,28 @@ resource "null_resource" "cleanup" {
 
   provisioner "remote-exec" {
     inline = [
+      <<-EOF
       # Allow terraform to fail any of the following steps without exiting
-      "set +e",
+      set +e
 
       # Uninstall the operator and remove the repo from the EC2 instance
-      "echo \"LOG: Uninstalling CloudWatch Agent Operator\"",
-      "helm uninstall --debug --namespace amazon-cloudwatch amazon-cloudwatch-operator --ignore-not-found",
-      "echo \"LOG: Deleting CloudWatch Agent Operator repo from environment\"",
-      "[ ! -e amazon-cloudwatch-agent-operator ] || sudo rm -r amazon-cloudwatch-agent-operator",
+      echo "LOG: Uninstalling CloudWatch Agent Operator"
+      helm uninstall --debug --namespace amazon-cloudwatch amazon-cloudwatch-operator --ignore-not-found
+      echo "LOG: Deleting CloudWatch Agent Operator repo from environment"
+      [ ! -e amazon-cloudwatch-agent-operator ] || sudo rm -r amazon-cloudwatch-agent-operator
 
       # Delete sample app resources
-      "echo \"LOG: Deleting sample app namespace\"",
-      "kubectl delete namespace sample-app-namespace",
-      "echo \"LOG: Deleting sample app deployment files\"",
-      "[ ! -e frontend-service-depl.yaml ] || rm frontend-service-depl.yaml",
-      "[ ! -e remote-service-depl.yaml ] || rm remote-service-depl.yaml",
-      "sleep 10",
+      echo "LOG: Deleting sample app namespace"
+      kubectl delete namespace sample-app-namespace
+      echo "LOG: Deleting sample app deployment files"
+      [ ! -e frontend-service-depl.yaml ] || rm frontend-service-depl.yaml
+      [ ! -e remote-service-depl.yaml ] || rm remote-service-depl.yaml
+      sleep 10
 
       # Print cluster state when done clean up procedures
-      "echo \"LOG: Printing cluster state after cleanup\"",
-      "kubectl get pods -A",
+      echo "LOG: Printing cluster state after cleanup"
+      kubectl get pods -A
+      EOF
     ]
   }
 }
diff --git a/terraform/k8s/deploy/main.tf b/terraform/k8s/deploy/main.tf
@@ -23,66 +23,69 @@ resource "null_resource" "deploy" {
 
   provisioner "remote-exec" {
     inline = [
+      <<-EOF
       # Make the Terraform fail if any step throws an error
-      "set -e",
+      set -e
 
       # Ensure environment is clean
-      "echo \"LOG: Rerunning cleanup commands in case of cleanup failure in previous run\"",
-      "helm uninstall --debug --namespace amazon-cloudwatch amazon-cloudwatch-operator --ignore-not-found",
-      "kubectl delete namespace sample-app-namespace --ignore-not-found=true",
-      "[ ! -e amazon-cloudwatch-agent-operator ] || sudo rm -r amazon-cloudwatch-agent-operator",
-      "[ ! -e frontend-service-depl.yaml ] || rm frontend-service-depl.yaml",
-      "[ ! -e remote-service-depl.yaml ] || rm remote-service-depl.yaml",
+      echo "LOG: Rerunning cleanup commands in case of cleanup failure in previous run"
+      helm uninstall --debug --namespace amazon-cloudwatch amazon-cloudwatch-operator --ignore-not-found
+      kubectl delete namespace sample-app-namespace --ignore-not-found=true
+      [ ! -e amazon-cloudwatch-agent-operator ] || sudo rm -r amazon-cloudwatch-agent-operator
+      [ ! -e frontend-service-depl.yaml ] || rm frontend-service-depl.yaml
+      [ ! -e remote-service-depl.yaml ] || rm remote-service-depl.yaml
 
       # Clone and install operator onto cluster
-      "echo \"LOG: Cloning operator repo\"",
-      "git clone https://github.com/aws/amazon-cloudwatch-agent-operator -q",
-      "cd amazon-cloudwatch-agent-operator/helm/",
-      "echo \"LOG: Installing CloudWatch Agent Operator using Helm\"",
-      "helm upgrade --install --debug --namespace amazon-cloudwatch amazon-cloudwatch-operator ./ --create-namespace --set region=us-east-1 --set clusterName=k8s-cluster-${var.test_id}",
+      echo "LOG: Cloning operator repo"
+      git clone https://github.com/aws/amazon-cloudwatch-agent-operator -q
+      cd amazon-cloudwatch-agent-operator/helm/
+      echo "LOG: Installing CloudWatch Agent Operator using Helm"
+      helm upgrade --install --debug --namespace amazon-cloudwatch amazon-cloudwatch-operator ./ --create-namespace --set region=us-east-1 --set clusterName=k8s-cluster-${var.test_id}
 
-      "sleep 60", # wait for pods to exist before checking if they're ready
-      "kubectl wait --for=condition=Ready pods --all --selector=app.kubernetes.io/name=amazon-cloudwatch-observability -n amazon-cloudwatch --timeout=60s",
-      "kubectl wait --for=condition=Ready pods --all --selector=app.kubernetes.io/name=cloudwatch-agent -n amazon-cloudwatch --timeout=60s",
+      sleep 60 # wait for pods to exist before checking if they're ready
+      kubectl wait --for=condition=Ready pods --all --selector=app.kubernetes.io/name=amazon-cloudwatch-observability -n amazon-cloudwatch --timeout=60s
+      kubectl wait --for=condition=Ready pods --all --selector=app.kubernetes.io/name=cloudwatch-agent -n amazon-cloudwatch --timeout=60s
 
       # Create sample app namespace
-      "echo \"LOG: Creating sample app namespace\"",
-      "kubectl create namespace sample-app-namespace",
+      echo "LOG: Creating sample app namespace"
+      kubectl create namespace sample-app-namespace
 
       # Set up secret to pull image with
-      "echo \"LOG: Creating secret \"",
-      "ACCOUNT=$(aws sts get-caller-identity --query 'Account' --output text)",
-      "SECRET_NAME=ecr-secret",
-      "TOKEN=`aws ecr --region=${var.aws_region} get-authorization-token --output text --query authorizationData[].authorizationToken | base64 -d | cut -d: -f2`",
+      echo "LOG: Creating secret "
+      ACCOUNT=$(aws sts get-caller-identity --query 'Account' --output text)
+      SECRET_NAME=ecr-secret
+      TOKEN=`aws ecr --region=${var.aws_region} get-authorization-token --output text --query authorizationData[].authorizationToken | base64 -d | cut -d: -f2`
 
-      "echo \"LOG: Deleting secret if it exists\"",
-      "kubectl delete secret -n sample-app-namespace --ignore-not-found $SECRET_NAME",
-      "echo \"LOG: Creating secret for pulling sample app ECR\"",
-      "kubectl create secret -n sample-app-namespace docker-registry $SECRET_NAME \\",
-      "--docker-server=https://$ACCOUNT.dkr.ecr.${var.aws_region}.amazonaws.com \\",
-      "--docker-username=AWS \\",
-      "--docker-password=\"$${TOKEN}\"",
+      echo "LOG: Deleting secret if it exists"
+      kubectl delete secret -n sample-app-namespace --ignore-not-found $SECRET_NAME
+      echo "LOG: Creating secret for pulling sample app ECR"
+      kubectl create secret -n sample-app-namespace docker-registry $SECRET_NAME \
+      --docker-server=https://$ACCOUNT.dkr.ecr.${var.aws_region}.amazonaws.com \
+      --docker-username=AWS \
+      --docker-password="$${TOKEN}"
 
       # Deploy sample app
-      "echo \"LOG: Pulling sample app deployment files\"",
-      "cd ~", # To ensure everything is downloaded into root directory so cleanup is easy
-      "aws s3api get-object --bucket aws-appsignals-sample-app-prod-us-east-1 --key frontend-service-depl.yaml frontend-service-depl.yaml",
-      "aws s3api get-object --bucket aws-appsignals-sample-app-prod-us-east-1 --key remote-service-depl.yaml remote-service-depl.yaml",
-      "echo \"LOG: Applying sample app deployment files\"",
-      "kubectl apply -f frontend-service-depl.yaml",
-      "kubectl apply -f remote-service-depl.yaml",
+      echo "LOG: Pulling sample app deployment files"
+      cd ~", # To ensure everything is downloaded into root directory so cleanup is ea
+      aws s3api get-object --bucket aws-appsignals-sample-app-prod-us-east-1 --key frontend-service-depl.yaml frontend-service-depl.yaml
+      aws s3api get-object --bucket aws-appsignals-sample-app-prod-us-east-1 --key remote-service-depl.yaml remote-service-depl.yaml
+      echo "LOG: Applying sample app deployment files"
+      kubectl apply -f frontend-service-depl.yaml
+      kubectl apply -f remote-service-depl.yaml
 
       # Expose sample app on port 30100
-      "echo \"LOG: Exposing main sample app on port 30100\"",
-      "kubectl expose deployment sample-app-deployment-${var.test_id} -n sample-app-namespace --type=\"NodePort\" --port 8080",
-      "kubectl patch service sample-app-deployment-${var.test_id} -n sample-app-namespace --type='json' --patch='[{\"op\": \"replace\", \"path\": \"/spec/ports/0/nodePort\", \"value\":30100}]'",
+      echo "LOG: Exposing main sample app on port 30100"
+      kubectl expose deployment sample-app-deployment-${var.test_id} -n sample-app-namespace --type="NodePort" --port 8080
+      kubectl patch service sample-app-deployment-${var.test_id} -n sample-app-namespace --type='json' --patch='[{"op": "replace", "path": "/spec/ports/0/nodePort", "value":30100}]'
 
       # Wait for sample app to be reach ready state
-      "kubectl wait --for=condition=Ready --request-timeout '5m' pod --all -n sample-app-namespace",
+      kubectl wait --for=condition=Ready --request-timeout '5m' pod --all -n sample-app-namespace
 
       # Emit remote service pod IP
-      "echo \"LOG: Outputting remote service pod IP to SSM using put-parameter API\"",
-      "aws ssm put-parameter --region ${var.aws_region} --name remote-service-ip --type String --overwrite --value $(kubectl get pod --selector=app=remote-app -n sample-app-namespace -o jsonpath='{.items[0].status.podIP}')",
+      echo "LOG: Outputting remote service pod IP to SSM using put-parameter API"
+      aws ssm put-parameter --region ${var.aws_region} --name remote-service-ip --type String --overwrite --value $(kubectl get pod --selector=app=remote-app -n sample-app-namespace -o jsonpath='{.items[0].status.podIP}')
+
+      EOF
     ]
   }
 }
