feat: add TCP connection mechanism for Gefyra (Wireguard) #1981
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: pytest and try it yourself example | |
on: | |
push: | |
branches: [ main ] | |
pull_request: | |
branches: [ main ] | |
jobs: | |
build_test_image: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
# https://github.com/docker/setup-qemu-action | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
# https://github.com/docker/setup-buildx-action | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: PyServer Test Image meta | |
id: test_image_meta | |
uses: docker/metadata-action@v5 | |
with: | |
flavor: | | |
latest=false | |
images: | | |
gefyra/pyserver | |
tags: | | |
type=ref,event=pr,enable=${{ !!github.event.pull_request }} | |
type=raw,value=test-run-${{ github.run_id }},enable=${{ !github.event.pull_request }} | |
labels: | | |
quay.expires-after=24h | |
- name: Build and push | |
uses: docker/build-push-action@v5 | |
with: | |
context: testing/images/ | |
platforms: linux/amd64 | |
push: false | |
load: true | |
file: testing/images/Dockerfile.local | |
tags: pyserver | |
outputs: type=docker,dest=/tmp/pyserver.tar | |
- name: Upload pyserver image | |
uses: actions/upload-artifact@v4 | |
with: | |
name: pyserver | |
path: /tmp/pyserver.tar | |
build_operator: | |
runs-on: ubuntu-latest | |
outputs: | |
tags: ${{ steps.operator_meta.outputs.tags }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
# https://github.com/docker/setup-qemu-action | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
# https://github.com/docker/setup-buildx-action | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Login to quay.io | |
uses: docker/login-action@v3 | |
with: | |
registry: quay.io | |
username: ${{ secrets.QUAY_ROBOT }} | |
password: ${{ secrets.QUAY_ROBOT_TOKEN }} | |
# | |
# Gefyra Operator | |
# | |
- name: Operator Image meta | |
id: operator_meta | |
uses: docker/metadata-action@v5 | |
with: | |
flavor: | | |
latest=false | |
images: | | |
quay.io/gefyra/operator | |
tags: | | |
type=raw,value=test-run-${{ github.run_id }},enable=${{ !github.event.pull_request }} | |
type=ref,event=pr,enable=${{ !!github.event.pull_request }} | |
labels: | | |
quay.expires-after=24h | |
- name: Build and push | |
uses: docker/build-push-action@v5 | |
with: | |
context: operator/ | |
platforms: linux/amd64 | |
push: true | |
load: false | |
tags: ${{ steps.operator_meta.outputs.tags }} | |
labels: ${{ steps.operator_meta.outputs.labels }} | |
cache-from: type=registry,ref=quay.io/gefyra/operator:latest | |
# Goutputs: type=docker,dest=/tmp/operator.tar | |
- name: Upload operator image | |
uses: actions/upload-artifact@v4 | |
with: | |
name: operator | |
path: /tmp/operator.tar | |
build_cargo: | |
runs-on: ubuntu-latest | |
outputs: | |
tags: ${{ steps.cargo_meta.outputs.tags }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
# https://github.com/docker/setup-qemu-action | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
# https://github.com/docker/setup-buildx-action | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@v3 | |
# | |
# Gefyra Cargo | |
# | |
- name: Cargo Image meta | |
id: cargo_meta | |
uses: docker/metadata-action@v5 | |
with: | |
flavor: | | |
latest=false | |
images: | | |
quay.io/gefyra/cargo | |
tags: | | |
type=raw,value=test-run-${{ github.run_id }},enable=${{ !github.event.pull_request }} | |
type=ref,event=pr,enable=${{ !!github.event.pull_request }} | |
labels: | | |
quay.expires-after=24h | |
- name: Build and push | |
uses: docker/build-push-action@v5 | |
with: | |
context: cargo/ | |
platforms: linux/amd64 | |
push: false | |
target: cargo | |
tags: ${{ steps.cargo_meta.outputs.tags }} | |
labels: ${{ steps.cargo_meta.outputs.labels }} | |
cache-from: type=registry,ref=quay.io/gefyra/cargo:latest | |
outputs: type=docker,dest=/tmp/cargo.tar | |
build-args: | | |
- UDP_OVER_TCP_VERSION=0.4.0 | |
- name: Upload cargo image | |
uses: actions/upload-artifact@v4 | |
with: | |
name: cargo | |
path: /tmp/cargo.tar | |
test_python: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Set fake kubeconfig | |
shell: bash | |
run: | | |
mkdir -p ~/.kube/ | |
cd ~/.kube | |
touch config | |
- name: Set up Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.9' | |
- name: Set Gefyra tracking config / fake kubeconfig | |
shell: bash | |
run: | | |
mkdir -p ~/.gefyra | |
cd ~/.gefyra | |
touch config.ini | |
echo "[telemetry]" >> config.ini | |
echo "track = False" >> config.ini | |
- name: Install Poetry | |
uses: snok/install-poetry@v1 | |
with: | |
virtualenvs-create: true | |
virtualenvs-in-project: true | |
installer-parallel: true | |
- name: Install dependencies | |
working-directory: ./client | |
run: poetry install --with dev --no-interaction --no-root | |
- name: Install k3d | |
run: curl --silent --fail https://raw.githubusercontent.com/k3d-io/k3d/main/install.sh | TAG=v5.5.1 bash | |
- name: Run PyTest | |
working-directory: ./client | |
run: poetry run coverage run -m pytest tests/unit/ | |
- name: Upload coverage data to coveralls.io | |
if: github.repository == 'gefyrahq/gefyra' | |
working-directory: ./client | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
COVERALLS_FLAG_NAME: client | |
COVERALLS_PARALLEL: true | |
run: poetry run coveralls --service=github | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: coverage_data | |
path: ./client/.coverage* | |
test_minikube: | |
timeout-minutes: 90 | |
strategy: | |
fail-fast: false | |
matrix: | |
include: | |
- os: ubuntu-latest | |
driver: '' | |
- os: macos-12 | |
driver: virtualbox | |
needs: | |
- build_operator | |
- build_cargo | |
runs-on: ${{ matrix.os }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Set up Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.9' | |
# https://github.com/opensafely-core/job-server/issues/3429 | |
- run: brew install docker | |
if: ${{ matrix.os == 'macos-12' }} | |
- run: colima start | |
if: ${{ matrix.os == 'macos-12' }} | |
- name: Install Poetry | |
uses: snok/install-poetry@v1 | |
with: | |
virtualenvs-create: true | |
virtualenvs-in-project: true | |
installer-parallel: true | |
- name: Set Gefyra tracking config / fake kubeconfig | |
shell: bash | |
run: | | |
mkdir -p ~/.gefyra | |
mkdir -p ~/.kube | |
cd ~/.gefyra | |
touch config.ini | |
echo "[telemetry]" >> config.ini | |
echo "track = False" >> config.ini | |
cd ~/.kube | |
touch config | |
- name: Download artifact | |
uses: actions/download-artifact@v4 | |
with: | |
path: /tmp | |
- name: Load Gefyra images | |
run: | | |
docker load --input /tmp/pyserver/pyserver.tar | |
docker load --input /tmp/cargo/cargo.tar | |
docker image ls -a | |
- name: start minikube | |
id: minikube | |
uses: medyagh/setup-minikube@latest | |
with: | |
start-args: --ports 127.0.0.1:31820:31820/udp | |
- name: Install dependencies | |
working-directory: ./client | |
run: poetry install --with dev --no-interaction --no-root | |
- name: Run gefyra up | |
timeout-minutes: 8 | |
working-directory: ./client | |
run: | | |
poetry run coverage run -a -m gefyra.cli.main --debug up --minikube | |
- name: Show cargo logs | |
working-directory: ./client | |
if: ${{ failure() }} | |
run: | | |
docker logs gefyra-cargo-default | |
kubectl logs -n gefyra gefyra-stowaway-0 | |
docker inspect minikube | |
docker inspect gefyra-cargo-default | |
- name: Show coverage report | |
working-directory: ./client | |
run: | | |
poetry run coverage report | |
- name: Upload coverage data to coveralls.io | |
if: github.repository == 'gefyrahq/gefyra' | |
working-directory: ./client | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
COVERALLS_FLAG_NAME: client | |
COVERALLS_PARALLEL: true | |
run: | | |
poetry run coveralls --service=github | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: coverage_data-${{ matrix.os }} | |
path: ./client/.coverage* | |
test: | |
strategy: | |
fail-fast: false | |
matrix: | |
k3d: [v1.23.17-k3s1, v1.24.15-k3s1, v1.25.11-k3s1, v1.26.6-k3s1, v1.27.3-k3s1] | |
needs: | |
- build_cargo | |
- build_operator | |
- build_test_image | |
runs-on: ubuntu-latest | |
timeout-minutes: 45 | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
# https://github.com/docker/setup-qemu-action | |
- name: Set up Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.9' | |
- name: Install Poetry | |
uses: snok/install-poetry@v1 | |
with: | |
virtualenvs-create: true | |
virtualenvs-in-project: true | |
installer-parallel: true | |
- name: Set Gefyra tracking config / fake kubeconfig | |
shell: bash | |
run: | | |
mkdir -p ~/.gefyra | |
mkdir -p ~/.kube | |
cd ~/.gefyra | |
touch config.ini | |
echo "[telemetry]" >> config.ini | |
echo "track = False" >> config.ini | |
cd ~/.kube | |
touch config | |
# | |
# Create a cluster with registry | |
# | |
- uses: AbsaOSS/k3d-action@v2 | |
name: Create Single Cluster | |
with: | |
cluster-name: "mycluster" | |
k3d-version: v5.5.1 | |
args: >- | |
--agents 1 | |
-p "31820:31820/UDP@agent:0" | |
--image docker.io/rancher/k3s:${{ matrix.k3d }} | |
--kubeconfig-update-default | |
--kubeconfig-switch-context | |
- name: Download artifact | |
uses: actions/download-artifact@v4 | |
with: | |
path: /tmp | |
- name: Load Operator image | |
run: | | |
docker load --input /tmp/pyserver/pyserver.tar | |
docker load --input /tmp/cargo/cargo.tar | |
docker image ls -a | |
# - name: Import Operator to k3d | |
# run: | | |
# k3d image import ${{ needs.build_operator.outputs.tags }} -c mycluster --verbose | |
- name: Pytest | |
working-directory: ./client | |
run: poetry install --with dev --no-interaction --no-root | |
# Run the 'Try it yourself' | |
- name: Apply some workload | |
run: | | |
kubectl apply -f testing/workloads/hello.yaml | |
- name: Run Gefyra K3D Tests | |
working-directory: ./client | |
run: | | |
poetry run coverage run -m pytest -vvv -s -x --full-trace --timeout=240 tests/e2e/ | |
- name: Show gefyra-operator logs | |
working-directory: ./client | |
if: ${{ failure() }} | |
run: | | |
kubectl get pods -n gefyra | |
kubectl describe deployment -n gefyra gefyra-operator | |
kubectl describe deployment -n gefyra gefyra-operator-webhook | |
kubectl logs -n gefyra deployment/gefyra-operator | |
kubectl logs -n gefyra deployment/gefyra-operator-webhook | |
kubectl get -A ValidatingWebhookConfiguration | |
kubectl get cm -n gefyra | |
kubectl describe cm -n gefyra gefyra-stowaway-proxyroutes | |
kubectl describe cm -n gefyra gefyra-stowaway-config | |
kubectl describe pod -n gefyra gefyra-stowaway-0 | |
kubectl logs -n gefyra pod/gefyra-stowaway-0 | |
kubectl get pvc -A | |
kubectl describe -n gefyra pvc stowaway-config-gefyra-stowaway-0 | |
- name: Show coverage report | |
working-directory: ./client | |
run: | | |
poetry run coverage report | |
- name: Upload coverage data to coveralls.io | |
if: github.repository == 'gefyrahq/gefyra' | |
working-directory: ./client | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
COVERALLS_FLAG_NAME: client | |
COVERALLS_PARALLEL: true | |
run: | | |
poetry run coveralls --service=github | |
- uses: actions/upload-artifact@v4 | |
with: | |
name: coverage_data-${{ matrix.k3d }} | |
path: ./client/.coverage* | |
test_operator: | |
name: Test Gefyra Operator | |
runs-on: ubuntu-latest | |
steps: | |
- name: Set up Python | |
uses: actions/setup-python@v5 | |
with: | |
python-version: '3.9' | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Install Poetry | |
uses: snok/install-poetry@v1 | |
with: | |
virtualenvs-create: true | |
virtualenvs-in-project: true | |
installer-parallel: true | |
- name: Install dependencies | |
working-directory: ./operator | |
run: poetry install --with dev --no-interaction --no-root | |
- name: Install k3d | |
run: curl --silent --fail https://raw.githubusercontent.com/k3d-io/k3d/main/install.sh | TAG=v5.5.1 bash | |
- name: Run PyTest | |
working-directory: ./operator | |
run: poetry run coverage run -m pytest -s -x --retries 5 | |
- name: Upload coverage data to coveralls.io | |
if: github.repository == 'gefyrahq/gefyra' | |
working-directory: ./operator | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
COVERALLS_FLAG_NAME: operator | |
COVERALLS_PARALLEL: true | |
run: poetry run coveralls --service=github | |
coveralls: | |
name: Indicate completion to coveralls.io | |
if: github.repository == 'gefyrahq/gefyra' | |
# need secrets.GITHUB_TOKEN | |
needs: | |
- test | |
- test_minikube | |
- test_python | |
- test_operator | |
runs-on: ubuntu-latest | |
container: python:3-slim | |
steps: | |
- name: Finished | |
run: | | |
pip3 install --upgrade coveralls | |
coveralls --service=github --finish | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |