@@ -182,224 +182,12 @@ jobs:
182182 GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
183183 run : ./gradlew :cosmotech-${{ matrix.service.packageName }}-api:integrationTest --tests "com.cosmotech.${{ matrix.service.packageName }}.service.${{ matrix.service.testPrefix }}ServiceIntegrationTest" -x spotlessCheck -x openApiValidate
184184
185-
186- test_helm :
187- name : Test Helm Chart
188- runs-on : ubuntu-latest
189- needs :
190- - build
191-
192- # If the PR is coming from a fork (pull_request_target), ensure it's opened by "dependabot[bot]".
193- # Otherwise, clone it normally.
194- # This allows Dependabot PRs to have access to the repository Secrets,
195- # but using the Workflows in the context of the base branch
196- if : |
197- (github.event_name == 'pull_request_target' && github.actor == 'dependabot[bot]') ||
198- (github.event_name != 'pull_request_target' && github.actor != 'dependabot[bot]')
199-
200- env :
201- CHART_RELEASE_TEST_NAMESPACE : phoenix
202-
203- permissions : read-all
204-
205- steps :
206-
207- - name : Checkout
208- if : ${{ github.event_name != 'pull_request_target' }}
209- uses : actions/checkout@v4
210-
211- - name : Checkout PR
212- if : ${{ github.event_name == 'pull_request_target' }}
213- uses : actions/checkout@v4
214- with :
215- ref : ${{ github.event.pull_request.head.sha }}
216- token : ${{ secrets.GITHUB_TOKEN }}
217-
218- - name : Set up JDK
219- uses : actions/setup-java@v4
220- with :
221- distribution : ' temurin'
222- java-version : ' 23'
223-
224- - name : Set up api version to deploy
225- run : |
226- echo "Event: ${{ github.event_name }}, Actor: ${{ github.actor }}, Ref: ${{ github.ref }}, Ref Name: ${{ github.ref_name }}, Head: ${{ github.head_ref }}, Base: ${{ github.base_ref }}"
227- if [[ "${{ github.event_name }}" == "pull_request" ]]; then
228- echo Building from PR
229- arrIN=(${GITHUB_REF_NAME//\// })
230- versionTag="pr${arrIN[0]}"
231- echo "IMAGE_TAG_FROM_REF_NAME=$versionTag" >> $GITHUB_ENV;
232- echo "API_VERSION_FROM_REF_NAME=$versionTag" >> $GITHUB_ENV;
233- echo "The current version is $versionTag";
234- else
235- export firstPart=$(echo ${{ github.ref_name }} | cut -d '.' -f1)
236- if [[ $firstPart == \"v*\" ]]; then
237- echo "IMAGE_TAG_FROM_REF_NAME=${{ github.ref_name }}" >> $GITHUB_ENV;
238- echo "API_VERSION_FROM_REF_NAME=$firstPart" >> $GITHUB_ENV;
239- echo "The current version is $firstPart";
240- elif [[ $firstPart == \"main\" ]]; then
241- echo "IMAGE_TAG_FROM_REF_NAME=latest" >> $GITHUB_ENV;
242- echo "API_VERSION_FROM_REF_NAME=latest" >> $GITHUB_ENV
243- echo "The current version is latest";
244- else
245- echo "IMAGE_TAG_FROM_REF_NAME=${{ github.ref_name }}" >> $GITHUB_ENV;
246- echo "API_VERSION_FROM_REF_NAME=v$firstPart" >> $GITHUB_ENV
247- echo "The current version is v$firstPart";
248- fi
249- fi
250-
251- name : Set up Helm
252- uses : azure/setup-helm@v4
253- with :
254- version : v3.6.0
255-
256- - name : Generate KinD Config
257- run : |
258- cat <<EOF > /tmp/csm-kind-config.yaml
259-
260- kind: Cluster
261- apiVersion: kind.x-k8s.io/v1alpha4
262- containerdConfigPatches:
263- - |-
264- [plugins."io.containerd.grpc.v1.cri".containerd]
265- disable_snapshot_annotations = true
266- [plugins."io.containerd.grpc.v1.cri".registry.mirrors."localhost:5000"]
267- endpoint = ["http://kind-registry:5000"]
268- nodes:
269- - role: control-plane
270- image: kindest/node:v1.23.6
271- kubeadmConfigPatches:
272- - |
273- kind: InitConfiguration
274- nodeRegistration:
275- kubeletExtraArgs:
276- node-labels: "ingress-ready=true"
277- extraPortMappings:
278- - containerPort: 80
279- hostPort: 80
280- protocol: TCP
281- - containerPort: 443
282- hostPort: 443
283- protocol: TCP
284- - role: worker
285- image: kindest/node:v1.23.6
286- kubeadmConfigPatches:
287- - |
288- kind: JoinConfiguration
289- nodeRegistration:
290- taints:
291- - key: "vendor"
292- value: "cosmotech"
293- effect: "NoSchedule"
294- kubeletExtraArgs:
295- node-labels: "kubernetes.io/os=linux,cosmotech.com/tier=compute,cosmotech.com/size=basic"
296- - role: worker
297- image: kindest/node:v1.23.6
298- kubeadmConfigPatches:
299- - |
300- kind: JoinConfiguration
301- nodeRegistration:
302- taints:
303- - key: "vendor"
304- value: "cosmotech"
305- effect: "NoSchedule"
306- kubeletExtraArgs:
307- node-labels: "kubernetes.io/os=linux,cosmotech.com/tier=services"
308- - role: worker
309- image: kindest/node:v1.23.6
310- kubeadmConfigPatches:
311- - |
312- kind: JoinConfiguration
313- nodeRegistration:
314- taints:
315- - key: "vendor"
316- value: "cosmotech"
317- effect: "NoSchedule"
318- kubeletExtraArgs:
319- node-labels: "kubernetes.io/os=linux,cosmotech.com/tier=db"
320- - role: worker
321- image: kindest/node:v1.23.6
322- kubeadmConfigPatches:
323- - |
324- kind: JoinConfiguration
325- nodeRegistration:
326- taints:
327- - key: "vendor"
328- value: "cosmotech"
329- effect: "NoSchedule"
330- kubeletExtraArgs:
331- node-labels: "kubernetes.io/os=linux,cosmotech.com/tier=monitoring"
332-
333- networking:
334- # disable kindnet, which does not support Network Policies
335- disableDefaultCNI: true
336- # set to Calico's default subnet
337- podSubnet: 192.168.0.0/16
338- featureGates:
339- # TTL Controller for finished resources is currently an opt-in alpha feature
340- # https://kubernetes.io/docs/concepts/workloads/controllers/ttlafterfinished/
341- TTLAfterFinished: true
342-
343- EOF
344-
345- name : Provision Kubernetes KinD Cluster and local Container Registry
346- uses : container-tools/kind-action@v2
347- with :
348- version : v0.14.0
349- config : /tmp/csm-kind-config.yaml
350-
351- - name : Deploy Calico
352- run : |
353- helm repo add projectcalico https://docs.tigera.io/calico/charts
354- helm \
355- install calico \
356- projectcalico/tigera-operator \
357- --version v3.24.3 \
358- --wait \
359- --timeout 2m
360-
361- name : Make scripts executable
362- run : |
363- chmod +x .github/scripts/*.sh
364- chmod +x api/kubernetes/*.sh
365-
366- name : Setup Gradle
367- uses : gradle/actions/setup-gradle@v4
368- with :
369- cache-disabled : true
370-
371- - name : Build, package and push container image
372- env :
373- GITHUB_TOKEN : ${{ secrets.GITHUB_TOKEN }}
374- run : >
375- ./gradlew
376- :cosmotech-api:jib
377- -Djib.to.image=localhost:5000/cosmotech-api:${{ env.IMAGE_TAG_FROM_REF_NAME }}
378- -Djib.allowInsecureRegistries=true
379-
380- name : Install the Helm Chart (current Version)
381- env :
382- PHOENIXAKSDEV_TENANT_ID : ${{ secrets.PHOENIXAKSDEV_TENANT_ID }}
383- PHOENIXAKSDEV_CLIENT_ID : ${{ secrets.PHOENIXAKSDEV_CLIENT_ID }}
384- PHOENIXAKSDEV_CLIENT_SECRET : ${{ secrets.PHOENIXAKSDEV_CLIENT_SECRET }}
385- PHOENIXAKSDEV_STORAGE_ACCOUNT_NAME : ${{ secrets.PHOENIXAKSDEV_STORAGE_ACCOUNT_NAME }}
386- PHOENIXAKSDEV_STORAGE_ACCOUNT_KEY : ${{ secrets.PHOENIXAKSDEV_STORAGE_ACCOUNT_KEY }}
387- PHOENIXAKSDEV_ADX_BASE_URI : ${{ secrets.PHOENIXAKSDEV_ADX_BASE_URI }}
388- PHOENIXAKSDEV_ADX_INGESTION_BASE_URI : ${{ secrets.PHOENIXAKSDEV_ADX_INGESTION_BASE_URI }}
389- PHOENIXAKSDEV_EVENT_HUBS_BASE_URI : ${{ secrets.PHOENIXAKSDEV_EVENT_HUBS_BASE_URI }}
390- IDP_DOMAIN : ${{ secrets.PHOENIXDEV_IDP_DOMAIN }}
391- run : .github/scripts/install-helm-chart.sh ${{ env.API_VERSION_FROM_REF_NAME }} ${{ env.IMAGE_TAG_FROM_REF_NAME }}
392-
393- - name : Test Helm Release (current Version)
394- run : .github/scripts/test-helm-release.sh ${{ env.API_VERSION_FROM_REF_NAME }}
395-
396185 scan_and_push_container_images_to_registries :
397186 runs-on : ubuntu-latest
398187 needs :
399188 - unit_tests
400189 - integration_tests
401190 - controller_tests
402- - test_helm
403191 permissions :
404192 packages : write
405193 contents : read
@@ -511,7 +299,6 @@ jobs:
511299 - unit_tests
512300 - integration_tests
513301 - controller_tests
514- - test_helm
515302 permissions :
516303 packages : write
517304 contents : read
0 commit comments