-
Notifications
You must be signed in to change notification settings - Fork 407
68 lines (55 loc) · 2.15 KB
/
kind-e2e.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
name: KinD e2e tests
on:
workflow_dispatch: # Allow manual runs.
pull_request:
branches:
- 'main'
jobs:
e2e-tests:
name: e2e tests
runs-on: ubuntu-latest
env:
# https://github.com/google/go-containerregistry/pull/125 allows insecure registry for
# '*.local' hostnames. This works both for `ko` and our own tag-to-digest resolution logic,
# thus allowing us to test without bypassing tag-to-digest resolution.
REGISTRY_NAME: registry.local
REGISTRY_PORT: 5000
KO_DOCKER_REPO: registry.local:5000/ko
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
with:
go-version-file: 'go.mod'
check-latest: true
- name: Install ko
run: go install ./
- name: Setup Cluster
uses: chainguard-dev/actions/setup-kind@29fb6e979a0b3efc79748a17e8cec08d0594cbfd # main
with:
k8s-version: v1.28.x
registry-authority: ${{ env.REGISTRY_NAME }}:${{ env.REGISTRY_PORT }}
- name: Install Cosign
uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0
- name: Run Smoke Test
run: |
# Test with kind load
KO_DOCKER_REPO=kind.local ko apply --platform=all -f ./test
kubectl wait --timeout=10s --for=condition=Ready pod/kodata
kubectl delete pod kodata
# Test with registry
ko apply --platform=all -f ./test
kubectl wait --timeout=60s --for=condition=Ready pod/kodata
kubectl delete pod kodata
# Test ko run with kind load
# This tests that --labels are passed to kubectl, and -wait is passed to the test binary.
KO_DOCKER_REPO=kind.local ko run ./test -- --labels=foo=bar -- -wait=false
- name: Check SBOM
run: |
set -o pipefail
echo '::group:: SBOM'
cosign download sbom $(ko build ./test)
echo "${SBOM}"
echo '::endgroup::'
- name: Collect diagnostics and upload
if: ${{ failure() }}
uses: chainguard-dev/actions/kind-diag@29fb6e979a0b3efc79748a17e8cec08d0594cbfd # main