-
Notifications
You must be signed in to change notification settings - Fork 1.8k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
.github/workflows: backport e2e workflows
This commit backports the e2e workflows from the mani branch as we move from prow jobs to these. Signed-off-by: Vincent Demeester <[email protected]>
- Loading branch information
1 parent
2b7eeec
commit c1399bd
Showing
4 changed files
with
261 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,81 @@ | ||
# The _chatops_retest workflow reruns failed GHA for a PR | ||
# | ||
# This workflow is triggered by leaving a "/retest" comment on | ||
# a pull request. If the required preconditions are met, it will | ||
# rerun failed GitHub actions checks on that PR | ||
# | ||
# Condition for the "/retest" command are: | ||
# - either the issuer is a maintainer | ||
# - or the issuer is the owner the PR | ||
|
||
name: Rerun Failed Actions | ||
on: | ||
repository_dispatch: | ||
types: [retest-command] | ||
|
||
jobs: | ||
retest: | ||
name: Rerun Failed Actions | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Show Environment Variables | ||
run: env | ||
- name: Show Github Object | ||
run: | | ||
cat <<'EOF' | ||
${{ toJson(github) }} | ||
EOF | ||
- name: Show Github Event Path Json | ||
run: 'cat $GITHUB_EVENT_PATH || true' | ||
- name: Rerun Failed Actions | ||
run: | | ||
echo '::group:: Get the PR commit sha' | ||
# Get the sha of the HEAD commit in the PR | ||
GITHUB_COMMIT_SHA=$(gh api $(echo ${GITHUB_PULL_URL#https://api.github.com/}) | \ | ||
jq -r .head.sha) | ||
echo GITHUB_COMMIT_SHA=${GITHUB_COMMIT_SHA} | ||
echo '::endgroup::' | ||
echo '::group:: Get the list of run IDs' | ||
# Get a list of run IDs | ||
RUN_IDS=$(gh api repos/${GITHUB_REPO}/commits/${GITHUB_COMMIT_SHA}/check-runs | \ | ||
jq -r '.check_runs[] | select(.name != "Rerun Failed Actions") | .html_url | capture("/runs/(?<number>[0-9]+)/job") | .number' | \ | ||
sort -u) | ||
echo RUN_IDS=${RUN_IDS} | ||
echo '::endgroup::' | ||
echo '::group:: Rerun failed runs' | ||
# For each run, retrigger faild jobs | ||
for runid in ${RUN_IDS}; do | ||
echo Restarting run ${runid} for commit ${GITHUB_COMMIT_SHA} | ||
gh run \ | ||
--repo ${GITHUB_REPO} \ | ||
rerun ${runid} \ | ||
--failed || true | ||
done | ||
echo '::endgroup::' | ||
env: | ||
GITHUB_TOKEN: ${{ secrets.CHATOPS_TOKEN }} | ||
GITHUB_REPO: ${{ github.event.client_payload.github.payload.repository.full_name }} | ||
GITHUB_PULL_URL: ${{ github.event.client_payload.github.payload.issue.pull_request.url }} | ||
|
||
- name: Create comment | ||
if: ${{ failure() && steps.landStack.outcome == 'failure' }} | ||
uses: peter-evans/create-or-update-comment@v4 | ||
with: | ||
token: ${{ secrets.CHATOPS_TOKEN }} | ||
repository: ${{ github.event.client_payload.github.payload.repository.full_name }} | ||
issue-number: ${{ github.event.client_payload.github.payload.issue.number }} | ||
body: | | ||
Something went wrong with your `/${{ github.event.client_payload.slash_command.command }}` command: [please check the logs][1]. | ||
[1]: ${{ steps.vars.outputs.run-url }} | ||
- name: Add reaction | ||
if: ${{ success() }} | ||
uses: peter-evans/create-or-update-comment@v4 | ||
with: | ||
token: ${{ secrets.CHATOPS_TOKEN }} | ||
repository: ${{ github.event.client_payload.github.payload.repository.full_name }} | ||
comment-id: ${{ github.event.client_payload.github.payload.comment.id }} | ||
reactions: hooray |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,29 @@ | ||
# Dependency Review Action | ||
# | ||
# This Action will scan dependency manifest files that change as part of a Pull Request, | ||
# surfacing known-vulnerable versions of the packages declared or updated in the PR. | ||
# Once installed, if the workflow run is marked as required, | ||
# PRs introducing known-vulnerable packages will be blocked from merging. | ||
# | ||
# Source repository: https://github.com/actions/dependency-review-action | ||
name: 'Dependency Review' | ||
on: [pull_request] | ||
|
||
permissions: | ||
contents: read | ||
|
||
jobs: | ||
dependency-review: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Harden Runner | ||
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 | ||
with: | ||
egress-policy: audit | ||
|
||
- name: 'Checkout Repository' | ||
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | ||
- name: 'Dependency Review' | ||
uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5.0 | ||
with: | ||
fail-on-severity: low |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,110 @@ | ||
name: Tekton Integration | ||
# Adapted from https://github.com/mattmoor/mink/blob/master/.github/workflows/minkind.yaml | ||
|
||
on: | ||
pull_request: | ||
branches: [ main ] | ||
|
||
defaults: | ||
run: | ||
shell: bash | ||
|
||
jobs: | ||
e2e-tests: | ||
name: e2e tests | ||
runs-on: ubuntu-latest | ||
strategy: | ||
fail-fast: false # Keep running if one leg fails. | ||
matrix: | ||
k8s-name: | ||
- k8s-oldest | ||
- k8s-plus-one | ||
|
||
feature-flags: | ||
- stable | ||
- beta | ||
- alpha | ||
# - prow-feature-flags - this is tested today as a periodic job, but we could integrate it here | ||
|
||
include: | ||
- k8s-name: k8s-oldest | ||
k8s-version: v1.28.x | ||
- k8s-name: k8s-plus-one | ||
k8s-version: v1.29.x | ||
- feature-flags: stable | ||
env-file: prow | ||
- feature-flags: alpha | ||
env-file: prow-alpha | ||
- feature-flags: beta | ||
env-file: prow-beta | ||
env: | ||
GOPATH: ${{ github.workspace }} | ||
GO111MODULE: on | ||
KO_DOCKER_REPO: registry.local:5000/tekton | ||
CLUSTER_DOMAIN: c${{ github.run_id }}.local | ||
ARTIFACTS: ${{ github.workspace }}/artifacts | ||
|
||
steps: | ||
- name: Check out code onto GOPATH | ||
uses: actions/checkout@v4 | ||
with: | ||
path: ${{ github.workspace }}/src/github.com/tektoncd/pipeline | ||
|
||
|
||
- name: Set up Go 1.22 | ||
uses: actions/setup-go@v5 | ||
with: | ||
go-version: 1.22.5 | ||
|
||
- name: Install Dependencies | ||
working-directory: ./ | ||
run: | | ||
echo '::group:: install ko' | ||
curl -L https://github.com/ko-build/ko/releases/download/v0.15.4/ko_0.15.4_Linux_x86_64.tar.gz | tar xzf - ko | ||
chmod +x ./ko | ||
sudo mv ko /usr/local/bin | ||
echo '::endgroup::' | ||
echo '::group:: install go-junit-report' | ||
go install github.com/jstemmer/[email protected] | ||
echo '::endgroup::' | ||
echo '::group:: created required folders' | ||
mkdir -p "${ARTIFACTS}" | ||
echo '::endgroup::' | ||
echo "${GOPATH}/bin" >> "$GITHUB_PATH" | ||
- name: Run tests | ||
working-directory: ${{ github.workspace }}/src/github.com/tektoncd/pipeline | ||
run: | | ||
./hack/setup-kind.sh \ | ||
--registry-url $(echo ${KO_DOCKER_REPO} | cut -d'/' -f 1) \ | ||
--cluster-suffix c${{ github.run_id }}.local \ | ||
--nodes 3 \ | ||
--k8s-version ${{ matrix.k8s-version }} \ | ||
--e2e-script ./test/e2e-tests.sh \ | ||
--e2e-env ./test/e2e-tests-kind-${{ matrix.env-file }}.env | ||
- name: Upload test results | ||
uses: actions/upload-artifact@v4 | ||
with: | ||
name: ${{ matrix.k8s-version }}-${{ matrix.feature-flags }} | ||
path: ${{ env.ARTIFACTS }} | ||
|
||
- uses: chainguard-dev/actions/kind-diag@main | ||
if: ${{ failure() }} | ||
with: | ||
artifact-name: ${{ matrix.k8s-version }}-${{ matrix.feature-flags }}-logs | ||
|
||
- name: Dump Artifacts | ||
if: ${{ failure() }} | ||
run: | | ||
if [[ -d ${{ env.ARTIFACTS }} ]]; then | ||
cd ${{ env.ARTIFACTS }} | ||
for x in $(find . -type f); do | ||
echo "::group:: artifact $x" | ||
cat $x | ||
echo '::endgroup::' | ||
done | ||
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
# The slash workflow handles slash commands | ||
# | ||
# Slash commands are given through comments on pull requests | ||
# and may be used only by individuals with "write" access to | ||
# the repository (i.e. maintainers). | ||
# | ||
# Slash commands must be placed at the very beginning of the | ||
# first line of a comment. More details are available in the | ||
# action docs: https://github.com/peter-evans/slash-command-dispatch/tree/main?tab=readme-ov-file#how-comments-are-parsed-for-slash-commands | ||
# | ||
# The workflow looks for and dispatches to another workflow | ||
# named <command>-command which must exist in the repository. | ||
# | ||
# Supported commands: | ||
# - /land: invokes the land-command workflow, to land (merge) PRs | ||
# stacked through ghstack | ||
# | ||
# When a command is recognised, the rocket and eyes emojis are added | ||
|
||
name: Slash Command Routing | ||
on: | ||
issue_comment: | ||
types: [created] | ||
|
||
jobs: | ||
check_comments: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: route-land | ||
uses: peter-evans/slash-command-dispatch@v4 | ||
with: | ||
token: ${{ secrets.CHATOPS_TOKEN }} | ||
config: > | ||
[ | ||
{ | ||
"command": "retest", | ||
"permission": "write", | ||
"issue_type": "pull-request", | ||
"repository": "tektoncd/pipeline" | ||
} | ||
] |