mirror of
https://github.com/kairos-io/kcrypt-challenger.git
synced 2025-04-27 11:00:54 +00:00
111 lines
3.3 KiB
YAML
111 lines
3.3 KiB
YAML
name: End to end tests
|
|
on:
|
|
push:
|
|
paths-ignore:
|
|
- 'README.md'
|
|
branches:
|
|
- main
|
|
pull_request:
|
|
paths-ignore:
|
|
- 'README.md'
|
|
|
|
concurrency:
|
|
group: ci-e2e-${{ github.head_ref || github.ref }}-${{ github.repository }}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
build-iso:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
- name: Install Go
|
|
uses: actions/setup-go@v5
|
|
- name: Install earthly
|
|
uses: earthly/actions-setup@v1
|
|
with:
|
|
github-token: ${{ secrets.GITHUB_TOKEN }}
|
|
- name: build iso
|
|
run: |
|
|
# Configure earthly to use the docker mirror in CI
|
|
# https://docs.earthly.dev/ci-integration/pull-through-cache#configuring-earthly-to-use-the-cache
|
|
mkdir -p ~/.earthly/
|
|
cat << EOF > ~/.earthly/config.yml
|
|
global:
|
|
buildkit_additional_config: |
|
|
[registry."docker.io"]
|
|
mirrors = ["registry.docker-mirror.svc.cluster.local:5000"]
|
|
[registry."registry.docker-mirror.svc.cluster.local:5000"]
|
|
insecure = true
|
|
EOF
|
|
|
|
earthly -P +iso
|
|
- uses: actions/upload-artifact@v4
|
|
with:
|
|
name: challenger.iso.zip
|
|
path: |
|
|
build/*.iso
|
|
e2e-tests:
|
|
needs:
|
|
- build-iso
|
|
runs-on: kvm
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
include:
|
|
- label: "local-encryption"
|
|
- label: "remote-auto"
|
|
- label: "remote-static"
|
|
- label: "remote-https-pinned"
|
|
- label: "remote-https-bad-cert"
|
|
- label: "discoverable-kms"
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
with:
|
|
fetch-depth: 0
|
|
- name: Install Go
|
|
uses: actions/setup-go@v5
|
|
with:
|
|
go-version-file: go.mod
|
|
- name: Install earthly
|
|
uses: earthly/actions-setup@v1
|
|
with:
|
|
github-token: ${{ secrets.GITHUB_TOKEN }}
|
|
- name: Install deps
|
|
run: |
|
|
curl -L https://github.com/mudler/luet/releases/download/0.33.0/luet-0.33.0-linux-amd64 -o luet
|
|
chmod +x luet
|
|
sudo mv luet /usr/bin/luet
|
|
sudo mkdir -p /etc/luet/repos.conf.d/
|
|
sudo luet repo add -y kairos --url quay.io/kairos/packages --type docker
|
|
LUET_NOLOCK=true sudo -E luet install -y container/kubectl utils/k3d
|
|
- name: Download artifacts
|
|
uses: actions/download-artifact@v4
|
|
with:
|
|
name: challenger.iso.zip
|
|
- name: Run tests
|
|
env:
|
|
LABEL: ${{ matrix.label }}
|
|
KVM: true
|
|
run: |
|
|
sudo apt update && \
|
|
sudo apt install -y git qemu-system-x86 qemu-utils swtpm jq make glibc-tools \
|
|
openssl curl gettext ca-certificates curl gnupg lsb-release
|
|
|
|
export ISO=$PWD/$(ls *.iso)
|
|
# update controllers
|
|
make test
|
|
# Generate controller image
|
|
make docker-build
|
|
# We run with sudo to be able to access /dev/kvm
|
|
sudo -E ./scripts/e2e-tests.sh
|
|
- uses: actions/upload-artifact@v4
|
|
if: failure()
|
|
with:
|
|
name: ${{ matrix.label }}-test.logs.zip
|
|
path: tests/**/logs/*
|
|
if-no-files-found: warn
|