forked from Azure/azure-workload-identity
-
Notifications
You must be signed in to change notification settings - Fork 0
/
pr.yaml
122 lines (119 loc) · 3.48 KB
/
pr.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
trigger: none
pr:
branches:
include:
- main
paths:
exclude:
- docs
- README.md
- .github
pool: staging-pool
jobs:
- job: scan_images
timeoutInMinutes: 30
workspace:
clean: all
steps:
- template: templates/scan-images.yaml
- job: lint
timeoutInMinutes: 30
workspace:
clean: all
steps:
- script: make lint
displayName: golangci-lint
- script: make helm-lint
displayName: helm lint
- script: |
go mod tidy
if ! git diff --exit-code go.mod go.sum; then
echo "go.mod/go.sum is not up to date. Please run 'go mod tidy'"
exit 1
fi
displayName: go mod tidy
- script: |
make manifests
if ! git diff --exit-code manifest_staging/; then
echo "manifest_staging/ is not up to date. Please run 'make manifests'"
exit 1
fi
displayName: make manifests
- job: unit_test
timeoutInMinutes: 30
workspace:
clean: all
steps:
- script: make test
displayName: Unit test
- job: shellcheck
timeoutInMinutes: 5
workspace:
clean: all
steps:
- script: make shellcheck
displayName: shellcheck
- job:
timeoutInMinutes: 60
dependsOn:
- lint
- scan_images
- shellcheck
workspace:
clean: all
variables:
# contains the following environment variables:
# - APPLICATION_CLIENT_ID
# - AZURE_TENANT_ID
# - KEYVAULT_NAME
# - KEYVAULT_SECRET_NAME
# - SERVICE_ACCOUNT_ISSUER
# - SERVICE_ACCOUNT_KEYVAULT_NAME
- group: e2e-environment-variables
strategy:
matrix:
aks_windows_dockershim:
REGISTRY: upstream.azurecr.io/azure-workload-identity
WINDOWS_CLUSTER: "true"
GINKGO_SKIP: \[AKSSoakOnly\]
aks_windows_containerd:
REGISTRY: upstream.azurecr.io/azure-workload-identity
WINDOWS_CLUSTER: "true"
WINDOWS_CONTAINERD: "true"
GINKGO_SKIP: \[AKSSoakOnly\]
aks_linux:
REGISTRY: upstream.azurecr.io/azure-workload-identity
GINKGO_SKIP: \[AKSSoakOnly\]
arc:
REGISTRY: upstream.azurecr.io/azure-workload-identity
ARC_CLUSTER: "true"
GINKGO_SKIP: \[AKSSoakOnly\]
kind_v1_22_9:
KIND_NODE_VERSION: v1.22.9
LOCAL_ONLY: "true"
TEST_HELM_CHART: "true"
kind_v1_23_6:
KIND_NODE_VERSION: v1.23.6
LOCAL_ONLY: "true"
TEST_HELM_CHART: "true"
kind_v1_24_2:
KIND_NODE_VERSION: v1.24.2
LOCAL_ONLY: "true"
TEST_HELM_CHART: "true"
steps:
- script: echo "##vso[task.setvariable variable=CLUSTER_NAME]azwi-e2e-$(openssl rand -hex 2)"
displayName: Set CLUSTER_NAME
condition: ne(variables.LOCAL_ONLY, 'true')
- script: make test-e2e
displayName: Webhook E2E test suite
env:
APPLICATION_CLIENT_ID: $(APPLICATION_CLIENT_ID)
AZURE_TENANT_ID: $(AZURE_TENANT_ID)
KEYVAULT_NAME: $(KEYVAULT_NAME)
KEYVAULT_SECRET_NAME: $(KEYVAULT_SECRET_NAME)
SERVICE_ACCOUNT_ISSUER: $(SERVICE_ACCOUNT_ISSUER)
SERVICE_ACCOUNT_KEYVAULT_NAME: $(SERVICE_ACCOUNT_KEYVAULT_NAME)
- script: az group delete --name "${CLUSTER_NAME}" --yes --no-wait || true
displayName: Cleanup
condition: ne(variables.LOCAL_ONLY, 'true')
- template: templates/publish-logs.yaml