ci: safely set attestation variant in OpenSearch URL (#2864)

* Add attestation variant to notify hooks
* Quote all inputs in OpenSearch URL
* Add clusterCreation field to OpenSearch URL
* Omit empty fields in OpenSearch URL

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
This commit is contained in:
Daniel Weiße 2024-01-29 11:52:41 +01:00 committed by GitHub
parent 6d4a8d594e
commit d372130bfd
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
5 changed files with 26 additions and 16 deletions

View File

@ -22,7 +22,7 @@ inputs:
required: false
clusterCreation:
description: "How the infrastructure for the e2e test was created. One of [cli, self-managed, terraform]."
default: "false"
required: false
runs:
using: "composite"
@ -59,15 +59,24 @@ runs:
# Default window: last 7 days
g='(time:(from:now-7d,to:now))'
# Query with filters for this workflow run
# TODO(msanft): Add Self-managed param once logcollection is fixed.
# Query construction
# Omit empty fields since OpenSearch will otherwise only display results where the field is empty
queryGen() {
key=$1
val=$2
if [[ -n "${val}" ]]; then
printf "(query:(match_phrase:(%s:'%s')))," "${key}" "${val}"
fi
}
q=$(echo "(filters:!(
(query:(match_phrase:(cloud.provider:${{ inputs.provider }}))),
(query:(match_phrase:(metadata.github.run-id:${{ github.run_id }}))),
(query:(match_phrase:(metadata.github.ref-stream:${{ inputs.refStream }}))),
(query:(match_phrase:(metadata.github.kubernetes-version:${{ inputs.kubernetesVersion }}))),
(query:(match_phrase:(metadata.github.attestation-variant:${{ inputs.attestationVariant }}))),
(query:(match_phrase:(metadata.github.e2e-test-payload:'${{ steps.encode-uri-component.outputs.string }}')))
$(queryGen cloud.provider "${{ inputs.provider }}")
$(queryGen metadata.github.ref-stream "${{ inputs.refStream }}")
$(queryGen metadata.github.kubernetes-version "${{ inputs.kubernetesVersion }}")
$(queryGen metadata.github.attestation-variant "${{ inputs.attestationVariant }}")
$(queryGen metadata.github.cluster-creation "${{ inputs.clusterCreation }}")
$(queryGen metadata.github.e2e-test-payload "${{ steps.encode-uri-component.outputs.string }}")
(query:(match_phrase:(metadata.github.run-id:${run_id})))
))" | tr -d "\t\n ")
# URL construction

View File

@ -134,6 +134,7 @@ jobs:
test: ${{ matrix.test }}
kubernetesVersion: ${{ matrix.kubernetesVersion }}
provider: ${{ steps.split-attestationVariant.outputs.cloudProvider }}
attestationVariant: ${{ matrix.attestationVariant }}
clusterCreation: "cli"
e2e-mini:
@ -177,5 +178,6 @@ jobs:
uses: ./.github/actions/notify_e2e_failure
with:
projectWriteToken: ${{ secrets.PROJECT_WRITE_TOKEN }}
attestationVariant: "qemu-vtpm"
test: "MiniConstellation"
provider: "QEMU"

View File

@ -409,6 +409,7 @@ jobs:
test: ${{ matrix.test }}
kubernetesVersion: ${{ matrix.kubernetes-version }}
provider: ${{ steps.split-attestationVariant.outputs.cloudProvider }}
attestationVariant: ${{ matrix.attestationVariant }}
clusterCreation: ${{ matrix.clusterCreation }}
e2e-upgrade:
@ -475,6 +476,7 @@ jobs:
projectWriteToken: ${{ secrets.PROJECT_WRITE_TOKEN }}
test: "MiniConstellation"
provider: "QEMU"
attestationVariant: "qemu-vtpm"
e2e-windows:
name: Run Windows E2E test

View File

@ -534,3 +534,4 @@ jobs:
projectWriteToken: ${{ secrets.PROJECT_WRITE_TOKEN }}
test: "upgrade"
provider: ${{ needs.generate-input-parameters.outputs.cloudProvider }}
attestationVariant: ${{ inputs.attestationVariant }}

View File

@ -76,15 +76,10 @@ jobs:
with:
azure_credentials: ${{ secrets.AZURE_E2E_CLUSTER_CREDENTIALS }}
- name: Create cluster
- name: Apply config
shell: pwsh
run: |
.\constellation.exe create --debug -y
- name: Initialize cluster
shell: pwsh
run: |
.\constellation.exe apply --debug
.\constellation.exe apply --debug -y
- name: Liveness probe
shell: pwsh
@ -176,3 +171,4 @@ jobs:
projectWriteToken: ${{ secrets.PROJECT_WRITE_TOKEN }}
test: Windows E2E Test
provider: Azure
attestationVariant: "azure-sev-snp"