/
envoy.istio
/
cilium
GigaCode
beta
ОбзорЦентр заботыВойти

cilium

Форк
0
Ветки: 597Коммиты: 27637Теги: 607
cilium
/.github
/workflows
/
conformance-ginkgo.yaml 
504 строки · 18.4 Кб
1
name: Conformance Ginkgo (ci-ginkgo)
2


3
# Any change in triggers needs to be reflected in the concurrency group.
4
on:
5
  workflow_dispatch:
6
    inputs:
7
      PR-number:
8
        description: "Pull request number."
9
        required: true
10
      context-ref:
11
        description: "Context in which the workflow runs. If PR is from a fork, will be the PR target branch (general case). If PR is NOT from a fork, will be the PR branch itself (this allows committers to test changes to workflows directly from PRs)."
12
        required: true
13
      SHA:
14
        description: "SHA under test (head of the PR branch)."
15
        required: true
16
      extra-args:
17
        description: "[JSON object] Arbitrary arguments passed from the trigger comment via regex capture group. Parse with 'fromJson(inputs.extra-args).argName' in workflow."
18
        required: false
19
        default: '{}'
20
  # Run every 6 hours
21
  schedule:
22
    - cron:  '0 1/6 * * *'
23


24
# By specifying the access of one of the scopes, all of those that are not
25
# specified are set to 'none'.
26
permissions:
27
  # To be able to access the repository with actions/checkout
28
  contents: read
29
  # To allow retrieving information from the PR API
30
  pull-requests: read
31
  # To be able to set commit status
32
  statuses: write
33


34
concurrency:
35
  # Structure:
36
  # - Workflow name
37
  # - Event type
38
  # - A unique identifier depending on event type:
39
  #   - schedule: SHA
40
  #   - workflow_dispatch: PR number
41
  #
42
  # This structure ensures a unique concurrency group name is generated for each
43
  # type of testing, such that re-runs will cancel the previous run.
44
  group: |
45
    ${{ github.workflow }}
46
    ${{ github.event_name }}
47
    ${{
48
      (github.event_name == 'schedule' && github.sha) ||
49
      (github.event_name == 'workflow_dispatch' && github.event.inputs.PR-number)
50
    }}
51
  cancel-in-progress: true
52


53
env:
54
  check_url: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
55


56
jobs:
57
  setup-vars:
58
    name: Setup Vars
59
    runs-on: ubuntu-latest
60
    outputs:
61
      SHA: ${{ steps.vars.outputs.SHA }}
62
      context-ref: ${{ steps.vars.outputs.context-ref }}
63
      owner: ${{ steps.vars.outputs.owner }}
64
    steps:
65
      - name: Set up job variables
66
        id: vars
67
        run: |
68
          if [ "${{ github.event_name }}" = "workflow_dispatch" ]; then
69
            SHA="${{ inputs.SHA }}"
70
            CONTEXT_REF="${{ inputs.context-ref }}"
71
            OWNER="${{ inputs.PR-number }}"
72
          else
73
            SHA="${{ github.sha }}"
74
            CONTEXT_REF="${{ github.sha }}"
75
            OWNER="${{ github.ref_name }}"
76
            OWNER="${OWNER/./-}"
77
          fi
78


79
          echo SHA=${SHA} >> $GITHUB_OUTPUT
80
          echo context-ref=${CONTEXT_REF} >> $GITHUB_OUTPUT
81
          echo owner=${OWNER} >> $GITHUB_OUTPUT
82


83
  commit-status-start:
84
    name: Commit Status Start
85
    runs-on: ubuntu-latest
86
    steps:
87
      - name: Set initial commit status
88
        uses: myrotvorets/set-commit-status-action@38f3f27c7d52fb381273e95542f07f0fba301307 # v2.0.0
89
        with:
90
          sha: ${{ inputs.SHA || github.sha }}
91


92
  # Pre-build the ginkgo binary so that we don't have to build it for all
93
  # runners.
94
  build-ginkgo-binary:
95
    runs-on: ubuntu-latest
96
    name: Build Ginkgo E2E
97
    timeout-minutes: 30
98
    steps:
99
      # If any of these steps are modified, please update the copy of these
100
      # steps further down under the 'setup-and-test' jobs.
101


102
      # Warning: since this is a privileged workflow, subsequent workflow job
103
      # steps must take care not to execute untrusted code.
104
      - name: Checkout pull request branch (NOT TRUSTED)
105
        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
106
        with:
107
          ref: ${{ inputs.SHA || github.sha }}
108
          persist-credentials: false
109


110
      # Load Ginkgo build from GitHub
111
      - name: Load ginkgo E2E from GH cache
112
        uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
113
        id: cache
114
        with:
115
          path: /tmp/.ginkgo-build/
116
          key: ${{ runner.os }}-ginkgo-e2e-${{ hashFiles('**/*.go') }}
117


118
      - name: Install Go
119
        if: ${{ steps.cache.outputs.cache-hit != 'true' }}
120
        uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
121
        with:
122
          # renovate: datasource=golang-version depName=go
123
          go-version: 1.22.0
124


125
      - name: Build Ginkgo
126
        if: ${{ steps.cache.outputs.cache-hit != 'true' }}
127
        shell: bash
128
        run: |
129
          go install github.com/onsi/ginkgo/ginkgo@v1.16.5
130
          mkdir -p /tmp/.ginkgo-build
131


132
      - name: Build Test
133
        if: ${{ steps.cache.outputs.cache-hit != 'true' }}
134
        shell: bash
135
        run: |
136
          cd test
137
          /home/runner/go/bin/ginkgo build
138
          strip test.test
139
          tar -cz test.test -f test.tgz
140


141
      - name: Store Ginkgo Test in GitHub cache path
142
        if: ${{ steps.cache.outputs.cache-hit != 'true' }}
143
        shell: bash
144
        run: |
145
          mkdir -p /tmp/.ginkgo-build/
146
          if [ -f test/test.tgz ]; then
147
            cp test/test.tgz /tmp/.ginkgo-build/
148
            echo "file copied"
149
          fi
150


151
  wait-for-images:
152
    needs: setup-vars
153
    runs-on: ubuntu-latest
154
    name: Wait for images
155
    timeout-minutes: 30
156
    steps:
157
      - name: Checkout context ref (trusted)
158
        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
159
        with:
160
          ref: ${{ inputs.context-ref || github.sha }}
161
          persist-credentials: false
162


163
      - name: Set Environment Variables
164
        uses: ./.github/actions/set-env-variables
165


166
      - name: Wait for images to be available
167
        timeout-minutes: 30
168
        shell: bash
169
        run: |
170
          for image in cilium-ci operator-generic-ci hubble-relay-ci ; do
171
            until docker manifest inspect quay.io/${{ env.QUAY_ORGANIZATION_DEV }}/$image:${{ needs.setup-vars.outputs.SHA }} &> /dev/null; do sleep 45s; done
172
          done
173


174
  generate-matrix:
175
    name: Generate Job Matrix from YAMLs
176
    needs: setup-vars
177
    runs-on: ubuntu-latest
178
    outputs:
179
      matrix: ${{ steps.set-matrix.outputs.matrix }}
180
    steps:
181
      - name: Checkout context ref (trusted)
182
        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
183
        with:
184
          ref: ${{ inputs.context-ref || github.sha }}
185
          persist-credentials: false
186


187
      - name: Convert YAML to JSON
188
        run: |
189
          work_dir=".github/actions/ginkgo"
190
          destination_directory="/tmp/generated/ginkgo"
191
          mkdir -p "${destination_directory}"
192
          for file in "${work_dir}"/main*.yaml; do
193
              if [[ -f "$file" ]]; then
194
                  filename=$(basename "$file")
195
                  new_filename="${filename%.yaml}.json"
196


197
                  yq -o=json "${file}" | jq . > "${destination_directory}/${new_filename}"
198
              fi
199
          done
200


201
      - name: Generate Matrix
202
        id: set-matrix
203
        run: |
204
          if ${{ github.event_name == 'schedule' }}; then
205
            k8s_versions_to_run='main-scheduled.json'
206
          else
207
            k8s_versions_to_run='main-prs.json'
208
          fi
209


210
          # Generate a Matrix from all k8s versions defined in '${k8s_versions_to_run}'
211
          # combined with 'main-focus.yaml'.
212
          # Use 'main-k8s-versions.yaml' to
213
          # retrieve which kernel versions should be used for which k8s version.
214


215
          dir="/tmp/generated/ginkgo"
216
          cd ${dir}
217
          jq --argjson prs "$(jq '.["k8s-version"]' ${k8s_versions_to_run})" \
218
            --argfile focus main-focus.json \
219
            '.include |= map(select(.["k8s-version"] as $k | $prs[] | select($k == .))) + $focus.include |
220
            . + {"k8s-version": $prs} |
221
            .focus = $focus.focus | .exclude = $focus.exclude' \
222
            main-k8s-versions.json> /tmp/merged.json
223
          echo "Generated matrix:"
224
          cat /tmp/merged.json
225
          echo "matrix=$(jq -c . < /tmp/merged.json)" >> $GITHUB_OUTPUT
226


227
  setup-and-test:
228
    needs: [setup-vars, build-ginkgo-binary, generate-matrix, wait-for-images]
229
    runs-on:
230
      group: ginkgo-runners
231
    timeout-minutes: 35
232
    name: "E2E Test (${{ matrix.k8s-version }}, ${{matrix.focus}})"
233
    env:
234
      job_name: "E2E Test (${{ matrix.k8s-version }}, ${{matrix.focus}})"
235
    strategy:
236
      fail-fast: false
237
      max-parallel: 60
238
      matrix: ${{ fromJSON(needs.generate-matrix.outputs.matrix) }}
239


240
    steps:
241
      - name: Checkout context ref (trusted)
242
        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
243
        with:
244
          ref: ${{ inputs.context-ref || github.sha }}
245
          persist-credentials: false
246


247
      - name: Set Environment Variables
248
        uses: ./.github/actions/set-env-variables
249


250
      # Warning: since this is a privileged workflow, subsequent workflow job
251
      # steps must take care not to execute untrusted code.
252
      - name: Checkout pull request branch (NOT TRUSTED)
253
        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
254
        with:
255
          ref: ${{ inputs.SHA || github.sha }}
256
          persist-credentials: false
257


258
      - name: Install cilium-cli
259
        shell: bash
260
        run: |
261
          cid=$(docker create quay.io/cilium/cilium-cli-ci:latest ls)
262
          docker cp $cid:/usr/local/bin/cilium ./cilium-cli
263
          docker rm $cid
264


265
      - name: Install helm
266
        shell: bash
267
        run: |
268
          # renovate: datasource=github-releases depName=helm/helm
269
          HELM_VERSION=v3.13.1
270
          wget "https://get.helm.sh/helm-${HELM_VERSION}-linux-amd64.tar.gz"
271
          tar -xf "helm-${HELM_VERSION}-linux-amd64.tar.gz"
272
          mv ./linux-amd64/helm ./helm
273


274
      - name: Provision LVH VMs
275
        id: provision-vh-vms
276
        uses: cilium/little-vm-helper@9d758b756305e83718a51b792a5aeabd022a39ec # v0.0.16
277
        with:
278
          test-name: datapath-conformance
279
          install-dependencies: true
280
          image-version: ${{ matrix.kernel }}
281
          host-mount: ./
282
          cpu: 4
283
          mem: 12G
284
          cmd: |
285
            git config --global --add safe.directory /host
286
            mv /host/helm /usr/bin
287
            mv /host/cilium-cli /usr/bin
288


289
      - name: Provision kind
290
        timeout-minutes: 5
291
        uses: cilium/little-vm-helper@9d758b756305e83718a51b792a5aeabd022a39ec # v0.0.16
292
        with:
293
          provision: 'false'
294
          cmd: |
295
            cd /host/
296
            if [[ "${{ matrix.kernel }}" == bpf-next-* ]]; then
297
              ./contrib/scripts/kind.sh "" 2 "" "${{ matrix.kube-image }}" "none" "${{ matrix.ip-family }}"
298
              kubectl label node kind-worker2 cilium.io/ci-node=kind-worker2
299
              # Avoid re-labeling this node by setting "node-role.kubernetes.io/controlplane"
300
              kubectl label node kind-worker2 node-role.kubernetes.io/controlplane=
301
            else
302
              ./contrib/scripts/kind.sh "" 1 "" "${{ matrix.kube-image }}" "iptables" "${{ matrix.ip-family }}"
303
            fi
304
            # Some tests using demo-customcalls.yaml are mounting this directoy
305
            mkdir -p /home/vagrant/go/src/github.com/cilium
306
            ln -s /host /home/vagrant/go/src/github.com/cilium/cilium
307
            git config --add safe.directory /cilium
308


309
      # Load Ginkgo build from GitHub
310
      - name: Load ${{ matrix.name }} Ginkgo build from GitHub
311
        uses: actions/cache/restore@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
312
        id: cache
313
        with:
314
          path: /tmp/.ginkgo-build/
315
          key: ${{ runner.os }}-ginkgo-e2e-${{ hashFiles('**/*.go') }}
316


317
      # Re-build the tests if it was a cache miss.
318
      - name: Install Go
319
        if: ${{ steps.cache.outputs.cache-hit != 'true' }}
320
        uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
321
        with:
322
          # renovate: datasource=golang-version depName=go
323
          go-version: 1.22.0
324


325
      - name: Build Ginkgo
326
        if: ${{ steps.cache.outputs.cache-hit != 'true' }}
327
        shell: bash
328
        run: |
329
          go install github.com/onsi/ginkgo/ginkgo@v1.16.5
330
          mkdir -p /tmp/.ginkgo-build
331


332
      - name: Build Test
333
        if: ${{ steps.cache.outputs.cache-hit != 'true' }}
334
        shell: bash
335
        run: |
336
          cd test
337
          /home/runner/go/bin/ginkgo build
338
          strip test.test
339
          tar -cz test.test -f test.tgz
340


341
      - name: Store Ginkgo Test in GitHub cache path
342
        if: ${{ steps.cache.outputs.cache-hit != 'true' }}
343
        shell: bash
344
        run: |
345
          mkdir -p /tmp/.ginkgo-build/
346
          if [ -f test/test.tgz ]; then
347
            cp test/test.tgz /tmp/.ginkgo-build/
348
            echo "file copied"
349
          fi
350


351
      - name: Copy Ginkgo binary
352
        shell: bash
353
        run: |
354
          cd test/
355
          tar -xf /tmp/.ginkgo-build/test.tgz
356


357
      - name: Run tests
358
        id: run-tests
359
        timeout-minutes: 40
360
        uses: cilium/little-vm-helper@9d758b756305e83718a51b792a5aeabd022a39ec # v0.0.16
361
        with:
362
          provision: 'false'
363
          cmd: |
364
            cd /host/test/
365
            kubectl get ns -A -o wide
366
            kubectl get pods -A -o wide
367
            export K8S_NODES=2
368
            export NETNEXT=0
369
            if [[ "${{ matrix.kernel }}" == bpf-next-* ]]; then
370
               export KERNEL=net-next
371
               export NETNEXT=1
372
               export KUBEPROXY=0
373
               export K8S_NODES=3
374
               export NO_CILIUM_ON_NODES=kind-worker2
375
            elif [[ "${{ matrix.kernel }}" == 5.4-* ]]; then
376
               export KERNEL=54
377
            fi
378
            export K8S_VERSION=${{ matrix.k8s-version }}
379
            export CNI_INTEGRATION=kind
380
            export INTEGRATION_TESTS=true
381
            # GitHub actions do not support IPv6 connectivity to outside
382
            # world.
383
            export CILIUM_NO_IPV6_OUTSIDE=true
384
            echo "/root/go/bin/ginkgo \
385
             --focus=\"${{ matrix.cliFocus }}\" \
386
             --skip=\"${{ matrix.cliSkip }}\" \
387
             --seed=1679952881 \
388
             -v -- \
389
             -cilium.provision=false \
390
             -cilium.image=quay.io/${{ env.QUAY_ORGANIZATION_DEV }}/cilium-ci \
391
             -cilium.tag=${{ needs.setup-vars.outputs.SHA }}  \
392
             -cilium.operator-image=quay.io/${{ env.QUAY_ORGANIZATION_DEV }}/operator \
393
             -cilium.operator-tag=${{ needs.setup-vars.outputs.SHA }} \
394
             -cilium.hubble-relay-image=quay.io/${{ env.QUAY_ORGANIZATION_DEV }}/hubble-relay-ci \
395
             -cilium.hubble-relay-tag=${{ needs.setup-vars.outputs.SHA }} \
396
             -cilium.kubeconfig=/root/.kube/config \
397
             -cilium.provision-k8s=false \
398
             -cilium.operator-suffix=-ci"
399


400
              ./test.test \
401
               --ginkgo.focus="${{ matrix.cliFocus }}" \
402
               --ginkgo.skip="${{ matrix.cliSkip }}" \
403
               --ginkgo.seed=1679952881 \
404
               --ginkgo.v -- \
405
               -cilium.provision=false \
406
               -cilium.image=quay.io/${{ env.QUAY_ORGANIZATION_DEV }}/cilium-ci \
407
               -cilium.tag=${{ needs.setup-vars.outputs.SHA }}  \
408
               -cilium.operator-image=quay.io/${{ env.QUAY_ORGANIZATION_DEV }}/operator \
409
               -cilium.operator-tag=${{ needs.setup-vars.outputs.SHA }} \
410
               -cilium.hubble-relay-image=quay.io/${{ env.QUAY_ORGANIZATION_DEV }}/hubble-relay-ci \
411
               -cilium.hubble-relay-tag=${{ needs.setup-vars.outputs.SHA }} \
412
               -cilium.kubeconfig=/root/.kube/config \
413
               -cilium.provision-k8s=false \
414
               -cilium.operator-suffix=-ci
415


416
      - name: Fetch artifacts
417
        if: ${{ !success() && steps.provision-vh-vms.outcome == 'success' }}
418
        uses: cilium/little-vm-helper@9d758b756305e83718a51b792a5aeabd022a39ec # v0.0.16
419
        with:
420
          provision: 'false'
421
          cmd: |
422
            cd /host
423
            kubectl get pods --all-namespaces -o wide
424
            tar -zcf "test_results-${{ env.job_name }}.tar.gz" /host/test/test_results
425


426
      - name: Upload artifacts
427
        if: ${{ !success() }}
428
        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
429
        with:
430
          name: cilium-sysdumps-${{ matrix.k8s-version }}-${{matrix.focus}}
431
          path: |
432
            cilium-sysdump-*.zip
433
            bugtool-*.tar.gz
434
            test_results-*.tar.gz
435


436
      - name: Fetch JUnits
437
        if: ${{ always() && steps.run-tests.outcome != 'skipped' }}
438
        shell: bash
439
        run: |
440
          mkdir -p cilium-junits
441
          cd test/
442
          junit_filename="${{ env.job_name }}.xml"
443
          for filename in *.xml; do cp "${filename}" "../cilium-junits/${junit_filename}"; done;
444


445
      - name: Upload JUnits [junit]
446
        if: ${{ always() }}
447
        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
448
        with:
449
          name: cilium-junits-${{ matrix.k8s-version }}-${{matrix.focus}}
450
          path: cilium-junits/*.xml
451


452
      - name: Publish Test Results As GitHub Summary
453
        if: ${{ always() }}
454
        uses: aanm/junit2md@332ebf0fddd34e91b03a832cfafaa826306558f9 # v0.0.3
455
        with:
456
          junit-directory: "cilium-junits"
457


458
  merge-upload:
459
    if: ${{ always() }}
460
    name: Merge and Upload Artifacts
461
    runs-on: ubuntu-latest
462
    needs: setup-and-test
463
    steps:
464
      - name: Merge Sysdumps
465
        if: ${{ needs.setup-and-test.result == 'failure' }}
466
        uses: actions/upload-artifact/merge@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
467
        with:
468
          name: cilium-sysdumps
469
          pattern: cilium-sysdumps-*
470
          retention-days: 5
471
          delete-merged: true
472
        continue-on-error: true
473
      - name: Merge JUnits
474
        uses: actions/upload-artifact/merge@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
475
        with:
476
          name: cilium-junits
477
          pattern: cilium-junits-*
478
          retention-days: 5
479
          delete-merged: true
480


481
  commit-status-final:
482
    if: ${{ always() }}
483
    name: Commit Status Final
484
    needs: setup-and-test
485
    runs-on: ubuntu-latest
486
    steps:
487
      - name: Determine final commit status
488
        id: commit-status
489
        shell: bash
490
        run: |
491
          # When one of the prerequisites of setup-and-test fails, then that
492
          # job gets skipped. Let's convert the status so that we correctly
493
          # report that as a proper failure.
494
          if [ "${{ needs.setup-and-test.result }}" != "skipped" ]; then
495
            echo "status=${{ needs.setup-and-test.result }}" >> $GITHUB_OUTPUT
496
          else
497
            echo "status=failure" >> $GITHUB_OUTPUT
498
          fi
499


500
      - name: Set final commit status
501
        uses: myrotvorets/set-commit-status-action@38f3f27c7d52fb381273e95542f07f0fba301307 # v2.0.0
502
        with:
503
          sha: ${{ inputs.SHA || github.sha }}
504
          status: ${{ steps.commit-status.outputs.status }}
505

Использование cookies

Мы используем файлы cookie в соответствии с Политикой конфиденциальности и Политикой использования cookies.

Нажимая кнопку «Принимаю», Вы даете АО «СберТех» согласие на обработку Ваших персональных данных в целях совершенствования нашего веб-сайта и Сервиса GitVerse, а также повышения удобства их использования.

Запретить использование cookies Вы можете самостоятельно в настройках Вашего браузера.