-
Notifications
You must be signed in to change notification settings - Fork 14
105 lines (90 loc) · 3.92 KB
/
integration-tests.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
name: Integration tests
on:
workflow_call:
inputs:
cnspecImageTag:
required: true
type: string
secrets:
MONDOO_CLIENT:
required: true
MONDOO_CLIENT_EDGE:
required: true
env:
CNSPEC_IMAGE_TAG: ${{ github.event.inputs.cnspecImageTag }}
# https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token
permissions:
contents: read
# Attention: These jobs still have access to all the secrets.
jobs:
integration-tests:
runs-on: ubuntu-latest
name: Integration tests
strategy:
fail-fast: false
matrix:
k8s-version: [v1.28.9, v1.29.4] #v1.30.0] k3d doesn't support 1.30 yet
k8s-distro: [minikube, k3d]
steps:
- uses: actions/checkout@v4
with:
ref: ${{ github.event.pull_request.head.sha }}
persist-credentials: false
fetch-depth: 0 # fetch is needed for "git tag --list" in the Makefile
- name: Import environment variables from file
run: cat ".github/env" >> $GITHUB_ENV
- name: Start minikube
uses: medyagh/setup-minikube@master
if: matrix.k8s-distro == 'minikube'
with:
memory: 4000m
kubernetes-version: ${{ matrix.k8s-version }}
- name: Start k3d
uses: nolar/setup-k3d-k3s@v1
if: matrix.k8s-distro == 'k3d'
with:
version: ${{ matrix.k8s-version }}
k3d-args: --k3s-arg=--disable=traefik@server:*
- uses: actions/setup-go@v5
with:
go-version: "${{ env.golang-version }}"
# Makes it easier to see what was the input for this workflow in case we need to debug.
- name: Print workflow inputs
run: echo "${{ toJSON(github.event.inputs) }}"
- run: sleep 30
# Now that dependencies are cached the tests start almost immediately after minikube has started
# this makes tests fail occasionally. This sleep gives the runner some time to become more stable
# before the test execution starts.
- name: Wait a bit for the runner to become more stable
run: for i in 1 2 3 4 5; do kubectl -n kube-system wait --for=condition=Ready pods --all --timeout=180s && break || sleep 10; done
- name: Run integration tests
env:
MONDOO_API_TOKEN: ${{ secrets.MONDOO_TEST_ORG_TOKEN }}
run: K8S_DISTRO=${{ matrix.k8s-distro }} make test/integration/ci
- run: mv integration-tests.xml integration-tests-${{ matrix.k8s-distro }}-${{ matrix.k8s-version }}.xml
if: success() || failure()
- uses: actions/upload-artifact@v4 # upload test results
if: success() || failure() # run this step even if previous step failed
with: # upload a combined archive with unit and integration test results
name: test-results-${{ matrix.k8s-distro }}-${{ matrix.k8s-version }}
path: integration-tests-${{ matrix.k8s-distro }}-${{ matrix.k8s-version }}.xml
- name: Upload test logs artifact
uses: actions/upload-artifact@v4
if: failure()
with:
name: test-logs-${{ matrix.k8s-distro }}-${{ matrix.k8s-version }}
path: /home/runner/work/mondoo-operator/mondoo-operator/tests/integration/_output/
discord-notification:
runs-on: ubuntu-latest
name: Send Discord notification
needs: [integration-tests]
# Run only if the previous job has failed and only if it's running against the main branch
if: ${{ always() && contains(join(needs.*.result, ','), 'fail') && github.ref_name == 'main' }}
steps:
- uses: sarisia/actions-status-discord@v1
with:
webhook: ${{ secrets.DISCORD_WEBHOOK }}
status: Failure
url: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
description: Workflow ${{ github.workflow }} failed for commit ${{ github.sha }}.
color: 0xff4d4d