Skip to content

try rosa hcp

try rosa hcp #1299

Workflow file for this run

name: PR Workflow
on:
pull_request:
types:
- opened
- synchronize
defaults:
run:
working-directory: go/src/github.com/stackrox/infra
env:
CLUSTER_NAME: infra-pr-${{ github.event.pull_request.number }}
GH_TOKEN: ${{ secrets.ROBOT_ROX_GITHUB_TOKEN }}
jobs:
lint:
uses: ./.github/workflows/lint.yaml
build-and-push:
uses: ./.github/workflows/build-and-push.yaml
secrets: inherit
create-dev-cluster:
runs-on: ubuntu-latest
steps:
- uses: stackrox/actions/infra/create-cluster@v1
with:
flavor: gke-default
name: infra-pr-${{ github.event.pull_request.number }}
args: machine-type=e2-medium,nodes=1,gcp-image-type=ubuntu_containerd
lifespan: 24h
wait: true
token: ${{ secrets.INFRA_TOKEN }}
comment-on-PR:
needs:
- build-and-push
- create-dev-cluster
runs-on: ubuntu-latest
container:
image: quay.io/stackrox-io/apollo-ci:stackrox-test-0.3.51.1
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
ref: ${{ github.event.pull_request.head.sha }}
path: go/src/github.com/stackrox/infra
- name: Add PR comment for deploy to dev
env:
GITHUB_TOKEN: ${{ secrets.ROBOT_ROX_GITHUB_TOKEN }}
run: |
./scripts/add-PR-comment-for-deploy-to-dev.sh "${{ github.event.pull_request.html_url }}" "$CLUSTER_NAME"
deploy-and-test:
needs:
- build-and-push
- create-dev-cluster
runs-on: ubuntu-latest
container:
image: quay.io/stackrox-io/apollo-ci:stackrox-test-0.3.51.1
env:
KUBECONFIG: /github/home/artifacts/kubeconfig
INFRA_TOKEN: ${{ secrets.INFRA_TOKEN }}
INFRACTL: bin/infractl -k -e localhost:8443
USE_GKE_GCLOUD_AUTH_PLUGIN: "True"
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
ref: ${{ github.event.pull_request.head.sha }}
path: go/src/github.com/stackrox/infra
- name: Authenticate to GCloud
uses: google-github-actions/auth@v0
with:
credentials_json: ${{ secrets.GCP_INFRA_CI_AUTOMATION_SA }}
- name: Set up Cloud SDK
uses: "google-github-actions/setup-gcloud@v0"
with:
install_components: "gke-gcloud-auth-plugin"
- name: Download production infractl
uses: stackrox/actions/infra/install-infractl@v1
- name: Download artifacts
run: |
/github/home/.local/bin/infractl artifacts "$CLUSTER_NAME" -d /github/home/artifacts >> "$GITHUB_STEP_SUMMARY"
kubectl get nodes -o wide || true
- name: Deploy infra to dev cluster
run: |
make install-local
sleep 10 # wait for old pods to disappear so the svc port-forward doesn't connect to them
kubectl -n infra port-forward svc/infra-server-service 8443:8443 &
sleep 10
kubectl -n infra logs -l app=infra-server --tail=-1
make pull-infractl-from-dev-server
kill %1
- name: Check the deployment
run: |
kubectl -n infra port-forward svc/infra-server-service 8443:8443 &
sleep 10
version="$($INFRACTL version --json)"
echo "$version"
client="$(echo "$version" | jq -r '.Client.Version')"
server="$(echo "$version" | jq -r '.Server.Version')"
if [[ "$client" == "$server" ]]; then
echo "Client and server versions match"
else
echo "Client and server versions are mismatched"
exit 1
fi
tag="$(make tag)"
if [[ "$client" == "$tag" ]]; then
echo "Infra and make tag match"
else
echo "Infra and make tag are mismatched (make tag: $tag)"
exit 1
fi
kill %1
- name: Install Argo CLI
run: |
ARGO_VERSION=$(grep "github.com/argoproj/argo-workflows/v3" go.mod | awk '{ print $2 }')
curl -sLO "https://github.com/argoproj/argo-workflows/releases/download/${ARGO_VERSION}/argo-linux-amd64.gz"
gunzip argo-linux-amd64.gz
chmod +x argo-linux-amd64
mv ./argo-linux-amd64 /usr/local/bin/argo
argo version
- name: Lint Argo workflows
# We're linting here, because Argo Lint requires a workflow server
run: |
make argo-workflow-lint
- name: Run e2e tests
env:
INFRA_TOKEN: ${{ secrets.INFRA_TOKEN_DEV }}
run: |
kubectl -n infra port-forward svc/infra-server-service 8443:8443 &
sleep 5
$INFRACTL whoami || true
$INFRACTL version || true
make e2e-tests || touch FAIL
kubectl -n infra logs -l app=infra-server --tail=-1
kill %1
[[ ! -f FAIL ]]
- name: Run Go e2e tests
env:
INFRA_TOKEN: ${{ secrets.INFRA_TOKEN_DEV }}
run: |
kubectl -n infra port-forward svc/infra-server-service 8443:8443 &
sleep 5
make go-e2e-tests