diff --git a/.github/workflows/e2e-suite.yml b/.github/workflows/e2e-suite.yml index 8187c71f5..735da417c 100644 --- a/.github/workflows/e2e-suite.yml +++ b/.github/workflows/e2e-suite.yml @@ -7,16 +7,20 @@ on: description: 'Use minimal test account' required: false default: 'false' - module: - description: "The module from 'test/integration' to the target to be tested, e.g. 'cli, domains, events, etc'" + test_path: + description: "The path from 'test/integration' to the target to be tested, e.g. 'cli'" required: false sha: description: 'The hash value of the commit.' - required: true + required: false default: '' pull_request_number: description: 'The number of the PR. Ensure sha value is provided' required: false + openapi_spec_url: + description: 'URL of the OpenAPI spec to use for the tests' + required: false + default: '' push: branches: - main @@ -28,6 +32,15 @@ jobs: runs-on: ubuntu-latest if: github.event_name == 'workflow_dispatch' && inputs.sha != '' || github.event_name == 'push' || github.event_name == 'pull_request' steps: + - name: Validate Test Path + uses: actions-ecosystem/action-regex-match@v2 + id: validate-tests + if: ${{ inputs.test_path != '' }} + with: + text: ${{ inputs.test_path }} + regex: '[^a-z0-9-:.\/_]' # Tests validation + flags: gi + - name: Checkout Repository with SHA if: ${{ inputs.sha != '' }} uses: actions/checkout@v4 @@ -82,8 +95,22 @@ jobs: pip install certifi -U && \ pip install .[obj,dev] + - name: Download kubectl and calicoctl for LKE clusters + run: | + curl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl" + curl -LO "https://github.com/projectcalico/calico/releases/download/v3.25.0/calicoctl-linux-amd64" + chmod +x calicoctl-linux-amd64 kubectl + mv calicoctl-linux-amd64 /usr/local/bin/calicoctl + mv kubectl /usr/local/bin/kubectl + + - name: Set OpenAPI Spec URL + if: ${{ inputs.openapi_spec_url != '' }} + run: | + echo "Using OpenAPI Spec URL: ${{ inputs.openapi_spec_url }}" + echo "OPENAPI_SPEC_URL=${{ inputs.openapi_spec_url }}" >> $GITHUB_ENV + - name: Install Package - run: make install + run: make install SPEC="${{ env.OPENAPI_SPEC_URL }}" env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -95,10 +122,24 @@ jobs: run: | timestamp=$(date +'%Y%m%d%H%M') report_filename="${timestamp}_cli_test_report.xml" - make testint TEST_ARGS="--junitxml=${report_filename}" MODULE="${{ inputs.module }}" + if [ -n "$OPENAPI_SPEC_URL" ]; then + echo "Running tests with OpenAPI spec from: $OPENAPI_SPEC_URL" + make testint TEST_ARGS="--junitxml=${report_filename}" + else + echo "Running tests with default OpenAPI spec" + make testint TEST_ARGS="--junitxml=${report_filename}" + fi + if: ${{ steps.validate-tests.outputs.match == '' || inputs.test_path == '' }} env: LINODE_CLI_TOKEN: ${{ env.LINODE_CLI_TOKEN }} + - name: Apply Calico Rules to LKE + if: always() + run: | + cd scripts && ./lke_calico_rules_e2e.sh + env: + LINODE_TOKEN: ${{ env.LINODE_CLI_TOKEN }} + - name: Upload test results if: always() run: | @@ -143,75 +184,10 @@ jobs: }); return result; - apply-calico-rules: - runs-on: ubuntu-latest - needs: [integration_tests] - if: ${{ success() || failure() }} - - steps: - - name: Checkout code - uses: actions/checkout@v4 - with: - fetch-depth: 0 - submodules: 'recursive' - - - name: Set LINODE_CLI_TOKEN - run: | - echo "LINODE_CLI_TOKEN=${{ secrets[inputs.use_minimal_test_account == 'true' && 'MINIMAL_LINODE_TOKEN' || 'LINODE_TOKEN'] }}" >> $GITHUB_ENV - - - name: Download kubectl and calicoctl for LKE clusters - run: | - curl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl" - curl -LO "https://github.com/projectcalico/calico/releases/download/v3.25.0/calicoctl-linux-amd64" - chmod +x calicoctl-linux-amd64 kubectl - mv calicoctl-linux-amd64 /usr/local/bin/calicoctl - mv kubectl /usr/local/bin/kubectl - - - name: Apply Calico Rules to LKE - run: | - cd e2e_scripts/cloud_security_scripts/lke_calico_rules/ && ./lke_calico_rules_e2e.sh - env: - LINODE_TOKEN: ${{ env.LINODE_CLI_TOKEN }} - - add-fw-to-remaining-instances: - runs-on: ubuntu-latest - needs: [integration_tests] - if: ${{ success() || failure() }} - - steps: - - name: Set up Python - uses: actions/setup-python@v5 - with: - python-version: '3.x' - - - name: Install Linode CLI - run: | - pip install linode-cli - - - name: Set LINODE_CLI_TOKEN - run: | - echo "LINODE_CLI_TOKEN=${{ secrets[inputs.use_minimal_test_account == 'true' && 'MINIMAL_LINODE_TOKEN' || 'LINODE_TOKEN'] }}" >> $GITHUB_ENV - - - name: Create Firewall and Attach to Instances - run: | - FIREWALL_ID=$(linode-cli firewalls create --label "e2e-fw-$(date +%s)" --rules.inbound_policy "DROP" --rules.outbound_policy "ACCEPT" --text --format=id --no-headers) - echo "Created Firewall with ID: $FIREWALL_ID" - - for instance_id in $(linode-cli linodes list --format "id" --text --no-header); do - echo "Attaching firewall to instance: $instance_id" - if linode-cli firewalls device-create "$FIREWALL_ID" --id "$instance_id" --type linode; then - echo "Firewall attached to instance $instance_id successfully." - else - echo "An error occurred while attaching firewall to instance $instance_id. Skipping..." - fi - done - env: - LINODE_CLI_TOKEN: ${{ env.LINODE_CLI_TOKEN }} - notify-slack: runs-on: ubuntu-latest needs: [integration_tests] - if: ${{ (success() || failure()) && github.repository == 'linode/linode-cli' }} # Run even if integration tests fail and only on main repository + if: always() && github.repository == 'linode/linode-cli' # Run even if integration tests fail and only on main repository steps: - name: Notify Slack