Skip to content

ci: use a wildcard subdomain for PR deployments#8801

Merged
matifali merged 27 commits into
mainfrom
use-wildcard-domain
Aug 1, 2023
Merged

ci: use a wildcard subdomain for PR deployments#8801
matifali merged 27 commits into
mainfrom
use-wildcard-domain

Conversation

@matifali

@matifali matifali commented Jul 30, 2023
edited
Loading

Copy link
Copy Markdown
Member

Wildcard apps now work as expected.
image
We were hitting letsencrypt rate limits for certs because of deleting and recreating certs with each deployment. I tried to fix that by creating certificates in a shared namespace and copying them to the PR namespace.

@matifali matifali requested a review from bpmct July 30, 2023 05:58
@matifali matifali marked this pull request as ready for review July 30, 2023 06:05
@matifali matifali marked this pull request as draft July 30, 2023 19:46
@matifali matifali marked this pull request as ready for review July 31, 2023 06:29
@matifali

matifali commented Aug 1, 2023

Copy link
Copy Markdown
Member Author

/deploy-pr --skip-build --experiments *, single_tailnet

@github-actions

github-actions Bot commented Aug 1, 2023
edited
Loading

Copy link
Copy Markdown

✔️ Deployed PR 8801 successfully.
🚀 Access the deployment link here.
⚠️ This deployment will be deleted when the PR is closed.

@matifali matifali requested a review from BrunoQuaresma August 1, 2023 04:25
@matifali matifali enabled auto-merge (squash) August 1, 2023 04:26
johnstcn
johnstcn reviewed Aug 1, 2023
View reviewed changes
Comment thread .github/workflows/pr-cleanup.yaml Outdated
johnstcn
johnstcn reviewed Aug 1, 2023
View reviewed changes
Comment thread .github/workflows/pr-deploy.yaml Outdated
johnstcn
johnstcn reviewed Aug 1, 2023
View reviewed changes
Comment thread .github/workflows/pr-deploy.yaml
@matifali matifali requested a review from johnstcn August 1, 2023 10:49
johnstcn
johnstcn approved these changes Aug 1, 2023
View reviewed changes

@johnstcn johnstcn left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks fine to me, but we will need to be careful of LetsEncrypt rate limits. If we run into further issues we may need to look into using self-signed certificates.

@matifali matifali merged commit 6a12912 into main Aug 1, 2023
@matifali matifali deleted the use-wildcard-domain branch August 1, 2023 11:02
@github-actions github-actions Bot locked and limited conversation to collaborators Aug 1, 2023
@matifali

matifali commented Aug 1, 2023

Copy link
Copy Markdown
Member Author

The letsencrypt is 50 certs per domain per week. Now we have a different domain for each PR and are preserving the certificates by creating them in a shared namespace to avoid recreating them if one already exists.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@johnstcn johnstcn johnstcn approved these changes

@bpmct bpmct Awaiting requested review from bpmct

@BrunoQuaresma BrunoQuaresma Awaiting requested review from BrunoQuaresma

Assignees

@matifali matifali

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@matifali @johnstcn