Rename access control test #1181
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: QE Testing (Ubuntu-hosted) | |
on: | |
pull_request: | |
branches: [ main ] | |
workflow_dispatch: | |
# Schedule a daily cron at midnight UTC | |
schedule: | |
- cron: '0 0 * * *' | |
env: | |
TEST_REPO: redhat-best-practices-for-k8s/certsuite | |
jobs: | |
qe-testing: | |
runs-on: ubuntu-22.04 | |
strategy: | |
fail-fast: false | |
matrix: | |
suite: [accesscontrol, affiliatedcertification, manageability, networking, lifecycle, performance, platformalteration, observability, operator] | |
env: | |
SHELL: /bin/bash | |
KUBECONFIG: '/home/runner/.kube/config' | |
PFLT_DOCKERCONFIG: '/home/runner/.docker/config' | |
TEST_CERTSUITE_IMAGE_NAME: quay.io/redhat-best-practices-for-k8s/certsuite | |
TEST_CERTSUITE_IMAGE_TAG: unstable | |
DOCKER_CONFIG_DIR: '/home/runner/.docker/' | |
SKIP_PRELOAD_IMAGES: true # Not needed for github-hosted runs | |
steps: | |
- name: Write temporary docker file | |
run: | | |
mkdir -p /home/runner/.docker | |
touch ${PFLT_DOCKERCONFIG} | |
echo '{ "auths": {} }' >> ${PFLT_DOCKERCONFIG} | |
- name: Set up Go 1.23 | |
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 | |
with: | |
go-version: 1.23.4 | |
- name: Disable default go problem matcher | |
run: echo "::remove-matcher owner=go::" | |
- name: Check out code | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
ref: ${{ github.sha }} | |
- name: Check out `certsuite-sample-workload` | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
repository: redhat-best-practices-for-k8s/certsuite-sample-workload | |
path: certsuite-sample-workload | |
- name: Install dependencies | |
run: | | |
sudo apt-get update | |
sudo apt-get install -y python3-pip | |
- name: Create docker/daemon.json if it does not exist | |
run: | | |
if [ ! -f /etc/docker/daemon.json ]; then | |
echo '{}' | sudo tee /etc/docker/daemon.json | |
fi | |
# Create a Kind cluster for testing. | |
- name: Bootstrap the Kind and OC/Kubectl binaries for the `local-test-infra` | |
run: make bootstrap-cluster | |
working-directory: certsuite-sample-workload | |
# Restart docker using /mnt/docker-storage (sdb) instead of /var/lib/docker (sda). | |
# This step needs to be done right after the partner repo's bootstrap scripts, as they | |
# overwrite the docker's daemon.json. | |
- name: Make docker to use /mnt (sdb) for storage | |
run: | | |
df -h | |
lsblk | |
sudo mkdir /mnt/docker-storage | |
sudo jq '. +={"data-root" : "/mnt/docker-storage"}' < /etc/docker/daemon.json > /tmp/docker-daemon.json | |
sudo cp /tmp/docker-daemon.json /etc/docker/daemon.json | |
cat /etc/docker/daemon.json | |
sudo systemctl restart docker | |
sudo ls -la /mnt/docker-storage | |
- name: Create `local-test-infra` OpenShift resources | |
run: make rebuild-cluster | |
working-directory: certsuite-sample-workload | |
- name: Install partner resources | |
run: python3 -m venv .venv; source .venv/bin/activate; pip install --upgrade pip; pip install jinjanator; cp .venv/bin/jinjanate .venv/bin/j2; make install-for-qe | |
working-directory: certsuite-sample-workload | |
- name: Show pods | |
run: oc get pods -A | |
- name: Wait for all pods to be ready | |
run: ./scripts/wait-for-all-pods-running.sh | |
working-directory: certsuite-sample-workload | |
timeout-minutes: 10 | |
- name: Clone the certsuite repository | |
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
with: | |
repository: ${{ env.TEST_REPO }} | |
path: certsuite | |
ref: main | |
- name: Extract dependent Pull Requests | |
uses: depends-on/depends-on-action@77e67971a155b35424508ada365790c47286fd0f # main | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
extra-dirs: certsuite-sample-workload certsuite | |
- name: Run the tests (against image) | |
uses: nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3.0.0 | |
with: | |
timeout_minutes: 60 | |
max_attempts: 3 | |
command: FEATURES=${{matrix.suite}} CERTSUITE_REPO_PATH=${GITHUB_WORKSPACE}/certsuite CERTSUITE_IMAGE=${{env.TEST_CERTSUITE_IMAGE_NAME}} CERTSUITE_IMAGE_TAG=${{env.TEST_CERTSUITE_IMAGE_TAG}} DISABLE_INTRUSIVE_TESTS=true ENABLE_PARALLEL=true ENABLE_FLAKY_RETRY=true JOB_ID=${{github.run_id}} make test-features | |
# Only run against the binary during a scheduled run | |
- name: Build the binary | |
run: make build-certsuite-tool | |
working-directory: certsuite | |
- name: Run the tests (against binary) | |
uses: nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3.0.0 | |
with: | |
timeout_minutes: 60 | |
max_attempts: 3 | |
command: FEATURES=${{matrix.suite}} CERTSUITE_REPO_PATH=${GITHUB_WORKSPACE}/certsuite USE_BINARY=true DISABLE_INTRUSIVE_TESTS=true ENABLE_PARALLEL=true ENABLE_FLAKY_RETRY=true JOB_ID=${{github.run_id}} make test-features | |
check-all-dependencies-are-merged: | |
runs-on: ubuntu-22.04 | |
steps: | |
- name: Extract dependent PR | |
uses: depends-on/depends-on-action@77e67971a155b35424508ada365790c47286fd0f # main | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
check-unmerged-pr: true | |
... |