Update to Go v1.21 #322
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: E2E Tests | |
on: | |
push: | |
branches: | |
- main | |
pull_request: | |
workflow_dispatch: | |
jobs: | |
e2e: | |
name: e2e | |
runs-on: ubuntu-latest | |
env: | |
IMG: skyscanner/kms-issuer:dev | |
CERT_MANAGER_VERSION: v1.13.2 | |
steps: | |
- uses: actions/checkout@v3.1.0 | |
# Build testing docker image | |
- name: Build the testing kms-issuer docker image | |
run: docker build -t ${IMG} . | |
# Setup kind cluster | |
- name: Create k8s Kind Cluster | |
uses: helm/kind-action@v1.4.0 | |
with: | |
cluster_name: kind | |
- name: Load test docker image into the kind cluster | |
run: kind load docker-image ${IMG} | |
# Install local-kms to the cluster | |
- name: Create local-kms namespace | |
run: kubectl create namespace local-kms | |
- name: Create local-kms deployment | |
run: kubectl create deployment local-kms -n local-kms --port 8080 --image nsmithuk/local-kms:3.11.2 | |
- name: Create local-kms service | |
run: kubectl expose deployment local-kms -n local-kms --port 8080 | |
- name: Wait for local-kms pod to be ready | |
run: kubectl wait --for=condition=Ready -l app=local-kms -n local-kms pod | |
- name: Install cert-manager | |
run: kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/${CERT_MANAGER_VERSION}/cert-manager.yaml | |
- name: Install kms-issuer CRDs | |
run: make install | |
- name: Set docker image to use in Kustomization | |
run: make kustomize && cd config/manager && kustomize edit set image controller=${IMG} | |
- name: Deploy kms-issuer | |
run: kustomize build config/testing | kubectl apply -f - | |
- name: Apply KMSKey from samples | |
run: kubectl apply -f ./config/samples/cert-manager_v1alpha1_kmskey.yaml | |
- name: Wait for key to be ready | |
run: kubectl wait --for=condition=Ready kmskey/kmskey-sample | |
- name: port-forward to local-kms | |
run: kubectl port-forward -n local-kms svc/local-kms 8080 & | |
# See https://florian.ec/blog/github-actions-awscli-errors/ | |
- name: Test a KMSKey is created | |
id: get-key | |
run: | | |
result=$(aws --endpoint http://localhost:8080 kms list-keys --region eu-west-1 --no-sign-request | jq -er '.Keys[0].KeyId') | |
if [[ "${result}" == "null" ]]; then | |
echo "Key not found" | |
exit 1 | |
else | |
echo "Key created" | |
fi | |
echo "::set-output name=key_id::$result" | |
- name: Apply KMSIssuer from sample | |
run: kubectl apply -f ./config/samples/cert-manager_v1alpha1_kmsissuer.yaml | |
- name: Wait for KMSIssuer to be ready | |
run: kubectl wait --for=condition=Ready kmsissuer/kms-issuer-sample | |
- name: Apply Certificate from sample | |
run: kubectl apply -f ./config/samples/certificate.yaml | |
- name: Wait for Certificate to be ready | |
run: kubectl wait --for=condition=Ready certificate.cert-manager.io/example-com | |
- name: Delete certificate | |
run: kubectl delete -f ./config/samples/certificate.yaml | |
- name: Delete KMSIssuer | |
run: kubectl delete -f ./config/samples/cert-manager_v1alpha1_kmsissuer.yaml | |
- name: Delete KMSKey | |
run: kubectl delete -f ./config/samples/cert-manager_v1alpha1_kmskey.yaml && sleep 2 | |
- name: Check if key is schedule for deletion | |
run: | | |
result=$(aws --endpoint http://localhost:8080 kms describe-key --key-id ${{ steps.get-key.outputs.key_id }} --region eu-west-1 --no-sign-request | jq -er '.KeyMetadata.KeyState') | |
if [[ "${result}" != "PendingDeletion" ]]; then | |
echo "Key is not in state PendingDeletion" | |
exit 1 | |
else | |
echo "Key scheduled for deletion" | |
fi | |
- name: Logs of controller | |
if: always() | |
run: | | |
echo "::group::Controller logs" | |
kubectl logs deployment/kms-issuer-controller-manager -n kms-issuer-system --all-containers | |
echo "::endgroup::" |