constellation/.github/workflows/e2e-test-manual.yml

name: e2e test manual

on:
  workflow_dispatch:
    inputs:
      workerNodesCount:
        description: "Number of worker nodes to spawn."
        default: "2"
        required: true
      controlNodesCount:
        description: "Number of control-plane nodes to spawn."
        default: "3"
        required: true
      cloudProvider:
        description: "Which cloud provider to use."
        type: choice
        options:
          - "gcp"
          - "azure"
          - "aws"
        default: "azure"
        required: true
      runner:
        description: "Architecture of the runner that executes the CLI"
        type: choice
        options:
          - "ubuntu-22.04"
          - "macos-12"
        default: "ubuntu-22.04"
      test:
        description: "The test to run."
        type: choice
        options:
          - "sonobuoy quick"
          - "sonobuoy full"
          - "autoscaling"
          - "lb"
          - "perf-bench"
          - "verify"
          - "recover"
          - "nop"
          - "iamcreate"
        required: true
      kubernetesVersion:
        description: "Kubernetes version to create the cluster from."
        default: "1.25"
        required: true
      keepMeasurements:
        description: "Keep measurements embedded in the CLI."
        type: boolean
        default: false
        required: false
      cliImageVersion:
        description: "Version of a released CLI to download:Full name of OS image (CSP independent image version UID). Leave empty for latest debug image on main."
        type: string
        default: ""
        required: false
      machineType:
        description: "Override VM machine type. Leave as 'default' or empty to use the default VM type for the selected cloud provider."
        type: string
        default: "default"
        required: false
      git-ref:
        description: "Git ref to checkout."
        type: string
        default: "head"
        required: false
  workflow_call:
    inputs:
      workerNodesCount:
        description: "Number of worker nodes to spawn."
        type: number
        required: true
      controlNodesCount:
        description: "Number of control-plane nodes to spawn."
        type: number
        required: true
      cloudProvider:
        description: "Which cloud provider to use."
        type: string
        required: true
      runner:
        description: "Architecture of the runner that executes the CLI"
        type: string
        required: true
      test:
        description: "The test to run."
        type: string
        required: true
      kubernetesVersion:
        description: "Kubernetes version to create the cluster from."
        type: string
        required: true
      keepMeasurements:
        description: "Keep measurements embedded in the CLI."
        type: boolean
        required: true
      cliImageVersion:
        description: "Version of a released CLI to download and full name of OS image (CSP independent image version UID). Leave empty for latest debug image on main. Must be in the form of 'cliVersion:image'."
        type: string
        required: true
      machineType:
        description: "Override VM machine type. Leave as 'default' or empty to use the default VM type for the selected cloud provider."
        type: string
        required: true
      git-ref:
        description: "Git ref to checkout."
        type: string
        required: true

env:
  ARM_CLIENT_ID: ${{ secrets.AZURE_E2E_CLIENT_ID }}
  ARM_CLIENT_SECRET: ${{ secrets.AZURE_E2E_CLIENT_SECRET }}
  ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_E2E_SUBSCRIPTION_ID }}
  ARM_TENANT_ID: ${{ secrets.AZURE_E2E_TENANT_ID }}

jobs:
  split-cliImageVersion:
    name: Split cliImageVersion
    runs-on: ubuntu-22.04
    permissions:
      id-token: write
      contents: read
    outputs:
      image: ${{ steps.split-cliImageVersion.outputs.image }}
      cliVersion: ${{ steps.split-cliImageVersion.outputs.cliVersion }}
    steps:
      - name: Split cliImageVersion
        id: split-cliImageVersion
        shell: bash
        run: |
          if [[ -z "${{ inputs.cliImageVersion }}" ]]; then
            echo "Using latest debug image from main."
            exit 0
          fi

          cliImageVersion="${{ inputs.cliImageVersion }}"
          image="${cliImageVersion##*:}"
          cliVersion="${cliImageVersion%%:*}"
          echo "image=${image}" | tee -a "$GITHUB_OUTPUT"
          echo "cliVersion=${cliVersion}" | tee -a "$GITHUB_OUTPUT"

  find-latest-image:
    name: Select image
    runs-on: ubuntu-22.04
    needs: [split-cliImageVersion]
    permissions:
      id-token: write
      contents: read
    outputs:
      image: ${{ steps.find-latest-image.outputs.output }}${{ steps.check-input.outputs.image }}
      isDebugImage: ${{ steps.isDebugImage.outputs.isDebugImage }}
    steps:
      - name: Check input
        id: check-input
        shell: bash
        run: |
          if [[ -z "${{ needs.split-cliImageVersion.outputs.image }}" ]]; then
            echo "Using latest debug image from main."
            exit 0
          else
            echo "image=${{ needs.split-cliImageVersion.outputs.image }}" | tee -a "$GITHUB_OUTPUT"
          fi

      - name: Checkout head
        if: needs.split-cliImageVersion.outputs.image == '' && inputs.git-ref == 'head'
        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
        with:
          ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}

      - name: Checkout ref
        if: needs.split-cliImageVersion.outputs.image == '' && inputs.git-ref != 'head'
        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
        with:
          ref: ${{ inputs.git-ref }}

      - name: Login to AWS
        if: needs.split-cliImageVersion.outputs.image == ''
        uses: aws-actions/configure-aws-credentials@e1e17a757e536f70e52b5a12b2e8d1d1c60e04ef # v2.0.0
        with:
          role-to-assume: arn:aws:iam::795746500882:role/GithubConstellationVersionsAPIRead
          aws-region: eu-central-1

      - name: Find latest image
        id: find-latest-image
        if: needs.split-cliImageVersion.outputs.image == ''
        uses: ./.github/actions/versionsapi
        with:
          command: latest
          ref: main
          stream: debug

      - name: Is debug image?
        id: isDebugImage
        shell: bash
        run: |
          case "${{ needs.split-cliImageVersion.outputs.image }}" in
            "")
              echo "isDebugImage=true" >> "$GITHUB_OUTPUT"
              echo "Image is debug image."
              ;;
            *"/stream/debug/"*)
              echo "isDebugImage=true" >> "$GITHUB_OUTPUT"
              echo "Image is debug image."
              ;;
            *)
              echo "isDebugImage=false" >> "$GITHUB_OUTPUT"
              echo "Image is not debug image."
              ;;
          esac

  e2e-test-manual:
    runs-on: ${{ inputs.runner }}
    permissions:
      id-token: write
      checks: write
      contents: read
    needs: [find-latest-image, split-cliImageVersion]
    if: always() && !cancelled()
    steps:
      - name: Install basic tools (macOS)
        if: runner.os == 'macOS'
        shell: bash
        run: brew install coreutils kubectl bash terraform

      - name: Checkout head
        if: inputs.git-ref == 'head'
        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
        with:
          ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}

      - name: Checkout ref
        if: inputs.git-ref != 'head'
        uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0
        with:
          ref: ${{ inputs.git-ref }}

      - name: Setup Go environment
        uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0
        with:
          go-version: "1.20.2"

      - name: Set up gcloud CLI (macOS)
        if: inputs.cloudProvider == 'gcp' && runner.os == 'macOS'
        uses: google-github-actions/setup-gcloud@62d4898025f6041e16b1068643bfc5a696863587 # v1.1.0

      - name: Login to Azure
        if: inputs.cloudProvider == 'azure'
        uses: ./.github/actions/login_azure
        with:
          azure_credentials: ${{ secrets.AZURE_E2E_CREDENTIALS }}

      - name: Create Azure resource group
        id: az_resource_group_gen
        if: inputs.cloudProvider == 'azure'
        shell: bash
        run: |
          uuid=$(uuidgen)
          name=e2e-test-${uuid%%-*}
          az group create --location westus --name "$name" --tags e2e
          echo "res_group_name=$name" >> "$GITHUB_OUTPUT"

      - name: Run manual E2E test
        id: e2e_test
        uses: ./.github/actions/e2e_test
        with:
          workerNodesCount: ${{ inputs.workerNodesCount }}
          controlNodesCount: ${{ inputs.controlNodesCount }}
          cloudProvider: ${{ inputs.cloudProvider }}
          machineType: ${{ inputs.machineType }}
          gcpProject: ${{ secrets.GCP_E2E_PROJECT }}
          gcp_service_account: "constellation-e2e@constellation-331613.iam.gserviceaccount.com"
          gcpClusterServiceAccountKey: ${{ secrets.GCP_CLUSTER_SERVICE_ACCOUNT }}
          test: ${{ inputs.test }}
          kubernetesVersion: ${{ inputs.kubernetesVersion }}
          keepMeasurements: ${{ inputs.keepMeasurements }}
          awsOpenSearchDomain: ${{ secrets.AWS_OPENSEARCH_DOMAIN }}
          awsOpenSearchUsers: ${{ secrets.AWS_OPENSEARCH_USER }}
          awsOpenSearchPwd: ${{ secrets.AWS_OPENSEARCH_PWD }}
          azureSubscription: ${{ secrets.AZURE_E2E_SUBSCRIPTION_ID }}
          azureTenant: ${{ secrets.AZURE_E2E_TENANT_ID }}
          azureClientID: ${{ secrets.AZURE_E2E_CLIENT_ID }}
          azureClientSecret: ${{ secrets.AZURE_E2E_CLIENT_SECRET }}
          azureUserAssignedIdentity: ${{ secrets.AZURE_E2E_USER_ASSIGNED_IDENTITY }}
          azureResourceGroup: ${{ steps.az_resource_group_gen.outputs.res_group_name }}
          osImage: ${{ needs.find-latest-image.outputs.image }}
          cliVersion: ${{ needs.split-cliImageVersion.outputs.cliVersion }}
          isDebugImage: ${{ needs.find-latest-image.outputs.isDebugImage }}
          buildBuddyApiKey: ${{ secrets.BUILDBUDDY_ORG_API_KEY }}

      - name: Always terminate cluster
        if: always()
        uses: ./.github/actions/constellation_destroy
        with:
          kubeconfig: ${{ steps.e2e_test.outputs.kubeconfig }}

      - name: Always delete IAM configuration
        if: always() && inputs.test == 'iamcreate' && inputs.cloudProvider != 'azure' # skip for Azure, as the SP / MI does not have the required permissions
        uses: ./.github/actions/constellation_iam_destroy

      - name: Always destroy Azure resource group
        if: always() && inputs.cloudProvider == 'azure'
        shell: bash
        run: |
          az group delete \
            --name ${{ steps.az_resource_group_gen.outputs.res_group_name }} \
            --force-deletion-types Microsoft.Compute/virtualMachineScaleSets \
            --force-deletion-types Microsoft.Compute/virtualMachines \
            --no-wait \
            --yes