...
1name: job-promote-to-passed
2
3"on":
4 push:
5 branches:
6 - master
7 - release/v*
8 pull_request: {}
9
10jobs:
11
12 lint: ########################################################################
13 runs-on: ubuntu-latest
14 env:
15 # See docker/base-python.docker.gen
16 BASE_PYTHON_REPO: ${{ secrets.BASE_PYTHON_REPO }}
17 steps:
18 - uses: actions/checkout@v2
19 with:
20 fetch-depth: 0
21 - name: Install Deps
22 uses: ./.github/actions/setup-deps
23 - shell: bash
24 run: |
25 make lint-deps
26 - shell: bash
27 run: |
28 make lint
29 - uses: ./.github/actions/after-job
30 if: always()
31
32 generate: ####################################################################
33 runs-on: ubuntu-latest
34 env:
35 # See docker/base-python.docker.gen
36 BASE_PYTHON_REPO: ${{ secrets.BASE_PYTHON_REPO }}
37 steps:
38 - uses: actions/checkout@v2
39 with:
40 fetch-depth: 0
41 - name: Install Deps
42 uses: ./.github/actions/setup-deps
43 - name: "Git Login"
44 run: |
45 if [[ -n '${{ secrets.GHA_SSH_KEY }}' ]]; then
46 install -m700 -d ~/.ssh
47 install -m600 /dev/stdin ~/.ssh/id_rsa <<<'${{ secrets.GHA_SSH_KEY }}'
48 fi
49 - name: "Docker Login"
50 uses: docker/login-action@v2
51 with:
52 registry: ${{ (!startsWith(secrets.RELEASE_REGISTRY, 'docker.io/')) && secrets.RELEASE_REGISTRY || null }}
53 username: ${{ secrets.GH_DOCKER_RELEASE_USERNAME }}
54 password: ${{ secrets.GH_DOCKER_RELEASE_TOKEN }}
55 - name: "'make generate'"
56 shell: bash
57 run: |
58 make generate
59 - uses: ./.github/actions/git-dirty-check
60 name: "Check Git not dirty from 'make generate'"
61 - name: "'make generate' (again!)"
62 shell: bash
63 run: |
64 make generate
65 - uses: ./.github/actions/git-dirty-check
66 name: "Check Git not dirty from 'make generate' (again!)"
67 - uses: ./.github/actions/after-job
68 if: always()
69
70 check-envoy-version: #########################################################
71 runs-on: ubuntu-latest
72 env:
73 # See docker/base-python.docker.gen
74 BASE_PYTHON_REPO: ${{ secrets.BASE_PYTHON_REPO }}
75 steps:
76 - uses: actions/checkout@v2
77 with:
78 fetch-depth: 0
79 - name: Install Deps
80 uses: ./.github/actions/setup-deps
81 - name: "Git Login"
82 run: |
83 if [[ -n '${{ secrets.GHA_SSH_KEY }}' ]]; then
84 install -m700 -d ~/.ssh
85 install -m600 /dev/stdin ~/.ssh/id_rsa <<<'${{ secrets.GHA_SSH_KEY }}'
86 fi
87 - name: "Docker Login"
88 # This is important if ENVOY_DOCKER_REPO is a private repo.
89 uses: docker/login-action@v2
90 with:
91 registry: ${{ (!startsWith(secrets.DEV_REGISTRY, 'docker.io/')) && secrets.DEV_REGISTRY || null }}
92 username: ${{ secrets.GH_DOCKER_BUILD_USERNAME }}
93 password: ${{ secrets.GH_DOCKER_BUILD_TOKEN }}
94 - run: make check-envoy-version
95 - uses: ./.github/actions/after-job
96 if: always()
97
98 # Tests ######################################################################
99 check-gotest:
100 runs-on: ubuntu-latest
101 env:
102 # See docker/base-python.docker.gen
103 BASE_PYTHON_REPO: ${{ secrets.BASE_PYTHON_REPO }}
104 steps:
105 - uses: actions/checkout@v2
106 with:
107 fetch-depth: 0
108 - name: Install Deps
109 uses: ./.github/actions/setup-deps
110 - name: "Docker Login"
111 uses: docker/login-action@v2
112 with:
113 registry: ${{ (!startsWith(secrets.DEV_REGISTRY, 'docker.io/')) && secrets.DEV_REGISTRY || null }}
114 username: ${{ secrets.GH_DOCKER_BUILD_USERNAME }}
115 password: ${{ secrets.GH_DOCKER_BUILD_TOKEN }}
116 - name: make gotest
117 shell: bash
118 run: |
119 export DEV_KUBE_NO_PVC=yes
120 export KAT_REQ_LIMIT=900
121 export TEST_XML_DIR=/tmp/test-logs/xml/
122 mkdir -p ${TEST_XML_DIR}
123 make gotest
124 - uses: ./.github/actions/after-job
125 if: always()
126 check-pytest:
127 runs-on: ubuntu-latest
128 env:
129 # See docker/base-python.docker.gen
130 BASE_PYTHON_REPO: ${{ secrets.BASE_PYTHON_REPO }}
131 # See pkg/kubeapply/resource_kubeapply.go
132 DEV_USE_IMAGEPULLSECRET: ${{ secrets.DEV_USE_IMAGEPULLSECRET }}
133 DOCKER_BUILD_USERNAME: ${{ secrets.GH_DOCKER_BUILD_USERNAME }}
134 DOCKER_BUILD_PASSWORD: ${{ secrets.GH_DOCKER_BUILD_TOKEN }}
135 strategy:
136 fail-fast: false
137 matrix:
138 test:
139 - integration
140 - kat-envoy2-1-of-5
141 - kat-envoy2-2-of-5
142 - kat-envoy2-3-of-5
143 - kat-envoy2-4-of-5
144 - kat-envoy2-5-of-5
145 - kat-envoy3-1-of-5
146 - kat-envoy3-2-of-5
147 - kat-envoy3-3-of-5
148 - kat-envoy3-4-of-5
149 - kat-envoy3-5-of-5
150 # FIXME(lukeshu): KAT_RUN_MODE=local is disabled because it
151 # needs fixed for a world where annotations are already
152 # unfolded in the snapshot.
153 #
154 #- kat-local
155 name: pytest-${{ matrix.test }}
156 steps:
157 - uses: actions/checkout@v2
158 with:
159 fetch-depth: 0
160 - name: Install Deps
161 uses: ./.github/actions/setup-deps
162 - name: "Docker Login"
163 uses: docker/login-action@v2
164 with:
165 registry: ${{ (!startsWith(secrets.DEV_REGISTRY, 'docker.io/')) && secrets.DEV_REGISTRY || null }}
166 username: ${{ secrets.GH_DOCKER_BUILD_USERNAME }}
167 password: ${{ secrets.GH_DOCKER_BUILD_TOKEN }}
168 - name: make pytest-${{ matrix.test }}
169 run: |
170 export USE_LOCAL_K3S_CLUSTER=1
171 sudo sysctl -w fs.file-max=1600000
172 sudo sysctl -w fs.inotify.max_user_instances=4096
173
174 make ci/setup-k3d K3D_CLUSTER_NAME=amb-ci
175
176 export DEV_KUBE_NO_PVC=yes
177 export KAT_REQ_LIMIT=900
178 export TEST_XML_DIR=/tmp/test-logs/xml/
179 export DEV_KUBECONFIG=~/.kube/config
180 export DEV_REGISTRY=${{ secrets.DEV_REGISTRY }}
181 mkdir -p ${TEST_XML_DIR}
182 make pytest-${{ matrix.test }}
183 - uses: ./.github/actions/after-job
184 if: always()
185 with:
186 jobname: check-pytest-${{ matrix.test }}
187 check-pytest-unit:
188 # pytest-unit is separate from pytests (above) because we know for certain that no cluster is needed.
189 # XXX This is pretty much a crock.
190 runs-on: ubuntu-latest
191 env:
192 # See docker/base-python.docker.gen
193 BASE_PYTHON_REPO: ${{ secrets.BASE_PYTHON_REPO }}
194 strategy:
195 matrix:
196 test:
197 - unit
198 name: pytest-${{ matrix.test }}
199 steps:
200 - uses: actions/checkout@v2
201 with:
202 fetch-depth: 0
203 - name: Install Deps
204 uses: ./.github/actions/setup-deps
205 - name: "Docker Login"
206 uses: docker/login-action@v2
207 with:
208 registry: ${{ (!startsWith(secrets.DEV_REGISTRY, 'docker.io/')) && secrets.DEV_REGISTRY || null }}
209 username: ${{ secrets.GH_DOCKER_BUILD_USERNAME }}
210 password: ${{ secrets.GH_DOCKER_BUILD_TOKEN }}
211 - name: make pytest-${{ matrix.test }}
212 run: |
213 sudo sysctl -w fs.file-max=1600000
214 sudo sysctl -w fs.inotify.max_user_instances=4096
215
216 export DEV_KUBE_NO_PVC=yes
217 export KAT_REQ_LIMIT=900
218 export TEST_XML_DIR=/tmp/test-logs/xml/
219 export DEV_KUBECONFIG=~/.kube/config
220 export DEV_REGISTRY=${{ secrets.DEV_REGISTRY }}
221 mkdir -p ${TEST_XML_DIR}
222 make pytest-${{ matrix.test }}
223 - uses: ./.github/actions/after-job
224 if: always()
225 with:
226 jobname: check-pytest-${{ matrix.test }}
227 check-chart:
228 runs-on: ubuntu-latest
229 env:
230 DEV_REGISTRY: ${{ secrets.DEV_REGISTRY }}
231 # See docker/base-python.docker.gen
232 BASE_PYTHON_REPO: ${{ secrets.BASE_PYTHON_REPO }}
233 # See pkg/kubeapply/resource_kubeapply.go
234 DEV_USE_IMAGEPULLSECRET: ${{ secrets.DEV_USE_IMAGEPULLSECRET }}
235 DOCKER_BUILD_USERNAME: ${{ secrets.GH_DOCKER_BUILD_USERNAME }}
236 DOCKER_BUILD_PASSWORD: ${{ secrets.GH_DOCKER_BUILD_TOKEN }}
237 steps:
238 - uses: docker/login-action@v2
239 with:
240 registry: ${{ (!startsWith(secrets.DEV_REGISTRY, 'docker.io/')) && secrets.DEV_REGISTRY || null }}
241 username: ${{ secrets.GH_DOCKER_BUILD_USERNAME }}
242 password: ${{ secrets.GH_DOCKER_BUILD_TOKEN }}
243 - uses: actions/checkout@v2
244 with:
245 fetch-depth: 0
246 ref: ${{ github.event.pull_request.head.sha }}
247 - name: Install Deps
248 uses: ./.github/actions/setup-deps
249 - name: make test-chart
250 run: |
251 make ci/setup-k3d K3D_CLUSTER_NAME=amb-ci
252 export DEV_KUBECONFIG=~/.kube/config
253
254 make test-chart
255 - uses: ./.github/actions/after-job
256 if: always()
257
258 build: #######################################################################
259 runs-on: ubuntu-latest
260 env:
261 DEV_REGISTRY: ${{ secrets.DEV_REGISTRY }}
262 # See docker/base-python.docker.gen
263 BASE_PYTHON_REPO: ${{ secrets.BASE_PYTHON_REPO }}
264 steps:
265 - uses: actions/checkout@v2
266 with:
267 fetch-depth: 0
268 ref: ${{ github.event.pull_request.head.sha }}
269 - name: Install Deps
270 uses: ./.github/actions/setup-deps
271 - name: "Docker Login"
272 uses: docker/login-action@v2
273 with:
274 registry: ${{ (!startsWith(secrets.DEV_REGISTRY, 'docker.io/')) && secrets.DEV_REGISTRY || null }}
275 username: ${{ secrets.GH_DOCKER_BUILD_USERNAME }}
276 password: ${{ secrets.GH_DOCKER_BUILD_TOKEN }}
277 - name: "make push"
278 shell: bash
279 run: |
280 make push
281 - name: "make push-dev"
282 shell: bash
283 run: |
284 make push-dev
285 - uses: ./.github/actions/after-job
286 if: always()
287
288 ##############################################################################
289 pass:
290 name: "job-promote-to-passed" # This is the job name that the branch protection looks for
291 needs:
292 - lint
293 - build
294 - generate
295 - check-envoy-version
296 - check-gotest
297 - check-pytest
298 - check-pytest-unit
299 - check-chart
300 runs-on: ubuntu-latest
301 steps:
302 - name: No-Op
303 if: ${{ false }}
304 run: "echo Pass"
View as plain text