name: e2e test release # This workflow is not integrated with e2e-test-weekly since we want different tests to run during weekly and release testing. # To integrate both tests we would need to pass executed tests as arguments. # Defining the executed tests is currently the main point of the e2e-test-weekly workflow. # e2e-test-release runs the same tests as e2e-test-weekly except: # - any tests on the last release # - loadbalancer tests for AWS. Test test is currently broken and should not block a release. AB#2780. # # The workflow is triggered as the last step of the release workflow. on: workflow_dispatch: inputs: ref: type: string description: "Git ref to checkout" required: false targetVersion: type: string description: "Target version to test" required: true regionZone: description: "Region or zone to run e2e tests in. Leave empty for default region/zone." type: string workflow_call: inputs: ref: type: string description: "Git ref to checkout" required: true targetVersion: type: string description: "Target version to test" required: true jobs: e2e-tests: strategy: fail-fast: false max-parallel: 9 matrix: include: # # Tests on ubuntu runner # # sonobuoy full test on all k8s versions - test: "sonobuoy full" provider: "gcp" kubernetes-version: "v1.28" runner: "ubuntu-22.04" - test: "sonobuoy full" provider: "azure" kubernetes-version: "v1.28" runner: "ubuntu-22.04" - test: "sonobuoy full" provider: "aws" kubernetes-version: "v1.28" runner: "ubuntu-22.04" - test: "sonobuoy full" provider: "gcp" kubernetes-version: "v1.27" runner: "ubuntu-22.04" - test: "sonobuoy full" provider: "azure" kubernetes-version: "v1.27" runner: "ubuntu-22.04" - test: "sonobuoy full" provider: "aws" kubernetes-version: "v1.27" runner: "ubuntu-22.04" - test: "sonobuoy full" provider: "gcp" kubernetes-version: "v1.26" runner: "ubuntu-22.04" - test: "sonobuoy full" provider: "azure" kubernetes-version: "v1.26" runner: "ubuntu-22.04" - test: "sonobuoy full" provider: "aws" kubernetes-version: "v1.26" runner: "ubuntu-22.04" # verify test on latest k8s version - test: "verify" provider: "gcp" kubernetes-version: "v1.28" runner: "ubuntu-22.04" - test: "verify" provider: "azure" kubernetes-version: "v1.28" runner: "ubuntu-22.04" - test: "verify" provider: "aws" kubernetes-version: "v1.28" runner: "ubuntu-22.04" # recover test on latest k8s version - test: "recover" provider: "gcp" kubernetes-version: "v1.28" runner: "ubuntu-22.04" - test: "recover" provider: "azure" kubernetes-version: "v1.28" runner: "ubuntu-22.04" - test: "recover" provider: "aws" kubernetes-version: "v1.28" runner: "ubuntu-22.04" # lb test on latest k8s version - test: "lb" provider: "gcp" kubernetes-version: "v1.28" runner: "ubuntu-22.04" - test: "lb" provider: "azure" kubernetes-version: "v1.28" runner: "ubuntu-22.04" - test: "lb" provider: "aws" kubernetes-version: "v1.28" runner: "ubuntu-22.04" # autoscaling test on latest k8s version - test: "autoscaling" provider: "gcp" kubernetes-version: "v1.28" runner: "ubuntu-22.04" - test: "autoscaling" provider: "azure" kubernetes-version: "v1.28" runner: "ubuntu-22.04" - test: "autoscaling" provider: "aws" kubernetes-version: "v1.28" runner: "ubuntu-22.04" # perf-bench test on latest k8s version, not supported on AWS - test: "perf-bench" provider: "gcp" kubernetes-version: "v1.28" runner: "ubuntu-22.04" - test: "perf-bench" provider: "azure" kubernetes-version: "v1.28" runner: "ubuntu-22.04" # self-managed infra test on latest k8s version # runs Sonobuoy full test - test: "sonobuoy full" provider: "gcp" kubernetes-version: "v1.28" runner: "ubuntu-22.04" selfManagedInfra: "true" - test: "sonobuoy full" provider: "azure" kubernetes-version: "v1.28" runner: "ubuntu-22.04" selfManagedInfra: "true" - test: "sonobuoy full" provider: "aws" kubernetes-version: "v1.28" runner: "ubuntu-22.04" selfManagedInfra: "true" # s3proxy test on latest k8s version - test: "s3proxy" refStream: "ref/main/stream/debug/?" provider: "gcp" kubernetes-version: "v1.28" # # Tests on macOS runner # # Skipping verify test on MacOS since the runner uses a different version of sed # TODO(3u13r): Update verify test to work on MacOS runners # - test: "verify" # provider: "azure" # kubernetes-version: "v1.28" # runner: "macos-12" - test: "recover" provider: "gcp" kubernetes-version: "v1.28" runner: "macos-12" runs-on: ${{ matrix.runner }} permissions: id-token: write checks: write contents: read packages: write steps: - name: Install the basics tools (macOS) if: runner.os == 'macOS' shell: bash run: brew install coreutils kubectl bash - name: Checkout uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: fetch-depth: 0 ref: ${{ inputs.ref || github.head_ref }} - name: Set up gcloud CLI (macOS) if: matrix.provider == 'gcp' && runner.os == 'macOS' uses: google-github-actions/setup-gcloud@e30db14379863a8c79331b04a9969f4c1e225e0b # v1.1.1 - name: Run E2E test id: e2e_test uses: ./.github/actions/e2e_test with: workerNodesCount: "2" controlNodesCount: "3" cloudProvider: ${{ matrix.provider }} cliVersion: "" kubernetesVersion: ${{ matrix.kubernetes-version }} osImage: "" isDebugImage: "false" regionZone: ${{ inputs.regionZone }} awsOpenSearchDomain: ${{ secrets.AWS_OPENSEARCH_DOMAIN }} awsOpenSearchUsers: ${{ secrets.AWS_OPENSEARCH_USER }} awsOpenSearchPwd: ${{ secrets.AWS_OPENSEARCH_PWD }} gcpProject: ${{ secrets.GCP_E2E_PROJECT }} gcpClusterCreateServiceAccount: "constellation-e2e-cluster@constellation-331613.iam.gserviceaccount.com" gcpIAMCreateServiceAccount: "constellation-iam-e2e@constellation-331613.iam.gserviceaccount.com" gcpInClusterServiceAccountKey: ${{ secrets.GCP_CLUSTER_SERVICE_ACCOUNT }} test: ${{ matrix.test }} buildBuddyApiKey: ${{ secrets.BUILDBUDDY_ORG_API_KEY }} azureClusterCreateCredentials: ${{ secrets.AZURE_E2E_CLUSTER_CREDENTIALS }} azureIAMCreateCredentials: ${{ secrets.AZURE_E2E_IAM_CREDENTIALS }} registry: ghcr.io cosignPassword: ${{ secrets.COSIGN_PASSWORD }} cosignPrivateKey: ${{ secrets.COSIGN_PRIVATE_KEY }} githubToken: ${{ secrets.GITHUB_TOKEN }} selfManagedInfra: ${{ matrix.selfManagedInfra == 'true' }} s3AccessKey: ${{ secrets.AWS_ACCESS_KEY_ID_S3PROXY }} s3SecretKey: ${{ secrets.AWS_SECRET_ACCESS_KEY_S3PROXY }} - name: Always terminate cluster if: always() uses: ./.github/actions/constellation_destroy with: kubeconfig: ${{ steps.e2e_test.outputs.kubeconfig }} selfManagedInfra: ${{ matrix.selfManagedInfra == 'true' }} - name: Always delete IAM configuration if: always() uses: ./.github/actions/constellation_iam_destroy with: cloudProvider: ${{ matrix.provider }} azureCredentials: ${{ secrets.AZURE_E2E_IAM_CREDENTIALS }} gcpServiceAccount: "constellation-iam-e2e@constellation-331613.iam.gserviceaccount.com" e2e-upgrade: strategy: fail-fast: false max-parallel: 1 matrix: fromVersion: ["v2.12.0"] cloudProvider: ["gcp", "azure", "aws"] name: Run upgrade tests secrets: inherit permissions: id-token: write contents: read checks: write packages: write uses: ./.github/workflows/e2e-upgrade.yml with: fromVersion: ${{ matrix.fromVersion }} toImage: ${{ inputs.targetVersion }} cloudProvider: ${{ matrix.cloudProvider }} nodeCount: '3:2' gitRef: ${{ inputs.ref || github.head_ref }}