-
Notifications
You must be signed in to change notification settings - Fork 62
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
A tests will be executed automatically on each PR after a PR gets approved. To reduce amount of test run we don't run a test on PR push event and instead trigger it by label. JIRA: ISV-4199 Signed-off-by: Ales Raszka <[email protected]>
- Loading branch information
Showing
2 changed files
with
148 additions
and
41 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,148 @@ | ||
| --- | ||
| name: Build and test | ||
|
|
||
| on: # yamllint disable-line rule:truthy | ||
| push: | ||
| branches: | ||
| - main | ||
| pull_request: | ||
| types: [opened, synchronize, reopened, labeled] | ||
| workflow_dispatch: | ||
|
|
||
|
|
||
| jobs: | ||
| tox: | ||
| name: Run unit tests and linters | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - name: Checkout repository | ||
| uses: actions/checkout@v4 | ||
|
|
||
| - name: Set up PDM | ||
| uses: pdm-project/setup-pdm@v4 | ||
| with: | ||
| python-version: "3.11" | ||
|
|
||
| - name: Install non-python dependencies | ||
| run: | | ||
| sudo apt-get update && sudo apt-get install -y libkrb5-dev | ||
| - name: Install Hadolint via Brew | ||
| run: | | ||
| NONINTERACTIVE=1 /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)" | ||
| /home/linuxbrew/.linuxbrew/bin/brew install hadolint | ||
| sudo ln -s /home/linuxbrew/.linuxbrew/bin/hadolint /usr/bin/ | ||
| - name: Install Python dependencies | ||
| run: | | ||
| pdm sync -dG tox | ||
| python3 -m pip install ansible-lint | ||
| - name: Run Tests | ||
| run: | | ||
| pdm run -v tox | ||
| build: | ||
| name: Build and push image | ||
| runs-on: ubuntu-latest | ||
|
|
||
| steps: | ||
| - name: Set variables | ||
| id: set-vars | ||
| run: | | ||
| if [[ $GITHUB_REF_NAME == 'main' ]]; then | ||
| echo "tags=latest ${{ github.sha }}" >> $GITHUB_OUTPUT | ||
| else | ||
| echo "tags=${{ github.sha }}">> $GITHUB_OUTPUT | ||
| fi | ||
| - uses: actions/checkout@v4 | ||
|
|
||
| - name: Build Image | ||
| id: build-image | ||
| uses: redhat-actions/buildah-build@v2 | ||
| with: | ||
| image: operator-pipelines-images | ||
| tags: ${{ steps.set-vars.outputs.tags }} | ||
| dockerfiles: | | ||
| ./operator-pipeline-images/Dockerfile | ||
| - name: Push To quay.io | ||
| id: push-to-quay | ||
| uses: redhat-actions/push-to-registry@v2 | ||
| with: | ||
| image: ${{ steps.build-image.outputs.image }} | ||
| tags: ${{ steps.build-image.outputs.tags }} | ||
| registry: quay.io/redhat-isv | ||
| username: ${{ secrets.REGISTRY_USERNAME }} | ||
| password: ${{ secrets.REGISTRY_PASSWORD }} | ||
|
|
||
| - name: Print image url | ||
| run: echo "Image pushed to ${{ steps.push-to-quay.outputs.registry-paths }}" | ||
|
|
||
| integration-tests: | ||
| needs: [build] | ||
| if: github.event.label.name == 'ready-for-testing' || github.event_name == 'workflow_dispatch' || github.event_name == 'push' | ||
| strategy: | ||
| matrix: | ||
| test_type: | ||
| - isv | ||
| - community | ||
| - isv-fbc-bundle | ||
| - isv-fbc-catalog | ||
|
|
||
| fail-fast: false | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/checkout@v4 | ||
|
|
||
| - name: Prepare | ||
| id: prepare | ||
| run: | | ||
| echo "suffix=${GITHUB_SHA::7}" >> $GITHUB_OUTPUT | ||
| - name: Install dependencies | ||
| run: | | ||
| # Install python dependencies | ||
| pip install --user openshift pygithub | ||
| # Add certificates to trusted list | ||
| sudo cp operator-pipeline-images/certs/* /usr/local/share/ca-certificates | ||
| # Rename all .pem files to .crt to allow update-ca-certificates | ||
| for file in /usr/local/share/ca-certificates/*.pem | ||
| do | ||
| sudo mv "$file" "${file%.pem}.crt" | ||
| done | ||
| sudo update-ca-certificates | ||
| echo "${{ secrets.VAULT_PASSWORD }}" > "$HOME"/.vault-password | ||
| # secret used also in hosted pipeline for enabling | ||
| # access to cluster for tkn command log accessing | ||
| mkdir -p "$HOME"/.kube | ||
| ansible-vault decrypt \ | ||
| --vault-password-file "$HOME"/.vault-password \ | ||
| --output "$HOME"/.kube/config \ | ||
| ansible/vaults/integration-tests/ci-pipeline-kubeconfig | ||
| # secret used also in hosted pipeline for enabling | ||
| # cloning of the repository | ||
| mkdir -p "$HOME"/.ssh | ||
| ansible-vault decrypt \ | ||
| --vault-password-file "$HOME"/.vault-password \ | ||
| --output "$HOME"/.ssh/id_rsa \ | ||
| ansible/vaults/integration-tests/ci-pipeline-github-ssh-key | ||
| # - name: Run the integration tests ansible playbook | ||
| # uses: dawidd6/action-ansible-playbook@v2 | ||
| # with: | ||
| # playbook: playbooks/operator-pipeline-integration-tests.yml | ||
| # directory: ./ansible | ||
| # requirements: playbooks/requirements.yml | ||
| # vault_password: ${{secrets.VAULT_PASSWORD}} | ||
| # options: | | ||
| # -e "test_type=${{ matrix.test_type }}" | ||
| # -e "oc_namespace=int-tests-${{ matrix.test_type }}-${{ github.run_number }}-${{ github.run_attempt }}" | ||
| # -e "operator_pipeline_image_tag=${{ github.sha }}" | ||
| # -e "suffix=${{ steps.prepare.outputs.suffix }}" | ||
| # --skip-tags=signing-pipeline | ||
| # -v |
This file was deleted.
Oops, something went wrong.