kuma

build-test-distribute.yaml
285 строк · 11.7 Кб
Перенос по словам
1
name: "build-test-distribute"
2
on:
3
  push:
4
    branches: ["master", "release-*", "!*-merge-master"]
5
    tags: ["*"]
6
  pull_request:
7
    branches: ["master", "release-*"]
8
concurrency:
9
  group: ${{ github.head_ref || github.run_id }}
10
  cancel-in-progress: true
11
permissions:
12
  contents: read
13
env:
14
  # This is automatically managed by CI
15
  K8S_MIN_VERSION: v1.23.17-k3s1
16
  K8S_MAX_VERSION: v1.29.1-k3s2
17
  GH_OWNER: ${{ github.repository_owner }}
18
  KUMA_DIR: "."
19
  CI_TOOLS_DIR: /home/runner/work/kuma/kuma/.ci_tools
20
  GH_USER: "github-actions[bot]"
21
  GH_EMAIL: "<41898282+github-actions[bot]@users.noreply.github.com>"
22
  GH_REPO: "charts"
23
jobs:
24
  check:
25
    timeout-minutes: 10
26
    runs-on: ubuntu-latest
27
    steps:
28
      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
29
        with:
30
          fetch-depth: 0
31
      - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
32
        with:
33
          go-version-file: go.mod
34
          cache: false
35
      - uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
36
        with:
37
          path: |
38
            ${{ env.CI_TOOLS_DIR }}
39
          key: ${{ runner.os }}-${{ runner.arch }}-devtools-${{ hashFiles('mk/dependencies/deps.lock') }}
40
          restore-keys: |
41
            ${{ runner.os }}-${{ runner.arch }}-devtools
42
      - run: |
43
          make dev/tools
44
      - uses: golangci/golangci-lint-action@3cfe3a4abbb849e10058ce4af15d205b6da42804 # v4.0.0
45
        with:
46
          args: --fix=false --verbose
47
          version: v1.56.1
48
          skip-pkg-cache: true
49
      - run: |
50
          make clean
51
      - run: |
52
          make check
53
  test:
54
    timeout-minutes: 20
55
    runs-on: ubuntu-latest
56
    if: ${{ ! contains(github.event.pull_request.labels.*.name, 'ci/skip-test') }}
57
    steps:
58
      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
59
        with:
60
          fetch-depth: 0
61
      - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
62
        with:
63
          go-version-file: go.mod
64
      - uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
65
        with:
66
          path: |
67
            ${{ env.CI_TOOLS_DIR }}
68
          key: ${{ runner.os }}-${{ runner.arch }}-devtools-${{ hashFiles('mk/dependencies/deps.lock') }}
69
          restore-keys: |
70
            ${{ runner.os }}-${{ runner.arch }}-devtools
71
      - run: |
72
          make dev/tools
73
      - run: |
74
          make test
75
  distributions:
76
    timeout-minutes: 40
77
    needs: ["check", "test", "test_e2e", "test_e2e_env"]
78
    if: ${{ always() }}
79
    runs-on: ubuntu-latest
80
    steps:
81
      - name: "Halt due to previous failures"
82
        if: ${{ contains(needs.*.result, 'failure')|| contains(needs.*.result, 'cancelled') }}
83
        run: |
84
          exit 1
85
          # for some reason, GH Action will always trigger a downstream job even if there are errors in an dependent job
86
          # so we manually check it here. An example could be found here: https://github.com/kumahq/kuma/actions/runs/7044980149
87
      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
88
        with:
89
          fetch-depth: 0
90
      - name: "Maybe set full matrix"
91
        if: github.event_name == 'push' || contains(github.event.pull_request.labels.*.name, 'ci/run-full-matrix')
92
        id: set-full-matrix-switches
93
        run: |
94
          echo 'ENABLED_GOARCHES=arm64 amd64' >> $GITHUB_ENV
95
          echo 'ENABLED_GOOSES=linux darwin' >> $GITHUB_ENV
96
      - name: "Add matrix to .run-full-matrix for cache"
97
        run: |
98
          echo '${ENABLED_GOARCHES}|${ENABLED_GOOSES}' > .run-full-matrix
99
      - name: "Maybe set flag to push build artifacts"
100
        if: github.event_name == 'push' || contains(github.event.pull_request.labels.*.name, 'ci/force-publish')
101
        run: |
102
          echo 'ALLOW_PUSH=true' >> $GITHUB_ENV
103
      - name: Install dependencies for cross builds
104
        run: |
105
          sudo apt-get update; sudo apt-get install -y qemu-user-static binfmt-support
106
      - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
107
        with:
108
          go-version-file: go.mod
109
          cache-dependency-path: |
110
            .run-full-matrix
111
            go.sum
112
      - uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
113
        with:
114
          path: |
115
            ${{ env.CI_TOOLS_DIR }}
116
          key: ${{ runner.os }}-${{ runner.arch }}-devtools-${{ hashFiles('mk/dependencies/deps.lock') }}
117
          restore-keys: |
118
            ${{ runner.os }}-${{ runner.arch }}-devtools
119
      - name: Free up disk space for the Runner
120
        run: |
121
          echo "Disk usage before cleanup"
122
          sudo df -h
123
          echo "Removing big directories"
124
          sudo rm -rf /usr/share/dotnet /usr/local/lib/android /opt/ghc
125
          echo "Removing images"
126
          docker system prune --all -f
127
          echo "Disk usage after cleanup"
128
          sudo df -h
129
      - run: |
130
          make build
131
      - run: |
132
          make -j build/distributions
133
      - run: |
134
          make -j images
135
      - run: |
136
          make -j docker/save
137
      - name: Run container structure test
138
        if: ${{ !contains(github.event.pull_request.labels.*.name, 'ci/skip-container-structure-test') && !contains(github.event.pull_request.labels.*.name, 'ci/skip-test') }}
139
        run: |
140
          make test/container-structure
141
      - name: Inspect created tars
142
        run: |
143
          for i in build/distributions/out/*.tar.gz; do echo $i; tar -tvf $i; done
144
      - name: Publish distributions to Pulp
145
        env:
146
          PULP_USERNAME: ${{ vars.PULP_USERNAME }}
147
          PULP_PASSWORD: ${{ secrets.PULP_PASSWORD }}
148
          CLOUDSMITH_API_KEY: ${{ secrets.CLOUDSMITH_API_KEY }}
149
        run: |
150
          make publish/pulp
151
      - name: Publish images
152
        env:
153
          DOCKER_API_KEY: ${{ secrets.DOCKER_API_KEY }}
154
          DOCKER_USERNAME: ${{ vars.DOCKER_USERNAME }}
155
        run: |-
156
          make docker/login
157
          # ensure we always logout
158
          function on_exit() {
159
            make docker/logout
160
          }
161
          trap on_exit EXIT
162
          make docker/push
163
          make docker/manifest
164
      - name: package-helm-chart
165
        id: package-helm
166
        env:
167
          HELM_DEV: ${{ !startsWith(github.event.ref, 'refs/tags/') }}
168
        run: |
169
          make helm/update-version
170

171
          git config user.name "${GH_USER}"
172
          git config user.email "${GH_EMAIL}"
173
          git add -u deployments/charts
174
          # This commit never ends up in the repo
175
          git commit --allow-empty -m "ci(helm): update versions"
176
          # To get an idea of what's in the commit to debug
177
          git show
178

179
          make helm/package
180
          PKG_FILENAME=$(find .cr-release-packages -type f -printf "%f\n")
181
          echo "filename=${PKG_FILENAME}" >> $GITHUB_OUTPUT
182
      - name: Upload packaged chart
183
        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
184
        with:
185
          name: ${{ steps.package-helm.outputs.filename }}
186
          path: .cr-release-packages/${{ steps.package-helm.outputs.filename }}
187
          retention-days: ${{ github.event_name == 'pull_request' && 1 || 30 }}
188
      # Everything from here is only running on releases.
189
      # Ideally we'd finish the workflow early, but this isn't possible: https://github.com/actions/runner/issues/662
190
      - name: Generate GitHub app token
191
        id: github-app-token
192
        if: ${{ startsWith(github.event.ref, 'refs/tags/') }}
193
        uses: actions/create-github-app-token@f4c6bf6752984b3a29fcc135a5e70eb792c40c6b # v1.8.0
194
        with:
195
          app-id: ${{ secrets.APP_ID }}
196
          private-key: ${{ secrets.APP_PRIVATE_KEY }}
197
          owner: ${{ github.repository_owner }}
198
          repositories: ${{ env.GH_REPO }}
199
      - name: Release chart
200
        if: ${{ startsWith(github.event.ref, 'refs/tags/') }}
201
        env:
202
          GITHUB_APP: "true"
203
          GH_TOKEN: ${{ steps.github-app-token.outputs.token }}
204
        run: make helm/release
205
  gen_e2e_matrix:
206
    timeout-minutes: 2
207
    runs-on: ubuntu-latest
208
    if: ${{ !contains(github.event.pull_request.labels.*.name, 'ci/skip-test') && !contains(github.event.pull_request.labels.*.name, 'ci/skip-e2e-test') }}
209
    outputs:
210
      matrix: ${{ steps.generate-matrix.outputs.matrix }}
211
    steps:
212
      - id: generate-matrix
213
        name: Generate matrix
214
        env:
215
          RUN_FULL_MATRIX: ${{ github.event_name == 'push' || contains(github.event.pull_request.labels.*.name, 'ci/run-full-matrix') }}
216
          BASE_MATRIX: |-
217
            {
218
              "test_e2e": {
219
                "target": [""],
220
                "k8sVersion": ["kindIpv6", "${{ env.K8S_MIN_VERSION }}", "${{ env.K8S_MAX_VERSION }}"],
221
                "arch": ["amd64"],
222
                "parallelism": [4],
223
                "cniNetworkPlugin": ["flannel"],
224
                "sidecarContainers": [""]
225
              },
226
              "test_e2e_env": {
227
                "target": ["kubernetes", "universal", "multizone"],
228
                "k8sVersion": ["kind", "kindIpv6", "${{ env.K8S_MIN_VERSION }}", "${{ env.K8S_MAX_VERSION }}"],
229
                "arch": ["amd64"],
230
                "parallelism": [1],
231
                "cniNetworkPlugin": ["flannel"],
232
                "sidecarContainers": [""],
233
                "exclude":[
234
                  {"target": "kubernetes", "k8sVersion":"kind"},
235
                  {"target": "multizone", "k8sVersion":"kind"},
236
                  {"target":"universal", "k8sVersion":"${{ env.K8S_MIN_VERSION }}"},
237
                  {"target":"universal", "k8sVersion":"${{ env.K8S_MAX_VERSION }}"}
238
                ],
239
                "include":[
240
                  {"sidecarContainers": "sidecarContainers", "k8sVersion": "${{ env.K8S_MAX_VERSION }}", "target": "kubernetes", "arch": "amd64"},
241
                  {"k8sVersion": "${{ env.K8S_MAX_VERSION }}", "target": "multizone", "arch": "arm64"},
242
                  {"k8sVersion": "${{ env.K8S_MAX_VERSION }}", "target": "kubernetes", "arch": "arm64"},
243
                  {"k8sVersion": "${{ env.K8S_MAX_VERSION }}", "target": "universal", "arch": "arm64"},
244
                  {"k8sVersion": "${{ env.K8S_MAX_VERSION }}", "target": "gatewayapi", "arch": "amd64"},
245
                  {"cniNetworkPlugin": "calico", "k8sVersion": "${{ env.K8S_MAX_VERSION }}", "target": "multizone", "arch": "amd64"}
246
                ]
247
              }
248
            }
249
          # You can modify the include to run one of test suites on PRs (though you'd need to then remove it)
250
          OVERRIDE_JQ_CMD: |-
251
            .test_e2e = false
252
            | .test_e2e_env.include = []
253
            | .test_e2e_env.exclude += [{"arch": "arm64"}, {"k8sVersion": "kindIpv6"}, {"k8sVersion": "${{ env.K8S_MIN_VERSION}}"}]
254
        run: |-
255
          BASE_MATRIX_ALL='${{ env.BASE_MATRIX }}'
256
          if [[ "${{ env.RUN_FULL_MATRIX }}" != "true" ]]; then
257
            BASE_MATRIX_ALL=$(echo $BASE_MATRIX_ALL | jq -r '${{ env.OVERRIDE_JQ_CMD }}')
258
          fi
259

260
          echo "final matrix: $BASE_MATRIX_ALL"
261
          echo "matrix<<EOF" >> $GITHUB_OUTPUT
262
          echo "$BASE_MATRIX_ALL" >> $GITHUB_OUTPUT
263
          echo "EOF" >> $GITHUB_OUTPUT
264
  test_e2e:
265
    needs: ["gen_e2e_matrix"]
266
    if: fromJSON(needs.gen_e2e_matrix.outputs.matrix).test_e2e
267
    strategy:
268
      matrix: ${{ fromJSON(needs.gen_e2e_matrix.outputs.matrix).test_e2e }}
269
      fail-fast: false
270
    uses: ./.github/workflows/e2e.yaml
271
    with:
272
      matrix: ${{ toJSON(matrix) }}
273
    secrets:
274
      circleCIToken: ${{ secrets.CIRCLECI_TOKEN }}
275
  test_e2e_env:
276
    needs: ["gen_e2e_matrix"]
277
    if: fromJSON(needs.gen_e2e_matrix.outputs.matrix).test_e2e_env
278
    strategy:
279
      matrix: ${{ fromJSON(needs.gen_e2e_matrix.outputs.matrix).test_e2e_env }}
280
      fail-fast: false
281
    uses: ./.github/workflows/e2e.yaml
282
    with:
283
      matrix: ${{ toJSON(matrix) }}
284
    secrets:
285
      circleCIToken: ${{ secrets.CIRCLECI_TOKEN }}
286
kuma

Использование cookies
