mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-10-01 01:36:09 -04:00
f604a8dfd2
The TCP versions are extracted from the MAA token, that itself is taken from the verify command output. The configapi is adapted to directly work on the MAA claims JSON. Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
255 lines
8.4 KiB
YAML
255 lines
8.4 KiB
YAML
name: e2e test release
|
|
# This workflow is not integrated with e2e-test-weekly since we want different tests to run during weekly and release testing.
|
|
# To integrate both tests we would need to pass executed tests as arguments.
|
|
# Defining the executed tests is currently the main point of the e2e-test-weekly workflow.
|
|
# e2e-test-release runs the same tests as e2e-test-weekly except:
|
|
# - any tests on the last release
|
|
# - loadbalancer tests for AWS. Test test is currently broken and should not block a release. AB#2780.
|
|
#
|
|
# The workflow is triggered as the last step of the release workflow.
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
inputs:
|
|
ref:
|
|
type: string
|
|
description: "Git ref to checkout"
|
|
required: false
|
|
targetVersion:
|
|
type: string
|
|
description: "Target version to test"
|
|
required: true
|
|
regionZone:
|
|
description: "Region or zone to run e2e tests in. Leave empty for default region/zone."
|
|
type: string
|
|
workflow_call:
|
|
inputs:
|
|
ref:
|
|
type: string
|
|
description: "Git ref to checkout"
|
|
required: true
|
|
targetVersion:
|
|
type: string
|
|
description: "Target version to test"
|
|
required: true
|
|
|
|
jobs:
|
|
e2e-tests:
|
|
strategy:
|
|
fail-fast: false
|
|
max-parallel: 9
|
|
matrix:
|
|
include:
|
|
#
|
|
# Tests on ubuntu runner
|
|
#
|
|
|
|
# sonobuoy full test on all k8s versions
|
|
- test: "sonobuoy full"
|
|
provider: "gcp"
|
|
kubernetes-version: "v1.27"
|
|
runner: "ubuntu-22.04"
|
|
- test: "sonobuoy full"
|
|
provider: "azure"
|
|
kubernetes-version: "v1.27"
|
|
runner: "ubuntu-22.04"
|
|
- test: "sonobuoy full"
|
|
provider: "aws"
|
|
kubernetes-version: "v1.27"
|
|
runner: "ubuntu-22.04"
|
|
|
|
- test: "sonobuoy full"
|
|
provider: "gcp"
|
|
kubernetes-version: "v1.26"
|
|
runner: "ubuntu-22.04"
|
|
- test: "sonobuoy full"
|
|
provider: "azure"
|
|
kubernetes-version: "v1.26"
|
|
runner: "ubuntu-22.04"
|
|
- test: "sonobuoy full"
|
|
provider: "aws"
|
|
kubernetes-version: "v1.26"
|
|
runner: "ubuntu-22.04"
|
|
|
|
- test: "sonobuoy full"
|
|
provider: "gcp"
|
|
kubernetes-version: "v1.25"
|
|
runner: "ubuntu-22.04"
|
|
- test: "sonobuoy full"
|
|
provider: "azure"
|
|
kubernetes-version: "v1.25"
|
|
runner: "ubuntu-22.04"
|
|
- test: "sonobuoy full"
|
|
provider: "aws"
|
|
kubernetes-version: "v1.25"
|
|
runner: "ubuntu-22.04"
|
|
|
|
# verify test on latest k8s version
|
|
- test: "verify"
|
|
provider: "gcp"
|
|
kubernetes-version: "v1.27"
|
|
runner: "ubuntu-22.04"
|
|
- test: "verify"
|
|
provider: "azure"
|
|
kubernetes-version: "v1.27"
|
|
runner: "ubuntu-22.04"
|
|
- test: "verify"
|
|
provider: "aws"
|
|
kubernetes-version: "v1.27"
|
|
runner: "ubuntu-22.04"
|
|
|
|
# recover test on latest k8s version
|
|
- test: "recover"
|
|
provider: "gcp"
|
|
kubernetes-version: "v1.27"
|
|
runner: "ubuntu-22.04"
|
|
- test: "recover"
|
|
provider: "azure"
|
|
kubernetes-version: "v1.27"
|
|
runner: "ubuntu-22.04"
|
|
- test: "recover"
|
|
provider: "aws"
|
|
kubernetes-version: "v1.27"
|
|
runner: "ubuntu-22.04"
|
|
|
|
# lb test on latest k8s version
|
|
- test: "lb"
|
|
provider: "gcp"
|
|
kubernetes-version: "v1.27"
|
|
runner: "ubuntu-22.04"
|
|
- test: "lb"
|
|
provider: "azure"
|
|
kubernetes-version: "v1.27"
|
|
runner: "ubuntu-22.04"
|
|
- test: "lb"
|
|
provider: "aws"
|
|
kubernetes-version: "v1.27"
|
|
runner: "ubuntu-22.04"
|
|
|
|
# autoscaling test on latest k8s version, not supported on AWS
|
|
- test: "autoscaling"
|
|
provider: "gcp"
|
|
kubernetes-version: "v1.27"
|
|
runner: "ubuntu-22.04"
|
|
- test: "autoscaling"
|
|
provider: "azure"
|
|
kubernetes-version: "v1.27"
|
|
runner: "ubuntu-22.04"
|
|
- test: "autoscaling"
|
|
provider: "aws"
|
|
kubernetes-version: "v1.27"
|
|
runner: "ubuntu-22.04"
|
|
|
|
# perf-bench test on latest k8s version, not supported on AWS
|
|
- test: "perf-bench"
|
|
provider: "gcp"
|
|
kubernetes-version: "v1.27"
|
|
runner: "ubuntu-22.04"
|
|
- test: "perf-bench"
|
|
provider: "azure"
|
|
kubernetes-version: "v1.27"
|
|
runner: "ubuntu-22.04"
|
|
|
|
#
|
|
# Tests on macOS runner
|
|
#
|
|
- test: "verify"
|
|
provider: "azure"
|
|
kubernetes-version: "v1.26"
|
|
runner: "macos-12"
|
|
- test: "recover"
|
|
provider: "gcp"
|
|
kubernetes-version: "v1.26"
|
|
runner: "macos-12"
|
|
runs-on: ${{ matrix.runner }}
|
|
permissions:
|
|
id-token: write
|
|
checks: write
|
|
contents: read
|
|
packages: write
|
|
steps:
|
|
- name: Install the basics tools (macOS)
|
|
if: runner.os == 'macOS'
|
|
shell: bash
|
|
run: brew install coreutils kubectl bash
|
|
|
|
- name: Checkout
|
|
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
|
|
with:
|
|
fetch-depth: 0
|
|
ref: ${{ inputs.ref || github.head_ref }}
|
|
|
|
- name: Set up gcloud CLI (macOS)
|
|
if: matrix.provider == 'gcp' && runner.os == 'macOS'
|
|
uses: google-github-actions/setup-gcloud@e30db14379863a8c79331b04a9969f4c1e225e0b # v1.1.1
|
|
|
|
- name: Run E2E test
|
|
id: e2e_test
|
|
uses: ./.github/actions/e2e_test
|
|
with:
|
|
workerNodesCount: "2"
|
|
controlNodesCount: "3"
|
|
cloudProvider: ${{ matrix.provider }}
|
|
cliVersion: ""
|
|
kubernetesVersion: ${{ matrix.kubernetes-version }}
|
|
osImage: ""
|
|
isDebugImage: "false"
|
|
regionZone: ${{ inputs.regionZone }}
|
|
awsOpenSearchDomain: ${{ secrets.AWS_OPENSEARCH_DOMAIN }}
|
|
awsOpenSearchUsers: ${{ secrets.AWS_OPENSEARCH_USER }}
|
|
awsOpenSearchPwd: ${{ secrets.AWS_OPENSEARCH_PWD }}
|
|
gcpProject: ${{ secrets.GCP_E2E_PROJECT }}
|
|
gcpClusterCreateServiceAccount: "constellation-e2e-cluster@constellation-331613.iam.gserviceaccount.com"
|
|
gcpIAMCreateServiceAccount: "constellation-iam-e2e@constellation-331613.iam.gserviceaccount.com"
|
|
gcpInClusterServiceAccountKey: ${{ secrets.GCP_CLUSTER_SERVICE_ACCOUNT }}
|
|
test: ${{ matrix.test }}
|
|
buildBuddyApiKey: ${{ secrets.BUILDBUDDY_ORG_API_KEY }}
|
|
azureClusterCreateCredentials: ${{ secrets.AZURE_E2E_CLUSTER_CREDENTIALS }}
|
|
azureIAMCreateCredentials: ${{ secrets.AZURE_E2E_IAM_CREDENTIALS }}
|
|
registry: ghcr.io
|
|
cosignPassword: ${{ secrets.COSIGN_PASSWORD }}
|
|
cosignPrivateKey: ${{ secrets.COSIGN_PRIVATE_KEY }}
|
|
githubToken: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Always terminate cluster
|
|
if: always()
|
|
uses: ./.github/actions/constellation_destroy
|
|
with:
|
|
kubeconfig: ${{ steps.e2e_test.outputs.kubeconfig }}
|
|
|
|
- name: Always delete IAM configuration
|
|
if: always()
|
|
uses: ./.github/actions/constellation_iam_destroy
|
|
with:
|
|
cloudProvider: ${{ matrix.provider }}
|
|
azureCredentials: ${{ secrets.AZURE_E2E_IAM_CREDENTIALS }}
|
|
gcpServiceAccount: "constellation-iam-e2e@constellation-331613.iam.gserviceaccount.com"
|
|
|
|
- name: Always upload Terraform logs
|
|
if: always()
|
|
uses: ./.github/actions/upload_terraform_logs
|
|
with:
|
|
artifactNameSuffix: ${{ steps.e2e_test.outputs.namePrefix }}
|
|
|
|
e2e-upgrade:
|
|
strategy:
|
|
fail-fast: false
|
|
max-parallel: 1
|
|
matrix:
|
|
fromVersion: ["v2.10.0"]
|
|
cloudProvider: ["gcp", "azure", "aws"]
|
|
name: Run upgrade tests
|
|
secrets: inherit
|
|
permissions:
|
|
id-token: write
|
|
contents: read
|
|
checks: write
|
|
packages: write
|
|
uses: ./.github/workflows/e2e-upgrade.yml
|
|
with:
|
|
fromVersion: ${{ matrix.fromVersion }}
|
|
toImage: ${{ inputs.targetVersion }}
|
|
cloudProvider: ${{ matrix.cloudProvider }}
|
|
nodeCount: '3:2'
|
|
gitRef: ${{ inputs.ref || github.head_ref }}
|