.github/workflows/_run-stress-test.yaml

name: x (Reusable) Stress Test Loader Run Workflow

on:
  workflow_call:
    inputs:
      GET_RESULTS:
        type: boolean
        default: false
      EC2_IP:
        type: string
        required: true
      REGIONS:
        type: string
        default: us-west-1, us-west-2
      DESIRED_CAPACITY:
        type: string
        default: "2"
    secrets:
      GITHUB_ACTION_PULUMI_ACCESS_TOKEN:
        required: true
      STRESSTESTLOADER_S3_CLIENT_BUCKET_NAME:
        required: true
      STRESSTESTLOADER_S3_LOG_BUCKET_NAME:
        required: true
      TARGET_ACCOUNT:
        required: true
      STRESS_TEST_JSON:
        required: true
      STRESS_TEST_TOTAL_TIME:
        required: true
      SSH_PRIVATE_KEY:
        required: true
      CA_KEY:
        required: true

jobs:
  stress-test:
    runs-on: ubuntu-latest
    container:
      image: ghcr.io/seconddinner/build:0.0.6
      credentials:
        username: ${{ github.actor }}
        password: ${{ secrets.github_token }}
    env:
      SOURCE: ${{ github.ref_name }}
    # These permissions are needed to interact with GitHub's OIDC Token endpoint.
    permissions:
      id-token: write
      contents: read
      packages: read
    steps:
      # workaround for the "fatal: detected dubious ownership in repository" error
      # this should be a github's problem
      # https://github.com/actions/runner-images/issues/6775
    - name: Change Owner of Container Working Directory
      run: chown root:root .

    - name: Checkout
      uses: actions/checkout@v3
      with:
        repository: seconddinner/stress-test-loader
        path: stl

    - name: Configure AWS credentials
      uses: aws-actions/configure-aws-credentials@v1
      with:
        role-to-assume: arn:aws:iam::${{ secrets.TARGET_ACCOUNT }}:role/githubaction-role
        aws-region: us-west-2

    - name: pulumi stress test infra (update allowed cidr)
      run: |
        cd infra-pulumi/Infra.Pulumi/Infra.Pulumi
        public_ip=$(curl -s https://ipinfo.io/ip)
        export stress_test_loader_allowed_cidr="$public_ip/32"
        dotnet run --project-name stress-test-loader-pulumi --stack-name stress
      working-directory: ./stl
      env:
        PULUMI_ACCESS_TOKEN: ${{ secrets.GITHUB_ACTION_PULUMI_ACCESS_TOKEN }} 
        PULUMI_CONFIG_PASSPHRASE: ${{ secrets.GITHUB_ACTION_PULUMI_ACCESS_TOKEN }}
        public_key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH0qfb2vF40fmeIB8GGfkpjlpZVoVrRUQCe75yoNEO9a SD_STRESSTESTLOADER
        regions: ${{ inputs.REGIONS }}
        desired_capacity: ${{ inputs.DESIRED_CAPACITY }}
        s3_client_bucket_name: ${{ secrets.STRESSTESTLOADER_S3_CLIENT_BUCKET_NAME }}
        s3_log_bucket_name: ${{ secrets.STRESSTESTLOADER_S3_LOG_BUCKET_NAME }}
    
    - name: generate certs for ssl
      run: |
        cd stress-test-loader
        rm -rf cert
        mkdir cert
        echo "${{ secrets.CA_KEY }}" > cert/ca-key.pem
        bash gen_cert.sh
      working-directory: ./stl

    - name: run stress test
      run: |
        cd stress-test-loader/client
        echo "${{ inputs.EC2_IP }}" > /tmp/IP.json
        echo "${{ secrets.STRESS_TEST_JSON }}" > stresstest.json
        aws s3 cp stresstest.json s3://${{ secrets.STRESSTESTLOADER_S3_LOG_BUCKET_NAME }}/stress-test-config-${{ github.run_id }}-${{ github.run_attempt }}.json
        go run main.go stresstest.json /tmp/IP.json ${{ secrets.STRESS_TEST_TOTAL_TIME }}
      working-directory: ./stl

    - name: get stress test result
      if: ${{ inputs.GET_RESULTS == true }}
      run: |
        echo "${{ secrets.SSH_PRIVATE_KEY }}" > id_ed25519
        chmod 600 id_ed25519
        cat /tmp/IP.json | jq -r '.[][] | .public_ip' > /tmp/IP.txt
        cat /tmp/IP.txt | while read -r ip; do
          echo "Connecting to $ip through ssh"
          ssh -n -i id_ed25519 -o StrictHostKeyChecking=no ubuntu@$ip "tail -n 100 /tmp/stress-test-log"
        done

    - name: pulumi destroy stress test infra
      if: always()
      run: |
        cd infra-pulumi/Infra.Pulumi/Infra.Pulumi
        dotnet run --project-name stress-test-loader-pulumi --stack-name stress --destroy
      working-directory: ./stl
      env:
        PULUMI_ACCESS_TOKEN: ${{ secrets.GITHUB_ACTION_PULUMI_ACCESS_TOKEN }} 
        PULUMI_CONFIG_PASSPHRASE: ${{ secrets.GITHUB_ACTION_PULUMI_ACCESS_TOKEN }}
        public_key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH0qfb2vF40fmeIB8GGfkpjlpZVoVrRUQCe75yoNEO9a SD_STRESSTESTLOADER
        regions: ${{ inputs.REGIONS }}
        desired_capacity: ${{ inputs.DESIRED_CAPACITY }}
        stress_test_loader_allowed_cidr: "1.1.1.1/32" # dummy value
        s3_client_bucket_name: ${{ secrets.STRESSTESTLOADER_S3_CLIENT_BUCKET_NAME }}
        s3_log_bucket_name: ${{ secrets.STRESSTESTLOADER_S3_LOG_BUCKET_NAME }}