mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-10-01 01:36:09 -04:00
d372130bfd
* Add attestation variant to notify hooks * Quote all inputs in OpenSearch URL * Add clusterCreation field to OpenSearch URL * Omit empty fields in OpenSearch URL --------- Signed-off-by: Daniel Weiße <dw@edgeless.systems>
175 lines
5.2 KiB
YAML
175 lines
5.2 KiB
YAML
name: e2e test windows
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
workflow_call:
|
|
inputs:
|
|
scheduled:
|
|
description: Whether this is a scheduled run.
|
|
type: boolean
|
|
default: false
|
|
required: false
|
|
|
|
jobs:
|
|
build-cli:
|
|
name: Build Windows CLI
|
|
runs-on: ubuntu-22.04
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
|
with:
|
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
|
|
|
- name: Setup bazel
|
|
uses: ./.github/actions/setup_bazel_nix
|
|
with:
|
|
useCache: "true"
|
|
buildBuddyApiKey: ${{ secrets.BUILDBUDDY_ORG_API_KEY }}
|
|
|
|
- name: Build CLI
|
|
uses: ./.github/actions/build_cli
|
|
with:
|
|
targetOS: "windows"
|
|
targetArch: "amd64"
|
|
enterpriseCLI: true
|
|
|
|
- name: Upload CLI artifact
|
|
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
|
|
with:
|
|
path: "bazel-bin/cli/cli_enterprise_windows_amd64"
|
|
name: "constell-exe"
|
|
|
|
e2e-test:
|
|
name: E2E Test Windows
|
|
runs-on: windows-2022
|
|
needs: build-cli
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
|
with:
|
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
|
|
|
- name: Download CLI artifact
|
|
uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
|
|
with:
|
|
name: "constell-exe"
|
|
|
|
- name: Check CLI version
|
|
shell: pwsh
|
|
run: |
|
|
Move-Item -Path .\cli_enterprise_windows_amd64 -Destination .\constellation.exe
|
|
.\constellation.exe version
|
|
|
|
- name: Login to Azure (IAM service principal)
|
|
uses: ./.github/actions/login_azure
|
|
with:
|
|
azure_credentials: ${{ secrets.AZURE_E2E_IAM_CREDENTIALS }}
|
|
|
|
- name: Create IAM configuration
|
|
shell: pwsh
|
|
run: |
|
|
.\constellation.exe config generate azure
|
|
.\constellation.exe iam create azure --region=westus --resourceGroup=e2eWindoewsRG --servicePrincipal=e2eWindoewsSP --update-config --debug -y
|
|
|
|
- name: Login to Azure (Cluster service principal)
|
|
uses: ./.github/actions/login_azure
|
|
with:
|
|
azure_credentials: ${{ secrets.AZURE_E2E_CLUSTER_CREDENTIALS }}
|
|
|
|
- name: Apply config
|
|
shell: pwsh
|
|
run: |
|
|
.\constellation.exe apply --debug -y
|
|
|
|
- name: Liveness probe
|
|
shell: pwsh
|
|
run: |
|
|
$retryIntervalSeconds = 30
|
|
$maxRetries = 50
|
|
|
|
$retryCount = 0
|
|
$allNodesReady = $false
|
|
|
|
while (-not $allNodesReady -and $retryCount -lt $maxRetries) {
|
|
${retryCount}++
|
|
Write-Host "Retry ${retryCount}: Checking node status..."
|
|
|
|
$nodesOutput = & kubectl get nodes --kubeconfig "$PWD\constellation-admin.conf"
|
|
|
|
$lines = $nodesOutput -split "`r?`n" | Select-Object -Skip 1
|
|
|
|
$allNodesReady = $true
|
|
|
|
foreach ($line in $lines) {
|
|
$columns = $line -split '\s+' | Where-Object { $_ -ne '' }
|
|
|
|
$nodeName = $columns[0]
|
|
$status = $columns[1]
|
|
|
|
if ($status -ne "Ready") {
|
|
Write-Host "Node $nodeName is not ready!"
|
|
$allNodesReady = $false
|
|
}
|
|
}
|
|
|
|
if (-not $allNodesReady) {
|
|
Write-Host "Retrying in $retryIntervalSeconds seconds..."
|
|
Start-Sleep -Seconds $retryIntervalSeconds
|
|
}
|
|
}
|
|
|
|
if ($allNodesReady) {
|
|
Write-Host "All nodes are ready!"
|
|
}
|
|
else {
|
|
Write-Host "Node status check failed after $maxRetries retries."
|
|
EXIT 1
|
|
}
|
|
|
|
- name: Terminate cluster
|
|
if: always()
|
|
shell: pwsh
|
|
run: |
|
|
.\constellation.exe terminate --debug -y
|
|
|
|
- name: Login to Azure (IAM service principal)
|
|
if: always()
|
|
uses: ./.github/actions/login_azure
|
|
with:
|
|
azure_credentials: ${{ secrets.AZURE_E2E_IAM_CREDENTIALS }}
|
|
|
|
- name: Delete IAM configuration
|
|
if: always()
|
|
shell: pwsh
|
|
run: |
|
|
.\constellation.exe iam destroy --debug -y
|
|
|
|
notify-failure:
|
|
name: Notify about failure
|
|
runs-on: ubuntu-22.04
|
|
needs: e2e-test
|
|
if: |
|
|
failure() &&
|
|
github.ref == 'refs/heads/main' &&
|
|
inputs.scheduled
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
|
with:
|
|
ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}
|
|
|
|
- name: Setup bazel
|
|
uses: ./.github/actions/setup_bazel_nix
|
|
with:
|
|
useCache: "true"
|
|
buildBuddyApiKey: ${{ secrets.BUILDBUDDY_ORG_API_KEY }}
|
|
|
|
- name: Notify about failure
|
|
continue-on-error: true
|
|
uses: ./.github/actions/notify_e2e_failure
|
|
with:
|
|
projectWriteToken: ${{ secrets.PROJECT_WRITE_TOKEN }}
|
|
test: Windows E2E Test
|
|
provider: Azure
|
|
attestationVariant: "azure-sev-snp"
|