Fix K8s NetworkPolicy Deny All Audit Logging #34278
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Kind | |
on: | |
pull_request: | |
branches: | |
- main | |
- release-* | |
- feature/* | |
push: | |
branches: | |
- main | |
- release-* | |
- feature/* | |
jobs: | |
check-changes: | |
name: Check whether tests need to be run based on diff | |
runs-on: [ubuntu-latest] | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
show-progress: false | |
- uses: antrea-io/has-changes@v2 | |
id: check_diff | |
with: | |
paths-ignore: docs/* ci/jenkins/* *.md hack/.notableofcontents plugins/* | |
outputs: | |
has_changes: ${{ steps.check_diff.outputs.has_changes }} | |
build-antrea-coverage-image: | |
name: Build Antrea image to be used for Kind e2e tests | |
needs: check-changes | |
if: ${{ needs.check-changes.outputs.has_changes == 'yes' }} | |
runs-on: [ubuntu-latest] | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
show-progress: false | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
with: | |
driver: docker | |
- name: Build Antrea Docker image with code coverage support | |
run: | | |
./hack/build-antrea-linux-all.sh --pull --coverage | |
- name: Save Antrea image to tarball | |
run: docker save -o antrea-ubuntu.tar antrea/antrea-agent-ubuntu-coverage:latest antrea/antrea-controller-ubuntu-coverage:latest | |
- name: Upload Antrea image for subsequent jobs | |
uses: actions/upload-artifact@v4 | |
with: | |
name: antrea-ubuntu-cov | |
path: antrea-ubuntu.tar | |
retention-days: 1 # minimum value, in case artifact deletion by 'artifact-cleanup' job fails | |
build-flow-aggregator-coverage-image: | |
name: Build Flow Aggregator image to be used for Kind e2e tests | |
needs: check-changes | |
if: ${{ needs.check-changes.outputs.has_changes == 'yes' }} | |
runs-on: [ ubuntu-latest ] | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
show-progress: false | |
- run: make flow-aggregator-ubuntu-coverage | |
- name: Save Flow Aggregator image to tarball | |
run: docker save -o flow-aggregator.tar antrea/flow-aggregator-coverage:latest | |
- name: Upload Flow Aggregator image for subsequent jobs | |
uses: actions/upload-artifact@v4 | |
with: | |
name: flow-aggregator-cov | |
path: flow-aggregator.tar | |
retention-days: 1 # minimum value, in case artifact deletion by 'artifact-cleanup' job fails | |
test-e2e-encap: | |
name: E2e tests on a Kind cluster on Linux | |
needs: [build-antrea-coverage-image] | |
runs-on: [ubuntu-latest] | |
steps: | |
- name: Free disk space | |
# https://github.com/actions/virtual-environments/issues/709 | |
run: | | |
sudo apt-get clean | |
df -h | |
- uses: actions/checkout@v4 | |
with: | |
show-progress: false | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: 'go.mod' | |
- name: Download Antrea image from previous job | |
uses: actions/download-artifact@v4 | |
with: | |
name: antrea-ubuntu-cov | |
- name: Load Antrea image | |
run: | | |
docker load -i antrea-ubuntu.tar | |
- name: Install Kind | |
run: | | |
KIND_VERSION=$(head -n1 ./ci/kind/version) | |
curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 | |
chmod +x ./kind | |
sudo mv kind /usr/local/bin | |
- name: Run e2e tests | |
run: | | |
mkdir log | |
mkdir test-e2e-encap-coverage | |
ANTREA_LOG_DIR=$PWD/log ANTREA_COV_DIR=$PWD/test-e2e-encap-coverage ./ci/kind/test-e2e-kind.sh --encap-mode encap --coverage | |
- name: Tar coverage files | |
run: tar -czf test-e2e-encap-coverage.tar.gz test-e2e-encap-coverage | |
- name: Upload coverage for test-e2e-encap-coverage | |
uses: actions/upload-artifact@v4 | |
with: | |
name: test-e2e-encap-coverage | |
path: test-e2e-encap-coverage.tar.gz | |
retention-days: 30 | |
- name: Codecov | |
uses: codecov/codecov-action@v5 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
files: '*.cov.out*' | |
disable_search: true | |
flags: kind-e2e-tests | |
name: codecov-test-e2e-encap | |
directory: test-e2e-encap-coverage | |
fail_ci_if_error: ${{ github.event_name == 'push' }} | |
- name: Tar log files | |
if: ${{ failure() }} | |
run: tar -czf log.tar.gz log | |
- name: Upload test log | |
uses: actions/upload-artifact@v4 | |
if: ${{ failure() }} | |
with: | |
name: e2e-kind-encap.tar.gz | |
path: log.tar.gz | |
retention-days: 30 | |
test-e2e-encap-non-default: | |
name: E2e tests on a Kind cluster on Linux with non default values (proxyAll=true, LoadBalancerMode=DSR, NodeIPAM=true) | |
needs: [build-antrea-coverage-image] | |
runs-on: [ubuntu-latest] | |
steps: | |
- name: Free disk space | |
# https://github.com/actions/virtual-environments/issues/709 | |
run: | | |
sudo apt-get clean | |
df -h | |
- uses: actions/checkout@v4 | |
with: | |
show-progress: false | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: 'go.mod' | |
- name: Download Antrea image from previous job | |
uses: actions/download-artifact@v4 | |
with: | |
name: antrea-ubuntu-cov | |
- name: Load Antrea image | |
run: | | |
docker load -i antrea-ubuntu.tar | |
- name: Install Kind | |
run: | | |
KIND_VERSION=$(head -n1 ./ci/kind/version) | |
curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 | |
chmod +x ./kind | |
sudo mv kind /usr/local/bin | |
- name: Run e2e tests | |
run: | | |
mkdir log | |
mkdir test-e2e-encap-non-default-coverage | |
ANTREA_LOG_DIR=$PWD/log ANTREA_COV_DIR=$PWD/test-e2e-encap-non-default-coverage ./ci/kind/test-e2e-kind.sh \ | |
--coverage \ | |
--encap-mode encap \ | |
--proxy-all \ | |
--no-kube-proxy \ | |
--feature-gates LoadBalancerModeDSR=true \ | |
--load-balancer-mode dsr \ | |
--node-ipam | |
- name: Tar coverage files | |
run: tar -czf test-e2e-encap-non-default-coverage.tar.gz test-e2e-encap-non-default-coverage | |
- name: Upload coverage for test-e2e-encap-non-default-coverage | |
uses: actions/upload-artifact@v4 | |
with: | |
name: test-e2e-encap-non-default-coverage | |
path: test-e2e-encap-non-default-coverage.tar.gz | |
retention-days: 30 | |
- name: Codecov | |
uses: codecov/codecov-action@v5 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
files: '*.cov.out*' | |
disable_search: true | |
flags: kind-e2e-tests | |
name: codecov-test-e2e-encap-non-default | |
directory: test-e2e-encap-non-default-coverage | |
fail_ci_if_error: ${{ github.event_name == 'push' }} | |
- name: Tar log files | |
if: ${{ failure() }} | |
run: tar -czf log.tar.gz log | |
- name: Upload test log | |
uses: actions/upload-artifact@v4 | |
if: ${{ failure() }} | |
with: | |
name: e2e-kind-encap-non-default.tar.gz | |
path: log.tar.gz | |
retention-days: 30 | |
test-e2e-encap-all-features-enabled: | |
name: E2e tests on a Kind cluster on Linux with all features enabled | |
needs: [build-antrea-coverage-image] | |
runs-on: [ubuntu-latest] | |
steps: | |
- name: Free disk space | |
# https://github.com/actions/virtual-environments/issues/709 | |
run: | | |
sudo apt-get clean | |
df -h | |
- uses: actions/checkout@v4 | |
with: | |
show-progress: false | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: 'go.mod' | |
- name: Download Antrea image from previous job | |
uses: actions/download-artifact@v4 | |
with: | |
name: antrea-ubuntu-cov | |
- name: Load Antrea image | |
run: | | |
docker load -i antrea-ubuntu.tar | |
- name: Install Kind | |
run: | | |
KIND_VERSION=$(head -n1 ./ci/kind/version) | |
curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 | |
chmod +x ./kind | |
sudo mv kind /usr/local/bin | |
- name: Run e2e tests | |
run: | | |
mkdir log | |
mkdir test-e2e-encap-all-features-enabled-coverage | |
ANTREA_LOG_DIR=$PWD/log ANTREA_COV_DIR=$PWD/test-e2e-encap-all-features-enabled-coverage ./ci/kind/test-e2e-kind.sh \ | |
--encap-mode encap \ | |
--coverage \ | |
--feature-gates AllAlpha=true,AllBeta=true \ | |
--proxy-all \ | |
--node-ipam \ | |
--extra-vlan \ | |
--multicast \ | |
--bgp-policy \ | |
--networkpolicy-evaluation | |
- name: Tar coverage files | |
run: tar -czf test-e2e-encap-all-features-enabled-coverage.tar.gz test-e2e-encap-all-features-enabled-coverage | |
- name: Upload coverage for test-e2e-encap-all-features-enabled-coverage | |
uses: actions/upload-artifact@v4 | |
with: | |
name: test-e2e-encap-all-features-enabled-coverage | |
path: test-e2e-encap-all-features-enabled-coverage.tar.gz | |
retention-days: 30 | |
- name: Codecov | |
uses: codecov/codecov-action@v5 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
files: '*.cov.out*' | |
disable_search: true | |
flags: kind-e2e-tests | |
name: codecov-test-e2e-encap-all-features-enabled | |
directory: test-e2e-encap-all-features-enabled-coverage | |
fail_ci_if_error: ${{ github.event_name == 'push' }} | |
- name: Tar log files | |
if: ${{ failure() }} | |
run: tar -czf log.tar.gz log | |
- name: Upload test log | |
uses: actions/upload-artifact@v4 | |
if: ${{ failure() }} | |
with: | |
name: e2e-kind-encap-all-features-enabled.tar.gz | |
path: log.tar.gz | |
retention-days: 30 | |
test-e2e-noencap: | |
name: E2e tests on a Kind cluster on Linux (noEncap) | |
needs: [build-antrea-coverage-image] | |
runs-on: [ubuntu-latest] | |
steps: | |
- name: Free disk space | |
# https://github.com/actions/virtual-environments/issues/709 | |
run: | | |
sudo apt-get clean | |
df -h | |
- uses: actions/checkout@v4 | |
with: | |
show-progress: false | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: 'go.mod' | |
- name: Download Antrea image from previous job | |
uses: actions/download-artifact@v4 | |
with: | |
name: antrea-ubuntu-cov | |
- name: Load Antrea image | |
run: | | |
docker load -i antrea-ubuntu.tar | |
- name: Install Kind | |
run: | | |
KIND_VERSION=$(head -n1 ./ci/kind/version) | |
curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 | |
chmod +x ./kind | |
sudo mv kind /usr/local/bin | |
- name: Run e2e tests | |
run: | | |
mkdir log | |
mkdir test-e2e-noencap-coverage | |
ANTREA_LOG_DIR=$PWD/log ANTREA_COV_DIR=$PWD/test-e2e-noencap-coverage ./ci/kind/test-e2e-kind.sh --encap-mode noEncap --coverage --skip mode-irrelevant | |
- name: Tar coverage files | |
run: tar -czf test-e2e-noencap-coverage.tar.gz test-e2e-noencap-coverage | |
- name: Upload coverage for test-e2e-noencap-coverage | |
uses: actions/upload-artifact@v4 | |
with: | |
name: test-e2e-noencap-coverage | |
path: test-e2e-noencap-coverage.tar.gz | |
retention-days: 30 | |
- name: Codecov | |
uses: codecov/codecov-action@v5 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
files: '*.cov.out*' | |
disable_search: true | |
flags: kind-e2e-tests | |
name: codecov-test-e2e-noencap | |
directory: test-e2e-noencap-coverage | |
fail_ci_if_error: ${{ github.event_name == 'push' }} | |
- name: Tar log files | |
if: ${{ failure() }} | |
run: tar -czf log.tar.gz log | |
- name: Upload test log | |
uses: actions/upload-artifact@v4 | |
if: ${{ failure() }} | |
with: | |
name: e2e-kind-noencap.tar.gz | |
path: log.tar.gz | |
retention-days: 30 | |
test-e2e-hybrid: | |
name: E2e tests on a Kind cluster on Linux (hybrid) | |
needs: [build-antrea-coverage-image] | |
runs-on: [ubuntu-latest] | |
steps: | |
- name: Free disk space | |
# https://github.com/actions/virtual-environments/issues/709 | |
run: | | |
sudo apt-get clean | |
df -h | |
- uses: actions/checkout@v4 | |
with: | |
show-progress: false | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: 'go.mod' | |
- name: Download Antrea image from previous job | |
uses: actions/download-artifact@v4 | |
with: | |
name: antrea-ubuntu-cov | |
- name: Load Antrea image | |
run: | | |
docker load -i antrea-ubuntu.tar | |
- name: Install Kind | |
run: | | |
KIND_VERSION=$(head -n1 ./ci/kind/version) | |
curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 | |
chmod +x ./kind | |
sudo mv kind /usr/local/bin | |
- name: Run e2e tests | |
run: | | |
mkdir log | |
mkdir test-e2e-hybrid-coverage | |
ANTREA_LOG_DIR=$PWD/log ANTREA_COV_DIR=$PWD/test-e2e-hybrid-coverage ./ci/kind/test-e2e-kind.sh --encap-mode hybrid --coverage --skip mode-irrelevant | |
- name: Tar coverage files | |
run: tar -czf test-e2e-hybrid-coverage.tar.gz test-e2e-hybrid-coverage | |
- name: Upload coverage for test-e2e-hybrid-coverage | |
uses: actions/upload-artifact@v4 | |
with: | |
name: test-e2e-hybrid-coverage | |
path: test-e2e-hybrid-coverage.tar.gz | |
retention-days: 30 | |
- name: Codecov | |
uses: codecov/codecov-action@v5 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
files: '*.cov.out*' | |
disable_search: true | |
flags: kind-e2e-tests | |
name: codecov-test-e2e-hybrid | |
directory: test-e2e-hybrid-coverage | |
fail_ci_if_error: ${{ github.event_name == 'push' }} | |
- name: Tar log files | |
if: ${{ failure() }} | |
run: tar -czf log.tar.gz log | |
- name: Upload test log | |
uses: actions/upload-artifact@v4 | |
if: ${{ failure() }} | |
with: | |
name: e2e-kind-hybrid.tar.gz | |
path: log.tar.gz | |
retention-days: 30 | |
test-e2e-flow-visibility: | |
name: E2e tests on a Kind cluster on Linux for Flow Visibility | |
needs: [build-antrea-coverage-image, build-flow-aggregator-coverage-image] | |
runs-on: [ubuntu-latest] | |
steps: | |
- name: Free disk space | |
# https://github.com/actions/virtual-environments/issues/709 | |
run: | | |
sudo apt-get clean | |
sudo rm -rf /usr/share/dotnet | |
sudo rm -rf /opt/ghc | |
sudo rm -rf "/usr/local/share/boost" | |
sudo rm -rf "$AGENT_TOOLSDIRECTORY" | |
sudo rm -rf "/usr/local/lib/android" | |
df -h | |
- uses: actions/checkout@v4 | |
with: | |
show-progress: false | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: 'go.mod' | |
- name: Download Antrea image from previous job | |
uses: actions/download-artifact@v4 | |
with: | |
name: antrea-ubuntu-cov | |
- name: Load Antrea image | |
run: | | |
docker load -i antrea-ubuntu.tar | |
- name: Download Flow Aggregator image from previous job | |
uses: actions/download-artifact@v4 | |
with: | |
name: flow-aggregator-cov | |
- name: Load Flow Aggregator image | |
run: | | |
docker load -i flow-aggregator.tar | |
- name: Install Kind | |
run: | | |
KIND_VERSION=$(head -n1 ./ci/kind/version) | |
curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 | |
chmod +x ./kind | |
sudo mv kind /usr/local/bin | |
- name: Run e2e tests | |
run: | | |
mkdir log | |
mkdir test-e2e-fa-coverage | |
ANTREA_LOG_DIR=$PWD/log ANTREA_COV_DIR=$PWD/test-e2e-fa-coverage ./ci/kind/test-e2e-kind.sh --encap-mode encap --coverage --flow-visibility --ip-family dual | |
- name: Tar coverage files | |
run: tar -czf test-e2e-fa-coverage.tar.gz test-e2e-fa-coverage | |
- name: Upload coverage for test-e2e-fa-coverage | |
uses: actions/upload-artifact@v4 | |
with: | |
name: test-e2e-fa-coverage | |
path: test-e2e-fa-coverage.tar.gz | |
retention-days: 30 | |
- name: Codecov | |
uses: codecov/codecov-action@v5 | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
files: '*.cov.out*' | |
disable_search: true | |
flags: kind-e2e-tests | |
name: codecov-test-e2e-fa | |
directory: test-e2e-fa-coverage | |
fail_ci_if_error: ${{ github.event_name == 'push' }} | |
- name: Tar log files | |
if: ${{ failure() }} | |
run: tar -czf log.tar.gz log | |
- name: Upload test log | |
uses: actions/upload-artifact@v4 | |
if: ${{ failure() }} | |
with: | |
name: e2e-kind-fa.tar.gz | |
path: log.tar.gz | |
retention-days: 30 | |
test-network-policy-conformance-encap: | |
name: NetworkPolicy conformance tests on a Kind cluster on Linux | |
needs: [build-antrea-coverage-image] | |
runs-on: [ubuntu-latest] | |
steps: | |
- name: Free disk space | |
# https://github.com/actions/virtual-environments/issues/709 | |
run: | | |
sudo apt-get clean | |
df -h | |
- uses: actions/checkout@v4 | |
with: | |
show-progress: false | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: 'go.mod' | |
- name: Download Antrea image from previous job | |
uses: actions/download-artifact@v4 | |
with: | |
name: antrea-ubuntu-cov | |
- name: Load Antrea image | |
run: | | |
docker load -i antrea-ubuntu.tar | |
docker tag antrea/antrea-agent-ubuntu-coverage:latest antrea/antrea-agent-ubuntu:latest | |
docker tag antrea/antrea-controller-ubuntu-coverage:latest antrea/antrea-controller-ubuntu:latest | |
- name: Install Kind | |
run: | | |
KIND_VERSION=$(head -n1 ./ci/kind/version) | |
curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 | |
chmod +x ./kind | |
sudo mv kind /usr/local/bin | |
- name: Run NetworkPolicy conformance tests | |
run: | | |
mkdir log | |
ANTREA_LOG_DIR=$PWD/log ./ci/kind/test-netpol-v2-conformance-kind.sh | |
- name: Tar log files | |
if: ${{ failure() }} | |
run: tar -czf log.tar.gz log | |
- name: Upload test log | |
uses: actions/upload-artifact@v4 | |
if: ${{ failure() }} | |
with: | |
name: networkpolicy-conformance-kind-encap.tar.gz | |
path: log.tar.gz | |
retention-days: 30 | |
test-secondary-network: | |
name: Antrea-native (VLAN) secondary network tests on a Kind cluster on Linux | |
needs: [build-antrea-coverage-image] | |
runs-on: [ubuntu-latest] | |
steps: | |
- name: Free disk space | |
# https://github.com/actions/virtual-environments/issues/709 | |
run: | | |
sudo apt-get clean | |
df -h | |
- uses: actions/checkout@v4 | |
with: | |
show-progress: false | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: 'go.mod' | |
- name: Download Antrea image from previous job | |
uses: actions/download-artifact@v4 | |
with: | |
name: antrea-ubuntu-cov | |
- name: Load Antrea image | |
run: | | |
docker load -i antrea-ubuntu.tar | |
docker tag antrea/antrea-agent-ubuntu-coverage:latest antrea/antrea-agent-ubuntu:latest | |
docker tag antrea/antrea-controller-ubuntu-coverage:latest antrea/antrea-controller-ubuntu:latest | |
- name: Install Kind | |
run: | | |
KIND_VERSION=$(head -n1 ./ci/kind/version) | |
curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 | |
chmod +x ./kind | |
sudo mv kind /usr/local/bin | |
- name: Run secondary network tests | |
run: | | |
mkdir log | |
ANTREA_LOG_DIR=$PWD/log ./ci/kind/test-secondary-network-kind.sh | |
- name: Tar log files | |
if: ${{ failure() }} | |
run: tar -czf log.tar.gz log | |
- name: Upload test log | |
uses: actions/upload-artifact@v4 | |
if: ${{ failure() }} | |
with: | |
name: secondary-network.tar.gz | |
path: log.tar.gz | |
retention-days: 30 | |
test-upgrade-from-N-1: | |
name: Upgrade from Antrea version N-1 | |
needs: build-antrea-coverage-image | |
runs-on: [ubuntu-latest] | |
steps: | |
- name: Free disk space | |
# https://github.com/actions/virtual-environments/issues/709 | |
run: | | |
sudo apt-get clean | |
df -h | |
- uses: actions/checkout@v4 | |
with: | |
show-progress: false | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: 'go.mod' | |
- name: Download Antrea image from previous job | |
uses: actions/download-artifact@v4 | |
with: | |
name: antrea-ubuntu-cov | |
- name: Load Antrea image | |
run: | | |
docker load -i antrea-ubuntu.tar | |
docker tag antrea/antrea-agent-ubuntu-coverage:latest antrea/antrea-agent-ubuntu:latest | |
docker tag antrea/antrea-controller-ubuntu-coverage:latest antrea/antrea-controller-ubuntu:latest | |
- name: Install Kind | |
run: | | |
KIND_VERSION=$(head -n1 ./ci/kind/version) | |
curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 | |
chmod +x ./kind | |
sudo mv kind /usr/local/bin | |
- name: Run test | |
run: | | |
mkdir log | |
ANTREA_LOG_DIR=$PWD/log ./ci/kind/test-upgrade-antrea.sh --from-version-n-minus 1 | |
- name: Tar log files | |
if: ${{ failure() }} | |
run: tar -czf log.tar.gz log | |
- name: Upload test log | |
uses: actions/upload-artifact@v4 | |
if: ${{ failure() }} | |
with: | |
name: upgrade-from-antrea-version-n-1.tar.gz | |
path: log.tar.gz | |
retention-days: 30 | |
test-upgrade-from-N-2: | |
name: Upgrade from Antrea version N-2 | |
needs: build-antrea-coverage-image | |
runs-on: [ubuntu-latest] | |
steps: | |
- name: Free disk space | |
# https://github.com/actions/virtual-environments/issues/709 | |
run: | | |
sudo apt-get clean | |
df -h | |
- uses: actions/checkout@v4 | |
with: | |
show-progress: false | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: 'go.mod' | |
- name: Download Antrea image from previous job | |
uses: actions/download-artifact@v4 | |
with: | |
name: antrea-ubuntu-cov | |
- name: Load Antrea image | |
run: | | |
docker load -i antrea-ubuntu.tar | |
docker tag antrea/antrea-agent-ubuntu-coverage:latest antrea/antrea-agent-ubuntu:latest | |
docker tag antrea/antrea-controller-ubuntu-coverage:latest antrea/antrea-controller-ubuntu:latest | |
- name: Install Kind | |
run: | | |
KIND_VERSION=$(head -n1 ./ci/kind/version) | |
curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 | |
chmod +x ./kind | |
sudo mv kind /usr/local/bin | |
- name: Run test | |
run: | | |
mkdir log | |
ANTREA_LOG_DIR=$PWD/log ./ci/kind/test-upgrade-antrea.sh --from-version-n-minus 2 | |
- name: Tar log files | |
if: ${{ failure() }} | |
run: tar -czf log.tar.gz log | |
- name: Upload test log | |
uses: actions/upload-artifact@v4 | |
if: ${{ failure() }} | |
with: | |
name: upgrade-from-antrea-version-n-2.tar.gz | |
path: log.tar.gz | |
retention-days: 30 | |
test-compatible-N-1: | |
name: API compatible with client version N-1 | |
needs: build-antrea-coverage-image | |
runs-on: [ubuntu-latest] | |
steps: | |
- name: Free disk space | |
# https://github.com/actions/virtual-environments/issues/709 | |
run: | | |
sudo apt-get clean | |
df -h | |
- uses: actions/checkout@v4 | |
with: | |
show-progress: false | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: 'go.mod' | |
- name: Download Antrea image from previous job | |
uses: actions/download-artifact@v4 | |
with: | |
name: antrea-ubuntu-cov | |
- name: Load Antrea image | |
run: | | |
docker load -i antrea-ubuntu.tar | |
docker tag antrea/antrea-agent-ubuntu-coverage:latest antrea/antrea-agent-ubuntu:latest | |
docker tag antrea/antrea-controller-ubuntu-coverage:latest antrea/antrea-controller-ubuntu:latest | |
- name: Install Kind | |
run: | | |
KIND_VERSION=$(head -n1 ./ci/kind/version) | |
curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 | |
chmod +x ./kind | |
sudo mv kind /usr/local/bin | |
- name: Run test | |
run: | | |
mkdir log | |
ANTREA_LOG_DIR=$PWD/log ./ci/kind/test-upgrade-antrea.sh --from-version-n-minus 1 --controller-only | |
- name: Tar log files | |
if: ${{ failure() }} | |
run: tar -czf log.tar.gz log | |
- name: Upload test log | |
uses: actions/upload-artifact@v4 | |
if: ${{ failure() }} | |
with: | |
name: api-compatible-with-client-version-n-1.tar.gz | |
path: log.tar.gz | |
retention-days: 30 | |
test-compatible-N-2: | |
name: API compatible with client version N-2 | |
needs: build-antrea-coverage-image | |
runs-on: [ubuntu-latest] | |
steps: | |
- name: Free disk space | |
# https://github.com/actions/virtual-environments/issues/709 | |
run: | | |
sudo apt-get clean | |
df -h | |
- uses: actions/checkout@v4 | |
with: | |
show-progress: false | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: 'go.mod' | |
- name: Download Antrea image from previous job | |
uses: actions/download-artifact@v4 | |
with: | |
name: antrea-ubuntu-cov | |
- name: Load Antrea image | |
run: | | |
docker load -i antrea-ubuntu.tar | |
docker tag antrea/antrea-agent-ubuntu-coverage:latest antrea/antrea-agent-ubuntu:latest | |
docker tag antrea/antrea-controller-ubuntu-coverage:latest antrea/antrea-controller-ubuntu:latest | |
- name: Install Kind | |
run: | | |
KIND_VERSION=$(head -n1 ./ci/kind/version) | |
curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 | |
chmod +x ./kind | |
sudo mv kind /usr/local/bin | |
- name: Run test | |
run: | | |
mkdir log | |
ANTREA_LOG_DIR=$PWD/log ./ci/kind/test-upgrade-antrea.sh --from-version-n-minus 2 --controller-only | |
- name: Tar log files | |
if: ${{ failure() }} | |
run: tar -czf log.tar.gz log | |
- name: Upload test log | |
uses: actions/upload-artifact@v4 | |
if: ${{ failure() }} | |
with: | |
name: api-compatible-with-client-version-n-2.tar.gz | |
path: log.tar.gz | |
retention-days: 30 | |
run-installation-checks: | |
name: Test installation using 'antctl check' command | |
needs: [ build-antrea-coverage-image ] | |
runs-on: [ ubuntu-latest ] | |
steps: | |
- name: Free disk space | |
run: | | |
sudo apt-get clean | |
df -h | |
- uses: actions/checkout@v4 | |
with: | |
show-progress: false | |
- uses: actions/setup-go@v5 | |
with: | |
go-version-file: 'go.mod' | |
- name: Download Antrea image from previous job | |
uses: actions/download-artifact@v4 | |
with: | |
name: antrea-ubuntu-cov | |
- name: Load Antrea image | |
run: | | |
docker load -i antrea-ubuntu.tar | |
- name: Install Kind | |
run: | | |
KIND_VERSION=$(head -n1 ./ci/kind/version) | |
curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 | |
chmod +x ./kind | |
sudo mv kind /usr/local/bin | |
- name: Create Kind Cluster | |
run: | | |
./ci/kind/kind-setup.sh create kind --ip-family dual | |
- name: Build antctl binary | |
run: | | |
make antctl-linux | |
- name: Run Pre checks | |
run: | | |
./bin/antctl-linux check cluster | |
- name: Deploy Antrea | |
run: | | |
kubectl apply -f build/yamls/antrea.yml | |
- name: Run Post checks | |
run: | | |
./bin/antctl-linux check installation | |
validate-prometheus-metrics-doc: | |
name: Validate metrics in Prometheus document match running deployment's | |
needs: build-antrea-coverage-image | |
runs-on: [ubuntu-latest] | |
steps: | |
- name: Free disk space | |
# https://github.com/actions/virtual-environments/issues/709 | |
run: | | |
sudo apt-get clean | |
df -h | |
- uses: actions/checkout@v4 | |
with: | |
show-progress: false | |
- name: Download Antrea image from previous job | |
uses: actions/download-artifact@v4 | |
with: | |
name: antrea-ubuntu-cov | |
- name: Load Antrea image | |
run: | | |
docker load -i antrea-ubuntu.tar | |
docker tag antrea/antrea-agent-ubuntu-coverage:latest antrea/antrea-agent-ubuntu:latest | |
docker tag antrea/antrea-controller-ubuntu-coverage:latest antrea/antrea-controller-ubuntu:latest | |
- name: Install Kind | |
run: | | |
KIND_VERSION=$(head -n1 ./ci/kind/version) | |
curl -Lo ./kind https://github.com/kubernetes-sigs/kind/releases/download/${KIND_VERSION}/kind-$(uname)-amd64 | |
chmod +x ./kind | |
sudo mv kind /usr/local/bin | |
- name: Validate document | |
run: | | |
./ci/kind/validate-metrics-doc.sh | |
# Runs after all other jobs in the workflow succeed and deletes Antrea Docker images uploaded as temporary | |
# artifacts. There is no simple way to delete an artifact from a worfklow triggered by a pull | |
# request, so instead we use the upload-artifact action again, and overwrite the previous artifact | |
# (which is very large) with an empty file. | |
artifact-cleanup: | |
name: Delete uploaded images | |
needs: | |
- build-antrea-coverage-image | |
- build-flow-aggregator-coverage-image | |
- test-e2e-encap | |
- test-e2e-encap-non-default | |
- test-e2e-encap-all-features-enabled | |
- test-e2e-noencap | |
- test-e2e-hybrid | |
- test-upgrade-from-N-1 | |
- test-upgrade-from-N-2 | |
- test-compatible-N-1 | |
- test-compatible-N-2 | |
- validate-prometheus-metrics-doc | |
- test-e2e-flow-visibility | |
- test-network-policy-conformance-encap | |
- run-installation-checks | |
runs-on: [ubuntu-latest] | |
steps: | |
- name: Create empty file to overwrite artifacts | |
run: | | |
touch empty-artifact | |
- name: Delete antrea-ubuntu-cov | |
if: ${{ needs.build-antrea-coverage-image.result == 'success' }} | |
uses: actions/upload-artifact@v4 | |
with: | |
name: antrea-ubuntu-cov | |
path: empty-artifact | |
retention-days: 1 # minimum value | |
overwrite: true | |
- name: Delete flow-aggregator | |
if: ${{ needs.build-flow-aggregator-coverage-image.result == 'success' }} | |
uses: actions/upload-artifact@v4 | |
with: | |
name: flow-aggregator-cov | |
path: empty-artifact | |
retention-days: 1 # minimum value | |
overwrite: true |