-
Notifications
You must be signed in to change notification settings - Fork 3
202 lines (172 loc) · 6.67 KB
/
test-chart.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
# This is a GitHub workflow defining a set of jobs with a set of steps.
# ref: https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions
#
name: Test chart
on:
pull_request:
paths-ignore:
- "docs/**"
- "**.md"
- ".github/workflows/*"
- "!.github/workflows/test-chart.yaml"
push:
paths-ignore:
- "docs/**"
- "**.md"
- ".github/workflows/*"
- "!.github/workflows/test-chart.yaml"
branches-ignore:
- "dependabot/**"
- "pre-commit-ci-update-config"
workflow_dispatch:
jobs:
lint_and_validate_rendered_templates:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.11"
- name: Install dependencies
run: pip install -r dev-requirements.txt
- name: Lint and validate
run: tools/templates/lint-and-validate.py
- name: Lint and validate (--strict, accept failure)
run: tools/templates/lint-and-validate.py --strict
continue-on-error: true
lint_and_validate_templates_with_schema:
runs-on: ubuntu-22.04
strategy:
fail-fast: false
matrix:
# We run this job with the latest lowest helm version we support.
#
include:
- helm-version: "" # latest
- helm-version: v3.8.0 # minimal required version
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.11"
- name: Install helm ${{ matrix.helm-version }}
run: |
curl -sf https://raw.githubusercontent.com/helm/helm/HEAD/scripts/get-helm-3 | DESIRED_VERSION=${{ matrix.helm-version }} bash
- name: Install dependencies
run: |
pip install pyyaml
- name: Generate values.schema.json
run: tools/generate-json-schema.py
- name: Helm lint (values.yaml)
run: helm lint ./binderhub-service
- name: Helm lint (lint-and-validate-values.yaml)
run: helm lint ./binderhub-service --values tools/templates/lint-and-validate-values.yaml
# FIXME: We can probably emit a GitHub workflow warning if these fail
# instead having them show as green without a warning or similar
#
# NOTE: --strict means that any warning is considered an error, and there
# are several warnings that we should ignore.
#
- name: Helm lint --strict (values.yaml)
run: helm lint --strict ./binderhub-service
continue-on-error: true
- name: Helm lint --strict (lint-and-validate-values.yaml)
run: helm lint --strict ./binderhub-service
continue-on-error: true
test:
runs-on: ubuntu-22.04
timeout-minutes: 20
# Start a local container registry that the binderhub build pods can push
# to, and the k8s cluster can pull images from for use by pods.
services:
registry:
image: docker.io/library/registry:latest
ports:
- 5000:5000
strategy:
fail-fast: false
matrix:
# We run this job multiple times with different parameterization
# specified below, these parameters have no meaning on their own and
# gain meaning on how job steps use them.
#
# k3s-version: https://github.com/rancher/k3s/tags
# k3s-channel: https://update.k3s.io/v1-release/channels
#
include:
- k3s-channel: latest
- k3s-channel: stable
- k3s-channel: v1.27
steps:
- uses: actions/checkout@v4
with:
# chartpress needs git history
fetch-depth: 0
- name: Determine how to reference local container registry
run: |
LOCAL_REGISTRY_HOST=$(hostname --all-ip-addresses | awk '{print $1}'):5000
echo LOCAL_REGISTRY_HOST="$LOCAL_REGISTRY_HOST" >> $GITHUB_ENV
- name: Configure k3s to pull from local container registry
run: |
# Allow k3s to pull from private registry
# https://docs.k3s.io/installation/private-registry
sudo mkdir -p /etc/rancher/k3s/
cat << EOF | sudo tee /etc/rancher/k3s/registries.yaml
mirrors:
"$LOCAL_REGISTRY_HOST":
endpoint:
- "http://$LOCAL_REGISTRY_HOST"
EOF
# Starts a k8s cluster with NetworkPolicy enforcement and installs both
# kubectl and helm
#
# ref: https://github.com/jupyterhub/action-k3s-helm/
- uses: jupyterhub/action-k3s-helm@v4
with:
k3s-channel: ${{ matrix.k3s-channel }}
metrics-enabled: false
traefik-enabled: false
docker-enabled: true
- uses: actions/setup-python@v5
with:
python-version: "3.11"
- name: Install dependencies
run: |
pip install -r dev-requirements.txt
- name: List dependencies
run: |
pip freeze
# Build our images if needed and update Chart.yaml and values.yaml with
# version and tags
- run: chartpress
env:
DOCKER_BUILDKIT: "1"
- name: Generate values.schema.json from values.schema.yaml
run: tools/generate-json-schema.py
# Validate rendered helm templates against the k8s api-server with the
# dedicated lint-and-validate-values.yaml config.
- name: "Helm template --validate (with lint and validate config)"
run: |
helm template --validate binderhub-service ./binderhub-service \
--values tools/templates/lint-and-validate-values.yaml
- name: Install local chart
run: |
helm upgrade --install binderhub-service ./binderhub-service \
--values dev-config.yaml \
--set config.BinderHub.image_prefix=$LOCAL_REGISTRY_HOST/binderhub-service/ \
--set config.DockerRegistry.url=http://$LOCAL_REGISTRY_HOST \
--set buildPodsRegistryCredentials.server=http://$LOCAL_REGISTRY_HOST \
--set dockerApi.extraFiles.daemon-json.data.insecure-registries[0]=$LOCAL_REGISTRY_HOST
# ref: https://github.com/jupyterhub/action-k8s-await-workloads
- uses: jupyterhub/action-k8s-await-workloads@v3
with:
timeout: 150
max-restarts: 1
- name: Test image build/push via binderhub REST API using curl
run: |
curl http://localhost:30080/build/gh/binderhub-ci-repos/cached-minimal-dockerfile/HEAD?build_only=true
# ref: https://github.com/jupyterhub/action-k8s-namespace-report
- uses: jupyterhub/action-k8s-namespace-report@v1
if: always()
with:
important-workloads: deploy/binderhub-service daemonset/binderhub-service-docker-api