From 24796d2f258787e215be9443bdc514f1120e16bb Mon Sep 17 00:00:00 2001 From: Eric Ernst Date: Tue, 1 Feb 2022 10:53:28 -0800 Subject: [PATCH 1/2] kata-deploy: for testing, make sure we use the PR branch Since we are already checking that only an admin is triggering the job, let's go ahead and make sure we are testing against the PR itself. This will ensure that we are exercising changes to kata-deploy tooling, which is important for this test. While at it, cleanup and simplify some of the tarball creation. Fixes: #3586 Signed-off-by: Eric Ernst --- .github/workflows/kata-deploy-test.yaml | 62 +++++++++++-------------- 1 file changed, 26 insertions(+), 36 deletions(-) diff --git a/.github/workflows/kata-deploy-test.yaml b/.github/workflows/kata-deploy-test.yaml index 5e54023951..c0a9b98b38 100644 --- a/.github/workflows/kata-deploy-test.yaml +++ b/.github/workflows/kata-deploy-test.yaml @@ -48,18 +48,16 @@ jobs: - rootfs-initrd - shim-v2 steps: - # As Github action event `issue_comment` does not provide the right ref - # (commit/branch) to be tested, let's use this third part action to work - # this limitation around. - - name: resolve pr refs - id: refs - uses: kata-containers/resolve-pr-refs@v0.0.3 - with: - token: ${{ secrets.GITHUB_TOKEN }} - + - name: get-PR-ref + id: get-PR-ref + run: | + ref=$(cat $GITHUB_EVENT_PATH | jq -r '.issue.pull_request.url' | sed 's#^.*\/pulls#refs\/pull#' | sed 's#$#\/merge#') + echo "reference for PR: " ${ref} + echo "##[set-output name=pr-ref;]${ref}" - uses: actions/checkout@v2 with: - ref: ${{ steps.refs.outputs.base_ref }} + ref: ${{ steps.get-PR-ref.outputs.pr-ref }} + - name: Install docker run: | curl -fsSL https://test.docker.com -o test-docker.sh @@ -86,17 +84,15 @@ jobs: runs-on: ubuntu-latest needs: build-asset steps: - # As Github action event `issue_comment` does not provide the right ref - # (commit/branch) to be tested, let's use this third part action to work - # this limitation around. - - name: resolve pr refs - id: refs - uses: kata-containers/resolve-pr-refs@v0.0.3 - with: - token: ${{ secrets.GITHUB_TOKEN }} + - name: get-PR-ref + id: get-PR-ref + run: | + ref=$(cat $GITHUB_EVENT_PATH | jq -r '.issue.pull_request.url' | sed 's#^.*\/pulls#refs\/pull#' | sed 's#$#\/merge#') + echo "reference for PR: " ${ref} + echo "##[set-output name=pr-ref;]${ref}" - uses: actions/checkout@v2 with: - ref: ${{ steps.refs.outputs.base_ref }} + ref: ${{ steps.get-PR-ref.outputs.pr-ref }} - name: get-artifacts uses: actions/download-artifact@v2 with: @@ -115,17 +111,15 @@ jobs: needs: create-kata-tarball runs-on: ubuntu-latest steps: - # As Github action event `issue_comment` does not provide the right ref - # (commit/branch) to be tested, let's use this third part action to work - # this limitation around. - - name: resolve pr refs - id: refs - uses: kata-containers/resolve-pr-refs@v0.0.3 - with: - token: ${{ secrets.GITHUB_TOKEN }} + - name: get-PR-ref + id: get-PR-ref + run: | + ref=$(cat $GITHUB_EVENT_PATH | jq -r '.issue.pull_request.url' | sed 's#^.*\/pulls#refs\/pull#' | sed 's#$#\/merge#') + echo "reference for PR: " ${ref} + echo "##[set-output name=pr-ref;]${ref}" - uses: actions/checkout@v2 with: - ref: ${{ steps.refs.outputs.base_ref }} + ref: ${{ steps.get-PR-ref.outputs.pr-ref }} - name: get-kata-tarball uses: actions/download-artifact@v2 with: @@ -133,18 +127,14 @@ jobs: - name: build-and-push-kata-deploy-ci id: build-and-push-kata-deploy-ci run: | - tag=$(echo $GITHUB_REF | cut -d/ -f3-) - pushd $GITHUB_WORKSPACE - git checkout $tag - pkg_sha=$(git rev-parse HEAD) - popd + PR_SHA=$(git log --format=format:%H -n1) mv kata-static.tar.xz $GITHUB_WORKSPACE/tools/packaging/kata-deploy/kata-static.tar.xz - docker build --build-arg KATA_ARTIFACTS=kata-static.tar.xz -t quay.io/kata-containers/kata-deploy-ci:$pkg_sha $GITHUB_WORKSPACE/tools/packaging/kata-deploy + docker build --build-arg KATA_ARTIFACTS=kata-static.tar.xz -t quay.io/kata-containers/kata-deploy-ci:$PR_SHA $GITHUB_WORKSPACE/tools/packaging/kata-deploy docker login -u ${{ secrets.QUAY_DEPLOYER_USERNAME }} -p ${{ secrets.QUAY_DEPLOYER_PASSWORD }} quay.io - docker push quay.io/kata-containers/kata-deploy-ci:$pkg_sha + docker push quay.io/kata-containers/kata-deploy-ci:$PR_SHA mkdir -p packaging/kata-deploy ln -s $GITHUB_WORKSPACE/tools/packaging/kata-deploy/action packaging/kata-deploy/action - echo "::set-output name=PKG_SHA::${pkg_sha}" + echo "::set-output name=PKG_SHA::${PR_SHA}" - name: test-kata-deploy-ci-in-aks uses: ./packaging/kata-deploy/action with: From 89047901b364c308321aede5a88e50059e7ebbfb Mon Sep 17 00:00:00 2001 From: Eric Ernst Date: Tue, 1 Feb 2022 13:51:45 -0800 Subject: [PATCH 2/2] kata-deploy-push: only run if PR modifying tools path Since we are using this to exercise any changes to osbuilder or packaging scripts, let's make sure that we only run the test in that case. Similarly, don't run for every single push. Just run this workflow for pull requests. Fixes: #3594 Signed-off-by: Eric Ernst --- .github/workflows/kata-deploy-push.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/kata-deploy-push.yaml b/.github/workflows/kata-deploy-push.yaml index 0de8749303..52fde686d3 100644 --- a/.github/workflows/kata-deploy-push.yaml +++ b/.github/workflows/kata-deploy-push.yaml @@ -9,7 +9,9 @@ on: - synchronize - labeled - unlabeled - push: + paths: + - tools/** + - versions.yaml jobs: build-asset: