Add support for clusters running in private VPC (#627) #21
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: e2e-test | |
permissions: | |
id-token: write | |
contents: read | |
on: | |
# TODO: Find a secure enough way to run e2e tests from PR on-demand. | |
push: | |
branches: | |
- main | |
workflow_dispatch: | |
jobs: | |
e2e-test: | |
runs-on: ubuntu-latest | |
# Prevent concurrent execution as we only have one cluster at the moment. | |
concurrency: | |
group: e2e-test | |
cancel-in-progress: false | |
timeout-minutes: 240 | |
environment: e2e-test | |
env: | |
# Image build config | |
AWS_DEFAULT_REGION: ${{ secrets.AWS_DEFAULT_REGION }} | |
ECR_PUBLISH_ROLE_ARN: ${{ secrets.ECR_PUBLISH_IAM_ROLE }} | |
IMAGE_REPOSITORY: ${{ secrets.PRIVATE_IMAGE_REPOSITORY }} | |
RELEASE_VERSION: ${{ github.sha }} | |
# E2E integration test config | |
REGION: ${{ secrets.AWS_DEFAULT_REGION }} | |
CLUSTER_NAME: ${{ secrets.CLUSTER_NAME }} | |
CLUSTER_VPC_ID: ${{ secrets.CLUSTER_VPC_ID }} | |
SECONDARY_ACCOUNT_TEST_ROLE_ARN: ${{ secrets.SECONDARY_ACCOUNT_IAM_ROLE }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v3 | |
- run: sed -En 's/^go[[:space:]]+([[:digit:].]+)$/GO_VERSION=\1/p' go.mod >> $GITHUB_ENV | |
- name: Setup Go | |
uses: actions/setup-go@v4 | |
with: | |
go-version: ${{ env.GO_VERSION }} | |
check-latest: true | |
cache-dependency-path: test/go.sum | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Setup AWS credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
role-to-assume: ${{ secrets.INTEGRATION_TEST_IAM_ROLE }} | |
role-duration-seconds: 14400 | |
aws-region: ${{ secrets.AWS_DEFAULT_REGION }} | |
- name: Setup eksctl | |
run: | | |
curl -sL "https://github.com/eksctl-io/eksctl/releases/latest/download/eksctl_$(uname -s)_amd64.tar.gz" | tar xz -C /tmp | |
sudo mv /tmp/eksctl /usr/local/bin | |
# Assumes a cluster named CLUSTER_NAME exists. | |
# TODO: create cluster if it does not exist. | |
- name: Setup cluster credentials | |
run: eksctl utils write-kubeconfig --cluster=$CLUSTER_NAME | |
- name: Enable actions cache | |
uses: actions/github-script@v6 | |
with: | |
script: | | |
core.exportVariable('ACTIONS_CACHE_URL', process.env['ACTIONS_CACHE_URL']) | |
core.exportVariable('ACTIONS_RUNTIME_TOKEN', process.env['ACTIONS_RUNTIME_TOKEN']) | |
- name: Build and push image | |
run: | | |
SKIP_BUILD_CHART=true scripts/release-controller.sh | |
- name: Install helm chart | |
run: | | |
helm install gateway-api-controller ./helm \ | |
--namespace aws-application-networking-system \ | |
--set=serviceAccount.create=false \ | |
--set=image.repository=$IMAGE_REPOSITORY \ | |
--set=image.tag=$RELEASE_VERSION \ | |
--set=log.level=debug | |
- name: Install Gateway API v1 CRDs | |
run: | | |
kubectl apply -f config/crds/bases/k8s-gateway-v1.0.0.yaml | |
- name: Create Lattice GatewayClass | |
run: | | |
kubectl apply -f files/controller-installation/gatewayclass.yaml | |
- name: Run test | |
run: | | |
make e2e-test | |
make webhook-e2e-test | |
- name: Cleanup | |
if: always() | |
run: | | |
make e2e-clean | |
- name: Uninstall helm chart | |
if: always() | |
run: | | |
helm uninstall gateway-api-controller --namespace aws-application-networking-system || true |