-
Notifications
You must be signed in to change notification settings - Fork 17
82 lines (72 loc) · 3.35 KB
/
main.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
name: Validate SecureSign
on:
push:
branches: ["main", "release*"]
tags: ["*"]
pull_request:
branches: ["main", "release*"]
env:
GO_VERSION: 1.19
IMAGE_TAG_BASE: ${KIND_REGISTRY}/securesign
jobs:
build-operator:
name: Build-operator
runs-on: ubuntu-20.04
steps:
- name: Checkout source
uses: actions/checkout@v2
- name: Install Go
uses: actions/setup-go@v1
with:
go-version: ${{ env.GO_VERSION }}
- name: Log in to registry.redhat.io
uses: redhat-actions/podman-login@9184318aae1ee5034fbfbacc0388acf12669171f # v1
with:
username: ${{ secrets.REGISTRY_USER }}
password: ${{ secrets.REGISTRY_PASSWORD }}
registry: registry.redhat.io
auth_file_path: /tmp/config.json
- name: Install Cluster
uses: container-tools/[email protected]
with:
version: v0.20.0
node_image: kindest/node:v1.26.6@sha256:6e2d8b28a5b601defe327b98bd1c2d1930b49e5d8c512e1895099e4504007adb
cpu: 3
config: ./ci/config.yaml
- name: Build and Deploy operator container
run: make docker-build docker-push deploy
- name: Wait for operator to be ready
run: |
kubectl wait --for=condition=available deployment/operator-controller-manager --timeout=60s -n operator-system
- name: Install Keycloak
run: |
#install OLM
kubectl create -f https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.25.0/crds.yaml
# wait for a while to be sure CRDs are installed
sleep 1
kubectl create -f https://github.com/operator-framework/operator-lifecycle-manager/releases/download/v0.25.0/olm.yaml
kubectl create --kustomize https://github.com/securesign/sigstore-ocp/keycloak/operator/overlay/kind
until [ ! -z "$(kubectl get pod -l name=keycloak-operator -n keycloak-system 2>/dev/null)" ]
do
echo "Waiting for keycloak operator. Pods in keycloak-system namespace:"
kubectl get pods -n keycloak-system
sleep 10
done
kubectl create --kustomize https://github.com/securesign/sigstore-ocp/keycloak/resources/overlay/kind
until [[ $( oc get keycloak keycloak -o jsonpath='{.status.ready}' -n keycloak-system 2>/dev/null) == "true" ]]
do
printf "Waiting for keycloak deployment. \n Keycloak ready: %s\n" $(oc get keycloak keycloak -o jsonpath='{.status.ready}' -n keycloak-system)
sleep 10
done
shell: bash
- name: Apply sample config
run: |
kubectl create ns test
kubectl -n test create secret generic fulcio-secret-rh --from-file=private=./ci/certs/file_ca_key.pem --from-file=public=./ci/certs/file_ca_pub.pem --from-file=cert=./ci/certs/fulcio-root.pem --from-literal=password=secure
kubectl -n test create secret generic rekor-private-key --from-file=private=./ci/certs/rekor_key.pem
kubectl apply -f config/samples/rhtas_v1alpha1_securesign.yaml -n test
- name: sleep then print pods in test namespace
run: |
sleep 120
kubectl get pods -n test
[ -z "$(kubectl get pods -o jsonpath='{range .items[*]}{.status.phase}{"\n"}' | grep -v "Succeeded" | grep -v "Completed" | grep -v "Running")" ]