This repository has been archived by the owner on Jul 11, 2023. It is now read-only.
build(deps): bump google.golang.org/grpc from 1.49.0 to 1.53.0 #16150
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Go | |
on: | |
push: | |
branches: | |
- main | |
- release-* | |
paths-ignore: | |
- "docs/**" | |
- "**.md" | |
- "scripts/cleanup/**" | |
- "CODEOWNERS" | |
- "OWNERS" | |
pull_request: | |
branches: | |
- main | |
- release-* | |
paths-ignore: | |
- "docs/**" | |
- "**.md" | |
- "scripts/cleanup/**" | |
- "CODEOWNERS" | |
- "OWNERS" | |
env: | |
CI_WAIT_FOR_OK_SECONDS: 60 | |
CI_MAX_ITERATIONS_THRESHOLD: 60 | |
CI_CLIENT_CONCURRENT_CONNECTIONS: 1 | |
CI_MAX_WAIT_FOR_POD_TIME_SECONDS: 60 | |
CI_MIN_SUCCESS_THRESHOLD: 1 | |
OSM_HUMAN_DEBUG_LOG: true | |
jobs: | |
shellcheck: | |
name: Shellcheck | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: ShellCheck | |
run: shellcheck -x $(find . -name '*.sh') | |
lint: | |
name: Lint | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Setup Go | |
uses: actions/setup-go@v3 | |
with: | |
go-version-file: go.mod | |
cache: true | |
- name: go build deps | |
run: make embed-files-test | |
- name: golangci-lint | |
uses: golangci/golangci-lint-action@v3 | |
with: | |
version: latest | |
only-new-issues: true | |
skip-pkg-cache: true | |
codegen: | |
name: Codegen | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Setup Go | |
uses: actions/setup-go@v3 | |
with: | |
go-version-file: go.mod | |
cache: true | |
- name: go mod tidy | |
run: make go-mod-tidy | |
- name: Codegen checks | |
run: make check-codegen | |
mocks: | |
name: Mocks | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Setup Go | |
uses: actions/setup-go@v3 | |
with: | |
go-version-file: go.mod | |
cache: true | |
- name: go mod tidy | |
run: make go-mod-tidy | |
- name: gomock checks | |
run: make check-mocks | |
charts: | |
name: Chart checks | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: chart checks | |
run: make chart-checks | |
build: | |
name: Go build | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Setup Go | |
uses: actions/setup-go@v3 | |
with: | |
go-version-file: go.mod | |
cache: true | |
- name: Go Build | |
run: make build-ci | |
build-fips: | |
name: Go build (FIPS) | |
runs-on: ubuntu-latest | |
container: | |
image: mcr.microsoft.com/oss/go/microsoft/golang:1.19-fips-cbl-mariner2.0 | |
env: | |
FIPS: 1 | |
GNUPGHOME: /root/.gnupg | |
steps: | |
- name: Yum Update | |
run: | | |
yum update -y | |
yum install -y make git gcc gcc-c++ glibc-devel openssl-devel bash ca-certificates | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Setup Go Cache | |
uses: actions/cache@v3 | |
with: | |
path: | | |
/root/.cache/go-build | |
/go/pkg/mod | |
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
restore-keys: | | |
${{ runner.os }}-go- | |
- name: Go Build | |
run: | | |
git config --global --add safe.directory "$GITHUB_WORKSPACE" | |
make build-ci | |
unittest: | |
name: Go test | |
runs-on: ubuntu-latest | |
needs: build | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Setup Go | |
uses: actions/setup-go@v3 | |
with: | |
go-version-file: go.mod | |
cache: true | |
- name: go mod tidy | |
run: make go-mod-tidy | |
- name: Test | |
run: make go-test-coverage | |
- name: Upload Coverage | |
if: ${{ success() }} | |
uses: codecov/codecov-action@v2 | |
with: | |
flags: unittests | |
unittest-fips: | |
name: Go test (FIPS) | |
runs-on: ubuntu-latest | |
container: | |
image: mcr.microsoft.com/oss/go/microsoft/golang:1.19-fips-cbl-mariner2.0 | |
env: | |
GNUPGHOME: /root/.gnupg | |
GOFIPS: 1 | |
FIPS: 1 | |
needs: build-fips | |
steps: | |
- name: Yum Update | |
run: | | |
yum update -y | |
yum install -y make git gcc gcc-c++ glibc-devel openssl-devel bash ca-certificates | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Setup Go Cache | |
uses: actions/cache@v3 | |
with: | |
path: | | |
/root/.cache/go-build | |
/go/pkg/mod | |
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
restore-keys: | | |
${{ runner.os }}-go- | |
- name: go mod tidy | |
run: | | |
git config --global --add safe.directory "$GITHUB_WORKSPACE" | |
make go-mod-tidy | |
- name: Test | |
run: make go-test | |
imagescan: | |
name: Scan images for security vulnerabilities | |
runs-on: ubuntu-latest | |
env: | |
CTR_TAG: ${{ github.sha }} | |
CTR_REGISTRY: "localhost:5000" | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Build docker images | |
env: | |
DOCKER_BUILDX_OUTPUT: type=docker | |
run: make docker-build-osm | |
- name: Setup Trivy | |
run: make trivy-ci-setup | |
- name: Scan docker images for vulnerabilities | |
run: make trivy-scan-images | |
imagescan-fips: | |
name: Scan images for security vulnerabilities (FIPS) | |
runs-on: ubuntu-latest | |
env: | |
CTR_TAG: ${{ github.sha }}-fips | |
CTR_REGISTRY: "localhost:5000" | |
FIPS: 1 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Build docker images | |
env: | |
DOCKER_BUILDX_OUTPUT: type=docker | |
run: make docker-build-osm | |
- name: Setup Trivy | |
run: make trivy-ci-setup | |
- name: Scan docker images for vulnerabilities | |
run: make trivy-scan-images | |
e2etest: | |
name: Go test e2e | |
runs-on: ubuntu-latest | |
needs: build | |
strategy: | |
matrix: | |
k8s_version: [""] | |
focus: [""] | |
bucket: [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15] | |
include: | |
- k8s_version: v1.22.9 | |
focus: "Test traffic flowing from client to server with a Kubernetes Service for the Source: HTTP" | |
bucket: ".*" | |
- k8s_version: v1.23.6 | |
focus: "Test traffic flowing from client to server with a Kubernetes Service for the Source: HTTP" | |
bucket: ".*" | |
- k8s_version: v1.24.1 | |
focus: "Test traffic flowing from client to server with a Kubernetes Service for the Source: HTTP" | |
bucket: ".*" | |
env: | |
CTR_TAG: ${{ github.sha }} | |
CTR_REGISTRY: "localhost:5000" # unused for kind, but currently required in framework | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Setup Go | |
uses: actions/setup-go@v3 | |
with: | |
go-version-file: go.mod | |
cache: true | |
- name: Build test dependencies | |
env: | |
DOCKER_BUILDX_OUTPUT: type=docker | |
run: make docker-build-osm build-osm docker-build-tcp-echo-server | |
- name: Run tests | |
id: test | |
env: | |
K8S_NAMESPACE: "osm-system" | |
run: go test ./tests/e2e -test.v -ginkgo.v -ginkgo.progress -installType=KindCluster -kindClusterVersion='${{ matrix.k8s_version }}' -test.timeout 0 -test.failfast -ginkgo.failFast -ginkgo.focus='\[Bucket ${{ matrix.bucket }}\].*${{ matrix.focus }}' | |
continue-on-error: true | |
- name: Set Logs name | |
if: ${{ steps.test.conclusion != 'skipped' }} | |
run: | | |
if [[ -n "${{ matrix.k8s_version }}" ]]; then | |
echo "ARTIFACT_NAME=test_logs_k8s_version_${{ matrix.k8s_version }}" >> $GITHUB_ENV | |
else | |
echo "ARTIFACT_NAME=test_logs_bucket_${{ matrix.bucket }}" >> $GITHUB_ENV | |
fi | |
- name: Upload test logs | |
if: ${{ steps.test.conclusion != 'skipped' }} | |
uses: actions/upload-artifact@v2 | |
with: | |
name: ${{ env.ARTIFACT_NAME }} | |
path: /tmp/test**/* | |
- name: Check continue tests | |
if: ${{ steps.test.conclusion != 'skipped' && steps.test.outcome == 'failure'}} | |
run: exit 1 | |
- name: Clean tests | |
if: ${{ steps.test.conclusion != 'skipped' }} | |
run: rm -rf /tmp/test* | |
integration-tresor: | |
name: Integration Test with Tresor, SMI traffic policies, and egress disabled | |
runs-on: ubuntu-latest | |
needs: [build] | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Setup Go | |
uses: actions/setup-go@v3 | |
with: | |
go-version-file: go.mod | |
cache: true | |
- name: Run Simulation w/ Tresor, SMI policies, egress disabled and reconciler disabled | |
env: | |
CERT_MANAGER: "tresor" | |
BOOKSTORE_SVC: "bookstore" | |
BOOKTHIEF_EXPECTED_RESPONSE_CODE: "0" | |
ENABLE_EGRESS: "false" | |
ENABLE_RECONCILER: "false" | |
PERMISSIVE_MODE: "false" | |
DEPLOY_TRAFFIC_SPLIT: "true" | |
CTR_TAG: ${{ github.sha }} | |
USE_PRIVATE_REGISTRY: "false" | |
run: | | |
touch .env | |
make kind-up | |
./demo/run-osm-demo.sh | |
go run ./ci/cmd/maestro.go | |
images: | |
name: Docker Images | |
runs-on: ubuntu-latest | |
if: ${{ (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/release-')) && github.event_name == 'push' }} | |
env: | |
DOCKER_USER: ${{ secrets.RELEASE_DOCKER_USER }} | |
DOCKER_PASS: ${{ secrets.RELEASE_DOCKER_PASS }} | |
CTR_REGISTRY: ${{ github.repository_owner }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v2 | |
- name: Docker Login | |
run: docker login --username "$DOCKER_USER" --password-stdin <<< "$DOCKER_PASS" | |
- name: Push images with git sha tag | |
env: | |
CTR_TAG: ${{ github.sha }} | |
run: make docker-build-cross |