diff --git a/.github/workflows/helm-e2e.yaml b/.github/workflows/helm-e2e.yaml new file mode 100644 index 0000000..c8ff67d --- /dev/null +++ b/.github/workflows/helm-e2e.yaml @@ -0,0 +1,152 @@ +name: Helm Integration Test + +on: + push: + branches: [ "main", "master" ] + pull_request: + branches: [ "main", "master" ] + workflow_dispatch: + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +jobs: + detect-changes: + runs-on: ubuntu-latest + outputs: + matrix: ${{ steps.set-matrix.outputs.matrix }} + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Detect changed charts + id: set-matrix + run: | + # Get changed files + if [ "${{ github.event_name }}" = "pull_request" ]; then + CHANGED_FILES=$(git diff --name-only ${{ github.event.pull_request.base.sha }} ${{ github.sha }}) + else + CHANGED_FILES=$(git diff --name-only HEAD~1 HEAD) + fi + + echo "Changed files:" + echo "$CHANGED_FILES" + + # Find changed charts + CHANGED_CHARTS=() + + # Check if mw-kube-agent-v3 chart changed + if echo "$CHANGED_FILES" | grep -E "^charts/mw-kube-agent-v3/" > /dev/null; then + CHANGED_CHARTS+=("mw-kube-agent-v3") + fi + + # Create matrix + if [ ${#CHANGED_CHARTS[@]} -eq 0 ]; then + echo "matrix={\"include\":[]}" >> "$GITHUB_OUTPUT" + echo "No charts changed" + else + # Build JSON matrix manually + MATRIX_JSON="{\"include\":[" + for i in "${!CHANGED_CHARTS[@]}"; do + if [ $i -gt 0 ]; then + MATRIX_JSON="$MATRIX_JSON," + fi + MATRIX_JSON="$MATRIX_JSON{\"chart\":\"${CHANGED_CHARTS[$i]}\"}" + done + MATRIX_JSON="$MATRIX_JSON]}" + + echo "matrix=$MATRIX_JSON" >> "$GITHUB_OUTPUT" + echo "Changed charts: ${CHANGED_CHARTS[*]}" + fi + + integration-test: + needs: detect-changes + if: needs.detect-changes.outputs.matrix != '{"include":[]}' + runs-on: ubuntu-latest + strategy: + matrix: ${{ fromJson(needs.detect-changes.outputs.matrix) }} + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Set up Helm + uses: azure/setup-helm@v4 + with: + version: v3.12.1 + + - name: Create kind cluster + uses: helm/kind-action@v1.10.0 + + - name: Update Helm dependencies + run: | + helm dependency update ./charts/${{ matrix.chart }} + + - name: Install Helm Chart + run: | + helm install ${{ matrix.chart }}-test ./charts/${{ matrix.chart }} \ + --set global.mw.apiKey=${{ secrets.MW_API_KEY }} \ + --set global.mw.target=${{ secrets.MW_TARGET }} \ + --set global.clusterMetadata.name=integration-test-cluster \ + --namespace mw-agent-ns --create-namespace + env: + MW_API_KEY: ${{ secrets.MW_API_KEY }} + MW_TARGET: ${{ secrets.MW_TARGET }} + + - name: Wait for Pods to be ready + run: sleep 120 + + - name: Check Pod status + run: | + kubectl get pods -n mw-agent-ns + + - name: Print logs for chart pods + run: | + + echo "=== Getting all pods in namespace mw-agent-ns ===" + PODS=$(kubectl get pods -n mw-agent-ns -o jsonpath='{.items[*].metadata.name}') + echo "Found pods: $PODS" + + for POD in $PODS; do + echo "" + echo "=== Logs for pod $POD ===" + kubectl logs -n mw-agent-ns $POD --all-containers=true --ignore-errors=true || echo "Could not get logs for $POD" + done + + - name: Check if pods are running + run: | + + echo "Checking pod status in namespace: mw-agent-ns" + + # Get all pods and their status + kubectl get pods -n mw-agent-ns -o wide + + # Check for any non-running pods + FAILED_PODS=$(kubectl get pods -n mw-agent-ns -o jsonpath='{range .items[*]}{.metadata.name}{" "}{.status.phase}{" "}{.status.containerStatuses[0].ready}{"\n"}{end}' | awk '$2!="Running" && $2!="Succeeded" || $3=="false" {print $1}') + + if [ -n "$FAILED_PODS" ]; then + echo "❌ The following pods are not healthy: $FAILED_PODS" + echo "" + echo "Pod details:" + for pod in $FAILED_PODS; do + echo "=== Pod: $pod ===" + kubectl describe pod -n mw-agent-ns $pod + echo "" + done + exit 1 + else + echo "✅ All pods are healthy in namespace mw-agent-ns" + fi + + - name: Sleep before cleanup + run: sleep 10 + + - name: Cleanup + if: always() + run: | + helm uninstall ${{ matrix.chart }}-test -n mw-agent-ns || echo "Failed to uninstall" + kubectl delete namespace mw-agent-ns || echo "Failed to delete namespace" \ No newline at end of file diff --git a/.github/workflows/mw-kube-agent-v2-tests.yaml b/.github/workflows/mw-kube-agent-v2-tests.yaml deleted file mode 100644 index 47cd12a..0000000 --- a/.github/workflows/mw-kube-agent-v2-tests.yaml +++ /dev/null @@ -1,85 +0,0 @@ -name: Helm Chart Tests - -on: - push: - branches: - - master - pull_request: - branches: - - master - -jobs: - test: - runs-on: ubuntu-latest - steps: - - name: Checkout code - uses: actions/checkout@v3 - - - name: Start Minikube - id: minikube - uses: medyagh/setup-minikube@latest - - - name: Set up Kubectl - uses: azure/setup-kubectl@v3 - with: - version: 'latest' - - - name: Set up Helm - uses: azure/setup-helm@v4.2.0 - - - name: Install Kubernetes and Helm dependencies - run: | - sudo apt-get install -y kubectl - helm repo add stable https://charts.helm.sh/stable - - - name: Lint Helm chart - run: helm lint ./charts/mw-kube-agent-v2 - - - name: Render Helm templates with apiKeyFromExistingSecret enabled - run: helm template my-release ./charts/mw-kube-agent-v2 --values ./charts/mw-kube-agent-v2/testvalues/api-key-from-existing-secret-enabled.yaml > rendered-with-secret.yaml - - - name: Render Helm templates with apiKeyFromExistingSecret disabled - run: helm template my-release ./charts/mw-kube-agent-v2 --values ./charts/mw-kube-agent-v2/testvalues/api-key-from-existing-secret-disabled.yaml > rendered-no-secret.yaml - - - name: Apply Helm chart with apiKeyFromExistingSecret enabled - run: | - helm install my-release ./charts/mw-kube-agent-v2 --values ./charts/mw-kube-agent-v2/testvalues/api-key-from-existing-secret-enabled.yaml - - - name: Validate Secret with apiKeyFromExistingSecret enabled - run: | - sleep 10 # Wait for resources to be created - SECRET_VALUE=$(kubectl get secret middleware-secret -n mw-agent-ns -o jsonpath='{.data.api-key}' | base64 --decode) - echo "Secret value with apiKeyFromExistingSecret enabled: $SECRET_VALUE" - if [[ "$SECRET_VALUE" != "fallback-api-key" ]]; then - echo "Test passed for apiKeyFromExistingSecret enabled" - else - echo "Test failed for apiKeyFromExistingSecret enabled" - exit 1 - fi - - - name: Clean up with apiKeyFromExistingSecret enabled - run: | - helm uninstall my-release - kubectl delete ns mw-agent-ns - - - name: Apply Helm chart with apiKeyFromExistingSecret disabled - run: | - kubectl create ns mw-agent-ns - helm install my-release ./charts/mw-kube-agent-v2 --values ./charts/mw-kube-agent-v2/testvalues/api-key-from-existing-secret-disabled.yaml - - - name: Validate Secret with apiKeyFromExistingSecret disabled - run: | - sleep 10 # Wait for resources to be created - SECRET_VALUE=$(kubectl get secret middleware-secret -n mw-agent-ns -o jsonpath='{.data.api-key}' | base64 --decode) - echo "Secret value with apiKeyFromExistingSecret disabled: $SECRET_VALUE" - if [[ "$SECRET_VALUE" == "fallback-api-key" ]]; then - echo "Test passed for apiKeyFromExistingSecret disabled" - else - echo "Test failed for apiKeyFromExistingSecret disabled" - exit 1 - fi - - - name: Clean up with apiKeyFromExistingSecret disabled - run: | - helm uninstall my-release - kubectl delete ns mw-agent-ns