From 7280f48ba5ec3ff4c47cb22243fdca1c5beabe11 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Ko=C5=82odziejczak?= <69915024+kolodziejczak@users.noreply.github.com> Date: Wed, 25 Sep 2024 09:29:19 +0200 Subject: [PATCH] Add pipeline workflow for the release branch (#1025) * Add pipeline workflow for the release branch * Add separate workflow for int tests pr int tests * Add proper dependencies for jobs --- .github/workflows/create-release.yaml | 4 +- .../pull-integration-gardener-release.yaml | 25 +-- .../workflows/pull-integration-release.yaml | 57 +++++++ .github/workflows/pull-request-release.yaml | 147 ++++++++++++++++++ .github/workflows/pull-request.yaml | 1 - 5 files changed, 208 insertions(+), 26 deletions(-) create mode 100644 .github/workflows/pull-integration-release.yaml create mode 100644 .github/workflows/pull-request-release.yaml diff --git a/.github/workflows/create-release.yaml b/.github/workflows/create-release.yaml index 8609c7bb2..0f7b267a4 100644 --- a/.github/workflows/create-release.yaml +++ b/.github/workflows/create-release.yaml @@ -45,6 +45,7 @@ jobs: build-image: uses: kyma-project/test-infra/.github/workflows/image-builder.yml@main + needs: [check-prerequisites] with: name: istio-manager dockerfile: Dockerfile @@ -55,6 +56,7 @@ jobs: build-image-experimental: uses: kyma-project/test-infra/.github/workflows/image-builder.yml@main + needs: [ check-prerequisites ] with: name: istio-manager dockerfile: Dockerfile @@ -67,7 +69,7 @@ jobs: create-draft: name: Create draft release runs-on: ubuntu-latest - needs: [check-prerequisites, build-image, build-image-experimental] + needs: [build-image, build-image-experimental] steps: - name: Checkout code uses: actions/checkout@v4 diff --git a/.github/workflows/pull-integration-gardener-release.yaml b/.github/workflows/pull-integration-gardener-release.yaml index 82d22952b..25adb0e2c 100644 --- a/.github/workflows/pull-integration-gardener-release.yaml +++ b/.github/workflows/pull-integration-gardener-release.yaml @@ -1,15 +1,7 @@ -# This workflow is responsible for all kinds of integration tests run on pull request to release branch. -# Those tests depend on a container image, so in the first job we wait for the image build to succeed. - name: PR-release Integration Gardener on: - # pull_request_target runs workflows from the base of PR - # It allows the workflow to get the repository secrets - pull_request_target: - types: [ synchronize, opened, reopened, ready_for_review ] - branches: - - 'release-**' + workflow_call: jobs: filter-changes: @@ -33,22 +25,9 @@ jobs: - name: List all changed files run: echo '${{ steps.changed-files.outputs.all_changed_files }}' - build-image: - name: Build manager image - needs: [ filter-changes ] - if: ${{ github.event.pull_request.draft == false && needs.filter-changes.outputs.check == 'true' }} - uses: kyma-project/test-infra/.github/workflows/image-builder.yml@main # Usage: kyma-project/test-infra/.github/workflows/image-builder.yml@main - with: - name: istio-manager - dockerfile: Dockerfile - context: . - build-args: | - VERSION=PR-${{ github.event.pull_request.head.sha }} - istio-integration-gcp: name: Istio integration test GCP runs-on: ubuntu-latest - needs: [build-image] steps: - uses: actions/checkout@v4 with: @@ -80,7 +59,6 @@ jobs: istio-integration-aws-specific: name: Istio integration test AWS specific runs-on: ubuntu-latest - needs: [build-image] steps: - uses: actions/checkout@v4 with: @@ -112,7 +90,6 @@ jobs: istio-integration-gcp-specific: name: Istio integration test GCP specific runs-on: ubuntu-latest - needs: [build-image] steps: - uses: actions/checkout@v4 with: diff --git a/.github/workflows/pull-integration-release.yaml b/.github/workflows/pull-integration-release.yaml new file mode 100644 index 000000000..92e24ccf0 --- /dev/null +++ b/.github/workflows/pull-integration-release.yaml @@ -0,0 +1,57 @@ +# This workflow is responsible for all kinds of integration tests run on pull request. +# Those tests depend on a container image so in the first job we wait for the image build to succeed. + +name: Release Pull Request integration tests + +on: + workflow_call: + +jobs: + k8s-compatibility-test: + name: Kubernetes version compatibility test + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: ./.github/actions/k8s-compatibility-test + with: + operator-image-name: "europe-docker.pkg.dev/kyma-project/dev/istio-manager:PR-${{github.event.number}}" + + istio-upgrade-integration-test: + name: Istio upgrade integration test + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - uses: ./.github/actions/upgrade-integration-test + with: + operator-image-name: "europe-docker.pkg.dev/kyma-project/dev/istio-manager:PR-${{github.event.number}}" + target_branch: ${{ github.base_ref }} + + istio-integration-test: + name: Istio integration test + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - uses: ./.github/actions/integration-test + with: + evaluation: false + operator-image-name: "europe-docker.pkg.dev/kyma-project/dev/istio-manager:PR-${{github.event.number}}" + servers-memory: "16" + agents: 2 + + istio-integration-test-evaluation: + name: Istio integration test evaluation + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - uses: ./.github/actions/integration-test + with: + evaluation: true + operator-image-name: "europe-docker.pkg.dev/kyma-project/dev/istio-manager:PR-${{github.event.number}}" + servers-memory: "4" + agents: 0 diff --git a/.github/workflows/pull-request-release.yaml b/.github/workflows/pull-request-release.yaml new file mode 100644 index 000000000..64181e76d --- /dev/null +++ b/.github/workflows/pull-request-release.yaml @@ -0,0 +1,147 @@ +name: Release Pull Request pipeline +on: + pull_request_target: + types: [ synchronize, opened, reopened, ready_for_review ] + branches: + - 'release-**' +jobs: + check-build-image: + outputs: + check: ${{ steps.changed-files.outputs.any_modified }} + name: Check whether build image should run + runs-on: ubuntu-latest + if: ${{ github.event.pull_request.draft == false }} + steps: + - uses: actions/checkout@v4 + - uses: tj-actions/changed-files@e9772d140489982e0e3704fea5ee93d536f1e275 + id: changed-files + with: + files_ignore: | + docs/** + **/*.md + tests/performance/** + OWNERS + CODEOWNERS + .reuse/** + - name: List all changed files + run: echo '${{ steps.changed-files.outputs.all_changed_files }}' >> $GITHUB_STEP_SUMMARY + build-image: + name: Build manager image + needs: [check-build-image] + environment: ${{ github.event.pull_request.author_association != 'COLLABORATOR' && github.event.pull_request.author_association != 'OWNER' && 'restricted' || 'internal' }} + if: ${{ github.event.pull_request.draft == false && needs.filter-changes.outputs.check == 'true' }} + uses: kyma-project/test-infra/.github/workflows/image-builder.yml@main # Usage: kyma-project/test-infra/.github/workflows/image-builder.yml@main + with: + name: istio-manager + dockerfile: Dockerfile + context: . + build-args: | + VERSION=PR-${{ github.event.number }} + + check-unit-test: + outputs: + check: ${{ steps.changed-files.outputs.any_modified }} + name: Check whether unit test & lint should run based on the changed files + if: github.event.pull_request.draft == false + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: tj-actions/changed-files@e9772d140489982e0e3704fea5ee93d536f1e275 + id: changed-files + with: + files_ignore: | + docs/** + **/*.md + tests/performance/** + OWNERS + CODEOWNERS + sec-scanners-config.yaml + .reuse/** + - name: List all changed files + run: echo '${{ steps.changed-files.outputs.all_changed_files }}' >> $GITHUB_STEP_SUMMARY + dispatch-unit-test: + name: Dispatch unit test + needs: [check-unit-test] + uses: ./.github/workflows/pull-unit-lint.yaml + if: ${{ needs.check-unit-test.outputs.check == 'true' }} + secrets: inherit + + check-integration: + outputs: + check: ${{ steps.changed-files.outputs.any_modified }} + name: Check whether integration tests should run based on the changed files + if: github.event.pull_request.draft == false + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: tj-actions/changed-files@e9772d140489982e0e3704fea5ee93d536f1e275 + id: changed-files + with: + files_ignore: | + docs/** + **/*.md + tests/performance/** + OWNERS + CODEOWNERS + sec-scanners-config.yaml + .reuse/** + - name: List all changed files + run: echo '${{ steps.changed-files.outputs.all_changed_files }}' >> $GITHUB_STEP_SUMMARY + dispatch-integration: + name: Dispatch integration tests + needs: [check-integration,build-image] + uses: ./.github/workflows/pull-integration-release.yaml + if: ${{ needs.check-integration.outputs.check == 'true' }} + secrets: inherit + dispatch-integration-gardener: + name: Dispatch Gardener integration tests + needs: [check-integration,build-image] + uses: ./.github/workflows/pull-integration-gardener-release.yaml + if: ${{ needs.check-integration.outputs.check == 'true' }} + secrets: inherit + + check-ui: + outputs: + check: ${{ steps.changed-files.outputs.any_modified }} + name: Check whether UI tests should run based on the changed files + if: github.event.pull_request.draft == false + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: tj-actions/changed-files@e9772d140489982e0e3704fea5ee93d536f1e275 + id: changed-files + with: + files: | + config/ui-extensions/** + config/crd/** + tests/ui/** + .github/workflows/ui-tests.yaml + - name: List all changed files + run: echo '${{ steps.changed-files.outputs.all_changed_files }}' >> $GITHUB_STEP_SUMMARY + dispatch-ui: + name: Dispatch UI tests + needs: [check-ui,build-image] + uses: ./.github/workflows/ui-tests.yaml + if: ${{ needs.check-ui.outputs.check == 'true' }} + secrets: inherit + + check-verify-pins: + outputs: + check: ${{ steps.changed-files.outputs.any_modified }} + name: Check whether to run verify-commit-pins + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: tj-actions/changed-files@e9772d140489982e0e3704fea5ee93d536f1e275 + id: changed-files + with: + files: | + .github/workflows/** + - name: List all changed files + run: echo '${{ steps.changed-files.outputs.all_changed_files }}' >> $GITHUB_STEP_SUMMARY + dispatch-verify-pins: + name: Dispatch verify-commit-pins + needs: [check-verify-pins] + uses: ./.github/workflows/verify-commit-pins.yaml + if: ${{ needs.check-verify-pins.outputs.check == 'true' }} + secrets: inherit diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml index af0d48097..7b7fc2d53 100644 --- a/.github/workflows/pull-request.yaml +++ b/.github/workflows/pull-request.yaml @@ -4,7 +4,6 @@ on: types: [ synchronize, opened, reopened, ready_for_review ] branches: - main - - 'release-**' jobs: check-build-image: outputs: