Update README.md #36
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: CI/CD Pipeline | |
| on: | |
| push: | |
| branches: [ "main" ] | |
| pull_request: | |
| branches: [ "main" ] | |
| jobs: | |
| build-test: | |
| runs-on: ubuntu-latest | |
| services: | |
| docker: | |
| image: docker:24-dind | |
| options: --privileged | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set up Python | |
| uses: actions/setup-python@v5 | |
| with: | |
| python-version: '3.11' | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install -r balanced_instance/requirements.txt | |
| pip install -r balancer_server/requirements.txt | |
| pip install autopep8 pytest-asyncio httpx pytest-mock | |
| - name: Run autopep8 check | |
| run: | | |
| autopep8 --in-place --recursive --aggressive --aggressive . | |
| - name: Run specific test file | |
| run: | | |
| PYTHONPATH=$PYTHONPATH:. pytest tests/ -v | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| - name: Log in to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKERHUB_USERNAME }} | |
| password: ${{ secrets.DOCKERHUB_TOKEN }} | |
| - name: Build and push backend-service image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: balanced_instance | |
| file: balanced_instance/Dockerfile | |
| push: false | |
| load: true | |
| tags: ${{ secrets.DOCKERHUB_USERNAME }}/backend-service:latest | |
| - name: Build and push load-balancer image | |
| uses: docker/build-push-action@v5 | |
| with: | |
| context: balancer_server | |
| file: balancer_server/Dockerfile | |
| push: false | |
| load: true | |
| tags: ${{ secrets.DOCKERHUB_USERNAME }}/load-balancer:latest | |
| - name: Set up Nomad CLI | |
| run: | | |
| curl -fsSL https://releases.hashicorp.com/nomad/1.7.5/nomad_1.7.5_linux_amd64.zip -o nomad.zip | |
| unzip -o nomad.zip | |
| sudo mv nomad /usr/local/bin/ | |
| nomad --version | |
| - name: Set Nomad address and token | |
| run: | | |
| echo "NOMAD_ADDR=${{ secrets.NOMAD_ADDR }}" >> $GITHUB_ENV | |
| echo "NOMAD_TOKEN=${{ secrets.NOMAD_TOKEN }}" >> $GITHUB_ENV | |
| - name: Verify Docker image exists | |
| run: | | |
| if ! docker pull wkwtfigo/load-balancer:latest; then | |
| echo "::error::Image not found in registry" | |
| exit 1 | |
| fi | |
| - name: Verify Nomad job syntax | |
| run: | | |
| nomad job validate _nomad/loadbalancer.nomad | |
| nomad job validate _nomad/backend.nomad | |
| nomad job validate _nomad/wazuh-agent.nomad | |
| nomad job validate _nomad/loki.nomad | |
| nomad job validate _nomad/promtail.nomad | |
| - name: Start Nomad agent | |
| run: | | |
| nohup nomad agent -dev -node-meta role=balancer > nomad.log 2>&1 & | |
| sleep 5 | |
| nomad status | |
| - name: Deploy load balancer | |
| run: | | |
| echo "=== Deploying load balancer ===" | |
| nomad job run _nomad/loadbalancer.nomad | |
| echo "=== Waiting for deployment to stabilize ===" | |
| sleep 15 | |
| echo "=== Verifying deployment ===" | |
| ALLOC_ID=$(nomad job allocs -json loadbalancer | jq -r '.[0].ID') | |
| STATUS=$(nomad alloc status $ALLOC_ID | grep -A 3 "Task Status" | grep "loadbalancer" | awk '{print $2}') | |
| if [ "$STATUS" != "running" ]; then | |
| echo "::error::Container failed to stay running" | |
| nomad alloc logs $ALLOC_ID loadbalancer | |
| exit 1 | |
| fi | |
| echo "=== Verifying health check ===" | |
| PORT=$(nomad alloc status $ALLOC_ID | grep "http" | awk '{print $3}') | |
| if ! curl -sf http://localhost:$PORT/health; then | |
| echo "::error::Health check failed" | |
| nomad alloc logs $ALLOC_ID loadbalancer | |
| exit 1 | |
| fi | |
| echo "=== Verifying port accessibility ===" | |
| NODE_ADDR=$(nomad node status -json $(nomad alloc status -json $ALLOC_ID | jq -r '.NodeID') | jq -r '.Attributes."unique.network.ip-address"') | |
| if ! nc -zv $NODE_ADDR $PORT; then | |
| echo "::error::Port $PORT not accessible on $NODE_ADDR" | |
| exit 1 | |
| fi | |
| - name: Deploy jobs to Nomad | |
| run: | | |
| nomad job run _nomad/backend.nomad | |
| nomad job run _nomad/wazuh-agent.nomad | |
| nomad job run _nomad/loki.nomad | |
| nomad job run _nomad/promtail.nomad | |
| env: | |
| NOMAD_ADDR: ${{ secrets.NOMAD_ADDR }} | |
| NOMAD_TOKEN: ${{ secrets.NOMAD_TOKEN }} | |
| - name: Install ApacheBench | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get install -y apache2-utils | |
| - name: Run load test with ApacheBench | |
| run: | | |
| ab -n 1000 -c 10 http://151.242.43.104:8000/ |