Skip to content

Add E2E test workflow. #5

Add E2E test workflow.

Add E2E test workflow. #5

Workflow file for this run

name: E2E
on:
# TODO(dhaus): Temporary to test the workflow.
pull_request:
push:
branches:
- main
paths-ignore:
- 'dist/**'
schedule:
- cron: '0 5 * * 0'
jobs:
e2e:
if: github.event_name == 'push' || !github.event.pull_request.head.repo.fork
name: E2E
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Checkout stackrox repo
uses: actions/checkout@v4
with:
repository: stackrox/stackrox
path: stackrox
- name: Install kubectl
run: sudo snap install kubectl --classic
- name: Setup infractl
uses: stackrox/actions/infra/install-infractl@main
- name: Create infra GKE cluster
uses: stackrox/actions/infra/[email protected]
with:
token: ${{ secrets.INFRA_TOKEN }}
flavor: gke-default
name: central-login-${{ github.run_id }}
lifespan: 15m
wait: "true"
- name: Deploy Stackrox to GKE
env:
CLUSTER_NAME: central-login-${{ github.run_id }}
ARTIFACTS_DIR: ${{ runner.temp }}/gke-artifacts
INFRA_TOKEN: ${{ secrets.INFRA_TOKEN }}
run: |
# Fetch the artifacts for the GKE cluster.
infractl artifacts --download-dir=${ARTIFACTS_DIR} ${CLUSTER_NAME}
# Setup context for GKE cluster.
echo "KUBECONFIG=${ARTIFACTS_DIR}/kubeconfig" >> $GITHUB_OUTPUT
export KUBECONFIG=${ARTIFACTS_DIR}/kubeconfig
# Deploy Central via deploy scripts.
cd stackrox
./deploy/central.sh
kubectl set env -n stackrox deploy/central ROX_AUTH_MACHINE_TO_MACHINE=true
# Sleep to ensure Central pods are restarted
sleep 60
./deploy/k8s/central-deploy/scripts/port-forward.sh 8000
echo "ROX_PASSWORD=$(cat deploy/k8s/central-deploy/password)" >> $GITHUB_OUTPUT
- name: Wait for API
env:
USE_MIDSTREAM_IMAGES: false
run: |
cd stackrox
echo $KUBECONFIG
source "tests/e2e/lib.sh"
wait_for_api
- name: Configure M2M configuration
run: |
curl -u admin:${ROX_PASSWORD} \
https://localhost:8000/v1/auth/m2m \
-k -d '{"config": {"type": "GITHUB_ACTIONS", "tokenExpirationDuration": "5m", "mappings":[{"key":"sub","valueExpression":"repo:stackrox/central-login.*", "role":"Analyst"}]}}'
- name: Run Central-login action
uses: ./
with:
endpoint: https://localhost:8000
skip-tls-verify: true
- name: Fetch roxctl and run roxctl central whoami
run: |
curl -k -u admin:${ROX_PASSWORD} https://localhost:8000/api/cli/download/roxctl-linux --output ./roxctl
chmod +x ./roxctl
./roxctl central whoami