Skip to content

Update current feature #69

Update current feature

Update current feature #69

Workflow file for this run

name: "e2e: noscience, gha"
on:
push:
pull_request:
branches:
- master
env:
CIUXCONFIG: /tmp/ciux.sh
CIUX_VERSION: 927153e3f
GHA_BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
SUFFIX: noscience
jobs:
build:
name: Build image
runs-on: ubuntu-22.04
outputs:
image: ${{ steps.export.outputs.IMAGE }}
steps:
- name: Checkout code
uses: actions/checkout@v2
with:
fetch-depth: 0
- uses: actions/setup-go@v4
with:
go-version: '1.21.4'
- name: Install ciux
run: go install github.com/k8s-school/ciux@"${{ env.CIUX_VERSION }}"
- name: Build fink-broker image for k8s
run: |
./build.sh -s "${{ env.SUFFIX }}" -r "${{ env.CI_REPO }}"
- name: Export fink-broker image
id: export
run: |
$(ciux get image --check $PWD --suffix "${{ env.SUFFIX }}" --env)
mkdir -p artifacts
if [ $CIUX_BUILD = true ]; then
echo "Export $CIUX_IMAGE_URL to archive"
docker save "$CIUX_IMAGE_URL" > artifacts/image.tar
else
echo "Using existing image $CIUX_IMAGE_URL"
touch artifacts/emtpy
fi
echo "IMAGE=$CIUX_IMAGE_URL" >> "$GITHUB_OUTPUT"
- uses: actions/upload-artifact@v2
with:
name: docker-artifact
path: artifacts
integration-tests:
name: Run integration tests
runs-on: ubuntu-22.04
needs: build
steps:
- name: Checkout code
uses: actions/checkout@v2
with:
fetch-depth: 0
- uses: actions/setup-go@v4
with:
go-version: '1.21.4'
- name: Install ciux
run: go install github.com/k8s-school/ciux@"${{ env.CIUX_VERSION }}"
- name: Ciux project ignition
run: |
ciux ignite --selector ci --branch="$GHA_BRANCH_NAME" $PWD --suffix noscience
- name: Create k8s (kind) cluster
run: |
ktbx install kind
ktbx install kubectl
ktbx create -s
- name: Install olm and argocd operators
run: |
ktbx install olm
ktbx install argocd
- name: Run argoCD
run: |
./e2e/argocd.sh
- name: Download image
uses: actions/download-artifact@v3
with:
name: docker-artifact
path: artifacts
- name: Load container image inside kind
run: |
if [ -f artifacts/image.tar ]; then
echo "Loading image from archive"
docker load --input artifacts/image.tar
else
echo "Using existing image"
fi
- name: Install fink-alert-simulator pre-requisites (argo-workflows)
run: |
. "$CIUXCONFIG"
. "$FINK_ALERT_SIMULATOR_DIR"/prereq-install.sh
- name: Run fink-alert-simulator
run: |
. "$CIUXCONFIG"
"$FINK_ALERT_SIMULATOR_DIR"/argo-submit.sh
argo watch @latest
# - name: Setup tmate session
# uses: mxschmitt/action-tmate@v3
- name: Install fink-broker pre-requisites (JDK, Spark)
run: |
sudo apt-get -y update
sudo apt-get -y install openjdk-8-jdk-headless
./e2e/prereq-install.sh
- name: Run fink-broker
run: |
./e2e/fink-start.sh
- name: Check results
run: |
./e2e/check-results.sh
image-analysis:
name: Analyze image
runs-on: ubuntu-22.04
permissions:
security-events: write
needs: build
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Download image
uses: actions/download-artifact@v3
with:
name: docker-artifact
path: artifacts
- name: Load image in local registry
run: |
if [ -f artifacts/image.tar ]; then
echo "Loading image ${{ needs.build.outputs.image }} from archive"
docker load --input artifacts/image.tar
else
echo "Using existing image ${{ needs.build.outputs.image }}"
fi
- name: Scan fink-broker image
uses: anchore/scan-action@v3
id: scan
with:
image: "${{ needs.build.outputs.image }}"
fail-build: false
- name: Display SARIF report
run: |
cat ${{ steps.scan.outputs.sarif }}
- name: upload Anchore scan SARIF report
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: ${{ steps.scan.outputs.sarif }}
push:
name: Push fink-broker image to IN2P3 registry
runs-on: ubuntu-22.04
needs: [build, integration-tests]
steps:
- name: Download image
uses: actions/download-artifact@v3
with:
name: docker-artifact
path: artifacts
- name: Load image in local registry
run: |
docker load --input artifacts/image.tar
echo "IMAGE=$(cat artifacts/image-tag)" >> $GITHUB_ENV
- name: Login to DockerHub
uses: docker/login-action@v2
with:
registry: gitlab-registry.in2p3.fr
username: ${{ secrets.REGISTRY_USERNAME }}
password: ${{ secrets.REGISTRY_TOKEN }}
- name: Push image to IN2P3 registry
run: |
docker push "${{ needs.build.outputs.image }}"