mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-12-24 06:59:40 -05:00
ci: reduce amount of regular tests (#2885)
* .github: add e2e test to pr checklist * ci: use sonobuoy quick where possible * ci: run malicious join test on release * ci: remove self managed infra test * ci: remove non-example terraform test from weekly * ci: run Sonobuoy full on the latest k8s version weekly * ci: run weekly sonobuoy quick on all k8s versions * ci: don't run double sonobuoy tests on latest k8s version
This commit is contained in:
parent
befc7cdf63
commit
d5e4435e3d
2
.github/actions/cdbg_deploy/action.yml
vendored
2
.github/actions/cdbg_deploy/action.yml
vendored
@ -24,7 +24,7 @@ inputs:
|
||||
description: "The refStream of the image the test runs on."
|
||||
required: true
|
||||
clusterCreation:
|
||||
description: "How the infrastructure for the e2e test was created. One of [cli, self-managed, terraform]."
|
||||
description: "How the infrastructure for the e2e test was created. One of [cli, terraform]."
|
||||
default: "cli"
|
||||
|
||||
runs:
|
||||
|
10
.github/actions/constellation_create/action.yml
vendored
10
.github/actions/constellation_create/action.yml
vendored
@ -54,7 +54,7 @@ inputs:
|
||||
description: "Whether to use an internal load balancer for the control plane"
|
||||
required: false
|
||||
clusterCreation:
|
||||
description: "How to create infrastructure for the e2e test. One of [cli, self-managed, terraform]."
|
||||
description: "How to create infrastructure for the e2e test. One of [cli, terraform]."
|
||||
default: "cli"
|
||||
marketplaceImageVersion:
|
||||
description: "Marketplace OS image version. Used instead of osImage."
|
||||
@ -161,18 +161,10 @@ runs:
|
||||
sudo sh -c 'echo "127.0.0.1 license.confidential.cloud" >> /etc/hosts' || true
|
||||
|
||||
- name: Constellation create (CLI)
|
||||
if : inputs.clusterCreation != 'self-managed'
|
||||
shell: bash
|
||||
run: |
|
||||
constellation apply --skip-phases=init,attestationconfig,certsans,helm,image,k8s -y --debug --tf-log=DEBUG
|
||||
|
||||
- name: Constellation create (self-managed)
|
||||
if : inputs.clusterCreation == 'self-managed'
|
||||
uses: ./.github/actions/self_managed_create
|
||||
with:
|
||||
cloudProvider: ${{ inputs.cloudProvider }}
|
||||
attestationVariant: ${{ inputs.attestationVariant }}
|
||||
|
||||
- name: Cdbg deploy
|
||||
if: inputs.isDebugImage == 'true'
|
||||
uses: ./.github/actions/cdbg_deploy
|
||||
|
13
.github/actions/constellation_destroy/action.yml
vendored
13
.github/actions/constellation_destroy/action.yml
vendored
@ -6,7 +6,7 @@ inputs:
|
||||
description: "The kubeconfig for the cluster."
|
||||
required: true
|
||||
clusterCreation:
|
||||
description: "How the infrastructure for the e2e test was created. One of [cli, self-managed, terraform]."
|
||||
description: "How the infrastructure for the e2e test was created. One of [cli, terraform]."
|
||||
default: "cli"
|
||||
gcpClusterDeleteServiceAccount:
|
||||
description: "Service account with permissions to delete a Constellation cluster on GCP."
|
||||
@ -72,18 +72,7 @@ runs:
|
||||
azure_credentials: ${{ inputs.azureClusterDeleteCredentials }}
|
||||
|
||||
- name: Constellation terminate
|
||||
if: inputs.clusterCreation != 'self-managed'
|
||||
shell: bash
|
||||
run: |
|
||||
constellation terminate --yes --tf-log=DEBUG
|
||||
|
||||
- name: Constellation terminate (self-managed)
|
||||
if: inputs.clusterCreation == 'self-managed'
|
||||
shell: bash
|
||||
working-directory: ${{ github.workspace }}/e2e-infra
|
||||
run: |
|
||||
terraform init
|
||||
terraform destroy -auto-approve
|
||||
|
||||
rm -f ${{ github.workspace }}/constellation-state.yaml
|
||||
rm -f ${{ github.workspace }}/constellation-admin.conf
|
||||
|
@ -33,7 +33,7 @@ inputs:
|
||||
description: "Kubernetes version of the cluster"
|
||||
required: false
|
||||
clusterCreation:
|
||||
description: "How the infrastructure for the e2e test was created. One of [cli, self-managed, terraform]."
|
||||
description: "How the infrastructure for the e2e test was created. One of [cli, terraform]."
|
||||
default: "cli"
|
||||
|
||||
runs:
|
||||
|
2
.github/actions/e2e_test/action.yml
vendored
2
.github/actions/e2e_test/action.yml
vendored
@ -77,7 +77,7 @@ inputs:
|
||||
internalLoadBalancer:
|
||||
description: "Enable internal load balancer for the cluster."
|
||||
clusterCreation:
|
||||
description: "How to create infrastructure for the e2e test. One of [cli, self-managed, terraform]."
|
||||
description: "How to create infrastructure for the e2e test. One of [cli,, terraform]."
|
||||
default: "cli"
|
||||
s3AccessKey:
|
||||
description: "Access key for s3proxy"
|
||||
|
@ -21,7 +21,7 @@ inputs:
|
||||
description: "Kubernetes version"
|
||||
required: false
|
||||
clusterCreation:
|
||||
description: "How the infrastructure for the e2e test was created. One of [cli, self-managed, terraform]."
|
||||
description: "How the infrastructure for the e2e test was created. One of [cli, terraform]."
|
||||
required: false
|
||||
|
||||
runs:
|
||||
|
113
.github/actions/self_managed_create/action.yml
vendored
113
.github/actions/self_managed_create/action.yml
vendored
@ -1,113 +0,0 @@
|
||||
name: Self-managed infrastructure creation
|
||||
description: "Create the required infrastructure for a Constellation cluster manually."
|
||||
|
||||
inputs:
|
||||
cloudProvider:
|
||||
description: "The cloud provider the test runs on."
|
||||
required: true
|
||||
attestationVariant:
|
||||
description: "The attestation variant to use."
|
||||
required: true
|
||||
|
||||
runs:
|
||||
using: "composite"
|
||||
steps:
|
||||
- name: Copy Terraform configuration and Constellation config
|
||||
shell: bash
|
||||
working-directory:
|
||||
run: |
|
||||
cp -r ${{ github.workspace }}/terraform/infrastructure/${{ inputs.cloudProvider }} ${{ github.workspace }}/e2e-infra
|
||||
cp ${{ github.workspace }}/constellation-conf.yaml ${{ github.workspace }}/e2e-infra
|
||||
|
||||
- name: Get CSP image reference
|
||||
id: get_image
|
||||
shell: bash
|
||||
working-directory: ${{ github.workspace }}/e2e-infra
|
||||
run: |
|
||||
echo "image_ref=$(bazel run //hack/image-fetch:image-fetch)" >> $GITHUB_OUTPUT
|
||||
|
||||
- name: Write Terraform variables
|
||||
shell: bash
|
||||
working-directory: ${{ github.workspace }}/e2e-infra
|
||||
run: |
|
||||
echo "name = \"$(yq '.name' constellation-conf.yaml)\"" >> terraform.tfvars
|
||||
echo "debug = $(yq '.debugCluster' constellation-conf.yaml)" >> terraform.tfvars
|
||||
echo "custom_endpoint = \"$(yq '.customEndpoint' constellation-conf.yaml)\"" >> terraform.tfvars
|
||||
echo "image_id = \"${{ steps.get_image.outputs.image_ref }}\"" >> terraform.tfvars
|
||||
echo "node_groups = {
|
||||
control_plane_default = {
|
||||
role = \"$(yq '.nodeGroups.control_plane_default.role' constellation-conf.yaml)\"
|
||||
zone = \"$(yq '.nodeGroups.control_plane_default.zone' constellation-conf.yaml)\"
|
||||
instance_type = \"$(yq '.nodeGroups.control_plane_default.instanceType' constellation-conf.yaml)\"
|
||||
disk_size = \"$(yq '.nodeGroups.control_plane_default.stateDiskSizeGB' constellation-conf.yaml)\"
|
||||
disk_type = \"$(yq '.nodeGroups.control_plane_default.stateDiskType' constellation-conf.yaml)\"
|
||||
initial_count = \"$(yq '.nodeGroups.control_plane_default.initialCount' constellation-conf.yaml)\"
|
||||
}
|
||||
worker_default = {
|
||||
role = \"$(yq '.nodeGroups.worker_default.role' constellation-conf.yaml)\"
|
||||
zone = \"$(yq '.nodeGroups.worker_default.zone' constellation-conf.yaml)\"
|
||||
instance_type = \"$(yq '.nodeGroups.worker_default.instanceType' constellation-conf.yaml)\"
|
||||
disk_size = \"$(yq '.nodeGroups.worker_default.stateDiskSizeGB' constellation-conf.yaml)\"
|
||||
disk_type = \"$(yq '.nodeGroups.worker_default.stateDiskType' constellation-conf.yaml)\"
|
||||
initial_count = \"$(yq '.nodeGroups.worker_default.initialCount' constellation-conf.yaml)\"
|
||||
}
|
||||
}" >> terraform.tfvars
|
||||
if [[ "${{ inputs.cloudProvider }}" == 'aws' ]]; then
|
||||
echo "iam_instance_profile_name_control_plane = \"$(yq '.provider.aws.iamProfileControlPlane' constellation-conf.yaml)\"" >> terraform.tfvars
|
||||
echo "iam_instance_profile_name_worker_nodes = \"$(yq '.provider.aws.iamProfileWorkerNodes' constellation-conf.yaml)\"" >> terraform.tfvars
|
||||
echo "region = \"$(yq '.provider.aws.region' constellation-conf.yaml)\"" >> terraform.tfvars
|
||||
echo "zone = \"$(yq '.provider.aws.zone' constellation-conf.yaml)\"" >> terraform.tfvars
|
||||
echo "enable_snp = $(yq '.attestation | has("awsSEVSNP")' constellation-conf.yaml)" >> terraform.tfvars
|
||||
elif [[ "${{ inputs.cloudProvider }}" == 'azure' ]]; then
|
||||
echo "location = \"$(yq '.provider.azure.location' constellation-conf.yaml)\"" >> terraform.tfvars
|
||||
echo "create_maa = $(yq '.attestation | has("azureSEVSNP")' constellation-conf.yaml)" >> terraform.tfvars
|
||||
echo "confidential_vm = $(yq '.attestation | has("azureTrustedLaunch") | not' constellation-conf.yaml)" >> terraform.tfvars
|
||||
echo "secure_boot = $(yq '.provider.azure.secureBoot' constellation-conf.yaml)" >> terraform.tfvars
|
||||
echo "resource_group = \"$(yq '.provider.azure.resourceGroup' constellation-conf.yaml)\"" >> terraform.tfvars
|
||||
echo "user_assigned_identity = \"$(yq '.provider.azure.userAssignedIdentity' constellation-conf.yaml)\"" >> terraform.tfvars
|
||||
elif [[ "${{ inputs.cloudProvider }}" == 'gcp' ]]; then
|
||||
echo "project = \"$(yq '.provider.gcp.project' constellation-conf.yaml)\"" >> terraform.tfvars
|
||||
echo "region = \"$(yq '.provider.gcp.region' constellation-conf.yaml)\"" >> terraform.tfvars
|
||||
echo "zone = \"$(yq '.provider.gcp.zone' constellation-conf.yaml)\"" >> terraform.tfvars
|
||||
fi
|
||||
terraform fmt terraform.tfvars
|
||||
echo "Using Terraform variables:"
|
||||
cat terraform.tfvars
|
||||
|
||||
- name: Apply Terraform configuration
|
||||
shell: bash
|
||||
working-directory: ${{ github.workspace }}/e2e-infra
|
||||
run: |
|
||||
terraform init
|
||||
terraform apply -auto-approve
|
||||
|
||||
- name: Patch MAA Policy
|
||||
shell: bash
|
||||
working-directory: ${{ github.workspace }}/e2e-infra
|
||||
if: inputs.attestationVariant == 'azure-sev-snp'
|
||||
run: |
|
||||
constellation maa-patch $(terraform output attestation_url | jq -r)
|
||||
|
||||
- name: Write outputs to state file
|
||||
shell: bash
|
||||
working-directory: ${{ github.workspace }}/e2e-infra
|
||||
run: |
|
||||
yq eval '.version ="v1"' --inplace ${{ github.workspace }}/constellation-state.yaml
|
||||
yq eval ".infrastructure.initSecret =\"$(terraform output init_secret | jq -r | tr -d '\n' | hexdump -ve '/1 "%02x"' && echo '')\"" --inplace ${{ github.workspace }}/constellation-state.yaml
|
||||
yq eval ".infrastructure.clusterEndpoint =\"$(terraform output out_of_cluster_endpoint | jq -r)\"" --inplace ${{ github.workspace }}/constellation-state.yaml
|
||||
yq eval ".infrastructure.inClusterEndpoint =\"$(terraform output in_cluster_endpoint | jq -r)\"" --inplace ${{ github.workspace }}/constellation-state.yaml
|
||||
yq eval ".infrastructure.ipCidrNode =\"$(terraform output ip_cidr_node | jq -r)\"" --inplace ${{ github.workspace }}/constellation-state.yaml
|
||||
yq eval ".infrastructure.uid =\"$(terraform output uid | jq -r)\"" --inplace ${{ github.workspace }}/constellation-state.yaml
|
||||
yq eval ".infrastructure.name =\"$(terraform output name | jq -r)\"" --inplace ${{ github.workspace }}/constellation-state.yaml
|
||||
yq eval ".infrastructure.apiServerCertSANs =$(terraform output -json api_server_cert_sans)" --inplace ${{ github.workspace }}/constellation-state.yaml
|
||||
if [[ "${{ inputs.cloudProvider }}" == 'azure' ]]; then
|
||||
yq eval ".infrastructure.azure.resourceGroup =\"$(terraform output resource_group | jq -r)\"" --inplace ${{ github.workspace }}/constellation-state.yaml
|
||||
yq eval ".infrastructure.azure.subscriptionID =\"$(terraform output subscription_id | jq -r)\"" --inplace ${{ github.workspace }}/constellation-state.yaml
|
||||
yq eval ".infrastructure.azure.networkSecurityGroupName =\"$(terraform output network_security_group_name | jq -r)\"" --inplace ${{ github.workspace }}/constellation-state.yaml
|
||||
yq eval ".infrastructure.azure.loadBalancerName =\"$(terraform output loadbalancer_name | jq -r)\"" --inplace ${{ github.workspace }}/constellation-state.yaml
|
||||
yq eval ".infrastructure.azure.userAssignedIdentity =\"$(terraform output user_assigned_identity_client_id | jq -r)\"" --inplace ${{ github.workspace }}/constellation-state.yaml
|
||||
yq eval ".infrastructure.azure.attestationURL =\"$(terraform output attestation_url | jq -r)\"" --inplace ${{ github.workspace }}/constellation-state.yaml
|
||||
elif [[ "${{ inputs.cloudProvider }}" == 'gcp' ]]; then
|
||||
yq eval ".infrastructure.gcp.projectID =\"$(terraform output project | jq -r)\"" --inplace ${{ github.workspace }}/constellation-state.yaml
|
||||
yq eval ".infrastructure.gcp.ipCidrPod =\"$(terraform output ip_cidr_pod | jq -r)\"" --inplace ${{ github.workspace }}/constellation-state.yaml
|
||||
fi
|
1
.github/pull_request_template.md
vendored
1
.github/pull_request_template.md
vendored
@ -26,6 +26,7 @@ Feel free to edit, complete or extend this list while the PR is open.
|
||||
### Checklist
|
||||
<!-- Remove items that do not apply. For completed items, change [ ] to [x], or check after submitting. -->
|
||||
<!-- more information in dev-docs/workflows/pull-request.md -->
|
||||
- [ ] Run the E2E tests that are relevant to this PR's changes
|
||||
- [ ] Update [docs](https://github.com/edgelesssys/constellation/tree/main/docs)
|
||||
- [ ] Add labels (e.g., for changelog category)
|
||||
- [ ] Is PR title adequate for changelog?
|
||||
|
2
.github/workflows/e2e-test-daily.yml
vendored
2
.github/workflows/e2e-test-daily.yml
vendored
@ -48,7 +48,7 @@ jobs:
|
||||
kubernetesVersion: ["1.28"] # should be default
|
||||
attestationVariant: ["gcp-sev-es", "azure-sev-snp", "azure-tdx", "aws-sev-snp"]
|
||||
refStream: ["ref/main/stream/debug/?", "ref/release/stream/stable/?"]
|
||||
test: ["sonobuoy full"]
|
||||
test: ["sonobuoy quick"]
|
||||
runs-on: ubuntu-22.04
|
||||
permissions:
|
||||
id-token: write
|
||||
|
45
.github/workflows/e2e-test-release.yml
vendored
45
.github/workflows/e2e-test-release.yml
vendored
@ -209,29 +209,6 @@ jobs:
|
||||
runner: "ubuntu-22.04"
|
||||
clusterCreation: "cli"
|
||||
|
||||
# self-managed infra test on latest k8s version
|
||||
# runs Sonobuoy full test
|
||||
- test: "sonobuoy full"
|
||||
attestationVariant: "gcp-sev-es"
|
||||
kubernetes-version: "v1.29"
|
||||
runner: "ubuntu-22.04"
|
||||
clusterCreation: "self-managed"
|
||||
- test: "sonobuoy full"
|
||||
attestationVariant: "azure-sev-snp"
|
||||
kubernetes-version: "v1.29"
|
||||
runner: "ubuntu-22.04"
|
||||
clusterCreation: "self-managed"
|
||||
- test: "sonobuoy full"
|
||||
attestationVariant: "azure-tdx"
|
||||
kubernetes-version: "v1.29"
|
||||
runner: "ubuntu-22.04"
|
||||
clusterCreation: "self-managed"
|
||||
- test: "sonobuoy full"
|
||||
attestationVariant: "aws-sev-snp"
|
||||
kubernetes-version: "v1.29"
|
||||
runner: "ubuntu-22.04"
|
||||
clusterCreation: "self-managed"
|
||||
|
||||
# s3proxy test on latest k8s version
|
||||
- test: "s3proxy"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
@ -240,6 +217,28 @@ jobs:
|
||||
runner: "ubuntu-22.04"
|
||||
clusterCreation: "cli"
|
||||
|
||||
# malicious join test on latest k8s version
|
||||
- test: "malicious join"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
attestationVariant: "gcp-sev-es"
|
||||
kubernetes-version: "v1.29"
|
||||
clusterCreation: "cli"
|
||||
- test: "malicious join"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
attestationVariant: "azure-sev-snp"
|
||||
kubernetes-version: "v1.29"
|
||||
clusterCreation: "cli"
|
||||
- test: "malicious join"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
attestationVariant: "azure-tdx"
|
||||
kubernetes-version: "v1.29"
|
||||
clusterCreation: "cli"
|
||||
- test: "malicious join"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
attestationVariant: "aws-sev-snp"
|
||||
kubernetes-version: "v1.29"
|
||||
clusterCreation: "cli"
|
||||
|
||||
#
|
||||
# Tests on macOS runner
|
||||
#
|
||||
|
89
.github/workflows/e2e-test-self-managed.yml
vendored
89
.github/workflows/e2e-test-self-managed.yml
vendored
@ -1,89 +0,0 @@
|
||||
name: e2e test self managed infrastructure
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
nodeCount:
|
||||
description: "Number of nodes to use in the cluster. Given in format `<control-plane nodes>:<worker nodes>`."
|
||||
default: "3:2"
|
||||
type: string
|
||||
attestationVariant:
|
||||
description: "Which attestation variant to use."
|
||||
type: choice
|
||||
options:
|
||||
- "gcp-sev-es"
|
||||
- "azure-sev-snp"
|
||||
- "azure-tdx"
|
||||
- "aws-sev-snp"
|
||||
default: "azure-sev-snp"
|
||||
required: true
|
||||
runner:
|
||||
description: "Architecture of the runner that executes the CLI"
|
||||
type: choice
|
||||
options:
|
||||
- "ubuntu-22.04"
|
||||
- "macos-12"
|
||||
default: "ubuntu-22.04"
|
||||
test:
|
||||
description: "The test to run."
|
||||
type: choice
|
||||
options:
|
||||
- "sonobuoy quick"
|
||||
- "sonobuoy full"
|
||||
- "autoscaling"
|
||||
- "lb"
|
||||
- "perf-bench"
|
||||
- "verify"
|
||||
- "recover"
|
||||
- "malicious join"
|
||||
- "nop"
|
||||
required: true
|
||||
kubernetesVersion:
|
||||
description: "Kubernetes version to create the cluster from."
|
||||
default: "1.28"
|
||||
required: true
|
||||
cliVersion:
|
||||
description: "Version of a released CLI to download. Leave empty to build the CLI from the checked out ref."
|
||||
type: string
|
||||
default: ""
|
||||
required: false
|
||||
imageVersion:
|
||||
description: "Full name of OS image (CSP independent image version UID). Leave empty for latest debug image on main."
|
||||
type: string
|
||||
default: ""
|
||||
required: false
|
||||
machineType:
|
||||
description: "Override VM machine type. Leave as 'default' or empty to use the default VM type for the selected cloud provider."
|
||||
type: string
|
||||
default: "default"
|
||||
required: false
|
||||
regionZone:
|
||||
description: "Region or zone to create the cluster in. Leave empty for default region/zone."
|
||||
type: string
|
||||
git-ref:
|
||||
description: "Git ref to checkout."
|
||||
type: string
|
||||
default: "head"
|
||||
required: false
|
||||
|
||||
jobs:
|
||||
e2e-test:
|
||||
permissions:
|
||||
id-token: write
|
||||
checks: write
|
||||
contents: read
|
||||
packages: write
|
||||
secrets: inherit
|
||||
uses: ./.github/workflows/e2e-test.yml
|
||||
with:
|
||||
nodeCount: ${{ inputs.nodeCount }}
|
||||
attestationVariant: ${{ inputs.attestationVariant }}
|
||||
runner: ${{ inputs.runner }}
|
||||
test: ${{ inputs.test }}
|
||||
kubernetesVersion: ${{ inputs.kubernetesVersion }}
|
||||
cliVersion: ${{ inputs.cliVersion }}
|
||||
imageVersion: ${{ inputs.imageVersion }}
|
||||
machineType: ${{ inputs.machineType }}
|
||||
regionZone: ${{ inputs.regionZone }}
|
||||
git-ref: ${{ inputs.git-ref }}
|
||||
clusterCreation: "self-managed"
|
86
.github/workflows/e2e-test-weekly.yml
vendored
86
.github/workflows/e2e-test-weekly.yml
vendored
@ -51,7 +51,7 @@ jobs:
|
||||
# Tests on main-debug refStream
|
||||
#
|
||||
|
||||
# sonobuoy full test on all k8s versions
|
||||
# Sonobuoy full test on latest k8s version
|
||||
- test: "sonobuoy full"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
attestationVariant: "gcp-sev-es"
|
||||
@ -73,48 +73,50 @@ jobs:
|
||||
kubernetes-version: "v1.29"
|
||||
clusterCreation: "cli"
|
||||
|
||||
- test: "sonobuoy full"
|
||||
# Sonobuoy quick test on all but the latest k8s versions
|
||||
- test: "sonobuoy quick"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
attestationVariant: "gcp-sev-es"
|
||||
kubernetes-version: "v1.28"
|
||||
clusterCreation: "cli"
|
||||
- test: "sonobuoy full"
|
||||
- test: "sonobuoy quick"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
attestationVariant: "azure-sev-snp"
|
||||
kubernetes-version: "v1.28"
|
||||
clusterCreation: "cli"
|
||||
- test: "sonobuoy full"
|
||||
- test: "sonobuoy quick"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
attestationVariant: "azure-tdx"
|
||||
kubernetes-version: "v1.28"
|
||||
clusterCreation: "cli"
|
||||
- test: "sonobuoy full"
|
||||
- test: "sonobuoy quick"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
attestationVariant: "aws-sev-snp"
|
||||
kubernetes-version: "v1.28"
|
||||
clusterCreation: "cli"
|
||||
|
||||
- test: "sonobuoy full"
|
||||
- test: "sonobuoy quick"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
attestationVariant: "gcp-sev-es"
|
||||
kubernetes-version: "v1.27"
|
||||
clusterCreation: "cli"
|
||||
- test: "sonobuoy full"
|
||||
- test: "sonobuoy quick"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
attestationVariant: "azure-sev-snp"
|
||||
kubernetes-version: "v1.27"
|
||||
clusterCreation: "cli"
|
||||
- test: "sonobuoy full"
|
||||
- test: "sonobuoy quick"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
attestationVariant: "azure-tdx"
|
||||
kubernetes-version: "v1.27"
|
||||
clusterCreation: "cli"
|
||||
- test: "sonobuoy full"
|
||||
- test: "sonobuoy quick"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
attestationVariant: "aws-sev-snp"
|
||||
kubernetes-version: "v1.27"
|
||||
clusterCreation: "cli"
|
||||
|
||||
|
||||
# verify test on latest k8s version
|
||||
- test: "verify"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
@ -222,72 +224,6 @@ jobs:
|
||||
# kubernetes-version: "v1.29"
|
||||
# clusterCreation: "cli"
|
||||
|
||||
# malicious join test on latest k8s version
|
||||
- test: "malicious join"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
attestationVariant: "gcp-sev-es"
|
||||
kubernetes-version: "v1.29"
|
||||
clusterCreation: "cli"
|
||||
- test: "malicious join"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
attestationVariant: "azure-sev-snp"
|
||||
kubernetes-version: "v1.29"
|
||||
clusterCreation: "cli"
|
||||
- test: "malicious join"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
attestationVariant: "azure-tdx"
|
||||
kubernetes-version: "v1.29"
|
||||
clusterCreation: "cli"
|
||||
- test: "malicious join"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
attestationVariant: "aws-sev-snp"
|
||||
kubernetes-version: "v1.29"
|
||||
clusterCreation: "cli"
|
||||
|
||||
# self-managed infra test on latest k8s version
|
||||
# with Sonobuoy full
|
||||
- test: "sonobuoy full"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
attestationVariant: "gcp-sev-es"
|
||||
kubernetes-version: "v1.29"
|
||||
clusterCreation: "self-managed"
|
||||
- test: "sonobuoy full"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
attestationVariant: "azure-sev-snp"
|
||||
kubernetes-version: "v1.29"
|
||||
clusterCreation: "self-managed"
|
||||
- test: "sonobuoy full"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
attestationVariant: "azure-tdx"
|
||||
kubernetes-version: "v1.29"
|
||||
clusterCreation: "self-managed"
|
||||
- test: "sonobuoy full"
|
||||
attestationVariant: "aws-sev-snp"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
kubernetes-version: "v1.29"
|
||||
clusterCreation: "self-managed"
|
||||
|
||||
- test: "sonobuoy full"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
attestationVariant: "gcp-sev-es"
|
||||
kubernetes-version: "v1.29"
|
||||
clusterCreation: "terraform"
|
||||
- test: "sonobuoy full"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
attestationVariant: "azure-sev-snp"
|
||||
kubernetes-version: "v1.29"
|
||||
clusterCreation: "terraform"
|
||||
- test: "sonobuoy full"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
attestationVariant: "azure-tdx"
|
||||
kubernetes-version: "v1.29"
|
||||
clusterCreation: "terraform"
|
||||
- test: "sonobuoy full"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
attestationVariant: "aws-sev-snp"
|
||||
kubernetes-version: "v1.29"
|
||||
clusterCreation: "terraform"
|
||||
|
||||
# s3proxy test on latest k8s version
|
||||
- test: "s3proxy"
|
||||
refStream: "ref/main/stream/debug/?"
|
||||
|
2
.github/workflows/e2e-test.yml
vendored
2
.github/workflows/e2e-test.yml
vendored
@ -114,7 +114,7 @@ on:
|
||||
type: boolean
|
||||
default: false
|
||||
clusterCreation:
|
||||
description: "How to create infrastructure for the e2e test. One of [cli, self-managed, terraform]."
|
||||
description: "How to create infrastructure for the e2e test. One of [cli, terraform]."
|
||||
type: string
|
||||
default: "cli"
|
||||
marketplaceImageVersion:
|
||||
|
Loading…
Reference in New Issue
Block a user