argocd-image-updater/.github/workflows/ci-tests.yaml at master · argoproj-labs/argocd-image-updater · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
name: Integration tests
on:
  pull_request:
    branches:
    - 'master'

jobs:
  check-go:
    name: Ensure Go modules synchronicity
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v6
      - name: Setup Golang
        uses: actions/setup-go@v6
        with:
          go-version-file: go.mod
      - name: Download all Go modules
        run: |
          go mod download
      - name: Check for tidyness of go.mod and go.sum
        run: |
          go mod tidy
          git diff --exit-code -- .
  codegen:
    name: Run codegen
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v6
      - name: Install Kustomize v2
        run: |
          set -xo pipefail
          URL="https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize%2Fv5.1.0/kustomize_v5.1.0_linux_amd64.tar.gz"
          BINNAME=kustomize
          curl -sLf --retry 3 -o /tmp/kustomize.tar.gz "$URL"
          chksum=$(sha256sum /tmp/kustomize.tar.gz | awk '{ print $1; }')
          if test "${chksum}" != "52f4cf1ba34d38fd55a9bef819e329c9a4561f5f57f8f539346038ab5026dda8"; then
            echo "Checksum mismatch" >&2
            exit 1
          fi
          tar -C /tmp -xvzf /tmp/kustomize.tar.gz
          sudo mv /tmp/kustomize /usr/local/bin/kustomize
          chmod +x /usr/local/bin/kustomize
      - name: Run make build-installer
        run: |
          IMAGE_TAG=latest make build-installer
      - name: Check nothing has changed
        run: |
          set -xo pipefail
          git diff --exit-code -- . ':!go.sum' ':!go.mod' ':!assets/swagger.json' | tee codegen.patch
  lint:
    name: Ensure code is correctly linted
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v6
      - name: Setup Golang
        uses: actions/setup-go@v6
        with:
          go-version-file: go.mod
        env:
          GO111MODULE: off
      - name: Run golangci-lint on main module
        uses: golangci/golangci-lint-action@v9
        with:
          version: v2.5.0
          args: --timeout 5m
      - name: Run golangci-lint on registry-scanner
        uses: golangci/golangci-lint-action@v9
        with:
          version: v2.5.0
          args: --timeout 5m
          working-directory: registry-scanner
  test:
    name: Ensure unit tests are passing
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v6
      - name: Setup Golang
        uses: actions/setup-go@v6
        with:
          go-version-file: go.mod
      - name: Run tests
        env:
          GNUPG_DISABLED: true
        run: |
          make test
      - name: Upload code coverage information to codecov.io
        uses: codecov/codecov-action@v5
        with:
          token: ${{ secrets.CODECOV_TOKEN }}
          files: coverage.out

# Comment out test-manifests job for now since image-updater crd schema is not available to the kubeconform tool yet
#  test-manifests:
#    name: Ensure kubernetes manifests conform to their schema
#    runs-on: ubuntu-latest
#    steps:
#      - name: Checkout code
#        uses: actions/checkout@v4
#      - name: Install Kubeconform
#        run: |
#          set -xo pipefail
#
#          curl -sLf --retry 3 \
#            -o /tmp/kubeconform.tar.gz \
#            "https://github.com/yannh/kubeconform/releases/download/v0.6.6/kubeconform-linux-amd64.tar.gz"
#          chksum=$(sha256sum /tmp/kubeconform.tar.gz | awk '{ print $1; }')
#          if test "${chksum}" != "2ff56999a6ed9e96fe5ab9ee52271f2db5335baf7f17789035b9561970cdd3eb"; then
#            echo "Checksum mismatch" >&2
#            exit 1
#          fi
#
#          tar -C /tmp -xvzf /tmp/kubeconform.tar.gz
#          sudo mv /tmp/kubeconform /usr/local/bin/kubeconform
#          chmod +x /usr/local/bin/kubeconform
#      - name: Run manifest tests
#        run: |
#          make test-manifests

  registry-scanner:
    name: Ensure registry-scanner Go modules synchronicity and run tests
    runs-on: ubuntu-latest
    defaults:
      run:
        working-directory: ./registry-scanner
    steps:
      - name: Checkout code
        uses: actions/checkout@v6
      - name: Setup Golang
        uses: actions/setup-go@v6
        with:
          go-version-file: go.mod
      - name: Download all Go modules
        run: |
          go mod download
      - name: Check for tidyness of go.mod and go.sum
        run: |
          go mod tidy
          git diff --exit-code -- .
      - name: Run tests
        env:
          GNUPG_DISABLED: true
        run: |
          make test
      - name: Upload code coverage information to codecov.io
        uses: codecov/codecov-action@v5
        with:
          token: ${{ secrets.CODECOV_TOKEN }}
          files: coverage.out
  test-e2e:
    name: Run end-to-end tests
    runs-on: ubuntu-latest
    timeout-minutes: 100
    strategy:
      matrix:
        k3s-version: [ v1.27.1 ]
        # k3s-version: [v1.20.2, v1.19.2, v1.18.9, v1.17.11, v1.16.15]
    steps:
      - name: Free up disk space
        run: |
          # Free up disk space on GitHub Actions runner to avoid pod evictions
          # See: https://github.com/actions/runner-images/issues/2840
          echo "=== Disk space before cleanup ==="
          df -h /
          sudo rm -rf /usr/share/dotnet
          sudo rm -rf /opt/ghc
          sudo rm -rf /usr/local/share/boost
          sudo rm -rf "$AGENT_TOOLSDIRECTORY"
          docker system prune -af
          echo "=== Disk space after cleanup ==="
          df -h /
      - name: Checkout code
        uses: actions/checkout@v6
      - name: Setup Golang
        uses: actions/setup-go@v6
        with:
          go-version-file: 'test/ginkgo/go.mod'
      - name: GH actions workaround - Kill XSP4 process
        run: |
          sudo pkill mono || true
      - name: Restore go build cache
        uses: actions/cache@v5
        with:
          path: ~/.cache/go-build
          key: ${{ runner.os }}-go-build-v1-${{ github.run_id }}
      - name: Add /usr/local/bin to PATH
        run: |
          echo "/usr/local/bin" >> $GITHUB_PATH
      - name: Download Go dependencies
        run: |
          cd test/ginkgo && go mod download
      - name: Install K3D
        run: |
          curl -fsSL https://raw.githubusercontent.com/rancher/k3d/main/install.sh | bash
          sudo mkdir -p "$HOME/.kube" && sudo chown -R runner "$HOME/.kube"
      - name: Deploy operator and run e2e tests
        env:
          ARGOCD_CLUSTER_CONFIG_NAMESPACES: argocd-e2e-cluster-config, argocd-operator-system
          K3D_CLUSTER_NAME: k3s-default
          LOCAL: false
        run: |
          set -o pipefail
          make -C test/ginkgo test-e2e 2>&1 | tee /tmp/e2e-test-ginkgo.log

      - name: Save application controller and server logs
        if: ${{ failure() }}
        run: |
          # Collect logs from test namespaces. The ginkgo tests use dynamically generated
          # namespace names with the prefix 'gitops-e2e-test-'.
          set -x

          # Find all gitops-e2e-test-* namespaces
          E2E_NAMESPACES=$(kubectl get namespaces -o=name | grep 'gitops-e2e-test-' | sed 's|namespace/||' || true)

          if [ -n "$E2E_NAMESPACES" ]; then
            for NS in $E2E_NAMESPACES; do
              echo "--- Collecting resources from namespace $NS ---"
              kubectl get all -n "$NS" >> /tmp/pods.log 2>&1 || true

              # Collect application controller logs (use head -1 to get only first matching pod)
              APP_CONTROLLER=$(kubectl get po -n "$NS" -o=name 2>/dev/null | grep argocd-application-controller | head -1 || true)
              if [ -n "$APP_CONTROLLER" ]; then
                kubectl logs -n "$NS" "$APP_CONTROLLER" >> /tmp/e2e-application-controller.log 2>&1 || true
              fi

              # Collect server logs (use head -1 to get only first matching pod)
              SERVER_POD=$(kubectl get po -n "$NS" -o=name 2>/dev/null | grep argocd-server | head -1 || true)
              if [ -n "$SERVER_POD" ]; then
                kubectl logs -n "$NS" "$SERVER_POD" >> /tmp/e2e-server.log 2>&1 || true
                kubectl describe -n "$NS" "$SERVER_POD" >> /tmp/e2e-server.log 2>&1 || true
              fi

              # Collect image updater logs (use head -1 to get only first matching pod)
              IMAGE_UPDATER_POD=$(kubectl get po -n "$NS" -o=name 2>/dev/null | grep 'image-updater' | head -1 || true)
              if [ -n "$IMAGE_UPDATER_POD" ]; then
                kubectl logs -n "$NS" "$IMAGE_UPDATER_POD" >> /tmp/e2e-image-updater.log 2>&1 || true
              fi
            done
          fi

          # Collect operator logs from argocd-operator-system namespace
          echo "--- Operator pods status ---" > /tmp/e2e-operator-run.log
          kubectl get pods -n argocd-operator-system -o wide >> /tmp/e2e-operator-run.log 2>&1 || true
          echo "" >> /tmp/e2e-operator-run.log

          # Collect logs from all operator pods (there might be multiple due to restarts)
          echo "--- Operator pod logs ---" >> /tmp/e2e-operator-run.log
          for pod in $(kubectl get po -n argocd-operator-system -o=name 2>/dev/null | grep controller-manager || true); do
            echo "" >> /tmp/e2e-operator-run.log
            echo "=== Logs from $pod ===" >> /tmp/e2e-operator-run.log
            kubectl logs -n argocd-operator-system "$pod" -c manager --tail=500 >> /tmp/e2e-operator-run.log 2>&1 || true
            # Also try previous container logs if pod restarted
            kubectl logs -n argocd-operator-system "$pod" -c manager --previous --tail=200 >> /tmp/e2e-operator-run.log 2>&1 || true
          done

          echo "" >> /tmp/e2e-operator-run.log
          echo "--- Operator deployment status ---" >> /tmp/e2e-operator-run.log
          kubectl get deployment -n argocd-operator-system -o yaml >> /tmp/e2e-operator-run.log 2>&1 || true

      - name: Upload operator logs
        uses: actions/upload-artifact@v7
        with:
          name: e2e-operator-run-${{ matrix.k3s-version }}.log
          path: /tmp/e2e-operator-run.log
        if: ${{ failure() }}

      - name: Upload ginkgo test logs
        uses: actions/upload-artifact@v7
        with:
          name: e2e-test-${{ matrix.k3s-version }}.log
          path: /tmp/e2e-test-ginkgo.log
        if: ${{ failure() }}

      - name: Upload application controller logs
        uses: actions/upload-artifact@v7
        with:
          name: e2e-application-controller-${{ matrix.k3s-version }}.log
          path: /tmp/e2e-application-controller.log
        if: ${{ failure() }}

      - name: Upload server logs
        uses: actions/upload-artifact@v7
        with:
          name: e2e-server-${{ matrix.k3s-version }}.log
          path: /tmp/e2e-server.log
        if: ${{ failure() }}

      - name: Upload image updater logs
        uses: actions/upload-artifact@v7
        with:
          name: e2e-image-updater-${{ matrix.k3s-version }}.log
          path: /tmp/e2e-image-updater.log
        if: ${{ failure() }}

      - name: Upload pod descriptions
        uses: actions/upload-artifact@v7
        with:
          name: e2e-pods-${{ matrix.k3s-version }}.log
          path: /tmp/pods.log
        if: ${{ failure() }}