Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-09-21 21:44:39 -04:00
Code Issues Projects Releases Packages Wiki Activity

Add GCP ServiceAccount to E2E test

Browse source
This commit is contained in:
Nils Hanke 2022-08-29 08:55:36 +02:00 committed by Nils Hanke
parent 07c6c4e190
commit 87e68961dd
5 changed files with 19 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

11
.github/actions/constellation_create/action.yml vendored
View file

@ -14,6 +14,9 @@ inputs:
cloudProvider: cloudProvider:
description: "Either 'gcp' or 'azure'." description: "Either 'gcp' or 'azure'."
required: true required: true
gcpClusterServiceAccountKey:
description: "Service account to use inside the created Constellation cluster on GCP."
required: false
machineType: machineType:
description: "Machine type of VM to spawn." description: "Machine type of VM to spawn."
required: true required: true
@ -125,6 +128,14 @@ runs:
shell: bash shell: bash
if: ${{ inputs.isDebugImage == 'true' }} if: ${{ inputs.isDebugImage == 'true' }}
- name: Create serviceAccountKey.json
if: ${{ inputs.cloudProvider == 'gcp' }}
shell: bash
run: |
echo "$GCP_CLUSTER_SERVICE_ACCOUNT_KEY" > serviceAccountKey.json
env:
GCP_CLUSTER_SERVICE_ACCOUNT_KEY: ${{ inputs.gcpClusterServiceAccountKey }}
- name: Constellation init - name: Constellation init
run: | run: |
if [ ${{ inputs.autoscale }} = true ]; then autoscale=--autoscale; fi if [ ${{ inputs.autoscale }} = true ]; then autoscale=--autoscale; fi

4
.github/actions/e2e_test/action.yml vendored
View file

@ -27,6 +27,9 @@ inputs:
gcp_service_account_json: gcp_service_account_json:
description: "Service account with permissions to create Constellation on GCP." description: "Service account with permissions to create Constellation on GCP."
required: false required: false
gcpClusterServiceAccountKey:
description: "Service account to use inside the created Constellation cluster on GCP."
required: false
azure_credentials: azure_credentials:
description: "Credentials authorized to create Constellation on Azure." description: "Credentials authorized to create Constellation on Azure."
required: false required: false
@ -90,6 +93,7 @@ runs:
uses: ./.github/actions/constellation_create uses: ./.github/actions/constellation_create
with: with:
cloudProvider: ${{ inputs.cloudProvider }} cloudProvider: ${{ inputs.cloudProvider }}
gcpClusterServiceAccountKey: ${{ inputs.gcpClusterServiceAccountKey }}
autoscale: ${{ inputs.autoscale }} autoscale: ${{ inputs.autoscale }}
workerNodesCount: ${{ inputs.workerNodesCount }} workerNodesCount: ${{ inputs.workerNodesCount }}
controlNodesCount: ${{ inputs.controlNodesCount }} controlNodesCount: ${{ inputs.controlNodesCount }}

1
.github/workflows/e2e-test-gcp-weekly.yml vendored
View file

@ -28,6 +28,7 @@ jobs:
cloudProvider: "gcp" cloudProvider: "gcp"
machineType: "n2d-standard-2" machineType: "n2d-standard-2"
gcp_service_account_json: ${{ secrets.GCP_SERVICE_ACCOUNT }} gcp_service_account_json: ${{ secrets.GCP_SERVICE_ACCOUNT }}
gcpClusterServiceAccountKey: ${{ secrets.GCP_CLUSTER_SERVICE_ACCOUNT }}
sonobuoyTestSuiteCmd: '--plugin e2e --plugin-env e2e.E2E_FOCUS="\[Conformance\]" --plugin-env e2e.E2E_SKIP="for service with type clusterIP|HostPort validates that there is no conflict between pods with same hostPort but different hostIP and protocol" --plugin https://raw.githubusercontent.com/vmware-tanzu/sonobuoy-plugins/master/cis-benchmarks/kube-bench-plugin.yaml --plugin https://raw.githubusercontent.com/vmware-tanzu/sonobuoy-plugins/master/cis-benchmarks/kube-bench-master-plugin.yaml' sonobuoyTestSuiteCmd: '--plugin e2e --plugin-env e2e.E2E_FOCUS="\[Conformance\]" --plugin-env e2e.E2E_SKIP="for service with type clusterIP|HostPort validates that there is no conflict between pods with same hostPort but different hostIP and protocol" --plugin https://raw.githubusercontent.com/vmware-tanzu/sonobuoy-plugins/master/cis-benchmarks/kube-bench-plugin.yaml --plugin https://raw.githubusercontent.com/vmware-tanzu/sonobuoy-plugins/master/cis-benchmarks/kube-bench-master-plugin.yaml'
kubernetesVersion: ${{ matrix.version }} kubernetesVersion: ${{ matrix.version }}
msTeamsWebhook: ${{ secrets.MS_TEAMS_WEBHOOK_URI }} msTeamsWebhook: ${{ secrets.MS_TEAMS_WEBHOOK_URI }}

2
.github/workflows/e2e-test-gcp.yml vendored
View file

@ -23,6 +23,7 @@ jobs:
cloudProvider: "gcp" cloudProvider: "gcp"
machineType: "n2d-standard-2" machineType: "n2d-standard-2"
gcp_service_account_json: ${{ secrets.GCP_SERVICE_ACCOUNT }} gcp_service_account_json: ${{ secrets.GCP_SERVICE_ACCOUNT }}
gcpClusterServiceAccountKey: ${{ secrets.GCP_CLUSTER_SERVICE_ACCOUNT }}
# TODO: Remove E2E_SKIP once AB#2174 is resolved # TODO: Remove E2E_SKIP once AB#2174 is resolved
sonobuoyTestSuiteCmd: '--plugin e2e --plugin-env e2e.E2E_FOCUS="\[Conformance\]" --plugin-env e2e.E2E_SKIP="for service with type clusterIP|HostPort validates that there is no conflict between pods with same hostPort but different hostIP and protocol" --plugin https://raw.githubusercontent.com/vmware-tanzu/sonobuoy-plugins/master/cis-benchmarks/kube-bench-plugin.yaml --plugin https://raw.githubusercontent.com/vmware-tanzu/sonobuoy-plugins/master/cis-benchmarks/kube-bench-master-plugin.yaml' sonobuoyTestSuiteCmd: '--plugin e2e --plugin-env e2e.E2E_FOCUS="\[Conformance\]" --plugin-env e2e.E2E_SKIP="for service with type clusterIP|HostPort validates that there is no conflict between pods with same hostPort but different hostIP and protocol" --plugin https://raw.githubusercontent.com/vmware-tanzu/sonobuoy-plugins/master/cis-benchmarks/kube-bench-plugin.yaml --plugin https://raw.githubusercontent.com/vmware-tanzu/sonobuoy-plugins/master/cis-benchmarks/kube-bench-master-plugin.yaml'
msTeamsWebhook: ${{ secrets.MS_TEAMS_WEBHOOK_URI }} msTeamsWebhook: ${{ secrets.MS_TEAMS_WEBHOOK_URI }}
@ -55,6 +56,7 @@ jobs:
cloudProvider: "gcp" cloudProvider: "gcp"
machineType: "n2d-standard-2" machineType: "n2d-standard-2"
gcp_service_account_json: ${{ secrets.GCP_SERVICE_ACCOUNT }} gcp_service_account_json: ${{ secrets.GCP_SERVICE_ACCOUNT }}
gcpClusterServiceAccountKey: ${{ secrets.GCP_CLUSTER_SERVICE_ACCOUNT }}
sonobuoyTestSuiteCmd: "--mode quick" sonobuoyTestSuiteCmd: "--mode quick"
kubernetesVersion: ${{ matrix.version }} kubernetesVersion: ${{ matrix.version }}
msTeamsWebhook: ${{ secrets.MS_TEAMS_WEBHOOK_URI }} msTeamsWebhook: ${{ secrets.MS_TEAMS_WEBHOOK_URI }}

1
.github/workflows/e2e-test-manual.yml vendored
View file

@ -65,6 +65,7 @@ jobs:
cloudProvider: ${{ github.event.inputs.cloudProvider }} cloudProvider: ${{ github.event.inputs.cloudProvider }}
machineType: ${{ github.event.inputs.machineType }} machineType: ${{ github.event.inputs.machineType }}
gcp_service_account_json: ${{ secrets.GCP_SERVICE_ACCOUNT }} gcp_service_account_json: ${{ secrets.GCP_SERVICE_ACCOUNT }}
gcpClusterServiceAccountKey: ${{ secrets.GCP_CLUSTER_SERVICE_ACCOUNT }}
azure_credentials: ${{ secrets.AZURE_E2E_CREDENTIALS }} azure_credentials: ${{ secrets.AZURE_E2E_CREDENTIALS }}
sonobuoyTestSuiteCmd: ${{ github.event.inputs.sonobuoyTestSuiteCmd }} sonobuoyTestSuiteCmd: ${{ github.event.inputs.sonobuoyTestSuiteCmd }}
kubernetesVersion: ${{ github.event.inputs.kubernetesVersion }} kubernetesVersion: ${{ github.event.inputs.kubernetesVersion }}