forked from linkerd/linkerd2
-
Notifications
You must be signed in to change notification settings - Fork 1
144 lines (137 loc) · 4.77 KB
/
release.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
name: Release
on: push
permissions:
contents: read
env:
GH_ANNOTATION: true
DOCKER_REGISTRY: ghcr.io/alpeb
K3D_VERSION: v5.7.5
LINKERD2_PROXY_REPO: ${{ vars.LINKERD2_PROXY_REPO }}
jobs:
# TODO(ver) We should stop relying so heavily on the environment,
# especially the TAG variable. And it would be great to stop relying
# on the root-tag script altogether.
tag:
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- run: echo "tag=$(CI_FORCE_CLEAN=1 bin/root-tag)" >> "$GITHUB_OUTPUT"
id: tag
outputs:
tag: ${{ steps.tag.outputs.tag }}
docker_build:
name: Docker build
needs: [tag]
runs-on: ubuntu-22.04
permissions:
id-token: write # needed for signing the images with GitHub OIDC Token
strategy:
matrix:
component:
- cli-bin
- controller
- policy-controller
- debug
- jaeger-webhook
- metrics-api
- proxy
- tap
- web
# policy-controller docker builds have occasionally hit a 30-minute timeout.
timeout-minutes: 45
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- name: Set tag
run: echo 'TAG=${{ needs.tag.outputs.tag }}' >> "$GITHUB_ENV"
- uses: ./.github/actions/docker-build
id: build
with:
docker-registry: ${{ env.DOCKER_REGISTRY }}
docker-target: multi-arch
docker-push: 1
docker-ghcr-username: ${{ secrets.DOCKER_GHCR_USERNAME }}
docker-ghcr-pat: ${{ secrets.DOCKER_GHCR_PAT }}
component: ${{ matrix.component }}
tag: ${{ needs.tag.outputs.tag }}
env:
LINKERD2_PROXY_GITHUB_TOKEN: ${{ secrets.LINKERD2_PROXY_GITHUB_TOKEN }}
- uses: sigstore/cosign-installer@v3
- run: cosign sign '${{ steps.build.outputs.digest }}'
env:
COSIGN_YES: true
- name: Create artifact with CLI
# windows_static_cli_tests below needs this because it can't create linux containers
# inside windows
if: matrix.component == 'cli-bin'
env:
ARCHIVES: /home/runner/archives
DOCKER_TARGET: windows
run: |
bin/docker-pull-binaries "$TAG"
mkdir -p "$ARCHIVES"
cp -r "$PWD/target/release/linkerd2-cli-$TAG-windows.exe" "$ARCHIVES/linkerd-windows.exe"
# `with.path` values do not support environment variables yet, so an
# absolute path is used here.
# https://github.com/actions/upload-artifact/issues/8
- name: Upload artifact
if: matrix.component == 'cli-bin'
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
with:
name: image-archives-cli
path: /home/runner/archives
windows_static_cli_tests:
name: Static CLI tests (windows)
timeout-minutes: 30
runs-on: windows-latest
needs: [docker_build]
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a
with:
go-version: "1.23"
- name: Download image archives
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16
with:
name: image-archives-cli
path: image-archives
- name: Run CLI Integration tests
run: go test --failfast --mod=readonly ".\test\cli" --linkerd="$PWD\image-archives\linkerd-windows.exe" --cli-tests -v
integration_tests:
name: Integration tests
needs: [tag, docker_build]
strategy:
matrix:
integration_test:
- cluster-domain
- cni-calico-deep
- deep
- viz
- default-policy-deny
- external
- rsa-ca
- helm-upgrade
- uninstall
- upgrade-edge
timeout-minutes: 60
runs-on: ubuntu-22.04
steps:
- name: Checkout code
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
- uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a
with:
go-version: "1.23"
- name: Set environment variables from scripts
run: |
TAG='${{ needs.tag.outputs.tag }}'
CMD="$PWD/target/release/linkerd2-cli-$TAG-linux-amd64"
echo "CMD=$CMD" >> "$GITHUB_ENV"
echo "TAG=$TAG" >> "$GITHUB_ENV"
- name: Run integration tests
env:
LINKERD_DOCKER_REGISTRY: ${{ env.DOCKER_REGISTRY }}
run: |
bin/docker-pull-binaries "$TAG"
# Validate the CLI version matches the current build tag.
[[ "$TAG" == "$($CMD version --short --client)" ]]
bin/tests --images preload --name ${{ matrix.integration_test }} "$CMD"