forked from confidential-containers/cloud-api-adaptor
-
Notifications
You must be signed in to change notification settings - Fork 0
135 lines (120 loc) · 4.18 KB
/
e2e_docker.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
# (C) Copyright Confidential Containers Contributors 2024.
# SPDX-License-Identifier: Apache-2.0
#
# Run docker e2e tests.
name: (Callable) docker e2e tests
on:
workflow_call:
inputs:
podvm_image:
required: true
type: string
caa_image:
description: The cloud-api-adaptor OCI image (including tag) to test
type: string
install_directory_artifact:
description: The archive name of the install directory
default: ''
required: false
type: string
git_ref:
default: 'main'
description: Git ref to checkout the cloud-api-adaptor repository. Defaults to main.
required: false
type: string
container_runtime:
default: 'containerd'
description: Name of the container runtime. Either containerd or crio.
required: false
type: string
env:
CLOUD_PROVIDER: docker
CLUSTER_NAME: peer-pods
DEBIAN_FRONTEND: noninteractive
defaults:
run:
working-directory: src/cloud-api-adaptor
jobs:
test-docker:
runs-on: ubuntu-22.04
# TODO: remove this when the job gets stable
continue-on-error: true
steps:
- name: Checkout Code
uses: actions/checkout@v4
with:
fetch-depth: 0
ref: ${{ inputs.git_ref }}
- name: Rebase the code
if: github.event_name == 'pull_request_target'
working-directory: ./
run: |
./hack/ci-helper.sh rebase-atop-of-the-latest-target-branch
- name: Login to quay Container Registry
if: ${{ startsWith(inputs.podvm_image, 'quay.io') }}
uses: docker/login-action@v3
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}
- name: Login to the ghcr Container registry
if: ${{ startsWith(inputs.podvm_image, 'ghcr.io') }}
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Read properties from versions.yaml
run: |
sudo snap install yq
go_version="$(yq '.tools.golang' versions.yaml)"
[ -n "$go_version" ]
echo "GO_VERSION=${go_version}" >> "$GITHUB_ENV"
- name: Setup Golang version ${{ env.GO_VERSION }}
uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION }}
- name: Install kustomize
run: |
command -v kustomize >/dev/null || \
curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | \
sudo bash -s /usr/local/bin
- name: Update kustomization configuration
run: |
cd "install/overlays/docker"
kustomize edit set image "cloud-api-adaptor=${{ inputs.caa_image }}"
# Print for debugging
echo "::group::docker kustomization"
cat kustomization.yaml
echo "::endgroup::"
- name: Config docker
run: |
cat <<- EOF > docker.properties
DOCKER_PODVM_IMAGE="${{ inputs.podvm_image }}"
DOCKER_HOST="unix:///var/run/docker.sock"
DOCKER_NETWORK_NAME="kind"
CONTAINER_RUNTIME="${{ inputs.container_runtime }}"
EOF
# For debugging
cat docker.properties
- name: run tests
id: runTests
run: |
export CLOUD_PROVIDER=docker
export CONTAINER_RUNTIME="${{ inputs.container_runtime }}"
export DEPLOY_KBS=false
export TEST_PROVISION=yes
export TEST_TEARDOWN=no
export TEST_PROVISION_FILE="$PWD/docker.properties"
export TEST_PODVM_IMAGE="${{ inputs.podvm_image }}"
export TEST_E2E_TIMEOUT="50m"
make test-e2e
- name: Debug tests failure
if: failure() && steps.runTests.outcome == 'failure'
working-directory: ./
run: |
export KUBECONFIG="${HOME}/kube_${CLUSTER_NAME}"
kind get kubeconfig -n "$CLUSTER_NAME" > "$KUBECONFIG"
./hack/ci-e2e-debug-fail.sh
# Avoid running with `set -e` as command fails should be allowed
shell: bash {0}