Skip to content

ci: Add codecov support #762

ci: Add codecov support

ci: Add codecov support #762

Workflow file for this run

on:
- push
- pull_request
- workflow_call
name: Continuous integration
# Declare default permissions as read only.
permissions: read-all
env:
CARGO_TERM_COLOR: always
jobs:
check:
name: Cargo check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af # v1.0.7
with:
profile: minimal
toolchain: stable
override: true
- uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 # v1.0.3
with:
command: check
version-check:
name: Check Cargo.toml version
if: github.ref_type == 'tag'
runs-on: ubuntu-latest
steps:
- name: Download source code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Check cargo file version
run: |
CARGO_VERSION=$(sed -n 's,^version = \"\(.*\)\",\1,p' Cargo.toml)
TAG_VERSION=$(echo ${{ github.ref_name }} | sed 's/v//')
if [ "$CARGO_VERSION" != "$TAG_VERSION" ];then
echo "::error title=Invalid Cargo.toml version::Cargo.toml version does not match the tag version"
exit 1
fi
test:
name: Unit tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af # v1.0.7
with:
profile: minimal
toolchain: stable
override: true
- uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 # v1.0.3
with:
command: test
args: --workspace --bins
e2e-tests:
name: E2E tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0
- name: run e2e tests
run: make e2e-tests
coverage:
name: coverage
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # v4.0.0
- uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af # v1.0.7
with:
profile: minimal
toolchain: stable
override: true
- uses: taiki-e/install-action@5794068c211bc8f5f4514b7c3f03d6adbe66f1b7 # v2.26.18
with:
tool: cargo-tarpaulin
- name: Generate unit-tests coverage
run: make coverage-unit-tests
- name: Upload unit-tests coverage to Codecov
uses: codecov/codecov-action@e0b68c6749509c5f83f984dd99a76a1c1a231044 # v4.0.1
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_ORG_TOKEN }}
with:
name: unit-tests
directory: coverage/unit-tests
flags: unit-tests
verbose: true
- uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0
- name: Generate e2e-tests coverage
run: make coverage-e2e-tests
- name: Upload e2e-tests coverage to Codecov
uses: codecov/codecov-action@e0b68c6749509c5f83f984dd99a76a1c1a231044 # v4.0.1
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_ORG_TOKEN }}
with:
name: e2e-tests
directory: coverage/e2e-tests
flags: e2e-tests
verbose: true
fmt:
name: Rustfmt
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af # v1.0.7
with:
profile: minimal
toolchain: stable
override: true
- run: rustup component add rustfmt
- uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 # v1.0.3
with:
command: fmt
args: --all -- --check
clippy:
name: Clippy
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af # v1.0.7
with:
profile: minimal
toolchain: stable
override: true
- run: rustup component add clippy
- uses: actions-rs/cargo@844f36862e911db73fe0815f00a4a2602c279505 # v1.0.3
with:
command: clippy
args: -- -D warnings
shellcheck:
name: Shellcheck
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- run: shellcheck $(find scripts/ -name '*.sh')
airgap-e2e-test:
name: Airgap E2E test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Run registry
run: |
export CONTAINER_ID=$(docker run -d -p 5000:5000 --name registry registry:2)
echo "CONTAINER_ID=${CONTAINER_ID}" >> $GITHUB_ENV
- name: Install kwctl
run: cargo install --path .
- name: Save policies
run: ./scripts/kubewarden-save-policies.sh --policies-list tests/data/airgap/policies.txt --policies policies.tar.gz
- name: Remove policies from store
run: |
kwctl rm registry://ghcr.io/kubewarden/tests/pod-privileged:v0.1.9
kwctl rm https://github.com/kubewarden/pod-privileged-policy/releases/download/v0.1.6/policy.wasm
- name: Load policies
run: |
./scripts/kubewarden-load-policies.sh \
--policies policies.tar.gz \
--policies-list tests/data/airgap/policies.txt \
--registry localhost:5000 \
--sources-path tests/data/airgap/insecure.yml
- name: Verify policies in local registry
run: |
kwctl pull registry://localhost:5000/kubewarden/tests/pod-privileged:v0.1.9 \
--sources-path tests/data/airgap/insecure.yml
kwctl pull registry://localhost:5000/kubewarden/pod-privileged-policy/releases/download/v0.1.6/policy.wasm \
--sources-path tests/data/airgap/insecure.yml
- name: Clean up - delete registry
if: always()
run: |
docker rm -f ${{ env.CONTAINER_ID }}