merge things needed for infra

2026-02-14 16:39:08 +00:00 · 2026-02-14 16:39:08 +00:00 · 2c302a259c
commit 2c302a259c
parent fbae355056
7 changed files with 76 additions and 113 deletions
--- a/.devcontainer/stripe-to-invoice/devcontainer.json
+++ b/.devcontainer/stripe-to-invoice/devcontainer.json
@ -31,7 +31,8 @@
        "jgclark.vscode-todo-highlight",
        "corentinartaud.pdfpreview",
        "github.vscode-github-actions",
-        "anthropic.claude-code"
+        "anthropic.claude-code",
+        "jakobhoeg.vscode-pokemon"
      ]
    }
  }
--- a/.github/workflows/test-autoscaling.yml
+++ b/.github/workflows/test-autoscaling.yml
@ -6,11 +6,22 @@ on:
 jobs:
  load-test:
    runs-on: mealcraft-runners
-    container: ubuntu:22.04
+    # container: ubuntu:22.04
+
    strategy:
      matrix:
-        job_id: [1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20]
-      fail-fast: false
+        job_id: [
+          1,2,3,4,5,6,7,8,9,10,
+          11,12,13,14,15,16,17,18,19,20,
+          21,22,23,24,25,26,27,28,29,30,
+          31,32,33,34,35,36,37,38,39,40,
+          41,42,43,44,45,46,47,48,49,50,
+          51,52,53,54,55,56,57,58,59,60,
+          61,62,63,64,65,66,67,68,69,70,
+          71,72,73,74,75,76,77,78,79,80,
+          81,82,83,84,85,86,87,88,89,90,
+          91,92,93,94,95,96,97,98,99,100
+        ]

    steps:
      - name: Checkout repo
@ -20,7 +31,7 @@ jobs:
        run: pwd

      - name: List files
-        run: ls -al
+        run: ls -la

      - name: Print job info
        run: echo "Running job ${{ matrix.job_id }}"
--- a/mist_infra/arc/autoscaling-runner-set.yaml
+++ b/mist_infra/arc/autoscaling-runner-set.yaml
@ -1,66 +0,0 @@
-apiVersion: actions.github.com/v1alpha1
-kind: AutoscalingRunnerSet
-metadata:
-  name: mealcraft-runners
-  namespace: arc-systems
-  annotations:
-    actions.github.com/cleanup-github-secret-name: mealcraft-runners-gha-rs-github-secret
-    actions.github.com/cleanup-manager-role-binding: mealcraft-runners-gha-rs-manager
-    actions.github.com/cleanup-manager-role-name: mealcraft-runners-gha-rs-manager
-    actions.github.com/cleanup-no-permission-service-account-name: mealcraft-runners-gha-rs-no-permission
-    actions.github.com/runner-group-name: Default
-    actions.github.com/runner-scale-set-name: mealcraft-runners
-    meta.helm.sh/release-name: mealcraft-runners
-    meta.helm.sh/release-namespace: arc-systems
-  labels:
-    actions.github.com/organization: MealCraft
-    actions.github.com/scale-set-name: mealcraft-runners
-    actions.github.com/scale-set-namespace: arc-systems
-    app.kubernetes.io/component: autoscaling-runner-set
-    app.kubernetes.io/instance: mealcraft-runners
-    app.kubernetes.io/managed-by: Helm
-    app.kubernetes.io/name: mealcraft-runners
-    app.kubernetes.io/part-of: gha-rs
-    app.kubernetes.io/version: 0.13.0
-    helm.sh/chart: gha-rs-0.13.0
-
-spec:
-  githubConfigSecret: mealcraft-runners-gha-rs-github-secret
-  githubConfigUrl: https://github.com/MealCraft
-  runnerScaleSetName: mealcraft-runners
-
-  template:
-    spec:
-      restartPolicy: Never
-      serviceAccountName: mealcraft-runners-gha-rs-no-permission
-
-      # 👇 HOST STORAGE ACCESS
-      volumes:
-        - name: k8s-storage
-          hostPath:
-            path: /home/kimjunte/k8s_storage
-            type: Directory
-
-      containers:
-        - name: runner
-          image: ghcr.io/actions/actions-runner:latest
-          command:
-            - /home/runner/run.sh
-
-          # 👇 AWS CREDS FROM K8S SECRET
-          env:
-            - name: RUNNER_LABELS
-              value: mealcraft-runners,self-hosted
-
-          envFrom:
-            - secretRef:
-                name: aws-secrets
-            - secretRef:
-                name: postgres-secret
-
-          # 👇 MOUNT PV STORAGE READ-ONLY
-          volumeMounts:
-            - name: k8s-storage
-              mountPath: /k8s_storage
-              readOnly: true
-
--- a/mist_infra/arc/controller-values.yaml
+++ b/mist_infra/arc/controller-values.yaml
@ -0,0 +1 @@
+replicaCount: 1
--- a/mist_infra/arc/update_arc.sh
+++ b/mist_infra/arc/update_arc.sh
@ -3,45 +3,53 @@ set -euo pipefail

 # ==========================================================
 # Update / Install GitHub Actions Runner Controller (ARC)
-#
-# - Safe to run multiple times
-# - Applies changes from arc/values.yaml
-# - Does NOT assume fresh cluster
-#
+# + Update Runner Scale Set (gha-runner-scale-set)
 # ==========================================================

-NAMESPACE="actions-runner-system"
-RELEASE_NAME="actions-runner-controller"
-CHART="actions-runner-controller/actions-runner-controller"
-VALUES_FILE="$(dirname "$0")/values.yaml"
+# --- Controller settings ---
+CONTROLLER_NAMESPACE="actions-runner-system"
+CONTROLLER_RELEASE="actions-runner-controller"
+CONTROLLER_CHART="actions-runner-controller/actions-runner-controller"
+CONTROLLER_VALUES_FILE="$(dirname "$0")/controller-values.yaml"

-echo "=== Updating ARC (GitHub Actions Runner Controller) ==="
+# --- Runner scale set settings ---
+RUNNER_NAMESPACE="arc-systems"
+RUNNER_RELEASE="mealcraft-runners"
+RUNNER_CHART="oci://ghcr.io/actions/actions-runner-controller-charts/gha-runner-scale-set"
+RUNNER_VERSION="0.13.0"
+RUNNER_VALUES_FILE="$(dirname "$0")/values.yaml"

-echo "→ Ensuring namespace exists: $NAMESPACE"
-kubectl create namespace "$NAMESPACE" \
+echo "=== Updating ARC Controller ==="
+
+kubectl create namespace "$CONTROLLER_NAMESPACE" \
  --dry-run=client -o yaml | kubectl apply -f -

-echo "→ Adding Helm repo (if missing)"
 helm repo add actions-runner-controller \
  https://actions-runner-controller.github.io/actions-runner-controller \
  >/dev/null 2>&1 || true

 helm repo update

-echo "→ Applying Helm upgrade"
 helm upgrade --install \
-  "$RELEASE_NAME" \
-  "$CHART" \
-  -n "$NAMESPACE" \
-  -f "$VALUES_FILE"
+  "$CONTROLLER_RELEASE" \
+  "$CONTROLLER_CHART" \
+  -n "$CONTROLLER_NAMESPACE" \
+  -f "$CONTROLLER_VALUES_FILE"
+
+echo "=== Updating Runner Scale Set ==="
+
+export HELM_EXPERIMENTAL_OCI=1
+
+helm upgrade --install \
+  "$RUNNER_RELEASE" \
+  "$RUNNER_CHART" \
+  --version "$RUNNER_VERSION" \
+  -n "$RUNNER_NAMESPACE" \
+  -f "$RUNNER_VALUES_FILE"

 echo
-echo "✅ ARC update complete"
+echo "✅ ARC + Runner update complete"
 echo
 echo "Next steps:"
-echo "- kubectl get pods -n $NAMESPACE"
-echo "- kubectl get runners"
-
-kubectl get secret aws-secrets -n default -o yaml \
-| sed 's/namespace: default/namespace: arc-systems/' \
-| kubectl apply -f -
+echo "- kubectl get pods -n $RUNNER_NAMESPACE"
+echo "- Re-run autoscaling workflow"
--- a/mist_infra/arc/values.yaml
+++ b/mist_infra/arc/values.yaml
@ -1,19 +1,25 @@
-runner:
-  labels:
-    - mist
+githubConfigUrl: https://github.com/MealCraft
+
+githubConfigSecret:
+  github_token: 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
+
+runnerScaleSetName: mealcraft-runners
+
+containerMode:
+  type: dind   # 👈 THIS is the key change
+
+runnerLabels:
+  - mealcraft-runners
  - self-hosted

-  envFrom:
+envFrom:
  - secretRef:
      name: aws-secrets
+  - secretRef:
+      name: postgres-secret

-  volumeMounts:
-    - name: k8s-storage
-      mountPath: /k8s_storage
-      readOnly: true
-
-  volumes:
-    - name: k8s-storage
-      hostPath:
-        path: /home/kimjunte/k8s_storage
-        type: Directory
+# 👇 Explicit DIND configuration
+docker:
+  enabled: true
+  privileged: true
+  networkMTU: 1450
--- a/stripe_to_invoice/stripe_webhook_payment.sh
+++ b/stripe_to_invoice/stripe_webhook_payment.sh
@ -0,0 +1,2 @@
+echo "note you need to do 'stripe login' to make the below command work"
+stripe listen --forward-to http://localhost:3000/api/billing/webhook