Bump the ci group across 1 directory with 10 updates #2992
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: e2e | |
on: | |
pull_request: | |
push: | |
branches: | |
- 'main' | |
- 'release/**' | |
permissions: | |
contents: read # for actions/checkout to fetch code | |
jobs: | |
kind: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
- name: Setup QEMU | |
uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 | |
- name: Setup Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 | |
- name: Cache Docker layers | |
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 | |
id: cache | |
with: | |
path: /tmp/.buildx-cache | |
key: ${{ runner.os }}-buildx-ghcache-${{ github.sha }} | |
restore-keys: | | |
${{ runner.os }}-buildx-ghcache- | |
- name: Setup Go | |
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 | |
with: | |
go-version: 1.23.x | |
cache-dependency-path: | | |
**/go.sum | |
**/go.mod | |
- name: Setup Kubernetes | |
uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0 | |
with: | |
version: v0.20.0 | |
cluster_name: kind | |
node_image: kindest/node:v1.27.3@sha256:3966ac761ae0136263ffdb6cfd4db23ef8a83cba8a463690e98317add2c9ba72 | |
- name: Setup Kustomize | |
uses: fluxcd/pkg/actions/kustomize@main | |
- name: Enable integration tests | |
# Only run integration tests for main branch | |
if: github.ref == 'refs/heads/main' | |
run: | | |
echo 'GO_TEST_ARGS=-tags integration' >> $GITHUB_ENV | |
- name: Run controller tests | |
env: | |
TEST_AZURE_CLIENT_ID: ${{ secrets.TEST_AZURE_CLIENT_ID }} | |
TEST_AZURE_TENANT_ID: ${{ secrets.TEST_AZURE_TENANT_ID }} | |
TEST_AZURE_CLIENT_SECRET: ${{ secrets.TEST_AZURE_CLIENT_SECRET }} | |
TEST_AZURE_VAULT_URL: ${{ secrets.TEST_AZURE_VAULT_URL }} | |
TEST_AZURE_VAULT_KEY_NAME: ${{ secrets.TEST_AZURE_VAULT_KEY_NAME }} | |
TEST_AZURE_VAULT_KEY_VERSION: ${{ secrets.TEST_AZURE_VAULT_KEY_VERSION }} | |
run: make test | |
- name: Check if working tree is dirty | |
run: | | |
if [[ $(git diff --stat) != '' ]]; then | |
git --no-pager diff | |
echo 'run make test and commit changes' | |
exit 1 | |
fi | |
- name: Build container image | |
run: | | |
make docker-build IMG=test/kustomize-controller:latest \ | |
BUILD_PLATFORMS=linux/amd64 \ | |
BUILD_ARGS="--cache-from=type=local,src=/tmp/.buildx-cache \ | |
--cache-to=type=local,dest=/tmp/.buildx-cache-new,mode=max \ | |
--load" | |
- # Temp fix | |
# https://github.com/docker/build-push-action/issues/252 | |
# https://github.com/moby/buildkit/issues/1896 | |
name: Move cache | |
run: | | |
rm -rf /tmp/.buildx-cache | |
mv /tmp/.buildx-cache-new /tmp/.buildx-cache | |
- name: Load test image | |
run: kind load docker-image test/kustomize-controller:latest | |
- name: Install CRDs | |
run: make install | |
- name: Run default status test | |
run: | | |
kubectl apply -f config/testdata/status-defaults | |
RESULT=$(kubectl get kustomization status-defaults -o go-template={{.status}}) | |
EXPECTED='map[observedGeneration:-1]' | |
if [ "${RESULT}" != "${EXPECTED}" ] ; then | |
echo -e "${RESULT}\n\ndoes not equal\n\n${EXPECTED}" | |
exit 1 | |
fi | |
kubectl delete -f config/testdata/status-defaults | |
- name: Deploy controllers | |
run: | | |
make dev-deploy IMG=test/kustomize-controller:latest | |
kubectl -n kustomize-system rollout status deploy/source-controller --timeout=1m | |
kubectl -n kustomize-system rollout status deploy/kustomize-controller --timeout=1m | |
- name: Run tests for removing kubectl managed fields | |
run: | | |
kubectl create ns managed-fields | |
kustomize build github.com/stefanprodan/podinfo//kustomize?ref=6.3.5 > /tmp/podinfo.yaml | |
kubectl -n managed-fields apply -f /tmp/podinfo.yaml | |
kubectl -n managed-fields apply -f ./config/testdata/managed-fields | |
kubectl -n managed-fields wait kustomization/podinfo --for=condition=ready --timeout=4m | |
OUTDATA=$(kubectl -n managed-fields get deploy podinfo --show-managed-fields -oyaml) | |
if echo "$OUTDATA" | grep -q "kubectl";then | |
echo "kubectl client-side manager not removed" | |
exit 1 | |
fi | |
kubectl -n managed-fields apply --server-side --force-conflicts -f /tmp/podinfo.yaml | |
kubectl -n managed-fields annotate --overwrite kustomization/podinfo reconcile.fluxcd.io/requestedAt="$(date +%s)" | |
kubectl -n managed-fields wait kustomization/podinfo --for=condition=ready --timeout=4m | |
OUTDATA=$(kubectl -n managed-fields get deploy podinfo --show-managed-fields -oyaml) | |
if echo "$OUTDATA" | grep -q "kubectl";then | |
echo "kubectl server-side manager not removed" | |
exit 1 | |
fi | |
kubectl delete ns managed-fields | |
- name: Run overlays tests | |
run: | | |
kubectl -n kustomize-system apply -k ./config/testdata/overlays | |
kubectl -n kustomize-system wait kustomizations/webapp-staging --for=condition=ready --timeout=4m | |
kubectl -n kustomize-system wait kustomizations/webapp-production --for=condition=ready --timeout=4m | |
- name: Run dependencies tests | |
run: | | |
kubectl -n kustomize-system apply -k ./config/testdata/dependencies | |
kubectl -n kustomize-system wait kustomizations/common --for=condition=ready --timeout=4m | |
kubectl -n kustomize-system wait kustomizations/backend --for=condition=ready --timeout=4m | |
kubectl -n kustomize-system wait kustomizations/frontend --for=condition=ready --timeout=4m | |
- name: Run impersonation tests | |
run: | | |
kubectl -n impersonation apply -f ./config/testdata/impersonation | |
kubectl -n impersonation wait kustomizations/podinfo --for=condition=ready --timeout=4m | |
kubectl -n impersonation delete kustomizations/podinfo | |
until kubectl -n impersonation get deploy/podinfo 2>&1 | grep NotFound ; do sleep 2; done | |
- name: Run OCI tests | |
run: | | |
kubectl create ns oci | |
kubectl -n oci apply -f ./config/testdata/oci | |
kubectl -n oci wait kustomizations/oci --for=condition=ready --timeout=4m | |
- name: Run CRDs + CRs tests | |
run: | | |
kubectl -n kustomize-system apply -f ./config/testdata/crds-crs | |
kubectl -n kustomize-system wait kustomizations/certs --for=condition=ready --timeout=4m | |
kubectl -n kustomizer-cert-test wait issuers/my-ca-issuer --for=condition=ready --timeout=1m | |
- name: Logs | |
run: | | |
kubectl -n kustomize-system logs deploy/source-controller | |
kubectl -n kustomize-system logs deploy/kustomize-controller | |
- name: Debug failure | |
if: failure() | |
run: | | |
kubectl -n kustomize-system get gitrepositories -oyaml | |
kubectl -n kustomize-system get kustomizations -oyaml | |
kubectl -n kustomize-system get all | |
kubectl -n oci get ocirepository/oci -oyaml | |
kubectl -n oci get kustomization/oci -oyaml | |
kubectl -n kustomize-system logs deploy/source-controller | |
kubectl -n kustomize-system logs deploy/kustomize-controller |