* remove Sunday and Monday morning runs, little value * run test lint on main, as we do for all linters * fixup outdated instructions * use version hash instead of tags * use dependabot for github actions Signed-off-by: Fabian Kammel <fk@edgeless.systems>
Actions & Workflows
Manual Trigger (workflow_dispatch)
It is currently not possible to run a workflow_dispatch
based workflow on a specific branch, while it is not yet available in main
branch, from the WebUI. If you would like to test your pipeline changes on a branch, use the GitHub CLI:
gh workflow run e2e-test-manual.yml \
--ref feat/e2e_pipeline \ # On your specific branch!
-F autoscale=false -F cloudProvider=gcp \ # With your ...
-F controlNodesCount=1 -F workerNodesCount=2 \ # ... settings
-F machineType=n2d-standard-2
E2E Test Suites
Here are some examples for test suits you might want to run. Values for sonobuoyTestSuiteCmd
:
--mode quick
- Runs a set of tests that are known to be quick to execute! (<1 min)
--e2e-focus "Services should be able to create a functioning NodePort service"
- Runs a specific test
--mode certified-conformance
- For K8s conformance certification test suite
Check Sonobuoy docs for more examples.
When using --mode
be aware that --e2e-focus
and e2e-skip
will be overwritten. Check in the source code what the different modes do.
Local Development
Using nektos/act you can run GitHub actions locally.
Specific Jobs
act -j e2e-test-gcp
Simulate a workflow_dispatch
event
Create a new JSON file to describe the event (relevant issue, there are no further information about structure of this file):
{
"action": "workflow_dispatch",
"inputs": {
"workerNodesCount": "2",
"controlNodesCount": "1",
"autoscale": false,
"cloudProvider": "gcp",
"machineType": "n2d-standard-2",
"sonobuoyTestSuiteCmd": "--mode quick"
}
}
Then run act with the event as input:
act -j e2e-test-manual --eventpath event.json
Authorizing GCP
For creating Kubernetes clusters in GCP a local copy of the service account secret is required.
- Create a new service account key
- Create a compact (one line) JSON representation of the file
jq -c
- Store in GitHub Action Secret or create a local secret file for act to consume:
$ cat secrets.env
GCP_SERVICE_ACCOUNT={"type":"service_account", ... }
$ act --secret-file secrets.env
Authorizing Azure
Create a new service principal:
az ad sp create-for-rbac --name "github-actions-e2e-tests" --role contributor --scopes /subscriptions/0d202bbb-4fa7-4af8-8125-58c269a05435 --sdk-auth
az role assignment create --role "User Access Administrator" --scope /subscriptions/0d202bbb-4fa7-4af8-8125-58c269a05435 --assignee <SERVICE_PRINCIPAL_CLIENT_ID>
Next, add API permissions to Managed Identity
Store output of az ad sp ...
in GitHub Action Secret or create a local secret file for act to consume.