diff --git a/.github/workflows/bootstrap-env.yaml b/.github/workflows/bootstrap-env.yaml deleted file mode 100644 index ae8315f..0000000 --- a/.github/workflows/bootstrap-env.yaml +++ /dev/null @@ -1,136 +0,0 @@ -name: Bootstrap Environment Orchestrator - -on: - workflow_dispatch: - inputs: - env: - description: "Environment lifecycle (dev / staging / prod)" - required: true - type: string - - workspace: - description: "Workspace / region / cluster (e.g. cn-shanghai)" - required: true - type: string - - identity_playbook: - description: "Identity service deployment playbook" - required: false - default: "deploy_zitadel_docker.yaml" - type: choice - options: - - deploy_zitadel_docker.yaml - - deploy_keycloak_docker.yaml - - skip - -env: - DISPATCH_TOKEN: ${{ secrets.CROSS_REPO_DISPATCH_TOKEN }} - -jobs: - - # ================================================= - # Step 1: Preflight - Infrastructure Readiness - # ================================================= - preflight-infra: - name: Preflight - Infrastructure Readiness - runs-on: ubuntu-latest - - steps: - - name: Dispatch infrastructure readiness check - uses: peter-evans/repository-dispatch@v4 - with: - token: ${{ env.DISPATCH_TOKEN }} - repository: cloud-neutral-toolkit/Modern-Container-Application-Reference-Architecture - event-type: bootstrap.preflight.infra - client-payload: | - { - "env": "${{ inputs.env }}", - "workspace": "${{ inputs.workspace }}" - } - - # ================================================= - # Step 2: Preflight - Artifact / Image Check - # ================================================= - preflight-artifacts: - name: Preflight - Artifact & Image Check - needs: preflight-infra - runs-on: ubuntu-latest - - steps: - - name: Dispatch artifact validation - uses: peter-evans/repository-dispatch@v4 - with: - token: ${{ env.DISPATCH_TOKEN }} - repository: cloud-neutral-toolkit/XControl - event-type: bootstrap.preflight.artifacts - client-payload: | - { - "env": "${{ inputs.env }}", - "workspace": "${{ inputs.workspace }}" - } - - # ================================================= - # Step 3: Provision - Runtime & Core Services - # ================================================= - provision-runtime: - name: Provision - Runtime & Core Services - needs: preflight-artifacts - runs-on: ubuntu-latest - - env: - ENV: ${{ inputs.env }} - WORKSPACE: ${{ inputs.workspace }} - IDENTITY_PLAYBOOK: ${{ inputs.identity_playbook }} - - steps: - - name: Checkout deployment repository - uses: actions/checkout@v4 - - - name: Install Ansible - run: | - sudo apt-get update - sudo apt-get install -y ansible - - # ----------------------------- - # DNS - # ----------------------------- - - name: Register DNS Records - run: | - ansible-playbook \ - -i inventory/${ENV}/${WORKSPACE}/hosts.ini \ - playbooks/alicloud_dns_record.yml \ - --extra-vars "env=${ENV} workspace=${WORKSPACE}" \ - -D -C - - # ----------------------------- - # Runtime / Base Layer - # ----------------------------- - - name: Provision Runtime (Docker / Base Services) - run: | - ansible-playbook \ - -i inventory/${ENV}/${WORKSPACE}/hosts.ini \ - playbooks/setup-docker.yml \ - --extra-vars "env=${ENV} workspace=${WORKSPACE}" \ - -D -C - - # ----------------------------- - # Identity (pluggable) - # ----------------------------- - - name: Deploy or Update Identity Service - if: ${{ env.IDENTITY_PLAYBOOK != 'skip' }} - run: | - ansible-playbook \ - -i inventory/${ENV}/${WORKSPACE}/hosts.ini \ - playbooks/${IDENTITY_PLAYBOOK} \ - --extra-vars "env=${ENV} workspace=${WORKSPACE}" \ - -D -C - - # ----------------------------- - # Post-check - # ----------------------------- - - name: Post-Provision Status Check - run: | - ansible-playbook \ - -i inventory/${ENV}/${WORKSPACE}/hosts.ini \ - playbooks/check-runtime-status.yml \ - --extra-vars "env=${ENV} workspace=${WORKSPACE}" diff --git a/.github/workflows/stackflow.yaml b/.github/workflows/stackflow.yaml deleted file mode 100644 index 6bd0ad4..0000000 --- a/.github/workflows/stackflow.yaml +++ /dev/null @@ -1,152 +0,0 @@ -name: StackFlow (Plan/Validate) - -on: - workflow_dispatch: - inputs: - config: - description: "Path to StackFlow config (e.g. StackFlow/svc-plus.yaml)" - required: true - type: string - default: "StackFlow/svc-plus.yaml" - phase: - description: "Phase to run" - required: true - type: choice - options: - - validate - - dns-plan - pull_request: - paths: - - "StackFlow/**/*.yml" - - "StackFlow/**/*.yaml" - - "stackflow/**/*.yml" - - "stackflow/**/*.yaml" - - ".github/workflows/stackflow.yaml" - - "scripts/stackflow/**" - push: - branches: - - main - paths: - - "StackFlow/**/*.yml" - - "StackFlow/**/*.yaml" - - "stackflow/**/*.yml" - - "stackflow/**/*.yaml" - - ".github/workflows/stackflow.yaml" - - "scripts/stackflow/**" - -jobs: - resolve-configs: - runs-on: ubuntu-latest - outputs: - configs: ${{ steps.set.outputs.configs }} - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Resolve config list - id: set - shell: bash - run: | - set -euo pipefail - - if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then - python - <<'PY' >> "$GITHUB_OUTPUT" -import json -print("configs=" + json.dumps(["${{ inputs.config }}"])) -PY - exit 0 - fi - - if [[ "${{ github.event_name }}" == "pull_request" ]]; then - git fetch origin "${{ github.base_ref }}" --depth=1 - files="$(git diff --name-only "origin/${{ github.base_ref }}"...HEAD || true)" - else - # push - files="$(git diff --name-only "${{ github.event.before }}" "${{ github.sha }}" || true)" - fi - - configs="$(printf '%s\n' "$files" | grep -E '^(StackFlow|stackflow)/.*\.ya?ml$' || true)" - if [[ -z "${configs}" ]]; then - if [[ -f "stackflow/svc.plus.yaml" ]]; then - configs="stackflow/svc.plus.yaml" - else - configs="StackFlow/svc-plus.yaml" - fi - fi - - printf '%s\n' "$configs" | python - <<'PY' >> "$GITHUB_OUTPUT" -import json, sys -configs = [l.strip() for l in sys.stdin.read().splitlines() if l.strip()] -print("configs=" + json.dumps(configs)) -PY - - stackflow: - runs-on: ubuntu-latest - needs: resolve-configs - concurrency: - group: stackflow-${{ github.ref }} - cancel-in-progress: true - strategy: - fail-fast: false - matrix: - config: ${{ fromJson(needs.resolve-configs.outputs.configs) }} - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Setup Python - uses: actions/setup-python@v5 - with: - python-version: "3.11" - - - name: Install deps - run: | - python -m pip install --upgrade pip - python -m pip install -r scripts/stackflow/requirements.txt - - - name: Prepare output dir - shell: bash - run: | - set -euo pipefail - mkdir -p out - - - name: Run StackFlow (workflow_dispatch) - if: ${{ github.event_name == 'workflow_dispatch' }} - run: | - python scripts/stackflow/runner.py \ - --config "${{ inputs.config }}" \ - --phase "${{ inputs.phase }}" - - - name: Validate (CI) - if: ${{ github.event_name != 'workflow_dispatch' }} - run: | - python scripts/stackflow/runner.py \ - --config "${{ matrix.config }}" \ - --phase validate \ - > "out/$(basename "${{ matrix.config }}").validate.json" - - - name: DNS Plan (CI) - if: ${{ github.event_name != 'workflow_dispatch' }} - run: | - python scripts/stackflow/runner.py \ - --config "${{ matrix.config }}" \ - --phase dns-plan \ - > "out/$(basename "${{ matrix.config }}").dns-plan.json" - - - name: Compute artifact name (CI) - if: ${{ github.event_name != 'workflow_dispatch' }} - shell: bash - run: | - set -euo pipefail - name="${{ matrix.config }}" - name="${name//\//-}" - echo "ARTIFACT_NAME=stackflow-${name}" >> "$GITHUB_ENV" - - - name: Upload artifacts (CI) - if: ${{ github.event_name != 'workflow_dispatch' }} - uses: actions/upload-artifact@v4 - with: - name: ${{ env.ARTIFACT_NAME }} - path: out/