Merge branch 'main' into health_check_extension

Author: HussainRaza28

.github/workflows/eks-performance-cluster-addon-install.yml

@@ -0,0 +1,246 @@
+# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+# SPDX-License-Identifier: MIT
+name: "Install/Remove Helm Charts After Scaling"
+on:
+  # Use workflow_run to trigger this workflow after the scaling workflow completes
+  workflow_run:
+    workflows: ["EKS Cluster Scaling"]
+    types:
+      - completed
+    branches:
+      - main
+
+  # Keep the manual trigger option
+  workflow_dispatch:
+    inputs:
+      # Required Core Settings
+      cluster_name:
+        description: 'EKS Cluster Name'
+        required: true
+        type: string
+        default: 'eks-performance'
+      region:
+        description: 'AWS Region'
+        required: true
+        type: string
+        default: 'us-west-2'
+
+      # Optional Settings
+      cloudwatch_agent_repository:
+        description: 'CloudWatch Agent Repository'
+        type: string
+      cloudwatch_agent_tag:
+        description: 'CloudWatch Agent Tag'
+        type: string
+      cloudwatch_agent_operator_repository:
+        description: 'CloudWatch Agent Operator Repository'
+        type: string
+      cloudwatch_agent_operator_tag:
+        description: 'CloudWatch Agent Operator Tag'
+        type: string
+      helm-charts-branch:
+        description: 'Branch of the helm charts to test'
+        type: string
+        default: 'main'
+      operator-branch:
+        description: 'Branch of the operator to test'
+        type: string
+        default: 'main'
+      terraform_assume_role:
+        description: 'AWS IAM Role to assume'
+        type: string
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+env:
+  # Cluster environment variables
+  AWS_REGION: ${{ inputs.region || 'us-west-2' }}
+  CLUSTER_NAME: ${{ inputs.cluster_name || 'eks-performance' }}
+  TERRAFORM_AWS_ASSUME_ROLE: ${{ inputs.terraform_assume_role || vars.TERRAFORM_AWS_ASSUME_ROLE }}
+  TERRAFORM_AWS_ASSUME_ROLE_DURATION: 3600  # 1 hour duration
+
+  # ECR repository environment variables
+  AGENT_ECR_TEST_REPO: "cwagent-integration-test"
+  OPERATOR_ECR_TEST_REPO: "cwagent-operator-pre-release"
+
+  # Github repository environment variables
+  OPERATOR_GITHUB_REPO_NAME: "aws/amazon-cloudwatch-agent-operator"
+
+jobs:
+  # Check if this workflow should run
+  check-trigger:
+    runs-on: ubuntu-latest
+    if: ${{ github.event_name == 'workflow_dispatch' || (github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.event == 'schedule') }}
+    steps:
+      - name: Check trigger type
+        id: check-trigger
+        run: |
+          if [ "${{ github.event_name }}" == "workflow_run" ]; then
+            echo "Triggered by workflow_run from a scheduled event"
+          else
+            echo "Triggered manually via workflow_dispatch"
+          fi
+    outputs:
+      should_continue: ${{ github.event_name == 'workflow_dispatch' || (github.event_name == 'workflow_run' && github.event.workflow_run.conclusion == 'success' && github.event.workflow_run.event == 'schedule') }}
+
+  # Get latest operator commit from github repo
+  GetLatestOperatorCommitSHA:
+    needs: check-trigger
+    if: ${{ needs.check-trigger.outputs.should_continue == 'true' }}
+    runs-on: ubuntu-latest
+    outputs:
+      operator_commit_sha: ${{steps.get_latest_sha.outputs.operator_sha}}
+      operator_repo_name: ${{env.OPERATOR_GITHUB_REPO_NAME}}
+    steps:
+      - name: Checkout the target repo
+        uses: actions/checkout@v4
+        with:
+          repository: ${{env.OPERATOR_GITHUB_REPO_NAME}}
+          ref: ${{ inputs.operator-branch || 'main' }}
+          path: operator-repo
+
+      - name: Get latest commit SHA
+        id: get_latest_sha
+        run: |
+          cd operator-repo
+          latest_sha=$(git rev-parse HEAD)
+          echo "operator_sha=$latest_sha" >> "$GITHUB_OUTPUT"
+
+  # Build and upload agent image to ECR repo
+  BuildAgent:
+    needs: check-trigger
+    if: ${{ needs.check-trigger.outputs.should_continue == 'true' }}
+    uses: ./.github/workflows/build-test-artifacts.yml
+    concurrency:
+      group: "Build-Test-Artifacts-${{github.ref_name}}"
+      cancel-in-progress: true
+    secrets: inherit
+    permissions:
+      id-token: write
+      contents: read
+    with:
+      test-image-before-upload: false
+
+  # Build and upload operator image to ECR repo
+  BuildOperator:
+    needs: [ check-trigger, GetLatestOperatorCommitSHA ]
+    if: ${{ needs.check-trigger.outputs.should_continue == 'true' }}
+    uses: aws/amazon-cloudwatch-agent-operator/.github/workflows/build-and-upload.yml@main
+    concurrency:
+      group: ${{ github.workflow }}-operator-${{ inputs.operator-branch || 'main' }}
+      cancel-in-progress: true
+    secrets: inherit
+    with:
+      tag: ${{needs.GetLatestOperatorCommitSHA.outputs.operator_commit_sha}}
+      target-sha: ${{needs.GetLatestOperatorCommitSHA.outputs.operator_commit_sha}}
+      repository: ${{needs.GetLatestOperatorCommitSHA.outputs.operator_repo_name}}
+      test-image-before-upload: false
+
+  install-helm:
+    needs: [ check-trigger, BuildAgent, BuildOperator, GetLatestOperatorCommitSHA ]
+    if: ${{ needs.check-trigger.outputs.should_continue == 'true' }}
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE}}
+          aws-region: ${{ env.AWS_REGION}}
+          role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }}
+
+      - name: Login ECR
+        id: login-ecr
+        uses: aws-actions/amazon-ecr-login@v2
+
+      - name: Install kubectl
+        uses: azure/setup-kubectl@v3
+        with:
+          version: 'latest'
+
+      - name: Install Helm
+        uses: azure/setup-helm@v3
+        with:
+          version: 'latest'
+
+      - name: Update kubeconfig
+        run: |
+          aws eks update-kubeconfig --name $CLUSTER_NAME --region $AWS_REGION
+
+      - name: Clone Helm Charts Repository
+        run: |
+          rm -rf ./helm-charts
+          git clone -b ${{ inputs.helm-charts-branch || 'main' }} https://github.com/aws-observability/helm-charts.git ./helm-charts
+
+      - name: Check node count and manage Helm chart
+        run: |
+          NODE_COUNT=$(kubectl get nodes --no-headers | wc -l)
+
+          if [ "$NODE_COUNT" -eq 0 ]; then
+            echo "Node count is 0, removing Helm chart"
+            helm uninstall amazon-cloudwatch-observability -n amazon-cloudwatch || echo "Chart not found or already removed"
+          else
+            echo "Node count is $NODE_COUNT, installing/updating Helm chart"
+          
+            # Echo all variables being passed to helm
+            echo "CLUSTER_NAME: ${{ inputs.cluster_name ||env.CLUSTER_NAME }}"
+            echo "REGION: ${{ inputs.region || env.AWS_REGION }}"
+            echo "AGENT_REPOSITORY: ${{ inputs.cloudwatch_agent_repository || env.AGENT_ECR_TEST_REPO }}"
+            echo "AGENT_TAG: ${{ inputs.cloudwatch_agent_tag || github.sha }}"
+            echo "AGENT_REPOSITORY_DOMAIN: ${{ steps.login-ecr.outputs.registry }}"
+            echo "MANAGER_REPOSITORY: ${{ inputs.cloudwatch_agent_operator_repository || env.OPERATOR_ECR_TEST_REPO }}"
+            echo "MANAGER_TAG: ${{ inputs.cloudwatch_agent_operator_tag || needs.GetLatestOperatorCommitSHA.outputs.operator_commit_sha }}"
+            echo "MANAGER_REPOSITORY_DOMAIN: ${{ steps.login-ecr.outputs.registry }}"
+          
+            helm upgrade --install amazon-cloudwatch-observability \
+              ./helm-charts/charts/amazon-cloudwatch-observability \
+              --namespace amazon-cloudwatch \
+              --create-namespace \
+              --set clusterName=${{ inputs.cluster_name ||env.CLUSTER_NAME }} \
+              --set region=${{ inputs.region || env.AWS_REGION }} \
+              --set agent.image.repository=${{ inputs.cloudwatch_agent_repository || env.AGENT_ECR_TEST_REPO }} \
+              --set agent.image.tag=${{ inputs.cloudwatch_agent_tag || github.sha }} \
+              --set agent.image.repositoryDomainMap.public=${{ steps.login-ecr.outputs.registry }} \
+              --set manager.image.repository=${{ inputs.cloudwatch_agent_operator_repository || env.OPERATOR_ECR_TEST_REPO }} \
+              --set manager.image.tag=${{ inputs.cloudwatch_agent_operator_tag || needs.GetLatestOperatorCommitSHA.outputs.operator_commit_sha }} \
+              --set manager.image.repositoryDomainMap.public=${{ steps.login-ecr.outputs.registry }}
+          fi
+
+  cleanup-on-failure:
+    if: ${{ failure() || cancelled() }}
+    runs-on: ubuntu-latest
+    needs: [ install-helm ]
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE}}
+          aws-region: ${{ env.AWS_REGION}}
+          role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }}
+
+      - name: Install kubectl
+        uses: azure/setup-kubectl@v3
+        with:
+          version: 'latest'
+
+      - name: Install Helm
+        uses: azure/setup-helm@v3
+        with:
+          version: 'latest'
+
+      - name: Update kubeconfig
+        run: |
+          aws eks update-kubeconfig --name $CLUSTER_NAME --region $AWS_REGION
+
+      - name: Uninstall Helm chart
+        run: |
+          echo "Test was cancelled or failed. Cleaning up resources..."
+          helm uninstall amazon-cloudwatch-observability -n amazon-cloudwatch || echo "Chart not found or already removed"
+          echo "Cleanup completed"

.github/workflows/eks-performance-cluster-scaling.yml

@@ -0,0 +1,142 @@
+# Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+# SPDX-License-Identifier: MIT
+name: EKS Cluster Scaling
+
+on:
+  schedule:
+    - cron: '0 9 * * 0'  # Scale up: Runs every Sunday at 9:00 AM
+    - cron: '0 21 * * 1'  # Scale down: Runs every Monday at 9:00 PM
+  workflow_dispatch:
+    inputs:
+      region:
+        description: 'AWS Region'
+        required: true
+        type: string
+        default: 'us-west-2'
+      cluster_name:
+        description: 'EKS Cluster Name'
+        required: true
+        type: string
+        default: 'eks-performance'
+      desired_capacity_per_nodegroup:
+        description: 'Desired capacity for each node group'
+        required: true
+        type: number
+        default: 500
+      node_group_count:
+        description: 'Count of node groups'
+        type: number
+        default: 10
+
+env:
+  AWS_REGION: ${{ inputs.region || 'us-west-2' }}
+  CLUSTER_NAME: ${{ inputs.cluster_name || 'eks-performance' }}
+  NODE_GROUP_COUNT: ${{ inputs.node_group_count || 10 }}
+  DESIRED_CAPACITY_PER_NODEGROUP: ${{ inputs.desired_capacity_per_nodegroup || 500 }}
+  TERRAFORM_AWS_ASSUME_ROLE: ${{ vars.TERRAFORM_AWS_ASSUME_ROLE }}
+  TERRAFORM_AWS_ASSUME_ROLE_DURATION: 3600  # 1 hour duration
+  CWA_GITHUB_TEST_REPO_NAME: "aws/amazon-cloudwatch-agent-test"
+  CWA_GITHUB_TEST_REPO_URL: "https://github.com/aws/amazon-cloudwatch-agent-test.git"
+  CWA_GITHUB_TEST_REPO_BRANCH: "main"
+
+jobs:
+  scale-eks-cluster:
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          repository: ${{ env.CWA_GITHUB_TEST_REPO_NAME }}
+          ref: ${{ env.CWA_GITHUB_TEST_REPO_BRANCH }}
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          role-to-assume: ${{ env.TERRAFORM_AWS_ASSUME_ROLE}}
+          aws-region: ${{ inputs.region || 'us-west-2' }}
+          role-duration-seconds: ${{ env.TERRAFORM_AWS_ASSUME_ROLE_DURATION }}
+
+      - name: Install kubectl
+        uses: azure/setup-kubectl@v3
+        with:
+          version: 'latest'
+
+      - name: Update kubeconfig for EKS cluster
+        run: |
+          aws eks update-kubeconfig --name $CLUSTER_NAME --region $AWS_REGION
+
+      - name: Scale up node groups (Sunday)
+        if: github.event.schedule == '0 9 * * 0'
+        run: |
+          echo "Starting scale UP operation with desired capacity: $DESIRED_CAPACITY_PER_NODEGROUP"
+          
+          for i in $(seq 1 $NODE_GROUP_COUNT); do
+            echo "Scaling node group: $CLUSTER_NAME-node-${i} to $DESIRED_CAPACITY_PER_NODEGROUP"
+            aws eks update-nodegroup-config \
+              --cluster-name $CLUSTER_NAME \
+              --nodegroup-name $CLUSTER_NAME-node-${i} \
+              --region $AWS_REGION \
+              --scaling-config desiredSize=$DESIRED_CAPACITY_PER_NODEGROUP
+          
+            echo "Waiting 1 minute before scaling next node group..."
+            sleep 60
+          done
+
+      - name: Scale down node groups (Monday)
+        if: github.event.schedule == '0 21 * * 1'
+        run: |
+          echo "Starting scale DOWN operation with desired capacity: 0"
+          
+          for i in $(seq 1 $NODE_GROUP_COUNT); do
+            echo "Scaling node group: $CLUSTER_NAME-node-${i} to 0"
+            aws eks update-nodegroup-config \
+              --cluster-name $CLUSTER_NAME \
+              --nodegroup-name $CLUSTER_NAME-node-${i} \
+              --region $AWS_REGION \
+              --scaling-config desiredSize=0
+          
+            echo "Waiting 1 minute before scaling next node group..."
+            sleep 60
+          done
+
+      - name: Scale node groups (Manual)
+        if: github.event_name == 'workflow_dispatch'
+        run: |
+          echo "Starting manual scaling operation with desired capacity: $DESIRED_CAPACITY_PER_NODEGROUP"
+          
+          for i in $(seq 1 $NODE_GROUP_COUNT); do
+            echo "Scaling node group: $CLUSTER_NAME-node-${i} to $DESIRED_CAPACITY_PER_NODEGROUP"
+            aws eks update-nodegroup-config \
+              --cluster-name $CLUSTER_NAME \
+              --nodegroup-name $CLUSTER_NAME-node-${i} \
+              --region $AWS_REGION \
+              --scaling-config desiredSize=$DESIRED_CAPACITY_PER_NODEGROUP
+          
+          done
+
+      - name: Validate total node count
+        run: |
+          echo "Waiting 20 minutes for scaling operations to complete..."
+          sleep 1200
+          
+          echo "Validating total number of nodes in the cluster..."
+          ACTUAL_NODE_COUNT=$(kubectl get nodes --no-headers | wc -l)
+          
+          # Determine expected count based on trigger type
+          if [ "${{ github.event.schedule }}" = "0 21 * * 1" ]; then
+            EXPECTED_NODE_COUNT=$(($NODE_GROUP_COUNT * 0))
+          else
+            EXPECTED_NODE_COUNT=$(($NODE_GROUP_COUNT * $DESIRED_CAPACITY_PER_NODEGROUP))
+          fi
+          
+          echo "Expected total nodes: $EXPECTED_NODE_COUNT"
+          echo "Actual total nodes: $ACTUAL_NODE_COUNT"
+          
+          if [ "$ACTUAL_NODE_COUNT" -eq "$EXPECTED_NODE_COUNT" ]; then
+            echo "Validation successful! Node count matches expected value."
+          else
+            echo "Validation failed. Expected $EXPECTED_NODE_COUNT nodes but found $ACTUAL_NODE_COUNT nodes."
+            exit 1
+          fi

.github/workflows/test-artifacts.yml

@@ -1361,4 +1361,4 @@ jobs:
             else
               cd terraform/eks/addon/gpu
             fi
-            terraform destroy -auto-approve
+            terraform destroy -auto-approve