From b60e0a9b5788b4eccc1801dcf67c1499f7640532 Mon Sep 17 00:00:00 2001 From: Peng Tao Date: Sun, 8 Oct 2023 13:55:01 +0000 Subject: [PATCH 1/2] gha: combine basic amd64 jobs into a single yaml GHA has an undocumented limitation that there can be at most 20 referenced yamls in a single yaml file. We workaround it by combining multiple jobs into a single yaml file. Fixes: #8161 Signed-off-by: Peng Tao --- .github/workflows/basic-ci-amd64.yaml | 197 ++++++++++++++++++ .github/workflows/ci.yaml | 36 +--- .../run-containerd-stability-tests.yaml | 50 ----- .../workflows/run-cri-containerd-tests.yaml | 56 ----- .github/workflows/run-nydus-tests.yaml | 56 ----- .github/workflows/run-vfio-tests.yaml | 49 ----- 6 files changed, 199 insertions(+), 245 deletions(-) create mode 100644 .github/workflows/basic-ci-amd64.yaml delete mode 100644 .github/workflows/run-containerd-stability-tests.yaml delete mode 100644 .github/workflows/run-cri-containerd-tests.yaml delete mode 100644 .github/workflows/run-nydus-tests.yaml delete mode 100644 .github/workflows/run-vfio-tests.yaml diff --git a/.github/workflows/basic-ci-amd64.yaml b/.github/workflows/basic-ci-amd64.yaml new file mode 100644 index 0000000000..5780605ede --- /dev/null +++ b/.github/workflows/basic-ci-amd64.yaml @@ -0,0 +1,197 @@ +name: CI | Basic amd64 tests +on: + workflow_call: + inputs: + tarball-suffix: + required: false + type: string + commit-hash: + required: false + type: string + target-branch: + required: false + type: string + default: "" + +jobs: + run-cri-containerd: + strategy: + # We can set this to true whenever we're 100% sure that + # the all the tests are not flaky, otherwise we'll fail + # all the tests due to a single flaky instance. + fail-fast: false + matrix: + containerd_version: ['lts', 'active'] + vmm: ['clh', 'qemu'] + runs-on: garm-ubuntu-2204-smaller + env: + CONTAINERD_VERSION: ${{ matrix.containerd_version }} + GOPATH: ${{ github.workspace }} + KATA_HYPERVISOR: ${{ matrix.vmm }} + steps: + - uses: actions/checkout@v3 + with: + ref: ${{ inputs.commit-hash }} + fetch-depth: 0 + + - name: Rebase atop of the latest target branch + run: | + ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch" + env: + TARGET_BRANCH: ${{ inputs.target-branch }} + + - name: Install dependencies + run: bash tests/integration/cri-containerd/gha-run.sh install-dependencies + + - name: get-kata-tarball + uses: actions/download-artifact@v3 + with: + name: kata-static-tarball-amd64${{ inputs.tarball-suffix }} + path: kata-artifacts + + - name: Install kata + run: bash tests/integration/cri-containerd/gha-run.sh install-kata kata-artifacts + + - name: Run cri-containerd tests + run: bash tests/integration/cri-containerd/gha-run.sh run + + run-containerd-stability: + strategy: + fail-fast: false + matrix: + containerd_version: ['lts', 'active'] + vmm: ['clh', 'qemu'] + runs-on: garm-ubuntu-2204-smaller + env: + CONTAINERD_VERSION: ${{ matrix.containerd_version }} + GOPATH: ${{ github.workspace }} + KATA_HYPERVISOR: ${{ matrix.vmm }} + steps: + - uses: actions/checkout@v3 + with: + ref: ${{ inputs.commit-hash }} + fetch-depth: 0 + + - name: Rebase atop of the latest target branch + run: | + ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch" + env: + TARGET_BRANCH: ${{ inputs.target-branch }} + + - name: get-kata-tarball + uses: actions/download-artifact@v3 + with: + name: kata-static-tarball-amd64${{ inputs.tarball-suffix }} + path: kata-artifacts + + - name: Install kata + run: bash tests/stability/gha-run.sh install-kata kata-artifacts + + - name: Run containerd-stability tests + run: bash tests/stability/gha-run.sh run + + run-nydus: + strategy: + # We can set this to true whenever we're 100% sure that + # the all the tests are not flaky, otherwise we'll fail + # all the tests due to a single flaky instance. + fail-fast: false + matrix: + containerd_version: ['lts', 'active'] + vmm: ['clh', 'qemu', 'dragonball'] + runs-on: garm-ubuntu-2204-smaller + env: + CONTAINERD_VERSION: ${{ matrix.containerd_version }} + GOPATH: ${{ github.workspace }} + KATA_HYPERVISOR: ${{ matrix.vmm }} + steps: + - uses: actions/checkout@v3 + with: + ref: ${{ inputs.commit-hash }} + fetch-depth: 0 + + - name: Rebase atop of the latest target branch + run: | + ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch" + env: + TARGET_BRANCH: ${{ inputs.target-branch }} + + - name: Install dependencies + run: bash tests/integration/nydus/gha-run.sh install-dependencies + + - name: get-kata-tarball + uses: actions/download-artifact@v3 + with: + name: kata-static-tarball-amd64${{ inputs.tarball-suffix }} + path: kata-artifacts + + - name: Install kata + run: bash tests/integration/nydus/gha-run.sh install-kata kata-artifacts + + - name: Run nydus tests + run: bash tests/integration/nydus/gha-run.sh run + + run-runk: + runs-on: garm-ubuntu-2204-smaller + env: + CONTAINERD_VERSION: lts + steps: + - uses: actions/checkout@v4 + with: + ref: ${{ inputs.commit-hash }} + fetch-depth: 0 + + - name: Rebase atop of the latest target branch + run: | + ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch" + env: + TARGET_BRANCH: ${{ inputs.target-branch }} + + - name: Install dependencies + run: bash tests/integration/runk/gha-run.sh install-dependencies + + - name: get-kata-tarball + uses: actions/download-artifact@v3 + with: + name: kata-static-tarball-amd64${{ inputs.tarball-suffix }} + path: kata-artifacts + + - name: Install kata + run: bash tests/integration/runk/gha-run.sh install-kata kata-artifacts + + - name: Run tracing tests + run: bash tests/integration/runk/gha-run.sh run + + run-vfio: + strategy: + fail-fast: false + matrix: + vmm: ['clh', 'qemu'] + runs-on: garm-ubuntu-2304 + env: + GOPATH: ${{ github.workspace }} + KATA_HYPERVISOR: ${{ matrix.vmm }} + steps: + - uses: actions/checkout@v3 + with: + ref: ${{ inputs.commit-hash }} + fetch-depth: 0 + + - name: Rebase atop of the latest target branch + run: | + ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch" + env: + TARGET_BRANCH: ${{ inputs.target-branch }} + + - name: Install dependencies + run: bash tests/functional/vfio/gha-run.sh install-dependencies + + - name: get-kata-tarball + uses: actions/download-artifact@v3 + with: + name: kata-static-tarball-amd64${{ inputs.tarball-suffix }} + path: kata-artifacts + + - name: Run vfio tests + timeout-minutes: 15 + run: bash tests/functional/vfio/gha-run.sh run diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index a92f0fbbe8..5c74b84f23 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -209,41 +209,9 @@ jobs: commit-hash: ${{ inputs.commit-hash }} target-branch: ${{ inputs.target-branch }} - run-cri-containerd-tests: + run-basic-amd64-tests: needs: build-kata-static-tarball-amd64 - uses: ./.github/workflows/run-cri-containerd-tests.yaml - with: - tarball-suffix: -${{ inputs.tag }} - commit-hash: ${{ inputs.commit-hash }} - target-branch: ${{ inputs.target-branch }} - - run-containerd-stability-tests: - needs: build-kata-static-tarball-amd64 - uses: ./.github/workflows/run-containerd-stability-tests.yaml - with: - tarball-suffix: -${{ inputs.tag }} - commit-hash: ${{ inputs.commit-hash }} - target-branch: ${{ inputs.target-branch }} - - run-nydus-tests: - needs: build-kata-static-tarball-amd64 - uses: ./.github/workflows/run-nydus-tests.yaml - with: - tarball-suffix: -${{ inputs.tag }} - commit-hash: ${{ inputs.commit-hash }} - target-branch: ${{ inputs.target-branch }} - - run-runk-tests: - needs: build-kata-static-tarball-amd64 - uses: ./.github/workflows/run-runk-tests.yaml - with: - tarball-suffix: -${{ inputs.tag }} - commit-hash: ${{ inputs.commit-hash }} - target-branch: ${{ inputs.target-branch }} - - run-vfio-tests: - needs: build-kata-static-tarball-amd64 - uses: ./.github/workflows/run-vfio-tests.yaml + uses: ./.github/workflows/basic-ci-amd64.yaml with: tarball-suffix: -${{ inputs.tag }} commit-hash: ${{ inputs.commit-hash }} diff --git a/.github/workflows/run-containerd-stability-tests.yaml b/.github/workflows/run-containerd-stability-tests.yaml deleted file mode 100644 index 76de75d9e1..0000000000 --- a/.github/workflows/run-containerd-stability-tests.yaml +++ /dev/null @@ -1,50 +0,0 @@ -name: CI | Run containerd stability tests -on: - workflow_call: - inputs: - tarball-suffix: - required: false - type: string - commit-hash: - required: false - type: string - target-branch: - required: false - type: string - default: "" - -jobs: - run-containerd-stability: - strategy: - fail-fast: false - matrix: - containerd_version: ['lts', 'active'] - vmm: ['clh', 'qemu'] - runs-on: garm-ubuntu-2204-smaller - env: - CONTAINERD_VERSION: ${{ matrix.containerd_version }} - GOPATH: ${{ github.workspace }} - KATA_HYPERVISOR: ${{ matrix.vmm }} - steps: - - uses: actions/checkout@v3 - with: - ref: ${{ inputs.commit-hash }} - fetch-depth: 0 - - - name: Rebase atop of the latest target branch - run: | - ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch" - env: - TARGET_BRANCH: ${{ inputs.target-branch }} - - - name: get-kata-tarball - uses: actions/download-artifact@v3 - with: - name: kata-static-tarball-amd64${{ inputs.tarball-suffix }} - path: kata-artifacts - - - name: Install kata - run: bash tests/stability/gha-run.sh install-kata kata-artifacts - - - name: Run containerd-stability tests - run: bash tests/stability/gha-run.sh run diff --git a/.github/workflows/run-cri-containerd-tests.yaml b/.github/workflows/run-cri-containerd-tests.yaml deleted file mode 100644 index f42833609a..0000000000 --- a/.github/workflows/run-cri-containerd-tests.yaml +++ /dev/null @@ -1,56 +0,0 @@ -name: CI | Run cri-containerd tests -on: - workflow_call: - inputs: - tarball-suffix: - required: false - type: string - commit-hash: - required: false - type: string - target-branch: - required: false - type: string - default: "" - -jobs: - run-cri-containerd: - strategy: - # We can set this to true whenever we're 100% sure that - # the all the tests are not flaky, otherwise we'll fail - # all the tests due to a single flaky instance. - fail-fast: false - matrix: - containerd_version: ['lts', 'active'] - vmm: ['clh', 'qemu'] - runs-on: garm-ubuntu-2204-smaller - env: - CONTAINERD_VERSION: ${{ matrix.containerd_version }} - GOPATH: ${{ github.workspace }} - KATA_HYPERVISOR: ${{ matrix.vmm }} - steps: - - uses: actions/checkout@v3 - with: - ref: ${{ inputs.commit-hash }} - fetch-depth: 0 - - - name: Rebase atop of the latest target branch - run: | - ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch" - env: - TARGET_BRANCH: ${{ inputs.target-branch }} - - - name: Install dependencies - run: bash tests/integration/cri-containerd/gha-run.sh install-dependencies - - - name: get-kata-tarball - uses: actions/download-artifact@v3 - with: - name: kata-static-tarball-amd64${{ inputs.tarball-suffix }} - path: kata-artifacts - - - name: Install kata - run: bash tests/integration/cri-containerd/gha-run.sh install-kata kata-artifacts - - - name: Run cri-containerd tests - run: bash tests/integration/cri-containerd/gha-run.sh run diff --git a/.github/workflows/run-nydus-tests.yaml b/.github/workflows/run-nydus-tests.yaml deleted file mode 100644 index 71ee0fe869..0000000000 --- a/.github/workflows/run-nydus-tests.yaml +++ /dev/null @@ -1,56 +0,0 @@ -name: CI | Run nydus tests -on: - workflow_call: - inputs: - tarball-suffix: - required: false - type: string - commit-hash: - required: false - type: string - target-branch: - required: false - type: string - default: "" - -jobs: - run-nydus: - strategy: - # We can set this to true whenever we're 100% sure that - # the all the tests are not flaky, otherwise we'll fail - # all the tests due to a single flaky instance. - fail-fast: false - matrix: - containerd_version: ['lts', 'active'] - vmm: ['clh', 'qemu', 'dragonball'] - runs-on: garm-ubuntu-2204-smaller - env: - CONTAINERD_VERSION: ${{ matrix.containerd_version }} - GOPATH: ${{ github.workspace }} - KATA_HYPERVISOR: ${{ matrix.vmm }} - steps: - - uses: actions/checkout@v3 - with: - ref: ${{ inputs.commit-hash }} - fetch-depth: 0 - - - name: Rebase atop of the latest target branch - run: | - ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch" - env: - TARGET_BRANCH: ${{ inputs.target-branch }} - - - name: Install dependencies - run: bash tests/integration/nydus/gha-run.sh install-dependencies - - - name: get-kata-tarball - uses: actions/download-artifact@v3 - with: - name: kata-static-tarball-amd64${{ inputs.tarball-suffix }} - path: kata-artifacts - - - name: Install kata - run: bash tests/integration/nydus/gha-run.sh install-kata kata-artifacts - - - name: Run nydus tests - run: bash tests/integration/nydus/gha-run.sh run diff --git a/.github/workflows/run-vfio-tests.yaml b/.github/workflows/run-vfio-tests.yaml deleted file mode 100644 index 4542ec1a3a..0000000000 --- a/.github/workflows/run-vfio-tests.yaml +++ /dev/null @@ -1,49 +0,0 @@ -name: CI | Run vfio tests -on: - workflow_call: - inputs: - tarball-suffix: - required: false - type: string - commit-hash: - required: false - type: string - target-branch: - required: false - type: string - default: "" - -jobs: - run-vfio: - strategy: - fail-fast: false - matrix: - vmm: ['clh', 'qemu'] - runs-on: garm-ubuntu-2304 - env: - GOPATH: ${{ github.workspace }} - KATA_HYPERVISOR: ${{ matrix.vmm }} - steps: - - uses: actions/checkout@v3 - with: - ref: ${{ inputs.commit-hash }} - fetch-depth: 0 - - - name: Rebase atop of the latest target branch - run: | - ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch" - env: - TARGET_BRANCH: ${{ inputs.target-branch }} - - - name: Install dependencies - run: bash tests/functional/vfio/gha-run.sh install-dependencies - - - name: get-kata-tarball - uses: actions/download-artifact@v3 - with: - name: kata-static-tarball-amd64${{ inputs.tarball-suffix }} - path: kata-artifacts - - - name: Run vfio tests - timeout-minutes: 15 - run: bash tests/functional/vfio/gha-run.sh run From 954d40cce5b4075d2c82615e23b2e11601786e55 Mon Sep 17 00:00:00 2001 From: Peng Tao Date: Sun, 8 Oct 2023 14:04:52 +0000 Subject: [PATCH 2/2] gha: combine coco jobs into a single yaml So that we don't risk exceeding the GHA 20 rerefenced yaml files limit that easy. Signed-off-by: Peng Tao --- .github/workflows/ci.yaml | 37 +--- .github/workflows/run-k8s-tests-on-sev.yaml | 65 ------- .github/workflows/run-k8s-tests-on-snp.yaml | 65 ------- .github/workflows/run-k8s-tests-on-tdx.yaml | 64 ------- .github/workflows/run-kata-coco-tests.yaml | 176 ++++++++++++++++++ .../run-kata-deploy-tests-on-tdx.yaml | 54 ------ 6 files changed, 178 insertions(+), 283 deletions(-) delete mode 100644 .github/workflows/run-k8s-tests-on-sev.yaml delete mode 100644 .github/workflows/run-k8s-tests-on-snp.yaml delete mode 100644 .github/workflows/run-k8s-tests-on-tdx.yaml create mode 100644 .github/workflows/run-kata-coco-tests.yaml delete mode 100644 .github/workflows/run-kata-deploy-tests-on-tdx.yaml diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 5c74b84f23..71fc7ec564 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -113,17 +113,6 @@ jobs: target-branch: ${{ inputs.target-branch }} secrets: inherit - run-kata-deploy-tests-on-tdx: - needs: [publish-kata-deploy-payload-amd64, build-and-publish-tee-confidential-unencrypted-image] - uses: ./.github/workflows/run-kata-deploy-tests-on-tdx.yaml - with: - registry: ghcr.io - repo: ${{ github.repository_owner }}/kata-deploy-ci - tag: ${{ inputs.tag }}-amd64 - commit-hash: ${{ inputs.commit-hash }} - pr-number: ${{ inputs.pr-number }} - target-branch: ${{ inputs.target-branch }} - run-kata-monitor-tests: needs: build-kata-static-tarball-amd64 uses: ./.github/workflows/run-kata-monitor-tests.yaml @@ -168,31 +157,9 @@ jobs: target-branch: ${{ inputs.target-branch }} secrets: inherit - run-k8s-tests-on-sev: + run-kata-coco-tests: needs: [publish-kata-deploy-payload-amd64, build-and-publish-tee-confidential-unencrypted-image] - uses: ./.github/workflows/run-k8s-tests-on-sev.yaml - with: - registry: ghcr.io - repo: ${{ github.repository_owner }}/kata-deploy-ci - tag: ${{ inputs.tag }}-amd64 - commit-hash: ${{ inputs.commit-hash }} - pr-number: ${{ inputs.pr-number }} - target-branch: ${{ inputs.target-branch }} - - run-k8s-tests-on-snp: - needs: [publish-kata-deploy-payload-amd64, build-and-publish-tee-confidential-unencrypted-image] - uses: ./.github/workflows/run-k8s-tests-on-snp.yaml - with: - registry: ghcr.io - repo: ${{ github.repository_owner }}/kata-deploy-ci - tag: ${{ inputs.tag }}-amd64 - commit-hash: ${{ inputs.commit-hash }} - pr-number: ${{ inputs.pr-number }} - target-branch: ${{ inputs.target-branch }} - - run-k8s-tests-on-tdx: - needs: [publish-kata-deploy-payload-amd64, build-and-publish-tee-confidential-unencrypted-image] - uses: ./.github/workflows/run-k8s-tests-on-tdx.yaml + uses: ./.github/workflows/run-kata-coco-tests.yaml with: registry: ghcr.io repo: ${{ github.repository_owner }}/kata-deploy-ci diff --git a/.github/workflows/run-k8s-tests-on-sev.yaml b/.github/workflows/run-k8s-tests-on-sev.yaml deleted file mode 100644 index a720e24869..0000000000 --- a/.github/workflows/run-k8s-tests-on-sev.yaml +++ /dev/null @@ -1,65 +0,0 @@ -name: CI | Run kubernetes tests on SEV -on: - workflow_call: - inputs: - registry: - required: true - type: string - repo: - required: true - type: string - tag: - required: true - type: string - pr-number: - required: true - type: string - commit-hash: - required: false - type: string - target-branch: - required: false - type: string - default: "" - -jobs: - run-k8s-tests: - strategy: - fail-fast: false - matrix: - vmm: - - qemu-sev - runs-on: sev - env: - DOCKER_REGISTRY: ${{ inputs.registry }} - DOCKER_REPO: ${{ inputs.repo }} - DOCKER_TAG: ${{ inputs.tag }} - PR_NUMBER: ${{ inputs.pr-number }} - KATA_HYPERVISOR: ${{ matrix.vmm }} - KUBECONFIG: /home/kata/.kube/config - KUBERNETES: "vanilla" - USING_NFD: "false" - K8S_TEST_HOST_TYPE: "baremetal" - steps: - - uses: actions/checkout@v3 - with: - ref: ${{ inputs.commit-hash }} - fetch-depth: 0 - - - name: Rebase atop of the latest target branch - run: | - ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch" - env: - TARGET_BRANCH: ${{ inputs.target-branch }} - - - name: Deploy Kata - timeout-minutes: 10 - run: bash tests/integration/kubernetes/gha-run.sh deploy-kata-sev - - - name: Run tests - timeout-minutes: 30 - run: bash tests/integration/kubernetes/gha-run.sh run-tests - - - name: Delete kata-deploy - if: always() - run: bash tests/integration/kubernetes/gha-run.sh cleanup-sev diff --git a/.github/workflows/run-k8s-tests-on-snp.yaml b/.github/workflows/run-k8s-tests-on-snp.yaml deleted file mode 100644 index 33ae57d3a8..0000000000 --- a/.github/workflows/run-k8s-tests-on-snp.yaml +++ /dev/null @@ -1,65 +0,0 @@ -name: CI | Run kubernetes tests on SEV-SNP -on: - workflow_call: - inputs: - registry: - required: true - type: string - repo: - required: true - type: string - tag: - required: true - type: string - pr-number: - required: true - type: string - commit-hash: - required: false - type: string - target-branch: - required: false - type: string - default: "" - -jobs: - run-k8s-tests: - strategy: - fail-fast: false - matrix: - vmm: - - qemu-snp - runs-on: sev-snp - env: - DOCKER_REGISTRY: ${{ inputs.registry }} - DOCKER_REPO: ${{ inputs.repo }} - DOCKER_TAG: ${{ inputs.tag }} - PR_NUMBER: ${{ inputs.pr-number }} - KATA_HYPERVISOR: ${{ matrix.vmm }} - KUBECONFIG: /home/kata/.kube/config - KUBERNETES: "vanilla" - USING_NFD: "false" - K8S_TEST_HOST_TYPE: "baremetal" - steps: - - uses: actions/checkout@v3 - with: - ref: ${{ inputs.commit-hash }} - fetch-depth: 0 - - - name: Rebase atop of the latest target branch - run: | - ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch" - env: - TARGET_BRANCH: ${{ inputs.target-branch }} - - - name: Deploy Kata - timeout-minutes: 10 - run: bash tests/integration/kubernetes/gha-run.sh deploy-kata-snp - - - name: Run tests - timeout-minutes: 30 - run: bash tests/integration/kubernetes/gha-run.sh run-tests - - - name: Delete kata-deploy - if: always() - run: bash tests/integration/kubernetes/gha-run.sh cleanup-snp diff --git a/.github/workflows/run-k8s-tests-on-tdx.yaml b/.github/workflows/run-k8s-tests-on-tdx.yaml deleted file mode 100644 index 940fd0a396..0000000000 --- a/.github/workflows/run-k8s-tests-on-tdx.yaml +++ /dev/null @@ -1,64 +0,0 @@ -name: CI | Run kubernetes tests on TDX -on: - workflow_call: - inputs: - registry: - required: true - type: string - repo: - required: true - type: string - tag: - required: true - type: string - pr-number: - required: true - type: string - commit-hash: - required: false - type: string - target-branch: - required: false - type: string - default: "" - -jobs: - run-k8s-tests: - strategy: - fail-fast: false - matrix: - vmm: - - qemu-tdx - runs-on: tdx - env: - DOCKER_REGISTRY: ${{ inputs.registry }} - DOCKER_REPO: ${{ inputs.repo }} - DOCKER_TAG: ${{ inputs.tag }} - PR_NUMBER: ${{ inputs.pr-number }} - KATA_HYPERVISOR: ${{ matrix.vmm }} - KUBERNETES: "k3s" - USING_NFD: "true" - K8S_TEST_HOST_TYPE: "baremetal" - steps: - - uses: actions/checkout@v3 - with: - ref: ${{ inputs.commit-hash }} - fetch-depth: 0 - - - name: Rebase atop of the latest target branch - run: | - ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch" - env: - TARGET_BRANCH: ${{ inputs.target-branch }} - - - name: Deploy Kata - timeout-minutes: 10 - run: bash tests/integration/kubernetes/gha-run.sh deploy-kata-tdx - - - name: Run tests - timeout-minutes: 30 - run: bash tests/integration/kubernetes/gha-run.sh run-tests - - - name: Delete kata-deploy - if: always() - run: bash tests/integration/kubernetes/gha-run.sh cleanup-tdx diff --git a/.github/workflows/run-kata-coco-tests.yaml b/.github/workflows/run-kata-coco-tests.yaml new file mode 100644 index 0000000000..2021d10ac4 --- /dev/null +++ b/.github/workflows/run-kata-coco-tests.yaml @@ -0,0 +1,176 @@ +name: CI | Run kata coco tests +on: + workflow_call: + inputs: + registry: + required: true + type: string + repo: + required: true + type: string + tag: + required: true + type: string + pr-number: + required: true + type: string + commit-hash: + required: false + type: string + target-branch: + required: false + type: string + default: "" + +jobs: + run-kata-deploy-tests-on-tdx: + strategy: + fail-fast: false + matrix: + vmm: + - qemu-tdx + runs-on: tdx + env: + DOCKER_REGISTRY: ${{ inputs.registry }} + DOCKER_REPO: ${{ inputs.repo }} + DOCKER_TAG: ${{ inputs.tag }} + PR_NUMBER: ${{ inputs.pr-number }} + KATA_HYPERVISOR: ${{ matrix.vmm }} + KUBERNETES: "k3s" + USING_NFD: "true" + steps: + - uses: actions/checkout@v3 + with: + ref: ${{ inputs.commit-hash }} + fetch-depth: 0 + + - name: Rebase atop of the latest target branch + run: | + ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch" + env: + TARGET_BRANCH: ${{ inputs.target-branch }} + + - name: Run tests + run: bash tests/functional/kata-deploy/gha-run.sh run-tests + + run-k8s-tests-on-tdx: + strategy: + fail-fast: false + matrix: + vmm: + - qemu-tdx + runs-on: tdx + env: + DOCKER_REGISTRY: ${{ inputs.registry }} + DOCKER_REPO: ${{ inputs.repo }} + DOCKER_TAG: ${{ inputs.tag }} + PR_NUMBER: ${{ inputs.pr-number }} + KATA_HYPERVISOR: ${{ matrix.vmm }} + KUBERNETES: "k3s" + USING_NFD: "true" + K8S_TEST_HOST_TYPE: "baremetal" + steps: + - uses: actions/checkout@v3 + with: + ref: ${{ inputs.commit-hash }} + fetch-depth: 0 + + - name: Rebase atop of the latest target branch + run: | + ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch" + env: + TARGET_BRANCH: ${{ inputs.target-branch }} + + - name: Deploy Kata + timeout-minutes: 10 + run: bash tests/integration/kubernetes/gha-run.sh deploy-kata-tdx + + - name: Run tests + timeout-minutes: 30 + run: bash tests/integration/kubernetes/gha-run.sh run-tests + + - name: Delete kata-deploy + if: always() + run: bash tests/integration/kubernetes/gha-run.sh cleanup-tdx + + run-k8s-tests-on-sev: + strategy: + fail-fast: false + matrix: + vmm: + - qemu-sev + runs-on: sev + env: + DOCKER_REGISTRY: ${{ inputs.registry }} + DOCKER_REPO: ${{ inputs.repo }} + DOCKER_TAG: ${{ inputs.tag }} + PR_NUMBER: ${{ inputs.pr-number }} + KATA_HYPERVISOR: ${{ matrix.vmm }} + KUBECONFIG: /home/kata/.kube/config + KUBERNETES: "vanilla" + USING_NFD: "false" + K8S_TEST_HOST_TYPE: "baremetal" + steps: + - uses: actions/checkout@v3 + with: + ref: ${{ inputs.commit-hash }} + fetch-depth: 0 + + - name: Rebase atop of the latest target branch + run: | + ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch" + env: + TARGET_BRANCH: ${{ inputs.target-branch }} + + - name: Deploy Kata + timeout-minutes: 10 + run: bash tests/integration/kubernetes/gha-run.sh deploy-kata-sev + + - name: Run tests + timeout-minutes: 30 + run: bash tests/integration/kubernetes/gha-run.sh run-tests + + - name: Delete kata-deploy + if: always() + run: bash tests/integration/kubernetes/gha-run.sh cleanup-sev + + run-k8s-tests-sev-snp: + strategy: + fail-fast: false + matrix: + vmm: + - qemu-snp + runs-on: sev-snp + env: + DOCKER_REGISTRY: ${{ inputs.registry }} + DOCKER_REPO: ${{ inputs.repo }} + DOCKER_TAG: ${{ inputs.tag }} + PR_NUMBER: ${{ inputs.pr-number }} + KATA_HYPERVISOR: ${{ matrix.vmm }} + KUBECONFIG: /home/kata/.kube/config + KUBERNETES: "vanilla" + USING_NFD: "false" + K8S_TEST_HOST_TYPE: "baremetal" + steps: + - uses: actions/checkout@v3 + with: + ref: ${{ inputs.commit-hash }} + fetch-depth: 0 + + - name: Rebase atop of the latest target branch + run: | + ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch" + env: + TARGET_BRANCH: ${{ inputs.target-branch }} + + - name: Deploy Kata + timeout-minutes: 10 + run: bash tests/integration/kubernetes/gha-run.sh deploy-kata-snp + + - name: Run tests + timeout-minutes: 30 + run: bash tests/integration/kubernetes/gha-run.sh run-tests + + - name: Delete kata-deploy + if: always() + run: bash tests/integration/kubernetes/gha-run.sh cleanup-snp diff --git a/.github/workflows/run-kata-deploy-tests-on-tdx.yaml b/.github/workflows/run-kata-deploy-tests-on-tdx.yaml deleted file mode 100644 index 6b439cea8c..0000000000 --- a/.github/workflows/run-kata-deploy-tests-on-tdx.yaml +++ /dev/null @@ -1,54 +0,0 @@ -name: CI | Run kata-deploy tests on TDX -on: - workflow_call: - inputs: - registry: - required: true - type: string - repo: - required: true - type: string - tag: - required: true - type: string - pr-number: - required: true - type: string - commit-hash: - required: false - type: string - target-branch: - required: false - type: string - default: "" - -jobs: - run-kata-deploy-tests: - strategy: - fail-fast: false - matrix: - vmm: - - qemu-tdx - runs-on: tdx - env: - DOCKER_REGISTRY: ${{ inputs.registry }} - DOCKER_REPO: ${{ inputs.repo }} - DOCKER_TAG: ${{ inputs.tag }} - PR_NUMBER: ${{ inputs.pr-number }} - KATA_HYPERVISOR: ${{ matrix.vmm }} - KUBERNETES: "k3s" - USING_NFD: "true" - steps: - - uses: actions/checkout@v3 - with: - ref: ${{ inputs.commit-hash }} - fetch-depth: 0 - - - name: Rebase atop of the latest target branch - run: | - ./tests/git-helper.sh "rebase-atop-of-the-latest-target-branch" - env: - TARGET_BRANCH: ${{ inputs.target-branch }} - - - name: Run tests - run: bash tests/functional/kata-deploy/gha-run.sh run-tests