Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-06-24 22:20:40 -04:00
Code Issues Projects Releases Packages Wiki Activity

ci: safely set attestation variant in OpenSearch URL (#2864)

Browse source 
* Add attestation variant to notify hooks
* Quote all inputs in OpenSearch URL
* Add clusterCreation field to OpenSearch URL
* Omit empty fields in OpenSearch URL

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
This commit is contained in:
Daniel Weiße 2024-01-29 11:52:41 +01:00 committed by GitHub
parent 6d4a8d594e
commit d372130bfd
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 26 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

27
.github/actions/notify_e2e_failure/action.yml vendored
View file

@ -22,7 +22,7 @@ inputs:
required: false required: false
clusterCreation: clusterCreation:
description: "How the infrastructure for the e2e test was created. One of [cli, self-managed, terraform]." description: "How the infrastructure for the e2e test was created. One of [cli, self-managed, terraform]."
default: "false" required: false
runs: runs:
using: "composite" using: "composite"
@ -59,15 +59,24 @@ runs:
# Default window: last 7 days # Default window: last 7 days
g='(time:(from:now-7d,to:now))' g='(time:(from:now-7d,to:now))'
# Query with filters for this workflow run # Query construction
# TODO(msanft): Add Self-managed param once logcollection is fixed. # Omit empty fields since OpenSearch will otherwise only display results where the field is empty
queryGen() {
key=$1
val=$2
if [[ -n "${val}" ]]; then
printf "(query:(match_phrase:(%s:'%s')))," "${key}" "${val}"
fi
}
q=$(echo "(filters:!( q=$(echo "(filters:!(
(query:(match_phrase:(cloud.provider:${{ inputs.provider }}))), $(queryGen cloud.provider "${{ inputs.provider }}")
(query:(match_phrase:(metadata.github.run-id:${{ github.run_id }}))), $(queryGen metadata.github.ref-stream "${{ inputs.refStream }}")
(query:(match_phrase:(metadata.github.ref-stream:${{ inputs.refStream }}))), $(queryGen metadata.github.kubernetes-version "${{ inputs.kubernetesVersion }}")
(query:(match_phrase:(metadata.github.kubernetes-version:${{ inputs.kubernetesVersion }}))), $(queryGen metadata.github.attestation-variant "${{ inputs.attestationVariant }}")
(query:(match_phrase:(metadata.github.attestation-variant:${{ inputs.attestationVariant }}))), $(queryGen metadata.github.cluster-creation "${{ inputs.clusterCreation }}")
(query:(match_phrase:(metadata.github.e2e-test-payload:'${{ steps.encode-uri-component.outputs.string }}'))) $(queryGen metadata.github.e2e-test-payload "${{ steps.encode-uri-component.outputs.string }}")
(query:(match_phrase:(metadata.github.run-id:${run_id})))
))" | tr -d "\t\n ") ))" | tr -d "\t\n ")
# URL construction # URL construction

2
.github/workflows/e2e-test-daily.yml vendored
View file

@ -134,6 +134,7 @@ jobs:
test: ${{ matrix.test }} test: ${{ matrix.test }}
kubernetesVersion: ${{ matrix.kubernetesVersion }} kubernetesVersion: ${{ matrix.kubernetesVersion }}
provider: ${{ steps.split-attestationVariant.outputs.cloudProvider }} provider: ${{ steps.split-attestationVariant.outputs.cloudProvider }}
attestationVariant: ${{ matrix.attestationVariant }}
clusterCreation: "cli" clusterCreation: "cli"
e2e-mini: e2e-mini:
@ -177,5 +178,6 @@ jobs:
uses: ./.github/actions/notify_e2e_failure uses: ./.github/actions/notify_e2e_failure
with: with:
projectWriteToken: ${{ secrets.PROJECT_WRITE_TOKEN }} projectWriteToken: ${{ secrets.PROJECT_WRITE_TOKEN }}
attestationVariant: "qemu-vtpm"
test: "MiniConstellation" test: "MiniConstellation"
provider: "QEMU" provider: "QEMU"

2
.github/workflows/e2e-test-weekly.yml vendored
View file

@ -409,6 +409,7 @@ jobs:
test: ${{ matrix.test }} test: ${{ matrix.test }}
kubernetesVersion: ${{ matrix.kubernetes-version }} kubernetesVersion: ${{ matrix.kubernetes-version }}
provider: ${{ steps.split-attestationVariant.outputs.cloudProvider }} provider: ${{ steps.split-attestationVariant.outputs.cloudProvider }}
attestationVariant: ${{ matrix.attestationVariant }}
clusterCreation: ${{ matrix.clusterCreation }} clusterCreation: ${{ matrix.clusterCreation }}
e2e-upgrade: e2e-upgrade:
@ -475,6 +476,7 @@ jobs:
projectWriteToken: ${{ secrets.PROJECT_WRITE_TOKEN }} projectWriteToken: ${{ secrets.PROJECT_WRITE_TOKEN }}
test: "MiniConstellation" test: "MiniConstellation"
provider: "QEMU" provider: "QEMU"
attestationVariant: "qemu-vtpm"
e2e-windows: e2e-windows:
name: Run Windows E2E test name: Run Windows E2E test

1
.github/workflows/e2e-upgrade.yml vendored
View file

@ -534,3 +534,4 @@ jobs:
projectWriteToken: ${{ secrets.PROJECT_WRITE_TOKEN }} projectWriteToken: ${{ secrets.PROJECT_WRITE_TOKEN }}
test: "upgrade" test: "upgrade"
provider: ${{ needs.generate-input-parameters.outputs.cloudProvider }} provider: ${{ needs.generate-input-parameters.outputs.cloudProvider }}
attestationVariant: ${{ inputs.attestationVariant }}

10
.github/workflows/e2e-windows.yml vendored
View file

@ -76,15 +76,10 @@ jobs:
with: with:
azure_credentials: ${{ secrets.AZURE_E2E_CLUSTER_CREDENTIALS }} azure_credentials: ${{ secrets.AZURE_E2E_CLUSTER_CREDENTIALS }}
- name: Create cluster - name: Apply config
shell: pwsh shell: pwsh
run: | run: |
.\constellation.exe create --debug -y .\constellation.exe apply --debug -y
- name: Initialize cluster
shell: pwsh
run: |
.\constellation.exe apply --debug
- name: Liveness probe - name: Liveness probe
shell: pwsh shell: pwsh
@ -176,3 +171,4 @@ jobs:
projectWriteToken: ${{ secrets.PROJECT_WRITE_TOKEN }} projectWriteToken: ${{ secrets.PROJECT_WRITE_TOKEN }}
test: Windows E2E Test test: Windows E2E Test
provider: Azure provider: Azure
attestationVariant: "azure-sev-snp"