-
Notifications
You must be signed in to change notification settings - Fork 84
180 lines (167 loc) · 6.17 KB
/
e2e_on_pull.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
# (C) Copyright Confidential Containers Contributors 2023.
# SPDX-License-Identifier: Apache-2.0
#
# Run end-to-end (e2e) tests on pull request.
---
name: e2e tests
on:
# Note on repository checkout: pull_request_target sets `GITHUB_SHA` to the
# "last commit on the PR base branch", meaning that by default `actions/checkout`
# is going to checkout the repository main branch. In order to pick up the pull
# request code, this workflow uses the `github.event.pull_request.head.sha`
# property to get the last commit on the HEAD branch. One limitation of this approach
# is that, unlike the `pull_request` event, the checked pull request isn't necessarily
# rebased to main (so it is up to users ensure the pull request is rebased **before*
# triggering this workflow).
pull_request_target:
types:
# This workflow will be run if the pull request is labeled test_e2e_libvirt, so
# adding 'labeled' to the list of activity types.
#
- opened
- synchronize
- reopened
- labeled
branches:
- 'main'
env:
# cloud-api-adaptor image registry
E2E_IMG_REGISTRY: ghcr.io/${{ github.repository_owner }}
# cloud-api-adaptor: image release tag
E2E_IMG_RELEASE_TAG: ci-pr${{ github.event.number }}
# cloud-api-adaptor image dev tag
E2E_IMG_DEV_TAG: ci-pr${{ github.event.number }}-dev
jobs:
authorize:
runs-on: ubuntu-latest
if: ${{ contains(github.event.pull_request.labels.*.name, 'test_e2e_libvirt') }}
steps:
- run: "true"
# Build the podvm images.
#
# Currently it will not build the podvm, instead it downloads the qcow2 file
# from the built image. The file will be archived so that downstream jobs can
# just download the file on their runners.
podvm:
name: podvm
needs: [authorize]
runs-on: ubuntu-latest
strategy:
fail-fast: true
matrix:
os:
- centos
- ubuntu
provider:
- generic
arch:
- amd64
env:
registry: quay.io/confidential-containers
podvm_image: podvm-${{ matrix.provider }}-${{ matrix.os }}-${{ matrix.arch }}
qcow2: podvm-${{ matrix.provider }}-${{ matrix.os }}-${{ matrix.arch }}.qcow2
steps:
- name: Checkout Code
uses: actions/checkout@v3
with:
fetch-depth: 0
ref: ${{ github.event.pull_request.head.sha }}
- name: Extract the podvm qcow2
run: ./hack/download-image.sh ${{ env.registry }}/${{ env.podvm_image }} . -o ${{ env.qcow2 }}
working-directory: podvm
- uses: actions/upload-artifact@v3
with:
name: ${{ env.qcow2 }}
path: podvm/${{ env.qcow2 }}
retention-days: 1
# Build and push the cloud-api-adaptor image
#
# By using a reusable `workflow_call` workflow we are hitting two
# GHA limitations here:
#
# - Cannot access the `env` context from the `with` so that it cannot
# reuse the E2E_IMG_* environment variables set at this workflow level.
# - Cannot call a reusable workflow from a job's step, so the we cannot
# merge the `image` and `prep_env` into a single one (unless we create
# another reusable workflow and, well, likely hit another limitation...).
#
# Reference: https://docs.github.com/en/actions/using-workflows/reusing-workflows#limitations
#
image:
uses: ./.github/workflows/caa_build_and_push.yaml
needs: [authorize]
with:
registry: ghcr.io/${{ github.repository_owner }}
dev_tags: ci-pr${{ github.event.number }}-dev
release_tags: ci-pr${{ github.event.number }}
git_ref: ${{ github.event.pull_request.head.sha }}
secrets: inherit
# Edit the kustomize files under the install directory to reference the
# built cloud-api-adaptor images. The entire directory is archived so that
# downstream jobs can simply download and use the prepared installation
# files.
#
# IMPORTANT: If you are enabling e2e tests for a given provider,
# then please update the PROVIDERS list (space-separated names, e.g.,
# "aws libvirt").
prep_install:
needs: [image]
runs-on: ubuntu-latest
env:
PROVIDERS: "libvirt"
steps:
- name: Checkout Code
uses: actions/checkout@v3
with:
fetch-depth: 0
ref: ${{ github.event.pull_request.head.sha }}
- name: Install kustomize
run: |
command -v kustomize >/dev/null || \
curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | \
bash -s /usr/local/bin
- name: Update kustomization configuration
run: |
providers=(${{ env.PROVIDERS }})
# If there aren't providers then something is wrong
[[ ${#providers[@]} -gt 0 ]] || exit 1
for provider in ${providers[@]}; do
img="${E2E_IMG_REGISTRY}/cloud-api-adaptor"
tag="${E2E_IMG_RELEASE_TAG}"
[[ "$provider" = "libvirt" ]] && tag="${E2E_IMG_DEV_TAG}"
echo "::group::Update ${provider}"
pushd "install/overlays/${provider}"
kustomize edit set image "cloud-api-adaptor=${img}:${tag}"
# Print for debugging
cat kustomization.yaml
echo "::endgroup::"
# Validate the file to avoid it silently testing with a wrong image
grep "newName: ${img}" kustomization.yaml
grep "newTag: ${tag}" kustomization.yaml
popd
done
- uses: actions/upload-artifact@v3
with:
name: install_directory
path: install/
retention-days: 7
# Run libvirt e2e tests if pull request labeled 'test_e2e_libvirt'
libvirt:
name: libvirt
if: ${{ contains(github.event.pull_request.labels.*.name, 'test_e2e_libvirt') }}
needs: [podvm, image, prep_install]
strategy:
fail-fast: false
matrix:
os:
- centos
- ubuntu
provider:
- generic
arch:
- amd64
uses: ./.github/workflows/e2e_libvirt.yaml
with:
qcow2_artifact: podvm-${{ matrix.provider }}-${{ matrix.os }}-${{ matrix.arch }}.qcow2
install_directory_artifact: install_directory
git_ref: ${{ github.event.pull_request.head.sha }}