Add tetragon 1.0.0-rc.5@c242ff187afd49a8af2c3c08db2346d10a5a2c1f ⎈ #184
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: ConformanceGKE (ci-gke) | |
# Any change in triggers needs to be reflected in the concurrency group. | |
on: | |
push: | |
branches: | |
- master | |
env: | |
clusterName: ${{ github.repository_owner }}-${{ github.event.repository.name }}-${{ github.run_id }} | |
zone: us-west2-a | |
# https://cloud.google.com/blog/products/containers-kubernetes/kubectl-auth-changes-in-gke | |
USE_GKE_GCLOUD_AUTH_PLUGIN: True | |
jobs: | |
installation-and-connectivity: | |
runs-on: ubuntu-latest | |
timeout-minutes: 30 | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab | |
with: | |
fetch-depth: 0 | |
persist-credentials: false | |
- name: Set up job variables | |
id: vars | |
run: | | |
# Get last commit message | |
readonly local last_commit_log=$(git log -1 --grep "^Add cilium" --pretty=format:"%s") | |
echo "last commit log: $last_commit_log" | |
readonly local chart_version=$(echo "$last_commit_log" | grep -Eo "Add cilium [^@]+" | sed 's/Add\ cilium\ //' ) | |
echo "Helm chart detected version: '${chart_version}'" | |
if [[ -n "${chart_version}" ]]; then | |
echo ::set-output name=chartVersion::${chart_version} | |
fi | |
echo ::set-output name=owner::${{ github.sha }} | |
- name: Should it be e2e tested? | |
run: | | |
if [[ -z "${{ steps.vars.outputs.chartVersion }}" ]]; then | |
echo "Not running helm e2e tests since the helm chart version was not detected in commit message" | |
echo "Expected format: 'Add cilium <chart-version>@<upstream-commit-sha>'" | |
exit 78 | |
fi | |
- name: Install Cilium CLI | |
run: | | |
curl -LO https://github.com/cilium/cilium-cli/releases/latest/download/cilium-linux-amd64.tar.gz | |
curl -sSL --remote-name-all https://github.com/cilium/cilium-cli/releases/latest/download/cilium-linux-amd64.tar.gz{,.sha256sum} | |
sha256sum --check cilium-linux-amd64.tar.gz.sha256sum | |
sudo tar xzvfC cilium-linux-amd64.tar.gz /usr/local/bin | |
rm cilium-linux-amd64.tar.gz{,.sha256sum} | |
- name: Set up gcloud credentials | |
id: 'auth' | |
uses: 'google-github-actions/auth@ef5d53e30bbcd8d0836f4288f5e50ff3e086997d' | |
with: | |
credentials_json: '${{ secrets.GCP_PR_SA_KEY }}' | |
- name: Set up gcloud CLI | |
uses: google-github-actions/setup-gcloud@62d4898025f6041e16b1068643bfc5a696863587 | |
with: | |
project_id: ${{ secrets.GCP_PROJECT_ID }} | |
- name: Display gcloud CLI info | |
run: | | |
gcloud info | |
- name: Install gke-gcloud-auth-plugin | |
run: | | |
gcloud components install gke-gcloud-auth-plugin | |
- name: Create GKE cluster | |
run: | | |
gcloud container clusters create ${{ env.clusterName }} \ | |
--labels "usage=${{ github.repository_owner }}-${{ github.event.repository.name }},owner=${{ steps.vars.outputs.owner }}" \ | |
--zone ${{ env.zone }} \ | |
--image-type COS_CONTAINERD \ | |
--num-nodes 2 \ | |
--machine-type e2-custom-2-4096 \ | |
--disk-type pd-standard \ | |
--disk-size 10GB \ | |
--node-taints node.cilium.io/agent-not-ready=true:NoSchedule \ | |
--preemptible | |
- name: Get cluster credentials | |
run: | | |
gcloud container clusters get-credentials ${{ env.clusterName }} --zone ${{ env.zone }} | |
- name: Install Cilium | |
run: | | |
NATIVE_CIDR="$(gcloud container clusters describe ${{ env.clusterName }} --zone ${{ env.zone }} --format 'value(clusterIpv4Cidr)')" | |
echo "NATIVE_CIDR $NATIVE_CIDR" | |
helm repo add cilium https://helm.cilium.io | |
helm repo update | |
if [[ ${{ steps.vars.outputs.chartVersion }} == 1.11.* ]]; then | |
helm install cilium cilium/cilium --version ${{ steps.vars.outputs.chartVersion }} \ | |
--namespace kube-system \ | |
--set nodeinit.enabled=true \ | |
--set nodeinit.reconfigureKubelet=true \ | |
--set nodeinit.removeCbrBridge=true \ | |
--set cni.binPath=/home/kubernetes/bin \ | |
--set gke.enabled=true \ | |
--set ipam.mode=kubernetes \ | |
--set nativeRoutingCIDR="${NATIVE_CIDR}" | |
elif [[ ${{ steps.vars.outputs.chartVersion }} == 1.10.* ]]; then | |
helm install cilium cilium/cilium --version ${{ steps.vars.outputs.chartVersion }} \ | |
--namespace kube-system \ | |
--set nodeinit.enabled=true \ | |
--set nodeinit.reconfigureKubelet=true \ | |
--set nodeinit.removeCbrBridge=true \ | |
--set cni.binPath=/home/kubernetes/bin \ | |
--set gke.enabled=true \ | |
--set ipam.mode=kubernetes \ | |
--set nativeRoutingCIDR="${NATIVE_CIDR}" | |
else | |
helm install cilium cilium/cilium --version ${{ steps.vars.outputs.chartVersion }} \ | |
--namespace kube-system \ | |
--set nodeinit.enabled=true \ | |
--set nodeinit.reconfigureKubelet=true \ | |
--set nodeinit.removeCbrBridge=true \ | |
--set cni.binPath=/home/kubernetes/bin \ | |
--set gke.enabled=true \ | |
--set ipam.mode=kubernetes \ | |
--set ipv4NativeRoutingCIDR="${NATIVE_CIDR}" | |
fi | |
- name: Run connectivity test | |
run: | | |
cilium status --wait | |
cilium connectivity test | |
- name: Post-test information gathering | |
if: ${{ failure() }} | |
run: | | |
cilium status | |
kubectl get pods --all-namespaces -o wide -v=6 | |
cilium sysdump --output-filename cilium-sysdump-out | |
shell: bash {0} # Disable default fail-fast behaviour so that all commands run independently | |
- name: Clean up GKE | |
if: ${{ always() }} | |
run: | | |
gcloud container clusters delete ${{ env.clusterName }} --zone ${{ env.zone }} --quiet --async | |
shell: bash {0} # Disable default fail-fast behaviour so that all commands run independently | |
- name: Upload artifacts | |
if: ${{ failure() }} | |
uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 | |
with: | |
name: cilium-sysdump-out.zip | |
path: cilium-sysdump-out.zip | |
retention-days: 5 |