Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support "plan" mode deployment #4029

Open
jonnyry opened this issue Jul 15, 2024 · 7 comments · May be fixed by #4047
Open

Support "plan" mode deployment #4029

jonnyry opened this issue Jul 15, 2024 · 7 comments · May be fixed by #4047
Labels

Comments

@jonnyry
Copy link
Collaborator

jonnyry commented Jul 15, 2024

Support "plan" mode deployments so that you can evaluate the terraform plan before deciding to apply it.

Upgrading a TRE between versions may change a large number of Azure resources which introduces risk to a running TRE. Being able to evaluate the terraform plan before applying would reduce the risk of issues occuring during an upgrade, and the downtime required for an upgrade.

Ideally this would be a new build variable, e.g.

image

Also: a similar mode when upgrading components within the TRE.

@jonnyry jonnyry changed the title Support a "plan" mode deployment Support "plan" mode deployment Jul 15, 2024
@tim-p-allen
Copy link
Collaborator

this would be great.

marrobi added a commit that referenced this issue Jul 31, 2024
Related to #4029

Add support for 'plan' mode deployments to evaluate the terraform plan before applying it.

* **devops/scripts/terraform_wrapper.sh**
  - Add a check for the `DEPLOY_MODE` variable.
  - Execute `terraform plan` without applying if `DEPLOY_MODE` is set to 'plan'.
  - Log the plan output to a file.

* **docs/tre-admins/setup-instructions/manual-deployment.md**
  - Add instructions on using the `DEPLOY_MODE` variable for 'plan' mode deployments.
  - Include examples of setting the `DEPLOY_MODE` variable to 'plan' and 'apply'.

* **.github/workflows/deploy_tre.yml**
  - Add an input for `DEPLOY_MODE` in the workflow.
  - Pass the `DEPLOY_MODE` input to the deployment script.

* **docs/tre-admins/setup-instructions/workflows.md**
  - Add instructions on using the `DEPLOY_MODE` variable for 'plan' mode deployments via the GitHub UI.
  - Include examples of setting the `DEPLOY_MODE` variable to 'plan' and 'apply'.

---

For more details, open the [Copilot Workspace session](https://copilot-workspace.githubnext.com/microsoft/AzureTRE/issues/4029?shareId=XXXX-XXXX-XXXX-XXXX).
@marrobi marrobi linked a pull request Jul 31, 2024 that will close this issue
@marrobi
Copy link
Member

marrobi commented Jul 31, 2024

@jonnyry been playing with GitHub Workspaces to fix issues. Created a PR, but haven't tested it. Let me know thoughts and if can find time to test, would be great.

@jonnyry
Copy link
Collaborator Author

jonnyry commented Aug 1, 2024

@marrobi ah fantastic - thank you very much :-) just returned from holiday but will test it out soon.

@jonnyry
Copy link
Collaborator Author

jonnyry commented Oct 30, 2024

Sorry for taking so long to look at this...

Tested for a local make deploy-core and seems to work nicely. There was one small thing I needed to fix - this file has lost its execute permission bit: [devops/scripts/terraform_wrapper.sh] 100755 > 100644.

For a make deploy-core its pretty useful to evaluate the deployment of the TRE core before proceeding to apply.

However in the full make all / CICD build context I think its likely to cause issues - since it would only be terraform that would be prevented from running, and other build items such as container builds and the UI build would be applied, your TRE would be left at an inconsistent version.

@marrobi
Copy link
Member

marrobi commented Nov 6, 2024

@jonnyry is this an issue as the new versions of the API and UI would only be deployed once the versions have been incremented by terraform apply?

I know of some people who have the image builds in separate pipelines to the main Terraform deployment.

Do you think any issues might be caused by and/or is it useful merging it as is?

@marrobi marrobi linked a pull request Nov 6, 2024 that will close this issue
@marrobi
Copy link
Member

marrobi commented Nov 15, 2024

@jonnyry any suggestions for improvement to this, or should I look to get it merged?

One way to handle the CI scenario, would be a separate pipeline dedication to running plan on make-core.

@jonnyry
Copy link
Collaborator Author

jonnyry commented Nov 15, 2024

Hi @marrobi

@jonnyry is this an issue as the new versions of the API and UI would only be deployed once the versions have been incremented by terraform apply?

OK I hadn't realised that. How about workspace / workspace service template images - would these be pushed to the ACR (if running as CICD)? My main concern is the potential for leaving the infrastructure in an inconsistent state. Unfortunately I haven't had time to test again and look at which componenets are updated or not on a full CICD build.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
Status: In Progress
Development

Successfully merging a pull request may close this issue.

3 participants