Skip to content

cni-server: disable udp-fragmentation-offload (#4342) #13025

cni-server: disable udp-fragmentation-offload (#4342)

cni-server: disable udp-fragmentation-offload (#4342) #13025

name: Build x86 Image
on:
pull_request:
branches:
- master
- release-*
paths-ignore:
- 'docs/**'
- '**.md'
push:
branches:
- master
- release-*
paths-ignore:
- 'docs/**'
- '**.md'
concurrency:
group: "${{ github.workflow }}-${{ github.ref }}"
cancel-in-progress: true
env:
GO_VERSION: ''
GOSEC_VERSION: '2.15.0'
HELM_VERSION: v3.11.1
jobs:
build-kube-ovn:
name: Build kube-ovn
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- uses: docker/setup-buildx-action@v3
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION || '' }}
go-version-file: go.mod
check-latest: true
cache: false
- name: Export Go full version
run: echo "GO_FULL_VER=$(go version | awk '{print $3}')" >> "$GITHUB_ENV"
- name: Go cache
uses: actions/cache@v4
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-${{ env.GO_FULL_VER }}-x86-${{ hashFiles('**/go.sum') }}
restore-keys: ${{ runner.os }}-${{ env.GO_FULL_VER }}-x86-
- name: Unit test
run: |
go install -mod=mod github.com/onsi/ginkgo/ginkgo
make ut
- name: Install gosec
run: |
tmp=$(mktemp -d)
archive="gosec_${{ env.GOSEC_VERSION }}_$(go env GOHOSTOS)_$(go env GOHOSTARCH).tar.gz"
wget -q -O "$tmp/$archive" https://github.com/securego/gosec/releases/download/v${{ env.GOSEC_VERSION }}/$archive
tar --no-same-owner -C "$tmp" -xzf "$tmp/$archive"
install "$tmp/gosec" /usr/local/bin
rm -rf $tmp
- name: Build
run: |
go mod tidy
make lint
make image-kube-ovn
make tar-kube-ovn
- name: Upload images to artifact
uses: actions/upload-artifact@v4
with:
name: kube-ovn
path: kube-ovn.tar
build-vpc-nat-gateway:
name: Build vpc-nat-gateway
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- uses: docker/setup-buildx-action@v3
- name: Build
run: |
make image-vpc-nat-gateway
make tar-vpc-nat-gateway
- name: Upload image to artifact
uses: actions/upload-artifact@v4
with:
name: vpc-nat-gateway
path: vpc-nat-gateway.tar
build-e2e-binaries:
name: Build E2E Binaries
runs-on: ubuntu-22.04
timeout-minutes: 15
steps:
- uses: actions/checkout@v4
- name: Create the default branch directory
if: (github.base_ref || github.ref_name) != github.event.repository.default_branch
run: mkdir -p test/e2e/source
- name: Check out the default branch
if: (github.base_ref || github.ref_name) != github.event.repository.default_branch
uses: actions/checkout@v4
with:
ref: ${{ github.event.repository.default_branch }}
fetch-depth: 1
path: test/e2e/source
- name: Export E2E directory
run: |
if [ '${{ github.base_ref || github.ref_name }}' = '${{ github.event.repository.default_branch }}' ]; then
echo "E2E_DIR=." >> "$GITHUB_ENV"
else
echo "E2E_DIR=test/e2e/source" >> "$GITHUB_ENV"
fi
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION || '' }}
go-version-file: ${{ env.E2E_DIR }}/go.mod
check-latest: true
cache: false
- name: Export Go full version
run: echo "GO_FULL_VER=$(go version | awk '{print $3}')" >> "$GITHUB_ENV"
- name: Go cache
uses: actions/cache@v4
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-e2e-${{ env.GO_FULL_VER }}-x86-${{ hashFiles(format('{0}/**/go.sum', env.E2E_DIR)) }}
restore-keys: ${{ runner.os }}-e2e-${{ env.GO_FULL_VER }}-x86-
- name: Install ginkgo
working-directory: ${{ env.E2E_DIR }}
run: go install -v -mod=mod github.com/onsi/ginkgo/v2/ginkgo
- run: make e2e-build
working-directory: ${{ env.E2E_DIR }}
netpol-path-filter:
name: Network Policy Path Filter
if: github.event_name != 'pull_request'
runs-on: ubuntu-22.04
outputs:
test-netpol: ${{ steps.filter.outputs.kube-ovn-controller }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION || '' }}
go-version-file: go.mod
check-latest: true
cache: false
- name: Generate path filter
run: |
filter=".github/path-filters.yaml"
cat > $filter <<EOF
kube-ovn-controller:
- go.mod
- go.sum
EOF
sh hack/go-list.sh pkg/controller | while read f; do
echo "- $f" | tee -a $filter
done
- uses: dorny/paths-filter@v3
id: filter
with:
base: ${{ github.base_ref || github.ref_name }}
filters: .github/path-filters.yaml
list-files: csv
k8s-conformance-e2e:
name: Kubernetes Conformance E2E
needs:
- build-kube-ovn
- build-e2e-binaries
runs-on: ubuntu-22.04
timeout-minutes: 60
strategy:
fail-fast: false
matrix:
ip-family:
- ipv4
- ipv6
- dual
mode:
- overlay
- underlay
steps:
- uses: actions/checkout@v4
- name: Create the default branch directory
if: (github.base_ref || github.ref_name) != github.event.repository.default_branch
run: mkdir -p test/e2e/source
- name: Check out the default branch
if: (github.base_ref || github.ref_name) != github.event.repository.default_branch
uses: actions/checkout@v4
with:
ref: ${{ github.event.repository.default_branch }}
fetch-depth: 1
path: test/e2e/source
- name: Export E2E directory
run: |
if [ '${{ github.base_ref || github.ref_name }}' = '${{ github.event.repository.default_branch }}' ]; then
echo "E2E_DIR=." >> "$GITHUB_ENV"
else
echo "E2E_DIR=test/e2e/source" >> "$GITHUB_ENV"
fi
- name: Remove DNS search domain
run: |
sudo sed -i '/^search/d' /etc/resolv.conf
sudo systemctl restart docker
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION || '' }}
go-version-file: ${{ env.E2E_DIR }}/go.mod
check-latest: true
cache: false
- name: Export Go full version
run: echo "GO_FULL_VER=$(go version | awk '{print $3}')" >> "$GITHUB_ENV"
- name: Go cache
uses: actions/cache/restore@v4
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-e2e-${{ env.GO_FULL_VER }}-${{ hashFiles(format('{0}/**/go.sum', env.E2E_DIR)) }}
restore-keys: ${{ runner.os }}-e2e-${{ env.GO_FULL_VER }}-x86-
- name: Install kind
uses: helm/kind-action@v1
with:
install_only: true
- name: Install ginkgo
working-directory: ${{ env.E2E_DIR }}
run: go install -v -mod=mod github.com/onsi/ginkgo/v2/ginkgo
- name: Download image
uses: actions/download-artifact@v4
with:
name: kube-ovn
- name: Load image
run: docker load --input kube-ovn.tar
- name: Create kind cluster
run: |
sudo pip3 install j2cli
sudo pip3 install "j2cli[yaml]"
sudo PATH=~/.local/bin:$PATH make kind-init-${{ matrix.ip-family }}
sudo cp -r /root/.kube/ ~/.kube/
sudo chown -R $(id -un). ~/.kube/
- name: Install Kube-OVN
run: make kind-install-${{ matrix.mode }}-${{ matrix.ip-family }}
- name: Run E2E
working-directory: ${{ env.E2E_DIR }}
env:
E2E_BRANCH: ${{ github.base_ref || github.ref_name }}
E2E_IP_FAMILY: ${{ matrix.ip-family }}
E2E_NETWORK_MODE: ${{ matrix.mode }}
run: make k8s-conformance-e2e
- name: kubectl ko log
if: failure()
run: |
make kubectl-ko-log
mv kubectl-ko-log.tar.gz k8s-conformance-e2e-${{ matrix.ip-family }}-${{ matrix.mode }}-ko-log.tar.gz
- name: upload kubectl ko log
uses: actions/upload-artifact@v4
if: failure()
with:
name: k8s-conformance-e2e-${{ matrix.ip-family }}-${{ matrix.mode }}-ko-log
path: k8s-conformance-e2e-${{ matrix.ip-family }}-${{ matrix.mode }}-ko-log.tar.gz
k8s-netpol-e2e:
name: Kubernetes Network Policy E2E
if: |
always() && !contains(needs.*.result, 'failure') && !contains(needs.*.result, 'cancelled') &&
(needs.netpol-path-filter.outputs.test-netpol == 1 || contains(github.event.pull_request.labels.*.name, 'network policy'))
needs:
- build-kube-ovn
- build-e2e-binaries
- netpol-path-filter
runs-on: ubuntu-22.04
timeout-minutes: 60
strategy:
fail-fast: false
matrix:
ip-family:
- ipv4
- ipv6
- dual
steps:
- uses: actions/checkout@v4
- name: Create the default branch directory
if: (github.base_ref || github.ref_name) != github.event.repository.default_branch
run: mkdir -p test/e2e/source
- name: Check out the default branch
if: (github.base_ref || github.ref_name) != github.event.repository.default_branch
uses: actions/checkout@v4
with:
ref: ${{ github.event.repository.default_branch }}
fetch-depth: 1
path: test/e2e/source
- name: Export E2E directory
run: |
if [ '${{ github.base_ref || github.ref_name }}' = '${{ github.event.repository.default_branch }}' ]; then
echo "E2E_DIR=." >> "$GITHUB_ENV"
else
echo "E2E_DIR=test/e2e/source" >> "$GITHUB_ENV"
fi
- name: Remove DNS search domain
run: |
sudo sed -i '/^search/d' /etc/resolv.conf
sudo systemctl restart docker
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION || '' }}
go-version-file: ${{ env.E2E_DIR }}/go.mod
check-latest: true
cache: false
- name: Export Go full version
run: echo "GO_FULL_VER=$(go version | awk '{print $3}')" >> "$GITHUB_ENV"
- name: Go cache
uses: actions/cache/restore@v4
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-e2e-${{ env.GO_FULL_VER }}-x86-${{ hashFiles(format('{0}/**/go.sum', env.E2E_DIR)) }}
restore-keys: ${{ runner.os }}-e2e-${{ env.GO_FULL_VER }}-x86-
- name: Install kind
uses: helm/kind-action@v1
with:
install_only: true
- name: Install ginkgo
working-directory: ${{ env.E2E_DIR }}
run: go install -v -mod=mod github.com/onsi/ginkgo/v2/ginkgo
- name: Download image
uses: actions/download-artifact@v4
with:
name: kube-ovn
- name: Load image
run: docker load --input kube-ovn.tar
- name: Create kind cluster
run: |
sudo pip3 install j2cli
sudo pip3 install "j2cli[yaml]"
sudo PATH=~/.local/bin:$PATH make kind-init-${{ matrix.ip-family }}
sudo cp -r /root/.kube/ ~/.kube/
sudo chown -R $(id -un). ~/.kube/
- name: Install Kube-OVN
run: make kind-install-${{ matrix.ip-family }}
- name: Run E2E
working-directory: ${{ env.E2E_DIR }}
run: make k8s-netpol-e2e
cyclonus-netpol-e2e:
name: Cyclonus Network Policy E2E
if: |
always() && !contains(needs.*.result, 'failure') && !contains(needs.*.result, 'cancelled') &&
(needs.netpol-path-filter.outputs.test-netpol == 1 || contains(github.event.pull_request.labels.*.name, 'network policy'))
needs:
- build-kube-ovn
- netpol-path-filter
runs-on: ubuntu-22.04
timeout-minutes: 30
strategy:
fail-fast: false
matrix:
ip-family:
- ipv4
- ipv6
- dual
steps:
- uses: actions/checkout@v4
- name: Create the default branch directory
if: (github.base_ref || github.ref_name) != github.event.repository.default_branch
run: mkdir -p test/e2e/source
- name: Check out the default branch
if: (github.base_ref || github.ref_name) != github.event.repository.default_branch
uses: actions/checkout@v4
with:
ref: ${{ github.event.repository.default_branch }}
fetch-depth: 1
path: test/e2e/source
- name: Export E2E directory
run: |
if [ '${{ github.base_ref || github.ref_name }}' = '${{ github.event.repository.default_branch }}' ]; then
echo "E2E_DIR=." >> "$GITHUB_ENV"
else
echo "E2E_DIR=test/e2e/source" >> "$GITHUB_ENV"
fi
- name: Install kind
uses: helm/kind-action@v1
with:
install_only: true
- name: Install ginkgo
working-directory: ${{ env.E2E_DIR }}
run: go install -v -mod=mod github.com/onsi/ginkgo/v2/ginkgo
- name: Download image
uses: actions/download-artifact@v4
with:
name: kube-ovn
- name: Load image
run: docker load --input kube-ovn.tar
- name: Create kind cluster
run: |
sudo pip3 install j2cli
sudo pip3 install "j2cli[yaml]"
sudo PATH=~/.local/bin:$PATH make kind-init-${{ matrix.ip-family }}
sudo cp -r /root/.kube/ ~/.kube/
sudo chown -R $(id -un). ~/.kube/
- name: Install Kube-OVN
run: make kind-install-${{ matrix.ip-family }}
- name: Run E2E
working-directory: ${{ env.E2E_DIR }}
run: make cyclonus-netpol-e2e
kube-ovn-conformance-e2e:
name: Kube-OVN Conformance E2E
needs:
- build-kube-ovn
- build-e2e-binaries
runs-on: ubuntu-22.04
timeout-minutes: 30
strategy:
fail-fast: false
matrix:
ip-family:
- ipv4
- ipv6
- dual
mode:
- overlay
- underlay
steps:
- uses: actions/checkout@v4
- name: Create the default branch directory
if: (github.base_ref || github.ref_name) != github.event.repository.default_branch
run: mkdir -p test/e2e/source
- name: Check out the default branch
if: (github.base_ref || github.ref_name) != github.event.repository.default_branch
uses: actions/checkout@v4
with:
ref: ${{ github.event.repository.default_branch }}
fetch-depth: 1
path: test/e2e/source
- name: Export E2E directory
run: |
if [ '${{ github.base_ref || github.ref_name }}' = '${{ github.event.repository.default_branch }}' ]; then
echo "E2E_DIR=." >> "$GITHUB_ENV"
else
echo "E2E_DIR=test/e2e/source" >> "$GITHUB_ENV"
fi
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION || '' }}
go-version-file: ${{ env.E2E_DIR }}/go.mod
check-latest: true
cache: false
- name: Export Go full version
run: echo "GO_FULL_VER=$(go version | awk '{print $3}')" >> "$GITHUB_ENV"
- name: Go cache
uses: actions/cache/restore@v4
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-e2e-${{ env.GO_FULL_VER }}-x86-${{ hashFiles(format('{0}/**/go.sum', env.E2E_DIR)) }}
restore-keys: ${{ runner.os }}-e2e-${{ env.GO_FULL_VER }}-x86-
- name: Install kind
uses: helm/kind-action@v1
with:
install_only: true
- name: Install ginkgo
working-directory: ${{ env.E2E_DIR }}
run: go install -v -mod=mod github.com/onsi/ginkgo/v2/ginkgo
- name: Download image
uses: actions/download-artifact@v4
with:
name: kube-ovn
- name: Load image
run: docker load --input kube-ovn.tar
- name: Create kind cluster
run: |
sudo pip3 install j2cli
sudo pip3 install "j2cli[yaml]"
sudo PATH=~/.local/bin:$PATH make kind-init-${{ matrix.ip-family }}
sudo cp -r /root/.kube/ ~/.kube/
sudo chown -R $(id -un). ~/.kube/
- name: Install Kube-OVN
run: make kind-install-${{ matrix.mode }}-${{ matrix.ip-family }}
- name: Run E2E
working-directory: ${{ env.E2E_DIR }}
env:
E2E_BRANCH: ${{ github.base_ref || github.ref_name }}
E2E_IP_FAMILY: ${{ matrix.ip-family }}
E2E_NETWORK_MODE: ${{ matrix.mode }}
run: make kube-ovn-conformance-e2e
- name: kubectl ko log
if: failure()
run: |
make kubectl-ko-log
mv kubectl-ko-log.tar.gz kube-ovn-conformance-e2e-${{ matrix.mode }}-${{ matrix.ip-family }}-ko-log.tar.gz
- name: upload kubectl ko log
uses: actions/upload-artifact@v4
if: failure()
with:
name: kube-ovn-conformance-e2e-${{ matrix.mode }}-${{ matrix.ip-family }}-ko-log
path: kube-ovn-conformance-e2e-${{ matrix.mode }}-${{ matrix.ip-family }}-ko-log.tar.gz
- name: Cleanup
run: |
if [ "${{ matrix.mode }}" != underlay ]; then
sh -x dist/images/cleanup.sh
fi
kube-ovn-ic-conformance-e2e:
name: Kube-OVN IC Conformance E2E
needs:
- build-kube-ovn
- build-e2e-binaries
runs-on: ubuntu-22.04
timeout-minutes: 30
steps:
- uses: actions/checkout@v4
- name: Create the default branch directory
if: (github.base_ref || github.ref_name) != github.event.repository.default_branch
run: mkdir -p test/e2e/source
- name: Check out the default branch
if: (github.base_ref || github.ref_name) != github.event.repository.default_branch
uses: actions/checkout@v4
with:
ref: ${{ github.event.repository.default_branch }}
fetch-depth: 1
path: test/e2e/source
- name: Export E2E directory
run: |
if [ '${{ github.base_ref || github.ref_name }}' = '${{ github.event.repository.default_branch }}' ]; then
echo "E2E_DIR=." >> "$GITHUB_ENV"
else
echo "E2E_DIR=test/e2e/source" >> "$GITHUB_ENV"
fi
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION || '' }}
go-version-file: ${{ env.E2E_DIR }}/go.mod
check-latest: true
cache: false
- name: Export Go full version
run: echo "GO_FULL_VER=$(go version | awk '{print $3}')" >> "$GITHUB_ENV"
- name: Go cache
uses: actions/cache/restore@v4
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-e2e-${{ env.GO_FULL_VER }}-x86-${{ hashFiles(format('{0}/**/go.sum', env.E2E_DIR)) }}
restore-keys: ${{ runner.os }}-e2e-${{ env.GO_FULL_VER }}-x86-
- name: Install kind
uses: helm/kind-action@v1
with:
install_only: true
- name: Install ginkgo
working-directory: ${{ env.E2E_DIR }}
run: go install -v -mod=mod github.com/onsi/ginkgo/v2/ginkgo
- name: Download image
uses: actions/download-artifact@v4
with:
name: kube-ovn
- name: Load image
run: docker load --input kube-ovn.tar
- name: Create kind clusters
run: |
sudo pip3 install j2cli
sudo pip3 install "j2cli[yaml]"
sudo PATH=~/.local/bin:$PATH make kind-init-ovn-ic
sudo cp -r /root/.kube/ ~/.kube/
sudo chown -R $(id -un). ~/.kube/
- name: Install Kube-OVN
run: make kind-install-ovn-ic
- name: Run E2E
working-directory: ${{ env.E2E_DIR }}
env:
E2E_BRANCH: ${{ github.base_ref || github.ref_name }}
E2E_IP_FAMILY: ${{ matrix.ip-family }}
run: make kube-ovn-ic-conformance-e2e
chart-installation-test:
needs: build-kube-ovn
name: Chart Installation Test
runs-on: ubuntu-22.04
timeout-minutes: 30
steps:
- uses: actions/checkout@v4
- name: Install kind
uses: helm/kind-action@v1
with:
install_only: true
- name: Download image
uses: actions/download-artifact@v4
with:
name: kube-ovn
- name: Load image
run: docker load --input kube-ovn.tar
- name: Create kind cluster
run: |
sudo pip3 install j2cli
sudo pip3 install "j2cli[yaml]"
sudo PATH=~/.local/bin:$PATH make kind-init
sudo cp -r /root/.kube/ ~/.kube/
sudo chown -R $(id -un). ~/.kube/
- name: Install Kube-OVN
run: make kind-install-chart
- name: Cleanup
run: sh dist/images/cleanup.sh
ha-installation-test:
needs: build-kube-ovn
name: HA Installation Test
runs-on: ubuntu-22.04
timeout-minutes: 30
steps:
- uses: actions/checkout@v4
- name: Install kind
uses: helm/kind-action@v1
with:
install_only: true
- name: Download image
uses: actions/download-artifact@v4
with:
name: kube-ovn
- name: Load image
run: docker load --input kube-ovn.tar
- name: Create kind cluster
run: |
sudo pip3 install j2cli
sudo pip3 install "j2cli[yaml]"
sudo PATH=~/.local/bin:$PATH make kind-init-ha
sudo cp -r /root/.kube/ ~/.kube/
sudo chown -R $(id -un). ~/.kube/
- name: Install Kube-OVN
run: sudo ENABLE_SSL=true make kind-install
- name: Cleanup
run: sh dist/images/cleanup.sh
underlay-logical-gateway-installation-test:
name: Underlay Logical Gateway Installation Test
needs: build-kube-ovn
runs-on: ubuntu-22.04
timeout-minutes: 30
steps:
- uses: actions/checkout@v4
- name: Install kind
uses: helm/kind-action@v1
with:
install_only: true
- name: Download image
uses: actions/download-artifact@v4
with:
name: kube-ovn
- name: Load image
run: docker load --input kube-ovn.tar
- name: Create kind cluster
run: |
sudo pip3 install j2cli
sudo pip3 install "j2cli[yaml]"
sudo PATH=~/.local/bin:$PATH make kind-init-dual
sudo cp -r /root/.kube/ ~/.kube/
sudo chown -R $(id -un). ~/.kube/
- name: Install Kube-OVN
run: make kind-install-underlay-logical-gateway-dual
- name: Cleanup
run: sh dist/images/cleanup.sh
no-ovn-lb-test:
name: Disable OVN LB Test
needs: build-kube-ovn
runs-on: ubuntu-22.04
timeout-minutes: 30
steps:
- uses: actions/checkout@v4
- name: Install kind
uses: helm/kind-action@v1
with:
install_only: true
- name: Download image
uses: actions/download-artifact@v4
with:
name: kube-ovn
- name: Load image
run: docker load --input kube-ovn.tar
- name: Create kind cluster
run: |
sudo pip3 install j2cli
sudo pip3 install "j2cli[yaml]"
sudo PATH=~/.local/bin:$PATH make kind-init
sudo cp -r /root/.kube/ ~/.kube/
sudo chown -R $(id -un). ~/.kube/
- name: Install Kube-OVN without LoadBalancer
env:
ENABLE_LB: "false"
run: make kind-install
- name: kubectl ko log
if: failure()
run: |
make kubectl-ko-log
mv kube-ovn-no-lb-ko-log.tar.gz
- name: upload kubectl ko log
uses: actions/upload-artifact@v4
if: failure()
with:
name: kube-ovn-no-lb-ko-log
path: kube-ovn-no-lb-ko-log.tar.gz
- name: Cleanup
run: sh dist/images/cleanup.sh
no-np-test:
name: Disable Network Policy Test
needs: build-kube-ovn
runs-on: ubuntu-22.04
timeout-minutes: 30
steps:
- uses: actions/checkout@v4
- name: Install kind
uses: helm/kind-action@v1
with:
install_only: true
- name: Download image
uses: actions/download-artifact@v4
with:
name: kube-ovn
- name: Load image
run: docker load --input kube-ovn.tar
- name: Create kind cluster
run: |
sudo pip3 install j2cli
sudo pip3 install "j2cli[yaml]"
sudo PATH=~/.local/bin:$PATH make kind-init
sudo cp -r /root/.kube/ ~/.kube/
sudo chown -R $(id -un). ~/.kube/
- name: Install Kube-OVN
env:
ENABLE_NP: "false"
run: make kind-install
- name: Cleanup
run: sh dist/images/cleanup.sh
installation-compatibility-test:
name: Installation Compatibility Test
needs: build-kube-ovn
runs-on: ubuntu-22.04
timeout-minutes: 10
steps:
- uses: actions/checkout@v4
- name: Install kind
uses: helm/kind-action@v1
with:
install_only: true
- name: Download image
uses: actions/download-artifact@v4
with:
name: kube-ovn
- name: Load image
run: docker load --input kube-ovn.tar
- name: Create kind cluster
run: |
sudo pip3 install j2cli
sudo pip3 install "j2cli[yaml]"
sudo PATH=~/.local/bin:$PATH k8s_version=v1.23.13 make kind-init
sudo cp -r /root/.kube/ ~/.kube/
sudo chown -R $(id -un). ~/.kube/
- name: Install Kube-OVN
run: make kind-install
- name: Cleanup
run: sh dist/images/cleanup.sh
cilium-chaining-e2e:
name: Cilium Chaining E2E
needs:
- build-kube-ovn
- build-e2e-binaries
runs-on: ubuntu-22.04
timeout-minutes: 30
steps:
- uses: actions/checkout@v4
- uses: azure/setup-helm@v4
with:
version: '${{ env.HELM_VERSION }}'
- name: Create the default branch directory
if: (github.base_ref || github.ref_name) != github.event.repository.default_branch
run: mkdir -p test/e2e/source
- name: Check out the default branch
if: (github.base_ref || github.ref_name) != github.event.repository.default_branch
uses: actions/checkout@v4
with:
ref: ${{ github.event.repository.default_branch }}
fetch-depth: 1
path: test/e2e/source
- name: Export E2E directory
run: |
if [ '${{ github.base_ref || github.ref_name }}' = '${{ github.event.repository.default_branch }}' ]; then
echo "E2E_DIR=." >> "$GITHUB_ENV"
else
echo "E2E_DIR=test/e2e/source" >> "$GITHUB_ENV"
fi
- name: Remove DNS search domain
run: |
sudo sed -i '/^search/d' /etc/resolv.conf
sudo systemctl restart docker
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION || '' }}
go-version-file: ${{ env.E2E_DIR }}/go.mod
check-latest: true
cache: false
- name: Export Go full version
run: echo "GO_FULL_VER=$(go version | awk '{print $3}')" >> "$GITHUB_ENV"
- name: Go cache
uses: actions/cache/restore@v4
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-e2e-${{ env.GO_FULL_VER }}-x86-${{ hashFiles(format('{0}/**/go.sum', env.E2E_DIR)) }}
restore-keys: ${{ runner.os }}-e2e-${{ env.GO_FULL_VER }}-x86-
- name: Install kind
uses: helm/kind-action@v1
with:
install_only: true
- name: Install ginkgo
working-directory: ${{ env.E2E_DIR }}
run: go install -v -mod=mod github.com/onsi/ginkgo/v2/ginkgo
- name: Download image
uses: actions/download-artifact@v4
with:
name: kube-ovn
- name: Load image
run: docker load --input kube-ovn.tar
- name: Create kind cluster
run: |
sudo pip3 install j2cli
sudo pip3 install "j2cli[yaml]"
sudo PATH=~/.local/bin:$PATH make kind-init
sudo cp -r /root/.kube/ ~/.kube/
sudo chown -R $(id -un). ~/.kube/
- name: Install Kube-OVN with Cilium chaining
run: make kind-install-cilium-chaining
- name: Run E2E
working-directory: ${{ env.E2E_DIR }}
env:
E2E_CILIUM_CHAINING: "true"
run: make k8s-conformance-e2e
- name: Cleanup
run: sh dist/images/cleanup.sh
kube-ovn-security-e2e:
name: Kube-OVN Security E2E
needs:
- build-kube-ovn
- build-e2e-binaries
runs-on: ubuntu-22.04
timeout-minutes: 30
strategy:
fail-fast: false
matrix:
ssl:
- "true"
- "false"
bind-local:
- "true"
- "false"
ip-family:
- ipv4
- ipv6
- dual
steps:
- uses: actions/checkout@v4
- name: Create the default branch directory
if: (github.base_ref || github.ref_name) != github.event.repository.default_branch
run: mkdir -p test/e2e/source
- name: Check out the default branch
if: (github.base_ref || github.ref_name) != github.event.repository.default_branch
uses: actions/checkout@v4
with:
ref: ${{ github.event.repository.default_branch }}
fetch-depth: 1
path: test/e2e/source
- name: Export E2E directory
run: |
if [ '${{ github.base_ref || github.ref_name }}' = '${{ github.event.repository.default_branch }}' ]; then
echo "E2E_DIR=." >> "$GITHUB_ENV"
else
echo "E2E_DIR=test/e2e/source" >> "$GITHUB_ENV"
fi
- uses: actions/setup-go@v5
with:
go-version: ${{ env.GO_VERSION || '' }}
go-version-file: ${{ env.E2E_DIR }}/go.mod
check-latest: true
cache: false
- name: Export Go full version
run: echo "GO_FULL_VER=$(go version | awk '{print $3}')" >> "$GITHUB_ENV"
- name: Go cache
uses: actions/cache/restore@v4
with:
path: |
~/.cache/go-build
~/go/pkg/mod
key: ${{ runner.os }}-e2e-${{ env.GO_FULL_VER }}-x86-${{ hashFiles(format('{0}/**/go.sum', env.E2E_DIR)) }}
restore-keys: ${{ runner.os }}-e2e-${{ env.GO_FULL_VER }}-x86-
- name: Install kind
uses: helm/kind-action@v1
with:
install_only: true
- name: Install ginkgo
working-directory: ${{ env.E2E_DIR }}
run: go install -v -mod=mod github.com/onsi/ginkgo/v2/ginkgo
- name: Download image
uses: actions/download-artifact@v4
with:
name: kube-ovn
- name: Load image
run: docker load --input kube-ovn.tar
- name: Create kind cluster
run: |
sudo pip3 install j2cli
sudo pip3 install "j2cli[yaml]"
sudo PATH=~/.local/bin:$PATH make kind-init-ha-${{ matrix.ip-family }}
sudo cp -r /root/.kube/ ~/.kube/
sudo chown -R $(id -un). ~/.kube/
- name: Install Kube-OVN
run: |
sudo ENABLE_SSL=${{ matrix.ssl }} ENABLE_BIND_LOCAL_IP=${{ matrix.bind-local }} \
make kind-install-${{ matrix.ip-family }}
- name: Run E2E
working-directory: ${{ env.E2E_DIR }}
env:
E2E_BRANCH: ${{ github.base_ref || github.ref_name }}
E2E_IP_FAMILY: ${{ matrix.ip-family }}
run: make kube-ovn-security-e2e
- name: Cleanup
run: sh dist/images/cleanup.sh
push:
name: Push Images
needs:
- k8s-conformance-e2e
# - k8s-netpol-e2e
- cyclonus-netpol-e2e
- kube-ovn-conformance-e2e
- kube-ovn-ic-conformance-e2e
- ha-installation-test
- underlay-logical-gateway-installation-test
- chart-installation-test
- installation-compatibility-test
- no-ovn-lb-test
- no-np-test
- cilium-chaining-e2e
- kube-ovn-security-e2e
if: always() && !contains(needs.*.result, 'failure') && !contains(needs.*.result, 'cancelled')
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@v4
- name: Download kube-ovn image
uses: actions/download-artifact@v4
with:
name: kube-ovn
- name: Download vpc-nat-gateway image
uses: actions/download-artifact@v4
with:
name: vpc-nat-gateway
- name: Load Image
run: |
docker load --input kube-ovn.tar
docker load --input vpc-nat-gateway.tar
- name: Security Scan
run: |
sudo apt-get install wget apt-transport-https gnupg lsb-release
wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -
echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list
sudo apt-get update
sudo apt-get install trivy
make scan
- name: Push
if: github.ref_name == github.event.repository.default_branch || startsWith(github.ref_name, 'release-')
env:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }}
COMMIT: ${{ github.sha }}
run: |
cat VERSION
TAG=$(cat VERSION)
echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
docker tag kubeovn/kube-ovn:$TAG kubeovn/kube-ovn-dev:$COMMIT-x86
docker tag kubeovn/kube-ovn:$TAG kubeovn/kube-ovn:$TAG-x86
docker tag kubeovn/vpc-nat-gateway:$TAG kubeovn/vpc-nat-gateway-dev:$COMMIT-x86
docker tag kubeovn/vpc-nat-gateway:$TAG kubeovn/vpc-nat-gateway:$TAG-x86
docker images
docker push kubeovn/kube-ovn:$TAG-x86
docker push kubeovn/kube-ovn-dev:$COMMIT-x86
docker push kubeovn/vpc-nat-gateway:$TAG-x86
docker push kubeovn/vpc-nat-gateway-dev:$COMMIT-x86