e2e test github action implementation. (#100)

e2e test implementation with GitHub actions on GCP
2024-10-01 01:36:09 -04:00 · 2022-05-03 11:15:53 +02:00 · 2022-05-03 11:15:53 +02:00 · b841403f15
commit b841403f15
parent 1408b36db7
7 changed files with 261 additions and 0 deletions
--- a/.github/README.md
+++ b/.github/README.md
@ -0,0 +1,58 @@
+# Actions & Workflows
+
+## Manual Trigger (workflow_dispatch)
+
+It is currently not possible to run a `workflow_dispatch` based workflow on a specific branch from the WebUI. If you need to do this, use the [GitHub CLI](https://github.com/cli/cli):
+
+```bash
+gh workflow run e2e-test.yml \
+    --ref feat/e2e_pipeline \                       # On your specific branch!
+    -F autoscale=false -F cloudProvider=gcp \       # With your ...
+    -F controlNodesCount=1 -F workerNodesCount=2 \  # ... settings
+    -F machineType=n2d-standard-2
+```
+
+### E2E Test Suites
+
+Here are some examples for test suits you might want to run. Values for `sonobuoyTestSuiteCmd`:
+
+* `--mode quick`
+    * Runs a set of tests that are known to be quick to execute!
+* `--e2e-focus "Services should be able to create a functioning NodePort service"`
+    * Runs a specific test
+* `--mode certified-conformance`
+    * For K8s conformance certification test suite
+
+Check [Sonobuoy docs](https://sonobuoy.io/docs/latest/e2eplugin/) for more examples.
+
+## Local Development
+
+Using [nektos/act](https://github.com/nektos/act) you can run GitHub actions locally.
+
+### Specific Jobs
+
+```bash
+act -j e2e-test
+```
+
+### Wireguard
+
+When running actions that use Wireguard, you need to provide additional capabilities to Docker:
+
+```bash
+act --secret-file secrets.env --container-cap-add NET_ADMIN --container-cap-add SYS_MODULE --privileged
+```
+### Authorizing GCP
+
+For creating Kubernetes clusters in GCP a local copy of the service account secret is required.
+
+1. [Create a new service account key](https://console.cloud.google.com/iam-admin/serviceaccounts/details/112741463528383500960/keys?authuser=0&project=constellation-331613&supportedpurview=project)
+2. Create a compact (one line) JSON representation of the file `jq -c`
+3. Create a secrets file for act to consume:
+
+```bash
+$ cat secrets.env
+GCP_SERVICE_ACCOUNT={"type":"service_account", ... }
+
+$ act --secret-file secrets.env
+```
--- a/.github/actions/build_cli/action.yml
+++ b/.github/actions/build_cli/action.yml
@ -0,0 +1,25 @@
+name: build
+description: "Runs cmake & default make target in build folder."
+runs:
+  using: 'composite'
+  steps:
+  - name: Install build dependencies
+    run: |
+      sudo apt-get update
+      sudo apt-get install \
+        build-essential cmake \
+        -y
+    shell: bash
+  - name: Install Go
+    uses: actions/setup-go@v3
+    with:
+      go-version: '1.18.1'
+  - name: Build CLI
+    run: |
+      mkdir build
+      cd build
+      cmake ..
+      make -j`nproc` cli
+      echo "$(pwd)" >> $GITHUB_PATH
+      export PATH="$PATH:$(pwd)"
+    shell: bash
--- a/.github/actions/constellation_create/action.yml
+++ b/.github/actions/constellation_create/action.yml
@ -0,0 +1,47 @@
+name: constellation_create
+description: "Create a new Constellation cluster."
+inputs:
+  workerNodesCount:
+    description: "Number of worker nodes to spawn."
+    required: true
+  controlNodesCount:
+    description: "Number of control-plane nodes to spawn."
+    required: true
+  autoscale:
+    description: "Enable / Disable autoscaling."
+    required: true
+  cloudProvider:
+    description: "Either 'gcp' or 'azure'."
+    required: true
+  machineType:
+    description: "Machine type of VM to spawn."
+    required: true
+runs:
+  using: 'composite'
+  steps:
+  - name: Install wireguard
+    run: sudo apt-get update && sudo apt-get install wireguard iproute2 -y
+    shell: bash
+  - name: Install kubectl
+    run: |
+      curl -LO https://dl.k8s.io/release/v1.23.0/bin/linux/amd64/kubectl
+      install kubectl /usr/local/bin
+    shell: bash
+  - name: Constellation create
+    run: |
+      constellation create ${{ inputs.cloudProvider }} ${{ inputs.controlNodesCount }} ${{ inputs.workerNodesCount }} ${{ inputs.machineType }} --name e2e-test -y
+    shell: bash
+  - name: Upload constellation-state.json
+    uses: actions/upload-artifact@v3
+    with:
+      name: constellation-state.json
+      path: constellation-state.json
+  - name: Constellation init
+    run: |
+      if [ ${{ inputs.autoscale }} = true ]; then autoscale=--autoscale; fi
+      constellation init ${autoscale}
+    shell: bash
+
+  - name: Configure VPN connection
+    run: wg-quick up ./wg0.conf
+    shell: bash
--- a/.github/actions/constellation_destroy/action.yml
+++ b/.github/actions/constellation_destroy/action.yml
@ -0,0 +1,8 @@
+name: constellation_destroy
+description: "Destroy a running Constellation cluster."
+runs:
+  using: 'composite'
+  steps:
+  - name: Constellation terminate
+    run: constellation terminate
+    shell: bash
--- a/.github/actions/gcp_login/action.yml
+++ b/.github/actions/gcp_login/action.yml
@ -0,0 +1,20 @@
+name: gcp_login
+description: "Login to GCP & configure gcloud CLI."
+inputs:
+  gcp_service_account_json:
+    description: 'Service account with permissions to create Constellation on GCP.'
+    required: true
+runs:
+  using: 'composite'
+  steps:
+  # As described at:
+  # https://github.com/google-github-actions/setup-gcloud#service-account-key-json
+  - name: Authorize GCP access
+    uses: google-github-actions/auth@v0
+    with:
+      credentials_json: ${{ inputs.gcp_service_account_json }}
+  - name: Set up Cloud SDK
+    uses: google-github-actions/setup-gcloud@v0
+  - name: Verify logged in
+    run: gcloud info
+    shell: bash
--- a/.github/actions/sonobuoy/action.yml
+++ b/.github/actions/sonobuoy/action.yml
@ -0,0 +1,34 @@
+name: sonobuoy
+description: "Executed the e2e test framework sonobuoy."
+inputs:
+  sonobuoyVersion:
+    description: 'Version of sonobuoy test CLI to use.'
+    default: '0.56.4'
+    required: true
+  sonobuoyTestSuiteCmd:
+    description: 'Which tests should be run?'
+    required: true
+runs:
+  using: 'composite'
+  steps:
+  - name: Install sonobuoy
+    run: |
+      curl -LO https://github.com/vmware-tanzu/sonobuoy/releases/download/v${{ inputs.sonobuoyVersion }}/sonobuoy_${{ inputs.sonobuoyVersion }}_linux_amd64.tar.gz
+      tar -xzf sonobuoy_${{ inputs.sonobuoyVersion }}_linux_amd64.tar.gz
+      install sonobuoy /usr/local/bin
+    shell: bash
+  - name: Sonobuoy version
+    run: sonobuoy version
+    shell: bash
+
+  - name: Run quick e2e test
+    run: sonobuoy run --wait ${{ inputs.sonobuoyTestSuiteCmd }} --kubeconfig constellation-admin.conf
+    shell: bash
+  - name: Download results
+    run: sonobuoy retrieve -x --kubeconfig constellation-admin.conf
+    shell: bash
+  - name: Publish test results
+    uses: mikepenz/action-junit-report@v3
+    if: always() # always run even if the previous step fails
+    with:
+      report_paths: '**/junit_01.xml'
--- a/.github/workflows/e2e-test.yml
+++ b/.github/workflows/e2e-test.yml
@ -0,0 +1,69 @@
+name: e2e Test
+
+on:
+  workflow_dispatch:
+    inputs:
+      workerNodesCount:
+        description: 'Number of worker nodes to spawn.'
+        default: '2'
+        required: true
+      controlNodesCount:
+        description: 'Number of control-plane nodes to spawn.'
+        default: '1'
+        required: true
+      autoscale:
+        description: 'Enable / Disable autoscaling.'
+        type: boolean
+        default: false
+        required: true
+      cloudProvider:
+        description: 'Which cloud provider to use.'
+        type: choice
+        options:
+          - 'gcp'
+          - 'azure_not_yet_supported'
+        default: 'gcp'
+        required: true
+      machineType:
+        description: 'VM machine type. Make sure it matches selected cloud provider!'
+        type: choice
+        options:
+          - 'n2d-standard-2' # GCP
+          - 'Standard_D4s_v3' # Azure
+        default: 'n2d-standard-2'
+        required: true
+      sonobuoyTestSuiteCmd:
+        description: 'Which tests should be run? Check README for guidance!'
+        default: '--mode quick'
+        required: true
+jobs:
+  e2e-test:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Check out repository
+      uses: actions/checkout@v3
+    - name: Build CLI
+      uses: ./.github/actions/build_cli
+
+    - name: Login to GCP
+      uses: ./.github/actions/gcp_login
+      with:
+        gcp_service_account_json: ${{ secrets.GCP_SERVICE_ACCOUNT }}
+      if: ${{ github.event.inputs.cloudProvider == 'gcp' }}
+
+    - name: Create cluster
+      uses: ./.github/actions/constellation_create
+      with:
+        cloudProvider: ${{ github.event.inputs.cloudProvider }}
+        autoscale: ${{ github.event.inputs.autoscale }}
+        workerNodesCount: ${{ github.event.inputs.workerNodesCount }}
+        controlNodesCount: ${{ github.event.inputs.controlNodesCount }}
+        machineType: ${{ github.event.inputs.machineType }}
+    - name: Run e2e tests
+      uses: ./.github/actions/sonobuoy
+      with:
+        sonobuoyTestSuiteCmd: ${{ github.event.inputs.sonobuoyTestSuiteCmd }}
+
+    - name: Always terminate cluster
+      if: always()
+      uses: ./.github/actions/constellation_destroy