Skip to content

Merge pull request #55 from 2i2c-org/update-image-requirements #89

Merge pull request #55 from 2i2c-org/update-image-requirements

Merge pull request #55 from 2i2c-org/update-image-requirements #89

Workflow file for this run

# This is a GitHub workflow defining a set of jobs with a set of steps.
# ref: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
#
name: Test chart
on:
pull_request:
paths-ignore:
- "docs/**"
- "**.md"
- ".github/workflows/*"
- "!.github/workflows/test-chart.yaml"
push:
paths-ignore:
- "docs/**"
- "**.md"
- ".github/workflows/*"
- "!.github/workflows/test-chart.yaml"
branches-ignore:
- "dependabot/**"
- "pre-commit-ci-update-config"
- "update-*"
workflow_dispatch:
jobs:
lint_and_validate_rendered_templates:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: "3.11"
- name: Install dependencies
run: pip install -r dev-requirements.txt
- name: Lint and validate
run: tools/templates/lint-and-validate.py
- name: Lint and validate (--strict, accept failure)
run: tools/templates/lint-and-validate.py --strict
continue-on-error: true
lint_and_validate_templates_with_schema:
runs-on: ubuntu-22.04
strategy:
fail-fast: false
matrix:
# We run this job with the latest lowest helm version we support.
#
include:
- helm-version: "" # latest
- helm-version: v3.8.0 # minimal required version
steps:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: "3.11"
- name: Install helm ${{ matrix.helm-version }}
run: |
curl -sf https://raw.githubusercontent.com/helm/helm/HEAD/scripts/get-helm-3 | DESIRED_VERSION=${{ matrix.helm-version }} bash
- name: Install dependencies
run: |
pip install pyyaml
- name: Generate values.schema.json
run: tools/generate-json-schema.py
- name: Helm lint (values.yaml)
run: helm lint ./binderhub-service
- name: Helm lint (lint-and-validate-values.yaml)
run: helm lint ./binderhub-service --values tools/templates/lint-and-validate-values.yaml
# FIXME: We can probably emit a GitHub workflow warning if these fail
# instead having them show as green without a warning or similar
#
# NOTE: --strict means that any warning is considered an error, and there
# are several warnings that we should ignore.
#
- name: Helm lint --strict (values.yaml)
run: helm lint --strict ./binderhub-service
continue-on-error: true
- name: Helm lint --strict (lint-and-validate-values.yaml)
run: helm lint --strict ./binderhub-service
continue-on-error: true
test:
runs-on: ubuntu-22.04
timeout-minutes: 20
# Start a local container registry that the binderhub build pods can push
# to, and the k8s cluster can pull images from for use by pods.
services:
registry:
image: docker.io/library/registry:latest
ports:
- 5000:5000
strategy:
fail-fast: false
matrix:
# We run this job multiple times with different parameterization
# specified below, these parameters have no meaning on their own and
# gain meaning on how job steps use them.
#
# k3s-version: https://github.com/rancher/k3s/tags
# k3s-channel: https://update.k3s.io/v1-release/channels
#
include:
- k3s-channel: latest
- k3s-channel: stable
- k3s-channel: v1.24
steps:
- uses: actions/checkout@v3
with:
# chartpress needs git history
fetch-depth: 0
- name: Determine how to reference local container registry
run: |
LOCAL_REGISTRY_HOST=$(hostname --all-ip-addresses | awk '{print $1}'):5000
echo LOCAL_REGISTRY_HOST="$LOCAL_REGISTRY_HOST" >> $GITHUB_ENV
- name: Configure k3s to pull from local container registry
run: |
# Allow k3s to pull from private registry
# https://docs.k3s.io/installation/private-registry
sudo mkdir -p /etc/rancher/k3s/
cat << EOF | sudo tee /etc/rancher/k3s/registries.yaml
mirrors:
"$LOCAL_REGISTRY_HOST":
endpoint:
- "http://$LOCAL_REGISTRY_HOST"
EOF
# Starts a k8s cluster with NetworkPolicy enforcement and installs both
# kubectl and helm
#
# ref: https://github.com/jupyterhub/action-k3s-helm/
- uses: jupyterhub/action-k3s-helm@v3
with:
k3s-channel: ${{ matrix.k3s-channel }}
metrics-enabled: false
traefik-enabled: false
docker-enabled: true
- uses: actions/setup-python@v4
with:
python-version: "3.11"
- name: Install dependencies
run: |
pip install -r dev-requirements.txt
- name: List dependencies
run: |
pip freeze
# Build our images if needed and update Chart.yaml and values.yaml with
# version and tags
- run: chartpress
env:
DOCKER_BUILDKIT: "1"
- name: Generate values.schema.json from values.schema.yaml
run: tools/generate-json-schema.py
# Validate rendered helm templates against the k8s api-server with the
# dedicated lint-and-validate-values.yaml config.
- name: "Helm template --validate (with lint and validate config)"
run: |
helm template --validate binderhub-service ./binderhub-service \
--values tools/templates/lint-and-validate-values.yaml
- name: Install local chart
run: |
helm upgrade --install binderhub-service ./binderhub-service \
--values dev-config.yaml \
--set config.BinderHub.image_prefix=$LOCAL_REGISTRY_HOST/binderhub-service/ \
--set config.DockerRegistry.url=http://$LOCAL_REGISTRY_HOST \
--set buildPodsRegistryCredentials.server=http://$LOCAL_REGISTRY_HOST \
--set dockerApi.extraFiles.daemon-json.data.insecure-registries[0]=$LOCAL_REGISTRY_HOST
# ref: https://github.com/jupyterhub/action-k8s-await-workloads
- uses: jupyterhub/action-k8s-await-workloads@v2
with:
timeout: 150
max-restarts: 1
- name: Test image build/push via binderhub REST API using curl
run: |
curl http://localhost:30080/build/gh/binderhub-ci-repos/cached-minimal-dockerfile/HEAD?build_only=true
# ref: https://github.com/jupyterhub/action-k8s-namespace-report
- uses: jupyterhub/action-k8s-namespace-report@v1
if: always()
with:
important-workloads: deploy/binderhub-service daemonset/binderhub-service-docker-api