Skip to content

HPCC4J-553 Github Actions: Add baremetal test workflow #5

HPCC4J-553 Github Actions: Add baremetal test workflow

HPCC4J-553 Github Actions: Add baremetal test workflow #5

name: K8s Regression Suite
on:
pull_request:
branches:
- "master"
- "candidate-*"
workflow_dispatch:
jobs:
test-against-platform:
runs-on: ubuntu-latest
steps:
- name: Setup JDK 11
uses: actions/setup-java@v1
with:
java-version: 11
- name: Install K8s
uses: balchua/microk8s-actions@v0.3.2
with:
channel: '1.26/stable'
devMode: 'true'
addons: '["dns", "rbac", "hostpath-storage", "registry"]'
# Note: IP Address range below is the IP address range that will be made available for load balancers
# on the host machine, they aren't actual load balancers so they will not be accessible externally
- name: Enable LoadBalancers
run: |
sudo microk8s enable metallb:10.64.140.43-10.64.140.49
- name: Install JetStack Cert Manager
run: |
helm repo add jetstack https://charts.jetstack.io
helm repo update
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.11.0/cert-manager.crds.yaml
helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --version v1.11.0
- name: Create Root Certificates
run: |
echo "[req]
default_bits = 2048
default_keyfile = ca.key
distinguished_name = dn
prompt = no
x509_extensions = x509_ca
[dn]
C = US
ST = GA
L = Alparetta
O = Lexis Nexis Risk
OU = Platform Development
CN = TestCluster
emailAddress = support@lexisnexisrisk.com
[x509_ca]
basicConstraints=CA:true,pathlen:1" > ca-req.cfg
openssl req -x509 -newkey rsa:2048 -nodes -keyout ca.key -sha256 -days 1825 -out ca.crt -config ca-req.cfg
kubectl create secret tls hpcc-signing-issuer-key-pair --cert=ca.crt --key=ca.key
kubectl create secret tls hpcc-local-issuer-key-pair --cert=ca.crt --key=ca.key
sudo keytool -import -trustcacerts -cacerts -storepass changeit -noprompt -alias hpcc-local-issuer -file ca.crt
- name: Install HPCC Cluster
run: |
cat <<EOF > values.yaml
certificates:
enabled: true
dafilesrv:
- name: rowservice
disabled: false
application: stream
service:
servicePort: 7600
visibility: global
- name: direct-access
disabled: true
application: directio
service:
servicePort: 7200
visibility: local
- name: spray-service
application: spray
service:
servicePort: 7300
visibility: cluster
EOF
helm repo add hpcc https://hpcc-systems.github.io/helm-chart
helm repo update
helm install myhpcc hpcc/hpcc -f values.yaml
- uses: actions/checkout@v3
with:
ref: ${{ github.event.pull_request.head.sha }}
fetch-depth: 0
- name: Rebase
run: |
git config user.email 'hpccsystems@lexisnexisrisk.com'
git config user.name 'hpccsystems development'
git rebase origin/${{ github.event.pull_request.base.ref }}
git log --pretty=one -n 15
- name: Wait for ECLWatch Startup
run: |
echo "Waiting for ECLWatch startup" && kubectl wait --for=condition=ready pod --timeout=180s -l app=eclwatch
echo "Waiting for Rowservice startup" && kubectl wait --for=condition=ready pod --timeout=180s -l server=rowservice
echo "Waiting for SQL2ECL startup" && kubectl wait --for=condition=ready pod --timeout=180s -l app=sql2ecl
echo "ECLWATCH_IP=$(kubectl get svc eclwatch -o jsonpath='{.spec.clusterIP}')" >> $GITHUB_ENV
echo "ROWSERVICE_IP=$(kubectl get svc rowservice -o jsonpath='{.spec.clusterIP}')" >> $GITHUB_ENV
echo "SQL_TO_ECL_IP=$(kubectl get svc sql2ecl -o jsonpath='{.spec.clusterIP}')" >> $GITHUB_ENV
kubectl get pods
kubectl get svc
- name: Add Host File Entries
run: |
sudo -- sh -c -e "echo '${{ env.ECLWATCH_IP }} eclwatch.default' >> /etc/hosts";
sudo -- sh -c -e "echo '${{ env.ROWSERVICE_IP }} rowservice.default' >> /etc/hosts";
sudo -- sh -c -e "echo '${{ env.SQL_TO_ECL_IP }} sql2ecl.default' >> /etc/hosts";
# Notes:
# Using keytool -import -cacerts doesn't work as expected, need to specify the cacerts path explicitly
# Path changed between JDK 8 & 11, Command for JDK 8:
# sudo keytool -import -keystore $JAVA_HOME/jre/lib/security/cacerts -storepass changeit -noprompt -alias eclwatch-tls -file cert.der
- name: Trust Certs
run: |
openssl s_client -showcerts -connect eclwatch.default:8010 < /dev/null | openssl x509 -outform DER > cert.der
sudo keytool -import -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -noprompt -alias eclwatch-tls -file cert.der
openssl s_client -showcerts -connect rowservice.default:7600 < /dev/null | openssl x509 -outform DER > cert.der
sudo keytool -import -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -noprompt -alias dafilesrv-tls -file cert.der
openssl s_client -showcerts -connect sql2ecl.default:8510 < /dev/null | openssl x509 -outform DER > cert.der
sudo keytool -import -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -noprompt -alias sqltoecl-tls -file cert.der
# speed things up with caching from https://docs.github.com/en/actions/guides/building-and-testing-java-with-maven
- name: Cache Maven packages
uses: actions/cache@v2
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
- name: Build with Maven
run: mvn -B --activate-profiles jenkins-on-demand -Dmaven.gpg.skip=true -Dmaven.javadoc.skip=true -Dmaven.test.failure.ignore=false -Dhpccconn=https://eclwatch.default:8010 -Dwssqlconn=https://sql2ecl.default:8510 -DHPCC30117=open install