From f747eaa0d39918ebf0604ce79c4a34bf2d90a6fe Mon Sep 17 00:00:00 2001 From: Bruce Becker Date: Mon, 25 Mar 2024 18:16:38 +0100 Subject: [PATCH] feat(esm): add consul external services management job (#120) feat(esm): add consul external services management job ci: update tailscale version in CI runners chore: update pre-commit hooks and add github workflows check refactor(esm): move hardcoded version to variable fix(esm): add migration, update and scaling stanzas fix(esm): tune requirements for job chore: bump version back to 0.7.1 --------- Signed-off-by: Bruce Becker --- .github/workflows/validate.yml | 1 + .pre-commit-config.yaml | 15 ++++++--- .secrets.baseline | 2 +- consul-esm.nomad | 59 ++++++++++++++++++++++++++++++++++ 4 files changed, 71 insertions(+), 6 deletions(-) create mode 100644 consul-esm.nomad diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 92f0a2c..50e4e29 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -35,6 +35,7 @@ jobs: oauth-client-id: ${{ secrets.TAILSCALE_OAUTH_CLIENT_ID }} oauth-secret: ${{ secrets.TAILSCALE_OAUTH_KEY }} tags: tag:ci + version: 1.58.2 - name: check connectivity run: ifconfig ; host sense.orca-ordinal.ts.net - name: Checkout change diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index a2b9638..a273ad6 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,7 +1,7 @@ --- repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v4.3.0 + rev: v4.5.0 hooks: - id: trailing-whitespace - id: end-of-file-fixer @@ -9,21 +9,26 @@ repos: - id: check-added-large-files - id: check-merge-conflict + - repo: https://github.com/python-jsonschema/check-jsonschema + rev: 0.28.0 + hooks: + - id: check-github-workflows + - repo: https://github.com/alessandrojcm/commitlint-pre-commit-hook - rev: v8.0.0 + rev: v9.13.0 hooks: - id: commitlint stages: [commit-msg] - additional_dependencies: ['@commitlint/config-conventional'] + additional_dependencies: ['@commitlint/config-conventional', '@commitlint/cli'] - repo: https://github.com/Yelp/detect-secrets - rev: v1.2.0 + rev: v1.4.0 hooks: - id: detect-secrets args: ['--baseline', '.secrets.baseline'] - repo: https://github.com/tfsec/tfsec - rev: v1.26.3 + rev: v1.28.5 hooks: - id: tfsec-system - repo: local diff --git a/.secrets.baseline b/.secrets.baseline index a2c25cc..2fe5c7c 100644 --- a/.secrets.baseline +++ b/.secrets.baseline @@ -1,5 +1,5 @@ { - "version": "1.2.0", + "version": "1.4.0", "plugins_used": [ { "name": "ArtifactoryDetector" diff --git a/consul-esm.nomad b/consul-esm.nomad new file mode 100644 index 0000000..82cca8d --- /dev/null +++ b/consul-esm.nomad @@ -0,0 +1,59 @@ +variable "consul_esm_version" { + type = string + default = "0.7.1" +} + +job "consul-esm" { + group "main" { + + count = 1 + + update { + max_parallel = 1 + health_check = "checks" + min_healthy_time = "20s" + healthy_deadline = "5m" + auto_revert = true + auto_promote = true + canary = 1 + } + + migrate { + max_parallel = 1 + health_check = "checks" + min_healthy_time = "10s" + healthy_deadline = "5m" + } + + task "monitor" { + + // scaling { + // enabled = true + // min = 0 + // max = 3 + // policy { + + // } + // } + + driver = "exec" + config { + command = "local/consul-esm" + } + artifact { + source = "https://releases.hashicorp.com/consul-esm/${var.consul_esm_version}/consul-esm_${var.consul_esm_version}_linux_arm64.zip" + destination = "local/consul-esm" + mode = "file" + } + identity { + env = true + file = true + } + + resources { + cpu = 50 + memory = 25 + } + } + } +}