1
name: Conformance Ginkgo (ci-ginkgo)
8
description: "Pull request number."
11
description: "Context in which the workflow runs. If PR is from a fork, will be the PR target branch (general case). If PR is NOT from a fork, will be the PR branch itself (this allows committers to test changes to workflows directly from PRs)."
14
description: "SHA under test (head of the PR branch)."
17
description: "[JSON object] Arbitrary arguments passed from the trigger comment via regex capture group. Parse with 'fromJson(inputs.extra-args).argName' in workflow."
45
${{ github.workflow }}
46
${{ github.event_name }}
48
(github.event_name == 'schedule' && github.sha) ||
49
(github.event_name == 'workflow_dispatch' && github.event.inputs.PR-number)
51
cancel-in-progress: true
54
check_url: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
59
runs-on: ubuntu-latest
61
SHA: ${{ steps.vars.outputs.SHA }}
62
context-ref: ${{ steps.vars.outputs.context-ref }}
63
owner: ${{ steps.vars.outputs.owner }}
65
- name: Set up job variables
68
if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
69
SHA="${{ inputs.SHA }}"
70
CONTEXT_REF="${{ inputs.context-ref }}"
71
OWNER="${{ inputs.PR-number }}"
73
SHA="${{ github.sha }}"
74
CONTEXT_REF="${{ github.sha }}"
75
OWNER="${{ github.ref_name }}"
79
echo SHA=${SHA} >> $GITHUB_OUTPUT
80
echo context-ref=${CONTEXT_REF} >> $GITHUB_OUTPUT
81
echo owner=${OWNER} >> $GITHUB_OUTPUT
84
name: Commit Status Start
85
runs-on: ubuntu-latest
87
- name: Set initial commit status
88
uses: myrotvorets/set-commit-status-action@38f3f27c7d52fb381273e95542f07f0fba301307
90
sha: ${{ inputs.SHA || github.sha }}
95
runs-on: ubuntu-latest
96
name: Build Ginkgo E2E
104
- name: Checkout pull request branch (NOT TRUSTED)
105
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
107
ref: ${{ inputs.SHA || github.sha }}
108
persist-credentials: false
111
- name: Load ginkgo E2E from GH cache
112
uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2
115
path: /tmp/.ginkgo-build/
116
key: ${{ runner.os }}-ginkgo-e2e-${{ hashFiles('**/*.go') }}
119
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
120
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491
126
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
129
go install github.com/onsi/ginkgo/ginkgo@v1.16.5
130
mkdir -p /tmp/.ginkgo-build
133
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
137
/home/runner/go/bin/ginkgo build
139
tar -cz test.test -f test.tgz
141
- name: Store Ginkgo Test in GitHub cache path
142
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
145
mkdir -p /tmp/.ginkgo-build/
146
if [ -f test/test.tgz ]; then
147
cp test/test.tgz /tmp/.ginkgo-build/
153
runs-on: ubuntu-latest
154
name: Wait for images
157
- name: Checkout context ref (trusted)
158
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
160
ref: ${{ inputs.context-ref || github.sha }}
161
persist-credentials: false
163
- name: Set Environment Variables
164
uses: ./.github/actions/set-env-variables
166
- name: Wait for images to be available
170
for image in cilium-ci operator-generic-ci hubble-relay-ci ; do
171
until docker manifest inspect quay.io/${{ env.QUAY_ORGANIZATION_DEV }}/$image:${{ needs.setup-vars.outputs.SHA }} &> /dev/null; do sleep 45s; done
175
name: Generate Job Matrix from YAMLs
177
runs-on: ubuntu-latest
179
matrix: ${{ steps.set-matrix.outputs.matrix }}
181
- name: Checkout context ref (trusted)
182
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
184
ref: ${{ inputs.context-ref || github.sha }}
185
persist-credentials: false
187
- name: Convert YAML to JSON
189
work_dir=".github/actions/ginkgo"
190
destination_directory="/tmp/generated/ginkgo"
191
mkdir -p "${destination_directory}"
192
for file in "${work_dir}"/main*.yaml; do
193
if [[ -f "$file" ]]; then
194
filename=$(basename "$file")
195
new_filename="${filename%.yaml}.json"
197
yq -o=json "${file}" | jq . > "${destination_directory}/${new_filename}"
201
- name: Generate Matrix
204
if ${{ github.event_name == 'schedule' }}; then
205
k8s_versions_to_run='main-scheduled.json'
207
k8s_versions_to_run='main-prs.json'
215
dir="/tmp/generated/ginkgo"
217
jq --argjson prs "$(jq '.["k8s-version"]' ${k8s_versions_to_run})" \
218
--argfile focus main-focus.json \
219
'.include |= map(select(.["k8s-version"] as $k | $prs[] | select($k == .))) + $focus.include |
220
. + {"k8s-version": $prs} |
221
.focus = $focus.focus | .exclude = $focus.exclude' \
222
main-k8s-versions.json> /tmp/merged.json
223
echo "Generated matrix:"
225
echo "matrix=$(jq -c . < /tmp/merged.json)" >> $GITHUB_OUTPUT
228
needs: [setup-vars, build-ginkgo-binary, generate-matrix, wait-for-images]
230
group: ginkgo-runners
232
name: "E2E Test (${{ matrix.k8s-version }}, ${{matrix.focus}})"
234
job_name: "E2E Test (${{ matrix.k8s-version }}, ${{matrix.focus}})"
238
matrix: ${{ fromJSON(needs.generate-matrix.outputs.matrix) }}
241
- name: Checkout context ref (trusted)
242
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
244
ref: ${{ inputs.context-ref || github.sha }}
245
persist-credentials: false
247
- name: Set Environment Variables
248
uses: ./.github/actions/set-env-variables
252
- name: Checkout pull request branch (NOT TRUSTED)
253
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
255
ref: ${{ inputs.SHA || github.sha }}
256
persist-credentials: false
258
- name: Install cilium-cli
261
cid=$(docker create quay.io/cilium/cilium-cli-ci:latest ls)
262
docker cp $cid:/usr/local/bin/cilium ./cilium-cli
268
# renovate: datasource=github-releases depName=helm/helm
270
wget "https://get.helm.sh/helm-${HELM_VERSION}-linux-amd64.tar.gz"
271
tar -xf "helm-${HELM_VERSION}-linux-amd64.tar.gz"
272
mv ./linux-amd64/helm ./helm
274
- name: Provision LVH VMs
276
uses: cilium/little-vm-helper@9d758b756305e83718a51b792a5aeabd022a39ec
278
test-name: datapath-conformance
279
install-dependencies: true
280
image-version: ${{ matrix.kernel }}
285
git config --global --add safe.directory /host
286
mv /host/helm /usr/bin
287
mv /host/cilium-cli /usr/bin
289
- name: Provision kind
291
uses: cilium/little-vm-helper@9d758b756305e83718a51b792a5aeabd022a39ec
296
if [[ "${{ matrix.kernel }}" == bpf-next-* ]]; then
297
./contrib/scripts/kind.sh "" 2 "" "${{ matrix.kube-image }}" "none" "${{ matrix.ip-family }}"
298
kubectl label node kind-worker2 cilium.io/ci-node=kind-worker2
299
# Avoid re-labeling this node by setting "node-role.kubernetes.io/controlplane"
300
kubectl label node kind-worker2 node-role.kubernetes.io/controlplane=
302
./contrib/scripts/kind.sh "" 1 "" "${{ matrix.kube-image }}" "iptables" "${{ matrix.ip-family }}"
304
# Some tests using demo-customcalls.yaml are mounting this directoy
305
mkdir -p /home/vagrant/go/src/github.com/cilium
306
ln -s /host /home/vagrant/go/src/github.com/cilium/cilium
307
git config --add safe.directory /cilium
310
- name: Load ${{ matrix.name }} Ginkgo build from GitHub
311
uses: actions/cache/restore@13aacd865c20de90d75de3b17ebe84f7a17d57d2
314
path: /tmp/.ginkgo-build/
315
key: ${{ runner.os }}-ginkgo-e2e-${{ hashFiles('**/*.go') }}
319
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
320
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491
326
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
329
go install github.com/onsi/ginkgo/ginkgo@v1.16.5
330
mkdir -p /tmp/.ginkgo-build
333
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
337
/home/runner/go/bin/ginkgo build
339
tar -cz test.test -f test.tgz
341
- name: Store Ginkgo Test in GitHub cache path
342
if: ${{ steps.cache.outputs.cache-hit != 'true' }}
345
mkdir -p /tmp/.ginkgo-build/
346
if [ -f test/test.tgz ]; then
347
cp test/test.tgz /tmp/.ginkgo-build/
351
- name: Copy Ginkgo binary
355
tar -xf /tmp/.ginkgo-build/test.tgz
360
uses: cilium/little-vm-helper@9d758b756305e83718a51b792a5aeabd022a39ec
365
kubectl get ns -A -o wide
366
kubectl get pods -A -o wide
369
if [[ "${{ matrix.kernel }}" == bpf-next-* ]]; then
370
export KERNEL=net-next
374
export NO_CILIUM_ON_NODES=kind-worker2
375
elif [[ "${{ matrix.kernel }}" == 5.4-* ]]; then
378
export K8S_VERSION=${{ matrix.k8s-version }}
379
export CNI_INTEGRATION=kind
380
export INTEGRATION_TESTS=true
381
# GitHub actions do not support IPv6 connectivity to outside
383
export CILIUM_NO_IPV6_OUTSIDE=true
384
echo "/root/go/bin/ginkgo \
385
--focus=\"${{ matrix.cliFocus }}\" \
386
--skip=\"${{ matrix.cliSkip }}\" \
389
-cilium.provision=false \
390
-cilium.image=quay.io/${{ env.QUAY_ORGANIZATION_DEV }}/cilium-ci \
391
-cilium.tag=${{ needs.setup-vars.outputs.SHA }} \
392
-cilium.operator-image=quay.io/${{ env.QUAY_ORGANIZATION_DEV }}/operator \
393
-cilium.operator-tag=${{ needs.setup-vars.outputs.SHA }} \
394
-cilium.hubble-relay-image=quay.io/${{ env.QUAY_ORGANIZATION_DEV }}/hubble-relay-ci \
395
-cilium.hubble-relay-tag=${{ needs.setup-vars.outputs.SHA }} \
396
-cilium.kubeconfig=/root/.kube/config \
397
-cilium.provision-k8s=false \
398
-cilium.operator-suffix=-ci"
401
--ginkgo.focus="${{ matrix.cliFocus }}" \
402
--ginkgo.skip="${{ matrix.cliSkip }}" \
403
--ginkgo.seed=1679952881 \
405
-cilium.provision=false \
406
-cilium.image=quay.io/${{ env.QUAY_ORGANIZATION_DEV }}/cilium-ci \
407
-cilium.tag=${{ needs.setup-vars.outputs.SHA }} \
408
-cilium.operator-image=quay.io/${{ env.QUAY_ORGANIZATION_DEV }}/operator \
409
-cilium.operator-tag=${{ needs.setup-vars.outputs.SHA }} \
410
-cilium.hubble-relay-image=quay.io/${{ env.QUAY_ORGANIZATION_DEV }}/hubble-relay-ci \
411
-cilium.hubble-relay-tag=${{ needs.setup-vars.outputs.SHA }} \
412
-cilium.kubeconfig=/root/.kube/config \
413
-cilium.provision-k8s=false \
414
-cilium.operator-suffix=-ci
416
- name: Fetch artifacts
417
if: ${{ !success() && steps.provision-vh-vms.outcome == 'success' }}
418
uses: cilium/little-vm-helper@9d758b756305e83718a51b792a5aeabd022a39ec
423
kubectl get pods --all-namespaces -o wide
424
tar -zcf "test_results-${{ env.job_name }}.tar.gz" /host/test/test_results
426
- name: Upload artifacts
427
if: ${{ !success() }}
428
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3
430
name: cilium-sysdumps-${{ matrix.k8s-version }}-${{matrix.focus}}
434
test_results-*.tar.gz
437
if: ${{ always() && steps.run-tests.outcome != 'skipped' }}
440
mkdir -p cilium-junits
442
junit_filename="${{ env.job_name }}.xml"
443
for filename in *.xml; do cp "${filename}" "../cilium-junits/${junit_filename}"; done;
445
- name: Upload JUnits [junit]
447
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3
449
name: cilium-junits-${{ matrix.k8s-version }}-${{matrix.focus}}
450
path: cilium-junits/*.xml
452
- name: Publish Test Results As GitHub Summary
454
uses: aanm/junit2md@332ebf0fddd34e91b03a832cfafaa826306558f9
456
junit-directory: "cilium-junits"
460
name: Merge and Upload Artifacts
461
runs-on: ubuntu-latest
462
needs: setup-and-test
464
- name: Merge Sysdumps
465
if: ${{ needs.setup-and-test.result == 'failure' }}
466
uses: actions/upload-artifact/merge@5d5d22a31266ced268874388b861e4b58bb5c2f3
468
name: cilium-sysdumps
469
pattern: cilium-sysdumps-*
472
continue-on-error: true
474
uses: actions/upload-artifact/merge@5d5d22a31266ced268874388b861e4b58bb5c2f3
477
pattern: cilium-junits-*
483
name: Commit Status Final
484
needs: setup-and-test
485
runs-on: ubuntu-latest
487
- name: Determine final commit status
491
# When one of the prerequisites of setup-and-test fails, then that
492
# job gets skipped. Let's convert the status so that we correctly
493
# report that as a proper failure.
494
if [ "${{ needs.setup-and-test.result }}" != "skipped" ]; then
495
echo "status=${{ needs.setup-and-test.result }}" >> $GITHUB_OUTPUT
497
echo "status=failure" >> $GITHUB_OUTPUT
500
- name: Set final commit status
501
uses: myrotvorets/set-commit-status-action@38f3f27c7d52fb381273e95542f07f0fba301307
503
sha: ${{ inputs.SHA || github.sha }}
504
status: ${{ steps.commit-status.outputs.status }}