CI AKS #517
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI AKS | |
on: | |
schedule: | |
- cron: '5 10 * * *' | |
workflow_dispatch: | |
inputs: | |
ref: | |
description: "checkout git branch/tag" | |
required: true | |
default: "master" | |
keep_cluster: | |
description: "Keep the cluster afterwards?" | |
required: false | |
default: "no" | |
env: | |
GOARCH: amd64 | |
CGO_ENABLED: 0 | |
GINKGO_NODES: 1 | |
FLAKE_ATTEMPTS: 1 | |
AKS_MACHINE_TYPE: 'Standard_D3_v2' | |
jobs: | |
aks-fleet-examples: | |
runs-on: ubuntu-latest | |
if: > | |
github.repository == 'rancher/fleet' | |
steps: | |
- | |
name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
submodules: recursive | |
fetch-depth: 0 | |
- | |
name: Setup Go | |
uses: actions/setup-go@v5 | |
with: | |
go-version-file: 'go.mod' | |
check-latest: true | |
- | |
name: Setup Ginkgo Test Framework | |
run: go install github.com/onsi/ginkgo/v2/ginkgo | |
# Follow https://github.com/marketplace/actions/azure-login#configure-deployment-credentials | |
# az group create --name fleetCI --location eastus2 | |
# az ad sp create-for-rbac --name "fleetCI" --sdk-auth --role contributor \ | |
# --scopes /subscriptions/{id}/resourceGroups/fleetCI | |
- | |
name: Login to Azure | |
uses: azure/login@v1 | |
with: | |
creds: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}' | |
- | |
name: Create AKS cluster | |
id: create-cluster | |
# We need to specify bash as a shell when a job is running on windows runner | |
shell: bash | |
run: | | |
id=$RANDOM | |
echo "ID=$id" >> $GITHUB_OUTPUT | |
az aks create --resource-group fleetCI \ | |
--node-vm-size ${{ env.AKS_MACHINE_TYPE }} \ | |
--name fleetCI$id \ | |
--node-count 2 \ | |
--generate-ssh-keys | |
az aks get-credentials --resource-group fleetCI \ | |
--name fleetCI$id \ | |
--file kubeconfig-fleet-ci | |
# List existing clusters | |
az aks list | jq '.[] | .name + " " + (.powerState|tostring)' | |
- | |
name: Build fleet binaries | |
run: | | |
go build -o bin/fleetcontroller-linux-$GOARCH ./cmd/fleetcontroller | |
go build -o "bin/fleet-linux-$GOARCH" ./cmd/fleetcli | |
go build -o "bin/fleetagent-linux-$GOARCH" ./cmd/fleetagent | |
- | |
name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- | |
name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- | |
name: Get UUID | |
id: uuid | |
run: echo "uuid=$(uuidgen)" >> $GITHUB_OUTPUT | |
- | |
id: meta-fleet | |
uses: docker/metadata-action@v5 | |
with: | |
images: | | |
ttl.sh/rancher/fleet-${{ steps.uuid.outputs.uuid }} | |
tags: type=raw,value=1h | |
- | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
file: package/Dockerfile | |
build-args: | | |
ARCH=${{ env.GOARCH }} | |
push: true | |
tags: ${{ steps.meta-fleet.outputs.tags }} | |
labels: ${{ steps.meta-fleet.outputs.labels }} | |
- | |
id: meta-fleet-agent | |
uses: docker/metadata-action@v5 | |
with: | |
images: | | |
ttl.sh/rancher/fleet-agent-${{ steps.uuid.outputs.uuid }} | |
tags: type=raw,value=1h | |
- | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
file: package/Dockerfile.agent | |
build-args: | | |
ARCH=${{ env.GOARCH }} | |
push: true | |
tags: ${{ steps.meta-fleet-agent.outputs.tags }} | |
labels: ${{ steps.meta-fleet-agent.outputs.labels }} | |
- | |
name: Deploy Fleet | |
run: | | |
export KUBECONFIG="$GITHUB_WORKSPACE/kubeconfig-fleet-ci" | |
echo "${{ steps.meta-fleet.outputs.tags }} ${{ steps.meta-fleet-agent.outputs.tags }}" | |
./.github/scripts/deploy-fleet.sh ${{ steps.meta-fleet.outputs.tags }} ${{ steps.meta-fleet-agent.outputs.tags }} | |
- | |
name: Fleet E2E Tests | |
env: | |
FLEET_E2E_NS: fleet-local | |
run: | | |
export KUBECONFIG="$GITHUB_WORKSPACE/kubeconfig-fleet-ci" | |
ginkgo --label-filter="!infra-setup" e2e/single-cluster e2e/keep-resources | |
- | |
name: Acceptance Tests for Examples | |
env: | |
FLEET_E2E_NS: fleet-local | |
run: | | |
export KUBECONFIG="$GITHUB_WORKSPACE/kubeconfig-fleet-ci" | |
ginkgo e2e/acceptance/single-cluster-examples | |
- | |
name: Fleet Tests Requiring Github Secrets | |
# These tests can't run for PRs, because PRs don't have access to the secrets | |
env: | |
FLEET_E2E_NS: fleet-local | |
GIT_REPO_URL: "[email protected]:fleetrepoci/testaks.git" | |
GIT_REPO_HOST: "github.com" | |
GIT_REPO_USER: "git" | |
CI_OCI_USERNAME: ${{ secrets.CI_OCI_USERNAME }} | |
CI_OCI_PASSWORD: ${{ secrets.CI_OCI_PASSWORD }} | |
run: | | |
export KUBECONFIG="$GITHUB_WORKSPACE/kubeconfig-fleet-ci" | |
export GIT_SSH_KEY="$GITHUB_WORKSPACE/id_ecdsa" | |
export GIT_SSH_PUBKEY="$GITHUB_WORKSPACE/id_ecdsa.pub" | |
echo "${{ secrets.CI_AKS_SSH_KEY }}" > "$GIT_SSH_KEY" | |
echo "${{ secrets.CI_AKS_SSH_PUBKEY }}" > "$GIT_SSH_PUBKEY" | |
ginkgo e2e/require-secrets | |
- | |
name: Delete AKS cluster | |
# We always tear down the cluster, to avoid costs. Except when running | |
# manually and keep_cluster was set to "yes" | |
if: ${{ always() && github.event.inputs.keep_cluster != 'yes' }} | |
shell: bash | |
run: | | |
id="${{ steps.create-cluster.outputs.ID }}" | |
az aks delete --resource-group fleetCI --name fleetCI$id --yes |