Skip to content

Merge pull request #20 from nirmata/annotate-migrated #49

Merge pull request #20 from nirmata/annotate-migrated

Merge pull request #20 from nirmata/annotate-migrated #49

name: Migration Tests
permissions: {}
on:
workflow_dispatch: {}
pull_request:
branches:
- "main"
push:
branches:
- main
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
required:
strategy:
fail-fast: false
matrix:
k8s-version:
- name: v1.25
version: v1.25.16
- name: v1.26
version: v1.26.13
- name: v1.27
version: v1.27.10
- name: v1.28
version: v1.28.6
- name: v1.29
version: v1.29.1
- name: v1.30
version: v1.30.0
tests:
- ^reports$
runs-on: ubuntu-latest
name: ${{ matrix.k8s-version.name }} - ${{ matrix.tests }}
steps:
- name: Checkout
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Checkout kyverno/kyverno
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
repository: kyverno/kyverno
path: kyverno
- name: Setup Go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: ~1.22.2
- name: Install helm
id: helm
uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Install Tools
run: |
set -e
curl -LO "https://dl.k8s.io/release/${{ matrix.k8s-version.version }}/bin/linux/amd64/kubectl"
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
- name: Install kind
shell: bash
run: |
set -e
# For AMD64 / x86_64
[ $(uname -m) = x86_64 ] && curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.20.0/kind-linux-amd64
# For ARM64
[ $(uname -m) = aarch64 ] && curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.20.0/kind-linux-arm64
chmod +x ./kind
sudo mv ./kind /usr/local/bin/kind
- name: Create kind cluster
run: |
set -e
kind create cluster --image kindest/node:${{ matrix.k8s-version.version }} --config ./.github/kind.yml
- name: Install kyverno v1.12.4
run: |
set -e
kubectl create -f https://github.com/kyverno/kyverno/raw/main/config/install-latest-testing.yaml
- name: Wait for kyverno ready
run: |
set -e
kubectl wait --namespace kyverno --for=condition=ready pod --selector '!job-name' --timeout=120s
# - name: Install PSS policies
# run: |
# set -e
# export HELM=${{ steps.helm.outputs.helm-path }}
# make install-pss-policies
- name: API Service status before migation
run: |
set -e
kubectl get apiservices v1alpha2.wgpolicyk8s.io v1.reports.kyverno.io
- name: Install report server
run: |
set -e
kubectl create ns reports-server
export HELM=${{ steps.helm.outputs.helm-path }}
make kind-migrate
- name: Install api services
run: |
set -e
export HELM=${{ steps.helm.outputs.helm-path }}
make kind-apply-api-services
- name: Wait for report server ready
run: |
set -e
kubectl wait --namespace reports-server --for=condition=ready pod --selector '!job-name' --timeout=120s
kubectl wait --for condition="available" apiservices v1alpha2.wgpolicyk8s.io v1.reports.kyverno.io --timeout=120s
- name: Wait for kyverno to pick up the change
run: |
set -e
sleep 600
- name: API Service status post migration
run: |
set -e
kubectl get apiservices v1alpha2.wgpolicyk8s.io v1.reports.kyverno.io
- name: Install Chainsaw
uses: kyverno/action-install-chainsaw@82d8e747037f840e0ef9bdd97ecdc617f5535bdc # v0.2.8
- name: Test with Chainsaw
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
set -e
cd ./kyverno/test/conformance/chainsaw && chainsaw test --config ./../../../../.chainsaw.yaml --include-test-regex '^chainsaw$/${{ matrix.tests }}' --no-color=false
- name: Debug failure
if: failure()
uses: ./.github/actions/failure-logs