Add tetragon 1.0.0@90c0769a694bea9ab495a4bb4384c6128b57a858 ⎈ #107
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ConformanceTetragonGKE (ci-tetragon-gke) | |
# Any change in triggers needs to be reflected in the concurrency group. | |
on: | |
push: | |
branches: | |
- master | |
env: | |
clusterName: ${{ github.repository_owner }}-${{ github.event.repository.name }}-${{ github.run_id }} | |
zone: us-west2-a | |
# https://cloud.google.com/blog/products/containers-kubernetes/kubectl-auth-changes-in-gke | |
USE_GKE_GCLOUD_AUTH_PLUGIN: True | |
jobs: | |
installation: | |
runs-on: ubuntu-latest | |
timeout-minutes: 30 | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab | |
with: | |
fetch-depth: 0 | |
persist-credentials: false | |
- name: Set up job variables | |
id: vars | |
run: | | |
# Get last commit message | |
readonly local last_commit_log=$(git log -1 --grep "^Add tetragon" --pretty=format:"%s") | |
echo "last commit log: $last_commit_log" | |
readonly local chart_version=$(echo "$last_commit_log" | grep -Eo "Add tetragon [^@]+" | sed 's/Add\ tetragon\ //' ) | |
echo "Helm chart detected version: '${chart_version}'" | |
if [[ -n "${chart_version}" ]]; then | |
echo ::set-output name=chartVersion::${chart_version} | |
fi | |
echo ::set-output name=owner::${{ github.sha }} | |
- name: Set up gcloud credentials | |
id: 'auth' | |
uses: 'google-github-actions/auth@dac4e13deb3640f22e3ffe758fd3f95e6e89f712' | |
with: | |
credentials_json: '${{ secrets.GCP_PR_SA_KEY }}' | |
- name: Should it be e2e tested? | |
run: | | |
if [[ -z "${{ steps.vars.outputs.chartVersion }}" ]]; then | |
echo "Not running tetragon helm e2e tests since the helm chart version was not detected in commit message" | |
echo "Expected format: 'Add tetragon <chart-version>@<upstream-commit-sha>'" | |
exit 0 | |
fi | |
- name: Set up gcloud CLI | |
uses: google-github-actions/setup-gcloud@62d4898025f6041e16b1068643bfc5a696863587 | |
with: | |
project_id: ${{ secrets.GCP_PROJECT_ID }} | |
- name: Display gcloud CLI info | |
run: | | |
gcloud info | |
- name: Install gke-gcloud-auth-plugin | |
run: | | |
gcloud components install gke-gcloud-auth-plugin | |
- name: Create GKE cluster | |
run: | | |
gcloud container clusters create ${{ env.clusterName }} \ | |
--labels "usage=${{ github.repository_owner }}-${{ github.event.repository.name }},owner=${{ steps.vars.outputs.owner }}" \ | |
--zone ${{ env.zone }} \ | |
--release-channel rapid \ | |
--num-nodes 1 | |
- name: Get cluster credentials | |
run: | | |
gcloud container clusters get-credentials ${{ env.clusterName }} --zone ${{ env.zone }} | |
- name: Install Tetragon | |
run: | | |
helm repo add cilium https://helm.cilium.io | |
helm repo update | |
helm install tetragon cilium/tetragon -n kube-system --version ${{ steps.vars.outputs.chartVersion }} | |
kubectl rollout status -n kube-system ds/tetragon -w | |
- name: Clean up GKE | |
if: ${{ always() }} | |
run: | | |
gcloud container clusters delete ${{ env.clusterName }} --zone ${{ env.zone }} --quiet --async | |
shell: bash {0} # Disable default fail-fast behaviour so that all commands run independently |