constellation/.github/workflows/e2e-test-azure.yml

name: e2e Test Azure

on:
  workflow_dispatch:
  schedule:
    - cron: "0 0 * * 2-6"
jobs:
  test-default:
    runs-on: ubuntu-latest
    steps:
      - name: Check out repository
        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
        with:
          fetch-depth: 0

      - name: Login to Azure
        uses: ./.github/actions/azure_login
        with:
          azure_credentials: ${{ secrets.AZURE_E2E_CREDENTIALS }}

      - name: Create Azure resource group
        id: az_resource_group_gen
        shell: bash
        run: |
          uuid=$(cat /proc/sys/kernel/random/uuid)
          name=e2e-test-${uuid%%-*}
          az group create --location westus --name $name --tags e2e
          echo "::set-output name=res_group_name::$name"

      - name: Run Azure E2E test
        uses: ./.github/actions/e2e_test
        with:
          workerNodesCount: "2"
          controlNodesCount: "1"
          autoscale: "false"
          cloudProvider: "azure"
          azureClientSecret: ${{ secrets.AZURE_E2E_CLIENT_SECRET }}
          azureResourceGroup: ${{ steps.az_resource_group_gen.outputs.res_group_name }}
          # TODO: Remove E2E_SKIP once AB#2174 is resolved
          sonobuoyTestSuiteCmd: '--plugin e2e --plugin-env e2e.E2E_FOCUS="\[Conformance\]" --plugin-env e2e.E2E_SKIP="for service with type clusterIP|HostPort validates that there is no conflict between pods with same hostPort but different hostIP and protocol" --plugin https://raw.githubusercontent.com/vmware-tanzu/sonobuoy-plugins/master/cis-benchmarks/kube-bench-plugin.yaml --plugin https://raw.githubusercontent.com/vmware-tanzu/sonobuoy-plugins/master/cis-benchmarks/kube-bench-master-plugin.yaml'
          cosignPublicKey: ${{ secrets.COSIGN_PUBLIC_KEY }}
          cosignPrivateKey: ${{ secrets.COSIGN_PRIVATE_KEY }}
          cosignPassword: ${{ secrets.COSIGN_PASSWORD }}
          awsAccessKeyID: ${{ secrets.AWS_ACCESS_KEY_ID }}
          awsSecretAccessKey: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
          awsDefaultRegion: ${{ secrets.AWS_DEFAULT_REGION }}
          awsBucketName: ${{ secrets.PUBLIC_BUCKET_NAME }}

      - name: Always terminate cluster
        if: always()
        continue-on-error: true
        uses: ./.github/actions/constellation_destroy

      - name: Notify teams channel
        if: ${{ failure() && github.ref == 'refs/heads/main' }}
        continue-on-error: true
        run: |
          sudo apt-get install gettext-base -y
          export TEAMS_JOB_NAME=azure
          export TEAMS_RUN_ID=${{ github.run_id }}
          envsubst < teams-payload.json > to-be-send.json
          curl                                          \
            -H "Content-Type: application/json"         \
            -d @to-be-send.json                         \
            "${{ secrets.MS_TEAMS_WEBHOOK_URI }}"
        shell: bash
        working-directory: .github/actions/e2e_test

      - name: Always destroy Azure resource group
        if: always()
        shell: bash
        run: |
          az group delete \
            --name ${{ steps.az_resource_group_gen.outputs.res_group_name }} \
            --force-deletion-types Microsoft.Compute/virtualMachineScaleSets \
            --force-deletion-types Microsoft.Compute/virtualMachines \
            --no-wait \
            --yes

  test-other-versions:
    strategy:
      matrix:
        version: ["1.22", "1.24", "1.25"]
    runs-on: ubuntu-latest
    steps:
      - name: Check out repository
        uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
        with:
          fetch-depth: 0

      - name: Login to Azure
        uses: ./.github/actions/azure_login
        with:
          azure_credentials: ${{ secrets.AZURE_E2E_CREDENTIALS }}

      - name: Create Azure resource group
        id: az_resource_group_gen
        shell: bash
        run: |
          uuid=$(cat /proc/sys/kernel/random/uuid)
          name=e2e-test-${uuid%%-*}
          az group create --location westus --name $name --tags e2e
          echo "::set-output name=res_group_name::$name"

      - name: Run Azure E2E test
        uses: ./.github/actions/e2e_test
        with:
          workerNodesCount: "2"
          controlNodesCount: "1"
          autoscale: "false"
          cloudProvider: "azure"
          azureClientSecret: ${{ secrets.AZURE_E2E_CLIENT_SECRET }}
          azureResourceGroup: ${{ steps.az_resource_group_gen.outputs.res_group_name }}
          sonobuoyTestSuiteCmd: "--mode quick"
          kubernetesVersion: ${{ matrix.version }}

      - name: Always terminate cluster
        if: always()
        continue-on-error: true
        uses: ./.github/actions/constellation_destroy

      - name: Notify teams channel
        if: ${{ failure() && github.ref == 'refs/heads/main' }}
        continue-on-error: true
        run: |
          sudo apt-get install gettext-base -y
          export TEAMS_JOB_NAME=azure
          export TEAMS_RUN_ID=${{ github.run_id }}
          envsubst < teams-payload.json > to-be-send.json
          curl                                          \
            -H "Content-Type: application/json"         \
            -d @to-be-send.json                         \
            "${{ secrets.MS_TEAMS_WEBHOOK_URI }}"
        shell: bash
        working-directory: .github/actions/e2e_test

      - name: Always destroy Azure resource group
        if: always()
        shell: bash
        run: |
          az group delete \
            --name ${{ steps.az_resource_group_gen.outputs.res_group_name }} \
            --force-deletion-types Microsoft.Compute/virtualMachineScaleSets \
            --force-deletion-types Microsoft.Compute/virtualMachines \
            --no-wait \
            --yes