Periodic-CI #71
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Periodic-CI | |
| on: | |
| # On demand execution of workflow will run all suites. | |
| workflow_dispatch: | |
| inputs: | |
| test-targets: | |
| required: true | |
| description: "Specify test markers to run" | |
| default: '[\"pre_merge\", \"file_system_rules\", \"k8s_object_rules\", \"process_api_server_rules\", \"process_controller_manager_rules\", \"process_etcd_rules\", \"process_kubelet_rules\", \"process_scheduler_rules\"]' | |
| schedule: | |
| # Nightly job. Running every day at 2 am | |
| - cron: "00 02 * * 0-4" | |
| # Weekly job running every saturday at 2 am | |
| - cron: "00 02 * * 6" | |
| env: | |
| AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| GITHUB_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| CONTAINER_SUFFIX: ${{ github.run_id }} | |
| TEST_TARGETS_DEFAULT: '[\"pre_merge\", \"file_system_rules\", \"k8s_object_rules\", \"process_api_server_rules\", \"process_controller_manager_rules\", \"process_etcd_rules\", \"process_kubelet_rules\", \"process_scheduler_rules\"]' | |
| permissions: | |
| actions: read | |
| checks: write | |
| statuses: read | |
| jobs: | |
| Setup: | |
| runs-on: ubuntu-20.04 | |
| outputs: | |
| matrix: ${{ steps.set-matrix.outputs.matrix }} | |
| timeout-minutes: 40 | |
| steps: | |
| - id: Default | |
| env: | |
| TEST_TARGETS: ${{ env.TEST_TARGETS_DEFAULT }} | |
| run: | | |
| echo "TEST_MATRIX=$TEST_TARGETS" >> $GITHUB_ENV | |
| - id: Nightly | |
| if: github.event_name == 'schedule' && github.event.schedule == '00 02 * * 0-4' | |
| env: | |
| TEST_TARGETS: ${{ env.TEST_TARGETS_DEFAULT }} | |
| run: echo "TEST_MATRIX=${TEST_TARGETS}" >> $GITHUB_ENV | |
| - id: Weekly | |
| if: github.event_name == 'schedule' && github.event.schedule == '00 02 * * 6' | |
| env: | |
| TEST_TARGETS: ${{ env.TEST_TARGETS_DEFAULT }} | |
| run: echo "TEST_MATRIX=${TEST_TARGETS}" >> $GITHUB_ENV | |
| - id: Push | |
| if: github.event_name == 'push' | |
| env: | |
| TEST_TARGETS: '[\"pre_merge\", \"file_system_rules\"]' | |
| run: | | |
| echo "TEST_MATRIX=$TEST_TARGETS" >> $GITHUB_ENV | |
| - id: Dispatch | |
| if: github.event_name == 'workflow_dispatch' | |
| env: | |
| TEST_TARGETS: ${{ github.event.inputs.test-targets }} | |
| run: echo "TEST_MATRIX=${TEST_TARGETS}" >> $GITHUB_ENV | |
| - id: set-matrix | |
| run: echo "{matrix}={${{ env.TEST_MATRIX}}}" >> $GITHUB_OUTPUT | |
| Build: | |
| name: Build | |
| runs-on: ubuntu-20.04 | |
| timeout-minutes: 15 | |
| steps: | |
| - name: Check out the repo | |
| uses: actions/checkout@v3 | |
| - name: Set up GO (with caching) | |
| uses: magnetikonline/action-golang-cache@v4 | |
| with: | |
| go-version-file: .go-version | |
| - name: Setup OPA | |
| uses: open-policy-agent/setup-opa@v2 | |
| with: | |
| version: 0.44 # this should be aligned with the version in go.mod | |
| - name: build cloudbeat | |
| run: mage Build | |
| - name: Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v2 | |
| - name: Cache Build dependencies | |
| uses: actions/cache@v3 | |
| with: | |
| path: /tmp/.buildx-cache | |
| key: ${{ runner.os }}-buildx-${{ github.workflow }} | |
| restore-keys: | | |
| ${{ runner.os }}-buildx- | |
| - name: Build cloudbeat-docker | |
| uses: docker/build-push-action@v4 | |
| with: | |
| context: . | |
| file: ./deploy/Dockerfile | |
| push: false | |
| tags: cloudbeat:latest | |
| cache-from: type=local,src=/tmp/.buildx-cache | |
| cache-to: type=local,dest=/tmp/.buildx-cache-new | |
| outputs: type=docker,dest=/tmp/cloudbeat-${{ env.CONTAINER_SUFFIX }}.tar | |
| - name: Build pytest-docker | |
| uses: docker/build-push-action@v4 | |
| with: | |
| context: ./tests/. | |
| push: false | |
| tags: cloudbeat-test:latest | |
| cache-from: type=local,mode=max,src=/tmp/.buildx-cache | |
| cache-to: type=local,mode=max,dest=/tmp/.buildx-cache-new | |
| outputs: type=docker,dest=/tmp/pytest-${{ env.CONTAINER_SUFFIX }}.tar | |
| - name: Cache docker images | |
| uses: actions/cache@v3 | |
| with: | |
| path: /tmp/*.tar | |
| key: ${{ runner.os }}-dockers-cache-${{ env.CONTAINER_SUFFIX }} | |
| restore-keys: | | |
| ${{ runner.os }}-dockers-cache-${{ env.CONTAINER_SUFFIX }} | |
| - name: Move cache | |
| run: | | |
| rm -rf /tmp/.buildx-cache | |
| mv /tmp/.buildx-cache-new /tmp/.buildx-cache | |
| Test_Matrix: | |
| needs: ["Build", "Setup"] | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| test-target: ${{fromJson(needs.Setup.outputs.matrix)}} | |
| name: ${{ matrix.test-target }}-tests | |
| runs-on: ubuntu-20.04 | |
| timeout-minutes: 90 | |
| steps: | |
| - name: Check out the repo | |
| uses: actions/checkout@v3 | |
| - uses: azure/setup-helm@v3 | |
| id: install | |
| - uses: extractions/setup-just@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Create k8s Kind Cluster | |
| uses: helm/kind-action@v1.7.0 | |
| with: | |
| config: deploy/k8s/kind/kind-mono.yml | |
| - name: Cache docker images | |
| uses: actions/cache@v3 | |
| with: | |
| path: /tmp/*.tar | |
| key: ${{ runner.os }}-dockers-cache-${{ env.CONTAINER_SUFFIX }} | |
| restore-keys: | | |
| ${{ runner.os }}-dockers-cache- | |
| - name: Load images to kind | |
| run: | | |
| kind load image-archive /tmp/cloudbeat-${{ env.CONTAINER_SUFFIX }}.tar --name=kind-mono & kind load image-archive /tmp/pytest-${{ env.CONTAINER_SUFFIX }}.tar --name=kind-mono | |
| - name: Deploy tests Helm chart | |
| id: deploy_helm | |
| run: | | |
| just deploy-tests-helm-ci ${{ matrix.test-target }} | |
| - name: Run Tests | |
| id: run_tests | |
| run: | | |
| just run-tests-ci | |
| - name: Upload Test Results | |
| if: always() | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: allure_results-${{ matrix.test-target}} | |
| path: tests/allure/results/ | |
| - name: clear cache | |
| id: clear_cache | |
| if: success() | |
| run: rm -rf /tmp/${{ env.CONTAINER_SUFFIX }}}.tar | |
| publish_results: | |
| name: Publish Results | |
| needs: Test_Matrix | |
| if: always() | |
| runs-on: ubuntu-20.04 | |
| steps: | |
| - name: Download Artifacts | |
| uses: actions/download-artifact@v3 | |
| with: | |
| path: artifacts | |
| - name: Extract Artifacts | |
| run: | | |
| mkdir -p tests/allure/results | |
| find artifacts/ -type f -print0 | xargs -0 mv -t tests/allure/results | |
| - name: Publish allure report | |
| if: always() | |
| uses: andrcuns/allure-publish-action@v2.3.0 | |
| with: | |
| storageType: s3 | |
| resultsGlob: "tests/allure/results/*" | |
| updatePr: actions | |
| collapseSummary: false | |
| summary: suites | |
| summaryTableType: markdown | |
| copyLatest: true | |
| bucket: csp-allure-reports | |
| prefix: allure_reports/cloudbeat/${{ github.ref_name }} | |
| ignoreMissingResults: true | |
| - name: Setup tmate session | |
| uses: mxschmitt/action-tmate@v3 | |
| if: failure() | |
| with: | |
| limit-access-to-actor: true |