Skip to content
This repository has been archived by the owner on Sep 26, 2023. It is now read-only.

Stop setting seccompProfile on the operator pods #343

Stop setting seccompProfile on the operator pods

Stop setting seccompProfile on the operator pods #343

Workflow file for this run

name: CI-Tests
on:
push:
branches:
- main
- v[0-9]+.[0-9]+
pull_request:
branches:
- main
- v[0-9]+.[0-9]+
defaults:
run:
shell: bash
jobs:
verify-and-unit-tests:
name: Run verify and unit tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0 # Fetch all history for all tags and branches
- uses: actions/setup-go@v3
with:
go-version-file: go.mod
- name: Verify modules
run: go mod verify
- name: Verify format
run: |
make fmt
git diff --exit-code
- name: Verify manifests
run: |
make manifests
git diff --exit-code
- name: Verify imported manifests
run: |
make import-manifests
git diff --exit-code
- name: Verify bindata
run: |
make verify-bindata
- name: Unit and Integration Tests
run: make test
e2e-tests:
name: Run e2e tests
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0 # Fetch all history for all tags and branches
- uses: actions/setup-go@v3
with:
go-version-file: go.mod
- name: Download binaries
run: |
make download-binaries
- name: Create K8s KinD Cluster
run: |
kind version
make test-cluster
- name: Build and Push Test Container Image to KIND node
run: |
make docker-build IMG=localhost:5000/gatekeeper-operator:$GITHUB_SHA
kind load docker-image localhost:5000/gatekeeper-operator:$GITHUB_SHA
- name: E2E Tests
run: |
make deploy-ci NAMESPACE=mygatekeeper IMG=localhost:5000/gatekeeper-operator:$GITHUB_SHA
kubectl -n mygatekeeper wait deployment/gatekeeper-operator-controller --for condition=Available --timeout=90s
kubectl -n mygatekeeper logs deployment/gatekeeper-operator-controller -c manager -f > operator.log &
make test-e2e NAMESPACE=mygatekeeper
kubectl delete --wait namespace mygatekeeper
- name: Debug
if: ${{ failure() }}
run: |
echo "::group::Operator Logs"
cat operator.log
echo "::endgroup::"
gatekeeper-e2e-tests:
name: Run gatekeeper e2e tests
runs-on: ubuntu-latest
defaults:
run:
working-directory: gatekeeper-operator
strategy:
matrix:
NAMESPACE: ["gatekeeper-system"]
steps:
- uses: actions/checkout@v3
with:
path: gatekeeper-operator
fetch-depth: 0 # Fetch all history for all tags and branches
- uses: actions/setup-go@v3
with:
go-version-file: gatekeeper-operator/go.mod
- name: Download binaries
run: |
make download-binaries
- name: Create K8s KinD Cluster
run: |
kind version
make test-cluster
- name: Build and Push Test Container Image to KIND node
run: |
make docker-build IMG=localhost:5000/gatekeeper-operator:$GITHUB_SHA
kind load docker-image localhost:5000/gatekeeper-operator:$GITHUB_SHA
- name: Set Up Environment Variables
run: |
GATEKEEPER_VERSION=$(awk '/^GATEKEEPER_VERSION/ {print $3}' Makefile)
echo "GATEKEEPER_VERSION=${GATEKEEPER_VERSION}" >> ${GITHUB_ENV}
# Checkout a local copy of Gatekeeper to use its bats e2e tests.
- name: Checkout Gatekeeper to verify imported manifests
uses: actions/checkout@v3
with:
repository: open-policy-agent/gatekeeper
ref: ${{ env.GATEKEEPER_VERSION }}
path: gatekeeper
fetch-depth: 0 # Fetch all history for all tags and branches
# TODO: gatekeeper-operator does not --log-mutations nor --mutation-annotations
- name: Remove unhandled gatekeeper bats tests
run: |
sed -i -e '67,71d;80,83d' /home/runner/work/gatekeeper-operator/gatekeeper-operator/gatekeeper/test/bats/test.bats
- name: Gatekeeper E2E Tests
run: |
make download-binaries
make deploy-ci NAMESPACE=${{ matrix.NAMESPACE }} IMG=localhost:5000/gatekeeper-operator:$GITHUB_SHA
kubectl -n ${{ matrix.NAMESPACE }} wait deployment/gatekeeper-operator-controller --for condition=Available --timeout=90s
make test-gatekeeper-e2e
export PATH=$PWD/ci-tools/bin:$PATH
cd ../gatekeeper
test/externaldata/dummy-provider/scripts/generate-tls-certificate.sh
docker build -t dummy-provider:test -f test/externaldata/dummy-provider/Dockerfile test/externaldata/dummy-provider
kind load docker-image --name kind dummy-provider:test
make test-e2e GATEKEEPER_NAMESPACE=${{ matrix.NAMESPACE }} ENABLE_MUTATION_TESTS=1