From 1f0bec99e4b420799c9b31a585d5ddabfd33baca Mon Sep 17 00:00:00 2001
From: Aryan-sharma11 <aryan1126.sharma@gmail.com>
Date: Mon, 29 Jul 2024 12:52:05 +0530
Subject: [PATCH] fix latest CI

Signed-off-by: Aryan-sharma11 <aryan1126.sharma@gmail.com>
---
 .github/workflows/temp-ci-test.yaml | 143 ++++++++++++++++++++++++++++
 1 file changed, 143 insertions(+)
 create mode 100644 .github/workflows/temp-ci-test.yaml

diff --git a/.github/workflows/temp-ci-test.yaml b/.github/workflows/temp-ci-test.yaml
new file mode 100644
index 0000000000..8a8341a5ce
--- /dev/null
+++ b/.github/workflows/temp-ci-test.yaml
@@ -0,0 +1,143 @@
+name: ci-test-runner
+
+on:
+  push:
+    branches: [main]
+    paths:
+      - "KubeArmor/**"
+      - "tests/**"
+      - "protobuf/**"
+      - ".github/workflows/temp-ci-test.yml"
+      - "pkg/KubeArmorOperator/**"
+      - "deployments/helm/**"
+  pull_request:
+    branches: [main]
+    paths:
+      - "KubeArmor/**"
+      - "tests/**"
+      - "protobuf/**"
+      - ".github/workflows/temp-ci-test.yml"
+      - "pkg/KubeArmorOperator/**"
+      - "deployments/helm/**"
+permissions: read-all
+
+jobs:
+  check:
+    name: Check what pkg were updated
+    if: github.repository == 'kubearmor/kubearmor'
+    runs-on: ubuntu-20.04
+    timeout-minutes: 5
+    outputs:
+      kubearmor: ${{ steps.filter.outputs.kubearmor}}
+      controller: ${{ steps.filter.outputs.controller }}
+    steps:
+    - uses: actions/checkout@v3
+    - uses: dorny/paths-filter@v2
+      id: filter
+      with:
+        filters: |
+          kubearmor:
+            - "KubeArmor/**"
+            - "protobuf/**"
+          controller:
+            - 'pkg/KubeArmorController/**'
+  build:
+      name: Testing Runner
+      needs: check
+      runs-on: ubuntu-latest-16-cores
+      permissions:
+        id-token: write
+      timeout-minutes: 120
+      steps:
+        - uses: actions/checkout@v3
+          with:
+            submodules: true
+
+        - uses: actions/setup-go@v5
+          with:
+            go-version-file: 'KubeArmor/go.mod'
+
+        - name: Install the latest LLVM toolchain
+          run: ./.github/workflows/install-llvm.sh
+
+        - name: Compile libbpf
+          run: ./.github/workflows/install-libbpf.sh
+
+        - name: Setup a Kubernetes enviroment
+          id: vars
+          run: |
+            if [ ${{ github.ref }} == "refs/heads/main" ]; then
+              echo "tag=latest" >> $GITHUB_OUTPUT
+            else
+              echo "tag=${GITHUB_REF#refs/*/}" >> $GITHUB_OUTPUT
+            fi
+            RUNTIME=containerd ./contribution/k3s/install_k3s.sh
+
+        - name: Generate KubeArmor artifacts
+          run: GITHUB_SHA=$GITHUB_SHA ./KubeArmor/build/build_kubearmor.sh ${{ steps.vars.outputs.tag }}
+
+        - name: Build Kubearmor-Operator
+          working-directory: pkg/KubeArmorOperator
+          run: |
+            make docker-build TAG=${{ steps.vars.outputs.tag }}
+
+        - name: deploy pre existing pod
+          run: |
+            kubectl apply -f ./tests/k8s_env/ksp/pre-run-pod.yaml
+            sleep 60
+            kubectl get pods -A
+
+        - name: Run KubeArmor
+          run: |
+            docker save kubearmor/kubearmor-init:${{ steps.vars.outputs.tag }} | sudo k3s ctr images import -
+            docker save kubearmor/kubearmor:${{ steps.vars.outputs.tag }} | sudo k3s ctr images import -
+            docker save kubearmor/kubearmor-operator:${{ steps.vars.outputs.tag }} | sudo k3s ctr images import -
+            docker save kubearmor/kubearmor-snitch:${{ steps.vars.outputs.tag }} | sudo k3s ctr images import -
+
+            helm upgrade --install kubearmor-operator ./deployments/helm/KubeArmorOperator -n kubearmor --create-namespace --set kubearmorOperator.image.tag=${{ steps.vars.outputs.tag }}
+            kubectl wait --for=condition=ready --timeout=5m -n kubearmor pod -l kubearmor-app=kubearmor-operator
+            kubectl get pods -A
+            if [[ ${{ steps.vars.outputs.tag }} == v* ]]; then
+              sed -i '/image: kubearmor\/kubearmor-controller:latest/!{/image: kubearmor\/kubearmor-relay-server:latest/!s/latest/${{ steps.vars.outputs.tag }}/g}' pkg/KubeArmorOperator/config/samples/kubearmor-test.yaml
+            fi
+            kubectl apply -f pkg/KubeArmorOperator/config/samples/kubearmor-test.yaml
+            kubectl wait -n kubearmor --timeout=5m --for=jsonpath='{.status.phase}'=Running kubearmorconfigs/kubearmorconfig-test
+            kubectl wait --timeout=7m --for=condition=ready pod -l kubearmor-app,kubearmor-app!=kubearmor-snitch,kubearmor-app!=kubearmor-controller -n kubearmor
+            kubectl wait --timeout=1m --for=condition=ready pod -l kubearmor-app=kubearmor-controller -n kubearmor
+            kubectl get pods -A
+
+        - name: Test KubeArmor using Ginkgo
+          run: |
+            go install -mod=mod github.com/onsi/ginkgo/v2/ginkgo
+            make -C tests/k8s_env/
+          timeout-minutes: 30
+
+        - name: Get karmor sysdump
+          if: ${{ failure() }}
+          run: |
+            kubectl describe pod -n kubearmor -l kubearmor-app=kubearmor
+            curl -sfL http://get.kubearmor.io/ | sudo sh -s -- -b /usr/local/bin
+            mkdir -p /tmp/kubearmor/ && cd /tmp/kubearmor && karmor sysdump
+      - name: Archive log artifacts
+        if: ${{ failure() }}
+        uses: actions/upload-artifact@v3
+        with:
+          name: kubearmor.logs
+          path: |
+            /tmp/kubearmor/
+            /tmp/kubearmor.*
+
+      - name: Measure code coverage
+        if: ${{ always() }}
+        run: |
+          go install github.com/modocache/gover@latest
+          gover
+          go tool cover -func=gover.coverprofile
+        working-directory: KubeArmor
+        env:
+          GOPATH: /home/runner/go
+
+      - uses: codecov/codecov-action@v3
+        if: ${{ always() }}
+        with:
+          files: ./KubeArmor/gover.coverprofile
\ No newline at end of file