Skip to content

feat: install envoy from release artifacts #10

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
anatolinicolae wants to merge 2 commits into
base: main
Choose a base branch
from
Open

feat: install envoy from release artifacts #10

anatolinicolae wants to merge 2 commits into from

Conversation

@anatolinicolae
Copy link
Member

@anatolinicolae anatolinicolae commented Dec 19, 2025
edited
Loading

In this PR

  • Fetch latest Envoy version from Github if not specified
  • Install from artifacts

Copilot AI review requested due to automatic review settings December 19, 2025 22:13
Copilot AI reviewed Dec 19, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds automated Envoy proxy installation from GitHub release artifacts to the mx1 host infrastructure. The implementation fetches the latest Envoy release (or a specified version), downloads the pre-built binary for Linux x86_64, and installs it to /usr/local/bin/envoy.

Key changes:

  • New Ansible role system/envoy to manage Envoy installation from official release binaries
  • Integration of the Envoy role into the mx1 playbook deployment sequence

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.

File Description
mx1/ansible/roles/system/envoy/tasks/main.yml Implements tasks for fetching, downloading, extracting, and installing Envoy binary from GitHub releases
mx1/ansible/playbook.yml Adds system/envoy role to the mx1 host deployment workflow

mx1/ansible/roles/system/envoy/tasks/main.yml Outdated
Comment on lines 14 to 16
get_url:
url: "https://github.com/envoyproxy/envoy/releases/download/{{ envoy_target_version }}/envoy-{{ envoy_target_version | regex_replace('^v', '') }}-linux-x86_64.tar.gz"
dest: /tmp/envoy.tar.gz
Copy link

Copilot AI Dec 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The download lacks checksum verification. GitHub releases typically provide SHA256 checksums. Add checksum validation to ensure binary integrity and prevent potential security risks from corrupted or tampered downloads.

Copilot uses AI. Check for mistakes.
mx1/ansible/roles/system/envoy/tasks/main.yml Outdated
Comment on lines 26 to 32
- name: Install Envoy binary
copy:
src: "/tmp/envoy-{{ envoy_target_version | regex_replace('^v', '') }}-linux-x86_64/bin/envoy"
dest: /usr/local/bin/envoy
mode: '0755'
remote_src: yes
when: download_result.changed
Copy link

Copilot AI Dec 19, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The task only runs when download_result.changed is true, which means if the binary is already downloaded but not installed (e.g., previous run failed during installation), this task will be skipped. Consider using a separate register variable to track installation state or checking if the binary exists at the destination.

Copilot uses AI. Check for mistakes.
Copy link

Copilot AI commented Dec 19, 2025

@anatolinicolae I've opened a new pull request, #11, to work on those changes. Once the pull request is ready, I'll request review from you.

Copilot AI mentioned this pull request Dec 19, 2025
Closed
@anatolinicolae
feat: install envoy from release artifacts
b037c92 
Signed-off-by: Anatoli Nicolae <an@thundersquared.com>
@anatolinicolae
fix: use proper binary URL and add systemd unit
8289f0b 
Signed-off-by: Anatoli Nicolae <an@thundersquared.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@anatolinicolae