constellation/.github/workflows/e2e-windows.yml
Daniel Weiße 149fedb90f
cli: add constellation apply command to replace init and upgrade apply (#2484)
* Add apply command
* Mark init and upgrade apply as deprecated
* Use apply command in CI
* Add skippable phases for attestation config and cert SANs

---------

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2023-10-26 15:59:13 +02:00

174 lines
5.1 KiB
YAML

name: e2e test windows
on:
workflow_dispatch:
workflow_call:
inputs:
scheduled:
description: Whether this is a scheduled run.
type: boolean
default: false
required: false
jobs:
build-cli:
name: Build Windows CLI
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
with:
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
- name: Setup bazel
uses: ./.github/actions/setup_bazel_nix
with:
useCache: "true"
buildBuddyApiKey: ${{ secrets.BUILDBUDDY_ORG_API_KEY }}
- name: Build CLI
uses: ./.github/actions/build_cli
with:
targetOS: "windows"
targetArch: "amd64"
enterpriseCLI: true
- name: Upload CLI artifact
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
with:
path: "bazel-bin/cli/cli_enterprise_windows_amd64"
name: "constell-exe"
e2e-test:
name: E2E Test Windows
runs-on: windows-2022
needs: build-cli
steps:
- name: Checkout
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
with:
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
- name: Download CLI artifact
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with:
name: "constell-exe"
- name: Check CLI version
shell: pwsh
run: |
Move-Item -Path .\cli_enterprise_windows_amd64 -Destination .\constellation.exe
.\constellation.exe version
- name: Login to Azure (IAM service principal)
uses: ./.github/actions/login_azure
with:
azure_credentials: ${{ secrets.AZURE_E2E_IAM_CREDENTIALS }}
- name: Create IAM configuration
shell: pwsh
run: |
.\constellation.exe config generate azure
.\constellation.exe iam create azure --region=westus --resourceGroup=e2eWindoewsRG --servicePrincipal=e2eWindoewsSP --update-config --debug -y
- name: Login to Azure (Cluster service principal)
uses: ./.github/actions/login_azure
with:
azure_credentials: ${{ secrets.AZURE_E2E_CLUSTER_CREDENTIALS }}
- name: Create cluster
shell: pwsh
run: |
.\constellation.exe create --debug -y
- name: Initialize cluster
shell: pwsh
run: |
.\constellation.exe apply --debug
- name: Liveness probe
shell: pwsh
run: |
$retryIntervalSeconds = 30
$maxRetries = 50
$retryCount = 0
$allNodesReady = $false
while (-not $allNodesReady -and $retryCount -lt $maxRetries) {
${retryCount}++
Write-Host "Retry ${retryCount}: Checking node status..."
$nodesOutput = & kubectl get nodes --kubeconfig "$PWD\constellation-admin.conf"
$lines = $nodesOutput -split "`r?`n" | Select-Object -Skip 1
$allNodesReady = $true
foreach ($line in $lines) {
$columns = $line -split '\s+' | Where-Object { $_ -ne '' }
$nodeName = $columns[0]
$status = $columns[1]
if ($status -ne "Ready") {
Write-Host "Node $nodeName is not ready!"
$allNodesReady = $false
}
}
if (-not $allNodesReady) {
Write-Host "Retrying in $retryIntervalSeconds seconds..."
Start-Sleep -Seconds $retryIntervalSeconds
}
}
if ($allNodesReady) {
Write-Host "All nodes are ready!"
}
else {
Write-Host "Node status check failed after $maxRetries retries."
EXIT 1
}
- name: Terminate cluster
if: always()
shell: pwsh
run: |
.\constellation.exe terminate --debug -y
- name: Login to Azure (IAM service principal)
if: always()
uses: ./.github/actions/login_azure
with:
azure_credentials: ${{ secrets.AZURE_E2E_IAM_CREDENTIALS }}
- name: Delete IAM configuration
if: always()
shell: pwsh
run: |
.\constellation.exe iam destroy --debug -y
notify-failure:
name: Notify about failure
runs-on: ubuntu-22.04
needs: e2e-test
if: |
failure() &&
github.ref == 'refs/heads/main' &&
inputs.scheduled
steps:
- name: Checkout
uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
with:
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
- name: Notify about failure
continue-on-error: true
uses: ./.github/actions/notify_failure
with:
projectWriteToken: ${{ secrets.PROJECT_WRITE_TOKEN }}
teamsWebhookUri: ${{ secrets.MS_TEAMS_WEBHOOK_URI }}
test: Windows E2E Test
provider: Azure