feat(#8551): removes python from cht-deploy and some bug fixes #9074
Conversation
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
There was a problem hiding this comment.
Awesome work here! Nice to see a migration to node for user/developer facing scripts. As well, I saw you closed some other issues with this PR like #8604, #8605 and #8608 - sweet!
I found two errors - one I'm requesting a change for and the other is in master, but persists in this branch. Let's make the change per my request and then wait til the other issue fixed and we'll dive back into this PR!
| @@ -1,40 +1,43 @@ | |||
| #!/bin/bash | |||
| #!/usr/bin/env node | |||
There was a problem hiding this comment.
before the script does anything else, I think we need to check for the node version. The reason is bash is very universal, but who knows what version of node folks have. My desktop defaults to 12.0.0 which pretty ensures it'll break everything, for example. Per this post, looks like we can easily get the SemVer of node back to old versions.
here's my shell session when debugging this:
➜ deploy git:(cht-deploy-fixes) ✗ ./cht-deploy
/home/mrjones/Documents/MedicMobile/cht-core/node_modules/axios/index.js:1
import axios from './lib/axios.js';
^^^^^
SyntaxError: Unexpected identifier
at Module._compile (internal/modules/cjs/loader.js:703:23)
at Object.Module._extensions..js (internal/modules/cjs/loader.js:770:10)
at Module.load (internal/modules/cjs/loader.js:628:32)
at Function.Module._load (internal/modules/cjs/loader.js:555:12)
at Module.require (internal/modules/cjs/loader.js:666:19)
at require (internal/modules/cjs/helpers.js:16:16)
at Object.<anonymous> (/home/mrjones/Documents/MedicMobile/cht-core/scripts/deploy/src/install.js:3:15)
at Module._compile (internal/modules/cjs/loader.js:759:30)
at Object.Module._extensions..js (internal/modules/cjs/loader.js:770:10)
at Module.load (internal/modules/cjs/loader.js:628:32)
➜ deploy git:(cht-deploy-fixes) ✗ node
Welcome to Node.js v12.0.0.
Type ".help" for more information.
> process.versions.node.split('.').map(Number)
[ 12, 0, 0 ]
>
➜ deploy git:(cht-deploy-fixes) ✗ nvm use 18
Now using node v18.16.0 (npm v9.5.1)
➜ deploy git:(cht-deploy-fixes) ✗ ./cht-deploy
No values file provided. Please specify a values file using -f <file>
There was a problem hiding this comment.
I'm not sure if this was fixed and then a regression was caused, but this doesn't work for me, all be it with a different error than when I first ran it:
➜ deploy git:(cht-deploy-fixes) ✗ nvm use 12.0.0
Now using node v12.0.0 (npm v6.9.0)
➜ deploy git:(cht-deploy-fixes) ✗ ./cht-deploy
/home/mrjones/Documents/MedicMobile/cht-core/scripts/deploy/cht-deploy:3
import { install } from './src/install.js';
^
SyntaxError: Unexpected token {
at Module._compile (internal/modules/cjs/loader.js:703:23)
at Object.Module._extensions..js (internal/modules/cjs/loader.js:770:10)
at Module.load (internal/modules/cjs/loader.js:628:32)
at Function.Module._load (internal/modules/cjs/loader.js:555:12)
at Function.Module.runMain (internal/modules/cjs/loader.js:826:10)
at internal/main/run_main_module.js:17:11
➜ deploy git:(cht-deploy-fixes) ✗ nvm use 20
Now using node v20.11.0 (npm v10.2.4)
➜ deploy git:(cht-deploy-fixes) ✗ ./cht-deploy
No values file provided. Please specify a values file using -f <file>
There was a problem hiding this comment.
Great initiative! I'm happy to see significant progress in replacing the old script.
I would love to see a test, even if it's just trying to import the module or testing the easiest to test function as it can catch some syntax errors and make it easier to add more tests later. Since the old script didn't have any tests I don't consider this a blocker, even in the current state I consider it an significant improvement.
I think some jsdoc style comments on most functions would be great
There was a problem hiding this comment.
Looking better - thanks for iterating!
Confirmed that #9076 is fixed with the latest changes. As well, sad path and happy paths are well covered!
Requesting some security and changes to new save all logs script.
jonathanvq
added this to Awaiting Triage
in Site Reliability Support Dashboard
via automation
jonathanvq
moved this from Awaiting Triage
to This Week's Priorities
in Site Reliability Support Dashboard
henokgetachew
force-pushed
the
cht-deploy-fixes
branch
from
473df1c
to
ef01030
Compare
Co-authored-by: Daniel <nydr@users.noreply.github.com>
henokgetachew
force-pushed
the
cht-deploy-fixes
branch
from
ef01030
to
1537096
Compare
|
Comments addressed. A few tests added and build is passing. Also integrated with CI. This puts us in a better spot that we can iterate on. |
Co-authored-by: Daniel <nydr@users.noreply.github.com>
|
@nydr yes, I've actually already published this to |
| @@ -1,40 +1,43 @@ | |||
| #!/bin/bash | |||
| #!/usr/bin/env node | |||
There was a problem hiding this comment.
I'm not sure if this was fixed and then a regression was caused, but this doesn't work for me, all be it with a different error than when I first ran it:
➜ deploy git:(cht-deploy-fixes) ✗ nvm use 12.0.0
Now using node v12.0.0 (npm v6.9.0)
➜ deploy git:(cht-deploy-fixes) ✗ ./cht-deploy
/home/mrjones/Documents/MedicMobile/cht-core/scripts/deploy/cht-deploy:3
import { install } from './src/install.js';
^
SyntaxError: Unexpected token {
at Module._compile (internal/modules/cjs/loader.js:703:23)
at Object.Module._extensions..js (internal/modules/cjs/loader.js:770:10)
at Module.load (internal/modules/cjs/loader.js:628:32)
at Function.Module._load (internal/modules/cjs/loader.js:555:12)
at Function.Module.runMain (internal/modules/cjs/loader.js:826:10)
at internal/main/run_main_module.js:17:11
➜ deploy git:(cht-deploy-fixes) ✗ nvm use 20
Now using node v20.11.0 (npm v10.2.4)
➜ deploy git:(cht-deploy-fixes) ✗ ./cht-deploy
No values file provided. Please specify a values file using -f <file>
| echo | ||
| echo "Note: Logs may contain Personally Identifiable Information (PII). Handle and store them securely." | ||
| exit 1 | ||
There was a problem hiding this comment.
calling this now I get an error instead of the usage() output:
➜ deploy git:(cht-deploy-fixes) ✗ ./troubleshooting/get-all-logs
./troubleshooting/get-all-logs: line 55: syntax error: unexpected end of file
Aha! There's two errant qqs that need to be removed:
| } |
| done | ||
|
|
||
| # Create a tar.gz archive of the log files | ||
| tar -czf "$NAMESPACE-logs_$TIMESTAMP.tar.gz" -C "$LOG_DIR" . |
There was a problem hiding this comment.
This syntax causes the log files to be exploded in the current directory when uncompressed, which was a surprise. With a small tweak we can make it be created it in a sub directory:
| tar -czf "$NAMESPACE-logs_$TIMESTAMP.tar.gz" -C "$LOG_DIR" . | |
| tar -czf "$NAMESPACE-logs_$TIMESTAMP.tar.gz" "$LOG_DIR" |
| child_process.execSync(`helm install ${project_name} ${CHT_CHART_NAME}` + //NoSONAR | ||
| ` --version ${chart_version} --namespace ${namespace} ${createNamespaceFlag}` + //NoSONAR | ||
| ` --values ${valuesFile} --set cht_image_tag=${image_tag}`, { stdio: 'inherit' }); //NoSONAR | ||
| console.log(`Instance at ${values.ingress.host} installed successfully.`); |
There was a problem hiding this comment.
It's nice to make this a full link:
| console.log(`Instance at ${values.ingress.host} installed successfully.`); | |
| console.log(`Instance installed successfully: https://${values.ingress.host}`); |
| const __filename = fileURLToPath(import.meta.url); | ||
| const __dirname = path.dirname(__filename); | ||
|
|
||
| const readFile = function(f) { |
There was a problem hiding this comment.
I'm not sure if it's worth defending against, but I passed in a project_name and namespace of this:
project_name: mrjones-delete
namespace: "mrjones-delete"
...
host: "mrjones-delete.dev.medicmobile.org"
And it created it OK apparently:
➜ deploy git:(cht-deploy-fixes) ✗ ./cht-deploy -f ~/Documents/MedicMobile/medic-infrastructure/terraform/aws/dev/cht-projects/mrjones-dev-cht-deploy-values.yaml
Hang tight while we grab the latest from your chart repositories...
...Successfully got an update from the "medic" chart repository
Update Complete. ⎈Happy Helming!⎈
Release does not exist. Performing install.
NAME: mrjones-delete
LAST DEPLOYED: Tue May 28 15:28:12 2024
NAMESPACE: mrjones-delete
STATUS: deployed
REVISION: 1
TEST SUITE: None
Instance at mrjones-delete.dev.medicmobile.org installed successfully.
But I can't get to it at https://mrjones-delete.dev.medicmobile.org/ - it just 404s. I think this is something endemic to our EKS setup and most other folks won't benefit from improvements here - but wanted to mention it in case it was helpful!
Switching to sane values it worked as expected \o/
project_name: mrjones-dev
namespace: "mrjones-dev"
...
host: "mrjones.dev.medicmobile.org"
| invoke install $@ | ||
| #!/usr/bin/env node | ||
|
|
||
| import { install } from './src/install.js'; |
There was a problem hiding this comment.
This looks like it isn't linted with our rules.
These are our linting rules: https://github.com/medic/cht-core/blob/master/.eslintrc
| process.exit(1); | ||
| } | ||
| } catch (err) { | ||
| return; |
There was a problem hiding this comment.
So, if we fail to parse package.json, we'll just go ahead?
| return args; | ||
| } | ||
|
|
||
| function validateFileExists(filePath) { |
There was a problem hiding this comment.
I think validateArguments can also call this function, and only return if the file exists. This way, the main function doesn't even need to know what the arguments are, and becomes cleaner.
|
|
||
| main().catch((err) => { | ||
| console.error('An error occurred:', err.message); | ||
| console.error(JSON.stringify(err)); |
There was a problem hiding this comment.
I think we should process.exit(1) here as well.
| import fetch from 'node-fetch'; | ||
| import UserRuntimeError from './error.js'; | ||
|
|
||
| const obtainCertificateAndKey = async function (values) { //NoSONAR |
There was a problem hiding this comment.
I think ideally we would never disable sonar for new code.
| const fakeImageTag = 'latest'; | ||
|
|
||
| beforeEach(() => { | ||
| execSyncStub = sinon.stub(child_process, 'execSync'); |
There was a problem hiding this comment.
You don't need to save these stub names. I'm pretty much against passing this variable to tests and then having trouble knowing what it is.
You can always access it as:
sinon.stub(child_process, 'execSync');
child_process.execSync.withArgs(`helm list -n ${fakeNamespace}`).returns(Buffer.from('test-project'));
| ` --install test-project medic/cht-chart-4x` + | ||
| ` --version 5.0.0 --namespace test-namespace` + | ||
| ` --values ${fakeValuesFile} --set cht_image_tag=${fakeImageTag}`; | ||
| expect(execSyncStub.calledWith(expectedCommand)).to.be.true; |
There was a problem hiding this comment.
I think we also need to assess that execSync was not called with other arguments.
expect(execSyncStub.calledOnceWith(expectedCommand)).to.be.true;
| it('should install a new release when no release exists', () => { | ||
| // Mock the response to simulate no existing release | ||
| execSyncStub.withArgs(`helm list -n ${fakeNamespace}`).returns(Buffer.from('')); | ||
| execSyncStub.returns(Buffer.from('Install successful')); |
There was a problem hiding this comment.
I think this will overwrite your previous rule of withArgs. You should call them in the reverse order.
child_process.execSync.returns(Buffer.from('Install successful'));
child_process.execSync.withArgs(`helm list -n ${fakeNamespace}`).returns(Buffer.from(''));
| const expectedCommand = `helm install test-project medic/cht-chart-4x` + | ||
| ` --version 5.0.0 --namespace test-namespace --create-namespace` + | ||
| ` --values ${fakeValuesFile} --set cht_image_tag=${fakeImageTag}`; | ||
| expect(execSyncStub.calledWith(expectedCommand)).to.be.true; |
There was a problem hiding this comment.
expect(child_process.execSync.calledOnceWith(expectedCommand)).to.be.true;
| function usage() { | ||
| echo "Usage: $0 <namespace> [since]" | ||
| echo | ||
| echo "This script saves logs from all pods within the specified namespace into local files and then creates a tar.gz archive of these logs." |
There was a problem hiding this comment.
I think it's useful to mention here that if a pod crashed, its logs will not be retrieved.
So people can't, unfortunately, use this to debug failing pods.
I think this script can also pessimistically always try to get the logs from the previously failed pod as well as the current one.
| @@ -0,0 +1,8 @@ | |||
| { | |||
There was a problem hiding this comment.
I think we should find a way to have these files get linted by our default linting rules: https://github.com/medic/cht-core/blob/master/.eslintrc
henokgetachew
moved this from This Week's Priorities
to In Progress
in Site Reliability Support Dashboard
Description
Handles the following tickets:
#8551 Remove python - establishing feature parity. No major refactoring.
#8604 Catch Missing Values
#8605 Show URL when done execution
#8608 Add a get-all-logs troubleshooting command
Code review checklist
Compose URLs
If Build CI hasn't passed, these may 404:
License
The software is provided under AGPL-3.0. Contributions to this project are accepted under the same license.