mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-09-20 08:15:56 +00:00
919a2165ae
The seccomp filter applied by docker presumably stops curl from working correctly as the glibc changed the way it creates processes (switch from clone to clone3). The backwards compatibility layer of glibc does not work correctly with docker's seccomp filter, making it necessary to give the container privileged access.
63 lines
2.6 KiB
YAML
63 lines
2.6 KiB
YAML
name: e2e Test GCP
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
schedule:
|
|
- cron: "0 2 * * 2-6"
|
|
jobs:
|
|
test-latest:
|
|
runs-on: [self-hosted, edgserver]
|
|
container:
|
|
image: ghcr.io/catthehacker/ubuntu:act-latest
|
|
options: --privileged
|
|
steps:
|
|
- name: Check out repository
|
|
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
|
|
with:
|
|
fetch-depth: 0
|
|
- name: Run GCP E2E test
|
|
uses: ./.github/actions/e2e_test
|
|
with:
|
|
workerNodesCount: "2"
|
|
controlNodesCount: "1"
|
|
autoscale: "false"
|
|
cloudProvider: "gcp"
|
|
machineType: "n2d-standard-2"
|
|
gcp_service_account_json: ${{ secrets.GCP_SERVICE_ACCOUNT }}
|
|
# TODO: Remove E2E_SKIP once AB#2174 is resolved
|
|
sonobuoyTestSuiteCmd: '--plugin e2e --plugin-env e2e.E2E_FOCUS="\[Conformance\]" --plugin-env e2e.E2E_SKIP="for service with type clusterIP|HostPort validates that there is no conflict between pods with same hostPort but different hostIP and protocol" --plugin https://raw.githubusercontent.com/vmware-tanzu/sonobuoy-plugins/master/cis-benchmarks/kube-bench-plugin.yaml --plugin https://raw.githubusercontent.com/vmware-tanzu/sonobuoy-plugins/master/cis-benchmarks/kube-bench-master-plugin.yaml'
|
|
msTeamsWebhook: ${{ secrets.MS_TEAMS_WEBHOOK_URI }}
|
|
cosignPublicKey: ${{ secrets.COSIGN_PUBLIC_KEY }}
|
|
cosignPrivateKey: ${{ secrets.COSIGN_PRIVATE_KEY }}
|
|
cosignPassword: ${{ secrets.COSIGN_PASSWORD }}
|
|
awsAccessKeyID: ${{ secrets.AWS_ACCESS_KEY_ID }}
|
|
awsSecretAccessKey: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
|
|
awsDefaultRegion: ${{ secrets.AWS_DEFAULT_REGION }}
|
|
awsBucketName: ${{ secrets.PUBLIC_BUCKET_NAME }}
|
|
|
|
test-older-versions:
|
|
strategy:
|
|
matrix:
|
|
version: ["1.22", "1.23"]
|
|
runs-on: [self-hosted, edgserver]
|
|
container:
|
|
image: ghcr.io/catthehacker/ubuntu:act-latest
|
|
options: --privileged
|
|
steps:
|
|
- name: Check out repository
|
|
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
|
|
with:
|
|
fetch-depth: 0
|
|
- name: Run GCP E2E test
|
|
uses: ./.github/actions/e2e_test
|
|
with:
|
|
workerNodesCount: "2"
|
|
controlNodesCount: "1"
|
|
autoscale: "false"
|
|
cloudProvider: "gcp"
|
|
machineType: "n2d-standard-2"
|
|
gcp_service_account_json: ${{ secrets.GCP_SERVICE_ACCOUNT }}
|
|
sonobuoyTestSuiteCmd: "--mode quick"
|
|
kubernetesVersion: ${{ matrix.version }}
|
|
msTeamsWebhook: ${{ secrets.MS_TEAMS_WEBHOOK_URI }}
|