1
name: "build-test-distribute"
4
branches: ["master", "release-*", "!*-merge-master"]
7
branches: ["master", "release-*"]
9
group: ${{ github.head_ref || github.run_id }}
10
cancel-in-progress: true
14
# This is automatically managed by CI
15
K8S_MIN_VERSION: v1.23.17-k3s1
16
K8S_MAX_VERSION: v1.29.1-k3s2
17
GH_OWNER: ${{ github.repository_owner }}
19
CI_TOOLS_DIR: /home/runner/work/kuma/kuma/.ci_tools
20
GH_USER: "github-actions[bot]"
21
GH_EMAIL: "<41898282+github-actions[bot]@users.noreply.github.com>"
26
runs-on: ubuntu-latest
28
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
31
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
33
go-version-file: go.mod
35
- uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
38
${{ env.CI_TOOLS_DIR }}
39
key: ${{ runner.os }}-${{ runner.arch }}-devtools-${{ hashFiles('mk/dependencies/deps.lock') }}
41
${{ runner.os }}-${{ runner.arch }}-devtools
44
- uses: golangci/golangci-lint-action@3cfe3a4abbb849e10058ce4af15d205b6da42804 # v4.0.0
46
args: --fix=false --verbose
55
runs-on: ubuntu-latest
56
if: ${{ ! contains(github.event.pull_request.labels.*.name, 'ci/skip-test') }}
58
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
61
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
63
go-version-file: go.mod
64
- uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
67
${{ env.CI_TOOLS_DIR }}
68
key: ${{ runner.os }}-${{ runner.arch }}-devtools-${{ hashFiles('mk/dependencies/deps.lock') }}
70
${{ runner.os }}-${{ runner.arch }}-devtools
77
needs: ["check", "test", "test_e2e", "test_e2e_env"]
79
runs-on: ubuntu-latest
81
- name: "Halt due to previous failures"
82
if: ${{ contains(needs.*.result, 'failure')|| contains(needs.*.result, 'cancelled') }}
85
# for some reason, GH Action will always trigger a downstream job even if there are errors in an dependent job
86
# so we manually check it here. An example could be found here: https://github.com/kumahq/kuma/actions/runs/7044980149
87
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
90
- name: "Maybe set full matrix"
91
if: github.event_name == 'push' || contains(github.event.pull_request.labels.*.name, 'ci/run-full-matrix')
92
id: set-full-matrix-switches
94
echo 'ENABLED_GOARCHES=arm64 amd64' >> $GITHUB_ENV
95
echo 'ENABLED_GOOSES=linux darwin' >> $GITHUB_ENV
96
- name: "Add matrix to .run-full-matrix for cache"
98
echo '${ENABLED_GOARCHES}|${ENABLED_GOOSES}' > .run-full-matrix
99
- name: "Maybe set flag to push build artifacts"
100
if: github.event_name == 'push' || contains(github.event.pull_request.labels.*.name, 'ci/force-publish')
102
echo 'ALLOW_PUSH=true' >> $GITHUB_ENV
103
- name: Install dependencies for cross builds
105
sudo apt-get update; sudo apt-get install -y qemu-user-static binfmt-support
106
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
108
go-version-file: go.mod
109
cache-dependency-path: |
112
- uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
115
${{ env.CI_TOOLS_DIR }}
116
key: ${{ runner.os }}-${{ runner.arch }}-devtools-${{ hashFiles('mk/dependencies/deps.lock') }}
118
${{ runner.os }}-${{ runner.arch }}-devtools
119
- name: Free up disk space for the Runner
121
echo "Disk usage before cleanup"
123
echo "Removing big directories"
124
sudo rm -rf /usr/share/dotnet /usr/local/lib/android /opt/ghc
125
echo "Removing images"
126
docker system prune --all -f
127
echo "Disk usage after cleanup"
132
make -j build/distributions
137
- name: Run container structure test
138
if: ${{ !contains(github.event.pull_request.labels.*.name, 'ci/skip-container-structure-test') && !contains(github.event.pull_request.labels.*.name, 'ci/skip-test') }}
140
make test/container-structure
141
- name: Inspect created tars
143
for i in build/distributions/out/*.tar.gz; do echo $i; tar -tvf $i; done
144
- name: Publish distributions to Pulp
146
PULP_USERNAME: ${{ vars.PULP_USERNAME }}
147
PULP_PASSWORD: ${{ secrets.PULP_PASSWORD }}
148
CLOUDSMITH_API_KEY: ${{ secrets.CLOUDSMITH_API_KEY }}
151
- name: Publish images
153
DOCKER_API_KEY: ${{ secrets.DOCKER_API_KEY }}
154
DOCKER_USERNAME: ${{ vars.DOCKER_USERNAME }}
157
# ensure we always logout
164
- name: package-helm-chart
167
HELM_DEV: ${{ !startsWith(github.event.ref, 'refs/tags/') }}
169
make helm/update-version
171
git config user.name "${GH_USER}"
172
git config user.email "${GH_EMAIL}"
173
git add -u deployments/charts
174
# This commit never ends up in the repo
175
git commit --allow-empty -m "ci(helm): update versions"
176
# To get an idea of what's in the commit to debug
180
PKG_FILENAME=$(find .cr-release-packages -type f -printf "%f\n")
181
echo "filename=${PKG_FILENAME}" >> $GITHUB_OUTPUT
182
- name: Upload packaged chart
183
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
185
name: ${{ steps.package-helm.outputs.filename }}
186
path: .cr-release-packages/${{ steps.package-helm.outputs.filename }}
187
retention-days: ${{ github.event_name == 'pull_request' && 1 || 30 }}
188
# Everything from here is only running on releases.
189
# Ideally we'd finish the workflow early, but this isn't possible: https://github.com/actions/runner/issues/662
190
- name: Generate GitHub app token
192
if: ${{ startsWith(github.event.ref, 'refs/tags/') }}
193
uses: actions/create-github-app-token@f4c6bf6752984b3a29fcc135a5e70eb792c40c6b # v1.8.0
195
app-id: ${{ secrets.APP_ID }}
196
private-key: ${{ secrets.APP_PRIVATE_KEY }}
197
owner: ${{ github.repository_owner }}
198
repositories: ${{ env.GH_REPO }}
199
- name: Release chart
200
if: ${{ startsWith(github.event.ref, 'refs/tags/') }}
203
GH_TOKEN: ${{ steps.github-app-token.outputs.token }}
204
run: make helm/release
207
runs-on: ubuntu-latest
208
if: ${{ !contains(github.event.pull_request.labels.*.name, 'ci/skip-test') && !contains(github.event.pull_request.labels.*.name, 'ci/skip-e2e-test') }}
210
matrix: ${{ steps.generate-matrix.outputs.matrix }}
212
- id: generate-matrix
213
name: Generate matrix
215
RUN_FULL_MATRIX: ${{ github.event_name == 'push' || contains(github.event.pull_request.labels.*.name, 'ci/run-full-matrix') }}
220
"k8sVersion": ["kindIpv6", "${{ env.K8S_MIN_VERSION }}", "${{ env.K8S_MAX_VERSION }}"],
223
"cniNetworkPlugin": ["flannel"],
224
"sidecarContainers": [""]
227
"target": ["kubernetes", "universal", "multizone"],
228
"k8sVersion": ["kind", "kindIpv6", "${{ env.K8S_MIN_VERSION }}", "${{ env.K8S_MAX_VERSION }}"],
231
"cniNetworkPlugin": ["flannel"],
232
"sidecarContainers": [""],
234
{"target": "kubernetes", "k8sVersion":"kind"},
235
{"target": "multizone", "k8sVersion":"kind"},
236
{"target":"universal", "k8sVersion":"${{ env.K8S_MIN_VERSION }}"},
237
{"target":"universal", "k8sVersion":"${{ env.K8S_MAX_VERSION }}"}
240
{"sidecarContainers": "sidecarContainers", "k8sVersion": "${{ env.K8S_MAX_VERSION }}", "target": "kubernetes", "arch": "amd64"},
241
{"k8sVersion": "${{ env.K8S_MAX_VERSION }}", "target": "multizone", "arch": "arm64"},
242
{"k8sVersion": "${{ env.K8S_MAX_VERSION }}", "target": "kubernetes", "arch": "arm64"},
243
{"k8sVersion": "${{ env.K8S_MAX_VERSION }}", "target": "universal", "arch": "arm64"},
244
{"k8sVersion": "${{ env.K8S_MAX_VERSION }}", "target": "gatewayapi", "arch": "amd64"},
245
{"cniNetworkPlugin": "calico", "k8sVersion": "${{ env.K8S_MAX_VERSION }}", "target": "multizone", "arch": "amd64"}
249
# You can modify the include to run one of test suites on PRs (though you'd need to then remove it)
252
| .test_e2e_env.include = []
253
| .test_e2e_env.exclude += [{"arch": "arm64"}, {"k8sVersion": "kindIpv6"}, {"k8sVersion": "${{ env.K8S_MIN_VERSION}}"}]
255
BASE_MATRIX_ALL='${{ env.BASE_MATRIX }}'
256
if [[ "${{ env.RUN_FULL_MATRIX }}" != "true" ]]; then
257
BASE_MATRIX_ALL=$(echo $BASE_MATRIX_ALL | jq -r '${{ env.OVERRIDE_JQ_CMD }}')
260
echo "final matrix: $BASE_MATRIX_ALL"
261
echo "matrix<<EOF" >> $GITHUB_OUTPUT
262
echo "$BASE_MATRIX_ALL" >> $GITHUB_OUTPUT
263
echo "EOF" >> $GITHUB_OUTPUT
265
needs: ["gen_e2e_matrix"]
266
if: fromJSON(needs.gen_e2e_matrix.outputs.matrix).test_e2e
268
matrix: ${{ fromJSON(needs.gen_e2e_matrix.outputs.matrix).test_e2e }}
270
uses: ./.github/workflows/e2e.yaml
272
matrix: ${{ toJSON(matrix) }}
274
circleCIToken: ${{ secrets.CIRCLECI_TOKEN }}
276
needs: ["gen_e2e_matrix"]
277
if: fromJSON(needs.gen_e2e_matrix.outputs.matrix).test_e2e_env
279
matrix: ${{ fromJSON(needs.gen_e2e_matrix.outputs.matrix).test_e2e_env }}
281
uses: ./.github/workflows/e2e.yaml
283
matrix: ${{ toJSON(matrix) }}
285
circleCIToken: ${{ secrets.CIRCLECI_TOKEN }}