-
Notifications
You must be signed in to change notification settings - Fork 13
121 lines (116 loc) · 4.22 KB
/
migration-tests.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
name: Migration Tests
permissions: {}
on:
workflow_dispatch: {}
pull_request:
branches:
- "main"
push:
branches:
- main
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
required:
strategy:
fail-fast: false
matrix:
k8s-version:
- name: v1.26
version: v1.26.13
- name: v1.27
version: v1.27.10
- name: v1.28
version: v1.28.6
- name: v1.29
version: v1.29.1
tests:
- ^reports$
runs-on: ubuntu-latest
name: ${{ matrix.k8s-version.name }} - ${{ matrix.tests }}
steps:
- name: Checkout
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Checkout kyverno/kyverno
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
repository: kyverno/kyverno
path: kyverno
- name: Setup Go
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: ~1.22.2
- name: Install helm
id: helm
uses: azure/setup-helm@5119fcb9089d432beecbf79bb2c7915207344b78 # v3.5
with:
token: ${{ secrets.GITHUB_TOKEN }}
- name: Install Tools
run: |
set -e
curl -LO "https://dl.k8s.io/release/${{ matrix.k8s-version.version }}/bin/linux/amd64/kubectl"
sudo install -o root -g root -m 0755 kubectl /usr/local/bin/kubectl
- name: Install kind
shell: bash
run: |
set -e
# For AMD64 / x86_64
[ $(uname -m) = x86_64 ] && curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.20.0/kind-linux-amd64
# For ARM64
[ $(uname -m) = aarch64 ] && curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.20.0/kind-linux-arm64
chmod +x ./kind
sudo mv ./kind /usr/local/bin/kind
- name: Create kind cluster
run: |
set -e
kind create cluster --image kindest/node:${{ matrix.k8s-version.version }} --config ./.github/kind.yml
- name: Install kyverno
run: |
set -e
export HELM=${{ steps.helm.outputs.helm-path }}
curl https://raw.githubusercontent.com/kyverno/kyverno/refs/heads/main/scripts/config/standard/kyverno.yaml > values.yaml
helm install kyverno -n kyverno --create-namespace ./kyverno/charts/kyverno --wait --values values.yaml
- name: Wait for kyverno ready
run: |
set -e
kubectl wait --namespace kyverno --for=condition=ready pod --selector '!job-name' --timeout=120s
# - name: Install PSS policies
# run: |
# set -e
# export HELM=${{ steps.helm.outputs.helm-path }}
# make install-pss-policies
- name: API Service status before migation
run: |
set -e
kubectl get apiservices v1alpha2.wgpolicyk8s.io v1.reports.kyverno.io
- name: Install report server
run: |
set -e
kubectl create ns reports-server
export HELM=${{ steps.helm.outputs.helm-path }}
make kind-install
- name: Wait for report server ready
run: |
set -e
kubectl wait --namespace reports-server --for=condition=ready pod --selector '!job-name' --timeout=120s
kubectl wait --for condition="available" apiservices v1alpha2.wgpolicyk8s.io v1.reports.kyverno.io --timeout=120s
- name: Wait for kyverno to pick up the change
run: |
set -e
sleep 600
- name: API Service status post migration
run: |
set -e
kubectl get apiservices v1alpha2.wgpolicyk8s.io v1.reports.kyverno.io
- name: Install Chainsaw
uses: kyverno/action-install-chainsaw@d311eacde764f806c9658574ff64c9c3b21f8397 # v0.2.11
- name: Test with Chainsaw
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
set -e
cd ./kyverno/test/conformance/chainsaw/reports && chainsaw test --config ./../../../../../.chainsaw.yaml --exclude-test-regex '^chainsaw$/^admission$/^label'
- name: Debug failure
if: failure()
uses: ./.github/actions/failure-logs