-
Notifications
You must be signed in to change notification settings - Fork 17
72 lines (60 loc) · 2.74 KB
/
eks.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
name: Validate SecureSign on EKS
on:
workflow_dispatch:
push:
branches: ["main", "release*"]
tags: ["*"]
pull_request:
branches: ["main", "release*"]
env:
GO_VERSION: 1.21
IMAGE_TAG: latest
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
jobs:
build-operator:
name: Build-operator
runs-on: ubuntu-20.04
steps:
- name: Checkout source
uses: actions/checkout@v2
- name: Install Go
uses: actions/setup-go@v3
with:
go-version: ${{ env.GO_VERSION }}
- name: Install eksctl
run: |
ARCH=amd64
PLATFORM=$(uname -s)_$ARCH
curl -sLO "https://github.com/eksctl-io/eksctl/releases/latest/download/eksctl_$PLATFORM.tar.gz"
tar -xzf eksctl_$PLATFORM.tar.gz -C /tmp && rm eksctl_$PLATFORM.tar.gz
sudo mv /tmp/eksctl /usr/local/bin
- name: Install kubectl
run: |
ARCH=amd64
PLATFORM=$(uname -s)_$ARCH
curl -sLO "https://dl.k8s.io/release/v1.22.0/bin/linux/amd64/kubectl"
chmod +x kubectl
sudo mv kubectl /usr/local/bin
- name: run eksctl create cluster
run: |
eksctl create cluster --alb-ingress-access --external-dns-access --name rhtas-eks --nodes 1 --node-type m5.xlarge --spot
eksctl utils associate-iam-oidc-provider --region=us-east-2 --cluster=rhtas-eks --approve
eksctl create iamserviceaccount --region us-east-2 --name ebs-csi-controller-sa --namespace kube-system --cluster rhtas-eks --attach-policy-arn arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy --approve --role-only --role-name AmazonEKS_EBS_CSI_DriverRole
eksctl create addon --name aws-ebs-csi-driver --cluster rhtas-eks --service-account-role-arn arn:aws:iam::${{ secrets.AWS }}:role/AmazonEKS_EBS_CSI_DriverRole --force
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/aws/deploy.yaml
- name: Build and Deploy operator container
run: make docker-build deploy
- name: Wait for operator to be ready
run: |
kubectl wait --for=condition=available deployment/rhtas-operator-controller-manager --timeout=60s -n openshift-rhtas-operator
- name: Install cosign
run: go install github.com/sigstore/cosign/v2/cmd/[email protected]
- name: Run tests
run: make integration-test
- name: dump the logs of the operator
run: kubectl logs -n openshift-rhtas-operator deployment/rhtas-operator-controller-manager
if: always()
- name: delete the cluster
run: eksctl delete cluster --name rhtas-eks --region us-east-2 --wait
if: always()