feat: add kind-local overlay and kind-local-up target #1534
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Test Local Development Environment | |
| on: | |
| pull_request: | |
| jobs: | |
| test-local-dev-simulation: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v6 | |
| - name: Cleanup Diskspace | |
| id: cleanup | |
| uses: kubeflow/pipelines/.github/actions/github-disk-cleanup@master | |
| if: (!cancelled()) | |
| - name: Set up Go | |
| uses: actions/setup-go@v6 | |
| with: | |
| go-version-file: 'components/backend/go.mod' | |
| cache-dependency-path: 'components/backend/go.sum' | |
| - name: Install minikube and kubectl | |
| run: | | |
| # Install kubectl | |
| curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" | |
| chmod +x kubectl | |
| sudo mv kubectl /usr/local/bin/ | |
| # Install minikube | |
| curl -LO https://storage.googleapis.com/minikube/releases/latest/minikube-linux-amd64 | |
| sudo install minikube-linux-amd64 /usr/local/bin/minikube | |
| # Verify installations | |
| kubectl version --client | |
| minikube version | |
| - name: Validate Makefile | |
| run: | | |
| echo "Validating Makefile quality..." | |
| make validate-makefile | |
| - name: Deploy using Makefile | |
| run: | | |
| echo "Using Makefile to deploy complete stack..." | |
| make local-up CONTAINER_ENGINE=docker CI_MODE=true | |
| - name: Wait for deployments | |
| run: | | |
| echo "Waiting for deployments to be ready..." | |
| kubectl wait --for=condition=available --timeout=180s deployment/backend-api -n ambient-code || { | |
| echo "⚠️ Backend deployment timeout - showing status" | |
| kubectl get pods -n ambient-code -o wide | |
| kubectl describe deployment backend-api -n ambient-code | tail -50 | |
| echo "⚠️ Backend pod events:" | |
| kubectl get events -n ambient-code --field-selector involvedObject.kind=Pod,involvedObject.name!='' --sort-by='.lastTimestamp' | grep backend-api || echo "(No backend-api pod events found)" | |
| echo "⚠️ Backend pod details:" | |
| kubectl get pods -n ambient-code -l app=backend-api -o yaml | grep -A 20 -B 5 "conditions:\|events:\|status:" || true | |
| exit 1 | |
| } | |
| kubectl wait --for=condition=available --timeout=180s deployment/frontend -n ambient-code || { | |
| echo "⚠️ Frontend deployment timeout - showing status" | |
| kubectl get pods -n ambient-code -o wide | |
| kubectl describe deployment frontend -n ambient-code | tail -50 | |
| exit 1 | |
| } | |
| kubectl wait --for=condition=available --timeout=180s deployment/agentic-operator -n ambient-code || { | |
| echo "⚠️ Operator deployment timeout - showing status" | |
| kubectl get pods -n ambient-code -o wide | |
| kubectl describe deployment agentic-operator -n ambient-code | tail -50 | |
| exit 1 | |
| } | |
| - name: Run backend integration tests (real k8s auth path) | |
| run: | | |
| set -euo pipefail | |
| echo "Setting up ServiceAccount + RBAC for backend integration tests..." | |
| kubectl -n ambient-code create serviceaccount backend-integration-test 2>/dev/null || true | |
| kubectl -n ambient-code create role backend-integration-test \ | |
| --verb=get,list \ | |
| --resource=configmaps 2>/dev/null || true | |
| kubectl -n ambient-code create rolebinding backend-integration-test \ | |
| --role=backend-integration-test \ | |
| --serviceaccount=ambient-code:backend-integration-test 2>/dev/null || true | |
| TEST_TOKEN="$(kubectl -n ambient-code create token backend-integration-test)" | |
| echo "::add-mask::$TEST_TOKEN" | |
| echo "Running Go integration tests (skips any external-provider tests without env)..." | |
| cd components/backend | |
| INTEGRATION_TESTS=true \ | |
| K8S_TEST_TOKEN="$TEST_TOKEN" \ | |
| K8S_TEST_NAMESPACE="ambient-code" \ | |
| go test ./tests/integration/... -count=1 -timeout=10m | |
| - name: Run Makefile smoke tests | |
| run: | | |
| echo "Running Makefile smoke tests..." | |
| make local-test-quick CONTAINER_ENGINE=docker || { | |
| echo "Smoke tests failed - showing debugging information..." | |
| make local-troubleshoot | |
| exit 1 | |
| } | |
| - name: Run comprehensive test suite | |
| run: | | |
| echo "Running local development test suite..." | |
| chmod +x tests/local-dev-test.sh | |
| # Run tests in CI mode (known failures tracked separately) | |
| ./tests/local-dev-test.sh --skip-setup --ci || { | |
| echo "Test suite failed - showing debugging information..." | |
| make local-troubleshoot | |
| exit 1 | |
| } | |
| - name: Validate production manifest safety | |
| if: always() | |
| run: | | |
| echo "Validating production manifests do NOT contain dev mode variables..." | |
| # Recursively check base and production manifests for DISABLE_AUTH | |
| while IFS= read -r manifest; do | |
| if grep -q "DISABLE_AUTH" "$manifest"; then | |
| echo "❌ CRITICAL: Production manifest contains DISABLE_AUTH: $manifest" | |
| exit 1 | |
| fi | |
| if grep -qE "ENVIRONMENT.*[\"']?(local|development)[\"']?" "$manifest"; then | |
| echo "❌ CRITICAL: Production manifest sets ENVIRONMENT=local/development: $manifest" | |
| exit 1 | |
| fi | |
| done < <(find components/manifests/base components/manifests/overlays/production -name "*.yaml" -o -name "*.yml" 2>/dev/null) | |
| echo "✅ All production manifests are safe" | |
| - name: Show deployment status | |
| if: always() | |
| run: | | |
| echo "=== Namespace ===" | |
| kubectl get namespace ambient-code 2>&1 || echo "(Namespace not found - may not have been created)" | |
| echo "" | |
| echo "=== Deployments ===" | |
| kubectl get deployments -n ambient-code -o wide 2>&1 || echo "(No deployments found or namespace does not exist)" | |
| echo "" | |
| echo "=== ReplicaSets ===" | |
| kubectl get replicasets -n ambient-code -o wide 2>&1 || echo "(No replicasets found or namespace does not exist)" | |
| echo "" | |
| echo "=== Pods ===" | |
| kubectl get pods -n ambient-code -o wide 2>&1 || echo "(No pods found or namespace does not exist)" | |
| echo "" | |
| echo "=== Services ===" | |
| kubectl get svc -n ambient-code 2>&1 || echo "(No services found or namespace does not exist)" | |
| echo "" | |
| echo "=== Ingress ===" | |
| kubectl get ingress -n ambient-code 2>&1 || echo "(No ingress found or namespace does not exist)" | |
| echo "" | |
| echo "=== CRDs ===" | |
| kubectl get crd 2>&1 | grep vteam || echo "(No vteam CRDs found)" | |
| echo "" | |
| echo "=== Events (last 30) ===" | |
| kubectl get events -n ambient-code --sort-by='.lastTimestamp' 2>&1 | tail -30 || echo "(No events found or namespace does not exist)" | |
| echo "" | |
| echo "=== Deployment describe (if no pods) ===" | |
| if ! kubectl get pods -n ambient-code 2>/dev/null | grep -q "backend-api\|frontend\|agentic-operator"; then | |
| echo "No pods found - describing deployments for details:" | |
| kubectl describe deployment backend-api -n ambient-code 2>&1 | tail -50 || echo "(backend-api deployment not found)" | |
| kubectl describe deployment frontend -n ambient-code 2>&1 | tail -50 || echo "(frontend deployment not found)" | |
| kubectl describe deployment agentic-operator -n ambient-code 2>&1 | tail -50 || echo "(agentic-operator deployment not found)" | |
| fi | |
| - name: Cleanup | |
| if: always() | |
| run: | | |
| echo "Cleaning up using Makefile..." | |
| make local-clean 2>&1 || echo "(Cleanup failed or cluster already removed)" |