forked from confidential-containers/cloud-api-adaptor
-
Notifications
You must be signed in to change notification settings - Fork 0
285 lines (263 loc) · 9.76 KB
/
e2e_run_all.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
# (C) Copyright Confidential Containers Contributors 2023.
# SPDX-License-Identifier: Apache-2.0
#
# Run end-to-end (e2e) tests.
---
name: (Callable) Run all e2e tests
on:
workflow_call:
inputs:
caa_image_tag:
description: set the cloud-api-adaptor image tag
required: true
type: string
git_ref:
default: 'main'
description: Git ref to checkout the cloud-api-adaptor repository. Defaults to main.
required: false
type: string
podvm_image_tag:
description: set the podvm_builder/podvm_binaries/podvm image tag
required: true
type: string
registry:
description: the container registry where built images will be pushed to
required: true
type: string
env:
# cloud-api-adaptor image registry
E2E_IMG_REGISTRY: ${{ inputs.registry }}
# cloud-api-adaptor: image release tag
E2E_IMG_RELEASE_TAG: ${{ inputs.caa_image_tag }}
# cloud-api-adaptor image dev tag
E2E_IMG_DEV_TAG: ${{ inputs.caa_image_tag }}-dev
defaults:
run:
working-directory: src/cloud-api-adaptor
jobs:
# Build the podvm images.
#
podvm_builder:
uses: ./.github/workflows/podvm_builder.yaml
with:
registry: ${{ inputs.registry }}
image_tag: ${{ inputs.podvm_image_tag }}
git_ref: ${{ inputs.git_ref }}
secrets: inherit
podvm_binaries:
needs: [podvm_builder]
uses: ./.github/workflows/podvm_binaries.yaml
with:
registry: ${{ inputs.registry }}
image_tag: ${{ inputs.podvm_image_tag }}
git_ref: ${{ inputs.git_ref }}
secrets: inherit
podvm:
needs: [podvm_binaries]
uses: ./.github/workflows/podvm.yaml
with:
registry: ${{ inputs.registry }}
image_tag: ${{ inputs.podvm_image_tag }}
git_ref: ${{ inputs.git_ref }}
secrets: inherit
podvm_mkosi_amd64:
uses: ./.github/workflows/podvm_mkosi.yaml
with:
registry: ${{ inputs.registry }}
image_tag: ${{ inputs.podvm_image_tag }}
git_ref: ${{ inputs.git_ref }}
arch: amd64
debug: true
secrets: inherit
podvm_mkosi_s390x:
uses: ./.github/workflows/podvm_mkosi.yaml
with:
registry: ${{ inputs.registry }}
image_tag: ${{ inputs.podvm_image_tag }}
git_ref: ${{ inputs.git_ref }}
arch: s390x
debug: true
secrets: inherit
# Build and push the cloud-api-adaptor image
#
# By using a reusable `workflow_call` workflow we are hitting two
# GHA limitations here:
#
# - Cannot access the `env` context from the `with` so that it cannot
# reuse the E2E_IMG_* environment variables set at this workflow level.
# - Cannot call a reusable workflow from a job's step, so the we cannot
# merge the `image` and `prep_env` into a single one (unless we create
# another reusable workflow and, well, likely hit another limitation...).
#
# Reference: https://docs.github.com/en/actions/using-workflows/reusing-workflows#limitations
#
image:
uses: ./.github/workflows/caa_build_and_push.yaml
with:
registry: ${{ inputs.registry }}
dev_tags: ${{ inputs.caa_image_tag }}-dev
release_tags: ${{ inputs.caa_image_tag }}
git_ref: ${{ inputs.git_ref }}
secrets: inherit
# Edit the kustomize files under the install directory to reference the
# built cloud-api-adaptor images. The entire directory is archived so that
# downstream jobs can simply download and use the prepared installation
# files.
#
# IMPORTANT: If you are enabling e2e tests for a given provider,
# then please update the PROVIDERS list (space-separated names, e.g.,
# "aws libvirt").
prep_install:
runs-on: ubuntu-24.04
outputs:
matrix: ${{ steps.matrix.outputs.matrix }}
env:
PROVIDERS: "libvirt"
steps:
- name: Checkout Code
uses: actions/checkout@v4
with:
fetch-depth: 0
ref: ${{ inputs.git_ref }}
- name: Rebase the code
if: github.event_name == 'pull_request_target'
working-directory: ./
run: |
./hack/ci-helper.sh rebase-atop-of-the-latest-target-branch
- name: Install kustomize
run: |
command -v kustomize >/dev/null || \
curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | \
bash -s /usr/local/bin
- name: Update kustomization configuration
run: |
providers=(${{ env.PROVIDERS }})
# If there aren't providers then something is wrong
[[ ${#providers[@]} -gt 0 ]] || exit 1
for provider in "${providers[@]}"; do
img="${E2E_IMG_REGISTRY}/cloud-api-adaptor"
tag="${E2E_IMG_RELEASE_TAG}"
[[ "$provider" = "libvirt" ]] && tag="${E2E_IMG_DEV_TAG}"
echo "::group::Update ${provider}"
pushd "install/overlays/${provider}"
kustomize edit set image "cloud-api-adaptor=${img}:${tag}"
# Print for debugging
cat kustomization.yaml
echo "::endgroup::"
# Validate the file to avoid it silently testing with a wrong image
grep "newName: ${img}" kustomization.yaml
grep "newTag: ${tag}" kustomization.yaml
popd
done
- name: Upload install directory for next test runs
uses: actions/upload-artifact@v4
with:
name: install_directory
path: src/cloud-api-adaptor/install/
retention-days: 7
- name: Define Test Matrix
id: matrix
run: |
echo "matrix=$(jq -c . < ./libvirt/e2e_matrix_libvirt.json)" >> "$GITHUB_OUTPUT"
# Run libvirt e2e tests if pull request labeled 'test_e2e_libvirt'
libvirt:
name: libvirt
if: |
github.event_name == 'schedule' ||
github.event_name == 'workflow_dispatch' ||
contains(github.event.pull_request.labels.*.name, 'test_e2e_libvirt')
needs: [podvm, image, prep_install]
strategy:
fail-fast: false
matrix: ${{ fromJSON(needs.prep_install.outputs.matrix) }}
uses: ./.github/workflows/e2e_libvirt.yaml
with:
caa_image: ${{ inputs.registry }}/cloud-api-adaptor:${{ inputs.caa_image_tag }}-dev
container_runtime: ${{ matrix.container_runtime }}
podvm_image: ${{ inputs.registry }}/podvm-${{ matrix.provider }}-${{ matrix.os }}-${{ matrix.arch }}:${{ inputs.podvm_image_tag }}
install_directory_artifact: install_directory
git_ref: ${{ inputs.git_ref }}
secure_comms: ${{ matrix.secure_comms }}
secrets: inherit
caa_image_amd64:
uses: ./.github/workflows/caa_build_and_push.yaml
with:
registry: ${{ inputs.registry }}
dev_arches: 'linux/amd64'
release_arches: 'linux/amd64'
dev_tags: ${{ inputs.caa_image_tag }}-amd64-dev
release_tags: ${{ inputs.caa_image_tag }}-amd64
git_ref: ${{ inputs.git_ref }}
secrets: inherit
caa_image_s390x:
uses: ./.github/workflows/caa_build_and_push.yaml
with:
registry: ${{ inputs.registry }}
dev_arches: 'linux/s390x'
release_arches: 'linux/s390x'
dev_tags: ${{ inputs.caa_image_tag }}-s390x-dev
release_tags: ${{ inputs.caa_image_tag }}-s390x
git_ref: ${{ inputs.git_ref }}
runner: 's390x'
secrets: inherit
libvirt_e2e_arch_prep:
runs-on: ubuntu-24.04
outputs:
matrix: ${{ steps.matrix.outputs.matrix }}
steps:
- name: Checkout Code
uses: actions/checkout@v4
with:
fetch-depth: 0
ref: ${{ inputs.git_ref }}
- name: Rebase the code
if: github.event_name == 'pull_request_target'
working-directory: ./
run: |
./hack/ci-helper.sh rebase-atop-of-the-latest-target-branch
- name: Define Test Matrix
id: matrix
run: |
echo "matrix=$(jq -c . < ./libvirt/libvirt_e2e_arch_matrix.json)" >> "$GITHUB_OUTPUT"
# Run libvirt amd64 e2e tests, based on the mkosi image, if pull request labeled 'test_e2e_libvirt'
libvirt_amd64:
name: E2E tests on libvirt for the amd64 architecture
if: |
github.event_name == 'schedule' ||
github.event_name == 'workflow_dispatch' ||
contains(github.event.pull_request.labels.*.name, 'test_e2e_libvirt') ||
contains(github.event.pull_request.labels.*.name, 'test_e2e_libvirt_amd64')
needs: [podvm_mkosi_amd64, libvirt_e2e_arch_prep, caa_image_amd64]
strategy:
fail-fast: false
matrix: ${{ fromJSON(needs.libvirt_e2e_arch_prep.outputs.matrix) }}
uses: ./.github/workflows/e2e_libvirt.yaml
with:
runner: ubuntu-24.04
caa_image: ${{ inputs.registry }}/cloud-api-adaptor:${{ inputs.caa_image_tag }}-amd64-dev
podvm_image: ${{ needs.podvm_mkosi_amd64.outputs.qcow2_oras_image }}
install_directory_artifact: install_directory
git_ref: ${{ inputs.git_ref }}
oras: true
secrets: inherit
# Run libvirt s390x e2e tests, based on the mkosi image, if pull request labeled 'test_e2e_libvirt'
libvirt_s390x:
name: E2E tests on libvirt for the s390x architecture
if: |
github.event_name == 'schedule' ||
github.event_name == 'workflow_dispatch' ||
contains(github.event.pull_request.labels.*.name, 'test_e2e_libvirt') ||
contains(github.event.pull_request.labels.*.name, 'test_e2e_libvirt_s390x')
needs: [podvm_mkosi_s390x, libvirt_e2e_arch_prep, caa_image_s390x]
strategy:
fail-fast: false
matrix: ${{ fromJSON(needs.libvirt_e2e_arch_prep.outputs.matrix) }}
uses: ./.github/workflows/e2e_libvirt.yaml
with:
runner: s390x-large
caa_image: ${{ inputs.registry }}/cloud-api-adaptor:${{ inputs.caa_image_tag }}-s390x-dev
podvm_image: ${{ needs.podvm_mkosi_s390x.outputs.qcow2_oras_image }}
install_directory_artifact: install_directory
git_ref: ${{ inputs.git_ref }}
oras: true
secrets: inherit