-
Notifications
You must be signed in to change notification settings - Fork 406
68 lines (55 loc) · 2.14 KB
/
kind-e2e.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
name: KinD e2e tests
on:
workflow_dispatch: # Allow manual runs.
pull_request:
branches:
- 'main'
jobs:
e2e-tests:
name: e2e tests
runs-on: ubuntu-latest
env:
# https://github.com/google/go-containerregistry/pull/125 allows insecure registry for
# '*.local' hostnames. This works both for `ko` and our own tag-to-digest resolution logic,
# thus allowing us to test without bypassing tag-to-digest resolution.
REGISTRY_NAME: registry.local
REGISTRY_PORT: 5000
KO_DOCKER_REPO: registry.local:5000/ko
steps:
- uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
go-version: '1.21'
check-latest: true
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
- name: Install ko
run: go install ./
- name: Setup Cluster
uses: chainguard-dev/actions/setup-kind@81dc0f9b6cd749004a9567afffef41ea84cf954c # main
with:
k8s-version: v1.25.x
registry-authority: ${{ env.REGISTRY_NAME }}:${{ env.REGISTRY_PORT }}
- name: Install Cosign
uses: sigstore/cosign-installer@11086d25041f77fe8fe7b9ea4e48e3b9192b8f19 # v3.1.2
- name: Run Smoke Test
run: |
# Test with kind load
KO_DOCKER_REPO=kind.local ko apply --platform=all -f ./test
kubectl wait --timeout=10s --for=condition=Ready pod/kodata
kubectl delete pod kodata
# Test with registry
ko apply --platform=all -f ./test
kubectl wait --timeout=60s --for=condition=Ready pod/kodata
kubectl delete pod kodata
# Test ko run with kind load
# This tests that --labels are passed to kubectl, and -wait is passed to the test binary.
KO_DOCKER_REPO=kind.local ko run ./test -- --labels=foo=bar -- -wait=false
- name: Check SBOM
run: |
set -o pipefail
echo '::group:: SBOM'
cosign download sbom $(ko build ./test)
echo "${SBOM}"
echo '::endgroup::'
- name: Collect diagnostics and upload
if: ${{ failure() }}
uses: chainguard-dev/actions/kind-diag@84c993eaf02da1c325854fb272a4df9184bd80fc # main