🔄 synced file(s) with Kong/kong-operator #860
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: PR tests | |
| concurrency: | |
| # Run only for most recent commit in PRs but for all tags and commits on main | |
| # Ref: https://docs.github.com/en/actions/using-jobs/using-concurrency | |
| group: ${{ github.workflow }}-${{ github.head_ref || github.sha }} | |
| cancel-in-progress: true | |
| on: | |
| pull_request: | |
| branches: | |
| - main | |
| - release/kong-2.x | |
| - release/kong-3.x | |
| workflow_dispatch: {} | |
| permissions: | |
| contents: read | |
| env: | |
| # Specify this here because these tests rely on ktf to run kind for cluster creation. | |
| # renovate: datasource=github-releases depName=kubernetes-sigs/kind | |
| KIND_VERSION: "0.30.0" | |
| jobs: | |
| ensure-actions-sha-pin: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 | |
| with: | |
| egress-policy: audit | |
| - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| - uses: zgosalvez/github-actions-ensure-sha-pinned-actions@fc87bb5b5a97953d987372e74478de634726b3e5 # v3.0.25 | |
| lint: | |
| timeout-minutes: 30 | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| - uses: jdx/mise-action@e3d7b8d67a7958d1207f6ed871e83b1ea780e7b0 # v3.3.1 | |
| with: | |
| install: false | |
| - name: Run linters | |
| env: | |
| MISE_VERBOSE: 1 | |
| MISE_DEBUG: 1 | |
| run: make lint | |
| lint-test: | |
| timeout-minutes: 30 | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| kubernetes-version: | |
| # renovate: datasource=docker depName=kindest/node | |
| - "1.33.4" | |
| chart-name: | |
| - kong | |
| - ingress | |
| - gateway-operator | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up Helm | |
| uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # v4.3.1 | |
| - name: Add Helm repos | |
| run: | | |
| helm repo add bitnami https://charts.bitnami.com/bitnami | |
| helm repo add kong https://charts.konghq.com | |
| - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 | |
| with: | |
| python-version: "3.11" | |
| - name: Set up chart-testing | |
| uses: helm/chart-testing-action@0d28d3144d3a25ea2cc349d6e59901c4ff469b3b # v2.7.0 | |
| - name: Run chart-testing (lint) | |
| run: ct lint --target-branch main --check-version-increment=false | |
| - name: setup testing environment (kind-cluster) | |
| env: | |
| KUBERNETES_VERSION: ${{ matrix.kubernetes-version }} | |
| CHART_NAME: ${{ matrix.chart-name }} | |
| run: ./scripts/test-env.sh | |
| - name: Run chart-testing (install) | |
| run: | | |
| kubectl create ns kong-test | |
| ct install --target-branch main --charts charts/${{ matrix.chart-name}} --namespace kong-test | |
| # No need to delete the ns the cluster is scrapped after the job anyway. | |
| integration-test: | |
| timeout-minutes: 30 | |
| runs-on: ubuntu-latest | |
| env: | |
| GATEWAY_API_VERSION: v1.3.0 | |
| strategy: | |
| matrix: | |
| kic-version: | |
| - "" # default from the chart | |
| - "3.4" | |
| kong-version: | |
| - "" # default from the chart | |
| kubernetes-version: | |
| # renovate: datasource=docker depName=kindest/node | |
| - "1.28.15" | |
| # renovate: datasource=docker depName=kindest/node | |
| - "1.29.14" | |
| # renovate: datasource=docker depName=kindest/node | |
| - "1.30.13" | |
| # renovate: datasource=docker depName=kindest/node | |
| - "1.31.12" | |
| # renovate: datasource=docker depName=kindest/node | |
| - "1.32.8" | |
| # renovate: datasource=docker depName=kindest/node | |
| - "1.33.4" | |
| chart-name: | |
| - kong | |
| - ingress | |
| - gateway-operator | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 | |
| with: | |
| egress-policy: audit | |
| - name: Checkout | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| - name: setup helm | |
| uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # v4.3.1 | |
| - name: setup testing environment (kind-cluster) | |
| env: | |
| KUBERNETES_VERSION: ${{ matrix.kubernetes-version }} | |
| CHART_NAME: ${{ matrix.chart-name }} | |
| run: ./scripts/test-env.sh | |
| - name: run integration tests (integration) | |
| env: | |
| CHART_NAME: ${{ matrix.chart-name }} | |
| run: ./scripts/test-run.sh | |
| - name: run upgrade integration tests (integration-upgrade) | |
| env: | |
| CHART_NAME: ${{ matrix.chart-name }} | |
| KONG_VERSION: ${{ matrix.kong-version }} | |
| KIC_VERSION: ${{ matrix.kic-version }} | |
| run: ./scripts/test-upgrade.sh | |
| - name: cleanup integration tests (cleanup) | |
| run: ./scripts/test-env.sh cleanup | |
| golden-tests: | |
| timeout-minutes: 30 | |
| runs-on: ubuntu-latest | |
| name: golden-tests | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 | |
| with: | |
| egress-policy: audit | |
| - name: checkout | |
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | |
| - name: setup helm | |
| uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # v4.3.1 | |
| - uses: jdx/mise-action@e3d7b8d67a7958d1207f6ed871e83b1ea780e7b0 # v3.3.1 | |
| with: | |
| install: false | |
| - name: build helm chart dependency | |
| run: | | |
| helm repo add bitnami https://charts.bitnami.com/bitnami | |
| helm repo add kong https://charts.konghq.com | |
| helm dependency build charts/kong | |
| helm dependency build charts/ingress | |
| helm dependency build charts/gateway-operator | |
| - name: run golden tests | |
| run: make test.golden | |
| - name: run golden tests update and check if there are any changes that should be committed | |
| run: make test.golden.update verify.diff | |
| # Workaround to allow checking the matrix tests as required tests without adding the individual cases | |
| # Ref: https://github.com/orgs/community/discussions/26822#discussioncomment-3305794 | |
| passed: | |
| timeout-minutes: 30 | |
| runs-on: ubuntu-latest | |
| needs: | |
| - ensure-actions-sha-pin | |
| - lint | |
| - lint-test | |
| - integration-test | |
| - golden-tests | |
| if: always() | |
| steps: | |
| - name: Harden Runner | |
| uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 | |
| with: | |
| egress-policy: audit | |
| - if: ${{ contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled') }} | |
| run: | | |
| echo "Some jobs failed or were cancelled." | |
| exit 1 |