diff --git a/.github/workflows/pr-checks.yaml b/.github/workflows/pr-checks.yaml index 83b21309..c0561ba6 100644 --- a/.github/workflows/pr-checks.yaml +++ b/.github/workflows/pr-checks.yaml @@ -4,6 +4,10 @@ name: PR checks on: + push: + branches: + - fixes + pull_request: types: [ opened, reopened, synchronize, ready_for_review ] paths-ignore: @@ -149,41 +153,41 @@ jobs: name: Integration-Test runs-on: ubuntu-latest steps: - - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - - name: Install helm - id: helm - uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 - with: - token: ${{ secrets.GITHUB_TOKEN }} - - - name: Create k8s Kind Cluster - uses: helm/kind-action@v1 - with: - cluster_name: testing - - - name: Build image and load in the kind cluster - run: | - make docker-build - kind load docker-image 5gsec/nimbus:latest --name=testing - - - name: Install Nimbus - working-directory: ./deployments/nimbus - run: | - helm upgrade --dependency-update --install nimbus-operator . -n nimbus --create-namespace \ - --set image.pullPolicy=Never \ - --set autoDeploy.kubearmor=false \ - --set autoDeploy.kyverno=false \ - --set autoDeploy.netpol=false - - - name: Wait for Nimbus to start - run: | - kubectl wait --for=condition=ready --timeout=5m -n nimbus pod -l app.kubernetes.io/name=nimbus - kubectl get pods -n nimbus - - - name: Run Tests - run: make integration-test + - name: Checkout + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + + - name: Install helm + id: helm + uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 + with: + token: ${{ secrets.GITHUB_TOKEN }} + + - name: Create k8s Kind Cluster + uses: helm/kind-action@v1 + with: + cluster_name: testing + + - name: Build image and load in the kind cluster + run: | + make docker-build + kind load docker-image 5gsec/nimbus:latest --name=testing + + - name: Install Nimbus + working-directory: ./deployments/nimbus + run: | + helm upgrade --dependency-update --install nimbus-operator . -n nimbus --create-namespace \ + --set image.pullPolicy=Never \ + --set autoDeploy.kubearmor=false \ + --set autoDeploy.kyverno=false \ + --set autoDeploy.netpol=false + + - name: Wait for Nimbus to start + run: | + kubectl wait --for=condition=ready --timeout=5m -n nimbus pod -l app.kubernetes.io/name=nimbus + kubectl get pods -n nimbus + + - name: Run Tests + run: make integration-test e2e-tests: needs: files-changed @@ -191,86 +195,86 @@ jobs: name: E2E-Test runs-on: ubuntu-latest steps: - - name: Checkout source code - uses: actions/checkout@v4 - - - name: Install helm - id: helm - uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 - with: - token: ${{ secrets.GITHUB_TOKEN }} - - - name: Create k8s Kind Cluster - uses: helm/kind-action@v1 - with: - cluster_name: testing - - - name: Build nimbus image and load in the kind cluster - run: | - make docker-build - kind load docker-image 5gsec/nimbus:latest --name=testing - - - name: Build nimbus-netpol image and load in the kind cluster - working-directory: ./pkg/adapter/nimbus-netpol - run: | - make docker-build - kind load docker-image 5gsec/nimbus-netpol:latest --name=testing - - - name: Build nimbus-kubearmor image and load in the kind cluster - working-directory: ./pkg/adapter/nimbus-kubearmor - run: | - make docker-build - kind load docker-image 5gsec/nimbus-kubearmor:latest --name=testing - - - name: Build nimbus-kyverno image and load in the kind cluster - working-directory: ./pkg/adapter/nimbus-kyverno - run: | - make docker-build - kind load docker-image 5gsec/nimbus-kyverno:latest --name=testing - - - name: Install Nimbus - working-directory: ./deployments/nimbus - run: | - helm upgrade --dependency-update --install nimbus-operator . -n nimbus --create-namespace \ - --set image.pullPolicy=Never \ - --set autoDeploy.kubearmor=false \ - --set autoDeploy.kyverno=false \ - --set autoDeploy.netpol=false - - - name: Wait for Nimbus to start - run: | - kubectl wait --for=condition=ready --timeout=5m -n nimbus pod -l app.kubernetes.io/name=nimbus - kubectl get pods -n nimbus - - - name: Install nimbus-netpol - working-directory: deployments/nimbus-netpol/ - run: | - helm upgrade --install nimbus-netpol . -n nimbus --set image.pullPolicy=Never - - - name: Wait for nimbus-netpol to start - run: | - kubectl wait --for=condition=ready --timeout=5m -n nimbus pod -l app.kubernetes.io/name=nimbus-netpol - kubectl get pods -n nimbus - - - name: Install nimbus-kubearmor - working-directory: deployments/nimbus-kubearmor/ - run: | - helm upgrade --dependency-update --install nimbus-kubearmor . -n nimbus --set image.pullPolicy=Never - - - name: Wait for nimbus-kubearmor to start - run: | - kubectl wait --for=condition=ready --timeout=5m -n nimbus pod -l app.kubernetes.io/name=nimbus-kubearmor - kubectl get pods -n nimbus - - - name: Install nimbus-kyverno - working-directory: deployments/nimbus-kyverno/ - run: | - helm upgrade --dependency-update --install nimbus-kyverno . -n nimbus --set image.pullPolicy=Never - - - name: Wait for nimbus-kyverno to start - run: | - kubectl wait --for=condition=ready --timeout=5m -n nimbus pod -l app.kubernetes.io/name=nimbus-kyverno - kubectl get pods -n nimbus - - - name: Run Tests - run: make e2e-test + - name: Checkout source code + uses: actions/checkout@v4 + + - name: Install helm + id: helm + uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0 + with: + token: ${{ secrets.GITHUB_TOKEN }} + + - name: Create k8s Kind Cluster + uses: helm/kind-action@v1 + with: + cluster_name: testing + + - name: Build nimbus image and load in the kind cluster + run: | + make docker-build + kind load docker-image 5gsec/nimbus:latest --name=testing + + - name: Build nimbus-netpol image and load in the kind cluster + working-directory: ./pkg/adapter/nimbus-netpol + run: | + make docker-build + kind load docker-image 5gsec/nimbus-netpol:latest --name=testing + + - name: Build nimbus-kubearmor image and load in the kind cluster + working-directory: ./pkg/adapter/nimbus-kubearmor + run: | + make docker-build + kind load docker-image 5gsec/nimbus-kubearmor:latest --name=testing + + - name: Build nimbus-kyverno image and load in the kind cluster + working-directory: ./pkg/adapter/nimbus-kyverno + run: | + make docker-build + kind load docker-image 5gsec/nimbus-kyverno:latest --name=testing + + - name: Install Nimbus + working-directory: ./deployments/nimbus + run: | + helm upgrade --dependency-update --install nimbus-operator . -n nimbus --create-namespace \ + --set image.pullPolicy=Never \ + --set autoDeploy.kubearmor=false \ + --set autoDeploy.kyverno=false \ + --set autoDeploy.netpol=false + + - name: Wait for Nimbus to start + run: | + kubectl wait --for=condition=ready --timeout=5m -n nimbus pod -l app.kubernetes.io/name=nimbus + kubectl get pods -n nimbus + + - name: Install nimbus-netpol + working-directory: deployments/nimbus-netpol/ + run: | + helm upgrade --install nimbus-netpol . -n nimbus --set image.pullPolicy=Never + + - name: Wait for nimbus-netpol to start + run: | + kubectl wait --for=condition=ready --timeout=5m -n nimbus pod -l app.kubernetes.io/name=nimbus-netpol + kubectl get pods -n nimbus + + - name: Install nimbus-kubearmor + working-directory: deployments/nimbus-kubearmor/ + run: | + helm upgrade --dependency-update --install nimbus-kubearmor . -n nimbus --set image.pullPolicy=Never + + - name: Wait for nimbus-kubearmor to start + run: | + kubectl wait --for=condition=ready --timeout=5m -n nimbus pod -l app.kubernetes.io/name=nimbus-kubearmor + kubectl get pods -n nimbus + + - name: Install nimbus-kyverno + working-directory: deployments/nimbus-kyverno/ + run: | + helm upgrade --dependency-update --install nimbus-kyverno . -n nimbus --set image.pullPolicy=Never + + - name: Wait for nimbus-kyverno to start + run: | + kubectl wait --for=condition=ready --timeout=5m -n nimbus pod -l app.kubernetes.io/name=nimbus-kyverno + kubectl get pods -n nimbus + + - name: Run Tests + run: make e2e-test