From d372130bfd50a011b6893cb073b40826ccec128c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Wei=C3=9Fe?= <66256922+daniel-weisse@users.noreply.github.com> Date: Mon, 29 Jan 2024 11:52:41 +0100 Subject: [PATCH] ci: safely set attestation variant in OpenSearch URL (#2864) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Add attestation variant to notify hooks * Quote all inputs in OpenSearch URL * Add clusterCreation field to OpenSearch URL * Omit empty fields in OpenSearch URL --------- Signed-off-by: Daniel Weiße --- .github/actions/notify_e2e_failure/action.yml | 27 ++++++++++++------- .github/workflows/e2e-test-daily.yml | 2 ++ .github/workflows/e2e-test-weekly.yml | 2 ++ .github/workflows/e2e-upgrade.yml | 1 + .github/workflows/e2e-windows.yml | 10 +++---- 5 files changed, 26 insertions(+), 16 deletions(-) diff --git a/.github/actions/notify_e2e_failure/action.yml b/.github/actions/notify_e2e_failure/action.yml index 4543c6041..f0982a7ec 100644 --- a/.github/actions/notify_e2e_failure/action.yml +++ b/.github/actions/notify_e2e_failure/action.yml @@ -22,7 +22,7 @@ inputs: required: false clusterCreation: description: "How the infrastructure for the e2e test was created. One of [cli, self-managed, terraform]." - default: "false" + required: false runs: using: "composite" @@ -59,15 +59,24 @@ runs: # Default window: last 7 days g='(time:(from:now-7d,to:now))' - # Query with filters for this workflow run - # TODO(msanft): Add Self-managed param once logcollection is fixed. + # Query construction + # Omit empty fields since OpenSearch will otherwise only display results where the field is empty + queryGen() { + key=$1 + val=$2 + if [[ -n "${val}" ]]; then + printf "(query:(match_phrase:(%s:'%s')))," "${key}" "${val}" + fi + } + q=$(echo "(filters:!( - (query:(match_phrase:(cloud.provider:${{ inputs.provider }}))), - (query:(match_phrase:(metadata.github.run-id:${{ github.run_id }}))), - (query:(match_phrase:(metadata.github.ref-stream:${{ inputs.refStream }}))), - (query:(match_phrase:(metadata.github.kubernetes-version:${{ inputs.kubernetesVersion }}))), - (query:(match_phrase:(metadata.github.attestation-variant:${{ inputs.attestationVariant }}))), - (query:(match_phrase:(metadata.github.e2e-test-payload:'${{ steps.encode-uri-component.outputs.string }}'))) + $(queryGen cloud.provider "${{ inputs.provider }}") + $(queryGen metadata.github.ref-stream "${{ inputs.refStream }}") + $(queryGen metadata.github.kubernetes-version "${{ inputs.kubernetesVersion }}") + $(queryGen metadata.github.attestation-variant "${{ inputs.attestationVariant }}") + $(queryGen metadata.github.cluster-creation "${{ inputs.clusterCreation }}") + $(queryGen metadata.github.e2e-test-payload "${{ steps.encode-uri-component.outputs.string }}") + (query:(match_phrase:(metadata.github.run-id:${run_id}))) ))" | tr -d "\t\n ") # URL construction diff --git a/.github/workflows/e2e-test-daily.yml b/.github/workflows/e2e-test-daily.yml index 5c3e877a3..4f7b07cf2 100644 --- a/.github/workflows/e2e-test-daily.yml +++ b/.github/workflows/e2e-test-daily.yml @@ -134,6 +134,7 @@ jobs: test: ${{ matrix.test }} kubernetesVersion: ${{ matrix.kubernetesVersion }} provider: ${{ steps.split-attestationVariant.outputs.cloudProvider }} + attestationVariant: ${{ matrix.attestationVariant }} clusterCreation: "cli" e2e-mini: @@ -177,5 +178,6 @@ jobs: uses: ./.github/actions/notify_e2e_failure with: projectWriteToken: ${{ secrets.PROJECT_WRITE_TOKEN }} + attestationVariant: "qemu-vtpm" test: "MiniConstellation" provider: "QEMU" diff --git a/.github/workflows/e2e-test-weekly.yml b/.github/workflows/e2e-test-weekly.yml index 38c8ce056..5add1ad12 100644 --- a/.github/workflows/e2e-test-weekly.yml +++ b/.github/workflows/e2e-test-weekly.yml @@ -409,6 +409,7 @@ jobs: test: ${{ matrix.test }} kubernetesVersion: ${{ matrix.kubernetes-version }} provider: ${{ steps.split-attestationVariant.outputs.cloudProvider }} + attestationVariant: ${{ matrix.attestationVariant }} clusterCreation: ${{ matrix.clusterCreation }} e2e-upgrade: @@ -475,6 +476,7 @@ jobs: projectWriteToken: ${{ secrets.PROJECT_WRITE_TOKEN }} test: "MiniConstellation" provider: "QEMU" + attestationVariant: "qemu-vtpm" e2e-windows: name: Run Windows E2E test diff --git a/.github/workflows/e2e-upgrade.yml b/.github/workflows/e2e-upgrade.yml index 10051f74d..4e0d9d452 100644 --- a/.github/workflows/e2e-upgrade.yml +++ b/.github/workflows/e2e-upgrade.yml @@ -534,3 +534,4 @@ jobs: projectWriteToken: ${{ secrets.PROJECT_WRITE_TOKEN }} test: "upgrade" provider: ${{ needs.generate-input-parameters.outputs.cloudProvider }} + attestationVariant: ${{ inputs.attestationVariant }} diff --git a/.github/workflows/e2e-windows.yml b/.github/workflows/e2e-windows.yml index 1c22bfbe5..1e7ad0608 100644 --- a/.github/workflows/e2e-windows.yml +++ b/.github/workflows/e2e-windows.yml @@ -76,15 +76,10 @@ jobs: with: azure_credentials: ${{ secrets.AZURE_E2E_CLUSTER_CREDENTIALS }} - - name: Create cluster + - name: Apply config shell: pwsh run: | - .\constellation.exe create --debug -y - - - name: Initialize cluster - shell: pwsh - run: | - .\constellation.exe apply --debug + .\constellation.exe apply --debug -y - name: Liveness probe shell: pwsh @@ -176,3 +171,4 @@ jobs: projectWriteToken: ${{ secrets.PROJECT_WRITE_TOKEN }} test: Windows E2E Test provider: Azure + attestationVariant: "azure-sev-snp"