execute-tests-and-promote.yml

Documentation: github.com/datawire/ambassador/v2/.github/workflows

     1name: job-promote-to-passed
     2
     3"on":
     4  push:
     5    branches:
     6      - master
     7      - release/v*
     8  pull_request: {}
     9
    10jobs:
    11
    12  lint: ########################################################################
    13    runs-on: ubuntu-latest
    14    env:
    15      # See docker/base-python.docker.gen
    16      BASE_PYTHON_REPO: ${{ secrets.BASE_PYTHON_REPO }}
    17    steps:
    18      - uses: actions/checkout@v2
    19        with:
    20          fetch-depth: 0
    21      - name: Install Deps
    22        uses: ./.github/actions/setup-deps
    23      - shell: bash
    24        run: |
    25          make lint-deps
    26      - shell: bash
    27        run: |
    28          make lint
    29      - uses: ./.github/actions/after-job
    30        if: always()
    31
    32  generate: ####################################################################
    33    runs-on: ubuntu-latest
    34    env:
    35      # See docker/base-python.docker.gen
    36      BASE_PYTHON_REPO: ${{ secrets.BASE_PYTHON_REPO }}
    37    steps:
    38      - uses: actions/checkout@v2
    39        with:
    40          fetch-depth: 0
    41      - name: Install Deps
    42        uses: ./.github/actions/setup-deps
    43      - name: "Git Login"
    44        run: |
    45          if [[ -n '${{ secrets.GHA_SSH_KEY }}' ]]; then
    46            install -m700 -d ~/.ssh
    47            install -m600 /dev/stdin ~/.ssh/id_rsa <<<'${{ secrets.GHA_SSH_KEY }}'
    48          fi
    49      - name: "Docker Login"
    50        uses: docker/login-action@v2
    51        with:
    52          registry: ${{ (!startsWith(secrets.RELEASE_REGISTRY, 'docker.io/')) && secrets.RELEASE_REGISTRY || null }}
    53          username: ${{ secrets.GH_DOCKER_RELEASE_USERNAME }}
    54          password: ${{ secrets.GH_DOCKER_RELEASE_TOKEN }}
    55      - name: "'make generate'"
    56        shell: bash
    57        run: |
    58          make generate
    59      - uses: ./.github/actions/git-dirty-check
    60        name: "Check Git not dirty from 'make generate'"
    61      - name: "'make generate' (again!)"
    62        shell: bash
    63        run: |
    64          make generate
    65      - uses: ./.github/actions/git-dirty-check
    66        name: "Check Git not dirty from 'make generate' (again!)"
    67      - uses: ./.github/actions/after-job
    68        if: always()
    69
    70  check-envoy-version: #########################################################
    71    runs-on: ubuntu-latest
    72    env:
    73      # See docker/base-python.docker.gen
    74      BASE_PYTHON_REPO: ${{ secrets.BASE_PYTHON_REPO }}
    75    steps:
    76      - uses: actions/checkout@v2
    77        with:
    78          fetch-depth: 0
    79      - name: Install Deps
    80        uses: ./.github/actions/setup-deps
    81      - name: "Git Login"
    82        run: |
    83          if [[ -n '${{ secrets.GHA_SSH_KEY }}' ]]; then
    84            install -m700 -d ~/.ssh
    85            install -m600 /dev/stdin ~/.ssh/id_rsa <<<'${{ secrets.GHA_SSH_KEY }}'
    86          fi
    87      - name: "Docker Login"
    88        # This is important if ENVOY_DOCKER_REPO is a private repo.
    89        uses: docker/login-action@v2
    90        with:
    91          registry: ${{ (!startsWith(secrets.DEV_REGISTRY, 'docker.io/')) && secrets.DEV_REGISTRY || null }}
    92          username: ${{ secrets.GH_DOCKER_BUILD_USERNAME }}
    93          password: ${{ secrets.GH_DOCKER_BUILD_TOKEN }}
    94      - run: make check-envoy-version
    95      - uses: ./.github/actions/after-job
    96        if: always()
    97
    98  # Tests ######################################################################
    99  check-gotest:
   100    runs-on: ubuntu-latest
   101    env:
   102      # See docker/base-python.docker.gen
   103      BASE_PYTHON_REPO: ${{ secrets.BASE_PYTHON_REPO }}
   104    steps:
   105      - uses: actions/checkout@v2
   106        with:
   107          fetch-depth: 0
   108      - name: Install Deps
   109        uses: ./.github/actions/setup-deps
   110      - name: "Docker Login"
   111        uses: docker/login-action@v2
   112        with:
   113          registry: ${{ (!startsWith(secrets.DEV_REGISTRY, 'docker.io/')) && secrets.DEV_REGISTRY || null }}
   114          username: ${{ secrets.GH_DOCKER_BUILD_USERNAME }}
   115          password: ${{ secrets.GH_DOCKER_BUILD_TOKEN }}
   116      - name: make gotest
   117        shell: bash
   118        run: |
   119          export DEV_KUBE_NO_PVC=yes
   120          export KAT_REQ_LIMIT=900
   121          export TEST_XML_DIR=/tmp/test-logs/xml/
   122          mkdir -p ${TEST_XML_DIR}
   123          make gotest
   124      - uses: ./.github/actions/after-job
   125        if: always()
   126  check-pytest:
   127    runs-on: ubuntu-latest
   128    env:
   129      # See docker/base-python.docker.gen
   130      BASE_PYTHON_REPO: ${{ secrets.BASE_PYTHON_REPO }}
   131      # See pkg/kubeapply/resource_kubeapply.go
   132      DEV_USE_IMAGEPULLSECRET: ${{ secrets.DEV_USE_IMAGEPULLSECRET }}
   133      DOCKER_BUILD_USERNAME: ${{ secrets.GH_DOCKER_BUILD_USERNAME }}
   134      DOCKER_BUILD_PASSWORD: ${{ secrets.GH_DOCKER_BUILD_TOKEN }}
   135    strategy:
   136      fail-fast: false
   137      matrix:
   138        test:
   139          - integration
   140          - kat-envoy2-1-of-5
   141          - kat-envoy2-2-of-5
   142          - kat-envoy2-3-of-5
   143          - kat-envoy2-4-of-5
   144          - kat-envoy2-5-of-5
   145          - kat-envoy3-1-of-5
   146          - kat-envoy3-2-of-5
   147          - kat-envoy3-3-of-5
   148          - kat-envoy3-4-of-5
   149          - kat-envoy3-5-of-5
   150          # FIXME(lukeshu): KAT_RUN_MODE=local is disabled because it
   151          # needs fixed for a world where annotations are already
   152          # unfolded in the snapshot.
   153          #
   154          #- kat-local
   155    name: pytest-${{ matrix.test }}
   156    steps:
   157      - uses: actions/checkout@v2
   158        with:
   159          fetch-depth: 0
   160      - name: Install Deps
   161        uses: ./.github/actions/setup-deps
   162      - name: "Docker Login"
   163        uses: docker/login-action@v2
   164        with:
   165          registry: ${{ (!startsWith(secrets.DEV_REGISTRY, 'docker.io/')) && secrets.DEV_REGISTRY || null }}
   166          username: ${{ secrets.GH_DOCKER_BUILD_USERNAME }}
   167          password: ${{ secrets.GH_DOCKER_BUILD_TOKEN }}
   168      - name: make pytest-${{ matrix.test }}
   169        run: |
   170          export USE_LOCAL_K3S_CLUSTER=1
   171          sudo sysctl -w fs.file-max=1600000
   172          sudo sysctl -w fs.inotify.max_user_instances=4096
   173
   174          make ci/setup-k3d K3D_CLUSTER_NAME=amb-ci
   175
   176          export DEV_KUBE_NO_PVC=yes
   177          export KAT_REQ_LIMIT=900
   178          export TEST_XML_DIR=/tmp/test-logs/xml/
   179          export DEV_KUBECONFIG=~/.kube/config
   180          export DEV_REGISTRY=${{ secrets.DEV_REGISTRY }}
   181          mkdir -p ${TEST_XML_DIR}
   182          make pytest-${{ matrix.test }}
   183      - uses: ./.github/actions/after-job
   184        if: always()
   185        with:
   186          jobname: check-pytest-${{ matrix.test }}
   187  check-pytest-unit:
   188    # pytest-unit is separate from pytests (above) because we know for certain that no cluster is needed.
   189    # XXX This is pretty much a crock.
   190    runs-on: ubuntu-latest
   191    env:
   192      # See docker/base-python.docker.gen
   193      BASE_PYTHON_REPO: ${{ secrets.BASE_PYTHON_REPO }}
   194    strategy:
   195      matrix:
   196        test:
   197          - unit
   198    name: pytest-${{ matrix.test }}
   199    steps:
   200      - uses: actions/checkout@v2
   201        with:
   202          fetch-depth: 0
   203      - name: Install Deps
   204        uses: ./.github/actions/setup-deps
   205      - name: "Docker Login"
   206        uses: docker/login-action@v2
   207        with:
   208          registry: ${{ (!startsWith(secrets.DEV_REGISTRY, 'docker.io/')) && secrets.DEV_REGISTRY || null }}
   209          username: ${{ secrets.GH_DOCKER_BUILD_USERNAME }}
   210          password: ${{ secrets.GH_DOCKER_BUILD_TOKEN }}
   211      - name: make pytest-${{ matrix.test }}
   212        run: |
   213          sudo sysctl -w fs.file-max=1600000
   214          sudo sysctl -w fs.inotify.max_user_instances=4096
   215
   216          export DEV_KUBE_NO_PVC=yes
   217          export KAT_REQ_LIMIT=900
   218          export TEST_XML_DIR=/tmp/test-logs/xml/
   219          export DEV_KUBECONFIG=~/.kube/config
   220          export DEV_REGISTRY=${{ secrets.DEV_REGISTRY }}
   221          mkdir -p ${TEST_XML_DIR}
   222          make pytest-${{ matrix.test }}
   223      - uses: ./.github/actions/after-job
   224        if: always()
   225        with:
   226          jobname: check-pytest-${{ matrix.test }}
   227  check-chart:
   228    runs-on: ubuntu-latest
   229    env:
   230      DEV_REGISTRY: ${{ secrets.DEV_REGISTRY }}
   231      # See docker/base-python.docker.gen
   232      BASE_PYTHON_REPO: ${{ secrets.BASE_PYTHON_REPO }}
   233      # See pkg/kubeapply/resource_kubeapply.go
   234      DEV_USE_IMAGEPULLSECRET: ${{ secrets.DEV_USE_IMAGEPULLSECRET }}
   235      DOCKER_BUILD_USERNAME: ${{ secrets.GH_DOCKER_BUILD_USERNAME }}
   236      DOCKER_BUILD_PASSWORD: ${{ secrets.GH_DOCKER_BUILD_TOKEN }}
   237    steps:
   238      - uses: docker/login-action@v2
   239        with:
   240          registry: ${{ (!startsWith(secrets.DEV_REGISTRY, 'docker.io/')) && secrets.DEV_REGISTRY || null }}
   241          username: ${{ secrets.GH_DOCKER_BUILD_USERNAME }}
   242          password: ${{ secrets.GH_DOCKER_BUILD_TOKEN }}
   243      - uses: actions/checkout@v2
   244        with:
   245          fetch-depth: 0
   246          ref: ${{ github.event.pull_request.head.sha }}
   247      - name: Install Deps
   248        uses: ./.github/actions/setup-deps
   249      - name: make test-chart
   250        run: |
   251          make ci/setup-k3d K3D_CLUSTER_NAME=amb-ci
   252          export DEV_KUBECONFIG=~/.kube/config
   253
   254          make test-chart
   255      - uses: ./.github/actions/after-job
   256        if: always()
   257
   258  build: #######################################################################
   259    runs-on: ubuntu-latest
   260    env:
   261      DEV_REGISTRY: ${{ secrets.DEV_REGISTRY }}
   262      # See docker/base-python.docker.gen
   263      BASE_PYTHON_REPO: ${{ secrets.BASE_PYTHON_REPO }}
   264    steps:
   265      - uses: actions/checkout@v2
   266        with:
   267          fetch-depth: 0
   268          ref: ${{ github.event.pull_request.head.sha }}
   269      - name: Install Deps
   270        uses: ./.github/actions/setup-deps
   271      - name: "Docker Login"
   272        uses: docker/login-action@v2
   273        with:
   274          registry: ${{ (!startsWith(secrets.DEV_REGISTRY, 'docker.io/')) && secrets.DEV_REGISTRY || null }}
   275          username: ${{ secrets.GH_DOCKER_BUILD_USERNAME }}
   276          password: ${{ secrets.GH_DOCKER_BUILD_TOKEN }}
   277      - name: "make push"
   278        shell: bash
   279        run: |
   280          make push
   281      - name: "make push-dev"
   282        shell: bash
   283        run: |
   284          make push-dev
   285      - uses: ./.github/actions/after-job
   286        if: always()
   287
   288  ##############################################################################
   289  pass:
   290    name: "job-promote-to-passed" # This is the job name that the branch protection looks for
   291    needs:
   292      - lint
   293      - build
   294      - generate
   295      - check-envoy-version
   296      - check-gotest
   297      - check-pytest
   298      - check-pytest-unit
   299      - check-chart
   300    runs-on: ubuntu-latest
   301    steps:
   302      - name: No-Op
   303        if: ${{ false }}
   304        run: "echo Pass"
View as plain text