-
Notifications
You must be signed in to change notification settings - Fork 16
138 lines (128 loc) · 5.23 KB
/
multicluster-e2e.yaml
File metadata and controls
138 lines (128 loc) · 5.23 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
name: Multicluster E2E tests
on:
push:
branches:
- main
paths:
- 'fleetshard/pkg/runtime/**'
- 'fleetshard/pkg/reconciler/**'
- '.github/workflows/multicluster-e2e.yaml'
- 'scripts/ci/**'
- 'scripts/lib/**'
- 'internal/central/pkg/handlers/admin_central.go'
- 'internal/central/pkg/services/central.go'
pull_request:
types: [opened, synchronize, reopened, ready_for_review]
paths:
- 'fleetshard/pkg/runtime/**'
- 'fleetshard/pkg/reconciler/**'
- '.github/workflows/multicluster-e2e.yaml'
- 'scripts/ci/**'
- 'scripts/lib/**'
- 'internal/central/pkg/handlers/admin_central.go'
- 'internal/central/pkg/services/central.go'
# Cancel previous runs
# see: https://docs.github.com/en/actions/how-tos/write-workflows/choose-when-workflows-run/control-workflow-concurrency
concurrency:
group: ${{ github.workflow }}-${{ github.ref || github.run_id }}
cancel-in-progress: true
jobs:
create-cluster:
name: "Create Test Infra Clusters"
runs-on: ubuntu-latest
if: ${{ !github.event.pull_request.head.repo.fork && !github.event.pull_request.draft }} # do not run for PRs from forks and drafts
environment: development
strategy:
matrix:
name: [acscs1, acscs2]
outputs:
cluster_id: ${{ steps.cluster_id.outputs.short_sha }}
steps:
- name: Generate cluster ID
id: cluster_id
run: |
# OSD cluster names are limited to 15 characters.
# Use first 7 chars of commit SHA for traceability and uniqueness.
# Format: <prefix>-<7-char-sha> (e.g., acscs1-a1b2c3d = 14 chars)
SHORT_SHA=$(echo "${{ github.sha }}" | cut -c1-7)
echo "short_sha=$SHORT_SHA" >> "$GITHUB_OUTPUT"
- name: Create cluster
uses: stackrox/actions/infra/create-cluster@v1
with:
token: ${{ secrets.INFRA_TOKEN }}
flavor: osd-on-aws
name: ${{ matrix.name }}-${{ steps.cluster_id.outputs.short_sha }}
description: "Used for acs-fleet-manager Multicluster E2E tests. Workflow run: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}"
lifespan: 3h
args: nodes=3,machine-type=m5.2xlarge
wait: true
no-slack: true
e2e-test:
name: "Multicluster e2e tests"
runs-on: ubuntu-latest
if: ${{ !github.event.pull_request.head.repo.fork && !github.event.pull_request.draft }} # do not run for PRs from forks and drafts
needs: [create-cluster]
environment: development
env:
INFRA_TOKEN: ${{ secrets.INFRA_TOKEN }}
AWS_AUTH_HELPER: "none"
permissions:
id-token: write
contents: read
steps:
- name: Install infractl
uses: stackrox/actions/infra/install-infractl@v1
- name: Install oc
uses: redhat-actions/oc-installer@v1
- name: Check out code
uses: actions/checkout@v4
- name: Set cluster credentials
run: |
set -eo pipefail
SHORT_SHA=$(echo "${{ github.sha }}" | cut -c1-7)
mkdir kube
cluster1Conf="$(pwd)/kube/cluster1"
url=$(infractl artifacts "acscs1-${SHORT_SHA}" --json | jq '.Artifacts[] | select(.Name=="kubeconfig") | .URL' -r)
wget -O "$cluster1Conf" "$url"
cluster2Conf="$(pwd)/kube/cluster2"
url=$(infractl artifacts "acscs2-${SHORT_SHA}" --json | jq '.Artifacts[] | select(.Name=="kubeconfig") | .URL' -r)
wget -O "$cluster2Conf" "$url"
echo "CLUSTER_1_KUBECONFIG=$cluster1Conf" >> "$GITHUB_ENV"
echo "CLUSTER_2_KUBECONFIG=$cluster2Conf" >> "$GITHUB_ENV"
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v5.1.0
with:
aws-region: ${{ secrets.AWS_REGION }}
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/github
- name: Set registry.redhat.io credentials
run: |
set -eo pipefail
KUBECONFIG=$CLUSTER_1_KUBECONFIG oc get secret/pull-secret -n openshift-config --template='{{index .data ".dockerconfigjson" | base64decode}}' > dockercfg
creds=$(jq '.auths."registry.redhat.io".auth' -r < dockercfg | base64 -d)
user=$(echo "$creds" | cut -d':' -f1)
pw=$(echo "$creds" | cut -d':' -f2)
echo "RH_REGISTRY_USER=$user" >> "$GITHUB_ENV"
echo "RH_REGISTRY_PW=$pw" >> "$GITHUB_ENV"
- name: "Run"
env:
RUN_MULTICLUSTER_E2E: "true"
ENABLE_CENTRAL_EXTERNAL_DOMAIN: "true"
run: "scripts/ci/multicluster_tests/entrypoint.sh"
cleanup-clusters:
name: "Cleanup Test Infra Clusters"
runs-on: ubuntu-latest
needs: [create-cluster, e2e-test]
if: ${{ !github.event.pull_request.head.repo.fork && !github.event.pull_request.draft && always() }} # do not run for PRs from forks
environment: development
env:
INFRA_TOKEN: ${{ secrets.INFRA_TOKEN }}
steps:
- name: Install infractl
uses: stackrox/actions/infra/install-infractl@v1
- name: Delete test clusters
run: |
set -o pipefail
SHORT_SHA=$(echo "${{ github.sha }}" | cut -c1-7)
infractl delete "acscs1-${SHORT_SHA}"
infractl delete "acscs2-${SHORT_SHA}"
exit 0