-
Notifications
You must be signed in to change notification settings - Fork 407
68 lines (55 loc) · 2.15 KB
/
kind-e2e.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
name: KinD e2e tests
on:
workflow_dispatch: # Allow manual runs.
pull_request:
branches:
- 'main'
jobs:
e2e-tests:
name: e2e tests
runs-on: ubuntu-latest
env:
# https://github.com/google/go-containerregistry/pull/125 allows insecure registry for
# '*.local' hostnames. This works both for `ko` and our own tag-to-digest resolution logic,
# thus allowing us to test without bypassing tag-to-digest resolution.
REGISTRY_NAME: registry.local
REGISTRY_PORT: 5000
KO_DOCKER_REPO: registry.local:5000/ko
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version-file: 'go.mod'
check-latest: true
- name: Install ko
run: go install ./
- name: Setup Cluster
uses: chainguard-dev/actions/setup-kind@81dc0f9b6cd749004a9567afffef41ea84cf954c # main
with:
k8s-version: v1.25.x
registry-authority: ${{ env.REGISTRY_NAME }}:${{ env.REGISTRY_PORT }}
- name: Install Cosign
uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0
- name: Run Smoke Test
run: |
# Test with kind load
KO_DOCKER_REPO=kind.local ko apply --platform=all -f ./test
kubectl wait --timeout=10s --for=condition=Ready pod/kodata
kubectl delete pod kodata
# Test with registry
ko apply --platform=all -f ./test
kubectl wait --timeout=60s --for=condition=Ready pod/kodata
kubectl delete pod kodata
# Test ko run with kind load
# This tests that --labels are passed to kubectl, and -wait is passed to the test binary.
KO_DOCKER_REPO=kind.local ko run ./test -- --labels=foo=bar -- -wait=false
- name: Check SBOM
run: |
set -o pipefail
echo '::group:: SBOM'
cosign download sbom $(ko build ./test)
echo "${SBOM}"
echo '::endgroup::'
- name: Collect diagnostics and upload
if: ${{ failure() }}
uses: chainguard-dev/actions/kind-diag@84c993eaf02da1c325854fb272a4df9184bd80fc # main