openshift-client: eval PARAMS_SCRIPT #105
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: test | |
| on: | |
| push: | |
| tags-ignore: | |
| - "*" | |
| branches: | |
| - main | |
| concurrency: | |
| group: ${{ github.workflow }}-${{ github.ref }} | |
| cancel-in-progress: true | |
| jobs: | |
| lint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| # Install Catlin linting tool | |
| - name: Install linting tools | |
| run: | | |
| set -Eeu | |
| git clone https://github.com/tektoncd/catlin | |
| cd catlin | |
| make bin/catlin | |
| sudo cp bin/catlin /usr/local/bin | |
| catlin --help | |
| # run Catlin linting | |
| - name: Run Catlin linting | |
| run: | | |
| set -Eeu | |
| helm template task-oc . > task-oc.yaml | |
| cat task-oc.yaml | |
| catlin validate task-oc.yaml || true | |
| helm template task-tkn . > task-tkn.yaml | |
| cat task-tkn.yaml | |
| catlin validate task-tkn.yaml || true | |
| test-e2e: | |
| strategy: | |
| fail-fast: false # Keep running if one leg fails. | |
| matrix: | |
| pipeline-version: | |
| - v0.50.6 | |
| - v0.53.7 | |
| - v0.56.5 | |
| - v0.59.1 | |
| - latest | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| submodules: true | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: registry.redhat.io | |
| username: ${{ secrets.REGISTRY_REDHAT_USERNAME }} | |
| password: ${{ secrets.REGISTRY_REDHAT_TOKEN }} | |
| - uses: azure/setup-helm@v4 | |
| # instantiate a KinD (Kubernetes in Docker) cluster, installs `kubectl` and configures the | |
| # `kubeconfig` to reach the local cluster | |
| - uses: helm/[email protected] | |
| with: | |
| cluster_name: kind | |
| wait: 120s | |
| # installs Tekton Pipelines and `tkn` command line, including a local Container-Registry with | |
| # settings to reach it during testing | |
| - uses: openshift-pipelines/setup-tektoncd@v1 | |
| with: | |
| pipeline_version: ${{ matrix.pipeline-version }} | |
| # setting up Knative Serving | |
| - name: setup-serverless | |
| run: | | |
| curl -O -L "https://github.com/sigstore/cosign/releases/latest/download/cosign-linux-amd64" | |
| sudo mv cosign-linux-amd64 /usr/local/bin/cosign | |
| sudo chmod +x /usr/local/bin/cosign | |
| sudo apt-get install jq | |
| curl -sSL https://github.com/knative/serving/releases/latest/download/serving-core.yaml \ | |
| | grep 'gcr.io/' | awk '{print $2}' | sort | uniq \ | |
| | xargs -n 1 \ | |
| cosign verify -o text \ | |
| --certificate-identity=signer@knative-releases.iam.gserviceaccount.com \ | |
| --certificate-oidc-issuer=https://accounts.google.com | |
| kubectl apply -f https://github.com/knative/serving/releases/latest/download/serving-crds.yaml | |
| kubectl apply -f https://github.com/knative/serving/releases/latest/download/serving-core.yaml | |
| kubectl apply -f https://github.com/knative/net-kourier/releases/latest/download/kourier.yaml | |
| kubectl patch configmap/config-network \ | |
| --namespace knative-serving \ | |
| --type merge \ | |
| --patch '{"data":{"ingress-class":"kourier.ingress.networking.knative.dev"}}' | |
| sleep 60 | |
| #Adding roles for allowing kn-apply to create service in default namespace | |
| cat <<EOF | kubectl apply -f - | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: Role | |
| metadata: | |
| namespace: default | |
| name: knative-serving-role | |
| rules: | |
| - apiGroups: ["serving.knative.dev"] | |
| resources: ["services"] | |
| verbs: ["get", "create", "patch"] | |
| --- | |
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: RoleBinding | |
| metadata: | |
| name: knative-serving-rolebinding | |
| namespace: default | |
| subjects: | |
| - kind: ServiceAccount | |
| name: default | |
| namespace: default | |
| roleRef: | |
| kind: Role | |
| name: knative-serving-role | |
| apiGroup: rbac.authorization.k8s.io | |
| EOF | |
| kubectl get pods -n knative-serving | |
| all_pods=$(kubectl get pods -n "knative-serving" --no-headers=true) | |
| while read -r pod; do | |
| pod_name=$(echo "$pod" | awk '{print $1}') | |
| pod_status=$(echo "$pod" | awk '{print $3}') | |
| # Check if the pod status is not "Running" | |
| if [ "$pod_status" != "Running" ]; then | |
| echo "Pod $pod_name is not running" | |
| exit 1 | |
| fi | |
| done <<< "$all_pods" | |
| echo "All pods are running" | |
| # running end-to-end test target | |
| - name: test-e2e | |
| run: | | |
| set -Eeuo pipefail | |
| kubectl delete secret regcred || true | |
| kubectl create secret generic regcred \ | |
| --from-file=.dockerconfigjson=$HOME/.docker/config.json \ | |
| --type=kubernetes.io/dockerconfigjson | |
| kubectl patch serviceaccount default -p '{"imagePullSecrets": [{"name": "regcred"}]}' | |
| make test-e2e |