Skip to content

Commit

Permalink
.github/workflows: backport e2e workflows
Browse files Browse the repository at this point in the history
This commit backports the e2e workflows from the mani branch as we
move from prow jobs to these.

Signed-off-by: Vincent Demeester <[email protected]>
  • Loading branch information
vdemeester committed Dec 20, 2024
1 parent 2b7eeec commit c1399bd
Show file tree
Hide file tree
Showing 4 changed files with 261 additions and 0 deletions.
81 changes: 81 additions & 0 deletions .github/workflows/chatops_retest.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
# The _chatops_retest workflow reruns failed GHA for a PR
#
# This workflow is triggered by leaving a "/retest" comment on
# a pull request. If the required preconditions are met, it will
# rerun failed GitHub actions checks on that PR
#
# Condition for the "/retest" command are:
# - either the issuer is a maintainer
# - or the issuer is the owner the PR

name: Rerun Failed Actions
on:
repository_dispatch:
types: [retest-command]

jobs:
retest:
name: Rerun Failed Actions
runs-on: ubuntu-latest
steps:
- name: Show Environment Variables
run: env
- name: Show Github Object
run: |
cat <<'EOF'
${{ toJson(github) }}
EOF
- name: Show Github Event Path Json
run: 'cat $GITHUB_EVENT_PATH || true'
- name: Rerun Failed Actions
run: |
echo '::group:: Get the PR commit sha'
# Get the sha of the HEAD commit in the PR
GITHUB_COMMIT_SHA=$(gh api $(echo ${GITHUB_PULL_URL#https://api.github.com/}) | \
jq -r .head.sha)
echo GITHUB_COMMIT_SHA=${GITHUB_COMMIT_SHA}
echo '::endgroup::'
echo '::group:: Get the list of run IDs'
# Get a list of run IDs
RUN_IDS=$(gh api repos/${GITHUB_REPO}/commits/${GITHUB_COMMIT_SHA}/check-runs | \
jq -r '.check_runs[] | select(.name != "Rerun Failed Actions") | .html_url | capture("/runs/(?<number>[0-9]+)/job") | .number' | \
sort -u)
echo RUN_IDS=${RUN_IDS}
echo '::endgroup::'
echo '::group:: Rerun failed runs'
# For each run, retrigger faild jobs
for runid in ${RUN_IDS}; do
echo Restarting run ${runid} for commit ${GITHUB_COMMIT_SHA}
gh run \
--repo ${GITHUB_REPO} \
rerun ${runid} \
--failed || true
done
echo '::endgroup::'
env:
GITHUB_TOKEN: ${{ secrets.CHATOPS_TOKEN }}
GITHUB_REPO: ${{ github.event.client_payload.github.payload.repository.full_name }}
GITHUB_PULL_URL: ${{ github.event.client_payload.github.payload.issue.pull_request.url }}

- name: Create comment
if: ${{ failure() && steps.landStack.outcome == 'failure' }}
uses: peter-evans/create-or-update-comment@v4
with:
token: ${{ secrets.CHATOPS_TOKEN }}
repository: ${{ github.event.client_payload.github.payload.repository.full_name }}
issue-number: ${{ github.event.client_payload.github.payload.issue.number }}
body: |
Something went wrong with your `/${{ github.event.client_payload.slash_command.command }}` command: [please check the logs][1].
[1]: ${{ steps.vars.outputs.run-url }}
- name: Add reaction
if: ${{ success() }}
uses: peter-evans/create-or-update-comment@v4
with:
token: ${{ secrets.CHATOPS_TOKEN }}
repository: ${{ github.event.client_payload.github.payload.repository.full_name }}
comment-id: ${{ github.event.client_payload.github.payload.comment.id }}
reactions: hooray
29 changes: 29 additions & 0 deletions .github/workflows/dependency-review.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
# Dependency Review Action
#
# This Action will scan dependency manifest files that change as part of a Pull Request,
# surfacing known-vulnerable versions of the packages declared or updated in the PR.
# Once installed, if the workflow run is marked as required,
# PRs introducing known-vulnerable packages will be blocked from merging.
#
# Source repository: https://github.com/actions/dependency-review-action
name: 'Dependency Review'
on: [pull_request]

permissions:
contents: read

jobs:
dependency-review:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit

- name: 'Checkout Repository'
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: 'Dependency Review'
uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5.0
with:
fail-on-severity: low
110 changes: 110 additions & 0 deletions .github/workflows/e2e-matrix.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,110 @@
name: Tekton Integration
# Adapted from https://github.com/mattmoor/mink/blob/master/.github/workflows/minkind.yaml

on:
pull_request:
branches: [ main ]

defaults:
run:
shell: bash

jobs:
e2e-tests:
name: e2e tests
runs-on: ubuntu-latest
strategy:
fail-fast: false # Keep running if one leg fails.
matrix:
k8s-name:
- k8s-oldest
- k8s-plus-one

feature-flags:
- stable
- beta
- alpha
# - prow-feature-flags - this is tested today as a periodic job, but we could integrate it here

include:
- k8s-name: k8s-oldest
k8s-version: v1.28.x
- k8s-name: k8s-plus-one
k8s-version: v1.29.x
- feature-flags: stable
env-file: prow
- feature-flags: alpha
env-file: prow-alpha
- feature-flags: beta
env-file: prow-beta
env:
GOPATH: ${{ github.workspace }}
GO111MODULE: on
KO_DOCKER_REPO: registry.local:5000/tekton
CLUSTER_DOMAIN: c${{ github.run_id }}.local
ARTIFACTS: ${{ github.workspace }}/artifacts

steps:
- name: Check out code onto GOPATH
uses: actions/checkout@v4
with:
path: ${{ github.workspace }}/src/github.com/tektoncd/pipeline


- name: Set up Go 1.22
uses: actions/setup-go@v5
with:
go-version: 1.22.5

- name: Install Dependencies
working-directory: ./
run: |
echo '::group:: install ko'
curl -L https://github.com/ko-build/ko/releases/download/v0.15.4/ko_0.15.4_Linux_x86_64.tar.gz | tar xzf - ko
chmod +x ./ko
sudo mv ko /usr/local/bin
echo '::endgroup::'
echo '::group:: install go-junit-report'
go install github.com/jstemmer/[email protected]
echo '::endgroup::'
echo '::group:: created required folders'
mkdir -p "${ARTIFACTS}"
echo '::endgroup::'
echo "${GOPATH}/bin" >> "$GITHUB_PATH"
- name: Run tests
working-directory: ${{ github.workspace }}/src/github.com/tektoncd/pipeline
run: |
./hack/setup-kind.sh \
--registry-url $(echo ${KO_DOCKER_REPO} | cut -d'/' -f 1) \
--cluster-suffix c${{ github.run_id }}.local \
--nodes 3 \
--k8s-version ${{ matrix.k8s-version }} \
--e2e-script ./test/e2e-tests.sh \
--e2e-env ./test/e2e-tests-kind-${{ matrix.env-file }}.env
- name: Upload test results
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.k8s-version }}-${{ matrix.feature-flags }}
path: ${{ env.ARTIFACTS }}

- uses: chainguard-dev/actions/kind-diag@main
if: ${{ failure() }}
with:
artifact-name: ${{ matrix.k8s-version }}-${{ matrix.feature-flags }}-logs

- name: Dump Artifacts
if: ${{ failure() }}
run: |
if [[ -d ${{ env.ARTIFACTS }} ]]; then
cd ${{ env.ARTIFACTS }}
for x in $(find . -type f); do
echo "::group:: artifact $x"
cat $x
echo '::endgroup::'
done
fi
41 changes: 41 additions & 0 deletions .github/workflows/slash.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
# The slash workflow handles slash commands
#
# Slash commands are given through comments on pull requests
# and may be used only by individuals with "write" access to
# the repository (i.e. maintainers).
#
# Slash commands must be placed at the very beginning of the
# first line of a comment. More details are available in the
# action docs: https://github.com/peter-evans/slash-command-dispatch/tree/main?tab=readme-ov-file#how-comments-are-parsed-for-slash-commands
#
# The workflow looks for and dispatches to another workflow
# named <command>-command which must exist in the repository.
#
# Supported commands:
# - /land: invokes the land-command workflow, to land (merge) PRs
# stacked through ghstack
#
# When a command is recognised, the rocket and eyes emojis are added

name: Slash Command Routing
on:
issue_comment:
types: [created]

jobs:
check_comments:
runs-on: ubuntu-latest
steps:
- name: route-land
uses: peter-evans/slash-command-dispatch@v4
with:
token: ${{ secrets.CHATOPS_TOKEN }}
config: >
[
{
"command": "retest",
"permission": "write",
"issue_type": "pull-request",
"repository": "tektoncd/pipeline"
}
]

0 comments on commit c1399bd

Please sign in to comment.