forked from kyverno/kyverno
-
Notifications
You must be signed in to change notification settings - Fork 0
133 lines (115 loc) · 4.54 KB
/
e2e.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
name: e2e
on:
push:
branches:
- 'main'
- 'release*'
paths-ignore:
- 'README.md'
- 'docs/**'
- '.github/config.yml'
pull_request:
branches:
- 'main'
- 'release*'
paths-ignore:
- 'README.md'
- 'docs/**'
- '.github/config.yml'
jobs:
e2e-test:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
- name: Unshallow
run: git fetch --prune --unshallow
- name: Set up Go
uses: actions/setup-go@v2
with:
go-version: 1.16
- name: Set up Helm
uses: azure/setup-helm@v1
with:
version: v3.5.0
- name: Set up chart-testing
uses: helm/[email protected]
- name: Cache Go modules
uses: actions/cache@v1
with:
path: ~/go/pkg/mod
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
restore-keys: |
${{ runner.os }}-go-
- name: Test Policy
run: |
if [[ ${{ github.event_name }} == "push" ]]
then
GIT_BRANCH=${GITHUB_REF##*/}
elif [[ ${{ github.event_name }} == "pull_request" ]]
then
GIT_BRANCH=${{ github.event.pull_request.base.ref }}
fi
CLI_PATH=cmd/cli/kubectl-kyverno
go run $PWD/$CLI_PATH/main.go test https://github.com/kyverno/policies/$GIT_BRANCH
go run $PWD/$CLI_PATH/main.go test https://github.com/kyverno/policies --git-branch $GIT_BRANCH
go run $PWD/$CLI_PATH/main.go test https://github.com/kyverno/policies/pod-security/restricted -b $GIT_BRANCH
go run $PWD/$CLI_PATH/main.go test ./test/cli/test-mutate
go run $PWD/$CLI_PATH/main.go test ./test/cli/test
go run $PWD/$CLI_PATH/main.go test ./test/cli/test-fail/missing-policy && exit 1 || exit 0
go run $PWD/$CLI_PATH/main.go test ./test/cli/test-fail/missing-rule && exit 1 || exit 0
go run $PWD/$CLI_PATH/main.go test ./test/cli/test-fail/missing-resource && exit 1 || exit 0
- name: gofmt check
run: |
if [ "$(gofmt -s -l . | wc -l)" -ne 0 ]
then
echo "The following files were found to be not go formatted:"
gofmt -s -l .
echo "Please run 'make fmt' to go format the above files."
exit 1
fi
- name: golangci-lint
uses: reviewdog/action-golangci-lint@v1
- name: docker images build (AMD64)
run: |
make docker-build-all-amd64
- name : Create Kind Cluster and setup kustomize
run: |
make create-e2e-infrastruture
- name: e2e testing
run: |
echo ">>> Install Kyverno"
sed 's/imagePullPolicy:.*$/imagePullPolicy: IfNotPresent/g' ${GITHUB_WORKSPACE}/config/install.yaml | kubectl apply -f -
kubectl apply -f ${GITHUB_WORKSPACE}/config/github/rbac.yaml
chmod a+x ${GITHUB_WORKSPACE}/scripts/verify-deployment.sh
sleep 50
echo ">>> Check kyverno"
kubectl get pods -n kyverno
${GITHUB_WORKSPACE}/scripts/verify-deployment.sh -n kyverno kyverno
sleep 20
echo ">>> Expose the Kyverno's service's metric server to the host"
kubectl port-forward svc/kyverno-svc-metrics -n kyverno 8000:8000 &
echo ">>> Run Kyverno e2e test"
make test-e2e
kubectl delete -f ${GITHUB_WORKSPACE}/config/install.yaml
- name: Update chart values
run: |
sed -i -e "s|nameOverride:.*|nameOverride: kyverno|g" charts/kyverno/values.yaml
sed -i -e "s|fullnameOverride:.*|fullnameOverride: kyverno|g" charts/kyverno/values.yaml
sed -i -e "s|namespace:.*|namespace: kyverno|g" charts/kyverno/values.yaml
sed -i -e "s|tag: # replaced in e2e tests|tag: $(git describe --match "v[0-9]*")|" charts/kyverno/values.yaml
- name: Run chart-testing (install)
run: |
kubectl create namespace kyverno
ct install --target-branch=main --namespace=kyverno --charts charts/kyverno
- name: Run chart-testing (policies)
run: |
helm install kyverno charts/kyverno -n kyverno
helm install kyverno-policies charts/kyverno-policies -n kyverno
- name: Debug failure
if: failure()
run: |
kubectl get mutatingwebhookconfigurations,validatingwebhookconfigurations
kubectl -n kyverno get pod
kubectl -n kyverno describe pod | grep -i events -A10
kubectl -n kyverno logs deploy/kyverno