release #194
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: push | |
| permissions: | |
| contents: read | |
| env: | |
| GH_ANNOTATION: true | |
| DOCKER_REGISTRY: ghcr.io/alpeb | |
| K3D_VERSION: v5.7.5 | |
| LINKERD2_PROXY_REPO: ${{ vars.LINKERD2_PROXY_REPO }} | |
| jobs: | |
| # TODO(ver) We should stop relying so heavily on the environment, | |
| # especially the TAG variable. And it would be great to stop relying | |
| # on the root-tag script altogether. | |
| tag: | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
| - run: echo "tag=$(CI_FORCE_CLEAN=1 bin/root-tag)" >> "$GITHUB_OUTPUT" | |
| id: tag | |
| outputs: | |
| tag: ${{ steps.tag.outputs.tag }} | |
| docker_build: | |
| name: Docker build | |
| needs: [tag] | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| id-token: write # needed for signing the images with GitHub OIDC Token | |
| strategy: | |
| matrix: | |
| component: | |
| - cli-bin | |
| - controller | |
| - policy-controller | |
| - debug | |
| - jaeger-webhook | |
| - metrics-api | |
| - proxy | |
| - tap | |
| - web | |
| # policy-controller docker builds have occasionally hit a 30-minute timeout. | |
| timeout-minutes: 45 | |
| steps: | |
| - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
| - name: Set tag | |
| run: echo 'TAG=${{ needs.tag.outputs.tag }}' >> "$GITHUB_ENV" | |
| - uses: ./.github/actions/docker-build | |
| id: build | |
| with: | |
| docker-registry: ${{ env.DOCKER_REGISTRY }} | |
| docker-target: multi-arch | |
| docker-push: 1 | |
| docker-ghcr-username: ${{ secrets.DOCKER_GHCR_USERNAME }} | |
| docker-ghcr-pat: ${{ secrets.DOCKER_GHCR_PAT }} | |
| component: ${{ matrix.component }} | |
| tag: ${{ needs.tag.outputs.tag }} | |
| env: | |
| LINKERD2_PROXY_GITHUB_TOKEN: ${{ secrets.LINKERD2_PROXY_GITHUB_TOKEN }} | |
| - uses: sigstore/cosign-installer@v3 | |
| - run: cosign sign '${{ steps.build.outputs.digest }}' | |
| env: | |
| COSIGN_YES: true | |
| - name: Create artifact with CLI | |
| # windows_static_cli_tests below needs this because it can't create linux containers | |
| # inside windows | |
| if: matrix.component == 'cli-bin' | |
| env: | |
| ARCHIVES: /home/runner/archives | |
| DOCKER_TARGET: windows | |
| run: | | |
| bin/docker-pull-binaries "$TAG" | |
| mkdir -p "$ARCHIVES" | |
| cp -r "$PWD/target/release/linkerd2-cli-$TAG-windows.exe" "$ARCHIVES/linkerd-windows.exe" | |
| # `with.path` values do not support environment variables yet, so an | |
| # absolute path is used here. | |
| # https://github.com/actions/upload-artifact/issues/8 | |
| - name: Upload artifact | |
| if: matrix.component == 'cli-bin' | |
| uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 | |
| with: | |
| name: image-archives-cli | |
| path: /home/runner/archives | |
| windows_static_cli_tests: | |
| name: Static CLI tests (windows) | |
| timeout-minutes: 30 | |
| runs-on: windows-latest | |
| needs: [docker_build] | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
| - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a | |
| with: | |
| go-version: "1.23" | |
| - name: Download image archives | |
| uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 | |
| with: | |
| name: image-archives-cli | |
| path: image-archives | |
| - name: Run CLI Integration tests | |
| run: go test --failfast --mod=readonly ".\test\cli" --linkerd="$PWD\image-archives\linkerd-windows.exe" --cli-tests -v | |
| integration_tests: | |
| name: Integration tests | |
| needs: [tag, docker_build] | |
| strategy: | |
| matrix: | |
| integration_test: | |
| - cluster-domain | |
| - cni-calico-deep | |
| - deep | |
| - viz | |
| - default-policy-deny | |
| - external | |
| - rsa-ca | |
| - helm-upgrade | |
| - uninstall | |
| - upgrade-edge | |
| timeout-minutes: 60 | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 | |
| - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a | |
| with: | |
| go-version: "1.23" | |
| - name: Set environment variables from scripts | |
| run: | | |
| TAG='${{ needs.tag.outputs.tag }}' | |
| CMD="$PWD/target/release/linkerd2-cli-$TAG-linux-amd64" | |
| echo "CMD=$CMD" >> "$GITHUB_ENV" | |
| echo "TAG=$TAG" >> "$GITHUB_ENV" | |
| - name: Run integration tests | |
| env: | |
| LINKERD_DOCKER_REGISTRY: ${{ env.DOCKER_REGISTRY }} | |
| run: | | |
| bin/docker-pull-binaries "$TAG" | |
| # Validate the CLI version matches the current build tag. | |
| [[ "$TAG" == "$($CMD version --short --client)" ]] | |
| bin/tests --images preload --name ${{ matrix.integration_test }} "$CMD" |