Skip to content

tests, branch:1007/merge, triggered by @pmalek #3318

tests, branch:1007/merge, triggered by @pmalek

tests, branch:1007/merge, triggered by @pmalek #3318

Workflow file for this run

name: tests
run-name: tests, branch:${{ github.ref_name }}, triggered by @${{ github.actor }}
concurrency:
# Run only for most recent commit in PRs but for all tags and commits on main
# Ref: https://docs.github.com/en/actions/using-jobs/using-concurrency
group: ${{ github.workflow }}-${{ github.head_ref || github.sha }}
cancel-in-progress: true
on:
pull_request:
branches:
- '*'
- 'release/*'
push:
branches:
- 'main'
- 'release/*'
tags:
- '*'
workflow_dispatch: {}
permissions:
contents: read
jobs:
ensure-actions-sha-pin:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: zgosalvez/github-actions-ensure-sha-pinned-actions@c3a2b64f69b7a1542a68f44d9edbd9ec3fc1455e # v3.0.20
ossf-scorecard:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
# Ref: https://github.com/ossf/scorecard
- run: |
docker run --rm --env GITHUB_TOKEN=${{ secrets.GITHUB_TOKEN }} gcr.io/openssf/scorecard:stable \
--repo=github.com/${{ github.repository }} \
--commit ${{ github.sha }} \
--show-details
lint:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
go-version-file: go.mod
- uses: jdx/mise-action@5083fe46898c414b2475087cc79da59e7da859e8 # v2.1.11
with:
install: false
- name: run lint
env:
# Our .golangci.yaml has fix: true, but we don't want that in CI therefore the below override.
GOLANGCI_LINT_FLAGS: "--fix=false"
run: make lint
verify:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
go-version-file: go.mod
- uses: jdx/mise-action@5083fe46898c414b2475087cc79da59e7da859e8 # v2.1.11
with:
install: false
- name: Verify manifests consistency
run: make verify.manifests
- name: Verify generators consistency
uses: nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3.0.0
with:
timeout_minutes: 3
max_attempts: 3
command: make verify.generators
samples:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
go-version-file: go.mod
- name: Create k8s KinD Cluster
uses: helm/kind-action@a1b0e391336a6ee6713a0583f8c6240d70863de3 # v1.12.0
- uses: jdx/mise-action@5083fe46898c414b2475087cc79da59e7da859e8 # v2.1.11
with:
install: false
# We use install.all to install all CRDs and resources also the ones that are not bundled
# in base kustomization (e.g. currently AIGateway) but which have samples defined.
- name: Verify installing CRDs via kustomize works
run: make install.all
- name: Install and delete each sample one by one
run: make test.samples
- name: Verify that uninstalling operator CRDs via kustomize works
run: make uninstall.all
install-with-kustomize:
runs-on: ubuntu-latest
env:
IMG: gateway-operator
TAG: e2e-${{ github.sha }}
CLUSTER_NAME: install-with-kustomize
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup go
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
go-version-file: go.mod
- name: build docker image
run: make docker.build
- name: Create k8s KinD Cluster
uses: helm/kind-action@a1b0e391336a6ee6713a0583f8c6240d70863de3 # v1.12.0
with:
cluster_name: ${{ env.CLUSTER_NAME }}
- uses: jdx/mise-action@5083fe46898c414b2475087cc79da59e7da859e8 # v2.1.11
with:
install: false
- name: Verify installing CRDs via kustomize works
run: make install
- name: Load image to kind cluster
run: kind load docker-image gateway-operator:e2e-${{ github.sha }} --name $CLUSTER_NAME
- name: Verify deploying operator via kustomize works
env:
IMG: gateway-operator
VERSION: e2e-${{ github.sha }}
run: make deploy
- name: Verify that undeploying operator via kustomize works
run: make undeploy
- name: Verify that uninstalling operator CRDs via kustomize works
run: make uninstall
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: setup golang
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
go-version-file: go.mod
- run: make build.operator
- name: Test the binary by running it with -version flag
run: ./bin/manager -version | ./scripts/verify-version.sh ${{ github.repository }}
unit-tests:
runs-on: ubuntu-latest
steps:
- name: checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: setup golang
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
go-version-file: go.mod
- uses: jdx/mise-action@5083fe46898c414b2475087cc79da59e7da859e8 # v2.1.11
with:
install: false
- name: run unit tests
run: make test.unit
env:
KONG_PLUGIN_IMAGE_REGISTRY_CREDENTIALS: ${{ secrets.KONG_PLUGIN_IMAGE_REGISTRY_CREDENTIALS }}
GOTESTSUM_JUNITFILE: "unit-tests.xml"
- name: collect test coverage
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: coverage-unit-tests
path: coverage.unit.out
- name: collect test report
if: ${{ always() }}
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: tests-report-unit-tests
path: unit-tests.xml
CRDs-validation:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
go-version-file: go.mod
- uses: jdx/mise-action@5083fe46898c414b2475087cc79da59e7da859e8 # v2.1.11
with:
install: false
- name: Run the crds validation tests
run: make test.crds-validation
envtest-tests:
runs-on: ubuntu-latest
steps:
- name: checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: setup golang
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
go-version-file: go.mod
- uses: jdx/mise-action@5083fe46898c414b2475087cc79da59e7da859e8 # v2.1.11
with:
install: false
- name: run envtest tests
run: make test.envtest
env:
GOTESTSUM_JUNITFILE: "envtest-tests.xml"
- name: collect test coverage
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: coverage-envtest
path: coverage.envtest.out
- name: collect test report
if: ${{ always() }}
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: tests-report-envtest-tests
path: envtest-tests.xml
conformance-tests:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
include:
- router-flavor: traditional_compatible
- router-flavor: expressions
steps:
- name: checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
# Fetch all history so that we can get the correct commit hash for the conformance tests.
fetch-depth: 0
- name: setup golang
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
go-version-file: go.mod
- uses: jdx/mise-action@5083fe46898c414b2475087cc79da59e7da859e8 # v2.1.11
with:
install: false
- name: run conformance tests
run: make test.conformance
env:
GOTESTSUM_JUNITFILE: conformance-tests-${{ matrix.router-flavor }}.xml
TEST_KONG_ROUTER_FLAVOR: ${{ matrix.router-flavor }}
- name: upload diagnostics
if: ${{ always() }}
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: diagnostics-conformance-${{ matrix.router-flavor }}
path: /tmp/ktf-diag*
if-no-files-found: ignore
- name: collect test report
if: ${{ always() }}
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: tests-report-conformance-${{ matrix.router-flavor }}
path: conformance-tests-${{ matrix.router-flavor }}.xml
- name: collect conformance report
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: conformance-report-${{ matrix.router-flavor }}
path: standard-*-report.yaml
integration-tests:
runs-on: ubuntu-latest
strategy:
fail-fast: true
matrix:
webhook-enabled:
- "true"
- "false"
name: "integration-tests (WEBHOOK_ENABLED=${{ matrix.webhook-enabled }})"
steps:
- name: checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: setup golang
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
go-version-file: go.mod
- uses: jdx/mise-action@5083fe46898c414b2475087cc79da59e7da859e8 # v2.1.11
with:
install: false
- name: run integration tests
run: make test.integration
env:
KONG_TEST_DISABLE_CERTMANAGER: "true"
KONG_PLUGIN_IMAGE_REGISTRY_CREDENTIALS: ${{ secrets.KONG_PLUGIN_IMAGE_REGISTRY_CREDENTIALS }}
WEBHOOK_ENABLED: ${{ matrix.webhook-enabled }}
KONG_CONTROLLER_OUT: stdout
GOTESTSUM_JUNITFILE: integration-tests-webhook-enabled-${{ matrix.webhook-enabled }}.xml
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
KONG_TEST_KONNECT_ACCESS_TOKEN: ${{ secrets.KONG_TEST_KONNECT_ACCESS_TOKEN }}
KONG_TEST_KONNECT_SERVER_URL: us.api.konghq.tech
- name: upload diagnostics
if: always()
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: diagnostics-integration-webhook-enabled-${{ matrix.webhook-enabled }}
path: /tmp/ktf-diag*
if-no-files-found: ignore
- name: collect test coverage
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: coverage-integration-webhook-enabled-${{ matrix.webhook-enabled }}
path: coverage.integration.out
- name: collect test report
if: ${{ always() }}
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: tests-report-integration-webhook-enabled-${{ matrix.webhook-enabled }}
path: integration-tests-webhook-enabled-${{ matrix.webhook-enabled }}.xml
integration-tests-bluegreen:
runs-on: ubuntu-latest
strategy:
fail-fast: true
matrix:
webhook-enabled:
- "true"
- "false"
name: "integration-tests-bluegreen (WEBHOOK_ENABLED=${{ matrix.webhook-enabled }})"
steps:
- name: checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: setup golang
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
go-version-file: go.mod
- uses: jdx/mise-action@5083fe46898c414b2475087cc79da59e7da859e8 # v2.1.11
with:
install: false
- name: run integration tests
run: make test.integration_bluegreen
env:
KONG_TEST_DISABLE_CERTMANAGER: "true"
WEBHOOK_ENABLED: ${{ matrix.webhook-enabled }}
KONG_CONTROLLER_OUT: stdout
GOTESTSUM_JUNITFILE: integration-tests-bluegreen-webhook-enabled-${{ matrix.webhook-enabled }}.xml
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: upload diagnostics
if: always()
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: diagnostics-integration-bluegreen-webhook-enabled-${{ matrix.webhook-enabled }}
path: /tmp/ktf-diag*
if-no-files-found: ignore
- name: collect test coverage
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: coverage-integration-bluegreen-webhook-enabled-${{ matrix.webhook-enabled }}
path: coverage.integration-bluegreen.out
- name: collect test report
if: always()
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: tests-report-integration-bluegreen-webhook-enabled-${{ matrix.webhook-enabled }}
path: integration-tests-bluegreen-webhook-enabled-${{ matrix.webhook-enabled }}.xml
# Test reconciling Gateway with provisioning DataPlane failures.
# This test introduces a wrong gateway that will have errors on validation all `DataPlane`s, so it should run isolated.
integration-tests-provision-fail:
runs-on: ubuntu-latest
strategy:
fail-fast: true
name: integration-tests-provision-dataplane-fail
steps:
- name: checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: setup golang
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
go-version-file: go.mod
- uses: jdx/mise-action@5083fe46898c414b2475087cc79da59e7da859e8 # v2.1.11
with:
install: false
- name: run integration tests
run: make test.integration_provision_dataplane_fail
env:
KONG_TEST_DISABLE_CERTMANAGER: "true"
KONG_CONTROLLER_OUT: stdout
KONG_PLUGIN_IMAGE_REGISTRY_CREDENTIALS: ${{ secrets.KONG_PLUGIN_IMAGE_REGISTRY_CREDENTIALS }}
GOTESTSUM_JUNITFILE: integration-tests-provision-dataplane-fail.xml
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: upload diagnostics
if: always()
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: diagnostics-integration-provision-fail
path: /tmp/ktf-diag*
if-no-files-found: ignore
- name: collect test coverage
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: coverage-integration-tests-provision-fail
path: coverage.integration-provision-dataplane-fail.out
- name: collect test report
if: always()
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: tests-report-integration-tests-provision-fail
path: integration-tests-provision-dataplane-fail.xml
e2e-tests:
runs-on: ubuntu-latest
steps:
- name: checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- name: setup golang
uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
with:
go-version-file: go.mod
- name: build docker image
env:
IMG: gateway-operator
TAG: e2e-${{ github.sha }}
run: make docker.build
- uses: jdx/mise-action@5083fe46898c414b2475087cc79da59e7da859e8 # v2.1.11
with:
install: false
- name: run e2e tests
run: make test.e2e
env:
KONG_TEST_DISABLE_CERTMANAGER: "true"
KONG_TEST_GATEWAY_OPERATOR_IMAGE_LOAD: gateway-operator:e2e-${{ github.sha }}
GOTESTSUM_JUNITFILE: "e2e-tests.xml"
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: upload diagnostics
if: always()
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: diagnostics-e2e
path: /tmp/ktf-diag*
if-no-files-found: ignore
- name: collect test report
if: ${{ always() }}
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
with:
name: tests-report-e2e
path: e2e-tests.xml
buildpulse-report:
needs:
- unit-tests
- integration-tests
- conformance-tests
- e2e-tests
if: ${{ always() }}
runs-on: ubuntu-latest
steps:
- name: checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: download tests report
id: download-coverage
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
with:
pattern: tests-report*
path: report
merge-multiple: true
- name: Upload test results to BuildPulse for flaky test detection
if: ${{ !cancelled() }}
uses: buildpulse/buildpulse-action@d4d8e00c645a2e3db0419a43664bbcf868080234 # v0.12.0
with:
account: 962416
repository: 477814940
path: report/*.xml
key: ${{ secrets.BUILDPULSE_ACCESS_KEY_ID }}
secret: ${{ secrets.BUILDPULSE_SECRET_ACCESS_KEY }}
# We need this step to fail the workflow if any of the previous steps failed or were cancelled.
# It allows to use this particular job as a required check for PRs.
# Ref: https://github.com/orgs/community/discussions/26822#discussioncomment-3305794
passed:
runs-on: ubuntu-latest
needs:
- ensure-actions-sha-pin
- ossf-scorecard
- lint
- verify
- install-with-kustomize
- build
- unit-tests
- envtest-tests
- CRDs-validation
- samples
- conformance-tests
- integration-tests
- integration-tests-bluegreen
- integration-tests-provision-fail
- e2e-tests
- buildpulse-report
if: always()
steps:
- if: contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled')
run: |
echo "Some jobs failed or were cancelled."
exit 1