Skip to content

NODE-5655 add docker auth to tests #270

NODE-5655 add docker auth to tests

NODE-5655 add docker auth to tests #270

Workflow file for this run

name: CI
on:
pull_request:
branches: ['main']
types: ['opened', 'reopened', 'synchronize']
paths:
- '.github/workflows/ci.yaml'
- '.github/workflows/test.yaml'
- 'helm/**'
- 'files/**'
- 'cmd/**'
- 'go.*'
- 'Dockerfile'
- 'test/**'
- '!helm/Chart.yaml'
- '!helm/README.md'
- '!helm/test/**'
- '!helm/values.*.yaml'
permissions:
contents: read
jobs:
build:
name: Build
runs-on: ${{ matrix.RUNNER }}
strategy:
fail-fast: false
matrix:
include:
- ARCH: amd64
RUNNER: self-hosted-amd64-1cpu
- ARCH: arm64
RUNNER: self-hosted-arm64-1cpu
outputs:
helm_args: ${{ steps.compute_helm_args.outputs.helm_args }}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Import secrets
uses: hashicorp/vault-action@130d1f5f4fe645bb6c83e4225c04d64cfb62de6e # v2.5.0
id: secrets
with:
exportEnv: true
url: ${{ secrets.VAULT_URL }}
role: ${{ secrets.VAULT_ROLE }}
method: kubernetes
path: kubernetes-ci
secrets: |
kv-gitlab-ci/data/github/shared/dockerhub-creds user | DOCKERHUB_USER ;
kv-gitlab-ci/data/github/shared/dockerhub-creds password | DOCKERHUB_PASSWORD ;
- name: Build
run: |
echo ${DOCKERHUB_PASSWORD} | docker login -u ${DOCKERHUB_USER} --password-stdin
IMAGE="wallarm/sidecar-controller"
make build TAG=${GITHUB_SHA} IMAGE=${IMAGE} PLATFORMS=linux/${{ matrix.ARCH }} BUILDX_ARGS=--load
docker save -o sidecar-${{ matrix.ARCH }}.tar ${IMAGE}:${GITHUB_SHA}
- name: Save artifact
uses: actions/upload-artifact@v4
with:
name: sidecar-${{ matrix.ARCH }}.tar
path: sidecar-${{ matrix.ARCH }}.tar
retention-days: 1
- name: Compute Helm arguments
#TODO get rid of using helm args here
id: compute_helm_args
run: |
HELM_ARGS="--set controller.image.tag=${GITHUB_SHA}"
echo "helm_args=${HELM_ARGS}" >> $GITHUB_OUTPUT
test:
name: Test
needs: build
uses: wallarm/sidecar/.github/workflows/test.yaml@main
secrets:
VAULT_URL: ${{ secrets.VAULT_URL }}
VAULT_ROLE: ${{ secrets.VAULT_ROLE }}
with:
ref: ${{ github.head_ref }}
run_lint: true
run_validate: true
run_test: true
run_ct: true
helm_args: ${{ needs.build.outputs.helm_args }}
load_artifact: true
smoke-test:
name: Smoke
runs-on: ${{ matrix.RUNNER }}
needs: build
strategy:
fail-fast: false
matrix:
k8s: [1.28.7]
ARCH: [amd64, arm64]
INJECTION_STRATEGY: [single, split]
include:
- ARCH: amd64
RUNNER: self-hosted-amd64-2cpu
- ARCH: arm64
RUNNER: self-hosted-arm64-2cpu
env:
## US preset
# env_code: ingress-us1
# CLIENT_ID: 7119
## EU preset
env_code: ingress-eu1
CLIENT_ID: 5
KIND_CLUSTER_NAME: kind-${{ matrix.k8s }}
KUBECONFIG: $HOME/.kube/kind-config-${{ matrix.k8s }}
steps:
- name: Import secrets
uses: hashicorp/vault-action@d1720f055e0635fd932a1d2a48f87a666a57906c # v3.0.0
id: secrets
with:
exportEnv: false
url: ${{ secrets.VAULT_URL }}
role: ${{ secrets.VAULT_ROLE }}
method: kubernetes
path: kubernetes-ci
secrets: |
kv-gitlab-ci/data/github/${{ env.env_code }} api_token ;
kv-gitlab-ci/data/github/${{ env.env_code }} api_host ;
kv-gitlab-ci/data/github/${{ env.env_code }} api_preset ;
kv-gitlab-ci/data/github/${{ env.env_code }} user_token ;
kv-gitlab-ci/data/github/${{ env.env_code }} webhook_uuid ;
kv-gitlab-ci/data/github/${{ env.env_code }} webhook_api_key ;
kv-gitlab-ci/data/github/${{ env.env_code }} allure_server_token ;
kv-gitlab-ci/data/github/shared/smoke-tests-registry-creds token_name ;
kv-gitlab-ci/data/github/shared/smoke-tests-registry-creds token_secret ;
kv-gitlab-ci/data/github/shared/dockerhub-creds user ;
kv-gitlab-ci/data/github/shared/dockerhub-creds password ;
- name: Checkout
uses: actions/checkout@v4
- name: Load cache
uses: actions/download-artifact@v4
with:
name: sidecar-${{ matrix.ARCH }}.tar
- name: Load images
run: docker load -i sidecar-${{ matrix.ARCH }}.tar
- name: Create cluster
run: kind create cluster --image=kindest/node:v${{ matrix.k8s }}
- name: Run smoke tests
env:
SKIP_CLUSTER_CREATION: true
SKIP_IMAGE_CREATION: true
DOCKERHUB_USER: ${{ steps.secrets.outputs.user }}
DOCKERHUB_PASSWORD: ${{ steps.secrets.outputs.password }}
INJECTION_STRATEGY: ${{ matrix.INJECTION_STRATEGY }}
WALLARM_API_TOKEN: ${{ steps.secrets.outputs.api_token }}
WALLARM_API_HOST: ${{ steps.secrets.outputs.api_host }}
WALLARM_API_PRESET: ${{ steps.secrets.outputs.api_preset }}
USER_TOKEN: ${{ steps.secrets.outputs.user_token }}
SMOKE_REGISTRY_TOKEN: ${{ steps.secrets.outputs.token_name }}
SMOKE_REGISTRY_SECRET: ${{ steps.secrets.outputs.token_secret }}
WEBHOOK_API_KEY: ${{ steps.secrets.outputs.webhook_api_key }}
WEBHOOK_UUID: ${{ steps.secrets.outputs.webhook_uuid }}
ALLURE_PROJECT_ID: 10
ALLURE_UPLOAD_REPORT: true
ALLURE_GENERATE_REPORT: true
ALLURE_TOKEN: ${{ steps.secrets.outputs.allure_server_token }}
ALLURE_ENVIRONMENT_K8S: ${{ matrix.k8s }}
ALLURE_ENVIRONMENT_ARCH: ${{ matrix.ARCH }}
run: |
make kind-smoke-test TAG=${GITHUB_SHA}