Skip to content

Add tetragon 1.0.0-rc.5@c242ff187afd49a8af2c3c08db2346d10a5a2c1f ⎈ #184

Add tetragon 1.0.0-rc.5@c242ff187afd49a8af2c3c08db2346d10a5a2c1f ⎈

Add tetragon 1.0.0-rc.5@c242ff187afd49a8af2c3c08db2346d10a5a2c1f ⎈ #184

name: ConformanceGKE (ci-gke)
# Any change in triggers needs to be reflected in the concurrency group.
on:
push:
branches:
- master
env:
clusterName: ${{ github.repository_owner }}-${{ github.event.repository.name }}-${{ github.run_id }}
zone: us-west2-a
# https://cloud.google.com/blog/products/containers-kubernetes/kubectl-auth-changes-in-gke
USE_GKE_GCLOUD_AUTH_PLUGIN: True
jobs:
installation-and-connectivity:
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- name: Checkout code
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
with:
fetch-depth: 0
persist-credentials: false
- name: Set up job variables
id: vars
run: |
# Get last commit message
readonly local last_commit_log=$(git log -1 --grep "^Add cilium" --pretty=format:"%s")
echo "last commit log: $last_commit_log"
readonly local chart_version=$(echo "$last_commit_log" | grep -Eo "Add cilium [^@]+" | sed 's/Add\ cilium\ //' )
echo "Helm chart detected version: '${chart_version}'"
if [[ -n "${chart_version}" ]]; then
echo ::set-output name=chartVersion::${chart_version}
fi
echo ::set-output name=owner::${{ github.sha }}
- name: Should it be e2e tested?
run: |
if [[ -z "${{ steps.vars.outputs.chartVersion }}" ]]; then
echo "Not running helm e2e tests since the helm chart version was not detected in commit message"
echo "Expected format: 'Add cilium <chart-version>@<upstream-commit-sha>'"
exit 78
fi
- name: Install Cilium CLI
run: |
curl -LO https://github.com/cilium/cilium-cli/releases/latest/download/cilium-linux-amd64.tar.gz
curl -sSL --remote-name-all https://github.com/cilium/cilium-cli/releases/latest/download/cilium-linux-amd64.tar.gz{,.sha256sum}
sha256sum --check cilium-linux-amd64.tar.gz.sha256sum
sudo tar xzvfC cilium-linux-amd64.tar.gz /usr/local/bin
rm cilium-linux-amd64.tar.gz{,.sha256sum}
- name: Set up gcloud credentials
id: 'auth'
uses: 'google-github-actions/auth@ef5d53e30bbcd8d0836f4288f5e50ff3e086997d'
with:
credentials_json: '${{ secrets.GCP_PR_SA_KEY }}'
- name: Set up gcloud CLI
uses: google-github-actions/setup-gcloud@62d4898025f6041e16b1068643bfc5a696863587
with:
project_id: ${{ secrets.GCP_PROJECT_ID }}
- name: Display gcloud CLI info
run: |
gcloud info
- name: Install gke-gcloud-auth-plugin
run: |
gcloud components install gke-gcloud-auth-plugin
- name: Create GKE cluster
run: |
gcloud container clusters create ${{ env.clusterName }} \
--labels "usage=${{ github.repository_owner }}-${{ github.event.repository.name }},owner=${{ steps.vars.outputs.owner }}" \
--zone ${{ env.zone }} \
--image-type COS_CONTAINERD \
--num-nodes 2 \
--machine-type e2-custom-2-4096 \
--disk-type pd-standard \
--disk-size 10GB \
--node-taints node.cilium.io/agent-not-ready=true:NoSchedule \
--preemptible
- name: Get cluster credentials
run: |
gcloud container clusters get-credentials ${{ env.clusterName }} --zone ${{ env.zone }}
- name: Install Cilium
run: |
NATIVE_CIDR="$(gcloud container clusters describe ${{ env.clusterName }} --zone ${{ env.zone }} --format 'value(clusterIpv4Cidr)')"
echo "NATIVE_CIDR $NATIVE_CIDR"
helm repo add cilium https://helm.cilium.io
helm repo update
if [[ ${{ steps.vars.outputs.chartVersion }} == 1.11.* ]]; then
helm install cilium cilium/cilium --version ${{ steps.vars.outputs.chartVersion }} \
--namespace kube-system \
--set nodeinit.enabled=true \
--set nodeinit.reconfigureKubelet=true \
--set nodeinit.removeCbrBridge=true \
--set cni.binPath=/home/kubernetes/bin \
--set gke.enabled=true \
--set ipam.mode=kubernetes \
--set nativeRoutingCIDR="${NATIVE_CIDR}"
elif [[ ${{ steps.vars.outputs.chartVersion }} == 1.10.* ]]; then
helm install cilium cilium/cilium --version ${{ steps.vars.outputs.chartVersion }} \
--namespace kube-system \
--set nodeinit.enabled=true \
--set nodeinit.reconfigureKubelet=true \
--set nodeinit.removeCbrBridge=true \
--set cni.binPath=/home/kubernetes/bin \
--set gke.enabled=true \
--set ipam.mode=kubernetes \
--set nativeRoutingCIDR="${NATIVE_CIDR}"
else
helm install cilium cilium/cilium --version ${{ steps.vars.outputs.chartVersion }} \
--namespace kube-system \
--set nodeinit.enabled=true \
--set nodeinit.reconfigureKubelet=true \
--set nodeinit.removeCbrBridge=true \
--set cni.binPath=/home/kubernetes/bin \
--set gke.enabled=true \
--set ipam.mode=kubernetes \
--set ipv4NativeRoutingCIDR="${NATIVE_CIDR}"
fi
- name: Run connectivity test
run: |
cilium status --wait
cilium connectivity test
- name: Post-test information gathering
if: ${{ failure() }}
run: |
cilium status
kubectl get pods --all-namespaces -o wide -v=6
cilium sysdump --output-filename cilium-sysdump-out
shell: bash {0} # Disable default fail-fast behaviour so that all commands run independently
- name: Clean up GKE
if: ${{ always() }}
run: |
gcloud container clusters delete ${{ env.clusterName }} --zone ${{ env.zone }} --quiet --async
shell: bash {0} # Disable default fail-fast behaviour so that all commands run independently
- name: Upload artifacts
if: ${{ failure() }}
uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8
with:
name: cilium-sysdump-out.zip
path: cilium-sysdump-out.zip
retention-days: 5