diff --git a/docs/contributor/04-30-ci-cd.md b/docs/contributor/04-30-ci-cd.md index 75c69aad2..afa2bf9ae 100644 --- a/docs/contributor/04-30-ci-cd.md +++ b/docs/contributor/04-30-ci-cd.md @@ -27,80 +27,3 @@ There are two environments configured: The tests use an OAuth2 authorization server mock that is deployed internally in the test cluster. In case of E2E tests running on Gardener, SAP Cloud Identity Services provider is used instead. -## Prerequisites for GitHub Actions Secrets - -### Gardener Specific - -- `GARDENER_TOKEN` - Kubeconfig token used to provision test-purpose shoots and for later cleanup -- `DNS_SECRET_JSON` - DNS ServiceAccount used to set up the custom domain using Gardener capabilities (Base64 encoded) - -## Pipelines Running on Pull Requests to the Main Branch - -The following CI jobs are part of the development cycle. - -| Name | Description | -|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------| -| [`Pull Request / Build manager image`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/pull-request.yaml#L34) | Build the manage image so that the image-dependent jobs can be executed. | -| [`PR Integration / Integration tests`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/call-pull-integration.yaml#L30) | Executes the integration test suites for the API Gateway module on a k3d cluster. The job installs the Istio module using Kyma CLI. | -| [`Pull Request unit & lint / Golang lint check`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/call-unit-lint.yaml#L32) | Performs linting. | -| [`Pull Request unit & lint / Run unit tests`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/call-unit-lint.yaml#L51) | Runs unit tests. | -| [`Workflow validation / Ensure SHA pinned actions`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/call-verify-commit-pins.yaml#L10) | Verifies that all external actions are pinned to a commit. | -| [`Pull Request / gitleaks`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/pull-request.yaml#L19) | Runs the Gitleaks scan to detect any leaks of secrets. | -| [`PR Build and Push Manager Image / Build and push manager image`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/pull-build-push.yaml#L44) | Builds the manager's image and pushes it to a GCP Artifact Registry so that the jobs running tests on Gardener clusters can be executed. | -| [`Sync External Images / sync-external-images`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/post-sync-external-images.yaml#L20) | Executes image syncer to import external images. | - -## Pipelines Running on Pull Requests to Release Branches - -The following CI jobs are part of the release cycle. - -| Name | Description | -|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| [`Release Pull Request / Build manager image`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/pull-request-release.yaml#L11) | Builds Kyma Istio Operator's image and pushes it to the `dev` registry. | -| [`PR Integration Release / Integration tests`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/call-integration-release.yaml#L12) | Executes the integration test suites for the API Gateway module on a k3d cluster. The job installs the Istio module using Kyma CLI. | -| [`PR Integration Release / Kubernetes version compatibility test`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/call-integration-release.yaml#L53) | Executes the integration test suites for the API Gateway module and checks for any incompatibilities with the latest Kubernetes version. | -| [`PR Integration Release / Upgrade tests`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/call-integration-release.yaml#L74) | Executes the upgrade integration test suite for the API Gateway module and verifies if the existing release can be successfully upgraded to the new version. | -| [`Pull Request / Unit tests & lint`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/pull-request.yaml#L47) | Performs linting. | -| [`UI Tests / Run UI tests`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/pull-request.yaml#L60) | Runs UI tests for Busola extensions of API Gateway module and API Rules | -| [`PR Integration Release / Custom domain GCP`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/call-integration-release.yaml#L93) | Executes the integration test suites that verify the functional correctness of Kyma API Gateway Operator on a Gardener GCP cluster. | -| [`PR Integration Release / Custom domain AWS`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/call-integration-release.yaml#L118) | Executes the integration test suites that verify the functional correctness of the API Gateway Operator on a Gardener AWS cluster. | -| [`PR Integration Release / Zero Downtime Migration Tests`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/call-integration-release.yaml#L34) | Executes the tests that verify the zero downtime migration from APIRule `v1beta1` to `v2alpha1` on a k3d cluster. | - -## Pipelines Running on the Main Branch and on a Schedule - -The following CI jobs are executed when you merge changes to the `main` branch and also run daily at 5:00 AM. - -| Name | Description | -|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| [`Main Integration / Build api-gateway image`](https://github.com/kyma-project/api-gateway/blob/dc563795521a7623ffdf6b2fd86d1cf7eb64a55c/.github/workflows/post-main-integration.yaml#L21) | Builds Kyma API Gateway Operator image and pushes it to the `prod` registry. | -| [`Main Integration / Get manager SHA`](https://github.com/kyma-project/api-gateway/blob/dc563795521a7623ffdf6b2fd86d1cf7eb64a55c/.github/workflows/post-main-integration.yaml#L33) | Extracts the SHA of the commit that triggered the last successful build of the API Gateway manager image on main. | -| [`Main Integration / E2E tests k3d`](https://github.com/kyma-project/api-gateway/blob/dc563795521a7623ffdf6b2fd86d1cf7eb64a55c/.github/workflows/post-main-integration.yaml#L55) | Executes the main integration test suite for the API Gateway module on a k3d cluster. The job uses Istio module. | -| [`Main Integration / E2E tests AWS`](https://github.com/kyma-project/api-gateway/blob/dc563795521a7623ffdf6b2fd86d1cf7eb64a55c/.github/workflows/post-main-integration.yaml#L79) | Executes the main integration test suite for the API Gateway module on a Gardener AWS cluster. The job uses Istio module. | -| [`Main Integration / Upgrade tests`](https://github.com/kyma-project/api-gateway/blob/dc563795521a7623ffdf6b2fd86d1cf7eb64a55c/.github/workflows/post-main-integration.yaml#L156) | Executes the upgrade integration test suite for the API Gateway module and verifies if the existing release can be successfully upgraded to the new version. | -| [`Main Integration / E2E custom domain tests GCP`](https://github.com/kyma-project/api-gateway/blob/dc563795521a7623ffdf6b2fd86d1cf7eb64a55c/.github/workflows/post-main-integration.yaml#L176) | Executes the integration test suite that verifies the functional correctness of Kyma API Gateway Operator. The test suite uses a custom domain and a Gardener GCP cluster. | -| [`Main Integration / E2E custom domain tests AWS`](https://github.com/kyma-project/api-gateway/blob/dc563795521a7623ffdf6b2fd86d1cf7eb64a55c/.github/workflows/post-main-integration.yaml#L202) | Executes the integration test suite that verifies the functional correctness of the API Gateway Operator. The test suite uses a custom domain and a Gardener AWS cluster. | -| [`Main Integration / Zero Downtime Migration Tests`](https://github.com/kyma-project/api-gateway/blob/dc563795521a7623ffdf6b2fd86d1cf7eb64a55c/.github/workflows/post-main-integration.yaml#L107) | Executes the tests that verify the zero downtime migration from APIRule `v1beta1` to `v2alpha1` on a k3d cluster. | -| [`Main Integration / Zero Downtime Migration Tests AWS`](https://github.com/kyma-project/api-gateway/blob/dc563795521a7623ffdf6b2fd86d1cf7eb64a55c/.github/workflows/post-main-integration.yaml#L129) | Executes the tests that verify the zero downtime migration from APIRule `v1beta1` to `v2alpha1` on a Gardener AWS cluster. | -| [`Main Integration / Slack Notification`](https://github.com/kyma-project/api-gateway/blob/dc563795521a7623ffdf6b2fd86d1cf7eb64a55c/.github/workflows/post-main-integration.yaml#L228) | Sends a Slack notification to the team's channel if any pipelines fail on the main branch. | -| [`UI Tests Periodic / Get manager SHA`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/schedule-ui-tests.yaml#L8) | Extracts the SHA of the commit that triggered the last successful build of the API Gateway manager image on main. | -| [`UI Tests Periodic / Run UI tests`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/schedule-ui-tests.yaml#L21) | Runs UI tests for Busola extensions of API Gateway module and API Rules | -| [`UI Tests Periodic / Slack Notification`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/schedule-ui-tests.yaml#L45) | Sends a Slack notification to the team's channel if any pipelines fail in the workflow. | - -## Pipelines Running Only on Merge to Main - -The following CI jobs run when you merge changes to the `main` branch. - -| Name | Description | -|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|--------------------------------------------------| -| [`Sync External Images / sync-external-images`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/post-sync-external-images.yaml#L20) | Executes image syncer to import external images. | - -## Pipelines Running During the Release - -The following CI jobs generate release artifacts. They are triggered on Git tag creation. - -| Name | Description | -|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------| -| [`Create release / build-image`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/release-create-release.yaml#L54) | Builds Kyma API Gateway Operator image on the release and pushes it to the `prod` registry. | -| [`Create release / Check release prerequisites`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/release-create-release.yaml#L17) | Checks whether all pre-requesites for release are met | -| [`Create release / Create draft release`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/release-create-release.yaml#L61) | Create a draft release that will be updated with release artifacts | -| [`Create release / Publish release`](https://github.com/kyma-project/api-gateway/blob/1e59d9c2e7bbdc3a2db4118aaa9038ecb046cdf5/.github/workflows/release-create-release.yaml#L92) | Publish the previously created draft release | -